From d5a1b34c053fb8ca8fe4e8189c95246ac9080427 Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@gmail.com>
Date: Thu, 8 Nov 2018 11:32:49 +0100
Subject: Remove AccumulateCipherSuite()
This resolves #858
---
security/manager/ssl/nsNSSCallbacks.cpp | 69 ---------------------------------
security/manager/ssl/nsNSSComponent.cpp | 4 +-
2 files changed, 2 insertions(+), 71 deletions(-)
(limited to 'security')
diff --git a/security/manager/ssl/nsNSSCallbacks.cpp b/security/manager/ssl/nsNSSCallbacks.cpp
index daabca591..b8f1b0eb7 100644
--- a/security/manager/ssl/nsNSSCallbacks.cpp
+++ b/security/manager/ssl/nsNSSCallbacks.cpp
@@ -40,9 +40,6 @@ using namespace mozilla::psm;
extern LazyLogModule gPIPNSSLog;
-static void AccumulateCipherSuite(Telemetry::ID probe,
- const SSLChannelInfo& channelInfo);
-
namespace {
// Bits in bit mask for SSL_REASONS_FOR_NOT_FALSE_STARTING telemetry probe
@@ -1106,68 +1103,6 @@ AccumulateECCCurve(Telemetry::ID probe, uint32_t bits)
: 0; // Unknown
}
-static void
-AccumulateCipherSuite(Telemetry::ID probe, const SSLChannelInfo& channelInfo)
-{
- uint32_t value;
- switch (channelInfo.cipherSuite) {
- // ECDHE key exchange
- case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: value = 1; break;
- case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: value = 2; break;
- case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: value = 3; break;
- case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: value = 4; break;
- case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: value = 5; break;
- case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: value = 6; break;
- case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: value = 7; break;
- case TLS_ECDHE_RSA_WITH_RC4_128_SHA: value = 8; break;
- case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: value = 9; break;
- case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: value = 10; break;
- case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: value = 11; break;
- case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: value = 12; break;
- case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: value = 13; break;
- case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: value = 14; break;
- // DHE key exchange
- case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: value = 21; break;
- case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: value = 22; break;
- case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: value = 23; break;
- case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: value = 24; break;
- case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: value = 25; break;
- case TLS_DHE_DSS_WITH_AES_128_CBC_SHA: value = 26; break;
- case TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA: value = 27; break;
- case TLS_DHE_DSS_WITH_AES_256_CBC_SHA: value = 28; break;
- case TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA: value = 29; break;
- case TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: value = 30; break;
- // ECDH key exchange
- case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: value = 41; break;
- case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: value = 42; break;
- case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: value = 43; break;
- case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: value = 44; break;
- case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: value = 45; break;
- case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: value = 46; break;
- case TLS_ECDH_ECDSA_WITH_RC4_128_SHA: value = 47; break;
- case TLS_ECDH_RSA_WITH_RC4_128_SHA: value = 48; break;
- // RSA key exchange
- case TLS_RSA_WITH_AES_128_CBC_SHA: value = 61; break;
- case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: value = 62; break;
- case TLS_RSA_WITH_AES_256_CBC_SHA: value = 63; break;
- case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: value = 64; break;
- case SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA: value = 65; break;
- case TLS_RSA_WITH_3DES_EDE_CBC_SHA: value = 66; break;
- case TLS_RSA_WITH_SEED_CBC_SHA: value = 67; break;
- case TLS_RSA_WITH_RC4_128_SHA: value = 68; break;
- case TLS_RSA_WITH_RC4_128_MD5: value = 69; break;
- // TLS 1.3 PSK resumption
- case TLS_AES_128_GCM_SHA256: value = 70; break;
- case TLS_CHACHA20_POLY1305_SHA256: value = 71; break;
- case TLS_AES_256_GCM_SHA384: value = 72; break;
- // unknown
- default:
- value = 0;
- break;
- }
- MOZ_ASSERT(value != 0);
-}
-
// In the case of session resumption, the AuthCertificate hook has been bypassed
// (because we've previously successfully connected to our peer). That being the
// case, we unfortunately don't know if the peer's server certificate verified
@@ -1285,10 +1220,6 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) {
// 1=tls1, 2=tls1.1, 3=tls1.2
unsigned int versionEnum = channelInfo.protocolVersion & 0xFF;
MOZ_ASSERT(versionEnum > 0);
- AccumulateCipherSuite(
- infoObject->IsFullHandshake() ? Telemetry::SSL_CIPHER_SUITE_FULL
- : Telemetry::SSL_CIPHER_SUITE_RESUMED,
- channelInfo);
SSLCipherSuiteInfo cipherInfo;
rv = SSL_GetCipherSuiteInfo(channelInfo.cipherSuite, &cipherInfo,
diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp
index 4fc8c142e..f580f2bcb 100644
--- a/security/manager/ssl/nsNSSComponent.cpp
+++ b/security/manager/ssl/nsNSSComponent.cpp
@@ -1309,8 +1309,8 @@ typedef struct {
bool weak;
} CipherPref;
-// Update the switch statement in AccumulateCipherSuite in nsNSSCallbacks.cpp
-// when you add/remove cipher suites here.
+// List of available cipher suites and their prefs
+// Format: "pref", cipherSuite, defaultEnabled, [isWeak = false]
static const CipherPref sCipherPrefs[] = {
{ "security.ssl3.ecdhe_rsa_aes_128_gcm_sha256",
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, true },
--
cgit v1.2.3
From 3eef7ab260dc9f35237416ab5166a181d2d3d861 Mon Sep 17 00:00:00 2001
From: trav90 <travawine@palemoon.org>
Date: Tue, 27 Nov 2018 07:32:12 -0600
Subject: Update HSTS preload list
Tag #447
---
security/manager/ssl/nsSTSPreloadList.errors | 3331 +++++++++++++--------
security/manager/ssl/nsSTSPreloadList.inc | 4034 ++++++++++++++++----------
2 files changed, 4530 insertions(+), 2835 deletions(-)
(limited to 'security')
diff --git a/security/manager/ssl/nsSTSPreloadList.errors b/security/manager/ssl/nsSTSPreloadList.errors
index 1b7c90ede..be60cc0ed 100644
--- a/security/manager/ssl/nsSTSPreloadList.errors
+++ b/security/manager/ssl/nsSTSPreloadList.errors
@@ -38,20 +38,22 @@
0222.mg: did not receive HSTS header
0222aa.com: could not connect to host
023838.com: could not connect to host
+02607.com: could not connect to host
028718.com: did not receive HSTS header
-029978.com: could not connect to host
+029978.com: did not receive HSTS header
029inno.com: could not connect to host
02dl.net: could not connect to host
02smh.com: could not connect to host
03-09-2016.wedding: could not connect to host
0311buy.cn: did not receive HSTS header
+03170317.com: could not connect to host
040fit.nl: did not receive HSTS header
040fitvitality.nl: did not receive HSTS header
048.ag: could not connect to host
04sun.com: could not connect to host
050508.com: could not connect to host
055268.com: did not receive HSTS header
-066318.com: could not connect to host
+066318.com: did not receive HSTS header
066538.com: did not receive HSTS header
066718.com: did not receive HSTS header
066928.com: could not connect to host
@@ -66,6 +68,7 @@
081638.com: did not receive HSTS header
083962.com: could not connect to host
086628.com: did not receive HSTS header
+09115.com: could not connect to host
0c.eu: did not receive HSTS header
0cdn.ga: could not connect to host
0day.su: could not connect to host
@@ -90,23 +93,27 @@
0x90.fi: could not connect to host
0x90.in: could not connect to host
0xa.in: could not connect to host
+0xaa55.me: could not connect to host
0xb612.org: could not connect to host
0xcafec0.de: did not receive HSTS header
0xf00.ch: could not connect to host
1.0.0.1: max-age too low: 0
1000hats.com: did not receive HSTS header
1001.best: could not connect to host
-1001firms.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
100onrainkajino.com: could not connect to host
1017scribes.com: could not connect to host
1018hosting.nl: did not receive HSTS header
1022996493.rsc.cdn77.org: could not connect to host
+10414.org: could not connect to host
+1066.io: could not connect to host
1091.jp: could not connect to host
+10gb.io: could not connect to host
10gbit.ovh: could not connect to host
10seos.com: did not receive HSTS header
10tacle.io: could not connect to host
10v2.com: did not receive HSTS header
10x.ooo: could not connect to host
+10xiuxiu.com: did not receive HSTS header
1100.so: could not connect to host
110110110.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
1116pay.com: did not receive HSTS header
@@ -115,7 +122,7 @@
118118118.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
11bt.cc: did not receive HSTS header
11recruitment.com.au: did not receive HSTS header
-11scc.com: did not receive HSTS header
+11scc.com: could not connect to host
120dayweightloss.com: could not connect to host
123110.com: could not connect to host
123movies.fyi: did not receive HSTS header
@@ -128,6 +135,7 @@
123test.nl: did not receive HSTS header
126ium.moe: could not connect to host
127011-networks.ch: could not connect to host
+1288366.com: could not connect to host
12vpn.org: could not connect to host
12vpnchina.com: could not connect to host
130978.com: did not receive HSTS header
@@ -135,6 +143,7 @@
135vv.com: could not connect to host
13826145000.com: could not connect to host
1391kj.com: did not receive HSTS header
+1395kj.com: did not receive HSTS header
1396.cc: could not connect to host
1396.net: did not receive HSTS header
1481481.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -156,20 +165,19 @@
168bo9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
168bo9.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
168esb.com: could not connect to host
+16book.org: could not connect to host
16deza.com: did not receive HSTS header
16packets.com: could not connect to host
-173vpn.cn: did not receive HSTS header
+173vpn.cn: could not connect to host
173vpns.com: could not connect to host
173vpnv.com: could not connect to host
174.net.nz: did not receive HSTS header
174343.com: could not connect to host
-1750studios.com: could not connect to host
17hats.com: did not receive HSTS header
188522.com: did not receive HSTS header
18888msc.com: could not connect to host
1888zr.com: could not connect to host
188betwarriors.co.uk: could not connect to host
-188da.com: could not connect to host
188trafalgar.ca: did not receive HSTS header
189dv.com: could not connect to host
1912x.com: could not connect to host
@@ -184,6 +192,7 @@
1cover.com: could not connect to host
1day1ac.red: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
1er-secours.ch: could not connect to host
+1europlan.nl: could not connect to host
1gsoft.com: could not connect to host
1item.co.il: did not receive HSTS header
1k8b.com: could not connect to host
@@ -203,21 +212,20 @@
2-cpu.de: could not connect to host
200fcw.com: could not connect to host
2018.wales: could not connect to host
-20188088.com: did not receive HSTS header
2048-spiel.de: could not connect to host
2048game.co.uk: could not connect to host
206rc.net: max-age too low: 2592000
-208.es: could not connect to host
+208.es: did not receive HSTS header
20hs.cn: did not receive HSTS header
20zq.com: could not connect to host
21.co.uk: did not receive HSTS header
21lg.co: could not connect to host
21stnc.com: could not connect to host
22bt.cc: did not receive HSTS header
-22scc.com: did not receive HSTS header
+22digital.agency: could not connect to host
+22scc.com: could not connect to host
2333.press: could not connect to host
247a.co.uk: could not connect to host
-247exchange.com: could not connect to host
247quickbooks.com: did not receive HSTS header
2488.ch: did not receive HSTS header
249cq.com: could not connect to host
@@ -232,27 +240,27 @@
25daysof.io: could not connect to host
27728522.com: could not connect to host
2859cc.com: could not connect to host
-286.com: did not receive HSTS header
288da.com: did not receive HSTS header
29227.com: could not connect to host
298da.com: did not receive HSTS header
2acbi-asso.fr: did not receive HSTS header
2b3b.com: could not connect to host
-2bad2c0.de: could not connect to host
+2bad2c0.de: did not receive HSTS header
2bitout.com: could not connect to host
2bizi.ru: could not connect to host
2bouncy.com: did not receive HSTS header
2brokegirls.org: could not connect to host
2carpros.com: did not receive HSTS header
-2fl.me: could not connect to host
+2fl.me: did not receive HSTS header
2intermediate.co.uk: did not receive HSTS header
+2li.ch: could not connect to host
2or3.tk: could not connect to host
2smart4food.com: could not connect to host
2ss.jp: did not receive HSTS header
300651.ru: did not receive HSTS header
300mbmovie24.com: could not connect to host
300mbmovies4u.cc: could not connect to host
-301.website: could not connect to host
+301.website: did not receive HSTS header
302.nyc: could not connect to host
30yearmortgagerates.net: could not connect to host
3133780x.com: did not receive HSTS header
@@ -261,9 +269,10 @@
31tv.ru: did not receive HSTS header
32ph.com: could not connect to host
330.net: could not connect to host
+33836.com: could not connect to host
338da.com: could not connect to host
33drugstore.com: could not connect to host
-33scc.com: did not receive HSTS header
+33scc.com: could not connect to host
341.mg: could not connect to host
34oztonic.eu: did not receive HSTS header
3555500.com: did not receive HSTS header
@@ -278,8 +287,7 @@
3778xl.com: could not connect to host
3839.ca: could not connect to host
38888msc.com: could not connect to host
-388da.com: could not connect to host
-38blog.com: could not connect to host
+38blog.com: did not receive HSTS header
38sihu.com: could not connect to host
3candy.com: could not connect to host
3chit.cf: could not connect to host
@@ -290,6 +298,9 @@
3dm.audio: could not connect to host
3dproteinimaging.com: did not receive HSTS header
3fl.com: did not receive HSTS header
+3hl0.net: could not connect to host
+3ik.us: could not connect to host
+3james.com: could not connect to host
3mbo.de: did not receive HSTS header
3sreporting.com: did not receive HSTS header
3vlnaeet.cz: could not connect to host
@@ -307,23 +318,21 @@
404forest.com: did not receive HSTS header
41844.de: could not connect to host
420dongstorm.com: could not connect to host
-4237.com: max-age too low: 86400
-42day.info: could not connect to host
+4237.com: could not connect to host
42entrepreneurs.fr: did not receive HSTS header
42ms.org: could not connect to host
42t.ru: could not connect to host
-439050.com: could not connect to host
-439191.com: did not receive HSTS header
+439191.com: could not connect to host
440hz-radio.de: did not receive HSTS header
440hz.radio: did not receive HSTS header
4455software.com: did not receive HSTS header
448da.com: did not receive HSTS header
44957.com: could not connect to host
-44scc.com: did not receive HSTS header
-44sec.com: could not connect to host
+44scc.com: could not connect to host
4500.co.il: did not receive HSTS header
4679.space: did not receive HSTS header
478933.com: could not connect to host
+47essays.com: could not connect to host
47tech.com: could not connect to host
4997777.com: could not connect to host
4azino777.ru: did not receive HSTS header
@@ -331,6 +340,7 @@
4bike.eu: did not receive HSTS header
4cclothing.com: could not connect to host
4d2.xyz: could not connect to host
+4decor.org: max-age too low: 0
4hvac.com: did not receive HSTS header
4loc.us: could not connect to host
4miners.net: could not connect to host
@@ -344,11 +354,16 @@
500103.com: did not receive HSTS header
500108.com: did not receive HSTS header
500fcw.com: could not connect to host
+500k.nl: could not connect to host
+508088.com: could not connect to host
50ma.xyz: could not connect to host
50millionablaze.org: could not connect to host
+50plusnet.nl: could not connect to host
513vpn.net: could not connect to host
517vpn.cn: could not connect to host
518maicai.com: could not connect to host
+51aifuli.com: could not connect to host
+51tiaojiu.com: could not connect to host
5214889.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
5214889.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
52b9.com: could not connect to host
@@ -365,14 +380,16 @@
555fl.com: max-age too low: 129600
555xl.com: could not connect to host
55bt.cc: did not receive HSTS header
-55scc.com: did not receive HSTS header
+55scc.com: could not connect to host
56877.com: could not connect to host
56ct.com: could not connect to host
57aromas.com: did not receive HSTS header
+57he.com: could not connect to host
598598598.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
5chat.it: could not connect to host
5ece.de: could not connect to host
5piecesofadvice.com: could not connect to host
+5starbouncycastlehire.co.uk: did not receive HSTS header
5w5.la: did not receive HSTS header
605508.cc: could not connect to host
605508.com: could not connect to host
@@ -384,18 +401,19 @@
64616e.xyz: could not connect to host
64970.com: did not receive HSTS header
64bitgaming.de: could not connect to host
+64bitservers.net: could not connect to host
+65d88.com: could not connect to host
660011.com: did not receive HSTS header
66205.net: did not receive HSTS header
+6677.us: could not connect to host
668da.com: did not receive HSTS header
67899876.com: did not receive HSTS header
688da.com: could not connect to host
692b8c32.de: could not connect to host
69mentor.com: could not connect to host
69square.com: could not connect to host
-6ird.com: did not receive HSTS header
6w6.la: did not receive HSTS header
6z3.net: could not connect to host
-7045.com: could not connect to host
7183.org: could not connect to host
721av.com: could not connect to host
724go.com: could not connect to host
@@ -403,7 +421,8 @@
72ty.com: could not connect to host
72ty.net: could not connect to host
73223.com: did not receive HSTS header
-7570.com: could not connect to host
+73info.com: could not connect to host
+7570.com: did not receive HSTS header
771122.tv: did not receive HSTS header
7717a.com: did not receive HSTS header
772244.net: did not receive HSTS header
@@ -413,17 +432,18 @@
778da.com: did not receive HSTS header
77book.cn: could not connect to host
788da.com: did not receive HSTS header
-789zr.com: max-age too low: 86400
+789zr.com: could not connect to host
7f-wgg.cf: could not connect to host
+7kovrikov.ru: did not receive HSTS header
7links.com.br: did not receive HSTS header
7nw.eu: could not connect to host
+7proxies.com: did not receive HSTS header
7thheavenrestaurant.com: could not connect to host
8.net.co: could not connect to host
-80036.com: could not connect to host
+80036.com: did not receive HSTS header
8003pay.com: could not connect to host
-808.lv: could not connect to host
+808.lv: did not receive HSTS header
808phone.net: could not connect to host
-81818app.com: could not connect to host
81uc.com: could not connect to host
8206688.com: did not receive HSTS header
826468.com: could not connect to host
@@ -434,9 +454,11 @@
8522cn.com: did not receive HSTS header
8522top.com: could not connect to host
8560.be: could not connect to host
+8688fc.com: could not connect to host
+86metro.ru: could not connect to host
8722.com: did not receive HSTS header
87577.com: could not connect to host
-88.to: could not connect to host
+88.to: did not receive HSTS header
8887999.com: could not connect to host
8888av.co: could not connect to host
8888esb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -466,10 +488,12 @@
8ballbombom.uk: could not connect to host
8da2017.com: did not receive HSTS header
8da2018.com: could not connect to host
-8dabet.com: could not connect to host
8mpay.com: did not receive HSTS header
+8pecxstudios.com: could not connect to host
+8shequapp.com: could not connect to host
+8svn.com: could not connect to host
8t88.biz: could not connect to host
-8ung.online: could not connect to host
+8ung.online: did not receive HSTS header
8xx.bet: could not connect to host
8xx.io: could not connect to host
8xx888.com: could not connect to host
@@ -477,14 +501,13 @@
91-freedom.com: could not connect to host
9118b.com: could not connect to host
911911.pw: could not connect to host
-915ers.com: did not receive HSTS header
+915ers.com: could not connect to host
919945.com: did not receive HSTS header
91dh.cc: could not connect to host
-91lt.info: could not connect to host
+91lt.info: did not receive HSTS header
922.be: could not connect to host
92bmh.com: did not receive HSTS header
-9454.com: max-age too low: 86400
-94cs.cn: did not receive HSTS header
+9454.com: could not connect to host
9500years.com: max-age too low: 0
95778.com: could not connect to host
960news.ca: could not connect to host
@@ -498,6 +521,7 @@
987987.com: did not receive HSTS header
9906753.net: did not receive HSTS header
99511.fi: did not receive HSTS header
+99599.net: could not connect to host
99buffets.com: could not connect to host
9bingo.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
9iwan.net: did not receive HSTS header
@@ -506,19 +530,23 @@
9ss6.com: could not connect to host
9vies.ca: could not connect to host
9won.kr: could not connect to host
+9y.at: could not connect to host
a-intel.com: could not connect to host
a-ix.net: could not connect to host
a-plus.space: could not connect to host
a-rickroll-n.pw: could not connect to host
a-shafaat.ir: did not receive HSTS header
+a-starbouncycastles.co.uk: could not connect to host
a-theme.com: could not connect to host
a1-autopartsglasgow.com: could not connect to host
a1798.com: could not connect to host
a200k.xyz: did not receive HSTS header
-a2a.net: could not connect to host
a2c-co.net: could not connect to host
a2it.gr: max-age too low: 0
+a3.pm: did not receive HSTS header
a3workshop.swiss: could not connect to host
+a7m2.me: could not connect to host
+a8q.org: could not connect to host
a9c.co: could not connect to host
aa43d.cn: could not connect to host
aa6688.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -526,25 +554,24 @@ aa7733.com: could not connect to host
aaeblog.com: did not receive HSTS header
aaeblog.net: did not receive HSTS header
aaeblog.org: did not receive HSTS header
+aanbieders.ga: could not connect to host
aaoo.net: could not connect to host
aapp.space: could not connect to host
aardvarksolutions.co.za: did not receive HSTS header
aariefhaafiz.com: could not connect to host
aaron-gustafson.com: did not receive HSTS header
+aaronburt.co.uk: could not connect to host
aaronmcguire.me: did not receive HSTS header
aarvinproperties.com: could not connect to host
ab-bauservice-berlin.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
abacus-events.co.uk: did not receive HSTS header
-abacustech.net: did not receive HSTS header
-abacustech.org: did not receive HSTS header
abareplace.com: did not receive HSTS header
abasky.net: could not connect to host
abcdentalcare.com: did not receive HSTS header
abcdobebe.com: did not receive HSTS header
-abchelp.net: did not receive HSTS header
+abchelp.net: could not connect to host
abearofsoap.com: could not connect to host
abecodes.net: could not connect to host
-abeontech.com: could not connect to host
aberdeenalmeras.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
abi-fvs.de: could not connect to host
abigailstark.com: could not connect to host
@@ -560,24 +587,21 @@ abou.to: could not connect to host
about.ge: did not receive HSTS header
aboutassistedliving.org: did not receive HSTS header
aboutmyip.info: did not receive HSTS header
-aboutmyproperty.ca: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
aboutyou-deals.de: could not connect to host
abraxan.pro: could not connect to host
absimple.ca: did not receive HSTS header
absinthium.ch: could not connect to host
absolutewaterproofingsolutions.com: did not receive HSTS header
abstractbarista.com: could not connect to host
-abstractbarista.net: could not connect to host
abt.de: did not receive HSTS header
abtom.de: did not receive HSTS header
abury.fr: did not receive HSTS header
abury.me: did not receive HSTS header
abyssgaming.eu: could not connect to host
-ac-epmservices.com: could not connect to host
ac.milan.it: did not receive HSTS header
acabadosboston.com: could not connect to host
academialowcost.com.br: did not receive HSTS header
-academicenterprise.org: could not connect to host
+academicenterprise.org: did not receive HSTS header
academy4.net: did not receive HSTS header
acadianapatios.com: did not receive HSTS header
acai51.net: could not connect to host
@@ -589,6 +613,7 @@ accelerate.network: could not connect to host
accelerole.com: did not receive HSTS header
accelight.co.jp: did not receive HSTS header
accelight.jp: did not receive HSTS header
+accelsnow.com: could not connect to host
access-sofia.org: did not receive HSTS header
accolade.com.br: could not connect to host
accoun.technology: could not connect to host
@@ -600,6 +625,7 @@ acelpb.com: could not connect to host
acemypaper.com: could not connect to host
acg.mn: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
acg.sb: could not connect to host
+acg18.us: max-age too low: 0
acgaudio.com: could not connect to host
acgmoon.org: did not receive HSTS header
acgpiano.club: could not connect to host
@@ -618,9 +644,11 @@ acr.im: could not connect to host
acraft.org: could not connect to host
acrepairdrippingsprings.com: could not connect to host
acritelli.com: did not receive HSTS header
+across.ml: could not connect to host
acrossgw.com: could not connect to host
acsihostingsolutions.com: did not receive HSTS header
acslimited.co.uk: did not receive HSTS header
+actc81.fr: could not connect to host
actilove.ch: could not connect to host
actiontowingroundrock.com: could not connect to host
activateplay.com: did not receive HSTS header
@@ -635,7 +663,7 @@ actualite-videos.com: [Exception... "Component returned failure code: 0x80004005
acuve.jp: could not connect to host
acyume.com: did not receive HSTS header
ad-disruptio.fr: could not connect to host
-ad13.in: could not connect to host
+ad13.in: did not receive HSTS header
ada.is: max-age too low: 2592000
adajwells.me: could not connect to host
adambryant.ca: could not connect to host
@@ -669,8 +697,6 @@ admin-forms.co.uk: did not receive HSTS header
admin-numerique.com: did not receive HSTS header
admin.google.com: did not receive HSTS header (error ignored - included regardless)
adminwerk.com: did not receive HSTS header
-adminwerk.net: did not receive HSTS header
-admiral.dp.ua: did not receive HSTS header
admitcard.co.in: could not connect to host
admsel.ec: could not connect to host
adoal.net: did not receive HSTS header
@@ -679,6 +705,7 @@ adonairelogios.com.br: could not connect to host
adoniscabaret.co.uk: could not connect to host
adopteunsiteflash.com: could not connect to host
adora-illustrations.fr: did not receive HSTS header
+adorade.ro: could not connect to host
adprospb.com: did not receive HSTS header
adquisitio.de: could not connect to host
adquisitio.in: could not connect to host
@@ -701,15 +728,20 @@ advancedplasticsurgerycenter.com: did not receive HSTS header
advancedseotool.it: did not receive HSTS header
advancedstudio.ro: could not connect to host
advancedwriters.com: could not connect to host
-advantagemechanicalinc.com: could not connect to host
+advantagemechanicalinc.com: did not receive HSTS header
+advelty.cz: could not connect to host
adventistdeploy.org: could not connect to host
adventures.is: did not receive HSTS header
adver.top: could not connect to host
advertisemant.com: could not connect to host
adviespuntklokkenluiders.nl: could not connect to host
+adwokatkosterka.pl: did not receive HSTS header
adzie.xyz: could not connect to host
adzuna.co.uk: did not receive HSTS header
+ae-dir.com: could not connect to host
+ae-dir.org: could not connect to host
aegialis.com: did not receive HSTS header
+aelisya.ch: could not connect to host
aelurus.com: could not connect to host
aemoria.com: could not connect to host
aeon.wiki: could not connect to host
@@ -724,8 +756,8 @@ aether.pw: could not connect to host
aethonan.pro: could not connect to host
aevpn.net: could not connect to host
aevpn.org: could not connect to host
-aeyoun.com: did not receive HSTS header
af-fotografie.net: did not receive HSTS header
+af-internet.nl: did not receive HSTS header
afdkompakt.de: max-age too low: 86400
afeefzarapackages.com: did not receive HSTS header
affily.io: could not connect to host
@@ -738,9 +770,11 @@ aflamtorrent.com: could not connect to host
afmchandler.com: did not receive HSTS header
afp548.tk: could not connect to host
after.im: did not receive HSTS header
+afterskool.eu: could not connect to host
afterstack.net: could not connect to host
-afvallendoeje.nu: did not receive HSTS header
+afvallendoeje.nu: could not connect to host
afyou.co.kr: could not connect to host
+afzco.asia: did not receive HSTS header
agalaxyfarfaraway.co.uk: could not connect to host
agatheetraphael.fr: could not connect to host
agbremen.de: did not receive HSTS header
@@ -748,6 +782,7 @@ agdalieso.com.ba: could not connect to host
agelesscitizen.com: could not connect to host
agelesscitizens.com: could not connect to host
agenbettingasia.com: did not receive HSTS header
+agenceklic.com: did not receive HSTS header
agenciagriff.com: did not receive HSTS header
agencymanager.be: could not connect to host
agentseeker.ca: could not connect to host
@@ -760,21 +795,17 @@ agonswim.com: could not connect to host
agoravm.tk: could not connect to host
agowa.eu: did not receive HSTS header
agowa338.de: did not receive HSTS header
-agracan.com: could not connect to host
agrafix.design: did not receive HSTS header
-agrarking.com: could not connect to host
agrias.com.br: did not receive HSTS header
agrikulturchic.com: could not connect to host
agrimap.com: did not receive HSTS header
agro-id.gov.ua: did not receive HSTS header
agro.rip: did not receive HSTS header
agroglass.com.br: did not receive HSTS header
-agroyard.com.ua: could not connect to host
agtv.com.br: did not receive HSTS header
ahabingo.com: did not receive HSTS header
ahelos.tk: could not connect to host
ahiru3.com: did not receive HSTS header
-ahkubiak.ovh: could not connect to host
aholic.co: did not receive HSTS header
ahoynetwork.com: could not connect to host
ahri.ovh: could not connect to host
@@ -784,7 +815,7 @@ ahwatukeefoothillsmontessori.com: did not receive HSTS header
ai1989.com: could not connect to host
aibaoyou.com: could not connect to host
aibsoftware.mx: could not connect to host
-aicial.com: could not connect to host
+aicial.com: did not receive HSTS header
aicial.com.au: could not connect to host
aid-web.ch: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
aidanwoods.com: did not receive HSTS header
@@ -796,7 +827,6 @@ aifreeze.ru: could not connect to host
aify.eu: could not connect to host
aikenorganics.com: could not connect to host
aim-consultants.com: did not receive HSTS header
-aimerworld.com: did not receive HSTS header
aimrom.org: could not connect to host
ainrb.com: could not connect to host
aioboot.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -808,10 +838,9 @@ airconsalberton.co.za: did not receive HSTS header
airconsboksburg.co.za: did not receive HSTS header
airconsfourways.co.za: did not receive HSTS header
airconsmidrand.co.za: did not receive HSTS header
+airconssandton.co.za: did not receive HSTS header
airedaleterrier.com.br: could not connect to host
airfax.io: could not connect to host
-airhorn.de: did not receive HSTS header
-airicy.com: did not receive HSTS header
airlea.com: could not connect to host
airlinecheckins.com: did not receive HSTS header
airlinesettlement.com: did not receive HSTS header
@@ -826,6 +855,7 @@ aiticon.de: did not receive HSTS header
aivene.com: could not connect to host
aiw-thkoeln.online: could not connect to host
aixxe.net: did not receive HSTS header
+aizxxs.net: could not connect to host
ajetaci.cz: could not connect to host
ajibot.com: could not connect to host
ajmahal.com: could not connect to host
@@ -841,16 +871,19 @@ akhilindurti.com: could not connect to host
akhras.at: did not receive HSTS header
akiba-server.info: could not connect to host
akihiro.xyz: could not connect to host
+akita-boutique.com: could not connect to host
akita-stream.com: could not connect to host
akkadia.cc: could not connect to host
akkeylab.com: could not connect to host
akoch.net: could not connect to host
akombakom.net: could not connect to host
akracing.se: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+akritikos.info: could not connect to host
akselimedia.fi: could not connect to host
akstudentsfirst.org: could not connect to host
aktan.com.br: could not connect to host
-aktivist.in: could not connect to host
+aktivist.in: did not receive HSTS header
+aktuelle-uhrzeit.at: did not receive HSTS header
akul.co.in: could not connect to host
al-f.net: could not connect to host
al-shami.net: could not connect to host
@@ -867,13 +900,13 @@ alauda-home.de: could not connect to host
alaundeil.xyz: could not connect to host
albanien.guide: could not connect to host
alberguecimballa.es: could not connect to host
-albertbogdanowicz.pl: could not connect to host
albertify.xyz: could not connect to host
albertonplumber24-7.co.za: did not receive HSTS header
albertopimienta.com: did not receive HSTS header
+albuic.tk: could not connect to host
alcantarafleuriste.com: did not receive HSTS header
alcatelonetouch.us: could not connect to host
-alcatraz.online: could not connect to host
+alcatraz.online: did not receive HSTS header
alcazaar.com: could not connect to host
alchemia.co.il: did not receive HSTS header
alcorao.org: could not connect to host
@@ -882,19 +915,19 @@ aldred.cloud: could not connect to host
aleax.me: could not connect to host
alecvannoten.be: did not receive HSTS header
aledg.cl: could not connect to host
+alela.fr: could not connect to host
alenan.org: could not connect to host
aleph.land: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
alertaenlinea.gov: did not receive HSTS header
alessandro.pw: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-alessandroonline.com.br: did not receive HSTS header
alessandroz.ddns.net: could not connect to host
alessandroz.pro: could not connect to host
alethearose.com: did not receive HSTS header
alexandernorth.ch: could not connect to host
alexandre.sh: did not receive HSTS header
+alexdaulby.com: did not receive HSTS header
alexdodge.ca: did not receive HSTS header
alexfisherhealth.com.au: did not receive HSTS header
-alexgebhard.com: could not connect to host
alexhaydock.co.uk: did not receive HSTS header
alexischaussy.xyz: could not connect to host
alexismeza.com: could not connect to host
@@ -914,6 +947,7 @@ algarmatic-automatismos.pt: could not connect to host
algebraaec.com: did not receive HSTS header
alghaib.com: could not connect to host
alibababee.com: did not receive HSTS header
+alibip.de: could not connect to host
alicialab.org: could not connect to host
alien.bz: did not receive HSTS header
alilialili.ga: could not connect to host
@@ -926,9 +960,10 @@ alittlebitcheeky.com: did not receive HSTS header
aliwebstore.com: could not connect to host
aljammaz.holdings: could not connect to host
aljmz.com: did not receive HSTS header
+aljweb.com: could not connect to host
alkami.com: max-age too low: 0
alkamitech.com: max-age too low: 0
-alkel.info: could not connect to host
+alkel.info: did not receive HSTS header
all-subtitles.com: could not connect to host
all.tf: could not connect to host
all4os.com: did not receive HSTS header
@@ -936,17 +971,20 @@ allaboutbelgaum.com: did not receive HSTS header
alldaymonitoring.com: could not connect to host
alldm.ru: could not connect to host
allegro-inc.com: did not receive HSTS header
+allemobieleproviders.nl: could not connect to host
allerbestefreunde.de: did not receive HSTS header
allgrass.es: did not receive HSTS header
allgrass.net: did not receive HSTS header
allhard.org: could not connect to host
alliance-compacts.com: did not receive HSTS header
+alliances-faq.de: could not connect to host
allinnote.com: could not connect to host
-allinonecyprus.com: did not receive HSTS header
+allinonecyprus.com: could not connect to host
allkindzabeats.com: did not receive HSTS header
allladyboys.com: could not connect to host
allmbw.com: could not connect to host
allmystery.de: did not receive HSTS header
+allo-symo.fr: did not receive HSTS header
allods-zone.ru: did not receive HSTS header
alloffice.com.ua: did not receive HSTS header
alloinformatique.net: could not connect to host
@@ -962,7 +1000,9 @@ allstorebrasil.com.br: could not connect to host
alltheducks.com: max-age too low: 43200
allthingsblogging.com: could not connect to host
allthingsfpl.com: could not connect to host
+allthingssquared.com: could not connect to host
alltubedownload.net: could not connect to host
+allvips.ru: could not connect to host
almagalla.com: could not connect to host
almatinki.com: could not connect to host
aloalabs.com: did not receive HSTS header
@@ -971,12 +1011,14 @@ alorenzi.eu: did not receive HSTS header
alp.net.cn: could not connect to host
alparque.com: did not receive HSTS header
alpe-d-or.dyn-o-saur.com: could not connect to host
+alpencam.com: could not connect to host
alpha.irccloud.com: could not connect to host
alphabit-secure.com: could not connect to host
alphabuild.io: could not connect to host
alphagamers.net: did not receive HSTS header
alphahunks.com: could not connect to host
alphalabs.xyz: could not connect to host
+alrait.com: could not connect to host
als-hardware.co.za: did not receive HSTS header
alspolska.pl: max-age too low: 2592000
alt-tab-design.com: did not receive HSTS header
@@ -987,16 +1029,17 @@ altailife.ru: did not receive HSTS header
altamarea.se: could not connect to host
altbinaries.com: could not connect to host
alteqnia.com: could not connect to host
-altercpa.ru: did not receive HSTS header
+altercpa.ru: max-age too low: 0
altered.network: could not connect to host
altfire.ca: could not connect to host
altiacaselight.com: could not connect to host
altitudemoversdenver.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-altoneum.com: did not receive HSTS header
+altonblom.com: did not receive HSTS header
+altoneum.com: could not connect to host
altporn.xyz: could not connect to host
altruistgroup.net: max-age too low: 300
aluminium-scaffolding.co.uk: could not connect to host
-alunjam.es: did not receive HSTS header
+alunjam.es: could not connect to host
alunonaescola.com.br: did not receive HSTS header
aluoblog.pw: could not connect to host
aluoblog.top: could not connect to host
@@ -1007,6 +1050,7 @@ am8888.top: could not connect to host
amaderelectronics.com: max-age too low: 2592000
amadilo.de: could not connect to host
amadoraslindas.com: could not connect to host
+amaforro.com: could not connect to host
amaforums.org: did not receive HSTS header
amandaonishi.com: could not connect to host
amaranthus.com.ph: could not connect to host
@@ -1031,6 +1075,7 @@ americansforcommunitydevelopment.org: did not receive HSTS header
americansportsinstitute.org: did not receive HSTS header
americanworkwear.nl: did not receive HSTS header
ameschristian.net: did not receive HSTS header
+amesplash.co.uk: did not receive HSTS header
amethystcards.co.uk: could not connect to host
ameza.co.uk: could not connect to host
ameza.com.mx: could not connect to host
@@ -1049,7 +1094,7 @@ amin.one: could not connect to host
amisharingstuff.com: could not connect to host
amishsecurity.com: could not connect to host
amitse.com: did not receive HSTS header
-amitube.com: did not receive HSTS header
+amitube.com: could not connect to host
amleeds.co.uk: did not receive HSTS header
amlvfs.net: could not connect to host
ammoulianiapartments.com: did not receive HSTS header
@@ -1071,6 +1116,7 @@ anadoluefessporkulubu.org: could not connect to host
anagra.ms: could not connect to host
anaiscoachpersonal.es: could not connect to host
anaisypirueta.es: did not receive HSTS header
+anajianu.ro: max-age too low: 2592000
anakros.me: could not connect to host
analangelsteen.com: could not connect to host
analpantyhose.org: could not connect to host
@@ -1085,10 +1131,10 @@ anchorgrounds.com: did not receive HSTS header
anchorinmarinainc.com: did not receive HSTS header
ancient-gates.de: could not connect to host
ancientkarma.com: could not connect to host
-ancientnorth.com: did not receive HSTS header
andbraiz.com: did not receive HSTS header
-andere-gedanken.net: max-age too low: 10
+andere-gedanken.net: did not receive HSTS header
anderslind.dk: could not connect to host
+andiscyber.space: could not connect to host
andreagobetti.com: did not receive HSTS header
andreas-kluge.eu: could not connect to host
andreasanti.net: did not receive HSTS header
@@ -1098,19 +1144,19 @@ andreasfritz-fotografie.de: could not connect to host
andreaskluge.eu: could not connect to host
andreasr.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
andreastoneman.com: could not connect to host
+andrefaber.nl: did not receive HSTS header
andrei-coman.com: did not receive HSTS header
andreigec.net: did not receive HSTS header
andrejbenz.com: could not connect to host
+andrejstefanovski.com: did not receive HSTS header
andrepicard.de: could not connect to host
andrerose.ca: did not receive HSTS header
-andrespaz.com: could not connect to host
andrewbroekman.com: could not connect to host
andrewdavidwong.com: did not receive HSTS header
andrewdaws.co: could not connect to host
andrewdaws.info: could not connect to host
andrewdaws.me: could not connect to host
andrewdaws.tv: could not connect to host
-andrewhowden.com: did not receive HSTS header
andrewmichaud.beer: could not connect to host
andrewrdaws.com: could not connect to host
andrewregan.me: could not connect to host
@@ -1137,6 +1183,7 @@ anendlesssupply.co.uk: did not receive HSTS header
anfenglish.com: did not receive HSTS header
anfsanchezo.co: could not connect to host
anfsanchezo.me: could not connect to host
+ange-de-bonheur444.com: could not connect to host
angelic47.com: could not connect to host
angeloroberto.ch: did not receive HSTS header
angeloventuri.com: did not receive HSTS header
@@ -1159,6 +1206,7 @@ anime1.top: could not connect to host
anime1video.tk: could not connect to host
animeday.ml: could not connect to host
animesfusion.com.br: could not connect to host
+animojis.es: could not connect to host
animurecs.com: could not connect to host
aniplus.cf: could not connect to host
aniplus.gq: could not connect to host
@@ -1167,7 +1215,7 @@ anisekai.com: max-age too low: 2592000
anita-mukorom.hu: did not receive HSTS header
anitklib.ml: could not connect to host
anitube-nocookie.ch: could not connect to host
-anivar.net: did not receive HSTS header
+anivar.net: could not connect to host
ankakaak.com: could not connect to host
ankaraprofesyonelnakliyat.com: did not receive HSTS header
ankaraprofesyonelnakliyat.com.tr: did not receive HSTS header
@@ -1176,16 +1224,17 @@ ankya9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR
anlp.top: could not connect to host
annabellaw.com: did not receive HSTS header
annahmeschluss.de: did not receive HSTS header
-annangela.moe: did not receive HSTS header
annarbor.group: did not receive HSTS header
annetaan.fi: could not connect to host
annevankesteren.com: could not connect to host
annevankesteren.org: could not connect to host
annicascakes.nl: could not connect to host
+annotate.software: could not connect to host
annrusnak.com: did not receive HSTS header
annsbouncycastles.com: could not connect to host
anomaly.ws: did not receive HSTS header
anonboards.com: could not connect to host
+anoneko.com: could not connect to host
anonrea.ch: could not connect to host
anonukradio.org: could not connect to host
anonymo.co.uk: could not connect to host
@@ -1198,6 +1247,7 @@ ansermfg.com: max-age too low: 0
ansgar.tk: could not connect to host
anshuman-chatterjee.com: did not receive HSTS header
anshumanbiswas.com: could not connect to host
+ansibeast.net: did not receive HSTS header
answers-online.ru: could not connect to host
ant.land: could not connect to host
antecim.fr: could not connect to host
@@ -1213,7 +1263,6 @@ antimatiere.space: could not connect to host
antimine.kr: could not connect to host
antipa.ch: could not connect to host
antirayapmalang.com: did not receive HSTS header
-antocom.com: could not connect to host
antoine-roux.fr: did not receive HSTS header
antoinebetas.be: max-age too low: 0
antoined.fr: did not receive HSTS header
@@ -1224,10 +1273,12 @@ antoniorequena.com.ve: could not connect to host
antons.io: did not receive HSTS header
antraxx.ee: could not connect to host
antscript.com: did not receive HSTS header
-anttitenhunen.com: could not connect to host
anunayk.com: could not connect to host
anycoin.me: could not connect to host
anyfood.fi: could not connect to host
+anypool.fr: did not receive HSTS header
+anypool.net: did not receive HSTS header
+anyprime.net: could not connect to host
anytonetech.com: did not receive HSTS header
anyways.at: could not connect to host
aobogo.com: could not connect to host
@@ -1249,7 +1300,7 @@ aperture-laboratories.science: did not receive HSTS header
api.mega.co.nz: could not connect to host
apibot.de: could not connect to host
apience.com: did not receive HSTS header
-apila.us: could not connect to host
+apiled.io: could not connect to host
apis.blue: could not connect to host
apis.google.com: did not receive HSTS header (error ignored - included regardless)
apis.world: could not connect to host
@@ -1258,22 +1309,24 @@ apkdv.com: did not receive HSTS header
apkoyunlar.club: could not connect to host
apkriver.com: did not receive HSTS header
apl2bits.net: did not receive HSTS header
-apm.com.tw: did not receive HSTS header
apmg-certified.com: did not receive HSTS header
apmg-cyber.com: did not receive HSTS header
apmpproject.org: did not receive HSTS header
apnakliyat.com: did not receive HSTS header
-apolloyl.com: could not connect to host
+apo-deutschland.biz: could not connect to host
+apolloyl.com: did not receive HSTS header
apollyon.work: could not connect to host
aponkral.site: could not connect to host
aponkralsunucu.com: could not connect to host
aponow.de: did not receive HSTS header
-apotheek-nl.org: max-age too low: 3600
+apostilasaprovacao.com: could not connect to host
+apotheek-nl.org: did not receive HSTS header
app: could not connect to host
app-arena.com: did not receive HSTS header
app.manilla.com: could not connect to host
apparels24.com: did not receive HSTS header
appart.ninja: could not connect to host
+appchive.net: could not connect to host
appcoins.io: did not receive HSTS header
appdb.cc: did not receive HSTS header
appdrinks.com: could not connect to host
@@ -1283,7 +1336,7 @@ appimlab.it: could not connect to host
apple-watch-zubehoer.de: could not connect to host
apple.ax: could not connect to host
applejacks-bouncy-castles.co.uk: could not connect to host
-applewatch.co.nz: could not connect to host
+applewatch.co.nz: did not receive HSTS header
applez.xyz: could not connect to host
appliancerepairlosangeles.com: did not receive HSTS header
applic8.com: did not receive HSTS header
@@ -1291,7 +1344,6 @@ apply55gx.com: could not connect to host
appointed.at: did not receive HSTS header
appraisal-comps.com: could not connect to host
appreciationkards.com: did not receive HSTS header
-apprenticeships.gov: did not receive HSTS header
approlys.fr: did not receive HSTS header
apps-for-fishing.com: could not connect to host
apps4all.sytes.net: could not connect to host
@@ -1300,23 +1352,23 @@ appsdash.io: could not connect to host
appson.co.uk: did not receive HSTS header
apptoutou.com: could not connect to host
appuro.com: did not receive HSTS header
-appxcrypto.com: did not receive HSTS header
-aproposcomputing.com: could not connect to host
+aprefix.com: could not connect to host
aprpullmanportermuseum.org: did not receive HSTS header
-aprr.org: could not connect to host
-aptitude9.com: could not connect to host
+aptitude9.com: did not receive HSTS header
aqilacademy.com.au: could not connect to host
aqqrate.com: could not connect to host
aquariumaccessories.shop: could not connect to host
+aquaselect.eu: could not connect to host
aquilaguild.com: could not connect to host
aquilalab.com: could not connect to host
aquireceitas.com: did not receive HSTS header
ar.al: did not receive HSTS header
-arabdigitalexpression.org: did not receive HSTS header
+arabdigitalexpression.org: could not connect to host
arabsexi.info: could not connect to host
aradulconteaza.ro: could not connect to host
aran.me.uk: could not connect to host
aranel.me: could not connect to host
+arawaza.biz: did not receive HSTS header
arawaza.info: could not connect to host
arboineuropa.nl: did not receive HSTS header
arboleda-hurtado.com: could not connect to host
@@ -1335,8 +1387,7 @@ area3.org: could not connect to host
areallyneatwebsite.com: could not connect to host
arent.kz: did not receive HSTS header
arenzanaphotography.com: could not connect to host
-areqgaming.com: could not connect to host
-arewedubstepyet.com: did not receive HSTS header
+arewedubstepyet.com: could not connect to host
areyouever.me: could not connect to host
argennon.xyz: could not connect to host
argh.io: could not connect to host
@@ -1345,6 +1396,7 @@ ariaartgallery.com: did not receive HSTS header
ariacreations.net: did not receive HSTS header
arifburhan.online: could not connect to host
arifp.me: could not connect to host
+arimarie.com: could not connect to host
arinflatablefun.co.uk: could not connect to host
arislight.com: could not connect to host
aristilabs.com: did not receive HSTS header
@@ -1352,19 +1404,19 @@ aristocratps.com: did not receive HSTS header
arithxu.com: did not receive HSTS header
arizer.com: did not receive HSTS header
arka.gq: did not receive HSTS header
+arkbyte.com: did not receive HSTS header
arknodejs.com: could not connect to host
arlen.io: could not connect to host
arlen.se: could not connect to host
arlet.click: could not connect to host
arlingtonwine.net: could not connect to host
-arm-host.com: did not receive HSTS header
arm.gov: could not connect to host
armazemdaminiatura.com.br: could not connect to host
armeni-jewellery.gr: did not receive HSTS header
armenians.online: could not connect to host
armingrodon.de: did not receive HSTS header
armodec.com: did not receive HSTS header
-armor.com: did not receive HSTS header
+armor.com: could not connect to host
armored.ninja: did not receive HSTS header
armory.consulting: could not connect to host
armory.supplies: could not connect to host
@@ -1392,11 +1444,11 @@ artansoft.com: could not connect to host
artaronquieres.com: did not receive HSTS header
artartefatos.com.br: could not connect to host
artbytik.ru: did not receive HSTS header
+arteequipamientos.com.uy: did not receive HSTS header
artegusto.ru: did not receive HSTS header
artemicroway.com.br: could not connect to host
arteseideias.com.pt: did not receive HSTS header
artesupra.com: did not receive HSTS header
-arthan.me: could not connect to host
arti-group.ml: max-age too low: 2592000
articaexports.com: could not connect to host
artifex21.com: did not receive HSTS header
@@ -1408,6 +1460,7 @@ artisense.de: could not connect to host
artisphere.ch: did not receive HSTS header
artisticedgegranite.net: could not connect to host
artistnetwork.nl: did not receive HSTS header
+artmaxi.eu: could not connect to host
artnims.com: could not connect to host
arto.bg: did not receive HSTS header
artofeyes.nl: could not connect to host
@@ -1415,7 +1468,6 @@ artsinthevalley.net.au: did not receive HSTS header
artstopinc.com: did not receive HSTS header
artyland.ru: could not connect to host
arvamus.eu: could not connect to host
-arxell.com: did not receive HSTS header
arzaroth.com: did not receive HSTS header
as.se: could not connect to host
as9178.net: could not connect to host
@@ -1425,50 +1477,48 @@ asana.studio: did not receive HSTS header
asasuou.pw: could not connect to host
asc16.com: could not connect to host
aschaefer.net: could not connect to host
-ascii.moe: could not connect to host
asdpress.cn: could not connect to host
+aseith.com: could not connect to host
asepms.com: max-age too low: 7776000
-asge-handel.de: did not receive HSTS header
ashlane-cottages.com: could not connect to host
ashleakunowski.com: could not connect to host
ashleyadum.com: could not connect to host
ashleyfoley.photography: could not connect to host
+ashleymadison.com: could not connect to host
ashleymedway.com: could not connect to host
asian-archi.com.tw: did not receive HSTS header
asianbet77.co: did not receive HSTS header
asianbet77.net: did not receive HSTS header
-asiesvenezuela.com: could not connect to host
asisee.co.il: could not connect to host
-asisee.photography: could not connect to host
ask.pe: could not connect to host
askfit.cz: did not receive HSTS header
askmagicconch.com: could not connect to host
+aslinfinity.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
asm-x.com: could not connect to host
asmik-armenie.com: did not receive HSTS header
asmm.cc: did not receive HSTS header
asmui.ga: could not connect to host
asmui.ml: did not receive HSTS header
asoftwareco.com: did not receive HSTS header
-aspargesgaarden.no: could not connect to host
asphaltfruehling.de: could not connect to host
asral7.com: could not connect to host
-asryflorist.com: could not connect to host
-ass.org.au: could not connect to host
+asryflorist.com: did not receive HSTS header
+ass.org.au: did not receive HSTS header
assadrivesloirecher.com: did not receive HSTS header
assdecoeur.org: could not connect to host
assekuranzjobs.de: could not connect to host
asset-alive.com: did not receive HSTS header
asset-alive.net: could not connect to host
assetsupervision.com: could not connect to host
-assindia.nl: could not connect to host
+assindia.nl: did not receive HSTS header
assistance-personnes-agees.ch: could not connect to host
assistcart.com: could not connect to host
+asspinter.me: could not connect to host
assurancesmons.be: did not receive HSTS header
astaninki.com: could not connect to host
asthon.cn: could not connect to host
astraalivankila.net: could not connect to host
astral.gq: did not receive HSTS header
-astral.org.pl: could not connect to host
astrath.net: could not connect to host
astrea-voetbal-groningen.nl: could not connect to host
astrolpost.com: could not connect to host
@@ -1479,7 +1529,8 @@ astutr.co: could not connect to host
asuhe.cc: could not connect to host
asuhe.win: did not receive HSTS header
asuhe.xyz: could not connect to host
-async.be: max-age too low: 0
+async.be: could not connect to host
+at-one.ca: did not receive HSTS header
at1.co: could not connect to host
atacadooptico.com.br: could not connect to host
atavio.at: could not connect to host
@@ -1489,6 +1540,7 @@ atbeckett.com: did not receive HSTS header
atcreform.gov: did not receive HSTS header
atelier-rk.com: did not receive HSTS header
atelier-viennois-cannes.fr: could not connect to host
+atelierhupsakee.nl: did not receive HSTS header
ateliernihongo.ch: did not receive HSTS header
ateliersantgervasi.com: did not receive HSTS header
atg.soy: could not connect to host
@@ -1500,21 +1552,21 @@ athi.pl: did not receive HSTS header
athul.xyz: could not connect to host
atk.me: could not connect to host
atkdesign.pt: did not receive HSTS header
-atlantaspringroll.com: could not connect to host
-atlantichomes.com.au: could not connect to host
atlas-5.site: could not connect to host
atlas-staging.ml: could not connect to host
atlas.co: did not receive HSTS header
atlassian.net: did not receive HSTS header
-atlayo.com: did not receive HSTS header
+atlayo.com: could not connect to host
atlex.nl: did not receive HSTS header
atlseccon.com: did not receive HSTS header
atmocdn.com: could not connect to host
atomic.menu: could not connect to host
+atomic.red: could not connect to host
atomik.pro: did not receive HSTS header
atop.io: could not connect to host
atracaosexshop.com.br: could not connect to host
atrevillot.com: could not connect to host
+attelage.net: did not receive HSTS header
attic118.com: could not connect to host
attilagyorffy.com: could not connect to host
attimidesigns.com: did not receive HSTS header
@@ -1524,6 +1576,7 @@ au.search.yahoo.com: max-age too low: 172800
au2pb.net: could not connect to host
aubiosales.com: could not connect to host
aucubin.moe: could not connect to host
+audiobookstudio.com: could not connect to host
audioonly.stream: could not connect to host
audiovisualdevices.com.au: did not receive HSTS header
audividi.shop: did not receive HSTS header
@@ -1532,10 +1585,13 @@ aufprise.de: did not receive HSTS header
augaware.org: did not receive HSTS header
augenblicke-blog.de: could not connect to host
augias.org: could not connect to host
+augiero.it: could not connect to host
augix.net: could not connect to host
augrandinquisiteur.com: did not receive HSTS header
+august.black: could not connect to host
aujapan.ru: could not connect to host
auntieme.com: did not receive HSTS header
+auntmia.com: could not connect to host
aur.rocks: did not receive HSTS header
aurainfosec.com: did not receive HSTS header
aurainfosec.com.au: did not receive HSTS header
@@ -1561,6 +1617,7 @@ australianfreebets.com.au: did not receive HSTS header
auth.mail.ru: did not receive HSTS header
authenitech.com: did not receive HSTS header
authentication.io: could not connect to host
+authinfo-bestellen.de: could not connect to host
authint.com: could not connect to host
author24.ru: did not receive HSTS header
authoritynutrition.com: did not receive HSTS header
@@ -1577,15 +1634,15 @@ autoecolebudget.ch: did not receive HSTS header
autoecoledumontblanc.com: could not connect to host
autoeet.cz: did not receive HSTS header
autojuhos.sk: could not connect to host
+autokovrik-diskont.ru: did not receive HSTS header
automobiles5.com: could not connect to host
autos-retro-plaisir.com: did not receive HSTS header
-autosearch.me: did not receive HSTS header
+autosearch.me: could not connect to host
autosiero.nl: did not receive HSTS header
autostock.me: could not connect to host
autostop-occasions.be: could not connect to host
autotsum.com: could not connect to host
autoxy.it: did not receive HSTS header
-autozane.com: could not connect to host
autumnwindsagility.com: could not connect to host
auverbox.ovh: could not connect to host
auvious.com: did not receive HSTS header
@@ -1595,23 +1652,25 @@ av.de: did not receive HSTS header
av01.tv: could not connect to host
av163.cc: could not connect to host
avadatravel.com: did not receive HSTS header
+avalyuan.com: could not connect to host
avantmfg.com: did not receive HSTS header
avaq.fr: did not receive HSTS header
avastantivirus.ro: did not receive HSTS header
avdelivers.com: did not receive HSTS header
avdh.top: could not connect to host
avec-ou-sans-ordonnance.fr: could not connect to host
-aveling-adventure.co.uk: could not connect to host
+aveling-adventure.co.uk: did not receive HSTS header
avg.club: did not receive HSTS header
avi9526.pp.ua: could not connect to host
aviacao.pt: did not receive HSTS header
avidcruiser.com: did not receive HSTS header
aviodeals.com: could not connect to host
-avitres.com: did not receive HSTS header
+avitres.com: could not connect to host
avmemo.com: could not connect to host
avmo.pw: could not connect to host
avmoo.com: could not connect to host
avonlearningcampus.com: could not connect to host
+avotoma.com: did not receive HSTS header
avso.pw: could not connect to host
avspot.net: could not connect to host
avus-automobile.com: did not receive HSTS header
@@ -1620,6 +1679,7 @@ awan.tech: could not connect to host
awanderlustadventure.com: did not receive HSTS header
awccanadianpharmacy.com: could not connect to host
awei.pub: could not connect to host
+awen.me: did not receive HSTS header
awf0.xyz: could not connect to host
awg-mode.de: did not receive HSTS header
awin.la: did not receive HSTS header
@@ -1635,6 +1695,7 @@ axem.co.jp: did not receive HSTS header
axeny.com: did not receive HSTS header
axg.io: did not receive HSTS header
axialsports.com: did not receive HSTS header
+axis-stralis.co.uk: could not connect to host
axiumacademy.com: did not receive HSTS header
axka.com: could not connect to host
axolsoft.com: max-age too low: 10540800
@@ -1659,6 +1720,7 @@ azlo.com: did not receive HSTS header
azprep.us: could not connect to host
azun.pl: did not receive HSTS header
azuxul.fr: could not connect to host
+azzag.co.uk: did not receive HSTS header
b-entropy.com: could not connect to host
b-pi.duckdns.org: could not connect to host
b-rickroll-e.pw: could not connect to host
@@ -1781,8 +1843,9 @@ b9king.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR
b9winner.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b9winner.com: could not connect to host
b9winner.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+baas-becking.biology.utah.edu: could not connect to host
+babarkata.com: could not connect to host
babelfisch.eu: could not connect to host
-babsbibs.com: could not connect to host
babursahvizeofisi.com: could not connect to host
baby-click.de: could not connect to host
babybee.ie: could not connect to host
@@ -1790,14 +1853,13 @@ babybic.hu: could not connect to host
babycs.house: could not connect to host
babyhouse.xyz: could not connect to host
babyliss-pro.com: could not connect to host
-babyliss-pro.net: did not receive HSTS header
+babyliss-pro.net: max-age too low: 0
babysaying.me: could not connect to host
babystep.tv: did not receive HSTS header
bacchanallia.com: could not connect to host
bacgrouppublishing.com: could not connect to host
bacimg.com: did not receive HSTS header
back-bone.nl: did not receive HSTS header
-backeby.eu: could not connect to host
backenmachtgluecklich.de: max-age too low: 2592000
backgroundchecks.online: did not receive HSTS header
backgroundz.net: could not connect to host
@@ -1815,22 +1877,22 @@ badcronjob.com: could not connect to host
badenhard.eu: could not connect to host
badgirlsbible.com: could not connect to host
badkamergigant.com: could not connect to host
-badlink.org: could not connect to host
baff.lu: could not connect to host
-baffinlee.com: could not connect to host
+baffinlee.com: did not receive HSTS header
bagiobella.com: max-age too low: 0
+bagstage.de: did not receive HSTS header
baiduaccount.com: could not connect to host
baildonhottubs.co.uk: could not connect to host
bair.io: could not connect to host
bairdzhang.com: could not connect to host
baito-j.jp: did not receive HSTS header
baixoutudo.com: did not receive HSTS header
-bajic.ch: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
bakabt.info: could not connect to host
bakanin.ru: could not connect to host
bakaweb.fr: could not connect to host
bakhansen.com: did not receive HSTS header
bakkerdesignandbuild.com: did not receive HSTS header
+bakongcondo.com: could not connect to host
bakxnet.com: could not connect to host
balatoni-nyar.hu: did not receive HSTS header
balcan-underground.net: could not connect to host
@@ -1858,15 +1920,15 @@ bandar303.cc: did not receive HSTS header
bandar303.id: did not receive HSTS header
bandar303.win: did not receive HSTS header
bandarifamily.com: could not connect to host
-bandb.xyz: could not connect to host
+bandb.xyz: did not receive HSTS header
bandrcrafts.com: did not receive HSTS header
banduhn.com: did not receive HSTS header
bangzafran.com: could not connect to host
bank: could not connect to host
bankcircle.co.in: could not connect to host
+bankfreeoffers.com: did not receive HSTS header
bankitt.network: could not connect to host
bankmilhas.com.br: did not receive HSTS header
-banknet.gov: did not receive HSTS header
bankofrealty.review: could not connect to host
banksaround.com: did not receive HSTS header
bannisbierblog.de: could not connect to host
@@ -1876,18 +1938,18 @@ banri.me: could not connect to host
banxehoi.com: did not receive HSTS header
bao-in.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
bao-in.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-baodan666.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+baodan666.com: could not connect to host
baosuckhoedoisong.net: could not connect to host
baptistboard.com: did not receive HSTS header
baptiste-destombes.fr: did not receive HSTS header
baraxolka.ru: could not connect to host
+barbaros.info: could not connect to host
barcouniforms.com: did not receive HSTS header
-bardiel.de: max-age too low: 0
-barely.sexy: could not connect to host
+barely.sexy: did not receive HSTS header
+barf-alarm.de: did not receive HSTS header
bargainmovingcompany.com: did not receive HSTS header
-bariller.fr: did not receive HSTS header
+bariller.fr: could not connect to host
baris-sagdic.com: could not connect to host
-barisi.me: could not connect to host
barnrats.com: could not connect to host
baropkamp.be: did not receive HSTS header
barprive.com: could not connect to host
@@ -1937,7 +1999,7 @@ bazarstupava.sk: could not connect to host
bazisszoftver.hu: could not connect to host
bb-shiokaze.jp: did not receive HSTS header
bbb1991.me: could not connect to host
-bbdos.ru: could not connect to host
+bbdos.ru: did not receive HSTS header
bbj.io: did not receive HSTS header
bbkanews.com: did not receive HSTS header
bblovess.cn: could not connect to host
@@ -1969,12 +2031,14 @@ bcnet.hk: could not connect to host
bcodeur.com: did not receive HSTS header
bcradio.org: could not connect to host
bcsytv.com: could not connect to host
+bcvps.com: could not connect to host
bcweightlifting.ca: could not connect to host
bdata.cl: did not receive HSTS header
bddemir.com: could not connect to host
bde-epitech.fr: could not connect to host
bdenzer.com: did not receive HSTS header
bdenzer.xyz: could not connect to host
+bdikaros-network.net: could not connect to host
bdsmxxxpics.com: could not connect to host
be9418.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
be9418.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -1991,6 +2055,7 @@ be958.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_
be9966.com: could not connect to host
beach-inspector.com: did not receive HSTS header
beachi.es: could not connect to host
+beacinsight.com: could not connect to host
beaglewatch.com: could not connect to host
beagreenbean.co.uk: could not connect to host
beamitapp.com: could not connect to host
@@ -2011,6 +2076,7 @@ becoast.fr: did not receive HSTS header
becubed.co: could not connect to host
bedabox.com: did not receive HSTS header
bedeta.de: could not connect to host
+bedlingtonterrier.com.br: could not connect to host
bedouille.com: could not connect to host
bedreid.dk: did not receive HSTS header
bedrijvenadministratie.nl: could not connect to host
@@ -2025,6 +2091,7 @@ befundup.com: could not connect to host
begcykel.com: did not receive HSTS header
begoodny.co.il: max-age too low: 7889238
behere.be: could not connect to host
+beholdthehurricane.com: did not receive HSTS header
beier.io: could not connect to host
beikeil.de: did not receive HSTS header
beingmad.org: did not receive HSTS header
@@ -2035,15 +2102,16 @@ belgien.guide: could not connect to host
belize-firmengruendung.com: could not connect to host
bellavistaoutdoor.com: could not connect to host
belliash.eu.org: did not receive HSTS header
-belltower.io: did not receive HSTS header
+belltower.io: could not connect to host
belmontprom.com: could not connect to host
belpbleibtbelp.ch: could not connect to host
+belua.com: did not receive HSTS header
belwederczykow.eu: could not connect to host
bemvindoaolar.com.br: could not connect to host
bemyvictim.com: max-age too low: 2678400
-benchcast.com: could not connect to host
-bencorby.com: could not connect to host
+benchcast.com: did not receive HSTS header
bendechrai.com: did not receive HSTS header
+bendingtheending.com: did not receive HSTS header
benedikt-tuchen.de: could not connect to host
benediktdichgans.de: did not receive HSTS header
beneffy.com: did not receive HSTS header
@@ -2056,7 +2124,9 @@ benhchuyenkhoa.net: could not connect to host
benjakesjohnson.com: could not connect to host
benjamin-horvath.com: could not connect to host
benjamin-suess.de: could not connect to host
+benjamindietrich.com: could not connect to host
benjaminesims.com: did not receive HSTS header
+benjaminjurke.net: did not receive HSTS header
benk.press: could not connect to host
benny003.de: could not connect to host
benohead.com: did not receive HSTS header
@@ -2069,6 +2139,7 @@ bep.gov: did not receive HSTS header
bep362.vn: could not connect to host
beraru.tk: could not connect to host
beraten-entwickeln-steuern.de: could not connect to host
+berdaguermontes.eu: could not connect to host
berdu.id: did not receive HSTS header
berduri.com: did not receive HSTS header
beretech.fr: could not connect to host
@@ -2076,14 +2147,14 @@ berger.work: could not connect to host
bergfex.at: did not receive HSTS header
bergland-seefeld.at: did not receive HSTS header
berhampore-gateway.tk: could not connect to host
-berlatih.com: did not receive HSTS header
+berinhard.pl: did not receive HSTS header
+berlatih.com: could not connect to host
+berliancom.com: did not receive HSTS header
berlin-kohlefrei.de: could not connect to host
berlinleaks.com: could not connect to host
bermytraq.bm: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
bernexskiclub.ch: did not receive HSTS header
bernieware.de: could not connect to host
-berr.yt: could not connect to host
-berry.cat: could not connect to host
berrymark.be: did not receive HSTS header
berseb.se: could not connect to host
berthelier.me: could not connect to host
@@ -2106,7 +2177,7 @@ bestbestbitcoin.com: could not connect to host
bestbonuses.co.uk: did not receive HSTS header
bestellipticalmachinereview.info: could not connect to host
bestesb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-bestesb.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+bestesb.net: could not connect to host
bestfitnesswatchreview.info: could not connect to host
besthost.cz: did not receive HSTS header
besthotsales.com: could not connect to host
@@ -2117,7 +2188,6 @@ bestof1001.de: could not connect to host
bestorangeseo.com: could not connect to host
bestpaintings.nl: did not receive HSTS header
bestparking.xyz: could not connect to host
-bestpig.fr: could not connect to host
bestwarezone.com: could not connect to host
bet-99.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
bet-99.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -2129,8 +2199,8 @@ bet990.com: could not connect to host
bet9bet9.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
betaclean.fr: did not receive HSTS header
betafive.net: could not connect to host
-betakah.net: could not connect to host
-betamint.org: did not receive HSTS header
+betakah.net: did not receive HSTS header
+betamint.org: could not connect to host
betcafearena.ro: could not connect to host
betformular.com: could not connect to host
betgo9.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -2144,9 +2214,8 @@ bets.de: did not receive HSTS header
betshoot.com: could not connect to host
betsonlinefree.com.au: could not connect to host
betterlifemakers.com: max-age too low: 200
-bettflaschen.ch: did not receive HSTS header
bettween.com: did not receive HSTS header
-between.be: could not connect to host
+between.be: did not receive HSTS header
betwin9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
betwin9.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
betz.ro: could not connect to host
@@ -2160,6 +2229,7 @@ bexit-security.nl: could not connect to host
bexithosting.nl: could not connect to host
bey.io: could not connect to host
beylikduzum.com: could not connect to host
+beylikduzuvaillant.com: could not connect to host
beyond-edge.com: could not connect to host
beyuna.co.uk: did not receive HSTS header
beyuna.eu: did not receive HSTS header
@@ -2169,13 +2239,12 @@ bezoomnyville.com: could not connect to host
bezorg.ninja: could not connect to host
bezprawnik.pl: did not receive HSTS header
bf.am: max-age too low: 0
-bf7088.com: did not receive HSTS header
-bf7877.com: did not receive HSTS header
bfd.vodka: did not receive HSTS header
bfear.com: could not connect to host
bfelob.gov: could not connect to host
bffm.biz: could not connect to host
bfrailwayclub.cf: could not connect to host
+bg-sexologia.com: could not connect to host
bg16.de: could not connect to host
bgcparkstad.nl: did not receive HSTS header
bgdaddy.com: did not receive HSTS header
@@ -2188,6 +2257,7 @@ bianinapiccanovias.com: could not connect to host
biaoqingfuhao.net: did not receive HSTS header
biaoqingfuhao.org: did not receive HSTS header
biapinheiro.com.br: max-age too low: 5184000
+biathloncup.ru: could not connect to host
biblerhymes.com: did not receive HSTS header
bibliafeminina.com.br: could not connect to host
bichines.es: did not receive HSTS header
@@ -2203,7 +2273,7 @@ bienenblog.cc: could not connect to host
bier.jp: did not receive HSTS header
bierbringer.at: could not connect to host
bierochs.org: could not connect to host
-biftin.net: could not connect to host
+biewen.me: could not connect to host
big-black.de: did not receive HSTS header
bigbbqbrush.bid: could not connect to host
bigbounceentertainment.co.uk: could not connect to host
@@ -2220,13 +2290,14 @@ bijoux.com.br: could not connect to host
bijouxbrasil.com.br: did not receive HSTS header
bijouxdegriffe.com.br: could not connect to host
bijugeral.com.br: could not connect to host
+bijuteriicualint.ro: could not connect to host
bikelifetvkidsquads.co.uk: could not connect to host
bikermusic.net: could not connect to host
bilanligne.com: did not receive HSTS header
bildermachr.de: could not connect to host
biletua.de: could not connect to host
-biletyplus.com: could not connect to host
biletyplus.ru: did not receive HSTS header
+bilibili.red: could not connect to host
bill-nye-the.science: did not receive HSTS header
billdestler.com: did not receive HSTS header
billigssl.dk: did not receive HSTS header
@@ -2239,6 +2310,7 @@ binam.center: could not connect to host
binarization.net: could not connect to host
binarization.org: did not receive HSTS header
binaryabstraction.com: could not connect to host
+binaryevolved.com: could not connect to host
binaryfigments.com: max-age too low: 7776000
binbin9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
binbin9.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -2250,6 +2322,7 @@ bingo9.net: could not connect to host
bingofriends.com: could not connect to host
bingostars.com: did not receive HSTS header
binimo.com: could not connect to host
+binkanhada.biz: could not connect to host
biocrafting.net: did not receive HSTS header
bioespuna.eu: did not receive HSTS header
biofam.ru: did not receive HSTS header
@@ -2266,13 +2339,15 @@ birkengarten.ch: could not connect to host
birkman.com: did not receive HSTS header
biscuits-rec.com: could not connect to host
biscuits-shop.com: could not connect to host
+bismarck-tb.de: could not connect to host
bismarck.moe: did not receive HSTS header
bisterfeldt.com: did not receive HSTS header
+bistrodeminas.com: could not connect to host
biswas.me: could not connect to host
bit.voyage: did not receive HSTS header
bitace.com: did not receive HSTS header
bitbit.org: did not receive HSTS header
-bitbr.net: could not connect to host
+bitbr.net: did not receive HSTS header
bitcantor.com: did not receive HSTS header
bitchan.it: could not connect to host
bitclubfun.com: did not receive HSTS header
@@ -2280,6 +2355,7 @@ bitcoin-casino-no-deposit-bonus.com: max-age too low: 0
bitcoin-class.com: could not connect to host
bitcoin-daijin.com: could not connect to host
bitcoin.com: did not receive HSTS header
+bitcoinclashic.ninja: could not connect to host
bitcoinec.info: could not connect to host
bitcoinfo.jp: did not receive HSTS header
bitcoinhk.org: did not receive HSTS header
@@ -2296,7 +2372,6 @@ bitf.ly: could not connect to host
bitfactory.ws: could not connect to host
bitfarm-archiv.com: did not receive HSTS header
bitfarm-archiv.de: did not receive HSTS header
-bithap.com: could not connect to host
bitheus.com: could not connect to host
bithosting.io: did not receive HSTS header
bitk.co: did not receive HSTS header
@@ -2312,7 +2387,6 @@ bitmex.com: did not receive HSTS header
bitmexin.com: could not connect to host
bitmon.net: could not connect to host
bitnet.io: did not receive HSTS header
-bitok.com: did not receive HSTS header
bitplay.space: could not connect to host
bitpod.de: could not connect to host
bitrage.de: could not connect to host
@@ -2333,6 +2407,7 @@ bizedge.co.nz: did not receive HSTS header
bizon.sk: did not receive HSTS header
bizpare.com: did not receive HSTS header
bizzartech.com: did not receive HSTS header
+bizzi.tv: could not connect to host
bizzybeebouncers.co.uk: could not connect to host
bjgongyi.com: did not receive HSTS header
bjl5689.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -2342,6 +2417,8 @@ bjtxl.cn: could not connect to host
bk-wife.com: could not connect to host
bkb-skandal.ch: could not connect to host
bkhayes.com: did not receive HSTS header
+bl00.se: could not connect to host
+blaauwgeers.travel: could not connect to host
black-armada.com: could not connect to host
black-armada.com.pl: could not connect to host
black-armada.pl: could not connect to host
@@ -2349,22 +2426,24 @@ black-gay-porn.biz: could not connect to host
black-octopus.ru: could not connect to host
blackapron.com.br: could not connect to host
blackberrycentral.com: could not connect to host
+blackberryforums.be: did not receive HSTS header
blackburn.link: could not connect to host
blackdesertsp.com: could not connect to host
blackdiam.net: did not receive HSTS header
+blackdragoninc.org: could not connect to host
blacklane.com: did not receive HSTS header
blackly.uk: max-age too low: 0
blackmagic.sk: could not connect to host
blackmirror.com.au: did not receive HSTS header
-blackpayment.ru: could not connect to host
blackphantom.de: could not connect to host
blackscreen.me: could not connect to host
-blackscytheconsulting.com: could not connect to host
blackunicorn.wtf: could not connect to host
bladesmith.io: did not receive HSTS header
blakerandall.xyz: did not receive HSTS header
blantik.net: could not connect to host
+blantr.com: could not connect to host
blarg.co: could not connect to host
+blauerhunger.de: could not connect to host
blauwwit.be: did not receive HSTS header
blazeit.io: could not connect to host
blechpirat.name: could not connect to host
@@ -2375,8 +2454,8 @@ blessedearth.com.au: max-age too low: 7889238
blessnet.jp: did not receive HSTS header
bleutecmedia.com: did not receive HSTS header
blha303.com.au: could not connect to host
-bliesekow.net: could not connect to host
bliker.ga: could not connect to host
+blikund.swedbank.se: did not receive HSTS header
blindaryproduction.tk: could not connect to host
blindsexdate.nl: did not receive HSTS header
bling9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -2385,6 +2464,7 @@ bling999.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERR
bling999.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
blinkenlight.co.uk: could not connect to host
blinkenlight.com.au: could not connect to host
+blizz.news: max-age too low: 0
blmiller.com: did not receive HSTS header
blocksatz-medien.de: could not connect to host
blockshopauto.com: could not connect to host
@@ -2394,6 +2474,8 @@ blog.cyveillance.com: did not receive HSTS header
blog.gparent.org: could not connect to host
blog.torproject.org: max-age too low: 1000
blogabout.ru: could not connect to host
+blogcuaviet.com: could not connect to host
+blogdeyugioh.com: could not connect to host
blogdieconomia.it: did not receive HSTS header
blogdimoda.com: did not receive HSTS header
blogdimotori.it: did not receive HSTS header
@@ -2414,7 +2496,9 @@ blubbablasen.de: could not connect to host
blucas.org: did not receive HSTS header
blue17.co.uk: did not receive HSTS header
bluebill.net: did not receive HSTS header
-bluecon.eu: did not receive HSTS header
+bluecardlottery.eu: did not receive HSTS header
+bluecards.eu: did not receive HSTS header
+bluecon.eu: could not connect to host
bluefinger.nl: did not receive HSTS header
blueglobalmedia.com: could not connect to host
bluehawk.cloud: could not connect to host
@@ -2431,6 +2515,7 @@ bluesecure.com.br: could not connect to host
bluetenmeer.com: did not receive HSTS header
bluezonehealth.co.uk: did not receive HSTS header
blui.cf: max-age too low: 1209600
+bluiandaj.ml: could not connect to host
bluketing.com: did not receive HSTS header
blumen-binder.ch: did not receive HSTS header
blumen-garage.de: could not connect to host
@@ -2464,12 +2549,15 @@ bo9king.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERRO
board-buy.ru: could not connect to host
bobaobei.org: could not connect to host
bobep.ru: could not connect to host
+bobiji.com: could not connect to host
boboates.com: did not receive HSTS header
+bodixite.com: could not connect to host
bodo-wolff.de: could not connect to host
bodrumfarm.com: could not connect to host
bodyblog.nl: did not receive HSTS header
bodybuilding-legends.com: could not connect to host
bodybuilding.events: could not connect to host
+bodymusclejournal.com: could not connect to host
bodyweightsolution.com: could not connect to host
boel073.nl: did not receive HSTS header
boensou.com: did not receive HSTS header
@@ -2481,6 +2569,7 @@ boilesen.com: did not receive HSTS header
bokeyy.com: could not connect to host
bolainfoasia.com: did not receive HSTS header
bolivarfm.com.ve: could not connect to host
+bollywood.uno: did not receive HSTS header
boltdata.io: could not connect to host
boltn.uk: did not receive HSTS header
bolwerk.com.br: did not receive HSTS header
@@ -2491,20 +2580,20 @@ bonapp.restaurant: could not connect to host
bondagefetishstore.com: could not connect to host
bondtofte.dk: did not receive HSTS header
boneko.de: did not receive HSTS header
-bonesserver.com: could not connect to host
bonigo.de: did not receive HSTS header
bonitabrazilian.co.nz: did not receive HSTS header
bonnin.fr: did not receive HSTS header
bonobo.cz: could not connect to host
-bonop.com: did not receive HSTS header
+bonop.com: could not connect to host
bonta.one: could not connect to host
bonus-flexi.com: did not receive HSTS header
boobox.xyz: could not connect to host
-book-of-ra.de: did not receive HSTS header
+boodaah.com: did not receive HSTS header
+book-of-ra.de: could not connect to host
bookcelerator.com: did not receive HSTS header
booked.holiday: could not connect to host
bookingentertainment.com: did not receive HSTS header
-bookmakersfreebets.com.au: could not connect to host
+bookmakersfreebets.com.au: did not receive HSTS header
bookofraonlinecasinos.com: could not connect to host
bookourdjs.com: could not connect to host
bookreport.ga: could not connect to host
@@ -2513,10 +2602,12 @@ bookwitty.social: could not connect to host
boomerang.com: did not receive HSTS header
boomsaki.com: did not receive HSTS header
boomsakis.com: did not receive HSTS header
+boonehenry.co.uk: did not receive HSTS header
boosterlearnpro.com: did not receive HSTS header
boostgame.win: could not connect to host
boote.wien: could not connect to host
booter.es: could not connect to host
+booter.pw: did not receive HSTS header
booth.in.th: could not connect to host
bootikexpress.fr: did not receive HSTS header
boozinyan.com: could not connect to host
@@ -2530,19 +2621,20 @@ boris.one: could not connect to host
borisavstankovic.rs: could not connect to host
borisbesemer.com: could not connect to host
born-to-learn.com: could not connect to host
+borowski.pw: could not connect to host
borrelioz.com: did not receive HSTS header
borscheid-wenig.com: did not receive HSTS header
+borzoi.com.br: could not connect to host
boschee.net: could not connect to host
bosworthdental.co.uk: did not receive HSTS header
botlab.ch: could not connect to host
botmanager.pl: could not connect to host
botox.bz: did not receive HSTS header
bots.cat: could not connect to host
-botserver.de: could not connect to host
+bottke.berlin: could not connect to host
boueki.jp: did not receive HSTS header
boueki.org: did not receive HSTS header
bouk.co: could not connect to host
-bounce-r-us.co.uk: did not receive HSTS header
bouncebeyondcastles.co.uk: did not receive HSTS header
bounceboxspc.com: did not receive HSTS header
bouncecoffee.com: did not receive HSTS header
@@ -2555,10 +2647,12 @@ bouncingbuzzybees.co.uk: could not connect to host
bouncycastleandparty.co.uk: could not connect to host
bouncycastlehiremedway.com: did not receive HSTS header
bouncycastles.me: could not connect to host
+bouncycastlesperth.net: could not connect to host
+bouncyhouses.co.uk: did not receive HSTS header
bouncymadness.com: did not receive HSTS header
bouwbedrijfpurmerend.nl: did not receive HSTS header
bowlsheet.com: did not receive HSTS header
-bownty.pt: max-age too low: 0
+bownty.pt: could not connect to host
boxcryptor.com: did not receive HSTS header
boxdevigneron.fr: could not connect to host
boxing-austria.eu: did not receive HSTS header
@@ -2575,6 +2669,7 @@ bp-wahl.at: did not receive HSTS header
bpadvisors.eu: could not connect to host
bqcp.net: could not connect to host
bqtoolbox.com: could not connect to host
+bracoitaliano.com.br: could not connect to host
braemer-it-consulting.de: could not connect to host
bragasoft.com.br: did not receive HSTS header
bragaweb.com.br: could not connect to host
@@ -2588,16 +2683,14 @@ braintm.com: could not connect to host
braintreebouncycastles.com: could not connect to host
braintreegateway.com: did not receive HSTS header
braintreepayments.com: did not receive HSTS header
-brainvation.de: did not receive HSTS header
-brakstad.org: could not connect to host
bran.cc: could not connect to host
bran.soy: could not connect to host
branchzero.com: did not receive HSTS header
brand-foo.com: did not receive HSTS header
brand-foo.jp: did not receive HSTS header
brand-foo.net: did not receive HSTS header
+brandbuilderwebsites.com: could not connect to host
brandnewdays.nl: could not connect to host
-brando753.xyz: could not connect to host
brandon.so: could not connect to host
brandonlui.ml: could not connect to host
brandons.site: could not connect to host
@@ -2608,9 +2701,11 @@ brasilien.guide: could not connect to host
brasilmorar.com: did not receive HSTS header
bravz.de: could not connect to host
brb.city: did not receive HSTS header
+breadofgod.org: could not connect to host
breatheav.com: did not receive HSTS header
breatheproduction.com: did not receive HSTS header
breeswish.org: did not receive HSTS header
+bregnedalsystems.dk: did not receive HSTS header
bremensaki.com: max-age too low: 2592000
brenden.net.au: could not connect to host
bress.cloud: could not connect to host
@@ -2618,6 +2713,8 @@ brettcornwall.com: did not receive HSTS header
brettpemberton.xyz: did not receive HSTS header
bretz-hufer.de: did not receive HSTS header
brfvh24.se: could not connect to host
+briangarcia.ga: could not connect to host
+brianmwaters.net: did not receive HSTS header
brianpcurran.com: did not receive HSTS header
brickoo.com: could not connect to host
brickwerks.io: could not connect to host
@@ -2654,15 +2751,13 @@ brownlawoffice.us: did not receive HSTS header
browserid.org: could not connect to host
brplusdigital.com: could not connect to host
brrd.io: could not connect to host
+bruckner.li: could not connect to host
brunix.net: did not receive HSTS header
brunoonline.co.uk: could not connect to host
bryancastillo.site: could not connect to host
-bryankaplan.com: could not connect to host
bryanshearer.accountant: did not receive HSTS header
bryn.xyz: could not connect to host
brynnan.nl: could not connect to host
-brztec.com: did not receive HSTS header
-bs.sb: could not connect to host
bsagan.fr: did not receive HSTS header
bsalyzer.com: could not connect to host
bsc01.dyndns.org: could not connect to host
@@ -2674,28 +2769,29 @@ bsklabels.com: did not receive HSTS header
bsktweetup.info: could not connect to host
bsohoekvanholland.nl: could not connect to host
bsuess.de: could not connect to host
-bt78.cn: did not receive HSTS header
+bsuru.xyz: could not connect to host
+bt78.cn: could not connect to host
bt85.cn: could not connect to host
bt9.cc: did not receive HSTS header
bt96.cn: did not receive HSTS header
bt995.com: did not receive HSTS header
btaoke.com: could not connect to host
btc-e.com: could not connect to host
+btc2secure.com: could not connect to host
btcdlc.com: could not connect to host
btcgo.nl: did not receive HSTS header
btcp.space: could not connect to host
btcpot.ltd: could not connect to host
+btku.org: could not connect to host
btrb.ml: could not connect to host
btserv.de: did not receive HSTS header
-btth.live: could not connect to host
+bturboo.com: could not connect to host
btxiaobai.com: did not receive HSTS header
bubba.cc: could not connect to host
buben.tech: did not receive HSTS header
-bubulazi.com: did not receive HSTS header
-bubulazy.com: did not receive HSTS header
buchheld.at: could not connect to host
buchverlag-scholz.de: did not receive HSTS header
-buck.com: could not connect to host
+buck.com: did not receive HSTS header
bucket.tk: could not connect to host
buckmulligans.com: did not receive HSTS header
budaev-shop.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -2703,6 +2799,7 @@ buddhistische-weisheiten.org: could not connect to host
budgetenergievriendenvoordeel.nl: could not connect to host
budgetthostels.nl: did not receive HSTS header
budskap.eu: could not connect to host
+buehnenbande.ch: max-age too low: 2592000
buenosairesestetica.com.ar: could not connect to host
buenotour.ru: did not receive HSTS header
buergerdialog.net: could not connect to host
@@ -2710,7 +2807,6 @@ buergerhaushalt.com: did not receive HSTS header
buffalodrinkinggame.beer: did not receive HSTS header
bugtrack.co.uk: did not receive HSTS header
bugtrack.io: could not connect to host
-bugwie.com: did not receive HSTS header
buhler.pro: did not receive HSTS header
buiko.com: did not receive HSTS header
build.chromium.org: did not receive HSTS header (error ignored - included regardless)
@@ -2727,6 +2823,7 @@ built.by: did not receive HSTS header
buka.jp: could not connect to host
bukai.men: did not receive HSTS header
bukatv.cz: could not connect to host
+bulbgenie.com: could not connect to host
buldogueingles.com.br: could not connect to host
bulgarien.guide: could not connect to host
bulkbuy.tech: could not connect to host
@@ -2767,6 +2864,7 @@ bush41.org: did not receive HSTS header
bushcraftfriends.com: could not connect to host
business.lookout.com: could not connect to host
business.medbank.com.mt: did not receive HSTS header
+businessadviceperth.com.au: did not receive HSTS header
businessamongus.com: could not connect to host
businessetmarketing.com: could not connect to host
businessfurs.info: could not connect to host
@@ -2784,34 +2882,33 @@ butterfieldstraining.com: could not connect to host
buttermilk.cf: could not connect to host
buturyu.org: did not receive HSTS header
buvinghausen.com: max-age too low: 86400
-buy-thing.com: did not receive HSTS header
+buy-thing.com: could not connect to host
buyaccessible.gov: did not receive HSTS header
buybaby.eu: could not connect to host
-buybike.shop: did not receive HSTS header
-buycarpet.shop: did not receive HSTS header
-buycook.shop: max-age too low: 2592000
buydesired.com: did not receive HSTS header
buyessay.org: could not connect to host
buyessays.net: could not connect to host
buyessayscheap.com: could not connect to host
buyfox.de: could not connect to host
buyharpoon.com: could not connect to host
-buyhealth.shop: did not receive HSTS header
buyingsellingflorida.com: could not connect to host
-buyjewel.shop: did not receive HSTS header
buynowdepot.com: did not receive HSTS header
-buyplussize.shop: did not receive HSTS header
-buyprofessional.shop: max-age too low: 2592000
buyshoe.org: could not connect to host
-buywine.shop: did not receive HSTS header
buywood.shop: could not connect to host
-buzzconcert.com: did not receive HSTS header
+buzzconcert.com: could not connect to host
buzzdeck.com: did not receive HSTS header
buzztelco.com.au: could not connect to host
bvexplained.co.uk: could not connect to host
bvionline.eu: did not receive HSTS header
+bvv-europe.eu: could not connect to host
bw81.xyz: could not connect to host
bwear4all.de: could not connect to host
+bwf11.com: could not connect to host
+bwf55.com: could not connect to host
+bwf6.com: could not connect to host
+bwf66.com: could not connect to host
+bwf77.com: could not connect to host
+bwf99.com: could not connect to host
bwin86.com: did not receive HSTS header
bwin8601.com: did not receive HSTS header
bwin8602.com: did not receive HSTS header
@@ -2819,7 +2916,9 @@ bwin8603.com: did not receive HSTS header
bwin8604.com: did not receive HSTS header
bwin8605.com: did not receive HSTS header
bwin8606.com: did not receive HSTS header
+bwwb.nu: did not receive HSTS header
bx-web.com: did not receive HSTS header
+by.cx: did not receive HSTS header
by1896.com: could not connect to host
by1898.com: could not connect to host
by1899.com: could not connect to host
@@ -2855,7 +2954,6 @@ byronwade.com: did not receive HSTS header
byte.chat: did not receive HSTS header
byte.wtf: did not receive HSTS header
bytelog.org: did not receive HSTS header
-bytepen.com: could not connect to host
bytesatwork.eu: could not connect to host
byteshift.ca: could not connect to host
bytesofcode.de: could not connect to host
@@ -2863,6 +2961,7 @@ bytesund.biz: could not connect to host
byteturtle.eu: did not receive HSTS header
byurudraw.pics: could not connect to host
bywin9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+bzhub.bid: could not connect to host
c-rickroll-v.pw: could not connect to host
c0rn3j.com: could not connect to host
c12discountonline.com: did not receive HSTS header
@@ -2877,20 +2976,20 @@ c3bbs.com: could not connect to host
c3hv.cn: could not connect to host
c3ie.com: did not receive HSTS header
c4.hk: could not connect to host
-c5h8no4na.net: could not connect to host
+cablehighspeed.net: could not connect to host
cabsites.com: could not connect to host
cabusar.fr: could not connect to host
cachethome.com: could not connect to host
cachethq.io: did not receive HSTS header
caconnect.org: could not connect to host
cadao.me: did not receive HSTS header
-cadburymovies.in.net: did not receive HSTS header
-cadcreations.co.ke: could not connect to host
+cadburymovies.in.net: could not connect to host
cadenadg.gr: did not receive HSTS header
caerostris.com: could not connect to host
caesreon.com: could not connect to host
-cafe-murr.de: did not receive HSTS header
+cafe-murr.de: could not connect to host
cafe-scientifique.org.ec: could not connect to host
+cafe-service.ru: could not connect to host
cafechesscourt.com: could not connect to host
cafefresco.pe: did not receive HSTS header
cafesg.net: did not receive HSTS header
@@ -2899,7 +2998,6 @@ caim.cz: did not receive HSTS header
caipai.fm: could not connect to host
cairnterrier.com.br: could not connect to host
cais.de: did not receive HSTS header
-caizx.com: did not receive HSTS header
cajapopcorn.com: max-age too low: 0
cake.care: could not connect to host
cal.goip.de: could not connect to host
@@ -2908,6 +3006,7 @@ calculatoaresecondhand.xyz: could not connect to host
caldecotevillagehall.co.uk: could not connect to host
calebmorris.com: max-age too low: 60
calgaryconstructionjobs.com: did not receive HSTS header
+calidoinvierno.com: could not connect to host
callabs.net: could not connect to host
callanbryant.co.uk: did not receive HSTS header
calleveryday.com: could not connect to host
@@ -2926,10 +3025,13 @@ cambridgeanalytica.net: could not connect to host
cambridgeanalytica.org: did not receive HSTS header
camisadotorcedor.com.br: could not connect to host
camjackson.net: did not receive HSTS header
+camjobs.net: did not receive HSTS header
cammarkets.com: could not connect to host
-campaignelves.com: did not receive HSTS header
+campaignelves.com: could not connect to host
campbellsoftware.co.uk: could not connect to host
+campbrainybunch.com: did not receive HSTS header
campeoesdofutebol.com.br: did not receive HSTS header
+campeonatoalemao.com.br: could not connect to host
campfire.co.il: did not receive HSTS header
campfourpaws.com: did not receive HSTS header
campingcarlovers.com: could not connect to host
@@ -2947,13 +3049,11 @@ candratech.com: could not connect to host
candygirl.shop: could not connect to host
candykidsentertainment.co.uk: did not receive HSTS header
candylion.rocks: could not connect to host
-canerkorkmaz.com: could not connect to host
canifis.net: did not receive HSTS header
cannarobotics.com: could not connect to host
canterbury.ws: could not connect to host
canva-dev.com: could not connect to host
canyons.media: did not receive HSTS header
-canyonshoa.com: did not receive HSTS header
caodecristachines.com.br: could not connect to host
caoyu.info: did not receive HSTS header
capacent.is: did not receive HSTS header
@@ -2973,6 +3073,7 @@ car-navi.ph: did not receive HSTS header
car-rental24.com: did not receive HSTS header
carano-service.de: did not receive HSTS header
caraudio69.cz: did not receive HSTS header
+carbonmonoxidelawyer.net: could not connect to host
card-cashing.com: max-age too low: 0
card-toka.jp: could not connect to host
cardloan-manual.net: could not connect to host
@@ -2987,8 +3088,6 @@ carey.bio: did not receive HSTS header
carey.li: did not receive HSTS header
carif-idf.net: could not connect to host
carif-idf.org: could not connect to host
-carlandfaith.com: could not connect to host
-carlgo11.com: did not receive HSTS header
carlolly.co.uk: could not connect to host
carlosalves.info: could not connect to host
carloshmm.com: could not connect to host
@@ -3000,11 +3099,13 @@ caroli.biz: could not connect to host
caroli.info: could not connect to host
carpliyz.com: did not receive HSTS header
carrando.de: could not connect to host
-carredejardin.com: could not connect to host
+carredejardin.com: did not receive HSTS header
+carrentalsathens.com: max-age too low: 0
carroarmato0.be: did not receive HSTS header
carsforbackpackers.com: could not connect to host
carsten.pw: did not receive HSTS header
carstenfeuls.de: did not receive HSTS header
+cartelcircuit.com: could not connect to host
carterorland.com: could not connect to host
cartesunicef.be: did not receive HSTS header
carwashvapeur.be: could not connect to host
@@ -3020,33 +3121,34 @@ cashfortulsahouses.com: could not connect to host
cashless.fr: did not receive HSTS header
cashmyphone.ch: could not connect to host
cashsector.ga: could not connect to host
-casino-cash-flow.su: could not connect to host
-casino-cashflow.ru: could not connect to host
casinocashflow.ru: could not connect to host
casinolegal.pt: did not receive HSTS header
casinolistings.com: could not connect to host
casinoluck.com: could not connect to host
casinoreal.com: could not connect to host
casinostest.com: could not connect to host
-casionova.org: did not receive HSTS header
+casionova.org: could not connect to host
casioshop.eu: did not receive HSTS header
casjay.com: did not receive HSTS header
casovi.cf: could not connect to host
castagnonavocats.com: did not receive HSTS header
castlejackpot.com: did not receive HSTS header
+castleswa.com.au: could not connect to host
cata.ga: could not connect to host
catalin.pw: could not connect to host
catarsisvr.com: could not connect to host
catcontent.cloud: could not connect to host
caterkids.com: did not receive HSTS header
-catgirl.me: could not connect to host
+catgirl.me: did not receive HSTS header
catgirl.pics: could not connect to host
catharisme.org: could not connect to host
catherineidylle.com: max-age too low: 0
catherinesarasin.com: did not receive HSTS header
+cathosting.org: could not connect to host
catinmay.com: did not receive HSTS header
catnapstudios.com: could not connect to host
catnmeow.com: could not connect to host
+catprog.org: could not connect to host
catsmagic.pp.ua: could not connect to host
causae-fincas.es: did not receive HSTS header
causae.es: did not receive HSTS header
@@ -3057,16 +3159,19 @@ cavedevs.de: could not connect to host
cavedroid.xyz: could not connect to host
cavern.tv: did not receive HSTS header
cayafashion.de: did not receive HSTS header
+cayounglab.co.jp: did not receive HSTS header
cbamo.org: did not receive HSTS header
cbi-epa.gov: could not connect to host
cc2729.com: did not receive HSTS header
ccayearbook.com: could not connect to host
ccblog.de: did not receive HSTS header
+ccgn.co: could not connect to host
ccja.ro: did not receive HSTS header
ccl-sti.ch: did not receive HSTS header
ccretreatandfarm.com: did not receive HSTS header
cctech.ph: could not connect to host
cctld.com: could not connect to host
+ccu.io: could not connect to host
ccv.eu: did not receive HSTS header
cd0.us: could not connect to host
cdcpartners.gov: could not connect to host
@@ -3100,10 +3205,11 @@ cem.pw: did not receive HSTS header
cencalvia.org: could not connect to host
centennialrewards.com: did not receive HSTS header
centerforpolicy.org: could not connect to host
+centillien.com: did not receive HSTS header
centos.pub: could not connect to host
central4.me: could not connect to host
centralcountiesservices.org: did not receive HSTS header
-centralfor.me: did not receive HSTS header
+centralfor.me: could not connect to host
centrallead.net: could not connect to host
centralvacsunlimited.net: did not receive HSTS header
centralvoice.org: could not connect to host
@@ -3112,7 +3218,7 @@ centrepoint-community.com: could not connect to host
centricbeats.com: did not receive HSTS header
centrolavoro.org: did not receive HSTS header
centsforchange.net: could not connect to host
-century-group.com: could not connect to host
+century-group.com: max-age too low: 2592000
ceoimon.com: did not receive HSTS header
ceoptique.com: could not connect to host
cercevelet.com: did not receive HSTS header
@@ -3136,20 +3242,19 @@ cesidianroot.eu: could not connect to host
cespri.com.pe: did not receive HSTS header
ceta.one: did not receive HSTS header
cevrimici.com: could not connect to host
-cf-tm.net: could not connect to host
cf11.de: did not receive HSTS header
cfcnexus.org: could not connect to host
cfcproperties.com: did not receive HSTS header
cfetengineering.com: could not connect to host
cfneia.org: did not receive HSTS header
cfoitplaybook.com: could not connect to host
-cfsh.tk: could not connect to host
cganx.org: could not connect to host
cgerstner.eu: did not receive HSTS header
cgsshelper.tk: could not connect to host
cgtx.us: could not connect to host
chabaojia.com: did not receive HSTS header
chadklass.com: could not connect to host
+chadtaljaardt.com: could not connect to host
chahub.com: could not connect to host
chainmonitor.com: could not connect to host
chairinstitute.com: did not receive HSTS header
@@ -3166,28 +3271,26 @@ chandlerredding.com: could not connect to host
changelab.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
changetip.com: did not receive HSTS header
channelcards.com: did not receive HSTS header
-channellife.asia: could not connect to host
+channellife.asia: did not receive HSTS header
channellife.co.nz: did not receive HSTS header
channellife.com.au: did not receive HSTS header
-channyc.com: did not receive HSTS header
+channyc.com: could not connect to host
chaos.fail: could not connect to host
chaoscastles.co.uk: did not receive HSTS header
-chaospott.de: did not receive HSTS header
-chaoswars.ddns.net: could not connect to host
chaoswebs.net: did not receive HSTS header
+chaoticlaw.com: did not receive HSTS header
chaouby.com: could not connect to host
charakato.com: could not connect to host
-charge.co: could not connect to host
chargejuice.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
charityclear.com: could not connect to host
charitystreet.co.uk: could not connect to host
charl.eu: could not connect to host
charlesjay.com: could not connect to host
-charlestonfacialplastic.com: did not receive HSTS header
charlestonsecuritysystems.net: did not receive HSTS header
charliemcneive.com: could not connect to host
charlimarie.com: did not receive HSTS header
charlipopkids.com.au: did not receive HSTS header
+charmyadesara.com: could not connect to host
charnleyhouse.co.uk: did not receive HSTS header
charonsecurity.com: could not connect to host
charp.eu: could not connect to host
@@ -3213,7 +3316,6 @@ chcemvediet.sk: max-age too low: 1555200
chdgaming.xyz: could not connect to host
cheah.xyz: could not connect to host
cheapdns.org: could not connect to host
-cheapssl.com.tr: did not receive HSTS header
cheapwritinghelp.com: could not connect to host
cheapwritingservice.com: could not connect to host
cheazey.net: did not receive HSTS header
@@ -3223,22 +3325,26 @@ checkhost.org: could not connect to host
checkmateshoes.com: did not receive HSTS header
checkmatewebsolutions.com: max-age too low: 0
checkout.google.com: could not connect to host (error ignored - included regardless)
-checkyourmath.com: could not connect to host
+checkras.tk: could not connect to host
checkyourmeds.com: did not receive HSTS header
cheekylittlerascals.co.uk: did not receive HSTS header
cheerflow.com: could not connect to host
cheesefusion.com: could not connect to host
+cheesehosting.net: did not receive HSTS header
cheesetart.my: could not connect to host
cheesypicsbooths.co.uk: could not connect to host
cheetah85.de: could not connect to host
+cheetahwerx.com: could not connect to host
chefgalles.com.br: could not connect to host
chejianer.cn: could not connect to host
+chelema.xyz: could not connect to host
chellame.com: could not connect to host
chellame.fr: could not connect to host
chelseafs.co.uk: did not receive HSTS header
chemicalguys-ruhrpott.de: could not connect to host
chenfengyi.com: could not connect to host
-chengtongled.com: did not receive HSTS header
+chengtongled.com: could not connect to host
+chenky.com: could not connect to host
chensir.net: could not connect to host
chepaofen.com: did not receive HSTS header
cherekerry.com: could not connect to host
@@ -3246,10 +3352,10 @@ cherrydropscandycarts.co.uk: could not connect to host
cherylsoleway.com: did not receive HSTS header
chessreporter.nl: did not receive HSTS header
chesterbrass.uk: did not receive HSTS header
+chez-janine.de: could not connect to host
chiamata-aiuto.ch: could not connect to host
chiaramail.com: could not connect to host
chib.chat: could not connect to host
-chicagolug.org: could not connect to host
chicorycom.net: could not connect to host
chihiro.xyz: could not connect to host
chijiokeindustries.co.uk: could not connect to host
@@ -3274,10 +3380,12 @@ chloehorler.com: could not connect to host
chlouis.net: could not connect to host
chm.vn: did not receive HSTS header
chocolat-suisse.ch: could not connect to host
+chocolate13tilias.com.br: did not receive HSTS header
chodobien.com: could not connect to host
chodocu.com: did not receive HSTS header
choe.fi: could not connect to host
choiralberta.ca: did not receive HSTS header
+choisirmonerp.com: did not receive HSTS header
chollima.pro: could not connect to host
chontalpa.pw: could not connect to host
chopperforums.com: could not connect to host
@@ -3296,10 +3404,11 @@ chrisfaber.com: could not connect to host
chrisfinazzo.com: did not receive HSTS header
chriskirchner.de: did not receive HSTS header
chriskyrouac.com: could not connect to host
-chrisopperwall.com: did not receive HSTS header
-chrisself.xyz: max-age too low: 0
-christerwaren.fi: could not connect to host
+chrisopperwall.com: could not connect to host
+chrisself.xyz: could not connect to host
+chrissx.ga: could not connect to host
christiaandruif.nl: could not connect to host
+christian-krug.website: did not receive HSTS header
christianbro.gq: could not connect to host
christianhoffmann.info: could not connect to host
christianhospitaltank.org: did not receive HSTS header
@@ -3324,22 +3433,19 @@ chronic101.xyz: could not connect to host
chronogram.me: did not receive HSTS header
chronoproject.com: did not receive HSTS header
chrst.ph: could not connect to host
-chs.us: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+chs.us: max-age too low: 0
chsh.moe: could not connect to host
chua.cf: could not connect to host
chua.family: did not receive HSTS header
chuckame.fr: did not receive HSTS header
chulado.com: did not receive HSTS header
chundelac.com: could not connect to host
+churchlinkpro.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
churchux.co: could not connect to host
-churchwebcanada.ca: did not receive HSTS header
-churchwebsupport.com: did not receive HSTS header
churrasqueirafacil.com.br: could not connect to host
chxdf.net: could not connect to host
-ci-labo.com.tw: max-age too low: 7889238
-ci-suite.com: could not connect to host
cianmawhinney.xyz: could not connect to host
-cidadedopoker.com.br: could not connect to host
+cidadedopoker.com.br: did not receive HSTS header
ciderclub.com: could not connect to host
cidr.ml: could not connect to host
cienbeaute-lidl.fr: could not connect to host
@@ -3350,13 +3456,14 @@ ciicutini.ro: did not receive HSTS header
cim2b.de: could not connect to host
cimalando.eu: could not connect to host
cinartelorgu.com: did not receive HSTS header
+cinay.pw: could not connect to host
cindey.io: could not connect to host
cinefilia.tk: could not connect to host
-cinelite.club: did not receive HSTS header
+cinelite.club: could not connect to host
cinema5.ru: did not receive HSTS header
cinemaclub.co: could not connect to host
ciner.is: could not connect to host
-cinerama.com.br: did not receive HSTS header
+cintactimber.com: did not receive HSTS header
cintdirect.com: could not connect to host
cioconference.co.nz: could not connect to host
cipher.co.th: did not receive HSTS header
@@ -3373,13 +3480,12 @@ ciscohomeanalytics.com: could not connect to host
ciscommerce.net: could not connect to host
citationgurus.com: could not connect to host
citiagent.cz: could not connect to host
-citizen-cam.de: did not receive HSTS header
citra-emu.org: did not receive HSTS header
citroner.blog: could not connect to host
citybusexpress.com: did not receive HSTS header
cityofeastpointemi.gov: could not connect to host
cityoflaurel.org: did not receive HSTS header
-cityofwadley-ga.gov: could not connect to host
+cityofwadley-ga.gov: did not receive HSTS header
citywalkr.com: could not connect to host
ciuciucadou.ro: could not connect to host
cium.ru: could not connect to host
@@ -3394,6 +3500,7 @@ clad.cf: could not connect to host
claibornecountytn.gov: could not connect to host
claimit.ml: could not connect to host
clan-ww.com: did not receive HSTS header
+clanthor.com: did not receive HSTS header
clapping-rhymes.com: could not connect to host
clara-baumert.de: could not connect to host
claralabs.com: did not receive HSTS header
@@ -3407,7 +3514,6 @@ classicsandexotics.com: could not connect to host
classicshop.ua: did not receive HSTS header
classicspublishing.com: could not connect to host
classifiedssa.co.za: could not connect to host
-claster.it: did not receive HSTS header
claudearpel.fr: did not receive HSTS header
claudio4.com: did not receive HSTS header
claytoncondon.com: could not connect to host
@@ -3417,17 +3523,16 @@ cleanexperts.co.uk: could not connect to host
cleaningsquad.ca: did not receive HSTS header
cleanmta.com: could not connect to host
cleanstar.org: could not connect to host
-clear.ml: could not connect to host
+clear.ml: did not receive HSTS header
clearc.tk: could not connect to host
clearchatsandbox.com: could not connect to host
clearsky.me: did not receive HSTS header
clearviewwealthprojector.com.au: could not connect to host
-clementfevrier.fr: could not connect to host
clemovementlaw.com: could not connect to host
clerkendweller.uk: could not connect to host
clevelandokla.com: could not connect to host
-cleververmarkten.com: did not receive HSTS header
-cleververmarkten.de: did not receive HSTS header
+cleververmarkten.com: could not connect to host
+cleververmarkten.de: could not connect to host
clic-music.com: could not connect to host
click-2-order.co.uk: did not receive HSTS header
click2order.co.uk: did not receive HSTS header
@@ -3454,9 +3559,11 @@ clip.ovh: did not receive HSTS header
clipped4u.com: could not connect to host
clnet.com.au: did not receive HSTS header
cloghercastles.co.uk: did not receive HSTS header
+clojurescript.ru: could not connect to host
clorik.com: could not connect to host
closient.com: did not receive HSTS header
closingholding.com: could not connect to host
+cloturea.fr: could not connect to host
cloud-crowd.com.au: did not receive HSTS header
cloud-project.com: could not connect to host
cloud.wtf: could not connect to host
@@ -3467,9 +3574,14 @@ cloudbased.info: did not receive HSTS header
cloudbasedsite.com: did not receive HSTS header
cloudberlin.goip.de: could not connect to host
cloudbleed.info: could not connect to host
+cloudbreaker.de: could not connect to host
cloudcert.org: did not receive HSTS header
+cloudconsulting.net.za: did not receive HSTS header
+cloudconsulting.org.za: did not receive HSTS header
+cloudconsulting.web.za: did not receive HSTS header
cloudcy.net: could not connect to host
clouddesktop.co.nz: could not connect to host
+cloudfiles.at: could not connect to host
cloudfren.com: did not receive HSTS header
cloudimag.es: could not connect to host
cloudimproved.com: could not connect to host
@@ -3482,11 +3594,12 @@ cloudpagesforwork.com: did not receive HSTS header
cloudpebble.net: did not receive HSTS header
cloudpengu.in: could not connect to host
clouds.webcam: could not connect to host
+cloudsocial.io: could not connect to host
cloudspotterapp.com: did not receive HSTS header
cloudstoragemaus.com: could not connect to host
cloudstorm.me: could not connect to host
cloudstrike.co: could not connect to host
-cloudteam.de: did not receive HSTS header
+cloudteam.de: could not connect to host
cloudwalk.io: did not receive HSTS header
cloudwarez.xyz: could not connect to host
clounix.online: could not connect to host
@@ -3498,28 +3611,31 @@ clsimplex.com: did not receive HSTS header
clubcall.com: did not receive HSTS header
clubdeslecteurs.net: could not connect to host
clubmix.co.kr: could not connect to host
+clubscannan.ie: did not receive HSTS header
cluefulca.com: could not connect to host
cluefulca.net: could not connect to host
cluefulca.org: could not connect to host
cluj.apartments: could not connect to host
+clush.pw: did not receive HSTS header
cluster.id: could not connect to host
clvrwebdesign.com: did not receive HSTS header
clvs7.com: did not receive HSTS header
clycat.ru: could not connect to host
clywedogmaths.co.uk: could not connect to host
cm3.pw: could not connect to host
+cmahy.be: could not connect to host
cmangos.net: did not receive HSTS header
cmc-versand.de: did not receive HSTS header
cmcc.network: could not connect to host
cmci.dk: did not receive HSTS header
cmdtelecom.net.br: did not receive HSTS header
-cmitao.com: could not connect to host
cmpr.es: could not connect to host
cmrss.com: could not connect to host
cmsbattle.com: could not connect to host
cmscafe.ru: did not receive HSTS header
cmskh.co.uk: could not connect to host
cmso-cal.com: could not connect to host
+cmusical.es: could not connect to host
cmweller.com: could not connect to host
cnam.net: did not receive HSTS header
cnaprograms.online: could not connect to host
@@ -3530,18 +3646,19 @@ cnetw.xyz: could not connect to host
cnitdog.com: could not connect to host
cnlau.com: did not receive HSTS header
cnlic.com: could not connect to host
-cnrd.me: did not receive HSTS header
+cnrd.me: could not connect to host
cnsyear.com: did not receive HSTS header
cnwage.com: could not connect to host
cnwarn.com: could not connect to host
co-driversphoto.se: could not connect to host
co-yutaka.com: could not connect to host
+co2eco.cn: did not receive HSTS header
+coa.one: could not connect to host
coach-sportif.paris: did not receive HSTS header
coachingconsultancy.com: did not receive HSTS header
cobaltlp.com: could not connect to host
cobcode.com: could not connect to host
cobrax.net: could not connect to host
-cocaine-import.agency: could not connect to host
coccinellaskitchen.com: could not connect to host
coccinellaskitchen.de: could not connect to host
coccinellaskitchen.it: could not connect to host
@@ -3553,6 +3670,7 @@ cocktailfuture.fr: could not connect to host
coco-cool.fr: could not connect to host
cocodemy.com: did not receive HSTS header
cocolovesdaddy.com: could not connect to host
+cocyou.ooo: could not connect to host
codabix.net: could not connect to host
code-35.com: could not connect to host
code-digsite.com: could not connect to host
@@ -3562,12 +3680,12 @@ codealkemy.co: could not connect to host
codeco.pw: could not connect to host
codecontrollers.de: could not connect to host
codeforce.io: could not connect to host
-codeforhakodate.org: could not connect to host
+codeforhakodate.org: did not receive HSTS header
codejunkie.de: could not connect to host
codelayer.ca: could not connect to host
codelitmus.com: did not receive HSTS header
codeloop.pw: could not connect to host
-codelove.de: did not receive HSTS header
+codelove.de: could not connect to host
codemonkeyrawks.net: did not receive HSTS header
codemperium.com: could not connect to host
codenlife.xyz: could not connect to host
@@ -3575,27 +3693,32 @@ codeofhonor.tech: could not connect to host
codeplay.org: could not connect to host
codepoet.de: did not receive HSTS header
codeproxy.ddns.net: could not connect to host
-codepx.com: did not receive HSTS header
+codepx.com: could not connect to host
codercy.com: could not connect to host
coderhangout.com: could not connect to host
+codersatlas.com: could not connect to host
codersbistro.com: did not receive HSTS header
+codestep.io: could not connect to host
codewiththepros.org: could not connect to host
codewiz.xyz: could not connect to host
+codigodelbonusbet365.com: could not connect to host
+codymoniz.com: could not connect to host
coecrafters.com: could not connect to host
coffeedino.com: did not receive HSTS header
coffeeetc.co.uk: could not connect to host
coffeestrategies.com: max-age too low: 5184000
-cogniflex.com: did not receive HSTS header
+coffeetocode.me: did not receive HSTS header
+cogniflex.com: could not connect to host
cognixia.com: did not receive HSTS header
cogumelosmagicos.org: could not connect to host
-cohesive.io: did not receive HSTS header
+cohesive.io: could not connect to host
coin-exchange.cz: could not connect to host
coindam.com: could not connect to host
coinessa.com: could not connect to host
coinjar-sandbox.com: could not connect to host
colarelli.ch: could not connect to host
coldaddy.com: could not connect to host
-coldlostsick.net: could not connect to host
+coldlostsick.net: did not receive HSTS header
coldwatericecream.com: did not receive HSTS header
colearnr.com: could not connect to host
colincampbell.me: could not connect to host
@@ -3614,6 +3737,7 @@ collins.press: could not connect to host
collinsartworks.com: did not receive HSTS header
collision.fyi: could not connect to host
colmexpro.com: did not receive HSTS header
+colo-tech.com: could not connect to host
colognegaming.net: could not connect to host
cololi.moe: max-age too low: 2592000
coloradocomputernetworking.net: could not connect to host
@@ -3626,7 +3750,6 @@ com.cc: could not connect to host
combatshield.cz: did not receive HSTS header
comchezmeme.com: could not connect to host
comdotgame.com: could not connect to host
-comefollowme2016.com: did not receive HSTS header
comeoncolleen.com: did not receive HSTS header
comercialtrading.eu: could not connect to host
cometbot.cf: could not connect to host
@@ -3650,9 +3773,14 @@ commerciallocker.com: could not connect to host
commercialplanet.eu: could not connect to host
commune-preuilly.fr: did not receive HSTS header
community-cupboard.org: did not receive HSTS header
+communityflow.info: could not connect to host
+comocurarlagastritis24.online: did not receive HSTS header
comocurarlashemorroides.org: did not receive HSTS header
comocurarlashemorroidesya.com: did not receive HSTS header
-comodo.nl: could not connect to host
+comodesinflamarlashemorroides.org: did not receive HSTS header
+comohacerelamoraunhombrenet.com: did not receive HSTS header
+comoquitarlacaspa24.com: did not receive HSTS header
+comoquitarlasestriasrapidamente.com: did not receive HSTS header
comorecuperaratumujerpdf.com: could not connect to host
comotalk.com: could not connect to host
compalytics.com: could not connect to host
@@ -3673,9 +3801,10 @@ comprehensiveihc.com: could not connect to host
compromised.com: could not connect to host
compros.me: could not connect to host
compsmag.com: did not receive HSTS header
-comptrollerofthecurrency.gov: did not receive HSTS header
+comptrollerofthecurrency.gov: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
compucorner.com.mx: could not connect to host
compusolve.nl: could not connect to host
+computercraft.net: could not connect to host
computertal.de: could not connect to host
comssa.org.au: did not receive HSTS header
comyuno.com: did not receive HSTS header
@@ -3684,15 +3813,18 @@ conceptatelier.de: could not connect to host
conception.sk: could not connect to host
concerts-metal.ch: did not receive HSTS header
conclave.global: could not connect to host
+conclinica.com.br: did not receive HSTS header
concord-group.co.jp: did not receive HSTS header
conectalmeria.com: did not receive HSTS header
confidential.network: could not connect to host
confirm365.com: could not connect to host
conflux.tw: did not receive HSTS header
conformal.com: could not connect to host
+conformist.jp: could not connect to host
+confucio.cl: could not connect to host
confuddledpenguin.com: did not receive HSTS header
cong5.net: max-age too low: 0
-congz.me: could not connect to host
+congz.me: did not receive HSTS header
conkret.ch: could not connect to host
conkret.co.uk: could not connect to host
conkret.eu: could not connect to host
@@ -3704,7 +3836,6 @@ connected-verhuurservice.nl: did not receive HSTS header
connectfss.com: could not connect to host
connectingconcepts.com: did not receive HSTS header
conniesacademy.com: could not connect to host
-conpins.nl: could not connect to host
conrad.am: could not connect to host
consciousandglamorous.com: could not connect to host
consciousbrand.org.au: could not connect to host
@@ -3728,6 +3859,7 @@ contarkos.xyz: could not connect to host
contents.ga: did not receive HSTS header
continuation.io: could not connect to host
continuumgaming.com: could not connect to host
+contractdigital.co.uk: did not receive HSTS header
contraout.com: could not connect to host
controlcenter.gigahost.dk: did not receive HSTS header
contxt-agentur.de: did not receive HSTS header
@@ -3745,8 +3877,10 @@ coole-meister.de: could not connect to host
cooljs.me: could not connect to host
coolkidsbouncycastles.co.uk: did not receive HSTS header
coolrc.me: did not receive HSTS header
+coolviewthermostat.com: did not receive HSTS header
coolvox.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
coonelnel.net: did not receive HSTS header
+coor.fun: did not receive HSTS header
cooxa.com: could not connect to host
copshop.com.br: could not connect to host
coptic-treasures.com: max-age too low: 2592000
@@ -3755,7 +3889,7 @@ copytrack.com: did not receive HSTS header
cor-ser.es: could not connect to host
coralproject.net: did not receive HSTS header
coralrosado.com.br: did not receive HSTS header
-coramcdaniel.com: did not receive HSTS header
+coramcdaniel.com: could not connect to host
corbinhesse.com: did not receive HSTS header
corderoscleaning.com: did not receive HSTS header
cordial-restaurant.com: did not receive HSTS header
@@ -3782,34 +3916,38 @@ corporateencryption.com: could not connect to host
corporatesubscriptions.com.au: did not receive HSTS header
correct.horse: did not receive HSTS header
correctpaardbatterijnietje.nl: did not receive HSTS header
-correiodovale.com.br: did not receive HSTS header
+correiodovale.com.br: could not connect to host
corruption-mc.net: could not connect to host
corruption-rsps.net: could not connect to host
corruption-server.net: could not connect to host
+corzntin.fr: did not receive HSTS header
+cosmeticosdelivery.com.br: did not receive HSTS header
cosmeticosnet.com.br: did not receive HSTS header
cosmiatria.pe: could not connect to host
-cosmic-os.org: could not connect to host
cosmoluziluminacion.com: did not receive HSTS header
cosmoss-departure.com: could not connect to host
+costcofinance.com: did not receive HSTS header
costow.club: did not receive HSTS header
cotonea.de: did not receive HSTS header
cougarsland.com: did not receive HSTS header
coughlan.de: did not receive HSTS header
counselling.network: could not connect to host
+counsellingtime.co.uk: could not connect to host
count.sh: could not connect to host
countryoutlaws.ca: did not receive HSTS header
coup-dun-soir.ch: could not connect to host
couponcodeq.com: could not connect to host
couragewhispers.ca: could not connect to host
-coursables.com: did not receive HSTS header
coursdeprogrammation.com: could not connect to host
course.pp.ua: did not receive HSTS header
course.rs: could not connect to host
coursella.com: did not receive HSTS header
courses.nl: could not connect to host
courseworkbank.info: could not connect to host
+covaci.pro: did not receive HSTS header
cove.sh: could not connect to host
covenantbank.net: could not connect to host
+covenantmatrix.com: did not receive HSTS header
coverdat.com: could not connect to host
coverduck.ru: could not connect to host
coworkingmanifesto.com: did not receive HSTS header
@@ -3828,6 +3966,7 @@ crackslut.eu: could not connect to host
craftbeerbarn.co.uk: could not connect to host
craftedge.xyz: could not connect to host
craftination.net: could not connect to host
+craftinghand.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
craftmain.eu: could not connect to host
craftmine.cz: could not connect to host
craftngo.hu: could not connect to host
@@ -3850,15 +3989,16 @@ crazyker.com: did not receive HSTS header
crbug.com: did not receive HSTS header (error ignored - included regardless)
crc-online.nl: did not receive HSTS header
creaescola.com: did not receive HSTS header
+crealogix-online.com: could not connect to host
creamybuild.com: could not connect to host
create-ls.jp: could not connect to host
create-test-publish.co.uk: could not connect to host
-createcos.com: could not connect to host
+create-together.nl: did not receive HSTS header
+creations-edita.com: could not connect to host
creativeapple.ltd: did not receive HSTS header
creativeartifice.com: did not receive HSTS header
creativecommons.cl: did not receive HSTS header
creativecommonscatpictures.com: could not connect to host
-creativefolks.co.uk: did not receive HSTS header
creativephysics.ml: could not connect to host
creativeplayuk.com: did not receive HSTS header
creato.top: could not connect to host
@@ -3873,10 +4013,14 @@ creorin.com: did not receive HSTS header
crestoncottage.com: could not connect to host
crewplanner.eu: did not receive HSTS header
crge.eu: max-age too low: 0
+criadorespet.com.br: could not connect to host
+crickey.eu: could not connect to host
crimewatch.net.za: could not connect to host
+crimson.no: did not receive HSTS header
crip-usk.ba: could not connect to host
crisissurvivalspecialists.com: could not connect to host
cristianhares.com: could not connect to host
+critcola.com: did not receive HSTS header
criticalaim.com: could not connect to host
crizk.com: could not connect to host
crl-autos.com: could not connect to host
@@ -3886,24 +4030,25 @@ crockett.io: did not receive HSTS header
croco.vision: did not receive HSTS header
croeder.net: could not connect to host
croisieres.discount: did not receive HSTS header
-cromefire.myds.me: could not connect to host
cromosomax.com: could not connect to host
-cronoscentral.be: did not receive HSTS header
+cronberg.ch: could not connect to host
croods-mt2.fr: did not receive HSTS header
croome.no-ip.org: could not connect to host
crop-alert.com: could not connect to host
+croquette.net: did not receive HSTS header
crosbug.com: did not receive HSTS header (error ignored - included regardless)
+crosscom.ch: could not connect to host
crosspeakoms.com: did not receive HSTS header
crosssec.com: did not receive HSTS header
crow.tw: could not connect to host
crowdcurity.com: did not receive HSTS header
crowdjuris.com: could not connect to host
-crowdwis.com: did not receive HSTS header
+crowdwis.com: could not connect to host
crownbouncycastlehire.co.uk: did not receive HSTS header
crownruler.com: did not receive HSTS header
crox.co: could not connect to host
crrev.com: did not receive HSTS header (error ignored - included regardless)
-crt2014-2024review.gov: could not connect to host
+crt.sh: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
crtvmgmt.com: could not connect to host
crudysql.com: could not connect to host
crufad.org: did not receive HSTS header
@@ -3915,6 +4060,7 @@ cruzr.xyz: could not connect to host
crypalert.com: could not connect to host
crypt.guru: did not receive HSTS header
cryptify.eu: could not connect to host
+crypto-armory.com: could not connect to host
crypto-navi.org: did not receive HSTS header
crypto.tube: did not receive HSTS header
cryptobells.com: did not receive HSTS header
@@ -3922,10 +4068,10 @@ cryptobin.org: could not connect to host
cryptocaseproject.com: could not connect to host
cryptodash.net: could not connect to host
cryptodyno.ninja: could not connect to host
-cryptoisnotacrime.org: could not connect to host
cryptojar.io: could not connect to host
cryptolab.pro: could not connect to host
-cryptolab.tk: did not receive HSTS header
+cryptolab.tk: could not connect to host
+cryptonom.org: could not connect to host
cryptoparty.dk: could not connect to host
cryptopartyatx.org: could not connect to host
cryptopartynewcastle.org: could not connect to host
@@ -3939,6 +4085,7 @@ cs-ubladego.pl: could not connect to host
csacongress.org: max-age too low: 2592000
csapak.com: did not receive HSTS header
csawctf.poly.edu: could not connect to host
+csbgtribalta.com: did not receive HSTS header
cscau.com: did not receive HSTS header
csehnyelv.hu: could not connect to host
cselzer.com: did not receive HSTS header
@@ -3969,16 +4116,16 @@ cswarzone.com: [Exception... "Component returned failure code: 0x80004005 (NS_ER
ct-status.org: could not connect to host
ct-watches.dk: did not receive HSTS header
cthomas.work: could not connect to host
-ctrl.blog: did not receive HSTS header
+cthulhuden.com: could not connect to host
ctyi.me: could not connect to host
-cuanhua3s.com: did not receive HSTS header
-cubecart.net: did not receive HSTS header
+cuanhua3s.com: could not connect to host
+cubecart.net: could not connect to host
cubecraftstore.com: could not connect to host
cubecraftstore.net: could not connect to host
cubela.tech: could not connect to host
cubeserver.eu: could not connect to host
cubewano.com: could not connect to host
-cubix.host: did not receive HSTS header
+cubix.host: could not connect to host
cucc.date: could not connect to host
cuecamania.com.br: could not connect to host
cujanovic.com: did not receive HSTS header
@@ -3986,7 +4133,6 @@ cujba.com: could not connect to host
culinae.nl: could not connect to host
cultureelbeleggen.nl: did not receive HSTS header
cultureroll.com: could not connect to host
-cumparama.com: did not receive HSTS header
cumshots-video.ru: could not connect to host
cunha.be: could not connect to host
cuni-cuni-club.com: did not receive HSTS header
@@ -4009,9 +4155,10 @@ curroapp.com: could not connect to host
cursosdnc.cl: did not receive HSTS header
cursosgratuitos.com.br: did not receive HSTS header
curveweb.co.uk: did not receive HSTS header
+curvylove.de: could not connect to host
cusfit.com: did not receive HSTS header
custe.rs: could not connect to host
-custerweb.com: could not connect to host
+custerweb.com: did not receive HSTS header
customadesign.com: did not receive HSTS header
customd.com: did not receive HSTS header
customfilmworks.com: could not connect to host
@@ -4021,19 +4168,20 @@ customromlist.com: could not connect to host
customshort.link: could not connect to host
customwritings.com: could not connect to host
cutelariafiveladeouro.com.br: did not receive HSTS header
+cutephil.com: could not connect to host
+cutimbo.com: could not connect to host
cutorrent.com: could not connect to host
cuvva.insure: did not receive HSTS header
cuxpool.club: could not connect to host
cvjm-memmingen.de: did not receive HSTS header
+cvninja.pl: did not receive HSTS header
cvps.top: did not receive HSTS header
cvsoftub.com: did not receive HSTS header
cvtparking.co.uk: did not receive HSTS header
-cvv.cn: could not connect to host
cw-bw.de: could not connect to host
cwage.com: could not connect to host
cwbw.network: did not receive HSTS header
cwilson.ga: could not connect to host
-cwinfo.fi: could not connect to host
cy.technology: did not receive HSTS header
cyanogenmod.xxx: could not connect to host
cybbh.space: could not connect to host
@@ -4042,12 +4190,12 @@ cyber-konzept.de: did not receive HSTS header
cyber-perikarp.eu: could not connect to host
cyber.cafe: could not connect to host
cybercecurity.com: did not receive HSTS header
-cybercloud.cc: did not receive HSTS header
cybercymru.co.uk: did not receive HSTS header
-cyberdyne-industries.net: could not connect to host
+cyberdyne-industries.net: did not receive HSTS header
cyberfrancais.ro: did not receive HSTS header
cyberlab.team: did not receive HSTS header
cyberpeace.nl: could not connect to host
+cyberphaze.com: did not receive HSTS header
cyberprey.com: did not receive HSTS header
cyberpunk.ca: could not connect to host
cybersantri.com: could not connect to host
@@ -4055,7 +4203,6 @@ cyberserver.org: could not connect to host
cybershambles.com: could not connect to host
cybersmart.co.uk: did not receive HSTS header
cyberspace.today: could not connect to host
-cybertorsk.org: could not connect to host
cyclehackluxembourgcity.lu: could not connect to host
cyclingjunkies.com: could not connect to host
cydia-search.io: could not connect to host
@@ -4064,56 +4211,58 @@ cygu.ch: did not receive HSTS header
cymtech.net: could not connect to host
cynoshair.com: could not connect to host
cyoda.com: did not receive HSTS header
-cypherpunk.at: could not connect to host
-cypherpunk.com: could not connect to host
+cype.dedyn.io: could not connect to host
cypherpunk.ws: could not connect to host
cyphertite.com: could not connect to host
-cypressinheritancesaga.com: could not connect to host
cytadel.fr: did not receive HSTS header
+cyyzaid.cn: could not connect to host
czaw.org: did not receive HSTS header
-czirnich.org: did not receive HSTS header
+czirnich.org: could not connect to host
czlx.co: could not connect to host
d-academia.com: did not receive HSTS header
d-macindustries.com: did not receive HSTS header
d-rickroll-e.pw: could not connect to host
-d-toys.com.ua: could not connect to host
d.rip: max-age too low: 900
d00r.de: did not receive HSTS header
d0xq.net: could not connect to host
d1ves.io: did not receive HSTS header
d3njjcbhbojbot.cloudfront.net: did not receive HSTS header
d3x.pw: could not connect to host
+d3xx3r.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
d4rkdeagle.tk: could not connect to host
+d4wson.com: could not connect to host
+d88688.com: could not connect to host
+d88871.com: could not connect to host
d8studio.net: could not connect to host
+da-ist-kunst.de: could not connect to host
da.hn: could not connect to host
da8.cc: could not connect to host
dabblegoat.com: could not connect to host
dabbot.org: did not receive HSTS header
dad256.tk: could not connect to host
dadtheimpaler.com: could not connect to host
-daemonslayer.net: could not connect to host
+daemon.xin: could not connect to host
+daemonslayer.net: did not receive HSTS header
dah5.com: did not receive HSTS header
dahl-pind.dk: did not receive HSTS header
-dahlberg.cologne: could not connect to host
dai-rin.co.jp: could not connect to host
dailybunda.com: did not receive HSTS header
dailystormerpodcasts.com: could not connect to host
dailytopix.com: could not connect to host
daimadi.com: could not connect to host
-daisuki.pw: did not receive HSTS header
+daisuki.pw: could not connect to host
daiwai.de: did not receive HSTS header
dakerealestate.com: did not receive HSTS header
dakl-shop.de: did not receive HSTS header
dakotasilencer.com: did not receive HSTS header
dakrib.net: could not connect to host
daku.gdn: could not connect to host
-dalek.co.nz: did not receive HSTS header
dalfiume.it: did not receive HSTS header
dalingk.co: could not connect to host
daltonedwards.me: could not connect to host
dam74.com.ar: could not connect to host
-damianuv-blog.cz: did not receive HSTS header
-damicris.ro: could not connect to host
+damianuv-blog.cz: could not connect to host
+damienpontifex.com: did not receive HSTS header
damjanovic.work: could not connect to host
dan.org.nz: could not connect to host
danbarrett.com.au: could not connect to host
@@ -4131,6 +4280,7 @@ danieldk.eu: did not receive HSTS header
danielgraziano.ca: could not connect to host
danieliancu.com: could not connect to host
danielkratz.com: max-age too low: 172800
+danielmarquard.com: did not receive HSTS header
danielt.co.uk: did not receive HSTS header
danielverlaan.nl: could not connect to host
danielworthy.com: did not receive HSTS header
@@ -4142,7 +4292,9 @@ dankredues.com: could not connect to host
danmark.guide: did not receive HSTS header
dannycrichton.com: did not receive HSTS header
danova.de: did not receive HSTS header
+danoz.net: could not connect to host
danrl.de: could not connect to host
+dansa.com.co: could not connect to host
danskringsporta.be: did not receive HSTS header
danwillenberg.com: did not receive HSTS header
daolerp.xyz: could not connect to host
@@ -4150,10 +4302,10 @@ dapim.co.il: did not receive HSTS header
dargasia.is: could not connect to host
darinjohnson.ca: did not receive HSTS header
dario.im: did not receive HSTS header
+dariosirangelo.me: could not connect to host
dark-x.cf: could not connect to host
darkanzali.pl: max-age too low: 0
darkdestiny.ch: could not connect to host
-darkfire.ch: could not connect to host
darkfriday.ddns.net: could not connect to host
darkhole.cn: did not receive HSTS header
darkishgreen.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -4176,26 +4328,27 @@ dash-board.jp: did not receive HSTS header
dash.rocks: did not receive HSTS header
dashboard.yt: could not connect to host
dashburst.com: did not receive HSTS header
+dashlane.com: did not receive HSTS header
dashnimorad.com: did not receive HSTS header
data-abundance.com: could not connect to host
data-detox.com: could not connect to host
data.haus: could not connect to host
data.qld.gov.au: did not receive HSTS header
+data.world: did not receive HSTS header
databeam.de: could not connect to host
datacave.is: could not connect to host
datacenternews.asia: did not receive HSTS header
datacenternews.co.nz: did not receive HSTS header
datacentrenews.eu: did not receive HSTS header
+datacool.tk: could not connect to host
datacubed.com: did not receive HSTS header
-datafd.com: could not connect to host
-datafd.net: could not connect to host
datahoarder.download: could not connect to host
datahoarderschool.club: did not receive HSTS header
dataisme.com: did not receive HSTS header
datajapan.co.jp: did not receive HSTS header
datamatic.ru: could not connect to host
-datapun.ch: did not receive HSTS header
dataretention.solutions: could not connect to host
+datascomemorativas.com.br: could not connect to host
datasharesystem.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
datasnitch.co.uk: could not connect to host
datatekniikka.com: could not connect to host
@@ -4206,10 +4359,10 @@ datenreiter.cf: could not connect to host
datenreiter.gq: could not connect to host
datenreiter.ml: could not connect to host
datenreiter.tk: could not connect to host
-datenschutzhelden.org: could not connect to host
+datenschutzhelden.org: max-age too low: 172800
datine.com.br: could not connect to host
datorb.com: could not connect to host
-datortipsen.se: did not receive HSTS header
+datortipsen.se: could not connect to host
datsound.ru: did not receive HSTS header
datsumou-q.com: did not receive HSTS header
daverandom.com: could not connect to host
@@ -4217,6 +4370,7 @@ davewut.ca: did not receive HSTS header
david-mallett.com: did not receive HSTS header
davidandkailey.com: could not connect to host
davidbrito.tech: could not connect to host
+davidbuckell.com: could not connect to host
davidglidden.eu: did not receive HSTS header
davidgrudl.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
davidhunter.scot: did not receive HSTS header
@@ -4228,6 +4382,7 @@ davidscherzer.at: could not connect to host
davimun.org: could not connect to host
davros.eu: could not connect to host
davros.ru: could not connect to host
+daw.nz: could not connect to host
dawnofeden.org: did not receive HSTS header
dawnson.is: could not connect to host
dawnsonb.com: could not connect to host
@@ -4237,7 +4392,6 @@ days.one: could not connect to host
daytonaseaside.com: did not receive HSTS header
db-sanity.com: could not connect to host
db.gy: could not connect to host
-dbcom.ru: could not connect to host
dbjc.duckdns.org: could not connect to host
dblx.io: could not connect to host
dbox.ga: could not connect to host
@@ -4249,10 +4403,9 @@ dcc.moe: could not connect to host
dccode.gov: could not connect to host
dccoffeeproducts.com: did not receive HSTS header
dccraft.net: could not connect to host
-dcl.re: could not connect to host
+dcl.re: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
dctxf.com: did not receive HSTS header
dcuofriends.net: could not connect to host
-dcw.io: did not receive HSTS header
dd.art.pl: could not connect to host
ddatsh.com: did not receive HSTS header
dden.website: could not connect to host
@@ -4290,6 +4443,8 @@ decorincasa.com.br: could not connect to host
decorland.com.ua: could not connect to host
decormiernissanparts.com: could not connect to host
decoyrouting.com: could not connect to host
+decstasy.de: did not receive HSTS header
+dede.ml: could not connect to host
dedeo.tk: could not connect to host
dedicatutiempo.es: could not connect to host
dedietrich-asia.com: did not receive HSTS header
@@ -4301,8 +4456,6 @@ deeprecce.com: could not connect to host
deeprecce.link: could not connect to host
deeprecce.tech: could not connect to host
deeps.cat: could not connect to host
-deeps.me: could not connect to host
-deepsouthsounds.com: did not receive HSTS header
deepvalley.tech: could not connect to host
deepvision.com.ua: did not receive HSTS header
deer.team: could not connect to host
@@ -4321,6 +4474,7 @@ defimetier.org: could not connect to host
defimetiers.com: could not connect to host
defimetiers.fr: could not connect to host
degroetenvanrosaline.nl: could not connect to host
+dehydrated.de: did not receive HSTS header
deight.co: could not connect to host
deight.in: could not connect to host
dekasan.ru: could not connect to host
@@ -4331,6 +4485,7 @@ delf.co.jp: did not receive HSTS header
deliberatedigital.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
deliver.moe: did not receive HSTS header
deliverance.co.uk: could not connect to host
+deliveryiquique.cl: did not receive HSTS header
deloittequant.com: could not connect to host
deltaconcepts.de: could not connect to host
delvj.org: could not connect to host
@@ -4340,11 +4495,14 @@ demdis.org: could not connect to host
demilitarized.ninja: could not connect to host
demo-server.us: could not connect to host
demo.sb: could not connect to host
+demo.swedbank.se: did not receive HSTS header
democracy.io: did not receive HSTS header
democraticdifference.com: could not connect to host
demomanca.com: did not receive HSTS header
demotops.com: could not connect to host
+dengchangdong.com: did not receive HSTS header
denh.am: did not receive HSTS header
+denimio.com: did not receive HSTS header
denisjean.fr: could not connect to host
dennispotter.eu: did not receive HSTS header
densmirnov.com: max-age too low: 7776000
@@ -4358,7 +4516,7 @@ depaco.com: did not receive HSTS header
deped.blog: could not connect to host
depedshs.com: could not connect to host
depedtayo.com: did not receive HSTS header
-depedtayo.ph: could not connect to host
+depedtayo.ph: did not receive HSTS header
depijl-mz.nl: did not receive HSTS header
depixion.agency: could not connect to host
depo.space: could not connect to host
@@ -4366,8 +4524,7 @@ deprobe.pro: could not connect to host
dequehablamos.es: could not connect to host
derbyshiredotnet.co.uk: did not receive HSTS header
derchris.me: could not connect to host
-derekseaman.com: did not receive HSTS header
-derekseaman.studio: did not receive HSTS header
+derekkent.com: could not connect to host
derevtsov.com: did not receive HSTS header
derivativeshub.pro: could not connect to host
derive.cc: could not connect to host
@@ -4380,10 +4537,11 @@ desiccantpackets.com: did not receive HSTS header
design-fu.com: did not receive HSTS header
designandmore.it: did not receive HSTS header
designanyware.com.br: could not connect to host
-designgears.com: did not receive HSTS header
+designgears.com: could not connect to host
designgraphic.fr: did not receive HSTS header
designsbykerrialee.co.uk: could not connect to host
designthinking.or.jp: did not receive HSTS header
+desormiers.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
despora.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
despotika.de: could not connect to host
desserteagleselvenar.tk: could not connect to host
@@ -4392,19 +4550,19 @@ destinopiriapolis.com: did not receive HSTS header
destom.be: could not connect to host
desveja.com.br: could not connect to host
detalhecomercio.com.br: could not connect to host
-detalyedesigngroup.com: could not connect to host
detechnologiecooperatie.nl: did not receive HSTS header
detecte-fuite.ch: could not connect to host
detecte.ch: could not connect to host
detectefuite.ch: could not connect to host
detector.exposed: could not connect to host
-detest.org: did not receive HSTS header
+detest.org: could not connect to host
dethikiemtra.com: did not receive HSTS header
detroitrocs.org: did not receive HSTS header
detteflies.com: max-age too low: 7889238
+detuprovincia.cl: did not receive HSTS header
detutorial.com: max-age too low: 36000
-deusu.de: did not receive HSTS header
-deusu.org: did not receive HSTS header
+deusu.de: could not connect to host
+deusu.org: could not connect to host
deux.solutions: could not connect to host
deuxsol.co: could not connect to host
deuxsol.com: could not connect to host
@@ -4416,9 +4574,12 @@ dev-bluep.pantheonsite.io: did not receive HSTS header
dev-talk.eu: did not receive HSTS header
dev-talk.net: could not connect to host
devafterdark.com: could not connect to host
+devcast.io: could not connect to host
devdesco.com: could not connect to host
devdom.io: max-age too low: 172800
devdoodle.net: could not connect to host
+develerik.com: could not connect to host
+develop.cool: could not connect to host
develop.fitness: could not connect to host
developersclub.website: could not connect to host
devenney.io: did not receive HSTS header
@@ -4430,11 +4591,13 @@ devinpacker.com: could not connect to host
devisonline.ch: could not connect to host
devistravaux.org: did not receive HSTS header
devjack.de: could not connect to host
+devkit.cc: could not connect to host
devlux.ch: did not receive HSTS header
devmsg.com: could not connect to host
devnsec.com: could not connect to host
devnull.team: could not connect to host
-devopps.me: did not receive HSTS header
+devolution.ws: could not connect to host
+devopps.me: could not connect to host
devops.moe: could not connect to host
devopsconnected.com: could not connect to host
devpgsv.com: could not connect to host
@@ -4443,13 +4606,12 @@ devtub.com: could not connect to host
devuan.org: did not receive HSTS header
dewebwerf.nl: did not receive HSTS header
dewin.io: could not connect to host
-dfekt.no: could not connect to host
-dfektlan.no: could not connect to host
dfixit.com: could not connect to host
dfrance.com.br: did not receive HSTS header
dfviana.com.br: max-age too low: 2592000
dgby.org: did not receive HSTS header
dggwp.de: did not receive HSTS header
+dgx.io: could not connect to host
dharamkot.com: could not connect to host
dharma.ai: did not receive HSTS header
dhl-smart.ch: could not connect to host
@@ -4463,6 +4625,7 @@ diabolic.chat: could not connect to host
diagnocentro.cl: could not connect to host
diagnosia.com: did not receive HSTS header
diagonale-deco.fr: did not receive HSTS header
+diagrammingoutloud.co.uk: did not receive HSTS header
dialectic-og.com: could not connect to host
diamondcare.com.br: did not receive HSTS header
diamondpkg.org: could not connect to host
@@ -4478,13 +4641,13 @@ dichgans-besserer.de: did not receive HSTS header
dichvudangkygiayphep.com: could not connect to host
dicio.com.br: did not receive HSTS header
dick.red: could not connect to host
-dickord.club: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
didierlaumen.be: did not receive HSTS header
+didikhari.web.id: did not receive HSTS header
die-besten-weisheiten.de: could not connect to host
die-gruenen-teufel.de: could not connect to host
dieb.photo: could not connect to host
diejanssens.net: did not receive HSTS header
-diemogebhardt.com: did not receive HSTS header
+diemogebhardt.com: could not connect to host
dierabenmutti.de: max-age too low: 7776000
dierencompleet.nl: did not receive HSTS header
dierenkruiden.nl: did not receive HSTS header
@@ -4493,16 +4656,18 @@ dietagespresse.com: did not receive HSTS header
diewebstube.de: could not connect to host
diezel.com: could not connect to host
diferenca.com: did not receive HSTS header
+diff2html.xyz: did not receive HSTS header
diggable.co: max-age too low: 2592000
digihyp.ch: did not receive HSTS header
digikol.net: could not connect to host
diginota.com: did not receive HSTS header
+digired.ro: could not connect to host
digired.xyz: could not connect to host
digital1world.com: did not receive HSTS header
digitalbank.kz: could not connect to host
-digitalcloud.ovh: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+digitalcloud.ovh: could not connect to host
digitalcuko.com: did not receive HSTS header
-digitaldaddy.net: did not receive HSTS header
+digitaldaddy.net: could not connect to host
digitalero.rip: did not receive HSTS header
digitalewelten.de: could not connect to host
digitalexhale.com: did not receive HSTS header
@@ -4528,20 +4693,22 @@ dim.lighting: could not connect to host
dimensionen.de: did not receive HSTS header
dimes.com.tr: did not receive HSTS header
dimitrisotiropoulosbooks.com: max-age too low: 7889238
-dimseklubben.dk: could not connect to host
din-tools.com: did not receive HSTS header
dinamoelektrik.com: could not connect to host
dingcc.com: could not connect to host
dingcc.org: could not connect to host
dingcc.xyz: could not connect to host
+dinge.xyz: did not receive HSTS header
dingelbob-schuhcreme.gq: could not connect to host
dingss.com: could not connect to host
dinkum.online: could not connect to host
+dinotopia.org.uk: did not receive HSTS header
dinotv.at: could not connect to host
dintillat.fr: could not connect to host
dinube.com: did not receive HSTS header
dionysus.se: could not connect to host
dipconsultants.com: could not connect to host
+direct2uk.com: max-age too low: 2592000
directhskincream.com: could not connect to host
directinsure.in: did not receive HSTS header
directme.ga: could not connect to host
@@ -4551,10 +4718,9 @@ directtwosolutions.org: could not connect to host
directwatertanks.co.uk: did not receive HSTS header
direnv.net: did not receive HSTS header
direwolfsoftware.ca: could not connect to host
-dirkwolf.de: could not connect to host
+dirips.com: did not receive HSTS header
dirtycat.ru: could not connect to host
disadattamentolavorativo.it: could not connect to host
-discipul.nl: did not receive HSTS header
disclosure.io: did not receive HSTS header
disco-crazy-world.de: could not connect to host
discord-chan.net: could not connect to host
@@ -4563,10 +4729,10 @@ discountmetaux.fr: did not receive HSTS header
discover-mercure.com: could not connect to host
discoveringdocker.com: could not connect to host
discoverrsv.com: did not receive HSTS header
+discoverucluelet.com: did not receive HSTS header
discoverwellness.center: could not connect to host
discovery.lookout.com: did not receive HSTS header
discoveryballoon.org: could not connect to host
-disking.co.uk: did not receive HSTS header
dislocated.de: did not receive HSTS header
disorderboutique.com: did not receive HSTS header
disruptivelabs.net: could not connect to host
@@ -4577,6 +4743,7 @@ distinctivephotography.com.au: could not connect to host
distinguishedwindows.co.uk: did not receive HSTS header
distractionco.de: did not receive HSTS header
distrilogservices.com: could not connect to host
+distro.re: did not receive HSTS header
ditch.ch: could not connect to host
ditrutoancau.vn: could not connect to host
dittvertshus.no: could not connect to host
@@ -4615,22 +4782,27 @@ dmenergy.ru: did not receive HSTS header
dmfd.net: could not connect to host
dmix.ca: could not connect to host
dmlogic.com: could not connect to host
+dmmkenya.co.ke: could not connect to host
dmtry.me: did not receive HSTS header
dmwall.cn: could not connect to host
dmz.ninja: could not connect to host
+dndesign.be: did not receive HSTS header
dnfc.rocks: could not connect to host
dnmaze.com: could not connect to host
dns-manager.info: did not receive HSTS header
dns.google.com: did not receive HSTS header (error ignored - included regardless)
dnsbird.net: could not connect to host
dnsbird.org: could not connect to host
-dnscrypt.org: max-age too low: 0
+dnscrypt.nl: could not connect to host
+dnscrypt.org: could not connect to host
dnsknowledge.com: did not receive HSTS header
dnsql.io: could not connect to host
+dnzz123.com: did not receive HSTS header
do-do.tk: could not connect to host
do-it.cz: could not connect to host
doak.io: did not receive HSTS header
dobet.in: could not connect to host
+dobrev.family: could not connect to host
doc-justice.com: did not receive HSTS header
docid.io: could not connect to host
dockerm.com: could not connect to host
@@ -4638,26 +4810,28 @@ dockerturkiye.com: could not connect to host
docket.news: could not connect to host
doclassworks.com: could not connect to host
doclot.io: could not connect to host
-docplexus.in: did not receive HSTS header
+docplexus.in: could not connect to host
docplexus.org: did not receive HSTS header
docset.io: could not connect to host
+docsoc.org.uk: could not connect to host
docufiel.com: could not connect to host
doculus.io: could not connect to host
documentations-sociales.com: could not connect to host
docxtemplater.com: did not receive HSTS header
doesmycodehavebugs.today: could not connect to host
doeswindowssuckforeveryoneorjustme.com: could not connect to host
-dogbox.se: could not connect to host
+dogbox.se: did not receive HSTS header
dogcratereview.info: could not connect to host
dogespeed.ga: could not connect to host
dogfi.sh: could not connect to host
doggieholic.net: could not connect to host
dognlife.com: could not connect to host
-dogoodbehappyllc.com: did not receive HSTS header
+dogoodbehappyllc.com: could not connect to host
dogprograms.net: could not connect to host
dohosting.ru: could not connect to host
dojifish.space: could not connect to host
dojin.nagoya: could not connect to host
+dokan-e.com: did not receive HSTS header
dokan.online: did not receive HSTS header
doked.io: could not connect to host
dokspot.cf: could not connect to host
@@ -4674,25 +4848,28 @@ dolt.xyz: could not connect to host
domaine-aigoual-cevennes.com: did not receive HSTS header
domainelaremejeanne.com: did not receive HSTS header
domaris.de: did not receive HSTS header
+domasazu.pl: did not receive HSTS header
domen-reg.ru: could not connect to host
domengrad.ru: did not receive HSTS header
domenicocatelli.com: did not receive HSTS header
domfee.com: could not connect to host
dominikanskarepubliken.guide: could not connect to host
dominioanimal.com: could not connect to host
+dominioanimal.com.br: could not connect to host
dominique-mueller.de: could not connect to host
domytermpaper.com: could not connect to host
don.yokohama: could not connect to host
-donateway.com: did not receive HSTS header
dong8.top: could not connect to host
dongjingre.net: could not connect to host
donhoward.org: did not receive HSTS header
donlydental.ca: did not receive HSTS header
donmez.uk: could not connect to host
donmez.ws: could not connect to host
+donna-bellini-business-fotografie-muenchen.de: did not receive HSTS header
donotspampls.me: could not connect to host
donotspellitgav.in: did not receive HSTS header
donpaginasweb.com: did not receive HSTS header
+donpomodoro.com.co: did not receive HSTS header
donsbach-edv.de: did not receive HSTS header
donthedragonwilson.com: could not connect to host
donttrustrobots.nl: could not connect to host
@@ -4705,6 +4882,7 @@ doomleika.com: did not receive HSTS header
doooonoooob.com: could not connect to host
doopdidoop.com: did not receive HSTS header
door.cards: could not connect to host
+dopfer-fenstertechnik.de: did not receive HSTS header
dopost.it: could not connect to host
doriginal.es: did not receive HSTS header
dorkfarm.com: did not receive HSTS header
@@ -4735,13 +4913,10 @@ downsouthweddings.com.au: did not receive HSTS header
doxcelerate.com: could not connect to host
doyoulyft.com: could not connect to host
dpangerl.de: did not receive HSTS header
-dps.srl: did not receive HSTS header
dpsart.it: did not receive HSTS header
dr-knirr.de: could not connect to host
-dr2dr.ca: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
drabben.be: did not receive HSTS header
drabbin.com: could not connect to host
-dragfiles.com: could not connect to host
draghive.club: did not receive HSTS header
draghive.net: could not connect to host
draghive.photos: did not receive HSTS header
@@ -4757,14 +4932,18 @@ drakefortreasurer.sexy: could not connect to host
drakensberg-tourism.com: did not receive HSTS header
drakfot.se: could not connect to host
dralexjimenez.com: did not receive HSTS header
+dranek.com: max-age too low: 2592000
drastosasports.com.br: could not connect to host
drawvesly.ovh: did not receive HSTS header
drbarnabus.com: could not connect to host
+drdavidgilpin.com: did not receive HSTS header
drdevil.ru: could not connect to host
+drdim.ru: could not connect to host
dreadbyte.com: could not connect to host
dreadd.org: could not connect to host
dreamaholic.club: could not connect to host
dreamcatcherblog.de: could not connect to host
+dreamersgiftshopec.com: could not connect to host
dreaming.solutions: could not connect to host
dreamlighteyeserum.com: could not connect to host
dreamsforabetterworld.com.au: did not receive HSTS header
@@ -4776,6 +4955,7 @@ drewgle.net: could not connect to host
drhopeson.com: did not receive HSTS header
drillnation.com.au: could not connect to host
drinknaturespower.com: could not connect to host
+drinkplanet.eu: could not connect to host
drinkvabeer.com: could not connect to host
dripdoctors.com: did not receive HSTS header
drishti.guru: could not connect to host
@@ -4783,8 +4963,6 @@ drive.xyz: could not connect to host
drivercopilot.com: did not receive HSTS header
drivewithstatetransit.com.au: did not receive HSTS header
driving-lessons.co.uk: could not connect to host
-drixn.cn: could not connect to host
-drixn.com: could not connect to host
drixn.info: could not connect to host
drixn.net: could not connect to host
drlazarina.net: did not receive HSTS header
@@ -4793,6 +4971,8 @@ drogoz.moe: could not connect to host
droidboss.com: did not receive HSTS header
droithxn.com: could not connect to host
droncentrum.pl: could not connect to host
+dronebotworkshop.com: did not receive HSTS header
+dronexpertos.com: could not connect to host
droomhuis-in-brielle-kopen.nl: could not connect to host
droomhuis-in-de-friese-meren-kopen.nl: could not connect to host
droomhuis-in-delfzijl-kopen.nl: could not connect to host
@@ -4808,7 +4988,7 @@ droomhuisindestadverkopen.nl: could not connect to host
droomhuisophetplattelandverkopen.nl: could not connect to host
dropcam.com: did not receive HSTS header
drostschocolates.com: did not receive HSTS header
-drpure.pw: did not receive HSTS header
+drpure.pw: could not connect to host
drtroyhendrickson.com: could not connect to host
drtti.io: could not connect to host
drturner.com.au: did not receive HSTS header
@@ -4816,32 +4996,40 @@ drubn.de: could not connect to host
drugagodba.si: did not receive HSTS header
drumbandesperanto.nl: could not connect to host
drump-truck.com: did not receive HSTS header
+drunkscifi.com: could not connect to host
drupal123.com: could not connect to host
druznek.rocks: could not connect to host
druznek.xyz: could not connect to host
+drvr.xyz: could not connect to host
drybasement.com: did not receive HSTS header
drybasementkansas.com: did not receive HSTS header
drycreekapiary.com: could not connect to host
ds-christiansen.de: could not connect to host
dshiv.io: could not connect to host
-dsouzamusic.com: could not connect to host
+dsne.com.mx: could not connect to host
+dsouzamusic.com: did not receive HSTS header
+dsrw.org: max-age too low: 1576800
dsuinnovation.com: could not connect to host
dsyunmall.com: did not receive HSTS header
+dtechstore.com.br: did not receive HSTS header
dtub.co: could not connect to host
dualias.xyz: could not connect to host
duan.li: could not connect to host
+dubai-company.ae: could not connect to host
dubaosheng.com: could not connect to host
dubik.su: did not receive HSTS header
+duchyoffeann.com: could not connect to host
+duckasylum.com: did not receive HSTS header
duckyubuntu.tk: could not connect to host
ducohosting.com: did not receive HSTS header
dudesunderwear.com.br: could not connect to host
duelsow.eu: could not connect to host
duelysthub.com: could not connect to host
-duerls.de: could not connect to host
+duerls.de: did not receive HSTS header
dugnet.tech: could not connect to host
dujsq.com: could not connect to host
dujsq.top: could not connect to host
-dukec.me: did not receive HSTS header
+dukec.me: could not connect to host
dukefox.com: could not connect to host
duks.com.br: did not receive HSTS header
dullsir.com: did not receive HSTS header
@@ -4851,16 +5039,14 @@ dunashoes.com: could not connect to host
dune.io: did not receive HSTS header
dunea.nl: did not receive HSTS header
dung-massage.fr: did not receive HSTS header
+dunklau.fr: could not connect to host
duo.money: could not connect to host
duocircle.com: did not receive HSTS header
duole30.com: could not connect to host
duongpho.com: did not receive HSTS header
durangoenergyllc.com: could not connect to host
-durchblick-shop.de: could not connect to host
-durexwinkel.nl: could not connect to host
dushu.cat: could not connect to host
duskopy.top: could not connect to host
-dutchessuganda.com: did not receive HSTS header
dutchrank.com: did not receive HSTS header
dutyfreeonboard.com: did not receive HSTS header
duuu.ch: could not connect to host
@@ -4870,20 +5056,17 @@ dwellstudio.com: did not receive HSTS header
dwhd.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
dwnld.me: could not connect to host
dycem-ns.com: did not receive HSTS header
-dycoa.com: could not connect to host
dycontrol.de: could not connect to host
-dylancl.cf: could not connect to host
dylanscott.com.au: did not receive HSTS header
dynamic-innovations.net: could not connect to host
dynamic-networks.be: could not connect to host
dynamize.solutions: did not receive HSTS header
dyncdn.me: could not connect to host
dynts.pro: could not connect to host
-dyz.pw: could not connect to host
+dyz.pw: did not receive HSTS header
dziekonski.com: could not connect to host
dzimejl.sk: did not receive HSTS header
dzlibs.io: could not connect to host
-dzndk.com: could not connect to host
dzndk.net: could not connect to host
dzndk.org: could not connect to host
dzytdl.com: did not receive HSTS header
@@ -4926,6 +5109,7 @@ earlybirdsnacks.com: could not connect to host
earth-people.org: could not connect to host
earthrise16.com: could not connect to host
easew.com: could not connect to host
+eason-yang.com: could not connect to host
east-line.su: could not connect to host
eastcoastbubbleandbounce.co.uk: could not connect to host
eastcoastinflatables.co.uk: did not receive HSTS header
@@ -4935,10 +5119,9 @@ eastmontgroup.com: did not receive HSTS header
eastpeoria-il.gov: could not connect to host
easy-factures.fr: could not connect to host
easychiller.org: could not connect to host
+easycontentplan.com: could not connect to host
easykonto.de: could not connect to host
-easykraamzorg.nl: did not receive HSTS header
easyplane.it: did not receive HSTS header
-easypv.ch: could not connect to host
easyreal.ru: could not connect to host
easyschools.org: did not receive HSTS header
easysimplecrm.com: could not connect to host
@@ -4959,27 +5142,31 @@ ebolsa.com.br: did not receive HSTS header
ebolsas.com.br: did not receive HSTS header
ebooksgratuits.org: could not connect to host
ebop.ch: could not connect to host
-ebp2p.com: did not receive HSTS header
+ebp2p.com: could not connect to host
ebraph.com: could not connect to host
ebrowz.com: could not connect to host
-ecake.in: could not connect to host
+ec-baran.de: could not connect to host
+ecake.in: did not receive HSTS header
ecc-kaufbeuren.de: could not connect to host
eccux.com: could not connect to host
ecelembrou.ovh: could not connect to host
ecfs.link: could not connect to host
ecg.fr: could not connect to host
echipstore.com: did not receive HSTS header
-echo.cc: could not connect to host
echoactive.com: max-age too low: 7776000
echomanchester.net: could not connect to host
eckro.com: could not connect to host
+eco-wiki.com: could not connect to host
+ecobrain.be: max-age too low: 0
ecole-en-danger.fr: could not connect to host
ecole-iaf.fr: could not connect to host
ecole-maternelle-saint-joseph.be: could not connect to host
ecolesrec.ch: did not receive HSTS header
ecology-21.ru: did not receive HSTS header
ecomlane.com: could not connect to host
+ecommercestore.net.br: could not connect to host
ecomparemo.com: did not receive HSTS header
+ecompen.co.za: could not connect to host
econativa.pt: could not connect to host
economy.st: did not receive HSTS header
economycarrentalscyprus.com: could not connect to host
@@ -5004,11 +5191,9 @@ edgecustomersportal.com: could not connect to host
edgereinvent.com: did not receive HSTS header
edh.email: did not receive HSTS header
edhrealtor.com: did not receive HSTS header
-edilservizi.it: did not receive HSTS header
-edilservizivco.it: did not receive HSTS header
edisonchee.com: did not receive HSTS header
edissecurity.sk: did not receive HSTS header
-edition-pommern.com: did not receive HSTS header
+edition-pommern.com: max-age too low: 86400
editoraacademiacrista.com.br: could not connect to host
edix.ru: could not connect to host
edk.com.tr: did not receive HSTS header
@@ -5023,7 +5208,7 @@ educatoys.com.br: could not connect to host
educatweb.de: did not receive HSTS header
educnum.fr: did not receive HSTS header
educourse.ga: could not connect to host
-eduif.nl: could not connect to host
+eduif.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
eduvance.in: did not receive HSTS header
ee-terminals.com: could not connect to host
eeb98.com: could not connect to host
@@ -5046,27 +5231,27 @@ eenhoorn.ga: could not connect to host
eeqj.com: did not receive HSTS header
eesistumine2017.ee: could not connect to host
eez.ee: could not connect to host
-ef-georgia.org: could not connect to host
effectiveosgi.com: could not connect to host
effectivepapers.com: could not connect to host
efficienthealth.com: could not connect to host
eftcorp.biz: did not receive HSTS header
-egbert.net: could not connect to host
egfl.org.uk: did not receive HSTS header
egge.com: max-age too low: 0
egit.co: could not connect to host
-eglek.com: did not receive HSTS header
-ego-world.org: did not receive HSTS header
+eglek.com: could not connect to host
+ego-world.org: could not connect to host
egupova.ru: did not receive HSTS header
+ehcommerce.com: did not receive HSTS header
ehealthcounselor.com: could not connect to host
ehipaadev.com: could not connect to host
ehito.ovh: could not connect to host
+ehr.gov: could not connect to host
ehrenamt-skpfcw.de: could not connect to host
ehrlichesbier.de: could not connect to host
+ehseller.com: did not receive HSTS header
ehuber.info: could not connect to host
eicfood.com: could not connect to host
eidolonhost.com: did not receive HSTS header
-eifelindex.de: did not receive HSTS header
eiga-movie.com: max-age too low: 0
eigenbubi.de: could not connect to host
eightyfour.ca: could not connect to host
@@ -5093,13 +5278,13 @@ elan-organics.com: did not receive HSTS header
elanguest.pl: could not connect to host
elanguest.ro: could not connect to host
elanguest.ru: could not connect to host
-elarvee.xyz: could not connect to host
elaxy-online.de: could not connect to host
elbaal.gov: did not receive HSTS header
elblein.de: did not receive HSTS header
+elblogdegoyo.mx: max-age too low: 2592000
elbohlyart.com: did not receive HSTS header
+eldevo.com: could not connect to host
eldietista.es: could not connect to host
-eldisagjapi.com: could not connect to host
eldisagjapi.de: could not connect to host
elearningpilot.com: did not receive HSTS header
electicofficial.com: did not receive HSTS header
@@ -5108,7 +5293,9 @@ electricant.com: did not receive HSTS header
electricant.nl: did not receive HSTS header
electriccitysf.com: could not connect to host
electrician-umhlanga.co.za: did not receive HSTS header
+electrician-umhlangaridge.co.za: did not receive HSTS header
electricianforum.co.uk: did not receive HSTS header
+electricianlalucia.co.za: did not receive HSTS header
electricianumhlangarocks.co.za: did not receive HSTS header
electricoperaduo.com: did not receive HSTS header
electromc.com: could not connect to host
@@ -5125,7 +5312,6 @@ elenoon.ir: max-age too low: 1
elenorsmadness.org: could not connect to host
eleonorengland.com: did not receive HSTS header
elestanteliterario.com: did not receive HSTS header
-eletesstilus.hu: could not connect to host
elevateandprosper.com: could not connect to host
elgacien.de: could not connect to host
elguillatun.cl: did not receive HSTS header
@@ -5141,7 +5327,7 @@ elite-box.org: did not receive HSTS header
elite-porno.ru: could not connect to host
elitecovering.fr: did not receive HSTS header
elitefishtank.com: could not connect to host
-elitesensual.com.br: could not connect to host
+elitesensual.com.br: did not receive HSTS header
elizeugomes.com.br: did not receive HSTS header
ellen-skye.de: max-age too low: 604800
elliff.net: did not receive HSTS header
@@ -5153,11 +5339,14 @@ elnutricionista.es: could not connect to host
elo.fyi: could not connect to host
elohna.ch: did not receive HSTS header
elonbase.com: could not connect to host
+elonm.ru: could not connect to host
+eloxt.com: could not connect to host
elpay.kz: did not receive HSTS header
elpo.xyz: could not connect to host
elsamakhin.com: could not connect to host
elsemanario.com: did not receive HSTS header
elsensohn.ch: did not receive HSTS header
+elsignificadodesonar.com: did not receive HSTS header
elsitar.com: could not connect to host
elsword.moe: could not connect to host
eltransportquevolem.org: could not connect to host
@@ -5211,19 +5400,23 @@ emupedia.net: did not receive HSTS header
emyself.info: could not connect to host
emyself.org: did not receive HSTS header
en4u.org: could not connect to host
+enaah.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
enaia.fr: did not receive HSTS header
encadrer-mon-enfant.com: did not receive HSTS header
encode.space: could not connect to host
encode.uk.com: did not receive HSTS header
encoder.pw: could not connect to host
encoderx.uk: could not connect to host
-encontrebarato.com.br: did not receive HSTS header
+encontrebarato.com.br: could not connect to host
+encore.io: could not connect to host
encrypted.google.com: did not receive HSTS header (error ignored - included regardless)
encryptedaudience.com: could not connect to host
encryptio.com: could not connect to host
end.pp.ua: could not connect to host
endangeredwatch.com: could not connect to host
+ende-x.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
endlessdark.net: max-age too low: 600
+endlessdiy.ca: could not connect to host
endlesshorizon.net: could not connect to host
endlesstone.com: did not receive HSTS header
endofinternet.goip.de: could not connect to host
@@ -5237,30 +5430,32 @@ enecoshop.nl: did not receive HSTS header
enefan.jp: could not connect to host
enelacto.com: did not receive HSTS header
energethik-tulln.at: did not receive HSTS header
+energisammenslutningen.dk: could not connect to host
+energy.eu: did not receive HSTS header
enersaveapp.org: could not connect to host
enersec.co.uk: could not connect to host
enfoqueseguro.com: did not receive HSTS header
engineowning.com: did not receive HSTS header
enginx.cn: could not connect to host
+enginx.net: could not connect to host
englerts.de: did not receive HSTS header
englishclub.com: did not receive HSTS header
englishdirectory.de: could not connect to host
englishyamal.ru: did not receive HSTS header
enigmacpt.com: did not receive HSTS header
enigmail.net: did not receive HSTS header
+enixgaming.com: could not connect to host
enjen.net: did not receive HSTS header
enjoymayfield.com: max-age too low: 0
enjoystudio.ro: did not receive HSTS header
enlatte.com: could not connect to host
-enlazaresbueno.cl: did not receive HSTS header
+enlazaresbueno.cl: could not connect to host
enlightened.si: did not receive HSTS header
enoou.com: could not connect to host
enpalmademallorca.info: could not connect to host
ensemble-vos-idees.fr: could not connect to host
enskat.de: could not connect to host
enskatson-sippe.de: could not connect to host
-ensured.com: could not connect to host
-ensured.nl: could not connect to host
entaurus.com: could not connect to host
enteente.club: could not connect to host
enteente.com: could not connect to host
@@ -5282,13 +5477,14 @@ environment.ai: could not connect to host
envoutement-desenvoutement.com: did not receive HSTS header
envoyglobal.com: did not receive HSTS header
envoyworld.com: did not receive HSTS header
-envygeeks.com: could not connect to host
+envygeeks.com: did not receive HSTS header
envygeeks.io: did not receive HSTS header
eol34.com: could not connect to host
eoldb.org: could not connect to host
eolme.ml: could not connect to host
eonet.cc: did not receive HSTS header
eos-classic.io: could not connect to host
+eosol.services: could not connect to host
eosol.zone: could not connect to host
epanurse.com: could not connect to host
epave.paris: could not connect to host
@@ -5296,7 +5492,7 @@ epaygateway.net: could not connect to host
ephe.be: could not connect to host
ephry.com: could not connect to host
epicmc.games: could not connect to host
-epitesz.co: did not receive HSTS header
+epicsoft.de: could not connect to host
eposcloud.net: could not connect to host
eposmidlands.co.uk: could not connect to host
eposnewport.co.uk: did not receive HSTS header
@@ -5308,7 +5504,8 @@ epossussex.co.uk: could not connect to host
eposwales.co.uk: could not connect to host
epoxate.com: could not connect to host
eprofitacademy.com: did not receive HSTS header
-epulsar.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+epsorting.cz: did not receive HSTS header
+epulsar.ru: max-age too low: 604800
epvin.com: could not connect to host
eq8.net.au: could not connect to host
eqib.nl: did not receive HSTS header
@@ -5326,16 +5523,18 @@ equitee.co: did not receive HSTS header
equityflows.com: did not receive HSTS header
er-music.com: could not connect to host
erad.fr: could not connect to host
+erasmo.info: could not connect to host
erawanarifnugroho.com: did not receive HSTS header
erclab.kr: could not connect to host
erecciontotalal100.com: could not connect to host
+erectiepillenwinkel.nl: could not connect to host
erepublik-deutschland.de: did not receive HSTS header
eressea.xyz: could not connect to host
ericbond.net: could not connect to host
erichalv.com: could not connect to host
ericloud.tk: could not connect to host
ericorporation.com: did not receive HSTS header
-ericyl.com: did not receive HSTS header
+ericyl.com: could not connect to host
eriel.com.br: could not connect to host
erikwagner.de: did not receive HSTS header
erinlin.com: did not receive HSTS header
@@ -5344,25 +5543,24 @@ ernaehrungsberatung-rapperswil.ch: did not receive HSTS header
ernaehrungsberatung-zurich.ch: could not connect to host
ernesto.at: could not connect to host
eroimatome.com: could not connect to host
+eroma.com.au: did not receive HSTS header
eromixx.com: could not connect to host
eromon.net: could not connect to host
erotalia.es: could not connect to host
erotic4me.ch: did not receive HSTS header
-eroticforce.com: could not connect to host
erotische-aanbiedingen.nl: could not connect to host
erotpo.cz: could not connect to host
erpiv.com: could not connect to host
errolz.com: did not receive HSTS header
errors.zenpayroll.com: could not connect to host
erspro.net: could not connect to host
-ervaarjapan.nl: did not receive HSTS header
+eruvalerts.com: did not receive HSTS header
erwinvanlonden.net: did not receive HSTS header
es888.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
es8888.net: could not connect to host
es888999.com: could not connect to host
es999.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
es9999.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-esafar.cz: did not receive HSTS header
esb-in.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
esb-top.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
esb-top.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -5427,7 +5625,7 @@ esb777.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR
esb777.us: could not connect to host
esb886.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
esb888.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-esb8886.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+esb8886.com: could not connect to host
esb9527.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
esb9588.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
esb9588.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -5478,7 +5676,7 @@ escolaengenharia.com.br: did not receive HSTS header
escort-byuro.net: could not connect to host
escort-fashion.com: could not connect to host
escortdisplay.com: could not connect to host
-escortshotsexy.com: could not connect to host
+escortshotsexy.com: did not receive HSTS header
escotour.com: did not receive HSTS header
escueladewordpress.com: did not receive HSTS header
esec.rs: did not receive HSTS header
@@ -5521,8 +5719,7 @@ esseriumani.com: could not connect to host
essexghosthunters.co.uk: did not receive HSTS header
essplusmed.org: could not connect to host
estaciona.guru: could not connect to host
-estaleiro.org: could not connect to host
-estan.cn: could not connect to host
+estan.cn: did not receive HSTS header
estebanborges.com: did not receive HSTS header
estespr.com: did not receive HSTS header
estetistarimini.it: did not receive HSTS header
@@ -5533,11 +5730,12 @@ estudio21pattern.com: could not connect to host
estudioamazonico.com: could not connect to host
et-buchholz.de: could not connect to host
et180.com: could not connect to host
+etalent.net: did not receive HSTS header
etangs-magazine.com: could not connect to host
etaoinwu.tk: could not connect to host
etdonline.co.uk: did not receive HSTS header
eteapparel.com: did not receive HSTS header
-etenendrinken.nu: could not connect to host
+etenendrinken.nu: did not receive HSTS header
eternalsymbols.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
eternitylove.us: could not connect to host
eth9.net: could not connect to host
@@ -5546,8 +5744,9 @@ ethanfaust.com: did not receive HSTS header
ethanlew.is: could not connect to host
ethantskinner.com: did not receive HSTS header
ether.school: could not connect to host
+etherderbies.com: could not connect to host
etheria-software.tk: did not receive HSTS header
-ethicalexploiting.com: did not receive HSTS header
+ethicalexploiting.com: could not connect to host
ethicall.org.uk: did not receive HSTS header
ethicaltek.com: could not connect to host
ethil-faer.fr: could not connect to host
@@ -5566,7 +5765,7 @@ etula.ga: did not receive HSTS header
etula.me: could not connect to host
etys.no: did not receive HSTS header
euanbaines.com: did not receive HSTS header
-eucl3d.com: did not receive HSTS header
+eucl3d.com: could not connect to host
euclideanpostulates.xyz: could not connect to host
eucollegetours.com: could not connect to host
euexia.fr: could not connect to host
@@ -5581,6 +5780,7 @@ eupho.me: could not connect to host
eupresidency2018.com: could not connect to host
euren.se: could not connect to host
eurocamping.se: could not connect to host
+eurocomcompany.cz: could not connect to host
euroescortguide.com: could not connect to host
europapier.at: did not receive HSTS header
europapier.ba: did not receive HSTS header
@@ -5598,6 +5798,7 @@ eurospecautowerks.com: did not receive HSTS header
eurostrategy.vn.ua: could not connect to host
euvo.tk: could not connect to host
evades.io: did not receive HSTS header
+evangelosm.com: could not connect to host
evanhandgraaf.nl: did not receive HSTS header
evankurniawan.com: did not receive HSTS header
evanreev.es: could not connect to host
@@ -5608,14 +5809,12 @@ evdenevenakliyatankara.pw: could not connect to host
evecalm.com: did not receive HSTS header
evedanjailbreak.com: could not connect to host
evegalaxy.net: could not connect to host
-evemodx.com: did not receive HSTS header
evenstar-gaming.com: could not connect to host
event64.ru: did not receive HSTS header
eventmake.es: could not connect to host
eventplace.me: did not receive HSTS header
events12.com: did not receive HSTS header
eventsafrica.net: did not receive HSTS header
-everitoken.io: did not receive HSTS header
everyarti.st: could not connect to host
everybooks.com: could not connect to host
everydaytherich.com: max-age too low: 7776000
@@ -5628,6 +5827,7 @@ eveseat.net: could not connect to host
eveshaiwu.com: could not connect to host
evi.be: did not receive HSTS header
evilbeasts.ru: could not connect to host
+evilcult.me: did not receive HSTS header
evileden.com: could not connect to host
evilnerd.de: did not receive HSTS header
evilness.nl: could not connect to host
@@ -5639,6 +5839,7 @@ evites.me: could not connect to host
evoludis.net: did not receive HSTS header
evolutionexpeditions.com: did not receive HSTS header
evomon.com: could not connect to host
+evonews.com: did not receive HSTS header
evossd.tk: could not connect to host
evowl.com: could not connect to host
ewallet-optimizer.com: did not receive HSTS header
@@ -5646,23 +5847,23 @@ ewex.org: could not connect to host
eworksmedia.com: could not connect to host
ewuchuan.com: could not connect to host
exampleessays.com: could not connect to host
+examplesu.com: could not connect to host
excelgum.ca: did not receive HSTS header
exceptionalbits.com: could not connect to host
exceptionalservices.us: could not connect to host
exchangecoordinator.com: could not connect to host
exchangeworks.co: did not receive HSTS header
+exclusivedesignz.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
exebouncycastles.co.uk: did not receive HSTS header
exembit.com: did not receive HSTS header
-exfiles.cz: did not receive HSTS header
+exfiles.cz: could not connect to host
exgaywatch.com: could not connect to host
exgravitus.com: could not connect to host
exno.co: could not connect to host
-exo.do: max-age too low: 0
+exnovin.co: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
exocen.com: could not connect to host
exoticads.com: could not connect to host
exousiakaidunamis.xyz: could not connect to host
-expancio.com: max-age too low: 0
-expanddigital.media: did not receive HSTS header
expatads.com: could not connect to host
expatriate.pl: did not receive HSTS header
expecting.com.br: could not connect to host
@@ -5670,25 +5871,22 @@ experticon.com: did not receive HSTS header
expertmile.com: did not receive HSTS header
experts-en-gestion.fr: did not receive HSTS header
explodingcamera.com: did not receive HSTS header
-exploit-db.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
expo-designers.com: did not receive HSTS header
-expokohler.com: could not connect to host
+expokohler.com: did not receive HSTS header
expoort.com.br: could not connect to host
exporo.de: did not receive HSTS header
expoundite.net: did not receive HSTS header
expowerhps.com: did not receive HSTS header
expressfinance.co.za: did not receive HSTS header
-extendwings.com: could not connect to host
exteriorservices.io: could not connect to host
extramoney.cash: could not connect to host
extrathemeshowcase.net: could not connect to host
extratorrent.cool: did not receive HSTS header
-extratorrent.fyi: max-age too low: 0
-extratorrent.red: max-age too low: 0
+extratorrent.fyi: could not connect to host
+extratorrent.red: could not connect to host
extratorrent.world: could not connect to host
extratorrentlive.xyz: could not connect to host
extratorrents.tech: could not connect to host
-extreemhost.nl: did not receive HSTS header
extremenetworking.net: could not connect to host
extremeservicesandrestoration.com: could not connect to host
exy.pw: could not connect to host
@@ -5696,7 +5894,7 @@ eyasc.nl: did not receive HSTS header
eyedarts.com: did not receive HSTS header
eyeglassuniverse.com: did not receive HSTS header
eyenote.gov: did not receive HSTS header
-eyes-of-universe.eu: did not receive HSTS header
+eyes-of-universe.eu: could not connect to host
eyesoccer-didikh.rhcloud.com: could not connect to host
eyesonly.cc: did not receive HSTS header
eytosh.net: could not connect to host
@@ -5723,12 +5921,11 @@ fabhub.io: could not connect to host
fabian-kluge.de: could not connect to host
fabianasantiago.com: could not connect to host
fabianfischer.de: did not receive HSTS header
-fabianmunoz.com: could not connect to host
+fabianmunoz.com: did not receive HSTS header
fabienbaker.com: could not connect to host
fabled.com: did not receive HSTS header
fabriko.fr: did not receive HSTS header
fabriziorocca.com: could not connect to host
-fabrysociety.org: could not connect to host
fabulouslyyouthfulskin.com: could not connect to host
fabulouslyyouthfulskineyeserum.com: could not connect to host
facebattle.com: could not connect to host
@@ -5740,9 +5937,12 @@ facesnf.com: could not connect to host
fachschaft-informatik.de: did not receive HSTS header
facilitrak.com: could not connect to host
factorable.net: did not receive HSTS header
+factoringsolutions.co.uk: did not receive HSTS header
factorygw.com: did not receive HSTS header
factorypartsdirect.com: could not connect to host
+factureenlinea.com: could not connect to host
fadednet.com: could not connect to host
+fadeev.legal: did not receive HSTS header
fadilus.com: did not receive HSTS header
fads-center.online: could not connect to host
faeriecakes.be: could not connect to host
@@ -5759,6 +5959,7 @@ faizan.net: did not receive HSTS header
faizan.xyz: did not receive HSTS header
fakeletters.org: could not connect to host
faktura.pl: did not receive HSTS header
+falaland.com: did not receive HSTS header
falcibiosystems.org: did not receive HSTS header
falconwiz.com: did not receive HSTS header
falkp.no: did not receive HSTS header
@@ -5774,12 +5975,12 @@ famep.gov: could not connect to host
famer.me: could not connect to host
fameuxhosting.co.uk: could not connect to host
familie-sander.rocks: max-age too low: 600
-familie-sprink.de: could not connect to host
+familie-sprink.de: did not receive HSTS header
familie-zimmermann.at: could not connect to host
+familiegrottendieck.de: max-age too low: 7776000
familletouret.fr: did not receive HSTS header
famio.cn: did not receive HSTS header
-fanflow.com: did not receive HSTS header
-fanhouwan.com: did not receive HSTS header
+fanflow.com: could not connect to host
fansmade.art: could not connect to host
fant.dk: did not receive HSTS header
fantasticgardenersmelbourne.com.au: did not receive HSTS header
@@ -5812,9 +6013,9 @@ fasset.jp: could not connect to host
fastaim.de: could not connect to host
fastbackmbg.be: could not connect to host
fastbackmbm.be: could not connect to host
-fastcomcorp.com: did not receive HSTS header
fastcomcorp.net: did not receive HSTS header
fastconfirm.com: could not connect to host
+fastforwardsociety.nl: could not connect to host
fastograph.com: could not connect to host
fastopen.ml: could not connect to host
fastwebsites.com.br: did not receive HSTS header
@@ -5831,9 +6032,10 @@ fatzebra.com.au: max-age too low: 0
favorit.club: did not receive HSTS header
fawkex.me: could not connect to host
faxreader.net: could not connect to host
+fayntic.com: could not connect to host
fayolle.info: did not receive HSTS header
fbf.gov: did not receive HSTS header
-fbi.pw: could not connect to host
+fbi.pw: did not receive HSTS header
fbook.top: could not connect to host
fbox.li: could not connect to host
fcapartsdb.com: could not connect to host
@@ -5843,6 +6045,7 @@ fdj.im: could not connect to host
fdm.ro: did not receive HSTS header
fdt.name: did not receive HSTS header
feard.space: could not connect to host
+fecik.sk: did not receive HSTS header
fed51.com: could not connect to host
fedbizopps.gov: could not connect to host
fedemo.top: did not receive HSTS header
@@ -5856,14 +6059,13 @@ feeriedesign-event.com: could not connect to host
fefore.com: did not receive HSTS header
fegans.org.uk: did not receive HSTS header
feirlane.org: could not connect to host
-feisbed.com: could not connect to host
feist.io: could not connect to host
feitobrasilcosmeticos.com.br: did not receive HSTS header
felger-times.fr: could not connect to host
felgitscher.xyz: max-age too low: 2592000
+felisslovakia.sk: did not receive HSTS header
feliwyn.fr: did not receive HSTS header
felixhefner.de: did not receive HSTS header
-felixqu.com: did not receive HSTS header
felixrr.pro: could not connect to host
femaledom.xyz: could not connect to host
femdombbw.com: could not connect to host
@@ -5884,7 +6086,7 @@ fernangp.com: could not connect to host
fernseher-kauf.de: could not connect to host
ferrolatino.com: could not connect to host
feschiyan.com: could not connect to host
-festember.com: did not receive HSTS header
+festember.com: could not connect to host
festival.house: did not receive HSTS header
festivalxdentro.com: did not receive HSTS header
festrip.com: could not connect to host
@@ -5898,7 +6100,9 @@ fexmen.com: did not receive HSTS header
ff-bg.xyz: could not connect to host
ffh.me: could not connect to host
ffl123.com: did not receive HSTS header
+ffsociety.nl: could not connect to host
fgequipamentos.com.br: did not receive HSTS header
+fhg90.com: could not connect to host
fhsseniormens.club: could not connect to host
fi-sanki.co.jp: could not connect to host
fibrasynormasdecolombia.com: did not receive HSTS header
@@ -5910,16 +6114,16 @@ fideleslaici.com: did not receive HSTS header
fieldclockapp.com: did not receive HSTS header
fieldtalk.co.uk: could not connect to host
fiendishmasterplan.com: did not receive HSTS header
-fierman.eu: could not connect to host
-fierman.net: could not connect to host
-fierman.us: could not connect to host
+fierman.eu: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+fierman.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+fierman.us: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
fiftyshadesofluca.ml: could not connect to host
fig.co: did not receive HSTS header
fig.ms: could not connect to host
fightr.co: could not connect to host
figura.cz: did not receive HSTS header
figura.im: did not receive HSTS header
-figuurzagers.nl: could not connect to host
+figuurzagers.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
fiksel.info: could not connect to host
fikt.space: could not connect to host
filamentia.nl: could not connect to host
@@ -5934,6 +6138,7 @@ filey.co.uk: did not receive HSTS header
filhomes.ph: could not connect to host
fillitupchallenge.eu: did not receive HSTS header
fillmysuitca.se: did not receive HSTS header
+film-storyboards.com: did not receive HSTS header
film.photography: did not receive HSTS header
film.photos: did not receive HSTS header
filmatiporno.xxx: could not connect to host
@@ -5972,6 +6177,7 @@ firebird.io: did not receive HSTS header
firefall.rocks: could not connect to host
firehost.com: did not receive HSTS header
fireinthedeep.com: could not connect to host
+firekoi.com: did not receive HSTS header
firemail.io: could not connect to host
fireorbit.de: did not receive HSTS header
firepeak.ru: could not connect to host
@@ -5985,6 +6191,7 @@ firstdogonthemoon.com.au: did not receive HSTS header
firstforex.co.uk: did not receive HSTS header
firstlook.org: did not receive HSTS header
fiscoeconti.it: did not receive HSTS header
+fishfinders.info: did not receive HSTS header
fiskestang.com: did not receive HSTS header
fit4medien.de: did not receive HSTS header
fitbylo.com: could not connect to host
@@ -5998,6 +6205,7 @@ fitshop.com.br: could not connect to host
fitsw.com: did not receive HSTS header
fiuxy.org: could not connect to host
five.vn: did not receive HSTS header
+fiveboosts.xyz: could not connect to host
fivestarsitters.com: did not receive HSTS header
fivestepfunnels.com: could not connect to host
fivezerocreative.com: did not receive HSTS header
@@ -6048,7 +6256,9 @@ flemingtonaudiparts.com: could not connect to host
fleurette.me: could not connect to host
fleursdesoleil.fr: did not receive HSTS header
flexdrukker.nl: could not connect to host
+fleximaal.com: could not connect to host
flexinvesting.fi: could not connect to host
+flextribly.xyz: could not connect to host
fliexer.com: could not connect to host
flightschoolusa.com: did not receive HSTS header
flikmsg.co: could not connect to host
@@ -6058,30 +6268,35 @@ flipbell.com: did not receive HSTS header
flipkey.com: did not receive HSTS header
flirchi.com: did not receive HSTS header
flirtycourts.com: did not receive HSTS header
+flixhaven.net: could not connect to host
flixtor.net: could not connect to host
flkrpxl.com: max-age too low: 86400
flood.io: did not receive HSTS header
floorball-haunwoehr.de: did not receive HSTS header
flopy.club: could not connect to host
florafiora.com.br: did not receive HSTS header
-florian-lillpopp.de: max-age too low: 10
+florian-lillpopp.de: did not receive HSTS header
florian-schlachter.de: did not receive HSTS header
-florianlillpopp.de: max-age too low: 10
+florianlillpopp.de: did not receive HSTS header
floridaderi.ru: did not receive HSTS header
floridaescapes.co.uk: did not receive HSTS header
florinapp.com: could not connect to host
florispoort.nl: did not receive HSTS header
floro.me: did not receive HSTS header
+floseed.fr: could not connect to host
flosserver.de: could not connect to host
floth.at: could not connect to host
flouartistique.ch: could not connect to host
flow.pe: could not connect to host
+flowcount.xyz: could not connect to host
flowerandplant.org: did not receive HSTS header
flowersandclouds.com: could not connect to host
floweslawncare.com: could not connect to host
flowlo.me: could not connect to host
flox.io: could not connect to host
floydm.com: did not receive HSTS header
+flucto.com: did not receive HSTS header
+flue-ducting.co.uk: did not receive HSTS header
flugplatz-edvc.de: could not connect to host
flugsportvereinigungcelle.de: did not receive HSTS header
flugstadplasticsurgery.com: did not receive HSTS header
@@ -6095,8 +6310,7 @@ flybunnyfly.dk: did not receive HSTS header
flygpost.com: did not receive HSTS header
flyingdoggy.net: could not connect to host
flyingspaghettimonsterdonationsfund.nl: could not connect to host
-flyingyoung.top: did not receive HSTS header
-flyp.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+flyingyoung.top: could not connect to host
flyspace.ga: did not receive HSTS header
flyspace.ml: did not receive HSTS header
flyss.net: could not connect to host
@@ -6120,6 +6334,7 @@ fol.tf: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAI
foliekonsulenten.dk: did not receive HSTS header
folioapp.io: could not connect to host
folkfests.org: did not receive HSTS header
+folwarkwiazy.pl: could not connect to host
fondanastasia.ru: did not receive HSTS header
fondy.ru: did not receive HSTS header
foneo.com: could not connect to host
@@ -6127,8 +6342,9 @@ fonetiq.io: could not connect to host
fontawesome.com: did not receive HSTS header
foo: could not connect to host
food4health.guide: could not connect to host
-foodacademy.capetown: could not connect to host
+foodacademy.capetown: max-age too low: 43200
foodbuddy.ch: could not connect to host
+foodcowgirls.com: could not connect to host
foodiebox.no: did not receive HSTS header
foodies.my: did not receive HSTS header
foodievenues.com: could not connect to host
@@ -6149,6 +6365,7 @@ fordshop.by: [Exception... "Component returned failure code: 0x80004005 (NS_ERRO
foreignexchangeresource.com: did not receive HSTS header
forestfinance.fr: did not receive HSTS header
foreveralone.io: could not connect to host
+foreverssl.com: could not connect to host
foreveryoung.pt: did not receive HSTS header
forex-dan.com: did not receive HSTS header
forex-plus.com: did not receive HSTS header
@@ -6159,12 +6376,16 @@ formadmin.com: did not receive HSTS header
formaliteo.com: did not receive HSTS header
formasdemaquillarse.com: did not receive HSTS header
formazioneopen.it: could not connect to host
+formbetter.com: could not connect to host
formersessalaries.com: did not receive HSTS header
+formkiq.com: could not connect to host
formula.cf: could not connect to host
forplanetsake.com: could not connect to host
forplayers.pl: could not connect to host
forquilhinhanoticias.com.br: did not receive HSTS header
forsyththeatre.com: could not connect to host
+fort.eu: did not receive HSTS header
+fortknox.cz: did not receive HSTS header
fortoglethorpega.gov: could not connect to host
fortricks.in: did not receive HSTS header
fortuna-loessnitz.de: could not connect to host
@@ -6179,8 +6400,9 @@ fossewayflowers.co.uk: could not connect to host
fossewayflowers.com: could not connect to host
fossewaygardencentre.co.uk: did not receive HSTS header
fossgruppen.se: did not receive HSTS header
-fossguard.com: could not connect to host
+fossguard.com: did not receive HSTS header
fotiu.com: could not connect to host
+foto-pro.by: did not receive HSTS header
fotoallerlei.com: did not receive HSTS header
fotocerita.net: could not connect to host
fotogiraffe.ru: did not receive HSTS header
@@ -6189,9 +6411,11 @@ fotopasja.info: could not connect to host
fotostravestisbr.com: could not connect to host
fourchin.net: could not connect to host
fourwheelpartloanssimple.com: did not receive HSTS header
+fox.my: could not connect to host
foxdev.io: could not connect to host
foxelbox.com: did not receive HSTS header
foxes.no: could not connect to host
+foxhound.com.br: could not connect to host
foxley-farm.co.uk: did not receive HSTS header
foxley-seeds.co.uk: did not receive HSTS header
foxleyseeds.co.uk: could not connect to host
@@ -6208,7 +6432,6 @@ fragnic.com: did not receive HSTS header
fralef.me: did not receive HSTS header
francesca-and-lucas.com: did not receive HSTS header
francevpn.xyz: could not connect to host
-franckgirard.net: could not connect to host
francois-vidit.com: did not receive HSTS header
frangor.info: did not receive HSTS header
frankedier.com: did not receive HSTS header
@@ -6217,6 +6440,7 @@ franklinhua.com: could not connect to host
fransallen.com: did not receive HSTS header
franta.biz: did not receive HSTS header
franta.email: did not receive HSTS header
+frantorregrosa.me: did not receive HSTS header
franzt.de: could not connect to host
franzt.ovh: could not connect to host
frasesaniversarios.com.br: did not receive HSTS header
@@ -6225,61 +6449,11 @@ frasys.cloud: max-age too low: 2592000
frasys.io: could not connect to host
fraudempire.com: could not connect to host
freakyamazing.com: could not connect to host
-freakyaweso.me: max-age too low: 86400
-freakyawesome.band: could not connect to host
-freakyawesome.blog: could not connect to host
-freakyawesome.ca: could not connect to host
-freakyawesome.club: could not connect to host
-freakyawesome.co: could not connect to host
-freakyawesome.co.uk: could not connect to host
-freakyawesome.com: could not connect to host
-freakyawesome.company: could not connect to host
-freakyawesome.email: could not connect to host
-freakyawesome.events: could not connect to host
-freakyawesome.fashion: could not connect to host
-freakyawesome.fitness: could not connect to host
-freakyawesome.fm: could not connect to host
-freakyawesome.fun: could not connect to host
-freakyawesome.fyi: could not connect to host
-freakyawesome.games: could not connect to host
-freakyawesome.guide: could not connect to host
-freakyawesome.guru: could not connect to host
-freakyawesome.in: could not connect to host
-freakyawesome.info: could not connect to host
-freakyawesome.io: could not connect to host
-freakyawesome.life: could not connect to host
-freakyawesome.live: could not connect to host
-freakyawesome.marketing: could not connect to host
-freakyawesome.me: could not connect to host
-freakyawesome.media: could not connect to host
+freakyawesome.ca: did not receive HSTS header
+freakyawesome.co.uk: did not receive HSTS header
+freakyawesome.com: max-age too low: 86400
+freakyawesome.in: did not receive HSTS header
freakyawesome.net: could not connect to host
-freakyawesome.network: could not connect to host
-freakyawesome.news: could not connect to host
-freakyawesome.online: could not connect to host
-freakyawesome.org: could not connect to host
-freakyawesome.photography: could not connect to host
-freakyawesome.photos: could not connect to host
-freakyawesome.press: could not connect to host
-freakyawesome.recipes: could not connect to host
-freakyawesome.rentals: could not connect to host
-freakyawesome.reviews: could not connect to host
-freakyawesome.services: could not connect to host
-freakyawesome.shop: could not connect to host
-freakyawesome.site: could not connect to host
-freakyawesome.social: could not connect to host
-freakyawesome.software: could not connect to host
-freakyawesome.solutions: could not connect to host
-freakyawesome.store: could not connect to host
-freakyawesome.team: could not connect to host
-freakyawesome.tips: could not connect to host
-freakyawesome.today: could not connect to host
-freakyawesome.tours: could not connect to host
-freakyawesome.tv: could not connect to host
-freakyawesome.video: could not connect to host
-freakyawesome.website: could not connect to host
-freakyawesome.work: could not connect to host
-freakyawesome.world: could not connect to host
-freakyawesome.xyz: could not connect to host
freakyawesomeblog.com: could not connect to host
freakyawesomeio.com: could not connect to host
freakyawesomemedia.com: could not connect to host
@@ -6291,16 +6465,19 @@ freakyawesometeam.com: could not connect to host
freakyawesometheme.com: could not connect to host
freakyawesomethemes.com: could not connect to host
freakyawesomewp.com: could not connect to host
+frebib.me: could not connect to host
freddythechick.uk: could not connect to host
-fredericcote.com: did not receive HSTS header
+frederickalcantara.com: could not connect to host
fredliang.cn: could not connect to host
+fredriksslekt.se: did not receive HSTS header
+free-your-pc.com: could not connect to host
free8.xyz: could not connect to host
freeasinlliure.org: did not receive HSTS header
freeassangenow.org: did not receive HSTS header
freeben666.fr: could not connect to host
+freebies.id: could not connect to host
freeblog.me: could not connect to host
freebookmakerbets.com.au: did not receive HSTS header
-freebus.org: could not connect to host
freedomrealtyoftexas.com: did not receive HSTS header
freedomvote.nl: could not connect to host
freeexampapers.com: could not connect to host
@@ -6308,37 +6485,36 @@ freeflow.tv: could not connect to host
freehao123.cn: could not connect to host
freejidi.com: could not connect to host
freekdevries.nl: did not receive HSTS header
+freelancecollab.com: could not connect to host
freelanced.co.za: could not connect to host
+freelanceshipping.com: did not receive HSTS header
freelandinnovation.com: did not receive HSTS header
freelansir.com: could not connect to host
freemanning.de: could not connect to host
-freematthale.net: did not receive HSTS header
+freematthale.net: could not connect to host
freeslots.guru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
freesoftwaredriver.com: could not connect to host
freesounding.com: did not receive HSTS header
freesounding.ru: did not receive HSTS header
-freesourcestl.org: did not receive HSTS header
-freesquare.net: did not receive HSTS header
freethought.org.au: could not connect to host
freeutopia.org: did not receive HSTS header
frenzel.dk: could not connect to host
freqlabs.com: did not receive HSTS header
freshfind.xyz: could not connect to host
-freshlymind.com: did not receive HSTS header
+freshkiss.com.au: did not receive HSTS header
+freshmaza.com: could not connect to host
freshmaza.io: did not receive HSTS header
frettboard.com: did not receive HSTS header
frezbo.com: could not connect to host
frforms.com: did not receive HSTS header
-frickelboxx.de: could not connect to host
frickenate.com: could not connect to host
fridaperfumaria.com.br: could not connect to host
friedhelm-wolf.de: could not connect to host
friendica.ch: could not connect to host
friendlyfiregameshow.com: could not connect to host
-friendship-quotes.co.uk: could not connect to host
+friendlysiberia.com: could not connect to host
friller.com.au: did not receive HSTS header
frimons.com: max-age too low: 7889238
-fringeintravel.com: did not receive HSTS header
fritteli.ch: did not receive HSTS header
frodriguez.xyz: could not connect to host
froehlich.it: did not receive HSTS header
@@ -6346,27 +6522,30 @@ froggstack.de: could not connect to host
frolov.net: could not connect to host
fromix.de: could not connect to host
fromlemaytoz.com: could not connect to host
+fromthesoutherncross.com: could not connect to host
front-end.dog: could not connect to host
+frontierdiscount.com: did not receive HSTS header
frontisme.nl: did not receive HSTS header
frontline.cloud: did not receive HSTS header
frontline6.com: did not receive HSTS header
frontmin.com: did not receive HSTS header
frost-ci.xyz: could not connect to host
-frostbytes.net: did not receive HSTS header
+frostbytes.net: could not connect to host
frosty-gaming.xyz: could not connect to host
frp-roleplay.de: could not connect to host
frprn.com: could not connect to host
frprn.xxx: could not connect to host
frsis2017.com: could not connect to host
frugal-millennial.com: did not receive HSTS header
-fruitscale.com: could not connect to host
fruitusers.com: could not connect to host
frumious.fyi: could not connect to host
frusky.net: could not connect to host
+fs-fitness.eu: could not connect to host
fs-gamenet.de: did not receive HSTS header
fsf.moe: could not connect to host
fsfi.is: could not connect to host
fsinf.at: did not receive HSTS header
+fsj4u.ch: did not receive HSTS header
fspphoto.com: could not connect to host
fsradio.eu: did not receive HSTS header
fsrs.gov: could not connect to host
@@ -6380,13 +6559,19 @@ ftgho.com: could not connect to host
ftpi.ml: could not connect to host
fu-li88.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
fu-li88.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+fu639.top: did not receive HSTS header
fuchsy.com: could not connect to host
fuckbilibili.com: could not connect to host
fuckcf.cf: could not connect to host
fuckgfw233.org: could not connect to host
+fuckobr.com: could not connect to host
+fuckobr.net: could not connect to host
+fuckobr.org: could not connect to host
fuckobr.ru: could not connect to host
+fuckobr.su: could not connect to host
fudanshi.org: could not connect to host
fuelministry.com: did not receive HSTS header
+fugamo.de: did not receive HSTS header
fugle.de: could not connect to host
fuitedeau.ch: could not connect to host
fujianshipbuilding.com: could not connect to host
@@ -6410,6 +6595,7 @@ fundacionfranciscofiasco.org: could not connect to host
fundacionhijosdelsol.org: could not connect to host
fundayltd.com: could not connect to host
funderburg.me: did not receive HSTS header
+funerariahogardecristo.cl: did not receive HSTS header
fungame.eu: did not receive HSTS header
funi4u.com: could not connect to host
funideas.org: could not connect to host
@@ -6418,6 +6604,7 @@ funkyweddingideas.com.au: could not connect to host
funnelweb.xyz: could not connect to host
funny-joke-pictures.com: did not receive HSTS header
funnyang.com: could not connect to host
+funoverip.net: could not connect to host
funrun.com: did not receive HSTS header
funtastic-event-hire.co.uk: did not receive HSTS header
funtastic.ie: could not connect to host
@@ -6425,23 +6612,22 @@ funtimebourne.co.uk: did not receive HSTS header
fuorifuocogenova.it: could not connect to host
furi.ga: could not connect to host
furiffic.com: did not receive HSTS header
+furikake.xyz: could not connect to host
furnation.com: could not connect to host
-furnishedproperty.com.au: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
furnitureconcept.co.uk: could not connect to host
furry.agency: could not connect to host
furry.be: did not receive HSTS header
furry.zone: did not receive HSTS header
-fursuitbutts.com: could not connect to host
furtherfood.com: did not receive HSTS header
furtivelook.com: did not receive HSTS header
fusedrops.com: did not receive HSTS header
fusionmate.com: could not connect to host
-fussell.io: could not connect to host
futa.agency: could not connect to host
futbol11.com: did not receive HSTS header
-futbolvivo.tv: did not receive HSTS header
+futbolvivo.tv: could not connect to host
futos.de: could not connect to host
futurefire.de: could not connect to host
+futurefundapp.com: could not connect to host
futuresonline.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
futurestarsusa.org: did not receive HSTS header
futuretechnologi.es: could not connect to host
@@ -6456,15 +6642,15 @@ fws.gov: did not receive HSTS header
fwww7.com: could not connect to host
fxgame.online: could not connect to host
fxpig-ib.com: could not connect to host
-fxtalk.cn: could not connect to host
fxwebstudio.com.au: max-age too low: 0
fyodorpi.com: did not receive HSTS header
fyol.pw: could not connect to host
fysiohaenraets.nl: did not receive HSTS header
fzn.io: did not receive HSTS header
-fzslm.me: did not receive HSTS header
+fzslm.me: could not connect to host
g-i-s.vn: did not receive HSTS header
-g-marketing.ro: did not receive HSTS header
+g-marketing.ro: could not connect to host
+g-o.pl: did not receive HSTS header
g-rickroll-o.pw: could not connect to host
g01.in.ua: could not connect to host
g1jeu.com: could not connect to host
@@ -6480,14 +6666,14 @@ gaasuper6.com: could not connect to host
gabber.scot: could not connect to host
gabethebabetv.com: could not connect to host
gabi.com.es: could not connect to host
-gabi.soy: could not connect to host
+gabi.soy: did not receive HSTS header
gabi.uno: could not connect to host
gablaxian.com: max-age too low: 2592000
gabriele-kluge.de: could not connect to host
+gabrielsimonet.ch: could not connect to host
gaelleetarnaud.com: did not receive HSTS header
gafachi.com: could not connect to host
gaichanh.com: did not receive HSTS header
-gailfellowsphotography.com: could not connect to host
gainesvillegoneaustin.org: did not receive HSTS header
gaiserik.com: did not receive HSTS header
gaite.me: did not receive HSTS header
@@ -6507,6 +6693,7 @@ galileomtz.com: did not receive HSTS header
gallery44.org: did not receive HSTS header
galoisvpn.xyz: could not connect to host
gam3rs.de: could not connect to host
+gamajo.com: did not receive HSTS header
gambitcloud.net: could not connect to host
game-files.net: did not receive HSTS header
game-gentle.com: could not connect to host
@@ -6542,6 +6729,9 @@ gametium.es: could not connect to host
gamhealth.net: could not connect to host
gamingmedia.eu: did not receive HSTS header
gamingreinvented.com: did not receive HSTS header
+gamisalya.com: did not receive HSTS header
+gamismodelbaru.com: did not receive HSTS header
+gamismu.com: did not receive HSTS header
gamoice.com: did not receive HSTS header
gampenhof.de: could not connect to host
gangnam-club.com: could not connect to host
@@ -6551,6 +6741,7 @@ ganyouxuan.com: could not connect to host
ganzgraph.de: did not receive HSTS header
gaon.network: could not connect to host
gaptek.id: did not receive HSTS header
+gar-nich.net: could not connect to host
garage-abri-chalet.fr: did not receive HSTS header
garage-door.pro: could not connect to host
garageon.net: did not receive HSTS header
@@ -6561,8 +6752,6 @@ garciniacambogiareviewed.co: did not receive HSTS header
garden-life.org: could not connect to host
garden.trade: could not connect to host
gardencarezone.com: did not receive HSTS header
-garethkirk.com: could not connect to host
-garethkirkreviews.com: could not connect to host
garfieldairlines.net: did not receive HSTS header
garten-bau.ch: did not receive HSTS header
garten-diy.de: could not connect to host
@@ -6570,6 +6759,7 @@ gartenhauszentrum.de: [Exception... "Component returned failure code: 0x80004005
gasbarkenora.com: could not connect to host
gasnews.net: could not connect to host
gasser-daniel.ch: did not receive HSTS header
+gassouthkenticoqa.azurewebsites.net: did not receive HSTS header
gastauftritt.net: did not receive HSTS header
gastritisolucion.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
gatapro.net: could not connect to host
@@ -6585,7 +6775,8 @@ gavick.com: did not receive HSTS header
gay-jays.com: could not connect to host
gay-sissies.com: could not connect to host
gaya-sa.org: did not receive HSTS header
-gaycc.cc: did not receive HSTS header
+gayauthors.org: could not connect to host
+gayforgenji.com: could not connect to host
gaygeeks.de: could not connect to host
gayjays.com: could not connect to host
gaysfisting.com: could not connect to host
@@ -6607,6 +6798,7 @@ gdz-otvety.com: could not connect to host
gear-acquisition-syndrome.community: could not connect to host
gearseo.com.br: did not receive HSTS header
geaskb.nl: could not connect to host
+geass.xyz: could not connect to host
geblitzt.de: did not receive HSTS header
gedankenbude.info: could not connect to host
gedankenworks.com: could not connect to host
@@ -6627,10 +6819,12 @@ geigr.de: could not connect to host
geiser.io: did not receive HSTS header
geldteveel.eu: could not connect to host
geli-graphics.com: did not receive HSTS header
+gem-info.fr: could not connect to host
gemeinfreie-lieder.de: did not receive HSTS header
gemsoftheworld.org: could not connect to host
gemuplay.com: could not connect to host
genemesservwparts.com: could not connect to host
+general-insurance.tk: could not connect to host
generalpants.com.au: did not receive HSTS header
generationnext.pl: could not connect to host
genesischangelog.com: could not connect to host
@@ -6644,17 +6838,19 @@ genshiken.org: could not connect to host
gensokyo.chat: could not connect to host
genuu.com: did not receive HSTS header
genuxation.com: could not connect to host
-genxbeats.com: did not receive HSTS header
+genxbeats.com: could not connect to host
+genxnotes.com: could not connect to host
genyaa.com: could not connect to host
genyhitch.com: did not receive HSTS header
geocommunicator.gov: could not connect to host
geoffanderinmyers.com: did not receive HSTS header
geoffdev.com: could not connect to host
geoffmyers.com: did not receive HSTS header
-geoffreyrichard.com: could not connect to host
+geoffreyrichard.com: did not receive HSTS header
geopals.net: did not receive HSTS header
-georgeperez.me: did not receive HSTS header
+georgeperez.me: could not connect to host
georgesonarthurs.com.au: did not receive HSTS header
+gepe.ch: did not receive HSTS header
gereja.ga: max-age too low: 1209600
gerencianet.com.br: did not receive HSTS header
gereon.ch: could not connect to host
@@ -6665,7 +6861,6 @@ gerum.dynv6.net: did not receive HSTS header
geschenkly.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
geschmackspiloten.de: did not receive HSTS header
gesiwista.net: did not receive HSTS header
-gestorehotel.com: did not receive HSTS header
gesunde-smoothies.de: did not receive HSTS header
gesundes-im-napf.de: did not receive HSTS header
get-asterisk.ru: could not connect to host
@@ -6718,6 +6913,7 @@ getsubs.net: could not connect to host
getwarden.net: could not connect to host
getwashdaddy.com: could not connect to host
getweloop.io: did not receive HSTS header
+getyou.onl: could not connect to host
getyourphix.tk: could not connect to host
gevaulug.fr: could not connect to host
gfbouncycastles.co.uk: did not receive HSTS header
@@ -6726,7 +6922,7 @@ gflclan.ru: could not connect to host
gfm.tech: could not connect to host
gfoss.gr: could not connect to host
gfw.moe: could not connect to host
-gfwno.win: did not receive HSTS header
+gfwno.win: could not connect to host
gfwsb.ml: could not connect to host
gglks.com: could not connect to host
ggobbo.com: could not connect to host
@@ -6734,7 +6930,7 @@ ggrks-asano.com: could not connect to host
ggss.cf: could not connect to host
ggss.ml: could not connect to host
gh16.com.ar: could not connect to host
-ghcif.de: did not receive HSTS header
+ghcif.de: could not connect to host
gheorghe-sarcov.ga: could not connect to host
gheorghesarcov.ga: could not connect to host
gheorghesarcov.tk: could not connect to host
@@ -6749,7 +6945,7 @@ gibraltar-firma.com: did not receive HSTS header
giddyaunt.net: could not connect to host
gidea.nu: could not connect to host
giduv.com: did not receive HSTS header
-giegler.software: did not receive HSTS header
+giegler.software: could not connect to host
giftbg.org: did not receive HSTS header
giftgofers.com: max-age too low: 2592000
giftservices.nl: did not receive HSTS header
@@ -6763,6 +6959,7 @@ gilescountytn.gov: did not receive HSTS header
gilgaz.com: did not receive HSTS header
gillet-cros.fr: could not connect to host
gilly.berlin: did not receive HSTS header
+gilpinrealty.com: did not receive HSTS header
gilroywestwood.org: did not receive HSTS header
gincher.net: did not receive HSTS header
gingali.de: did not receive HSTS header
@@ -6778,11 +6975,11 @@ gipsamsfashion.com: could not connect to host
gipsic.com: did not receive HSTS header
girlsgonesporty.com: could not connect to host
girlsnet.work: could not connect to host
-girsa.org: could not connect to host
gis3m.org: did not receive HSTS header
gisac.org: did not receive HSTS header
gistfy.com: could not connect to host
git-stuff.tk: could not connect to host
+git.ac.cn: could not connect to host
git.co: could not connect to host
gitar.io: could not connect to host
github.party: did not receive HSTS header
@@ -6804,12 +7001,12 @@ glenavy.tk: could not connect to host
glencambria.com: could not connect to host
glencoveny.gov: could not connect to host
glentakahashi.com: could not connect to host
-glicerina.online: did not receive HSTS header
+glicerina.online: could not connect to host
glittersjabloon.nl: did not receive HSTS header
glitzmirror.com: could not connect to host
glnpo.gov: could not connect to host
globalado.com: could not connect to host
-globalbridge-japan.com: could not connect to host
+globalbridge-japan.com: did not receive HSTS header
globalelite.black: did not receive HSTS header
globalexpert.co.nz: could not connect to host
globalgivingtime.com: could not connect to host
@@ -6821,7 +7018,6 @@ globalmusic.ga: could not connect to host
globalnewsdaily.cf: could not connect to host
globalnomadvintage.com: could not connect to host
globalperspectivescanada.com: could not connect to host
-globalresistancecorporation.com: could not connect to host
globalsites.nl: did not receive HSTS header
globaltennis.ca: could not connect to host
globalvisions-events.ch: could not connect to host
@@ -6832,6 +7028,7 @@ gloomyspark.com: could not connect to host
glotter.com: did not receive HSTS header
gloucesterphotographer.com: did not receive HSTS header
glubbforum.de: did not receive HSTS header
+gluecksgriff-taschen.de: could not connect to host
glutenfreiheit.at: could not connect to host
glws.org: did not receive HSTS header
gm-assicurazioni.it: could not connect to host
@@ -6840,7 +7037,7 @@ gmantra.org: max-age too low: 7776000
gmanukyan.com: could not connect to host
gmat.ovh: could not connect to host
gmoes.at: did not receive HSTS header
-gmplab.com: could not connect to host
+gmplab.com: did not receive HSTS header
gnaptracker.tk: could not connect to host
gnom.me: could not connect to host
gnosticjade.net: did not receive HSTS header
@@ -6855,7 +7052,6 @@ goaltree.ch: did not receive HSTS header
goapunks.net: did not receive HSTS header
goat.chat: did not receive HSTS header
goat.xyz: could not connect to host
-goatbot.xyz: could not connect to host
goben.ch: could not connect to host
goblins.net: did not receive HSTS header
goblinsatwork.com: could not connect to host
@@ -6867,6 +7063,7 @@ godbo9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR
godbo9.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
godesb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
godrealms.com: could not connect to host
+godruoyi.com: did not receive HSTS header
goedeke.ml: could not connect to host
goerner.me: did not receive HSTS header
goesta-hallenbau.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -6875,7 +7072,7 @@ gogenenglish.com: could not connect to host
gogetssl.com: did not receive HSTS header
goggs.eu: could not connect to host
gogold-g.com: could not connect to host
-goguel.org: could not connect to host
+goguel.org: did not receive HSTS header
goiaspropaganda.com.br: could not connect to host
gold24.in: could not connect to host
goldclubcasino.com: could not connect to host
@@ -6895,7 +7092,8 @@ gong8.win: could not connect to host
gonkar.com: did not receive HSTS header
gonzalesca.gov: did not receive HSTS header
gonzalosanchez.mx: did not receive HSTS header
-goodeats.nyc: did not receive HSTS header
+gooddomainna.me: could not connect to host
+goodeats.nyc: could not connect to host
goodfeels.net: could not connect to host
goodfurday.ca: could not connect to host
goodmengroup.de: did not receive HSTS header
@@ -6916,8 +7114,6 @@ gopay.cz: did not receive HSTS header
gopokego.cz: could not connect to host
goranrango.ch: could not connect to host
gordonobrecht.com: did not receive HSTS header
-gorf.chat: could not connect to host
-gorf.club: could not connect to host
gorgiaxx.com: could not connect to host
gorilla-gym.site: could not connect to host
gorillow.com: could not connect to host
@@ -6926,8 +7122,6 @@ gosharewood.com: did not receive HSTS header
goshop.cz: did not receive HSTS header
goshow.tv: could not connect to host
gostream.asia: could not connect to host
-gosuland.org: did not receive HSTS header
-got-tty.de: did not receive HSTS header
gotgenes.com: could not connect to host
goto.google.com: did not receive HSTS header (error ignored - included regardless)
gotobrno.cz: did not receive HSTS header
@@ -6945,6 +7139,7 @@ gouv.ovh: did not receive HSTS header
gov.ax: could not connect to host
goverage.org: could not connect to host
govillemo.ca: did not receive HSTS header
+govtjobs.blog: could not connect to host
gowin9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
gowin9.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
gozadentro.com: could not connect to host
@@ -6955,6 +7150,7 @@ gpga.cf: could not connect to host
gplintegratedit.com: could not connect to host
gpo.gov: did not receive HSTS header
gps.com.br: could not connect to host
+gpsarena.ro: could not connect to host
gpstuner.com: did not receive HSTS header
graavaapi.elasticbeanstalk.com: could not connect to host
grabi.ga: could not connect to host
@@ -6968,13 +7164,12 @@ gradenotify.com: could not connect to host
grads360.org: could not connect to host
gradsm-ci.net: could not connect to host
grafitec.ru: did not receive HSTS header
-grafmurr.de: could not connect to host
graftworld.pw: could not connect to host
grahamofthewheels.com: did not receive HSTS header
grana.com: did not receive HSTS header
grandchamproofing.com: did not receive HSTS header
grandlinecsk.ru: did not receive HSTS header
-grandmascookieblog.com: did not receive HSTS header
+grandmascookieblog.com: could not connect to host
grandmasfridge.org: did not receive HSTS header
grandwailea.com: did not receive HSTS header
granian.pro: could not connect to host
@@ -6982,10 +7177,12 @@ grantedby.me: max-age too low: 0
granth.io: could not connect to host
graph.no: did not receive HSTS header
graphified.nl: did not receive HSTS header
+graphire.io: could not connect to host
graphite.org.uk: could not connect to host
graphsearchengine.com: could not connect to host
gratis-app.com: did not receive HSTS header
gratisonlinesex.com: could not connect to host
+gravitation.pro: could not connect to host
gravito.nl: did not receive HSTS header
gravity-net.de: could not connect to host
graycell.net: could not connect to host
@@ -6998,6 +7195,11 @@ greatideahub.com: did not receive HSTS header
greatlengthshairextensionssalon.com: did not receive HSTS header
greatnet.de: did not receive HSTS header
greatsong.net: did not receive HSTS header
+greedbutt.com: could not connect to host
+green-light.cf: could not connect to host
+green-light.ga: could not connect to host
+green-light.gq: could not connect to host
+green-light.ml: could not connect to host
greencardtalent.com: could not connect to host
greenconn.ca: could not connect to host
greenenergysolution.uk: did not receive HSTS header
@@ -7014,6 +7216,7 @@ greenvpn.pro: did not receive HSTS header
greggsfoundation.org.uk: could not connect to host
gregmartyn.com: could not connect to host
gregmarziomedia.co.za: did not receive HSTS header
+gregmilton.com: could not connect to host
gregmilton.org: could not connect to host
gregorytlee.me: could not connect to host
grekland.guide: could not connect to host
@@ -7025,7 +7228,7 @@ grettogeek.com: did not receive HSTS header
greuel.online: could not connect to host
greve.xyz: could not connect to host
grevesgarten.de: could not connect to host
-greyhash.se: could not connect to host
+greybeards.ca: could not connect to host
greyline.se: could not connect to host
grian-bam.at: did not receive HSTS header
gribani.com: could not connect to host
@@ -7039,9 +7242,8 @@ gripopgriep.net: could not connect to host
gritte.net: could not connect to host
griyo.online: could not connect to host
groben-itsolutions.de: could not connect to host
-groenders.nl: could not connect to host
+groenders.nl: did not receive HSTS header
groenewoud.run: could not connect to host
-groenteclub.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
groentefruitzeep.com: could not connect to host
groentefruitzeep.nl: could not connect to host
groetzner.net: did not receive HSTS header
@@ -7049,6 +7251,7 @@ groseb.net: did not receive HSTS header
grossell.ru: could not connect to host
grossmann.gr: could not connect to host
grossmisconduct.news: could not connect to host
+grouchysysadmin.com: could not connect to host
groupe-cassous.com: did not receive HSTS header
groups.google.com: did not receive HSTS header (error ignored - included regardless)
grow-shop.ee: could not connect to host
@@ -7057,7 +7260,6 @@ grow-shop.lv: could not connect to host
growingmetrics.com: could not connect to host
grozip.com: did not receive HSTS header
gruelang.org: could not connect to host
-gruenderwoche-dresden.de: did not receive HSTS header
grumples.biz: did not receive HSTS header
grunex.com: did not receive HSTS header
grupopgn.com.br: could not connect to host
@@ -7070,12 +7272,15 @@ gs-net.at: could not connect to host
gsm-map.com: could not connect to host
gsmkungen.com: could not connect to host
gsnort.com: did not receive HSTS header
+gtalife.net: did not receive HSTS header
gtamodshop.org: could not connect to host
gtanda.tk: could not connect to host
+gtdgo.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
gtech.work: did not receive HSTS header
gtldna.com: could not connect to host
gtraxapp.com: could not connect to host
gts-schulsoftware.de: did not receive HSTS header
+gtts.space: did not receive HSTS header
guarajubaimoveis.com.br: did not receive HSTS header
guava.studio: did not receive HSTS header
gudangpangan.id: could not connect to host
@@ -7083,6 +7288,7 @@ gudrun.ml: could not connect to host
guelphhydropool.com: could not connect to host
guendra.dedyn.io: could not connect to host
guentherhouse.com: did not receive HSTS header
+gufen.ga: could not connect to host
guffrits.com: could not connect to host
gugaltika-ipb.org: could not connect to host
guge.gq: could not connect to host
@@ -7104,18 +7310,19 @@ gulenet.com: could not connect to host
gulfcoast-sandbox.com: could not connect to host
gulitsky.me: could not connect to host
gulleyperformancecenter.com: did not receive HSTS header
+gulshankumar.net: did not receive HSTS header
gumannp.de: did not receive HSTS header
gummibande.noip.me: could not connect to host
gunhunter.com: could not connect to host
guniram.com: did not receive HSTS header
gunnarhafdal.com: did not receive HSTS header
-gunnaro.com: could not connect to host
+gunnaro.com: did not receive HSTS header
guntbert.net: could not connect to host
guoqiang.info: did not receive HSTS header
-guphi.net: did not receive HSTS header
gurochan.ch: could not connect to host
gurom.lv: could not connect to host
gurubetng.com: did not receive HSTS header
+gurugardener.co.nz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
gurusupe.com: could not connect to host
gus.moe: could not connect to host
guso.gq: could not connect to host
@@ -7124,8 +7331,6 @@ guso.site: could not connect to host
guso.tech: could not connect to host
gussi.is: did not receive HSTS header
guthabenkarten-billiger.de: could not connect to host
-guts.me: did not receive HSTS header
-guts.moe: did not receive HSTS header
guvernalternativa.ro: could not connect to host
guyot-tech.com: did not receive HSTS header
gvchannel.xyz: could not connect to host
@@ -7136,6 +7341,7 @@ gvt2.com: could not connect to host (error ignored - included regardless)
gvt3.com: could not connect to host (error ignored - included regardless)
gw2oracle.com: could not connect to host
gw2reload.eu: could not connect to host
+gwa-verwaltung.de: did not receive HSTS header
gwijaya.com: could not connect to host
gwtest.us: could not connect to host
gxgx.org: could not connect to host
@@ -7165,15 +7371,14 @@ hablemosdetecnologia.com.ve: could not connect to host
hac30.com: could not connect to host
hack.cz: could not connect to host
hack.li: could not connect to host
-hackattack.com: did not receive HSTS header
hackbubble.me: could not connect to host
hacker.deals: could not connect to host
hacker8.cn: could not connect to host
hackercat.ninja: max-age too low: 2592000
-hackerchai.com: could not connect to host
-hackerco.com: did not receive HSTS header
hackerforever.com: did not receive HSTS header
+hackerlite.xyz: max-age too low: 0
hackerone-ext-adroll.com: could not connect to host
+hackerpoints.com: did not receive HSTS header
hackerspace-ntnu.no: did not receive HSTS header
hackest.org: did not receive HSTS header
hackingsafe.com: could not connect to host
@@ -7184,6 +7389,8 @@ hacksnack.io: could not connect to host
hackyourfaceoff.com: could not connect to host
hackzogtum-coburg.de: did not receive HSTS header
hadaf.pro: could not connect to host
+hadret.com: could not connect to host
+hadret.sh: could not connect to host
hadzic.co: could not connect to host
haeckdesign.com: did not receive HSTS header
haeckl.eu: did not receive HSTS header
@@ -7209,14 +7416,17 @@ hal-9th.space: could not connect to host
halcyonsbastion.com: could not connect to host
half-logic.eu.org: could not connect to host
halfwaythere.eu: could not connect to host
+halletienne.fr: could not connect to host
+halloweenthings.website: did not receive HSTS header
halo.red: could not connect to host
-halta.info: could not connect to host
+halta.info: did not receive HSTS header
halyul.cc: did not receive HSTS header
halyul.com: did not receive HSTS header
haman.nl: could not connect to host
hamish.ca: did not receive HSTS header
hamking.tk: could not connect to host
hammamsayad.com: could not connect to host
+hammer-corp.com: did not receive HSTS header
hamon.cc: did not receive HSTS header
hamu.blue: could not connect to host
hancatemc.com: did not receive HSTS header
@@ -7229,7 +7439,10 @@ handmadegobelin.com: did not receive HSTS header
handmadeshoes.pe: did not receive HSTS header
handmadetutorials.ro: could not connect to host
handsandall.com: did not receive HSTS header
+handyglas.com: could not connect to host
+handynummer.online: did not receive HSTS header
hanfu.la: could not connect to host
+hang333.moe: could not connect to host
hang333.pw: could not connect to host
hangar18-modelismo.com.br: could not connect to host
hanimalis.fr: could not connect to host
@@ -7250,7 +7463,6 @@ haobo6666.com: could not connect to host
haobo7777.com: could not connect to host
haomwei.com: could not connect to host
haoyugao.com: could not connect to host
-hapijs.cn: could not connect to host
hapissl.com: could not connect to host
hapivm.com: could not connect to host
happist.com: did not receive HSTS header
@@ -7261,7 +7473,7 @@ happyheartsabode.com: did not receive HSTS header
happytiger.eu: could not connect to host
hapsfordmill.co.uk: could not connect to host
hapvm.com: could not connect to host
-haqaza.com.br: could not connect to host
+haqaza.com.br: did not receive HSTS header
harambe.site: could not connect to host
harbourweb.net: did not receive HSTS header
hardline.xyz: could not connect to host
@@ -7274,7 +7486,6 @@ harlentimberproducts.co.uk: did not receive HSTS header
harmonycosmetic.com: max-age too low: 300
harrisonsdirect.co.uk: did not receive HSTS header
harristony.com: could not connect to host
-harry-baker.com: could not connect to host
harryharrison.co: did not receive HSTS header
harrypottereditor.com: could not connect to host
harrypottereditor.net: could not connect to host
@@ -7299,8 +7510,9 @@ hatcherlawgroupnm.com: did not receive HSTS header
hatethe.uk: could not connect to host
hatoko.net: could not connect to host
haufschild.de: could not connect to host
+hauntedfishtank.com: did not receive HSTS header
haurumcraft.net: could not connect to host
-hausarzt-stader-str.de: could not connect to host
+hausarzt-stader-str.de: did not receive HSTS header
hauswarteam.com: could not connect to host
hav.com: could not connect to host
haveeruexaminer.com: could not connect to host
@@ -7309,19 +7521,19 @@ haven.cloud: did not receive HSTS header
havenmoon.com: could not connect to host
havenswift-hosting.co.uk: did not receive HSTS header
hawk-la.com: could not connect to host
-hawkofgeorgia.com: could not connect to host
hawthornharpist.com: could not connect to host
haxoff.com: did not receive HSTS header
haxon.me: could not connect to host
haxx.hu: did not receive HSTS header
haydenhill.us: could not connect to host
hayleishop.fr: did not receive HSTS header
+hayzepvp.us: did not receive HSTS header
hazcod.com: could not connect to host
haze-productions.com: could not connect to host
haze.network: did not receive HSTS header
haze.sucks: could not connect to host
hazeltime.com: could not connect to host
-hazeltime.se: did not receive HSTS header
+hazloconlapix.com: could not connect to host
hazyrom.net: could not connect to host
hb1111.com: could not connect to host
hb3333.com: could not connect to host
@@ -7338,7 +7550,6 @@ hbvip06.com: could not connect to host
hbvip07.com: could not connect to host
hbvip08.com: could not connect to host
hcfhomelottery.ca: did not receive HSTS header
-hcie.pl: did not receive HSTS header
hcoe.fi: did not receive HSTS header
hcr.io: did not receive HSTS header
hcs-company.com: did not receive HSTS header
@@ -7348,13 +7559,16 @@ hd1tj.org: did not receive HSTS header
hda.me: did not receive HSTS header
hdm.io: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
hdrboundless.com: could not connect to host
+hdritalyphotos.com: did not receive HSTS header
hdserver.info: did not receive HSTS header
hdsmigrationtool.com: could not connect to host
+hdtwinks.com: could not connect to host
hduin.xyz: could not connect to host
hdwallpapers.net: could not connect to host
hdy.nz: could not connect to host
head-shop.lt: could not connect to host
head-shop.lv: could not connect to host
+head.org: could not connect to host
headmates.xyz: could not connect to host
health-match.com.au: could not connect to host
healthcare6.com: did not receive HSTS header
@@ -7366,21 +7580,20 @@ healthycod.in: could not connect to host
healtious.com: did not receive HSTS header
hearingshofar.com: could not connect to host
heart.ge: could not connect to host
+heart.taxi: max-age too low: 0
heartlandrentals.com: did not receive HSTS header
-heartsucker.com: could not connect to host
hearty.cf: did not receive HSTS header
hearty.ink: could not connect to host
hearty.space: could not connect to host
hearty.tech: could not connect to host
heartyapp.com: could not connect to host
-heartyapp.tw: could not connect to host
heartyme.net: could not connect to host
heathmanners.com: could not connect to host
heavenlyseals.com: could not connect to host
heavenlysmokenc.com: could not connect to host
heavystresser.com: could not connect to host
-heayao.com: could not connect to host
hebaus.com: could not connect to host
+heberut.gov: did not receive HSTS header
hebriff.com: could not connect to host
hectorj.net: could not connect to host
hedweb.com: could not connect to host
@@ -7391,8 +7604,8 @@ heimnetze.org: could not connect to host
heisenberg.co: could not connect to host
hejsupport.se: could not connect to host
hekeki.com: could not connect to host
-helber-it-services.de: could not connect to host
-hele.cz: did not receive HSTS header
+hele.cz: could not connect to host
+helencrump.co.uk: did not receive HSTS header
helgakristoffer.com: could not connect to host
helgakristoffer.wedding: could not connect to host
helicaldash.com: could not connect to host
@@ -7402,7 +7615,6 @@ hello-nestor.com: did not receive HSTS header
helloanselm.com: did not receive HSTS header
hellofilters.com: could not connect to host
hellomouse.cf: did not receive HSTS header
-hellomouse.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
hellomouse.tk: could not connect to host
hellotandem.com: could not connect to host
hellothought.net: could not connect to host
@@ -7420,7 +7632,7 @@ helpium.de: did not receive HSTS header
helpmebuild.com: did not receive HSTS header
helppresta.com: did not receive HSTS header
helpverif.com: did not receive HSTS header
-helpwithmybank.gov: did not receive HSTS header
+helpwithmybank.gov: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
helsingfors.guide: could not connect to host
helup.com: did not receive HSTS header
hemlockhillscabinrentals.com: did not receive HSTS header
@@ -7436,12 +7648,14 @@ hentaimaster.net: could not connect to host
hentaiz.net: could not connect to host
hepteract.us: could not connect to host
heptner24.de: could not connect to host
+herbal-id.com: did not receive HSTS header
herbandpat.org: could not connect to host
herbertmouwen.nl: could not connect to host
here.ml: could not connect to host
here4funpartysolutions.ie: did not receive HSTS header
heribe-maruo.com: did not receive HSTS header
heritagedentistry.ca: did not receive HSTS header
+hermann.in: could not connect to host
hermes-servizi.it: could not connect to host
heroin.org.uk: could not connect to host
herpaderp.net: could not connect to host
@@ -7449,16 +7663,21 @@ herr-webdesign.de: could not connect to host
herramientasbazarot.com: did not receive HSTS header
herrenfahrt.com: did not receive HSTS header
herrtxbias.org: could not connect to host
+hethely.ch: did not receive HSTS header
hetmeisjeachterpauw.nl: could not connect to host
hetmer.com: did not receive HSTS header
hetmer.cz: did not receive HSTS header
-hetmer.net: could not connect to host
+hetmer.net: did not receive HSTS header
+hetzflix.stream: did not receive HSTS header
heutger.net: did not receive HSTS header
+heverhagen.rocks: did not receive HSTS header
+hex.bz: could not connect to host
hex2013.com: did not receive HSTS header
hexacon.io: could not connect to host
hexadecimal.tech: could not connect to host
hexe.net: did not receive HSTS header
hexhu.com: could not connect to host
+hexieshe.com: could not connect to host
hexobind.com: could not connect to host
heyfringe.com: could not connect to host
heyguevara.com: did not receive HSTS header
@@ -7469,11 +7688,10 @@ hfcbank.com.gh: did not receive HSTS header
hfi.me: did not receive HSTS header
hflsdev.org: could not connect to host
hfu.io: could not connect to host
-hg525.com: max-age too low: 86400
+hg525.com: could not connect to host
hg71839.com: could not connect to host
hg881.com: could not connect to host
hgfa.fi: could not connect to host
-hgvnet.de: could not connect to host
hi808.net: did not receive HSTS header
hialatv.com: could not connect to host
hibilog.com: could not connect to host
@@ -7492,6 +7710,7 @@ highland-webcams.com: could not connect to host
highlandparkcog.org: did not receive HSTS header
highperformancehvac.com: did not receive HSTS header
highseer.com: did not receive HSTS header
+highspeedinternetservices.ca: could not connect to host
highsurf-miyazaki.com: could not connect to host
hightechgadgets.net: could not connect to host
hightimes.com: could not connect to host
@@ -7500,11 +7719,12 @@ highvelocitydesign.com: could not connect to host
higp.de: did not receive HSTS header
hiisukun.com: could not connect to host
hiitcentre.com: did not receive HSTS header
+hijoan.com: did not receive HSTS header
hik-cloud.com: did not receive HSTS header
hikagestudios.com: did not receive HSTS header
hikariempire.com: could not connect to host
hilaolu.com: could not connect to host
-hilaolu.studio: did not receive HSTS header
+hilaolu.studio: max-age too low: 0
hilariousbeer.com.mx: could not connect to host
hilinemerchandising.com: did not receive HSTS header
hill.selfip.net: could not connect to host
@@ -7518,7 +7738,7 @@ hinkel-sohn.de: did not receive HSTS header
hinrich.de: did not receive HSTS header
hintergedanken.com: could not connect to host
hintermeier-rae.at: did not receive HSTS header
-hiojbk.com: could not connect to host
+hiojbk.com: did not receive HSTS header
hipercultura.com: did not receive HSTS header
hiphopconvention.nl: could not connect to host
hipi.jp: could not connect to host
@@ -7531,13 +7751,13 @@ hiresuccessstaffing.com: did not receive HSTS header
hiretech.com: did not receive HSTS header
hirevets.gov: did not receive HSTS header
hirokilog.com: could not connect to host
+hirte-digital.de: did not receive HSTS header
hisingenrunt.se: did not receive HSTS header
hisnet.de: could not connect to host
histoire-theatre.com: did not receive HSTS header
history.pe: could not connect to host
hitchunion.org: could not connect to host
hitoy.org: could not connect to host
-hitrek.ml: could not connect to host
hittipps.com: could not connect to host
hivatal-info.hu: could not connect to host
hj2999.com: did not receive HSTS header
@@ -7546,7 +7766,6 @@ hjf-immobilien.de: did not receive HSTS header
hjkhs.cn: did not receive HSTS header
hknet.at: did not receive HSTS header
hlacosedora.com: max-age too low: 7889238
-hloe0xff.ru: could not connect to host
hlpublicidad.com: could not connect to host
hlyue.com: did not receive HSTS header
hm1ch.com: could not connect to host
@@ -7567,10 +7786,12 @@ hoerbuecher-und-hoerspiele.de: could not connect to host
hoffens.se: could not connect to host
hofiprojekt.cz: did not receive HSTS header
hogar123.es: could not connect to host
-hogepad.com: could not connect to host
hoiku-map.tokyo: could not connect to host
hoiku-navi.com: did not receive HSTS header
hokepon.com: did not receive HSTS header
+hokify.at: did not receive HSTS header
+hokify.ch: did not receive HSTS header
+hokify.de: did not receive HSTS header
holgerlehner.com: could not connect to host
holidayincotswolds.co.uk: could not connect to host
holifestival-freyung.de: could not connect to host
@@ -7578,6 +7799,7 @@ holisticdrbright.com: max-age too low: 300
hollandguns.com: did not receive HSTS header
hollerau.de: could not connect to host
holowaty.me: could not connect to host
+holstphoto.com: max-age too low: 2592000
holy-hi.com: did not receive HSTS header
holymoly.lu: could not connect to host
holymolycasinos.com: did not receive HSTS header
@@ -7586,6 +7808,7 @@ homads.com: did not receive HSTS header
home-cloud.online: could not connect to host
home-coaching.be: did not receive HSTS header
home-craft.de: could not connect to host
+home-insurance-quotes.tk: could not connect to host
home-v.ind.in: could not connect to host
home-work-jobs.com: did not receive HSTS header
homeandyarddetailing.com: could not connect to host
@@ -7596,12 +7819,11 @@ homedna.com: did not receive HSTS header
homeexx.com: did not receive HSTS header
homehunting.pt: did not receive HSTS header
homeoesp.org: did not receive HSTS header
-homeownersassociationmanagementla.com: did not receive HSTS header
+homeownersassociationmanagementla.com: could not connect to host
homeremodelingcontractorsca.com: did not receive HSTS header
homesandal.com: did not receive HSTS header
homeseller.co.uk: could not connect to host
homesfordinner.ca: could not connect to host
-homestay.id: did not receive HSTS header
homeyantra.com: did not receive HSTS header
homezhi.com.tw: could not connect to host
homoglyph.net: could not connect to host
@@ -7619,15 +7841,12 @@ hoodiecrow.com: could not connect to host
hoodoo.io: could not connect to host
hoodoo.tech: could not connect to host
hookandloom.com: did not receive HSTS header
-hookbin.com: could not connect to host
hoopsacademyusa.com: could not connect to host
hopesb.org: did not receive HSTS header
hopewellproperties.co.uk: did not receive HSTS header
hopglass.eu: could not connect to host
hopglass.net: could not connect to host
-hopzone.net: could not connect to host
horace.li: did not receive HSTS header
-horackova.info: could not connect to host
horisonttimedia.fi: did not receive HSTS header
horizonmoto.fr: did not receive HSTS header
horkel.cf: could not connect to host
@@ -7641,7 +7860,7 @@ horvathtom.com: could not connect to host
horvatnyelvkonyv.hu: could not connect to host
host.black: could not connect to host
hostam.link: could not connect to host
-hosted-oswa.org: could not connect to host
+hosted-oswa.org: did not receive HSTS header
hostedbgp.net: did not receive HSTS header
hostedtalkgadget.google.com: did not receive HSTS header (error ignored - included regardless)
hostelite.com: did not receive HSTS header
@@ -7651,6 +7870,7 @@ hostinaus.com.au: did not receive HSTS header
hostingfirst.nl: could not connect to host
hostingfj.com: could not connect to host
hostisan.com: could not connect to host
+hostserv.org: could not connect to host
hosyaku.gr.jp: did not receive HSTS header
hot-spa.ch: did not receive HSTS header
hotartup.com: could not connect to host
@@ -7664,19 +7884,21 @@ hotelvictoriaoax-mailing.com: could not connect to host
hotelvillahermosa-mailing.com: could not connect to host
hotelvue.nl: could not connect to host
hotesb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-hotesb.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+hotesb.net: could not connect to host
hotjuice.com: could not connect to host
hotornot.com: could not connect to host
hotpoint-training.com: did not receive HSTS header
hottestwebcamgirls.org: could not connect to host
houkago-step.com: did not receive HSTS header
houseinvestor.com: could not connect to host
-housemaadiah.org: did not receive HSTS header
+housemaadiah.org: could not connect to host
+housetalk.ru: did not receive HSTS header
housingstudents.org.uk: could not connect to host
how2fsbo.com: could not connect to host
howardwatts.co.uk: did not receive HSTS header
howfargames.com: could not connect to host
howrandom.org: could not connect to host
+howsmytls.com: could not connect to host
howtocuremysciatica.com: could not connect to host
howtofreelance.com: did not receive HSTS header
howtoinstall.co: did not receive HSTS header
@@ -7684,26 +7906,30 @@ hozinga.de: could not connect to host
hpctecnologias.com: did not receive HSTS header
hpeditor.tk: could not connect to host
hpepub.asia: could not connect to host
+hpepub.com: could not connect to host
hpepub.org: did not receive HSTS header
+hpnow.com.br: could not connect to host
hppub.info: could not connect to host
hppub.org: could not connect to host
hppub.site: could not connect to host
hqhost.net: did not receive HSTS header
hqq.tv: could not connect to host
-hqy.moe: did not receive HSTS header
hr-intranet.com: could not connect to host
hr-tech.store: could not connect to host
hr98.tk: could not connect to host
+hr98.xyz: did not receive HSTS header
hrackydomino.cz: did not receive HSTS header
hrfhomelottery.com: did not receive HSTS header
+hrjfeedstock.com: did not receive HSTS header
hrk.io: did not receive HSTS header
-hrobert.hu: could not connect to host
hrtech.store: could not connect to host
hrtraining.com.au: did not receive HSTS header
hru.gov: could not connect to host
hschen.top: could not connect to host
hserver.top: could not connect to host
+hsex.tv: did not receive HSTS header
hsir.me: could not connect to host
+hsn.com: could not connect to host
hsts-preload-test.xyz: could not connect to host
hsts.com.br: could not connect to host
hsts.date: could not connect to host
@@ -7711,6 +7937,7 @@ hstspreload.me: could not connect to host
hszhyy120.com: could not connect to host
htlball.at: could not connect to host
html-lab.tk: could not connect to host
+htp2.top: could not connect to host
http418.xyz: could not connect to host
httphacker.com: could not connect to host
https.ps: could not connect to host
@@ -7724,12 +7951,13 @@ hua-li88.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERR
huang.nu: could not connect to host
huangguancq.com: could not connect to host
huangh.com: could not connect to host
+huangliangbo.com: did not receive HSTS header
huangting.me: did not receive HSTS header
huangzenghao.com: could not connect to host
huarongdao.com: did not receive HSTS header
huaxueba.com: could not connect to host
hubert.systems: did not receive HSTS header
-hubertmoszka.pl: max-age too low: 0
+hubertmoszka.pl: could not connect to host
hubrecht.at: could not connect to host
hubrick.com: could not connect to host
hudhaifahgoga.co.za: could not connect to host
@@ -7737,7 +7965,6 @@ hudingyuan.cn: could not connect to host
hugocollignon.fr: could not connect to host
hui-in.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
hui-in.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-huihui.moe: did not receive HSTS header
huiser.nl: could not connect to host
hukaloh.com: could not connect to host
hukkatavara.com: could not connect to host
@@ -7747,16 +7974,18 @@ humankode.com: did not receive HSTS header
humblebee.es: could not connect to host
humblefinances.com: could not connect to host
humeurs.net: could not connect to host
+humorce.com: did not receive HSTS header
humortuga.pt: did not receive HSTS header
hump.dk: could not connect to host
humpi.at: could not connect to host
humpteedumptee.in: did not receive HSTS header
hunqz.com: could not connect to host
-hunter-read.com: could not connect to host
+hunterjohnson.io: could not connect to host
huodongweb.com: could not connect to host
huoduan.com: did not receive HSTS header
huongquynh.com: could not connect to host
-hup.blue: could not connect to host
+hup.blue: did not receive HSTS header
+hurleyhomestead.com: could not connect to host
hurricanelabs.com: did not receive HSTS header
huskybutt.dog: could not connect to host
huskyduvercors.com: did not receive HSTS header
@@ -7766,6 +7995,7 @@ huwjones.me: could not connect to host
huzu.com: did not receive HSTS header
huzurmetal.net: could not connect to host
hwcine.com: could not connect to host
+hwinfo.com: did not receive HSTS header
hwpkasse.de: max-age too low: 2592000
hyakumachi.com: did not receive HSTS header
hyatt.com: did not receive HSTS header
@@ -7793,12 +8023,14 @@ hymerscollege.co.uk: max-age too low: 43200
hypa.net.au: did not receive HSTS header
hyper-matrix.org: could not connect to host
hyper69.com: could not connect to host
+hyperactive.am: could not connect to host
hyperporn.net: could not connect to host
hyperreal.info: could not connect to host
hypnoresults.com.au: did not receive HSTS header
-hypnos.hu: did not receive HSTS header
+hypnos.hu: could not connect to host
hypotheques24.ch: could not connect to host
hysg.me: could not connect to host
+hysh.jp: could not connect to host
hyvive.com: could not connect to host
hzh.pub: did not receive HSTS header
i--b.com: did not receive HSTS header
@@ -7810,10 +8042,12 @@ i10z.com: could not connect to host
i28s.com: did not receive HSTS header
i496.eu: could not connect to host
i4m1k0su.com: could not connect to host
+i95.me: did not receive HSTS header
i9multiequipamentos.com.br: did not receive HSTS header
ia1000.com: could not connect to host
iadttaveras.com: could not connect to host
iain.tech: did not receive HSTS header
+iamlizu.com: did not receive HSTS header
iamokay.nl: did not receive HSTS header
iamreubin.co.uk: did not receive HSTS header
iamsoareyou.se: could not connect to host
@@ -7824,7 +8058,6 @@ iapws.com: did not receive HSTS header
iban.is: could not connect to host
ibarf.nl: did not receive HSTS header
ibase.com: did not receive HSTS header
-ibeep.com: could not connect to host
ibenchu.com: did not receive HSTS header
ibestreview.com: did not receive HSTS header
ibizatopcharter.com: did not receive HSTS header
@@ -7833,34 +8066,37 @@ ibnuwebhost.com: could not connect to host
ibnw.de: did not receive HSTS header
ibox.ovh: did not receive HSTS header
ibpegasus.tk: could not connect to host
-ibps.blog: did not receive HSTS header
+ibps.blog: could not connect to host
ibpsrecruitment.co.in: could not connect to host
ibron.co: could not connect to host
ibsafrica.co.za: could not connect to host
ibsglobal.co.za: could not connect to host
icabanken.se: did not receive HSTS header
icaforsakring.se: did not receive HSTS header
+icake.life: could not connect to host
icasnetwork.com: did not receive HSTS header
ice.yt: could not connect to host
icebat.dyndns.org: could not connect to host
icebound.cc: did not receive HSTS header
icebound.win: could not connect to host
+icedream.tech: could not connect to host
iceiu.com: could not connect to host
iceloch.com: could not connect to host
icepink.com.br: could not connect to host
icewoman.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
icfl.com.br: could not connect to host
ich-find-den-g.net: could not connect to host
-ich-hab-die-schnauze-voll-von-der-suche-nach-ner-kurzen-domain.de: could not connect to host
ich-mach-druck.eu: did not receive HSTS header
+ichasco.com: could not connect to host
ichnichtskaufmann.de: could not connect to host
ichoosebtec.com: did not receive HSTS header
ichronos.net: did not receive HSTS header
icity.ly: did not receive HSTS header
ickerseashop.com: could not connect to host
icloud.net: could not connect to host
+icmshoptrend.com: did not receive HSTS header
icnsoft.ga: did not receive HSTS header
-icnsoft.me: did not receive HSTS header
+icnsoft.me: could not connect to host
icnsoft.org: could not connect to host
icntorrent.download: could not connect to host
ico500.com: did not receive HSTS header
@@ -7874,6 +8110,7 @@ icys2017.com: did not receive HSTS header
id-co.in: could not connect to host
id-conf.com: did not receive HSTS header
idafauziyah.com: could not connect to host
+idblab.tk: could not connect to host
idc.yn.cn: could not connect to host
idcrane.com: could not connect to host
iddconnect.com: could not connect to host
@@ -7893,17 +8130,18 @@ idemo.in: could not connect to host
identity-hash.online: could not connect to host
identitylabs.uk: could not connect to host
identitysandbox.gov: could not connect to host
-idgsupply.com: did not receive HSTS header
-idid.tk: could not connect to host
+idgsupply.com: could not connect to host
idinby.dk: did not receive HSTS header
idiopolis.org: could not connect to host
idisplay.es: could not connect to host
idlekernel.com: could not connect to host
idol-bikes.ru: could not connect to host
+idolish7.fun: did not receive HSTS header
idontexist.me: could not connect to host
idsafe.co.za: could not connect to host
idsoccer.com: did not receive HSTS header
iec.pe: could not connect to host
+iemas.azurewebsites.net: did not receive HSTS header
iemb.cf: could not connect to host
ierna.com: did not receive HSTS header
ies.id.lv: could not connect to host
@@ -7918,7 +8156,9 @@ ifastuniversity.com: did not receive HSTS header
ifcfg.me: could not connect to host
ifconfig.co: did not receive HSTS header
ifleurs.com: could not connect to host
+ifly.pw: could not connect to host
ifreetion.cn: did not receive HSTS header
+ifroheweihnachten.net: did not receive HSTS header
ifx.ee: could not connect to host
ifxnet.com: could not connect to host
ifxor.com: could not connect to host
@@ -7932,6 +8172,8 @@ ignatisd.gr: did not receive HSTS header
igule.net: could not connect to host
iha6.com: could not connect to host
ihc.im: did not receive HSTS header
+ihcr.top: did not receive HSTS header
+ihls.world: could not connect to host
ihls.xyz: did not receive HSTS header
ihongzu.com: could not connect to host
ihrlotto.de: could not connect to host
@@ -7945,7 +8187,7 @@ iilin.com: did not receive HSTS header
iispeed.com: did not receive HSTS header
ijn-dd.nl: could not connect to host
ijoda.com: could not connect to host
-ike.io: could not connect to host
+ike.io: did not receive HSTS header
ikenmeyer.com: could not connect to host
ikenmeyer.eu: could not connect to host
ikocik.sk: could not connect to host
@@ -7957,7 +8199,6 @@ ikzoekjeugdhulp.nl: did not receive HSTS header
ilbuongiorno.it: did not receive HSTS header
ildomani.it: did not receive HSTS header
ileat.com: could not connect to host
-ilemonrain.com: could not connect to host
ilgi.work: could not connect to host
ilii.me: could not connect to host
ilikerainbows.co: did not receive HSTS header
@@ -7975,8 +8216,9 @@ imagecurl.com: could not connect to host
imagecurl.org: could not connect to host
imaginarymakings.me: could not connect to host
imakepoems.net: could not connect to host
-imanhearts.com: did not receive HSTS header
+imanhearts.com: max-age too low: 0
imanudin.net: did not receive HSTS header
+imaple.org: could not connect to host
imbrian.org: could not connect to host
imed.com.pt: did not receive HSTS header
imed.pt: did not receive HSTS header
@@ -7988,13 +8230,13 @@ imguoguo.com: could not connect to host
imim.pw: could not connect to host
imjiangtao.com: did not receive HSTS header
imlinan.cn: could not connect to host
+imlinan.com: could not connect to host
imlinan.info: could not connect to host
imlinan.net: could not connect to host
imlonghao.com: did not receive HSTS header
immanuel60.hu: did not receive HSTS header
immaternity.com: could not connect to host
-immersionwealth.com: could not connect to host
-immo-vk.de: did not receive HSTS header
+immersivewebportal.com: could not connect to host
immobiliarecapitani.com: did not receive HSTS header
immobilien-wallat.de: could not connect to host
immoprotect.ca: did not receive HSTS header
@@ -8024,13 +8266,13 @@ imoto.me: could not connect to host
imperdintechnologies.com: could not connect to host
imperialonlinestore.com: did not receive HSTS header
imperialwebsolutions.com: did not receive HSTS header
+imperiodigital.online: did not receive HSTS header
imprenta-es.com: did not receive HSTS header
improvingwp.com: could not connect to host
impulse-clan.de: could not connect to host
-imrejonk.nl: could not connect to host
imu.li: did not receive HSTS header
imusic.dk: did not receive HSTS header
-imy.life: could not connect to host
+imy.life: did not receive HSTS header
inandeyes.com: did not receive HSTS header
inb4.us: could not connect to host
inbox.li: did not receive HSTS header
@@ -8039,12 +8281,10 @@ incendiary-arts.com: could not connect to host
inceptionradionetwork.com: could not connect to host
incestporn.tv: could not connect to host
inchomatic.com: did not receive HSTS header
-incompliance.de: did not receive HSTS header
increasetestosteronelevels.org: could not connect to host
inderagamono.net: could not connect to host
indesit-training.com: did not receive HSTS header
indexyz.me: could not connect to host
-indianaantlersupply.com: could not connect to host
indiawise.co.uk: could not connect to host
indiecert.net: did not receive HSTS header
indieethos.com: did not receive HSTS header
@@ -8053,16 +8293,17 @@ indien.guide: could not connect to host
indilens.com: did not receive HSTS header
indiraactive.com: could not connect to host
indiroyunu.com: did not receive HSTS header
-indochina.io: could not connect to host
+indogerman.de: did not receive HSTS header
+indogermantrade.de: could not connect to host
indoorskiassen.nl: did not receive HSTS header
indostar303.com: did not receive HSTS header
indredouglas.me: could not connect to host
industreiler.com: could not connect to host
industreiler.com.br: could not connect to host
-industriasrenova.com: could not connect to host
-industrybazar.com: max-age too low: 2592000
+industrybazar.com: did not receive HSTS header
ineed.com.mt: could not connect to host
inetpub.cn: could not connect to host
+inevitavelbrasil.com.br: could not connect to host
inexlog.fr: could not connect to host
inexpensivecomputers.net: could not connect to host
infcof.com: did not receive HSTS header
@@ -8076,6 +8317,7 @@ infinitusgaming.eu: could not connect to host
infinity-freedom.com: could not connect to host
infinity-freedom.de: could not connect to host
infinity-lifestyle.de: could not connect to host
+infinity.to: could not connect to host
inflate-a-bubbles.co.uk: did not receive HSTS header
inflation.ml: could not connect to host
influxus.com: could not connect to host
@@ -8083,13 +8325,14 @@ info-bay.com: could not connect to host
info-sys.tk: could not connect to host
infoamin.com: did not receive HSTS header
infocoin.es: did not receive HSTS header
-infoduv.fr: did not receive HSTS header
inforichjapan.com: did not receive HSTS header
inforisposte.com: did not receive HSTS header
+informaciondeciclismo.com: did not receive HSTS header
informaticapremium.com: did not receive HSTS header
informatik.zone: could not connect to host
infos-generation.com: did not receive HSTS header
infosec.rip: could not connect to host
+infosimmo.com: did not receive HSTS header
infosoph.org: could not connect to host
infotics.es: did not receive HSTS header
infovae-idf.com: could not connect to host
@@ -8106,6 +8349,7 @@ ingesol.fr: did not receive HSTS header
ingresscode.cn: did not receive HSTS header
inhelix.com: could not connect to host
inhive.group: did not receive HSTS header
+iniiter.com: could not connect to host
injapan.nl: could not connect to host
injertoshorticolas.com: did not receive HSTS header
injigo.com: did not receive HSTS header
@@ -8125,6 +8369,7 @@ inku.ovh: did not receive HSTS header
inkvisual.tk: could not connect to host
inleaked.com: could not connect to host
inme.ga: did not receive HSTS header
+inmusrv.de: could not connect to host
innerform.com: could not connect to host
innit.be: could not connect to host
innobatics.com: did not receive HSTS header
@@ -8133,14 +8378,15 @@ innovamag.ca: did not receive HSTS header
innovativebuildingsolutions.co.za: could not connect to host
innovativeideaz.org: could not connect to host
innoventure.de: could not connect to host
+innwan.com: could not connect to host
inondation.ch: could not connect to host
inorder.website: could not connect to host
inovatec.com: did not receive HSTS header
-inox.io: did not receive HSTS header
+inox.io: could not connect to host
inoxio.com: did not receive HSTS header
inoxio.de: did not receive HSTS header
inplacers.ru: did not receive HSTS header
-inquisitive.io: did not receive HSTS header
+inquisitive.io: could not connect to host
insane-bullets.com: could not connect to host
insane.zone: could not connect to host
inschrijfformulier.com: could not connect to host
@@ -8148,7 +8394,6 @@ inscript.pl: did not receive HSTS header
insideofgaming.de: could not connect to host
insite-feedback.com: could not connect to host
insouciant.org: could not connect to host
-inspirationalquotesuk.co.uk: could not connect to host
inspirationconcepts.nl: did not receive HSTS header
inspire-av.com: did not receive HSTS header
inspiroinc.com: could not connect to host
@@ -8168,6 +8413,7 @@ insurance: could not connect to host
insurethebox.tk: could not connect to host
int-ext-design.fr: could not connect to host
int-ma.in: did not receive HSTS header
+integraelchen.de: could not connect to host
integrationinc.com: did not receive HSTS header
integraxor.com.tw: did not receive HSTS header
integrityingovernmentidaho.com: could not connect to host
@@ -8177,7 +8423,7 @@ intelbet.es: did not receive HSTS header
intelbet.ro: did not receive HSTS header
intelhost.net: max-age too low: 0
intelldynamics.com: could not connect to host
-intelliance.eu: could not connect to host
+intelliance.eu: did not receive HSTS header
interboursegeneva.ch: did not receive HSTS header
interchanges.io: max-age too low: 0
interference.io: did not receive HSTS header
@@ -8197,6 +8443,7 @@ intermezzo-emmerich.de: did not receive HSTS header
intermezzo-emmerich.nl: did not receive HSTS header
internacao.com: did not receive HSTS header
internaldh.com: could not connect to host
+internationalschoolnewyork.com: could not connect to host
internaut.co.za: did not receive HSTS header
internetbugbounty.org: did not receive HSTS header
internetcasinos.de: could not connect to host
@@ -8217,10 +8464,11 @@ intimateperrierjouet.com: could not connect to host
intimici.com.br: could not connect to host
intimtoy.com.ua: could not connect to host
intranetsec.fr: could not connect to host
-intreaba.xyz: max-age too low: 2592000
+intreaba.xyz: could not connect to host
introvertedtravel.space: max-age too low: 0
intrp.net: did not receive HSTS header
invenio.software: could not connect to host
+inventoryexpress.xyz: could not connect to host
inverselink.com: could not connect to host
investcountry.com: could not connect to host
investingdiary.cn: could not connect to host
@@ -8231,16 +8479,19 @@ invictusmc.uk: could not connect to host
invinsec.cloud: did not receive HSTS header
invinsec.com: max-age too low: 86400
invis.net: could not connect to host
+invitation-factory.tk: could not connect to host
invite24.pro: could not connect to host
+invitescene.com: did not receive HSTS header
invuelto.com: did not receive HSTS header
+iodev.nl: could not connect to host
iodice.org: did not receive HSTS header
iodu.re: could not connect to host
ioiart.eu: could not connect to host
iolife.dk: could not connect to host
ionas-law.ro: did not receive HSTS header
ionc.ca: could not connect to host
-ionote.me: did not receive HSTS header
-iop.intuit.com: max-age too low: 86400
+ionote.me: could not connect to host
+iop.intuit.com: did not receive HSTS header
iora.fr: could not connect to host
iostips.ru: could not connect to host
iotfen.com: could not connect to host
@@ -8248,11 +8499,13 @@ iotsms.io: could not connect to host
ip-life.net: did not receive HSTS header
ip.or.at: could not connect to host
ip6.im: did not receive HSTS header
+ipadportfolioapp.com: did not receive HSTS header
+ipawind.com: did not receive HSTS header
ipbill.org.uk: could not connect to host
ipcfg.me: could not connect to host
ipfp.pl: did not receive HSTS header
iphonechina.net: could not connect to host
-ipid.me: could not connect to host
+iphoneportfolioapp.com: did not receive HSTS header
iplife.cn: could not connect to host
iplog.info: could not connect to host
ipmimagazine.com: did not receive HSTS header
@@ -8278,19 +8531,20 @@ ipvsec.nl: could not connect to host
iqcn.co: could not connect to host
iqualtech.com: max-age too low: 7889238
ir-saitama.com: could not connect to host
+iran-geo.com: could not connect to host
iran-poll.org: max-age too low: 0
irandp.net: did not receive HSTS header
iranianlawschool.com: could not connect to host
iraqidinar.org: did not receive HSTS header
-irasandi.com: could not connect to host
irazimina.ru: did not receive HSTS header
irccloud.com: did not receive HSTS header
+ircmett.de: did not receive HSTS header
iready.ro: could not connect to host
irelandesign.com: could not connect to host
-irinkeby.nu: could not connect to host
+irinkeby.nu: did not receive HSTS header
irische-segenswuensche.info: could not connect to host
irisdina.de: could not connect to host
-irishmusic.nu: could not connect to host
+irishmusic.nu: did not receive HSTS header
irland.guide: could not connect to host
irmag.ru: did not receive HSTS header
irmtrudjurke.de: did not receive HSTS header
@@ -8306,8 +8560,12 @@ irun-telecom.co.uk: could not connect to host
irvinepa.org: max-age too low: 10540800
is-a-furry.org: did not receive HSTS header
isaackabel.cf: could not connect to host
-isastylish.com: could not connect to host
+isaackabel.ga: could not connect to host
+isaackabel.gq: could not connect to host
+isaackabel.ml: could not connect to host
+isaackabel.tk: could not connect to host
ischool.co.jp: did not receive HSTS header
+isdecolaop.nl: could not connect to host
isdf.me: could not connect to host
isdown.cz: could not connect to host
isef-eg.com: did not receive HSTS header
@@ -8325,15 +8583,17 @@ iskai.net: did not receive HSTS header
iskkk.com: could not connect to host
iskkk.net: could not connect to host
islandinthenet.com: did not receive HSTS header
+islandlakeil.gov: could not connect to host
islandoilsupply.com: max-age too low: 300
islandpumpandtank.com: did not receive HSTS header
-islandzero.net: did not receive HSTS header
+islandzero.net: could not connect to host
islazia.fr: did not receive HSTS header
-islief.com: could not connect to host
isntall.us: did not receive HSTS header
+isocom.eu: could not connect to host
isoface33.fr: did not receive HSTS header
isogen5.com: could not connect to host
isogram.nl: did not receive HSTS header
+isondo.com: could not connect to host
isoroc-nidzica.pl: could not connect to host
ispringcloud.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
ispweb.es: did not receive HSTS header
@@ -8347,33 +8607,35 @@ istgame.com: did not receive HSTS header
isthefieldcontrolsystemdown.com: could not connect to host
istherrienstillcoach.com: could not connect to host
isv.online: did not receive HSTS header
-isyu.xyz: could not connect to host
-iszy.me: could not connect to host
it-cave.com: could not connect to host
it-enthusiasts.tech: could not connect to host
it-go.net: did not receive HSTS header
+it-kron.de: did not receive HSTS header
it-labor.info: did not receive HSTS header
it-schwerin.de: could not connect to host
+it1b.com: could not connect to host
itad.top: could not connect to host
+itblog.pp.ua: did not receive HSTS header
itbrief.co.nz: did not receive HSTS header
itbrief.com.au: did not receive HSTS header
itchimes.com: did not receive HSTS header
+itchy.nl: could not connect to host
itchybrainscentral.com: could not connect to host
itds-consulting.com: could not connect to host
itds-consulting.cz: could not connect to host
itds-consulting.eu: could not connect to host
-itechgeek.com: max-age too low: 0
+itechgeek.com: did not receive HSTS header
+iteli.eu: did not receive HSTS header
items.lv: did not receive HSTS header
itemton.com: could not connect to host
+iterror.co: could not connect to host
itfaq.nl: did not receive HSTS header
itfensi.net: max-age too low: 6307200
itforcc.com: did not receive HSTS header
ithakama.com: could not connect to host
-itilo.de: did not receive HSTS header
itinsight.hu: did not receive HSTS header
itiomassagem.com.br: did not receive HSTS header
itisjustnot.cricket: could not connect to host
-itmanie.cz: could not connect to host
itnews-bg.com: could not connect to host
itogoyomi.com: did not receive HSTS header
itos.asia: did not receive HSTS header
@@ -8399,12 +8661,14 @@ ittop-gabon.com: could not connect to host
itu2015.de: could not connect to host
ius.io: did not receive HSTS header
iuscommunity.org: did not receive HSTS header
+ivanilla.org: could not connect to host
ivanpolchenko.com: could not connect to host
ivi-co.com: max-age too low: 0
ivi-fertility.com: max-age too low: 0
ivi.es: max-age too low: 0
ivk.website: could not connect to host
ivklombard.ru: did not receive HSTS header
+ivoryonsunset.com: could not connect to host
ivxv.ee: could not connect to host
ivyshop.com.br: could not connect to host
iwannarefill.com: could not connect to host
@@ -8429,17 +8693,17 @@ j0ng.xyz: could not connect to host
j15t98j.co.uk: did not receive HSTS header
j2ee.cz: could not connect to host
j8y.de: did not receive HSTS header
-ja-publications.agency: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
ja-publications.com: did not receive HSTS header
jaan.su: could not connect to host
jaaxypro.com: could not connect to host
-jability.ovh: did not receive HSTS header
+jability.ovh: could not connect to host
jackalworks.com: could not connect to host
-jackdoan.com: could not connect to host
+jackdoan.com: did not receive HSTS header
jackfahnestock.com: could not connect to host
jackops.com: could not connect to host
jackrusselterrier.com.br: could not connect to host
jackyyf.com: could not connect to host
+jaco.by: could not connect to host
jacobparry.ca: max-age too low: 0
jadara.info: could not connect to host
jaepinformatica.com: did not receive HSTS header
@@ -8447,19 +8711,22 @@ jagido.de: did not receive HSTS header
jahliveradio.com: did not receive HSTS header
jaimechanaga.com: could not connect to host
jaion.ml: could not connect to host
+jaion.tech: could not connect to host
jak-na-les.cz: could not connect to host
jakenbake.com: could not connect to host
+jakeslab.tech: could not connect to host
jakewalker.xyz: did not receive HSTS header
jakincode.army: could not connect to host
jaksel.id: could not connect to host
jaksi.io: did not receive HSTS header
+jakubarbet.eu: could not connect to host
jamanji.com.ng: could not connect to host
-jamaware.org: did not receive HSTS header
+jamaware.org: could not connect to host
jamberry.com.mx: could not connect to host
james-parker.com: did not receive HSTS header
james.je: could not connect to host
-jamesandanneke.com: did not receive HSTS header
-jamesbradach.com: did not receive HSTS header
+jamesandanneke.com: could not connect to host
+jamesbradach.com: could not connect to host
jamesburton.london: could not connect to host
jamesbywater.co.uk: could not connect to host
jamesbywater.com: could not connect to host
@@ -8480,7 +8747,6 @@ jamesmaurer.com: did not receive HSTS header
jamesrains.com: could not connect to host
jameswarp.com: could not connect to host
jami.am: max-age too low: 0
-jamie-read-photography.com: could not connect to host
jamourtney.com: could not connect to host
jamyeprice.com: did not receive HSTS header
jan-cermak.cz: did not receive HSTS header
@@ -8501,12 +8767,11 @@ janus-engineering.de: did not receive HSTS header
janverlaan.nl: did not receive HSTS header
jap-nope.de: did not receive HSTS header
japan4you.org: did not receive HSTS header
-japanbaths.com: could not connect to host
+japanbaths.com: did not receive HSTS header
japaneseemoticons.org: did not receive HSTS header
japanesenames.biz: did not receive HSTS header
-japangids.nl: could not connect to host
japansm.com: could not connect to host
-japanwide.net: could not connect to host
+japanwide.net: did not receive HSTS header
japaripark.com: could not connect to host
jape.today: could not connect to host
japlex.com: could not connect to host
@@ -8514,13 +8779,13 @@ jaqen.ch: could not connect to host
jardins-utopie.net: could not connect to host
jaredbates.net: did not receive HSTS header
jaredfraser.com: could not connect to host
-jarivisual.com: did not receive HSTS header
+jarivisual.com: could not connect to host
jarl.ninja: could not connect to host
jarnail.ca: could not connect to host
jaroslavtrsek.cz: did not receive HSTS header
jarrodcastaing.com: did not receive HSTS header
jarrodcastaing.com.au: did not receive HSTS header
-jarsater.com: did not receive HSTS header
+jarsater.com: could not connect to host
jartza.org: could not connect to host
jasmineconseil.com: did not receive HSTS header
jasoncosper.com: did not receive HSTS header
@@ -8579,15 +8844,20 @@ jdh8.org: did not receive HSTS header
jdsf.tk: did not receive HSTS header
jean-remy.ch: could not connect to host
jebengotai.com: did not receive HSTS header
+jec-dekrone.be: did not receive HSTS header
jecho.cn: could not connect to host
+jedayoshi.me: could not connect to host
jeepmafia.com: did not receive HSTS header
-jeff.forsale: could not connect to host
-jeff.is: did not receive HSTS header
+jeff.forsale: did not receive HSTS header
+jeff.is: could not connect to host
jeff393.com: could not connect to host
+jeffanderson.me: did not receive HSTS header
jeffersonregan.org: could not connect to host
jeffhuxley.com: could not connect to host
jeffreymagee.com: did not receive HSTS header
jeil-makes.co.kr: could not connect to host
+jelewa.de: did not receive HSTS header
+jelleglebbeek.com: max-age too low: 0
jellow.nl: did not receive HSTS header
jemoticons.com: did not receive HSTS header
jenjoit.de: could not connect to host
@@ -8598,8 +8868,7 @@ jennybeaned.com: did not receive HSTS header
jens-prangenberg.de: did not receive HSTS header
jens.hk: could not connect to host
jensenbanden.no: could not connect to host
-jenssen.org: did not receive HSTS header
-jeremyc.ca: could not connect to host
+jenssen.org: could not connect to host
jeremye77.com: did not receive HSTS header
jeremymade.com: did not receive HSTS header
jeremywagner.me: did not receive HSTS header
@@ -8609,18 +8878,18 @@ jeroenvanderwal.nl: did not receive HSTS header
jeroldirvin.com: did not receive HSTS header
jerrypau.ca: could not connect to host
jesorsenville.com: did not receive HSTS header
-jessevictors.com: could not connect to host
jessicah.org: could not connect to host
jesuisformidable.nl: could not connect to host
jesuslucas.com: did not receive HSTS header
jet-code.com: did not receive HSTS header
+jetapi.org: could not connect to host
jetbrains.pw: could not connect to host
-jetflex.de: did not receive HSTS header
jetlagphotography.com: could not connect to host
jetmirshatri.com: did not receive HSTS header
jeton.com: did not receive HSTS header
jetsetcharge.com: could not connect to host
jetsetpay.com: could not connect to host
+jettlarue.com: could not connect to host
jettravel.com.mt: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
jettshome.org: could not connect to host
jetzt-elektromobil.de: could not connect to host
@@ -8640,8 +8909,10 @@ jhejderup.me: could not connect to host
jhermsmeier.de: could not connect to host
jhw-profiles.de: did not receive HSTS header
jia1hao.com: could not connect to host
+jiacl.com: could not connect to host
jiaidu.com: could not connect to host
jiangzequn.com: could not connect to host
+jiangzm.com: could not connect to host
jianjiantv.com: could not connect to host
jiaqiang.vip: could not connect to host
jichi.me: could not connect to host
@@ -8649,6 +8920,7 @@ jie.dance: could not connect to host
jief.me: could not connect to host
jigsawdevelopments.com: could not connect to host
jiid.ga: could not connect to host
+jikegu.com: could not connect to host
jikken.de: could not connect to host
jimas.eu: did not receive HSTS header
jimenacocina.com: did not receive HSTS header
@@ -8669,13 +8941,11 @@ jitlab.org: could not connect to host
jitsi.org: did not receive HSTS header
jiveiaktivno.bg: did not receive HSTS header
jiyue.com: did not receive HSTS header
-jiyuu-ni.com: could not connect to host
-jiyuu-ni.net: could not connect to host
jjf.org.au: did not receive HSTS header
jka.io: did not receive HSTS header
jkb.pics: could not connect to host
jkbuster.com: could not connect to host
-jkinteriorspa.com: could not connect to host
+jkest.cc: could not connect to host
jkng.eu: could not connect to host
jko.works: could not connect to host
jkuvw.xyz: could not connect to host
@@ -8687,20 +8957,20 @@ jmb.lc: could not connect to host
jmotion.co.uk: did not receive HSTS header
jmpmotorsport.co.uk: did not receive HSTS header
jmvbmx.ch: could not connect to host
+jmvdigital.com: did not receive HSTS header
jn1.me: did not receive HSTS header
jncde.de: did not receive HSTS header
jncie.de: did not receive HSTS header
jncie.eu: did not receive HSTS header
jncip.de: did not receive HSTS header
joakimalgroy.com: could not connect to host
-joaquimgoliveira.pt: could not connect to host
jobers.ch: did not receive HSTS header
jobers.pt: did not receive HSTS header
jobflyapp.com: could not connect to host
-joblab.com.ua: did not receive HSTS header
jobmedic.com: could not connect to host
+jobmob.co.il: did not receive HSTS header
jobshq.com: did not receive HSTS header
-jobss.co.uk: did not receive HSTS header
+jobss.co.uk: could not connect to host
jobtestprep.de: max-age too low: 0
jobtestprep.dk: max-age too low: 0
jobtestprep.fr: max-age too low: 0
@@ -8708,6 +8978,7 @@ jobtestprep.it: did not receive HSTS header
jobtestprep.nl: max-age too low: 0
jobtestprep.se: max-age too low: 0
jodel.ninja: could not connect to host
+jodyshop.com: did not receive HSTS header
joe-pagan.com: did not receive HSTS header
joearodriguez.com: could not connect to host
joecod.es: could not connect to host
@@ -8718,15 +8989,15 @@ joetyson.io: could not connect to host
johand.io: could not connect to host
johannaojanen.com: could not connect to host
johannes-bugenhagen.de: did not receive HSTS header
-johannes-sprink.de: could not connect to host
+johannes-sprink.de: did not receive HSTS header
johnbrownphotography.ch: did not receive HSTS header
johncardell.com: did not receive HSTS header
johners.me: could not connect to host
johngaltgroup.com: did not receive HSTS header
johnhgaunt.com: did not receive HSTS header
+johnmichel.org: could not connect to host
johnmorganpartnership.co.uk: did not receive HSTS header
johnrom.com: could not connect to host
-johnsiu.com: did not receive HSTS header
johntomasowa.com: could not connect to host
johnverkerk.com: could not connect to host
joinamericacorps.gov: could not connect to host
@@ -8760,9 +9031,12 @@ jornadasciberdefensa2016.es: could not connect to host
jorovik.com: did not receive HSTS header
jorrit.info: max-age too low: 0
josahrens.me: could not connect to host
+josc.com.au: could not connect to host
jose.eti.br: did not receive HSTS header
joseaveleira.es: did not receive HSTS header
josecage.com: could not connect to host
+josegerber.ch: did not receive HSTS header
+josemikkola.fi: could not connect to host
josericaurte.com: could not connect to host
joshi.su: could not connect to host
joshplant.co.uk: could not connect to host
@@ -8771,9 +9045,10 @@ joto.de: did not receive HSTS header
jotpics.com: could not connect to host
jottit.com: could not connect to host
jouetspetitechanson.com: could not connect to host
-journalof.tech: could not connect to host
+journalof.tech: max-age too low: 86400
joworld.net: could not connect to host
joyceclerkx.com: could not connect to host
+joyceseamone.com: did not receive HSTS header
joyjohnston.ca: did not receive HSTS header
joyqi.com: did not receive HSTS header
jpaglier.com: could not connect to host
@@ -8785,7 +9060,7 @@ jproxx.com: did not receive HSTS header
jptun.com: could not connect to host
jrgold.me: could not connect to host
jrmd.io: could not connect to host
-jrvar.com: did not receive HSTS header
+jrvar.com: could not connect to host
js88.sg: could not connect to host
jsanders.us: did not receive HSTS header
jsbentertainment.nl: could not connect to host
@@ -8798,15 +9073,19 @@ jsjyhzy.cc: could not connect to host
jslidong.top: did not receive HSTS header
json-viewer.com: did not receive HSTS header
jstelecom.com.br: did not receive HSTS header
-jsuse.xyz: did not receive HSTS header
+jstore.ch: could not connect to host
+jsuse.xyz: could not connect to host
jsvr.tk: could not connect to host
jsxc.ch: could not connect to host
-ju1ro.de: did not receive HSTS header
+jtcjewelry.com: could not connect to host
+ju1ro.de: could not connect to host
jualautoclave.com: did not receive HSTS header
jualssh.com: could not connect to host
juandesouza.com: did not receive HSTS header
juanhub.com: did not receive HSTS header
+jubee.nl: did not receive HSTS header
juchheim-methode.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+jucktehkeinen.de: did not receive HSTS header
juiced.gs: did not receive HSTS header
juka.pp.ua: could not connect to host
julegoerke.de: did not receive HSTS header
@@ -8835,18 +9114,20 @@ jungleculture.co.za: did not receive HSTS header
junglegoat.xyz: did not receive HSTS header
juniwalk.cz: could not connect to host
junjung.me: could not connect to host
+junoaroma.com: could not connect to host
junqtion.com: could not connect to host
jupp0r.de: did not receive HSTS header
juridiqueo.com: did not receive HSTS header
+jurisprudent.by: did not receive HSTS header
+juristas.com.br: did not receive HSTS header
juristeo.com: did not receive HSTS header
jurke.com: did not receive HSTS header
jurko.cz: could not connect to host
-jurriaan.ninja: could not connect to host
just-english.online: did not receive HSTS header
just-pools.co.za: could not connect to host
just2trade.com: did not receive HSTS header
justbelieverecovery.com: did not receive HSTS header
-justiceforfathers.com: did not receive HSTS header
+justiceforfathers.com: could not connect to host
justiceo.org: did not receive HSTS header
justinellingwood.com: could not connect to host
justinlemay.com: could not connect to host
@@ -8865,23 +9146,27 @@ juventusmania1897.com: could not connect to host
juwairen.cn: could not connect to host
juzgalo.com: did not receive HSTS header
jvn.com: did not receive HSTS header
-jvoice.net: did not receive HSTS header
+jvoice.net: could not connect to host
jwilsson.me: could not connect to host
jwolt-lx.com: could not connect to host
jxir.de: could not connect to host
jysperm.me: did not receive HSTS header
+jzachpearson.com: max-age too low: 0
+jzcapital.co: could not connect to host
jznet.org: could not connect to host
k-dev.de: could not connect to host
k-rickroll-g.pw: could not connect to host
k-wallet.com: could not connect to host
k1cp.com: could not connect to host
k33k00.com: did not receive HSTS header
-k38.cc: max-age too low: 3600
+k38.cc: could not connect to host
ka-clan.com: could not connect to host
kaanduman.com: could not connect to host
kaasbijwijn.nl: did not receive HSTS header
+kaashosting.nl: did not receive HSTS header
kabinapp.com: did not receive HSTS header
kabuabc.com: could not connect to host
+kabus.org: could not connect to host
kackscharf.de: could not connect to host
kadioglumakina.com.tr: did not receive HSTS header
kadmec.com: did not receive HSTS header
@@ -8900,8 +9185,9 @@ kajlovo.cz: could not connect to host
kakaomilchkuh.de: did not receive HSTS header
kaketalk.com: did not receive HSTS header
kakoo-media.nl: could not connect to host
-kakoo.nl: could not connect to host
+kakoo.nl: did not receive HSTS header
kakoomedia.nl: could not connect to host
+kakuto.me: could not connect to host
kalami.nl: could not connect to host
kaleidomarketing.com: did not receive HSTS header
kaleidoskop-freiburg.de: did not receive HSTS header
@@ -8915,26 +9201,28 @@ kamcvicit.sk: could not connect to host
kamikano.com: could not connect to host
kamitech.ch: could not connect to host
kanada.guide: could not connect to host
-kanagawachuo-hospital.jp: did not receive HSTS header
+kanagawachuo-hospital.jp: could not connect to host
kanar.nl: could not connect to host
kancolle.me: could not connect to host
+kandalife.com: could not connect to host
kandec.co.jp: did not receive HSTS header
kaneisdi.com: did not receive HSTS header
kaneo-gmbh.de: did not receive HSTS header
kanganer.com: could not connect to host
kangzaber.com: could not connect to host
kaniklani.co.za: did not receive HSTS header
-kanmitao.com: could not connect to host
+kanmitao.com: did not receive HSTS header
+kannchen.de: could not connect to host
kanotijd.nl: could not connect to host
kanr.in: could not connect to host
kanscooking.org: could not connect to host
kantorad.io: could not connect to host
kantv1.com: could not connect to host
-kanzakiranko.jp: could not connect to host
kanzlei-wirtschaftsrecht.berlin: max-age too low: 600000
kanzshop.com: could not connect to host
kaohub.com: could not connect to host
kaomojis.net: did not receive HSTS header
+kaotik4266.com: could not connect to host
kapiorr.duckdns.org: could not connect to host
kaplatz.is: could not connect to host
kapo.info: could not connect to host
@@ -8942,13 +9230,13 @@ kappit.dk: could not connect to host
kapucini.si: max-age too low: 0
kaputt.com: could not connect to host
kapverde.guide: could not connect to host
-karaface.com: could not connect to host
karamna.com: could not connect to host
karanastic.com: did not receive HSTS header
karanlyons.com: could not connect to host
karaoketonight.com: could not connect to host
karatekit.co.uk: could not connect to host
karatorian.org: could not connect to host
+karenledger.ca: did not receive HSTS header
karjala-ski.ru: could not connect to host
karlis-kavacis.id.lv: did not receive HSTS header
karloskontana.tk: could not connect to host
@@ -8959,21 +9247,22 @@ karting34.com: did not receive HSTS header
karuneshjohri.com: could not connect to host
kashdash.ca: could not connect to host
kashis.com.au: max-age too low: 0
-kat.al: max-age too low: 0
+kat.al: could not connect to host
katalogakci.cz: did not receive HSTS header
+katalogbutikker.dk: could not connect to host
kathrinbaumannphotography.com: did not receive HSTS header
kati0.com: could not connect to host
katiaetdavid.fr: could not connect to host
katja-nikolic-design.de: could not connect to host
katoju.co.jp: could not connect to host
katproxy.al: could not connect to host
-katproxy.online: could not connect to host
+katproxy.online: did not receive HSTS header
katproxy.site: could not connect to host
katproxy.tech: could not connect to host
katproxy.top: could not connect to host
katrinjanke.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
kattenfun.be: did not receive HSTS header
-kattenfun.nl: did not receive HSTS header
+kattenfun.nl: could not connect to host
katthewaffle.fr: could not connect to host
katzen.me: could not connect to host
katzspeech.com: did not receive HSTS header
@@ -8982,8 +9271,10 @@ kauperwood.ovh: could not connect to host
kauplusprofesional.com: did not receive HSTS header
kausch.at: could not connect to host
kausta.me: could not connect to host
+kaverti.com: did not receive HSTS header
kavik.no: could not connect to host
kavinvin.me: could not connect to host
+kawaiii.link: did not receive HSTS header
kawaiiku.com: could not connect to host
kawaiiku.de: could not connect to host
kaydan.io: could not connect to host
@@ -8994,7 +9285,7 @@ kaysis.gov.tr: did not receive HSTS header
kazamasion.com: could not connect to host
kazanasolutions.de: could not connect to host
kazenojiyu.fr: did not receive HSTS header
-kb3.net: did not receive HSTS header
+kazumi.ooo: could not connect to host
kbfl.org: could not connect to host
kcluster.io: could not connect to host
kcptun.com: could not connect to host
@@ -9003,6 +9294,7 @@ kdata.it: did not receive HSTS header
kdbx.online: could not connect to host
kdm-online.de: did not receive HSTS header
kearney.io: could not connect to host
+keditor.biz: could not connect to host
keechain.io: could not connect to host
keeley.gq: could not connect to host
keeley.ml: could not connect to host
@@ -9015,13 +9307,13 @@ keepflow.io: could not connect to host
keepmanager.org: could not connect to host
keeprubyweird.com: did not receive HSTS header
kefaloniatoday.com: did not receive HSTS header
-keifel.de: could not connect to host
keihin-chaplin.jp: did not receive HSTS header
kein-fidget-spinner-werden.de: could not connect to host
kejibot.com: could not connect to host
kekehouse.net: could not connect to host
kellyandantony.com: could not connect to host
kelm.me: could not connect to host
+kelmarsafety.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
kelp.agency: did not receive HSTS header
ken-electric.com.br: could not connect to host
kenc.dk: max-age too low: 2592000
@@ -9033,17 +9325,16 @@ kenderhazmagyarorszag.hu: did not receive HSTS header
kenkoelectric.com: did not receive HSTS header
kenman.dk: max-age too low: 2592000
kennedy.ie: could not connect to host
-kennynet.co.uk: could not connect to host
+kensparkesphotography.com: did not receive HSTS header
kentacademiestrust.org.uk: did not receive HSTS header
kepler-seminar.de: did not receive HSTS header
-keralit.nl: did not receive HSTS header
kerangalam.com: did not receive HSTS header
+kerem.xyz: could not connect to host
kerksanders.nl: could not connect to host
kermadec.blog: could not connect to host
-kermadec.com: did not receive HSTS header
-kermadec.net: did not receive HSTS header
kernelmode.io: did not receive HSTS header
kernl.us: did not receive HSTS header
+kersmexico.com: could not connect to host
keshausconsulting.com: could not connect to host
keskeces.com: did not receive HSTS header
kessel-runners.com: could not connect to host
@@ -9056,10 +9347,11 @@ kevinroebert.de: did not receive HSTS header
kevlar.pw: did not receive HSTS header
kewego.co.uk: could not connect to host
keymaster.lookout.com: did not receive HSTS header
+keys.fedoraproject.org: could not connect to host
keyserver.sexy: could not connect to host
kfbrussels.be: could not connect to host
kg-rating.com: could not connect to host
-kgb.us: could not connect to host
+kgb.us: did not receive HSTS header
kgregorczyk.pl: could not connect to host
kgxtech.com: max-age too low: 2592000
khaganat.net: did not receive HSTS header
@@ -9068,15 +9360,17 @@ khosla.uk: could not connect to host
ki-on.net: did not receive HSTS header
kiaka.co: could not connect to host
kialo.com: did not receive HSTS header
-kiapps.ovh: could not connect to host
kickass-proxies.org: could not connect to host
kickass.al: could not connect to host
kickasstorrents.gq: could not connect to host
kickerplaza.nl: did not receive HSTS header
kid-dachau.de: max-age too low: 600000
kidbacker.com: could not connect to host
+kiddies.academy: did not receive HSTS header
+kiddieschristianacademy.co.za: did not receive HSTS header
kidkat.cn: could not connect to host
kidswallstickers.com.au: could not connect to host
+kiedys.net: could not connect to host
kiel-media.de: did not receive HSTS header
kielderweather.org.uk: did not receive HSTS header
kielwi.gov: could not connect to host
@@ -9086,16 +9380,15 @@ kiesuwcursus.nl: did not receive HSTS header
kievradio.com: could not connect to host
kikuzuki.org: could not connect to host
kiladera.be: did not receive HSTS header
-kilerd.me: did not receive HSTS header
kill-paff.com: did not receive HSTS header
-kimana.pe: could not connect to host
+kimana.pe: did not receive HSTS header
kimberg.co.uk: did not receive HSTS header
kimberlybeautysoapcompany.com: did not receive HSTS header
+kimo.se: did not receive HSTS header
kimpost.org: could not connect to host
kimscrazeecastles.co.uk: did not receive HSTS header
kina.guide: could not connect to host
kinderbuecher-kostenlos.de: did not receive HSTS header
-kinderjugendfreizeitverein.de: did not receive HSTS header
kinderly.co.uk: did not receive HSTS header
kinderopvangengeltjes.nl: did not receive HSTS header
kinderopvangzevenbergen.nl: did not receive HSTS header
@@ -9114,7 +9407,6 @@ kinkdr.com: could not connect to host
kinmunity.com: did not receive HSTS header
kinnettmemorial.org: did not receive HSTS header
kinnon.enterprises: could not connect to host
-kinomoto.me: could not connect to host
kinow.com: did not receive HSTS header
kinsmenhomelottery.com: did not receive HSTS header
kintoandar.com: max-age too low: 0
@@ -9123,18 +9415,22 @@ kintzingerfilm.de: did not receive HSTS header
kionetworks.com: did not receive HSTS header
kipin.fr: did not receive HSTS header
kipira.com: could not connect to host
+kipriakipita.gr: could not connect to host
kiraboshi.xyz: could not connect to host
+kirainmoe.com: did not receive HSTS header
kirara.eu: could not connect to host
-kircp.com: could not connect to host
+kirillpokrovsky.de: could not connect to host
kirito.kr: did not receive HSTS header
kirkforsenate.com: could not connect to host
kirkpatrickdavis.com: could not connect to host
+kirrie.pe.kr: could not connect to host
kisa.io: could not connect to host
kiss-register.org: could not connect to host
kissart.net: could not connect to host
kissesb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-kissesb.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+kissesb.net: could not connect to host
kisskiss.ch: could not connect to host
+kisstube.tv: could not connect to host
kisstyle.ru: did not receive HSTS header
kisun.co.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
kita.id: did not receive HSTS header
@@ -9143,6 +9439,8 @@ kitakemon.com: could not connect to host
kitashop.com.br: could not connect to host
kitatec.com.br: could not connect to host
kitchenaccessories.pro: did not receive HSTS header
+kitchenalley.ca: could not connect to host
+kitchenalley.com: could not connect to host
kitchenchaos.de: could not connect to host
kitegarage.eu: did not receive HSTS header
kiteschoolamsterdam.nl: could not connect to host
@@ -9151,18 +9449,23 @@ kitk.at: could not connect to host
kitsostech.com: could not connect to host
kitsta.com: could not connect to host
kiwi.global: could not connect to host
+kiwico.com: max-age too low: 0
kiwiirc.com: max-age too low: 5256000
kiwipayment.com: could not connect to host
kiwipayments.com: could not connect to host
kiwiplace.com: could not connect to host
+kix.moe: did not receive HSTS header
kiyo.space: could not connect to host
kizil.net: could not connect to host
kj1391.com: did not receive HSTS header
+kj1396.net: did not receive HSTS header
+kj1397.com: did not receive HSTS header
kjaermaxi.me: did not receive HSTS header
-kjellvn.net: could not connect to host
kjg-bachrain.de: could not connect to host
kjoglum.me: could not connect to host
+kkomputer.net: could not connect to host
kkull.tv: could not connect to host
+kkws.co: could not connect to host
klantenadvies.nl: did not receive HSTS header
klas.or.id: did not receive HSTS header
klatschreime.de: did not receive HSTS header
@@ -9177,24 +9480,26 @@ kleinerarchitekturfuehrer.de: could not connect to host
kleinholding.com: could not connect to host
kleinserienproduktion.com: could not connect to host
klempnershop.eu: did not receive HSTS header
-kleppe.co: could not connect to host
kletterkater.com: did not receive HSTS header
klicktojob.de: could not connect to host
klingeletest.de: could not connect to host
klingsundet.no: did not receive HSTS header
kliqsd.com: could not connect to host
kloentrup.de: max-age too low: 604800
+klotz-labs.com: max-age too low: 7889238
klunkergarten.org: could not connect to host
+klustekeningen.nl: did not receive HSTS header
km-net.pl: did not receive HSTS header
kmdev.me: did not receive HSTS header
knapen.io: max-age too low: 604800
knccloud.com: could not connect to host
+knegten-agilis.com: could not connect to host
+kneipi.de: did not receive HSTS header
kngk-azs.ru: could not connect to host
knigadel.com: did not receive HSTS header
knightsbridgegroup.org: could not connect to host
knightsweep.com: could not connect to host
kniwweler.com: could not connect to host
-knnet.ch: could not connect to host
knowdebt.org: did not receive HSTS header
knowledgehook.com: did not receive HSTS header
knowledgesnap.com: could not connect to host
@@ -9202,6 +9507,7 @@ knowledgesnapsites.com: could not connect to host
knownsec.cf: could not connect to host
knuckles.tk: could not connect to host
kobieta.guru: could not connect to host
+koboldcraft.ch: could not connect to host
koddsson.com: did not receive HSTS header
kodexplorer.ml: could not connect to host
kodiaklabs.org: could not connect to host
@@ -9217,6 +9523,9 @@ koirala.net: could not connect to host
kokenmetaanbiedingen.nl: could not connect to host
kokoiroworks.com: could not connect to host
kola-entertainments.de: did not receive HSTS header
+kolania.com: could not connect to host
+kolania.net: could not connect to host
+kolaykaydet.com: could not connect to host
kolbeck.tk: could not connect to host
kollawat.me: could not connect to host
kolozsvaricsuhe.hu: did not receive HSTS header
@@ -9240,10 +9549,12 @@ kori.ml: did not receive HSTS header
koriyoukai.net: did not receive HSTS header
kornersafe.com: did not receive HSTS header
korni22.org: could not connect to host
-korsanparti.org: could not connect to host
+korsanparti.org: did not receive HSTS header
kostuumstore.nl: could not connect to host
kostya.net: did not receive HSTS header
kotakoo.id: could not connect to host
+kotausaha.com: could not connect to host
+kotelezobiztositas.eu: could not connect to host
kotomei.moe: could not connect to host
kotonehoko.net: could not connect to host
kotorimusic.ga: could not connect to host
@@ -9252,23 +9563,22 @@ kottur.is: could not connect to host
koukni.cz: did not receive HSTS header
kourpe.online: could not connect to host
kousaku.jp: could not connect to host
+kovnsk.net: could not connect to host
kozmik.co: could not connect to host
kpdyer.com: did not receive HSTS header
kpebetka.net: did not receive HSTS header
+kpmgpublications.ie: did not receive HSTS header
kpn-dnssec.com: could not connect to host
kprog.net: did not receive HSTS header
kpvpn.com: could not connect to host
-kradalby.no: could not connect to host
kraigwalker.com: could not connect to host
kraiwan.com: did not receive HSTS header
-krampus-fischamend.at: could not connect to host
krasavchik.by: could not connect to host
krasota.ru: did not receive HSTS header
-krausen.ca: could not connect to host
-krausoft.hu: could not connect to host
+krausen.ca: did not receive HSTS header
+krausoft.hu: did not receive HSTS header
kravelindo-adventure.com: could not connect to host
kraynik.com: could not connect to host
-krayx.com: could not connect to host
krc.link: could not connect to host
kream.io: did not receive HSTS header
kreavis.com: did not receive HSTS header
@@ -9284,20 +9594,22 @@ kriegt.es: did not receive HSTS header
krist.club: did not receive HSTS header
kristjanrang.eu: did not receive HSTS header
kristofferkoch.com: could not connect to host
-krizek.cc: did not receive HSTS header
+krizek.cc: could not connect to host
krizevackapajdasija.hr: could not connect to host
krmela.com: did not receive HSTS header
kroetenfuchs.de: could not connect to host
krokodent.de: did not receive HSTS header
-kromonos.net: could not connect to host
+kronaw.it: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
kronych.cz: could not connect to host
kroodle.nl: did not receive HSTS header
krouzkyliduska.cz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
kruegerrand-wert.de: did not receive HSTS header
krunut.com: did not receive HSTS header
+krusesec.com: could not connect to host
kryha.io: did not receive HSTS header
krypteia.org: could not connect to host
kryptomech.com: could not connect to host
+kryptomodkingz.com: could not connect to host
ks88.com: could not connect to host
ksfh-mail.de: could not connect to host
ksk-agentur.de: did not receive HSTS header
@@ -9312,24 +9624,28 @@ kubusadvocaten.nl: could not connect to host
kuchenschock.de: did not receive HSTS header
kucheryavenkovn.ru: did not receive HSTS header
kucom.it: did not receive HSTS header
+kueche-co.de: max-age too low: 9190324
kuechenplan.online: could not connect to host
kueulangtahunanak.net: could not connect to host
kuko-crews.org: could not connect to host
kultmobil.se: did not receive HSTS header
kum.com: could not connect to host
kummerlaender.eu: did not receive HSTS header
-kundenerreichen.com: did not receive HSTS header
-kundenerreichen.de: did not receive HSTS header
+kundenerreichen.com: could not connect to host
+kundenerreichen.de: could not connect to host
kundo.se: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+kunstfehler.at: did not receive HSTS header
kunstschule-krabax.de: did not receive HSTS header
kuops.com: did not receive HSTS header
kupdokuchyne.cz: could not connect to host
-kupelne-ptacek.sk: did not receive HSTS header
+kupelne-ptacek.sk: could not connect to host
kuppingercole.com: did not receive HSTS header
kura.io: could not connect to host
kurehun.org: could not connect to host
kuro346.moe: could not connect to host
kuroisalva.xyz: did not receive HSTS header
+kurrende.nrw: could not connect to host
+kurrietv.nl: did not receive HSTS header
kursprogramisty.pl: could not connect to host
kurtmclester.com: could not connect to host
kurumi.io: did not receive HSTS header
@@ -9343,16 +9659,18 @@ kwikmed.eu: could not connect to host
kwiknews.com: did not receive HSTS header
kwipi.com: did not receive HSTS header
kwmr.me: did not receive HSTS header
+kwok.cc: could not connect to host
kwok.tv: could not connect to host
kwondratsch.com: could not connect to host
kxind.cn: could not connect to host
-kyanite.co: could not connect to host
+kyanite.co: max-age too low: 7889238
kyberna.xyz: could not connect to host
kykoonn.net: did not receive HSTS header
kylapps.com: did not receive HSTS header
kyle.place: could not connect to host
kylebaldw.in: did not receive HSTS header
kylerwood.com: could not connect to host
+kylescastles.co.uk: did not receive HSTS header
kyliehunt.com: did not receive HSTS header
kylling.io: could not connect to host
kymo.org: did not receive HSTS header
@@ -9360,6 +9678,7 @@ kynaston.org.uk: could not connect to host
kyochon.fr: could not connect to host
kyonagashima.com: did not receive HSTS header
kyoto-k9.com: did not receive HSTS header
+kyoto-sake.net: could not connect to host
kyouko.nl: could not connect to host
kyujin-office.net: could not connect to host
kzjnet.com: could not connect to host
@@ -9369,7 +9688,7 @@ l18.io: could not connect to host
l3j.net: could not connect to host
la-flora-negra.de: could not connect to host
la-grande-jaugue.fr: did not receive HSTS header
-la-retraite-info.com: did not receive HSTS header
+la-retraite-info.com: could not connect to host
la-serendipite.fr: did not receive HSTS header
labaia.info: could not connect to host
laballoons.com: max-age too low: 7889238
@@ -9404,11 +9723,13 @@ laemen.nl: could not connect to host
laf.in.net: could not connect to host
lafamillemusique.fr: did not receive HSTS header
lafeemam.fr: could not connect to host
+lafema.de: could not connect to host
laforetenchantee.ch: could not connect to host
+lafosseobservatoire.be: did not receive HSTS header
lafr4nc3.xyz: could not connect to host
+lag-gbr.gq: could not connect to host
lagalerievirtuelle.fr: did not receive HSTS header
lagier.xyz: could not connect to host
-laglab.org: could not connect to host
lagodny.eu: could not connect to host
lagoza.name: could not connect to host
laharilais.fr: did not receive HSTS header
@@ -9425,17 +9746,19 @@ lamafioso.com: could not connect to host
lamaland.ru: did not receive HSTS header
lambda-complex.org: could not connect to host
lambdafive.co.uk: could not connect to host
+lamiaposta.email: did not receive HSTS header
lamomebijou.paris: did not receive HSTS header
lampl.info: could not connect to host
lamtv.com.mx: could not connect to host
lan2k.org: max-age too low: 86400
+lana.swedbank.se: did not receive HSTS header
lanauzedesigns.com: did not receive HSTS header
lanboll.com: could not connect to host
-lanbyte.se: did not receive HSTS header
+lanbyte.se: could not connect to host
lancehoteis.com: did not receive HSTS header
lancehoteis.com.br: did not receive HSTS header
+lancork.net: could not connect to host
land-links.org: did not receive HSTS header
-landbetweenthelakes.us: did not receive HSTS header
landell.ml: could not connect to host
landgoedverkopen.nl: could not connect to host
landhuisverkopen.nl: could not connect to host
@@ -9447,19 +9770,20 @@ langendries.eu: did not receive HSTS header
langhun.me: could not connect to host
laniakean.com: did not receive HSTS header
lanonfire.com: could not connect to host
+lanseyujie.com: max-age too low: 0
lansinoh.co.uk: did not receive HSTS header
lanzainc.xyz: could not connect to host
laobox.fr: could not connect to host
-laohei.org: could not connect to host
+laohei.org: did not receive HSTS header
laospage.com: did not receive HSTS header
lapakus.com: could not connect to host
laperfumista.es: could not connect to host
-lapetition.be: could not connect to host
+lapix.com.co: could not connect to host
laplaceduvillage.net: could not connect to host
laquack.com: could not connect to host
lared.ovh: did not receive HSTS header
laredsemanario.com: could not connect to host
-larky.top: could not connect to host
+larotayogaming.stream: could not connect to host
larsgujord.no: did not receive HSTS header
larsmerke.de: did not receive HSTS header
lasepiataca.com: did not receive HSTS header
@@ -9467,7 +9791,7 @@ lasercloud.ml: could not connect to host
lashstuff.com: did not receive HSTS header
lasnaves.com: did not receive HSTS header
lasst-uns-beten.de: could not connect to host
-lastharo.com: could not connect to host
+latabaccheria.net: could not connect to host
latable-bowling-vire.fr: did not receive HSTS header
latabledebry.be: could not connect to host
latamarissiere.eu: could not connect to host
@@ -9482,6 +9806,7 @@ lathen-wahn.de: did not receive HSTS header
latinred.com: did not receive HSTS header
latitude42technology.com: did not receive HSTS header
latour-managedcare.ch: could not connect to host
+latterdaybride.com: max-age too low: 7889238
latus.xyz: could not connect to host
laufcampus.com: did not receive HSTS header
laufseminare-laufreisen.com: did not receive HSTS header
@@ -9490,7 +9815,7 @@ laurel4th.org: did not receive HSTS header
laurelspaandlash.com: did not receive HSTS header
laureltv.org: did not receive HSTS header
laurent-e-levy.com: did not receive HSTS header
-lausitzer-widerstand.de: could not connect to host
+lausitzer-widerstand.de: did not receive HSTS header
lavapot.com: did not receive HSTS header
laventainnhotel-mailing.com: could not connect to host
lavine.ch: did not receive HSTS header
@@ -9506,6 +9831,7 @@ laymans911.info: could not connect to host
lazapateriahandmade.pe: did not receive HSTS header
lazerus.net: could not connect to host
lazulu.com: could not connect to host
+lazurit.com: did not receive HSTS header
lazytux.de: did not receive HSTS header
lbarrios.es: could not connect to host
lbrlh.tk: could not connect to host
@@ -9517,12 +9843,9 @@ lcti.biz: could not connect to host
ldarby.me.uk: could not connect to host
ldcraft.pw: could not connect to host
leadbook.ru: max-age too low: 604800
-leadership9.com: could not connect to host
-leadgenie.me: could not connect to host
-leadinfo.com: did not receive HSTS header
leadstart.org: did not receive HSTS header
leakedminecraft.net: could not connect to host
-leakreporter.net: could not connect to host
+leakreporter.net: did not receive HSTS header
leaks.directory: could not connect to host
leanclub.org: could not connect to host
leaodarodesia.com.br: could not connect to host
@@ -9537,6 +9860,7 @@ lebosse.me: could not connect to host
lebrun.org: could not connect to host
lecourtier.fr: did not receive HSTS header
led-tl-wereld.nl: did not receive HSTS header
+led.xyz: could not connect to host
leddruckalarm.de: did not receive HSTS header
ledgerscope.net: could not connect to host
ledhouse.sk: did not receive HSTS header
@@ -9547,14 +9871,15 @@ leebiblestudycenter.com: could not connect to host
leebiblestudycentre.com: could not connect to host
leebiblestudycentre.net: could not connect to host
leebiblestudycentre.org: could not connect to host
+leech360.com: did not receive HSTS header
leefindlow.com: could not connect to host
leegyuho.com: could not connect to host
leelou.wedding: could not connect to host
leen.io: could not connect to host
leerkotte.eu: could not connect to host
+leet2.com: could not connect to host
leetsaber.com: did not receive HSTS header
legal.farm: could not connect to host
-legalcontrol.info: could not connect to host
legaleus.co.uk: could not connect to host
legalisepeacebloom.com: could not connect to host
legalrobot-uat.com: could not connect to host
@@ -9564,7 +9889,9 @@ legarage.org: did not receive HSTS header
legatofmrc.fr: could not connect to host
legavenue.com.br: did not receive HSTS header
legendary.camera: did not receive HSTS header
+legendarycamera.com: did not receive HSTS header
legitaxi.com: did not receive HSTS header
+legumefederation.org: did not receive HSTS header
legymnase.eu: did not receive HSTS header
lehtinen.xyz: could not connect to host
leigh.life: did not receive HSTS header
@@ -9579,14 +9906,16 @@ lellyboi.ml: could not connect to host
lelongbank.com: did not receive HSTS header
lelubre.info: did not receive HSTS header
lemon.co: could not connect to host
+lemondrops.xyz: could not connect to host
lemp.io: did not receive HSTS header
lenders.direct: could not connect to host
+lenguajedeprogramacion.com: did not receive HSTS header
lengyelnyelvoktatas.hu: could not connect to host
lengyelul.hu: could not connect to host
lenkunz.me: could not connect to host
lenn1.de: did not receive HSTS header
lennarth.com: could not connect to host
-lennartheinrich.de: did not receive HSTS header
+lennartheinrich.de: could not connect to host
lennier.info: could not connect to host
lennyfaces.net: did not receive HSTS header
lenovogaming.com: could not connect to host
@@ -9594,15 +9923,16 @@ lentri.com: did not receive HSTS header
lenzw.de: did not receive HSTS header
leob.in: could not connect to host
leochedibracchio.com: did not receive HSTS header
+leodaniels.com: did not receive HSTS header
leon-jaekel.com: could not connect to host
leonardcamacho.me: could not connect to host
leonhooijer.nl: could not connect to host
leonmahler.consulting: did not receive HSTS header
leopold.email: could not connect to host
leopotamgroup.com: could not connect to host
-leovanna.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
lepiquillo.fr: did not receive HSTS header
lepont.pl: could not connect to host
+leprado.com: could not connect to host
lerasenglish.com: max-age too low: 0
lerlivros.online: could not connect to host
lerner.moscow: did not receive HSTS header
@@ -9611,6 +9941,7 @@ les-voitures-electriques.com: max-age too low: 2592000
lesbiansslaves.com: could not connect to host
lesbofight.com: could not connect to host
lescomptoirsdepierrot.com: could not connect to host
+lesconteursavis.org: could not connect to host
lesdouceursdeliyana.com: could not connect to host
lesecuadors.com: did not receive HSTS header
lesformations.net: could not connect to host
@@ -9650,7 +9981,7 @@ lezdomsm.com: could not connect to host
lfaz.org: could not connect to host
lg21.co: could not connect to host
lgbtqventures.com: did not receive HSTS header
-lgbtventures.com: did not receive HSTS header
+lgbtventures.com: could not connect to host
lgiswa.com.au: did not receive HSTS header
lgrs.com.au: did not receive HSTS header
lgsg.us: could not connect to host
@@ -9700,6 +10031,7 @@ lidl-selection.at: did not receive HSTS header
liduan.com: could not connect to host
liebach.me: did not receive HSTS header
liebestarot.at: did not receive HSTS header
+lieblingsholz.de: did not receive HSTS header
lied8.eu: could not connect to host
liehuojun.com: could not connect to host
lietaer.eu: did not receive HSTS header
@@ -9710,17 +10042,16 @@ lifeguard.aecom.com: did not receive HSTS header
lifeinitsownway.com: could not connect to host
lifeinsurances.pro: did not receive HSTS header
lifeinsurances24.com: did not receive HSTS header
+lifekiss.ru: could not connect to host
lifemarque.co.uk: did not receive HSTS header
lifenexto.com: could not connect to host
lifeng.us: could not connect to host
-lifequotes-uk.co.uk: could not connect to host
lifeskillsdirect.com: did not receive HSTS header
lifestyler.me: could not connect to host
lifetimemoneymachine.com: did not receive HSTS header
lifeventure.co.uk: did not receive HSTS header
lightarmory.com: could not connect to host
lightcloud.com: did not receive HSTS header
-lightdark.xyz: could not connect to host
lighthouseinstruments.com: did not receive HSTS header
lightning-ashe.com: did not receive HSTS header
lightnovelsekai.com: could not connect to host
@@ -9732,32 +10063,30 @@ lignemalin.com: could not connect to host
lignemax.com: did not receive HSTS header
lignenet.com: did not receive HSTS header
lijero.co: could not connect to host
+likc.me: did not receive HSTS header
like.lgbt: could not connect to host
-likenewhearing.com.au: could not connect to host
likenosis.com: could not connect to host
lila.pink: did not receive HSTS header
lilapmedia.com: did not receive HSTS header
lilismartinis.com: could not connect to host
-lillpopp.eu: max-age too low: 10
+lillpopp.eu: did not receive HSTS header
lilpwny.com: could not connect to host
lilycms.com: could not connect to host
lilygreen.co.za: did not receive HSTS header
limalama.eu: max-age too low: 1
-limeres.com: could not connect to host
limeyeti.com: could not connect to host
limiteddata.co.uk: could not connect to host
limitget.com: did not receive HSTS header
+limn.me: could not connect to host
limodo-shop.de: did not receive HSTS header
limpens.net: did not receive HSTS header
limpido.it: could not connect to host
limunana.com: could not connect to host
lincsbouncycastlehire.co.uk: did not receive HSTS header
lindberg.io: did not receive HSTS header
-linden.me: did not receive HSTS header
-lindnerhof.info: did not receive HSTS header
lineauniformes.com.br: could not connect to host
-linernotekids.com: did not receive HSTS header
-linext.cn: could not connect to host
+linernotekids.com: could not connect to host
+linext.cn: did not receive HSTS header
lingerie.net.br: did not receive HSTS header
lingerielovers.com.br: did not receive HSTS header
lingerieonline.com.br: could not connect to host
@@ -9769,9 +10098,10 @@ linhaoyi.com: could not connect to host
link.ba: could not connect to host
linkage.ph: did not receive HSTS header
linkages.org: could not connect to host
+linkonaut.net: could not connect to host
linksanitizer.com: could not connect to host
linksextremist.at: could not connect to host
-linkthisstatus.ml: could not connect to host
+linkybos.com: did not receive HSTS header
linley.de: could not connect to host
linmi.cc: did not receive HSTS header
linno.me: could not connect to host
@@ -9793,6 +10123,7 @@ linuxmint.cz: could not connect to host
linuxmonitoring.net: could not connect to host
linvx.org: did not receive HSTS header
linxmind.eu: could not connect to host
+lionlyrics.com: could not connect to host
lipo.lol: could not connect to host
liquid.solutions: did not receive HSTS header
liquidcomm.net: could not connect to host
@@ -9807,6 +10138,7 @@ lisowski-photography.com: could not connect to host
lissabon.guide: could not connect to host
listafirmelor.com: could not connect to host
listage.ovh: did not receive HSTS header
+listal.com: could not connect to host
lists.mayfirst.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
litcc.com: could not connect to host
litcomphonors.com: could not connect to host
@@ -9819,8 +10151,9 @@ littlelife.co.uk: did not receive HSTS header
littleservice.cn: could not connect to host
littleskin.cn: did not receive HSTS header
liud.im: could not connect to host
-liujunyang.com: did not receive HSTS header
+liujunyang.com: could not connect to host
liukang.tech: could not connect to host
+liushuyu.tk: did not receive HSTS header
liv3ly.com: did not receive HSTS header
livechatlady.info: did not receive HSTS header
livedemo.io: could not connect to host
@@ -9830,14 +10163,14 @@ liverewrite.com: could not connect to host
livesearch-fukuoka.com: did not receive HSTS header
liviababynet.com.br: could not connect to host
livinghealthywithchocolate.com: did not receive HSTS header
+livrariacoad.com.br: could not connect to host
livrariahugodesaovitor.com.br: could not connect to host
lixiang.one: could not connect to host
lixiaojiang.ga: could not connect to host
lixingcong.com: could not connect to host
-liyinjia.com: could not connect to host
+liyinjia.com: did not receive HSTS header
lizzythepooch.com: did not receive HSTS header
-lkiserver.com: could not connect to host
-llamasweet.tech: could not connect to host
+lkiserver.com: max-age too low: 43200
lll.st: could not connect to host
llvm.us: could not connect to host
lmrcouncil.gov: could not connect to host
@@ -9855,12 +10188,13 @@ loansonline.today: could not connect to host
loanstreet.be: could not connect to host
lobin21.com: could not connect to host
lobosdomain.ddns.net: could not connect to host
+lobosdomain.hopto.org: could not connect to host
lobosdomain.no-ip.info: could not connect to host
lobste.rs: did not receive HSTS header
locais.org: could not connect to host
localblitz.com: did not receive HSTS header
localchum.com: could not connect to host
-localdata.us: did not receive HSTS header
+localdata.us: could not connect to host
localdrive.me: could not connect to host
localnetwork.nz: could not connect to host
location-fichier-email.com: could not connect to host
@@ -9873,9 +10207,10 @@ locationvoiturenorvege.com: could not connect to host
locationvoiturepaysbas.com: could not connect to host
locationvoituresuede.com: could not connect to host
locchat.com: could not connect to host
+locker.email: could not connect to host
locker3.com: could not connect to host
+lockify.com: could not connect to host
locksmith-durbannorth.co.za: could not connect to host
-locksmithdearborn.com: did not receive HSTS header
locksmithhillcrest.co.za: could not connect to host
locksmithrandburg24-7.co.za: could not connect to host
locksmithsbluff.com: could not connect to host
@@ -9899,7 +10234,7 @@ logicsale.com: did not receive HSTS header
logicsale.de: did not receive HSTS header
logicsale.fr: did not receive HSTS header
logicsale.it: did not receive HSTS header
-logimagine.com: could not connect to host
+logimagine.com: did not receive HSTS header
login.corp.google.com: max-age too low: 7776000 (error ignored - included regardless)
login.persona.org: could not connect to host
logingate.hu: could not connect to host
@@ -9907,7 +10242,7 @@ loginseite.com: could not connect to host
logistify.com.mx: did not receive HSTS header
lognot.net: could not connect to host
logymedia.com: could not connect to host
-lohl1kohl.de: could not connect to host
+lohl1kohl.de: did not receive HSTS header
loisircreatif.net: did not receive HSTS header
lojadocristaozinho.com.br: could not connect to host
lojadoprazer.com.br: could not connect to host
@@ -9915,10 +10250,12 @@ lojahunamarcenaria.com.br: could not connect to host
lojamulticapmais.com.br: did not receive HSTS header
lojashowdecozinha.com.br: could not connect to host
lojasviavento.com.br: could not connect to host
+lojatema.com.br: could not connect to host
lojavalcapelli.com.br: could not connect to host
lolhax.org: could not connect to host
loli.bz: could not connect to host
loli.com: could not connect to host
+loli.ski: did not receive HSTS header
loli.vip: did not receive HSTS header
lolicon.info: could not connect to host
lolicore.ch: could not connect to host
@@ -9931,6 +10268,8 @@ londoncalling.co: did not receive HSTS header
londonlanguageexchange.com: could not connect to host
londonseedcentre.co.uk: could not connect to host
lonerwolf.com: did not receive HSTS header
+long139.com: could not connect to host
+long688.com: could not connect to host
longboarding-ulm.de: could not connect to host
longma.pw: could not connect to host
longtaitouwang.com: did not receive HSTS header
@@ -9940,10 +10279,13 @@ looktothestars.org: did not receive HSTS header
lookupclose.com: did not receive HSTS header
looneymooney.com: could not connect to host
loongsg.xyz: could not connect to host
+loony.info: could not connect to host
+loopower.com: could not connect to host
loperetti.ch: could not connect to host
loqyu.co: could not connect to host
-lordgun.com: could not connect to host
+lordgun.com: did not receive HSTS header
lordjevington.co.uk: did not receive HSTS header
+lormansas.com: could not connect to host
losebellyfat.pro: could not connect to host
losrascadoresparagatos.com: did not receive HSTS header
loss.no: could not connect to host
@@ -9959,7 +10301,7 @@ lothuytinhsi.com: could not connect to host
lotos-ag.ch: did not receive HSTS header
lotsencafe.de: did not receive HSTS header
lottosonline.com: did not receive HSTS header
-lotuscloud.de: did not receive HSTS header
+lotuscloud.de: could not connect to host
lotuscloud.org: could not connect to host
louduniverse.net: did not receive HSTS header
louiewatch.com: could not connect to host
@@ -9971,7 +10313,7 @@ loveamber.me: could not connect to host
loveandloyalty.se: could not connect to host
lovebo9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
lovebo9.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-lovelens.ch: could not connect to host
+lovelens.ch: max-age too low: 0
lovelifelovelive.com: could not connect to host
lovelive-anime.tk: could not connect to host
lovelive-anime.tokyo: could not connect to host
@@ -9980,6 +10322,7 @@ lovelyblogacademy.com: did not receive HSTS header
lovelychalets-peisey.com: did not receive HSTS header
lovelycorral.com: did not receive HSTS header
lovelyfriends.org: did not receive HSTS header
+lovelytimes.net: could not connect to host
lovemen.cc: did not receive HSTS header
lovemysafetynet.com: did not receive HSTS header
loveread-ec.appspot.com: did not receive HSTS header
@@ -9991,6 +10334,7 @@ lowtherpavilion.co.uk: did not receive HSTS header
loxal.org: could not connect to host
loxis.be: did not receive HSTS header
loyaltech.ch: could not connect to host
+lp-support.nl: could not connect to host
lpacademy.com.br: could not connect to host
lpak.nl: could not connect to host
lpgram.ga: could not connect to host
@@ -10000,7 +10344,7 @@ lrhstsa.com: could not connect to host
ls-a.org: did not receive HSTS header
ls-reallife.de: did not receive HSTS header
ls-rp.es: did not receive HSTS header
-lsky.cn: did not receive HSTS header
+lsky.cn: could not connect to host
lsp-sports.de: did not receive HSTS header
lstma.com: could not connect to host
lsvih.com: did not receive HSTS header
@@ -10010,13 +10354,15 @@ lsys.ac: could not connect to host
lszj.com: could not connect to host
ltba.org: could not connect to host
ltbytes.com: could not connect to host
-ltechnologygroup.com: could not connect to host
+ltechnologygroup.com: did not receive HSTS header
ltransferts.com: could not connect to host
ltu.social: could not connect to host
luan.ma: did not receive HSTS header
lubot.net: could not connect to host
+lucakrebs.de: could not connect to host
lucas-garte.com: did not receive HSTS header
lucascantor.com: did not receive HSTS header
+lucascobb.com: did not receive HSTS header
lucascodes.com: could not connect to host
lucassoler.com.ar: could not connect to host
lucaterzini.com: could not connect to host
@@ -10024,12 +10370,18 @@ lucidlogs.com: could not connect to host
luckydog.pw: could not connect to host
luckystarfishing.com: did not receive HSTS header
luclu7.pw: could not connect to host
-ludwig.click: did not receive HSTS header
+ludwig.click: could not connect to host
lufthansaexperts.com: max-age too low: 2592000
luganskservers.net: could not connect to host
+luginbuehl.eu: could not connect to host
luis-checa.com: could not connect to host
+luisgf.es: did not receive HSTS header
luisv.me: could not connect to host
luk.photo: could not connect to host
+lukas-schauer.de: did not receive HSTS header
+lukas.im: did not receive HSTS header
+lukas2511.de: did not receive HSTS header
+lukasschauer.de: did not receive HSTS header
lukasunger.cz: could not connect to host
lukasunger.net: could not connect to host
lukaszdolan.com: did not receive HSTS header
@@ -10050,42 +10402,45 @@ lunarrift.net: could not connect to host
lunarsoft.net: did not receive HSTS header
luneta.nearbuysystems.com: could not connect to host
lunight.ml: could not connect to host
+lunix.io: did not receive HSTS header
luno.io: could not connect to host
-luody.info: could not connect to host
luoe.ml: could not connect to host
luolikong.vip: did not receive HSTS header
luom.net: could not connect to host
luoxiao.im: could not connect to host
luoxingyu.ml: could not connect to host
+luqsus.pl: could not connect to host
luripump.se: could not connect to host
lusis.fr: did not receive HSTS header
lusis.net: could not connect to host
lustrumxi.nl: could not connect to host
-luteijn.biz: did not receive HSTS header
luther.fi: could not connect to host
+luvplay.co.uk: could not connect to host
luxe-it.co.uk: could not connect to host
luxinmo.com: did not receive HSTS header
luxofit.de: did not receive HSTS header
luxonetwork.com: could not connect to host
luxus-russen.de: could not connect to host
luzeshomologadas.com.br: could not connect to host
+lv5.top: could not connect to host
lwhate.com: could not connect to host
lycly.me: could not connect to host
lycly.top: could not connect to host
lydia-und-simon.de: could not connect to host
lydiagorstein.com: did not receive HSTS header
+lyfbits.com: could not connect to host
lylares.com: did not receive HSTS header
-lynkos.com: did not receive HSTS header
+lynkos.com: could not connect to host
lyonelkaufmann.ch: did not receive HSTS header
lyonl.com: could not connect to host
lyscnd.com: could not connect to host
lysergion.com: could not connect to host
lyuba.fr: could not connect to host
-lyuly.com: did not receive HSTS header
lz.sb: could not connect to host
lzahq.tech: did not receive HSTS header
lzkill.com: did not receive HSTS header
lzqii.cn: could not connect to host
+lzzr.me: could not connect to host
m-ali.xyz: did not receive HSTS header
m-edmondson.co.uk: did not receive HSTS header
m-generator.com: could not connect to host
@@ -10097,9 +10452,9 @@ m0wef.uk: could not connect to host
m2tc.fr: could not connect to host
m3-gmbh.de: did not receive HSTS header
m4570.xyz: could not connect to host
-m4g.ru: could not connect to host
m82labs.com: did not receive HSTS header
ma-musique.fr: could not connect to host
+ma-plancha.ch: did not receive HSTS header
maarten.nyc: could not connect to host
maartenprovo.be: did not receive HSTS header
maartenterpstra.xyz: could not connect to host
@@ -10115,11 +10470,12 @@ macgeneral.de: did not receive HSTS header
mach1club.com: did not receive HSTS header
machbach.net: could not connect to host
machinelearningjavascript.com: could not connect to host
+maciespartyhire.co.uk: did not receive HSTS header
mack.space: could not connect to host
macleodnc.com: did not receive HSTS header
macsandcheesedreams.com: could not connect to host
+macstore.pe: did not receive HSTS header
macustar.eu: did not receive HSTS header
-madandpissedoff.com: could not connect to host
madcatdesign.de: did not receive HSTS header
maddin.ga: could not connect to host
madebyfalcon.co.uk: did not receive HSTS header
@@ -10136,15 +10492,16 @@ madnetwork.org: could not connect to host
madokami.net: could not connect to host
madpeople.net: max-age too low: 2592000
madrants.net: could not connect to host
-madweb.design: did not receive HSTS header
maerzpa.de: did not receive HSTS header
mafamane.com: could not connect to host
+maff.scot: could not connect to host
mafiareturns.com: max-age too low: 2592000
magazinedabeleza.net: could not connect to host
magebankin.com: did not receive HSTS header
magenx.com: did not receive HSTS header
magia360.com: did not receive HSTS header
magicball.co: could not connect to host
+magickmoments.co.uk: did not receive HSTS header
magieamour.com: did not receive HSTS header
magieblanche.fr: did not receive HSTS header
magnacumlaude.co: could not connect to host
@@ -10160,19 +10517,21 @@ mail-settings.google.com: did not receive HSTS header (error ignored - included
mail.google.com: did not receive HSTS header (error ignored - included regardless)
mail4geek.com: did not receive HSTS header
mailchuck.com: could not connect to host
-maildragon.com: could not connect to host
+maildragon.com: did not receive HSTS header
mailgarant.nl: could not connect to host
mailhost.it: could not connect to host
mailing-femprendedores.com: did not receive HSTS header
mailing-jbgg.com: could not connect to host
-maillink.store: did not receive HSTS header
+maillink.store: could not connect to host
mailon.ga: could not connect to host
mailpenny.com: could not connect to host
main-street-seo.com: did not receive HSTS header
main-unit.com: could not connect to host
+mainston.com: could not connect to host
maintainerheaven.ch: could not connect to host
maisalto.ind.br: could not connect to host
maitriser-son-stress.com: could not connect to host
+majesticcolorado.com: did not receive HSTS header
majncloud.tk: could not connect to host
make-pizza.info: could not connect to host
makedonien.guide: could not connect to host
@@ -10249,8 +10608,10 @@ manshop24.com: could not connect to host
mansion-note.com: did not receive HSTS header
mansiontech.cn: did not receive HSTS header
manududu.com.br: could not connect to host
+manuel7espejo.com: did not receive HSTS header
manuelrueger.de: could not connect to host
manutrol.com.br: did not receive HSTS header
+maomao.blog: could not connect to host
maomaobt.com: did not receive HSTS header
maomaofuli.vip: could not connect to host
maosi.xin: could not connect to host
@@ -10259,9 +10620,9 @@ maplenorth.co: could not connect to host
mapresidentielle.fr: did not receive HSTS header
mapservices.nl: did not receive HSTS header
maquillage-permanent-tatoo.com: did not receive HSTS header
+maquininhamercadopoint.com.br: could not connect to host
maranatha.pl: did not receive HSTS header
-marbinvest.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-marcaixala.me: could not connect to host
+marbinvest.com: did not receive HSTS header
marcaudefroy.com: could not connect to host
marcberman.co: did not receive HSTS header
marcbuehlmann.com: did not receive HSTS header
@@ -10269,6 +10630,7 @@ marcelmarnitz.com: could not connect to host
marcelparra.com: could not connect to host
marchagen.nl: did not receive HSTS header
marche-nordic-jorat.ch: could not connect to host
+marchhappy.tech: did not receive HSTS header
marco-kretz.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
marco01809.net: could not connect to host
marcoececilia.it: did not receive HSTS header
@@ -10285,15 +10647,18 @@ mare92.cz: could not connect to host
mareklecian.cz: did not receive HSTS header
margan.ch: could not connect to host
margaretrosefashions.co.uk: could not connect to host
+margo.ml: could not connect to host
mariacristinadoces.com.br: did not receive HSTS header
mariannematthew.com: could not connect to host
marianwehlus.de: did not receive HSTS header
mariaolesen.dk: could not connect to host
marie-curie.fr: could not connect to host
-marie-elisabeth.dk: did not receive HSTS header
marie-en-provence.com: could not connect to host
marie.club: could not connect to host
marienschule-sundern.de: did not receive HSTS header
+marinecadastre.gov: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+mario.party: could not connect to host
+marioabela.com: did not receive HSTS header
mariusschulte.de: did not receive HSTS header
marix.ro: could not connect to host
mark-a-hydrant.com: did not receive HSTS header
@@ -10305,13 +10670,12 @@ marketgot.com: did not receive HSTS header
marketing-advertising.eu: could not connect to host
marketingdesignu.cz: could not connect to host
marketingromania.ro: did not receive HSTS header
-marketio.co: could not connect to host
+marketio.co: did not receive HSTS header
markllego.com: could not connect to host
marko-fenster24.de: did not receive HSTS header
markorszulak.com: did not receive HSTS header
markow.io: max-age too low: 7776000
markrego.com: could not connect to host
-markrobin.de: did not receive HSTS header
marksill.com: could not connect to host
marktboten.de: did not receive HSTS header
markusabraham.com: did not receive HSTS header
@@ -10336,6 +10700,7 @@ martin-mattel.com: could not connect to host
martinec.co.uk: could not connect to host
martinestyle.com: could not connect to host
martineve.com: did not receive HSTS header
+martingansler.de: did not receive HSTS header
martinkup.cz: did not receive HSTS header
martinp.no: could not connect to host
martinrogalla.com: did not receive HSTS header
@@ -10355,19 +10720,21 @@ masjidtawheed.net: did not receive HSTS header
maskice.hr: did not receive HSTS header
maskinkultur.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
maskt.pw: could not connect to host
+maslife365.com: could not connect to host
massagelimaperu.com: did not receive HSTS header
massivum.de: did not receive HSTS header
massot.eu: did not receive HSTS header
mastd.fr: could not connect to host
mastd.onl: could not connect to host
-mastepinnelaand.nl: did not receive HSTS header
-masteragenasia.com: could not connect to host
+masteragenasia.com: did not receive HSTS header
masteragenasia.net: did not receive HSTS header
masterapi.ninja: did not receive HSTS header
masterhaus.bg: did not receive HSTS header
masteringtheterminal.com: did not receive HSTS header
+mastersquirrel.xyz: did not receive HSTS header
mastersthesiswriting.com: could not connect to host
mastichor.info: could not connect to host
+mastiffingles.com.br: could not connect to host
mastimtibetano.com: could not connect to host
masto.io: could not connect to host
mastod.life: could not connect to host
@@ -10385,13 +10752,16 @@ masty.nl: could not connect to host
masumreza.tk: could not connect to host
mat99.dk: could not connect to host
matarrosabierzo.com: could not connect to host
+matchneedle.com: did not receive HSTS header
mateusmeyer.com.br: could not connect to host
mateuszpilszek.pl: could not connect to host
+mathematris.com: did not receive HSTS header
mathers.ovh: did not receive HSTS header
mathias.re: did not receive HSTS header
mathijskingma.nl: could not connect to host
matillat.ovh: did not receive HSTS header
-matlabjo.ir: could not connect to host
+matlabjo.ir: did not receive HSTS header
+matmessages.com: did not receive HSTS header
matomeplus.co: could not connect to host
matrict.com: could not connect to host
matrip.de: could not connect to host
@@ -10412,9 +10782,7 @@ mattia98.org: did not receive HSTS header
mattisam.com: did not receive HSTS header
mattressinsider.com: max-age too low: 3153600
mattwb65.com: did not receive HSTS header
-mattwservices.co.uk: max-age too low: 2592000
matty.digital: did not receive HSTS header
-matze.co: did not receive HSTS header
matze.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
maultrom.ml: could not connect to host
maupiknik.com: did not receive HSTS header
@@ -10424,27 +10792,29 @@ mausi.co: did not receive HSTS header
mavisang.cf: could not connect to host
mawe.red: could not connect to host
max-mad.com: could not connect to host
+maxbachmann.de: did not receive HSTS header
maxfox.me: could not connect to host
maxhorvath.com: could not connect to host
maxibanki.ovh: could not connect to host
maxicore.co.za: could not connect to host
maxima.at: did not receive HSTS header
maximelouet.me: did not receive HSTS header
-maximov.space: could not connect to host
+maximov.space: did not receive HSTS header
maxkeller.io: did not receive HSTS header
maxmachine.ind.br: could not connect to host
-maxr1998.de: could not connect to host
maxserver.com: did not receive HSTS header
maya-ro.com: could not connect to host
maya.mg: could not connect to host
maybeul.com: could not connect to host
-maydex.info: could not connect to host
maynardnetworks.com: could not connect to host
mayoristassexshop.com: did not receive HSTS header
mazyun.com: did not receive HSTS header
mazz-tech.com: could not connect to host
+mb300sd.com: could not connect to host
+mb300sd.net: could not connect to host
mbconsultancy.nu: did not receive HSTS header
mbdrogenbos-usedcars.be: could not connect to host
+mbsec.net: could not connect to host
mbwemmel-usedcars.be: could not connect to host
mc81.com: did not receive HSTS header
mca2017.org: did not receive HSTS header
@@ -10454,6 +10824,7 @@ mcb-bank.com: did not receive HSTS header
mcc.re: could not connect to host
mccordworks.com: did not receive HSTS header
mcdanieldevelopmentservices.com: could not connect to host
+mcdona1d.me: could not connect to host
mcdonalds.ru: did not receive HSTS header
mcga.media: could not connect to host
mcgavocknissanwichitaparts.com: could not connect to host
@@ -10477,7 +10848,7 @@ mcuexchange.com: did not receive HSTS header
mcuong.tk: could not connect to host
md-student.com: did not receive HSTS header
mdfnet.se: did not receive HSTS header
-mdscomp.net: did not receive HSTS header
+mdscomp.net: could not connect to host
mdwftw.com: could not connect to host
me-dc.com: could not connect to host
meadowviewfarms.org: could not connect to host
@@ -10494,7 +10865,7 @@ medallia.io: could not connect to host
meddatix.com: could not connect to host
media-access.online: did not receive HSTS header
media-courses.com: could not connect to host
-mediacru.sh: max-age too low: 0
+mediacru.sh: could not connect to host
mediadandy.com: could not connect to host
mediafinancelab.org: could not connect to host
mediamag.am: max-age too low: 0
@@ -10511,22 +10882,27 @@ mediumraw.org: did not receive HSTS header
mediweed.tk: could not connect to host
medm-test.com: could not connect to host
medpot.net: did not receive HSTS header
-medsindex.com: max-age too low: 2592000
+medsindex.com: did not receive HSTS header
medstreaming.com: did not receive HSTS header
medtankers.management: did not receive HSTS header
medy-me.com: could not connect to host
medzinenews.com: did not receive HSTS header
meedoenzaanstad.nl: did not receive HSTS header
meetfinch.com: could not connect to host
+meetmibaby.co.uk: could not connect to host
+mega-aukcion.ru: could not connect to host
megadrol.com: could not connect to host
megaflix.nl: could not connect to host
megakiste.de: could not connect to host
megam.host: could not connect to host
-megashur.se: did not receive HSTS header
+megamarkey.de: did not receive HSTS header
+megashur.se: could not connect to host
megasystem.cl: could not connect to host
meghudson.com: could not connect to host
meifrench.com: could not connect to host
+meimeistartup.com: could not connect to host
meincloudspeicher.de: could not connect to host
+meine-plancha.ch: did not receive HSTS header
meine-reise-gut-versichert.de: did not receive HSTS header
meinebo.it: could not connect to host
meisterritter.de: did not receive HSTS header
@@ -10540,11 +10916,13 @@ melf.nl: could not connect to host
melhoresdominios.net: could not connect to host
melhorproduto.com.br: could not connect to host
melikoff.es: could not connect to host
+melitopol.co.ua: did not receive HSTS header
melodic.com.au: could not connect to host
melody-lyrics.com: could not connect to host
melonstudios.net: could not connect to host
melpomene.me: could not connect to host
melted.pw: could not connect to host
+meltzow.net: could not connect to host
melvinlammerts.nl: could not connect to host
melvinlow.com: did not receive HSTS header
memberpress.com: did not receive HSTS header
@@ -10562,29 +10940,28 @@ memorytrace.space: could not connect to host
menaraannonces.com: could not connect to host
menchez.me: could not connect to host
menhera.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-menotag.com: did not receive HSTS header
+menntagatt.is: did not receive HSTS header
mensachterdepatient.nl: max-age too low: 2592000
mensmaximus.de: did not receive HSTS header
mentalhealth.gov: did not receive HSTS header
mentax.net: did not receive HSTS header
mentesemprendedoras.net: could not connect to host
menthix.net: could not connect to host
+mentorithm.com: could not connect to host
menu.fyi: could not connect to host
menudrivetest.com: could not connect to host
-menuel.me: did not receive HSTS header
menuiserie-berard.com: did not receive HSTS header
menzaijia.com: could not connect to host
+menzel-motors.com: did not receive HSTS header
meo.de: could not connect to host
meow.cloud: could not connect to host
meozcraft.com: could not connect to host
-mercamaris.es: did not receive HSTS header
mercanix.co.uk: could not connect to host
merccorp.de: max-age too low: 0
mercedes-benz-usedcars.be: could not connect to host
mercury-studio.com: did not receive HSTS header
mereckas.com: could not connect to host
meredithkm.info: did not receive HSTS header
-merenita.eu: did not receive HSTS header
mergozzo.com: did not receive HSTS header
merimatka.fi: could not connect to host
meritz.rocks: could not connect to host
@@ -10602,11 +10979,8 @@ metadistribution.com: did not receive HSTS header
metagrader.com: could not connect to host
metalsculpture.co.uk: max-age too low: 0
metanic.org: did not receive HSTS header
-metaregistrar.com: max-age too low: 0
metasyntactic.xyz: could not connect to host
-metebalci.com: did not receive HSTS header
-meteosky.net: could not connect to host
-meter.md: could not connect to host
+meteosky.net: did not receive HSTS header
metikam.pl: did not receive HSTS header
metin2blog.de: did not receive HSTS header
metin2sepeti.com: could not connect to host
@@ -10623,7 +10997,7 @@ meupedido.online: did not receive HSTS header
meusigno.com: could not connect to host
mexbt.com: could not connect to host
mexicanbusinessweb.mx: did not receive HSTS header
-mexicansbook.ru: did not receive HSTS header
+mexicansbook.ru: could not connect to host
mexior.nl: could not connect to host
meyeraviation.com: could not connect to host
mfcatalin.com: could not connect to host
@@ -10634,6 +11008,7 @@ mfpccprod.com: could not connect to host
mfrsgb45.org: did not receive HSTS header
mft.global: could not connect to host
mfxer.com: could not connect to host
+mfz.mk: did not receive HSTS header
mgcraft.net: did not receive HSTS header
mgdigital.fr: did not receive HSTS header
mgiay.com: did not receive HSTS header
@@ -10652,16 +11027,17 @@ mianfei-vpn.com: could not connect to host
miboulot.com: could not connect to host
micaiahparker.com: could not connect to host
micasamgmt.com: did not receive HSTS header
+michaelcullen.name: could not connect to host
michaeldemuth.com: could not connect to host
michaelfitzpatrickruth.com: did not receive HSTS header
michaelizquierdo.com: max-age too low: 0
-michaelklos.nl: could not connect to host
+michaelklos.nl: did not receive HSTS header
michaelmorpurgo.com: did not receive HSTS header
-michaeln.net: could not connect to host
+michaeln.net: did not receive HSTS header
michaels-homepage-service.de: could not connect to host
michaelscrivo.com: did not receive HSTS header
-michaelsulzer.com: could not connect to host
-michaelsulzer.eu: could not connect to host
+michaelsulzer.com: did not receive HSTS header
+michaelsulzer.eu: did not receive HSTS header
michaelwaite.org: could not connect to host
michal-kral.cz: could not connect to host
michalborka.cz: could not connect to host
@@ -10669,7 +11045,6 @@ michalkral.tk: could not connect to host
michalvasicek.cz: did not receive HSTS header
michasfahrschule.com: could not connect to host
michel.pt: did not receive HSTS header
-michele.ml: could not connect to host
michelledonelan.co.uk: did not receive HSTS header
michiganmetalartwork.com: max-age too low: 7889238
mico.world: could not connect to host
@@ -10681,6 +11056,7 @@ microdesic.com: could not connect to host
microme.ga: could not connect to host
micropple.net: could not connect to host
microtalk.org: could not connect to host
+middletowndelcopa.gov: could not connect to host
midirs.org: did not receive HSTS header
midonet.org: did not receive HSTS header
midriversmotorsllc.com: did not receive HSTS header
@@ -10699,12 +11075,12 @@ migrator.co: could not connect to host
miguelgfierro.com: did not receive HSTS header
miguksaram.com: could not connect to host
mijn-email.org: could not connect to host
+mijnavg.eu: did not receive HSTS header
mijndiad.nl: did not receive HSTS header
mijnkredietpaspoort.nl: could not connect to host
mijnsite.ovh: could not connect to host
mika.cat: could not connect to host
mikadesign.se: did not receive HSTS header
-mikaela.info: max-age too low: 0
mikaelemilsson.net: did not receive HSTS header
mikeburns.com: could not connect to host
mikedugan.org: did not receive HSTS header
@@ -10719,10 +11095,14 @@ mikk.cz: could not connect to host
mikori.sk: did not receive HSTS header
mikro-inwestycje.co.uk: did not receive HSTS header
miku.be: could not connect to host
+miku.cloud: could not connect to host
miku.hatsune.my: did not receive HSTS header
+miku.party: could not connect to host
+mikumiku.stream: could not connect to host
mikusinec.com: could not connect to host
milahendri.com: did not receive HSTS header
milang.xyz: could not connect to host
+milanpala.cz: could not connect to host
milatrans.pl: did not receive HSTS header
milcoresonline.com: could not connect to host
milesgeek.com: did not receive HSTS header
@@ -10730,11 +11110,9 @@ military-portal.cz: did not receive HSTS header
militarycarlot.com: did not receive HSTS header
militaryconsumer.gov: did not receive HSTS header
milkingit.net: could not connect to host
+milktea.info: could not connect to host
millibitcoin.jp: could not connect to host
millionairessecrets.com: could not connect to host
-millions25.com: could not connect to host
-millions26.com: could not connect to host
-millions27.com: could not connect to host
millstep.de: did not receive HSTS header
milonga.tips: could not connect to host
mim.properties: could not connect to host
@@ -10746,10 +11124,11 @@ minacssas.com: could not connect to host
minantavla.se: could not connect to host
mind.sh: did not receive HSTS header
mindbodycontinuum.com: could not connect to host
+mindbodytherapymn.com: did not receive HSTS header
mindcell.no: could not connect to host
mindcraft.ga: could not connect to host
mindwork.space: could not connect to host
-mine.world: could not connect to host
+mine.world: did not receive HSTS header
minecraft-forum.cf: could not connect to host
minecraft-forum.ga: could not connect to host
minecraft-forum.gq: could not connect to host
@@ -10763,10 +11142,10 @@ minecraftforums.gq: could not connect to host
minecraftforums.ml: could not connect to host
minecraftserverz.com: could not connect to host
minecraftvoter.com: could not connect to host
-minecrell.net: max-age too low: 172800
mineover.es: could not connect to host
minetude.com: could not connect to host
mingkyaa.com: could not connect to host
+mingming.info: did not receive HSTS header
mingo.nl: max-age too low: 2592000
mingy.ddns.net: could not connect to host
mingyueli.com: could not connect to host
@@ -10776,14 +11155,12 @@ minikneet.nl: did not receive HSTS header
minimaliston.com: could not connect to host
minimoo.se: could not connect to host
minipainting.net: could not connect to host
-minis-hip.de: max-age too low: 172800
miniskipper.at: did not receive HSTS header
minkondom.nu: could not connect to host
minnesotadata.com: could not connect to host
minor.news: could not connect to host
minora.io: could not connect to host
minoris.se: did not receive HSTS header
-minorshadows.net: did not receive HSTS header
mintea-noua.ro: could not connect to host
mipiaci.co.nz: did not receive HSTS header
mipiaci.com.au: did not receive HSTS header
@@ -10791,6 +11168,7 @@ miragrow.com: could not connect to host
mireillewendling.com.br: could not connect to host
mirgleich.dnshome.de: could not connect to host
mirindadomo.ru: did not receive HSTS header
+mirjamderijk.nl: could not connect to host
mirodasilva.be: could not connect to host
mironized.com: did not receive HSTS header
mirrorsedgearchive.ga: could not connect to host
@@ -10806,9 +11184,9 @@ misiru.jp: could not connect to host
missrain.tw: could not connect to host
missycosmeticos.com.br: could not connect to host
mist.ink: could not connect to host
+mister-cooks.fr: did not receive HSTS header
mister.hosting: did not receive HSTS header
misterl.net: did not receive HSTS header
-misuzu.moe: could not connect to host
mitarbeiter-pc.de: did not receive HSTS header
mitchellrenouf.ca: could not connect to host
mitior.net: could not connect to host
@@ -10818,14 +11196,16 @@ mittenhacks.com: could not connect to host
mityinc.com: did not receive HSTS header
miukimodafeminina.com: could not connect to host
mivcon.net: could not connect to host
+mivestuariolaboral.com: did not receive HSTS header
+mivzaklive.co.il: did not receive HSTS header
mixer.cash: could not connect to host
miya.io: could not connect to host
miyako-kyoto.jp: could not connect to host
miyoshi-kikaku.co.jp: could not connect to host
mizd.at: could not connect to host
mizi.name: could not connect to host
+mizumax.me: could not connect to host
mjcaffarattilaw.com: did not receive HSTS header
-mjec.net: could not connect to host
mjhsc.nl: did not receive HSTS header
mk-dizajn.com: could not connect to host
mkacg.com: could not connect to host
@@ -10836,10 +11216,11 @@ mkg-palais-hanau.de: did not receive HSTS header
mkie.cf: could not connect to host
mkp-deutschland.de: did not receive HSTS header
mkplay.io: could not connect to host
-mkuznets.com: could not connect to host
mkw.st: could not connect to host
mlcambiental.com.br: did not receive HSTS header
mlcdn.co: could not connect to host
+mlfaw.com: could not connect to host
+mlii.net: could not connect to host
mlm-worldwide.de: did not receive HSTS header
mlpchan.net: could not connect to host
mlpepilepsy.org: could not connect to host
@@ -10847,6 +11228,7 @@ mlpvc-rr.ml: did not receive HSTS header
mlrslateroofing.com.au: did not receive HSTS header
mlsrv.de: could not connect to host
mm-wife.com: could not connect to host
+mm13.at: could not connect to host
mmaps.ddns.net: could not connect to host
mmarnitz.de: could not connect to host
mmcc.pe: did not receive HSTS header
@@ -10854,7 +11236,7 @@ mmgazhomeloans.com: did not receive HSTS header
mmilog.hu: could not connect to host
mmmm.com: could not connect to host
mmstick.tk: could not connect to host
-mnd.sc: could not connect to host
+mna7e.com: did not receive HSTS header
mnec.io: could not connect to host
mneeb.de: could not connect to host
mnemotiv.com: could not connect to host
@@ -10867,6 +11249,7 @@ moas.design: did not receive HSTS header
moas.photos: did not receive HSTS header
mobag.ru: did not receive HSTS header
mobaircon.com: did not receive HSTS header
+mobi4.tk: could not connect to host
mobile-gesundheit.org: could not connect to host
mobile.eti.br: could not connect to host
mobilebay.top: could not connect to host
@@ -10890,7 +11273,7 @@ mockmyapp.com: could not connect to host
mocloud.eu: could not connect to host
mocloud.win: could not connect to host
mocsuite.club: could not connect to host
-mocurio.com: could not connect to host
+mocurio.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
modalrakyat.com: could not connect to host
modalrakyat.id: did not receive HSTS header
modaperuimport.com: could not connect to host
@@ -10913,16 +11296,17 @@ modydev.club: could not connect to host
moe.pe: could not connect to host
moe.wtf: could not connect to host
moe4sale.in: did not receive HSTS header
+moeali.com: could not connect to host
moebel-nagel.de: did not receive HSTS header
-moebel-vergleichen.com: did not receive HSTS header
moefi.xyz: could not connect to host
moegirl.org: did not receive HSTS header
+moeli.org: could not connect to host
moellers.it: could not connect to host
moeloli.pw: did not receive HSTS header
moelord.org: could not connect to host
moen.io: did not receive HSTS header
moevenpick-cafe.com: did not receive HSTS header
-moeyun.net: could not connect to host
+moeyun.net: max-age too low: 86400
mogry.net: did not receive HSTS header
mohio.co.nz: did not receive HSTS header
moho.kr: could not connect to host
@@ -10933,7 +11317,6 @@ mojefilmy.xyz: could not connect to host
mojizuri.jp: max-age too low: 86400
mokadev.com: did not receive HSTS header
mokken-fabriek.nl: did not receive HSTS header
-molokai.org: could not connect to host
mols.me: could not connect to host
momento.co.id: did not receive HSTS header
momfulfilled.com: could not connect to host
@@ -10963,7 +11346,7 @@ monitaure.io: could not connect to host
monitman.solutions: could not connect to host
monitorchain.com: did not receive HSTS header
monitori.ng: could not connect to host
-monkieteel.nl: max-age too low: 2592000
+monkieteel.nl: did not receive HSTS header
monochrometoys.com: could not connect to host
monodukuri.cafe: could not connect to host
monodzukuri.cafe: could not connect to host
@@ -10974,12 +11357,13 @@ montanana.com: did not receive HSTS header
montand.com: did not receive HSTS header
monteurzimmerfrei.de: could not connect to host
montonicms.com: could not connect to host
-moo.pet: could not connect to host
+moo.pet: did not receive HSTS header
moobo.xyz: did not receive HSTS header
moodifiers.com: could not connect to host
moon.lc: could not connect to host
moonagic.io: could not connect to host
moonless.net: could not connect to host
+moonlightcapital.ml: could not connect to host
moonloupe.com: could not connect to host
moonrhythm.info: could not connect to host
moonrhythm.io: did not receive HSTS header
@@ -10994,7 +11378,7 @@ moparscape.org: did not receive HSTS header
mopsuite.club: could not connect to host
mor.cloud: could not connect to host
mor.gl: could not connect to host
-mordrum.com: could not connect to host
+moreapp.co.uk: could not connect to host
morenci.ch: could not connect to host
morepopcorn.co.nz: did not receive HSTS header
moreserviceleads.com: did not receive HSTS header
@@ -11003,6 +11387,7 @@ morethanadream.lv: could not connect to host
morfitronik.pl: could not connect to host
morganestes.com: max-age too low: 0
morganino.eu: could not connect to host
+morhys.com: could not connect to host
morningcalculation.com: could not connect to host
morninglory.com: did not receive HSTS header
mornings.com: did not receive HSTS header
@@ -11015,6 +11400,7 @@ morz.org: max-age too low: 0
mosaique-lachenaie.fr: could not connect to host
moskva.guide: did not receive HSTS header
moso.io: did not receive HSTS header
+mostlikelyto.fail: did not receive HSTS header
mostlyharmless.at: could not connect to host
mostlyinfinite.com: did not receive HSTS header
mostwuat.com: could not connect to host
@@ -11030,7 +11416,6 @@ motornomaslo.bg: did not receive HSTS header
motoroilinfo.com: did not receive HSTS header
motorsportdiesel.com: did not receive HSTS header
motovio.de: did not receive HSTS header
-motransportinfo.com: did not receive HSTS header
mottvd.com: could not connect to host
moube.fr: could not connect to host
moucloud.cn: did not receive HSTS header
@@ -11039,21 +11424,24 @@ moula.com.au: did not receive HSTS header
moumaobuchiyu.com: could not connect to host
mountainadventureseminars.com: did not receive HSTS header
mountainmusicpromotions.com: did not receive HSTS header
+mousemessages.com: did not receive HSTS header
movabletype.net: max-age too low: 3600
moveek.com: did not receive HSTS header
-moveltix.net: could not connect to host
+moveisfit.com.br: could not connect to host
movepin.com: could not connect to host
-movie4k.fyi: max-age too low: 0
+movie4k.fyi: could not connect to host
movie4k.life: could not connect to host
movie4kto.site: could not connect to host
moviedollars.com: could not connect to host
movienang.com: max-age too low: 0
moviesabout.net: could not connect to host
+moviespur.info: did not receive HSTS header
moving-pixtures.de: could not connect to host
movingoklahoma.org: could not connect to host
movio.ga: could not connect to host
mowalls.net: could not connect to host
moy-gorod.od.ua: did not receive HSTS header
+moyoo.net: did not receive HSTS header
moysovet.info: did not receive HSTS header
moyu.host: did not receive HSTS header
mozart-game.cz: could not connect to host
@@ -11067,23 +11455,30 @@ mp3donusturucu.net: did not receive HSTS header
mp3gratuiti.com: could not connect to host
mp3juices.is: could not connect to host
mpe.org: did not receive HSTS header
+mpg.ovh: could not connect to host
+mphoto.at: did not receive HSTS header
mpi-sa.fr: did not receive HSTS header
+mpintaamalabanna.it: could not connect to host
mpkossen.com: did not receive HSTS header
mpn.poker: did not receive HSTS header
+mpodraza.pl: could not connect to host
mpreserver.com: could not connect to host
mpserver12.org: could not connect to host
mpu-giessen.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+mpy.ovh: could not connect to host
mqas.net: could not connect to host
mr-coffee.net: could not connect to host
mr-hosting.com: could not connect to host
+mr-labo.jp: could not connect to host
+mr3.io: could not connect to host
mrafrohead.com: could not connect to host
mrawe.com: could not connect to host
+mrazek.biz: did not receive HSTS header
mrburtbox.com: could not connect to host
mrdani.net: could not connect to host
mrdleisure.co.uk: did not receive HSTS header
mredsanders.net: did not receive HSTS header
mrettich.org: did not receive HSTS header
-mrhc.ru: could not connect to host
mrizzio.com: could not connect to host
mrksk.com: could not connect to host
mrleonardo.com: did not receive HSTS header
@@ -11093,10 +11488,12 @@ mrnh.tk: could not connect to host
mrnonz.com: max-age too low: 0
mrparker.pw: did not receive HSTS header
mrpopat.in: did not receive HSTS header
-mrpropop.com: max-age too low: 0
+mrpropop.com: did not receive HSTS header
mruganiepodspacja.pl: could not connect to host
+ms-alternativ.de: did not receive HSTS header
msc-seereisen.net: could not connect to host
msgallery.tk: could not connect to host
+msopopop.cn: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
msp66.de: could not connect to host
mstd.tokyo: did not receive HSTS header
mstdn-tech.jp: could not connect to host
@@ -11107,8 +11504,7 @@ mszaki.com: did not receive HSTS header
mt.me.uk: could not connect to host
mtamaki.com: could not connect to host
mtau.com: max-age too low: 2592000
-mtb.wtf: could not connect to host
-mtcgf.com: did not receive HSTS header
+mtcgf.com: could not connect to host
mtd.ovh: could not connect to host
mtdn.jp: could not connect to host
mtfgnettoyage.fr: could not connect to host
@@ -11116,16 +11512,18 @@ mtg-esport.de: did not receive HSTS header
mtirc.co: could not connect to host
mtn.cc: could not connect to host
mtr.md: could not connect to host
-mtravelers.net: could not connect to host
-mu3on.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+mu3on.com: could not connect to host
muchohentai.com: could not connect to host
-muffet.pw: could not connect to host
+mudgezero.one: could not connect to host
+muel.io: could not connect to host
+muenzubi.de: did not receive HSTS header
+muffet.pw: did not receive HSTS header
muga.space: could not connect to host
muj-svet.cz: could not connect to host
mujadin.se: did not receive HSTS header
mulenvo.com: did not receive HSTS header
mulheres18.com: could not connect to host
-mullen.net.au: did not receive HSTS header
+mullen.net.au: could not connect to host
multiterm.org: could not connect to host
multivpn.cn.com: could not connect to host
multivpn.com.de: could not connect to host
@@ -11133,11 +11531,11 @@ multivpn.com.ua: could not connect to host
multivpn.fr: could not connect to host
multiworldsoftware.com: did not receive HSTS header
multizone.games: could not connect to host
-mumei.space: did not receive HSTS header
+mumei.space: could not connect to host
mundoadulto.com.br: did not receive HSTS header
mundoalpha.com.br: did not receive HSTS header
munecoscabezones.com: did not receive HSTS header
-munich-rage.de: could not connect to host
+munich-rage.de: did not receive HSTS header
munkiepus.com: did not receive HSTS header
munpanel.com: could not connect to host
munrabi.com: could not connect to host
@@ -11146,6 +11544,7 @@ munzee.com: did not receive HSTS header
muonium.ch: could not connect to host
murdercube.com: could not connect to host
murfy.kiwi: could not connect to host
+murgi.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
muriburi.land: could not connect to host
muriburiland.com: could not connect to host
murodese.org: could not connect to host
@@ -11170,20 +11569,24 @@ muslimbanter.co.za: could not connect to host
mustika.cf: did not receive HSTS header
mutamatic.com: could not connect to host
mutuelle-obligatoire-pme.fr: did not receive HSTS header
+muusika.fun: could not connect to host
muzgra.in: did not receive HSTS header
muzi.cz: could not connect to host
muzykaprzeszladoplay.pl: could not connect to host
mvanmarketing.nl: did not receive HSTS header
mvnet.com.br: did not receive HSTS header
mvsecurity.nl: could not connect to host
-mwalz.com: could not connect to host
mwohlfarth.de: did not receive HSTS header
mxawei.cn: could not connect to host
mxlife.org: could not connect to host
+mxp.tw: did not receive HSTS header
my-demo.co: could not connect to host
my-dick.ru: could not connect to host
my-owncloud.com: could not connect to host
my-pawnshop.com.ua: could not connect to host
+my-plancha.ch: did not receive HSTS header
+my-static-demo-808795.c.cdn77.org: could not connect to host
+my-static-live-808795.c.cdn77.org: could not connect to host
my-voice.nl: could not connect to host
my.alfresco.com: did not receive HSTS header
my.swedbank.se: did not receive HSTS header
@@ -11193,7 +11596,7 @@ myandroidtools.cc: could not connect to host
myandroidtools.pro: could not connect to host
myappliancerepairhouston.com: did not receive HSTS header
myartsway.com: did not receive HSTS header
-mybboard.pl: could not connect to host
+mybboard.pl: did not receive HSTS header
mybudget.xyz: could not connect to host
mybuilderinlondon.co.uk: did not receive HSTS header
mybusiness.cm: did not receive HSTS header
@@ -11203,14 +11606,15 @@ mycollab.net: could not connect to host
mycolorado.gov: could not connect to host
mycontrolmonitor.com: could not connect to host
mycoted.com: did not receive HSTS header
-mycuco.it: did not receive HSTS header
-myday.eu.com: did not receive HSTS header
+myday.eu.com: could not connect to host
mydeos.com: could not connect to host
mydigipass.com: did not receive HSTS header
mydmdi.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
mydnaresults.com: could not connect to host
mydnatest.com: did not receive HSTS header
mydriversedge.com: did not receive HSTS header
+mydrone.services: could not connect to host
+myeml.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
myepass.bg: could not connect to host
myepass.de: could not connect to host
myessaygeek.com: could not connect to host
@@ -11220,11 +11624,13 @@ myfishpalace.at: could not connect to host
myfunworld.de: could not connect to host
mygalgame.com: did not receive HSTS header
mygaysitges.com: could not connect to host
+mygeneral.org: could not connect to host
mygivingcircle.org: did not receive HSTS header
mygooder.com: did not receive HSTS header
mygov.scot: did not receive HSTS header
mygpsite.com: did not receive HSTS header
mygreatjob.eu: could not connect to host
+mygreenrecipes.com: could not connect to host
myhair.asia: did not receive HSTS header
myhloli.com: did not receive HSTS header
myicare.org: did not receive HSTS header
@@ -11250,9 +11656,11 @@ mynigma.org: did not receive HSTS header
myon.info: did not receive HSTS header
myonlinedating.club: could not connect to host
myownconference.de: did not receive HSTS header
+myownconference.es: did not receive HSTS header
myownconference.fr: did not receive HSTS header
myownconference.lt: did not receive HSTS header
myownconference.lv: did not receive HSTS header
+myownconference.pt: did not receive HSTS header
mypagella.com: could not connect to host
mypagella.eu: could not connect to host
mypagella.it: could not connect to host
@@ -11267,30 +11675,32 @@ myqdu.cn: could not connect to host
myqdu.com: could not connect to host
myrig.com.ua: did not receive HSTS header
myrig.io: could not connect to host
+myrig.net: could not connect to host
myrig.ru: did not receive HSTS header
myrsa.in: did not receive HSTS header
myruststats.com: could not connect to host
mysa.is: could not connect to host
-mysber.ru: did not receive HSTS header
+mysecretcase.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
mysecretrewards.com: could not connect to host
+myseo.ga: could not connect to host
+myserv.one: could not connect to host
mysongbird.xyz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
myspa.asia: did not receive HSTS header
+mystatus24.com: did not receive HSTS header
mystery-science-theater-3000.de: did not receive HSTS header
mysteryblog.de: did not receive HSTS header
-mysterysear.ch: could not connect to host
mystown.org: could not connect to host
mystudy.me: could not connect to host
mytc.fr: could not connect to host
mythlogic.com: did not receive HSTS header
mythslegendscollection.com: did not receive HSTS header
mytravelblog.de: could not connect to host
+mytweeps.com: did not receive HSTS header
mywallets.io: could not connect to host
myweb360.de: did not receive HSTS header
mywebinar.io: could not connect to host
-mywebpanel.nl: did not receive HSTS header
myxbox.gr: max-age too low: 0
myzone.com: max-age too low: 0
-mziulu.me: could not connect to host
mzlog.win: could not connect to host
mzorn.photography: could not connect to host
n-rickroll-e.pw: could not connect to host
@@ -11304,12 +11714,14 @@ n3twork.net: could not connect to host
n4l.pw: could not connect to host
n64chan.me: did not receive HSTS header
n7.education: did not receive HSTS header
+n8ch.net: could not connect to host
na.hn: did not receive HSTS header
naano.org: could not connect to host
nabru.co.uk: did not receive HSTS header
nabu-bad-nauheim.de: did not receive HSTS header
nabytko.cz: could not connect to host
nadia.pt: could not connect to host
+nagajanroshiya.info: did not receive HSTS header
nagaragem.com.br: did not receive HSTS header
nagios.by: did not receive HSTS header
nagoya-kyuyo.com: could not connect to host
@@ -11319,6 +11731,7 @@ nailedithomebuilders.com: max-age too low: 300
nais.me: did not receive HSTS header
najedlo.sk: could not connect to host
nakamastreamingcommunity.com: could not connect to host
+nakanishi-paint.com: could not connect to host
nakhonidc.com: could not connect to host
nakitbonus2.com: could not connect to host
nakliyatsirketi.biz: could not connect to host
@@ -11335,15 +11748,15 @@ nameme.xyz: could not connect to host
nametaken-cloud.duckdns.org: could not connect to host
namethatbone.com: could not connect to host
namethatporn.com: could not connect to host
-nami.exchange: could not connect to host
namikawatetsuji.jp: could not connect to host
-namorico.me: max-age too low: 0
+namorico.me: could not connect to host
namuwikiusercontent.com: could not connect to host
nan.ci: did not receive HSTS header
nan.zone: could not connect to host
nanami.moe: could not connect to host
nanderson.me: could not connect to host
nanfangstone.com: could not connect to host
+nani.io: did not receive HSTS header
naniki.co.uk: could not connect to host
nanogeneinc.com: could not connect to host
nanokamo.com: did not receive HSTS header
@@ -11359,24 +11772,25 @@ narko.space: could not connect to host
narodniki.com: did not receive HSTS header
narviz.com: did not receive HSTS header
nasarawanewsonline.com: could not connect to host
+naseco.se: did not receive HSTS header
nasme.tk: could not connect to host
nasmocopati.com: did not receive HSTS header
nasralmabrooka.com: did not receive HSTS header
+nassi.me: could not connect to host
nastysclaw.com: could not connect to host
natalia-fadeeva.ru: could not connect to host
natalia.io: did not receive HSTS header
natalieandjoshua.com: could not connect to host
-natalt.org: did not receive HSTS header
+natalt.org: could not connect to host
natalydanilova.com: max-age too low: 300
-natanaelys.com: could not connect to host
nataniel-perissier.fr: could not connect to host
+natatorium.org: did not receive HSTS header
nate.sh: could not connect to host
+natecraun.net: did not receive HSTS header
natenom.com: max-age too low: 7200
natenom.de: max-age too low: 7200
natenom.name: max-age too low: 7200
-nathanmfarrugia.com: did not receive HSTS header
-nationalbank.gov: did not receive HSTS header
-nationalbanknet.gov: did not receive HSTS header
+nathan.io: did not receive HSTS header
nationalmall.gov: could not connect to host
nationwidevehiclecontracts.co.uk: did not receive HSTS header
natropie.pl: could not connect to host
@@ -11384,12 +11798,12 @@ natur-udvar.hu: could not connect to host
natural-progesterone.net: could not connect to host
naturalcommission.com: could not connect to host
naturblogg.no: did not receive HSTS header
+nature-shots.net: did not receive HSTS header
naturecoaster.com: did not receive HSTS header
natuterra.com.br: could not connect to host
natuurbehangnederland.nl: could not connect to host
nauck.org: did not receive HSTS header
naudles.me: could not connect to host
-naughty.audio: could not connect to host
nav.jobs: could not connect to host
naval.tf: could not connect to host
navegos.net: did not receive HSTS header
@@ -11400,6 +11814,7 @@ navjobs.com: could not connect to host
nawroth.info: could not connect to host
nax.io: did not receive HSTS header
nay.moe: did not receive HSTS header
+nazigol.com: could not connect to host
nba2kqq.com: could not connect to host
nba669.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
nba686.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -11407,13 +11822,12 @@ nbb.io: could not connect to host
nbg-ha.de: could not connect to host
nbis.gov: could not connect to host
nbl.org.tw: could not connect to host
-nbrown.us: could not connect to host
nbtparse.org: could not connect to host
nc2c.com: could not connect to host
+ncaq.net: did not receive HSTS header
ncc60205.info: could not connect to host
ncdesigns-studio.com: could not connect to host
nchristo.com: did not receive HSTS header
-ncloud.freeddns.org: could not connect to host
nclvle.co.uk: did not receive HSTS header
ncpc.gov: could not connect to host
ncpw.gov: did not receive HSTS header
@@ -11435,7 +11849,7 @@ necio.ca: could not connect to host
nedcf.org.uk: could not connect to host
nediyor.com: did not receive HSTS header
nedwave.com: did not receive HSTS header
-nedzad.me: max-age too low: 0
+nedys.top: did not receive HSTS header
needle.net.nz: could not connect to host
needle.nz: could not connect to host
neels.ch: did not receive HSTS header
@@ -11447,12 +11861,13 @@ negativecurvature.net: could not connect to host
negativzinsen.info: did not receive HSTS header
negraelinda.com: did not receive HSTS header
neilgreen.net: did not receive HSTS header
+neio.uk: could not connect to host
nejnamc.org: did not receive HSTS header
neko-life.com: did not receive HSTS header
neko.li: could not connect to host
-neko.ml: could not connect to host
nekoku.io: could not connect to host
nekox.ml: could not connect to host
+nella.io: could not connect to host
nellen.it: did not receive HSTS header
nemanja.top: did not receive HSTS header
nemno.de: could not connect to host
@@ -11461,11 +11876,15 @@ neoani.me: did not receive HSTS header
neocoding.com: did not receive HSTS header
neocyd.com: could not connect to host
neodrive.ch: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+neoeliteconsulting.com: could not connect to host
neofelhz.space: could not connect to host
neojames.me: could not connect to host
+neokobe.city: could not connect to host
neonisi.com: could not connect to host
neonnuke.tech: did not receive HSTS header
neosolution.ca: did not receive HSTS header
+neotist.com: did not receive HSTS header
+neowa.tk: could not connect to host
nephos.xyz: could not connect to host
nercp.org.uk: did not receive HSTS header
nerd42.de: could not connect to host
@@ -11475,8 +11894,7 @@ nerfroute.com: could not connect to host
neris.io: could not connect to host
neriumhcp.com: did not receive HSTS header
nesantuoka.lt: could not connect to host
-nesbase.com: could not connect to host
-nestedquotes.ca: could not connect to host
+nesterov.pw: could not connect to host
nestone.ru: could not connect to host
net-navi.cc: did not receive HSTS header
net-rencontre.com: did not receive HSTS header
@@ -11487,14 +11905,15 @@ net4it.de: did not receive HSTS header
netba.net: could not connect to host
netbox.cc: could not connect to host
netbrief.ml: could not connect to host
-netde.jp: could not connect to host
+netde.jp: did not receive HSTS header
netdego.jp: could not connect to host
+netducks.com: could not connect to host
+netducks.space: could not connect to host
netfs.pl: did not receive HSTS header
netguide.co.nz: did not receive HSTS header
netherwind.eu: did not receive HSTS header
netlilo.com: could not connect to host
netloanusa.com: could not connect to host
-netlocal.ru: could not connect to host
netmagik.com: did not receive HSTS header
netprofile.com.au: did not receive HSTS header
netresourcedesign.com: could not connect to host
@@ -11505,6 +11924,7 @@ netsparkercloud.com: did not receive HSTS header
netsystems.pro: could not connect to host
nettacompany.com.tr: did not receive HSTS header
nettefoundation.com: could not connect to host
+nettopower.dk: did not receive HSTS header
nettplusultra-rhone.fr: did not receive HSTS header
networkmon.net: could not connect to host
networx-online.de: could not connect to host
@@ -11515,8 +11935,10 @@ netzvieh.de: could not connect to host
netzzwerg4u.de: could not connect to host
neuch.info: did not receive HSTS header
neueonlinecasino2016.com: could not connect to host
+neuhaus-city.de: could not connect to host
neuralgic.net: could not connect to host
neuro-plus-100.com: could not connect to host
+neuronasdigitales.com: did not receive HSTS header
neuronfactor.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
neutralvehicle.com: did not receive HSTS header
nevadafiber.net: could not connect to host
@@ -11540,8 +11962,10 @@ newparadigmventures.net: did not receive HSTS header
newpathintegratedtherapy.com: did not receive HSTS header
newpoke.net: could not connect to host
newportpropertygroup.com: could not connect to host
+newposts.ru: could not connect to host
news4c.com: did not receive HSTS header
-newsaboutgames.de: could not connect to host
+newsa2.com: could not connect to host
+newsaboutgames.de: did not receive HSTS header
newserumforskin.com: could not connect to host
newsquantified.com: max-age too low: 0
newstarnootropics.com: could not connect to host
@@ -11566,7 +11990,7 @@ nextpages.de: could not connect to host
nextproject.us: could not connect to host
nextshutter.com: did not receive HSTS header
nexusbyte.de: could not connect to host
-nexuscorporation.in: did not receive HSTS header
+nexuscorporation.in: could not connect to host
nfhome.be: did not receive HSTS header
nfls.io: did not receive HSTS header
nfluence.org: could not connect to host
@@ -11589,7 +12013,8 @@ niallator.com: could not connect to host
nibiisclaim.com: could not connect to host
nicestresser.fr: could not connect to host
nickcleans.co.uk: could not connect to host
-nicktheitguy.com: could not connect to host
+nickmertin.ca: did not receive HSTS header
+nickmorri.com: could not connect to host
nicky.io: did not receive HSTS header
nico.one: could not connect to host
nicoborghuis.nl: could not connect to host
@@ -11600,10 +12025,9 @@ nicolasdutour.com: did not receive HSTS header
nicolasklotz.de: did not receive HSTS header
nicoleoquendo.com: max-age too low: 2592000
niconiconi.xyz: could not connect to host
-nicoobook.com: did not receive HSTS header
-nicoobook.net: did not receive HSTS header
nicorevin.ru: could not connect to host
nidux.com: did not receive HSTS header
+niduxcomercial.com: could not connect to host
niedersetz.de: could not connect to host
nien.chat: could not connect to host
nien.com.tw: could not connect to host
@@ -11612,35 +12036,32 @@ nieuwsoverijssel.nl: did not receive HSTS header
niffler.software: could not connect to host
nifpnet.nl: could not connect to host
nifume.com: could not connect to host
-niggo.eu: could not connect to host
nightsnack.cf: could not connect to host
nightwinds.tk: could not connect to host
+nigt.cf: did not receive HSTS header
niho.jp: did not receive HSTS header
nikcub.com: did not receive HSTS header
niki.ai: did not receive HSTS header
nikksno.io: could not connect to host
niklas.host: could not connect to host
-niklasanderson.com: could not connect to host
+niklasanderson.com: did not receive HSTS header
niklaslindblad.se: did not receive HSTS header
nikobradshaw.com: could not connect to host
nikolaichik.photo: did not receive HSTS header
nikolasbradshaw.com: could not connect to host
+nikolasgrottendieck.com: max-age too low: 7776000
nilianwo.com: could not connect to host
niloxy.com: did not receive HSTS header
-nimidam.com: could not connect to host
ninchisho-online.com: did not receive HSTS header
ninebytes.xyz: could not connect to host
ning.so: did not receive HSTS header
ninhs.org: could not connect to host
-ninjan.co: did not receive HSTS header
ninjaspiders.com: could not connect to host
ninofink.com: could not connect to host
ninreiei.jp: could not connect to host
-ninverse.com: did not receive HSTS header
niouininon.eu: could not connect to host
nippler.org: could not connect to host
nippombashi.net: did not receive HSTS header
-nippon.fr: could not connect to host
nipponcareers.com: could not connect to host
nirada.info: could not connect to host
nirjharstudio.com: did not receive HSTS header
@@ -11656,14 +12077,15 @@ niveldron.com: could not connect to host
nixien.fr: could not connect to host
nixmag.net: could not connect to host
nixne.st: could not connect to host
+njujb.com: max-age too low: 5184000
nkadvertising.online: could not connect to host
nkautoservice.nl: did not receive HSTS header
nkb.in.th: could not connect to host
-nlegall.fr: did not receive HSTS header
nll.fi: could not connect to host
nlrb.gov: did not receive HSTS header
nmadda.com: did not receive HSTS header
nmctest.net: could not connect to host
+nmd.so: did not receive HSTS header
nmgb.ga: could not connect to host
nmgb.ml: could not connect to host
nmsnj.com: did not receive HSTS header
@@ -11676,20 +12098,21 @@ noc.wang: could not connect to host
nocallaghan.com: could not connect to host
noclegi-online.pl: did not receive HSTS header
noctinus.tk: could not connect to host
+nodalr.com: did not receive HSTS header
node-core-app.com: could not connect to host
nodebrewery.com: could not connect to host
nodechate.xyz: could not connect to host
nodecompat.com: did not receive HSTS header
nodefiles.com: could not connect to host
nodefoo.com: could not connect to host
-nodelab-it.de: did not receive HSTS header
+nodelab-it.de: could not connect to host
nodepanel.net: did not receive HSTS header
nodepositcasinouk.com: did not receive HSTS header
nodeselect.com: could not connect to host
nodespin.com: did not receive HSTS header
nodesturut.cl: did not receive HSTS header
nodetemple.com: could not connect to host
-nodi.at: did not receive HSTS header
+nodi.at: could not connect to host
nodum.io: did not receive HSTS header
noegoph.com: did not receive HSTS header
noelblog.ga: could not connect to host
@@ -11704,11 +12127,9 @@ nolberg.net: did not receive HSTS header
nolimits.net.nz: could not connect to host
nolimitsbook.de: did not receive HSTS header
nolte.work: could not connect to host
-nomagic.software: could not connect to host
nomoondev.azurewebsites.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
nomorebytes.de: could not connect to host
nonemu.ninja: could not connect to host
-noobunbox.net: did not receive HSTS header
noodlecrave.com: did not receive HSTS header
noodlesandwich.com: did not receive HSTS header
noodleyum.com: did not receive HSTS header
@@ -11724,6 +12145,7 @@ nordic-survival.de: did not receive HSTS header
nordiccasinocommunity.com: did not receive HSTS header
nordlicht.photography: did not receive HSTS header
noref.tk: could not connect to host
+noreply.mx: could not connect to host
norge.guide: could not connect to host
normalady.com: could not connect to host
normanschwaneberg.de: did not receive HSTS header
@@ -11737,7 +12159,7 @@ northwoodsfish.com: could not connect to host
nosbenevolesontdutalent.com: could not connect to host
nosecretshop.com: could not connect to host
nosproduitsdequalite.fr: did not receive HSTS header
-nossasenhoradaconceicao.com.br: did not receive HSTS header
+nossasenhoradaconceicao.com.br: could not connect to host
nostraspace.com: could not connect to host
nosx.tk: could not connect to host
not-a.link: could not connect to host
@@ -11760,15 +12182,16 @@ noticia.do: did not receive HSTS header
notificami.com: could not connect to host
notjustbitchy.com: could not connect to host
notonprem.com: could not connect to host
+notrecourrier.net: did not receive HSTS header
nottheonion.net: did not receive HSTS header
nottori.com: could not connect to host
-nottres.com: did not receive HSTS header
notypiesni.sk: did not receive HSTS header
nou.si: did not receive HSTS header
nouma.fr: did not receive HSTS header
nouvelle-vague-saint-cast.fr: did not receive HSTS header
nova-elearning.com: could not connect to host
nova.com.hk: did not receive HSTS header
+novacal.ga: could not connect to host
novaco.in: max-age too low: 3600
novacraft.me: could not connect to host
novaopcaofestas.com.br: could not connect to host
@@ -11777,6 +12200,7 @@ novatrucking.de: could not connect to host
novavoidhowl.com: did not receive HSTS header
novelabs.de: could not connect to host
novelabs.eu: could not connect to host
+novelrealm.com: did not receive HSTS header
novelshouse.com: could not connect to host
novfishing.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
novinhabucetuda.com: could not connect to host
@@ -11787,17 +12211,18 @@ nowprotein.com: did not receive HSTS header
nowremindme.com: could not connect to host
noxi.ga: could not connect to host
nozoe.jp: could not connect to host
-npm.li: could not connect to host
+npm.li: did not receive HSTS header
npol.de: did not receive HSTS header
npool.org: could not connect to host
nq7.pl: could not connect to host
-nqesh.com: could not connect to host
+nqesh.com: did not receive HSTS header
nrc-gateway.gov: could not connect to host
nrechn.de: could not connect to host
nrizzio.me: could not connect to host
nrnjn.xyz: did not receive HSTS header
-nrvn.cc: did not receive HSTS header
nrvnastudios.com: could not connect to host
+nsa.ovh: could not connect to host
+nsa.wtf: could not connect to host
nsbfalconacademy.org: could not connect to host
nsdev.cn: could not connect to host
nsellier.fr: did not receive HSTS header
@@ -11808,13 +12233,19 @@ nstyleintl.ca: did not receive HSTS header
nsure.us: could not connect to host
nsweb.solutions: could not connect to host
ntbs.pro: could not connect to host
+nth.sh: could not connect to host
ntse.xyz: could not connect to host
nu-pogodi.net: could not connect to host
nu3.at: did not receive HSTS header
nu3.ch: did not receive HSTS header
nu3.co.uk: could not connect to host
+nu3.com: did not receive HSTS header
nu3.de: did not receive HSTS header
+nu3.dk: did not receive HSTS header
+nu3.fi: did not receive HSTS header
nu3.fr: did not receive HSTS header
+nu3.no: did not receive HSTS header
+nu3.se: did not receive HSTS header
nube.ninja: did not receive HSTS header
nubeslayer.com: could not connect to host
nuclear-crimes.com: did not receive HSTS header
@@ -11836,6 +12267,7 @@ nullpoint.at: did not receive HSTS header
nullpro.com: could not connect to host
numericacu.com: did not receive HSTS header
numero-di-telefono.it: could not connect to host
+numis.tech: could not connect to host
numista.com: did not receive HSTS header
numm.fr: did not receive HSTS header
nuovamoda.al: could not connect to host
@@ -11845,6 +12277,7 @@ nurserybook.co: did not receive HSTS header
nurture.be: did not receive HSTS header
nusatrip-api.com: did not receive HSTS header
nusku.biz: did not receive HSTS header
+nutricaovegana.com: did not receive HSTS header
nutricuerpo.com: did not receive HSTS header
nutrieduca.com: could not connect to host
nutrienti.eu: did not receive HSTS header
@@ -11853,15 +12286,18 @@ nutritionculture.com: could not connect to host
nutsandboltsmedia.com: did not receive HSTS header
nuttyveg.com: did not receive HSTS header
nuwaterglobal.com: did not receive HSTS header
+nvcogct.gov: could not connect to host
nvlop.xyz: did not receive HSTS header
nwa.xyz: could not connect to host
nweb.co.nz: could not connect to host
nwork.media: did not receive HSTS header
nxt.sh: did not receive HSTS header
+nyanco.space: could not connect to host
nyanpasu.tv: could not connect to host
nyatane.com: could not connect to host
nyazeeland.guide: could not connect to host
nycroth.com: could not connect to host
+nydnxs.com: did not receive HSTS header
nyesider.org: could not connect to host
nyffo.com: did not receive HSTS header
nylonfeetporn.com: could not connect to host
@@ -11874,10 +12310,12 @@ nystudio107.com: did not receive HSTS header
nyuusannkinn.com: did not receive HSTS header
nz.search.yahoo.com: max-age too low: 172800
nzbs.io: could not connect to host
+nzdmo.govt.nz: did not receive HSTS header
nzmk.cz: could not connect to host
nzquakes.maori.nz: did not receive HSTS header
o-rickroll-y.pw: could not connect to host
o0o.one: did not receive HSTS header
+oakesfam.net: did not receive HSTS header
oaksbloom.com: could not connect to host
oasis-conference.org.nz: could not connect to host
oasis.mobi: did not receive HSTS header
@@ -11886,7 +12324,9 @@ oben.pl: did not receive HSTS header
oberam.de: could not connect to host
oberhof.co: could not connect to host
oberhofjuice.com: could not connect to host
+obioncountytn.gov: could not connect to host
objectif-leger.com: did not receive HSTS header
+obligacjekk.pl: could not connect to host
oblikdom.pro: did not receive HSTS header
oblikdom.ru: did not receive HSTS header
oblondata.io: did not receive HSTS header
@@ -11897,10 +12337,11 @@ obsydian.org: could not connect to host
oc-minecraft.com: could not connect to host
ocad.com.au: did not receive HSTS header
ocapic.com: could not connect to host
-occ.gov: did not receive HSTS header
+occ.gov: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
occasion-impro.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
occupymedia.org: could not connect to host
ochaken.cf: could not connect to host
+ocloudhost.com: could not connect to host
ocmeulebeke.be: did not receive HSTS header
ocrami.us: did not receive HSTS header
octanio.com: could not connect to host
@@ -11919,7 +12360,7 @@ odysseyconservationtrust.com: did not receive HSTS header
oe8.bet: could not connect to host
ofcourselanguages.com: could not connect to host
ofcss.com: did not receive HSTS header
-ofer.site: did not receive HSTS header
+ofer.site: could not connect to host
off-the-clock.us: could not connect to host
offenedialoge.de: max-age too low: 2592000
offersgame.com: could not connect to host
@@ -11937,7 +12378,7 @@ ofo2.com: could not connect to host
oganek.ie: could not connect to host
oganime.com: could not connect to host
oggw.us: could not connect to host
-ogkw.de: did not receive HSTS header
+ogis.gov: could not connect to host
ogogoshop.com: could not connect to host
ogrodywstudniach.pl: did not receive HSTS header
ohayosoro.me: could not connect to host
@@ -11948,7 +12389,9 @@ ohnemusik.com: max-age too low: 0
ohohrazi.com: did not receive HSTS header
ohreally.de: could not connect to host
ohsocool.org: did not receive HSTS header
+oiaio.cn: could not connect to host
oiepoie.nl: could not connect to host
+oilfieldinjury.attorney: could not connect to host
oinky.ddns.net: could not connect to host
oishioffice.com: did not receive HSTS header
ojbk.eu: could not connect to host
@@ -11957,8 +12400,9 @@ ojls.co: could not connect to host
okad-center.de: did not receive HSTS header
okad.de: did not receive HSTS header
okad.eu: did not receive HSTS header
-okane.love: could not connect to host
-okashi.me: could not connect to host
+okaidi.es: could not connect to host
+okaidi.fr: could not connect to host
+okane.love: did not receive HSTS header
okaz.de: did not receive HSTS header
oklahomamoversassociation.org: could not connect to host
oklahomanotepro.com: could not connect to host
@@ -11971,9 +12415,11 @@ oldandyounglesbians.us: could not connect to host
oldschool-criminal.com: did not receive HSTS header
oldtimer-trifft-flugplatz.de: did not receive HSTS header
olifant.fr: did not receive HSTS header
-oliverdunk.com: did not receive HSTS header
+olightstore.com: did not receive HSTS header
+oliode.tk: could not connect to host
olivlabs.com: could not connect to host
ollehbizev.co.kr: could not connect to host
+ollieowlsblog.com: could not connect to host
ols.io: did not receive HSTS header
olswangtrainees.com: could not connect to host
olympe-transport.fr: did not receive HSTS header
@@ -11987,13 +12433,15 @@ omise.co: did not receive HSTS header
ommahpost.com: did not receive HSTS header
omnigon.network: could not connect to host
omnilab.tech: could not connect to host
+omnisiens.se: could not connect to host
omniti.com: max-age too low: 1
omorashi.org: could not connect to host
omquote.gq: could not connect to host
-omskit.ru: did not receive HSTS header
+omsdieppe.fr: did not receive HSTS header
+omskit.ru: could not connect to host
omyogarishikesh.com: did not receive HSTS header
on-te.ch: did not receive HSTS header
-onahonavi.com: could not connect to host
+ondrejhoralek.cz: did not receive HSTS header
one-pe.com: did not receive HSTS header
onearth.one: did not receive HSTS header
oneb4nk.com: could not connect to host
@@ -12004,6 +12452,7 @@ onehourloan.com: could not connect to host
onehourloan.sg: did not receive HSTS header
oneiros.cc: could not connect to host
onelawsuit.com: could not connect to host
+oneminute.io: did not receive HSTS header
oneminutefilm.tv: did not receive HSTS header
onemusou.com: could not connect to host
onepathnetwork.com: max-age too low: 7776000
@@ -12023,8 +12472,10 @@ onioncloud.org: could not connect to host
onionplay.live: could not connect to host
onionsburg.com: could not connect to host
online-casino.eu: did not receive HSTS header
+online-horoskop.ch: did not receive HSTS header
online-scene.com: did not receive HSTS header
online-wetten.de: could not connect to host
+online.swedbank.se: did not receive HSTS header
onlinebiller.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
onlinebillingform.com: could not connect to host
onlinecasinobluebook.com: could not connect to host
@@ -12032,16 +12483,18 @@ onlinecompliance.org: did not receive HSTS header
onlinecorners.com: did not receive HSTS header
onlinedemo.hu: could not connect to host
onlinedeposit.us: could not connect to host
+onlineinfographic.com: could not connect to host
onlinekasino.de: did not receive HSTS header
onlinepollsph.com: could not connect to host
onlineporno.tv: could not connect to host
onlineschadestaat.nl: did not receive HSTS header
-onlinespielothek.com: did not receive HSTS header
+onlinespielothek.com: could not connect to host
+onlineweblearning.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
onlinewetten.de: could not connect to host
only-roses.co.uk: did not receive HSTS header
only-roses.com: max-age too low: 2592000
onlyesb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-onlyesb.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+onlyesb.net: could not connect to host
onlyshopstation.com: did not receive HSTS header
onlyzero.net: could not connect to host
onmuvo.com: could not connect to host
@@ -12049,8 +12502,10 @@ onmyoji.biz: could not connect to host
onnee.ch: could not connect to host
onnext.cc: did not receive HSTS header
ononpay.com: did not receive HSTS header
+onoranze-funebri.biz: could not connect to host
onovlena.dn.ua: could not connect to host
onpatient.com: did not receive HSTS header
+onpermit.net: could not connect to host
onsennuie.fr: could not connect to host
onsite4u.de: could not connect to host
onsitemassageco.com: did not receive HSTS header
@@ -12073,14 +12528,17 @@ oopsmycase.com: could not connect to host
oopsorup.com: could not connect to host
oosoo.org: could not connect to host
oost.io: could not connect to host
+opadaily.com: could not connect to host
opatut.de: did not receive HSTS header
opcaobolsas.com.br: could not connect to host
+open-desk.org: could not connect to host
open-future.be: did not receive HSTS header
open-mx.de: could not connect to host
open-to-repair.fr: max-age too low: 86400
openacademies.com: could not connect to host
openas.org: did not receive HSTS header
openbankproject.com: did not receive HSTS header
+openbsd.id: could not connect to host
openclub24.ru: could not connect to host
openconcept.no: did not receive HSTS header
openconnect.com.au: could not connect to host
@@ -12091,6 +12549,7 @@ openiocdb.com: could not connect to host
openmetals.com: could not connect to host
openmind-shop.de: did not receive HSTS header
openmirrors.cf: could not connect to host
+openpresentes.com.br: could not connect to host
openpriv.pw: could not connect to host
openprovider.nl: did not receive HSTS header
openrainbow.org: could not connect to host
@@ -12119,17 +12578,22 @@ opsafewinter.net: could not connect to host
opsbears.com: did not receive HSTS header
opsnotepad.com: could not connect to host
opstacks.com: could not connect to host
+opteamax.eu: did not receive HSTS header
optenhoefel.de: could not connect to host
optiekzien.nl: did not receive HSTS header
optimal-e.com: did not receive HSTS header
optimista.soy: could not connect to host
optimize-jpg.com: could not connect to host
+optisure.de: did not receive HSTS header
optometriepunt.nl: did not receive HSTS header
optumrxhealthstore.com: could not connect to host
opunch.org: did not receive HSTS header
+opure.ml: could not connect to host
+opure.ru: could not connect to host
oracaodocredo.com.br: could not connect to host
orangekey.tk: could not connect to host
-oranges.tokyo: could not connect to host
+oranges.tokyo: did not receive HSTS header
+orangetravel.eu: did not receive HSTS header
oranic.com: did not receive HSTS header
orbiosales.com: could not connect to host
orbitcom.de: did not receive HSTS header
@@ -12161,14 +12625,16 @@ orthodoxy.lt: did not receive HSTS header
ortodonciaian.com: did not receive HSTS header
orui.com.br: could not connect to host
osaiyuwu.com: could not connect to host
+osaka-onakura.com: did not receive HSTS header
+oscamp.eu: could not connect to host
oscarmashauri.com: did not receive HSTS header
oscillation-services.fr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+oscloud.com: could not connect to host
oscloud.com.ua: could not connect to host
oscreen.me: could not connect to host
oscreen.org: could not connect to host
oscsdp.cz: did not receive HSTS header
osdls.gov: did not receive HSTS header
-osereso.tn: could not connect to host
osha-kimi.com: did not receive HSTS header
oshanko.de: could not connect to host
oshinagaki.jp: could not connect to host
@@ -12185,42 +12651,46 @@ ostrov8.com: could not connect to host
oswaldmattgroup.com: did not receive HSTS header
otako.pl: did not receive HSTS header
otakuworld.de: could not connect to host
-otakuyun.com: did not receive HSTS header
+otakuyun.com: could not connect to host
otchecker.com: could not connect to host
othercode.nl: could not connect to host
otherkinforum.com: could not connect to host
-othermedia.cc: could not connect to host
-otherstuff.nl: could not connect to host
+othermedia.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+otherstuff.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
otichi.com: did not receive HSTS header
otinane.eu: could not connect to host
otmns.net: could not connect to host
otmo7.com: could not connect to host
otokonna.com: could not connect to host
otrsdemo.hu: did not receive HSTS header
-ottoproject.io: max-age too low: 900
+otsu.beer: could not connect to host
ottospora.nl: could not connect to host
ourbank.com: max-age too low: 2592000
ourchoice2016.com: could not connect to host
+ouruglyfood.com: could not connect to host
outdooradventures.pro: could not connect to host
outdoorproducts.com: max-age too low: 7889238
outreachbuddy.com: could not connect to host
outsider.im: could not connect to host
outurnate.com: did not receive HSTS header
ouvirmusica.com.br: did not receive HSTS header
+ovabag.com: did not receive HSTS header
ovenapp.io: did not receive HSTS header
over25tips.com: did not receive HSTS header
override.io: could not connect to host
overrustle.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+overseamusic.de: did not receive HSTS header
oversight.io: could not connect to host
overstappen.nl: did not receive HSTS header
overture.london: did not receive HSTS header
-ovpn.to: could not connect to host
ovuscloud.de: could not connect to host
ovwane.com: could not connect to host
owall.ml: did not receive HSTS header
owennelson.me: max-age too low: 2592000
owensmith.website: could not connect to host
+owl-hakkei.com: did not receive HSTS header
owlscrap.ru: could not connect to host
+ownc.at: could not connect to host
owncloud.help: could not connect to host
owngeek.com: could not connect to host
ownmovies.fr: could not connect to host
@@ -12246,27 +12716,11 @@ p2av.com: could not connect to host
p3.marketing: did not receive HSTS header
p3in.com: could not connect to host
p3ter.fr: did not receive HSTS header
-p8r.de: did not receive HSTS header
+p8r.de: could not connect to host
paavolastudio.com: did not receive HSTS header
-pablo.im: did not receive HSTS header
-pablo.scot: did not receive HSTS header
-pablo.sh: did not receive HSTS header
-pabloarteaga.co.uk: did not receive HSTS header
-pabloarteaga.com: did not receive HSTS header
-pabloarteaga.com.es: did not receive HSTS header
-pabloarteaga.es: did not receive HSTS header
-pabloarteaga.eu: did not receive HSTS header
-pabloarteaga.info: did not receive HSTS header
-pabloarteaga.me: did not receive HSTS header
pabloarteaga.name: did not receive HSTS header
-pabloarteaga.net: did not receive HSTS header
-pabloarteaga.nom.es: did not receive HSTS header
-pabloarteaga.org: did not receive HSTS header
-pabloarteaga.science: did not receive HSTS header
-pabloarteaga.tech: did not receive HSTS header
-pabloarteaga.uk: did not receive HSTS header
-pabloarteaga.xyz: did not receive HSTS header
pablocamino.tk: could not connect to host
+pablofain.com: did not receive HSTS header
pablorey-art.com: did not receive HSTS header
pachaiyappas.org: did not receive HSTS header
packair.com: did not receive HSTS header
@@ -12284,6 +12738,7 @@ pader-deko.de: [Exception... "Component returned failure code: 0x80004005 (NS_ER
paestbin.com: could not connect to host
page: could not connect to host
pagedesignshop.com: did not receive HSTS header
+pageperform.com: did not receive HSTS header
pagerate.io: could not connect to host
pages-tocaven.com: could not connect to host
pagetoimage.com: could not connect to host
@@ -12295,7 +12750,7 @@ paino.cloud: could not connect to host
painosso.org: could not connect to host
paintingat.com: could not connect to host
paio2-rec.com: could not connect to host
-paio2.com: did not receive HSTS header
+paio2.com: could not connect to host
paisaone.com: could not connect to host
paizinhovirgula.com: did not receive HSTS header
pajonzeck.de: could not connect to host
@@ -12310,7 +12765,7 @@ paleolowcarb.de: did not receive HSTS header
paleosquawk.com: could not connect to host
pallet.io: could not connect to host
palmer.im: could not connect to host
-pammbook.com: did not receive HSTS header
+pammbook.com: could not connect to host
pamplona.tv: could not connect to host
pan.tips: could not connect to host
panaceallc.net: could not connect to host
@@ -12348,16 +12803,16 @@ papotage.net: could not connect to host
papygeek.com: could not connect to host
parabhairavayoga.com: did not receive HSTS header
paradiesgirls.ch: could not connect to host
+paradigi.com.br: did not receive HSTS header
paradise-engineers.com: could not connect to host
paragon.edu: could not connect to host
parakranov.ru: did not receive HSTS header
-paranormalweirdo.com: could not connect to host
-paranoxer.hu: could not connect to host
parav.xyz: did not receive HSTS header
pardnoy.com: could not connect to host
parent5446.us: could not connect to host
parentmail.co.uk: did not receive HSTS header
parfum-baza.ru: did not receive HSTS header
+pariga.co.uk: could not connect to host
paris-cyber.fr: did not receive HSTS header
parisdimanche.com: did not receive HSTS header
parishome.jp: could not connect to host
@@ -12369,13 +12824,11 @@ parkrocker.com: max-age too low: 604800
parksland.net: did not receive HSTS header
parksubaruoemparts.com: could not connect to host
parkwithark.com: could not connect to host
+parleu2016.nl: could not connect to host
parodybit.net: did not receive HSTS header
parpaing-paillette.net: could not connect to host
parquet-lascazes.fr: did not receive HSTS header
-partage.ovh: did not receive HSTS header
-parteaga.com: did not receive HSTS header
-parteaga.net: did not receive HSTS header
-parthkolekar.me: could not connect to host
+partage.ovh: could not connect to host
participatorybudgeting.de: did not receive HSTS header
participatorybudgeting.info: did not receive HSTS header
particonpsplus.it: could not connect to host
@@ -12393,8 +12846,9 @@ partyvan.it: could not connect to host
partyvan.moe: could not connect to host
partyvan.nl: could not connect to host
partyvan.se: could not connect to host
+pascal-kannchen.de: could not connect to host
pascalchristen.ch: did not receive HSTS header
-pasportaservo.org: could not connect to host
+pasportaservo.org: did not receive HSTS header
passpilot.co.uk: did not receive HSTS header
passwd.io: did not receive HSTS header
password.codes: could not connect to host
@@ -12410,23 +12864,27 @@ paster.li: did not receive HSTS header
pasteros.io: could not connect to host
pastie.se: could not connect to host
pastorcanadense.com.br: could not connect to host
+pastorsuico.com.br: could not connect to host
pataua.kiwi: did not receive HSTS header
paternitydnatest.com: could not connect to host
patfs.com: did not receive HSTS header
pathwaytofaith.com: could not connect to host
patientinsight.net: could not connect to host
patriaco.net: did not receive HSTS header
-patric-lenhart.de: could not connect to host
patrick.dark.name: could not connect to host
patrickbusch.net: could not connect to host
+patrickmcnamara.xyz: did not receive HSTS header
patrickneuro.de: could not connect to host
patrickquinn.ca: did not receive HSTS header
patrickschneider.me: could not connect to host
patt.us: did not receive HSTS header
patterson.mp: could not connect to host
+paul-bronski.de: could not connect to host
paul-kerebel.pro: could not connect to host
paul-schmidt.de: max-age too low: 0
paulbunyanmls.com: did not receive HSTS header
+paulewen.ca: could not connect to host
+paulpetersen.dk: did not receive HSTS header
paulproell.at: did not receive HSTS header
paulrudge.codes: could not connect to host
paulshir.com: could not connect to host
@@ -12434,11 +12892,14 @@ paulshir.is: could not connect to host
paulyang.cn: did not receive HSTS header
paveljanda.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
pavelkahouseforcisco.com: did not receive HSTS header
+pavelstriz.cz: could not connect to host
+pawfriends.org.za: did not receive HSTS header
pawsru.org: could not connect to host
paxdei.com.br: could not connect to host
paxwinkel.nl: could not connect to host
pay.gigahost.dk: did not receive HSTS header
pay.ubuntu.com: could not connect to host
+pay8522.com: could not connect to host
payclixpayments.com: did not receive HSTS header
payfreez.com: could not connect to host
paykings.com: did not receive HSTS header
@@ -12456,6 +12917,8 @@ pbbr.com: did not receive HSTS header
pbcknd.ml: could not connect to host
pbcomp.com.au: did not receive HSTS header
pbprint.ru: could not connect to host
+pbqs.site: could not connect to host
+pbreen.co.uk: could not connect to host
pbscreens.com: could not connect to host
pbytes.com: could not connect to host
pc-nf.de: did not receive HSTS header
@@ -12465,7 +12928,7 @@ pcbricole.fr: could not connect to host
pcfun.net: did not receive HSTS header
pchax.net: could not connect to host
pchospital.cc: could not connect to host
-pcmedia.co.nz: did not receive HSTS header
+pcmedia.co.nz: max-age too low: 7889238
pcvirusclear.com: could not connect to host
pdamsidoarjo.co.id: could not connect to host
pdevio.com: could not connect to host
@@ -12496,7 +12959,7 @@ penablog.com: did not receive HSTS header
pengisatelier.net: could not connect to host
pengui.uk: could not connect to host
penguinclientsystem.com: did not receive HSTS header
-pengumuman.id: did not receive HSTS header
+pengumuman.id: could not connect to host
pennyapp.io: did not receive HSTS header
pennylane.me.uk: did not receive HSTS header
pensanisso.com: did not receive HSTS header
@@ -12505,7 +12968,7 @@ pension-veldzigt.nl: did not receive HSTS header
pension-waldesruh.de: did not receive HSTS header
pensiunealido.ro: could not connect to host
pentagram.me: max-age too low: 2592000
-pentano.net: could not connect to host
+pentano.net: did not receive HSTS header
people-mozilla.org: could not connect to host
peoplerange.com: did not receive HSTS header
peoplesbankal.com: did not receive HSTS header
@@ -12520,7 +12983,7 @@ pereuda.com: could not connect to host
perez-marrero.com: could not connect to host
perfect-radiant-wrinkles.com: could not connect to host
perfectionis.me: could not connect to host
-perfectionunite.com: could not connect to host
+perfectionunite.com: did not receive HSTS header
perfectseourl.com: did not receive HSTS header
performancesantafe.org: did not receive HSTS header
performaride.com.au: did not receive HSTS header
@@ -12529,7 +12992,12 @@ performous.org: did not receive HSTS header
perfumista.vn: did not receive HSTS header
periodismoactual.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
periscopeliveweb.com: could not connect to host
-perlwork.nl: could not connect to host
+perlwork.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+perm-jur.ch: could not connect to host
+perm-juridique.ch: could not connect to host
+permanence-juridique.com: could not connect to host
+permanencejuridique-ge.ch: could not connect to host
+permanencejuridique.com: could not connect to host
pernatie.ru: could not connect to host
peromsik.com: did not receive HSTS header
perplex.nl: did not receive HSTS header
@@ -12537,6 +13005,7 @@ perrone.co: could not connect to host
perroud.pro: did not receive HSTS header
persjrp.ca: could not connect to host
persoform.ch: could not connect to host
+personal-injury-attorney.co: could not connect to host
personalcommunicationsecurity.com: could not connect to host
personaldatabasen.no: could not connect to host
personalinjurylist.com: could not connect to host
@@ -12562,8 +13031,9 @@ pethelpers.org: did not receive HSTS header
pethub.com: did not receive HSTS header
petit.site: could not connect to host
petlife.od.ua: could not connect to host
-petplum.com: could not connect to host
+petplum.com: did not receive HSTS header
petrkrapek.cz: did not receive HSTS header
+petrotranz.com: did not receive HSTS header
petrovsky.pro: could not connect to host
petsittersservices.com: could not connect to host
pettsy.com: did not receive HSTS header
@@ -12574,20 +13044,23 @@ pexieapp.com: did not receive HSTS header
peykezamin.ir: did not receive HSTS header
peyote.org: could not connect to host
peytonfarrar.com: could not connect to host
+pf.dk: did not receive HSTS header
+pfadfinder-grossauheim.de: could not connect to host
pferdeeinstreu-kaufen.com: did not receive HSTS header
pfgshop.com.br: could not connect to host
pflegedienst-gratia.de: max-age too low: 300
+pfo.io: could not connect to host
pfolta.net: could not connect to host
+pfrost.me: could not connect to host
pgcpbc.com: could not connect to host
pgmsource.com: could not connect to host
pgpm.io: could not connect to host
pgregg.com: did not receive HSTS header
pgtb.be: could not connect to host
phalconist.com: could not connect to host
+pharmaboard.org: did not receive HSTS header
pharmgkb.org: could not connect to host
-pharynx.nl: could not connect to host
phcmembers.com: did not receive HSTS header
-phcnetworks.net: did not receive HSTS header
phdsupply.com: could not connect to host
phdwuda.com: could not connect to host
phenomeno-porto.com: did not receive HSTS header
@@ -12596,6 +13069,7 @@ phenomenoporto.com: did not receive HSTS header
phenomenoporto.nl: did not receive HSTS header
philadelphiacandies.com: did not receive HSTS header
philadelphiadancefoundation.org: could not connect to host
+philipkohn.com: did not receive HSTS header
philipmordue.co.uk: could not connect to host
philippa.cool: could not connect to host
phillippi.me: could not connect to host
@@ -12604,30 +13078,36 @@ phillprice.com: did not receive HSTS header
philonas.net: did not receive HSTS header
philpropertygroup.com: could not connect to host
phippsreporting.com: did not receive HSTS header
+phishing.rs: did not receive HSTS header
+phocean.net: could not connect to host
phoebe.co.nz: did not receive HSTS header
phoenicis.com.ua: did not receive HSTS header
phoenix.dj: did not receive HSTS header
-phoenixlogan.com: could not connect to host
phonenumberinfo.co.uk: could not connect to host
phongmay24h.com: could not connect to host
-phood.be: could not connect to host
-photo.org.il: could not connect to host
+phood.be: did not receive HSTS header
+photek.fm: could not connect to host
photoblogverona.com: could not connect to host
photoboothpartyhire.co.uk: did not receive HSTS header
photographyforchange.com: could not connect to host
photographyforchange.org: could not connect to host
+photon.sh: could not connect to host
photops.fr: could not connect to host
photosoftware.nl: could not connect to host
+photosquare.com.tw: did not receive HSTS header
phototag.org: did not receive HSTS header
php-bach.org: could not connect to host
phpdistribution.com: did not receive HSTS header
phperformances.fr: did not receive HSTS header
phpfashion.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
phr34kz.pw: did not receive HSTS header
+phra.gs: could not connect to host
phrasing.me: could not connect to host
phryneas.de: did not receive HSTS header
phumin.in.th: did not receive HSTS header
phuong.faith: could not connect to host
+physicpezeshki.com: did not receive HSTS header
+pi-box.ml: could not connect to host
pi-eng.fr: did not receive HSTS header
pianetaottica.eu: could not connect to host
pianetaottica.info: could not connect to host
@@ -12638,7 +13118,6 @@ piasto.com.cy: could not connect to host
piatanoua.md: did not receive HSTS header
picallo.es: could not connect to host
picardiascr.com: could not connect to host
-pickersurvey.org: could not connect to host
pickr.co: could not connect to host
picone.com.au: could not connect to host
picotronic.biz: could not connect to host
@@ -12654,6 +13133,7 @@ pieperhome.de: did not receive HSTS header
pierrejeansuau.fr: could not connect to host
pieterjangeeroms.me: could not connect to host
piggott.me.uk: did not receive HSTS header
+pigritia.de: could not connect to host
piils.fr: did not receive HSTS header
pikalongwar.com: did not receive HSTS header
pikmy.com: could not connect to host
@@ -12675,14 +13155,16 @@ pinkfis.ch: did not receive HSTS header
pinkhq.com: did not receive HSTS header
pinkinked.com: could not connect to host
pinoylinux.org: did not receive HSTS header
-pinpointengineer.co.uk: could not connect to host
+pinscher.com.br: could not connect to host
+pintosbeeremovals.co.za: did not receive HSTS header
pintoselectrician.co.za: did not receive HSTS header
pioche.ovh: did not receive HSTS header
+pipenny.net: could not connect to host
pippen.io: could not connect to host
pips.rocks: could not connect to host
pir9.com: did not receive HSTS header
piranil.com: did not receive HSTS header
-pirata.ga: did not receive HSTS header
+pirata.ga: could not connect to host
pirateahoy.eu: could not connect to host
piratebay.ml: could not connect to host
piratebit.tech: could not connect to host
@@ -12692,12 +13174,12 @@ piratelist.online: could not connect to host
piratenlogin.de: could not connect to host
piratepay.io: could not connect to host
piratepay.ir: could not connect to host
-pirateproxy.pe: max-age too low: 0
+pirateproxy.pe: could not connect to host
pirateproxy.sx: did not receive HSTS header
pirateproxy.vip: could not connect to host
pirati.cz: max-age too low: 604800
piratte.net: did not receive HSTS header
-pirganj24.com: could not connect to host
+pirganj24.com: did not receive HSTS header
pirlitu.com: did not receive HSTS header
pisexy.me: did not receive HSTS header
pisidia.de: could not connect to host
@@ -12718,9 +13200,13 @@ pixelpoint.io: did not receive HSTS header
pixelrain.info: could not connect to host
pixi.chat: could not connect to host
pixi.me: did not receive HSTS header
+pixivimg.me: could not connect to host
pizala.de: could not connect to host
+pizzacook.ch: did not receive HSTS header
pizzadoc.ch: could not connect to host
-pj00100.com: could not connect to host
+pizzafunny.com.br: did not receive HSTS header
+pizzamc.eu: could not connect to host
+pj00100.com: did not receive HSTS header
pj00200.com: did not receive HSTS header
pj00300.com: did not receive HSTS header
pj00400.com: did not receive HSTS header
@@ -12738,14 +13224,13 @@ pkautodesign.com: did not receive HSTS header
pkbjateng.or.id: could not connect to host
pko.ch: did not receive HSTS header
pkschat.com: could not connect to host
-pksps.com: could not connect to host
plaasprodukte.com: could not connect to host
+placassinal.com.br: did not receive HSTS header
placefade.com: could not connect to host
placehold.co: did not receive HSTS header
placollection.org: could not connect to host
plaettliaktion.ch: did not receive HSTS header
plagiarismcheck.org: max-age too low: 604800
-plaintech.net.au: could not connect to host
plaintray.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
plakbak.nl: could not connect to host
planbox.info: could not connect to host
@@ -12755,12 +13240,16 @@ planete-secu.com: could not connect to host
planetromeo.com: could not connect to host
planformation.com: did not receive HSTS header
planktonholland.com: did not receive HSTS header
+planolowcarb.com: could not connect to host
planpharmacy.com: could not connect to host
plant.ml: could not connect to host
-plantroon.com: did not receive HSTS header
+plantroon.com: could not connect to host
plass.hamburg: could not connect to host
plasti-pac.ch: did not receive HSTS header
+plasticsurgeryartist.com: max-age too low: 300
+plasticsurgerynola.com: did not receive HSTS header
plasticsurgeryservices.com: did not receive HSTS header
+plastiflex.it: could not connect to host
plasvilledescartaveis.com.br: could not connect to host
platform.lookout.com: could not connect to host
platinumpeek.com: did not receive HSTS header
@@ -12783,6 +13272,7 @@ please-deny.me: could not connect to host
pleaseuseansnisupportedbrowser.ml: could not connect to host
pleasure.forsale: could not connect to host
plen.io: could not connect to host
+plexi.dyndns.tv: could not connect to host
plexpy13.ddns.net: could not connect to host
plexusmd.com: did not receive HSTS header
plfgr.eu.org: could not connect to host
@@ -12800,14 +13290,14 @@ plugboard.xyz: could not connect to host
pluggedhead.com: did not receive HSTS header
plumbingboksburg.co.za: did not receive HSTS header
plumbingman.com.au: did not receive HSTS header
-plumplat.com: did not receive HSTS header
-plus-digital.net: did not receive HSTS header
+plus-digital.net: could not connect to host
plus-u.com.au: did not receive HSTS header
plus.sandbox.google.com: did not receive HSTS header (error ignored - included regardless)
plus1s.tk: could not connect to host
plushev.com: did not receive HSTS header
plussizereviews.com: could not connect to host
plut.org: did not receive HSTS header
+pluth.org: did not receive HSTS header
plymouthglassgallery.com: did not receive HSTS header
plymouthsoftplay.co.uk: could not connect to host
pm13-media.cz: could not connect to host
@@ -12819,10 +13309,13 @@ pmemanager.fr: did not receive HSTS header
pmessage.ch: could not connect to host
pmheart.site: could not connect to host
pmnts.io: could not connect to host
+pmponline.de: did not receive HSTS header
+pneumonline.be: did not receive HSTS header
pneusgppremium.com.br: did not receive HSTS header
pnukee.com: did not receive HSTS header
po.gl: could not connect to host
pocakdrops.com: did not receive HSTS header
+pocakking.tk: could not connect to host
pocket-lint.com: did not receive HSTS header
pocketfullofapps.com: did not receive HSTS header
pocketmemories.net: could not connect to host
@@ -12833,6 +13326,7 @@ podcast.style: could not connect to host
podiumsdiskussion.org: did not receive HSTS header
poed.com.au: could not connect to host
poeg.cz: did not receive HSTS header
+pogetback.pl: could not connect to host
pogoswine.com: could not connect to host
pogs.us: could not connect to host
poiema.com.sg: did not receive HSTS header
@@ -12842,18 +13336,19 @@ pointiswunderland.de: did not receive HSTS header
pointpro.de: did not receive HSTS header
points4unitedway.com: could not connect to host
pointworksacademy.com: could not connect to host
+pokalsocial.de: could not connect to host
pokeduel.me: did not receive HSTS header
pokomichi.com: did not receive HSTS header
pol-expo.ru: could not connect to host
pol.in.th: could not connect to host
polandb2b.directory: could not connect to host
-polar-baer.com: could not connect to host
polarityschule.com: did not receive HSTS header
-pole.net.nz: did not receive HSTS header
+pole.net.nz: could not connect to host
poleartschool.com: could not connect to host
polen.guide: could not connect to host
policeiwitness.sg: could not connect to host
polimat.org: could not connect to host
+polish-translations.com: could not connect to host
polish.directory: could not connect to host
polit-it.pro: could not connect to host
politeiaudesa.org: max-age too low: 2592000
@@ -12861,9 +13356,12 @@ politically-incorrect.xyz: could not connect to host
politiewervingshop.nl: did not receive HSTS header
politologos.org: could not connect to host
pollpodium.nl: could not connect to host
+poloniex.co.za: did not receive HSTS header
polsport.live: did not receive HSTS header
polycoise.com: could not connect to host
polycrypt.us: could not connect to host
+polyfill.io: did not receive HSTS header
+polymorph.rs: could not connect to host
polypho.nyc: could not connect to host
polysage.org: did not receive HSTS header
polytechecosystem.vc: could not connect to host
@@ -12872,7 +13370,6 @@ pomfe.co: could not connect to host
pompefunebrilariviera.it: could not connect to host
pompompoes.com: could not connect to host
pondof.fish: could not connect to host
-poneytelecom.org: could not connect to host
ponteencima.com: could not connect to host
ponteus.com: could not connect to host
pontodogame.com.br: could not connect to host
@@ -12880,6 +13377,7 @@ pontokay.com.br: could not connect to host
pontualcomp.com: could not connect to host
pony.today: could not connect to host
ponythread.com: did not receive HSTS header
+ponzi.life: could not connect to host
poolinstallers.co.za: could not connect to host
poolsandstuff.com: did not receive HSTS header
poon.tech: could not connect to host
@@ -12896,6 +13394,7 @@ porn77.info: could not connect to host
pornalpha.com: could not connect to host
pornbay.org: could not connect to host
pornblog.org: could not connect to host
+porncandi.com: could not connect to host
pornimg.net: could not connect to host
pornless.biz: could not connect to host
pornmax.net: could not connect to host
@@ -12908,7 +13407,9 @@ pornsocket.com: could not connect to host
pornstars.me: did not receive HSTS header
pornteddy.com: could not connect to host
pornultra.net: could not connect to host
+porpcr.com: could not connect to host
porschen.fr: could not connect to host
+port.im: did not receive HSTS header
port.social: could not connect to host
portalcarapicuiba.com: did not receive HSTS header
portale-randkowe.pl: did not receive HSTS header
@@ -12920,15 +13421,16 @@ portalplatform.net: could not connect to host
portaluniversalista.org: did not receive HSTS header
portalveneza.com.br: did not receive HSTS header
portalzine.de: did not receive HSTS header
-portefeuillesignalen.nl: did not receive HSTS header
+portefeuillesignalen.nl: could not connect to host
portraitsystem.biz: did not receive HSTS header
poshpak.com: max-age too low: 86400
+positivenames.net: could not connect to host
positivesobrietyinstitute.com: did not receive HSTS header
post.we.bs: did not receive HSTS header
-post4me.at: could not connect to host
postback.io: did not receive HSTS header
postcardpayment.com: could not connect to host
postcodegarant.nl: could not connect to host
+postdeck.de: did not receive HSTS header
posters.win: could not connect to host
postscheduler.org: could not connect to host
posylka.de: did not receive HSTS header
@@ -12937,6 +13439,7 @@ potatron.tech: could not connect to host
potbar.com: could not connect to host
potbox.com: could not connect to host
potenzmittelblog.info: could not connect to host
+potenzprobleme-info.net: did not receive HSTS header
potlytics.com: could not connect to host
potomania.cz: could not connect to host
potpourrifestival.de: did not receive HSTS header
@@ -12950,8 +13453,9 @@ pourout.org: did not receive HSTS header
poussinooz.fr: could not connect to host
povitria.net: could not connect to host
powaclub.com: max-age too low: 86400
+power-coonies.de: could not connect to host
power-l.ch: did not receive HSTS header
-power-of-interest.com: did not receive HSTS header
+power-of-interest.com: could not connect to host
power99press.com: could not connect to host
powerb.ch: did not receive HSTS header
powerdent.net.br: could not connect to host
@@ -12960,6 +13464,7 @@ poweroff.win: could not connect to host
powerplannerapp.com: could not connect to host
powersergunited.com: could not connect to host
powersergunited.org: could not connect to host
+powersergusercontent.com: could not connect to host
powershellmagic.com: could not connect to host
powershift.ne.jp: did not receive HSTS header
powertothebuilder.com: could not connect to host
@@ -12983,6 +13488,7 @@ pratinav.xyz: could not connect to host
prattpokemon.com: could not connect to host
praxis-research.info: could not connect to host
prazeresdavida.com.br: could not connect to host
+prazynka.pl: did not receive HSTS header
precedecaritas.com.br: could not connect to host
precisionaeroimaging.com: did not receive HSTS header
prediksisydney.com: could not connect to host
@@ -12991,9 +13497,8 @@ preezzie.com: could not connect to host
prefis.com: did not receive HSTS header
prefontaine.name: could not connect to host
prego-shop.de: could not connect to host
+pregono.com: did not receive HSTS header
preio.cn: could not connect to host
-preisser-it.de: did not receive HSTS header
-preisser.it: did not receive HSTS header
prekladysanca.cz: could not connect to host
prelist.org: did not receive HSTS header
premaritalsex.info: could not connect to host
@@ -13001,7 +13506,7 @@ premioambiente.it: did not receive HSTS header
premiumzweirad.de: max-age too low: 7776000
prepaidgirl.com: could not connect to host
prepandgo-euro.com: could not connect to host
-preposted.com: could not connect to host
+preposted.com: did not receive HSTS header
preppertactics.com: did not receive HSTS header
preprodfan.gov: could not connect to host
prescriptionrex.com: did not receive HSTS header
@@ -13023,20 +13528,21 @@ pretzlaff.info: did not receive HSTS header
preworkout.me: could not connect to host
prgslab.net: could not connect to host
priceholic.com: could not connect to host
+prideindomination.com: could not connect to host
pridoc.se: did not receive HSTS header
prifo.se: could not connect to host
prijsvergelijken.ml: could not connect to host
prilock.com: did not receive HSTS header
+primaconsulting.net: could not connect to host
primecaplending.com: could not connect to host
primewho.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
primordialsnooze.com: could not connect to host
primotiles.co.uk: did not receive HSTS header
-prinbanat.ngo: could not connect to host
-princeagency.com: could not connect to host
+primotilesandbathrooms.co.uk: max-age too low: 2592000
+prinbanat.ngo: did not receive HSTS header
+princeagency.com: did not receive HSTS header
princessbackpack.de: could not connect to host
princessmargaretlotto.com: did not receive HSTS header
-principalsexam.com: could not connect to host
-principalstest.ph: could not connect to host
prinesdoma.at: did not receive HSTS header
printerest.io: could not connect to host
printersonline.be: did not receive HSTS header
@@ -13048,7 +13554,6 @@ pristineevents.co.uk: did not receive HSTS header
pritchett.xyz: could not connect to host
privacylabs.io: did not receive HSTS header
privacymanatee.com: could not connect to host
-privacynow.eu: did not receive HSTS header
privacyrup.net: could not connect to host
privategiant.com: could not connect to host
privatstunden.express: could not connect to host
@@ -13060,12 +13565,13 @@ privytime.com: could not connect to host
prmte.com: did not receive HSTS header
prnt.li: did not receive HSTS header
pro-esb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-pro-esb.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+pro-esb.net: could not connect to host
pro-image.de: did not receive HSTS header
pro-zone.com: could not connect to host
proact-it.co.uk: could not connect to host
proactive.run: could not connect to host
procens.us: could not connect to host
+proclubs.news: did not receive HSTS header
procode.gq: could not connect to host
procrastinatingengineer.co.uk: could not connect to host
prodpad.com: did not receive HSTS header
@@ -13074,7 +13580,7 @@ productgap.com: did not receive HSTS header
productived.net: did not receive HSTS header
producto8.com: did not receive HSTS header
proesb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-proesb.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+proesb.net: could not connect to host
profi-durchgangsmelder.de: did not receive HSTS header
profinetz.de: could not connect to host
profivps.com: could not connect to host
@@ -13093,7 +13599,7 @@ proitconsulting.com.au: could not connect to host
proj.org.cn: could not connect to host
project-rune.tech: could not connect to host
project-sparks.eu: did not receive HSTS header
-project-splash.com: max-age too low: 0
+project-splash.com: could not connect to host
project-stats.com: could not connect to host
projectascension.io: could not connect to host
projectasterk.com: could not connect to host
@@ -13101,13 +13607,14 @@ projectcastle.tech: did not receive HSTS header
projectdp.net: could not connect to host
projectherogames.xyz: could not connect to host
projectl1b1t1na.tk: could not connect to host
-projectmercury.space: could not connect to host
+projectmercury.space: did not receive HSTS header
projectte.ch: could not connect to host
+projectunity.io: could not connect to host
projectvault.ovh: did not receive HSTS header
projectx.top: could not connect to host
projekt-umbriel.de: could not connect to host
projektik.cz: did not receive HSTS header
-projektzentrisch.de: could not connect to host
+projet-fly.ch: could not connect to host
projetoresecia.com: could not connect to host
prok.pw: did not receive HSTS header
prokop.ovh: could not connect to host
@@ -13124,20 +13631,23 @@ prontolight.com: did not receive HSTS header
prontomovers.co.uk: could not connect to host
propactrading.com: could not connect to host
propagandism.org: did not receive HSTS header
+propepper.net: did not receive HSTS header
propershave.com: could not connect to host
+prophiler.de: did not receive HSTS header
proplan.co.il: did not receive HSTS header
propmag.co: could not connect to host
prosenseit.com: did not receive HSTS header
+prosharp.com.au: could not connect to host
proslimdiets.com: could not connect to host
prosocialmachines.com: could not connect to host
-prosoft.sk: did not receive HSTS header
prosperident.com: did not receive HSTS header
prostohobby.ru: could not connect to host
prostoporno.net: could not connect to host
+prostoporno.sexy: could not connect to host
proteapower.co.za: could not connect to host
protecciondelconsumidor.gov: did not receive HSTS header
proteinnuts.cz: could not connect to host
-proteinnuts.sk: could not connect to host
+proteinnuts.sk: did not receive HSTS header
protonmail.ch: did not receive HSTS header
protoyou.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
provisionaldriving.com: did not receive HSTS header
@@ -13149,7 +13659,7 @@ proxbox.net: did not receive HSTS header
proxi.cf: could not connect to host
proximato.com: could not connect to host
proxybay.al: could not connect to host
-proxybay.club: max-age too low: 0
+proxybay.club: could not connect to host
proxybay.info: did not receive HSTS header
proxybay.top: could not connect to host
proxydesk.eu: could not connect to host
@@ -13160,13 +13670,14 @@ proxyportal.net: could not connect to host
proxyportal.org: did not receive HSTS header
proxyrox.com: could not connect to host
proxyweb.us: did not receive HSTS header
+proyecto13.com: did not receive HSTS header
proymaganadera.com: did not receive HSTS header
+prpr.cloud: could not connect to host
prpsss.com: could not connect to host
prstatic.com: could not connect to host
pruikshop.nl: could not connect to host
prxio.date: could not connect to host
prxio.site: could not connect to host
-prytkov.com: could not connect to host
ps-qa.com: could not connect to host
ps-x.ru: could not connect to host
pscleaningsolutions.co.uk: could not connect to host
@@ -13183,13 +13694,13 @@ pstrozniak.com: could not connect to host
pstudio.me: max-age too low: 0
psw.academy: could not connect to host
psw.consulting: could not connect to host
-psychiatrie-betreuung.ch: did not receive HSTS header
+psychiatrie-betreuung.ch: could not connect to host
+psychologie-hofner.at: could not connect to host
psynapse.net.au: could not connect to host
ptn.moscow: could not connect to host
ptonet.com: could not connect to host
ptrujillo.com: did not receive HSTS header
pub-online.ro: could not connect to host
-pubi.me: could not connect to host
pubkey.is: could not connect to host
publications.qld.gov.au: did not receive HSTS header
publicidadnovagrass.com.mx: could not connect to host
@@ -13205,6 +13716,7 @@ pugliese.fr: could not connect to host
puhe.se: could not connect to host
puikheid.nl: could not connect to host
puiterwijk.org: could not connect to host
+puli.com.br: could not connect to host
pulledporkheaven.com: could not connect to host
pulsar.guru: did not receive HSTS header
pulsedursley.co.uk: did not receive HSTS header
@@ -13212,7 +13724,6 @@ pult.co: could not connect to host
pumpgames.net: could not connect to host
punchkickinteractive.com: did not receive HSTS header
punchr-kamikazee.rhcloud.com: could not connect to host
-punchunique.com: did not receive HSTS header
punkdns.top: could not connect to host
puppydns.com: did not receive HSTS header
purahealthyliving.com: did not receive HSTS header
@@ -13222,12 +13733,11 @@ pureholisticliving.me: could not connect to host
purewebmasters.com: could not connect to host
purikore.com: could not connect to host
purplehippie.in: did not receive HSTS header
+purplez.pw: did not receive HSTS header
purpoz.com.br: could not connect to host
purpspc.com: could not connect to host
-purrfectcams.com: did not receive HSTS header
-purrfectswingers.com: did not receive HSTS header
push.world: did not receive HSTS header
-pushapp.org: did not receive HSTS header
+pushapp.org: could not connect to host
pushstar.com: max-age too low: 0
puzz.gg: could not connect to host
pvagner.tk: did not receive HSTS header
@@ -13255,13 +13765,11 @@ q2.si: did not receive HSTS header
q8mp3.me: did not receive HSTS header
qadmium.tk: could not connect to host
qamrulhaque.com: could not connect to host
-qaz.cloud: did not receive HSTS header
+qapital.com: did not receive HSTS header
qazcloud.com: could not connect to host
-qbeing.info: could not connect to host
qbik.de: did not receive HSTS header
qbin.io: did not receive HSTS header
qbnt.ca: could not connect to host
-qbus.pl: could not connect to host
qccqld.org.au: did not receive HSTS header
qe2homelottery.com: did not receive HSTS header
qensio.com: did not receive HSTS header
@@ -13288,7 +13796,6 @@ qoqo.us: did not receive HSTS header
qorm.co.uk: could not connect to host
qqj.net: could not connect to host
qqq.gg: could not connect to host
-qqrss.com: could not connect to host
qqvips.com: could not connect to host
qqvrsmart.cn: could not connect to host
qrara.net: did not receive HSTS header
@@ -13297,18 +13804,17 @@ qrforex.com: did not receive HSTS header
qrlending.com: could not connect to host
qrlfinancial.com: could not connect to host
qswoo.org: could not connect to host
-qto.com: could not connect to host
-qto.net: could not connect to host
qto.org: could not connect to host
-quaedam.org: could not connect to host
+quaedam.org: did not receive HSTS header
quail.solutions: could not connect to host
quakerlens.com: did not receive HSTS header
quality1.com.br: did not receive HSTS header
qualityology.com: did not receive HSTS header
quanglepro.com: could not connect to host
quangngaimedia.com: did not receive HSTS header
-quanjinlong.cn: could not connect to host
+quanjinlong.cn: did not receive HSTS header
quantacloud.ch: could not connect to host
+quantaloupe.tech: could not connect to host
quantenteranik.eu: could not connect to host
quantor.dk: did not receive HSTS header
quantum-cloud.xyz: could not connect to host
@@ -13317,14 +13823,15 @@ quantum-lviv.pp.ua: could not connect to host
quantumcore.cn: could not connect to host
quantumcourse.org: did not receive HSTS header
quanwuji.com: could not connect to host
-quanyin.eu.org: could not connect to host
+quanyin.eu.org: did not receive HSTS header
quarryhillrentals.com: did not receive HSTS header
quarus.net: could not connect to host
quebecmailbox.com: could not connect to host
queenbrownie.com.br: could not connect to host
queenshaflo.com: could not connect to host
+queextensiones.com: did not receive HSTS header
quelmandataire.fr: did not receive HSTS header
-querkommentar.de: could not connect to host
+querkommentar.de: did not receive HSTS header
queroreceitasoberana.com.br: did not receive HSTS header
queryplayground.com: could not connect to host
questionable.host: could not connect to host
@@ -13344,7 +13851,7 @@ quizmemes.org: could not connect to host
quotehex.com: could not connect to host
quotemaster.co.za: could not connect to host
quranserver.net: could not connect to host
-qwallet.ca: did not receive HSTS header
+qwallet.ca: could not connect to host
qwaser.fr: could not connect to host
qweepi.de: could not connect to host
qwertyatom100.me: could not connect to host
@@ -13355,23 +13862,36 @@ r-core.org: could not connect to host
r-core.ru: could not connect to host
r-cut.fr: could not connect to host
r-rickroll-u.pw: could not connect to host
+r0uzic.net: could not connect to host
r10n.com: did not receive HSTS header
r15.me: did not receive HSTS header
r18.moe: could not connect to host
raajheshkannaa.com: could not connect to host
rabbitvcactus.eu: did not receive HSTS header
rabota-x.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+rabotaescort.com: did not receive HSTS header
racasdecachorro.org: could not connect to host
+racdek.com: max-age too low: 300
+racdek.net: max-age too low: 300
+racdek.nl: max-age too low: 300
+rachaelrussell.com: did not receive HSTS header
rackblue.com: could not connect to host
racktear.com: did not receive HSTS header
raconteur.net: did not receive HSTS header
rad-route.de: could not connect to host
-raddavarden.nu: could not connect to host
+rada-group.eu: could not connect to host
+radarnext.com: could not connect to host
+raddavarden.nu: did not receive HSTS header
radicaleducation.net: could not connect to host
+radioactivenetwork.xyz: could not connect to host
radioafibra.com.br: could not connect to host
-radiocomsaocarlos.com.br: could not connect to host
-radtke.bayern: did not receive HSTS header
+radior9.it: could not connect to host
+radom-pack.pl: could not connect to host
+radtke.bayern: could not connect to host
rafaelcz.de: could not connect to host
+raft.pub: could not connect to host
+rage-overload.ch: could not connect to host
+rage.rip: could not connect to host
ragingserenity.com: did not receive HSTS header
ragnaroktop.com.br: could not connect to host
rahadiana.com: could not connect to host
@@ -13385,16 +13905,13 @@ railjob.cn: could not connect to host
railyardurgentcare.com: did not receive HSTS header
rainbin.com: could not connect to host
rainbowbarracuda.com: could not connect to host
-raipet.no-ip.biz: could not connect to host
raisecorp.com: could not connect to host
raitza.de: could not connect to host
rakugaki.cn: could not connect to host
-ralfs-zusizone.de: could not connect to host
-ramarka.de: could not connect to host
ramatola.uk: could not connect to host
rambii.de: could not connect to host
ramblingrf.tech: could not connect to host
-ramezanloo.com: did not receive HSTS header
+ramezanloo.com: could not connect to host
ramitmittal.com: could not connect to host
ramon-c.nl: could not connect to host
ramonj.nl: could not connect to host
@@ -13409,14 +13926,15 @@ rannseier.org: did not receive HSTS header
ranos.org: could not connect to host
rantanda.com: could not connect to host
rany.duckdns.org: could not connect to host
-rany.io: could not connect to host
+rany.io: did not receive HSTS header
rany.pw: could not connect to host
+raphaelmoura.ddns.net: could not connect to host
rapidemobile.com: did not receive HSTS header
rapidflow.io: could not connect to host
rapido.nu: could not connect to host
rapidresearch.me: could not connect to host
rapidthunder.io: could not connect to host
-rasing.me: could not connect to host
+rasing.me: max-age too low: 43200
raspass.me: did not receive HSTS header
raspberry.us: could not connect to host
raspberryultradrops.com: did not receive HSTS header
@@ -13424,41 +13942,46 @@ rastreador.com.es: did not receive HSTS header
rastreie.net: did not receive HSTS header
ratajczak.fr: could not connect to host
rate-esport.de: could not connect to host
-rathorian.fr: could not connect to host
+rathorian.fr: did not receive HSTS header
rationem.nl: did not receive HSTS header
ratuseks.com: could not connect to host
ratuseks.net: could not connect to host
ratuseks.us: could not connect to host
+rauchenwald.net: could not connect to host
raucris.ro: could not connect to host
raulfraile.net: could not connect to host
+raum4224.de: max-age too low: 0
rautermods.net: could not connect to host
ravage.fm: did not receive HSTS header
raven.lipetsk.ru: could not connect to host
ravengergaming.ga: could not connect to host
ravengergaming.net: could not connect to host
-ravenx.me: could not connect to host
ravse.dk: could not connect to host
raw-diets.com: could not connect to host
rawet.se: could not connect to host
rawoil.com: could not connect to host
rawr.sexy: could not connect to host
rawstorieslondon.com: could not connect to host
+rayanitco.com: did not receive HSTS header
raycarruthersphotography.co.uk: could not connect to host
raydan.space: could not connect to host
raydobe.me: could not connect to host
+raymondelooff.nl: did not receive HSTS header
raytron.org: could not connect to host
raywin168.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
raywin168.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
raywin88.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-razberry.kr: could not connect to host
razlaw.name: did not receive HSTS header
razzolini.com.br: could not connect to host
rb-china.net: could not connect to host
+rbcservicehub-uat.azurewebsites.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
rbhighinc.org: could not connect to host
+rbmafrica.co.za: could not connect to host
rbose.org: could not connect to host
rbqcloud.com: could not connect to host
rbti.me: could not connect to host
rbtvshitstorm.is: did not receive HSTS header
+rburchell.com: did not receive HSTS header
rbxcatalog.com: could not connect to host
rc4.io: could not connect to host
rc7.ch: could not connect to host
@@ -13470,8 +13993,11 @@ rcraigmurphy.net: could not connect to host
rcvd.io: did not receive HSTS header
rcx.io: could not connect to host
rdfz.tech: could not connect to host
+rdh.asia: could not connect to host
+rdns.cc: could not connect to host
rdns.im: did not receive HSTS header
rdplumbingsolutions.com.au: did not receive HSTS header
+rdxsattamatka.mobi: could not connect to host
rdyrda.fr: could not connect to host
re-customer.net: could not connect to host
re-wilding.com: could not connect to host
@@ -13496,6 +14022,7 @@ realfamilyincest.com: could not connect to host
realgarant-shop.de: did not receive HSTS header
realhost.name: could not connect to host
realincest.tv: could not connect to host
+really.ai: could not connect to host
really.io: did not receive HSTS header
reallyreally.io: did not receive HSTS header
realmic.net: could not connect to host
@@ -13510,13 +14037,13 @@ rebekaesgabor.online: could not connect to host
rebootmc.com: could not connect to host
receitas-de-bolos.pt: could not connect to host
receitasdebacalhau.pt: could not connect to host
-recetasdecocinaideal.com: did not receive HSTS header
+receptionsbook.com: could not connect to host
recetasfacilesdehacer.com: did not receive HSTS header
rechat.com: did not receive HSTS header
rechenwerk.net: could not connect to host
recht-freundlich.de: did not receive HSTS header
rechtenliteratuurleiden.nl: could not connect to host
-recompiled.org: max-age too low: 7776000
+reclamebureau-ultrax.nl: did not receive HSTS header
recreation.gov: did not receive HSTS header
recruitsecuritytraining.co.uk: could not connect to host
recruitsecuritytraining.com: could not connect to host
@@ -13529,6 +14056,7 @@ reddiseals.com: [Exception... "Component returned failure code: 0x80004005 (NS_E
reddit.com: did not receive HSTS header
rede.ca: did not receive HSTS header
redeemingbeautyminerals.com: max-age too low: 0
+redheeler.com.br: could not connect to host
redhorsemountainranch.com: did not receive HSTS header
redicabo.de: could not connect to host
redirectman.com: could not connect to host
@@ -13544,6 +14072,7 @@ redperegrine.com: did not receive HSTS header
redporno.cz: could not connect to host
redports.org: could not connect to host
redra.ws: did not receive HSTS header
+redsquirrelcampsite.co.uk: max-age too low: 5184000
redstarsurf.com: did not receive HSTS header
reducerin.ro: did not receive HSTS header
redy.host: did not receive HSTS header
@@ -13572,10 +14101,10 @@ regionalcoalition.org: did not receive HSTS header
regionale.org: did not receive HSTS header
register.gov.uk: did not receive HSTS header
registertovoteflorida.gov: did not receive HSTS header
-registryplus.nl: did not receive HSTS header
regoul.com: did not receive HSTS header
regsec.com: could not connect to host
rehabthailand.nl: could not connect to host
+reher.pro: could not connect to host
rei.codes: did not receive HSTS header
reic.me: could not connect to host
reidascuecas.com.br: could not connect to host
@@ -13586,7 +14115,7 @@ reinaertvandecruys.me: could not connect to host
reineberthe.ch: could not connect to host
reinoldus.ddns.net: could not connect to host
reismil.ch: could not connect to host
-reisyukaku.org: could not connect to host
+reisyukaku.org: did not receive HSTS header
reithguard-it.de: did not receive HSTS header
rejo.in: could not connect to host
rejushiiplotter.ru: could not connect to host
@@ -13602,24 +14131,27 @@ rem.pe: did not receive HSTS header
rema.site: did not receive HSTS header
remain.london: could not connect to host
remedica.fr: could not connect to host
-remedioskaseros.com: did not receive HSTS header
+remedioparaherpes.com: did not receive HSTS header
+remedios-caserospara.com: did not receive HSTS header
remedium.de: could not connect to host
remedyrehab.com: did not receive HSTS header
rememberthis.co.za: could not connect to host
remodela.com.ve: could not connect to host
remodelwithlegacy.com: did not receive HSTS header
remonttitekniikka.fi: could not connect to host
+remoteham.com: could not connect to host
remotestance.com: did not receive HSTS header
rencaijia.com: did not receive HSTS header
rencontres-erotiques.com: did not receive HSTS header
reneclemens.nl: max-age too low: 300
+renedekoeijer.nl: max-age too low: 300
+renewed.technology: could not connect to host
rengarenkblog.com: could not connect to host
renideo.fr: could not connect to host
renkhosting.com: could not connect to host
renlong.org: did not receive HSTS header
rennfire.org: could not connect to host
renrenss.com: could not connect to host
-rent-a-c.io: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
rentacarcluj.xyz: did not receive HSTS header
rentalmed.com.br: did not receive HSTS header
rentbrowser.com: could not connect to host
@@ -13627,6 +14159,7 @@ rentbrowsertrain.me: could not connect to host
rentcarassist.com: could not connect to host
renteater.com: could not connect to host
rentex.com: did not receive HSTS header
+reparo.pe: did not receive HSTS header
repex.co.il: could not connect to host
replaceits.me: could not connect to host
replacemychina.com: could not connect to host
@@ -13643,14 +14176,14 @@ reporturi.io: did not receive HSTS header
reporturl.com: did not receive HSTS header
reporturl.io: did not receive HSTS header
reposaarenkuva.fi: could not connect to host
-reprolife.co.uk: did not receive HSTS header
+reprolife.co.uk: could not connect to host
reptilauksjonen.no: could not connect to host
republicmo.gov: could not connect to host
repustate.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
reqognize.com: could not connect to host
request-trent.com: could not connect to host
-res-rheingau.de: did not receive HSTS header
-res42.com: could not connect to host
+res-rheingau.de: could not connect to host
+res42.com: did not receive HSTS header
resc.la: could not connect to host
research.md: could not connect to host
reseponline.info: did not receive HSTS header
@@ -13668,12 +14201,15 @@ restaurantesimonetti.com.br: could not connect to host
restaurantmangal.ch: could not connect to host
restchart.com: did not receive HSTS header
restioson.me: could not connect to host
-restopro.nyc: did not receive HSTS header
+restopro.nyc: could not connect to host
restoreresearchstudy.com: could not connect to host
resultsdate.news: could not connect to host
+retcor.net: could not connect to host
+retetop95.it: did not receive HSTS header
reth.ch: could not connect to host
retireyourpassword.org: did not receive HSTS header
retogroup.com: could not connect to host
+retronet.nl: could not connect to host
retropage.co: did not receive HSTS header
retrowave.eu: could not connect to host
rets.org.br: did not receive HSTS header
@@ -13685,7 +14221,8 @@ revealdata.com: did not receive HSTS header
revelaciones.tv: could not connect to host
revello.org: did not receive HSTS header
reverie.pw: could not connect to host
-review.info: did not receive HSTS header
+reverse.design: could not connect to host
+review.info: could not connect to host
reviewbestseller.com: did not receive HSTS header
reviewjust.com: did not receive HSTS header
reviewspedia.org: did not receive HSTS header
@@ -13702,41 +14239,42 @@ rfeif.org: could not connect to host
rgservers.com: did not receive HSTS header
rhapsodhy.hu: could not connect to host
rhdigital.pro: could not connect to host
+rheinturm.nrw: could not connect to host
rhering.de: could not connect to host
rhetthenckel.com: max-age too low: 0
-rhiskiapril.com: did not receive HSTS header
+rheuma-online.de: could not connect to host
+rhiskiapril.com: could not connect to host
rhodes.ml: could not connect to host
rhodesianridgeback.com.br: could not connect to host
rhodosdreef.nl: could not connect to host
riaucybersolution.net: did not receive HSTS header
ribopierre.fr: could not connect to host
riceglue.com: could not connect to host
-richamorindonesia.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+richamorindonesia.com: did not receive HSTS header
richardb.me: could not connect to host
richardcrosby.co.uk: did not receive HSTS header
-richardhicks.us: could not connect to host
richeza.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
richie.link: did not receive HSTS header
richiemail.net: could not connect to host
richmondsunlight.com: did not receive HSTS header
richmtdriver.com: could not connect to host
+richonrails.com: did not receive HSTS header
richsiciliano.com: did not receive HSTS header
richterphilipp.com: could not connect to host
rickmartensen.nl: did not receive HSTS header
ricknox.com: did not receive HSTS header
ricky.capital: did not receive HSTS header
rid-wan.com: could not connect to host
+ride-up.com: did not receive HSTS header
rideaudiscount.com: did not receive HSTS header
rideforwade.com: could not connect to host
rideforwade.net: could not connect to host
rideforwade.org: could not connect to host
rideworks.com: could not connect to host
ridingoklahoma.com: could not connect to host
-ridwan.co: could not connect to host
rienasemettre.fr: did not receive HSTS header
riesenmagnete.de: could not connect to host
riester.pl: did not receive HSTS header
-rievo.net: did not receive HSTS header
right-to-love.name: did not receive HSTS header
right2.org: could not connect to host
righteousendeavour.com: could not connect to host
@@ -13752,19 +14290,22 @@ rionewyork.com.br: could not connect to host
ripa.io: did not receive HSTS header
ripple.com: did not receive HSTS header
rippleunion.com: could not connect to host
+ris.fi: could not connect to host
risi-china.com: could not connect to host
risingsun.red: could not connect to host
riskmgt.com.au: could not connect to host
rissato.com.br: could not connect to host
ristorantefattoamano.eu: could not connect to host
-rithm.ch: could not connect to host
+rithm.ch: did not receive HSTS header
rittis.ru: did not receive HSTS header
rivagecare.it: did not receive HSTS header
+riverbed.com: did not receive HSTS header
rivercruiseadvisor.com: did not receive HSTS header
rivermendhealthcenters.com: did not receive HSTS header
riversideauto.net: did not receive HSTS header
riverstyxgame.com: could not connect to host
rivlo.com: could not connect to host
+riwick.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
rj.gg: could not connect to host
rjnutrition.consulting: did not receive HSTS header
rk6.cz: could not connect to host
@@ -13777,55 +14318,59 @@ rme.li: did not receive HSTS header
rmit.me: could not connect to host
rmk.si: could not connect to host
rmsides.com: did not receive HSTS header
-rmstudio.tw: could not connect to host
+rn29.me: could not connect to host
+rnbjunk.com: did not receive HSTS header
roadfeast.com: could not connect to host
roan24.pl: did not receive HSTS header
+roave.com: could not connect to host
rob.uk.com: did not receive HSTS header
robertabittle.com: could not connect to host
+robertbln.com: could not connect to host
roberto-webhosting.nl: could not connect to host
robertocasares.no-ip.biz: could not connect to host
robi-net.it: could not connect to host
-robinvdmarkt.nl: could not connect to host
+robin-novotny.com: could not connect to host
+robinadr.com: could not connect to host
robomonkey.org: could not connect to host
robteix.com: did not receive HSTS header
-robtex.com: did not receive HSTS header
robtex.net: did not receive HSTS header
robtex.org: did not receive HSTS header
robust.ga: could not connect to host
roc.net.au: could not connect to host
rochman.id: did not receive HSTS header
-rocket-wars.de: did not receive HSTS header
+rockcellar.ch: could not connect to host
rocketnet.ml: could not connect to host
rockeyscrivo.com: did not receive HSTS header
rocksberg.net: could not connect to host
rockz.io: did not receive HSTS header
rodarion.pl: could not connect to host
rodehutskors.net: could not connect to host
-rodinneodpoledne2018.cz: did not receive HSTS header
rodney.id.au: did not receive HSTS header
rodneybrooksjr.com: did not receive HSTS header
rodosto.com: did not receive HSTS header
-rody-design.com: could not connect to host
roelbazuin.com: did not receive HSTS header
roelf.org: did not receive HSTS header
+roeljoyas.com: did not receive HSTS header
roeper.party: could not connect to host
roesemann.email: could not connect to host
roffe.nu: did not receive HSTS header
+roflcopter.fr: did not receive HSTS header
rofrank.space: could not connect to host
rogeiro.net: could not connect to host
-roger101.com: could not connect to host
+roger101.com: did not receive HSTS header
rogerdat.ovh: could not connect to host
-roguefortgame.com: could not connect to host
rohanbassett.com: could not connect to host
rohankrishnadev.in: could not connect to host
rohlik.cz: did not receive HSTS header
roiscroll.com: did not receive HSTS header
roketix.co.uk: did not receive HSTS header
+roksolana.be: could not connect to host
rolandkolodziej.com: max-age too low: 86400
rolandslate.com: did not receive HSTS header
rolemaster.net: could not connect to host
rolroer.co.za: could not connect to host
romaimperator.com: did not receive HSTS header
+romainmuller.xyz: did not receive HSTS header
romans-place.me.uk: could not connect to host
romantic-quotes.co.uk: could not connect to host
romanticschemermovie.com: could not connect to host
@@ -13834,17 +14379,19 @@ romleg.cf: could not connect to host
roms.fun: could not connect to host
romulusapp.com: could not connect to host
ron2k.za.net: could not connect to host
+ronanrbr.com: did not receive HSTS header
rondoniatec.com.br: did not receive HSTS header
rondreis-planner.nl: could not connect to host
ronghexx.com: could not connect to host
ronvandordt.info: did not receive HSTS header
ronwo.de: max-age too low: 1
+ronzertnert.xyz: could not connect to host
roo.ie: did not receive HSTS header
rool.me: did not receive HSTS header
roolevoi.ru: could not connect to host
room-checkin24.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+roomongo.com: did not receive HSTS header
roosteroriginals.com: could not connect to host
-roosterpgplus.nl: did not receive HSTS header
rootbsd.at: could not connect to host
rootforum.org: did not receive HSTS header
rootrelativity.com: could not connect to host
@@ -13853,10 +14400,10 @@ rootwpn.com: could not connect to host
rop.io: did not receive HSTS header
roquecenter.org: did not receive HSTS header
roromendut.online: could not connect to host
-rorymcdaniel.com: did not receive HSTS header
+rorymcdaniel.com: could not connect to host
rosetiger.life: could not connect to host
-rosevillefacialplasticsurgery.com: did not receive HSTS header
rosewoodranch.com: did not receive HSTS header
+roshiya.co.in: could not connect to host
rosi-royal.com: could not connect to host
rospa100.com: did not receive HSTS header
rossclark.com: did not receive HSTS header
@@ -13877,7 +14424,6 @@ royal-forest.org: max-age too low: 0
royal-mangal.ch: could not connect to host
royal876.com: could not connect to host
royalhop.co: could not connect to host
-royalpub.net: did not receive HSTS header
royalsignaturecruise.com: could not connect to host
royaltube.net: could not connect to host
roychan.org: max-age too low: 0
@@ -13897,13 +14443,16 @@ rsf.io: could not connect to host
rsi.im: could not connect to host
rskuipers.com: did not receive HSTS header
rsldb.com: could not connect to host
+rsm-intern.de: could not connect to host
rsmaps.org: could not connect to host
rsmmail.com: did not receive HSTS header
rsships.com: could not connect to host
rstraining.co.uk: did not receive HSTS header
rstsecuritygroup.co.uk: could not connect to host
rtc.fun: could not connect to host
+rtfpessoa.xyz: did not receive HSTS header
rtho.me: did not receive HSTS header
+rttss.com: could not connect to host
rtvi.com: did not receive HSTS header
ru-music.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
ruarua.ml: could not connect to host
@@ -13911,13 +14460,11 @@ rubbereggs.ca: could not connect to host
rubbix.net: could not connect to host
rubecodeberg.com: could not connect to host
rubendv.be: did not receive HSTS header
-rubens.cloud: did not receive HSTS header
rubenschulz.nl: did not receive HSTS header
rubi-ka.net: max-age too low: 0
ruborr.se: did not receive HSTS header
rubysecurity.org: did not receive HSTS header
rubyshop.nl: could not connect to host
-rudelune.fr: could not connect to host
rudeotter.com: did not receive HSTS header
ruderverein-gelsenkirchen.de: did not receive HSTS header
rue-de-la-vieille.fr: did not receive HSTS header
@@ -13927,6 +14474,7 @@ rugs.ca: did not receive HSTS header
rugstorene.co.uk: did not receive HSTS header
ruhr3.de: could not connect to host
ruig.jp: could not connect to host
+ruigomes.me: did not receive HSTS header
ruitershoponline.nl: did not receive HSTS header
ruja.dk: did not receive HSTS header
rukhaiyar.com: could not connect to host
@@ -13937,28 +14485,31 @@ run-forrest.run: could not connect to host
runawebinar.nl: could not connect to host
runcarina.com: could not connect to host
rundumcolumn.xyz: could not connect to host
-runefake.com: could not connect to host
+runefake.com: did not receive HSTS header
+runementors.com: could not connect to host
runhardt.eu: did not receive HSTS header
runtl.com: did not receive HSTS header
runtondev.com: did not receive HSTS header
ruobiyi.com: could not connect to host
ruqu.nl: could not connect to host
rusadmin.biz: did not receive HSTS header
-rushball.net: could not connect to host
rusl.me: could not connect to host
+rusl.net: did not receive HSTS header
russmarshall.com: could not connect to host
+russpuss.ru: did not receive HSTS header
rustbyexample.com: did not receive HSTS header
rustfanatic.com: did not receive HSTS header
rustralasia.net: max-age too low: 0
-rusxakep.com: could not connect to host
ruurdboomsma.nl: could not connect to host
ruxit.com: did not receive HSTS header
rva.gov: could not connect to host
+rvender.cz: did not receive HSTS header
rvg.zone: could not connect to host
+rvoigt.eu: could not connect to host
rvolve.net: could not connect to host
rw-solutions.tech: could not connect to host
rwanderlust.com: did not receive HSTS header
-rxbn.de: could not connect to host
+rwgamernl.ml: could not connect to host
rxprep.com: did not receive HSTS header
rxt.social: could not connect to host
rxv.cc: could not connect to host
@@ -13969,8 +14520,10 @@ ryejuice.sytes.net: could not connect to host
rylin.net: did not receive HSTS header
rylore.com: could not connect to host
ryssland.guide: could not connect to host
+ryzex.de: could not connect to host
rzegroup.com: did not receive HSTS header
s-d-v.ch: could not connect to host
+s-mdb.com: max-age too low: 7776000
s-on.li: could not connect to host
s-rickroll-p.pw: could not connect to host
s.how: could not connect to host
@@ -13980,11 +14533,15 @@ s1mplescripts.de: could not connect to host
s1ris.org: did not receive HSTS header
s3cases.com: did not receive HSTS header
s3n.se: could not connect to host
-s4media.org: did not receive HSTS header
+s4ur0n.com: could not connect to host
saabwa.org: could not connect to host
sabatek.pl: did not receive HSTS header
+sabrinajoiasprontaentrega.com.br: could not connect to host
+sabtunes.com: did not receive HSTS header
sac-shop.com: did not receive HSTS header
+sacharidovejednotky.eu: could not connect to host
sachk.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+sackers.com: did not receive HSTS header
saco-ceso.com: could not connect to host
sadiejanehair.com: could not connect to host
sadsu.com: did not receive HSTS header
@@ -13998,6 +14555,7 @@ safemt.gov: could not connect to host
safepay.io: could not connect to host
saferedirect.link: could not connect to host
saferedirectlink.com: could not connect to host
+saferpost.com: could not connect to host
safesecret.info: did not receive HSTS header
safewings-nh.nl: could not connect to host
safing.me: could not connect to host
@@ -14006,7 +14564,9 @@ sagarhandicraft.com: could not connect to host
sagemontchurch.org: did not receive HSTS header
sageth.com: could not connect to host
sah3.net: could not connect to host
+saigonstar.de: could not connect to host
sail-nyc.com: did not receive HSTS header
+saimoe.org: did not receive HSTS header
saint-astier-triathlon.com: did not receive HSTS header
saintjohnlutheran.church: did not receive HSTS header
saintmichelqud.com: did not receive HSTS header
@@ -14017,14 +14577,14 @@ sakaserver.com: did not receive HSTS header
sakib.ninja: did not receive HSTS header
sakurabuff.com: could not connect to host
salaervergleich.com: did not receive HSTS header
-sale.sh: could not connect to host
+sale.sh: did not receive HSTS header
saleaks.org: could not connect to host
salearnership.co.za: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
saleslift.pl: could not connect to host
salishseawhalewatching.ca: could not connect to host
-salixcode.com: could not connect to host
sallysubs.com: could not connect to host
salmo23.com.br: could not connect to host
+salmonrecovery.gov: could not connect to host
salon-claudia.ch: could not connect to host
salonestella.it: could not connect to host
salserocafe.com: did not receive HSTS header
@@ -14032,13 +14592,13 @@ salserototal.com: could not connect to host
saltedskies.com: could not connect to host
saltra.online: could not connect to host
saltro.nl: did not receive HSTS header
+saludsexualmasculina.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
salvaalocombia.com: could not connect to host
salverainha.org: could not connect to host
salzamt.tk: could not connect to host
samanthahumphreysstudio.com: did not receive HSTS header
samaritan.tech: could not connect to host
samaritansnet.org: did not receive HSTS header
-samel.de: could not connect to host
sametovymesic.cz: could not connect to host
samin.tk: could not connect to host
saml2.com: could not connect to host
@@ -14054,19 +14614,20 @@ samsen.club: could not connect to host
samsonova.de: could not connect to host
samsungxoa.com: could not connect to host
samvanderkris.com: could not connect to host
-sanael.net: could not connect to host
+samvanderkris.xyz: did not receive HSTS header
+samyerkes.com: did not receive HSTS header
+san-mian-ka.ml: could not connect to host
sanalbayrak.com: could not connect to host
sanandreasstories.com: did not receive HSTS header
sanasalud.org: could not connect to host
sanatfilan.com: did not receive HSTS header
-sanatorionosti.com.ar: could not connect to host
sanatrans.com: could not connect to host
sanchez.adv.br: could not connect to host
sanderknape.com: did not receive HSTS header
sandviks.com: did not receive HSTS header
sanguoxiu.com: could not connect to host
sanhei.ch: did not receive HSTS header
-sanik.my: did not receive HSTS header
+sanik.my: could not connect to host
sanmuding.com: could not connect to host
sanradon.by: did not receive HSTS header
sansage.com.br: did not receive HSTS header
@@ -14083,7 +14644,6 @@ santmark.org: could not connect to host
santodomingocg.org: did not receive HSTS header
santorinibbs.com: did not receive HSTS header
santouri.be: could not connect to host
-saol.eu: could not connect to host
saotn.org: did not receive HSTS header
sapereaude.com.pl: did not receive HSTS header
sapphireblue.me: could not connect to host
@@ -14095,7 +14655,7 @@ sarahdoyley.com: could not connect to host
sarahlouisesearle.com: could not connect to host
sarahsweetlife.com: could not connect to host
sarahsweger.com: could not connect to host
-sarakas.com: could not connect to host
+sarakas.com: did not receive HSTS header
sarangsemutbandung.com: could not connect to host
sarindia.com: could not connect to host
sarindia.de: could not connect to host
@@ -14105,13 +14665,13 @@ sarkarischeme.in: could not connect to host
sarkisozleri.us: could not connect to host
sarndipity.com: could not connect to host
saruwebshop.co.za: could not connect to host
-sasanika.org: did not receive HSTS header
+sasrobotics.xyz: could not connect to host
sat.rent: did not receive HSTS header
satanichia.moe: could not connect to host
sativatunja.com: could not connect to host
satmep.com: did not receive HSTS header
satoshicrypt.com: did not receive HSTS header
-satragreen.com: did not receive HSTS header
+satragreen.com: could not connect to host
satrent.com: did not receive HSTS header
satrent.se: did not receive HSTS header
satriyowibowo.my.id: could not connect to host
@@ -14141,15 +14701,16 @@ savingbytes.com: did not receive HSTS header
savinggoliath.com: could not connect to host
savvysuit.com: did not receive HSTS header
saxol-group.com: could not connect to host
-saxotex.de: did not receive HSTS header
say-hanabi.com: could not connect to host
sayhanabi.com: could not connect to host
sazima.ru: did not receive HSTS header
sbm.cloud: could not connect to host
sbobetfun.com: did not receive HSTS header
sbox-archives.com: could not connect to host
+sbsrv.ml: could not connect to host
sby.de: did not receive HSTS header
sc4le.com: could not connect to host
+scaffoldhireeastrand.co.za: did not receive HSTS header
scaffoldhirefourways.co.za: did not receive HSTS header
scaffoldhirerandburg.co.za: did not receive HSTS header
scaffoldhiresandton.co.za: did not receive HSTS header
@@ -14161,10 +14722,12 @@ schaafenstrasse.koeln: could not connect to host
schachburg.de: did not receive HSTS header
schadegarant.net: could not connect to host
schalkoortbv.nl: did not receive HSTS header
+schatmeester.be: could not connect to host
schau-rein.co.at: did not receive HSTS header
schauer.so: could not connect to host
schd.io: did not receive HSTS header
schermreparatierotterdam.nl: did not receive HSTS header
+schil.li: could not connect to host
schippers-it.nl: did not receive HSTS header
schlabbi.com: did not receive HSTS header
schmelzle.io: could not connect to host
@@ -14173,8 +14736,9 @@ schmitt.ovh: could not connect to host
schmitt.ws: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
schmitz.link: could not connect to host
schneider-electric.tg: did not receive HSTS header
-schnell-abnehmen.tips: did not receive HSTS header
+schnell-abnehmen.tips: could not connect to host
schnell-gold.com: could not connect to host
+schnellsuche.de: could not connect to host
scholl.io: could not connect to host
school.in.th: could not connect to host
schooli.io: could not connect to host
@@ -14187,17 +14751,16 @@ schreiber-netzwerk.eu: did not receive HSTS header
schreibnacht.de: did not receive HSTS header
schreinerei-wortmann.de: did not receive HSTS header
schrikdraad.net: did not receive HSTS header
-schritt4fit.de: did not receive HSTS header
schrodinger.io: could not connect to host
schroepfglas-versand.de: did not receive HSTS header
schroettle.com: did not receive HSTS header
schulterglatzen-altenwalde.de: could not connect to host
schur-it.de: could not connect to host
schwarzkopfforyou.de: did not receive HSTS header
-schwarzwaldcon.de: could not connect to host
+schwarzwaldcon.de: did not receive HSTS header
schwedenhaus.ag: did not receive HSTS header
schweiz.guide: could not connect to host
-schweizerbolzonello.net: did not receive HSTS header
+schweizerbolzonello.net: could not connect to host
schwerkraftlabor.de: did not receive HSTS header
schwetz.net: could not connect to host
sci-internet.tk: could not connect to host
@@ -14208,13 +14771,13 @@ scienceathome.org: did not receive HSTS header
sciencemonster.co.uk: could not connect to host
scionasset.com: did not receive HSTS header
scivillage.com: did not receive HSTS header
+sckc.stream: could not connect to host
sclgroup.cc: did not receive HSTS header
scm-2017.org: could not connect to host
scooshonline.co.uk: did not receive HSTS header
scopea.fr: max-age too low: 0
score-savers.com: max-age too low: 10540800
scores4schools.com: could not connect to host
-scorobudem.ru: could not connect to host
scotbirchfield.com: did not receive HSTS header
scottainslie.me.uk: could not connect to host
scottdial.com: did not receive HSTS header
@@ -14222,6 +14785,8 @@ scottferguson.com.au: did not receive HSTS header
scotthel.me: did not receive HSTS header
scotthelme.com: did not receive HSTS header
scottnicol.co.uk: could not connect to host
+scottstorey.co.uk: did not receive HSTS header
+scottynordstrom.org: could not connect to host
scourt.info: max-age too low: 0
scourt.org.ua: could not connect to host
scoutdb.ch: did not receive HSTS header
@@ -14238,11 +14803,15 @@ scrion.com: could not connect to host
script.google.com: did not receive HSTS header (error ignored - included regardless)
scriptenforcer.net: could not connect to host
scripthost.org: could not connect to host
-scriptict.nl: could not connect to host
+scriptict.nl: did not receive HSTS header
scriptjunkie.us: could not connect to host
scrollstory.com: did not receive HSTS header
scruffymen.com: could not connect to host
scrumplex.net: did not receive HSTS header
+sctm.at: could not connect to host
+scw.nz: could not connect to host
+scwilliams.co.uk: could not connect to host
+scwilliams.uk: could not connect to host
sdhmanagementgroup.com: could not connect to host
sdia.ru: could not connect to host
sdl-corporatesite-staging.azurewebsites.net: did not receive HSTS header
@@ -14258,18 +14827,18 @@ seans.cc: did not receive HSTS header
seanstrout.com: did not receive HSTS header
seansyardservice.com: did not receive HSTS header
searchgov.gov.il: did not receive HSTS header
-searchshops.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+searchshops.com: could not connect to host
searx.pw: could not connect to host
+searx.xyz: did not receive HSTS header
+seavancouver.com: did not receive HSTS header
sebastian-bair.de: could not connect to host
sebastian-lutsch.de: could not connect to host
sebastian-schmidt.me: did not receive HSTS header
sebastianhampl.de: could not connect to host
sebastianpedersen.com: did not receive HSTS header
sebastiensenechal.com: did not receive HSTS header
+sebi.cf: could not connect to host
sebster.com: did not receive HSTS header
-sec44.com: could not connect to host
-sec44.net: could not connect to host
-sec44.org: could not connect to host
sec4share.me: did not receive HSTS header
secandtech.com: could not connect to host
secanje.nl: did not receive HSTS header
@@ -14278,7 +14847,7 @@ seccomp.ru: did not receive HSTS header
seceye.cn: could not connect to host
secitem.at: did not receive HSTS header
secitem.de: could not connect to host
-secitem.eu: did not receive HSTS header
+secitem.eu: could not connect to host
secnet.ga: could not connect to host
secondary-survivor.com: could not connect to host
secondary-survivor.help: could not connect to host
@@ -14288,11 +14857,13 @@ secondarysurvivorportal.com: could not connect to host
secondarysurvivorportal.help: could not connect to host
secondbike.co.uk: did not receive HSTS header
secondbyte.nl: could not connect to host
-secondpay.nl: could not connect to host
+secondpay.nl: did not receive HSTS header
secondspace.ca: could not connect to host
+secpoc.online: could not connect to host
secretnation.net: did not receive HSTS header
secretofanah.com: could not connect to host
secretpanties.com: could not connect to host
+secretum.tech: did not receive HSTS header
sectest.ml: could not connect to host
sectia22.ro: could not connect to host
secur3.us: did not receive HSTS header
@@ -14312,19 +14883,19 @@ securita.eu: did not receive HSTS header
security-carpet.com: could not connect to host
security-thoughts.org: could not connect to host
security.google.com: did not receive HSTS header (error ignored - included regardless)
-security.love: could not connect to host
security.xn--q9jyb4c: could not connect to host
securityarena.com: could not connect to host
securitybrief.asia: did not receive HSTS header
securitybrief.co.nz: did not receive HSTS header
securitybrief.com.au: did not receive HSTS header
securitybrief.eu: did not receive HSTS header
-securitybsides.pl: could not connect to host
+securitybsides.pl: did not receive HSTS header
+securitycamerasaustin.net: did not receive HSTS header
+securitycamerasjohnsoncity.com: could not connect to host
securityglance.com: could not connect to host
securityinet.biz: did not receive HSTS header
securityinet.net: did not receive HSTS header
securityinet.org.il: could not connect to host
-securitymap.wiki: could not connect to host
securitysoapbox.com: could not connect to host
securitytalk.pl: could not connect to host
securitytestfan.gov: could not connect to host
@@ -14344,6 +14915,7 @@ seefunk.net: did not receive HSTS header
seehimnaked.com: could not connect to host
seehimnude.com: could not connect to host
seehisnudes.com: could not connect to host
+seekthe.net: could not connect to host
seele.ca: could not connect to host
seemeasaperson.com: did not receive HSTS header
seen.life: could not connect to host
@@ -14358,6 +14930,7 @@ selecadm.name: could not connect to host
selectary.com: could not connect to host
selectcertifiedautos.com: did not receive HSTS header
selectruckscalltrackingreports.com: could not connect to host
+selent.me: could not connect to host
seleondar.ru: did not receive HSTS header
selfdefenserx.com: did not receive HSTS header
selfhosters.com: could not connect to host
@@ -14368,10 +14941,13 @@ selldorado.com: could not connect to host
sellercritic.com: did not receive HSTS header
sellocdn.com: could not connect to host
sellservs.co.za: could not connect to host
-semantheme.fr: did not receive HSTS header
+seltendoof.de: could not connect to host
+semantheme.fr: could not connect to host
semen3325.xyz: could not connect to host
semenkovich.com: did not receive HSTS header
sementes.gratis: could not connect to host
+semianalog.com: could not connect to host
+semmlers.com: did not receive HSTS header
semps-servers.de: could not connect to host
sendash.com: did not receive HSTS header
sendmeback.de: did not receive HSTS header
@@ -14382,13 +14958,18 @@ senseye.io: did not receive HSTS header
sensiblemn.org: could not connect to host
sensibus.com: did not receive HSTS header
sensoft-int.com: could not connect to host
+sensoft-int.net: could not connect to host
sensualism.com: could not connect to host
-seo-lagniappe.com: did not receive HSTS header
+sentic.info: did not receive HSTS header
+seo-lagniappe.com: could not connect to host
seoarchive.org: could not connect to host
seobot.com.au: could not connect to host
+seoenmexico.com.mx: did not receive HSTS header
seohochschule.de: could not connect to host
+seoium.com: did not receive HSTS header
seokay.com: did not receive HSTS header
seolaba.io: could not connect to host
+seolib.org: could not connect to host
seomarketingdeals.com: did not receive HSTS header
seomen.biz: could not connect to host
seomobo.com: could not connect to host
@@ -14396,10 +14977,11 @@ seosanantonioinc.com: did not receive HSTS header
seoscribe.net: could not connect to host
seotronix.net: did not receive HSTS header
seowarp.net: did not receive HSTS header
-sep23.ru: could not connect to host
+sep23.ru: did not receive HSTS header
sepakbola.win: could not connect to host
sephr.com: did not receive HSTS header
sepie.gob.es: did not receive HSTS header
+septakkordeon.de: could not connect to host
seq.tf: did not receive HSTS header
sequatchiecountytn.gov: could not connect to host
serafin.tech: could not connect to host
@@ -14410,6 +14992,7 @@ serfdom.io: did not receive HSTS header
sergivb01.me: did not receive HSTS header
serized.pw: could not connect to host
serkaneles.com: did not receive HSTS header
+servdiscount.com: did not receive HSTS header
servecrypt.com: could not connect to host
servecrypt.net: could not connect to host
servecrypt.ru: could not connect to host
@@ -14427,13 +15010,13 @@ servicevie.com: did not receive HSTS header
servpanel.de: did not receive HSTS header
servu.de: did not receive HSTS header
servx.ru: did not receive HSTS header
-serwusik.pl: did not receive HSTS header
seryo.moe: could not connect to host
seryo.net: could not connect to host
seryovpn.com: could not connect to host
sesha.co.za: could not connect to host
sethoedjo.com: could not connect to host
setkit.net: could not connect to host
+setterirlandes.com.br: could not connect to host
setuid.de: could not connect to host
sevenet.pl: did not receive HSTS header
sevenhearts.online: could not connect to host
@@ -14444,17 +15027,16 @@ sexgarage.de: could not connect to host
sexocomgravidas.com: could not connect to host
sexoyrelax.com: could not connect to host
sexpay.net: could not connect to host
-sexplicit.co.uk: did not receive HSTS header
sexshopfacil.com.br: could not connect to host
sexshopnet.com.br: could not connect to host
sexshopsgay.com: did not receive HSTS header
sexwork.net: could not connect to host
sexymassageoil.com: could not connect to host
seyahatsagliksigortalari.com: could not connect to host
-seydaozcan.com: did not receive HSTS header
seyr.it: could not connect to host
sfashion.si: did not receive HSTS header
sfaturiit.ro: could not connect to host
+sfcomercio.com.br: could not connect to host
sfhobbies.com.br: could not connect to host
sfsltd.com: did not receive HSTS header
sgovaard.nl: did not receive HSTS header
@@ -14491,13 +15073,14 @@ shag-shag.ru: could not connect to host
shagi29.ru: did not receive HSTS header
shahbeat.com: could not connect to host
shaitan.eu: could not connect to host
-shakebox.de: could not connect to host
shandonsg.co.uk: could not connect to host
shanekoster.net: did not receive HSTS header
-shanesage.com: did not receive HSTS header
+shanesage.com: could not connect to host
+shanewadleigh.com: did not receive HSTS header
shang-yu.cn: could not connect to host
+shangzhen.site: could not connect to host
shanxiapark.com: could not connect to host
-shanyhs.com: did not receive HSTS header
+shanyhs.com: could not connect to host
shapesedinburgh.co.uk: did not receive HSTS header
shardsoft.com: could not connect to host
shareeri.com: could not connect to host
@@ -14514,9 +15097,8 @@ shariahlawcenter.org: could not connect to host
sharialawcenter.com: could not connect to host
sharialawcenter.org: could not connect to host
sharingcode.com: did not receive HSTS header
+sharkie.org.za: did not receive HSTS header
sharpe-practice.co.uk: could not connect to host
-sharperedge.pw: could not connect to host
-sharperedgecomputers.com: could not connect to host
shasso.com: did not receive HSTS header
shatorin.com: did not receive HSTS header
shauncrowley.co.uk: could not connect to host
@@ -14527,9 +15109,11 @@ shawnh.net: could not connect to host
shawnstarrcustomhomes.com: did not receive HSTS header
shawnwilson.info: could not connect to host
shazbots.org: could not connect to host
+shellot.com: could not connect to host
shellsec.pw: did not receive HSTS header
-shemissed.me: did not receive HSTS header
+shemissed.me: could not connect to host
shena.co.uk: could not connect to host
+shengrenyu.com: could not connect to host
shentengtu.idv.tw: could not connect to host
shep.co.il: did not receive HSTS header
sheratan.web.id: could not connect to host
@@ -14548,6 +15132,7 @@ shiftnrg.org: did not receive HSTS header
shiftplanning.com: did not receive HSTS header
shiinko.com: could not connect to host
shikinobi.com: did not receive HSTS header
+shin-inc.jp: did not receive HSTS header
shindorei.fr: could not connect to host
shinebijoux.com.br: could not connect to host
shinju.moe: could not connect to host
@@ -14559,9 +15144,11 @@ shipping24h.com: could not connect to host
shippingbo.com: did not receive HSTS header
shiroki-k.net: could not connect to host
shirosaki.org: could not connect to host
+shishamania.de: could not connect to host
shishkin.link: did not receive HSTS header
shitfest.info: did not receive HSTS header
shitposting.life: could not connect to host
+shivamber.com: did not receive HSTS header
shk.im: could not connect to host
shlemenkov.by: could not connect to host
shm-forum.org.uk: could not connect to host
@@ -14570,12 +15157,14 @@ shocksrv.com: did not receive HSTS header
shoemuse.com: did not receive HSTS header
shooshosha.com: could not connect to host
shootpooloklahoma.com: could not connect to host
-shop.fr: max-age too low: 0
+shop.fr: did not receive HSTS header
shopdopastor.com.br: could not connect to host
shopherbal.co.za: could not connect to host
+shophisway.com: could not connect to host
shopods.com: did not receive HSTS header
shopontarget.com: did not receive HSTS header
shoppeno5.com: did not receive HSTS header
+shoppia.se: did not receive HSTS header
shoppingreview.org: did not receive HSTS header
shoprose.ru: could not connect to host
shoprsc.com: could not connect to host
@@ -14590,8 +15179,10 @@ showdepiscinas.com.br: did not receive HSTS header
shower.im: did not receive HSTS header
showkeeper.tv: did not receive HSTS header
showroom.de: did not receive HSTS header
+shoxmusic.net: max-age too low: 2592000
shred.ch: could not connect to host
shredoptics.ch: could not connect to host
+shreyansh26.me: could not connect to host
shtorku.com: could not connect to host
shu-kin.net: did not receive HSTS header
shukatsu-note.com: could not connect to host
@@ -14609,7 +15200,6 @@ siammedia.co: could not connect to host
siamojo.com: could not connect to host
sianimacion.com: could not connect to host
siao-mei.com: did not receive HSTS header
-siberkulupler.com: could not connect to host
sichere-kartenakzeptanz.de: could not connect to host
siciliadigitale.pro: could not connect to host
sicklepod.com: could not connect to host
@@ -14623,20 +15213,19 @@ sifreuret.com: could not connect to host
signere.com: could not connect to host
signere.no: did not receive HSTS header
signoracle.com: could not connect to host
-signosquecombinam.com.br: could not connect to host
+signosquecombinam.com.br: did not receive HSTS header
signsdance.uk: could not connect to host
sigsegv.run: did not receive HSTS header
sihaizixun.net: could not connect to host
siikarantacamping.fi: did not receive HSTS header
-sijimi.cn: could not connect to host
+sijimi.cn: did not receive HSTS header
sijmenschoon.nl: did not receive HSTS header
sikatehtaat.fi: could not connect to host
siku.pro: could not connect to host
silentcircle.com: did not receive HSTS header
silentcircle.org: could not connect to host
-silentexplosion.de: could not connect to host
silentlink.io: could not connect to host
-silentmode.com: max-age too low: 0
+silentmode.com: max-age too low: 7889238
silicagelpackets.ca: did not receive HSTS header
silke-hunde.de: did not receive HSTS header
silqueskineyeserum.com: could not connect to host
@@ -14645,8 +15234,10 @@ silver-drachenkrieger.de: did not receive HSTS header
silverartcollector.com: did not receive HSTS header
silverback.is: did not receive HSTS header
silvergoldbull.ba: could not connect to host
+silvergoldbull.kg: could not connect to host
silvergoldbull.lt: could not connect to host
silvergoldbull.md: could not connect to host
+silvergoldbull.ml: could not connect to host
silvergoldbull.ph: could not connect to host
silverhome.ninja: could not connect to host
silverpvp.com: could not connect to host
@@ -14654,9 +15245,7 @@ silverstartup.sk: could not connect to host
silviamacallister.com: did not receive HSTS header
silvistefi.com: could not connect to host
sim-sim.appspot.com: did not receive HSTS header
-sim4seed.org: could not connect to host
simbast.com: could not connect to host
-simbihaiti.com: max-age too low: 7889238
simbol.id: could not connect to host
simbolo.co.uk: could not connect to host
simccorp.com: could not connect to host
@@ -14675,6 +15264,7 @@ simonkjellberg.se: did not receive HSTS header
simonsaxon.com: did not receive HSTS header
simonschmitt.ch: could not connect to host
simonsmh.cc: did not receive HSTS header
+simotrescu.ro: could not connect to host
simpan.id: could not connect to host
simpeo.fr: did not receive HSTS header
simpeo.org: did not receive HSTS header
@@ -14687,12 +15277,14 @@ simplesamlphp.org: did not receive HSTS header
simplexsupport.com: did not receive HSTS header
simplixos.org: could not connect to host
simplyenak.com: did not receive HSTS header
+simplyrara.com: did not receive HSTS header
sims4hub.ga: could not connect to host
simtin-net.de: could not connect to host
simumiehet.com: could not connect to host
simyo.nl: did not receive HSTS header
sin30.net: could not connect to host
sincai666.com: could not connect to host
+sinceschool.com: could not connect to host
sinclairmoving.com: did not receive HSTS header
sincron.org: could not connect to host
sinful.pw: could not connect to host
@@ -14701,6 +15293,7 @@ singerwang.com: could not connect to host
singles-berlin.de: could not connect to host
singul4rity.com: could not connect to host
sinkip.com: could not connect to host
+sinn.io: could not connect to host
sinneserweiterung.de: could not connect to host
sinon.org: did not receive HSTS header
sinoscandinavia.se: could not connect to host
@@ -14711,13 +15304,13 @@ sinusbot.online: did not receive HSTS header
sion.moe: did not receive HSTS header
sipsik.net: did not receive HSTS header
siqi.wang: could not connect to host
-sirburton.com: did not receive HSTS header
+sirburton.com: could not connect to host
siriad.com: could not connect to host
sirius-lee.net: could not connect to host
siro.gq: did not receive HSTS header
-siroop.ch: max-age too low: 86400
+siroop.ch: did not receive HSTS header
sisgopro.com: could not connect to host
-sistemasespecializados.com: did not receive HSTS header
+sistemasespecializados.com: could not connect to host
sistemlash.com: did not receive HSTS header
sistemos.net: could not connect to host
sistersurprise.de: did not receive HSTS header
@@ -14730,28 +15323,33 @@ sitennisclub.com: did not receive HSTS header
siterip.org: could not connect to host
sites.google.com: did not receive HSTS header (error ignored - included regardless)
sitesforward.com: did not receive HSTS header
-sitesource101.com: could not connect to host
+sitesource101.com: did not receive HSTS header
sitesten.com: did not receive HSTS header
+sitesuccessful.com: did not receive HSTS header
+sitsy.ru: did not receive HSTS header
sittinginoblivion.com: did not receive HSTS header
sizingservers.be: did not receive HSTS header
sizzle.co.uk: did not receive HSTS header
sja-se-training.com: could not connect to host
+sjatsh.com: could not connect to host
+sjdaws.com: could not connect to host
sjdtaxi.com: did not receive HSTS header
sjhyl11.com: could not connect to host
sjsc.fr: did not receive HSTS header
sjsmith.id.au: did not receive HSTS header
+sjv4u.ch: did not receive HSTS header
sjzebs.com: did not receive HSTS header
sjzget.com: did not receive HSTS header
sjzybs.com: did not receive HSTS header
skandiabanken.no: did not receive HSTS header
skaraborgsassistans.com: did not receive HSTS header
skarox.com: could not connect to host
+skarox.ee: could not connect to host
skarox.eu: could not connect to host
skarox.net: could not connect to host
skarox.ru: could not connect to host
skates.guru: did not receive HSTS header
skday.com: did not receive HSTS header
-sketchywebsite.net: did not receive HSTS header
ski-insurance.com.au: did not receive HSTS header
skidstresser.com: could not connect to host
skiinstructor.services: did not receive HSTS header
@@ -14765,18 +15363,19 @@ skinbet.co: could not connect to host
skinmarket.co: could not connect to host
skischuleulm.de: did not receive HSTS header
skk.io: could not connect to host
+sklotechnik.cz: did not receive HSTS header
skocia.net: did not receive HSTS header
skoda-clever-lead.de: could not connect to host
skoda-im-dialog.de: could not connect to host
skoda-nurdiebesten.de: did not receive HSTS header
skoda-service-team-cup.de: did not receive HSTS header
skomski.org: did not receive HSTS header
-skotty.io: did not receive HSTS header
skpdev.net: could not connect to host
skrimix.tk: could not connect to host
skrivande.co: could not connect to host
skullhouse.nyc: could not connect to host
sky-aroma.com: could not connect to host
+sky-universe.net: did not receive HSTS header
skyasker.cn: could not connect to host
skyasker.com: could not connect to host
skybloom.com: could not connect to host
@@ -14785,7 +15384,8 @@ skyflix.me: could not connect to host
skyline.link: could not connect to host
skyline.tw: did not receive HSTS header
skylocker.net: could not connect to host
-skylocker.nl: could not connect to host
+skylocker.nl: did not receive HSTS header
+skynetz.tk: could not connect to host
skyoy.com: did not receive HSTS header
skypeassets.com: could not connect to host
skypoker.com: could not connect to host
@@ -14796,7 +15396,8 @@ skyvault.io: could not connect to host
skyveo.ml: did not receive HSTS header
skyway.capital: did not receive HSTS header
skyworldserver.ddns.net: could not connect to host
-sl1pkn07.wtf: max-age too low: 2592000
+sl0.us: did not receive HSTS header
+sl1pkn07.wtf: could not connect to host
slaps.be: could not connect to host
slash-dev.de: did not receive HSTS header
slash64.co.uk: could not connect to host
@@ -14806,6 +15407,7 @@ slashand.co: could not connect to host
slashbits.no: did not receive HSTS header
slashdesign.it: did not receive HSTS header
slashem.me: did not receive HSTS header
+slatemc.fun: could not connect to host
slattery.co: did not receive HSTS header
slauber.de: did not receive HSTS header
sld08.com: did not receive HSTS header
@@ -14815,11 +15417,12 @@ sleepstar.com.mt: did not receive HSTS header
sliceone.com: could not connect to host
slicketl.com: did not receive HSTS header
slicss.com: could not connect to host
+slides.zone: could not connect to host
slightfuture.click: could not connect to host
-slightfuture.com: did not receive HSTS header
slimk1nd.nl: could not connect to host
slimmerbouwen.be: did not receive HSTS header
slingo.com: did not receive HSTS header
+slingoweb.com: did not receive HSTS header
slix.io: could not connect to host
sln.cloud: could not connect to host
slope.haus: could not connect to host
@@ -14835,6 +15438,7 @@ slycurity.de: could not connect to host
slytech.ch: could not connect to host
smallcdn.rocks: could not connect to host
smallchat.nl: could not connect to host
+smallcloudsolutions.co.za: could not connect to host
smallplanet.ch: did not receive HSTS header
smallshopit.com: did not receive HSTS header
smart-mirror.de: did not receive HSTS header
@@ -14845,27 +15449,26 @@ smartboleta.com: did not receive HSTS header
smartbuyelectric.com: could not connect to host
smartcoin.com.br: could not connect to host
smarterskies.gov: did not receive HSTS header
+smartest-trading.com: could not connect to host
smarthomedna.com: did not receive HSTS header
smartietop.com: could not connect to host
smartit.pro: did not receive HSTS header
smartlend.se: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+smartmompicks.com: did not receive HSTS header
smartofficesandsmarthomes.com: did not receive HSTS header
smartofficeusa.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
smartphone.continental.com: could not connect to host
smartrade.tech: did not receive HSTS header
smartrak.co.nz: did not receive HSTS header
-smartshoppers.es: did not receive HSTS header
-smartwank.com: could not connect to host
smartwritingservice.com: could not connect to host
smcbox.com: did not receive HSTS header
smdev.fr: could not connect to host
smet.us: could not connect to host
-smexpt.com: did not receive HSTS header
smi-a.me: could not connect to host
smileawei.com: could not connect to host
smimea.com: did not receive HSTS header
smirkingwhorefromhighgarden.pro: could not connect to host
-smithchow.com: could not connect to host
+smith.is: could not connect to host
smittix.co.uk: did not receive HSTS header
smkn1lengkong.sch.id: did not receive HSTS header
smksi2.com: could not connect to host
@@ -14874,6 +15477,11 @@ sml.lc: could not connect to host
smmcab.ru: could not connect to host
smmcab.website: could not connect to host
smokinghunks.com: could not connect to host
+smoothics.at: could not connect to host
+smoothics.com: could not connect to host
+smoothics.eu: could not connect to host
+smoothics.mobi: could not connect to host
+smoothics.net: could not connect to host
smove.sg: did not receive HSTS header
smplix.com: could not connect to host
smries.com: could not connect to host
@@ -14884,7 +15492,7 @@ smspodmena.ru: could not connect to host
smtp.bz: did not receive HSTS header
smtpdev.com: could not connect to host
smuhelper.cn: could not connect to host
-smusg.com: could not connect to host
+smusg.com: did not receive HSTS header
snafarms.com: did not receive HSTS header
snailing.org: could not connect to host
snake.dog: could not connect to host
@@ -14901,16 +15509,15 @@ snic.website: could not connect to host
sniderman.pro: could not connect to host
sniderman.xyz: could not connect to host
snip.host: could not connect to host
-snippet.host: could not connect to host
snod.land: did not receive HSTS header
snoot.club: did not receive HSTS header
snoozedds.com: max-age too low: 600
snoqualmiefiber.org: could not connect to host
+snoringhq.com: did not receive HSTS header
snovey.com: could not connect to host
snow-online.de: could not connect to host
snowdy.eu: could not connect to host
snowdy.link: could not connect to host
-snowyluma.com: could not connect to host
so-healthy.co.uk: did not receive HSTS header
sobabox.ru: could not connect to host
sobinski.pl: did not receive HSTS header
@@ -14936,8 +15543,9 @@ socketize.com: did not receive HSTS header
sockeye.cc: could not connect to host
socomponents.co.uk: could not connect to host
sodacore.com: could not connect to host
-soe-server.com: could not connect to host
+sodamakerclub.com: did not receive HSTS header
softballsavings.com: did not receive HSTS header
+softbebe.com: did not receive HSTS header
softclean.pt: did not receive HSTS header
softplaynation.co.uk: did not receive HSTS header
sogeek.me: could not connect to host
@@ -14960,7 +15568,7 @@ soljem.com: did not receive HSTS header
soll-i.ch: did not receive HSTS header
solosmusic.xyz: could not connect to host
solsystems.ru: did not receive HSTS header
-solus-project.com: could not connect to host
+solus-project.com: did not receive HSTS header
solutive.fi: did not receive HSTS header
solymar.co: could not connect to host
some.rip: max-age too low: 6307200
@@ -14973,6 +15581,7 @@ somethingsimilar.com: [Exception... "Component returned failure code: 0x80004005
somewherein.jp: did not receive HSTS header
sonafe.info: could not connect to host
sonerezh.bzh: did not receive HSTS header
+songluck.com: could not connect to host
sonialive.com: did not receive HSTS header
sonic.network: did not receive HSTS header
sonicrainboom.rocks: could not connect to host
@@ -14982,6 +15591,7 @@ sonja-kowa.de: could not connect to host
sonyforum.no: did not receive HSTS header
soobi.org: did not receive HSTS header
soondy.com: did not receive HSTS header
+soothemobilemassage.com.au: did not receive HSTS header
soply.com: could not connect to host
soporte.cc: could not connect to host
sorenam.com: could not connect to host
@@ -14996,6 +15606,7 @@ sosaka.ml: could not connect to host
sosecu.red: could not connect to host
sosiolog.com: did not receive HSTS header
sosko.in.rs: could not connect to host
+sotavasara.net: did not receive HSTS header
sotiran.com: did not receive HSTS header
sotor.de: did not receive HSTS header
soucorneteiro.com.br: could not connect to host
@@ -15003,13 +15614,14 @@ soulcraft.bz: could not connect to host
soulema.com: could not connect to host
soulfulglamour.uk: could not connect to host
soulsteer.com: could not connect to host
-soundbytemedia.com: did not receive HSTS header
soundedj.com.br: could not connect to host
soundforsound.co.uk: did not receive HSTS header
soundgasm.net: could not connect to host
soundsecurity.io: could not connect to host
+souqtajmeel.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
sourcecode.love: could not connect to host
sourcelair.com: did not receive HSTS header
+sourcely.net: could not connect to host
sourcitec.com: did not receive HSTS header
sous-surveillance.net: could not connect to host
southcoastkitesurf.co.uk: did not receive HSTS header
@@ -15038,6 +15650,7 @@ spacountryexplorer.org.au: did not receive HSTS header
spaggel.nl: did not receive HSTS header
spam.lol: could not connect to host
spamloco.net: did not receive HSTS header
+spamwc.de: did not receive HSTS header
spangehlassociates.com: did not receive HSTS header
spanien.guide: could not connect to host
sparelib.com: max-age too low: 3650
@@ -15045,10 +15658,11 @@ spark.team: could not connect to host
sparkbase.cn: could not connect to host
sparklingsparklers.com: did not receive HSTS header
sparkresearch.net: could not connect to host
-sparkreviewcenter.com: could not connect to host
+sparkreviewcenter.com: did not receive HSTS header
sparkwood.org: could not connect to host
sparmedo.de: did not receive HSTS header
sparsa.army: could not connect to host
+sparta-en.org: could not connect to host
sparta-trade.com: could not connect to host
spartantheatre.org: could not connect to host
spauted.com: could not connect to host
@@ -15058,6 +15672,7 @@ spdysync.com: could not connect to host
specialedesigns.com: could not connect to host
specialistnow.com.au: did not receive HSTS header
spectreattack.com: did not receive HSTS header
+spectrosoftware.de: could not connect to host
speculor.net: could not connect to host
spedplus.com.br: did not receive HSTS header
speed-mailer.com: could not connect to host
@@ -15072,10 +15687,12 @@ spendwise.com.au: could not connect to host
sperohub.com: could not connect to host
sperohub.io: could not connect to host
sperohub.lt: did not receive HSTS header
+spherenix.org: could not connect to host
sphinx.network: could not connect to host
spicydog.tk: could not connect to host
spicywombat.com: could not connect to host
spiegels.nl: did not receive HSTS header
+spiel-teppich.de: could not connect to host
spielcasinos.com: did not receive HSTS header
spikeykc.me: could not connect to host
spillersfamily.net: could not connect to host
@@ -15083,7 +15700,6 @@ spillmaker.no: did not receive HSTS header
spilsbury.io: could not connect to host
spineandscoliosis.com: did not receive HSTS header
spinner.dnshome.de: could not connect to host
-spinor.im: could not connect to host
spirit-dev.net: max-age too low: 0
spirit-hunters-germany.de: did not receive HSTS header
spiritbionic.ro: could not connect to host
@@ -15094,6 +15710,7 @@ spitfireuav.com: could not connect to host
spititout.it: could not connect to host
split.is: could not connect to host
splunk.zone: could not connect to host
+spoketwist.com: did not receive HSTS header
spokonline.com: could not connect to host
spon.cz: did not receive HSTS header
sponsorowani.pl: did not receive HSTS header
@@ -15101,7 +15718,6 @@ sponsortobias.com: could not connect to host
spontex.org: did not receive HSTS header
spookyinternet.com: could not connect to host
sporara.com: did not receive HSTS header
-sport-socken.net: did not receive HSTS header
sport247.bet: max-age too low: 2592000
sportchirp-internal.azurewebsites.net: did not receive HSTS header
sportflash.info: did not receive HSTS header
@@ -15115,10 +15731,10 @@ spot-events.com: could not connect to host
spotifyripper.tk: could not connect to host
spotlightsrule.com: could not connect to host
spotlightsrule.ddns.net: could not connect to host
+spotteredu.com: did not receive HSTS header
spr.id.au: could not connect to host
spreadsheets.google.com: did not receive HSTS header (error ignored - included regardless)
spresso.me: did not receive HSTS header
-spricknet.de: could not connect to host
sprigings.com: did not receive HSTS header
springsoffthegrid.com: could not connect to host
sprint.ml: did not receive HSTS header
@@ -15168,14 +15784,12 @@ ssn1.ru: did not receive HSTS header
sspanda.com: did not receive HSTS header
ssrvpn.tech: could not connect to host
sss3s.com: could not connect to host
-sstewartgallus.com: could not connect to host
ssworld.ga: could not connect to host
staack.com: could not connect to host
stabletoken.com: could not connect to host
staceyhankeinc.com: did not receive HSTS header
stackfiles.io: could not connect to host
stackhub.cc: could not connect to host
-stacktile.io: could not connect to host
stadionmanager.com: could not connect to host
stadjerspasonline.nl: could not connect to host
stadtgartenla.com: could not connect to host
@@ -15184,6 +15798,7 @@ staffjoystaging.com: could not connect to host
stagingjobshq.com: could not connect to host
stahl.xyz: did not receive HSTS header
stakestrategy.com: could not connect to host
+stalder.work: could not connect to host
stalkerhispano.com: max-age too low: 0
stalkthe.net: could not connect to host
stall-zur-linde.de: did not receive HSTS header
@@ -15195,6 +15810,7 @@ standardssuck.org: did not receive HSTS header
standingmist.com: did not receive HSTS header
standoutbooks.com: did not receive HSTS header
standuppaddlesports.com.au: did not receive HSTS header
+stang.moe: did not receive HSTS header
stannahtrapliften.nl: did not receive HSTS header
star-citizen.wiki: did not receive HSTS header
star-killer.net: could not connect to host
@@ -15208,6 +15824,7 @@ stardust-entertainments.co.uk: did not receive HSTS header
starease.net: could not connect to host
starfeeling.net: could not connect to host
stargatepartners.com: did not receive HSTS header
+starinvestors.in: did not receive HSTS header
starklane.com: max-age too low: 300
starlightentertainmentdevon.co.uk: did not receive HSTS header
starmusic.ga: could not connect to host
@@ -15215,6 +15832,7 @@ starplatinum.jp: could not connect to host
starquake.nl: could not connect to host
starsbattle.net: could not connect to host
starteesforsale.co.za: did not receive HSTS header
+startsamenvitaal.nu: did not receive HSTS header
startup.melbourne: could not connect to host
startuplevel.com: could not connect to host
startuponcloud.com: max-age too low: 2678400
@@ -15222,7 +15840,6 @@ startuppeople.co.uk: could not connect to host
startupum.ru: could not connect to host
starwatches.eu: could not connect to host
stash.ai: did not receive HSTS header
-stassi.ch: did not receive HSTS header
state-of-body-and-mind.com: could not connect to host
state-sponsored-actors.net: could not connect to host
statementinsertsforless.com: did not receive HSTS header
@@ -15250,12 +15867,15 @@ stdev.org: could not connect to host
steamhours.com: could not connect to host
steampunkrobot.com: did not receive HSTS header
steelbea.ms: could not connect to host
+steelmounta.in: could not connect to host
steelrhino.co: could not connect to host
steem.io: did not receive HSTS header
steenackers.be: did not receive HSTS header
stefanweiser.de: did not receive HSTS header
steffi-in-australien.com: could not connect to host
stellarvale.net: could not connect to host
+stellen.ch: did not receive HSTS header
+stellenticket.de: did not receive HSTS header
stem.is: did not receive HSTS header
stepbystep3d.com: did not receive HSTS header
steph-autoecole.ch: did not receive HSTS header
@@ -15268,6 +15888,9 @@ stephensolisrey.es: could not connect to host
steplogictalent.com: could not connect to host
sterjoski.com: did not receive HSTS header
stesti.cz: could not connect to host
+steuerberater-essen-steele.com: could not connect to host
+steuerkanzlei-und-wirtschaftsberater-manke.de: could not connect to host
+steve.kiwi: could not connect to host
stevechekblain.win: could not connect to host
stevengoodpaster.com: could not connect to host
stevenkwan.me: could not connect to host
@@ -15280,6 +15903,7 @@ sticklerjs.org: could not connect to host
stickmy.cn: could not connect to host
stickswag.cf: could not connect to host
stickswag.eu: could not connect to host
+stiens.de: did not receive HSTS header
stiffordacademy.org.uk: could not connect to host
stig.io: did not receive HSTS header
stiger.me: could not connect to host
@@ -15292,7 +15916,7 @@ stillyarts.com: did not receive HSTS header
stinkytrashhound.com: could not connect to host
stirlingpoon.net: could not connect to host
stirlingpoon.xyz: could not connect to host
-stitthappens.com: did not receive HSTS header
+stitthappens.com: could not connect to host
stjohnmiami.org: did not receive HSTS header
stjohnsc.com: could not connect to host
stkbn.com: could not connect to host
@@ -15301,6 +15925,7 @@ stl.news: max-age too low: 0
stlucasmuseum.org: did not receive HSTS header
stm32f4.jp: could not connect to host
stmbgr.com: could not connect to host
+stmkza.net: max-age too low: 0
stn.me.uk: did not receive HSTS header
stnl.de: could not connect to host
stockseyeserum.com: could not connect to host
@@ -15315,9 +15940,9 @@ stole-my.tv: could not connect to host
stolkschepen.nl: did not receive HSTS header
stomadental.com: did not receive HSTS header
stonecutterscommunity.com: could not connect to host
+stonefusion.org.uk: could not connect to host
stonemain.eu: could not connect to host
stonemanbrasil.com.br: could not connect to host
-stonewuu.com: could not connect to host
stopakwardhandshakes.org: could not connect to host
stopbreakupnow.org: could not connect to host
stopwoodfin.org: could not connect to host
@@ -15328,7 +15953,7 @@ store10.de: could not connect to host
storecove.com: did not receive HSTS header
storeden.com: did not receive HSTS header
storefrontify.com: could not connect to host
-storiesofhealth.org: did not receive HSTS header
+storiesofhealth.org: could not connect to host
stormhub.org: could not connect to host
stormwatcher.org: could not connect to host
stormyyd.com: max-age too low: 0
@@ -15336,14 +15961,23 @@ storytea.top: did not receive HSTS header
stpatricksguild.com: did not receive HSTS header
stqry.com: did not receive HSTS header
str0.at: did not receive HSTS header
+straightedgebarbers.ca: did not receive HSTS header
strangeplace.net: did not receive HSTS header
strangescout.me: could not connect to host
strasweb.fr: did not receive HSTS header
+stratuscloud.co.za: did not receive HSTS header
+stratuscloudconsulting.cn: did not receive HSTS header
+stratuscloudconsulting.co.uk: did not receive HSTS header
+stratuscloudconsulting.co.za: did not receive HSTS header
+stratuscloudconsulting.com: did not receive HSTS header
+stratuscloudconsulting.in: did not receive HSTS header
+stratuscloudconsulting.info: did not receive HSTS header
+stratuscloudconsulting.net: did not receive HSTS header
+stratuscloudconsulting.org: did not receive HSTS header
strbt.de: could not connect to host
strchr.com: did not receive HSTS header
stream-ing.xyz: could not connect to host
stream.pub: could not connect to host
-streamblur.net: could not connect to host
streamdesk.ca: did not receive HSTS header
streamer.tips: did not receive HSTS header
streamingeverywhere.com: could not connect to host
@@ -15356,12 +15990,13 @@ streamzilla.com: did not receive HSTS header
strehl.tk: could not connect to host
strelitzia02.com: could not connect to host
stressfreehousehold.com: could not connect to host
-stretchpc.com: could not connect to host
+strictlynormal.com: could not connect to host
strictlysudo.com: could not connect to host
-strife.tk: could not connect to host
+strife.tk: did not receive HSTS header
strila.me: could not connect to host
striptizer.tk: could not connect to host
strming.com: could not connect to host
+stroeder.com: could not connect to host
stroeercrm.de: could not connect to host
strongest-privacy.com: could not connect to host
struxureon.com: did not receive HSTS header
@@ -15375,8 +16010,11 @@ studentresearcher.org: did not receive HSTS header
studentskydenik.cz: could not connect to host
studenttravel.cz: did not receive HSTS header
studer.su: could not connect to host
+studiemeter.nl: did not receive HSTS header
+studiereader.nl: did not receive HSTS header
studinf.xyz: could not connect to host
-studio-panic.com: did not receive HSTS header
+studio-panic.com: could not connect to host
+studio-webdigi.com: did not receive HSTS header
studiocn.cn: could not connect to host
studiodoprazer.com.br: could not connect to host
studiozelden.com: did not receive HSTS header
@@ -15390,6 +16028,7 @@ studyhub.cf: did not receive HSTS header
studying-neet.com: could not connect to host
studytale.com: could not connect to host
stuff-fibre.co.nz: did not receive HSTS header
+stuffiwouldbuy.com: did not receive HSTS header
stugb.de: did not receive HSTS header
stumeta2018.de: could not connect to host
stupidstatetricks.com: could not connect to host
@@ -15397,10 +16036,12 @@ sturbi.de: did not receive HSTS header
sturbock.me: did not receive HSTS header
sturdio.com.br: could not connect to host
sturge.co.uk: did not receive HSTS header
+stuttgart-gablenberg.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+stuudium.cloud: could not connect to host
stuudium.life: could not connect to host
stylenda.com: could not connect to host
stylle.me: could not connect to host
-stytt.com: did not receive HSTS header
+stytt.com: could not connect to host
suaraangin.com: could not connect to host
suareforma.com: could not connect to host
suave.io: did not receive HSTS header
@@ -15420,9 +16061,9 @@ subzerotech.co.uk: could not connect to host
successwithflora.com: could not connect to host
succubus.network: could not connect to host
succubus.xxx: could not connect to host
-suche.org: could not connect to host
suchprogrammer.net: did not receive HSTS header
sudo.im: could not connect to host
+sudoschool.com: could not connect to host
sudosu.fr: could not connect to host
suempresa.cloud: could not connect to host
suffts.de: could not connect to host
@@ -15435,9 +16076,11 @@ suitocracy.com: could not connect to host
summer.ga: could not connect to host
summitbankofkc.com: did not receive HSTS header
summitmasters.net: did not receive HSTS header
+sumoatm.com: did not receive HSTS header
sumoscout.de: did not receive HSTS header
+sun-leo.co.jp: did not receive HSTS header
sun-wellness-online.com.vn: did not receive HSTS header
-sun.re: could not connect to host
+sun.re: did not receive HSTS header
suncountrymarine.com: did not receive HSTS header
sundaycooks.com: max-age too low: 2592000
suneilpatel.com: could not connect to host
@@ -15470,9 +16113,7 @@ superiorfloridavacation.com: could not connect to host
superklima.ro: did not receive HSTS header
superlandnetwork.de: could not connect to host
superlentes.com.br: could not connect to host
-supermarx.nl: could not connect to host
supernovabrasil.com.br: did not receive HSTS header
-supernt.lt: could not connect to host
superpase.com: could not connect to host
supersahnetorten.de: could not connect to host
supersalescontest.nl: did not receive HSTS header
@@ -15493,13 +16134,12 @@ surfeasy.com: did not receive HSTS header
surfone-leucate.com: did not receive HSTS header
surgiclinic.gr: did not receive HSTS header
surkatty.org: did not receive HSTS header
-surveyinstrumentsales.com: max-age too low: 84600
-survivalistplanet.com: could not connect to host
+suruifu.tk: could not connect to host
survivebox.fr: did not receive HSTS header
+susanvelez.com: did not receive HSTS header
susastudentenjobs.de: could not connect to host
susconam.org: could not connect to host
suseasky.com: did not receive HSTS header
-sushi.roma.it: did not receive HSTS header
sushifrick.de: could not connect to host
sushiwereld.be: did not receive HSTS header
susoccm.org: did not receive HSTS header
@@ -15517,7 +16157,7 @@ svarovani.tk: could not connect to host
svatba-frantovi.cz: could not connect to host
sve-hosting.nl: could not connect to host
svenbacia.me: could not connect to host
-svenskacasino.com: did not receive HSTS header
+svenskacasino.com: could not connect to host
svenskaservern.se: could not connect to host
svetdrzaku.cz: did not receive HSTS header
svetjakonadlani.cz: did not receive HSTS header
@@ -15527,15 +16167,16 @@ svj-stochovska.cz: could not connect to host
svjvn.cz: could not connect to host
swacp.com: could not connect to host
swaggerdile.com: could not connect to host
-swagsocial.net: could not connect to host
swaleacademiestrust.org.uk: max-age too low: 2592000
swallsoft.co.uk: could not connect to host
swallsoft.com: could not connect to host
swanseapartyhire.co.uk: could not connect to host
+swarlys-server.de: could not connect to host
swarmation.com: did not receive HSTS header
sway.com: did not receive HSTS header
swdatlantico.pt: could not connect to host
sweep.cards: did not receive HSTS header
+sweet-spatula.com: could not connect to host
sweetlegs.jp: could not connect to host
sweetstreats.ca: could not connect to host
sweetvanilla.jp: could not connect to host
@@ -15546,6 +16187,7 @@ swiftcrypto.com: could not connect to host
swiftpk.net: could not connect to host
swiggy.com: did not receive HSTS header
swimming.ca: did not receive HSTS header
+swimmingpoolaccidentattorney.net: could not connect to host
swingular.com: could not connect to host
swissentreprises.ch: could not connect to host
swissfreshaircan.com: could not connect to host
@@ -15561,13 +16203,11 @@ sx3.no: could not connect to host
sxbk.pw: could not connect to host
syam.cc: could not connect to host
syamuwatching.xyz: could not connect to host
-sychov.pro: could not connect to host
sydgrabber.tk: could not connect to host
sykl.us: could not connect to host
sylvaincombe.net: could not connect to host
sylvangarden.org: could not connect to host
sylvanorder.com: did not receive HSTS header
-symetria.io: max-age too low: 2592000
synackr.com: could not connect to host
synapticconsulting.co.uk: could not connect to host
syncaddict.net: could not connect to host
@@ -15600,6 +16240,7 @@ sytk.me: could not connect to host
syy.hk: did not receive HSTS header
szagun.net: did not receive HSTS header
szaszm.tk: could not connect to host
+szczot3k.pl: did not receive HSTS header
szerbnyelvkonyv.hu: could not connect to host
szlovaknyelv.hu: could not connect to host
szlovennyelv.hu: could not connect to host
@@ -15610,14 +16251,15 @@ t-ken.xyz: could not connect to host
t-point.eu: did not receive HSTS header
t-tz.com: could not connect to host
t0dd.eu: could not connect to host
-t3rror.net: could not connect to host
+t2000headphones.com: could not connect to host
+t2000laserpointers.com: could not connect to host
t4c-rebirth.com: could not connect to host
t4x.org: could not connect to host
taabe.xyz: could not connect to host
taartenfeesies.nl: did not receive HSTS header
tab.watch: did not receive HSTS header
taberu-fujitsubo.com: did not receive HSTS header
-tabhui.com: did not receive HSTS header
+tabhui.com: could not connect to host
tabitatsu.jp: did not receive HSTS header
tabla-periodica.com: could not connect to host
tachyonapp.com: could not connect to host
@@ -15658,16 +16300,17 @@ talklifestyle.nl: could not connect to host
talktwincities.com: could not connect to host
tallr.se: could not connect to host
tallshoe.com: could not connect to host
+talroo.com: could not connect to host
talsi.eu: could not connect to host
-tam7t.com: could not connect to host
-tamersunion.org: did not receive HSTS header
+tam7t.com: did not receive HSTS header
tamex.xyz: could not connect to host
-tamriel-rebuilt.org: could not connect to host
+tanak3n.xyz: could not connect to host
tandarts-haarlem.nl: did not receive HSTS header
tandblekningidag.com: could not connect to host
-tangerine.ga: could not connect to host
+tangerine.ga: did not receive HSTS header
tangibilizing.com: could not connect to host
tangiblesecurity.com: did not receive HSTS header
+tango-cats.de: could not connect to host
tangsisi.com: could not connect to host
tangyue.date: could not connect to host
tangzhao.net: could not connect to host
@@ -15684,18 +16327,21 @@ tapestries.tk: could not connect to host
tapfinder.ca: could not connect to host
tapka.cz: did not receive HSTS header
tappublisher.com: did not receive HSTS header
+taqun.club: could not connect to host
+taranis.re: could not connect to host
tarantul.org.ua: could not connect to host
taravancil.com: did not receive HSTS header
tarek.link: could not connect to host
targaryen.house: could not connect to host
-tarhauskielto.fi: could not connect to host
+tarhauskielto.fi: did not receive HSTS header
+tarots-et-oracles.com: did not receive HSTS header
tarsashaz-biztositas.hu: did not receive HSTS header
tartaros.fi: could not connect to host
taskstats.com: could not connect to host
tasmansecurity.com: could not connect to host
tassup.com: could not connect to host
tasta.ro: could not connect to host
-tasticfilm.com: did not receive HSTS header
+tasticfilm.com: could not connect to host
tastyyy.co: could not connect to host
tasyacherry-anal.com: could not connect to host
tatilbus.com: could not connect to host
@@ -15706,6 +16352,7 @@ tauchkater.de: could not connect to host
tavoittaja.fi: did not receive HSTS header
tavopica.lt: did not receive HSTS header
taxbench.com: could not connect to host
+taxi-24std.de: could not connect to host
taxiindenbosch.nl: did not receive HSTS header
taxmadras.com: could not connect to host
taxsnaps.co.nz: did not receive HSTS header
@@ -15719,8 +16366,10 @@ tbrss.com: did not receive HSTS header
tbtech.cz: did not receive HSTS header
tbys.us: could not connect to host
tc-bonito.de: did not receive HSTS header
+tcacademy.co.uk: could not connect to host
tcao.info: could not connect to host
tcby45.xyz: could not connect to host
+tchaka.top: could not connect to host
tcl.ath.cx: did not receive HSTS header
tcp.expert: did not receive HSTS header
tcptun.com: could not connect to host
@@ -15737,7 +16386,7 @@ tdsbhack.ga: could not connect to host
tdsbhack.gq: could not connect to host
tdsbhack.ml: could not connect to host
tdsbhack.tk: could not connect to host
-teacherph.net: could not connect to host
+teacherph.net: did not receive HSTS header
teachforcanada.ca: did not receive HSTS header
tealdrones.com: did not receive HSTS header
team-teasers.com: could not connect to host
@@ -15754,7 +16403,7 @@ teamsocial.co: did not receive HSTS header
teamx-gaming.de: could not connect to host
teamzeus.cz: could not connect to host
teaparty.id: could not connect to host
-tearoy.faith: could not connect to host
+tearoy.faith: did not receive HSTS header
teasenetwork.com: could not connect to host
tebieer.com: could not connect to host
tech-blog.fr: did not receive HSTS header
@@ -15763,7 +16412,9 @@ tech55i.com: could not connect to host
techandtux.de: could not connect to host
techask.it: could not connect to host
techassist.io: did not receive HSTS header
-techcavern.ml: did not receive HSTS header
+techbrawl.org: could not connect to host
+techcavern.ml: could not connect to host
+techcentric.com: did not receive HSTS header
techday.co.nz: did not receive HSTS header
techday.com: did not receive HSTS header
techday.com.au: did not receive HSTS header
@@ -15779,15 +16430,12 @@ techmasters.andover.edu: could not connect to host
techmatehq.com: could not connect to host
technicalforensic.com: could not connect to host
technicalpenguins.com: did not receive HSTS header
-technicalsystemsprocessing.com: did not receive HSTS header
-techniclab.net: could not connect to host
-techniclab.org: could not connect to host
-techniclab.ru: could not connect to host
-technikrom.org: did not receive HSTS header
technogroup.cz: did not receive HSTS header
+technologyand.me: did not receive HSTS header
technosavvyport.com: did not receive HSTS header
technosuport.com: did not receive HSTS header
technoswag.ca: could not connect to host
+technotonic.co.uk: could not connect to host
technotonic.com.au: did not receive HSTS header
techpointed.com: could not connect to host
techpro.net.br: did not receive HSTS header
@@ -15798,8 +16446,8 @@ techtrackerpro.com: could not connect to host
techtraveller.com.au: did not receive HSTS header
techtuts.info: could not connect to host
techunit.org: could not connect to host
+techvalue.gr: did not receive HSTS header
tecit.ch: could not connect to host
-tecnidev.com: could not connect to host
tecnimotos.com: did not receive HSTS header
tecnogaming.com: did not receive HSTS header
tecnologino.com: could not connect to host
@@ -15807,15 +16455,16 @@ tecture.de: did not receive HSTS header
tedovo.com: could not connect to host
tedxkmitl.com: could not connect to host
tee-idf.net: could not connect to host
-teedb.de: could not connect to host
teehaus-shila.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
teenerotic.net: could not connect to host
teeplelaw.com: did not receive HSTS header
-teesypeesy.com: did not receive HSTS header
+teesypeesy.com: max-age too low: 2592000
tefl.io: did not receive HSTS header
tegelsensanitaironline.nl: did not receive HSTS header
+tehcrayz.com: could not connect to host
tehotuotanto.net: did not receive HSTS header
tehplace.club: could not connect to host
+tehrankey.ir: did not receive HSTS header
tekiro.com: did not receive HSTS header
teknogeek.id: could not connect to host
teknologi.or.id: max-age too low: 36000
@@ -15823,6 +16472,7 @@ teknotes.co.uk: could not connect to host
tekshrek.com: did not receive HSTS header
teksuperior.com: could not connect to host
tektoria.de: did not receive HSTS header
+tektuts.com: could not connect to host
tel-dithmarschen.de: did not receive HSTS header
tele-assistance.ch: could not connect to host
teleallarme.ch: could not connect to host
@@ -15835,15 +16485,13 @@ telefonogratuito.com: did not receive HSTS header
telefonsinyalguclendirici.com: did not receive HSTS header
telefoonnummerinfo.nl: could not connect to host
telekollektiv.org: could not connect to host
+telepons.com: could not connect to host
telescam.com: could not connect to host
-teleshop.be: could not connect to host
-teletechnology.in: did not receive HSTS header
+teleshop.be: did not receive HSTS header
teletra.ru: could not connect to host
telfordwhitehouse.co.uk: did not receive HSTS header
-tellingua.com: could not connect to host
teltonica.com: did not receive HSTS header
telugu4u.net: could not connect to host
-temasa.net: did not receive HSTS header
temehu.com: did not receive HSTS header
tempcraft.net: could not connect to host
tempflix.com: could not connect to host
@@ -15852,7 +16500,6 @@ tempodecolheita.com.br: could not connect to host
tempus-aquilae.de: could not connect to host
ten-cafe.com: could not connect to host
tendertool.nl: could not connect to host
-tendoryu-aikido.org: did not receive HSTS header
tenerife-villas.com: max-age too low: 2592000
tengu.cloud: could not connect to host
tenispopular.com: could not connect to host
@@ -15863,14 +16510,18 @@ tennispensacola.com: could not connect to host
tensei-slime.com: did not receive HSTS header
tensionup.com: could not connect to host
tent.io: could not connect to host
+tentabrowser.com: could not connect to host
tentins.com: could not connect to host
teodio.cl: did not receive HSTS header
teos.online: could not connect to host
teoskanta.fi: could not connect to host
teranga.ch: did not receive HSTS header
tercerapuertoaysen.cl: could not connect to host
+termax.me: could not connect to host
+terminalvelocity.co.nz: could not connect to host
terra-x.net: could not connect to host
terra.by: did not receive HSTS header
+terrace.co.jp: did not receive HSTS header
terrax.berlin: could not connect to host
terrax.info: did not receive HSTS header
terrax.net: could not connect to host
@@ -15883,7 +16534,7 @@ test02.dk: did not receive HSTS header
testadren.com: could not connect to host
testadron.com: could not connect to host
testandroid.xyz: could not connect to host
-testbawks.com: could not connect to host
+testbawks.com: did not receive HSTS header
testbirds.cz: could not connect to host
testbirds.sk: could not connect to host
testdomain.ovh: could not connect to host
@@ -15892,12 +16543,12 @@ testnode.xyz: could not connect to host
testosterone-complex.com: could not connect to host
testovaci.ml: could not connect to host
testpornsite.com: could not connect to host
-tetrafinancial-commercial-business-equipment-financing.com: did not receive HSTS header
-tetrafinancial-energy-mining-equipment-financing.com: did not receive HSTS header
-tetrafinancial-healthcare-medical-equipment-financing.com: did not receive HSTS header
-tetrafinancial-manufacturing-industrial-equipment-financing.com: did not receive HSTS header
-tetrafinancial-news.com: did not receive HSTS header
-tetrafinancial-technology-equipment-software-financing.com: did not receive HSTS header
+tetrafinancial-commercial-business-equipment-financing.com: could not connect to host
+tetrafinancial-energy-mining-equipment-financing.com: could not connect to host
+tetrafinancial-healthcare-medical-equipment-financing.com: could not connect to host
+tetrafinancial-manufacturing-industrial-equipment-financing.com: could not connect to host
+tetrafinancial-news.com: could not connect to host
+tetrafinancial-technology-equipment-software-financing.com: could not connect to host
tetramax.eu: did not receive HSTS header
tetsai.com: could not connect to host
teufelsystem.de: could not connect to host
@@ -15918,7 +16569,6 @@ th-bl.de: did not receive HSTS header
th3nd.com: could not connect to host
thackert.myfirewall.org: could not connect to host
thagki9.com: did not receive HSTS header
-thai.land: could not connect to host
thaianthro.com: max-age too low: 0
thaigirls.xyz: could not connect to host
thaihostcool.com: did not receive HSTS header
@@ -15927,19 +16577,21 @@ thalmann.fr: did not receive HSTS header
thalskarth.com: did not receive HSTS header
thatgudstuff.com: could not connect to host
thatpodcast.io: did not receive HSTS header
-thatvizsla.life: could not connect to host
+thatvizsla.life: did not receive HSTS header
+thcpbees.co.uk: did not receive HSTS header
the-construct.com: could not connect to host
the-delta.net.eu.org: could not connect to host
the-digitale.com: did not receive HSTS header
the-earth-yui.net: could not connect to host
the-finance-blog.com: could not connect to host
the-gist.io: could not connect to host
-the-paddies.de: could not connect to host
+the-paddies.de: did not receive HSTS header
the-sky-of-valkyries.com: could not connect to host
the.ie: max-age too low: 0
the420vape.org: could not connect to host
theamateurs.net: did not receive HSTS header
-theamp.com: could not connect to host
+theamp.com: did not receive HSTS header
+thearcheryguide.com: did not receive HSTS header
theater.cf: could not connect to host
theavenuegallery.com: did not receive HSTS header
thebakingclass.com: max-age too low: 60
@@ -15968,12 +16620,12 @@ thecoffeepod.co.uk: did not receive HSTS header
thecozycastle.com: did not receive HSTS header
thecskr.in: did not receive HSTS header
thecsw.com: did not receive HSTS header
-thecuriousdev.com: did not receive HSTS header
+thecuriouscat.net: could not connect to host
thedailyupvote.com: could not connect to host
thedarkartsandcrafts.com: could not connect to host
thedebug.life: did not receive HSTS header
thedevilwearswibra.nl: did not receive HSTS header
-thedom.site: could not connect to host
+thediaryofadam.com: did not receive HSTS header
thedominatorsclan.com: did not receive HSTS header
thedrinks.co: did not receive HSTS header
thedrop.pw: did not receive HSTS header
@@ -15981,7 +16633,7 @@ thedrunkencabbage.com: could not connect to host
thedystance.com: could not connect to host
theel0ja.info: did not receive HSTS header
theelitebuzz.com: could not connect to host
-theendofzion.com: did not receive HSTS header
+theendofzion.com: could not connect to host
theepankar.com: could not connect to host
theescapistswiki.com: could not connect to host
theevergreen.me: could not connect to host
@@ -15989,6 +16641,7 @@ theexpatriate.de: could not connect to host
theeyeopener.com: did not receive HSTS header
thefarbeyond.com: could not connect to host
thefasterweb.com: did not receive HSTS header
+thefilmcolor.com: max-age too low: 0
thefootballanalyst.com: did not receive HSTS header
thefox.co: did not receive HSTS header
thefox.com.fr: could not connect to host
@@ -16005,14 +16658,18 @@ thegreens.us: could not connect to host
thegreenvpn.com: could not connect to host
thegym.org: did not receive HSTS header
thehiddenbay.cc: could not connect to host
-thehiddenbay.eu: max-age too low: 0
-thehiddenbay.me: max-age too low: 0
+thehiddenbay.eu: could not connect to host
+thehiddenbay.fi: did not receive HSTS header
+thehiddenbay.info: did not receive HSTS header
+thehiddenbay.me: could not connect to host
thehiddenbay.net: could not connect to host
+thehiddenbay.ws: did not receive HSTS header
thehighersideclothing.com: did not receive HSTS header
thehistory.me: could not connect to host
thehoopsarchive.com: could not connect to host
theimagesalon.com: max-age too low: 43200
theinvisibletrailer.com: could not connect to host
+thej0lt.com: did not receive HSTS header
thejobauction.com: did not receive HSTS header
thejserver.de: could not connect to host
thekrewserver.com: did not receive HSTS header
@@ -16039,7 +16696,7 @@ thenrdhrd.nl: could not connect to host
theodorejones.info: could not connect to host
theojones.name: could not connect to host
theokonst.tk: did not receive HSTS header
-theosblog.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+theosblog.de: did not receive HSTS header
theosophie-afrique.org: could not connect to host
theoverfly.co: could not connect to host
thepartywarehouse.co.uk: did not receive HSTS header
@@ -16048,26 +16705,27 @@ thepiratebay.al: could not connect to host
thepiratebay.poker: could not connect to host
thepiratebay.tech: could not connect to host
theposhfudgecompany.co.uk: could not connect to host
+thepostoffice.ro: did not receive HSTS header
theprincegame.com: could not connect to host
theprivacysolution.com: could not connect to host
+thepurem.com: could not connect to host
thequillmagazine.org: could not connect to host
therewill.be: could not connect to host
-therise.ca: could not connect to host
+therise.ca: max-age too low: 300
thermique.ch: could not connect to host
theroamingnotary.com: did not receive HSTS header
-therockawaysny.com: did not receive HSTS header
+therockawaysny.com: could not connect to host
thesassynut.com: did not receive HSTS header
thesearchnerds.co.uk: did not receive HSTS header
thesecurityteam.net: could not connect to host
thesehighsandlows.com: could not connect to host
theserver201.tk: could not connect to host
+theserviceyouneed.com: did not receive HSTS header
theshadestore.com: max-age too low: 10368000
thesled.net: could not connect to host
-thesnellvilledentist.com: did not receive HSTS header
thesplit.is: could not connect to host
thestack.xyz: could not connect to host
thestagchorleywood.co.uk: did not receive HSTS header
-thesteins.org: could not connect to host
thestonegroup.de: did not receive HSTS header
thestoritplace.com: max-age too low: 0
thestral.pro: could not connect to host
@@ -16076,28 +16734,28 @@ thetapirsmouth.com: could not connect to host
thethirdroad.com: did not receive HSTS header
thetradinghall.com: could not connect to host
thetruthhurvitz.com: could not connect to host
+theunitedstates.io: did not receive HSTS header
theurbanyoga.com: did not receive HSTS header
theuucc.org: did not receive HSTS header
thevintagenews.com: did not receive HSTS header
thevoid.one: could not connect to host
thewallset.com: could not connect to host
thewaxhouse.shop: did not receive HSTS header
-thewayofthedojo.com: did not receive HSTS header
+thewebdexter.com: could not connect to host
thewebfellas.com: did not receive HSTS header
thewego.com: could not connect to host
theweilai.com: could not connect to host
thewhiterabbit.space: could not connect to host
thewindow.com: could not connect to host
theworkingeye.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+thewp.pro: max-age too low: 0
theyachtteam.com: could not connect to host
-thezero.org: could not connect to host
thezonders.com: did not receive HSTS header
thgros.fr: could not connect to host
thibautcharles.net: did not receive HSTS header
thienteakee.com: did not receive HSTS header
thierfreund.de: did not receive HSTS header
-thijsbekke.nl: could not connect to host
-thingies.site: could not connect to host
+thierryhayoz.ch: could not connect to host
thinkcash.nl: could not connect to host
thinkcoding.de: could not connect to host
thinkcoding.org: could not connect to host
@@ -16105,6 +16763,7 @@ thinkdo.jp: could not connect to host
thinklikeanentrepreneur.com: did not receive HSTS header
thinkswap.com: did not receive HSTS header
thinlyveiledcontempt.com: could not connect to host
+thirdbearsolutions.com: could not connect to host
thirdpartytrade.com: did not receive HSTS header
thirdworld.moe: could not connect to host
thirty5.net: did not receive HSTS header
@@ -16126,12 +16785,11 @@ thomasnet.fr: could not connect to host
thomasscholz.com: max-age too low: 2592000
thomasschweizer.net: could not connect to host
thomasvt.xyz: max-age too low: 2592000
-thomspooren.nl: could not connect to host
thorbis.com: could not connect to host
thorbiswebsitedesign.com: could not connect to host
thorgames.nl: did not receive HSTS header
thorncreek.net: did not receive HSTS header
-thot.space: could not connect to host
+thot.space: did not receive HSTS header
thoughtlessleaders.online: could not connect to host
threatcentral.io: could not connect to host
threebrothersbrewing.com: could not connect to host
@@ -16155,6 +16813,9 @@ tianxing.pro: did not receive HSTS header
tianxingvpn.pro: could not connect to host
tibbitshall.ca: could not connect to host
tibovanheule.site: could not connect to host
+ticfleet.com: could not connect to host
+tichieru.pw: could not connect to host
+ticketmates.com.au: did not receive HSTS header
ticketoplichting.nl: did not receive HSTS header
tickopa.co.uk: could not connect to host
tickreport.com: did not receive HSTS header
@@ -16163,13 +16824,13 @@ tictactux.de: could not connect to host
tidmore.us: could not connect to host
tie-online.org: could not connect to host
tiendafetichista.com: could not connect to host
+tiendavertigo.com: did not receive HSTS header
tiendschuurstraat.nl: could not connect to host
tiensnet.com: could not connect to host
tierarztpraxis-illerwinkel.de: did not receive HSTS header
tiernanx.com: could not connect to host
tierraprohibida.net: did not receive HSTS header
tierrarp.com: could not connect to host
-tiffanytravels.com: did not receive HSTS header
tiggi.pw: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
tightlineproductions.com: did not receive HSTS header
tigit.co.nz: could not connect to host
@@ -16204,9 +16865,8 @@ timmy.im: could not connect to host
timmy.ws: could not connect to host
timotrans.de: did not receive HSTS header
timotrans.eu: did not receive HSTS header
-timowi.de: could not connect to host
timowi.net: could not connect to host
-timroes.de: could not connect to host
+timroes.de: did not receive HSTS header
timschubert.net: max-age too low: 172800
timvandekamp.nl: did not receive HSTS header
timwhite.io: did not receive HSTS header
@@ -16214,8 +16874,8 @@ timwittenberg.com: could not connect to host
tinchbear.xyz: could not connect to host
tindewen.net: could not connect to host
tink.network: could not connect to host
+tinkerboard.org: could not connect to host
tinkerers-trunk.co.za: did not receive HSTS header
-tioat.net: could not connect to host
tipiakers.club: could not connect to host
tipps-fuer-den-haushalt.de: could not connect to host
tippspiel.cc: could not connect to host
@@ -16237,9 +16897,9 @@ tjs.me: could not connect to host
tju.me: could not connect to host
tkappertjedemetamorfose.nl: could not connect to host
tkarstens.de: did not receive HSTS header
+tkeycoin.com: did not receive HSTS header
tkhw.tk: could not connect to host
tkirch.de: could not connect to host
-tkjg.fi: could not connect to host
tkn.tokyo: could not connect to host
tkonstantopoulos.tk: could not connect to host
tkts.cl: could not connect to host
@@ -16254,9 +16914,9 @@ tm-solutions.eu: could not connect to host
tm.id.au: did not receive HSTS header
tmaward.net: could not connect to host
tmconnects.com: could not connect to host
-tmdc.ddns.net: could not connect to host
tmhlive.com: could not connect to host
tmhr.moe: could not connect to host
+tmi.news: did not receive HSTS header
tmin.cf: could not connect to host
tmitchell.io: could not connect to host
tmprod.com: did not receive HSTS header
@@ -16269,7 +16929,6 @@ tobaby.com.br: could not connect to host
tobacco.gov: could not connect to host
tobaccore.eu: could not connect to host
tobaccore.sk: could not connect to host
-tobedo.net: could not connect to host
tobias-bielefeld.de: did not receive HSTS header
tobiasbergius.se: could not connect to host
tobiasmathes.com: could not connect to host
@@ -16278,6 +16937,7 @@ tobiasofficial.at: could not connect to host
tobiassachs.cf: could not connect to host
tobiassachs.tk: could not connect to host
tobis-webservice.de: did not receive HSTS header
+tobyx.eu: could not connect to host
tobyx.is: could not connect to host
todesschaf.org: could not connect to host
todo.is: could not connect to host
@@ -16290,12 +16950,13 @@ tofa-koeln.de: could not connect to host
tofilmhub.com: could not connect to host
tofu.im: could not connect to host
togelonlinecommunity.com: did not receive HSTS header
-tohokufd.com: could not connect to host
tojeto.eu: did not receive HSTS header
toka.sg: could not connect to host
tokage.me: could not connect to host
tokenloan.com: could not connect to host
tokfun.com: could not connect to host
+tokintu.com: did not receive HSTS header
+tokky.eu: could not connect to host
tokobungaasryflorist.com: did not receive HSTS header
tokobungadijambi.com: did not receive HSTS header
tokobungadilampung.com: could not connect to host
@@ -16305,17 +16966,18 @@ tokoone.com: did not receive HSTS header
tokotamz.net: could not connect to host
tokotimbangandigitalmurah.web.id: did not receive HSTS header
tokoyo.biz: could not connect to host
+toldositajuba.com: could not connect to host
tollmanz.com: did not receive HSTS header
tollsjekk.no: could not connect to host
tolud.com: could not connect to host
tom-maxwell.com: did not receive HSTS header
tom.run: did not receive HSTS header
tomandshirley.com: could not connect to host
+tomaspialek.cz: did not receive HSTS header
tomberek.info: did not receive HSTS header
tomcort.com: could not connect to host
tomdudfield.com: did not receive HSTS header
tomeara.net: could not connect to host
-tomershemesh.me: could not connect to host
tomevans.io: did not receive HSTS header
tomharling.co.uk: could not connect to host
tomiler.com: could not connect to host
@@ -16323,21 +16985,21 @@ tomlankhorst.nl: did not receive HSTS header
tomli.me: could not connect to host
tommounsey.com: did not receive HSTS header
tommsy.com: did not receive HSTS header
-tommy-bordas.fr: did not receive HSTS header
tommyads.com: could not connect to host
tommyweber.de: did not receive HSTS header
-tomoyaf.com: did not receive HSTS header
+tomoyaf.com: could not connect to host
tomphill.co.uk: could not connect to host
+tomudding.com: did not receive HSTS header
tomy.icu: could not connect to host
-tonburi.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+tonburi.jp: could not connect to host
tongmu.me: could not connect to host
tonguetechnology.com: could not connect to host
toniharant.de: could not connect to host
toomanypillows.com: could not connect to host
+toomy.ddns.net: could not connect to host
top-esb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
top-stage.net: could not connect to host
top10mountainbikes.info: could not connect to host
-top9.fr: could not connect to host
topanlage.de: could not connect to host
topbargains.com.au: did not receive HSTS header
topbestsellerproduct.com: did not receive HSTS header
@@ -16346,7 +17008,6 @@ topdeskdev.net: could not connect to host
topdetoxcleanse.com: could not connect to host
topdevbox.net: could not connect to host
topesb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-topkek.ml: could not connect to host
topmarine.se: did not receive HSTS header
topnewstoday.org: could not connect to host
topnotchendings.com: could not connect to host
@@ -16357,6 +17018,7 @@ topservercccam.com: did not receive HSTS header
topshelfguild.com: could not connect to host
toptenthebest.com: did not receive HSTS header
toptranslation.com: did not receive HSTS header
+topvertimai.lt: could not connect to host
topwin.la: could not connect to host
topyx.com: did not receive HSTS header
tor2web.org: could not connect to host
@@ -16367,16 +17029,20 @@ toretfaction.net: could not connect to host
torlock.download: could not connect to host
torproject.org.uk: could not connect to host
torproject.ovh: could not connect to host
-torrentdownloads.bid: max-age too low: 0
+torrentdownloads.bid: could not connect to host
torrentgamesps2.info: could not connect to host
torrenttop100.net: could not connect to host
torrentz.website: could not connect to host
torrentz2.eu: did not receive HSTS header
+tortocan.com: could not connect to host
tortugalife.de: could not connect to host
torv.rocks: did not receive HSTS header
tosecure.link: could not connect to host
toshnix.com: could not connect to host
toshub.com: could not connect to host
+toskana-appartement.de: did not receive HSTS header
+totalbeauty.co.uk: could not connect to host
+totaldragonshop.com.br: could not connect to host
totalle.com.br: could not connect to host
totallynotaserver.com: could not connect to host
totalsystemcare.com: could not connect to host
@@ -16385,7 +17051,7 @@ totalworkout.fitness: did not receive HSTS header
totch.de: could not connect to host
totem-eshop.cz: could not connect to host
totoro.pub: could not connect to host
-totot.net: did not receive HSTS header
+totot.net: could not connect to host
toucedo.de: could not connect to host
touch-up-net.com: could not connect to host
touchbasemail.com: did not receive HSTS header
@@ -16393,33 +17059,36 @@ touchinformatica.com: did not receive HSTS header
touchpointidg.us: could not connect to host
touchscreen-handy.de: did not receive HSTS header
touchstonefms.co.uk: did not receive HSTS header
-touchtable.nl: did not receive HSTS header
tougetu.com: could not connect to host
touhou.cc: did not receive HSTS header
touray-enterprise.ch: could not connect to host
tourpeer.com: did not receive HSTS header
toursandtransfers.it: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
tousproducteurs.fr: did not receive HSTS header
+tout-art.ch: could not connect to host
+toutart.ch: could not connect to host
towaway.ru: could not connect to host
tox.im: did not receive HSTS header
toxicboot.com: could not connect to host
toxicip.com: could not connect to host
-toxme.se: did not receive HSTS header
+toxme.se: could not connect to host
toymania.de: could not connect to host
toyotamotala.se: could not connect to host
tpbcdn.com: could not connect to host
-tpblist.xyz: max-age too low: 0
+tpblist.xyz: could not connect to host
tpbunblocked.org: could not connect to host
tpe-edu.com: could not connect to host
tpms4u.at: did not receive HSTS header
tppdebate.org: did not receive HSTS header
trabajarenperu.com: did not receive HSTS header
tracalada.cl: did not receive HSTS header
+traces.ml: could not connect to host
tracetracker.com: did not receive HSTS header
tracewind.top: could not connect to host
track.plus: could not connect to host
trackdays4fun.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
tracker-gps.ch: could not connect to host
+trackfeed.tokyo: could not connect to host
trackmeet.io: did not receive HSTS header
tracktivity.com.au: did not receive HSTS header
trade-smart.ru: could not connect to host
@@ -16434,10 +17103,11 @@ tradingrooms.com: did not receive HSTS header
traditional-knowledge.tk: did not receive HSTS header
traeningsprojekt.dk: did not receive HSTS header
trafficquality.org: could not connect to host
-traffictigers.com: could not connect to host
+traffictigers.com: did not receive HSTS header
traforet.win: could not connect to host
train-track.co.uk: did not receive HSTS header
traindb.nl: did not receive HSTS header
+trainhorns.us: did not receive HSTS header
training4girls.ru: could not connect to host
traininglist.org: could not connect to host
trainingproviderresults.gov: could not connect to host
@@ -16448,32 +17118,37 @@ trainline.se: could not connect to host
trainut.com: could not connect to host
trakfusion.com: could not connect to host
trancendances.fr: could not connect to host
+trangell.com: did not receive HSTS header
tranos.de: did not receive HSTS header
transbike.es: did not receive HSTS header
transcendmotor.sg: could not connect to host
transcricentro.pt: could not connect to host
transcriptionwave.com: did not receive HSTS header
transdirect.com.au: did not receive HSTS header
+transferio.nl: did not receive HSTS header
transformify.org: did not receive HSTS header
transgendernetwerk.nl: did not receive HSTS header
transl8.eu: did not receive HSTS header
translate.googleapis.com: did not receive HSTS header (error ignored - included regardless)
translateblender.ru: could not connect to host
+translatoruk.co.uk: did not receive HSTS header
transmithe.net: could not connect to host
+transport.eu: did not receive HSTS header
transportal.sk: did not receive HSTS header
transsexualpantyhose.com: could not connect to host
tratamentoparacelulite.biz: could not connect to host
trauertexte.info: could not connect to host
traumhuetten.de: did not receive HSTS header
travality.ru: could not connect to host
-travel-dealz.de: did not receive HSTS header
travel-kuban.ru: did not receive HSTS header
travel1x1.com: did not receive HSTS header
traveling-thailand.info: could not connect to host
travelinsightswriter.com: could not connect to host
travelling.expert: could not connect to host
+travellsell.com: did not receive HSTS header
travelmyth.ie: did not receive HSTS header
travelpricecheck.com: max-age too low: 0
+travisfranck.com: could not connect to host
travotion.com: could not connect to host
trazosdearte.com: did not receive HSTS header
treasuredinheritanceministry.com: did not receive HSTS header
@@ -16485,6 +17160,7 @@ treeremovaljohannesburg.co.za: could not connect to host
treino.blog.br: could not connect to host
treker.us: could not connect to host
trell.co.in: did not receive HSTS header
+tremlor.com: max-age too low: 300
tremolosoftware.com: did not receive HSTS header
tremoureux.fr: could not connect to host
trendberry.ru: could not connect to host
@@ -16492,19 +17168,24 @@ trendingpulse.com: could not connect to host
trendisland.de: did not receive HSTS header
trendydips.com: could not connect to host
trentmaydew.com: could not connect to host
+tretkowski.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
trewe.eu: could not connect to host
triadwars.com: did not receive HSTS header
triageo.com.au: could not connect to host
trialmock.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
trianon.xyz: could not connect to host
-tributh.cf: could not connect to host
-tributh.net: could not connect to host
+tributh.ga: could not connect to host
+tributh.gq: could not connect to host
+tributh.ml: could not connect to host
+tributh.tk: could not connect to host
trickedguys.com: could not connect to host
tricks.clothing: did not receive HSTS header
triddi.com: could not connect to host
+tridentflood.com: could not connect to host
tridimage.com: did not receive HSTS header
trigular.de: could not connect to host
trileg.net: could not connect to host
+trimarchimanuele.it: did not receive HSTS header
trinity.fr.eu.org: could not connect to host
trinityaffirmations.com: max-age too low: 0
trinitycore.org: max-age too low: 2592000
@@ -16512,6 +17193,7 @@ trinitytechdev.com: did not receive HSTS header
tripcombi.com: did not receive HSTS header
tripdelta.com: did not receive HSTS header
tripinsider.club: did not receive HSTS header
+triple-mmm.de: max-age too low: 0
trisportas.lt: did not receive HSTS header
tristanfarkas.one: could not connect to host
trixati.org.ua: did not receive HSTS header
@@ -16526,8 +17208,11 @@ tronflix.com: did not receive HSTS header
troo.ly: could not connect to host
trouter.io: could not connect to host
trouver-son-chemin.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+troykelly.com: did not receive HSTS header
trpg.wiki: could not connect to host
+truckgpsreviews.com: did not receive HSTS header
true.ink: did not receive HSTS header
+trueblueessentials.com: could not connect to host
truebred-labradors.com: did not receive HSTS header
trueessayhelp.co.uk: did not receive HSTS header
truejob.com: did not receive HSTS header
@@ -16536,6 +17221,7 @@ trumeet.top: did not receive HSTS header
trunkjunk.co: could not connect to host
trush.in: could not connect to host
trustedinnovators.com: could not connect to host
+trustednewssites.com: did not receive HSTS header
trusteecar.com: did not receive HSTS header
trustmeimfancy.com: could not connect to host
trustocean.com: did not receive HSTS header
@@ -16546,8 +17232,11 @@ tryfm.net: did not receive HSTS header
trynowrinkleseyeserum.com: could not connect to host
tryoneday.co: did not receive HSTS header
tryti.me: could not connect to host
+ts-publishers.com: could not connect to host
ts2.se: could not connect to host
+ts3-dns.com: could not connect to host
ts3-dns.me: could not connect to host
+ts3-dns.net: could not connect to host
ts3.consulting: could not connect to host
tsaro.io: could not connect to host
tscqmalawi.info: did not receive HSTS header
@@ -16564,18 +17253,18 @@ tsumegumi.net: could not connect to host
tsumi.moe: could not connect to host
tsura.org: could not connect to host
tsurezurematome.ga: could not connect to host
-tt.dog: could not connect to host
ttackmedical.com.br: could not connect to host
-ttrade.ga: could not connect to host
+ttrade.ga: did not receive HSTS header
tts.co.nz: did not receive HSTS header
ttspttsp.com: could not connect to host
tty.space: could not connect to host
ttz.im: could not connect to host
tuamoronline.com: could not connect to host
+tuang-tuang.com: could not connect to host
tubbutec.de: did not receive HSTS header
tubeju.com: could not connect to host
-tubetoon.com: did not receive HSTS header
-tubetooncartoons.com: did not receive HSTS header
+tubetoon.com: could not connect to host
+tubetooncartoons.com: could not connect to host
tubex.ga: could not connect to host
tucidi.net: could not connect to host
tucker.wales: could not connect to host
@@ -16590,6 +17279,7 @@ tunca.it: did not receive HSTS header
tunebitfm.de: could not connect to host
tungstenroyce.com: did not receive HSTS header
tunity.be: did not receive HSTS header
+tuou.xyz: could not connect to host
tupizm.com: could not connect to host
turismo.cl: could not connect to host
turkiet.guide: could not connect to host
@@ -16598,9 +17288,10 @@ turn-sticks.com: could not connect to host
turnik-67.ru: could not connect to host
turniker.ru: could not connect to host
turnsticks.com: could not connect to host
+turtle.ai: did not receive HSTS header
turtlementors.com: could not connect to host
turtles.ga: could not connect to host
-tusb.ml: did not receive HSTS header
+tusb.ml: could not connect to host
tussengelegenwoningverkopen.nl: could not connect to host
tuthowto.com: could not connect to host
tutiendaroja.com: did not receive HSTS header
@@ -16615,6 +17306,7 @@ tv.search.yahoo.com: could not connect to host
tvc.red: could not connect to host
tverdohleb.com: could not connect to host
tvoru.com.ua: did not receive HSTS header
+tvqc.com: did not receive HSTS header
tvs-virtual.cz: did not receive HSTS header
tvtubeflix.com: did not receive HSTS header
tvz-materijali.com: could not connect to host
@@ -16651,9 +17343,9 @@ twinkseason.xyz: could not connect to host
twiri.net: could not connect to host
twist.party: could not connect to host
twistapp.com: did not receive HSTS header
-twistdevelopment.co.uk: could not connect to host
twittelzie.nl: could not connect to host
twitter.ax: could not connect to host
+twocornertiming.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
twogo.com: did not receive HSTS header
twojfaktum.pl: could not connect to host
twolanedesign.com: did not receive HSTS header
@@ -16669,7 +17361,9 @@ txcp02.com: could not connect to host
txf.pw: could not connect to host
ty2u.com: did not receive HSTS header
tycjt.vip: did not receive HSTS header
+tyil.nl: could not connect to host
tykoon.com: could not connect to host
+tyl.io: did not receive HSTS header
tyler.coach: could not connect to host
tylercoach.com: could not connect to host
tylerharcourt.ca: max-age too low: 86400
@@ -16687,7 +17381,7 @@ typeonejoe.com: could not connect to host
typeonejoe.net: could not connect to host
typeonejoe.org: could not connect to host
typingrevolution.com: did not receive HSTS header
-tyreis.com: did not receive HSTS header
+tyreis.com: could not connect to host
tyrelius.com: could not connect to host
tyroproducts.eu: did not receive HSTS header
tyskland.guide: could not connect to host
@@ -16695,7 +17389,7 @@ tz56789.com: did not receive HSTS header
tzappa.net: could not connect to host
tzwe.com: could not connect to host
u-master.net: did not receive HSTS header
-u-tokyo.club: could not connect to host
+u-metals.com: did not receive HSTS header
u175.com: could not connect to host
uadp.pw: could not connect to host
uahs.org.uk: did not receive HSTS header
@@ -16703,36 +17397,38 @@ ubalert.com: could not connect to host
uber.com.au: did not receive HSTS header
ubercalculator.com: did not receive HSTS header
uberfunction.com: did not receive HSTS header
-ubertt.org: could not connect to host
+ubermail.me: could not connect to host
ubicloud.de: could not connect to host
ubicv.com: could not connect to host
ublox.com: did not receive HSTS header
ubtce.com: could not connect to host
+ubun.net: could not connect to host
ubuntuhot.com: did not receive HSTS header
uc.ac.id: did not receive HSTS header
uchiha.ml: could not connect to host
uclanmasterplan.co.uk: did not receive HSTS header
-uclf.de: could not connect to host
udbhav.me: could not connect to host
-uefeng.com: did not receive HSTS header
uega.net: did not receive HSTS header
uerdingen.info: did not receive HSTS header
uesociedadlimitada.com: could not connect to host
ueu.me: could not connect to host
-uevan.com: did not receive HSTS header
ufgaming.com: did not receive HSTS header
uflixit.com: did not receive HSTS header
ufo.moe: could not connect to host
ufotable.uk: could not connect to host
ugcdn.com: could not connect to host
-uggedal.com: could not connect to host
ugisgutless.com: could not connect to host
ugo.ninja: could not connect to host
ugosadventures.com: could not connect to host
+uhappy69.com: could not connect to host
+uhappy70.com: could not connect to host
+uhappy72.com: could not connect to host
+uhappy80.com: could not connect to host
+uhappy81.com: could not connect to host
uhasseltctf.ga: could not connect to host
-uhm.io: could not connect to host
+uhasseltodin.be: did not receive HSTS header
+uhm.io: did not receive HSTS header
uhuru-market.com: did not receive HSTS header
-uicchy.com: could not connect to host
uitslagensoftware.nl: did not receive HSTS header
ukas.com: could not connect to host
ukdropshipment.co.uk: did not receive HSTS header
@@ -16760,9 +17456,9 @@ umbriel.fr: did not receive HSTS header
umgardi.ca: could not connect to host
umidev.com: could not connect to host
umie.cc: did not receive HSTS header
+umkmjogja.com: did not receive HSTS header
ump45.moe: could not connect to host
umsolugar.com.br: did not receive HSTS header
-unapolegetic.co: did not receive HSTS header
unart.info: could not connect to host
unbanthe.net: could not connect to host
unblockat.tk: did not receive HSTS header
@@ -16780,7 +17476,7 @@ unblocked.win: could not connect to host
unblocked.works: could not connect to host
unblocked.world: could not connect to host
unblockedall.site: could not connect to host
-unblockedbay.info: max-age too low: 0
+unblockedbay.info: could not connect to host
unblockerproxy.site: did not receive HSTS header
unblockerproxy.top: did not receive HSTS header
unblockmy.party: could not connect to host
@@ -16791,11 +17487,10 @@ unblockthe.site: could not connect to host
unblockthe.top: could not connect to host
unccdesign.club: could not connect to host
unclegen.xyz: could not connect to host
-undecidable.de: could not connect to host
under30stravelinsurance.com.au: did not receive HSTS header
undercovercondoms.com: could not connect to host
underkin.com: could not connect to host
-underwearoffer.com: did not receive HSTS header
+undone.me: could not connect to host
unefuite.ch: could not connect to host
unfiltered.nyc: could not connect to host
unfuddle.cn: could not connect to host
@@ -16822,7 +17517,7 @@ uniojeda.ml: did not receive HSTS header
unionstationapp.com: could not connect to host
unirenter.ru: did not receive HSTS header
unison.com: did not receive HSTS header
-unisyssecurity.com: did not receive HSTS header
+unisyssecurity.com: could not connect to host
unitedcyberdevelopment.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
unitlabs.net: could not connect to host
unitrade-425.co.za: did not receive HSTS header
@@ -16830,52 +17525,52 @@ university4industry.com: did not receive HSTS header
universogay.com: could not connect to host
univstore.win: could not connect to host
univz.com: could not connect to host
-unix.se: did not receive HSTS header
unixtime.pro: could not connect to host
unknownbreakup.com: max-age too low: 2592000
unknownphenomena.net: could not connect to host
+unleash.pw: could not connect to host
unlogis.ch: could not connect to host
unmanaged.space: could not connect to host
-uno.fi: did not receive HSTS header
unplugg3r.dk: could not connect to host
+unpossible.xyz: could not connect to host
unravel.ie: could not connect to host
unripple.com: could not connect to host
unruh.fr: did not receive HSTS header
-uns.vn: could not connect to host
unschoolrules.com: did not receive HSTS header
unstockd.org: could not connect to host
unsupervised.ca: did not receive HSTS header
unsystem.net: could not connect to host
unterkunft.guru: did not receive HSTS header
-unterschicht.tv: could not connect to host
untoldstory.eu: did not receive HSTS header
unveiledgnosis.com: did not receive HSTS header
unwiredbrain.com: could not connect to host
unwomen.is: did not receive HSTS header
-unyq.me: did not receive HSTS header
+unworthy.ml: could not connect to host
+unyq.me: could not connect to host
uonstaffhub.com: could not connect to host
uow.ninja: could not connect to host
up1.ca: could not connect to host
upaknship.com: did not receive HSTS header
upandclear.org: max-age too low: 0
-upay.ru: could not connect to host
upboard.jp: could not connect to host
upldr.pw: could not connect to host
uploadbro.com: could not connect to host
upmchealthsecurity.us: could not connect to host
uporoops.com: could not connect to host
+upr-info.org: did not receive HSTS header
uprotect.it: could not connect to host
upstats.eu: could not connect to host
uptakedigital.com.au: max-age too low: 2592000
uptic.net: did not receive HSTS header
uptogood.org: could not connect to host
upupming.site: did not receive HSTS header
+upwardtraining.co.uk: could not connect to host
ur-lauber.de: did not receive HSTS header
urban-garden.lt: could not connect to host
urban-garden.lv: could not connect to host
+urban-karuizawa.co.jp: max-age too low: 0
urbanmic.com: could not connect to host
-urbanstylestaging.com: did not receive HSTS header
-urbansurvival.com: did not receive HSTS header
+urbanstylestaging.com: could not connect to host
urbpic.com: could not connect to host
urcentral.org: could not connect to host
url.cab: could not connect to host
@@ -16885,7 +17580,7 @@ urlchomp.com: did not receive HSTS header
urology.wiki: did not receive HSTS header
urphp.com: did not receive HSTS header
us-immigration.com: did not receive HSTS header
-usaab.org: did not receive HSTS header
+usaab.org: could not connect to host
usafuelservice.com: did not receive HSTS header
usatomotori.com: did not receive HSTS header
usbirthcertificate.com: could not connect to host
@@ -16903,6 +17598,7 @@ user-new.com: did not receive HSTS header
usercare.com: could not connect to host
useresponse.com: did not receive HSTS header
userify.com: did not receive HSTS header
+uskaria.com: could not connect to host
uslab.io: could not connect to host
usleep.net: could not connect to host
usparklodging.com: did not receive HSTS header
@@ -16928,6 +17624,7 @@ utumno.ch: could not connect to host
utvbloggen.se: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
uvarov.pw: could not connect to host
uvolejniku.cz: did not receive HSTS header
+uwekoetter.com: did not receive HSTS header
uwesander.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
uwfreelanceopticien.nl: could not connect to host
uwimonacs.org.jm: did not receive HSTS header
@@ -16947,25 +17644,22 @@ v2.pw: did not receive HSTS header
v2ex.us: could not connect to host
v4veedu.com: could not connect to host
v5wz.com: did not receive HSTS header
-v5xp.com: could not connect to host
+v5xp.com: did not receive HSTS header
v7.cl: could not connect to host
v789xl.com: did not receive HSTS header
-va.gov: did not receive HSTS header
vaaddress.co: could not connect to host
-vaalmarketplace.co.za: could not connect to host
+vaalmarketplace.co.za: did not receive HSTS header
vacationality.com: could not connect to host
vacationfund.co: could not connect to host
vacationscostarica.com: did not receive HSTS header
vackerbetong.se: could not connect to host
-vaclavambroz.cz: could not connect to host
+vaclavambroz.cz: did not receive HSTS header
vaclavambroz.eu: could not connect to host
vacuumreviewcenter.com: did not receive HSTS header
vaddder.com: could not connect to host
vadennissanofhinesvilleparts.com: could not connect to host
vadik.me: could not connect to host
vadodesign.nl: did not receive HSTS header
-vagaerg.com: did not receive HSTS header
-vagaerg.net: did not receive HSTS header
vaibhavchatarkar.com: could not connect to host
val-sec.com: could not connect to host
valaeris.de: did not receive HSTS header
@@ -16974,6 +17668,8 @@ valecnatechnika.cz: could not connect to host
valenhub.com: could not connect to host
valenhub.es: could not connect to host
valenscaelum.com: could not connect to host
+valentin-ochs.de: could not connect to host
+valentin.ml: could not connect to host
valesdev.com: max-age too low: 0
valethound.com: could not connect to host
valhallacostarica.com: could not connect to host
@@ -16981,9 +17677,11 @@ valhallamovement.com: did not receive HSTS header
valitron.se: did not receive HSTS header
valkyrja.xyz: could not connect to host
valleyridgepta.org: could not connect to host
+valleyshop.ca: could not connect to host
vallis.net: could not connect to host
valmagus.com: could not connect to host
valopv.be: could not connect to host
+valshamar.is: could not connect to host
vamoaeturismo.com.br: could not connect to host
vamosfalardesaude.pt: could not connect to host
vampirism.eu: could not connect to host
@@ -17001,6 +17699,7 @@ vanitynailworkz.com: could not connect to host
vanlaanen.com: did not receive HSTS header
vansieleghem.com: could not connect to host
vantaio.com: did not receive HSTS header
+vapecom-shop.com: could not connect to host
vapecraftinc.com: did not receive HSTS header
vapemania.eu: could not connect to host
vapeshopsupply.com: max-age too low: 7889238
@@ -17020,7 +17719,9 @@ vavai.net: did not receive HSTS header
vavouchers.com: could not connect to host
vawltstorage.com: did not receive HSTS header
vayaport.com: could not connect to host
+vb-oa.co.uk: did not receive HSTS header
vbest.net: could not connect to host
+vbestreviews.com: did not receive HSTS header
vbhelp.org: did not receive HSTS header
vbulletin-russia.com: could not connect to host
vbulletinrussia.com: could not connect to host
@@ -17030,18 +17731,18 @@ vcelin-na-doliku.cz: could not connect to host
vconcept.ch: could not connect to host
vconcept.me: could not connect to host
vcr.re: could not connect to host
-vdanker.net: could not connect to host
vdhco.be: did not receive HSTS header
vdownloader.com: could not connect to host
vdrpro.com: could not connect to host
veblen.com: did not receive HSTS header
vechkasov.ru: could not connect to host
vectro.me: could not connect to host
-vedatkamer.com: could not connect to host
+vedatkamer.com: did not receive HSTS header
vega-motor.com.ua: did not receive HSTS header
vega-rumia.com.pl: max-age too low: 2592000
vega.dyndns.info: could not connect to host
vegalayer.com: could not connect to host
+vegalengd.com: did not receive HSTS header
vegane-proteine.com: could not connect to host
vegangaymer.blog: could not connect to host
veganosonline.com: could not connect to host
@@ -17057,6 +17758,7 @@ velasense.com: could not connect to host
velonustraduction.com: could not connect to host
velotyretz.fr: did not receive HSTS header
vemokin.net: could not connect to host
+venenum.org: could not connect to host
venicecomputerrepair.com: could not connect to host
venicefloridawebsitedesign.com: could not connect to host
venicerealdeal.com: could not connect to host
@@ -17067,11 +17769,13 @@ venmos.com: could not connect to host
venninvestorplatform.com: did not receive HSTS header
venoom.eu: did not receive HSTS header
vensl.org: could not connect to host
+venturedisplay.co.uk: did not receive HSTS header
venturepro.com: did not receive HSTS header
venzocrm.com: did not receive HSTS header
ver-ooginoog.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
veraandsteve.date: could not connect to host
verdeandco.co.uk: could not connect to host
+vergeaccessories.com: could not connect to host
verifiedinvesting.com: could not connect to host
verifikatorindonesia.com: could not connect to host
veriomed.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -17080,12 +17784,13 @@ verliefde-jongens.nl: could not connect to host
vermogeninkaart.nl: could not connect to host
vermontcareergateway.org: could not connect to host
vernonfishandgame.ca: did not receive HSTS header
+vernonhouseofhope.com: did not receive HSTS header
versbeton.nl: max-age too low: 864000
versfin.net: could not connect to host
versia.ru: did not receive HSTS header
-versolslapeyre.fr: did not receive HSTS header
veryhax.de: could not connect to host
veryyounglesbians.com: could not connect to host
+verzick.com: could not connect to host
ves.vn.ua: could not connect to host
vestacp.top: could not connect to host
vetdnacenter.com: did not receive HSTS header
@@ -17100,20 +17805,26 @@ vglimg.com: could not connect to host
vhost.co.id: could not connect to host
viabemestar.com.br: could not connect to host
viadeux.com: did not receive HSTS header
+viagraonlinebestellen.org: max-age too low: 3600
vialibido.com.br: could not connect to host
viato.fr: could not connect to host
vibrashop.com.br: did not receive HSTS header
vicenage.com: could not connect to host
viceversa.xyz: did not receive HSTS header
+vicianovi.cz: did not receive HSTS header
+viciousflora.com: could not connect to host
viciousviscosity.xyz: could not connect to host
+vickshomes.com: could not connect to host
victorenxovais.com.br: could not connect to host
victoriapemberton.com: did not receive HSTS header
victoriaville.ca: did not receive HSTS header
vid.me: did not receive HSTS header
vidb.me: could not connect to host
vidbuchanan.co.uk: did not receive HSTS header
+vidcloud.xyz: did not receive HSTS header
viddiaz.com: did not receive HSTS header
videnskabsklubben.dk: did not receive HSTS header
+videobola.win: could not connect to host
videoload.co: could not connect to host
videomuz.com: could not connect to host
videorullen.se: could not connect to host
@@ -17132,11 +17843,10 @@ viennan.net: did not receive HSTS header
vietnam-lifer.com: could not connect to host
vietnamchevrolet.net: did not receive HSTS header
vietnamphotographytours.com: did not receive HSTS header
-vieux.pro: could not connect to host
viewsea.com: max-age too low: 0
+viga.me: could not connect to host
vigilo.cf: could not connect to host
vigilo.ga: could not connect to host
-vigo-krankenversicherung.de: could not connect to host
viikko.eu: could not connect to host
vijos.org: did not receive HSTS header
vikasbabyworld.de: could not connect to host
@@ -17144,7 +17854,6 @@ viktor-machnik.de: could not connect to host
viktorsvantesson.net: did not receive HSTS header
vilabiamodas.com.br: could not connect to host
viladochurrasco.com.br: could not connect to host
-vilaydin.com: did not receive HSTS header
vilight.com.br: could not connect to host
villa-anna-cilento.de: could not connect to host
villa-bellarte.de: did not receive HSTS header
@@ -17173,14 +17882,15 @@ vinicius.sl: could not connect to host
viniferawineclub.com: did not receive HSTS header
vinihk.com: did not receive HSTS header
vinogradovka.com: did not receive HSTS header
+vintock.com: could not connect to host
vio.no: did not receive HSTS header
violenceinterrupted.org: did not receive HSTS header
violet-letter.delivery: could not connect to host
violetraven.co.uk: could not connect to host
viosey.com: could not connect to host
vioye.com: could not connect to host
-vip-9649.com: could not connect to host
-vip9649.com: could not connect to host
+vip-9649.com: did not receive HSTS header
+vip9649.com: did not receive HSTS header
viperdns.com: could not connect to host
vipesball.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
vipesball.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -17220,7 +17930,7 @@ vitalita.cz: did not receive HSTS header
vitalorange.com: did not receive HSTS header
vitalthings.de: could not connect to host
vitamaxxi.com.br: could not connect to host
-vitapingu.de: could not connect to host
+vitamineproteine.com: did not receive HSTS header
vitta.me: did not receive HSTS header
vitzro.kr: could not connect to host
viva-french.com: did not receive HSTS header
@@ -17237,12 +17947,13 @@ vladimiroff.org: did not receive HSTS header
vldkn.net: could not connect to host
vleij.family: could not connect to host
vlogge.com: did not receive HSTS header
-vlsk.eu: could not connect to host
+vlsk.eu: did not receive HSTS header
vlzbazar.ru: could not connect to host
vmrdev.com: could not connect to host
vmstan.com: did not receive HSTS header
vndb.org: could not connect to host
vocab.guru: could not connect to host
+vocalik.com: did not receive HSTS header
vocalsynth.space: could not connect to host
voceinveste.com: did not receive HSTS header
vodpay.com: could not connect to host
@@ -17258,6 +17969,7 @@ voidpay.org: could not connect to host
voids.org: could not connect to host
voidserv.net: could not connect to host
voidshift.com: could not connect to host
+voidzehn.com: did not receive HSTS header
voilo.club: could not connect to host
voilodaisuki.club: could not connect to host
voipkb.com: did not receive HSTS header
@@ -17283,12 +17995,12 @@ vonavy-cukor.sk: could not connect to host
vonavycukor.sk: could not connect to host
vonedelmann.de: did not receive HSTS header
vongerlach.at: did not receive HSTS header
-vonterra.us: did not receive HSTS header
vooreenveiligthuis.nl: did not receive HSTS header
voorjou.com: did not receive HSTS header
vorangerie.com: could not connect to host
vorderklier.de: could not connect to host
vorkbaard.nl: did not receive HSTS header
+vorte.ga: could not connect to host
vortexhobbies.com: did not receive HSTS header
vosjesweb.nl: could not connect to host
votercircle.com: did not receive HSTS header
@@ -17296,8 +18008,7 @@ voterstartingpoint.uk: did not receive HSTS header
votewa.gov: could not connect to host
votresiteweb.ch: could not connect to host
vow.vn: could not connect to host
-vowsy.club: did not receive HSTS header
-vox.vg: did not receive HSTS header
+voyageofyume.com: could not connect to host
vozami.com: could not connect to host
vpip.net: could not connect to host
vpl.me: did not receive HSTS header
@@ -17307,6 +18018,7 @@ vpnhot.com: could not connect to host
vpnzoom.com: did not receive HSTS header
vps-szerver-berles.hu: could not connect to host
vpsmojo.com: could not connect to host
+vpsvz.cloud: could not connect to host
vqporn.com: could not connect to host
vranjske.co.rs: could not connect to host
vratny.space: could not connect to host
@@ -17335,12 +18047,12 @@ vucdn.com: could not connect to host
vulnerabilities.io: could not connect to host
vuosaarenmontessoritalo.fi: did not receive HSTS header
vvl.me: did not receive HSTS header
-vvzero.cf: could not connect to host
vw-touranclub.cz: could not connect to host
vwoforangeparts.com: could not connect to host
vwt-event.nl: could not connect to host
vxapps.com: could not connect to host
vxml.club: could not connect to host
+vxst.org: max-age too low: 2592000
vxz.me: could not connect to host
vykup-car.ru: could not connect to host
vynedmusic.com: could not connect to host
@@ -17356,18 +18068,22 @@ w4a.fr: could not connect to host
w4b.in: could not connect to host
w4xzr.top: could not connect to host
w4xzr.xyz: could not connect to host
+w84.it: could not connect to host
w9rld.com: did not receive HSTS header
wabifoggynuts.com: could not connect to host
-wachter.biz: could not connect to host
+wachter.biz: did not receive HSTS header
wachtwoordencheck.nl: could not connect to host
wadvisor.com: could not connect to host
waelti.xxx: could not connect to host
wafa4hw.com: could not connect to host
wafairhaven.com.au: did not receive HSTS header
wafni.com: could not connect to host
+wahhoi.net: could not connect to host
wai-in.com: could not connect to host
wai-in.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+waidu.de: did not receive HSTS header
wail.net: could not connect to host
+wait.jp: could not connect to host
wait.moe: could not connect to host
waixingrenfuli7.vip: could not connect to host
waka-mono.com: could not connect to host
@@ -17384,6 +18100,7 @@ wallabag.it: did not receive HSTS header
wallabag.org: did not receive HSTS header
wallacequinn.co.uk: did not receive HSTS header
wallet.google.com: did not receive HSTS header (error ignored - included regardless)
+wallingford.cc: could not connect to host
wallsblog.dk: could not connect to host
walnutgaming.co.uk: could not connect to host
walterlynnmosley.com: did not receive HSTS header
@@ -17397,13 +18114,17 @@ wanda97.com: could not connect to host
wanda98.com: could not connect to host
wandercue.com: did not receive HSTS header
wangjiatun.com.tw: could not connect to host
+wangjun.me: did not receive HSTS header
wangkezun.com: could not connect to host
+wangler-internet.de: did not receive HSTS header
+wangqiliang.org: could not connect to host
wangqiliang.xn--fiqs8s: could not connect to host
wangql.cn: could not connect to host
wanquanojbk.com: did not receive HSTS header
wantshow.com.br: did not receive HSTS header
wanvi.net: did not receive HSTS header
-wanybug.cn: could not connect to host
+wanybug.cn: did not receive HSTS header
+wanybug.com: could not connect to host
wapgu.cc: could not connect to host
wapjt.cn: could not connect to host
wapking.live: could not connect to host
@@ -17411,15 +18132,17 @@ wapt.fr: did not receive HSTS header
warandpeace.xyz: could not connect to host
warcraftjournal.org: could not connect to host
wardsegers.be: did not receive HSTS header
-warehost.de: could not connect to host
+warehost.de: did not receive HSTS header
warekon.com: could not connect to host
warekon.dk: could not connect to host
-warenmedia.com: could not connect to host
warezaddict.com: could not connect to host
warhistoryonline.com: did not receive HSTS header
warlions.info: could not connect to host
warmestwishes.ca: could not connect to host
warnings.xyz: could not connect to host
+warp-radio.com: could not connect to host
+warp-radio.net: could not connect to host
+warp-radio.tv: could not connect to host
warped.com: did not receive HSTS header
warren.sh: could not connect to host
warrencreative.com: did not receive HSTS header
@@ -17427,17 +18150,18 @@ warsentech.com: did not receive HSTS header
warumsuchen.at: did not receive HSTS header
wasatchconstables.com: did not receive HSTS header
wasatchcrest.com: did not receive HSTS header
-wasserburg.dk: did not receive HSTS header
+washandfun.com: could not connect to host
wassim.is: did not receive HSTS header
watashi.bid: could not connect to host
watchium.com: did not receive HSTS header
-watchtv-online.pw: max-age too low: 0
+watchtv-online.pw: could not connect to host
watchweasel.com: could not connect to host
waterforlife.net.au: did not receive HSTS header
waterpoint.com.br: could not connect to host
watersportmarkt.net: did not receive HSTS header
watsonhall.uk: could not connect to host
wattechweb.com: did not receive HSTS header
+wave-ola.es: did not receive HSTS header
wavefloatrooms.com: did not receive HSTS header
wavefrontsystemstech.com: could not connect to host
wavesoftime.com: could not connect to host
@@ -17446,8 +18170,9 @@ waylaydesign.com: did not receive HSTS header
waylee.net: did not receive HSTS header
wbit.co.il: did not receive HSTS header
wbut.ml: could not connect to host
+wd627.com: could not connect to host
+wd976.com: could not connect to host
wdesk.com: did not receive HSTS header
-wdmg.com.ua: max-age too low: 604800
wdrl.info: did not receive HSTS header
wdt.io: could not connect to host
we.serveftp.net: could not connect to host
@@ -17468,7 +18193,7 @@ web-vision.de: did not receive HSTS header
web4all.fr: did not receive HSTS header
web4pro.fr: could not connect to host
webandwords.com.au: could not connect to host
-webanker.sh: could not connect to host
+webanker.sh: did not receive HSTS header
webapky.cz: could not connect to host
webapps.directory: could not connect to host
webart-factory.de: could not connect to host
@@ -17477,11 +18202,13 @@ webauthority.co.uk: did not receive HSTS header
webbuzz.com.au: did not receive HSTS header
webbx.se: did not receive HSTS header
webchat.domains: did not receive HSTS header
-webcreation.rocks: did not receive HSTS header
+webcreation.rocks: could not connect to host
+webdeflect.com: did not receive HSTS header
webdesign-kronberg.de: did not receive HSTS header
webdesignssussex.co.uk: could not connect to host
webdev-quiz.de: did not receive HSTS header
webdev.mobi: could not connect to host
+webdollarvpn.io: could not connect to host
webdosh.com: did not receive HSTS header
webeconomia.it: did not receive HSTS header
webelement.sk: did not receive HSTS header
@@ -17489,11 +18216,12 @@ weberjulia.com: could not connect to host
webfronten.dk: did not receive HSTS header
webgaff.com: could not connect to host
webgap.me: did not receive HSTS header
-webgreat.de: max-age too low: 3600
+webgreat.de: did not receive HSTS header
webhackspro.com: could not connect to host
webhelyesarcu.hu: did not receive HSTS header
webhosting4.net: did not receive HSTS header
webhostingpros.ml: could not connect to host
+webhostingshop.ca: could not connect to host
webless.com: could not connect to host
weblogic.pl: did not receive HSTS header
webm.to: could not connect to host
@@ -17512,19 +18240,20 @@ webneuch.swiss: did not receive HSTS header
webninja.work: could not connect to host
webnoob.net: could not connect to host
webnosql.com: could not connect to host
+webogram.org: could not connect to host
webperformance.ru: could not connect to host
webproshosting.tk: could not connect to host
+webproxy.pw: could not connect to host
webpublica.pt: could not connect to host
webreslist.com: did not receive HSTS header
websandbox.uk: could not connect to host
websectools.com: could not connect to host
webseo.de: did not receive HSTS header
-websiteadvice.com.au: did not receive HSTS header
websitedesign.bg: did not receive HSTS header
+websiterent.ca: could not connect to host
websitesabq.com: did not receive HSTS header
webspotter.nl: could not connect to host
webstationservice.fr: could not connect to host
-webstellung.com: did not receive HSTS header
webstory.xyz: could not connect to host
webswitch.io: did not receive HSTS header
webtar.info: could not connect to host
@@ -17533,21 +18262,21 @@ webtechgadgetry.com: could not connect to host
webtek.nu: could not connect to host
webthings.com.br: could not connect to host
webtiles.co.uk: could not connect to host
-webtobesocial.de: could not connect to host
webukhost.com: could not connect to host
webuni.hu: did not receive HSTS header
webveloper.com: did not receive HSTS header
-webwolf.co.za: could not connect to host
+webwolf.co.za: did not receive HSTS header
webwork.pw: did not receive HSTS header
webypass.xyz: could not connect to host
webzanem.com: could not connect to host
wecanfindit.co.za: could not connect to host
wecanvisit.com: could not connect to host
wedding-m.jp: did not receive HSTS header
-weddingalbumsdesign.com: did not receive HSTS header
+weddingalbumsdesign.com: max-age too low: 2592000
weddingenvelopes.co.uk: did not receive HSTS header
+weddingfantasy.ru: could not connect to host
weddingibiza.nl: could not connect to host
-wedotrains.club: did not receive HSTS header
+wedotrains.club: could not connect to host
weebsr.us: could not connect to host
weed.ren: could not connect to host
weedcircles.com: did not receive HSTS header
@@ -17562,12 +18291,13 @@ weiler.xyz: could not connect to host
weimaraner.com.br: could not connect to host
weinhandel-preissler.de: could not connect to host
weirdserver.com: could not connect to host
-weiyuz.com: max-age too low: 6585555
+weixiaojun.org: could not connect to host
weizenke.im: could not connect to host
wejumall.com: could not connect to host
wekibe.de: could not connect to host
welby.cat: could not connect to host
welches-kinderfahrrad.de: could not connect to host
+welcomehelp.de: could not connect to host
welkers.org: could not connect to host
wellastore.ru: could not connect to host
wellcomp.com.br: did not receive HSTS header
@@ -17582,16 +18312,18 @@ welovejobs.com: did not receive HSTS header
welovemail.com: could not connect to host
welpo.me: could not connect to host
welpy.com: could not connect to host
+welsh.com.br: could not connect to host
weltentreff.com: could not connect to host
weltmeisterschaft.net: could not connect to host
-weme.eu: could not connect to host
+weme.eu: did not receive HSTS header
wen-in.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
wen-in.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
wenchieh.com: could not connect to host
wendalyncheng.com: did not receive HSTS header
-wener.me: could not connect to host
+wendu.me: could not connect to host
wengebowuguan.com: could not connect to host
wenode.net: did not receive HSTS header
+wenta-computerservice.net: could not connect to host
wentu.ml: could not connect to host
wenz.io: did not receive HSTS header
wer.sh: could not connect to host
@@ -17599,20 +18331,20 @@ werdeeintimo.de: could not connect to host
wereldplanner.nl: could not connect to host
werhatunsverraten.eu: could not connect to host
werken-bij-inwork.nl: could not connect to host
-werkenbijkfc.nl: did not receive HSTS header
+werkenbijkfc.nl: could not connect to host
werkplaatsoost.nl: did not receive HSTS header
werkruimtebottendaal.nl: could not connect to host
werkz.io: could not connect to host
-werner-schaeffer.de: did not receive HSTS header
-wernerschaeffer.de: did not receive HSTS header
wes-dev.com: did not receive HSTS header
wesayyesprogram.com: could not connect to host
wesleyharris.ca: did not receive HSTS header
wespeakgeek.co.za: could not connect to host
+wessner.co: could not connect to host
westcoastaggregate.com: could not connect to host
westendzone.com: could not connect to host
westerhoud.nl: did not receive HSTS header
westhighlandwhiteterrier.com.br: could not connect to host
+westlaketire.pt: did not receive HSTS header
westlinwinds.com: could not connect to host
westsussexconnecttosupport.org: could not connect to host
westtulsa.com: could not connect to host
@@ -17632,7 +18364,7 @@ wewillgo.com: could not connect to host
wewillgo.org: did not receive HSTS header
wewlad.me: could not connect to host
weyland.tech: did not receive HSTS header
-wezl.net: did not receive HSTS header
+weynaphotography.com: did not receive HSTS header
wf-training-master.appspot.com: did not receive HSTS header (error ignored - included regardless)
wftda.com: did not receive HSTS header
wg-tools.de: could not connect to host
@@ -17651,9 +18383,8 @@ whereismyorigin.cf: could not connect to host
wherephoto.com: did not receive HSTS header
wheresben.today: could not connect to host
whilsttraveling.com: could not connect to host
+whimtrip.fr: did not receive HSTS header
whisker.network: could not connect to host
-whiskyglazen.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-whisperinghoperanch.org: did not receive HSTS header
whistler-transfers.com: did not receive HSTS header
whitehat.id: could not connect to host
whiterabbit.org: did not receive HSTS header
@@ -17661,19 +18392,21 @@ whiterabbitcakery.com: could not connect to host
whiteready.it: did not receive HSTS header
whiteroom.agency: did not receive HSTS header
whitestagforge.com: did not receive HSTS header
+whoasome.com: could not connect to host
whoclicks.net: could not connect to host
-whoisamitsingh.com: did not receive HSTS header
+whoisamitsingh.com: could not connect to host
whoisapi.online: could not connect to host
whoiscuter.ml: could not connect to host
whoiscutest.ml: could not connect to host
wholebites.com: max-age too low: 7889238
wholelotofbounce.co.uk: did not receive HSTS header
-wholikes.us: could not connect to host
+wholikes.us: did not receive HSTS header
whoneedstobeprimaried.today: could not connect to host
whoownsmyavailability.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
whoshotya.de: did not receive HSTS header
whysuck.com: could not connect to host
wiapply.com: could not connect to host
+wiberg.nu: could not connect to host
wibruje.pl: did not receive HSTS header
wibuw.com: could not connect to host
widdleguy.com: did not receive HSTS header
@@ -17683,6 +18416,7 @@ wienerwichtelchallenge.at: did not receive HSTS header
wieninternational.at: did not receive HSTS header
wificafehosting.com: did not receive HSTS header
wifimapa.cz: could not connect to host
+wifimask.com: did not receive HSTS header
wiiaam.com: could not connect to host
wiiforum.no: did not receive HSTS header
wiire.me: could not connect to host
@@ -17701,14 +18435,16 @@ willcipriano.com: could not connect to host
willeminfo.ch: did not receive HSTS header
willemsjort.be: did not receive HSTS header
william.gg: did not receive HSTS header
-william.si: did not receive HSTS header
+william.si: could not connect to host
williamboundsltd.com: could not connect to host
williamsapiens.com: could not connect to host
williamsflintlocks.com: did not receive HSTS header
+williamsroom.com: did not receive HSTS header
williamtm.design: could not connect to host
-willkommen-fuerstenberg.de: could not connect to host
+willkommen-fuerstenberg.de: did not receive HSTS header
willosagiede.com: did not receive HSTS header
wilsonovi.com: could not connect to host
+wilsonvilleoregon.gov: could not connect to host
winaes.com: did not receive HSTS header
winclient.cn: could not connect to host
windholz.us: could not connect to host
@@ -17720,20 +18456,19 @@ windrunner.se: could not connect to host
winds.cf: could not connect to host
windwoodmedia.com: could not connect to host
windwoodweb.com: could not connect to host
-wine-importer.ru: did not receive HSTS header
+wine-importer.ru: could not connect to host
winebid.com: could not connect to host
winecodeavocado.com: could not connect to host
wineonthewall.com: max-age too low: 300
wineworksonline.com: could not connect to host
winfield.me.uk: did not receive HSTS header
-winfieldchen.me: did not receive HSTS header
winged.io: did not receive HSTS header
wingos.net: could not connect to host
wingumd.net: could not connect to host
winnersports.co: could not connect to host
winpack.cf: could not connect to host
winpack.eu.org: could not connect to host
-winportal.cz: did not receive HSTS header
+winportal.cz: could not connect to host
winsec.nl: could not connect to host
winshiplending.com: could not connect to host
winsufi.biz: could not connect to host
@@ -17742,13 +18477,13 @@ wipc.net: did not receive HSTS header
wipply.com: could not connect to host
wirbatz.org: did not receive HSTS header
wirc.gr: could not connect to host
-wiredcut.com: did not receive HSTS header
-wireframesoftware.com: could not connect to host
+wiredcut.com: could not connect to host
wireless-emergency-stop.com: did not receive HSTS header
wirelesswatch.com.au: could not connect to host
-wiretrip.io: did not receive HSTS header
+wiretrip.io: could not connect to host
wirkaufendeinau.to: could not connect to host
wisak.eu: could not connect to host
+wisal.org: did not receive HSTS header
wisdomize.me: could not connect to host
wiseflat.com: did not receive HSTS header
wiseloan.com: did not receive HSTS header
@@ -17759,7 +18494,7 @@ witae.com: could not connect to host
withgoogle.com: did not receive HSTS header (error ignored - included regardless)
withlocals.com: did not receive HSTS header
withmy.beer: could not connect to host
-withoutacrystalball.com: did not receive HSTS header
+withoutacrystalball.com: could not connect to host
withustrading.com: did not receive HSTS header
withyoutube.com: did not receive HSTS header (error ignored - included regardless)
wittcher.com: could not connect to host
@@ -17777,7 +18512,7 @@ wmawri.com: did not receive HSTS header
wmcuk.net: did not receive HSTS header
wmfinanz.com: could not connect to host
wmoda.com.br: could not connect to host
-wnmed.com.au: did not receive HSTS header
+wnmed.com.au: could not connect to host
wnmm.nl: could not connect to host
wnnc.co.uk: could not connect to host
woaiuhd.com: could not connect to host
@@ -17785,6 +18520,7 @@ wobblylang.org: could not connect to host
wochenentwicklung.com: did not receive HSTS header
wochennummern.de: could not connect to host
wod-stavby.cz: could not connect to host
+wodboss.com: could not connect to host
wodice.com: could not connect to host
wohnungsbau-ludwigsburg.de: did not receive HSTS header
woi.vision: could not connect to host
@@ -17794,7 +18530,6 @@ woktoss.com: could not connect to host
wolfemg.com: could not connect to host
wolfenland.net: did not receive HSTS header
wolfesden.com: could not connect to host
-wolfgang-kloke.de: could not connect to host
wolfram.io: could not connect to host
wolkenspeicher.org: could not connect to host
wollekorb.de: could not connect to host
@@ -17807,9 +18542,10 @@ wondershift.biz: did not receive HSTS header
wondy.com: could not connect to host
woodlandschurch.net: max-age too low: 43200
woodmafia.com.au: could not connect to host
-woodworkertip.com: did not receive HSTS header
-woomai.net: did not receive HSTS header
+woodworkertip.com: could not connect to host
+woomai.net: could not connect to host
woomu.me: could not connect to host
+wooplagaming.com: could not connect to host
woording.com: could not connect to host
wootton95.com: could not connect to host
wooviet.com: could not connect to host
@@ -17825,24 +18561,26 @@ workemy.com: could not connect to host
workfone.io: could not connect to host
workissime.com: did not receive HSTS header
workpermit.com.vn: could not connect to host
+workplaces.online: did not receive HSTS header
worksofwyoming.org: did not receive HSTS header
workwithgo.com: could not connect to host
world-education-association.org: could not connect to host
worldchess.london: could not connect to host
worldfree4.org: did not receive HSTS header
worldlist.org: could not connect to host
+worldofterra.net: could not connect to host
worldpovertysolutions.org: did not receive HSTS header
-worldrecipes.eu: did not receive HSTS header
worldsbeststory.com: did not receive HSTS header
worldwhisperer.net: could not connect to host
+wormdisk.net: could not connect to host
wormholevpn.net: could not connect to host
worshapp.com: did not receive HSTS header
-woshiluo.site: could not connect to host
wow-travel.eu: could not connect to host
wow202y5.com: did not receive HSTS header
wowapi.org: could not connect to host
wowhelp.it: could not connect to host
wowinvasion.com: did not receive HSTS header
+wp-bullet.com: did not receive HSTS header
wp-fastsearch.de: could not connect to host
wp-rescue.com.au: could not connect to host
wp-stack.pro: could not connect to host
@@ -17851,6 +18589,8 @@ wpblog.com.tw: could not connect to host
wpcarer.pro: could not connect to host
wpcheck.io: could not connect to host
wpcontrol.se: could not connect to host
+wpdesigner.ir: did not receive HSTS header
+wpdublin.com: could not connect to host
wpfast.net: could not connect to host
wpfortify.com: could not connect to host
wpg-inc.com: did not receive HSTS header
@@ -17869,6 +18609,7 @@ wpzhiku.com: did not receive HSTS header
wql.zj.cn: did not receive HSTS header
wrapit.hu: could not connect to host
wrapitup.co.uk: did not receive HSTS header
+wrara.org: could not connect to host
wrbunderwriting.com: did not receive HSTS header
wrfu.co.nz: did not receive HSTS header
wriedts.de: did not receive HSTS header
@@ -17883,7 +18624,6 @@ wroffle.com: did not receive HSTS header
wrwg.ca: could not connect to host
ws-meca.com: did not receive HSTS header
wsb-immo.at: could not connect to host
-wscbiolo.id: could not connect to host
wsdcap.com: could not connect to host
wsor.group: did not receive HSTS header
wss.com.ve: could not connect to host
@@ -17899,13 +18639,20 @@ wufupay.com: could not connect to host
wuhengmin.com: could not connect to host
wulpi.it: did not receive HSTS header
wumai.cloud: could not connect to host
+wumbo.cf: could not connect to host
+wumbo.ga: could not connect to host
+wumbo.gq: could not connect to host
wumbo.kiwi: could not connect to host
+wumbo.ml: could not connect to host
+wumbo.tk: could not connect to host
wundtherapie-schulung.de: could not connect to host
wurzelzwerg.net: could not connect to host
wusx.club: could not connect to host
wutianxian.com: could not connect to host
wvr-law.de: did not receive HSTS header
+wvv-8522.com: could not connect to host
wvw698.com: max-age too low: 2592000
+wwbsb.xyz: could not connect to host
wwjd.dynu.net: could not connect to host
wwv-8522.com: could not connect to host
www-001133.com: could not connect to host
@@ -17915,29 +18662,18 @@ www-1117.com: could not connect to host
www-38978.com: could not connect to host
www-39988.com: did not receive HSTS header
www-507.net: could not connect to host
-www-62755.com: did not receive HSTS header
+www-62755.com: could not connect to host
www-66136.com: did not receive HSTS header
www-746.com: could not connect to host
-www-7570.com: could not connect to host
+www-7570.com: did not receive HSTS header
www-771122.com: did not receive HSTS header
www-8003.com: did not receive HSTS header
www-88599.com: did not receive HSTS header
www-8887999.com: could not connect to host
-www-9649.com: could not connect to host
+www-9649.com: did not receive HSTS header
www-9995.com: could not connect to host
www-djbet.com: could not connect to host
www-jinshavip.com: could not connect to host
-www.amazon.ca: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-www.amazon.co.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-www.amazon.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-www.amazon.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-www.amazon.com.au: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-www.amazon.com.br: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-www.amazon.com.mx: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-www.amazon.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-www.amazon.fr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-www.amazon.it: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-www.amazon.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
www.captaintrain.com: did not receive HSTS header
www.cueup.com: could not connect to host
www.cyveillance.com: did not receive HSTS header
@@ -17967,14 +18703,14 @@ wwww.me.uk: did not receive HSTS header
wxrlab.com: could not connect to host
wxukang.cn: could not connect to host
wxyz.buzz: could not connect to host
-wxzm.sx: could not connect to host
wy6.org: did not receive HSTS header
wybmabiity.com: could not connect to host
wygluszanie.eu: could not connect to host
-wylog.ph: did not receive HSTS header
wyu.cc: could not connect to host
wyzphoto.nl: did not receive HSTS header
wyzwaniemilosci.com: could not connect to host
+wzfetish.com.br: could not connect to host
+wzrd.in: did not receive HSTS header
x-pertservice.com: did not receive HSTS header
x-power-detox.com: could not connect to host
x-ripped-hd.com: could not connect to host
@@ -17996,14 +18732,13 @@ xbc.nz: could not connect to host
xbind.io: could not connect to host
xchangeinfo.com: could not connect to host
xchating.com: could not connect to host
+xcler8.com: could not connect to host
xcompany.one: could not connect to host
xcoop.me: did not receive HSTS header
xd.fi: did not receive HSTS header
xd.gov: did not receive HSTS header
xdd.io: could not connect to host
xdty.org: could not connect to host
-xecure.zone: could not connect to host
-xecureit.com: could not connect to host
xehoivn.vn: could not connect to host
xellos.ga: could not connect to host
xellos.ml: could not connect to host
@@ -18011,7 +18746,7 @@ xenesisziarovky.sk: could not connect to host
xenosphere.tk: could not connect to host
xeonlab.com: could not connect to host
xeonlab.de: could not connect to host
-xett.com: could not connect to host
+xett.com: did not receive HSTS header
xfive.de: could not connect to host
xfrag-networks.com: did not receive HSTS header
xg3n1us.de: did not receive HSTS header
@@ -18040,19 +18775,22 @@ xing.ml: could not connect to host
xinghuokeji.xin: could not connect to host
xingiahanvisa.net: did not receive HSTS header
xinnixwebshop.be: did not receive HSTS header
+xiongx.cn: did not receive HSTS header
xiqi.us: did not receive HSTS header
-xirion.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+xirion.net: could not connect to host
xisa.it: could not connect to host
xivpn.com: could not connect to host
xiyu.it: did not receive HSTS header
xiyu.moe: did not receive HSTS header
+xj8876.com: max-age too low: 2592000
xjoi.net: did not receive HSTS header
-xlaff.com: could not connect to host
+xlaff.com: did not receive HSTS header
xlboo.com: could not connect to host
xlfblog.com: did not receive HSTS header
xlinar.com: could not connect to host
xmerak.com: did not receive HSTS header
xmiui.com: could not connect to host
+xmlogin288.com: could not connect to host
xmonk.org: did not receive HSTS header
xmr.my: could not connect to host
xn-----8kcgbo2bmdgkdacthvjf.xn--p1ai: could not connect to host
@@ -18078,6 +18816,7 @@ xn--80ablh1c.online: could not connect to host
xn--80ac0aqlt.xn--p1ai: could not connect to host
xn--80aocgsfei.xn--p1ai: could not connect to host
xn--88j2fy28hbxmnnf9zlw5buzd.com: did not receive HSTS header
+xn--8dry00a7se89ay98epsgxxq.com: did not receive HSTS header
xn--8mr166hf6s.xn--fiqs8s: could not connect to host
xn--98jm6m.jp: could not connect to host
xn--9pr52k0p5a.com: did not receive HSTS header
@@ -18087,13 +18826,16 @@ xn--cckvb1cwa0c5br5e2d2711k.net: could not connect to host
xn--datenrettung-mnchen-jbc.com: did not receive HSTS header
xn--dckya4a0bya6x.com: could not connect to host
xn--dckya4a0bya6x.jp: could not connect to host
+xn--die-zahnrzte-ncb.de: did not receive HSTS header
xn--dk8haaa.ws: could not connect to host
-xn--dmontaa-9za.com: did not receive HSTS header
+xn--dmontaa-9za.com: could not connect to host
xn--e--0g4aiy1b8rmfg3o.jp: could not connect to host
xn--e--4h4axau6ld4lna0g.com: could not connect to host
xn--e--ig4a4c3f6bvc5et632i.com: could not connect to host
xn--e--k83a5h244w54gttk.xyz: could not connect to host
+xn--ehq13kgw4e.ml: could not connect to host
xn--ekr87w7se89ay98ezcs.biz: did not receive HSTS header
+xn--elsignificadodesoar-c4b.com: did not receive HSTS header
xn--gfrrli-yxa.ch: could not connect to host
xn--gmq92k.nagoya: could not connect to host
xn--grnderlehrstuhl-0vb.de: could not connect to host
@@ -18102,6 +18844,7 @@ xn--hwt895j.xn--kpry57d: could not connect to host
xn--internetlnen-1cb.com: could not connect to host
xn--jp-6l5cs1yf3ivjsglphyv.net: could not connect to host
xn--jywq5uqwqxhd2onsij.jp: did not receive HSTS header
+xn--keditr-0xa.biz: could not connect to host
xn--l8j9d2b.jp: could not connect to host
xn--lgb3a8bcpn.cf: could not connect to host
xn--lgb3a8bcpn.ga: could not connect to host
@@ -18118,6 +18861,7 @@ xn--mhsv04avtt1xi.com: could not connect to host
xn--milchaufschumer-test-lzb.de: could not connect to host
xn--n8jubz39q0g0afpa985c.com: could not connect to host
xn--neb-tma3u8u.xyz: could not connect to host
+xn--nf1a578axkh.xn--fiqs8s: did not receive HSTS header
xn--o77hka.ga: could not connect to host
xn--p8jskj.jp: could not connect to host
xn--pck4e3a2ex597b4ml.xyz: did not receive HSTS header
@@ -18125,12 +18869,14 @@ xn--pckqk6xk43lunk.net: could not connect to host
xn--qckqc0nxbyc4cdb4527err7c.biz: did not receive HSTS header
xn--qckyd1cu698a35zarib.xyz: could not connect to host
xn--r77hya.ga: could not connect to host
+xn--rlcus7b3d.xn--xkc2dl3a5ee0h: could not connect to host
xn--rt-cja.eu: could not connect to host
xn--sdkwa9azd389v01ya.com: could not connect to host
xn--srenpind-54a.dk: could not connect to host
xn--t8j2a3042d.xyz: could not connect to host
xn--tda.ml: could not connect to host
xn--thorme-6uaf.ca: could not connect to host
+xn--trdler-xxa.xyz: could not connect to host
xn--u9jy16ncfao19mo8i.nagoya: could not connect to host
xn--uist1idrju3i.jp: did not receive HSTS header
xn--uort9oqoaj00bv04d.biz: did not receive HSTS header
@@ -18139,18 +18885,18 @@ xn--vck8crc010pu14e.biz: could not connect to host
xn--vck8crc655y34ioha.net: could not connect to host
xn--vck8crcu789ajtaj92eura.xyz: could not connect to host
xn--w22a.jp: could not connect to host
-xn--werner-schffer-fib.de: did not receive HSTS header
-xn--wmq.jp: could not connect to host
+xn--werner-schffer-fib.de: could not connect to host
+xn--wmq.jp: did not receive HSTS header
xn--xdtx3pfzbiw3ar8e7yedqrhui.com: could not connect to host
xn--xz1a.jp: could not connect to host
xn--y8j2eb5631a4qf5n0h.com: could not connect to host
xn--y8j5gq14rbdd.net: did not receive HSTS header
+xn--y8ja6lb.xn--q9jyb4c: could not connect to host
xn--yj8h0m.ws: could not connect to host
xn--ykrp42k.com: could not connect to host
xn--yoamomisuasbcn-ynb.com: could not connect to host
xn--zck9a4b352yuua.jp: did not receive HSTS header
xng.io: did not receive HSTS header
-xnu.kr: could not connect to host
xobox.me: could not connect to host
xoda.pw: could not connect to host
xoffy.com: did not receive HSTS header
@@ -18167,8 +18913,8 @@ xpj.sx: could not connect to host
xpjcunkuan.com: could not connect to host
xpressprint.com.br: max-age too low: 90
xpwn.cz: did not receive HSTS header
+xq55.com: did not receive HSTS header
xqin.net: could not connect to host
-xrippedhd.com: could not connect to host
xroot.org: did not receive HSTS header
xrp.pw: could not connect to host
xscancun.com: could not connect to host
@@ -18179,7 +18925,7 @@ xt.om: did not receive HSTS header
xtenz.xyz: could not connect to host
xtom.email: could not connect to host
xtom.io: could not connect to host
-xtream-hosting.com: could not connect to host
+xtream-hosting.com: did not receive HSTS header
xtream-hosting.de: could not connect to host
xtream-hosting.eu: could not connect to host
xtreamhosting.eu: could not connect to host
@@ -18206,6 +18952,7 @@ xy7272.com: could not connect to host
xy7373.com: could not connect to host
xyndrac.net: max-age too low: 2592000
xynex.us: could not connect to host
+xyngular-health.com: did not receive HSTS header
xynta.ch: could not connect to host
xyyp.mn: could not connect to host
xzoneadventure.com: did not receive HSTS header
@@ -18229,21 +18976,26 @@ yao-in.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR
yao-in.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
yaoidreams.com: could not connect to host
yaporn.tv: could not connect to host
-yarchives.jp: max-age too low: 0
+yarchives.jp: could not connect to host
yard-fu.com: could not connect to host
yardbird.us: could not connect to host
yarnhookup.com: did not receive HSTS header
+yarogneva.ru: could not connect to host
yasinaydin.net: did not receive HSTS header
yasutomonodokoiko.com: did not receive HSTS header
yaucy.win: could not connect to host
yawen.tw: did not receive HSTS header
+yawnbox.com: did not receive HSTS header
+yayart.club: could not connect to host
ybscareers.co.uk: did not receive HSTS header
ycaaz.com: did not receive HSTS header
ycc.wtf: could not connect to host
+ycherbonnel.fr: could not connect to host
ycm2.wtf: could not connect to host
ydy.jp: could not connect to host
yello.website: could not connect to host
yellowcar.website: could not connect to host
+yellowfly.co.uk: did not receive HSTS header
yemalu.com: could not connect to host
yemekbaz.az: could not connect to host
yennhi.co: could not connect to host
@@ -18255,21 +19007,23 @@ yenniferallulli.nl: could not connect to host
yepbitcoin.com: could not connect to host
yesdevnull.net: did not receive HSTS header
yesfone.com.br: could not connect to host
+yeshu.org: could not connect to host
yestees.com: did not receive HSTS header
yetcore.io: could not connect to host
yetishirt.com: could not connect to host
yffengshi.ml: could not connect to host
ygcdyf.com: did not receive HSTS header
yggdar.ga: could not connect to host
-yh35.net: max-age too low: 86400
+yh35.net: could not connect to host
yhori.xyz: could not connect to host
yhwj.top: could not connect to host
yibaoweilong.top: could not connect to host
yibin0831.com: could not connect to host
+yicknam.my: could not connect to host
yiffy.tips: did not receive HSTS header
yiffy.zone: did not receive HSTS header
-yigujin.cn: could not connect to host
yikzu.cn: could not connect to host
+yimgo.fr: could not connect to host
yin.roma.it: did not receive HSTS header
yin8888.tv: did not receive HSTS header
ying299.com: could not connect to host
@@ -18281,13 +19035,18 @@ yinhe12.net: did not receive HSTS header
yipingguo.com: could not connect to host
yippie.nl: could not connect to host
yizhu.com: could not connect to host
+yjsw.sh.cn: could not connect to host
+ykhut.com: could not connect to host
+ylde.de: could not connect to host
ylilauta.org: could not connect to host
ylk.io: could not connect to host
+ylwz.cc: did not receive HSTS header
ynode.co: did not receive HSTS header
ynsn.nl: could not connect to host
yntongji.com: could not connect to host
yob.vn: could not connect to host
yobst.tk: could not connect to host
+yocchan1513.net: did not receive HSTS header
yoga-prive.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
yoga.is-an-engineer.com: could not connect to host
yogatrainingrishikesh.com: could not connect to host
@@ -18302,31 +19061,35 @@ yoloprod.fr: could not connect to host
yoloseo.com: could not connect to host
yomena.in: could not connect to host
yomepre.com: could not connect to host
-yongbin.org: did not receive HSTS header
yopers.com: did not receive HSTS header
yorkshireterrier.com.br: could not connect to host
yorname.ml: did not receive HSTS header
yoru.me: could not connect to host
+yosheenetwork.fr: could not connect to host
+yotilab.com: could not connect to host
yotilabs.com: could not connect to host
youcaitian.com: did not receive HSTS header
youcancraft.de: could not connect to host
+youcanmakeit.at: could not connect to host
youcontrol.ru: could not connect to host
youdowell.com: did not receive HSTS header
youfencun.com: did not receive HSTS header
+yougot.pw: could not connect to host
youjizz.bz: could not connect to host
youlend.com: did not receive HSTS header
youlog.net: could not connect to host
-youmiracle.com: could not connect to host
youmonit.me: could not connect to host
youngandunited.nl: did not receive HSTS header
younl.net: could not connect to host
youon.tokyo: did not receive HSTS header
yourbapp.ch: could not connect to host
+yourfriendlytech.com: could not connect to host
+yourgadget.ro: could not connect to host
yourgame.co.il: did not receive HSTS header
-yourhair.net: could not connect to host
+yourhair.net: max-age too low: 0
youri.me: could not connect to host
yourlovesong.com.mx: could not connect to host
-yourname.xyz: did not receive HSTS header
+yourname.xyz: could not connect to host
yoursbookstore.jp: max-age too low: 0
yoursecondphone.co: could not connect to host
yourself.today: could not connect to host
@@ -18343,7 +19106,7 @@ youyoulemon.com: could not connect to host
ypcs.fi: did not receive HSTS header
ypiresia.fr: could not connect to host
yryz.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-ysicing.net: could not connect to host
+yspeo.biz: did not receive HSTS header
yspeo.com: max-age too low: 2592000
ysx.me.uk: did not receive HSTS header
ytb.zone: did not receive HSTS header
@@ -18351,14 +19114,16 @@ ytbmp3.com: did not receive HSTS header
ytbmp4.com: did not receive HSTS header
ytcuber.xyz: could not connect to host
ythyth.com: max-age too low: 2592000
-ytpak.com: could not connect to host
+ytpak.com: did not receive HSTS header
ytvwld.de: did not receive HSTS header
yu7.jp: did not receive HSTS header
yuanbenlian.com: did not receive HSTS header
yudan.com.br: could not connect to host
yude.ml: could not connect to host
+yue2.net: could not connect to host
yuema.net.cn: could not connect to host
yufan.me: did not receive HSTS header
+yugasun.com: could not connect to host
yugege.cf: could not connect to host
yuhen.ru: did not receive HSTS header
yui.cat: did not receive HSTS header
@@ -18383,7 +19148,8 @@ yuntama.xyz: could not connect to host
yunzhan.io: could not connect to host
yunzhu.org: could not connect to host
yuppi.tv: max-age too low: 43200
-yuqi.me: could not connect to host
+yuqi.me: did not receive HSTS header
+yurimoens.be: could not connect to host
yurinet.org: could not connect to host
yuriykuzmin.com: did not receive HSTS header
yutabon.com: could not connect to host
@@ -18393,6 +19159,7 @@ yux.fr: could not connect to host
yux.io: did not receive HSTS header
yuxingxin.com: did not receive HSTS header
yuzu.tk: did not receive HSTS header
+yvetteerasmus.com: max-age too low: 0
ywei.org: could not connect to host
ywyz.tech: could not connect to host
yya.bid: could not connect to host
@@ -18406,12 +19173,14 @@ z33.co: could not connect to host
z3liff.com: could not connect to host
z3liff.net: could not connect to host
zaalleatherwear.nl: did not receive HSTS header
+zabavno.mk: max-age too low: 0
zacharopoulos.me: could not connect to host
zachbolinger.com: could not connect to host
zachpeters.org: did not receive HSTS header
zadieheimlich.com: did not receive HSTS header
zadroweb.com: did not receive HSTS header
zaem.tv: could not connect to host
+zagluszaczgps.pl: could not connect to host
zahnrechner-staging.azurewebsites.net: could not connect to host
zahyantechnologies.com: did not receive HSTS header
zaidan.de: did not receive HSTS header
@@ -18420,6 +19189,7 @@ zaidanfood.com: did not receive HSTS header
zaidanfood.eu: did not receive HSTS header
zaidanlebensmittelhandel.de: did not receive HSTS header
zalan.do: could not connect to host
+zalohovaniburian.cz: could not connect to host
zamis.net: did not receive HSTS header
zamorano.edu: could not connect to host
zamos.ru: max-age too low: 0
@@ -18429,21 +19199,23 @@ zaoext.com: could not connect to host
zaoshanghao-dajia.rhcloud.com: could not connect to host
zap.yt: could not connect to host
zapatoshechoamano.pe: did not receive HSTS header
-zaptan.info: did not receive HSTS header
-zaptan.net: did not receive HSTS header
-zaptan.org: did not receive HSTS header
-zaptan.us: did not receive HSTS header
+zappos.com: did not receive HSTS header
+zaptan.net: could not connect to host
+zaptan.org: could not connect to host
+zaptan.us: could not connect to host
zargaripour.com: did not receive HSTS header
zarooba.com: could not connect to host
zavca.com: did not receive HSTS header
zbasenem.pl: did not receive HSTS header
zbchen.com: could not connect to host
zberger.com: could not connect to host
+zbetcheck.in: could not connect to host
zbigniewgalucki.eu: did not receive HSTS header
zbp.at: did not receive HSTS header
zby.io: could not connect to host
+zdravesteny.cz: could not connect to host
zdravotnickasluzba.eu: could not connect to host
-zdrowiepaleo.pl: did not receive HSTS header
+zdrowiepaleo.pl: could not connect to host
zdx.ch: max-age too low: 0
zeb.fun: could not connect to host
zebibyte.cn: could not connect to host
@@ -18455,6 +19227,7 @@ zefiris.org: did not receive HSTS header
zefu.ca: could not connect to host
zehdenick-bleibt-bunt.de: could not connect to host
zehntner.ch: max-age too low: 3600
+zeitoununiversity.org: could not connect to host
zeitzer-turngala.de: could not connect to host
zelfmoord.ga: could not connect to host
zelfstandigemakelaars.net: could not connect to host
@@ -18474,6 +19247,7 @@ zentralwolke.de: did not receive HSTS header
zenvite.com: could not connect to host
zenwears.com: could not connect to host
zenycosta.com: could not connect to host
+zeparadox.com: could not connect to host
zepect.com: did not receive HSTS header
zera.com.au: could not connect to host
zerekin.net: max-age too low: 86400
@@ -18485,6 +19259,7 @@ zerofox.gq: could not connect to host
zeroling.com: could not connect to host
zeroml.ml: could not connect to host
zerosource.net: could not connect to host
+zerowastesavvy.com: could not connect to host
zerowastesonoma.gov: could not connect to host
zerudi.com: did not receive HSTS header
zetadisseny.es: did not receive HSTS header
@@ -18506,6 +19281,7 @@ zhaojin97.cn: could not connect to host
zhendingresources.com: did not receive HSTS header
zhengouwu.com: could not connect to host
zhenmeish.com: could not connect to host
+zhenyan.org: could not connect to host
zhh.in: could not connect to host
zhihua-lai.com: did not receive HSTS header
zhiin.net: could not connect to host
@@ -18513,7 +19289,6 @@ zhikin.com: could not connect to host
zhimajk.com: could not connect to host
zhiwei.me: did not receive HSTS header
zhoujiashu.com: could not connect to host
-zhuji.com: could not connect to host
zhuji.com.cn: could not connect to host
zhuji5.com: could not connect to host
zhujicaihong.com: could not connect to host
@@ -18522,7 +19297,6 @@ zi0r.com: did not receive HSTS header
zian.online: could not connect to host
zicklam.com: could not connect to host
zigcore.com.br: could not connect to host
-zii.bz: could not connect to host
zikirakhirzaman.com: could not connect to host
zinc-x.com: did not receive HSTS header
zinenapse.info: could not connect to host
@@ -18534,15 +19308,19 @@ zivagold.com: did not receive HSTS header
zivy-ruzenec.cz: could not connect to host
zixo.sk: could not connect to host
ziyuanabc.xyz: could not connect to host
-ziz.exchange: could not connect to host
+ziz.exchange: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
zizoo.com: did not receive HSTS header
-zju.tv: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+zju.tv: could not connect to host
zjubtv.com: could not connect to host
zjutv.com: could not connect to host
+zjyifa.cn: could not connect to host
zkillboard.com: did not receive HSTS header
zking.ga: could not connect to host
-zlc1994.com: could not connect to host
+zl0iu.com: did not receive HSTS header
+zl8862.com: could not connect to host
+zlc1994.com: did not receive HSTS header
zlcp.com: could not connect to host
+zmala.com: did not receive HSTS header
zmsastro.co.za: could not connect to host
zmscable.com: did not receive HSTS header
zmy.im: could not connect to host
@@ -18555,6 +19333,7 @@ zohar.link: could not connect to host
zohar.shop: could not connect to host
zoi.jp: could not connect to host
zokster.net: could not connect to host
+zolokar.xyz: could not connect to host
zolotoy-standart.com.ua: did not receive HSTS header
zombiesecured.com: could not connect to host
zomiac.pp.ua: could not connect to host
@@ -18580,7 +19359,7 @@ zpy.fun: could not connect to host
zq789.com: could not connect to host
zqhong.com: could not connect to host
zqjs.tk: could not connect to host
-zqwqz.com: could not connect to host
+zqstudio.top: could not connect to host
zrhdwz.cn: could not connect to host
zrkr.de: could not connect to host
zrn.in: did not receive HSTS header
@@ -18590,13 +19369,12 @@ ztytian.com: could not connect to host
zuan-in.com: could not connect to host
zuan-in.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
zubora.co: could not connect to host
-zubro.net: could not connect to host
zuckerfloh.de: did not receive HSTS header
zudomc.me: could not connect to host
zuehlcke.de: could not connect to host
zukix.com: could not connect to host
zulu7.com: did not receive HSTS header
-zunda.cafe: did not receive HSTS header
+zunda.cafe: could not connect to host
zunftmarke.de: did not receive HSTS header
zurickrelogios.com.br: did not receive HSTS header
zutsu-raku.com: did not receive HSTS header
@@ -18604,15 +19382,16 @@ zuviel.space: could not connect to host
zvejonys.lt: did not receive HSTS header
zvncloud.com: did not receive HSTS header
zvz.im: could not connect to host
+zwalcz-cellulit.com: did not receive HSTS header
zwembadheeten.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
zx1168.com: could not connect to host
zx2268.com: could not connect to host
zxavier.com: did not receive HSTS header
-zxc.science: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
zxity.co.uk: could not connect to host
zxity.ltd: could not connect to host
zxity.uk: could not connect to host
zyf.pw: could not connect to host
+zyger.co.za: did not receive HSTS header
zymbit.com: did not receive HSTS header
zync.ca: did not receive HSTS header
zypgr.com: could not connect to host
diff --git a/security/manager/ssl/nsSTSPreloadList.inc b/security/manager/ssl/nsSTSPreloadList.inc
index 66c7922fa..209beded5 100644
--- a/security/manager/ssl/nsSTSPreloadList.inc
+++ b/security/manager/ssl/nsSTSPreloadList.inc
@@ -8,7 +8,7 @@
/*****************************************************************************/
#include <stdint.h>
-const PRTime gPreloadListExpirationTime = INT64_C(1551523663318000);
+const PRTime gPreloadListExpirationTime = INT64_C(1554207118864000);
class nsSTSPreload
{
@@ -42,10 +42,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "02327.net", true },
{ "02375.net", true },
{ "023sec.com", true },
- { "02607.com", true },
{ "026122.com", true },
{ "02638.net", true },
- { "03170317.com", true },
{ "0391315.com", true },
{ "046569.com", true },
{ "050.ca", true },
@@ -86,7 +84,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "083965.com", true },
{ "083967.com", true },
{ "08detaxe.fr", true },
- { "09115.com", true },
{ "0916app.com", true },
{ "09892.net", true },
{ "0au.de", true },
@@ -113,7 +110,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "0x7d.com", true },
{ "0x7fffffff.net", true },
{ "0x90.io", true },
- { "0xaa55.me", true },
{ "0xabe.io", true },
{ "0xacab.org", true },
{ "0xda.de", true },
@@ -129,6 +125,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "1000minds.com", true },
{ "1000serien.com", true },
{ "1001carats.fr", true },
+ { "1001firms.com", true },
{ "1001kartini.com", true },
{ "1001kerstpakketten.com", false },
{ "1001mv.com", true },
@@ -152,14 +149,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "10439.net", true },
{ "10453.net", true },
{ "10495.net", true },
- { "1066.io", true },
{ "10774.net", true },
{ "10840.net", true },
- { "10gb.io", true },
{ "10hz.de", true },
{ "10og.de", true },
{ "10ppm.com", true },
- { "10xiuxiu.com", true },
{ "112app.nl", true },
{ "112hz.com", true },
{ "114514ss.com", true },
@@ -190,7 +184,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "124133.com", true },
{ "124633.com", true },
{ "125m125.de", true },
- { "1288366.com", true },
{ "1288fc.com", true },
{ "12photos.eu", true },
{ "12thmanrising.com", true },
@@ -199,7 +192,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "130.ua", true },
{ "132kv.ch", true },
{ "1359826938.rsc.cdn77.org", true },
- { "1395kj.com", true },
{ "13th-dover.uk", true },
{ "143533.com", true },
{ "143633.com", true },
@@ -220,20 +212,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "15-10.com", true },
{ "1511774230.rsc.cdn77.org", true },
{ "152433.com", true },
+ { "1527web.com", true },
{ "154233.com", true },
{ "154633.com", true },
{ "154933.com", true },
{ "156433.com", true },
{ "1590284872.rsc.cdn77.org", true },
+ { "159cp.com", true },
{ "1600esplanade.com", true },
{ "160887.com", true },
{ "1644091933.rsc.cdn77.org", true },
{ "1661237.com", true },
- { "16book.org", true },
+ { "1750studios.com", false },
{ "1768calc.com.au", true },
{ "1811559.com", true },
{ "1844329061.rsc.cdn77.org", true },
{ "1876996.com", true },
+ { "188da.com", true },
{ "188dv.com", true },
{ "1895media.com", true },
{ "189fc.com", true },
@@ -255,8 +250,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "1c-power.ru", true },
{ "1cover.co.nz", true },
{ "1cover.com.au", true },
+ { "1cswd.com", true },
{ "1e9.nl", true },
- { "1europlan.nl", true },
{ "1f123.net", true },
{ "1fach-digital.de", true },
{ "1hourproofreading.com", true },
@@ -293,20 +288,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "1stforfun.co.uk", true },
{ "1stpeninsulabouncers.co.uk", true },
{ "1volcano.ru", true },
+ { "1way.faith", true },
{ "1whw.co.uk", true },
{ "1wirelog.de", true },
{ "1wl.uk", true },
{ "2.wtf", true },
{ "200.network", true },
{ "2012.ovh", true },
+ { "20188088.com", true },
{ "20at.com", true },
{ "20denier.com", true },
{ "215dy.net", true },
{ "21sthammersmith.org.uk", true },
{ "21stnc.us", true },
{ "21x9.org", true },
+ { "222001.com", true },
{ "2222yh.com", true },
- { "22digital.agency", true },
+ { "22vetter.st", true },
{ "230beats.com", true },
{ "23333.link", true },
{ "2333666.xyz", true },
@@ -318,9 +316,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "233hugo.com", true },
{ "233ss.net", true },
{ "233vps.com", true },
+ { "233yes.com", true },
{ "24-7.jp", true },
{ "245meadowvistaway.com", true },
{ "246060.ru", true },
+ { "247exchange.com", true },
{ "247healthshop.com", true },
{ "247medplan.com", true },
{ "2495dentalimplants.com", true },
@@ -330,6 +330,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "24hourlocksmithbaltimore.com", true },
{ "24hourlocksmithdallastx.com", true },
{ "24hourlocksmithdetroit.com", true },
+ { "24hourlocksmithshouston.com", true },
{ "24hoursanantoniolocksmiths.com", true },
{ "24hourscienceprojects.com", true },
{ "24ip.com", true },
@@ -347,6 +348,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "28-industries.com", true },
{ "281180.de", true },
{ "2858958.com", true },
+ { "286.com", true },
{ "28peaks.com", true },
{ "28spots.net", true },
{ "291167.xyz", true },
@@ -370,6 +372,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "2chan.jp", true },
{ "2cv-fahrer.de", true },
{ "2fm.ie", true },
+ { "2fm.radio", true },
{ "2fraud.pro", true },
{ "2g1s.net", true },
{ "2gen.com", true },
@@ -378,7 +381,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "2hypeenterprises.com", true },
{ "2kgwf.fi", true },
{ "2krueger.de", true },
- { "2li.ch", true },
{ "2manydots.nl", true },
{ "2mb.solutions", true },
{ "2mir.com", true },
@@ -439,7 +441,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "33445222.com", true },
{ "33445333.com", true },
{ "33445444.com", true },
- { "33836.com", true },
+ { "33jiasu.com", true },
{ "340422.com", true },
{ "340622.com", true },
{ "340922.com", true },
@@ -507,6 +509,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "375422.com", true },
{ "379700.com", true },
{ "380422.com", true },
+ { "388da.com", true },
{ "390422.com", true },
{ "392422.com", true },
{ "393335.ml", true },
@@ -533,6 +536,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "3countiescastlehire.co.uk", true },
{ "3cs.ch", true },
{ "3d-fotoservice.de", true },
+ { "3de5.nl", true },
{ "3deeplearner.com", true },
{ "3djuegos.com", true },
{ "3dmedium.de", true },
@@ -542,9 +546,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "3drenaline.com", true },
{ "3haeuserprojekt.org", true },
{ "3haueserprojekt.org", true },
- { "3hl0.net", true },
- { "3ik.us", true },
- { "3james.com", true },
{ "3logic.ru", true },
{ "3lot.ru", true },
{ "3n5b.com", true },
@@ -589,6 +590,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "41studio.com", true },
{ "41where.com", true },
{ "420java.com", true },
+ { "42ch.com", true },
+ { "42day.info", true },
+ { "439050.com", true },
{ "440887.com", true },
{ "441jj.com", false },
{ "442887.com", true },
@@ -596,6 +600,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "4444yh.com", true },
{ "444887.com", true },
{ "445887.com", true },
+ { "44sec.com", true },
{ "451.ooo", true },
{ "4553s.com", true },
{ "4553vip.com", true },
@@ -605,12 +610,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "4736666.com", true },
{ "4756666.com", true },
{ "4786666.com", true },
- { "47essays.com", true },
{ "491mhz.net", true },
{ "49889.com", true },
{ "49dollaridahoregisteredagent.com", true },
{ "4c-haircare.com", true },
- { "4decor.org", true },
{ "4everproxy.com", true },
{ "4eyes.ch", true },
{ "4fit.ro", true },
@@ -647,7 +650,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "500h500.com", true },
{ "500i500.com", true },
{ "500j500.com", true },
- { "500k.nl", true },
{ "500k500.com", true },
{ "500l500.com", true },
{ "500m500.com", true },
@@ -669,10 +671,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "504922.com", true },
{ "506422.com", true },
{ "506pay.com", true },
- { "508088.com", true },
{ "50lakeshore.com", true },
{ "50north.de", true },
- { "50plusnet.nl", true },
{ "514122.com", true },
{ "514522.com", true },
{ "514622.com", true },
@@ -682,8 +682,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "51877.net", true },
{ "519422.com", true },
{ "51acg.eu.org", true },
- { "51aifuli.com", true },
- { "51tiaojiu.com", true },
{ "524022.com", true },
{ "524622.com", true },
{ "524922.com", true },
@@ -716,21 +714,28 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "55639.com", true },
{ "55797.com", true },
{ "558da.com", true },
+ { "566380.com", true },
+ { "575380.com", true },
{ "576422.com", true },
+ { "578380.com", true },
{ "579422.com", true },
- { "57he.com", true },
{ "57wilkie.net", true },
{ "583422.com", true },
+ { "585380.com", true },
{ "585422.com", true },
{ "586422.com", true },
{ "588da.com", true },
+ { "591380.com", true },
{ "591422.com", true },
+ { "592380.com", true },
{ "592422.com", true },
{ "5930593.com", true },
+ { "593380.com", true },
{ "594022.com", true },
{ "594622.com", true },
{ "595422.com", true },
{ "596422.com", true },
+ { "598380.com", true },
{ "5986fc.com", true },
{ "5997891.com", true },
{ "5apps.com", true },
@@ -743,7 +748,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "5gb.space", true },
{ "5kraceforals.com", true },
{ "5percentperweek.com", true },
- { "5starbouncycastlehire.co.uk", true },
{ "5thchichesterscouts.org.uk", true },
{ "5y.fi", true },
{ "602422.com", true },
@@ -765,6 +769,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "624322.com", true },
{ "624522.com", true },
{ "624922.com", true },
+ { "626380.com", true },
{ "626422.com", true },
{ "630422.com", true },
{ "631422.com", true },
@@ -809,7 +814,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "649622.com", true },
{ "649722.com", true },
{ "649822.com", true },
- { "64bitservers.net", false },
{ "651422.com", true },
{ "652422.com", true },
{ "6541166.com", true },
@@ -827,7 +831,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "6548877.com", true },
{ "656088.com", true },
{ "659422.com", true },
- { "65d88.com", true },
{ "66136.com", true },
{ "6616fc.com", true },
{ "6633445.com", true },
@@ -837,7 +840,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "666668722.com", true },
{ "6666yh.com", true },
{ "666omg.com", true },
- { "6677.us", true },
{ "66b.com", true },
{ "66bwf.com", true },
{ "670422.com", true },
@@ -846,6 +848,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "673422.com", true },
{ "676422.com", true },
{ "679422.com", true },
+ { "680226.com", true },
{ "680422.com", true },
{ "68277.me", true },
{ "686848.com", true },
@@ -858,15 +861,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "694922.com", true },
{ "6969.us", true },
{ "698da.com", true },
+ { "69928.com", true },
{ "6997896.com", true },
{ "69butterfly.com", true },
{ "69fps.gg", true },
{ "69wasted.net", true },
+ { "6ird.com", true },
{ "6lo.zgora.pl", true },
{ "6pm.com", true },
{ "6t-montjoye.org", true },
{ "700.az", true },
{ "704233.com", true },
+ { "7045.com", true },
{ "704533.com", true },
{ "7045h.com", true },
{ "704633.com", true },
@@ -889,7 +895,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "736433.com", true },
{ "738433.com", true },
{ "739433.com", true },
- { "73info.com", false },
{ "740833.com", true },
{ "741833.com", true },
{ "742833.com", true },
@@ -905,14 +910,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "7885765.com", true },
{ "7891553.com", true },
{ "7891997.com", true },
+ { "79ch.com", true },
{ "7careconnect.com", true },
{ "7delights.com", true },
{ "7delights.in", true },
{ "7geese.com", true },
{ "7graus.pt", true },
{ "7kicks.com", true },
- { "7kovrikov.ru", true },
- { "7proxies.com", true },
+ { "7qly.com", true },
{ "7sons.de", true },
{ "7thcircledesigns.com", true },
{ "7trade8.com", true },
@@ -922,10 +927,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "809422.com", true },
{ "80993.net", true },
{ "814022.com", true },
+ { "81818app.com", true },
{ "8189196.com", true },
{ "818bwf.com", true },
{ "818da.com", true },
{ "8349822.com", true },
+ { "850226.com", true },
{ "8522.com", true },
{ "8522club.com", true },
{ "8522hk.com", true },
@@ -937,8 +944,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "8649955.com", true },
{ "8649966.com", true },
{ "8649977.com", true },
- { "8688fc.com", true },
- { "86metro.ru", true },
{ "8722.am", true },
{ "8722am.com", true },
{ "8722cn.com", true },
@@ -946,6 +951,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "8722ph.com", true },
{ "8722tw.com", true },
{ "8722usa.com", true },
+ { "88-line.com", true },
+ { "88-line.net", true },
+ { "881-line.com", true },
+ { "881-line.net", true },
{ "8818k3.com", true },
{ "8833445.com", true },
{ "88522am.com", true },
@@ -1032,22 +1041,31 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "888funcity.com", true },
{ "888funcity.net", true },
{ "88bwf.com", true },
+ { "88yule11.com", true },
+ { "88yule112.com", true },
+ { "88yule113.com", true },
+ { "88yule12.com", true },
+ { "88yule13.com", true },
+ { "88yule15.com", true },
+ { "88yule16.com", true },
+ { "88yule6.com", true },
+ { "88yule7.com", true },
+ { "88yule9.com", true },
{ "8ack.de", true },
{ "8ackprotect.com", true },
{ "8da188.com", true },
{ "8da222.com", true },
{ "8da88.com", true },
{ "8da999.com", true },
+ { "8dabet.com", true },
{ "8hrs.net", true },
{ "8maerz.at", true },
- { "8pecxstudios.com", true },
- { "8shequapp.com", true },
- { "8svn.com", true },
{ "8t8.eu", true },
{ "8tech.com.hk", true },
{ "8thportsmouth.org.uk", true },
{ "8tuffbeers.com", true },
{ "8xxbet.net", true },
+ { "8y.network", true },
{ "9-11commission.gov", true },
{ "903422.com", true },
{ "905422.com", true },
@@ -1081,6 +1099,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "949122.com", true },
{ "949622.com", true },
{ "949722.com", true },
+ { "94cs.cn", false },
{ "9679693.com", true },
{ "9681909.com", true },
{ "972422.com", true },
@@ -1099,13 +1118,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "9918883.com", true },
{ "9933445.com", true },
{ "99599.fi", true },
- { "99599.net", true },
{ "9994553.com", true },
{ "9998722.com", true },
{ "99998522.com", true },
{ "99999822.com", true },
{ "999998722.com", true },
{ "99rst.org", true },
+ { "99wxt.com", true },
{ "9farm.com", true },
{ "9fvip.net", true },
{ "9jajuice.com", true },
@@ -1114,7 +1133,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "9tolife.be", true },
{ "9uelle.jp", true },
{ "9vx.org", true },
- { "9y.at", true },
{ "9yw.me", true },
{ "a-1basements.com", true },
{ "a-1indianawaterproofing.com", true },
@@ -1124,7 +1142,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "a-little-linux-box.at", true },
{ "a-msystems.com", true },
{ "a-oben.org", true },
- { "a-starbouncycastles.co.uk", true },
{ "a-wife.net", true },
{ "a-ztransmission.com", true },
{ "a0print.nl", true },
@@ -1133,12 +1150,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "a1moldsolutions.com", true },
{ "a1scuba.com", true },
{ "a1scubastore.com", true },
+ { "a2a.me", true },
+ { "a2a.net", true },
{ "a2nutrition.com.au", true },
- { "a3.pm", true },
+ { "a2os.club", true },
{ "a4sound.com", true },
{ "a632079.me", true },
- { "a7m2.me", true },
- { "a8q.org", true },
+ { "a7la-chat.com", true },
{ "aa-tour.ru", true },
{ "aa1718.net", true },
{ "aaapl.com", true },
@@ -1153,16 +1171,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aalstmotors-usedcars.be", true },
{ "aaltocapital.com", true },
{ "aamwa.com", true },
- { "aanbieders.ga", true },
{ "aandeautobody.com", true },
{ "aandkevents.co.uk", true },
{ "aanmpc.com", true },
{ "aaomidi.com", true },
+ { "aapar.nl", true },
{ "aapas.org.ar", true },
+ { "aarklendoia.com", true },
{ "aarkue.eu", true },
{ "aaron.cm", true },
{ "aaron.xin", true },
- { "aaronburt.co.uk", true },
{ "aaronhorler.com", true },
{ "aaronhorler.com.au", true },
{ "aaronkimmig.de", true },
@@ -1174,6 +1192,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aavienna.com", true },
{ "abaapplianceservice.com", true },
{ "abaaustin.com", true },
+ { "ababyco.com.hr", true },
{ "abacusbouncycastle.co.uk", true },
{ "abacustech.co.jp", true },
{ "abandonedmines.gov", true },
@@ -1187,6 +1206,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "abbruch-star.de", true },
{ "abc-rz.de", true },
{ "abc.li", true },
+ { "abc8081.net", true },
{ "abcbouncycastlessurrey.co.uk", true },
{ "abcbouncyfactory.co.uk", true },
{ "abcdef.be", true },
@@ -1203,6 +1223,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "abeestrada.com", false },
{ "abeilles-idapi.fr", true },
{ "abenteuer-ahnenforschung.de", true },
+ { "abeontech.com", true },
{ "aberdeencastles.co.uk", true },
{ "aberdeenjudo.co.uk", true },
{ "abeus.com", true },
@@ -1218,6 +1239,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "abilma.com", true },
{ "abilymp06.net", true },
{ "abimelec.com", true },
+ { "abinferis.com", true },
{ "abinyah.com", true },
{ "abitidalavoro.roma.it", true },
{ "abitur97ag.de", true },
@@ -1260,6 +1282,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aboutict.nl", true },
{ "aboutlegal.nl", true },
{ "aboutmedia.nl", true },
+ { "aboutmyproperty.ca", true },
{ "aboutspice.com", true },
{ "aboutyou.at", true },
{ "aboutyou.be", true },
@@ -1275,6 +1298,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "abristolgeek.co.uk", true },
{ "abseits.org", true },
{ "absolem.cc", true },
+ { "absolutcruceros.com", true },
{ "absoluteautobody.com", true },
{ "absolutedouble.co.uk", true },
{ "absolutehaitian.com", true },
@@ -1282,12 +1306,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "absolutelyinflatables.co.uk", true },
{ "absoluterush.net", true },
{ "absolutewebdesigns.com", true },
+ { "absolutviajes.com", true },
+ { "abstractbarista.net", true },
{ "abstraction21.com", true },
{ "absturztau.be", true },
{ "absturztaube.ch", true },
{ "absynthe-inquisition.fr", true },
{ "abthorpe.org", true },
+ { "abublog.com", true },
{ "abulanov.com", true },
+ { "abundanteconomy.com", true },
{ "abundent.com", true },
{ "abuse.fi", true },
{ "abuse.io", true },
@@ -1295,9 +1323,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "abvlbasketviganello.ch", true },
{ "abyssproject.net", true },
{ "ac-admin.pl", true },
+ { "ac-epmservices.com", true },
{ "ac-town.com", true },
{ "ac0g.dyndns.org", true },
{ "aca-creative.co.uk", true },
+ { "academiadebomberosonline.com", true },
{ "academicexperts.us", true },
{ "academichealthscience.net", true },
{ "academie-de-police.ch", true },
@@ -1314,7 +1344,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "acceleratenetworks.com", true },
{ "accelerateyourworld.org", true },
{ "accelerator.net", true },
- { "accelsnow.com", true },
{ "accentthailand.com", true },
{ "accesloges.com", true },
{ "accessacab.co.uk", true },
@@ -1330,6 +1359,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "accordiondoor.com", true },
{ "accounts.firefox.com", true },
{ "accounts.google.com", true },
+ { "accpl.co", true },
{ "accpodcast.com", true },
{ "accredit.ly", true },
{ "accudraftpaintbooths.com", true },
@@ -1356,7 +1386,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "acevik.de", true },
{ "acfo.org", true },
{ "acg.social", true },
- { "acg18.us", false },
{ "acgtalktw.com", true },
{ "achalay.org", true },
{ "acheconcursos.com.br", true },
@@ -1407,7 +1436,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "acriticismlab.org", true },
{ "acrolife.cz", true },
{ "acroso.me", true },
- { "across.ml", true },
{ "acrosstheblvd.com", true },
{ "acroyoga-nuernberg.de", true },
{ "acrylbilder-acrylmalerei.de", true },
@@ -1419,10 +1447,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "acsemb.org", true },
{ "acsports.ca", true },
{ "actc.org.uk", true },
- { "actc81.fr", true },
{ "actgruppe.de", true },
+ { "actheater.com", true },
{ "actiefgeld.nl", true },
{ "actioncleaningnd.com", true },
+ { "actionfinancialservices.net", true },
{ "actionlabs.net", true },
{ "actionmadagascar.ch", true },
{ "actionsack.com", true },
@@ -1445,11 +1474,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "actorsroom.com", true },
{ "actserv.co.ke", true },
{ "actualadmins.com", true },
+ { "actualidadblog.com", true },
{ "actualidadecommerce.com", true },
{ "actualidadgadget.com", true },
{ "actualidadiphone.com", true },
{ "actualidadkd.com", true },
+ { "actualidadliteratura.com", true },
{ "actualidadmotor.com", true },
+ { "actualidadviajes.com", true },
+ { "actuatemedia.com", true },
{ "acuica.co.uk", false },
{ "acul.me", true },
{ "acupofsalt.tv", true },
@@ -1468,10 +1501,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ad-notam.pt", true },
{ "ad-notam.us", true },
{ "ada.gov", true },
+ { "adaera.com", true },
{ "adalis.org", true },
{ "adam-ant.co.uk", true },
{ "adam-kostecki.de", true },
{ "adam-wilson.me", true },
+ { "adam.lgbt", true },
{ "adamas-magicus.ru", true },
{ "adambalogh.net", true },
{ "adambyers.com", true },
@@ -1512,6 +1547,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "addones.net", true },
{ "addtoany.com", true },
{ "adduono.com", true },
+ { "addvalue-renovations.co.uk", true },
+ { "addydari.us", true },
{ "adelebeals.com", true },
{ "adelightfulglow.com", true },
{ "adeline.mobi", true },
@@ -1536,6 +1573,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "adlerosn.com", true },
{ "adlerosn.com.br", true },
{ "adlershop.ch", true },
+ { "adlignum.se", true },
{ "adm-sarov.ru", true },
{ "adme.co.il", true },
{ "admin-serv.net", true },
@@ -1548,17 +1586,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "adminlinux.pl", true },
{ "admino.cz", true },
{ "admins.tech", true },
+ { "adminwerk.net", true },
{ "adminwiki.fr", true },
{ "admirable.one", true },
+ { "admirable.pro", true },
{ "admody.com", true },
{ "admongo.gov", true },
{ "adnanoktar.com", true },
{ "adnanotoyedekparca.com", true },
{ "adnot.am", true },
{ "adnseguros.es", true },
+ { "adonizer.science", true },
{ "adonnante.com", true },
{ "adoptionlink.co.uk", true },
- { "adorade.ro", true },
{ "adorai.tk", true },
{ "adorecricket.com", true },
{ "adorewe.com", true },
@@ -1592,6 +1632,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "advanced-scribes.com", true },
{ "advanced.info", true },
{ "advanceddieselspokane.com", true },
+ { "advanceddisposables.co.uk", true },
{ "advancedoneroofing.com", true },
{ "advancedprotectionkey.com", true },
{ "advancedprotectionsecuritykey.com", true },
@@ -1602,7 +1643,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "advancyte.com", true },
{ "advantagehomeexteriors.com", true },
{ "advara.com", true },
- { "advelty.cz", true },
{ "advenacs.com.au", true },
{ "advenapay.com", true },
{ "adventaholdings.com", true },
@@ -1616,6 +1656,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "adventurenow.nl", true },
{ "adventures.de", true },
{ "adventureswithlillie.ca", true },
+ { "adventurousway.com", true },
{ "advertis.biz", true },
{ "advicepro.org.uk", true },
{ "advocate-europe.eu", true },
@@ -1627,7 +1668,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "advokat-romanov.com", true },
{ "advtran.com", true },
{ "adware.pl", true },
- { "adwokatkosterka.pl", true },
{ "adwokatzdunek.pl", true },
{ "adws.io", true },
{ "adxperience.com", true },
@@ -1649,6 +1689,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ae-construction.co.uk", true },
{ "aebian.org", true },
{ "aecexpert.fr", true },
+ { "aedollon.com", true },
{ "aefcleaning.com", true },
{ "aegee-utrecht.nl", true },
{ "aegisalarm.co.uk", true },
@@ -1659,7 +1700,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aegrel.ee", true },
{ "aehe.us", true },
{ "aei.co.uk", true },
- { "aelisya.ch", true },
{ "aeon.co", true },
{ "aep-digital.com", true },
{ "aeradesign.com", true },
@@ -1689,11 +1729,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aextron.com", true },
{ "aextron.de", true },
{ "aextron.org", true },
- { "af-internet.nl", true },
+ { "aeyoun.com", true },
{ "afavre.io", true },
{ "afb24.de", true },
{ "afbeelding.im", true },
{ "afbeeldinguploaden.nl", true },
+ { "afcmrs.org", true },
{ "afcompany.it", true },
{ "afcurgentcarelyndhurst.com", true },
{ "affichagepub3.com", true },
@@ -1705,6 +1746,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "affissioni.roma.it", true },
{ "affittacamere.roma.it", true },
{ "affittialmare.it", true },
+ { "affittisalento.it", true },
{ "affloc.com", true },
{ "affordableazdivorce.com", true },
{ "affordableblindsexpress.com", true },
@@ -1736,14 +1778,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "afrikarl.de", true },
{ "afrodigital.uk", true },
{ "afs-asso.org", true },
+ { "afscheidsportret.nl", true },
{ "aftab-alam.de", true },
{ "after.digital", true },
{ "afterhate.fr", true },
- { "afterskool.eu", true },
{ "afuh.de", true },
{ "afva.net", true },
{ "afwd.international", true },
- { "afzco.asia", true },
{ "ag-websolutions.de", true },
{ "ag8-game.com", true },
{ "agalliasis.ch", true },
@@ -1754,7 +1795,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "agechecker.net", true },
{ "ageg.ca", true },
{ "agemfis.com", true },
- { "agenceklic.com", true },
{ "agencewebstreet.com", true },
{ "agenciadeempregosdourados.com.br", true },
{ "agenciafiscal.pe", true },
@@ -1805,7 +1845,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "agouralighting.com", true },
{ "agouraoutdoorlighting.com", true },
{ "agr.asia", true },
+ { "agracan.com", true },
{ "agrajag.nl", true },
+ { "agrarking.com", true },
{ "agrarking.de", true },
{ "agrarshop4u.de", true },
{ "agrekov.ru", true },
@@ -1819,6 +1861,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "agro-forestry.net", true },
{ "agroline.by", true },
{ "agroxxi.ru", false },
+ { "agroyard.com.ua", true },
{ "agsb.ch", true },
{ "agscinemas.com", true },
{ "agscinemasapp.com", true },
@@ -1827,8 +1870,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "agy.cl", true },
{ "ahawkesrealtors.com", true },
{ "ahd.com", false },
+ { "ahegao.ca", true },
{ "aheng.me", true },
{ "ahero4all.org", true },
+ { "ahkubiak.ovh", true },
{ "ahlaejaba.com", true },
{ "ahlz.sk", true },
{ "ahmad.works", true },
@@ -1848,6 +1893,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ai.gov", true },
{ "ai.je", true },
{ "aia.de", true },
+ { "aiasesoriainmobiliaria.com", true },
{ "aibenzi.com", true },
{ "aibiying.com", true },
{ "aicial.co.uk", true },
@@ -1855,8 +1901,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aidanmitchell.co.uk", true },
{ "aidanmitchell.uk", true },
{ "aidanmontare.net", true },
+ { "aidanpr.com", true },
+ { "aidanpr.net", true },
{ "aiden.link", true },
{ "aidhan.net", true },
+ { "aidi-ahmi.com", true },
{ "aids.gov", true },
{ "aie.de", true },
{ "aiforsocialmedia.com", true },
@@ -1866,6 +1915,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aignermunich.com", true },
{ "aignermunich.de", true },
{ "aignermunich.jp", true },
+ { "aiheisi.com", true },
+ { "aiho.stream", true },
{ "aiicy.org", true },
{ "aiida.se", true },
{ "aijsk.com", true },
@@ -1881,6 +1932,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ailitonia.xyz", true },
{ "aimax.com", true },
{ "aimeeandalec.com", true },
+ { "aimerworld.com", true },
{ "aimgroup.co.tz", true },
{ "aimi-salon.com", true },
{ "aimotive.com", true },
@@ -1892,6 +1944,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aipbarcelona.com", true },
{ "air-craftglass.com", true },
{ "air-shots.ch", true },
+ { "air-techniques.fr", true },
{ "air-we-go.co.uk", true },
{ "airbnb.ae", true },
{ "airbnb.at", true },
@@ -1966,7 +2019,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "airbossofamerica.com", true },
{ "airclass.com", true },
{ "aircomms.com", true },
- { "airconssandton.co.za", true },
{ "airductclean.com", false },
{ "airductcleaning-fresno.com", true },
{ "airductcleaninggrandprairie.com", true },
@@ -1976,7 +2028,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "airetvie.com", true },
{ "airhart.me", true },
{ "airhelp.com", true },
+ { "airhorn.de", true },
{ "airi-tabei.com", true },
+ { "airicy.com", true },
{ "airikai.com", true },
{ "airlibre-parachutisme.com", true },
{ "airmail.cc", true },
@@ -1994,6 +2048,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "airtoolaccessoryo.com", true },
{ "airvpn.org", true },
{ "airvuz.com", true },
+ { "airware.com", true },
{ "airwaystorage.net", true },
{ "airweb.top", true },
{ "airwegobouncycastles.co.uk", true },
@@ -2013,7 +2068,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aiwdirect.com", true },
{ "aixvox.com", false },
{ "aizxxs.com", true },
- { "aizxxs.net", true },
{ "ajapaik.ee", true },
{ "ajarope.com", true },
{ "ajaxed.net", true },
@@ -2047,7 +2101,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "akihito.com", true },
{ "akijo.de", true },
{ "akilli-devre.com", true },
- { "akita-boutique.com", true },
{ "akiym.com", true },
{ "akj.io", true },
{ "akkbouncycastles.co.uk", true },
@@ -2059,7 +2112,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "akpwebdesign.com", true },
{ "akr.io", true },
{ "akr.services", true },
- { "akritikos.info", true },
{ "akronet.cz", false },
{ "akropol.cz", false },
{ "akropolis-ravensburg.de", true },
@@ -2073,12 +2125,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aktiv-naturheilmittel.de", true },
{ "aktivace.eu", true },
{ "aktivierungscenter.de", true },
- { "aktuelle-uhrzeit.at", true },
{ "akuislam.com", true },
{ "akukas.com", true },
{ "akustik.tech", true },
{ "akutun.cl", true },
{ "akvorrat.at", true },
+ { "akyildiz.net", true },
{ "al3366.tech", true },
{ "al3xpro.com", true },
{ "alab.space", true },
@@ -2113,13 +2165,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "albbounce.co.uk", true },
{ "albersdruck.de", true },
{ "albertathome.org", true },
+ { "albertbogdanowicz.pl", true },
{ "albertcuyp-markt.amsterdam", true },
{ "albertinum-goettingen.de", true },
{ "albinma.com", true },
{ "albion2.org", true },
{ "alboweb.nl", true },
{ "albrocar.com", true },
- { "albuic.tk", true },
{ "alca31.com", true },
{ "alchimic.ch", true },
{ "alcnutrition.com", true },
@@ -2138,13 +2190,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alek.in", true },
{ "aleksejjocic.tk", true },
{ "aleksib.fi", true },
- { "alela.fr", true },
{ "alerbon.net", true },
{ "alertboxx.com", true },
{ "alertonline.nl", true },
{ "alerts.sg", true },
{ "alertwire.com", true },
{ "alesia-formation.fr", true },
+ { "alessandroonline.com.br", true },
{ "aletm.it", true },
{ "alex-ross.co.uk", true },
{ "alex97000.de", true },
@@ -2156,19 +2208,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alexanderzinn.com", true },
{ "alexandra-schulze.de", true },
{ "alexandrastorm.com", true },
- { "alexandrastylist.com", true },
+ { "alexandrastylist.com", false },
{ "alexandre-blond.fr", true },
{ "alexandros.io", true },
{ "alexbaker.org", true },
{ "alexberts.ch", true },
+ { "alexbogovich.com", true },
{ "alexbresnahan.com", true },
{ "alexcoman.com", true },
{ "alexdaniel.org", true },
- { "alexdaulby.com", true },
{ "alexei.su", false },
{ "alexey-shamara.ru", true },
{ "alexeykopytko.com", true },
{ "alexgaynor.net", true },
+ { "alexgebhard.com", true },
{ "alexhd.de", true },
{ "alexio.ml", true },
{ "alexisabarca.com", true },
@@ -2194,10 +2247,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alexvdveen.nl", true },
{ "alexvetter.de", true },
{ "alexwardweb.com", true },
+ { "alexwilliams.tech", true },
{ "alexyang.me", true },
{ "alfa-tech.su", true },
{ "alfaperfumes.com.br", true },
+ { "alfred-figge.de", true },
{ "alftrain.com", true },
+ { "algbee.com", true },
{ "algeriepart.com", true },
{ "alghanimcatering.com", true },
{ "algoaware.eu", true },
@@ -2211,7 +2267,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aliaswp.com", true },
{ "alibangash.com", true },
{ "alibiloungelv.com", true },
- { "alibip.de", true },
{ "alice-noutore.com", true },
{ "alice.tw", true },
{ "alicemaywebdesign.com.au", true },
@@ -2222,6 +2277,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alienflight.com", true },
{ "alienslab.net", true },
{ "alienstat.com", true },
+ { "alienvision.com.br", true },
{ "alignrs.com", true },
{ "aliim.gdn", true },
{ "alijammusic.com", true },
@@ -2238,7 +2294,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aljaspod.com", true },
{ "aljaspod.hu", true },
{ "aljaspod.net", true },
- { "aljweb.com", true },
{ "all-connect.net", false },
{ "all-fashion-schools.com", true },
{ "all-markup-news.com", true },
@@ -2268,7 +2323,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alldewall.de", true },
{ "alldigitalsolutions.com", true },
{ "alle.bg", true },
- { "allemobieleproviders.nl", true },
{ "allemoz.com", true },
{ "allemoz.fr", true },
{ "allenosgood.com", true },
@@ -2279,10 +2333,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "allesrocknroll.de", true },
{ "allforyou.at", true },
{ "allfreelancers.su", false },
+ { "allfundsconnect.com", true },
{ "allgaragefloors.com", true },
{ "allgreenturf.com.au", true },
{ "alliance-psychiatry.com", true },
- { "alliances-faq.de", true },
{ "alliances-globalsolutions.com", true },
{ "alliedfrozenstorage.com", true },
{ "alligatorge.de", true },
@@ -2296,7 +2350,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "allmend-ru.de", true },
{ "allns.fr", true },
{ "allo-credit.ch", true },
- { "allo-symo.fr", true },
{ "allofthestops.com", true },
{ "allontanamentovolatili.it", true },
{ "allontanamentovolatili.milano.it", true },
@@ -2322,14 +2375,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "allthecryptonews.com", true },
{ "allthethings.co.nz", true },
{ "allthings.me", true },
- { "allthingssquared.com", true },
{ "allthingswild.co.uk", true },
+ { "allurebikerental.com", true },
{ "allurescarves.com", true },
{ "alluvion.studio", true },
- { "allvips.ru", true },
{ "allweatherlandscaping.net", true },
{ "almaatlantica.com", true },
- { "almavios.com", true },
+ { "almavios.com", false },
+ { "almayadeen.education", true },
{ "almorafestival.com", true },
{ "almut-zielonka.de", true },
{ "aloesoluciones.com.ar", true },
@@ -2337,7 +2390,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alonetone.com", true },
{ "alp.od.ua", true },
{ "alpca.org", true },
- { "alpencam.com", true },
{ "alpencams.com", true },
{ "alpengreis.ch", true },
{ "alpenjuice.com", true },
@@ -2378,7 +2430,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alpiniste.fr", true },
{ "alqassam.net", true },
{ "alquiaga.com", true },
- { "alrait.com", true },
+ { "alquiladoramexico.com", true },
{ "alroniks.com", true },
{ "als-japan.com", true },
{ "alstertouch.com", true },
@@ -2386,7 +2438,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alstroemeria.org", true },
{ "alt-three.com", true },
{ "alt.org", true },
- { "altapina.com", true },
+ { "altair.fi", true },
+ { "altapina.com", false },
{ "altaplana.be", true },
{ "altedirect.com", true },
{ "alter-news.fr", true },
@@ -2395,15 +2448,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alternative.bike", true },
{ "alternativebit.fr", true },
{ "alternativedev.ca", true },
+ { "alternativeinternet.ca", true },
{ "alternativet.party", true },
{ "alterspalter.de", true },
{ "altes-sportamt.de", true },
{ "altesses.eu", true },
{ "altestore.com", true },
+ { "altisdev.com", true },
{ "altkremsmuensterer.at", true },
{ "altmaestrat.es", true },
{ "altoa.cz", true },
- { "altonblom.com", true },
{ "altopartners.com", true },
{ "altopia.com", true },
{ "altphotos.com", true },
@@ -2413,6 +2467,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "altunbas.info", true },
{ "alumni-kusa.jp", true },
{ "alupferd.de", true },
+ { "aluro.info", true },
{ "aluroof.eu", true },
{ "alvcs.com", true },
{ "alviano.com", true },
@@ -2438,7 +2493,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "am3.se", true },
{ "ama.ne.jp", true },
{ "amadvice.com", true },
- { "amaforro.com", true },
{ "amagdic.com", true },
{ "amagical.net", false },
{ "amaiz.com", true },
@@ -2448,9 +2502,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "amalfipositanoboatrental.com", true },
{ "amalfirock.it", true },
{ "amalfitabula.it", true },
+ { "amanatrustbooks.org.uk", true },
{ "amandadamsphotography.com", true },
{ "amandasage.ca", true },
{ "amani-kinderdorf.de", true },
+ { "amardham.org", true },
{ "amaresq.com", true },
{ "amartinz.at", true },
{ "amateurchef.co.uk", true },
@@ -2544,6 +2600,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ampersandnbspsemicolon.com", true },
{ "amphetamines.org", true },
{ "amphibo.ly", true },
+ { "ampol-agd.pl", true },
{ "ampproject.com", true },
{ "ampproject.org", true },
{ "amrcaustin.com", true },
@@ -2562,7 +2619,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "anacreon.de", true },
{ "anadiyogacentre.com", true },
{ "anaethelion.fr", true },
- { "anajianu.ro", true },
{ "analbleachingguide.com", true },
{ "analgesia.net", true },
{ "analisilaica.it", true },
@@ -2587,7 +2643,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "anchev.net", true },
{ "anchorit.gov", true },
{ "anchovy.nz", false },
+ { "anciens.org", true },
{ "ancientcraft.eu", true },
+ { "ancientnorth.com", true },
{ "ancientnorth.nl", true },
{ "ancolies-andre.com", true },
{ "anconaswine.com", true },
@@ -2598,11 +2656,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "andarpersassi.it", true },
{ "andel.info", false },
{ "anders.hamburg", true },
- { "anderskp.dk", true },
+ { "anderskp.dk", false },
{ "andersonshatch.com", true },
{ "andiplusben.com", true },
{ "andisadhdspot.com", true },
- { "andiscyber.space", true },
{ "anditi.com", true },
{ "andoms.fi", true },
{ "andre-ballensiefen.de", true },
@@ -2625,18 +2682,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "andreasmuelhaupt.de", true },
{ "andreasolsson.se", true },
{ "andree.cloud", true },
- { "andrefaber.nl", true },
{ "andrehansen.de", true },
{ "andrei-nakov.org", true },
- { "andrejstefanovski.com", true },
{ "andrelauzier.com", true },
{ "andreoliveira.io", true },
+ { "andrespaz.com", true },
{ "andreundnina.de", true },
{ "andrew.fi", true },
{ "andrew.london", true },
{ "andrewbdesign.com", true },
{ "andrewdaws.io", true },
{ "andrewensley.com", true },
+ { "andrewhowden.com", true },
{ "andrewimeson.com", true },
{ "andrewin.ru", true },
{ "andrewmichaud.com", true },
@@ -2683,12 +2740,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "anedot.xyz", true },
{ "aneebahmed.com", true },
{ "anegabawa.com", true },
- { "aneslix.com", true },
+ { "aneslix.com", false },
{ "anetaben.nl", true },
{ "anextraordinaryday.net", true },
- { "ange-de-bonheur444.com", true },
{ "angehardy.com", true },
{ "angel-body.com", true },
+ { "angelcojuelo.com", true },
{ "angelesydemonios.es", true },
{ "angelicare.co.uk", true },
{ "angelinahair.com", true },
@@ -2713,6 +2770,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "angusmak.com", true },
{ "anhaffen.lu", true },
{ "ani-man.de", true },
+ { "anicam.fr", true },
{ "aniforprez.net", true },
{ "animacurse.moe", true },
{ "animaemundi.be", true },
@@ -2733,15 +2791,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "animeai.com", true },
{ "animefluxxx.com", true },
{ "animeinsights.net", true },
+ { "animes-portal.info", true },
{ "animesharp.com", true },
{ "animetriad.com", true },
- { "animojis.es", true },
{ "animorphsfanforum.com", true },
{ "anipassion.com", false },
{ "anitaalbersen.nl", true },
{ "anitube.ch", true },
{ "aniwhen.com", true },
{ "anjoola.com", true },
+ { "ankane.org", true },
{ "ankarakart.com.tr", true },
{ "ankaraprofesyonelwebtasarim.com", true },
{ "ankaraseo.name.tr", true },
@@ -2762,10 +2821,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "anna.info", true },
{ "annaenemma.nl", true },
{ "annafiore.com.br", true },
+ { "annangela.moe", true },
{ "annarokina.com", true },
{ "annasvapor.se", true },
{ "annawagner.pl", true },
{ "annedaniels.co.uk", true },
+ { "anneeden.de", true },
{ "annejan.com", true },
{ "anneliesonline.nl", true },
{ "annema.biz", true },
@@ -2776,7 +2837,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "anniversary-cruise.com", true },
{ "annmariewaltsphotography.com", true },
{ "annonasoftware.com", true },
- { "annotate.software", true },
{ "annoyingasfuk.com", true },
{ "annuaire-jcb.com", true },
{ "annuaire-photographe.fr", false },
@@ -2786,7 +2846,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "anon-next.de", true },
{ "anoncom.net", true },
{ "anoncrypto.org", true },
- { "anoneko.com", true },
{ "anongoth.pl", true },
{ "anons.fr", true },
{ "anonym-surfen.de", true },
@@ -2807,7 +2866,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ansgar-sonntag.de", true },
{ "ansgarsonntag.de", true },
{ "anshar.eu", true },
- { "ansibeast.net", true },
{ "ansichtssache.at", true },
{ "ansogning-sg.dk", true },
{ "anstaskforce.gov", true },
@@ -2819,6 +2877,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "antaresmedia.com.py", true },
{ "antarespc.com", true },
{ "antcas.com", true },
+ { "antennista.bari.it", true },
{ "antennista.catania.it", true },
{ "antennista.milano.it", true },
{ "antennista.pavia.it", true },
@@ -2827,6 +2886,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "antennisti.milano.it", true },
{ "antennisti.roma.it", true },
{ "anteprima.info", true },
+ { "antfie.com", true },
{ "anthedesign.fr", true },
{ "anthisis.tv", true },
{ "anthony.codes", true },
@@ -2852,6 +2912,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "antispeciesism.com", true },
{ "antispeciesist.com", true },
{ "antivirusprotection.reviews", true },
+ { "antocom.com", true },
{ "antoga.eu", true },
{ "antoinedeschenes.com", true },
{ "antoinemary.com", true },
@@ -2863,6 +2924,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "antota.lt", true },
{ "antragsgruen.de", true },
{ "antroposofica.com.br", true },
+ { "anttitenhunen.com", true },
{ "antvklik.com", true },
{ "antyblokada.pl", true },
{ "anulowano.pl", true },
@@ -2875,9 +2937,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "anynode.net", true },
{ "anyon.com", true },
{ "anypeer.net", true },
- { "anypool.fr", true },
- { "anypool.net", true },
- { "anyprime.net", true },
{ "anyquestions.govt.nz", true },
{ "anystack.xyz", true },
{ "anzeiger.ag", true },
@@ -2886,6 +2945,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aoa.gov", true },
{ "aoadatacommunity.us", true },
{ "aoaprograms.net", true },
+ { "aoeuaoeu.com", true },
{ "aofusa.net", true },
{ "aoil.gr", true },
{ "aoku3d.com", true },
@@ -2908,6 +2968,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "apartment-natik.fr", true },
{ "apartmentkroatien.at", true },
{ "apartmentregister.com.au", true },
+ { "apasaja.tech", true },
{ "apbox.de", true },
{ "apcemporium.co.uk", true },
{ "apcube.com", true },
@@ -2938,7 +2999,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "apiary.supplies", true },
{ "apiary.supply", true },
{ "apila.care", true },
- { "apiled.io", true },
+ { "apila.us", true },
{ "apination.com", true },
{ "apio.systems", true },
{ "apis.google.com", true },
@@ -2951,10 +3012,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aplpackaging.co.uk", true },
{ "aplu.fr", true },
{ "aplus-usa.net", true },
+ { "aplusdownload.com", true },
{ "apluswaterservices.com", true },
+ { "apm.com.tw", true },
{ "apn-dz.org", true },
{ "apn-einstellungen.de", true },
- { "apo-deutschland.biz", true },
{ "apobot.de", true },
{ "apogeephoto.com", true },
{ "apoil.org", true },
@@ -2964,7 +3026,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aposke.com", true },
{ "aposke.net", true },
{ "aposke.org", true },
- { "apostilasaprovacao.com", true },
{ "apotheke-ch.org", true },
{ "apothes.is", true },
{ "app-at.work", true },
@@ -2979,7 +3040,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "appartement-evolene.net", true },
{ "appartementhaus-badria.de", true },
{ "appartementmarsum.nl", true },
- { "appchive.net", true },
{ "appearance-plm.de", true },
{ "appel-aide.ch", true },
{ "appelaprojets.fr", true },
@@ -3007,6 +3067,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "apponline.com", true },
{ "apprank.in", true },
{ "apprenticeship.gov", true },
+ { "apprenticeships.gov", true },
{ "approbo.com", true },
{ "approvedtreecare.com", true },
{ "apps.co", true },
@@ -3016,19 +3077,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "apps4inter.net", true },
{ "appscloudplus.com", true },
{ "appseccalifornia.org", false },
+ { "appsforlondon.com", true },
{ "appshuttle.com", true },
{ "appt.ch", true },
{ "apptomics.com", true },
{ "appuals.com", true },
{ "appui-de-fenetre.fr", true },
{ "appveyor.com", true },
+ { "appxcrypto.com", true },
{ "appzoojoo.be", true },
{ "apratimsaha.com", true },
- { "aprefix.com", true },
{ "apretatuercas.es", true },
{ "aprikaner.de", true },
{ "aprogend.com.br", true },
+ { "aproposcomputing.com", true },
{ "aprovpn.com", true },
+ { "aprr.org", true },
{ "aprsdroid.org", true },
{ "aprz.de", true },
{ "apsa.paris", true },
@@ -3043,6 +3107,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aquabar.co.il", true },
{ "aquabio.ch", true },
{ "aquadonis.ch", true },
+ { "aquagarden.com.pl", true },
{ "aquahomo.com", true },
{ "aquainfo.net", true },
{ "aqualife.com.gr", true },
@@ -3051,7 +3116,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aquapoint.kiev.ua", true },
{ "aquarium-supplement.net", true },
{ "aquaron.com", true },
- { "aquaselect.eu", true },
{ "aquatechnologygroup.com", true },
{ "aquaundine.net", true },
{ "aquavitaedayspa.com.au", true },
@@ -3075,7 +3139,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "araratour.com", true },
{ "araro.ch", true },
{ "araseifudousan.com", true },
- { "arawaza.biz", true },
{ "arawaza.com", false },
{ "araxis.com", true },
{ "arbeitsch.eu", true },
@@ -3089,6 +3152,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arcaik.net", true },
{ "arcbouncycastles.co.uk", true },
{ "arcenergy.co.uk", true },
+ { "archaeoadventures.com", true },
{ "archimedicx.com", true },
{ "archined.nl", true },
{ "architectryan.com", true },
@@ -3120,11 +3184,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arenlor.com", true },
{ "arenlor.info", true },
{ "arenns.com", true },
+ { "areqgaming.com", true },
{ "ares-trading.de", true },
{ "arethsu.se", true },
{ "arfad.ch", true },
{ "arg.zone", true },
- { "argama-nature.com", false },
+ { "argama-nature.com", true },
{ "arganaderm.ch", true },
{ "argb.de", true },
{ "argekultur.at", true },
@@ -3142,7 +3207,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arijitdg.net", true },
{ "arikar.eu", true },
{ "arima.co.ke", true },
- { "arimarie.com", true },
{ "arinde.ee", true },
{ "arise19.com", true },
{ "arisevendor.net", true },
@@ -3159,13 +3223,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arkacrao.org", true },
{ "arkadiyt.com", true },
{ "arkaic.dyndns.org", true },
- { "arkbyte.com", true },
{ "arkulagunak.com", false },
{ "arlatools.com", true },
{ "arlen.tv", true },
{ "arlenarmageddon.com", true },
{ "arletalibrary.com", true },
{ "arlingtonelectric.com", true },
+ { "arm-host.com", true },
{ "armadaquadrat.com", true },
{ "armandsdiscount.com", true },
{ "armanozak.com", true },
@@ -3216,10 +3280,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arqueo-ecuatoriana.ec", true },
{ "arquitetura.pt", true },
{ "arrakis.se", true },
+ { "arraudi.be", true },
{ "arrazane.com.br", true },
{ "arresttracker.com", true },
{ "arrive.by", true },
{ "arrmaforum.com", true },
+ { "arroba.digital", true },
{ "arrow-analytics.nl", true },
{ "arrow-api.nl", true },
{ "arrowfastener.com", true },
@@ -3227,7 +3293,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arrowheadflats.com", true },
{ "arrowwebprojects.nl", true },
{ "arschkrebs.org", true },
- { "arsplus.ru", true },
+ { "arsplus.ru", false },
{ "arswb.men", true },
{ "art-auction.jp", true },
{ "art-et-culture.ch", true },
@@ -3241,10 +3307,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arteaga.tech", true },
{ "arteaga.uk", true },
{ "arteaga.xyz", true },
+ { "artebel.com.br", true },
{ "artecat.ch", true },
{ "artedellavetrina.it", true },
{ "artedona.com", true },
- { "arteequipamientos.com.uy", true },
{ "artefakt.es", true },
{ "artefeita.com.br", true },
{ "arteinstudio.it", true },
@@ -3256,6 +3322,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "artfabrics.com", true },
{ "artforum.sk", true },
{ "artfullyelegant.com", true },
+ { "arthan.me", true },
{ "arthermitage.org", true },
{ "arthur.cn", true },
{ "arthurlaw.ca", true },
@@ -3265,6 +3332,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "artimpact.ch", true },
{ "artioml.net", true },
{ "artionet.ch", true },
+ { "artis-game.net", true },
{ "artisan-cheminees-poeles-design.fr", true },
{ "artisans-libres.com", true },
{ "artisansoftaste.com", true },
@@ -3278,8 +3346,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "artlogo.sk", true },
{ "artmanager.dk", true },
{ "artmarketingnews.com", true },
- { "artmaxi.eu", true },
{ "artmoney.com", true },
+ { "artofcode.co.uk", true },
{ "artofmonitoring.com", false },
{ "artofwhere.com", true },
{ "artratio.net", true },
@@ -3302,6 +3370,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arvindhariharan.me", true },
{ "arvutiladu.ee", true },
{ "arw.me", true },
+ { "arxell.com", true },
+ { "aryalaroca.de", true },
{ "aryan-nation.com", true },
{ "aryasenna.net", true },
{ "arzid.com", true },
@@ -3311,6 +3381,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "as44222.net", true },
{ "asadatec.de", true },
{ "asadzulfahri.com", true },
+ { "asafaweb.com", true },
{ "asafilm.co", true },
{ "asandu.eu", true },
{ "asanger.biz", true },
@@ -3322,21 +3393,24 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ascension.run", true },
{ "ascensori.biz", true },
{ "ascgathering.com", true },
+ { "ascii.moe", true },
{ "asciitable.tips", true },
{ "asciiwwdc.com", true },
{ "asd.gov.au", true },
{ "asdyx.de", true },
{ "asec01.net", true },
{ "asegem.es", true },
- { "aseith.com", true },
{ "aseko.gr", true },
{ "asenno.com", true },
{ "aserver.co", true },
{ "asexualitat.cat", true },
{ "asgapps.co.za", true },
+ { "asge-handel.de", true },
+ { "ashastalent.com", true },
{ "ashd1.goip.de", true },
{ "ashd2.goip.de", true },
{ "ashd3.goip.de", true },
+ { "ashkan-rechtsanwalt-arbeitsrecht-paderborn.de", true },
{ "ashleyedisonuk.com", true },
{ "ashlocklawgroup.com", true },
{ "ashmportfolio.com", true },
@@ -3351,9 +3425,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "asianshops.net", true },
{ "asianspa.co.uk", true },
{ "asiba.com.au", true },
+ { "asiesvenezuela.com", true },
{ "asiinc-tex.com", true },
{ "asile-colis.fr", true },
{ "asinetasima.com", true },
+ { "asisee.photography", true },
{ "ask.fi", true },
{ "ask1.org", true },
{ "askcaisse.com", true },
@@ -3365,11 +3441,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "askvg.com", true },
{ "askwhy.cz", true },
{ "askwhy.eu", true },
- { "aslinfinity.com", true },
{ "asmbsurvey.com", true },
{ "asmdz.com", true },
{ "asmood.net", true },
{ "asoul.tw", true },
+ { "aspargesgaarden.no", true },
{ "aspatrimoine.com", true },
{ "aspcl.ch", true },
{ "aspectcontext.com", true },
@@ -3402,7 +3478,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "assistenzalavatrice.org", true },
{ "assistenzamicroonde.org", true },
{ "assodigitale.it", true },
- { "asspinter.me", true },
{ "assumptionpj.org", true },
{ "astal.rs", true },
{ "astarbouncycastles.co.uk", true },
@@ -3413,6 +3488,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "astenotarili.online", true },
{ "astenretail.com", true },
{ "astral-imperium.uk", true },
+ { "astral.org.pl", true },
{ "astrology42.com", true },
{ "astroscopy.ch", true },
{ "astrovandalistas.cc", true },
@@ -3422,17 +3498,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "asucrews.com", true },
{ "asuka.io", true },
{ "asun.co", true },
+ { "asurbernardo.com", true },
{ "asurepay.cc", false },
{ "asustreiber.de", true },
{ "asvsa.ch", true },
{ "asws.nl", true },
{ "asystent-dzierzawy.pl", true },
- { "at-one.ca", true },
{ "at.search.yahoo.com", false },
{ "ataber.pw", true },
{ "atac.no", true },
{ "atacadocervejeiro.com.br", true },
{ "atacadodesandalias.com.br", true },
+ { "atallo.com", true },
+ { "atallo.es", true },
{ "ataton.ch", true },
{ "atc.io", true },
{ "atchleyjazz.com", true },
@@ -3453,13 +3531,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "atelierdesflammesnoires.fr", true },
{ "atelierfantazie.sk", true },
{ "atelierhsn.com", true },
- { "atelierhupsakee.nl", true },
{ "ateliernaruby.cz", true },
{ "ateliers-veronese-nantes.fr", true },
{ "atelierssud.ch", true },
{ "atelierssud.swiss", true },
{ "atencionbimbo.com", false },
{ "atendimentodelta.com.br", true },
+ { "aterskapa-data.se", true },
{ "atgoetschel.ch", true },
{ "atgroup.gr", true },
{ "atgseed.co.uk", true },
@@ -3486,11 +3564,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "atl-paas.net", true },
{ "atlantahairsurgeon.com", true },
{ "atlantareroof.com", true },
+ { "atlantaspringroll.com", true },
+ { "atlantichomes.com.au", true },
{ "atlanticpediatricortho.com", true },
{ "atlantis-kh.noip.me", true },
{ "atlantischild.hu", true },
{ "atlantishq.de", true },
{ "atlantiswaterproofing.com", true },
+ { "atlas-heritage.com", true },
{ "atlasbrown.com", true },
{ "atlaschiropractic.org", true },
{ "atlascultural.com", true },
@@ -3508,7 +3589,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "atom86.net", true },
{ "atombase.org", true },
{ "atomic-bounce.com", true },
- { "atomic.red", true },
{ "atomicbounce.co.uk", true },
{ "atomism.com", true },
{ "atorcidabrasileira.com.br", true },
@@ -3518,9 +3598,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "atraverscugy.ch", true },
{ "atrinik.org", true },
{ "atsoftware.de", true },
+ { "atspeeds.com", true },
{ "attac.us", true },
{ "atte.fi", true },
- { "attelage.net", true },
{ "attendantdesign.com", true },
{ "attendu.cz", true },
{ "attention.horse", true },
@@ -3557,7 +3637,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "audiense.com", false },
{ "audio-detector.com", true },
{ "audiobookboo.com", true },
- { "audiobookstudio.com", true },
{ "audiolibri.org", true },
{ "audiolot.com", true },
{ "audion.cc", true },
@@ -3575,14 +3654,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "audits.io", true },
{ "auditsquare.com", true },
{ "audreyjudson.com", true },
+ { "auenhof-agrar.de", true },
{ "auerbach-verlag.de", true },
{ "auf-feindgebiet.de", true },
{ "augen-seite.de", true },
- { "augiero.it", true },
{ "augmentable.de", false },
{ "augmented-portal.com", true },
{ "august-don.site", true },
- { "august.black", true },
{ "augustian-life.cz", true },
{ "augustiner-kantorei-erfurt.de", true },
{ "augustiner-kantorei.de", true },
@@ -3600,6 +3678,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "auri.ga", true },
{ "auricblue.com", true },
{ "auriko-games.de", true },
+ { "aurnik.com", true },
{ "aurora-multimedia.co.uk", true },
{ "auroraassociationofrealtors.com", true },
{ "aurosa.cz", true },
@@ -3609,6 +3688,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aus-ryugaku.info", true },
{ "ausmwoid.de", true },
{ "auspicacious.org", true },
+ { "ausrecord.com", true },
{ "aussiefunadvisor.com", true },
{ "aussiegreenmarks.com.au", true },
{ "aussieservicedown.com", true },
@@ -3624,6 +3704,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "austinuniversityhouse.com", true },
{ "australian.dating", true },
{ "australianarmedforces.org", true },
+ { "australianattractions.com.au", true },
{ "australianimmigrationadvisors.com.au", true },
{ "australien-tipps.info", true },
{ "austromorph.space", true },
@@ -3632,7 +3713,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "auszeit.bio", true },
{ "auth.adult", true },
{ "authenticwoodcraft.com", true },
- { "authinfo-bestellen.de", true },
{ "authinity.com", true },
{ "authland.com", false },
{ "author24.biz", true },
@@ -3648,6 +3728,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "autoauctionsohio.com", true },
{ "autoauctionsvirginia.com", true },
{ "autobahnco.com", true },
+ { "autobarn.co.nz", true },
{ "autobedrijfgarant.nl", true },
{ "autobelle.it", true },
{ "autobourcier.com", true },
@@ -3666,7 +3747,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "autoepc.ro", true },
{ "autohaus-snater.de", true },
{ "autoinsurancehavasu.com", true },
- { "autokovrik-diskont.ru", true },
+ { "autokeyreplacementsanantonio.com", true },
{ "autoledky.sk", true },
{ "automaan.nl", true },
{ "automacity.com", true },
@@ -3676,6 +3757,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "automotivegroup-usedcars.be", true },
{ "automotivemechanic.org", true },
{ "automoto-tom.net", true },
+ { "automy.de", true },
{ "autonewssite.com", true },
{ "autoosijek.com", true },
{ "autopapo.com.br", true },
@@ -3686,6 +3768,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "autoprogconsortium.ga", true },
{ "autoproshouston.com", true },
{ "autorando.com", true },
+ { "autorijschoolrichardschut.nl", true },
{ "autoschadeschreuder.nl", true },
{ "autoscuola.roma.it", true },
{ "autosecurityfinance.com", true },
@@ -3701,8 +3784,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "autoteplo.org", true },
{ "autoterminus-used.be", true },
{ "autoto.hr", true },
+ { "autotransportquoteservices.com", true },
{ "autoverzekeringafsluiten.com", true },
{ "autowerkstatt-puchheim.de", true },
+ { "autozane.com", true },
{ "autres-talents.fr", true },
{ "autshir.com", true },
{ "auux.com", true },
@@ -3722,7 +3807,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "avalon-island.ru", true },
{ "avalon-rpg.com", true },
{ "avalon-studios.de", true },
- { "avalyuan.com", true },
{ "avanet.ch", true },
{ "avanet.com", true },
{ "avanovum.de", true },
@@ -3757,11 +3841,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "avietech.com", true },
{ "aviv.nyc", true },
{ "avlhostel.com", true },
+ { "avmrc.nl", true },
{ "avnet.ws", true },
{ "avocadooo.stream", true },
{ "avocatbeziau.com", true },
{ "avocode.com", true },
- { "avotoma.com", true },
{ "avova.de", true },
{ "avpres.net", true },
{ "avptp.org", true },
@@ -3771,6 +3855,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "avticket.ru", false },
{ "avtoforex.ru", true },
{ "avtogara-isperih.com", true },
+ { "avtomarket.ru", true },
{ "avtovokzaly.ru", true },
{ "avv.li", true },
{ "avvaterra.ch", true },
@@ -3781,10 +3866,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "awaremi-tai.com", true },
{ "awaresec.com", true },
{ "awaresec.no", true },
+ { "awarify.io", true },
+ { "awarify.me", true },
{ "awaro.net", true },
{ "awbouncycastlehire.com", true },
{ "awecademy.org", true },
- { "awen.me", true },
{ "awesomebouncycastles.co.uk", true },
{ "awesomesit.es", true },
{ "awk.tw", true },
@@ -3807,10 +3893,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "axiomer.me", true },
{ "axiomer.net", true },
{ "axiomer.org", true },
- { "axis-stralis.co.uk", true },
{ "axisfleetmanagement.co.uk", true },
{ "axolotlfarm.org", false },
+ { "axon-toumpa.gr", true },
{ "axonholdingse.eu", true },
+ { "axre.de", true },
{ "axrec.de", true },
{ "ay-net.jp", true },
{ "ayahya.me", true },
@@ -3830,6 +3917,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "az-moga.bg", true },
{ "az.search.yahoo.com", false },
{ "azadliq.info", true },
+ { "azane.ga", true },
+ { "azarus.ch", true },
{ "azazy.net", false },
{ "azgfd.com", true },
{ "aziende.com.ar", true },
@@ -3849,7 +3938,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "azurecrimson.com", true },
{ "azuriasky.com", true },
{ "azuriasky.net", true },
- { "azzag.co.uk", true },
{ "azzorti.com", true },
{ "azzurrapelletterie.it", true },
{ "b-b-law.com", true },
@@ -3877,12 +3965,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "b72.com", true },
{ "b72.net", true },
{ "baalsworld.de", true },
- { "baas-becking.biology.utah.edu", true },
{ "baazee.de", true },
{ "babacasino.net", true },
{ "babai.ru", true },
- { "babarkata.com", true },
{ "babeleo.com", true },
+ { "bablodel.biz", true },
+ { "bablodel.com", true },
+ { "babsbibs.com", true },
{ "baby-bath-tub.com", true },
{ "baby-digne.com", true },
{ "baby-fotografie-muenchen.de", true },
@@ -3897,6 +3986,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bachata.info", true },
{ "baches-piscines.com", true },
{ "baciu.ch", true },
+ { "backeby.eu", true },
{ "backmountaingas.com", true },
{ "backpacker.dating", true },
{ "backschues.com", true },
@@ -3917,6 +4007,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bad.pet", true },
{ "badam.co", true },
{ "badanteinfamiglia.it", true },
+ { "badaparda.com", true },
{ "badblock.fr", true },
{ "badboyzclub.de", true },
{ "badf00d.de", true },
@@ -3925,6 +4016,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "badges.stg.fedoraproject.org", true },
{ "badgesenpatches.nl", true },
{ "badhusky.com", true },
+ { "badlink.org", true },
{ "badmania.fr", true },
{ "badmintonbible.com", true },
{ "badoo.com", true },
@@ -3948,7 +4040,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "baglu.com", true },
{ "bagsofbounce.co.uk", true },
{ "bagspecialist.nl", true },
- { "bagstage.de", true },
{ "bah.im", false },
{ "bahaiprayers.io", true },
{ "bahnbonus-praemienwelt.de", true },
@@ -3967,6 +4058,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "baitulongbaycruises.com", true },
{ "baiyangliu.com", true },
{ "bajajfinserv.in", true },
+ { "bajic.ch", true },
{ "baka-gamer.net", true },
{ "baka.network", true },
{ "baka.org.cn", true },
@@ -3978,7 +4070,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bakim.li", true },
{ "bakingstone.com", true },
{ "bakkerinjebuurt.be", true },
- { "bakongcondo.com", true },
{ "balade-commune.ch", true },
{ "baladecommune.ch", true },
{ "balancascia.com.br", true },
@@ -3987,9 +4078,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "balancenaturalhealthclinic.ca", true },
{ "balboa.io", true },
{ "balcaonet.com.br", true },
+ { "balcarek.pl", true },
{ "balconnr.com", true },
{ "balconsverdun.com", true },
{ "baldur.cc", true },
+ { "baldwin.com.au", true },
{ "balia.de", true },
{ "balicekzdravi.cz", true },
{ "balidesignshop.com.br", true },
@@ -4002,6 +4095,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ball.holdings", true },
{ "ball3d.es", true },
{ "ballarin.cc", true },
+ { "balle.dk", true },
{ "ballejaune.com", true },
{ "balletcenterofhouston.com", true },
{ "ballinarsl.com.au", true },
@@ -4014,6 +4108,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "balmofgilead.org.uk", true },
{ "balslev.io", true },
{ "balticer.de", true },
+ { "balticmed.pl", true },
{ "balticnetworks.com", true },
{ "bamahammer.com", true },
{ "bambooforest.nl", true },
@@ -4040,6 +4135,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bangorfederal.com", false },
{ "bangridho.com", true },
{ "bangumi.co", true },
+ { "bangyu.wang", true },
{ "banham.co.uk", true },
{ "banham.com", true },
{ "banjostringiz.com", true },
@@ -4050,12 +4146,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bankerbuch.de", true },
{ "bankersonline.com", true },
{ "banketbesteld.nl", true },
- { "bankfreeoffers.com", true },
{ "bankgradesecurity.com", true },
{ "bankin.com", true },
{ "bankinter.pt", true },
{ "bankio.se", true },
+ { "banknet.gov", true },
{ "bankofdenton.com", true },
+ { "bankpolicies.com", true },
{ "banksiaparkcottages.com.au", true },
{ "bankstownapartments.com.au", true },
{ "bankvanbreda.be", true },
@@ -4071,12 +4168,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bar-harcourt.com", true },
{ "barabrume.fr", true },
{ "barans2239.com", true },
+ { "baravalle.com", true },
{ "barbarabowersrealty.com", true },
{ "barbarafabbri.com", true },
{ "barbarafeldman.com", true },
{ "barbarians.com", false },
- { "barbaros.info", true },
{ "barbate.fr", true },
+ { "barberlegalcounsel.com", true },
{ "barbershop-harmony.org", true },
{ "barbershop-lasvillas.com", true },
{ "barbiere.it", true },
@@ -4091,15 +4189,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bardiharborow.com", true },
{ "bardiharborow.tk", true },
{ "baresquare.com", true },
- { "barf-alarm.de", true },
{ "baripedia.org", true },
{ "bariseau-mottrie.be", true },
+ { "barisi.me", true },
{ "bariskaragoz.nl", true },
{ "baristador.com", true },
{ "barkerjr.xyz", true },
+ { "barlex.pl", true },
{ "barlotta.net", true },
{ "barnabycolby.io", true },
{ "barnel.com", true },
+ { "barnfotografistockholm.se", true },
{ "barpodsosnami.pl", true },
{ "barracuda.com.tr", true },
{ "barrera.io", true },
@@ -4184,6 +4284,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bautied.de", true },
{ "bauunternehmen-herr.de", true },
{ "bauwens.cloud", true },
+ { "bavartec.de", true },
{ "bayareaenergyevents.com", true },
{ "baychimo.com", true },
{ "bayden.com", true },
@@ -4196,8 +4297,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bayerstefan.eu", true },
{ "bayherbalist.com", true },
{ "bayilelakiku.com", true },
+ { "baykatre.com", true },
{ "bayly.eu", true },
{ "baymard.com", true },
+ { "bayportbotswana.com", true },
+ { "bayportfinance.com", true },
+ { "bayportghana.com", true },
+ { "bayporttanzania.com", true },
+ { "bayportuganda.com", true },
+ { "bayportzambia.com", true },
{ "baytalebaa.com", true },
{ "baywatch.io", true },
{ "bayz.de", true },
@@ -4250,13 +4358,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bcrook.com", true },
{ "bcs.adv.br", true },
{ "bcswampcabins.com", true },
- { "bcvps.com", true },
{ "bcyw56.live", true },
{ "bd2positivo.com", true },
{ "bda-boulevarddesairs.com", true },
{ "bdbxml.net", true },
{ "bdd.fi", true },
- { "bdikaros-network.net", true },
{ "bdpachicago.tech", true },
{ "bdvg.org", true },
{ "be-a-password.ninja", true },
@@ -4269,7 +4375,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "beacham.online", true },
{ "beachcitycastles.com", true },
{ "beachfutbolclub.com", true },
- { "beacinsight.com", true },
{ "beadare.com", true },
{ "beadare.nl", true },
{ "beaglesecurity.com", true },
@@ -4280,6 +4385,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "beanilla.com", true },
{ "beanjuice.me", true },
{ "beans-one.com", false },
+ { "bearcms.com", true },
{ "bearcosports.com.br", true },
{ "bearded.sexy", true },
{ "beardic.cn", true },
@@ -4289,9 +4395,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "beatfeld.de", true },
{ "beatnikbreaks.com", true },
{ "beatrizaebischer.ch", true },
+ { "beaumelcosmetiques.fr", true },
{ "beaute-eternelle.ch", true },
{ "beauty-hippie-schmuck.de", true },
{ "beauty-italy.ru", true },
+ { "beauty-yan-enterprise.com", true },
{ "beauty24.de", true },
{ "beautybear.dk", true },
{ "beautyby.tv", true },
@@ -4316,7 +4424,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bedandbreakfasthoekvanholland.com", true },
{ "bedels.nl", true },
{ "bedfordnissanparts.com", true },
- { "bedlingtonterrier.com.br", true },
{ "bednar.co", true },
{ "bedrijfsfotoreportages.nl", true },
{ "bedrijfsportaal.nl", true },
@@ -4370,6 +4477,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "befoodsafe.gov", true },
{ "beforeyoueatoc.com", true },
{ "beframed.ch", true },
+ { "befreewifi.info", true },
{ "befundonline.de", true },
{ "begabungsfoerderung.info", true },
{ "begbie.com", true },
@@ -4381,7 +4489,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "behindthethrills.com", true },
{ "behna24hodin.cz", true },
{ "behoerden-online-dienste.de", true },
- { "beholdthehurricane.com", true },
{ "behoreal.cz", true },
{ "bei18.com", true },
{ "beichtgenerator.de", true },
@@ -4390,6 +4497,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "beimchristoph.de", true },
{ "beinad.com", true },
{ "beinad.ru", true },
+ { "beisance.com", true },
{ "bejarano.io", true },
{ "belacapa.com.br", true },
{ "belanglos.de", true },
@@ -4404,6 +4512,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "belastingdienst-in-beeld.nl", false },
{ "belastingmiddeling.nl", true },
{ "belavis.com", true },
+ { "beleggingspanden-financiering.nl", true },
{ "belegit.org", true },
{ "belfastbounce.co.uk", true },
{ "belfastlocks.com", true },
@@ -4417,6 +4526,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "believersweb.org", true },
{ "bell.id.au", true },
{ "bella.network", true },
+ { "bellaklein.de", true },
{ "bellamodeling.com", true },
{ "bellinghamdetailandglass.com", true },
{ "belloy.ch", true },
@@ -4428,7 +4538,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "belmontgoessolar.org", true },
{ "belouga.org", true },
{ "belt.black", true },
- { "belua.com", true },
{ "belvoirbouncycastles.co.uk", true },
{ "bely-mishka.by", true },
{ "belyvly.com", true },
@@ -4449,9 +4558,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "benchling.com", true },
{ "benchmarkmonument.com", true },
{ "benchstoolo.com", true },
+ { "bencorby.com", true },
{ "bendemaree.com", true },
{ "bendigoland.com.au", true },
- { "bendingtheending.com", true },
{ "bendix.co", true },
{ "bendyworks.com", true },
{ "beneathvt.com", true },
@@ -4459,6 +4568,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "benepiscinas.com.br", true },
{ "beneri.se", true },
{ "benevita.bio", true },
+ { "benewpro.com", true },
{ "bengalurugifts.com", true },
{ "bengisureklam.com", true },
{ "benhaney.com", true },
@@ -4467,10 +4577,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "benjamin-hering.com", true },
{ "benjamin.pe", true },
{ "benjaminblack.net", true },
- { "benjamindietrich.com", true },
{ "benjamindietrich.de", true },
{ "benjaminjurke.com", true },
- { "benjaminjurke.net", true },
{ "benjaminkopelke.com", true },
{ "benjaminpiquet.fr", true },
{ "benjamins.com", true },
@@ -4503,11 +4611,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "benz-hikaku.com", true },
{ "benzi.io", true },
{ "beoordelingen.be", true },
+ { "bepenak.com", true },
{ "bephoenix.org.uk", true },
{ "bequiia.com", true },
{ "beranovi.com", true },
{ "berasavocate.com", true },
- { "berdaguermontes.eu", false },
{ "bergenhave.nl", true },
{ "berger-chiro.com", true },
{ "bergevoet-fa.nl", true },
@@ -4534,8 +4642,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bergstoneware.com", true },
{ "berichtsheft-vorlage.de", true },
{ "berikod.ru", true },
- { "berinhard.pl", true },
- { "berliancom.com", true },
{ "berlin-flirt.de", true },
{ "berlin.dating", true },
{ "bermeitinger.eu", true },
@@ -4546,6 +4652,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bernardez-photo.com", true },
{ "bernardfischer.fr", true },
{ "bernardgo.com", true },
+ { "bernardo.fm", true },
{ "bernat.ch", true },
{ "bernat.im", true },
{ "bernd-leitner-fotodesign.com", true },
@@ -4557,9 +4664,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bernhardluginbuehl.ch", true },
{ "bernhardluginbuehl.com", true },
{ "berodes.be", true },
+ { "berr.yt", true },
{ "berra.se", true },
{ "berruezoabogados.com", true },
{ "berrus.com", true },
+ { "berry.cat", true },
{ "berrypay.com", true },
{ "bersierservices.ch", true },
{ "bersotavocats.fr", true },
@@ -4601,6 +4710,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "best-music-colleges.com", true },
{ "best-nursing-colleges.com", true },
{ "best-pharmacy-schools.com", true },
+ { "best-tickets.co.uk", true },
{ "best-trucking-schools.com", true },
{ "best-wallpaper.net", true },
{ "best10websitebuilders.com", true },
@@ -4615,7 +4725,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bestbridal.top", true },
{ "bestbyte.com.br", true },
{ "bestcellular.com", false },
- { "bestdating.today", true },
+ { "bestdating.today", false },
+ { "bestdownloadscenter.com", true },
{ "bestelectricnd.com", true },
{ "bestemailmarketingsoftware.org", true },
{ "bestessaycheap.com", true },
@@ -4636,12 +4747,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bestpal.eu", true },
{ "bestpartyhire.com", true },
{ "bestperfumebrands.com", true },
+ { "bestpig.fr", true },
{ "bestplumbing.com", true },
{ "bestschools.io", true },
{ "bestschools.top", true },
{ "bestseries.tv", true },
{ "bestshoesmix.com", true },
{ "bestwebsite.gallery", true },
+ { "betaal.my", true },
{ "betacavi.com", true },
{ "betacloud.io", true },
{ "betaclouds.net", true },
@@ -4651,6 +4764,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "betaworx.eu", true },
{ "betecnet.de", true },
{ "bethpage.net", true },
+ { "betleakbot.com", true },
{ "betobaccofree.gov", true },
{ "betonbit.com", true },
{ "betpamm.com", true },
@@ -4679,6 +4793,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bettertime.jetzt", true },
{ "betterweb.fr", true },
{ "betterworldinternational.org", true },
+ { "bettflaschen.ch", true },
{ "bettingbusiness.ru", true },
{ "bettingsider.dk", true },
{ "bettolinokitchen.com", true },
@@ -4702,7 +4817,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bexit.nl", true },
{ "bexleycastles.co.uk", true },
{ "beybiz.com", true },
- { "beylikduzuvaillant.com", true },
+ { "beyerautomation.com", true },
{ "beyond-infinity.org", false },
{ "beyond-rational.com", true },
{ "beyondalderaan.net", true },
@@ -4717,6 +4832,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bezemkast.nl", true },
{ "bezpecnostsiti.cf", true },
{ "bezr.co.uk", true },
+ { "bezzia.com", true },
+ { "bf7088.com", true },
+ { "bf7877.com", true },
{ "bfam.tv", true },
{ "bfem.gov", true },
{ "bfgcdn.com", true },
@@ -4727,7 +4845,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bft-media.com", true },
{ "bftbradio.com", true },
{ "bfw-online.de", true },
- { "bg-sexologia.com", true },
{ "bgbhsf.top", true },
{ "bgeo.io", true },
{ "bgfoto.info", true },
@@ -4748,12 +4865,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bhost.net", true },
{ "bhtelecom.ba", true },
{ "bhuntr.com", true },
+ { "bhxch.moe", true },
{ "bi.search.yahoo.com", false },
{ "biaggeo.com", true },
{ "biancolievito.it", true },
{ "biano-ai.com", true },
{ "biasmath.es", true },
- { "biathloncup.ru", true },
{ "bible-maroc.com", true },
{ "bible.ru", true },
{ "bibleonline.ru", true },
@@ -4768,11 +4885,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bibuch.com", true },
{ "bicecontracting.com", true },
{ "bicha.net", true },
+ { "bicifanaticos.com", true },
{ "bicranial.io", true },
{ "bicycle-events.com", true },
{ "bicycleframeiz.com", true },
{ "biddl.com", true },
{ "biddle.co", true },
+ { "bidman.cz", true },
+ { "bidman.eu", true },
{ "bidu.com.br", true },
{ "bie.edu", false },
{ "biegal.ski", true },
@@ -4790,8 +4910,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bieser.ch", true },
{ "biester.pro", true },
{ "bieumau.net", true },
- { "biewen.me", true },
{ "bifrost.cz", true },
+ { "biftin.net", true },
{ "big-andy.co.uk", true },
{ "big-bounce.co.uk", true },
{ "big-fluglaerm-hamburg.de", true },
@@ -4800,6 +4920,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bigbouncebouncycastles.co.uk", true },
{ "bigbouncetheory.co.uk", true },
{ "bigbounceuk.com", true },
+ { "bigbrotherawards.nl", true },
{ "bigcakes.dk", true },
{ "bigclassaction.com", true },
{ "bigdinosaur.org", true },
@@ -4817,7 +4938,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bihub.io", true },
{ "biilo.com", true },
{ "bijouxcherie.com", true },
- { "bijuteriicualint.ro", true },
+ { "biju-neko.jp", true },
{ "bike-discount.de", true },
{ "bike-kurse.ch", true },
{ "bike-shack.com", true },
@@ -4839,10 +4960,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bildschirmflackern.de", true },
{ "biletru.net", true },
{ "biletyplus.by", true },
+ { "biletyplus.com", true },
{ "biletyplus.ua", true },
{ "bilgo.com", true },
{ "bilibili.link", true },
- { "bilibili.red", true },
{ "bilimoe.com", true },
{ "bilke.org", true },
{ "billaud.eu.org", true },
@@ -4859,6 +4980,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "billogram.com", true },
{ "billpro.com", false },
{ "billrhodesbakery.com", true },
+ { "billsqualityautocare.com", true },
{ "billy.pictures", true },
{ "billyoh.com", true },
{ "billysbouncycastlehire.co.uk", true },
@@ -4883,7 +5005,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "binaryappdev.com", true },
{ "binarycreations.scot", true },
{ "binarydream.fi", true },
- { "binaryevolved.com", true },
{ "binaryrebel.net", true },
{ "binarystud.io", true },
{ "binding-problem.com", true },
@@ -4891,10 +5012,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bing.com", true },
{ "bingobank.org", true },
{ "binhex.net", true },
- { "binkanhada.biz", true },
{ "binkconsulting.be", true },
{ "binnenmeer.de", true },
{ "binsp.net", true },
+ { "bintangsyurga.com", true },
+ { "bintelligence.info", true },
+ { "bintelligence.nl", true },
{ "binti.com", true },
{ "bintooshoots.com", true },
{ "bio-disinfestazione.it", true },
@@ -4921,10 +5044,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bioharmony.ca", true },
{ "biointelligence-explosion.com", true },
{ "bioknowme.com", true },
+ { "bioleev.sklep.pl", true },
{ "bioligo.ch", true },
{ "biologis.ch", true },
{ "biology-colleges.com", true },
+ { "biomag.it", true },
{ "biomasscore.com", true },
+ { "biomed-hospital.ch", true },
+ { "biomed.ch", true },
{ "biometrics.es", true },
{ "biomodra.cz", true },
{ "biopsychiatry.com", true },
@@ -4934,7 +5061,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bioshine.com.sg", true },
{ "biosignalanalytics.com", true },
{ "biosphere.cc", true },
+ { "biospw.com", true },
{ "biotechware.com", true },
+ { "biotin.ch", true },
{ "bipyo.com", true },
{ "birbaumer.li", true },
{ "birchbarkfurniture.ch", true },
@@ -4961,14 +5090,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "biscoint.io", true },
{ "biscuitcute.com.br", true },
{ "biser-borisov.eu", true },
- { "bismarck-tb.de", true },
{ "biso.ga", true },
{ "bison.co", true },
{ "bisq.community", true },
{ "bissalama.org", true },
{ "bisschopssteeg.nl", true },
{ "bistrocean.com", true },
- { "bistrodeminas.com", true },
+ { "bistroservice.de", true },
{ "bistrotdelagare.fr", true },
{ "bit-cloud.de", true },
{ "bit-rapid.com", true },
@@ -4998,8 +5126,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bitcoin.org", true },
{ "bitcoin.us", true },
{ "bitcoinbitcoin.com", true },
- { "bitcoinclashic.ninja", true },
{ "bitcoincore.org", true },
+ { "bitcoinfees.net", true },
{ "bitcoinindia.com", true },
{ "bitcoinkarlsruhe.de", true },
{ "bitcoinrealestate.com.au", true },
@@ -5008,6 +5136,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bitcoinx.gr", true },
{ "bitcoinx.ro", true },
{ "bitcork.io", true },
+ { "bitcqr.io", true },
{ "bitex.la", true },
{ "bitfasching.de", false },
{ "bitfehler.net", true },
@@ -5017,6 +5146,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bitfuse.net", true },
{ "bitgo.com", true },
{ "bitgrapes.com", true },
+ { "bithap.com", true },
{ "bithir.co.uk", true },
{ "bititrain.com", true },
{ "bitlish.com", true },
@@ -5032,27 +5162,34 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bitmidi.com", true },
{ "bitminter.com", true },
{ "bitmoe.com", true },
+ { "bitok.com", true },
{ "bitpoll.de", true },
{ "bitpoll.org", true },
{ "bitpumpe.net", true },
{ "bitref.com", true },
{ "bitrush.nl", true },
+ { "bits-hr.de", true },
{ "bitsafe.com.my", true },
{ "bitsburg.ru", true },
+ { "bitski.com", true },
{ "bitskins.co", true },
{ "bitskrieg.net", true },
+ { "bitso.com", true },
{ "bitsoffreedom.nl", true },
{ "bitstep.ca", true },
{ "bitstorm.nl", true },
{ "bitstorm.org", true },
{ "bitsum.com", true },
+ { "bitsy.com", true },
{ "bitsync.nl", true },
{ "bitten.pw", true },
{ "bittersweetcandybowl.com", true },
{ "bittylicious.com", true },
{ "bitvest.io", true },
+ { "bitwarden.com", true },
{ "bitwolk.nl", true },
{ "bitxel.com.co", true },
+ { "biupay.com.br", true },
{ "biurokarier.edu.pl", true },
{ "bixservice.com", true },
{ "biyori.moe", true },
@@ -5067,10 +5204,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "biztera.com", true },
{ "biztok.eu", true },
{ "biztouch.work", true },
- { "bizzi.tv", true },
{ "bjarnerest.de", true },
{ "bjmgeek.science", true },
{ "bjmun.cn", true },
+ { "bjolanta.pl", true },
{ "bjornhelmersson.se", true },
{ "bjornjohansen.no", true },
{ "bjs.gov", true },
@@ -5080,7 +5217,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bkkposn.com", true },
{ "bklaindia.com", true },
{ "bkositspartytime.co.uk", true },
- { "bl00.se", true },
{ "bl4ckb0x.biz", true },
{ "bl4ckb0x.com", true },
{ "bl4ckb0x.de", true },
@@ -5089,7 +5225,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bl4ckb0x.net", true },
{ "bl4ckb0x.org", true },
{ "blaauwgeers.pro", true },
- { "blaauwgeers.travel", true },
{ "blabber.im", true },
{ "blablacar.co.uk", true },
{ "blablacar.com", true },
@@ -5118,14 +5253,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blackandpony.de", true },
{ "blackbag.nl", true },
{ "blackbase.de", true },
- { "blackberryforums.be", true },
+ { "blackbird-whitebird.com", true },
{ "blackcat.ca", true },
{ "blackcatinformatics.ca", true },
{ "blackcatinformatics.com", true },
{ "blackcicada.com", true },
{ "blackdotbrewery.com", true },
{ "blackdown.de", true },
- { "blackdragoninc.org", true },
{ "blackedbyte.com", true },
{ "blackevent.be", true },
{ "blackfire.io", true },
@@ -5146,10 +5280,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blacknova.io", true },
{ "blackonion.com", true },
{ "blackpapermoon.de", true },
+ { "blackpayment.ru", true },
{ "blackphoenix.de", true },
{ "blackpi.dedyn.io", true },
{ "blackroadphotography.de", true },
{ "blackroot.eu", true },
+ { "blackscytheconsulting.com", true },
{ "blackseals.net", true },
{ "blackyau.cc", true },
{ "blackys-chamber.de", true },
@@ -5160,13 +5296,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blancodent.com", true },
{ "blankersfamily.com", true },
{ "blanket.technology", true },
- { "blantr.com", true },
{ "blasorchester-runkel.de", true },
{ "blastentertainment.com.au", true },
{ "blastersklan.com", true },
{ "blastzoneentertainments.co.uk", true },
{ "blaudev.es", true },
- { "blauerhunger.de", true },
{ "blayne.me", true },
{ "blayneallan.com", true },
{ "blazing.cz", true },
@@ -5190,8 +5324,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blichmann.eu", true },
{ "blidz.com", true },
{ "blieque.co.uk", true },
+ { "bliesekow.net", true },
{ "blikk.no", true },
- { "blikund.swedbank.se", true },
{ "blinder.com.co", true },
{ "blindpigandtheacorn.com", true },
{ "blinds-unlimited.com", true },
@@ -5204,14 +5338,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blissjoe.com", true },
{ "blissplan.com", true },
{ "blitzprog.org", true },
+ { "blitzvendor.com", true },
{ "blivawesome.dk", true },
{ "blivvektor.dk", true },
{ "blizhost.com", true },
{ "blizhost.com.br", true },
{ "blizora.com", true },
- { "blizz.news", true },
{ "blkbx.eu", true },
{ "blm.gov", true },
+ { "blo-melchiorshausen.de", true },
{ "blobfolio.com", true },
{ "block-this.com", true },
{ "block65.com", true },
@@ -5238,9 +5373,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blogarts.net", true },
{ "blogbooker.com", true },
{ "blogconcours.net", true },
- { "blogcuaviet.com", true },
{ "blogdelosjuguetes.com", true },
- { "blogdeyugioh.com", true },
{ "blogexpert.ca", true },
{ "bloggermumofthreeboys.com", true },
{ "blogging-life.com", true },
@@ -5258,6 +5391,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blok56.nl", true },
{ "blokmy.com", true },
{ "blood4pets.tk", true },
+ { "bloodhunt.pl", true },
{ "bloodsports.org", true },
{ "bloom-avenue.com", true },
{ "bltc.co.uk", true },
@@ -5273,8 +5407,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blue-leaf81.net", true },
{ "blue42.net", true },
{ "blueblou.com", true },
- { "bluecardlottery.eu", true },
- { "bluecards.eu", true },
{ "bluechilli.com", true },
{ "bluecon.ninja", true },
{ "bluecrazii.nl", true },
@@ -5292,6 +5424,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bluemtnrentalmanagement.ca", true },
{ "bluenote9.com", true },
{ "blueoakart.com", true },
+ { "blueoceantech.us", true },
{ "blueperil.de", true },
{ "bluepoint.one", true },
{ "bluepostbox.de", true },
@@ -5299,6 +5432,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blues-and-pictures.com", true },
{ "blueskycoverage.com", true },
{ "bluestardiabetes.com", true },
+ { "bluesuncamping.com", true },
{ "bluesunhotels.com", true },
{ "bluetexservice.com", true },
{ "bluewavewebdesign.com", true },
@@ -5308,7 +5442,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bluex.org", true },
{ "blueyed.eu", true },
{ "blui.ml", true },
- { "bluiandaj.ml", true },
{ "bluimedia.com", true },
{ "blumenfeldart.com", true },
{ "blumiges-fischbachtal.de", false },
@@ -5338,6 +5471,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bnstree.com", true },
{ "bnty.net", true },
{ "bnzblowermotors.com", true },
+ { "bo4tracker.com", true },
{ "boardgamegeeks.de", true },
{ "boards.ie", true },
{ "boat-engines.eu", true },
@@ -5349,7 +5483,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bobaobei.net", true },
{ "bobazar.com", true },
{ "bobcopeland.com", true },
- { "bobiji.com", false },
{ "bobkidbob.com", true },
{ "bobkoetsier.nl", true },
{ "bobnbouncedublin.ie", true },
@@ -5363,12 +5496,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bocreation.fr", true },
{ "bodhi.fedoraproject.org", true },
{ "bodis.nl", true },
- { "bodixite.com", true },
{ "bodsch.com", true },
{ "bodybuildingworld.com", true },
{ "bodyconshop.com", true },
{ "bodygearguide.com", true },
- { "bodymusclejournal.com", true },
{ "bodypainter.pl", true },
{ "bodypainting.waw.pl", true },
{ "bodyshopnews.net", true },
@@ -5399,7 +5530,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "boldt-metallbau.de", true },
{ "bolektro.de", true },
{ "bolgarnyelv.hu", true },
- { "bollywood.uno", true },
{ "bologna-disinfestazioni.it", true },
{ "bolovegna.it", true },
{ "bolt.cm", false },
@@ -5422,6 +5552,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bondoer.fr", true },
{ "bondskampeerder.nl", true },
{ "bonebunny.de", true },
+ { "bonesserver.com", true },
{ "bonfi.net", true },
{ "bongo.cat", true },
{ "bonibuty.com", true },
@@ -5445,7 +5576,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bonsaimedia.nl", true },
{ "bonsi.net", true },
{ "bonux.co", true },
- { "boodaah.com", false },
{ "boodmo.com", true },
{ "boogaerdtmakelaars.nl", true },
{ "boogiebouncecastles.co.uk", true },
@@ -5468,7 +5598,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "boomshelf.com", true },
{ "boomshelf.org", true },
{ "boonbox.com", true },
- { "boonehenry.co.uk", true },
{ "booox.biz", true },
{ "booox.cc", true },
{ "booox.info", true },
@@ -5482,7 +5611,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "boosinflatablegames.co.uk", true },
{ "boost.fyi", true },
{ "boost.ink", true },
- { "booter.pw", true },
{ "bootjp.me", false },
{ "bopiweb.com", true },
{ "bopp.org", true },
@@ -5501,10 +5629,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "borneodictionary.com", true },
{ "bornfiber.dk", true },
{ "bornhack.dk", true },
- { "borowski.pw", true },
{ "borrelpartybus.nl", true },
{ "borysek.net", true },
- { "borzoi.com.br", true },
{ "bosabosa.org", true },
{ "boscoyacht.ch", true },
{ "boskeopolis-stories.com", true },
@@ -5517,11 +5643,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "botezdepoveste.ro", true },
{ "botguard.net", true },
{ "bothellwaygarage.net", true },
+ { "botoes-primor.pt", true },
+ { "botserver.de", true },
{ "botsindiscord.me", true },
{ "botstack.host", true },
{ "bottaerisposta.net", true },
{ "bottineauneighborhood.org", true },
- { "bottke.berlin", true },
{ "bou.lt", true },
{ "bouah.net", true },
{ "bouchard-mathieux.com", true },
@@ -5537,6 +5664,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bounce-abouts.com", true },
{ "bounce-n-go.co.uk", true },
{ "bounce-on.co.uk", true },
+ { "bounce-r-us.co.uk", true },
{ "bounce-xtreme.co.uk", true },
{ "bounce4fun.co.uk", true },
{ "bounce4fun.ie", true },
@@ -5618,14 +5746,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bouncycastlesinleeds.co.uk", true },
{ "bouncycastlesisleofwight.co.uk", true },
{ "bouncycastlesmonaghan.com", true },
- { "bouncycastlesperth.net", true },
{ "bouncycastlessheerness.co.uk", true },
{ "bouncydays.co.uk", true },
{ "bouncyfeet.co.uk", true },
{ "bouncygiggles.com.au", true },
{ "bouncyhigher.co.uk", true },
{ "bouncyhousecastlehire.co.uk", true },
- { "bouncyhouses.co.uk", true },
{ "bouncykingdom.co.uk", true },
{ "bouncykings.co.uk", true },
{ "bouncykingsnortheast.co.uk", true },
@@ -5687,9 +5813,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "br3in.nl", false },
{ "br7.ru", true },
{ "braams.nl", true },
+ { "braathe.no", true },
{ "bracho.xyz", true },
{ "brackets-salad.com", true },
- { "bracoitaliano.com.br", true },
{ "bradbrockmeyer.com", true },
{ "bradfergusonrealestate.com", true },
{ "bradfordhottubhire.co.uk", true },
@@ -5714,16 +5840,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "brainserve.swiss", true },
{ "brainsik.net", true },
{ "brainster.co", true },
+ { "brainvation.de", true },
{ "brainvoyagermusic.com", true },
{ "brainwav.es", true },
{ "brainwork.space", true },
{ "brakemanpro.com", true },
{ "brakpanplumber24-7.co.za", true },
+ { "brakstad.org", true },
{ "bralnik.com", true },
{ "brambogaerts.nl", true },
{ "bramburek.net", true },
{ "bramhallsamusements.com", true },
{ "brammingfys.dk", true },
+ { "bramsikkens.be", true },
{ "bramstaps.nl", true },
{ "bramvanaken.be", true },
{ "bramygrozy.pl", true },
@@ -5732,10 +5861,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "branchtrack.com", true },
{ "brandand.co.uk", true },
{ "brandbil.dk", true },
- { "brandbuilderwebsites.com", true },
{ "brandcodeconsulting.com", true },
{ "brandcodestyle.com", true },
{ "brandingclic.com", true },
+ { "brando753.xyz", true },
{ "brandongomez.me", true },
{ "brandonhubbard.com", true },
{ "brandonwalker.me", true },
@@ -5771,14 +5900,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bravebaby.com.au", true },
{ "bravehearts.org.au", true },
{ "braviskindenjeugd.nl", true },
- { "bravisziekenhuis.nl", true },
+ { "bravisziekenhuis.nl", false },
{ "brazenfol.io", true },
{ "brazilian.dating", true },
{ "brazillens.com", true },
{ "brck.nl", true },
{ "brd.ro", true },
{ "breadandlife.org", true },
- { "breadofgod.org", true },
{ "breakingtech.it", true },
{ "breakpoint.at", true },
{ "breaky.de", true },
@@ -5798,7 +5926,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "breeyn.com", true },
{ "brefy.com", true },
{ "brege.org", true },
- { "bregnedalsystems.dk", true },
{ "breitband.bz.it", true },
{ "breitbild-beamer.de", true },
{ "brejoc.com", true },
@@ -5818,15 +5945,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "brevboxar.se", true },
{ "brewsouth.com", true },
{ "brewtrackr.com", true },
+ { "breznet.com", true },
{ "brgins.com", true },
+ { "brian-gordon.name", true },
{ "brianalaway.com", true },
{ "brianalawayconsulting.com", true },
{ "briandwells.com", true },
{ "brianfoshee.com", true },
- { "briangarcia.ga", true },
{ "brianjohnson.co.za", true },
{ "brianlanders.us", true },
- { "brianmwaters.net", true },
{ "brianroadifer.com", true },
{ "briansmith.org", true },
{ "briantkatch.com", true },
@@ -5851,6 +5978,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "briefassistant.com", true },
{ "briefhansa.de", true },
{ "briefvorlagen-papierformat.de", true },
+ { "brier.me", true },
{ "briffoud.fr", true },
{ "briggsleroux.com", true },
{ "brighouse-leisure.co.uk", true },
@@ -5882,6 +6010,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "britneyclause.com", true },
{ "brittanyferriesnewsroom.com", true },
{ "britton-photography.com", true },
+ { "brk.st", true },
{ "brmsalescommunity.com", true },
{ "brn.by", true },
{ "brnojebozi.cz", true },
@@ -5925,7 +6054,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "brucemartin.net", true },
{ "brucemobile.de", false },
{ "bruck.me", true },
- { "bruckner.li", true },
+ { "brudkista.se", true },
+ { "brudkistan.nu", true },
+ { "brudkistan.se", true },
{ "bruna-cdn.nl", true },
{ "brunick.de", false },
{ "brunn.email", true },
@@ -5937,15 +6068,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "brunosouza.org", true },
{ "brush.ninja", true },
{ "bruun.co", true },
+ { "bryankaplan.com", true },
{ "bryanquigley.com", true },
{ "bryansmith.net", true },
{ "bryansmith.tech", true },
{ "brycecanyon.net", true },
{ "brycecanyonnationalpark.com", true },
{ "bryggebladet.dk", true },
+ { "brztec.com", true },
{ "brzy-svoji.cz", true },
{ "bs-network.net", true },
{ "bs-security.com", true },
+ { "bs.sb", true },
{ "bs.to", true },
{ "bs12v.ru", true },
{ "bsa157.org", true },
@@ -5973,18 +6107,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bsquared.org", true },
{ "bst.gg", true },
{ "bstoked.net", true },
- { "bsuru.xyz", true },
{ "bsw-solution.de", true },
{ "bt123.xyz", true },
{ "bta.lv", false },
- { "btc2secure.com", true },
{ "btcarmory.com", true },
{ "btcbolsa.com", true },
{ "btcontract.com", true },
{ "btcpop.co", true },
{ "btcycle.org", true },
+ { "btine.tk", true },
{ "btio.pw", true },
- { "btku.org", true },
{ "btmstore.com.br", true },
{ "btnissanparts.com", true },
{ "btorrent.xyz", true },
@@ -5992,22 +6124,26 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "btsoft.eu", true },
{ "btsow.com", true },
{ "bttc.co.uk", true },
+ { "btth.live", true },
{ "btth.pl", true },
{ "btth.tv", true },
{ "btth.xyz", true },
{ "bttorj45.com", true },
- { "bturboo.com", true },
+ { "buayacorp.com", true },
{ "bubblegumblog.com", true },
{ "bubblespetspa.com", true },
{ "bubblin.io", true },
{ "bubblinghottubs.co.uk", true },
{ "bubblybouncers.co.uk", true },
{ "bubhub.io", true },
+ { "bubulazi.com", false },
+ { "bubulazy.com", false },
{ "bucek.cz", true },
{ "buch-angucken.de", true },
{ "buchhandlungkilgus.de", true },
{ "buchwegweiser.com", true },
{ "buckelewrealtygroup.com", true },
+ { "bucketlist.co.ke", true },
{ "buckypaper.com", true },
{ "buddhismus.net", true },
{ "buddie5.com", true },
@@ -6024,10 +6160,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "budgiesballoons.com", true },
{ "budntod.com", true },
{ "budolfs.de", true },
- { "buehnenbande.ch", false },
{ "bueltge.de", true },
{ "buena-vista.cz", true },
{ "buena.me", true },
+ { "bueny.com", true },
+ { "bueny.net", true },
{ "bueroplus.de", true },
{ "bueroschwarz.design", true },
{ "bueroshop24.de", true },
@@ -6041,6 +6178,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bugginslab.co.uk", true },
{ "bugs.chromium.org", true },
{ "bugsmashed.com", true },
+ { "bugwie.com", true },
{ "bugzil.la", true },
{ "bugzilla.mozilla.org", true },
{ "build.chromium.org", true },
@@ -6059,14 +6197,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "builtory.my", true },
{ "builtvisible.com", true },
{ "builtwith.com", true },
+ { "buissonchardin.fr", true },
{ "bukkenfan.jp", true },
{ "bul3seas.eu", true },
{ "bulario.com", true },
{ "bulario.net", true },
{ "bulbcompare.com", true },
- { "bulbgenie.com", true },
{ "bulkcandystore.com", true },
{ "bulkingtime.com", true },
+ { "bulkowespacerkowo.nl", true },
{ "bulktrade.de", true },
{ "bulktshirtsjohannesburg.co.za", true },
{ "bulkwholesalesweets.co.uk", true },
@@ -6074,6 +6213,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bulldog-hosting.de", true },
{ "bulledair-savons.ch", true },
{ "bullettags.com", true },
+ { "bullpendaily.com", true },
{ "bullshitmail.nl", true },
{ "bullterrier.nu", true },
{ "bulwarkhost.com", true },
@@ -6086,6 +6226,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bunkyo-life.com", true },
{ "bunny-rabbits.com", true },
{ "bunnycarenotes.com", true },
+ { "bunnydiamond.de", true },
{ "bunnyvishal.com", true },
{ "bunzy.ca", true },
{ "bupropion.com", true },
@@ -6127,7 +6268,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "busindre.com", true },
{ "business-garden.com", true },
{ "business.facebook.com", false },
- { "businessadviceperth.com.au", true },
{ "businesscentermarin.ch", true },
{ "businessesdirectory.eu", true },
{ "businessfactors.de", true },
@@ -6148,6 +6288,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "busyon.cloud", true },
{ "butarque.es", true },
{ "buthowdoyoubuygroceries.com", true },
+ { "butikpris.se", true },
{ "butikvip.ru", true },
{ "butteramotors.com", true },
{ "buttonline.ch", true },
@@ -6157,18 +6298,27 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "buurtpreventiefraneker.nl", true },
{ "buxum-communication.ch", true },
{ "buy-out.jp", true },
+ { "buybike.shop", true },
+ { "buycarpet.shop", true },
{ "buycbd.store", true },
+ { "buycook.shop", true },
{ "buydissertations.com", true },
{ "buyebook.xyz", true },
{ "buyerdocs.com", true },
+ { "buyhealth.shop", true },
{ "buyinginvestmentproperty.com", true },
+ { "buyjewel.shop", true },
{ "buymindhack.com", true },
{ "buypapercheap.net", true },
+ { "buyplussize.shop", true },
+ { "buyprofessional.shop", true },
{ "buyritefairview.com", true },
{ "buysellinvestproperties.com", true },
{ "buyseo.store", true },
+ { "buysuisse.shop", true },
{ "buytermpaper.com", true },
{ "buytheway.co.za", true },
+ { "buywine.shop", true },
{ "buzz.tools", true },
{ "buzzconf.io", true },
{ "buzzcontent.com", true },
@@ -6176,27 +6326,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bvalle.com", true },
{ "bvgg.eu", true },
{ "bvl.aero", true },
- { "bvv-europe.eu", true },
{ "bw.codes", true },
{ "bwcscorecard.org", true },
{ "bwe-seminare.de", true },
- { "bwf11.com", true },
- { "bwf55.com", true },
- { "bwf6.com", true },
- { "bwf66.com", true },
- { "bwf77.com", true },
- { "bwf99.com", true },
{ "bwfc.nl", true },
{ "bwh1.net", false },
{ "bwilkinson.co.uk", true },
{ "bwl-earth.club", true },
{ "bws16.de", true },
{ "bwserhoscaletrainaz.com", true },
- { "bwwb.nu", true },
{ "bx-n.de", true },
{ "bxdev.me", true },
{ "bxp40.at", true },
- { "by.cx", true },
{ "byange.pro", true },
{ "byatte.com", true },
{ "byeskille.no", true },
@@ -6220,6 +6361,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bytearts.net", false },
{ "bytebucket.org", true },
{ "bytecode.no", true },
+ { "bytecrafter.com", true },
+ { "bytecrafter.net", true },
{ "bytejail.com", true },
{ "bytema.cz", true },
{ "bytema.eu", true },
@@ -6228,6 +6371,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bytemix.cloud", true },
{ "byteowls.com", false },
{ "bytepark.de", true },
+ { "bytepen.com", true },
{ "bytes.co", true },
{ "bytes.fyi", true },
{ "bytesatwork.de", true },
@@ -6240,7 +6384,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bythisverse.com", true },
{ "bytrain.net", true },
{ "byvshie.com", true },
- { "bzhub.bid", true },
{ "bziaks.xyz", true },
{ "bzsparks.com", true },
{ "bztech.com.br", true },
@@ -6258,11 +6401,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "c0rporation.com", true },
{ "c2design.it", true },
{ "c2o-library.net", true },
+ { "c3sign.de", true },
{ "c3vo.de", true },
{ "c3w.at", true },
{ "c3wien.at", true },
+ { "c3woc.de", true },
{ "c4539.com", true },
{ "c4k3.net", true },
+ { "c5h8no4na.net", true },
{ "c7dn.com", true },
{ "ca-key.de", true },
{ "ca-terminal-multiservices.fr", true },
@@ -6278,7 +6424,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cabineritten.nl", true },
{ "cabinet-bedin.com", true },
{ "cabinetfurnituree.com", true },
- { "cablehighspeed.net", true },
{ "cablemod.com", true },
{ "cablesandkits.com", true },
{ "cabotfinancial.co.uk", true },
@@ -6288,6 +6433,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cacaumidade.com.br", true },
{ "caceis.bank", true },
{ "cachacacha.com", true },
+ { "cachedview.nl", true },
{ "cachetagalong.com", true },
{ "cachetur.no", true },
{ "cackette.com", true },
@@ -6295,6 +6441,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cadacoon.com", true },
{ "cadafamilia.de", true },
{ "cadams.io", true },
+ { "cadcreations.co.ke", true },
{ "cadetsge.ch", true },
{ "cadmail.nl", true },
{ "cadman.pw", true },
@@ -6306,7 +6453,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cadsys.net", true },
{ "cadusilva.com", true },
{ "caesarkabalan.com", true },
- { "cafe-service.ru", false },
{ "cafedupont.be", true },
{ "cafedupont.co.uk", true },
{ "cafedupont.de", true },
@@ -6316,11 +6462,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cafeobscura.nl", true },
{ "caferagazzi.de", true },
{ "cafericoy.com", true },
+ { "cafeterasbaratas.net", true },
{ "caffeinatedcode.com", true },
{ "cagalogluyayinevi.com", true },
+ { "caglarcakici.com", true },
+ { "caijunyi.net", true },
{ "cainhosting.com", false },
{ "caitcs.com", true },
{ "caiwenjian.xyz", true },
+ { "caizx.com", false },
{ "caja-pdf.es", true },
{ "cajio.ru", true },
{ "cajunuk.co.uk", true },
@@ -6362,14 +6512,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "calendarsnow.com", true },
{ "calendly.com", true },
{ "calenfil.com", true },
+ { "calentadores-solares-sunshine.com", true },
{ "caletka.cz", true },
{ "calgoty.com", true },
{ "calibreapp.com", true },
{ "calibso.net", true },
{ "caliderumba.com", true },
- { "calidoinvierno.com", true },
{ "calixte-concept.fr", true },
{ "call.me", true },
+ { "callanan.nl", true },
+ { "callantonia.com", true },
{ "callawayracing.se", false },
{ "callear.org", true },
{ "callhub.io", true },
@@ -6386,6 +6538,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "calvinallen.net", false },
{ "calyxengineers.com", true },
{ "calyxinstitute.org", false },
+ { "camara360grados.com", true },
{ "camaradivisas.com", true },
{ "camaras.uno", true },
{ "camarilloelectric.com", true },
@@ -6411,7 +6564,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cameraviva.com.br", true },
{ "camerweb.es", true },
{ "camilomodzz.net", true },
- { "camjobs.net", true },
{ "camolist.com", true },
{ "camomile.desi", true },
{ "camp-pleinsoleil.ch", true },
@@ -6423,10 +6575,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "campaignwiki.org", true },
{ "campamentos.info", true },
{ "campbellapplianceheatingandair.com", true },
- { "campbrainybunch.com", true },
{ "campcambodia.org", true },
{ "campcanada.org", true },
- { "campeonatoalemao.com.br", true },
{ "camperdays.de", true },
{ "camperlist.com", true },
{ "campermanaustralia.com", true },
@@ -6440,7 +6590,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "campula.cz", true },
{ "campus-discounts.com", true },
{ "campus-finance.com", true },
- { "campusdrugprevention.gov", true },
+ { "campusdrugprevention.gov", false },
{ "campuswire.com", true },
{ "campvana.com", true },
{ "campwabashi.org", true },
@@ -6459,9 +6609,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "canal-onanismo.org", true },
{ "canalsidehouse.be", true },
{ "canalsidehouse.com", true },
+ { "canariculturacolor.com", true },
{ "canarymod.net", true },
{ "cancerdata.nhs.uk", true },
{ "candaceplayforth.com", true },
+ { "candelec.com", true },
{ "candeo-books.nl", true },
{ "candex.com", true },
{ "candguchocolat.com", true },
@@ -6471,6 +6623,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "candlcastles.co.uk", true },
{ "cando.eu", true },
{ "candyout.com", true },
+ { "canerkorkmaz.com", true },
{ "cangelloplasticsurgery.com", true },
{ "cangku.in", true },
{ "cangku.moe", false },
@@ -6495,6 +6648,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cantrack.com", true },
{ "canva.com", true },
{ "canx.org", true },
+ { "canyonshoa.com", true },
{ "canyoupwn.me", true },
{ "cao.gov", true },
{ "cao.la", true },
@@ -6502,6 +6656,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "caoshan60.com", true },
{ "capachitos.cl", true },
{ "capacityproject.org", true },
+ { "capebretonpiper.com", true },
{ "capekeen.com", true },
{ "capellidipremoli.com", true },
{ "caphane.com", true },
@@ -6553,7 +6708,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "carbon12.software", true },
{ "carboneselectricosnettosl.info", false },
{ "carbonmade.com", false },
- { "carbonmonoxidelawyer.net", true },
{ "carbono.uy", true },
{ "carbontv.com", true },
{ "carburetorcycleoi.com", true },
@@ -6581,6 +6735,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cardxl.nl", true },
{ "care4all.com", true },
{ "careeapp.com", true },
+ { "career.support", true },
{ "careeroptionscoach.com", true },
{ "careerpower.co.in", true },
{ "careers.plus", true },
@@ -6606,9 +6761,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cariocacooking.com", true },
{ "carisenda.com", true },
{ "carkeysanantonio.com", true },
+ { "carlandfaith.com", true },
+ { "carlgo11.com", true },
{ "carlife-at.jp", true },
{ "carlili.fr", true },
{ "carlingfordapartments.com.au", true },
+ { "carlinmack.com", true },
{ "carlmjohnson.net", true },
{ "carlo.mx", false },
{ "carlobiagi.de", true },
@@ -6616,6 +6774,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "carlocksmithbaltimore.com", true },
{ "carlocksmithellicottcity.com", true },
{ "carlocksmithfallbrook.com", true },
+ { "carlocksmithkey.com", true },
{ "carlocksmithlewisville.com", true },
{ "carlocksmithmesquite.com", true },
{ "carlocksmithtucson.com", true },
@@ -6640,7 +6799,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "carpetcleaningtomball.com", true },
{ "carrando.com", true },
{ "carre-lutz.com", true },
- { "carrentalsathens.com", true },
{ "carriedin.com", true },
{ "carrierplatform.com", true },
{ "carringtonrealtygroup.com", true },
@@ -6649,6 +6807,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "carrollservicecompany.com", true },
{ "carrosserie-dubois.com", true },
{ "carseatchecks.ca", true },
+ { "carshippingcarriers.com", true },
{ "carson-aviation-adventures.com", true },
{ "carson-matthews.co.uk", true },
{ "carsoug.com", true },
@@ -6666,7 +6825,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cartadeviajes.pe", true },
{ "cartadeviajes.uk", true },
{ "carteirasedistintivos.com.br", true },
- { "cartelcircuit.com", true },
{ "carterstad.se", true },
{ "cartertonscouts.org.nz", true },
{ "cartesentreprises-unicef.fr", true },
@@ -6698,6 +6856,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "casadasportasejanelas.com", true },
{ "casadoarbitro.com.br", true },
{ "casadowifi.com.br", true },
+ { "casaessencias.com.br", true },
{ "casalindamex.com", true },
{ "casalunchbreak.de", true },
{ "casamariposaspi.com", true },
@@ -6713,17 +6872,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "case-vacanza-salento.com", true },
{ "casecoverkeygi.com", true },
{ "casecurity.org", true },
+ { "caseof.tk", true },
{ "caseplus-daem.de", true },
{ "caseycapitalpartners.com", true },
{ "cash-4x4.com", true },
{ "cashati.com", true },
{ "cashbook.co.tz", true },
{ "cashbot.cz", true },
+ { "cashfazz.com", true },
{ "cashlink.de", true },
{ "cashlink.io", true },
{ "cashlogic.ch", true },
{ "cashmaxtexas.com", true },
{ "cashplk.com", true },
+ { "casino-cash-flow.su", true },
+ { "casino-cashflow.ru", true },
{ "casino-online.info", true },
{ "casino-trio.com", true },
{ "casinobonuscodes.online", true },
@@ -6733,6 +6896,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "casinoonlinesicuri.com", true },
{ "casinovergleich.com", true },
{ "casio-caisses-enregistreuses.fr", true },
+ { "casirus.com", true },
{ "casjay.cloud", true },
{ "casjay.info", true },
{ "casjay.us", true },
@@ -6755,7 +6919,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "castles4kidz.com", true },
{ "castles4rascalsiow.co.uk", true },
{ "castlesrus-kent.com", true },
- { "castleswa.com.au", true },
{ "casualdesignsfurniture.com", true },
{ "casusgrillcaribbean.com", true },
{ "cat-blum.com", true },
@@ -6776,6 +6939,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "catchfotografie.nl", true },
{ "catchhimandkeephim.com", true },
{ "catchief.com", true },
+ { "catcoxx.de", true },
{ "catdecor.ru", true },
{ "catenacondos.com", true },
{ "catering-xanadu.cz", true },
@@ -6788,7 +6952,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "catherinescastles.co.uk", true },
{ "catholics.dating", true },
{ "cathosa.nl", true },
- { "cathosting.org", true },
{ "cathy.guru", true },
{ "cathy.website", true },
{ "cathyfitzpatrick.com", true },
@@ -6801,7 +6964,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "catl.st", true },
{ "catmoose.ca", true },
{ "catnet.dk", false },
- { "catprog.org", true },
{ "cattivo.nl", false },
{ "catuniverse.org", true },
{ "catveteran.com", true },
@@ -6816,7 +6978,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cavzodiaco.com.br", true },
{ "caxalt.com", true },
{ "caylercapital.com", true },
- { "cayounglab.co.jp", true },
{ "cazaviajes.es", true },
{ "cazes.info", true },
{ "cb-crochet.com", true },
@@ -6838,8 +6999,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cc-brantomois.fr", true },
{ "ccac.gov", true },
{ "ccavenue.com", true },
+ { "ccc-ch.ch", true },
{ "cccwien.at", true },
- { "ccgn.co", true },
{ "ccgx.de", true },
{ "ccoooss.com", true },
{ "ccprwebsite.org", true },
@@ -6848,7 +7009,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ccsys.com", true },
{ "cctvcanada.net", true },
{ "cctvview.info", true },
- { "ccu.io", true },
{ "ccu.plus", true },
{ "ccv-deutschland.de", true },
{ "ccv.ch", true },
@@ -6878,6 +7038,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cdshining.com", true },
{ "cdu-wilgersdorf.de", true },
{ "cduckett.net", true },
+ { "cdvl.org", true },
{ "ce-pimkie.fr", true },
{ "ceagriproducts.com", true },
{ "cebz.org", true },
@@ -6923,7 +7084,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "centennialseptic.com", true },
{ "centerpereezd.ru", false },
{ "centerpoint.ovh", true },
- { "centillien.com", false },
{ "centio.bg", true },
{ "centos.tips", true },
{ "centralbank.ae", true },
@@ -6968,8 +7128,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cermak.photos", true },
{ "cernakova.eu", true },
{ "cerpus-course.com", true },
+ { "cerrajeriaamericadelquindio.com", true },
{ "cert.govt.nz", true },
{ "cert.or.id", true },
+ { "certaintelligence.com", true },
{ "certcenter.ch", true },
{ "certcenter.co.uk", true },
{ "certcenter.com", true },
@@ -6981,6 +7143,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "certificatedetails.com", true },
{ "certificatespending.com", true },
{ "certificatetools.com", true },
+ { "certifiedfieldassociate.com", true },
{ "certifiednurses.org", true },
{ "certmonitor.com.au", true },
{ "certmonitor.net", true },
@@ -6988,6 +7151,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "certspotter.com", true },
{ "certspotter.org", true },
{ "cervejista.com", true },
+ { "ces-ltd.co.uk", true },
{ "cesantias.co", true },
{ "cesboard.com", true },
{ "cesdb.com", true },
@@ -7004,6 +7168,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cevo.com.hr", true },
{ "ceyizlikelisleri.com", true },
{ "cf-ide.de", true },
+ { "cf-tm.net", true },
{ "cfa.gov", true },
{ "cfan.space", true },
{ "cfda.gov", true },
@@ -7013,6 +7178,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cfno.org", true },
{ "cfo.gov", true },
{ "cfpa-formation.fr", true },
+ { "cfsh.tk", true },
{ "cftc.gov", true },
{ "cftcarouge.com", true },
{ "cfttt.com", true },
@@ -7034,6 +7200,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cgurtner.ch", true },
{ "ch-laborit.fr", true },
{ "ch-sc.de", true },
+ { "ch.bzh", true },
{ "ch.search.yahoo.com", false },
{ "ch47f.com", true },
{ "chabaudparfum.com", true },
@@ -7041,7 +7208,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chabik.com", true },
{ "chad.ch", true },
{ "chadstoneapartments.com.au", true },
- { "chadtaljaardt.com", true },
{ "chaffeyconstruction.com", true },
{ "chaifeng.com", true },
{ "chainedunion.info", true },
@@ -7064,8 +7230,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "champions.co", true },
{ "championsofpowerfulliving.com", true },
{ "championweb.co.nz", true },
+ { "championweb.com", true },
{ "championweb.com.au", true },
+ { "championweb.com.sg", true },
{ "championweb.nz", true },
+ { "championweb.sg", true },
{ "champonthis.de", true },
{ "champserver.net", false },
{ "chancekorte.com", true },
@@ -7088,9 +7257,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chaosdorf.de", true },
{ "chaosfield.at", true },
{ "chaoslab.org", true },
+ { "chaospott.de", true },
{ "chaosriftgames.com", true },
+ { "chaoswars.ddns.net", true },
{ "chaotichive.com", true },
- { "chaoticlaw.com", true },
{ "chapelaria.tf", true },
{ "chapelfordbouncers.co.uk", true },
{ "chapiteauxduleman.fr", true },
@@ -7098,6 +7268,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "charbonnel.eu", true },
{ "charcoal-se.org", true },
{ "charcoalvenice.com", true },
+ { "charge.co", true },
{ "chargedmonkey.com", true },
{ "chargify.com", true },
{ "charisma.ai", true },
@@ -7110,6 +7281,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "charlespitonltd.com", true },
{ "charlesrogers.co.uk", true },
{ "charlesstover.com", true },
+ { "charlestonfacialplastic.com", true },
{ "charliedillon.com", true },
{ "charliegarrod.com", true },
{ "charliehr.com", true },
@@ -7123,7 +7295,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "charmander.me", true },
{ "charmanterelefant.at", true },
{ "charmingsaul.com", true },
- { "charmyadesara.com", true },
{ "charr.xyz", true },
{ "chars.ga", true },
{ "charta-digitale-vernetzung.de", true },
@@ -7132,10 +7303,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chartpen.com", true },
{ "chartsy.de", true },
{ "chartwellestate.com", true },
- { "charuru.moe", true },
+ { "charuru.moe", false },
{ "chascrazycreations.com", true },
{ "chaseandzoey.de", true },
{ "chasetrails.co.uk", true },
+ { "chat-house-adell.com", true },
{ "chat-libera.org", true },
{ "chat-senza-registrazione.net", true },
{ "chat.cz", true },
@@ -7200,20 +7372,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cheapgeekts.com", false },
{ "cheapgoa.com", true },
{ "cheapiesystems.com", true },
+ { "cheapssl.com.tr", true },
{ "cheapticket.in", true },
+ { "cheatengine.pro", true },
{ "check.torproject.org", false },
{ "checkecert.nl", true },
+ { "checkjelinkje.nl", true },
{ "checkmyessay.com", true },
{ "checkmyessays.com", true },
{ "checkmyip.com", true },
{ "checkmypsoriasis.com", true },
{ "checkout.google.com", true },
{ "checkpoint-tshirt.com", true },
- { "checkras.tk", true },
{ "checkrente.nl", true },
{ "checkspf.net", true },
{ "checktype.com", true },
{ "checkui.com", true },
+ { "checkyourmath.com", true },
{ "checkyourprivilege.org", true },
{ "checkyourreps.org", true },
{ "checos.co.uk", true },
@@ -7222,14 +7397,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cheekymonkeysinflatables.co.uk", true },
{ "cheela.org", true },
{ "cheeseemergency.co.uk", true },
- { "cheesehosting.net", true },
- { "cheetahwerx.com", true },
{ "cheez.systems", true },
{ "cheezflix.uk", true },
{ "chefwear.com", true },
{ "chehalemgroup.com", true },
{ "cheladmin.ru", true },
- { "chelema.xyz", true },
{ "cheltenhambounce.co.uk", true },
{ "cheltenhambouncycastles.co.uk", true },
{ "cheltik.ru", true },
@@ -7239,7 +7411,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chenapartment.com", true },
{ "chengxindong.com", true },
{ "chenkun.pro", true },
- { "chenky.com", true },
{ "chenna.me", true },
{ "chennien.com", true },
{ "chenpei.org", true },
@@ -7259,15 +7430,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chess.com", true },
{ "chessboardao.com", true },
{ "chesscoders.com", true },
+ { "chesskid.com", true },
{ "chesspoint.ch", true },
- { "chesterlestreetasc.co.uk", true },
+ { "chesterlestreetasc.co.uk", false },
{ "chestnut.cf", true },
{ "chevy37.com", true },
{ "chevymotor-occasions.be", true },
{ "chewey.de", true },
{ "chewey.org", true },
{ "chewingucand.com", true },
- { "chez-janine.de", true },
{ "chez-oim.org", true },
{ "chez.moe", true },
{ "chfr.search.yahoo.com", false },
@@ -7278,6 +7449,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chiboard.co", true },
{ "chibr.eu", true },
{ "chic-leather.com", true },
+ { "chicagolug.org", true },
{ "chicagostudentactivists.org", true },
{ "chicisimo.com", true },
{ "chicolawfirm.com", true },
@@ -7314,7 +7486,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chint.ai", true },
{ "chinwag.im", true },
{ "chinwag.org", true },
- { "chipcore.com", true },
+ { "chipcore.com", false },
{ "chipglobe.com", true },
{ "chippy.ch", false },
{ "chips-scheduler.de", true },
@@ -7344,23 +7516,26 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chocgu.com", true },
{ "chocodecor.com.br", true },
{ "chocolah.com.au", false },
- { "chocolate13tilias.com.br", true },
+ { "chocolat.work", true },
{ "chocolatesandhealth.com", true },
{ "chocolatier-tristan.ch", true },
+ { "chocolytech.info", true },
{ "chocotough.nl", true },
{ "choiceautoloan.com", true },
- { "choisirmonerp.com", true },
{ "chokladfantasi.net", true },
+ { "chomp.life", true },
{ "chon.io", true },
{ "chonghe.org", true },
{ "chook.as", true },
{ "choootto.club", true },
{ "choosemypc.net", true },
+ { "chopperdesign.com", true },
{ "chorkley.co.uk", true },
{ "chorkley.com", true },
{ "chorkley.uk", true },
{ "chorpinkpoemps.de", true },
{ "chosenplaintext.org", true },
+ { "chotlo.com", true },
{ "chourishi-shigoto.com", true },
{ "chovancova.sk", true },
{ "chowii.com", true },
@@ -7385,20 +7560,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chrisnekarda.com", true },
{ "chrisplankhomes.com", true },
{ "chrispstreet.com", true },
- { "chrissx.ga", true },
{ "christadelphiananswers.org", true },
{ "christadelphians.eu", true },
{ "christchurchbouncycastles.co.uk", true },
{ "christec.net", true },
{ "christensenplace.us", true },
+ { "christerwaren.fi", true },
{ "christiaanconover.com", true },
+ { "christian-fischer.pictures", true },
+ { "christian-folini.ch", true },
{ "christian-gredig.de", true },
{ "christian-host.com", true },
- { "christian-krug.website", true },
{ "christian-liebel.com", true },
{ "christian-stadelmann.de", true },
{ "christianbargon.de", false },
{ "christiancleva.com", true },
+ { "christiancoleman.info", true },
{ "christianfaq.org", true },
{ "christianforums.com", true },
{ "christiangehring.org", true },
@@ -7410,7 +7587,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "christianpeltier.com", true },
{ "christianpilgrimage.com.au", true },
{ "christians.dating", true },
- { "christianscholz.de", true },
+ { "christianscholz.de", false },
{ "christiehawkes.com", true },
{ "christiesantiques.com", true },
{ "christmascard.be", true },
@@ -7418,6 +7595,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "christoph-conrads.name", true },
{ "christophbartschat.com", true },
{ "christopher-simon.de", true },
+ { "christopher.sh", true },
{ "christopherandcharlotte.uk", true },
{ "christopherburg.com", true },
{ "christopherkennelly.com", true },
@@ -7456,15 +7634,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chunk.science", true },
{ "chupadelfrasco.com", true },
{ "chuppa.com.au", true },
- { "churchlinkpro.com", true },
{ "churchofsaintrocco.org", true },
{ "churchofscb.org", true },
{ "churchthemes.com", true },
+ { "churchwebcanada.ca", true },
+ { "churchwebsupport.com", true },
{ "churningtracker.com", true },
+ { "chybeck.net", true },
{ "chyen.cc", true },
{ "chytraauta.cz", true },
{ "chziyue.com", true },
{ "ci-fo.org", true },
+ { "ci-suite.com", true },
{ "ci5.me", true },
{ "ciancode.com", true },
{ "ciania.pl", true },
@@ -7472,11 +7653,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ciansc.com", true },
{ "ciaracode.com", true },
{ "ciat.no", false },
+ { "cibercactus.com", true },
{ "cidbot.com", true },
{ "cidersus.com.ec", true },
{ "cie-theatre-montfaucon.ch", true },
{ "cielbleu.org", true },
{ "cielly.com", true },
+ { "cierreperimetral.com", true },
{ "cifop-numerique.fr", true },
{ "ciftlikesintisi.com", true },
{ "cig-dem.com", true },
@@ -7487,21 +7670,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cimballa.com", true },
{ "cimfax.com", true },
{ "cinafilm.com", true },
- { "cinay.pw", true },
{ "cindydudley.com", true },
{ "cine-music.de", true },
{ "cine.to", true },
{ "cinefilzonen.se", true },
+ { "cinefun.net", true },
{ "cinemarxism.com", true },
{ "cinemasetfree.com", true },
{ "cinemysticism.com", true },
{ "cineplex.my", true },
+ { "cinerama.com.br", false },
{ "cinnabon.com", true },
{ "cinq-elements.com", true },
{ "cinq-elements.fr", true },
{ "cinq-elements.net", true },
{ "cinsects.de", true },
- { "cintactimber.com", true },
{ "cinteo.com", true },
{ "cio-ciso-interchange.org", true },
{ "cio-cisointerchange.org", true },
@@ -7521,6 +7704,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cipria.no", true },
{ "cipy.com", true },
{ "cir.is", true },
+ { "circady.com", true },
{ "circara.com", true },
{ "circle-people.com", true },
{ "circu.ml", true },
@@ -7534,7 +7718,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cirurgicagervasio.com.br", true },
{ "cirurgicalucena.com.br", true },
{ "cirurgicasalutar.com.br", true },
- { "ciscodude.net", false },
+ { "ciscodude.net", true },
{ "cisoaid.com", true },
{ "cisofy.com", true },
{ "cispeo.org", true },
@@ -7544,6 +7728,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "citcuit.in", true },
{ "cities.cl", true },
{ "citimarinestore.com", true },
+ { "citizen-cam.de", true },
{ "citizensbankal.com", true },
{ "citizenscience.gov", false },
{ "citizenslasvegas.com", true },
@@ -7557,6 +7742,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "city-walks.info", true },
{ "citya.com", true },
{ "citybeat.de", true },
+ { "cityfloorsupply.com", true },
{ "citylights.eu", true },
{ "citymoobel.ee", true },
{ "cityoftitans.com", true },
@@ -7566,6 +7752,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ciubotaru.tk", true },
{ "ciurcasdan.eu", true },
{ "civicforum.pl", true },
+ { "civilbikes.com", true },
{ "civilg20.org", true },
{ "civillines.nl", true },
{ "civiltoday.com", true },
@@ -7604,7 +7791,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "clanebouncycastles.com", true },
{ "clangwarnings.com", true },
{ "clanrose.org.uk", true },
- { "clanthor.com", true },
{ "clanwarz.com", true },
{ "clarkeaward.com", true },
{ "clarkwinkelmann.com", true },
@@ -7622,6 +7808,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "classroomcountdown.co.nz", true },
{ "classteaching.com.au", true },
{ "classyvaper.de", true },
+ { "claster.it", true },
{ "claude-leveille.com", true },
{ "claude.tech", true },
{ "claudia-urio.com", true },
@@ -7630,6 +7817,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "clawe.de", true },
{ "clawhammer.dk", true },
{ "clayandcottonkirkwood.com", true },
+ { "claygregory.com", true },
{ "clayprints.com", true },
{ "claytonstowing.com.au", true },
{ "clazzrooms.com", true },
@@ -7655,6 +7843,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "clearvoice.com", true },
{ "clemenscompanies.com", true },
{ "clement-beaufils.fr", true },
+ { "clementfevrier.fr", true },
{ "cles-asso.fr", true },
{ "cles.jp", true },
{ "clevergod.net", true },
@@ -7669,6 +7858,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "click4web.com", true },
{ "clickclock.cc", true },
{ "clickenergy.com.au", true },
+ { "clickingmad.com", true },
{ "clickphish.com", true },
{ "clicksaveandprint.com", true },
{ "clien.net", true },
@@ -7681,7 +7871,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "climatestew.com", true },
{ "clindoeilmontagne.com", true },
{ "clingout.com", true },
- { "clinicadam.com", false },
+ { "clinicadam.com", true },
{ "clinicadelogopedia.net", true },
{ "clinicalrehabilitation.info", true },
{ "clinicaltrials.gov", true },
@@ -7702,7 +7892,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "clockcaster.com", true },
{ "clockworksms.com", true },
{ "clod-hacking.com", true },
- { "clojurescript.ru", true },
{ "cloppenburg-autmobil.com", true },
{ "cloppenburg-automobil.com", true },
{ "clorophilla.net", true },
@@ -7710,8 +7899,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "closelinksecurity.co.uk", true },
{ "closelinksecurity.com", true },
{ "closetemail.com", true },
- { "cloturea.fr", true },
- { "cloud-surfer.net", true },
+ { "cloud-surfer.net", false },
{ "cloud.bugatti", true },
{ "cloud.fail", true },
{ "cloud.google.com", true },
@@ -7720,19 +7908,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cloud9bouncycastlehire.com", true },
{ "cloudapps.digital", true },
{ "cloudbolin.es", true },
- { "cloudbreaker.de", true },
{ "cloudbrothers.info", true },
{ "cloudcactuar.com", false },
{ "cloudcaprice.net", true },
{ "cloudchart.site", true },
{ "cloudcite.net", true },
{ "cloudcloudcloud.cloud", true },
- { "cloudconsulting.net.za", true },
- { "cloudconsulting.org.za", true },
- { "cloudconsulting.web.za", true },
{ "cloudcrux.net", true },
{ "cloudey.net", true },
- { "cloudfiles.at", true },
{ "cloudflare-dns.com", true },
{ "cloudflare.com", true },
{ "cloudflareonazure.com", true },
@@ -7740,6 +7923,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cloudily.com", true },
{ "cloudkeep.nl", true },
{ "cloudkit.pro", false },
+ { "cloudland.club", true },
{ "cloudlessdreams.com", true },
{ "cloudlight.biz", true },
{ "cloudnote.cc", true },
@@ -7752,7 +7936,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cloudservice.io", true },
{ "cloudservices.nz", true },
{ "cloudsign.jp", true },
- { "cloudsocial.io", true },
{ "cloudspace-analytics.com", true },
{ "cloudspeedy.net", true },
{ "cloudspire.net", true },
@@ -7793,9 +7976,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "clubmini.jp", true },
{ "clubnoetig-ink2g.de", true },
{ "clubon.space", true },
- { "clubscannan.ie", true },
{ "clueful.ca", true },
- { "clush.pw", true },
{ "cluster.biz.tr", true },
{ "clusteranalyse.net", true },
{ "clusterfuck.nz", true },
@@ -7804,7 +7985,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cm.center", true },
{ "cmacacias.ch", true },
{ "cmadeangelis.it", true },
- { "cmahy.be", true },
+ { "cmc.pt", true },
+ { "cmcelectrical.com", true },
{ "cmcressy.ch", true },
{ "cmdline.org", true },
{ "cme-colleg.de", true },
@@ -7813,6 +7995,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cmftech.com", true },
{ "cmgacheatcontrol.com", true },
{ "cmillrehab.com", true },
+ { "cmitao.com", true },
{ "cmlachapelle.ch", true },
{ "cmlancy.ch", true },
{ "cmlignon.ch", true },
@@ -7824,7 +8007,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cms-weble.jp", true },
{ "cmskeyholding.co.uk", true },
{ "cmskeyholding.com", true },
- { "cmusical.es", true },
+ { "cmv.gr", true },
{ "cmylife.nl", true },
{ "cn.search.yahoo.com", false },
{ "cn8522.com", true },
@@ -7839,14 +8022,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cncrans.ch", true },
{ "cnet-hosting.com", true },
{ "cni-certing.it", true },
+ { "cnnet.in", true },
{ "cnre.eu", true },
{ "cnvt.fr", true },
{ "co-factor.ro", true },
{ "co-founder-stuttgart.de", true },
{ "co.search.yahoo.com", false },
- { "co2eco.cn", true },
{ "co50.com", true },
- { "coa.one", true },
{ "coachezmoi.ch", true },
{ "coachfederation.ro", true },
{ "coaching-impulse.ch", true },
@@ -7858,10 +8040,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "coathangastrangler.com", true },
{ "coathangerstrangla.com", true },
{ "coathangerstrangler.com", true },
- { "coatl-industries.com", true },
+ { "coatl-industries.com", false },
{ "cobalt.io", true },
{ "cobaltgp.com", true },
+ { "cobaltis.co.uk", true },
{ "cobracastles.co.uk", true },
+ { "cocaine-import.agency", true },
{ "cocaine.ninja", true },
{ "cocalc.com", true },
{ "cocareonline.com", true },
@@ -7877,7 +8061,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cocoscastles.co.uk", true },
{ "cocquyt-usedcars.be", true },
{ "cocubes.com", true },
- { "cocyou.ooo", true },
{ "coda.io", true },
{ "coda.moe", true },
{ "coda.today", true },
@@ -7886,6 +8069,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "codabix.de", true },
{ "code-golf.io", true },
{ "code-poets.co.uk", true },
+ { "code-vikings.de", true },
{ "code-well.com", true },
{ "code.facebook.com", false },
{ "code.fm", true },
@@ -7894,6 +8078,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "code67.com", true },
{ "codeandpeace.com", true },
{ "codebrahma.com", false },
+ { "codebreaking.org", true },
{ "codecommunity.io", true },
{ "codedelarouteenligne.fr", true },
{ "codedump.net", true },
@@ -7901,6 +8086,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "codeferm.com", true },
{ "codefordus.de", true },
{ "codefordus.nrw", true },
+ { "codehz.one", true },
{ "codein.ca", true },
{ "codeine.co.uk", true },
{ "codeit.guru", true },
@@ -7923,7 +8109,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "codesplain.in", true },
{ "codesport.io", true },
{ "codespromo.be", true },
- { "codestep.io", true },
{ "codestudies.net", true },
{ "codesyncro.com", true },
{ "codetheworld.com", true },
@@ -7940,7 +8125,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "codific.com", true },
{ "codific.eu", true },
{ "codigo-bonus-bet.es", true },
- { "codigodelbonusbet365.com", true },
{ "codigosddd.com.br", true },
{ "codimaker.com", true },
{ "coding-minds.com", true },
@@ -7952,7 +8136,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "codingrobots.com", true },
{ "codxg.org", true },
{ "codyevanscomputer.com", true },
- { "codymoniz.com", true },
{ "codyqx4.com", true },
{ "codyscafesb.com", true },
{ "coens.me.uk", true },
@@ -7961,7 +8144,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "coffee-mamenoki.jp", true },
{ "coffeeandteabrothers.com", true },
{ "coffeetime.fun", true },
- { "coffeetocode.me", true },
{ "cogala.eu", true },
{ "cogent.cc", true },
{ "cogilog.com", true },
@@ -8006,6 +8188,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "colapsys.net", true },
{ "colasjourdain.fr", true },
{ "coldawn.com", false },
+ { "coldcardwallet.com", true },
{ "coldfff.com", false },
{ "coldhak.ca", true },
{ "coldstreamcreekfarm.com", true },
@@ -8048,7 +8231,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "collinelhossari.com", true },
{ "collinklippel.com", true },
{ "collinmbarrett.com", true },
- { "colo-tech.com", true },
{ "colombian.dating", true },
{ "coloppe.com", true },
{ "coloraid.net", true },
@@ -8082,6 +8264,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "comcol.nl", true },
{ "comdurav.com", true },
{ "comeals.com", true },
+ { "comefollowme2016.com", true },
{ "comeoishii.com", true },
{ "comercialtpv.com", true },
{ "comerford.net", true },
@@ -8092,6 +8275,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "comfintouch.com", true },
{ "comflores.com.br", true },
{ "comfortmastersinsulation.com", true },
+ { "comfun.net", true },
{ "comhack.com", true },
{ "comicspornos.com", true },
{ "comicspornoxxx.com", true },
@@ -8114,23 +8298,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "commonspace.la", true },
{ "communityblog.fedoraproject.org", true },
{ "communitycodeofconduct.com", true },
- { "communityflow.info", true },
{ "communitymanagertorrejon.com", true },
{ "communote.net", true },
{ "como-se-escribe.com", true },
- { "comocurarlagastritis24.online", true },
{ "comocurarlagastritistratamientonatural.com", true },
- { "comodesinflamarlashemorroides.org", true },
+ { "comodo.nl", true },
{ "comodormirmasrapido.com", true },
{ "comodosslstore.com", true },
{ "comoeliminarlaspapulasperladasenelglande.com", true },
{ "comogene.com", true },
- { "comohacerelamoraunhombrenet.com", true },
+ { "comohacerblog.net", true },
{ "comohacerpara.com", true },
{ "comoimportar.net", true },
{ "comopuededejardefumar.net", true },
- { "comoquitarlacaspa24.com", true },
- { "comoquitarlasestriasrapidamente.com", true },
{ "comosatisfaceraunhombreenlacamaydejarloloco.com", true },
{ "comosecarabarriga.net", true },
{ "comoseduzir.net", true },
@@ -8154,6 +8334,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "comphare.nl", true },
{ "compibus.fr", true },
{ "compilenix.org", true },
+ { "compleetondernemen.nl", true },
{ "completefloorcoverings.com", true },
{ "completesecurityessex.co.uk", true },
{ "completesecurityessex.com", true },
@@ -8186,12 +8367,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "computerbas.nl", true },
{ "computerbase.de", true },
{ "computercamaccgi.com", true },
- { "computercraft.net", true },
{ "computeremergency.com.au", false },
+ { "computerfreunde-barmbek.de", true },
{ "computerhilfe-feucht.de", true },
{ "computernetwerkwestland.nl", true },
{ "computerslotopschool.nl", true },
{ "computersystems.guru", false },
+ { "computop.com", true },
+ { "comtily.com", true },
{ "comunidadmontepinar.es", true },
{ "comvos.de", true },
{ "comw.cc", true },
@@ -8204,7 +8387,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "concertsenboite.fr", true },
{ "concertsto.com", true },
{ "conciliumnotaire.ca", true },
- { "conclinica.com.br", true },
{ "concordsoftwareleasing.com", true },
{ "concretelevelingsystems.com", true },
{ "concreterepairatlanta.com", true },
@@ -8229,12 +8411,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "conejovalleylighting.com", true },
{ "conejovalleyoutdoorlighting.com", true },
{ "conexiontransporte.com", true },
+ { "conference.dnsfor.me", true },
{ "confiancefoundation.org", true },
{ "config.schokokeks.org", false },
{ "confiwall.de", true },
{ "conformax.com.br", true },
- { "conformist.jp", true },
- { "confucio.cl", true },
{ "congineer.com", true },
{ "congobunkering.com", true },
{ "conju.cat", true },
@@ -8262,8 +8443,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "connyduck.at", true },
{ "conociendosalama.com", true },
{ "conocimientosdigitales.com", true },
+ { "conorboyd.info", true },
{ "conory.com", true },
{ "conpath.net", true },
+ { "conpins.nl", true },
{ "conrad-kostecki.de", true },
{ "conradkostecki.de", true },
{ "conradsautotransmissionrepair.com", true },
@@ -8271,6 +8454,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "consagracionamariasantisima.org", true },
{ "consciousbrand.co", true },
{ "consciouschoices.net", true },
+ { "consciousnesschange.com", true },
{ "consec-systems.de", true },
{ "consegnafioridomicilio.net", true },
{ "consejosdenutricion.com", true },
@@ -8322,7 +8506,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "conti-profitlink.co.uk", true },
{ "continuum.memorial", true },
{ "contrabass.net", true },
- { "contractdigital.co.uk", true },
{ "contractormountain.com", true },
{ "contractwriters.com", true },
{ "contraspin.co.nz", true },
@@ -8375,13 +8558,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "coolerssr.space", true },
{ "coolgifs.de", true },
{ "coolprylar.se", true },
- { "coolviewthermostat.com", true },
{ "coolwallet.io", true },
{ "coonawarrawines.com.au", true },
{ "coopens.com", true },
{ "cooperativehandmade.com", true },
{ "cooperativehandmade.pe", true },
- { "coor.fun", true },
{ "coore.jp", true },
{ "coorpacademy.com", true },
{ "copdfoundation.org", true },
@@ -8446,6 +8627,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "corpio.nl", true },
{ "corpkitnw.com", true },
{ "corpoflow.nl", true },
+ { "corporacioninternacionallideres.org", true },
{ "corporateclash.net", true },
{ "corporatecomputingsolutions.com", true },
{ "corporateinfluencers.com", true },
@@ -8462,6 +8644,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "corrick.io", true },
{ "corrupted.io", true },
{ "corsa-b.uk", true },
+ { "corscanplus.com", true },
{ "corsectra.com", true },
{ "corsihaccpsicurezzalavoro.it", true },
{ "cortexitrecruitment.com", true },
@@ -8472,7 +8655,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "corvus.eu.org", true },
{ "coryadum.com", true },
{ "corytyburski.com", true },
- { "corzntin.fr", false },
{ "cosasque.com", true },
{ "cosciamoos.com", true },
{ "cosirex.com", true },
@@ -8482,8 +8664,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cosmeticappraisal.com", true },
{ "cosmeticasimple.com", true },
{ "cosmeticos-naturales.com", true },
- { "cosmeticosdelivery.com.br", true },
+ { "cosmic-os.org", true },
{ "cosmicnavigator.com", true },
+ { "cosmintataru.ro", true },
{ "cosmodacollection.com", true },
{ "cosmofunnel.com", true },
{ "cosmundi.de", true },
@@ -8494,7 +8677,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "costa-rica-reisen.de", true },
{ "costablanca.villas", true },
{ "costablancavoorjou.com", true },
- { "costcofinance.com", true },
{ "costcoinsider.com", true },
{ "costellofc.co.uk", true },
{ "costinstefan.eu", true },
@@ -8506,7 +8688,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cotta.dk", true },
{ "cotwe-ge.ch", true },
{ "cougar.dating", true },
- { "counsellingtime.co.uk", true },
{ "counsellingtime.com", true },
{ "counstellor.com", true },
{ "counter-team.ch", true },
@@ -8524,18 +8705,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "countybankdel.com", true },
{ "countyjailinmatesearch.com", true },
{ "coupe-bordure.com", true },
+ { "couplay.org", true },
{ "couponcodesme.com", true },
{ "cour4g3.me", true },
{ "couragefound.org", true },
+ { "coursables.com", true },
{ "coursera.org", true },
{ "courtlistener.com", true },
{ "couscous.recipes", true },
{ "cousincouples.com", false },
{ "coussinsky.net", true },
{ "couvreur-hinault.fr", true },
- { "covaci.pro", true },
{ "covbounce.co.uk", true },
- { "covenantmatrix.com", true },
{ "covenantoftheriver.org", true },
{ "covermytrip.com.au", true },
{ "covershousing.nl", true },
@@ -8547,6 +8728,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cowboyim.com", true },
{ "coweo.cz", true },
{ "cowo.group", true },
+ { "coworking-luzern.ch", true },
{ "coxcapitalmanagement.com", true },
{ "coxxs.me", true },
{ "coxxs.moe", true },
@@ -8554,11 +8736,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cozyeggdesigns.com", true },
{ "cp-st-martin.be", true },
{ "cpahunt.com", false },
+ { "cpap.com", true },
{ "cpasperdu.com", true },
{ "cpbapremiocaduceo.com.ar", true },
{ "cpcheats.co", true },
{ "cpd-education.co.uk", true },
{ "cpe-colleg.de", true },
+ { "cpgarmor.com", true },
{ "cphpvb.net", true },
{ "cplala.com", true },
{ "cplus.me", true },
@@ -8569,6 +8753,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cprheartcenter.com", true },
{ "cprnearme.com", true },
{ "cpsc.gov", true },
+ { "cpsq.fr", true },
{ "cptoon.com", true },
{ "cpu.biz.tr", true },
{ "cpvmatch.eu", true },
@@ -8582,6 +8767,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "craazzyman21.at", true },
{ "crackcat.de", true },
{ "cracker.in.th", true },
+ { "crackers4cheese.com", true },
{ "crackle.io", true },
{ "crackorsquad.in", true },
{ "crackstation.net", true },
@@ -8589,7 +8775,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "craft-verlag.de", true },
{ "craftandbuild.de", true },
{ "craftcommerce.com", true },
- { "craftinghand.com", true },
{ "craftinginredlipstick.com", true },
{ "craftist.de", true },
{ "craftsmandruggets.com", true },
@@ -8619,6 +8804,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crazy-bulks.com", true },
{ "crazy-cat.net", true },
{ "crazy-coders.com", true },
+ { "crazybulk.co.uk", true },
+ { "crazybulk.com", true },
+ { "crazybulk.fr", true },
{ "crazycastles.ie", true },
{ "crazydomains.ae", true },
{ "crazydomains.co.nz", true },
@@ -8636,15 +8824,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crea-shops.ch", true },
{ "crea.bg", true },
{ "creadstudy.com", true },
- { "crealogix-online.com", true },
{ "creamcastles.co.uk", true },
{ "creared.edu.co", true },
- { "create-together.nl", true },
+ { "createcos.com", true },
{ "createme.com.pl", true },
{ "createursdefilms.com", true },
{ "creatieven.com", true },
{ "creation-contemporaine.com", true },
- { "creations-edita.com", true },
{ "creative-wave.fr", true },
{ "creativebites.de", true },
{ "creativecaptiv.es", true },
@@ -8652,12 +8838,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "creativecommons.org", true },
{ "creativeconceptsvernon.com", true },
{ "creativedigital.co.nz", true },
+ { "creativefolks.co.uk", true },
{ "creativefreedom.ca", true },
{ "creativeglassgifts.com.au", true },
+ { "creativeground.com.au", true },
+ { "creativeimagery.com.au", true },
{ "creativeink.de", true },
{ "creativekkids.com", true },
{ "creativelaw.eu", true },
{ "creativeliquid.com", true },
+ { "creativerezults.com", true },
{ "creativesprite.com", true },
{ "creativesurvey.com", true },
{ "creativeweb.biz", true },
@@ -8673,6 +8863,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crediteo.pl", true },
{ "creditkarma.com", true },
{ "creditos-rapidos.com", true },
+ { "creditozen.es", true },
+ { "creditozen.mx", true },
{ "creditproautos.com", false },
{ "creditscoretalk.com", true },
{ "creditta.com", true },
@@ -8682,6 +8874,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "creepycraft.nl", true },
{ "creepypastas.com", true },
{ "creepypastas.net", true },
+ { "creer-une-boutique-en-ligne.com", true },
{ "creerunsitepro.com", true },
{ "crefelder.com", true },
{ "crem.in", false },
@@ -8698,9 +8891,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crew505.org", true },
{ "crgalvin.com", true },
{ "crgm.net", true },
- { "criadorespet.com.br", true },
{ "cribcore.com", true },
- { "crickey.eu", true },
{ "criena.com", true },
{ "criena.net", true },
{ "crimefreeliving.com", true },
@@ -8708,9 +8899,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crimevictims.gov", true },
{ "criminal-attorney.ru", true },
{ "criminal.enterprises", true },
- { "crimson.no", true },
{ "crinesdanzantes.be", true },
{ "criptolog.com", true },
+ { "criscitos.it", true },
{ "crisisactual.com", true },
{ "crisisnextdoor.gov", true },
{ "crisp.chat", true },
@@ -8722,7 +8913,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cristarta.com", true },
{ "cristau.org", true },
{ "cristiandeluxe.com", false },
- { "critcola.com", true },
{ "critical.today", false },
{ "criticalsurveys.co.uk", true },
{ "crizin.io", true },
@@ -8731,13 +8921,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crochetnerd.com", true },
{ "croisedanslemetro.com", true },
{ "croixblanche-haguenau.fr", true },
- { "cronberg.ch", true },
+ { "cromefire.myds.me", true },
{ "croncron.io", true },
{ "cronix.cc", true },
{ "cronologie.de", true },
{ "cronometer.com", true },
+ { "cronoscentral.be", true },
{ "cropdiagnosis.com", true },
- { "croquette.net", true },
{ "crosbug.com", true },
{ "crose.co.uk", true },
{ "cross-led-sign.com", true },
@@ -8746,7 +8936,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cross-x.com", true },
{ "cross.lol", true },
{ "crossborderreturns.com", true },
- { "crosscom.ch", true },
{ "crossedwires.net", true },
{ "crossfitblackwater.com", true },
{ "crossfunctional.com", true },
@@ -8760,6 +8949,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crowdliminal.com", true },
{ "crowdsim3d.com", true },
{ "crowdsupply.com", true },
+ { "crownaffairs.ch", true },
{ "crowncastles.co.uk", true },
{ "crownchessclub.com", true },
{ "crownmarqueehire.co.uk", true },
@@ -8771,7 +8961,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crsmsodry.cz", true },
{ "crstat.ru", true },
{ "crt.cloud", true },
- { "crt.sh", true },
+ { "crt2014-2024review.gov", true },
+ { "cruisemoab.com", true },
{ "crumbcontrol.com", true },
{ "crunchrapps.com", true },
{ "crunchy.rocks", true },
@@ -8779,6 +8970,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crute.me", true },
{ "crvv.me", true },
{ "cry.nu", false },
+ { "cryogenix.net", true },
{ "cryoit.com", true },
{ "cryothanasia.com", true },
{ "cryp.no", true },
@@ -8788,7 +8980,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crypted.chat", true },
{ "crypteianetworks.com", true },
{ "crypticshell.co.uk", true },
- { "crypto-armory.com", true },
{ "crypto.cat", false },
{ "crypto.graphics", true },
{ "crypto.is", false },
@@ -8800,6 +8991,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cryptography.ch", true },
{ "cryptography.io", true },
{ "cryptoguidemap.com", true },
+ { "cryptoisnotacrime.org", true },
{ "cryptojacks.io", true },
{ "cryptojourney.com", true },
{ "cryptolinc.com", true },
@@ -8807,7 +8999,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cryptolosophy.io", true },
{ "cryptolosophy.org", true },
{ "cryptomaniaks.com", true },
- { "cryptonom.org", true },
{ "cryptonym.com", true },
{ "cryptoparty.at", true },
{ "cryptoparty.tv", true },
@@ -8820,16 +9011,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cryptract.co", true },
{ "crys.cloud", true },
{ "crys.hu", true },
+ { "crystal-zone.com", true },
{ "crystalapp.ca", true },
{ "crystalchandelierservices.com", true },
{ "crystalgrid.net", true },
{ "crystallizedcouture.com", true },
{ "crystaloscillat.com", true },
+ { "crystalzoneshop.com", true },
{ "crystone.me", true },
{ "cryz.ru", true },
{ "cs2016.ch", true },
{ "csabg.org", true },
- { "csbgtribalta.com", true },
{ "csbs.fr", true },
{ "csbuilder.io", true },
{ "csca.me", true },
@@ -8838,9 +9030,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "csfcloud.com", true },
{ "csfd.cz", true },
{ "csfm.com", true },
+ { "csgo.design", true },
{ "csgo.su", false },
{ "csgoswap.com", true },
{ "csharpmarc.net", true },
+ { "cshub.nl", true },
{ "csi.lk", true },
{ "csinterstargeneve.ch", true },
{ "cskentertainment.co.uk", true },
@@ -8855,10 +9049,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "css.net", true },
{ "cssai.eu", true },
{ "cssaunion.com", true },
+ { "cstanley.net", true },
{ "cstb.ch", true },
{ "cstp-marketing.com", true },
{ "cstrong.nl", true },
{ "csu.st", true },
+ { "csust.ac.cn", true },
{ "csuw.net", true },
{ "csvalpha.nl", true },
{ "ct.search.yahoo.com", false },
@@ -8866,7 +9062,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ctcom-peru.com", true },
{ "ctcue.com", true },
{ "ctf.link", true },
- { "cthulhuden.com", true },
{ "ctj.im", true },
{ "ctkwwri.org", true },
{ "ctl.email", true },
@@ -8875,19 +9070,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ctnguyen.net", true },
{ "ctns.de", true },
{ "ctoforhire.com.au", true },
- { "ctomp.io", true },
+ { "ctomp.io", false },
{ "ctoresms.com", true },
{ "ctpe.net", true },
+ { "ctrl.blog", true },
{ "ctrld.me", true },
{ "cu247secure.ie", true },
{ "cub-bouncingcastles.co.uk", true },
{ "cube-cloud.com", true },
+ { "cube.builders", true },
{ "cube.de", true },
{ "cubebot.io", true },
{ "cubebuilders.net", true },
{ "cubecart-demo.co.uk", true },
{ "cubecart-hosting.co.uk", true },
{ "cubecraft.net", true },
+ { "cubecraftcdn.com", true },
{ "cubekrowd.net", true },
{ "cubetech.co.jp", true },
{ "cubia.de", true },
@@ -8913,11 +9111,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cultivo.bio", true },
{ "cultofd50.org", true },
{ "cultofperf.org.uk", true },
+ { "cultura10.com", true },
{ "culture-school.top", true },
{ "culturedcode.com", true },
{ "culturerain.com", true },
{ "culturesouthwest.org.uk", true },
{ "cumberlandrivertales.com", true },
+ { "cumparama.com", true },
{ "cumplegenial.com", true },
{ "cuoc.org.uk", true },
{ "cup.al", true },
@@ -8972,8 +9172,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "customizeyoursink.com", true },
{ "customwritingservice.com", true },
{ "customwritten.com", true },
- { "cutephil.com", true },
- { "cutimbo.com", true },
{ "cutimbo.ovh", true },
{ "cutner.co", true },
{ "cuvva.co", true },
@@ -8998,14 +9196,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cvl.ch", true },
{ "cvlibrary.co.uk", true },
{ "cvmu.jp", true },
- { "cvninja.pl", true },
{ "cvr.dk", true },
{ "cvursache.com", true },
+ { "cvv.cn", true },
{ "cw.center", true },
{ "cwagner.me", true },
{ "cwarren.org", true },
{ "cwbrtrust.ca", true },
{ "cwgaming.co.uk", true },
+ { "cwinfo.fi", true },
{ "cwmart.in", true },
{ "cwrau.com", true },
{ "cwrau.de", true },
@@ -9022,6 +9221,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cyber.je", true },
{ "cyberatlantis.com", true },
{ "cybercareers.gov", true },
+ { "cybercloud.cc", true },
{ "cybercocoon.com", true },
{ "cybercrew.cc", true },
{ "cybercrime-forschung.de", true },
@@ -9032,6 +9232,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cybergrx.com", true },
{ "cyberguerrilla.info", true },
{ "cyberguerrilla.org", true },
+ { "cyberhipsters.nl", true },
{ "cyberianhusky.com", true },
{ "cyberkov.com", true },
{ "cyberlab.kiev.ua", false },
@@ -9039,7 +9240,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cybermeldpunt.nl", true },
{ "cyberogism.com", true },
{ "cyberoptic.de", true },
- { "cyberphaze.com", true },
{ "cyberpioneer.net", false },
{ "cyberpubonline.com", true },
{ "cyberregister.nl", true },
@@ -9057,6 +9257,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cyberspect.com", true },
{ "cyberspect.io", true },
{ "cyberstatus.de", true },
+ { "cybertorsk.org", true },
{ "cybertu.be", true },
{ "cyberwars.dk", true },
{ "cyberwire.nl", true },
@@ -9080,11 +9281,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cygnius.net", true },
{ "cyhour.com", true },
{ "cykelbanor.se", true },
+ { "cyl6.com", true },
{ "cylindehea.com", true },
{ "cylindricity.com", true },
{ "cyon.ch", true },
{ "cypad.cn", true },
- { "cype.dedyn.io", true },
{ "cyph.audio", true },
{ "cyph.com", true },
{ "cyph.healthcare", true },
@@ -9093,16 +9294,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cyph.me", true },
{ "cyph.video", true },
{ "cyph.ws", true },
+ { "cypherpunk.at", true },
+ { "cypherpunk.com", true },
{ "cypherpunk.observer", true },
+ { "cypressinheritancesaga.com", true },
{ "cypresslegacy.com", true },
{ "cyprus-company-service.com", true },
{ "cyrating.com", true },
{ "cysec.biz", true },
+ { "cysmo.de", true },
{ "cyson.tech", true },
{ "cytech.com.tr", true },
{ "cytegic-update-packages.com", true },
+ { "cytotecforsale.com", true },
{ "cyumus.com", true },
- { "cyyzaid.cn", false },
{ "czakey.net", true },
{ "czbix.com", true },
{ "czbtm.com", true },
@@ -9121,6 +9326,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "d-parts.de", true },
{ "d-parts24.de", true },
{ "d-quantum.com", true },
+ { "d-toys.com.ua", true },
{ "d-training.de", true },
{ "d.nf", true },
{ "d.nr", true },
@@ -9128,21 +9334,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "d0g.cc", true },
{ "d0m41n.name", true },
{ "d0xq.com", true },
+ { "d2.gg", true },
{ "d2ph.com", true },
{ "d2s.uk", true },
{ "d3lab.net", true },
{ "d3xt3r01.tk", true },
- { "d3xx3r.de", true },
{ "d42.no", true },
- { "d4wson.com", true },
+ { "d4done.com", true },
{ "d4x.de", true },
{ "d66.nl", true },
{ "d6c5yfulmsbv6.cloudfront.net", true },
{ "d8.io", true },
- { "d88688.com", true },
- { "d88871.com", true },
{ "d88988.com", true },
- { "da-ist-kunst.de", true },
{ "da42foripad.com", true },
{ "daallexx.eu", true },
{ "dabasstacija.lv", true },
@@ -9162,7 +9365,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dadrian.io", true },
{ "daduke.org", true },
{ "daemen.org", true },
- { "daemon.xin", true },
{ "daemwool.ch", true },
{ "daevel.fr", true },
{ "dafnik.me", true },
@@ -9172,6 +9374,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dag-konsult.com", true },
{ "dagensannonser.se", true },
{ "dagmar2018.cz", true },
+ { "dahlberg.cologne", true },
{ "dai.top", true },
{ "daigakujuken-plus.com", true },
{ "daikoz.com", true },
@@ -9199,6 +9402,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dalaran.city", true },
{ "dalb.in", true },
{ "dale-electric.com", true },
+ { "dalek.co.nz", true },
{ "dalepresencia.com", true },
{ "dalfsennet.nl", true },
{ "dalingk.com", true },
@@ -9209,11 +9413,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "damaged.org", true },
{ "damasexpress.com", true },
{ "damedrogy.cz", true },
+ { "damejidlo.cz", true },
+ { "dameocio.com", true },
{ "damghaem.ir", true },
+ { "damicris.ro", true },
{ "damienoreilly.org", true },
- { "damienpontifex.com", false },
{ "daminiphysio.ca", true },
{ "damip.net", true },
+ { "damirsystems.com", true },
{ "dammekens.be", true },
{ "damngoodpepper.com", false },
{ "damongant.de", true },
@@ -9233,6 +9440,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dancingshiva.at", true },
{ "dandenongroadapartments.com.au", true },
{ "daneandthepain.com", true },
+ { "dangmai.tk", true },
{ "dangr.zone", true },
{ "danhalliday.com", true },
{ "danholloway.online", true },
@@ -9247,6 +9455,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "danielehniss.de", true },
{ "danielepestilli.com", true },
{ "danielgorr.de", true },
+ { "danielgray.email", true },
{ "danielheal.net", true },
{ "danielhinterlechner.eu", true },
{ "danielhochleitner.de", true },
@@ -9255,7 +9464,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "danieljstevens.com", true },
{ "danielkoster.nl", true },
{ "daniellockyer.com", true },
- { "danielmarquard.com", false },
{ "danielmartin.de", true },
{ "danielmoch.com", true },
{ "danielmorell.com", true },
@@ -9297,9 +9505,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dannystevens.co.uk", true },
{ "danonsecurity.com", true },
{ "danotage.tv", true },
- { "danoz.net", true },
{ "danpiel.net", true },
- { "dansa.com.co", true },
{ "dansage.co", true },
{ "danscomp.com", true },
{ "dansdiscounttools.com", true },
@@ -9337,7 +9543,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "darinkotter.com", true },
{ "darioackermann.ch", true },
{ "darioclip.com", true },
- { "dariosirangelo.me", true },
{ "darioturchetti.me", true },
{ "darisni.me", true },
{ "dark-infection.de", true },
@@ -9350,6 +9555,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "darkerlystormy.com", true },
{ "darkerstormy.com", true },
{ "darkeststar.org", true },
+ { "darkfire.ch", true },
{ "darklaunch.com", true },
{ "darknessflickers.com", true },
{ "darknetlive.com", true },
@@ -9365,6 +9571,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "darkwater.info", true },
{ "darkwebnews.com", true },
{ "darkx.me", true },
+ { "darmgesundheit.ch", true },
{ "darom.jp", true },
{ "darookee.net", false },
{ "daropia.org", true },
@@ -9377,13 +9584,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "darwinkel.net", true },
{ "darwinsearch.org", true },
{ "daryl.moe", true },
+ { "darylcrouse.com", true },
{ "darylcumbo.net", true },
{ "das-forum24.de", true },
{ "das-mediale-haus.de", true },
{ "das-sommercamp.de", true },
{ "dasgeestig.nl", true },
{ "dashboard.run", true },
- { "dashlane.com", true },
{ "dashnearby.com", true },
{ "dashwebconsulting.com", true },
{ "dasignsource.com", true },
@@ -9394,35 +9601,40 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "data-wing.ga", true },
{ "data.gov", true },
{ "data.govt.nz", true },
- { "data.world", true },
{ "data3w.nl", true },
{ "databionix.com", true },
{ "databutlr.com", true },
{ "databutlr.net", true },
{ "datacalle.com", true },
{ "datacandy.com", true },
- { "datacool.tk", true },
{ "datadit.hu", true },
{ "datadyne.technology", true },
+ { "datafd.com", true },
+ { "datafd.net", true },
{ "dataformers.at", true },
{ "datagrail.io", true },
{ "dataguidance.com", true },
{ "dataharvest.at", true },
+ { "datahjalp.nu", true },
{ "datahoarder.xyz", true },
{ "datajobs.ai", true },
{ "datakick.org", true },
{ "datalife.gr", true },
{ "datalysis.ch", true },
+ { "dataprivacysolution.com", true },
{ "dataprotectionadvisors.com", true },
+ { "datapun.ch", true },
{ "datapure.net", true },
{ "dataregister.info", true },
{ "datascience.cafe", true },
{ "datascience.ch", true },
- { "datascomemorativas.com.br", true },
{ "dataskydd.net", true },
{ "dataspace.pl", true },
+ { "datasupport-stockholm.se", true },
+ { "datasupport.one", true },
{ "dataswamp.org", true },
{ "datatekniikka.fi", false },
+ { "datatekniker.nu", true },
{ "datateknologsektionen.se", false },
{ "datatree.nl", true },
{ "datatruckers.com", true },
@@ -9443,6 +9655,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "datewon.net", false },
{ "datingticino.ch", true },
{ "datmancrm.com", true },
+ { "dator-test.se", true },
+ { "datorhjalp-stockholm.se", true },
+ { "datorhjalptaby.se", true },
+ { "datorservice-stockholm.se", true },
{ "datovyaudit.cz", true },
{ "datumou-osusume.com", true },
{ "datumou-recipe.com", true },
@@ -9456,6 +9672,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "daveoc64.co.uk", true },
{ "davepage.me.uk", true },
{ "davepearce.com", true },
+ { "davepermen.net", true },
{ "davescomputertips.com", true },
{ "davesharpe.com", true },
{ "davesinclair.com.au", true },
@@ -9471,7 +9688,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "davidadrian.org", true },
{ "davidandersson.se", true },
{ "davidbranco.me", true },
- { "davidbuckell.com", true },
{ "davidcrx.net", true },
{ "daviddever.net", true },
{ "davidfetveit.com", true },
@@ -9505,7 +9721,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "davo-usedcars.be", true },
{ "davy-server.com", true },
{ "davypropper.com", true },
- { "daw.nz", true },
{ "dawena.de", true },
{ "dawgs.ga", true },
{ "dawnbringer.eu", true },
@@ -9515,16 +9730,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dawson-floridavilla.co.uk", true },
{ "day-peak.com", true },
{ "daycontactlens.com", true },
+ { "daydream.team", true },
{ "daylight-dream.ee", true },
{ "daylightpirates.org", true },
- { "dayman.net", false },
+ { "dayman.net", true },
{ "daymprove.life", true },
{ "dayofdays.be", true },
{ "daysoftheyear.com", true },
{ "db-works.nl", true },
+ { "db.ci", true },
{ "dbapress.org", true },
{ "dbaron.org", true },
{ "dbas.cz", true },
+ { "dbcom.ru", true },
{ "dbdc.us", true },
{ "dbentertainment.co.uk", true },
{ "dbgamestudio.com", true },
@@ -9557,9 +9775,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dchest.org", true },
{ "dckd.nl", true },
{ "dclaisse.fr", true },
+ { "dcmediahosting.com", true },
{ "dcmt.co", true },
{ "dcpower.eu", true },
{ "dcrdev.com", true },
+ { "dcw.io", true },
{ "ddays2008.org", true },
{ "ddel.de", true },
{ "dden.ca", true },
@@ -9582,7 +9802,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "de.search.yahoo.com", false },
{ "deadbeef.ninja", true },
{ "deadc0de.re", true },
- { "deadinsi.de", true },
+ { "deadinsi.de", false },
{ "deaf.dating", true },
{ "deaf.eu.org", true },
{ "dealapp.nl", true },
@@ -9626,6 +9846,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "debie-usedcars.be", true },
{ "debigare.com", true },
{ "debkleinteam.com", true },
+ { "debora-singkreis.de", true },
{ "debron-ot.nl", true },
{ "debrusoft.ch", true },
{ "debt.com", true },
@@ -9641,6 +9862,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "decis.fr", true },
{ "decisivetactics.com", true },
{ "deckbuilderamerica.com", true },
+ { "declivitas.com", true },
{ "decoating.pl", true },
{ "decock-usedcars.be", true },
{ "decodeanddestroy.com", true },
@@ -9656,8 +9878,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "decosoftware.com", true },
{ "decrousaz-ceramique.ch", true },
{ "decs.es", true },
- { "decstasy.de", true },
- { "dede.ml", true },
{ "dedelta.net", true },
{ "dedg3.com", true },
{ "dedge.org", true },
@@ -9682,7 +9902,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "deephill.com", true },
{ "deepinsight.io", true },
{ "deeployr.io", true },
+ { "deeps.me", true },
{ "deepserve.info", true },
+ { "deepsouthsounds.com", true },
{ "deepspace.dedyn.io", true },
{ "deepwealth.institute", true },
{ "deepz.pt", true },
@@ -9704,6 +9926,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "defont.nl", true },
{ "defrax.com", true },
{ "defrax.de", true },
+ { "defreitas.no", true },
{ "deftek.com", true },
{ "deftig-und-fein.de", true },
{ "deftnerd.com", true },
@@ -9719,7 +9942,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "degracetechnologie.com", true },
{ "degressif.com", true },
{ "dehopre.com", true },
- { "dehydrated.de", true },
{ "deidee.nl", true },
{ "deinballon.de", true },
{ "deinewebsite.de", true },
@@ -9754,7 +9976,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "delid.cz", true },
{ "delitto.top", true },
{ "delivery.co.at", true },
- { "deliveryiquique.cl", true },
{ "dellipaoli.com", true },
{ "delogo.nl", true },
{ "delorenzi.dk", true },
@@ -9766,6 +9987,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "deltaacademy.org", true },
{ "deltadata.ch", true },
{ "deltafinanceiro.com.br", true },
+ { "deltanio.nl", true },
{ "deltaonlineguards.com", true },
{ "deltaservers.com.br", true },
{ "deltasigmachi.org", true },
@@ -9779,7 +10001,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "demilletech.net", true },
{ "demiranda.com", true },
{ "demmer.one", true },
- { "demo.swedbank.se", true },
{ "demo9.ovh", true },
{ "democracychronicles.com", true },
{ "democracyineurope.eu", true },
@@ -9799,15 +10020,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "denaehula.com", true },
{ "denardbrewing.com", true },
{ "denbkh.ru", true },
- { "dengchangdong.com", true },
{ "dengode.eu", true },
- { "denimio.com", true },
{ "denimtoday.com", true },
{ "denis-martinez.photos", true },
{ "denisewakeman.com", true },
{ "denistruffaut.fr", false },
{ "deniszczuk.pl", true },
{ "denizdesign.co.uk", true },
+ { "denkubator.de", true },
{ "dennisang.com", true },
{ "dennisdoes.net", false },
{ "denniskoot.nl", true },
@@ -9828,7 +10048,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "depaddestoeltjes.be", true },
{ "depannage-traceur.fr", true },
{ "deparis.me", true },
+ { "depeces.com", true },
{ "depechemode-live.com", true },
+ { "depedncr.com", true },
+ { "depedtalks.com", true },
{ "depicus.com", true },
{ "depone.net", true },
{ "depot-leipzig.de", true },
@@ -9856,7 +10079,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dereferenced.net", true },
{ "derehamcastles.co.uk", true },
{ "derekheld.com", true },
- { "derekkent.com", true },
+ { "derekseaman.com", true },
+ { "derekseaman.studio", true },
{ "dergeilstestammderwelt.de", true },
{ "derhil.de", true },
{ "derk-jan.com", true },
@@ -9870,6 +10094,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dermscc.com", true },
{ "deroo.org", true },
{ "derp.army", true },
+ { "derp.chat", true },
{ "derre.fr", true },
{ "derreichesack.com", true },
{ "dersix.com", true },
@@ -9904,7 +10129,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "deskvip.com", true },
{ "desmaakvanplanten.be", true },
{ "desmo.gg", true },
- { "desormiers.com", true },
{ "despachomartinyasociados.com", true },
{ "despertadoronline.com.es", true },
{ "desplats.com.ar", true },
@@ -9922,6 +10146,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "desuperheroes.co", true },
{ "det-te.ch", true },
{ "detalika.ru", true },
+ { "detalyedesigngroup.com", true },
{ "detecmon.com", true },
{ "detectify.com", false },
{ "detectivedesk.com.au", true },
@@ -9937,7 +10162,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "detski.center", true },
{ "detskysad.com", true },
{ "detuinmuze.nl", true },
- { "detuprovincia.cl", true },
{ "detype.nl", true },
{ "deuchnord.fr", true },
{ "deude.de", true },
@@ -9955,18 +10179,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dev-brandywineglobal.com", true },
{ "dev-gutools.co.uk", true },
{ "dev-pulse-mtn.pantheonsite.io", true },
+ { "dev-sev-web.pantheonsite.io", true },
{ "dev-tek.de", true },
{ "devagency.fr", true },
{ "devalps.eu", true },
{ "devb.nl", true },
- { "devcast.io", false },
{ "devcf.com", true },
{ "devct.cz", false },
{ "devcu.com", true },
{ "devcu.net", true },
{ "devel.cz", true },
- { "develerik.com", false },
- { "develop.cool", true },
{ "developer.android.com", true },
{ "developer.mydigipass.com", false },
{ "developerdan.com", true },
@@ -9990,19 +10212,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "deviser.wang", true },
{ "devisnow.fr", true },
{ "devkid.net", true },
- { "devkit.cc", false },
{ "devklog.net", true },
{ "devlamvzw.org", false },
{ "devlatron.net", true },
{ "devlogr.com", true },
{ "devnull.zone", true },
- { "devolution.ws", true },
{ "devonsawatzky.ca", true },
{ "devopers.com.br", true },
{ "devops-survey.com", true },
{ "devpsy.info", true },
{ "devragu.com", true },
{ "devrandom.net", true },
+ { "devries.one", true },
{ "devsjournal.com", true },
{ "devsrvr.ru", true },
{ "devstaff.gr", true },
@@ -10026,6 +10247,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dezshop24.de", true },
{ "df1paw.de", true },
{ "dfctaiwan.org", true },
+ { "dfekt.no", true },
+ { "dfektlan.no", true },
{ "dfl.mn", true },
{ "dflcares.com", true },
{ "dfmn.berlin", true },
@@ -10039,7 +10262,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dgportals.co.uk", true },
{ "dgpot.com", true },
{ "dgt-portal.de", true },
- { "dgx.io", true },
{ "dharveydev.com", true },
{ "dhautefeuille.eu", true },
{ "dhauwer.nl", true },
@@ -10058,7 +10280,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "diadorafitness.es", true },
{ "diadorafitness.it", true },
{ "diagnostix.org", true },
- { "diagrammingoutloud.co.uk", true },
{ "dialapicnic.co.za", true },
{ "dialoegue.com", true },
{ "diamante.ro", true },
@@ -10073,9 +10294,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dianurse.com", true },
{ "diare-na-miru.cz", true },
{ "diario-egipto.com", true },
+ { "diarynote.jp", true },
{ "diasdasemana.com", true },
{ "diasp.org", true },
{ "diatrofi-ygeia.gr", true },
+ { "diba.org.cn", true },
{ "dibiphp.com", true },
{ "diccionarioabierto.com", true },
{ "diccionariodedudas.com", true },
@@ -10091,6 +10314,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dicionariofinanceiro.com", true },
{ "dicionariopopular.com", true },
{ "dickieslife.com", true },
+ { "dickord.club", true },
{ "dickpics.ru", true },
{ "dicksakowicz.com", true },
{ "dicoding.com", true },
@@ -10104,7 +10328,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "didesalud.com", true },
{ "didierghez.com", true },
{ "didigotoffer.com", true },
- { "didikhari.web.id", true },
{ "die-bergfuehrer.de", true },
{ "die-blahuts.de", true },
{ "die-borts.ch", true },
@@ -10143,16 +10366,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dietlin.com", true },
{ "dietrich.cx", true },
{ "dieumfrage.com", true },
- { "diff2html.xyz", true },
{ "different.cz", false },
{ "differenta.ro", false },
{ "diffnow.com", true },
{ "difoosion.com", true },
+ { "difusordeambientes.com.br", true },
{ "digcit.org", true },
{ "digdata.de", true },
{ "dighans.com", true },
{ "digiarc.net", true },
{ "digibild.ch", true },
+ { "digibones.be", true },
{ "digibull.email", true },
{ "digibull.link", true },
{ "digicert-support.com", true },
@@ -10166,7 +10390,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "digimomedia.co.uk", true },
{ "digioccumss.ddns.net", true },
{ "digipitch.com", true },
- { "digired.ro", true },
{ "digital-compounds.com", true },
{ "digital-eastside.de", true },
{ "digital-liberal.ch", true },
@@ -10203,6 +10426,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "digitalhabitat.io", true },
{ "digitalliteracy.gov", true },
{ "digitalmarketingindallas.com", true },
+ { "digitalposition.com", true },
{ "digitalrights.center", true },
{ "digitalrights.fund", true },
{ "digitalskillswap.com", true },
@@ -10242,18 +10466,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dimmersthousandoaks.com", true },
{ "dimmerswestlakevillage.com", true },
{ "dimonb.com", true },
+ { "dimseklubben.dk", true },
{ "din-hkd.jp", true },
{ "dineachook.com.au", true },
{ "dinepont.fr", true },
{ "dinerroboticurology.com", true },
{ "dingcc.me", true },
- { "dinge.xyz", true },
{ "dingsbums.shop", true },
{ "dinheirolucrar.com", true },
{ "dinkommunikasjon.no", true },
{ "dinmtb.dk", true },
{ "dinocarrozzeria.com", true },
- { "dinotopia.org.uk", true },
{ "dinstec.cl", true },
{ "dintrafic.net", true },
{ "diodeled.com", true },
@@ -10269,7 +10492,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dir2epub.org", true },
{ "dirba.io", true },
{ "direct-sel.com", true },
- { "direct2uk.com", false },
{ "direct365.es", true },
{ "directebanking.com", true },
{ "directelectricalltd.co.uk", true },
@@ -10279,12 +10501,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "directreal.sk", true },
{ "directspa.fr", true },
{ "direktvermarktung-schmitzberger.at", true },
- { "dirips.com", true },
{ "dirk-scheele.de", true },
- { "dirk-weise.de", false },
+ { "dirk-weise.de", true },
{ "dirkdoering.de", true },
{ "dirkjonker.nl", true },
{ "dirko.net", true },
+ { "dirkwolf.de", true },
{ "dirtcraft.ca", true },
{ "dirtygeek.ovh", true },
{ "dirtyincest.com", true },
@@ -10294,6 +10516,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "disanteimpianti.com", true },
{ "disavow.tools", true },
{ "disc.uz", true },
+ { "discarica.bari.it", true },
{ "discarica.bologna.it", true },
{ "discarica.it", true },
{ "discarica.roma.it", true },
@@ -10301,6 +10524,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dischempharmacie.com", true },
{ "disciples.io", true },
{ "disciplina.io", true },
+ { "discipul.nl", true },
{ "discofitta.com", true },
{ "disconformity.net", true },
{ "discord.gg", true },
@@ -10314,7 +10538,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "discountplush.com", true },
{ "discover-shaken.com", true },
{ "discoverthreejs.com", true },
- { "discoverucluelet.com", true },
{ "discoveryaima.com", true },
{ "discoveryottawa.ca", true },
{ "discoveryrom.org", true },
@@ -10336,6 +10559,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "disinfestazioni.bari.it", true },
{ "disinfestazioni.bergamo.it", true },
{ "disinfestazioni.catania.it", true },
+ { "disinfestazioni.co", true },
{ "disinfestazioni.firenze.it", true },
{ "disinfestazioni.genova.it", true },
{ "disinfestazioni.gorizia.it", true },
@@ -10355,6 +10579,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "disk.do", true },
{ "diskbit.com", true },
{ "diskbit.nl", true },
+ { "disking.co.uk", true },
{ "dismail.de", true },
{ "dispatchitsolutions.com", true },
{ "dispatchitsolutions.io", true },
@@ -10364,6 +10589,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dissertationhelp.com", true },
{ "dissidence.ovh", true },
{ "dissident.host", true },
+ { "dist-it.com", true },
{ "dist.torproject.org", false },
{ "disti.com", true },
{ "distiduffer.org", true },
@@ -10372,16 +10598,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "distribuidoracristal.com.br", true },
{ "distribuidoraplus.com", true },
{ "distribuidorveterinario.es", true },
- { "distro.re", true },
+ { "distro.fr", true },
{ "ditelbat.com", true },
{ "diti.me", true },
{ "ditisabc.nl", true },
+ { "div.im", true },
{ "diva.nl", true },
{ "divari.nl", true },
{ "divcoder.com", true },
{ "dive-japan.com", true },
{ "divedowntown.com", true },
{ "divegearexpress.com", true },
+ { "divegearexpress.net", true },
{ "diveidc.com", true },
{ "diveplan.org", true },
{ "divergenz.org", true },
@@ -10425,6 +10653,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "djleon.net", true },
{ "djlive.pl", true },
{ "djlnetworks.co.uk", true },
+ { "djroynomden.nl", true },
{ "djsbouncycastlehire.com", true },
{ "djt-vom-chausseehaus.de", true },
{ "djursland-psykologen.dk", true },
@@ -10438,6 +10667,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dkds.us", true },
{ "dko-steiermark.ml", true },
{ "dkstage.com", true },
+ { "dkwedding.gr", true },
{ "dl.google.com", true },
{ "dlabouncycastlehire.co.uk", true },
{ "dlaspania.pl", true },
@@ -10458,6 +10688,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dm.mylookout.com", false },
{ "dm4productions.com", true },
{ "dm7ds.de", true },
+ { "dmaglobal.com", true },
{ "dmailshop.ro", true },
{ "dmarc.dk", true },
{ "dmatrix.xyz", true },
@@ -10467,7 +10698,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dmess.ru", true },
{ "dmi.es", true },
{ "dmitry.sh", true },
- { "dmmkenya.co.ke", true },
{ "dmmultionderhoud.nl", true },
{ "dmparish.com", true },
{ "dmschilderwerken.nl", true },
@@ -10480,7 +10710,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dnacloud.pl", true },
{ "dnakids.co.uk", true },
{ "dnc.org.nz", true },
- { "dndesign.be", true },
{ "dndtools.net", true },
{ "dne.lu", true },
{ "dnlr.tech", true },
@@ -10492,7 +10721,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dns8.online", true },
{ "dnscrawler.com", true },
{ "dnscrypt.info", true },
- { "dnscrypt.nl", true },
{ "dnscurve.io", true },
{ "dnshallinta.fi", true },
{ "dnsinfo.ml", true },
@@ -10500,7 +10728,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dnsman.se", true },
{ "dnspod.ml", true },
{ "dnstwister.report", true },
- { "dnzz123.com", true },
{ "do-prod.com", true },
{ "do.gd", true },
{ "do.search.yahoo.com", false },
@@ -10508,7 +10735,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "do67.de", true },
{ "do67.net", true },
{ "dobraprace.cz", true },
- { "dobrev.family", true },
{ "dobrisan.ro", true },
{ "dobsnet.net", true },
{ "doc.python.org", true },
@@ -10525,11 +10751,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "docline.gov", true },
{ "docloh.de", true },
{ "docloudu.info", true },
+ { "docplexus.com", true },
{ "docs.google.com", false },
{ "docs.python.org", true },
{ "docs.re", true },
{ "docs.tw", true },
- { "docsoc.org.uk", true },
+ { "doctabaila.com", true },
{ "doctafit.com", true },
{ "doctor-locks.co.uk", true },
{ "doctor.dating", true },
@@ -10567,7 +10794,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "doihavetoputonpants.com", true },
{ "doitauto.de", true },
{ "dojozendebourges.fr", true },
- { "dokan-e.com", false },
{ "dokelio-idf.fr", true },
{ "doki.space", true },
{ "dokipy.no", true },
@@ -10575,6 +10801,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dokuboard.com", true },
{ "dokuraum.de", true },
{ "dolci-delizie.de", true },
+ { "dolciterapie.com", true },
{ "doleta.gov", true },
{ "doli.se", true },
{ "dolice.net", true },
@@ -10591,6 +10818,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "domain001.info", true },
{ "domainedemiolan.ch", true },
{ "domainexpress.de", false },
+ { "domainhacks.io", true },
{ "domainkauf.de", true },
{ "domainoo.com", true },
{ "domains.autos", true },
@@ -10617,12 +10845,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dominik-schlueter.de", true },
{ "dominikaner-vechta.de", true },
{ "dominikkulaga.pl", true },
- { "dominioanimal.com.br", true },
{ "dominionregistries.domains", true },
{ "dominique-haas.fr", true },
{ "dominoknihy.cz", true },
{ "dominomatrix.com", true },
{ "domix.fun", true },
+ { "domizx.de", true },
{ "dommascate.com.br", true },
{ "domob.eu", true },
{ "domodeco.fr", true },
@@ -10652,12 +10880,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "donabeneko.jp", true },
{ "donaldm.co.uk", true },
{ "donateaday.net", true },
+ { "donateway.com", true },
+ { "donboscogroep.nl", true },
{ "donfelino.tk", false },
{ "dongxuwang.com", true },
+ { "donjusto.nl", true },
{ "donkennedyandsons.com", true },
{ "donkeytrekkingkefalonia.com", true },
{ "donmaldeamores.com", true },
- { "donna-bellini-business-fotografie-muenchen.de", true },
{ "donna-bellini-fotografie-berlin.de", true },
{ "donna-bellini-fotografie-erfurt.de", true },
{ "donna-bellini-fotografie-frankfurt.de", true },
@@ -10679,7 +10909,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "donotlink.it", true },
{ "donovand.info", true },
{ "donovankraag.nl", true },
- { "donpomodoro.com.co", true },
{ "dont.re", true },
{ "dont.watch", true },
{ "dontbubble.me", true },
@@ -10702,7 +10931,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "doorhandlese.com", true },
{ "doorshingekit.com", true },
{ "dopesoft.de", true },
- { "dopfer-fenstertechnik.de", true },
+ { "dopetrue.com", true },
{ "doppenpost.nl", true },
{ "dopply.com", true },
{ "dopravni-modely.cz", true },
@@ -10782,6 +11011,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dougley.com", true },
{ "dougsautobody.com", true },
{ "doujinshi.info", true },
+ { "doujinspot.com", true },
{ "dounats.com", true },
{ "douzer.de", true },
{ "douzer.industries", true },
@@ -10794,11 +11024,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "downloadaja.com", true },
{ "downloadgamemods.com", true },
{ "downloadgram.com", true },
+ { "downloadhindimovie.com", true },
+ { "downloadhindimovie.net", true },
+ { "downloadhindimovies.net", true },
{ "downloads.zdnet.com", true },
{ "downloadsoftwaregratisan.com", true },
{ "downrightcute.com", true },
{ "downtimerobot.com", true },
{ "downtimerobot.nl", true },
+ { "downtownautospecialists.com", true },
{ "downtownvernon.com", true },
{ "doyoucheck.com", false },
{ "doyouedc.com", true },
@@ -10808,6 +11042,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dozecloud.com", true },
{ "dp.cx", true },
{ "dpd.com.pl", true },
+ { "dpecuador.com", true },
{ "dperson.net", true },
{ "dpfsolutionsfl.com", true },
{ "dpg.no", true },
@@ -10816,6 +11051,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dpm-ident.de", true },
{ "dprb.biz", true },
{ "dprd-wonogirikab.go.id", false },
+ { "dps.srl", true },
{ "dpsg-roden.de", true },
{ "dpwsweeps.co.uk", true },
{ "dr-becarelli-philippe.chirurgiens-dentistes.fr", true },
@@ -10832,6 +11068,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dr-schuessler.de", true },
{ "dr-stoetter.de", true },
{ "dr-www.de", true },
+ { "dr2dr.ca", true },
{ "drabadir.com", true },
{ "drabim.org", true },
{ "drach.xyz", true },
@@ -10842,6 +11079,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "draftguru.com.au", true },
{ "drafton.com", true },
{ "drageeparadise.fr", true },
+ { "dragfiles.com", true },
{ "draghetti.it", true },
{ "draghive.asia", true },
{ "draghive.ca", true },
@@ -10872,10 +11110,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drakecommercial.com", true },
{ "drakeluce.com", true },
{ "drakenson.de", true },
+ { "draliabadi.com", true },
{ "dramaticpeople.com", true },
{ "dramyalderman.com", true },
{ "dranderle.com", true },
- { "dranek.com", true },
{ "dras.hu", true },
{ "draugr.de", true },
{ "draw.uy", true },
@@ -10889,13 +11127,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drchrislivingston.com", true },
{ "drchristinehatfield.ca", true },
{ "drchristophepanthier.com", true },
- { "drdavidgilpin.com", true },
- { "drdim.ru", true },
{ "drdipilla.com", true },
{ "dreamcreator108.com", true },
{ "dreamday-with-dreamcar.de", true },
{ "dreamdivers.com", true },
- { "dreamersgiftshopec.com", true },
{ "dreamhack.com", true },
{ "dreamhostremixer.com", true },
{ "dreamithost.com.au", true },
@@ -10911,8 +11146,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dreamof.net", true },
{ "dreamonkey.com", true },
{ "dreamrae.net", true },
+ { "dreamstream.network", true },
+ { "dreamstream.nl", true },
+ { "dreamstream.tv", true },
+ { "dreamstream.video", true },
{ "dreamtechie.com", true },
{ "dreatho.com", true },
+ { "dreemurr.com", true },
{ "drei01.com", true },
{ "drei01.de", true },
{ "dreid.org", true },
@@ -10944,6 +11184,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drhathazi.hu", true },
{ "drheibel.com", true },
{ "driesjtuver.nl", true },
+ { "driessoftsec.tk", true },
{ "driftdude.nl", true },
{ "drighes.com", true },
{ "drillingsupply.info", true },
@@ -10952,7 +11193,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drillshackresort.com", true },
{ "drinkcontrolapp.com", true },
{ "drinkgas-jihlava.cz", true },
- { "drinkplanet.eu", true },
{ "drive.google.com", false },
{ "driven2shine.eu", true },
{ "drivenes.net", true },
@@ -10965,6 +11205,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drivingtestpro.com", true },
{ "drivinhors.com", true },
{ "drivya.com", true },
+ { "drixn.cn", true },
+ { "drixn.com", true },
{ "drizz.com.br", false },
{ "drjacquesmalan.com", true },
{ "drjenafernandez.com", true },
@@ -10990,9 +11232,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "droidwave.com", true },
{ "droidwiki.de", true },
{ "drone-it.net", true },
- { "dronebotworkshop.com", true },
+ { "dronebl.org", true },
{ "dronepit.dk", true },
- { "dronexpertos.com", true },
{ "droni.cz", true },
{ "dronnet.com", false },
{ "dronografia.es", true },
@@ -11010,6 +11251,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drpetervoigt.ddns.net", true },
{ "drpetervoigt.de", true },
{ "drpico.com.au", true },
+ { "drpure.top", true },
{ "drrodina.com", true },
{ "drrr.chat", true },
{ "drrr.wiki", true },
@@ -11019,19 +11261,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drschruefer.de", true },
{ "drsturgeonfreitas.com", true },
{ "drtimmarch.com", true },
+ { "drtimothybradley.com", true },
{ "druckerei-huesgen.de", true },
{ "drugs.com", true },
{ "drumbe.at", true },
{ "drummondframing.com", true },
- { "drunkscifi.com", true },
{ "drupal-expert.it", true },
{ "drupal.org", true },
{ "drupalspb.org", true },
{ "drusantia.net", true },
{ "drusillas.co.uk", true },
- { "druwe.net", true },
+ { "druwe.net", false },
{ "druznek.me", true },
- { "drvr.xyz", true },
{ "drwang.group", true },
{ "drweissbrot.net", true },
{ "drwxr.org", true },
@@ -11042,6 +11283,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drydrydry.com", true },
{ "dryerventcleaningarlington.com", true },
{ "dryerventcleaningcarrollton.com", true },
+ { "dryjersey.com", true },
{ "drywallresponse.gov", true },
{ "ds67.de", true },
{ "dsancomics.com", true },
@@ -11059,21 +11301,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dshield.org", true },
{ "dsm5.com", true },
{ "dsmjs.com", true },
- { "dsne.com.mx", true },
{ "dso-imaging.co.uk", true },
{ "dso-izlake.si", true },
{ "dsol.hu", true },
- { "dsrw.org", true },
{ "dssale.com", true },
{ "dstamou.de", true },
{ "dsteiner.at", true },
{ "dstvinstallalberton.co.za", true },
+ { "dstvinstallfourways.co.za", true },
{ "dstvinstallrandburg.co.za", true },
{ "dt27.org", true },
{ "dtbouncycastles.co.uk", true },
{ "dtdsh.com", true },
{ "dte.co.uk", true },
- { "dtechstore.com.br", true },
{ "dtg-fonds.com", true },
{ "dtg-fonds.de", true },
{ "dtg-fonds.net", true },
@@ -11088,7 +11328,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dtx.sk", true },
{ "dualascent.com", true },
{ "dub.cz", true },
- { "dubai-company.ae", true },
{ "dubaieveningsafari.com", true },
{ "dubbingkursus.dk", true },
{ "dubious-website.com", true },
@@ -11099,8 +11338,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dubtrack.fm", true },
{ "ducalendars.com", true },
{ "duch.cloud", true },
- { "duchyoffeann.com", true },
- { "duckasylum.com", false },
+ { "ducius.net", true },
{ "duckbase.com", true },
{ "duckduck.horse", true },
{ "duckduckstart.com", true },
@@ -11147,7 +11385,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dundalkdonnie.com", true },
{ "dunesadventure.net", true },
{ "dungeon-bbs.de", true },
- { "dunklau.fr", true },
{ "dunkle-seite.org", true },
{ "dunloptrade.com", true },
{ "dunmanelectric.com", true },
@@ -11159,9 +11396,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dupree.co", true },
{ "dupree.pe", true },
{ "durand.tf", true },
+ { "duranthon.eu", true },
{ "durbanlocksmiths.co.za", true },
+ { "durchblick-shop.de", true },
{ "durdle.com", true },
{ "dureuil.info", true },
+ { "durexwinkel.nl", true },
{ "durfteparticiperen.nl", true },
{ "duria.de", true },
{ "duriaux-dentiste.ch", true },
@@ -11176,6 +11416,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dustyspokesbnb.ca", true },
{ "dutch.desi", true },
{ "dutchdare.nl", true },
+ { "dutchessuganda.com", true },
{ "dutchforkrunners.com", true },
{ "dutchrank.nl", true },
{ "dutchwanderers.nl", true },
@@ -11197,10 +11438,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dwgf.xyz", true },
{ "dwi-sued.de", true },
{ "dwienzek.de", true },
+ { "dworekhetmanski.pl", true },
{ "dworzak.ch", true },
{ "dwscdv3.com", true },
{ "dwtm.ch", true },
{ "dwworld.co.uk", true },
+ { "dx-revision.com", true },
{ "dxgl.info", true },
{ "dxgl.org", true },
{ "dxm.no-ip.biz", true },
@@ -11211,10 +11454,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dybuster.es", true },
{ "dybuster.it", true },
{ "dybuster.se", true },
+ { "dycoa.com", true },
{ "dyeager.org", true },
{ "dyktig.as", true },
{ "dyktig.no", true },
{ "dylanboudro.com", true },
+ { "dylancl.cf", true },
{ "dylankatz.com", true },
{ "dylanknoll.ca", true },
{ "dylanspcrepairs.com", true },
@@ -11245,6 +11490,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dynamo.city", true },
{ "dynapptic.com", true },
{ "dynastic.co", true },
+ { "dynastyarena.com", true },
+ { "dynastybullpen.com", true },
+ { "dynastycalculator.com", true },
+ { "dynastycentral.com", true },
+ { "dynastychalkboard.com", true },
+ { "dynastyclubhouse.com", true },
+ { "dynastycrate.com", true },
+ { "dynastyduel.com", true },
+ { "dynastyfan.com", true },
+ { "dynastygoal.com", true },
+ { "dynastylocker.com", true },
+ { "dynastyredline.com", true },
+ { "dynastyredzone.com", true },
{ "dynn.be", true },
{ "dynorphin.com", true },
{ "dynorphins.com", true },
@@ -11260,8 +11518,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dziary.com", true },
{ "dziurdzia.pl", true },
{ "dzivniekubriviba.lv", true },
+ { "dzndk.com", true },
{ "dznn.nl", true },
{ "dzomo.org", true },
+ { "dzsi.bi", true },
{ "dzsibi.com", true },
{ "dzsula.hu", true },
{ "dzyabchenko.com", true },
@@ -11274,8 +11534,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "e-colle.info", true },
{ "e-cottage.com.br", true },
{ "e-enterprise.gov", false },
+ { "e-gemeinde.at", true },
{ "e-hon.link", true },
{ "e-id.ee", true },
+ { "e-imzo.uz", true },
{ "e-kontakti.fi", true },
{ "e-lambre.com", true },
{ "e-learningbs.com", true },
@@ -11337,7 +11599,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "easelforart.com", true },
{ "easez.net", true },
{ "eashwar.com", true },
- { "eason-yang.com", true },
{ "eastarm.net", true },
{ "eastblue.org", true },
{ "easterncapebirding.co.za", true },
@@ -11352,7 +11613,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "easyadsnbanners.tk", false },
{ "easycoding.org", true },
{ "easyconstat.com", true },
- { "easycontentplan.com", true },
{ "easycosmetic.ch", true },
{ "easycup.com", false },
{ "easydumpsterrental.com", false },
@@ -11364,6 +11624,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "easyoutdoor.nl", true },
{ "easypay.bg", true },
{ "easyproperty.com", true },
+ { "easypv.ch", true },
{ "easyqr.codes", true },
{ "easyroad.fr", true },
{ "easyslide.be", true },
@@ -11377,6 +11638,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eatmebudapest.hu", true },
{ "eaton-works.com", true },
{ "eatry.io", true },
+ { "eats.soy", true },
{ "eatsleeprepeat.net", true },
{ "eatson.com", true },
{ "eatz-and-treatz.com", true },
@@ -11412,7 +11674,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eboyer.com", true },
{ "ebpglobal.com", false },
{ "ebrnd.de", true },
- { "ec-baran.de", true },
{ "ec-current.com", true },
{ "ec.mine.nu", true },
{ "eca.edu.au", true },
@@ -11428,12 +11689,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ecfnorte.com.br", true },
{ "echatta.net", true },
{ "echatta.org", true },
+ { "echi.pw", true },
{ "echidna-rocktools.eu", true },
{ "echo-security.co", true },
+ { "echo.cc", true },
{ "echoanalytics.com", true },
{ "echobridgepartners.com", true },
{ "echodio.com", true },
{ "echofoxtrot.co", true },
+ { "echoit.net", true },
+ { "echoit.net.au", true },
+ { "echoit.services", true },
{ "echopaper.com", true },
{ "echosim.io", true },
{ "echosixmonkey.com", true },
@@ -11441,6 +11707,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "echoteam.gq", true },
{ "echoteen.com", true },
{ "echoworld.ch", true },
+ { "echternach-immobilien.de", true },
{ "echtes-hutzelbrot.de", true },
{ "echtgeld-casinos.de", true },
{ "ecir.pro", true },
@@ -11452,13 +11719,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ecliptic.cc", true },
{ "ecnetworker.com", true },
{ "eco-derattizzazione.it", true },
- { "eco-wiki.com", true },
{ "eco-work.it", true },
{ "eco2u.ru", true },
{ "ecobee.com", false },
{ "ecobergerie.fr", true },
{ "ecobin.nl", true },
- { "ecobrain.be", true },
{ "ecoccinelles.ch", true },
{ "ecoccinelles.com", true },
{ "ecococon.fr", true },
@@ -11477,9 +11742,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ecoledusabbat.org", true },
{ "ecolemathurincordier.com", true },
{ "ecombustibil.ro", true },
- { "ecommercestore.net.br", true },
- { "ecompen.co.za", true },
{ "ecomycie.com", true },
+ { "economiafinanzas.com", true },
{ "economias.pt", true },
{ "economic-sanctions.com", true },
{ "economicinclusion.gov", true },
@@ -11493,14 +11757,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ecos.srl", true },
{ "ecoshare.info", true },
{ "ecoskif.ru", true },
+ { "ecosm.com.au", true },
{ "ecosound.ch", true },
{ "ecostruxureit.com", true },
{ "ecosystem.atlassian.net", true },
+ { "ecosystemmanager-uat1.azurewebsites.net", true },
+ { "ecosystemmanager.azurewebsites.net", true },
{ "ecoterramedia.com", true },
{ "ecotur.org", true },
{ "ecovision.com.br", true },
{ "ecpannualmeeting.com", true },
{ "ecrandouble.ch", true },
+ { "ecuinformacion.com", true },
{ "ecupcafe.com", false },
{ "ecuteam.com", true },
{ "ecxforum.com", true },
@@ -11515,11 +11783,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eddyn.net", true },
{ "edeca.net", true },
{ "edehsa.com", true },
+ { "edeka-jbl-treueaktion.de", true },
+ { "eden-eu.com", true },
{ "eden.co.uk", true },
{ "edenming.info", true },
{ "edesseglabor.hu", true },
{ "edfinancial.com", true },
- { "edge-cloud.net", true },
+ { "edge-cloud.net", false },
+ { "edgedynasty.com", true },
+ { "edgefantasy.com", true },
{ "edgeservices.co.uk", true },
{ "edgetalk.net", true },
{ "edgevelder.com", true },
@@ -11531,12 +11803,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "edicct.com", true },
{ "edilane.com", true },
{ "edilane.de", true },
+ { "edilservizi.it", true },
+ { "edilservizivco.it", true },
{ "edinburghsportsandoutdoorlearning.com", true },
{ "edincmovie.com", true },
{ "ediscomp.sk", true },
{ "edisonlee55.com", true },
{ "edisonluiz.com", true },
{ "edisonnissanparts.com", true },
+ { "edit.co.uk", true },
{ "edit.yahoo.com", false },
{ "edited.de", true },
{ "edition-bambou.com", true },
@@ -11561,8 +11836,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "edu6.cloud", true },
{ "eduard-dopler.de", true },
{ "edubras.com.br", true },
+ { "educatek.es", true },
{ "educationevolving.org", true },
{ "educationfutures.com", true },
+ { "educationmalaysia.co.uk", true },
{ "educationunlimited.com", true },
{ "educator-one.com", true },
{ "eductf.org", true },
@@ -11582,11 +11859,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "edvgarbe.de", true },
{ "edvmesstec.de", true },
{ "edwar.do", true },
+ { "edwarddekker.nl", true },
{ "edwards.me.uk", true },
{ "edwardsnowden.com", true },
{ "edwardspeyer.com", true },
{ "edwardwall.me", true },
{ "edwellbrook.com", true },
+ { "edwinmattiacci.com", true },
{ "edwinyrkuniversity.de", true },
{ "edxg.de", false },
{ "edxn.de", true },
@@ -11604,6 +11883,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eery.de", true },
{ "eesti.xyz", true },
{ "eewna.org", true },
+ { "ef-georgia.org", true },
{ "ef.gy", true },
{ "efa-football.com", true },
{ "efaas.nl", true },
@@ -11645,6 +11925,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eganassociates.com.au", true },
{ "egarden.it", true },
{ "egb.at", false },
+ { "egbert.net", true },
{ "egeozcan.com", true },
{ "egg-ortho.ch", true },
{ "eggblast.com", true },
@@ -11676,6 +11957,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ehne.de", true },
{ "ehomusicgear.com", true },
{ "ehrenburg.info", true },
+ { "ehsellert.com", true },
{ "ehub.cz", true },
{ "ehub.hu", true },
{ "ehub.pl", true },
@@ -11689,12 +11971,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eickhofcolumbaria.com", true },
{ "eidolons.org", true },
{ "eifel.website", true },
+ { "eifelindex.de", true },
{ "eigenpul.se", true },
{ "eigenpulse.com", true },
{ "eighty-aid.com", true },
{ "eigpropertyauctions.co.uk", true },
{ "eihaikyo.com", true },
{ "eika.as", true },
+ { "eilandprojectkeukens.nl", true },
{ "eilhan.com", true },
{ "eimacs.com", true },
{ "einaros.is", true },
@@ -11709,6 +11993,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "einsteincapital.ca", true },
{ "eintageinzug.de", true },
{ "eintragsservice24.de", true },
+ { "eioperator.com", true },
{ "eipione.com", true },
{ "eirastudios.co.uk", false },
{ "eirb.fr", true },
@@ -11742,7 +12027,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eksisozluk.com", true },
{ "ekuatorial.com", true },
{ "ekyu.moe", true },
+ { "ekz-crosstour.ch", true },
{ "ekzarta.ru", true },
+ { "ekzcrosstour.ch", true },
{ "el-cell.com", true },
{ "el-hossari.com", true },
{ "el-news.de", true },
@@ -11751,9 +12038,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elainerock.com", true },
{ "elaon.de", true },
{ "elars.de", true },
+ { "elarvee.xyz", true },
{ "elb500ttl.nl", true },
{ "elbetech.net", true },
- { "elblogdegoyo.mx", true },
{ "elcambiador.es", true },
{ "elcontadorsac.com", true },
{ "eldapoint.co.uk", true },
@@ -11762,8 +12049,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elderjustice.gov", true },
{ "elderoost.com", true },
{ "eldertons.co.uk", true },
- { "eldevo.com", true },
{ "eldinhadzic.com", true },
+ { "eldisagjapi.com", true },
{ "eldrid.ge", true },
{ "eldritchfiction.net", true },
{ "eleaut.com.br", true },
@@ -11806,7 +12093,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "electricgatemotorskemptonpark.co.za", true },
{ "electricgatemotorsroodepoort.co.za", true },
{ "electrichiddenhills.com", true },
- { "electrician-umhlangaridge.co.za", true },
{ "electricianagoura.com", true },
{ "electricianagourahills.com", true },
{ "electriciancalabasas.com", true },
@@ -11816,7 +12102,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "electricianhiddenhills.com", true },
{ "electriciankemptonpark24-7.co.za", true },
{ "electricianlakesherwood.com", true },
- { "electricianlalucia.co.za", true },
{ "electricianmalibu.com", true },
{ "electricianmoorpark.com", true },
{ "electriciannewburypark.com", true },
@@ -11835,6 +12120,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "electricsimivalley.com", true },
{ "electricthousandoaks.com", true },
{ "electricwestlakevillage.com", true },
+ { "electro-pak.com.pk", true },
{ "electroinkoophardenberg.nl", true },
{ "electronic-ignition-system.com", true },
{ "electronicafacil.net", true },
@@ -11870,6 +12156,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elektrometz.de", true },
{ "elektronickakancelar.cz", true },
{ "elektronische-post.org", true },
+ { "elektropartner.nu", true },
{ "elektropost.org", true },
{ "elektrotechnik-heisel.de", true },
{ "elektrotechnik-kaetzel.de", true },
@@ -11886,14 +12173,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elephpant.cz", true },
{ "elepover.com", true },
{ "elerizoentintado.es", true },
+ { "eletesstilus.hu", true },
{ "eletor.com", true },
{ "eletor.pl", true },
+ { "elettricista-roma.it", true },
{ "elettricista-roma.org", true },
{ "eleusis-zur-verschwiegenheit.de", true },
{ "elevator.ee", true },
{ "elevatoraptitudetest.com", true },
{ "elexel.ru", true },
{ "elexprimidor.com", true },
+ { "elexwong.com", true },
{ "elfe.de", true },
{ "elfnon.com", true },
{ "elfring.eu", true },
@@ -11961,17 +12251,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elodieclerc.ch", true },
{ "elohellp.com", false },
{ "elonaspitze.de", true },
- { "elonm.ru", true },
{ "elosrah.com", true },
{ "elosuite.com", true },
- { "eloxt.com", true },
{ "elpado.de", true },
{ "elpo.net", true },
{ "elpoderdelespiritu.org", true },
+ { "elradix.be", true },
{ "elrinconderovica.com", true },
{ "elsagradocoran.org", true },
{ "elshou.com", true },
- { "elsignificadodesonar.com", true },
{ "elstopstelten.nl", true },
{ "elsvanderlugt.nl", true },
{ "eltagroup.co.uk", true },
@@ -11985,7 +12273,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elucron.com", true },
{ "eluhome.de", true },
{ "eluvio.com", true },
- { "elvcino.com", true },
+ { "elvcino.com", false },
{ "elvidence.com.au", true },
{ "elviraszabo.com", true },
{ "elvispresley.net", true },
@@ -11999,6 +12287,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elysiumware.com", true },
{ "em-biotek.cz", true },
{ "emaging-productions.fr", true },
+ { "emaging.fr", true },
{ "emailalaperformance.fr", true },
{ "emailconfiguration.com", true },
{ "emailfuermich.de", true },
@@ -12084,6 +12373,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "empower.net", true },
{ "empowerdb.com", true },
{ "emprego.pt", true },
+ { "emprunterlivre.ci", true },
{ "empyrean-advisors.com", true },
{ "emresaglam.com", true },
{ "emtradingacademy.com", true },
@@ -12096,7 +12386,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "en-crypt.me", true },
{ "en-maktoob.search.yahoo.com", false },
{ "en4rab.co.uk", true },
- { "enaah.de", true },
{ "enaim.de", true },
{ "enalean.com", true },
{ "enamae.net", true },
@@ -12105,7 +12394,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "encircleapp.com", true },
{ "encnet.de", true },
{ "encode.host", true },
- { "encore.io", true },
{ "encouragemarketing.com", true },
{ "encredible.de", false },
{ "encredible.org", false },
@@ -12118,13 +12406,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "encryptmysite.net", true },
{ "encuentraprecios.es", true },
{ "encycarpedia.com", true },
- { "ende-x.com", true },
{ "endeal.nl", true },
{ "ender.co.at", true },
{ "enderbycamping.com", true },
{ "enderszone.com", true },
{ "endingthedocumentgame.gov", true },
- { "endlessdiy.ca", true },
{ "endlessvideo.com", true },
{ "endoftenancycleaninglondon.co.uk", true },
{ "endoftennancycleaning.co.uk", true },
@@ -12134,12 +12420,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "enemiesoflight.de", true },
{ "energie-sante.ch", true },
{ "energiekeurplus.nl", true },
- { "energisammenslutningen.dk", true },
{ "energy-drink-magazin.de", true },
{ "energy-in-balance.eu", true },
{ "energy-infra.nl", true },
{ "energy-initiative.com", true },
- { "energy.eu", true },
{ "energyatlas.com", true },
{ "energyaupair.se", true },
{ "energycodes.gov", true },
@@ -12163,7 +12447,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "engiedev.net", true },
{ "enginepit.com", true },
{ "enginsight.com", true },
- { "enginx.net", true },
{ "englishbulgaria.net", true },
{ "englishcast.com.br", true },
{ "englishforums.com", true },
@@ -12174,7 +12457,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "enigma.swiss", true },
{ "enijew.com", true },
{ "enitso.de", true },
- { "enixgaming.com", true },
+ { "enjin.io", true },
{ "enjincoin.io", true },
{ "enjinwallet.io", true },
{ "enjinx.io", true },
@@ -12197,6 +12480,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "enotecastore.it", true },
{ "enpasenerji.com.tr", true },
{ "enquos.com", true },
+ { "enrich.email", true },
{ "enriquepiraces.com", true },
{ "enrollapp.com", true },
{ "ensage.io", true },
@@ -12205,6 +12489,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ensembling.com", true },
{ "ensley.tech", true },
{ "ensons.de", true },
+ { "ensured.com", true },
+ { "ensured.nl", true },
{ "ensurtec.com", true },
{ "ent-london.com", true },
{ "entabe.jp", true },
@@ -12243,7 +12529,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eopugetsound.org", false },
{ "eosol.de", true },
{ "eosol.net", true },
- { "eosol.services", true },
{ "epa.com.es", true },
{ "epassafe.com", true },
{ "epay.bg", true },
@@ -12264,7 +12549,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "epickitty.co.uk", true },
{ "epicpages.com", true },
{ "epicsecure.de", true },
- { "epicsoft.de", false },
{ "epicvistas.com", true },
{ "epicvistas.de", true },
{ "epicwalnutcreek.com", true },
@@ -12276,6 +12560,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "episkevh-plaketas.gr", true },
{ "epistas.com", true },
{ "epistas.de", true },
+ { "epitesz.co", true },
{ "epiteugma.com", true },
{ "epizentrum.work", true },
{ "epizentrum.works", true },
@@ -12305,12 +12590,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eppelpress.lu", true },
{ "epreskripce.cz", true },
{ "epsilon.dk", true },
- { "epsorting.cz", true },
{ "epspolymer.com", true },
{ "epublibre.org", true },
{ "epyonsuniverse.net", true },
{ "eq-serve.com", true },
+ { "eqibank.com", true },
{ "equalcloud.com", true },
+ { "equallove.me", true },
{ "equeim.ru", true },
{ "equidam.com", true },
{ "equinecoaching.ca", true },
@@ -12328,7 +12614,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "erath.fr", true },
{ "erdethamburgeronsdag.no", true },
{ "ereader.uno", true },
- { "erectiepillenwinkel.nl", true },
{ "erethon.com", true },
{ "erf-neuilly.com", true },
{ "ergo-open.de", true },
@@ -12351,6 +12636,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ericoc.com", true },
{ "erics.site", true },
{ "ericschwartzlive.com", true },
+ { "ericspeidel.de", true },
{ "ericvaughn-flam.com", true },
{ "ericwie.se", true },
{ "eridanus.uk", true },
@@ -12370,9 +12656,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "erkaelderbarenaaben.dk", true },
{ "ernest.ly", true },
{ "ero.ink", true },
- { "eroma.com.au", true },
{ "eron.info", true },
{ "eroskines.com", true },
+ { "eroticforce.com", true },
{ "erp-band.ru", true },
{ "erp.band", true },
{ "erpax.com", true },
@@ -12400,6 +12686,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "erudicia.se", true },
{ "erudicia.uk", true },
{ "erudikum.cz", true },
+ { "ervaarjapan.nl", true },
{ "erverydown.ml", true },
{ "erwanlepape.com", true },
{ "erwin.saarland", true },
@@ -12410,6 +12697,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "es-geenen.de", true },
{ "es.search.yahoo.com", false },
{ "esaborit.ddns.net", true },
+ { "esafar.cz", false },
{ "esagente.com", true },
{ "esailinggear.com", true },
{ "esalesdata.com", true },
@@ -12438,6 +12726,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "esg-abi2001.de", true },
{ "esgen.org", true },
{ "esgr.in", true },
+ { "eshigami.com", true },
{ "eshop-prices.com", true },
{ "eshspotatoes.com", true },
{ "esibun.net", true },
@@ -12452,6 +12741,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "esolcourses.com", true },
{ "esolitos.com", true },
{ "esono.de", true },
+ { "esote.net", true },
{ "esoterikerforum.de", true },
{ "espace-caen.fr", true },
{ "espace-gestion.fr", true },
@@ -12460,15 +12750,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "espacetemps.ch", true },
{ "espacetheosophie.fr", true },
{ "espacio-cultural.com", true },
+ { "espacioantiguo.com", true },
{ "espanol.search.yahoo.com", false },
{ "espanolseguros.com", true },
{ "espanova.com", true },
{ "espci.fr", true },
{ "especificosba.com.ar", true },
+ { "espehus.dk", true },
{ "espenandersen.no", true },
{ "espgg.org", true },
{ "esphigmenou.gr", true },
{ "espigol.org", true },
+ { "espiritugay.com", true },
{ "esport-battlefield.com", true },
{ "esports-network.de", true },
{ "espower.com.sg", true },
@@ -12491,17 +12784,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "essca.fr", true },
{ "essenalablog.de", true },
{ "essencesdeprana.org", true },
+ { "essenciasparis.com.br", true },
{ "essex.cc", true },
{ "essite.net", true },
{ "esslm.sk", true },
{ "essoduke.org", true },
{ "essteebee.ch", true },
{ "establo.pro", true },
+ { "estada.ch", true },
{ "estafallando.es", true },
{ "estafallando.mx", true },
+ { "estaleiro.org", true },
{ "estate360.co.tz", true },
{ "estateczech-eu.ru", true },
- { "estcequejailaflemme.fr", true },
+ { "estcequejailaflemme.fr", false },
{ "estcequonmetenprodaujourdhui.info", true },
{ "esteam.se", true },
{ "estedafah.com", true },
@@ -12516,6 +12812,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "estonoentraenelexamen.com", true },
{ "estudiarparaser.com", true },
{ "estudiserradal.com", true },
+ { "estufitas.com", true },
+ { "esu.zone", true },
{ "esurety.net", true },
{ "esuretynew.azurewebsites.net", true },
{ "esw00.com", true },
@@ -12528,7 +12826,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eta.cz", true },
{ "etaes.eu", true },
{ "etajerka-spb.ru", true },
- { "etalent.net", true },
{ "etaoinwu.win", true },
{ "etasigmaphi.org", true },
{ "etath.com", true },
@@ -12537,6 +12834,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "etccooperative.org", true },
{ "etch.co", true },
{ "etd-glasfaser.de", true },
+ { "etda.or.th", true },
{ "etech-solution.com", true },
{ "etech-solution.net", true },
{ "etech-solutions.com", true },
@@ -12552,17 +12850,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ethack.org", true },
{ "ethaligan.fr", true },
{ "ethan.pm", true },
+ { "ethanjones.me", true },
{ "ethercalc.com", true },
{ "ethercalc.org", true },
- { "etherderbies.com", true },
- { "ethergeist.de", true },
+ { "ethergeist.de", false },
+ { "etherium.org", true },
{ "etherpad.fr", true },
{ "etherpad.nl", true },
+ { "ethers.news", true },
{ "ethicaldata.co.uk", true },
{ "ethicalpolitics.org", true },
{ "ethicsburg.gov", true },
{ "ethika.com", true },
{ "ethiopian.dating", true },
+ { "ethiopiannews247.com", true },
{ "ethitter.com", true },
{ "ethosinfo.com", true },
{ "etienne.cc", true },
@@ -12574,8 +12875,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "etrecosmeticderm.com", true },
{ "etresmant.es", true },
{ "etrker.com", true },
+ { "etrolleybizstore.com", true },
{ "etskinner.com", true },
{ "etskinner.net", true },
+ { "etssquare.com", true },
{ "etudesbibliques.fr", true },
{ "etudesbibliques.net", true },
{ "etudesbibliques.org", true },
@@ -12614,11 +12917,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eureka.archi", true },
{ "eurekaarchi.com", true },
{ "eurekaarchitecture.com", true },
+ { "eurheilu.com", true },
{ "euro-servers.de", true },
{ "euroalter.com", true },
{ "eurocars2000.es", true },
{ "eurocenterobuda.hu", true },
- { "eurocomcompany.cz", true },
{ "euroconthr.ro", true },
{ "eurodentaire.com", true },
{ "euroflora.com", true },
@@ -12650,6 +12953,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "euteamo.cn", true },
{ "eutotal.com", true },
{ "eutram.com", true },
+ { "euwid-energie.de", true },
{ "euwid.de", true },
{ "ev-zertifikate.de", true },
{ "eva-select.com", true },
@@ -12665,7 +12969,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "evamira.com", true },
{ "evanfiddes.com", true },
{ "evangelicalmagazine.com", true },
- { "evangelosm.com", true },
+ { "evansdesignstudio.com", true },
{ "evantageglobal.com", true },
{ "evanwang0.com", true },
{ "evapp.org", true },
@@ -12677,6 +12981,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "evelienzorgt.nl", true },
{ "evelyndayman.com", true },
{ "evemarketer.com", true },
+ { "evemodx.com", true },
{ "evenementenhoekvanholland.nl", true },
{ "evenstargames.com", true },
{ "event4fun.no", true },
@@ -12696,6 +13001,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "evergladesrestoration.gov", true },
{ "evergreenmichigan.com", true },
{ "everhome.de", true },
+ { "everitoken.io", true },
{ "everling.lu", true },
{ "everlong.org", true },
{ "evermarkstudios.com", true },
@@ -12726,7 +13032,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "evidentiasoftware.com", true },
{ "evilarmy.com", true },
{ "evilbunnyfufu.com", true },
- { "evilcult.me", true },
{ "evilized.de", true },
{ "evilmartians.com", true },
{ "evilsite.cf", true },
@@ -12744,7 +13049,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "evolutionsmedicalspa.com", true },
{ "evolvetechnologies.co.uk", true },
{ "evolvingthoughts.net", true },
- { "evonews.com", true },
{ "evony.eu", true },
{ "evosyn.com", true },
{ "evotec.pl", true },
@@ -12753,14 +13057,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "evrial.com", true },
{ "evrica.me", true },
{ "evromandie.ch", true },
+ { "evrotrust.com", true },
{ "evstatus.com", true },
{ "evtasima.name.tr", true },
{ "evtripping.com", true },
+ { "evtscan.io", true },
{ "ewaipiotr.pl", true },
{ "ewanm89.co.uk", true },
{ "ewanm89.com", true },
{ "ewanm89.uk", true },
{ "ewe2.ninja", true },
+ { "ewhitehat.com", true },
{ "ewie.name", true },
{ "ewizmo.com", true },
{ "ewout.io", true },
@@ -12776,14 +13083,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "examedge.com", true },
{ "example.sc", true },
{ "example.wf", true },
- { "examplesu.com", true },
{ "examsmate.in", true },
{ "exaplac.com", true },
{ "exarpy.com", true },
{ "exatmiseis.net", false },
{ "exceed.global", true },
{ "exceedagency.com", true },
+ { "excel-utbildning.nu", true },
{ "excelhot.com", true },
+ { "excelkurs.one", true },
{ "exceltechdubai.com", true },
{ "exceltechoman.com", true },
{ "exceltobarcode.com", true },
@@ -12794,7 +13102,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "exchaser.com", true },
{ "exclusivebouncycastles.co.uk", true },
{ "exclusivecarcare.co.uk", true },
- { "exclusivedesignz.com", true },
{ "exdamo.de", false },
{ "exe-boss.tech", true },
{ "execution.biz.tr", true },
@@ -12814,7 +13121,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "exit9wineandliquor.com", true },
{ "exitooutdoor.com", true },
{ "exmoe.com", true },
- { "exnovin.co", true },
{ "exon.io", true },
{ "exoplatform.com", true },
{ "exordiumconcepts.com", true },
@@ -12823,6 +13129,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "exoten-spezialist.de", true },
{ "exousiakaidunamis.pw", true },
{ "exp.de", true },
+ { "expancio.com", false },
+ { "expanddigital.media", true },
{ "expandeco.com", true },
{ "expatmortgage.uk", true },
{ "expe.voyage", true },
@@ -12841,6 +13149,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "expiscor.solutions", true },
{ "explodie.org", true },
{ "exploflex.com.br", true },
+ { "exploit-db.com", true },
{ "exploit.cz", true },
{ "exploit.party", true },
{ "exploit.ph", true },
@@ -12875,6 +13184,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "exside.com", true },
{ "exsora.com", true },
{ "extasic.com", true },
+ { "extendwings.com", true },
{ "extensia.it", true },
{ "extensibility.biz.tr", true },
{ "extensiblewebmanifesto.org", true },
@@ -12902,6 +13212,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "extradivers-worldwide.com", true },
{ "extranetpuc.com.br", true },
{ "extrapagetab.com", true },
+ { "extreemhost.nl", true },
{ "extreme-gaming.de", true },
{ "extreme-gaming.us", true },
{ "extreme-players.com", true },
@@ -12929,6 +13240,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ezakazivanje.rs", true },
{ "ezdog.press", true },
{ "ezequiel-garzon.net", true },
+ { "ezesec.com", true },
{ "ezgif.com", true },
{ "ezhik-din.ru", true },
{ "eztvtorrent.com", true },
@@ -12952,8 +13264,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "f5.hk", true },
{ "f5nu.com", true },
{ "f5w.de", true },
+ { "f88-line.com", true },
+ { "f88-line.net", true },
+ { "f88line.com", true },
+ { "f88line.net", true },
+ { "f88yule1.com", true },
+ { "f88yule5.com", true },
+ { "f88yule6.com", true },
+ { "f88yule7.com", true },
+ { "f88yule8.com", true },
{ "fa-works.com", true },
{ "fabbro-roma.org", true },
+ { "fabbro.roma.it", true },
{ "faber.org.ru", true },
{ "fabian-fingerle.de", true },
{ "fabian-klose.com", true },
@@ -12974,6 +13296,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fabriceleroux.com", true },
{ "fabriziocavaliere.it", true },
{ "fabriziorocca.it", true },
+ { "fabrysociety.org", true },
{ "fabse.net", true },
{ "facanabota.com", true },
{ "facanabota.com.br", true },
@@ -13007,7 +13330,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "factbytefactbox.com", true },
{ "factcool.com", true },
{ "factor.cc", false },
- { "factureenlinea.com", true },
{ "factuur.pro", true },
{ "factuursturen.be", true },
{ "factuursturen.nl", true },
@@ -13058,7 +13380,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fakturi.com", true },
{ "fakturoid.cz", true },
{ "falaeapp.org", true },
- { "falaland.com", true },
{ "falaowang.com", true },
{ "falbros.com", true },
{ "falcona.io", true },
@@ -13086,13 +13407,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fameus.fr", true },
{ "famfi.co", true },
{ "familiaperez.net", true },
+ { "familie-keil.de", true },
{ "familie-kruithof.nl", true },
{ "familie-kupschke.de", true },
{ "familie-leu.ch", true },
{ "familie-monka.de", true },
{ "familie-poeppinghaus.de", true },
{ "familie-remke.de", true },
- { "familiegrottendieck.de", true },
{ "familieholme.de", true },
{ "familiekiekjes.nl", true },
{ "familjenfrodlund.se", true },
@@ -13110,6 +13431,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fan.gov", true },
{ "fanactu.com", true },
{ "fanatical.com", true },
+ { "fanatik.io", true },
{ "fanboi.ch", true },
{ "fancy-bridge.com", true },
{ "fancy.org.uk", true },
@@ -13119,6 +13441,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fandomservices.com", true },
{ "fanfareunion.ch", true },
{ "fangs.ink", true },
+ { "fanhouwan.com", true },
{ "fanjoe.be", true },
{ "fansided.com", true },
{ "fantasiapainter.com", true },
@@ -13129,7 +13452,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fantasticservices.com", true },
{ "fantasticservicesgroup.com.au", true },
{ "fantasycastles.co.uk", true },
+ { "fantasycdn.com", true },
+ { "fantasydrop.com", true },
{ "fantasyescortsbirmingham.co.uk", true },
+ { "fantasymina.de", true },
{ "fantasypartyhire.com.au", true },
{ "fantasyspectrum.com", true },
{ "fantopia.club", true },
@@ -13152,6 +13478,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "farhood.org", true },
{ "farid.is", true },
{ "farmacia-discreto.com", true },
+ { "farmaciadejaime.es", true },
{ "farmacialaboratorio.it", true },
{ "farmer.dating", true },
{ "farmers.gov", false },
@@ -13196,12 +13523,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fassaden-selleng.de", true },
{ "fassadenverkleidung24.de", true },
{ "fassi-sport.it", true },
+ { "fast-host.net", true },
+ { "fast-pro.co.jp", true },
{ "fastblit.com", true },
{ "fastcash.com.br", true },
+ { "fastcomcorp.com", true },
{ "fastcommerce.org", true },
{ "fastcp.top", true },
{ "fastest-hosting.co.uk", true },
- { "fastforwardsociety.nl", true },
{ "fastforwardthemes.com", true },
{ "fastlike.co", true },
{ "fastmail.com", false },
@@ -13228,7 +13557,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fawong.com", true },
{ "faxite.com", true },
{ "faxvorlagen-druckvorlagen.de", true },
- { "fayntic.com", true },
{ "fb.me", true },
{ "fbcdn.net", true },
{ "fbcopy.com", true },
@@ -13275,7 +13603,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "featherweightlabs.com", true },
{ "featuredmen.com", false },
{ "feb.gov", true },
- { "fecik.sk", true },
{ "fedcenter.gov", true },
{ "federaljobs.gov", true },
{ "federalreserve.gov", true },
@@ -13301,6 +13628,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "feedough.com", true },
{ "feedthefuture.gov", true },
{ "feeeei.com", true },
+ { "feek.fit", true },
{ "feel-events.com", true },
{ "feel.aero", true },
{ "feelgood-workouts.de", true },
@@ -13321,6 +13649,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "feigling.net", false },
{ "feildel.fr", true },
{ "feilen.de", true },
+ { "feisbed.com", true },
{ "feisim.com", true },
{ "feisim.org", true },
{ "feistyduck.com", true },
@@ -13333,13 +13662,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "feli.games", true },
{ "felicifia.org", true },
{ "felinepc.com", true },
- { "felisslovakia.sk", true },
{ "felistirnavia.sk", true },
{ "felixaufreisen.de", true },
{ "felixbarta.de", true },
{ "felixcrux.com", true },
{ "felixgenicio.com", true },
{ "felixkauer.de", true },
+ { "felixqu.com", true },
{ "felixsanz.com", true },
{ "felixseele.de", true },
{ "felsing.net", true },
@@ -13366,6 +13695,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ferienhaus-polchow-ruegen.de", false },
{ "ferienhausprovence.ch", true },
{ "ferienwohnung-hafeninsel-stralsund.de", true },
+ { "ferienwohnung-wiesengrund.eu", true },
{ "feriespotter.dk", true },
{ "ferm-rotterdam.nl", true },
{ "fermabel.com.br", true },
@@ -13400,6 +13730,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "feuerwehr-oberkotzau.de", true },
{ "feuerwehr-offenbach-bieber.de", false },
{ "feuerwehr-vechta.de", true },
+ { "feuerwehrbadwurzach.de", true },
{ "feuerwerksmanufaktur.de", true },
{ "feuetgloire.com", true },
{ "fewo-hafeninsel-stralsund.de", true },
@@ -13410,15 +13741,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ff-bad-hoehenstadt.de", true },
{ "ff-getzersdorf.at", true },
{ "ff-obersunzing-niedersunzing.de", true },
- { "ff14-mstdn.xyz", true },
+ { "ff14-mstdn.xyz", false },
{ "ffb.gov", false },
{ "ffbans.org", true },
+ { "ffbsee.net", true },
{ "ffiec.gov", true },
{ "ffis.me", true },
{ "ffkoenigsberg.de", true },
{ "ffmradio.de", true },
{ "ffprofile.com", true },
- { "ffsociety.nl", true },
{ "ffta.eu", true },
{ "ffw-zeven.de", true },
{ "ffzeven.de", true },
@@ -13429,7 +13760,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fhdhelp.de", false },
{ "fhdhilft.de", false },
{ "fhfaoig.gov", true },
- { "fhg90.com", true },
{ "fhmkh.cn", true },
{ "fi.google.com", true },
{ "fi.search.yahoo.com", false },
@@ -13439,10 +13769,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fiasgo.com", true },
{ "fiasgo.dk", true },
{ "fiasgo.i.ng", true },
+ { "fibabanka.com.tr", true },
{ "fibo-forex.org", true },
{ "fibra.click", true },
{ "fibretv.co.nz", true },
{ "fibretv.tv", true },
+ { "fibromuebles.com", true },
{ "fichier-pdf.fr", true },
{ "fickweiler.nl", true },
{ "ficlab.com", true },
@@ -13469,6 +13801,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fight215.com", true },
{ "fight215.org", true },
{ "figinstitute.org", true },
+ { "figliasons.com", true },
{ "figshare.com", true },
{ "figurasdelinguagem.com.br", true },
{ "figure.nz", true },
@@ -13479,6 +13812,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fijnewoensdag.nl", true },
{ "fiken.no", true },
{ "fikst.com", true },
+ { "fil-tec-rixen.com", true },
{ "fil.fi", true },
{ "filanthropystar.org", true },
{ "file-cloud.eu", true },
@@ -13504,7 +13838,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "filleritemsindia.com", true },
{ "fillo.sk", true },
{ "film-colleges.com", true },
- { "film-storyboards.com", true },
{ "film-storyboards.fr", true },
{ "film-tutorial.com", true },
{ "filme-onlines.com", true },
@@ -13520,6 +13853,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "filterlists.com", true },
{ "filtr.me", true },
{ "fimsquad.com", true },
+ { "finagosolo.com", true },
{ "final-expense-quotes.com", true },
{ "finalprice.net", true },
{ "finalrewind.org", true },
@@ -13547,6 +13881,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "findstorenearme.co.uk", true },
{ "findstorenearme.us", true },
{ "findthatnude.com", true },
+ { "findyourtrainer.com", true },
{ "findyourvoice.ca", true },
{ "fine-services.paris", true },
{ "finecocoin.io", true },
@@ -13571,6 +13906,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fintry.ca", true },
{ "finvantage.com", true },
{ "finwe.info", true },
+ { "fionafuchs.de", true },
{ "fionamcbride.com", true },
{ "fioristionline.it", true },
{ "fioristionline.net", true },
@@ -13590,7 +13926,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "firefly-iii.org", true },
{ "firegoby.jp", true },
{ "firegore.com", true },
- { "firekoi.com", true },
{ "fireleadership.gov", true },
{ "firemudfm.com", true },
{ "firenza.org", true },
@@ -13639,10 +13974,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fishermansbendcorporation.com.au", true },
{ "fishermansbendtownhouses.com.au", true },
{ "fishexport.eu", true },
- { "fishfinders.info", true },
{ "fishgen.no", true },
{ "fishserver.net", true },
{ "fishtacos.blog", true },
+ { "fisinfomanagerdr.com", true },
{ "fistu.la", true },
{ "fit-4u.ch", true },
{ "fit-mit-nina.com", true },
@@ -13659,7 +13994,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fiuxy.bz", true },
{ "fiuxy.co", true },
{ "fiuxy.me", true },
- { "fiveboosts.xyz", true },
{ "fivethirtyeight.com", true },
{ "fixatom.com", true },
{ "fixed.supply", true },
@@ -13674,11 +14008,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fiziktedavi.name.tr", true },
{ "fizyoterapi.name.tr", true },
{ "fizz.buzz", false },
+ { "fj.je", true },
{ "fj.search.yahoo.com", false },
{ "fj.simple.com", false },
+ { "fjdekermadec.com", true },
{ "fjharcu.com", true },
{ "fjordboge.dk", true },
{ "fjugstad.com", true },
+ { "fjzone.org", true },
{ "fkcdn.de", true },
{ "fkfev.de", true },
{ "fktpm.ru", true },
@@ -13713,6 +14050,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "flavr.be", true },
{ "flawlesscowboy.xyz", true },
{ "fleep.io", true },
+ { "fleesty.dynv6.net", true },
{ "fleetcor.at", true },
{ "fleetcor.ch", true },
{ "fleetcor.cz", true },
@@ -13737,13 +14075,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fleuryfleury.com", true },
{ "flexapplications.se", true },
{ "flexfunding.com", true },
- { "fleximaal.com", true },
{ "fleximal.com", true },
{ "fleximus.org", false },
{ "flexport.com", true },
{ "flexstart.me", true },
{ "flextrack.dk", true },
- { "flextribly.xyz", true },
{ "fliacuello.com.ar", true },
{ "flickcritter.com", true },
{ "fliesen-waldschmidt.de", true },
@@ -13764,10 +14100,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "flipneus.net", true },
{ "fliptable.org", true },
{ "flirt-norden.de", true },
- { "flirtee.net", false },
+ { "flirtee.net", true },
{ "flirtfaces.de", true },
{ "flirtos.de", true },
- { "flixhaven.net", true },
{ "flixports.com", true },
{ "flmortgagebank.com", true },
{ "floatationlocations.com", true },
@@ -13776,6 +14111,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "flocktofedora.org", true },
{ "floersheimer-openair.de", true },
{ "floffi.media", true },
+ { "floify.com", true },
{ "floj.tech", true },
{ "flokinet.is", true },
{ "floless.co.uk", true },
@@ -13813,20 +14149,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "florisvdk.net", true },
{ "floriswesterman.nl", true },
{ "flosch.at", false },
- { "floseed.fr", true },
{ "floskelwolke.de", true },
+ { "flourishtogether.com", true },
{ "flow.su", true },
{ "flowair24.ru", true },
{ "flowcom.de", true },
- { "flowcount.xyz", true },
{ "flowersbylegacy.com", true },
{ "flowinvoice.com", true },
{ "flowreader.com", true },
{ "flra.gov", true },
{ "flucky.xyz", true },
- { "flucto.com", true },
- { "flue-ducting.co.uk", true },
{ "fluffycloud.de", true },
+ { "fluggesellschaft.de", true },
{ "fluhrers.de", true },
{ "fluidmeterusa.com", true },
{ "fluids.ac.uk", true },
@@ -13856,6 +14190,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "flyingrub.me", true },
{ "flymns.fr", true },
{ "flynn.io", true },
+ { "flyp.me", true },
+ { "flypenge.dk", true },
{ "flyserver.co.il", true },
{ "flyshe.co.uk", true },
{ "flyssh.net", true },
@@ -13877,6 +14213,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fnkr.net", true },
{ "fnof.ch", true },
{ "fnordserver.eu", true },
+ { "fnpro.eu", true },
{ "fnzc.co.nz", true },
{ "foairbus.fr", true },
{ "foairbussas.fr", true },
@@ -13912,7 +14249,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "foluomeng.net", true },
{ "folv.es", true },
{ "folwark.krakow.pl", true },
- { "folwarkwiazy.pl", true },
{ "fomopop.com", true },
{ "fondationwiggli.ch", true },
{ "fondsdiscountbroker.de", true },
@@ -13930,7 +14266,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "foo.hamburg", true },
{ "foodattitude.ch", true },
{ "foodblogger.club", true },
- { "foodcowgirls.com", true },
{ "foodev.de", true },
{ "foodsafety.gov", true },
{ "foodsafetyjobs.gov", true },
@@ -13943,6 +14278,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fooster.io", true },
{ "foot.fr", true },
{ "footagecrate.com", true },
+ { "football.de", true },
{ "footballforum.de", true },
{ "footloose.co.uk", true },
{ "for.care", true },
@@ -13966,7 +14302,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "foresdon.jp", true },
{ "foresthillhomes.ca", true },
{ "forestraven.net", true },
- { "foreverssl.com", true },
{ "foreversummertime.com", true },
{ "forewordreviews.com", true },
{ "forex.ee", true },
@@ -13979,15 +14314,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "forge-goerger.eu", true },
{ "forgotten-legends.org", true },
{ "form3w.nl", true },
+ { "formacionyestudios.com", true },
{ "forman.store", true },
{ "formapi.io", true },
{ "format-paysage.ch", true },
{ "formation-assureur.com", true },
{ "formation-mac.ch", true },
{ "formationseeker.com", true },
- { "formbetter.com", true },
{ "formini.dz", true },
- { "formkiq.com", true },
{ "formsbyair.com", true },
{ "formula-ot.ru", true },
{ "formulacionquimica.com", true },
@@ -13997,20 +14331,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "foro.io", false },
{ "forodeespanol.com", true },
{ "forodieta.com", true },
+ { "forokd.com", true },
{ "forologikidilosi.com.gr", true },
{ "forourselves.com", true },
{ "forpc.us", true },
{ "forrestheller.com", true },
+ { "forro.berlin", true },
{ "forro.info", true },
{ "forsakringsarkivet.se", true },
{ "forschbach-janssen.de", true },
{ "forsec.nl", true },
{ "forstbetrieb-hennecke.de", true },
{ "forstprodukte.de", true },
- { "fort.eu", true },
{ "forteggz.nl", true },
{ "fortesanshop.it", true },
- { "fortknox.cz", true },
{ "fortnine.ca", true },
{ "fortnitemagic.ga", true },
{ "fortran.io", true },
@@ -14043,7 +14377,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "foto-leistenschneider.de", true },
{ "foto-leitner.com", true },
{ "foto-leitner.de", true },
- { "foto-pro.by", true },
{ "foto-robitsch.at", true },
{ "foto-roma.ru", true },
{ "foto.by", true },
@@ -14052,6 +14385,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fotoflits.net", true },
{ "fotografechristha.nl", true },
{ "fotografiadellalucerossa.com", true },
+ { "fotografiamakro.pl", true },
{ "fotohome.dk", true },
{ "fotokomorkomania.pl", true },
{ "fotoleitner.com", true },
@@ -14076,11 +14410,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "foutrelis.com", true },
{ "fowlervwparts.com", true },
{ "fowlsmurf.net", true },
- { "fox.my", true },
{ "foxbnc.co.uk", true },
{ "foxdev.co", true },
{ "foxesare.sexy", true },
- { "foxhound.com.br", true },
{ "foxing.club", true },
{ "foxo.blue", true },
{ "foxontheinter.net", true },
@@ -14118,6 +14450,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "franchini.engineer", true },
{ "francis.tokyo", true },
{ "francisli.net", false },
+ { "franckgirard.net", true },
{ "franckyz.com", true },
{ "francois-gaillard.fr", true },
{ "francois-occasions.be", true },
@@ -14142,12 +14475,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "frankl.in", true },
{ "frankmorrow.com", true },
{ "frankopol-sklep.pl", true },
+ { "frankpalomeque.com", true },
{ "franksiler.com", true },
{ "frankslaughterinsurance.com", true },
{ "frankwei.xyz", true },
{ "frankyan.com", true },
{ "frantic1048.com", true },
- { "frantorregrosa.me", true },
{ "franz-vatter.de", true },
{ "franz.beer", true },
{ "franziska-pascal.de", true },
@@ -14173,34 +14506,84 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "frdl.ch", true },
{ "freaksites.dk", true },
{ "freaksports.com.au", true },
+ { "freakyaweso.me", true },
+ { "freakyawesome.band", true },
+ { "freakyawesome.blog", true },
+ { "freakyawesome.club", true },
+ { "freakyawesome.co", true },
+ { "freakyawesome.company", true },
+ { "freakyawesome.email", true },
+ { "freakyawesome.events", true },
+ { "freakyawesome.fashion", true },
+ { "freakyawesome.fitness", true },
+ { "freakyawesome.fm", true },
+ { "freakyawesome.fun", true },
+ { "freakyawesome.fyi", true },
+ { "freakyawesome.games", true },
+ { "freakyawesome.guide", true },
+ { "freakyawesome.guru", true },
+ { "freakyawesome.info", true },
+ { "freakyawesome.io", true },
+ { "freakyawesome.life", true },
+ { "freakyawesome.live", true },
+ { "freakyawesome.marketing", true },
+ { "freakyawesome.me", true },
+ { "freakyawesome.media", true },
+ { "freakyawesome.network", true },
+ { "freakyawesome.news", true },
+ { "freakyawesome.online", true },
+ { "freakyawesome.org", true },
+ { "freakyawesome.photography", true },
+ { "freakyawesome.photos", true },
+ { "freakyawesome.press", true },
+ { "freakyawesome.recipes", true },
+ { "freakyawesome.rentals", true },
+ { "freakyawesome.reviews", true },
+ { "freakyawesome.services", true },
+ { "freakyawesome.shop", true },
+ { "freakyawesome.site", true },
+ { "freakyawesome.social", true },
+ { "freakyawesome.software", true },
+ { "freakyawesome.solutions", true },
+ { "freakyawesome.store", true },
+ { "freakyawesome.team", true },
+ { "freakyawesome.tips", true },
+ { "freakyawesome.today", true },
+ { "freakyawesome.tours", true },
+ { "freakyawesome.tv", true },
+ { "freakyawesome.video", true },
+ { "freakyawesome.website", true },
+ { "freakyawesome.work", true },
+ { "freakyawesome.world", true },
+ { "freakyawesome.xyz", true },
{ "frebi.org", true },
{ "frebib.co.uk", true },
{ "frebib.com", true },
- { "frebib.me", true },
{ "frebib.net", true },
{ "freddieonfire.tk", false },
{ "freddyfazbearspizzeria.com", true },
{ "freddysfuncastles.co.uk", true },
- { "frederickalcantara.com", true },
+ { "fredericcote.com", true },
{ "frederik-braun.com", false },
{ "frederikvig.com", true },
{ "fredloya.com", true },
- { "fredriksslekt.se", true },
+ { "fredriksslaktforskning.se", true },
{ "fredtec.ru", true },
{ "fredvoyage.fr", true },
- { "free-your-pc.com", true },
+ { "free-ss.site", true },
{ "free.ac.cn", true },
{ "free.com.tw", true },
{ "freeasyshop.com", true },
{ "freebarrettbrown.org", true },
{ "freebcard.com", true },
{ "freebetoffers.co.uk", true },
- { "freebies.id", true },
{ "freebookmakersbetsandbonuses.com.au", true },
{ "freeboson.org", true },
+ { "freebus.org", true },
{ "freecam2cam.site", true },
{ "freecloud.at", true },
{ "freecookies.nl", true },
+ { "freecycleusa.com", true },
{ "freedev.cz", true },
{ "freedom.nl", true },
{ "freedom.press", true },
@@ -14223,14 +14606,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "freelance.boutique", true },
{ "freelance.guide", true },
{ "freelance.nl", true },
- { "freelancecollab.com", true },
{ "freelanceessaywriters.com", true },
{ "freelancehunt.com", true },
- { "freelanceshipping.com", true },
{ "freelauri.com", true },
{ "freelifer.jp", true },
{ "freelo.cz", true },
{ "freelysurf.cf", true },
+ { "freemania.eu", true },
+ { "freemania.nl", true },
{ "freemanlogistics.com", true },
{ "freemans.com", true },
{ "freemomhugs.org", true },
@@ -14250,6 +14633,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "freesoft-board.to", true },
{ "freesoftlab.com", true },
{ "freesolitaire.win", true },
+ { "freesourcestl.org", true },
+ { "freesquare.net", true },
{ "freessl.tech", true },
{ "freesslcertificate.me", true },
{ "freethetv.ie", true },
@@ -14288,8 +14673,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "freshdns.nl", true },
{ "freshempire.gov", true },
{ "freshislandfish.com", true },
- { "freshkiss.com.au", true },
- { "freshmaza.com", true },
+ { "freshlymind.com", true },
{ "freshmaza.net", true },
{ "fretscha.com", true },
{ "frettirnar.is", true },
@@ -14299,6 +14683,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "freundinnen-urlaub.de", true },
{ "friarsonbase.com", true },
{ "fribourgviking.net", true },
+ { "frickelboxx.de", true },
{ "frickelmeister.de", true },
{ "fridayfoucoud.ma", true },
{ "fridolinka.cz", true },
@@ -14307,11 +14692,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "friederloch.de", true },
{ "friedrich-foto-art.de", true },
{ "friedsamphotography.com", true },
- { "friendlysiberia.com", true },
{ "friendowment.us", true },
{ "friends-of-naz.com", true },
{ "friends-socialgroup.org", true },
{ "friends24.cz", true },
+ { "friendship-quotes.co.uk", true },
{ "friendshipismagicsquad.com", true },
{ "friendsofgfwpc.org", true },
{ "frieslandrail.nl", true },
@@ -14321,6 +14706,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "frigi.ch", true },
{ "frigolit.net", true },
{ "frillip.com", true },
+ { "fringeintravel.com", true },
{ "frinkiac.com", true },
{ "frino.de", true },
{ "frippz.se", true },
@@ -14338,11 +14724,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "frolova.org", true },
{ "from-the-net.com", true },
{ "fromscratch.rocks", true },
- { "fromthesoutherncross.com", true },
{ "fronteers.nl", false },
{ "frontier-ad.co.jp", true },
{ "frontier.bet", true },
- { "frontierdiscount.com", true },
{ "frontiers.nl", true },
{ "frontlinemessenger.com", true },
{ "fropky.com", true },
@@ -14367,11 +14751,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "frugalmechanic.com", true },
{ "frugro.be", true },
{ "fruition.co.jp", true },
+ { "fruitscale.com", true },
{ "frusky.de", true },
{ "fruttini.de", true },
{ "frydrychit.cz", true },
{ "fs-community.nl", true },
- { "fs-fitness.eu", true },
{ "fs-g.org", true },
{ "fs-maistadt.de", true },
{ "fs257.com", true },
@@ -14387,12 +14771,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fsdress.com", true },
{ "fsfxpackages.com", true },
{ "fsg.one", true },
- { "fsj4u.ch", true },
{ "fsk.fo", true },
{ "fsky.info", true },
{ "fsm2016.org", true },
{ "fsps.ch", true },
{ "fsstyle.com", true },
+ { "fsty.uk", true },
{ "fsvt.ch", true },
{ "ft.com", false },
{ "ftc.gov", false },
@@ -14404,17 +14788,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ftptest.net", true },
{ "ftrsecure.com", true },
{ "ftv.re", true },
- { "fu639.top", true },
{ "fu898.top", true },
{ "fuantaishenhaimuli.net", true },
{ "fuck-your-false-positive.de", true },
{ "fuckav.ru", true },
{ "fuckcie.com", true },
{ "fucklife.ch", true },
- { "fuckobr.com", true },
- { "fuckobr.net", true },
- { "fuckobr.org", true },
- { "fuckobr.su", true },
{ "fuckonthefirst.date", true },
{ "fuckup.dk", true },
{ "fuckyoupaypal.me", true },
@@ -14422,7 +14801,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fuelfirebrand.com", true },
{ "fuelingyourdreams.com", true },
{ "fuerstenfelder-immobilien.de", true },
- { "fugamo.de", true },
{ "fuglede.dk", true },
{ "fuite.ch", true },
{ "fuites.ch", true },
@@ -14452,6 +14830,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fun-bounce.co.uk", true },
{ "fun-tasia.co.uk", true },
{ "fun4kidzbouncycastles.co.uk", true },
+ { "fun4tomorrow.com", true },
{ "fun4ubouncycastles.co.uk", true },
{ "fun888city.com", true },
{ "fun888city.net", true },
@@ -14469,7 +14848,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fundingempire.com", true },
{ "fundort.ch", true },
{ "funds.ddns.net", true },
- { "funerariahogardecristo.cl", true },
{ "funfactorleeds.co.uk", true },
{ "funfair.io", true },
{ "funfoodco.co.uk", true },
@@ -14484,7 +14862,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "funkygamer1.de", true },
{ "funniestclip.com", true },
{ "funnybikini.com", true },
- { "funoverip.net", true },
{ "funsochi.ru", true },
{ "funspins.com", true },
{ "funtasticinflatablesdurham.co.uk", true },
@@ -14495,10 +14872,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "funtimesbouncycastles.co.uk", true },
{ "fur.red", true },
{ "furaje-iasi.com", true },
+ { "furcdn.net", true },
{ "furcity.me", true },
{ "furgo.love", true },
{ "furigana.info", true },
- { "furikake.xyz", true },
{ "furkancaliskan.com", true },
{ "furkot.com", true },
{ "furkot.de", true },
@@ -14509,26 +14886,30 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "furlan.co", true },
{ "furlog.it", true },
{ "furnfurs.com", true },
+ { "furnishedproperty.com.au", true },
{ "furry.cat", true },
{ "furry.dk", true },
{ "furrybot.me", true },
{ "furrytech.network", true },
{ "furrytf.club", true },
{ "furryyiff.site", true },
+ { "fursuitbutts.com", true },
{ "fusa-miyamoto.jp", true },
{ "fuselight.nl", true },
{ "fuseos.net", true },
{ "fushee.com", true },
{ "fusiongaming.de", true },
{ "fussball-xxl.de", true },
+ { "fussell.io", true },
+ { "futa.moe", true },
{ "futaba-works.com", true },
{ "futagro.com", true },
{ "futbomb.com", true },
{ "futcre.com", true },
{ "futrou.com", true },
{ "future-moves.com", true },
+ { "futureaudiographics.com", true },
{ "futurefund.com", true },
- { "futurefundapp.com", true },
{ "futuregrowthva.com", true },
{ "futurehack.io", true },
{ "futurenda.com", true },
@@ -14559,16 +14940,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fxopen.ru", true },
{ "fxp.co.il", true },
{ "fxseo.com.au", true },
+ { "fxtalk.cn", true },
{ "fxthai.com", true },
{ "fxtrade-lab.com", true },
{ "fxweb.co", true },
{ "fxwebsites.com.au", true },
{ "fxwebsites.net.au", true },
{ "fxwebstudio.net.au", true },
+ { "fydjbsd.cn", true },
{ "fyfywka.com", true },
{ "fyksen.me", true },
{ "fyn.nl", true },
{ "fyol.xyz", false },
+ { "fyreek.me", true },
{ "fyretrine.com", true },
{ "fysesbjerg.dk", true },
{ "fysio123.nl", true },
@@ -14584,9 +14968,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fzx750.ru", true },
{ "g-ds.de", true },
{ "g-m-w.eu", true },
- { "g-o.pl", true },
{ "g-p-design.com", true },
{ "g-rom.net", true },
+ { "g.co", true },
{ "g0881.com", true },
{ "g0man.com", true },
{ "g1.ie", true },
@@ -14609,7 +14993,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gabemack.com", true },
{ "gabinetpsychoterapii.krakow.pl", true },
{ "gabriel.to", true },
- { "gabrielsimonet.ch", true },
+ { "gabriele.tips", true },
{ "gabrielsteens.nl", true },
{ "gachimuchi.ru", true },
{ "gachiyase.com", true },
@@ -14634,6 +15018,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gagygnole.ch", true },
{ "gaiavanderzeyp.com", true },
{ "gaichon.com", true },
+ { "gailfellowsphotography.com", true },
{ "gaines-sodiamex.fr", true },
{ "gaio-automobiles.fr", true },
{ "gaireg.de", true },
@@ -14652,8 +15037,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "galactic-crew.org", true },
{ "galak.ch", true },
{ "galanight.cz", true },
+ { "galaxy.edu.pe", true },
{ "galecia.com", true },
{ "galeria42.com", true },
+ { "galerialottus.com.br", true },
+ { "galeriarr.pl", true },
{ "galeriart.xyz", true },
{ "galeries.photo", true },
{ "galilahiskye.com", true },
@@ -14670,7 +15058,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gallifreypermaculture.com.au", true },
{ "gallun-shop.com", true },
{ "galpaoap.com.br", true },
- { "gamajo.com", true },
{ "gamberorosso.menu", true },
{ "gambetti.fr", true },
{ "gambit.pro", true },
@@ -14727,10 +15114,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gamingrealms.net", true },
{ "gamingwithcromulent.com", true },
{ "gamingzoneservers.com", true },
- { "gamisalya.com", true },
{ "gamishou.fr", true },
- { "gamismodelbaru.com", true },
- { "gamismu.com", true },
+ { "gamismodernshop.com", true },
+ { "gamismurahonline.com", true },
{ "gamivo.com", true },
{ "gamoloco.com", true },
{ "gan.wtf", true },
@@ -14753,9 +15139,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gapdirect.com", true },
{ "gapfa.org", true },
{ "gaphag.ddns.net", true },
- { "gar-nich.net", false },
{ "garage-leone.com", true },
{ "garage-meynard.com", true },
+ { "garagedejan.ch", true },
{ "garageenginuity.com", true },
{ "garagegoossens.be", true },
{ "garagemhermetica.org", true },
@@ -14769,11 +15155,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "garderobche.eu", true },
{ "gardikagigih.com", true },
{ "gardinte.com", true },
+ { "gardis.ua", true },
{ "garedtech.com", false },
{ "garethbowker.com", true },
+ { "garethkirk.com", true },
+ { "garethkirkreviews.com", true },
{ "garethrhugh.es", true },
{ "garforthgolfclub.co.uk", true },
{ "gargazon.net", true },
+ { "garnuchbau.de", true },
{ "garron.net", true },
{ "garrowmediallc.com", true },
{ "gartenbaur.de", true },
@@ -14805,7 +15195,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gavins.stream", true },
{ "gavinsblog.com", true },
{ "gawrimanecuta.com", true },
- { "gayforgenji.com", true },
+ { "gaycc.cc", true },
{ "gaymerconnect.net", true },
{ "gaymerx.com", true },
{ "gaymerx.net", true },
@@ -14837,6 +15227,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gdhzcgs.com", true },
{ "gdiary.net", true },
{ "gdngs.de", true },
+ { "gdoce.es", true },
{ "gdpr-pohotovost.cz", true },
{ "gdv.me", true },
{ "gdz-spishy.com", true },
@@ -14844,10 +15235,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ge3k.net", false },
{ "gear4you.shop", true },
{ "gearallnews.com", true },
+ { "gearboxhero.com", true },
{ "gearev.net", true },
{ "gearfinder.nl", true },
{ "gearset.com", true },
- { "geass.xyz", true },
{ "geba-online.de", true },
{ "gebn.co.uk", true },
{ "gebn.uk", true },
@@ -14859,6 +15250,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "geckler-ee.de", true },
{ "geder.at", true },
{ "gedlingcastlehire.co.uk", true },
+ { "gedlingtherapy.co.uk", true },
{ "gee.is", true },
{ "geecrat.com", true },
{ "geek-hub.de", true },
@@ -14907,10 +15299,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gelis.ch", true },
{ "gelodosul.com.br", true },
{ "gelog-software.de", false },
+ { "gelonghui.com", true },
{ "geloofindemocratie.nl", false },
{ "geluidsstudio.com", true },
+ { "geluk.io", true },
{ "gem-indonesia.net", false },
- { "gem-info.fr", true },
{ "gemeentemolenwaard.nl", true },
{ "gemeinsam-ideen-verwirklichen.de", true },
{ "gemgroups.in", true },
@@ -14933,7 +15326,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "general-anaesthesia.com", true },
{ "general-anaesthetics.com", true },
{ "general-anesthesia.com", true },
- { "general-insurance.tk", true },
{ "generali-worldwide.com", true },
{ "generalinsuranceservices.com", true },
{ "generationgoat.com", true },
@@ -14946,6 +15338,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "genesysmi.com", true },
{ "genetargetsolutions.com.au", true },
{ "genetidyne.com", true },
+ { "genevachauffeur.com", true },
{ "geneve-naturisme.ch", true },
{ "genevoise-entretien.ch", true },
{ "genfaerd.dk", true },
@@ -14955,7 +15348,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "geniuszone.biz", true },
{ "genocidediary.org", true },
{ "genodeftest.de", true },
- { "genome.gov", false },
+ { "genome.gov", true },
{ "genomequestlive.com", true },
{ "genosse-einhorn.de", true },
{ "genoveve.de", true },
@@ -14972,16 +15365,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gentooblog.de", true },
{ "genusshotel-riegersburg.at", true },
{ "genuxtsg.com", true },
- { "genxnotes.com", true },
+ { "geocar.com", true },
{ "geocompass.at", true },
{ "geofox.org", true },
{ "geography-schools.com", true },
+ { "geoinstinct.com", true },
{ "geoip.fedoraproject.org", true },
{ "geoip.stg.fedoraproject.org", true },
{ "geojs.io", true },
{ "geology-schools.com", true },
{ "geometra.roma.it", true },
{ "geomex.be", true },
+ { "geomonkeys.com", true },
{ "geoponika.gr", true },
{ "geoport.al", true },
{ "georadar-algerie.com", true },
@@ -15007,7 +15402,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "geoscope.ch", true },
{ "geosphereservices.com", true },
{ "geotab.com", true },
- { "gepe.ch", true },
{ "gepgroup.gr", true },
{ "gepps.de", true },
{ "geraintwhite.co.uk", true },
@@ -15033,9 +15427,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "geschwinder.net", true },
{ "gesica.cloud", true },
{ "gessettirotti.it", true },
+ { "gestorehotel.com", true },
{ "gestormensajeria.com", true },
{ "gesundheitmassage.com", true },
{ "gesundheitswelt24.de", true },
+ { "gesundheitszentrum-am-reischberg.de", true },
{ "get-erp.ru", true },
{ "get-it-live.com", true },
{ "get-it-live.de", true },
@@ -15076,12 +15472,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "getmango.com", true },
{ "getmdl.io", true },
{ "getmerch.eu", true },
+ { "getmovil.com", true },
{ "getnib.com", true },
{ "getnikola.com", true },
{ "getoutofdebt.org", true },
{ "getpagespeed.com", true },
{ "getpanelapp.com", true },
- { "getpei.com", false },
+ { "getpei.com", true },
{ "getprivacy.de", true },
{ "getprivacy.net", true },
{ "getpublii.com", true },
@@ -15092,7 +15489,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "getsensibill.com", true },
{ "getsetbounce.co.uk", true },
{ "getsilknow.com", true },
- { "getsmartaboutdrugs.gov", true },
+ { "getsmartaboutdrugs.gov", false },
{ "getsport.mobi", true },
{ "getswadeshi.com", true },
{ "getteamninja.com", true },
@@ -15105,7 +15502,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "getwemap.com", true },
{ "getwisdom.io", true },
{ "getyeflask.com", true },
- { "getyou.onl", false },
{ "getyourlifestraight.com", true },
{ "gevelreinigingtiel.nl", true },
{ "geyduschek.be", true },
@@ -15138,6 +15534,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ggx.us", true },
{ "gha.st", true },
{ "ghaglund.se", true },
+ { "ghettonetflix.de", true },
+ { "ghfip.com.au", true },
{ "ghini.com", true },
{ "ghislainphu.fr", true },
{ "ghostblog.info", false },
@@ -15169,6 +15567,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "giethoorn.com", true },
{ "gietvloergarant.nl", false },
{ "giftcard.net", true },
+ { "giftcardgranny.com", true },
{ "giftedconsortium.com", true },
{ "giftking.nl", false },
{ "giftmaniabrilhos.com.br", true },
@@ -15179,6 +15578,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "giga.nl", true },
{ "gigabitz.pw", true },
{ "gigacog.com", true },
+ { "gigantar.com", true },
{ "gigantism.com", true },
{ "gigawa.lt", true },
{ "giggletotz.co.uk", true },
@@ -15191,6 +15591,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gigseekr.com", true },
{ "gigtroll.eu", true },
{ "gijsbertus.com", true },
+ { "gijswesterman.nl", true },
{ "gikovatelojavirtual.com.br", true },
{ "gilangcp.com", true },
{ "gileadpac.com", true },
@@ -15205,10 +15606,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gilmourluna.com", true },
{ "gilnet.be", true },
{ "gilpinmanagement.com", true },
- { "gilpinrealty.com", true },
{ "gimme.money", true },
{ "gina-architektur.design", true },
{ "ginabaum.com", true },
+ { "ginacat.de", true },
{ "gingersutton.com", true },
{ "ginionusedcars.be", true },
{ "ginja.co.th", true },
@@ -15216,6 +15617,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ginniemae.gov", true },
{ "gino-gelati.de", true },
{ "ginza-luce.net", true },
+ { "ginza-viola.com", true },
{ "ginzadelunch.jp", true },
{ "ginzaj.com", true },
{ "giochi-online.ws", true },
@@ -15231,6 +15633,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "girlsforum.com", true },
{ "girlsgenerationgoods.com", true },
{ "girlz.jp", true },
+ { "girsa.org", true },
{ "girvas.ru", true },
{ "gisch.tk", true },
{ "gisgov.be", true },
@@ -15239,7 +15642,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gisher.video", true },
{ "gishiko.net", true },
{ "gistr.io", true },
- { "git.ac.cn", true },
{ "git.market", true },
{ "git.sb", true },
{ "git.tt", true },
@@ -15277,7 +15679,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gkoenig-innenausbau.de", true },
{ "gkralik.eu", true },
{ "gl.search.yahoo.com", false },
- { "gla-hyperloop.com", true },
+ { "gla-hyperloop.com", false },
{ "glaciernursery.com", true },
{ "gladiatorboost.com", true },
{ "gladwellentertainments.co.uk", true },
@@ -15332,6 +15734,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "globalonetechnology.com", true },
{ "globalprojetores.com.br", true },
{ "globalresearchcouncil.org", true },
+ { "globalresistancecorporation.com", true },
{ "globalventil.com", true },
{ "globcoin.io", true },
{ "globelink-group.com", true },
@@ -15339,6 +15742,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "glofox.com", true },
{ "gloneta.com", false },
{ "gloning.name", true },
+ { "gloria.tv", true },
{ "glosiko.com", true },
{ "glossopnorthendafc.co.uk", true },
{ "glotech.co.uk", true },
@@ -15346,7 +15750,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "glotechrepairs.co.uk", true },
{ "glu3cifer.rocks", true },
{ "glueck-im-norden.de", true },
- { "gluecksgriff-taschen.de", true },
{ "glueckskindter.de", true },
{ "gluedtomusic.com", true },
{ "gluit.de", true },
@@ -15364,6 +15767,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gmccar.it", true },
{ "gmcd.co", true },
{ "gmdu.net", true },
+ { "gme.one", true },
{ "gmind.ovh", true },
{ "gmod.de", true },
{ "gmpark.dk", true },
@@ -15408,6 +15812,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "goanalyse.co.uk", true },
{ "goand.run", true },
{ "goarmy.eu", true },
+ { "goatbot.xyz", true },
{ "goatcloud.com", true },
{ "gobarrelroll.com", true },
{ "gobouncy.co.uk", true },
@@ -15422,12 +15827,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "godesigner.ru", true },
{ "godofnea.com", true },
{ "godrive.ga", true },
- { "godruoyi.com", true },
{ "godsofhell.com", true },
{ "godsofhell.de", true },
{ "goededoelkerstkaarten.nl", true },
+ { "goedkoopstecartridges.nl", true },
+ { "goedkopecartridgeskopen.nl", true },
{ "goedkopelaptopshardenberg.nl", true },
{ "goedkopeonesies.nl", true },
+ { "goedkopetonerkopen.nl", true },
{ "goedverzekerd.net", true },
{ "goemail.me", true },
{ "goerlitz-zgorzelec.org", true },
@@ -15472,7 +15879,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "goldmark.com.au", true },
{ "goldpreisfinder.at", true },
{ "goldsecurity.com", true },
+ { "goldsilver.org.ua", true },
{ "goldstein.tel", true },
+ { "goldytechspecialists.com", true },
{ "golf18network.com", true },
{ "golf18staging.com", true },
{ "golfhausmallorca.com", true },
@@ -15481,6 +15890,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "golfscape.com", true },
{ "golighthouse.com", true },
{ "golik.net.pl", false },
+ { "golser-schuh.at", true },
{ "golser.info", true },
{ "gomasy.jp", true },
{ "gomelchat.com", true },
@@ -15495,10 +15905,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gooby.co", false },
{ "good-tips.pro", true },
{ "gooday.life", true },
- { "gooddomainna.me", true },
- { "goodenough.nz", false },
+ { "goodenough.nz", true },
{ "goodhealthtv.com", true },
{ "goodquote.gq", true },
+ { "goodryb.top", true },
{ "goodshepherdmv.com", true },
{ "goodth.ink", true },
{ "google", true },
@@ -15509,6 +15919,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "googlesource.com", true },
{ "goombi.fr", true },
{ "goonersworld.co.uk", true },
+ { "goontopia.com", true },
{ "goooo.info", true },
{ "gootlijsten.nl", true },
{ "goover.de", true },
@@ -15518,8 +15929,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "goproallaccess.com", true },
{ "goproinspectiongroup.com", true },
{ "goquiq.com", true },
+ { "gordeijnsbouw.nl", true },
{ "gordonscouts.com.au", true },
{ "gorealya.com", true },
+ { "gorf.chat", true },
+ { "gorf.club", true },
{ "gorgias.me", true },
{ "gorky.media", true },
{ "gorn.ch", true },
@@ -15535,6 +15949,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gostaffer.com", true },
{ "gostest.org", false },
{ "gosu.pro", true },
+ { "gosuland.org", true },
+ { "got-tty.de", true },
{ "goteborgsklassikern.se", true },
{ "gotech.com.eg", false },
{ "gothamlimo.com", true },
@@ -15556,12 +15972,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "goup.com.tr", true },
{ "gouptime.ml", true },
{ "gourmetfestival.de", true },
+ { "gourmetspalencia.com", true },
{ "gov.tc", true },
{ "governmentjobs.gov", true },
{ "governorhub.com", true },
{ "govisitcostarica.co.cr", true },
{ "govisitcostarica.com", true },
- { "govtjobs.blog", true },
{ "govtrack.us", true },
{ "govype.com", true },
{ "gowe.wang", false },
@@ -15569,13 +15985,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gowithflo.de", true },
{ "gozenhost.com", true },
{ "gpcsolutions.fr", true },
- { "gpdimaranathasiantar.org", true },
+ { "gpdimaranathasiantar.org", false },
{ "gpfclan.de", true },
{ "gpgscoins.com", true },
{ "gplans.us", true },
{ "gpm.ltd", true },
{ "gprs.uk.com", true },
- { "gpsarena.ro", true },
{ "gpscamera.nl", true },
{ "gpsfix.cz", true },
{ "gpsolarpanels.com", true },
@@ -15606,9 +16021,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "grafcaps.com", true },
{ "graffen.dk", true },
{ "grafmag.pl", true },
+ { "grafmurr.de", true },
{ "grafoteka.pl", true },
{ "graft.community", true },
{ "graft.observer", true },
+ { "grahambaker.ca", true },
{ "grahamcarruthers.co.za", true },
{ "grahamcluley.com", true },
{ "grailians.com", true },
@@ -15652,7 +16069,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "graphene.software", true },
{ "graphic-schools.com", true },
{ "graphic-shot.com", true },
- { "graphire.io", true },
{ "grapholio.net", true },
{ "grasmark.com", true },
{ "grassenberg.de", true },
@@ -15668,7 +16084,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "graumeier.de", true },
{ "gravilink.com", true },
{ "gravitascreative.net", true },
- { "gravitation.pro", false },
{ "gravitechthai.com", true },
{ "gravity-inc.net", true },
{ "gravityformspdfextended.com", true },
@@ -15687,6 +16102,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "greatestwebsiteonearth.com", true },
{ "greatfire.org", true },
{ "greathairtransplants.com", true },
+ { "greathosts.biz", true },
{ "greatislandarts.ca", true },
{ "greatlakeside.de", true },
{ "greatlifeinsurancegroup.com", true },
@@ -15694,16 +16110,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "greboid.co.uk", true },
{ "greboid.com", true },
{ "greditsoft.com", true },
- { "greedbutt.com", true },
{ "greek.dating", true },
{ "greeklish.gr", true },
{ "green-attitude.be", true },
{ "green-care.nl", true },
- { "green-light.cf", true },
{ "green-light.co.nz", true },
- { "green-light.ga", true },
- { "green-light.gq", true },
- { "green-light.ml", true },
{ "greenaddress.it", true },
{ "greenapproach.ca", true },
{ "greenbaysecuritysolutions.com", true },
@@ -15736,7 +16147,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "greger.me", true },
{ "gregmarziomedia-dev.com", true },
{ "gregmarziomedia.com", true },
- { "gregmilton.com", true },
{ "gregmote.com", true },
{ "grego.pt", true },
{ "gregoirow.be", true },
@@ -15760,14 +16170,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "grexx.de", true },
{ "grexx.nl", true },
{ "grey.house", true },
- { "greybeards.ca", true },
+ { "greyhash.se", true },
{ "greymattertechs.com", true },
{ "greysky.me", true },
{ "greyskymedia.com", true },
{ "greysolutions.it", true },
{ "greywizard.com", true },
+ { "greywolf.cz", true },
{ "grh.am", true },
{ "griassdi-reseller.de", true },
+ { "gricargo.com", true },
{ "griechische-pfoetchen.de", true },
{ "griecopelino.com", true },
{ "grieg-gaarden.no", true },
@@ -15796,6 +16208,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "groenaquasolutions.nl", true },
{ "groenewoud.me", true },
{ "groentebesteld.nl", true },
+ { "groenteclub.nl", true },
{ "groepjam-usedcars.be", true },
{ "grog.pw", true },
{ "grokker.com", true },
@@ -15815,7 +16228,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "groth.xyz", true },
{ "grothoff.org", true },
{ "grottenthaler.eu", true },
- { "grouchysysadmin.com", true },
{ "groundlevelup.com", true },
{ "group4layers.net", true },
{ "groupe-neurologique-nord.lu", true },
@@ -15824,6 +16236,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "grouphomes.com.au", false },
{ "groupme.com", true },
{ "groups.google.com", true },
+ { "grove-archiv.de", true },
{ "growingallthings.co.uk", true },
{ "growit.events", true },
{ "growy.ch", true },
@@ -15833,6 +16246,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gruble.de", true },
{ "gruebebraeu.ch", true },
{ "gruenderlehrstuhl.de", true },
+ { "gruenderwoche-dresden.de", true },
{ "gruene-im-rvr.de", true },
{ "gruene-wattenscheid.de", true },
{ "gruenes-wp.de", true },
@@ -15849,6 +16263,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gruselgrotte.com", true },
{ "grusenmeyer.be", true },
{ "grusig-geil.ch", true },
+ { "gruver.de", true },
{ "gruwa.net", true },
{ "gs93.de", true },
{ "gsaj114.net", true },
@@ -15866,22 +16281,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gt-network.de", true },
{ "gta-arabs.com", true },
{ "gtaforum.nl", true },
- { "gtalife.net", true },
{ "gtchipsi.org", true },
{ "gtcprojects.com", true },
- { "gtdgo.com", true },
{ "gtlaun.ch", true },
{ "gtlfsonlinepay.com", true },
{ "gtmasterclub.it", false },
{ "gtmetrix.com", true },
+ { "gtoepfer.de", true },
{ "gtopala.com", true },
{ "gtopala.net", true },
{ "gtour.info", false },
{ "gtravers-basketmaker.co.uk", true },
{ "gts-dp.de", true },
- { "gtts.space", true },
{ "gtxbbs.com", true },
+ { "gtxmail.de", true },
{ "guajars.cl", true },
+ { "guannan.net.cn", true },
{ "guanyembadalona.org", true },
{ "guanzhong.ca", true },
{ "guardian360.nl", true },
@@ -15891,6 +16306,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gubagoo.com", true },
{ "gubagoo.io", true },
{ "gudini.net", true },
+ { "gudrunfit.dk", true },
{ "guegan.de", true },
{ "guelo.ch", true },
{ "guenthereder.at", true },
@@ -15901,17 +16317,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "guevener.de", true },
{ "gueze-ardeche.fr", true },
{ "gueze-sas.fr", true },
- { "gufen.ga", true },
{ "guffr.it", true },
{ "guge.ch", true },
{ "gugert.net", true },
{ "guhei.net", true },
{ "guhenry3.tk", true },
{ "guiacidade.com.br", true },
+ { "guiaswow.com", true },
{ "guichet-entreprises.fr", true },
{ "guichet-qualifications.fr", true },
{ "guid2steamid.com", true },
{ "guid2steamid.pw", true },
+ { "guida.org", true },
{ "guide-peche-cantal.com", true },
{ "guidebook.co.tz", true },
{ "guidedselling.net", true },
@@ -15933,12 +16350,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gulchuk.com", true },
{ "gulenbase.no", true },
{ "gulfstream.ru", true },
- { "gulshankumar.net", true },
{ "gumballs.com", true },
{ "gume4you.com", true },
{ "gumi.ca", true },
{ "gunauc.net", true },
{ "gunceloyunhileleri.com", true },
+ { "gunn.ee", true },
{ "gunsofshadowvalley.com", true },
{ "gunwatch.co.uk", true },
{ "gunworld.com.au", true },
@@ -15948,18 +16365,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "guoliang.me", true },
{ "guozeyu.com", true },
{ "gupfen.ch", true },
+ { "guphi.net", false },
{ "gurkan.in", true },
{ "gurmel.ru", true },
{ "gurpusmaximus.com", true },
{ "guru-naradi.cz", true },
{ "gurucomi.com", true },
{ "gurueffect.com", true },
- { "gurugardener.co.nz", true },
+ { "gururi.com", true },
{ "gus.host", true },
{ "gustaff.de", true },
{ "gustiaux.com", true },
{ "gustom.io", true },
{ "gut8er.com.de", true },
+ { "gutools.co.uk", true },
+ { "guts.me", true },
+ { "guts.moe", true },
{ "gutschein-spezialist.de", true },
{ "gutscheingeiz.de", true },
{ "gutuia.blue", true },
@@ -15969,6 +16390,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gv-neumann.de", true },
{ "gv-salto.nl", true },
{ "gvatas.in", true },
+ { "gvc-it.tk", true },
{ "gveh.de", true },
{ "gvi-timing.ch", true },
{ "gviedu.com", true },
@@ -15980,7 +16402,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gw2efficiency.com", true },
{ "gw2treasures.com", true },
{ "gw2zone.net", true },
- { "gwa-verwaltung.de", true },
{ "gwerder.net", true },
{ "gwhois.org", true },
{ "gwrtech.com", true },
@@ -15989,6 +16410,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gyara.moe", true },
{ "gyas.nl", true },
{ "gymagine.ch", true },
+ { "gymbunny.de", true },
{ "gymhero.me", true },
{ "gymjp.com", true },
{ "gymkirchenfeld.ch", true },
@@ -16050,6 +16472,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hack.club", true },
{ "hackademix.net", true },
{ "hackanders.com", true },
+ { "hackattack.com", true },
{ "hackbarth.guru", true },
{ "hackbeil.name", true },
{ "hackcraft.net", true },
@@ -16063,9 +16486,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hacker.parts", true },
{ "hacker1.com", true },
{ "hacker101.com", true },
+ { "hackerchai.com", true },
+ { "hackerco.com", true },
{ "hackereyes.com", true },
{ "hackergateway.com", true },
- { "hackerlite.xyz", true },
{ "hackernet.se", true },
{ "hackerone-ext-content.com", true },
{ "hackerone-user-content.com", true },
@@ -16073,7 +16497,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hackerone.com", true },
{ "hackerone.net", true },
{ "hackerone.org", true },
- { "hackerpoints.com", true },
{ "hackerschat.net", true },
{ "hackerstxt.org", true },
{ "hackettrecipes.com", true },
@@ -16092,8 +16515,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hadaly.fr", true },
{ "hadleighswimmingclub.co.uk", true },
{ "hadouk.in", true },
- { "hadret.com", true },
- { "hadret.sh", true },
{ "hadrons.org", true },
{ "haefligermedia.ch", true },
{ "haemka.de", true },
@@ -16104,12 +16525,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hafniatimes.com", true },
{ "haggeluring.su", true },
{ "hagiati.gr", true },
+ { "hagier.pl", true },
{ "hagueaustralia.com.au", true },
{ "haha-raku.com", true },
{ "hahay.es", true },
{ "haiboxu.com", true },
{ "haidihai.ro", true },
{ "hailer.com", true },
+ { "hailstorm.nl", true },
{ "haim.bio", true },
{ "haimablog.ooo", true },
{ "hairbeautyartists.it", true },
@@ -16138,18 +16561,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "halitopuroprodutos.com.br", true },
{ "halkirkbouncycastles.co.uk", true },
{ "halkyon.net", true },
+ { "halledesprix.fr", true },
{ "hallelujahsoftware.com", true },
- { "halletienne.fr", true },
{ "hallettxn.com", true },
{ "hallhuber.com", true },
{ "halliday.work", true },
{ "halligladen.de", true },
{ "hallmarkestates.ca", true },
- { "halloweenthings.website", true },
{ "hallucinogen.com", true },
{ "hallucinogens.org", true },
{ "hallumlaw.com", true },
{ "halo.fr", true },
+ { "halocredit.pl", true },
{ "halongbaybackpackertour.com", true },
{ "haloobaloo.com", true },
{ "haloria.com", true },
@@ -16161,7 +16584,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hamcram.io", true },
{ "hamiltonlinen.com", true },
{ "hamiltonmedical.nl", true },
- { "hammer-corp.com", true },
{ "hammer-schnaps.com", true },
{ "hammer-sms.com", true },
{ "hampl.tv", true },
@@ -16180,14 +16602,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "handmade-workshop.de", true },
{ "handmadehechoamano.com", true },
{ "handy-center.net", true },
- { "handyglas.com", true },
{ "handymanlondonplease.co.uk", true },
- { "handynummer.online", true },
{ "handysex.live", true },
{ "handyticket.de", true },
{ "hanfox.co.uk", false },
{ "hanfverband-erfurt.de", true },
- { "hang333.moe", true },
{ "hangar.hosting", true },
{ "hangcapnach.com", true },
{ "hangouts.google.com", true },
@@ -16196,6 +16615,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hanksacservice.com", true },
{ "hannah.link", true },
{ "hannahi.com", true },
+ { "hannasecret.de", true },
{ "hannoluteijn.nl", true },
{ "hannover.de", true },
{ "hanoibuffet.com", true },
@@ -16222,13 +16642,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "haozhang.org", true },
{ "haozhexie.com", true },
{ "haozi.me", true },
+ { "haozijing.com", true },
{ "hapheemraadssingel.nl", true },
+ { "hapijs.cn", true },
{ "happndin.com", true },
{ "happy-baby.info", true },
{ "happy-end-shukatsu.com", true },
{ "happyagain.de", true },
{ "happyagain.se", true },
{ "happyandrelaxeddogs.eu", true },
+ { "happybeerdaytome.com", true },
{ "happybirthdaywisher.com", true },
{ "happybounce.co.uk", true },
{ "happycarb.de", true },
@@ -16280,6 +16703,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "harringtonca.com", true },
{ "harrisonswebsites.com", true },
{ "harrisonvillenaz.org", true },
+ { "harry-baker.com", true },
{ "harrymclaren.co.uk", true },
{ "harryphoto.fr", true },
{ "harrysgardengamehire.co.uk", true },
@@ -16318,6 +16742,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hashnode.com", true },
{ "hashru.nl", true },
{ "hashworks.net", true },
+ { "hashxp.org", true },
{ "hasilocke.de", true },
{ "haskovec.com", true },
{ "hasselbach-dellwig.de", true },
@@ -16325,7 +16750,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hatpakha.com", true },
{ "hatul.info", true },
{ "haucke.xyz", true },
- { "hauntedfishtank.com", false },
{ "hauntedhouserecords.co.uk", true },
{ "haus-garten-test.de", true },
{ "haus-henne.de", true },
@@ -16343,7 +16767,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "havasuhomepage.com", true },
{ "havasuinsurance.com", true },
{ "havasutacohacienda.com", true },
+ { "have.jp", true },
{ "haveabounce.co.uk", true },
+ { "haveacry.com", true },
{ "haveforeningen-enghaven.dk", true },
{ "havefunbiking.com", true },
{ "haveibeenpwned.com", true },
@@ -16358,9 +16784,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hawaya.com", true },
{ "hawkeyeinsight.com", true },
{ "hawkinsonkiaparts.com", true },
+ { "hawkofgeorgia.com", true },
{ "hawkon.dk", true },
{ "hawksguild.com", true },
{ "hawksracing.de", true },
+ { "hax.to", true },
{ "haxdroid.com", true },
{ "haxo.nl", false },
{ "hayai.space", true },
@@ -16370,12 +16798,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "haydentomas.com", true },
{ "hayfordoleary.com", true },
{ "haynes-davis.com", true },
- { "hayvid.com", false },
- { "hayzepvp.us", true },
+ { "hayvid.com", true },
{ "haz.cat", true },
{ "haze.productions", true },
+ { "hazeltime.se", true },
{ "hazeover.com", true },
- { "hazloconlapix.com", true },
{ "hazukilab.com", true },
{ "hb8522.com", true },
{ "hbcu-colleges.com", true },
@@ -16384,6 +16811,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hbpowell.com", true },
{ "hcaz.io", true },
{ "hcbj.io", true },
+ { "hcie.pl", false },
+ { "hcscrusaders.com", true },
{ "hd-gaming.com", true },
{ "hd-offensive.at", false },
{ "hd-only.org", true },
@@ -16391,6 +16820,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hdc.cz", true },
{ "hdcamvids.com", true },
{ "hdcenter.cc", true },
+ { "hddrecovery.net.au", true },
{ "hdeaves.uk", true },
{ "hdf.world", true },
{ "hdfgroup.org", true },
@@ -16398,13 +16828,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hdhoang.space", true },
{ "hdkandsons.com", true },
{ "hdnastudio.com", true },
- { "hdritalyphotos.com", true },
{ "hdrsource.com", true },
{ "hdrtranscon.com", true },
{ "hds-lan.de", true },
{ "hdv.paris", true },
{ "heaaart.com", true },
- { "head.org", true },
{ "head.ru", true },
{ "headjapan.com", true },
{ "headlinepublishing.be", true },
@@ -16441,13 +16869,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "healthyteame.com", true },
{ "heap.zone", true },
{ "heapkeeper.org", true },
+ { "hearinghelpexpress.com", true },
{ "hearmeraw.uk", true },
- { "heart.taxi", false },
{ "heartbeat24.de", true },
{ "heartgames.pl", true },
{ "heartlandbiomed.com", true },
{ "heartmdinstitute.com", true },
{ "heartsintrueharmony.com", true },
+ { "heartsucker.com", false },
{ "hearttruth.gov", true },
{ "heartview.com.br", true },
{ "heartwoodart.com", true },
@@ -16461,6 +16890,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hearty.taipei", true },
{ "hearty.tw", true },
{ "hearty.us", true },
+ { "heartyapp.tw", true },
{ "heartycraft.com", true },
{ "heatershop.co.uk", true },
{ "heatingandairconditioningdallastx.com", true },
@@ -16468,6 +16898,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "heavensattic.co.uk", true },
{ "heavensinferno.net", true },
{ "heavyequipments.org", true },
+ { "heayao.com", true },
+ { "hebamme-cranio.ch", true },
{ "hebergeurssd.com", true },
{ "hebikhiv.nl", true },
{ "hebingying.cn", true },
@@ -16522,12 +16954,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hejahanif.se", true },
{ "hejianpeng.cn", true },
{ "heka.ai", true },
+ { "helber-it-services.de", true },
{ "helden-spielen.de", true },
{ "heldenhalde.de", true },
{ "heldundsexgott.de", true },
{ "heleendebruyne.be", true },
{ "helenaknowledge.com", true },
- { "helencrump.co.uk", true },
{ "helenekurtz.com", true },
{ "helenelefauconnier.com", true },
{ "helenkellersimulator.org", true },
@@ -16540,10 +16972,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "heliosvoting.org", true },
{ "helix.am", true },
{ "hellenicagora.co.uk", true },
+ { "hellerarko.de", true },
{ "hellersgas.com", true },
+ { "hellerup.net", true },
{ "helles-koepfchen.de", true },
{ "helloacm.com", true },
{ "hellobrian.me", true },
+ { "hellomouse.net", true },
{ "helloworldhost.com", false },
{ "hellsgamers.pw", true },
{ "hellsh.com", true },
@@ -16559,6 +16994,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hematoonkologia.pl", true },
{ "hemdal.se", true },
{ "hemnet.se", true },
+ { "hemtest.com", true },
{ "hen.ne.ke", true },
{ "henchman.io", true },
{ "hendersonvalleyautomotive.co.nz", true },
@@ -16577,6 +17013,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hennadesigns.org", true },
{ "hennecke-forstbetrieb.de", true },
{ "henneke.me", true },
+ { "hennies.org", true },
{ "henningkerstan.de", true },
{ "hennymerkel.com", true },
{ "henok.eu", true },
@@ -16595,7 +17032,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "heptafrogs.de", true },
{ "her25.com", false },
{ "heracles-hotel.eu", true },
- { "herbal-id.com", true },
{ "herberichfamily.com", true },
{ "herbert.io", true },
{ "herbhuang.com", true },
@@ -16610,7 +17046,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "heritagebaptistchurch.com.ph", true },
{ "herkam.pl", true },
{ "hermanbrouwer.nl", true },
- { "hermann.in", true },
{ "hermes-net.de", true },
{ "hermes.cat", true },
{ "herminghaus24.de", true },
@@ -16623,6 +17058,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "heroiclove.com", true },
{ "heroicpixel.com", true },
{ "heroku.com", true },
+ { "heromuster.com", true },
{ "herpes-no.com", true },
{ "herranzramia.com", false },
{ "herrderzeit.de", true },
@@ -16640,6 +17076,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "herzogglass.com", true },
{ "hesaplama.net", true },
{ "hessen-liebe.de", true },
+ { "hesslag.com", true },
{ "hestervanderheijden.nl", true },
{ "hestia-systeme.be", true },
{ "hestia-systeme.com", true },
@@ -16647,14 +17084,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hestia-systeme.fr", true },
{ "hesyifei.com", true },
{ "hetene.nl", true },
- { "hethely.ch", true },
{ "hetluisterbos.be", true },
- { "hetzflix.stream", true },
{ "heute-kaufen.de", true },
{ "heute.training", true },
- { "heverhagen.rocks", true },
{ "hevertonfreitas.com.br", true },
- { "hex.bz", true },
{ "hex.nl", true },
{ "hexagon-e.com", true },
{ "hexapt.com", true },
@@ -16664,7 +17097,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hexiaohu.cn", true },
{ "hexicurity.com", true },
{ "hexid.me", true },
- { "hexieshe.com", true },
{ "hexo.io", false },
{ "hexony.com", true },
{ "hexr.org", true },
@@ -16679,6 +17111,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hg.gg", true },
{ "hg.python.org", true },
{ "hgbet.com", true },
+ { "hgvnet.de", true },
{ "hgw168.com", true },
{ "hh-medic.com", true },
{ "hh-wolke.dedyn.io", true },
@@ -16716,12 +17149,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "highlnk.com", true },
{ "highspeed-arnsberg.de", true },
{ "highspeedinternet.my", true },
- { "highspeedinternetservices.ca", true },
{ "hightechbasementsystems.com", true },
{ "highwaytohoell.de", true },
{ "higilopocht.li", true },
{ "hijackpost.com", true },
- { "hijoan.com", true },
{ "hikarukujo.com", true },
{ "hike.pics", true },
{ "hikerone.com", true },
@@ -16747,6 +17178,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "himens.com", true },
{ "hin10.com", true },
{ "hinata-hidetoshi.com", true },
+ { "hindi-movie.org", true },
+ { "hindimoviedownload.net", true },
+ { "hindimovieonline.net", true },
{ "hintergrundbewegung.de", true },
{ "hinterhofbu.de", true },
{ "hinterposemuckel.de", true },
@@ -16773,7 +17207,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hiring-process.com", true },
{ "hiromuogawa.com", true },
{ "hirotaka.org", true },
- { "hirte-digital.de", true },
{ "hirtzfr.eu", true },
{ "hirzaconsult.ro", true },
{ "hisbrucker.net", true },
@@ -16787,6 +17220,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "history.google.com", false },
{ "hitandhealth.nl", true },
{ "hiteco.com", true },
+ { "hiteshbrahmbhatt.com", true },
{ "hititgunesi-tr.com", true },
{ "hitmanstat.us", true },
{ "hitn.at", true },
@@ -16795,6 +17229,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hitokoto-mania.com", true },
{ "hitokoto.cn", true },
{ "hitomecha.com", true },
+ { "hitrek.ml", true },
{ "hitter-lauzon.com", true },
{ "hitter.family", true },
{ "hitterfamily.com", true },
@@ -16811,6 +17246,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hj-mosaiques.be", true },
{ "hj.rs", true },
{ "hj3455.com", true },
+ { "hj99vip.com", true },
{ "hjartasmarta.se", true },
{ "hjkbm.cn", true },
{ "hjort.land", true },
@@ -16818,10 +17254,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hjphoto.co.uk", true },
{ "hjtky.cn", true },
{ "hjw-kunstwerk.de", true },
+ { "hjyl9898.com", true },
{ "hk.search.yahoo.com", false },
{ "hkbsurgery.com", true },
{ "hkdobrev.com", true },
{ "hkr.at", true },
+ { "hks-projekt.at", true },
{ "hks.pw", true },
{ "hktkl.com", true },
{ "hkustmbajp.com", true },
@@ -16835,9 +17273,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hlidacnajemneho.cz", true },
{ "hlin.cloud", true },
{ "hlinformatics.nl", true },
+ { "hloe0xff.ru", true },
{ "hlsmandarincentre.com", true },
{ "hlucas.de", true },
{ "hm773.net", true },
+ { "hm773.org", true },
{ "hmcdj.cn", true },
{ "hmhotelec.com", false },
{ "hmoegirl.com", true },
@@ -16872,13 +17312,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hoeren.club", true },
{ "hoesnelwasik.nl", true },
{ "hoeveiligismijn.nl", true },
- { "hoevenstein.nl", true },
+ { "hoevenstein.nl", false },
{ "hoewler.ch", true },
{ "hoezzi.nl", true },
{ "hof-mulin.ch", true },
{ "hofapp.de", true },
{ "hofauer.de", true },
{ "hoflerlawfirm.com", true },
+ { "hogarthdavieslloyd.com", true },
+ { "hogepad.com", true },
{ "hogl.dk", true },
{ "hogrebe.de", true },
{ "hogwarts.io", true },
@@ -16889,11 +17331,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hoish.in", true },
{ "hoken-wakaru.jp", true },
{ "hokieprivacy.org", true },
- { "hokify.at", true },
- { "hokify.ch", true },
- { "hokify.de", true },
{ "hokioisecurity.com", true },
{ "holad.de", true },
+ { "holadinero.es", true },
+ { "holadinero.mx", true },
{ "holboxwhalesharktours.com", true },
{ "holebedeljek.hu", true },
{ "holidaysportugal.eu", true },
@@ -16912,8 +17353,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "holo.ovh", true },
{ "holodeck.us", true },
{ "holofono.com", true },
+ { "holofox.ru", true },
{ "holoxplor.space", true },
- { "holstphoto.com", true },
{ "holvonix.com", true },
{ "holycrossphl.org", true },
{ "holycrossverobeach.org", true },
@@ -16937,8 +17378,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "holzundgarten.de", true },
{ "holzvergaser-forum.de", true },
{ "homatism.com", true },
+ { "hombresconestilo.com", true },
{ "home-handymen.co.uk", true },
- { "home-insurance-quotes.tk", true },
{ "homeautomated.com", true },
{ "homebasedsalons.com.au", true },
{ "homebodyalberta.com", true },
@@ -16963,6 +17404,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "homes-in-stockton.com", true },
{ "homeseller.com", true },
{ "homeserver-kp.de", true },
+ { "homestay.id", true },
{ "homesteadandprepper.com", true },
{ "homesteadfarm.org", true },
{ "homewatt.co.uk", true },
@@ -16990,6 +17432,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hoodtrader.com", true },
{ "hoofddorp-centraal.nl", true },
{ "hookany.com", true },
+ { "hookbin.com", true },
{ "hoooc.com", true },
{ "hooowl.com", true },
{ "hoop.la", true },
@@ -16997,20 +17440,25 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hooplessinseattle.com", true },
{ "hooray.beer", true },
{ "hoorr.com", true },
+ { "hoosa.de", true },
{ "hootworld.net", false },
{ "hoovism.com", true },
{ "hoowhen.cn", true },
{ "hopconseils.ch", true },
{ "hopconseils.com", true },
{ "hope-line-earth.jp", true },
+ { "hopemeet.info", true },
+ { "hopemeet.me", true },
{ "hopesanddreams.org.uk", true },
{ "hopla.sg", true },
{ "hoplongtech.com", true },
{ "hoponmedia.de", true },
{ "hopps.me", true },
{ "hoppyx.com", true },
+ { "hopzone.net", true },
{ "hor.website", true },
{ "horaceli.com", true },
+ { "horackova.info", true },
{ "horairetrain.fr", true },
{ "hord.ca", true },
{ "horecaapparatuurkobezuijen.nl", true },
@@ -17062,11 +17510,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hostix.de", true },
{ "hostma.ma", true },
{ "hostmark.pl", true },
- { "hostme.co.il", false },
+ { "hostme.co.il", true },
{ "hostmijnpagina.nl", true },
{ "hostmodern.com.au", true },
{ "hosts.cf", true },
- { "hostserv.org", true },
{ "hostworkz.com", true },
{ "hotcandlestick.com", true },
{ "hotchillibox.com", true },
@@ -17080,7 +17527,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hotel-rosner.at", true },
{ "hotelamgarnmarkt.at", false },
{ "hotelarevalo.com", true },
+ { "hotelbretagne.dk", true },
{ "hotelcoliber.pl", true },
+ { "hoteles4you.com", true },
{ "hotelflow.com.br", true },
{ "hotelident.de", true },
{ "hotello.io", true },
@@ -17117,7 +17566,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "houseofyee.com", true },
{ "houser.lu", true },
{ "housese.at", true },
- { "housetalk.ru", true },
{ "houstonapartmentinsiders.com", true },
{ "houstonauthorizedrepair.com", true },
{ "houstoncreditlaw.com", true },
@@ -17136,7 +17584,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "howmanymilesfrom.com", true },
{ "howsecureismypassword.net", true },
{ "howsmyssl.com", true },
- { "howsmytls.com", true },
{ "howsyourhealth.org", true },
{ "howtocommunicate.com.au", true },
{ "howtogeek.com", true },
@@ -17151,15 +17598,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hpac-portal.com", true },
{ "hpage.com", true },
{ "hpbn.co", true },
- { "hpepub.com", true },
{ "hpisavageforum.com", true },
{ "hpkp-faq.de", true },
- { "hpnow.com.br", true },
+ { "hps.digital", true },
{ "hps.hu", true },
+ { "hpsdigital.hu", true },
+ { "hqhh.org", true },
{ "hquest.pro.br", true },
{ "hqwebhosting.tk", false },
+ { "hqy.moe", true },
{ "hr-tech.shop", true },
- { "hr98.xyz", true },
{ "hrabogados.com", true },
{ "hraesvelg.net", true },
{ "hranicka.cz", true },
@@ -17168,8 +17616,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hrdns.de", false },
{ "href.one", true },
{ "hreflang.info", true },
- { "hrjfeedstock.com", true },
{ "hrjfeedstock.org", true },
+ { "hrltech.com.br", true },
+ { "hrobert.hu", true },
{ "hroling.nl", true },
{ "hroschyk.cz", true },
{ "hrsa.gov", true },
@@ -17182,12 +17631,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hs-umformtechnik.de", true },
{ "hsappstatic.net", true },
{ "hscorp.de", true },
- { "hsex.tv", true },
{ "hsivonen.com", true },
{ "hsivonen.fi", true },
{ "hsivonen.iki.fi", true },
{ "hsmr.cc", true },
- { "hsn.com", true },
{ "hsr.gov", false },
{ "hsts.eu", true },
{ "hsts.me", true },
@@ -17210,7 +17657,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "htmlyse.com", true },
{ "htmue.net", true },
{ "htmue.org", true },
- { "htp2.top", true },
{ "htsure.ma", true },
{ "http2.eu", true },
{ "http2.pro", true },
@@ -17238,9 +17684,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "huagati.com", true },
{ "huahinpropertylisting.com", true },
{ "huang-haitao.com", true },
+ { "huangjia71.com", true },
+ { "huangjia72.com", true },
+ { "huangjia73.com", true },
+ { "huangjia74.com", true },
+ { "huangjia75.com", true },
+ { "huangjia76.com", true },
+ { "huangjia77.com", true },
+ { "huangjia78.com", true },
+ { "huangjia79.com", true },
+ { "huangjia99.com", true },
{ "huangjiaint.com", true },
{ "huangjingjing.com", true },
- { "huangliangbo.com", true },
{ "huangzenghao.cn", false },
{ "huaqian.art", true },
{ "huashan.co.uk", true },
@@ -17272,6 +17727,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "huguesditciles.com", true },
{ "huh.gdn", true },
{ "huh.today", true },
+ { "huihui.moe", true },
{ "huininga.com", true },
{ "huininga.nl", true },
{ "huininga.org", true },
@@ -17327,7 +17783,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "humexe.com", true },
{ "hummy.tv", true },
{ "humorcaliente.com", true },
- { "humorce.com", false },
{ "humpchies.com", true },
{ "humpen.se", true },
{ "humppakone.com", true },
@@ -17339,8 +17794,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hunger.im", true },
{ "huniverse.co", true },
{ "hunstoncanoeclub.co.uk", true },
+ { "hunter-read.com", true },
{ "hunter.io", true },
- { "hunterjohnson.io", true },
{ "hunterkehoe.com", true },
{ "huntexpired.com", true },
{ "huntingdonbouncers.co.uk", true },
@@ -17353,7 +17808,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hupp.se", true },
{ "hurd.is", true },
{ "huren.nl", true },
- { "hurleyhomestead.com", true },
{ "huroji.com", true },
{ "hurtigtinternet.dk", true },
{ "husakbau.at", true },
@@ -17382,7 +17836,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hvtuananh.com", true },
{ "hwaddress.com", true },
{ "hwag-pb.de", true },
- { "hwinfo.com", true },
{ "hwlibre.com", true },
{ "hx53.de", true },
{ "hxp.io", true },
@@ -17411,9 +17864,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hynek.me", true },
{ "hyparia.fr", true },
{ "hype.ru", true },
+ { "hypeitems.pl", true },
{ "hypemgmt.com", true },
{ "hyper-text.org", true },
- { "hyperactive.am", true },
{ "hyperalgesia.com", true },
{ "hyperautomotive.com.au", true },
{ "hyperbolic-mayonnaise-interceptor.ovh", true },
@@ -17429,7 +17882,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hypotheekbond.nl", true },
{ "hypothes.is", true },
{ "hypothyroidmom.com", true },
- { "hysh.jp", true },
+ { "hyr.mn", true },
{ "hytzongxuan.com", true },
{ "hyundai.no", true },
{ "hyvanilmankampaamo.fi", true },
@@ -17452,11 +17905,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "i1314.gdn", true },
{ "i1place.com", true },
{ "i2b.ro", true },
+ { "i2gether.org.uk", true },
{ "i5y.co.uk", true },
{ "i5y.org", true },
{ "i66.me", true },
{ "i879.com", true },
- { "i95.me", false },
{ "ia.net", true },
{ "iaco.li", true },
{ "iacono.com.br", false },
@@ -17480,7 +17933,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iaminashittymood.today", true },
{ "iamjoshellis.com", true },
{ "iamlbk.com", true },
- { "iamlizu.com", true },
{ "iamlzh.com", true },
{ "iamtheib.me", true },
{ "iamtonyarthur.com", true },
@@ -17507,11 +17959,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ibauruapan.com.mx", true },
{ "ibcmed.org", true },
{ "ibe.de", true },
+ { "ibeep.com", true },
{ "iberiaversicherungen.com", true },
{ "ibericaderedes.es", true },
{ "ibexcore.com", true },
{ "ibigawamizueco.com", true },
{ "ibin.co", true },
+ { "ibiu.xyz", true },
{ "ibiz.mk", true },
{ "iblackfriday.ro", true },
{ "ibodyiq.com", true },
@@ -17519,13 +17973,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ibrom.eu", true },
{ "ibstyle.tk", true },
{ "ibuki.run", true },
+ { "ibutikk.no", true },
{ "ibwc.gov", true },
{ "ibykos.com", true },
{ "ic-lighting.com.au", true },
{ "ic-spares.com", true },
{ "ic3.gov", true },
{ "icafecash.com", true },
- { "icake.life", true },
{ "icanhasht.ml", true },
{ "icarlos.net", true },
{ "icasture.top", true },
@@ -17535,10 +17989,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iceberg.academy", true },
{ "icebook.co.uk", true },
{ "icecars.net", true },
- { "icedream.tech", true },
{ "icetiger.eu", true },
+ { "ich-hab-die-schnauze-voll-von-der-suche-nach-ner-kurzen-domain.de", true },
{ "ich-tanke.de", true },
- { "ichasco.com", true },
{ "ichbinein.org", true },
{ "ichbinkeinreh.de", true },
{ "ichmachdas.net", true },
@@ -17547,7 +18000,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "icloudlogin.com", true },
{ "icmhd.ch", true },
{ "icmp2018.org", true },
- { "icmshoptrend.com", true },
+ { "icnsoft.cf", true },
{ "icobench.com", true },
{ "icodeconnect.com", true },
{ "icoh.it", true },
@@ -17580,13 +18033,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "idarv.com", true },
{ "idaspis.com", true },
{ "idatha.de", true },
- { "idblab.tk", true },
{ "idc-business.be", true },
{ "idconsult.nl", true },
{ "idealimplant.com", true },
{ "idealinflatablehire.co.uk", true },
{ "idealninajemce.cz", false },
- { "idealsegurancaeletronica.com.br", true },
+ { "idealsegurancaeletronica.com.br", false },
{ "idealtruss.com", true },
{ "idealtruss.com.tw", true },
{ "idealwhite.space", true },
@@ -17612,6 +18064,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "idgard.de", false },
{ "idgateway.co.uk", true },
{ "idhosts.co.id", true },
+ { "idid.tk", true },
{ "idiotentruppe.de", true },
{ "idisposable.co.uk", true },
{ "idlethoughtsandramblings.com", true },
@@ -17621,11 +18074,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "idoc24.com", true },
{ "idodiandina.com", true },
{ "idolf.dk", true },
- { "idolish7.fun", true },
{ "idolknow.com", true },
{ "idolshop.dk", true },
{ "idolshop.me", true },
{ "idontplaydarts.com", true },
+ { "idoparadoxon.hu", true },
{ "idranktoomuch.coffee", true },
{ "idratherbequilting.com", true },
{ "idraulico-roma.it", true },
@@ -17633,6 +18086,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "idraulico.roma.it", true },
{ "idrinktoomuch.coffee", true },
{ "idrissi.eu", true },
+ { "idrottsnaprapaten.se", true },
{ "idrycleaningi.com", true },
{ "idtheft.gov", true },
{ "idubaj.cz", true },
@@ -17646,11 +18100,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ieeesb.nl", true },
{ "ieeesbe.nl", true },
{ "ieeespmb.org", true },
+ { "ieffalot.me", true },
{ "ieji.de", false },
- { "iemas.azurewebsites.net", true },
{ "iemb.tk", true },
{ "ienakanote.com", false },
{ "ies-italia.it", true },
+ { "iesonline.co.in", true },
{ "ieval.ro", true },
{ "iewar.com", true },
{ "ifangpei.cn", true },
@@ -17666,7 +18121,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ifightsurveillance.org", true },
{ "ifixe.ch", true },
{ "iflare.de", true },
- { "ifly.pw", true },
{ "ifort.fr", true },
{ "ifosep.fr", true },
{ "ifoss.me", true },
@@ -17711,10 +18165,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ihacklabs.com", true },
{ "ihakkitekin.com", true },
{ "ihatethissh.it", true },
- { "ihcr.top", true },
+ { "ihcprofile.com", true },
+ { "iheartmary.org", true },
{ "ihkk.net", true },
{ "ihls.stream", true },
- { "ihls.world", true },
+ { "ihmphila.org", true },
{ "ihoey.com", true },
{ "ihollaback.org", true },
{ "ihopeit.works", true },
@@ -17722,15 +18177,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ihotel.io", false },
{ "ihrhost.com", true },
{ "ihtdenisjaccard.com", true },
+ { "ihuan.me", true },
{ "ii74.com", true },
{ "iiit.pl", true },
{ "iimarckus.org", true },
- { "iiong.com", false },
+ { "iiong.com", true },
{ "iirii.com", true },
{ "iix.se", true },
{ "ijm.io", true },
{ "ijohan.nl", true },
{ "ijr.com", true },
+ { "ijsbaanwitten.nl", true },
{ "ijsblokjesvormen.nl", true },
{ "ijsclubtilburg.nl", true },
{ "ijsclubwanneperveen.nl", true },
@@ -17751,6 +18208,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ikk.me", true },
{ "ikkatsu-satei.jp", true },
{ "ikkbb.de", true },
+ { "ikke-coach.nl", true },
{ "ikkev.de", true },
{ "ikkoku.de", true },
{ "iklive.org", false },
@@ -17774,6 +18232,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ile-sapporo.jp", true },
{ "ileci.de", true },
{ "ilektronika-farmakeia-online.gr", true },
+ { "ilemonrain.com", true },
+ { "ilformichiere.com", true },
{ "ilhan.name", true },
{ "ilhansubasi.com", true },
{ "iliastsi.net", true },
@@ -17781,7 +18241,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iligang.com", true },
{ "iligang.link", true },
{ "iligang.xin", true },
+ { "ilkeakyildiz.com", true },
{ "illambias.ch", true },
+ { "illative.net", true },
{ "illegalpornography.com", true },
{ "illegalpornography.me", true },
{ "illerzell.de", true },
@@ -17838,7 +18300,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "imanesdeviaje.com", true },
{ "imanolbarba.net", true },
{ "imap2imap.de", true },
- { "imaple.org", true },
{ "imarkethost.co.uk", true },
{ "imask.ml", true },
{ "imawhale.com", true },
@@ -17852,7 +18313,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "imedikament.de", true },
{ "imeds.pl", true },
{ "imefuniversitario.org", true },
- { "imeid.de", true },
+ { "imeid.de", false },
{ "imex-dtp.com", true },
{ "imforza.com", true },
{ "img.mg", true },
@@ -17873,15 +18334,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "imjustcreative.com", true },
{ "imkerei-freilinger.de", false },
{ "imkerverein-moenchswald.de", true },
- { "imlinan.com", true },
+ { "immarypoppinsyall.tk", true },
{ "immaterium.de", true },
{ "immatix.xyz", true },
+ { "immersa.co.uk", true },
{ "immersion-pictures.com", true },
- { "immersivewebportal.com", true },
+ { "immersionwealth.com", true },
{ "immigrantdad.com", true },
{ "immigrationdirect.com.au", true },
{ "immo-agentur.com", true },
{ "immo-passion.net", true },
+ { "immo-vk.de", true },
{ "immobilien-badlippspringe.de", true },
{ "immobilien-in-istanbul.de", true },
{ "immobilien-zirm.de", true },
@@ -17901,10 +18364,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "impas.se", true },
{ "impelup.com", true },
{ "impendulo.org", true },
+ { "impera.at", true },
{ "imperdin.com", true },
{ "imperial-legrand.com", true },
{ "imperialmiami.com", true },
- { "imperiodigital.online", true },
{ "imperiumglass.com.au", true },
{ "imperiumnova.info", true },
{ "impex.com.bd", true },
@@ -17932,6 +18395,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "impyus.com", true },
{ "imququ.com", true },
{ "imreh.net", true },
+ { "imrejonk.nl", true },
{ "imrunner.com", true },
{ "imrunner.ru", true },
{ "ims-sargans.ch", true },
@@ -17955,11 +18419,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "inanyevent.london", true },
{ "inares.org", true },
{ "inbitcoin.it", true },
- { "inbounder.io", true },
+ { "inbounder.io", false },
{ "inbox-group.com", true },
{ "inbox.google.com", true },
{ "inbulgaria.info", true },
{ "incarna.co", true },
+ { "incco.ir", true },
{ "incert.cn", true },
{ "incertint.com", true },
{ "inchcape-fleet-autobid.co.uk", true },
@@ -17971,8 +18436,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "includesubdomains2.preloaded.test", true },
{ "incoherent.ch", true },
{ "incommon.io", true },
+ { "incompliance.de", true },
{ "inconcerts.de", true },
{ "incontrixsingle.net", true },
+ { "incore.nl", true },
{ "incowrimo.org", true },
{ "incparadise.net", true },
{ "incubos.org", true },
@@ -17986,6 +18453,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "index-mp3.com", true },
{ "indiaflowermall.com", true },
{ "indian-elephant.com", true },
+ { "indianaantlersupply.com", true },
{ "indianaberry.com", true },
{ "indianafoundationpros.com", true },
{ "indianapolislocksmithinc.com", true },
@@ -18001,9 +18469,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "indigosakura.com", true },
{ "indigotreeservice.com", true },
{ "inditip.com", true },
- { "indogerman.de", false },
+ { "indochina.io", true },
{ "indogermanstartup.com", true },
- { "indogermantrade.de", true },
{ "indoorcomfortteam.com", true },
{ "indoorplantsexpert.com", true },
{ "indovinabank.com.vn", true },
@@ -18013,6 +18480,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "indust.me", true },
{ "industriafranchini.com", true },
{ "industrialstarter.com", true },
+ { "industriasrenova.com", true },
{ "industriemeister.io", true },
{ "indybay.org", true },
{ "ineardisplay.com", true },
@@ -18020,11 +18488,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ineed.coffee", false },
{ "inertianetworks.com", true },
{ "inesfinc.es", true },
+ { "inessoftsec.be", true },
{ "inesta.nl", true },
{ "inet.se", true },
+ { "inethost.eu", true },
{ "inetserver.eu", true },
{ "inetsoftware.de", true },
- { "inevitavelbrasil.com.br", true },
{ "inf-fusion.ca", true },
{ "inference.biz.tr", true },
{ "infermiere.roma.it", true },
@@ -18037,7 +18506,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "infinitiofaugustaparts.com", true },
{ "infinitioflynnwoodparts.com", true },
{ "infinitomaisum.com", true },
- { "infinity.to", true },
{ "infinitybas.com", true },
{ "infinitybc.se", true },
{ "infinityengine.org", true },
@@ -18063,6 +18531,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "infocommsociety.com", true },
{ "infocon.org", true },
{ "infocusvr.net", true },
+ { "infoduv.fr", true },
{ "infogram.com", true },
{ "infogrfx.com", true },
{ "infomegastore.com", true },
@@ -18073,20 +18542,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "infopulsa.com", true },
{ "infopuntzorg.nl", true },
{ "infor-allaitement.be", true },
- { "informaciondeciclismo.com", true },
{ "informatiebeveiliging.nl", true },
{ "informatik-handwerk.de", true },
{ "informationrx.org", true },
+ { "informations-echafaudages.com", true },
{ "informhealth.com", true },
{ "informnapalm.org", true },
{ "infosec-handbook.eu", true },
{ "infosec.exchange", false },
{ "infosec.pizza", true },
{ "infosec.wiki", true },
+ { "infosectalks.com", true },
{ "infosenior.ch", true },
- { "infosimmo.com", true },
{ "infotainworld.com", true },
- { "infotolium.com", true },
+ { "infotolium.com", false },
{ "infotrac.net", true },
{ "infotune.nl", true },
{ "infovision-france.com", true },
@@ -18110,8 +18579,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "infranium.net", true },
{ "infranium.org", true },
{ "infranotes.com", true },
+ { "infranoto.com", true },
{ "infranox.com", true },
{ "infrapass.com", true },
+ { "infrapeer.com", true },
{ "infrapilot.com", true },
{ "infraping.com", true },
{ "infrapirtis.lt", true },
@@ -18143,7 +18614,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "inhaltsangabe.de", true },
{ "inheritestate.com", true },
{ "inhouseents.co.uk", true },
- { "iniiter.com", true },
{ "inima.org", true },
{ "inios.fr", true },
{ "inishbofin.ie", true },
@@ -18167,13 +18637,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "inmateintake.com", true },
{ "inmobillium.fr", true },
{ "inmoodforsex.com", true },
- { "inmusrv.de", true },
{ "innerfence.com", true },
{ "innerlightcrystals.co.uk", true },
{ "innermostparts.org", true },
{ "innersafe.com", true },
{ "inno.ch", true },
{ "innocenceseekers.net", true },
+ { "innogen.fr", true },
{ "innohb.com", true },
{ "innolabfribourg.ch", true },
{ "innoloop.com", true },
@@ -18181,19 +18651,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "innot.net", true },
{ "innotas.com", true },
{ "innoteil.com", true },
+ { "innotel.com.au", true },
{ "innovaptor.at", true },
{ "innovaptor.com", true },
{ "innovate-indonesia.com", true },
{ "innovation-workshop.ro", true },
{ "innovation.gov", false },
+ { "innover.se", true },
{ "innovum.cz", false },
{ "innsalzachsingles.de", true },
- { "innwan.com", true },
{ "inoa8.com", true },
{ "inobun.jp", true },
{ "inovat.ma", true },
{ "inovatecsystems.com", true },
{ "inpas.co.uk", true },
+ { "inputmag.com", true },
{ "inquant.de", true },
{ "ins-kreativ.de", true },
{ "ins.to", true },
@@ -18201,6 +18673,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "insblauehinein.nl", true },
{ "inscomers.net", true },
{ "inscripcionessena.com", true },
+ { "insecret.com.ua", true },
+ { "insecret.trade", true },
{ "insecure.org.je", true },
{ "insertcoins.net", true },
{ "insgesamt.net", true },
@@ -18219,9 +18693,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "insignificant.space", true },
{ "insinuator.net", true },
{ "insistel.com", true },
+ { "insofttransfer.com", true },
{ "insolent.ch", true },
{ "insolved.com", true },
{ "insping.com", true },
+ { "inspirationalquotesuk.co.uk", true },
{ "inspired-creations.co.za", true },
{ "inspired-lua.org", true },
{ "inspiredrealtyinc.com", true },
@@ -18237,6 +18713,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "instant-thinking.de", true },
{ "instant.io", true },
{ "instantkhabar.com", true },
+ { "instantluxe.cn", true },
+ { "instantluxe.co.uk", true },
+ { "instantluxe.com", true },
+ { "instantluxe.de", true },
+ { "instantluxe.it", true },
+ { "instantphotocamera.com", true },
{ "instava.cz", true },
{ "instead.com.au", true },
{ "insteagle.com", true },
@@ -18247,19 +18729,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "instinctiveads.com", true },
{ "institut-confucius-montpellier.org", true },
{ "institutmaupertuis.hopto.org", true },
+ { "institutogiuseppe.com", true },
+ { "institutogiuseppe.com.ar", true },
{ "institutolancaster.com", true },
{ "instrumart.ru", false },
{ "insult.es", true },
{ "insurance321.com", true },
{ "insureon.com", true },
{ "insurgentsmustdie.com", true },
+ { "int64software.com", true },
{ "intae.it", true },
{ "intafe.co.jp", true },
{ "intal.info", true },
{ "intarweb.ca", true },
{ "intasky.cz", true },
{ "intasky.sk", true },
- { "integraelchen.de", true },
{ "integralblue.com", true },
{ "integralkk.com", true },
{ "integratedintegrations.xyz", true },
@@ -18270,6 +18754,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "integrityoklahoma.com", true },
{ "integrogroup.com", true },
{ "integromat.com", true },
+ { "integroof.com", true },
{ "intelhost.cl", true },
{ "intelhost.com", true },
{ "intelhost.com.ar", true },
@@ -18287,6 +18772,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "intensifyrsvp.com.au", true },
{ "inter-corporate.com", true },
{ "inter-culinarium.com", true },
+ { "interabbit.com", true },
{ "interaffairs.com", true },
{ "interaktiva.fi", true },
{ "interasistmen.se", true },
@@ -18298,12 +18784,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "interflores.com.br", true },
{ "interfug.de", true },
{ "intergozd.si", true },
+ { "interguard.net", true },
{ "interiery-waters.cz", true },
{ "interimages.fr", true },
{ "interior-design-colleges.com", true },
{ "interiordesignsconcept.com", true },
{ "interiorprofesional.com.ar", true },
{ "interisaudit.com", true },
+ { "interlijn.nl", true },
{ "interlingvo.biz", true },
{ "intermax.nl", true },
{ "intermedinet.nl", true },
@@ -18314,7 +18802,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "international-nash-day.com", true },
{ "internationalfashionjobs.com", true },
{ "internationalschool.it", true },
- { "internationalschoolnewyork.com", true },
{ "internationaltalento.it", true },
{ "internect.co.za", true },
{ "internet-aukcion.info", true },
@@ -18379,7 +18866,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "inventaire.ch", true },
{ "inventionsteps.com.au", true },
{ "inventix.nl", true },
- { "inventoryexpress.xyz", true },
{ "inventoryimages.co.uk", true },
{ "inventoryimages.com", true },
{ "inventtatte.com", true },
@@ -18406,14 +18892,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "invisionita.com", true },
{ "invisiverse.com", true },
{ "invitacionesytarjetas.gratis", true },
- { "invitation-factory.tk", true },
- { "invitescene.com", true },
{ "invitethemhome.com", true },
{ "invkao.com", true },
{ "invoiced.com", true },
{ "invoicefinance.com", true },
{ "invoicefinance.nl", true },
+ { "invoicehippo.nl", true },
{ "invuite.com", true },
+ { "inwao.com", true },
{ "inwestcorp.se", true },
{ "inzdr.com", true },
{ "inzelabs.com", true },
@@ -18423,7 +18909,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iocheck.com", false },
{ "iochen.com", true },
{ "iocurrents.com", true },
- { "iodev.nl", true },
{ "iodine.com", true },
{ "ioerror.us", true },
{ "iofort.com", true },
@@ -18454,12 +18939,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ip6.li", false },
{ "ipad.li", true },
{ "ipadkaitori.jp", true },
- { "ipadportfolioapp.com", true },
{ "ipal.im", true },
{ "ipal.name", true },
{ "ipal.pl", true },
{ "ipal.tel", true },
- { "ipawind.com", true },
{ "ipcareers.net", true },
{ "ipconsulting.se", true },
{ "ipemcomodoro.com.ar", true },
@@ -18468,9 +18951,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ipfs.ink", true },
{ "ipfs.io", true },
{ "iphonekaitori.tokyo", true },
- { "iphoneportfolioapp.com", true },
{ "iphoneunlock.nu", true },
{ "iphonote.com", true },
+ { "ipid.me", true },
{ "ipintel.io", true },
{ "iplabs.de", true },
{ "iplantom.com", true },
@@ -18509,13 +18992,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iqsmn.org", true },
{ "ir1s.com", true },
{ "iramellor.com", true },
- { "iran-geo.com", true },
{ "iranian.lgbt", true },
{ "iranianholiday.com", true },
{ "iranjeunesse.com", true },
+ { "irasandi.com", true },
{ "irayo.net", true },
{ "irc-results.com", true },
- { "ircmett.de", true },
{ "irdvb.com", true },
{ "ireef.tv", true },
{ "iren.ch", true },
@@ -18524,13 +19006,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "irfan.id", true },
{ "irgendeine.cloud", true },
{ "irgit.pl", true },
+ { "irgwebsites.com", true },
{ "iridiumbrowser.de", true },
{ "iridiumflare.de", true },
{ "iriomote.com", true },
{ "iris-design.info", true },
{ "iris-insa.com", true },
{ "irish.dating", true },
+ { "irish.radio", true },
+ { "irishradioplayer.radio", true },
{ "irisjieun.com", true },
+ { "irkfap.com", true },
{ "irland-firma.com", true },
{ "irmgard-woelfle.de", true },
{ "irmgardkoch.com", true },
@@ -18547,11 +19033,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iruca.co", true },
{ "is-going-to-rickroll.me", true },
{ "is-sw.net", true },
+ { "isaac.world", true },
{ "isaacdgoodman.com", true },
- { "isaackabel.ga", true },
- { "isaackabel.gq", true },
- { "isaackabel.ml", true },
- { "isaackabel.tk", true },
{ "isaackhor.com", true },
{ "isaacman.tech", true },
{ "isaacmorneau.com", true },
@@ -18567,18 +19050,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "isamiok.com", true },
{ "isara.com", true },
{ "isarklinikum.de", true },
+ { "isastylish.com", true },
{ "isavings.com", true },
{ "isayoga.de", true },
+ { "isbaseballstillon.com", true },
{ "isbc-telecom.ru", true },
{ "isbengrumpy.com", true },
{ "isc2chapter-cny.org", true },
{ "iscert.org", true },
- { "isdecolaop.nl", true },
{ "isdn.jp", true },
{ "isecrets.se", true },
{ "iservicio.mx", true },
{ "iseulde.com", true },
{ "isfff.com", true },
+ { "isg-tech.com", true },
{ "isgp-studies.com", true },
{ "ishamf.com", true },
{ "ishangirdhar.com", true },
@@ -18606,6 +19091,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "islavolcan.cl", true },
{ "isletech.net", true },
{ "isliada.org", true },
+ { "islief.com", true },
{ "islykaithecutest.cf", true },
{ "islykaithecutest.ml", true },
{ "ismailkarsli.com", true },
@@ -18615,14 +19101,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ismywebsitepenalized.com", true },
{ "isn.cz", true },
{ "iso27032.com", true },
- { "isocom.eu", true },
{ "isognattori.com", true },
{ "isolta.com", true },
{ "isolta.de", true },
{ "isolta.ee", true },
+ { "isolta.fi", true },
{ "isolta.lv", true },
{ "isolta.se", true },
- { "isondo.com", true },
{ "isonet.fr", true },
{ "isopres.de", true },
{ "isotope.gov", true },
@@ -18668,13 +19153,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "isuzupartscenter.com", true },
{ "isvbscriptdead.com", true },
{ "isvsecwatch.org", true },
+ { "isyu.xyz", true },
{ "isz-berlin.de", true },
{ "isz.no", true },
+ { "iszy.me", true },
{ "it-academy.sk", true },
+ { "it-boss.ro", true },
{ "it-faul.de", true },
{ "it-fernau.com", true },
{ "it-jobbank.dk", true },
- { "it-kron.de", true },
{ "it-maker.eu", true },
{ "it-rotter.de", true },
{ "it-schamans.de", true },
@@ -18684,11 +19171,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "it-service24.com", true },
{ "it-shamans.de", true },
{ "it-shamans.eu", true },
+ { "it-stack.de", true },
+ { "it-support-nu.se", true },
+ { "it-support-stockholm.se", true },
+ { "it-support.one", true },
+ { "it-supportistockholm.se", true },
{ "it-sysoft.com", true },
+ { "it-tekniker.nu", true },
{ "it-ti.me", true },
+ { "it-uws.com", true },
{ "it-world.eu", true },
{ "it.search.yahoo.com", false },
- { "it1b.com", true },
{ "itactiq.com", true },
{ "itactiq.info", true },
{ "itaiferber.net", true },
@@ -18704,8 +19197,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "itamservices.nl", true },
{ "itap.gov", true },
{ "itb-online.co.uk", true },
- { "itblog.pp.ua", true },
- { "itchy.nl", true },
{ "itcko.sk", true },
{ "itdashboard.gov", true },
{ "itecor.net", true },
@@ -18713,10 +19204,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iteha.de", true },
{ "iteke.ml", true },
{ "iteke.tk", true },
- { "iteli.eu", true },
{ "iterader.com", true },
{ "iterasoft.de", true },
- { "iterror.co", true },
{ "itesign.de", true },
{ "itfh.eu", true },
{ "itfix.cz", true },
@@ -18725,19 +19214,25 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ithakama.cz", true },
{ "ithenrik.com", true },
{ "ithinc.net", true },
+ { "ithink.cf", true },
+ { "ithjalpforetag.se", true },
{ "itikon.com", true },
+ { "itilo.de", true },
{ "itis.gov", true },
{ "itis4u.ch", true },
{ "itjob.ma", true },
{ "itkaufmann.at", true },
{ "itlitera.com", true },
{ "itludens.com", true },
+ { "itm-c.de", true },
+ { "itmanie.cz", true },
{ "itmindscape.com", true },
{ "itn.co.uk", true },
{ "itneeds.tech", true },
{ "itnota.com", true },
{ "itochan.jp", true },
{ "itooky.com", true },
+ { "itouriria.com", true },
{ "itpro.ua", true },
{ "itraveille.fr", true },
{ "itreallyaddsup.com", true },
@@ -18751,6 +19246,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "itsanicedoor.co.uk", true },
{ "itsasaja.com", true },
{ "itsaw.de", true },
+ { "itsayardlife.com", true },
{ "itsblue.de", true },
{ "itsdcdn.com", true },
{ "itsecblog.de", true },
@@ -18771,6 +19267,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "itstatic.tech", true },
{ "itsuitsyou.co.za", true },
{ "itsundef.in", true },
+ { "itsupportnacka.se", true },
{ "itsv.at", true },
{ "itswincer.com", true },
{ "itzap.com.au", true },
@@ -18781,7 +19278,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ivanbenito.com", true },
{ "ivanboi.com", true },
{ "ivancacic.com", false },
- { "ivanilla.org", true },
{ "ivanmeade.com", true },
{ "ivaoru.org", true },
{ "ivfausland.de", true },
@@ -18797,21 +19293,25 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ivinet.cl", true },
{ "ivitalia.it", true },
{ "ivo.co.za", true },
+ { "ivopetkov.com", true },
{ "ivor.io", true },
{ "ivor.is", true },
{ "ivorvanhese.com", true },
{ "ivorvanhese.nl", true },
- { "ivoryonsunset.com", true },
{ "ivpn.net", true },
{ "ivre.rocks", true },
{ "ivsign.net", true },
{ "ivusn.cz", true },
{ "ivvl.ru", true },
{ "ivy-league-colleges.com", true },
+ { "ivy.show", true },
{ "iwader.co.uk", true },
{ "iwalton.com", true },
{ "iwantexchange.com", true },
+ { "iwantpayments.com", true },
{ "iwanttoliveinabunker.com", true },
+ { "iwanttrack.com", true },
+ { "iwascoding.com", true },
{ "iwch.tk", true },
{ "iwebolutions.com", true },
{ "iwell.de", true },
@@ -18855,6 +19355,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "j3e.de", true },
{ "ja-dyck.de", true },
{ "ja-gps.com.au", true },
+ { "ja-publications.agency", true },
{ "ja.md", true },
{ "jaakkohannikainen.fi", true },
{ "jaalits.com", true },
@@ -18888,7 +19389,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jacksorrell.com", true },
{ "jacksutton.info", true },
{ "jackyliao123.tk", true },
- { "jaco.by", true },
{ "jacobamunch.com", true },
{ "jacobdevans.com", true },
{ "jacobhaug.com", false },
@@ -18912,7 +19412,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jahner.xyz", true },
{ "jahofmann.de", false },
{ "jailbreakingisnotacrime.org", true },
- { "jaion.tech", true },
+ { "jaion.xyz", true },
{ "jaispirit.com", false },
{ "jaitnetworking.com", false },
{ "jakarta.dating", true },
@@ -18924,7 +19424,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jakecurtis.de", true },
{ "jakereynolds.co", true },
{ "jakerullman.com", true },
- { "jakeslab.tech", true },
{ "jaketremper.com", true },
{ "jakewestrip.com", true },
{ "jakob-server.tk", true },
@@ -18934,7 +19433,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jakpremyslet.cz", true },
{ "jaksch.biz", true },
{ "jakub-boucek.cz", true },
- { "jakubarbet.eu", true },
{ "jakubboucek.cz", true },
{ "jakubklimek.com", true },
{ "jakubtopic.cz", true },
@@ -18973,6 +19471,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jamessmith.me.uk", true },
{ "jamesturnerstickley.com", true },
{ "jamhost.org", true },
+ { "jamie-read-photography.com", true },
{ "jamie.ie", true },
{ "jamielarter.ca", true },
{ "jamielinux.com", true },
@@ -18981,6 +19480,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jamiepeters.nl", true },
{ "jamieweb.net", true },
{ "jamieweb.org", true },
+ { "jamiewebb.net", true },
{ "jamjestsimon.pl", true },
{ "jammucake.com", true },
{ "jammysplodgers.co.uk", true },
@@ -18998,6 +19498,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "janbrodda.de", true },
{ "jandev.de", true },
{ "janduchene.ch", true },
+ { "jane.com", true },
{ "janehamelgardendesign.co.uk", true },
{ "janelauhomes.com", true },
{ "janhuelsmann.com", true },
@@ -19006,6 +19507,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "janik.xyz", false },
{ "janikrabe.com", true },
{ "janjoris.nl", true },
+ { "jankamp.com", true },
+ { "janker.me", true },
{ "jankoepsel.com", true },
{ "jann.is", true },
{ "jannekekaasjager.nl", true },
@@ -19014,6 +19517,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "janoberst.com", true },
{ "janokacer.sk", true },
{ "janschaumann.de", true },
+ { "jansen-schilders.nl", true },
{ "janssenwigman.nl", true },
{ "janterpstra.eu", true },
{ "jantinaboelens.nl", true },
@@ -19021,6 +19525,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "janvaribalint.com", true },
{ "jaot.info", true },
{ "japanesemotorsports.net", true },
+ { "japangids.nl", true },
{ "japaniac.de", false },
{ "japanphilosophy.com", false },
{ "japanwatches.xyz", true },
@@ -19092,6 +19597,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jci.cc", true },
{ "jclynne.com", true },
{ "jcra.net", true },
+ { "jcsesecuneta.com", true },
{ "jctf.team", true },
{ "jcwodan.nl", true },
{ "jd-group.co.uk", true },
@@ -19121,9 +19627,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jeannecalment.com", true },
{ "jeannelucienne.fr", true },
{ "jeanneret-combustibles.ch", true },
- { "jec-dekrone.be", true },
{ "jeda.ch", true },
- { "jedayoshi.me", true },
{ "jedayoshi.tk", true },
{ "jedepannetonordi.fr", true },
{ "jedidiah.eu", false },
@@ -19132,8 +19636,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jedmud.com", true },
{ "jedwarddurrett.com", true },
{ "jeec.ist", true },
+ { "jeemain.org", true },
{ "jeepeg.com", true },
- { "jeffanderson.me", true },
+ { "jeeran.com", true },
+ { "jeeranservices.com", true },
{ "jeffcasavant.com", false },
{ "jeffcloninger.net", true },
{ "jeffersonregan.co.uk", true },
@@ -19155,10 +19661,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jekkt.com", false },
{ "jelena-adeli.com", true },
{ "jelenkovic.rs", true },
- { "jelewa.de", true },
{ "jell.ie", true },
{ "jelle.pro", true },
- { "jelleglebbeek.com", true },
{ "jelleluteijn.com", true },
{ "jelleluteijn.eu", true },
{ "jelleluteijn.net", true },
@@ -19191,6 +19695,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jeremy-chen.org", true },
{ "jeremy.hu", true },
{ "jeremybentham.com", true },
+ { "jeremyc.ca", false },
{ "jeremycantu.com", true },
{ "jeremycrews.com", true },
{ "jeremynally.com", true },
@@ -19213,22 +19718,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jesseerbach.com", true },
{ "jessekaufman.com", true },
{ "jessesjumpingcastles.co.uk", true },
+ { "jessevictors.com", true },
{ "jessgranger.com", false },
{ "jessicabenedictus.nl", false },
{ "jessicahrehor.com", true },
{ "jesters-court.net", true },
{ "jesuisadmin.fr", true },
{ "jet-stream.fr", true },
- { "jetapi.org", true },
{ "jetbbs.com", true },
+ { "jetflex.de", true },
{ "jetkittens.co.uk", true },
{ "jetsetboyz.net", true },
{ "jetsieswerda.nl", true },
- { "jettlarue.com", true },
{ "jetwhiz.com", true },
{ "jeuxetcodes.fr", true },
{ "jeweet.net", true },
{ "jewishboyscouts.com", true },
+ { "jewishquotations.com", true },
{ "jexler.net", true },
{ "jf-fotos.de", true },
{ "jfbst.net", true },
@@ -19250,17 +19756,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jhollandtranslations.com", true },
{ "jhuang.me", true },
{ "jhwestover.com", true },
- { "jiacl.com", true },
{ "jiahao.codes", true },
- { "jiangzm.com", false },
+ { "jiangxu.site", true },
{ "jianji.de", true },
{ "jianshu.com", true },
{ "jianyuan.pro", true },
+ { "jiatingtrading.com", true },
{ "jiazhao.ga", true },
{ "jicaivvip.com", true },
{ "jichi.io", true },
{ "jichi000.win", true },
- { "jikegu.com", true },
+ { "jieyang2016.com", true },
{ "jimbiproducts.com", true },
{ "jimbraaten.com", true },
{ "jimbutlerkiaparts.com", true },
@@ -19291,6 +19797,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jisha.site", true },
{ "jixun.moe", true },
{ "jiyusu.com", true },
+ { "jiyuu-ni.com", true },
+ { "jiyuu-ni.net", true },
{ "jjhampton.com", true },
{ "jjj.blog", true },
{ "jjjconnection.com", true },
@@ -19302,7 +19810,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jjvanoorschot.nl", true },
{ "jk-entertainment.biz", true },
{ "jkchocolate.com", true },
- { "jkest.cc", true },
+ { "jki.io", true },
+ { "jkinteriorspa.com", true },
{ "jkirsche.com", true },
{ "jkrippen.com", true },
{ "jkyuan.tk", true },
@@ -19323,6 +19832,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jmalarcon.es", true },
{ "jmarciniak.it", true },
{ "jmatt.org", true },
+ { "jmbeautystudio.se", true },
{ "jmbelloteau.com", true },
{ "jmcashngold.com.au", true },
{ "jmcataffo.com", true },
@@ -19338,7 +19848,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jmpb.hu", true },
{ "jmsolodesigns.com", true },
{ "jmssg.jp", true },
- { "jmvdigital.com", true },
{ "jnjdj.com", true },
{ "jnm-art.com", true },
{ "jnordell.com", true },
@@ -19347,6 +19856,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "joanofarcmtcarmel.org", true },
{ "joaoaugusto.net", true },
{ "joaosampaio.com.br", true },
+ { "joaquimgoliveira.pt", true },
{ "job-ofertas.info", true },
{ "job-offer.de", true },
{ "job.biz.tr", true },
@@ -19361,10 +19871,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jobcorpsy2y.com", true },
{ "jobify.in", true },
{ "jobindex.dk", true },
+ { "joblab.com.ua", true },
{ "joblife.co.za", true },
{ "jobmi.com", true },
{ "jobmiplayground.com", true },
- { "jobmob.co.il", true },
{ "jobs-in-tech.com", true },
{ "jobs.at", true },
{ "jobs.ch", true },
@@ -19382,7 +19892,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jodlajodla.si", true },
{ "joduska.me", true },
{ "jodyboucher.com", false },
- { "jodyshop.com", true },
{ "joe262.com", true },
{ "joedavison.me", true },
{ "joedinardo.com", true },
@@ -19402,6 +19911,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "joelmarkhamphotography.com.au", true },
{ "joelmunch.com", true },
{ "joelnichols.uk", true },
+ { "joelotu.com", true },
{ "joemotherfuckingjohnson.com", true },
{ "joepitt.co.uk", false },
{ "joergschneider.com", true },
@@ -19448,7 +19958,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "johnmcc.net", true },
{ "johnmcintosh.pro", true },
{ "johnmh.me", true },
- { "johnmichel.org", true },
{ "johnno.be", true },
{ "johnnybet.com", true },
{ "johnnybsecure.com", true },
@@ -19457,6 +19966,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "johnrockefeller.net", true },
{ "johnsanchez.io", true },
{ "johnsegovia.com", true },
+ { "johnsiu.com", true },
{ "johnsonho.net", true },
{ "johnvanhese.nl", true },
{ "johnyytb.be", true },
@@ -19468,6 +19978,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jokedalderup.nl", true },
{ "joker.menu", true },
{ "jokerice.co.uk", true },
+ { "jokesbykids.com", true },
{ "jokewignand.nl", true },
{ "joliettech.com", true },
{ "jollausers.de", true },
@@ -19479,6 +19990,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jomofojo.co", true },
{ "jomofojo.com", true },
{ "jonahperez.com", true },
+ { "jonale.net", true },
{ "jonandnoraswedding.com", true },
{ "jonas-thelemann.de", true },
{ "jonas-wenk.de", false },
@@ -19537,7 +20049,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jorgerosales.org", true },
{ "jorisdalderup.nl", true },
{ "jornalalerta.com.br", true },
- { "josc.com.au", true },
{ "joscares.com", true },
{ "jose-alexand.re", true },
{ "jose-lesson.com", true },
@@ -19545,11 +20056,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "josef-lotz.de", true },
{ "josefjanosec.com", true },
{ "josefottosson.se", true },
- { "josegerber.ch", true },
{ "joseitoda.org", true },
- { "josemikkola.fi", true },
{ "josepbel.com", true },
{ "josephbleroy.com", true },
+ { "josephgeorge.com.au", true },
{ "josephre.es", false },
{ "josephsniderman.com", true },
{ "josephsniderman.net", true },
@@ -19561,7 +20071,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "joshharmon.me", true },
{ "joshics.in", true },
{ "joshlovephotography.co.uk", true },
- { "joshpanter.com", true },
+ { "joshpanter.com", false },
{ "joshrickert.com", true },
{ "joshruppe.com", true },
{ "joshschmelzle.com", true },
@@ -19579,18 +20089,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jouwpaardenbak.nl", true },
{ "jovani.com", false },
{ "jovic.hamburg", true },
- { "joyceseamone.com", true },
{ "joyful.house", true },
{ "joyfulexpressions.gallery", true },
{ "joynadvisors.com", true },
{ "joyofcookingandbaking.com", true },
{ "joysinventingblog.com", true },
+ { "jpbe.de", true },
{ "jpdeharenne.be", true },
{ "jpeg.io", true },
{ "jphandjob.com", true },
{ "jplesbian.com", true },
{ "jpmelos.com", true },
{ "jpmelos.com.br", true },
+ { "jpmguitarshop.com.br", true },
{ "jpod.cc", true },
{ "jpralves.net", true },
{ "jps-selection.co.uk", true },
@@ -19605,9 +20116,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jr5proxdoug.xyz", true },
{ "jrabasco.me", true },
{ "jrc9.ca", true },
+ { "jrchaseify.xyz", true },
{ "jreb.nl", true },
{ "jreinert.com", true },
{ "jrflorian.com", true },
+ { "jrlopezoficial.com", true },
{ "jross.me", true },
{ "jrtapsell.co.uk", true },
{ "jrxpress.com", true },
@@ -19629,9 +20142,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jsnfwlr.io", true },
{ "jsonsinc.com", true },
{ "jsteward.moe", true },
- { "jstore.ch", true },
{ "jtcat.com", true },
- { "jtcjewelry.com", true },
{ "jtconsultancy.sg", true },
{ "jthackery.com", false },
{ "jtl-software.com", true },
@@ -19642,16 +20153,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ju.io", true },
{ "juan23.edu.uy", true },
{ "juanfrancisco.tech", true },
+ { "juanjovega.com", true },
{ "juanmaguitar.com", true },
{ "juanmazzetti.com", true },
{ "juanxt.ddns.net", true },
- { "jubee.nl", true },
{ "jubileum.online", true },
{ "jubileumfotograaf.nl", true },
{ "jucca-nautica.si", true },
{ "juch.cc", true },
{ "juchit.at", true },
- { "jucktehkeinen.de", true },
{ "judc-ge.ch", true },
{ "judge2020.com", true },
{ "judge2020.me", true },
@@ -19661,6 +20171,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "juef.space", true },
{ "juegosycodigos.es", true },
{ "juegosycodigos.mx", true },
+ { "juegosyolimpicos.com", true },
{ "juelda.com", true },
{ "juergen-elbert.de", true },
{ "juergen-roehrig.de", true },
@@ -19728,6 +20239,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jumpinmonkeys.co.uk", true },
{ "jumpintogreenerpastures.com", true },
{ "jumpnplay.co.uk", true },
+ { "jundongwu.com", true },
{ "junespina.com", true },
{ "junethack.net", true },
{ "jungaa.fr", true },
@@ -19737,7 +20249,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "junglejackscastles.co.uk", true },
{ "junglememories.co.uk", true },
{ "junglist.org", true },
- { "jungundwild-design.de", true },
+ { "jungundwild-design.de", false },
{ "juni.io", true },
{ "junias-fenske.de", true },
{ "juniperroots.ca", true },
@@ -19745,15 +20257,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "junjun-web.net", true },
{ "junkdrome.org", true },
{ "juno.co.uk", true },
- { "junoaroma.com", true },
{ "junodownload.com", true },
{ "jura-reiseschutz.de", true },
{ "jurassicbarkharrogate.co.uk", true },
{ "jurassicgolf.nl", true },
{ "juridoc.com.br", true },
{ "jurijbuga.de", true },
- { "jurisprudent.by", true },
- { "juristas.com.br", true },
+ { "jurriaan.ninja", true },
{ "just-a-clanpage.de", true },
{ "just-vet-and-drive.fr", true },
{ "justanothercompany.name", true },
@@ -19771,13 +20281,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "justin-tech.com", false },
{ "justinharrison.ca", true },
{ "justinho.com", true },
+ { "justinmuturifoundation.org", true },
+ { "justinribeiro.com", true },
{ "justinstandring.com", true },
{ "justmensgloves.com", true },
{ "justpaste.it", true },
{ "justsmart.io", true },
{ "justsome.info", true },
{ "justtalk.site", true },
- { "justthinktwice.gov", true },
+ { "justthinktwice.gov", false },
{ "justupdate.me", true },
{ "justyy.com", true },
{ "juszkiewicz.com.pl", true },
@@ -19804,6 +20316,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jwmmarketing.com", true },
{ "jwnotifier.org", true },
{ "jwod.gov", true },
+ { "jwplay.ml", true },
{ "jwschuepfheim.ch", true },
{ "jwsoft.nl", true },
{ "jxltom.com", true },
@@ -19812,9 +20325,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jyggen.com", true },
{ "jym.fit", true },
{ "jyoti-fairworks.org", true },
- { "jzachpearson.com", true },
{ "jzbk.org", true },
- { "jzcapital.co", true },
{ "k-bone.com", true },
{ "k-homes.net", true },
{ "k-netz.de", true },
@@ -19824,6 +20335,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "k-scr.me", true },
{ "k-system.de", true },
{ "k-tube.com", true },
+ { "k1024.org", true },
{ "k258059.net", true },
{ "k2mts.org", true },
{ "k3508.com", true },
@@ -19839,7 +20351,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kaangenc.me", true },
{ "kaany.io", true },
{ "kaasbesteld.nl", true },
- { "kaashosting.nl", true },
{ "kaatha-kamrater.se", true },
{ "kab-s.de", true },
{ "kabaca.design", true },
@@ -19851,7 +20362,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kaboom.pw", true },
{ "kabu-abc.com", true },
{ "kabulpress.org", true },
- { "kabus.org", true },
{ "kacgal.com", true },
{ "kachelfm.nl", true },
{ "kachlikova2.cz", true },
@@ -19882,7 +20392,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kakie-gobocha.jp", true },
{ "kakie-kolesa.ru", true },
{ "kakolightingmuseum.or.jp", true },
- { "kakuto.me", true },
{ "kalakarclub.com", true },
{ "kalamos-psychiatrie.be", true },
{ "kalastus.com", true },
@@ -19906,8 +20415,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kamikaichimaru.com", false },
{ "kamikatse.net", true },
{ "kaminbau-laub.de", true },
+ { "kamisato-ent.com", true },
{ "kamixa.se", true },
{ "kamppailusali.fi", true },
+ { "kampunginggris-ue.com", true },
{ "kamranmirhazar.com", true },
{ "kamui.co.uk", true },
{ "kan3.de", true },
@@ -19917,7 +20428,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kanag.pl", true },
{ "kanal-schaefer.de", true },
{ "kanal-tv-haensch.de", true },
- { "kandalife.com", true },
{ "kandianshang.com", true },
{ "kanecastles.com", true },
{ "kanehusky.com", true },
@@ -19936,7 +20446,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kanis.ag", true },
{ "kankimaru.com", true },
{ "kanna.cf", true },
- { "kannchen.de", true },
{ "kanobu.ru", true },
{ "kansaiyamamoto.jp", true },
{ "kantankye.nl", true },
@@ -19945,15 +20454,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kantorosobisty.pl", true },
{ "kanuvu.de", true },
{ "kany.me", false },
+ { "kanzakiranko.jp", false },
{ "kanzashi.com", true },
{ "kanzlei-gaengler.de", true },
{ "kanzlei-myca.de", true },
{ "kanzlei-oehler.com", true },
{ "kanzlei-sixt.de", true },
- { "kaotik4266.com", true },
{ "kap-genial.de", true },
{ "kapgy-moto.com", true },
- { "kappenstein.org", true },
+ { "kappenstein.org", false },
{ "kapseli.net", true },
{ "kaptadata.com", true },
{ "kaptamedia.com", true },
@@ -19962,6 +20471,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "karabas.com", true },
{ "karabijnhaken.nl", false },
{ "karachi.dating", true },
+ { "karaface.com", true },
{ "karalane.com", true },
{ "karamomo.net", true },
{ "karanjthakkar.com", true },
@@ -19969,7 +20479,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "karateka.org", true },
{ "karateka.ru", true },
{ "kardize24.pl", true },
- { "karenledger.ca", true },
+ { "kardolocksmith.com", true },
{ "karewan.ovh", true },
{ "kargl.net", true },
{ "karguine.in", true },
@@ -19990,6 +20500,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "karmaspa.se", true },
{ "karn.nu", true },
{ "karneid.info", true },
+ { "karoverwaltung.de", true },
{ "karsofsystems.com", true },
{ "karsten-voigt.de", true },
{ "karta-paliwowa.pl", true },
@@ -20015,7 +20526,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kat.marketing", true },
{ "katagena.com", true },
{ "katalogbajugamismu.com", true },
- { "katalogbutikker.dk", true },
{ "katata-kango.ac.jp", true },
{ "katcleaning.com.au", true },
{ "katedra.de", true },
@@ -20045,24 +20555,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kau-boys.de", true },
{ "kaufberatung.community", true },
{ "kaufmanbankruptcylaw.com", true },
- { "kaverti.com", true },
{ "kavovary-kava.cz", true },
{ "kawaii.io", true },
- { "kawaiii.link", true },
{ "kaweus.de", true },
{ "kay.la", true },
{ "kayakabovegroundswimmingpools.com", true },
{ "kayscs.com", true },
{ "kazakov.lt", true },
+ { "kazancci.com", true },
{ "kazand.lt", true },
{ "kazandaemon.ru", true },
{ "kazek.com.pl", true },
{ "kazekprzewozy.pl", true },
{ "kazu.click", true },
{ "kazuhirohigashi.com", true },
- { "kazumi.ooo", true },
{ "kazumi.ro", true },
{ "kazy111.info", true },
+ { "kb3.net", true },
{ "kb88.com", true },
{ "kba-online.de", true },
{ "kbb-ev.de", true },
@@ -20087,6 +20596,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kdfans.com", true },
{ "kdw.cloud", true },
{ "kdyby.org", true },
+ { "ke.fo", true },
{ "ke7tlf.us", true },
{ "keakon.net", true },
{ "keane.space", true },
@@ -20100,7 +20610,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kedarastudios.com", true },
{ "kedibizworx.com", true },
{ "kediri.win", true },
- { "keditor.biz", true },
{ "kedv.es", true },
{ "keeleysam.com", true },
{ "keelove.net", true },
@@ -20117,6 +20626,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "keezin.ga", true },
{ "keganthorrez.com", true },
{ "kehlenbach.net", true },
+ { "keifel.de", true },
{ "kein-design.de", true },
{ "keinanung.nl", true },
{ "keinefilterblase.de", true },
@@ -20140,7 +20650,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kellygrenard.com", true },
{ "kellyskastles.co.uk", true },
{ "kellyssportsbarandgrill.com", true },
- { "kelmarsafety.com", true },
+ { "kelsa.io", true },
{ "kelvinfichter.com", true },
{ "kemmerer-net.de", true },
{ "kempkens.io", true },
@@ -20161,6 +20671,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kennethlim.me", true },
{ "kenneths.org", true },
{ "kenny-peck.com", true },
+ { "kennynet.co.uk", true },
{ "keno.im", true },
{ "kenokallinger.at", true },
{ "kenoschwalb.com", false },
@@ -20168,7 +20679,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kens.pics", true },
{ "kensbouncycastles.co.uk", true },
{ "kenscustomfloors.com", true },
- { "kensparkesphotography.com", true },
{ "kentec.net", true },
{ "kenterlis.gr", true },
{ "kenvix.com", true },
@@ -20177,16 +20687,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "keops-spine.fr", true },
{ "keops-spine.us", true },
{ "kepkonyvtar.hu", true },
+ { "keralit.nl", true },
{ "kerebro.com", true },
- { "kerem.xyz", true },
{ "kerforhome.com", true },
{ "kerijacoby.com", true },
+ { "kermadec.com", true },
+ { "kermadec.fr", true },
+ { "kermadec.net", true },
{ "kernel-error.de", true },
{ "kernelpanics.nl", true },
{ "kerrfrequencycombs.org", true },
{ "kerrnel.com", true },
{ "kersbergen.nl", true },
- { "kersmexico.com", true },
{ "kerstkaart.nl", true },
{ "kersvers.agency", true },
{ "kerus.net", true },
@@ -20204,6 +20716,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ketty-voyance.com", true },
{ "keutel.net", true },
{ "kevin-darmor.eu", true },
+ { "kevin-ta.com", true },
{ "kevinapease.com", true },
{ "kevinbowers.me", true },
{ "kevinbusse.de", true },
@@ -20237,7 +20750,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "keylength.com", true },
{ "keymach.com", true },
{ "keypersonins.com", true },
- { "keys.fedoraproject.org", true },
{ "keys.jp", true },
{ "keystoneok.com", false },
{ "keysupport.org", true },
@@ -20252,6 +20764,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kfz-hantschel.de", true },
{ "kgm-irm.be", true },
{ "kgnk.ru", true },
+ { "kgv-schlauroth.de", true },
{ "khaledgarbaya.net", false },
{ "khanovaskola.cz", true },
{ "khas.co.uk", true },
@@ -20260,7 +20773,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "khetzal.info", true },
{ "khipu.com", true },
{ "khlee.net", true },
- { "khmb.ru", false },
+ { "khmb.ru", true },
{ "khoury-dulla.ch", true },
{ "khs1994.com", true },
{ "khslaw.com", true },
@@ -20271,6 +20784,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kiano.net", true },
{ "kiapartscenter.net", true },
{ "kiapartsdepartment.com", true },
+ { "kiapps.ovh", true },
{ "kibea.net", true },
{ "kibibit.net", true },
{ "kibriscicek.net", true },
@@ -20279,9 +20793,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kickedmycat.com", true },
{ "kickstart.com.pk", false },
{ "kicou.info", true },
- { "kiddies.academy", true },
{ "kiddieschristian.academy", true },
- { "kiddieschristianacademy.co.za", true },
{ "kiddyboom.ua", true },
{ "kids-at-home.ch", true },
{ "kids-castles.com", true },
@@ -20299,7 +20811,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kidzpartiesllp.co.uk", true },
{ "kidzsmile.co.uk", true },
{ "kiebel.de", true },
- { "kiedys.net", true },
{ "kiehls.pt", true },
{ "kiekin.org", true },
{ "kiekko.pro", true },
@@ -20309,10 +20820,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kiesuwkerstkaart.nl", true },
{ "kiffmarks.com", true },
{ "kigmbh.com", true },
+ { "kiisu.club", true },
{ "kikbb.com", true },
{ "kiki-voice.jp", true },
{ "kikimilyatacado.com.br", true },
{ "kiku.pw", true },
+ { "kilerd.me", true },
{ "kilianvalkhof.com", true },
{ "killaraapartments.com.au", true },
{ "killdeer.com", true },
@@ -20331,7 +20844,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kimisia.net", true },
{ "kimmel.com", true },
{ "kimmel.in", true },
- { "kimo.se", true },
{ "kimono-rental-one.com", true },
{ "kimotodental.com", true },
{ "kimsufi-jordi.tk", true },
@@ -20341,7 +20853,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kinautas.com", true },
{ "kinderbasar-luhe.de", true },
{ "kinderchor-bayreuth.de", true },
+ { "kinderjugendfreizeitverein.de", true },
{ "kinderkleding.news", true },
+ { "kinderpneumologie.ch", true },
{ "kindertagespflege-rasselbande-halle.de", true },
{ "kinderzahn-bogenhausen.de", true },
{ "kindfotografie.nl", true },
@@ -20349,6 +20863,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kindlezs.com", true },
{ "kine-duthil.fr", true },
{ "kinepolis-studio.be", true },
+ { "kinerd.me", true },
+ { "kinesiomed-cryosauna.gr", true },
{ "kinetiq.com", true },
{ "king-of-the-castles.com", true },
{ "kingant.net", true },
@@ -20366,6 +20882,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kingsley.cc", true },
{ "kingstclinic.com", true },
{ "kingtecservices.com", true },
+ { "kingwoodtxlocksmith.com", true },
{ "kini24.ru", true },
{ "kinkcafe.net", true },
{ "kinkenonline.com", true },
@@ -20373,6 +20890,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kinniyaonlus.com", true },
{ "kinocheck.de", true },
{ "kinohled.cz", true },
+ { "kinomoto.me", true },
{ "kinomoto.ovh", false },
{ "kinos.nl", true },
{ "kinozal-tv.appspot.com", true },
@@ -20385,27 +20903,24 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kipa.at", true },
{ "kipiradio.com", true },
{ "kippenbart.gq", true },
- { "kipriakipita.gr", true },
{ "kiragameforum.net", true },
- { "kirainmoe.com", true },
{ "kiraku.co", true },
{ "kirbear.com", true },
{ "kirche-dortmund-ost.de", true },
{ "kirchen-im-web.de", false },
{ "kirchengemeinde-markt-erlbach.de", true },
+ { "kircp.com", true },
{ "kirei.se", true },
{ "kirig.ph", true },
{ "kirikira.moe", true },
{ "kirill.ws", true },
{ "kirillaristov.com", true },
- { "kirillpokrovsky.de", true },
{ "kirinas.com", true },
{ "kirinuki.jp", true },
{ "kirkforcongress.com", true },
{ "kirkforillinois.com", true },
{ "kirkify.com", true },
{ "kirkovsky.com", true },
- { "kirrie.pe.kr", true },
{ "kirsch-gestaltung.de", true },
{ "kirschbaum.me", true },
{ "kirslis.com", true },
@@ -20415,6 +20930,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kis-toitoidixi.de", true },
{ "kisallatorvos.hu", true },
{ "kisalt.im", true },
+ { "kisel.org", true },
{ "kisiselveri.com", true },
{ "kiskeedeesailing.com", true },
{ "kisma.de", true },
@@ -20422,14 +20938,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kissgyms.com", true },
{ "kissmycreative.com", true },
{ "kissoft.ro", true },
- { "kisstube.tv", true },
{ "kitabnamabayi.com", true },
+ { "kitacoffee.com", true },
{ "kitbag.com.au", true },
{ "kitchen-profi.by", true },
{ "kitchen-profi.com.ua", true },
{ "kitchen-profi.kz", true },
- { "kitchenalley.ca", true },
- { "kitchenalley.com", true },
{ "kitchenpunx.com", false },
{ "kiteadventure.nl", true },
{ "kiteschooledam.nl", true },
@@ -20444,21 +20958,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kittpress.com", true },
{ "kittyhacker101.tk", true },
{ "kivitelezesbiztositas.hu", true },
+ { "kiwi-bird.xyz", true },
{ "kiwi.com", true },
{ "kiwi.digital", true },
{ "kiwi.wiki", true },
- { "kiwico.com", true },
- { "kix.moe", false },
{ "kiyotatsu.com", true },
{ "kj-prince.com", true },
- { "kj1396.net", true },
- { "kj1397.com", true },
{ "kjaer.io", true },
{ "kjarni.cc", true },
{ "kjarrval.is", true },
{ "kjchernov.info", true },
{ "kjellner.com", true },
{ "kjelltitulaer.com", true },
+ { "kjellvn.net", true },
{ "kjg-ummeln.de", true },
{ "kk-neudorf-duissern.de", false },
{ "kkaefer.com", true },
@@ -20468,7 +20980,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kkren.me", true },
{ "kks-karlstadt.de", true },
{ "kksg.com", true },
- { "kkws.co", true },
{ "kkyy.me", true },
{ "kkzxak47.com", true },
{ "kl-diaetist.dk", true },
@@ -20506,6 +21017,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kleinreich.de", true },
{ "kleinsys.com", true },
{ "kleintransporte.net", true },
+ { "kleppe.co", true },
{ "kleteckova.cz", true },
{ "klicke-gemeinsames.de", true },
{ "klickstdu.com", true },
@@ -20527,7 +21039,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kloia.com", true },
{ "klose.family", true },
{ "klosko.net", true },
- { "klotz-labs.com", true },
{ "kloudboy.com", true },
{ "kls-agency.com.ua", false },
{ "klseet.com", true },
@@ -20535,8 +21046,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "klubxanadu.cz", true },
{ "kluck.me", true },
{ "klugemedia.de", true },
- { "klustekeningen.nl", true },
{ "klustermedia.com", true },
+ { "klusweb-merenwijk.nl", true },
{ "klva.cz", true },
{ "klzwzhi.com", true },
{ "kmashworth.co.uk", true },
@@ -20550,9 +21061,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "knarcraft.net", true },
{ "kncg.pw", true },
{ "kndkv.com", true },
+ { "kndrd.io", true },
{ "kneblinghausen.de", true },
{ "knechtology.com", true },
- { "knegten-agilis.com", true },
{ "knep.me", true },
{ "knetterbak.nl", true },
{ "kngk-group.ru", true },
@@ -20564,10 +21075,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "knightsblog.de", true },
{ "knightsbridge.net", true },
{ "knightsbridgewine.com", true },
+ { "knihovnajablonne.cz", true },
{ "knip.ch", true },
{ "knispel-online.de", true },
{ "knitfarious.com", true },
{ "knmv.nl", true },
+ { "knnet.ch", true },
{ "knockendarroch.co.uk", true },
{ "knop.info", true },
{ "knot-store.com", true },
@@ -20576,6 +21089,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "knowlevillagecc.co.uk", true },
{ "knthost.com", true },
{ "knurps.de", true },
+ { "knuthildebrandt.de", true },
{ "knutur.is", true },
{ "knygos.lt", true },
{ "ko-sys.com", true },
@@ -20585,7 +21099,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kobejet.com", true },
{ "kobezda.net", true },
{ "kobofarm.com", true },
- { "koboldcraft.ch", true },
{ "kobolya.hu", true },
{ "kocherev.org", true },
{ "kochereva.com", true },
@@ -20639,10 +21152,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kokobaba.com", true },
{ "kokona.ch", true },
{ "kokumoto.com", true },
- { "kolania.com", true },
{ "kolania.de", true },
- { "kolania.net", true },
- { "kolaykaydet.com", true },
{ "kolbeinsson.se", true },
{ "kolcsey.eu", true },
{ "koldanews.com", true },
@@ -20659,6 +21169,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kolpingsfamilie-vechta-maria-frieden.de", true },
{ "koluke.co", true },
{ "koluke.com", true },
+ { "komall.net", true },
{ "komandakovalchuk.com", false },
{ "kombidorango.com.br", true },
{ "komelin.com", true },
@@ -20743,8 +21254,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kostecki.org", true },
{ "kostecki.tel", true },
{ "kostya.ws", true },
- { "kotausaha.com", true },
- { "kotelezobiztositas.eu", true },
+ { "kosuzu.moe", true },
{ "kother.org", true },
{ "kotilinkki.fi", true },
{ "kotitesti.fi", true },
@@ -20763,7 +21273,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kovaldo.ru", true },
{ "kovals.sk", true },
{ "kovehitus.ee", true },
- { "kovnsk.net", true },
{ "kovspace.com", true },
{ "kovuthehusky.com", true },
{ "kowalmik.tk", true },
@@ -20778,14 +21287,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kpinvest.eu", true },
{ "kplasticsurgery.com", true },
{ "kplnet.net", true },
- { "kpmgpublications.ie", true },
{ "kpop.re", true },
- { "kpopsource.com", false },
+ { "kpopsource.com", true },
{ "kpumuk.info", true },
{ "kpx1.de", true },
{ "kr.search.yahoo.com", false },
{ "kr0n.dk", true },
{ "krachtinverbinding.nl", true },
+ { "kradalby.no", true },
{ "kraft.blog", true },
{ "kraft.im", true },
{ "kraftfleisch.de", true },
@@ -20800,12 +21309,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kralovstvimap.cz", true },
{ "kram.nz", true },
{ "krambeutel.de", true },
+ { "krampus-fischamend.at", true },
{ "kramsj.uk", true },
{ "krang.org.uk", true },
{ "krankenpflege-haushaltshilfe.de", true },
+ { "kranz.space", true },
{ "krasnodar-avia.ru", true },
{ "krasovsky.me", true },
{ "krautomat.com", true },
+ { "krayx.com", true },
{ "krazyboi.com", true },
{ "krazykastles.co.uk", true },
{ "krazykoolkastles.com", true },
@@ -20817,6 +21329,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kredit-abzocke.com", true },
{ "kredita.dk", true },
{ "kreditkacs.cz", true },
+ { "kredytzen.pl", true },
{ "kreen.org", true },
{ "krehl.io", true },
{ "kremalicious.com", true },
@@ -20843,11 +21356,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kristinbailey.com", false },
{ "kristofba.ch", true },
{ "kristofdv.be", true },
+ { "kritikos.io", true },
{ "krizevci.info", true },
{ "krmeni.cz", false },
{ "krokedil.se", true },
{ "kromamoveis.com.br", true },
- { "kronaw.it", true },
+ { "kromonos.net", true },
{ "krony.de", true },
{ "kroon.email", true },
{ "kropkait.pl", true },
@@ -20861,7 +21375,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "krukhmer.com", true },
{ "krumberconsulting.com", true },
{ "krupa.net.pl", false },
- { "krusesec.com", true },
+ { "kruselegal.com.au", true },
{ "krutka.cz", true },
{ "kruu.de", true },
{ "kruzhki-s-kartinkami.ru", true },
@@ -20872,7 +21386,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "krypsys.com", true },
{ "krypt.com", true },
{ "kryptera.se", true },
- { "kryptomodkingz.com", true },
{ "krytykawszystkiego.com", true },
{ "krytykawszystkiego.pl", true },
{ "kryx.de", true },
@@ -20895,6 +21408,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ktw.lv", true },
{ "ku-7.club", true },
{ "ku.io", false },
+ { "kuaimen.bid", true },
{ "kuaitiyu.org", true },
{ "kualiti.net", true },
{ "kualo.co.uk", true },
@@ -20913,7 +21427,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kucnibudzet.com", true },
{ "kucukayvaz.com", true },
{ "kudo.co.id", true },
- { "kueche-co.de", false },
{ "kuechenprofi-group.de", false },
{ "kuehndel.org", true },
{ "kuehnel-bs.de", true },
@@ -20940,7 +21453,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kungerkueken.de", true },
{ "kunra.de", true },
{ "kunstdrucke-textildruck.de", true },
- { "kunstfehler.at", true },
{ "kunstundunrat.de", true },
{ "kuoruan.com", true },
{ "kupferstichshop.com", true },
@@ -20958,8 +21470,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kuroinu.jp", true },
{ "kurona.ga", true },
{ "kuronekogaro.com", true },
- { "kurrende.nrw", false },
- { "kurrietv.nl", true },
{ "kurschies.de", true },
{ "kurserne.dk", true },
{ "kurswahl-online.de", true },
@@ -20993,7 +21503,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kwcolville.com", true },
{ "kwedo.com", true },
{ "kwench.com", true },
- { "kwok.cc", true },
{ "kwoll.de", true },
{ "kwyxz.org", true },
{ "kx197.com", true },
@@ -21007,14 +21516,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kylegutschow.com", true },
{ "kylejohnson.io", true },
{ "kylelaker.com", true },
- { "kylescastles.co.uk", true },
{ "kylinj.com", false },
{ "kynastonwedding.co.uk", true },
{ "kyobostory-events.com", true },
{ "kyoko.org", true },
{ "kyosaku.org", true },
{ "kyoto-mic.com", true },
- { "kyoto-sake.net", true },
{ "kyoto-tomikawa.jp", true },
{ "kyoto-tomoshibi.jp", true },
{ "kyprexxo.com", true },
@@ -21027,6 +21534,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kzsdabas.hu", true },
{ "l-lab.org", true },
{ "l0re.com", true },
+ { "l17r.eu", true },
{ "l2guru.ru", true },
{ "l33te.net", true },
{ "l4n-clan.de", true },
@@ -21048,6 +21556,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "laatikko.io", true },
{ "laatjeniethackmaken.nl", true },
{ "labande-annonce.fr", true },
+ { "labanochjonas.se", true },
+ { "labanskoller.se", true },
+ { "labanskollermark.se", true },
{ "labcenter.com", true },
{ "labcoat.jp", true },
{ "labms.com.au", true },
@@ -21088,26 +21599,26 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ladbroke.net", true },
{ "ladenzeile.at", true },
{ "ladenzeile.de", true },
+ { "ladislavbrezovnik.com", true },
{ "ladraiglaan.com", true },
{ "lady-2.jp", true },
{ "ladyanna.de", true },
{ "ladyofhopeparish.org", true },
+ { "laermschmiede.de", true },
{ "laeso.es", true },
{ "laextra.mx", true },
{ "lafayette-rushford.com", true },
{ "lafcheta.info", true },
- { "lafema.de", true },
{ "lafillepolyvalente.ca", true },
{ "lafillepolyvalente.com", true },
{ "lafka.org", true },
{ "lafkor.de", true },
{ "laflash.com", true },
- { "lafosseobservatoire.be", true },
- { "lag-gbr.gq", true },
{ "lagarderob.ru", false },
{ "lagazzettadigitale.it", true },
{ "lagerauftrag.info", true },
{ "lagit.in", true },
+ { "laglab.org", false },
{ "lagout.org", true },
{ "lagriffeduservice.fr", true },
{ "laguiadelvaron.com", true },
@@ -21117,6 +21628,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lahnau-akustik.de", true },
{ "lahora.com.ec", true },
{ "lai.is", true },
+ { "laibcoms.com", true },
{ "lain.at", true },
{ "lain.li", true },
{ "laindonleisure.co.uk", true },
@@ -21158,7 +21670,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lamboo.be", true },
{ "lamclam.site", true },
{ "lame1337.xyz", true },
- { "lamiaposta.email", false },
+ { "lamed.se", true },
{ "lamikvah.org", true },
{ "laminine.info", true },
{ "lamontre.ru", true },
@@ -21177,20 +21689,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lampy.pl", true },
{ "lamunyon.com", true },
{ "lan.biz.tr", true },
- { "lana.swedbank.se", true },
{ "lanahallen.com", true },
{ "lanbroa.eu", true },
{ "lancashirecca.org.uk", true },
{ "lancejames.com", true },
{ "lancelafontaine.com", true },
{ "lanceyip.com", true },
- { "lancork.net", true },
{ "lancyvbc.ch", true },
{ "land.nrw", false },
+ { "landbetweenthelakes.us", true },
{ "landchecker.com.au", true },
{ "landflair-magazin.de", true },
{ "landhaus-christmann.de", true },
+ { "landhaus-havelse.de", true },
{ "landinfo.no", true },
+ { "landingear.com", true },
{ "landlordy.com", true },
{ "landofelves.net", true },
{ "landrovermerriamparts.com", true },
@@ -21222,6 +21735,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "langkahteduh.com", true },
{ "langkawitrip.com", true },
{ "langotie.com.br", true },
+ { "langsam-dator.se", true },
{ "langstreckensaufen.de", true },
{ "languagecourse.net", true },
{ "languageterminal.com", true },
@@ -21235,7 +21749,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lanre.org", true },
{ "lanroamer.de", true },
{ "lansechensilu.com", true },
- { "lanseyujie.com", false },
{ "lanternalauth.com", true },
{ "lanternhealth.org", true },
{ "lantian.pub", true },
@@ -21248,9 +21761,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "laozhu.me", true },
{ "laparoscopia.com.mx", true },
{ "lapassiondutrading.com", true },
+ { "lapetition.be", true },
{ "lapicena.eu", true },
{ "lapidge.net", true },
- { "lapix.com.co", true },
{ "laplacesicherheit.de", true },
{ "laplanetebleue.com", true },
{ "lapolla.com", true },
@@ -21258,6 +21771,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lapparente-aise.ch", true },
{ "lappari.com", true },
{ "lara.photography", true },
+ { "larabergmann.de", true },
{ "laracode.eu", true },
{ "laraeph.com", true },
{ "laraigneedusoir.com", true },
@@ -21272,6 +21786,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "largeviewer.com", true },
{ "lariposte.org", true },
{ "lariscus.eu", true },
+ { "larky.top", true },
{ "larondinedisinfestazione.com", true },
{ "larptreff.de", true },
{ "larraz.es", true },
@@ -21298,6 +21813,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lasertechsolutions.com", true },
{ "lask.in", true },
{ "laskas.pl", true },
+ { "lasowy.com", true },
{ "laspequenassemillas.com", true },
{ "lasrecetascocina.com", true },
{ "lasrecetasdeguada.com", true },
@@ -21308,7 +21824,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lasseleegaard.org", true },
{ "lassesworld.com", true },
{ "lassesworld.se", true },
+ { "lastbutnotyeast.com", true },
{ "lastchancetraveler.com", true },
+ { "lastharo.com", true },
{ "lastpass.com", false },
{ "lastrada-minden.de", true },
{ "lastweekinaws.com", true },
@@ -21333,7 +21851,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "latitudesign.com", true },
{ "latremebunda.com", true },
{ "latrine.cz", true },
- { "latterdaybride.com", true },
{ "lattyware.co.uk", true },
{ "lattyware.com", true },
{ "laubacher.io", true },
@@ -21399,7 +21916,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "layoutsatzunddruck.de", true },
{ "lazistance.com", true },
{ "lazowik.pl", true },
- { "lazurit.com", true },
{ "lazyboston.com", true },
{ "lazyclock.com", true },
{ "lazyframe.com", true },
@@ -21447,13 +21963,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "le-palantir.com", true },
{ "le-traiteur-parisien.fr", true },
{ "le0.me", true },
+ { "le0yn.ml", true },
{ "le130rb.com", true },
{ "le23.fr", true },
{ "le42mars.fr", true },
{ "leadbox.cz", true },
{ "leaderoftheresistance.com", false },
{ "leaderoftheresistance.net", false },
+ { "leadership9.com", true },
+ { "leadgenie.me", true },
+ { "leadinfo.com", true },
{ "leadingsalons.com", true },
+ { "leadplan.ru", true },
{ "leadquest.nl", true },
{ "leafandseed.co.uk", true },
{ "leafans.tk", false },
@@ -21473,6 +21994,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "learningis1.st", true },
{ "learninglaw.com", true },
{ "learningman.top", true },
+ { "learnlux.com", true },
{ "learnpianogreece.com", true },
{ "learnplayground.com", true },
{ "learntube.cz", true },
@@ -21493,6 +22015,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lebens-fluss.at", true },
{ "lebensraum-fitness-toenisvorst.de", true },
{ "lebensraum-im-garten.de", true },
+ { "lebensraum-kurse.ch", true },
{ "lebihan.pl", true },
{ "leblanc.io", true },
{ "lebourgeo.is", true },
@@ -21501,7 +22024,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lecoinchocolat.com", true },
{ "lectricecorrectrice.com", true },
{ "led-jihlava.cz", true },
- { "led.xyz", true },
{ "ledecologie.com.br", true },
{ "ledeguisement.com", true },
{ "lederer-it.com", true },
@@ -21511,7 +22033,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lee-fuller.co.uk", true },
{ "leeaaronsrealestate.com", true },
{ "leebiblestudycentre.co.uk", true },
- { "leech360.com", false },
{ "leeclemens.net", false },
{ "leedev.org", true },
{ "leekspin.ml", true },
@@ -21520,7 +22041,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "leerliga.de", true },
{ "leertipp.de", true },
{ "leesilvey.com", true },
- { "leet2.com", true },
{ "leetcode.com", true },
{ "leetcode.net", true },
{ "leetgamers.asia", true },
@@ -21536,14 +22056,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "legacy.bank", true },
{ "legadental.com", true },
{ "legaillart.fr", true },
+ { "legalcontrol.info", true },
{ "legaldesk.com", true },
{ "legalinmotion.es", true },
{ "legalrobot.com", true },
- { "legendarycamera.com", true },
{ "legendesdechine.ch", true },
{ "legendofkrystal.com", true },
{ "legends-game.ru", false },
{ "legible.es", true },
+ { "legilimens.de", true },
{ "legioniv.org", true },
{ "legiscontabilidade.com.br", true },
{ "legissa.ovh", true },
@@ -21552,7 +22073,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "legland.fr", true },
{ "legoutdesplantes.be", true },
{ "legrandvtc.fr", true },
- { "legumefederation.org", true },
{ "legumeinfo.org", true },
{ "lehighmathcircle.org", true },
{ "lehti-tarjous.net", true },
@@ -21575,7 +22095,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lemni.top", true },
{ "lemoine.at", true },
{ "lemondenumerique.com", true },
- { "lemondrops.xyz", true },
+ { "lemonlawnow.com", true },
{ "lemonop.com", true },
{ "lemonparty.co", true },
{ "lemonrockbiketours.com", true },
@@ -21586,9 +22106,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lenagroben.de", true },
{ "lenaneva.ru", true },
{ "lence.net", true },
+ { "lendahandmissionteams.org", true },
{ "lendingclub.com", true },
{ "lenget.com", true },
- { "lenguajedeprogramacion.com", true },
{ "lengzzz.com", true },
{ "lenidh.de", true },
{ "leninalbertop.com.ve", true },
@@ -21603,7 +22123,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lenyip.me", true },
{ "lenyip.works", true },
{ "leoandpeto.com", true },
- { "leodaniels.com", true },
{ "leodraxler.at", true },
{ "leola.cz", true },
{ "leola.sk", true },
@@ -21618,13 +22137,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "leonklingele.de", true },
{ "leontiekoetter.de", true },
{ "leopoldina.net", true },
+ { "leovanna.co.uk", true },
{ "leowkahman.com", true },
{ "lep.gov", true },
{ "lepenetapeti.com", true },
{ "lepidum.jp", true },
{ "leponton-lorient.fr", true },
{ "leppis-it.de", true },
- { "leprado.com", true },
{ "lepsos.com", true },
{ "lequerceagriturismo.com", true },
{ "lereporter.ma", true },
@@ -21638,12 +22157,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lernplattform-akademie.de", true },
{ "lerp.me", true },
{ "les-ateliers-de-melineo.be", true },
+ { "les-inoxydables.com", true },
{ "les-pingouins.com", true },
{ "lesaffre.es", true },
{ "lesancheslibres.fr", true },
{ "lesarts.com", true },
{ "lesberger.ch", true },
- { "lesconteursavis.org", true },
+ { "lesbrillantsdaristide.com", true },
{ "lescourtiersbordelais.com", true },
{ "leseditionsbraquage.com", true },
{ "lesfilmsavivre.com", true },
@@ -21696,6 +22216,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "levanscatering.com", true },
{ "levelaccordingly.com", true },
{ "levelcheat.com", true },
+ { "levelonetrainingandfitness.com", true },
{ "leveluplv.com", true },
{ "leveluprails.com", true },
{ "levendwater.org", true },
@@ -21744,6 +22265,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lhost.su", true },
{ "li-ke.co.jp", true },
{ "li.search.yahoo.com", false },
+ { "lialion.de", true },
{ "liam-w.io", true },
{ "liamelliott.me", true },
{ "liamlin.me", true },
@@ -21778,10 +22300,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "libreoffice-from-collabora.com", true },
{ "libreofficefromcollabora.com", true },
{ "librervac.org", true },
+ { "librosdescargas.club", true },
{ "libscode.com", false },
{ "libskia.so", true },
{ "libsodium.org", true },
{ "libstock.si", true },
+ { "libzik.com", true },
{ "lichess.org", true },
{ "lichtmetzger.de", true },
{ "lichtspot.de", true },
@@ -21807,7 +22331,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lie.as", true },
{ "liebel.org", true },
{ "lieberwirth.biz", true },
- { "lieblingsholz.de", true },
{ "liemen.net", true },
{ "lierrmm.space", true },
{ "lieuu.com", true },
@@ -21821,14 +22344,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lifegrip.com.au", true },
{ "lifeinhex.com", true },
{ "lifeinsurancepro.org", true },
- { "lifekiss.ru", true },
{ "lifelenz.com", true },
{ "lifematenutrition.com", true },
{ "lifemstyle.com", true },
{ "lifeqa.net", true },
+ { "lifequotes-uk.co.uk", true },
{ "lifereset.it", true },
{ "lifesafety.com.br", true },
{ "lifestyle7788.com", true },
+ { "lifestylecent.com", true },
{ "lifestylefinancial.ca", true },
{ "lifetree.network", true },
{ "lifi.digital", true },
@@ -21838,6 +22362,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "light-up.xyz", true },
{ "light.mail.ru", true },
{ "lightbox.co", true },
+ { "lightdark.xyz", true },
{ "lightdream.tech", true },
{ "lighting-centres.co.uk", true },
{ "lightingagoura.com", true },
@@ -21873,13 +22398,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lijncoaching.nl", true },
{ "lijstje.be", true },
{ "lijstje.nl", true },
- { "likc.me", true },
{ "likeablehub.com", true },
{ "likeabox.de", true },
{ "likebee.gr", true },
{ "likegeeks.com", true },
{ "likehifi.de", true },
{ "likemovies.de", true },
+ { "likenewhearing.com.au", true },
{ "likere.com", true },
{ "likesforinsta.com", true },
{ "likui.me", true },
@@ -21887,6 +22412,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "liliang13.com", true },
{ "liljohnsanitary.net", true },
{ "lillepuu.com", true },
+ { "lilliangray.co.za", true },
{ "lily-bearing.com", true },
{ "lily-inn.com", true },
{ "lilyfarmfreshskincare.com", true },
@@ -21900,11 +22426,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "limeburst.net", true },
{ "limelabs.de", true },
{ "limelabs.io", true },
+ { "limeres.com", true },
{ "limereslaw.com", true },
{ "limitededitioncomputers.com", true },
{ "limitededitionsolutions.com", true },
{ "limitxyz.com", true },
- { "limn.me", true },
{ "limoairporttoronto.net", true },
{ "limousineservicezurich.com", true },
{ "limpid.nl", true },
@@ -21921,9 +22447,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lindalap.fi", true },
{ "lindaolsson.com", true },
{ "lindemann.space", true },
+ { "linden.me", true },
{ "lindeskar.se", true },
{ "lindholmen.club", true },
{ "lindnerhof-taktik.de", true },
+ { "lindnerhof.info", true },
{ "lindo.ru", true },
{ "lindon.pw", true },
{ "lindsayanderson.com", true },
@@ -21954,12 +22482,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "linklocker.co", true },
{ "linkmaker.co.uk", true },
{ "linkmauve.fr", true },
- { "linkonaut.net", true },
+ { "linkstream.live", true },
{ "linkthis.me", true },
{ "linkthis.ml", true },
+ { "linkthisstatus.ml", true },
{ "linktio.com", true },
{ "linky.tk", true },
- { "linkybos.com", true },
{ "linkycat.com", true },
{ "linode.com", false },
{ "linost.com", true },
@@ -21996,7 +22524,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "linzgau.de", true },
{ "linzyjx.com", true },
{ "lionhosting.nl", true },
- { "lionlyrics.com", true },
{ "lionsdeal.com", true },
{ "lipartydepot.com", true },
{ "lipex.com", true },
@@ -22029,10 +22556,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lists.stg.fedoraproject.org", true },
{ "litchidova.nl", true },
{ "litebit.eu", true },
+ { "litebitanalytics.eu", true },
{ "litebits.com", true },
{ "litemind.com", true },
{ "literarymachin.es", true },
{ "literature-schools.com", true },
+ { "literaturpreis-bad-wurzach.de", true },
{ "litfin.name", true },
{ "lithan.com", true },
{ "lithesalar.se", true },
@@ -22052,6 +22581,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "littlepincha.fr", true },
{ "littleprincessandmascotparties.co.uk", true },
{ "littleqiu.net", true },
+ { "littleredpenguin.com", true },
{ "littleredsbakeshop.com", true },
{ "littlericket.me", false },
{ "littlescallywagsplay.co.uk", true },
@@ -22065,7 +22595,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "liufengyu.cn", true },
{ "liul.in", true },
{ "liupeicheng.top", true },
- { "liushuyu.tk", true },
{ "liv3d.stream", true },
{ "live4k.media", false },
{ "livebandphotos.com", true },
@@ -22105,7 +22634,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "livi.co.uk", true },
{ "livi.fr", true },
{ "living-space.co.nz", true },
+ { "living.digital", true },
+ { "living.video", true },
{ "living24.de", true },
+ { "livingafrugallife.com", true },
{ "livingforreal.com", true },
{ "livinginhimalone.com", true },
{ "livingkingsinc.net", true },
@@ -22114,9 +22646,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "livnev.me", true },
{ "livnev.xyz", true },
{ "livolett.de", true },
- { "livrariacoad.com.br", true },
{ "livres-et-stickers.com", true },
{ "livroseuniformes.com.br", true },
+ { "lixiaoyu.live", true },
{ "lixtick.com", true },
{ "liyang.pro", false },
{ "liyin.date", true },
@@ -22127,13 +22659,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lizhi123.net", true },
{ "lizmooredestinationweddings.com", true },
{ "lizzaran.io", true },
+ { "lizzwood.com", true },
{ "ljason.cn", true },
{ "ljc.ro", true },
{ "ljs.io", true },
+ { "ljskool.com", true },
+ { "ljusdalsnaprapatklinik.se", true },
{ "lk-hardware.cz", true },
{ "lknw.de", true },
{ "lkp111138.me", true },
{ "llamacuba.com", true },
+ { "llamasweet.tech", true },
{ "llemoz.com", true },
{ "ller.xyz", true },
{ "llm-guide.com", true },
@@ -22141,16 +22677,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lloyd-day.me", true },
{ "llslb.com", false },
{ "lm-pumpen.de", false },
+ { "lmbyrne.co.uk", true },
+ { "lmbyrne.com", true },
{ "lmcm.io", true },
{ "lmddgtfy.net", true },
{ "lmerza.com", true },
{ "lmintlcx.com", true },
+ { "lmmi.nl", true },
{ "lmmtfy.io", true },
{ "lmsptfy.com", true },
{ "lmtls.me", true },
{ "lmtm.eu", true },
{ "lng-17.org", true },
{ "lnhequipmentltd.com", true },
+ { "lnmp.me", true },
{ "lntu.org", true },
{ "lnx.li", true },
{ "lnyltx.cn", true },
@@ -22162,10 +22702,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "loandolphin.com.au", true },
{ "loanreadycredit.com", true },
{ "loanstreet.nl", true },
+ { "lob-assets-staging.com", true },
+ { "lob-assets.com", true },
{ "lob-staging.com", true },
{ "lob.com", true },
{ "lobivia.de", true },
- { "lobosdomain.hopto.org", true },
{ "lobsangstudio.com", true },
{ "lobstr.co", true },
{ "local360.net", true },
@@ -22190,9 +22731,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "locationvoitureportugal.com", true },
{ "locatorplus.gov", true },
{ "locauxrama.fr", true },
- { "locker.email", true },
{ "locker.plus", true },
- { "lockify.com", true },
{ "lockpick.nl", true },
{ "lockpicks.se", true },
{ "lockr.io", true },
@@ -22200,9 +22739,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "locksmithbalchsprings.com", true },
{ "locksmithballito.com", true },
{ "locksmithbluff.co.za", true },
+ { "locksmithdearborn.com", true },
{ "locksmithedmonds.com", true },
+ { "locksmithfriendswoodtexas.com", true },
{ "locksmithgarland-tx.com", true },
{ "locksmithgrapevinetx.com", true },
+ { "locksmithhumbletx.com", true },
{ "locksmithindurban.co.za", true },
{ "locksmithlivoniami.com", true },
{ "locksmithmadisonheights.com", true },
@@ -22289,7 +22831,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lojaprimemed.com.br", true },
{ "lojaprojetoagua.com.br", true },
{ "lojasceletro.com.br", true },
- { "lojatema.com.br", true },
{ "lojaterrazul.com.br", true },
{ "lojavirtualfc.com.br", true },
{ "lojavirtualfct.com.br", true },
@@ -22303,7 +22844,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lolcow.farm", true },
{ "loli.net", true },
{ "loli.pet", true },
- { "loli.ski", true },
{ "loli.tube", true },
{ "loli.world", true },
{ "lolibrary.org", true },
@@ -22330,9 +22870,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lonesomecosmonaut.com", true },
{ "lonestarlandandcommercial.com", true },
{ "long-journey.com", true },
- { "long139.com", true },
{ "long18.cc", true },
- { "long688.com", true },
+ { "longboat.io", true },
{ "longhaircareforum.com", true },
{ "longhorn-imports.com", true },
{ "longhorn.id.au", true },
@@ -22360,14 +22899,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lookyman.net", true },
{ "lookzook.com", true },
{ "loom.no", true },
- { "loony.info", true },
- { "loopower.com", true },
{ "loopstart.org", true },
{ "looseleafsecurity.com", true },
{ "loothole.com", true },
{ "loovto.net", true },
{ "loposchokk.com", true },
{ "loqu8.com", true },
+ { "loquo.com", true },
{ "lord.sh", true },
{ "lordofthebrick.com", true },
{ "lore.azurewebsites.net", true },
@@ -22377,7 +22915,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "loricozengeller.com", true },
{ "lorientlejour.com", true },
{ "loritaboegl.de", true },
- { "lormansas.com", true },
{ "losangelestown.com", true },
{ "losless.fr", true },
{ "losreyesdeldescanso.com.ar", true },
@@ -22407,6 +22944,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "loungecafe.org", true },
{ "loungepapillon.com", true },
{ "love4taylor.me", true },
+ { "loveai.org", true },
{ "loveandadoreboutique.com", true },
{ "lovebigisland.com", true },
{ "lovecrystal.co.uk", true },
@@ -22415,8 +22953,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lovelens.li", false },
{ "lovelivewiki.com", true },
{ "lovelovenavi.jp", true },
- { "lovelytimes.net", true },
{ "lovemanagementaccounts.co.uk", true },
+ { "lovemiku.info", true },
{ "lovemomiji.com", true },
{ "lovenwishes.com", true },
{ "loveph.one", true },
@@ -22444,7 +22982,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "loyaleco.it", true },
{ "loyaltyondemand.club", true },
{ "loyaltyondemand.eu", true },
- { "lp-support.nl", true },
{ "lpcom.de", true },
{ "lprcommunity.co.za", true },
{ "lpt-nebreziny.eu", true },
@@ -22460,6 +22997,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lsmpx.com", true },
{ "lsquo.com", true },
{ "lsscreens.de", true },
+ { "lsy.cn", true },
{ "lt.search.yahoo.com", false },
{ "ltaake.com", true },
{ "ltecode.com", true },
@@ -22478,16 +23016,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lucacastelnuovo.nl", false },
{ "lucafontana.net", true },
{ "lucafrancesca.me", true },
- { "lucakrebs.de", true },
{ "lucasantarella.com", true },
{ "lucasbergen.ca", true },
- { "lucascobb.com", true },
{ "lucasem.com", true },
{ "lucasgaland.com", true },
{ "lucasgymnastics.com", true },
{ "lucaslarson.net", true },
{ "luce.life", true },
{ "luchscheider.de", false },
+ { "lucianoalbanes.com", true },
{ "lucid-light.de", true },
{ "lucidframeworks.com", true },
{ "lucidlight.de", true },
@@ -22520,12 +23057,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "luftreiniger.biz", true },
{ "lufu.io", true },
{ "lugbb.org", true },
+ { "lugimax.com", true },
{ "luginbuehl.be", true },
- { "luginbuehl.eu", true },
{ "lugui.in", true },
{ "lui.pink", true },
{ "luiscapelo.info", true },
- { "luisgf.es", true },
{ "luismaier.de", true },
{ "luisyr.com", true },
{ "luizkowalski.net", true },
@@ -22533,15 +23069,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lukas-gorr.de", true },
{ "lukas-meixner.com", true },
{ "lukas-oppermann.de", true },
- { "lukas-schauer.de", true },
- { "lukas.im", true },
- { "lukas2511.de", true },
{ "lukasberan.com", true },
{ "lukasberan.cz", true },
{ "lukasfunk.com", true },
{ "lukasoppermann.com", true },
{ "lukasoppermann.de", true },
- { "lukasschauer.de", true },
{ "lukasschick.de", false },
{ "lukaszorn.de", true },
{ "lukaszwojcik.net", true },
@@ -22556,6 +23088,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lukesutton.info", true },
{ "lukmanulhakim.id", true },
{ "lukull-pizza.de", true },
+ { "luloboutique.com", true },
{ "lumen.sh", true },
{ "lumi.pw", true },
{ "lumiere.com", true },
@@ -22565,39 +23098,45 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lumminary.com", true },
{ "lunafag.ru", true },
{ "lunakit.org", true },
+ { "lunalove.de", true },
{ "lunanova.moe", true },
{ "lunapps.com", true },
{ "lunar6.ch", true },
+ { "lunarichter.de", true },
{ "lunarlog.com", true },
{ "lunarshark.com", true },
{ "lunartail.nl", true },
{ "lunasqu.ee", true },
{ "lunastrail.com", true },
+ { "lunazacharias.com", true },
{ "lunchbunch.me", true },
{ "lune-indigo.ch", true },
{ "lungta.pro", true },
{ "lunidea.ch", true },
{ "lunidea.com", true },
{ "lunis.net", true },
- { "lunix.io", true },
{ "lunorian.is", true },
+ { "luodaoyi.com", true },
+ { "luody.info", true },
{ "luoe.me", true },
{ "luoh.cc", true },
{ "luoh.me", true },
{ "luohua.im", true },
{ "luongvu.com", true },
+ { "luoshifeng.com", true },
{ "luowu.cc", true },
{ "lupecode.com", true },
{ "lupinencyclopedia.com", true },
{ "lupinenorthamerica.com", true },
- { "luqsus.pl", true },
{ "lusitom.com", true },
{ "luso-livros.net", true },
+ { "lusoft.cz", true },
{ "lusteniny.cz", true },
{ "lustige-zitate.com", true },
{ "lustin.fr", true },
{ "lustrum.ch", true },
{ "lusynth.com", true },
+ { "luteijn.biz", true },
{ "luteijn.cloud", true },
{ "luteijn.email", true },
{ "luteijn.pro", true },
@@ -22605,12 +23144,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lutoma.org", true },
{ "luukdebruincv.nl", true },
{ "luukklene.nl", true },
+ { "luukuton.fi", true },
{ "luuppi.fi", true },
{ "luvare.com", true },
{ "luvbridal.com.au", true },
- { "luvplay.co.uk", true },
{ "luxcraft.eng.br", true },
{ "luxescreenprotector.nl", false },
+ { "luxfosdecoenterprise.com", true },
{ "luxsci.com", true },
{ "luxurynsight.net", true },
{ "luxurytimepieces.net", true },
@@ -22624,7 +23164,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "luzfaltex.com", true },
{ "lv.search.yahoo.com", false },
{ "lv0.it", true },
- { "lv5.top", true },
+ { "lvftw.com", true },
+ { "lvguitars.com", true },
{ "lvmoo.com", true },
{ "lvrsystems.com", true },
{ "lw-addons.net", true },
@@ -22636,7 +23177,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lycee-saintjoseph-mesnieres.fr", true },
{ "lychankiet.name.vn", false },
{ "lydudlejning.net", true },
- { "lyfbits.com", true },
{ "lyftrideestimate.com", true },
{ "lykai.ca", true },
{ "lymia.moe", true },
@@ -22656,12 +23196,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lyrical-nonsense.com", true },
{ "lyricfm.ie", true },
{ "lys.ch", true },
+ { "lysdeau.be", true },
{ "lyst.co.uk", true },
{ "lyukaacom.ru", true },
+ { "lyuly.com", true },
{ "lyx.dk", true },
+ { "lzcreation.com", true },
{ "lzh.one", true },
{ "lzwc.nl", true },
- { "lzzr.me", true },
{ "m-22.com", true },
{ "m-chemical.com.hk", true },
{ "m-gh.info", true },
@@ -22680,9 +23222,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "m2epro.com", true },
{ "m2il.co", true },
{ "m2os.com", true },
+ { "m4g.ru", true },
{ "m4rcus.de", true },
{ "ma-eir.nl", true },
- { "ma-plancha.ch", true },
{ "ma2t.com", true },
{ "maartenderaedemaeker.be", true },
{ "maartenvandekamp.nl", true },
@@ -22693,10 +23235,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mabankonline.com", true },
{ "mabulledu.net", true },
{ "mac-i-tea.ch", true },
+ { "mac-service-stockholm.se", true },
+ { "mac-servicen.se", true },
{ "mac.biz.tr", true },
{ "mac1.net", true },
{ "macaw.nl", true },
{ "macaws.org", true },
+ { "macbook.es", true },
{ "maceinturecuir.com", true },
{ "maces-net.de", true },
{ "macgenius.com", true },
@@ -22704,12 +23249,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "macha.cloud", true },
{ "machbach.com", true },
{ "machetewp.com", true },
+ { "machijun.net", true },
{ "machikka.com", false },
{ "machinetransport.com", true },
{ "macht-elektro.de", true },
{ "machtweb.de", true },
{ "machu-picchu.nl", true },
- { "maciespartyhire.co.uk", true },
{ "macil.tech", true },
{ "macinyasha.net", true },
{ "macker.io", true },
@@ -22728,10 +23273,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "macosxfilerecovery.com", true },
{ "macoun.de", true },
{ "macros.co.jp", true },
- { "macstore.pe", true },
+ { "macsupportnacka.se", true },
+ { "macsupportstockholm.se", true },
{ "mactools.com.co", true },
{ "mad.ninja", true },
{ "madae.nl", true },
+ { "madandpissedoff.com", true },
{ "madars.org", false },
{ "madbicicletas.com", true },
{ "madbin.com", true },
@@ -22756,10 +23303,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "madisonent-facialplasticsurgery.com", true },
{ "madisonsquarerealestate.com", true },
{ "madmar.ee", true },
+ { "madmax-store.gr", true },
{ "madoka.nu", true },
{ "madokami.pw", true },
{ "madreacqua.org", true },
{ "madrecha.com", true },
+ { "madreshoy.com", true },
{ "madridartcollection.com", true },
{ "madscientistwebdesign.com", true },
{ "madtec.de", true },
@@ -22773,7 +23322,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "maeplasticsurgery.com", true },
{ "maestrano.com", true },
{ "maff.co.uk", true },
- { "maff.scot", false },
{ "mafia.network", true },
{ "mafiaforum.de", true },
{ "mafiapenguin.club", true },
@@ -22801,10 +23349,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "magical.rocks", true },
{ "magicalcircuslv.com", true },
{ "magicalshuttle.fr", true },
+ { "magicamulet.me", true },
{ "magicbroccoli.de", true },
{ "magiccards.info", true },
{ "magicdaysomagh.co.uk", true },
- { "magickmoments.co.uk", true },
{ "magiclen.org", true },
{ "magicspaceninjapirates.de", true },
{ "magictable.com", true },
@@ -22817,15 +23365,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "magnetpass.uk", true },
{ "magnets.jp", true },
{ "magnettracker.com", true },
+ { "magnificatwellnesscenter.com", true },
{ "magnificentdata.com", true },
{ "magnoliadoulas.com", true },
{ "magnoliastrong.com", true },
{ "magnunbaterias.com.br", true },
+ { "magodaoferta.com.br", true },
{ "magonote-nk.com", true },
{ "magravsitalia.com", true },
{ "magu.kz", true },
{ "maguire.email", true },
{ "magwin.co.uk", true },
+ { "mah-nig.ga", true },
{ "mahai.me", true },
{ "mahatmayoga.org", true },
{ "mahefa.co.uk", true },
@@ -22863,7 +23414,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mainechiro.com", true },
{ "mainframeserver.space", true },
{ "mainlined.org", true },
- { "mainston.com", true },
{ "maintenance-traceur-hp.fr", true },
{ "mainzelmaennchen.net", true },
{ "maioresemelhores.com", true },
@@ -22879,9 +23429,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "maitrise-orthopedique.com", true },
{ "majahoidja.ee", true },
{ "majaweb.cz", true },
- { "majemedia.com", true },
+ { "majemedia.com", false },
{ "majesnix.org", true },
- { "majesticcolorado.com", true },
{ "majid.info", true },
{ "majkassab.com", true },
{ "majkassab.net", true },
@@ -22909,6 +23458,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "makinen.ru", true },
{ "makkusu.photo", true },
{ "makkyon.com", true },
+ { "makos.jp", true },
{ "makowitz.cz", true },
{ "maktoob.search.yahoo.com", false },
{ "maku.edu.tr", true },
@@ -22987,6 +23537,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "manager-efficacement.com", true },
{ "manager.linode.com", false },
{ "managewp.org", true },
+ { "manatees.com.au", true },
{ "manatees.net", true },
{ "manavgabhawala.com", true },
{ "manawill.jp", true },
@@ -23041,12 +23592,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "manualscollection.com", true },
{ "manuel-herrmann.de", true },
{ "manuel-schefczyk.de", true },
- { "manuel7espejo.com", true },
{ "manuelahidalgo.org", true },
{ "manueldopheide.com", true },
{ "manueli.de", true },
{ "manuelpinto.in", false },
{ "manufacturing.gov", true },
+ { "manufacturinginmexico.org", true },
{ "manufacturingusa.com", true },
{ "manuscript.com", true },
{ "manuscriptlink.com", true },
@@ -23058,7 +23609,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "manylots.ru", true },
{ "manyue.org", true },
{ "maoi.re", true },
- { "maomao.blog", true },
{ "maomihz.com", true },
{ "maone.net", true },
{ "maorseo.com", true },
@@ -23069,6 +23619,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "map4jena.de", true },
{ "mapasmundi.com.br", true },
{ "mapblender.com", true },
+ { "mapchange.org", true },
{ "mapeo.io", true },
{ "maplanetebeaute.fr", true },
{ "maplehome.tk", true },
@@ -23077,14 +23628,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mapstack.org", true },
{ "maquettage.com", true },
{ "maquinariaspesadas.org", true },
- { "maquininhamercadopoint.com.br", true },
+ { "maquinasdecoserplus.com", true },
{ "mar-eco.no", true },
{ "marabumadrid.com", false },
+ { "marabunta.io", true },
{ "marakovits.net", true },
{ "marble.com", true },
{ "marbogardenlidkoping.se", true },
+ { "marbree.eu", true },
{ "marc-hammer.de", true },
{ "marc-schlagenhauf.de", true },
+ { "marcaixala.me", true },
{ "marcbeije.com", true },
{ "marcberndtgen.de", true },
{ "marcceleiro.cat", true },
@@ -23106,7 +23660,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "marcelwolf.coach", true },
{ "marcgoertz.de", true },
{ "marche-contre-monsanto.ch", true },
- { "marchhappy.tech", false },
{ "marchukov.com", true },
{ "marchwj.pl", true },
{ "marciaimportados.com.br", true },
@@ -23119,6 +23672,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "marcoherten.com", true },
{ "marcoklomp.nl", true },
{ "marcoslater.com", true },
+ { "marcusds.ca", true },
{ "marcuskoh.com", true },
{ "marcusstafford.com", true },
{ "marechal-company.com", true },
@@ -23128,7 +23682,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "margagriesser.de", true },
{ "margecommunication.com", true },
{ "margo-co.ch", true },
- { "margo.ml", true },
{ "margotlondon.co.uk", true },
{ "margots.biz", true },
{ "margots.life", true },
@@ -23136,12 +23689,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "marguerite-maison.fr", true },
{ "mariacorzo.com", true },
{ "mariage-photo.ch", true },
+ { "mariaheidemann.nl", true },
{ "marianatherapy.com", true },
{ "marianelaisashi.com", true },
{ "marianhoenscheid.de", true },
{ "mariannenan.nl", true },
{ "mariannethijssen.nl", true },
{ "mariapietropola.com", true },
+ { "mariatash.com", true },
+ { "marie-elisabeth.dk", false },
{ "mariehane.com", true },
{ "mariemiramont.fr", true },
{ "mariereichl.cz", true },
@@ -23156,13 +23712,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "marinazarza.es", true },
{ "marinbusinesscenter.ch", true },
{ "marine.gov", true },
- { "marinecadastre.gov", true },
{ "marinekaplama.com", true },
{ "marinela.com.mx", false },
{ "marinelausa.com", false },
{ "marines-shop.com", true },
- { "mario.party", false },
- { "marioabela.com", true },
{ "mariogeckler.de", true },
{ "mariposah.ch", true },
{ "marisamorby.com", false },
@@ -23194,6 +23747,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "marketingbrandingnews.net", true },
{ "marketingco.nl", true },
{ "marketingconverts.com", true },
+ { "marketingeinnovacion.com", true },
{ "marketingforfood.com", true },
{ "marketinggenerators.nl", true },
{ "marketingtrendnews.com", true },
@@ -23218,6 +23772,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "markridgwell.co.uk", true },
{ "markridgwell.com", true },
{ "markridgwellcom.appspot.com", true },
+ { "markrobin.de", true },
{ "markscastles.co.uk", true },
{ "marksm.it", true },
{ "marksmanhomes.com", true },
@@ -23265,6 +23820,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "marshyplay.live", true },
{ "marsikelektro.cz", true },
{ "martasibaja.com", true },
+ { "martel-innovate.com", true },
{ "martelange.ovh", true },
{ "marten-buer.de", true },
{ "martensmxservice.nl", true },
@@ -23282,7 +23838,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "martindimitrov.cz", true },
{ "martine.nu", true },
{ "martineweitweg.de", true },
- { "martingansler.de", true },
+ { "martinfranc.eu", true },
{ "martinkus.eu", true },
{ "martinmuc.de", true },
{ "martinreed.net", true },
@@ -23302,6 +23858,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "marycliffpress.com", true },
{ "maryeclark.com", true },
{ "maryeileen90.party", true },
+ { "maryhaze.net", true },
{ "maryjaneroach.com", true },
{ "maryjruggles.com", true },
{ "marykatrinaphotography.com", true },
@@ -23319,7 +23876,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "masiniunelte.store.ro", true },
{ "masiul.is", true },
{ "maskim.fr", true },
- { "maslife365.com", true },
{ "maslin.io", true },
{ "masrur.org", true },
{ "massaboutique.com", true },
@@ -23338,9 +23894,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "massotherapeutique.com", true },
{ "massvow.com", true },
{ "masta.ch", true },
+ { "mastafu.info", true },
{ "mastah.fr", true },
{ "mastd.me", false },
{ "mastellone.us", true },
+ { "mastepinnelaand.nl", true },
{ "master-net.org", true },
{ "mastercardpac.com", true },
{ "masterdemolitioninc.com", true },
@@ -23351,9 +23909,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "masterpc.co.uk", true },
{ "masterplc.com", true },
{ "masters.black", true },
- { "mastersquirrel.xyz", true },
{ "masterstuff.de", true },
- { "mastiffingles.com.br", true },
{ "mastodon.at", true },
{ "mastodon.host", true },
{ "mastodon.rocks", true },
@@ -23367,7 +23923,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "matcha-iga.jp", true },
{ "matchatea24.com", true },
{ "matchboxdesigngroup.com", true },
- { "matchneedle.com", true },
{ "matdogs.com", true },
{ "matejgroma.com", true },
{ "matel.org", true },
@@ -23384,9 +23939,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "math.hamburg", true },
{ "mathalexservice.info", true },
{ "mathematik.rocks", false },
- { "mathematris.com", true },
{ "mathembedded.com", true },
{ "matheo-schefczyk.de", true },
+ { "matheusmacedo.ddns.net", true },
{ "mathfinder.org", true },
{ "mathhire.org", true },
{ "mathias.is", true },
@@ -23406,7 +23961,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "matildajaneclothing.com", true },
{ "matjaz.it", true },
{ "matlss.com", true },
- { "matmessages.com", true },
{ "matok.me.uk", true },
{ "matome-surume.com", true },
{ "matomeathena.com", true },
@@ -23421,6 +23975,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "matsu-semi.com", true },
{ "matsu-walk.com", true },
{ "matt-brooks.com", true },
+ { "matt-royal.com.cy", true },
{ "matt-royal.gr", true },
{ "matt.re", true },
{ "mattandyana.com", true },
@@ -23434,11 +23989,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mattcorp.com", true },
{ "mattdbarton.com", true },
{ "matteomarescotti.it", true },
+ { "mattessons.co.uk", true },
{ "mattferderer.com", true },
{ "mattfin.ch", true },
{ "mattforster.ca", true },
{ "matthecat.com", true },
- { "matthewchapman.co.uk", true },
+ { "matthewchapman.co.uk", false },
{ "matthewfells.com", true },
{ "matthewgallagher.co.uk", true },
{ "matthewgrow.com", true },
@@ -23462,9 +24018,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mattmccutchen.net", true },
{ "mattmcshane.com", true },
{ "mattonline.me", true },
+ { "mattprojects.com", true },
+ { "mattwservices.co.uk", true },
{ "matviet.vn", true },
{ "matway.com", true },
{ "matway.net", true },
+ { "matze.co", true },
{ "mauerwerkstag.info", true },
{ "mauldincookfence.com", true },
{ "mauran.me", true },
@@ -23490,7 +24049,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "max-went.pl", true },
{ "max.gov", true },
{ "maxb.fm", true },
- { "maxbachmann.de", true },
{ "maxbeenen.de", true },
{ "maxbruckner.de", true },
{ "maxbruckner.org", true },
@@ -23516,6 +24074,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "maxmind.com", true },
{ "maxp.info", true },
{ "maxpl0it.com", true },
+ { "maxr1998.de", true },
{ "maxrandolph.com", true },
{ "maxtruxa.com", true },
{ "maxundlara.at", true },
@@ -23526,6 +24085,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "may24.tw", true },
{ "mayaimplant.com", true },
{ "mayavi.co.in", true },
+ { "maydex.info", true },
{ "mayerbrownllz.com", true },
{ "mayoimobiliare.ro", true },
{ "mayomarquees.com", true },
@@ -23535,6 +24095,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mazda-mps.de", true },
{ "mazda-thermote.com", true },
{ "mazda626.net", true },
+ { "mazdaofgermantown.com", true },
{ "maze.design", false },
{ "maze.fr", true },
{ "mazenjobs.com", true },
@@ -23542,8 +24103,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mazurlabs.tk", true },
{ "mazzotta.me", true },
{ "mb-is.info", true },
- { "mb300sd.com", true },
- { "mb300sd.net", true },
{ "mbaasy.com", true },
{ "mbaestlein.de", true },
{ "mbainflatables.co.uk", true },
@@ -23564,7 +24123,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mbr-net.de", true },
{ "mbrooks.info", true },
{ "mbs-journey.com", true },
- { "mbsec.net", true },
{ "mburaks.com", true },
{ "mburns.duckdns.org", true },
{ "mbweir.com", true },
@@ -23578,9 +24136,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mccoolesredlioninn.com", true },
{ "mccordsvillelocksmith.com", true },
{ "mccrackon.com", true },
- { "mcculloughjchris.com", false },
+ { "mcculloughjchris.com", true },
{ "mcdermottautomotive.com", true },
- { "mcdona1d.me", true },
{ "mcdonalds.be", true },
{ "mcdonalds.design", true },
{ "mce.eu", true },
@@ -23597,7 +24154,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mchel.net", true },
{ "mchopkins.net", true },
{ "mchristopher.com", true },
+ { "mchuiji.com", true },
{ "mcinterface.de", true },
+ { "mcit.gov.ws", true },
{ "mcivor.me", true },
{ "mckenry.net", false },
{ "mckernan.in", true },
@@ -23668,6 +24227,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mecaniquemondor.com", true },
{ "mechanics-schools.com", true },
{ "mechanus.io", true },
+ { "mechaspartans6648.com", true },
{ "mechmk1.me", true },
{ "med-colleges.com", true },
{ "med-otzyv.ru", true },
@@ -23678,6 +24238,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "meddelare.com", true },
{ "meddigital.com", false },
{ "mede-handover.azurewebsites.net", true },
+ { "medecine-esthetique-du-calaisis.fr", true },
{ "medeinos.lt", true },
{ "medellinapartamentos.com", true },
{ "medexpress.co.uk", true },
@@ -23694,6 +24255,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mediabackoffice.co.jp", true },
{ "mediablaster.com", true },
{ "mediabm.jp", true },
+ { "mediabogen.net", true },
{ "mediaburst.co.uk", true },
{ "mediadex.be", true },
{ "mediaexpert.fr", true },
@@ -23707,6 +24269,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "medialab.nrw", true },
{ "mediamarkt.pl", true },
{ "mediapart.fr", true },
+ { "mediapath.gr", true },
{ "mediarithmics.com", true },
{ "mediarithmics.io", true },
{ "mediarocks.de", true },
@@ -23735,6 +24298,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "medifi.com", true },
{ "medigap-quote.net", true },
{ "medik8.com.cy", true },
+ { "medikalakademi.com.tr", true },
{ "medikuma.com", true },
{ "medino.com", true },
{ "medinside.ch", true },
@@ -23780,13 +24344,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "meetingmanage.nl", true },
{ "meetingmanager.ovh", true },
{ "meetings2.com", true },
- { "meetmibaby.co.uk", true },
{ "meetmygoods.com", true },
{ "meetscompany.jp", true },
{ "meeusen-usedcars.be", true },
{ "meeztertom.nl", true },
{ "meg-a-bounce.co.uk", true },
- { "mega-aukcion.ru", true },
{ "mega-byte.nl", true },
{ "mega-feeling.de", true },
{ "mega.co.nz", true },
@@ -23795,12 +24357,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "megabounce.co.uk", true },
{ "megabounceni.co.uk", true },
{ "megabouncingcastles.com", true },
+ { "megafilmesplay.net", true },
{ "megaflowers.ru", true },
{ "megagifs.de", true },
{ "megainflatables.co.uk", true },
{ "megakoncert90.cz", true },
- { "megamarkey.de", true },
{ "megamisja.pl", true },
+ { "megamp3.eu", true },
{ "meganandmarc.us", true },
{ "meganreel.com", false },
{ "megapixel.cz", true },
@@ -23824,6 +24387,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mehr-schulferien.de", true },
{ "mehrleben.at", true },
{ "mehrwert.de", true },
+ { "meia.ir", true },
{ "meierhofer.net", true },
{ "meikan.moe", true },
{ "meillard-auto-ecole.ch", true },
@@ -23837,7 +24401,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "meine-email-im.net", true },
{ "meine-finanzanalyse.de", true },
{ "meine-immofinanzierung.de", true },
- { "meine-plancha.ch", true },
{ "meinezwangsversteigerung.de", true },
{ "meinstartinsleben.com", true },
{ "meinstartinsleben.de", true },
@@ -23845,7 +24408,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "meinv.asia", true },
{ "meiqia.cn", true },
{ "meiqia.com", true },
+ { "meisterlabs.com", true },
+ { "meistertask.com", true },
{ "meitan.gz.cn", true },
+ { "mekatro.tech", true },
{ "mekatrotekno.com", true },
{ "mekesh.com", true },
{ "mekesh.net", true },
@@ -23867,7 +24433,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "melissaadkins.com", true },
{ "melissaauclaire.com", true },
{ "melissameuwszen.nl", true },
- { "melitopol.co.ua", true },
{ "melnessgroup.com", true },
{ "melnikov.ch", true },
{ "melodicprogressivehouse.com", true },
@@ -23878,11 +24443,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "melodrom.de", true },
{ "melopie.com", true },
{ "melted.me", true },
- { "meltzow.net", true },
{ "members-arbourlake.com", true },
{ "members-only-shopping.com", true },
{ "members.nearlyfreespeech.net", false },
{ "membershipservices.org.uk", true },
+ { "memberstweets.com", true },
{ "meme-photostudio.com.tw", true },
{ "meme.fi", true },
{ "meme.institute", true },
@@ -23905,10 +24470,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "menielias.com", true },
{ "menkyo-blog.com", true },
{ "mennace.com", true },
- { "menntagatt.is", true },
{ "menole.com", true },
{ "menole.de", true },
{ "menole.net", true },
+ { "menotag.com", true },
{ "mensagemaniversario.com.br", true },
{ "mensagemdaluz.com", true },
{ "mensagensaniversario.com.br", true },
@@ -23918,11 +24483,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mentalhealthmn.org", true },
{ "mentaltraining-fuer-musiker.ch", true },
{ "mentiq.az", true },
- { "mentorithm.com", true },
{ "mentz.info", true },
{ "menudieta.com", true },
+ { "menuel.me", true },
{ "menuonlineordering.com", true },
- { "menzel-motors.com", true },
{ "menzietti.it", true },
{ "mephedrone.org", true },
{ "meps.net", true },
@@ -23934,6 +24498,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mercadobitcoin.net", true },
{ "mercadoleal.com.br", true },
{ "mercadopago.com", true },
+ { "mercamaris.es", true },
{ "mercari.com", true },
{ "mercedes-benz.io", true },
{ "mercedes-ig.de", true },
@@ -23948,6 +24513,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "meremobil.dk", true },
{ "merenbach.com", true },
{ "merenita.com", true },
+ { "merenita.eu", true },
{ "merenita.net", true },
{ "merenita.nl", true },
{ "meric-graphisme.info", true },
@@ -24005,9 +24571,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "metasquare.nyc", true },
{ "metasysteminfo.com", true },
{ "metaurl.io", true },
+ { "metavetted.com", true },
{ "metaword.com", true },
{ "metaword.net", true },
{ "metaword.org", true },
+ { "metebalci.com", false },
{ "meteenonline.nl", true },
{ "meteo-parc.com", true },
{ "meteo-r.ovh", true },
@@ -24024,6 +24592,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "meteorologiaenred.com", true },
{ "meteosherbrooke.com", true },
{ "meteosmit.it", true },
+ { "meter.md", true },
{ "meterhost.com", true },
{ "methamphetamine.co.uk", true },
{ "methylone.com", true },
@@ -24036,6 +24605,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "metrolush.com", true },
{ "metron-eging.com", true },
{ "metron-networks.com", true },
+ { "metron-online.com", true },
{ "metronaut.de", true },
{ "metropop.ch", true },
{ "metsasta.com", true },
@@ -24058,7 +24628,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mfits.co.uk", true },
{ "mflodin.se", true },
{ "mfxbe.de", true },
- { "mfz.mk", true },
+ { "mfxxx.cn", true },
{ "mgi.gov", true },
{ "mgknet.com", true },
{ "mglink.be", true },
@@ -24081,6 +24651,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mi80.com", true },
{ "miadennees.com", true },
{ "miagexport.com", true },
+ { "mialquilerdecoches.com", true },
{ "miaonagemi.com", true },
{ "miaoubox.com", true },
{ "miaowo.org", true },
@@ -24098,7 +24669,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "michaelasawyer.com", true },
{ "michaelband.co", true },
{ "michaelband.com", true },
- { "michaelcullen.name", true },
{ "michaeleichorn.com", true },
{ "michaelhrehor.com", true },
{ "michaeliscorp.com", true },
@@ -24122,12 +24692,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "michal-s.net", true },
{ "michal-spacek.com", true },
{ "michal-spacek.cz", true },
+ { "michalp.pl", true },
{ "michalspacek.com", true },
{ "michalspacek.cz", true },
{ "michalwiglasz.cz", true },
{ "michaonline.de", true },
{ "michel-wein.de", true },
+ { "michele.ml", true },
{ "michellavat.com", true },
+ { "michelskovbo.dk", true },
{ "michiganstateuniversityonline.com", true },
{ "michiganunionoptout.com", true },
{ "michmexguides.com.mx", true },
@@ -24135,6 +24708,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mickelvaessen.com", true },
{ "micomi.co", true },
{ "miconcinemas.com", true },
+ { "micopal.com", true },
{ "micr.io", true },
{ "micr0lab.org", true },
{ "microbiote-insectes-vecteurs.group", true },
@@ -24144,13 +24718,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "microlinks.org", true },
{ "microlog.org", true },
{ "micromata.de", true },
+ { "microneedlingstudio.se", true },
{ "microsoftaffiliates.azurewebsites.net", true },
{ "microvb.com", true },
+ { "microwesen.de", true },
{ "microzubr.com", true },
{ "midair.io", true },
{ "midasjewellery.com.au", true },
{ "midgawash.com", true },
{ "midislandrealty.com", true },
+ { "midistop.org", true },
{ "midkam.ca", true },
{ "midlandgate.de", true },
{ "midlandleisuresales.co.uk", true },
@@ -24163,6 +24740,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "midnightmango.de", true },
{ "midnightmechanism.com", true },
{ "midrandplumber24-7.co.za", true },
+ { "midress.club", true },
{ "midstatebasement.com", true },
{ "midtowndentistry.com", true },
{ "midwestbloggers.org", true },
@@ -24181,6 +24759,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "miguel.pw", true },
{ "migueldemoura.com", true },
{ "migueldominguez.ch", true },
+ { "miguelgaton.es", true },
{ "miguelmartinez.ch", true },
{ "miguelmenendez.pro", true },
{ "miguelmoura.com", true },
@@ -24189,7 +24768,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mijailovic.net", true },
{ "mijcorijneveld.nl", true },
{ "mijn-financien.be", true },
- { "mijnavg.eu", true },
{ "mijnetickets.nl", false },
{ "mijnetz.nl", true },
{ "mijnkerstkaarten.be", true },
@@ -24236,18 +24814,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mikonmaa.fi", true },
{ "mikropixel.de", true },
{ "mikroskeem.eu", true },
- { "miku.cloud", true },
- { "miku.party", true },
{ "mikumaycry.com", true },
- { "mikumiku.stream", true },
{ "mikupic.com", true },
{ "mikywow.eu", true },
{ "mil-spec.ch", true },
{ "mil0.com", true },
{ "milania.de", true },
- { "milanpala.cz", false },
{ "milanstephan.de", true },
{ "milcahsmusings.com", true },
+ { "milchbuchstabe.de", true },
{ "mileme.com", true },
{ "milenaria.es", true },
{ "milesapart.dating", true },
@@ -24255,7 +24830,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "milionshop.sk", true },
{ "milkandcookies.ca", true },
{ "milkingit.co.uk", true },
- { "milktea.info", true },
{ "millanova.wedding", false },
{ "milldyke.com", true },
{ "milldyke.nl", true },
@@ -24279,6 +24853,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "millions19.com", true },
{ "millions20.com", true },
{ "millions22.com", true },
+ { "millions25.com", true },
+ { "millions26.com", true },
+ { "millions27.com", true },
{ "millions28.com", true },
{ "millions29.com", true },
{ "millions31.com", true },
@@ -24322,6 +24899,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "millions9.com", true },
{ "millions99.com", true },
{ "millistream.com", true },
+ { "milnes.org", true },
{ "milsonhypnotherapyservices.com", true },
{ "mim.am", true },
{ "mimemo.io", true },
@@ -24331,6 +24909,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mimobile.website", true },
{ "mimocad.io", true },
{ "mimovrste.com", true },
+ { "min-datorsupport.se", true },
{ "min-sky.no", true },
{ "minakov.pro", true },
{ "minakova.pro", true },
@@ -24340,11 +24919,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mind-box.ch", true },
{ "mind-hochschul-netzwerk.de", true },
{ "mind-moves.es", true },
- { "mindbodytherapymn.com", true },
+ { "mindatasupport.nu", true },
+ { "mindatasupport.se", true },
{ "mindcoding.ro", true },
{ "mindercasso.nl", true },
{ "mindfactory.de", true },
{ "mindleaking.org", true },
+ { "mindmeister.com", true },
{ "mindoktor.se", false },
{ "mindorbs.com", true },
{ "mindox.com.br", true },
@@ -24363,6 +24944,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "minehub.de", true },
{ "minei.me", true },
{ "minenash.com", true },
+ { "minepack.net", true },
{ "minepay.net", true },
{ "minepic.org", true },
{ "minepod.fr", true },
@@ -24374,7 +24956,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "minf3-games.de", true },
{ "minfin.gov.ua", true },
{ "mingky.net", true },
- { "mingming.info", true },
{ "mingram.net", true },
{ "mingtreerealty.com", true },
{ "mingwah.ch", true },
@@ -24396,6 +24977,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ministeriumfuerinternet.de", true },
{ "minitruckin.net", true },
{ "minitrucktalk.com", true },
+ { "minivaro.de", true },
{ "miniwallaby.com", true },
{ "minkymoon.jp", true },
{ "minnesotakinkyyouth.org", true },
@@ -24403,6 +24985,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "minnesotareadingcorps.org", true },
{ "minnit.chat", true },
{ "minobar.com", true },
+ { "minorshadows.net", true },
{ "minpingvin.dk", true },
{ "minschuns.ch", true },
{ "mintclass.com", true },
@@ -24429,7 +25012,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mirepublic.co.nz", true },
{ "mireservaonline.es", true },
{ "mirfire.com", true },
- { "mirjamderijk.nl", false },
{ "mirkofranz.de", true },
{ "mironet.cz", true },
{ "mirrorbot.ga", true },
@@ -24437,6 +25019,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mirshak.com", true },
{ "mirtes.cz", true },
{ "mirtouf.fr", true },
+ { "misakacloud.net", true },
{ "misakiya.co.jp", true },
{ "misanci.cz", true },
{ "misclick.nl", true },
@@ -24465,12 +25048,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "missualready.com", true },
{ "missyou.link", true },
{ "mistacms.com", true },
- { "mister-cooks.fr", true },
{ "mister-matthew.de", true },
{ "mistreaded.com", true },
{ "mistybox.com", true },
{ "misupport.dk", true },
{ "misura.re", true },
+ { "misuzu.moe", true },
+ { "misxvenelantro.com", true },
{ "mit-dem-rad-zur-arbeit.de", true },
{ "mit-dem-rad-zur-uni.de", true },
{ "mit-uns.org", true },
@@ -24499,7 +25083,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mitylite.com", true },
{ "mitzpettel.com", true },
{ "miui-germany.de", true },
- { "mivestuariolaboral.com", true },
{ "mivzak.im", true },
{ "mivzakim.biz", true },
{ "mivzakim.info", true },
@@ -24507,7 +25090,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mivzakim.net", true },
{ "mivzakim.org", true },
{ "mivzakim.tv", true },
- { "mivzaklive.co.il", true },
{ "miweb.cr", false },
{ "mixinglight.com", true },
{ "mixnshake.com", true },
@@ -24524,11 +25106,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mizu.coffee", true },
{ "mizucoffee.net", true },
{ "mizuho-trade.net", true },
- { "mizumax.me", true },
{ "mj420.com", true },
{ "mjacobson.net", true },
{ "mjanja.ch", true },
{ "mjasm.org", true },
+ { "mjec.net", true },
{ "mjlaurindo.pt", true },
{ "mjmedia.co.za", true },
{ "mjmnagy.info", true },
@@ -24561,18 +25143,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mkset.ru", true },
{ "mktdigital.info", true },
{ "mktemp.org", true },
+ { "mkuznets.com", true },
{ "mlarte.com", true },
{ "mlcnfriends.com", true },
{ "mlemay.com", true },
- { "mlfaw.com", true },
- { "mlii.net", true },
{ "mlmjam.com", true },
{ "mlp.ee", true },
{ "mlpvector.club", true },
{ "mlundberg.se", true },
{ "mlvbphotography.com", true },
{ "mlytics.com", true },
- { "mm13.at", true },
{ "mm404.com", true },
{ "mma-acareporting.com", true },
{ "mmalisz.com", true },
@@ -24586,9 +25166,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mms.is", true },
{ "mmt.my", true },
{ "mmucha.de", true },
- { "mna7e.com", true },
{ "mncloud.de", true },
{ "mncr.nl", true },
+ { "mnd.sc", true },
{ "mne.moe", true },
{ "mnedc.org", true },
{ "mnemonic.ninja", true },
@@ -24605,8 +25185,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mo.nl", true },
{ "mo2021.de", true },
{ "moa.moe", true },
+ { "moahmo.com", true },
{ "mobal.com", true },
- { "mobi4.tk", true },
{ "mobidea.com", true },
{ "mobifinans.ru", true },
{ "mobil-bei-uns.de", true },
@@ -24648,6 +25228,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "modafinil.wiki", true },
{ "modafo.com", true },
{ "modalogi.com", true },
+ { "modav.org", true },
{ "modcasts.video", true },
{ "modding-forum.com", true },
{ "modding-welt.com", true },
@@ -24679,15 +25260,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "module.market", true },
{ "modulex-gmbh.de", true },
{ "moe-max.jp", true },
- { "moeali.com", true },
+ { "moebel-vergleichen.com", true },
{ "moechel.com", true },
{ "moeclue.com", true },
{ "moefactory.com", true },
{ "moehrke.cc", true },
{ "moekes.amsterdam", true },
{ "moeking.me", true },
- { "moeli.org", true },
{ "moellers.systems", true },
+ { "moenew.top", true },
{ "moeqing.net", true },
{ "moetrack.com", true },
{ "moeyoo.net", true },
@@ -24695,6 +25276,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "moha-swiss.com", true },
{ "mohanmekap.com", true },
{ "mohela.com", true },
+ { "mohr-maschinenservice.de", true },
{ "moin.jp", true },
{ "moipourtoit.ch", true },
{ "moipourtoit.com", true },
@@ -24713,6 +25295,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mojzis.com", true },
{ "mojzis.cz", true },
{ "mojzisova.com", true },
+ { "mok.pw", true },
{ "mokeedev.review", true },
{ "mokhtarmial.com", false },
{ "mokote.com", true },
@@ -24721,6 +25304,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "molecularbiosystems.org", true },
{ "molinero.xyz", true },
{ "mollaretsmeningitis.org", true },
+ { "mollie.com", true },
+ { "molokai.org", true },
{ "molti.hu", true },
{ "molun.net", false },
{ "molunerfinn.com", true },
@@ -24777,7 +25362,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "monlabs.com", true },
{ "monloyer.quebec", true },
{ "monnyonle.hu", true },
- { "mono.cafe", false },
+ { "mono.cafe", true },
{ "mono0x.net", true },
{ "monobank.no", true },
{ "monodukuri.com", true },
@@ -24793,6 +25378,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "monpermisvoiture.com", true },
{ "monpetitforfait.com", true },
{ "monpetitmobile.com", true },
+ { "monsieurbureau.com", true },
{ "monsieursavon.ch", true },
{ "monstermashentertainments.co.uk", true },
{ "monsterx.cn", true },
@@ -24807,6 +25393,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "montemanik.com", true },
{ "montenero.pl", true },
{ "montessori.edu.vn", true },
+ { "montgomeryfirm.com", true },
{ "montgomerysoccer.net", true },
{ "montopolis.com", true },
{ "montpreveyres.ch", true },
@@ -24829,7 +25416,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "moonchart.co.uk", true },
{ "moondrop.org", true },
{ "moonkin.eu", true },
- { "moonlightcapital.ml", true },
{ "moonmelo.com", true },
{ "moonraptor.co.uk", true },
{ "moonraptor.com", true },
@@ -24854,6 +25440,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "moparisthebest.org", true },
{ "moparscape.net", true },
{ "mopedreifen.de", false },
+ { "mopie.de", true },
{ "mople71.cz", true },
{ "moppeleinhorn.de", true },
{ "moppy.org", true },
@@ -24864,10 +25451,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "morbotron.com", true },
{ "morchino.ch", true },
{ "morchstore.com", true },
+ { "mordrum.com", true },
{ "more-hikkoshi.com", true },
{ "more-terrain.de", true },
{ "moreal.co", true },
- { "moreapp.co.uk", true },
{ "moreniche.com", true },
{ "morepablo.com", true },
{ "morepay.cn", true },
@@ -24879,7 +25466,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "morgansjewelerspv.com", true },
{ "morgansleisure.co.uk", true },
{ "morgner.com", true },
- { "morhys.com", true },
{ "moritz-baestlein.de", true },
{ "moritztremmel.de", true },
{ "moriz.de", true },
@@ -24909,7 +25495,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mosshi.be", true },
{ "mosstier.com", true },
{ "mostholynameofjesus.org", true },
- { "mostlikelyto.fail", true },
{ "mostlyoverhead.com", true },
{ "motd.ch", true },
{ "motd.today", true },
@@ -24920,6 +25505,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "motekmedical.com", true },
{ "motekmedical.eu", true },
{ "motekmedical.nl", true },
+ { "motekrysen.com", true },
{ "moteksystems.com", true },
{ "motezazer.fr", true },
{ "mothereff.in", false },
@@ -24939,6 +25525,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "motostorie.blog", false },
{ "motovated.co.nz", true },
{ "motowilliams.com", true },
+ { "motransportinfo.com", true },
{ "motstats.co.uk", true },
{ "moulinaparoles.ca", true },
{ "mountain-rock.ru", true },
@@ -24947,11 +25534,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mountainroseherbs.com", true },
{ "mountainspringsrentals.ca", true },
{ "mountfarmer.de", true },
- { "mousemessages.com", true },
+ { "mousepotato.uk", true },
{ "moutiezhaller.com", true },
{ "movacare.de", true },
{ "move.mil", true },
- { "moveisfit.com.br", true },
+ { "moveltix.net", true },
{ "movember.com", false },
{ "movewellnesslab.com", true },
{ "movie-cross.net", true },
@@ -24965,7 +25552,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "movienized.de", true },
{ "moviepilot.com", true },
{ "moviesetc.net", true },
- { "moviespur.info", false },
{ "moviko.nz", true },
{ "movil.uno", true },
{ "moviltronix.com", true },
@@ -24977,7 +25563,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "moy.cat", true },
{ "moyer.pub", true },
{ "moylen.eu", true },
- { "moyoo.net", true },
{ "mozartgroup.hu", true },
{ "mozektevidi.net", true },
{ "mozilla.cz", true },
@@ -24988,10 +25573,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mpcompliance.com", true },
{ "mpetroff.net", true },
{ "mpg-universal.com", true },
- { "mpg.ovh", true },
{ "mpgaming.pro", true },
- { "mphoto.at", true },
- { "mpintaamalabanna.it", true },
{ "mpkrachtig.nl", true },
{ "mpkshop.com.br", true },
{ "mplanetphl.fr", true },
@@ -24999,19 +25581,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mplicka.cz", true },
{ "mplusm.eu", true },
{ "mpnpokertour.com", true },
- { "mpodraza.pl", true },
{ "mprsco.eu", true },
{ "mpsgarage.com.au", true },
{ "mpsoundcraft.com", true },
{ "mpu-vorbereitung.com", true },
- { "mpy.ovh", true },
{ "mr-anderson.org", true },
{ "mr-designer-oman.com", true },
- { "mr-labo.jp", true },
{ "mr-nachhilfe.de", true },
{ "mr-wolf.nl", false },
- { "mr3.io", true },
- { "mrazek.biz", true },
{ "mrbmafrica.com", true },
{ "mrbounce.com", true },
{ "mrbouncescrazycastles.co.uk", true },
@@ -25025,6 +25602,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mrevolution.eu", true },
{ "mrgasfires.co.uk", true },
{ "mrgiveaways.com", true },
+ { "mrhc.ru", true },
{ "mrinalpurohit.in", true },
{ "mrjhnsn.com", true },
{ "mrjooz.com", true },
@@ -25046,7 +25624,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mrv.li", true },
{ "mrx.one", true },
{ "mrxn.net", true },
- { "ms-alternativ.de", true },
{ "ms-ch.ch", true },
{ "ms-host.fr", true },
{ "msa-aesch.ch", true },
@@ -25064,7 +25641,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "msmails.de", true },
{ "msno.no", true },
{ "msnr.net", true },
- { "msopopop.cn", true },
{ "mspsocial.net", true },
{ "msquadrat.de", true },
{ "msroot.de", true },
@@ -25082,11 +25658,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mt-bank.jp", true },
{ "mt.search.yahoo.com", false },
{ "mt2414.com", true },
+ { "mta.fail", true },
{ "mta.org.ua", true },
{ "mtane0412.com", true },
{ "mtasa.com", true },
{ "mtasa.hu", true },
{ "mtauburnassociates.com", true },
+ { "mtb.wtf", true },
{ "mtcq.jp", true },
{ "mtd.org", true },
{ "mtg-tutor.de", true },
@@ -25103,6 +25681,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mtltransport.com", true },
{ "mtnz.co.za", true },
{ "mtouch.facebook.com", false },
+ { "mtravelers.net", true },
{ "mtrip.com", true },
{ "mtrock.ru", true },
{ "mts-energia.eu", true },
@@ -25119,14 +25698,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mud-status.de", true },
{ "mudbenesov.cz", true },
{ "mudcrab.us", false },
- { "mudgezero.one", true },
{ "muehlemann.net", true },
- { "muel.io", true },
{ "muelhau.pt", true },
{ "muell-weg.de", true },
{ "muellapp.com", true },
{ "muenchberger.com", true },
- { "muenzubi.de", true },
{ "mufibot.net", true },
{ "muguayuan.com", true },
{ "muh.io", true },
@@ -25171,11 +25747,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "munch.me", true },
{ "munchcorp.com", true },
{ "mundoarabe.com.br", true },
+ { "mundoconejos.com", true },
{ "mundodapoesia.com", true },
{ "mundodasmensagens.com", true },
+ { "mundodoscarbonos.com.br", true },
+ { "mundogamers.top", true },
{ "mundokinderland.com.br", true },
{ "mundolarraz.es", true },
{ "mundomagicotv.com", true },
+ { "mundoperros.es", true },
+ { "mundotortugas.com", true },
{ "mundschenk.at", true },
{ "mundtec.com.br", true },
{ "munduch.cz", true },
@@ -25190,7 +25771,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "murashun.jp", true },
{ "muratore-roma.it", true },
{ "murfy.nz", true },
- { "murgi.de", true },
{ "murmel.it", false },
{ "murof.com.br", true },
{ "murray.xyz", true },
@@ -25211,6 +25791,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "music-project.eu", true },
{ "music-world.pl", true },
{ "music.amazon.com", true },
+ { "musica.com", true },
{ "musicalive.nl", true },
{ "musicall.com", true },
{ "musicalschwarzenburg.ch", true },
@@ -25218,11 +25799,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "musicasbr.com.br", true },
{ "musicchris.de", true },
{ "musicdemons.com", true },
+ { "musicfromgod.com", true },
{ "musicgamegalaxy.de", true },
{ "musician.dating", true },
{ "musickhouseleveling.com", true },
{ "musicompare.com", true },
{ "musicschoolonline.com", true },
+ { "musicstudio.pro", true },
{ "musicwear.cz", true },
{ "musicworkout.de", true },
{ "musik-mentaltraining.ch", true },
@@ -25252,7 +25835,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mutuals.cool", true },
{ "mutuelle.fr", true },
{ "muurlingoogzorg.nl", true },
- { "muusika.fun", true },
{ "muusikoiden.net", true },
{ "muwatenraqamy.org", true },
{ "muz2u.ru", true },
@@ -25269,6 +25851,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mvp-stars.com", true },
{ "mw.search.yahoo.com", false },
{ "mwainc.org", true },
+ { "mwalz.com", true },
{ "mware-staging.azurewebsites.net", true },
{ "mwavuli.co.ke", true },
{ "mwba.org", true },
@@ -25281,9 +25864,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mx.org.ua", true },
{ "mx.search.yahoo.com", false },
{ "mx5international.com", true },
+ { "mxdanggui.org", true },
{ "mxihan.xyz", true },
{ "mxn8.com", true },
- { "mxp.tw", true },
{ "my-aftershave-store.co.uk", true },
{ "my-best-wishes.com", true },
{ "my-cdn.de", true },
@@ -25299,9 +25882,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "my-ip.work", true },
{ "my-new-bikini.de", true },
{ "my-nextcloud.at", true },
- { "my-plancha.ch", true },
- { "my-static-demo-808795.c.cdn77.org", true },
- { "my-static-live-808795.c.cdn77.org", true },
{ "my-stuff-online.com", true },
{ "my.onlime.ch", false },
{ "my.usa.gov", false },
@@ -25334,11 +25914,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mybodylife.com", true },
{ "mybon.at", false },
{ "mybonfire.com", true },
+ { "myboothang.com", true },
{ "mybreastcancerjourney.com", true },
+ { "mybus.ro", true },
{ "mybusiness.wien", true },
{ "mycamda.com", true },
{ "mycard.moe", true },
{ "mycareersfuture.sg", true },
+ { "mycarwashers.com", true },
+ { "mycc.be", true },
{ "mycieokien.info", false },
{ "mycinema.pro", true },
{ "mycircleworks.com", true },
@@ -25359,8 +25943,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mycrypnet.io", true },
{ "mycrypto.com", true },
{ "mycrystalgrove.com", true },
+ { "mycuco.it", true },
{ "mycustomwriting.com", true },
{ "mydarkstar.net", true },
+ { "mydatadoneright.eu", true },
{ "mydaywebapp.com", true },
{ "mydebian.in.ua", true },
{ "mydentalplan.gr", true },
@@ -25374,13 +25960,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mydomaindesk.com", true },
{ "mydreamlifelab.com", true },
{ "mydreamshaadi.in", true },
- { "mydrone.services", true },
{ "mydroneservices.ca", true },
{ "mydroneservices.com", true },
+ { "myeasybooking.de", true },
{ "myeberspaecher.com", true },
{ "myeffect.today", true },
{ "myeisenbahn.de", true },
- { "myeml.net", false },
{ "myetherwallet.com", true },
{ "myf.cloud", true },
{ "myfantasysportstalk.com", true },
@@ -25395,7 +25980,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mygallery.homelinux.net", true },
{ "mygate.at", false },
{ "mygedit.com", true },
- { "mygeneral.org", true },
{ "mygeotrip.com", true },
{ "mygest.me", true },
{ "mygigabitnation.com", true },
@@ -25405,7 +25989,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mygoldennetwork.com", true },
{ "mygreatjobs.de", true },
{ "mygreatlakes.org", true },
- { "mygreenrecipes.com", true },
{ "mygretchen.de", true },
{ "mygrotto.org", true },
{ "mygymer.ch", true },
@@ -25432,6 +26015,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mylifeabundant.com", true },
{ "mylittlechat.ru", true },
{ "myliveupdates.com", true },
+ { "myloan.hk", true },
{ "mylookout.com", false },
{ "mylstrom.com", true },
{ "mylucknursinghome.com", true },
@@ -25459,6 +26043,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mynook.info", false },
{ "mynortherngarden.com", true },
{ "myonline.hu", true },
+ { "myonline.store", true },
{ "myonlinevehicleinsurance.com", true },
{ "myoptumhealthcomplexmedical.com", true },
{ "myoptumhealthparentsteps.com", true },
@@ -25468,14 +26053,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "myownconference.cloud", true },
{ "myownconference.com", true },
{ "myownconference.com.ua", true },
- { "myownconference.es", true },
{ "myownconference.pl", true },
- { "myownconference.pt", true },
{ "myownconference.ru", true },
{ "myowndisk.com", true },
{ "myowndisk.net", true },
{ "myownwebinar.com", true },
{ "mypaperdone.com", true },
+ { "mypartnernews.com", true },
{ "mypartybynoelia.es", true },
{ "mypayoffloan.com", true },
{ "mypcqq.cc", true },
@@ -25553,17 +26137,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "myrewardspoints.com", true },
{ "myriadof.com", true },
{ "myrig.com", true },
- { "myrig.net", true },
+ { "myrnabiondo.com.br", true },
{ "myrotvorets.center", true },
{ "myrotvorets.news", true },
{ "myrp.co", true },
+ { "mysber.ru", true },
{ "myschoolphoto.org", true },
{ "myseatime.com", true },
- { "mysecretcase.com", false },
{ "mysectools.org", true },
{ "myself5.de", true },
- { "myseo.ga", true },
- { "myserv.one", true },
{ "myservicearl.com", true },
{ "myseu.cn", true },
{ "mysexydate24.com", true },
@@ -25579,10 +26161,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "myspicer.com", true },
{ "mysqldump-secure.org", true },
{ "myssl.com", true },
- { "mystatus24.com", false },
{ "mysteriouscode.io", true },
{ "mysterydata.com", true },
{ "mysterymind.ch", true },
+ { "mysterysear.ch", true },
{ "mystic-welten.de", true },
{ "mystickphysick.com", true },
{ "mysticplumes.com", true },
@@ -25605,7 +26187,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mytty.net", true },
{ "mytuleap.com", false },
{ "mytun.com", true },
- { "mytweeps.com", true },
{ "myulog.net", true },
{ "myunox.com", true },
{ "myupdatestar.com", true },
@@ -25621,6 +26202,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mywari.com", true },
{ "mywebmanager.co.uk", true },
{ "mywebpanel.eu", true },
+ { "mywebpanel.nl", true },
{ "myweddingaway.co.uk", true },
{ "myweddingreceptionideas.com", true },
{ "myworkinfo.com", false },
@@ -25633,6 +26215,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mz-mz.net", true },
{ "mza.com", true },
{ "mzh.io", true },
+ { "mziulu.me", false },
{ "mzmtech.com", true },
{ "mznet.de", true },
{ "mzstatic.cc", true },
@@ -25648,20 +26231,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "n0paste.tk", false },
{ "n0psled.nl", true },
{ "n26.com", true },
+ { "n2diving.net", true },
{ "n2servers.com", true },
{ "n4v.eu", true },
{ "n5118.com", true },
{ "n6a.net", true },
- { "n8ch.net", true },
{ "n8mgt.com", true },
{ "n8nvi.com", true },
{ "n8solutions.net", true },
+ { "n8solutions.us", true },
{ "na-school.nl", true },
{ "naahgluck.de", true },
{ "naam.me", true },
{ "nabaleka.com", true },
{ "nabankco.com", true },
{ "nabidkamajetku.cz", true },
+ { "nabidkydnes.cz", true },
{ "nabytek-valmo.cz", true },
{ "nacfit.com", true },
{ "nachsendeauftrag.net", true },
@@ -25675,12 +26260,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nadejeproninu.cz", true },
{ "nadelholzkulturen.de", true },
{ "naders.com", true },
+ { "nadiafourcade-photographie.fr", true },
{ "nadine-chaudier.net", true },
{ "nadsandgams.com", true },
{ "nadyaolcer.fr", true },
{ "nafod.net", true },
{ "naga-semi.com", true },
- { "nagajanroshiya.info", true },
{ "nagashi.ma", false },
{ "nagaya.biz", true },
{ "nagb.gov", true },
@@ -25691,6 +26276,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nah.nz", true },
{ "nah.re", true },
{ "nahura.com", true },
+ { "nai-job.jp", true },
{ "nailattitude.ch", true },
{ "nailchiodo.com", true },
{ "nailsalon-aztplus.com", true },
@@ -25702,11 +26288,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "najany.fr", true },
{ "najany.nl", true },
{ "najany.se", true },
+ { "naji-astier.com", true },
{ "nakada4610.com", true },
{ "nakalabo.jp", true },
{ "nakama.tv", true },
{ "nakandya.com", true },
- { "nakanishi-paint.com", true },
{ "nakayama.systems", true },
{ "nakedalarmclock.me", true },
{ "nakedtruthbeauty.com", true },
@@ -25728,6 +26314,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "namethissymbol.com", true },
{ "nametiles.co", true },
{ "nami.bo", true },
+ { "nami.exchange", true },
{ "nami.trade", true },
{ "naminam.de", true },
{ "namrs.net", true },
@@ -25741,12 +26328,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nandex.org", true },
{ "nange.cn", true },
{ "nange.co", true },
- { "nani.io", true },
{ "nankiseamansclub.com", true },
{ "nannytax.ca", true },
+ { "nano.voting", true },
{ "nanofy.org", true },
{ "nanogi.ga", true },
+ { "nanollet.org", true },
{ "nanotechnologist.com", true },
+ { "nanotechnologysolutions.com.au", true },
{ "nanotechtorsion.com", true },
{ "nanovolt.nl", true },
{ "nanowallet.io", true },
@@ -25785,7 +26374,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nasbi.pl", true },
{ "nasbnation.com", false },
{ "nascio.org", true },
- { "naseco.se", true },
{ "nashdistribution.com", true },
{ "nashikmatka.com", true },
{ "nashira.cz", true },
@@ -25793,25 +26381,26 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nashvillelidsurgery.com", true },
{ "nashzhou.me", true },
{ "nasrsolar.com", true },
- { "nassi.me", true },
{ "nastoletni.pl", true },
{ "nataldigital.com", true },
{ "nataliedawnhanson.com", true },
+ { "natanaelys.com", false },
{ "natation-nsh.com", false },
- { "natatorium.org", true },
{ "natchmatch.com", true },
- { "natecraun.net", true },
{ "natgeofreshwater.com", true },
{ "nathaliebaron.ch", true },
{ "nathaliebaroncoaching.ch", true },
{ "nathaliedijkxhoorn.com", true },
{ "nathaliedijkxhoorn.nl", true },
- { "nathan.io", true },
{ "nathanaeldawe.com", true },
{ "nathancheek.com", false },
{ "nathankonopinski.com", true },
+ { "nathanmfarrugia.com", true },
{ "nathansmetana.com", true },
{ "nathumarket.com.br", true },
+ { "nation-contracting.com.hk", true },
+ { "nationalbank.gov", true },
+ { "nationalbanknet.gov", true },
{ "nationalcentereg.org", true },
{ "nationalcprfoundation.com", true },
{ "nationalcrimecheck.com.au", true },
@@ -25827,15 +26416,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nativs.ch", true },
{ "natlec.com", true },
{ "natsumihoshino.com", true },
+ { "natuerlichabnehmen.ch", true },
{ "natur.com", true },
{ "natura-sense.com", true },
+ { "naturalezafengshui.com", true },
{ "naturalfit.co.uk", true },
- { "naturalhealthcures.net", true },
+ { "naturalhealthcures.net", false },
{ "naturalkitchen.co.uk", true },
{ "naturalspacesdomes.com", true },
{ "naturaum.de", true },
{ "nature-et-bio.fr", true },
- { "nature-shots.net", true },
{ "natureflo.net", true },
{ "naturesbest.co.uk", true },
{ "naturesorganichaven.com", true },
@@ -25845,8 +26435,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "naturline.com", true },
{ "naturtint.co.uk", true },
{ "natusvita.com.br", true },
+ { "natverkstekniker.se", true },
{ "naude.co", true },
+ { "naughty.audio", true },
+ { "naughtytoy.co.uk", true },
{ "nausicaahotel.it", true },
+ { "naut.ca", true },
{ "nautiljon.com", true },
{ "nautsch.de", true },
{ "navarralanparty.org", true },
@@ -25856,13 +26450,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "navient.com", true },
{ "navigate-it-services.de", false },
{ "navstevnik.sk", true },
+ { "navstivime.cz", true },
{ "navycs.com", true },
{ "nawir.de", true },
{ "nayahe.ru", true },
{ "nayami64.xyz", true },
{ "nayanaas.com", true },
{ "nazevfirmy.cz", true },
- { "nazigol.com", true },
{ "nazukebanashi.com", true },
{ "nazuna.blue", true },
{ "nb.zone", true },
@@ -25928,6 +26522,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nbrain.de", true },
{ "nbrii.com", true },
{ "nbriresearch.com", true },
+ { "nbrown.us", true },
{ "nbur.co.uk", true },
{ "nc-beautypro.fr", true },
{ "nc-formation.fr", true },
@@ -25935,7 +26530,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nc99.co", true },
{ "ncamarquee.co.uk", true },
{ "ncands.net", true },
- { "ncaq.net", true },
{ "ncc-efm.com", true },
{ "ncc-efm.org", true },
{ "ncc-qualityandsafety.org", true },
@@ -25945,6 +26539,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nchangfong.com", true },
{ "nchponline.org", true },
{ "ncic.gg", true },
+ { "ncloud.freeddns.org", true },
{ "ncm-malerbetrieb.de", true },
{ "ncsc.gov.uk", true },
{ "ncsccs.com", true },
@@ -25963,6 +26558,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ndphp.org", true },
{ "ndpigskin.com", true },
{ "nds-helicopter.de", true },
+ { "ndum.ch", true },
{ "ndy.sex", true },
{ "ne-on.org", true },
{ "nea.gov", true },
@@ -25988,10 +26584,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "necormansir.com", true },
{ "nectarleaf.com", true },
{ "nedcdata.org", true },
+ { "nederland.media", true },
+ { "nederlands-vastgoedfonds.nl", true },
{ "nedim-accueil.fr", true },
{ "nedlinin.com", true },
{ "nedraconsult.ru", true },
- { "nedys.top", true },
{ "neecist.org", true },
{ "needemand.com", true },
{ "needstyle.ru", true },
@@ -26018,12 +26615,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "neillans.com", true },
{ "neilshealthymeals.com", true },
{ "neilwynne.com", true },
- { "neio.uk", true },
{ "nejenpneu.cz", true },
{ "nejkasy.cz", true },
{ "nejlevnejsi-parapety.cz", true },
{ "neko-nyan-nuko.com", true },
{ "neko-nyan.org", true },
+ { "neko.ml", true },
{ "nekodex.net", true },
{ "nekolove.jp", true },
{ "nekomimi.pl", true },
@@ -26033,7 +26630,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nekusoul.de", true },
{ "nelhage.com", true },
{ "nella-project.org", true },
- { "nella.io", true },
{ "nellacms.com", true },
{ "nellacms.org", true },
{ "nellafw.org", true },
@@ -26043,6 +26639,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nemo.run", true },
{ "nemopan.com", true },
{ "nemopret.dk", true },
+ { "nemplex.com", true },
{ "nemplex.win", false },
{ "nems.no", true },
{ "nemumu.com", true },
@@ -26053,11 +26650,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "neobits.nl", true },
{ "neocities.org", true },
{ "neoclick.io", true },
+ { "neodigital.bg", true },
{ "neoedresources.org", true },
- { "neoeliteconsulting.com", true },
{ "neohu.com", true },
{ "neojo.org", true },
- { "neokobe.city", true },
{ "neolaudia.es", true },
{ "neolink.dk", true },
{ "neonataleducationalresources.org", true },
@@ -26068,15 +26664,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "neos.co.jp", true },
{ "neosdesignstudio.co.uk", true },
{ "neostralis.com", true },
- { "neotist.com", true },
{ "neotiv.com", true },
- { "neowa.tk", true },
{ "neowin.net", true },
{ "neowlan.net", true },
{ "neoxcrf.com", true },
{ "neoz.com.br", true },
{ "nepageeks.com", true },
{ "nepal-evolution.org", true },
+ { "nepezzano13.com", true },
{ "nephelion.org", true },
{ "nephy.jp", true },
{ "nepovolenainternetovahazardnihra.cz", true },
@@ -26084,6 +26679,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nepremicnine.click", true },
{ "nepremicnine.net", true },
{ "nepustil.net", false },
+ { "nerdca.st", true },
{ "nerdhouse.io", true },
{ "nerdmind.de", true },
{ "nerdoutstudios.tv", true },
@@ -26096,9 +26692,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nerpa-club.ru", true },
{ "nerull7.info", true },
{ "nerven.se", false },
+ { "nesbase.com", true },
{ "nesolabs.com", true },
{ "nesolabs.de", true },
- { "nesterov.pw", true },
+ { "nestedquotes.ca", true },
{ "nestor.nu", true },
{ "neswec.org.uk", true },
{ "net-masters.pl", true },
@@ -26120,8 +26717,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "netconnect.at", true },
{ "netcoolusers.org", true },
{ "netdex.co", true },
- { "netducks.com", true },
- { "netducks.space", true },
{ "netera.se", true },
{ "neteraser.de", true },
{ "netexem.com", true },
@@ -26137,8 +26732,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nethunter.top", true },
{ "netki.com", true },
{ "netlentes.com.br", true },
+ { "netlocal.ru", true },
{ "netmagicas.com.br", true },
{ "netmeister.org", true },
+ { "netnea.com", true },
{ "netnik.de", true },
{ "netnodes.net", true },
{ "netraising.com", false },
@@ -26162,7 +26759,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nettilamppu.fi", true },
{ "netto-service.ch", true },
{ "nettools.link", true },
- { "nettopower.dk", true },
{ "nettoyage.email", true },
{ "nettx.co.uk", true },
{ "netulo.com", true },
@@ -26190,7 +26786,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "netzwerkwerk.de", true },
{ "neuber.uno", true },
{ "neuflizeobc.net", true },
- { "neuhaus-city.de", true },
{ "neurabyte.com", true },
{ "neurexcellence.com", true },
{ "neurobiology.com", true },
@@ -26199,11 +26794,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "neuroethics.com", true },
{ "neurogroove.info", true },
{ "neurolab.no", true },
- { "neuronasdigitales.com", true },
{ "neuropharmacology.com", true },
{ "neurostimtms.com", true },
{ "neurotransmitter.net", true },
{ "neurozentrum-zentralschweiz.ch", true },
+ { "neutein.com", true },
{ "neutralox.com", false },
{ "neuwal.com", true },
{ "neva.li", true },
@@ -26225,7 +26820,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "newaccess.ch", true },
{ "newbasemedia.us", true },
{ "newbietech.cn", false },
- { "newborncryptocoin.com", false },
+ { "newborncryptocoin.com", true },
{ "newburybouncycastles.co.uk", true },
{ "newburyparkelectric.com", true },
{ "newburyparkelectrical.com", true },
@@ -26256,10 +26851,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "newmovements.net", true },
{ "newmusicjackson.org", true },
{ "newodesign.com", true },
- { "newposts.ru", true },
{ "newreleases.io", true },
{ "news47ell.com", true },
- { "newsa2.com", true },
{ "newsmotor.info", true },
{ "newspsychology.com", true },
{ "newstone-tech.com", true },
@@ -26305,12 +26898,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "neyer-lorenz.de", true },
{ "nezrouge-est-vaudois.ch", true },
{ "nezrouge-geneve.ch", true },
+ { "nezvestice.cz", true },
{ "nf4.net", true },
{ "nf9q.com", true },
+ { "nfam.de", true },
{ "nfe-elektro.de", true },
{ "nfir.nl", true },
{ "nfl.dedyn.io", true },
{ "nfl.duckdns.org", true },
+ { "nflchan.org", true },
{ "nflmocks.com", true },
{ "nflsic.org", true },
{ "nfpors.gov", true },
@@ -26321,6 +26917,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ngasembaru.com", true },
{ "ngc.gov", false },
{ "nghe.net", true },
+ { "ngi.eu", true },
{ "nginxconfig.com", true },
{ "nginxconfig.io", true },
{ "ngndn.jp", true },
@@ -26369,17 +26966,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nickhitch.co.uk", true },
{ "nickloose.de", true },
{ "nicklord.com", true },
- { "nickmertin.ca", true },
- { "nickmorri.com", true },
{ "nickplotnek.co.uk", true },
{ "nickrickard.co.uk", true },
{ "nicks-autos.com", true },
{ "nickscomputers.nl", true },
{ "nickserve.com", true },
{ "nickstories.de", true },
+ { "nicktheitguy.com", true },
{ "niclasreich.de", true },
{ "nicn.me", true },
{ "nico.st", true },
+ { "nicochinese.com", true },
{ "nicocourts.com", true },
{ "nicoknibbe.nl", true },
{ "nicoladixonrealestate.com", true },
@@ -26396,12 +26993,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nicolemathew.com", true },
{ "niconico.ooo", true },
{ "niconode.com", false },
+ { "nicoobook.com", true },
+ { "nicoobook.net", true },
{ "nicsezcheckfbi.gov", true },
{ "nicul.in", true },
{ "nidro.de", true },
{ "nidsuber.ch", true },
- { "niduxcomercial.com", true },
{ "niederohmig.de", true },
+ { "niedrigsterpreis.de", true },
{ "niehage.name", true },
{ "nielshoogenhout.be", true },
{ "nielshoogenhout.eu", true },
@@ -26422,6 +27021,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "niess.space", true },
{ "niesstar.com", true },
{ "nietzsche.com", true },
+ { "nieuwsberichten.eu", true },
{ "nieuwslagmaat.nl", true },
{ "nifc.gov", true },
{ "niftiestsoftware.com", true },
@@ -26429,6 +27029,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nigensha.co.jp", true },
{ "niggemeier.cc", true },
{ "nigger.racing", true },
+ { "niggo.eu", true },
{ "night2stay.cn", true },
{ "night2stay.com", true },
{ "night2stay.de", true },
@@ -26440,7 +27041,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nightmoose.org", true },
{ "nightsi.de", true },
{ "nightstand.io", true },
- { "nigt.cf", true },
{ "nihon-no-sake.net", true },
{ "nihtek.in", true },
{ "nii2.org", true },
@@ -26457,7 +27057,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nikklassen.ca", true },
{ "niklas.pw", true },
{ "niklasbabel.com", true },
- { "nikolasgrottendieck.com", true },
{ "nikomo.fi", false },
{ "nikoninframe.co.uk", true },
{ "nikonlibrary.co.uk", true },
@@ -26470,6 +27069,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "niles.xyz", true },
{ "nilrem.org", true },
{ "nimeshjm.com", true },
+ { "nimidam.com", true },
{ "nina-laaf.de", true },
{ "ninaforever.com", true },
{ "ninarinaldi.com.br", true },
@@ -26485,16 +27085,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ninfora.com", true },
{ "ninja-galerie.de", true },
{ "ninja-skillz.com", true },
+ { "ninjan.co", true },
{ "ninjaworld.co.uk", true },
{ "ninjio.com", true },
{ "ninov.de", true },
{ "nintendoforum.no", true },
{ "ninth.cat", true },
{ "ninthfloor.org", true },
+ { "ninverse.com", true },
{ "nipax.cz", true },
{ "nipe-systems.de", true },
{ "nipit.biz", true },
{ "nippon-oku.com", true },
+ { "nippon.fr", true },
{ "niqex.com", true },
{ "nirjonmela.com", true },
{ "nirjonmela.net", true },
@@ -26523,7 +27126,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "njguardtraining.com", true },
{ "njilc.com", true },
{ "njpjanssen.nl", true },
- { "njujb.com", true },
{ "nkapliev.org", true },
{ "nkforum.pl", true },
{ "nkinka.de", true },
@@ -26533,12 +27135,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nl3ehv.nl", true },
{ "nlap.ca", false },
{ "nlbewustgezond.nl", true },
+ { "nlegall.fr", true },
{ "nlfant.eu", true },
{ "nllboard.co.uk", true },
{ "nlleisure.co.uk", true },
{ "nlm.gov", true },
{ "nlt.by", false },
- { "nmd.so", true },
{ "nmmlp.org", true },
{ "nmnd.de", true },
{ "nmontag.com", true },
@@ -26562,13 +27164,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nocks.com", true },
{ "nocmd.com", true },
{ "nocs.cn", true },
- { "nodalr.com", true },
{ "nodari.com.ar", true },
{ "nodariweb.com.ar", true },
+ { "nodecdn.net", true },
{ "nodecraft.com", true },
{ "nodejs.de", true },
{ "nodelia.com", true },
{ "nodesec.cc", true },
+ { "nodesonic.com", true },
{ "nodevops.com", true },
{ "noeatnosleep.me", true },
{ "noedidacticos.com", true },
@@ -26602,6 +27205,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "noleggio-bagni-chimici.it", true },
{ "noma-film.com", true },
{ "nomadproject.io", true },
+ { "nomagic.software", true },
{ "nomenclator.org", true },
{ "nomesbiblicos.com", true },
{ "nomial.co.uk", true },
@@ -26614,6 +27218,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "noob-box.net", true },
{ "noobow.me", true },
{ "noobswhatelse.net", true },
+ { "noobunbox.net", true },
{ "noodles.net.nz", true },
{ "noodplan.co.za", true },
{ "noodweer.be", true },
@@ -26631,8 +27236,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nopaynocure.com", true },
{ "norad.sytes.net", true },
{ "norbertschneider-music.com", true },
+ { "nord-restaurant-bar.de", true },
{ "nord-sud.be", true },
{ "nordakademie.de", true },
+ { "nordicess.dk", true },
{ "nordicirc.com", true },
{ "nordinfo.fi", true },
{ "nordlichter-brv.de", true },
@@ -26641,7 +27248,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nordseeblicke.de", true },
{ "nordwal.de", true },
{ "nordwaldzendo.de", true },
- { "noreply.mx", true },
{ "norestfortheweekend.com", true },
{ "noret.com", true },
{ "norichanmama.com", true },
@@ -26661,6 +27267,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "northconsulting.fr", true },
{ "northcountykiaparts.com", true },
{ "northcreekresort.com", true },
+ { "northcreekresortblue.ca", true },
{ "northdakotahealthnetwork.com", true },
{ "northdevonbouncycastles.co.uk", true },
{ "northeastcdc.org", true },
@@ -26674,12 +27281,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "northokanaganbookkeeping.com", true },
{ "northpointoutdoors.com", true },
{ "northpole.dance", true },
+ { "northpost.is", true },
{ "northridgeelectrical.com", true },
{ "northumbriagames.co.uk", true },
{ "norys-escape.de", true },
{ "nos-medias.fr", true },
{ "nos-oignons.net", true },
{ "noscript.net", true },
+ { "noscura.nl", true },
{ "nosecrets.ch", true },
{ "nosfermiers.com", true },
{ "noslite.nl", true },
@@ -26705,8 +27314,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "notcompletelycorrect.com", true },
{ "notepad.nz", true },
{ "noteskeeper.ru", true },
+ { "noticaballos.com", true },
{ "noticiasdehumor.com", true },
{ "notify.moe", true },
+ { "notigatos.es", true },
+ { "notilus.fr", true },
{ "notinglife.com", true },
{ "notjustvacs.com", true },
{ "notmybox.com", true },
@@ -26715,11 +27327,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "notofilia.com", true },
{ "notora.tech", true },
{ "notoriousdev.com", true },
- { "notrecourrier.net", true },
+ { "nototema.com", true },
{ "notsafefor.work", true },
+ { "nottres.com", true },
{ "noudjalink.nl", true },
{ "noustique.com", true },
{ "nova-dess.ch", true },
+ { "nova-it.pl", true },
{ "nova-kultura.org", true },
{ "nova-wd.org.uk", true },
{ "nova.live", true },
@@ -26771,11 +27385,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nrev.ch", true },
{ "nrkn.fr", true },
{ "nrsweb.org", true },
+ { "nrvn.cc", false },
{ "ns-frontier.com", true },
{ "ns2servers.pw", true },
{ "nsa.lol", true },
- { "nsa.ovh", true },
- { "nsa.wtf", true },
{ "nsapwn.com", true },
{ "nsboston.org", true },
{ "nsboutique.com", true },
@@ -26799,7 +27412,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ntags.org", true },
{ "ntcoss.org.au", true },
{ "nte.email", true },
- { "nth.sh", true },
{ "nti.de", true },
{ "ntia.gov", true },
{ "ntotten.com", true },
@@ -26808,11 +27420,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ntwt.us", true },
{ "ntx360grad-fallakte.de", true },
{ "ntzwrk.org", true },
- { "nu3.com", true },
- { "nu3.dk", true },
- { "nu3.fi", true },
- { "nu3.no", true },
- { "nu3.se", true },
{ "nu3tion.com", true },
{ "nu3tion.cz", true },
{ "nuacht.ie", true },
@@ -26847,7 +27454,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "numero1.ch", true },
{ "numerologist.com", true },
{ "numerossanos.com.ar", true },
- { "numis.tech", true },
{ "numismed-seniorcare.de", true },
{ "numwave.nl", true },
{ "nunesgh.com", true },
@@ -26858,6 +27464,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nuovaelle.it", true },
{ "nuquery.com", true },
{ "nur.berlin", true },
+ { "nureg.club", true },
+ { "nureg.net", true },
+ { "nureg.xyz", true },
{ "nuriacamaras.com", true },
{ "nursejj.com", true },
{ "nurseone.ca", true },
@@ -26865,14 +27474,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nursingschool.network", true },
{ "nuryahan.com.br", true },
{ "nussadoclub.org", true },
+ { "nut.services", true },
{ "nutikell.com", true },
{ "nutleyeducationalfoundation.org", true },
{ "nutleyef.org", true },
{ "nutonic-sports.com", true },
{ "nutpanda.com", true },
{ "nutra-creations.com", true },
+ { "nutrafitsuplementos.com.br", true },
{ "nutri-spec.me", true },
- { "nutricaovegana.com", true },
{ "nutriciametabolics-shop.de", true },
{ "nutridieta.com", true },
{ "nutripedia.gr", true },
@@ -26881,6 +27491,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nutrivisa.com.br", true },
{ "nuvechtdal.nl", true },
{ "nuvini.com", true },
+ { "nuvospineandsports.com", true },
{ "nuxer.fr", true },
{ "nv.gw", true },
{ "nve-qatar.com", true },
@@ -26909,14 +27520,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nyadora.moe", true },
{ "nyan.it", true },
{ "nyan.stream", true },
- { "nyanco.space", true },
{ "nyansparkle.com", true },
{ "nyantec.com", true },
{ "nybiz.nyc", true },
{ "nycoyote.org", true },
{ "nydig.com", true },
- { "nydnxs.com", true },
- { "nyghtus.net", true },
+ { "nyghtus.net", false },
{ "nyhaoyuan.net", true },
{ "nyiad.edu", true },
{ "nyip.co.uk", true },
@@ -26933,7 +27542,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nyyu.tk", true },
{ "nzb.cat", false },
{ "nzbr.de", true },
- { "nzdmo.govt.nz", true },
{ "nzstudy.ac.nz", true },
{ "nzws.me", true },
{ "o-loska.cz", true },
@@ -26947,7 +27555,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "o8b.club", true },
{ "oaic.gov.au", true },
{ "oakandresin.co", true },
- { "oakesfam.net", true },
{ "oakington.info", false },
{ "oaklands.co.za", true },
{ "oakparkelectrical.com", true },
@@ -26960,6 +27567,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oasisdabeleza.com.br", true },
{ "oasisim.net", false },
{ "oatmealdome.me", true },
+ { "oatycloud.spdns.de", true },
{ "oauth-dropins.appspot.com", false },
{ "obamalibrary.gov", true },
{ "obamawhitehouse.gov", true },
@@ -26975,7 +27583,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "objectif-terre.ch", true },
{ "objekt-textil.ch", true },
{ "oblast45.ru", false },
- { "obligacjekk.pl", true },
{ "oboeta.com", true },
{ "obono.at", true },
{ "obrienswine.ie", true },
@@ -27016,7 +27623,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ocim.ch", true },
{ "ockendenhemming.co.uk", true },
{ "oclausen.com", true },
- { "ocloudhost.com", true },
{ "ocni-ambulance-most.cz", true },
{ "ocolere.ch", true },
{ "ocotg.com", true },
@@ -27027,6 +27633,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "octal.es", true },
{ "octarineparrot.com", true },
{ "octav.name", false },
+ { "octobered.com", true },
{ "octocaptcha.com", true },
{ "octofox.de", true },
{ "octohedralpvp.tk", true },
@@ -27055,6 +27662,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "odvps.com", true },
{ "odysseyofthemind.eu", true },
{ "odzyskaniedomeny.pl", true },
+ { "oe-boston.com", true },
{ "oec-music.com", true },
{ "oeh.ac.at", true },
{ "oeko-bundesfreiwilligendienst-sh.de", true },
@@ -27071,6 +27679,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ofcampuslausanne.ch", true },
{ "ofda.gov", true },
{ "ofertasadsl.com", true },
+ { "ofertino.es", true },
+ { "ofertolino.fr", true },
{ "offandonagain.org", true },
{ "offbyinfinity.com", true },
{ "offenekommune.de", true },
@@ -27090,6 +27700,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "officium.tech", true },
{ "offroadeq.com", true },
{ "offroadhoverboard.net", true },
+ { "offshoot.ie", true },
{ "offshoot.rentals", true },
{ "offshore.digital", true },
{ "offshoremarineparts.com", false },
@@ -27099,7 +27710,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oftamedic.com", true },
{ "oftn.org", true },
{ "oge.ch", true },
- { "ogis.gov", true },
+ { "ogkw.de", true },
{ "oglen.ca", true },
{ "ogocare.com", true },
{ "oguya.ch", true },
@@ -27120,8 +27731,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ohsohairy.co.uk", true },
{ "ohyooo.com", true },
{ "oi-wiki.org", true },
- { "oiaio.cn", true },
- { "oilfieldinjury.attorney", true },
{ "oilpaintingsonly.com", true },
{ "oirealtor.com", true },
{ "oisd.nl", true },
@@ -27131,10 +27740,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ojdip.net", true },
{ "ojomovies.com", true },
{ "ojp.gov", true },
- { "okaidi.es", true },
- { "okaidi.fr", true },
{ "okakuro.org", true },
{ "okanaganrailtrail.ca", true },
+ { "okashi.me", true },
{ "okay.cf", true },
{ "okay.coffee", true },
{ "okburrito.com", true },
@@ -27168,6 +27776,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oldbrookmarqueehire.co.uk", true },
{ "oldchaphome.nl", true },
{ "oldenglishsheepdog.com.br", true },
+ { "older-racer.com", true },
{ "oldita.ru", true },
{ "oldking.net", true },
{ "oldnews.news", true },
@@ -27189,18 +27798,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "olgui.net", true },
{ "olgun.eu", true },
{ "olhcparish.net", true },
- { "olightstore.com", true },
{ "olightstore.ro", true },
- { "oliode.tk", true },
{ "oliveoil.bot", true },
{ "oliveoilschool.org", true },
{ "oliveoiltest.com", true },
{ "oliveoiltimes.com", true },
{ "oliveraiedelabastideblanche.fr", true },
{ "oliverclausen.com", true },
+ { "oliverdunk.com", false },
{ "oliverfaircliff.com", true },
{ "olivernaraki.com", true },
{ "oliverniebuhr.de", true },
+ { "oliverschmid.space", true },
{ "oliverspringer.eu", true },
{ "oliverst.com", true },
{ "olivierberardphotographe.com", true },
@@ -27209,7 +27818,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oliviervaillancourt.com", true },
{ "olizeite.ch", true },
{ "ollie.io", true },
- { "ollieowlsblog.com", true },
{ "ollies.cloud", true },
{ "ollies.cz", true },
{ "olliespage.com", true },
@@ -27221,8 +27829,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "olmc-nutley.org", true },
{ "olmcnewark.com", true },
{ "olmsted.io", true },
+ { "olomercy.com", true },
{ "olphseaside.org", true },
{ "olqoa.org", true },
+ { "olsh-hilltown.com", true },
+ { "olsonproperties.com", true },
{ "olygazoo.com", true },
{ "olymp-arts.world", true },
{ "olympeakgaming.tv", true },
@@ -27253,7 +27864,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "omnibot.tv", true },
{ "omnisafira.com", true },
{ "omniscimus.net", false },
- { "omnisiens.se", true },
{ "omnisky.dk", true },
{ "omnitrack.org", true },
{ "omniverse.ru", true },
@@ -27262,10 +27872,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "omoteura.com", true },
{ "omranic.com", true },
{ "omronwellness.com", true },
- { "omsdieppe.fr", true },
{ "on-tech.co.uk", true },
+ { "on.tax", true },
{ "ona.io", true },
{ "onaboat.se", true },
+ { "onahonavi.com", true },
{ "onarto.com", true },
{ "onazikgu.com", true },
{ "onbuzzer.com", false },
@@ -27278,7 +27889,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "onderwijstransparant.nl", true },
{ "ondevamosjantar.com", true },
{ "ondrej.org", true },
- { "ondrejhoralek.cz", true },
+ { "ondrejbudin.cz", true },
{ "one---line.com", true },
{ "one-resource.com", true },
{ "one-s.co.jp", true },
@@ -27301,7 +27912,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oneidentity.me", true },
{ "oneiroi.co.uk", true },
{ "onemid.net", true },
- { "oneminute.io", false },
{ "onemoonmedia.de", true },
{ "oneononeonone.de", true },
{ "oneononeonone.tv", true },
@@ -27330,11 +27940,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oni.nl", true },
{ "onice.ch", true },
{ "onionbot.me", true },
+ { "onionplay.net", true },
{ "onionplay.org", true },
{ "onionscan.org", true },
{ "oniria.ch", true },
{ "onix.eu.com", true },
{ "onixcco.com.br", true },
+ { "onkentessegertdij.hu", true },
{ "onlfait.ch", true },
{ "online-bouwmaterialen.nl", true },
{ "online-calculator.com", true },
@@ -27342,7 +27954,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "online-consulting-corp.fr", true },
{ "online-eikaiwa-guide.com", true },
{ "online-health-insurance.com", true },
- { "online-horoskop.ch", true },
{ "online-lernprogramme.de", true },
{ "online-pr.at", true },
{ "online-results.dk", true },
@@ -27352,7 +27963,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "online-textil.sk", true },
{ "online.marketing", true },
{ "online.net.gr", true },
- { "online.swedbank.se", true },
{ "online24.pt", true },
{ "onlinebizdirect.com", false },
{ "onlinecasino.vlaanderen", true },
@@ -27360,11 +27970,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "onlinecollegeessay.com", true },
{ "onlinefashion.it", true },
{ "onlinehashfollow.com", true },
- { "onlineinfographic.com", true },
{ "onlinekmc.com", true },
{ "onlinelegalmarketing.com", true },
{ "onlinelegalmedia.com", true },
{ "onlinelighting.com.au", true },
+ { "onlinemarketingmuscle.com", true },
{ "onlinemarketingtraining.co.uk", true },
{ "onlinepokerspelen.be", true },
{ "onlineporno.xyz", true },
@@ -27373,15 +27983,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "onlinestoreninjas.com", true },
{ "onlinetextil.cz", true },
{ "onlineth.com", false },
- { "onlineweblearning.com", true },
{ "onlinexl.nl", true },
{ "onlylebanon.net", true },
{ "onmaps.de", true },
{ "onmarketbookbuilds.com", true },
{ "onnaguse.com", true },
- { "onoranze-funebri.biz", true },
{ "onpay.io", true },
- { "onpermit.net", true },
{ "onqproductions.com", true },
{ "onrr.gov", true },
{ "ons.ca", true },
@@ -27414,7 +28021,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oopsis.com", true },
{ "ooyo.be", true },
{ "op11.co.uk", false },
- { "opadaily.com", true },
{ "opalesurfcasting.net", true },
{ "oparl.org", true },
{ "opcenter.de", true },
@@ -27422,7 +28028,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "open-banking-access.uk", true },
{ "open-bs.com", true },
{ "open-bs.ru", true },
- { "open-desk.org", true },
{ "open-domotics.info", true },
{ "open-freax.fr", true },
{ "open-gaming.net", true },
@@ -27436,7 +28041,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "openbayes.com", true },
{ "openbeecloud.com", true },
{ "openblox.org", true },
- { "openbsd.id", true },
{ "opencad.io", true },
{ "opencircuit.nl", true },
{ "openclima.com", true },
@@ -27459,7 +28063,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "opennippon.com", true },
{ "opennippon.ru", true },
{ "openpictures.ch", true },
- { "openpresentes.com.br", true },
{ "openquery.com.au", true },
{ "openrainbow.com", true },
{ "openrainbow.net", true },
@@ -27500,13 +28103,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "opoleo.com", false },
{ "oportho.com.br", true },
{ "oposiciones.com.es", true },
+ { "oposicionesapolicialocal.es", true },
{ "oposicionescorreos.com.es", true },
+ { "oposicionescorreos.es", true },
+ { "oposicionescorreos.info", true },
+ { "oposicionesdejusticia.org", true },
{ "oposicionesertzaintza.com.es", true },
+ { "oposicionesycursos.com", true },
{ "oppada.com", true },
{ "oppaiti.me", true },
{ "oppejoud.ee", true },
{ "opportunis.me", true },
{ "opportunity.de", true },
+ { "oppositionsecurity.com", true },
{ "oppwa.com", true },
{ "opq.pw", true },
{ "oprbox.com", true },
@@ -27534,13 +28143,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "optimumwebdesigns.com", true },
{ "optimus.io", true },
{ "optimuscrime.net", true },
- { "optisure.de", true },
{ "optm.us", true },
{ "optmos.at", true },
{ "optometryscotland.org.uk", true },
{ "optoutday.de", true },
- { "opure.ml", true },
- { "opure.ru", true },
{ "opus-codium.fr", true },
{ "oraculum.cz", true },
{ "orang-utans.com", true },
@@ -27550,8 +28156,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "orangejetpack.com", true },
{ "orangenbaum.at", true },
{ "orangenuts.in", true },
- { "orangetravel.eu", true },
{ "orangutan-appeal.org.uk", true },
+ { "orbital3.com", true },
{ "orbu.net", true },
{ "orca.pet", true },
{ "orcamoney.com", true },
@@ -27563,6 +28169,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "orderessay.net", true },
{ "ordernow.at", true },
{ "orderswift.com", true },
+ { "ordoro.com", true },
{ "ordr.mobi", true },
{ "oreshinya.xyz", true },
{ "oreskylaw.com", true },
@@ -27581,6 +28188,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oribia.net", true },
{ "orientalart.nl", true },
{ "orientravelmacas.com", true },
+ { "oriflameszepsegkozpont.hu", true },
{ "origami.to", true },
{ "origamika.com", true },
{ "original-christstollen.com", true },
@@ -27612,6 +28220,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "orthograph.ch", true },
{ "orthotictransfers.com", true },
{ "ortlepp.eu", true },
+ { "oruggt.is", true },
{ "orum.in", true },
{ "orwell1984.today", true },
{ "oryva.com", true },
@@ -27621,17 +28230,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "os-t.de", true },
{ "os24.cz", true },
{ "osacrypt.studio", true },
- { "osaka-onakura.com", true },
{ "osakeannit.fi", true },
{ "osao.org", true },
{ "osbi.pl", true },
{ "osborn.io", true },
{ "osborneinn.com", true },
{ "osburn.com", true },
- { "oscamp.eu", true },
{ "oscarvk.ch", true },
- { "oscloud.com", true },
{ "osepideasthatwork.org", true },
+ { "osereso.tn", true },
{ "oses.mobi", true },
{ "oshayr.com", true },
{ "oshell.me", true },
@@ -27651,9 +28258,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "osobliwydom.pl", true },
{ "osomjournal.org", true },
{ "ospf.sk", true },
+ { "osprecos.com.br", true },
+ { "osprecos.pt", true },
{ "ospree.me", true },
{ "ostan-collections.net", true },
{ "osterkraenzchen.de", true },
+ { "ostgotamusiken.se", true },
{ "osti.gov", true },
{ "ostimwebyazilim.com", true },
{ "ostr.io", true },
@@ -27683,7 +28293,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "otr.ie", true },
{ "otrm.de", true },
{ "otsfreestyle.jp", true },
- { "otsu.beer", true },
+ { "ottoproject.io", false },
{ "ottoversand.at", true },
{ "otus-magnum.com", true },
{ "otvaracie-hodiny.sk", true },
@@ -27707,7 +28317,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ourladyqueenofmartyrs.org", true },
{ "ourls.win", true },
{ "ourmaster.org", true },
- { "ouruglyfood.com", true },
{ "ourwedding.xyz", true },
{ "ourworldindata.org", true },
{ "out-of-scope.de", true },
@@ -27734,17 +28343,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "outline.ski", true },
{ "outlines.xyz", true },
{ "outlookonthedesktop.com", true },
+ { "outplnr.fr", true },
{ "outpostinfo.com", true },
{ "outsideconnections.com", true },
{ "outsiders.paris", true },
- { "ovabag.com", true },
{ "ovelhaostra.com", true },
{ "overalglas.nl", true },
{ "overamsteluitgevers.nl", true },
+ { "overceny.cz", true },
{ "overclockers.ge", true },
{ "overdrive-usedcars.be", true },
{ "overkillshop.com", true },
- { "overseamusic.de", true },
{ "oversight.garden", true },
{ "oversight.gov", true },
{ "overstap.deals", true },
@@ -27760,18 +28369,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ovirt.org", true },
{ "ovix.co", true },
{ "ovnrain.com", true },
+ { "ovpn.to", true },
{ "ovvy.net", false },
{ "owapi.net", true },
{ "owennelson.co.uk", true },
+ { "owensordinarymd.com", true },
{ "owid.cloud", true },
- { "owl-hakkei.com", true },
{ "owl-square.com", true },
{ "owl-stat.ch", true },
{ "owl.net", true },
{ "owlandrabbitgallery.com", true },
{ "owlishmedia.com", true },
{ "own3d.ch", true },
- { "ownc.at", true },
{ "owncloud.ch", true },
{ "ownmay.com", true },
{ "oxborrow.ca", true },
@@ -27811,7 +28420,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paas-inf.net", true },
{ "paass.net", true },
{ "paazmaya.fi", true },
- { "pablofain.com", true },
+ { "pablo.im", true },
+ { "pablo.scot", true },
+ { "pablo.sh", true },
+ { "pabloarteaga.co.uk", true },
+ { "pabloarteaga.com", true },
+ { "pabloarteaga.com.es", true },
+ { "pabloarteaga.es", true },
+ { "pabloarteaga.eu", true },
+ { "pabloarteaga.info", true },
+ { "pabloarteaga.me", true },
+ { "pabloarteaga.net", true },
+ { "pabloarteaga.nom.es", true },
+ { "pabloarteaga.org", true },
+ { "pabloarteaga.science", true },
+ { "pabloarteaga.tech", true },
+ { "pabloarteaga.uk", true },
+ { "pabloarteaga.xyz", true },
{ "pabuzo.vn", true },
{ "pacaom.com", true },
{ "pacatlantic.com", true },
@@ -27832,6 +28457,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pack-haus.de", true },
{ "packagefactory.dk", true },
{ "packagingproject.management", true },
+ { "packagist.jp", true },
{ "packagist.org", false },
{ "packaware.com", true },
{ "packetdigital.com", true },
@@ -27854,6 +28480,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pagalworld.co", true },
{ "pagalworld.com", true },
{ "pagalworld.info", true },
+ { "pagalworld.io", true },
{ "pagalworld.la", true },
{ "pagalworld.me", true },
{ "pagalworld.org", true },
@@ -27863,7 +28490,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pagedesignpro.com", true },
{ "pagedesignweb.com", true },
{ "pagefulloflies.io", true },
- { "pageperform.com", true },
{ "pagewizz.com", true },
{ "pagiamtzis.com", true },
{ "pagina.com.mx", true },
@@ -27878,6 +28504,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "painefamily.co.uk", true },
{ "painlessproperty.co.uk", true },
{ "paint-it.pink", true },
+ { "paintball-ljubljana.si", true },
{ "paintball-shop.sk", true },
{ "paintcolorsbysue.com", true },
{ "paintingindurban.co.za", true },
@@ -27888,9 +28515,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paketo.sk", true },
{ "paketwatch.de", false },
{ "pakho.xyz", true },
+ { "pakingas.lt", true },
{ "pakistani.dating", true },
{ "pakitow.fr", true },
{ "pakke.de", true },
+ { "pakowanie-polska.pl", true },
+ { "pakroyalpress.com", true },
{ "paktolos.net", true },
{ "palabr.as", true },
{ "palapadev.com", true },
@@ -27901,6 +28531,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "palavatv.com", true },
{ "palazzo.link", true },
{ "palazzo.work", true },
+ { "paleoself.com", true },
{ "paleotraining.com", true },
{ "palestra.roma.it", true },
{ "palladium46.com", true },
@@ -27964,6 +28595,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pants-off.xyz", true },
{ "panzer72.ru", true },
{ "panzerscreen.dk", true },
+ { "pao.ge", true },
{ "pap.la", false },
{ "papa-webzeit.de", true },
{ "papadopoulos.me", true },
@@ -27989,9 +28621,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paprikas.fr", true },
{ "paraborsa.net", true },
{ "parachute70.com", true },
+ { "paracomer.es", true },
{ "paradais-sphynx.com", true },
{ "paradependentesquimicos.com.br", true },
- { "paradigi.com.br", true },
{ "paradise-engineer.com", true },
{ "paradise-engineering.com", true },
{ "paradise-travel.net", true },
@@ -28003,6 +28635,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paranoidcrypto.com", true },
{ "paranoidmode.com", true },
{ "paranoidpenguin.net", true },
+ { "paranormalweirdo.com", true },
+ { "paranoxer.hu", true },
{ "parasitologyclub.org", true },
{ "paratlan.hu", true },
{ "paratxt.org", true },
@@ -28014,7 +28648,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "parentheseardenne.be", true },
{ "parentinterview.com", true },
{ "parentsintouch.co.uk", true },
- { "pariga.co.uk", true },
{ "paris-store.com", true },
{ "parisackerman.com", true },
{ "parisbloom.com", true },
@@ -28035,7 +28668,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "parkwayminyan.org", true },
{ "parlamento.gub.uy", true },
{ "parleamonluc.fr", true },
- { "parleu2016.nl", true },
{ "parmels.com.br", true },
{ "parnassys.net", true },
{ "parodesigns.com", true },
@@ -28047,7 +28679,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "parsemail.org", true },
{ "parser.nu", true },
{ "parsonsfamilyhomes.com", true },
+ { "parteaga.com", true },
+ { "parteaga.net", true },
{ "partecipa.tn.it", true },
+ { "parthkolekar.me", true },
{ "partijhandel.website", true },
{ "partijtjevoordevrijheid.nl", false },
{ "partiono.com", true },
@@ -28087,7 +28722,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pasarella.eu", true },
{ "pascal-bourhis.com", true },
{ "pascal-bourhis.net", true },
- { "pascal-kannchen.de", true },
{ "pascal-wittmann.de", true },
{ "pascaline-jouis.fr", true },
{ "pascalleguern.com", true },
@@ -28113,6 +28747,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "passionebenessere.com", true },
{ "passionpictures.eu", true },
{ "passions-art.com", true },
+ { "passover-fun.com", true },
{ "passphrase.today", true },
{ "passport.yandex.by", true },
{ "passport.yandex.com", true },
@@ -28153,7 +28788,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pastorbelgagroenendael.com.br", true },
{ "pastordocaucaso.com.br", true },
{ "pastormaremanoabruzes.com.br", true },
- { "pastorsuico.com.br", true },
{ "pasztor.at", true },
{ "patapwn.com", true },
{ "patatbesteld.nl", true },
@@ -28168,16 +28802,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pathwaystoresilience.org", true },
{ "patika-biztositas.hu", true },
{ "patikabiztositas.hu", true },
+ { "patineteselectricosbaratos.net", true },
{ "patouille-et-gribouille.fr", true },
+ { "patric-lenhart.de", true },
{ "patrick-othmer.de", true },
{ "patrick-robrecht.de", true },
+ { "patrick.my-gateway.de", true },
{ "patrick21.ch", true },
{ "patrickaudley.ca", true },
{ "patrickaudley.com", true },
{ "patrickbrosi.de", true },
{ "patrickhoefler.net", true },
{ "patricklynch.xyz", true },
- { "patrickmcnamara.xyz", true },
{ "patrikgarten.de", true },
{ "patriksima.cz", true },
{ "patriksimek.cz", true },
@@ -28194,7 +28830,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paudley.com", true },
{ "paudley.org", true },
{ "paul-barton.co.uk", true },
- { "paul-bronski.de", true },
{ "paul.reviews", true },
{ "pauladamsmith.com", true },
{ "paulbakaus.com", true },
@@ -28204,7 +28839,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paulcooper.me.uk", true },
{ "pauldev.co", true },
{ "paulerhof.com", true },
- { "paulewen.ca", true },
{ "paulgerberrealtors.com", true },
{ "paulinewesterman.nl", true },
{ "paulmeier.com", false },
@@ -28212,7 +28846,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paulov.com", true },
{ "paulov.info", true },
{ "paulov.ru", true },
- { "paulpetersen.dk", true },
{ "paulrobertlloyd.com", true },
{ "paulrotter.de", true },
{ "paulschreiber.com", true },
@@ -28230,19 +28863,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pavando.com", true },
{ "pavelfojt.cz", true },
{ "pavelrebrov.com", true },
- { "pavelstriz.cz", true },
{ "pavio.org", true },
{ "paw.cloud", true },
{ "paw.pt", true },
{ "pawel-international.com", true },
{ "pawelnazaruk.com", true },
{ "pawelurbanek.com", true },
- { "pawfriends.org.za", true },
{ "pawsomebox.co.uk", true },
{ "pawsr.us", true },
{ "paxerahealth.com", true },
+ { "pay-online.in", true },
{ "pay.gov", true },
- { "pay8522.com", true },
{ "paybook.co.tz", true },
{ "payboy.biz", true },
{ "payboy.rocks", true },
@@ -28268,7 +28899,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paysbuy.net", true },
{ "paysera.com", true },
{ "payslipview.com", true },
- { "payssaintgilles.fr", true },
+ { "payssaintgilles.fr", false },
{ "paystack.com", true },
{ "paytm.in", true },
{ "paytonmoledor.com", true },
@@ -28278,10 +28909,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pback.se", true },
{ "pbosquet.com", true },
{ "pbourhis.me", true },
- { "pbqs.site", true },
{ "pbr.so", true },
{ "pbraunschdash.com", true },
- { "pbreen.co.uk", true },
{ "pbrumby.com", true },
{ "pbz.im", true },
{ "pc-rescue.me", false },
@@ -28320,6 +28949,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pdfresizer.com", true },
{ "pdfsearch.org", true },
{ "pdfsearches.com", true },
+ { "pdkrawczyk.com", true },
{ "pdox.net", true },
{ "pdragt.com", true },
{ "pdthings.net", true },
@@ -28329,6 +28959,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "peaceispossible.cc", true },
{ "peaceloveandlabor.com", true },
{ "peak-careers.com", true },
+ { "peakhomeloan.com", true },
{ "peaksloth.com", true },
{ "peanutbase.org", true },
{ "peanutproductionsnyc.com", true },
@@ -28347,6 +28978,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pedicurean.nl", true },
{ "pedicureduiven.nl", true },
{ "pedidamanosevilla.com", true },
+ { "pedidosfarma.com.br", true },
{ "pedikura-vitu.cz", true },
{ "pedimanie.cz", true },
{ "pedimoda.com.br", true },
@@ -28410,6 +29042,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "penetrationstest.se", true },
{ "penfold.fr", true },
{ "pengi.me", true },
+ { "penguinbits.net", true },
{ "penguindrum.moe", true },
{ "penguinprotocols.com", true },
{ "penispumpen.se", true },
@@ -28439,7 +29072,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pepeelektro.sk", true },
{ "pepemodelismo.com.br", true },
{ "peperstraat.online", true },
+ { "pepgrid.net", true },
{ "peplog.nl", true },
+ { "pepme.net", true },
+ { "pepstaff.net", true },
{ "pepwaterproofing.com", true },
{ "pequenosfavoritos.com.br", false },
{ "per-olsson.se", true },
@@ -28458,22 +29094,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "perfectcloud.org", true },
{ "perfectoparty.co.uk", true },
{ "perfectsnap.co.uk", true },
+ { "perfectstreaming.systems", true },
{ "perfektesgewicht.com", true },
{ "perfektesgewicht.de", true },
- { "performancehealth.com", true },
+ { "performancehealth.com", false },
{ "performing-art-schools.com", true },
{ "perfumeaz.com", true },
{ "perfumes.com.br", true },
+ { "periodic-drinking.com", true },
{ "periscope.tv", true },
{ "perishablepress.com", true },
{ "perm-avia.ru", true },
- { "perm-jur.ch", true },
- { "perm-juridique.ch", true },
{ "perm4.com", true },
{ "permajackofstlouis.com", true },
- { "permanence-juridique.com", true },
- { "permanencejuridique-ge.ch", true },
- { "permanencejuridique.com", true },
{ "permeance108.com", true },
{ "permiscoderoute.fr", true },
{ "permistheorique.be", true },
@@ -28484,8 +29117,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "perrau.lt", true },
{ "perroquet-passion.ch", true },
{ "persephone.gr", true },
+ { "persocloud.org", true },
{ "personal-genome.com", true },
- { "personal-injury-attorney.co", true },
{ "personaltrainer-senti.de", true },
{ "perspectivum.com", true },
{ "perspektivwechsel-coaching.de", true },
@@ -28512,11 +29145,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "petelew.is", true },
{ "peter.org.ua", true },
{ "peterandjoelle.co.uk", true },
+ { "peterbarrett.ca", true },
{ "peterboers.info", true },
{ "peterborgapps.com", true },
{ "peterbruceharvey.com", true },
{ "peterdavehello.org", true },
{ "peterfiorella.com", true },
+ { "peterhons.com.au", true },
{ "peterhuetz.at", true },
{ "peterhuetz.com", true },
{ "peterjin.org", true },
@@ -28546,7 +29181,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "petroleum-schools.com", true },
{ "petroscand.eu", true },
{ "petrostathis.com", true },
- { "petrotranz.com", true },
{ "petrpikora.com", true },
{ "petrucciresidential.com", true },
{ "petruzz.net", true },
@@ -28557,10 +29191,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pewnews.org", true },
{ "pex.digital", true },
{ "peyote.com", true },
- { "pf.dk", true },
{ "pfa.or.jp", true },
{ "pfadfinder-aurich.de", true },
- { "pfadfinder-grossauheim.de", true },
{ "pfarchimedes-pensioen123.nl", true },
{ "pfarre-kremsmuenster.at", true },
{ "pfcafeen.dk", true },
@@ -28575,10 +29207,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pflanzen-shop.ch", true },
{ "pflanzenshop-emsland.de", true },
{ "pflegesalon-siebke.de", true },
+ { "pflug.email", true },
{ "pfmeasure.com", true },
- { "pfo.io", true },
{ "pfotentour-berlin.de", true },
- { "pfrost.me", true },
{ "pfudor.tk", true },
{ "pg-forum.de", true },
{ "pg-mana.net", true },
@@ -28597,7 +29228,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pharma-display.com", true },
{ "pharmaabsoluta.com.br", true },
{ "pharmaboard.de", true },
- { "pharmaboard.org", true },
{ "pharmacie-fr.org", true },
{ "pharmacieplusfm.ch", true },
{ "pharmafoto.ch", true },
@@ -28609,28 +29239,32 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pharmica.uk", true },
{ "pharside.dyndns.org", true },
{ "pharynks.com", true },
+ { "pharynx.nl", true },
{ "phasersec.com", false },
{ "phasme-2016.com", true },
{ "phattea.tk", true },
{ "phaux.uno", true },
{ "phcimages.com", true },
+ { "phcnetworks.net", true },
{ "phcorner.net", true },
{ "phdhub.it", true },
+ { "phellowseven.com", true },
{ "phelx.de", true },
{ "phenixairsoft.com", true },
+ { "phenq.com", true },
{ "phget.com", true },
{ "phhtc.ir", true },
{ "phi-works.com", true },
{ "phialo.de", true },
{ "phil-dirt.com", true },
{ "phil-phillies.com", true },
+ { "phil.red", true },
{ "phil.tw", true },
{ "philadelphia.com.mx", true },
{ "phileas-psychiatrie.be", true },
{ "philia-sa.com", true },
{ "philipdb.com", true },
{ "philipdb.nl", true },
- { "philipkohn.com", true },
{ "philipp-trulson.de", true },
{ "philipp-winkler.de", true },
{ "philipp1994.de", true },
@@ -28645,6 +29279,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "philipssupportforum.com", true },
{ "philipzhan.tk", true },
{ "phillipgoldfarb.com", true },
+ { "phillipsdistribution.com", true },
{ "phillyinjurylawyer.com", true },
{ "philna.sh", true },
{ "philosoftware.com.br", true },
@@ -28659,11 +29294,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "philsturgeon.uk", true },
{ "philux.ch", true },
{ "phishing-studie.org", true },
- { "phishing.rs", false },
{ "phishingusertraining.com", true },
{ "phligence.com", true },
- { "phocean.net", true },
{ "phoenics.de", true },
+ { "phoenixlogan.com", true },
{ "phoenixurbanspaces.com", true },
{ "phone-service-center.de", true },
{ "phonix-company.fr", true },
@@ -28672,20 +29306,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "phosagro.com", false },
{ "phosagro.ru", false },
{ "phosphene.io", true },
- { "photek.fm", true },
{ "photistic.org", true },
{ "photo-livesearch.com", true },
{ "photo-paysage.com", true },
+ { "photo.org.il", true },
{ "photoancestry.com", true },
{ "photoartelle.com", true },
{ "photodeal.fr", true },
{ "photographe-reims.com", true },
{ "photographersdaydream.com", true },
{ "photography-workshops.net", true },
- { "photolium.net", true },
+ { "photolium.net", false },
{ "photomodelcasting.com", true },
- { "photon.sh", true },
- { "photosquare.com.tw", true },
{ "phototravel.uk", true },
{ "phototrio.com", true },
{ "phoxmeh.com", true },
@@ -28702,8 +29334,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "phpower.com", true },
{ "phpprime.com", true },
{ "phpsecure.info", true },
+ { "phpstan.org", true },
{ "phpunit.de", true },
- { "phra.gs", true },
{ "phrive.space", true },
{ "phryanjr.com", false },
{ "phuket-idc.com", true },
@@ -28715,11 +29347,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "physicalism.com", true },
{ "physicalist.com", true },
{ "physicaltherapist.com", false },
- { "physicpezeshki.com", true },
{ "physics-schools.com", true },
{ "physiotherapie-seiwald.de", true },
{ "physiovesenaz.ch", true },
- { "pi-box.ml", true },
{ "pi-control.de", true },
{ "pi-dash.com", true },
{ "pi-net.dedyn.io", true },
@@ -28739,6 +29369,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "piccolo-parties.co.uk", true },
{ "pickabrain.fr", true },
{ "pickelhaubes.com", true },
+ { "pickersurvey.org", true },
{ "pickme.nl", false },
{ "pickmysoap.gr", true },
{ "pickormix.co.uk", true },
@@ -28781,7 +29412,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pieterhordijk.com", true },
{ "pietermaene.be", false },
{ "pietz.uk", true },
- { "pigritia.de", true },
{ "pigs.pictures", true },
{ "pijuice.com", true },
{ "pik.bzh", true },
@@ -28799,6 +29429,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pilotgrowth.com", true },
{ "pilsoncontracting.com", true },
{ "pilvin.pl", true },
+ { "pimg136.com", true },
{ "pimhaarsma.nl", true },
{ "pimhaarsmamedia.nl", true },
{ "pimpmyperf.fr", true },
@@ -28825,6 +29456,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pinkwalk.co.nz", true },
{ "pinkyf.com", false },
{ "pinkylam.me", true },
+ { "pinnacle-tex.com", true },
{ "pinnacleallergy.net", true },
{ "pinnaclelife.co.nz", true },
{ "pinnaclelife.nz", true },
@@ -28834,7 +29466,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pinoyonlinetv.com", true },
{ "pinoytech.ph", true },
{ "pinpayments.com", true },
- { "pinscher.com.br", true },
+ { "pinpointengineer.co.uk", true },
{ "pinskupakki.fi", true },
{ "pinterest.at", true },
{ "pinterest.co.uk", true },
@@ -28844,16 +29476,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pinterest.ie", true },
{ "pinterest.info", true },
{ "pinterest.jp", true },
- { "pintosbeeremovals.co.za", true },
+ { "pinterjann.is", true },
{ "pintosplumbing.co.za", true },
{ "pioneer-car.eu", true },
{ "pioneer-rus.ru", true },
- { "pipenny.net", true },
+ { "pipfrosch.com", true },
{ "pipocao.com", true },
{ "pirate.trade", true },
{ "piratebayproxy.tf", true },
{ "piraten-basel.ch", true },
{ "piraten-bv-nord.de", true },
+ { "pirateparty.org.uk", true },
{ "pirateproxy.cam", true },
{ "pirateproxy.cat", true },
{ "pirateproxy.cc", true },
@@ -28888,6 +29521,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pitfire.io", true },
{ "pitot-rs.org", true },
{ "pittmantraffic.co.uk", true },
+ { "piubip.com.br", true },
{ "pivniraj.com", true },
{ "pivotaltracker.com", true },
{ "pivotanimation.org", true },
@@ -28909,19 +29543,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pixelz.cc", true },
{ "pixiv.cat", true },
{ "pixiv.moe", true },
- { "pixivimg.me", true },
+ { "pixiv.rip", true },
{ "pixlfox.com", true },
{ "pixloc.fr", true },
{ "pizza-show.fr", true },
{ "pizzabesteld.nl", true },
{ "pizzabottle.com", false },
- { "pizzacook.ch", true },
{ "pizzafest.ddns.net", true },
- { "pizzafunny.com.br", true },
{ "pizzagigant.hu", true },
{ "pizzahut.ru", true },
{ "pizzalongaway.it", true },
- { "pizzamc.eu", true },
{ "pizzeria-mehrhoog.de", true },
{ "pizzeriaamadeus.hr", true },
{ "pizzeriacolore.com", true },
@@ -28938,10 +29569,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pkisolutions.com", true },
{ "pkov.cz", true },
{ "pkphotobooths.co.uk", true },
+ { "pkrank.com", true },
+ { "pksps.com", true },
{ "pl-cours.ch", true },
{ "pl.search.yahoo.com", false },
{ "placasonline.com.br", true },
- { "placassinal.com.br", true },
{ "placebet.pro", true },
{ "placedaffiliate.com", true },
{ "placedapps.com", true },
@@ -28953,6 +29585,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "plainbulktshirts.co.za", true },
{ "plainjs.com", true },
{ "plainmark.com", true },
+ { "plaintech.net.au", true },
{ "plaisirdumouvement.com", true },
{ "plan-immobilier.fr", true },
{ "plan-it-events.de", true },
@@ -28983,12 +29616,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "planmemberpartners.com", true },
{ "plannedlink.com", true },
{ "planningexcellence.com.au", true },
- { "planolowcarb.com", true },
{ "plant-gift.jp", true },
{ "plantarum.com.br", true },
{ "plantastique.ch", true },
{ "plantastique.com", true },
{ "planteforum.no", true },
+ { "plantekno.com", true },
{ "plantes.ch", true },
{ "plantezcheznous.com", true },
{ "plantrustler.com", true },
@@ -28997,9 +29630,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "planview.com", true },
{ "plaque-funeraire.fr", true },
{ "plassmann.ws", true },
- { "plasticsurgeryartist.com", true },
- { "plasticsurgerynola.com", true },
- { "plastiflex.it", true },
{ "plastovelehatko.cz", true },
{ "plateformecandidature.com", true },
{ "platformadmin.com", true },
@@ -29018,6 +29648,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "playcollect.net", true },
{ "playdaysparties.co.uk", true },
{ "playerdb.co", true },
+ { "players2gather.com", true },
{ "playerscout.net", true },
{ "playform.cloud", true },
{ "playhappywheelsunblocked.com", true },
@@ -29045,9 +29676,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "plesse.pl", true },
{ "plexa.de", true },
{ "plexhome13.ddns.net", true },
- { "plexi.dyndns.tv", true },
{ "plexmark.tk", true },
{ "plextv.de", true },
+ { "plicca.com", true },
{ "pliosoft.com", true },
{ "plissee-experte.de", true },
{ "plitu.de", true },
@@ -29079,6 +29710,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "plumlocosoft.com", true },
{ "plumnet.ch", true },
{ "plumpie.net", false },
+ { "plumplat.com", true },
{ "plur.com.au", true },
{ "plural.cafe", true },
{ "plurr.me", true },
@@ -29091,7 +29723,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "plusstreamfeed.appspot.com", true },
{ "plustech.id", true },
{ "pluta.net", true },
- { "pluth.org", true },
{ "plutiedev.com", true },
{ "pluto.life", true },
{ "plutokorea.com", true },
@@ -29123,7 +29754,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pmnaish.co.uk", true },
{ "pmoreau.org", true },
{ "pmp-art.com", true },
- { "pmponline.de", true },
{ "pmsacorp.com", true },
{ "pmsf.eu", true },
{ "pmsfdev.com", true },
@@ -29134,21 +29764,99 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pneu01.fr", true },
{ "pneu74.fr", true },
{ "pneuhaus-lemp.ch", true },
- { "pneumonline.be", true },
{ "pnimmobilier.ch", true },
{ "pnmhomecheckup.com", true },
+ { "pnoec.org.do", true },
{ "pnona.cz", true },
{ "pnsc.is", true },
{ "pnut.io", false },
{ "po.net", true },
{ "poba.fr", true },
+ { "poc.xn--fiqs8s", true },
+ { "poc060.com", true },
+ { "poc080.com", true },
+ { "poc100.com", true },
+ { "poc109.com", true },
+ { "poc11.com", true },
+ { "poc116.com", true },
+ { "poc118.com", true },
+ { "poc119.com", true },
+ { "poc120.com", true },
+ { "poc128.com", true },
+ { "poc13.com", true },
+ { "poc15.com", true },
+ { "poc16.com", true },
+ { "poc17.com", true },
+ { "poc18.com", true },
+ { "poc19.com", true },
+ { "poc21.com", true },
+ { "poc211.com", true },
+ { "poc22.com", true },
+ { "poc226.com", true },
+ { "poc228.com", true },
+ { "poc23.com", true },
+ { "poc25.com", true },
+ { "poc26.com", true },
+ { "poc261.com", true },
+ { "poc262.com", true },
+ { "poc27.com", true },
+ { "poc290.com", true },
+ { "poc298.com", true },
+ { "poc31.com", true },
+ { "poc32.com", true },
+ { "poc33.com", true },
+ { "poc35.com", true },
+ { "poc36.com", true },
+ { "poc37.com", true },
+ { "poc38.com", true },
+ { "poc51.com", true },
+ { "poc518.com", true },
+ { "poc52.com", true },
+ { "poc53.com", true },
+ { "poc55.com", true },
+ { "poc56.com", true },
+ { "poc568.com", true },
+ { "poc57.com", true },
+ { "poc58.com", true },
+ { "poc586.com", true },
+ { "poc588.com", true },
+ { "poc59.com", true },
+ { "poc601.com", true },
+ { "poc618.com", true },
+ { "poc63.com", true },
+ { "poc65.com", true },
+ { "poc66.com", true },
+ { "poc67.com", true },
+ { "poc68.com", true },
+ { "poc69.com", true },
+ { "poc699.com", true },
+ { "poc7.com", true },
+ { "poc718.com", true },
+ { "poc72.com", true },
+ { "poc75.com", true },
+ { "poc76.com", true },
+ { "poc77.com", true },
+ { "poc78.com", true },
+ { "poc79.com", true },
+ { "poc8.com", true },
+ { "poc816.com", true },
+ { "poc86.com", true },
{ "poc88.com", true },
- { "pocakking.tk", true },
+ { "poc88.vip", true },
+ { "poc888.com", true },
+ { "poc89.com", true },
+ { "poc899.com", true },
+ { "poc916.com", true },
+ { "poc918.com", true },
+ { "poc98.com", true },
+ { "poc99.com", true },
{ "pocatellonissanparts.com", true },
{ "pochaneko.com", true },
{ "pocitacezababku.cz", true },
{ "pocketfruity.com", true },
{ "pocketinsure.com", true },
+ { "pocpok.com", true },
+ { "pocqipai.com", true },
{ "podemos.info", true },
{ "podia.com.gr", false },
{ "podroof.com", true },
@@ -29161,7 +29869,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "poezjagala.pl", true },
{ "poffenhouse.ddns.net", true },
{ "pogera.com", true },
- { "pogetback.pl", true },
{ "pogrebisky.net", true },
{ "pohlednice-tap.cz", true },
{ "pohlmann.io", true },
@@ -29174,7 +29881,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "poiru.net", true },
{ "poitiers-ttacc-86.eu.org", true },
{ "pojer.me", true },
- { "pokalsocial.de", true },
{ "pokazy-iluzji.pl", true },
{ "pokefarm.com", true },
{ "pokeinthe.io", true },
@@ -29187,6 +29893,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pokl.cz", true },
{ "polaire.org", true },
{ "polanda.com", true },
+ { "polar-baer.com", true },
{ "polar.uk.com", true },
{ "pole-emotion.ch", true },
{ "poleacademie.com", true },
@@ -29203,7 +29910,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "polis812.ru", true },
{ "polish-dictionary.com", true },
{ "polish-flag.com", true },
- { "polish-translations.com", true },
{ "polish-translator.com", true },
{ "polish-translator.net", true },
{ "polish-translators.net", true },
@@ -29227,18 +29933,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pollingplace.uk", true },
{ "polly.spdns.org", true },
{ "poloniainfo.com", true },
- { "poloniex.co.za", true },
{ "polska-robota.com.ua", true },
{ "polskiemalzenstwo.org", true },
{ "poly-fast.com", true },
{ "polycraftual.co.uk", true },
- { "polyfill.io", true },
{ "polyfluoroltd.com", false },
{ "polygamer.net", true },
{ "polygraphi.ae", true },
{ "polymake.org", true },
{ "polymathematician.com", true },
- { "polymorph.rs", true },
{ "polynomapp.com", true },
{ "polypane.rocks", true },
{ "polypet.com.sg", true },
@@ -29257,14 +29960,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "poncho-bedrucken.de", true },
{ "ponere.dz", true },
{ "poneypourtous.com", true },
+ { "poneytelecom.org", true },
{ "ponga.se", true },
+ { "ponio.xyz", true },
{ "pony-cl.co.jp", true },
{ "pony.tf", true },
{ "ponychan.net", true },
{ "ponycyclepals.co.uk", true },
{ "ponydesignclub.nl", true },
{ "ponyfoo.com", true },
- { "ponzi.life", true },
{ "poodleassassin.com", true },
{ "poodlefan.net", true },
{ "pookl.com", true },
@@ -29294,8 +29998,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "porg.es", true },
{ "pork.org.uk", true },
{ "porkel.de", true },
+ { "pornagent.de", true },
{ "pornbay.eu", true },
- { "porncandi.com", true },
{ "porndragon.net", true },
{ "pornfacefinder.com", false },
{ "pornflare.net", true },
@@ -29312,9 +30016,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pornstop.net", true },
{ "pornsuper.net", true },
{ "porny.xyz", true },
- { "porpcr.com", true },
{ "pors-sw.cz", true },
- { "port.im", true },
{ "port443.hamburg", true },
{ "port443.se", true },
{ "port67.org", true },
@@ -29327,6 +30029,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "portalcentric.net", true },
{ "portalkla.com.br", true },
{ "portamiinpista.it", true },
+ { "portatiles-baratos.net", true },
{ "porte.roma.it", true },
{ "portercup.com", true },
{ "porterranchelectrical.com", true },
@@ -29353,13 +30056,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "posijson.stream", true },
{ "positionus.io", true },
{ "positive.com.cy", true },
- { "positivenames.net", true },
{ "posobota.cz", true },
{ "posoiu.net", true },
{ "post-darwinian.com", true },
{ "post-darwinism.com", true },
{ "post.com.ar", true },
{ "post.io", true },
+ { "post4me.at", true },
{ "postal.dk", true },
{ "postal3.es", true },
{ "postblue.info", true },
@@ -29368,7 +30071,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "postcodewise.co.uk", true },
{ "postdarwinian.com", true },
{ "postdarwinism.com", true },
- { "postdeck.de", true },
{ "posteo.de", false },
{ "posterspy.com", true },
{ "postfalls-naturopathic.com", true },
@@ -29385,7 +30087,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "potature.rimini.it", true },
{ "potature.roma.it", true },
{ "potentialproject.com", false },
- { "potenzprobleme-info.net", true },
{ "poterepersonale.it", true },
{ "pothe.com", true },
{ "pothe.de", true },
@@ -29402,12 +30103,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pourlesenfants.info", true },
{ "pouwels-oss.nl", true },
{ "povareschka.ru", true },
+ { "povertymind.com", true },
{ "povesham.tk", true },
{ "pow-s.com", true },
{ "pow.jp", true },
{ "powdersnow.top", true },
{ "powelljones.co.uk", true },
- { "power-coonies.de", true },
{ "power-fit.org", true },
{ "power-flowengineer.com", true },
{ "power-meter.cc", true },
@@ -29428,8 +30129,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "powersergdatasystems.com", true },
{ "powersergholdings.com", true },
{ "powersergthisisthetunnelfuckyouscott.com", true },
+ { "powersergthisisthewebsitefuckyouchris.com", true },
{ "powersergthisisthewebsitefuckyouscott.com", true },
- { "powersergusercontent.com", true },
{ "powerwellness-korecki.de", true },
{ "pozemedicale.org", true },
{ "pozlife.net", true },
@@ -29461,6 +30162,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "prado.it", true },
{ "praeparation-keppner.de", true },
{ "praerien-racing.com", true },
+ { "praetzlich-hamburg.de", true },
{ "prague-swim.cz", true },
{ "praguepsychology.com", true },
{ "praguepsychology.cz", true },
@@ -29479,10 +30181,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "praxis-familienglueck.de", true },
{ "praxis-odermath.de", true },
{ "prayerrequest.com", true },
- { "prazynka.pl", true },
{ "prc-newmedia.com", true },
{ "prc.gov", true },
+ { "pre-lean-consulting.de", true },
{ "precept.uk.com", true },
+ { "preciosde.es", true },
{ "preciouslife.fr", true },
{ "preciscx.com", true },
{ "preciseassemblies.com", true },
@@ -29492,12 +30195,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "precisionventures.com", true },
{ "precode.eu", true },
{ "predoiu.ro", true },
+ { "preferredreverse.com", true },
{ "prefix.eu", true },
- { "pregono.com", true },
{ "pregunteleakaren.gov", true },
{ "preigu.de", true },
{ "preis-alarm.info", true },
{ "preis-alarm.org", true },
+ { "preisser-it.de", true },
+ { "preisser.it", true },
{ "preissler.co.uk", true },
{ "preload.link", true },
{ "preloaded-hsts.badssl.com", true },
@@ -29523,10 +30228,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "premiumwebdesign.it", true },
{ "premtech.nl", true },
{ "prenatalgeboortekaartjes.nl", true },
+ { "prepadefi.fr", true },
{ "prepaid-cards.xyz", true },
{ "prepaid-voip.nl", true },
{ "prepaidkredietkaart.be", true },
{ "prepare-job-hunting.com", true },
+ { "prepavesale.fr", true },
{ "presbee.com", true },
{ "presbvm.org", true },
{ "presbyterian-colleges.com", true },
@@ -29562,26 +30269,26 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "prettynode.com", true },
{ "pretzelx.com", true },
{ "prevenir.ch", true },
+ { "preventshare.com", true },
{ "preview-it-now.com", true },
{ "priceremoval.net", true },
{ "pricesniffer.co", true },
- { "prideindomination.com", true },
{ "pridetechdesign.com", false },
{ "prielwurmjaeger.de", true },
{ "prihatno.my.id", true },
- { "primaconsulting.net", true },
{ "primalbase.com", true },
{ "primalinea.pro", true },
{ "primates.com", true },
{ "primeequityproperties.com", true },
{ "primoloyalty.com", true },
{ "primorus.lt", true },
- { "primotilesandbathrooms.co.uk", false },
{ "princeofwhales.com", true },
{ "princesparktouch.com", true },
{ "princessefoulard.com", true },
+ { "principalsexam.com", true },
{ "principalship.net", true },
{ "principalstest.com", true },
+ { "principalstest.ph", true },
{ "principalstest.review", true },
{ "principaltoolbox.com", true },
{ "principia-journal.de", true },
@@ -29590,7 +30297,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "princovi.cz", true },
{ "prinice.org", true },
{ "printeknologies.com", true },
+ { "printerinktoutlet.nl", true },
{ "printerleasing.be", true },
+ { "printertonerkopen.nl", true },
{ "printf.de", true },
{ "printfn.com", false },
{ "printler.com", true },
@@ -29621,6 +30330,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "prismacloud.com", true },
{ "prismacloud.green", true },
{ "prismacloud.xyz", true },
+ { "prismapayments.com", true },
{ "pristal.eu", true },
{ "pristinegreenlandscaping.com", true },
{ "pritalk.com", true },
@@ -29633,6 +30343,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "privacychick.io", true },
{ "privacyforjournalists.org.au", true },
{ "privacyinternational.org", true },
+ { "privacynow.eu", true },
{ "privacyscore.org", true },
{ "privacyweek.at", true },
{ "privacyweek.de", true },
@@ -29677,6 +30388,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "probely.com", true },
{ "probiv.biz", true },
{ "probiv.cc", true },
+ { "procar-rheinland.de", true },
{ "procarservices.com", true },
{ "procensus.com", true },
{ "procert.ch", true },
@@ -29684,7 +30396,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "procharter.com", true },
{ "procinorte.net", true },
{ "proclib.org", true },
- { "proclubs.news", true },
{ "procrastinationland.com", true },
{ "procreditbank-kos.com", true },
{ "procreditbank.com.al", true },
@@ -29753,23 +30464,25 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "project86fashion.com", true },
{ "projectarmy.net", false },
{ "projectblackbook.us", true },
- { "projectborealisgitlab.site", false },
+ { "projectborealisgitlab.site", true },
{ "projectforge.org", true },
+ { "projectgrimoire.com", true },
{ "projectlinuseasttn.org", true },
{ "projectnom.com", true },
{ "projectsafechildhood.gov", true },
{ "projectsecretidentity.com", true },
{ "projectsecretidentity.org", true },
- { "projectunity.io", true },
+ { "projectxyz.eu", true },
{ "projektarbeit-projektplanung.de", true },
+ { "projektzentrisch.de", true },
{ "projest.ch", true },
- { "projet-fly.ch", true },
{ "prolan.pw", true },
{ "prolearningcentre.com", true },
{ "prolinos.de", true },
{ "promedyczny.pl", true },
{ "prometheanfire.net", true },
{ "prometheanfire.org", true },
+ { "promiflash.de", true },
{ "promisesaplus.com", true },
{ "promo-brille.at", true },
{ "promo-brille.ch", true },
@@ -29796,7 +30509,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "proovn.com", true },
{ "propagandablog.de", true },
{ "propagationtools.com", true },
- { "propepper.net", true },
{ "properchels.com", true },
{ "propermatches.com", true },
{ "properticons.com", true },
@@ -29804,19 +30516,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "propertygroup.pl", true },
{ "propertyinside.id", true },
{ "propertyone.mk", true },
- { "prophiler.de", true },
{ "propipesystem.com", true },
{ "proposalonline.com", true },
{ "propr.no", true },
{ "proprietairesmaisons.fr", true },
{ "propseller.com", true },
{ "proseandleprechauns.com", true },
- { "prosharp.com.au", true },
{ "prospanek.cz", true },
+ { "prospecto.com.au", true },
+ { "prospecto.ee", true },
+ { "prospecto.hr", true },
+ { "prospecto.lt", true },
{ "prosperfit.com", true },
{ "prosperontheweb.com", true },
{ "prospo.co", true },
- { "prostoporno.sexy", true },
+ { "prostoporno.vip", true },
{ "prostye-recepty.com", true },
{ "prosurveillancegear.com", true },
{ "prot.ch", false },
@@ -29866,10 +30580,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "proxybay.tv", true },
{ "proxyportal.eu", true },
{ "proyectafengshui.com", true },
- { "proyecto13.com", true },
{ "prpferrara.it", true },
{ "prplz.io", true },
- { "prpr.cloud", true },
{ "prt.in.th", true },
{ "prtimes.com", true },
{ "prtpe.com", true },
@@ -29882,6 +30594,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "prynhawn.net", true },
{ "prynhawn.org", true },
{ "pryspry.com", true },
+ { "prytkov.com", true },
{ "przemas.pl", true },
{ "ps-provider.co.jp", true },
{ "ps-sale.ru", true },
@@ -29935,7 +30648,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "psycho.space", true },
{ "psychoactive.com", true },
{ "psychoco.net", false },
- { "psychologie-hofner.at", true },
{ "psychotherapie-kp.de", true },
{ "psycolleges.com", true },
{ "psydix.org", true },
@@ -29964,6 +30676,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "puac.de", true },
{ "pubclub.com", true },
{ "pubean.com", true },
+ { "pubi.me", true },
{ "publanda.nl", true },
{ "public-g.de", true },
{ "public-projects.com", true },
@@ -29976,18 +30689,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "publicrea.com", true },
{ "publicsuffix.org", true },
{ "publiq.space", true },
- { "pubmire.com", true },
+ { "pubmire.com", false },
{ "pubreview.com.au", true },
{ "pubreviews.com", true },
{ "pucchi.net", true },
{ "pucssa.org", true },
{ "puddis.de", true },
+ { "puestifiestas.mx", true },
+ { "puestosdeferia.mx", true },
{ "puggan.se", true },
{ "pugovka72.ru", true },
{ "puhka.me", true },
{ "puissancemac.ch", true },
{ "pukfalkenberg.dk", true },
- { "puli.com.br", true },
{ "pulizieuffici.milano.it", true },
{ "pulpproject.org", true },
{ "pulser.stream", true },
@@ -29996,7 +30710,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pulsnitzer-pfefferkuchen-shop.de", true },
{ "pulsnitzer-pfefferkuchen.shop", true },
{ "pumperszene.com", true },
+ { "punchlinetheatre.co.uk", true },
+ { "punchunique.com", true },
{ "puneflowermall.com", true },
+ { "punematka.com", true },
{ "punikonta.de", true },
{ "punitsheth.com", true },
{ "punkapoule.fr", true },
@@ -30011,9 +30728,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pure-gmbh.com", true },
{ "purecabo.com", true },
{ "purefkh.xyz", true },
+ { "purefreefrom.co.uk", true },
{ "pureitsolutionsllp.com", true },
{ "purelunch.co.uk", true },
{ "pureluxemedical.com", true },
+ { "purenvi.ca", true },
{ "purevapeofficial.com", true },
{ "purplebooth.co.uk", false },
{ "purplebricks.co.uk", true },
@@ -30030,10 +30749,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "purplestar.com", true },
{ "purplestar.mobi", true },
{ "purplewindows.net", true },
- { "purplez.pw", true },
{ "purrfect-box.co.uk", true },
{ "purrfectboudoir.com", true },
+ { "purrfectcams.com", true },
{ "purrfectmembersclub.com", true },
+ { "purrfectswingers.com", true },
{ "pursuedtirol.com", true },
{ "puryearlaw.com", true },
{ "pusatinkubatorbayi.com", true },
@@ -30042,9 +30762,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pushphp.com", true },
{ "pushrax.com", true },
{ "pusichatka.ddns.net", true },
+ { "pussr.com", true },
{ "put.moe", true },
{ "put.re", true },
{ "putatara.net", true },
+ { "putin.red", true },
{ "putman-it.nl", true },
{ "putney.io", true },
{ "putomani.rs", true },
@@ -30076,6 +30798,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pxx.io", true },
{ "py-amf.org", true },
{ "py.search.yahoo.com", false },
+ { "pycoder.org", true },
{ "pycrc.org", true },
{ "pycrypto.org", true },
{ "pycycle.info", true },
@@ -30111,10 +30834,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "qaconstrucciones.com", true },
{ "qadmium.com", true },
{ "qambarraza.com", true },
- { "qapital.com", true },
+ { "qani.me", true },
{ "qaq.sh", true },
+ { "qaz.cloud", true },
+ { "qbeing.info", true },
{ "qbiju.com.br", true },
{ "qbiltrade.com", true },
+ { "qbus.pl", true },
{ "qc.immo", true },
{ "qc.search.yahoo.com", false },
{ "qccareerschool.com", true },
@@ -30129,6 +30855,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "qctravelschool.com", true },
{ "qdabogados.com", true },
{ "qdon.space", false },
+ { "qe-lab.at", true },
{ "qedcon.org", false },
{ "qelectrotech.org", true },
{ "qetesh.de", true },
@@ -30147,6 +30874,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "qingcao.org", true },
{ "qingpei.me", true },
{ "qionouu.cn", true },
+ { "qipl.org", true },
{ "qis.fr", true },
{ "qitarabutrans.com", true },
{ "qiu521119.host", true },
@@ -30170,6 +30898,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "qponverzum.hu", true },
{ "qq-navi.com", true },
{ "qq52o.me", true },
+ { "qqrss.com", true },
{ "qr-city.org", true },
{ "qr.cl", true },
{ "qrbird.com", true },
@@ -30181,6 +30910,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "qtl.me", true },
{ "qtmsheep.com", true },
{ "qtn.net", true },
+ { "qto.com", true },
+ { "qto.net", true },
{ "qtpass.org", true },
{ "qtpower.co.uk", true },
{ "qtpower.net", true },
@@ -30200,7 +30931,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "qualpay.biz", true },
{ "qualtrics.com", true },
{ "quant-labs.de", true },
- { "quantaloupe.tech", true },
{ "quanterra.ch", true },
{ "quantolytic.de", true },
{ "quantoras.com", true },
@@ -30222,13 +30952,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "qubes-os.org", true },
{ "qubyte.codes", true },
{ "quchao.com", true },
+ { "queencomplex.net", true },
{ "queene.eu", true },
{ "queens.lgbt", true },
{ "queensrdapartments.com.au", true },
{ "queer.party", true },
{ "queercinema.ch", true },
{ "queercoders.com", false },
- { "queextensiones.com", true },
{ "quehacerencusco.com", true },
{ "quelle.at", true },
{ "quelle.ch", true },
@@ -30241,6 +30971,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "quentinchevre.ch", true },
{ "queo.com.co", true },
{ "quera.ir", true },
+ { "quermail.com", true },
{ "query-massage.com", true },
{ "question.com", true },
{ "questoj.cn", true },
@@ -30249,6 +30980,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "quic.stream", true },
{ "quickboysvrouwen2.nl", true },
{ "quickinfosystem.com", true },
+ { "quieroserbombero.org", true },
{ "quiet-waters.org", true },
{ "quietapple.org", true },
{ "quikchange.net", true },
@@ -30259,6 +30991,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "quinoa24.com", true },
{ "quintessa.org", true },
{ "quintype.com", true },
+ { "quiq-api.com", true },
+ { "quiq-cdn.com", true },
+ { "quiq.us", true },
{ "quire.io", true },
{ "quisido.com", true },
{ "quitarlasmanchasde.com", true },
@@ -30295,7 +31030,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "r-rwebdesign.com", true },
{ "r-t-b.fr", true },
{ "r0t.co", true },
- { "r0uzic.net", true },
{ "r1a.eu", true },
{ "r1ch.net", true },
{ "r2d2pc.com", true },
@@ -30319,17 +31053,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rabbit.wales", false },
{ "rabbitfinance.com", true },
{ "rabica.de", true },
- { "rabotaescort.com", true },
{ "rabynska.eu", true },
{ "raccoltarifiuti.com", true },
- { "racdek.com", true },
- { "racdek.net", true },
- { "racdek.nl", true },
{ "racermaster.xyz", true },
{ "racesport.nl", false },
{ "raceviewcycles.com", true },
{ "raceviewequestrian.com", true },
- { "rachaelrussell.com", true },
{ "rachelchen.me", true },
{ "racheldiensthuette.de", true },
{ "rachelmoorelaw.com", true },
@@ -30343,10 +31072,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "racoo.net", true },
{ "racozo.com", true },
{ "racunovodstvo-prina.si", true },
- { "rada-group.eu", true },
{ "radar.sx", true },
{ "radaravia.ru", true },
- { "radarnext.com", true },
{ "radartatska.se", true },
{ "radartek.com", true },
{ "radcube.hu", true },
@@ -30359,7 +31086,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "radio-pulsar.eu", true },
{ "radio-utopie.de", true },
{ "radio1.ie", true },
- { "radioactivenetwork.xyz", true },
+ { "radiocommg.com.br", true },
+ { "radiocomsaocarlos.com.br", true },
{ "radiofmimagen.net", true },
{ "radioheteroglossia.com", true },
{ "radioilusion.es", true },
@@ -30368,13 +31096,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "radiomontebianco.it", true },
{ "radionicabg.com", true },
{ "radiopolarniki.spb.ru", true },
- { "radior9.it", true },
{ "radiormi.com", true },
{ "radiorsvp.com", false },
{ "radiosendungen.com", true },
{ "radis-adopt.com", true },
+ { "radiumone.io", true },
{ "radiumtree.com", true },
- { "radom-pack.pl", true },
{ "radondetectionandcontrol.com", true },
{ "radreisetraumtreibstoff.de", true },
{ "radyabkhodro.net", true },
@@ -30386,11 +31113,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rafey.xyz", true },
{ "raffaellaosti.com", true },
{ "rafleatherdesign.com", true },
- { "raft.pub", true },
{ "rafting-japan.com", true },
{ "ragasto.nl", true },
- { "rage-overload.ch", true },
- { "rage.rip", true },
{ "rage4.com", true },
{ "raghavdua.in", true },
{ "rahulpnath.com", true },
@@ -30424,6 +31148,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rainstormsinjuly.co", true },
{ "rainville.me", true },
{ "rainway.io", true },
+ { "raipet.no-ip.biz", true },
{ "raiseyourflag.com", true },
{ "raissarobles.com", true },
{ "raito.win", true },
@@ -30434,6 +31159,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "raku.bzh", true },
{ "rakugokai.net", true },
{ "ralf-huebscher.de", true },
+ { "ralfs-zusizone.de", true },
{ "ralimtek.com", false },
{ "rally-base.com", true },
{ "rally-base.cz", true },
@@ -30448,9 +31174,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "raltha.com", true },
{ "ram-it.nl", true },
{ "ram.nl", true },
+ { "ramarka.de", true },
{ "rambo.codes", true },
{ "rammstein-portugal.com", true },
- { "ramrecha.com", true },
+ { "ramrecha.com", false },
{ "ramsor-gaming.de", true },
{ "randc.org", true },
{ "random-samplings.org", true },
@@ -30461,6 +31188,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "randomkoalafacts.com", true },
{ "randomprecision.co.uk", true },
{ "randomquotesapp.com", true },
+ { "randomrepo.com", true },
+ { "randomserver.pw", true },
{ "ranfurlychambers.co.nz", true },
{ "rangde.org", true },
{ "rangercollege.edu", true },
@@ -30480,7 +31209,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "raphael.li", true },
{ "raphaeladdile.com", true },
{ "raphaelcasazza.ch", true },
- { "raphaelmoura.ddns.net", true },
{ "raphaelschmid.eu", true },
{ "raphrfg.com", true },
{ "rapidapp.io", true },
@@ -30511,16 +31239,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rationalism.com", true },
{ "rationalops.com", true },
{ "rattenkot.io", true },
- { "rauchenwald.net", true },
{ "raulrivero.es", true },
{ "rault.io", true },
- { "raum4224.de", true },
{ "rauros.net", true },
{ "rautelow.de", true },
{ "ravchat.com", true },
{ "raven.dog", true },
{ "ravenger.net", true },
{ "ravensbuch.de", true },
+ { "ravenx.me", true },
{ "ravhaaglanden.org", true },
{ "ravindran.me", true },
{ "raviparekh.co.uk", true },
@@ -30534,27 +31261,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ray-home.de", true },
{ "ray-works.de", true },
{ "rayan-it.ir", true },
- { "rayanitco.com", true },
{ "rayiris.com", true },
{ "raykitchenware.com", true },
{ "raymcbride.com", true },
{ "raymd.de", true },
{ "raymii.org", true },
- { "raymondelooff.nl", true },
{ "raystark.com", true },
{ "rayworks.de", true },
+ { "razberry.kr", true },
{ "razeen.me", true },
{ "razeencheng.com", true },
{ "raziskovalec-resnice.com", true },
{ "razvanburz.net", true },
- { "rbcservicehub-uat.azurewebsites.net", true },
{ "rbensch.com", true },
{ "rbflote.lv", true },
{ "rbltracker.com", true },
- { "rbmafrica.co.za", true },
{ "rbnet.xyz", true },
{ "rbran.com", true },
- { "rburchell.com", true },
{ "rbx-talk.xyz", true },
{ "rc-offi.net", true },
{ "rc-rp.com", true },
@@ -30562,6 +31285,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rca.fr", true },
{ "rcd.cz", true },
{ "rcdocuments.com", true },
+ { "rcgoncalves.pt", true },
+ { "rchavez.site", true },
{ "rchrdsn.uk", true },
{ "rcifsgapinsurance.co.uk", true },
{ "rclsm.net", true },
@@ -30575,19 +31300,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rct.uk", true },
{ "rctalk.com", true },
{ "rdfproject.it", true },
- { "rdh.asia", true },
{ "rdjb2b.com", true },
{ "rdl.at", false },
{ "rdmc.fr", true },
{ "rdmrotterdam.nl", true },
{ "rdmtaxservice.com", true },
- { "rdns.cc", true },
+ { "rdv-cni.fr", true },
{ "rdv-prefecture.com", true },
{ "rdwh.tech", true },
- { "rdxsattamatka.mobi", true },
{ "re-curi.com", true },
{ "re-engines.com", true },
{ "reachhead.com", true },
+ { "reachonline.org", true },
{ "reachrss.com", true },
{ "reaconverter.com", true },
{ "react-db.com", true },
@@ -30603,6 +31327,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "readonly.de", true },
{ "readouble.com", false },
{ "reads.wang", true },
+ { "readybetwin.com", true },
{ "readysell.net", true },
{ "readytobattle.net", true },
{ "readytongue.com", true },
@@ -30616,6 +31341,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "realestatemarketingblog.org", true },
{ "realestateonehowell.com", true },
{ "realestateradioshow.com", true },
+ { "realfood.space", true },
{ "realfreedom.city", true },
{ "realhorsegirls.net", true },
{ "realhypnosistraining.com.au", true },
@@ -30627,7 +31353,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "realloc.me", true },
{ "really-simple-plugins.com", true },
{ "really-simple-ssl.com", true },
- { "really.ai", true },
{ "reallytrusted.com", true },
{ "realme.govt.nz", true },
{ "realmofespionage.xyz", true },
@@ -30664,8 +31389,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "recaptcha-demo.appspot.com", true },
{ "receiliart.com", true },
{ "receptionpoint.com", true },
- { "receptionsbook.com", true },
{ "recepty.eu", true },
+ { "recetasdecocinaideal.com", true },
{ "recetin.com", true },
{ "rechenknaecht.de", true },
{ "rechtsanwaeltin-vollmer.de", true },
@@ -30675,13 +31400,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "recipex.ru", true },
{ "recipeyak.com", true },
{ "reckontalk.com", true },
- { "reclamebureau-ultrax.nl", true },
{ "reclametoolz.nl", true },
{ "reclusiam.net", true },
{ "recmon.hu", true },
{ "reco-studio.de", true },
{ "recolic.net", true },
{ "recommended.reviews", true },
+ { "recompiled.org", true },
{ "recon-networks.com", true },
{ "reconexion.life", true },
{ "recordeuropa.com", false },
@@ -30693,6 +31418,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "recuerdafilms.com", true },
{ "recuperodatiraidfastec.it", true },
{ "recurly.com", true },
+ { "recursosdeautoayuda.com", true },
{ "recyclingpromotions.us", true },
{ "red-t-shirt.ru", true },
{ "red-trigger.net", true },
@@ -30728,13 +31454,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rede-reim.de", true },
{ "rede-t.com", true },
{ "redelectrical.co.uk", true },
+ { "redespaulista.com", true },
{ "redessantaluzia.com.br", true },
+ { "redflare.com.au", true },
{ "redfox-infosec.de", true },
{ "redfoxmarketiing.com", true },
{ "redgatesoftware.co.uk", true },
{ "redgoose.ca", true },
{ "redhandedsecurity.com.au", true },
- { "redheeler.com.br", true },
{ "redicals.com", true },
{ "redigest.it", true },
{ "redir.me", true },
@@ -30749,6 +31476,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "redlinelap.com", true },
{ "redlink.de", true },
{ "redmind.se", true },
+ { "redmondtea.com", true },
{ "redmore.me", true },
{ "redneragenturen.org", true },
{ "rednsx.org", true },
@@ -30759,18 +31487,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "redshoeswalking.net", true },
{ "redsicom.com", true },
{ "redsquarelasvegas.com", true },
- { "redsquirrelcampsite.co.uk", true },
{ "redstoner.com", true },
{ "redteam-pentesting.de", true },
{ "redwaterhost.com", true },
{ "redweek.com", true },
{ "redwoodpaddle.es", true },
{ "redwoodpaddle.pt", true },
+ { "redzonedaily.com", true },
{ "redzurl.com", false },
{ "reed-sensor.com", true },
{ "reedloden.com", true },
{ "reedyforkfarm.com", true },
{ "reegle.com", true },
+ { "reening.net", true },
{ "rees-carter.net", true },
{ "reesmichael1.com", true },
{ "reevaappliances.co.uk", true },
@@ -30783,6 +31512,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "reflectivity.io", true },
{ "reflectores.net", true },
{ "refletindosaude.com.br", true },
+ { "reflets.info", true },
{ "reflexions.co", true },
{ "reflexive-engineering.com", true },
{ "reflexive.xyz", true },
@@ -30825,6 +31555,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "registrarplus.net", true },
{ "registrarplus.nl", true },
{ "registryplus.net", true },
+ { "registryplus.nl", true },
{ "regmyr.se", true },
{ "regnix.net", true },
{ "regnr.info", true },
@@ -30840,7 +31571,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rehabphilippines.com", true },
{ "rehabthailand.com", true },
{ "rehabthailand.org", true },
- { "reher.pro", true },
{ "rei.ki", true },
{ "reichardt-home.goip.de", true },
{ "reichel-steinmetz.de", true },
@@ -30871,6 +31601,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "reiseversicherung-werner-hahn.de", true },
{ "reishunger.de", true },
{ "reisslittle.com", true },
+ { "reittherapie-tschoepke.de", true },
{ "rejahrehim.com", true },
{ "rejects.email", true },
{ "rejsehuskelisten.dk", true },
@@ -30901,8 +31632,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "remax.at", true },
{ "remedi.tokyo", true },
{ "remedionaturales.com", true },
- { "remedioparaherpes.com", true },
- { "remedios-caserospara.com", true },
{ "remedioscaserosparalacistitis.com", true },
{ "remejeanne.com", true },
{ "rememberthemilk.com", false },
@@ -30915,7 +31644,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "remitatm.com", false },
{ "remonti.info", true },
{ "remote.so", true },
- { "remoteham.com", true },
{ "remoteutilities.com", true },
{ "removalcellulite.com", true },
{ "removedrepo.com", true },
@@ -30925,13 +31653,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "renaissanceplasticsurgery.net", true },
{ "renascentia.asia", true },
{ "renaultclubticino.ch", true },
+ { "rendall.tv", true },
{ "renderloop.com", true },
{ "rendre-service.ch", true },
{ "rene-schwarz.com", true },
{ "rene-stolp.de", true },
{ "renearends.nl", true },
{ "renedekoeijer.com", true },
- { "renedekoeijer.nl", true },
{ "renee.today", true },
{ "reneleu.ch", true },
{ "renem.net", false },
@@ -30939,7 +31667,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "reneschmidt.de", true },
{ "renewablefreedom.org", true },
{ "renewablemaine.org", true },
- { "renewed.technology", true },
{ "renewgsa.com", true },
{ "renewmedispa.com", true },
{ "renewpfc.com", true },
@@ -30947,13 +31674,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "renkenlaw.com", true },
{ "renlen.nl", true },
{ "renov8sa.co.za", true },
+ { "renovablesverdes.com", true },
{ "renovum.es", true },
{ "renrenche.com", false },
{ "rens.nu", true },
+ { "rensa-datorn.se", true },
{ "renscreations.com", true },
+ { "rent-a-c.io", true },
{ "rent-a-coder.de", true },
{ "rentacaramerica.com", true },
{ "rentasweb.gob.ar", true },
+ { "rentayventadecarpas.com", true },
{ "renthelper.us", true },
{ "rentinsingapore.com.sg", true },
{ "rentourhomeinprovence.com", true },
@@ -30965,13 +31696,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "repaik.com", true },
{ "repair.by", true },
{ "repaper.org", true },
- { "reparo.pe", true },
{ "repaxan.com", true },
{ "repkord.com", true },
{ "replicaswiss.nl", true },
{ "repology.org", true },
{ "report-uri.com", true },
{ "report2psb.online", true },
+ { "reportband.gov", true },
{ "reporting.gov", true },
{ "reproduciblescience.org", true },
{ "reproductive-revolution.com", true },
@@ -31012,6 +31743,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "resolving.com", true },
{ "resoplus.ch", true },
{ "resort-islands.net", true },
+ { "resortafroditatucepi.com", true },
{ "resortohshima.com", true },
{ "resourceconnect.com", true },
{ "resourceguruapp.com", true },
@@ -31021,6 +31753,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "respectmyprivacy.net", true },
{ "respectmyprivacy.nl", true },
{ "respecttheflame.com", true },
+ { "respiranto.de", true },
{ "respon.jp", true },
{ "responer.com", true },
{ "responsepartner.com", true },
@@ -31029,6 +31762,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "responsivepaper.com", true },
{ "respostas.com.br", true },
{ "ressl.ch", true },
+ { "restaurant-de-notenkraker.be", true },
{ "restaurant-oregano.de", true },
{ "restaurant-rosengarten.at", true },
{ "restaurantguru.com", true },
@@ -31044,16 +31778,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "restrito.org", true },
{ "resultsatretail.com", true },
{ "resursedigitale.ro", true },
- { "retcor.net", true },
{ "retefarmaciecostadamalfi.it", true },
{ "retetenoi.net", true },
- { "retetop95.it", true },
{ "reticon.de", true },
{ "retmig.dk", true },
{ "reto.ch", true },
{ "reto.com", true },
{ "reto.io", true },
{ "retokromer.ch", true },
+ { "retornaz.com", true },
+ { "retornaz.eu", true },
+ { "retornaz.fr", true },
{ "retractableawningssydney.com.au", true },
{ "retro.rocks", true },
{ "retro.sx", true },
@@ -31063,7 +31798,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "retrofitlab.com", true },
{ "retroity.net", true },
{ "retrojar.top", true },
- { "retronet.nl", true },
{ "retroroundup.com", true },
{ "retrotracks.net", true },
{ "retrovideospiele.com", true },
@@ -31080,7 +31814,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "revayd.net", true },
{ "revensoftware.com", true },
{ "reverencestudios.com", true },
- { "reverse.design", true },
{ "reverseaustralia.com", true },
{ "reversecanada.com", true },
{ "reverseloansolutions.com", true },
@@ -31093,6 +31826,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "revision.co.zw", true },
{ "revisionnotes.xyz", true },
{ "revisit.date", true },
+ { "revista-programar.info", true },
{ "revivalinhisword.com", true },
{ "revivalprayerfellowship.com", true },
{ "revivingtheredeemed.org", true },
@@ -31124,13 +31858,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rhees.nl", true },
{ "rhein-liebe.de", true },
{ "rheinneckarmetal.com", true },
- { "rheinturm.nrw", true },
{ "rheocube.com", true },
{ "rhese.net", true },
{ "rhetorical.ml", true },
- { "rheuma-online.de", true },
{ "rhevelo.com", true },
{ "rhinelander.ca", true },
+ { "rhinobase.net", true },
{ "rhinoceroses.org", true },
{ "rhnet.at", true },
{ "rhodenmanorcattery.co.uk", true },
@@ -31147,6 +31880,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ricardo.nu", true },
{ "ricardobalk.nl", true },
{ "ricardopq.com", true },
+ { "ricaribeiro.com.br", true },
{ "ricaud.me", true },
{ "riccardopiccioni.it", true },
{ "riccy.org", true },
@@ -31156,12 +31890,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "richardfeinbergdds.com", true },
{ "richardharpur.com", true },
{ "richardhering.de", true },
+ { "richardhicks.us", true },
{ "richardjgreen.net", true },
{ "richardlangworth.com", true },
{ "richardlevinmd.com", true },
{ "richardlugten.nl", true },
{ "richardramos.me", true },
{ "richardrblocker.net", true },
+ { "richardschut.nl", true },
{ "richardson.cam", true },
{ "richardson.engineering", true },
{ "richardson.pictures", true },
@@ -31170,7 +31906,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "richardstonerealestate.com", true },
{ "richardwarrender.com", true },
{ "richie.fi", true },
- { "richonrails.com", true },
{ "ricketyspace.net", true },
{ "ricki-z.com", true },
{ "rickrongen.nl", true },
@@ -31185,15 +31920,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ricoydesign.com", true },
{ "ricozienke.de", true },
{ "riddims.co", true },
- { "ride-up.com", true },
+ { "rideintaxi.com", true },
{ "rideways.com", true },
{ "rideyourdamn.bike", true },
{ "ridgelandchurch.org", true },
{ "ridingboutique.de", true },
+ { "ridwan.co", false },
{ "riederle.com", true },
{ "riemer.ml", true },
{ "riesenweber.id.au", true },
{ "riesheating.com", true },
+ { "rievo.net", true },
{ "riffreporter.de", true },
{ "rifkivalkry.net", true },
{ "rift.pictures", true },
@@ -31210,6 +31947,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rigolitch.fr", true },
{ "rigsalesaustralia.com", true },
{ "rijk-catering.nl", false },
+ { "rijschoolrichardschut.nl", true },
+ { "rijschoolsafetyfirst.nl", true },
{ "rijsinkunst.nl", false },
{ "rik.onl", true },
{ "riku.pw", true },
@@ -31228,13 +31967,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rio-weimar.de", true },
{ "rioshop.com.br", true },
{ "rioxmarketing.com", true },
+ { "rioxmarketing.pt", true },
{ "rip-sport.cz", true },
{ "ripaton.fr", true },
{ "ripcorddesign.com", true },
{ "ripcordsandbox.com", true },
{ "ripmixmake.org", true },
{ "riqy86.nl", true },
- { "ris.fi", true },
+ { "ris-bad-wurzach.de", true },
{ "risada.nl", true },
{ "risaphuketproperty.com", true },
{ "riscascape.net", true },
@@ -31258,7 +31998,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rivalsa.cn", true },
{ "rivastation.de", true },
{ "riverbanktearooms.co.uk", true },
- { "riverbed.com", false },
{ "riverbendroofingnd.com", true },
{ "riverford.co.uk", true },
{ "rivermist.com.au", true },
@@ -31271,7 +32010,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rivoflor.it", true },
{ "rivus.net", true },
{ "rivy.org", true },
- { "riwick.com", false },
{ "rix.ninja", true },
{ "rixter.com", true },
{ "rixzz.ovh", true },
@@ -31298,12 +32036,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rmmanfredi.com", true },
{ "rmpsolution.de", true },
{ "rmrig.org", true },
+ { "rms-digicert.ne.jp", true },
{ "rms.sexy", true },
+ { "rmstudio.tw", true },
{ "rmsupply.nl", true },
- { "rn29.me", true },
{ "rnag.ie", true },
{ "rnb-storenbau.ch", true },
- { "rnbjunk.com", true },
{ "rngmeme.com", true },
{ "rnt.cl", true },
{ "ro.search.yahoo.com", false },
@@ -31311,17 +32049,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "roadguard.nl", false },
{ "roadtopgm.com", true },
{ "roams.es", true },
- { "roave.com", true },
{ "rob006.net", true },
{ "robandjanine.com", true },
{ "robbertt.com", false },
{ "robbiecrash.me", true },
{ "robdavidson.network", true },
{ "robert-flynn.de", true },
+ { "robert-wiek-transporte.de", true },
{ "robertattfield.com", true },
{ "robertayamashita.com", true },
{ "robertayamashita.com.br", true },
- { "robertbln.com", true },
{ "robertg.me", true },
{ "robertglastra.com", true },
{ "roberthurlbut.com", true },
@@ -31337,16 +32074,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "robhorstmanshof.nl", true },
{ "robicue.com", true },
{ "robigalia.org", false },
- { "robin-novotny.com", true },
{ "robin.co.kr", true },
{ "robin.info", true },
- { "robinadr.com", true },
{ "robinevandenbos.nl", true },
{ "robinflikkema.nl", true },
+ { "robinfrancq.ml", true },
{ "robinhoodbingo.com", true },
{ "robinlinden.eu", true },
{ "robinsonstrategy.com", true },
{ "robinsonyu.com", true },
+ { "robinvdmarkt.nl", true },
{ "robinwill.de", true },
{ "robinwinslow.uk", true },
{ "robjager-fotografie.nl", true },
@@ -31368,6 +32105,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "robspc.repair", true },
{ "robspeed.rocks", true },
{ "robtatemusic.com", true },
+ { "robtex.com", true },
{ "robu.in", true },
{ "robud.info", true },
{ "robustac.com", true },
@@ -31377,8 +32115,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rockagogo.com", true },
{ "rockbankland.com.au", true },
{ "rockcanyonbank.com", true },
- { "rockcellar.ch", true },
{ "rockenfuerlachenhelfen.de", true },
+ { "rocket-wars.de", true },
{ "rocketevents.com.au", true },
{ "rocketgnomes.com", true },
{ "rocketr.net", true },
@@ -31398,25 +32136,26 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rodeobull.biz", true },
{ "rodeohire.com", true },
{ "rodeosales.co.uk", true },
+ { "rodest.net", true },
{ "rodevlaggen.nl", true },
{ "rodichi.net", true },
{ "rodinnebyvanie.eu", true },
+ { "rodinneodpoledne2018.cz", true },
{ "rodolfo.gs", true },
{ "rodomonte.org", true },
{ "rodrigocarvalho.blog.br", true },
+ { "rody-design.com", true },
{ "rodzina-kupiec.eu.org", true },
{ "roeckx.be", true },
{ "roeitijd.nl", false },
{ "roeldevries.me", true },
{ "roeleveld.nl", true },
{ "roelhollander.eu", true },
- { "roeljoyas.com", true },
{ "roelof.io", true },
{ "roelsworld.eu", true },
{ "roemhild.de", true },
{ "roerstaafjes.nl", true },
{ "rofl.com.ua", true },
- { "roflcopter.fr", true },
{ "rogagym.com", true },
{ "rogerhub.com", true },
{ "rogerriendeau.ca", true },
@@ -31427,6 +32166,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rogoff.xyz", true },
{ "rogue-e.xyz", true },
{ "roguefinancial.com", true },
+ { "roguefortgame.com", true },
{ "roguenation.space", true },
{ "roguenetworks.me", true },
{ "roguesignal.net", true },
@@ -31438,7 +32178,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rokass.nl", true },
{ "rokki.ch", true },
{ "rokort.dk", true },
- { "roksolana.be", true },
{ "rokudenashi.de", true },
{ "roland.io", true },
{ "rolandinsh.com", true },
@@ -31457,7 +32196,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "roma-servizi.it", true },
{ "romab.com", true },
{ "romain-arias.fr", true },
- { "romainmuller.xyz", false },
{ "roman-pavlik.cz", true },
{ "romancloud.com", true },
{ "romande-entretien.ch", true },
@@ -31479,7 +32217,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rommelwood.de", true },
{ "romun.net", true },
{ "romy.tw", true },
- { "ronanrbr.com", true },
{ "rondommen.nl", true },
{ "rondouin.fr", true },
{ "rondreis-amerika.be", true },
@@ -31489,7 +32226,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ronniegane.kiwi", true },
{ "ronnylindner.de", true },
{ "ronomon.com", true },
- { "ronzertnert.xyz", true },
{ "roodfruit.studio", true },
{ "roodhealth.co.uk", true },
{ "roof.ai", false },
@@ -31504,10 +32240,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "room3b.eu", true },
{ "roombase.nl", true },
{ "roomhub.jp", true },
- { "roomongo.com", true },
{ "rooneytours.nl", true },
{ "roopakv.com", true },
{ "roosabels.nl", false },
+ { "roosterpgplus.nl", true },
{ "root-space.eu", true },
{ "root.bg", true },
{ "root.cz", true },
@@ -31519,6 +32255,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rootkea.me", true },
{ "rootlair.com", true },
{ "rootonline.de", true },
+ { "rootpigeon.com", true },
{ "roots-example-project.com", true },
{ "roots.io", true },
{ "rootsandrain.com", true },
@@ -31547,8 +32284,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "roseon.net", true },
{ "roseparkhouse.com", true },
{ "rosesciences.com", true },
+ { "rosevillefacialplasticsurgery.com", true },
{ "roshhashanahfun.com", true },
- { "roshiya.co.in", true },
{ "roslynpad.net", true },
{ "rosnertexte.at", true },
{ "rosset.me", true },
@@ -31557,6 +32294,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rossmacphee.com", true },
{ "rostclub.ro", true },
{ "rostov-avia.ru", true },
+ { "rostros.eu", true },
{ "rot47.net", true },
{ "rotek.at", true },
{ "roten.email", true },
@@ -31587,6 +32325,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "routetracker.co", true },
{ "rove3d.com", true },
{ "rowancasting.ie", true },
+ { "rowancountync.gov", true },
{ "rowankaag.nl", true },
{ "rowlog.com", true },
{ "rows.io", true },
@@ -31646,6 +32385,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "royal899.com", true },
{ "royalacademy.org.uk", true },
{ "royalasianescorts.co.uk", true },
+ { "royalbeautyclinic.ir", true },
{ "royalbluewa3.cc", true },
{ "royalcitytaxi.ca", true },
{ "royalcitytaxi.com", true },
@@ -31653,11 +32393,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "royalmarinesassociation.org.uk", true },
{ "royalnissanparts.com", true },
{ "royalpalacenogent.fr", true },
+ { "royalpub.net", false },
{ "royalrangers.fi", true },
{ "royalty-market.com", true },
{ "royalyule.com", true },
{ "royceandsteph.com", true },
{ "roycewilliams.net", true },
+ { "roygerritse.nl", true },
{ "rozalynne-dawn.ga", true },
{ "rozhodce.cz", true },
{ "rpadovani.com", true },
@@ -31678,6 +32420,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rro.rs", true },
{ "rrudnik.com", true },
{ "rrwolfe.com", true },
+ { "rs-maschinenverleih.de", true },
{ "rsanahuano.com", true },
{ "rsap.ca", true },
{ "rsauget.fr", true },
@@ -31685,12 +32428,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rsgcard.com", true },
{ "rsingermd.com", true },
{ "rsl.gd", true },
- { "rsm-intern.de", true },
{ "rsm-liga.de", true },
- { "rsmith.io", false },
+ { "rsmith.io", true },
{ "rsp-blogs.de", true },
{ "rsridentassist.com", true },
{ "rss.sh", false },
+ { "rssr.ddns.net", true },
{ "rssr.se", true },
{ "rsttraining.co.uk", true },
{ "rsync.eu", false },
@@ -31700,26 +32443,25 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rtcx.net", true },
{ "rtd.uk.com", true },
{ "rte.eu", true },
+ { "rte.radio", true },
{ "rte2fm.ie", true },
{ "rteaertel.ie", true },
{ "rtechservices.io", true },
{ "rteguide.ie", true },
{ "rteinternational.ie", true },
{ "rtejr.ie", true },
- { "rtek.se", false },
+ { "rtek.se", true },
{ "rtenews.eu", true },
{ "rteone.ie", true },
{ "rteplayer.com", true },
{ "rtesport.eu", true },
{ "rteworld.com", true },
- { "rtfpessoa.xyz", true },
- { "rths.tk", true },
+ { "rths.tk", false },
{ "rthsoftware.cn", true },
{ "rthsoftware.net", true },
{ "rtrappman.com", true },
{ "rtrinflatables.co.uk", true },
{ "rtsr.ch", true },
- { "rttss.com", true },
{ "rttvvip.com", true },
{ "rtwcourse.com", true },
{ "rtzoeller.com", true },
@@ -31735,6 +32477,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ruben.am", false },
{ "rubenbarbero.com", true },
{ "rubenkruisselbrink.nl", true },
+ { "rubens.cloud", true },
{ "rublacklist.net", true },
{ "ruby-auf-schienen.de", true },
{ "rubyist.today", true },
@@ -31748,6 +32491,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ruconsole.com", true },
{ "rud.is", true },
{ "rudd-o.com", true },
+ { "rudelune.fr", true },
{ "rudewiki.com", true },
{ "rudhaulidirectory.com", true },
{ "rudloff.pro", true },
@@ -31770,7 +32514,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ruhrmobil-e.de", true },
{ "ruhrnalist.de", true },
{ "ruht.ro", true },
- { "ruigomes.me", true },
+ { "ruicore.cn", true },
{ "ruiming.me", true },
{ "ruin.one", true },
{ "ruiruigeblog.com", true },
@@ -31788,7 +32532,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "run-it-direct.co.uk", true },
{ "runagain.ch", true },
{ "runebet.com", true },
- { "runementors.com", false },
{ "runklesecurity.com", true },
{ "runnergrapher.com", true },
{ "runreport.fr", true },
@@ -31802,6 +32545,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ruralsuppliesdirect.co.uk", true },
{ "ruri.io", false },
{ "rusempire.ru", true },
+ { "rushball.net", true },
{ "rushiiworks.com", true },
{ "rushpoppershop.co.uk", true },
{ "rushter.com", true },
@@ -31810,20 +32554,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ruska-modra.cz", true },
{ "ruskamodra.cz", true },
{ "ruskod.net", true },
- { "rusl.net", true },
{ "rusmolotok.ru", true },
{ "russellupevents.co.uk", true },
{ "russia.dating", true },
{ "russiaeconomy.org", true },
{ "russianorthodoxchurch.co.uk", true },
- { "russpuss.ru", true },
{ "russt.me", true },
{ "rust.mn", true },
{ "rustable.com", true },
{ "rustikalwallis.ch", true },
{ "rustyrambles.com", true },
+ { "rusxakep.com", true },
{ "rutgerschimmel.nl", true },
- { "ruthmontenegro.com", true },
+ { "ruthmontenegro.com", false },
{ "rutiger.com", true },
{ "rutika.ru", true },
{ "ruudkoot.nl", true },
@@ -31832,19 +32575,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ruyatabirleri.com", true },
{ "rv-jpshop.com", true },
{ "rva-asbestgroep.nl", true },
- { "rvender.cz", true },
{ "rvfu98.com", true },
{ "rvnoel.net", true },
- { "rvoigt.eu", true },
{ "rvsa2bevestigingen.nl", true },
{ "rvsa4bevestigingen.nl", true },
{ "rvsbevestigingen.nl", true },
{ "rw.search.yahoo.com", false },
- { "rwgamernl.ml", true },
{ "rwky.net", true },
{ "rws-vertriebsportal.de", true },
{ "rwx.ovh", true },
{ "rx-contact.com", false },
+ { "rxbn.de", true },
{ "rxbusiness.com", true },
{ "rxcheck.com", true },
{ "rxgroup.io", true },
@@ -31868,7 +32609,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ryu22e.org", true },
{ "ryuu.es", true },
{ "ryyule.com", true },
- { "ryzex.de", true },
{ "ryzhov.me", true },
{ "rzentarzewski.net", true },
{ "s-a.xyz", true },
@@ -31877,7 +32617,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "s-huset.dk", true },
{ "s-ip-media.de", true },
{ "s-mainte.com", true },
- { "s-mdb.com", true },
{ "s-n-unso.com", true },
{ "s-pegasus.com", true },
{ "s-s-paint.com", true },
@@ -31886,15 +32625,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "s13d.fr", true },
{ "s16e.no", true },
{ "s2member.com", true },
+ { "s2p.moe", true },
{ "s3cur3.it", true },
{ "s3gfault.com", true },
{ "s3robertomarini.it", true },
{ "s404.de", true },
{ "s44.eu", true },
{ "s4db.net", true },
+ { "s4media.org", true },
{ "s4q.me", true },
{ "s4tips.com", true },
- { "s4ur0n.com", true },
{ "s5118.com", true },
{ "s64.cz", true },
{ "s8a.us", true },
@@ -31911,12 +32651,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sabine-forschbach.de", true },
{ "sabineforschbach.de", true },
{ "sabrinajoias.com.br", true },
- { "sabrinajoiasprontaentrega.com.br", true },
- { "sabtunes.com", true },
{ "sacaentradas.com", true },
{ "saccani.net", true },
- { "sacharidovejednotky.eu", true },
- { "sackers.com", true },
{ "sackmesser.ch", true },
{ "saclier.at", true },
{ "sacprincesse.com", true },
@@ -31929,11 +32665,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sadev.co.za", true },
{ "sadhana.cz", true },
{ "sadhawkict.org", true },
+ { "sadiejewellery.co.uk", true },
{ "sadmansh.com", true },
{ "sadou.kyoto.jp", true },
{ "saechsischer-christstollen.shop", true },
{ "saengsook.com", true },
{ "saengsuk.com", true },
+ { "saf.earth", true },
{ "safar.sk", true },
{ "safaritenten.nl", true },
{ "safcstore.com", true },
@@ -31955,7 +32693,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "safeme.ga", true },
{ "safeocs.gov", true },
{ "safer-networking.org", true },
- { "saferpost.com", true },
{ "saferproduct.gov", true },
{ "saferproducts.gov", true },
{ "safersurfing.eu", false },
@@ -31982,25 +32719,27 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sahkotyot.eu", true },
{ "said.id", true },
{ "said.my.id", true },
+ { "saidelbakkali.com", true },
{ "saidtezel.com", true },
{ "saier.me", true },
{ "saifoundation.in", true },
{ "saigonflowers.com", true },
- { "saigonstar.de", true },
{ "saikarra.com", true },
{ "saikou.moe", true },
{ "saikouji.tokushima.jp", true },
{ "sailingonward.com", true },
{ "sailormoonevents.org", true },
{ "sailormoonlibrary.org", true },
+ { "sailwiz.com", true },
{ "saimoe.moe", true },
- { "saimoe.org", true },
{ "sainetworks.net", true },
{ "saint-bernard-gouesch.fr", true },
{ "saint-cyril.com", true },
{ "saintaardvarkthecarpeted.com", true },
+ { "saintanne.net", true },
{ "saintanthonyscorner.com", true },
{ "sainth.de", true },
+ { "sainthedwig-saintmary.org", true },
{ "sainthelena-centersquare.net", true },
{ "sainthelenas.org", true },
{ "saintisidorecyo.com", true },
@@ -32022,6 +32761,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sajamstudija.info", true },
{ "sajdowski.de", true },
{ "sakaki.anime.my", false },
+ { "sakamichi.moe", true },
+ { "sakerhetskopiering.nu", true },
{ "sakostacloud.de", true },
{ "sakura-paris.org", true },
{ "sakura.zone", true },
@@ -32050,12 +32791,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "salesmachine.io", true },
{ "salexy.kz", true },
{ "salidaswap.com", true },
+ { "salixcode.com", true },
{ "salland1.nl", true },
{ "salle-quali.fr", true },
{ "sallydowns.name", true },
{ "salmododia.net", true },
{ "salmonella.co.uk", true },
- { "salmonrecovery.gov", true },
{ "salmonvision.com.tw", true },
{ "salmos91.com", true },
{ "salmotierra-salvatierra.com", true },
@@ -32073,7 +32814,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "saltstack.cz", true },
{ "salud.top", false },
{ "saludmas.site", true },
- { "saludsexualmasculina.org", true },
{ "saludsis.mil.co", true },
{ "saludyvida.site", true },
{ "salutethefish.com", true },
@@ -32089,6 +32829,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "samara-avia.ru", true },
{ "samaritainsmeyrin.ch", true },
{ "samatva-yogalaya.com", true },
+ { "samba.com.co", true },
{ "samba.org", true },
{ "sambaa.com.br", true },
{ "sambaash.com", true },
@@ -32096,6 +32837,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "samdev.io", true },
{ "samegoal.com", true },
{ "samegoal.org", true },
+ { "samel.de", true },
{ "samenwerkingsportaal.nl", true },
{ "samenwerkingsportaal.tk", true },
{ "sameworks.com", true },
@@ -32124,21 +32866,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "samuellaulhau.fr", true },
{ "samui-samui.de", false },
{ "samuirehabcenter.com", true },
- { "samvanderkris.xyz", true },
{ "samwilberforce.com", true },
{ "samwrigley.co.uk", true },
{ "samwu.tw", true },
- { "samyerkes.com", true },
- { "san-mian-ka.ml", true },
{ "san.ac.th", true },
{ "sana-store.com", true },
{ "sana-store.cz", true },
{ "sana-store.sk", true },
+ { "sanael.net", true },
{ "sanantoniolocksmithinc.com", true },
{ "sanantoniolocksmithtx.com", true },
{ "sanasport.cz", true },
{ "sanasport.sk", true },
{ "sanatorii-sverdlovskoy-oblasti.ru", true },
+ { "sanatorionosti.com.ar", true },
{ "sanbornteam.com", true },
{ "sand-islets.de", true },
{ "sandalj.com", true },
@@ -32196,6 +32937,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "santojuken.co.jp", true },
{ "santoshpandit.com", true },
{ "sanvitolocapobus.com", true },
+ { "saol.eu", true },
{ "saoneth.pl", true },
{ "saorsat.com", true },
{ "saorsat.ie", true },
@@ -32219,12 +32961,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sarahlicity.co.uk", true },
{ "sarahlicity.me.uk", true },
{ "sarahplusdrei.de", true },
+ { "sarahsecret.de", true },
{ "sarahvictor.co.uk", true },
{ "sarahwikeley.co.uk", true },
{ "saraleebread.com", false },
{ "sarariman.com", true },
{ "sarasotaroboticurology.com", true },
{ "sarasturdivant.com", true },
+ { "sardacompost.it", true },
{ "sardegnatirocini.it", true },
{ "sarink.eu", true },
{ "sarkisianbuilders.com", true },
@@ -32233,6 +32977,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sarpsb.org", true },
{ "sarumtechnologies.com", true },
{ "sas-snowboarding.sk", true },
+ { "sasanika.org", true },
{ "sascha.io", true },
{ "sascha.is", true },
{ "saschaeggenberger.ch", true },
@@ -32242,7 +32987,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sashascollections.com", true },
{ "sasioglu.co.uk", true },
{ "saskpension.com", true },
- { "sasrobotics.xyz", true },
{ "sassandbelle.co.uk", true },
{ "sassandbelle.com", true },
{ "sassandbelletrade.co.uk", true },
@@ -32291,7 +33035,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "saveora.com", true },
{ "savetheinternet.eu", true },
{ "saveya.com", true },
- { "savic.com", true },
+ { "savic.com", false },
{ "saviezvousque.net", true },
{ "savingrecipe.com", true },
{ "savingsoftheyear.com", true },
@@ -32304,6 +33048,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "saxojoe.co.uk", true },
{ "saxojoe.de", true },
{ "saxoncreative.com", true },
+ { "saxotex.de", true },
{ "saxwereld.nl", true },
{ "sayori.pw", true },
{ "sayprepay.com", true },
@@ -32329,6 +33074,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sbit.com.br", true },
{ "sblum.de", true },
{ "sbo-dresden.de", true },
+ { "sbox-servers.com", true },
{ "sbr.red", true },
{ "sbrouwer.org", true },
{ "sbrownbourne.com", true },
@@ -32336,13 +33082,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sbsbaits.com", true },
{ "sbscyber.com", true },
{ "sbsnursery.co.uk", true },
- { "sbsrv.ml", true },
{ "sbssoft.ru", true },
{ "sbytes.info", true },
+ { "sc-artworks.co.uk", true },
{ "sc5.jp", true },
{ "scaarus.com", true },
{ "scaffalature.roma.it", true },
- { "scaffoldhireeastrand.co.za", true },
{ "scalacollege.nl", true },
{ "scalaire.com", true },
{ "scalaire.fr", true },
@@ -32360,6 +33105,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scarafaggio.it", true },
{ "scatsbouncingcastles.ie", true },
{ "scbdh.org", true },
+ { "scbreed.com", true },
{ "sceenfox.de", true },
{ "scelec.com.au", true },
{ "scenastu.pl", true },
@@ -32372,7 +33118,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "schaefer-reifen.de", true },
{ "schamlosharmlos.de", true },
{ "schaper-sport.com", true },
- { "schatmeester.be", true },
{ "schatzibaers.de", true },
{ "schawe.me", true },
{ "schbebtv.fr", true },
@@ -32392,7 +33137,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scheuchenstuel.at", true },
{ "schgroup.com", true },
{ "schier.info", true },
- { "schil.li", true },
{ "schildbach.de", true },
{ "schillers-friedberg.de", true },
{ "schimmel-test.info", true },
@@ -32423,7 +33167,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "schneidr.de", true },
{ "schneids.me", true },
{ "schnellno.de", true },
- { "schnellsuche.de", true },
{ "schnouki.net", true },
{ "schnuckenhof-wesseloh.de", true },
{ "schnyder-werbung.ch", true },
@@ -32470,6 +33213,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "schreibers.ca", true },
{ "schreinerei-jahreis.de", true },
{ "schrenkinzl.at", true },
+ { "schritt4fit.de", true },
{ "schrodingersscat.com", true },
{ "schrodingersscat.org", true },
{ "schroeder-immobilien-sundern.de", true },
@@ -32537,7 +33281,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scistarter.com", true },
{ "scitopia.me", true },
{ "scitopia.net", true },
- { "sckc.stream", false },
{ "sclns.co", true },
{ "scohetal.de", true },
{ "scontogiusto.com", true },
@@ -32547,22 +33290,24 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scooterservis.com", true },
{ "scootfleet.com", true },
{ "scorerealtygroup.com", true },
+ { "scorobudem.ru", true },
{ "scorocode.ru", true },
{ "scorp13.com", true },
+ { "scottah.com", true },
{ "scottgalvin.com", true },
{ "scottgruber.me", true },
{ "scottgthomas.com", true },
{ "scotthelme.co.uk", true },
+ { "scottipc.com", true },
{ "scottishcu.org", true },
{ "scottishseniorsgolf.com", true },
{ "scottlanderkingman.com", true },
{ "scottseditaacting.com", true },
- { "scottstorey.co.uk", true },
{ "scotttopperproductions.com", true },
- { "scottynordstrom.org", false },
{ "scoutingridderkerk.nl", true },
{ "scoutingtungelroy.nl", true },
{ "scoutnet.de", true },
+ { "scouttrails.com", true },
{ "scp-trens.notaires.fr", true },
{ "scp500.com", true },
{ "scpartyentertainment.co.uk", true },
@@ -32588,6 +33333,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "screenlight.tv", true },
{ "screenmachine.com", true },
{ "screenparadigm.com", true },
+ { "screenpublisher.com", true },
{ "scripo-bay.com", true },
{ "script.google.com", true },
{ "scripter.co", true },
@@ -32606,7 +33352,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scswam.com", true },
{ "sctiger.me", true },
{ "sctiger.ml", true },
- { "sctm.at", true },
{ "sctrainingllc.com", true },
{ "scubadiving-phuket.com", true },
{ "scubaland.hu", true },
@@ -32615,15 +33360,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scuolaguidalame.ch", true },
{ "scuters.club", true },
{ "scw.com", true },
- { "scw.nz", true },
- { "scwilliams.co.uk", true },
- { "scwilliams.uk", true },
{ "sd.af", true },
{ "sdayman.com", true },
{ "sdcardrecovery.de", true },
{ "sdg-tracker.org", true },
{ "sdgllc.com", true },
{ "sdho.org", true },
+ { "sdis-trib.fr", true },
{ "sdns.fr", true },
{ "sdsi.us", true },
{ "sdsk.one", true },
@@ -32633,6 +33376,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sdvx.net", true },
{ "sdxcentral.com", true },
{ "se-booster.com", true },
+ { "se-live.org", true },
{ "se-theories.org", true },
{ "se.com", true },
{ "se.search.yahoo.com", false },
@@ -32647,6 +33391,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sealoffantasy.de", true },
{ "sealtitebasement.com", true },
{ "seamless.no", true },
+ { "seamoo.se", true },
{ "sean-wright.com", true },
{ "seanholcroft.co.uk", true },
{ "seankilgarriff.com", true },
@@ -32671,10 +33416,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "searchcandy.nl", true },
{ "searchcandy.uk", true },
{ "searchdatalogy.com", true },
+ { "searchfox.org", true },
{ "seareytraining.com", true },
{ "searsucker.com", true },
{ "searx.ru", true },
- { "searx.xyz", true },
{ "seasidestudios.co.uk", true },
{ "season.moe", true },
{ "seasons.nu", false },
@@ -32685,7 +33430,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "seattlemesh.net", true },
{ "seattleprivacy.org", true },
{ "seattlewalkinbathtubs.com", true },
- { "seavancouver.com", true },
{ "seb-mgl.de", true },
{ "sebald.com", true },
{ "sebald.org", true },
@@ -32702,7 +33446,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sebastiaperis.com", true },
{ "sebasveeke.nl", true },
{ "sebepoznani.eu", true },
- { "sebi.cf", true },
{ "sebi.org", true },
{ "seby.io", true },
{ "sec-mails.de", true },
@@ -32713,6 +33456,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sec.gov", true },
{ "sec.red", true },
{ "sec3ure.co.uk", true },
+ { "sec44.com", true },
+ { "sec44.net", true },
+ { "sec44.org", true },
{ "sec455.com", true },
{ "sec530.com", true },
{ "sec555.com", true },
@@ -32728,19 +33474,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "secondchancejobsforfelons.com", true },
{ "seconfig.sytes.net", true },
{ "secpatrol.de", true },
- { "secpoc.online", true },
{ "secretar.is", true },
{ "secretary-schools.com", true },
+ { "secretpigeon.com", true },
{ "secretsanta.fr", true },
{ "secretsdujeu.com", true },
{ "secretserveronline.com", true },
- { "secretum.tech", true },
{ "secteer.com", true },
{ "sectelligence.nl", true },
{ "sectio-aurea.org", true },
{ "section-31.org", true },
{ "section.io", true },
{ "section508.gov", true },
+ { "section77.de", true },
{ "sectionw2s.org", true },
{ "sector5.xyz", true },
{ "sectun.com", true },
@@ -32770,15 +33516,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "securify.nl", true },
{ "securipy.com", true },
{ "securiscan.io", true },
+ { "securist.nl", true },
{ "security-24-7.com", true },
{ "security-brokers.com", true },
{ "security.gives", true },
{ "security.google.com", true },
+ { "security.love", true },
{ "security201.co.uk", true },
{ "security201.com", true },
- { "securitycamerasaustin.net", true },
+ { "securityblues.co.uk", true },
{ "securitycamerascincinnati.com", true },
- { "securitycamerasjohnsoncity.com", true },
{ "securityescrownews.com", true },
{ "securityfest.com", true },
{ "securitygladiators.com", true },
@@ -32788,6 +33535,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "securityindicators.com", true },
{ "securityinet.com", false },
{ "securitykey.co", true },
+ { "securitymap.wiki", true },
{ "securitypluspro.com", true },
{ "securityprimes.in", true },
{ "securitypuppy.com", true },
@@ -32802,21 +33550,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "securocloud.com", true },
{ "secutrans.com", true },
{ "secuvera.de", false },
+ { "secvault.io", true },
{ "secwall.me", true },
{ "secyourity.se", true },
{ "sedeusquiser.net", true },
{ "sedlakovalegal.com", true },
{ "sedmicka.sk", true },
+ { "sedomicilier.fr", true },
{ "sedussa.ro", true },
{ "see.wtf", true },
{ "seeclop.ch", true },
{ "seedandleisure.co.uk", true },
+ { "seedcoworking.es", true },
{ "seedisclaimers.com", true },
{ "seednode.co", true },
{ "seedsofangelica.net", true },
{ "seekers.ch", true },
{ "seeks.ru", true },
- { "seekthe.net", true },
{ "seemeagain.com", true },
{ "seesuite.com", true },
{ "seewhatididhere.com", true },
@@ -32828,13 +33578,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "segaretro.org", true },
{ "segitz.de", true },
{ "segmetic.com", true },
+ { "segnidisegni.eu", true },
{ "segulink.com", true },
{ "seguridadconsumidor.gov", true },
{ "seguros-de-salud-y-vida.com", true },
{ "segurosbalboa.com.ec", false },
{ "segurosdecarroshialeah.org", true },
{ "segurosdevidamiami.org", true },
- { "segurosocial.gov", true },
+ { "segurosocial.gov", false },
{ "seguroviagem.srv.br", false },
{ "sehnenweh.org", true },
{ "seibert.ninja", true },
@@ -32847,10 +33598,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "seitai-nabejun.jp", true },
{ "seitai-taiyou.com", true },
{ "seitenwaelzer.de", true },
+ { "sekikawa.biz", true },
{ "sekisonn.com", true },
{ "sekoya.org", true },
{ "selbys.net.au", true },
{ "selcusters.nl", true },
+ { "seldax.com", true },
{ "selea.se", true },
{ "selected-properties.com", true },
{ "selectel.com", false },
@@ -32858,7 +33611,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "selectorders.com", true },
{ "selectsplat.com", true },
{ "selegiline.com", true },
- { "selent.me", true },
+ { "selekzo.com", true },
{ "self-evident.org", true },
{ "self-signed.com", true },
{ "self-xss.info", true },
@@ -32880,7 +33633,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sello.com", true },
{ "sellorbuy.uk", true },
{ "sellorbuy.us", true },
- { "seltendoof.de", true },
{ "semacode.com", true },
{ "semaf.at", true },
{ "semaflex.it", true },
@@ -32888,13 +33640,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "semaphore-studios.com", true },
{ "semdynamics.com", true },
{ "semenov.su", false },
- { "semianalog.com", true },
{ "seminariruum.ee", true },
{ "semiocast.com", true },
{ "semirben.de", true },
{ "semiread.com", true },
{ "semjonov.de", true },
- { "semmlers.com", true },
{ "semox.de", true },
{ "semps-2fa.de", true },
{ "semps-threema.de", true },
@@ -32927,14 +33677,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "senobio.com", true },
{ "senorcontento.com", true },
{ "sens2lavie.com", true },
+ { "sensavi.ua", true },
{ "sensebridge.com", true },
{ "sensebridge.net", true },
{ "sensepixel.com", true },
{ "senshudo.tv", true },
- { "sensoft-int.net", true },
+ { "sensoft-int.org", true },
{ "sensound.ml", true },
{ "sentandsecure.com", true },
- { "sentic.info", true },
{ "sentidosdelatierra.org", true },
{ "sentinel.gov", true },
{ "sentinelproject.io", true },
@@ -32953,29 +33703,26 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "seoankara.name.tr", true },
{ "seobutler.com", true },
{ "seocomposer.com", true },
- { "seoenmexico.com.mx", true },
+ { "seodayo.com", true },
{ "seoexperte.berlin", true },
{ "seogeek.nl", true },
{ "seohackers.fr", true },
{ "seohouston.com", true },
{ "seoinc.com", true },
- { "seoium.com", true },
{ "seojames.com", true },
- { "seolib.org", true },
{ "seomarketing.bg", true },
{ "seon.me", true },
{ "seoprovider.nl", true },
{ "seoquake.com", true },
- { "seosec.xyz", false },
+ { "seosec.xyz", true },
{ "seosof.com", true },
- { "seostepbysteplab.com", true },
+ { "seostepbysteplab.com", false },
{ "seoul.dating", true },
{ "seouniversity.org", true },
{ "seovision.se", true },
{ "sepalandseed.com", true },
{ "seppelec.com", true },
{ "seproco.com", true },
- { "septakkordeon.de", true },
{ "septentrionalist.org", true },
{ "septfinance.ch", true },
{ "septicrepairspecialists.com", true },
@@ -32991,10 +33738,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "serenaden.at", true },
{ "serendeputy.com", true },
{ "serf.io", true },
+ { "serge-design.ch", true },
{ "sergeemond.ca", true },
{ "sergefonville.nl", true },
{ "sergeyreznikov.com", true },
{ "sergije-stanic.me", true },
+ { "sergiojimenezequestrian.com", true },
{ "sergiosantoro.it", true },
{ "sergiozygmunt.com", true },
{ "sergos.de", true },
@@ -33005,10 +33754,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "seriousclimbing.com", true },
{ "seriouss.am", true },
{ "sernate.com", true },
- { "serotiuk.com", true },
+ { "serotiuk.com", false },
{ "serpenteq.com", true },
{ "serrano-chris.ch", true },
- { "servdiscount.com", true },
+ { "seru.eu", true },
{ "serve-a.com.au", true },
{ "servea.com.au", true },
{ "serveatechnologies.com", true },
@@ -33020,6 +33769,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "server-essentials.com", false },
{ "server-eye.com", true },
{ "server-eye.de", true },
+ { "server92.tk", true },
{ "serveradium.com", true },
{ "serveradminz.com", true },
{ "serverco.com", true },
@@ -33048,14 +33798,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "servious.org", true },
{ "servitek.de", true },
{ "serviziourgente.it", true },
+ { "servo.org", true },
{ "servx.org", true },
{ "serw.org", true },
{ "serwis-wroclaw.pl", true },
+ { "serwusik.pl", true },
{ "seryox.com", true },
{ "sesam-biotech.com", true },
{ "sessionslogning.dk", true },
{ "sesslerimmo.ch", true },
{ "sestra.in", true },
+ { "setasgourmet.es", true },
{ "setenforce.one", true },
{ "setfix.de", true },
{ "sethcaplan.com", true },
@@ -33064,7 +33817,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "setphaserstostun.org", true },
{ "setsailanddive.com", true },
{ "settberg.de", true },
- { "setterirlandes.com.br", true },
+ { "settimanadellascienza.it", true },
{ "settleapp.co", true },
{ "setuid.io", true },
{ "setuid0.kr", true },
@@ -33079,6 +33832,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "severine-trousselard.com", true },
{ "severntrentinsuranceportal.com", true },
{ "sevinci.ch", true },
+ { "sevwebdesign.com", true },
{ "sewa.nu", true },
{ "sewafineseam.com", true },
{ "sewinginsight.com", true },
@@ -33087,13 +33841,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sexdocka.nu", true },
{ "sexflare.net", true },
{ "sexmobil.de", true },
+ { "sexplicit.co.uk", true },
{ "sexservice.io", true },
{ "sexy-store.nl", true },
+ { "seydaozcan.com", true },
{ "seyfarth.de", true },
{ "seyr.me", true },
{ "sfa.sk", true },
{ "sfaparish.org", true },
- { "sfcomercio.com.br", true },
{ "sfdev.ovh", true },
{ "sfg-net.com", true },
{ "sfg-net.eu", true },
@@ -33127,6 +33882,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sh0rt.zone", true },
{ "sh0shin.org", true },
{ "shaadithailand.com", true },
+ { "shabiwangyou.com", true },
{ "shad.waw.pl", true },
{ "shadesofgrayadr.com", true },
{ "shadesofgraylaw.com", true },
@@ -33154,6 +33910,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shaicoleman.com", true },
{ "shainessim.com", true },
{ "shakan.ch", true },
+ { "shakebox.de", true },
{ "shaken-kyoto.jp", true },
{ "shaken110.com", true },
{ "shakepeers.org", false },
@@ -33172,8 +33929,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shan.si", true },
{ "shanahanstrategy.com", true },
{ "shanetully.com", true },
- { "shanewadleigh.com", true },
- { "shangzhen.site", true },
{ "shankangke.com", true },
{ "shannoneichorn.com", true },
{ "shansing.cn", true },
@@ -33196,7 +33951,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sharisharpe.com", true },
{ "shark.cat", true },
{ "shark5060.net", true },
- { "sharkie.org.za", true },
+ { "sharkcut.se", true },
+ { "sharperedge.pw", true },
+ { "sharperedgecomputers.com", true },
{ "sharu.me", true },
{ "sharvey.ca", true },
{ "shattered-souls.de", true },
@@ -33225,6 +33982,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shehaal.com", true },
{ "shehata.com", true },
{ "sheilasdrivingschool.com", true },
+ { "shek.zone", true },
{ "shelfordsandstaplefordscouts.org.uk", true },
{ "shellday.cc", true },
{ "shelleystoybox.com", true },
@@ -33232,14 +33990,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shellgame.io", true },
{ "shellj.me", true },
{ "shelljuggler.com", false },
- { "shellot.com", true },
{ "shellshock.eu", true },
{ "shellvatore.us", true },
{ "shemsconseils.ma", true },
{ "shengbao.org", true },
{ "shenghaiautoparts.com", true },
{ "shenghaiautoparts.net", true },
- { "shengrenyu.com", true },
{ "shens.ai", true },
{ "shenyuqi.com", false },
{ "sherbers.de", true },
@@ -33255,6 +34011,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shichibukai.net", true },
{ "shico.org", true },
{ "shieldcomputer.com", true },
+ { "shielder.it", true },
{ "shieldfe.com", true },
{ "shieldofachilles.in", true },
{ "shift-record.com", true },
@@ -33270,7 +34027,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shikimori.org", true },
{ "shimi.net", true },
{ "shimo.im", true },
- { "shin-inc.jp", true },
{ "shinghoi.com", true },
{ "shinglereplacementlv.com", true },
{ "shining.gifts", true },
@@ -33279,13 +34035,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shinonome-lab.eu.org", true },
{ "shinsyo.com", true },
{ "shintoism.com", true },
+ { "shinuytodaati.co.il", true },
{ "shinyuu.net", true },
{ "shipard.com", true },
{ "shipard.cz", true },
{ "shipcloud.io", true },
{ "shippercenter.info", true },
{ "shiqi.ca", true },
+ { "shiqi.lol", true },
{ "shiqi.one", true },
+ { "shiqi.tv", true },
{ "shiqisifu.cc", true },
{ "shirakaba-cc.com", true },
{ "shirao.jp", true },
@@ -33293,7 +34052,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shirtsdelivered.com", true },
{ "shirtsofholland.com", true },
{ "shiseki.top", true },
- { "shishamania.de", true },
{ "shishkabobnc.com", true },
{ "shishkin.us", true },
{ "shishlik.net", true },
@@ -33303,7 +34061,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shitposts.se", true },
{ "shitproductions.org", true },
{ "shitsta.in", true },
- { "shivamber.com", true },
{ "shivammaheshwari.com", true },
{ "shivammathur.com", true },
{ "shivatattvayoga.com", true },
@@ -33317,8 +34074,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shoeracks.uk", true },
{ "shoestringeventing.co.uk", true },
{ "shokola.com", true },
+ { "sholtowu.com", true },
{ "shome.de", true },
{ "shooter.dog", true },
+ { "shootingstarmedium.com", true },
{ "shop-hellsheadbangers.com", true },
{ "shop-s.net", true },
{ "shop4d.com", true },
@@ -33342,14 +34101,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shopcoupons.my", true },
{ "shopcoupons.ph", true },
{ "shopcoupons.sg", true },
- { "shophisway.com", true },
{ "shopific.co", true },
+ { "shopific.com", true },
{ "shopify.com", true },
{ "shopifycloud.com", true },
{ "shopkini.com", true },
{ "shoplandia.co", true },
{ "shopperexperts.com", true },
- { "shoppia.se", true },
{ "shopping24.de", true },
{ "shoppr.dk", true },
{ "shopregional.com.br", true },
@@ -33383,9 +34141,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "showroom.uk", true },
{ "showroom113.ru", true },
{ "showsonar.com", true },
- { "shoxmusic.net", false },
{ "shredriteservices.com", true },
- { "shreyansh26.me", true },
{ "shrike.me", false },
{ "shrinidhiclinic.in", true },
{ "shrinkhub.com", true },
@@ -33395,8 +34151,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shtaketniki.ru", true },
{ "shteiman.net", true },
{ "shu-fu.net", true },
+ { "shuax.com", true },
{ "shuffleradio.nl", true },
{ "shugo.net", true },
+ { "shuhacksoc.co.uk", true },
{ "shukatsu-support.jp", true },
{ "shulan.moe", true },
{ "shuletime.ml", true },
@@ -33414,10 +34172,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "si.to", true },
{ "si2b.fr", true },
{ "siaggiusta.com", true },
+ { "siamdevsqua.re", true },
+ { "siamdevsquare.com", true },
{ "siamsnus.com", true },
{ "sianbryn.co.uk", true },
{ "sianjhon.com", true },
{ "siberas.de", true },
+ { "siberkulupler.com", true },
+ { "sibertakvim.com", true },
{ "sibfk.org", true },
{ "sibiutourguide.com", true },
{ "sibrenvasse.nl", true },
@@ -33428,7 +34190,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sicken.eu", true },
{ "sickfile.com", true },
{ "siconnect.us", true },
- { "sicurled.com", true },
+ { "sicurled.com", false },
{ "sidelka-tver.ru", true },
{ "sidema.be", true },
{ "sidemount-forum.com", true },
@@ -33473,6 +34235,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "significantbanter.com", true },
{ "signing-milter.org", true },
{ "signix.net", true },
+ { "signrightsigns.co.uk", true },
{ "signtul.com", false },
{ "sigsrv.net", true },
{ "sigterm.no", true },
@@ -33480,6 +34243,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sigurnost.online", true },
{ "siirtutkusu.com", true },
{ "sikayetvar.com", false },
+ { "sikecikcomel.com", true },
{ "sikevux.se", true },
{ "sikko.biz", true },
{ "siku-shop.ch", true },
@@ -33489,6 +34253,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "silent-clean.de", true },
{ "silent-yachts.com", true },
{ "silent.live", false },
+ { "silentexplosion.de", true },
{ "silentkernel.fr", false },
{ "silentundo.org", true },
{ "silerfamily.net", true },
@@ -33552,7 +34317,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "silvergoldbull.in", true },
{ "silvergoldbull.is", true },
{ "silvergoldbull.it", true },
- { "silvergoldbull.kg", true },
{ "silvergoldbull.kr", true },
{ "silvergoldbull.ky", true },
{ "silvergoldbull.li", true },
@@ -33560,7 +34324,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "silvergoldbull.lv", true },
{ "silvergoldbull.ma", true },
{ "silvergoldbull.mk", true },
- { "silvergoldbull.ml", true },
{ "silvergoldbull.mw", true },
{ "silvergoldbull.my", true },
{ "silvergoldbull.nz", true },
@@ -33586,11 +34349,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "silverseen.com", true },
{ "silverswanrecruitment.com", true },
{ "silverwind.io", true },
+ { "silvesrom.ro", true },
{ "silvine.xyz", true },
{ "silvobeat.blog", true },
{ "silvobeat.com", true },
{ "sim-karten.net", true },
{ "sim-minaoshi.jp", true },
+ { "sim4seed.org", true },
{ "simam.de", true },
{ "simark.ca", true },
{ "simbeton.nl", true },
@@ -33659,9 +34424,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "simplycloud.de", true },
{ "simplyfixit.co.uk", true },
{ "simplyhelen.de", true },
+ { "simplylifetips.com", true },
{ "simplylovejesus.com", true },
{ "simplymozzo.se", true },
- { "simplyrara.com", true },
{ "simplyregister.net", true },
{ "simplystudio.com", true },
{ "simplytiles.com", true },
@@ -33674,7 +34439,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sin.swiss", true },
{ "sinaryuda.web.id", true },
{ "sinatrafamily.com", true },
- { "sinceschool.com", true },
{ "sinclairinat0r.com", true },
{ "sinde.ru", true },
{ "sinefili.com", true },
@@ -33689,7 +34453,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "singleuse.link", true },
{ "singlu10.org", false },
{ "sinktank.de", true },
- { "sinn.io", true },
{ "sinnersprojects.ro", true },
{ "sinomod.com", true },
{ "sinonimos.com.br", true },
@@ -33701,6 +34464,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sintaxis.org", true },
{ "sinterama.biz", true },
{ "sinuelovirtual.com.br", true },
+ { "sinusitis-bronchitis.ch", true },
{ "sioeckes.hu", true },
{ "sion.info", true },
{ "sipc.org", true },
@@ -33733,6 +34497,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sit.ec", true },
{ "sitc.sk", true },
{ "site-helper.com", true },
+ { "siteage.net", true },
{ "sitebuilderreport.com", true },
{ "sitedrive.fi", true },
{ "sitefactory.com.br", true },
@@ -33741,10 +34506,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "siterencontre.me", true },
{ "sites.google.com", true },
{ "sitesko.de", true },
- { "sitesuccessful.com", true },
{ "sitevandaag.nl", true },
{ "sitischu.com", true },
- { "sitsy.ru", false },
{ "sivale.mx", true },
{ "sivyerge.com", true },
{ "siw64.com", true },
@@ -33754,20 +34517,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sixtwentyten.com", true },
{ "sj-leisure.com", true },
{ "sjaakgilsingfashion.nl", true },
- { "sjatsh.com", true },
{ "sjbwoodstock.org", true },
{ "sjd.is", true },
- { "sjdaws.com", true },
{ "sjis.me", true },
{ "sjleisure.co.uk", true },
{ "sjoorm.com", true },
- { "sjv4u.ch", true },
{ "sk-net.cz", true },
{ "skala.io", true },
{ "skalarwelle.eu", true },
{ "skanvordoff.ru", true },
{ "skanword.info", true },
- { "skarox.ee", true },
{ "skatclub-beratzhausen.de", true },
{ "skatesins.ch", true },
{ "skatingchina.com", true },
@@ -33780,6 +34539,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "skepneklaw.com", true },
{ "skepticalsports.com", true },
{ "sketchmyroom.com", true },
+ { "sketchywebsite.net", true },
+ { "skgzberichtenbox.nl", true },
{ "skhaz.io", true },
{ "skhire.co.uk", true },
{ "skhoop.cz", true },
@@ -33816,21 +34577,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "skks.cz", true },
{ "sklepsamsung.pl", true },
{ "sklepwielobranzowymd.com", true },
- { "sklotechnik.cz", true },
{ "sknclinics.co.uk", true },
{ "skogsbruket.fi", true },
{ "skogskultur.fi", true },
{ "skol.bzh", true },
{ "skolagatt.is", true },
+ { "skolakrizik.cz", true },
{ "skolem.de", true },
{ "skoleniphp.cz", true },
{ "skommettiamo.it", true },
{ "skontakt.cz", true },
{ "skontorp-enterprise.no", true },
{ "skoolergraph.azurewebsites.net", true },
+ { "skorepova.info", true },
{ "skortekaas.nl", false },
{ "skory.us", true },
{ "skou.dk", false },
+ { "skpk.de", true },
{ "skram.de", true },
{ "skryptersi.pl", true },
{ "sksdrivingschool.com.au", true },
@@ -33843,7 +34606,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sky-coach.com", true },
{ "sky-coach.nl", true },
{ "sky-live.fr", true },
- { "sky-universe.net", true },
{ "skyanchor.com", true },
{ "skybloom.io", true },
{ "skycmd.net", true },
@@ -33851,6 +34613,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "skydragoness.com", true },
{ "skydrive.live.com", false },
{ "skyem.co.uk", true },
+ { "skyfone.cz", true },
+ { "skyger.cz", true },
{ "skylgenet.nl", true },
{ "skylightcreative.com.au", true },
{ "skylinertech.com", true },
@@ -33861,7 +34625,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "skynet233.ch", true },
{ "skynethk.com", true },
{ "skynetnetwork.eu.org", true },
- { "skynetz.tk", true },
{ "skype.com", true },
{ "skyquid.co.uk", true },
{ "skys-entertainment.com", true },
@@ -33871,7 +34634,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "skyzimba.com.br", true },
{ "sl-bildermacher.de", true },
{ "sl-informatique.ovh", true },
- { "sl0.us", true },
{ "sl899.com", true },
{ "sl998.com", true },
{ "slab.com", false },
@@ -33888,7 +34650,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "slash32.co.uk", true },
{ "slashcrypto.org", true },
{ "slate.to", true },
- { "slatemc.fun", true },
{ "slatop.org", false },
{ "slaughter.com", true },
{ "slaughterhouse.fr", true },
@@ -33909,13 +34670,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "slevomat.cz", true },
{ "slicklines.co.uk", true },
{ "slidebatch.com", true },
- { "slides.zone", true },
+ { "slightfuture.com", true },
{ "slik.ai", true },
{ "slim-slender.com", true },
{ "slimspots.com", true },
{ "slingo-sta.com", true },
{ "slingooriginals.com", true },
- { "slingoweb.com", true },
{ "slink.hr", true },
{ "slip-gaming.tk", true },
{ "slneighbors.org", true },
@@ -33936,7 +34696,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "slpower.com", true },
{ "slrd-isperih.com", true },
{ "sluciaconstruccion.com", true },
- { "sluimann.de", true },
+ { "sluimann.de", false },
{ "sluitkampzeist.nl", false },
{ "slusham.com", true },
{ "slvh.fr", true },
@@ -33952,7 +34712,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smackhappy.com", true },
{ "smadav.ml", true },
{ "smakassen.no", true },
- { "smallcloudsolutions.co.za", true },
{ "smalldata.tech", true },
{ "smalldogbreeds.net", true },
{ "smalle-voet.de", true },
@@ -33966,6 +34725,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smaltimentoamianto.frosinone.it", true },
{ "smaltimentoamianto.latina.it", true },
{ "smaltimentorifiuti.firenze.it", true },
+ { "smaltimentorifiuti.livorno.it", true },
{ "smaltimentorifiuti.veneto.it", true },
{ "smares.de", true },
{ "smart-cp.jp", true },
@@ -33982,7 +34742,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smartcleaningcenter.nl", true },
{ "smartcpa.ca", true },
{ "smartedg.io", true },
- { "smartest-trading.com", true },
{ "smartfit.cz", true },
{ "smartftp.com", true },
{ "smarthdd.com", true },
@@ -33996,19 +34755,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smartmarketingcoaching.com", true },
{ "smartmeal.ru", true },
{ "smartmessages.net", true },
- { "smartmompicks.com", true },
{ "smartmomsmartideas.com", true },
{ "smartpass.government.ae", true },
{ "smartphonechecker.co.uk", true },
+ { "smartphones-baratos.com", true },
{ "smartpolicingplatform.com", true },
{ "smartrecruit.ro", true },
{ "smartservices.nl", true },
{ "smartshiftme.com", true },
{ "smartship.co.jp", true },
+ { "smartshoppers.es", true },
{ "smartsparrow.com", true },
{ "smartthursday.hu", true },
{ "smartvideo.io", true },
{ "smartviewing.com", true },
+ { "smartwank.com", true },
+ { "smartweb.ge", true },
{ "smartwelve.com", true },
{ "smartwoodczech.cz", true },
{ "smartwurk.nl", false },
@@ -34020,6 +34782,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sme-gmbh.net", true },
{ "smeetsengraas.com", true },
{ "smeso.it", true },
+ { "smexpt.com", true },
{ "smiatek.name", true },
{ "smileandpay.com", true },
{ "smiledirectsales.com", true },
@@ -34033,8 +34796,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smit.com.ua", true },
{ "smit.ee", true },
{ "smith.co", true },
- { "smith.is", true },
{ "smithandcanova.co.uk", false },
+ { "smithchow.com", true },
{ "smithchung.eu", true },
{ "smithfieldbaptist.org", true },
{ "smkw.com", false },
@@ -34047,11 +34810,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smoo.st", true },
{ "smoothcomp.com", true },
{ "smoothgesturesplus.com", true },
- { "smoothics.at", true },
- { "smoothics.com", true },
- { "smoothics.eu", true },
- { "smoothics.mobi", true },
- { "smoothics.net", true },
{ "smoothtalker.com", true },
{ "smorgasblog.ie", true },
{ "smow.com", true },
@@ -34075,6 +34833,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smutek.net", true },
{ "smvcm.com", true },
{ "smx.net.br", true },
+ { "sn0int.com", true },
+ { "snabbare-dator.se", true },
+ { "snabbit-support.nu", true },
+ { "snabbit-support.se", true },
{ "snackbesteld.nl", true },
{ "snafu.cz", true },
{ "snakafya.com", true },
@@ -34119,13 +34881,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "snight.co", true },
{ "snille.com", true },
{ "snip.run", true },
+ { "snippet.host", true },
{ "snippet.wiki", true },
{ "snl.no", true },
{ "sno-kingroofing-gutters.com", true },
{ "snoerendevelopment.nl", true },
{ "snohomishsepticservice.com", true },
{ "snopyta.com", true },
- { "snoringhq.com", true },
+ { "snortfroken.net", true },
{ "snote.io", true },
{ "snoupon.com", true },
{ "snow-online.com", true },
@@ -34137,11 +34900,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "snowdy.dk", true },
{ "snowhaze.ch", true },
{ "snowhaze.com", true },
+ { "snoworld.one", true },
{ "snowpak.com", true },
{ "snowpaws.de", true },
{ "snowplane.net", true },
{ "snowraven.de", true },
{ "snowy.land", true },
+ { "snowyluma.com", true },
{ "snowyluma.me", true },
{ "snperformance.gr", true },
{ "snrat.com", true },
@@ -34194,14 +34959,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "socoastal.com", true },
{ "sodadigital.com.au", true },
{ "sodafilm.de", true },
- { "sodamakerclub.com", true },
{ "sodexam.pro", true },
{ "sodi.nl", true },
{ "sodiao.cc", true },
{ "sodomojo.com", true },
+ { "soe-server.com", true },
{ "sofa-rockers.org", true },
{ "sofabedshop.de", true },
+ { "sofiadaoutza.gr", true },
{ "sofiavanmoorsel.com", true },
+ { "sofiesteinfeld.de", true },
{ "sofort.com", true },
{ "sofortimplantate-muenchen.de", true },
{ "sofortueberweisung.de", true },
@@ -34210,8 +34977,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "softanka.com", true },
{ "softart.club", true },
{ "softballrampage.com", true },
- { "softbebe.com", true },
+ { "softblinds.co.uk", true },
{ "softcreatr.de", false },
+ { "softfay.com", true },
{ "softonic.com", true },
{ "softonic.com.br", true },
{ "softonic.jp", true },
@@ -34219,10 +34987,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "softplay4hire.co.uk", true },
{ "softprayog.in", true },
{ "softrobot.se", true },
+ { "softsecmatheodexelle.be", true },
{ "softtennis-zenei.com", true },
{ "softw.net", true },
{ "software.rocks", true },
{ "softwarebetrieb.de", true },
+ { "softwarebeveiligingtestdomein.be", true },
{ "softwaredesign.foundation", false },
{ "softwarehardenberg.nl", true },
{ "softwarevoortherapeuten.nl", true },
@@ -34284,11 +35054,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "solomo.pt", true },
{ "solonotizie24.it", true },
{ "solos.im", true },
- { "solsocog.de", true },
+ { "soloshu.co", true },
+ { "solsocog.de", false },
{ "soluphant.de", true },
{ "solutionhoisthire.com.au", true },
+ { "solutions-teknik.com", true },
{ "solvation.de", true },
{ "solve-it.se", true },
+ { "solve.co.uk", true },
{ "solved.tips", true },
{ "solvemethod.com", true },
{ "solvewebmedia.com", true },
@@ -34316,7 +35089,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sonavankova.cz", true },
{ "sondergaard.de", true },
{ "sondersobk.dk", true },
- { "songluck.com", true },
{ "songshuzuoxi.com", true },
{ "songsmp3.co", true },
{ "songsmp3.com", true },
@@ -34343,7 +35115,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "soontm.net", true },
{ "soopure.nl", true },
{ "sooscreekdental.com", true },
- { "soothemobilemassage.com.au", true },
{ "soph.jp", true },
{ "soph.us", true },
{ "sopher.io", true },
@@ -34368,6 +35139,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "soruly.com", true },
{ "sorz.org", true },
{ "sos-elettricista.it", true },
+ { "sos-fabbro.it", true },
{ "sos-falegname.it", true },
{ "sos-idraulico.it", true },
{ "sos-muratore.it", true },
@@ -34380,13 +35152,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sotadb.info", true },
{ "sotai.tk", true },
{ "sotar.us", true },
- { "sotavasara.net", true },
{ "sotoasobi.net", true },
{ "sotthewes.nl", true },
{ "sou-co.jp", true },
{ "soubriquet.org", true },
{ "soufastnet.com.br", true },
{ "sougi-review.top", true },
+ { "souked.com", true },
{ "souki.cz", true },
{ "soukodou.jp", true },
{ "soul-source.co.uk", true },
@@ -34399,6 +35171,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "soumikghosh.com", true },
{ "soumya92.me", true },
{ "soundabout.nl", true },
+ { "soundbytemedia.com", true },
{ "soundeo.com", true },
{ "soundeo.net", true },
{ "soundhunter.xyz", false },
@@ -34407,12 +35180,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "soundscrate.com", true },
{ "soundtruckandautorepair.com", true },
{ "soupcafe.org", true },
- { "souqtajmeel.com", true },
{ "sour.is", true },
{ "souravsaha.com", true },
{ "sourcebox.be", false },
{ "sourcecode.tw", true },
- { "sourcely.net", true },
{ "sourceway.de", true },
{ "souris.ch", true },
{ "southafrican.dating", true },
@@ -34454,6 +35225,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "space-it.de", true },
{ "space-y.cf", true },
{ "spacebaseapp.com", true },
+ { "spacebear.ee", true },
{ "spacedirectory.org", true },
{ "spacedots.net", true },
{ "spacehighway.ms", true },
@@ -34469,9 +35241,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spakurort.eu", true },
{ "spaldingwall.com", true },
{ "spamdrain.com", true },
- { "spamwc.de", true },
{ "spanda.io", true },
{ "spanjeflydrive.nl", true },
+ { "spanner.works", true },
{ "spanyolul.hu", true },
{ "spar-ni.co.uk", true },
{ "sparanoid.com", true },
@@ -34482,11 +35254,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sparklebastard.com", true },
{ "sparkz.no", true },
{ "sparprofi.at", true },
- { "sparta-en.org", true },
{ "sparta-solutions.de", true },
{ "spartaconsulting.fi", true },
{ "spartacuslife.com", true },
{ "spartaermelo.nl", true },
+ { "sparxsolutions.be", true },
{ "spasicilia.it", true },
{ "spatzenwerkstatt.de", true },
{ "spaysy.com", true },
@@ -34494,19 +35266,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spaziopervoi.com.br", true },
{ "spazturtle.co.uk", true },
{ "spazzacamino.roma.it", true },
+ { "spbet99.com", true },
{ "spd-pulheim-mitte.de", true },
{ "spdepartamentos.com.br", true },
{ "spdf.net", true },
{ "spdillini.com", true },
{ "speak-polish.com", true },
+ { "speakingdiligence.com", true },
{ "spearfishingmx.com", true },
{ "speargames.net", true },
{ "specdrones.us", true },
+ { "specialized-hosting.eu", true },
{ "specialproperties.com", true },
{ "specialtyalloys.ca", true },
{ "speciesism.com", true },
{ "spectroom.space", true },
- { "spectrosoftware.de", true },
{ "spectrum.gov", true },
{ "spediscifiori.com", true },
{ "spedition-transport-umzug.de", true },
@@ -34531,6 +35305,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spellcheckci.com", true },
{ "spellchecker.net", true },
{ "spenglerei-shop.de", true },
+ { "spenny.tf", true },
{ "sperandii.it", true },
{ "sperec.fr", true },
{ "sperrstun.de", true },
@@ -34538,7 +35313,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spha.info", true },
{ "sphere-realty.com", true },
{ "sphereblur.com", true },
- { "spherenix.org", true },
{ "sphido.org", true },
{ "spicejungle.com", true },
{ "spicydog.org", true },
@@ -34547,7 +35321,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spidernet.tk", true },
{ "spideroak.com", true },
{ "spiders.org.ua", true },
- { "spiel-teppich.de", true },
{ "spielezar.ch", true },
{ "spielland.ch", true },
{ "spiellawine.de", true },
@@ -34561,6 +35334,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spindle.com.ph", true },
{ "spindrift.com", true },
{ "spingenie.com", true },
+ { "spinor.im", true },
{ "spins.fedoraproject.org", true },
{ "spinspin.wtf", true },
{ "spiralschneiderkaufen.de", true },
@@ -34588,7 +35362,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spodelime.com", true },
{ "spokaneexteriors.com", true },
{ "spokanepolebuildings.com", true },
- { "spoketwist.com", true },
{ "spoluck.ca", true },
{ "spolwind.de", true },
{ "spom.net", true },
@@ -34606,6 +35379,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sport-in-sundern.de", true },
{ "sport-potreby.cz", true },
{ "sport-potreby.sk", true },
+ { "sport-socken.net", true },
{ "sportabee.com", true },
{ "sportakrobatik.at", true },
{ "sportbetuwe.nl", true },
@@ -34629,7 +35403,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spot-lumiere-led.com", true },
{ "spotrebitelskecentrum.sk", true },
{ "spottedpenguin.co.uk", true },
- { "spotteredu.com", true },
{ "spotupload.com", true },
{ "sppin.fr", true },
{ "sprachfreudehoch3.de", true },
@@ -34640,6 +35413,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spreadthenews.eu", true },
{ "spree.co.za", true },
{ "spreed.me", true },
+ { "spricknet.de", true },
{ "springerundpartner.de", true },
{ "springfieldbricks.com", true },
{ "springhillmaine.com", true },
@@ -34647,13 +35421,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sprinklermanohio.com", true },
{ "spritmonitor.de", true },
{ "spritsail.io", true },
+ { "spro.in", true },
{ "sproktz.com", true },
{ "spron.in", true },
+ { "sproutways.com", true },
{ "sprucecreekclubs.com", true },
{ "sprucecreekgcc.com", true },
{ "sps-lehrgang.de", true },
{ "spslawoffice.com", true },
{ "spsnewengland.org", true },
+ { "spt.re", true },
{ "sptk.org", true },
{ "spuffin.com", true },
{ "spufpowered.com", true },
@@ -34670,6 +35447,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sqlfeatures.com", true },
{ "sqr-training.com", true },
{ "sqroot.eu", true },
+ { "sqsd.xyz", true },
{ "square-gaming.org", true },
{ "square-src.de", false },
{ "square.com", false },
@@ -34689,6 +35467,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "src-el-main.com", true },
{ "src.fedoraproject.org", true },
{ "srchub.org", true },
+ { "srichan.net", true },
{ "srife.net", true },
{ "srigc.com", true },
{ "srihash.org", true },
@@ -34725,6 +35504,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ssl.doctor", true },
{ "ssl.google-analytics.com", true },
{ "ssl.md", true },
+ { "ssl24.pl", true },
{ "ssl247.co.uk", true },
{ "ssl247.com.mx", true },
{ "ssl247.de", true },
@@ -34751,6 +35531,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ssrfq.com", true },
{ "sssppp.gq", true },
{ "sstaging.com", true },
+ { "sstewartgallus.com", true },
{ "ssuc.net", true },
{ "ssuiteoffice.com", true },
{ "ssuitesoft.com", true },
@@ -34768,6 +35549,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stacklasvegas.com", true },
{ "stackpath.com", true },
{ "stackptr.com", true },
+ { "stacktile.io", false },
{ "stackunderflow.com", true },
{ "staddlestonesbowness.co.uk", true },
{ "stadm.com", true },
@@ -34776,6 +35558,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stadtbauwerk.at", false },
{ "stadtbuecherei-bad-wurzach.de", true },
{ "stadterneuerung-hwb.de", true },
+ { "stadtkapelle-oehringen.de", true },
{ "stadtpapa.de", true },
{ "stadtplan-ilmenau.de", true },
{ "staer.ro", true },
@@ -34789,13 +35572,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stageirites.org", true },
{ "stahlfors.com", true },
{ "stainedglass.net.au", true },
+ { "stainternational.com", true },
{ "stair.ch", true },
{ "stairfallgames.com", true },
{ "stairlin.com", true },
{ "staklim-malang.info", true },
{ "stako.jp", true },
{ "staktrace.com", true },
- { "stalder.work", true },
{ "staljedevledder.nl", true },
{ "stalker-shop.com", true },
{ "stalkerteam.pl", true },
@@ -34829,7 +35612,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stargatelrp.co.uk", true },
{ "stargazer.de", true },
{ "starina.ru", true },
- { "starinvestors.in", true },
{ "starka.st", true },
{ "starkbim.com", true },
{ "starking.net.cn", true },
@@ -34838,24 +35620,26 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "starmtech.fr", true },
{ "starpeak.org", true },
{ "starphotoboothsni.co.uk", true },
+ { "starport.com.au", true },
{ "starsam80.net", true },
{ "starsguru.com", true },
{ "starsing.bid", true },
{ "starskim.cn", true },
{ "starstreak.net", false },
{ "startaninflatablebusiness.com", true },
+ { "startanull.ru", true },
{ "startergen.com", true },
{ "startlab.sk", true },
{ "startle.cloud", true },
{ "startpage.com", true },
{ "startpage.info", true },
{ "startrek.in", true },
- { "startsamenvitaal.nu", true },
{ "starttls-everywhere.org", true },
{ "starttraffic.com", true },
{ "starttraffic.uk", true },
{ "startupgenius.org", true },
{ "starwins.co.uk", true },
+ { "stassi.ch", false },
{ "stastka.ch", true },
{ "stat.ink", true },
{ "statebuildinggroup.com", true },
@@ -34918,7 +35702,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "steef389.eu", true },
{ "steel-roses.de", true },
{ "steelephys.com.au", true },
- { "steelmounta.in", true },
{ "steemit.com", true },
{ "steemyy.com", true },
{ "steerty.com", true },
@@ -34947,9 +35730,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stella-artis-ensemble.at", true },
{ "stellarguard.me", true },
{ "stellarium-gornergrat.ch", true },
- { "stellen.ch", true },
+ { "stellarx.com", true },
{ "stelleninserate.de", true },
- { "stellenticket.de", true },
{ "stellmacher.name", true },
{ "stemapp.io", true },
{ "stembureauledenindenhaag.nl", true },
@@ -34968,6 +35750,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stephenj.co.uk", true },
{ "stephenjvoiceovers.com", true },
{ "stephenperreira.com", true },
+ { "stephenreescarter.com", true },
+ { "stephenreescarter.net", true },
{ "stephenschrauger.com", true },
{ "stephenschrauger.info", true },
{ "stephenschrauger.net", true },
@@ -34995,13 +35779,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sternsinus.com", true },
{ "stetspa.it", true },
{ "steuer-voss.de", true },
- { "steuerberater-essen-steele.com", true },
{ "steuerkanzlei-edel.de", true },
- { "steuerkanzlei-und-wirtschaftsberater-manke.de", true },
{ "steuern-recht-wirtschaft.de", true },
{ "steuerseminare-graf.de", true },
{ "steuertipps-sonderausgaben.de", true },
- { "steve.kiwi", true },
{ "steveborba.com", true },
{ "stevecostar.com", true },
{ "stevedesmond.ca", true },
@@ -35029,10 +35810,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stfrancisnaugatuck.org", true },
{ "stfw.info", true },
{ "stgabrielstowepa.org", true },
+ { "stgeorgecomfortinn.com", true },
{ "stgeorgegolfing.com", true },
{ "stgm.org", true },
{ "sthenryrc.org", true },
{ "stian.net", true },
+ { "stichtingdemuziekkamer.nl", true },
{ "stichtingliab.nl", true },
{ "stichtingscholierenvervoerzeeland.nl", true },
{ "stichtingsticky.nl", true },
@@ -35044,7 +35827,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stickies.io", true },
{ "stickmanventures.com", true },
{ "stickstueb.de", true },
- { "stiens.de", true },
{ "stift-kremsmuenster.at", true },
{ "stiftemaskinen.no", true },
{ "stigharder.com", true },
@@ -35075,6 +35857,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stjohnsottsville.org", true },
{ "stjoseph-stcatherine.org", true },
{ "stjosephspringcity.com", true },
+ { "stjosephtheworker.net", true },
{ "stjscatholicchurch.org", true },
{ "stjustin.org", true },
{ "stln.ml", true },
@@ -35087,10 +35870,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stmarkseagirt.com", true },
{ "stmarthachurch.com", true },
{ "stmaryextra.uk", true },
+ { "stmatthewri.org", true },
{ "stmattsparish.com", true },
{ "stmichaellvt.com", true },
{ "stmichaelunion.org", true },
- { "stmkza.net", true },
{ "stmlearning.com", true },
{ "stmsolutions.pl", true },
{ "stneotsbouncycastlehire.co.uk", true },
@@ -35113,19 +35896,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stolpi.is", true },
{ "stomt.com", true },
{ "stoneagehealth.com.au", true },
+ { "stonechatjewellers.ie", true },
{ "stonedworms.de", true },
- { "stonefusion.org.uk", true },
{ "stonehammerhead.org", true },
{ "stonehurstcap.com", true },
+ { "stonewuu.com", true },
{ "stony.com", true },
{ "stonystratford.org", true },
{ "stopbullying.gov", true },
{ "stopfraud.gov", false },
+ { "stopjunkmail.co.uk", true },
{ "stopthethyroidmadness.com", true },
{ "storageideas.uk", true },
{ "stordbatlag.no", true },
{ "storedsafe.com", true },
{ "storeit.co.uk", true },
+ { "storeprice.co.uk", true },
+ { "storeprijs.nl", true },
{ "storillo.com", true },
{ "storm-family.com", true },
{ "stormi.io", true },
@@ -35140,10 +35927,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stouter.nl", true },
{ "stoxford.com", true },
{ "stpatrickbayshore.org", true },
+ { "stpaulcatholicchurcheastnorriton.net", true },
+ { "str8hd.com", true },
{ "straatderzotten.nl", true },
{ "strafensau.de", true },
+ { "strafvollzugsgesetze.de", true },
{ "strahlende-augen.info", true },
- { "straightedgebarbers.ca", true },
{ "strajnar.si", true },
{ "straka.name", true },
{ "strandschnuppern.de", true },
@@ -35156,19 +35945,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "strategie-zone.de", true },
{ "strathewerd.de", true },
{ "stratmann-b.de", true },
- { "stratuscloud.co.za", true },
- { "stratuscloudconsulting.cn", true },
- { "stratuscloudconsulting.co.uk", true },
- { "stratuscloudconsulting.co.za", true },
- { "stratuscloudconsulting.com", true },
- { "stratuscloudconsulting.in", true },
- { "stratuscloudconsulting.info", true },
- { "stratuscloudconsulting.net", true },
- { "stratuscloudconsulting.org", true },
{ "straubis.org", true },
{ "strauser.com", true },
{ "stravers.shoes", true },
{ "strawberry-laser.gr", true },
+ { "streamblur.net", true },
{ "streamchan.org", true },
{ "streamelements.com", true },
{ "streamkit.gg", true },
@@ -35177,6 +35958,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "street-smart-home.de", true },
{ "street-tek.com", true },
{ "streetdancecenter.com", true },
+ { "streetlightdata.com", true },
{ "streetmarket.ru", true },
{ "streets.mn", true },
{ "streetshirts.co.uk", true },
@@ -35187,11 +35969,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stremio.com", true },
{ "strengthroots.com", true },
{ "stretchmyan.us", true },
+ { "stretchpc.com", true },
{ "striata.com", true },
{ "striatadev.com", true },
{ "stricted.net", true },
{ "strictlyguitar.de", true },
- { "strictlynormal.com", true },
{ "strijkshop.be", true },
{ "stringtoolbox.com", true },
{ "stringvox.com", true },
@@ -35202,6 +35984,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "strobeltobias.de", true },
{ "strobeto.de", true },
{ "strobotti.com", true },
+ { "stroccounioncity.org", true },
{ "stroeerdigital.de", true },
{ "stroginohelp.ru", true },
{ "strom.family", true },
@@ -35217,6 +36000,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "strosemausoleum.com", true },
{ "stroseoflima.com", true },
{ "strozik.de", true },
+ { "strrl.com", true },
{ "structurally.net", true },
{ "structure.systems", true },
{ "strugee.net", true },
@@ -35225,6 +36009,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stsolarenerji.com", true },
{ "ststanstrans.org", true },
{ "stt.wiki", true },
+ { "sttg.com.au", true },
{ "stthomasbrigantine.org", true },
{ "stuartbell.co.uk", true },
{ "stuarteggerton.com", true },
@@ -35247,14 +36032,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "studentse.fr", true },
{ "studenttenant.com", true },
{ "studiebegeleiding-haegeman.be", true },
- { "studiemeter.nl", true },
{ "studienportal.eu", true },
{ "studienservice.de", true },
- { "studiereader.nl", true },
{ "studio-637.com", true },
{ "studio-architetto.com", true },
+ { "studio-art.pro", true },
{ "studio-fotografico.ru", true },
- { "studio-webdigi.com", true },
{ "studio44.fit", true },
{ "studioadevents.com", true },
{ "studioavvocato24.it", true },
@@ -35262,6 +36045,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "studiodentisticosanmarco.it", true },
{ "studiodewit.nl", true },
{ "studiogavioli.com", true },
+ { "studiogears.com", true },
{ "studiograou.com", true },
{ "studiohelder.fr", false },
{ "studiohomebase.amsterdam", true },
@@ -35276,6 +36060,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "studioscherp.nl", true },
{ "studiostawki.com", true },
{ "studiostudio.net", true },
+ { "studiosus-gruppenreisen.com", true },
+ { "studiosus.com", true },
{ "studiotheatrestains.fr", true },
{ "studiovaud.com", true },
{ "studipro-formation.fr", true },
@@ -35288,7 +36074,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stuetzredli.ch", true },
{ "stuffi.fr", true },
{ "stuffie.org", true },
- { "stuffiwouldbuy.com", true },
{ "stuka-art.de", true },
{ "stulda.cz", false },
{ "stumeta.de", true },
@@ -35297,8 +36082,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stuntmen.xyz", true },
{ "stupendous.net", false },
{ "stutelage.com", true },
- { "stuttgart-gablenberg.de", true },
- { "stuudium.cloud", true },
{ "stuudium.com", true },
{ "stuudium.net", true },
{ "stuudium.org", true },
@@ -35309,6 +36092,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stuvus.uni-stuttgart.de", true },
{ "stw-group.at", true },
{ "stygium.net", false },
+ { "stylaq.com", true },
+ { "stylebajumuslim.com", true },
{ "styleci.io", true },
{ "stylecollective.us", true },
{ "styles.pm", true },
@@ -35340,6 +36125,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "succ.in", true },
{ "succesprojekter.dk", true },
{ "successdeliv.com", true },
+ { "suche.org", true },
{ "suchmaschinen-werkstatt.de", true },
{ "suckmyan.us", false },
{ "sucretown.net", true },
@@ -35351,7 +36137,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sudo.org.au", true },
{ "sudo.ws", true },
{ "sudokian.io", true },
- { "sudoschool.com", true },
{ "suelyonjones.com", true },
{ "suessdeko.de", true },
{ "suevia-ka.de", true },
@@ -35388,9 +36173,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "summa.eu", false },
{ "summercampthailand.com", true },
{ "summershomes.com", true },
- { "sumoatm.com", false },
{ "sumthing.com", true },
- { "sun-leo.co.jp", true },
{ "sunboxstore.jp", true },
{ "sunbritetv.com", true },
{ "sunchasercats.com", true },
@@ -35403,11 +36186,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sunfox.cz", true },
{ "sunfulong.blog", true },
{ "sunfulong.me", true },
+ { "sungreen.info", true },
{ "sunjaydhama.com", true },
{ "sunjiutuo.com", true },
{ "sunlit.cloud", true },
{ "sunn.ie", true },
+ { "sunnylyx.com", true },
{ "sunoikisis.org", true },
+ { "sunred.info", true },
+ { "sunred.org", true },
{ "sunsetwx.com", true },
{ "sunshinesf.org", true },
{ "sunsmartresorts.com", true },
@@ -35439,12 +36226,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "superguide.com.au", true },
{ "superhappiness.com", true },
{ "superhome.com.au", true },
+ { "superidropulitrice.com", true },
{ "supermae.pt", true },
+ { "supermarx.nl", true },
{ "supermercadosdia.com.ar", true },
{ "supermercato24.it", true },
{ "supermil.ch", true },
{ "supern0va.net", true },
{ "supernaut.info", true },
+ { "supernt.lt", true },
{ "supersec.es", true },
{ "supersole.net", true },
{ "supersonnig-festival.de", true },
@@ -35485,6 +36275,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "surefit-oms.com", true },
{ "suretone.co.za", true },
{ "surfnetkids.com", true },
+ { "surfnetparents.com", true },
{ "surfocal.com", true },
{ "surgenet.nl", true },
{ "surgeongeneral.gov", true },
@@ -35493,19 +36284,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "surpreem.com", true },
{ "surreyheathyc.org.uk", true },
{ "suruifu.com", true },
- { "suruifu.tk", true },
{ "survature.com", true },
{ "surveillance104.com", true },
{ "surveyhealthcare.com", true },
{ "surveymill.co.uk", true },
+ { "survivalistplanet.com", true },
{ "survivalmonkey.com", true },
{ "susanbpilates.co", true },
{ "susanbpilates.com", true },
{ "susann-kerk.de", true },
{ "susanna-komischke.de", true },
- { "susanvelez.com", true },
{ "susc.org.uk", true },
{ "sush.us", true },
+ { "sushi.roma.it", true },
{ "sushibesteld.nl", true },
{ "sushikatze.de", true },
{ "susosudon.com", true },
@@ -35528,6 +36319,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sv-turm-hohenlimburg.de", true },
{ "sv.search.yahoo.com", false },
{ "svager.cz", true },
+ { "svak-gutachter.de", true },
{ "svallee.fr", false },
{ "svanstrom.com", true },
{ "svanstrom.org", true },
@@ -35557,17 +36349,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "svorcikova.cz", true },
{ "sw-servers.net", true },
{ "sw33tp34.com", true },
+ { "swagsocial.net", true },
{ "swankism.com", true },
{ "swansdoor.org", true },
{ "swap.gg", true },
{ "swapadoodle.com", true },
{ "swaptaxdata.com", true },
{ "swarfarm.com", true },
- { "swarlys-server.de", true },
{ "swat4stats.com", true },
{ "swattransport.ae", true },
{ "sway-cdn.com", true },
{ "swd.agency", true },
+ { "swe77.com", true },
+ { "swe777.com", true },
{ "sweak.net", true },
{ "swedishhost.com", true },
{ "swedishhost.se", true },
@@ -35590,7 +36384,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "swiftqueue.com", true },
{ "swilly.org", true },
{ "swimbee.nl", true },
- { "swimmingpoolaccidentattorney.net", true },
{ "swimready.net", true },
{ "swimwear365.co.uk", true },
{ "swineson.me", true },
@@ -35632,6 +36425,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "syajvo.if.ua", true },
{ "syamutodon.xyz", true },
{ "sycamorememphis.org", true },
+ { "sychov.pro", true },
{ "sydney-sehen.com", true },
{ "sydney.dating", true },
{ "sydneyhelicopters.com.au", true },
@@ -35661,6 +36455,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "symbiose.com", true },
{ "symbiosecom.ch", true },
{ "symeda.de", true },
+ { "symetria.io", true },
{ "symfora-meander.nl", true },
{ "symlnk.de", true },
{ "symphonos.it", true },
@@ -35669,6 +36464,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "symptome-erklaert.de", true },
{ "synabi.com", true },
{ "synack.uk", true },
+ { "synackr.net", true },
{ "synaptickz.me", true },
{ "synatra.co", true },
{ "sync-it.no", true },
@@ -35710,6 +36506,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "system.is", true },
{ "system12.pl", true },
{ "system365.eu", true },
+ { "system4travel.com", true },
{ "systemadmin.uk", true },
{ "systematic-momo.com", true },
{ "systematic-momo.dk", true },
@@ -35738,10 +36535,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "szaloneigly.com", true },
{ "szamitogepdepo.com", true },
{ "szaydon.me", false },
+ { "szc.me", true },
{ "szclsya.me", true },
- { "szczot3k.pl", true },
{ "szechenyi2020.hu", true },
{ "szentistvanpt.sk", true },
+ { "szepsegbennedrejlik.hu", true },
{ "szerelem.love", true },
{ "szetowah.org.hk", true },
{ "szunia.com", true },
@@ -35749,20 +36547,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "szyndler.ch", true },
{ "szzsivf.com", true },
{ "t-hawk.com", true },
+ { "t-m.me", true },
{ "t-net.org.hu", true },
{ "t-shirts4less.nl", true },
{ "t-stonegroup.com", true },
{ "t.facebook.com", false },
+ { "t0ny.name", true },
{ "t12u.com", true },
- { "t2000headphones.com", true },
- { "t2000laserpointers.com", true },
{ "t23m-navi.jp", false },
{ "t2i.nl", true },
+ { "t3rror.net", true },
{ "t47.io", true },
{ "t4c.link", true },
{ "t4cc0.re", true },
{ "t5118.com", true },
{ "t7e.de", false },
+ { "t9i.in", true },
{ "ta-65.com", true },
{ "ta-sports.net", true },
{ "ta65.com", true },
@@ -35779,6 +36579,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tablescraps.com", true },
{ "tablet.facebook.com", false },
{ "tabletd.com", true },
+ { "tabletsbaratasya.com", true },
{ "tablotv.com", false },
{ "taborsky.cz", true },
{ "tac-volley.com", true },
@@ -35804,6 +36605,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tagungsraum-usedom.de", true },
{ "tagungsraum-zinnowitz.de", true },
{ "tahavu.com", true },
+ { "taherian.me", true },
{ "tahosa.co", true },
{ "tahosalodge.org", true },
{ "tailpuff.net", false },
@@ -35856,7 +36658,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "talltreeskv.com.au", true },
{ "tallyfy.com", true },
{ "talon.rip", true },
- { "talroo.com", true },
{ "talun.de", true },
{ "tam-moon.com", true },
{ "tam-safe.com", true },
@@ -35865,13 +36666,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tamasszabo.net", true },
{ "tambre.ee", true },
{ "tamchunho.com", true },
+ { "tamersunion.org", true },
{ "tamindir.com", true },
{ "tamirson.com", true },
{ "tammy.pro", true },
{ "tampabaybusinesslistings.com", true },
{ "tamposign.fr", true },
+ { "tamriel-rebuilt.org", true },
{ "tanacio.com", true },
- { "tanak3n.xyz", false },
{ "tancredi.nl", true },
{ "tandem-trade.ru", false },
{ "tandemexhibits.com", true },
@@ -35881,7 +36683,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tandzorg.link", true },
{ "tangel.me", true },
{ "tangemann.org", true },
- { "tango-cats.de", true },
{ "tango-ouest.com", true },
{ "tangoalpha.co.uk", true },
{ "tanhit.com", true },
@@ -35913,9 +36714,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "taprix.org", true },
{ "tapsnapp.co", true },
{ "taquilla.com", true },
- { "taqun.club", true },
{ "tar-mag.com", true },
- { "taranis.re", true },
{ "tarasecurity.co.uk", true },
{ "tarasecurity.com", true },
{ "tarasevich.by", true },
@@ -35926,12 +36725,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tariff.cc", true },
{ "tarik.io", true },
{ "tarmexico.com", true },
- { "tarots-et-oracles.com", true },
+ { "taron.top", true },
{ "tarsan.cz", true },
{ "tartaneagle.org.uk", true },
{ "tartanhamedshop.com.br", true },
{ "taruntarun.net", true },
{ "tas2580.net", false },
+ { "tasadordecoches.com", true },
+ { "tascuro.com", true },
{ "taskin.me", true },
{ "taskotron.fedoraproject.org", true },
{ "taskotron.stg.fedoraproject.org", true },
@@ -35962,7 +36763,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tax-guard.com", true },
{ "taxaroo.com", true },
{ "taxaudit.com", true },
- { "taxi-24std.de", false },
{ "taxi-chamonix.fr", true },
{ "taxi-collectif.ch", true },
{ "taxi-jihlava.cz", true },
@@ -35974,6 +36774,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "taxisafmatosinhos.pt", true },
{ "taxiscollectifs.ch", true },
{ "taxlab.co.nz", true },
+ { "taxo.fi", true },
{ "taxpackagesupport.com", true },
{ "taxsquirrel.com", true },
{ "taylorpearson.me", false },
@@ -35994,7 +36795,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tbuchloh.de", true },
{ "tc-st-leonard.ch", true },
{ "tc.nz", true },
- { "tcacademy.co.uk", true },
{ "tcb-a.org", true },
{ "tcb-b.org", true },
{ "tccmb.com", true },
@@ -36003,7 +36803,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tcf.org", true },
{ "tcgforum.pl", true },
{ "tcgrepublic.com", true },
- { "tchaka.top", true },
{ "tchannels.tv", true },
{ "tchebb.me", true },
{ "tchebotarev.com", true },
@@ -36018,15 +36817,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tdchrom.com", true },
{ "tdfbfoundation.org", true },
{ "tdrcartuchos.com.br", true },
+ { "tdro.cf", true },
{ "tdrs.info", true },
{ "tdsf.io", true },
{ "tdsinflatables.co.uk", true },
{ "tdude.co", true },
{ "tea.codes", true },
{ "teabagdesign.co.uk", true },
+ { "teachbiz.net", true },
{ "teachercreatedmaterials.com", true },
{ "teacherph.com", true },
{ "teacherpowered.org", true },
+ { "teachertool.io", true },
{ "teachingcopyright.com", true },
{ "teachingcopyright.net", true },
{ "teachingcopyright.org", true },
@@ -36056,6 +36858,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "teampaddymurphy.ch", true },
{ "teampaddymurphy.ie", true },
{ "teamsimplythebest.com", true },
+ { "teamspeak-serverlist.xyz", true },
{ "teamtouring.net", true },
{ "teamtrack.uk", true },
{ "teamtravel.co", true },
@@ -36077,6 +36880,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tech-clips.com", false },
{ "tech-director.ru", true },
{ "tech-essential.com", true },
+ { "tech-info.jp", true },
{ "tech-rat.com", true },
{ "tech-seminar.jp", true },
{ "tech-value.eu", true },
@@ -36088,9 +36892,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "techarea.fr", true },
{ "techaulogy.com", true },
{ "techbelife.com", true },
- { "techbrawl.org", true },
{ "techbrown.com", true },
- { "techcentric.com", false },
{ "techcracky.com", true },
{ "techcultivation.de", false },
{ "techcultivation.net", false },
@@ -36104,27 +36906,32 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "techinet.pl", true },
{ "techinsurance.com", true },
{ "techjoe.co", true },
+ { "techmagus.icu", true },
{ "techmajesty.com", true },
{ "techmasters.io", true },
+ { "techmoviles.com", true },
{ "techmunchies.net", false },
{ "technic3000.com", true },
{ "technicabv.nl", true },
{ "technicalbrothers.cf", true },
{ "technicallyeasy.net", true },
+ { "technicalsystemsprocessing.com", true },
+ { "techniclab.net", true },
+ { "techniclab.org", true },
+ { "techniclab.ru", true },
{ "technifocal.com", true },
{ "technik-boeckmann.de", true },
{ "technikblase.fm", true },
{ "technikman.de", true },
+ { "technikrom.org", true },
{ "technoinfogroup.it", true },
{ "technologie-innovation.fr", true },
- { "technologyand.me", true },
{ "technologyhound.org", true },
{ "technologysi.com", true },
{ "technoparcepsilon.fr", true },
{ "technoscoots.com", true },
{ "technosorcery.net", true },
{ "technospeakco.com", true },
- { "technotonic.co.uk", true },
{ "techold.ru", true },
{ "techorbiter.com", true },
{ "techosmarcelo.com.ar", true },
@@ -36140,17 +36947,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "techtalks.no", true },
{ "techtrader.ai", true },
{ "techtrader.io", true },
- { "techvalue.gr", true },
{ "techview.link", true },
{ "techviewforum.com", true },
{ "techwayz.com", true },
{ "techwithcromulent.com", true },
{ "techwords.io", true },
+ { "techzero.cn", true },
{ "teckids.org", true },
{ "tecma.com", true },
{ "tecmarkdig.com", true },
{ "tecne.ws", true },
{ "tecnicoelettrodomestici.roma.it", true },
+ { "tecnidev.com", true },
{ "tecnoarea.com.ar", true },
{ "tecnobrasilloja.com.br", true },
{ "tecnodritte.it", true },
@@ -36167,6 +36975,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tedsdivingsystem.com", true },
{ "tedxodense.com", true },
{ "teebeedee.org", false },
+ { "teedb.de", true },
{ "teemo.gg", true },
{ "teemperor.de", true },
{ "teemulintula.fi", true },
@@ -36176,9 +36985,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "teeworlds-friends.de", true },
{ "tefek.cz", true },
{ "tege-elektronik.hu", true },
- { "tehcrayz.com", true },
{ "tehrabbitt.com", false },
- { "tehrankey.ir", true },
{ "tehranperfume.com", true },
{ "teixobactin.com", true },
{ "tejarat98.com", true },
@@ -36189,7 +36996,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "teknoforums.com", true },
{ "teknolit.com", true },
{ "tekstschrijvers.net", true },
- { "tektuts.com", true },
{ "tekuteku.jp", true },
{ "telamon.eu", true },
{ "telamon.fr", true },
@@ -36215,10 +37021,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "teleogistic.net", true },
{ "telepass.me", true },
{ "telephonedirectories.us", true },
- { "telepons.com", true },
+ { "telesto.online", true },
+ { "teletechnology.in", false },
+ { "teletexto.com", true },
{ "telework.gov", true },
{ "tellcorpassessoria.com.br", true },
{ "telling.xyz", true },
+ { "tellingua.com", false },
{ "tellusaboutus.com", true },
{ "telly.site", true },
{ "tellygames.com", true },
@@ -36227,6 +37036,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "telos-analytics.com", true },
{ "teltru.com", true },
{ "tem.li", true },
+ { "temariopolicianacional.es", true },
+ { "temariosdeoposiciones.es", true },
+ { "temasa.net", true },
{ "tematicas.org", true },
{ "temdu.com", true },
{ "temizmama.com", true },
@@ -36246,6 +37058,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tenderplan.ru", true },
{ "tenderstem.co.uk", true },
{ "tendomag.com", true },
+ { "tendoryu-aikido.org", false },
{ "tenenz.com", true },
{ "tenisservis.eu", true },
{ "tenkofx.com", true },
@@ -36257,7 +37070,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tenseapp.pl", true },
{ "tenshoku-hanashi.com", true },
{ "tenta.com", true },
- { "tentabrowser.com", true },
{ "tentations-voyages.com", false },
{ "tenthousandcoffees.com", true },
{ "tenthpin.com", false },
@@ -36277,14 +37089,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "teriiphotography.com", true },
{ "teriyakisecret.com", true },
{ "terlindung.com", true },
- { "termax.me", true },
- { "terminalvelocity.co.nz", true },
{ "termino.eu", true },
{ "terminsrakning.se", true },
{ "termitemounds.org", true },
{ "termitinitus.org", true },
{ "termografiranje.si", true },
{ "termux.com", true },
+ { "terpotiz.net", true },
{ "terra.fitness", true },
{ "terrab.de", false },
{ "terracloud.de", false },
@@ -36314,6 +37125,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "teslamagician.com", true },
{ "tesoro.pr", true },
{ "tessai.ga", true },
+ { "tesseractinitiative.org", true },
+ { "test-sev-web.pantheonsite.io", true },
{ "test-textbooks.com", true },
{ "test.de", true },
{ "test.support", true },
@@ -36322,6 +37135,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "testomato.com", true },
{ "testosteronedetective.com", true },
{ "testsuite.org", true },
+ { "testsvigilantesdeseguridad.es", true },
{ "testuje.net", true },
{ "tetedelacourse.ch", true },
{ "teto.nu", true },
@@ -36363,7 +37177,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tf2b.com", true },
{ "tf2calculator.com", true },
{ "tf7879.com", true },
+ { "tfb.az", true },
{ "tfg-bouncycastles.com", true },
+ { "tfk.fr", true },
{ "tfle.xyz", true },
{ "tflite.com", true },
{ "tfnapps.de", true },
@@ -36386,6 +37202,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thablubb.de", true },
{ "thaedal.net", true },
{ "thai.dating", true },
+ { "thai.land", false },
{ "thaicyberpoint.com", true },
{ "thaiforest.ch", true },
{ "thaihomecooking.com", true },
@@ -36401,6 +37218,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thaliagetaway.com.au", true },
{ "thallinger.me", true },
{ "thamesfamilydentistry.com", true },
+ { "thamtubinhminh.com", true },
{ "thanabh.at", true },
{ "thanatoid.net", true },
{ "thanhthinhbui.com", true },
@@ -36408,7 +37226,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thatquiz.org", true },
{ "thatsme.io", true },
{ "thca.ca", true },
- { "thcpbees.co.uk", true },
+ { "the-arabs.com", true },
{ "the-bermanns.com", true },
{ "the-big-bang-theory.com", true },
{ "the-body-shop.hu", false },
@@ -36434,7 +37252,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "theankhlife.com", true },
{ "theanticellulitediet.com", true },
{ "theaps.net", true },
- { "thearcheryguide.com", true },
{ "theastrocoach.com", true },
{ "theatre-schools.com", true },
{ "thebakers.com.br", true },
@@ -36446,6 +37263,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thebasebk.org", true },
{ "thebcm.co.uk", true },
{ "thebeachessportsphysio.com", true },
+ { "thebeardedrapscallion.com", true },
{ "thebeginningviolinist.com", true },
{ "thebest.ch", true },
{ "thebestfun.co.uk", true },
@@ -36463,6 +37281,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "theblackknightsings.com", true },
{ "theblondeabroad.com", true },
{ "theblueroofcottage.ca", true },
+ { "thebluub.com", true },
{ "theboatmancapital.com", true },
{ "thebodyprinciple.com", true },
{ "thebonerking.com", true },
@@ -36493,20 +37312,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thecrescentchildcarecenter.com", true },
{ "thecrew-exchange.com", true },
{ "thecrochetcottage.net", true },
+ { "thecstick.com", true },
{ "thecuppacakery.co.uk", true },
- { "thecuriouscat.net", true },
+ { "thecuriousdev.com", true },
{ "thecurvyfashionista.com", true },
{ "thecustomdroid.com", true },
+ { "theda.co.za", true },
{ "thedark1337.com", true },
{ "thederminstitute.com", true },
{ "thedhs.com", true },
{ "thediamondcenter.com", true },
- { "thediaryofadam.com", true },
{ "thedisc.nl", true },
{ "thediscovine.com", true },
{ "thedocumentrefinery.com", true },
+ { "thedom.site", true },
{ "thedreamtravelgroup.co.uk", true },
{ "thedronechart.com", true },
+ { "thedroneely.com", true },
{ "thedutchmarketers.com", true },
{ "theebookkeepers.co.za", true },
{ "theeducationchannel.info", true },
@@ -36515,13 +37337,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "theeighthbit.com", true },
{ "theel0ja.ovh", true },
{ "theemasphere.com", true },
+ { "theender.net", true },
+ { "theepiclounge.com", true },
{ "thefairieswantmedead.com", true },
{ "thefanimatrix.net", true },
{ "thefashionpolos.com", true },
{ "thefbstalker.com", true },
{ "thefengshuioffice.com", true },
{ "theferrarista.com", true },
- { "thefilmcolor.com", true },
{ "thefilmphotography.com", true },
{ "theflowerbasketonline.com", true },
{ "theflowershopdeddington.com", true },
@@ -36529,6 +37352,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thefnafarchive.org", true },
{ "theforkedspoon.com", true },
{ "thefourthmoira.com", true },
+ { "thefreemail.com", true },
{ "thefrk.pw", true },
{ "thefuckingtide.com", true },
{ "thefunfirm.co.uk", true },
@@ -36554,9 +37378,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thehairstandard.com", true },
{ "thehamiltoncoblog.com", true },
{ "thehaxbys.co.uk", true },
- { "thehiddenbay.fi", true },
- { "thehiddenbay.info", true },
- { "thehiddenbay.ws", true },
{ "thehivedesign.org", true },
{ "thehobincompany.com", true },
{ "thehomeicreate.com", true },
@@ -36568,24 +37389,26 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thehouseofgod.org.nz", true },
{ "thehowtohome.com", true },
{ "theidiotboard.com", true },
+ { "theig.co", true },
{ "theillustrationstudio.com.au", true },
{ "theimagefile.com", true },
{ "theimaginationagency.com", true },
+ { "theinboxpros.com", true },
{ "theinflatables-ni.co.uk", true },
{ "theinflatablesne.co.uk", true },
{ "theinitium.com", true },
{ "theintercept.com", true },
{ "theinternationalgeekconspiracy.eu", true },
{ "theitsage.com", false },
- { "thej0lt.com", true },
{ "thejacksoninstitute.com.au", true },
{ "thekev.in", true },
{ "thekeytobusiness.co.uk", true },
{ "thekindplate.ca", true },
- { "thekingofhate.com", true },
+ { "thekingofhate.com", false },
{ "thekovnerfoundation.org", true },
{ "thelaimlife.com", true },
{ "thelanscape.com", true },
+ { "thelastbeach.top", true },
{ "thelastsurprise.com", true },
{ "thelatedcult.com", true },
{ "thelearningenterprise.co.uk", true },
@@ -36598,6 +37421,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thelonelyones.co.uk", true },
{ "thelonious.nl", true },
{ "themacoaching.nl", true },
+ { "themadlabengineer.co.uk", true },
{ "themallards.info", true },
{ "themarshallproject.org", true },
{ "themecraft.studio", true },
@@ -36621,6 +37445,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thenanfang.com", true },
{ "thenarcissisticlife.com", true },
{ "theneatgadgets.com", true },
+ { "thenerdic.com", true },
{ "thenexwork.com", true },
{ "thenib.com", true },
{ "theninenine.com", true },
@@ -36628,6 +37453,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thenovaclinic.com", true },
{ "thenowheremen.com", true },
{ "theo.me", true },
+ { "theobg.co", true },
{ "theobromos.fr", true },
{ "theoc.co", true },
{ "theocharis.org", true },
@@ -36663,11 +37489,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "theplayspot.co.uk", true },
{ "theploughharborne.co.uk", true },
{ "thepoplarswines.com.au", true },
- { "thepostoffice.ro", true },
{ "thepriorybandbsyresham.co.uk", true },
{ "theproductpoet.com", true },
{ "thepromisemusic.com", true },
- { "thepurem.com", true },
{ "thepythianseed.com", true },
{ "theragran.co.id", true },
{ "theralino.de", true },
@@ -36709,7 +37533,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "theseletarmall.com", true },
{ "theseoframework.com", true },
{ "theseosystem.com", true },
- { "theserviceyouneed.com", true },
{ "thesession.org", false },
{ "thesharedbrain.ch", true },
{ "thesharedbrain.com", true },
@@ -36725,15 +37548,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "theskingym.co.uk", true },
{ "thesmallbusinesswebsiteguy.com", true },
{ "thesmokingcuban.com", true },
+ { "thesnellvilledentist.com", true },
{ "thesocialmediacentral.com", true },
{ "thesplashlab.com", true },
{ "thesslstore.com", true },
{ "thestandingroomrestaurant.com", true },
{ "thestationatwillowgrove.com", true },
+ { "thesteins.org", false },
{ "thestoneage.de", true },
{ "thestory.ie", true },
{ "thestoryshack.com", true },
{ "thestrategyagency.com.au", true },
+ { "thestreamable.com", true },
{ "thestudyla.com", true },
{ "thestyle.city", true },
{ "thestyleforme.com", true },
@@ -36742,6 +37568,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thetechnical.me", true },
{ "thetenscrolls.com", true },
{ "thethreepercent.marketing", true },
+ { "thetiedyelab.com", true },
{ "thetinylife.com", true },
{ "thetomharling.com", true },
{ "thetotalemaildelivery.com", true },
@@ -36749,7 +37576,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thetrendspotter.net", true },
{ "thetuxkeeper.de", false },
{ "thetvtraveler.com", true },
- { "theunitedstates.io", true },
{ "thevacweb.com", true },
{ "thevalentineconstitution.com", true },
{ "thevalueofarchitecture.com", true },
@@ -36762,7 +37588,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thewarrencenter.org", true },
{ "thewaxhouse.academy", true },
{ "thewaxhouse.de", true },
- { "thewebdexter.com", true },
+ { "thewayofthedojo.com", true },
{ "thewebflash.com", true },
{ "thewebsitedoctors.co.uk", true },
{ "thewebsitemarketingagency.com", true },
@@ -36771,11 +37597,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thewinstonatlyndhurst.com", true },
{ "thewoodkid.com.au", true },
{ "thewoolroom.com.au", true },
+ { "theworld.tk", true },
{ "theworldexchange.com", true },
{ "theworldexchange.net", true },
{ "theworldexchange.org", true },
{ "theworldsend.eu", true },
- { "thewp.pro", true },
{ "thexfactorgames.com", true },
{ "thexme.de", true },
{ "theyakshack.co.uk", true },
@@ -36783,6 +37609,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "theyear199x.org", true },
{ "theyearinpictures.co.uk", true },
{ "theyosh.nl", true },
+ { "thezero.org", true },
{ "thezillersathenshotel.com", true },
{ "thiagohersan.com", true },
{ "thibaultwalle.com", true },
@@ -36790,11 +37617,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thiepxinh.net", true },
{ "thierry-daellenbach.com", true },
{ "thierrybasset.ch", true },
- { "thierryhayoz.ch", true },
+ { "thijmenmathijs.nl", true },
{ "thijsalders.nl", false },
+ { "thijsbekke.nl", true },
{ "thijsslop.nl", true },
{ "thijsvanderveen.net", true },
{ "thinegen.de", true },
+ { "thingies.site", true },
{ "thingsimplied.com", true },
{ "thingsof.org", true },
{ "think-asia.org", true },
@@ -36810,7 +37639,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thinkquality.nl", true },
{ "thinkrealty.com", true },
{ "thinktux.net", true },
- { "thirdbearsolutions.com", true },
+ { "thirdgenphoto.co.uk", true },
{ "thiry-automobiles.net", true },
{ "this-server-will-be-the-death-of-me.com", true },
{ "thisbrownman.com", true },
@@ -36819,7 +37648,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thisdot.site", true },
{ "thisfreelife.gov", true },
{ "thisisgrey.com", true },
- { "thisishugo.com", false },
+ { "thisishugo.com", true },
{ "thisisthefinalact.com", true },
{ "thisistheserver.com", true },
{ "thisiswhywemom.com", true },
@@ -36833,6 +37662,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thomalaudan.de", true },
{ "thomas-bertran.com", true },
{ "thomas-fahle.de", true },
+ { "thomas-klubert.de", true },
{ "thomas-prior.com", true },
{ "thomas-sammut.com", true },
{ "thomas-schmittner.de", true },
@@ -36846,6 +37676,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thomaseyck.com", true },
{ "thomasfoster.co", true },
{ "thomashunter.name", false },
+ { "thomaskaviani.be", true },
{ "thomasmcfly.com", true },
{ "thomasmeester.nl", false },
{ "thomasmerritt.de", true },
@@ -36857,6 +37688,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thomaswoo.com", true },
{ "thompsonfamily.cloud", true },
{ "thomsonscleaning.co.uk", true },
+ { "thomspooren.nl", true },
{ "thomwiggers.nl", true },
{ "thor.edu", true },
{ "thor.re", true },
@@ -36883,6 +37715,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "threatworking.com", true },
{ "threecrownsllp.com", true },
{ "threedpro.me", true },
+ { "threefantasy.com", true },
{ "threefours.net", true },
{ "threelions.ch", true },
{ "threema.ch", true },
@@ -36898,6 +37731,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "throughtheglass.photo", true },
{ "throwaway.link", true },
{ "throwpass.com", true },
+ { "thrush.com", true },
{ "thues.eu", true },
{ "thuisverpleging-meerdael.be", true },
{ "thullbery.com", true },
@@ -36908,7 +37742,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thunraz.com", true },
{ "thusoy.com", true },
{ "thuthuatios.com", true },
- { "thuybich.com", true },
+ { "thuybich.com", false },
{ "thw-bernburg.de", true },
{ "thxandbye.de", true },
{ "thycotic.ru", true },
@@ -36925,12 +37759,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tibicinagarricola.com", true },
{ "tibipg.com", true },
{ "tibovanheule.space", true },
- { "ticfleet.com", true },
- { "tichieru.pw", true },
{ "ticketassist.nl", true },
{ "ticketdriver.com", true },
{ "ticketluck.com", true },
- { "ticketmates.com.au", true },
{ "ticketmaze.com", true },
{ "ticketpro.ca", false },
{ "ticketrunway.com", true },
@@ -36944,10 +37775,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ticketsvergleichen.de", true },
{ "tickit.ca", true },
{ "tid.jp", true },
+ { "tidy.chat", true },
{ "tidycustoms.net", true },
{ "tiekoetter.com", true },
- { "tielectric.ch", true },
- { "tiendavertigo.com", true },
+ { "tielectric.ch", false },
{ "tiens-ib.cz", true },
{ "tier-1-entrepreneur.com", true },
{ "tierarztpraxis-bogenhausen.de", true },
@@ -36955,6 +37786,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ties.com", true },
{ "tiew.pl", true },
{ "tifan.net", true },
+ { "tiffanytravels.com", true },
{ "tiffnix.com", true },
{ "tigerchef.com", true },
{ "tigerdile.com", true },
@@ -36990,6 +37822,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "timberkel.com", true },
{ "timbers.space", true },
{ "timbishopartist.com", true },
+ { "timbrado.com", true },
{ "timbrust.de", true },
{ "timco.cloud", true },
{ "timdeneau.com", true },
@@ -37019,6 +37852,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "timonengelke.de", true },
{ "timoso.de", true },
{ "timothybjacobs.com", true },
+ { "timowi.de", true },
{ "timoxbrow.com", true },
{ "timsayedmd.com", true },
{ "timtaubert.de", true },
@@ -37036,7 +37870,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tinfoleak.com", true },
{ "tinker.career", true },
{ "tinkerbeast.com", true },
- { "tinkerboard.org", true },
{ "tinkererstrunk.co.za", true },
{ "tinkertry.com", true },
{ "tinlc.org", true },
@@ -37055,6 +37888,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tinytownsoftplay.co.uk", true },
{ "tinyvpn.net", true },
{ "tinyvpn.org", true },
+ { "tioat.net", true },
{ "tipaki.gr", true },
{ "tipbox.is", true },
{ "tipe.io", true },
@@ -37088,13 +37922,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "titelseite.ch", true },
{ "titiansgirlphotography.com", true },
{ "titouan.co", false },
- { "tittelbach.at", false },
+ { "tittelbach.at", true },
{ "titusetcompagnies.net", true },
{ "tivido.nl", true },
{ "tiwag.at", true },
{ "tixeconsulting.com", true },
{ "tixify.com", true },
{ "tjampoer.com", true },
+ { "tjcuk.co.uk", true },
{ "tjenestetorvet.dk", true },
{ "tjkcastles.uk", true },
{ "tjl.rocks", true },
@@ -37103,8 +37938,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tkacz.pro", true },
{ "tkanemoto.com", true },
{ "tkat.ch", true },
- { "tkeycoin.com", true },
{ "tkgpm.com", true },
+ { "tkjg.fi", true },
{ "tkn.me", true },
{ "tkusano.jp", true },
{ "tkw01536.de", false },
@@ -37136,10 +37971,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tmcpromotions.co.uk", true },
{ "tmcreationweb.com", true },
{ "tmdb.biz", true },
+ { "tmdc.ddns.net", true },
{ "tmf.ru", true },
{ "tmi-products.eu", true },
{ "tmi-produkter.se", true },
- { "tmi.news", true },
{ "tmm.cx", true },
{ "tmonitoring.com", true },
{ "tmpraider.net", true },
@@ -37147,6 +37982,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tmsdiesel.com", true },
{ "tmtopup.com", true },
{ "tn0.club", true },
+ { "tnd.net.in", true },
{ "tndentalwellness.com", true },
{ "tnes.dk", true },
{ "tniad.mil.id", false },
@@ -37158,8 +37994,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "toast.al", false },
{ "tob-rulez.de", true },
{ "tobaccolocker.com", true },
+ { "tobedo.net", true },
{ "tober-cpag.de", true },
{ "tobi-mayer.de", true },
+ { "tobi-server.goip.de", true },
+ { "tobi-videos.goip.de", true },
{ "tobias-bauer.de", true },
{ "tobias-haenel.de", true },
{ "tobias-kleinmann.de", true },
@@ -37185,7 +38024,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tobyalden.com", true },
{ "tobyx.com", true },
{ "tobyx.de", true },
- { "tobyx.eu", true },
{ "tobyx.net", true },
{ "tobyx.org", true },
{ "tocaro.im", true },
@@ -37197,6 +38035,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "todapolitica.com", true },
{ "todaymeow.com", true },
{ "toddfry.com", true },
+ { "toddmath.com", true },
{ "todoereaders.com", true },
{ "todoescine.com", true },
{ "todoist.com", true },
@@ -37209,12 +38048,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "toerclub-ing-arnhem.nl", true },
{ "toetsplatform.be", true },
{ "tofe.io", true },
+ { "tofliving.nl", true },
{ "tofu.cf", true },
{ "togech.jp", true },
{ "togetter.com", true },
{ "toheb.de", false },
{ "tohochofu-sportspark.com", true },
{ "tohokinemakan.tk", true },
+ { "tohokufd.com", true },
{ "tokaido-kun.jp", true },
{ "tokaido.com", true },
{ "tokainafb.net", true },
@@ -37224,12 +38065,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tokens.net", true },
{ "tokic.hr", true },
{ "tokinoha.net", true },
- { "tokintu.com", true },
{ "tokio.fi", true },
{ "tokka.com", true },
{ "tokke.dk", true },
{ "tokkee.org", true },
- { "tokky.eu", true },
{ "tokototech.com", true },
{ "tokugai.com", true },
{ "tokumei.co", true },
@@ -37240,7 +38079,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tokyomakino.com", true },
{ "tokyovipper.com", true },
{ "tolboe.com", true },
- { "toldositajuba.com", true },
{ "toleressea.fr", true },
{ "toles-sur-mesure.fr", true },
{ "tolle-wolke.de", true },
@@ -37259,7 +38097,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tomasjacik.cz", true },
{ "tomaskavalek.cz", false },
{ "tomaspatera.cz", true },
- { "tomaspialek.cz", true },
{ "tomasvecera.cz", true },
{ "tomasz.com", true },
{ "tomatenaufdenaugen.de", true },
@@ -37267,9 +38104,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tomaw.net", true },
{ "tomaz.eu", true },
{ "tombaker.me", true },
+ { "tombroker.org", true },
{ "tombrossman.com", true },
{ "tomd.ai", true },
{ "tomend.es", true },
+ { "tomershemesh.me", true },
{ "tomfisher.eu", true },
{ "tomharling.uk", true },
{ "tomharris.tech", true },
@@ -37285,6 +38124,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tomlowenthal.com", true },
{ "tomm.yt", true },
{ "tommic.eu", true },
+ { "tommy-bordas.fr", false },
{ "tomnatt.com", true },
{ "tomo.gr", false },
{ "tomosm.net", true },
@@ -37298,7 +38138,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tomspdblog.com", true },
{ "tomssl.com", true },
{ "tomticket.com", true },
- { "tomudding.com", true },
{ "tomudding.nl", true },
{ "tomvote.com", true },
{ "tomwassenberg.com", true },
@@ -37328,12 +38167,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tonermonster.de", true },
{ "tonex.de", true },
{ "tonex.nl", true },
+ { "toni-dis.ch", true },
+ { "tonifarres.net", true },
{ "tonigallagherinteriors.com", true },
{ "tonkayagran.com", true },
{ "tonkayagran.ru", true },
{ "tonkinson.com", true },
{ "tonkinwilsonvillenissanparts.com", true },
{ "tonnycat.com", true },
+ { "tonnygaric.com", true },
{ "tono.us", true },
{ "tonsit.com", true },
{ "tonsit.org", true },
@@ -37347,14 +38189,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tonywebster.com", true },
{ "too.gy", true },
{ "toobug.net", true },
+ { "toolbox-bodensee.de", true },
{ "toolbox.ninja", false },
+ { "toolineo.de", true },
{ "toolkits.design", true },
{ "toolroomrecords.com", true },
{ "tools.pro", true },
{ "toolsense.io", true },
{ "toom.io", true },
- { "toomy.ddns.net", true },
{ "toomy.pri.ee", true },
+ { "toon.style", true },
{ "toonpool.com", true },
{ "toonsburgh.com", true },
{ "toontown.team", true },
@@ -37369,7 +38213,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "top-obaly.cz", true },
{ "top-opakowania.pl", true },
{ "top-solar-info.de", true },
+ { "top4shop.de", true },
{ "top5hosting.co.uk", true },
+ { "top9.fr", true },
{ "topaxi.ch", true },
{ "topaxi.codes", true },
{ "topbigdeals.com", true },
@@ -37390,6 +38236,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "topicit.net", true },
{ "topirishcasinos.com", true },
{ "topjobs.ch", true },
+ { "topkek.ml", true },
{ "toplist.cz", true },
{ "toplist.eu", true },
{ "topnotepad.com", true },
@@ -37405,7 +38252,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "toptec.net.br", true },
{ "toptexture.com", true },
{ "toptheto.com", true },
- { "topvertimai.lt", true },
+ { "topvision.se", true },
{ "topwindowcleaners.co.uk", true },
{ "topworktops.co.uk", true },
{ "toracon.org", true },
@@ -37413,6 +38260,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "torchantifa.org", true },
{ "toreni.us", true },
{ "toretame.jp", true },
+ { "torfbahn.de", true },
{ "torg-room.ru", true },
{ "torkware.com", true },
{ "tormakristof.eu", true },
@@ -37433,10 +38281,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "torresygutierrez.com", true },
{ "torretzalam.com", true },
{ "torservers.net", true },
+ { "torsquad.com", true },
{ "torsten-schmitz.net", true },
{ "torstensenf.de", true },
{ "torte.roma.it", true },
- { "tortocan.com", true },
{ "tortoises-turtles.com", true },
{ "tortugan.com.br", true },
{ "tosainu.com.br", true },
@@ -37445,18 +38293,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "toschool.com.br", true },
{ "toshen.com", true },
{ "toshkov.com", true },
- { "toskana-appartement.de", true },
{ "tosolini.info", true },
{ "tosostav.cz", true },
{ "tosteberg.se", true },
{ "tostu.de", true },
{ "tot-radio.com", true },
{ "totaku.ru", true },
- { "totalbeauty.co.uk", true },
{ "totalbike.com.br", true },
{ "totalcarcheck.co.uk", true },
{ "totalchecklist.com", true },
- { "totaldragonshop.com.br", true },
{ "totalemaildelivery.com", true },
{ "totalforcegym.com", true },
{ "totalhomecareinc.com", true },
@@ -37475,6 +38320,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "touchoflife.in", true },
{ "touchscreentills.com", true },
{ "touchstone.io", true },
+ { "touchtable.nl", true },
{ "touchweb.fr", true },
{ "touchwoodtrees.com.au", true },
{ "touhou.ac.cn", true },
@@ -37496,8 +38342,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "toushi-return.xyz", true },
{ "toushi-shakkin.com", true },
{ "touslesdrivers.com", true },
- { "tout-art.ch", true },
- { "toutart.ch", true },
+ { "toutelathailande.fr", true },
{ "toutenmusic.fr", true },
{ "toutmonexam.fr", true },
{ "toutvendre.be", true },
@@ -37513,6 +38358,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "toverland-tickets.nl", true },
{ "tovp.org", true },
{ "towandalibrary.org", true },
+ { "tower.land", true },
{ "townandcountryus.com", true },
{ "townhousedevelopments.com.au", true },
{ "townhouseregister.com.au", true },
@@ -37520,8 +38366,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "towsonroofers.com", true },
{ "towywebdesigns.uk", true },
{ "tox21.gov", false },
+ { "toycu.de", true },
{ "toymagazine.com.br", true },
{ "toyota-kinenkan.com", true },
+ { "toysale.by", true },
{ "toysperiod.com", true },
{ "tp-iryuubun.com", true },
{ "tp-kabushiki.com", true },
@@ -37549,7 +38397,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "traceroute.guru", true },
{ "traceroute.link", true },
{ "traceroute.network", true },
- { "traces.ml", true },
{ "tracetracker.no", true },
{ "tracfinancialservices.com", true },
{ "tracinsurance.com", true },
@@ -37581,11 +38428,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "traditionskapperscollege.nl", true },
{ "traditionsvivantesenimages.ch", true },
{ "tradiz.org", false },
+ { "tradlost-natverk.se", true },
{ "trafarm.ro", true },
{ "trafas.nl", true },
{ "traffic.az", true },
{ "trafficmanager.ltd", true },
{ "trafficmanager.xxx", true },
+ { "trafficmgr.cn", true },
+ { "trafficmgr.net", true },
{ "trafficologyblueprint.com", true },
{ "trafficpixel.tk", true },
{ "traffixdevices.com", true },
@@ -37596,8 +38446,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trailforks.com", true },
{ "trainex.org", true },
{ "trainhornforums.com", true },
- { "trainhorns.us", true },
{ "trainiac.com.au", true },
+ { "traininghamburg.de", true },
{ "trainline.at", true },
{ "trainline.cn", true },
{ "trainline.com.br", true },
@@ -37640,7 +38490,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tranceheal.de", true },
{ "tranceheal.me", true },
{ "trangcongnghe.com", true },
- { "trangell.com", true },
{ "tranglenull.xyz", true },
{ "tranhsondau.net", false },
{ "tranquillity.se", true },
@@ -37649,7 +38498,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "transcend.org", true },
{ "transcontrol.com.ua", true },
{ "transfer.pw", true },
- { "transferio.nl", true },
{ "transfers.do", true },
{ "transfers.mx", true },
{ "transferserver.at", true },
@@ -37675,7 +38523,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "translate.fedoraproject.org", true },
{ "translate.googleapis.com", true },
{ "translate.stg.fedoraproject.org", true },
- { "translatoruk.co.uk", true },
{ "transmarttouring.com", true },
{ "transmisjeonline.pl", true },
{ "transmitit.pl", true },
@@ -37684,7 +38531,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "transoil.co.uk", true },
{ "transpak-cn.com", true },
{ "transparentcorp.com", true },
- { "transport.eu", true },
{ "transporta.it", true },
{ "transporterlock.com", true },
{ "transumption.com", true },
@@ -37699,33 +38545,36 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trattamenti.biz", true },
{ "trattamento-cotto.it", true },
{ "trauer-beileid.de", true },
+ { "traumwerker.com", true },
{ "traut.cloud", true },
{ "travador.com", true },
{ "travaux-toiture-idf.fr", true },
+ { "travel-dealz.de", true },
{ "travel-to-nature.ch", true },
{ "travel.co.za", true },
{ "travel365.it", true },
{ "travelarmenia.org", true },
{ "traveleets.com", true },
{ "travelemy.com", true },
+ { "travelfield.org", true },
{ "travelholicworld.com", true },
{ "travelinsurance.co.nz", true },
{ "travellers.dating", true },
{ "travellovers.fr", true },
- { "travellsell.com", true },
{ "travelogue.jp", true },
{ "travelphoto.cc", true },
{ "travelrefund.com", true },
{ "travelshack.com", true },
+ { "traverse.com.ua", true },
{ "travi.org", true },
{ "travis.nl", true },
{ "travisf.net", true },
{ "travisforte.io", true },
- { "travisfranck.com", true },
{ "travler.net", true },
{ "trbanka.com", true },
{ "trea98.org", true },
{ "treaslockbox.gov", true },
+ { "trebarov.cz", true },
{ "tree0.xyz", true },
{ "treebaglia.xyz", true },
{ "treehouseresort.nl", true },
@@ -37742,18 +38591,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trek-planet.ru", true },
{ "trekfriend.com", true },
{ "trekkinglife.de", true },
- { "tremlor.com", true },
{ "trendkraft.de", true },
{ "trendreportdeals.com", true },
{ "trendsettersre.com", true },
{ "trendus.no", true },
{ "trendykids.cz", true },
{ "trenta.io", true },
+ { "trenztec.ml", true },
{ "tresor.it", true },
{ "tresorit.com", true },
{ "tresorsecurity.com", true },
{ "tretail.net", true },
- { "tretkowski.de", true },
{ "treussart.com", true },
{ "trevsanders.co.uk", true },
{ "trezy.me", true },
@@ -37767,6 +38615,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trialandsuccess.nl", true },
{ "trialcentralnet.com", true },
{ "trianglecastles.co.uk", true },
+ { "trianglelawngames.com", true },
{ "tribac.de", true },
{ "tribaldos.com", true },
{ "tribaljusticeandsafety.gov", true },
@@ -37774,24 +38623,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tribetrails.com", true },
{ "tribly.de", true },
{ "tribut.de", true },
- { "tributh.ga", true },
- { "tributh.gq", true },
- { "tributh.ml", true },
- { "tributh.tk", true },
+ { "tributh.cf", true },
+ { "tributh.net", true },
{ "tricefy4.com", true },
{ "triciaree.com", true },
{ "trident-online.de", true },
- { "tridentflood.com", true },
{ "trietment.com", true },
{ "trigardon-rg.de", true },
{ "trik.es", false },
+ { "trilithsolutions.com", true },
{ "trillian.im", true },
{ "trilliumvacationrentals.ca", true },
{ "triluxds.com", true },
{ "trim-a-slab.com", true },
{ "trim21.cn", true },
{ "trimage.org", true },
- { "trimarchimanuele.it", true },
{ "trinary.ca", true },
{ "trineco.com", true },
{ "trineco.fi", true },
@@ -37801,9 +38647,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trio.online", true },
{ "triop.se", true },
{ "trior.net", true },
- { "triple-mmm.de", true },
{ "triplekeys.net", true },
{ "tripolistars.com", true },
+ { "tripout.tech", true },
{ "tripp.xyz", true },
{ "tripseats.com", true },
{ "tripsinc.com", true },
@@ -37836,7 +38682,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "troyfawkes.com", true },
{ "troyhunt.com", true },
{ "troyhuntsucks.com", true },
- { "troykelly.com", true },
{ "trs.tn", true },
{ "trtltravel.com", true },
{ "trtruijens.com", true },
@@ -37845,12 +38690,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trucchibellezza.it", true },
{ "truckersmp.com", true },
{ "truckerswereld.nl", false },
- { "truckgpsreviews.com", true },
{ "truckstop-magazin.de", false },
+ { "trucosdescargas.com", true },
{ "true-itk.de", true },
+ { "trueachievements.com", true },
{ "trueassignmenthelp.co.uk", true },
- { "trueblueessentials.com", true },
{ "trueduality.net", true },
+ { "truehempculture.com.au", true },
{ "trueinstincts.ca", true },
{ "truekey.com", true },
{ "truentumvet.it", true },
@@ -37862,6 +38708,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trueteaching.com", true },
{ "truetraveller.com", true },
{ "truetrophies.com", true },
+ { "trueweb.es", true },
{ "trufflemonkey.co.uk", true },
{ "truhlarstvi-fise.cz", true },
{ "trulance.com", true },
@@ -37876,7 +38723,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trustcase.com", true },
{ "trustedbody.com", true },
{ "trustednetworks.nl", true },
- { "trustednewssites.com", true },
{ "trustfield.ch", true },
{ "trustserv.de", true },
{ "truthmessages.pw", true },
@@ -37899,15 +38745,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tryupdates.com", true },
{ "trywesayyes.com", true },
{ "trzepak.pl", true },
- { "ts-publishers.com", true },
- { "ts3-dns.com", true },
- { "ts3-dns.net", false },
{ "ts3-legenda.tech", true },
{ "tsa-sucks.com", true },
{ "tsab.moe", true },
{ "tsai.com.de", true },
{ "tsatestprep.com", true },
{ "tschuermans.be", true },
+ { "tscinsurance.com", true },
{ "tsedryk.ca", true },
{ "tsgkc1.com", true },
{ "tsicons.com", true },
@@ -37948,7 +38792,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ttyystudio.com", true },
{ "tu-immoprojekt.at", true },
{ "tu6.pm", true },
- { "tuang-tuang.com", true },
{ "tuasaude.com", true },
{ "tubanten.nl", true },
{ "tube.tools", true },
@@ -37962,6 +38805,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tucuxi.org", true },
{ "tudiennhakhoa.com", true },
{ "tudorproject.org", true },
+ { "tudulinna.ee", true },
{ "tuev-hessen.de", true },
{ "tufashionista.com", true },
{ "tuffclassified.com", true },
@@ -37990,7 +38834,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tunnelwatch.com", true },
{ "tuntitili.fi", true },
{ "tuotteet.org", true },
- { "tuou.xyz", true },
{ "tupa-germania.ru", true },
{ "tupeuxpastest.ch", true },
{ "tuppenceworth.ie", true },
@@ -37998,6 +38841,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "turdnagel.com", true },
{ "turf-experts.com", true },
{ "turigum.com", true },
+ { "turismodubrovnik.com", true },
{ "turkish.dating", true },
{ "turl.pl", true },
{ "turnaroundforum.de", true },
@@ -38007,7 +38851,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "turnonsocial.com", true },
{ "turpinpesage.fr", true },
{ "tursiae.org", true },
- { "turtle.ai", false },
{ "turtleduckstudios.com", true },
{ "turtlepwr.com", true },
{ "turunculevye.com", true },
@@ -38033,7 +38876,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tuxgeo.com", false },
{ "tuxie.com", true },
{ "tuxlife.net", true },
+ { "tuxone.ch", true },
{ "tuxpeliculas.com", true },
+ { "tuxpi.com", true },
{ "tuxplace.nl", true },
{ "tuxtimo.me", true },
{ "tuxz.net", true },
@@ -38041,6 +38886,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tuzaijidi.com", true },
{ "tv-programme.be", true },
{ "tv-programme.com", true },
+ { "tvbaratas.net", true },
{ "tvbeugels.nl", false },
{ "tvcal.net", true },
{ "tvcmarketing.com", true },
@@ -38050,7 +38896,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tvipper.com", true },
{ "tvleaks.se", true },
{ "tvlplus.net", true },
- { "tvqc.com", true },
{ "tvseries.info", true },
{ "tvsheerenhoek.nl", true },
{ "tvzr.com", true },
@@ -38060,6 +38905,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "twb.berlin", true },
{ "twd2.me", true },
{ "twd2.net", false },
+ { "twdreview.com", true },
+ { "tweak.group", true },
{ "tweakers.com.au", true },
{ "tweakers.net", true },
{ "tweaktown.com", true },
@@ -38073,6 +38920,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "twinkseason.com", true },
{ "twinztech.com", true },
{ "twisata.com", true },
+ { "twistdevelopment.co.uk", true },
{ "twisted-brains.org", true },
{ "twistedwave.com", true },
{ "twisto.cz", true },
@@ -38084,13 +38932,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "twitteroauth.com", true },
{ "twizzkidzinflatables.co.uk", true },
{ "twlan.org", true },
- { "twocornertiming.com", true },
{ "twodadsgames.com", true },
{ "twofactorauth.org", true },
{ "twohuo.com", true },
{ "twopif.net", true },
{ "tworaz.net", true },
{ "twtimmy.com", true },
+ { "twtremind.com", true },
{ "twun.io", true },
{ "twuni.org", true },
{ "txcap.org", true },
@@ -38103,9 +38951,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tyche.io", true },
{ "tycho.org", true },
{ "tycom.cz", true },
- { "tyil.nl", true },
{ "tyil.work", true },
- { "tyl.io", true },
+ { "tykeplay.com", true },
{ "tyler.rs", true },
{ "tylerdavies.net", true },
{ "tylerfreedman.com", true },
@@ -38134,7 +38981,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tzermias.gr", true },
{ "tzifas.com", true },
{ "u-martfoods.com", true },
- { "u-metals.com", true },
+ { "u-tokyo.club", true },
{ "u.nu", true },
{ "u0010.com", true },
{ "u0020.com", true },
@@ -38166,7 +39013,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uberbkk.com", true },
{ "uberboxen.net", true },
{ "uberestimator.com", true },
- { "ubermail.me", true },
+ { "ubertt.org", true },
{ "uberwald.de", true },
{ "uberwald.ws", true },
{ "ubezpieczeniepsa.com", true },
@@ -38176,13 +39023,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ubis.group", true },
{ "ublaboo.org", true },
{ "uborcare.com", true },
- { "ubun.net", true },
+ { "ubunlog.com", true },
{ "ubuntu18.com", true },
{ "ucac.nz", false },
{ "ucangiller.com", true },
+ { "ucasa.org.au", true },
{ "ucch.be", true },
{ "ucfirst.nl", true },
{ "uchargeapp.com", true },
+ { "uclf.de", true },
{ "uclip.club", true },
{ "ucppe.org", true },
{ "ucrdatatool.gov", true },
@@ -38198,13 +39047,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ueberdosis.io", true },
{ "ueberwachungspaket.at", true },
{ "uedaviolin.com", true },
+ { "uefeng.com", true },
{ "uel-thompson-okanagan.ca", true },
{ "ueni.com", true },
+ { "uevan.com", true },
{ "uex.im", true },
{ "ufanisi.mx", true },
{ "ufindme.at", true },
{ "ufplanets.com", true },
{ "ugb-verlag.de", true },
+ { "uggedal.com", true },
{ "ugx-mods.com", true },
{ "uhappy1.com", true },
{ "uhappy11.com", true },
@@ -38234,10 +39086,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uhappy62.com", true },
{ "uhappy66.com", true },
{ "uhappy67.com", true },
- { "uhappy69.com", true },
- { "uhappy70.com", true },
{ "uhappy71.com", true },
- { "uhappy72.com", true },
{ "uhappy73.com", true },
{ "uhappy74.com", true },
{ "uhappy75.com", true },
@@ -38246,8 +39095,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uhappy78.com", true },
{ "uhappy79.com", true },
{ "uhappy8.com", true },
- { "uhappy80.com", true },
- { "uhappy81.com", true },
{ "uhappy82.com", true },
{ "uhappy83.com", true },
{ "uhappy85.com", true },
@@ -38256,7 +39103,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uhappy9.com", true },
{ "uhappy90.com", true },
{ "uhappy99.com", true },
- { "uhasseltodin.be", true },
{ "uhc.gg", true },
{ "uhlhosting.ch", true },
{ "uhrenlux.de", true },
@@ -38264,10 +39110,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uhurl.net", true },
{ "ui8.net", true },
{ "uiberlay.cz", true },
+ { "uicchy.com", true },
{ "uiop.link", true },
{ "uiterwijk.org", true },
{ "uitgeverij-deviant.nl", true },
{ "ujob.com.cn", true },
+ { "ujvary.eu", true },
{ "uk.dating", true },
{ "uk.search.yahoo.com", false },
{ "ukbc.london", true },
@@ -38291,6 +39139,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ulabox.com", true },
{ "uldsh.de", true },
{ "ulen.me", true },
+ { "ulfberht.fi", true },
{ "ulgc.cz", true },
{ "uli-eckhardt.de", true },
{ "ulitroyo.com", true },
@@ -38309,16 +39158,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ultratechlp.com", true },
{ "ultrautoparts.com.au", true },
{ "umanityracing.com", true },
+ { "umbertheprussianblue.com", true },
{ "umbrellaye.online", true },
{ "umbricht.li", true },
{ "umenlisam.com", true },
{ "umisonoda.com", true },
- { "umkmjogja.com", true },
{ "umsapi.com", true },
{ "umwandeln-online.de", true },
{ "un-framed.co.za", true },
{ "un-zero-un.fr", true },
{ "un.fo", true },
+ { "unapolegetic.co", true },
{ "unapp.me", true },
{ "unatco.noip.me", true },
{ "unausa.com.br", true },
@@ -38349,25 +39199,29 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uncensoreddns.dk", true },
{ "uncensoreddns.org", true },
{ "undeadbrains.de", true },
+ { "undecidable.de", true },
{ "undeductive.media", true },
- { "undef.in", true },
+ { "undef.in", false },
{ "underbridgeleisure.co.uk", true },
{ "undercovercondoms.co.uk", true },
{ "underfloorheating-uk.co.uk", true },
{ "underlined.fr", true },
{ "undernet.uy", false },
{ "underskatten.tk", true },
+ { "underwearoffer.com", true },
{ "undo.co.il", true },
- { "undone.me", true },
{ "unece-deta.eu", true },
{ "unedouleur.com", true },
{ "unefleur.be", true },
{ "unerosesurlalune.fr", true },
{ "unexpected.nu", true },
+ { "unfallrechtler.de", true },
+ { "unfc.nl", true },
{ "unfettered.net", false },
{ "unga.dk", true },
+ { "ungaeuropeer.se", true },
{ "ungeek.eu", true },
- { "ungeek.fr", false },
+ { "ungeek.fr", true },
{ "ungegamere.dk", true },
{ "unghie.com", true },
{ "unicef-karten.at", true },
@@ -38396,6 +39250,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uniekglas.nl", true },
{ "unifei.edu.br", true },
{ "uniform-agri.com", true },
+ { "unijob.com.br", true },
{ "unikoingold.com", true },
{ "unila.edu.br", true },
{ "unimbalr.com", true },
@@ -38433,6 +39288,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "universeinform.com", true },
{ "universidadvg.edu.mx", true },
{ "univitale.fr", true },
+ { "unix.se", true },
{ "unixadm.org", true },
{ "unixapp.ml", true },
{ "unixattic.com", true },
@@ -38441,7 +39297,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "unixtime.date", true },
{ "unkrn.com", true },
{ "unlax.com", true },
- { "unleash.pw", true },
{ "unli.xyz", true },
{ "unlocken.nl", true },
{ "unlocktalent.gov", true },
@@ -38449,15 +39304,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "unmonito.red", true },
{ "unn-edu.info", true },
{ "uno-pizza.ru", true },
+ { "uno.fi", true },
{ "unobrindes.com.br", true },
{ "unoccupyabq.org", true },
{ "unp.me", true },
{ "unpkg.com", true },
- { "unpossible.xyz", true },
{ "unpr.dk", true },
{ "unquote.li", true },
{ "unrealircd.org", true },
{ "unrelated.net.au", true },
+ { "uns.vn", true },
{ "unsacsurledos.com", true },
{ "unsee.cc", true },
{ "unseen.is", true },
@@ -38467,18 +39323,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "unsourirealecole.fr", true },
{ "unstablewormhole.ltd", true },
{ "unstamps.org", true },
+ { "unstoppableunits.com", true },
{ "unsuspicious.click", true },
{ "unterfrankenclan.de", true },
{ "unterhaltungsbox.com", true },
{ "unternehmer-radio.de", true },
{ "unternehmerrat-hagen.de", true },
+ { "unterschicht.tv", true },
{ "untethereddog.com", true },
{ "unun.fi", true },
{ "unusualhatclub.com", true },
- { "unworthy.ml", true },
{ "unx.dk", true },
{ "unxicdellum.cat", true },
+ { "uotomizu.com", true },
+ { "upakweship.com", true },
{ "upandrunningtutorials.com", true },
+ { "upay.ru", true },
{ "upbad.com", true },
{ "upbeatrobot.com", true },
{ "upbeatrobot.eu", true },
@@ -38501,7 +39361,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "upperbeaconsfield.org.au", true },
{ "upperroommission.ca", true },
{ "upplevelse.com", true },
- { "upr-info.org", true },
{ "upr.com.ua", true },
{ "uprint.it", true },
{ "uprouteyou.com", true },
@@ -38519,7 +39378,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uptrex.co.uk", true },
{ "upturn.org", true },
{ "upundit.com", true },
- { "upwardtraining.co.uk", true },
{ "upwork.com", true },
{ "upyourfinances.com", true },
{ "ur.nl", true },
@@ -38529,7 +39387,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "urbackups.com", true },
{ "urbalex.ch", true },
{ "urban-culture.fr", true },
- { "urban-karuizawa.co.jp", true },
{ "urban.melbourne", true },
{ "urbancreators.dk", true },
{ "urbandance.club", true },
@@ -38541,8 +39398,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "urbanmelbourne.info", true },
{ "urbannewsservice.com", true },
{ "urbansparrow.in", true },
+ { "urbansurvival.com", true },
{ "urbanwaters.gov", false },
{ "urbanwildlifealliance.org", false },
+ { "urbanxdevelopment.com", true },
{ "urbexdk.nl", true },
{ "urbizoroofing.com", true },
{ "urcentral.com", true },
@@ -38556,7 +39415,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "urist1011.ru", true },
{ "url.fi", true },
{ "url.fm", true },
- { "url.rw", true },
+ { "url.rw", false },
{ "url0.eu", true },
{ "urlaub-busreisen.de", true },
{ "urlaub-leitner.at", true },
@@ -38587,6 +39446,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "usalearning.gov", true },
{ "usaseanconnect.gov", true },
{ "usastaffing.gov", true },
+ { "usb-lock-rp.com", true },
{ "usbcraft.com", true },
{ "usbevents.co.uk", true },
{ "usbr.gov", true },
@@ -38607,7 +39467,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "usimmigration.us", true },
{ "usipvd.ch", true },
{ "usitcolours.bg", true },
- { "uskaria.com", true },
{ "usmint.gov", true },
{ "usninosnikrcni.eu", true },
{ "usnti.com", true },
@@ -38662,7 +39521,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uw1008.com", true },
{ "uw2333.com", true },
{ "uwac.co.uk", false },
- { "uwekoetter.com", true },
{ "uwelilienthal.de", true },
{ "uwsoftware.be", true },
{ "uwvloereruit.nl", true },
@@ -38689,6 +39547,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "v2ray666.com", true },
{ "v4s.ro", true },
{ "va-reitartikel.com", true },
+ { "va.gov", true },
{ "vacationsbyvip.com", true },
{ "vaccines.gov", true },
{ "vacuumpump.co.id", true },
@@ -38697,6 +39556,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vaew.com", true },
{ "vagabond.fr", true },
{ "vagabondgal.com", true },
+ { "vagaerg.com", true },
+ { "vagaerg.net", true },
{ "vagmour.eu", true },
{ "vagpartsdb.com", true },
{ "vagrantbits.com", true },
@@ -38716,9 +39577,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "valek.net", true },
{ "valenciadevops.me", true },
{ "valentin-dederer.de", true },
- { "valentin-ochs.de", true },
{ "valentin-sundermann.de", true },
- { "valentin.ml", true },
{ "valentinberclaz.com", true },
{ "valentineapparel.com", true },
{ "valentineforpresident.com", true },
@@ -38742,15 +39601,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "valleyautoloan.com", true },
{ "valleycode.net", true },
{ "valleydalecottage.com.au", true },
- { "valleyshop.ca", true },
{ "vallutaja.eu", true },
{ "valokuva-albumi.fi", true },
{ "valordolarblue.com.ar", true },
{ "valorem-tax.ch", true },
{ "valoremtax.ch", true },
{ "valoremtax.com", true },
+ { "valorin.net", true },
{ "valorizofficial.com", true },
- { "valshamar.is", true },
{ "valsk.is", false },
{ "valskis.lt", true },
{ "valtlai.fi", true },
@@ -38786,6 +39644,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vanhoudt-usedcars.be", true },
{ "vanhoutte.be", false },
{ "vanhove.biz", true },
+ { "vanlent.net", true },
{ "vanmalland.com", true },
{ "vannaos.com", true },
{ "vannaos.net", true },
@@ -38797,7 +39656,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vantru.is", true },
{ "vanvoro.us", false },
{ "vanwunnik.com", true },
- { "vapecom-shop.com", true },
{ "vapecrunch.com", true },
{ "vapehour.com", true },
{ "vapensiero.co.uk", true },
@@ -38841,6 +39699,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vaskulitis-info.de", true },
{ "vasp.group", true },
{ "vasports.com.au", true },
+ { "vastenotaris.nl", true },
{ "vasyharan.com", true },
{ "vat-eu.com", true },
{ "vat.direct", true },
@@ -38861,11 +39720,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vawomenshealth.com", true },
{ "vaygren.com", true },
{ "vazue.com", true },
- { "vb-oa.co.uk", true },
{ "vb.media", true },
{ "vbazile.com", true },
{ "vbcdn.com", true },
- { "vbestreviews.com", true },
{ "vbh2o.com", true },
{ "vbql.me", true },
{ "vbwinery.com", true },
@@ -38882,11 +39739,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vcti.cloud", true },
{ "vd42.net", true },
{ "vda.li", true },
+ { "vdanker.net", true },
{ "vdbongard.com", true },
{ "vdcomp.cz", false },
{ "vdemuzere.be", true },
{ "vdesc.com", true },
{ "vdisk24.de", true },
+ { "vdlp.nl", true },
{ "vdmeij.com", true },
{ "vdzwan.net", true },
{ "ve.search.yahoo.com", false },
@@ -38900,17 +39759,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vectorwish.com", true },
{ "vedma-praktik.com", true },
{ "veg-leiden.nl", true },
- { "vegalengd.com", true },
{ "vegalitarian.org", true },
{ "veganforum.org", true },
{ "veganism.co.uk", true },
{ "veganism.com", true },
{ "veganmasterrace.com", true },
{ "vegasluxuryestates.com", true },
+ { "vegekoszyk.pl", true },
{ "vegepa.com", true },
{ "vegetariantokyo.net", true },
{ "veggie-treff.de", true },
{ "vegguide.org", true },
+ { "vehicletransportservices.co", true },
{ "veii.de", true },
{ "veil-framework.com", true },
{ "veincenterbrintonlake.com", true },
@@ -38927,7 +39787,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vendreacheter.net", true },
{ "vendserve.eu", true },
{ "veneerssandiego.com", true },
- { "venenum.org", true },
{ "venev.name", true },
{ "venje.pro", true },
{ "ventajasdesventajas.com", true },
@@ -38937,13 +39796,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ventriloservers.biz", true },
{ "venturavwparts.com", true },
{ "venturebanners.co.uk", true },
- { "venturedisplay.co.uk", true },
{ "venturum.com", true },
{ "venturum.de", true },
{ "venturum.eu", true },
{ "venturum.net", true },
{ "ventzke.com", true },
{ "venuedriver.com", true },
+ { "venusbymariatash.com", true },
{ "ver.ma", true },
{ "vera.bg", true },
{ "veramagazine.jp", true },
@@ -38951,6 +39810,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "verberne.nu", true },
{ "verbier-lechable.com", true },
{ "verbierfestival.com", true },
+ { "verboom.co.nz", true },
{ "verdict.gg", true },
{ "verduccies.com", true },
{ "verein-kiekin.de", true },
@@ -38959,11 +39819,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vereinscheck.de", true },
{ "verfassungsklage.at", true },
{ "verge.capital", true },
- { "vergeaccessories.com", true },
{ "vergelijksimonly.nl", true },
{ "vergessen.cn", true },
{ "verhovs.ky", false },
+ { "veri2.com", true },
{ "verifalia.com", true },
+ { "verificaprezzi.it", true },
{ "verifiedjoseph.com", true },
{ "verifiny.com", true },
{ "verifyos.com", true },
@@ -38975,6 +39836,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "veritasinvestmentwealth.com", true },
{ "verizonconnect.com", false },
{ "verizonguidelines.com", true },
+ { "verkeersschoolrichardschut.nl", true },
{ "verliebt-in-bw.de", true },
{ "verliebt-in-niedersachsen.de", true },
{ "vermeerdealers.com", true },
@@ -38985,7 +39847,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vernonchan.com", true },
{ "vernonfigureskatingclub.com", true },
{ "vernonfilmsociety.bc.ca", true },
- { "vernonhouseofhope.com", true },
{ "vernonsecureselfstorage.ca", true },
{ "vernonspeedskatingclub.com", true },
{ "vernonwintercarnival.com", true },
@@ -38995,9 +39856,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "verry.org", true },
{ "vers.one", true },
{ "versagercloud.de", true },
+ { "versalhost.com", true },
+ { "versalhost.nl", true },
{ "versbesteld.nl", true },
+ { "verses.space", true },
{ "versicherungen-werner-hahn.de", true },
{ "versicherungskontor.net", true },
+ { "versolslapeyre.fr", true },
{ "verspai.de", true },
{ "verstraetenusedcars.be", true },
{ "vertebrates.com", true },
@@ -39015,14 +39880,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "verymetal.nl", true },
{ "verzekeringencambier.be", true },
{ "verzekeringsacties.nl", true },
- { "verzick.com", true },
{ "vescudero.net", true },
{ "veslosada.com", true },
{ "vespacascadia.com", true },
{ "vestd.com", true },
{ "vestingbar.nl", true },
{ "vestum.ru", true },
- { "vetbits.com", true },
+ { "vet-planet.com", true },
+ { "vetbits.com", false },
+ { "vetergysurveys.com", true },
{ "veterinarian-hospital.com", true },
{ "veterinario.roma.it", true },
{ "veterinarioaltea.com", true },
@@ -39043,15 +39909,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vgropp.de", true },
{ "vh.net", true },
{ "vhrca.com", true },
+ { "vhs-bad-wurzach.de", true },
{ "vhummel.nl", true },
{ "vi.photo", true },
{ "via-shire-krug.ru", true },
+ { "via.blog.br", true },
+ { "viablog.com.br", true },
{ "viacdn.org", true },
{ "viafinance.cz", false },
{ "viaggio-in-cina.it", true },
- { "viagraonlinebestellen.org", true },
{ "viagusto.pl", true },
{ "viajandoporelmundo.com.ar", true },
+ { "viajaramsterdam.com", true },
{ "viaje-a-china.com", true },
{ "vialorran.com", true },
{ "viaprinto.de", true },
@@ -39061,11 +39930,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vicentee.com", true },
{ "vichiya.com", true },
{ "vician.cz", true },
- { "vicianovi.cz", true },
{ "vicicode.com", true },
- { "viciousflora.com", true },
{ "vicjuwelen-annelore.be", true },
- { "vickshomes.com", true },
{ "victora.com", true },
{ "victorcanera.com", true },
{ "victordiaz.me", true },
@@ -39088,7 +39954,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "victornet.de", true },
{ "victornilsson.pw", true },
{ "victoroilpress.com", true },
+ { "victorricemill.com", true },
{ "victory.radio", true },
+ { "victoryalliance.us", true },
{ "victorzambrano.com", true },
{ "vicyu.com", true },
{ "vid-immobilien.de", true },
@@ -39097,14 +39965,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vidadu.com", true },
{ "vidarity.com", true },
{ "vidbooster.com", true },
- { "vidcloud.xyz", true },
{ "vide-greniers.org", false },
- { "videobola.win", true },
{ "videogamesartwork.com", true },
+ { "videojuegos.com", true },
{ "videokaufmann.at", true },
{ "videomail.io", true },
{ "videosdiversosdatv.com", true },
{ "videoseyredin.net", true },
+ { "videosparatodos.com", true },
{ "videospornogratis.pt", true },
{ "videosqr.com", true },
{ "videov.tk", true },
@@ -39126,15 +39994,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vietnamluxurytravelagency.com", true },
{ "vietnamphotoblog.com", true },
{ "vietnamwomenveterans.org", true },
+ { "vieux.pro", true },
{ "viewbook.com", true },
{ "viewey.com", true },
{ "viewing.nyc", true },
{ "viewmyrecords.com", true },
- { "viga.me", true },
{ "vigenebio.com", true },
{ "vigilantnow.com", true },
{ "vigliano.ovh", true },
{ "vignoblesdeletat.ch", true },
+ { "vigo-krankenversicherung.de", true },
{ "vigo-tarife.de", true },
{ "vigour.us", true },
{ "vigoxatelier.tech", true },
@@ -39150,11 +40019,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vikalpgupta.com", true },
{ "vikapaula.com", true },
{ "vikashkumar.me", true },
+ { "vikaviktoria.com", true },
{ "viking-style.ru", true },
{ "vikings.net", true },
{ "vikodek.com", true },
+ { "viktorbarzin.me", true },
{ "viktorprevaric.eu", true },
{ "vila-eden.cz", true },
+ { "vilaydin.com", true },
{ "viljatori.fi", true },
{ "villa-eden.cz", true },
{ "villa-gockel.de", true },
@@ -39175,6 +40047,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "villesalonen.fi", true },
{ "villu.ga", true },
{ "viltsu.net", true },
+ { "vim.cx", true },
{ "vima.ch", true },
{ "vimeo.com", true },
{ "vinagro.sk", true },
@@ -39189,6 +40062,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vincitraining.com", true },
{ "vinetech.co.nz", true },
{ "vingt.me", true },
+ { "vinigas.com", true },
{ "vinilosdecorativos.net", true },
{ "vinistas.com", true },
{ "vinner.com.au", true },
@@ -39209,7 +40083,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vintagetrailerbuyers.com", true },
{ "vintazh.net", true },
{ "vinticom.ch", true },
- { "vintock.com", true },
{ "vinyculture.com", true },
{ "vinzite.com", true },
{ "violin4fun.nl", true },
@@ -39289,11 +40162,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vitalamin.de", true },
{ "vitalismaatjes.nl", true },
{ "vitalityscience.com", true },
+ { "vitalium-therme.de", true },
{ "vitalthrills.com", true },
{ "vitalware.com", true },
{ "vitalyzhukphoto.com", true },
- { "vitamineproteine.com", true },
{ "vitaminler.com", true },
+ { "vitapingu.de", true },
{ "vitastic.nl", true },
{ "vitavie.nl", true },
{ "viteoscrm.ch", true },
@@ -39376,9 +40250,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vnpem.org", true },
{ "vnvisa.center", true },
{ "vnvisa.ru", true },
- { "vocalik.com", true },
{ "vocaloid.my", true },
{ "vocalviews.com", true },
+ { "vocescruzadasbcs.mx", true },
{ "vochuys.nl", true },
{ "vocus.aero", true },
{ "vocustest.aero", true },
@@ -39396,7 +40270,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "voidpay.com", true },
{ "voidptr.eu", true },
{ "voidx.top", true },
- { "voidzehn.com", true },
{ "voipdigit.nl", true },
{ "voipsun.com", true },
{ "vojtechpavelka.cz", true },
@@ -39419,6 +40292,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vollans.id.au", true },
{ "vollmondstollen.de", true },
{ "voloevents.com", true },
+ { "volqanic.com", true },
{ "volta.io", true },
{ "voltahurt.pl", true },
{ "volto.io", true },
@@ -39428,6 +40302,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vonborstelboerner.de", true },
{ "vonniehudson.com", true },
{ "vonski.pl", true },
+ { "vonterra.us", true },
{ "voodoochile.at", true },
{ "vop.li", true },
{ "vorlage-musterbriefe.de", true },
@@ -39437,7 +40312,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vorlif.org", true },
{ "vorm2.com", true },
{ "vorodevops.com", true },
- { "vorte.ga", true },
{ "vos-fleurs.ch", true },
{ "vos-fleurs.com", true },
{ "vos-systems.com", true },
@@ -39460,13 +40334,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "votre-site-internet.ch", true },
{ "vouchinsurance.sg", true },
{ "vovladikavkaze.ru", true },
+ { "vowsy.club", true },
+ { "vox.vg", true },
{ "voxfilmeonline.net", true },
{ "voxml.com", true },
{ "voxographe.com", false },
{ "voya.ga", true },
{ "voyage-martinique.fr", true },
{ "voyageforum.com", true },
- { "voyageofyume.com", true },
{ "voyagesaufildespages.be", true },
{ "voyageschine.com", true },
{ "voyagesdetective.fr", true },
@@ -39480,7 +40355,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vpsdream.dk", true },
{ "vpsou.com", true },
{ "vpsport.ch", true },
- { "vpsvz.cloud", true },
{ "vpsvz.net", true },
{ "vrandopulo.ru", true },
{ "vrcholovka.cz", true },
@@ -39504,6 +40378,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vsestiralnie.com", true },
{ "vsestoki.com", true },
{ "vsl-defi.ch", true },
+ { "vsl.de", true },
{ "vssnederland.nl", true },
{ "vstehn.ru", true },
{ "vsund.de", true },
@@ -39523,6 +40398,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vulns.sexy", true },
{ "vulnscan.org", true },
{ "vulpine.club", true },
+ { "vulyk-medu.com.ua", true },
{ "vumetric.com", true },
{ "vuojolahti.com", true },
{ "vuojolahti.fi", true },
@@ -39535,6 +40411,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vvdbronckhorst.nl", true },
{ "vvoip.org.uk", true },
{ "vvw-8522.com", true },
+ { "vvzero.cf", true },
{ "vvzero.com", true },
{ "vwbusje.com", true },
{ "vwfsrentacar.co.uk", true },
@@ -39544,7 +40421,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vwsoft.de", true },
{ "vww-8522.com", true },
{ "vx.hn", true },
- { "vxst.org", true },
{ "vxstream-sandbox.com", true },
{ "vybeministry.org", true },
{ "vyber-odhadce.cz", true },
@@ -39571,11 +40447,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "w50.co.uk", true },
{ "w5gfe.org", true },
{ "w7k.de", true },
- { "w84.it", true },
+ { "w889-line.com", true },
+ { "w889-line.net", true },
{ "w889889.com", true },
{ "w889889.net", true },
+ { "w8less.nl", true },
{ "w95.pw", true },
- { "wa-stromerzeuger.de", true },
+ { "wa-stromerzeuger.de", false },
{ "wa.me", true },
{ "waaw.tv", true },
{ "wabatam.com", true },
@@ -39590,19 +40468,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "waffle.at", false },
{ "wafuton.com", true },
{ "wagyu-bader.de", true },
- { "wahhoi.net", true },
{ "wahidhasan.com", true },
+ { "wahlen-bad-wurzach.de", true },
{ "wahlman.org", true },
{ "wahrnehmungswelt.de", true },
{ "wahrnehmungswelten.de", true },
{ "waidfrau.de", true },
- { "waidu.de", true },
{ "waifu-technologies.com", true },
{ "waifu-technologies.moe", true },
{ "waigel.org", true },
{ "waikatowebdesigners.com", true },
{ "wains.be", false },
- { "wait.jp", true },
{ "waiterwheels.com", true },
{ "waits.io", true },
{ "wajtc.com", true },
@@ -39613,6 +40489,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wakhanyeza.org", true },
{ "wakiminblog.com", true },
{ "wala-floor.de", true },
+ { "waldgourmet.de", true },
{ "waldvogel.family", true },
{ "walent.in", true },
{ "walentin.co", true },
@@ -39632,12 +40509,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wallethub.com", false },
{ "walletnames.com", true },
{ "wallinger-online.at", true },
- { "wallingford.cc", true },
{ "wallpapers.pub", true },
{ "wallpaperup.com", true },
{ "walls.de", true },
{ "walls.io", true },
+ { "wallsauce.com", true },
{ "walltime.info", true },
+ { "wallumai.com.au", true },
{ "wallysmasterblaster.com.au", true },
{ "walnutgaming.com", true },
{ "walnutis.net", true },
@@ -39664,10 +40542,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wangbangyu.gq", true },
{ "wangbangyu.ml", true },
{ "wangbangyu.tk", true },
- { "wangjun.me", true },
{ "wangqiliang.cn", true },
{ "wangqiliang.com", true },
- { "wangqiliang.org", true },
{ "wangql.net", true },
{ "wangqr.tk", true },
{ "wangtanzhang.com", true },
@@ -39678,27 +40554,28 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wanlieyan.com", true },
{ "wannaridecostarica.com", true },
{ "wanybug.cf", true },
- { "wanybug.com", true },
{ "wanybug.ga", true },
{ "wanybug.gq", true },
{ "wanybug.tk", true },
+ { "wanyingge.com", true },
{ "wanzenbug.xyz", true },
{ "waonui.io", true },
{ "wapa.gov", true },
+ { "wapazewddamcdocmanui6001.azurewebsites.net", true },
+ { "wapazewrdamcdocmanui6001.azurewebsites.net", true },
+ { "wapenon.com", true },
{ "wapking.co", true },
{ "wapoolandspa.com", true },
{ "wardow.com", true },
{ "warebouncycastles.co.uk", true },
{ "warekit.io", true },
{ "warenits.at", false },
+ { "warenmedia.com", true },
{ "wargameexclusive.com", true },
{ "warhaggis.com", true },
{ "warmservers.com", true },
{ "waroengkoe-shop.com", true },
{ "warofelements.de", true },
- { "warp-radio.com", true },
- { "warp-radio.net", true },
- { "warp-radio.tv", true },
{ "warr.ath.cx", true },
{ "warringtonkidsbouncycastles.co.uk", true },
{ "warschild.org", true },
@@ -39709,13 +40586,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wasema.com", true },
{ "wasfestes.de", true },
{ "wasfuereintheater.com", true },
- { "washandfun.com", true },
{ "washingtonregisteredagent.io", true },
{ "washingtonviews.com", true },
{ "wasi-net.de", true },
{ "wasielewski.com.de", true },
{ "wasil.org", true },
{ "waslh.com", true },
+ { "wasserburg.dk", true },
{ "wasserspucker.de", true },
{ "wassibauer.com", true },
{ "wastrel.ch", true },
@@ -39747,7 +40624,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "watsonwork.me", true },
{ "watvindtnederland.com", true },
{ "waukeect.com", true },
- { "wave-ola.es", true },
{ "wave.is", true },
{ "wave.red", true },
{ "wavengine.com", true },
@@ -39759,6 +40635,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "waycraze.com", true },
{ "wayfair.de", true },
{ "wayfairertravel.com", true },
+ { "waynefranklin.com", true },
{ "wayohoo.com", true },
{ "wayohoo.net", true },
{ "waytt.cf", true },
@@ -39782,11 +40659,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wcrca.org", true },
{ "wcsi.com", true },
{ "wcwcg.net", true },
- { "wd627.com", true },
- { "wd976.com", true },
{ "wdbflowersevents.co.uk", true },
{ "wdbgroup.co.uk", true },
{ "wdic.org", true },
+ { "wdmg.com.ua", true },
{ "wdodelta.nl", true },
{ "wdol.gov", true },
{ "wdt.cz", false },
@@ -39809,6 +40685,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "weather-schools.com", true },
{ "weather.gov", true },
{ "weathermyway.rocks", true },
+ { "web-apps.tech", true },
{ "web-art.cz", true },
{ "web-design.co.il", true },
{ "web-dl.cc", true },
@@ -39853,7 +40730,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "webcookies.org", true },
{ "webcrm.com", true },
{ "webcurtaincall.com", true },
- { "webdeflect.com", true },
{ "webdemaestrias.com", true },
{ "webdesign-st.de", true },
{ "webdesigneauclaire.com", true },
@@ -39865,7 +40741,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "webdevops.io", true },
{ "webdevxp.com", true },
{ "webdl.org", true },
- { "webdollarvpn.io", true },
{ "webduck.nl", false },
{ "webeast.eu", true },
{ "webeau.com", true },
@@ -39886,7 +40761,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "webgears.com", true },
{ "webharvest.gov", true },
{ "webhooks.stream", true },
- { "webhostingshop.ca", true },
{ "webhostingzzp.nl", false },
{ "webhostplan.info", true },
{ "webies.ro", true },
@@ -39910,17 +40784,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "webmetering.at", true },
{ "webministeriet.net", true },
{ "webmotelli.fi", true },
+ { "webmr.de", true },
{ "webnames.ca", true },
{ "webnetforce.net", true },
{ "webnexty.com", true },
- { "webogram.org", false },
{ "webpinoytambayan.net", true },
{ "webpinoytv.info", true },
{ "webpostingmart.com", true },
{ "webpostingpro.com", true },
{ "webpostingreviews.com", true },
{ "webproject.rocks", true },
- { "webproxy.pw", true },
{ "webpubsub.com", true },
{ "webqualitat.com.br", true },
{ "webrebels.org", false },
@@ -39934,11 +40807,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "websenat.de", true },
{ "websharks.org", true },
{ "website-engineering.co.za", true },
+ { "websiteadvice.com.au", true },
{ "websiteboost.nl", true },
{ "websiteforlease.ca", true },
{ "websiteout.ca", true },
{ "websiteout.net", true },
- { "websiterent.ca", true },
{ "websites4business.ca", true },
{ "websitesdallas.com", true },
{ "websiteservice.pro", true },
@@ -39948,6 +40821,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "webspiral.jp", true },
{ "webspire.tech", true },
{ "webstart.nl", true },
+ { "webstellung.com", true },
{ "webstijlen.nl", true },
{ "webstore.be", false },
{ "webstu.be", true },
@@ -39957,6 +40831,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "webtalis.nl", true },
{ "webtasarim.pw", true },
{ "webtheapp.com", true },
+ { "webtobesocial.de", true },
{ "webtorrent.io", true },
{ "webtrh.cz", true },
{ "webtropia.com", false },
@@ -39971,14 +40846,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "webyazilimankara.com", true },
{ "webz.one", true },
{ "wechatify.com", true },
+ { "weck.alsace", true },
{ "wecleanbins.com", true },
{ "wecobble.com", true },
- { "weddingfantasy.ru", true },
+ { "weddingdays.tv", true },
{ "weddingofficiantwilmington.com", true },
{ "weddingsbynoon.co.uk", true },
{ "weddywood.ru", false },
{ "wedg.uk", true },
{ "wedos.com", true },
+ { "weebl.me", true },
{ "weeblr.com", true },
{ "weeblrpress.com", true },
{ "weedlife.com", true },
@@ -40032,13 +40909,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "weissman.agency", true },
{ "weiterbildung-vdz.de", true },
{ "weitergedacht.eu", true },
- { "weixiaojun.org", true },
{ "weizenspr.eu", true },
{ "welcome-tahiti.com", true },
{ "welcome-werkstatt.com", true },
{ "welcome-werkstatt.de", true },
{ "welcome26.ch", true },
- { "welcomehelp.de", true },
{ "welcomescuba.com", true },
{ "welcometoscottsdalehomes.com", true },
{ "weld.io", true },
@@ -40053,9 +40928,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wellness-bonbon.de", true },
{ "wellness-gutschein.de", true },
{ "wellnesscheck.net", true },
+ { "wellnessever.com", true },
{ "wellsolveit.com", false },
{ "welovecatsandkittens.com", true },
- { "welsh.com.br", true },
{ "welshccf.org.uk", true },
{ "welteneroberer.de", true },
{ "weltengilde.de", true },
@@ -40063,17 +40938,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "weltmeister.de", true },
{ "weltverschwoerung.de", true },
{ "welzijnkoggenland.nl", true },
- { "wem.hr", true },
+ { "wem.hr", false },
{ "wemakebookkeepingeasy.com", true },
{ "wemakemenus.com", true },
{ "wemakeonlinereviews.com", true },
{ "wemovemountains.co.uk", true },
{ "wendigo.pl", true },
{ "wendlberger.net", true },
- { "wendu.me", true },
+ { "wener.me", false },
+ { "wenge-murphy.com", true },
{ "wenger-shop.ch", true },
{ "wenjs.me", true },
{ "wensing-und-koenig.de", true },
+ { "wenta.de", true },
{ "wepay.com", false },
{ "wepay.in.th", true },
{ "wepay.vn", true },
@@ -40109,6 +40986,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "werktor.net", true },
{ "wermeester.com", true },
{ "werner-ema.de", true },
+ { "werner-schaeffer.de", true },
+ { "wernerschaeffer.de", true },
{ "werpo.com.ar", true },
{ "wertheimer-burgrock.de", true },
{ "wertpapiertreuhand.de", true },
@@ -40120,7 +40999,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wesleywarnell.com", true },
{ "wesoco.de", true },
{ "wesreportportal.com", true },
- { "wessner.co", true },
{ "wessner.org", true },
{ "west-contemporary.com", true },
{ "west-trans.com.au", true },
@@ -40138,7 +41016,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "westernpadermatologist.com", true },
{ "westeros.hu", true },
{ "westhillselectrical.com", true },
- { "westlaketire.pt", true },
{ "westlakevillageelectric.com", true },
{ "westlakevillageelectrical.com", true },
{ "westlakevillageelectrician.com", true },
@@ -40163,6 +41040,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wette.de", true },
{ "wetten.eu", true },
{ "wevenues.com", true },
+ { "wew881.com", true },
+ { "wew882.com", true },
{ "wewin88.com", true },
{ "wewin88.net", true },
{ "wewitro.de", true },
@@ -40170,8 +41049,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wexfordbouncycastles.ie", true },
{ "wexilapp.com", true },
{ "weyland-yutani.org", true },
- { "weynaphotography.com", true },
{ "wezartt.com", true },
+ { "wezl.net", true },
{ "wf-bigsky-master.appspot.com", true },
{ "wf-demo-eu.appspot.com", true },
{ "wf-demo-hrd.appspot.com", true },
@@ -40203,7 +41082,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "whatclinic.de", true },
{ "whatclinic.ie", true },
{ "whatclinic.ru", true },
+ { "whatdevotion.com", true },
{ "whateveraspidercan.com", true },
+ { "whatisapassword.com", true },
{ "whatismycountry.com", true },
{ "whatismyip.net", false },
{ "whatismyipaddress.ca", true },
@@ -40214,6 +41095,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "whatsmychaincert.com", true },
{ "whatsupgold.com.tw", true },
{ "whatsupoutdoor.com", true },
+ { "whatthefile.info", true },
{ "whatthingsweigh.com", true },
{ "whattominingrigrentals.com", true },
{ "whatusb.com", true },
@@ -40233,16 +41115,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "whexit.nl", true },
{ "whey-protein.ch", true },
{ "whiletrue.run", true },
- { "whimtrip.fr", false },
{ "whing.org", true },
{ "whipnic.com", true },
{ "whirlpool-luboss.de", true },
{ "whirlpool.net.au", true },
{ "whisky-circle.info", true },
{ "whiskygentle.men", true },
+ { "whiskyglazen.nl", false },
{ "whiskynerd.ca", true },
{ "whisp.ly", false },
{ "whispeer.de", true },
+ { "whisperinghoperanch.org", true },
{ "whisperlab.org", true },
{ "whistleb.com", true },
{ "whistleblower.gov", true },
@@ -40284,11 +41167,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "who-calledme.com", true },
{ "who.pm", true },
{ "whoami.io", true },
- { "whoasome.com", true },
{ "whocalld.com", true },
{ "whocalled.us", true },
{ "whocybered.me", true },
- { "whoimg.com", true },
+ { "whoimg.com", false },
{ "whoisdhh.com", true },
{ "whoisthenightking.com", true },
{ "whoiswp.com", true },
@@ -40311,7 +41193,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "whyworldhot.com", true },
{ "whyz1722.tk", true },
{ "wibbe.link", true },
- { "wiberg.nu", true },
{ "wichitafoundationpros.com", true },
{ "wickrath.net", true },
{ "wideboxmacau.com", false },
@@ -40330,11 +41211,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wiek.net", true },
{ "wien52.at", true },
{ "wieneck-bauelemente.de", true },
+ { "wiener.hr", true },
{ "wienergyjobs.com", true },
{ "wieobensounten.de", true },
{ "wifi-hack.com", true },
{ "wifi-names.com", true },
- { "wifimask.com", true },
{ "wifipineapple.com", true },
{ "wifirst.net", true },
{ "wifree.lv", true },
@@ -40405,10 +41286,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "williamfeely.info", true },
{ "williamjohngauthier.net", true },
{ "williamle.com", true },
+ { "williampuckering.com", true },
{ "williamscomposer.com", true },
{ "williamsonshore.com", true },
{ "williamsportmortgages.com", true },
- { "williamsroom.com", true },
{ "williamtm.com", true },
{ "willnorris.com", true },
{ "willow.technology", true },
@@ -40428,6 +41309,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wimbo.nl", true },
{ "wimpernforyou.de", true },
{ "win7stylebuilder.com", false },
+ { "win88-line.com", true },
+ { "win88-line.net", true },
{ "winbignow.click", true },
{ "winbuzzer.com", true },
{ "wincasinowin.click", true },
@@ -40449,6 +41332,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wine-tapa.com", true },
{ "wineparis.com", true },
{ "winepress.org", true },
+ { "winfieldchen.me", true },
{ "winghill.com", true },
{ "wingify.com", true },
{ "wingmin.net", true },
@@ -40478,6 +41362,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wir-bewegen.sh", true },
{ "wircon-int.net", true },
{ "wire.com", true },
+ { "wireframesoftware.com", true },
{ "wireheading.com", true },
{ "wireshark.org", true },
{ "wiretime.de", true },
@@ -40488,13 +41373,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wirsol.com", true },
{ "wis.no", true },
{ "wisak.me", true },
- { "wisal.org", true },
{ "wischu.com", true },
{ "wisedog.eu", true },
{ "wishlist.net", true },
{ "wispapp.com", false },
{ "wisper.net.au", true },
{ "wispsuperfoods.com", true },
+ { "wiss.co.uk", true },
+ { "wissamnr.be", true },
{ "wisv.ch", true },
{ "wisweb.no", true },
{ "wit.ai", true },
@@ -40515,6 +41401,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wiz.biz", true },
{ "wiz.farm", true },
{ "wizardbouncycastles.co.uk", true },
+ { "wizzair.com", true },
{ "wizzley.com", true },
{ "wizzr.nl", true },
{ "wj0666.com", true },
@@ -40552,10 +41439,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "woah.how", true },
{ "wobble.ninja", true },
{ "wobblywotnotz.co.uk", true },
- { "wodboss.com", true },
{ "wodinaz.com", true },
{ "wodka-division.de", true },
{ "woelkchen.me", true },
+ { "wofflesoft.com", true },
{ "wofford-ecs.org", true },
{ "woffs.de", true },
{ "wogo.org", true },
@@ -40573,9 +41460,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wolfgang-kerschbaumer.at", true },
{ "wolfgang-kerschbaumer.com", true },
{ "wolfgang-kerschbaumer.net", true },
+ { "wolfgang-kloke.de", true },
{ "wolfgang-ziegler.com", true },
{ "wolfie.ovh", false },
{ "wolfsden.cz", true },
+ { "wolfshuegelturm.de", true },
{ "wolfvideoproductions.com", true },
{ "wolfwings.us", true },
{ "wolfy1339.com", false },
@@ -40588,7 +41477,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "woltlab-demo.com", true },
{ "womb.city", true },
{ "wombatalla.com.au", true },
+ { "wombatnet.com", true },
{ "wombats.net", true },
+ { "wombere.org", true },
{ "womcom.nl", true },
{ "women-only.net", true },
{ "womensalespros.com", true },
@@ -40608,7 +41499,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wood-crafted.co.uk", true },
{ "wood-crafted.uk", true },
{ "woodbury.io", true },
- { "woodcoin.org", false },
+ { "woodcoin.org", true },
+ { "woodenson.com", true },
{ "woodev.us", true },
{ "woodinvillesepticservice.net", true },
{ "woodlandhillselectrical.com", true },
@@ -40623,7 +41515,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "woohooyeah.nl", true },
{ "woonboulevardvolendam.nl", true },
{ "woontegelwinkel.nl", true },
- { "wooplagaming.com", true },
{ "wootware.co.za", true },
{ "wopr.network", true },
{ "worca.de", true },
@@ -40651,9 +41542,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "workingclassmedia.com", true },
{ "workinginsync.co.uk", true },
{ "workingmachine.info", true },
+ { "worklizard.com", true },
{ "workmart.mx", true },
{ "workoptions.com", true },
- { "workplaces.online", true },
{ "workraw.com", true },
{ "workray.com", true },
{ "works-ginan.jp", true },
@@ -40673,19 +41564,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "worldofarganoil.com", true },
{ "worldofbelia.de", true },
{ "worldofparties.co.uk", true },
- { "worldofterra.net", true },
{ "worldofvnc.net", true },
{ "worldofwobble.co.uk", true },
{ "worldpeacetechnology.com", true },
+ { "worldrecipes.eu", true },
{ "worldsgreatestazuredemo.com", true },
{ "worldsinperil.it", true },
{ "worldsoccerclips.com", true },
{ "worldstone777.com", true },
{ "worldtalk.de", true },
{ "wormbytes.ca", true },
- { "wormdisk.net", true },
{ "worst.horse", false },
{ "wort-suchen.de", true },
+ { "woshiluo.site", true },
{ "wot-tudasbazis.hu", true },
{ "woti.dedyn.io", true },
{ "wotra-register.com", true },
@@ -40706,7 +41597,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wowjs.uk", true },
{ "wownmedia.com", true },
{ "wozalapha.com", true },
- { "wp-bullet.com", true },
{ "wp-master.org", true },
{ "wp-mix.com", true },
{ "wp-securehosting.com", true },
@@ -40721,10 +41611,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wpccu.org", true },
{ "wpcdn.bid", true },
{ "wpcharged.nz", true },
- { "wpdesigner.ir", true },
{ "wpdirecto.com", true },
- { "wpdublin.com", true },
{ "wpenhance.com", true },
+ { "wpexplainer.com", true },
{ "wpexplorer.com", true },
{ "wpformation.com", true },
{ "wpgoblin.com", true },
@@ -40735,6 +41624,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wplistings.pro", true },
{ "wpmeetup-berlin.de", true },
{ "wpmu-tutorials.de", true },
+ { "wpno.com", true },
{ "wpoptimalizace.cz", true },
{ "wpostats.com", false },
{ "wpscans.com", true },
@@ -40747,18 +41637,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wpsono.com", true },
{ "wpthaiuser.com", true },
{ "wptomatic.de", true },
+ { "wptorium.com", true },
{ "wptotal.com", true },
{ "wpturnedup.com", true },
{ "wpvulndb.com", true },
{ "wq.ro", true },
{ "wr.su", true },
- { "wrara.org", true },
{ "wrathofgeek.com", true },
{ "wrc-results.com", true },
{ "wrdcfiles.ca", true },
{ "wrdx.io", true },
{ "wrenwrites.com", true },
{ "wrgms.com", true },
+ { "wrightselfstorageandremovals.com", true },
{ "wristreview.com", true },
{ "write-right.net", true },
{ "writeandedit-for-you.com", true },
@@ -40787,6 +41678,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wsadek.ovh", true },
{ "wsb.pl", true },
{ "wscales.com", false },
+ { "wscbiolo.id", true },
{ "wsdcapital.com", true },
{ "wselektro.de", true },
{ "wsgvet.com", true },
@@ -40817,12 +41709,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wuifan.com", true },
{ "wuji.cz", true },
{ "wumai-p.cn", true },
- { "wumbo.cf", true },
{ "wumbo.co.nz", true },
- { "wumbo.ga", true },
- { "wumbo.gq", true },
- { "wumbo.ml", true },
- { "wumbo.tk", true },
+ { "wunder.io", true },
{ "wunderkarten.de", true },
{ "wunderlist.com", true },
{ "wundernas.ch", true },
@@ -40832,17 +41720,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wuppertaler-kurrende.com", false },
{ "wuppertaler-kurrende.de", false },
{ "wutianyi.com", true },
- { "wuwuwu.me", true },
+ { "wuwuwu.me", false },
{ "wuxiaobai.win", true },
{ "wuxiaohen.com", true },
{ "wuyue.photo", true },
{ "wv-n.de", true },
{ "wvg.myds.me", true },
- { "wvv-8522.com", true },
{ "wvw-8522.com", true },
{ "ww0512.com", true },
{ "ww2onlineshop.com", true },
- { "wwbsb.xyz", true },
{ "wweforums.net", true },
{ "wweichen.com.cn", true },
{ "wwgc2011.se", true },
@@ -40859,8 +41745,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "www-pj009.com", true },
{ "www.aclu.org", false },
{ "www.airbnb.com", true },
+ { "www.amazon.ca", true },
{ "www.amazon.cn", true },
+ { "www.amazon.co.jp", true },
+ { "www.amazon.co.uk", true },
+ { "www.amazon.com", true },
+ { "www.amazon.com.au", true },
+ { "www.amazon.com.br", true },
+ { "www.amazon.com.mx", true },
+ { "www.amazon.de", true },
{ "www.amazon.es", true },
+ { "www.amazon.fr", true },
+ { "www.amazon.it", true },
+ { "www.amazon.nl", true },
{ "www.apollo-auto.com", true },
{ "www.banking.co.at", false },
{ "www.braintreepayments.com", false },
@@ -40919,6 +41816,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "www.wepay.com", false },
{ "www.wordpress.com", false },
{ "www.zdnet.com", true },
+ { "wx37.ac.cn", true },
{ "wxcafe.net", true },
{ "wxdisco.com", true },
{ "wxforums.com", true },
@@ -40926,13 +41824,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wxkxsw.com", true },
{ "wxlog.cn", true },
{ "wxster.com", true },
- { "wyam.io", false },
+ { "wxzm.sx", true },
+ { "wyam.io", true },
{ "wybar.uk", true },
{ "wycrow.com", false },
{ "wyday.com", true },
{ "wygibanki.pl", true },
{ "wygodnie.pl", true },
{ "wyhpartnership.co.uk", true },
+ { "wylog.ph", true },
{ "wynterhill.co.uk", true },
{ "wyo.cam", true },
{ "wypemagazine.se", true },
@@ -40944,9 +41844,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wyydsb.com", true },
{ "wyydsb.xin", true },
{ "wyysoft.tk", true },
- { "wzfetish.com.br", true },
{ "wzfou.com", true },
- { "wzrd.in", true },
{ "wzyboy.org", true },
{ "x-iweb.ru", true },
{ "x-lan.be", true },
@@ -40972,6 +41870,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xants.de", true },
{ "xatr0z.org", false },
{ "xawen.net", false },
+ { "xb6638.com", true },
+ { "xb6673.com", true },
+ { "xb851.com", true },
+ { "xb862.com", true },
+ { "xb913.com", true },
+ { "xb917.com", true },
+ { "xb925.com", true },
+ { "xb927.com", true },
+ { "xb965.com", true },
+ { "xb983.com", true },
{ "xbb.hk", true },
{ "xbb.li", true },
{ "xbertschy.com", true },
@@ -40979,13 +41887,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xboxdownloadthat.com", true },
{ "xboxlivegoldshop.nl", true },
{ "xboxonex.shop", true },
+ { "xbpay88.com", true },
{ "xbrl.online", true },
{ "xbrlsuccess.appspot.com", true },
{ "xbt.co", true },
{ "xbtce.com", true },
{ "xbtmusic.org", false },
+ { "xceedgaming.com", true },
{ "xcentricmold.com", true },
- { "xcler8.com", true },
{ "xclirion-support.de", true },
{ "xcorpsolutions.com", true },
{ "xcvb.xyz", true },
@@ -40994,6 +41903,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xdawn.cn", true },
{ "xdeftor.com", true },
{ "xdos.io", true },
+ { "xecure.zone", true },
+ { "xecureit.com", true },
{ "xeedbeam.me", true },
{ "xega.org", true },
{ "xehost.com", true },
@@ -41046,6 +41957,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xiaoniaoyou.com", true },
{ "xiaoyu.net", true },
{ "xiaoyy.org", true },
+ { "xiashali.me", true },
{ "xichtsbuch.de", true },
{ "xicreative.net", true },
{ "xiecongan.org", true },
@@ -41055,15 +41967,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xiliant.com", false },
{ "xilkoi.net", true },
{ "xilou.org", true },
+ { "ximble.com", true },
{ "ximbo.net", true },
+ { "xinbo270.com", true },
+ { "xinbo676.com", true },
+ { "xinboyule.com", true },
{ "xinj.com", true },
+ { "xinlandm.com", true },
{ "xinnixdeuren-shop.be", true },
{ "xinplay.net", true },
+ { "xinu.xyz", true },
{ "xinuspeed.com", true },
{ "xinuspeedtest.com", true },
{ "xinuurl.com", true },
- { "xiongx.cn", true },
- { "xj8876.com", true },
{ "xjd.vision", true },
{ "xjf6.com", true },
{ "xjjeeps.com", true },
@@ -41075,6 +41991,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xkviz.net", true },
{ "xlan.be", true },
{ "xlange.com", true },
+ { "xldl.ml", true },
{ "xliang.co", true },
{ "xlui.me", true },
{ "xluxes.jp", true },
@@ -41084,7 +42001,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xmenrevolution.com", true },
{ "xmine128.tk", true },
{ "xmlbeam.org", true },
- { "xmlogin288.com", true },
{ "xmodule.org", true },
{ "xmpp.dk", true },
{ "xmppwocky.net", true },
@@ -41095,13 +42011,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn----7sbfl2alf8a.xn--p1ai", true },
{ "xn----8hcdn2ankm1bfq.com", true },
{ "xn----8sbjfacqfqshbh7afyeg.xn--80asehdb", true },
+ { "xn----9sbkdigdao0de1a8g.com", true },
{ "xn----zmcaltpp1mdh16i.com", true },
{ "xn--0iv967ab7w.xn--rhqv96g", true },
{ "xn--0kq33cz5c8wmwrqqw1d.com", true },
{ "xn--158h.ml", true },
+ { "xn--15tx89ctvm.xn--6qq986b3xl", true },
{ "xn--24-6kch4bfqee.xn--p1ai", true },
{ "xn--24-glcia8dc.xn--p1ai", true },
{ "xn--48jwg508p.net", true },
+ { "xn--4dbfsnr.xn--9dbq2a", true },
{ "xn--4kro7fswi.xn--6qq986b3xl", true },
{ "xn--4pv80kkz8auzf.jp", true },
{ "xn--57h.ml", true },
@@ -41114,11 +42033,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--7xa.google.com", true },
{ "xn--80adb4aeode.xn--p1ai", true },
{ "xn--80adbevek3air0ee9b8d.com", true },
+ { "xn--80adbvdjzhptl1be6j.com", true },
{ "xn--80aejljbfwxn.xn--p1ai", true },
{ "xn--80anogxed.xn--p1ai", true },
{ "xn--80azelb.xn--p1ai", true },
{ "xn--8bi.gq", true },
- { "xn--8dry00a7se89ay98epsgxxq.com", true },
{ "xn--90accgba6bldkcbb7a.xn--p1acf", true },
{ "xn--allgu-biker-o8a.de", true },
{ "xn--aviao-dra1a.pt", true },
@@ -41132,26 +42051,26 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--cckdrt0kwb4g3cnh.com", true },
{ "xn--cctsgy36bnvprwpekc.com", true },
{ "xn--cfa.site", true },
+ { "xn--circul-gva.cc", true },
+ { "xn--circul-u3a.cc", true },
{ "xn--d1acj9c.xn--90ais", true },
{ "xn--dcko6fsa5b1a8gyicbc.biz", true },
{ "xn--dej-3oa.lv", true },
{ "xn--detrkl13b9sbv53j.com", true },
{ "xn--detrkl13b9sbv53j.org", true },
- { "xn--die-zahnrzte-ncb.de", true },
{ "xn--dmonenjger-q5ag.net", true },
{ "xn--dragni-g1a.de", true },
{ "xn--dtursfest-72a.dk", true },
{ "xn--e1aoahhqgn.xn--p1ai", true },
{ "xn--ecki0cd0bu9a4nsjb.com", true },
{ "xn--eckle6c0exa0b0modc7054g7h8ajw6f.com", true },
- { "xn--ehq13kgw4e.ml", true },
{ "xn--ehqw04eq6e.jp", true },
- { "xn--elsignificadodesoar-c4b.com", true },
{ "xn--erklderbarenben-slbh.dk", true },
{ "xn--et8h.cf", true },
{ "xn--f9jh4f4b4993b66s.tokyo", true },
{ "xn--familie-pppinghaus-l3b.de", true },
{ "xn--feuerlscher-arten-4zb.de", true },
+ { "xn--fiestadefindeao-crb.com", true },
{ "xn--fiqwix98h.jp", true },
{ "xn--fischereiverein-mnsterhausen-i7c.de", true },
{ "xn--fp8h58f.ws", true },
@@ -41171,14 +42090,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--jp8hx8f.ws", true },
{ "xn--kckd0bd4a8tp27yee2e.com", true },
{ "xn--kda.tk", true },
- { "xn--keditr-0xa.biz", true },
{ "xn--klmek-0sa.com", true },
{ "xn--knstler-n2a.tips", false },
{ "xn--krpto-lva.de", true },
{ "xn--ktha-kamrater-pfba.se", true },
+ { "xn--labanskllermark-ftb.se", true },
{ "xn--lckwg.net", true },
{ "xn--love-un4c7e0d4a.com", true },
{ "xn--lsaupp-iua.se", true },
+ { "xn--lskieradio-3gb44h.pl", true },
{ "xn--lsupp-mra.net", true },
{ "xn--manuela-stsser-psb.de", true },
{ "xn--martnvillalba-zib.com", true },
@@ -41189,13 +42109,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--mgbbh2a9fub.xn--ngbc5azd", false },
{ "xn--mgbmmp7eub.com", true },
{ "xn--mgbpkc7fz3awhe.com", true },
+ { "xn--mgbuq0c.net", true },
{ "xn--mllers-wxa.info", true },
{ "xn--myrepubic-wub.net", true },
{ "xn--myrepublc-x5a.net", true },
{ "xn--n8j7dygrbu0c31a5861bq8qb.com", true },
{ "xn--n8jp5083dnzs.net", true },
{ "xn--n8jtcugp92n4wc738f.net", true },
- { "xn--nf1a578axkh.xn--fiqs8s", true },
{ "xn--nrrdetval-v2ab.se", true },
{ "xn--o38h.tk", true },
{ "xn--obt757c.com", true },
@@ -41211,7 +42131,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--r8jzaf7977b09e.com", true },
{ "xn--rdiger-kuhlmann-zvb.de", true },
{ "xn--reisebro-herrsching-bbc.de", true },
- { "xn--rlcus7b3d.xn--xkc2dl3a5ee0h", true },
{ "xn--roselire-60a.ch", true },
{ "xn--roselire-60a.com", true },
{ "xn--rt-cja.ie", true },
@@ -41219,6 +42138,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--ruanmller-u9a.com", true },
{ "xn--s-1gaa.fi", true },
{ "xn--schlerzeitung-ideenlos-ulc.de", true },
+ { "xn--schpski-c1a.de", true },
{ "xn--schsischer-christstollen-qbc.shop", true },
{ "xn--seelenwchter-mcb.eu", true },
{ "xn--spenijmazania-yhc.pl", true },
@@ -41228,7 +42148,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--t8j4aa4nyhxa7duezbl49aqg5546e264d.net", true },
{ "xn--t8j4aa4nzg3a5euoxcwee.xyz", true },
{ "xn--tigreray-i1a.org", true },
- { "xn--trdler-xxa.xyz", true },
{ "xn--u8jwd.ga", true },
{ "xn--u9j0ia6hb7347cg8wavz0avb0e.com", true },
{ "xn--u9jv84l7ea468b.com", true },
@@ -41238,8 +42157,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--wq9h.ml", true },
{ "xn--y-5ga.com", true },
{ "xn--y8j148r.xn--q9jyb4c", true },
- { "xn--y8ja6lb.xn--q9jyb4c", true },
{ "xn--y8jarb5hca.jp", true },
+ { "xn--yrvp1ac68c.xn--6qq986b3xl", true },
{ "xn--zettlmeil-n1a.de", true },
{ "xn--zr9h.cf", true },
{ "xn--zr9h.ga", true },
@@ -41251,17 +42170,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xninja.xyz", true },
{ "xnode.org", true },
{ "xntrik.wtf", true },
+ { "xnu.kr", true },
{ "xo.tc", true },
{ "xo7.ovh", true },
{ "xolphin.nl", true },
{ "xombitgames.com", true },
{ "xombitmusic.com", true },
- { "xone.cz", true },
+ { "xone.cz", false },
{ "xonn.de", true },
{ "xoonth.net", true },
{ "xp-ochrona.pl", true },
{ "xp2.de", true },
{ "xpd.se", true },
+ { "xperiacode.com", true },
{ "xperidia.com", true },
{ "xpletus.nl", true },
{ "xplore-dna.net", true },
@@ -41269,12 +42190,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xposedornot.com", true },
{ "xps2pdf.co.uk", true },
{ "xps2pdf.info", true },
- { "xq55.com", false },
{ "xqk7.com", true },
{ "xr.cx", true },
{ "xr1s.me", true },
{ "xrg.cz", true },
+ { "xrippedhd.com", true },
{ "xrockx.de", true },
+ { "xrptoolkit.com", true },
{ "xrwracing-france.com", true },
{ "xs2a.no", true },
{ "xs74.com", true },
@@ -41315,6 +42237,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xunn.io", true },
{ "xuntier.ch", true },
{ "xuyh0120.win", true },
+ { "xvii.pl", true },
{ "xviimusic.com", true },
{ "xvt-blog.tk", true },
{ "xwalck.se", true },
@@ -41326,7 +42249,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xxxsuper.net", true },
{ "xyenon.bid", true },
{ "xyfun.net", false },
- { "xyngular-health.com", true },
{ "xywing.com", true },
{ "xyzulu.hosting", true },
{ "xza.fr", true },
@@ -41339,6 +42261,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yacobo.com", true },
{ "yado-furu.com", true },
{ "yafuoku.ru", true },
+ { "yageys.com", true },
{ "yagihiro.tech", true },
{ "yahan.tv", true },
{ "yaharu.ru", true },
@@ -41357,11 +42280,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yame2.com", true },
{ "yamilafeinart.de", true },
{ "yamm.io", true },
+ { "yan.lt", true },
{ "yanaduday.com", true },
{ "yanbao.xyz", true },
{ "yandere.moe", true },
{ "yangjingwen.cn", true },
{ "yangmaodang.org", true },
+ { "yangmi.blog", true },
{ "yanngraf.ch", true },
{ "yanngraf.com", true },
{ "yannic.world", true },
@@ -41375,7 +42300,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yanuwa.com", true },
{ "yapbreak.fr", true },
{ "yarcom.ru", false },
- { "yarogneva.ru", true },
{ "yarravilletownhouses.com.au", true },
{ "yaru.one", true },
{ "yassine-ayari.com", true },
@@ -41385,9 +42309,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yatsuenpoon.com", true },
{ "yaup.tk", true },
{ "yawen.me", true },
- { "yawnbox.com", true },
{ "yaxim.org", true },
- { "yayart.club", true },
{ "yazaral.com", true },
{ "ybin.me", true },
{ "ybresson.com", true },
@@ -41396,18 +42318,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ybti.net", true },
{ "ybzhao.com", true },
{ "ych.art", true },
- { "ycherbonnel.fr", true },
{ "ychon.com", true },
{ "ychong.com", true },
{ "yclan.net", true },
{ "ycnrg.org", true },
{ "yd.io", true },
{ "yeapdata.com", true },
- { "yecl.net", true },
+ { "yecl.net", false },
{ "yeesker.com", true },
{ "yell.ml", true },
{ "yellotalk.co", true },
- { "yellowfly.co.uk", true },
{ "yellowpages.ee", true },
{ "yellowtaillasvegas.com", true },
{ "yellowtree.co.za", true },
@@ -41449,7 +42369,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yenpape.com", true },
{ "yep-pro.ch", true },
{ "yephy.com", true },
- { "yeshu.org", true },
{ "yesiammaisey.me", true },
{ "yeskx.com", true },
{ "yeswecan.co.bw", true },
@@ -41463,6 +42382,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yeyi.site", true },
{ "yfengs.moe", true },
{ "ygobbs.com", true },
+ { "ygrene.com", true },
+ { "ygreneworks.com", true },
{ "yh599.cc", true },
{ "yhaupenthal.org", true },
{ "yhb.io", true },
@@ -41472,23 +42393,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yhndnzj.com", true },
{ "yhong.me", true },
{ "yhrd.org", true },
- { "yicknam.my", true },
+ { "yigujin.cn", true },
{ "yiheng.moe", true },
{ "yii2.cc", true },
{ "yikeyong.com", true },
- { "yimgo.fr", true },
{ "yinfor.com", true },
{ "yingatech.com", true },
{ "yinglinda.love", true },
{ "yinlei.org", true },
+ { "yisin.net", true },
{ "yiyuanzhong.com", true },
{ "yiyueread.com", true },
{ "yiz96.com", true },
{ "yjsoft.me", true },
- { "yjsw.sh.cn", true },
- { "ykhut.com", true },
{ "yksityisyydensuoja.fi", true },
- { "ylde.de", true },
{ "ylinternal.com", true },
{ "ymarion.de", true },
{ "ymblaw.com", true },
@@ -41502,7 +42420,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yobai28.com", true },
{ "yobbelwobbel.de", false },
{ "yobify.com", true },
- { "yocchan1513.net", true },
{ "yoga-alliance-teacher-training.com", true },
{ "yoga-bad-toelz.de", true },
{ "yoga-in-aying.de", true },
@@ -41519,12 +42436,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yoitoko.city", true },
{ "yoitsu.moe", true },
{ "yokohama-legaloffice.jp", true },
+ { "yokone3-kutikomi.com", true },
{ "yolo.jetzt", true },
{ "yolobert.de", true },
{ "yoloboatrentals.com", true },
{ "yolops.net", true },
{ "yombo.net", true },
{ "yon.co.il", true },
+ { "yongbin.org", true },
{ "yoonas.com", true },
{ "yooooex.com", true },
{ "yoppoy.com", true },
@@ -41536,13 +42455,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yorkshireinflatables.co.uk", true },
{ "yosbeda.com", true },
{ "yosemo.de", true },
- { "yosheenetwork.fr", true },
{ "yoshibaworks.com", true },
{ "yoshitsugu.net", true },
{ "yosida-dental.com", true },
+ { "yosida95.com", true },
{ "yospos.org", true },
{ "yoticonnections.com", true },
- { "yotilab.com", true },
{ "yotta-zetta.com", true },
{ "yotubaiotona.net", true },
{ "you.com.br", true },
@@ -41550,12 +42468,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "youareme.ca", true },
{ "youc.ir", true },
{ "youcanfuckoff.xyz", true },
- { "youcanmakeit.at", true },
{ "youcruit.com", true },
{ "youdungoofd.com", true },
{ "youftp.tk", true },
{ "yougee.ml", true },
- { "yougot.pw", true },
{ "youhacked.me", true },
{ "youhavewords.com", true },
{ "youhua.ru", true },
@@ -41564,6 +42480,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "youked.com", true },
{ "youkok2.com", true },
{ "youlovehers.com", true },
+ { "youmiracle.com", true },
{ "youms.de", true },
{ "young-sheldon.com", true },
{ "youngauthentic.cf", true },
@@ -41584,10 +42501,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yourcomputer.expert", true },
{ "yourcopywriter.it", true },
{ "yourforex.org", true },
- { "yourfriendlytech.com", true },
{ "yourfuntrivia.com", true },
{ "yourfuturestrategy.com.au", true },
- { "yourgadget.ro", true },
{ "yourgames.tv", true },
{ "yourlanguages.de", true },
{ "yourmemorykeeper.co.uk", true },
@@ -41614,9 +42529,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yr166166.com", true },
{ "yrjanheikki.com", true },
{ "ys-shop.biz", true },
+ { "ysicing.me", true },
+ { "ysicing.net", true },
{ "ysicorp.com", true },
{ "yslbeauty.com", true },
- { "yspeo.biz", true },
{ "ysun.xyz", true },
{ "ytec.ca", true },
{ "ytpak.pk", true },
@@ -41684,10 +42600,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yubikeyservices.eu", true },
{ "yubiking.com", true },
{ "yue.la", true },
- { "yue2.net", true },
- { "yugasun.com", true },
+ { "yuexiangzs.com", true },
{ "yuisyo.ml", true },
- { "yukari.cafe", false },
+ { "yukari.cafe", true },
{ "yukari.cloud", true },
{ "yuki-nagato.com", true },
{ "yuki.xyz", true },
@@ -41701,7 +42616,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yunzhu.li", true },
{ "yuricarlenzoli.it", true },
{ "yurikirin.me", true },
- { "yurimoens.be", true },
{ "yurisviridov.com", true },
{ "yusa.me", true },
{ "yushi.moe", true },
@@ -41721,7 +42635,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yveshield.com", true },
{ "yveslegendre.fr", true },
{ "yvesx.com", true },
- { "yvetteerasmus.com", true },
{ "yvonnehaeusser.de", true },
{ "yvonnethomet.ch", true },
{ "yvonnewilhelmi.com", true },
@@ -41743,7 +42656,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "z99944x.xyz", true },
{ "za.search.yahoo.com", false },
{ "zaagbaak.nl", true },
- { "zabavno.mk", true },
{ "zabbix.tips", true },
{ "zabszk.net", true },
{ "zabukovnik.net", true },
@@ -41771,6 +42683,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zahnarzt-hofer.de", true },
{ "zahnarzt-kramer.ch", true },
{ "zahnarzt-muenich.de", true },
+ { "zahnmedizinzentrum.com", true },
{ "zajazd.biz", true },
{ "zakariya.blog", true },
{ "zakcutner.uk", true },
@@ -41782,7 +42695,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zakspartiesandevents.com", true },
{ "zalamea.ph", true },
{ "zaloghaz.ro", true },
- { "zalohovaniburian.cz", true },
+ { "zaltv.com", true },
{ "zalvus.com", true },
{ "zamalektoday.com", true },
{ "zamocosmeticos.com.br", true },
@@ -41792,10 +42705,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zanellidesigns.co.uk", true },
{ "zanthra.com", true },
{ "zanzabar.it", true },
+ { "zanzo.cz", true },
{ "zapier.com", true },
{ "zapmaster14.com", true },
{ "zappbuildapps.com", false },
- { "zappos.com", true },
{ "zarabiaj.com", true },
{ "zaratan.fr", true },
{ "zargescases.co.uk", true },
@@ -41810,7 +42723,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zawo-electric.de", true },
{ "zayna.eu", true },
{ "zbanks.cn", true },
- { "zbetcheck.in", true },
{ "zbrane-doplnky.cz", true },
{ "zbut.bg", true },
{ "zbyga.cz", true },
@@ -41821,12 +42733,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zcon.nl", true },
{ "zcore.org", true },
{ "zcr.ca", true },
+ { "zcryp.to", true },
{ "zdbl.de", true },
{ "zdenekspacek.cz", true },
{ "zdorovayasimya.com", true },
{ "zdrave-konzultace.cz", true },
{ "zdravekonzultace.cz", true },
- { "zdravesteny.cz", true },
{ "zdravystul.cz", true },
{ "zdrojak.cz", true },
{ "zdymak.by", true },
@@ -41845,10 +42757,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zeetoppers.nl", true },
{ "zeeuw.nl", true },
{ "zeguigui.com", true },
+ { "zehkae.net", true },
{ "zeibekiko-souvlaki.gr", true },
+ { "zeidlertechnik.de", true },
{ "zeilenmethans.nl", true },
{ "zeilles.nu", true },
- { "zeitoununiversity.org", true },
{ "zeitpunkt-kulturmagazin.de", true },
{ "zekesnider.com", true },
{ "zekinteractive.com", true },
@@ -41873,7 +42786,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zentask.io", true },
{ "zenti.cloud", true },
{ "zenvideocloud.com", true },
- { "zeparadox.com", true },
{ "zephyrbk.com", true },
{ "zephyrbookkeeping.com", true },
{ "zephyretcoraline.com", true },
@@ -41891,7 +42803,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zerossl.com", true },
{ "zerosync.com", true },
{ "zerotoone.de", true },
- { "zerowastesavvy.com", true },
{ "zertif.info", true },
{ "zertitude.com", true },
{ "zeryn.net", true },
@@ -41918,13 +42829,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zhangsidan.com", true },
{ "zhangyuhao.com", true },
{ "zhangzifan.com", false },
+ { "zhaoeq.com", true },
{ "zhaofeng.li", true },
{ "zhaopage.com", true },
{ "zhaoxixiangban.cc", true },
{ "zhcexo.com", true },
{ "zhen-chen.com", true },
{ "zhengjie.com", true },
- { "zhenyan.org", true },
+ { "zhenic.ir", true },
{ "zhi.ci", true },
{ "zhiku8.com", true },
{ "zhima.io", true },
@@ -41937,6 +42849,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zhovner.com", true },
{ "zhthings.com", true },
{ "zhuihoude.com", true },
+ { "zhuji.com", true },
{ "zi.is", true },
{ "ziegler-family.com", true },
{ "ziegler-heizung-frankfurt.de", true },
@@ -41948,6 +42861,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zigottos.fr", true },
{ "zigzagmart.com", true },
{ "zihao.me", false },
+ { "zii.bz", true },
{ "zijung.me", true },
{ "zikinf.com", true },
{ "ziktime.com", true },
@@ -41956,6 +42870,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zilore.com", true },
{ "zilsen.com", true },
{ "zima.io", true },
+ { "zimaoxy.com", true },
{ "zimiao.moe", true },
{ "zimmer-voss.de", true },
{ "zingarastore.com", true },
@@ -41988,17 +42903,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zivver.uk", true },
{ "zivyruzenec.cz", true },
{ "zixiao.wang", true },
+ { "zizcollections.com", true },
{ "zjuqsc.com", true },
{ "zjv.me", true },
- { "zjyifa.cn", true },
{ "zk.com.co", true },
{ "zk.gd", true },
{ "zk9.nl", true },
{ "zkontrolujsiauto.cz", true },
{ "zkrypt.cc", true },
{ "zkzone.net", true },
- { "zl0iu.com", true },
- { "zl8862.com", true },
{ "zlatakus.cz", true },
{ "zlatosnadno.cz", true },
{ "zlaty-tyden.cz", true },
@@ -42006,7 +42919,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zlavomat.sk", true },
{ "zlima12.com", true },
{ "zlypi.com", true },
- { "zmala.com", true },
{ "zmarta.de", true },
{ "zmarta.dk", true },
{ "zmarta.fi", true },
@@ -42018,11 +42930,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zmartagroup.no", true },
{ "zmartagroup.se", true },
{ "znation.nl", true },
+ { "znhglobalresources.com", true },
{ "zny.pw", true },
{ "zoarcampsite.uk", true },
{ "zobraz.cz", true },
{ "zobworks.com", true },
{ "zoccarato.ovh", true },
+ { "zochowskiplasticsurgery.com", true },
{ "zockenbiszumumfallen.de", true },
{ "zodgame.us", true },
{ "zodiacohouses.com", true },
@@ -42034,7 +42948,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zojadravai.com", true },
{ "zoki.art", true },
{ "zollihood.ch", true },
- { "zolokar.xyz", true },
{ "zom.bi", true },
{ "zomerschoen.nl", true },
{ "zonadigital.co", true },
@@ -42070,7 +42983,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zor.com", true },
{ "zorasvobodova.cz", true },
{ "zorgclustertool.nl", true },
- { "zorig.ch", false },
+ { "zorig.ch", true },
{ "zorium.org", true },
{ "zorntt.fr", true },
{ "zotero.org", true },
@@ -42079,11 +42992,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zozo.com", true },
{ "zozzle.co.uk", true },
{ "zp25.ninja", true },
- { "zqstudio.top", true },
+ { "zqwqz.com", true },
+ { "zr.is", true },
{ "zravypapir.cz", true },
{ "zrniecka-pre-sny.sk", true },
{ "zrnieckapresny.sk", true },
{ "zrt.io", true },
+ { "zry-blog.top", true },
{ "zs-ohradni.cz", true },
{ "zs-reporyje.cz", true },
{ "zscales.com", false },
@@ -42095,6 +43010,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zten.org", true },
{ "ztjuh.tk", true },
{ "zubel.it", false },
+ { "zubro.net", true },
{ "zuefle.net", true },
{ "zug-anwalt.de", true },
{ "zug.fr", true },
@@ -42121,7 +43037,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zuzumba.es", true },
{ "zvps.uk", true },
{ "zvxr.net", true },
- { "zwalcz-cellulit.com", true },
{ "zwartendijkstalling.nl", true },
{ "zwb3.de", true },
{ "zwerimex.com", true },
@@ -42131,6 +43046,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zwy.ch", true },
{ "zx6rninja.de", true },
{ "zx7r.de", true },
+ { "zxc.science", false },
{ "zxe.com.br", true },
{ "zxtcode.com", true },
{ "zy.md", true },
@@ -42139,7 +43055,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zyciedogorynogami.pl", true },
{ "zydronium.com", true },
{ "zydronium.nl", true },
- { "zyger.co.za", true },
+ { "zygozoon.com", true },
{ "zylai.com", true },
{ "zymmm.com", true },
{ "zypern-firma.com", true },
--
cgit v1.2.3
From 74cabf7948b2597f5b6a67d6910c844fd1a88ff6 Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@gmail.com>
Date: Sat, 15 Dec 2018 01:42:53 +0100
Subject: Update NSS to 3.41
---
security/nss/TAG-INFO | 1 -
.../abi-check/expected-report-libnss3.so.txt | 18 +
.../abi-check/expected-report-libnssutil3.so.txt | 18 +-
.../abi-check/expected-report-libsmime3.so.txt | 48 +
.../nss/automation/abi-check/previous-nss-release | 2 +-
security/nss/automation/clang-format/Dockerfile | 39 +-
security/nss/automation/clang-format/setup.sh | 44 -
security/nss/automation/release/nspr-version.txt | 2 +-
.../taskcluster/docker-aarch64/Dockerfile | 1 -
.../automation/taskcluster/docker-arm/Dockerfile | 1 -
.../taskcluster/docker-builds/Dockerfile | 75 +
.../taskcluster/docker-builds/bin/checkout.sh | 20 +
.../taskcluster/docker-clang-3.9/Dockerfile | 30 -
.../taskcluster/docker-clang-3.9/bin/checkout.sh | 20 -
.../taskcluster/docker-clang-3.9/setup.sh | 46 -
.../taskcluster/docker-clang-format/Dockerfile | 38 +
.../docker-clang-format/bin/checkout.sh | 20 +
.../taskcluster/docker-decision/Dockerfile | 47 +-
.../taskcluster/docker-decision/setup.sh | 31 -
.../automation/taskcluster/docker-fuzz/Dockerfile | 70 +-
.../automation/taskcluster/docker-fuzz/setup.sh | 58 -
.../taskcluster/docker-fuzz32/Dockerfile | 73 +
.../taskcluster/docker-fuzz32/bin/checkout.sh | 20 +
.../taskcluster/docker-gcc-4.4/Dockerfile | 47 +-
.../automation/taskcluster/docker-gcc-4.4/setup.sh | 30 -
.../taskcluster/docker-interop/Dockerfile | 56 +
.../taskcluster/docker-interop/bin/checkout.sh | 20 +
.../nss/automation/taskcluster/docker/Dockerfile | 57 +-
.../nss/automation/taskcluster/docker/setup.sh | 74 -
.../nss/automation/taskcluster/graph/src/extend.js | 176 +-
.../automation/taskcluster/graph/src/try_syntax.js | 2 +-
.../automation/taskcluster/scripts/build_image.sh | 8 +-
.../nss/automation/taskcluster/scripts/tools.sh | 9 +-
.../nss/automation/taskcluster/windows/build.sh | 8 +-
.../automation/taskcluster/windows/build_gyp.sh | 32 +-
.../nss/automation/taskcluster/windows/setup.sh | 48 +-
.../nss/automation/taskcluster/windows/setup32.sh | 10 -
.../nss/automation/taskcluster/windows/setup64.sh | 10 -
security/nss/build.sh | 102 +-
security/nss/cmd/certutil/certutil.c | 168 +-
security/nss/cmd/crlutil/crlutil.c | 16 +-
security/nss/cmd/crmf-cgi/crmfcgi.c | 2 +-
security/nss/cmd/crmftest/testcrmf.c | 2 +-
security/nss/cmd/dbck/dbrecover.c | 3 +-
security/nss/cmd/fipstest/fipstest.c | 1034 ++-
security/nss/cmd/fipstest/kas.sh | 84 +
security/nss/cmd/fipstest/runtest.sh | 2 +-
security/nss/cmd/lib/secutil.c | 116 +-
security/nss/cmd/lib/secutil.h | 6 +-
security/nss/cmd/manifest.mn | 1 +
security/nss/cmd/modutil/error.h | 1 +
security/nss/cmd/modutil/modutil.c | 28 +-
security/nss/cmd/modutil/modutil.h | 1 +
security/nss/cmd/modutil/pk11.c | 49 +
security/nss/cmd/nss-policy-check/Makefile | 47 +
security/nss/cmd/nss-policy-check/manifest.mn | 15 +
.../nss/cmd/nss-policy-check/nss-policy-check.c | 206 +
.../nss/cmd/nss-policy-check/nss-policy-check.gyp | 24 +
security/nss/cmd/ocspclnt/ocspclnt.c | 5 +
security/nss/cmd/p7verify/p7verify.c | 1 +
security/nss/cmd/rsaperf/rsaperf.c | 8 +-
security/nss/cmd/selfserv/selfserv.c | 51 +-
security/nss/cmd/smimetools/cmsutil.c | 1 +
security/nss/cmd/tests/nonspr10.c | 2 -
security/nss/cmd/tstclnt/Makefile | 2 +-
security/nss/cmd/tstclnt/tstclnt.c | 134 +-
security/nss/cmd/vfychain/vfychain.c | 3 +-
security/nss/cmd/vfyserv/vfyserv.h | 2 +-
security/nss/coreconf/config.gypi | 9 +
security/nss/coreconf/config.mk | 4 +
security/nss/coreconf/coreconf.dep | 1 -
security/nss/coreconf/fuzz.sh | 7 +-
security/nss/coreconf/msvc.sh | 106 +
security/nss/coreconf/nspr.sh | 3 +
security/nss/cpputil/databuffer.h | 2 +-
security/nss/cpputil/dummy_io.h | 2 +-
security/nss/cpputil/nss_scoped_ptrs.h | 85 +
security/nss/cpputil/scoped_ptrs.h | 86 -
security/nss/cpputil/scoped_ptrs_ssl.h | 35 +
security/nss/cpputil/tls_parser.h | 11 +-
security/nss/doc/certutil.xml | 12 +-
security/nss/doc/html/certutil.html | 16 +-
security/nss/doc/html/modutil.html | 4 +-
security/nss/doc/html/pk12util.html | 4 +-
security/nss/doc/modutil.xml | 2 +
security/nss/doc/nroff/certutil.1 | 20 +-
security/nss/doc/nroff/modutil.1 | 8 +-
security/nss/doc/nroff/pk12util.1 | 6 +-
security/nss/doc/pk12util.xml | 3 +-
security/nss/exports.gyp | 135 +-
security/nss/fuzz/config/git-copy.sh | 6 +-
security/nss/fuzz/tls_server_certs.cc | 2 +-
.../nss/gtests/certdb_gtest/alg1485_unittest.cc | 2 +-
.../nss/gtests/cryptohi_gtest/cryptohi_unittest.cc | 2 +-
.../der_gtest/der_private_key_import_unittest.cc | 2 +-
.../nss/gtests/der_gtest/p12_import_unittest.cc | 2 +-
security/nss/gtests/freebl_gtest/ecl_unittest.cc | 2 +-
security/nss/gtests/freebl_gtest/mpi_unittest.cc | 82 +-
security/nss/gtests/freebl_gtest/rsa_unittest.cc | 48 +-
security/nss/gtests/google_test/VERSION | 2 +
.../nss/gtests/google_test/gtest/CMakeLists.txt | 179 +-
security/nss/gtests/google_test/gtest/Makefile.am | 149 +-
security/nss/gtests/google_test/gtest/README | 435 --
security/nss/gtests/google_test/gtest/README.md | 341 +
.../nss/gtests/google_test/gtest/build-aux/.keep | 0
.../gtests/google_test/gtest/cmake/Config.cmake.in | 9 +
.../nss/gtests/google_test/gtest/cmake/gtest.pc.in | 9 +
.../google_test/gtest/cmake/gtest_main.pc.in | 10 +
.../google_test/gtest/cmake/internal_utils.cmake | 116 +-
security/nss/gtests/google_test/gtest/configure.ac | 2 +-
.../nss/gtests/google_test/gtest/docs/Pkgconfig.md | 146 +
.../gtests/google_test/gtest/docs/PumpManual.md | 177 +
.../gtests/google_test/gtest/docs/XcodeGuide.md | 93 +
.../nss/gtests/google_test/gtest/docs/advanced.md | 2520 +++++++
security/nss/gtests/google_test/gtest/docs/faq.md | 770 +++
.../nss/gtests/google_test/gtest/docs/primer.md | 569 ++
.../nss/gtests/google_test/gtest/docs/samples.md | 22 +
.../gtest/include/gtest/gtest-death-test.h | 66 +-
.../gtest/include/gtest/gtest-message.h | 13 +-
.../gtest/include/gtest/gtest-param-test.h | 67 +-
.../gtest/include/gtest/gtest-param-test.h.pump | 67 +-
.../gtest/include/gtest/gtest-printers.h | 332 +-
.../google_test/gtest/include/gtest/gtest-spi.h | 15 +-
.../gtest/include/gtest/gtest-test-part.h | 10 +-
.../gtest/include/gtest/gtest-typed-test.h | 113 +-
.../gtests/google_test/gtest/include/gtest/gtest.h | 511 +-
.../gtest/include/gtest/gtest_pred_impl.h | 15 +-
.../google_test/gtest/include/gtest/gtest_prod.h | 17 +-
.../gtest/include/gtest/internal/custom/README.md | 56 +
.../include/gtest/internal/custom/gtest-port.h | 37 +
.../include/gtest/internal/custom/gtest-printers.h | 42 +
.../gtest/include/gtest/internal/custom/gtest.h | 37 +
.../gtest/internal/gtest-death-test-internal.h | 77 +-
.../gtest/include/gtest/internal/gtest-filepath.h | 11 +-
.../gtest/include/gtest/internal/gtest-internal.h | 297 +-
.../include/gtest/internal/gtest-linked_ptr.h | 20 +-
.../gtest/internal/gtest-param-util-generated.h | 497 +-
.../internal/gtest-param-util-generated.h.pump | 39 +-
.../include/gtest/internal/gtest-param-util.h | 177 +-
.../gtest/include/gtest/internal/gtest-port-arch.h | 100 +
.../gtest/include/gtest/internal/gtest-port.h | 704 +-
.../gtest/include/gtest/internal/gtest-string.h | 8 +-
.../gtest/include/gtest/internal/gtest-tuple.h | 7 +-
.../include/gtest/internal/gtest-tuple.h.pump | 7 +-
.../gtest/include/gtest/internal/gtest-type-util.h | 23 +-
.../include/gtest/internal/gtest-type-util.h.pump | 23 +-
.../google_test/gtest/msvc/2010/gtest-md.sln | 55 +
.../google_test/gtest/msvc/2010/gtest-md.vcxproj | 149 +
.../gtest/msvc/2010/gtest-md.vcxproj.filters | 18 +
.../gtests/google_test/gtest/msvc/2010/gtest.sln | 55 +
.../google_test/gtest/msvc/2010/gtest.vcxproj | 149 +
.../gtest/msvc/2010/gtest.vcxproj.filters | 18 +
.../gtest/msvc/2010/gtest_main-md.vcxproj | 154 +
.../gtest/msvc/2010/gtest_main-md.vcxproj.filters | 18 +
.../google_test/gtest/msvc/2010/gtest_main.vcxproj | 162 +
.../gtest/msvc/2010/gtest_main.vcxproj.filters | 18 +
.../gtest/msvc/2010/gtest_prod_test-md.vcxproj | 199 +
.../msvc/2010/gtest_prod_test-md.vcxproj.filters | 26 +
.../gtest/msvc/2010/gtest_prod_test.vcxproj | 191 +
.../msvc/2010/gtest_prod_test.vcxproj.filters | 26 +
.../gtest/msvc/2010/gtest_unittest-md.vcxproj | 188 +
.../msvc/2010/gtest_unittest-md.vcxproj.filters | 18 +
.../gtest/msvc/2010/gtest_unittest.vcxproj | 180 +
.../gtest/msvc/2010/gtest_unittest.vcxproj.filters | 18 +
.../nss/gtests/google_test/gtest/msvc/gtest-md.sln | 45 -
.../gtests/google_test/gtest/msvc/gtest-md.vcproj | 126 -
.../nss/gtests/google_test/gtest/msvc/gtest.sln | 45 -
.../nss/gtests/google_test/gtest/msvc/gtest.vcproj | 126 -
.../google_test/gtest/msvc/gtest_main-md.vcproj | 129 -
.../google_test/gtest/msvc/gtest_main.vcproj | 129 -
.../gtest/msvc/gtest_prod_test-md.vcproj | 164 -
.../google_test/gtest/msvc/gtest_prod_test.vcproj | 164 -
.../gtest/msvc/gtest_unittest-md.vcproj | 147 -
.../google_test/gtest/msvc/gtest_unittest.vcproj | 147 -
.../google_test/gtest/samples/prime_tables.h | 13 +-
.../gtests/google_test/gtest/samples/sample1.cc | 4 +-
.../nss/gtests/google_test/gtest/samples/sample1.h | 2 -
.../google_test/gtest/samples/sample10_unittest.cc | 7 +-
.../google_test/gtest/samples/sample1_unittest.cc | 6 +-
.../gtests/google_test/gtest/samples/sample2.cc | 2 -
.../nss/gtests/google_test/gtest/samples/sample2.h | 2 -
.../google_test/gtest/samples/sample2_unittest.cc | 6 +-
.../gtests/google_test/gtest/samples/sample3-inl.h | 2 -
.../google_test/gtest/samples/sample3_unittest.cc | 16 +-
.../gtests/google_test/gtest/samples/sample4.cc | 12 +-
.../nss/gtests/google_test/gtest/samples/sample4.h | 6 +-
.../google_test/gtest/samples/sample4_unittest.cc | 14 +-
.../google_test/gtest/samples/sample5_unittest.cc | 9 +-
.../google_test/gtest/samples/sample6_unittest.cc | 6 +-
.../google_test/gtest/samples/sample7_unittest.cc | 35 +-
.../google_test/gtest/samples/sample8_unittest.cc | 6 +-
.../google_test/gtest/samples/sample9_unittest.cc | 6 +-
.../google_test/gtest/scripts/fuse_gtest_files.py | 35 +-
.../gtest/scripts/gen_gtest_pred_impl.py | 20 +-
.../nss/gtests/google_test/gtest/scripts/upload.py | 10 +-
.../nss/gtests/google_test/gtest/src/gtest-all.cc | 5 +-
.../google_test/gtest/src/gtest-death-test.cc | 341 +-
.../gtests/google_test/gtest/src/gtest-filepath.cc | 16 +-
.../google_test/gtest/src/gtest-internal-inl.h | 83 +-
.../nss/gtests/google_test/gtest/src/gtest-port.cc | 284 +-
.../gtests/google_test/gtest/src/gtest-printers.cc | 106 +-
.../google_test/gtest/src/gtest-test-part.cc | 13 +-
.../google_test/gtest/src/gtest-typed-test.cc | 44 +-
security/nss/gtests/google_test/gtest/src/gtest.cc | 1424 +++-
.../nss/gtests/google_test/gtest/src/gtest_main.cc | 3 +-
.../nss/gtests/google_test/gtest/test/BUILD.bazel | 527 ++
.../test/googletest-break-on-failure-unittest.py | 208 +
.../test/googletest-break-on-failure-unittest_.cc | 86 +
.../gtest/test/googletest-catch-exceptions-test.py | 233 +
.../test/googletest-catch-exceptions-test_.cc | 311 +
.../gtest/test/googletest-color-test.py | 127 +
.../gtest/test/googletest-color-test_.cc | 62 +
.../gtest/test/googletest-death-test-test.cc | 1423 ++++
.../gtest/test/googletest-death-test_ex_test.cc | 92 +
.../gtest/test/googletest-env-var-test.py | 117 +
.../gtest/test/googletest-env-var-test_.cc | 122 +
.../gtest/test/googletest-filepath-test.cc | 651 ++
.../gtest/test/googletest-filter-unittest.py | 636 ++
.../gtest/test/googletest-filter-unittest_.cc | 137 +
.../gtest/test/googletest-json-outfiles-test.py | 162 +
.../gtest/test/googletest-json-output-unittest.py | 618 ++
.../gtest/test/googletest-linked-ptr-test.cc | 151 +
.../gtest/test/googletest-list-tests-unittest.py | 205 +
.../gtest/test/googletest-list-tests-unittest_.cc | 156 +
.../gtest/test/googletest-listener-test.cc | 311 +
.../gtest/test/googletest-message-test.cc | 158 +
.../gtest/test/googletest-options-test.cc | 211 +
.../test/googletest-output-test-golden-lin.txt | 1047 +++
.../gtest/test/googletest-output-test.py | 347 +
.../gtest/test/googletest-output-test_.cc | 1109 +++
.../googletest-param-test-invalid-name1-test.py | 63 +
.../googletest-param-test-invalid-name1-test_.cc | 50 +
.../googletest-param-test-invalid-name2-test.py | 62 +
.../googletest-param-test-invalid-name2-test_.cc | 55 +
.../gtest/test/googletest-param-test-test.cc | 1109 +++
.../gtest/test/googletest-param-test-test.h | 51 +
.../gtest/test/googletest-param-test2-test.cc | 61 +
.../google_test/gtest/test/googletest-port-test.cc | 1300 ++++
.../gtest/test/googletest-printers-test.cc | 1748 +++++
.../gtest/test/googletest-shuffle-test.py | 323 +
.../gtest/test/googletest-shuffle-test_.cc | 102 +
.../gtest/test/googletest-test-part-test.cc | 205 +
.../gtest/test/googletest-test2_test.cc | 61 +
.../gtest/test/googletest-throw-on-failure-test.py | 169 +
.../test/googletest-throw-on-failure-test_.cc | 71 +
.../gtest/test/googletest-tuple-test.cc | 319 +
.../gtest/test/googletest-uninitialized-test.py | 67 +
.../gtest/test/googletest-uninitialized-test_.cc | 42 +
.../gtest/test/gtest-death-test_ex_test.cc | 93 -
.../gtest/test/gtest-death-test_test.cc | 1423 ----
.../google_test/gtest/test/gtest-filepath_test.cc | 680 --
.../gtest/test/gtest-linked_ptr_test.cc | 154 -
.../google_test/gtest/test/gtest-listener_test.cc | 310 -
.../google_test/gtest/test/gtest-message_test.cc | 159 -
.../google_test/gtest/test/gtest-options_test.cc | 215 -
.../gtest/test/gtest-param-test2_test.cc | 65 -
.../gtest/test/gtest-param-test_test.cc | 904 ---
.../google_test/gtest/test/gtest-param-test_test.h | 57 -
.../google_test/gtest/test/gtest-port_test.cc | 1323 ----
.../google_test/gtest/test/gtest-printers_test.cc | 1651 -----
.../google_test/gtest/test/gtest-test-part_test.cc | 208 -
.../google_test/gtest/test/gtest-tuple_test.cc | 320 -
.../gtest/test/gtest-typed-test2_test.cc | 3 +-
.../gtest/test/gtest-typed-test_test.cc | 104 +-
.../google_test/gtest/test/gtest-typed-test_test.h | 3 +-
.../gtest/test/gtest-unittest-api_test.cc | 5 +-
.../google_test/gtest/test/gtest_all_test.cc | 17 +-
.../gtest/test/gtest_assert_by_exception_test.cc | 118 +
.../gtest/test/gtest_break_on_failure_unittest.py | 212 -
.../gtest/test/gtest_break_on_failure_unittest_.cc | 88 -
.../gtest/test/gtest_catch_exceptions_test.py | 237 -
.../gtest/test/gtest_catch_exceptions_test_.cc | 311 -
.../google_test/gtest/test/gtest_color_test.py | 130 -
.../google_test/gtest/test/gtest_color_test_.cc | 71 -
.../google_test/gtest/test/gtest_env_var_test.py | 103 -
.../google_test/gtest/test/gtest_env_var_test_.cc | 126 -
.../gtest/test/gtest_environment_test.cc | 6 +-
.../gtest/test/gtest_filter_unittest.py | 633 --
.../gtest/test/gtest_filter_unittest_.cc | 140 -
.../google_test/gtest/test/gtest_help_test.py | 4 +-
.../google_test/gtest/test/gtest_help_test_.cc | 3 +-
.../gtest/test/gtest_json_test_utils.py | 60 +
.../gtest/test/gtest_list_output_unittest.py | 141 +
.../gtest/test/gtest_list_output_unittest_.cc | 51 +
.../gtest/test/gtest_list_tests_unittest.py | 207 -
.../gtest/test/gtest_list_tests_unittest_.cc | 157 -
.../google_test/gtest/test/gtest_main_unittest.cc | 7 +-
.../gtest/test/gtest_no_test_unittest.cc | 2 -
.../google_test/gtest/test/gtest_output_test.py | 335 -
.../google_test/gtest/test/gtest_output_test_.cc | 1039 ---
.../gtest/test/gtest_output_test_golden_lin.txt | 732 --
.../gtest/test/gtest_pred_impl_unittest.cc | 2 +-
.../gtest/test/gtest_premature_exit_test.cc | 19 +-
.../google_test/gtest/test/gtest_prod_test.cc | 7 +-
.../google_test/gtest/test/gtest_repeat_test.cc | 27 +-
.../google_test/gtest/test/gtest_shuffle_test.py | 325 -
.../google_test/gtest/test/gtest_shuffle_test_.cc | 103 -
.../gtest/test/gtest_sole_header_test.cc | 3 +-
.../google_test/gtest/test/gtest_stress_test.cc | 9 +-
.../test/gtest_test_macro_stack_footprint_test.cc | 89 +
.../google_test/gtest/test/gtest_test_utils.py | 32 +-
.../gtest/test/gtest_testbridge_test.py | 63 +
.../gtest/test/gtest_testbridge_test_.cc | 43 +
.../gtest/test/gtest_throw_on_failure_ex_test.cc | 3 +-
.../gtest/test/gtest_throw_on_failure_test.py | 171 -
.../gtest/test/gtest_throw_on_failure_test_.cc | 72 -
.../gtest/test/gtest_uninitialized_test.py | 70 -
.../gtest/test/gtest_uninitialized_test_.cc | 43 -
.../google_test/gtest/test/gtest_unittest.cc | 596 +-
.../gtest/test/gtest_xml_outfile1_test_.cc | 2 -
.../gtest/test/gtest_xml_outfile2_test_.cc | 2 -
.../gtest/test/gtest_xml_outfiles_test.py | 26 +-
.../gtest/test/gtest_xml_output_unittest.py | 134 +-
.../gtest/test/gtest_xml_output_unittest_.cc | 2 -
.../google_test/gtest/test/gtest_xml_test_utils.py | 46 +-
.../gtests/google_test/gtest/test/production.cc | 5 +-
.../nss/gtests/google_test/gtest/test/production.h | 5 +-
.../gtest/xcode/Config/DebugProject.xcconfig | 2 +-
.../gtest/xcode/Config/FrameworkTarget.xcconfig | 2 +-
.../gtest/xcode/Config/General.xcconfig | 2 +-
.../gtest/xcode/Config/ReleaseProject.xcconfig | 2 +-
.../xcode/Config/StaticLibraryTarget.xcconfig | 2 +-
.../gtest/xcode/Scripts/versiongenerate.py | 8 +-
.../gtest/xcode/gtest.xcodeproj/project.pbxproj | 55 +-
security/nss/gtests/google_test/update.sh | 20 +
security/nss/gtests/mozpkix_gtest/README.txt | 61 +
.../nss/gtests/mozpkix_gtest/mozpkix_gtest.gyp | 71 +
.../nss/gtests/mozpkix_gtest/pkixbuild_tests.cpp | 894 +++
.../mozpkix_gtest/pkixcert_extension_tests.cpp | 276 +
.../pkixcert_signature_algorithm_tests.cpp | 259 +
.../pkixcheck_CheckExtendedKeyUsage_tests.cpp | 722 ++
.../mozpkix_gtest/pkixcheck_CheckIssuer_tests.cpp | 63 +
.../pkixcheck_CheckKeyUsage_tests.cpp | 284 +
.../pkixcheck_CheckSignatureAlgorithm_tests.cpp | 367 +
.../pkixcheck_CheckValidity_tests.cpp | 128 +
.../pkixcheck_ParseValidity_tests.cpp | 84 +
...kixcheck_TLSFeaturesSatisfiedInternal_tests.cpp | 120 +
.../gtests/mozpkix_gtest/pkixder_input_tests.cpp | 920 +++
.../mozpkix_gtest/pkixder_pki_types_tests.cpp | 480 ++
.../pkixder_universal_types_tests.cpp | 1226 ++++
security/nss/gtests/mozpkix_gtest/pkixgtest.cpp | 46 +
security/nss/gtests/mozpkix_gtest/pkixgtest.h | 229 +
.../nss/gtests/mozpkix_gtest/pkixnames_tests.cpp | 2838 ++++++++
.../pkixocsp_CreateEncodedOCSPRequest_tests.cpp | 146 +
.../pkixocsp_VerifyEncodedOCSPResponse.cpp | 1064 +++
security/nss/gtests/nss_bogo_shim/config.json | 31 +-
security/nss/gtests/nss_bogo_shim/manifest.mn | 6 +-
security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc | 179 +-
.../nss/gtests/nss_bogo_shim/nss_bogo_shim.gyp | 1 +
security/nss/gtests/pk11_gtest/manifest.mn | 1 +
.../nss/gtests/pk11_gtest/pk11_aes_gcm_unittest.cc | 2 +-
.../gtests/pk11_gtest/pk11_aeskeywrap_unittest.cc | 4 +-
.../pk11_gtest/pk11_chacha20poly1305_unittest.cc | 2 +-
.../gtests/pk11_gtest/pk11_cipherop_unittest.cc | 80 +
.../gtests/pk11_gtest/pk11_curve25519_unittest.cc | 2 +-
.../pk11_der_private_key_import_unittest.cc | 2 +-
.../nss/gtests/pk11_gtest/pk11_ecdsa_unittest.cc | 2 +-
.../pk11_gtest/pk11_encrypt_derive_unittest.cc | 2 +-
.../nss/gtests/pk11_gtest/pk11_export_unittest.cc | 2 +-
security/nss/gtests/pk11_gtest/pk11_gtest.gyp | 2 +
.../nss/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc | 2 +-
.../gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc | 109 +
.../nss/gtests/pk11_gtest/pk11_rsapss_unittest.cc | 2 +-
.../nss/gtests/pk11_gtest/pk11_signature_test.h | 2 +-
.../nss/gtests/softoken_gtest/softoken_gtest.cc | 2 +-
security/nss/gtests/ssl_gtest/manifest.mn | 1 +
security/nss/gtests/ssl_gtest/rsa8193.h | 2 +-
.../nss/gtests/ssl_gtest/selfencrypt_unittest.cc | 2 +-
security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc | 2 +-
.../nss/gtests/ssl_gtest/ssl_agent_unittest.cc | 30 +-
security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc | 329 +-
.../gtests/ssl_gtest/ssl_ciphersuite_unittest.cc | 27 +-
.../nss/gtests/ssl_gtest/ssl_custext_unittest.cc | 8 +-
.../nss/gtests/ssl_gtest/ssl_damage_unittest.cc | 2 +-
security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc | 41 +-
security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc | 10 +-
security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc | 2 +-
security/nss/gtests/ssl_gtest/ssl_ems_unittest.cc | 2 +-
.../nss/gtests/ssl_gtest/ssl_extension_unittest.cc | 96 +-
.../nss/gtests/ssl_gtest/ssl_fragment_unittest.cc | 6 +-
security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc | 2 +-
.../nss/gtests/ssl_gtest/ssl_gather_unittest.cc | 1 +
security/nss/gtests/ssl_gtest/ssl_gtest.gyp | 1 +
security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc | 97 +-
.../nss/gtests/ssl_gtest/ssl_keyupdate_unittest.cc | 2 +-
.../nss/gtests/ssl_gtest/ssl_loopback_unittest.cc | 199 +-
.../nss/gtests/ssl_gtest/ssl_record_unittest.cc | 2 +-
.../gtests/ssl_gtest/ssl_recordsize_unittest.cc | 10 +-
.../gtests/ssl_gtest/ssl_resumption_unittest.cc | 306 +-
security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc | 2 +-
.../nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc | 2 +-
.../gtests/ssl_gtest/ssl_tls13compat_unittest.cc | 35 +-
.../ssl_gtest/ssl_v2_client_hello_unittest.cc | 46 +
.../nss/gtests/ssl_gtest/ssl_version_unittest.cc | 95 +-
.../gtests/ssl_gtest/ssl_versionpolicy_unittest.cc | 2 +-
security/nss/gtests/ssl_gtest/test_io.cc | 28 +-
security/nss/gtests/ssl_gtest/test_io.h | 2 +-
security/nss/gtests/ssl_gtest/tls_agent.cc | 75 +-
security/nss/gtests/ssl_gtest/tls_agent.h | 8 +-
security/nss/gtests/ssl_gtest/tls_connect.cc | 8 +-
security/nss/gtests/ssl_gtest/tls_esni_unittest.cc | 470 ++
security/nss/gtests/ssl_gtest/tls_filter.cc | 34 +-
security/nss/gtests/ssl_gtest/tls_filter.h | 27 +-
security/nss/gtests/ssl_gtest/tls_hkdf_unittest.cc | 40 +-
.../gtests/util_gtest/util_pkcs11uri_unittest.cc | 1 +
security/nss/help.txt | 59 +-
security/nss/lib/base/error.c | 29 +
security/nss/lib/certdb/cert.h | 2 +-
security/nss/lib/certdb/certdb.c | 77 +
security/nss/lib/certdb/certi.h | 3 +
security/nss/lib/certdb/certt.h | 6 +-
security/nss/lib/certhigh/certreq.c | 2 +-
security/nss/lib/certhigh/certvfy.c | 64 +-
security/nss/lib/certhigh/ocsp.h | 2 +-
security/nss/lib/ckfw/builtins/certdata.txt | 7080 ++++++++++----------
security/nss/lib/ckfw/builtins/nssckbi.h | 4 +-
security/nss/lib/ckfw/ckfw.h | 4 +-
security/nss/lib/ckfw/session.c | 4 +-
security/nss/lib/cryptohi/cryptohi.h | 2 +-
security/nss/lib/cryptohi/key.h | 6 +-
security/nss/lib/cryptohi/keyi.h | 17 +-
security/nss/lib/cryptohi/keyt.h | 4 +
security/nss/lib/cryptohi/seckey.c | 104 +-
security/nss/lib/cryptohi/secsign.c | 11 +-
security/nss/lib/cryptohi/secvfy.c | 52 +-
security/nss/lib/freebl/ctr.c | 21 +-
security/nss/lib/freebl/freebl.gyp | 35 +-
security/nss/lib/freebl/freebl_base.gypi | 7 +-
security/nss/lib/freebl/mpi/mpi.c | 61 +-
security/nss/lib/freebl/mpi/mpi.h | 3 +-
security/nss/lib/freebl/mpi/mpi_arm.c | 38 +-
security/nss/lib/freebl/rsapkcs.c | 68 +-
security/nss/lib/jar/jarint.h | 2 +-
.../nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c | 16 +-
security/nss/lib/mozpkix/.clang-format | 4 +
security/nss/lib/mozpkix/exports.gyp | 47 +
.../lib/mozpkix/include/pkix-test/pkixtestnss.h | 48 +
.../lib/mozpkix/include/pkix-test/pkixtestutil.h | 406 ++
security/nss/lib/mozpkix/include/pkix/Input.h | 310 +
security/nss/lib/mozpkix/include/pkix/Result.h | 219 +
security/nss/lib/mozpkix/include/pkix/Time.h | 137 +
security/nss/lib/mozpkix/include/pkix/pkix.h | 160 +
security/nss/lib/mozpkix/include/pkix/pkixcheck.h | 65 +
security/nss/lib/mozpkix/include/pkix/pkixder.h | 520 ++
security/nss/lib/mozpkix/include/pkix/pkixnss.h | 106 +
security/nss/lib/mozpkix/include/pkix/pkixtypes.h | 400 ++
security/nss/lib/mozpkix/include/pkix/pkixutil.h | 265 +
security/nss/lib/mozpkix/lib/pkixbuild.cpp | 418 ++
security/nss/lib/mozpkix/lib/pkixcert.cpp | 323 +
security/nss/lib/mozpkix/lib/pkixcheck.cpp | 1100 +++
security/nss/lib/mozpkix/lib/pkixder.cpp | 611 ++
security/nss/lib/mozpkix/lib/pkixnames.cpp | 2050 ++++++
security/nss/lib/mozpkix/lib/pkixnss.cpp | 236 +
security/nss/lib/mozpkix/lib/pkixocsp.cpp | 1012 +++
security/nss/lib/mozpkix/lib/pkixresult.cpp | 46 +
security/nss/lib/mozpkix/lib/pkixtime.cpp | 78 +
security/nss/lib/mozpkix/lib/pkixverify.cpp | 106 +
security/nss/lib/mozpkix/mozpkix.gyp | 60 +
security/nss/lib/mozpkix/test-lib/pkixtestalg.cpp | 211 +
security/nss/lib/mozpkix/test-lib/pkixtestnss.cpp | 364 +
security/nss/lib/mozpkix/test-lib/pkixtestutil.cpp | 1155 ++++
security/nss/lib/mozpkix/tools/DottedOIDToCode.py | 216 +
security/nss/lib/nss/nss.def | 6 +
security/nss/lib/nss/nss.h | 4 +-
security/nss/lib/nss/nssinit.c | 52 +-
security/nss/lib/pk11wrap/pk11akey.c | 20 +-
security/nss/lib/pk11wrap/pk11cert.c | 4 +-
security/nss/lib/pk11wrap/pk11kea.c | 2 +-
security/nss/lib/pk11wrap/pk11obj.c | 2 +-
security/nss/lib/pk11wrap/pk11pars.c | 285 +-
security/nss/lib/pk11wrap/pk11pbe.c | 2 +-
security/nss/lib/pk11wrap/pk11pk12.c | 2 +-
security/nss/lib/pk11wrap/pk11priv.h | 2 +-
security/nss/lib/pk11wrap/pk11pub.h | 2 +-
security/nss/lib/pk11wrap/pk11slot.c | 86 +-
security/nss/lib/pk11wrap/secmodi.h | 2 +-
security/nss/lib/pkcs12/p12.h | 2 +-
security/nss/lib/pkcs12/p12t.h | 2 +-
security/nss/lib/pkcs12/pkcs12t.h | 2 +-
security/nss/lib/pkcs7/p7decode.c | 2 +-
security/nss/lib/pkcs7/secmime.c | 2 +-
security/nss/lib/pkcs7/secpkcs7.h | 2 +-
security/nss/lib/smime/cms.h | 2 +-
security/nss/lib/smime/cmsasn1.c | 2 +-
security/nss/lib/smime/cmsdecode.c | 2 +-
security/nss/lib/smime/cmsdigest.c | 2 +-
security/nss/lib/smime/cmsencdata.c | 2 +-
security/nss/lib/smime/cmsencode.c | 2 +-
security/nss/lib/smime/cmsenvdata.c | 2 +-
security/nss/lib/smime/cmspubkey.c | 2 +-
security/nss/lib/smime/cmsrecinfo.c | 2 +-
security/nss/lib/smime/cmsreclist.c | 2 +-
security/nss/lib/smime/cmssiginfo.c | 2 +-
security/nss/lib/smime/cmsutil.c | 2 +-
security/nss/lib/smime/smimemessage.c | 2 +-
security/nss/lib/smime/smimeutil.c | 2 +-
security/nss/lib/softoken/pkcs11c.c | 2 +-
security/nss/lib/softoken/softkver.h | 4 +-
security/nss/lib/ssl/SSLerrs.h | 12 +
security/nss/lib/ssl/authcert.c | 2 +-
security/nss/lib/ssl/cmpcert.c | 31 +-
security/nss/lib/ssl/config.mk | 4 +
security/nss/lib/ssl/dtls13con.c | 10 +-
security/nss/lib/ssl/dtls13con.h | 2 +-
security/nss/lib/ssl/dtlscon.c | 22 +-
security/nss/lib/ssl/dtlscon.h | 2 +-
security/nss/lib/ssl/manifest.mn | 2 +-
security/nss/lib/ssl/ssl.gyp | 6 +
security/nss/lib/ssl/ssl.h | 19 +-
security/nss/lib/ssl/ssl3con.c | 1004 ++-
security/nss/lib/ssl/ssl3ecc.c | 7 +-
security/nss/lib/ssl/ssl3ext.c | 13 +-
security/nss/lib/ssl/ssl3ext.h | 10 +
security/nss/lib/ssl/ssl3exthandle.c | 91 +-
security/nss/lib/ssl/ssl3exthandle.h | 4 +
security/nss/lib/ssl/ssl3gthr.c | 16 +-
security/nss/lib/ssl/ssl3prot.h | 15 +-
security/nss/lib/ssl/sslcert.c | 2 -
security/nss/lib/ssl/sslerr.h | 4 +
security/nss/lib/ssl/sslexp.h | 60 +-
security/nss/lib/ssl/sslimpl.h | 48 +-
security/nss/lib/ssl/sslnonce.c | 48 +-
security/nss/lib/ssl/sslsecur.c | 44 +-
security/nss/lib/ssl/sslsock.c | 97 +-
security/nss/lib/ssl/sslspec.c | 2 +-
security/nss/lib/ssl/sslt.h | 11 +-
security/nss/lib/ssl/tls13con.c | 290 +-
security/nss/lib/ssl/tls13con.h | 36 +-
security/nss/lib/ssl/tls13esni.c | 844 +++
security/nss/lib/ssl/tls13esni.h | 51 +
security/nss/lib/ssl/tls13exthandle.c | 375 +-
security/nss/lib/ssl/tls13exthandle.h | 9 +
security/nss/lib/util/nssutil.def | 6 +
security/nss/lib/util/nssutil.h | 4 +-
security/nss/lib/util/pkcs11p.h | 5 +-
security/nss/lib/util/pkcs11u.h | 5 +-
security/nss/lib/util/pkcs11uri.c | 2 +-
security/nss/lib/util/pkcs1sig.c | 67 +-
security/nss/lib/util/secder.h | 3 +
security/nss/lib/util/secitem.c | 4 +-
security/nss/lib/util/secitem.h | 2 +-
security/nss/lib/util/secoid.c | 26 +-
security/nss/lib/util/secoidt.h | 5 +
security/nss/lib/util/secport.c | 3 -
security/nss/lib/util/utilpars.c | 86 +
security/nss/lib/util/utilpars.h | 1 +
security/nss/mach | 95 +-
security/nss/nss-tool/common/util.h | 2 +-
security/nss/nss-tool/db/dbtool.cc | 2 +-
security/nss/nss-tool/digest/digesttool.cc | 2 +-
security/nss/nss-tool/enc/enctool.h | 2 +-
security/nss/nss.gyp | 214 +-
security/nss/readme.md | 2 +-
security/nss/tests/all.sh | 7 +-
security/nss/tests/bogo/bogo.sh | 8 +-
.../nss/tests/cert/TestUser-rsa-pss-interop.p12 | Bin 0 -> 2598 bytes
security/nss/tests/cert/cert.sh | 103 +
security/nss/tests/chains/chains.sh | 26 +-
security/nss/tests/chains/scenarios/ipsec.cfg | 61 +
security/nss/tests/chains/scenarios/realcerts.cfg | 2 +-
security/nss/tests/chains/scenarios/scenarios | 1 +
security/nss/tests/common/certsetup.sh | 57 +
security/nss/tests/common/init.sh | 44 +-
security/nss/tests/interop/interop.sh | 44 +-
security/nss/tests/libpkix/certs/PayPalEE.cert | Bin 1376 -> 2012 bytes
security/nss/tests/libpkix/certs/PayPalICA.cert | Bin 1205 -> 1210 bytes
security/nss/tests/libpkix/vfychain_test.lst | 2 +-
security/nss/tests/policy/crypto-policy.txt | 19 +
security/nss/tests/policy/policy.sh | 58 +
security/nss/tests/ssl/ssl.sh | 291 +-
security/nss/tests/ssl/sslcov.txt | 5 +
security/nss/tests/ssl/sslstress.txt | 7 -
security/nss/tests/ssl_gtests/ssl_gtests.sh | 56 +-
security/nss/tests/tlsfuzzer/config.json.in | 166 +
security/nss/tests/tlsfuzzer/tlsfuzzer.sh | 110 +
575 files changed, 61728 insertions(+), 22948 deletions(-)
delete mode 100644 security/nss/TAG-INFO
delete mode 100644 security/nss/automation/clang-format/setup.sh
create mode 100644 security/nss/automation/taskcluster/docker-builds/Dockerfile
create mode 100644 security/nss/automation/taskcluster/docker-builds/bin/checkout.sh
delete mode 100644 security/nss/automation/taskcluster/docker-clang-3.9/Dockerfile
delete mode 100644 security/nss/automation/taskcluster/docker-clang-3.9/bin/checkout.sh
delete mode 100644 security/nss/automation/taskcluster/docker-clang-3.9/setup.sh
create mode 100644 security/nss/automation/taskcluster/docker-clang-format/Dockerfile
create mode 100644 security/nss/automation/taskcluster/docker-clang-format/bin/checkout.sh
delete mode 100644 security/nss/automation/taskcluster/docker-decision/setup.sh
delete mode 100644 security/nss/automation/taskcluster/docker-fuzz/setup.sh
create mode 100644 security/nss/automation/taskcluster/docker-fuzz32/Dockerfile
create mode 100644 security/nss/automation/taskcluster/docker-fuzz32/bin/checkout.sh
delete mode 100644 security/nss/automation/taskcluster/docker-gcc-4.4/setup.sh
create mode 100644 security/nss/automation/taskcluster/docker-interop/Dockerfile
create mode 100644 security/nss/automation/taskcluster/docker-interop/bin/checkout.sh
delete mode 100644 security/nss/automation/taskcluster/docker/setup.sh
delete mode 100644 security/nss/automation/taskcluster/windows/setup32.sh
delete mode 100644 security/nss/automation/taskcluster/windows/setup64.sh
create mode 100644 security/nss/cmd/fipstest/kas.sh
create mode 100644 security/nss/cmd/nss-policy-check/Makefile
create mode 100644 security/nss/cmd/nss-policy-check/manifest.mn
create mode 100644 security/nss/cmd/nss-policy-check/nss-policy-check.c
create mode 100644 security/nss/cmd/nss-policy-check/nss-policy-check.gyp
create mode 100644 security/nss/coreconf/msvc.sh
create mode 100644 security/nss/cpputil/nss_scoped_ptrs.h
delete mode 100644 security/nss/cpputil/scoped_ptrs.h
create mode 100644 security/nss/cpputil/scoped_ptrs_ssl.h
create mode 100644 security/nss/gtests/google_test/VERSION
delete mode 100644 security/nss/gtests/google_test/gtest/README
create mode 100644 security/nss/gtests/google_test/gtest/README.md
delete mode 100644 security/nss/gtests/google_test/gtest/build-aux/.keep
create mode 100644 security/nss/gtests/google_test/gtest/cmake/Config.cmake.in
create mode 100644 security/nss/gtests/google_test/gtest/cmake/gtest.pc.in
create mode 100644 security/nss/gtests/google_test/gtest/cmake/gtest_main.pc.in
create mode 100644 security/nss/gtests/google_test/gtest/docs/Pkgconfig.md
create mode 100644 security/nss/gtests/google_test/gtest/docs/PumpManual.md
create mode 100644 security/nss/gtests/google_test/gtest/docs/XcodeGuide.md
create mode 100644 security/nss/gtests/google_test/gtest/docs/advanced.md
create mode 100644 security/nss/gtests/google_test/gtest/docs/faq.md
create mode 100644 security/nss/gtests/google_test/gtest/docs/primer.md
create mode 100644 security/nss/gtests/google_test/gtest/docs/samples.md
create mode 100644 security/nss/gtests/google_test/gtest/include/gtest/internal/custom/README.md
create mode 100644 security/nss/gtests/google_test/gtest/include/gtest/internal/custom/gtest-port.h
create mode 100644 security/nss/gtests/google_test/gtest/include/gtest/internal/custom/gtest-printers.h
create mode 100644 security/nss/gtests/google_test/gtest/include/gtest/internal/custom/gtest.h
create mode 100644 security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-port-arch.h
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest-md.sln
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest-md.vcxproj
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest-md.vcxproj.filters
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest.sln
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest.vcxproj
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest.vcxproj.filters
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest_main-md.vcxproj
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest_main-md.vcxproj.filters
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest_main.vcxproj
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest_main.vcxproj.filters
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test-md.vcxproj
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test-md.vcxproj.filters
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test.vcxproj
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test.vcxproj.filters
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest-md.vcxproj
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest-md.vcxproj.filters
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest.vcxproj
create mode 100644 security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest.vcxproj.filters
delete mode 100644 security/nss/gtests/google_test/gtest/msvc/gtest-md.sln
delete mode 100644 security/nss/gtests/google_test/gtest/msvc/gtest-md.vcproj
delete mode 100644 security/nss/gtests/google_test/gtest/msvc/gtest.sln
delete mode 100644 security/nss/gtests/google_test/gtest/msvc/gtest.vcproj
delete mode 100644 security/nss/gtests/google_test/gtest/msvc/gtest_main-md.vcproj
delete mode 100644 security/nss/gtests/google_test/gtest/msvc/gtest_main.vcproj
delete mode 100644 security/nss/gtests/google_test/gtest/msvc/gtest_prod_test-md.vcproj
delete mode 100644 security/nss/gtests/google_test/gtest/msvc/gtest_prod_test.vcproj
delete mode 100644 security/nss/gtests/google_test/gtest/msvc/gtest_unittest-md.vcproj
delete mode 100644 security/nss/gtests/google_test/gtest/msvc/gtest_unittest.vcproj
create mode 100644 security/nss/gtests/google_test/gtest/test/BUILD.bazel
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-break-on-failure-unittest.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-break-on-failure-unittest_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-catch-exceptions-test.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-catch-exceptions-test_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-color-test.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-color-test_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-death-test-test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-death-test_ex_test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-env-var-test.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-env-var-test_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-filepath-test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-filter-unittest.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-filter-unittest_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-json-outfiles-test.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-json-output-unittest.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-linked-ptr-test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-list-tests-unittest.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-list-tests-unittest_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-listener-test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-message-test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-options-test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-output-test-golden-lin.txt
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-output-test.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-output-test_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name1-test.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name1-test_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name2-test.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name2-test_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-param-test-test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-param-test-test.h
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-param-test2-test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-port-test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-printers-test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-shuffle-test.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-shuffle-test_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-test-part-test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-test2_test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-throw-on-failure-test.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-throw-on-failure-test_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-tuple-test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-uninitialized-test.py
create mode 100644 security/nss/gtests/google_test/gtest/test/googletest-uninitialized-test_.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-death-test_ex_test.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-death-test_test.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-filepath_test.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-linked_ptr_test.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-listener_test.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-message_test.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-options_test.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-param-test2_test.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-param-test_test.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-param-test_test.h
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-port_test.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-printers_test.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-test-part_test.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest-tuple_test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/gtest_assert_by_exception_test.cc
delete mode 100755 security/nss/gtests/google_test/gtest/test/gtest_break_on_failure_unittest.py
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest_break_on_failure_unittest_.cc
delete mode 100755 security/nss/gtests/google_test/gtest/test/gtest_catch_exceptions_test.py
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest_catch_exceptions_test_.cc
delete mode 100755 security/nss/gtests/google_test/gtest/test/gtest_color_test.py
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest_color_test_.cc
delete mode 100755 security/nss/gtests/google_test/gtest/test/gtest_env_var_test.py
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest_env_var_test_.cc
delete mode 100755 security/nss/gtests/google_test/gtest/test/gtest_filter_unittest.py
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest_filter_unittest_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/gtest_json_test_utils.py
create mode 100644 security/nss/gtests/google_test/gtest/test/gtest_list_output_unittest.py
create mode 100644 security/nss/gtests/google_test/gtest/test/gtest_list_output_unittest_.cc
delete mode 100755 security/nss/gtests/google_test/gtest/test/gtest_list_tests_unittest.py
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest_list_tests_unittest_.cc
delete mode 100755 security/nss/gtests/google_test/gtest/test/gtest_output_test.py
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest_output_test_.cc
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest_output_test_golden_lin.txt
delete mode 100755 security/nss/gtests/google_test/gtest/test/gtest_shuffle_test.py
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest_shuffle_test_.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/gtest_test_macro_stack_footprint_test.cc
create mode 100644 security/nss/gtests/google_test/gtest/test/gtest_testbridge_test.py
create mode 100644 security/nss/gtests/google_test/gtest/test/gtest_testbridge_test_.cc
delete mode 100755 security/nss/gtests/google_test/gtest/test/gtest_throw_on_failure_test.py
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest_throw_on_failure_test_.cc
delete mode 100755 security/nss/gtests/google_test/gtest/test/gtest_uninitialized_test.py
delete mode 100644 security/nss/gtests/google_test/gtest/test/gtest_uninitialized_test_.cc
create mode 100644 security/nss/gtests/google_test/update.sh
create mode 100644 security/nss/gtests/mozpkix_gtest/README.txt
create mode 100644 security/nss/gtests/mozpkix_gtest/mozpkix_gtest.gyp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixbuild_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixcert_extension_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixcert_signature_algorithm_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixcheck_CheckIssuer_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixcheck_CheckKeyUsage_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixcheck_CheckValidity_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixcheck_ParseValidity_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixder_input_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixder_pki_types_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixder_universal_types_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixgtest.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixgtest.h
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixnames_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp
create mode 100644 security/nss/gtests/mozpkix_gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp
create mode 100644 security/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc
create mode 100644 security/nss/gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc
create mode 100644 security/nss/gtests/ssl_gtest/tls_esni_unittest.cc
create mode 100644 security/nss/lib/mozpkix/.clang-format
create mode 100644 security/nss/lib/mozpkix/exports.gyp
create mode 100644 security/nss/lib/mozpkix/include/pkix-test/pkixtestnss.h
create mode 100644 security/nss/lib/mozpkix/include/pkix-test/pkixtestutil.h
create mode 100644 security/nss/lib/mozpkix/include/pkix/Input.h
create mode 100644 security/nss/lib/mozpkix/include/pkix/Result.h
create mode 100644 security/nss/lib/mozpkix/include/pkix/Time.h
create mode 100644 security/nss/lib/mozpkix/include/pkix/pkix.h
create mode 100644 security/nss/lib/mozpkix/include/pkix/pkixcheck.h
create mode 100644 security/nss/lib/mozpkix/include/pkix/pkixder.h
create mode 100644 security/nss/lib/mozpkix/include/pkix/pkixnss.h
create mode 100644 security/nss/lib/mozpkix/include/pkix/pkixtypes.h
create mode 100644 security/nss/lib/mozpkix/include/pkix/pkixutil.h
create mode 100644 security/nss/lib/mozpkix/lib/pkixbuild.cpp
create mode 100644 security/nss/lib/mozpkix/lib/pkixcert.cpp
create mode 100644 security/nss/lib/mozpkix/lib/pkixcheck.cpp
create mode 100644 security/nss/lib/mozpkix/lib/pkixder.cpp
create mode 100644 security/nss/lib/mozpkix/lib/pkixnames.cpp
create mode 100644 security/nss/lib/mozpkix/lib/pkixnss.cpp
create mode 100644 security/nss/lib/mozpkix/lib/pkixocsp.cpp
create mode 100644 security/nss/lib/mozpkix/lib/pkixresult.cpp
create mode 100644 security/nss/lib/mozpkix/lib/pkixtime.cpp
create mode 100644 security/nss/lib/mozpkix/lib/pkixverify.cpp
create mode 100644 security/nss/lib/mozpkix/mozpkix.gyp
create mode 100644 security/nss/lib/mozpkix/test-lib/pkixtestalg.cpp
create mode 100644 security/nss/lib/mozpkix/test-lib/pkixtestnss.cpp
create mode 100644 security/nss/lib/mozpkix/test-lib/pkixtestutil.cpp
create mode 100644 security/nss/lib/mozpkix/tools/DottedOIDToCode.py
create mode 100644 security/nss/lib/ssl/tls13esni.c
create mode 100644 security/nss/lib/ssl/tls13esni.h
create mode 100644 security/nss/tests/cert/TestUser-rsa-pss-interop.p12
create mode 100644 security/nss/tests/chains/scenarios/ipsec.cfg
create mode 100644 security/nss/tests/common/certsetup.sh
create mode 100644 security/nss/tests/policy/crypto-policy.txt
create mode 100644 security/nss/tests/policy/policy.sh
create mode 100644 security/nss/tests/tlsfuzzer/config.json.in
create mode 100644 security/nss/tests/tlsfuzzer/tlsfuzzer.sh
(limited to 'security')
diff --git a/security/nss/TAG-INFO b/security/nss/TAG-INFO
deleted file mode 100644
index a004fa449..000000000
--- a/security/nss/TAG-INFO
+++ /dev/null
@@ -1 +0,0 @@
-NSS_3_38_RTM
diff --git a/security/nss/automation/abi-check/expected-report-libnss3.so.txt b/security/nss/automation/abi-check/expected-report-libnss3.so.txt
index e69de29bb..fa6e67412 100644
--- a/security/nss/automation/abi-check/expected-report-libnss3.so.txt
+++ b/security/nss/automation/abi-check/expected-report-libnss3.so.txt
@@ -0,0 +1,18 @@
+
+1 function with some indirect sub-type change:
+
+ [C]'function SECStatus CERT_AddOCSPAcceptableResponses(CERTOCSPRequest*, SECOidTag, ...)' at ocsp.c:2203:1 has some indirect sub-type changes:
+ parameter 2 of type 'typedef SECOidTag' has sub-type changes:
+ underlying type 'enum __anonymous_enum__' at secoidt.h:34:1 changed:
+ type size hasn't changed
+ 4 enumerator insertions:
+ '__anonymous_enum__::SEC_OID_X509_ANY_EXT_KEY_USAGE' value '357'
+ '__anonymous_enum__::SEC_OID_EXT_KEY_USAGE_IPSEC_IKE' value '358'
+ '__anonymous_enum__::SEC_OID_IPSEC_IKE_END' value '359'
+ '__anonymous_enum__::SEC_OID_IPSEC_IKE_INTERMEDIATE' value '360'
+
+ 1 enumerator change:
+ '__anonymous_enum__::SEC_OID_TOTAL' from value '357' to '361' at secoidt.h:34:1
+
+
+
diff --git a/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt b/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt
index efc7d6d67..971365c68 100644
--- a/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt
+++ b/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt
@@ -1,4 +1,18 @@
-1 Added function:
+1 function with some indirect sub-type change:
+
+ [C]'function SECStatus NSS_GetAlgorithmPolicy(SECOidTag, PRUint32*)' at secoid.c:2217:1 has some indirect sub-type changes:
+ parameter 1 of type 'typedef SECOidTag' has sub-type changes:
+ underlying type 'enum __anonymous_enum__' at secoidt.h:34:1 changed:
+ type size hasn't changed
+ 4 enumerator insertions:
+ '__anonymous_enum__::SEC_OID_X509_ANY_EXT_KEY_USAGE' value '357'
+ '__anonymous_enum__::SEC_OID_EXT_KEY_USAGE_IPSEC_IKE' value '358'
+ '__anonymous_enum__::SEC_OID_IPSEC_IKE_END' value '359'
+ '__anonymous_enum__::SEC_OID_IPSEC_IKE_INTERMEDIATE' value '360'
+
+ 1 enumerator change:
+ '__anonymous_enum__::SEC_OID_TOTAL' from value '357' to '361' at secoidt.h:34:1
+
+
- 'function SECStatus SECITEM_MakeItem(PLArenaPool*, SECItem*, unsigned char*, unsigned int)' {SECITEM_MakeItem@@NSSUTIL_3.38}
diff --git a/security/nss/automation/abi-check/expected-report-libsmime3.so.txt b/security/nss/automation/abi-check/expected-report-libsmime3.so.txt
index e69de29bb..f4870feec 100644
--- a/security/nss/automation/abi-check/expected-report-libsmime3.so.txt
+++ b/security/nss/automation/abi-check/expected-report-libsmime3.so.txt
@@ -0,0 +1,48 @@
+
+1 function with some indirect sub-type change:
+
+ [C]'function PK11SymKey* NSS_CMSContentInfo_GetBulkKey(NSSCMSContentInfo*)' at cmscinfo.c:363:1 has some indirect sub-type changes:
+ parameter 1 of type 'NSSCMSContentInfo*' has sub-type changes:
+ in pointed to type 'typedef NSSCMSContentInfo' at cmst.h:54:1:
+ underlying type 'struct NSSCMSContentInfoStr' at cmst.h:126:1 changed:
+ type size hasn't changed
+ 1 data member changes (2 filtered):
+ type of 'NSSCMSContent NSSCMSContentInfoStr::content' changed:
+ underlying type 'union NSSCMSContentUnion' at cmst.h:113:1 changed:
+ type size hasn't changed
+ 1 data member changes (3 filtered):
+ type of 'NSSCMSEncryptedData* NSSCMSContentUnion::encryptedData' changed:
+ in pointed to type 'typedef NSSCMSEncryptedData' at cmst.h:65:1:
+ underlying type 'struct NSSCMSEncryptedDataStr' at cmst.h:463:1 changed:
+ type size hasn't changed
+ 1 data member changes (1 filtered):
+ type of 'NSSCMSAttribute** NSSCMSEncryptedDataStr::unprotectedAttr' changed:
+ in pointed to type 'NSSCMSAttribute*':
+ in pointed to type 'typedef NSSCMSAttribute' at cmst.h:69:1:
+ underlying type 'struct NSSCMSAttributeStr' at cmst.h:482:1 changed:
+ type size hasn't changed
+ 1 data member change:
+ type of 'SECOidData* NSSCMSAttributeStr::typeTag' changed:
+ in pointed to type 'typedef SECOidData' at secoidt.h:16:1:
+ underlying type 'struct SECOidDataStr' at secoidt.h:513:1 changed:
+ type size hasn't changed
+ 1 data member change:
+ type of 'SECOidTag SECOidDataStr::offset' changed:
+ underlying type 'enum __anonymous_enum__' at secoidt.h:34:1 changed:
+ type size hasn't changed
+ 4 enumerator insertions:
+ '__anonymous_enum__::SEC_OID_X509_ANY_EXT_KEY_USAGE' value '357'
+ '__anonymous_enum__::SEC_OID_EXT_KEY_USAGE_IPSEC_IKE' value '358'
+ '__anonymous_enum__::SEC_OID_IPSEC_IKE_END' value '359'
+ '__anonymous_enum__::SEC_OID_IPSEC_IKE_INTERMEDIATE' value '360'
+
+ 1 enumerator change:
+ '__anonymous_enum__::SEC_OID_TOTAL' from value '357' to '361' at secoidt.h:34:1
+
+
+
+
+
+
+
+
diff --git a/security/nss/automation/abi-check/previous-nss-release b/security/nss/automation/abi-check/previous-nss-release
index c52061e7e..13a0361e3 100644
--- a/security/nss/automation/abi-check/previous-nss-release
+++ b/security/nss/automation/abi-check/previous-nss-release
@@ -1 +1 @@
-NSS_3_37_BRANCH
+NSS_3_40_BRANCH
diff --git a/security/nss/automation/clang-format/Dockerfile b/security/nss/automation/clang-format/Dockerfile
index 163c9b8fa..e74dac09f 100644
--- a/security/nss/automation/clang-format/Dockerfile
+++ b/security/nss/automation/clang-format/Dockerfile
@@ -1,26 +1,35 @@
-FROM ubuntu:16.04
-MAINTAINER Franziskus Kiefer <franziskuskiefer@gmail.com>
+# Minimal image with clang-format 3.9.
+FROM ubuntu:18.04
+LABEL maintainer="Martin Thomson <martin.thomson@gmail.com>"
-RUN useradd -d /home/worker -s /bin/bash -m worker
-WORKDIR /home/worker
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+ ca-certificates \
+ clang-format-3.9 \
+ locales \
+ mercurial \
+ && rm -rf /var/lib/apt/lists/* \
+ && apt-get autoremove -y && apt-get clean -y
-# Install dependencies.
-ADD setup.sh /tmp/setup.sh
-RUN bash /tmp/setup.sh
+RUN update-alternatives --install /usr/bin/clang-format \
+ clang-format $(which clang-format-3.9) 10
-# Change user.
-USER worker
-
-# Env variables.
-ENV HOME /home/worker
ENV SHELL /bin/bash
ENV USER worker
-ENV LOGNAME worker
+ENV LOGNAME $USER
+ENV HOME /home/$USER
ENV HOSTNAME taskcluster-worker
ENV LANG en_US.UTF-8
-ENV LC_ALL en_US.UTF-8
+ENV LC_ALL $LANG
ENV HOST localhost
ENV DOMSUF localdomain
-# Entrypoint.
+RUN locale-gen $LANG \
+ && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales
+
+RUN useradd -d $HOME -s $SHELL -m $USER
+WORKDIR $HOME
+USER $USER
+
+# Entrypoint - which only works if /home/worker/nss is mounted.
ENTRYPOINT ["/home/worker/nss/automation/clang-format/run_clang_format.sh"]
diff --git a/security/nss/automation/clang-format/setup.sh b/security/nss/automation/clang-format/setup.sh
deleted file mode 100644
index beac9e905..000000000
--- a/security/nss/automation/clang-format/setup.sh
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/usr/bin/env bash
-
-set -v -e -x
-
-# Update packages.
-export DEBIAN_FRONTEND=noninteractive
-apt-get -y update && apt-get -y upgrade
-
-# Install packages.
-apt_packages=()
-apt_packages+=('ca-certificates')
-apt_packages+=('curl')
-apt_packages+=('xz-utils')
-apt_packages+=('mercurial')
-apt_packages+=('git')
-apt_packages+=('locales')
-apt-get install -y --no-install-recommends ${apt_packages[@]}
-
-# Download clang.
-curl -L https://releases.llvm.org/3.9.1/clang+llvm-3.9.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz -o clang.tar.xz
-curl -L https://releases.llvm.org/3.9.1/clang+llvm-3.9.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz.sig -o clang.tar.xz.sig
-# Verify the signature.
-gpg --keyserver pool.sks-keyservers.net --recv-keys B6C8F98282B944E3B0D5C2530FC3042E345AD05D
-gpg --verify clang.tar.xz.sig
-# Install into /usr/local/.
-tar xJvf *.tar.xz -C /usr/local --strip-components=1
-
-# Cleanup.
-function cleanup() {
- rm -f clang.tar.xz clang.tar.xz.sig
-}
-trap cleanup ERR EXIT
-
-locale-gen en_US.UTF-8
-dpkg-reconfigure locales
-
-# Cleanup.
-rm -rf ~/.ccache ~/.cache
-apt-get autoremove -y
-apt-get clean
-apt-get autoclean
-
-# We're done. Remove this script.
-rm $0
diff --git a/security/nss/automation/release/nspr-version.txt b/security/nss/automation/release/nspr-version.txt
index 701680d2c..102def16d 100644
--- a/security/nss/automation/release/nspr-version.txt
+++ b/security/nss/automation/release/nspr-version.txt
@@ -1,4 +1,4 @@
-4.19
+4.20
# The first line of this file must contain the human readable NSPR
# version number, which is the minimum required version of NSPR
diff --git a/security/nss/automation/taskcluster/docker-aarch64/Dockerfile b/security/nss/automation/taskcluster/docker-aarch64/Dockerfile
index 2d7ade357..aca173cd0 100644
--- a/security/nss/automation/taskcluster/docker-aarch64/Dockerfile
+++ b/security/nss/automation/taskcluster/docker-aarch64/Dockerfile
@@ -20,7 +20,6 @@ ENV HOME /home/worker
ENV SHELL /bin/bash
ENV USER worker
ENV LOGNAME worker
-ENV HOSTNAME taskcluster-worker
ENV LANG en_US.UTF-8
ENV LC_ALL en_US.UTF-8
ENV HOST localhost
diff --git a/security/nss/automation/taskcluster/docker-arm/Dockerfile b/security/nss/automation/taskcluster/docker-arm/Dockerfile
index 9a7e50201..5b8cfca20 100644
--- a/security/nss/automation/taskcluster/docker-arm/Dockerfile
+++ b/security/nss/automation/taskcluster/docker-arm/Dockerfile
@@ -17,7 +17,6 @@ ENV HOME /home/worker
ENV SHELL /bin/bash
ENV USER worker
ENV LOGNAME worker
-ENV HOSTNAME taskcluster-worker
ENV LANG en_US.UTF-8
ENV LC_ALL en_US.UTF-8
ENV HOST localhost
diff --git a/security/nss/automation/taskcluster/docker-builds/Dockerfile b/security/nss/automation/taskcluster/docker-builds/Dockerfile
new file mode 100644
index 000000000..9f0bb2034
--- /dev/null
+++ b/security/nss/automation/taskcluster/docker-builds/Dockerfile
@@ -0,0 +1,75 @@
+# Dockerfile for building extra builds. This includes more tools than the
+# default image, so it's a fair bit bigger. Only use this for builds where
+# the smaller docker image is missing something. These builds will run on
+# the leaner configuration.
+FROM ubuntu:18.04
+LABEL maintainer="Martin Thomson <martin.thomson@gmail.com>"
+
+RUN dpkg --add-architecture i386
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+ build-essential \
+ ca-certificates \
+ clang-4.0 \
+ clang \
+ cmake \
+ curl \
+ g++-4.8-multilib \
+ g++-5-multilib \
+ g++-6-multilib \
+ g++-multilib \
+ git \
+ gyp \
+ libelf-dev \
+ libdw-dev \
+ libssl-dev \
+ libssl-dev:i386 \
+ libxml2-utils \
+ lib32z1-dev \
+ linux-libc-dev:i386 \
+ llvm-dev \
+ locales \
+ mercurial \
+ ninja-build \
+ pkg-config \
+ valgrind \
+ zlib1g-dev \
+ && rm -rf /var/lib/apt/lists/* \
+ && apt-get autoremove -y && apt-get clean -y
+
+# Latest version of abigail-tools
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends automake libtool libxml2-dev \
+ && git clone git://sourceware.org/git/libabigail.git /tmp/libabigail \
+ && cd /tmp/libabigail \
+ && autoreconf -fi \
+ && ./configure --prefix=/usr --disable-static --disable-apidoc --disable-manual \
+ && make && make install \
+ && rm -rf /tmp/libabigail \
+ && apt-get remove -y automake libtool libxml2-dev \
+ && rm -rf /var/lib/apt/lists/* \
+ && apt-get autoremove -y && apt-get clean -y
+
+ENV SHELL /bin/bash
+ENV USER worker
+ENV LOGNAME $USER
+ENV HOME /home/$USER
+ENV LANG en_US.UTF-8
+ENV LC_ALL $LANG
+ENV HOST localhost
+ENV DOMSUF localdomain
+
+RUN locale-gen $LANG \
+ && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales
+
+RUN useradd -d $HOME -s $SHELL -m $USER
+WORKDIR $HOME
+
+# Add build and test scripts.
+ADD bin $HOME/bin
+RUN chmod +x $HOME/bin/*
+
+USER $USER
+
+# Set a default command for debugging.
+CMD ["/bin/bash", "--login"]
diff --git a/security/nss/automation/taskcluster/docker-builds/bin/checkout.sh b/security/nss/automation/taskcluster/docker-builds/bin/checkout.sh
new file mode 100644
index 000000000..9167f6bda
--- /dev/null
+++ b/security/nss/automation/taskcluster/docker-builds/bin/checkout.sh
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+set -v -e -x
+
+if [ $(id -u) = 0 ]; then
+ # Drop privileges by re-running this script.
+ exec su worker $0
+fi
+
+# Default values for testing.
+REVISION=${NSS_HEAD_REVISION:-default}
+REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss}
+
+# Clone NSS.
+for i in 0 2 5; do
+ sleep $i
+ hg clone -r $REVISION $REPOSITORY nss && exit 0
+ rm -rf nss
+done
+exit 1
diff --git a/security/nss/automation/taskcluster/docker-clang-3.9/Dockerfile b/security/nss/automation/taskcluster/docker-clang-3.9/Dockerfile
deleted file mode 100644
index 473ce64ba..000000000
--- a/security/nss/automation/taskcluster/docker-clang-3.9/Dockerfile
+++ /dev/null
@@ -1,30 +0,0 @@
-FROM ubuntu:16.04
-MAINTAINER Tim Taubert <ttaubert@mozilla.com>
-
-RUN useradd -d /home/worker -s /bin/bash -m worker
-WORKDIR /home/worker
-
-# Add build and test scripts.
-ADD bin /home/worker/bin
-RUN chmod +x /home/worker/bin/*
-
-# Install dependencies.
-ADD setup.sh /tmp/setup.sh
-RUN bash /tmp/setup.sh
-
-# Change user.
-USER worker
-
-# Env variables.
-ENV HOME /home/worker
-ENV SHELL /bin/bash
-ENV USER worker
-ENV LOGNAME worker
-ENV HOSTNAME taskcluster-worker
-ENV LANG en_US.UTF-8
-ENV LC_ALL en_US.UTF-8
-ENV HOST localhost
-ENV DOMSUF localdomain
-
-# Set a default command for debugging.
-CMD ["/bin/bash", "--login"]
diff --git a/security/nss/automation/taskcluster/docker-clang-3.9/bin/checkout.sh b/security/nss/automation/taskcluster/docker-clang-3.9/bin/checkout.sh
deleted file mode 100644
index 9167f6bda..000000000
--- a/security/nss/automation/taskcluster/docker-clang-3.9/bin/checkout.sh
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/usr/bin/env bash
-
-set -v -e -x
-
-if [ $(id -u) = 0 ]; then
- # Drop privileges by re-running this script.
- exec su worker $0
-fi
-
-# Default values for testing.
-REVISION=${NSS_HEAD_REVISION:-default}
-REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss}
-
-# Clone NSS.
-for i in 0 2 5; do
- sleep $i
- hg clone -r $REVISION $REPOSITORY nss && exit 0
- rm -rf nss
-done
-exit 1
diff --git a/security/nss/automation/taskcluster/docker-clang-3.9/setup.sh b/security/nss/automation/taskcluster/docker-clang-3.9/setup.sh
deleted file mode 100644
index 3076667a6..000000000
--- a/security/nss/automation/taskcluster/docker-clang-3.9/setup.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/usr/bin/env bash
-
-set -v -e -x
-
-# Update packages.
-export DEBIAN_FRONTEND=noninteractive
-apt-get -y update && apt-get -y upgrade
-
-# Need this to add keys for PPAs below.
-apt-get install -y --no-install-recommends apt-utils
-
-apt_packages=()
-apt_packages+=('ca-certificates')
-apt_packages+=('curl')
-apt_packages+=('locales')
-apt_packages+=('xz-utils')
-
-# Latest Mercurial.
-apt_packages+=('mercurial')
-apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE
-echo "deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main" > /etc/apt/sources.list.d/mercurial.list
-
-# Install packages.
-apt-get -y update
-apt-get install -y --no-install-recommends ${apt_packages[@]}
-
-# Download clang.
-curl -LO https://releases.llvm.org/3.9.1/clang+llvm-3.9.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz
-curl -LO https://releases.llvm.org/3.9.1/clang+llvm-3.9.1-x86_64-linux-gnu-ubuntu-16.04.tar.xz.sig
-# Verify the signature.
-gpg --keyserver pool.sks-keyservers.net --recv-keys B6C8F98282B944E3B0D5C2530FC3042E345AD05D
-gpg --verify *.tar.xz.sig
-# Install into /usr/local/.
-tar xJvf *.tar.xz -C /usr/local --strip-components=1
-# Cleanup.
-rm *.tar.xz*
-
-locale-gen en_US.UTF-8
-dpkg-reconfigure locales
-
-# Cleanup.
-rm -rf ~/.ccache ~/.cache
-apt-get autoremove -y
-apt-get clean
-apt-get autoclean
-rm $0
diff --git a/security/nss/automation/taskcluster/docker-clang-format/Dockerfile b/security/nss/automation/taskcluster/docker-clang-format/Dockerfile
new file mode 100644
index 000000000..c9f8b8b0e
--- /dev/null
+++ b/security/nss/automation/taskcluster/docker-clang-format/Dockerfile
@@ -0,0 +1,38 @@
+# Minimal image with clang-format 3.9.
+FROM ubuntu:18.04
+LABEL maintainer="Martin Thomson <martin.thomson@gmail.com>"
+
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+ ca-certificates \
+ clang-format-3.9 \
+ locales \
+ mercurial \
+ && rm -rf /var/lib/apt/lists/* \
+ && apt-get autoremove -y && apt-get clean -y
+
+RUN update-alternatives --install /usr/bin/clang-format \
+ clang-format $(which clang-format-3.9) 10
+
+ENV SHELL /bin/bash
+ENV USER worker
+ENV LOGNAME $USER
+ENV HOME /home/$USER
+ENV LANG en_US.UTF-8
+ENV LC_ALL $LANG
+ENV HOST localhost
+ENV DOMSUF localdomain
+
+RUN locale-gen $LANG \
+ && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales
+
+RUN useradd -d $HOME -s $SHELL -m $USER
+WORKDIR $HOME
+
+ADD bin $HOME/bin
+RUN chmod +x $HOME/bin/*
+
+USER $USER
+
+# Set a default command for debugging.
+CMD ["/bin/bash", "--login"]
diff --git a/security/nss/automation/taskcluster/docker-clang-format/bin/checkout.sh b/security/nss/automation/taskcluster/docker-clang-format/bin/checkout.sh
new file mode 100644
index 000000000..9167f6bda
--- /dev/null
+++ b/security/nss/automation/taskcluster/docker-clang-format/bin/checkout.sh
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+set -v -e -x
+
+if [ $(id -u) = 0 ]; then
+ # Drop privileges by re-running this script.
+ exec su worker $0
+fi
+
+# Default values for testing.
+REVISION=${NSS_HEAD_REVISION:-default}
+REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss}
+
+# Clone NSS.
+for i in 0 2 5; do
+ sleep $i
+ hg clone -r $REVISION $REPOSITORY nss && exit 0
+ rm -rf nss
+done
+exit 1
diff --git a/security/nss/automation/taskcluster/docker-decision/Dockerfile b/security/nss/automation/taskcluster/docker-decision/Dockerfile
index 473ce64ba..e0a31641e 100644
--- a/security/nss/automation/taskcluster/docker-decision/Dockerfile
+++ b/security/nss/automation/taskcluster/docker-decision/Dockerfile
@@ -1,30 +1,37 @@
-FROM ubuntu:16.04
-MAINTAINER Tim Taubert <ttaubert@mozilla.com>
+# Minimal image for running the decision task.
+FROM ubuntu:18.04
+LABEL maintainer="Martin Thomson <martin.thomson@gmail.com>"
-RUN useradd -d /home/worker -s /bin/bash -m worker
-WORKDIR /home/worker
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+ ca-certificates \
+ curl \
+ locales \
+ mercurial \
+ nodejs \
+ && rm -rf /var/lib/apt/lists/* \
+ && apt-get autoremove -y && apt-get clean -y
-# Add build and test scripts.
-ADD bin /home/worker/bin
-RUN chmod +x /home/worker/bin/*
-
-# Install dependencies.
-ADD setup.sh /tmp/setup.sh
-RUN bash /tmp/setup.sh
-
-# Change user.
-USER worker
-
-# Env variables.
-ENV HOME /home/worker
ENV SHELL /bin/bash
ENV USER worker
-ENV LOGNAME worker
-ENV HOSTNAME taskcluster-worker
+ENV LOGNAME $USER
+ENV HOME /home/$USER
ENV LANG en_US.UTF-8
-ENV LC_ALL en_US.UTF-8
+ENV LC_ALL $LANG
ENV HOST localhost
ENV DOMSUF localdomain
+RUN locale-gen $LANG \
+ && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales
+
+RUN useradd -d $HOME -s $SHELL -m $USER
+WORKDIR $HOME
+
+# Add build and test scripts.
+ADD bin $HOME/bin
+RUN chmod +x $HOME/bin/*
+
+USER $USER
+
# Set a default command for debugging.
CMD ["/bin/bash", "--login"]
diff --git a/security/nss/automation/taskcluster/docker-decision/setup.sh b/security/nss/automation/taskcluster/docker-decision/setup.sh
deleted file mode 100644
index 51938529c..000000000
--- a/security/nss/automation/taskcluster/docker-decision/setup.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env bash
-
-set -v -e -x
-
-# Update packages.
-export DEBIAN_FRONTEND=noninteractive
-apt-get -y update && apt-get -y upgrade
-
-# Need those to install newer packages below.
-apt-get install -y --no-install-recommends apt-utils curl ca-certificates locales
-
-# Latest Mercurial.
-apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE
-echo "deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main" > /etc/apt/sources.list.d/mercurial.list
-
-# Install packages.
-apt-get -y update && apt-get install -y --no-install-recommends mercurial
-
-# Latest Node.JS.
-curl -sL https://deb.nodesource.com/setup_6.x | bash -
-apt-get install -y --no-install-recommends nodejs
-
-locale-gen en_US.UTF-8
-dpkg-reconfigure locales
-
-# Cleanup.
-rm -rf ~/.ccache ~/.cache
-apt-get autoremove -y
-apt-get clean
-apt-get autoclean
-rm $0
diff --git a/security/nss/automation/taskcluster/docker-fuzz/Dockerfile b/security/nss/automation/taskcluster/docker-fuzz/Dockerfile
index 254f166c8..24f939946 100644
--- a/security/nss/automation/taskcluster/docker-fuzz/Dockerfile
+++ b/security/nss/automation/taskcluster/docker-fuzz/Dockerfile
@@ -1,33 +1,59 @@
-FROM ubuntu:16.04
-MAINTAINER Tim Taubert <ttaubert@mozilla.com>
+# Dockerfile for running fuzzing tests.
+#
+# Note that when running this, you need to add `--cap-add SYS_PTRACE` to the
+# docker invocation or ASAN won't work.
+# On taskcluster use `features: ["allowPtrace"]`.
+# See https://github.com/google/sanitizers/issues/764#issuecomment-276700920
+FROM ubuntu:18.04
+LABEL maintainer="Martin Thomson <martin.thomson@gmail.com>"
-RUN useradd -d /home/worker -s /bin/bash -m worker
-WORKDIR /home/worker
+RUN dpkg --add-architecture i386
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+ build-essential \
+ ca-certificates \
+ clang \
+ clang-tools \
+ curl \
+ g++-multilib \
+ git \
+ gyp \
+ libssl-dev \
+ libssl-dev:i386 \
+ libxml2-utils \
+ lib32z1-dev \
+ linux-libc-dev:i386 \
+ llvm-dev \
+ locales \
+ mercurial \
+ ninja-build \
+ pkg-config \
+ valgrind \
+ zlib1g-dev \
+ && rm -rf /var/lib/apt/lists/* \
+ && apt-get autoremove -y && apt-get clean -y
-# Add build and test scripts.
-ADD bin /home/worker/bin
-RUN chmod +x /home/worker/bin/*
-
-# Install dependencies.
-ADD setup.sh /tmp/setup.sh
-RUN bash /tmp/setup.sh
-
-# Change user.
-USER worker
-
-# Env variables.
-ENV HOME /home/worker
ENV SHELL /bin/bash
ENV USER worker
-ENV LOGNAME worker
-ENV HOSTNAME taskcluster-worker
+ENV LOGNAME $USER
+ENV HOME /home/$USER
ENV LANG en_US.UTF-8
-ENV LC_ALL en_US.UTF-8
+ENV LC_ALL $LANG
ENV HOST localhost
ENV DOMSUF localdomain
-# LLVM 4.0
-ENV PATH "${PATH}:/home/worker/third_party/llvm-build/Release+Asserts/bin/"
+RUN locale-gen $LANG \
+ && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales
+
+RUN useradd -d $HOME -s $SHELL -m $USER
+WORKDIR $HOME
+
+# Add build and test scripts.
+ADD bin $HOME/bin
+RUN chmod +x $HOME/bin/*
+
+# Change user.
+USER $USER
# Set a default command for debugging.
CMD ["/bin/bash", "--login"]
diff --git a/security/nss/automation/taskcluster/docker-fuzz/setup.sh b/security/nss/automation/taskcluster/docker-fuzz/setup.sh
deleted file mode 100644
index fcb72346e..000000000
--- a/security/nss/automation/taskcluster/docker-fuzz/setup.sh
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/usr/bin/env bash
-
-set -v -e -x
-
-# Update packages.
-export DEBIAN_FRONTEND=noninteractive
-apt-get -y update && apt-get -y upgrade
-
-# Need this to add keys for PPAs below.
-apt-get install -y --no-install-recommends apt-utils
-
-apt_packages=()
-apt_packages+=('build-essential')
-apt_packages+=('ca-certificates')
-apt_packages+=('curl')
-apt_packages+=('git')
-apt_packages+=('gyp')
-apt_packages+=('libssl-dev')
-apt_packages+=('libxml2-utils')
-apt_packages+=('locales')
-apt_packages+=('ninja-build')
-apt_packages+=('pkg-config')
-apt_packages+=('zlib1g-dev')
-
-# 32-bit builds
-apt_packages+=('gcc-multilib')
-apt_packages+=('g++-multilib')
-
-# Latest Mercurial.
-apt_packages+=('mercurial')
-apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE
-echo "deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main" > /etc/apt/sources.list.d/mercurial.list
-
-# Install packages.
-apt-get -y update
-apt-get install -y --no-install-recommends ${apt_packages[@]}
-
-# 32-bit builds
-dpkg --add-architecture i386
-apt-get -y update
-apt-get install -y --no-install-recommends libssl-dev:i386
-
-# Install LLVM/clang-4.0.
-mkdir clang-tmp
-git clone -n --depth 1 https://chromium.googlesource.com/chromium/src/tools/clang clang-tmp/clang
-git -C clang-tmp/clang checkout HEAD scripts/update.py
-clang-tmp/clang/scripts/update.py
-rm -fr clang-tmp
-
-locale-gen en_US.UTF-8
-dpkg-reconfigure locales
-
-# Cleanup.
-rm -rf ~/.ccache ~/.cache
-apt-get autoremove -y
-apt-get clean
-apt-get autoclean
-rm $0
diff --git a/security/nss/automation/taskcluster/docker-fuzz32/Dockerfile b/security/nss/automation/taskcluster/docker-fuzz32/Dockerfile
new file mode 100644
index 000000000..f5fd3cfd5
--- /dev/null
+++ b/security/nss/automation/taskcluster/docker-fuzz32/Dockerfile
@@ -0,0 +1,73 @@
+# Dockerfile for running fuzzing tests on linux32.
+#
+# This is a temporary workaround for bugs in clang that make it incompatible
+# with Ubuntu 18.04 (see bug 1488148). This image can be removed once a new
+# release of LLVM includes the necessary fixes.
+
+FROM ubuntu:16.04
+LABEL maintainer="Martin Thomson <martin.thomson@gmail.com>"
+
+RUN dpkg --add-architecture i386
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+ build-essential \
+ ca-certificates \
+ curl \
+ g++-multilib \
+ git \
+ gyp \
+ libssl-dev \
+ libssl-dev:i386 \
+ libxml2-utils \
+ lib32z1-dev \
+ linux-libc-dev:i386 \
+ locales \
+ mercurial \
+ ninja-build \
+ pkg-config \
+ software-properties-common \
+ valgrind \
+ zlib1g-dev \
+ && rm -rf /var/lib/apt/lists/* \
+ && apt-get autoremove -y && apt-get clean -y
+
+# Install clang and tools from the LLVM PPA.
+RUN curl -sf https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - \
+ && apt-add-repository "deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-6.0 main" \
+ && apt-get update \
+ && apt-get install -y --no-install-recommends \
+ clang-6.0 \
+ clang-tools-6.0 \
+ llvm-6.0-dev \
+ && rm -rf /var/lib/apt/lists/* \
+ && apt-get autoremove -y && apt-get clean -y
+
+# Alias all the clang commands.
+RUN for i in $(dpkg -L clang-6.0 clang-tools-6.0 | grep '^/usr/bin/' | xargs -i basename {} -6.0); do \
+ update-alternatives --install "/usr/bin/$i" "$i" "/usr/bin/${i}-6.0" 10; \
+ done
+
+ENV SHELL /bin/bash
+ENV USER worker
+ENV LOGNAME $USER
+ENV HOME /home/$USER
+ENV LANG en_US.UTF-8
+ENV LC_ALL $LANG
+ENV HOST localhost
+ENV DOMSUF localdomain
+
+RUN locale-gen $LANG \
+ && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales
+
+RUN useradd -d $HOME -s $SHELL -m $USER
+WORKDIR $HOME
+
+# Add build and test scripts.
+ADD bin $HOME/bin
+RUN chmod +x $HOME/bin/*
+
+# Change user.
+USER $USER
+
+# Set a default command for debugging.
+CMD ["/bin/bash", "--login"]
diff --git a/security/nss/automation/taskcluster/docker-fuzz32/bin/checkout.sh b/security/nss/automation/taskcluster/docker-fuzz32/bin/checkout.sh
new file mode 100644
index 000000000..9167f6bda
--- /dev/null
+++ b/security/nss/automation/taskcluster/docker-fuzz32/bin/checkout.sh
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+set -v -e -x
+
+if [ $(id -u) = 0 ]; then
+ # Drop privileges by re-running this script.
+ exec su worker $0
+fi
+
+# Default values for testing.
+REVISION=${NSS_HEAD_REVISION:-default}
+REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss}
+
+# Clone NSS.
+for i in 0 2 5; do
+ sleep $i
+ hg clone -r $REVISION $REPOSITORY nss && exit 0
+ rm -rf nss
+done
+exit 1
diff --git a/security/nss/automation/taskcluster/docker-gcc-4.4/Dockerfile b/security/nss/automation/taskcluster/docker-gcc-4.4/Dockerfile
index 3330c007f..69538322a 100644
--- a/security/nss/automation/taskcluster/docker-gcc-4.4/Dockerfile
+++ b/security/nss/automation/taskcluster/docker-gcc-4.4/Dockerfile
@@ -1,30 +1,39 @@
FROM ubuntu:14.04
-MAINTAINER Tim Taubert <ttaubert@mozilla.com>
+LABEL maintainer="Martin Thomson <martin.thomson@gmail.com>"
-RUN useradd -d /home/worker -s /bin/bash -m worker
-WORKDIR /home/worker
+RUN dpkg --add-architecture i386
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+ ca-certificates \
+ g++-4.4 \
+ gcc-4.4 \
+ locales \
+ make \
+ mercurial \
+ zlib1g-dev \
+ && rm -rf /var/lib/apt/lists/* \
+ && apt-get autoremove -y && apt-get clean -y
-# Add build and test scripts.
-ADD bin /home/worker/bin
-RUN chmod +x /home/worker/bin/*
-
-# Install dependencies.
-ADD setup.sh /tmp/setup.sh
-RUN bash /tmp/setup.sh
-
-# Change user.
-USER worker
-
-# Env variables.
-ENV HOME /home/worker
ENV SHELL /bin/bash
ENV USER worker
-ENV LOGNAME worker
-ENV HOSTNAME taskcluster-worker
+ENV LOGNAME $USER
+ENV HOME /home/$USER
ENV LANG en_US.UTF-8
-ENV LC_ALL en_US.UTF-8
+ENV LC_ALL $LANG
ENV HOST localhost
ENV DOMSUF localdomain
+RUN locale-gen $LANG \
+ && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales
+
+RUN useradd -d $HOME -s $SHELL -m $USER
+WORKDIR $HOME
+
+# Add build and test scripts.
+ADD bin $HOME/bin
+RUN chmod +x $HOME/bin/*
+
+USER $USER
+
# Set a default command for debugging.
CMD ["/bin/bash", "--login"]
diff --git a/security/nss/automation/taskcluster/docker-gcc-4.4/setup.sh b/security/nss/automation/taskcluster/docker-gcc-4.4/setup.sh
deleted file mode 100644
index f6325d966..000000000
--- a/security/nss/automation/taskcluster/docker-gcc-4.4/setup.sh
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/usr/bin/env bash
-
-set -v -e -x
-
-# Update packages.
-export DEBIAN_FRONTEND=noninteractive
-apt-get -y update && apt-get -y upgrade
-
-apt_packages=()
-apt_packages+=('ca-certificates')
-apt_packages+=('g++-4.4')
-apt_packages+=('gcc-4.4')
-apt_packages+=('locales')
-apt_packages+=('make')
-apt_packages+=('mercurial')
-apt_packages+=('zlib1g-dev')
-
-# Install packages.
-apt-get -y update
-apt-get install -y --no-install-recommends ${apt_packages[@]}
-
-locale-gen en_US.UTF-8
-dpkg-reconfigure locales
-
-# Cleanup.
-rm -rf ~/.ccache ~/.cache
-apt-get autoremove -y
-apt-get clean
-apt-get autoclean
-rm $0
diff --git a/security/nss/automation/taskcluster/docker-interop/Dockerfile b/security/nss/automation/taskcluster/docker-interop/Dockerfile
new file mode 100644
index 000000000..fb4e15d93
--- /dev/null
+++ b/security/nss/automation/taskcluster/docker-interop/Dockerfile
@@ -0,0 +1,56 @@
+# Dockerfile for running interop tests.
+# This includes Rust, golang, and nodejs.
+FROM ubuntu:18.04
+LABEL maintainer="Martin Thomson <martin.thomson@gmail.com>"
+
+RUN dpkg --add-architecture i386
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+ build-essential \
+ ca-certificates \
+ clang \
+ cmake \
+ curl \
+ g++-multilib \
+ git \
+ golang \
+ gyp \
+ libxml2-utils \
+ lib32z1-dev \
+ linux-libc-dev:i386 \
+ llvm-dev \
+ locales \
+ mercurial \
+ ninja-build \
+ npm \
+ pkg-config \
+ zlib1g-dev \
+ && rm -rf /var/lib/apt/lists/* \
+ && apt-get autoremove -y && apt-get clean -y
+
+ENV SHELL /bin/bash
+ENV USER worker
+ENV LOGNAME $USER
+ENV HOME /home/$USER
+ENV LANG en_US.UTF-8
+ENV LC_ALL $LANG
+ENV HOST localhost
+ENV DOMSUF localdomain
+
+RUN locale-gen $LANG \
+ && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales
+
+RUN useradd -d $HOME -s $SHELL -m $USER
+WORKDIR $HOME
+
+# Add build and test scripts.
+ADD bin $HOME/bin
+RUN chmod +x $HOME/bin/*
+
+USER $USER
+
+# Install Rust stable as $USER.
+RUN curl https://sh.rustup.rs -sSf | sh -s -- -y
+
+# Set a default command for debugging.
+CMD ["/bin/bash", "--login"]
diff --git a/security/nss/automation/taskcluster/docker-interop/bin/checkout.sh b/security/nss/automation/taskcluster/docker-interop/bin/checkout.sh
new file mode 100644
index 000000000..9167f6bda
--- /dev/null
+++ b/security/nss/automation/taskcluster/docker-interop/bin/checkout.sh
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+set -v -e -x
+
+if [ $(id -u) = 0 ]; then
+ # Drop privileges by re-running this script.
+ exec su worker $0
+fi
+
+# Default values for testing.
+REVISION=${NSS_HEAD_REVISION:-default}
+REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss}
+
+# Clone NSS.
+for i in 0 2 5; do
+ sleep $i
+ hg clone -r $REVISION $REPOSITORY nss && exit 0
+ rm -rf nss
+done
+exit 1
diff --git a/security/nss/automation/taskcluster/docker/Dockerfile b/security/nss/automation/taskcluster/docker/Dockerfile
index b3c2516ba..6df17c5e1 100644
--- a/security/nss/automation/taskcluster/docker/Dockerfile
+++ b/security/nss/automation/taskcluster/docker/Dockerfile
@@ -1,30 +1,49 @@
-FROM ubuntu:16.04
-MAINTAINER Tim Taubert <ttaubert@mozilla.com>
+# Lean image for running the bulk of the NSS CI tests on taskcluster.
+FROM ubuntu:18.04
+LABEL maintainer="Martin Thomson <martin.thomson@gmail.com>"
-RUN useradd -d /home/worker -s /bin/bash -m worker
-WORKDIR /home/worker
+RUN dpkg --add-architecture i386
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+ build-essential \
+ ca-certificates \
+ clang \
+ curl \
+ g++-multilib \
+ git \
+ gyp \
+ libxml2-utils \
+ lib32z1-dev \
+ linux-libc-dev:i386 \
+ llvm-dev \
+ locales \
+ mercurial \
+ ninja-build \
+ pkg-config \
+ zlib1g-dev \
+ && rm -rf /var/lib/apt/lists/* \
+ && apt-get autoremove -y && apt-get clean -y
-# Add build and test scripts.
-ADD bin /home/worker/bin
-RUN chmod +x /home/worker/bin/*
-
-# Install dependencies.
-ADD setup.sh /tmp/setup.sh
-RUN bash /tmp/setup.sh
-
-# Env variables.
-ENV HOME /home/worker
ENV SHELL /bin/bash
ENV USER worker
-ENV LOGNAME worker
-ENV HOSTNAME taskcluster-worker
+ENV LOGNAME $USER
+ENV HOME /home/$USER
ENV LANG en_US.UTF-8
-ENV LC_ALL en_US.UTF-8
+ENV LC_ALL $LANG
ENV HOST localhost
ENV DOMSUF localdomain
-# Rust + Go
-ENV PATH "${PATH}:/home/worker/.cargo/bin/:/usr/lib/go-1.6/bin"
+RUN locale-gen $LANG \
+ && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales
+
+RUN useradd -d $HOME -s $SHELL -m $USER
+WORKDIR $HOME
+
+# Add build and test scripts.
+ADD bin $HOME/bin
+RUN chmod +x $HOME/bin/*
+
+USER $USER
# Set a default command for debugging.
CMD ["/bin/bash", "--login"]
diff --git a/security/nss/automation/taskcluster/docker/setup.sh b/security/nss/automation/taskcluster/docker/setup.sh
deleted file mode 100644
index 7b90b2e69..000000000
--- a/security/nss/automation/taskcluster/docker/setup.sh
+++ /dev/null
@@ -1,74 +0,0 @@
-#!/usr/bin/env bash
-
-set -v -e -x
-
-# Update packages.
-export DEBIAN_FRONTEND=noninteractive
-apt-get -y update && apt-get -y upgrade
-
-# Need this to add keys for PPAs below.
-apt-get install -y --no-install-recommends apt-utils
-
-apt_packages=()
-apt_packages+=('build-essential')
-apt_packages+=('ca-certificates')
-apt_packages+=('clang-5.0')
-apt_packages+=('curl')
-apt_packages+=('npm')
-apt_packages+=('git')
-apt_packages+=('golang-1.6')
-apt_packages+=('libxml2-utils')
-apt_packages+=('locales')
-apt_packages+=('ninja-build')
-apt_packages+=('pkg-config')
-apt_packages+=('zlib1g-dev')
-
-# 32-bit builds
-apt_packages+=('lib32z1-dev')
-apt_packages+=('gcc-multilib')
-apt_packages+=('g++-multilib')
-
-# ct-verif and sanitizers
-apt_packages+=('valgrind')
-
-# Latest Mercurial.
-apt_packages+=('mercurial')
-apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 41BD8711B1F0EC2B0D85B91CF59CE3A8323293EE
-echo "deb http://ppa.launchpad.net/mercurial-ppa/releases/ubuntu xenial main" > /etc/apt/sources.list.d/mercurial.list
-
-# gcc 4.8 and 6
-apt_packages+=('g++-6')
-apt_packages+=('g++-4.8')
-apt_packages+=('g++-6-multilib')
-apt_packages+=('g++-4.8-multilib')
-apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 60C317803A41BA51845E371A1E9377A2BA9EF27F
-echo "deb http://ppa.launchpad.net/ubuntu-toolchain-r/test/ubuntu xenial main" > /etc/apt/sources.list.d/toolchain.list
-
-# Install packages.
-apt-get -y update
-apt-get install -y --no-install-recommends ${apt_packages[@]}
-
-# Latest version of abigail-tools
-apt-get install -y libxml2-dev autoconf libelf-dev libdw-dev libtool
-git clone git://sourceware.org/git/libabigail.git
-cd ./libabigail
-autoreconf -fi
-./configure --prefix=/usr --disable-static --disable-apidoc --disable-manual
-make
-make install
-cd ..
-apt-get remove -y libxml2-dev autoconf libtool
-rm -rf libabigail
-
-# Install latest Rust (stable).
-su worker -c "curl https://sh.rustup.rs -sSf | sh -s -- -y"
-
-locale-gen en_US.UTF-8
-dpkg-reconfigure locales
-
-# Cleanup.
-rm -rf ~/.ccache ~/.cache
-apt-get autoremove -y
-apt-get clean
-apt-get autoclean
-rm $0
diff --git a/security/nss/automation/taskcluster/graph/src/extend.js b/security/nss/automation/taskcluster/graph/src/extend.js
index 5305325c5..1302602bc 100644
--- a/security/nss/automation/taskcluster/graph/src/extend.js
+++ b/security/nss/automation/taskcluster/graph/src/extend.js
@@ -10,9 +10,19 @@ const LINUX_IMAGE = {
path: "automation/taskcluster/docker"
};
-const LINUX_CLANG39_IMAGE = {
- name: "linux-clang-3.9",
- path: "automation/taskcluster/docker-clang-3.9"
+const LINUX_BUILDS_IMAGE = {
+ name: "linux-builds",
+ path: "automation/taskcluster/docker-builds"
+};
+
+const LINUX_INTEROP_IMAGE = {
+ name: "linux-interop",
+ path: "automation/taskcluster/docker-interop"
+};
+
+const CLANG_FORMAT_IMAGE = {
+ name: "clang-format",
+ path: "automation/taskcluster/docker-clang-format"
};
const LINUX_GCC44_IMAGE = {
@@ -25,6 +35,12 @@ const FUZZ_IMAGE = {
path: "automation/taskcluster/docker-fuzz"
};
+// Bug 1488148 - temporary image for fuzzing 32-bit builds.
+const FUZZ_IMAGE_32 = {
+ name: "fuzz32",
+ path: "automation/taskcluster/docker-fuzz32"
+};
+
const HACL_GEN_IMAGE = {
name: "hacl",
path: "automation/taskcluster/docker-hacl"
@@ -59,7 +75,7 @@ queue.filter(task => {
}
}
- if (task.tests == "bogo" || task.tests == "interop") {
+ if (task.tests == "bogo" || task.tests == "interop" || task.tests == "tlsfuzzer") {
// No windows
if (task.platform == "windows2012-64" ||
task.platform == "windows2012-32") {
@@ -89,7 +105,9 @@ queue.filter(task => {
if (task.group == "Test") {
// Don't run test builds on old make platforms, and not for fips gyp.
- if (task.collection == "make" || task.collection == "fips") {
+ // Disable on aarch64, see bug 1488331.
+ if (task.collection == "make" || task.collection == "fips"
+ || task.platform == "aarch64") {
return false;
}
}
@@ -134,13 +152,13 @@ export default async function main() {
await scheduleLinux("Linux 32 (opt)", {
platform: "linux32",
image: LINUX_IMAGE
- }, "-m32 --opt");
+ }, "-t ia32 --opt");
await scheduleLinux("Linux 32 (debug)", {
platform: "linux32",
collection: "debug",
image: LINUX_IMAGE
- }, "-m32");
+ }, "-t ia32");
await scheduleLinux("Linux 64 (opt)", {
platform: "linux64",
@@ -193,8 +211,8 @@ export default async function main() {
UBSAN_OPTIONS: "print_stacktrace=1",
NSS_DISABLE_ARENA_FREE_LIST: "1",
NSS_DISABLE_UNLOAD: "1",
- CC: "clang-5.0",
- CCC: "clang++-5.0",
+ CC: "clang",
+ CCC: "clang++",
},
platform: "linux64",
collection: "asan",
@@ -230,12 +248,12 @@ export default async function main() {
await scheduleWindows("Windows 2012 32 (opt)", {
platform: "windows2012-32",
- }, "build_gyp.sh --opt -m32");
+ }, "build_gyp.sh --opt -t ia32");
await scheduleWindows("Windows 2012 32 (debug)", {
platform: "windows2012-32",
collection: "debug"
- }, "build_gyp.sh -m32");
+ }, "build_gyp.sh -t ia32");
await scheduleFuzzing();
await scheduleFuzzing32();
@@ -251,29 +269,29 @@ export default async function main() {
};
await scheduleLinux("Linux AArch64 (debug)",
- merge({
+ merge(aarch64_base, {
command: [
"/bin/bash",
"-c",
"bin/checkout.sh && nss/automation/taskcluster/scripts/build_gyp.sh"
],
collection: "debug",
- }, aarch64_base)
+ })
);
await scheduleLinux("Linux AArch64 (opt)",
- merge({
+ merge(aarch64_base, {
command: [
"/bin/bash",
"-c",
"bin/checkout.sh && nss/automation/taskcluster/scripts/build_gyp.sh --opt"
],
collection: "opt",
- }, aarch64_base)
+ })
);
await scheduleLinux("Linux AArch64 (debug, make)",
- merge({
+ merge(aarch64_base, {
env: {USE_64: "1"},
command: [
"/bin/bash",
@@ -281,7 +299,7 @@ export default async function main() {
"bin/checkout.sh && nss/automation/taskcluster/scripts/build.sh"
],
collection: "make",
- }, aarch64_base)
+ })
);
await scheduleMac("Mac (opt)", {collection: "opt"}, "--opt");
@@ -303,7 +321,7 @@ async function scheduleMac(name, base, args = "") {
});
// Build base definition.
- let build_base = merge({
+ let build_base = merge(mac_base, {
command: [
MAC_CHECKOUT_CMD,
["bash", "-c",
@@ -320,7 +338,7 @@ async function scheduleMac(name, base, args = "") {
}],
kind: "build",
symbol: "B"
- }, mac_base);
+ });
// The task that builds NSPR+NSS.
let task_build = queue.scheduleTask(merge(build_base, {name}));
@@ -351,14 +369,18 @@ async function scheduleMac(name, base, args = "") {
/*****************************************************************************/
-async function scheduleLinux(name, base, args = "") {
- // Build base definition.
- let build_base = merge({
+async function scheduleLinux(name, overrides, args = "") {
+ // Construct a base definition. This takes |overrides| second because
+ // callers expect to be able to overwrite the |command| key.
+ let base = merge({
command: [
"/bin/bash",
"-c",
"bin/checkout.sh && nss/automation/taskcluster/scripts/build_gyp.sh " + args
],
+ }, overrides);
+ // The base for building.
+ let build_base = merge(base, {
artifacts: {
public: {
expires: 24 * 7,
@@ -367,8 +389,8 @@ async function scheduleLinux(name, base, args = "") {
}
},
kind: "build",
- symbol: "B"
- }, base);
+ symbol: "B",
+ });
// The task that builds NSPR+NSS.
let task_build = queue.scheduleTask(merge(build_base, {name}));
@@ -434,14 +456,17 @@ async function scheduleLinux(name, base, args = "") {
}));
// Extra builds.
- let extra_base = merge({group: "Builds"}, build_base);
+ let extra_base = merge(build_base, {
+ group: "Builds",
+ image: LINUX_BUILDS_IMAGE,
+ });
queue.scheduleTask(merge(extra_base, {
- name: `${name} w/ clang-5.0`,
+ name: `${name} w/ clang-4`,
env: {
- CC: "clang-5.0",
- CCC: "clang++-5.0",
+ CC: "clang-4.0",
+ CCC: "clang++-4.0",
},
- symbol: "clang-5.0"
+ symbol: "clang-4"
}));
queue.scheduleTask(merge(extra_base, {
@@ -474,16 +499,26 @@ async function scheduleLinux(name, base, args = "") {
}));
queue.scheduleTask(merge(extra_base, {
- name: `${name} w/ gcc-6.1`,
+ name: `${name} w/ gcc-5`,
+ env: {
+ CC: "gcc-5",
+ CCC: "g++-5"
+ },
+ symbol: "gcc-5"
+ }));
+
+ queue.scheduleTask(merge(extra_base, {
+ name: `${name} w/ gcc-6`,
env: {
CC: "gcc-6",
CCC: "g++-6"
},
- symbol: "gcc-6.1"
+ symbol: "gcc-6"
}));
queue.scheduleTask(merge(extra_base, {
name: `${name} w/ modular builds`,
+ image: LINUX_IMAGE,
env: {NSS_BUILD_MODULAR: "1"},
command: [
"/bin/bash",
@@ -493,7 +528,7 @@ async function scheduleLinux(name, base, args = "") {
symbol: "modular"
}));
- await scheduleTestBuilds(merge(base, {group: "Test"}), args);
+ await scheduleTestBuilds(name + " Test", merge(base, {group: "Test"}), args);
return queue.submit();
}
@@ -534,7 +569,7 @@ async function scheduleFuzzing() {
};
// Build base definition.
- let build_base = merge({
+ let build_base = merge(base, {
command: [
"/bin/bash",
"-c",
@@ -550,7 +585,7 @@ async function scheduleFuzzing() {
},
kind: "build",
symbol: "B"
- }, base);
+ });
// The task that builds NSPR+NSS.
let task_build = queue.scheduleTask(merge(build_base, {
@@ -635,16 +670,16 @@ async function scheduleFuzzing32() {
features: ["allowPtrace"],
platform: "linux32",
collection: "fuzz",
- image: FUZZ_IMAGE
+ image: FUZZ_IMAGE_32
};
// Build base definition.
- let build_base = merge({
+ let build_base = merge(base, {
command: [
"/bin/bash",
"-c",
"bin/checkout.sh && " +
- "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --fuzz -m32"
+ "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --fuzz -t ia32"
],
artifacts: {
public: {
@@ -655,7 +690,7 @@ async function scheduleFuzzing32() {
},
kind: "build",
symbol: "B"
- }, base);
+ });
// The task that builds NSPR+NSS.
let task_build = queue.scheduleTask(merge(build_base, {
@@ -671,7 +706,7 @@ async function scheduleFuzzing32() {
"/bin/bash",
"-c",
"bin/checkout.sh && " +
- "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --fuzz=tls -m32"
+ "nss/automation/taskcluster/scripts/build_gyp.sh -g -v --fuzz=tls -t ia32"
],
}));
@@ -728,9 +763,9 @@ async function scheduleFuzzing32() {
/*****************************************************************************/
-async function scheduleTestBuilds(base, args = "") {
+async function scheduleTestBuilds(name, base, args = "") {
// Build base definition.
- let build = merge({
+ let build = merge(base, {
command: [
"/bin/bash",
"-c",
@@ -746,8 +781,15 @@ async function scheduleTestBuilds(base, args = "") {
},
kind: "build",
symbol: "B",
- name: "Linux 64 (debug, test)"
- }, base);
+ name: `${name} build`,
+ });
+
+ // On linux we have a specialized build image for building.
+ if (build.platform === "linux32" || build.platform === "linux64") {
+ build = merge(build, {
+ image: LINUX_BUILDS_IMAGE,
+ });
+ }
// The task that builds NSPR+NSS.
let task_build = queue.scheduleTask(build);
@@ -755,7 +797,7 @@ async function scheduleTestBuilds(base, args = "") {
// Schedule tests.
queue.scheduleTask(merge(base, {
parent: task_build,
- name: "mpi",
+ name: `${name} mpi tests`,
command: [
"/bin/bash",
"-c",
@@ -773,7 +815,7 @@ async function scheduleTestBuilds(base, args = "") {
"-c",
"bin/checkout.sh && nss/automation/taskcluster/scripts/run_tests.sh"
],
- name: "Gtests",
+ name: `${name} gtests`,
symbol: "Gtest",
tests: "gtests",
cycle: "standard",
@@ -790,12 +832,12 @@ async function scheduleWindows(name, base, build_script) {
base = merge(base, {
workerType: "nss-win2012r2",
env: {
- PATH: "c:\\mozilla-build\\python;c:\\mozilla-build\\msys\\local\\bin;" +
- "c:\\mozilla-build\\7zip;c:\\mozilla-build\\info-zip;" +
- "c:\\mozilla-build\\python\\Scripts;c:\\mozilla-build\\yasm;" +
- "c:\\mozilla-build\\msys\\bin;c:\\Windows\\system32;" +
- "c:\\mozilla-build\\upx391w;c:\\mozilla-build\\moztools-x64\\bin;" +
- "c:\\mozilla-build\\wget",
+ PATH: "c:\\mozilla-build\\bin;c:\\mozilla-build\\python;" +
+ "c:\\mozilla-build\\msys\\local\\bin;c:\\mozilla-build\\7zip;" +
+ "c:\\mozilla-build\\info-zip;c:\\mozilla-build\\python\\Scripts;" +
+ "c:\\mozilla-build\\yasm;c:\\mozilla-build\\msys\\bin;" +
+ "c:\\Windows\\system32;c:\\mozilla-build\\upx391w;" +
+ "c:\\mozilla-build\\moztools-x64\\bin;c:\\mozilla-build\\wget",
DOMSUF: "localdomain",
HOST: "localhost",
}
@@ -881,7 +923,7 @@ async function scheduleWindows(name, base, build_script) {
/*****************************************************************************/
function scheduleTests(task_build, task_cert, test_base) {
- test_base = merge({kind: "test"}, test_base);
+ test_base = merge(test_base, {kind: "test"});
// Schedule tests that do NOT need certificates.
let no_cert_base = merge(test_base, {parent: task_build});
@@ -889,10 +931,21 @@ function scheduleTests(task_build, task_cert, test_base) {
name: "Gtests", symbol: "Gtest", tests: "ssl_gtests gtests", cycle: "standard"
}));
queue.scheduleTask(merge(no_cert_base, {
- name: "Bogo tests", symbol: "Bogo", tests: "bogo", cycle: "standard"
+ name: "Bogo tests",
+ symbol: "Bogo",
+ tests: "bogo",
+ cycle: "standard",
+ image: LINUX_INTEROP_IMAGE,
}));
queue.scheduleTask(merge(no_cert_base, {
- name: "Interop tests", symbol: "Interop", tests: "interop", cycle: "standard"
+ name: "Interop tests",
+ symbol: "Interop",
+ tests: "interop",
+ cycle: "standard",
+ image: LINUX_INTEROP_IMAGE,
+ }));
+ queue.scheduleTask(merge(no_cert_base, {
+ name: "tlsfuzzer tests", symbol: "tlsfuzzer", tests: "tlsfuzzer", cycle: "standard"
}));
queue.scheduleTask(merge(no_cert_base, {
name: "Chains tests", symbol: "Chains", tests: "chains"
@@ -928,6 +981,9 @@ function scheduleTests(task_build, task_cert, test_base) {
queue.scheduleTask(merge(no_cert_base, {
name: "SDR tests", symbol: "SDR", tests: "sdr"
}));
+ queue.scheduleTask(merge(no_cert_base, {
+ name: "Policy tests", symbol: "Policy", tests: "policy"
+ }));
// Schedule tests that need certificates.
let cert_base = merge(test_base, {parent: task_cert});
@@ -971,11 +1027,11 @@ async function scheduleTools() {
kind: "test"
};
- //ABI check task
+ // ABI check task
queue.scheduleTask(merge(base, {
symbol: "abi",
name: "abi",
- image: LINUX_IMAGE,
+ image: LINUX_BUILDS_IMAGE,
command: [
"/bin/bash",
"-c",
@@ -984,9 +1040,9 @@ async function scheduleTools() {
}));
queue.scheduleTask(merge(base, {
- symbol: "clang-format-3.9",
- name: "clang-format-3.9",
- image: LINUX_CLANG39_IMAGE,
+ symbol: "clang-format",
+ name: "clang-format",
+ image: CLANG_FORMAT_IMAGE,
command: [
"/bin/bash",
"-c",
@@ -1049,7 +1105,7 @@ async function scheduleTools() {
command: [
"/bin/bash",
"-c",
- "bin/checkout.sh && nss/automation/taskcluster/scripts/build_gyp.sh --disable-tests --emit-llvm -m32"
+ "bin/checkout.sh && nss/automation/taskcluster/scripts/build_gyp.sh --disable-tests --emit-llvm -t ia32"
]
}));
diff --git a/security/nss/automation/taskcluster/graph/src/try_syntax.js b/security/nss/automation/taskcluster/graph/src/try_syntax.js
index 214793bd5..f1772a658 100644
--- a/security/nss/automation/taskcluster/graph/src/try_syntax.js
+++ b/security/nss/automation/taskcluster/graph/src/try_syntax.js
@@ -37,7 +37,7 @@ function parseOptions(opts) {
let aliases = {"gtests": "gtest"};
let allUnitTests = ["bogo", "crmf", "chains", "cipher", "db", "ec", "fips",
"gtest", "interop", "lowhash", "merge", "sdr", "smime", "tools",
- "ssl", "mpi", "scert", "spki"];
+ "ssl", "mpi", "scert", "spki", "policy", "tlsfuzzer"];
let unittests = intersect(opts.unittests.split(/\s*,\s*/).map(t => {
return aliases[t] || t;
}), allUnitTests);
diff --git a/security/nss/automation/taskcluster/scripts/build_image.sh b/security/nss/automation/taskcluster/scripts/build_image.sh
index b422214e7..b8715dbe9 100644
--- a/security/nss/automation/taskcluster/scripts/build_image.sh
+++ b/security/nss/automation/taskcluster/scripts/build_image.sh
@@ -13,12 +13,12 @@ raise_error() {
test -n "$PROJECT" || raise_error "Project must be provided."
test -n "$HASH" || raise_error "Context Hash must be provided."
-CONTEXT_PATH=/home/worker/nss/$CONTEXT_PATH
+CONTEXT_PATH="/home/worker/nss/$CONTEXT_PATH"
-test -d $CONTEXT_PATH || raise_error "Context Path $CONTEXT_PATH does not exist."
+test -d "$CONTEXT_PATH" || raise_error "Context Path $CONTEXT_PATH does not exist."
test -f "$CONTEXT_PATH/Dockerfile" || raise_error "Dockerfile must be present in $CONTEXT_PATH."
-docker build -t $PROJECT:$HASH $CONTEXT_PATH
+docker build -t "$PROJECT:$HASH" "$CONTEXT_PATH"
mkdir /artifacts
-docker save $PROJECT:$HASH > /artifacts/image.tar
+docker save "$PROJECT:$HASH" > /artifacts/image.tar
diff --git a/security/nss/automation/taskcluster/scripts/tools.sh b/security/nss/automation/taskcluster/scripts/tools.sh
index 534cb32ce..63a6ee8de 100644
--- a/security/nss/automation/taskcluster/scripts/tools.sh
+++ b/security/nss/automation/taskcluster/scripts/tools.sh
@@ -2,12 +2,11 @@
set -v -e -x
+# Assert that we're not running as root.
if [[ $(id -u) -eq 0 ]]; then
- # Stupid Docker. It works without sometimes... But not always.
- echo "127.0.0.1 localhost.localdomain" >> /etc/hosts
-
- # Drop privileges by re-running this script.
- # Note: this mangles arguments, better to avoid running scripts as root.
+ # This exec is still needed until aarch64 images are updated (Bug 1488325).
+ # Remove when images are updated. Until then, assert that things are good.
+ [[ $(uname -m) == aarch64 ]]
exec su worker -c "$0 $*"
fi
diff --git a/security/nss/automation/taskcluster/windows/build.sh b/security/nss/automation/taskcluster/windows/build.sh
index 46136153d..eebb41535 100644
--- a/security/nss/automation/taskcluster/windows/build.sh
+++ b/security/nss/automation/taskcluster/windows/build.sh
@@ -2,12 +2,12 @@
set -v -e -x
-# Set up the toolchain.
-if [ "$USE_64" = 1 ]; then
- source $(dirname $0)/setup64.sh
+if [[ "$USE_64" == 1 ]]; then
+ m=x64
else
- source $(dirname $0)/setup32.sh
+ m=x86
fi
+source "$(dirname "$0")/setup.sh"
# Clone NSPR.
hg_clone https://hg.mozilla.org/projects/nspr nspr default
diff --git a/security/nss/automation/taskcluster/windows/build_gyp.sh b/security/nss/automation/taskcluster/windows/build_gyp.sh
index cc829ca99..c0f38f948 100644
--- a/security/nss/automation/taskcluster/windows/build_gyp.sh
+++ b/security/nss/automation/taskcluster/windows/build_gyp.sh
@@ -2,33 +2,37 @@
set -v -e -x
-# Set up the toolchain.
-if [[ "$@" == *"-m32"* ]]; then
- source $(dirname $0)/setup32.sh
-else
- source $(dirname $0)/setup64.sh
-fi
+# Parse for the -t option.
+m=x64
+for i in "$@"; do
+ case "$i" in
+ -t|--target) m= ;;
+ --target=*) m="${i#*=}" ;;
+ *) [[ -z "$m" ]] && m="$i" ;;
+ esac
+done
+[[ "$m" == "ia32" ]] && m=x86
+source "$(dirname "$0")/setup.sh"
# Install GYP.
-cd gyp
+pushd gyp
python -m virtualenv test-env
test-env/Scripts/python setup.py install
test-env/Scripts/python -m pip install --upgrade pip
test-env/Scripts/pip install --upgrade setuptools
-cd ..
-
-export GYP_MSVS_OVERRIDE_PATH="${VSPATH}"
-export GYP_MSVS_VERSION="2015"
-export GYP="${PWD}/gyp/test-env/Scripts/gyp"
-
# Fool GYP.
touch "${VSPATH}/VC/vcvarsall.bat"
+export GYP_MSVS_OVERRIDE_PATH="${VSPATH}"
+export GYP_MSVS_VERSION=2015
+popd
+
+export PATH="${PATH}:${PWD}/ninja/bin:${PWD}/gyp/test-env/Scripts"
# Clone NSPR.
hg_clone https://hg.mozilla.org/projects/nspr nspr default
# Build with gyp.
-GYP=${GYP} ./nss/build.sh -g -v "$@"
+./nss/build.sh -g -v "$@"
# Package.
7z a public/build/dist.7z dist
diff --git a/security/nss/automation/taskcluster/windows/setup.sh b/security/nss/automation/taskcluster/windows/setup.sh
index 36a040ba1..93c0cdbd5 100644
--- a/security/nss/automation/taskcluster/windows/setup.sh
+++ b/security/nss/automation/taskcluster/windows/setup.sh
@@ -2,13 +2,6 @@
set -v -e -x
-export VSPATH="$(pwd)/vs2017_15.4.2"
-export NINJA_PATH="$(pwd)/ninja/bin"
-
-export WINDOWSSDKDIR="${VSPATH}/SDK"
-export VS90COMNTOOLS="${VSPATH}/VC"
-export INCLUDE="${VSPATH}/VC/include:${VSPATH}/SDK/Include/10.0.15063.0/ucrt:${VSPATH}/SDK/Include/10.0.15063.0/shared:${VSPATH}/SDK/Include/10.0.15063.0/um"
-
# Usage: hg_clone repo dir [revision=@]
hg_clone() {
repo=$1
@@ -22,5 +15,42 @@ hg_clone() {
exit 1
}
-hg_clone https://hg.mozilla.org/build/tools tools default
-tools/scripts/tooltool/tooltool_wrapper.sh $(dirname $0)/releng.manifest https://tooltool.mozilla-releng.net/ non-existant-file.sh /c/mozilla-build/python/python.exe /c/builds/tooltool.py --authentication-file /c/builds/relengapi.tok -c /c/builds/tooltool_cache
+hg_clone https://hg.mozilla.org/build/tools tools b8d7c263dfc3
+tools/scripts/tooltool/tooltool_wrapper.sh \
+ $(dirname $0)/releng.manifest https://tooltool.mozilla-releng.net/ \
+ non-existant-file.sh /c/mozilla-build/python/python.exe \
+ /c/builds/tooltool.py --authentication-file /c/builds/relengapi.tok \
+ -c /c/builds/tooltool_cache
+
+# This needs $m to be set.
+[[ -n "$m" ]]
+
+# Setup MSVC paths.
+export VSPATH="${PWD}/vs2017_15.4.2"
+UCRTVersion="10.0.15063.0"
+
+export WINDOWSSDKDIR="${VSPATH}/SDK"
+export VS90COMNTOOLS="${VSPATH}/VC"
+export WIN32_REDIST_DIR="${VSPATH}/VC/redist/${m}/Microsoft.VC141.CRT"
+export WIN_UCRT_REDIST_DIR="${VSPATH}/SDK/Redist/ucrt/DLLs/${m}"
+
+if [ "$m" == "x86" ]; then
+ PATH="${PATH}:${VSPATH}/VC/bin/Hostx64/x86"
+ PATH="${PATH}:${VSPATH}/VC/bin/Hostx64/x64"
+fi
+PATH="${PATH}:${VSPATH}/VC/bin/Host${m}/${m}"
+PATH="${PATH}:${WIN32_REDIST_DIR}"
+PATH="${PATH}:${WIN_UCRT_REDIST_DIR}"
+PATH="${PATH}:${VSPATH}/SDK/bin/${UCRTVersion}/x64"
+export PATH
+
+LIB="${LIB}:${VSPATH}/VC/lib/${m}"
+LIB="${LIB}:${VSPATH}/SDK/lib/${UCRTVersion}/ucrt/${m}"
+LIB="${LIB}:${VSPATH}/SDK/lib/${UCRTVersion}/um/${m}"
+export LIB
+
+INCLUDE="${INCLUDE}:${VSPATH}/VC/include"
+INCLUDE="${INCLUDE}:${VSPATH}/SDK/Include/${UCRTVersion}/ucrt"
+INCLUDE="${INCLUDE}:${VSPATH}/SDK/Include/${UCRTVersion}/shared"
+INCLUDE="${INCLUDE}:${VSPATH}/SDK/Include/${UCRTVersion}/um"
+export INCLUDE
diff --git a/security/nss/automation/taskcluster/windows/setup32.sh b/security/nss/automation/taskcluster/windows/setup32.sh
deleted file mode 100644
index 19bed284d..000000000
--- a/security/nss/automation/taskcluster/windows/setup32.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/usr/bin/env bash
-
-set -v -e -x
-
-source $(dirname $0)/setup.sh
-
-export WIN32_REDIST_DIR="${VSPATH}/VC/redist/x86/Microsoft.VC141.CRT"
-export WIN_UCRT_REDIST_DIR="${VSPATH}/SDK/Redist/ucrt/DLLs/x86"
-export PATH="${NINJA_PATH}:${VSPATH}/VC/bin/Hostx64/x86:${VSPATH}/VC/bin/Hostx64/x64:${VSPATH}/VC/Hostx86/x86:${VSPATH}/SDK/bin/10.0.15063.0/x64:${VSPATH}/VC/redist/x86/Microsoft.VC141.CRT:${VSPATH}/SDK/Redist/ucrt/DLLs/x86:${PATH}"
-export LIB="${VSPATH}/VC/lib/x86:${VSPATH}/SDK/lib/10.0.15063.0/ucrt/x86:${VSPATH}/SDK/lib/10.0.15063.0/um/x86"
diff --git a/security/nss/automation/taskcluster/windows/setup64.sh b/security/nss/automation/taskcluster/windows/setup64.sh
deleted file mode 100644
index d16cb0ec9..000000000
--- a/security/nss/automation/taskcluster/windows/setup64.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/usr/bin/env bash
-
-set -v -e -x
-
-source $(dirname $0)/setup.sh
-
-export WIN32_REDIST_DIR="${VSPATH}/VC/redist/x64/Microsoft.VC141.CRT"
-export WIN_UCRT_REDIST_DIR="${VSPATH}/SDK/Redist/ucrt/DLLs/x64"
-export PATH="${NINJA_PATH}:${VSPATH}/VC/bin/Hostx64/x64:${VSPATH}/VC/bin/Hostx86/x86:${VSPATH}/SDK/bin/10.0.15063.0/x64:${VSPATH}/VC/redist/x64/Microsoft.VC141.CRT:${VSPATH}/SDK/Redist/ucrt/DLLs/x64:${PATH}"
-export LIB="${VSPATH}/VC/lib/x64:${VSPATH}/SDK/lib/10.0.15063.0/ucrt/x64:${VSPATH}/SDK/lib/10.0.15063.0/um/x64"
diff --git a/security/nss/build.sh b/security/nss/build.sh
index 338e14beb..4c6d513cd 100755
--- a/security/nss/build.sh
+++ b/security/nss/build.sh
@@ -50,75 +50,86 @@ fuzz=0
fuzz_tls=0
fuzz_oss=0
no_local_nspr=0
-armhf=0
gyp_params=(--depth="$cwd" --generator-output=".")
-nspr_params=()
ninja_params=()
-# try to guess sensible defaults
-arch=$(python "$cwd"/coreconf/detect_host_arch.py)
-if [ "$arch" = "x64" -o "$arch" = "aarch64" ]; then
- build_64=1
-elif [ "$arch" = "arm" ]; then
- armhf=1
+# Assume that the target architecture is the same as the host by default.
+host_arch=$(python "$cwd"/coreconf/detect_host_arch.py)
+target_arch=$host_arch
+
+# Assume that MSVC is wanted if this is running on windows.
+platform=$(uname -s)
+if [ "${platform%-*}" = "MINGW32_NT" -o "${platform%-*}" = "MINGW64_NT" ]; then
+ msvc=1
fi
-# parse command line arguments
+# Parse command line arguments.
while [ $# -gt 0 ]; do
- case $1 in
+ case "$1" in
-c) clean=1 ;;
-cc) clean_only=1 ;;
- --gyp|-g) rebuild_gyp=1 ;;
- --nspr) nspr_clean; rebuild_nspr=1 ;;
- -j) ninja_params+=(-j "$2"); shift ;;
-v) ninja_params+=(-v); verbose=1 ;;
- --test) gyp_params+=(-Dtest_build=1) ;;
- --clang) export CC=clang; export CCC=clang++; export CXX=clang++ ;;
- --gcc) export CC=gcc; export CCC=g++; export CXX=g++ ;;
- --fuzz) fuzz=1 ;;
- --fuzz=oss) fuzz=1; fuzz_oss=1 ;;
- --fuzz=tls) fuzz=1; fuzz_tls=1 ;;
+ -j) ninja_params+=(-j "$2"); shift ;;
+ --gyp|-g) rebuild_gyp=1 ;;
+ --opt|-o) opt_build=1 ;;
+ -m32|--m32) target_arch=ia32; echo 'Warning: use -t instead of -m32' 1>&2 ;;
+ -t|--target) target_arch="$2"; shift ;;
+ --target=*) target_arch="${1#*=}" ;;
+ --clang) export CC=clang; export CCC=clang++; export CXX=clang++; msvc=0 ;;
+ --gcc) export CC=gcc; export CCC=g++; export CXX=g++; msvc=0 ;;
+ --msvc) msvc=1 ;;
--scan-build) enable_scanbuild ;;
--scan-build=?*) enable_scanbuild "${1#*=}" ;;
- --opt|-o) opt_build=1 ;;
- -m32|--m32) build_64=0 ;;
+ --disable-tests) gyp_params+=(-Ddisable_tests=1) ;;
+ --pprof) gyp_params+=(-Duse_pprof=1) ;;
--asan) enable_sanitizer asan ;;
--msan) enable_sanitizer msan ;;
--ubsan) enable_ubsan ;;
--ubsan=?*) enable_ubsan "${1#*=}" ;;
+ --fuzz) fuzz=1 ;;
+ --fuzz=oss) fuzz=1; fuzz_oss=1 ;;
+ --fuzz=tls) fuzz=1; fuzz_tls=1 ;;
--sancov) enable_sancov ;;
--sancov=?*) enable_sancov "${1#*=}" ;;
- --pprof) gyp_params+=(-Duse_pprof=1) ;;
- --ct-verif) gyp_params+=(-Dct_verif=1) ;;
--emit-llvm) gyp_params+=(-Demit_llvm=1 -Dsign_libs=0) ;;
- --disable-tests) gyp_params+=(-Ddisable_tests=1) ;;
--no-zdefs) gyp_params+=(-Dno_zdefs=1) ;;
- --system-sqlite) gyp_params+=(-Duse_system_sqlite=1) ;;
+ --test) gyp_params+=(-Dtest_build=1) ;;
+ --ct-verif) gyp_params+=(-Dct_verif=1) ;;
+ --nspr) nspr_clean; rebuild_nspr=1 ;;
--with-nspr=?*) set_nspr_path "${1#*=}"; no_local_nspr=1 ;;
--system-nspr) set_nspr_path "/usr/include/nspr/:"; no_local_nspr=1 ;;
- --enable-libpkix) gyp_params+=(-Ddisable_libpkix=0) ;;
+ --system-sqlite) gyp_params+=(-Duse_system_sqlite=1) ;;
--enable-fips) gyp_params+=(-Ddisable_fips=0) ;;
+ --enable-libpkix) gyp_params+=(-Ddisable_libpkix=0) ;;
+ --mozpkix-only) gyp_params+=(-Dmozpkix_only=1 -Ddisable_tests=1 -Dsign_libs=0) ;;
*) show_help; exit 2 ;;
esac
shift
done
+# Set the target architecture and build type.
+gyp_params+=(-Dtarget_arch="$target_arch")
if [ "$opt_build" = 1 ]; then
target=Release
else
target=Debug
fi
-if [ "$build_64" = 1 ]; then
- nspr_params+=(--enable-64bit)
-elif [ ! "$armhf" = 1 ]; then
- gyp_params+=(-Dtarget_arch=ia32)
-fi
+
+# Do special setup.
if [ "$fuzz" = 1 ]; then
source "$cwd"/coreconf/fuzz.sh
fi
+nspr_set_flags $sanitizer_flags
+if [ ! -z "$sanitizer_flags" ]; then
+ gyp_params+=(-Dsanitizer_flags="$sanitizer_flags")
+fi
-# set paths
+if [ "$msvc" = 1 ]; then
+ source "$cwd"/coreconf/msvc.sh
+fi
+
+# Setup build paths.
target_dir="$cwd"/out/$target
mkdir -p "$target_dir"
dist_dir="$cwd"/../dist
@@ -149,6 +160,7 @@ check_config()
echo CC="$CC" >"$newconf"
echo CCC="$CCC" >>"$newconf"
echo CXX="$CXX" >>"$newconf"
+ echo target_arch="$target_arch" >>"$newconf"
for i in "$@"; do echo $i; done | sort >>"$newconf"
# Note: The following diff fails if $oldconf isn't there as well, which
@@ -159,6 +171,7 @@ check_config()
gyp_config="$cwd"/out/gyp_config
nspr_config="$cwd"/out/$target/nspr_config
+# Now check what needs to be rebuilt.
# If we don't have a build directory make sure that we rebuild.
if [ ! -d "$target_dir" ]; then
rebuild_nspr=1
@@ -167,33 +180,28 @@ elif [ ! -d "$dist_dir"/$target ]; then
rebuild_nspr=1
fi
-# Update NSPR ${C,CXX,LD}FLAGS.
-nspr_set_flags $sanitizer_flags
-
-if check_config "$nspr_config" "${nspr_params[@]}" \
+if check_config "$nspr_config" \
nspr_cflags="$nspr_cflags" \
nspr_cxxflags="$nspr_cxxflags" \
nspr_ldflags="$nspr_ldflags"; then
rebuild_nspr=1
fi
-# Forward sanitizer flags.
-if [ ! -z "$sanitizer_flags" ]; then
- gyp_params+=(-Dsanitizer_flags="$sanitizer_flags")
-fi
-
if check_config "$gyp_config" "${gyp_params[@]}"; then
rebuild_gyp=1
fi
-# save the chosen target
+# Save the chosen target.
mkdir -p "$dist_dir"
echo $target > "$dist_dir"/latest
+# Build.
+# NSPR.
if [[ "$rebuild_nspr" = 1 && "$no_local_nspr" = 0 ]]; then
- nspr_build "${nspr_params[@]}"
+ nspr_build
mv -f "$nspr_config".new "$nspr_config"
fi
+# gyp.
if [ "$rebuild_gyp" = 1 ]; then
if ! hash ${GYP} 2> /dev/null; then
echo "Please install gyp" 1>&2
@@ -211,11 +219,11 @@ if [ "$rebuild_gyp" = 1 ]; then
mv -f "$gyp_config".new "$gyp_config"
fi
-# Run ninja.
-if hash ninja 2>/dev/null; then
- ninja=ninja
-elif hash ninja-build 2>/dev/null; then
+# ninja.
+if hash ninja-build 2>/dev/null; then
ninja=ninja-build
+elif hash ninja 2>/dev/null; then
+ ninja=ninja
else
echo "Please install ninja" 1>&2
exit 1
diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c
index dbb93c922..df02e4439 100644
--- a/security/nss/cmd/certutil/certutil.c
+++ b/security/nss/cmd/certutil/certutil.c
@@ -741,6 +741,9 @@ ValidateCert(CERTCertDBHandle *handle, char *name, char *date,
case 'V':
usage = certificateUsageSSLServer;
break;
+ case 'I':
+ usage = certificateUsageIPsec;
+ break;
case 'S':
usage = certificateUsageEmailSigner;
break;
@@ -856,41 +859,59 @@ SECItemToHex(const SECItem *item, char *dst)
}
static const char *const keyTypeName[] = {
- "null", "rsa", "dsa", "fortezza", "dh", "kea", "ec", "rsaPss"
+ "null", "rsa", "dsa", "fortezza", "dh", "kea", "ec", "rsaPss", "rsaOaep"
};
#define MAX_CKA_ID_BIN_LEN 20
#define MAX_CKA_ID_STR_LEN 40
-/* print key number, key ID (in hex or ASCII), key label (nickname) */
-static SECStatus
-PrintKey(PRFileDesc *out, const char *nickName, int count,
- SECKEYPrivateKey *key, void *pwarg)
+/* output human readable key ID in buffer, which should have at least
+ * MAX_CKA_ID_STR_LEN + 3 octets (quotations and a null terminator) */
+static void
+formatPrivateKeyID(SECKEYPrivateKey *privkey, char *buffer)
{
SECItem *ckaID;
- char ckaIDbuf[MAX_CKA_ID_STR_LEN + 4];
- pwarg = NULL;
- ckaID = PK11_GetLowLevelKeyIDForPrivateKey(key);
+ ckaID = PK11_GetLowLevelKeyIDForPrivateKey(privkey);
if (!ckaID) {
- strcpy(ckaIDbuf, "(no CKA_ID)");
+ strcpy(buffer, "(no CKA_ID)");
} else if (ItemIsPrintableASCII(ckaID)) {
int len = PR_MIN(MAX_CKA_ID_STR_LEN, ckaID->len);
- ckaIDbuf[0] = '"';
- memcpy(ckaIDbuf + 1, ckaID->data, len);
- ckaIDbuf[1 + len] = '"';
- ckaIDbuf[2 + len] = '\0';
+ buffer[0] = '"';
+ memcpy(buffer + 1, ckaID->data, len);
+ buffer[1 + len] = '"';
+ buffer[2 + len] = '\0';
} else {
/* print ckaid in hex */
SECItem idItem = *ckaID;
if (idItem.len > MAX_CKA_ID_BIN_LEN)
idItem.len = MAX_CKA_ID_BIN_LEN;
- SECItemToHex(&idItem, ckaIDbuf);
+ SECItemToHex(&idItem, buffer);
}
+ SECITEM_ZfreeItem(ckaID, PR_TRUE);
+}
+
+/* print key number, key ID (in hex or ASCII), key label (nickname) */
+static SECStatus
+PrintKey(PRFileDesc *out, const char *nickName, int count,
+ SECKEYPrivateKey *key, void *pwarg)
+{
+ char ckaIDbuf[MAX_CKA_ID_STR_LEN + 4];
+ CERTCertificate *cert;
+ KeyType keyType;
+
+ pwarg = NULL;
+ formatPrivateKeyID(key, ckaIDbuf);
+ cert = PK11_GetCertFromPrivateKey(key);
+ if (cert) {
+ keyType = CERT_GetCertKeyType(&cert->subjectPublicKeyInfo);
+ CERT_DestroyCertificate(cert);
+ } else {
+ keyType = key->keyType;
+ }
PR_fprintf(out, "<%2d> %-8.8s %-42.42s %s\n", count,
- keyTypeName[key->keyType], ckaIDbuf, nickName);
- SECITEM_ZfreeItem(ckaID, PR_TRUE);
+ keyTypeName[keyType], ckaIDbuf, nickName);
return SECSuccess;
}
@@ -1002,7 +1023,7 @@ ListKeys(PK11SlotInfo *slot, const char *nickName, int index,
}
static SECStatus
-DeleteKey(char *nickname, secuPWData *pwdata)
+DeleteCertAndKey(char *nickname, secuPWData *pwdata)
{
SECStatus rv;
CERTCertificate *cert;
@@ -1031,6 +1052,61 @@ DeleteKey(char *nickname, secuPWData *pwdata)
return rv;
}
+static SECKEYPrivateKey *
+findPrivateKeyByID(PK11SlotInfo *slot, const char *ckaID, secuPWData *pwarg)
+{
+ PORTCheapArenaPool arena;
+ SECItem ckaIDItem = { 0 };
+ SECKEYPrivateKey *privkey = NULL;
+ SECStatus rv;
+
+ if (PK11_NeedLogin(slot)) {
+ rv = PK11_Authenticate(slot, PR_TRUE, pwarg);
+ if (rv != SECSuccess) {
+ SECU_PrintError(progName, "could not authenticate to token %s.",
+ PK11_GetTokenName(slot));
+ return NULL;
+ }
+ }
+
+ if (0 == PL_strncasecmp("0x", ckaID, 2)) {
+ ckaID += 2; /* skip leading "0x" */
+ }
+ PORT_InitCheapArena(&arena, DER_DEFAULT_CHUNKSIZE);
+ if (SECU_HexString2SECItem(&arena.arena, &ckaIDItem, ckaID)) {
+ privkey = PK11_FindKeyByKeyID(slot, &ckaIDItem, pwarg);
+ }
+ PORT_DestroyCheapArena(&arena);
+ return privkey;
+}
+
+static SECStatus
+DeleteKey(SECKEYPrivateKey *privkey, secuPWData *pwarg)
+{
+ SECStatus rv;
+ PK11SlotInfo *slot;
+
+ slot = PK11_GetSlotFromPrivateKey(privkey);
+ if (PK11_NeedLogin(slot)) {
+ rv = PK11_Authenticate(slot, PR_TRUE, pwarg);
+ if (rv != SECSuccess) {
+ SECU_PrintError(progName, "could not authenticate to token %s.",
+ PK11_GetTokenName(slot));
+ return SECFailure;
+ }
+ }
+
+ rv = PK11_DeleteTokenPrivateKey(privkey, PR_TRUE);
+ if (rv != SECSuccess) {
+ char ckaIDbuf[MAX_CKA_ID_STR_LEN + 4];
+ formatPrivateKeyID(privkey, ckaIDbuf);
+ SECU_PrintError("problem deleting private key \"%s\"\n", ckaIDbuf);
+ }
+
+ PK11_FreeSlot(slot);
+ return rv;
+}
+
/*
* L i s t M o d u l e s
*
@@ -1100,7 +1176,9 @@ PrintSyntax()
"\t\t [-d certdir] [-P dbprefix]\n", progName);
FPS "\t%s -E -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n",
progName);
- FPS "\t%s -F -n nickname [-d certdir] [-P dbprefix]\n",
+ FPS "\t%s -F -n cert-name [-d certdir] [-P dbprefix]\n",
+ progName);
+ FPS "\t%s -F -k key-id [-d certdir] [-P dbprefix]\n",
progName);
FPS "\t%s -G -n key-name [-h token-name] [-k rsa] [-g key-size] [-y exp]\n"
"\t\t [-f pwfile] [-z noisefile] [-d certdir] [-P dbprefix]\n", progName);
@@ -1390,6 +1468,8 @@ luF(enum usage_level ul, const char *command)
return;
FPS "%-20s The nickname of the key to delete\n",
" -n cert-name");
+ FPS "%-20s The key id of the key to delete, obtained using -K\n",
+ " -k key-id");
FPS "%-20s Cert database directory (default is ~/.netscape)\n",
" -d certdir");
FPS "%-20s Cert & Key database prefix\n",
@@ -1629,6 +1709,7 @@ luV(enum usage_level ul, const char *command)
FPS "%-20s Specify certificate usage:\n", " -u certusage");
FPS "%-25s C \t SSL Client\n", "");
FPS "%-25s V \t SSL Server\n", "");
+ FPS "%-25s I \t IPsec\n", "");
FPS "%-25s L \t SSL CA\n", "");
FPS "%-25s A \t Any CA\n", "");
FPS "%-25s Y \t Verify CA\n", "");
@@ -2944,10 +3025,9 @@ certutil_main(int argc, char **argv, PRBool initialize)
readOnly = !certutil.options[opt_RW].activated;
}
- /* -A, -D, -F, -M, -S, -V, and all require -n */
+ /* -A, -D, -M, -S, -V, and all require -n */
if ((certutil.commands[cmd_AddCert].activated ||
certutil.commands[cmd_DeleteCert].activated ||
- certutil.commands[cmd_DeleteKey].activated ||
certutil.commands[cmd_DumpChain].activated ||
certutil.commands[cmd_ModifyCertTrust].activated ||
certutil.commands[cmd_CreateAndAddCert].activated ||
@@ -3034,6 +3114,16 @@ certutil_main(int argc, char **argv, PRBool initialize)
return 255;
}
+ /* Delete needs a nickname or a key ID */
+ if (certutil.commands[cmd_DeleteKey].activated &&
+ !(certutil.options[opt_Nickname].activated || keysource)) {
+ PR_fprintf(PR_STDERR,
+ "%s -%c: specify a nickname (-n) or\n"
+ " a key ID (-k).\n",
+ commandToRun, progName);
+ return 255;
+ }
+
/* Upgrade/Merge needs a source database and a upgrade id. */
if (certutil.commands[cmd_UpgradeMerge].activated &&
!(certutil.options[opt_SourceDir].activated &&
@@ -3396,7 +3486,19 @@ certutil_main(int argc, char **argv, PRBool initialize)
}
/* Delete key (-F) */
if (certutil.commands[cmd_DeleteKey].activated) {
- rv = DeleteKey(name, &pwdata);
+ if (certutil.options[opt_Nickname].activated) {
+ rv = DeleteCertAndKey(name, &pwdata);
+ } else {
+ privkey = findPrivateKeyByID(slot, keysource, &pwdata);
+ if (!privkey) {
+ SECU_PrintError(progName, "%s is not a key-id", keysource);
+ rv = SECFailure;
+ } else {
+ rv = DeleteKey(privkey, &pwdata);
+ /* already destroyed by PK11_DeleteTokenPrivateKey */
+ privkey = NULL;
+ }
+ }
goto shutdown;
}
/* Modify trust attribute for cert (-M) */
@@ -3468,30 +3570,8 @@ certutil_main(int argc, char **argv, PRBool initialize)
if (keycert) {
privkey = PK11_FindKeyByDERCert(slot, keycert, &pwdata);
} else {
- PLArenaPool *arena = NULL;
- SECItem keyidItem = { 0 };
- char *keysourcePtr = keysource;
/* Interpret keysource as CKA_ID */
- if (PK11_NeedLogin(slot)) {
- rv = PK11_Authenticate(slot, PR_TRUE, &pwdata);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "could not authenticate to token %s.",
- PK11_GetTokenName(slot));
- return SECFailure;
- }
- }
- if (0 == PL_strncasecmp("0x", keysource, 2)) {
- keysourcePtr = keysource + 2; // skip leading "0x"
- }
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) {
- SECU_PrintError(progName, "unable to allocate arena");
- return SECFailure;
- }
- if (SECU_HexString2SECItem(arena, &keyidItem, keysourcePtr)) {
- privkey = PK11_FindKeyByKeyID(slot, &keyidItem, &pwdata);
- }
- PORT_FreeArena(arena, PR_FALSE);
+ privkey = findPrivateKeyByID(slot, keysource, &pwdata);
}
if (!privkey) {
diff --git a/security/nss/cmd/crlutil/crlutil.c b/security/nss/cmd/crlutil/crlutil.c
index c5527fc93..be2e47a6c 100644
--- a/security/nss/cmd/crlutil/crlutil.c
+++ b/security/nss/cmd/crlutil/crlutil.c
@@ -232,10 +232,6 @@ ImportCRL(CERTCertDBHandle *certHandle, char *url, int type,
SECItem crlDER;
PK11SlotInfo *slot = NULL;
int rv;
-#if defined(DEBUG_jp96085)
- PRIntervalTime starttime, endtime, elapsed;
- PRUint32 mins, secs, msecs;
-#endif
crlDER.data = NULL;
@@ -256,19 +252,9 @@ ImportCRL(CERTCertDBHandle *certHandle, char *url, int type,
goto loser;
}
-#if defined(DEBUG_jp96085)
- starttime = PR_IntervalNow();
-#endif
crl = PK11_ImportCRL(slot, &crlDER, url, type,
NULL, importOptions, NULL, decodeOptions);
-#if defined(DEBUG_jp96085)
- endtime = PR_IntervalNow();
- elapsed = endtime - starttime;
- mins = PR_IntervalToSeconds(elapsed) / 60;
- secs = PR_IntervalToSeconds(elapsed) % 60;
- msecs = PR_IntervalToMilliseconds(elapsed) % 1000;
- printf("Elapsed : %2d:%2d.%3d\n", mins, secs, msecs);
-#endif
+
if (!crl) {
const char *errString;
diff --git a/security/nss/cmd/crmf-cgi/crmfcgi.c b/security/nss/cmd/crmf-cgi/crmfcgi.c
index 07b81f233..9f6174383 100644
--- a/security/nss/cmd/crmf-cgi/crmfcgi.c
+++ b/security/nss/cmd/crmf-cgi/crmfcgi.c
@@ -4,7 +4,7 @@
#include "seccomon.h"
#include "nss.h"
-#include "key.h"
+#include "keyhi.h"
#include "cert.h"
#include "pk11func.h"
#include "secmod.h"
diff --git a/security/nss/cmd/crmftest/testcrmf.c b/security/nss/cmd/crmftest/testcrmf.c
index 1c1359b1b..3fe5725bf 100644
--- a/security/nss/cmd/crmftest/testcrmf.c
+++ b/security/nss/cmd/crmftest/testcrmf.c
@@ -66,7 +66,7 @@
#include "crmf.h"
#include "secerr.h"
#include "pk11func.h"
-#include "key.h"
+#include "keyhi.h"
#include "cmmf.h"
#include "plgetopt.h"
#include "secutil.h"
diff --git a/security/nss/cmd/dbck/dbrecover.c b/security/nss/cmd/dbck/dbrecover.c
index 74d21d85e..5b7e0549d 100644
--- a/security/nss/cmd/dbck/dbrecover.c
+++ b/security/nss/cmd/dbck/dbrecover.c
@@ -288,7 +288,8 @@ addCertToDB(certDBEntryCert *certEntry, dbRestoreInfo *info,
/* If user chooses so, ignore expired certificates. */
allowOverride = (PRBool)((oldCert->keyUsage == certUsageSSLServer) ||
- (oldCert->keyUsage == certUsageSSLServerWithStepUp));
+ (oldCert->keyUsage == certUsageSSLServerWithStepUp) ||
+ (oldCert->keyUsage == certUsageIPsec));
validity = CERT_CheckCertValidTimes(oldCert, PR_Now(), allowOverride);
/* If cert expired and user wants to delete it, ignore it. */
if ((validity != secCertTimeValid) &&
diff --git a/security/nss/cmd/fipstest/fipstest.c b/security/nss/cmd/fipstest/fipstest.c
index 061f3dde0..5d00b3070 100644
--- a/security/nss/cmd/fipstest/fipstest.c
+++ b/security/nss/cmd/fipstest/fipstest.c
@@ -2335,6 +2335,34 @@ sha_get_hashType(int hashbits)
return hashType;
}
+HASH_HashType
+hash_string_to_hashType(const char *src)
+{
+ HASH_HashType shaAlg = HASH_AlgNULL;
+ if (strncmp(src, "SHA-1", 5) == 0) {
+ shaAlg = HASH_AlgSHA1;
+ } else if (strncmp(src, "SHA-224", 7) == 0) {
+ shaAlg = HASH_AlgSHA224;
+ } else if (strncmp(src, "SHA-256", 7) == 0) {
+ shaAlg = HASH_AlgSHA256;
+ } else if (strncmp(src, "SHA-384", 7) == 0) {
+ shaAlg = HASH_AlgSHA384;
+ } else if (strncmp(src, "SHA-512", 7) == 0) {
+ shaAlg = HASH_AlgSHA512;
+ } else if (strncmp(src, "SHA1", 4) == 0) {
+ shaAlg = HASH_AlgSHA1;
+ } else if (strncmp(src, "SHA224", 6) == 0) {
+ shaAlg = HASH_AlgSHA224;
+ } else if (strncmp(src, "SHA256", 6) == 0) {
+ shaAlg = HASH_AlgSHA256;
+ } else if (strncmp(src, "SHA384", 6) == 0) {
+ shaAlg = HASH_AlgSHA384;
+ } else if (strncmp(src, "SHA512", 6) == 0) {
+ shaAlg = HASH_AlgSHA512;
+ }
+ return shaAlg;
+}
+
/*
* Perform the ECDSA Key Pair Generation Test.
*
@@ -2628,17 +2656,8 @@ ecdsa_siggen_test(char *reqfn)
*dst = '\0';
src++; /* skip the comma */
/* set the SHA Algorithm */
- if (strncmp(src, "SHA-1", 5) == 0) {
- shaAlg = HASH_AlgSHA1;
- } else if (strncmp(src, "SHA-224", 7) == 0) {
- shaAlg = HASH_AlgSHA224;
- } else if (strncmp(src, "SHA-256", 7) == 0) {
- shaAlg = HASH_AlgSHA256;
- } else if (strncmp(src, "SHA-384", 7) == 0) {
- shaAlg = HASH_AlgSHA384;
- } else if (strncmp(src, "SHA-512", 7) == 0) {
- shaAlg = HASH_AlgSHA512;
- } else {
+ shaAlg = hash_string_to_hashType(src);
+ if (shaAlg == HASH_AlgNULL) {
fprintf(ecdsaresp, "ERROR: Unable to find SHAAlg type");
goto loser;
}
@@ -2798,17 +2817,8 @@ ecdsa_sigver_test(char *reqfn)
*dst = '\0';
src++; /* skip the comma */
/* set the SHA Algorithm */
- if (strncmp(src, "SHA-1", 5) == 0) {
- shaAlg = HASH_AlgSHA1;
- } else if (strncmp(src, "SHA-224", 7) == 0) {
- shaAlg = HASH_AlgSHA224;
- } else if (strncmp(src, "SHA-256", 7) == 0) {
- shaAlg = HASH_AlgSHA256;
- } else if (strncmp(src, "SHA-384", 7) == 0) {
- shaAlg = HASH_AlgSHA384;
- } else if (strncmp(src, "SHA-512", 7) == 0) {
- shaAlg = HASH_AlgSHA512;
- } else {
+ shaAlg = hash_string_to_hashType(src);
+ if (shaAlg == HASH_AlgNULL) {
fprintf(ecdsaresp, "ERROR: Unable to find SHAAlg type");
goto loser;
}
@@ -2956,6 +2966,932 @@ loser:
fclose(ecdsareq);
}
+/*
+ * Perform the ECDH Functional Test.
+ *
+ * reqfn is the pathname of the REQUEST file.
+ *
+ * The output RESPONSE file is written to stdout.
+ */
+#define MAX_ECC_PARAMS 256
+void
+ecdh_functional(char *reqfn, PRBool response)
+{
+ char buf[256]; /* holds one line from the input REQUEST file.
+ * needs to be large enough to hold the longest
+ * line "Qx = <144 hex digits>\n".
+ */
+ FILE *ecdhreq; /* input stream from the REQUEST file */
+ FILE *ecdhresp; /* output stream to the RESPONSE file */
+ char curve[16]; /* "nistxddd" */
+ unsigned char hashBuf[HASH_LENGTH_MAX];
+ ECParams *ecparams[MAX_ECC_PARAMS] = { NULL };
+ ECPrivateKey *ecpriv = NULL;
+ ECParams *current_ecparams = NULL;
+ SECItem pubkey;
+ SECItem ZZ;
+ unsigned int i;
+ unsigned int len = 0;
+ unsigned int uit_len = 0;
+ int current_curve = -1;
+ HASH_HashType hash = HASH_AlgNULL; /* type of SHA Alg */
+
+ ecdhreq = fopen(reqfn, "r");
+ ecdhresp = stdout;
+ strcpy(curve, "nist");
+ pubkey.data = NULL;
+ while (fgets(buf, sizeof buf, ecdhreq) != NULL) {
+ /* a comment or blank line */
+ if (buf[0] == '#' || buf[0] == '\n' || buf[0] == '\r') {
+ fputs(buf, ecdhresp);
+ continue;
+ }
+ if (buf[0] == '[') {
+ /* [Ex] */
+ if (buf[1] == 'E' && buf[3] == ']') {
+ current_curve = buf[2] - 'A';
+ fputs(buf, ecdhresp);
+ continue;
+ }
+ /* [Curve selected: x-nnn */
+ if (strncmp(buf, "[Curve ", 7) == 0) {
+ const char *src;
+ char *dst;
+ SECItem *encodedparams;
+
+ if ((current_curve < 0) || (current_curve > MAX_ECC_PARAMS)) {
+ fprintf(stderr, "No curve type defined\n");
+ goto loser;
+ }
+
+ src = &buf[1];
+ /* skip passed the colon */
+ while (*src && *src != ':')
+ src++;
+ if (*src != ':') {
+ fprintf(stderr,
+ "No colon in curve selected statement\n%s", buf);
+ goto loser;
+ }
+ src++;
+ /* skip to the first non-space */
+ while (*src && *src == ' ')
+ src++;
+ dst = &curve[4];
+ *dst++ = tolower(*src);
+ src += 2; /* skip the hyphen */
+ *dst++ = *src++;
+ *dst++ = *src++;
+ *dst++ = *src++;
+ *dst = '\0';
+ if (ecparams[current_curve] != NULL) {
+ PORT_FreeArena(ecparams[current_curve]->arena, PR_FALSE);
+ ecparams[current_curve] = NULL;
+ }
+ encodedparams = getECParams(curve);
+ if (encodedparams == NULL) {
+ fprintf(stderr, "Unknown curve %s.", curve);
+ goto loser;
+ }
+ if (EC_DecodeParams(encodedparams, &ecparams[current_curve]) != SECSuccess) {
+ fprintf(stderr, "Curve %s not supported.\n", curve);
+ goto loser;
+ }
+ SECITEM_FreeItem(encodedparams, PR_TRUE);
+ fputs(buf, ecdhresp);
+ continue;
+ }
+ /* [Ex - SHAxxx] */
+ if (buf[1] == 'E' && buf[3] == ' ') {
+ const char *src;
+ current_curve = buf[2] - 'A';
+ if ((current_curve < 0) || (current_curve > 256)) {
+ fprintf(stderr, "bad curve type defined (%c)\n", buf[2]);
+ goto loser;
+ }
+ current_ecparams = ecparams[current_curve];
+ if (current_ecparams == NULL) {
+ fprintf(stderr, "no curve defined for type %c defined\n",
+ buf[2]);
+ goto loser;
+ }
+ /* skip passed the colon */
+ src = &buf[1];
+ while (*src && *src != '-')
+ src++;
+ if (*src != '-') {
+ fprintf(stderr,
+ "No data in curve selected statement\n%s", buf);
+ goto loser;
+ }
+ src++;
+ /* skip to the first non-space */
+ while (*src && *src == ' ')
+ src++;
+ hash = hash_string_to_hashType(src);
+ if (hash == HASH_AlgNULL) {
+ fprintf(ecdhresp, "ERROR: Unable to find SHAAlg type");
+ goto loser;
+ }
+ fputs(buf, ecdhresp);
+ continue;
+ }
+ fputs(buf, ecdhresp);
+ continue;
+ }
+ /* COUNT = ... */
+ if (strncmp(buf, "COUNT", 5) == 0) {
+ fputs(buf, ecdhresp);
+ if (current_ecparams == NULL) {
+ fprintf(stderr, "no curve defined for type %c defined\n",
+ buf[2]);
+ goto loser;
+ }
+ len = (current_ecparams->fieldID.size + 7) >> 3;
+ if (pubkey.data != NULL) {
+ PORT_Free(pubkey.data);
+ pubkey.data = NULL;
+ }
+ SECITEM_AllocItem(NULL, &pubkey, EC_GetPointSize(current_ecparams));
+ if (pubkey.data == NULL) {
+ goto loser;
+ }
+ pubkey.data[0] = EC_POINT_FORM_UNCOMPRESSED;
+ continue;
+ }
+ /* QeCAVSx = ... */
+ if (strncmp(buf, "QeCAVSx", 7) == 0) {
+ fputs(buf, ecdhresp);
+ i = 7;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(&pubkey.data[1], len, &buf[i]);
+ continue;
+ }
+ /* QeCAVSy = ... */
+ if (strncmp(buf, "QeCAVSy", 7) == 0) {
+ fputs(buf, ecdhresp);
+ i = 7;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(&pubkey.data[1 + len], len, &buf[i]);
+ if (current_ecparams == NULL) {
+ fprintf(stderr, "no curve defined\n");
+ goto loser;
+ }
+ /* validate CAVS public key */
+ if (EC_ValidatePublicKey(current_ecparams, &pubkey) != SECSuccess) {
+ fprintf(stderr, "BAD key detected\n");
+ goto loser;
+ }
+
+ /* generate ECC key pair */
+ if (EC_NewKey(current_ecparams, &ecpriv) != SECSuccess) {
+ fprintf(stderr, "Failed to generate new key\n");
+ goto loser;
+ }
+ /* validate UIT generated public key */
+ if (EC_ValidatePublicKey(current_ecparams, &ecpriv->publicValue) !=
+ SECSuccess) {
+ fprintf(stderr, "generate key did not validate\n");
+ goto loser;
+ }
+ /* output UIT public key */
+ uit_len = ecpriv->publicValue.len;
+ if (uit_len % 2 == 0) {
+ fprintf(stderr, "generate key had invalid public value len\n");
+ goto loser;
+ }
+ uit_len = (uit_len - 1) / 2;
+ if (ecpriv->publicValue.data[0] != EC_POINT_FORM_UNCOMPRESSED) {
+ fprintf(stderr, "generate key was compressed\n");
+ goto loser;
+ }
+ fputs("QeIUTx = ", ecdhresp);
+ to_hex_str(buf, &ecpriv->publicValue.data[1], uit_len);
+ fputs(buf, ecdhresp);
+ fputc('\n', ecdhresp);
+ fputs("QeIUTy = ", ecdhresp);
+ to_hex_str(buf, &ecpriv->publicValue.data[1 + uit_len], uit_len);
+ fputs(buf, ecdhresp);
+ fputc('\n', ecdhresp);
+ /* ECDH */
+ if (ECDH_Derive(&pubkey, current_ecparams, &ecpriv->privateValue,
+ PR_FALSE, &ZZ) != SECSuccess) {
+ fprintf(stderr, "Derive failed\n");
+ goto loser;
+ }
+ /* output hash of ZZ */
+ if (fips_hashBuf(hash, hashBuf, ZZ.data, ZZ.len) != SECSuccess) {
+ fprintf(stderr, "hash of derived key failed\n");
+ goto loser;
+ }
+ SECITEM_FreeItem(&ZZ, PR_FALSE);
+ fputs("HashZZ = ", ecdhresp);
+ to_hex_str(buf, hashBuf, fips_hashLen(hash));
+ fputs(buf, ecdhresp);
+ fputc('\n', ecdhresp);
+ fputc('\n', ecdhresp);
+ PORT_FreeArena(ecpriv->ecParams.arena, PR_TRUE);
+ ecpriv = NULL;
+ continue;
+ }
+ }
+loser:
+ if (ecpriv != NULL) {
+ PORT_FreeArena(ecpriv->ecParams.arena, PR_TRUE);
+ }
+ for (i = 0; i < MAX_ECC_PARAMS; i++) {
+ if (ecparams[i] != NULL) {
+ PORT_FreeArena(ecparams[i]->arena, PR_FALSE);
+ ecparams[i] = NULL;
+ }
+ }
+ if (pubkey.data != NULL) {
+ PORT_Free(pubkey.data);
+ }
+ fclose(ecdhreq);
+}
+
+#define MATCH_OPENSSL 1
+/*
+ * Perform the ECDH Validity Test.
+ *
+ * reqfn is the pathname of the REQUEST file.
+ *
+ * The output RESPONSE file is written to stdout.
+ */
+void
+ecdh_verify(char *reqfn, PRBool response)
+{
+ char buf[256]; /* holds one line from the input REQUEST file.
+ * needs to be large enough to hold the longest
+ * line "Qx = <144 hex digits>\n".
+ */
+ FILE *ecdhreq; /* input stream from the REQUEST file */
+ FILE *ecdhresp; /* output stream to the RESPONSE file */
+ char curve[16]; /* "nistxddd" */
+ unsigned char hashBuf[HASH_LENGTH_MAX];
+ unsigned char cavsHashBuf[HASH_LENGTH_MAX];
+ unsigned char private_data[MAX_ECKEY_LEN];
+ ECParams *ecparams[MAX_ECC_PARAMS] = { NULL };
+ ECParams *current_ecparams = NULL;
+ SECItem pubkey;
+ SECItem ZZ;
+ SECItem private_value;
+ unsigned int i;
+ unsigned int len = 0;
+ int current_curve = -1;
+ HASH_HashType hash = HASH_AlgNULL; /* type of SHA Alg */
+
+ ecdhreq = fopen(reqfn, "r");
+ ecdhresp = stdout;
+ strcpy(curve, "nist");
+ pubkey.data = NULL;
+ while (fgets(buf, sizeof buf, ecdhreq) != NULL) {
+ /* a comment or blank line */
+ if (buf[0] == '#' || buf[0] == '\n' || buf[0] == '\r') {
+ fputs(buf, ecdhresp);
+ continue;
+ }
+ if (buf[0] == '[') {
+ /* [Ex] */
+ if (buf[1] == 'E' && buf[3] == ']') {
+ current_curve = buf[2] - 'A';
+ fputs(buf, ecdhresp);
+ continue;
+ }
+ /* [Curve selected: x-nnn */
+ if (strncmp(buf, "[Curve ", 7) == 0) {
+ const char *src;
+ char *dst;
+ SECItem *encodedparams;
+
+ if ((current_curve < 0) || (current_curve > MAX_ECC_PARAMS)) {
+ fprintf(stderr, "No curve type defined\n");
+ goto loser;
+ }
+
+ src = &buf[1];
+ /* skip passed the colon */
+ while (*src && *src != ':')
+ src++;
+ if (*src != ':') {
+ fprintf(stderr,
+ "No colon in curve selected statement\n%s", buf);
+ goto loser;
+ }
+ src++;
+ /* skip to the first non-space */
+ while (*src && *src == ' ')
+ src++;
+ dst = &curve[4];
+ *dst++ = tolower(*src);
+ src += 2; /* skip the hyphen */
+ *dst++ = *src++;
+ *dst++ = *src++;
+ *dst++ = *src++;
+ *dst = '\0';
+ if (ecparams[current_curve] != NULL) {
+ PORT_FreeArena(ecparams[current_curve]->arena, PR_FALSE);
+ ecparams[current_curve] = NULL;
+ }
+ encodedparams = getECParams(curve);
+ if (encodedparams == NULL) {
+ fprintf(stderr, "Unknown curve %s.\n", curve);
+ goto loser;
+ }
+ if (EC_DecodeParams(encodedparams, &ecparams[current_curve]) != SECSuccess) {
+ fprintf(stderr, "Curve %s not supported.\n", curve);
+ goto loser;
+ }
+ SECITEM_FreeItem(encodedparams, PR_TRUE);
+ fputs(buf, ecdhresp);
+ continue;
+ }
+ /* [Ex - SHAxxx] */
+ if (buf[1] == 'E' && buf[3] == ' ') {
+ const char *src;
+ current_curve = buf[2] - 'A';
+ if ((current_curve < 0) || (current_curve > 256)) {
+ fprintf(stderr, "bad curve type defined (%c)\n", buf[2]);
+ goto loser;
+ }
+ current_ecparams = ecparams[current_curve];
+ if (current_ecparams == NULL) {
+ fprintf(stderr, "no curve defined for type %c defined\n",
+ buf[2]);
+ goto loser;
+ }
+ /* skip passed the colon */
+ src = &buf[1];
+ while (*src && *src != '-')
+ src++;
+ if (*src != '-') {
+ fprintf(stderr,
+ "No data in curve selected statement\n%s", buf);
+ goto loser;
+ }
+ src++;
+ /* skip to the first non-space */
+ while (*src && *src == ' ')
+ src++;
+ hash = hash_string_to_hashType(src);
+ if (hash == HASH_AlgNULL) {
+ fprintf(ecdhresp, "ERROR: Unable to find SHAAlg type");
+ goto loser;
+ }
+ fputs(buf, ecdhresp);
+ continue;
+ }
+ fputs(buf, ecdhresp);
+ continue;
+ }
+ /* COUNT = ... */
+ if (strncmp(buf, "COUNT", 5) == 0) {
+ fputs(buf, ecdhresp);
+ if (current_ecparams == NULL) {
+ fprintf(stderr, "no curve defined for type %c defined\n",
+ buf[2]);
+ goto loser;
+ }
+ len = (current_ecparams->fieldID.size + 7) >> 3;
+ if (pubkey.data != NULL) {
+ PORT_Free(pubkey.data);
+ pubkey.data = NULL;
+ }
+ SECITEM_AllocItem(NULL, &pubkey, EC_GetPointSize(current_ecparams));
+ if (pubkey.data == NULL) {
+ goto loser;
+ }
+ pubkey.data[0] = EC_POINT_FORM_UNCOMPRESSED;
+ continue;
+ }
+ /* QeCAVSx = ... */
+ if (strncmp(buf, "QeCAVSx", 7) == 0) {
+ fputs(buf, ecdhresp);
+ i = 7;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(&pubkey.data[1], len, &buf[i]);
+ continue;
+ }
+ /* QeCAVSy = ... */
+ if (strncmp(buf, "QeCAVSy", 7) == 0) {
+ fputs(buf, ecdhresp);
+ i = 7;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(&pubkey.data[1 + len], len, &buf[i]);
+ continue;
+ }
+ if (strncmp(buf, "deIUT", 5) == 0) {
+ fputs(buf, ecdhresp);
+ i = 5;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(private_data, len, &buf[i]);
+ private_value.data = private_data;
+ private_value.len = len;
+ continue;
+ }
+ if (strncmp(buf, "QeIUTx", 6) == 0) {
+ fputs(buf, ecdhresp);
+ continue;
+ }
+ if (strncmp(buf, "QeIUTy", 6) == 0) {
+ fputs(buf, ecdhresp);
+ continue;
+ }
+ if (strncmp(buf, "CAVSHashZZ", 10) == 0) {
+ fputs(buf, ecdhresp);
+ i = 10;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(cavsHashBuf, fips_hashLen(hash), &buf[i]);
+ if (current_ecparams == NULL) {
+ fprintf(stderr, "no curve defined for type defined\n");
+ goto loser;
+ }
+ /* validate CAVS public key */
+ if (EC_ValidatePublicKey(current_ecparams, &pubkey) != SECSuccess) {
+#ifdef MATCH_OPENSSL
+ fprintf(ecdhresp, "Result = F\n");
+#else
+ fprintf(ecdhresp, "Result = F # key didn't validate\n");
+#endif
+ continue;
+ }
+
+ /* ECDH */
+ if (ECDH_Derive(&pubkey, current_ecparams, &private_value,
+ PR_FALSE, &ZZ) != SECSuccess) {
+ fprintf(stderr, "Derive failed\n");
+ goto loser;
+ }
+/* output ZZ */
+#ifndef MATCH_OPENSSL
+ fputs("Z = ", ecdhresp);
+ to_hex_str(buf, ZZ.data, ZZ.len);
+ fputs(buf, ecdhresp);
+ fputc('\n', ecdhresp);
+#endif
+
+ if (fips_hashBuf(hash, hashBuf, ZZ.data, ZZ.len) != SECSuccess) {
+ fprintf(stderr, "hash of derived key failed\n");
+ goto loser;
+ }
+ SECITEM_FreeItem(&ZZ, PR_FALSE);
+#ifndef MATCH_NIST
+ fputs("IUTHashZZ = ", ecdhresp);
+ to_hex_str(buf, hashBuf, fips_hashLen(hash));
+ fputs(buf, ecdhresp);
+ fputc('\n', ecdhresp);
+#endif
+ if (memcmp(hashBuf, cavsHashBuf, fips_hashLen(hash)) != 0) {
+#ifdef MATCH_OPENSSL
+ fprintf(ecdhresp, "Result = F\n");
+#else
+ fprintf(ecdhresp, "Result = F # hash doesn't match\n");
+#endif
+ } else {
+ fprintf(ecdhresp, "Result = P\n");
+ }
+#ifndef MATCH_OPENSSL
+ fputc('\n', ecdhresp);
+#endif
+ continue;
+ }
+ }
+loser:
+ for (i = 0; i < MAX_ECC_PARAMS; i++) {
+ if (ecparams[i] != NULL) {
+ PORT_FreeArena(ecparams[i]->arena, PR_FALSE);
+ ecparams[i] = NULL;
+ }
+ }
+ if (pubkey.data != NULL) {
+ PORT_Free(pubkey.data);
+ }
+ fclose(ecdhreq);
+}
+
+/*
+ * Perform the DH Functional Test.
+ *
+ * reqfn is the pathname of the REQUEST file.
+ *
+ * The output RESPONSE file is written to stdout.
+ */
+#define MAX_ECC_PARAMS 256
+void
+dh_functional(char *reqfn, PRBool response)
+{
+ char buf[1024]; /* holds one line from the input REQUEST file.
+ * needs to be large enough to hold the longest
+ * line "YephCAVS = <512 hex digits>\n".
+ */
+ FILE *dhreq; /* input stream from the REQUEST file */
+ FILE *dhresp; /* output stream to the RESPONSE file */
+ unsigned char hashBuf[HASH_LENGTH_MAX];
+ DSAPrivateKey *dsapriv = NULL;
+ PQGParams pqg = { 0 };
+ unsigned char pubkeydata[DSA_MAX_P_BITS / 8];
+ SECItem pubkey;
+ SECItem ZZ;
+ unsigned int i, j;
+ unsigned int pgySize;
+ HASH_HashType hash = HASH_AlgNULL; /* type of SHA Alg */
+
+ dhreq = fopen(reqfn, "r");
+ dhresp = stdout;
+ while (fgets(buf, sizeof buf, dhreq) != NULL) {
+ /* a comment or blank line */
+ if (buf[0] == '#' || buf[0] == '\n' || buf[0] == '\r') {
+ fputs(buf, dhresp);
+ continue;
+ }
+ if (buf[0] == '[') {
+ /* [Fx - SHAxxx] */
+ if (buf[1] == 'F' && buf[3] == ' ') {
+ const char *src;
+ /* skip passed the colon */
+ src = &buf[1];
+ while (*src && *src != '-')
+ src++;
+ if (*src != '-') {
+ fprintf(stderr, "No hash specified\n%s", buf);
+ goto loser;
+ }
+ src++;
+ /* skip to the first non-space */
+ while (*src && *src == ' ')
+ src++;
+ hash = hash_string_to_hashType(src);
+ if (hash == HASH_AlgNULL) {
+ fprintf(dhresp, "ERROR: Unable to find SHAAlg type");
+ goto loser;
+ }
+ /* clear the PQG parameters */
+ if (pqg.prime.data) { /* P */
+ SECITEM_ZfreeItem(&pqg.prime, PR_FALSE);
+ }
+ if (pqg.subPrime.data) { /* Q */
+ SECITEM_ZfreeItem(&pqg.subPrime, PR_FALSE);
+ }
+ if (pqg.base.data) { /* G */
+ SECITEM_ZfreeItem(&pqg.base, PR_FALSE);
+ }
+ pgySize = DSA_MAX_P_BITS / 8; /* change if more key sizes are supported in CAVS */
+ SECITEM_AllocItem(NULL, &pqg.prime, pgySize);
+ SECITEM_AllocItem(NULL, &pqg.base, pgySize);
+ pqg.prime.len = pqg.base.len = pgySize;
+
+ /* set q to the max allows */
+ SECITEM_AllocItem(NULL, &pqg.subPrime, DSA_MAX_Q_BITS / 8);
+ pqg.subPrime.len = DSA_MAX_Q_BITS / 8;
+ fputs(buf, dhresp);
+ continue;
+ }
+ fputs(buf, dhresp);
+ continue;
+ }
+ if (buf[0] == 'P') {
+ i = 1;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.prime.len; i += 2, j++) {
+ if (!isxdigit(buf[i])) {
+ pqg.prime.len = j;
+ break;
+ }
+ hex_to_byteval(&buf[i], &pqg.prime.data[j]);
+ }
+
+ fputs(buf, dhresp);
+ continue;
+ }
+
+ /* Q = ... */
+ if (buf[0] == 'Q') {
+ i = 1;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.subPrime.len; i += 2, j++) {
+ if (!isxdigit(buf[i])) {
+ pqg.subPrime.len = j;
+ break;
+ }
+ hex_to_byteval(&buf[i], &pqg.subPrime.data[j]);
+ }
+
+ fputs(buf, dhresp);
+ continue;
+ }
+
+ /* G = ... */
+ if (buf[0] == 'G') {
+ i = 1;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.base.len; i += 2, j++) {
+ if (!isxdigit(buf[i])) {
+ pqg.base.len = j;
+ break;
+ }
+ hex_to_byteval(&buf[i], &pqg.base.data[j]);
+ }
+
+ fputs(buf, dhresp);
+ continue;
+ }
+
+ /* COUNT = ... */
+ if (strncmp(buf, "COUNT", 5) == 0) {
+ fputs(buf, dhresp);
+ continue;
+ }
+
+ /* YephemCAVS = ... */
+ if (strncmp(buf, "YephemCAVS", 10) == 0) {
+ fputs(buf, dhresp);
+ i = 10;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(pubkeydata, pqg.prime.len, &buf[i]);
+ pubkey.data = pubkeydata;
+ pubkey.len = pqg.prime.len;
+
+ /* generate FCC key pair, nist uses pqg rather then pg,
+ * so use DSA to generate the key */
+ if (DSA_NewKey(&pqg, &dsapriv) != SECSuccess) {
+ fprintf(stderr, "Failed to generate new key\n");
+ goto loser;
+ }
+ fputs("XephemIUT = ", dhresp);
+ to_hex_str(buf, dsapriv->privateValue.data, dsapriv->privateValue.len);
+ fputs(buf, dhresp);
+ fputc('\n', dhresp);
+ fputs("YephemIUT = ", dhresp);
+ to_hex_str(buf, dsapriv->publicValue.data, dsapriv->publicValue.len);
+ fputs(buf, dhresp);
+ fputc('\n', dhresp);
+ /* DH */
+ if (DH_Derive(&pubkey, &pqg.prime, &dsapriv->privateValue,
+ &ZZ, pqg.prime.len) != SECSuccess) {
+ fprintf(stderr, "Derive failed\n");
+ goto loser;
+ }
+ /* output hash of ZZ */
+ if (fips_hashBuf(hash, hashBuf, ZZ.data, ZZ.len) != SECSuccess) {
+ fprintf(stderr, "hash of derived key failed\n");
+ goto loser;
+ }
+ SECITEM_FreeItem(&ZZ, PR_FALSE);
+ fputs("HashZZ = ", dhresp);
+ to_hex_str(buf, hashBuf, fips_hashLen(hash));
+ fputs(buf, dhresp);
+ fputc('\n', dhresp);
+ fputc('\n', dhresp);
+ PORT_FreeArena(dsapriv->params.arena, PR_TRUE);
+ dsapriv = NULL;
+ continue;
+ }
+ }
+loser:
+ if (dsapriv != NULL) {
+ PORT_FreeArena(dsapriv->params.arena, PR_TRUE);
+ }
+ fclose(dhreq);
+}
+
+#define MATCH_OPENSSL 1
+/*
+ * Perform the DH Validity Test.
+ *
+ * reqfn is the pathname of the REQUEST file.
+ *
+ * The output RESPONSE file is written to stdout.
+ */
+void
+dh_verify(char *reqfn, PRBool response)
+{
+ char buf[1024]; /* holds one line from the input REQUEST file.
+ * needs to be large enough to hold the longest
+ * line "YephCAVS = <512 hex digits>\n".
+ */
+ FILE *dhreq; /* input stream from the REQUEST file */
+ FILE *dhresp; /* output stream to the RESPONSE file */
+ unsigned char hashBuf[HASH_LENGTH_MAX];
+ unsigned char cavsHashBuf[HASH_LENGTH_MAX];
+ PQGParams pqg = { 0 };
+ unsigned char pubkeydata[DSA_MAX_P_BITS / 8];
+ unsigned char privkeydata[DSA_MAX_P_BITS / 8];
+ SECItem pubkey;
+ SECItem privkey;
+ SECItem ZZ;
+ unsigned int i, j;
+ unsigned int pgySize;
+ HASH_HashType hash = HASH_AlgNULL; /* type of SHA Alg */
+
+ dhreq = fopen(reqfn, "r");
+ dhresp = stdout;
+ while (fgets(buf, sizeof buf, dhreq) != NULL) {
+ /* a comment or blank line */
+ if (buf[0] == '#' || buf[0] == '\n' || buf[0] == '\r') {
+ fputs(buf, dhresp);
+ continue;
+ }
+ if (buf[0] == '[') {
+ /* [Fx - SHAxxx] */
+ if (buf[1] == 'F' && buf[3] == ' ') {
+ const char *src;
+ /* skip passed the colon */
+ src = &buf[1];
+ while (*src && *src != '-')
+ src++;
+ if (*src != '-') {
+ fprintf(stderr, "No hash specified\n%s", buf);
+ goto loser;
+ }
+ src++;
+ /* skip to the first non-space */
+ while (*src && *src == ' ')
+ src++;
+ hash = hash_string_to_hashType(src);
+ if (hash == HASH_AlgNULL) {
+ fprintf(dhresp, "ERROR: Unable to find SHAAlg type");
+ goto loser;
+ }
+ /* clear the PQG parameters */
+ if (pqg.prime.data) { /* P */
+ SECITEM_ZfreeItem(&pqg.prime, PR_FALSE);
+ }
+ if (pqg.subPrime.data) { /* Q */
+ SECITEM_ZfreeItem(&pqg.subPrime, PR_FALSE);
+ }
+ if (pqg.base.data) { /* G */
+ SECITEM_ZfreeItem(&pqg.base, PR_FALSE);
+ }
+ pgySize = DSA_MAX_P_BITS / 8; /* change if more key sizes are supported in CAVS */
+ SECITEM_AllocItem(NULL, &pqg.prime, pgySize);
+ SECITEM_AllocItem(NULL, &pqg.base, pgySize);
+ pqg.prime.len = pqg.base.len = pgySize;
+
+ /* set q to the max allows */
+ SECITEM_AllocItem(NULL, &pqg.subPrime, DSA_MAX_Q_BITS / 8);
+ pqg.subPrime.len = DSA_MAX_Q_BITS / 8;
+ fputs(buf, dhresp);
+ continue;
+ }
+ fputs(buf, dhresp);
+ continue;
+ }
+ if (buf[0] == 'P') {
+ i = 1;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.prime.len; i += 2, j++) {
+ if (!isxdigit(buf[i])) {
+ pqg.prime.len = j;
+ break;
+ }
+ hex_to_byteval(&buf[i], &pqg.prime.data[j]);
+ }
+
+ fputs(buf, dhresp);
+ continue;
+ }
+
+ /* Q = ... */
+ if (buf[0] == 'Q') {
+ i = 1;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.subPrime.len; i += 2, j++) {
+ if (!isxdigit(buf[i])) {
+ pqg.subPrime.len = j;
+ break;
+ }
+ hex_to_byteval(&buf[i], &pqg.subPrime.data[j]);
+ }
+
+ fputs(buf, dhresp);
+ continue;
+ }
+
+ /* G = ... */
+ if (buf[0] == 'G') {
+ i = 1;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.base.len; i += 2, j++) {
+ if (!isxdigit(buf[i])) {
+ pqg.base.len = j;
+ break;
+ }
+ hex_to_byteval(&buf[i], &pqg.base.data[j]);
+ }
+
+ fputs(buf, dhresp);
+ continue;
+ }
+
+ /* COUNT = ... */
+ if (strncmp(buf, "COUNT", 5) == 0) {
+ fputs(buf, dhresp);
+ continue;
+ }
+
+ /* YephemCAVS = ... */
+ if (strncmp(buf, "YephemCAVS", 10) == 0) {
+ fputs(buf, dhresp);
+ i = 10;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(pubkeydata, pqg.prime.len, &buf[i]);
+ pubkey.data = pubkeydata;
+ pubkey.len = pqg.prime.len;
+ continue;
+ }
+ /* XephemUIT = ... */
+ if (strncmp(buf, "XephemIUT", 9) == 0) {
+ fputs(buf, dhresp);
+ i = 9;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(privkeydata, pqg.subPrime.len, &buf[i]);
+ privkey.data = privkeydata;
+ privkey.len = pqg.subPrime.len;
+ continue;
+ }
+ /* YephemUIT = ... */
+ if (strncmp(buf, "YephemIUT", 9) == 0) {
+ fputs(buf, dhresp);
+ continue;
+ }
+ /* CAVSHashZZ = ... */
+ if (strncmp(buf, "CAVSHashZZ", 10) == 0) {
+ fputs(buf, dhresp);
+ i = 10;
+ while (isspace(buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(cavsHashBuf, fips_hashLen(hash), &buf[i]);
+ /* do the DH operation*/
+ if (DH_Derive(&pubkey, &pqg.prime, &privkey,
+ &ZZ, pqg.prime.len) != SECSuccess) {
+ fprintf(stderr, "Derive failed\n");
+ goto loser;
+ }
+/* output ZZ */
+#ifndef MATCH_OPENSSL
+ fputs("Z = ", dhresp);
+ to_hex_str(buf, ZZ.data, ZZ.len);
+ fputs(buf, dhresp);
+ fputc('\n', dhresp);
+#endif
+ if (fips_hashBuf(hash, hashBuf, ZZ.data, ZZ.len) != SECSuccess) {
+ fprintf(stderr, "hash of derived key failed\n");
+ goto loser;
+ }
+ SECITEM_FreeItem(&ZZ, PR_FALSE);
+#ifndef MATCH_NIST_
+ fputs("IUTHashZZ = ", dhresp);
+ to_hex_str(buf, hashBuf, fips_hashLen(hash));
+ fputs(buf, dhresp);
+ fputc('\n', dhresp);
+#endif
+ if (memcmp(hashBuf, cavsHashBuf, fips_hashLen(hash)) != 0) {
+ fprintf(dhresp, "Result = F\n");
+ } else {
+ fprintf(dhresp, "Result = P\n");
+ }
+#ifndef MATCH_OPENSSL
+ fputc('\n', dhresp);
+#endif
+ continue;
+ }
+ }
+loser:
+ fclose(dhreq);
+}
+
PRBool
isblankline(char *b)
{
@@ -5342,17 +6278,8 @@ rsa_siggen_test(char *reqfn)
i++;
}
/* set the SHA Algorithm */
- if (strncmp(&buf[i], "SHA1", 4) == 0) {
- shaAlg = HASH_AlgSHA1;
- } else if (strncmp(&buf[i], "SHA224", 6) == 0) {
- shaAlg = HASH_AlgSHA224;
- } else if (strncmp(&buf[i], "SHA256", 6) == 0) {
- shaAlg = HASH_AlgSHA256;
- } else if (strncmp(&buf[i], "SHA384", 6) == 0) {
- shaAlg = HASH_AlgSHA384;
- } else if (strncmp(&buf[i], "SHA512", 6) == 0) {
- shaAlg = HASH_AlgSHA512;
- } else {
+ shaAlg = hash_string_to_hashType(&buf[i]);
+ if (shaAlg == HASH_AlgNULL) {
fprintf(rsaresp, "ERROR: Unable to find SHAAlg type");
goto loser;
}
@@ -5537,17 +6464,8 @@ rsa_sigver_test(char *reqfn)
i++;
}
/* set the SHA Algorithm */
- if (strncmp(&buf[i], "SHA1", 4) == 0) {
- shaAlg = HASH_AlgSHA1;
- } else if (strncmp(&buf[i], "SHA224", 6) == 0) {
- shaAlg = HASH_AlgSHA224;
- } else if (strncmp(&buf[i], "SHA256", 6) == 0) {
- shaAlg = HASH_AlgSHA256;
- } else if (strncmp(&buf[i], "SHA384", 6) == 0) {
- shaAlg = HASH_AlgSHA384;
- } else if (strncmp(&buf[i], "SHA512", 6) == 0) {
- shaAlg = HASH_AlgSHA512;
- } else {
+ shaAlg = hash_string_to_hashType(&buf[i]);
+ if (shaAlg == HASH_AlgNULL) {
fprintf(rsaresp, "ERROR: Unable to find SHAAlg type");
goto loser;
}
@@ -6108,6 +7026,34 @@ main(int argc, char **argv)
ecdsa_sigver_test(argv[3]);
}
/*************/
+ /* ECDH */
+ /*************/
+ } else if (strcmp(argv[1], "ecdh") == 0) {
+ /* argv[2]={init|resp}-{func|verify} argv[3]=<test name>.req */
+ if (strcmp(argv[2], "init-func") == 0) {
+ ecdh_functional(argv[3], 0);
+ } else if (strcmp(argv[2], "resp-func") == 0) {
+ ecdh_functional(argv[3], 1);
+ } else if (strcmp(argv[2], "init-verify") == 0) {
+ ecdh_verify(argv[3], 0);
+ } else if (strcmp(argv[2], "resp-verify") == 0) {
+ ecdh_verify(argv[3], 1);
+ }
+ /*************/
+ /* DH */
+ /*************/
+ } else if (strcmp(argv[1], "dh") == 0) {
+ /* argv[2]={init|resp}-{func|verify} argv[3]=<test name>.req */
+ if (strcmp(argv[2], "init-func") == 0) {
+ dh_functional(argv[3], 0);
+ } else if (strcmp(argv[2], "resp-func") == 0) {
+ dh_functional(argv[3], 1);
+ } else if (strcmp(argv[2], "init-verify") == 0) {
+ dh_verify(argv[3], 0);
+ } else if (strcmp(argv[2], "resp-verify") == 0) {
+ dh_verify(argv[3], 1);
+ }
+ /*************/
/* RNG */
/*************/
} else if (strcmp(argv[1], "rng") == 0) {
diff --git a/security/nss/cmd/fipstest/kas.sh b/security/nss/cmd/fipstest/kas.sh
new file mode 100644
index 000000000..9aa5387a8
--- /dev/null
+++ b/security/nss/cmd/fipstest/kas.sh
@@ -0,0 +1,84 @@
+#!/bin/sh
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+# A Bourne shell script for running the NIST DSA Validation System
+#
+# Before you run the script, set your PATH, LD_LIBRARY_PATH, ... environment
+# variables appropriately so that the fipstest command and the NSPR and NSS
+# shared libraries/DLLs are on the search path. Then run this script in the
+# directory where the REQUEST (.req) files reside. The script generates the
+# RESPONSE (.rsp) files in the same directory.
+BASEDIR=${1-.}
+TESTDIR=${BASEDIR}/KAS
+COMMAND=${2-run}
+REQDIR=${TESTDIR}/req
+RSPDIR=${TESTDIR}/resp
+
+
+#
+if [ ${COMMAND} = "verify" ]; then
+#
+# need verify for KAS tests
+
+# verify generated keys
+# name=KeyPair
+# echo ">>>>> $name"
+# fipstest dsa keyver ${RSPDIR}/$name.rsp | grep ^Result.=.F
+# verify generated pqg values
+# name=PQGGen
+# echo ">>>>> $name"
+# fipstest dsa pqgver ${RSPDIR}/$name.rsp | grep ^Result.=.F
+# verify PQGVer with known answer
+# sh ./validate1.sh ${TESTDIR} PQGVer.req ' ' '-e /^Result.=.F/s;.(.*);; -e /^Result.=.P/s;.(.*);;'
+# verify signatures
+# name=SigGen
+# echo ">>>>> $name"
+# fipstest dsa sigver ${RSPDIR}/$name.rsp | grep ^Result.=.F
+# verify SigVer with known answer
+# sh ./validate1.sh ${TESTDIR} SigVer.req ' ' '-e /^X.=/d -e /^Result.=.F/s;.(.*);;'
+ exit 0
+fi
+
+request=KASFunctionTest_ECCEphemeralUnified_NOKC_ZZOnly_init.req
+response=`echo $request | sed -e "s/req/rsp/"`
+echo $request $response
+fipstest ecdh init-func ${REQDIR}/$request > ${RSPDIR}/$response
+
+request=KASFunctionTest_ECCEphemeralUnified_NOKC_ZZOnly_resp.req
+response=`echo $request | sed -e "s/req/rsp/"`
+echo $request $response
+fipstest ecdh resp-func ${REQDIR}/$request > ${RSPDIR}/$response
+
+request=KASValidityTest_ECCEphemeralUnified_NOKC_ZZOnly_init.req
+response=`echo $request | sed -e "s/req/rsp/"`
+echo $request $response
+fipstest ecdh init-verify ${REQDIR}/$request > ${RSPDIR}/$response
+
+request=KASValidityTest_ECCEphemeralUnified_NOKC_ZZOnly_resp.req
+response=`echo $request | sed -e "s/req/rsp/"`
+echo $request $response
+fipstest ecdh resp-verify ${REQDIR}/$request > ${RSPDIR}/$response
+
+request=KASFunctionTest_FFCEphem_NOKC_ZZOnly_init.req
+response=`echo $request | sed -e "s/req/rsp/"`
+echo $request $response
+fipstest dh init-func ${REQDIR}/$request > ${RSPDIR}/$response
+
+request=KASFunctionTest_FFCEphem_NOKC_ZZOnly_resp.req
+response=`echo $request | sed -e "s/req/rsp/"`
+echo $request $response
+fipstest dh resp-func ${REQDIR}/$request > ${RSPDIR}/$response
+
+request=KASValidityTest_FFCEphem_NOKC_ZZOnly_init.req
+response=`echo $request | sed -e "s/req/rsp/"`
+echo $request $response
+fipstest dh init-verify ${REQDIR}/$request > ${RSPDIR}/$response
+
+request=KASValidityTest_FFCEphem_NOKC_ZZOnly_resp.req
+response=`echo $request | sed -e "s/req/rsp/"`
+echo $request $response
+fipstest dh resp-verify ${REQDIR}/$request > ${RSPDIR}/$response
+
diff --git a/security/nss/cmd/fipstest/runtest.sh b/security/nss/cmd/fipstest/runtest.sh
index 5f8e66a08..fcb16348b 100644
--- a/security/nss/cmd/fipstest/runtest.sh
+++ b/security/nss/cmd/fipstest/runtest.sh
@@ -6,7 +6,7 @@
#
TESTDIR=${1-.}
COMMAND=${2-run}
-TESTS="aes aesgcm dsa ecdsa hmac tls rng rsa sha tdea"
+TESTS="aes aesgcm dsa ecdsa hmac kas tls rng rsa sha tdea"
for i in $TESTS
do
echo "********************Running $i tests"
diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c
index 6be2df432..97c7f750a 100644
--- a/security/nss/cmd/lib/secutil.c
+++ b/security/nss/cmd/lib/secutil.c
@@ -3799,7 +3799,7 @@ SECU_ParseSSLVersionRangeString(const char *input,
return SECSuccess;
}
-SSLNamedGroup
+static SSLNamedGroup
groupNameToNamedGroup(char *name)
{
if (PL_strlen(name) == 4) {
@@ -3837,6 +3837,23 @@ groupNameToNamedGroup(char *name)
return ssl_grp_none;
}
+static SECStatus
+countItems(const char *arg, unsigned int *numItems)
+{
+ char *str = PORT_Strdup(arg);
+ if (!str) {
+ return SECFailure;
+ }
+ char *p = strtok(str, ",");
+ while (p) {
+ ++(*numItems);
+ p = strtok(NULL, ",");
+ }
+ PORT_Free(str);
+ str = NULL;
+ return SECSuccess;
+}
+
SECStatus
parseGroupList(const char *arg, SSLNamedGroup **enabledGroups,
unsigned int *enabledGroupsCount)
@@ -3847,21 +3864,12 @@ parseGroupList(const char *arg, SSLNamedGroup **enabledGroups,
unsigned int numValues = 0;
unsigned int count = 0;
- /* Count the number of groups. */
- str = PORT_Strdup(arg);
- if (!str) {
+ if (countItems(arg, &numValues) != SECSuccess) {
return SECFailure;
}
- p = strtok(str, ",");
- while (p) {
- ++numValues;
- p = strtok(NULL, ",");
- }
- PORT_Free(str);
- str = NULL;
groups = PORT_ZNewArray(SSLNamedGroup, numValues);
if (!groups) {
- goto done;
+ return SECFailure;
}
/* Get group names. */
@@ -3881,9 +3889,7 @@ parseGroupList(const char *arg, SSLNamedGroup **enabledGroups,
}
done:
- if (str) {
- PORT_Free(str);
- }
+ PORT_Free(str);
if (!count) {
PORT_Free(groups);
return SECFailure;
@@ -3893,3 +3899,83 @@ done:
*enabledGroups = groups;
return SECSuccess;
}
+
+SSLSignatureScheme
+schemeNameToScheme(const char *name)
+{
+#define compareScheme(x) \
+ do { \
+ if (!PORT_Strncmp(name, #x, PORT_Strlen(#x))) { \
+ return ssl_sig_##x; \
+ } \
+ } while (0)
+
+ compareScheme(rsa_pkcs1_sha1);
+ compareScheme(rsa_pkcs1_sha256);
+ compareScheme(rsa_pkcs1_sha384);
+ compareScheme(rsa_pkcs1_sha512);
+ compareScheme(ecdsa_sha1);
+ compareScheme(ecdsa_secp256r1_sha256);
+ compareScheme(ecdsa_secp384r1_sha384);
+ compareScheme(ecdsa_secp521r1_sha512);
+ compareScheme(rsa_pss_rsae_sha256);
+ compareScheme(rsa_pss_rsae_sha384);
+ compareScheme(rsa_pss_rsae_sha512);
+ compareScheme(ed25519);
+ compareScheme(ed448);
+ compareScheme(rsa_pss_pss_sha256);
+ compareScheme(rsa_pss_pss_sha384);
+ compareScheme(rsa_pss_pss_sha512);
+ compareScheme(dsa_sha1);
+ compareScheme(dsa_sha256);
+ compareScheme(dsa_sha384);
+ compareScheme(dsa_sha512);
+
+#undef compareScheme
+
+ return ssl_sig_none;
+}
+
+SECStatus
+parseSigSchemeList(const char *arg, const SSLSignatureScheme **enabledSigSchemes,
+ unsigned int *enabledSigSchemeCount)
+{
+ SSLSignatureScheme *schemes;
+ unsigned int numValues = 0;
+ unsigned int count = 0;
+
+ if (countItems(arg, &numValues) != SECSuccess) {
+ return SECFailure;
+ }
+ schemes = PORT_ZNewArray(SSLSignatureScheme, numValues);
+ if (!schemes) {
+ return SECFailure;
+ }
+
+ /* Get group names. */
+ char *str = PORT_Strdup(arg);
+ if (!str) {
+ goto done;
+ }
+ char *p = strtok(str, ",");
+ while (p) {
+ SSLSignatureScheme scheme = schemeNameToScheme(p);
+ if (scheme == ssl_sig_none) {
+ count = 0;
+ goto done;
+ }
+ schemes[count++] = scheme;
+ p = strtok(NULL, ",");
+ }
+
+done:
+ PORT_Free(str);
+ if (!count) {
+ PORT_Free(schemes);
+ return SECFailure;
+ }
+
+ *enabledSigSchemeCount = count;
+ *enabledSigSchemes = schemes;
+ return SECSuccess;
+}
diff --git a/security/nss/cmd/lib/secutil.h b/security/nss/cmd/lib/secutil.h
index fe07aca60..90d763909 100644
--- a/security/nss/cmd/lib/secutil.h
+++ b/security/nss/cmd/lib/secutil.h
@@ -9,7 +9,7 @@
#include "secport.h"
#include "prerror.h"
#include "base64.h"
-#include "key.h"
+#include "keyhi.h"
#include "secpkcs7.h"
#include "secasn1.h"
#include "secder.h"
@@ -406,7 +406,9 @@ SECU_ParseSSLVersionRangeString(const char *input,
SECStatus parseGroupList(const char *arg, SSLNamedGroup **enabledGroups,
unsigned int *enabledGroupsCount);
-SSLNamedGroup groupNameToNamedGroup(char *name);
+SECStatus parseSigSchemeList(const char *arg,
+ const SSLSignatureScheme **enabledSigSchemes,
+ unsigned int *enabledSigSchemeCount);
/*
*
diff --git a/security/nss/cmd/manifest.mn b/security/nss/cmd/manifest.mn
index 567c6bb9d..be53d3c4e 100644
--- a/security/nss/cmd/manifest.mn
+++ b/security/nss/cmd/manifest.mn
@@ -47,6 +47,7 @@ NSS_SRCDIRS = \
listsuites \
makepqg \
multinit \
+ nss-policy-check \
ocspclnt \
ocspresp \
oidcalc \
diff --git a/security/nss/cmd/modutil/error.h b/security/nss/cmd/modutil/error.h
index d9f06592f..33ed7bde7 100644
--- a/security/nss/cmd/modutil/error.h
+++ b/security/nss/cmd/modutil/error.h
@@ -131,6 +131,7 @@ typedef enum {
UNDEFAULT_SUCCESS_MSG,
BROWSER_RUNNING_MSG,
ABORTING_MSG,
+ P11_KIT_ENABLED_MSG,
LAST_MSG /* must be last */
} Message;
diff --git a/security/nss/cmd/modutil/modutil.c b/security/nss/cmd/modutil/modutil.c
index c1b44be53..f04ad3d92 100644
--- a/security/nss/cmd/modutil/modutil.c
+++ b/security/nss/cmd/modutil/modutil.c
@@ -138,7 +138,11 @@ char* msgStrings[] = {
"\ncorruption of your security databases. If the browser is currently running,"
"\nyou should exit browser before continuing this operation. Type "
"\n'q <enter>' to abort, or <enter> to continue: ",
- "\nAborting...\n"
+ "\nAborting...\n",
+ "\nWARNING: Manually adding a module while p11-kit is enabled could cause"
+ "\nduplicate module registration in your security database. It is suggested "
+ "\nto configure the module through p11-kit configuration file instead.\n"
+ "\nType 'q <enter>' to abort, or <enter> to continue: "
};
/* Increment i if doing so would have i still be less than j. If you
@@ -856,6 +860,28 @@ main(int argc, char* argv[])
goto loser;
}
+ /* Warn if we are adding a module while p11-kit is enabled in the
+ * database. */
+ if ((command == ADD_COMMAND || command == RAW_ADD_COMMAND) &&
+ IsP11KitEnabled()) {
+ char* response;
+
+ PR_fprintf(PR_STDOUT, msgStrings[P11_KIT_ENABLED_MSG]);
+ if (!PR_fgets(stdinbuf, STDINBUF_SIZE, PR_STDIN)) {
+ PR_fprintf(PR_STDERR, errStrings[STDIN_READ_ERR]);
+ errcode = STDIN_READ_ERR;
+ goto loser;
+ }
+ if ((response = strtok(stdinbuf, " \r\n\t"))) {
+ if (!PL_strcasecmp(response, "q")) {
+ PR_fprintf(PR_STDOUT, msgStrings[ABORTING_MSG]);
+ errcode = SUCCESS;
+ goto loser;
+ }
+ }
+ PR_fprintf(PR_STDOUT, "\n");
+ }
+
/* Execute the command */
switch (command) {
case ADD_COMMAND:
diff --git a/security/nss/cmd/modutil/modutil.h b/security/nss/cmd/modutil/modutil.h
index 04aa908c8..1981fec7b 100644
--- a/security/nss/cmd/modutil/modutil.h
+++ b/security/nss/cmd/modutil/modutil.h
@@ -36,6 +36,7 @@ Error RawAddModule(char *dbmodulespec, char *modulespec);
Error RawListModule(char *modulespec);
Error SetDefaultModule(char *moduleName, char *slotName, char *mechanisms);
Error UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms);
+PRBool IsP11KitEnabled(void);
void out_of_memory(void);
#endif /*MODUTIL_H*/
diff --git a/security/nss/cmd/modutil/pk11.c b/security/nss/cmd/modutil/pk11.c
index 1efc1895c..6d17a3365 100644
--- a/security/nss/cmd/modutil/pk11.c
+++ b/security/nss/cmd/modutil/pk11.c
@@ -259,6 +259,55 @@ getStringFromFlags(unsigned long flags, const MaskString array[], int elements)
return buf;
}
+static PRBool
+IsP11KitProxyModule(SECMODModule *module)
+{
+ CK_INFO modinfo;
+ static const char p11KitManufacturerID[33] =
+ "PKCS#11 Kit ";
+ static const char p11KitLibraryDescription[33] =
+ "PKCS#11 Kit Proxy Module ";
+
+ if (PK11_GetModInfo(module, &modinfo) == SECSuccess &&
+ PORT_Memcmp(modinfo.manufacturerID,
+ p11KitManufacturerID,
+ sizeof(modinfo.manufacturerID)) == 0 &&
+ PORT_Memcmp(modinfo.libraryDescription,
+ p11KitLibraryDescription,
+ sizeof(modinfo.libraryDescription)) == 0) {
+ return PR_TRUE;
+ }
+
+ return PR_FALSE;
+}
+
+PRBool
+IsP11KitEnabled(void)
+{
+ SECMODListLock *lock;
+ SECMODModuleList *mlp;
+ PRBool found = PR_FALSE;
+
+ lock = SECMOD_GetDefaultModuleListLock();
+ if (!lock) {
+ PR_fprintf(PR_STDERR, errStrings[NO_LIST_LOCK_ERR]);
+ return found;
+ }
+
+ SECMOD_GetReadLock(lock);
+
+ mlp = SECMOD_GetDefaultModuleList();
+ for (; mlp != NULL; mlp = mlp->next) {
+ if (IsP11KitProxyModule(mlp->module)) {
+ found = PR_TRUE;
+ break;
+ }
+ }
+
+ SECMOD_ReleaseReadLock(lock);
+ return found;
+}
+
/**********************************************************************
*
* A d d M o d u l e
diff --git a/security/nss/cmd/nss-policy-check/Makefile b/security/nss/cmd/nss-policy-check/Makefile
new file mode 100644
index 000000000..6e1d4ecdf
--- /dev/null
+++ b/security/nss/cmd/nss-policy-check/Makefile
@@ -0,0 +1,47 @@
+#! gmake
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#######################################################################
+# (1) Include initial platform-independent assignments (MANDATORY). #
+#######################################################################
+
+include manifest.mn
+
+#######################################################################
+# (2) Include "global" configuration information. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/config.mk
+
+#######################################################################
+# (3) Include "component" configuration information. (OPTIONAL) #
+#######################################################################
+
+#######################################################################
+# (4) Include "local" platform-dependent assignments (OPTIONAL). #
+#######################################################################
+
+include ../platlibs.mk
+
+#######################################################################
+# (5) Execute "global" rules. (OPTIONAL) #
+#######################################################################
+
+include $(CORE_DEPTH)/coreconf/rules.mk
+
+#######################################################################
+# (6) Execute "component" rules. (OPTIONAL) #
+#######################################################################
+
+
+
+#######################################################################
+# (7) Execute "local" rules. (OPTIONAL). #
+#######################################################################
+
+
+include ../platrules.mk
+
diff --git a/security/nss/cmd/nss-policy-check/manifest.mn b/security/nss/cmd/nss-policy-check/manifest.mn
new file mode 100644
index 000000000..8fb9abf00
--- /dev/null
+++ b/security/nss/cmd/nss-policy-check/manifest.mn
@@ -0,0 +1,15 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CORE_DEPTH = ../..
+
+MODULE = nss
+
+CSRCS = nss-policy-check.c
+
+REQUIRES = seccmd
+
+PROGRAM = nss-policy-check
+
diff --git a/security/nss/cmd/nss-policy-check/nss-policy-check.c b/security/nss/cmd/nss-policy-check/nss-policy-check.c
new file mode 100644
index 000000000..b83003874
--- /dev/null
+++ b/security/nss/cmd/nss-policy-check/nss-policy-check.c
@@ -0,0 +1,206 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* This program can be used to check the validity of a NSS crypto policy
+ * configuration file, specified using a config= line.
+ *
+ * Exit codes:
+ * failure: 2
+ * warning: 1
+ * success: 0
+ */
+
+#include <limits.h>
+#include <errno.h>
+#include <stdio.h>
+#include "utilparst.h"
+#include "nss.h"
+#include "secport.h"
+#include "secutil.h"
+#include "secmod.h"
+#include "ssl.h"
+#include "prenv.h"
+
+const char *sWarn = "WARN";
+const char *sInfo = "INFO";
+
+void
+get_tls_info(SSLProtocolVariant protocolVariant, const char *display)
+{
+ SSLVersionRange vrange_supported, vrange_enabled;
+ unsigned num_enabled = 0;
+ PRBool failed = PR_FALSE;
+
+ /* We assume SSL v2 is inactive, and therefore SSL_VersionRangeGetDefault
+ * gives complete information. */
+ if ((SSL_VersionRangeGetSupported(protocolVariant, &vrange_supported) != SECSuccess) ||
+ (SSL_VersionRangeGetDefault(protocolVariant, &vrange_enabled) != SECSuccess) ||
+ !vrange_enabled.min ||
+ !vrange_enabled.max ||
+ vrange_enabled.max < vrange_supported.min ||
+ vrange_enabled.min > vrange_supported.max) {
+ failed = PR_TRUE;
+ } else {
+ if (vrange_enabled.min < vrange_supported.min) {
+ vrange_enabled.min = vrange_supported.min;
+ }
+ if (vrange_enabled.max > vrange_supported.max) {
+ vrange_enabled.max = vrange_supported.max;
+ }
+ if (vrange_enabled.min > vrange_enabled.max) {
+ failed = PR_TRUE;
+ }
+ }
+ if (failed) {
+ num_enabled = 0;
+ } else {
+ num_enabled = vrange_enabled.max - vrange_enabled.min + 1;
+ }
+ fprintf(stderr, "NSS-POLICY-%s: NUMBER-OF-%s-VERSIONS: %u\n",
+ num_enabled ? sInfo : sWarn, display, num_enabled);
+ if (!num_enabled) {
+ PR_SetEnv("NSS_POLICY_WARN=1");
+ }
+}
+
+#ifndef PATH_MAX
+#define PATH_MAX 1024
+#endif
+
+int
+main(int argc, char **argv)
+{
+ const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
+ int i;
+ SECStatus rv;
+ SECMODModule *module = NULL;
+ char path[PATH_MAX];
+ const char *filename;
+ char moduleSpec[1024 + PATH_MAX];
+ unsigned num_enabled = 0;
+ int result = 0;
+ int fullPathLen;
+
+ if (argc != 2) {
+ fprintf(stderr, "Syntax: nss-policy-check <path-to-policy-file>\n");
+ result = 2;
+ goto loser_no_shutdown;
+ }
+
+ fullPathLen = strlen(argv[1]);
+
+ if (!fullPathLen || PR_Access(argv[1], PR_ACCESS_READ_OK) != PR_SUCCESS) {
+ fprintf(stderr, "Error: cannot read file %s\n", argv[1]);
+ result = 2;
+ goto loser_no_shutdown;
+ }
+
+ if (fullPathLen >= PATH_MAX) {
+ fprintf(stderr, "Error: filename parameter is too long\n");
+ result = 2;
+ goto loser_no_shutdown;
+ }
+
+ path[0] = 0;
+ filename = argv[1] + fullPathLen - 1;
+ while ((filename > argv[1]) && (*filename != NSSUTIL_PATH_SEPARATOR[0])) {
+ filename--;
+ }
+
+ if (filename == argv[1]) {
+ PORT_Strcpy(path, ".");
+ } else {
+ filename++; /* Go past the path separator. */
+ PORT_Strncat(path, argv[1], (filename - argv[1]));
+ }
+
+ PR_SetEnv("NSS_IGNORE_SYSTEM_POLICY=1");
+ rv = NSS_NoDB_Init(NULL);
+ if (rv != SECSuccess) {
+ fprintf(stderr, "NSS_Init failed: %s\n", PORT_ErrorToString(PR_GetError()));
+ result = 2;
+ goto loser_no_shutdown;
+ }
+
+ PR_SetEnv("NSS_POLICY_LOADED=0");
+ PR_SetEnv("NSS_POLICY_FAIL=0");
+ PR_SetEnv("NSS_POLICY_WARN=0");
+
+ sprintf(moduleSpec,
+ "name=\"Policy File\" "
+ "parameters=\"configdir='sql:%s' "
+ "secmod='%s' "
+ "flags=readOnly,noCertDB,forceSecmodChoice,forceOpen\" "
+ "NSS=\"flags=internal,moduleDB,skipFirst,moduleDBOnly,critical,printPolicyFeedback\"",
+ path, filename);
+
+ module = SECMOD_LoadModule(moduleSpec, NULL, PR_TRUE);
+ if (!module || !module->loaded || atoi(PR_GetEnvSecure("NSS_POLICY_LOADED")) != 1) {
+ fprintf(stderr, "Error: failed to load policy file\n");
+ result = 2;
+ goto loser;
+ }
+
+ rv = SSL_OptionSetDefault(SSL_SECURITY, PR_TRUE);
+ if (rv != SECSuccess) {
+ fprintf(stderr, "enable SSL_SECURITY failed: %s\n", PORT_ErrorToString(PR_GetError()));
+ result = 2;
+ goto loser;
+ }
+
+ for (i = 0; i < SSL_NumImplementedCiphers; i++) {
+ PRUint16 suite = cipherSuites[i];
+ PRBool enabled;
+ SSLCipherSuiteInfo info;
+
+ rv = SSL_CipherPrefGetDefault(suite, &enabled);
+ if (rv != SECSuccess) {
+ fprintf(stderr,
+ "SSL_CipherPrefGetDefault didn't like value 0x%04x (i = %d): %s\n",
+ suite, i, PORT_ErrorToString(PR_GetError()));
+ continue;
+ }
+ rv = SSL_GetCipherSuiteInfo(suite, &info, (int)(sizeof info));
+ if (rv != SECSuccess) {
+ fprintf(stderr,
+ "SSL_GetCipherSuiteInfo didn't like value 0x%04x (i = %d): %s\n",
+ suite, i, PORT_ErrorToString(PR_GetError()));
+ continue;
+ }
+ if (enabled) {
+ ++num_enabled;
+ fprintf(stderr, "NSS-POLICY-INFO: ciphersuite %s is enabled\n", info.cipherSuiteName);
+ }
+ }
+ fprintf(stderr, "NSS-POLICY-%s: NUMBER-OF-CIPHERSUITES: %u\n", num_enabled ? sInfo : sWarn, num_enabled);
+ if (!num_enabled) {
+ PR_SetEnv("NSS_POLICY_WARN=1");
+ }
+
+ get_tls_info(ssl_variant_stream, "TLS");
+ get_tls_info(ssl_variant_datagram, "DTLS");
+
+ if (atoi(PR_GetEnvSecure("NSS_POLICY_FAIL")) != 0) {
+ result = 2;
+ } else if (atoi(PR_GetEnvSecure("NSS_POLICY_WARN")) != 0) {
+ result = 1;
+ }
+
+loser:
+ if (module) {
+ SECMOD_DestroyModule(module);
+ }
+ rv = NSS_Shutdown();
+ if (rv != SECSuccess) {
+ fprintf(stderr, "NSS_Shutdown failed: %s\n", PORT_ErrorToString(PR_GetError()));
+ result = 2;
+ }
+loser_no_shutdown:
+ if (result == 2) {
+ fprintf(stderr, "NSS-POLICY-FAIL\n");
+ } else if (result == 1) {
+ fprintf(stderr, "NSS-POLICY-WARN\n");
+ }
+ return result;
+}
diff --git a/security/nss/cmd/nss-policy-check/nss-policy-check.gyp b/security/nss/cmd/nss-policy-check/nss-policy-check.gyp
new file mode 100644
index 000000000..877a5bc06
--- /dev/null
+++ b/security/nss/cmd/nss-policy-check/nss-policy-check.gyp
@@ -0,0 +1,24 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi',
+ '../../cmd/platlibs.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'nss-policy-check',
+ 'type': 'executable',
+ 'sources': [
+ 'nss-policy-check.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
\ No newline at end of file
diff --git a/security/nss/cmd/ocspclnt/ocspclnt.c b/security/nss/cmd/ocspclnt/ocspclnt.c
index 0927f8ef6..359dbc217 100644
--- a/security/nss/cmd/ocspclnt/ocspclnt.c
+++ b/security/nss/cmd/ocspclnt/ocspclnt.c
@@ -133,6 +133,8 @@ long_usage(char *progname)
"%-17s c SSL Client\n", "");
PR_fprintf(pr_stderr,
"%-17s s SSL Server\n", "");
+ PR_fprintf(pr_stderr,
+ "%-17s I IPsec\n", "");
PR_fprintf(pr_stderr,
"%-17s e Email Recipient\n", "");
PR_fprintf(pr_stderr,
@@ -908,6 +910,9 @@ cert_usage_from_char(const char *cert_usage_str, SECCertUsage *cert_usage)
case 's':
*cert_usage = certUsageSSLServer;
break;
+ case 'I':
+ *cert_usage = certUsageIPsec;
+ break;
case 'e':
*cert_usage = certUsageEmailRecipient;
break;
diff --git a/security/nss/cmd/p7verify/p7verify.c b/security/nss/cmd/p7verify/p7verify.c
index ba38e1158..5cbb4dcae 100644
--- a/security/nss/cmd/p7verify/p7verify.c
+++ b/security/nss/cmd/p7verify/p7verify.c
@@ -117,6 +117,7 @@ Usage(char *progName)
fprintf(stderr, "%-25s 9 - certUsageProtectedObjectSigner\n", " ");
fprintf(stderr, "%-25s 10 - certUsageStatusResponder\n", " ");
fprintf(stderr, "%-25s 11 - certUsageAnyCA\n", " ");
+ fprintf(stderr, "%-25s 12 - certUsageIPsec\n", " ");
exit(-1);
}
diff --git a/security/nss/cmd/rsaperf/rsaperf.c b/security/nss/cmd/rsaperf/rsaperf.c
index 7762a465b..292b40b0f 100644
--- a/security/nss/cmd/rsaperf/rsaperf.c
+++ b/security/nss/cmd/rsaperf/rsaperf.c
@@ -21,8 +21,8 @@
#define DEFAULT_THREADS 1
#define DEFAULT_EXPONENT 0x10001
-extern NSSLOWKEYPrivateKey *getDefaultRSAPrivateKey(void);
-extern NSSLOWKEYPublicKey *getDefaultRSAPublicKey(void);
+extern NSSLOWKEYPrivateKey *getDefaultRSAPrivateKey(int);
+extern NSSLOWKEYPublicKey *getDefaultRSAPublicKey(int);
secuPWData pwData = { PW_NONE, NULL };
@@ -580,9 +580,9 @@ main(int argc, char **argv)
/* use a hardcoded key */
printf("Using hardcoded %ld bits key.\n", keybits);
if (doPub) {
- pubKey = getDefaultRSAPublicKey();
+ pubKey = getDefaultRSAPublicKey(keybits);
} else {
- privKey = getDefaultRSAPrivateKey();
+ privKey = getDefaultRSAPrivateKey(keybits);
}
}
diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c
index c372ec9b8..1784c9ee3 100644
--- a/security/nss/cmd/selfserv/selfserv.c
+++ b/security/nss/cmd/selfserv/selfserv.c
@@ -165,9 +165,8 @@ PrintUsageHeader(const char *progName)
" [-f password_file] [-L [seconds]] [-M maxProcs] [-P dbprefix]\n"
" [-V [min-version]:[max-version]] [-a sni_name]\n"
" [ T <good|revoked|unknown|badsig|corrupted|none|ocsp>] [-A ca]\n"
- " [-C SSLCacheEntries] [-S dsa_nickname] -Q [-I groups]"
- " [-e ec_nickname]"
- "\n"
+ " [-C SSLCacheEntries] [-S dsa_nickname] [-Q]\n"
+ " [-I groups] [-J signatureschemes] [-e ec_nickname]\n"
" -U [0|1] -H [0|1|2] -W [0|1]\n"
"\n",
progName);
@@ -179,7 +178,7 @@ PrintParameterUsage()
fputs(
"-V [min]:[max] restricts the set of enabled SSL/TLS protocol versions.\n"
" All versions are enabled by default.\n"
- " Possible values for min/max: ssl3 tls1.0 tls1.1 tls1.2\n"
+ " Possible values for min/max: ssl3 tls1.0 tls1.1 tls1.2 tls1.3\n"
" Example: \"-V ssl3:\" enables SSL 3 and newer.\n"
"-D means disable Nagle delays in TCP\n"
"-R means disable detection of rollback from TLS to SSL3\n"
@@ -195,7 +194,6 @@ PrintParameterUsage()
"-s means disable SSL socket locking for performance\n"
"-u means enable Session Ticket extension for TLS.\n"
"-v means verbose output\n"
- "-z means enable compression.\n"
"-L seconds means log statistics every 'seconds' seconds (default=30).\n"
"-M maxProcs tells how many processes to run in a multi-process server\n"
"-N means do NOT use the server session cache. Incompatible with -M.\n"
@@ -228,6 +226,13 @@ PrintParameterUsage()
"-I comma separated list of enabled groups for TLS key exchange.\n"
" The following values are valid:\n"
" P256, P384, P521, x25519, FF2048, FF3072, FF4096, FF6144, FF8192\n"
+ "-J comma separated list of enabled signature schemes in preference order.\n"
+ " The following values are valid:\n"
+ " rsa_pkcs1_sha1, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512,\n"
+ " ecdsa_sha1, ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384,\n"
+ " ecdsa_secp521r1_sha512,\n"
+ " rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512,\n"
+ " rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512,\n"
"-Z enable 0-RTT (for TLS 1.3; also use -u)\n",
stderr);
}
@@ -795,13 +800,14 @@ PRBool NoReuse = PR_FALSE;
PRBool hasSidCache = PR_FALSE;
PRBool disableLocking = PR_FALSE;
PRBool enableSessionTickets = PR_FALSE;
-PRBool enableCompression = PR_FALSE;
PRBool failedToNegotiateName = PR_FALSE;
PRBool enableExtendedMasterSecret = PR_FALSE;
PRBool zeroRTT = PR_FALSE;
PRBool enableALPN = PR_FALSE;
SSLNamedGroup *enabledGroups = NULL;
unsigned int enabledGroupsCount = 0;
+const SSLSignatureScheme *enabledSigSchemes = NULL;
+unsigned int enabledSigSchemeCount = 0;
static char *virtServerNameArray[MAX_VIRT_SERVER_NAME_ARRAY_INDEX];
static int virtServerNameIndex = 1;
@@ -1857,13 +1863,6 @@ server_main(
}
}
- if (enableCompression) {
- rv = SSL_OptionSet(model_sock, SSL_ENABLE_DEFLATE, PR_TRUE);
- if (rv != SECSuccess) {
- errExit("error enabling compression ");
- }
- }
-
if (virtServerNameIndex > 1) {
rv = SSL_SNISocketConfigHook(model_sock, mySSLSNISocketConfig,
(void *)&virtServerNameArray);
@@ -1970,6 +1969,13 @@ server_main(
}
}
+ if (enabledSigSchemes) {
+ rv = SSL_SignatureSchemePrefSet(model_sock, enabledSigSchemes, enabledSigSchemeCount);
+ if (rv < 0) {
+ errExit("SSL_SignatureSchemePrefSet failed");
+ }
+ }
+
/* This cipher is not on by default. The Acceptance test
* would like it to be. Turn this cipher on.
*/
@@ -2214,9 +2220,10 @@ main(int argc, char **argv)
/* please keep this list of options in ASCII collating sequence.
** numbers, then capital letters, then lower case, alphabetical.
** XXX: 'B', 'E', 'q', and 'x' were used in the past but removed
- ** in 3.28, please leave some time before resuing those. */
+ ** in 3.28, please leave some time before resuing those.
+ ** 'z' was removed in 3.39. */
optstate = PL_CreateOptState(argc, argv,
- "2:A:C:DGH:I:L:M:NP:QRS:T:U:V:W:YZa:bc:d:e:f:g:hi:jk:lmn:op:rst:uvw:yz");
+ "2:A:C:DGH:I:J:L:M:NP:QRS:T:U:V:W:YZa:bc:d:e:f:g:hi:jk:lmn:op:rst:uvw:y");
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
++optionsFound;
switch (optstate->option) {
@@ -2429,10 +2436,6 @@ main(int argc, char **argv)
debugCache = PR_TRUE;
break;
- case 'z':
- enableCompression = PR_TRUE;
- break;
-
case 'Z':
zeroRTT = PR_TRUE;
break;
@@ -2451,6 +2454,16 @@ main(int argc, char **argv)
}
break;
+ case 'J':
+ rv = parseSigSchemeList(optstate->value, &enabledSigSchemes, &enabledSigSchemeCount);
+ if (rv != SECSuccess) {
+ PL_DestroyOptState(optstate);
+ fprintf(stderr, "Bad signature scheme specified.\n");
+ fprintf(stderr, "Run '%s -h' for usage information.\n", progName);
+ exit(5);
+ }
+ break;
+
default:
case '?':
fprintf(stderr, "Unrecognized or bad option specified.\n");
diff --git a/security/nss/cmd/smimetools/cmsutil.c b/security/nss/cmd/smimetools/cmsutil.c
index 7106521c1..9106d9955 100644
--- a/security/nss/cmd/smimetools/cmsutil.c
+++ b/security/nss/cmd/smimetools/cmsutil.c
@@ -115,6 +115,7 @@ Usage(void)
fprintf(stderr, "%-25s 9 - certUsageProtectedObjectSigner\n", " ");
fprintf(stderr, "%-25s 10 - certUsageStatusResponder\n", " ");
fprintf(stderr, "%-25s 11 - certUsageAnyCA\n", " ");
+ fprintf(stderr, "%-25s 12 - certUsageIPsec\n", " ");
exit(-1);
}
diff --git a/security/nss/cmd/tests/nonspr10.c b/security/nss/cmd/tests/nonspr10.c
index 295484a1c..fc700407a 100644
--- a/security/nss/cmd/tests/nonspr10.c
+++ b/security/nss/cmd/tests/nonspr10.c
@@ -26,9 +26,7 @@
#include "cryptoht.h"
#include "ecl-exp.h"
#include "hasht.h"
-#include "key.h"
#include "keyhi.h"
-#include "keyt.h"
#include "keythi.h"
#include "nss.h"
#include "nssb64.h"
diff --git a/security/nss/cmd/tstclnt/Makefile b/security/nss/cmd/tstclnt/Makefile
index a27a3ce97..aae7b445c 100644
--- a/security/nss/cmd/tstclnt/Makefile
+++ b/security/nss/cmd/tstclnt/Makefile
@@ -1,5 +1,5 @@
#! gmake
-#
+#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
diff --git a/security/nss/cmd/tstclnt/tstclnt.c b/security/nss/cmd/tstclnt/tstclnt.c
index 6f5a43146..520eeff64 100644
--- a/security/nss/cmd/tstclnt/tstclnt.c
+++ b/security/nss/cmd/tstclnt/tstclnt.c
@@ -28,6 +28,7 @@
#include "prio.h"
#include "prnetdb.h"
#include "nss.h"
+#include "nssb64.h"
#include "ocsp.h"
#include "ssl.h"
#include "sslproto.h"
@@ -106,6 +107,45 @@ secuPWData pwdata = { PW_NONE, 0 };
SSLNamedGroup *enabledGroups = NULL;
unsigned int enabledGroupsCount = 0;
+const SSLSignatureScheme *enabledSigSchemes = NULL;
+unsigned int enabledSigSchemeCount = 0;
+
+const char *
+signatureSchemeName(SSLSignatureScheme scheme)
+{
+ switch (scheme) {
+#define strcase(x) \
+ case ssl_sig_##x: \
+ return #x
+ strcase(none);
+ strcase(rsa_pkcs1_sha1);
+ strcase(rsa_pkcs1_sha256);
+ strcase(rsa_pkcs1_sha384);
+ strcase(rsa_pkcs1_sha512);
+ strcase(ecdsa_sha1);
+ strcase(ecdsa_secp256r1_sha256);
+ strcase(ecdsa_secp384r1_sha384);
+ strcase(ecdsa_secp521r1_sha512);
+ strcase(rsa_pss_rsae_sha256);
+ strcase(rsa_pss_rsae_sha384);
+ strcase(rsa_pss_rsae_sha512);
+ strcase(ed25519);
+ strcase(ed448);
+ strcase(rsa_pss_pss_sha256);
+ strcase(rsa_pss_pss_sha384);
+ strcase(rsa_pss_pss_sha512);
+ strcase(dsa_sha1);
+ strcase(dsa_sha256);
+ strcase(dsa_sha384);
+ strcase(dsa_sha512);
+#undef strcase
+ case ssl_sig_rsa_pkcs1_sha1md5:
+ return "RSA PKCS#1 SHA1+MD5";
+ default:
+ break;
+ }
+ return "Unknown Scheme";
+}
void
printSecurityInfo(PRFileDesc *fd)
@@ -132,11 +172,13 @@ printSecurityInfo(PRFileDesc *fd)
suite.macBits, suite.macAlgorithmName);
FPRINTF(stderr,
"tstclnt: Server Auth: %d-bit %s, Key Exchange: %d-bit %s\n"
- " Compression: %s, Extended Master Secret: %s\n",
+ " Compression: %s, Extended Master Secret: %s\n"
+ " Signature Scheme: %s\n",
channel.authKeyBits, suite.authAlgorithmName,
channel.keaKeyBits, suite.keaTypeName,
channel.compressionMethodName,
- channel.extendedMasterSecretUsed ? "Yes" : "No");
+ channel.extendedMasterSecretUsed ? "Yes" : "No",
+ signatureSchemeName(channel.signatureScheme));
}
}
cert = SSL_RevealCert(fd);
@@ -178,11 +220,13 @@ PrintUsageHeader()
{
fprintf(stderr,
"Usage: %s -h host [-a 1st_hs_name ] [-a 2nd_hs_name ] [-p port]\n"
- "[-D | -d certdir] [-C] [-b | -R root-module] \n"
- "[-n nickname] [-Bafosvx] [-c ciphers] [-Y] [-Z]\n"
- "[-V [min-version]:[max-version]] [-K] [-T] [-U]\n"
- "[-r N] [-w passwd] [-W pwfile] [-q [-t seconds]] [-I groups]\n"
- "[-A requestfile] [-L totalconnections] [-P {client,server}] [-Q]\n"
+ " [-D | -d certdir] [-C] [-b | -R root-module] \n"
+ " [-n nickname] [-Bafosvx] [-c ciphers] [-Y] [-Z]\n"
+ " [-V [min-version]:[max-version]] [-K] [-T] [-U]\n"
+ " [-r N] [-w passwd] [-W pwfile] [-q [-t seconds]]\n"
+ " [-I groups] [-J signatureschemes]\n"
+ " [-A requestfile] [-L totalconnections] [-P {client,server}]\n"
+ " [-N encryptedSniKeys] [-Q]\n"
"\n",
progName);
}
@@ -225,7 +269,6 @@ PrintParameterUsage()
fprintf(stderr, "%-20s Timeout for server ping (default: no timeout).\n", "-t seconds");
fprintf(stderr, "%-20s Renegotiate N times (resuming session if N>1).\n", "-r N");
fprintf(stderr, "%-20s Enable the session ticket extension.\n", "-u");
- fprintf(stderr, "%-20s Enable compression.\n", "-z");
fprintf(stderr, "%-20s Enable false start.\n", "-g");
fprintf(stderr, "%-20s Enable the cert_status extension (OCSP stapling).\n", "-T");
fprintf(stderr, "%-20s Enable the signed_certificate_timestamp extension.\n", "-U");
@@ -255,9 +298,19 @@ PrintParameterUsage()
"%-20s The following values are valid:\n"
"%-20s P256, P384, P521, x25519, FF2048, FF3072, FF4096, FF6144, FF8192\n",
"-I", "", "");
+ fprintf(stderr, "%-20s Comma separated list of signature schemes in preference order.\n"
+ "%-20s The following values are valid:\n"
+ "%-20s rsa_pkcs1_sha1, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512,\n"
+ "%-20s ecdsa_sha1, ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384,\n"
+ "%-20s ecdsa_secp521r1_sha512,\n"
+ "%-20s rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512,\n"
+ "%-20s rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512,\n"
+ "%-20s dsa_sha1, dsa_sha256, dsa_sha384, dsa_sha512\n",
+ "-J", "", "", "", "", "", "", "");
fprintf(stderr, "%-20s Enable alternative TLS 1.3 handshake\n", "-X alt-server-hello");
fprintf(stderr, "%-20s Use DTLS\n", "-P {client, server}");
fprintf(stderr, "%-20s Exit after handshake\n", "-Q");
+ fprintf(stderr, "%-20s Encrypted SNI Keys\n", "-N");
}
static void
@@ -906,7 +959,6 @@ int multiplier = 0;
SSLVersionRange enabledVersions;
int disableLocking = 0;
int enableSessionTickets = 0;
-int enableCompression = 0;
int enableFalseStart = 0;
int enableCertStatus = 0;
int enableSignedCertTimestamps = 0;
@@ -936,6 +988,7 @@ PRBool stopAfterHandshake = PR_FALSE;
PRBool requestToExit = PR_FALSE;
char *versionString = NULL;
PRBool handshakeComplete = PR_FALSE;
+char *encryptedSNIKeys = NULL;
static int
writeBytesToServer(PRFileDesc *s, const PRUint8 *buf, int nb)
@@ -1283,14 +1336,6 @@ run()
goto done;
}
- /* enable compression. */
- rv = SSL_OptionSet(s, SSL_ENABLE_DEFLATE, enableCompression);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error enabling compression");
- error = 1;
- goto done;
- }
-
/* enable false start. */
rv = SSL_OptionSet(s, SSL_ENABLE_FALSE_START, enableFalseStart);
if (rv != SECSuccess) {
@@ -1374,6 +1419,35 @@ run()
}
}
+ if (enabledSigSchemes) {
+ rv = SSL_SignatureSchemePrefSet(s, enabledSigSchemes, enabledSigSchemeCount);
+ if (rv < 0) {
+ SECU_PrintError(progName, "SSL_SignatureSchemePrefSet failed");
+ error = 1;
+ goto done;
+ }
+ }
+
+ if (encryptedSNIKeys) {
+ SECItem esniKeysBin = { siBuffer, NULL, 0 };
+
+ if (!NSSBase64_DecodeBuffer(NULL, &esniKeysBin, encryptedSNIKeys,
+ strlen(encryptedSNIKeys))) {
+ SECU_PrintError(progName, "ESNIKeys record is invalid base64");
+ error = 1;
+ goto done;
+ }
+
+ rv = SSL_EnableESNI(s, esniKeysBin.data, esniKeysBin.len,
+ "dummy.invalid");
+ SECITEM_FreeItem(&esniKeysBin, PR_FALSE);
+ if (rv < 0) {
+ SECU_PrintError(progName, "SSL_EnableESNI failed");
+ error = 1;
+ goto done;
+ }
+ }
+
serverCertAuth.dbHandle = CERT_GetDefaultCertDB();
SSL_AuthCertificateHook(s, ownAuthCertificate, &serverCertAuth);
@@ -1628,10 +1702,12 @@ main(int argc, char **argv)
}
}
- /* XXX: 'B' was used in the past but removed in 3.28,
- * please leave some time before resuing it. */
+ /* Note: 'B' was used in the past but removed in 3.28
+ * 'z' was removed in 3.39
+ * Please leave some time before reusing these.
+ */
optstate = PL_CreateOptState(argc, argv,
- "46A:CDFGHI:KL:M:OP:QR:STUV:W:X:YZa:bc:d:fgh:m:n:op:qr:st:uvw:z");
+ "46A:CDFGHI:J:KL:M:N:OP:QR:STUV:W:X:YZa:bc:d:fgh:m:n:op:qr:st:uvw:");
while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
switch (optstate->option) {
case '?':
@@ -1708,6 +1784,10 @@ main(int argc, char **argv)
};
break;
+ case 'N':
+ encryptedSNIKeys = PORT_Strdup(optstate->value);
+ break;
+
case 'P':
useDTLS = PR_TRUE;
if (!strcmp(optstate->value, "server")) {
@@ -1850,10 +1930,6 @@ main(int argc, char **argv)
pwdata.data = PORT_Strdup(optstate->value);
break;
- case 'z':
- enableCompression = 1;
- break;
-
case 'I':
rv = parseGroupList(optstate->value, &enabledGroups, &enabledGroupsCount);
if (rv != SECSuccess) {
@@ -1862,6 +1938,15 @@ main(int argc, char **argv)
Usage();
}
break;
+
+ case 'J':
+ rv = parseSigSchemeList(optstate->value, &enabledSigSchemes, &enabledSigSchemeCount);
+ if (rv != SECSuccess) {
+ PL_DestroyOptState(optstate);
+ fprintf(stderr, "Bad signature scheme specified.\n");
+ Usage();
+ }
+ break;
}
}
PL_DestroyOptState(optstate);
@@ -2051,6 +2136,7 @@ done:
PORT_Free(pwdata.data);
PORT_Free(host);
PORT_Free(zeroRttData);
+ PORT_Free(encryptedSNIKeys);
if (enabledGroups) {
PORT_Free(enabledGroups);
diff --git a/security/nss/cmd/vfychain/vfychain.c b/security/nss/cmd/vfychain/vfychain.c
index d42274c12..c01cdd08e 100644
--- a/security/nss/cmd/vfychain/vfychain.c
+++ b/security/nss/cmd/vfychain/vfychain.c
@@ -64,7 +64,8 @@ Usage(const char *progName)
"\t-t\t\t Following cert is explicitly trusted (overrides db trust).\n"
"\t-u usage \t 0=SSL client, 1=SSL server, 2=SSL StepUp, 3=SSL CA,\n"
"\t\t\t 4=Email signer, 5=Email recipient, 6=Object signer,\n"
- "\t\t\t 9=ProtectedObjectSigner, 10=OCSP responder, 11=Any CA\n"
+ "\t\t\t 9=ProtectedObjectSigner, 10=OCSP responder, 11=Any CA,\n"
+ "\t\t\t 12=IPsec\n"
"\t-T\t\t Trust both explicit trust anchors (-t) and the database.\n"
"\t\t\t (Default is to only trust certificates marked -t, if there are any,\n"
"\t\t\t or to trust the database if there are certificates marked -t.)\n"
diff --git a/security/nss/cmd/vfyserv/vfyserv.h b/security/nss/cmd/vfyserv/vfyserv.h
index 00afc8049..5bcc51a50 100644
--- a/security/nss/cmd/vfyserv/vfyserv.h
+++ b/security/nss/cmd/vfyserv/vfyserv.h
@@ -24,7 +24,7 @@
#include "certt.h"
#include "nss.h"
#include "secder.h"
-#include "key.h"
+#include "keyhi.h"
#include "sslproto.h"
/* Custom header files */
diff --git a/security/nss/coreconf/config.gypi b/security/nss/coreconf/config.gypi
index 58137872c..ba1b0c8c5 100644
--- a/security/nss/coreconf/config.gypi
+++ b/security/nss/coreconf/config.gypi
@@ -108,8 +108,12 @@
'emit_llvm%': 0,
'nss_public_dist_dir%': '<(nss_dist_dir)/public',
'nss_private_dist_dir%': '<(nss_dist_dir)/private',
+ # This is only needed when building with --mozpkix-only and might not work
+ # on all machines.
+ 'nss_include_dir%': '/usr/include/nss',
'only_dev_random%': 1,
'disable_fips%': 1,
+ 'mozpkix_only%': 0,
},
'target_defaults': {
# Settings specific to targets should go here.
@@ -126,6 +130,11 @@
'<(nss_dist_dir)/private/<(module)',
],
'conditions': [
+ [ 'mozpkix_only==1 and OS=="linux"', {
+ 'include_dirs': [
+ '<(nss_include_dir)',
+ ],
+ }],
[ 'disable_fips==1', {
'defines': [
'NSS_FIPS_DISABLED',
diff --git a/security/nss/coreconf/config.mk b/security/nss/coreconf/config.mk
index b62f6cef4..60a08411e 100644
--- a/security/nss/coreconf/config.mk
+++ b/security/nss/coreconf/config.mk
@@ -185,6 +185,10 @@ ifdef NSS_SEED_ONLY_DEV_URANDOM
DEFINES += -DSEED_ONLY_DEV_URANDOM
endif
+ifdef NSS_PKCS1_AllowMissingParameters
+DEFINES += -DNSS_PKCS1_AllowMissingParameters
+endif
+
# Avoid building object leak test code for optimized library
ifndef BUILD_OPT
ifdef PKIX_OBJECT_LEAK_TEST
diff --git a/security/nss/coreconf/coreconf.dep b/security/nss/coreconf/coreconf.dep
index 590d1bfae..5182f7555 100644
--- a/security/nss/coreconf/coreconf.dep
+++ b/security/nss/coreconf/coreconf.dep
@@ -10,4 +10,3 @@
*/
#error "Do not include this header file."
-
diff --git a/security/nss/coreconf/fuzz.sh b/security/nss/coreconf/fuzz.sh
index 67cb7f594..c7b8844b6 100644
--- a/security/nss/coreconf/fuzz.sh
+++ b/security/nss/coreconf/fuzz.sh
@@ -5,8 +5,7 @@ set +e
# Default to clang if CC is not set.
if [ -z "$CC" ]; then
- command -v clang &> /dev/null 2>&1
- if [ $? != 0 ]; then
+ if ! command -v clang &> /dev/null 2>&1; then
echo "Fuzzing requires clang!"
exit 1
fi
@@ -24,8 +23,8 @@ if [ "$fuzz_oss" = 1 ]; then
gyp_params+=(-Dno_zdefs=1 -Dfuzz_oss=1)
else
enable_sanitizer asan
- # Ubsan doesn't build on 32-bit at the moment. Disable it.
- if [ "$build_64" = 1 ]; then
+ # Ubsan only builds on x64 for the moment.
+ if [ "$target_arch" = "x64" ]; then
enable_ubsan
fi
enable_sancov
diff --git a/security/nss/coreconf/msvc.sh b/security/nss/coreconf/msvc.sh
new file mode 100644
index 000000000..a592279c9
--- /dev/null
+++ b/security/nss/coreconf/msvc.sh
@@ -0,0 +1,106 @@
+#!/bin/bash
+# This configures the environment for running MSVC. It uses vswhere, the
+# registry, and a little knowledge of how MSVC is laid out.
+
+if ! hash vswhere 2>/dev/null; then
+ echo "Can't find vswhere on the path, aborting" 1>&2
+ exit 1
+fi
+
+if ! hash reg 2>/dev/null; then
+ echo "Can't find reg on the path, aborting" 1>&2
+ exit 1
+fi
+
+# Turn a unix-y path into a windows one.
+fixpath() {
+ if hash cygpath 2>/dev/null; then
+ cygpath --unix "$1"
+ else # haxx
+ echo "$1" | sed -e 's,\\,/,g;s,^\(.\):,/\L\1,;s,/$,,'
+ fi
+}
+
+# Query the registry. This takes $1 and tags that on the end of several
+# different paths, looking for a value called $2 at that location.
+# e.g.,
+# regquery Microsoft\Microsoft SDKs\Windows\v10.0 ProductVersion
+# looks for a REG_SZ value called ProductVersion at
+# HKLM\SOFTWARE\Wow6432Node\Microsoft\Microsoft SDKs\Windows\v10.0
+# HKLU\SOFTWARE\Wow6432Node\Microsoft\Microsoft SDKs\Windows\v10.0
+# etc...
+regquery() {
+ search=("HKLM\\SOFTWARE\\Wow6432Node" \
+ "HKCU\\SOFTWARE\\Wow6432Node" \
+ "HKLM\\SOFTWARE" \
+ "HKCU\\SOFTWARE")
+ for i in "${search[@]}"; do
+ r=$(reg query "${i}\\${1}" -v "$2" | sed -e 's/ *'"$2"' *REG_SZ *//;t;d')
+ if [ -n "$r" ]; then
+ echo "$r"
+ return 0
+ fi
+ done
+ return 1
+}
+
+VSCOMPONENT=Microsoft.VisualStudio.Component.VC.Tools.x86.x64
+vsinstall=$(vswhere -latest -requires "$VSCOMPONENT" -property installationPath)
+
+# Attempt to setup paths if vswhere returns something and VSPATH isn't set.
+# Otherwise, assume that the env is setup.
+if [[ -n "$vsinstall" && -z "$VSPATH" ]]; then
+
+ case "$target_arch" in
+ ia32) m=x86 ;;
+ x64) m="$target_arch" ;;
+ *)
+ echo "No support for target '$target_arch' with MSVC." 1>&2
+ exit 1
+ esac
+
+ export VSPATH=$(fixpath "$vsinstall")
+ export WINDOWSSDKDIR="${VSPATH}/SDK"
+ export VCINSTALLDIR="${VSPATH}/VC"
+
+ CRTREG="Microsoft\\Microsoft SDKs\\Windows\\v10.0"
+ UniversalCRTSdkDir=$(regquery "$CRTREG" InstallationFolder)
+ UniversalCRTSdkDir=$(fixpath "$UniversalCRTSdkDir")
+ UCRTVersion=$(regquery "$CRTREG" ProductVersion)
+ UCRTVersion=$(cd "${UniversalCRTSdkDir}/include"; ls -d "${UCRTVersion}"* | tail -1)
+
+ VCVER=$(cat "${VCINSTALLDIR}/Auxiliary/Build/Microsoft.VCToolsVersion.default.txt")
+ REDISTVER=$(cat "${VCINSTALLDIR}/Auxiliary/Build/Microsoft.VCRedistVersion.default.txt")
+ export WIN32_REDIST_DIR="${VCINSTALLDIR}/Redist/MSVC/${REDISTVER}/${m}/Microsoft.VC141.CRT"
+ export WIN_UCRT_REDIST_DIR="${UniversalCRTSdkDir}/Redist/ucrt/DLLs/${m}"
+
+ if [ "$m" == "x86" ]; then
+ PATH="${PATH}:${VCINSTALLDIR}/Tools/MSVC/${VCVER}/bin/Hostx64/x64"
+ PATH="${PATH}:${VCINSTALLDIR}/Tools/MSVC/${VCVER}/bin/Hostx64/x86"
+ fi
+ PATH="${PATH}:${VCINSTALLDIR}/Tools/MSVC/${VCVER}/bin/Host${m}/${m}"
+ PATH="${PATH}:${UniversalCRTSdkDir}/bin/${UCRTVersion}/${m}"
+ PATH="${PATH}:${WIN32_REDIST_DIR}"
+ export PATH
+
+ INCLUDE="${VCINSTALLDIR}/Tools/MSVC/${VCVER}/ATLMFC/include"
+ INCLUDE="${INCLUDE}:${VCINSTALLDIR}/Tools/MSVC/${VCVER}/include"
+ INCLUDE="${INCLUDE}:${UniversalCRTSdkDir}/include/${UCRTVersion}/ucrt"
+ INCLUDE="${INCLUDE}:${UniversalCRTSdkDir}/include/${UCRTVersion}/shared"
+ INCLUDE="${INCLUDE}:${UniversalCRTSdkDir}/include/${UCRTVersion}/um"
+ INCLUDE="${INCLUDE}:${UniversalCRTSdkDir}/include/${UCRTVersion}/winrt"
+ INCLUDE="${INCLUDE}:${UniversalCRTSdkDir}/include/${UCRTVersion}/cppwinrt"
+ export INCLUDE
+
+ LIB="${VCINSTALLDIR}/lib/${m}"
+ LIB="${VCINSTALLDIR}/Tools/MSVC/${VCVER}/lib/${m}"
+ LIB="${LIB}:${UniversalCRTSdkDir}/lib/${UCRTVersion}/ucrt/${m}"
+ LIB="${LIB}:${UniversalCRTSdkDir}/lib/${UCRTVersion}/um/${m}"
+ export LIB
+
+ export GYP_MSVS_OVERRIDE_PATH="${VSPATH}"
+ export GYP_MSVS_VERSION=$(vswhere -latest -requires "$VSCOMPONENT" -property catalog_productLineVersion)
+else
+ echo Assuming env setup is already done.
+ echo VSPATH=$VSPATH
+fi
diff --git a/security/nss/coreconf/nspr.sh b/security/nss/coreconf/nspr.sh
index d11cd48ed..325a188c3 100644
--- a/security/nss/coreconf/nspr.sh
+++ b/security/nss/coreconf/nspr.sh
@@ -32,6 +32,9 @@ nspr_build()
if [ "$opt_build" = 1 ]; then
extra_params+=(--disable-debug --enable-optimize)
fi
+ if [ "$target_arch" = "x64" ]; then
+ extra_params+=(--enable-64bit)
+ fi
echo "NSPR [1/3] configure ..."
pushd "$nspr_dir" >/dev/null
diff --git a/security/nss/cpputil/databuffer.h b/security/nss/cpputil/databuffer.h
index 5ec035098..e981a7c22 100644
--- a/security/nss/cpputil/databuffer.h
+++ b/security/nss/cpputil/databuffer.h
@@ -34,7 +34,7 @@ class DataBuffer {
void Allocate(size_t l) {
delete[] data_;
- data_ = new uint8_t[l ? l : 1]; // Don't depend on new [0].
+ data_ = new uint8_t[l ? l : 1](); // Don't depend on new [0].
len_ = l;
}
diff --git a/security/nss/cpputil/dummy_io.h b/security/nss/cpputil/dummy_io.h
index 797ac6113..e10ee1eee 100644
--- a/security/nss/cpputil/dummy_io.h
+++ b/security/nss/cpputil/dummy_io.h
@@ -8,7 +8,7 @@
#include "prerror.h"
#include "prio.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
class DummyIOLayerMethods {
public:
diff --git a/security/nss/cpputil/nss_scoped_ptrs.h b/security/nss/cpputil/nss_scoped_ptrs.h
new file mode 100644
index 000000000..03979f2c5
--- /dev/null
+++ b/security/nss/cpputil/nss_scoped_ptrs.h
@@ -0,0 +1,85 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef nss_scoped_ptrs_h__
+#define nss_scoped_ptrs_h__
+
+#include <memory>
+#include "cert.h"
+#include "keyhi.h"
+#include "p12.h"
+#include "pk11pub.h"
+#include "pkcs11uri.h"
+
+struct ScopedDelete {
+ void operator()(CERTCertificate* cert) { CERT_DestroyCertificate(cert); }
+ void operator()(CERTCertificateList* list) {
+ CERT_DestroyCertificateList(list);
+ }
+ void operator()(CERTName* name) { CERT_DestroyName(name); }
+ void operator()(CERTCertList* list) { CERT_DestroyCertList(list); }
+ void operator()(CERTSubjectPublicKeyInfo* spki) {
+ SECKEY_DestroySubjectPublicKeyInfo(spki);
+ }
+ void operator()(PK11SlotInfo* slot) { PK11_FreeSlot(slot); }
+ void operator()(PK11SymKey* key) { PK11_FreeSymKey(key); }
+ void operator()(PRFileDesc* fd) { PR_Close(fd); }
+ void operator()(SECAlgorithmID* id) { SECOID_DestroyAlgorithmID(id, true); }
+ void operator()(SECKEYEncryptedPrivateKeyInfo* e) {
+ SECKEY_DestroyEncryptedPrivateKeyInfo(e, true);
+ }
+ void operator()(SECItem* item) { SECITEM_FreeItem(item, true); }
+ void operator()(SECKEYPublicKey* key) { SECKEY_DestroyPublicKey(key); }
+ void operator()(SECKEYPrivateKey* key) { SECKEY_DestroyPrivateKey(key); }
+ void operator()(SECKEYPrivateKeyList* list) {
+ SECKEY_DestroyPrivateKeyList(list);
+ }
+ void operator()(PK11URI* uri) { PK11URI_DestroyURI(uri); }
+ void operator()(PLArenaPool* arena) { PORT_FreeArena(arena, PR_FALSE); }
+ void operator()(PK11Context* context) { PK11_DestroyContext(context, true); }
+ void operator()(PK11GenericObject* obj) { PK11_DestroyGenericObject(obj); }
+ void operator()(SEC_PKCS12DecoderContext* dcx) {
+ SEC_PKCS12DecoderFinish(dcx);
+ }
+ void operator()(CERTDistNames* names) { CERT_FreeDistNames(names); }
+};
+
+template <class T>
+struct ScopedMaybeDelete {
+ void operator()(T* ptr) {
+ if (ptr) {
+ ScopedDelete del;
+ del(ptr);
+ }
+ }
+};
+
+#define SCOPED(x) typedef std::unique_ptr<x, ScopedMaybeDelete<x> > Scoped##x
+
+SCOPED(CERTCertificate);
+SCOPED(CERTCertificateList);
+SCOPED(CERTCertList);
+SCOPED(CERTName);
+SCOPED(CERTSubjectPublicKeyInfo);
+SCOPED(PK11SlotInfo);
+SCOPED(PK11SymKey);
+SCOPED(PRFileDesc);
+SCOPED(SECAlgorithmID);
+SCOPED(SECKEYEncryptedPrivateKeyInfo);
+SCOPED(SECItem);
+SCOPED(SECKEYPublicKey);
+SCOPED(SECKEYPrivateKey);
+SCOPED(SECKEYPrivateKeyList);
+SCOPED(PK11URI);
+SCOPED(PLArenaPool);
+SCOPED(PK11Context);
+SCOPED(PK11GenericObject);
+SCOPED(SEC_PKCS12DecoderContext);
+SCOPED(CERTDistNames);
+
+#undef SCOPED
+
+#endif // nss_scoped_ptrs_h__
diff --git a/security/nss/cpputil/scoped_ptrs.h b/security/nss/cpputil/scoped_ptrs.h
deleted file mode 100644
index 6ffef4dd3..000000000
--- a/security/nss/cpputil/scoped_ptrs.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=2 et sw=2 tw=80: */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this file,
- * You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef scoped_ptrs_h__
-#define scoped_ptrs_h__
-
-#include <memory>
-#include "cert.h"
-#include "keyhi.h"
-#include "p12.h"
-#include "pk11pub.h"
-#include "pkcs11uri.h"
-#include "sslexp.h"
-
-struct ScopedDelete {
- void operator()(CERTCertificate* cert) { CERT_DestroyCertificate(cert); }
- void operator()(CERTCertificateList* list) {
- CERT_DestroyCertificateList(list);
- }
- void operator()(CERTName* name) { CERT_DestroyName(name); }
- void operator()(CERTCertList* list) { CERT_DestroyCertList(list); }
- void operator()(CERTSubjectPublicKeyInfo* spki) {
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- }
- void operator()(PK11SlotInfo* slot) { PK11_FreeSlot(slot); }
- void operator()(PK11SymKey* key) { PK11_FreeSymKey(key); }
- void operator()(PRFileDesc* fd) { PR_Close(fd); }
- void operator()(SECAlgorithmID* id) { SECOID_DestroyAlgorithmID(id, true); }
- void operator()(SECItem* item) { SECITEM_FreeItem(item, true); }
- void operator()(SECKEYPublicKey* key) { SECKEY_DestroyPublicKey(key); }
- void operator()(SECKEYPrivateKey* key) { SECKEY_DestroyPrivateKey(key); }
- void operator()(SECKEYPrivateKeyList* list) {
- SECKEY_DestroyPrivateKeyList(list);
- }
- void operator()(PK11URI* uri) { PK11URI_DestroyURI(uri); }
- void operator()(PLArenaPool* arena) { PORT_FreeArena(arena, PR_FALSE); }
- void operator()(PK11Context* context) { PK11_DestroyContext(context, true); }
- void operator()(PK11GenericObject* obj) { PK11_DestroyGenericObject(obj); }
- void operator()(SSLResumptionTokenInfo* token) {
- SSL_DestroyResumptionTokenInfo(token);
- }
- void operator()(SEC_PKCS12DecoderContext* dcx) {
- SEC_PKCS12DecoderFinish(dcx);
- }
- void operator()(CERTDistNames* names) { CERT_FreeDistNames(names); }
-};
-
-template <class T>
-struct ScopedMaybeDelete {
- void operator()(T* ptr) {
- if (ptr) {
- ScopedDelete del;
- del(ptr);
- }
- }
-};
-
-#define SCOPED(x) typedef std::unique_ptr<x, ScopedMaybeDelete<x> > Scoped##x
-
-SCOPED(CERTCertificate);
-SCOPED(CERTCertificateList);
-SCOPED(CERTCertList);
-SCOPED(CERTName);
-SCOPED(CERTSubjectPublicKeyInfo);
-SCOPED(PK11SlotInfo);
-SCOPED(PK11SymKey);
-SCOPED(PRFileDesc);
-SCOPED(SECAlgorithmID);
-SCOPED(SECItem);
-SCOPED(SECKEYPublicKey);
-SCOPED(SECKEYPrivateKey);
-SCOPED(SECKEYPrivateKeyList);
-SCOPED(PK11URI);
-SCOPED(PLArenaPool);
-SCOPED(PK11Context);
-SCOPED(PK11GenericObject);
-SCOPED(SSLResumptionTokenInfo);
-SCOPED(SEC_PKCS12DecoderContext);
-SCOPED(CERTDistNames);
-
-#undef SCOPED
-
-#endif // scoped_ptrs_h__
diff --git a/security/nss/cpputil/scoped_ptrs_ssl.h b/security/nss/cpputil/scoped_ptrs_ssl.h
new file mode 100644
index 000000000..7eeae8f8f
--- /dev/null
+++ b/security/nss/cpputil/scoped_ptrs_ssl.h
@@ -0,0 +1,35 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef scoped_ptrs_ssl_h__
+#define scoped_ptrs_ssl_h__
+
+#include <memory>
+#include "sslexp.h"
+
+struct ScopedDeleteSSL {
+ void operator()(SSLResumptionTokenInfo* token) {
+ SSL_DestroyResumptionTokenInfo(token);
+ }
+};
+
+template <class T>
+struct ScopedMaybeDeleteSSL {
+ void operator()(T* ptr) {
+ if (ptr) {
+ ScopedDeleteSSL del;
+ del(ptr);
+ }
+ }
+};
+
+#define SCOPED(x) typedef std::unique_ptr<x, ScopedMaybeDeleteSSL<x> > Scoped##x
+
+SCOPED(SSLResumptionTokenInfo);
+
+#undef SCOPED
+
+#endif // scoped_ptrs_ssl_h__
diff --git a/security/nss/cpputil/tls_parser.h b/security/nss/cpputil/tls_parser.h
index 56f562e07..cd9e28fc3 100644
--- a/security/nss/cpputil/tls_parser.h
+++ b/security/nss/cpputil/tls_parser.h
@@ -20,13 +20,6 @@
namespace nss_test {
-const uint8_t kTlsChangeCipherSpecType = 20;
-const uint8_t kTlsAlertType = 21;
-const uint8_t kTlsHandshakeType = 22;
-const uint8_t kTlsApplicationDataType = 23;
-const uint8_t kTlsAltHandshakeType = 24;
-const uint8_t kTlsAckType = 25;
-
const uint8_t kTlsHandshakeClientHello = 1;
const uint8_t kTlsHandshakeServerHello = 2;
const uint8_t kTlsHandshakeNewSessionTicket = 4;
@@ -48,6 +41,8 @@ const uint8_t kTlsAlertBadRecordMac = 20;
const uint8_t kTlsAlertRecordOverflow = 22;
const uint8_t kTlsAlertHandshakeFailure = 40;
const uint8_t kTlsAlertBadCertificate = 42;
+const uint8_t kTlsAlertCertificateRevoked = 44;
+const uint8_t kTlsAlertCertificateExpired = 45;
const uint8_t kTlsAlertIllegalParameter = 47;
const uint8_t kTlsAlertDecodeError = 50;
const uint8_t kTlsAlertDecryptError = 51;
@@ -60,7 +55,7 @@ const uint8_t kTlsAlertUnrecognizedName = 112;
const uint8_t kTlsAlertNoApplicationProtocol = 120;
const uint8_t kTlsFakeChangeCipherSpec[] = {
- kTlsChangeCipherSpecType, // Type
+ ssl_ct_change_cipher_spec, // Type
0xfe,
0xff, // Version
0x00,
diff --git a/security/nss/doc/certutil.xml b/security/nss/doc/certutil.xml
index 4622c75e4..5c3b3501a 100644
--- a/security/nss/doc/certutil.xml
+++ b/security/nss/doc/certutil.xml
@@ -84,7 +84,7 @@
<varlistentry>
<term>-F</term>
- <listitem><para>Delete a private key and the associated certificate from a database. Specify the key to delete with the -n argument. Specify the database from which to delete the key with the
+ <listitem><para>Delete a private key and the associated certificate from a database. Specify the key to delete with the -n argument or the -k argument. Specify the database from which to delete the key with the
<option>-d</option> argument.
</para>
<para>
@@ -258,7 +258,8 @@ Add one or multiple extensions that certutil cannot encode yet, by loading their
<varlistentry>
<term>-h tokenname</term>
- <listitem><para>Specify the name of a token to use or act on. If not specified the default token is the internal database slot.</para></listitem>
+ <listitem><para>Specify the name of a token to use or act on. If not specified the default token is the internal database slot.</para>
+ <para>The name can also be a PKCS #11 URI. For example, the NSS internal certificate store can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB". For details about the format, see RFC 7512.</para></listitem>
</varlistentry>
<varlistentry>
@@ -292,7 +293,8 @@ Add one or multiple extensions that certutil cannot encode yet, by loading their
<varlistentry>
<term>-n nickname</term>
- <listitem><para>Specify the nickname of a certificate or key to list, create, add to a database, modify, or validate. Bracket the nickname string with quotation marks if it contains spaces.</para></listitem>
+ <listitem><para>Specify the nickname of a certificate or key to list, create, add to a database, modify, or validate. Bracket the nickname string with quotation marks if it contains spaces.</para>
+ <para>The nickname can also be a PKCS #11 URI. For example, if you have a certificate named "my-server-cert" on the internal certificate store, it can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB;object=my-server-cert". For details about the format, see RFC 7512.</para></listitem>
</varlistentry>
<varlistentry>
@@ -1017,9 +1019,11 @@ certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and
slot: NSS User Private Key and Certificate Services
token: NSS Certificate DB
+ uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
slot: NSS Internal Cryptographic Services
- token: NSS Generic Crypto Services</programlisting>
+ token: NSS Generic Crypto Services
+ uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203</programlisting>
<para><command>Adding Certificates to the Database</command></para>
<para>
diff --git a/security/nss/doc/html/certutil.html b/security/nss/doc/html/certutil.html
index 902d1309a..bacb2a5f5 100644
--- a/security/nss/doc/html/certutil.html
+++ b/security/nss/doc/html/certutil.html
@@ -1,8 +1,8 @@
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>CERTUTIL</title><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot"><link rel="home" href="index.html" title="CERTUTIL"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">CERTUTIL</th></tr></table><hr></div><div class="refentry"><a name="certutil"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>certutil — Manage keys and certificate in both NSS databases and other NSS tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">certutil</code> [<em class="replaceable"><code>options</code></em>] [[<em class="replaceable"><code>arguments</code></em>]]</p></div></div><div class="refsection"><a name="idm140440587239488"></a><h2>STATUS</h2><p>This documentation is still work in progress. Please contribute to the initial review in <a class="ulink" href="https://bugzilla.mozilla.org/show_bug.cgi?id=836477" target="_top">Mozilla NSS bug 836477</a>
- </p></div><div class="refsection"><a name="description"></a><h2>Description</h2><p>The Certificate Database Tool, <span class="command"><strong>certutil</strong></span>, is a command-line utility that can create and modify certificate and key databases. It can specifically list, generate, modify, or delete certificates, create or change the password, generate new public and private key pairs, display the contents of the key database, or delete key pairs within the key database.</p><p>Certificate issuance, part of the key and certificate management process, requires that keys and certificates be created in the key database. This document discusses certificate and key database management. For information on the security module database management, see the <span class="command"><strong>modutil</strong></span> manpage.</p></div><div class="refsection"><a name="options"></a><h2>Command Options and Arguments</h2><p>Running <span class="command"><strong>certutil</strong></span> always requires one and only one command option to specify the type of certificate operation. Each command option may take zero or more arguments. The command option <code class="option">-H</code> will list all the command options and their relevant arguments.</p><p><span class="command"><strong>Command Options</strong></span></p><div class="variablelist"><dl class="variablelist"><dt><span class="term">-A </span></dt><dd><p>Add an existing certificate to a certificate database. The certificate database should already exist; if one is not present, this command option will initialize one by default.</p></dd><dt><span class="term">-B</span></dt><dd><p>Run a series of commands from the specified batch file. This requires the <code class="option">-i</code> argument.</p></dd><dt><span class="term">-C </span></dt><dd><p>Create a new binary certificate file from a binary certificate request file. Use the <code class="option">-i</code> argument to specify the certificate request file. If this argument is not used, <span class="command"><strong>certutil</strong></span> prompts for a filename. </p></dd><dt><span class="term">-D </span></dt><dd><p>Delete a certificate from the certificate database.</p></dd><dt><span class="term">--rename </span></dt><dd><p>Change the database nickname of a certificate.</p></dd><dt><span class="term">-E </span></dt><dd><p>Add an email certificate to the certificate database.</p></dd><dt><span class="term">-F</span></dt><dd><p>Delete a private key from a key database. Specify the key to delete with the -n argument. Specify the database from which to delete the key with the
-<code class="option">-d</code> argument. Use the <code class="option">-k</code> argument to specify explicitly whether to delete a DSA, RSA, or ECC key. If you don't use the <code class="option">-k</code> argument, the option looks for an RSA key matching the specified nickname.
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>CERTUTIL</title><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot"><link rel="home" href="index.html" title="CERTUTIL"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">CERTUTIL</th></tr></table><hr></div><div class="refentry"><a name="certutil"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>certutil — Manage keys and certificate in both NSS databases and other NSS tokens</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">certutil</code> [<em class="replaceable"><code>options</code></em>] [[<em class="replaceable"><code>arguments</code></em>]]</p></div></div><div class="refsection"><a name="idm46274732654912"></a><h2>STATUS</h2><p>This documentation is still work in progress. Please contribute to the initial review in <a class="ulink" href="https://bugzilla.mozilla.org/show_bug.cgi?id=836477" target="_top">Mozilla NSS bug 836477</a>
+ </p></div><div class="refsection"><a name="description"></a><h2>Description</h2><p>The Certificate Database Tool, <span class="command"><strong>certutil</strong></span>, is a command-line utility that can create and modify certificate and key databases. It can specifically list, generate, modify, or delete certificates, create or change the password, generate new public and private key pairs, display the contents of the key database, or delete key pairs within the key database.</p><p>Certificate issuance, part of the key and certificate management process, requires that keys and certificates be created in the key database. This document discusses certificate and key database management. For information on the security module database management, see the <span class="command"><strong>modutil</strong></span> manpage.</p></div><div class="refsection"><a name="options"></a><h2>Command Options and Arguments</h2><p>Running <span class="command"><strong>certutil</strong></span> always requires one and only one command option to specify the type of certificate operation. Each command option may take zero or more arguments. The command option <code class="option">-H</code> will list all the command options and their relevant arguments.</p><p><span class="command"><strong>Command Options</strong></span></p><div class="variablelist"><dl class="variablelist"><dt><span class="term">-A </span></dt><dd><p>Add an existing certificate to a certificate database. The certificate database should already exist; if one is not present, this command option will initialize one by default.</p></dd><dt><span class="term">-B</span></dt><dd><p>Run a series of commands from the specified batch file. This requires the <code class="option">-i</code> argument.</p></dd><dt><span class="term">-C </span></dt><dd><p>Create a new binary certificate file from a binary certificate request file. Use the <code class="option">-i</code> argument to specify the certificate request file. If this argument is not used, <span class="command"><strong>certutil</strong></span> prompts for a filename. </p></dd><dt><span class="term">-D </span></dt><dd><p>Delete a certificate from the certificate database.</p></dd><dt><span class="term">--rename </span></dt><dd><p>Change the database nickname of a certificate.</p></dd><dt><span class="term">-E </span></dt><dd><p>Add an email certificate to the certificate database.</p></dd><dt><span class="term">-F</span></dt><dd><p>Delete a private key and the associated certificate from a database. Specify the key to delete with the -n argument or the -k argument. Specify the database from which to delete the key with the
+<code class="option">-d</code> argument.
</p><p>
-When you delete keys, be sure to also remove any certificates associated with those keys from the certificate database, by using -D. Some smart cards do not let you remove a public key you have generated. In such a case, only the private key is deleted from the key pair. You can display the public key with the command certutil -K -h tokenname. </p></dd><dt><span class="term">-G </span></dt><dd><p>Generate a new public and private key pair within a key database. The key database should already exist; if one is not present, this command option will initialize one by default. Some smart cards can store only one key pair. If you create a new key pair for such a card, the previous pair is overwritten.</p></dd><dt><span class="term">-H </span></dt><dd><p>Display a list of the command options and arguments.</p></dd><dt><span class="term">-K </span></dt><dd><p>List the key ID of keys in the key database. A key ID is the modulus of the RSA key or the publicValue of the DSA key. IDs are displayed in hexadecimal ("0x" is not shown).</p></dd><dt><span class="term">-L </span></dt><dd><p>List all the certificates, or display information about a named certificate, in a certificate database.
+Some smart cards do not let you remove a public key you have generated. In such a case, only the private key is deleted from the key pair.</p></dd><dt><span class="term">-G </span></dt><dd><p>Generate a new public and private key pair within a key database. The key database should already exist; if one is not present, this command option will initialize one by default. Some smart cards can store only one key pair. If you create a new key pair for such a card, the previous pair is overwritten.</p></dd><dt><span class="term">-H </span></dt><dd><p>Display a list of the command options and arguments.</p></dd><dt><span class="term">-K </span></dt><dd><p>List the key ID of keys in the key database. A key ID is the modulus of the RSA key or the publicValue of the DSA key. IDs are displayed in hexadecimal ("0x" is not shown).</p></dd><dt><span class="term">-L </span></dt><dd><p>List all the certificates, or display information about a named certificate, in a certificate database.
Use the -h tokenname argument to specify the certificate database on a particular hardware or software token.</p></dd><dt><span class="term">-M </span></dt><dd><p>Modify a certificate's trust attributes using the values of the -t argument.</p></dd><dt><span class="term">-N</span></dt><dd><p>Create new certificate and key databases.</p></dd><dt><span class="term">-O </span></dt><dd><p>Print the certificate chain.</p></dd><dt><span class="term">-R</span></dt><dd><p>Create a certificate request file that can be submitted to a Certificate Authority (CA) for processing into a finished certificate. Output defaults to standard out unless you use -o output-file argument.
Use the -a argument to specify ASCII output.</p></dd><dt><span class="term">-S </span></dt><dd><p>Create an individual certificate and add it to a certificate database.</p></dd><dt><span class="term">-T </span></dt><dd><p>Reset the key database or token.</p></dd><dt><span class="term">-U </span></dt><dd><p>List all available modules or print a single named module.</p></dd><dt><span class="term">-V </span></dt><dd><p>Check the validity of a certificate and its attributes.</p></dd><dt><span class="term">-W </span></dt><dd><p>Change the password to a key database.</p></dd><dt><span class="term">--merge</span></dt><dd><p>Merge two databases into one.</p></dd><dt><span class="term">--upgrade-merge</span></dt><dd><p>Upgrade an old database and merge it into a new database. This is used to migrate legacy NSS databases (<code class="filename">cert8.db</code> and <code class="filename">key3.db</code>) into the newer SQLite databases (<code class="filename">cert9.db</code> and <code class="filename">key4.db</code>).</p></dd></dl></div><p><span class="command"><strong>Arguments</strong></span></p><p>Arguments modify a command option and are usually lower case, numbers, or symbols.</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">-a</span></dt><dd><p>Use ASCII format or allow the use of ASCII format for input or output. This formatting follows RFC 1113.
@@ -14,13 +14,13 @@ If this option is not used, the validity check defaults to the current system ti
Add one or multiple extensions that certutil cannot encode yet, by loading their encodings from external files.
</p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>OID (example): 1.2.3.4</p></li><li class="listitem"><p>critical-flag: critical or not-critical</p></li><li class="listitem"><p>filename: full path to a file containing an encoded extension</p></li></ul></div></dd><dt><span class="term">-f password-file</span></dt><dd><p>Specify a file that will automatically supply the password to include in a certificate
or to access a certificate database. This is a plain-text file containing one password. Be sure to prevent
- unauthorized access to this file.</p></dd><dt><span class="term">-g keysize</span></dt><dd><p>Set a key size to use when generating new public and private key pairs. The minimum is 512 bits and the maximum is 16384 bits. The default is 2048 bits. Any size between the minimum and maximum is allowed.</p></dd><dt><span class="term">-h tokenname</span></dt><dd><p>Specify the name of a token to use or act on. If not specified the default token is the internal database slot.</p></dd><dt><span class="term">-i input_file</span></dt><dd><p>Pass an input file to the command. Depending on the command option, an input file can be a specific certificate, a certificate request file, or a batch file of commands.</p></dd><dt><span class="term">-k key-type-or-id</span></dt><dd><p>Specify the type or specific ID of a key.</p><p>
+ unauthorized access to this file.</p></dd><dt><span class="term">-g keysize</span></dt><dd><p>Set a key size to use when generating new public and private key pairs. The minimum is 512 bits and the maximum is 16384 bits. The default is 2048 bits. Any size between the minimum and maximum is allowed.</p></dd><dt><span class="term">-h tokenname</span></dt><dd><p>Specify the name of a token to use or act on. If not specified the default token is the internal database slot.</p><p>The name can also be a PKCS #11 URI. For example, the NSS internal certificate store can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB". For details about the format, see RFC 7512.</p></dd><dt><span class="term">-i input_file</span></dt><dd><p>Pass an input file to the command. Depending on the command option, an input file can be a specific certificate, a certificate request file, or a batch file of commands.</p></dd><dt><span class="term">-k key-type-or-id</span></dt><dd><p>Specify the type or specific ID of a key.</p><p>
The valid key type options are rsa, dsa, ec, or all. The default
value is rsa. Specifying the type of key can avoid mistakes caused by
duplicate nicknames. Giving a key type generates a new key pair;
giving the ID of an existing key reuses that key pair (which is
required to renew certificates).
- </p></dd><dt><span class="term">-l </span></dt><dd><p>Display detailed information when validating a certificate with the -V option.</p></dd><dt><span class="term">-m serial-number</span></dt><dd><p>Assign a unique serial number to a certificate being created. This operation should be performed by a CA. If no serial number is provided a default serial number is made from the current time. Serial numbers are limited to integers </p></dd><dt><span class="term">-n nickname</span></dt><dd><p>Specify the nickname of a certificate or key to list, create, add to a database, modify, or validate. Bracket the nickname string with quotation marks if it contains spaces.</p></dd><dt><span class="term">-o output-file</span></dt><dd><p>Specify the output file name for new certificates or binary certificate requests. Bracket the output-file string with quotation marks if it contains spaces. If this argument is not used the output destination defaults to standard output.</p></dd><dt><span class="term">-P dbPrefix</span></dt><dd><p>Specify the prefix used on the certificate and key database file. This argument is provided to support legacy servers. Most applications do not use a database prefix.</p></dd><dt><span class="term">-p phone</span></dt><dd><p>Specify a contact telephone number to include in new certificates or certificate requests. Bracket this string with quotation marks if it contains spaces.</p></dd><dt><span class="term">-q pqgfile or curve-name</span></dt><dd><p>Read an alternate PQG value from the specified file when generating DSA key pairs. If this argument is not used, <span class="command"><strong>certutil</strong></span> generates its own PQG value. PQG files are created with a separate DSA utility.</p><p>Elliptic curve name is one of the ones from nistp256, nistp384, nistp521, curve25519.</p><p>
+ </p></dd><dt><span class="term">-l </span></dt><dd><p>Display detailed information when validating a certificate with the -V option.</p></dd><dt><span class="term">-m serial-number</span></dt><dd><p>Assign a unique serial number to a certificate being created. This operation should be performed by a CA. If no serial number is provided a default serial number is made from the current time. Serial numbers are limited to integers </p></dd><dt><span class="term">-n nickname</span></dt><dd><p>Specify the nickname of a certificate or key to list, create, add to a database, modify, or validate. Bracket the nickname string with quotation marks if it contains spaces.</p><p>The nickname can also be a PKCS #11 URI. For example, if you have a certificate named "my-server-cert" on the internal certificate store, it can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB;object=my-server-cert". For details about the format, see RFC 7512.</p></dd><dt><span class="term">-o output-file</span></dt><dd><p>Specify the output file name for new certificates or binary certificate requests. Bracket the output-file string with quotation marks if it contains spaces. If this argument is not used the output destination defaults to standard output.</p></dd><dt><span class="term">-P dbPrefix</span></dt><dd><p>Specify the prefix used on the certificate and key database file. This argument is provided to support legacy servers. Most applications do not use a database prefix.</p></dd><dt><span class="term">-p phone</span></dt><dd><p>Specify a contact telephone number to include in new certificates or certificate requests. Bracket this string with quotation marks if it contains spaces.</p></dd><dt><span class="term">-q pqgfile or curve-name</span></dt><dd><p>Read an alternate PQG value from the specified file when generating DSA key pairs. If this argument is not used, <span class="command"><strong>certutil</strong></span> generates its own PQG value. PQG files are created with a separate DSA utility.</p><p>Elliptic curve name is one of the ones from nistp256, nistp384, nistp521, curve25519.</p><p>
If a token is available that supports more curves, the foolowing curves are supported as well:
sect163k1, nistk163, sect163r1, sect163r2,
nistb163, sect193r1, sect193r2, sect233k1, nistk233,
@@ -277,9 +277,11 @@ certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and
slot: NSS User Private Key and Certificate Services
token: NSS Certificate DB
+ uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
slot: NSS Internal Cryptographic Services
- token: NSS Generic Crypto Services</pre><p><span class="command"><strong>Adding Certificates to the Database</strong></span></p><p>
+ token: NSS Generic Crypto Services
+ uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203</pre><p><span class="command"><strong>Adding Certificates to the Database</strong></span></p><p>
Existing certificates or certificate requests can be added manually to the certificate database, even if they were generated elsewhere. This uses the <code class="option">-A</code> command option.
</p><pre class="programlisting">certutil -A -n certname -t trustargs -d [sql:]directory [-a] [-i input-file]</pre><p>
For example:
diff --git a/security/nss/doc/html/modutil.html b/security/nss/doc/html/modutil.html
index 5c53b0a62..b1adbf212 100644
--- a/security/nss/doc/html/modutil.html
+++ b/security/nss/doc/html/modutil.html
@@ -1,4 +1,4 @@
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>MODUTIL</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"><link rel="home" href="index.html" title="MODUTIL"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">MODUTIL</th></tr></table><hr></div><div class="refentry"><a name="modutil"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>modutil — Manage PKCS #11 module information within the security module database.</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">modutil</code> [<em class="replaceable"><code>options</code></em>] [[<em class="replaceable"><code>arguments</code></em>]]</p></div></div><div class="refsection"><a name="idm233245929376"></a><h2>STATUS</h2><p>This documentation is still work in progress. Please contribute to the initial review in <a class="ulink" href="https://bugzilla.mozilla.org/show_bug.cgi?id=836477" target="_top">Mozilla NSS bug 836477</a>
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>MODUTIL</title><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot"><link rel="home" href="index.html" title="MODUTIL"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">MODUTIL</th></tr></table><hr></div><div class="refentry"><a name="modutil"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>modutil — Manage PKCS #11 module information within the security module database.</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">modutil</code> [<em class="replaceable"><code>options</code></em>] [[<em class="replaceable"><code>arguments</code></em>]]</p></div></div><div class="refsection"><a name="idm45295675968160"></a><h2>STATUS</h2><p>This documentation is still work in progress. Please contribute to the initial review in <a class="ulink" href="https://bugzilla.mozilla.org/show_bug.cgi?id=836477" target="_top">Mozilla NSS bug 836477</a>
</p></div><div class="refsection"><a name="description"></a><h2>Description</h2><p>The Security Module Database Tool, <span class="command"><strong>modutil</strong></span>, is a command-line utility for managing PKCS #11 module information both within <code class="filename">secmod.db</code> files and within hardware tokens. <span class="command"><strong>modutil</strong></span> can add and delete PKCS #11 modules, change passwords on security databases, set defaults, list module contents, enable or disable slots, enable or disable FIPS 140-2 compliance, and assign default providers for cryptographic operations. This tool can also create certificate, key, and module security database files.</p><p>The tasks associated with security module database management are part of a process that typically also involves managing key databases and certificate databases.</p></div><div class="refsection"><a name="options"></a><h2>Options</h2><p>
Running <span class="command"><strong>modutil</strong></span> always requires one (and only one) option to specify the type of module operation. Each option may take arguments, anywhere from none to multiple arguments.
</p><p><span class="command"><strong>Options</strong></span></p><div class="variablelist"><dl class="variablelist"><dt><span class="term">-add modulename</span></dt><dd><p>Add the named PKCS #11 module to the database. Use this option with the <code class="option">-libfile</code>, <code class="option">-ciphers</code>, and <code class="option">-mechanisms</code> arguments.</p></dd><dt><span class="term">-changepw tokenname</span></dt><dd><p>Change the password on the named token. If the token has not been initialized, this option initializes the password. Use this option with the <code class="option">-pwfile</code> and <code class="option">-newpwfile</code> arguments. A <span class="emphasis"><em>password</em></span> is equivalent to a personal identification number (PIN).</p></dd><dt><span class="term">-chkfips</span></dt><dd><p>Verify whether the module is in the given FIPS mode. <span class="command"><strong>true</strong></span> means to verify that the module is in FIPS mode, while <span class="command"><strong>false</strong></span> means to verify that the module is not in FIPS mode.</p></dd><dt><span class="term">-create</span></dt><dd><p>Create new certificate, key, and module databases. Use the <code class="option">-dbdir</code> directory argument to specify a directory. If any of these databases already exist in a specified directory, <span class="command"><strong>modutil</strong></span> returns an error message.</p></dd><dt><span class="term">-default modulename</span></dt><dd><p>Specify the security mechanisms for which the named module will be a default provider. The security mechanisms are specified with the <code class="option">-mechanisms</code> argument.</p></dd><dt><span class="term">-delete modulename</span></dt><dd><p>Delete the named module. The default NSS PKCS #11 module cannot be deleted.</p></dd><dt><span class="term">-disable modulename</span></dt><dd><p>Disable all slots on the named module. Use the <code class="option">-slot</code> argument to disable a specific slot.</p><p>The internal NSS PKCS #11 module cannot be disabled.</p></dd><dt><span class="term">-enable modulename</span></dt><dd><p>Enable all slots on the named module. Use the <code class="option">-slot</code> argument to enable a specific slot.</p></dd><dt><span class="term">-fips [true | false]</span></dt><dd><p>Enable (true) or disable (false) FIPS 140-2 compliance for the default NSS module.</p></dd><dt><span class="term">-force</span></dt><dd><p>Disable <span class="command"><strong>modutil</strong></span>'s interactive prompts so it can be run from a script. Use this option only after manually testing each planned operation to check for warnings and to ensure that bypassing the prompts will cause no security lapses or loss of database integrity.</p></dd><dt><span class="term">-jar JAR-file</span></dt><dd><p>Add a new PKCS #11 module to the database using the named JAR file. Use this command with the <code class="option">-installdir</code> and <code class="option">-tempdir</code> arguments. The JAR file uses the NSS PKCS #11 JAR format to identify all the files to be installed, the module's name, the mechanism flags, and the cipher flags, as well as any files to be installed on the target machine, including the PKCS #11 module library file and other files such as documentation. This is covered in the JAR installation file section in the man page, which details the special script needed to perform an installation through a server or with <span class="command"><strong>modutil</strong></span>. </p></dd><dt><span class="term">-list [modulename]</span></dt><dd><p>Display basic information about the contents of the <code class="filename">secmod.db</code> file. Specifying a <span class="emphasis"><em>modulename</em></span> displays detailed information about a particular module and its slots and tokens.</p></dd><dt><span class="term">-rawadd</span></dt><dd><p>Add the module spec string to the <code class="filename">secmod.db</code> database.</p></dd><dt><span class="term">-rawlist</span></dt><dd><p>Display the module specs for a specified module or for all loadable modules.</p></dd><dt><span class="term">-undefault modulename</span></dt><dd><p>Specify the security mechanisms for which the named module will not be a default provider. The security mechanisms are specified with the <code class="option">-mechanisms</code> argument.</p></dd></dl></div><p><span class="command"><strong>Arguments</strong></span></p><div class="variablelist"><dl class="variablelist"><dt><span class="term">MODULE</span></dt><dd><p>Give the security module to access.</p></dd><dt><span class="term">MODULESPEC</span></dt><dd><p>Give the security module spec to load into the security database.</p></dd><dt><span class="term">-ciphers cipher-enable-list</span></dt><dd><p>Enable specific ciphers in a module that is being added to the database. The <span class="emphasis"><em>cipher-enable-list</em></span> is a colon-delimited list of cipher names. Enclose this list in quotation marks if it contains spaces.</p></dd><dt><span class="term">-dbdir [sql:]directory</span></dt><dd><p>Specify the database directory in which to access or create security module database files.</p><p><span class="command"><strong>modutil</strong></span> supports two types of databases: the legacy security databases (<code class="filename">cert8.db</code>, <code class="filename">key3.db</code>, and <code class="filename">secmod.db</code>) and new SQLite databases (<code class="filename">cert9.db</code>, <code class="filename">key4.db</code>, and <code class="filename">pkcs11.txt</code>). If the prefix <span class="command"><strong>sql:</strong></span> is not used, then the tool assumes that the given databases are in the old format.</p></dd><dt><span class="term">--dbprefix prefix</span></dt><dd><p>Specify the prefix used on the database files, such as <code class="filename">my_</code> for <code class="filename">my_cert8.db</code>. This option is provided as a special case. Changing the names of the certificate and key databases is not recommended.</p></dd><dt><span class="term">-installdir root-installation-directory</span></dt><dd><p>Specify the root installation directory relative to which files will be installed by the <code class="option">-jar</code> option. This directory should be one below which it is appropriate to store dynamic library files, such as a server's root directory.</p></dd><dt><span class="term">-libfile library-file</span></dt><dd><p>Specify a path to a library file containing the implementation of the PKCS #11 interface module that is being added to the database.</p></dd><dt><span class="term">-mechanisms mechanism-list</span></dt><dd><p>Specify the security mechanisms for which a particular module will be flagged as a default provider. The <span class="emphasis"><em>mechanism-list</em></span> is a colon-delimited list of mechanism names. Enclose this list in quotation marks if it contains spaces.</p><p>The module becomes a default provider for the listed mechanisms when those mechanisms are enabled. If more than one module claims to be a particular mechanism's default provider, that mechanism's default provider is undefined.</p><p><span class="command"><strong>modutil</strong></span> supports several mechanisms: RSA, DSA, RC2, RC4, RC5, AES, DES, DH, SHA1, SHA256, SHA512, SSL, TLS, MD5, MD2, RANDOM (for random number generation), and FRIENDLY (meaning certificates are publicly readable).</p></dd><dt><span class="term">-newpwfile new-password-file</span></dt><dd><p>Specify a text file containing a token's new or replacement password so that a password can be entered automatically with the <code class="option">-changepw</code> option.</p></dd><dt><span class="term">-nocertdb</span></dt><dd><p>Do not open the certificate or key databases. This has several effects:</p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>With the <code class="option">-create</code> command, only a module security file is created; certificate and key databases are not created.</p></li><li class="listitem"><p>With the <code class="option">-jar</code> command, signatures on the JAR file are not checked.</p></li><li class="listitem"><p>With the <code class="option">-changepw</code> command, the password on the NSS internal module cannot be set or changed, since this password is stored in the key database.</p></li></ul></div></dd><dt><span class="term">-pwfile old-password-file</span></dt><dd><p>Specify a text file containing a token's existing password so that a password can be entered automatically when the <code class="option">-changepw</code> option is used to change passwords.</p></dd><dt><span class="term">-secmod secmodname</span></dt><dd><p>Give the name of the security module database (like <code class="filename">secmod.db</code>) to load.</p></dd><dt><span class="term">-slot slotname</span></dt><dd><p>Specify a particular slot to be enabled or disabled with the <code class="option">-enable</code> or <code class="option">-disable</code> options.</p></dd><dt><span class="term">-string CONFIG_STRING</span></dt><dd><p>Pass a configuration string for the module being added to the database.</p></dd><dt><span class="term">-tempdir temporary-directory</span></dt><dd><p>Give a directory location where temporary files are created during the installation by the <code class="option">-jar</code> option. If no temporary directory is specified, the current directory is used.</p></dd></dl></div></div><div class="refsection"><a name="usage-and-examples"></a><h2>Usage and Examples</h2><p><span class="command"><strong>Creating Database Files</strong></span></p><p>Before any operations can be performed, there must be a set of security databases available. <span class="command"><strong>modutil</strong></span> can be used to create these files. The only required argument is the database that where the databases will be located.</p><pre class="programlisting">modutil -create -dbdir [sql:]directory</pre><p><span class="command"><strong>Adding a Cryptographic Module</strong></span></p><p>Adding a PKCS #11 module means submitting a supporting library file, enabling its ciphers, and setting default provider status for various security mechanisms. This can be done by supplying all of the information through <span class="command"><strong>modutil</strong></span> directly or by running a JAR file and install script. For the most basic case, simply upload the library:</p><pre class="programlisting">modutil -add modulename -libfile library-file [-ciphers cipher-enable-list] [-mechanisms mechanism-list] </pre><p>For example:
@@ -63,9 +63,11 @@ Listing of PKCS #11 Modules
slot: NSS Internal Cryptographic Services
token: NSS Generic Crypto Services
+ uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
slot: NSS User Private Key and Certificate Services
token: NSS Certificate DB
+ uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
-----------------------------------------------------------</pre><p>Passing a specific module name with the <code class="option">-list</code> returns details information about the module itself, like supported cipher mechanisms, version numbers, serial numbers, and other information about the module and the token it is loaded on. For example:</p><pre class="programlisting"> modutil -list "NSS Internal PKCS #11 Module" -dbdir sql:/home/my/sharednssdb
-----------------------------------------------------------
diff --git a/security/nss/doc/html/pk12util.html b/security/nss/doc/html/pk12util.html
index 94dbf51e9..d773136c4 100644
--- a/security/nss/doc/html/pk12util.html
+++ b/security/nss/doc/html/pk12util.html
@@ -1,5 +1,5 @@
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>PK12UTIL</title><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot"><link rel="home" href="index.html" title="PK12UTIL"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">PK12UTIL</th></tr></table><hr></div><div class="refentry"><a name="pk12util"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pk12util — Export and import keys and certificate to or from a PKCS #12 file and the NSS database</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pk12util</code> [-i p12File|-l p12File|-o p12File] [-d [sql:]directory] [-h tokenname] [-P dbprefix] [-r] [-v] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]</p></div></div><div class="refsection"><a name="idm139975398059856"></a><h2>STATUS</h2><p>This documentation is still work in progress. Please contribute to the initial review in <a class="ulink" href="https://bugzilla.mozilla.org/show_bug.cgi?id=836477" target="_top">Mozilla NSS bug 836477</a>
- </p></div><div class="refsection"><a name="description"></a><h2>Description</h2><p>The PKCS #12 utility, <span class="command"><strong>pk12util</strong></span>, enables sharing certificates among any server that supports PKCS #12. The tool can import certificates and keys from PKCS #12 files into security databases, export certificates, and list certificates and keys.</p></div><div class="refsection"><a name="options"></a><h2>Options and Arguments</h2><p><span class="command"><strong>Options</strong></span></p><div class="variablelist"><dl class="variablelist"><dt><span class="term">-i p12file</span></dt><dd><p>Import keys and certificates from a PKCS #12 file into a security database.</p></dd><dt><span class="term">-l p12file</span></dt><dd><p>List the keys and certificates in PKCS #12 file.</p></dd><dt><span class="term">-o p12file</span></dt><dd><p>Export keys and certificates from the security database to a PKCS #12 file.</p></dd></dl></div><p><span class="command"><strong>Arguments</strong></span></p><div class="variablelist"><dl class="variablelist"><dt><span class="term">-c keyCipher</span></dt><dd><p>Specify the key encryption algorithm.</p></dd><dt><span class="term">-C certCipher</span></dt><dd><p>Specify the certiticate encryption algorithm.</p></dd><dt><span class="term">-d [sql:]directory</span></dt><dd><p>Specify the database directory into which to import to or export from certificates and keys.</p><p><span class="command"><strong>pk12util</strong></span> supports two types of databases: the legacy security databases (<code class="filename">cert8.db</code>, <code class="filename">key3.db</code>, and <code class="filename">secmod.db</code>) and new SQLite databases (<code class="filename">cert9.db</code>, <code class="filename">key4.db</code>, and <code class="filename">pkcs11.txt</code>). If the prefix <span class="command"><strong>sql:</strong></span> is not used, then the tool assumes that the given databases are in the old format.</p></dd><dt><span class="term">-h tokenname</span></dt><dd><p>Specify the name of the token to import into or export from.</p></dd><dt><span class="term">-k slotPasswordFile</span></dt><dd><p>Specify the text file containing the slot's password.</p></dd><dt><span class="term">-K slotPassword</span></dt><dd><p>Specify the slot's password.</p></dd><dt><span class="term">-m | --key-len keyLength</span></dt><dd><p>Specify the desired length of the symmetric key to be used to encrypt the private key.</p></dd><dt><span class="term">-n | --cert-key-len certKeyLength</span></dt><dd><p>Specify the desired length of the symmetric key to be used to encrypt the certificates and other meta-data.</p></dd><dt><span class="term">-n certname</span></dt><dd><p>Specify the nickname of the cert and private key to export.</p></dd><dt><span class="term">-P prefix</span></dt><dd><p>Specify the prefix used on the certificate and key databases. This option is provided as a special case.
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>PK12UTIL</title><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot"><link rel="home" href="index.html" title="PK12UTIL"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">PK12UTIL</th></tr></table><hr></div><div class="refentry"><a name="pk12util"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pk12util — Export and import keys and certificate to or from a PKCS #12 file and the NSS database</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pk12util</code> [-i p12File|-l p12File|-o p12File] [-d [sql:]directory] [-h tokenname] [-P dbprefix] [-r] [-v] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]</p></div></div><div class="refsection"><a name="idm45659476549872"></a><h2>STATUS</h2><p>This documentation is still work in progress. Please contribute to the initial review in <a class="ulink" href="https://bugzilla.mozilla.org/show_bug.cgi?id=836477" target="_top">Mozilla NSS bug 836477</a>
+ </p></div><div class="refsection"><a name="description"></a><h2>Description</h2><p>The PKCS #12 utility, <span class="command"><strong>pk12util</strong></span>, enables sharing certificates among any server that supports PKCS #12. The tool can import certificates and keys from PKCS #12 files into security databases, export certificates, and list certificates and keys.</p></div><div class="refsection"><a name="options"></a><h2>Options and Arguments</h2><p><span class="command"><strong>Options</strong></span></p><div class="variablelist"><dl class="variablelist"><dt><span class="term">-i p12file</span></dt><dd><p>Import keys and certificates from a PKCS #12 file into a security database.</p></dd><dt><span class="term">-l p12file</span></dt><dd><p>List the keys and certificates in PKCS #12 file.</p></dd><dt><span class="term">-o p12file</span></dt><dd><p>Export keys and certificates from the security database to a PKCS #12 file.</p></dd></dl></div><p><span class="command"><strong>Arguments</strong></span></p><div class="variablelist"><dl class="variablelist"><dt><span class="term">-c keyCipher</span></dt><dd><p>Specify the key encryption algorithm.</p></dd><dt><span class="term">-C certCipher</span></dt><dd><p>Specify the certiticate encryption algorithm.</p></dd><dt><span class="term">-d [sql:]directory</span></dt><dd><p>Specify the database directory into which to import to or export from certificates and keys.</p><p><span class="command"><strong>pk12util</strong></span> supports two types of databases: the legacy security databases (<code class="filename">cert8.db</code>, <code class="filename">key3.db</code>, and <code class="filename">secmod.db</code>) and new SQLite databases (<code class="filename">cert9.db</code>, <code class="filename">key4.db</code>, and <code class="filename">pkcs11.txt</code>). If the prefix <span class="command"><strong>sql:</strong></span> is not used, then the tool assumes that the given databases are in the old format.</p></dd><dt><span class="term">-h tokenname</span></dt><dd><p>Specify the name of the token to import into or export from.</p></dd><dt><span class="term">-k slotPasswordFile</span></dt><dd><p>Specify the text file containing the slot's password.</p></dd><dt><span class="term">-K slotPassword</span></dt><dd><p>Specify the slot's password.</p></dd><dt><span class="term">-m | --key-len keyLength</span></dt><dd><p>Specify the desired length of the symmetric key to be used to encrypt the private key.</p></dd><dt><span class="term">-n | --cert-key-len certKeyLength</span></dt><dd><p>Specify the desired length of the symmetric key to be used to encrypt the certificates and other meta-data.</p></dd><dt><span class="term">-n certname</span></dt><dd><p>Specify the nickname of the cert and private key to export.</p><p>The nickname can also be a PKCS #11 URI. For example, if you have a certificate named "my-server-cert" on the internal certificate store, it can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB;object=my-server-cert". For details about the format, see RFC 7512.</p></dd><dt><span class="term">-P prefix</span></dt><dd><p>Specify the prefix used on the certificate and key databases. This option is provided as a special case.
Changing the names of the certificate and key databases is not recommended.</p></dd><dt><span class="term">-r</span></dt><dd><p>Dumps all of the data in raw (binary) form. This must be saved as a DER file. The default is to return information in a pretty-print ASCII format, which displays the information about the certificates and public keys in the p12 file.</p></dd><dt><span class="term">-v </span></dt><dd><p>Enable debug logging when importing.</p></dd><dt><span class="term">-w p12filePasswordFile</span></dt><dd><p>Specify the text file containing the pkcs #12 file password.</p></dd><dt><span class="term">-W p12filePassword</span></dt><dd><p>Specify the pkcs #12 file password.</p></dd></dl></div></div><div class="refsection"><a name="return-codes"></a><h2>Return Codes</h2><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p> 0 - No error</p></li><li class="listitem"><p> 1 - User Cancelled</p></li><li class="listitem"><p> 2 - Usage error</p></li><li class="listitem"><p> 6 - NLS init error</p></li><li class="listitem"><p> 8 - Certificate DB open error</p></li><li class="listitem"><p> 9 - Key DB open error</p></li><li class="listitem"><p> 10 - File initialization error</p></li><li class="listitem"><p> 11 - Unicode conversion error</p></li><li class="listitem"><p> 12 - Temporary file creation error</p></li><li class="listitem"><p> 13 - PKCS11 get slot error</p></li><li class="listitem"><p> 14 - PKCS12 decoder start error</p></li><li class="listitem"><p> 15 - error read from import file</p></li><li class="listitem"><p> 16 - pkcs12 decode error</p></li><li class="listitem"><p> 17 - pkcs12 decoder verify error</p></li><li class="listitem"><p> 18 - pkcs12 decoder validate bags error</p></li><li class="listitem"><p> 19 - pkcs12 decoder import bags error</p></li><li class="listitem"><p> 20 - key db conversion version 3 to version 2 error</p></li><li class="listitem"><p> 21 - cert db conversion version 7 to version 5 error</p></li><li class="listitem"><p> 22 - cert and key dbs patch error</p></li><li class="listitem"><p> 23 - get default cert db error</p></li><li class="listitem"><p> 24 - find cert by nickname error</p></li><li class="listitem"><p> 25 - create export context error</p></li><li class="listitem"><p> 26 - PKCS12 add password itegrity error</p></li><li class="listitem"><p> 27 - cert and key Safes creation error</p></li><li class="listitem"><p> 28 - PKCS12 add cert and key error</p></li><li class="listitem"><p> 29 - PKCS12 encode error</p></li></ul></div></div><div class="refsection"><a name="examples"></a><h2>Examples</h2><p><span class="command"><strong>Importing Keys and Certificates</strong></span></p><p>The most basic usage of <span class="command"><strong>pk12util</strong></span> for importing a certificate or key is the PKCS #12 input file (<code class="option">-i</code>) and some way to specify the security database being accessed (either <code class="option">-d</code> for a directory or <code class="option">-h</code> for a token).
</p><p>
pk12util -i p12File [-h tokenname] [-v] [-d [sql:]directory] [-P dbprefix] [-k slotPasswordFile|-K slotPassword] [-w p12filePasswordFile|-W p12filePassword]
diff --git a/security/nss/doc/modutil.xml b/security/nss/doc/modutil.xml
index 142aa69da..b757a8731 100644
--- a/security/nss/doc/modutil.xml
+++ b/security/nss/doc/modutil.xml
@@ -322,9 +322,11 @@ Listing of PKCS #11 Modules
slot: NSS Internal Cryptographic Services
token: NSS Generic Crypto Services
+ uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
slot: NSS User Private Key and Certificate Services
token: NSS Certificate DB
+ uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
-----------------------------------------------------------</programlisting>
<para>Passing a specific module name with the <option>-list</option> returns details information about the module itself, like supported cipher mechanisms, version numbers, serial numbers, and other information about the module and the token it is loaded on. For example:</para>
<programlisting> modutil -list "NSS Internal PKCS #11 Module" -dbdir sql:/home/my/sharednssdb
diff --git a/security/nss/doc/nroff/certutil.1 b/security/nss/doc/nroff/certutil.1
index 80a02fc27..b6a2e90b2 100644
--- a/security/nss/doc/nroff/certutil.1
+++ b/security/nss/doc/nroff/certutil.1
@@ -2,12 +2,12 @@
.\" Title: CERTUTIL
.\" Author: [see the "Authors" section]
.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/>
-.\" Date: 27 October 2017
+.\" Date: 5 October 2017
.\" Manual: NSS Security Tools
.\" Source: nss-tools
.\" Language: English
.\"
-.TH "CERTUTIL" "1" "27 October 2017" "nss-tools" "NSS Security Tools"
+.TH "CERTUTIL" "1" "5 October 2017" "nss-tools" "NSS Security Tools"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -92,15 +92,11 @@ Add an email certificate to the certificate database\&.
.PP
\-F
.RS 4
-Delete a private key from a key database\&. Specify the key to delete with the \-n argument\&. Specify the database from which to delete the key with the
+Delete a private key and the associated certificate from a database\&. Specify the key to delete with the \-n argument or the \-k argument\&. Specify the database from which to delete the key with the
\fB\-d\fR
-argument\&. Use the
-\fB\-k\fR
-argument to specify explicitly whether to delete a DSA, RSA, or ECC key\&. If you don\*(Aqt use the
-\fB\-k\fR
-argument, the option looks for an RSA key matching the specified nickname\&.
+argument\&.
.sp
-When you delete keys, be sure to also remove any certificates associated with those keys from the certificate database, by using \-D\&. Some smart cards do not let you remove a public key you have generated\&. In such a case, only the private key is deleted from the key pair\&. You can display the public key with the command certutil \-K \-h tokenname\&.
+Some smart cards do not let you remove a public key you have generated\&. In such a case, only the private key is deleted from the key pair\&.
.RE
.PP
\-G
@@ -321,6 +317,8 @@ Set a key size to use when generating new public and private key pairs\&. The mi
\-h tokenname
.RS 4
Specify the name of a token to use or act on\&. If not specified the default token is the internal database slot\&.
+.sp
+The name can also be a PKCS #11 URI\&. For example, the NSS internal certificate store can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB"\&. For details about the format, see RFC 7512\&.
.RE
.PP
\-i input_file
@@ -348,6 +346,8 @@ Assign a unique serial number to a certificate being created\&. This operation s
\-n nickname
.RS 4
Specify the nickname of a certificate or key to list, create, add to a database, modify, or validate\&. Bracket the nickname string with quotation marks if it contains spaces\&.
+.sp
+The nickname can also be a PKCS #11 URI\&. For example, if you have a certificate named "my\-server\-cert" on the internal certificate store, it can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB;object=my\-server\-cert"\&. For details about the format, see RFC 7512\&.
.RE
.PP
\-o output\-file
@@ -1579,9 +1579,11 @@ $ certutil \-U \-d sql:/home/my/sharednssdb
slot: NSS User Private Key and Certificate Services
token: NSS Certificate DB
+ uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
slot: NSS Internal Cryptographic Services
token: NSS Generic Crypto Services
+ uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
.fi
.if n \{\
.RE
diff --git a/security/nss/doc/nroff/modutil.1 b/security/nss/doc/nroff/modutil.1
index 1ce9ab2ce..a2d7fe48b 100644
--- a/security/nss/doc/nroff/modutil.1
+++ b/security/nss/doc/nroff/modutil.1
@@ -1,13 +1,13 @@
'\" t
.\" Title: MODUTIL
.\" Author: [see the "Authors" section]
-.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
-.\" Date: 5 June 2014
+.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/>
+.\" Date: 5 October 2017
.\" Manual: NSS Security Tools
.\" Source: nss-tools
.\" Language: English
.\"
-.TH "MODUTIL" "1" "5 June 2014" "nss-tools" "NSS Security Tools"
+.TH "MODUTIL" "1" "5 October 2017" "nss-tools" "NSS Security Tools"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -515,9 +515,11 @@ Listing of PKCS #11 Modules
slot: NSS Internal Cryptographic Services
token: NSS Generic Crypto Services
+ uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
slot: NSS User Private Key and Certificate Services
token: NSS Certificate DB
+ uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-
.fi
.if n \{\
diff --git a/security/nss/doc/nroff/pk12util.1 b/security/nss/doc/nroff/pk12util.1
index e0a8da833..eae5d3616 100644
--- a/security/nss/doc/nroff/pk12util.1
+++ b/security/nss/doc/nroff/pk12util.1
@@ -2,12 +2,12 @@
.\" Title: PK12UTIL
.\" Author: [see the "Authors" section]
.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/>
-.\" Date: 27 October 2017
+.\" Date: 5 October 2017
.\" Manual: NSS Security Tools
.\" Source: nss-tools
.\" Language: English
.\"
-.TH "PK12UTIL" "1" "27 October 2017" "nss-tools" "NSS Security Tools"
+.TH "PK12UTIL" "1" "5 October 2017" "nss-tools" "NSS Security Tools"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -113,6 +113,8 @@ Specify the desired length of the symmetric key to be used to encrypt the certif
\-n certname
.RS 4
Specify the nickname of the cert and private key to export\&.
+.sp
+The nickname can also be a PKCS #11 URI\&. For example, if you have a certificate named "my\-server\-cert" on the internal certificate store, it can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB;object=my\-server\-cert"\&. For details about the format, see RFC 7512\&.
.RE
.PP
\-P prefix
diff --git a/security/nss/doc/pk12util.xml b/security/nss/doc/pk12util.xml
index c26794965..3f8eecf1b 100644
--- a/security/nss/doc/pk12util.xml
+++ b/security/nss/doc/pk12util.xml
@@ -114,7 +114,8 @@
<varlistentry>
<term>-n certname</term>
- <listitem><para>Specify the nickname of the cert and private key to export.</para></listitem>
+ <listitem><para>Specify the nickname of the cert and private key to export.</para>
+ <para>The nickname can also be a PKCS #11 URI. For example, if you have a certificate named "my-server-cert" on the internal certificate store, it can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB;object=my-server-cert". For details about the format, see RFC 7512.</para></listitem>
</varlistentry>
<varlistentry>
diff --git a/security/nss/exports.gyp b/security/nss/exports.gyp
index 907b5ac88..5cb44157f 100644
--- a/security/nss/exports.gyp
+++ b/security/nss/exports.gyp
@@ -5,9 +5,82 @@
'includes': [
'coreconf/config.gypi'
],
+ 'conditions': [
+ [ 'mozpkix_only==0', {
+ 'targets': [
+ {
+ 'target_name': 'nss_exports',
+ 'type': 'none',
+ 'direct_dependent_settings': {
+ 'include_dirs': [
+ '<(nss_public_dist_dir)/nss',
+ ]
+ },
+ 'dependencies': [
+ 'cmd/lib/exports.gyp:cmd_lib_exports',
+ 'lib/base/exports.gyp:lib_base_exports',
+ 'lib/certdb/exports.gyp:lib_certdb_exports',
+ 'lib/certhigh/exports.gyp:lib_certhigh_exports',
+ 'lib/ckfw/builtins/exports.gyp:lib_ckfw_builtins_exports',
+ 'lib/ckfw/exports.gyp:lib_ckfw_exports',
+ 'lib/crmf/exports.gyp:lib_crmf_exports',
+ 'lib/cryptohi/exports.gyp:lib_cryptohi_exports',
+ 'lib/dev/exports.gyp:lib_dev_exports',
+ 'lib/freebl/exports.gyp:lib_freebl_exports',
+ 'lib/jar/exports.gyp:lib_jar_exports',
+ 'lib/nss/exports.gyp:lib_nss_exports',
+ 'lib/pk11wrap/exports.gyp:lib_pk11wrap_exports',
+ 'lib/pkcs12/exports.gyp:lib_pkcs12_exports',
+ 'lib/pkcs7/exports.gyp:lib_pkcs7_exports',
+ 'lib/pki/exports.gyp:lib_pki_exports',
+ 'lib/smime/exports.gyp:lib_smime_exports',
+ 'lib/softoken/exports.gyp:lib_softoken_exports',
+ 'lib/sqlite/exports.gyp:lib_sqlite_exports',
+ 'lib/ssl/exports.gyp:lib_ssl_exports',
+ 'lib/util/exports.gyp:lib_util_exports',
+ 'lib/zlib/exports.gyp:lib_zlib_exports',
+ ],
+ 'conditions': [
+ [ 'disable_libpkix==0', {
+ 'dependencies': [
+ 'lib/libpkix/include/exports.gyp:lib_libpkix_include_exports',
+ 'lib/libpkix/pkix/certsel/exports.gyp:lib_libpkix_pkix_certsel_exports',
+ 'lib/libpkix/pkix/checker/exports.gyp:lib_libpkix_pkix_checker_exports',
+ 'lib/libpkix/pkix/crlsel/exports.gyp:lib_libpkix_pkix_crlsel_exports',
+ 'lib/libpkix/pkix/params/exports.gyp:lib_libpkix_pkix_params_exports',
+ 'lib/libpkix/pkix/results/exports.gyp:lib_libpkix_pkix_results_exports',
+ 'lib/libpkix/pkix/store/exports.gyp:lib_libpkix_pkix_store_exports',
+ 'lib/libpkix/pkix/top/exports.gyp:lib_libpkix_pkix_top_exports',
+ 'lib/libpkix/pkix/util/exports.gyp:lib_libpkix_pkix_util_exports',
+ 'lib/libpkix/pkix_pl_nss/module/exports.gyp:lib_libpkix_pkix_pl_nss_module_exports',
+ 'lib/libpkix/pkix_pl_nss/pki/exports.gyp:lib_libpkix_pkix_pl_nss_pki_exports',
+ 'lib/libpkix/pkix_pl_nss/system/exports.gyp:lib_libpkix_pkix_pl_nss_system_exports',
+ ],
+ }],
+ ],
+ },
+ {
+ 'target_name': 'dbm_exports',
+ 'type': 'none',
+ 'conditions': [
+ ['disable_dbm==0', {
+ 'direct_dependent_settings': {
+ 'include_dirs': [
+ '<(nss_public_dist_dir)/dbm'
+ ]
+ },
+ 'dependencies': [
+ 'lib/dbm/include/exports.gyp:lib_dbm_include_exports'
+ ],
+ }],
+ ],
+ }
+ ],
+ }],
+ ],
'targets': [
{
- 'target_name': 'nss_exports',
+ 'target_name': 'nss_mozpkix_exports',
'type': 'none',
'direct_dependent_settings': {
'include_dirs': [
@@ -15,63 +88,9 @@
]
},
'dependencies': [
- 'cmd/lib/exports.gyp:cmd_lib_exports',
- 'lib/base/exports.gyp:lib_base_exports',
- 'lib/certdb/exports.gyp:lib_certdb_exports',
- 'lib/certhigh/exports.gyp:lib_certhigh_exports',
- 'lib/ckfw/builtins/exports.gyp:lib_ckfw_builtins_exports',
- 'lib/ckfw/exports.gyp:lib_ckfw_exports',
- 'lib/crmf/exports.gyp:lib_crmf_exports',
- 'lib/cryptohi/exports.gyp:lib_cryptohi_exports',
- 'lib/dev/exports.gyp:lib_dev_exports',
- 'lib/freebl/exports.gyp:lib_freebl_exports',
- 'lib/jar/exports.gyp:lib_jar_exports',
- 'lib/nss/exports.gyp:lib_nss_exports',
- 'lib/pk11wrap/exports.gyp:lib_pk11wrap_exports',
- 'lib/pkcs12/exports.gyp:lib_pkcs12_exports',
- 'lib/pkcs7/exports.gyp:lib_pkcs7_exports',
- 'lib/pki/exports.gyp:lib_pki_exports',
- 'lib/smime/exports.gyp:lib_smime_exports',
- 'lib/softoken/exports.gyp:lib_softoken_exports',
- 'lib/sqlite/exports.gyp:lib_sqlite_exports',
- 'lib/ssl/exports.gyp:lib_ssl_exports',
- 'lib/util/exports.gyp:lib_util_exports',
- 'lib/zlib/exports.gyp:lib_zlib_exports'
- ],
- 'conditions': [
- [ 'disable_libpkix==0', {
- 'dependencies': [
- 'lib/libpkix/include/exports.gyp:lib_libpkix_include_exports',
- 'lib/libpkix/pkix/certsel/exports.gyp:lib_libpkix_pkix_certsel_exports',
- 'lib/libpkix/pkix/checker/exports.gyp:lib_libpkix_pkix_checker_exports',
- 'lib/libpkix/pkix/crlsel/exports.gyp:lib_libpkix_pkix_crlsel_exports',
- 'lib/libpkix/pkix/params/exports.gyp:lib_libpkix_pkix_params_exports',
- 'lib/libpkix/pkix/results/exports.gyp:lib_libpkix_pkix_results_exports',
- 'lib/libpkix/pkix/store/exports.gyp:lib_libpkix_pkix_store_exports',
- 'lib/libpkix/pkix/top/exports.gyp:lib_libpkix_pkix_top_exports',
- 'lib/libpkix/pkix/util/exports.gyp:lib_libpkix_pkix_util_exports',
- 'lib/libpkix/pkix_pl_nss/module/exports.gyp:lib_libpkix_pkix_pl_nss_module_exports',
- 'lib/libpkix/pkix_pl_nss/pki/exports.gyp:lib_libpkix_pkix_pl_nss_pki_exports',
- 'lib/libpkix/pkix_pl_nss/system/exports.gyp:lib_libpkix_pkix_pl_nss_system_exports',
- ],
- }],
+ 'lib/mozpkix/exports.gyp:lib_mozpkix_exports',
+ 'lib/mozpkix/exports.gyp:lib_mozpkix_test_exports',
],
},
- {
- 'target_name': 'dbm_exports',
- 'type': 'none',
- 'conditions': [
- ['disable_dbm==0', {
- 'direct_dependent_settings': {
- 'include_dirs': [
- '<(nss_public_dist_dir)/dbm'
- ]
- },
- 'dependencies': [
- 'lib/dbm/include/exports.gyp:lib_dbm_include_exports'
- ],
- }],
- ],
- }
- ]
+ ],
}
diff --git a/security/nss/fuzz/config/git-copy.sh b/security/nss/fuzz/config/git-copy.sh
index a9e817e2a..fac8cbecf 100644
--- a/security/nss/fuzz/config/git-copy.sh
+++ b/security/nss/fuzz/config/git-copy.sh
@@ -1,6 +1,6 @@
#!/usr/bin/env bash
-set -e
+set -ex
if [ $# -lt 3 ]; then
echo "Usage: $0 <repo> <branch> <directory>" 1>&2
@@ -28,7 +28,7 @@ fi
rm -rf "$DIR"
git init -q "$DIR"
-git -C "$DIR" fetch -q --depth=1 "$REPO" "$COMMIT":git-copy-tmp
-git -C "$DIR" reset --hard git-copy-tmp
+git -C "$DIR" fetch -q --depth=1 "$REPO" "$COMMIT"
+git -C "$DIR" reset -q --hard FETCH_HEAD
git -C "$DIR" rev-parse --verify HEAD > "$DIR"/.git-copy
rm -rf "$DIR"/.git
diff --git a/security/nss/fuzz/tls_server_certs.cc b/security/nss/fuzz/tls_server_certs.cc
index 705b6aab3..20732a5e0 100644
--- a/security/nss/fuzz/tls_server_certs.cc
+++ b/security/nss/fuzz/tls_server_certs.cc
@@ -8,7 +8,7 @@
#include "ssl.h"
#include "cpputil.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_server_certs.h"
const uint8_t kP256ServerCert[] = {
diff --git a/security/nss/gtests/certdb_gtest/alg1485_unittest.cc b/security/nss/gtests/certdb_gtest/alg1485_unittest.cc
index ef6733092..8daa6660f 100644
--- a/security/nss/gtests/certdb_gtest/alg1485_unittest.cc
+++ b/security/nss/gtests/certdb_gtest/alg1485_unittest.cc
@@ -9,7 +9,7 @@
#include "gtest/gtest.h"
#include "nss.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "prprf.h"
namespace nss_test {
diff --git a/security/nss/gtests/cryptohi_gtest/cryptohi_unittest.cc b/security/nss/gtests/cryptohi_gtest/cryptohi_unittest.cc
index ab553ee01..d690a4fec 100644
--- a/security/nss/gtests/cryptohi_gtest/cryptohi_unittest.cc
+++ b/security/nss/gtests/cryptohi_gtest/cryptohi_unittest.cc
@@ -8,7 +8,7 @@
#include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "cryptohi.h"
#include "secitem.h"
#include "secerr.h"
diff --git a/security/nss/gtests/der_gtest/der_private_key_import_unittest.cc b/security/nss/gtests/der_gtest/der_private_key_import_unittest.cc
index 836cc7876..88c283317 100644
--- a/security/nss/gtests/der_gtest/der_private_key_import_unittest.cc
+++ b/security/nss/gtests/der_gtest/der_private_key_import_unittest.cc
@@ -11,7 +11,7 @@
#include "secutil.h"
#include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
namespace nss_test {
diff --git a/security/nss/gtests/der_gtest/p12_import_unittest.cc b/security/nss/gtests/der_gtest/p12_import_unittest.cc
index 6ffcda348..31020231a 100644
--- a/security/nss/gtests/der_gtest/p12_import_unittest.cc
+++ b/security/nss/gtests/der_gtest/p12_import_unittest.cc
@@ -8,7 +8,7 @@
#include "p12.h"
#include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
namespace nss_test {
diff --git a/security/nss/gtests/freebl_gtest/ecl_unittest.cc b/security/nss/gtests/freebl_gtest/ecl_unittest.cc
index fbad0246f..36074be82 100644
--- a/security/nss/gtests/freebl_gtest/ecl_unittest.cc
+++ b/security/nss/gtests/freebl_gtest/ecl_unittest.cc
@@ -7,7 +7,7 @@
#include <stdint.h>
#include "blapi.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "secerr.h"
namespace nss_test {
diff --git a/security/nss/gtests/freebl_gtest/mpi_unittest.cc b/security/nss/gtests/freebl_gtest/mpi_unittest.cc
index 4fed1a40e..2ccb8c351 100644
--- a/security/nss/gtests/freebl_gtest/mpi_unittest.cc
+++ b/security/nss/gtests/freebl_gtest/mpi_unittest.cc
@@ -15,7 +15,7 @@
#include "mpi.h"
namespace nss_test {
-void gettime(struct timespec *tp) {
+void gettime(struct timespec* tp) {
#ifdef __MACH__
clock_serv_t cclock;
mach_timespec_t mts;
@@ -69,6 +69,39 @@ class MPITest : public ::testing::Test {
mp_clear(&b);
mp_clear(&c);
}
+
+ void dump(const std::string& prefix, const uint8_t* buf, size_t len) {
+ auto flags = std::cerr.flags();
+ std::cerr << prefix << ": [" << std::dec << len << "] ";
+ for (size_t i = 0; i < len; ++i) {
+ std::cerr << std::hex << std::setw(2) << std::setfill('0')
+ << static_cast<int>(buf[i]);
+ }
+ std::cerr << std::endl << std::resetiosflags(flags);
+ }
+
+ void TestToFixedOctets(const std::vector<uint8_t>& ref, size_t len) {
+ mp_int a;
+ ASSERT_EQ(MP_OKAY, mp_init(&a));
+ ASSERT_EQ(MP_OKAY, mp_read_unsigned_octets(&a, ref.data(), ref.size()));
+ uint8_t buf[len];
+ ASSERT_EQ(MP_OKAY, mp_to_fixlen_octets(&a, buf, len));
+ size_t compare;
+ if (len > ref.size()) {
+ for (size_t i = 0; i < len - ref.size(); ++i) {
+ ASSERT_EQ(0U, buf[i]) << "index " << i << " should be zero";
+ }
+ compare = ref.size();
+ } else {
+ compare = len;
+ }
+ dump("value", ref.data(), ref.size());
+ dump("output", buf, len);
+ ASSERT_EQ(0, memcmp(buf + len - compare, ref.data() + ref.size() - compare,
+ compare))
+ << "comparing " << compare << " octets";
+ mp_clear(&a);
+ }
};
TEST_F(MPITest, MpiCmp01Test) { TestCmp("0", "1", -1); }
@@ -113,6 +146,47 @@ TEST_F(MPITest, MpiCmpUnalignedTest) {
}
#endif
+TEST_F(MPITest, MpiFixlenOctetsZero) {
+ std::vector<uint8_t> zero = {0};
+ TestToFixedOctets(zero, 1);
+ TestToFixedOctets(zero, 2);
+ TestToFixedOctets(zero, sizeof(mp_digit));
+ TestToFixedOctets(zero, sizeof(mp_digit) + 1);
+}
+
+TEST_F(MPITest, MpiFixlenOctetsVarlen) {
+ std::vector<uint8_t> packed;
+ for (size_t i = 0; i < sizeof(mp_digit) * 2; ++i) {
+ packed.push_back(0xa4); // Any non-zero value will do.
+ TestToFixedOctets(packed, packed.size());
+ TestToFixedOctets(packed, packed.size() + 1);
+ TestToFixedOctets(packed, packed.size() + sizeof(mp_digit));
+ }
+}
+
+TEST_F(MPITest, MpiFixlenOctetsTooSmall) {
+ uint8_t buf[sizeof(mp_digit) * 3];
+ std::vector<uint8_t> ref;
+ for (size_t i = 0; i < sizeof(mp_digit) * 2; i++) {
+ ref.push_back(3); // Any non-zero value will do.
+ dump("ref", ref.data(), ref.size());
+
+ mp_int a;
+ ASSERT_EQ(MP_OKAY, mp_init(&a));
+ ASSERT_EQ(MP_OKAY, mp_read_unsigned_octets(&a, ref.data(), ref.size()));
+#ifdef DEBUG
+ // ARGCHK maps to assert() in a debug build.
+ EXPECT_DEATH(mp_to_fixlen_octets(&a, buf, ref.size() - 1), "");
+#else
+ EXPECT_EQ(MP_BADARG, mp_to_fixlen_octets(&a, buf, ref.size() - 1));
+#endif
+ ASSERT_EQ(MP_OKAY, mp_to_fixlen_octets(&a, buf, ref.size()));
+ ASSERT_EQ(0, memcmp(buf, ref.data(), ref.size()));
+
+ mp_clear(&a);
+ }
+}
+
// This test is slow. Disable it by default so we can run these tests on CI.
class DISABLED_MPITest : public ::testing::Test {};
@@ -127,17 +201,17 @@ TEST_F(DISABLED_MPITest, MpiCmpConstTest) {
mp_read_radix(
&a,
- const_cast<char *>(
+ const_cast<char*>(
"FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"),
16);
mp_read_radix(
&b,
- const_cast<char *>(
+ const_cast<char*>(
"FF0FFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"),
16);
mp_read_radix(
&c,
- const_cast<char *>(
+ const_cast<char*>(
"FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632550"),
16);
diff --git a/security/nss/gtests/freebl_gtest/rsa_unittest.cc b/security/nss/gtests/freebl_gtest/rsa_unittest.cc
index 5c667a1d1..a1453168f 100644
--- a/security/nss/gtests/freebl_gtest/rsa_unittest.cc
+++ b/security/nss/gtests/freebl_gtest/rsa_unittest.cc
@@ -21,7 +21,7 @@ struct ScopedDelete {
typedef std::unique_ptr<RSAPrivateKey, ScopedDelete<RSAPrivateKey>>
ScopedRSAPrivateKey;
-class RSANewKeyTest : public ::testing::Test {
+class RSATest : public ::testing::Test {
protected:
RSAPrivateKey* CreateKeyWithExponent(int keySizeInBits,
unsigned char publicExponent) {
@@ -34,24 +34,24 @@ class RSANewKeyTest : public ::testing::Test {
}
};
-TEST_F(RSANewKeyTest, expOneTest) {
+TEST_F(RSATest, expOneTest) {
ScopedRSAPrivateKey key(CreateKeyWithExponent(2048, 0x01));
ASSERT_TRUE(key == nullptr);
}
-TEST_F(RSANewKeyTest, expTwoTest) {
+TEST_F(RSATest, expTwoTest) {
ScopedRSAPrivateKey key(CreateKeyWithExponent(2048, 0x02));
ASSERT_TRUE(key == nullptr);
}
-TEST_F(RSANewKeyTest, expFourTest) {
+TEST_F(RSATest, expFourTest) {
ScopedRSAPrivateKey key(CreateKeyWithExponent(2048, 0x04));
ASSERT_TRUE(key == nullptr);
}
-TEST_F(RSANewKeyTest, WrongKeysizeTest) {
+TEST_F(RSATest, WrongKeysizeTest) {
ScopedRSAPrivateKey key(CreateKeyWithExponent(2047, 0x03));
ASSERT_TRUE(key == nullptr);
}
-TEST_F(RSANewKeyTest, expThreeTest) {
+TEST_F(RSATest, expThreeTest) {
ScopedRSAPrivateKey key(CreateKeyWithExponent(2048, 0x03));
#ifdef NSS_FIPS_DISABLED
ASSERT_TRUE(key != nullptr);
@@ -59,3 +59,39 @@ TEST_F(RSANewKeyTest, expThreeTest) {
ASSERT_TRUE(key == nullptr);
#endif
}
+
+TEST_F(RSATest, DecryptBlockTestErrors) {
+ unsigned char pubExp[3] = {0x01, 0x00, 0x01};
+ SECItem exp = {siBuffer, pubExp, 3};
+ ScopedRSAPrivateKey key(RSA_NewKey(2048, &exp));
+ ASSERT_TRUE(key);
+ uint8_t out[10] = {0};
+ uint8_t in_small[100] = {0};
+ unsigned int outputLen = 0;
+ unsigned int maxOutputLen = sizeof(out);
+
+ // This should fail because input the same size as the modulus (256).
+ SECStatus rv = RSA_DecryptBlock(key.get(), out, &outputLen, maxOutputLen,
+ in_small, sizeof(in_small));
+ EXPECT_EQ(SECFailure, rv);
+
+ uint8_t in[256] = {0};
+ // This should fail because the padding checks will fail.
+ rv = RSA_DecryptBlock(key.get(), out, &outputLen, maxOutputLen, in,
+ sizeof(in));
+ EXPECT_EQ(SECFailure, rv);
+ // outputLen should be maxOutputLen.
+ EXPECT_EQ(maxOutputLen, outputLen);
+
+ // This should fail because the padding checks will fail.
+ uint8_t out_long[260] = {0};
+ maxOutputLen = sizeof(out_long);
+ rv = RSA_DecryptBlock(key.get(), out_long, &outputLen, maxOutputLen, in,
+ sizeof(in));
+ EXPECT_EQ(SECFailure, rv);
+ // outputLen should <= 256-11=245.
+ EXPECT_LE(outputLen, 245u);
+ // Everything over 256 must be 0 in the output.
+ uint8_t out_long_test[4] = {0};
+ EXPECT_EQ(0, memcmp(out_long_test, &out_long[256], 4));
+}
diff --git a/security/nss/gtests/google_test/VERSION b/security/nss/gtests/google_test/VERSION
new file mode 100644
index 000000000..bcb751e25
--- /dev/null
+++ b/security/nss/gtests/google_test/VERSION
@@ -0,0 +1,2 @@
+release-1.8.1
+2fe3bd994b3189899d93f1d5a881e725e046fdc2
diff --git a/security/nss/gtests/google_test/gtest/CMakeLists.txt b/security/nss/gtests/google_test/gtest/CMakeLists.txt
index bd78cfe67..9ee79408c 100644
--- a/security/nss/gtests/google_test/gtest/CMakeLists.txt
+++ b/security/nss/gtests/google_test/gtest/CMakeLists.txt
@@ -5,10 +5,6 @@
# ctest. You can select which tests to run using 'ctest -R regex'.
# For more options, run 'ctest --help'.
-# BUILD_SHARED_LIBS is a standard CMake variable, but we declare it here to
-# make it prominent in the GUI.
-option(BUILD_SHARED_LIBS "Build shared libraries (DLLs)." OFF)
-
# When other libraries are using a shared version of runtime libraries,
# Google Test also has to use one.
option(
@@ -22,6 +18,11 @@ option(gtest_build_samples "Build gtest's sample programs." OFF)
option(gtest_disable_pthreads "Disable uses of pthreads in gtest." OFF)
+option(
+ gtest_hide_internal_symbols
+ "Build gtest with internal symbols hidden in shared libraries."
+ OFF)
+
# Defines pre_project_set_up_hermetic_build() and set_up_hermetic_build().
include(cmake/hermetic_build.cmake OPTIONAL)
@@ -39,25 +40,75 @@ endif()
# as ${gtest_SOURCE_DIR} and to the root binary directory as
# ${gtest_BINARY_DIR}.
# Language "C" is required for find_package(Threads).
-project(gtest CXX C)
-cmake_minimum_required(VERSION 2.6.2)
+if (CMAKE_VERSION VERSION_LESS 3.0)
+ project(gtest CXX C)
+else()
+ cmake_policy(SET CMP0048 NEW)
+ project(gtest VERSION ${GOOGLETEST_VERSION} LANGUAGES CXX C)
+endif()
+cmake_minimum_required(VERSION 2.6.4)
+
+if (POLICY CMP0063) # Visibility
+ cmake_policy(SET CMP0063 NEW)
+endif (POLICY CMP0063)
if (COMMAND set_up_hermetic_build)
set_up_hermetic_build()
endif()
+# These commands only run if this is the main project
+if(CMAKE_PROJECT_NAME STREQUAL "gtest" OR CMAKE_PROJECT_NAME STREQUAL "googletest-distribution")
+
+ # BUILD_SHARED_LIBS is a standard CMake variable, but we declare it here to
+ # make it prominent in the GUI.
+ option(BUILD_SHARED_LIBS "Build shared libraries (DLLs)." OFF)
+
+else()
+
+ mark_as_advanced(
+ gtest_force_shared_crt
+ gtest_build_tests
+ gtest_build_samples
+ gtest_disable_pthreads
+ gtest_hide_internal_symbols)
+
+endif()
+
+
+if (gtest_hide_internal_symbols)
+ set(CMAKE_CXX_VISIBILITY_PRESET hidden)
+ set(CMAKE_VISIBILITY_INLINES_HIDDEN 1)
+endif()
+
# Define helper functions and macros used by Google Test.
include(cmake/internal_utils.cmake)
config_compiler_and_linker() # Defined in internal_utils.cmake.
-# Where Google Test's .h files can be found.
-include_directories(
- ${gtest_SOURCE_DIR}/include
- ${gtest_SOURCE_DIR})
+# Create the CMake package file descriptors.
+if (INSTALL_GTEST)
+ include(CMakePackageConfigHelpers)
+ set(cmake_package_name GTest)
+ set(targets_export_name ${cmake_package_name}Targets CACHE INTERNAL "")
+ set(generated_dir "${CMAKE_CURRENT_BINARY_DIR}/generated" CACHE INTERNAL "")
+ set(cmake_files_install_dir "${CMAKE_INSTALL_LIBDIR}/cmake/${cmake_package_name}")
+ set(version_file "${generated_dir}/${cmake_package_name}ConfigVersion.cmake")
+ write_basic_package_version_file(${version_file} COMPATIBILITY AnyNewerVersion)
+ install(EXPORT ${targets_export_name}
+ NAMESPACE ${cmake_package_name}::
+ DESTINATION ${cmake_files_install_dir})
+ set(config_file "${generated_dir}/${cmake_package_name}Config.cmake")
+ configure_package_config_file("${gtest_SOURCE_DIR}/cmake/Config.cmake.in"
+ "${config_file}" INSTALL_DESTINATION ${cmake_files_install_dir})
+ install(FILES ${version_file} ${config_file}
+ DESTINATION ${cmake_files_install_dir})
+endif()
-# Where Google Test's libraries can be found.
-link_directories(${gtest_BINARY_DIR}/src)
+# Where Google Test's .h files can be found.
+set(gtest_build_include_dirs
+ "${gtest_SOURCE_DIR}/include"
+ "${gtest_SOURCE_DIR}")
+include_directories(${gtest_build_include_dirs})
# Summary of tuple support for Microsoft Visual Studio:
# Compiler version(MS) version(cmake) Support
@@ -65,6 +116,8 @@ link_directories(${gtest_BINARY_DIR}/src)
# <= VS 2010 <= 10 <= 1600 Use Google Tests's own tuple.
# VS 2012 11 1700 std::tr1::tuple + _VARIADIC_MAX=10
# VS 2013 12 1800 std::tr1::tuple
+# VS 2015 14 1900 std::tuple
+# VS 2017 15 >= 1910 std::tuple
if (MSVC AND MSVC_VERSION EQUAL 1700)
add_definitions(/D _VARIADIC_MAX=10)
endif()
@@ -79,7 +132,23 @@ endif()
# aggressive about warnings.
cxx_library(gtest "${cxx_strict}" src/gtest-all.cc)
cxx_library(gtest_main "${cxx_strict}" src/gtest_main.cc)
-target_link_libraries(gtest_main gtest)
+# If the CMake version supports it, attach header directory information
+# to the targets for when we are part of a parent build (ie being pulled
+# in via add_subdirectory() rather than being a standalone build).
+if (DEFINED CMAKE_VERSION AND NOT "${CMAKE_VERSION}" VERSION_LESS "2.8.11")
+ target_include_directories(gtest SYSTEM INTERFACE
+ "$<BUILD_INTERFACE:${gtest_build_include_dirs}>"
+ "$<INSTALL_INTERFACE:$<INSTALL_PREFIX>/${CMAKE_INSTALL_INCLUDEDIR}>")
+ target_include_directories(gtest_main SYSTEM INTERFACE
+ "$<BUILD_INTERFACE:${gtest_build_include_dirs}>"
+ "$<INSTALL_INTERFACE:$<INSTALL_PREFIX>/${CMAKE_INSTALL_INCLUDEDIR}>")
+endif()
+target_link_libraries(gtest_main PUBLIC gtest)
+
+########################################################################
+#
+# Install rules
+install_project(gtest gtest_main)
########################################################################
#
@@ -121,28 +190,28 @@ if (gtest_build_tests)
############################################################
# C++ tests built with standard compiler flags.
- cxx_test(gtest-death-test_test gtest_main)
+ cxx_test(googletest-death-test-test gtest_main)
cxx_test(gtest_environment_test gtest)
- cxx_test(gtest-filepath_test gtest_main)
- cxx_test(gtest-linked_ptr_test gtest_main)
- cxx_test(gtest-listener_test gtest_main)
+ cxx_test(googletest-filepath-test gtest_main)
+ cxx_test(googletest-linked-ptr-test gtest_main)
+ cxx_test(googletest-listener-test gtest_main)
cxx_test(gtest_main_unittest gtest_main)
- cxx_test(gtest-message_test gtest_main)
+ cxx_test(googletest-message-test gtest_main)
cxx_test(gtest_no_test_unittest gtest)
- cxx_test(gtest-options_test gtest_main)
- cxx_test(gtest-param-test_test gtest
- test/gtest-param-test2_test.cc)
- cxx_test(gtest-port_test gtest_main)
+ cxx_test(googletest-options-test gtest_main)
+ cxx_test(googletest-param-test-test gtest
+ test/googletest-param-test2-test.cc)
+ cxx_test(googletest-port-test gtest_main)
cxx_test(gtest_pred_impl_unittest gtest_main)
cxx_test(gtest_premature_exit_test gtest
test/gtest_premature_exit_test.cc)
- cxx_test(gtest-printers_test gtest_main)
+ cxx_test(googletest-printers-test gtest_main)
cxx_test(gtest_prod_test gtest_main
test/production.cc)
cxx_test(gtest_repeat_test gtest)
cxx_test(gtest_sole_header_test gtest_main)
cxx_test(gtest_stress_test gtest)
- cxx_test(gtest-test-part_test gtest_main)
+ cxx_test(googletest-test-part-test gtest_main)
cxx_test(gtest_throw_on_failure_ex_test gtest)
cxx_test(gtest-typed-test_test gtest_main
test/gtest-typed-test2_test.cc)
@@ -164,10 +233,10 @@ if (gtest_build_tests)
cxx_test_with_flags(gtest-death-test_ex_nocatch_test
"${cxx_exception} -DGTEST_ENABLE_CATCH_EXCEPTIONS_=0"
- gtest test/gtest-death-test_ex_test.cc)
+ gtest test/googletest-death-test_ex_test.cc)
cxx_test_with_flags(gtest-death-test_ex_catch_test
"${cxx_exception} -DGTEST_ENABLE_CATCH_EXCEPTIONS_=1"
- gtest test/gtest-death-test_ex_test.cc)
+ gtest test/googletest-death-test_ex_test.cc)
cxx_test_with_flags(gtest_no_rtti_unittest "${cxx_no_rtti}"
gtest_main_no_rtti test/gtest_unittest.cc)
@@ -188,73 +257,75 @@ if (gtest_build_tests)
cxx_library(gtest_main_use_own_tuple "${cxx_use_own_tuple}"
src/gtest-all.cc src/gtest_main.cc)
- cxx_test_with_flags(gtest-tuple_test "${cxx_use_own_tuple}"
- gtest_main_use_own_tuple test/gtest-tuple_test.cc)
+ cxx_test_with_flags(googletest-tuple-test "${cxx_use_own_tuple}"
+ gtest_main_use_own_tuple test/googletest-tuple-test.cc)
cxx_test_with_flags(gtest_use_own_tuple_test "${cxx_use_own_tuple}"
gtest_main_use_own_tuple
- test/gtest-param-test_test.cc test/gtest-param-test2_test.cc)
+ test/googletest-param-test-test.cc test/googletest-param-test2-test.cc)
endif()
############################################################
# Python tests.
- cxx_executable(gtest_break_on_failure_unittest_ test gtest)
- py_test(gtest_break_on_failure_unittest)
+ cxx_executable(googletest-break-on-failure-unittest_ test gtest)
+ py_test(googletest-break-on-failure-unittest)
# Visual Studio .NET 2003 does not support STL with exceptions disabled.
if (NOT MSVC OR MSVC_VERSION GREATER 1310) # 1310 is Visual Studio .NET 2003
cxx_executable_with_flags(
- gtest_catch_exceptions_no_ex_test_
+ googletest-catch-exceptions-no-ex-test_
"${cxx_no_exception}"
gtest_main_no_exception
- test/gtest_catch_exceptions_test_.cc)
+ test/googletest-catch-exceptions-test_.cc)
endif()
cxx_executable_with_flags(
- gtest_catch_exceptions_ex_test_
+ googletest-catch-exceptions-ex-test_
"${cxx_exception}"
gtest_main
- test/gtest_catch_exceptions_test_.cc)
- py_test(gtest_catch_exceptions_test)
+ test/googletest-catch-exceptions-test_.cc)
+ py_test(googletest-catch-exceptions-test)
- cxx_executable(gtest_color_test_ test gtest)
- py_test(gtest_color_test)
+ cxx_executable(googletest-color-test_ test gtest)
+ py_test(googletest-color-test)
- cxx_executable(gtest_env_var_test_ test gtest)
- py_test(gtest_env_var_test)
+ cxx_executable(googletest-env-var-test_ test gtest)
+ py_test(googletest-env-var-test)
- cxx_executable(gtest_filter_unittest_ test gtest)
- py_test(gtest_filter_unittest)
+ cxx_executable(googletest-filter-unittest_ test gtest)
+ py_test(googletest-filter-unittest)
cxx_executable(gtest_help_test_ test gtest_main)
py_test(gtest_help_test)
- cxx_executable(gtest_list_tests_unittest_ test gtest)
- py_test(gtest_list_tests_unittest)
+ cxx_executable(googletest-list-tests-unittest_ test gtest)
+ py_test(googletest-list-tests-unittest)
- cxx_executable(gtest_output_test_ test gtest)
- py_test(gtest_output_test)
+ cxx_executable(googletest-output-test_ test gtest)
+ py_test(googletest-output-test --no_stacktrace_support)
- cxx_executable(gtest_shuffle_test_ test gtest)
- py_test(gtest_shuffle_test)
+ cxx_executable(googletest-shuffle-test_ test gtest)
+ py_test(googletest-shuffle-test)
# MSVC 7.1 does not support STL with exceptions disabled.
if (NOT MSVC OR MSVC_VERSION GREATER 1310)
- cxx_executable(gtest_throw_on_failure_test_ test gtest_no_exception)
- set_target_properties(gtest_throw_on_failure_test_
+ cxx_executable(googletest-throw-on-failure-test_ test gtest_no_exception)
+ set_target_properties(googletest-throw-on-failure-test_
PROPERTIES
COMPILE_FLAGS "${cxx_no_exception}")
- py_test(gtest_throw_on_failure_test)
+ py_test(googletest-throw-on-failure-test)
endif()
- cxx_executable(gtest_uninitialized_test_ test gtest)
- py_test(gtest_uninitialized_test)
+ cxx_executable(googletest-uninitialized-test_ test gtest)
+ py_test(googletest-uninitialized-test)
cxx_executable(gtest_xml_outfile1_test_ test gtest_main)
cxx_executable(gtest_xml_outfile2_test_ test gtest_main)
py_test(gtest_xml_outfiles_test)
+ py_test(googletest-json-outfiles-test)
cxx_executable(gtest_xml_output_unittest_ test gtest)
- py_test(gtest_xml_output_unittest)
+ py_test(gtest_xml_output_unittest --no_stacktrace_support)
+ py_test(googletest-json-output-unittest --no_stacktrace_support)
endif()
diff --git a/security/nss/gtests/google_test/gtest/Makefile.am b/security/nss/gtests/google_test/gtest/Makefile.am
index 9c96b4257..b44c8416b 100644
--- a/security/nss/gtests/google_test/gtest/Makefile.am
+++ b/security/nss/gtests/google_test/gtest/Makefile.am
@@ -34,6 +34,7 @@ EXTRA_DIST += $(GTEST_SRC)
# Sample files that we don't compile.
EXTRA_DIST += \
samples/prime_tables.h \
+ samples/sample1_unittest.cc \
samples/sample2_unittest.cc \
samples/sample3_unittest.cc \
samples/sample4_unittest.cc \
@@ -52,40 +53,40 @@ EXTRA_DIST += \
test/gtest-listener_test.cc \
test/gtest-message_test.cc \
test/gtest-options_test.cc \
- test/gtest-param-test2_test.cc \
- test/gtest-param-test2_test.cc \
- test/gtest-param-test_test.cc \
- test/gtest-param-test_test.cc \
+ test/googletest-param-test2-test.cc \
+ test/googletest-param-test2-test.cc \
+ test/googletest-param-test-test.cc \
+ test/googletest-param-test-test.cc \
test/gtest-param-test_test.h \
test/gtest-port_test.cc \
test/gtest_premature_exit_test.cc \
test/gtest-printers_test.cc \
test/gtest-test-part_test.cc \
- test/gtest-tuple_test.cc \
+ test/googletest-tuple-test.cc \
test/gtest-typed-test2_test.cc \
test/gtest-typed-test_test.cc \
test/gtest-typed-test_test.h \
test/gtest-unittest-api_test.cc \
- test/gtest_break_on_failure_unittest_.cc \
- test/gtest_catch_exceptions_test_.cc \
- test/gtest_color_test_.cc \
- test/gtest_env_var_test_.cc \
+ test/googletest-break-on-failure-unittest_.cc \
+ test/googletest-catch-exceptions-test_.cc \
+ test/googletest-color-test_.cc \
+ test/googletest-env-var-test_.cc \
test/gtest_environment_test.cc \
- test/gtest_filter_unittest_.cc \
+ test/googletest-filter-unittest_.cc \
test/gtest_help_test_.cc \
- test/gtest_list_tests_unittest_.cc \
+ test/googletest-list-tests-unittest_.cc \
test/gtest_main_unittest.cc \
test/gtest_no_test_unittest.cc \
- test/gtest_output_test_.cc \
+ test/googletest-output-test_.cc \
test/gtest_pred_impl_unittest.cc \
test/gtest_prod_test.cc \
test/gtest_repeat_test.cc \
- test/gtest_shuffle_test_.cc \
+ test/googletest-shuffle-test_.cc \
test/gtest_sole_header_test.cc \
test/gtest_stress_test.cc \
test/gtest_throw_on_failure_ex_test.cc \
- test/gtest_throw_on_failure_test_.cc \
- test/gtest_uninitialized_test_.cc \
+ test/googletest-throw-on-failure-test_.cc \
+ test/googletest-uninitialized-test_.cc \
test/gtest_unittest.cc \
test/gtest_unittest.cc \
test/gtest_xml_outfile1_test_.cc \
@@ -96,19 +97,19 @@ EXTRA_DIST += \
# Python tests that we don't run.
EXTRA_DIST += \
- test/gtest_break_on_failure_unittest.py \
- test/gtest_catch_exceptions_test.py \
- test/gtest_color_test.py \
- test/gtest_env_var_test.py \
- test/gtest_filter_unittest.py \
+ test/googletest-break-on-failure-unittest.py \
+ test/googletest-catch-exceptions-test.py \
+ test/googletest-color-test.py \
+ test/googletest-env-var-test.py \
+ test/googletest-filter-unittest.py \
test/gtest_help_test.py \
- test/gtest_list_tests_unittest.py \
- test/gtest_output_test.py \
- test/gtest_output_test_golden_lin.txt \
- test/gtest_shuffle_test.py \
+ test/googletest-list-tests-unittest.py \
+ test/googletest-output-test.py \
+ test/googletest-output-test_golden_lin.txt \
+ test/googletest-shuffle-test.py \
test/gtest_test_utils.py \
- test/gtest_throw_on_failure_test.py \
- test/gtest_uninitialized_test.py \
+ test/googletest-throw-on-failure-test.py \
+ test/googletest-uninitialized-test.py \
test/gtest_xml_outfiles_test.py \
test/gtest_xml_output_unittest.py \
test/gtest_xml_test_utils.py
@@ -120,16 +121,16 @@ EXTRA_DIST += \
# MSVC project files
EXTRA_DIST += \
- msvc/gtest-md.sln \
- msvc/gtest-md.vcproj \
- msvc/gtest.sln \
- msvc/gtest.vcproj \
- msvc/gtest_main-md.vcproj \
- msvc/gtest_main.vcproj \
- msvc/gtest_prod_test-md.vcproj \
- msvc/gtest_prod_test.vcproj \
- msvc/gtest_unittest-md.vcproj \
- msvc/gtest_unittest.vcproj
+ msvc/2010/gtest-md.sln \
+ msvc/2010/gtest-md.vcxproj \
+ msvc/2010/gtest.sln \
+ msvc/2010/gtest.vcxproj \
+ msvc/2010/gtest_main-md.vcxproj \
+ msvc/2010/gtest_main.vcxproj \
+ msvc/2010/gtest_prod_test-md.vcxproj \
+ msvc/2010/gtest_prod_test.vcxproj \
+ msvc/2010/gtest_unittest-md.vcxproj \
+ msvc/2010/gtest_unittest.vcxproj
# xcode project files
EXTRA_DIST += \
@@ -205,47 +206,79 @@ pkginclude_internal_HEADERS = \
include/gtest/internal/gtest-param-util-generated.h \
include/gtest/internal/gtest-param-util.h \
include/gtest/internal/gtest-port.h \
+ include/gtest/internal/gtest-port-arch.h \
include/gtest/internal/gtest-string.h \
include/gtest/internal/gtest-tuple.h \
- include/gtest/internal/gtest-type-util.h
+ include/gtest/internal/gtest-type-util.h \
+ include/gtest/internal/custom/gtest.h \
+ include/gtest/internal/custom/gtest-port.h \
+ include/gtest/internal/custom/gtest-printers.h
lib_libgtest_main_la_SOURCES = src/gtest_main.cc
lib_libgtest_main_la_LIBADD = lib/libgtest.la
-# Bulid rules for samples and tests. Automake's naming for some of
+# Build rules for samples and tests. Automake's naming for some of
# these variables isn't terribly obvious, so this is a brief
# reference:
#
# TESTS -- Programs run automatically by "make check"
# check_PROGRAMS -- Programs built by "make check" but not necessarily run
-noinst_LTLIBRARIES = samples/libsamples.la
-
-samples_libsamples_la_SOURCES = \
- samples/sample1.cc \
- samples/sample1.h \
- samples/sample2.cc \
- samples/sample2.h \
- samples/sample3-inl.h \
- samples/sample4.cc \
- samples/sample4.h
-
TESTS=
TESTS_ENVIRONMENT = GTEST_SOURCE_DIR="$(srcdir)/test" \
GTEST_BUILD_DIR="$(top_builddir)/test"
check_PROGRAMS=
# A simple sample on using gtest.
-TESTS += samples/sample1_unittest
-check_PROGRAMS += samples/sample1_unittest
-samples_sample1_unittest_SOURCES = samples/sample1_unittest.cc
+TESTS += samples/sample1_unittest \
+ samples/sample2_unittest \
+ samples/sample3_unittest \
+ samples/sample4_unittest \
+ samples/sample5_unittest \
+ samples/sample6_unittest \
+ samples/sample7_unittest \
+ samples/sample8_unittest \
+ samples/sample9_unittest \
+ samples/sample10_unittest
+check_PROGRAMS += samples/sample1_unittest \
+ samples/sample2_unittest \
+ samples/sample3_unittest \
+ samples/sample4_unittest \
+ samples/sample5_unittest \
+ samples/sample6_unittest \
+ samples/sample7_unittest \
+ samples/sample8_unittest \
+ samples/sample9_unittest \
+ samples/sample10_unittest
+
+samples_sample1_unittest_SOURCES = samples/sample1_unittest.cc samples/sample1.cc
samples_sample1_unittest_LDADD = lib/libgtest_main.la \
- lib/libgtest.la \
- samples/libsamples.la
-
-# Another sample. It also verifies that libgtest works.
-TESTS += samples/sample10_unittest
-check_PROGRAMS += samples/sample10_unittest
+ lib/libgtest.la
+samples_sample2_unittest_SOURCES = samples/sample2_unittest.cc samples/sample2.cc
+samples_sample2_unittest_LDADD = lib/libgtest_main.la \
+ lib/libgtest.la
+samples_sample3_unittest_SOURCES = samples/sample3_unittest.cc
+samples_sample3_unittest_LDADD = lib/libgtest_main.la \
+ lib/libgtest.la
+samples_sample4_unittest_SOURCES = samples/sample4_unittest.cc samples/sample4.cc
+samples_sample4_unittest_LDADD = lib/libgtest_main.la \
+ lib/libgtest.la
+samples_sample5_unittest_SOURCES = samples/sample5_unittest.cc samples/sample1.cc
+samples_sample5_unittest_LDADD = lib/libgtest_main.la \
+ lib/libgtest.la
+samples_sample6_unittest_SOURCES = samples/sample6_unittest.cc
+samples_sample6_unittest_LDADD = lib/libgtest_main.la \
+ lib/libgtest.la
+samples_sample7_unittest_SOURCES = samples/sample7_unittest.cc
+samples_sample7_unittest_LDADD = lib/libgtest_main.la \
+ lib/libgtest.la
+samples_sample8_unittest_SOURCES = samples/sample8_unittest.cc
+samples_sample8_unittest_LDADD = lib/libgtest_main.la \
+ lib/libgtest.la
+
+# Also verify that libgtest works by itself.
+samples_sample9_unittest_SOURCES = samples/sample9_unittest.cc
+samples_sample9_unittest_LDADD = lib/libgtest.la
samples_sample10_unittest_SOURCES = samples/sample10_unittest.cc
samples_sample10_unittest_LDADD = lib/libgtest.la
diff --git a/security/nss/gtests/google_test/gtest/README b/security/nss/gtests/google_test/gtest/README
deleted file mode 100644
index 404bf3b83..000000000
--- a/security/nss/gtests/google_test/gtest/README
+++ /dev/null
@@ -1,435 +0,0 @@
-Google C++ Testing Framework
-============================
-
-http://code.google.com/p/googletest/
-
-Overview
---------
-
-Google's framework for writing C++ tests on a variety of platforms
-(Linux, Mac OS X, Windows, Windows CE, Symbian, etc). Based on the
-xUnit architecture. Supports automatic test discovery, a rich set of
-assertions, user-defined assertions, death tests, fatal and non-fatal
-failures, various options for running the tests, and XML test report
-generation.
-
-Please see the project page above for more information as well as the
-mailing list for questions, discussions, and development. There is
-also an IRC channel on OFTC (irc.oftc.net) #gtest available. Please
-join us!
-
-Requirements for End Users
---------------------------
-
-Google Test is designed to have fairly minimal requirements to build
-and use with your projects, but there are some. Currently, we support
-Linux, Windows, Mac OS X, and Cygwin. We will also make our best
-effort to support other platforms (e.g. Solaris, AIX, and z/OS).
-However, since core members of the Google Test project have no access
-to these platforms, Google Test may have outstanding issues there. If
-you notice any problems on your platform, please notify
-googletestframework@googlegroups.com. Patches for fixing them are
-even more welcome!
-
-### Linux Requirements ###
-
-These are the base requirements to build and use Google Test from a source
-package (as described below):
- * GNU-compatible Make or gmake
- * POSIX-standard shell
- * POSIX(-2) Regular Expressions (regex.h)
- * A C++98-standard-compliant compiler
-
-### Windows Requirements ###
-
- * Microsoft Visual C++ 7.1 or newer
-
-### Cygwin Requirements ###
-
- * Cygwin 1.5.25-14 or newer
-
-### Mac OS X Requirements ###
-
- * Mac OS X 10.4 Tiger or newer
- * Developer Tools Installed
-
-Also, you'll need CMake 2.6.4 or higher if you want to build the
-samples using the provided CMake script, regardless of the platform.
-
-Requirements for Contributors
------------------------------
-
-We welcome patches. If you plan to contribute a patch, you need to
-build Google Test and its own tests from an SVN checkout (described
-below), which has further requirements:
-
- * Python version 2.3 or newer (for running some of the tests and
- re-generating certain source files from templates)
- * CMake 2.6.4 or newer
-
-Getting the Source
-------------------
-
-There are two primary ways of getting Google Test's source code: you
-can download a stable source release in your preferred archive format,
-or directly check out the source from our Subversion (SVN) repository.
-The SVN checkout requires a few extra steps and some extra software
-packages on your system, but lets you track the latest development and
-make patches much more easily, so we highly encourage it.
-
-### Source Package ###
-
-Google Test is released in versioned source packages which can be
-downloaded from the download page [1]. Several different archive
-formats are provided, but the only difference is the tools used to
-manipulate them, and the size of the resulting file. Download
-whichever you are most comfortable with.
-
- [1] http://code.google.com/p/googletest/downloads/list
-
-Once the package is downloaded, expand it using whichever tools you
-prefer for that type. This will result in a new directory with the
-name "gtest-X.Y.Z" which contains all of the source code. Here are
-some examples on Linux:
-
- tar -xvzf gtest-X.Y.Z.tar.gz
- tar -xvjf gtest-X.Y.Z.tar.bz2
- unzip gtest-X.Y.Z.zip
-
-### SVN Checkout ###
-
-To check out the main branch (also known as the "trunk") of Google
-Test, run the following Subversion command:
-
- svn checkout http://googletest.googlecode.com/svn/trunk/ gtest-svn
-
-Setting up the Build
---------------------
-
-To build Google Test and your tests that use it, you need to tell your
-build system where to find its headers and source files. The exact
-way to do it depends on which build system you use, and is usually
-straightforward.
-
-### Generic Build Instructions ###
-
-Suppose you put Google Test in directory ${GTEST_DIR}. To build it,
-create a library build target (or a project as called by Visual Studio
-and Xcode) to compile
-
- ${GTEST_DIR}/src/gtest-all.cc
-
-with ${GTEST_DIR}/include in the system header search path and ${GTEST_DIR}
-in the normal header search path. Assuming a Linux-like system and gcc,
-something like the following will do:
-
- g++ -isystem ${GTEST_DIR}/include -I${GTEST_DIR} \
- -pthread -c ${GTEST_DIR}/src/gtest-all.cc
- ar -rv libgtest.a gtest-all.o
-
-(We need -pthread as Google Test uses threads.)
-
-Next, you should compile your test source file with
-${GTEST_DIR}/include in the system header search path, and link it
-with gtest and any other necessary libraries:
-
- g++ -isystem ${GTEST_DIR}/include -pthread path/to/your_test.cc libgtest.a \
- -o your_test
-
-As an example, the make/ directory contains a Makefile that you can
-use to build Google Test on systems where GNU make is available
-(e.g. Linux, Mac OS X, and Cygwin). It doesn't try to build Google
-Test's own tests. Instead, it just builds the Google Test library and
-a sample test. You can use it as a starting point for your own build
-script.
-
-If the default settings are correct for your environment, the
-following commands should succeed:
-
- cd ${GTEST_DIR}/make
- make
- ./sample1_unittest
-
-If you see errors, try to tweak the contents of make/Makefile to make
-them go away. There are instructions in make/Makefile on how to do
-it.
-
-### Using CMake ###
-
-Google Test comes with a CMake build script (CMakeLists.txt) that can
-be used on a wide range of platforms ("C" stands for cross-platform.).
-If you don't have CMake installed already, you can download it for
-free from http://www.cmake.org/.
-
-CMake works by generating native makefiles or build projects that can
-be used in the compiler environment of your choice. The typical
-workflow starts with:
-
- mkdir mybuild # Create a directory to hold the build output.
- cd mybuild
- cmake ${GTEST_DIR} # Generate native build scripts.
-
-If you want to build Google Test's samples, you should replace the
-last command with
-
- cmake -Dgtest_build_samples=ON ${GTEST_DIR}
-
-If you are on a *nix system, you should now see a Makefile in the
-current directory. Just type 'make' to build gtest.
-
-If you use Windows and have Visual Studio installed, a gtest.sln file
-and several .vcproj files will be created. You can then build them
-using Visual Studio.
-
-On Mac OS X with Xcode installed, a .xcodeproj file will be generated.
-
-### Legacy Build Scripts ###
-
-Before settling on CMake, we have been providing hand-maintained build
-projects/scripts for Visual Studio, Xcode, and Autotools. While we
-continue to provide them for convenience, they are not actively
-maintained any more. We highly recommend that you follow the
-instructions in the previous two sections to integrate Google Test
-with your existing build system.
-
-If you still need to use the legacy build scripts, here's how:
-
-The msvc\ folder contains two solutions with Visual C++ projects.
-Open the gtest.sln or gtest-md.sln file using Visual Studio, and you
-are ready to build Google Test the same way you build any Visual
-Studio project. Files that have names ending with -md use DLL
-versions of Microsoft runtime libraries (the /MD or the /MDd compiler
-option). Files without that suffix use static versions of the runtime
-libraries (the /MT or the /MTd option). Please note that one must use
-the same option to compile both gtest and the test code. If you use
-Visual Studio 2005 or above, we recommend the -md version as /MD is
-the default for new projects in these versions of Visual Studio.
-
-On Mac OS X, open the gtest.xcodeproj in the xcode/ folder using
-Xcode. Build the "gtest" target. The universal binary framework will
-end up in your selected build directory (selected in the Xcode
-"Preferences..." -> "Building" pane and defaults to xcode/build).
-Alternatively, at the command line, enter:
-
- xcodebuild
-
-This will build the "Release" configuration of gtest.framework in your
-default build location. See the "xcodebuild" man page for more
-information about building different configurations and building in
-different locations.
-
-If you wish to use the Google Test Xcode project with Xcode 4.x and
-above, you need to either:
- * update the SDK configuration options in xcode/Config/General.xconfig.
- Comment options SDKROOT, MACOS_DEPLOYMENT_TARGET, and GCC_VERSION. If
- you choose this route you lose the ability to target earlier versions
- of MacOS X.
- * Install an SDK for an earlier version. This doesn't appear to be
- supported by Apple, but has been reported to work
- (http://stackoverflow.com/questions/5378518).
-
-Tweaking Google Test
---------------------
-
-Google Test can be used in diverse environments. The default
-configuration may not work (or may not work well) out of the box in
-some environments. However, you can easily tweak Google Test by
-defining control macros on the compiler command line. Generally,
-these macros are named like GTEST_XYZ and you define them to either 1
-or 0 to enable or disable a certain feature.
-
-We list the most frequently used macros below. For a complete list,
-see file include/gtest/internal/gtest-port.h.
-
-### Choosing a TR1 Tuple Library ###
-
-Some Google Test features require the C++ Technical Report 1 (TR1)
-tuple library, which is not yet available with all compilers. The
-good news is that Google Test implements a subset of TR1 tuple that's
-enough for its own need, and will automatically use this when the
-compiler doesn't provide TR1 tuple.
-
-Usually you don't need to care about which tuple library Google Test
-uses. However, if your project already uses TR1 tuple, you need to
-tell Google Test to use the same TR1 tuple library the rest of your
-project uses, or the two tuple implementations will clash. To do
-that, add
-
- -DGTEST_USE_OWN_TR1_TUPLE=0
-
-to the compiler flags while compiling Google Test and your tests. If
-you want to force Google Test to use its own tuple library, just add
-
- -DGTEST_USE_OWN_TR1_TUPLE=1
-
-to the compiler flags instead.
-
-If you don't want Google Test to use tuple at all, add
-
- -DGTEST_HAS_TR1_TUPLE=0
-
-and all features using tuple will be disabled.
-
-### Multi-threaded Tests ###
-
-Google Test is thread-safe where the pthread library is available.
-After #include "gtest/gtest.h", you can check the GTEST_IS_THREADSAFE
-macro to see whether this is the case (yes if the macro is #defined to
-1, no if it's undefined.).
-
-If Google Test doesn't correctly detect whether pthread is available
-in your environment, you can force it with
-
- -DGTEST_HAS_PTHREAD=1
-
-or
-
- -DGTEST_HAS_PTHREAD=0
-
-When Google Test uses pthread, you may need to add flags to your
-compiler and/or linker to select the pthread library, or you'll get
-link errors. If you use the CMake script or the deprecated Autotools
-script, this is taken care of for you. If you use your own build
-script, you'll need to read your compiler and linker's manual to
-figure out what flags to add.
-
-### As a Shared Library (DLL) ###
-
-Google Test is compact, so most users can build and link it as a
-static library for the simplicity. You can choose to use Google Test
-as a shared library (known as a DLL on Windows) if you prefer.
-
-To compile *gtest* as a shared library, add
-
- -DGTEST_CREATE_SHARED_LIBRARY=1
-
-to the compiler flags. You'll also need to tell the linker to produce
-a shared library instead - consult your linker's manual for how to do
-it.
-
-To compile your *tests* that use the gtest shared library, add
-
- -DGTEST_LINKED_AS_SHARED_LIBRARY=1
-
-to the compiler flags.
-
-Note: while the above steps aren't technically necessary today when
-using some compilers (e.g. GCC), they may become necessary in the
-future, if we decide to improve the speed of loading the library (see
-http://gcc.gnu.org/wiki/Visibility for details). Therefore you are
-recommended to always add the above flags when using Google Test as a
-shared library. Otherwise a future release of Google Test may break
-your build script.
-
-### Avoiding Macro Name Clashes ###
-
-In C++, macros don't obey namespaces. Therefore two libraries that
-both define a macro of the same name will clash if you #include both
-definitions. In case a Google Test macro clashes with another
-library, you can force Google Test to rename its macro to avoid the
-conflict.
-
-Specifically, if both Google Test and some other code define macro
-FOO, you can add
-
- -DGTEST_DONT_DEFINE_FOO=1
-
-to the compiler flags to tell Google Test to change the macro's name
-from FOO to GTEST_FOO. Currently FOO can be FAIL, SUCCEED, or TEST.
-For example, with -DGTEST_DONT_DEFINE_TEST=1, you'll need to write
-
- GTEST_TEST(SomeTest, DoesThis) { ... }
-
-instead of
-
- TEST(SomeTest, DoesThis) { ... }
-
-in order to define a test.
-
-Upgrating from an Earlier Version
----------------------------------
-
-We strive to keep Google Test releases backward compatible.
-Sometimes, though, we have to make some breaking changes for the
-users' long-term benefits. This section describes what you'll need to
-do if you are upgrading from an earlier version of Google Test.
-
-### Upgrading from 1.3.0 or Earlier ###
-
-You may need to explicitly enable or disable Google Test's own TR1
-tuple library. See the instructions in section "Choosing a TR1 Tuple
-Library".
-
-### Upgrading from 1.4.0 or Earlier ###
-
-The Autotools build script (configure + make) is no longer officially
-supportted. You are encouraged to migrate to your own build system or
-use CMake. If you still need to use Autotools, you can find
-instructions in the README file from Google Test 1.4.0.
-
-On platforms where the pthread library is available, Google Test uses
-it in order to be thread-safe. See the "Multi-threaded Tests" section
-for what this means to your build script.
-
-If you use Microsoft Visual C++ 7.1 with exceptions disabled, Google
-Test will no longer compile. This should affect very few people, as a
-large portion of STL (including <string>) doesn't compile in this mode
-anyway. We decided to stop supporting it in order to greatly simplify
-Google Test's implementation.
-
-Developing Google Test
-----------------------
-
-This section discusses how to make your own changes to Google Test.
-
-### Testing Google Test Itself ###
-
-To make sure your changes work as intended and don't break existing
-functionality, you'll want to compile and run Google Test's own tests.
-For that you can use CMake:
-
- mkdir mybuild
- cd mybuild
- cmake -Dgtest_build_tests=ON ${GTEST_DIR}
-
-Make sure you have Python installed, as some of Google Test's tests
-are written in Python. If the cmake command complains about not being
-able to find Python ("Could NOT find PythonInterp (missing:
-PYTHON_EXECUTABLE)"), try telling it explicitly where your Python
-executable can be found:
-
- cmake -DPYTHON_EXECUTABLE=path/to/python -Dgtest_build_tests=ON ${GTEST_DIR}
-
-Next, you can build Google Test and all of its own tests. On *nix,
-this is usually done by 'make'. To run the tests, do
-
- make test
-
-All tests should pass.
-
-### Regenerating Source Files ###
-
-Some of Google Test's source files are generated from templates (not
-in the C++ sense) using a script. A template file is named FOO.pump,
-where FOO is the name of the file it will generate. For example, the
-file include/gtest/internal/gtest-type-util.h.pump is used to generate
-gtest-type-util.h in the same directory.
-
-Normally you don't need to worry about regenerating the source files,
-unless you need to modify them. In that case, you should modify the
-corresponding .pump files instead and run the pump.py Python script to
-regenerate them. You can find pump.py in the scripts/ directory.
-Read the Pump manual [2] for how to use it.
-
- [2] http://code.google.com/p/googletest/wiki/PumpManual
-
-### Contributing a Patch ###
-
-We welcome patches. Please read the Google Test developer's guide [3]
-for how you can contribute. In particular, make sure you have signed
-the Contributor License Agreement, or we won't be able to accept the
-patch.
-
- [3] http://code.google.com/p/googletest/wiki/GoogleTestDevGuide
-
-Happy testing!
diff --git a/security/nss/gtests/google_test/gtest/README.md b/security/nss/gtests/google_test/gtest/README.md
new file mode 100644
index 000000000..e30fe8047
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/README.md
@@ -0,0 +1,341 @@
+### Generic Build Instructions
+
+#### Setup
+
+To build Google Test and your tests that use it, you need to tell your build
+system where to find its headers and source files. The exact way to do it
+depends on which build system you use, and is usually straightforward.
+
+#### Build
+
+Suppose you put Google Test in directory `${GTEST_DIR}`. To build it, create a
+library build target (or a project as called by Visual Studio and Xcode) to
+compile
+
+ ${GTEST_DIR}/src/gtest-all.cc
+
+with `${GTEST_DIR}/include` in the system header search path and `${GTEST_DIR}`
+in the normal header search path. Assuming a Linux-like system and gcc,
+something like the following will do:
+
+ g++ -isystem ${GTEST_DIR}/include -I${GTEST_DIR} \
+ -pthread -c ${GTEST_DIR}/src/gtest-all.cc
+ ar -rv libgtest.a gtest-all.o
+
+(We need `-pthread` as Google Test uses threads.)
+
+Next, you should compile your test source file with `${GTEST_DIR}/include` in
+the system header search path, and link it with gtest and any other necessary
+libraries:
+
+ g++ -isystem ${GTEST_DIR}/include -pthread path/to/your_test.cc libgtest.a \
+ -o your_test
+
+As an example, the make/ directory contains a Makefile that you can use to build
+Google Test on systems where GNU make is available (e.g. Linux, Mac OS X, and
+Cygwin). It doesn't try to build Google Test's own tests. Instead, it just
+builds the Google Test library and a sample test. You can use it as a starting
+point for your own build script.
+
+If the default settings are correct for your environment, the following commands
+should succeed:
+
+ cd ${GTEST_DIR}/make
+ make
+ ./sample1_unittest
+
+If you see errors, try to tweak the contents of `make/Makefile` to make them go
+away. There are instructions in `make/Makefile` on how to do it.
+
+### Using CMake
+
+Google Test comes with a CMake build script (
+[CMakeLists.txt](https://github.com/google/googletest/blob/master/CMakeLists.txt))
+that can be used on a wide range of platforms ("C" stands for cross-platform.).
+If you don't have CMake installed already, you can download it for free from
+<http://www.cmake.org/>.
+
+CMake works by generating native makefiles or build projects that can be used in
+the compiler environment of your choice. You can either build Google Test as a
+standalone project or it can be incorporated into an existing CMake build for
+another project.
+
+#### Standalone CMake Project
+
+When building Google Test as a standalone project, the typical workflow starts
+with:
+
+ mkdir mybuild # Create a directory to hold the build output.
+ cd mybuild
+ cmake ${GTEST_DIR} # Generate native build scripts.
+
+If you want to build Google Test's samples, you should replace the last command
+with
+
+ cmake -Dgtest_build_samples=ON ${GTEST_DIR}
+
+If you are on a \*nix system, you should now see a Makefile in the current
+directory. Just type 'make' to build gtest.
+
+If you use Windows and have Visual Studio installed, a `gtest.sln` file and
+several `.vcproj` files will be created. You can then build them using Visual
+Studio.
+
+On Mac OS X with Xcode installed, a `.xcodeproj` file will be generated.
+
+#### Incorporating Into An Existing CMake Project
+
+If you want to use gtest in a project which already uses CMake, then a more
+robust and flexible approach is to build gtest as part of that project directly.
+This is done by making the GoogleTest source code available to the main build
+and adding it using CMake's `add_subdirectory()` command. This has the
+significant advantage that the same compiler and linker settings are used
+between gtest and the rest of your project, so issues associated with using
+incompatible libraries (eg debug/release), etc. are avoided. This is
+particularly useful on Windows. Making GoogleTest's source code available to the
+main build can be done a few different ways:
+
+* Download the GoogleTest source code manually and place it at a known
+ location. This is the least flexible approach and can make it more difficult
+ to use with continuous integration systems, etc.
+* Embed the GoogleTest source code as a direct copy in the main project's
+ source tree. This is often the simplest approach, but is also the hardest to
+ keep up to date. Some organizations may not permit this method.
+* Add GoogleTest as a git submodule or equivalent. This may not always be
+ possible or appropriate. Git submodules, for example, have their own set of
+ advantages and drawbacks.
+* Use CMake to download GoogleTest as part of the build's configure step. This
+ is just a little more complex, but doesn't have the limitations of the other
+ methods.
+
+The last of the above methods is implemented with a small piece of CMake code in
+a separate file (e.g. `CMakeLists.txt.in`) which is copied to the build area and
+then invoked as a sub-build _during the CMake stage_. That directory is then
+pulled into the main build with `add_subdirectory()`. For example:
+
+New file `CMakeLists.txt.in`:
+
+ cmake_minimum_required(VERSION 2.8.2)
+
+ project(googletest-download NONE)
+
+ include(ExternalProject)
+ ExternalProject_Add(googletest
+ GIT_REPOSITORY https://github.com/google/googletest.git
+ GIT_TAG master
+ SOURCE_DIR "${CMAKE_BINARY_DIR}/googletest-src"
+ BINARY_DIR "${CMAKE_BINARY_DIR}/googletest-build"
+ CONFIGURE_COMMAND ""
+ BUILD_COMMAND ""
+ INSTALL_COMMAND ""
+ TEST_COMMAND ""
+ )
+
+Existing build's `CMakeLists.txt`:
+
+ # Download and unpack googletest at configure time
+ configure_file(CMakeLists.txt.in googletest-download/CMakeLists.txt)
+ execute_process(COMMAND ${CMAKE_COMMAND} -G "${CMAKE_GENERATOR}" .
+ RESULT_VARIABLE result
+ WORKING_DIRECTORY ${CMAKE_BINARY_DIR}/googletest-download )
+ if(result)
+ message(FATAL_ERROR "CMake step for googletest failed: ${result}")
+ endif()
+ execute_process(COMMAND ${CMAKE_COMMAND} --build .
+ RESULT_VARIABLE result
+ WORKING_DIRECTORY ${CMAKE_BINARY_DIR}/googletest-download )
+ if(result)
+ message(FATAL_ERROR "Build step for googletest failed: ${result}")
+ endif()
+
+ # Prevent overriding the parent project's compiler/linker
+ # settings on Windows
+ set(gtest_force_shared_crt ON CACHE BOOL "" FORCE)
+
+ # Add googletest directly to our build. This defines
+ # the gtest and gtest_main targets.
+ add_subdirectory(${CMAKE_BINARY_DIR}/googletest-src
+ ${CMAKE_BINARY_DIR}/googletest-build
+ EXCLUDE_FROM_ALL)
+
+ # The gtest/gtest_main targets carry header search path
+ # dependencies automatically when using CMake 2.8.11 or
+ # later. Otherwise we have to add them here ourselves.
+ if (CMAKE_VERSION VERSION_LESS 2.8.11)
+ include_directories("${gtest_SOURCE_DIR}/include")
+ endif()
+
+ # Now simply link against gtest or gtest_main as needed. Eg
+ add_executable(example example.cpp)
+ target_link_libraries(example gtest_main)
+ add_test(NAME example_test COMMAND example)
+
+Note that this approach requires CMake 2.8.2 or later due to its use of the
+`ExternalProject_Add()` command. The above technique is discussed in more detail
+in [this separate article](http://crascit.com/2015/07/25/cmake-gtest/) which
+also contains a link to a fully generalized implementation of the technique.
+
+##### Visual Studio Dynamic vs Static Runtimes
+
+By default, new Visual Studio projects link the C runtimes dynamically but
+Google Test links them statically. This will generate an error that looks
+something like the following: gtest.lib(gtest-all.obj) : error LNK2038: mismatch
+detected for 'RuntimeLibrary': value 'MTd_StaticDebug' doesn't match value
+'MDd_DynamicDebug' in main.obj
+
+Google Test already has a CMake option for this: `gtest_force_shared_crt`
+
+Enabling this option will make gtest link the runtimes dynamically too, and
+match the project in which it is included.
+
+### Legacy Build Scripts
+
+Before settling on CMake, we have been providing hand-maintained build
+projects/scripts for Visual Studio, Xcode, and Autotools. While we continue to
+provide them for convenience, they are not actively maintained any more. We
+highly recommend that you follow the instructions in the above sections to
+integrate Google Test with your existing build system.
+
+If you still need to use the legacy build scripts, here's how:
+
+The msvc\ folder contains two solutions with Visual C++ projects. Open the
+`gtest.sln` or `gtest-md.sln` file using Visual Studio, and you are ready to
+build Google Test the same way you build any Visual Studio project. Files that
+have names ending with -md use DLL versions of Microsoft runtime libraries (the
+/MD or the /MDd compiler option). Files without that suffix use static versions
+of the runtime libraries (the /MT or the /MTd option). Please note that one must
+use the same option to compile both gtest and the test code. If you use Visual
+Studio 2005 or above, we recommend the -md version as /MD is the default for new
+projects in these versions of Visual Studio.
+
+On Mac OS X, open the `gtest.xcodeproj` in the `xcode/` folder using Xcode.
+Build the "gtest" target. The universal binary framework will end up in your
+selected build directory (selected in the Xcode "Preferences..." -> "Building"
+pane and defaults to xcode/build). Alternatively, at the command line, enter:
+
+ xcodebuild
+
+This will build the "Release" configuration of gtest.framework in your default
+build location. See the "xcodebuild" man page for more information about
+building different configurations and building in different locations.
+
+If you wish to use the Google Test Xcode project with Xcode 4.x and above, you
+need to either:
+
+* update the SDK configuration options in xcode/Config/General.xconfig.
+ Comment options `SDKROOT`, `MACOS_DEPLOYMENT_TARGET`, and `GCC_VERSION`. If
+ you choose this route you lose the ability to target earlier versions of
+ MacOS X.
+* Install an SDK for an earlier version. This doesn't appear to be supported
+ by Apple, but has been reported to work
+ (http://stackoverflow.com/questions/5378518).
+
+### Tweaking Google Test
+
+Google Test can be used in diverse environments. The default configuration may
+not work (or may not work well) out of the box in some environments. However,
+you can easily tweak Google Test by defining control macros on the compiler
+command line. Generally, these macros are named like `GTEST_XYZ` and you define
+them to either 1 or 0 to enable or disable a certain feature.
+
+We list the most frequently used macros below. For a complete list, see file
+[include/gtest/internal/gtest-port.h](https://github.com/google/googletest/blob/master/include/gtest/internal/gtest-port.h).
+
+### Choosing a TR1 Tuple Library
+
+Some Google Test features require the C++ Technical Report 1 (TR1) tuple
+library, which is not yet available with all compilers. The good news is that
+Google Test implements a subset of TR1 tuple that's enough for its own need, and
+will automatically use this when the compiler doesn't provide TR1 tuple.
+
+Usually you don't need to care about which tuple library Google Test uses.
+However, if your project already uses TR1 tuple, you need to tell Google Test to
+use the same TR1 tuple library the rest of your project uses, or the two tuple
+implementations will clash. To do that, add
+
+ -DGTEST_USE_OWN_TR1_TUPLE=0
+
+to the compiler flags while compiling Google Test and your tests. If you want to
+force Google Test to use its own tuple library, just add
+
+ -DGTEST_USE_OWN_TR1_TUPLE=1
+
+to the compiler flags instead.
+
+If you don't want Google Test to use tuple at all, add
+
+ -DGTEST_HAS_TR1_TUPLE=0
+
+and all features using tuple will be disabled.
+
+### Multi-threaded Tests
+
+Google Test is thread-safe where the pthread library is available. After
+`#include "gtest/gtest.h"`, you can check the `GTEST_IS_THREADSAFE` macro to see
+whether this is the case (yes if the macro is `#defined` to 1, no if it's
+undefined.).
+
+If Google Test doesn't correctly detect whether pthread is available in your
+environment, you can force it with
+
+ -DGTEST_HAS_PTHREAD=1
+
+or
+
+ -DGTEST_HAS_PTHREAD=0
+
+When Google Test uses pthread, you may need to add flags to your compiler and/or
+linker to select the pthread library, or you'll get link errors. If you use the
+CMake script or the deprecated Autotools script, this is taken care of for you.
+If you use your own build script, you'll need to read your compiler and linker's
+manual to figure out what flags to add.
+
+### As a Shared Library (DLL)
+
+Google Test is compact, so most users can build and link it as a static library
+for the simplicity. You can choose to use Google Test as a shared library (known
+as a DLL on Windows) if you prefer.
+
+To compile *gtest* as a shared library, add
+
+ -DGTEST_CREATE_SHARED_LIBRARY=1
+
+to the compiler flags. You'll also need to tell the linker to produce a shared
+library instead - consult your linker's manual for how to do it.
+
+To compile your *tests* that use the gtest shared library, add
+
+ -DGTEST_LINKED_AS_SHARED_LIBRARY=1
+
+to the compiler flags.
+
+Note: while the above steps aren't technically necessary today when using some
+compilers (e.g. GCC), they may become necessary in the future, if we decide to
+improve the speed of loading the library (see
+<http://gcc.gnu.org/wiki/Visibility> for details). Therefore you are recommended
+to always add the above flags when using Google Test as a shared library.
+Otherwise a future release of Google Test may break your build script.
+
+### Avoiding Macro Name Clashes
+
+In C++, macros don't obey namespaces. Therefore two libraries that both define a
+macro of the same name will clash if you `#include` both definitions. In case a
+Google Test macro clashes with another library, you can force Google Test to
+rename its macro to avoid the conflict.
+
+Specifically, if both Google Test and some other code define macro FOO, you can
+add
+
+ -DGTEST_DONT_DEFINE_FOO=1
+
+to the compiler flags to tell Google Test to change the macro's name from `FOO`
+to `GTEST_FOO`. Currently `FOO` can be `FAIL`, `SUCCEED`, or `TEST`. For
+example, with `-DGTEST_DONT_DEFINE_TEST=1`, you'll need to write
+
+ GTEST_TEST(SomeTest, DoesThis) { ... }
+
+instead of
+
+ TEST(SomeTest, DoesThis) { ... }
+
+in order to define a test.
diff --git a/security/nss/gtests/google_test/gtest/build-aux/.keep b/security/nss/gtests/google_test/gtest/build-aux/.keep
deleted file mode 100644
index e69de29bb..000000000
diff --git a/security/nss/gtests/google_test/gtest/cmake/Config.cmake.in b/security/nss/gtests/google_test/gtest/cmake/Config.cmake.in
new file mode 100644
index 000000000..12be4498b
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/cmake/Config.cmake.in
@@ -0,0 +1,9 @@
+@PACKAGE_INIT@
+include(CMakeFindDependencyMacro)
+if (@GTEST_HAS_PTHREAD@)
+ set(THREADS_PREFER_PTHREAD_FLAG @THREADS_PREFER_PTHREAD_FLAG@)
+ find_dependency(Threads)
+endif()
+
+include("${CMAKE_CURRENT_LIST_DIR}/@targets_export_name@.cmake")
+check_required_components("@project_name@")
diff --git a/security/nss/gtests/google_test/gtest/cmake/gtest.pc.in b/security/nss/gtests/google_test/gtest/cmake/gtest.pc.in
new file mode 100644
index 000000000..e7967ad56
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/cmake/gtest.pc.in
@@ -0,0 +1,9 @@
+libdir=@CMAKE_INSTALL_FULL_LIBDIR@
+includedir=@CMAKE_INSTALL_FULL_INCLUDEDIR@
+
+Name: gtest
+Description: GoogleTest (without main() function)
+Version: @PROJECT_VERSION@
+URL: https://github.com/google/googletest
+Libs: -L${libdir} -lgtest @CMAKE_THREAD_LIBS_INIT@
+Cflags: -I${includedir} @GTEST_HAS_PTHREAD_MACRO@ @CMAKE_THREAD_LIBS_INIT@
diff --git a/security/nss/gtests/google_test/gtest/cmake/gtest_main.pc.in b/security/nss/gtests/google_test/gtest/cmake/gtest_main.pc.in
new file mode 100644
index 000000000..fe25d9c73
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/cmake/gtest_main.pc.in
@@ -0,0 +1,10 @@
+libdir=@CMAKE_INSTALL_FULL_LIBDIR@
+includedir=@CMAKE_INSTALL_FULL_INCLUDEDIR@
+
+Name: gtest_main
+Description: GoogleTest (with main() function)
+Version: @PROJECT_VERSION@
+URL: https://github.com/google/googletest
+Requires: gtest
+Libs: -L${libdir} -lgtest_main @CMAKE_THREAD_LIBS_INIT@
+Cflags: -I${includedir} @GTEST_HAS_PTHREAD_MACRO@ @CMAKE_THREAD_LIBS_INIT@
diff --git a/security/nss/gtests/google_test/gtest/cmake/internal_utils.cmake b/security/nss/gtests/google_test/gtest/cmake/internal_utils.cmake
index 93e6dbb7c..8c1f9ba99 100644
--- a/security/nss/gtests/google_test/gtest/cmake/internal_utils.cmake
+++ b/security/nss/gtests/google_test/gtest/cmake/internal_utils.cmake
@@ -20,7 +20,7 @@ macro(fix_default_compiler_settings_)
if (MSVC)
# For MSVC, CMake sets certain flags to defaults we want to override.
# This replacement code is taken from sample in the CMake Wiki at
- # http://www.cmake.org/Wiki/CMake_FAQ#Dynamic_Replace.
+ # https://gitlab.kitware.com/cmake/community/wikis/FAQ#dynamic-replace.
foreach (flag_var
CMAKE_CXX_FLAGS CMAKE_CXX_FLAGS_DEBUG CMAKE_CXX_FLAGS_RELEASE
CMAKE_CXX_FLAGS_MINSIZEREL CMAKE_CXX_FLAGS_RELWITHDEBINFO)
@@ -38,6 +38,11 @@ macro(fix_default_compiler_settings_)
# We prefer more strict warning checking for building Google Test.
# Replaces /W3 with /W4 in defaults.
string(REPLACE "/W3" "/W4" ${flag_var} "${${flag_var}}")
+
+ # Prevent D9025 warning for targets that have exception handling
+ # turned off (/EHs-c- flag). Where required, exceptions are explicitly
+ # re-enabled using the cxx_exception_flags variable.
+ string(REPLACE "/EHsc" "" ${flag_var} "${${flag_var}}")
endforeach()
endif()
endmacro()
@@ -46,9 +51,16 @@ endmacro()
# Google Mock. You can tweak these definitions to suit your need. A
# variable's value is empty before it's explicitly assigned to.
macro(config_compiler_and_linker)
- if (NOT gtest_disable_pthreads)
+ # Note: pthreads on MinGW is not supported, even if available
+ # instead, we use windows threading primitives
+ unset(GTEST_HAS_PTHREAD)
+ if (NOT gtest_disable_pthreads AND NOT MINGW)
# Defines CMAKE_USE_PTHREADS_INIT and CMAKE_THREAD_LIBS_INIT.
+ set(THREADS_PREFER_PTHREAD_FLAG ON)
find_package(Threads)
+ if (CMAKE_USE_PTHREADS_INIT)
+ set(GTEST_HAS_PTHREAD ON)
+ endif()
endif()
fix_default_compiler_settings_()
@@ -84,10 +96,13 @@ macro(config_compiler_and_linker)
set(cxx_base_flags "${cxx_base_flags} -D_UNICODE -DUNICODE -DWIN32 -D_WIN32")
set(cxx_base_flags "${cxx_base_flags} -DSTRICT -DWIN32_LEAN_AND_MEAN")
set(cxx_exception_flags "-EHsc -D_HAS_EXCEPTIONS=1")
- set(cxx_no_exception_flags "-D_HAS_EXCEPTIONS=0")
+ set(cxx_no_exception_flags "-EHs-c- -D_HAS_EXCEPTIONS=0")
set(cxx_no_rtti_flags "-GR-")
elseif (CMAKE_COMPILER_IS_GNUCXX)
- set(cxx_base_flags "-Wall -Wshadow")
+ set(cxx_base_flags "-Wall -Wshadow -Werror")
+ if(NOT CMAKE_CXX_COMPILER_VERSION VERSION_LESS 7.0.0)
+ set(cxx_base_flags "${cxx_base_flags} -Wno-error=dangling-else")
+ endif()
set(cxx_exception_flags "-fexceptions")
set(cxx_no_exception_flags "-fno-exceptions")
# Until version 4.3.2, GCC doesn't define a macro to indicate
@@ -119,14 +134,16 @@ macro(config_compiler_and_linker)
set(cxx_no_rtti_flags "")
endif()
- if (CMAKE_USE_PTHREADS_INIT) # The pthreads library is available and allowed.
- set(cxx_base_flags "${cxx_base_flags} -DGTEST_HAS_PTHREAD=1")
+ # The pthreads library is available and allowed?
+ if (DEFINED GTEST_HAS_PTHREAD)
+ set(GTEST_HAS_PTHREAD_MACRO "-DGTEST_HAS_PTHREAD=1")
else()
- set(cxx_base_flags "${cxx_base_flags} -DGTEST_HAS_PTHREAD=0")
+ set(GTEST_HAS_PTHREAD_MACRO "-DGTEST_HAS_PTHREAD=0")
endif()
+ set(cxx_base_flags "${cxx_base_flags} ${GTEST_HAS_PTHREAD_MACRO}")
# For building gtest's own tests and samples.
- set(cxx_exception "${CMAKE_CXX_FLAGS} ${cxx_base_flags} ${cxx_exception_flags}")
+ set(cxx_exception "${cxx_base_flags} ${cxx_exception_flags}")
set(cxx_no_exception
"${CMAKE_CXX_FLAGS} ${cxx_base_flags} ${cxx_no_exception_flags}")
set(cxx_default "${cxx_exception}")
@@ -146,13 +163,26 @@ function(cxx_library_with_type name type cxx_flags)
set_target_properties(${name}
PROPERTIES
COMPILE_FLAGS "${cxx_flags}")
+ # Generate debug library name with a postfix.
+ set_target_properties(${name}
+ PROPERTIES
+ DEBUG_POSTFIX "d")
if (BUILD_SHARED_LIBS OR type STREQUAL "SHARED")
set_target_properties(${name}
PROPERTIES
COMPILE_DEFINITIONS "GTEST_CREATE_SHARED_LIBRARY=1")
+ if (NOT "${CMAKE_VERSION}" VERSION_LESS "2.8.11")
+ target_compile_definitions(${name} INTERFACE
+ $<INSTALL_INTERFACE:GTEST_LINKED_AS_SHARED_LIBRARY=1>)
+ endif()
endif()
- if (CMAKE_USE_PTHREADS_INIT)
- target_link_libraries(${name} ${CMAKE_THREAD_LIBS_INIT})
+ if (DEFINED GTEST_HAS_PTHREAD)
+ if ("${CMAKE_VERSION}" VERSION_LESS "3.1.0")
+ set(threads_spec ${CMAKE_THREAD_LIBS_INIT})
+ else()
+ set(threads_spec Threads::Threads)
+ endif()
+ target_link_libraries(${name} PUBLIC ${threads_spec})
endif()
endfunction()
@@ -174,6 +204,10 @@ endfunction()
# is built from the given source files with the given compiler flags.
function(cxx_executable_with_flags name cxx_flags libs)
add_executable(${name} ${ARGN})
+ if (MSVC AND (NOT (MSVC_VERSION LESS 1700))) # 1700 is Visual Studio 2012.
+ # BigObj required for tests.
+ set(cxx_flags "${cxx_flags} -bigobj")
+ endif()
if (cxx_flags)
set_target_properties(${name}
PROPERTIES
@@ -210,7 +244,7 @@ find_package(PythonInterp)
# from the given source files with the given compiler flags.
function(cxx_test_with_flags name cxx_flags libs)
cxx_executable_with_flags(${name} "${cxx_flags}" "${libs}" ${ARGN})
- add_test(${name} ${name})
+ add_test(NAME ${name} COMMAND ${name})
endfunction()
# cxx_test(name libs srcs...)
@@ -228,15 +262,57 @@ endfunction()
# creates a Python test with the given name whose main module is in
# test/name.py. It does nothing if Python is not installed.
function(py_test name)
- # We are not supporting Python tests on Linux yet as they consider
- # all Linux environments to be google3 and try to use google3 features.
if (PYTHONINTERP_FOUND)
- # ${CMAKE_BINARY_DIR} is known at configuration time, so we can
- # directly bind it from cmake. ${CTEST_CONFIGURATION_TYPE} is known
- # only at ctest runtime (by calling ctest -c <Configuration>), so
- # we have to escape $ to delay variable substitution here.
- add_test(${name}
- ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/test/${name}.py
- --build_dir=${CMAKE_CURRENT_BINARY_DIR}/\${CTEST_CONFIGURATION_TYPE})
+ if (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 3.1)
+ if (CMAKE_CONFIGURATION_TYPES)
+ # Multi-configuration build generators as for Visual Studio save
+ # output in a subdirectory of CMAKE_CURRENT_BINARY_DIR (Debug,
+ # Release etc.), so we have to provide it here.
+ add_test(
+ NAME ${name}
+ COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/test/${name}.py
+ --build_dir=${CMAKE_CURRENT_BINARY_DIR}/$<CONFIG> ${ARGN})
+ else (CMAKE_CONFIGURATION_TYPES)
+ # Single-configuration build generators like Makefile generators
+ # don't have subdirs below CMAKE_CURRENT_BINARY_DIR.
+ add_test(
+ NAME ${name}
+ COMMAND ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/test/${name}.py
+ --build_dir=${CMAKE_CURRENT_BINARY_DIR} ${ARGN})
+ endif (CMAKE_CONFIGURATION_TYPES)
+ else (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 3.1)
+ # ${CMAKE_CURRENT_BINARY_DIR} is known at configuration time, so we can
+ # directly bind it from cmake. ${CTEST_CONFIGURATION_TYPE} is known
+ # only at ctest runtime (by calling ctest -c <Configuration>), so
+ # we have to escape $ to delay variable substitution here.
+ add_test(
+ ${name}
+ ${PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/test/${name}.py
+ --build_dir=${CMAKE_CURRENT_BINARY_DIR}/\${CTEST_CONFIGURATION_TYPE} ${ARGN})
+ endif (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 3.1)
+ endif(PYTHONINTERP_FOUND)
+endfunction()
+
+# install_project(targets...)
+#
+# Installs the specified targets and configures the associated pkgconfig files.
+function(install_project)
+ if(INSTALL_GTEST)
+ install(DIRECTORY "${PROJECT_SOURCE_DIR}/include/"
+ DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}")
+ # Install the project targets.
+ install(TARGETS ${ARGN}
+ EXPORT ${targets_export_name}
+ RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}"
+ ARCHIVE DESTINATION "${CMAKE_INSTALL_LIBDIR}"
+ LIBRARY DESTINATION "${CMAKE_INSTALL_LIBDIR}")
+ # Configure and install pkgconfig files.
+ foreach(t ${ARGN})
+ set(configured_pc "${generated_dir}/${t}.pc")
+ configure_file("${PROJECT_SOURCE_DIR}/cmake/${t}.pc.in"
+ "${configured_pc}" @ONLY)
+ install(FILES "${configured_pc}"
+ DESTINATION "${CMAKE_INSTALL_LIBDIR}/pkgconfig")
+ endforeach()
endif()
endfunction()
diff --git a/security/nss/gtests/google_test/gtest/configure.ac b/security/nss/gtests/google_test/gtest/configure.ac
index cc592e158..254c8c4b3 100644
--- a/security/nss/gtests/google_test/gtest/configure.ac
+++ b/security/nss/gtests/google_test/gtest/configure.ac
@@ -5,7 +5,7 @@ m4_include(m4/acx_pthread.m4)
# "[1.0.1]"). It also asumes that there won't be any closing parenthesis
# between "AC_INIT(" and the closing ")" including comments and strings.
AC_INIT([Google C++ Testing Framework],
- [1.7.0],
+ [1.8.0],
[googletestframework@googlegroups.com],
[gtest])
diff --git a/security/nss/gtests/google_test/gtest/docs/Pkgconfig.md b/security/nss/gtests/google_test/gtest/docs/Pkgconfig.md
new file mode 100644
index 000000000..97612894d
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/docs/Pkgconfig.md
@@ -0,0 +1,146 @@
+## Using GoogleTest from various build systems ##
+
+GoogleTest comes with pkg-config files that can be used to determine all
+necessary flags for compiling and linking to GoogleTest (and GoogleMock).
+Pkg-config is a standardised plain-text format containing
+
+ * the includedir (-I) path
+ * necessary macro (-D) definitions
+ * further required flags (-pthread)
+ * the library (-L) path
+ * the library (-l) to link to
+
+All current build systems support pkg-config in one way or another. For
+all examples here we assume you want to compile the sample
+`samples/sample3_unittest.cc`.
+
+
+### CMake ###
+
+Using `pkg-config` in CMake is fairly easy:
+
+```
+cmake_minimum_required(VERSION 3.0)
+
+cmake_policy(SET CMP0048 NEW)
+project(my_gtest_pkgconfig VERSION 0.0.1 LANGUAGES CXX)
+
+find_package(PkgConfig)
+pkg_search_module(GTEST REQUIRED gtest_main)
+
+add_executable(testapp samples/sample3_unittest.cc)
+target_link_libraries(testapp ${GTEST_LDFLAGS})
+target_compile_options(testapp PUBLIC ${GTEST_CFLAGS})
+
+include(CTest)
+add_test(first_and_only_test testapp)
+```
+
+It is generally recommended that you use `target_compile_options` + `_CFLAGS`
+over `target_include_directories` + `_INCLUDE_DIRS` as the former includes not
+just -I flags (GoogleTest might require a macro indicating to internal headers
+that all libraries have been compiled with threading enabled. In addition,
+GoogleTest might also require `-pthread` in the compiling step, and as such
+splitting the pkg-config `Cflags` variable into include dirs and macros for
+`target_compile_definitions()` might still miss this). The same recommendation
+goes for using `_LDFLAGS` over the more commonplace `_LIBRARIES`, which
+happens to discard `-L` flags and `-pthread`.
+
+
+### Autotools ###
+
+Finding GoogleTest in Autoconf and using it from Automake is also fairly easy:
+
+In your `configure.ac`:
+
+```
+AC_PREREQ([2.69])
+AC_INIT([my_gtest_pkgconfig], [0.0.1])
+AC_CONFIG_SRCDIR([samples/sample3_unittest.cc])
+AC_PROG_CXX
+
+PKG_CHECK_MODULES([GTEST], [gtest_main])
+
+AM_INIT_AUTOMAKE([foreign subdir-objects])
+AC_CONFIG_FILES([Makefile])
+AC_OUTPUT
+```
+
+and in your `Makefile.am`:
+
+```
+check_PROGRAMS = testapp
+TESTS = $(check_PROGRAMS)
+
+testapp_SOURCES = samples/sample3_unittest.cc
+testapp_CXXFLAGS = $(GTEST_CFLAGS)
+testapp_LDADD = $(GTEST_LIBS)
+```
+
+
+### Meson ###
+
+Meson natively uses pkgconfig to query dependencies:
+
+```
+project('my_gtest_pkgconfig', 'cpp', version : '0.0.1')
+
+gtest_dep = dependency('gtest_main')
+
+testapp = executable(
+ 'testapp',
+ files(['samples/sample3_unittest.cc']),
+ dependencies : gtest_dep,
+ install : false)
+
+test('first_and_only_test', testapp)
+```
+
+
+### Plain Makefiles ###
+
+Since `pkg-config` is a small Unix command-line utility, it can be used
+in handwritten `Makefile`s too:
+
+```
+GTEST_CFLAGS = `pkg-config --cflags gtest_main`
+GTEST_LIBS = `pkg-config --libs gtest_main`
+
+.PHONY: tests all
+
+tests: all
+ ./testapp
+
+all: testapp
+
+testapp: testapp.o
+ $(CXX) $(CXXFLAGS) $(LDFLAGS) $< -o $@ $(GTEST_LIBS)
+
+testapp.o: samples/sample3_unittest.cc
+ $(CXX) $(CPPFLAGS) $(CXXFLAGS) $< -c -o $@ $(GTEST_CFLAGS)
+```
+
+
+### Help! pkg-config can't find GoogleTest! ###
+
+Let's say you have a `CMakeLists.txt` along the lines of the one in this
+tutorial and you try to run `cmake`. It is very possible that you get a
+failure along the lines of:
+
+```
+-- Checking for one of the modules 'gtest_main'
+CMake Error at /usr/share/cmake/Modules/FindPkgConfig.cmake:640 (message):
+ None of the required 'gtest_main' found
+```
+
+These failures are common if you installed GoogleTest yourself and have not
+sourced it from a distro or other package manager. If so, you need to tell
+pkg-config where it can find the `.pc` files containing the information.
+Say you installed GoogleTest to `/usr/local`, then it might be that the
+`.pc` files are installed under `/usr/local/lib64/pkgconfig`. If you set
+
+```
+export PKG_CONFIG_PATH=/usr/local/lib64/pkgconfig
+```
+
+pkg-config will also try to look in `PKG_CONFIG_PATH` to find `gtest_main.pc`.
diff --git a/security/nss/gtests/google_test/gtest/docs/PumpManual.md b/security/nss/gtests/google_test/gtest/docs/PumpManual.md
new file mode 100644
index 000000000..827bb24b0
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/docs/PumpManual.md
@@ -0,0 +1,177 @@
+
+
+<b>P</b>ump is <b>U</b>seful for <b>M</b>eta <b>P</b>rogramming.
+
+# The Problem #
+
+Template and macro libraries often need to define many classes,
+functions, or macros that vary only (or almost only) in the number of
+arguments they take. It's a lot of repetitive, mechanical, and
+error-prone work.
+
+Variadic templates and variadic macros can alleviate the problem.
+However, while both are being considered by the C++ committee, neither
+is in the standard yet or widely supported by compilers. Thus they
+are often not a good choice, especially when your code needs to be
+portable. And their capabilities are still limited.
+
+As a result, authors of such libraries often have to write scripts to
+generate their implementation. However, our experience is that it's
+tedious to write such scripts, which tend to reflect the structure of
+the generated code poorly and are often hard to read and edit. For
+example, a small change needed in the generated code may require some
+non-intuitive, non-trivial changes in the script. This is especially
+painful when experimenting with the code.
+
+# Our Solution #
+
+Pump (for Pump is Useful for Meta Programming, Pretty Useful for Meta
+Programming, or Practical Utility for Meta Programming, whichever you
+prefer) is a simple meta-programming tool for C++. The idea is that a
+programmer writes a `foo.pump` file which contains C++ code plus meta
+code that manipulates the C++ code. The meta code can handle
+iterations over a range, nested iterations, local meta variable
+definitions, simple arithmetic, and conditional expressions. You can
+view it as a small Domain-Specific Language. The meta language is
+designed to be non-intrusive (s.t. it won't confuse Emacs' C++ mode,
+for example) and concise, making Pump code intuitive and easy to
+maintain.
+
+## Highlights ##
+
+ * The implementation is in a single Python script and thus ultra portable: no build or installation is needed and it works cross platforms.
+ * Pump tries to be smart with respect to [Google's style guide](https://github.com/google/styleguide): it breaks long lines (easy to have when they are generated) at acceptable places to fit within 80 columns and indent the continuation lines correctly.
+ * The format is human-readable and more concise than XML.
+ * The format works relatively well with Emacs' C++ mode.
+
+## Examples ##
+
+The following Pump code (where meta keywords start with `$`, `[[` and `]]` are meta brackets, and `$$` starts a meta comment that ends with the line):
+
+```
+$var n = 3 $$ Defines a meta variable n.
+$range i 0..n $$ Declares the range of meta iterator i (inclusive).
+$for i [[
+ $$ Meta loop.
+// Foo$i does blah for $i-ary predicates.
+$range j 1..i
+template <size_t N $for j [[, typename A$j]]>
+class Foo$i {
+$if i == 0 [[
+ blah a;
+]] $elif i <= 2 [[
+ blah b;
+]] $else [[
+ blah c;
+]]
+};
+
+]]
+```
+
+will be translated by the Pump compiler to:
+
+```
+// Foo0 does blah for 0-ary predicates.
+template <size_t N>
+class Foo0 {
+ blah a;
+};
+
+// Foo1 does blah for 1-ary predicates.
+template <size_t N, typename A1>
+class Foo1 {
+ blah b;
+};
+
+// Foo2 does blah for 2-ary predicates.
+template <size_t N, typename A1, typename A2>
+class Foo2 {
+ blah b;
+};
+
+// Foo3 does blah for 3-ary predicates.
+template <size_t N, typename A1, typename A2, typename A3>
+class Foo3 {
+ blah c;
+};
+```
+
+In another example,
+
+```
+$range i 1..n
+Func($for i + [[a$i]]);
+$$ The text between i and [[ is the separator between iterations.
+```
+
+will generate one of the following lines (without the comments), depending on the value of `n`:
+
+```
+Func(); // If n is 0.
+Func(a1); // If n is 1.
+Func(a1 + a2); // If n is 2.
+Func(a1 + a2 + a3); // If n is 3.
+// And so on...
+```
+
+## Constructs ##
+
+We support the following meta programming constructs:
+
+| `$var id = exp` | Defines a named constant value. `$id` is valid util the end of the current meta lexical block. |
+|:----------------|:-----------------------------------------------------------------------------------------------|
+| `$range id exp..exp` | Sets the range of an iteration variable, which can be reused in multiple loops later. |
+| `$for id sep [[ code ]]` | Iteration. The range of `id` must have been defined earlier. `$id` is valid in `code`. |
+| `$($)` | Generates a single `$` character. |
+| `$id` | Value of the named constant or iteration variable. |
+| `$(exp)` | Value of the expression. |
+| `$if exp [[ code ]] else_branch` | Conditional. |
+| `[[ code ]]` | Meta lexical block. |
+| `cpp_code` | Raw C++ code. |
+| `$$ comment` | Meta comment. |
+
+**Note:** To give the user some freedom in formatting the Pump source
+code, Pump ignores a new-line character if it's right after `$for foo`
+or next to `[[` or `]]`. Without this rule you'll often be forced to write
+very long lines to get the desired output. Therefore sometimes you may
+need to insert an extra new-line in such places for a new-line to show
+up in your output.
+
+## Grammar ##
+
+```
+code ::= atomic_code*
+atomic_code ::= $var id = exp
+ | $var id = [[ code ]]
+ | $range id exp..exp
+ | $for id sep [[ code ]]
+ | $($)
+ | $id
+ | $(exp)
+ | $if exp [[ code ]] else_branch
+ | [[ code ]]
+ | cpp_code
+sep ::= cpp_code | empty_string
+else_branch ::= $else [[ code ]]
+ | $elif exp [[ code ]] else_branch
+ | empty_string
+exp ::= simple_expression_in_Python_syntax
+```
+
+## Code ##
+
+You can find the source code of Pump in [scripts/pump.py](../scripts/pump.py). It is still
+very unpolished and lacks automated tests, although it has been
+successfully used many times. If you find a chance to use it in your
+project, please let us know what you think! We also welcome help on
+improving Pump.
+
+## Real Examples ##
+
+You can find real-world applications of Pump in [Google Test](https://github.com/google/googletest/tree/master/googletest) and [Google Mock](https://github.com/google/googletest/tree/master/googlemock). The source file `foo.h.pump` generates `foo.h`.
+
+## Tips ##
+
+ * If a meta variable is followed by a letter or digit, you can separate them using `[[]]`, which inserts an empty string. For example `Foo$j[[]]Helper` generate `Foo1Helper` when `j` is 1.
+ * To avoid extra-long Pump source lines, you can break a line anywhere you want by inserting `[[]]` followed by a new line. Since any new-line character next to `[[` or `]]` is ignored, the generated code won't contain this new line.
diff --git a/security/nss/gtests/google_test/gtest/docs/XcodeGuide.md b/security/nss/gtests/google_test/gtest/docs/XcodeGuide.md
new file mode 100644
index 000000000..1c60a33da
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/docs/XcodeGuide.md
@@ -0,0 +1,93 @@
+
+
+This guide will explain how to use the Google Testing Framework in your Xcode projects on Mac OS X. This tutorial begins by quickly explaining what to do for experienced users. After the quick start, the guide goes provides additional explanation about each step.
+
+# Quick Start #
+
+Here is the quick guide for using Google Test in your Xcode project.
+
+ 1. Download the source from the [website](https://github.com/google/googletest) using this command: `svn checkout http://googletest.googlecode.com/svn/trunk/ googletest-read-only`.
+ 1. Open up the `gtest.xcodeproj` in the `googletest-read-only/xcode/` directory and build the gtest.framework.
+ 1. Create a new "Shell Tool" target in your Xcode project called something like "UnitTests".
+ 1. Add the gtest.framework to your project and add it to the "Link Binary with Libraries" build phase of "UnitTests".
+ 1. Add your unit test source code to the "Compile Sources" build phase of "UnitTests".
+ 1. Edit the "UnitTests" executable and add an environment variable named "DYLD\_FRAMEWORK\_PATH" with a value equal to the path to the framework containing the gtest.framework relative to the compiled executable.
+ 1. Build and Go.
+
+The following sections further explain each of the steps listed above in depth, describing in more detail how to complete it including some variations.
+
+# Get the Source #
+
+Currently, the gtest.framework discussed here isn't available in a tagged release of Google Test, it is only available in the trunk. As explained at the Google Test [site](https://github.com/google/googletest), you can get the code from anonymous SVN with this command:
+
+```
+svn checkout http://googletest.googlecode.com/svn/trunk/ googletest-read-only
+```
+
+Alternatively, if you are working with Subversion in your own code base, you can add Google Test as an external dependency to your own Subversion repository. By following this approach, everyone that checks out your svn repository will also receive a copy of Google Test (a specific version, if you wish) without having to check it out explicitly. This makes the set up of your project simpler and reduces the copied code in the repository.
+
+To use `svn:externals`, decide where you would like to have the external source reside. You might choose to put the external source inside the trunk, because you want it to be part of the branch when you make a release. However, keeping it outside the trunk in a version-tagged directory called something like `third-party/googletest/1.0.1`, is another option. Once the location is established, use `svn propedit svn:externals _directory_` to set the svn:externals property on a directory in your repository. This directory won't contain the code, but be its versioned parent directory.
+
+The command `svn propedit` will bring up your Subversion editor, making editing the long, (potentially multi-line) property simpler. This same method can be used to check out a tagged branch, by using the appropriate URL (e.g. `https://github.com/google/googletest/releases/tag/release-1.0.1`). Additionally, the svn:externals property allows the specification of a particular revision of the trunk with the `-r_##_` option (e.g. `externals/src/googletest -r60 http://googletest.googlecode.com/svn/trunk`).
+
+Here is an example of using the svn:externals properties on a trunk (read via `svn propget`) of a project. This value checks out a copy of Google Test into the `trunk/externals/src/googletest/` directory.
+
+```
+[Computer:svn] user$ svn propget svn:externals trunk
+externals/src/googletest http://googletest.googlecode.com/svn/trunk
+```
+
+# Add the Framework to Your Project #
+
+The next step is to build and add the gtest.framework to your own project. This guide describes two common ways below.
+
+ * **Option 1** --- The simplest way to add Google Test to your own project, is to open gtest.xcodeproj (found in the xcode/ directory of the Google Test trunk) and build the framework manually. Then, add the built framework into your project using the "Add->Existing Framework..." from the context menu or "Project->Add..." from the main menu. The gtest.framework is relocatable and contains the headers and object code that you'll need to make tests. This method requires rebuilding every time you upgrade Google Test in your project.
+ * **Option 2** --- If you are going to be living off the trunk of Google Test, incorporating its latest features into your unit tests (or are a Google Test developer yourself). You'll want to rebuild the framework every time the source updates. to do this, you'll need to add the gtest.xcodeproj file, not the framework itself, to your own Xcode project. Then, from the build products that are revealed by the project's disclosure triangle, you can find the gtest.framework, which can be added to your targets (discussed below).
+
+# Make a Test Target #
+
+To start writing tests, make a new "Shell Tool" target. This target template is available under BSD, Cocoa, or Carbon. Add your unit test source code to the "Compile Sources" build phase of the target.
+
+Next, you'll want to add gtest.framework in two different ways, depending upon which option you chose above.
+
+ * **Option 1** --- During compilation, Xcode will need to know that you are linking against the gtest.framework. Add the gtest.framework to the "Link Binary with Libraries" build phase of your test target. This will include the Google Test headers in your header search path, and will tell the linker where to find the library.
+ * **Option 2** --- If your working out of the trunk, you'll also want to add gtest.framework to your "Link Binary with Libraries" build phase of your test target. In addition, you'll want to add the gtest.framework as a dependency to your unit test target. This way, Xcode will make sure that gtest.framework is up to date, every time your build your target. Finally, if you don't share build directories with Google Test, you'll have to copy the gtest.framework into your own build products directory using a "Run Script" build phase.
+
+# Set Up the Executable Run Environment #
+
+Since the unit test executable is a shell tool, it doesn't have a bundle with a `Contents/Frameworks` directory, in which to place gtest.framework. Instead, the dynamic linker must be told at runtime to search for the framework in another location. This can be accomplished by setting the "DYLD\_FRAMEWORK\_PATH" environment variable in the "Edit Active Executable ..." Arguments tab, under "Variables to be set in the environment:". The path for this value is the path (relative or absolute) of the directory containing the gtest.framework.
+
+If you haven't set up the DYLD\_FRAMEWORK\_PATH, correctly, you might get a message like this:
+
+```
+[Session started at 2008-08-15 06:23:57 -0600.]
+ dyld: Library not loaded: @loader_path/../Frameworks/gtest.framework/Versions/A/gtest
+ Referenced from: /Users/username/Documents/Sandbox/gtestSample/build/Debug/WidgetFrameworkTest
+ Reason: image not found
+```
+
+To correct this problem, go to to the directory containing the executable named in "Referenced from:" value in the error message above. Then, with the terminal in this location, find the relative path to the directory containing the gtest.framework. That is the value you'll need to set as the DYLD\_FRAMEWORK\_PATH.
+
+# Build and Go #
+
+Now, when you click "Build and Go", the test will be executed. Dumping out something like this:
+
+```
+[Session started at 2008-08-06 06:36:13 -0600.]
+[==========] Running 2 tests from 1 test case.
+[----------] Global test environment set-up.
+[----------] 2 tests from WidgetInitializerTest
+[ RUN ] WidgetInitializerTest.TestConstructor
+[ OK ] WidgetInitializerTest.TestConstructor
+[ RUN ] WidgetInitializerTest.TestConversion
+[ OK ] WidgetInitializerTest.TestConversion
+[----------] Global test environment tear-down
+[==========] 2 tests from 1 test case ran.
+[ PASSED ] 2 tests.
+
+The Debugger has exited with status 0.
+```
+
+# Summary #
+
+Unit testing is a valuable way to ensure your data model stays valid even during rapid development or refactoring. The Google Testing Framework is a great unit testing framework for C and C++ which integrates well with an Xcode development environment.
diff --git a/security/nss/gtests/google_test/gtest/docs/advanced.md b/security/nss/gtests/google_test/gtest/docs/advanced.md
new file mode 100644
index 000000000..8065d1962
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/docs/advanced.md
@@ -0,0 +1,2520 @@
+# Advanced googletest Topics
+
+
+## Introduction
+
+Now that you have read the [googletest Primer](primer.md) and learned how to write
+tests using googletest, it's time to learn some new tricks. This document will
+show you more assertions as well as how to construct complex failure messages,
+propagate fatal failures, reuse and speed up your test fixtures, and use various
+flags with your tests.
+
+## More Assertions
+
+This section covers some less frequently used, but still significant,
+assertions.
+
+### Explicit Success and Failure
+
+These three assertions do not actually test a value or expression. Instead, they
+generate a success or failure directly. Like the macros that actually perform a
+test, you may stream a custom failure message into them.
+
+```c++
+SUCCEED();
+```
+
+Generates a success. This does **NOT** make the overall test succeed. A test is
+considered successful only if none of its assertions fail during its execution.
+
+NOTE: `SUCCEED()` is purely documentary and currently doesn't generate any
+user-visible output. However, we may add `SUCCEED()` messages to googletest's
+output in the future.
+
+```c++
+FAIL();
+ADD_FAILURE();
+ADD_FAILURE_AT("file_path", line_number);
+```
+
+`FAIL()` generates a fatal failure, while `ADD_FAILURE()` and `ADD_FAILURE_AT()`
+generate a nonfatal failure. These are useful when control flow, rather than a
+Boolean expression, determines the test's success or failure. For example, you
+might want to write something like:
+
+```c++
+switch(expression) {
+ case 1:
+ ... some checks ...
+ case 2:
+ ... some other checks ...
+ default:
+ FAIL() << "We shouldn't get here.";
+}
+```
+
+NOTE: you can only use `FAIL()` in functions that return `void`. See the
+[Assertion Placement section](#assertion-placement) for more information.
+
+**Availability**: Linux, Windows, Mac.
+
+### Exception Assertions
+
+These are for verifying that a piece of code throws (or does not throw) an
+exception of the given type:
+
+Fatal assertion | Nonfatal assertion | Verifies
+------------------------------------------ | ------------------------------------------ | --------
+`ASSERT_THROW(statement, exception_type);` | `EXPECT_THROW(statement, exception_type);` | `statement` throws an exception of the given type
+`ASSERT_ANY_THROW(statement);` | `EXPECT_ANY_THROW(statement);` | `statement` throws an exception of any type
+`ASSERT_NO_THROW(statement);` | `EXPECT_NO_THROW(statement);` | `statement` doesn't throw any exception
+
+Examples:
+
+```c++
+ASSERT_THROW(Foo(5), bar_exception);
+
+EXPECT_NO_THROW({
+ int n = 5;
+ Bar(&n);
+});
+```
+
+**Availability**: Linux, Windows, Mac; requires exceptions to be enabled in the
+build environment (note that `google3` **disables** exceptions).
+
+### Predicate Assertions for Better Error Messages
+
+Even though googletest has a rich set of assertions, they can never be complete,
+as it's impossible (nor a good idea) to anticipate all scenarios a user might
+run into. Therefore, sometimes a user has to use `EXPECT_TRUE()` to check a
+complex expression, for lack of a better macro. This has the problem of not
+showing you the values of the parts of the expression, making it hard to
+understand what went wrong. As a workaround, some users choose to construct the
+failure message by themselves, streaming it into `EXPECT_TRUE()`. However, this
+is awkward especially when the expression has side-effects or is expensive to
+evaluate.
+
+googletest gives you three different options to solve this problem:
+
+#### Using an Existing Boolean Function
+
+If you already have a function or functor that returns `bool` (or a type that
+can be implicitly converted to `bool`), you can use it in a *predicate
+assertion* to get the function arguments printed for free:
+
+| Fatal assertion | Nonfatal assertion | Verifies |
+| ---------------------------------- | ---------------------------------- | --------------------------- |
+| `ASSERT_PRED1(pred1, val1);` | `EXPECT_PRED1(pred1, val1);` | `pred1(val1)` is true |
+| `ASSERT_PRED2(pred2, val1, val2);` | `EXPECT_PRED2(pred2, val1, val2);` | `pred2(val1, val2)` is true |
+| `...` | `...` | ... |
+
+In the above, `predn` is an `n`-ary predicate function or functor, where `val1`,
+`val2`, ..., and `valn` are its arguments. The assertion succeeds if the
+predicate returns `true` when applied to the given arguments, and fails
+otherwise. When the assertion fails, it prints the value of each argument. In
+either case, the arguments are evaluated exactly once.
+
+Here's an example. Given
+
+```c++
+// Returns true if m and n have no common divisors except 1.
+bool MutuallyPrime(int m, int n) { ... }
+
+const int a = 3;
+const int b = 4;
+const int c = 10;
+```
+
+the assertion
+
+```c++
+ EXPECT_PRED2(MutuallyPrime, a, b);
+```
+
+will succeed, while the assertion
+
+```c++
+ EXPECT_PRED2(MutuallyPrime, b, c);
+```
+
+will fail with the message
+
+```none
+MutuallyPrime(b, c) is false, where
+b is 4
+c is 10
+```
+
+> NOTE:
+>
+> 1. If you see a compiler error "no matching function to call" when using
+> `ASSERT_PRED*` or `EXPECT_PRED*`, please see
+> [this](faq.md#OverloadedPredicate) for how to resolve it.
+> 1. Currently we only provide predicate assertions of arity <= 5. If you need
+> a higher-arity assertion, let [us](https://github.com/google/googletest/issues) know.
+
+**Availability**: Linux, Windows, Mac.
+
+#### Using a Function That Returns an AssertionResult
+
+While `EXPECT_PRED*()` and friends are handy for a quick job, the syntax is not
+satisfactory: you have to use different macros for different arities, and it
+feels more like Lisp than C++. The `::testing::AssertionResult` class solves
+this problem.
+
+An `AssertionResult` object represents the result of an assertion (whether it's
+a success or a failure, and an associated message). You can create an
+`AssertionResult` using one of these factory functions:
+
+```c++
+namespace testing {
+
+// Returns an AssertionResult object to indicate that an assertion has
+// succeeded.
+AssertionResult AssertionSuccess();
+
+// Returns an AssertionResult object to indicate that an assertion has
+// failed.
+AssertionResult AssertionFailure();
+
+}
+```
+
+You can then use the `<<` operator to stream messages to the `AssertionResult`
+object.
+
+To provide more readable messages in Boolean assertions (e.g. `EXPECT_TRUE()`),
+write a predicate function that returns `AssertionResult` instead of `bool`. For
+example, if you define `IsEven()` as:
+
+```c++
+::testing::AssertionResult IsEven(int n) {
+ if ((n % 2) == 0)
+ return ::testing::AssertionSuccess();
+ else
+ return ::testing::AssertionFailure() << n << " is odd";
+}
+```
+
+instead of:
+
+```c++
+bool IsEven(int n) {
+ return (n % 2) == 0;
+}
+```
+
+the failed assertion `EXPECT_TRUE(IsEven(Fib(4)))` will print:
+
+```none
+Value of: IsEven(Fib(4))
+ Actual: false (3 is odd)
+Expected: true
+```
+
+instead of a more opaque
+
+```none
+Value of: IsEven(Fib(4))
+ Actual: false
+Expected: true
+```
+
+If you want informative messages in `EXPECT_FALSE` and `ASSERT_FALSE` as well
+(one third of Boolean assertions in the Google code base are negative ones), and
+are fine with making the predicate slower in the success case, you can supply a
+success message:
+
+```c++
+::testing::AssertionResult IsEven(int n) {
+ if ((n % 2) == 0)
+ return ::testing::AssertionSuccess() << n << " is even";
+ else
+ return ::testing::AssertionFailure() << n << " is odd";
+}
+```
+
+Then the statement `EXPECT_FALSE(IsEven(Fib(6)))` will print
+
+```none
+ Value of: IsEven(Fib(6))
+ Actual: true (8 is even)
+ Expected: false
+```
+
+**Availability**: Linux, Windows, Mac.
+
+#### Using a Predicate-Formatter
+
+If you find the default message generated by `(ASSERT|EXPECT)_PRED*` and
+`(ASSERT|EXPECT)_(TRUE|FALSE)` unsatisfactory, or some arguments to your
+predicate do not support streaming to `ostream`, you can instead use the
+following *predicate-formatter assertions* to *fully* customize how the message
+is formatted:
+
+Fatal assertion | Nonfatal assertion | Verifies
+------------------------------------------------ | ------------------------------------------------ | --------
+`ASSERT_PRED_FORMAT1(pred_format1, val1);` | `EXPECT_PRED_FORMAT1(pred_format1, val1);` | `pred_format1(val1)` is successful
+`ASSERT_PRED_FORMAT2(pred_format2, val1, val2);` | `EXPECT_PRED_FORMAT2(pred_format2, val1, val2);` | `pred_format2(val1, val2)` is successful
+`...` | `...` | ...
+
+The difference between this and the previous group of macros is that instead of
+a predicate, `(ASSERT|EXPECT)_PRED_FORMAT*` take a *predicate-formatter*
+(`pred_formatn`), which is a function or functor with the signature:
+
+```c++
+::testing::AssertionResult PredicateFormattern(const char* expr1,
+ const char* expr2,
+ ...
+ const char* exprn,
+ T1 val1,
+ T2 val2,
+ ...
+ Tn valn);
+```
+
+where `val1`, `val2`, ..., and `valn` are the values of the predicate arguments,
+and `expr1`, `expr2`, ..., and `exprn` are the corresponding expressions as they
+appear in the source code. The types `T1`, `T2`, ..., and `Tn` can be either
+value types or reference types. For example, if an argument has type `Foo`, you
+can declare it as either `Foo` or `const Foo&`, whichever is appropriate.
+
+As an example, let's improve the failure message in `MutuallyPrime()`, which was
+used with `EXPECT_PRED2()`:
+
+```c++
+// Returns the smallest prime common divisor of m and n,
+// or 1 when m and n are mutually prime.
+int SmallestPrimeCommonDivisor(int m, int n) { ... }
+
+// A predicate-formatter for asserting that two integers are mutually prime.
+::testing::AssertionResult AssertMutuallyPrime(const char* m_expr,
+ const char* n_expr,
+ int m,
+ int n) {
+ if (MutuallyPrime(m, n)) return ::testing::AssertionSuccess();
+
+ return ::testing::AssertionFailure() << m_expr << " and " << n_expr
+ << " (" << m << " and " << n << ") are not mutually prime, "
+ << "as they have a common divisor " << SmallestPrimeCommonDivisor(m, n);
+}
+```
+
+With this predicate-formatter, we can use
+
+```c++
+ EXPECT_PRED_FORMAT2(AssertMutuallyPrime, b, c);
+```
+
+to generate the message
+
+```none
+b and c (4 and 10) are not mutually prime, as they have a common divisor 2.
+```
+
+As you may have realized, many of the built-in assertions we introduced earlier
+are special cases of `(EXPECT|ASSERT)_PRED_FORMAT*`. In fact, most of them are
+indeed defined using `(EXPECT|ASSERT)_PRED_FORMAT*`.
+
+**Availability**: Linux, Windows, Mac.
+
+### Floating-Point Comparison
+
+Comparing floating-point numbers is tricky. Due to round-off errors, it is very
+unlikely that two floating-points will match exactly. Therefore, `ASSERT_EQ` 's
+naive comparison usually doesn't work. And since floating-points can have a wide
+value range, no single fixed error bound works. It's better to compare by a
+fixed relative error bound, except for values close to 0 due to the loss of
+precision there.
+
+In general, for floating-point comparison to make sense, the user needs to
+carefully choose the error bound. If they don't want or care to, comparing in
+terms of Units in the Last Place (ULPs) is a good default, and googletest
+provides assertions to do this. Full details about ULPs are quite long; if you
+want to learn more, see
+[here](https://randomascii.wordpress.com/2012/02/25/comparing-floating-point-numbers-2012-edition/).
+
+#### Floating-Point Macros
+
+| Fatal assertion | Nonfatal assertion | Verifies |
+| ------------------------------- | ------------------------------ | ---------------------------------------- |
+| `ASSERT_FLOAT_EQ(val1, val2);` | `EXPECT_FLOAT_EQ(val1,val2);` | the two `float` values are almost equal |
+| `ASSERT_DOUBLE_EQ(val1, val2);` | `EXPECT_DOUBLE_EQ(val1, val2);`| the two `double` values are almost equal |
+
+By "almost equal" we mean the values are within 4 ULP's from each other.
+
+NOTE: `CHECK_DOUBLE_EQ()` in `base/logging.h` uses a fixed absolute error bound,
+so its result may differ from that of the googletest macros. That macro is
+unsafe and has been deprecated. Please don't use it any more.
+
+The following assertions allow you to choose the acceptable error bound:
+
+| Fatal assertion | Nonfatal assertion | Verifies |
+| ------------------------------------- | ------------------------------------- | ------------------------- |
+| `ASSERT_NEAR(val1, val2, abs_error);` | `EXPECT_NEAR(val1, val2, abs_error);` | the difference between `val1` and `val2` doesn't exceed the given absolute error |
+
+**Availability**: Linux, Windows, Mac.
+
+#### Floating-Point Predicate-Format Functions
+
+Some floating-point operations are useful, but not that often used. In order to
+avoid an explosion of new macros, we provide them as predicate-format functions
+that can be used in predicate assertion macros (e.g. `EXPECT_PRED_FORMAT2`,
+etc).
+
+```c++
+EXPECT_PRED_FORMAT2(::testing::FloatLE, val1, val2);
+EXPECT_PRED_FORMAT2(::testing::DoubleLE, val1, val2);
+```
+
+Verifies that `val1` is less than, or almost equal to, `val2`. You can replace
+`EXPECT_PRED_FORMAT2` in the above table with `ASSERT_PRED_FORMAT2`.
+
+**Availability**: Linux, Windows, Mac.
+
+### Asserting Using gMock Matchers
+
+Google-developed C++ mocking framework [gMock](../../googlemock) comes with a
+library of matchers for validating arguments passed to mock objects. A gMock
+*matcher* is basically a predicate that knows how to describe itself. It can be
+used in these assertion macros:
+
+| Fatal assertion | Nonfatal assertion | Verifies |
+| ------------------------------ | ------------------------------ | --------------------- |
+| `ASSERT_THAT(value, matcher);` | `EXPECT_THAT(value, matcher);` | value matches matcher |
+
+For example, `StartsWith(prefix)` is a matcher that matches a string starting
+with `prefix`, and you can write:
+
+```c++
+using ::testing::StartsWith;
+...
+ // Verifies that Foo() returns a string starting with "Hello".
+ EXPECT_THAT(Foo(), StartsWith("Hello"));
+```
+
+Read this [recipe](../../googlemock/docs/CookBook.md#using-matchers-in-google-test-assertions) in
+the gMock Cookbook for more details.
+
+gMock has a rich set of matchers. You can do many things googletest cannot do
+alone with them. For a list of matchers gMock provides, read
+[this](../../googlemock/docs/CookBook.md#using-matchers). Especially useful among them are
+some [protocol buffer matchers](https://github.com/google/nucleus/blob/master/nucleus/testing/protocol-buffer-matchers.h). It's easy to write
+your [own matchers](../../googlemock/docs/CookBook.md#writing-new-matchers-quickly) too.
+
+For example, you can use gMock's
+[EqualsProto](https://github.com/google/nucleus/blob/master/nucleus/testing/protocol-buffer-matchers.h)
+to compare protos in your tests:
+
+```c++
+#include "testing/base/public/gmock.h"
+using ::testing::EqualsProto;
+...
+ EXPECT_THAT(actual_proto, EqualsProto("foo: 123 bar: 'xyz'"));
+ EXPECT_THAT(*actual_proto_ptr, EqualsProto(expected_proto));
+```
+
+gMock is bundled with googletest, so you don't need to add any build dependency
+in order to take advantage of this. Just include `"testing/base/public/gmock.h"`
+and you're ready to go.
+
+**Availability**: Linux, Windows, and Mac.
+
+### More String Assertions
+
+(Please read the [previous](#AssertThat) section first if you haven't.)
+
+You can use the gMock [string matchers](../../googlemock/docs/CheatSheet.md#string-matchers)
+with `EXPECT_THAT()` or `ASSERT_THAT()` to do more string comparison tricks
+(sub-string, prefix, suffix, regular expression, and etc). For example,
+
+```c++
+using ::testing::HasSubstr;
+using ::testing::MatchesRegex;
+...
+ ASSERT_THAT(foo_string, HasSubstr("needle"));
+ EXPECT_THAT(bar_string, MatchesRegex("\\w*\\d+"));
+```
+
+**Availability**: Linux, Windows, Mac.
+
+If the string contains a well-formed HTML or XML document, you can check whether
+its DOM tree matches an [XPath
+expression](http://www.w3.org/TR/xpath/#contents):
+
+```c++
+// Currently still in //template/prototemplate/testing:xpath_matcher
+#include "template/prototemplate/testing/xpath_matcher.h"
+using prototemplate::testing::MatchesXPath;
+EXPECT_THAT(html_string, MatchesXPath("//a[text()='click here']"));
+```
+
+**Availability**: Linux.
+
+### Windows HRESULT assertions
+
+These assertions test for `HRESULT` success or failure.
+
+Fatal assertion | Nonfatal assertion | Verifies
+-------------------------------------- | -------------------------------------- | --------
+`ASSERT_HRESULT_SUCCEEDED(expression)` | `EXPECT_HRESULT_SUCCEEDED(expression)` | `expression` is a success `HRESULT`
+`ASSERT_HRESULT_FAILED(expression)` | `EXPECT_HRESULT_FAILED(expression)` | `expression` is a failure `HRESULT`
+
+The generated output contains the human-readable error message associated with
+the `HRESULT` code returned by `expression`.
+
+You might use them like this:
+
+```c++
+CComPtr<IShellDispatch2> shell;
+ASSERT_HRESULT_SUCCEEDED(shell.CoCreateInstance(L"Shell.Application"));
+CComVariant empty;
+ASSERT_HRESULT_SUCCEEDED(shell->ShellExecute(CComBSTR(url), empty, empty, empty, empty));
+```
+
+**Availability**: Windows.
+
+### Type Assertions
+
+You can call the function
+
+```c++
+::testing::StaticAssertTypeEq<T1, T2>();
+```
+
+to assert that types `T1` and `T2` are the same. The function does nothing if
+the assertion is satisfied. If the types are different, the function call will
+fail to compile, and the compiler error message will likely (depending on the
+compiler) show you the actual values of `T1` and `T2`. This is mainly useful
+inside template code.
+
+**Caveat**: When used inside a member function of a class template or a function
+template, `StaticAssertTypeEq<T1, T2>()` is effective only if the function is
+instantiated. For example, given:
+
+```c++
+template <typename T> class Foo {
+ public:
+ void Bar() { ::testing::StaticAssertTypeEq<int, T>(); }
+};
+```
+
+the code:
+
+```c++
+void Test1() { Foo<bool> foo; }
+```
+
+will not generate a compiler error, as `Foo<bool>::Bar()` is never actually
+instantiated. Instead, you need:
+
+```c++
+void Test2() { Foo<bool> foo; foo.Bar(); }
+```
+
+to cause a compiler error.
+
+**Availability**: Linux, Windows, Mac.
+
+### Assertion Placement
+
+You can use assertions in any C++ function. In particular, it doesn't have to be
+a method of the test fixture class. The one constraint is that assertions that
+generate a fatal failure (`FAIL*` and `ASSERT_*`) can only be used in
+void-returning functions. This is a consequence of Google's not using
+exceptions. By placing it in a non-void function you'll get a confusing compile
+error like `"error: void value not ignored as it ought to be"` or `"cannot
+initialize return object of type 'bool' with an rvalue of type 'void'"` or
+`"error: no viable conversion from 'void' to 'string'"`.
+
+If you need to use fatal assertions in a function that returns non-void, one
+option is to make the function return the value in an out parameter instead. For
+example, you can rewrite `T2 Foo(T1 x)` to `void Foo(T1 x, T2* result)`. You
+need to make sure that `*result` contains some sensible value even when the
+function returns prematurely. As the function now returns `void`, you can use
+any assertion inside of it.
+
+If changing the function's type is not an option, you should just use assertions
+that generate non-fatal failures, such as `ADD_FAILURE*` and `EXPECT_*`.
+
+NOTE: Constructors and destructors are not considered void-returning functions,
+according to the C++ language specification, and so you may not use fatal
+assertions in them. You'll get a compilation error if you try. A simple
+workaround is to transfer the entire body of the constructor or destructor to a
+private void-returning method. However, you should be aware that a fatal
+assertion failure in a constructor does not terminate the current test, as your
+intuition might suggest; it merely returns from the constructor early, possibly
+leaving your object in a partially-constructed state. Likewise, a fatal
+assertion failure in a destructor may leave your object in a
+partially-destructed state. Use assertions carefully in these situations!
+
+## Teaching googletest How to Print Your Values
+
+When a test assertion such as `EXPECT_EQ` fails, googletest prints the argument
+values to help you debug. It does this using a user-extensible value printer.
+
+This printer knows how to print built-in C++ types, native arrays, STL
+containers, and any type that supports the `<<` operator. For other types, it
+prints the raw bytes in the value and hopes that you the user can figure it out.
+
+As mentioned earlier, the printer is *extensible*. That means you can teach it
+to do a better job at printing your particular type than to dump the bytes. To
+do that, define `<<` for your type:
+
+```c++
+// Streams are allowed only for logging. Don't include this for
+// any other purpose.
+#include <ostream>
+
+namespace foo {
+
+class Bar { // We want googletest to be able to print instances of this.
+...
+ // Create a free inline friend function.
+ friend std::ostream& operator<<(std::ostream& os, const Bar& bar) {
+ return os << bar.DebugString(); // whatever needed to print bar to os
+ }
+};
+
+// If you can't declare the function in the class it's important that the
+// << operator is defined in the SAME namespace that defines Bar. C++'s look-up
+// rules rely on that.
+std::ostream& operator<<(std::ostream& os, const Bar& bar) {
+ return os << bar.DebugString(); // whatever needed to print bar to os
+}
+
+} // namespace foo
+```
+
+Sometimes, this might not be an option: your team may consider it bad style to
+have a `<<` operator for `Bar`, or `Bar` may already have a `<<` operator that
+doesn't do what you want (and you cannot change it). If so, you can instead
+define a `PrintTo()` function like this:
+
+```c++
+// Streams are allowed only for logging. Don't include this for
+// any other purpose.
+#include <ostream>
+
+namespace foo {
+
+class Bar {
+ ...
+ friend void PrintTo(const Bar& bar, std::ostream* os) {
+ *os << bar.DebugString(); // whatever needed to print bar to os
+ }
+};
+
+// If you can't declare the function in the class it's important that PrintTo()
+// is defined in the SAME namespace that defines Bar. C++'s look-up rules rely
+// on that.
+void PrintTo(const Bar& bar, std::ostream* os) {
+ *os << bar.DebugString(); // whatever needed to print bar to os
+}
+
+} // namespace foo
+```
+
+If you have defined both `<<` and `PrintTo()`, the latter will be used when
+googletest is concerned. This allows you to customize how the value appears in
+googletest's output without affecting code that relies on the behavior of its
+`<<` operator.
+
+If you want to print a value `x` using googletest's value printer yourself, just
+call `::testing::PrintToString(x)`, which returns an `std::string`:
+
+```c++
+vector<pair<Bar, int> > bar_ints = GetBarIntVector();
+
+EXPECT_TRUE(IsCorrectBarIntVector(bar_ints))
+ << "bar_ints = " << ::testing::PrintToString(bar_ints);
+```
+
+## Death Tests
+
+In many applications, there are assertions that can cause application failure if
+a condition is not met. These sanity checks, which ensure that the program is in
+a known good state, are there to fail at the earliest possible time after some
+program state is corrupted. If the assertion checks the wrong condition, then
+the program may proceed in an erroneous state, which could lead to memory
+corruption, security holes, or worse. Hence it is vitally important to test that
+such assertion statements work as expected.
+
+Since these precondition checks cause the processes to die, we call such tests
+_death tests_. More generally, any test that checks that a program terminates
+(except by throwing an exception) in an expected fashion is also a death test.
+
+
+Note that if a piece of code throws an exception, we don't consider it "death"
+for the purpose of death tests, as the caller of the code could catch the
+exception and avoid the crash. If you want to verify exceptions thrown by your
+code, see [Exception Assertions](#exception-assertions).
+
+If you want to test `EXPECT_*()/ASSERT_*()` failures in your test code, see
+Catching Failures
+
+### How to Write a Death Test
+
+googletest has the following macros to support death tests:
+
+Fatal assertion | Nonfatal assertion | Verifies
+---------------------------------------------- | ---------------------------------------------- | --------
+`ASSERT_DEATH(statement, regex);` | `EXPECT_DEATH(statement, regex);` | `statement` crashes with the given error
+`ASSERT_DEATH_IF_SUPPORTED(statement, regex);` | `EXPECT_DEATH_IF_SUPPORTED(statement, regex);` | if death tests are supported, verifies that `statement` crashes with the given error; otherwise verifies nothing
+`ASSERT_EXIT(statement, predicate, regex);` | `EXPECT_EXIT(statement, predicate, regex);` | `statement` exits with the given error, and its exit code matches `predicate`
+
+where `statement` is a statement that is expected to cause the process to die,
+`predicate` is a function or function object that evaluates an integer exit
+status, and `regex` is a (Perl) regular expression that the stderr output of
+`statement` is expected to match. Note that `statement` can be *any valid
+statement* (including *compound statement*) and doesn't have to be an
+expression.
+
+
+As usual, the `ASSERT` variants abort the current test function, while the
+`EXPECT` variants do not.
+
+> NOTE: We use the word "crash" here to mean that the process terminates with a
+> *non-zero* exit status code. There are two possibilities: either the process
+> has called `exit()` or `_exit()` with a non-zero value, or it may be killed by
+> a signal.
+>
+> This means that if `*statement*` terminates the process with a 0 exit code, it
+> is *not* considered a crash by `EXPECT_DEATH`. Use `EXPECT_EXIT` instead if
+> this is the case, or if you want to restrict the exit code more precisely.
+
+A predicate here must accept an `int` and return a `bool`. The death test
+succeeds only if the predicate returns `true`. googletest defines a few
+predicates that handle the most common cases:
+
+```c++
+::testing::ExitedWithCode(exit_code)
+```
+
+This expression is `true` if the program exited normally with the given exit
+code.
+
+```c++
+::testing::KilledBySignal(signal_number) // Not available on Windows.
+```
+
+This expression is `true` if the program was killed by the given signal.
+
+The `*_DEATH` macros are convenient wrappers for `*_EXIT` that use a predicate
+that verifies the process' exit code is non-zero.
+
+Note that a death test only cares about three things:
+
+1. does `statement` abort or exit the process?
+2. (in the case of `ASSERT_EXIT` and `EXPECT_EXIT`) does the exit status
+ satisfy `predicate`? Or (in the case of `ASSERT_DEATH` and `EXPECT_DEATH`)
+ is the exit status non-zero? And
+3. does the stderr output match `regex`?
+
+In particular, if `statement` generates an `ASSERT_*` or `EXPECT_*` failure, it
+will **not** cause the death test to fail, as googletest assertions don't abort
+the process.
+
+To write a death test, simply use one of the above macros inside your test
+function. For example,
+
+```c++
+TEST(MyDeathTest, Foo) {
+ // This death test uses a compound statement.
+ ASSERT_DEATH({
+ int n = 5;
+ Foo(&n);
+ }, "Error on line .* of Foo()");
+}
+
+TEST(MyDeathTest, NormalExit) {
+ EXPECT_EXIT(NormalExit(), ::testing::ExitedWithCode(0), "Success");
+}
+
+TEST(MyDeathTest, KillMyself) {
+ EXPECT_EXIT(KillMyself(), ::testing::KilledBySignal(SIGKILL),
+ "Sending myself unblockable signal");
+}
+```
+
+verifies that:
+
+* calling `Foo(5)` causes the process to die with the given error message,
+* calling `NormalExit()` causes the process to print `"Success"` to stderr and
+ exit with exit code 0, and
+* calling `KillMyself()` kills the process with signal `SIGKILL`.
+
+The test function body may contain other assertions and statements as well, if
+necessary.
+
+### Death Test Naming
+
+IMPORTANT: We strongly recommend you to follow the convention of naming your
+**test case** (not test) `*DeathTest` when it contains a death test, as
+demonstrated in the above example. The [Death Tests And
+Threads](#death-tests-and-threads) section below explains why.
+
+If a test fixture class is shared by normal tests and death tests, you can use
+`using` or `typedef` to introduce an alias for the fixture class and avoid
+duplicating its code:
+
+```c++
+class FooTest : public ::testing::Test { ... };
+
+using FooDeathTest = FooTest;
+
+TEST_F(FooTest, DoesThis) {
+ // normal test
+}
+
+TEST_F(FooDeathTest, DoesThat) {
+ // death test
+}
+```
+
+**Availability**: Linux, Windows (requires MSVC 8.0 or above), Cygwin, and Mac
+
+### Regular Expression Syntax
+
+
+On POSIX systems (e.g. Linux, Cygwin, and Mac), googletest uses the
+[POSIX extended regular expression](http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap09.html#tag_09_04)
+syntax. To learn about this syntax, you may want to read this
+[Wikipedia entry](http://en.wikipedia.org/wiki/Regular_expression#POSIX_Extended_Regular_Expressions).
+
+On Windows, googletest uses its own simple regular expression implementation. It
+lacks many features. For example, we don't support union (`"x|y"`), grouping
+(`"(xy)"`), brackets (`"[xy]"`), and repetition count (`"x{5,7}"`), among
+others. Below is what we do support (`A` denotes a literal character, period
+(`.`), or a single `\\ ` escape sequence; `x` and `y` denote regular
+expressions.):
+
+Expression | Meaning
+---------- | --------------------------------------------------------------
+`c` | matches any literal character `c`
+`\\d` | matches any decimal digit
+`\\D` | matches any character that's not a decimal digit
+`\\f` | matches `\f`
+`\\n` | matches `\n`
+`\\r` | matches `\r`
+`\\s` | matches any ASCII whitespace, including `\n`
+`\\S` | matches any character that's not a whitespace
+`\\t` | matches `\t`
+`\\v` | matches `\v`
+`\\w` | matches any letter, `_`, or decimal digit
+`\\W` | matches any character that `\\w` doesn't match
+`\\c` | matches any literal character `c`, which must be a punctuation
+`.` | matches any single character except `\n`
+`A?` | matches 0 or 1 occurrences of `A`
+`A*` | matches 0 or many occurrences of `A`
+`A+` | matches 1 or many occurrences of `A`
+`^` | matches the beginning of a string (not that of each line)
+`$` | matches the end of a string (not that of each line)
+`xy` | matches `x` followed by `y`
+
+To help you determine which capability is available on your system, googletest
+defines macros to govern which regular expression it is using. The macros are:
+<!--absl:google3-begin(google3-only)-->`GTEST_USES_PCRE=1`, or
+<!--absl:google3-end--> `GTEST_USES_SIMPLE_RE=1` or `GTEST_USES_POSIX_RE=1`. If
+you want your death tests to work in all cases, you can either `#if` on these
+macros or use the more limited syntax only.
+
+### How It Works
+
+Under the hood, `ASSERT_EXIT()` spawns a new process and executes the death test
+statement in that process. The details of how precisely that happens depend on
+the platform and the variable ::testing::GTEST_FLAG(death_test_style) (which is
+initialized from the command-line flag `--gtest_death_test_style`).
+
+* On POSIX systems, `fork()` (or `clone()` on Linux) is used to spawn the
+ child, after which:
+ * If the variable's value is `"fast"`, the death test statement is
+ immediately executed.
+ * If the variable's value is `"threadsafe"`, the child process re-executes
+ the unit test binary just as it was originally invoked, but with some
+ extra flags to cause just the single death test under consideration to
+ be run.
+* On Windows, the child is spawned using the `CreateProcess()` API, and
+ re-executes the binary to cause just the single death test under
+ consideration to be run - much like the `threadsafe` mode on POSIX.
+
+Other values for the variable are illegal and will cause the death test to fail.
+Currently, the flag's default value is
+"fast". However, we reserve
+the right to change it in the future. Therefore, your tests should not depend on
+this. In either case, the parent process waits for the child process to
+complete, and checks that
+
+1. the child's exit status satisfies the predicate, and
+2. the child's stderr matches the regular expression.
+
+If the death test statement runs to completion without dying, the child process
+will nonetheless terminate, and the assertion fails.
+
+### Death Tests And Threads
+
+The reason for the two death test styles has to do with thread safety. Due to
+well-known problems with forking in the presence of threads, death tests should
+be run in a single-threaded context. Sometimes, however, it isn't feasible to
+arrange that kind of environment. For example, statically-initialized modules
+may start threads before main is ever reached. Once threads have been created,
+it may be difficult or impossible to clean them up.
+
+googletest has three features intended to raise awareness of threading issues.
+
+1. A warning is emitted if multiple threads are running when a death test is
+ encountered.
+2. Test cases with a name ending in "DeathTest" are run before all other tests.
+3. It uses `clone()` instead of `fork()` to spawn the child process on Linux
+ (`clone()` is not available on Cygwin and Mac), as `fork()` is more likely
+ to cause the child to hang when the parent process has multiple threads.
+
+It's perfectly fine to create threads inside a death test statement; they are
+executed in a separate process and cannot affect the parent.
+
+### Death Test Styles
+
+
+The "threadsafe" death test style was introduced in order to help mitigate the
+risks of testing in a possibly multithreaded environment. It trades increased
+test execution time (potentially dramatically so) for improved thread safety.
+
+The automated testing framework does not set the style flag. You can choose a
+particular style of death tests by setting the flag programmatically:
+
+```c++
+testing::FLAGS_gtest_death_test_style="threadsafe"
+```
+
+You can do this in `main()` to set the style for all death tests in the binary,
+or in individual tests. Recall that flags are saved before running each test and
+restored afterwards, so you need not do that yourself. For example:
+
+```c++
+int main(int argc, char** argv) {
+ InitGoogle(argv[0], &argc, &argv, true);
+ ::testing::FLAGS_gtest_death_test_style = "fast";
+ return RUN_ALL_TESTS();
+}
+
+TEST(MyDeathTest, TestOne) {
+ ::testing::FLAGS_gtest_death_test_style = "threadsafe";
+ // This test is run in the "threadsafe" style:
+ ASSERT_DEATH(ThisShouldDie(), "");
+}
+
+TEST(MyDeathTest, TestTwo) {
+ // This test is run in the "fast" style:
+ ASSERT_DEATH(ThisShouldDie(), "");
+}
+```
+
+
+### Caveats
+
+The `statement` argument of `ASSERT_EXIT()` can be any valid C++ statement. If
+it leaves the current function via a `return` statement or by throwing an
+exception, the death test is considered to have failed. Some googletest macros
+may return from the current function (e.g. `ASSERT_TRUE()`), so be sure to avoid
+them in `statement`.
+
+Since `statement` runs in the child process, any in-memory side effect (e.g.
+modifying a variable, releasing memory, etc) it causes will *not* be observable
+in the parent process. In particular, if you release memory in a death test,
+your program will fail the heap check as the parent process will never see the
+memory reclaimed. To solve this problem, you can
+
+1. try not to free memory in a death test;
+2. free the memory again in the parent process; or
+3. do not use the heap checker in your program.
+
+Due to an implementation detail, you cannot place multiple death test assertions
+on the same line; otherwise, compilation will fail with an unobvious error
+message.
+
+Despite the improved thread safety afforded by the "threadsafe" style of death
+test, thread problems such as deadlock are still possible in the presence of
+handlers registered with `pthread_atfork(3)`.
+
+
+## Using Assertions in Sub-routines
+
+### Adding Traces to Assertions
+
+If a test sub-routine is called from several places, when an assertion inside it
+fails, it can be hard to tell which invocation of the sub-routine the failure is
+from.
+You can alleviate this problem using extra logging or custom failure messages,
+but that usually clutters up your tests. A better solution is to use the
+`SCOPED_TRACE` macro or the `ScopedTrace` utility:
+
+```c++
+SCOPED_TRACE(message);
+ScopedTrace trace("file_path", line_number, message);
+```
+
+where `message` can be anything streamable to `std::ostream`. `SCOPED_TRACE`
+macro will cause the current file name, line number, and the given message to be
+added in every failure message. `ScopedTrace` accepts explicit file name and
+line number in arguments, which is useful for writing test helpers. The effect
+will be undone when the control leaves the current lexical scope.
+
+For example,
+
+```c++
+10: void Sub1(int n) {
+11: EXPECT_EQ(1, Bar(n));
+12: EXPECT_EQ(2, Bar(n + 1));
+13: }
+14:
+15: TEST(FooTest, Bar) {
+16: {
+17: SCOPED_TRACE("A"); // This trace point will be included in
+18: // every failure in this scope.
+19: Sub1(1);
+20: }
+21: // Now it won't.
+22: Sub1(9);
+23: }
+```
+
+could result in messages like these:
+
+```none
+path/to/foo_test.cc:11: Failure
+Value of: Bar(n)
+Expected: 1
+ Actual: 2
+ Trace:
+path/to/foo_test.cc:17: A
+
+path/to/foo_test.cc:12: Failure
+Value of: Bar(n + 1)
+Expected: 2
+ Actual: 3
+```
+
+Without the trace, it would've been difficult to know which invocation of
+`Sub1()` the two failures come from respectively. (You could add
+
+an extra message to each assertion in `Sub1()` to indicate the value of `n`, but
+that's tedious.)
+
+Some tips on using `SCOPED_TRACE`:
+
+1. With a suitable message, it's often enough to use `SCOPED_TRACE` at the
+ beginning of a sub-routine, instead of at each call site.
+2. When calling sub-routines inside a loop, make the loop iterator part of the
+ message in `SCOPED_TRACE` such that you can know which iteration the failure
+ is from.
+3. Sometimes the line number of the trace point is enough for identifying the
+ particular invocation of a sub-routine. In this case, you don't have to
+ choose a unique message for `SCOPED_TRACE`. You can simply use `""`.
+4. You can use `SCOPED_TRACE` in an inner scope when there is one in the outer
+ scope. In this case, all active trace points will be included in the failure
+ messages, in reverse order they are encountered.
+5. The trace dump is clickable in Emacs - hit `return` on a line number and
+ you'll be taken to that line in the source file!
+
+**Availability**: Linux, Windows, Mac.
+
+### Propagating Fatal Failures
+
+A common pitfall when using `ASSERT_*` and `FAIL*` is not understanding that
+when they fail they only abort the _current function_, not the entire test. For
+example, the following test will segfault:
+
+```c++
+void Subroutine() {
+ // Generates a fatal failure and aborts the current function.
+ ASSERT_EQ(1, 2);
+
+ // The following won't be executed.
+ ...
+}
+
+TEST(FooTest, Bar) {
+ Subroutine(); // The intended behavior is for the fatal failure
+ // in Subroutine() to abort the entire test.
+
+ // The actual behavior: the function goes on after Subroutine() returns.
+ int* p = NULL;
+ *p = 3; // Segfault!
+}
+```
+
+To alleviate this, googletest provides three different solutions. You could use
+either exceptions, the `(ASSERT|EXPECT)_NO_FATAL_FAILURE` assertions or the
+`HasFatalFailure()` function. They are described in the following two
+subsections.
+
+#### Asserting on Subroutines with an exception
+
+The following code can turn ASSERT-failure into an exception:
+
+```c++
+class ThrowListener : public testing::EmptyTestEventListener {
+ void OnTestPartResult(const testing::TestPartResult& result) override {
+ if (result.type() == testing::TestPartResult::kFatalFailure) {
+ throw testing::AssertionException(result);
+ }
+ }
+};
+int main(int argc, char** argv) {
+ ...
+ testing::UnitTest::GetInstance()->listeners().Append(new ThrowListener);
+ return RUN_ALL_TESTS();
+}
+```
+
+This listener should be added after other listeners if you have any, otherwise
+they won't see failed `OnTestPartResult`.
+
+#### Asserting on Subroutines
+
+As shown above, if your test calls a subroutine that has an `ASSERT_*` failure
+in it, the test will continue after the subroutine returns. This may not be what
+you want.
+
+Often people want fatal failures to propagate like exceptions. For that
+googletest offers the following macros:
+
+Fatal assertion | Nonfatal assertion | Verifies
+------------------------------------- | ------------------------------------- | --------
+`ASSERT_NO_FATAL_FAILURE(statement);` | `EXPECT_NO_FATAL_FAILURE(statement);` | `statement` doesn't generate any new fatal failures in the current thread.
+
+Only failures in the thread that executes the assertion are checked to determine
+the result of this type of assertions. If `statement` creates new threads,
+failures in these threads are ignored.
+
+Examples:
+
+```c++
+ASSERT_NO_FATAL_FAILURE(Foo());
+
+int i;
+EXPECT_NO_FATAL_FAILURE({
+ i = Bar();
+});
+```
+
+**Availability**: Linux, Windows, Mac. Assertions from multiple threads are
+currently not supported on Windows.
+
+#### Checking for Failures in the Current Test
+
+`HasFatalFailure()` in the `::testing::Test` class returns `true` if an
+assertion in the current test has suffered a fatal failure. This allows
+functions to catch fatal failures in a sub-routine and return early.
+
+```c++
+class Test {
+ public:
+ ...
+ static bool HasFatalFailure();
+};
+```
+
+The typical usage, which basically simulates the behavior of a thrown exception,
+is:
+
+```c++
+TEST(FooTest, Bar) {
+ Subroutine();
+ // Aborts if Subroutine() had a fatal failure.
+ if (HasFatalFailure()) return;
+
+ // The following won't be executed.
+ ...
+}
+```
+
+If `HasFatalFailure()` is used outside of `TEST()` , `TEST_F()` , or a test
+fixture, you must add the `::testing::Test::` prefix, as in:
+
+```c++
+if (::testing::Test::HasFatalFailure()) return;
+```
+
+Similarly, `HasNonfatalFailure()` returns `true` if the current test has at
+least one non-fatal failure, and `HasFailure()` returns `true` if the current
+test has at least one failure of either kind.
+
+**Availability**: Linux, Windows, Mac.
+
+## Logging Additional Information
+
+In your test code, you can call `RecordProperty("key", value)` to log additional
+information, where `value` can be either a string or an `int`. The *last* value
+recorded for a key will be emitted to the [XML output](#generating-an-xml-report) if you
+specify one. For example, the test
+
+```c++
+TEST_F(WidgetUsageTest, MinAndMaxWidgets) {
+ RecordProperty("MaximumWidgets", ComputeMaxUsage());
+ RecordProperty("MinimumWidgets", ComputeMinUsage());
+}
+```
+
+will output XML like this:
+
+```xml
+ ...
+ <testcase name="MinAndMaxWidgets" status="run" time="0.006" classname="WidgetUsageTest" MaximumWidgets="12" MinimumWidgets="9" />
+ ...
+```
+
+> NOTE:
+>
+> * `RecordProperty()` is a static member of the `Test` class. Therefore it
+> needs to be prefixed with `::testing::Test::` if used outside of the
+> `TEST` body and the test fixture class.
+> * `*key*` must be a valid XML attribute name, and cannot conflict with the
+> ones already used by googletest (`name`, `status`, `time`, `classname`,
+> `type_param`, and `value_param`).
+> * Calling `RecordProperty()` outside of the lifespan of a test is allowed.
+> If it's called outside of a test but between a test case's
+> `SetUpTestCase()` and `TearDownTestCase()` methods, it will be attributed
+> to the XML element for the test case. If it's called outside of all test
+> cases (e.g. in a test environment), it will be attributed to the top-level
+> XML element.
+
+**Availability**: Linux, Windows, Mac.
+
+## Sharing Resources Between Tests in the Same Test Case
+
+googletest creates a new test fixture object for each test in order to make
+tests independent and easier to debug. However, sometimes tests use resources
+that are expensive to set up, making the one-copy-per-test model prohibitively
+expensive.
+
+If the tests don't change the resource, there's no harm in their sharing a
+single resource copy. So, in addition to per-test set-up/tear-down, googletest
+also supports per-test-case set-up/tear-down. To use it:
+
+1. In your test fixture class (say `FooTest` ), declare as `static` some member
+ variables to hold the shared resources.
+1. Outside your test fixture class (typically just below it), define those
+ member variables, optionally giving them initial values.
+1. In the same test fixture class, define a `static void SetUpTestCase()`
+ function (remember not to spell it as **`SetupTestCase`** with a small `u`!)
+ to set up the shared resources and a `static void TearDownTestCase()`
+ function to tear them down.
+
+That's it! googletest automatically calls `SetUpTestCase()` before running the
+*first test* in the `FooTest` test case (i.e. before creating the first
+`FooTest` object), and calls `TearDownTestCase()` after running the *last test*
+in it (i.e. after deleting the last `FooTest` object). In between, the tests can
+use the shared resources.
+
+Remember that the test order is undefined, so your code can't depend on a test
+preceding or following another. Also, the tests must either not modify the state
+of any shared resource, or, if they do modify the state, they must restore the
+state to its original value before passing control to the next test.
+
+Here's an example of per-test-case set-up and tear-down:
+
+```c++
+class FooTest : public ::testing::Test {
+ protected:
+ // Per-test-case set-up.
+ // Called before the first test in this test case.
+ // Can be omitted if not needed.
+ static void SetUpTestCase() {
+ shared_resource_ = new ...;
+ }
+
+ // Per-test-case tear-down.
+ // Called after the last test in this test case.
+ // Can be omitted if not needed.
+ static void TearDownTestCase() {
+ delete shared_resource_;
+ shared_resource_ = NULL;
+ }
+
+ // You can define per-test set-up logic as usual.
+ virtual void SetUp() { ... }
+
+ // You can define per-test tear-down logic as usual.
+ virtual void TearDown() { ... }
+
+ // Some expensive resource shared by all tests.
+ static T* shared_resource_;
+};
+
+T* FooTest::shared_resource_ = NULL;
+
+TEST_F(FooTest, Test1) {
+ ... you can refer to shared_resource_ here ...
+}
+
+TEST_F(FooTest, Test2) {
+ ... you can refer to shared_resource_ here ...
+}
+```
+
+NOTE: Though the above code declares `SetUpTestCase()` protected, it may
+sometimes be necessary to declare it public, such as when using it with
+`TEST_P`.
+
+**Availability**: Linux, Windows, Mac.
+
+## Global Set-Up and Tear-Down
+
+Just as you can do set-up and tear-down at the test level and the test case
+level, you can also do it at the test program level. Here's how.
+
+First, you subclass the `::testing::Environment` class to define a test
+environment, which knows how to set-up and tear-down:
+
+```c++
+class Environment {
+ public:
+ virtual ~Environment() {}
+
+ // Override this to define how to set up the environment.
+ virtual void SetUp() {}
+
+ // Override this to define how to tear down the environment.
+ virtual void TearDown() {}
+};
+```
+
+Then, you register an instance of your environment class with googletest by
+calling the `::testing::AddGlobalTestEnvironment()` function:
+
+```c++
+Environment* AddGlobalTestEnvironment(Environment* env);
+```
+
+Now, when `RUN_ALL_TESTS()` is called, it first calls the `SetUp()` method of
+the environment object, then runs the tests if there was no fatal failures, and
+finally calls `TearDown()` of the environment object.
+
+It's OK to register multiple environment objects. In this case, their `SetUp()`
+will be called in the order they are registered, and their `TearDown()` will be
+called in the reverse order.
+
+Note that googletest takes ownership of the registered environment objects.
+Therefore **do not delete them** by yourself.
+
+You should call `AddGlobalTestEnvironment()` before `RUN_ALL_TESTS()` is called,
+probably in `main()`. If you use `gtest_main`, you need to call this before
+`main()` starts for it to take effect. One way to do this is to define a global
+variable like this:
+
+```c++
+::testing::Environment* const foo_env =
+ ::testing::AddGlobalTestEnvironment(new FooEnvironment);
+```
+
+However, we strongly recommend you to write your own `main()` and call
+`AddGlobalTestEnvironment()` there, as relying on initialization of global
+variables makes the code harder to read and may cause problems when you register
+multiple environments from different translation units and the environments have
+dependencies among them (remember that the compiler doesn't guarantee the order
+in which global variables from different translation units are initialized).
+
+## Value-Parameterized Tests
+
+*Value-parameterized tests* allow you to test your code with different
+parameters without writing multiple copies of the same test. This is useful in a
+number of situations, for example:
+
+* You have a piece of code whose behavior is affected by one or more
+ command-line flags. You want to make sure your code performs correctly for
+ various values of those flags.
+* You want to test different implementations of an OO interface.
+* You want to test your code over various inputs (a.k.a. data-driven testing).
+ This feature is easy to abuse, so please exercise your good sense when doing
+ it!
+
+### How to Write Value-Parameterized Tests
+
+To write value-parameterized tests, first you should define a fixture class. It
+must be derived from both `::testing::Test` and
+`::testing::WithParamInterface<T>` (the latter is a pure interface), where `T`
+is the type of your parameter values. For convenience, you can just derive the
+fixture class from `::testing::TestWithParam<T>`, which itself is derived from
+both `::testing::Test` and `::testing::WithParamInterface<T>`. `T` can be any
+copyable type. If it's a raw pointer, you are responsible for managing the
+lifespan of the pointed values.
+
+NOTE: If your test fixture defines `SetUpTestCase()` or `TearDownTestCase()`
+they must be declared **public** rather than **protected** in order to use
+`TEST_P`.
+
+```c++
+class FooTest :
+ public ::testing::TestWithParam<const char*> {
+ // You can implement all the usual fixture class members here.
+ // To access the test parameter, call GetParam() from class
+ // TestWithParam<T>.
+};
+
+// Or, when you want to add parameters to a pre-existing fixture class:
+class BaseTest : public ::testing::Test {
+ ...
+};
+class BarTest : public BaseTest,
+ public ::testing::WithParamInterface<const char*> {
+ ...
+};
+```
+
+Then, use the `TEST_P` macro to define as many test patterns using this fixture
+as you want. The `_P` suffix is for "parameterized" or "pattern", whichever you
+prefer to think.
+
+```c++
+TEST_P(FooTest, DoesBlah) {
+ // Inside a test, access the test parameter with the GetParam() method
+ // of the TestWithParam<T> class:
+ EXPECT_TRUE(foo.Blah(GetParam()));
+ ...
+}
+
+TEST_P(FooTest, HasBlahBlah) {
+ ...
+}
+```
+
+Finally, you can use `INSTANTIATE_TEST_CASE_P` to instantiate the test case with
+any set of parameters you want. googletest defines a number of functions for
+generating test parameters. They return what we call (surprise!) *parameter
+generators*. Here is a summary of them, which are all in the `testing`
+namespace:
+
+| Parameter Generator | Behavior |
+| ---------------------------- | ------------------------------------------- |
+| `Range(begin, end [, step])` | Yields values `{begin, begin+step, begin+step+step, ...}`. The values do not include `end`. `step` defaults to 1. |
+| `Values(v1, v2, ..., vN)` | Yields values `{v1, v2, ..., vN}`. |
+| `ValuesIn(container)` and `ValuesIn(begin,end)` | Yields values from a C-style array, an STL-style container, or an iterator range `[begin, end)`. |
+| `Bool()` | Yields sequence `{false, true}`. |
+| `Combine(g1, g2, ..., gN)` | Yields all combinations (Cartesian product) as std\:\:tuples of the values generated by the `N` generators. |
+
+For more details, see the comments at the definitions of these functions.
+
+The following statement will instantiate tests from the `FooTest` test case each
+with parameter values `"meeny"`, `"miny"`, and `"moe"`.
+
+```c++
+INSTANTIATE_TEST_CASE_P(InstantiationName,
+ FooTest,
+ ::testing::Values("meeny", "miny", "moe"));
+```
+
+NOTE: The code above must be placed at global or namespace scope, not at
+function scope.
+
+NOTE: Don't forget this step! If you do your test will silently pass, but none
+of its cases will ever run!
+
+To distinguish different instances of the pattern (yes, you can instantiate it
+more than once), the first argument to `INSTANTIATE_TEST_CASE_P` is a prefix
+that will be added to the actual test case name. Remember to pick unique
+prefixes for different instantiations. The tests from the instantiation above
+will have these names:
+
+* `InstantiationName/FooTest.DoesBlah/0` for `"meeny"`
+* `InstantiationName/FooTest.DoesBlah/1` for `"miny"`
+* `InstantiationName/FooTest.DoesBlah/2` for `"moe"`
+* `InstantiationName/FooTest.HasBlahBlah/0` for `"meeny"`
+* `InstantiationName/FooTest.HasBlahBlah/1` for `"miny"`
+* `InstantiationName/FooTest.HasBlahBlah/2` for `"moe"`
+
+You can use these names in [`--gtest_filter`](#running-a-subset-of-the-tests).
+
+This statement will instantiate all tests from `FooTest` again, each with
+parameter values `"cat"` and `"dog"`:
+
+```c++
+const char* pets[] = {"cat", "dog"};
+INSTANTIATE_TEST_CASE_P(AnotherInstantiationName, FooTest,
+ ::testing::ValuesIn(pets));
+```
+
+The tests from the instantiation above will have these names:
+
+* `AnotherInstantiationName/FooTest.DoesBlah/0` for `"cat"`
+* `AnotherInstantiationName/FooTest.DoesBlah/1` for `"dog"`
+* `AnotherInstantiationName/FooTest.HasBlahBlah/0` for `"cat"`
+* `AnotherInstantiationName/FooTest.HasBlahBlah/1` for `"dog"`
+
+Please note that `INSTANTIATE_TEST_CASE_P` will instantiate *all* tests in the
+given test case, whether their definitions come before or *after* the
+`INSTANTIATE_TEST_CASE_P` statement.
+
+You can see sample7_unittest.cc and sample8_unittest.cc for more examples.
+
+**Availability**: Linux, Windows (requires MSVC 8.0 or above), Mac
+
+### Creating Value-Parameterized Abstract Tests
+
+In the above, we define and instantiate `FooTest` in the *same* source file.
+Sometimes you may want to define value-parameterized tests in a library and let
+other people instantiate them later. This pattern is known as *abstract tests*.
+As an example of its application, when you are designing an interface you can
+write a standard suite of abstract tests (perhaps using a factory function as
+the test parameter) that all implementations of the interface are expected to
+pass. When someone implements the interface, they can instantiate your suite to
+get all the interface-conformance tests for free.
+
+To define abstract tests, you should organize your code like this:
+
+1. Put the definition of the parameterized test fixture class (e.g. `FooTest`)
+ in a header file, say `foo_param_test.h`. Think of this as *declaring* your
+ abstract tests.
+1. Put the `TEST_P` definitions in `foo_param_test.cc`, which includes
+ `foo_param_test.h`. Think of this as *implementing* your abstract tests.
+
+Once they are defined, you can instantiate them by including `foo_param_test.h`,
+invoking `INSTANTIATE_TEST_CASE_P()`, and depending on the library target that
+contains `foo_param_test.cc`. You can instantiate the same abstract test case
+multiple times, possibly in different source files.
+
+### Specifying Names for Value-Parameterized Test Parameters
+
+The optional last argument to `INSTANTIATE_TEST_CASE_P()` allows the user to
+specify a function or functor that generates custom test name suffixes based on
+the test parameters. The function should accept one argument of type
+`testing::TestParamInfo<class ParamType>`, and return `std::string`.
+
+`testing::PrintToStringParamName` is a builtin test suffix generator that
+returns the value of `testing::PrintToString(GetParam())`. It does not work for
+`std::string` or C strings.
+
+NOTE: test names must be non-empty, unique, and may only contain ASCII
+alphanumeric characters. In particular, they [should not contain
+underscores](https://g3doc.corp.google.com/third_party/googletest/googletest/g3doc/faq.md#no-underscores).
+
+```c++
+class MyTestCase : public testing::TestWithParam<int> {};
+
+TEST_P(MyTestCase, MyTest)
+{
+ std::cout << "Example Test Param: " << GetParam() << std::endl;
+}
+
+INSTANTIATE_TEST_CASE_P(MyGroup, MyTestCase, testing::Range(0, 10),
+ testing::PrintToStringParamName());
+```
+
+## Typed Tests</id>
+
+Suppose you have multiple implementations of the same interface and want to make
+sure that all of them satisfy some common requirements. Or, you may have defined
+several types that are supposed to conform to the same "concept" and you want to
+verify it. In both cases, you want the same test logic repeated for different
+types.
+
+While you can write one `TEST` or `TEST_F` for each type you want to test (and
+you may even factor the test logic into a function template that you invoke from
+the `TEST`), it's tedious and doesn't scale: if you want `m` tests over `n`
+types, you'll end up writing `m*n` `TEST`s.
+
+*Typed tests* allow you to repeat the same test logic over a list of types. You
+only need to write the test logic once, although you must know the type list
+when writing typed tests. Here's how you do it:
+
+First, define a fixture class template. It should be parameterized by a type.
+Remember to derive it from `::testing::Test`:
+
+```c++
+template <typename T>
+class FooTest : public ::testing::Test {
+ public:
+ ...
+ typedef std::list<T> List;
+ static T shared_;
+ T value_;
+};
+```
+
+Next, associate a list of types with the test case, which will be repeated for
+each type in the list:
+
+```c++
+using MyTypes = ::testing::Types<char, int, unsigned int>;
+TYPED_TEST_CASE(FooTest, MyTypes);
+```
+
+The type alias (`using` or `typedef`) is necessary for the `TYPED_TEST_CASE`
+macro to parse correctly. Otherwise the compiler will think that each comma in
+the type list introduces a new macro argument.
+
+Then, use `TYPED_TEST()` instead of `TEST_F()` to define a typed test for this
+test case. You can repeat this as many times as you want:
+
+```c++
+TYPED_TEST(FooTest, DoesBlah) {
+ // Inside a test, refer to the special name TypeParam to get the type
+ // parameter. Since we are inside a derived class template, C++ requires
+ // us to visit the members of FooTest via 'this'.
+ TypeParam n = this->value_;
+
+ // To visit static members of the fixture, add the 'TestFixture::'
+ // prefix.
+ n += TestFixture::shared_;
+
+ // To refer to typedefs in the fixture, add the 'typename TestFixture::'
+ // prefix. The 'typename' is required to satisfy the compiler.
+ typename TestFixture::List values;
+
+ values.push_back(n);
+ ...
+}
+
+TYPED_TEST(FooTest, HasPropertyA) { ... }
+```
+
+You can see sample6_unittest.cc
+
+**Availability**: Linux, Windows (requires MSVC 8.0 or above), Mac
+
+## Type-Parameterized Tests
+
+*Type-parameterized tests* are like typed tests, except that they don't require
+you to know the list of types ahead of time. Instead, you can define the test
+logic first and instantiate it with different type lists later. You can even
+instantiate it more than once in the same program.
+
+If you are designing an interface or concept, you can define a suite of
+type-parameterized tests to verify properties that any valid implementation of
+the interface/concept should have. Then, the author of each implementation can
+just instantiate the test suite with their type to verify that it conforms to
+the requirements, without having to write similar tests repeatedly. Here's an
+example:
+
+First, define a fixture class template, as we did with typed tests:
+
+```c++
+template <typename T>
+class FooTest : public ::testing::Test {
+ ...
+};
+```
+
+Next, declare that you will define a type-parameterized test case:
+
+```c++
+TYPED_TEST_CASE_P(FooTest);
+```
+
+Then, use `TYPED_TEST_P()` to define a type-parameterized test. You can repeat
+this as many times as you want:
+
+```c++
+TYPED_TEST_P(FooTest, DoesBlah) {
+ // Inside a test, refer to TypeParam to get the type parameter.
+ TypeParam n = 0;
+ ...
+}
+
+TYPED_TEST_P(FooTest, HasPropertyA) { ... }
+```
+
+Now the tricky part: you need to register all test patterns using the
+`REGISTER_TYPED_TEST_CASE_P` macro before you can instantiate them. The first
+argument of the macro is the test case name; the rest are the names of the tests
+in this test case:
+
+```c++
+REGISTER_TYPED_TEST_CASE_P(FooTest,
+ DoesBlah, HasPropertyA);
+```
+
+Finally, you are free to instantiate the pattern with the types you want. If you
+put the above code in a header file, you can `#include` it in multiple C++
+source files and instantiate it multiple times.
+
+```c++
+typedef ::testing::Types<char, int, unsigned int> MyTypes;
+INSTANTIATE_TYPED_TEST_CASE_P(My, FooTest, MyTypes);
+```
+
+To distinguish different instances of the pattern, the first argument to the
+`INSTANTIATE_TYPED_TEST_CASE_P` macro is a prefix that will be added to the
+actual test case name. Remember to pick unique prefixes for different instances.
+
+In the special case where the type list contains only one type, you can write
+that type directly without `::testing::Types<...>`, like this:
+
+```c++
+INSTANTIATE_TYPED_TEST_CASE_P(My, FooTest, int);
+```
+
+You can see `sample6_unittest.cc` for a complete example.
+
+**Availability**: Linux, Windows (requires MSVC 8.0 or above), Mac
+
+## Testing Private Code
+
+If you change your software's internal implementation, your tests should not
+break as long as the change is not observable by users. Therefore, **per the
+black-box testing principle, most of the time you should test your code through
+its public interfaces.**
+
+**If you still find yourself needing to test internal implementation code,
+consider if there's a better design.** The desire to test internal
+implementation is often a sign that the class is doing too much. Consider
+extracting an implementation class, and testing it. Then use that implementation
+class in the original class.
+
+If you absolutely have to test non-public interface code though, you can. There
+are two cases to consider:
+
+* Static functions ( *not* the same as static member functions!) or unnamed
+ namespaces, and
+* Private or protected class members
+
+To test them, we use the following special techniques:
+
+* Both static functions and definitions/declarations in an unnamed namespace
+ are only visible within the same translation unit. To test them, you can
+ `#include` the entire `.cc` file being tested in your `*_test.cc` file.
+ (including `.cc` files is not a good way to reuse code - you should not do
+ this in production code!)
+
+ However, a better approach is to move the private code into the
+ `foo::internal` namespace, where `foo` is the namespace your project
+ normally uses, and put the private declarations in a `*-internal.h` file.
+ Your production `.cc` files and your tests are allowed to include this
+ internal header, but your clients are not. This way, you can fully test your
+ internal implementation without leaking it to your clients.
+
+* Private class members are only accessible from within the class or by
+ friends. To access a class' private members, you can declare your test
+ fixture as a friend to the class and define accessors in your fixture. Tests
+ using the fixture can then access the private members of your production
+ class via the accessors in the fixture. Note that even though your fixture
+ is a friend to your production class, your tests are not automatically
+ friends to it, as they are technically defined in sub-classes of the
+ fixture.
+
+ Another way to test private members is to refactor them into an
+ implementation class, which is then declared in a `*-internal.h` file. Your
+ clients aren't allowed to include this header but your tests can. Such is
+ called the
+ [Pimpl](https://www.gamedev.net/articles/programming/general-and-gameplay-programming/the-c-pimpl-r1794/)
+ (Private Implementation) idiom.
+
+ Or, you can declare an individual test as a friend of your class by adding
+ this line in the class body:
+
+ ```c++
+ FRIEND_TEST(TestCaseName, TestName);
+ ```
+
+ For example,
+
+ ```c++
+ // foo.h
+
+ #include "gtest/gtest_prod.h"
+
+ class Foo {
+ ...
+ private:
+ FRIEND_TEST(FooTest, BarReturnsZeroOnNull);
+
+ int Bar(void* x);
+ };
+
+ // foo_test.cc
+ ...
+ TEST(FooTest, BarReturnsZeroOnNull) {
+ Foo foo;
+ EXPECT_EQ(0, foo.Bar(NULL)); // Uses Foo's private member Bar().
+ }
+ ```
+
+ Pay special attention when your class is defined in a namespace, as you
+ should define your test fixtures and tests in the same namespace if you want
+ them to be friends of your class. For example, if the code to be tested
+ looks like:
+
+ ```c++
+ namespace my_namespace {
+
+ class Foo {
+ friend class FooTest;
+ FRIEND_TEST(FooTest, Bar);
+ FRIEND_TEST(FooTest, Baz);
+ ... definition of the class Foo ...
+ };
+
+ } // namespace my_namespace
+ ```
+
+ Your test code should be something like:
+
+ ```c++
+ namespace my_namespace {
+
+ class FooTest : public ::testing::Test {
+ protected:
+ ...
+ };
+
+ TEST_F(FooTest, Bar) { ... }
+ TEST_F(FooTest, Baz) { ... }
+
+ } // namespace my_namespace
+ ```
+
+
+## "Catching" Failures
+
+If you are building a testing utility on top of googletest, you'll want to test
+your utility. What framework would you use to test it? googletest, of course.
+
+The challenge is to verify that your testing utility reports failures correctly.
+In frameworks that report a failure by throwing an exception, you could catch
+the exception and assert on it. But googletest doesn't use exceptions, so how do
+we test that a piece of code generates an expected failure?
+
+gunit-spi.h contains some constructs to do this. After #including this header,
+you can use
+
+```c++
+ EXPECT_FATAL_FAILURE(statement, substring);
+```
+
+to assert that `statement` generates a fatal (e.g. `ASSERT_*`) failure in the
+current thread whose message contains the given `substring`, or use
+
+```c++
+ EXPECT_NONFATAL_FAILURE(statement, substring);
+```
+
+if you are expecting a non-fatal (e.g. `EXPECT_*`) failure.
+
+Only failures in the current thread are checked to determine the result of this
+type of expectations. If `statement` creates new threads, failures in these
+threads are also ignored. If you want to catch failures in other threads as
+well, use one of the following macros instead:
+
+```c++
+ EXPECT_FATAL_FAILURE_ON_ALL_THREADS(statement, substring);
+ EXPECT_NONFATAL_FAILURE_ON_ALL_THREADS(statement, substring);
+```
+
+NOTE: Assertions from multiple threads are currently not supported on Windows.
+
+For technical reasons, there are some caveats:
+
+1. You cannot stream a failure message to either macro.
+
+1. `statement` in `EXPECT_FATAL_FAILURE{_ON_ALL_THREADS}()` cannot reference
+ local non-static variables or non-static members of `this` object.
+
+1. `statement` in `EXPECT_FATAL_FAILURE{_ON_ALL_THREADS}()()` cannot return a
+ value.
+
+
+## Getting the Current Test's Name
+
+Sometimes a function may need to know the name of the currently running test.
+For example, you may be using the `SetUp()` method of your test fixture to set
+the golden file name based on which test is running. The `::testing::TestInfo`
+class has this information:
+
+```c++
+namespace testing {
+
+class TestInfo {
+ public:
+ // Returns the test case name and the test name, respectively.
+ //
+ // Do NOT delete or free the return value - it's managed by the
+ // TestInfo class.
+ const char* test_case_name() const;
+ const char* name() const;
+};
+
+}
+```
+
+To obtain a `TestInfo` object for the currently running test, call
+`current_test_info()` on the `UnitTest` singleton object:
+
+```c++
+ // Gets information about the currently running test.
+ // Do NOT delete the returned object - it's managed by the UnitTest class.
+ const ::testing::TestInfo* const test_info =
+ ::testing::UnitTest::GetInstance()->current_test_info();
+
+
+
+ printf("We are in test %s of test case %s.\n",
+ test_info->name(),
+ test_info->test_case_name());
+```
+
+`current_test_info()` returns a null pointer if no test is running. In
+particular, you cannot find the test case name in `TestCaseSetUp()`,
+`TestCaseTearDown()` (where you know the test case name implicitly), or
+functions called from them.
+
+**Availability**: Linux, Windows, Mac.
+
+## Extending googletest by Handling Test Events
+
+googletest provides an **event listener API** to let you receive notifications
+about the progress of a test program and test failures. The events you can
+listen to include the start and end of the test program, a test case, or a test
+method, among others. You may use this API to augment or replace the standard
+console output, replace the XML output, or provide a completely different form
+of output, such as a GUI or a database. You can also use test events as
+checkpoints to implement a resource leak checker, for example.
+
+**Availability**: Linux, Windows, Mac.
+
+### Defining Event Listeners
+
+To define a event listener, you subclass either testing::TestEventListener or
+testing::EmptyTestEventListener The former is an (abstract) interface, where
+*each pure virtual method can be overridden to handle a test event* (For
+example, when a test starts, the `OnTestStart()` method will be called.). The
+latter provides an empty implementation of all methods in the interface, such
+that a subclass only needs to override the methods it cares about.
+
+When an event is fired, its context is passed to the handler function as an
+argument. The following argument types are used:
+
+* UnitTest reflects the state of the entire test program,
+* TestCase has information about a test case, which can contain one or more
+ tests,
+* TestInfo contains the state of a test, and
+* TestPartResult represents the result of a test assertion.
+
+An event handler function can examine the argument it receives to find out
+interesting information about the event and the test program's state.
+
+Here's an example:
+
+```c++
+ class MinimalistPrinter : public ::testing::EmptyTestEventListener {
+ // Called before a test starts.
+ virtual void OnTestStart(const ::testing::TestInfo& test_info) {
+ printf("*** Test %s.%s starting.\n",
+ test_info.test_case_name(), test_info.name());
+ }
+
+ // Called after a failed assertion or a SUCCESS().
+ virtual void OnTestPartResult(const ::testing::TestPartResult& test_part_result) {
+ printf("%s in %s:%d\n%s\n",
+ test_part_result.failed() ? "*** Failure" : "Success",
+ test_part_result.file_name(),
+ test_part_result.line_number(),
+ test_part_result.summary());
+ }
+
+ // Called after a test ends.
+ virtual void OnTestEnd(const ::testing::TestInfo& test_info) {
+ printf("*** Test %s.%s ending.\n",
+ test_info.test_case_name(), test_info.name());
+ }
+ };
+```
+
+### Using Event Listeners
+
+To use the event listener you have defined, add an instance of it to the
+googletest event listener list (represented by class TestEventListeners - note
+the "s" at the end of the name) in your `main()` function, before calling
+`RUN_ALL_TESTS()`:
+
+```c++
+int main(int argc, char** argv) {
+ ::testing::InitGoogleTest(&argc, argv);
+ // Gets hold of the event listener list.
+ ::testing::TestEventListeners& listeners =
+ ::testing::UnitTest::GetInstance()->listeners();
+ // Adds a listener to the end. googletest takes the ownership.
+ listeners.Append(new MinimalistPrinter);
+ return RUN_ALL_TESTS();
+}
+```
+
+There's only one problem: the default test result printer is still in effect, so
+its output will mingle with the output from your minimalist printer. To suppress
+the default printer, just release it from the event listener list and delete it.
+You can do so by adding one line:
+
+```c++
+ ...
+ delete listeners.Release(listeners.default_result_printer());
+ listeners.Append(new MinimalistPrinter);
+ return RUN_ALL_TESTS();
+```
+
+Now, sit back and enjoy a completely different output from your tests. For more
+details, you can read this sample9_unittest.cc
+
+You may append more than one listener to the list. When an `On*Start()` or
+`OnTestPartResult()` event is fired, the listeners will receive it in the order
+they appear in the list (since new listeners are added to the end of the list,
+the default text printer and the default XML generator will receive the event
+first). An `On*End()` event will be received by the listeners in the *reverse*
+order. This allows output by listeners added later to be framed by output from
+listeners added earlier.
+
+### Generating Failures in Listeners
+
+You may use failure-raising macros (`EXPECT_*()`, `ASSERT_*()`, `FAIL()`, etc)
+when processing an event. There are some restrictions:
+
+1. You cannot generate any failure in `OnTestPartResult()` (otherwise it will
+ cause `OnTestPartResult()` to be called recursively).
+1. A listener that handles `OnTestPartResult()` is not allowed to generate any
+ failure.
+
+When you add listeners to the listener list, you should put listeners that
+handle `OnTestPartResult()` *before* listeners that can generate failures. This
+ensures that failures generated by the latter are attributed to the right test
+by the former.
+
+We have a sample of failure-raising listener sample10_unittest.cc
+
+## Running Test Programs: Advanced Options
+
+googletest test programs are ordinary executables. Once built, you can run them
+directly and affect their behavior via the following environment variables
+and/or command line flags. For the flags to work, your programs must call
+`::testing::InitGoogleTest()` before calling `RUN_ALL_TESTS()`.
+
+To see a list of supported flags and their usage, please run your test program
+with the `--help` flag. You can also use `-h`, `-?`, or `/?` for short.
+
+If an option is specified both by an environment variable and by a flag, the
+latter takes precedence.
+
+### Selecting Tests
+
+#### Listing Test Names
+
+Sometimes it is necessary to list the available tests in a program before
+running them so that a filter may be applied if needed. Including the flag
+`--gtest_list_tests` overrides all other flags and lists tests in the following
+format:
+
+```none
+TestCase1.
+ TestName1
+ TestName2
+TestCase2.
+ TestName
+```
+
+None of the tests listed are actually run if the flag is provided. There is no
+corresponding environment variable for this flag.
+
+**Availability**: Linux, Windows, Mac.
+
+#### Running a Subset of the Tests
+
+By default, a googletest program runs all tests the user has defined. Sometimes,
+you want to run only a subset of the tests (e.g. for debugging or quickly
+verifying a change). If you set the `GTEST_FILTER` environment variable or the
+`--gtest_filter` flag to a filter string, googletest will only run the tests
+whose full names (in the form of `TestCaseName.TestName`) match the filter.
+
+The format of a filter is a '`:`'-separated list of wildcard patterns (called
+the *positive patterns*) optionally followed by a '`-`' and another
+'`:`'-separated pattern list (called the *negative patterns*). A test matches
+the filter if and only if it matches any of the positive patterns but does not
+match any of the negative patterns.
+
+A pattern may contain `'*'` (matches any string) or `'?'` (matches any single
+character). For convenience, the filter
+
+`'*-NegativePatterns'` can be also written as `'-NegativePatterns'`.
+
+For example:
+
+* `./foo_test` Has no flag, and thus runs all its tests.
+* `./foo_test --gtest_filter=*` Also runs everything, due to the single
+ match-everything `*` value.
+* `./foo_test --gtest_filter=FooTest.*` Runs everything in test case `FooTest`
+ .
+* `./foo_test --gtest_filter=*Null*:*Constructor*` Runs any test whose full
+ name contains either `"Null"` or `"Constructor"` .
+* `./foo_test --gtest_filter=-*DeathTest.*` Runs all non-death tests.
+* `./foo_test --gtest_filter=FooTest.*-FooTest.Bar` Runs everything in test
+ case `FooTest` except `FooTest.Bar`.
+* `./foo_test --gtest_filter=FooTest.*:BarTest.*-FooTest.Bar:BarTest.Foo` Runs
+ everything in test case `FooTest` except `FooTest.Bar` and everything in
+ test case `BarTest` except `BarTest.Foo`.
+
+#### Temporarily Disabling Tests
+
+If you have a broken test that you cannot fix right away, you can add the
+`DISABLED_` prefix to its name. This will exclude it from execution. This is
+better than commenting out the code or using `#if 0`, as disabled tests are
+still compiled (and thus won't rot).
+
+If you need to disable all tests in a test case, you can either add `DISABLED_`
+to the front of the name of each test, or alternatively add it to the front of
+the test case name.
+
+For example, the following tests won't be run by googletest, even though they
+will still be compiled:
+
+```c++
+// Tests that Foo does Abc.
+TEST(FooTest, DISABLED_DoesAbc) { ... }
+
+class DISABLED_BarTest : public ::testing::Test { ... };
+
+// Tests that Bar does Xyz.
+TEST_F(DISABLED_BarTest, DoesXyz) { ... }
+```
+
+NOTE: This feature should only be used for temporary pain-relief. You still have
+to fix the disabled tests at a later date. As a reminder, googletest will print
+a banner warning you if a test program contains any disabled tests.
+
+TIP: You can easily count the number of disabled tests you have using `gsearch`
+and/or `grep`. This number can be used as a metric for improving your test
+quality.
+
+**Availability**: Linux, Windows, Mac.
+
+#### Temporarily Enabling Disabled Tests
+
+To include disabled tests in test execution, just invoke the test program with
+the `--gtest_also_run_disabled_tests` flag or set the
+`GTEST_ALSO_RUN_DISABLED_TESTS` environment variable to a value other than `0`.
+You can combine this with the `--gtest_filter` flag to further select which
+disabled tests to run.
+
+**Availability**: Linux, Windows, Mac.
+
+### Repeating the Tests
+
+Once in a while you'll run into a test whose result is hit-or-miss. Perhaps it
+will fail only 1% of the time, making it rather hard to reproduce the bug under
+a debugger. This can be a major source of frustration.
+
+The `--gtest_repeat` flag allows you to repeat all (or selected) test methods in
+a program many times. Hopefully, a flaky test will eventually fail and give you
+a chance to debug. Here's how to use it:
+
+```none
+$ foo_test --gtest_repeat=1000
+Repeat foo_test 1000 times and don't stop at failures.
+
+$ foo_test --gtest_repeat=-1
+A negative count means repeating forever.
+
+$ foo_test --gtest_repeat=1000 --gtest_break_on_failure
+Repeat foo_test 1000 times, stopping at the first failure. This
+is especially useful when running under a debugger: when the test
+fails, it will drop into the debugger and you can then inspect
+variables and stacks.
+
+$ foo_test --gtest_repeat=1000 --gtest_filter=FooBar.*
+Repeat the tests whose name matches the filter 1000 times.
+```
+
+If your test program contains [global set-up/tear-down](#global-set-up-and-tear-down) code, it
+will be repeated in each iteration as well, as the flakiness may be in it. You
+can also specify the repeat count by setting the `GTEST_REPEAT` environment
+variable.
+
+**Availability**: Linux, Windows, Mac.
+
+### Shuffling the Tests
+
+You can specify the `--gtest_shuffle` flag (or set the `GTEST_SHUFFLE`
+environment variable to `1`) to run the tests in a program in a random order.
+This helps to reveal bad dependencies between tests.
+
+By default, googletest uses a random seed calculated from the current time.
+Therefore you'll get a different order every time. The console output includes
+the random seed value, such that you can reproduce an order-related test failure
+later. To specify the random seed explicitly, use the `--gtest_random_seed=SEED`
+flag (or set the `GTEST_RANDOM_SEED` environment variable), where `SEED` is an
+integer in the range [0, 99999]. The seed value 0 is special: it tells
+googletest to do the default behavior of calculating the seed from the current
+time.
+
+If you combine this with `--gtest_repeat=N`, googletest will pick a different
+random seed and re-shuffle the tests in each iteration.
+
+**Availability**: Linux, Windows, Mac.
+
+### Controlling Test Output
+
+#### Colored Terminal Output
+
+googletest can use colors in its terminal output to make it easier to spot the
+important information:
+
+...<br/>
+<span style="color:green">[----------]<span style="color:black"> 1 test from FooTest<br/>
+<span style="color:green">[ RUN ]<span style="color:black"> FooTest.DoesAbc<br/>
+<span style="color:green">[ OK ]<span style="color:black"> FooTest.DoesAbc<br/>
+<span style="color:green">[----------]<span style="color:black"> 2 tests from BarTest<br/>
+<span style="color:green">[ RUN ]<span style="color:black"> BarTest.HasXyzProperty<br/>
+<span style="color:green">[ OK ]<span style="color:black"> BarTest.HasXyzProperty<br/>
+<span style="color:green">[ RUN ]<span style="color:black"> BarTest.ReturnsTrueOnSuccess<br/>
+... some error messages ...<br/>
+<span style="color:red">[ FAILED ] <span style="color:black">BarTest.ReturnsTrueOnSuccess<br/>
+...<br/>
+<span style="color:green">[==========]<span style="color:black"> 30 tests from 14 test cases ran.<br/>
+<span style="color:green">[ PASSED ]<span style="color:black"> 28 tests.<br/>
+<span style="color:red">[ FAILED ]<span style="color:black"> 2 tests, listed below:<br/>
+<span style="color:red">[ FAILED ]<span style="color:black"> BarTest.ReturnsTrueOnSuccess<br/>
+<span style="color:red">[ FAILED ]<span style="color:black"> AnotherTest.DoesXyz<br/>
+ 2 FAILED TESTS
+
+You can set the `GTEST_COLOR` environment variable or the `--gtest_color`
+command line flag to `yes`, `no`, or `auto` (the default) to enable colors,
+disable colors, or let googletest decide. When the value is `auto`, googletest
+will use colors if and only if the output goes to a terminal and (on non-Windows
+platforms) the `TERM` environment variable is set to `xterm` or `xterm-color`.
+
+ **Availability**: Linux, Windows, Mac.
+
+#### Suppressing the Elapsed Time
+
+By default, googletest prints the time it takes to run each test. To disable
+that, run the test program with the `--gtest_print_time=0` command line flag, or
+set the GTEST_PRINT_TIME environment variable to `0`.
+
+**Availability**: Linux, Windows, Mac.
+
+#### Suppressing UTF-8 Text Output
+
+In case of assertion failures, googletest prints expected and actual values of
+type `string` both as hex-encoded strings as well as in readable UTF-8 text if
+they contain valid non-ASCII UTF-8 characters. If you want to suppress the UTF-8
+text because, for example, you don't have an UTF-8 compatible output medium, run
+the test program with `--gtest_print_utf8=0` or set the `GTEST_PRINT_UTF8`
+environment variable to `0`.
+
+**Availability**: Linux, Windows, Mac.
+
+
+#### Generating an XML Report
+
+googletest can emit a detailed XML report to a file in addition to its normal
+textual output. The report contains the duration of each test, and thus can help
+you identify slow tests. The report is also used by the http://unittest
+dashboard to show per-test-method error messages.
+
+To generate the XML report, set the `GTEST_OUTPUT` environment variable or the
+`--gtest_output` flag to the string `"xml:path_to_output_file"`, which will
+create the file at the given location. You can also just use the string `"xml"`,
+in which case the output can be found in the `test_detail.xml` file in the
+current directory.
+
+If you specify a directory (for example, `"xml:output/directory/"` on Linux or
+`"xml:output\directory\"` on Windows), googletest will create the XML file in
+that directory, named after the test executable (e.g. `foo_test.xml` for test
+program `foo_test` or `foo_test.exe`). If the file already exists (perhaps left
+over from a previous run), googletest will pick a different name (e.g.
+`foo_test_1.xml`) to avoid overwriting it.
+
+
+The report is based on the `junitreport` Ant task. Since that format was
+originally intended for Java, a little interpretation is required to make it
+apply to googletest tests, as shown here:
+
+```xml
+<testsuites name="AllTests" ...>
+ <testsuite name="test_case_name" ...>
+ <testcase name="test_name" ...>
+ <failure message="..."/>
+ <failure message="..."/>
+ <failure message="..."/>
+ </testcase>
+ </testsuite>
+</testsuites>
+```
+
+* The root `<testsuites>` element corresponds to the entire test program.
+* `<testsuite>` elements correspond to googletest test cases.
+* `<testcase>` elements correspond to googletest test functions.
+
+For instance, the following program
+
+```c++
+TEST(MathTest, Addition) { ... }
+TEST(MathTest, Subtraction) { ... }
+TEST(LogicTest, NonContradiction) { ... }
+```
+
+could generate this report:
+
+```xml
+<?xml version="1.0" encoding="UTF-8"?>
+<testsuites tests="3" failures="1" errors="0" time="0.035" timestamp="2011-10-31T18:52:42" name="AllTests">
+ <testsuite name="MathTest" tests="2" failures="1" errors="0" time="0.015">
+ <testcase name="Addition" status="run" time="0.007" classname="">
+ <failure message="Value of: add(1, 1)
 Actual: 3
Expected: 2" type="">...</failure>
+ <failure message="Value of: add(1, -1)
 Actual: 1
Expected: 0" type="">...</failure>
+ </testcase>
+ <testcase name="Subtraction" status="run" time="0.005" classname="">
+ </testcase>
+ </testsuite>
+ <testsuite name="LogicTest" tests="1" failures="0" errors="0" time="0.005">
+ <testcase name="NonContradiction" status="run" time="0.005" classname="">
+ </testcase>
+ </testsuite>
+</testsuites>
+```
+
+Things to note:
+
+* The `tests` attribute of a `<testsuites>` or `<testsuite>` element tells how
+ many test functions the googletest program or test case contains, while the
+ `failures` attribute tells how many of them failed.
+
+* The `time` attribute expresses the duration of the test, test case, or
+ entire test program in seconds.
+
+* The `timestamp` attribute records the local date and time of the test
+ execution.
+
+* Each `<failure>` element corresponds to a single failed googletest
+ assertion.
+
+**Availability**: Linux, Windows, Mac.
+
+#### Generating an JSON Report
+
+googletest can also emit a JSON report as an alternative format to XML. To
+generate the JSON report, set the `GTEST_OUTPUT` environment variable or the
+`--gtest_output` flag to the string `"json:path_to_output_file"`, which will
+create the file at the given location. You can also just use the string
+`"json"`, in which case the output can be found in the `test_detail.json` file
+in the current directory.
+
+The report format conforms to the following JSON Schema:
+
+```json
+{
+ "$schema": "http://json-schema.org/schema#",
+ "type": "object",
+ "definitions": {
+ "TestCase": {
+ "type": "object",
+ "properties": {
+ "name": { "type": "string" },
+ "tests": { "type": "integer" },
+ "failures": { "type": "integer" },
+ "disabled": { "type": "integer" },
+ "time": { "type": "string" },
+ "testsuite": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/TestInfo"
+ }
+ }
+ }
+ },
+ "TestInfo": {
+ "type": "object",
+ "properties": {
+ "name": { "type": "string" },
+ "status": {
+ "type": "string",
+ "enum": ["RUN", "NOTRUN"]
+ },
+ "time": { "type": "string" },
+ "classname": { "type": "string" },
+ "failures": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/Failure"
+ }
+ }
+ }
+ },
+ "Failure": {
+ "type": "object",
+ "properties": {
+ "failures": { "type": "string" },
+ "type": { "type": "string" }
+ }
+ }
+ },
+ "properties": {
+ "tests": { "type": "integer" },
+ "failures": { "type": "integer" },
+ "disabled": { "type": "integer" },
+ "errors": { "type": "integer" },
+ "timestamp": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "time": { "type": "string" },
+ "name": { "type": "string" },
+ "testsuites": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/TestCase"
+ }
+ }
+ }
+}
+```
+
+The report uses the format that conforms to the following Proto3 using the [JSON
+encoding](https://developers.google.com/protocol-buffers/docs/proto3#json):
+
+```proto
+syntax = "proto3";
+
+package googletest;
+
+import "google/protobuf/timestamp.proto";
+import "google/protobuf/duration.proto";
+
+message UnitTest {
+ int32 tests = 1;
+ int32 failures = 2;
+ int32 disabled = 3;
+ int32 errors = 4;
+ google.protobuf.Timestamp timestamp = 5;
+ google.protobuf.Duration time = 6;
+ string name = 7;
+ repeated TestCase testsuites = 8;
+}
+
+message TestCase {
+ string name = 1;
+ int32 tests = 2;
+ int32 failures = 3;
+ int32 disabled = 4;
+ int32 errors = 5;
+ google.protobuf.Duration time = 6;
+ repeated TestInfo testsuite = 7;
+}
+
+message TestInfo {
+ string name = 1;
+ enum Status {
+ RUN = 0;
+ NOTRUN = 1;
+ }
+ Status status = 2;
+ google.protobuf.Duration time = 3;
+ string classname = 4;
+ message Failure {
+ string failures = 1;
+ string type = 2;
+ }
+ repeated Failure failures = 5;
+}
+```
+
+For instance, the following program
+
+```c++
+TEST(MathTest, Addition) { ... }
+TEST(MathTest, Subtraction) { ... }
+TEST(LogicTest, NonContradiction) { ... }
+```
+
+could generate this report:
+
+```json
+{
+ "tests": 3,
+ "failures": 1,
+ "errors": 0,
+ "time": "0.035s",
+ "timestamp": "2011-10-31T18:52:42Z"
+ "name": "AllTests",
+ "testsuites": [
+ {
+ "name": "MathTest",
+ "tests": 2,
+ "failures": 1,
+ "errors": 0,
+ "time": "0.015s",
+ "testsuite": [
+ {
+ "name": "Addition",
+ "status": "RUN",
+ "time": "0.007s",
+ "classname": "",
+ "failures": [
+ {
+ "message": "Value of: add(1, 1)\x0A Actual: 3\x0AExpected: 2",
+ "type": ""
+ },
+ {
+ "message": "Value of: add(1, -1)\x0A Actual: 1\x0AExpected: 0",
+ "type": ""
+ }
+ ]
+ },
+ {
+ "name": "Subtraction",
+ "status": "RUN",
+ "time": "0.005s",
+ "classname": ""
+ }
+ ]
+ }
+ {
+ "name": "LogicTest",
+ "tests": 1,
+ "failures": 0,
+ "errors": 0,
+ "time": "0.005s",
+ "testsuite": [
+ {
+ "name": "NonContradiction",
+ "status": "RUN",
+ "time": "0.005s",
+ "classname": ""
+ }
+ ]
+ }
+ ]
+}
+```
+
+IMPORTANT: The exact format of the JSON document is subject to change.
+
+**Availability**: Linux, Windows, Mac.
+
+### Controlling How Failures Are Reported
+
+#### Turning Assertion Failures into Break-Points
+
+When running test programs under a debugger, it's very convenient if the
+debugger can catch an assertion failure and automatically drop into interactive
+mode. googletest's *break-on-failure* mode supports this behavior.
+
+To enable it, set the `GTEST_BREAK_ON_FAILURE` environment variable to a value
+other than `0` . Alternatively, you can use the `--gtest_break_on_failure`
+command line flag.
+
+**Availability**: Linux, Windows, Mac.
+
+#### Disabling Catching Test-Thrown Exceptions
+
+googletest can be used either with or without exceptions enabled. If a test
+throws a C++ exception or (on Windows) a structured exception (SEH), by default
+googletest catches it, reports it as a test failure, and continues with the next
+test method. This maximizes the coverage of a test run. Also, on Windows an
+uncaught exception will cause a pop-up window, so catching the exceptions allows
+you to run the tests automatically.
+
+When debugging the test failures, however, you may instead want the exceptions
+to be handled by the debugger, such that you can examine the call stack when an
+exception is thrown. To achieve that, set the `GTEST_CATCH_EXCEPTIONS`
+environment variable to `0`, or use the `--gtest_catch_exceptions=0` flag when
+running the tests.
+
+**Availability**: Linux, Windows, Mac.
+
diff --git a/security/nss/gtests/google_test/gtest/docs/faq.md b/security/nss/gtests/google_test/gtest/docs/faq.md
new file mode 100644
index 000000000..7d42ff7db
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/docs/faq.md
@@ -0,0 +1,770 @@
+# Googletest FAQ
+
+
+## Why should test case names and test names not contain underscore?
+
+Underscore (`_`) is special, as C++ reserves the following to be used by the
+compiler and the standard library:
+
+1. any identifier that starts with an `_` followed by an upper-case letter, and
+1. any identifier that contains two consecutive underscores (i.e. `__`)
+ *anywhere* in its name.
+
+User code is *prohibited* from using such identifiers.
+
+Now let's look at what this means for `TEST` and `TEST_F`.
+
+Currently `TEST(TestCaseName, TestName)` generates a class named
+`TestCaseName_TestName_Test`. What happens if `TestCaseName` or `TestName`
+contains `_`?
+
+1. If `TestCaseName` starts with an `_` followed by an upper-case letter (say,
+ `_Foo`), we end up with `_Foo_TestName_Test`, which is reserved and thus
+ invalid.
+1. If `TestCaseName` ends with an `_` (say, `Foo_`), we get
+ `Foo__TestName_Test`, which is invalid.
+1. If `TestName` starts with an `_` (say, `_Bar`), we get
+ `TestCaseName__Bar_Test`, which is invalid.
+1. If `TestName` ends with an `_` (say, `Bar_`), we get
+ `TestCaseName_Bar__Test`, which is invalid.
+
+So clearly `TestCaseName` and `TestName` cannot start or end with `_` (Actually,
+`TestCaseName` can start with `_` -- as long as the `_` isn't followed by an
+upper-case letter. But that's getting complicated. So for simplicity we just say
+that it cannot start with `_`.).
+
+It may seem fine for `TestCaseName` and `TestName` to contain `_` in the middle.
+However, consider this:
+
+```c++
+TEST(Time, Flies_Like_An_Arrow) { ... }
+TEST(Time_Flies, Like_An_Arrow) { ... }
+```
+
+Now, the two `TEST`s will both generate the same class
+(`Time_Flies_Like_An_Arrow_Test`). That's not good.
+
+So for simplicity, we just ask the users to avoid `_` in `TestCaseName` and
+`TestName`. The rule is more constraining than necessary, but it's simple and
+easy to remember. It also gives googletest some wiggle room in case its
+implementation needs to change in the future.
+
+If you violate the rule, there may not be immediate consequences, but your test
+may (just may) break with a new compiler (or a new version of the compiler you
+are using) or with a new version of googletest. Therefore it's best to follow
+the rule.
+
+## Why does googletest support `EXPECT_EQ(NULL, ptr)` and `ASSERT_EQ(NULL, ptr)` but not `EXPECT_NE(NULL, ptr)` and `ASSERT_NE(NULL, ptr)`?
+
+First of all you can use `EXPECT_NE(nullptr, ptr)` and `ASSERT_NE(nullptr,
+ptr)`. This is the preferred syntax in the style guide because nullptr does not
+have the type problems that NULL does. Which is why NULL does not work.
+
+Due to some peculiarity of C++, it requires some non-trivial template meta
+programming tricks to support using `NULL` as an argument of the `EXPECT_XX()`
+and `ASSERT_XX()` macros. Therefore we only do it where it's most needed
+(otherwise we make the implementation of googletest harder to maintain and more
+error-prone than necessary).
+
+The `EXPECT_EQ()` macro takes the *expected* value as its first argument and the
+*actual* value as the second. It's reasonable that someone wants to write
+`EXPECT_EQ(NULL, some_expression)`, and this indeed was requested several times.
+Therefore we implemented it.
+
+The need for `EXPECT_NE(NULL, ptr)` isn't nearly as strong. When the assertion
+fails, you already know that `ptr` must be `NULL`, so it doesn't add any
+information to print `ptr` in this case. That means `EXPECT_TRUE(ptr != NULL)`
+works just as well.
+
+If we were to support `EXPECT_NE(NULL, ptr)`, for consistency we'll have to
+support `EXPECT_NE(ptr, NULL)` as well, as unlike `EXPECT_EQ`, we don't have a
+convention on the order of the two arguments for `EXPECT_NE`. This means using
+the template meta programming tricks twice in the implementation, making it even
+harder to understand and maintain. We believe the benefit doesn't justify the
+cost.
+
+Finally, with the growth of the gMock matcher library, we are encouraging people
+to use the unified `EXPECT_THAT(value, matcher)` syntax more often in tests. One
+significant advantage of the matcher approach is that matchers can be easily
+combined to form new matchers, while the `EXPECT_NE`, etc, macros cannot be
+easily combined. Therefore we want to invest more in the matchers than in the
+`EXPECT_XX()` macros.
+
+## I need to test that different implementations of an interface satisfy some common requirements. Should I use typed tests or value-parameterized tests?
+
+For testing various implementations of the same interface, either typed tests or
+value-parameterized tests can get it done. It's really up to you the user to
+decide which is more convenient for you, depending on your particular case. Some
+rough guidelines:
+
+* Typed tests can be easier to write if instances of the different
+ implementations can be created the same way, modulo the type. For example,
+ if all these implementations have a public default constructor (such that
+ you can write `new TypeParam`), or if their factory functions have the same
+ form (e.g. `CreateInstance<TypeParam>()`).
+* Value-parameterized tests can be easier to write if you need different code
+ patterns to create different implementations' instances, e.g. `new Foo` vs
+ `new Bar(5)`. To accommodate for the differences, you can write factory
+ function wrappers and pass these function pointers to the tests as their
+ parameters.
+* When a typed test fails, the output includes the name of the type, which can
+ help you quickly identify which implementation is wrong. Value-parameterized
+ tests cannot do this, so there you'll have to look at the iteration number
+ to know which implementation the failure is from, which is less direct.
+* If you make a mistake writing a typed test, the compiler errors can be
+ harder to digest, as the code is templatized.
+* When using typed tests, you need to make sure you are testing against the
+ interface type, not the concrete types (in other words, you want to make
+ sure `implicit_cast<MyInterface*>(my_concrete_impl)` works, not just that
+ `my_concrete_impl` works). It's less likely to make mistakes in this area
+ when using value-parameterized tests.
+
+I hope I didn't confuse you more. :-) If you don't mind, I'd suggest you to give
+both approaches a try. Practice is a much better way to grasp the subtle
+differences between the two tools. Once you have some concrete experience, you
+can much more easily decide which one to use the next time.
+
+## My death tests became very slow - what happened?
+
+In August 2008 we had to switch the default death test style from `fast` to
+`threadsafe`, as the former is no longer safe now that threaded logging is the
+default. This caused many death tests to slow down. Unfortunately this change
+was necessary.
+
+Please read [Fixing Failing Death Tests](death_test_styles.md) for what you can
+do.
+
+## I got some run-time errors about invalid proto descriptors when using `ProtocolMessageEquals`. Help!
+
+**Note:** `ProtocolMessageEquals` and `ProtocolMessageEquiv` are *deprecated*
+now. Please use `EqualsProto`, etc instead.
+
+`ProtocolMessageEquals` and `ProtocolMessageEquiv` were redefined recently and
+are now less tolerant on invalid protocol buffer definitions. In particular, if
+you have a `foo.proto` that doesn't fully qualify the type of a protocol message
+it references (e.g. `message<Bar>` where it should be `message<blah.Bar>`), you
+will now get run-time errors like:
+
+```
+... descriptor.cc:...] Invalid proto descriptor for file "path/to/foo.proto":
+... descriptor.cc:...] blah.MyMessage.my_field: ".Bar" is not defined.
+```
+
+If you see this, your `.proto` file is broken and needs to be fixed by making
+the types fully qualified. The new definition of `ProtocolMessageEquals` and
+`ProtocolMessageEquiv` just happen to reveal your bug.
+
+## My death test modifies some state, but the change seems lost after the death test finishes. Why?
+
+Death tests (`EXPECT_DEATH`, etc) are executed in a sub-process s.t. the
+expected crash won't kill the test program (i.e. the parent process). As a
+result, any in-memory side effects they incur are observable in their respective
+sub-processes, but not in the parent process. You can think of them as running
+in a parallel universe, more or less.
+
+In particular, if you use [gMock](../../googlemock) and the death test statement
+invokes some mock methods, the parent process will think the calls have never
+occurred. Therefore, you may want to move your `EXPECT_CALL` statements inside
+the `EXPECT_DEATH` macro.
+
+## EXPECT_EQ(htonl(blah), blah_blah) generates weird compiler errors in opt mode. Is this a googletest bug?
+
+Actually, the bug is in `htonl()`.
+
+According to `'man htonl'`, `htonl()` is a *function*, which means it's valid to
+use `htonl` as a function pointer. However, in opt mode `htonl()` is defined as
+a *macro*, which breaks this usage.
+
+Worse, the macro definition of `htonl()` uses a `gcc` extension and is *not*
+standard C++. That hacky implementation has some ad hoc limitations. In
+particular, it prevents you from writing `Foo<sizeof(htonl(x))>()`, where `Foo`
+is a template that has an integral argument.
+
+The implementation of `EXPECT_EQ(a, b)` uses `sizeof(... a ...)` inside a
+template argument, and thus doesn't compile in opt mode when `a` contains a call
+to `htonl()`. It is difficult to make `EXPECT_EQ` bypass the `htonl()` bug, as
+the solution must work with different compilers on various platforms.
+
+`htonl()` has some other problems as described in `//util/endian/endian.h`,
+which defines `ghtonl()` to replace it. `ghtonl()` does the same thing `htonl()`
+does, only without its problems. We suggest you to use `ghtonl()` instead of
+`htonl()`, both in your tests and production code.
+
+`//util/endian/endian.h` also defines `ghtons()`, which solves similar problems
+in `htons()`.
+
+Don't forget to add `//util/endian` to the list of dependencies in the `BUILD`
+file wherever `ghtonl()` and `ghtons()` are used. The library consists of a
+single header file and will not bloat your binary.
+
+## The compiler complains about "undefined references" to some static const member variables, but I did define them in the class body. What's wrong?
+
+If your class has a static data member:
+
+```c++
+// foo.h
+class Foo {
+ ...
+ static const int kBar = 100;
+};
+```
+
+You also need to define it *outside* of the class body in `foo.cc`:
+
+```c++
+const int Foo::kBar; // No initializer here.
+```
+
+Otherwise your code is **invalid C++**, and may break in unexpected ways. In
+particular, using it in googletest comparison assertions (`EXPECT_EQ`, etc) will
+generate an "undefined reference" linker error. The fact that "it used to work"
+doesn't mean it's valid. It just means that you were lucky. :-)
+
+## Can I derive a test fixture from another?
+
+Yes.
+
+Each test fixture has a corresponding and same named test case. This means only
+one test case can use a particular fixture. Sometimes, however, multiple test
+cases may want to use the same or slightly different fixtures. For example, you
+may want to make sure that all of a GUI library's test cases don't leak
+important system resources like fonts and brushes.
+
+In googletest, you share a fixture among test cases by putting the shared logic
+in a base test fixture, then deriving from that base a separate fixture for each
+test case that wants to use this common logic. You then use `TEST_F()` to write
+tests using each derived fixture.
+
+Typically, your code looks like this:
+
+```c++
+// Defines a base test fixture.
+class BaseTest : public ::testing::Test {
+ protected:
+ ...
+};
+
+// Derives a fixture FooTest from BaseTest.
+class FooTest : public BaseTest {
+ protected:
+ void SetUp() override {
+ BaseTest::SetUp(); // Sets up the base fixture first.
+ ... additional set-up work ...
+ }
+
+ void TearDown() override {
+ ... clean-up work for FooTest ...
+ BaseTest::TearDown(); // Remember to tear down the base fixture
+ // after cleaning up FooTest!
+ }
+
+ ... functions and variables for FooTest ...
+};
+
+// Tests that use the fixture FooTest.
+TEST_F(FooTest, Bar) { ... }
+TEST_F(FooTest, Baz) { ... }
+
+... additional fixtures derived from BaseTest ...
+```
+
+If necessary, you can continue to derive test fixtures from a derived fixture.
+googletest has no limit on how deep the hierarchy can be.
+
+For a complete example using derived test fixtures, see [googletest
+sample](https://github.com/google/googletest/blob/master/googletest/samples/sample5_unittest.cc)
+
+## My compiler complains "void value not ignored as it ought to be." What does this mean?
+
+You're probably using an `ASSERT_*()` in a function that doesn't return `void`.
+`ASSERT_*()` can only be used in `void` functions, due to exceptions being
+disabled by our build system. Please see more details
+[here](advanced.md#assertion-placement).
+
+## My death test hangs (or seg-faults). How do I fix it?
+
+In googletest, death tests are run in a child process and the way they work is
+delicate. To write death tests you really need to understand how they work.
+Please make sure you have read [this](advanced.md#how-it-works).
+
+In particular, death tests don't like having multiple threads in the parent
+process. So the first thing you can try is to eliminate creating threads outside
+of `EXPECT_DEATH()`. For example, you may want to use [mocks](../../googlemock)
+or fake objects instead of real ones in your tests.
+
+Sometimes this is impossible as some library you must use may be creating
+threads before `main()` is even reached. In this case, you can try to minimize
+the chance of conflicts by either moving as many activities as possible inside
+`EXPECT_DEATH()` (in the extreme case, you want to move everything inside), or
+leaving as few things as possible in it. Also, you can try to set the death test
+style to `"threadsafe"`, which is safer but slower, and see if it helps.
+
+If you go with thread-safe death tests, remember that they rerun the test
+program from the beginning in the child process. Therefore make sure your
+program can run side-by-side with itself and is deterministic.
+
+In the end, this boils down to good concurrent programming. You have to make
+sure that there is no race conditions or dead locks in your program. No silver
+bullet - sorry!
+
+## Should I use the constructor/destructor of the test fixture or SetUp()/TearDown()?
+
+The first thing to remember is that googletest does **not** reuse the same test
+fixture object across multiple tests. For each `TEST_F`, googletest will create
+a **fresh** test fixture object, immediately call `SetUp()`, run the test body,
+call `TearDown()`, and then delete the test fixture object.
+
+When you need to write per-test set-up and tear-down logic, you have the choice
+between using the test fixture constructor/destructor or `SetUp()/TearDown()`.
+The former is usually preferred, as it has the following benefits:
+
+* By initializing a member variable in the constructor, we have the option to
+ make it `const`, which helps prevent accidental changes to its value and
+ makes the tests more obviously correct.
+* In case we need to subclass the test fixture class, the subclass'
+ constructor is guaranteed to call the base class' constructor *first*, and
+ the subclass' destructor is guaranteed to call the base class' destructor
+ *afterward*. With `SetUp()/TearDown()`, a subclass may make the mistake of
+ forgetting to call the base class' `SetUp()/TearDown()` or call them at the
+ wrong time.
+
+You may still want to use `SetUp()/TearDown()` in the following rare cases:
+
+* In the body of a constructor (or destructor), it's not possible to use the
+ `ASSERT_xx` macros. Therefore, if the set-up operation could cause a fatal
+ test failure that should prevent the test from running, it's necessary to
+ use a `CHECK` macro or to use `SetUp()` instead of a constructor.
+* If the tear-down operation could throw an exception, you must use
+ `TearDown()` as opposed to the destructor, as throwing in a destructor leads
+ to undefined behavior and usually will kill your program right away. Note
+ that many standard libraries (like STL) may throw when exceptions are
+ enabled in the compiler. Therefore you should prefer `TearDown()` if you
+ want to write portable tests that work with or without exceptions.
+* The googletest team is considering making the assertion macros throw on
+ platforms where exceptions are enabled (e.g. Windows, Mac OS, and Linux
+ client-side), which will eliminate the need for the user to propagate
+ failures from a subroutine to its caller. Therefore, you shouldn't use
+ googletest assertions in a destructor if your code could run on such a
+ platform.
+* In a constructor or destructor, you cannot make a virtual function call on
+ this object. (You can call a method declared as virtual, but it will be
+ statically bound.) Therefore, if you need to call a method that will be
+ overridden in a derived class, you have to use `SetUp()/TearDown()`.
+
+
+## The compiler complains "no matching function to call" when I use ASSERT_PRED*. How do I fix it?
+
+If the predicate function you use in `ASSERT_PRED*` or `EXPECT_PRED*` is
+overloaded or a template, the compiler will have trouble figuring out which
+overloaded version it should use. `ASSERT_PRED_FORMAT*` and
+`EXPECT_PRED_FORMAT*` don't have this problem.
+
+If you see this error, you might want to switch to
+`(ASSERT|EXPECT)_PRED_FORMAT*`, which will also give you a better failure
+message. If, however, that is not an option, you can resolve the problem by
+explicitly telling the compiler which version to pick.
+
+For example, suppose you have
+
+```c++
+bool IsPositive(int n) {
+ return n > 0;
+}
+
+bool IsPositive(double x) {
+ return x > 0;
+}
+```
+
+you will get a compiler error if you write
+
+```c++
+EXPECT_PRED1(IsPositive, 5);
+```
+
+However, this will work:
+
+```c++
+EXPECT_PRED1(static_cast<bool (*)(int)>(IsPositive), 5);
+```
+
+(The stuff inside the angled brackets for the `static_cast` operator is the type
+of the function pointer for the `int`-version of `IsPositive()`.)
+
+As another example, when you have a template function
+
+```c++
+template <typename T>
+bool IsNegative(T x) {
+ return x < 0;
+}
+```
+
+you can use it in a predicate assertion like this:
+
+```c++
+ASSERT_PRED1(IsNegative<int>, -5);
+```
+
+Things are more interesting if your template has more than one parameters. The
+following won't compile:
+
+```c++
+ASSERT_PRED2(GreaterThan<int, int>, 5, 0);
+```
+
+as the C++ pre-processor thinks you are giving `ASSERT_PRED2` 4 arguments, which
+is one more than expected. The workaround is to wrap the predicate function in
+parentheses:
+
+```c++
+ASSERT_PRED2((GreaterThan<int, int>), 5, 0);
+```
+
+
+## My compiler complains about "ignoring return value" when I call RUN_ALL_TESTS(). Why?
+
+Some people had been ignoring the return value of `RUN_ALL_TESTS()`. That is,
+instead of
+
+```c++
+ return RUN_ALL_TESTS();
+```
+
+they write
+
+```c++
+ RUN_ALL_TESTS();
+```
+
+This is **wrong and dangerous**. The testing services needs to see the return
+value of `RUN_ALL_TESTS()` in order to determine if a test has passed. If your
+`main()` function ignores it, your test will be considered successful even if it
+has a googletest assertion failure. Very bad.
+
+We have decided to fix this (thanks to Michael Chastain for the idea). Now, your
+code will no longer be able to ignore `RUN_ALL_TESTS()` when compiled with
+`gcc`. If you do so, you'll get a compiler error.
+
+If you see the compiler complaining about you ignoring the return value of
+`RUN_ALL_TESTS()`, the fix is simple: just make sure its value is used as the
+return value of `main()`.
+
+But how could we introduce a change that breaks existing tests? Well, in this
+case, the code was already broken in the first place, so we didn't break it. :-)
+
+## My compiler complains that a constructor (or destructor) cannot return a value. What's going on?
+
+Due to a peculiarity of C++, in order to support the syntax for streaming
+messages to an `ASSERT_*`, e.g.
+
+```c++
+ ASSERT_EQ(1, Foo()) << "blah blah" << foo;
+```
+
+we had to give up using `ASSERT*` and `FAIL*` (but not `EXPECT*` and
+`ADD_FAILURE*`) in constructors and destructors. The workaround is to move the
+content of your constructor/destructor to a private void member function, or
+switch to `EXPECT_*()` if that works. This
+[section](advanced.md#assertion-placement) in the user's guide explains it.
+
+## My SetUp() function is not called. Why?
+
+C++ is case-sensitive. Did you spell it as `Setup()`?
+
+Similarly, sometimes people spell `SetUpTestCase()` as `SetupTestCase()` and
+wonder why it's never called.
+
+## How do I jump to the line of a failure in Emacs directly?
+
+googletest's failure message format is understood by Emacs and many other IDEs,
+like acme and XCode. If a googletest message is in a compilation buffer in
+Emacs, then it's clickable.
+
+
+## I have several test cases which share the same test fixture logic, do I have to define a new test fixture class for each of them? This seems pretty tedious.
+
+You don't have to. Instead of
+
+```c++
+class FooTest : public BaseTest {};
+
+TEST_F(FooTest, Abc) { ... }
+TEST_F(FooTest, Def) { ... }
+
+class BarTest : public BaseTest {};
+
+TEST_F(BarTest, Abc) { ... }
+TEST_F(BarTest, Def) { ... }
+```
+
+you can simply `typedef` the test fixtures:
+
+```c++
+typedef BaseTest FooTest;
+
+TEST_F(FooTest, Abc) { ... }
+TEST_F(FooTest, Def) { ... }
+
+typedef BaseTest BarTest;
+
+TEST_F(BarTest, Abc) { ... }
+TEST_F(BarTest, Def) { ... }
+```
+
+## googletest output is buried in a whole bunch of LOG messages. What do I do?
+
+The googletest output is meant to be a concise and human-friendly report. If
+your test generates textual output itself, it will mix with the googletest
+output, making it hard to read. However, there is an easy solution to this
+problem.
+
+Since `LOG` messages go to stderr, we decided to let googletest output go to
+stdout. This way, you can easily separate the two using redirection. For
+example:
+
+```shell
+$ ./my_test > gtest_output.txt
+```
+
+
+## Why should I prefer test fixtures over global variables?
+
+There are several good reasons:
+
+1. It's likely your test needs to change the states of its global variables.
+ This makes it difficult to keep side effects from escaping one test and
+ contaminating others, making debugging difficult. By using fixtures, each
+ test has a fresh set of variables that's different (but with the same
+ names). Thus, tests are kept independent of each other.
+1. Global variables pollute the global namespace.
+1. Test fixtures can be reused via subclassing, which cannot be done easily
+ with global variables. This is useful if many test cases have something in
+ common.
+
+
+ ## What can the statement argument in ASSERT_DEATH() be?
+
+`ASSERT_DEATH(*statement*, *regex*)` (or any death assertion macro) can be used
+wherever `*statement*` is valid. So basically `*statement*` can be any C++
+statement that makes sense in the current context. In particular, it can
+reference global and/or local variables, and can be:
+
+* a simple function call (often the case),
+* a complex expression, or
+* a compound statement.
+
+Some examples are shown here:
+
+```c++
+// A death test can be a simple function call.
+TEST(MyDeathTest, FunctionCall) {
+ ASSERT_DEATH(Xyz(5), "Xyz failed");
+}
+
+// Or a complex expression that references variables and functions.
+TEST(MyDeathTest, ComplexExpression) {
+ const bool c = Condition();
+ ASSERT_DEATH((c ? Func1(0) : object2.Method("test")),
+ "(Func1|Method) failed");
+}
+
+// Death assertions can be used any where in a function. In
+// particular, they can be inside a loop.
+TEST(MyDeathTest, InsideLoop) {
+ // Verifies that Foo(0), Foo(1), ..., and Foo(4) all die.
+ for (int i = 0; i < 5; i++) {
+ EXPECT_DEATH_M(Foo(i), "Foo has \\d+ errors",
+ ::testing::Message() << "where i is " << i);
+ }
+}
+
+// A death assertion can contain a compound statement.
+TEST(MyDeathTest, CompoundStatement) {
+ // Verifies that at lease one of Bar(0), Bar(1), ..., and
+ // Bar(4) dies.
+ ASSERT_DEATH({
+ for (int i = 0; i < 5; i++) {
+ Bar(i);
+ }
+ },
+ "Bar has \\d+ errors");
+}
+```
+
+gtest-death-test_test.cc contains more examples if you are interested.
+
+## I have a fixture class `FooTest`, but `TEST_F(FooTest, Bar)` gives me error ``"no matching function for call to `FooTest::FooTest()'"``. Why?
+
+Googletest needs to be able to create objects of your test fixture class, so it
+must have a default constructor. Normally the compiler will define one for you.
+However, there are cases where you have to define your own:
+
+* If you explicitly declare a non-default constructor for class `FooTest`
+ (`DISALLOW_EVIL_CONSTRUCTORS()` does this), then you need to define a
+ default constructor, even if it would be empty.
+* If `FooTest` has a const non-static data member, then you have to define the
+ default constructor *and* initialize the const member in the initializer
+ list of the constructor. (Early versions of `gcc` doesn't force you to
+ initialize the const member. It's a bug that has been fixed in `gcc 4`.)
+
+## Why does ASSERT_DEATH complain about previous threads that were already joined?
+
+With the Linux pthread library, there is no turning back once you cross the line
+from single thread to multiple threads. The first time you create a thread, a
+manager thread is created in addition, so you get 3, not 2, threads. Later when
+the thread you create joins the main thread, the thread count decrements by 1,
+but the manager thread will never be killed, so you still have 2 threads, which
+means you cannot safely run a death test.
+
+The new NPTL thread library doesn't suffer from this problem, as it doesn't
+create a manager thread. However, if you don't control which machine your test
+runs on, you shouldn't depend on this.
+
+## Why does googletest require the entire test case, instead of individual tests, to be named *DeathTest when it uses ASSERT_DEATH?
+
+googletest does not interleave tests from different test cases. That is, it runs
+all tests in one test case first, and then runs all tests in the next test case,
+and so on. googletest does this because it needs to set up a test case before
+the first test in it is run, and tear it down afterwords. Splitting up the test
+case would require multiple set-up and tear-down processes, which is inefficient
+and makes the semantics unclean.
+
+If we were to determine the order of tests based on test name instead of test
+case name, then we would have a problem with the following situation:
+
+```c++
+TEST_F(FooTest, AbcDeathTest) { ... }
+TEST_F(FooTest, Uvw) { ... }
+
+TEST_F(BarTest, DefDeathTest) { ... }
+TEST_F(BarTest, Xyz) { ... }
+```
+
+Since `FooTest.AbcDeathTest` needs to run before `BarTest.Xyz`, and we don't
+interleave tests from different test cases, we need to run all tests in the
+`FooTest` case before running any test in the `BarTest` case. This contradicts
+with the requirement to run `BarTest.DefDeathTest` before `FooTest.Uvw`.
+
+## But I don't like calling my entire test case \*DeathTest when it contains both death tests and non-death tests. What do I do?
+
+You don't have to, but if you like, you may split up the test case into
+`FooTest` and `FooDeathTest`, where the names make it clear that they are
+related:
+
+```c++
+class FooTest : public ::testing::Test { ... };
+
+TEST_F(FooTest, Abc) { ... }
+TEST_F(FooTest, Def) { ... }
+
+using FooDeathTest = FooTest;
+
+TEST_F(FooDeathTest, Uvw) { ... EXPECT_DEATH(...) ... }
+TEST_F(FooDeathTest, Xyz) { ... ASSERT_DEATH(...) ... }
+```
+
+## googletest prints the LOG messages in a death test's child process only when the test fails. How can I see the LOG messages when the death test succeeds?
+
+Printing the LOG messages generated by the statement inside `EXPECT_DEATH()`
+makes it harder to search for real problems in the parent's log. Therefore,
+googletest only prints them when the death test has failed.
+
+If you really need to see such LOG messages, a workaround is to temporarily
+break the death test (e.g. by changing the regex pattern it is expected to
+match). Admittedly, this is a hack. We'll consider a more permanent solution
+after the fork-and-exec-style death tests are implemented.
+
+## The compiler complains about "no match for 'operator<<'" when I use an assertion. What gives?
+
+If you use a user-defined type `FooType` in an assertion, you must make sure
+there is an `std::ostream& operator<<(std::ostream&, const FooType&)` function
+defined such that we can print a value of `FooType`.
+
+In addition, if `FooType` is declared in a name space, the `<<` operator also
+needs to be defined in the *same* name space. See go/totw/49 for details.
+
+## How do I suppress the memory leak messages on Windows?
+
+Since the statically initialized googletest singleton requires allocations on
+the heap, the Visual C++ memory leak detector will report memory leaks at the
+end of the program run. The easiest way to avoid this is to use the
+`_CrtMemCheckpoint` and `_CrtMemDumpAllObjectsSince` calls to not report any
+statically initialized heap objects. See MSDN for more details and additional
+heap check/debug routines.
+
+
+## How can my code detect if it is running in a test?
+
+If you write code that sniffs whether it's running in a test and does different
+things accordingly, you are leaking test-only logic into production code and
+there is no easy way to ensure that the test-only code paths aren't run by
+mistake in production. Such cleverness also leads to
+[Heisenbugs](https://en.wikipedia.org/wiki/Heisenbug). Therefore we strongly
+advise against the practice, and googletest doesn't provide a way to do it.
+
+In general, the recommended way to cause the code to behave differently under
+test is [Dependency Injection](https://en.wikipedia.org/wiki/Dependency_injection). You can inject
+different functionality from the test and from the production code. Since your
+production code doesn't link in the for-test logic at all (the
+[`testonly`](https://docs.bazel.build/versions/master/be/common-definitions.html#common.testonly)
+attribute for BUILD targets helps to ensure that), there is no danger in
+accidentally running it.
+
+However, if you *really*, *really*, *really* have no choice, and if you follow
+the rule of ending your test program names with `_test`, you can use the
+*horrible* hack of sniffing your executable name (`argv[0]` in `main()`) to know
+whether the code is under test.
+
+
+## How do I temporarily disable a test?
+
+If you have a broken test that you cannot fix right away, you can add the
+DISABLED_ prefix to its name. This will exclude it from execution. This is
+better than commenting out the code or using #if 0, as disabled tests are still
+compiled (and thus won't rot).
+
+To include disabled tests in test execution, just invoke the test program with
+the --gtest_also_run_disabled_tests flag.
+
+## Is it OK if I have two separate `TEST(Foo, Bar)` test methods defined in different namespaces?
+
+Yes.
+
+The rule is **all test methods in the same test case must use the same fixture
+class.** This means that the following is **allowed** because both tests use the
+same fixture class (`::testing::Test`).
+
+```c++
+namespace foo {
+TEST(CoolTest, DoSomething) {
+ SUCCEED();
+}
+} // namespace foo
+
+namespace bar {
+TEST(CoolTest, DoSomething) {
+ SUCCEED();
+}
+} // namespace bar
+```
+
+However, the following code is **not allowed** and will produce a runtime error
+from googletest because the test methods are using different test fixture
+classes with the same test case name.
+
+```c++
+namespace foo {
+class CoolTest : public ::testing::Test {}; // Fixture foo::CoolTest
+TEST_F(CoolTest, DoSomething) {
+ SUCCEED();
+}
+} // namespace foo
+
+namespace bar {
+class CoolTest : public ::testing::Test {}; // Fixture: bar::CoolTest
+TEST_F(CoolTest, DoSomething) {
+ SUCCEED();
+}
+} // namespace bar
+```
diff --git a/security/nss/gtests/google_test/gtest/docs/primer.md b/security/nss/gtests/google_test/gtest/docs/primer.md
new file mode 100644
index 000000000..7a8ea8d71
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/docs/primer.md
@@ -0,0 +1,569 @@
+# Googletest Primer
+
+
+## Introduction: Why googletest?
+
+*googletest* helps you write better C++ tests.
+
+googletest is a testing framework developed by the Testing
+Technology team with Google's specific
+requirements and constraints in mind. No matter whether you work on Linux,
+Windows, or a Mac, if you write C++ code, googletest can help you. And it
+supports *any* kind of tests, not just unit tests.
+
+So what makes a good test, and how does googletest fit in? We believe:
+
+1. Tests should be *independent* and *repeatable*. It's a pain to debug a test
+ that succeeds or fails as a result of other tests. googletest isolates the
+ tests by running each of them on a different object. When a test fails,
+ googletest allows you to run it in isolation for quick debugging.
+1. Tests should be well *organized* and reflect the structure of the tested
+ code. googletest groups related tests into test cases that can share data
+ and subroutines. This common pattern is easy to recognize and makes tests
+ easy to maintain. Such consistency is especially helpful when people switch
+ projects and start to work on a new code base.
+1. Tests should be *portable* and *reusable*. Google has a lot of code that is
+ platform-neutral, its tests should also be platform-neutral. googletest
+ works on different OSes, with different compilers (gcc, icc, and MSVC), with
+ or without exceptions, so googletest tests can easily work with a variety of
+ configurations.
+1. When tests fail, they should provide as much *information* about the problem
+ as possible. googletest doesn't stop at the first test failure. Instead, it
+ only stops the current test and continues with the next. You can also set up
+ tests that report non-fatal failures after which the current test continues.
+ Thus, you can detect and fix multiple bugs in a single run-edit-compile
+ cycle.
+1. The testing framework should liberate test writers from housekeeping chores
+ and let them focus on the test *content*. googletest automatically keeps
+ track of all tests defined, and doesn't require the user to enumerate them
+ in order to run them.
+1. Tests should be *fast*. With googletest, you can reuse shared resources
+ across tests and pay for the set-up/tear-down only once, without making
+ tests depend on each other.
+
+Since googletest is based on the popular xUnit architecture, you'll feel right
+at home if you've used JUnit or PyUnit before. If not, it will take you about 10
+minutes to learn the basics and get started. So let's go!
+
+## Beware of the nomenclature
+
+_Note:_ There might be some confusion of idea due to different
+definitions of the terms _Test_, _Test Case_ and _Test Suite_, so beware
+of misunderstanding these.
+
+Historically, googletest started to use the term _Test Case_ for grouping
+related tests, whereas current publications including the International Software
+Testing Qualifications Board ([ISTQB](http://www.istqb.org/)) and various
+textbooks on Software Quality use the term _[Test
+Suite](http://glossary.istqb.org/search/test%20suite)_ for this.
+
+The related term _Test_, as it is used in the googletest, is corresponding to
+the term _[Test Case](http://glossary.istqb.org/search/test%20case)_ of ISTQB
+and others.
+
+The term _Test_ is commonly of broad enough sense, including ISTQB's
+definition of _Test Case_, so it's not much of a problem here. But the
+term _Test Case_ as used in Google Test is of contradictory sense and thus confusing.
+
+Unfortunately replacing the term _Test Case_ by _Test Suite_ throughout the
+googletest is not easy without breaking dependent projects, as `TestCase` is
+part of the public API at various places.
+
+So for the time being, please be aware of the different definitions of
+the terms:
+
+Meaning | googletest Term | [ISTQB](http://www.istqb.org/) Term
+:----------------------------------------------------------------------------------- | :--------------------------------------------------------------------------------------------------------- | :----------------------------------
+Exercise a particular program path with specific input values and verify the results | [TEST()](#simple-tests) | [Test Case](http://glossary.istqb.org/search/test%20case)
+A set of several tests related to one component | [TestCase](#basic-concepts) | [TestSuite](http://glossary.istqb.org/search/test%20suite)
+
+## Basic Concepts
+
+When using googletest, you start by writing *assertions*, which are statements
+that check whether a condition is true. An assertion's result can be *success*,
+*nonfatal failure*, or *fatal failure*. If a fatal failure occurs, it aborts the
+current function; otherwise the program continues normally.
+
+*Tests* use assertions to verify the tested code's behavior. If a test crashes
+or has a failed assertion, then it *fails*; otherwise it *succeeds*.
+
+A *test case* contains one or many tests. You should group your tests into test
+cases that reflect the structure of the tested code. When multiple tests in a
+test case need to share common objects and subroutines, you can put them into a
+*test fixture* class.
+
+A *test program* can contain multiple test cases.
+
+We'll now explain how to write a test program, starting at the individual
+assertion level and building up to tests and test cases.
+
+## Assertions
+
+googletest assertions are macros that resemble function calls. You test a class
+or function by making assertions about its behavior. When an assertion fails,
+googletest prints the assertion's source file and line number location, along
+with a failure message. You may also supply a custom failure message which will
+be appended to googletest's message.
+
+The assertions come in pairs that test the same thing but have different effects
+on the current function. `ASSERT_*` versions generate fatal failures when they
+fail, and **abort the current function**. `EXPECT_*` versions generate nonfatal
+failures, which don't abort the current function. Usually `EXPECT_*` are
+preferred, as they allow more than one failure to be reported in a test.
+However, you should use `ASSERT_*` if it doesn't make sense to continue when the
+assertion in question fails.
+
+Since a failed `ASSERT_*` returns from the current function immediately,
+possibly skipping clean-up code that comes after it, it may cause a space leak.
+Depending on the nature of the leak, it may or may not be worth fixing - so keep
+this in mind if you get a heap checker error in addition to assertion errors.
+
+To provide a custom failure message, simply stream it into the macro using the
+`<<` operator, or a sequence of such operators. An example:
+
+```c++
+ASSERT_EQ(x.size(), y.size()) << "Vectors x and y are of unequal length";
+
+for (int i = 0; i < x.size(); ++i) {
+ EXPECT_EQ(x[i], y[i]) << "Vectors x and y differ at index " << i;
+}
+```
+
+Anything that can be streamed to an `ostream` can be streamed to an assertion
+macro--in particular, C strings and `string` objects. If a wide string
+(`wchar_t*`, `TCHAR*` in `UNICODE` mode on Windows, or `std::wstring`) is
+streamed to an assertion, it will be translated to UTF-8 when printed.
+
+### Basic Assertions
+
+These assertions do basic true/false condition testing.
+
+Fatal assertion | Nonfatal assertion | Verifies
+-------------------------- | -------------------------- | --------------------
+`ASSERT_TRUE(condition);` | `EXPECT_TRUE(condition);` | `condition` is true
+`ASSERT_FALSE(condition);` | `EXPECT_FALSE(condition);` | `condition` is false
+
+Remember, when they fail, `ASSERT_*` yields a fatal failure and returns from the
+current function, while `EXPECT_*` yields a nonfatal failure, allowing the
+function to continue running. In either case, an assertion failure means its
+containing test fails.
+
+**Availability**: Linux, Windows, Mac.
+
+### Binary Comparison
+
+This section describes assertions that compare two values.
+
+Fatal assertion | Nonfatal assertion | Verifies
+------------------------ | ------------------------ | --------------
+`ASSERT_EQ(val1, val2);` | `EXPECT_EQ(val1, val2);` | `val1 == val2`
+`ASSERT_NE(val1, val2);` | `EXPECT_NE(val1, val2);` | `val1 != val2`
+`ASSERT_LT(val1, val2);` | `EXPECT_LT(val1, val2);` | `val1 < val2`
+`ASSERT_LE(val1, val2);` | `EXPECT_LE(val1, val2);` | `val1 <= val2`
+`ASSERT_GT(val1, val2);` | `EXPECT_GT(val1, val2);` | `val1 > val2`
+`ASSERT_GE(val1, val2);` | `EXPECT_GE(val1, val2);` | `val1 >= val2`
+
+Value arguments must be comparable by the assertion's comparison operator or
+you'll get a compiler error. We used to require the arguments to support the
+`<<` operator for streaming to an `ostream`, but it's no longer necessary. If
+`<<` is supported, it will be called to print the arguments when the assertion
+fails; otherwise googletest will attempt to print them in the best way it can.
+For more details and how to customize the printing of the arguments, see
+gMock [recipe](../../googlemock/docs/CookBook.md#teaching-google-mock-how-to-print-your-values).).
+
+These assertions can work with a user-defined type, but only if you define the
+corresponding comparison operator (e.g. `==`, `<`, etc). Since this is
+discouraged by the Google [C++ Style
+Guide](https://google.github.io/styleguide/cppguide.html#Operator_Overloading),
+you may need to use `ASSERT_TRUE()` or `EXPECT_TRUE()` to assert the equality of
+two objects of a user-defined type.
+
+However, when possible, `ASSERT_EQ(actual, expected)` is preferred to
+`ASSERT_TRUE(actual == expected)`, since it tells you `actual` and `expected`'s
+values on failure.
+
+Arguments are always evaluated exactly once. Therefore, it's OK for the
+arguments to have side effects. However, as with any ordinary C/C++ function,
+the arguments' evaluation order is undefined (i.e. the compiler is free to
+choose any order) and your code should not depend on any particular argument
+evaluation order.
+
+`ASSERT_EQ()` does pointer equality on pointers. If used on two C strings, it
+tests if they are in the same memory location, not if they have the same value.
+Therefore, if you want to compare C strings (e.g. `const char*`) by value, use
+`ASSERT_STREQ()`, which will be described later on. In particular, to assert
+that a C string is `NULL`, use `ASSERT_STREQ(c_string, NULL)`. Consider use
+`ASSERT_EQ(c_string, nullptr)` if c++11 is supported. To compare two `string`
+objects, you should use `ASSERT_EQ`.
+
+When doing pointer comparisons use `*_EQ(ptr, nullptr)` and `*_NE(ptr, nullptr)`
+instead of `*_EQ(ptr, NULL)` and `*_NE(ptr, NULL)`. This is because `nullptr` is
+typed while `NULL` is not. See [FAQ](faq.md#why-does-google-test-support-expect_eqnull-ptr-and-assert_eqnull-ptr-but-not-expect_nenull-ptr-and-assert_nenull-ptr)
+for more details.
+
+If you're working with floating point numbers, you may want to use the floating
+point variations of some of these macros in order to avoid problems caused by
+rounding. See [Advanced googletest Topics](advanced.md) for details.
+
+Macros in this section work with both narrow and wide string objects (`string`
+and `wstring`).
+
+**Availability**: Linux, Windows, Mac.
+
+**Historical note**: Before February 2016 `*_EQ` had a convention of calling it
+as `ASSERT_EQ(expected, actual)`, so lots of existing code uses this order. Now
+`*_EQ` treats both parameters in the same way.
+
+### String Comparison
+
+The assertions in this group compare two **C strings**. If you want to compare
+two `string` objects, use `EXPECT_EQ`, `EXPECT_NE`, and etc instead.
+
+| Fatal assertion | Nonfatal assertion | Verifies |
+| ------------------------------- | ------------------------------- | -------------------------------------------------------- |
+| `ASSERT_STREQ(str1, str2);` | `EXPECT_STREQ(str1, str2);` | the two C strings have the same content |
+| `ASSERT_STRNE(str1, str2);` | `EXPECT_STRNE(str1, str2);` | the two C strings have different contents |
+| `ASSERT_STRCASEEQ(str1, str2);` | `EXPECT_STRCASEEQ(str1, str2);` | the two C strings have the same content, ignoring case |
+| `ASSERT_STRCASENE(str1, str2);` | `EXPECT_STRCASENE(str1, str2);` | the two C strings have different contents, ignoring case |
+
+Note that "CASE" in an assertion name means that case is ignored. A `NULL`
+pointer and an empty string are considered *different*.
+
+`*STREQ*` and `*STRNE*` also accept wide C strings (`wchar_t*`). If a comparison
+of two wide strings fails, their values will be printed as UTF-8 narrow strings.
+
+**Availability**: Linux, Windows, Mac.
+
+**See also**: For more string comparison tricks (substring, prefix, suffix, and
+regular expression matching, for example), see
+[this](https://github.com/google/googletest/blob/master/googletest/docs/advanced.md)
+in the Advanced googletest Guide.
+
+## Simple Tests
+
+To create a test:
+
+1. Use the `TEST()` macro to define and name a test function, These are
+ ordinary C++ functions that don't return a value.
+1. In this function, along with any valid C++ statements you want to include,
+ use the various googletest assertions to check values.
+1. The test's result is determined by the assertions; if any assertion in the
+ test fails (either fatally or non-fatally), or if the test crashes, the
+ entire test fails. Otherwise, it succeeds.
+
+```c++
+TEST(TestCaseName, TestName) {
+ ... test body ...
+}
+```
+
+`TEST()` arguments go from general to specific. The *first* argument is the name
+of the test case, and the *second* argument is the test's name within the test
+case. Both names must be valid C++ identifiers, and they should not contain
+underscore (`_`). A test's *full name* consists of its containing test case and
+its individual name. Tests from different test cases can have the same
+individual name.
+
+For example, let's take a simple integer function:
+
+```c++
+int Factorial(int n); // Returns the factorial of n
+```
+
+A test case for this function might look like:
+
+```c++
+// Tests factorial of 0.
+TEST(FactorialTest, HandlesZeroInput) {
+ EXPECT_EQ(Factorial(0), 1);
+}
+
+// Tests factorial of positive numbers.
+TEST(FactorialTest, HandlesPositiveInput) {
+ EXPECT_EQ(Factorial(1), 1);
+ EXPECT_EQ(Factorial(2), 2);
+ EXPECT_EQ(Factorial(3), 6);
+ EXPECT_EQ(Factorial(8), 40320);
+}
+```
+
+googletest groups the test results by test cases, so logically-related tests
+should be in the same test case; in other words, the first argument to their
+`TEST()` should be the same. In the above example, we have two tests,
+`HandlesZeroInput` and `HandlesPositiveInput`, that belong to the same test case
+`FactorialTest`.
+
+When naming your test cases and tests, you should follow the same convention as
+for [naming functions and
+classes](https://google.github.io/styleguide/cppguide.html#Function_Names).
+
+**Availability**: Linux, Windows, Mac.
+
+## Test Fixtures: Using the Same Data Configuration for Multiple Tests
+
+If you find yourself writing two or more tests that operate on similar data, you
+can use a *test fixture*. It allows you to reuse the same configuration of
+objects for several different tests.
+
+To create a fixture:
+
+1. Derive a class from `::testing::Test` . Start its body with `protected:` as
+ we'll want to access fixture members from sub-classes.
+1. Inside the class, declare any objects you plan to use.
+1. If necessary, write a default constructor or `SetUp()` function to prepare
+ the objects for each test. A common mistake is to spell `SetUp()` as
+ **`Setup()`** with a small `u` - Use `override` in C++11 to make sure you
+ spelled it correctly
+1. If necessary, write a destructor or `TearDown()` function to release any
+ resources you allocated in `SetUp()` . To learn when you should use the
+ constructor/destructor and when you should use `SetUp()/TearDown()`, read
+ this [FAQ](faq.md#should-i-use-the-constructordestructor-of-the-test-fixture-or-setupteardown) entry.
+1. If needed, define subroutines for your tests to share.
+
+When using a fixture, use `TEST_F()` instead of `TEST()` as it allows you to
+access objects and subroutines in the test fixture:
+
+```c++
+TEST_F(TestCaseName, TestName) {
+ ... test body ...
+}
+```
+
+Like `TEST()`, the first argument is the test case name, but for `TEST_F()` this
+must be the name of the test fixture class. You've probably guessed: `_F` is for
+fixture.
+
+Unfortunately, the C++ macro system does not allow us to create a single macro
+that can handle both types of tests. Using the wrong macro causes a compiler
+error.
+
+Also, you must first define a test fixture class before using it in a
+`TEST_F()`, or you'll get the compiler error "`virtual outside class
+declaration`".
+
+For each test defined with `TEST_F()` , googletest will create a *fresh* test
+fixture at runtime, immediately initialize it via `SetUp()` , run the test,
+clean up by calling `TearDown()` , and then delete the test fixture. Note that
+different tests in the same test case have different test fixture objects, and
+googletest always deletes a test fixture before it creates the next one.
+googletest does **not** reuse the same test fixture for multiple tests. Any
+changes one test makes to the fixture do not affect other tests.
+
+As an example, let's write tests for a FIFO queue class named `Queue`, which has
+the following interface:
+
+```c++
+template <typename E> // E is the element type.
+class Queue {
+ public:
+ Queue();
+ void Enqueue(const E& element);
+ E* Dequeue(); // Returns NULL if the queue is empty.
+ size_t size() const;
+ ...
+};
+```
+
+First, define a fixture class. By convention, you should give it the name
+`FooTest` where `Foo` is the class being tested.
+
+```c++
+class QueueTest : public ::testing::Test {
+ protected:
+ void SetUp() override {
+ q1_.Enqueue(1);
+ q2_.Enqueue(2);
+ q2_.Enqueue(3);
+ }
+
+ // void TearDown() override {}
+
+ Queue<int> q0_;
+ Queue<int> q1_;
+ Queue<int> q2_;
+};
+```
+
+In this case, `TearDown()` is not needed since we don't have to clean up after
+each test, other than what's already done by the destructor.
+
+Now we'll write tests using `TEST_F()` and this fixture.
+
+```c++
+TEST_F(QueueTest, IsEmptyInitially) {
+ EXPECT_EQ(q0_.size(), 0);
+}
+
+TEST_F(QueueTest, DequeueWorks) {
+ int* n = q0_.Dequeue();
+ EXPECT_EQ(n, nullptr);
+
+ n = q1_.Dequeue();
+ ASSERT_NE(n, nullptr);
+ EXPECT_EQ(*n, 1);
+ EXPECT_EQ(q1_.size(), 0);
+ delete n;
+
+ n = q2_.Dequeue();
+ ASSERT_NE(n, nullptr);
+ EXPECT_EQ(*n, 2);
+ EXPECT_EQ(q2_.size(), 1);
+ delete n;
+}
+```
+
+The above uses both `ASSERT_*` and `EXPECT_*` assertions. The rule of thumb is
+to use `EXPECT_*` when you want the test to continue to reveal more errors after
+the assertion failure, and use `ASSERT_*` when continuing after failure doesn't
+make sense. For example, the second assertion in the `Dequeue` test is
+=ASSERT_NE(nullptr, n)=, as we need to dereference the pointer `n` later, which
+would lead to a segfault when `n` is `NULL`.
+
+When these tests run, the following happens:
+
+1. googletest constructs a `QueueTest` object (let's call it `t1` ).
+1. `t1.SetUp()` initializes `t1` .
+1. The first test ( `IsEmptyInitially` ) runs on `t1` .
+1. `t1.TearDown()` cleans up after the test finishes.
+1. `t1` is destructed.
+1. The above steps are repeated on another `QueueTest` object, this time
+ running the `DequeueWorks` test.
+
+**Availability**: Linux, Windows, Mac.
+
+
+## Invoking the Tests
+
+`TEST()` and `TEST_F()` implicitly register their tests with googletest. So,
+unlike with many other C++ testing frameworks, you don't have to re-list all
+your defined tests in order to run them.
+
+After defining your tests, you can run them with `RUN_ALL_TESTS()` , which
+returns `0` if all the tests are successful, or `1` otherwise. Note that
+`RUN_ALL_TESTS()` runs *all tests* in your link unit -- they can be from
+different test cases, or even different source files.
+
+When invoked, the `RUN_ALL_TESTS()` macro:
+
+1. Saves the state of all googletest flags
+
+* Creates a test fixture object for the first test.
+
+* Initializes it via `SetUp()`.
+
+* Runs the test on the fixture object.
+
+* Cleans up the fixture via `TearDown()`.
+
+* Deletes the fixture.
+
+* Restores the state of all googletest flags
+
+* Repeats the above steps for the next test, until all tests have run.
+
+If a fatal failure happens the subsequent steps will be skipped.
+
+> IMPORTANT: You must **not** ignore the return value of `RUN_ALL_TESTS()`, or
+> you will get a compiler error. The rationale for this design is that the
+> automated testing service determines whether a test has passed based on its
+> exit code, not on its stdout/stderr output; thus your `main()` function must
+> return the value of `RUN_ALL_TESTS()`.
+>
+> Also, you should call `RUN_ALL_TESTS()` only **once**. Calling it more than
+> once conflicts with some advanced googletest features (e.g. thread-safe [death
+> tests](advanced#death-tests)) and thus is not supported.
+
+**Availability**: Linux, Windows, Mac.
+
+## Writing the main() Function
+
+In `google3`, the simplest approach is to use the default main() function
+provided by linking in `"//testing/base/public:gtest_main"`. If that doesn't
+cover what you need, you should write your own main() function, which should
+return the value of `RUN_ALL_TESTS()`. Link to `"//testing/base/public:gunit"`.
+You can start from this boilerplate:
+
+```c++
+#include "this/package/foo.h"
+#include "gtest/gtest.h"
+
+namespace {
+
+// The fixture for testing class Foo.
+class FooTest : public ::testing::Test {
+ protected:
+ // You can remove any or all of the following functions if its body
+ // is empty.
+
+ FooTest() {
+ // You can do set-up work for each test here.
+ }
+
+ ~FooTest() override {
+ // You can do clean-up work that doesn't throw exceptions here.
+ }
+
+ // If the constructor and destructor are not enough for setting up
+ // and cleaning up each test, you can define the following methods:
+
+ void SetUp() override {
+ // Code here will be called immediately after the constructor (right
+ // before each test).
+ }
+
+ void TearDown() override {
+ // Code here will be called immediately after each test (right
+ // before the destructor).
+ }
+
+ // Objects declared here can be used by all tests in the test case for Foo.
+};
+
+// Tests that the Foo::Bar() method does Abc.
+TEST_F(FooTest, MethodBarDoesAbc) {
+ const std::string input_filepath = "this/package/testdata/myinputfile.dat";
+ const std::string output_filepath = "this/package/testdata/myoutputfile.dat";
+ Foo f;
+ EXPECT_EQ(f.Bar(input_filepath, output_filepath), 0);
+}
+
+// Tests that Foo does Xyz.
+TEST_F(FooTest, DoesXyz) {
+ // Exercises the Xyz feature of Foo.
+}
+
+} // namespace
+
+int main(int argc, char **argv) {
+ ::testing::InitGoogleTest(&argc, argv);
+ return RUN_ALL_TESTS();
+}
+```
+
+
+The `::testing::InitGoogleTest()` function parses the command line for
+googletest flags, and removes all recognized flags. This allows the user to
+control a test program's behavior via various flags, which we'll cover in
+[AdvancedGuide](advanced.md). You **must** call this function before calling
+`RUN_ALL_TESTS()`, or the flags won't be properly initialized.
+
+On Windows, `InitGoogleTest()` also works with wide strings, so it can be used
+in programs compiled in `UNICODE` mode as well.
+
+But maybe you think that writing all those main() functions is too much work? We
+agree with you completely and that's why Google Test provides a basic
+implementation of main(). If it fits your needs, then just link your test with
+gtest\_main library and you are good to go.
+
+NOTE: `ParseGUnitFlags()` is deprecated in favor of `InitGoogleTest()`.
+
+
+## Known Limitations
+
+* Google Test is designed to be thread-safe. The implementation is thread-safe
+ on systems where the `pthreads` library is available. It is currently
+ _unsafe_ to use Google Test assertions from two threads concurrently on
+ other systems (e.g. Windows). In most tests this is not an issue as usually
+ the assertions are done in the main thread. If you want to help, you can
+ volunteer to implement the necessary synchronization primitives in
+ `gtest-port.h` for your platform.
diff --git a/security/nss/gtests/google_test/gtest/docs/samples.md b/security/nss/gtests/google_test/gtest/docs/samples.md
new file mode 100644
index 000000000..18dcca381
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/docs/samples.md
@@ -0,0 +1,22 @@
+# Googletest Samples {#samples}
+
+If you're like us, you'd like to look at [googletest
+samples.](https://github.com/google/googletest/tree/master/googletest/samples)
+The sample directory has a number of well-commented samples showing how to use a
+variety of googletest features.
+
+* Sample #1 shows the basic steps of using googletest to test C++ functions.
+* Sample #2 shows a more complex unit test for a class with multiple member
+ functions.
+* Sample #3 uses a test fixture.
+* Sample #4 teaches you how to use googletest and `googletest.h` together to
+ get the best of both libraries.
+* Sample #5 puts shared testing logic in a base test fixture, and reuses it in
+ derived fixtures.
+* Sample #6 demonstrates type-parameterized tests.
+* Sample #7 teaches the basics of value-parameterized tests.
+* Sample #8 shows using `Combine()` in value-parameterized tests.
+* Sample #9 shows use of the listener API to modify Google Test's console
+ output and the use of its reflection API to inspect test results.
+* Sample #10 shows use of the listener API to implement a primitive memory
+ leak checker.
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/gtest-death-test.h b/security/nss/gtests/google_test/gtest/include/gtest/gtest-death-test.h
index 957a69c6a..20c54d869 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/gtest-death-test.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/gtest-death-test.h
@@ -26,14 +26,14 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
//
-// Author: wan@google.com (Zhanyong Wan)
-//
-// The Google C++ Testing Framework (Google Test)
+// The Google C++ Testing and Mocking Framework (Google Test)
//
// This header file defines the public API for death tests. It is
// #included by gtest.h so a user doesn't need to include this
// directly.
+// GOOGLETEST_CM0001 DO NOT DELETE
#ifndef GTEST_INCLUDE_GTEST_GTEST_DEATH_TEST_H_
#define GTEST_INCLUDE_GTEST_GTEST_DEATH_TEST_H_
@@ -99,10 +99,11 @@ GTEST_API_ bool InDeathTestChild();
//
// On the regular expressions used in death tests:
//
+// GOOGLETEST_CM0005 DO NOT DELETE
// On POSIX-compliant systems (*nix), we use the <regex.h> library,
// which uses the POSIX extended regex syntax.
//
-// On other platforms (e.g. Windows), we only support a simple regex
+// On other platforms (e.g. Windows or Mac), we only support a simple regex
// syntax implemented as part of Google Test. This limited
// implementation should be enough most of the time when writing
// death tests; though it lacks many features you can find in PCRE
@@ -160,7 +161,7 @@ GTEST_API_ bool InDeathTestChild();
// is rarely a problem as people usually don't put the test binary
// directory in PATH.
//
-// TODO(wan@google.com): make thread-safe death tests search the PATH.
+// FIXME: make thread-safe death tests search the PATH.
// Asserts that a given statement causes the program to exit, with an
// integer exit status that satisfies predicate, and emitting error output
@@ -198,9 +199,10 @@ class GTEST_API_ ExitedWithCode {
const int exit_code_;
};
-# if !GTEST_OS_WINDOWS
+# if !GTEST_OS_WINDOWS && !GTEST_OS_FUCHSIA
// Tests that an exit code describes an exit due to termination by a
// given signal.
+// GOOGLETEST_CM0006 DO NOT DELETE
class GTEST_API_ KilledBySignal {
public:
explicit KilledBySignal(int signum);
@@ -272,6 +274,54 @@ class GTEST_API_ KilledBySignal {
# endif // NDEBUG for EXPECT_DEBUG_DEATH
#endif // GTEST_HAS_DEATH_TEST
+// This macro is used for implementing macros such as
+// EXPECT_DEATH_IF_SUPPORTED and ASSERT_DEATH_IF_SUPPORTED on systems where
+// death tests are not supported. Those macros must compile on such systems
+// iff EXPECT_DEATH and ASSERT_DEATH compile with the same parameters on
+// systems that support death tests. This allows one to write such a macro
+// on a system that does not support death tests and be sure that it will
+// compile on a death-test supporting system. It is exposed publicly so that
+// systems that have death-tests with stricter requirements than
+// GTEST_HAS_DEATH_TEST can write their own equivalent of
+// EXPECT_DEATH_IF_SUPPORTED and ASSERT_DEATH_IF_SUPPORTED.
+//
+// Parameters:
+// statement - A statement that a macro such as EXPECT_DEATH would test
+// for program termination. This macro has to make sure this
+// statement is compiled but not executed, to ensure that
+// EXPECT_DEATH_IF_SUPPORTED compiles with a certain
+// parameter iff EXPECT_DEATH compiles with it.
+// regex - A regex that a macro such as EXPECT_DEATH would use to test
+// the output of statement. This parameter has to be
+// compiled but not evaluated by this macro, to ensure that
+// this macro only accepts expressions that a macro such as
+// EXPECT_DEATH would accept.
+// terminator - Must be an empty statement for EXPECT_DEATH_IF_SUPPORTED
+// and a return statement for ASSERT_DEATH_IF_SUPPORTED.
+// This ensures that ASSERT_DEATH_IF_SUPPORTED will not
+// compile inside functions where ASSERT_DEATH doesn't
+// compile.
+//
+// The branch that has an always false condition is used to ensure that
+// statement and regex are compiled (and thus syntactically correct) but
+// never executed. The unreachable code macro protects the terminator
+// statement from generating an 'unreachable code' warning in case
+// statement unconditionally returns or throws. The Message constructor at
+// the end allows the syntax of streaming additional messages into the
+// macro, for compilational compatibility with EXPECT_DEATH/ASSERT_DEATH.
+# define GTEST_UNSUPPORTED_DEATH_TEST(statement, regex, terminator) \
+ GTEST_AMBIGUOUS_ELSE_BLOCKER_ \
+ if (::testing::internal::AlwaysTrue()) { \
+ GTEST_LOG_(WARNING) \
+ << "Death tests are not supported on this platform.\n" \
+ << "Statement '" #statement "' cannot be verified."; \
+ } else if (::testing::internal::AlwaysFalse()) { \
+ ::testing::internal::RE::PartialMatch(".*", (regex)); \
+ GTEST_SUPPRESS_UNREACHABLE_CODE_WARNING_BELOW_(statement); \
+ terminator; \
+ } else \
+ ::testing::Message()
+
// EXPECT_DEATH_IF_SUPPORTED(statement, regex) and
// ASSERT_DEATH_IF_SUPPORTED(statement, regex) expand to real death tests if
// death tests are supported; otherwise they just issue a warning. This is
@@ -284,9 +334,9 @@ class GTEST_API_ KilledBySignal {
ASSERT_DEATH(statement, regex)
#else
# define EXPECT_DEATH_IF_SUPPORTED(statement, regex) \
- GTEST_UNSUPPORTED_DEATH_TEST_(statement, regex, )
+ GTEST_UNSUPPORTED_DEATH_TEST(statement, regex, )
# define ASSERT_DEATH_IF_SUPPORTED(statement, regex) \
- GTEST_UNSUPPORTED_DEATH_TEST_(statement, regex, return)
+ GTEST_UNSUPPORTED_DEATH_TEST(statement, regex, return)
#endif
} // namespace testing
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/gtest-message.h b/security/nss/gtests/google_test/gtest/include/gtest/gtest-message.h
index fe879bca7..5ca041614 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/gtest-message.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/gtest-message.h
@@ -26,10 +26,9 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
//
-// Author: wan@google.com (Zhanyong Wan)
-//
-// The Google C++ Testing Framework (Google Test)
+// The Google C++ Testing and Mocking Framework (Google Test)
//
// This header file defines the Message class.
//
@@ -43,6 +42,8 @@
// to CHANGE WITHOUT NOTICE. Therefore DO NOT DEPEND ON IT in a user
// program!
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_GTEST_MESSAGE_H_
#define GTEST_INCLUDE_GTEST_GTEST_MESSAGE_H_
@@ -50,6 +51,9 @@
#include "gtest/internal/gtest-port.h"
+GTEST_DISABLE_MSC_WARNINGS_PUSH_(4251 \
+/* class A needs to have dll-interface to be used by clients of class B */)
+
// Ensures that there is at least one operator<< in the global namespace.
// See Message& operator<<(...) below for why.
void operator<<(const testing::internal::Secret&, int);
@@ -196,7 +200,6 @@ class GTEST_API_ Message {
std::string GetString() const;
private:
-
#if GTEST_OS_SYMBIAN
// These are needed as the Nokia Symbian Compiler cannot decide between
// const T& and const T* in a function template. The Nokia compiler _can_
@@ -247,4 +250,6 @@ std::string StreamableToString(const T& streamable) {
} // namespace internal
} // namespace testing
+GTEST_DISABLE_MSC_WARNINGS_POP_() // 4251
+
#endif // GTEST_INCLUDE_GTEST_GTEST_MESSAGE_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/gtest-param-test.h b/security/nss/gtests/google_test/gtest/include/gtest/gtest-param-test.h
index d6702c8f1..3e95e4390 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/gtest-param-test.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/gtest-param-test.h
@@ -31,13 +31,12 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
-// Authors: vladl@google.com (Vlad Losev)
-//
// Macros and functions for implementing parameterized tests
-// in Google C++ Testing Framework (Google Test)
+// in Google C++ Testing and Mocking Framework (Google Test)
//
// This file is generated by a SCRIPT. DO NOT EDIT BY HAND!
//
+// GOOGLETEST_CM0001 DO NOT DELETE
#ifndef GTEST_INCLUDE_GTEST_GTEST_PARAM_TEST_H_
#define GTEST_INCLUDE_GTEST_GTEST_PARAM_TEST_H_
@@ -79,7 +78,7 @@ TEST_P(FooTest, HasBlahBlah) {
// Finally, you can use INSTANTIATE_TEST_CASE_P to instantiate the test
// case with any set of parameters you want. Google Test defines a number
// of functions for generating test parameters. They return what we call
-// (surprise!) parameter generators. Here is a summary of them, which
+// (surprise!) parameter generators. Here is a summary of them, which
// are all in the testing namespace:
//
//
@@ -185,15 +184,10 @@ TEST_P(DerivedTest, DoesBlah) {
# include <utility>
#endif
-// scripts/fuse_gtest.py depends on gtest's own header being #included
-// *unconditionally*. Therefore these #includes cannot be moved
-// inside #if GTEST_HAS_PARAM_TEST.
#include "gtest/internal/gtest-internal.h"
#include "gtest/internal/gtest-param-util.h"
#include "gtest/internal/gtest-param-util-generated.h"
-#if GTEST_HAS_PARAM_TEST
-
namespace testing {
// Functions producing parameter generators.
@@ -273,7 +267,7 @@ internal::ParamGenerator<T> Range(T start, T end) {
// each with C-string values of "foo", "bar", and "baz":
//
// const char* strings[] = {"foo", "bar", "baz"};
-// INSTANTIATE_TEST_CASE_P(StringSequence, SrtingTest, ValuesIn(strings));
+// INSTANTIATE_TEST_CASE_P(StringSequence, StringTest, ValuesIn(strings));
//
// This instantiates tests from test case StlStringTest
// each with STL strings with values "a" and "b":
@@ -1375,8 +1369,6 @@ internal::CartesianProductHolder10<Generator1, Generator2, Generator3,
}
# endif // GTEST_HAS_COMBINE
-
-
# define TEST_P(test_case_name, test_name) \
class GTEST_TEST_CLASS_NAME_(test_case_name, test_name) \
: public test_case_name { \
@@ -1387,14 +1379,17 @@ internal::CartesianProductHolder10<Generator1, Generator2, Generator3,
static int AddToRegistry() { \
::testing::UnitTest::GetInstance()->parameterized_test_registry(). \
GetTestCasePatternHolder<test_case_name>(\
- #test_case_name, __FILE__, __LINE__)->AddTestPattern(\
- #test_case_name, \
- #test_name, \
- new ::testing::internal::TestMetaFactory< \
- GTEST_TEST_CLASS_NAME_(test_case_name, test_name)>()); \
+ #test_case_name, \
+ ::testing::internal::CodeLocation(\
+ __FILE__, __LINE__))->AddTestPattern(\
+ GTEST_STRINGIFY_(test_case_name), \
+ GTEST_STRINGIFY_(test_name), \
+ new ::testing::internal::TestMetaFactory< \
+ GTEST_TEST_CLASS_NAME_(\
+ test_case_name, test_name)>()); \
return 0; \
} \
- static int gtest_registering_dummy_; \
+ static int gtest_registering_dummy_ GTEST_ATTRIBUTE_UNUSED_; \
GTEST_DISALLOW_COPY_AND_ASSIGN_(\
GTEST_TEST_CLASS_NAME_(test_case_name, test_name)); \
}; \
@@ -1403,19 +1398,37 @@ internal::CartesianProductHolder10<Generator1, Generator2, Generator3,
GTEST_TEST_CLASS_NAME_(test_case_name, test_name)::AddToRegistry(); \
void GTEST_TEST_CLASS_NAME_(test_case_name, test_name)::TestBody()
-# define INSTANTIATE_TEST_CASE_P(prefix, test_case_name, generator) \
- ::testing::internal::ParamGenerator<test_case_name::ParamType> \
+// The optional last argument to INSTANTIATE_TEST_CASE_P allows the user
+// to specify a function or functor that generates custom test name suffixes
+// based on the test parameters. The function should accept one argument of
+// type testing::TestParamInfo<class ParamType>, and return std::string.
+//
+// testing::PrintToStringParamName is a builtin test suffix generator that
+// returns the value of testing::PrintToString(GetParam()).
+//
+// Note: test names must be non-empty, unique, and may only contain ASCII
+// alphanumeric characters or underscore. Because PrintToString adds quotes
+// to std::string and C strings, it won't work for these types.
+
+# define INSTANTIATE_TEST_CASE_P(prefix, test_case_name, generator, ...) \
+ static ::testing::internal::ParamGenerator<test_case_name::ParamType> \
gtest_##prefix##test_case_name##_EvalGenerator_() { return generator; } \
- int gtest_##prefix##test_case_name##_dummy_ = \
+ static ::std::string gtest_##prefix##test_case_name##_EvalGenerateName_( \
+ const ::testing::TestParamInfo<test_case_name::ParamType>& info) { \
+ return ::testing::internal::GetParamNameGen<test_case_name::ParamType> \
+ (__VA_ARGS__)(info); \
+ } \
+ static int gtest_##prefix##test_case_name##_dummy_ GTEST_ATTRIBUTE_UNUSED_ = \
::testing::UnitTest::GetInstance()->parameterized_test_registry(). \
GetTestCasePatternHolder<test_case_name>(\
- #test_case_name, __FILE__, __LINE__)->AddTestCaseInstantiation(\
- #prefix, \
- >est_##prefix##test_case_name##_EvalGenerator_, \
- __FILE__, __LINE__)
+ #test_case_name, \
+ ::testing::internal::CodeLocation(\
+ __FILE__, __LINE__))->AddTestCaseInstantiation(\
+ #prefix, \
+ >est_##prefix##test_case_name##_EvalGenerator_, \
+ >est_##prefix##test_case_name##_EvalGenerateName_, \
+ __FILE__, __LINE__)
} // namespace testing
-#endif // GTEST_HAS_PARAM_TEST
-
#endif // GTEST_INCLUDE_GTEST_GTEST_PARAM_TEST_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/gtest-param-test.h.pump b/security/nss/gtests/google_test/gtest/include/gtest/gtest-param-test.h.pump
index 2dc9303b5..274f2b3b5 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/gtest-param-test.h.pump
+++ b/security/nss/gtests/google_test/gtest/include/gtest/gtest-param-test.h.pump
@@ -30,13 +30,12 @@ $var maxtuple = 10 $$ Maximum number of Combine arguments we want to support.
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
-// Authors: vladl@google.com (Vlad Losev)
-//
// Macros and functions for implementing parameterized tests
-// in Google C++ Testing Framework (Google Test)
+// in Google C++ Testing and Mocking Framework (Google Test)
//
// This file is generated by a SCRIPT. DO NOT EDIT BY HAND!
//
+// GOOGLETEST_CM0001 DO NOT DELETE
#ifndef GTEST_INCLUDE_GTEST_GTEST_PARAM_TEST_H_
#define GTEST_INCLUDE_GTEST_GTEST_PARAM_TEST_H_
@@ -78,7 +77,7 @@ TEST_P(FooTest, HasBlahBlah) {
// Finally, you can use INSTANTIATE_TEST_CASE_P to instantiate the test
// case with any set of parameters you want. Google Test defines a number
// of functions for generating test parameters. They return what we call
-// (surprise!) parameter generators. Here is a summary of them, which
+// (surprise!) parameter generators. Here is a summary of them, which
// are all in the testing namespace:
//
//
@@ -184,15 +183,10 @@ TEST_P(DerivedTest, DoesBlah) {
# include <utility>
#endif
-// scripts/fuse_gtest.py depends on gtest's own header being #included
-// *unconditionally*. Therefore these #includes cannot be moved
-// inside #if GTEST_HAS_PARAM_TEST.
#include "gtest/internal/gtest-internal.h"
#include "gtest/internal/gtest-param-util.h"
#include "gtest/internal/gtest-param-util-generated.h"
-#if GTEST_HAS_PARAM_TEST
-
namespace testing {
// Functions producing parameter generators.
@@ -272,7 +266,7 @@ internal::ParamGenerator<T> Range(T start, T end) {
// each with C-string values of "foo", "bar", and "baz":
//
// const char* strings[] = {"foo", "bar", "baz"};
-// INSTANTIATE_TEST_CASE_P(StringSequence, SrtingTest, ValuesIn(strings));
+// INSTANTIATE_TEST_CASE_P(StringSequence, StringTest, ValuesIn(strings));
//
// This instantiates tests from test case StlStringTest
// each with STL strings with values "a" and "b":
@@ -441,8 +435,6 @@ internal::CartesianProductHolder$i<$for j, [[Generator$j]]> Combine(
]]
# endif // GTEST_HAS_COMBINE
-
-
# define TEST_P(test_case_name, test_name) \
class GTEST_TEST_CLASS_NAME_(test_case_name, test_name) \
: public test_case_name { \
@@ -453,14 +445,17 @@ internal::CartesianProductHolder$i<$for j, [[Generator$j]]> Combine(
static int AddToRegistry() { \
::testing::UnitTest::GetInstance()->parameterized_test_registry(). \
GetTestCasePatternHolder<test_case_name>(\
- #test_case_name, __FILE__, __LINE__)->AddTestPattern(\
- #test_case_name, \
- #test_name, \
- new ::testing::internal::TestMetaFactory< \
- GTEST_TEST_CLASS_NAME_(test_case_name, test_name)>()); \
+ #test_case_name, \
+ ::testing::internal::CodeLocation(\
+ __FILE__, __LINE__))->AddTestPattern(\
+ GTEST_STRINGIFY_(test_case_name), \
+ GTEST_STRINGIFY_(test_name), \
+ new ::testing::internal::TestMetaFactory< \
+ GTEST_TEST_CLASS_NAME_(\
+ test_case_name, test_name)>()); \
return 0; \
} \
- static int gtest_registering_dummy_; \
+ static int gtest_registering_dummy_ GTEST_ATTRIBUTE_UNUSED_; \
GTEST_DISALLOW_COPY_AND_ASSIGN_(\
GTEST_TEST_CLASS_NAME_(test_case_name, test_name)); \
}; \
@@ -469,19 +464,37 @@ internal::CartesianProductHolder$i<$for j, [[Generator$j]]> Combine(
GTEST_TEST_CLASS_NAME_(test_case_name, test_name)::AddToRegistry(); \
void GTEST_TEST_CLASS_NAME_(test_case_name, test_name)::TestBody()
-# define INSTANTIATE_TEST_CASE_P(prefix, test_case_name, generator) \
- ::testing::internal::ParamGenerator<test_case_name::ParamType> \
+// The optional last argument to INSTANTIATE_TEST_CASE_P allows the user
+// to specify a function or functor that generates custom test name suffixes
+// based on the test parameters. The function should accept one argument of
+// type testing::TestParamInfo<class ParamType>, and return std::string.
+//
+// testing::PrintToStringParamName is a builtin test suffix generator that
+// returns the value of testing::PrintToString(GetParam()).
+//
+// Note: test names must be non-empty, unique, and may only contain ASCII
+// alphanumeric characters or underscore. Because PrintToString adds quotes
+// to std::string and C strings, it won't work for these types.
+
+# define INSTANTIATE_TEST_CASE_P(prefix, test_case_name, generator, ...) \
+ static ::testing::internal::ParamGenerator<test_case_name::ParamType> \
gtest_##prefix##test_case_name##_EvalGenerator_() { return generator; } \
- int gtest_##prefix##test_case_name##_dummy_ = \
+ static ::std::string gtest_##prefix##test_case_name##_EvalGenerateName_( \
+ const ::testing::TestParamInfo<test_case_name::ParamType>& info) { \
+ return ::testing::internal::GetParamNameGen<test_case_name::ParamType> \
+ (__VA_ARGS__)(info); \
+ } \
+ static int gtest_##prefix##test_case_name##_dummy_ GTEST_ATTRIBUTE_UNUSED_ = \
::testing::UnitTest::GetInstance()->parameterized_test_registry(). \
GetTestCasePatternHolder<test_case_name>(\
- #test_case_name, __FILE__, __LINE__)->AddTestCaseInstantiation(\
- #prefix, \
- >est_##prefix##test_case_name##_EvalGenerator_, \
- __FILE__, __LINE__)
+ #test_case_name, \
+ ::testing::internal::CodeLocation(\
+ __FILE__, __LINE__))->AddTestCaseInstantiation(\
+ #prefix, \
+ >est_##prefix##test_case_name##_EvalGenerator_, \
+ >est_##prefix##test_case_name##_EvalGenerateName_, \
+ __FILE__, __LINE__)
} // namespace testing
-#endif // GTEST_HAS_PARAM_TEST
-
#endif // GTEST_INCLUDE_GTEST_GTEST_PARAM_TEST_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/gtest-printers.h b/security/nss/gtests/google_test/gtest/include/gtest/gtest-printers.h
index 18ee7bc64..51865f84e 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/gtest-printers.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/gtest-printers.h
@@ -26,10 +26,9 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-// Google Test - The Google C++ Testing Framework
+
+// Google Test - The Google C++ Testing and Mocking Framework
//
// This file implements a universal value printer that can print a
// value of any type T:
@@ -46,6 +45,10 @@
// 2. operator<<(ostream&, const T&) defined in either foo or the
// global namespace.
//
+// However if T is an STL-style container then it is printed element-wise
+// unless foo::PrintTo(const T&, ostream*) is defined. Note that
+// operator<<() is ignored for container types.
+//
// If none of the above is defined, it will print the debug string of
// the value if it is a protocol buffer, or print the raw bytes in the
// value otherwise.
@@ -92,6 +95,8 @@
// being defined as many user-defined container types don't have
// value_type.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_GTEST_PRINTERS_H_
#define GTEST_INCLUDE_GTEST_GTEST_PRINTERS_H_
@@ -107,6 +112,12 @@
# include <tuple>
#endif
+#if GTEST_HAS_ABSL
+#include "absl/strings/string_view.h"
+#include "absl/types/optional.h"
+#include "absl/types/variant.h"
+#endif // GTEST_HAS_ABSL
+
namespace testing {
// Definitions in the 'internal' and 'internal2' name spaces are
@@ -125,7 +136,11 @@ enum TypeKind {
kProtobuf, // a protobuf type
kConvertibleToInteger, // a type implicitly convertible to BiggestInt
// (e.g. a named or unnamed enum type)
- kOtherType // anything else
+#if GTEST_HAS_ABSL
+ kConvertibleToStringView, // a type implicitly convertible to
+ // absl::string_view
+#endif
+ kOtherType // anything else
};
// TypeWithoutFormatter<T, kTypeKind>::PrintValue(value, os) is called
@@ -137,7 +152,8 @@ class TypeWithoutFormatter {
public:
// This default version is called when kTypeKind is kOtherType.
static void PrintValue(const T& value, ::std::ostream* os) {
- PrintBytesInObjectTo(reinterpret_cast<const unsigned char*>(&value),
+ PrintBytesInObjectTo(static_cast<const unsigned char*>(
+ reinterpret_cast<const void*>(&value)),
sizeof(value), os);
}
};
@@ -151,10 +167,10 @@ template <typename T>
class TypeWithoutFormatter<T, kProtobuf> {
public:
static void PrintValue(const T& value, ::std::ostream* os) {
- const ::testing::internal::string short_str = value.ShortDebugString();
- const ::testing::internal::string pretty_str =
- short_str.length() <= kProtobufOneLinerMaxLength ?
- short_str : ("\n" + value.DebugString());
+ std::string pretty_str = value.ShortDebugString();
+ if (pretty_str.length() > kProtobufOneLinerMaxLength) {
+ pretty_str = "\n" + value.DebugString();
+ }
*os << ("<" + pretty_str + ">");
}
};
@@ -175,6 +191,19 @@ class TypeWithoutFormatter<T, kConvertibleToInteger> {
}
};
+#if GTEST_HAS_ABSL
+template <typename T>
+class TypeWithoutFormatter<T, kConvertibleToStringView> {
+ public:
+ // Since T has neither operator<< nor PrintTo() but can be implicitly
+ // converted to absl::string_view, we print it as a absl::string_view.
+ //
+ // Note: the implementation is further below, as it depends on
+ // internal::PrintTo symbol which is defined later in the file.
+ static void PrintValue(const T& value, ::std::ostream* os);
+};
+#endif
+
// Prints the given value to the given ostream. If the value is a
// protocol message, its debug string is printed; if it's an enum or
// of a type implicitly convertible to BiggestInt, it's printed as an
@@ -202,10 +231,19 @@ class TypeWithoutFormatter<T, kConvertibleToInteger> {
template <typename Char, typename CharTraits, typename T>
::std::basic_ostream<Char, CharTraits>& operator<<(
::std::basic_ostream<Char, CharTraits>& os, const T& x) {
- TypeWithoutFormatter<T,
- (internal::IsAProtocolMessage<T>::value ? kProtobuf :
- internal::ImplicitlyConvertible<const T&, internal::BiggestInt>::value ?
- kConvertibleToInteger : kOtherType)>::PrintValue(x, &os);
+ TypeWithoutFormatter<T, (internal::IsAProtocolMessage<T>::value
+ ? kProtobuf
+ : internal::ImplicitlyConvertible<
+ const T&, internal::BiggestInt>::value
+ ? kConvertibleToInteger
+ :
+#if GTEST_HAS_ABSL
+ internal::ImplicitlyConvertible<
+ const T&, absl::string_view>::value
+ ? kConvertibleToStringView
+ :
+#endif
+ kOtherType)>::PrintValue(x, &os);
return os;
}
@@ -254,6 +292,103 @@ void DefaultPrintNonContainerTo(const T& value, ::std::ostream* os) {
namespace testing {
namespace internal {
+// FormatForComparison<ToPrint, OtherOperand>::Format(value) formats a
+// value of type ToPrint that is an operand of a comparison assertion
+// (e.g. ASSERT_EQ). OtherOperand is the type of the other operand in
+// the comparison, and is used to help determine the best way to
+// format the value. In particular, when the value is a C string
+// (char pointer) and the other operand is an STL string object, we
+// want to format the C string as a string, since we know it is
+// compared by value with the string object. If the value is a char
+// pointer but the other operand is not an STL string object, we don't
+// know whether the pointer is supposed to point to a NUL-terminated
+// string, and thus want to print it as a pointer to be safe.
+//
+// INTERNAL IMPLEMENTATION - DO NOT USE IN A USER PROGRAM.
+
+// The default case.
+template <typename ToPrint, typename OtherOperand>
+class FormatForComparison {
+ public:
+ static ::std::string Format(const ToPrint& value) {
+ return ::testing::PrintToString(value);
+ }
+};
+
+// Array.
+template <typename ToPrint, size_t N, typename OtherOperand>
+class FormatForComparison<ToPrint[N], OtherOperand> {
+ public:
+ static ::std::string Format(const ToPrint* value) {
+ return FormatForComparison<const ToPrint*, OtherOperand>::Format(value);
+ }
+};
+
+// By default, print C string as pointers to be safe, as we don't know
+// whether they actually point to a NUL-terminated string.
+
+#define GTEST_IMPL_FORMAT_C_STRING_AS_POINTER_(CharType) \
+ template <typename OtherOperand> \
+ class FormatForComparison<CharType*, OtherOperand> { \
+ public: \
+ static ::std::string Format(CharType* value) { \
+ return ::testing::PrintToString(static_cast<const void*>(value)); \
+ } \
+ }
+
+GTEST_IMPL_FORMAT_C_STRING_AS_POINTER_(char);
+GTEST_IMPL_FORMAT_C_STRING_AS_POINTER_(const char);
+GTEST_IMPL_FORMAT_C_STRING_AS_POINTER_(wchar_t);
+GTEST_IMPL_FORMAT_C_STRING_AS_POINTER_(const wchar_t);
+
+#undef GTEST_IMPL_FORMAT_C_STRING_AS_POINTER_
+
+// If a C string is compared with an STL string object, we know it's meant
+// to point to a NUL-terminated string, and thus can print it as a string.
+
+#define GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(CharType, OtherStringType) \
+ template <> \
+ class FormatForComparison<CharType*, OtherStringType> { \
+ public: \
+ static ::std::string Format(CharType* value) { \
+ return ::testing::PrintToString(value); \
+ } \
+ }
+
+GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(char, ::std::string);
+GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(const char, ::std::string);
+
+#if GTEST_HAS_GLOBAL_STRING
+GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(char, ::string);
+GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(const char, ::string);
+#endif
+
+#if GTEST_HAS_GLOBAL_WSTRING
+GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(wchar_t, ::wstring);
+GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(const wchar_t, ::wstring);
+#endif
+
+#if GTEST_HAS_STD_WSTRING
+GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(wchar_t, ::std::wstring);
+GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(const wchar_t, ::std::wstring);
+#endif
+
+#undef GTEST_IMPL_FORMAT_C_STRING_AS_STRING_
+
+// Formats a comparison assertion (e.g. ASSERT_EQ, EXPECT_LT, and etc)
+// operand to be used in a failure message. The type (but not value)
+// of the other operand may affect the format. This allows us to
+// print a char* as a raw pointer when it is compared against another
+// char* or void*, and print it as a C string when it is compared
+// against an std::string object, for example.
+//
+// INTERNAL IMPLEMENTATION - DO NOT USE IN A USER PROGRAM.
+template <typename T1, typename T2>
+std::string FormatForComparisonFailureMessage(
+ const T1& value, const T2& /* other_operand */) {
+ return FormatForComparison<T1, T2>::Format(value);
+}
+
// UniversalPrinter<T>::Print(value, ostream_ptr) prints the given
// value to the given ostream. The caller must ensure that
// 'ostream_ptr' is not NULL, or the behavior is undefined.
@@ -267,11 +402,18 @@ class UniversalPrinter;
template <typename T>
void UniversalPrint(const T& value, ::std::ostream* os);
+enum DefaultPrinterType {
+ kPrintContainer,
+ kPrintPointer,
+ kPrintFunctionPointer,
+ kPrintOther,
+};
+template <DefaultPrinterType type> struct WrapPrinterType {};
+
// Used to print an STL-style container when the user doesn't define
// a PrintTo() for it.
template <typename C>
-void DefaultPrintTo(IsContainer /* dummy */,
- false_type /* is not a pointer */,
+void DefaultPrintTo(WrapPrinterType<kPrintContainer> /* dummy */,
const C& container, ::std::ostream* os) {
const size_t kMaxCount = 32; // The maximum number of elements to print.
*os << '{';
@@ -304,40 +446,34 @@ void DefaultPrintTo(IsContainer /* dummy */,
// implementation-defined. Therefore they will be printed as raw
// bytes.)
template <typename T>
-void DefaultPrintTo(IsNotContainer /* dummy */,
- true_type /* is a pointer */,
+void DefaultPrintTo(WrapPrinterType<kPrintPointer> /* dummy */,
T* p, ::std::ostream* os) {
if (p == NULL) {
*os << "NULL";
} else {
- // C++ doesn't allow casting from a function pointer to any object
- // pointer.
- //
- // IsTrue() silences warnings: "Condition is always true",
- // "unreachable code".
- if (IsTrue(ImplicitlyConvertible<T*, const void*>::value)) {
- // T is not a function type. We just call << to print p,
- // relying on ADL to pick up user-defined << for their pointer
- // types, if any.
- *os << p;
- } else {
- // T is a function type, so '*os << p' doesn't do what we want
- // (it just prints p as bool). We want to print p as a const
- // void*. However, we cannot cast it to const void* directly,
- // even using reinterpret_cast, as earlier versions of gcc
- // (e.g. 3.4.5) cannot compile the cast when p is a function
- // pointer. Casting to UInt64 first solves the problem.
- *os << reinterpret_cast<const void*>(
- reinterpret_cast<internal::UInt64>(p));
- }
+ // T is not a function type. We just call << to print p,
+ // relying on ADL to pick up user-defined << for their pointer
+ // types, if any.
+ *os << p;
+ }
+}
+template <typename T>
+void DefaultPrintTo(WrapPrinterType<kPrintFunctionPointer> /* dummy */,
+ T* p, ::std::ostream* os) {
+ if (p == NULL) {
+ *os << "NULL";
+ } else {
+ // T is a function type, so '*os << p' doesn't do what we want
+ // (it just prints p as bool). We want to print p as a const
+ // void*.
+ *os << reinterpret_cast<const void*>(p);
}
}
// Used to print a non-container, non-pointer value when the user
// doesn't define PrintTo() for it.
template <typename T>
-void DefaultPrintTo(IsNotContainer /* dummy */,
- false_type /* is not a pointer */,
+void DefaultPrintTo(WrapPrinterType<kPrintOther> /* dummy */,
const T& value, ::std::ostream* os) {
::testing_internal::DefaultPrintNonContainerTo(value, os);
}
@@ -355,11 +491,8 @@ void DefaultPrintTo(IsNotContainer /* dummy */,
// wants).
template <typename T>
void PrintTo(const T& value, ::std::ostream* os) {
- // DefaultPrintTo() is overloaded. The type of its first two
- // arguments determine which version will be picked. If T is an
- // STL-style container, the version for container will be called; if
- // T is a pointer, the pointer version will be called; otherwise the
- // generic version will be called.
+ // DefaultPrintTo() is overloaded. The type of its first argument
+ // determines which version will be picked.
//
// Note that we check for container types here, prior to we check
// for protocol message types in our operator<<. The rationale is:
@@ -371,13 +504,27 @@ void PrintTo(const T& value, ::std::ostream* os) {
// elements; therefore we check for container types here to ensure
// that our format is used.
//
- // The second argument of DefaultPrintTo() is needed to bypass a bug
- // in Symbian's C++ compiler that prevents it from picking the right
- // overload between:
- //
- // PrintTo(const T& x, ...);
- // PrintTo(T* x, ...);
- DefaultPrintTo(IsContainerTest<T>(0), is_pointer<T>(), value, os);
+ // Note that MSVC and clang-cl do allow an implicit conversion from
+ // pointer-to-function to pointer-to-object, but clang-cl warns on it.
+ // So don't use ImplicitlyConvertible if it can be helped since it will
+ // cause this warning, and use a separate overload of DefaultPrintTo for
+ // function pointers so that the `*os << p` in the object pointer overload
+ // doesn't cause that warning either.
+ DefaultPrintTo(
+ WrapPrinterType <
+ (sizeof(IsContainerTest<T>(0)) == sizeof(IsContainer)) &&
+ !IsRecursiveContainer<T>::value
+ ? kPrintContainer
+ : !is_pointer<T>::value
+ ? kPrintOther
+#if GTEST_LANG_CXX11
+ : std::is_function<typename std::remove_pointer<T>::type>::value
+#else
+ : !internal::ImplicitlyConvertible<T, const void*>::value
+#endif
+ ? kPrintFunctionPointer
+ : kPrintPointer > (),
+ value, os);
}
// The following list of PrintTo() overloads tells
@@ -484,6 +631,17 @@ inline void PrintTo(const ::std::wstring& s, ::std::ostream* os) {
}
#endif // GTEST_HAS_STD_WSTRING
+#if GTEST_HAS_ABSL
+// Overload for absl::string_view.
+inline void PrintTo(absl::string_view sp, ::std::ostream* os) {
+ PrintTo(::std::string(sp), os);
+}
+#endif // GTEST_HAS_ABSL
+
+#if GTEST_LANG_CXX11
+inline void PrintTo(std::nullptr_t, ::std::ostream* os) { *os << "(nullptr)"; }
+#endif // GTEST_LANG_CXX11
+
#if GTEST_HAS_TR1_TUPLE || GTEST_HAS_STD_TUPLE_
// Helper function for printing a tuple. T must be instantiated with
// a tuple type.
@@ -613,6 +771,48 @@ class UniversalPrinter {
GTEST_DISABLE_MSC_WARNINGS_POP_()
};
+#if GTEST_HAS_ABSL
+
+// Printer for absl::optional
+
+template <typename T>
+class UniversalPrinter<::absl::optional<T>> {
+ public:
+ static void Print(const ::absl::optional<T>& value, ::std::ostream* os) {
+ *os << '(';
+ if (!value) {
+ *os << "nullopt";
+ } else {
+ UniversalPrint(*value, os);
+ }
+ *os << ')';
+ }
+};
+
+// Printer for absl::variant
+
+template <typename... T>
+class UniversalPrinter<::absl::variant<T...>> {
+ public:
+ static void Print(const ::absl::variant<T...>& value, ::std::ostream* os) {
+ *os << '(';
+ absl::visit(Visitor{os}, value);
+ *os << ')';
+ }
+
+ private:
+ struct Visitor {
+ template <typename U>
+ void operator()(const U& u) const {
+ *os << "'" << GetTypeName<U>() << "' with value ";
+ UniversalPrint(u, os);
+ }
+ ::std::ostream* os;
+ };
+};
+
+#endif // GTEST_HAS_ABSL
+
// UniversalPrintArray(begin, len, os) prints an array of 'len'
// elements, starting at address 'begin'.
template <typename T>
@@ -626,7 +826,7 @@ void UniversalPrintArray(const T* begin, size_t len, ::std::ostream* os) {
// If the array has more than kThreshold elements, we'll have to
// omit some details by printing only the first and the last
// kChunkSize elements.
- // TODO(wan@google.com): let the user control the threshold using a flag.
+ // FIXME: let the user control the threshold using a flag.
if (len <= kThreshold) {
PrintRawArrayTo(begin, len, os);
} else {
@@ -708,7 +908,7 @@ class UniversalTersePrinter<const char*> {
if (str == NULL) {
*os << "NULL";
} else {
- UniversalPrint(string(str), os);
+ UniversalPrint(std::string(str), os);
}
}
};
@@ -759,7 +959,7 @@ void UniversalPrint(const T& value, ::std::ostream* os) {
UniversalPrinter<T1>::Print(value, os);
}
-typedef ::std::vector<string> Strings;
+typedef ::std::vector< ::std::string> Strings;
// TuplePolicy<TupleT> must provide:
// - tuple_size
@@ -778,12 +978,13 @@ struct TuplePolicy {
static const size_t tuple_size = ::std::tr1::tuple_size<Tuple>::value;
template <size_t I>
- struct tuple_element : ::std::tr1::tuple_element<I, Tuple> {};
+ struct tuple_element : ::std::tr1::tuple_element<static_cast<int>(I), Tuple> {
+ };
template <size_t I>
- static typename AddReference<
- const typename ::std::tr1::tuple_element<I, Tuple>::type>::type get(
- const Tuple& tuple) {
+ static typename AddReference<const typename ::std::tr1::tuple_element<
+ static_cast<int>(I), Tuple>::type>::type
+ get(const Tuple& tuple) {
return ::std::tr1::get<I>(tuple);
}
};
@@ -879,6 +1080,16 @@ Strings UniversalTersePrintTupleFieldsToStrings(const Tuple& value) {
} // namespace internal
+#if GTEST_HAS_ABSL
+namespace internal2 {
+template <typename T>
+void TypeWithoutFormatter<T, kConvertibleToStringView>::PrintValue(
+ const T& value, ::std::ostream* os) {
+ internal::PrintTo(absl::string_view(value), os);
+}
+} // namespace internal2
+#endif
+
template <typename T>
::std::string PrintToString(const T& value) {
::std::stringstream ss;
@@ -888,4 +1099,9 @@ template <typename T>
} // namespace testing
+// Include any custom printer added by the local installation.
+// We must include this header at the end to make sure it can use the
+// declarations from this file.
+#include "gtest/internal/custom/gtest-printers.h"
+
#endif // GTEST_INCLUDE_GTEST_GTEST_PRINTERS_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/gtest-spi.h b/security/nss/gtests/google_test/gtest/include/gtest/gtest-spi.h
index f63fa9a1b..1e8983938 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/gtest-spi.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/gtest-spi.h
@@ -26,17 +26,21 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
//
// Utilities for testing Google Test itself and code that uses Google Test
// (e.g. frameworks built on top of Google Test).
+// GOOGLETEST_CM0004 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_GTEST_SPI_H_
#define GTEST_INCLUDE_GTEST_GTEST_SPI_H_
#include "gtest/gtest.h"
+GTEST_DISABLE_MSC_WARNINGS_PUSH_(4251 \
+/* class A needs to have dll-interface to be used by clients of class B */)
+
namespace testing {
// This helper class can be used to mock out Google Test failure reporting
@@ -97,13 +101,12 @@ class GTEST_API_ SingleFailureChecker {
public:
// The constructor remembers the arguments.
SingleFailureChecker(const TestPartResultArray* results,
- TestPartResult::Type type,
- const string& substr);
+ TestPartResult::Type type, const std::string& substr);
~SingleFailureChecker();
private:
const TestPartResultArray* const results_;
const TestPartResult::Type type_;
- const string substr_;
+ const std::string substr_;
GTEST_DISALLOW_COPY_AND_ASSIGN_(SingleFailureChecker);
};
@@ -112,6 +115,8 @@ class GTEST_API_ SingleFailureChecker {
} // namespace testing
+GTEST_DISABLE_MSC_WARNINGS_POP_() // 4251
+
// A set of macros for testing Google Test assertions or code that's expected
// to generate Google Test fatal failures. It verifies that the given
// statement will cause exactly one fatal Google Test failure with 'substr'
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/gtest-test-part.h b/security/nss/gtests/google_test/gtest/include/gtest/gtest-test-part.h
index 77eb84483..1c7b89e08 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/gtest-test-part.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/gtest-test-part.h
@@ -27,8 +27,7 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
-// Author: mheule@google.com (Markus Heule)
-//
+// GOOGLETEST_CM0001 DO NOT DELETE
#ifndef GTEST_INCLUDE_GTEST_GTEST_TEST_PART_H_
#define GTEST_INCLUDE_GTEST_GTEST_TEST_PART_H_
@@ -38,6 +37,9 @@
#include "gtest/internal/gtest-internal.h"
#include "gtest/internal/gtest-string.h"
+GTEST_DISABLE_MSC_WARNINGS_PUSH_(4251 \
+/* class A needs to have dll-interface to be used by clients of class B */)
+
namespace testing {
// A copyable object representing the result of a test part (i.e. an
@@ -143,7 +145,7 @@ class GTEST_API_ TestPartResultArray {
};
// This interface knows how to report a test part result.
-class TestPartResultReporterInterface {
+class GTEST_API_ TestPartResultReporterInterface {
public:
virtual ~TestPartResultReporterInterface() {}
@@ -176,4 +178,6 @@ class GTEST_API_ HasNewFatalFailureHelper
} // namespace testing
+GTEST_DISABLE_MSC_WARNINGS_POP_() // 4251
+
#endif // GTEST_INCLUDE_GTEST_GTEST_TEST_PART_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/gtest-typed-test.h b/security/nss/gtests/google_test/gtest/include/gtest/gtest-typed-test.h
index fe1e83b27..74bce46bd 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/gtest-typed-test.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/gtest-typed-test.h
@@ -26,8 +26,9 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
+
+// GOOGLETEST_CM0001 DO NOT DELETE
#ifndef GTEST_INCLUDE_GTEST_GTEST_TYPED_TEST_H_
#define GTEST_INCLUDE_GTEST_GTEST_TYPED_TEST_H_
@@ -82,6 +83,24 @@ TYPED_TEST(FooTest, DoesBlah) {
TYPED_TEST(FooTest, HasPropertyA) { ... }
+// TYPED_TEST_CASE takes an optional third argument which allows to specify a
+// class that generates custom test name suffixes based on the type. This should
+// be a class which has a static template function GetName(int index) returning
+// a string for each type. The provided integer index equals the index of the
+// type in the provided type list. In many cases the index can be ignored.
+//
+// For example:
+// class MyTypeNames {
+// public:
+// template <typename T>
+// static std::string GetName(int) {
+// if (std::is_same<T, char>()) return "char";
+// if (std::is_same<T, int>()) return "int";
+// if (std::is_same<T, unsigned int>()) return "unsignedInt";
+// }
+// };
+// TYPED_TEST_CASE(FooTest, MyTypes, MyTypeNames);
+
#endif // 0
// Type-parameterized tests are abstract test patterns parameterized
@@ -143,6 +162,11 @@ INSTANTIATE_TYPED_TEST_CASE_P(My, FooTest, MyTypes);
// If the type list contains only one type, you can write that type
// directly without Types<...>:
// INSTANTIATE_TYPED_TEST_CASE_P(My, FooTest, int);
+//
+// Similar to the optional argument of TYPED_TEST_CASE above,
+// INSTANTIATE_TEST_CASE_P takes an optional fourth argument which allows to
+// generate custom names.
+// INSTANTIATE_TYPED_TEST_CASE_P(My, FooTest, MyTypes, MyTypeNames);
#endif // 0
@@ -159,31 +183,46 @@ INSTANTIATE_TYPED_TEST_CASE_P(My, FooTest, MyTypes);
// given test case.
# define GTEST_TYPE_PARAMS_(TestCaseName) gtest_type_params_##TestCaseName##_
+// Expands to the name of the typedef for the NameGenerator, responsible for
+// creating the suffixes of the name.
+#define GTEST_NAME_GENERATOR_(TestCaseName) \
+ gtest_type_params_##TestCaseName##_NameGenerator
+
// The 'Types' template argument below must have spaces around it
// since some compilers may choke on '>>' when passing a template
// instance (e.g. Types<int>)
-# define TYPED_TEST_CASE(CaseName, Types) \
- typedef ::testing::internal::TypeList< Types >::type \
- GTEST_TYPE_PARAMS_(CaseName)
-
-# define TYPED_TEST(CaseName, TestName) \
- template <typename gtest_TypeParam_> \
- class GTEST_TEST_CLASS_NAME_(CaseName, TestName) \
- : public CaseName<gtest_TypeParam_> { \
- private: \
- typedef CaseName<gtest_TypeParam_> TestFixture; \
- typedef gtest_TypeParam_ TypeParam; \
- virtual void TestBody(); \
- }; \
- bool gtest_##CaseName##_##TestName##_registered_ GTEST_ATTRIBUTE_UNUSED_ = \
- ::testing::internal::TypeParameterizedTest< \
- CaseName, \
- ::testing::internal::TemplateSel< \
- GTEST_TEST_CLASS_NAME_(CaseName, TestName)>, \
- GTEST_TYPE_PARAMS_(CaseName)>::Register(\
- "", #CaseName, #TestName, 0); \
- template <typename gtest_TypeParam_> \
- void GTEST_TEST_CLASS_NAME_(CaseName, TestName)<gtest_TypeParam_>::TestBody()
+# define TYPED_TEST_CASE(CaseName, Types, ...) \
+ typedef ::testing::internal::TypeList< Types >::type GTEST_TYPE_PARAMS_( \
+ CaseName); \
+ typedef ::testing::internal::NameGeneratorSelector<__VA_ARGS__>::type \
+ GTEST_NAME_GENERATOR_(CaseName)
+
+# define TYPED_TEST(CaseName, TestName) \
+ template <typename gtest_TypeParam_> \
+ class GTEST_TEST_CLASS_NAME_(CaseName, TestName) \
+ : public CaseName<gtest_TypeParam_> { \
+ private: \
+ typedef CaseName<gtest_TypeParam_> TestFixture; \
+ typedef gtest_TypeParam_ TypeParam; \
+ virtual void TestBody(); \
+ }; \
+ static bool gtest_##CaseName##_##TestName##_registered_ \
+ GTEST_ATTRIBUTE_UNUSED_ = \
+ ::testing::internal::TypeParameterizedTest< \
+ CaseName, \
+ ::testing::internal::TemplateSel<GTEST_TEST_CLASS_NAME_(CaseName, \
+ TestName)>, \
+ GTEST_TYPE_PARAMS_( \
+ CaseName)>::Register("", \
+ ::testing::internal::CodeLocation( \
+ __FILE__, __LINE__), \
+ #CaseName, #TestName, 0, \
+ ::testing::internal::GenerateNames< \
+ GTEST_NAME_GENERATOR_(CaseName), \
+ GTEST_TYPE_PARAMS_(CaseName)>()); \
+ template <typename gtest_TypeParam_> \
+ void GTEST_TEST_CLASS_NAME_(CaseName, \
+ TestName)<gtest_TypeParam_>::TestBody()
#endif // GTEST_HAS_TYPED_TEST
@@ -240,19 +279,27 @@ INSTANTIATE_TYPED_TEST_CASE_P(My, FooTest, MyTypes);
namespace GTEST_CASE_NAMESPACE_(CaseName) { \
typedef ::testing::internal::Templates<__VA_ARGS__>::type gtest_AllTests_; \
} \
- static const char* const GTEST_REGISTERED_TEST_NAMES_(CaseName) = \
- GTEST_TYPED_TEST_CASE_P_STATE_(CaseName).VerifyRegisteredTestNames(\
- __FILE__, __LINE__, #__VA_ARGS__)
+ static const char* const GTEST_REGISTERED_TEST_NAMES_(CaseName) \
+ GTEST_ATTRIBUTE_UNUSED_ = \
+ GTEST_TYPED_TEST_CASE_P_STATE_(CaseName).VerifyRegisteredTestNames( \
+ __FILE__, __LINE__, #__VA_ARGS__)
// The 'Types' template argument below must have spaces around it
// since some compilers may choke on '>>' when passing a template
// instance (e.g. Types<int>)
-# define INSTANTIATE_TYPED_TEST_CASE_P(Prefix, CaseName, Types) \
- bool gtest_##Prefix##_##CaseName GTEST_ATTRIBUTE_UNUSED_ = \
- ::testing::internal::TypeParameterizedTestCase<CaseName, \
- GTEST_CASE_NAMESPACE_(CaseName)::gtest_AllTests_, \
- ::testing::internal::TypeList< Types >::type>::Register(\
- #Prefix, #CaseName, GTEST_REGISTERED_TEST_NAMES_(CaseName))
+# define INSTANTIATE_TYPED_TEST_CASE_P(Prefix, CaseName, Types, ...) \
+ static bool gtest_##Prefix##_##CaseName GTEST_ATTRIBUTE_UNUSED_ = \
+ ::testing::internal::TypeParameterizedTestCase< \
+ CaseName, GTEST_CASE_NAMESPACE_(CaseName)::gtest_AllTests_, \
+ ::testing::internal::TypeList< Types >::type>:: \
+ Register(#Prefix, \
+ ::testing::internal::CodeLocation(__FILE__, __LINE__), \
+ >EST_TYPED_TEST_CASE_P_STATE_(CaseName), #CaseName, \
+ GTEST_REGISTERED_TEST_NAMES_(CaseName), \
+ ::testing::internal::GenerateNames< \
+ ::testing::internal::NameGeneratorSelector< \
+ __VA_ARGS__>::type, \
+ ::testing::internal::TypeList< Types >::type>())
#endif // GTEST_HAS_TYPED_TEST_P
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/gtest.h b/security/nss/gtests/google_test/gtest/include/gtest/gtest.h
index 38ca3e976..5df4b0a3a 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/gtest.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/gtest.h
@@ -26,10 +26,9 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
//
-// Author: wan@google.com (Zhanyong Wan)
-//
-// The Google C++ Testing Framework (Google Test)
+// The Google C++ Testing and Mocking Framework (Google Test)
//
// This header file defines the public API for Google Test. It should be
// included by any test program that uses Google Test.
@@ -48,6 +47,8 @@
// registration from Barthelemy Dagenais' (barthelemy@prologique.com)
// easyUnit framework.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_GTEST_H_
#define GTEST_INCLUDE_GTEST_GTEST_H_
@@ -65,6 +66,9 @@
#include "gtest/gtest-test-part.h"
#include "gtest/gtest-typed-test.h"
+GTEST_DISABLE_MSC_WARNINGS_PUSH_(4251 \
+/* class A needs to have dll-interface to be used by clients of class B */)
+
// Depending on the platform, different string classes are available.
// On Linux, in addition to ::std::string, Google also makes use of
// class ::string, which has the same interface as ::std::string, but
@@ -82,6 +86,15 @@
namespace testing {
+// Silence C4100 (unreferenced formal parameter) and 4805
+// unsafe mix of type 'const int' and type 'const bool'
+#ifdef _MSC_VER
+# pragma warning(push)
+# pragma warning(disable:4805)
+# pragma warning(disable:4100)
+#endif
+
+
// Declares the flags.
// This flag temporary enables the disabled tests.
@@ -103,6 +116,10 @@ GTEST_DECLARE_string_(color);
// the tests to run. If the filter is not given all tests are executed.
GTEST_DECLARE_string_(filter);
+// This flag controls whether Google Test installs a signal handler that dumps
+// debugging information when fatal signals are raised.
+GTEST_DECLARE_bool_(install_failure_signal_handler);
+
// This flag causes the Google Test to list tests. None of the tests listed
// are actually run if the flag is provided.
GTEST_DECLARE_bool_(list_tests);
@@ -115,6 +132,9 @@ GTEST_DECLARE_string_(output);
// test.
GTEST_DECLARE_bool_(print_time);
+// This flags control whether Google Test prints UTF8 characters as text.
+GTEST_DECLARE_bool_(print_utf8);
+
// This flag specifies the random number seed.
GTEST_DECLARE_int32_(random_seed);
@@ -135,7 +155,7 @@ GTEST_DECLARE_int32_(stack_trace_depth);
// When this flag is specified, a failed assertion will throw an
// exception if exceptions are enabled, or exit the program with a
-// non-zero code otherwise.
+// non-zero code otherwise. For use with an external test framework.
GTEST_DECLARE_bool_(throw_on_failure);
// When this flag is set with a "host:port" string, on supported
@@ -143,6 +163,10 @@ GTEST_DECLARE_bool_(throw_on_failure);
// the specified host machine.
GTEST_DECLARE_string_(stream_result_to);
+#if GTEST_USE_OWN_FLAGFILE_FLAG_
+GTEST_DECLARE_string_(flagfile);
+#endif // GTEST_USE_OWN_FLAGFILE_FLAG_
+
// The upper limit for valid stack trace depths.
const int kMaxStackTraceDepth = 100;
@@ -160,6 +184,7 @@ class TestEventListenersAccessor;
class TestEventRepeater;
class UnitTestRecordPropertyTestHelper;
class WindowsDeathTest;
+class FuchsiaDeathTest;
class UnitTestImpl* GetUnitTestImpl();
void ReportFailureInUnknownLocation(TestPartResult::Type result_type,
const std::string& message);
@@ -259,7 +284,9 @@ class GTEST_API_ AssertionResult {
// Used in EXPECT_TRUE/FALSE(assertion_result).
AssertionResult(const AssertionResult& other);
+#if defined(_MSC_VER) && _MSC_VER < 1910
GTEST_DISABLE_MSC_WARNINGS_PUSH_(4800 /* forcing value to bool */)
+#endif
// Used in the EXPECT_TRUE/FALSE(bool_expression).
//
@@ -276,7 +303,9 @@ class GTEST_API_ AssertionResult {
/*enabler*/ = NULL)
: success_(success) {}
+#if defined(_MSC_VER) && _MSC_VER < 1910
GTEST_DISABLE_MSC_WARNINGS_POP_()
+#endif
// Assignment operator.
AssertionResult& operator=(AssertionResult other) {
@@ -297,7 +326,7 @@ class GTEST_API_ AssertionResult {
const char* message() const {
return message_.get() != NULL ? message_->c_str() : "";
}
- // TODO(vladl@google.com): Remove this after making sure no clients use it.
+ // FIXME: Remove this after making sure no clients use it.
// Deprecated; please use message() instead.
const char* failure_message() const { return message(); }
@@ -345,6 +374,15 @@ GTEST_API_ AssertionResult AssertionFailure();
// Deprecated; use AssertionFailure() << msg.
GTEST_API_ AssertionResult AssertionFailure(const Message& msg);
+} // namespace testing
+
+// Includes the auto-generated header that implements a family of generic
+// predicate assertion macros. This include comes late because it relies on
+// APIs declared above.
+#include "gtest/gtest_pred_impl.h"
+
+namespace testing {
+
// The abstract class that all tests inherit from.
//
// In Google Test, a unit test program contains one or many TestCases, and
@@ -355,12 +393,12 @@ GTEST_API_ AssertionResult AssertionFailure(const Message& msg);
// this for you.
//
// The only time you derive from Test is when defining a test fixture
-// to be used a TEST_F. For example:
+// to be used in a TEST_F. For example:
//
// class FooTest : public testing::Test {
// protected:
-// virtual void SetUp() { ... }
-// virtual void TearDown() { ... }
+// void SetUp() override { ... }
+// void TearDown() override { ... }
// ...
// };
//
@@ -452,8 +490,7 @@ class GTEST_API_ Test {
// internal method to avoid clashing with names used in user TESTs.
void DeleteSelf_() { delete this; }
- // Uses a GTestFlagSaver to save and restore all Google Test flags.
- const internal::GTestFlagSaver* const gtest_flag_saver_;
+ const internal::scoped_ptr< GTEST_FLAG_SAVER_ > gtest_flag_saver_;
// Often a user misspells SetUp() as Setup() and spends a long time
// wondering why it is never called by Google Test. The declaration of
@@ -551,9 +588,8 @@ class GTEST_API_ TestResult {
// Returns the elapsed time, in milliseconds.
TimeInMillis elapsed_time() const { return elapsed_time_; }
- // Returns the i-th test part result among all the results. i can range
- // from 0 to test_property_count() - 1. If i is not in that range, aborts
- // the program.
+ // Returns the i-th test part result among all the results. i can range from 0
+ // to total_part_count() - 1. If i is not in that range, aborts the program.
const TestPartResult& GetTestPartResult(int i) const;
// Returns the i-th test property. i can range from 0 to
@@ -570,6 +606,7 @@ class GTEST_API_ TestResult {
friend class internal::TestResultAccessor;
friend class internal::UnitTestImpl;
friend class internal::WindowsDeathTest;
+ friend class internal::FuchsiaDeathTest;
// Gets the vector of TestPartResults.
const std::vector<TestPartResult>& test_part_results() const {
@@ -595,7 +632,7 @@ class GTEST_API_ TestResult {
// Adds a failure if the key is a reserved attribute of Google Test
// testcase tags. Returns true if the property is valid.
- // TODO(russr): Validate attribute names are legal and human readable.
+ // FIXME: Validate attribute names are legal and human readable.
static bool ValidateTestProperty(const std::string& xml_element,
const TestProperty& test_property);
@@ -670,6 +707,15 @@ class GTEST_API_ TestInfo {
return NULL;
}
+ // Returns the file name where this test is defined.
+ const char* file() const { return location_.file.c_str(); }
+
+ // Returns the line where this test is defined.
+ int line() const { return location_.line; }
+
+ // Return true if this test should not be run because it's in another shard.
+ bool is_in_another_shard() const { return is_in_another_shard_; }
+
// Returns true if this test should run, that is if the test is not
// disabled (or it is disabled but the also_run_disabled_tests flag has
// been specified) and its full name matches the user-specified filter.
@@ -690,10 +736,9 @@ class GTEST_API_ TestInfo {
// Returns true iff this test will appear in the XML report.
bool is_reportable() const {
- // For now, the XML report includes all tests matching the filter.
- // In the future, we may trim tests that are excluded because of
- // sharding.
- return matches_filter_;
+ // The XML report includes tests matching the filter, excluding those
+ // run in other shards.
+ return matches_filter_ && !is_in_another_shard_;
}
// Returns the result of the test.
@@ -712,6 +757,7 @@ class GTEST_API_ TestInfo {
const char* name,
const char* type_param,
const char* value_param,
+ internal::CodeLocation code_location,
internal::TypeId fixture_class_id,
Test::SetUpTestCaseFunc set_up_tc,
Test::TearDownTestCaseFunc tear_down_tc,
@@ -723,6 +769,7 @@ class GTEST_API_ TestInfo {
const std::string& name,
const char* a_type_param, // NULL if not a type-parameterized test
const char* a_value_param, // NULL if not a value-parameterized test
+ internal::CodeLocation a_code_location,
internal::TypeId fixture_class_id,
internal::TestFactoryBase* factory);
@@ -749,11 +796,13 @@ class GTEST_API_ TestInfo {
// Text representation of the value parameter, or NULL if this is not a
// value-parameterized test.
const internal::scoped_ptr<const ::std::string> value_param_;
+ internal::CodeLocation location_;
const internal::TypeId fixture_class_id_; // ID of the test fixture class
bool should_run_; // True iff this test should run
bool is_disabled_; // True iff this test is disabled
bool matches_filter_; // True if this test matches the
// user-specified filter.
+ bool is_in_another_shard_; // Will be run in another shard.
internal::TestFactoryBase* const factory_; // The factory that creates
// the test object
@@ -978,6 +1027,18 @@ class Environment {
virtual Setup_should_be_spelled_SetUp* Setup() { return NULL; }
};
+#if GTEST_HAS_EXCEPTIONS
+
+// Exception which can be thrown from TestEventListener::OnTestPartResult.
+class GTEST_API_ AssertionException
+ : public internal::GoogleTestFailureException {
+ public:
+ explicit AssertionException(const TestPartResult& result)
+ : GoogleTestFailureException(result) {}
+};
+
+#endif // GTEST_HAS_EXCEPTIONS
+
// The interface for tracing execution of tests. The methods are organized in
// the order the corresponding events are fired.
class TestEventListener {
@@ -1006,6 +1067,8 @@ class TestEventListener {
virtual void OnTestStart(const TestInfo& test_info) = 0;
// Fired after a failed assertion or a SUCCEED() invocation.
+ // If you want to throw an exception from this function to skip to the next
+ // TEST, it must be AssertionException defined above, or inherited from it.
virtual void OnTestPartResult(const TestPartResult& test_part_result) = 0;
// Fired after the test ends.
@@ -1172,14 +1235,12 @@ class GTEST_API_ UnitTest {
// Returns the random seed used at the start of the current test run.
int random_seed() const;
-#if GTEST_HAS_PARAM_TEST
// Returns the ParameterizedTestCaseRegistry object used to keep track of
// value-parameterized tests and instantiate and register them.
//
// INTERNAL IMPLEMENTATION - DO NOT USE IN A USER PROGRAM.
internal::ParameterizedTestCaseRegistry& parameterized_test_registry()
GTEST_LOCK_EXCLUDED_(mutex_);
-#endif // GTEST_HAS_PARAM_TEST
// Gets the number of successful test cases.
int successful_test_case_count() const;
@@ -1279,11 +1340,11 @@ class GTEST_API_ UnitTest {
internal::UnitTestImpl* impl() { return impl_; }
const internal::UnitTestImpl* impl() const { return impl_; }
- // These classes and funcions are friends as they need to access private
+ // These classes and functions are friends as they need to access private
// members of UnitTest.
+ friend class ScopedTrace;
friend class Test;
friend class internal::AssertHelper;
- friend class internal::ScopedTrace;
friend class internal::StreamingListenerTest;
friend class internal::UnitTestRecordPropertyTestHelper;
friend Environment* AddGlobalTestEnvironment(Environment* env);
@@ -1360,129 +1421,40 @@ GTEST_API_ void InitGoogleTest(int* argc, wchar_t** argv);
namespace internal {
-// FormatForComparison<ToPrint, OtherOperand>::Format(value) formats a
-// value of type ToPrint that is an operand of a comparison assertion
-// (e.g. ASSERT_EQ). OtherOperand is the type of the other operand in
-// the comparison, and is used to help determine the best way to
-// format the value. In particular, when the value is a C string
-// (char pointer) and the other operand is an STL string object, we
-// want to format the C string as a string, since we know it is
-// compared by value with the string object. If the value is a char
-// pointer but the other operand is not an STL string object, we don't
-// know whether the pointer is supposed to point to a NUL-terminated
-// string, and thus want to print it as a pointer to be safe.
-//
-// INTERNAL IMPLEMENTATION - DO NOT USE IN A USER PROGRAM.
-
-// The default case.
-template <typename ToPrint, typename OtherOperand>
-class FormatForComparison {
- public:
- static ::std::string Format(const ToPrint& value) {
- return ::testing::PrintToString(value);
- }
-};
-
-// Array.
-template <typename ToPrint, size_t N, typename OtherOperand>
-class FormatForComparison<ToPrint[N], OtherOperand> {
- public:
- static ::std::string Format(const ToPrint* value) {
- return FormatForComparison<const ToPrint*, OtherOperand>::Format(value);
- }
-};
-
-// By default, print C string as pointers to be safe, as we don't know
-// whether they actually point to a NUL-terminated string.
-
-#define GTEST_IMPL_FORMAT_C_STRING_AS_POINTER_(CharType) \
- template <typename OtherOperand> \
- class FormatForComparison<CharType*, OtherOperand> { \
- public: \
- static ::std::string Format(CharType* value) { \
- return ::testing::PrintToString(static_cast<const void*>(value)); \
- } \
- }
-
-GTEST_IMPL_FORMAT_C_STRING_AS_POINTER_(char);
-GTEST_IMPL_FORMAT_C_STRING_AS_POINTER_(const char);
-GTEST_IMPL_FORMAT_C_STRING_AS_POINTER_(wchar_t);
-GTEST_IMPL_FORMAT_C_STRING_AS_POINTER_(const wchar_t);
-
-#undef GTEST_IMPL_FORMAT_C_STRING_AS_POINTER_
-
-// If a C string is compared with an STL string object, we know it's meant
-// to point to a NUL-terminated string, and thus can print it as a string.
-
-#define GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(CharType, OtherStringType) \
- template <> \
- class FormatForComparison<CharType*, OtherStringType> { \
- public: \
- static ::std::string Format(CharType* value) { \
- return ::testing::PrintToString(value); \
- } \
- }
-
-GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(char, ::std::string);
-GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(const char, ::std::string);
-
-#if GTEST_HAS_GLOBAL_STRING
-GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(char, ::string);
-GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(const char, ::string);
-#endif
-
-#if GTEST_HAS_GLOBAL_WSTRING
-GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(wchar_t, ::wstring);
-GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(const wchar_t, ::wstring);
-#endif
-
-#if GTEST_HAS_STD_WSTRING
-GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(wchar_t, ::std::wstring);
-GTEST_IMPL_FORMAT_C_STRING_AS_STRING_(const wchar_t, ::std::wstring);
-#endif
-
-#undef GTEST_IMPL_FORMAT_C_STRING_AS_STRING_
-
-// Formats a comparison assertion (e.g. ASSERT_EQ, EXPECT_LT, and etc)
-// operand to be used in a failure message. The type (but not value)
-// of the other operand may affect the format. This allows us to
-// print a char* as a raw pointer when it is compared against another
-// char* or void*, and print it as a C string when it is compared
-// against an std::string object, for example.
-//
-// INTERNAL IMPLEMENTATION - DO NOT USE IN A USER PROGRAM.
+// Separate the error generating code from the code path to reduce the stack
+// frame size of CmpHelperEQ. This helps reduce the overhead of some sanitizers
+// when calling EXPECT_* in a tight loop.
template <typename T1, typename T2>
-std::string FormatForComparisonFailureMessage(
- const T1& value, const T2& /* other_operand */) {
- return FormatForComparison<T1, T2>::Format(value);
+AssertionResult CmpHelperEQFailure(const char* lhs_expression,
+ const char* rhs_expression,
+ const T1& lhs, const T2& rhs) {
+ return EqFailure(lhs_expression,
+ rhs_expression,
+ FormatForComparisonFailureMessage(lhs, rhs),
+ FormatForComparisonFailureMessage(rhs, lhs),
+ false);
}
// The helper function for {ASSERT|EXPECT}_EQ.
template <typename T1, typename T2>
-AssertionResult CmpHelperEQ(const char* expected_expression,
- const char* actual_expression,
- const T1& expected,
- const T2& actual) {
-GTEST_DISABLE_MSC_WARNINGS_PUSH_(4389 /* signed/unsigned mismatch */)
- if (expected == actual) {
+AssertionResult CmpHelperEQ(const char* lhs_expression,
+ const char* rhs_expression,
+ const T1& lhs,
+ const T2& rhs) {
+ if (lhs == rhs) {
return AssertionSuccess();
}
-GTEST_DISABLE_MSC_WARNINGS_POP_()
- return EqFailure(expected_expression,
- actual_expression,
- FormatForComparisonFailureMessage(expected, actual),
- FormatForComparisonFailureMessage(actual, expected),
- false);
+ return CmpHelperEQFailure(lhs_expression, rhs_expression, lhs, rhs);
}
// With this overloaded version, we allow anonymous enums to be used
// in {ASSERT|EXPECT}_EQ when compiled with gcc 4, as anonymous enums
// can be implicitly cast to BiggestInt.
-GTEST_API_ AssertionResult CmpHelperEQ(const char* expected_expression,
- const char* actual_expression,
- BiggestInt expected,
- BiggestInt actual);
+GTEST_API_ AssertionResult CmpHelperEQ(const char* lhs_expression,
+ const char* rhs_expression,
+ BiggestInt lhs,
+ BiggestInt rhs);
// The helper class for {ASSERT|EXPECT}_EQ. The template argument
// lhs_is_null_literal is true iff the first argument to ASSERT_EQ()
@@ -1493,12 +1465,11 @@ class EqHelper {
public:
// This templatized version is for the general case.
template <typename T1, typename T2>
- static AssertionResult Compare(const char* expected_expression,
- const char* actual_expression,
- const T1& expected,
- const T2& actual) {
- return CmpHelperEQ(expected_expression, actual_expression, expected,
- actual);
+ static AssertionResult Compare(const char* lhs_expression,
+ const char* rhs_expression,
+ const T1& lhs,
+ const T2& rhs) {
+ return CmpHelperEQ(lhs_expression, rhs_expression, lhs, rhs);
}
// With this overloaded version, we allow anonymous enums to be used
@@ -1507,12 +1478,11 @@ class EqHelper {
//
// Even though its body looks the same as the above version, we
// cannot merge the two, as it will make anonymous enums unhappy.
- static AssertionResult Compare(const char* expected_expression,
- const char* actual_expression,
- BiggestInt expected,
- BiggestInt actual) {
- return CmpHelperEQ(expected_expression, actual_expression, expected,
- actual);
+ static AssertionResult Compare(const char* lhs_expression,
+ const char* rhs_expression,
+ BiggestInt lhs,
+ BiggestInt rhs) {
+ return CmpHelperEQ(lhs_expression, rhs_expression, lhs, rhs);
}
};
@@ -1527,40 +1497,52 @@ class EqHelper<true> {
// EXPECT_EQ(false, a_bool).
template <typename T1, typename T2>
static AssertionResult Compare(
- const char* expected_expression,
- const char* actual_expression,
- const T1& expected,
- const T2& actual,
+ const char* lhs_expression,
+ const char* rhs_expression,
+ const T1& lhs,
+ const T2& rhs,
// The following line prevents this overload from being considered if T2
// is not a pointer type. We need this because ASSERT_EQ(NULL, my_ptr)
// expands to Compare("", "", NULL, my_ptr), which requires a conversion
// to match the Secret* in the other overload, which would otherwise make
// this template match better.
typename EnableIf<!is_pointer<T2>::value>::type* = 0) {
- return CmpHelperEQ(expected_expression, actual_expression, expected,
- actual);
+ return CmpHelperEQ(lhs_expression, rhs_expression, lhs, rhs);
}
// This version will be picked when the second argument to ASSERT_EQ() is a
// pointer, e.g. ASSERT_EQ(NULL, a_pointer).
template <typename T>
static AssertionResult Compare(
- const char* expected_expression,
- const char* actual_expression,
+ const char* lhs_expression,
+ const char* rhs_expression,
// We used to have a second template parameter instead of Secret*. That
// template parameter would deduce to 'long', making this a better match
// than the first overload even without the first overload's EnableIf.
// Unfortunately, gcc with -Wconversion-null warns when "passing NULL to
// non-pointer argument" (even a deduced integral argument), so the old
// implementation caused warnings in user code.
- Secret* /* expected (NULL) */,
- T* actual) {
- // We already know that 'expected' is a null pointer.
- return CmpHelperEQ(expected_expression, actual_expression,
- static_cast<T*>(NULL), actual);
+ Secret* /* lhs (NULL) */,
+ T* rhs) {
+ // We already know that 'lhs' is a null pointer.
+ return CmpHelperEQ(lhs_expression, rhs_expression,
+ static_cast<T*>(NULL), rhs);
}
};
+// Separate the error generating code from the code path to reduce the stack
+// frame size of CmpHelperOP. This helps reduce the overhead of some sanitizers
+// when calling EXPECT_OP in a tight loop.
+template <typename T1, typename T2>
+AssertionResult CmpHelperOpFailure(const char* expr1, const char* expr2,
+ const T1& val1, const T2& val2,
+ const char* op) {
+ return AssertionFailure()
+ << "Expected: (" << expr1 << ") " << op << " (" << expr2
+ << "), actual: " << FormatForComparisonFailureMessage(val1, val2)
+ << " vs " << FormatForComparisonFailureMessage(val2, val1);
+}
+
// A macro for implementing the helper functions needed to implement
// ASSERT_?? and EXPECT_??. It is here just to avoid copy-and-paste
// of similar code.
@@ -1571,6 +1553,7 @@ class EqHelper<true> {
// with gcc 4.
//
// INTERNAL IMPLEMENTATION - DO NOT USE IN A USER PROGRAM.
+
#define GTEST_IMPL_CMP_HELPER_(op_name, op)\
template <typename T1, typename T2>\
AssertionResult CmpHelper##op_name(const char* expr1, const char* expr2, \
@@ -1578,10 +1561,7 @@ AssertionResult CmpHelper##op_name(const char* expr1, const char* expr2, \
if (val1 op val2) {\
return AssertionSuccess();\
} else {\
- return AssertionFailure() \
- << "Expected: (" << expr1 << ") " #op " (" << expr2\
- << "), actual: " << FormatForComparisonFailureMessage(val1, val2)\
- << " vs " << FormatForComparisonFailureMessage(val2, val1);\
+ return CmpHelperOpFailure(expr1, expr2, val1, val2, #op);\
}\
}\
GTEST_API_ AssertionResult CmpHelper##op_name(\
@@ -1605,18 +1585,18 @@ GTEST_IMPL_CMP_HELPER_(GT, >);
// The helper function for {ASSERT|EXPECT}_STREQ.
//
// INTERNAL IMPLEMENTATION - DO NOT USE IN A USER PROGRAM.
-GTEST_API_ AssertionResult CmpHelperSTREQ(const char* expected_expression,
- const char* actual_expression,
- const char* expected,
- const char* actual);
+GTEST_API_ AssertionResult CmpHelperSTREQ(const char* s1_expression,
+ const char* s2_expression,
+ const char* s1,
+ const char* s2);
// The helper function for {ASSERT|EXPECT}_STRCASEEQ.
//
// INTERNAL IMPLEMENTATION - DO NOT USE IN A USER PROGRAM.
-GTEST_API_ AssertionResult CmpHelperSTRCASEEQ(const char* expected_expression,
- const char* actual_expression,
- const char* expected,
- const char* actual);
+GTEST_API_ AssertionResult CmpHelperSTRCASEEQ(const char* s1_expression,
+ const char* s2_expression,
+ const char* s1,
+ const char* s2);
// The helper function for {ASSERT|EXPECT}_STRNE.
//
@@ -1638,10 +1618,10 @@ GTEST_API_ AssertionResult CmpHelperSTRCASENE(const char* s1_expression,
// Helper function for *_STREQ on wide strings.
//
// INTERNAL IMPLEMENTATION - DO NOT USE IN A USER PROGRAM.
-GTEST_API_ AssertionResult CmpHelperSTREQ(const char* expected_expression,
- const char* actual_expression,
- const wchar_t* expected,
- const wchar_t* actual);
+GTEST_API_ AssertionResult CmpHelperSTREQ(const char* s1_expression,
+ const char* s2_expression,
+ const wchar_t* s1,
+ const wchar_t* s2);
// Helper function for *_STRNE on wide strings.
//
@@ -1699,28 +1679,28 @@ namespace internal {
//
// INTERNAL IMPLEMENTATION - DO NOT USE IN A USER PROGRAM.
template <typename RawType>
-AssertionResult CmpHelperFloatingPointEQ(const char* expected_expression,
- const char* actual_expression,
- RawType expected,
- RawType actual) {
- const FloatingPoint<RawType> lhs(expected), rhs(actual);
+AssertionResult CmpHelperFloatingPointEQ(const char* lhs_expression,
+ const char* rhs_expression,
+ RawType lhs_value,
+ RawType rhs_value) {
+ const FloatingPoint<RawType> lhs(lhs_value), rhs(rhs_value);
if (lhs.AlmostEquals(rhs)) {
return AssertionSuccess();
}
- ::std::stringstream expected_ss;
- expected_ss << std::setprecision(std::numeric_limits<RawType>::digits10 + 2)
- << expected;
+ ::std::stringstream lhs_ss;
+ lhs_ss << std::setprecision(std::numeric_limits<RawType>::digits10 + 2)
+ << lhs_value;
- ::std::stringstream actual_ss;
- actual_ss << std::setprecision(std::numeric_limits<RawType>::digits10 + 2)
- << actual;
+ ::std::stringstream rhs_ss;
+ rhs_ss << std::setprecision(std::numeric_limits<RawType>::digits10 + 2)
+ << rhs_value;
- return EqFailure(expected_expression,
- actual_expression,
- StringStreamToString(&expected_ss),
- StringStreamToString(&actual_ss),
+ return EqFailure(lhs_expression,
+ rhs_expression,
+ StringStreamToString(&lhs_ss),
+ StringStreamToString(&rhs_ss),
false);
}
@@ -1777,7 +1757,6 @@ class GTEST_API_ AssertHelper {
} // namespace internal
-#if GTEST_HAS_PARAM_TEST
// The pure interface class that all value-parameterized tests inherit from.
// A value-parameterized class must inherit from both ::testing::Test and
// ::testing::WithParamInterface. In most cases that just means inheriting
@@ -1854,8 +1833,6 @@ template <typename T>
class TestWithParam : public Test, public WithParamInterface<T> {
};
-#endif // GTEST_HAS_PARAM_TEST
-
// Macros for indicating success/failure in test code.
// ADD_FAILURE unconditionally adds a failure to the current test.
@@ -1940,18 +1917,14 @@ class TestWithParam : public Test, public WithParamInterface<T> {
GTEST_TEST_BOOLEAN_(!(condition), #condition, true, false, \
GTEST_FATAL_FAILURE_)
-// Includes the auto-generated header that implements a family of
-// generic predicate assertion macros.
-#include "gtest/gtest_pred_impl.h"
-
// Macros for testing equalities and inequalities.
//
-// * {ASSERT|EXPECT}_EQ(expected, actual): Tests that expected == actual
-// * {ASSERT|EXPECT}_NE(v1, v2): Tests that v1 != v2
-// * {ASSERT|EXPECT}_LT(v1, v2): Tests that v1 < v2
-// * {ASSERT|EXPECT}_LE(v1, v2): Tests that v1 <= v2
-// * {ASSERT|EXPECT}_GT(v1, v2): Tests that v1 > v2
-// * {ASSERT|EXPECT}_GE(v1, v2): Tests that v1 >= v2
+// * {ASSERT|EXPECT}_EQ(v1, v2): Tests that v1 == v2
+// * {ASSERT|EXPECT}_NE(v1, v2): Tests that v1 != v2
+// * {ASSERT|EXPECT}_LT(v1, v2): Tests that v1 < v2
+// * {ASSERT|EXPECT}_LE(v1, v2): Tests that v1 <= v2
+// * {ASSERT|EXPECT}_GT(v1, v2): Tests that v1 > v2
+// * {ASSERT|EXPECT}_GE(v1, v2): Tests that v1 >= v2
//
// When they are not, Google Test prints both the tested expressions and
// their actual values. The values must be compatible built-in types,
@@ -1973,8 +1946,8 @@ class TestWithParam : public Test, public WithParamInterface<T> {
// are related, not how their content is related. To compare two C
// strings by content, use {ASSERT|EXPECT}_STR*().
//
-// 3. {ASSERT|EXPECT}_EQ(expected, actual) is preferred to
-// {ASSERT|EXPECT}_TRUE(expected == actual), as the former tells you
+// 3. {ASSERT|EXPECT}_EQ(v1, v2) is preferred to
+// {ASSERT|EXPECT}_TRUE(v1 == v2), as the former tells you
// what the actual value is when it fails, and similarly for the
// other comparisons.
//
@@ -1985,17 +1958,17 @@ class TestWithParam : public Test, public WithParamInterface<T> {
//
// Examples:
//
-// EXPECT_NE(5, Foo());
-// EXPECT_EQ(NULL, a_pointer);
+// EXPECT_NE(Foo(), 5);
+// EXPECT_EQ(a_pointer, NULL);
// ASSERT_LT(i, array_size);
// ASSERT_GT(records.size(), 0) << "There is no record left.";
-#define EXPECT_EQ(expected, actual) \
+#define EXPECT_EQ(val1, val2) \
EXPECT_PRED_FORMAT2(::testing::internal:: \
- EqHelper<GTEST_IS_NULL_LITERAL_(expected)>::Compare, \
- expected, actual)
-#define EXPECT_NE(expected, actual) \
- EXPECT_PRED_FORMAT2(::testing::internal::CmpHelperNE, expected, actual)
+ EqHelper<GTEST_IS_NULL_LITERAL_(val1)>::Compare, \
+ val1, val2)
+#define EXPECT_NE(val1, val2) \
+ EXPECT_PRED_FORMAT2(::testing::internal::CmpHelperNE, val1, val2)
#define EXPECT_LE(val1, val2) \
EXPECT_PRED_FORMAT2(::testing::internal::CmpHelperLE, val1, val2)
#define EXPECT_LT(val1, val2) \
@@ -2005,10 +1978,10 @@ class TestWithParam : public Test, public WithParamInterface<T> {
#define EXPECT_GT(val1, val2) \
EXPECT_PRED_FORMAT2(::testing::internal::CmpHelperGT, val1, val2)
-#define GTEST_ASSERT_EQ(expected, actual) \
+#define GTEST_ASSERT_EQ(val1, val2) \
ASSERT_PRED_FORMAT2(::testing::internal:: \
- EqHelper<GTEST_IS_NULL_LITERAL_(expected)>::Compare, \
- expected, actual)
+ EqHelper<GTEST_IS_NULL_LITERAL_(val1)>::Compare, \
+ val1, val2)
#define GTEST_ASSERT_NE(val1, val2) \
ASSERT_PRED_FORMAT2(::testing::internal::CmpHelperNE, val1, val2)
#define GTEST_ASSERT_LE(val1, val2) \
@@ -2063,29 +2036,29 @@ class TestWithParam : public Test, public WithParamInterface<T> {
//
// These macros evaluate their arguments exactly once.
-#define EXPECT_STREQ(expected, actual) \
- EXPECT_PRED_FORMAT2(::testing::internal::CmpHelperSTREQ, expected, actual)
+#define EXPECT_STREQ(s1, s2) \
+ EXPECT_PRED_FORMAT2(::testing::internal::CmpHelperSTREQ, s1, s2)
#define EXPECT_STRNE(s1, s2) \
EXPECT_PRED_FORMAT2(::testing::internal::CmpHelperSTRNE, s1, s2)
-#define EXPECT_STRCASEEQ(expected, actual) \
- EXPECT_PRED_FORMAT2(::testing::internal::CmpHelperSTRCASEEQ, expected, actual)
+#define EXPECT_STRCASEEQ(s1, s2) \
+ EXPECT_PRED_FORMAT2(::testing::internal::CmpHelperSTRCASEEQ, s1, s2)
#define EXPECT_STRCASENE(s1, s2)\
EXPECT_PRED_FORMAT2(::testing::internal::CmpHelperSTRCASENE, s1, s2)
-#define ASSERT_STREQ(expected, actual) \
- ASSERT_PRED_FORMAT2(::testing::internal::CmpHelperSTREQ, expected, actual)
+#define ASSERT_STREQ(s1, s2) \
+ ASSERT_PRED_FORMAT2(::testing::internal::CmpHelperSTREQ, s1, s2)
#define ASSERT_STRNE(s1, s2) \
ASSERT_PRED_FORMAT2(::testing::internal::CmpHelperSTRNE, s1, s2)
-#define ASSERT_STRCASEEQ(expected, actual) \
- ASSERT_PRED_FORMAT2(::testing::internal::CmpHelperSTRCASEEQ, expected, actual)
+#define ASSERT_STRCASEEQ(s1, s2) \
+ ASSERT_PRED_FORMAT2(::testing::internal::CmpHelperSTRCASEEQ, s1, s2)
#define ASSERT_STRCASENE(s1, s2)\
ASSERT_PRED_FORMAT2(::testing::internal::CmpHelperSTRCASENE, s1, s2)
// Macros for comparing floating-point numbers.
//
-// * {ASSERT|EXPECT}_FLOAT_EQ(expected, actual):
+// * {ASSERT|EXPECT}_FLOAT_EQ(val1, val2):
// Tests that two float values are almost equal.
-// * {ASSERT|EXPECT}_DOUBLE_EQ(expected, actual):
+// * {ASSERT|EXPECT}_DOUBLE_EQ(val1, val2):
// Tests that two double values are almost equal.
// * {ASSERT|EXPECT}_NEAR(v1, v2, abs_error):
// Tests that v1 and v2 are within the given distance to each other.
@@ -2095,21 +2068,21 @@ class TestWithParam : public Test, public WithParamInterface<T> {
// FloatingPoint template class in gtest-internal.h if you are
// interested in the implementation details.
-#define EXPECT_FLOAT_EQ(expected, actual)\
+#define EXPECT_FLOAT_EQ(val1, val2)\
EXPECT_PRED_FORMAT2(::testing::internal::CmpHelperFloatingPointEQ<float>, \
- expected, actual)
+ val1, val2)
-#define EXPECT_DOUBLE_EQ(expected, actual)\
+#define EXPECT_DOUBLE_EQ(val1, val2)\
EXPECT_PRED_FORMAT2(::testing::internal::CmpHelperFloatingPointEQ<double>, \
- expected, actual)
+ val1, val2)
-#define ASSERT_FLOAT_EQ(expected, actual)\
+#define ASSERT_FLOAT_EQ(val1, val2)\
ASSERT_PRED_FORMAT2(::testing::internal::CmpHelperFloatingPointEQ<float>, \
- expected, actual)
+ val1, val2)
-#define ASSERT_DOUBLE_EQ(expected, actual)\
+#define ASSERT_DOUBLE_EQ(val1, val2)\
ASSERT_PRED_FORMAT2(::testing::internal::CmpHelperFloatingPointEQ<double>, \
- expected, actual)
+ val1, val2)
#define EXPECT_NEAR(val1, val2, abs_error)\
EXPECT_PRED_FORMAT3(::testing::internal::DoubleNearPredFormat, \
@@ -2172,6 +2145,57 @@ GTEST_API_ AssertionResult DoubleLE(const char* expr1, const char* expr2,
#define EXPECT_NO_FATAL_FAILURE(statement) \
GTEST_TEST_NO_FATAL_FAILURE_(statement, GTEST_NONFATAL_FAILURE_)
+// Causes a trace (including the given source file path and line number,
+// and the given message) to be included in every test failure message generated
+// by code in the scope of the lifetime of an instance of this class. The effect
+// is undone with the destruction of the instance.
+//
+// The message argument can be anything streamable to std::ostream.
+//
+// Example:
+// testing::ScopedTrace trace("file.cc", 123, "message");
+//
+class GTEST_API_ ScopedTrace {
+ public:
+ // The c'tor pushes the given source file location and message onto
+ // a trace stack maintained by Google Test.
+
+ // Template version. Uses Message() to convert the values into strings.
+ // Slow, but flexible.
+ template <typename T>
+ ScopedTrace(const char* file, int line, const T& message) {
+ PushTrace(file, line, (Message() << message).GetString());
+ }
+
+ // Optimize for some known types.
+ ScopedTrace(const char* file, int line, const char* message) {
+ PushTrace(file, line, message ? message : "(null)");
+ }
+
+#if GTEST_HAS_GLOBAL_STRING
+ ScopedTrace(const char* file, int line, const ::string& message) {
+ PushTrace(file, line, message);
+ }
+#endif
+
+ ScopedTrace(const char* file, int line, const std::string& message) {
+ PushTrace(file, line, message);
+ }
+
+ // The d'tor pops the info pushed by the c'tor.
+ //
+ // Note that the d'tor is not virtual in order to be efficient.
+ // Don't inherit from ScopedTrace!
+ ~ScopedTrace();
+
+ private:
+ void PushTrace(const char* file, int line, std::string message);
+
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(ScopedTrace);
+} GTEST_ATTRIBUTE_UNUSED_; // A ScopedTrace object does its job in its
+ // c'tor and d'tor. Therefore it doesn't
+ // need to be used otherwise.
+
// Causes a trace (including the source file path, the current line
// number, and the given message) to be included in every test failure
// message generated by code in the current scope. The effect is
@@ -2183,9 +2207,14 @@ GTEST_API_ AssertionResult DoubleLE(const char* expr1, const char* expr2,
// of the dummy variable name, thus allowing multiple SCOPED_TRACE()s
// to appear in the same block - as long as they are on different
// lines.
+//
+// Assuming that each thread maintains its own stack of traces.
+// Therefore, a SCOPED_TRACE() would (correctly) only affect the
+// assertions in its own thread.
#define SCOPED_TRACE(message) \
- ::testing::internal::ScopedTrace GTEST_CONCAT_TOKEN_(gtest_trace_, __LINE__)(\
- __FILE__, __LINE__, ::testing::Message() << (message))
+ ::testing::ScopedTrace GTEST_CONCAT_TOKEN_(gtest_trace_, __LINE__)(\
+ __FILE__, __LINE__, (message))
+
// Compile-time assertion for type equality.
// StaticAssertTypeEq<type1, type2>() compiles iff type1 and type2 are
@@ -2265,7 +2294,7 @@ bool StaticAssertTypeEq() {
// name of the test within the test case.
//
// A test fixture class must be declared earlier. The user should put
-// his test code between braces after using this macro. Example:
+// the test code between braces after using this macro. Example:
//
// class FooTest : public testing::Test {
// protected:
@@ -2280,14 +2309,22 @@ bool StaticAssertTypeEq() {
// }
//
// TEST_F(FooTest, ReturnsElementCountCorrectly) {
-// EXPECT_EQ(0, a_.size());
-// EXPECT_EQ(1, b_.size());
+// EXPECT_EQ(a_.size(), 0);
+// EXPECT_EQ(b_.size(), 1);
// }
#define TEST_F(test_fixture, test_name)\
GTEST_TEST_(test_fixture, test_name, test_fixture, \
::testing::internal::GetTypeId<test_fixture>())
+// Returns a path to temporary directory.
+// Tries to determine an appropriate directory for the platform.
+GTEST_API_ std::string TempDir();
+
+#ifdef _MSC_VER
+# pragma warning(pop)
+#endif
+
} // namespace testing
// Use this function in main() to run all tests. It returns 0 if all
@@ -2304,4 +2341,6 @@ inline int RUN_ALL_TESTS() {
return ::testing::UnitTest::GetInstance()->Run();
}
+GTEST_DISABLE_MSC_WARNINGS_POP_() // 4251
+
#endif // GTEST_INCLUDE_GTEST_GTEST_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/gtest_pred_impl.h b/security/nss/gtests/google_test/gtest/include/gtest/gtest_pred_impl.h
index 30ae712f5..0c1105cb8 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/gtest_pred_impl.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/gtest_pred_impl.h
@@ -27,18 +27,19 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-// This file is AUTOMATICALLY GENERATED on 10/31/2011 by command
+// This file is AUTOMATICALLY GENERATED on 01/02/2018 by command
// 'gen_gtest_pred_impl.py 5'. DO NOT EDIT BY HAND!
//
// Implements a family of generic predicate assertion macros.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_GTEST_PRED_IMPL_H_
#define GTEST_INCLUDE_GTEST_GTEST_PRED_IMPL_H_
-// Makes sure this header is not included before gtest.h.
-#ifndef GTEST_INCLUDE_GTEST_GTEST_H_
-# error Do not include gtest_pred_impl.h directly. Include gtest.h instead.
-#endif // GTEST_INCLUDE_GTEST_GTEST_H_
+#include "gtest/gtest.h"
+
+namespace testing {
// This header implements a family of generic predicate assertion
// macros:
@@ -66,8 +67,6 @@
// We also define the EXPECT_* variations.
//
// For now we only support predicates whose arity is at most 5.
-// Please email googletestframework@googlegroups.com if you need
-// support for higher arities.
// GTEST_ASSERT_ is the basic statement to which all of the assertions
// in this file reduce. Don't use this in your code.
@@ -355,4 +354,6 @@ AssertionResult AssertPred5Helper(const char* pred_text,
+} // namespace testing
+
#endif // GTEST_INCLUDE_GTEST_GTEST_PRED_IMPL_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/gtest_prod.h b/security/nss/gtests/google_test/gtest/include/gtest/gtest_prod.h
index da80ddc6c..e651671eb 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/gtest_prod.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/gtest_prod.h
@@ -26,10 +26,10 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
//
-// Author: wan@google.com (Zhanyong Wan)
-//
-// Google C++ Testing Framework definitions useful in production code.
+// Google C++ Testing and Mocking Framework definitions useful in production code.
+// GOOGLETEST_CM0003 DO NOT DELETE
#ifndef GTEST_INCLUDE_GTEST_GTEST_PROD_H_
#define GTEST_INCLUDE_GTEST_GTEST_PROD_H_
@@ -40,17 +40,20 @@
//
// class MyClass {
// private:
-// void MyMethod();
-// FRIEND_TEST(MyClassTest, MyMethod);
+// void PrivateMethod();
+// FRIEND_TEST(MyClassTest, PrivateMethodWorks);
// };
//
// class MyClassTest : public testing::Test {
// // ...
// };
//
-// TEST_F(MyClassTest, MyMethod) {
-// // Can call MyClass::MyMethod() here.
+// TEST_F(MyClassTest, PrivateMethodWorks) {
+// // Can call MyClass::PrivateMethod() here.
// }
+//
+// Note: The test class must be in the same namespace as the class being tested.
+// For example, putting MyClassTest in an anonymous namespace will not work.
#define FRIEND_TEST(test_case_name, test_name)\
friend class test_case_name##_##test_name##_Test
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/custom/README.md b/security/nss/gtests/google_test/gtest/include/gtest/internal/custom/README.md
new file mode 100644
index 000000000..ff391fb4e
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/custom/README.md
@@ -0,0 +1,56 @@
+# Customization Points
+
+The custom directory is an injection point for custom user configurations.
+
+## Header `gtest.h`
+
+### The following macros can be defined:
+
+* `GTEST_OS_STACK_TRACE_GETTER_` - The name of an implementation of
+ `OsStackTraceGetterInterface`.
+* `GTEST_CUSTOM_TEMPDIR_FUNCTION_` - An override for `testing::TempDir()`. See
+ `testing::TempDir` for semantics and signature.
+
+## Header `gtest-port.h`
+
+The following macros can be defined:
+
+### Flag related macros:
+
+* `GTEST_FLAG(flag_name)`
+* `GTEST_USE_OWN_FLAGFILE_FLAG_` - Define to 0 when the system provides its
+ own flagfile flag parsing.
+* `GTEST_DECLARE_bool_(name)`
+* `GTEST_DECLARE_int32_(name)`
+* `GTEST_DECLARE_string_(name)`
+* `GTEST_DEFINE_bool_(name, default_val, doc)`
+* `GTEST_DEFINE_int32_(name, default_val, doc)`
+* `GTEST_DEFINE_string_(name, default_val, doc)`
+
+### Logging:
+
+* `GTEST_LOG_(severity)`
+* `GTEST_CHECK_(condition)`
+* Functions `LogToStderr()` and `FlushInfoLog()` have to be provided too.
+
+### Threading:
+
+* `GTEST_HAS_NOTIFICATION_` - Enabled if Notification is already provided.
+* `GTEST_HAS_MUTEX_AND_THREAD_LOCAL_` - Enabled if `Mutex` and `ThreadLocal`
+ are already provided. Must also provide `GTEST_DECLARE_STATIC_MUTEX_(mutex)`
+ and `GTEST_DEFINE_STATIC_MUTEX_(mutex)`
+* `GTEST_EXCLUSIVE_LOCK_REQUIRED_(locks)`
+* `GTEST_LOCK_EXCLUDED_(locks)`
+
+### Underlying library support features
+
+* `GTEST_HAS_CXXABI_H_`
+
+### Exporting API symbols:
+
+* `GTEST_API_` - Specifier for exported symbols.
+
+## Header `gtest-printers.h`
+
+* See documentation at `gtest/gtest-printers.h` for details on how to define a
+ custom printer.
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/custom/gtest-port.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/custom/gtest-port.h
new file mode 100644
index 000000000..cd85d956d
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/custom/gtest-port.h
@@ -0,0 +1,37 @@
+// Copyright 2015, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Injection point for custom user configurations. See README for details
+//
+// ** Custom implementation starts here **
+
+#ifndef GTEST_INCLUDE_GTEST_INTERNAL_CUSTOM_GTEST_PORT_H_
+#define GTEST_INCLUDE_GTEST_INTERNAL_CUSTOM_GTEST_PORT_H_
+
+#endif // GTEST_INCLUDE_GTEST_INTERNAL_CUSTOM_GTEST_PORT_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/custom/gtest-printers.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/custom/gtest-printers.h
new file mode 100644
index 000000000..eb4467abc
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/custom/gtest-printers.h
@@ -0,0 +1,42 @@
+// Copyright 2015, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// This file provides an injection point for custom printers in a local
+// installation of gTest.
+// It will be included from gtest-printers.h and the overrides in this file
+// will be visible to everyone.
+//
+// Injection point for custom user configurations. See README for details
+//
+// ** Custom implementation starts here **
+
+#ifndef GTEST_INCLUDE_GTEST_INTERNAL_CUSTOM_GTEST_PRINTERS_H_
+#define GTEST_INCLUDE_GTEST_INTERNAL_CUSTOM_GTEST_PRINTERS_H_
+
+#endif // GTEST_INCLUDE_GTEST_INTERNAL_CUSTOM_GTEST_PRINTERS_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/custom/gtest.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/custom/gtest.h
new file mode 100644
index 000000000..4c8e07be2
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/custom/gtest.h
@@ -0,0 +1,37 @@
+// Copyright 2015, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Injection point for custom user configurations. See README for details
+//
+// ** Custom implementation starts here **
+
+#ifndef GTEST_INCLUDE_GTEST_INTERNAL_CUSTOM_GTEST_H_
+#define GTEST_INCLUDE_GTEST_INTERNAL_CUSTOM_GTEST_H_
+
+#endif // GTEST_INCLUDE_GTEST_INTERNAL_CUSTOM_GTEST_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-death-test-internal.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-death-test-internal.h
index 2b3a78f5b..0a9b42c8a 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-death-test-internal.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-death-test-internal.h
@@ -27,12 +27,11 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
-// Authors: wan@google.com (Zhanyong Wan), eefacm@gmail.com (Sean Mcafee)
-//
-// The Google C++ Testing Framework (Google Test)
+// The Google C++ Testing and Mocking Framework (Google Test)
//
// This header file defines internal utilities needed for implementing
// death tests. They are subject to change without notice.
+// GOOGLETEST_CM0001 DO NOT DELETE
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_DEATH_TEST_INTERNAL_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_DEATH_TEST_INTERNAL_H_
@@ -53,6 +52,9 @@ const char kInternalRunDeathTestFlag[] = "internal_run_death_test";
#if GTEST_HAS_DEATH_TEST
+GTEST_DISABLE_MSC_WARNINGS_PUSH_(4251 \
+/* class A needs to have dll-interface to be used by clients of class B */)
+
// DeathTest is a class that hides much of the complexity of the
// GTEST_DEATH_TEST_ macro. It is abstract; its static Create method
// returns a concrete class that depends on the prevailing death test
@@ -136,6 +138,8 @@ class GTEST_API_ DeathTest {
GTEST_DISALLOW_COPY_AND_ASSIGN_(DeathTest);
};
+GTEST_DISABLE_MSC_WARNINGS_POP_() // 4251
+
// Factory interface for death tests. May be mocked out for testing.
class DeathTestFactory {
public:
@@ -218,14 +222,18 @@ GTEST_API_ bool ExitedUnsuccessfully(int exit_status);
// can be streamed.
// This macro is for implementing ASSERT/EXPECT_DEBUG_DEATH when compiled in
-// NDEBUG mode. In this case we need the statements to be executed, the regex is
-// ignored, and the macro must accept a streamed message even though the message
-// is never printed.
-# define GTEST_EXECUTE_STATEMENT_(statement, regex) \
- GTEST_AMBIGUOUS_ELSE_BLOCKER_ \
- if (::testing::internal::AlwaysTrue()) { \
- GTEST_SUPPRESS_UNREACHABLE_CODE_WARNING_BELOW_(statement); \
- } else \
+// NDEBUG mode. In this case we need the statements to be executed and the macro
+// must accept a streamed message even though the message is never printed.
+// The regex object is not evaluated, but it is used to prevent "unused"
+// warnings and to avoid an expression that doesn't compile in debug mode.
+#define GTEST_EXECUTE_STATEMENT_(statement, regex) \
+ GTEST_AMBIGUOUS_ELSE_BLOCKER_ \
+ if (::testing::internal::AlwaysTrue()) { \
+ GTEST_SUPPRESS_UNREACHABLE_CODE_WARNING_BELOW_(statement); \
+ } else if (!::testing::internal::AlwaysTrue()) { \
+ const ::testing::internal::RE& gtest_regex = (regex); \
+ static_cast<void>(gtest_regex); \
+ } else \
::testing::Message()
// A class representing the parsed contents of the
@@ -264,53 +272,6 @@ class InternalRunDeathTestFlag {
// the flag is specified; otherwise returns NULL.
InternalRunDeathTestFlag* ParseInternalRunDeathTestFlag();
-#else // GTEST_HAS_DEATH_TEST
-
-// This macro is used for implementing macros such as
-// EXPECT_DEATH_IF_SUPPORTED and ASSERT_DEATH_IF_SUPPORTED on systems where
-// death tests are not supported. Those macros must compile on such systems
-// iff EXPECT_DEATH and ASSERT_DEATH compile with the same parameters on
-// systems that support death tests. This allows one to write such a macro
-// on a system that does not support death tests and be sure that it will
-// compile on a death-test supporting system.
-//
-// Parameters:
-// statement - A statement that a macro such as EXPECT_DEATH would test
-// for program termination. This macro has to make sure this
-// statement is compiled but not executed, to ensure that
-// EXPECT_DEATH_IF_SUPPORTED compiles with a certain
-// parameter iff EXPECT_DEATH compiles with it.
-// regex - A regex that a macro such as EXPECT_DEATH would use to test
-// the output of statement. This parameter has to be
-// compiled but not evaluated by this macro, to ensure that
-// this macro only accepts expressions that a macro such as
-// EXPECT_DEATH would accept.
-// terminator - Must be an empty statement for EXPECT_DEATH_IF_SUPPORTED
-// and a return statement for ASSERT_DEATH_IF_SUPPORTED.
-// This ensures that ASSERT_DEATH_IF_SUPPORTED will not
-// compile inside functions where ASSERT_DEATH doesn't
-// compile.
-//
-// The branch that has an always false condition is used to ensure that
-// statement and regex are compiled (and thus syntactically correct) but
-// never executed. The unreachable code macro protects the terminator
-// statement from generating an 'unreachable code' warning in case
-// statement unconditionally returns or throws. The Message constructor at
-// the end allows the syntax of streaming additional messages into the
-// macro, for compilational compatibility with EXPECT_DEATH/ASSERT_DEATH.
-# define GTEST_UNSUPPORTED_DEATH_TEST_(statement, regex, terminator) \
- GTEST_AMBIGUOUS_ELSE_BLOCKER_ \
- if (::testing::internal::AlwaysTrue()) { \
- GTEST_LOG_(WARNING) \
- << "Death tests are not supported on this platform.\n" \
- << "Statement '" #statement "' cannot be verified."; \
- } else if (::testing::internal::AlwaysFalse()) { \
- ::testing::internal::RE::PartialMatch(".*", (regex)); \
- GTEST_SUPPRESS_UNREACHABLE_CODE_WARNING_BELOW_(statement); \
- terminator; \
- } else \
- ::testing::Message()
-
#endif // GTEST_HAS_DEATH_TEST
} // namespace internal
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-filepath.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-filepath.h
index 7a13b4b0d..ae38d95bf 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-filepath.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-filepath.h
@@ -27,21 +27,24 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
-// Author: keith.ray@gmail.com (Keith Ray)
-//
// Google Test filepath utilities
//
// This header file declares classes and functions used internally by
// Google Test. They are subject to change without notice.
//
-// This file is #included in <gtest/internal/gtest-internal.h>.
+// This file is #included in gtest/internal/gtest-internal.h.
// Do not include this header file separately!
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_FILEPATH_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_FILEPATH_H_
#include "gtest/internal/gtest-string.h"
+GTEST_DISABLE_MSC_WARNINGS_PUSH_(4251 \
+/* class A needs to have dll-interface to be used by clients of class B */)
+
namespace testing {
namespace internal {
@@ -203,4 +206,6 @@ class GTEST_API_ FilePath {
} // namespace internal
} // namespace testing
+GTEST_DISABLE_MSC_WARNINGS_POP_() // 4251
+
#endif // GTEST_INCLUDE_GTEST_INTERNAL_GTEST_FILEPATH_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-internal.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-internal.h
index 21a0f567b..b762f61fc 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-internal.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-internal.h
@@ -27,13 +27,13 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
-// Authors: wan@google.com (Zhanyong Wan), eefacm@gmail.com (Sean Mcafee)
-//
-// The Google C++ Testing Framework (Google Test)
+// The Google C++ Testing and Mocking Framework (Google Test)
//
// This header file declares functions and macros used internally by
// Google Test. They are subject to change without notice.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_INTERNAL_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_INTERNAL_H_
@@ -55,13 +55,14 @@
#include <string.h>
#include <iomanip>
#include <limits>
+#include <map>
#include <set>
#include <string>
#include <vector>
#include "gtest/gtest-message.h"
-#include "gtest/internal/gtest-string.h"
#include "gtest/internal/gtest-filepath.h"
+#include "gtest/internal/gtest-string.h"
#include "gtest/internal/gtest-type-util.h"
// Due to C++ preprocessor weirdness, we need double indirection to
@@ -75,6 +76,9 @@
#define GTEST_CONCAT_TOKEN_(foo, bar) GTEST_CONCAT_TOKEN_IMPL_(foo, bar)
#define GTEST_CONCAT_TOKEN_IMPL_(foo, bar) foo ## bar
+// Stringifies its argument.
+#define GTEST_STRINGIFY_(name) #name
+
class ProtocolMessage;
namespace proto2 { class Message; }
@@ -95,13 +99,9 @@ template <typename T>
namespace internal {
struct TraceInfo; // Information about a trace point.
-class ScopedTrace; // Implements scoped trace.
class TestInfoImpl; // Opaque implementation of TestInfo
class UnitTestImpl; // Opaque implementation of UnitTest
-// How many times InitGoogleTest() has been called.
-GTEST_API_ extern int g_init_gtest_count;
-
// The text used in failure messages to indicate the start of the
// stack trace.
GTEST_API_ extern const char kStackTraceMarker[];
@@ -141,6 +141,9 @@ GTEST_API_ std::string AppendUserMessage(
#if GTEST_HAS_EXCEPTIONS
+GTEST_DISABLE_MSC_WARNINGS_PUSH_(4275 \
+/* an exported class was derived from a class that was not exported */)
+
// This exception is thrown by (and only by) a failed Google Test
// assertion when GTEST_FLAG(throw_on_failure) is true (if exceptions
// are enabled). We derive it from std::runtime_error, which is for
@@ -152,32 +155,15 @@ class GTEST_API_ GoogleTestFailureException : public ::std::runtime_error {
explicit GoogleTestFailureException(const TestPartResult& failure);
};
-#endif // GTEST_HAS_EXCEPTIONS
-
-// A helper class for creating scoped traces in user programs.
-class GTEST_API_ ScopedTrace {
- public:
- // The c'tor pushes the given source file location and message onto
- // a trace stack maintained by Google Test.
- ScopedTrace(const char* file, int line, const Message& message);
-
- // The d'tor pops the info pushed by the c'tor.
- //
- // Note that the d'tor is not virtual in order to be efficient.
- // Don't inherit from ScopedTrace!
- ~ScopedTrace();
+GTEST_DISABLE_MSC_WARNINGS_POP_() // 4275
- private:
- GTEST_DISALLOW_COPY_AND_ASSIGN_(ScopedTrace);
-} GTEST_ATTRIBUTE_UNUSED_; // A ScopedTrace object does its job in its
- // c'tor and d'tor. Therefore it doesn't
- // need to be used otherwise.
+#endif // GTEST_HAS_EXCEPTIONS
namespace edit_distance {
// Returns the optimal edits to go from 'left' to 'right'.
// All edits cost the same, with replace having lower priority than
// add/remove.
-// Simple implementation of the Wagner–Fischer algorithm.
+// Simple implementation of the Wagner-Fischer algorithm.
// See http://en.wikipedia.org/wiki/Wagner-Fischer_algorithm
enum EditType { kMatch, kAdd, kRemove, kReplace };
GTEST_API_ std::vector<EditType> CalculateOptimalEdits(
@@ -503,6 +489,14 @@ GTEST_API_ AssertionResult IsHRESULTFailure(const char* expr,
typedef void (*SetUpTestCaseFunc)();
typedef void (*TearDownTestCaseFunc)();
+struct CodeLocation {
+ CodeLocation(const std::string& a_file, int a_line)
+ : file(a_file), line(a_line) {}
+
+ std::string file;
+ int line;
+};
+
// Creates a new TestInfo object and registers it with Google Test;
// returns the created object.
//
@@ -514,6 +508,7 @@ typedef void (*TearDownTestCaseFunc)();
// this is not a typed or a type-parameterized test.
// value_param text representation of the test's value parameter,
// or NULL if this is not a type-parameterized test.
+// code_location: code location where the test is defined
// fixture_class_id: ID of the test fixture class
// set_up_tc: pointer to the function that sets up the test case
// tear_down_tc: pointer to the function that tears down the test case
@@ -525,6 +520,7 @@ GTEST_API_ TestInfo* MakeAndRegisterTestInfo(
const char* name,
const char* type_param,
const char* value_param,
+ CodeLocation code_location,
TypeId fixture_class_id,
SetUpTestCaseFunc set_up_tc,
TearDownTestCaseFunc tear_down_tc,
@@ -537,6 +533,9 @@ GTEST_API_ bool SkipPrefix(const char* prefix, const char** pstr);
#if GTEST_HAS_TYPED_TEST || GTEST_HAS_TYPED_TEST_P
+GTEST_DISABLE_MSC_WARNINGS_PUSH_(4251 \
+/* class A needs to have dll-interface to be used by clients of class B */)
+
// State of the definition of a type-parameterized test case.
class GTEST_API_ TypedTestCasePState {
public:
@@ -554,10 +553,21 @@ class GTEST_API_ TypedTestCasePState {
fflush(stderr);
posix::Abort();
}
- defined_test_names_.insert(test_name);
+ registered_tests_.insert(
+ ::std::make_pair(test_name, CodeLocation(file, line)));
return true;
}
+ bool TestExists(const std::string& test_name) const {
+ return registered_tests_.count(test_name) > 0;
+ }
+
+ const CodeLocation& GetCodeLocation(const std::string& test_name) const {
+ RegisteredTestsMap::const_iterator it = registered_tests_.find(test_name);
+ GTEST_CHECK_(it != registered_tests_.end());
+ return it->second;
+ }
+
// Verifies that registered_tests match the test names in
// defined_test_names_; returns registered_tests if successful, or
// aborts the program otherwise.
@@ -565,10 +575,14 @@ class GTEST_API_ TypedTestCasePState {
const char* file, int line, const char* registered_tests);
private:
+ typedef ::std::map<std::string, CodeLocation> RegisteredTestsMap;
+
bool registered_;
- ::std::set<const char*> defined_test_names_;
+ RegisteredTestsMap registered_tests_;
};
+GTEST_DISABLE_MSC_WARNINGS_POP_() // 4251
+
// Skips to the first non-space char after the first comma in 'str';
// returns NULL if no comma is found in 'str'.
inline const char* SkipComma(const char* str) {
@@ -587,6 +601,42 @@ inline std::string GetPrefixUntilComma(const char* str) {
return comma == NULL ? str : std::string(str, comma);
}
+// Splits a given string on a given delimiter, populating a given
+// vector with the fields.
+void SplitString(const ::std::string& str, char delimiter,
+ ::std::vector< ::std::string>* dest);
+
+// The default argument to the template below for the case when the user does
+// not provide a name generator.
+struct DefaultNameGenerator {
+ template <typename T>
+ static std::string GetName(int i) {
+ return StreamableToString(i);
+ }
+};
+
+template <typename Provided = DefaultNameGenerator>
+struct NameGeneratorSelector {
+ typedef Provided type;
+};
+
+template <typename NameGenerator>
+void GenerateNamesRecursively(Types0, std::vector<std::string>*, int) {}
+
+template <typename NameGenerator, typename Types>
+void GenerateNamesRecursively(Types, std::vector<std::string>* result, int i) {
+ result->push_back(NameGenerator::template GetName<typename Types::Head>(i));
+ GenerateNamesRecursively<NameGenerator>(typename Types::Tail(), result,
+ i + 1);
+}
+
+template <typename NameGenerator, typename Types>
+std::vector<std::string> GenerateNames() {
+ std::vector<std::string> result;
+ GenerateNamesRecursively<NameGenerator>(Types(), &result, 0);
+ return result;
+}
+
// TypeParameterizedTest<Fixture, TestSel, Types>::Register()
// registers a list of type-parameterized tests with Google Test. The
// return value is insignificant - we just need to return something
@@ -601,8 +651,10 @@ class TypeParameterizedTest {
// specified in INSTANTIATE_TYPED_TEST_CASE_P(Prefix, TestCase,
// Types). Valid values for 'index' are [0, N - 1] where N is the
// length of Types.
- static bool Register(const char* prefix, const char* case_name,
- const char* test_names, int index) {
+ static bool Register(const char* prefix, const CodeLocation& code_location,
+ const char* case_name, const char* test_names, int index,
+ const std::vector<std::string>& type_names =
+ GenerateNames<DefaultNameGenerator, Types>()) {
typedef typename Types::Head Type;
typedef Fixture<Type> FixtureClass;
typedef typename GTEST_BIND_(TestSel, Type) TestClass;
@@ -610,19 +662,23 @@ class TypeParameterizedTest {
// First, registers the first type-parameterized test in the type
// list.
MakeAndRegisterTestInfo(
- (std::string(prefix) + (prefix[0] == '\0' ? "" : "/") + case_name + "/"
- + StreamableToString(index)).c_str(),
- GetPrefixUntilComma(test_names).c_str(),
+ (std::string(prefix) + (prefix[0] == '\0' ? "" : "/") + case_name +
+ "/" + type_names[index])
+ .c_str(),
+ StripTrailingSpaces(GetPrefixUntilComma(test_names)).c_str(),
GetTypeName<Type>().c_str(),
NULL, // No value parameter.
- GetTypeId<FixtureClass>(),
- TestClass::SetUpTestCase,
- TestClass::TearDownTestCase,
- new TestFactoryImpl<TestClass>);
+ code_location, GetTypeId<FixtureClass>(), TestClass::SetUpTestCase,
+ TestClass::TearDownTestCase, new TestFactoryImpl<TestClass>);
// Next, recurses (at compile time) with the tail of the type list.
- return TypeParameterizedTest<Fixture, TestSel, typename Types::Tail>
- ::Register(prefix, case_name, test_names, index + 1);
+ return TypeParameterizedTest<Fixture, TestSel,
+ typename Types::Tail>::Register(prefix,
+ code_location,
+ case_name,
+ test_names,
+ index + 1,
+ type_names);
}
};
@@ -630,8 +686,11 @@ class TypeParameterizedTest {
template <GTEST_TEMPLATE_ Fixture, class TestSel>
class TypeParameterizedTest<Fixture, TestSel, Types0> {
public:
- static bool Register(const char* /*prefix*/, const char* /*case_name*/,
- const char* /*test_names*/, int /*index*/) {
+ static bool Register(const char* /*prefix*/, const CodeLocation&,
+ const char* /*case_name*/, const char* /*test_names*/,
+ int /*index*/,
+ const std::vector<std::string>& =
+ std::vector<std::string>() /*type_names*/) {
return true;
}
};
@@ -643,17 +702,35 @@ class TypeParameterizedTest<Fixture, TestSel, Types0> {
template <GTEST_TEMPLATE_ Fixture, typename Tests, typename Types>
class TypeParameterizedTestCase {
public:
- static bool Register(const char* prefix, const char* case_name,
- const char* test_names) {
+ static bool Register(const char* prefix, CodeLocation code_location,
+ const TypedTestCasePState* state, const char* case_name,
+ const char* test_names,
+ const std::vector<std::string>& type_names =
+ GenerateNames<DefaultNameGenerator, Types>()) {
+ std::string test_name = StripTrailingSpaces(
+ GetPrefixUntilComma(test_names));
+ if (!state->TestExists(test_name)) {
+ fprintf(stderr, "Failed to get code location for test %s.%s at %s.",
+ case_name, test_name.c_str(),
+ FormatFileLocation(code_location.file.c_str(),
+ code_location.line).c_str());
+ fflush(stderr);
+ posix::Abort();
+ }
+ const CodeLocation& test_location = state->GetCodeLocation(test_name);
+
typedef typename Tests::Head Head;
// First, register the first test in 'Test' for each type in 'Types'.
TypeParameterizedTest<Fixture, Head, Types>::Register(
- prefix, case_name, test_names, 0);
+ prefix, test_location, case_name, test_names, 0, type_names);
// Next, recurses (at compile time) with the tail of the test list.
- return TypeParameterizedTestCase<Fixture, typename Tests::Tail, Types>
- ::Register(prefix, case_name, SkipComma(test_names));
+ return TypeParameterizedTestCase<Fixture, typename Tests::Tail,
+ Types>::Register(prefix, code_location,
+ state, case_name,
+ SkipComma(test_names),
+ type_names);
}
};
@@ -661,8 +738,11 @@ class TypeParameterizedTestCase {
template <GTEST_TEMPLATE_ Fixture, typename Types>
class TypeParameterizedTestCase<Fixture, Templates0, Types> {
public:
- static bool Register(const char* /*prefix*/, const char* /*case_name*/,
- const char* /*test_names*/) {
+ static bool Register(const char* /*prefix*/, const CodeLocation&,
+ const TypedTestCasePState* /*state*/,
+ const char* /*case_name*/, const char* /*test_names*/,
+ const std::vector<std::string>& =
+ std::vector<std::string>() /*type_names*/) {
return true;
}
};
@@ -779,31 +859,6 @@ struct RemoveConst<T[N]> {
#define GTEST_REMOVE_REFERENCE_AND_CONST_(T) \
GTEST_REMOVE_CONST_(GTEST_REMOVE_REFERENCE_(T))
-// Adds reference to a type if it is not a reference type,
-// otherwise leaves it unchanged. This is the same as
-// tr1::add_reference, which is not widely available yet.
-template <typename T>
-struct AddReference { typedef T& type; }; // NOLINT
-template <typename T>
-struct AddReference<T&> { typedef T& type; }; // NOLINT
-
-// A handy wrapper around AddReference that works when the argument T
-// depends on template parameters.
-#define GTEST_ADD_REFERENCE_(T) \
- typename ::testing::internal::AddReference<T>::type
-
-// Adds a reference to const on top of T as necessary. For example,
-// it transforms
-//
-// char ==> const char&
-// const char ==> const char&
-// char& ==> const char&
-// const char& ==> const char&
-//
-// The argument T must depend on some template parameters.
-#define GTEST_REFERENCE_TO_CONST_(T) \
- GTEST_ADD_REFERENCE_(const GTEST_REMOVE_REFERENCE_(T))
-
// ImplicitlyConvertible<From, To>::value is a compile-time bool
// constant that's true iff type From can be implicitly converted to
// type To.
@@ -873,8 +928,11 @@ struct IsAProtocolMessage
// a container class by checking the type of IsContainerTest<C>(0).
// The value of the expression is insignificant.
//
-// Note that we look for both C::iterator and C::const_iterator. The
-// reason is that C++ injects the name of a class as a member of the
+// In C++11 mode we check the existence of a const_iterator and that an
+// iterator is properly implemented for the container.
+//
+// For pre-C++11 that we look for both C::iterator and C::const_iterator.
+// The reason is that C++ injects the name of a class as a member of the
// class itself (e.g. you can refer to class iterator as either
// 'iterator' or 'iterator::iterator'). If we look for C::iterator
// only, for example, we would mistakenly think that a class named
@@ -884,17 +942,96 @@ struct IsAProtocolMessage
// IsContainerTest(typename C::const_iterator*) and
// IsContainerTest(...) doesn't work with Visual Age C++ and Sun C++.
typedef int IsContainer;
+#if GTEST_LANG_CXX11
+template <class C,
+ class Iterator = decltype(::std::declval<const C&>().begin()),
+ class = decltype(::std::declval<const C&>().end()),
+ class = decltype(++::std::declval<Iterator&>()),
+ class = decltype(*::std::declval<Iterator>()),
+ class = typename C::const_iterator>
+IsContainer IsContainerTest(int /* dummy */) {
+ return 0;
+}
+#else
template <class C>
IsContainer IsContainerTest(int /* dummy */,
typename C::iterator* /* it */ = NULL,
typename C::const_iterator* /* const_it */ = NULL) {
return 0;
}
+#endif // GTEST_LANG_CXX11
typedef char IsNotContainer;
template <class C>
IsNotContainer IsContainerTest(long /* dummy */) { return '\0'; }
+// Trait to detect whether a type T is a hash table.
+// The heuristic used is that the type contains an inner type `hasher` and does
+// not contain an inner type `reverse_iterator`.
+// If the container is iterable in reverse, then order might actually matter.
+template <typename T>
+struct IsHashTable {
+ private:
+ template <typename U>
+ static char test(typename U::hasher*, typename U::reverse_iterator*);
+ template <typename U>
+ static int test(typename U::hasher*, ...);
+ template <typename U>
+ static char test(...);
+
+ public:
+ static const bool value = sizeof(test<T>(0, 0)) == sizeof(int);
+};
+
+template <typename T>
+const bool IsHashTable<T>::value;
+
+template<typename T>
+struct VoidT {
+ typedef void value_type;
+};
+
+template <typename T, typename = void>
+struct HasValueType : false_type {};
+template <typename T>
+struct HasValueType<T, VoidT<typename T::value_type> > : true_type {
+};
+
+template <typename C,
+ bool = sizeof(IsContainerTest<C>(0)) == sizeof(IsContainer),
+ bool = HasValueType<C>::value>
+struct IsRecursiveContainerImpl;
+
+template <typename C, bool HV>
+struct IsRecursiveContainerImpl<C, false, HV> : public false_type {};
+
+// Since the IsRecursiveContainerImpl depends on the IsContainerTest we need to
+// obey the same inconsistencies as the IsContainerTest, namely check if
+// something is a container is relying on only const_iterator in C++11 and
+// is relying on both const_iterator and iterator otherwise
+template <typename C>
+struct IsRecursiveContainerImpl<C, true, false> : public false_type {};
+
+template <typename C>
+struct IsRecursiveContainerImpl<C, true, true> {
+ #if GTEST_LANG_CXX11
+ typedef typename IteratorTraits<typename C::const_iterator>::value_type
+ value_type;
+#else
+ typedef typename IteratorTraits<typename C::iterator>::value_type value_type;
+#endif
+ typedef is_same<value_type, C> type;
+};
+
+// IsRecursiveContainer<Type> is a unary compile-time predicate that
+// evaluates whether C is a recursive container type. A recursive container
+// type is a container type whose value_type is equal to the container type
+// itself. An example for a recursive container type is
+// boost::filesystem::path, whose iterator has a value_type that is equal to
+// boost::filesystem::path.
+template <typename C>
+struct IsRecursiveContainer : public IsRecursiveContainerImpl<C>::type {};
+
// EnableIf<condition>::type is void when 'Cond' is true, and
// undefined when 'Cond' is false. To use SFINAE to make a function
// overload only apply when a particular expression is true, add
@@ -1026,7 +1163,7 @@ class NativeArray {
private:
enum {
kCheckTypeIsNotConstOrAReference = StaticAssertTypeEqHelper<
- Element, GTEST_REMOVE_REFERENCE_AND_CONST_(Element)>::value,
+ Element, GTEST_REMOVE_REFERENCE_AND_CONST_(Element)>::value
};
// Initializes this object with a copy of the input.
@@ -1071,7 +1208,7 @@ class NativeArray {
#define GTEST_SUCCESS_(message) \
GTEST_MESSAGE_(message, ::testing::TestPartResult::kSuccess)
-// Suppresses MSVC warnings 4072 (unreachable code) for the code following
+// Suppress MSVC warning 4702 (unreachable code) for the code following
// statement if it returns or throws (or doesn't return or throw in some
// situations).
#define GTEST_SUPPRESS_UNREACHABLE_CODE_WARNING_BELOW_(statement) \
@@ -1182,6 +1319,7 @@ class GTEST_TEST_CLASS_NAME_(test_case_name, test_name) : public parent_class {\
::test_info_ =\
::testing::internal::MakeAndRegisterTestInfo(\
#test_case_name, #test_name, NULL, NULL, \
+ ::testing::internal::CodeLocation(__FILE__, __LINE__), \
(parent_id), \
parent_class::SetUpTestCase, \
parent_class::TearDownTestCase, \
@@ -1190,4 +1328,3 @@ class GTEST_TEST_CLASS_NAME_(test_case_name, test_name) : public parent_class {\
void GTEST_TEST_CLASS_NAME_(test_case_name, test_name)::TestBody()
#endif // GTEST_INCLUDE_GTEST_INTERNAL_GTEST_INTERNAL_H_
-
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-linked_ptr.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-linked_ptr.h
index b1362cd00..082b87289 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-linked_ptr.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-linked_ptr.h
@@ -27,8 +27,6 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
-// Authors: Dan Egnor (egnor@google.com)
-//
// A "smart" pointer type with reference tracking. Every pointer to a
// particular object is kept on a circular linked list. When the last pointer
// to an object is destroyed or reassigned, the object is deleted.
@@ -62,9 +60,11 @@
// raw pointer (e.g. via get()) concurrently, and
// - it's safe to write to two linked_ptrs that point to the same
// shared object concurrently.
-// TODO(wan@google.com): rename this to safe_linked_ptr to avoid
+// FIXME: rename this to safe_linked_ptr to avoid
// confusion with normal linked_ptr.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_LINKED_PTR_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_LINKED_PTR_H_
@@ -110,7 +110,12 @@ class linked_ptr_internal {
MutexLock lock(&g_linked_ptr_mutex);
linked_ptr_internal const* p = ptr;
- while (p->next_ != ptr) p = p->next_;
+ while (p->next_ != ptr) {
+ assert(p->next_ != this &&
+ "Trying to join() a linked ring we are already in. "
+ "Is GMock thread safety enabled?");
+ p = p->next_;
+ }
p->next_ = this;
next_ = ptr;
}
@@ -123,7 +128,12 @@ class linked_ptr_internal {
if (next_ == this) return true;
linked_ptr_internal const* p = next_;
- while (p->next_ != this) p = p->next_;
+ while (p->next_ != this) {
+ assert(p->next_ != next_ &&
+ "Trying to depart() a linked ring we are not in. "
+ "Is GMock thread safety enabled?");
+ p = p->next_;
+ }
p->next_ = next_;
return false;
}
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-param-util-generated.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-param-util-generated.h
index 6dbaf4b7a..4fac8c027 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-param-util-generated.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-param-util-generated.h
@@ -30,8 +30,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: vladl@google.com (Vlad Losev)
+
// Type and function utilities for implementing parameterized tests.
// This file is generated by a SCRIPT. DO NOT EDIT BY HAND!
@@ -43,17 +42,14 @@
// by the maximum arity of the implementation of tuple which is
// currently set at 10.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PARAM_UTIL_GENERATED_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PARAM_UTIL_GENERATED_H_
-// scripts/fuse_gtest.py depends on gtest's own header being #included
-// *unconditionally*. Therefore these #includes cannot be moved
-// inside #if GTEST_HAS_PARAM_TEST.
#include "gtest/internal/gtest-param-util.h"
#include "gtest/internal/gtest-port.h"
-#if GTEST_HAS_PARAM_TEST
-
namespace testing {
// Forward declarations of ValuesIn(), which is implemented in
@@ -79,7 +75,12 @@ class ValueArray1 {
explicit ValueArray1(T1 v1) : v1_(v1) {}
template <typename T>
- operator ParamGenerator<T>() const { return ValuesIn(&v1_, &v1_ + 1); }
+ operator ParamGenerator<T>() const {
+ const T array[] = {static_cast<T>(v1_)};
+ return ValuesIn(array);
+ }
+
+ ValueArray1(const ValueArray1& other) : v1_(other.v1_) {}
private:
// No implementation - assignment is unsupported.
@@ -99,6 +100,8 @@ class ValueArray2 {
return ValuesIn(array);
}
+ ValueArray2(const ValueArray2& other) : v1_(other.v1_), v2_(other.v2_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray2& other);
@@ -119,6 +122,9 @@ class ValueArray3 {
return ValuesIn(array);
}
+ ValueArray3(const ValueArray3& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray3& other);
@@ -141,6 +147,9 @@ class ValueArray4 {
return ValuesIn(array);
}
+ ValueArray4(const ValueArray4& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray4& other);
@@ -164,6 +173,9 @@ class ValueArray5 {
return ValuesIn(array);
}
+ ValueArray5(const ValueArray5& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray5& other);
@@ -190,6 +202,9 @@ class ValueArray6 {
return ValuesIn(array);
}
+ ValueArray6(const ValueArray6& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray6& other);
@@ -217,6 +232,10 @@ class ValueArray7 {
return ValuesIn(array);
}
+ ValueArray7(const ValueArray7& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray7& other);
@@ -246,6 +265,10 @@ class ValueArray8 {
return ValuesIn(array);
}
+ ValueArray8(const ValueArray8& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray8& other);
@@ -277,6 +300,10 @@ class ValueArray9 {
return ValuesIn(array);
}
+ ValueArray9(const ValueArray9& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray9& other);
@@ -309,6 +336,10 @@ class ValueArray10 {
return ValuesIn(array);
}
+ ValueArray10(const ValueArray10& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray10& other);
@@ -343,6 +374,11 @@ class ValueArray11 {
return ValuesIn(array);
}
+ ValueArray11(const ValueArray11& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray11& other);
@@ -379,6 +415,11 @@ class ValueArray12 {
return ValuesIn(array);
}
+ ValueArray12(const ValueArray12& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray12& other);
@@ -417,6 +458,11 @@ class ValueArray13 {
return ValuesIn(array);
}
+ ValueArray13(const ValueArray13& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray13& other);
@@ -456,6 +502,11 @@ class ValueArray14 {
return ValuesIn(array);
}
+ ValueArray14(const ValueArray14& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray14& other);
@@ -497,6 +548,12 @@ class ValueArray15 {
return ValuesIn(array);
}
+ ValueArray15(const ValueArray15& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray15& other);
@@ -541,6 +598,12 @@ class ValueArray16 {
return ValuesIn(array);
}
+ ValueArray16(const ValueArray16& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray16& other);
@@ -586,6 +649,12 @@ class ValueArray17 {
return ValuesIn(array);
}
+ ValueArray17(const ValueArray17& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray17& other);
@@ -633,6 +702,12 @@ class ValueArray18 {
return ValuesIn(array);
}
+ ValueArray18(const ValueArray18& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray18& other);
@@ -681,6 +756,13 @@ class ValueArray19 {
return ValuesIn(array);
}
+ ValueArray19(const ValueArray19& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray19& other);
@@ -731,6 +813,13 @@ class ValueArray20 {
return ValuesIn(array);
}
+ ValueArray20(const ValueArray20& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray20& other);
@@ -784,6 +873,13 @@ class ValueArray21 {
return ValuesIn(array);
}
+ ValueArray21(const ValueArray21& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray21& other);
@@ -838,6 +934,13 @@ class ValueArray22 {
return ValuesIn(array);
}
+ ValueArray22(const ValueArray22& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray22& other);
@@ -894,6 +997,14 @@ class ValueArray23 {
return ValuesIn(array);
}
+ ValueArray23(const ValueArray23& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray23& other);
@@ -952,6 +1063,14 @@ class ValueArray24 {
return ValuesIn(array);
}
+ ValueArray24(const ValueArray24& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray24& other);
@@ -1011,6 +1130,14 @@ class ValueArray25 {
return ValuesIn(array);
}
+ ValueArray25(const ValueArray25& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray25& other);
@@ -1072,6 +1199,14 @@ class ValueArray26 {
return ValuesIn(array);
}
+ ValueArray26(const ValueArray26& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray26& other);
@@ -1136,6 +1271,15 @@ class ValueArray27 {
return ValuesIn(array);
}
+ ValueArray27(const ValueArray27& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray27& other);
@@ -1201,6 +1345,15 @@ class ValueArray28 {
return ValuesIn(array);
}
+ ValueArray28(const ValueArray28& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray28& other);
@@ -1267,6 +1420,15 @@ class ValueArray29 {
return ValuesIn(array);
}
+ ValueArray29(const ValueArray29& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray29& other);
@@ -1336,6 +1498,15 @@ class ValueArray30 {
return ValuesIn(array);
}
+ ValueArray30(const ValueArray30& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray30& other);
@@ -1407,6 +1578,16 @@ class ValueArray31 {
return ValuesIn(array);
}
+ ValueArray31(const ValueArray31& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray31& other);
@@ -1479,6 +1660,16 @@ class ValueArray32 {
return ValuesIn(array);
}
+ ValueArray32(const ValueArray32& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray32& other);
@@ -1554,6 +1745,16 @@ class ValueArray33 {
return ValuesIn(array);
}
+ ValueArray33(const ValueArray33& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray33& other);
@@ -1630,6 +1831,16 @@ class ValueArray34 {
return ValuesIn(array);
}
+ ValueArray34(const ValueArray34& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray34& other);
@@ -1707,6 +1918,17 @@ class ValueArray35 {
return ValuesIn(array);
}
+ ValueArray35(const ValueArray35& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray35& other);
@@ -1787,6 +2009,17 @@ class ValueArray36 {
return ValuesIn(array);
}
+ ValueArray36(const ValueArray36& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray36& other);
@@ -1869,6 +2102,17 @@ class ValueArray37 {
return ValuesIn(array);
}
+ ValueArray37(const ValueArray37& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray37& other);
@@ -1952,6 +2196,17 @@ class ValueArray38 {
return ValuesIn(array);
}
+ ValueArray38(const ValueArray38& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray38& other);
@@ -2037,6 +2292,18 @@ class ValueArray39 {
return ValuesIn(array);
}
+ ValueArray39(const ValueArray39& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_),
+ v39_(other.v39_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray39& other);
@@ -2124,6 +2391,18 @@ class ValueArray40 {
return ValuesIn(array);
}
+ ValueArray40(const ValueArray40& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_),
+ v39_(other.v39_), v40_(other.v40_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray40& other);
@@ -2213,6 +2492,18 @@ class ValueArray41 {
return ValuesIn(array);
}
+ ValueArray41(const ValueArray41& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_),
+ v39_(other.v39_), v40_(other.v40_), v41_(other.v41_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray41& other);
@@ -2304,6 +2595,18 @@ class ValueArray42 {
return ValuesIn(array);
}
+ ValueArray42(const ValueArray42& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_),
+ v39_(other.v39_), v40_(other.v40_), v41_(other.v41_), v42_(other.v42_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray42& other);
@@ -2396,6 +2699,19 @@ class ValueArray43 {
return ValuesIn(array);
}
+ ValueArray43(const ValueArray43& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_),
+ v39_(other.v39_), v40_(other.v40_), v41_(other.v41_), v42_(other.v42_),
+ v43_(other.v43_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray43& other);
@@ -2490,6 +2806,19 @@ class ValueArray44 {
return ValuesIn(array);
}
+ ValueArray44(const ValueArray44& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_),
+ v39_(other.v39_), v40_(other.v40_), v41_(other.v41_), v42_(other.v42_),
+ v43_(other.v43_), v44_(other.v44_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray44& other);
@@ -2586,6 +2915,19 @@ class ValueArray45 {
return ValuesIn(array);
}
+ ValueArray45(const ValueArray45& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_),
+ v39_(other.v39_), v40_(other.v40_), v41_(other.v41_), v42_(other.v42_),
+ v43_(other.v43_), v44_(other.v44_), v45_(other.v45_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray45& other);
@@ -2684,6 +3026,19 @@ class ValueArray46 {
return ValuesIn(array);
}
+ ValueArray46(const ValueArray46& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_),
+ v39_(other.v39_), v40_(other.v40_), v41_(other.v41_), v42_(other.v42_),
+ v43_(other.v43_), v44_(other.v44_), v45_(other.v45_), v46_(other.v46_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray46& other);
@@ -2784,6 +3139,20 @@ class ValueArray47 {
return ValuesIn(array);
}
+ ValueArray47(const ValueArray47& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_),
+ v39_(other.v39_), v40_(other.v40_), v41_(other.v41_), v42_(other.v42_),
+ v43_(other.v43_), v44_(other.v44_), v45_(other.v45_), v46_(other.v46_),
+ v47_(other.v47_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray47& other);
@@ -2886,6 +3255,20 @@ class ValueArray48 {
return ValuesIn(array);
}
+ ValueArray48(const ValueArray48& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_),
+ v39_(other.v39_), v40_(other.v40_), v41_(other.v41_), v42_(other.v42_),
+ v43_(other.v43_), v44_(other.v44_), v45_(other.v45_), v46_(other.v46_),
+ v47_(other.v47_), v48_(other.v48_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray48& other);
@@ -2989,6 +3372,20 @@ class ValueArray49 {
return ValuesIn(array);
}
+ ValueArray49(const ValueArray49& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_),
+ v39_(other.v39_), v40_(other.v40_), v41_(other.v41_), v42_(other.v42_),
+ v43_(other.v43_), v44_(other.v44_), v45_(other.v45_), v46_(other.v46_),
+ v47_(other.v47_), v48_(other.v48_), v49_(other.v49_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray49& other);
@@ -3093,6 +3490,20 @@ class ValueArray50 {
return ValuesIn(array);
}
+ ValueArray50(const ValueArray50& other) : v1_(other.v1_), v2_(other.v2_),
+ v3_(other.v3_), v4_(other.v4_), v5_(other.v5_), v6_(other.v6_),
+ v7_(other.v7_), v8_(other.v8_), v9_(other.v9_), v10_(other.v10_),
+ v11_(other.v11_), v12_(other.v12_), v13_(other.v13_), v14_(other.v14_),
+ v15_(other.v15_), v16_(other.v16_), v17_(other.v17_), v18_(other.v18_),
+ v19_(other.v19_), v20_(other.v20_), v21_(other.v21_), v22_(other.v22_),
+ v23_(other.v23_), v24_(other.v24_), v25_(other.v25_), v26_(other.v26_),
+ v27_(other.v27_), v28_(other.v28_), v29_(other.v29_), v30_(other.v30_),
+ v31_(other.v31_), v32_(other.v32_), v33_(other.v33_), v34_(other.v34_),
+ v35_(other.v35_), v36_(other.v36_), v37_(other.v37_), v38_(other.v38_),
+ v39_(other.v39_), v40_(other.v40_), v41_(other.v41_), v42_(other.v42_),
+ v43_(other.v43_), v44_(other.v44_), v45_(other.v45_), v46_(other.v46_),
+ v47_(other.v47_), v48_(other.v48_), v49_(other.v49_), v50_(other.v50_) {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray50& other);
@@ -3205,7 +3616,7 @@ class CartesianProductGenerator2
virtual ParamIteratorInterface<ParamType>* Clone() const {
return new Iterator(*this);
}
- virtual const ParamType* Current() const { return ¤t_value_; }
+ virtual const ParamType* Current() const { return current_value_.get(); }
virtual bool Equals(const ParamIteratorInterface<ParamType>& other) const {
// Having the same base generator guarantees that the other
// iterator is of the same type and we can downcast.
@@ -3237,7 +3648,7 @@ class CartesianProductGenerator2
void ComputeCurrentValue() {
if (!AtEnd())
- current_value_ = ParamType(*current1_, *current2_);
+ current_value_.reset(new ParamType(*current1_, *current2_));
}
bool AtEnd() const {
// We must report iterator past the end of the range when either of the
@@ -3259,7 +3670,7 @@ class CartesianProductGenerator2
const typename ParamGenerator<T2>::iterator begin2_;
const typename ParamGenerator<T2>::iterator end2_;
typename ParamGenerator<T2>::iterator current2_;
- ParamType current_value_;
+ linked_ptr<ParamType> current_value_;
}; // class CartesianProductGenerator2::Iterator
// No implementation - assignment is unsupported.
@@ -3328,7 +3739,7 @@ class CartesianProductGenerator3
virtual ParamIteratorInterface<ParamType>* Clone() const {
return new Iterator(*this);
}
- virtual const ParamType* Current() const { return ¤t_value_; }
+ virtual const ParamType* Current() const { return current_value_.get(); }
virtual bool Equals(const ParamIteratorInterface<ParamType>& other) const {
// Having the same base generator guarantees that the other
// iterator is of the same type and we can downcast.
@@ -3364,7 +3775,7 @@ class CartesianProductGenerator3
void ComputeCurrentValue() {
if (!AtEnd())
- current_value_ = ParamType(*current1_, *current2_, *current3_);
+ current_value_.reset(new ParamType(*current1_, *current2_, *current3_));
}
bool AtEnd() const {
// We must report iterator past the end of the range when either of the
@@ -3390,7 +3801,7 @@ class CartesianProductGenerator3
const typename ParamGenerator<T3>::iterator begin3_;
const typename ParamGenerator<T3>::iterator end3_;
typename ParamGenerator<T3>::iterator current3_;
- ParamType current_value_;
+ linked_ptr<ParamType> current_value_;
}; // class CartesianProductGenerator3::Iterator
// No implementation - assignment is unsupported.
@@ -3469,7 +3880,7 @@ class CartesianProductGenerator4
virtual ParamIteratorInterface<ParamType>* Clone() const {
return new Iterator(*this);
}
- virtual const ParamType* Current() const { return ¤t_value_; }
+ virtual const ParamType* Current() const { return current_value_.get(); }
virtual bool Equals(const ParamIteratorInterface<ParamType>& other) const {
// Having the same base generator guarantees that the other
// iterator is of the same type and we can downcast.
@@ -3509,8 +3920,8 @@ class CartesianProductGenerator4
void ComputeCurrentValue() {
if (!AtEnd())
- current_value_ = ParamType(*current1_, *current2_, *current3_,
- *current4_);
+ current_value_.reset(new ParamType(*current1_, *current2_, *current3_,
+ *current4_));
}
bool AtEnd() const {
// We must report iterator past the end of the range when either of the
@@ -3540,7 +3951,7 @@ class CartesianProductGenerator4
const typename ParamGenerator<T4>::iterator begin4_;
const typename ParamGenerator<T4>::iterator end4_;
typename ParamGenerator<T4>::iterator current4_;
- ParamType current_value_;
+ linked_ptr<ParamType> current_value_;
}; // class CartesianProductGenerator4::Iterator
// No implementation - assignment is unsupported.
@@ -3627,7 +4038,7 @@ class CartesianProductGenerator5
virtual ParamIteratorInterface<ParamType>* Clone() const {
return new Iterator(*this);
}
- virtual const ParamType* Current() const { return ¤t_value_; }
+ virtual const ParamType* Current() const { return current_value_.get(); }
virtual bool Equals(const ParamIteratorInterface<ParamType>& other) const {
// Having the same base generator guarantees that the other
// iterator is of the same type and we can downcast.
@@ -3671,8 +4082,8 @@ class CartesianProductGenerator5
void ComputeCurrentValue() {
if (!AtEnd())
- current_value_ = ParamType(*current1_, *current2_, *current3_,
- *current4_, *current5_);
+ current_value_.reset(new ParamType(*current1_, *current2_, *current3_,
+ *current4_, *current5_));
}
bool AtEnd() const {
// We must report iterator past the end of the range when either of the
@@ -3706,7 +4117,7 @@ class CartesianProductGenerator5
const typename ParamGenerator<T5>::iterator begin5_;
const typename ParamGenerator<T5>::iterator end5_;
typename ParamGenerator<T5>::iterator current5_;
- ParamType current_value_;
+ linked_ptr<ParamType> current_value_;
}; // class CartesianProductGenerator5::Iterator
// No implementation - assignment is unsupported.
@@ -3804,7 +4215,7 @@ class CartesianProductGenerator6
virtual ParamIteratorInterface<ParamType>* Clone() const {
return new Iterator(*this);
}
- virtual const ParamType* Current() const { return ¤t_value_; }
+ virtual const ParamType* Current() const { return current_value_.get(); }
virtual bool Equals(const ParamIteratorInterface<ParamType>& other) const {
// Having the same base generator guarantees that the other
// iterator is of the same type and we can downcast.
@@ -3852,8 +4263,8 @@ class CartesianProductGenerator6
void ComputeCurrentValue() {
if (!AtEnd())
- current_value_ = ParamType(*current1_, *current2_, *current3_,
- *current4_, *current5_, *current6_);
+ current_value_.reset(new ParamType(*current1_, *current2_, *current3_,
+ *current4_, *current5_, *current6_));
}
bool AtEnd() const {
// We must report iterator past the end of the range when either of the
@@ -3891,7 +4302,7 @@ class CartesianProductGenerator6
const typename ParamGenerator<T6>::iterator begin6_;
const typename ParamGenerator<T6>::iterator end6_;
typename ParamGenerator<T6>::iterator current6_;
- ParamType current_value_;
+ linked_ptr<ParamType> current_value_;
}; // class CartesianProductGenerator6::Iterator
// No implementation - assignment is unsupported.
@@ -3998,7 +4409,7 @@ class CartesianProductGenerator7
virtual ParamIteratorInterface<ParamType>* Clone() const {
return new Iterator(*this);
}
- virtual const ParamType* Current() const { return ¤t_value_; }
+ virtual const ParamType* Current() const { return current_value_.get(); }
virtual bool Equals(const ParamIteratorInterface<ParamType>& other) const {
// Having the same base generator guarantees that the other
// iterator is of the same type and we can downcast.
@@ -4050,8 +4461,8 @@ class CartesianProductGenerator7
void ComputeCurrentValue() {
if (!AtEnd())
- current_value_ = ParamType(*current1_, *current2_, *current3_,
- *current4_, *current5_, *current6_, *current7_);
+ current_value_.reset(new ParamType(*current1_, *current2_, *current3_,
+ *current4_, *current5_, *current6_, *current7_));
}
bool AtEnd() const {
// We must report iterator past the end of the range when either of the
@@ -4093,7 +4504,7 @@ class CartesianProductGenerator7
const typename ParamGenerator<T7>::iterator begin7_;
const typename ParamGenerator<T7>::iterator end7_;
typename ParamGenerator<T7>::iterator current7_;
- ParamType current_value_;
+ linked_ptr<ParamType> current_value_;
}; // class CartesianProductGenerator7::Iterator
// No implementation - assignment is unsupported.
@@ -4211,7 +4622,7 @@ class CartesianProductGenerator8
virtual ParamIteratorInterface<ParamType>* Clone() const {
return new Iterator(*this);
}
- virtual const ParamType* Current() const { return ¤t_value_; }
+ virtual const ParamType* Current() const { return current_value_.get(); }
virtual bool Equals(const ParamIteratorInterface<ParamType>& other) const {
// Having the same base generator guarantees that the other
// iterator is of the same type and we can downcast.
@@ -4267,8 +4678,8 @@ class CartesianProductGenerator8
void ComputeCurrentValue() {
if (!AtEnd())
- current_value_ = ParamType(*current1_, *current2_, *current3_,
- *current4_, *current5_, *current6_, *current7_, *current8_);
+ current_value_.reset(new ParamType(*current1_, *current2_, *current3_,
+ *current4_, *current5_, *current6_, *current7_, *current8_));
}
bool AtEnd() const {
// We must report iterator past the end of the range when either of the
@@ -4314,7 +4725,7 @@ class CartesianProductGenerator8
const typename ParamGenerator<T8>::iterator begin8_;
const typename ParamGenerator<T8>::iterator end8_;
typename ParamGenerator<T8>::iterator current8_;
- ParamType current_value_;
+ linked_ptr<ParamType> current_value_;
}; // class CartesianProductGenerator8::Iterator
// No implementation - assignment is unsupported.
@@ -4440,7 +4851,7 @@ class CartesianProductGenerator9
virtual ParamIteratorInterface<ParamType>* Clone() const {
return new Iterator(*this);
}
- virtual const ParamType* Current() const { return ¤t_value_; }
+ virtual const ParamType* Current() const { return current_value_.get(); }
virtual bool Equals(const ParamIteratorInterface<ParamType>& other) const {
// Having the same base generator guarantees that the other
// iterator is of the same type and we can downcast.
@@ -4500,9 +4911,9 @@ class CartesianProductGenerator9
void ComputeCurrentValue() {
if (!AtEnd())
- current_value_ = ParamType(*current1_, *current2_, *current3_,
+ current_value_.reset(new ParamType(*current1_, *current2_, *current3_,
*current4_, *current5_, *current6_, *current7_, *current8_,
- *current9_);
+ *current9_));
}
bool AtEnd() const {
// We must report iterator past the end of the range when either of the
@@ -4552,7 +4963,7 @@ class CartesianProductGenerator9
const typename ParamGenerator<T9>::iterator begin9_;
const typename ParamGenerator<T9>::iterator end9_;
typename ParamGenerator<T9>::iterator current9_;
- ParamType current_value_;
+ linked_ptr<ParamType> current_value_;
}; // class CartesianProductGenerator9::Iterator
// No implementation - assignment is unsupported.
@@ -4687,7 +5098,7 @@ class CartesianProductGenerator10
virtual ParamIteratorInterface<ParamType>* Clone() const {
return new Iterator(*this);
}
- virtual const ParamType* Current() const { return ¤t_value_; }
+ virtual const ParamType* Current() const { return current_value_.get(); }
virtual bool Equals(const ParamIteratorInterface<ParamType>& other) const {
// Having the same base generator guarantees that the other
// iterator is of the same type and we can downcast.
@@ -4751,9 +5162,9 @@ class CartesianProductGenerator10
void ComputeCurrentValue() {
if (!AtEnd())
- current_value_ = ParamType(*current1_, *current2_, *current3_,
+ current_value_.reset(new ParamType(*current1_, *current2_, *current3_,
*current4_, *current5_, *current6_, *current7_, *current8_,
- *current9_, *current10_);
+ *current9_, *current10_));
}
bool AtEnd() const {
// We must report iterator past the end of the range when either of the
@@ -4807,7 +5218,7 @@ class CartesianProductGenerator10
const typename ParamGenerator<T10>::iterator begin10_;
const typename ParamGenerator<T10>::iterator end10_;
typename ParamGenerator<T10>::iterator current10_;
- ParamType current_value_;
+ linked_ptr<ParamType> current_value_;
}; // class CartesianProductGenerator10::Iterator
// No implementation - assignment is unsupported.
@@ -5138,6 +5549,4 @@ CartesianProductHolder10(const Generator1& g1, const Generator2& g2,
} // namespace internal
} // namespace testing
-#endif // GTEST_HAS_PARAM_TEST
-
#endif // GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PARAM_UTIL_GENERATED_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-param-util-generated.h.pump b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-param-util-generated.h.pump
index 801a2fc7d..30dffe43c 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-param-util-generated.h.pump
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-param-util-generated.h.pump
@@ -29,8 +29,7 @@ $var maxtuple = 10 $$ Maximum number of Combine arguments we want to support.
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: vladl@google.com (Vlad Losev)
+
// Type and function utilities for implementing parameterized tests.
// This file is generated by a SCRIPT. DO NOT EDIT BY HAND!
@@ -42,17 +41,14 @@ $var maxtuple = 10 $$ Maximum number of Combine arguments we want to support.
// by the maximum arity of the implementation of tuple which is
// currently set at $maxtuple.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PARAM_UTIL_GENERATED_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PARAM_UTIL_GENERATED_H_
-// scripts/fuse_gtest.py depends on gtest's own header being #included
-// *unconditionally*. Therefore these #includes cannot be moved
-// inside #if GTEST_HAS_PARAM_TEST.
#include "gtest/internal/gtest-param-util.h"
#include "gtest/internal/gtest-port.h"
-#if GTEST_HAS_PARAM_TEST
-
namespace testing {
// Forward declarations of ValuesIn(), which is implemented in
@@ -72,29 +68,14 @@ internal::ParamGenerator<typename Container::value_type> ValuesIn(
namespace internal {
// Used in the Values() function to provide polymorphic capabilities.
-template <typename T1>
-class ValueArray1 {
- public:
- explicit ValueArray1(T1 v1) : v1_(v1) {}
-
- template <typename T>
- operator ParamGenerator<T>() const { return ValuesIn(&v1_, &v1_ + 1); }
-
- private:
- // No implementation - assignment is unsupported.
- void operator=(const ValueArray1& other);
-
- const T1 v1_;
-};
-
-$range i 2..n
+$range i 1..n
$for i [[
$range j 1..i
template <$for j, [[typename T$j]]>
class ValueArray$i {
public:
- ValueArray$i($for j, [[T$j v$j]]) : $for j, [[v$(j)_(v$j)]] {}
+ $if i==1 [[explicit ]]ValueArray$i($for j, [[T$j v$j]]) : $for j, [[v$(j)_(v$j)]] {}
template <typename T>
operator ParamGenerator<T>() const {
@@ -102,6 +83,8 @@ class ValueArray$i {
return ValuesIn(array);
}
+ ValueArray$i(const ValueArray$i& other) : $for j, [[v$(j)_(other.v$(j)_)]] {}
+
private:
// No implementation - assignment is unsupported.
void operator=(const ValueArray$i& other);
@@ -180,7 +163,7 @@ $for k [[
virtual ParamIteratorInterface<ParamType>* Clone() const {
return new Iterator(*this);
}
- virtual const ParamType* Current() const { return ¤t_value_; }
+ virtual const ParamType* Current() const { return current_value_.get(); }
virtual bool Equals(const ParamIteratorInterface<ParamType>& other) const {
// Having the same base generator guarantees that the other
// iterator is of the same type and we can downcast.
@@ -212,7 +195,7 @@ $for k [[
void ComputeCurrentValue() {
if (!AtEnd())
- current_value_ = ParamType($for j, [[*current$(j)_]]);
+ current_value_.reset(new ParamType($for j, [[*current$(j)_]]));
}
bool AtEnd() const {
// We must report iterator past the end of the range when either of the
@@ -237,7 +220,7 @@ $for j [[
typename ParamGenerator<T$j>::iterator current$(j)_;
]]
- ParamType current_value_;
+ linked_ptr<ParamType> current_value_;
}; // class CartesianProductGenerator$i::Iterator
// No implementation - assignment is unsupported.
@@ -296,6 +279,4 @@ $for j [[
} // namespace internal
} // namespace testing
-#endif // GTEST_HAS_PARAM_TEST
-
#endif // GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PARAM_UTIL_GENERATED_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-param-util.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-param-util.h
index d5e1028b0..d64f620c4 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-param-util.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-param-util.h
@@ -26,29 +26,49 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: vladl@google.com (Vlad Losev)
+
// Type and function utilities for implementing parameterized tests.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PARAM_UTIL_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PARAM_UTIL_H_
+#include <ctype.h>
+
#include <iterator>
+#include <set>
#include <utility>
#include <vector>
-// scripts/fuse_gtest.py depends on gtest's own header being #included
-// *unconditionally*. Therefore these #includes cannot be moved
-// inside #if GTEST_HAS_PARAM_TEST.
#include "gtest/internal/gtest-internal.h"
#include "gtest/internal/gtest-linked_ptr.h"
#include "gtest/internal/gtest-port.h"
#include "gtest/gtest-printers.h"
-#if GTEST_HAS_PARAM_TEST
-
namespace testing {
+
+// Input to a parameterized test name generator, describing a test parameter.
+// Consists of the parameter value and the integer parameter index.
+template <class ParamType>
+struct TestParamInfo {
+ TestParamInfo(const ParamType& a_param, size_t an_index) :
+ param(a_param),
+ index(an_index) {}
+ ParamType param;
+ size_t index;
+};
+
+// A builtin parameterized test name generator which returns the result of
+// testing::PrintToString.
+struct PrintToStringParamName {
+ template <class ParamType>
+ std::string operator()(const TestParamInfo<ParamType>& info) const {
+ return PrintToString(info.param);
+ }
+};
+
namespace internal {
// INTERNAL IMPLEMENTATION - DO NOT USE IN USER CODE.
@@ -58,7 +78,7 @@ namespace internal {
// TEST_P macro is used to define two tests with the same name
// but in different namespaces.
GTEST_API_ void ReportInvalidTestCaseType(const char* test_case_name,
- const char* file, int line);
+ CodeLocation code_location);
template <typename> class ParamGeneratorInterface;
template <typename> class ParamGenerator;
@@ -206,7 +226,7 @@ class RangeGenerator : public ParamGeneratorInterface<T> {
return base_;
}
virtual void Advance() {
- value_ = value_ + step_;
+ value_ = static_cast<T>(value_ + step_);
index_++;
}
virtual ParamIteratorInterface<T>* Clone() const {
@@ -243,7 +263,7 @@ class RangeGenerator : public ParamGeneratorInterface<T> {
const T& end,
const IncrementT& step) {
int end_index = 0;
- for (T i = begin; i < end; i = i + step)
+ for (T i = begin; i < end; i = static_cast<T>(i + step))
end_index++;
return end_index;
}
@@ -345,6 +365,37 @@ class ValuesInIteratorRangeGenerator : public ParamGeneratorInterface<T> {
const ContainerType container_;
}; // class ValuesInIteratorRangeGenerator
+// INTERNAL IMPLEMENTATION - DO NOT USE IN USER CODE.
+//
+// Default parameterized test name generator, returns a string containing the
+// integer test parameter index.
+template <class ParamType>
+std::string DefaultParamName(const TestParamInfo<ParamType>& info) {
+ Message name_stream;
+ name_stream << info.index;
+ return name_stream.GetString();
+}
+
+// INTERNAL IMPLEMENTATION - DO NOT USE IN USER CODE.
+//
+// Parameterized test name overload helpers, which help the
+// INSTANTIATE_TEST_CASE_P macro choose between the default parameterized
+// test name generator and user param name generator.
+template <class ParamType, class ParamNameGenFunctor>
+ParamNameGenFunctor GetParamNameGen(ParamNameGenFunctor func) {
+ return func;
+}
+
+template <class ParamType>
+struct ParamNameGenFunc {
+ typedef std::string Type(const TestParamInfo<ParamType>&);
+};
+
+template <class ParamType>
+typename ParamNameGenFunc<ParamType>::Type *GetParamNameGen() {
+ return DefaultParamName;
+}
+
// INTERNAL IMPLEMENTATION - DO NOT USE IN USER CODE.
//
// Stores a parameter value and later creates tests parameterized with that
@@ -417,7 +468,7 @@ class ParameterizedTestCaseInfoBase {
virtual ~ParameterizedTestCaseInfoBase() {}
// Base part of test case name for display purposes.
- virtual const string& GetTestCaseName() const = 0;
+ virtual const std::string& GetTestCaseName() const = 0;
// Test case id to verify identity.
virtual TypeId GetTestCaseTypeId() const = 0;
// UnitTest class invokes this method to register tests in this
@@ -449,12 +500,14 @@ class ParameterizedTestCaseInfo : public ParameterizedTestCaseInfoBase {
typedef typename TestCase::ParamType ParamType;
// A function that returns an instance of appropriate generator type.
typedef ParamGenerator<ParamType>(GeneratorCreationFunc)();
+ typedef typename ParamNameGenFunc<ParamType>::Type ParamNameGeneratorFunc;
- explicit ParameterizedTestCaseInfo(const char* name)
- : test_case_name_(name) {}
+ explicit ParameterizedTestCaseInfo(
+ const char* name, CodeLocation code_location)
+ : test_case_name_(name), code_location_(code_location) {}
// Test case base name for display purposes.
- virtual const string& GetTestCaseName() const { return test_case_name_; }
+ virtual const std::string& GetTestCaseName() const { return test_case_name_; }
// Test case id to verify identity.
virtual TypeId GetTestCaseTypeId() const { return GetTypeId<TestCase>(); }
// TEST_P macro uses AddTestPattern() to record information
@@ -472,11 +525,12 @@ class ParameterizedTestCaseInfo : public ParameterizedTestCaseInfoBase {
}
// INSTANTIATE_TEST_CASE_P macro uses AddGenerator() to record information
// about a generator.
- int AddTestCaseInstantiation(const string& instantiation_name,
+ int AddTestCaseInstantiation(const std::string& instantiation_name,
GeneratorCreationFunc* func,
- const char* /* file */,
- int /* line */) {
- instantiations_.push_back(::std::make_pair(instantiation_name, func));
+ ParamNameGeneratorFunc* name_func,
+ const char* file, int line) {
+ instantiations_.push_back(
+ InstantiationInfo(instantiation_name, func, name_func, file, line));
return 0; // Return value used only to run this method in namespace scope.
}
// UnitTest class invokes this method to register tests in this test case
@@ -491,25 +545,45 @@ class ParameterizedTestCaseInfo : public ParameterizedTestCaseInfoBase {
for (typename InstantiationContainer::iterator gen_it =
instantiations_.begin(); gen_it != instantiations_.end();
++gen_it) {
- const string& instantiation_name = gen_it->first;
- ParamGenerator<ParamType> generator((*gen_it->second)());
+ const std::string& instantiation_name = gen_it->name;
+ ParamGenerator<ParamType> generator((*gen_it->generator)());
+ ParamNameGeneratorFunc* name_func = gen_it->name_func;
+ const char* file = gen_it->file;
+ int line = gen_it->line;
- string test_case_name;
+ std::string test_case_name;
if ( !instantiation_name.empty() )
test_case_name = instantiation_name + "/";
test_case_name += test_info->test_case_base_name;
- int i = 0;
+ size_t i = 0;
+ std::set<std::string> test_param_names;
for (typename ParamGenerator<ParamType>::iterator param_it =
generator.begin();
param_it != generator.end(); ++param_it, ++i) {
Message test_name_stream;
- test_name_stream << test_info->test_base_name << "/" << i;
+
+ std::string param_name = name_func(
+ TestParamInfo<ParamType>(*param_it, i));
+
+ GTEST_CHECK_(IsValidParamName(param_name))
+ << "Parameterized test name '" << param_name
+ << "' is invalid, in " << file
+ << " line " << line << std::endl;
+
+ GTEST_CHECK_(test_param_names.count(param_name) == 0)
+ << "Duplicate parameterized test name '" << param_name
+ << "', in " << file << " line " << line << std::endl;
+
+ test_param_names.insert(param_name);
+
+ test_name_stream << test_info->test_base_name << "/" << param_name;
MakeAndRegisterTestInfo(
test_case_name.c_str(),
test_name_stream.GetString().c_str(),
NULL, // No type parameter.
PrintToString(*param_it).c_str(),
+ code_location_,
GetTestCaseTypeId(),
TestCase::SetUpTestCase,
TestCase::TearDownTestCase,
@@ -530,17 +604,50 @@ class ParameterizedTestCaseInfo : public ParameterizedTestCaseInfoBase {
test_base_name(a_test_base_name),
test_meta_factory(a_test_meta_factory) {}
- const string test_case_base_name;
- const string test_base_name;
+ const std::string test_case_base_name;
+ const std::string test_base_name;
const scoped_ptr<TestMetaFactoryBase<ParamType> > test_meta_factory;
};
typedef ::std::vector<linked_ptr<TestInfo> > TestInfoContainer;
- // Keeps pairs of <Instantiation name, Sequence generator creation function>
- // received from INSTANTIATE_TEST_CASE_P macros.
- typedef ::std::vector<std::pair<string, GeneratorCreationFunc*> >
- InstantiationContainer;
+ // Records data received from INSTANTIATE_TEST_CASE_P macros:
+ // <Instantiation name, Sequence generator creation function,
+ // Name generator function, Source file, Source line>
+ struct InstantiationInfo {
+ InstantiationInfo(const std::string &name_in,
+ GeneratorCreationFunc* generator_in,
+ ParamNameGeneratorFunc* name_func_in,
+ const char* file_in,
+ int line_in)
+ : name(name_in),
+ generator(generator_in),
+ name_func(name_func_in),
+ file(file_in),
+ line(line_in) {}
+
+ std::string name;
+ GeneratorCreationFunc* generator;
+ ParamNameGeneratorFunc* name_func;
+ const char* file;
+ int line;
+ };
+ typedef ::std::vector<InstantiationInfo> InstantiationContainer;
- const string test_case_name_;
+ static bool IsValidParamName(const std::string& name) {
+ // Check for empty string
+ if (name.empty())
+ return false;
+
+ // Check for invalid characters
+ for (std::string::size_type index = 0; index < name.size(); ++index) {
+ if (!isalnum(name[index]) && name[index] != '_')
+ return false;
+ }
+
+ return true;
+ }
+
+ const std::string test_case_name_;
+ CodeLocation code_location_;
TestInfoContainer tests_;
InstantiationContainer instantiations_;
@@ -568,8 +675,7 @@ class ParameterizedTestCaseRegistry {
template <class TestCase>
ParameterizedTestCaseInfo<TestCase>* GetTestCasePatternHolder(
const char* test_case_name,
- const char* file,
- int line) {
+ CodeLocation code_location) {
ParameterizedTestCaseInfo<TestCase>* typed_test_info = NULL;
for (TestCaseInfoContainer::iterator it = test_case_infos_.begin();
it != test_case_infos_.end(); ++it) {
@@ -578,7 +684,7 @@ class ParameterizedTestCaseRegistry {
// Complain about incorrect usage of Google Test facilities
// and terminate the program since we cannot guaranty correct
// test case setup and tear-down in this case.
- ReportInvalidTestCaseType(test_case_name, file, line);
+ ReportInvalidTestCaseType(test_case_name, code_location);
posix::Abort();
} else {
// At this point we are sure that the object we found is of the same
@@ -591,7 +697,8 @@ class ParameterizedTestCaseRegistry {
}
}
if (typed_test_info == NULL) {
- typed_test_info = new ParameterizedTestCaseInfo<TestCase>(test_case_name);
+ typed_test_info = new ParameterizedTestCaseInfo<TestCase>(
+ test_case_name, code_location);
test_case_infos_.push_back(typed_test_info);
}
return typed_test_info;
@@ -614,6 +721,4 @@ class ParameterizedTestCaseRegistry {
} // namespace internal
} // namespace testing
-#endif // GTEST_HAS_PARAM_TEST
-
#endif // GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PARAM_UTIL_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-port-arch.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-port-arch.h
new file mode 100644
index 000000000..f83700e06
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-port-arch.h
@@ -0,0 +1,100 @@
+// Copyright 2015, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// The Google C++ Testing and Mocking Framework (Google Test)
+//
+// This header file defines the GTEST_OS_* macro.
+// It is separate from gtest-port.h so that custom/gtest-port.h can include it.
+
+#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PORT_ARCH_H_
+#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PORT_ARCH_H_
+
+// Determines the platform on which Google Test is compiled.
+#ifdef __CYGWIN__
+# define GTEST_OS_CYGWIN 1
+#elif defined __SYMBIAN32__
+# define GTEST_OS_SYMBIAN 1
+#elif defined _WIN32
+# define GTEST_OS_WINDOWS 1
+# ifdef _WIN32_WCE
+# define GTEST_OS_WINDOWS_MOBILE 1
+# elif defined(__MINGW__) || defined(__MINGW32__)
+# define GTEST_OS_WINDOWS_MINGW 1
+# elif defined(WINAPI_FAMILY)
+# include <winapifamily.h>
+# if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
+# define GTEST_OS_WINDOWS_DESKTOP 1
+# elif WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_PHONE_APP)
+# define GTEST_OS_WINDOWS_PHONE 1
+# elif WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP)
+# define GTEST_OS_WINDOWS_RT 1
+# elif WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_TV_TITLE)
+# define GTEST_OS_WINDOWS_PHONE 1
+# define GTEST_OS_WINDOWS_TV_TITLE 1
+# else
+ // WINAPI_FAMILY defined but no known partition matched.
+ // Default to desktop.
+# define GTEST_OS_WINDOWS_DESKTOP 1
+# endif
+# else
+# define GTEST_OS_WINDOWS_DESKTOP 1
+# endif // _WIN32_WCE
+#elif defined __APPLE__
+# define GTEST_OS_MAC 1
+# if TARGET_OS_IPHONE
+# define GTEST_OS_IOS 1
+# endif
+#elif defined __FreeBSD__
+# define GTEST_OS_FREEBSD 1
+#elif defined __Fuchsia__
+# define GTEST_OS_FUCHSIA 1
+#elif defined __linux__
+# define GTEST_OS_LINUX 1
+# if defined __ANDROID__
+# define GTEST_OS_LINUX_ANDROID 1
+# endif
+#elif defined __MVS__
+# define GTEST_OS_ZOS 1
+#elif defined(__sun) && defined(__SVR4)
+# define GTEST_OS_SOLARIS 1
+#elif defined(_AIX)
+# define GTEST_OS_AIX 1
+#elif defined(__hpux)
+# define GTEST_OS_HPUX 1
+#elif defined __native_client__
+# define GTEST_OS_NACL 1
+#elif defined __NetBSD__
+# define GTEST_OS_NETBSD 1
+#elif defined __OpenBSD__
+# define GTEST_OS_OPENBSD 1
+#elif defined __QNX__
+# define GTEST_OS_QNX 1
+#endif // __CYGWIN__
+
+#endif // GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PORT_ARCH_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-port.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-port.h
index f376dfa00..786497d85 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-port.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-port.h
@@ -27,8 +27,6 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
-// Authors: wan@google.com (Zhanyong Wan)
-//
// Low-level types and utilities for porting Google Test to various
// platforms. All macros ending with _ and symbols defined in an
// internal namespace are subject to change without notice. Code
@@ -40,6 +38,8 @@
// files are expected to #include this. Therefore, it cannot #include
// any other Google Test header.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PORT_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PORT_H_
@@ -73,11 +73,9 @@
// GTEST_HAS_EXCEPTIONS - Define it to 1/0 to indicate that exceptions
// are enabled.
// GTEST_HAS_GLOBAL_STRING - Define it to 1/0 to indicate that ::string
-// is/isn't available (some systems define
-// ::string, which is different to std::string).
-// GTEST_HAS_GLOBAL_WSTRING - Define it to 1/0 to indicate that ::string
-// is/isn't available (some systems define
-// ::wstring, which is different to std::wstring).
+// is/isn't available
+// GTEST_HAS_GLOBAL_WSTRING - Define it to 1/0 to indicate that ::wstring
+// is/isn't available
// GTEST_HAS_POSIX_RE - Define it to 1/0 to indicate that POSIX regular
// expressions are/aren't available.
// GTEST_HAS_PTHREAD - Define it to 1/0 to indicate that <pthread.h>
@@ -109,6 +107,12 @@
// GTEST_CREATE_SHARED_LIBRARY
// - Define to 1 when compiling Google Test itself
// as a shared library.
+// GTEST_DEFAULT_DEATH_TEST_STYLE
+// - The default value of --gtest_death_test_style.
+// The legacy default has been "fast" in the open
+// source version since 2008. The recommended value
+// is "threadsafe", and can be set in
+// custom/gtest-port.h.
// Platform-indicating macros
// --------------------------
@@ -121,13 +125,15 @@
//
// GTEST_OS_AIX - IBM AIX
// GTEST_OS_CYGWIN - Cygwin
+// GTEST_OS_FREEBSD - FreeBSD
+// GTEST_OS_FUCHSIA - Fuchsia
// GTEST_OS_HPUX - HP-UX
// GTEST_OS_LINUX - Linux
// GTEST_OS_LINUX_ANDROID - Google Android
// GTEST_OS_MAC - Mac OS X
// GTEST_OS_IOS - iOS
-// GTEST_OS_IOS_SIMULATOR - iOS simulator
// GTEST_OS_NACL - Google Native Client (NaCl)
+// GTEST_OS_NETBSD - NetBSD
// GTEST_OS_OPENBSD - OpenBSD
// GTEST_OS_QNX - QNX
// GTEST_OS_SOLARIS - Sun Solaris
@@ -169,15 +175,15 @@
// GTEST_HAS_COMBINE - the Combine() function (for value-parameterized
// tests)
// GTEST_HAS_DEATH_TEST - death tests
-// GTEST_HAS_PARAM_TEST - value-parameterized tests
// GTEST_HAS_TYPED_TEST - typed tests
// GTEST_HAS_TYPED_TEST_P - type-parameterized tests
// GTEST_IS_THREADSAFE - Google Test is thread-safe.
+// GOOGLETEST_CM0007 DO NOT DELETE
// GTEST_USES_POSIX_RE - enhanced POSIX regex is used. Do not confuse with
// GTEST_HAS_POSIX_RE (see above) which users can
// define themselves.
// GTEST_USES_SIMPLE_RE - our own simple regex is used;
-// the above two are mutually exclusive.
+// the above RE\b(s) are mutually exclusive.
// GTEST_CAN_COMPARE_NULL - accepts untyped NULL in EXPECT_EQ().
// Misc public macros
@@ -206,7 +212,8 @@
//
// C++11 feature wrappers:
//
-// GTEST_MOVE_ - portability wrapper for std::move.
+// testing::internal::forward - portability wrapper for std::forward.
+// testing::internal::move - portability wrapper for std::move.
//
// Synchronization:
// Mutex, MutexLock, ThreadLocal, GetThreadCount()
@@ -222,10 +229,10 @@
//
// Regular expressions:
// RE - a simple regular expression class using the POSIX
-// Extended Regular Expression syntax on UNIX-like
-// platforms, or a reduced regular exception syntax on
-// other platforms, including Windows.
-//
+// Extended Regular Expression syntax on UNIX-like platforms
+// GOOGLETEST_CM0008 DO NOT DELETE
+// or a reduced regular exception syntax on other
+// platforms, including Windows.
// Logging:
// GTEST_LOG_() - logs messages at the specified severity level.
// LogToStderr() - directs all log messages to stderr.
@@ -271,18 +278,30 @@
# include <TargetConditionals.h>
#endif
+// Brings in the definition of HAS_GLOBAL_STRING. This must be done
+// BEFORE we test HAS_GLOBAL_STRING.
+#include <string> // NOLINT
#include <algorithm> // NOLINT
#include <iostream> // NOLINT
#include <sstream> // NOLINT
-#include <string> // NOLINT
#include <utility>
+#include <vector> // NOLINT
-#define GTEST_DEV_EMAIL_ "googletestframework@@googlegroups.com"
-#define GTEST_FLAG_PREFIX_ "gtest_"
-#define GTEST_FLAG_PREFIX_DASH_ "gtest-"
-#define GTEST_FLAG_PREFIX_UPPER_ "GTEST_"
-#define GTEST_NAME_ "Google Test"
-#define GTEST_PROJECT_URL_ "http://code.google.com/p/googletest/"
+#include "gtest/internal/gtest-port-arch.h"
+#include "gtest/internal/custom/gtest-port.h"
+
+#if !defined(GTEST_DEV_EMAIL_)
+# define GTEST_DEV_EMAIL_ "googletestframework@@googlegroups.com"
+# define GTEST_FLAG_PREFIX_ "gtest_"
+# define GTEST_FLAG_PREFIX_DASH_ "gtest-"
+# define GTEST_FLAG_PREFIX_UPPER_ "GTEST_"
+# define GTEST_NAME_ "Google Test"
+# define GTEST_PROJECT_URL_ "https://github.com/google/googletest/"
+#endif // !defined(GTEST_DEV_EMAIL_)
+
+#if !defined(GTEST_INIT_GOOGLE_TEST_NAME_)
+# define GTEST_INIT_GOOGLE_TEST_NAME_ "testing::InitGoogleTest"
+#endif // !defined(GTEST_INIT_GOOGLE_TEST_NAME_)
// Determines the version of gcc that is used to compile this.
#ifdef __GNUC__
@@ -291,68 +310,12 @@
(__GNUC__*10000 + __GNUC_MINOR__*100 + __GNUC_PATCHLEVEL__)
#endif // __GNUC__
-// Determines the platform on which Google Test is compiled.
-#ifdef __CYGWIN__
-# define GTEST_OS_CYGWIN 1
-#elif defined __SYMBIAN32__
-# define GTEST_OS_SYMBIAN 1
-#elif defined _WIN32
-# define GTEST_OS_WINDOWS 1
-# ifdef _WIN32_WCE
-# define GTEST_OS_WINDOWS_MOBILE 1
-# elif defined(__MINGW__) || defined(__MINGW32__)
-# define GTEST_OS_WINDOWS_MINGW 1
-# elif defined(WINAPI_FAMILY)
-# include <winapifamily.h>
-# if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
-# define GTEST_OS_WINDOWS_DESKTOP 1
-# elif WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_PHONE_APP)
-# define GTEST_OS_WINDOWS_PHONE 1
-# elif WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP)
-# define GTEST_OS_WINDOWS_RT 1
-# else
- // WINAPI_FAMILY defined but no known partition matched.
- // Default to desktop.
-# define GTEST_OS_WINDOWS_DESKTOP 1
-# endif
-# else
-# define GTEST_OS_WINDOWS_DESKTOP 1
-# endif // _WIN32_WCE
-#elif defined __APPLE__
-# define GTEST_OS_MAC 1
-# if TARGET_OS_IPHONE
-# define GTEST_OS_IOS 1
-# if TARGET_IPHONE_SIMULATOR
-# define GTEST_OS_IOS_SIMULATOR 1
-# endif
-# endif
-#elif defined __linux__
-# define GTEST_OS_LINUX 1
-# if defined __ANDROID__
-# define GTEST_OS_LINUX_ANDROID 1
-# endif
-#elif defined __MVS__
-# define GTEST_OS_ZOS 1
-#elif defined(__sun) && defined(__SVR4)
-# define GTEST_OS_SOLARIS 1
-#elif defined(_AIX)
-# define GTEST_OS_AIX 1
-#elif defined(__hpux)
-# define GTEST_OS_HPUX 1
-#elif defined __native_client__
-# define GTEST_OS_NACL 1
-#elif defined __OpenBSD__
-# define GTEST_OS_OPENBSD 1
-#elif defined __QNX__
-# define GTEST_OS_QNX 1
-#endif // __CYGWIN__
-
// Macros for disabling Microsoft Visual C++ warnings.
//
// GTEST_DISABLE_MSC_WARNINGS_PUSH_(4800 4385)
// /* code that triggers warnings C4800 and C4385 */
// GTEST_DISABLE_MSC_WARNINGS_POP_()
-#if _MSC_VER >= 1500
+#if _MSC_VER >= 1400
# define GTEST_DISABLE_MSC_WARNINGS_PUSH_(warnings) \
__pragma(warning(push)) \
__pragma(warning(disable: warnings))
@@ -364,12 +327,28 @@
# define GTEST_DISABLE_MSC_WARNINGS_POP_()
#endif
+// Clang on Windows does not understand MSVC's pragma warning.
+// We need clang-specific way to disable function deprecation warning.
+#ifdef __clang__
+# define GTEST_DISABLE_MSC_DEPRECATED_PUSH_() \
+ _Pragma("clang diagnostic push") \
+ _Pragma("clang diagnostic ignored \"-Wdeprecated-declarations\"") \
+ _Pragma("clang diagnostic ignored \"-Wdeprecated-implementations\"")
+#define GTEST_DISABLE_MSC_DEPRECATED_POP_() \
+ _Pragma("clang diagnostic pop")
+#else
+# define GTEST_DISABLE_MSC_DEPRECATED_PUSH_() \
+ GTEST_DISABLE_MSC_WARNINGS_PUSH_(4996)
+# define GTEST_DISABLE_MSC_DEPRECATED_POP_() \
+ GTEST_DISABLE_MSC_WARNINGS_POP_()
+#endif
+
#ifndef GTEST_LANG_CXX11
// gcc and clang define __GXX_EXPERIMENTAL_CXX0X__ when
// -std={c,gnu}++{0x,11} is passed. The C++11 standard specifies a
// value for __cplusplus, and recent versions of clang, gcc, and
// probably other compilers set that too in C++11 mode.
-# if __GXX_EXPERIMENTAL_CXX0X__ || __cplusplus >= 201103L
+# if __GXX_EXPERIMENTAL_CXX0X__ || __cplusplus >= 201103L || _MSC_VER >= 1900
// Compiling in at least C++11 mode.
# define GTEST_LANG_CXX11 1
# else
@@ -377,12 +356,40 @@
# endif
#endif
-// C++11 specifies that <initializer_list> provides std::initializer_list. Use
-// that if gtest is used in C++11 mode and libstdc++ isn't very old (binaries
-// targeting OS X 10.6 can build with clang but need to use gcc4.2's
-// libstdc++).
-#if GTEST_LANG_CXX11 && (!defined(__GLIBCXX__) || __GLIBCXX__ > 20110325)
+// Distinct from C++11 language support, some environments don't provide
+// proper C++11 library support. Notably, it's possible to build in
+// C++11 mode when targeting Mac OS X 10.6, which has an old libstdc++
+// with no C++11 support.
+//
+// libstdc++ has sufficient C++11 support as of GCC 4.6.0, __GLIBCXX__
+// 20110325, but maintenance releases in the 4.4 and 4.5 series followed
+// this date, so check for those versions by their date stamps.
+// https://gcc.gnu.org/onlinedocs/libstdc++/manual/abi.html#abi.versioning
+#if GTEST_LANG_CXX11 && \
+ (!defined(__GLIBCXX__) || ( \
+ __GLIBCXX__ >= 20110325ul && /* GCC >= 4.6.0 */ \
+ /* Blacklist of patch releases of older branches: */ \
+ __GLIBCXX__ != 20110416ul && /* GCC 4.4.6 */ \
+ __GLIBCXX__ != 20120313ul && /* GCC 4.4.7 */ \
+ __GLIBCXX__ != 20110428ul && /* GCC 4.5.3 */ \
+ __GLIBCXX__ != 20120702ul)) /* GCC 4.5.4 */
+# define GTEST_STDLIB_CXX11 1
+#endif
+
+// Only use C++11 library features if the library provides them.
+#if GTEST_STDLIB_CXX11
+# define GTEST_HAS_STD_BEGIN_AND_END_ 1
+# define GTEST_HAS_STD_FORWARD_LIST_ 1
+# if !defined(_MSC_VER) || (_MSC_FULL_VER >= 190023824)
+// works only with VS2015U2 and better
+# define GTEST_HAS_STD_FUNCTION_ 1
+# endif
# define GTEST_HAS_STD_INITIALIZER_LIST_ 1
+# define GTEST_HAS_STD_MOVE_ 1
+# define GTEST_HAS_STD_UNIQUE_PTR_ 1
+# define GTEST_HAS_STD_SHARED_PTR_ 1
+# define GTEST_HAS_UNORDERED_MAP_ 1
+# define GTEST_HAS_UNORDERED_SET_ 1
#endif
// C++11 specifies that <tuple> provides std::tuple.
@@ -390,7 +397,8 @@
#if GTEST_LANG_CXX11
# define GTEST_HAS_STD_TUPLE_ 1
# if defined(__clang__)
-// Inspired by http://clang.llvm.org/docs/LanguageExtensions.html#__has_include
+// Inspired by
+// https://clang.llvm.org/docs/LanguageExtensions.html#include-file-checking-macros
# if defined(__has_include) && !__has_include(<tuple>)
# undef GTEST_HAS_STD_TUPLE_
# endif
@@ -402,7 +410,7 @@
# elif defined(__GLIBCXX__)
// Inspired by boost/config/stdlib/libstdcpp3.hpp,
// http://gcc.gnu.org/gcc-4.2/changes.html and
-// http://gcc.gnu.org/onlinedocs/libstdc++/manual/bk01pt01ch01.html#manual.intro.status.standard.200x
+// https://web.archive.org/web/20140227044429/gcc.gnu.org/onlinedocs/libstdc++/manual/bk01pt01ch01.html#manual.intro.status.standard.200x
# if __GNUC__ < 4 || (__GNUC__ == 4 && __GNUC_MINOR__ < 2)
# undef GTEST_HAS_STD_TUPLE_
# endif
@@ -418,10 +426,16 @@
# include <io.h>
# endif
// In order to avoid having to include <windows.h>, use forward declaration
-// assuming CRITICAL_SECTION is a typedef of _RTL_CRITICAL_SECTION.
+#if GTEST_OS_WINDOWS_MINGW && !defined(__MINGW64_VERSION_MAJOR)
+// MinGW defined _CRITICAL_SECTION and _RTL_CRITICAL_SECTION as two
+// separate (equivalent) structs, instead of using typedef
+typedef struct _CRITICAL_SECTION GTEST_CRITICAL_SECTION;
+#else
+// Assume CRITICAL_SECTION is a typedef of _RTL_CRITICAL_SECTION.
// This assumption is verified by
// WindowsTypesTest.CRITICAL_SECTIONIs_RTL_CRITICAL_SECTION.
-struct _RTL_CRITICAL_SECTION;
+typedef struct _RTL_CRITICAL_SECTION GTEST_CRITICAL_SECTION;
+#endif
#else
// This assumes that non-Windows OSes provide unistd.h. For OSes where this
// is not the case, we need to include headers that provide the functions
@@ -445,7 +459,10 @@ struct _RTL_CRITICAL_SECTION;
# endif
#endif
-#if GTEST_HAS_POSIX_RE
+#if GTEST_USES_PCRE
+// The appropriate headers have already been included.
+
+#elif GTEST_HAS_POSIX_RE
// On some platforms, <regex.h> needs someone to define size_t, and
// won't compile otherwise. We can #include it here as we already
@@ -467,19 +484,31 @@ struct _RTL_CRITICAL_SECTION;
// simple regex implementation instead.
# define GTEST_USES_SIMPLE_RE 1
-#endif // GTEST_HAS_POSIX_RE
+#endif // GTEST_USES_PCRE
#ifndef GTEST_HAS_EXCEPTIONS
// The user didn't tell us whether exceptions are enabled, so we need
// to figure it out.
-# if defined(_MSC_VER) || defined(__BORLANDC__)
-// MSVC's and C++Builder's implementations of the STL use the _HAS_EXCEPTIONS
+# if defined(_MSC_VER) && defined(_CPPUNWIND)
+// MSVC defines _CPPUNWIND to 1 iff exceptions are enabled.
+# define GTEST_HAS_EXCEPTIONS 1
+# elif defined(__BORLANDC__)
+// C++Builder's implementation of the STL uses the _HAS_EXCEPTIONS
// macro to enable exceptions, so we'll do the same.
// Assumes that exceptions are enabled by default.
# ifndef _HAS_EXCEPTIONS
# define _HAS_EXCEPTIONS 1
# endif // _HAS_EXCEPTIONS
# define GTEST_HAS_EXCEPTIONS _HAS_EXCEPTIONS
+# elif defined(__clang__)
+// clang defines __EXCEPTIONS iff exceptions are enabled before clang 220714,
+// but iff cleanups are enabled after that. In Obj-C++ files, there can be
+// cleanups for ObjC exceptions which also need cleanups, even if C++ exceptions
+// are disabled. clang has __has_feature(cxx_exceptions) which checks for C++
+// exceptions starting at clang r206352, but which checked for cleanups prior to
+// that. To reliably check for C++ exception availability with clang, check for
+// __EXCEPTIONS && __has_feature(cxx_exceptions).
+# define GTEST_HAS_EXCEPTIONS (__EXCEPTIONS && __has_feature(cxx_exceptions))
# elif defined(__GNUC__) && __EXCEPTIONS
// gcc defines __EXCEPTIONS to 1 iff exceptions are enabled.
# define GTEST_HAS_EXCEPTIONS 1
@@ -508,21 +537,17 @@ struct _RTL_CRITICAL_SECTION;
# define GTEST_HAS_STD_STRING 1
#elif !GTEST_HAS_STD_STRING
// The user told us that ::std::string isn't available.
-# error "Google Test cannot be used where ::std::string isn't available."
+# error "::std::string isn't available."
#endif // !defined(GTEST_HAS_STD_STRING)
#ifndef GTEST_HAS_GLOBAL_STRING
-// The user didn't tell us whether ::string is available, so we need
-// to figure it out.
-
# define GTEST_HAS_GLOBAL_STRING 0
-
#endif // GTEST_HAS_GLOBAL_STRING
#ifndef GTEST_HAS_STD_WSTRING
// The user didn't tell us whether ::std::wstring is available, so we need
// to figure it out.
-// TODO(wan@google.com): uses autoconf to detect whether ::std::wstring
+// FIXME: uses autoconf to detect whether ::std::wstring
// is available.
// Cygwin 1.7 and below doesn't support ::std::wstring.
@@ -605,13 +630,14 @@ struct _RTL_CRITICAL_SECTION;
// Determines whether Google Test can use the pthreads library.
#ifndef GTEST_HAS_PTHREAD
-// The user didn't tell us explicitly, so we assume pthreads support is
-// available on Linux and Mac.
+// The user didn't tell us explicitly, so we make reasonable assumptions about
+// which platforms have pthreads support.
//
// To disable threading support in Google Test, add -DGTEST_HAS_PTHREAD=0
// to your compiler flags.
-# define GTEST_HAS_PTHREAD (GTEST_OS_LINUX || GTEST_OS_MAC || GTEST_OS_HPUX \
- || GTEST_OS_QNX)
+#define GTEST_HAS_PTHREAD \
+ (GTEST_OS_LINUX || GTEST_OS_MAC || GTEST_OS_HPUX || GTEST_OS_QNX || \
+ GTEST_OS_FREEBSD || GTEST_OS_NACL || GTEST_OS_NETBSD || GTEST_OS_FUCHSIA)
#endif // GTEST_HAS_PTHREAD
#if GTEST_HAS_PTHREAD
@@ -623,6 +649,15 @@ struct _RTL_CRITICAL_SECTION;
# include <time.h> // NOLINT
#endif
+// Determines if hash_map/hash_set are available.
+// Only used for testing against those containers.
+#if !defined(GTEST_HAS_HASH_MAP_)
+# if defined(_MSC_VER) && (_MSC_VER < 1900)
+# define GTEST_HAS_HASH_MAP_ 1 // Indicates that hash_map is available.
+# define GTEST_HAS_HASH_SET_ 1 // Indicates that hash_set is available.
+# endif // _MSC_VER
+#endif // !defined(GTEST_HAS_HASH_MAP_)
+
// Determines whether Google Test can use tr1/tuple. You can define
// this macro to 0 to prevent Google Test from using tuple (any
// feature depending on tuple with be disabled in this mode).
@@ -630,6 +665,14 @@ struct _RTL_CRITICAL_SECTION;
# if GTEST_OS_LINUX_ANDROID && defined(_STLPORT_MAJOR)
// STLport, provided with the Android NDK, has neither <tr1/tuple> or <tuple>.
# define GTEST_HAS_TR1_TUPLE 0
+# elif defined(_MSC_VER) && (_MSC_VER >= 1910)
+// Prevent `warning C4996: 'std::tr1': warning STL4002:
+// The non-Standard std::tr1 namespace and TR1-only machinery
+// are deprecated and will be REMOVED.`
+# define GTEST_HAS_TR1_TUPLE 0
+# elif GTEST_LANG_CXX11 && defined(_LIBCPP_VERSION)
+// libc++ doesn't support TR1.
+# define GTEST_HAS_TR1_TUPLE 0
# else
// The user didn't tell us not to do it, so we assume it's OK.
# define GTEST_HAS_TR1_TUPLE 1
@@ -639,6 +682,10 @@ struct _RTL_CRITICAL_SECTION;
// Determines whether Google Test's own tr1 tuple implementation
// should be used.
#ifndef GTEST_USE_OWN_TR1_TUPLE
+// We use our own tuple implementation on Symbian.
+# if GTEST_OS_SYMBIAN
+# define GTEST_USE_OWN_TR1_TUPLE 1
+# else
// The user didn't tell us, so we need to figure it out.
// We use our own TR1 tuple if we aren't sure the user has an
@@ -652,7 +699,8 @@ struct _RTL_CRITICAL_SECTION;
// support TR1 tuple. libc++ only provides std::tuple, in C++11 mode,
// and it can be used with some compilers that define __GNUC__.
# if (defined(__GNUC__) && !defined(__CUDACC__) && (GTEST_GCC_VER_ >= 40000) \
- && !GTEST_OS_QNX && !defined(_LIBCPP_VERSION)) || _MSC_VER >= 1600
+ && !GTEST_OS_QNX && !defined(_LIBCPP_VERSION)) \
+ || (_MSC_VER >= 1600 && _MSC_VER < 1900)
# define GTEST_ENV_HAS_TR1_TUPLE_ 1
# endif
@@ -668,12 +716,11 @@ struct _RTL_CRITICAL_SECTION;
# else
# define GTEST_USE_OWN_TR1_TUPLE 1
# endif
-
+# endif // GTEST_OS_SYMBIAN
#endif // GTEST_USE_OWN_TR1_TUPLE
-// To avoid conditional compilation everywhere, we make it
-// gtest-port.h's responsibility to #include the header implementing
-// tuple.
+// To avoid conditional compilation we make it gtest-port.h's responsibility
+// to #include the header implementing tuple.
#if GTEST_HAS_STD_TUPLE_
# include <tuple> // IWYU pragma: export
# define GTEST_TUPLE_NAMESPACE_ ::std
@@ -688,22 +735,6 @@ struct _RTL_CRITICAL_SECTION;
# if GTEST_USE_OWN_TR1_TUPLE
# include "gtest/internal/gtest-tuple.h" // IWYU pragma: export // NOLINT
-# elif GTEST_ENV_HAS_STD_TUPLE_
-# include <tuple>
-// C++11 puts its tuple into the ::std namespace rather than
-// ::std::tr1. gtest expects tuple to live in ::std::tr1, so put it there.
-// This causes undefined behavior, but supported compilers react in
-// the way we intend.
-namespace std {
-namespace tr1 {
-using ::std::get;
-using ::std::make_tuple;
-using ::std::tuple;
-using ::std::tuple_element;
-using ::std::tuple_size;
-}
-}
-
# elif GTEST_OS_SYMBIAN
// On Symbian, BOOST_HAS_TR1_TUPLE causes Boost's TR1 tuple library to
@@ -728,20 +759,22 @@ using ::std::tuple_size;
// Until version 4.3.2, gcc has a bug that causes <tr1/functional>,
// which is #included by <tr1/tuple>, to not compile when RTTI is
// disabled. _TR1_FUNCTIONAL is the header guard for
-// <tr1/functional>. Hence the following #define is a hack to prevent
+// <tr1/functional>. Hence the following #define is used to prevent
// <tr1/functional> from being included.
# define _TR1_FUNCTIONAL 1
# include <tr1/tuple>
# undef _TR1_FUNCTIONAL // Allows the user to #include
- // <tr1/functional> if he chooses to.
+ // <tr1/functional> if they choose to.
# else
# include <tr1/tuple> // NOLINT
# endif // !GTEST_HAS_RTTI && GTEST_GCC_VER_ < 40302
-# else
-// If the compiler is not GCC 4.0+, we assume the user is using a
-// spec-conforming TR1 implementation.
+// VS 2010 now has tr1 support.
+# elif _MSC_VER >= 1600
# include <tuple> // IWYU pragma: export // NOLINT
+
+# else // GTEST_USE_OWN_TR1_TUPLE
+# include <tr1/tuple> // IWYU pragma: export // NOLINT
# endif // GTEST_USE_OWN_TR1_TUPLE
#endif // GTEST_HAS_TR1_TUPLE
@@ -755,8 +788,12 @@ using ::std::tuple_size;
# if GTEST_OS_LINUX && !defined(__ia64__)
# if GTEST_OS_LINUX_ANDROID
-// On Android, clone() is only available on ARM starting with Gingerbread.
-# if defined(__arm__) && __ANDROID_API__ >= 9
+// On Android, clone() became available at different API levels for each 32-bit
+// architecture.
+# if defined(__LP64__) || \
+ (defined(__arm__) && __ANDROID_API__ >= 9) || \
+ (defined(__mips__) && __ANDROID_API__ >= 12) || \
+ (defined(__i386__) && __ANDROID_API__ >= 17)
# define GTEST_HAS_CLONE 1
# else
# define GTEST_HAS_CLONE 0
@@ -787,20 +824,15 @@ using ::std::tuple_size;
// Google Test does not support death tests for VC 7.1 and earlier as
// abort() in a VC 7.1 application compiled as GUI in debug config
// pops up a dialog window that cannot be suppressed programmatically.
-#if (GTEST_OS_LINUX || GTEST_OS_CYGWIN || GTEST_OS_SOLARIS || \
- (GTEST_OS_MAC && !GTEST_OS_IOS) || GTEST_OS_IOS_SIMULATOR || \
- (GTEST_OS_WINDOWS_DESKTOP && _MSC_VER >= 1400) || \
+#if (GTEST_OS_LINUX || GTEST_OS_CYGWIN || GTEST_OS_SOLARIS || \
+ (GTEST_OS_MAC && !GTEST_OS_IOS) || \
+ (GTEST_OS_WINDOWS_DESKTOP && _MSC_VER >= 1400) || \
GTEST_OS_WINDOWS_MINGW || GTEST_OS_AIX || GTEST_OS_HPUX || \
- GTEST_OS_OPENBSD || GTEST_OS_QNX)
+ GTEST_OS_OPENBSD || GTEST_OS_QNX || GTEST_OS_FREEBSD || \
+ GTEST_OS_NETBSD || GTEST_OS_FUCHSIA)
# define GTEST_HAS_DEATH_TEST 1
-# include <vector> // NOLINT
#endif
-// We don't support MSVC 7.1 with exceptions disabled now. Therefore
-// all the compilers we care about are adequate for supporting
-// value-parameterized tests.
-#define GTEST_HAS_PARAM_TEST 1
-
// Determines whether to support type-driven tests.
// Typed tests need <typeinfo> and variadic macros, which GCC, VC++ 8.0,
@@ -815,7 +847,7 @@ using ::std::tuple_size;
// value-parameterized tests are enabled. The implementation doesn't
// work on Sun Studio since it doesn't understand templated conversion
// operators.
-#if GTEST_HAS_PARAM_TEST && GTEST_HAS_TR1_TUPLE && !defined(__SUNPRO_CC)
+#if (GTEST_HAS_TR1_TUPLE || GTEST_HAS_STD_TUPLE_) && !defined(__SUNPRO_CC)
# define GTEST_HAS_COMBINE 1
#endif
@@ -857,19 +889,48 @@ using ::std::tuple_size;
// compiler the variable/parameter does not have to be used.
#if defined(__GNUC__) && !defined(COMPILER_ICC)
# define GTEST_ATTRIBUTE_UNUSED_ __attribute__ ((unused))
-#else
+#elif defined(__clang__)
+# if __has_attribute(unused)
+# define GTEST_ATTRIBUTE_UNUSED_ __attribute__ ((unused))
+# endif
+#endif
+#ifndef GTEST_ATTRIBUTE_UNUSED_
# define GTEST_ATTRIBUTE_UNUSED_
#endif
+#if GTEST_LANG_CXX11
+# define GTEST_CXX11_EQUALS_DELETE_ = delete
+#else // GTEST_LANG_CXX11
+# define GTEST_CXX11_EQUALS_DELETE_
+#endif // GTEST_LANG_CXX11
+
+// Use this annotation before a function that takes a printf format string.
+#if (defined(__GNUC__) || defined(__clang__)) && !defined(COMPILER_ICC)
+# if defined(__MINGW_PRINTF_FORMAT)
+// MinGW has two different printf implementations. Ensure the format macro
+// matches the selected implementation. See
+// https://sourceforge.net/p/mingw-w64/wiki2/gnu%20printf/.
+# define GTEST_ATTRIBUTE_PRINTF_(string_index, first_to_check) \
+ __attribute__((__format__(__MINGW_PRINTF_FORMAT, string_index, \
+ first_to_check)))
+# else
+# define GTEST_ATTRIBUTE_PRINTF_(string_index, first_to_check) \
+ __attribute__((__format__(__printf__, string_index, first_to_check)))
+# endif
+#else
+# define GTEST_ATTRIBUTE_PRINTF_(string_index, first_to_check)
+#endif
+
+
// A macro to disallow operator=
// This should be used in the private: declarations for a class.
-#define GTEST_DISALLOW_ASSIGN_(type)\
- void operator=(type const &)
+#define GTEST_DISALLOW_ASSIGN_(type) \
+ void operator=(type const &) GTEST_CXX11_EQUALS_DELETE_
// A macro to disallow copy constructor and operator=
// This should be used in the private: declarations for a class.
-#define GTEST_DISALLOW_COPY_AND_ASSIGN_(type)\
- type(type const &);\
+#define GTEST_DISALLOW_COPY_AND_ASSIGN_(type) \
+ type(type const &) GTEST_CXX11_EQUALS_DELETE_; \
GTEST_DISALLOW_ASSIGN_(type)
// Tell the compiler to warn about unused return values for functions declared
@@ -883,12 +944,6 @@ using ::std::tuple_size;
# define GTEST_MUST_USE_RESULT_
#endif // __GNUC__ && (GTEST_GCC_VER_ >= 30400) && !COMPILER_ICC
-#if GTEST_LANG_CXX11
-# define GTEST_MOVE_(x) ::std::move(x) // NOLINT
-#else
-# define GTEST_MOVE_(x) x
-#endif
-
// MS C++ compiler emits warning when a conditional expression is compile time
// constant. In some contexts this warning is false positive and needs to be
// suppressed. Use the following two macros in such cases:
@@ -917,25 +972,36 @@ using ::std::tuple_size;
# endif
#define GTEST_IS_THREADSAFE \
- (0 \
+ (GTEST_HAS_MUTEX_AND_THREAD_LOCAL_ \
|| (GTEST_OS_WINDOWS && !GTEST_OS_WINDOWS_PHONE && !GTEST_OS_WINDOWS_RT) \
|| GTEST_HAS_PTHREAD)
#endif // GTEST_HAS_SEH
-#ifdef _MSC_VER
+// GTEST_API_ qualifies all symbols that must be exported. The definitions below
+// are guarded by #ifndef to give embedders a chance to define GTEST_API_ in
+// gtest/internal/custom/gtest-port.h
+#ifndef GTEST_API_
+#ifdef _MSC_VER
# if GTEST_LINKED_AS_SHARED_LIBRARY
# define GTEST_API_ __declspec(dllimport)
# elif GTEST_CREATE_SHARED_LIBRARY
# define GTEST_API_ __declspec(dllexport)
# endif
-
+#elif __GNUC__ >= 4 || defined(__clang__)
+# define GTEST_API_ __attribute__((visibility ("default")))
#endif // _MSC_VER
+#endif // GTEST_API_
+
#ifndef GTEST_API_
# define GTEST_API_
-#endif
+#endif // GTEST_API_
+
+#ifndef GTEST_DEFAULT_DEATH_TEST_STYLE
+# define GTEST_DEFAULT_DEATH_TEST_STYLE "fast"
+#endif // GTEST_DEFAULT_DEATH_TEST_STYLE
#ifdef __GNUC__
// Ask the compiler to never inline a given function.
@@ -945,10 +1011,12 @@ using ::std::tuple_size;
#endif
// _LIBCPP_VERSION is defined by the libc++ library from the LLVM project.
-#if defined(__GLIBCXX__) || defined(_LIBCPP_VERSION)
-# define GTEST_HAS_CXXABI_H_ 1
-#else
-# define GTEST_HAS_CXXABI_H_ 0
+#if !defined(GTEST_HAS_CXXABI_H_)
+# if defined(__GLIBCXX__) || (defined(_LIBCPP_VERSION) && !defined(_MSC_VER))
+# define GTEST_HAS_CXXABI_H_ 1
+# else
+# define GTEST_HAS_CXXABI_H_ 0
+# endif
#endif
// A function level attribute to disable checking for use of uninitialized
@@ -1025,16 +1093,22 @@ class Secret;
// the expression is false, most compilers will issue a warning/error
// containing the name of the variable.
+#if GTEST_LANG_CXX11
+# define GTEST_COMPILE_ASSERT_(expr, msg) static_assert(expr, #msg)
+#else // !GTEST_LANG_CXX11
template <bool>
-struct CompileAssert {
+ struct CompileAssert {
};
-#define GTEST_COMPILE_ASSERT_(expr, msg) \
+# define GTEST_COMPILE_ASSERT_(expr, msg) \
typedef ::testing::internal::CompileAssert<(static_cast<bool>(expr))> \
msg[static_cast<bool>(expr) ? 1 : -1] GTEST_ATTRIBUTE_UNUSED_
+#endif // !GTEST_LANG_CXX11
// Implementation details of GTEST_COMPILE_ASSERT_:
//
+// (In C++11, we simply use static_assert instead of the following)
+//
// - GTEST_COMPILE_ASSERT_ works by defining an array type that has -1
// elements (and thus is invalid) when the expression is false.
//
@@ -1085,6 +1159,16 @@ struct StaticAssertTypeEqHelper<T, T> {
enum { value = true };
};
+// Same as std::is_same<>.
+template <typename T, typename U>
+struct IsSame {
+ enum { value = false };
+};
+template <typename T>
+struct IsSame<T, T> {
+ enum { value = true };
+};
+
// Evaluates to the number of elements in 'array'.
#define GTEST_ARRAY_SIZE_(array) (sizeof(array) / sizeof(array[0]))
@@ -1148,6 +1232,10 @@ class scoped_ptr {
// Defines RE.
+#if GTEST_USES_PCRE
+// if used, PCRE is injected by custom/gtest-port.h
+#elif GTEST_USES_POSIX_RE || GTEST_USES_SIMPLE_RE
+
// A simple C++ wrapper for <regex.h>. It uses the POSIX Extended
// Regular Expression syntax.
class GTEST_API_ RE {
@@ -1159,11 +1247,11 @@ class GTEST_API_ RE {
// Constructs an RE from a string.
RE(const ::std::string& regex) { Init(regex.c_str()); } // NOLINT
-#if GTEST_HAS_GLOBAL_STRING
+# if GTEST_HAS_GLOBAL_STRING
RE(const ::string& regex) { Init(regex.c_str()); } // NOLINT
-#endif // GTEST_HAS_GLOBAL_STRING
+# endif // GTEST_HAS_GLOBAL_STRING
RE(const char* regex) { Init(regex); } // NOLINT
~RE();
@@ -1176,7 +1264,7 @@ class GTEST_API_ RE {
// PartialMatch(str, re) returns true iff regular expression re
// matches a substring of str (including str itself).
//
- // TODO(wan@google.com): make FullMatch() and PartialMatch() work
+ // FIXME: make FullMatch() and PartialMatch() work
// when str contains NUL characters.
static bool FullMatch(const ::std::string& str, const RE& re) {
return FullMatch(str.c_str(), re);
@@ -1185,7 +1273,7 @@ class GTEST_API_ RE {
return PartialMatch(str.c_str(), re);
}
-#if GTEST_HAS_GLOBAL_STRING
+# if GTEST_HAS_GLOBAL_STRING
static bool FullMatch(const ::string& str, const RE& re) {
return FullMatch(str.c_str(), re);
@@ -1194,7 +1282,7 @@ class GTEST_API_ RE {
return PartialMatch(str.c_str(), re);
}
-#endif // GTEST_HAS_GLOBAL_STRING
+# endif // GTEST_HAS_GLOBAL_STRING
static bool FullMatch(const char* str, const RE& re);
static bool PartialMatch(const char* str, const RE& re);
@@ -1203,25 +1291,27 @@ class GTEST_API_ RE {
void Init(const char* regex);
// We use a const char* instead of an std::string, as Google Test used to be
- // used where std::string is not available. TODO(wan@google.com): change to
+ // used where std::string is not available. FIXME: change to
// std::string.
const char* pattern_;
bool is_valid_;
-#if GTEST_USES_POSIX_RE
+# if GTEST_USES_POSIX_RE
regex_t full_regex_; // For FullMatch().
regex_t partial_regex_; // For PartialMatch().
-#else // GTEST_USES_SIMPLE_RE
+# else // GTEST_USES_SIMPLE_RE
const char* full_pattern_; // For FullMatch();
-#endif
+# endif
GTEST_DISALLOW_ASSIGN_(RE);
};
+#endif // GTEST_USES_PCRE
+
// Formats a source file path and a line number as they would appear
// in an error message from the compiler used to compile this code.
GTEST_API_ ::std::string FormatFileLocation(const char* file, int line);
@@ -1263,13 +1353,18 @@ class GTEST_API_ GTestLog {
GTEST_DISALLOW_COPY_AND_ASSIGN_(GTestLog);
};
-#define GTEST_LOG_(severity) \
+#if !defined(GTEST_LOG_)
+
+# define GTEST_LOG_(severity) \
::testing::internal::GTestLog(::testing::internal::GTEST_##severity, \
__FILE__, __LINE__).GetStream()
inline void LogToStderr() {}
inline void FlushInfoLog() { fflush(NULL); }
+#endif // !defined(GTEST_LOG_)
+
+#if !defined(GTEST_CHECK_)
// INTERNAL IMPLEMENTATION - DO NOT USE.
//
// GTEST_CHECK_ is an all-mode assert. It aborts the program if the condition
@@ -1284,12 +1379,13 @@ inline void FlushInfoLog() { fflush(NULL); }
// condition itself, plus additional message streamed into it, if any,
// and then it aborts the program. It aborts the program irrespective of
// whether it is built in the debug mode or not.
-#define GTEST_CHECK_(condition) \
+# define GTEST_CHECK_(condition) \
GTEST_AMBIGUOUS_ELSE_BLOCKER_ \
if (::testing::internal::IsTrue(condition)) \
; \
else \
GTEST_LOG_(FATAL) << "Condition " #condition " failed. "
+#endif // !defined(GTEST_CHECK_)
// An all-mode assert to verify that the given POSIX-style function
// call returns 0 (indicating success). Known limitation: this
@@ -1301,6 +1397,61 @@ inline void FlushInfoLog() { fflush(NULL); }
GTEST_LOG_(FATAL) << #posix_call << "failed with error " \
<< gtest_error
+// Adds reference to a type if it is not a reference type,
+// otherwise leaves it unchanged. This is the same as
+// tr1::add_reference, which is not widely available yet.
+template <typename T>
+struct AddReference { typedef T& type; }; // NOLINT
+template <typename T>
+struct AddReference<T&> { typedef T& type; }; // NOLINT
+
+// A handy wrapper around AddReference that works when the argument T
+// depends on template parameters.
+#define GTEST_ADD_REFERENCE_(T) \
+ typename ::testing::internal::AddReference<T>::type
+
+// Transforms "T" into "const T&" according to standard reference collapsing
+// rules (this is only needed as a backport for C++98 compilers that do not
+// support reference collapsing). Specifically, it transforms:
+//
+// char ==> const char&
+// const char ==> const char&
+// char& ==> char&
+// const char& ==> const char&
+//
+// Note that the non-const reference will not have "const" added. This is
+// standard, and necessary so that "T" can always bind to "const T&".
+template <typename T>
+struct ConstRef { typedef const T& type; };
+template <typename T>
+struct ConstRef<T&> { typedef T& type; };
+
+// The argument T must depend on some template parameters.
+#define GTEST_REFERENCE_TO_CONST_(T) \
+ typename ::testing::internal::ConstRef<T>::type
+
+#if GTEST_HAS_STD_MOVE_
+using std::forward;
+using std::move;
+
+template <typename T>
+struct RvalueRef {
+ typedef T&& type;
+};
+#else // GTEST_HAS_STD_MOVE_
+template <typename T>
+const T& move(const T& t) {
+ return t;
+}
+template <typename T>
+GTEST_ADD_REFERENCE_(T) forward(GTEST_ADD_REFERENCE_(T) t) { return t; }
+
+template <typename T>
+struct RvalueRef {
+ typedef const T& type;
+};
+#endif // GTEST_HAS_STD_MOVE_
+
// INTERNAL IMPLEMENTATION - DO NOT USE IN USER CODE.
//
// Use ImplicitCast_ as a safe version of static_cast for upcasting in
@@ -1374,6 +1525,11 @@ template <class Derived, class Base>
Derived* CheckedDowncastToActualType(Base* base) {
#if GTEST_HAS_RTTI
GTEST_CHECK_(typeid(*base) == typeid(Derived));
+#endif
+
+#if GTEST_HAS_DOWNCAST_
+ return ::down_cast<Derived*>(base);
+#elif GTEST_HAS_RTTI
return dynamic_cast<Derived*>(base); // NOLINT
#else
return static_cast<Derived*>(base); // Poor man's downcast.
@@ -1394,16 +1550,25 @@ GTEST_API_ void CaptureStderr();
GTEST_API_ std::string GetCapturedStderr();
#endif // GTEST_HAS_STREAM_REDIRECTION
+// Returns the size (in bytes) of a file.
+GTEST_API_ size_t GetFileSize(FILE* file);
+// Reads the entire content of a file as a string.
+GTEST_API_ std::string ReadEntireFile(FILE* file);
-#if GTEST_HAS_DEATH_TEST
+// All command line arguments.
+GTEST_API_ std::vector<std::string> GetArgvs();
-const ::std::vector<testing::internal::string>& GetInjectableArgvs();
-void SetInjectableArgvs(const ::std::vector<testing::internal::string>*
- new_argvs);
+#if GTEST_HAS_DEATH_TEST
-// A copy of all command line arguments. Set by InitGoogleTest().
-extern ::std::vector<testing::internal::string> g_argvs;
+std::vector<std::string> GetInjectableArgvs();
+// Deprecated: pass the args vector by value instead.
+void SetInjectableArgvs(const std::vector<std::string>* new_argvs);
+void SetInjectableArgvs(const std::vector<std::string>& new_argvs);
+#if GTEST_HAS_GLOBAL_STRING
+void SetInjectableArgvs(const std::vector< ::string>& new_argvs);
+#endif // GTEST_HAS_GLOBAL_STRING
+void ClearInjectableArgvs();
#endif // GTEST_HAS_DEATH_TEST
@@ -1422,7 +1587,10 @@ inline void SleepMilliseconds(int n) {
}
# endif // GTEST_HAS_PTHREAD
-# if 0 // OS detection
+# if GTEST_HAS_NOTIFICATION_
+// Notification has already been imported into the namespace.
+// Nothing to do here.
+
# elif GTEST_HAS_PTHREAD
// Allows a controller thread to pause execution of newly created
// threads until notified. Instances of this class must be created
@@ -1516,7 +1684,7 @@ class GTEST_API_ Notification {
GTEST_DISALLOW_COPY_AND_ASSIGN_(Notification);
};
-# endif // OS detection
+# endif // GTEST_HAS_NOTIFICATION_
// On MinGW, we can have both GTEST_OS_WINDOWS and GTEST_HAS_PTHREAD
// defined, but we don't want to use MinGW's pthreads implementation, which
@@ -1599,9 +1767,13 @@ class ThreadWithParam : public ThreadWithParamBase {
GTEST_DISALLOW_COPY_AND_ASSIGN_(ThreadWithParam);
};
-# endif // GTEST_HAS_PTHREAD && !GTEST_OS_WINDOWS_MINGW
+# endif // !GTEST_OS_WINDOWS && GTEST_HAS_PTHREAD ||
+ // GTEST_HAS_MUTEX_AND_THREAD_LOCAL_
+
+# if GTEST_HAS_MUTEX_AND_THREAD_LOCAL_
+// Mutex and ThreadLocal have already been imported into the namespace.
+// Nothing to do here.
-# if 0 // OS detection
# elif GTEST_OS_WINDOWS && !GTEST_OS_WINDOWS_PHONE && !GTEST_OS_WINDOWS_RT
// Mutex implements mutex on Windows platforms. It is used in conjunction
@@ -1646,7 +1818,7 @@ class GTEST_API_ Mutex {
// Initializes owner_thread_id_ and critical_section_ in static mutexes.
void ThreadSafeLazyInit();
- // Per http://blogs.msdn.com/b/oldnewthing/archive/2004/02/23/78395.aspx,
+ // Per https://blogs.msdn.microsoft.com/oldnewthing/20040223-00/?p=40503,
// we assume that 0 is an invalid value for thread IDs.
unsigned int owner_thread_id_;
@@ -1654,7 +1826,7 @@ class GTEST_API_ Mutex {
// by the linker.
MutexType type_;
long critical_section_init_phase_; // NOLINT
- _RTL_CRITICAL_SECTION* critical_section_;
+ GTEST_CRITICAL_SECTION* critical_section_;
GTEST_DISALLOW_COPY_AND_ASSIGN_(Mutex);
};
@@ -1806,8 +1978,9 @@ class ThreadWithParam : public ThreadWithParamBase {
template <typename T>
class ThreadLocal : public ThreadLocalBase {
public:
- ThreadLocal() : default_() {}
- explicit ThreadLocal(const T& value) : default_(value) {}
+ ThreadLocal() : default_factory_(new DefaultValueHolderFactory()) {}
+ explicit ThreadLocal(const T& value)
+ : default_factory_(new InstanceValueHolderFactory(value)) {}
~ThreadLocal() { ThreadLocalRegistry::OnThreadLocalDestroyed(this); }
@@ -1821,6 +1994,7 @@ class ThreadLocal : public ThreadLocalBase {
// knowing the type of T.
class ValueHolder : public ThreadLocalValueHolderBase {
public:
+ ValueHolder() : value_() {}
explicit ValueHolder(const T& value) : value_(value) {}
T* pointer() { return &value_; }
@@ -1837,10 +2011,42 @@ class ThreadLocal : public ThreadLocalBase {
}
virtual ThreadLocalValueHolderBase* NewValueForCurrentThread() const {
- return new ValueHolder(default_);
+ return default_factory_->MakeNewHolder();
}
- const T default_; // The default value for each thread.
+ class ValueHolderFactory {
+ public:
+ ValueHolderFactory() {}
+ virtual ~ValueHolderFactory() {}
+ virtual ValueHolder* MakeNewHolder() const = 0;
+
+ private:
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(ValueHolderFactory);
+ };
+
+ class DefaultValueHolderFactory : public ValueHolderFactory {
+ public:
+ DefaultValueHolderFactory() {}
+ virtual ValueHolder* MakeNewHolder() const { return new ValueHolder(); }
+
+ private:
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(DefaultValueHolderFactory);
+ };
+
+ class InstanceValueHolderFactory : public ValueHolderFactory {
+ public:
+ explicit InstanceValueHolderFactory(const T& value) : value_(value) {}
+ virtual ValueHolder* MakeNewHolder() const {
+ return new ValueHolder(value_);
+ }
+
+ private:
+ const T value_; // The value for each thread.
+
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(InstanceValueHolderFactory);
+ };
+
+ scoped_ptr<ValueHolderFactory> default_factory_;
GTEST_DISALLOW_COPY_AND_ASSIGN_(ThreadLocal);
};
@@ -1901,8 +2107,8 @@ class MutexBase {
// particular, the owner_ field (a pthread_t) is not explicitly initialized.
// This allows initialization to work whether pthread_t is a scalar or struct.
// The flag -Wmissing-field-initializers must not be specified for this to work.
-# define GTEST_DEFINE_STATIC_MUTEX_(mutex) \
- ::testing::internal::MutexBase mutex = { PTHREAD_MUTEX_INITIALIZER, false }
+#define GTEST_DEFINE_STATIC_MUTEX_(mutex) \
+ ::testing::internal::MutexBase mutex = {PTHREAD_MUTEX_INITIALIZER, false, 0}
// The Mutex class can only be used for mutexes created at runtime. It
// shares its API with MutexBase otherwise.
@@ -1959,12 +2165,13 @@ extern "C" inline void DeleteThreadLocalValue(void* value_holder) {
// Implements thread-local storage on pthreads-based systems.
template <typename T>
-class ThreadLocal {
+class GTEST_API_ ThreadLocal {
public:
- ThreadLocal() : key_(CreateKey()),
- default_() {}
- explicit ThreadLocal(const T& value) : key_(CreateKey()),
- default_(value) {}
+ ThreadLocal()
+ : key_(CreateKey()), default_factory_(new DefaultValueHolderFactory()) {}
+ explicit ThreadLocal(const T& value)
+ : key_(CreateKey()),
+ default_factory_(new InstanceValueHolderFactory(value)) {}
~ThreadLocal() {
// Destroys the managed object for the current thread, if any.
@@ -1984,6 +2191,7 @@ class ThreadLocal {
// Holds a value of type T.
class ValueHolder : public ThreadLocalValueHolderBase {
public:
+ ValueHolder() : value_() {}
explicit ValueHolder(const T& value) : value_(value) {}
T* pointer() { return &value_; }
@@ -2009,20 +2217,52 @@ class ThreadLocal {
return CheckedDowncastToActualType<ValueHolder>(holder)->pointer();
}
- ValueHolder* const new_holder = new ValueHolder(default_);
+ ValueHolder* const new_holder = default_factory_->MakeNewHolder();
ThreadLocalValueHolderBase* const holder_base = new_holder;
GTEST_CHECK_POSIX_SUCCESS_(pthread_setspecific(key_, holder_base));
return new_holder->pointer();
}
+ class ValueHolderFactory {
+ public:
+ ValueHolderFactory() {}
+ virtual ~ValueHolderFactory() {}
+ virtual ValueHolder* MakeNewHolder() const = 0;
+
+ private:
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(ValueHolderFactory);
+ };
+
+ class DefaultValueHolderFactory : public ValueHolderFactory {
+ public:
+ DefaultValueHolderFactory() {}
+ virtual ValueHolder* MakeNewHolder() const { return new ValueHolder(); }
+
+ private:
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(DefaultValueHolderFactory);
+ };
+
+ class InstanceValueHolderFactory : public ValueHolderFactory {
+ public:
+ explicit InstanceValueHolderFactory(const T& value) : value_(value) {}
+ virtual ValueHolder* MakeNewHolder() const {
+ return new ValueHolder(value_);
+ }
+
+ private:
+ const T value_; // The value for each thread.
+
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(InstanceValueHolderFactory);
+ };
+
// A key pthreads uses for looking up per-thread values.
const pthread_key_t key_;
- const T default_; // The default value for each thread.
+ scoped_ptr<ValueHolderFactory> default_factory_;
GTEST_DISALLOW_COPY_AND_ASSIGN_(ThreadLocal);
};
-# endif // OS detection
+# endif // GTEST_HAS_MUTEX_AND_THREAD_LOCAL_
#else // GTEST_IS_THREADSAFE
@@ -2057,7 +2297,7 @@ class GTestMutexLock {
typedef GTestMutexLock MutexLock;
template <typename T>
-class ThreadLocal {
+class GTEST_API_ ThreadLocal {
public:
ThreadLocal() : value_() {}
explicit ThreadLocal(const T& value) : value_(value) {}
@@ -2076,12 +2316,13 @@ class ThreadLocal {
GTEST_API_ size_t GetThreadCount();
// Passing non-POD classes through ellipsis (...) crashes the ARM
-// compiler and generates a warning in Sun Studio. The Nokia Symbian
+// compiler and generates a warning in Sun Studio before 12u4. The Nokia Symbian
// and the IBM XL C/C++ compiler try to instantiate a copy constructor
// for objects passed through ellipsis (...), failing for uncopyable
// objects. We define this to ensure that only POD is passed through
// ellipsis on these systems.
-#if defined(__SYMBIAN32__) || defined(__IBMCPP__) || defined(__SUNPRO_CC)
+#if defined(__SYMBIAN32__) || defined(__IBMCPP__) || \
+ (defined(__SUNPRO_CC) && __SUNPRO_CC < 0x5130)
// We lose support for NULL detection where the compiler doesn't like
// passing non-POD classes through ellipsis (...).
# define GTEST_ELLIPSIS_NEEDS_POD_ 1
@@ -2107,6 +2348,13 @@ template <bool bool_value> const bool bool_constant<bool_value>::value;
typedef bool_constant<false> false_type;
typedef bool_constant<true> true_type;
+template <typename T, typename U>
+struct is_same : public false_type {};
+
+template <typename T>
+struct is_same<T, T> : public true_type {};
+
+
template <typename T>
struct is_pointer : public false_type {};
@@ -2118,6 +2366,7 @@ struct IteratorTraits {
typedef typename Iterator::value_type value_type;
};
+
template <typename T>
struct IteratorTraits<T*> {
typedef T value_type;
@@ -2179,6 +2428,13 @@ inline char ToUpper(char ch) {
return static_cast<char>(toupper(static_cast<unsigned char>(ch)));
}
+inline std::string StripTrailingSpaces(std::string str) {
+ std::string::iterator it = str.end();
+ while (it != str.begin() && IsSpace(*--it))
+ it = str.erase(it);
+ return str;
+}
+
// The testing::internal::posix namespace holds wrappers for common
// POSIX functions. These wrappers hide the differences between
// Windows/MSVC and POSIX systems. Since some compilers define these
@@ -2242,7 +2498,7 @@ inline bool IsDir(const StatStruct& st) { return S_ISDIR(st.st_mode); }
// Functions deprecated by MSVC 8.0.
-GTEST_DISABLE_MSC_WARNINGS_PUSH_(4996 /* deprecated function */)
+GTEST_DISABLE_MSC_DEPRECATED_PUSH_()
inline const char* StrNCpy(char* dest, const char* src, size_t n) {
return strncpy(dest, src, n);
@@ -2276,8 +2532,9 @@ inline int Close(int fd) { return close(fd); }
inline const char* StrError(int errnum) { return strerror(errnum); }
#endif
inline const char* GetEnv(const char* name) {
-#if GTEST_OS_WINDOWS_MOBILE || GTEST_OS_WINDOWS_PHONE | GTEST_OS_WINDOWS_RT
+#if GTEST_OS_WINDOWS_MOBILE || GTEST_OS_WINDOWS_PHONE || GTEST_OS_WINDOWS_RT
// We are on Windows CE, which has no environment variables.
+ static_cast<void>(name); // To prevent 'unused argument' warning.
return NULL;
#elif defined(__BORLANDC__) || defined(__SunOS_5_8) || defined(__SunOS_5_9)
// Environment variables which we programmatically clear will be set to the
@@ -2289,7 +2546,7 @@ inline const char* GetEnv(const char* name) {
#endif
}
-GTEST_DISABLE_MSC_WARNINGS_POP_()
+GTEST_DISABLE_MSC_DEPRECATED_POP_()
#if GTEST_OS_WINDOWS_MOBILE
// Windows CE has no C library. The abort() function is used in
@@ -2390,31 +2647,44 @@ typedef TypeWithSize<8>::Int TimeInMillis; // Represents time in milliseconds.
// Utilities for command line flags and environment variables.
// Macro for referencing flags.
-#define GTEST_FLAG(name) FLAGS_gtest_##name
+#if !defined(GTEST_FLAG)
+# define GTEST_FLAG(name) FLAGS_gtest_##name
+#endif // !defined(GTEST_FLAG)
+
+#if !defined(GTEST_USE_OWN_FLAGFILE_FLAG_)
+# define GTEST_USE_OWN_FLAGFILE_FLAG_ 1
+#endif // !defined(GTEST_USE_OWN_FLAGFILE_FLAG_)
+
+#if !defined(GTEST_DECLARE_bool_)
+# define GTEST_FLAG_SAVER_ ::testing::internal::GTestFlagSaver
// Macros for declaring flags.
-#define GTEST_DECLARE_bool_(name) GTEST_API_ extern bool GTEST_FLAG(name)
-#define GTEST_DECLARE_int32_(name) \
+# define GTEST_DECLARE_bool_(name) GTEST_API_ extern bool GTEST_FLAG(name)
+# define GTEST_DECLARE_int32_(name) \
GTEST_API_ extern ::testing::internal::Int32 GTEST_FLAG(name)
-#define GTEST_DECLARE_string_(name) \
+# define GTEST_DECLARE_string_(name) \
GTEST_API_ extern ::std::string GTEST_FLAG(name)
// Macros for defining flags.
-#define GTEST_DEFINE_bool_(name, default_val, doc) \
+# define GTEST_DEFINE_bool_(name, default_val, doc) \
GTEST_API_ bool GTEST_FLAG(name) = (default_val)
-#define GTEST_DEFINE_int32_(name, default_val, doc) \
+# define GTEST_DEFINE_int32_(name, default_val, doc) \
GTEST_API_ ::testing::internal::Int32 GTEST_FLAG(name) = (default_val)
-#define GTEST_DEFINE_string_(name, default_val, doc) \
+# define GTEST_DEFINE_string_(name, default_val, doc) \
GTEST_API_ ::std::string GTEST_FLAG(name) = (default_val)
+#endif // !defined(GTEST_DECLARE_bool_)
+
// Thread annotations
-#define GTEST_EXCLUSIVE_LOCK_REQUIRED_(locks)
-#define GTEST_LOCK_EXCLUDED_(locks)
+#if !defined(GTEST_EXCLUSIVE_LOCK_REQUIRED_)
+# define GTEST_EXCLUSIVE_LOCK_REQUIRED_(locks)
+# define GTEST_LOCK_EXCLUDED_(locks)
+#endif // !defined(GTEST_EXCLUSIVE_LOCK_REQUIRED_)
// Parses 'str' for a 32-bit signed integer. If successful, writes the result
// to *value and returns true; otherwise leaves *value unchanged and returns
// false.
-// TODO(chandlerc): Find a better way to refactor flag and environment parsing
+// FIXME: Find a better way to refactor flag and environment parsing
// out of both gtest-port.cc and gtest.cc to avoid exporting this utility
// function.
bool ParseInt32(const Message& src_text, const char* str, Int32* value);
@@ -2423,10 +2693,10 @@ bool ParseInt32(const Message& src_text, const char* str, Int32* value);
// corresponding to the given Google Test flag.
bool BoolFromGTestEnv(const char* flag, bool default_val);
GTEST_API_ Int32 Int32FromGTestEnv(const char* flag, Int32 default_val);
+std::string OutputFlagAlsoCheckEnvVar();
const char* StringFromGTestEnv(const char* flag, const char* default_val);
} // namespace internal
} // namespace testing
#endif // GTEST_INCLUDE_GTEST_INTERNAL_GTEST_PORT_H_
-
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-string.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-string.h
index 97f1a7fdd..4c9b6262c 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-string.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-string.h
@@ -27,17 +27,17 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
-// Authors: wan@google.com (Zhanyong Wan), eefacm@gmail.com (Sean Mcafee)
-//
-// The Google C++ Testing Framework (Google Test)
+// The Google C++ Testing and Mocking Framework (Google Test)
//
// This header file declares the String class and functions used internally by
// Google Test. They are subject to change without notice. They should not used
// by code external to Google Test.
//
-// This header file is #included by <gtest/internal/gtest-internal.h>.
+// This header file is #included by gtest-internal.h.
// It should not be #included by other files.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_STRING_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_STRING_H_
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-tuple.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-tuple.h
index e9b405340..78a3a6a01 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-tuple.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-tuple.h
@@ -30,11 +30,12 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
// Implements a subset of TR1 tuple needed by Google Test and Google Mock.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_TUPLE_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_TUPLE_H_
@@ -42,7 +43,7 @@
// The compiler used in Symbian has a bug that prevents us from declaring the
// tuple template as a friend (it complains that tuple is redefined). This
-// hack bypasses the bug by declaring the members that should otherwise be
+// bypasses the bug by declaring the members that should otherwise be
// private as public.
// Sun Studio versions < 12 also have the above bug.
#if defined(__SYMBIAN32__) || (defined(__SUNPRO_CC) && __SUNPRO_CC < 0x590)
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-tuple.h.pump b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-tuple.h.pump
index 429ddfeec..bb626e049 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-tuple.h.pump
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-tuple.h.pump
@@ -29,11 +29,12 @@ $$ This meta comment fixes auto-indentation in Emacs. }}
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
// Implements a subset of TR1 tuple needed by Google Test and Google Mock.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_TUPLE_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_TUPLE_H_
@@ -41,7 +42,7 @@ $$ This meta comment fixes auto-indentation in Emacs. }}
// The compiler used in Symbian has a bug that prevents us from declaring the
// tuple template as a friend (it complains that tuple is redefined). This
-// hack bypasses the bug by declaring the members that should otherwise be
+// bypasses the bug by declaring the members that should otherwise be
// private as public.
// Sun Studio versions < 12 also have the above bug.
#if defined(__SYMBIAN32__) || (defined(__SUNPRO_CC) && __SUNPRO_CC < 0x590)
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-type-util.h b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-type-util.h
index e46f7cfcb..28e411245 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-type-util.h
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-type-util.h
@@ -30,8 +30,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
// Type utilities needed for implementing typed and type-parameterized
// tests. This file is generated by a SCRIPT. DO NOT EDIT BY HAND!
@@ -41,6 +40,8 @@
// Please contact googletestframework@googlegroups.com if you need
// more.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_TYPE_UTIL_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_TYPE_UTIL_H_
@@ -57,6 +58,22 @@
namespace testing {
namespace internal {
+// Canonicalizes a given name with respect to the Standard C++ Library.
+// This handles removing the inline namespace within `std` that is
+// used by various standard libraries (e.g., `std::__1`). Names outside
+// of namespace std are returned unmodified.
+inline std::string CanonicalizeForStdLibVersioning(std::string s) {
+ static const char prefix[] = "std::__";
+ if (s.compare(0, strlen(prefix), prefix) == 0) {
+ std::string::size_type end = s.find("::", strlen(prefix));
+ if (end != s.npos) {
+ // Erase everything between the initial `std` and the second `::`.
+ s.erase(strlen("std"), end - strlen("std"));
+ }
+ }
+ return s;
+}
+
// GetTypeName<T>() returns a human-readable name of type T.
// NB: This function is also used in Google Mock, so don't move it inside of
// the typed-test-only section below.
@@ -75,7 +92,7 @@ std::string GetTypeName() {
char* const readable_name = __cxa_demangle(name, 0, 0, &status);
const std::string name_str(status == 0 ? readable_name : name);
free(readable_name);
- return name_str;
+ return CanonicalizeForStdLibVersioning(name_str);
# else
return name;
# endif // GTEST_HAS_CXXABI_H_ || __HP_aCC
diff --git a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-type-util.h.pump b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-type-util.h.pump
index 251fdf025..0001a5d39 100644
--- a/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-type-util.h.pump
+++ b/security/nss/gtests/google_test/gtest/include/gtest/internal/gtest-type-util.h.pump
@@ -28,8 +28,7 @@ $var n = 50 $$ Maximum length of type lists we want to support.
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
// Type utilities needed for implementing typed and type-parameterized
// tests. This file is generated by a SCRIPT. DO NOT EDIT BY HAND!
@@ -39,6 +38,8 @@ $var n = 50 $$ Maximum length of type lists we want to support.
// Please contact googletestframework@googlegroups.com if you need
// more.
+// GOOGLETEST_CM0001 DO NOT DELETE
+
#ifndef GTEST_INCLUDE_GTEST_INTERNAL_GTEST_TYPE_UTIL_H_
#define GTEST_INCLUDE_GTEST_INTERNAL_GTEST_TYPE_UTIL_H_
@@ -55,6 +56,22 @@ $var n = 50 $$ Maximum length of type lists we want to support.
namespace testing {
namespace internal {
+// Canonicalizes a given name with respect to the Standard C++ Library.
+// This handles removing the inline namespace within `std` that is
+// used by various standard libraries (e.g., `std::__1`). Names outside
+// of namespace std are returned unmodified.
+inline std::string CanonicalizeForStdLibVersioning(std::string s) {
+ static const char prefix[] = "std::__";
+ if (s.compare(0, strlen(prefix), prefix) == 0) {
+ std::string::size_type end = s.find("::", strlen(prefix));
+ if (end != s.npos) {
+ // Erase everything between the initial `std` and the second `::`.
+ s.erase(strlen("std"), end - strlen("std"));
+ }
+ }
+ return s;
+}
+
// GetTypeName<T>() returns a human-readable name of type T.
// NB: This function is also used in Google Mock, so don't move it inside of
// the typed-test-only section below.
@@ -73,7 +90,7 @@ std::string GetTypeName() {
char* const readable_name = __cxa_demangle(name, 0, 0, &status);
const std::string name_str(status == 0 ? readable_name : name);
free(readable_name);
- return name_str;
+ return CanonicalizeForStdLibVersioning(name_str);
# else
return name;
# endif // GTEST_HAS_CXXABI_H_ || __HP_aCC
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest-md.sln b/security/nss/gtests/google_test/gtest/msvc/2010/gtest-md.sln
new file mode 100644
index 000000000..e36b33b62
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest-md.sln
@@ -0,0 +1,55 @@
+Microsoft Visual Studio Solution File, Format Version 11.00
+# Visual C++ Express 2010
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest-md", "gtest-md.vcxproj", "{C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest_main-md", "gtest_main-md.vcxproj", "{3AF54C8A-10BF-4332-9147-F68ED9862033}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest_prod_test-md", "gtest_prod_test-md.vcxproj", "{24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest_unittest-md", "gtest_unittest-md.vcxproj", "{4D9FDFB5-986A-4139-823C-F4EE0ED481A2}"
+EndProject
+Global
+ GlobalSection(SolutionConfigurationPlatforms) = preSolution
+ Debug|Win32 = Debug|Win32
+ Debug|x64 = Debug|x64
+ Release|Win32 = Release|Win32
+ Release|x64 = Release|x64
+ EndGlobalSection
+ GlobalSection(ProjectConfigurationPlatforms) = postSolution
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}.Debug|Win32.ActiveCfg = Debug|Win32
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}.Debug|Win32.Build.0 = Debug|Win32
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}.Debug|x64.ActiveCfg = Debug|x64
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}.Debug|x64.Build.0 = Debug|x64
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}.Release|Win32.ActiveCfg = Release|Win32
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}.Release|Win32.Build.0 = Release|Win32
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}.Release|x64.ActiveCfg = Release|x64
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}.Release|x64.Build.0 = Release|x64
+ {3AF54C8A-10BF-4332-9147-F68ED9862033}.Debug|Win32.ActiveCfg = Debug|Win32
+ {3AF54C8A-10BF-4332-9147-F68ED9862033}.Debug|Win32.Build.0 = Debug|Win32
+ {3AF54C8A-10BF-4332-9147-F68ED9862033}.Debug|x64.ActiveCfg = Debug|x64
+ {3AF54C8A-10BF-4332-9147-F68ED9862033}.Debug|x64.Build.0 = Debug|x64
+ {3AF54C8A-10BF-4332-9147-F68ED9862033}.Release|Win32.ActiveCfg = Release|Win32
+ {3AF54C8A-10BF-4332-9147-F68ED9862033}.Release|Win32.Build.0 = Release|Win32
+ {3AF54C8A-10BF-4332-9147-F68ED9862033}.Release|x64.ActiveCfg = Release|x64
+ {3AF54C8A-10BF-4332-9147-F68ED9862033}.Release|x64.Build.0 = Release|x64
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}.Debug|Win32.ActiveCfg = Debug|Win32
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}.Debug|Win32.Build.0 = Debug|Win32
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}.Debug|x64.ActiveCfg = Debug|x64
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}.Debug|x64.Build.0 = Debug|x64
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}.Release|Win32.ActiveCfg = Release|Win32
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}.Release|Win32.Build.0 = Release|Win32
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}.Release|x64.ActiveCfg = Release|x64
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}.Release|x64.Build.0 = Release|x64
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A2}.Debug|Win32.ActiveCfg = Debug|Win32
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A2}.Debug|Win32.Build.0 = Debug|Win32
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A2}.Debug|x64.ActiveCfg = Debug|x64
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A2}.Debug|x64.Build.0 = Debug|x64
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A2}.Release|Win32.ActiveCfg = Release|Win32
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A2}.Release|Win32.Build.0 = Release|Win32
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A2}.Release|x64.ActiveCfg = Release|x64
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A2}.Release|x64.Build.0 = Release|x64
+ EndGlobalSection
+ GlobalSection(SolutionProperties) = preSolution
+ HideSolutionNode = FALSE
+ EndGlobalSection
+EndGlobal
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest-md.vcxproj b/security/nss/gtests/google_test/gtest/msvc/2010/gtest-md.vcxproj
new file mode 100644
index 000000000..16a6ff12f
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest-md.vcxproj
@@ -0,0 +1,149 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|Win32">
+ <Configuration>Debug</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Debug|x64">
+ <Configuration>Debug</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|Win32">
+ <Configuration>Release</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|x64">
+ <Configuration>Release</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup>
+ <_ProjectFileVersion>10.0.40219.1</_ProjectFileVersion>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(OutDir)$(ProjectName)\</IntDir>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(OutDir)$(ProjectName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)$(ProjectName)\</IntDir>
+ <TargetName>gtestd</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)$(ProjectName)\</IntDir>
+ <TargetName>gtest</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <TargetName>gtestd</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <TargetName>gtest</TargetName>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <MinimalRebuild>true</MinimalRebuild>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>EditAndContinue</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib />
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib />
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib />
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib />
+ </ItemDefinitionGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\src\gtest-all.cc">
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ </ItemGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest-md.vcxproj.filters b/security/nss/gtests/google_test/gtest/msvc/2010/gtest-md.vcxproj.filters
new file mode 100644
index 000000000..69edeff23
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest-md.vcxproj.filters
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup>
+ <Filter Include="Source Files">
+ <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+ <Extensions>cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+ </Filter>
+ <Filter Include="Header Files">
+ <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+ <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+ </Filter>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\src\gtest-all.cc">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest.sln b/security/nss/gtests/google_test/gtest/msvc/2010/gtest.sln
new file mode 100644
index 000000000..cacd5c0ce
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest.sln
@@ -0,0 +1,55 @@
+Microsoft Visual Studio Solution File, Format Version 11.00
+# Visual C++ Express 2010
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest", "gtest.vcxproj", "{C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest_main", "gtest_main.vcxproj", "{3AF54C8A-10BF-4332-9147-F68ED9862032}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest_unittest", "gtest_unittest.vcxproj", "{4D9FDFB5-986A-4139-823C-F4EE0ED481A1}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest_prod_test", "gtest_prod_test.vcxproj", "{24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}"
+EndProject
+Global
+ GlobalSection(SolutionConfigurationPlatforms) = preSolution
+ Debug|Win32 = Debug|Win32
+ Debug|x64 = Debug|x64
+ Release|Win32 = Release|Win32
+ Release|x64 = Release|x64
+ EndGlobalSection
+ GlobalSection(ProjectConfigurationPlatforms) = postSolution
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}.Debug|Win32.ActiveCfg = Debug|Win32
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}.Debug|Win32.Build.0 = Debug|Win32
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}.Debug|x64.ActiveCfg = Debug|x64
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}.Debug|x64.Build.0 = Debug|x64
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}.Release|Win32.ActiveCfg = Release|Win32
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}.Release|Win32.Build.0 = Release|Win32
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}.Release|x64.ActiveCfg = Release|x64
+ {C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}.Release|x64.Build.0 = Release|x64
+ {3AF54C8A-10BF-4332-9147-F68ED9862032}.Debug|Win32.ActiveCfg = Debug|Win32
+ {3AF54C8A-10BF-4332-9147-F68ED9862032}.Debug|Win32.Build.0 = Debug|Win32
+ {3AF54C8A-10BF-4332-9147-F68ED9862032}.Debug|x64.ActiveCfg = Debug|x64
+ {3AF54C8A-10BF-4332-9147-F68ED9862032}.Debug|x64.Build.0 = Debug|x64
+ {3AF54C8A-10BF-4332-9147-F68ED9862032}.Release|Win32.ActiveCfg = Release|Win32
+ {3AF54C8A-10BF-4332-9147-F68ED9862032}.Release|Win32.Build.0 = Release|Win32
+ {3AF54C8A-10BF-4332-9147-F68ED9862032}.Release|x64.ActiveCfg = Release|x64
+ {3AF54C8A-10BF-4332-9147-F68ED9862032}.Release|x64.Build.0 = Release|x64
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A1}.Debug|Win32.ActiveCfg = Debug|Win32
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A1}.Debug|Win32.Build.0 = Debug|Win32
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A1}.Debug|x64.ActiveCfg = Debug|x64
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A1}.Debug|x64.Build.0 = Debug|x64
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A1}.Release|Win32.ActiveCfg = Release|Win32
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A1}.Release|Win32.Build.0 = Release|Win32
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A1}.Release|x64.ActiveCfg = Release|x64
+ {4D9FDFB5-986A-4139-823C-F4EE0ED481A1}.Release|x64.Build.0 = Release|x64
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}.Debug|Win32.ActiveCfg = Debug|Win32
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}.Debug|Win32.Build.0 = Debug|Win32
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}.Debug|x64.ActiveCfg = Debug|x64
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}.Debug|x64.Build.0 = Debug|x64
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}.Release|Win32.ActiveCfg = Release|Win32
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}.Release|Win32.Build.0 = Release|Win32
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}.Release|x64.ActiveCfg = Release|x64
+ {24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}.Release|x64.Build.0 = Release|x64
+ EndGlobalSection
+ GlobalSection(SolutionProperties) = preSolution
+ HideSolutionNode = FALSE
+ EndGlobalSection
+EndGlobal
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest.vcxproj b/security/nss/gtests/google_test/gtest/msvc/2010/gtest.vcxproj
new file mode 100644
index 000000000..a46f5c7af
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest.vcxproj
@@ -0,0 +1,149 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|Win32">
+ <Configuration>Debug</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Debug|x64">
+ <Configuration>Debug</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|Win32">
+ <Configuration>Release</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|x64">
+ <Configuration>Release</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup>
+ <_ProjectFileVersion>10.0.40219.1</_ProjectFileVersion>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(OutDir)temp\$(ProjectName)\</IntDir>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(OutDir)temp\$(ProjectName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)temp\$(ProjectName)\</IntDir>
+ <TargetName>gtestd</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)temp\$(ProjectName)\</IntDir>
+ <TargetName>gtest</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <TargetName>gtestd</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <TargetName>gtest</TargetName>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <MinimalRebuild>true</MinimalRebuild>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>EditAndContinue</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib />
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib />
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib />
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib />
+ </ItemDefinitionGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\src\gtest-all.cc">
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ </ItemGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest.vcxproj.filters b/security/nss/gtests/google_test/gtest/msvc/2010/gtest.vcxproj.filters
new file mode 100644
index 000000000..69edeff23
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest.vcxproj.filters
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup>
+ <Filter Include="Source Files">
+ <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+ <Extensions>cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+ </Filter>
+ <Filter Include="Header Files">
+ <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+ <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+ </Filter>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\src\gtest-all.cc">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest_main-md.vcxproj b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_main-md.vcxproj
new file mode 100644
index 000000000..3d773895b
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_main-md.vcxproj
@@ -0,0 +1,154 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|Win32">
+ <Configuration>Debug</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Debug|x64">
+ <Configuration>Debug</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|Win32">
+ <Configuration>Release</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|x64">
+ <Configuration>Release</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{3AF54C8A-10BF-4332-9147-F68ED9862033}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup>
+ <_ProjectFileVersion>10.0.40219.1</_ProjectFileVersion>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(OutDir)$(ProjectName)\</IntDir>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(OutDir)$(ProjectName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)$(ProjectName)\</IntDir>
+ <TargetName>gtest_maind</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)$(ProjectName)\</IntDir>
+ <TargetName>gtest_main</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <TargetName>gtest_maind</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <TargetName>gtest_main</TargetName>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <MinimalRebuild>true</MinimalRebuild>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>EditAndContinue</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib />
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib />
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib />
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib />
+ </ItemDefinitionGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\src\gtest_main.cc">
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ </ItemGroup>
+ <ItemGroup>
+ <ProjectReference Include="gtest-md.vcxproj">
+ <Project>{c8f6c172-56f2-4e76-b5fa-c3b423b31be8}</Project>
+ </ProjectReference>
+ </ItemGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest_main-md.vcxproj.filters b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_main-md.vcxproj.filters
new file mode 100644
index 000000000..726c773cc
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_main-md.vcxproj.filters
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup>
+ <Filter Include="Source Files">
+ <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+ <Extensions>cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+ </Filter>
+ <Filter Include="Header Files">
+ <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+ <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+ </Filter>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\src\gtest_main.cc">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest_main.vcxproj b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_main.vcxproj
new file mode 100644
index 000000000..8fb25897c
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_main.vcxproj
@@ -0,0 +1,162 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|Win32">
+ <Configuration>Debug</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Debug|x64">
+ <Configuration>Debug</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|Win32">
+ <Configuration>Release</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|x64">
+ <Configuration>Release</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{3AF54C8A-10BF-4332-9147-F68ED9862032}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+ <ConfigurationType>StaticLibrary</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup>
+ <_ProjectFileVersion>10.0.40219.1</_ProjectFileVersion>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(OutDir)temp\$(ProjectName)\</IntDir>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(OutDir)temp\$(ProjectName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)temp\$(ProjectName)\</IntDir>
+ <TargetName>gtest_maind</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)temp\$(ProjectName)\</IntDir>
+ <TargetName>gtest_main</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <TargetName>gtest_maind</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <TargetName>gtest_main</TargetName>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <MinimalRebuild>true</MinimalRebuild>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>EditAndContinue</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib>
+ <OutputFile>$(OutDir)$(ProjectName)d.lib</OutputFile>
+ </Lib>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib>
+ <OutputFile>$(OutDir)$(ProjectName)d.lib</OutputFile>
+ </Lib>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib>
+ <OutputFile>$(OutDir)$(ProjectName).lib</OutputFile>
+ </Lib>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+ <PrecompiledHeader>
+ </PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Lib>
+ <OutputFile>$(OutDir)$(ProjectName).lib</OutputFile>
+ </Lib>
+ </ItemDefinitionGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\src\gtest_main.cc">
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ </ItemGroup>
+ <ItemGroup>
+ <ProjectReference Include="gtest.vcxproj">
+ <Project>{c8f6c172-56f2-4e76-b5fa-c3b423b31be7}</Project>
+ </ProjectReference>
+ </ItemGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest_main.vcxproj.filters b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_main.vcxproj.filters
new file mode 100644
index 000000000..726c773cc
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_main.vcxproj.filters
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup>
+ <Filter Include="Source Files">
+ <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+ <Extensions>cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+ </Filter>
+ <Filter Include="Header Files">
+ <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+ <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+ </Filter>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\src\gtest_main.cc">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test-md.vcxproj b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test-md.vcxproj
new file mode 100644
index 000000000..830e5dce4
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test-md.vcxproj
@@ -0,0 +1,199 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|Win32">
+ <Configuration>Debug</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Debug|x64">
+ <Configuration>Debug</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|Win32">
+ <Configuration>Release</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|x64">
+ <Configuration>Release</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup>
+ <_ProjectFileVersion>10.0.40219.1</_ProjectFileVersion>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(OutDir)$(ProjectName)\</IntDir>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</LinkIncremental>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</LinkIncremental>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(OutDir)$(ProjectName)\</IntDir>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</LinkIncremental>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|x64'">false</LinkIncremental>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)$(ProjectName)\</IntDir>
+ <TargetName>gtest_prod_test</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)$(ProjectName)\</IntDir>
+ <TargetName>gtest_prod_test</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <TargetName>gtest_prod_test</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <TargetName>gtest_prod_test</TargetName>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <MinimalRebuild>true</MinimalRebuild>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>EditAndContinue</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ProgramDatabaseFile>$(OutDir)gtest_prod_test.pdb</ProgramDatabaseFile>
+ <SubSystem>Console</SubSystem>
+ <TargetMachine>MachineX86</TargetMachine>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ProgramDatabaseFile>$(OutDir)gtest_prod_test.pdb</ProgramDatabaseFile>
+ <SubSystem>Console</SubSystem>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <SubSystem>Console</SubSystem>
+ <OptimizeReferences>true</OptimizeReferences>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <TargetMachine>MachineX86</TargetMachine>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <SubSystem>Console</SubSystem>
+ <OptimizeReferences>true</OptimizeReferences>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\test\gtest_prod_test.cc">
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ </PrecompiledHeader>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ </PrecompiledHeader>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ </PrecompiledHeader>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ </PrecompiledHeader>
+ </ClCompile>
+ <ClCompile Include="..\..\test\production.cc">
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ </PrecompiledHeader>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ </PrecompiledHeader>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ </PrecompiledHeader>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ </PrecompiledHeader>
+ </ClCompile>
+ </ItemGroup>
+ <ItemGroup>
+ <ClInclude Include="..\..\test\production.h" />
+ </ItemGroup>
+ <ItemGroup>
+ <ProjectReference Include="gtest_main-md.vcxproj">
+ <Project>{3af54c8a-10bf-4332-9147-f68ed9862033}</Project>
+ </ProjectReference>
+ </ItemGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test-md.vcxproj.filters b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test-md.vcxproj.filters
new file mode 100644
index 000000000..ac367310a
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test-md.vcxproj.filters
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup>
+ <Filter Include="Source Files">
+ <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+ <Extensions>cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+ </Filter>
+ <Filter Include="Header Files">
+ <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+ <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+ </Filter>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\test\gtest_prod_test.cc">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ <ClCompile Include="..\..\test\production.cc">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ </ItemGroup>
+ <ItemGroup>
+ <ClInclude Include="..\..\test\production.h">
+ <Filter>Header Files</Filter>
+ </ClInclude>
+ </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test.vcxproj b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test.vcxproj
new file mode 100644
index 000000000..d42e13511
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test.vcxproj
@@ -0,0 +1,191 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|Win32">
+ <Configuration>Debug</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Debug|x64">
+ <Configuration>Debug</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|Win32">
+ <Configuration>Release</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|x64">
+ <Configuration>Release</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup>
+ <_ProjectFileVersion>10.0.40219.1</_ProjectFileVersion>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(OutDir)temp\$(ProjectName)\</IntDir>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</LinkIncremental>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</LinkIncremental>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(OutDir)temp\$(ProjectName)\</IntDir>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</LinkIncremental>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|x64'">false</LinkIncremental>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)temp\$(ProjectName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)temp\$(ProjectName)\</IntDir>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <MinimalRebuild>true</MinimalRebuild>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>EditAndContinue</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ProgramDatabaseFile>$(OutDir)gtest_prod_test.pdb</ProgramDatabaseFile>
+ <SubSystem>Console</SubSystem>
+ <TargetMachine>MachineX86</TargetMachine>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ProgramDatabaseFile>$(OutDir)gtest_prod_test.pdb</ProgramDatabaseFile>
+ <SubSystem>Console</SubSystem>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <SubSystem>Console</SubSystem>
+ <OptimizeReferences>true</OptimizeReferences>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <TargetMachine>MachineX86</TargetMachine>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <SubSystem>Console</SubSystem>
+ <OptimizeReferences>true</OptimizeReferences>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\test\gtest_prod_test.cc">
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ </PrecompiledHeader>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ </PrecompiledHeader>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ </PrecompiledHeader>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ </PrecompiledHeader>
+ </ClCompile>
+ <ClCompile Include="..\..\test\production.cc">
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ </PrecompiledHeader>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ </PrecompiledHeader>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ </PrecompiledHeader>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ </PrecompiledHeader>
+ </ClCompile>
+ </ItemGroup>
+ <ItemGroup>
+ <ClInclude Include="..\..\test\production.h" />
+ </ItemGroup>
+ <ItemGroup>
+ <ProjectReference Include="gtest_main.vcxproj">
+ <Project>{3af54c8a-10bf-4332-9147-f68ed9862032}</Project>
+ </ProjectReference>
+ </ItemGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test.vcxproj.filters b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test.vcxproj.filters
new file mode 100644
index 000000000..ac367310a
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_prod_test.vcxproj.filters
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup>
+ <Filter Include="Source Files">
+ <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+ <Extensions>cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+ </Filter>
+ <Filter Include="Header Files">
+ <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+ <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+ </Filter>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\test\gtest_prod_test.cc">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ <ClCompile Include="..\..\test\production.cc">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ </ItemGroup>
+ <ItemGroup>
+ <ClInclude Include="..\..\test\production.h">
+ <Filter>Header Files</Filter>
+ </ClInclude>
+ </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest-md.vcxproj b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest-md.vcxproj
new file mode 100644
index 000000000..93b0dc4e1
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest-md.vcxproj
@@ -0,0 +1,188 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|Win32">
+ <Configuration>Debug</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Debug|x64">
+ <Configuration>Debug</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|Win32">
+ <Configuration>Release</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|x64">
+ <Configuration>Release</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{4D9FDFB5-986A-4139-823C-F4EE0ED481A2}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup>
+ <_ProjectFileVersion>10.0.40219.1</_ProjectFileVersion>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(OutDir)$(ProjectName)\</IntDir>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</LinkIncremental>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</LinkIncremental>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(OutDir)$(ProjectName)\</IntDir>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</LinkIncremental>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|x64'">false</LinkIncremental>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)$(ProjectName)\</IntDir>
+ <TargetName>gtest_unittest</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)$(ProjectName)\</IntDir>
+ <TargetName>gtest_unittest</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <TargetName>gtest_unittest</TargetName>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <TargetName>gtest_unittest</TargetName>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <MinimalRebuild>true</MinimalRebuild>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>EditAndContinue</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ProgramDatabaseFile>$(OutDir)gtest_unittest.pdb</ProgramDatabaseFile>
+ <SubSystem>Console</SubSystem>
+ <TargetMachine>MachineX86</TargetMachine>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ProgramDatabaseFile>$(OutDir)gtest_unittest.pdb</ProgramDatabaseFile>
+ <SubSystem>Console</SubSystem>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <SubSystem>Console</SubSystem>
+ <OptimizeReferences>true</OptimizeReferences>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <TargetMachine>MachineX86</TargetMachine>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <SubSystem>Console</SubSystem>
+ <OptimizeReferences>true</OptimizeReferences>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\test\gtest_unittest.cc">
+ <Optimization Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">MinSpace</Optimization>
+ <Optimization Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">MinSpace</Optimization>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <BasicRuntimeChecks Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Default</BasicRuntimeChecks>
+ <BasicRuntimeChecks Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Default</BasicRuntimeChecks>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ </PrecompiledHeader>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ </PrecompiledHeader>
+ <DebugInformationFormat Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">ProgramDatabase</DebugInformationFormat>
+ <DebugInformationFormat Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ </PrecompiledHeader>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ </PrecompiledHeader>
+ </ClCompile>
+ </ItemGroup>
+ <ItemGroup>
+ <ProjectReference Include="gtest_main-md.vcxproj">
+ <Project>{3af54c8a-10bf-4332-9147-f68ed9862033}</Project>
+ </ProjectReference>
+ </ItemGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest-md.vcxproj.filters b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest-md.vcxproj.filters
new file mode 100644
index 000000000..047dae513
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest-md.vcxproj.filters
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup>
+ <Filter Include="Source Files">
+ <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+ <Extensions>cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+ </Filter>
+ <Filter Include="Header Files">
+ <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+ <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+ </Filter>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\test\gtest_unittest.cc">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest.vcxproj b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest.vcxproj
new file mode 100644
index 000000000..ec6abde7d
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest.vcxproj
@@ -0,0 +1,180 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup Label="ProjectConfigurations">
+ <ProjectConfiguration Include="Debug|Win32">
+ <Configuration>Debug</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Debug|x64">
+ <Configuration>Debug</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|Win32">
+ <Configuration>Release</Configuration>
+ <Platform>Win32</Platform>
+ </ProjectConfiguration>
+ <ProjectConfiguration Include="Release|x64">
+ <Configuration>Release</Configuration>
+ <Platform>x64</Platform>
+ </ProjectConfiguration>
+ </ItemGroup>
+ <PropertyGroup Label="Globals">
+ <ProjectGuid>{4D9FDFB5-986A-4139-823C-F4EE0ED481A1}</ProjectGuid>
+ <Keyword>Win32Proj</Keyword>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+ <ConfigurationType>Application</ConfigurationType>
+ <CharacterSet>MultiByte</CharacterSet>
+ <PlatformToolset>v100</PlatformToolset>
+ </PropertyGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+ <ImportGroup Label="ExtensionSettings">
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+ <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+ </ImportGroup>
+ <PropertyGroup Label="UserMacros" />
+ <PropertyGroup>
+ <_ProjectFileVersion>10.0.40219.1</_ProjectFileVersion>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(OutDir)temp\$(ProjectName)\</IntDir>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</LinkIncremental>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</LinkIncremental>
+ <OutDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(OutDir)temp\$(ProjectName)\</IntDir>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</LinkIncremental>
+ <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|x64'">false</LinkIncremental>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)temp\$(ProjectName)\</IntDir>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <OutDir>$(SolutionDir)$(SolutionName)\$(Platform)-$(Configuration)\</OutDir>
+ <IntDir>$(OutDir)temp\$(ProjectName)\</IntDir>
+ </PropertyGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <MinimalRebuild>true</MinimalRebuild>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>EditAndContinue</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ProgramDatabaseFile>$(OutDir)gtest_unittest.pdb</ProgramDatabaseFile>
+ <SubSystem>Console</SubSystem>
+ <TargetMachine>MachineX86</TargetMachine>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <ClCompile>
+ <Optimization>Disabled</Optimization>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+ <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <ProgramDatabaseFile>$(OutDir)gtest_unittest.pdb</ProgramDatabaseFile>
+ <SubSystem>Console</SubSystem>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <SubSystem>Console</SubSystem>
+ <OptimizeReferences>true</OptimizeReferences>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ <TargetMachine>MachineX86</TargetMachine>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ <ClCompile>
+ <PreprocessorDefinitions>WIN32;_VARIADIC_MAX=10;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+ <PrecompiledHeader>Use</PrecompiledHeader>
+ <WarningLevel>Level3</WarningLevel>
+ <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories>..\..\include;..\..;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ </ClCompile>
+ <Link>
+ <GenerateDebugInformation>true</GenerateDebugInformation>
+ <SubSystem>Console</SubSystem>
+ <OptimizeReferences>true</OptimizeReferences>
+ <EnableCOMDATFolding>true</EnableCOMDATFolding>
+ </Link>
+ </ItemDefinitionGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\test\gtest_unittest.cc">
+ <Optimization Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">MinSpace</Optimization>
+ <Optimization Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">MinSpace</Optimization>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <BasicRuntimeChecks Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Default</BasicRuntimeChecks>
+ <BasicRuntimeChecks Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Default</BasicRuntimeChecks>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+ </PrecompiledHeader>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ </PrecompiledHeader>
+ <DebugInformationFormat Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">ProgramDatabase</DebugInformationFormat>
+ <DebugInformationFormat Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">ProgramDatabase</DebugInformationFormat>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Release|x64'">..;..\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+ </PrecompiledHeader>
+ <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+ </PrecompiledHeader>
+ </ClCompile>
+ </ItemGroup>
+ <ItemGroup>
+ <ProjectReference Include="gtest_main.vcxproj">
+ <Project>{3af54c8a-10bf-4332-9147-f68ed9862032}</Project>
+ </ProjectReference>
+ </ItemGroup>
+ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+ <ImportGroup Label="ExtensionTargets">
+ </ImportGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest.vcxproj.filters b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest.vcxproj.filters
new file mode 100644
index 000000000..047dae513
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/msvc/2010/gtest_unittest.vcxproj.filters
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <ItemGroup>
+ <Filter Include="Source Files">
+ <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+ <Extensions>cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+ </Filter>
+ <Filter Include="Header Files">
+ <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+ <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+ </Filter>
+ </ItemGroup>
+ <ItemGroup>
+ <ClCompile Include="..\..\test\gtest_unittest.cc">
+ <Filter>Source Files</Filter>
+ </ClCompile>
+ </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/security/nss/gtests/google_test/gtest/msvc/gtest-md.sln b/security/nss/gtests/google_test/gtest/msvc/gtest-md.sln
deleted file mode 100644
index f7908da11..000000000
--- a/security/nss/gtests/google_test/gtest/msvc/gtest-md.sln
+++ /dev/null
@@ -1,45 +0,0 @@
-Microsoft Visual Studio Solution File, Format Version 8.00
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest-md", "gtest-md.vcproj", "{C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}"
- ProjectSection(ProjectDependencies) = postProject
- EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest_main-md", "gtest_main-md.vcproj", "{3AF54C8A-10BF-4332-9147-F68ED9862033}"
- ProjectSection(ProjectDependencies) = postProject
- EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest_prod_test-md", "gtest_prod_test-md.vcproj", "{24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}"
- ProjectSection(ProjectDependencies) = postProject
- EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest_unittest-md", "gtest_unittest-md.vcproj", "{4D9FDFB5-986A-4139-823C-F4EE0ED481A2}"
- ProjectSection(ProjectDependencies) = postProject
- EndProjectSection
-EndProject
-Global
- GlobalSection(SolutionConfiguration) = preSolution
- Debug = Debug
- Release = Release
- EndGlobalSection
- GlobalSection(ProjectConfiguration) = postSolution
- {C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}.Debug.ActiveCfg = Debug|Win32
- {C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}.Debug.Build.0 = Debug|Win32
- {C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}.Release.ActiveCfg = Release|Win32
- {C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}.Release.Build.0 = Release|Win32
- {3AF54C8A-10BF-4332-9147-F68ED9862033}.Debug.ActiveCfg = Debug|Win32
- {3AF54C8A-10BF-4332-9147-F68ED9862033}.Debug.Build.0 = Debug|Win32
- {3AF54C8A-10BF-4332-9147-F68ED9862033}.Release.ActiveCfg = Release|Win32
- {3AF54C8A-10BF-4332-9147-F68ED9862033}.Release.Build.0 = Release|Win32
- {24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}.Debug.ActiveCfg = Debug|Win32
- {24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}.Debug.Build.0 = Debug|Win32
- {24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}.Release.ActiveCfg = Release|Win32
- {24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}.Release.Build.0 = Release|Win32
- {4D9FDFB5-986A-4139-823C-F4EE0ED481A2}.Debug.ActiveCfg = Debug|Win32
- {4D9FDFB5-986A-4139-823C-F4EE0ED481A2}.Debug.Build.0 = Debug|Win32
- {4D9FDFB5-986A-4139-823C-F4EE0ED481A2}.Release.ActiveCfg = Release|Win32
- {4D9FDFB5-986A-4139-823C-F4EE0ED481A2}.Release.Build.0 = Release|Win32
- EndGlobalSection
- GlobalSection(ExtensibilityGlobals) = postSolution
- EndGlobalSection
- GlobalSection(ExtensibilityAddIns) = postSolution
- EndGlobalSection
-EndGlobal
diff --git a/security/nss/gtests/google_test/gtest/msvc/gtest-md.vcproj b/security/nss/gtests/google_test/gtest/msvc/gtest-md.vcproj
deleted file mode 100644
index 1c35c3a5e..000000000
--- a/security/nss/gtests/google_test/gtest/msvc/gtest-md.vcproj
+++ /dev/null
@@ -1,126 +0,0 @@
-<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="7.10"
- Name="gtest-md"
- ProjectGUID="{C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}"
- Keyword="Win32Proj">
- <Platforms>
- <Platform
- Name="Win32"/>
- </Platforms>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="4"
- CharacterSet="2"
- ReferencesPath="">
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- PreprocessorDefinitions="WIN32;_DEBUG;_LIB"
- MinimalRebuild="TRUE"
- BasicRuntimeChecks="3"
- RuntimeLibrary="3"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="4"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLibrarianTool"
- OutputFile="$(OutDir)/gtestd.lib"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="4"
- CharacterSet="2"
- ReferencesPath=""..\include";".."">
- <Tool
- Name="VCCLCompilerTool"
- PreprocessorDefinitions="WIN32;NDEBUG;_LIB"
- RuntimeLibrary="2"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="3"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLibrarianTool"
- OutputFile="$(OutDir)/gtest.lib"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- </Configurations>
- <References>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
- <File
- RelativePath="..\src\gtest-all.cc">
- <FileConfiguration
- Name="Debug|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""/>
- </FileConfiguration>
- <FileConfiguration
- Name="Release|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""/>
- </FileConfiguration>
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/security/nss/gtests/google_test/gtest/msvc/gtest.sln b/security/nss/gtests/google_test/gtest/msvc/gtest.sln
deleted file mode 100644
index ef4b057ff..000000000
--- a/security/nss/gtests/google_test/gtest/msvc/gtest.sln
+++ /dev/null
@@ -1,45 +0,0 @@
-Microsoft Visual Studio Solution File, Format Version 8.00
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest", "gtest.vcproj", "{C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}"
- ProjectSection(ProjectDependencies) = postProject
- EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest_main", "gtest_main.vcproj", "{3AF54C8A-10BF-4332-9147-F68ED9862032}"
- ProjectSection(ProjectDependencies) = postProject
- EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest_unittest", "gtest_unittest.vcproj", "{4D9FDFB5-986A-4139-823C-F4EE0ED481A1}"
- ProjectSection(ProjectDependencies) = postProject
- EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gtest_prod_test", "gtest_prod_test.vcproj", "{24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}"
- ProjectSection(ProjectDependencies) = postProject
- EndProjectSection
-EndProject
-Global
- GlobalSection(SolutionConfiguration) = preSolution
- Debug = Debug
- Release = Release
- EndGlobalSection
- GlobalSection(ProjectConfiguration) = postSolution
- {C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}.Debug.ActiveCfg = Debug|Win32
- {C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}.Debug.Build.0 = Debug|Win32
- {C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}.Release.ActiveCfg = Release|Win32
- {C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}.Release.Build.0 = Release|Win32
- {3AF54C8A-10BF-4332-9147-F68ED9862032}.Debug.ActiveCfg = Debug|Win32
- {3AF54C8A-10BF-4332-9147-F68ED9862032}.Debug.Build.0 = Debug|Win32
- {3AF54C8A-10BF-4332-9147-F68ED9862032}.Release.ActiveCfg = Release|Win32
- {3AF54C8A-10BF-4332-9147-F68ED9862032}.Release.Build.0 = Release|Win32
- {4D9FDFB5-986A-4139-823C-F4EE0ED481A1}.Debug.ActiveCfg = Debug|Win32
- {4D9FDFB5-986A-4139-823C-F4EE0ED481A1}.Debug.Build.0 = Debug|Win32
- {4D9FDFB5-986A-4139-823C-F4EE0ED481A1}.Release.ActiveCfg = Release|Win32
- {4D9FDFB5-986A-4139-823C-F4EE0ED481A1}.Release.Build.0 = Release|Win32
- {24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}.Debug.ActiveCfg = Debug|Win32
- {24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}.Debug.Build.0 = Debug|Win32
- {24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}.Release.ActiveCfg = Release|Win32
- {24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}.Release.Build.0 = Release|Win32
- EndGlobalSection
- GlobalSection(ExtensibilityGlobals) = postSolution
- EndGlobalSection
- GlobalSection(ExtensibilityAddIns) = postSolution
- EndGlobalSection
-EndGlobal
diff --git a/security/nss/gtests/google_test/gtest/msvc/gtest.vcproj b/security/nss/gtests/google_test/gtest/msvc/gtest.vcproj
deleted file mode 100644
index a8373ce9a..000000000
--- a/security/nss/gtests/google_test/gtest/msvc/gtest.vcproj
+++ /dev/null
@@ -1,126 +0,0 @@
-<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="7.10"
- Name="gtest"
- ProjectGUID="{C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}"
- Keyword="Win32Proj">
- <Platforms>
- <Platform
- Name="Win32"/>
- </Platforms>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="4"
- CharacterSet="2"
- ReferencesPath="">
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- PreprocessorDefinitions="WIN32;_DEBUG;_LIB"
- MinimalRebuild="TRUE"
- BasicRuntimeChecks="3"
- RuntimeLibrary="5"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="4"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLibrarianTool"
- OutputFile="$(OutDir)/gtestd.lib"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="4"
- CharacterSet="2"
- ReferencesPath=""..\include";".."">
- <Tool
- Name="VCCLCompilerTool"
- PreprocessorDefinitions="WIN32;NDEBUG;_LIB"
- RuntimeLibrary="4"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="3"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLibrarianTool"
- OutputFile="$(OutDir)/gtest.lib"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- </Configurations>
- <References>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
- <File
- RelativePath="..\src\gtest-all.cc">
- <FileConfiguration
- Name="Debug|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""/>
- </FileConfiguration>
- <FileConfiguration
- Name="Release|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""/>
- </FileConfiguration>
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/security/nss/gtests/google_test/gtest/msvc/gtest_main-md.vcproj b/security/nss/gtests/google_test/gtest/msvc/gtest_main-md.vcproj
deleted file mode 100644
index b5379fe61..000000000
--- a/security/nss/gtests/google_test/gtest/msvc/gtest_main-md.vcproj
+++ /dev/null
@@ -1,129 +0,0 @@
-<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="7.10"
- Name="gtest_main-md"
- ProjectGUID="{3AF54C8A-10BF-4332-9147-F68ED9862033}"
- Keyword="Win32Proj">
- <Platforms>
- <Platform
- Name="Win32"/>
- </Platforms>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="4"
- CharacterSet="2"
- ReferencesPath="">
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- PreprocessorDefinitions="WIN32;_DEBUG;_LIB"
- MinimalRebuild="TRUE"
- BasicRuntimeChecks="3"
- RuntimeLibrary="3"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="4"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLibrarianTool"
- OutputFile="$(OutDir)/$(ProjectName)d.lib"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="4"
- CharacterSet="2"
- ReferencesPath=""..\include";".."">
- <Tool
- Name="VCCLCompilerTool"
- PreprocessorDefinitions="WIN32;NDEBUG;_LIB"
- RuntimeLibrary="2"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="3"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLibrarianTool"
- OutputFile="$(OutDir)/$(ProjectName).lib"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- </Configurations>
- <References>
- <ProjectReference
- ReferencedProjectIdentifier="{C8F6C172-56F2-4E76-B5FA-C3B423B31BE8}"
- Name="gtest-md"/>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
- <File
- RelativePath="..\src\gtest_main.cc">
- <FileConfiguration
- Name="Debug|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""/>
- </FileConfiguration>
- <FileConfiguration
- Name="Release|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""/>
- </FileConfiguration>
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/security/nss/gtests/google_test/gtest/msvc/gtest_main.vcproj b/security/nss/gtests/google_test/gtest/msvc/gtest_main.vcproj
deleted file mode 100644
index e8b763c56..000000000
--- a/security/nss/gtests/google_test/gtest/msvc/gtest_main.vcproj
+++ /dev/null
@@ -1,129 +0,0 @@
-<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="7.10"
- Name="gtest_main"
- ProjectGUID="{3AF54C8A-10BF-4332-9147-F68ED9862032}"
- Keyword="Win32Proj">
- <Platforms>
- <Platform
- Name="Win32"/>
- </Platforms>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="4"
- CharacterSet="2"
- ReferencesPath="">
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- PreprocessorDefinitions="WIN32;_DEBUG;_LIB"
- MinimalRebuild="TRUE"
- BasicRuntimeChecks="3"
- RuntimeLibrary="5"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="4"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLibrarianTool"
- OutputFile="$(OutDir)/$(ProjectName)d.lib"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="4"
- CharacterSet="2"
- ReferencesPath=""..\include";".."">
- <Tool
- Name="VCCLCompilerTool"
- PreprocessorDefinitions="WIN32;NDEBUG;_LIB"
- RuntimeLibrary="4"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="3"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLibrarianTool"
- OutputFile="$(OutDir)/$(ProjectName).lib"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- </Configurations>
- <References>
- <ProjectReference
- ReferencedProjectIdentifier="{C8F6C172-56F2-4E76-B5FA-C3B423B31BE7}"
- Name="gtest"/>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
- <File
- RelativePath="..\src\gtest_main.cc">
- <FileConfiguration
- Name="Debug|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""/>
- </FileConfiguration>
- <FileConfiguration
- Name="Release|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""/>
- </FileConfiguration>
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/security/nss/gtests/google_test/gtest/msvc/gtest_prod_test-md.vcproj b/security/nss/gtests/google_test/gtest/msvc/gtest_prod_test-md.vcproj
deleted file mode 100644
index 05b05d9ed..000000000
--- a/security/nss/gtests/google_test/gtest/msvc/gtest_prod_test-md.vcproj
+++ /dev/null
@@ -1,164 +0,0 @@
-<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="7.10"
- Name="gtest_prod_test-md"
- ProjectGUID="{24848551-EF4F-47E8-9A9D-EA4D49BC3ECB}"
- Keyword="Win32Proj">
- <Platforms>
- <Platform
- Name="Win32"/>
- </Platforms>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="1"
- CharacterSet="2">
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE"
- MinimalRebuild="TRUE"
- BasicRuntimeChecks="3"
- RuntimeLibrary="3"
- UsePrecompiledHeader="3"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="4"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLinkerTool"
- OutputFile="$(OutDir)/gtest_prod_test.exe"
- LinkIncremental="2"
- GenerateDebugInformation="TRUE"
- ProgramDatabaseFile="$(OutDir)/gtest_prod_test.pdb"
- SubSystem="1"
- TargetMachine="1"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCWebDeploymentTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="1"
- CharacterSet="2">
- <Tool
- Name="VCCLCompilerTool"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
- RuntimeLibrary="2"
- UsePrecompiledHeader="3"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="3"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLinkerTool"
- OutputFile="$(OutDir)/gtest_prod_test.exe"
- LinkIncremental="1"
- GenerateDebugInformation="TRUE"
- SubSystem="1"
- OptimizeReferences="2"
- EnableCOMDATFolding="2"
- TargetMachine="1"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCWebDeploymentTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- </Configurations>
- <References>
- <ProjectReference
- ReferencedProjectIdentifier="{3AF54C8A-10BF-4332-9147-F68ED9862033}"
- Name="gtest_main-md"/>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
- <File
- RelativePath="..\test\gtest_prod_test.cc">
- <FileConfiguration
- Name="Debug|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""
- UsePrecompiledHeader="0"/>
- </FileConfiguration>
- <FileConfiguration
- Name="Release|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""
- UsePrecompiledHeader="0"/>
- </FileConfiguration>
- </File>
- <File
- RelativePath="..\test\production.cc">
- <FileConfiguration
- Name="Debug|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""
- UsePrecompiledHeader="0"/>
- </FileConfiguration>
- <FileConfiguration
- Name="Release|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""
- UsePrecompiledHeader="0"/>
- </FileConfiguration>
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
- <File
- RelativePath="..\test\production.h">
- </File>
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/security/nss/gtests/google_test/gtest/msvc/gtest_prod_test.vcproj b/security/nss/gtests/google_test/gtest/msvc/gtest_prod_test.vcproj
deleted file mode 100644
index 6d7a2f021..000000000
--- a/security/nss/gtests/google_test/gtest/msvc/gtest_prod_test.vcproj
+++ /dev/null
@@ -1,164 +0,0 @@
-<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="7.10"
- Name="gtest_prod_test"
- ProjectGUID="{24848551-EF4F-47E8-9A9D-EA4D49BC3ECA}"
- Keyword="Win32Proj">
- <Platforms>
- <Platform
- Name="Win32"/>
- </Platforms>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="1"
- CharacterSet="2">
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE"
- MinimalRebuild="TRUE"
- BasicRuntimeChecks="3"
- RuntimeLibrary="5"
- UsePrecompiledHeader="3"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="4"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLinkerTool"
- OutputFile="$(OutDir)/gtest_prod_test.exe"
- LinkIncremental="2"
- GenerateDebugInformation="TRUE"
- ProgramDatabaseFile="$(OutDir)/gtest_prod_test.pdb"
- SubSystem="1"
- TargetMachine="1"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCWebDeploymentTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="1"
- CharacterSet="2">
- <Tool
- Name="VCCLCompilerTool"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
- RuntimeLibrary="4"
- UsePrecompiledHeader="3"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="3"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLinkerTool"
- OutputFile="$(OutDir)/gtest_prod_test.exe"
- LinkIncremental="1"
- GenerateDebugInformation="TRUE"
- SubSystem="1"
- OptimizeReferences="2"
- EnableCOMDATFolding="2"
- TargetMachine="1"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCWebDeploymentTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- </Configurations>
- <References>
- <ProjectReference
- ReferencedProjectIdentifier="{3AF54C8A-10BF-4332-9147-F68ED9862032}"
- Name="gtest_main"/>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
- <File
- RelativePath="..\test\gtest_prod_test.cc">
- <FileConfiguration
- Name="Debug|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""
- UsePrecompiledHeader="0"/>
- </FileConfiguration>
- <FileConfiguration
- Name="Release|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""
- UsePrecompiledHeader="0"/>
- </FileConfiguration>
- </File>
- <File
- RelativePath="..\test\production.cc">
- <FileConfiguration
- Name="Debug|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""
- UsePrecompiledHeader="0"/>
- </FileConfiguration>
- <FileConfiguration
- Name="Release|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""
- UsePrecompiledHeader="0"/>
- </FileConfiguration>
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
- <File
- RelativePath="..\test\production.h">
- </File>
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/security/nss/gtests/google_test/gtest/msvc/gtest_unittest-md.vcproj b/security/nss/gtests/google_test/gtest/msvc/gtest_unittest-md.vcproj
deleted file mode 100644
index 38a5e5663..000000000
--- a/security/nss/gtests/google_test/gtest/msvc/gtest_unittest-md.vcproj
+++ /dev/null
@@ -1,147 +0,0 @@
-<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="7.10"
- Name="gtest_unittest-md"
- ProjectGUID="{4D9FDFB5-986A-4139-823C-F4EE0ED481A2}"
- Keyword="Win32Proj">
- <Platforms>
- <Platform
- Name="Win32"/>
- </Platforms>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="1"
- CharacterSet="2">
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE"
- MinimalRebuild="TRUE"
- BasicRuntimeChecks="3"
- RuntimeLibrary="3"
- UsePrecompiledHeader="3"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="4"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLinkerTool"
- OutputFile="$(OutDir)/gtest_unittest.exe"
- LinkIncremental="2"
- GenerateDebugInformation="TRUE"
- ProgramDatabaseFile="$(OutDir)/gtest_unittest.pdb"
- SubSystem="1"
- TargetMachine="1"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCWebDeploymentTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="1"
- CharacterSet="2">
- <Tool
- Name="VCCLCompilerTool"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
- RuntimeLibrary="2"
- UsePrecompiledHeader="3"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="3"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLinkerTool"
- OutputFile="$(OutDir)/gtest_unittest.exe"
- LinkIncremental="1"
- GenerateDebugInformation="TRUE"
- SubSystem="1"
- OptimizeReferences="2"
- EnableCOMDATFolding="2"
- TargetMachine="1"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCWebDeploymentTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- </Configurations>
- <References>
- <ProjectReference
- ReferencedProjectIdentifier="{3AF54C8A-10BF-4332-9147-F68ED9862033}"
- Name="gtest_main-md"/>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
- <File
- RelativePath="..\test\gtest_unittest.cc">
- <FileConfiguration
- Name="Debug|Win32">
- <Tool
- Name="VCCLCompilerTool"
- Optimization="1"
- AdditionalIncludeDirectories=""..";"..\include""
- BasicRuntimeChecks="0"
- UsePrecompiledHeader="0"
- DebugInformationFormat="3"/>
- </FileConfiguration>
- <FileConfiguration
- Name="Release|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""
- UsePrecompiledHeader="0"/>
- </FileConfiguration>
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/security/nss/gtests/google_test/gtest/msvc/gtest_unittest.vcproj b/security/nss/gtests/google_test/gtest/msvc/gtest_unittest.vcproj
deleted file mode 100644
index cb1f52b1f..000000000
--- a/security/nss/gtests/google_test/gtest/msvc/gtest_unittest.vcproj
+++ /dev/null
@@ -1,147 +0,0 @@
-<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="7.10"
- Name="gtest_unittest"
- ProjectGUID="{4D9FDFB5-986A-4139-823C-F4EE0ED481A1}"
- Keyword="Win32Proj">
- <Platforms>
- <Platform
- Name="Win32"/>
- </Platforms>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="1"
- CharacterSet="2">
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE"
- MinimalRebuild="TRUE"
- BasicRuntimeChecks="3"
- RuntimeLibrary="5"
- UsePrecompiledHeader="3"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="4"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLinkerTool"
- OutputFile="$(OutDir)/gtest_unittest.exe"
- LinkIncremental="2"
- GenerateDebugInformation="TRUE"
- ProgramDatabaseFile="$(OutDir)/gtest_unittest.pdb"
- SubSystem="1"
- TargetMachine="1"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCWebDeploymentTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="$(SolutionName)/$(ConfigurationName)"
- IntermediateDirectory="$(OutDir)/$(ProjectName)"
- ConfigurationType="1"
- CharacterSet="2">
- <Tool
- Name="VCCLCompilerTool"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
- RuntimeLibrary="4"
- UsePrecompiledHeader="3"
- WarningLevel="3"
- Detect64BitPortabilityProblems="FALSE"
- DebugInformationFormat="3"/>
- <Tool
- Name="VCCustomBuildTool"/>
- <Tool
- Name="VCLinkerTool"
- OutputFile="$(OutDir)/gtest_unittest.exe"
- LinkIncremental="1"
- GenerateDebugInformation="TRUE"
- SubSystem="1"
- OptimizeReferences="2"
- EnableCOMDATFolding="2"
- TargetMachine="1"/>
- <Tool
- Name="VCMIDLTool"/>
- <Tool
- Name="VCPostBuildEventTool"/>
- <Tool
- Name="VCPreBuildEventTool"/>
- <Tool
- Name="VCPreLinkEventTool"/>
- <Tool
- Name="VCResourceCompilerTool"/>
- <Tool
- Name="VCWebServiceProxyGeneratorTool"/>
- <Tool
- Name="VCXMLDataGeneratorTool"/>
- <Tool
- Name="VCWebDeploymentTool"/>
- <Tool
- Name="VCManagedWrapperGeneratorTool"/>
- <Tool
- Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
- </Configuration>
- </Configurations>
- <References>
- <ProjectReference
- ReferencedProjectIdentifier="{3AF54C8A-10BF-4332-9147-F68ED9862032}"
- Name="gtest_main"/>
- </References>
- <Files>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
- <File
- RelativePath="..\test\gtest_unittest.cc">
- <FileConfiguration
- Name="Debug|Win32">
- <Tool
- Name="VCCLCompilerTool"
- Optimization="1"
- AdditionalIncludeDirectories=""..";"..\include""
- BasicRuntimeChecks="0"
- UsePrecompiledHeader="0"
- DebugInformationFormat="3"/>
- </FileConfiguration>
- <FileConfiguration
- Name="Release|Win32">
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories=""..";"..\include""
- UsePrecompiledHeader="0"/>
- </FileConfiguration>
- </File>
- </Filter>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/security/nss/gtests/google_test/gtest/samples/prime_tables.h b/security/nss/gtests/google_test/gtest/samples/prime_tables.h
index 92ce16a01..523c50b9a 100644
--- a/security/nss/gtests/google_test/gtest/samples/prime_tables.h
+++ b/security/nss/gtests/google_test/gtest/samples/prime_tables.h
@@ -26,9 +26,8 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-// Author: vladl@google.com (Vlad Losev)
+
+
// This provides interface PrimeTable that determines whether a number is a
// prime and determines a next prime number. This interface is used
@@ -103,11 +102,15 @@ class PreCalculatedPrimeTable : public PrimeTable {
::std::fill(is_prime_, is_prime_ + is_prime_size_, true);
is_prime_[0] = is_prime_[1] = false;
- for (int i = 2; i <= max; i++) {
+ // Checks every candidate for prime number (we know that 2 is the only even
+ // prime).
+ for (int i = 2; i*i <= max; i += i%2+1) {
if (!is_prime_[i]) continue;
// Marks all multiples of i (except i itself) as non-prime.
- for (int j = 2*i; j <= max; j += i) {
+ // We are starting here from i-th multiplier, because all smaller
+ // complex numbers were already marked.
+ for (int j = i*i; j <= max; j += i) {
is_prime_[j] = false;
}
}
diff --git a/security/nss/gtests/google_test/gtest/samples/sample1.cc b/security/nss/gtests/google_test/gtest/samples/sample1.cc
index f171e2609..13cec1d0f 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample1.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample1.cc
@@ -28,8 +28,6 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// A sample program demonstrating using Google C++ testing framework.
-//
-// Author: wan@google.com (Zhanyong Wan)
#include "sample1.h"
@@ -55,7 +53,7 @@ bool IsPrime(int n) {
// Try to divide n by every odd number i, starting from 3
for (int i = 3; ; i += 2) {
- // We only have to try i up to the squre root of n
+ // We only have to try i up to the square root of n
if (i > n/i) break;
// Now, we have i <= n/i < n.
diff --git a/security/nss/gtests/google_test/gtest/samples/sample1.h b/security/nss/gtests/google_test/gtest/samples/sample1.h
index 3dfeb98c4..2c3e9f05f 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample1.h
+++ b/security/nss/gtests/google_test/gtest/samples/sample1.h
@@ -28,8 +28,6 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// A sample program demonstrating using Google C++ testing framework.
-//
-// Author: wan@google.com (Zhanyong Wan)
#ifndef GTEST_SAMPLES_SAMPLE1_H_
#define GTEST_SAMPLES_SAMPLE1_H_
diff --git a/security/nss/gtests/google_test/gtest/samples/sample10_unittest.cc b/security/nss/gtests/google_test/gtest/samples/sample10_unittest.cc
index 0051cd5dc..7ce9550f8 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample10_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample10_unittest.cc
@@ -25,8 +25,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: vladl@google.com (Vlad Losev)
+
// This sample shows how to use Google Test listener API to implement
// a primitive leak checker.
@@ -35,18 +34,15 @@
#include <stdlib.h>
#include "gtest/gtest.h"
-
using ::testing::EmptyTestEventListener;
using ::testing::InitGoogleTest;
using ::testing::Test;
-using ::testing::TestCase;
using ::testing::TestEventListeners;
using ::testing::TestInfo;
using ::testing::TestPartResult;
using ::testing::UnitTest;
namespace {
-
// We will track memory used by this class.
class Water {
public:
@@ -106,7 +102,6 @@ TEST(ListenersTest, LeaksWater) {
Water* water = new Water;
EXPECT_TRUE(water != NULL);
}
-
} // namespace
int main(int argc, char **argv) {
diff --git a/security/nss/gtests/google_test/gtest/samples/sample1_unittest.cc b/security/nss/gtests/google_test/gtest/samples/sample1_unittest.cc
index aefc4f1d8..cb08b61a5 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample1_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample1_unittest.cc
@@ -28,9 +28,6 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// A sample program demonstrating using Google C++ testing framework.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
// This sample shows how to write a simple unit test for a function,
// using Google C++ testing framework.
@@ -46,7 +43,7 @@
#include <limits.h>
#include "sample1.h"
#include "gtest/gtest.h"
-
+namespace {
// Step 2. Use the TEST macro to define your tests.
//
@@ -139,6 +136,7 @@ TEST(IsPrimeTest, Positive) {
EXPECT_FALSE(IsPrime(6));
EXPECT_TRUE(IsPrime(23));
}
+} // namespace
// Step 3. Call RUN_ALL_TESTS() in main().
//
diff --git a/security/nss/gtests/google_test/gtest/samples/sample2.cc b/security/nss/gtests/google_test/gtest/samples/sample2.cc
index 5f763b9bd..f3b722fca 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample2.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample2.cc
@@ -28,8 +28,6 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// A sample program demonstrating using Google C++ testing framework.
-//
-// Author: wan@google.com (Zhanyong Wan)
#include "sample2.h"
diff --git a/security/nss/gtests/google_test/gtest/samples/sample2.h b/security/nss/gtests/google_test/gtest/samples/sample2.h
index cb485c70f..58f360f45 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample2.h
+++ b/security/nss/gtests/google_test/gtest/samples/sample2.h
@@ -28,8 +28,6 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// A sample program demonstrating using Google C++ testing framework.
-//
-// Author: wan@google.com (Zhanyong Wan)
#ifndef GTEST_SAMPLES_SAMPLE2_H_
#define GTEST_SAMPLES_SAMPLE2_H_
diff --git a/security/nss/gtests/google_test/gtest/samples/sample2_unittest.cc b/security/nss/gtests/google_test/gtest/samples/sample2_unittest.cc
index 4fa19b71c..084882619 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample2_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample2_unittest.cc
@@ -28,9 +28,6 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// A sample program demonstrating using Google C++ testing framework.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
// This sample shows how to write a more complex unit test for a class
// that has multiple member functions.
@@ -42,7 +39,7 @@
#include "sample2.h"
#include "gtest/gtest.h"
-
+namespace {
// In this example, we test the MyString class (a simple string).
// Tests the default c'tor.
@@ -107,3 +104,4 @@ TEST(MyString, Set) {
s.Set(NULL);
EXPECT_STREQ(NULL, s.c_string());
}
+} // namespace
diff --git a/security/nss/gtests/google_test/gtest/samples/sample3-inl.h b/security/nss/gtests/google_test/gtest/samples/sample3-inl.h
index 7e3084d63..1a29ce929 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample3-inl.h
+++ b/security/nss/gtests/google_test/gtest/samples/sample3-inl.h
@@ -28,8 +28,6 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// A sample program demonstrating using Google C++ testing framework.
-//
-// Author: wan@google.com (Zhanyong Wan)
#ifndef GTEST_SAMPLES_SAMPLE3_INL_H_
#define GTEST_SAMPLES_SAMPLE3_INL_H_
diff --git a/security/nss/gtests/google_test/gtest/samples/sample3_unittest.cc b/security/nss/gtests/google_test/gtest/samples/sample3_unittest.cc
index bf3877d01..e093c2588 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample3_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample3_unittest.cc
@@ -28,9 +28,6 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// A sample program demonstrating using Google C++ testing framework.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
// In this example, we use a more advanced feature of Google Test called
// test fixture.
@@ -65,14 +62,14 @@
#include "sample3-inl.h"
#include "gtest/gtest.h"
-
+namespace {
// To use a test fixture, derive a class from testing::Test.
-class QueueTest : public testing::Test {
+class QueueTestSmpl3 : public testing::Test {
protected: // You should make the members protected s.t. they can be
// accessed from sub-classes.
// virtual void SetUp() will be called before each test is run. You
- // should define it if you need to initialize the varaibles.
+ // should define it if you need to initialize the variables.
// Otherwise, this can be skipped.
virtual void SetUp() {
q1_.Enqueue(1);
@@ -120,13 +117,13 @@ class QueueTest : public testing::Test {
// instead of TEST.
// Tests the default c'tor.
-TEST_F(QueueTest, DefaultConstructor) {
+TEST_F(QueueTestSmpl3, DefaultConstructor) {
// You can access data in the test fixture here.
EXPECT_EQ(0u, q0_.Size());
}
// Tests Dequeue().
-TEST_F(QueueTest, Dequeue) {
+TEST_F(QueueTestSmpl3, Dequeue) {
int * n = q0_.Dequeue();
EXPECT_TRUE(n == NULL);
@@ -144,8 +141,9 @@ TEST_F(QueueTest, Dequeue) {
}
// Tests the Queue::Map() function.
-TEST_F(QueueTest, Map) {
+TEST_F(QueueTestSmpl3, Map) {
MapTester(&q0_);
MapTester(&q1_);
MapTester(&q2_);
}
+} // namespace
diff --git a/security/nss/gtests/google_test/gtest/samples/sample4.cc b/security/nss/gtests/google_test/gtest/samples/sample4.cc
index ae44bda6f..b0ee6093b 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample4.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample4.cc
@@ -28,8 +28,6 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// A sample program demonstrating using Google C++ testing framework.
-//
-// Author: wan@google.com (Zhanyong Wan)
#include <stdio.h>
@@ -40,6 +38,16 @@ int Counter::Increment() {
return counter_++;
}
+// Returns the current counter value, and decrements it.
+// counter can not be less than 0, return 0 in this case
+int Counter::Decrement() {
+ if (counter_ == 0) {
+ return counter_;
+ } else {
+ return counter_--;
+ }
+}
+
// Prints the current counter value to STDOUT.
void Counter::Print() const {
printf("%d", counter_);
diff --git a/security/nss/gtests/google_test/gtest/samples/sample4.h b/security/nss/gtests/google_test/gtest/samples/sample4.h
index cd60f0dd2..e256f4064 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample4.h
+++ b/security/nss/gtests/google_test/gtest/samples/sample4.h
@@ -28,9 +28,6 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// A sample program demonstrating using Google C++ testing framework.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
#ifndef GTEST_SAMPLES_SAMPLE4_H_
#define GTEST_SAMPLES_SAMPLE4_H_
@@ -46,6 +43,9 @@ class Counter {
// Returns the current counter value, and increments it.
int Increment();
+ // Returns the current counter value, and decrements it.
+ int Decrement();
+
// Prints the current counter value to STDOUT.
void Print() const;
};
diff --git a/security/nss/gtests/google_test/gtest/samples/sample4_unittest.cc b/security/nss/gtests/google_test/gtest/samples/sample4_unittest.cc
index fa5afc7d5..d5144c0d0 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample4_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample4_unittest.cc
@@ -26,20 +26,28 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-#include "gtest/gtest.h"
+
#include "sample4.h"
+#include "gtest/gtest.h"
+namespace {
// Tests the Increment() method.
+
TEST(Counter, Increment) {
Counter c;
+ // Test that counter 0 returns 0
+ EXPECT_EQ(0, c.Decrement());
+
// EXPECT_EQ() evaluates its arguments exactly once, so they
// can have side effects.
EXPECT_EQ(0, c.Increment());
EXPECT_EQ(1, c.Increment());
EXPECT_EQ(2, c.Increment());
+
+ EXPECT_EQ(3, c.Decrement());
}
+
+} // namespace
diff --git a/security/nss/gtests/google_test/gtest/samples/sample5_unittest.cc b/security/nss/gtests/google_test/gtest/samples/sample5_unittest.cc
index 43d8e5777..d8a8788c6 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample5_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample5_unittest.cc
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
// This sample teaches how to reuse a test fixture in multiple test
// cases by deriving sub-fixtures from it.
@@ -46,10 +45,10 @@
#include <limits.h>
#include <time.h>
-#include "sample3-inl.h"
#include "gtest/gtest.h"
#include "sample1.h"
-
+#include "sample3-inl.h"
+namespace {
// In this sample, we want to ensure that every test finishes within
// ~5 seconds. If a test takes longer to run, we consider it a
// failure.
@@ -191,7 +190,7 @@ TEST_F(QueueTest, Dequeue) {
EXPECT_EQ(1u, q2_.Size());
delete n;
}
-
+} // namespace
// If necessary, you can derive further test fixtures from a derived
// fixture itself. For example, you can derive another fixture from
// QueueTest. Google Test imposes no limit on how deep the hierarchy
diff --git a/security/nss/gtests/google_test/gtest/samples/sample6_unittest.cc b/security/nss/gtests/google_test/gtest/samples/sample6_unittest.cc
index 8f2036a51..ddf2f1c13 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample6_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample6_unittest.cc
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
// This sample shows how to test common properties of multiple
// implementations of the same interface (aka interface tests).
@@ -36,7 +35,7 @@
#include "prime_tables.h"
#include "gtest/gtest.h"
-
+namespace {
// First, we define some factory functions for creating instances of
// the implementations. You may be able to skip this step if all your
// implementations can be constructed the same way.
@@ -222,3 +221,4 @@ INSTANTIATE_TYPED_TEST_CASE_P(OnTheFlyAndPreCalculated, // Instance name
PrimeTableImplementations); // Type list
#endif // GTEST_HAS_TYPED_TEST_P
+} // namespace
diff --git a/security/nss/gtests/google_test/gtest/samples/sample7_unittest.cc b/security/nss/gtests/google_test/gtest/samples/sample7_unittest.cc
index 1b651a21d..c1ae8bded 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample7_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample7_unittest.cc
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: vladl@google.com (Vlad Losev)
+
// This sample shows how to test common properties of multiple
// implementations of an interface (aka interface tests) using
@@ -39,8 +38,7 @@
#include "prime_tables.h"
#include "gtest/gtest.h"
-
-#if GTEST_HAS_PARAM_TEST
+namespace {
using ::testing::TestWithParam;
using ::testing::Values;
@@ -65,9 +63,9 @@ PrimeTable* CreatePreCalculatedPrimeTable() {
// can refer to the test parameter by GetParam(). In this case, the test
// parameter is a factory function which we call in fixture's SetUp() to
// create and store an instance of PrimeTable.
-class PrimeTableTest : public TestWithParam<CreatePrimeTableFunc*> {
+class PrimeTableTestSmpl7 : public TestWithParam<CreatePrimeTableFunc*> {
public:
- virtual ~PrimeTableTest() { delete table_; }
+ virtual ~PrimeTableTestSmpl7() { delete table_; }
virtual void SetUp() { table_ = (*GetParam())(); }
virtual void TearDown() {
delete table_;
@@ -78,7 +76,7 @@ class PrimeTableTest : public TestWithParam<CreatePrimeTableFunc*> {
PrimeTable* table_;
};
-TEST_P(PrimeTableTest, ReturnsFalseForNonPrimes) {
+TEST_P(PrimeTableTestSmpl7, ReturnsFalseForNonPrimes) {
EXPECT_FALSE(table_->IsPrime(-5));
EXPECT_FALSE(table_->IsPrime(0));
EXPECT_FALSE(table_->IsPrime(1));
@@ -87,7 +85,7 @@ TEST_P(PrimeTableTest, ReturnsFalseForNonPrimes) {
EXPECT_FALSE(table_->IsPrime(100));
}
-TEST_P(PrimeTableTest, ReturnsTrueForPrimes) {
+TEST_P(PrimeTableTestSmpl7, ReturnsTrueForPrimes) {
EXPECT_TRUE(table_->IsPrime(2));
EXPECT_TRUE(table_->IsPrime(3));
EXPECT_TRUE(table_->IsPrime(5));
@@ -96,7 +94,7 @@ TEST_P(PrimeTableTest, ReturnsTrueForPrimes) {
EXPECT_TRUE(table_->IsPrime(131));
}
-TEST_P(PrimeTableTest, CanGetNextPrime) {
+TEST_P(PrimeTableTestSmpl7, CanGetNextPrime) {
EXPECT_EQ(2, table_->GetNextPrime(0));
EXPECT_EQ(3, table_->GetNextPrime(2));
EXPECT_EQ(5, table_->GetNextPrime(3));
@@ -112,19 +110,8 @@ TEST_P(PrimeTableTest, CanGetNextPrime) {
//
// Here, we instantiate our tests with a list of two PrimeTable object
// factory functions:
-INSTANTIATE_TEST_CASE_P(
- OnTheFlyAndPreCalculated,
- PrimeTableTest,
- Values(&CreateOnTheFlyPrimeTable, &CreatePreCalculatedPrimeTable<1000>));
-
-#else
-
-// Google Test may not support value-parameterized tests with some
-// compilers. If we use conditional compilation to compile out all
-// code referring to the gtest_main library, MSVC linker will not link
-// that library at all and consequently complain about missing entry
-// point defined in that library (fatal error LNK1561: entry point
-// must be defined). This dummy test keeps gtest_main linked in.
-TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
+INSTANTIATE_TEST_CASE_P(OnTheFlyAndPreCalculated, PrimeTableTestSmpl7,
+ Values(&CreateOnTheFlyPrimeTable,
+ &CreatePreCalculatedPrimeTable<1000>));
-#endif // GTEST_HAS_PARAM_TEST
+} // namespace
diff --git a/security/nss/gtests/google_test/gtest/samples/sample8_unittest.cc b/security/nss/gtests/google_test/gtest/samples/sample8_unittest.cc
index 727433406..ce75cf030 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample8_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample8_unittest.cc
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: vladl@google.com (Vlad Losev)
+
// This sample shows how to test code relying on some global flag variables.
// Combine() helps with generating all possible combinations of such flags,
@@ -37,7 +36,7 @@
#include "prime_tables.h"
#include "gtest/gtest.h"
-
+namespace {
#if GTEST_HAS_COMBINE
// Suppose we want to introduce a new, improved implementation of PrimeTable
@@ -171,3 +170,4 @@ INSTANTIATE_TEST_CASE_P(MeaningfulTestParameters,
TEST(DummyTest, CombineIsNotSupportedOnThisPlatform) {}
#endif // GTEST_HAS_COMBINE
+} // namespace
diff --git a/security/nss/gtests/google_test/gtest/samples/sample9_unittest.cc b/security/nss/gtests/google_test/gtest/samples/sample9_unittest.cc
index b2e2079bf..53f9af5ba 100644
--- a/security/nss/gtests/google_test/gtest/samples/sample9_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/samples/sample9_unittest.cc
@@ -25,8 +25,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: vladl@google.com (Vlad Losev)
+
// This sample shows how to use Google Test listener API to implement
// an alternative console output and how to use the UnitTest reflection API
@@ -44,9 +43,7 @@ using ::testing::TestEventListeners;
using ::testing::TestInfo;
using ::testing::TestPartResult;
using ::testing::UnitTest;
-
namespace {
-
// Provides alternative output mode which produces minimal amount of
// information about tests.
class TersePrinter : public EmptyTestEventListener {
@@ -102,7 +99,6 @@ TEST(CustomOutputTest, Fails) {
EXPECT_EQ(1, 2)
<< "This test fails in order to demonstrate alternative failure messages";
}
-
} // namespace
int main(int argc, char **argv) {
diff --git a/security/nss/gtests/google_test/gtest/scripts/fuse_gtest_files.py b/security/nss/gtests/google_test/gtest/scripts/fuse_gtest_files.py
index 57ef72f0e..d0dd464fe 100755
--- a/security/nss/gtests/google_test/gtest/scripts/fuse_gtest_files.py
+++ b/security/nss/gtests/google_test/gtest/scripts/fuse_gtest_files.py
@@ -52,7 +52,7 @@ EXAMPLES
This tool is experimental. In particular, it assumes that there is no
conditional inclusion of Google Test headers. Please report any
problems to googletestframework@googlegroups.com. You can read
-http://code.google.com/p/googletest/wiki/GoogleTestAdvancedGuide for
+https://github.com/google/googletest/blob/master/googletest/docs/advanced.md for
more information.
"""
@@ -60,7 +60,10 @@ __author__ = 'wan@google.com (Zhanyong Wan)'
import os
import re
-import sets
+try:
+ from sets import Set as set # For Python 2.3 compatibility
+except ImportError:
+ pass
import sys
# We assume that this file is in the scripts/ directory in the Google
@@ -90,10 +93,10 @@ def VerifyFileExists(directory, relative_path):
"""
if not os.path.isfile(os.path.join(directory, relative_path)):
- print 'ERROR: Cannot find %s in directory %s.' % (relative_path,
- directory)
- print ('Please either specify a valid project root directory '
- 'or omit it on the command line.')
+ print('ERROR: Cannot find %s in directory %s.' % (relative_path,
+ directory))
+ print('Please either specify a valid project root directory '
+ 'or omit it on the command line.')
sys.exit(1)
@@ -119,11 +122,11 @@ def VerifyOutputFile(output_dir, relative_path):
# TODO(wan@google.com): The following user-interaction doesn't
# work with automated processes. We should provide a way for the
# Makefile to force overwriting the files.
- print ('%s already exists in directory %s - overwrite it? (y/N) ' %
- (relative_path, output_dir))
+ print('%s already exists in directory %s - overwrite it? (y/N) ' %
+ (relative_path, output_dir))
answer = sys.stdin.readline().strip()
if answer not in ['y', 'Y']:
- print 'ABORTED.'
+ print('ABORTED.')
sys.exit(1)
# Makes sure the directory holding the output file exists; creates
@@ -146,8 +149,8 @@ def ValidateOutputDir(output_dir):
def FuseGTestH(gtest_root, output_dir):
"""Scans folder gtest_root to generate gtest/gtest.h in output_dir."""
- output_file = file(os.path.join(output_dir, GTEST_H_OUTPUT), 'w')
- processed_files = sets.Set() # Holds all gtest headers we've processed.
+ output_file = open(os.path.join(output_dir, GTEST_H_OUTPUT), 'w')
+ processed_files = set() # Holds all gtest headers we've processed.
def ProcessFile(gtest_header_path):
"""Processes the given gtest header file."""
@@ -159,7 +162,7 @@ def FuseGTestH(gtest_root, output_dir):
processed_files.add(gtest_header_path)
# Reads each line in the given gtest header.
- for line in file(os.path.join(gtest_root, gtest_header_path), 'r'):
+ for line in open(os.path.join(gtest_root, gtest_header_path), 'r'):
m = INCLUDE_GTEST_FILE_REGEX.match(line)
if m:
# It's '#include "gtest/..."' - let's process it recursively.
@@ -175,7 +178,7 @@ def FuseGTestH(gtest_root, output_dir):
def FuseGTestAllCcToFile(gtest_root, output_file):
"""Scans folder gtest_root to generate gtest/gtest-all.cc in output_file."""
- processed_files = sets.Set()
+ processed_files = set()
def ProcessFile(gtest_source_file):
"""Processes the given gtest source file."""
@@ -187,7 +190,7 @@ def FuseGTestAllCcToFile(gtest_root, output_file):
processed_files.add(gtest_source_file)
# Reads each line in the given gtest source file.
- for line in file(os.path.join(gtest_root, gtest_source_file), 'r'):
+ for line in open(os.path.join(gtest_root, gtest_source_file), 'r'):
m = INCLUDE_GTEST_FILE_REGEX.match(line)
if m:
if 'include/' + m.group(1) == GTEST_SPI_H_SEED:
@@ -218,7 +221,7 @@ def FuseGTestAllCcToFile(gtest_root, output_file):
def FuseGTestAllCc(gtest_root, output_dir):
"""Scans folder gtest_root to generate gtest/gtest-all.cc in output_dir."""
- output_file = file(os.path.join(output_dir, GTEST_ALL_CC_OUTPUT), 'w')
+ output_file = open(os.path.join(output_dir, GTEST_ALL_CC_OUTPUT), 'w')
FuseGTestAllCcToFile(gtest_root, output_file)
output_file.close()
@@ -242,7 +245,7 @@ def main():
# fuse_gtest_files.py GTEST_ROOT_DIR OUTPUT_DIR
FuseGTest(sys.argv[1], sys.argv[2])
else:
- print __doc__
+ print(__doc__)
sys.exit(1)
diff --git a/security/nss/gtests/google_test/gtest/scripts/gen_gtest_pred_impl.py b/security/nss/gtests/google_test/gtest/scripts/gen_gtest_pred_impl.py
index 3e7ab042e..b43efdf41 100755
--- a/security/nss/gtests/google_test/gtest/scripts/gen_gtest_pred_impl.py
+++ b/security/nss/gtests/google_test/gtest/scripts/gen_gtest_pred_impl.py
@@ -115,10 +115,9 @@ def HeaderPreamble(n):
#ifndef GTEST_INCLUDE_GTEST_GTEST_PRED_IMPL_H_
#define GTEST_INCLUDE_GTEST_GTEST_PRED_IMPL_H_
-// Makes sure this header is not included before gtest.h.
-#ifndef GTEST_INCLUDE_GTEST_GTEST_H_
-# error Do not include gtest_pred_impl.h directly. Include gtest.h instead.
-#endif // GTEST_INCLUDE_GTEST_GTEST_H_
+#include "gtest/gtest.h"
+
+namespace testing {
// This header implements a family of generic predicate assertion
// macros:
@@ -295,16 +294,17 @@ def HeaderPostamble():
return """
+} // namespace testing
+
#endif // GTEST_INCLUDE_GTEST_GTEST_PRED_IMPL_H_
"""
def GenerateFile(path, content):
- """Given a file path and a content string, overwrites it with the
- given content."""
-
+ """Given a file path and a content string
+ overwrites it with the given content.
+ """
print 'Updating file %s . . .' % path
-
f = file(path, 'w+')
print >>f, content,
f.close()
@@ -314,8 +314,8 @@ def GenerateFile(path, content):
def GenerateHeader(n):
"""Given the maximum arity n, updates the header file that implements
- the predicate assertions."""
-
+ the predicate assertions.
+ """
GenerateFile(HEADER,
HeaderPreamble(n)
+ ''.join([ImplementationForArity(i) for i in OneTo(n)])
diff --git a/security/nss/gtests/google_test/gtest/scripts/upload.py b/security/nss/gtests/google_test/gtest/scripts/upload.py
index 6e6f9a147..c852e4c91 100755
--- a/security/nss/gtests/google_test/gtest/scripts/upload.py
+++ b/security/nss/gtests/google_test/gtest/scripts/upload.py
@@ -242,7 +242,7 @@ class AbstractRpcServer(object):
The authentication process works as follows:
1) We get a username and password from the user
2) We use ClientLogin to obtain an AUTH token for the user
- (see http://code.google.com/apis/accounts/AuthForInstalledApps.html).
+ (see https://developers.google.com/identity/protocols/AuthForInstalledApps).
3) We pass the auth token to /_ah/login on the server to obtain an
authentication cookie. If login was successful, it tries to redirect
us to the URL we provided.
@@ -506,7 +506,7 @@ def EncodeMultipartFormData(fields, files):
(content_type, body) ready for httplib.HTTP instance.
Source:
- http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/146306
+ https://web.archive.org/web/20160116052001/code.activestate.com/recipes/146306
"""
BOUNDARY = '-M-A-G-I-C---B-O-U-N-D-A-R-Y-'
CRLF = '\r\n'
@@ -732,7 +732,7 @@ class SubversionVCS(VersionControlSystem):
else:
self.rev_start = self.rev_end = None
# Cache output from "svn list -r REVNO dirname".
- # Keys: dirname, Values: 2-tuple (ouput for start rev and end rev).
+ # Keys: dirname, Values: 2-tuple (output for start rev and end rev).
self.svnls_cache = {}
# SVN base URL is required to fetch files deleted in an older revision.
# Result is cached to not guess it over and over again in GetBaseFile().
@@ -807,7 +807,7 @@ class SubversionVCS(VersionControlSystem):
# svn cat translates keywords but svn diff doesn't. As a result of this
# behavior patching.PatchChunks() fails with a chunk mismatch error.
# This part was originally written by the Review Board development team
- # who had the same problem (http://reviews.review-board.org/r/276/).
+ # who had the same problem (https://reviews.reviewboard.org/r/276/).
# Mapping of keywords to known aliases
svn_keywords = {
# Standard keywords
@@ -860,7 +860,7 @@ class SubversionVCS(VersionControlSystem):
status_lines = status.splitlines()
# If file is in a cl, the output will begin with
# "\n--- Changelist 'cl_name':\n". See
- # http://svn.collab.net/repos/svn/trunk/notes/changelist-design.txt
+ # https://web.archive.org/web/20090918234815/svn.collab.net/repos/svn/trunk/notes/changelist-design.txt
if (len(status_lines) == 3 and
not status_lines[0] and
status_lines[1].startswith("--- Changelist")):
diff --git a/security/nss/gtests/google_test/gtest/src/gtest-all.cc b/security/nss/gtests/google_test/gtest/src/gtest-all.cc
index 0a9cee522..b217a1800 100644
--- a/security/nss/gtests/google_test/gtest/src/gtest-all.cc
+++ b/security/nss/gtests/google_test/gtest/src/gtest-all.cc
@@ -26,10 +26,9 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
//
-// Author: mheule@google.com (Markus Heule)
-//
-// Google C++ Testing Framework (Google Test)
+// Google C++ Testing and Mocking Framework (Google Test)
//
// Sometimes it's desirable to build Google Test by compiling a single file.
// This file serves this purpose.
diff --git a/security/nss/gtests/google_test/gtest/src/gtest-death-test.cc b/security/nss/gtests/google_test/gtest/src/gtest-death-test.cc
index a0a8c7baf..090835516 100644
--- a/security/nss/gtests/google_test/gtest/src/gtest-death-test.cc
+++ b/security/nss/gtests/google_test/gtest/src/gtest-death-test.cc
@@ -26,13 +26,13 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan), vladl@google.com (Vlad Losev)
+
//
// This file implements death tests.
#include "gtest/gtest-death-test.h"
#include "gtest/internal/gtest-port.h"
+#include "gtest/internal/custom/gtest.h"
#if GTEST_HAS_DEATH_TEST
@@ -61,26 +61,30 @@
# include <spawn.h>
# endif // GTEST_OS_QNX
+# if GTEST_OS_FUCHSIA
+# include <lib/fdio/io.h>
+# include <lib/fdio/spawn.h>
+# include <zircon/processargs.h>
+# include <zircon/syscalls.h>
+# include <zircon/syscalls/port.h>
+# endif // GTEST_OS_FUCHSIA
+
#endif // GTEST_HAS_DEATH_TEST
#include "gtest/gtest-message.h"
#include "gtest/internal/gtest-string.h"
-
-// Indicates that this translation unit is part of Google Test's
-// implementation. It must come before gtest-internal-inl.h is
-// included, or there will be a compiler error. This trick exists to
-// prevent the accidental inclusion of gtest-internal-inl.h in the
-// user's code.
-#define GTEST_IMPLEMENTATION_ 1
#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
namespace testing {
// Constants.
// The default death test style.
-static const char kDefaultDeathTestStyle[] = "fast";
+//
+// This is defined in internal/gtest-port.h as "fast", but can be overridden by
+// a definition in internal/custom/gtest-port.h. The recommended value, which is
+// used internally at Google, is "threadsafe".
+static const char kDefaultDeathTestStyle[] = GTEST_DEFAULT_DEATH_TEST_STYLE;
GTEST_DEFINE_string_(
death_test_style,
@@ -120,7 +124,9 @@ namespace internal {
// Valid only for fast death tests. Indicates the code is running in the
// child process of a fast style death test.
+# if !GTEST_OS_WINDOWS && !GTEST_OS_FUCHSIA
static bool g_in_fast_death_test_child = false;
+# endif
// Returns a Boolean value indicating whether the caller is currently
// executing in the context of the death test child process. Tools such as
@@ -128,10 +134,10 @@ static bool g_in_fast_death_test_child = false;
// tests. IMPORTANT: This is an internal utility. Using it may break the
// implementation of death tests. User code MUST NOT use it.
bool InDeathTestChild() {
-# if GTEST_OS_WINDOWS
+# if GTEST_OS_WINDOWS || GTEST_OS_FUCHSIA
- // On Windows, death tests are thread-safe regardless of the value of the
- // death_test_style flag.
+ // On Windows and Fuchsia, death tests are thread-safe regardless of the value
+ // of the death_test_style flag.
return !GTEST_FLAG(internal_run_death_test).empty();
# else
@@ -151,7 +157,7 @@ ExitedWithCode::ExitedWithCode(int exit_code) : exit_code_(exit_code) {
// ExitedWithCode function-call operator.
bool ExitedWithCode::operator()(int exit_status) const {
-# if GTEST_OS_WINDOWS
+# if GTEST_OS_WINDOWS || GTEST_OS_FUCHSIA
return exit_status == exit_code_;
@@ -159,19 +165,27 @@ bool ExitedWithCode::operator()(int exit_status) const {
return WIFEXITED(exit_status) && WEXITSTATUS(exit_status) == exit_code_;
-# endif // GTEST_OS_WINDOWS
+# endif // GTEST_OS_WINDOWS || GTEST_OS_FUCHSIA
}
-# if !GTEST_OS_WINDOWS
+# if !GTEST_OS_WINDOWS && !GTEST_OS_FUCHSIA
// KilledBySignal constructor.
KilledBySignal::KilledBySignal(int signum) : signum_(signum) {
}
// KilledBySignal function-call operator.
bool KilledBySignal::operator()(int exit_status) const {
+# if defined(GTEST_KILLED_BY_SIGNAL_OVERRIDE_)
+ {
+ bool result;
+ if (GTEST_KILLED_BY_SIGNAL_OVERRIDE_(signum_, exit_status, &result)) {
+ return result;
+ }
+ }
+# endif // defined(GTEST_KILLED_BY_SIGNAL_OVERRIDE_)
return WIFSIGNALED(exit_status) && WTERMSIG(exit_status) == signum_;
}
-# endif // !GTEST_OS_WINDOWS
+# endif // !GTEST_OS_WINDOWS && !GTEST_OS_FUCHSIA
namespace internal {
@@ -182,7 +196,7 @@ namespace internal {
static std::string ExitSummary(int exit_code) {
Message m;
-# if GTEST_OS_WINDOWS
+# if GTEST_OS_WINDOWS || GTEST_OS_FUCHSIA
m << "Exited with exit status " << exit_code;
@@ -198,7 +212,7 @@ static std::string ExitSummary(int exit_code) {
m << " (core dumped)";
}
# endif
-# endif // GTEST_OS_WINDOWS
+# endif // GTEST_OS_WINDOWS || GTEST_OS_FUCHSIA
return m.GetString();
}
@@ -209,7 +223,7 @@ bool ExitedUnsuccessfully(int exit_status) {
return !ExitedWithCode(0)(exit_status);
}
-# if !GTEST_OS_WINDOWS
+# if !GTEST_OS_WINDOWS && !GTEST_OS_FUCHSIA
// Generates a textual failure message when a death test finds more than
// one thread running, or cannot determine the number of threads, prior
// to executing the given statement. It is the responsibility of the
@@ -218,13 +232,19 @@ static std::string DeathTestThreadWarning(size_t thread_count) {
Message msg;
msg << "Death tests use fork(), which is unsafe particularly"
<< " in a threaded context. For this test, " << GTEST_NAME_ << " ";
- if (thread_count == 0)
+ if (thread_count == 0) {
msg << "couldn't detect the number of threads.";
- else
+ } else {
msg << "detected " << thread_count << " threads.";
+ }
+ msg << " See "
+ "https://github.com/google/googletest/blob/master/googletest/docs/"
+ "advanced.md#death-tests-and-threads"
+ << " for more explanation and suggested solutions, especially if"
+ << " this is the last message you see before your test times out.";
return msg.GetString();
}
-# endif // !GTEST_OS_WINDOWS
+# endif // !GTEST_OS_WINDOWS && !GTEST_OS_FUCHSIA
// Flag characters for reporting a death test that did not die.
static const char kDeathTestLived = 'L';
@@ -232,6 +252,13 @@ static const char kDeathTestReturned = 'R';
static const char kDeathTestThrew = 'T';
static const char kDeathTestInternalError = 'I';
+#if GTEST_OS_FUCHSIA
+
+// File descriptor used for the pipe in the child process.
+static const int kFuchsiaReadPipeFd = 3;
+
+#endif
+
// An enumeration describing all of the possible ways that a death test can
// conclude. DIED means that the process died while executing the test
// code; LIVED means that process lived beyond the end of the test code;
@@ -239,7 +266,7 @@ static const char kDeathTestInternalError = 'I';
// statement, which is not allowed; THREW means that the test statement
// returned control by throwing an exception. IN_PROGRESS means the test
// has not yet concluded.
-// TODO(vladl@google.com): Unify names and possibly values for
+// FIXME: Unify names and possibly values for
// AbortReason, DeathTestOutcome, and flag characters above.
enum DeathTestOutcome { IN_PROGRESS, DIED, LIVED, RETURNED, THREW };
@@ -248,7 +275,7 @@ enum DeathTestOutcome { IN_PROGRESS, DIED, LIVED, RETURNED, THREW };
// message is propagated back to the parent process. Otherwise, the
// message is simply printed to stderr. In either case, the program
// then exits with status 1.
-void DeathTestAbort(const std::string& message) {
+static void DeathTestAbort(const std::string& message) {
// On a POSIX system, this function may be called from a threadsafe-style
// death test child process, which operates on a very small stack. Use
// the heap for any additional non-minuscule memory requirements.
@@ -552,7 +579,12 @@ bool DeathTestImpl::Passed(bool status_ok) {
break;
case DIED:
if (status_ok) {
+# if GTEST_USES_PCRE
+ // PCRE regexes support embedded NULs.
+ const bool matched = RE::PartialMatch(error_message, *regex());
+# else
const bool matched = RE::PartialMatch(error_message.c_str(), *regex());
+# endif // GTEST_USES_PCRE
if (matched) {
success = true;
} else {
@@ -768,7 +800,200 @@ DeathTest::TestRole WindowsDeathTest::AssumeRole() {
set_spawned(true);
return OVERSEE_TEST;
}
-# else // We are not on Windows.
+
+# elif GTEST_OS_FUCHSIA
+
+class FuchsiaDeathTest : public DeathTestImpl {
+ public:
+ FuchsiaDeathTest(const char* a_statement,
+ const RE* a_regex,
+ const char* file,
+ int line)
+ : DeathTestImpl(a_statement, a_regex), file_(file), line_(line) {}
+ virtual ~FuchsiaDeathTest() {
+ zx_status_t status = zx_handle_close(child_process_);
+ GTEST_DEATH_TEST_CHECK_(status == ZX_OK);
+ status = zx_handle_close(port_);
+ GTEST_DEATH_TEST_CHECK_(status == ZX_OK);
+ }
+
+ // All of these virtual functions are inherited from DeathTest.
+ virtual int Wait();
+ virtual TestRole AssumeRole();
+
+ private:
+ // The name of the file in which the death test is located.
+ const char* const file_;
+ // The line number on which the death test is located.
+ const int line_;
+
+ zx_handle_t child_process_ = ZX_HANDLE_INVALID;
+ zx_handle_t port_ = ZX_HANDLE_INVALID;
+};
+
+// Utility class for accumulating command-line arguments.
+class Arguments {
+ public:
+ Arguments() {
+ args_.push_back(NULL);
+ }
+
+ ~Arguments() {
+ for (std::vector<char*>::iterator i = args_.begin(); i != args_.end();
+ ++i) {
+ free(*i);
+ }
+ }
+ void AddArgument(const char* argument) {
+ args_.insert(args_.end() - 1, posix::StrDup(argument));
+ }
+
+ template <typename Str>
+ void AddArguments(const ::std::vector<Str>& arguments) {
+ for (typename ::std::vector<Str>::const_iterator i = arguments.begin();
+ i != arguments.end();
+ ++i) {
+ args_.insert(args_.end() - 1, posix::StrDup(i->c_str()));
+ }
+ }
+ char* const* Argv() {
+ return &args_[0];
+ }
+
+ int size() {
+ return args_.size() - 1;
+ }
+
+ private:
+ std::vector<char*> args_;
+};
+
+// Waits for the child in a death test to exit, returning its exit
+// status, or 0 if no child process exists. As a side effect, sets the
+// outcome data member.
+int FuchsiaDeathTest::Wait() {
+ if (!spawned())
+ return 0;
+
+ // Register to wait for the child process to terminate.
+ zx_status_t status_zx;
+ status_zx = zx_object_wait_async(child_process_,
+ port_,
+ 0 /* key */,
+ ZX_PROCESS_TERMINATED,
+ ZX_WAIT_ASYNC_ONCE);
+ GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
+
+ // Wait for it to terminate, or an exception to be received.
+ zx_port_packet_t packet;
+ status_zx = zx_port_wait(port_, ZX_TIME_INFINITE, &packet);
+ GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
+
+ if (ZX_PKT_IS_EXCEPTION(packet.type)) {
+ // Process encountered an exception. Kill it directly rather than letting
+ // other handlers process the event.
+ status_zx = zx_task_kill(child_process_);
+ GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
+
+ // Now wait for |child_process_| to terminate.
+ zx_signals_t signals = 0;
+ status_zx = zx_object_wait_one(
+ child_process_, ZX_PROCESS_TERMINATED, ZX_TIME_INFINITE, &signals);
+ GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
+ GTEST_DEATH_TEST_CHECK_(signals & ZX_PROCESS_TERMINATED);
+ } else {
+ // Process terminated.
+ GTEST_DEATH_TEST_CHECK_(ZX_PKT_IS_SIGNAL_ONE(packet.type));
+ GTEST_DEATH_TEST_CHECK_(packet.signal.observed & ZX_PROCESS_TERMINATED);
+ }
+
+ ReadAndInterpretStatusByte();
+
+ zx_info_process_t buffer;
+ status_zx = zx_object_get_info(
+ child_process_,
+ ZX_INFO_PROCESS,
+ &buffer,
+ sizeof(buffer),
+ nullptr,
+ nullptr);
+ GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
+
+ GTEST_DEATH_TEST_CHECK_(buffer.exited);
+ set_status(buffer.return_code);
+ return status();
+}
+
+// The AssumeRole process for a Fuchsia death test. It creates a child
+// process with the same executable as the current process to run the
+// death test. The child process is given the --gtest_filter and
+// --gtest_internal_run_death_test flags such that it knows to run the
+// current death test only.
+DeathTest::TestRole FuchsiaDeathTest::AssumeRole() {
+ const UnitTestImpl* const impl = GetUnitTestImpl();
+ const InternalRunDeathTestFlag* const flag =
+ impl->internal_run_death_test_flag();
+ const TestInfo* const info = impl->current_test_info();
+ const int death_test_index = info->result()->death_test_count();
+
+ if (flag != NULL) {
+ // ParseInternalRunDeathTestFlag() has performed all the necessary
+ // processing.
+ set_write_fd(kFuchsiaReadPipeFd);
+ return EXECUTE_TEST;
+ }
+
+ CaptureStderr();
+ // Flush the log buffers since the log streams are shared with the child.
+ FlushInfoLog();
+
+ // Build the child process command line.
+ const std::string filter_flag =
+ std::string("--") + GTEST_FLAG_PREFIX_ + kFilterFlag + "="
+ + info->test_case_name() + "." + info->name();
+ const std::string internal_flag =
+ std::string("--") + GTEST_FLAG_PREFIX_ + kInternalRunDeathTestFlag + "="
+ + file_ + "|"
+ + StreamableToString(line_) + "|"
+ + StreamableToString(death_test_index);
+ Arguments args;
+ args.AddArguments(GetInjectableArgvs());
+ args.AddArgument(filter_flag.c_str());
+ args.AddArgument(internal_flag.c_str());
+
+ // Build the pipe for communication with the child.
+ zx_status_t status;
+ zx_handle_t child_pipe_handle;
+ uint32_t type;
+ status = fdio_pipe_half(&child_pipe_handle, &type);
+ GTEST_DEATH_TEST_CHECK_(status >= 0);
+ set_read_fd(status);
+
+ // Set the pipe handle for the child.
+ fdio_spawn_action_t add_handle_action = {};
+ add_handle_action.action = FDIO_SPAWN_ACTION_ADD_HANDLE;
+ add_handle_action.h.id = PA_HND(type, kFuchsiaReadPipeFd);
+ add_handle_action.h.handle = child_pipe_handle;
+
+ // Spawn the child process.
+ status = fdio_spawn_etc(ZX_HANDLE_INVALID, FDIO_SPAWN_CLONE_ALL,
+ args.Argv()[0], args.Argv(), nullptr, 1,
+ &add_handle_action, &child_process_, nullptr);
+ GTEST_DEATH_TEST_CHECK_(status == ZX_OK);
+
+ // Create an exception port and attach it to the |child_process_|, to allow
+ // us to suppress the system default exception handler from firing.
+ status = zx_port_create(0, &port_);
+ GTEST_DEATH_TEST_CHECK_(status == ZX_OK);
+ status = zx_task_bind_exception_port(
+ child_process_, port_, 0 /* key */, 0 /*options */);
+ GTEST_DEATH_TEST_CHECK_(status == ZX_OK);
+
+ set_spawned(true);
+ return OVERSEE_TEST;
+}
+
+#else // We are neither on Windows, nor on Fuchsia.
// ForkingDeathTest provides implementations for most of the abstract
// methods of the DeathTest interface. Only the AssumeRole method is
@@ -872,9 +1097,13 @@ class ExecDeathTest : public ForkingDeathTest {
ForkingDeathTest(a_statement, a_regex), file_(file), line_(line) { }
virtual TestRole AssumeRole();
private:
- static ::std::vector<testing::internal::string>
- GetArgvsForDeathTestChildProcess() {
- ::std::vector<testing::internal::string> args = GetInjectableArgvs();
+ static ::std::vector<std::string> GetArgvsForDeathTestChildProcess() {
+ ::std::vector<std::string> args = GetInjectableArgvs();
+# if defined(GTEST_EXTRA_DEATH_TEST_COMMAND_LINE_ARGS_)
+ ::std::vector<std::string> extra_args =
+ GTEST_EXTRA_DEATH_TEST_COMMAND_LINE_ARGS_();
+ args.insert(args.end(), extra_args.begin(), extra_args.end());
+# endif // defined(GTEST_EXTRA_DEATH_TEST_COMMAND_LINE_ARGS_)
return args;
}
// The name of the file in which the death test is located.
@@ -970,6 +1199,7 @@ static int ExecDeathTestChildMain(void* child_arg) {
}
# endif // !GTEST_OS_QNX
+# if GTEST_HAS_CLONE
// Two utility routines that together determine the direction the stack
// grows.
// This could be accomplished more elegantly by a single recursive
@@ -979,20 +1209,22 @@ static int ExecDeathTestChildMain(void* child_arg) {
// GTEST_NO_INLINE_ is required to prevent GCC 4.6 from inlining
// StackLowerThanAddress into StackGrowsDown, which then doesn't give
// correct answer.
-void StackLowerThanAddress(const void* ptr, bool* result) GTEST_NO_INLINE_;
-void StackLowerThanAddress(const void* ptr, bool* result) {
+static void StackLowerThanAddress(const void* ptr,
+ bool* result) GTEST_NO_INLINE_;
+static void StackLowerThanAddress(const void* ptr, bool* result) {
int dummy;
*result = (&dummy < ptr);
}
// Make sure AddressSanitizer does not tamper with the stack here.
GTEST_ATTRIBUTE_NO_SANITIZE_ADDRESS_
-bool StackGrowsDown() {
+static bool StackGrowsDown() {
int dummy;
bool result;
StackLowerThanAddress(&dummy, &result);
return result;
}
+# endif // GTEST_HAS_CLONE
// Spawns a child process with the same executable as the current process in
// a thread-safe manner and instructs it to run the death test. The
@@ -1184,6 +1416,13 @@ bool DefaultDeathTestFactory::Create(const char* statement, const RE* regex,
*test = new WindowsDeathTest(statement, regex, file, line);
}
+# elif GTEST_OS_FUCHSIA
+
+ if (GTEST_FLAG(death_test_style) == "threadsafe" ||
+ GTEST_FLAG(death_test_style) == "fast") {
+ *test = new FuchsiaDeathTest(statement, regex, file, line);
+ }
+
# else
if (GTEST_FLAG(death_test_style) == "threadsafe") {
@@ -1204,31 +1443,11 @@ bool DefaultDeathTestFactory::Create(const char* statement, const RE* regex,
return true;
}
-// Splits a given string on a given delimiter, populating a given
-// vector with the fields. GTEST_HAS_DEATH_TEST implies that we have
-// ::std::string, so we can use it here.
-static void SplitString(const ::std::string& str, char delimiter,
- ::std::vector< ::std::string>* dest) {
- ::std::vector< ::std::string> parsed;
- ::std::string::size_type pos = 0;
- while (::testing::internal::AlwaysTrue()) {
- const ::std::string::size_type colon = str.find(delimiter, pos);
- if (colon == ::std::string::npos) {
- parsed.push_back(str.substr(pos));
- break;
- } else {
- parsed.push_back(str.substr(pos, colon - pos));
- pos = colon + 1;
- }
- }
- dest->swap(parsed);
-}
-
# if GTEST_OS_WINDOWS
// Recreates the pipe and event handles from the provided parameters,
// signals the event, and returns a file descriptor wrapped around the pipe
// handle. This function is called in the child process only.
-int GetStatusFileDescriptor(unsigned int parent_process_id,
+static int GetStatusFileDescriptor(unsigned int parent_process_id,
size_t write_handle_as_size_t,
size_t event_handle_as_size_t) {
AutoHandle parent_process_handle(::OpenProcess(PROCESS_DUP_HANDLE,
@@ -1239,7 +1458,7 @@ int GetStatusFileDescriptor(unsigned int parent_process_id,
StreamableToString(parent_process_id));
}
- // TODO(vladl@google.com): Replace the following check with a
+ // FIXME: Replace the following check with a
// compile-time assertion when available.
GTEST_CHECK_(sizeof(HANDLE) <= sizeof(size_t));
@@ -1247,7 +1466,7 @@ int GetStatusFileDescriptor(unsigned int parent_process_id,
reinterpret_cast<HANDLE>(write_handle_as_size_t);
HANDLE dup_write_handle;
- // The newly initialized handle is accessible only in in the parent
+ // The newly initialized handle is accessible only in the parent
// process. To obtain one accessible within the child, we need to use
// DuplicateHandle.
if (!::DuplicateHandle(parent_process_handle.Get(), write_handle,
@@ -1324,6 +1543,16 @@ InternalRunDeathTestFlag* ParseInternalRunDeathTestFlag() {
write_fd = GetStatusFileDescriptor(parent_process_id,
write_handle_as_size_t,
event_handle_as_size_t);
+
+# elif GTEST_OS_FUCHSIA
+
+ if (fields.size() != 3
+ || !ParseNaturalNumber(fields[1], &line)
+ || !ParseNaturalNumber(fields[2], &index)) {
+ DeathTestAbort("Bad --gtest_internal_run_death_test flag: "
+ + GTEST_FLAG(internal_run_death_test));
+ }
+
# else
if (fields.size() != 4
diff --git a/security/nss/gtests/google_test/gtest/src/gtest-filepath.cc b/security/nss/gtests/google_test/gtest/src/gtest-filepath.cc
index 0292dc119..a7e65c082 100644
--- a/security/nss/gtests/google_test/gtest/src/gtest-filepath.cc
+++ b/security/nss/gtests/google_test/gtest/src/gtest-filepath.cc
@@ -26,14 +26,12 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Authors: keith.ray@gmail.com (Keith Ray)
-#include "gtest/gtest-message.h"
#include "gtest/internal/gtest-filepath.h"
-#include "gtest/internal/gtest-port.h"
#include <stdlib.h>
+#include "gtest/internal/gtest-port.h"
+#include "gtest/gtest-message.h"
#if GTEST_OS_WINDOWS_MOBILE
# include <windows.h>
@@ -48,6 +46,8 @@
# include <climits> // Some Linux distributions define PATH_MAX here.
#endif // GTEST_OS_WINDOWS_MOBILE
+#include "gtest/internal/gtest-string.h"
+
#if GTEST_OS_WINDOWS
# define GTEST_PATH_MAX_ _MAX_PATH
#elif defined(PATH_MAX)
@@ -58,8 +58,6 @@
# define GTEST_PATH_MAX_ _POSIX_PATH_MAX
#endif // GTEST_OS_WINDOWS
-#include "gtest/internal/gtest-string.h"
-
namespace testing {
namespace internal {
@@ -130,7 +128,7 @@ FilePath FilePath::RemoveExtension(const char* extension) const {
return *this;
}
-// Returns a pointer to the last occurence of a valid path separator in
+// Returns a pointer to the last occurrence of a valid path separator in
// the FilePath. On Windows, for example, both '/' and '\' are valid path
// separators. Returns NULL if no path separator was found.
const char* FilePath::FindLastPathSeparator() const {
@@ -252,7 +250,7 @@ bool FilePath::DirectoryExists() const {
// root directory per disk drive.)
bool FilePath::IsRootDirectory() const {
#if GTEST_OS_WINDOWS
- // TODO(wan@google.com): on Windows a network share like
+ // FIXME: on Windows a network share like
// \\server\share can be a root directory, although it cannot be the
// current directory. Handle this properly.
return pathname_.length() == 3 && IsAbsolutePath();
@@ -352,7 +350,7 @@ FilePath FilePath::RemoveTrailingPathSeparator() const {
// Removes any redundant separators that might be in the pathname.
// For example, "bar///foo" becomes "bar/foo". Does not eliminate other
// redundancies that might be in a pathname involving "." or "..".
-// TODO(wan@google.com): handle Windows network shares (e.g. \\server\share).
+// FIXME: handle Windows network shares (e.g. \\server\share).
void FilePath::Normalize() {
if (pathname_.c_str() == NULL) {
pathname_ = "";
diff --git a/security/nss/gtests/google_test/gtest/src/gtest-internal-inl.h b/security/nss/gtests/google_test/gtest/src/gtest-internal-inl.h
index 0ac7a109b..479004149 100644
--- a/security/nss/gtests/google_test/gtest/src/gtest-internal-inl.h
+++ b/security/nss/gtests/google_test/gtest/src/gtest-internal-inl.h
@@ -27,24 +27,13 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-// Utility functions and classes used by the Google C++ testing framework.
-//
-// Author: wan@google.com (Zhanyong Wan)
-//
+// Utility functions and classes used by the Google C++ testing framework.//
// This file contains purely Google Test's internal implementation. Please
// DO NOT #INCLUDE IT IN A USER PROGRAM.
#ifndef GTEST_SRC_GTEST_INTERNAL_INL_H_
#define GTEST_SRC_GTEST_INTERNAL_INL_H_
-// GTEST_IMPLEMENTATION_ is defined to 1 iff the current translation unit is
-// part of Google Test's implementation; otherwise it's undefined.
-#if !GTEST_IMPLEMENTATION_
-// If this file is included from the user's code, just say no.
-# error "gtest-internal-inl.h is part of Google Test's internal implementation."
-# error "It must not be included except by Google Test itself."
-#endif // GTEST_IMPLEMENTATION_
-
#ifndef _WIN32_WCE
# include <errno.h>
#endif // !_WIN32_WCE
@@ -67,9 +56,12 @@
# include <windows.h> // NOLINT
#endif // GTEST_OS_WINDOWS
-#include "gtest/gtest.h" // NOLINT
+#include "gtest/gtest.h"
#include "gtest/gtest-spi.h"
+GTEST_DISABLE_MSC_WARNINGS_PUSH_(4251 \
+/* class A needs to have dll-interface to be used by clients of class B */)
+
namespace testing {
// Declares the flags.
@@ -94,12 +86,14 @@ const char kFilterFlag[] = "filter";
const char kListTestsFlag[] = "list_tests";
const char kOutputFlag[] = "output";
const char kPrintTimeFlag[] = "print_time";
+const char kPrintUTF8Flag[] = "print_utf8";
const char kRandomSeedFlag[] = "random_seed";
const char kRepeatFlag[] = "repeat";
const char kShuffleFlag[] = "shuffle";
const char kStackTraceDepthFlag[] = "stack_trace_depth";
const char kStreamResultToFlag[] = "stream_result_to";
const char kThrowOnFailureFlag[] = "throw_on_failure";
+const char kFlagfileFlag[] = "flagfile";
// A valid random seed must be in [1, kMaxRandomSeed].
const int kMaxRandomSeed = 99999;
@@ -173,6 +167,7 @@ class GTestFlagSaver {
list_tests_ = GTEST_FLAG(list_tests);
output_ = GTEST_FLAG(output);
print_time_ = GTEST_FLAG(print_time);
+ print_utf8_ = GTEST_FLAG(print_utf8);
random_seed_ = GTEST_FLAG(random_seed);
repeat_ = GTEST_FLAG(repeat);
shuffle_ = GTEST_FLAG(shuffle);
@@ -194,6 +189,7 @@ class GTestFlagSaver {
GTEST_FLAG(list_tests) = list_tests_;
GTEST_FLAG(output) = output_;
GTEST_FLAG(print_time) = print_time_;
+ GTEST_FLAG(print_utf8) = print_utf8_;
GTEST_FLAG(random_seed) = random_seed_;
GTEST_FLAG(repeat) = repeat_;
GTEST_FLAG(shuffle) = shuffle_;
@@ -215,6 +211,7 @@ class GTestFlagSaver {
bool list_tests_;
std::string output_;
bool print_time_;
+ bool print_utf8_;
internal::Int32 random_seed_;
internal::Int32 repeat_;
bool shuffle_;
@@ -425,13 +422,17 @@ class OsStackTraceGetterInterface {
// in the trace.
// skip_count - the number of top frames to be skipped; doesn't count
// against max_depth.
- virtual string CurrentStackTrace(int max_depth, int skip_count) = 0;
+ virtual std::string CurrentStackTrace(int max_depth, int skip_count) = 0;
// UponLeavingGTest() should be called immediately before Google Test calls
// user code. It saves some information about the current stack that
// CurrentStackTrace() will use to find and hide Google Test stack frames.
virtual void UponLeavingGTest() = 0;
+ // This string is inserted in place of stack frames that are part of
+ // Google Test's implementation.
+ static const char* const kElidedFramesMarker;
+
private:
GTEST_DISALLOW_COPY_AND_ASSIGN_(OsStackTraceGetterInterface);
};
@@ -439,25 +440,21 @@ class OsStackTraceGetterInterface {
// A working implementation of the OsStackTraceGetterInterface interface.
class OsStackTraceGetter : public OsStackTraceGetterInterface {
public:
- OsStackTraceGetter() : caller_frame_(NULL) {}
+ OsStackTraceGetter() {}
- virtual string CurrentStackTrace(int max_depth, int skip_count)
- GTEST_LOCK_EXCLUDED_(mutex_);
-
- virtual void UponLeavingGTest() GTEST_LOCK_EXCLUDED_(mutex_);
-
- // This string is inserted in place of stack frames that are part of
- // Google Test's implementation.
- static const char* const kElidedFramesMarker;
+ virtual std::string CurrentStackTrace(int max_depth, int skip_count);
+ virtual void UponLeavingGTest();
private:
- Mutex mutex_; // protects all internal state
+#if GTEST_HAS_ABSL
+ Mutex mutex_; // Protects all internal state.
// We save the stack frame below the frame that calls user code.
// We do this because the address of the frame immediately below
// the user code changes between the call to UponLeavingGTest()
- // and any calls to CurrentStackTrace() from within the user code.
- void* caller_frame_;
+ // and any calls to the stack trace code from within the user code.
+ void* caller_frame_ = nullptr;
+#endif // GTEST_HAS_ABSL
GTEST_DISALLOW_COPY_AND_ASSIGN_(OsStackTraceGetter);
};
@@ -673,13 +670,11 @@ class GTEST_API_ UnitTestImpl {
tear_down_tc)->AddTestInfo(test_info);
}
-#if GTEST_HAS_PARAM_TEST
// Returns ParameterizedTestCaseRegistry object used to keep track of
// value-parameterized tests and instantiate and register them.
internal::ParameterizedTestCaseRegistry& parameterized_test_registry() {
return parameterized_test_registry_;
}
-#endif // GTEST_HAS_PARAM_TEST
// Sets the TestCase object for the test that's currently running.
void set_current_test_case(TestCase* a_current_test_case) {
@@ -854,14 +849,12 @@ class GTEST_API_ UnitTestImpl {
// shuffled order.
std::vector<int> test_case_indices_;
-#if GTEST_HAS_PARAM_TEST
// ParameterizedTestRegistry object used to register value-parameterized
// tests.
internal::ParameterizedTestCaseRegistry parameterized_test_registry_;
// Indicates whether RegisterParameterizedTests() has been called already.
bool parameterized_tests_registered_;
-#endif // GTEST_HAS_PARAM_TEST
// Index of the last death test case registered. Initially -1.
int last_death_test_case_;
@@ -1001,7 +994,7 @@ bool ParseNaturalNumber(const ::std::string& str, Integer* number) {
const bool parse_success = *end == '\0' && errno == 0;
- // TODO(vladl@google.com): Convert this to compile time assertion when it is
+ // FIXME: Convert this to compile time assertion when it is
// available.
GTEST_CHECK_(sizeof(Integer) <= sizeof(parsed));
@@ -1049,21 +1042,19 @@ class StreamingListener : public EmptyTestEventListener {
virtual ~AbstractSocketWriter() {}
// Sends a string to the socket.
- virtual void Send(const string& message) = 0;
+ virtual void Send(const std::string& message) = 0;
// Closes the socket.
virtual void CloseConnection() {}
// Sends a string and a newline to the socket.
- void SendLn(const string& message) {
- Send(message + "\n");
- }
+ void SendLn(const std::string& message) { Send(message + "\n"); }
};
// Concrete class for actually writing strings to a socket.
class SocketWriter : public AbstractSocketWriter {
public:
- SocketWriter(const string& host, const string& port)
+ SocketWriter(const std::string& host, const std::string& port)
: sockfd_(-1), host_name_(host), port_num_(port) {
MakeConnection();
}
@@ -1074,7 +1065,7 @@ class StreamingListener : public EmptyTestEventListener {
}
// Sends a string to the socket.
- virtual void Send(const string& message) {
+ virtual void Send(const std::string& message) {
GTEST_CHECK_(sockfd_ != -1)
<< "Send() can be called only when there is a connection.";
@@ -1100,17 +1091,19 @@ class StreamingListener : public EmptyTestEventListener {
}
int sockfd_; // socket file descriptor
- const string host_name_;
- const string port_num_;
+ const std::string host_name_;
+ const std::string port_num_;
GTEST_DISALLOW_COPY_AND_ASSIGN_(SocketWriter);
}; // class SocketWriter
// Escapes '=', '&', '%', and '\n' characters in str as "%xx".
- static string UrlEncode(const char* str);
+ static std::string UrlEncode(const char* str);
- StreamingListener(const string& host, const string& port)
- : socket_writer_(new SocketWriter(host, port)) { Start(); }
+ StreamingListener(const std::string& host, const std::string& port)
+ : socket_writer_(new SocketWriter(host, port)) {
+ Start();
+ }
explicit StreamingListener(AbstractSocketWriter* socket_writer)
: socket_writer_(socket_writer) { Start(); }
@@ -1171,13 +1164,13 @@ class StreamingListener : public EmptyTestEventListener {
private:
// Sends the given message and a newline to the socket.
- void SendLn(const string& message) { socket_writer_->SendLn(message); }
+ void SendLn(const std::string& message) { socket_writer_->SendLn(message); }
// Called at the start of streaming to notify the receiver what
// protocol we are using.
void Start() { SendLn("gtest_streaming_protocol_version=1.0"); }
- string FormatBool(bool value) { return value ? "1" : "0"; }
+ std::string FormatBool(bool value) { return value ? "1" : "0"; }
const scoped_ptr<AbstractSocketWriter> socket_writer_;
@@ -1189,4 +1182,6 @@ class StreamingListener : public EmptyTestEventListener {
} // namespace internal
} // namespace testing
+GTEST_DISABLE_MSC_WARNINGS_POP_() // 4251
+
#endif // GTEST_SRC_GTEST_INTERNAL_INL_H_
diff --git a/security/nss/gtests/google_test/gtest/src/gtest-port.cc b/security/nss/gtests/google_test/gtest/src/gtest-port.cc
index b032745b4..fecb5d11c 100644
--- a/security/nss/gtests/google_test/gtest/src/gtest-port.cc
+++ b/security/nss/gtests/google_test/gtest/src/gtest-port.cc
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
#include "gtest/internal/gtest-port.h"
@@ -35,6 +34,7 @@
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
+#include <fstream>
#if GTEST_OS_WINDOWS
# include <windows.h>
@@ -57,19 +57,21 @@
# include <sys/procfs.h>
#endif // GTEST_OS_QNX
+#if GTEST_OS_AIX
+# include <procinfo.h>
+# include <sys/types.h>
+#endif // GTEST_OS_AIX
+
+#if GTEST_OS_FUCHSIA
+# include <zircon/process.h>
+# include <zircon/syscalls.h>
+#endif // GTEST_OS_FUCHSIA
+
#include "gtest/gtest-spi.h"
#include "gtest/gtest-message.h"
#include "gtest/internal/gtest-internal.h"
#include "gtest/internal/gtest-string.h"
-
-// Indicates that this translation unit is part of Google Test's
-// implementation. It must come before gtest-internal-inl.h is
-// included, or there will be a compiler error. This trick exists to
-// prevent the accidental inclusion of gtest-internal-inl.h in the
-// user's code.
-#define GTEST_IMPLEMENTATION_ 1
#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
namespace testing {
namespace internal {
@@ -83,10 +85,31 @@ const int kStdOutFileno = STDOUT_FILENO;
const int kStdErrFileno = STDERR_FILENO;
#endif // _MSC_VER
-#if GTEST_OS_MAC
+#if GTEST_OS_LINUX
+
+namespace {
+template <typename T>
+T ReadProcFileField(const std::string& filename, int field) {
+ std::string dummy;
+ std::ifstream file(filename.c_str());
+ while (field-- > 0) {
+ file >> dummy;
+ }
+ T output = 0;
+ file >> output;
+ return output;
+}
+} // namespace
+
+// Returns the number of active threads, or 0 when there is an error.
+size_t GetThreadCount() {
+ const std::string filename =
+ (Message() << "/proc/" << getpid() << "/stat").GetString();
+ return ReadProcFileField<int>(filename, 19);
+}
+
+#elif GTEST_OS_MAC
-// Returns the number of threads running in the process, or 0 to indicate that
-// we cannot detect it.
size_t GetThreadCount() {
const task_t task = mach_task_self();
mach_msg_type_number_t thread_count;
@@ -124,6 +147,38 @@ size_t GetThreadCount() {
}
}
+#elif GTEST_OS_AIX
+
+size_t GetThreadCount() {
+ struct procentry64 entry;
+ pid_t pid = getpid();
+ int status = getprocs64(&entry, sizeof(entry), NULL, 0, &pid, 1);
+ if (status == 1) {
+ return entry.pi_thcount;
+ } else {
+ return 0;
+ }
+}
+
+#elif GTEST_OS_FUCHSIA
+
+size_t GetThreadCount() {
+ int dummy_buffer;
+ size_t avail;
+ zx_status_t status = zx_object_get_info(
+ zx_process_self(),
+ ZX_INFO_PROCESS_THREADS,
+ &dummy_buffer,
+ 0,
+ nullptr,
+ &avail);
+ if (status == ZX_OK) {
+ return avail;
+ } else {
+ return 0;
+ }
+}
+
#else
size_t GetThreadCount() {
@@ -132,7 +187,7 @@ size_t GetThreadCount() {
return 0;
}
-#endif // GTEST_OS_MAC
+#endif // GTEST_OS_LINUX
#if GTEST_IS_THREADSAFE && GTEST_OS_WINDOWS
@@ -196,8 +251,8 @@ void Notification::WaitForNotification() {
}
Mutex::Mutex()
- : type_(kDynamic),
- owner_thread_id_(0),
+ : owner_thread_id_(0),
+ type_(kDynamic),
critical_section_init_phase_(0),
critical_section_(new CRITICAL_SECTION) {
::InitializeCriticalSection(critical_section_);
@@ -206,9 +261,9 @@ Mutex::Mutex()
Mutex::~Mutex() {
// Static mutexes are leaked intentionally. It is not thread-safe to try
// to clean them up.
- // TODO(yukawa): Switch to Slim Reader/Writer (SRW) Locks, which requires
+ // FIXME: Switch to Slim Reader/Writer (SRW) Locks, which requires
// nothing to clean it up but is available only on Vista and later.
- // http://msdn.microsoft.com/en-us/library/windows/desktop/aa904937.aspx
+ // https://docs.microsoft.com/en-us/windows/desktop/Sync/slim-reader-writer--srw--locks
if (type_ == kDynamic) {
::DeleteCriticalSection(critical_section_);
delete critical_section_;
@@ -239,6 +294,43 @@ void Mutex::AssertHeld() {
<< "The current thread is not holding the mutex @" << this;
}
+namespace {
+
+// Use the RAII idiom to flag mem allocs that are intentionally never
+// deallocated. The motivation is to silence the false positive mem leaks
+// that are reported by the debug version of MS's CRT which can only detect
+// if an alloc is missing a matching deallocation.
+// Example:
+// MemoryIsNotDeallocated memory_is_not_deallocated;
+// critical_section_ = new CRITICAL_SECTION;
+//
+class MemoryIsNotDeallocated
+{
+ public:
+ MemoryIsNotDeallocated() : old_crtdbg_flag_(0) {
+#ifdef _MSC_VER
+ old_crtdbg_flag_ = _CrtSetDbgFlag(_CRTDBG_REPORT_FLAG);
+ // Set heap allocation block type to _IGNORE_BLOCK so that MS debug CRT
+ // doesn't report mem leak if there's no matching deallocation.
+ _CrtSetDbgFlag(old_crtdbg_flag_ & ~_CRTDBG_ALLOC_MEM_DF);
+#endif // _MSC_VER
+ }
+
+ ~MemoryIsNotDeallocated() {
+#ifdef _MSC_VER
+ // Restore the original _CRTDBG_ALLOC_MEM_DF flag
+ _CrtSetDbgFlag(old_crtdbg_flag_);
+#endif // _MSC_VER
+ }
+
+ private:
+ int old_crtdbg_flag_;
+
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(MemoryIsNotDeallocated);
+};
+
+} // namespace
+
// Initializes owner_thread_id_ and critical_section_ in static mutexes.
void Mutex::ThreadSafeLazyInit() {
// Dynamic mutexes are initialized in the constructor.
@@ -249,7 +341,11 @@ void Mutex::ThreadSafeLazyInit() {
// If critical_section_init_phase_ was 0 before the exchange, we
// are the first to test it and need to perform the initialization.
owner_thread_id_ = 0;
- critical_section_ = new CRITICAL_SECTION;
+ {
+ // Use RAII to flag that following mem alloc is never deallocated.
+ MemoryIsNotDeallocated memory_is_not_deallocated;
+ critical_section_ = new CRITICAL_SECTION;
+ }
::InitializeCriticalSection(critical_section_);
// Updates the critical_section_init_phase_ to 2 to signal
// initialization complete.
@@ -288,7 +384,7 @@ class ThreadWithParamSupport : public ThreadWithParamBase {
Notification* thread_can_start) {
ThreadMainParam* param = new ThreadMainParam(runnable, thread_can_start);
DWORD thread_id;
- // TODO(yukawa): Consider to use _beginthreadex instead.
+ // FIXME: Consider to use _beginthreadex instead.
HANDLE thread_handle = ::CreateThread(
NULL, // Default security.
0, // Default stack size.
@@ -456,7 +552,7 @@ class ThreadLocalRegistryImpl {
FALSE,
thread_id);
GTEST_CHECK_(thread != NULL);
- // We need to to pass a valid thread ID pointer into CreateThread for it
+ // We need to pass a valid thread ID pointer into CreateThread for it
// to work correctly under Win98.
DWORD watcher_thread_id;
HANDLE watcher_thread = ::CreateThread(
@@ -491,7 +587,8 @@ class ThreadLocalRegistryImpl {
// Returns map of thread local instances.
static ThreadIdToThreadLocals* GetThreadLocalsMapLocked() {
mutex_.AssertHeld();
- static ThreadIdToThreadLocals* map = new ThreadIdToThreadLocals;
+ MemoryIsNotDeallocated memory_is_not_deallocated;
+ static ThreadIdToThreadLocals* map = new ThreadIdToThreadLocals();
return map;
}
@@ -631,7 +728,7 @@ bool AtomMatchesChar(bool escaped, char pattern_char, char ch) {
}
// Helper function used by ValidateRegex() to format error messages.
-std::string FormatRegexSyntaxError(const char* regex, int index) {
+static std::string FormatRegexSyntaxError(const char* regex, int index) {
return (Message() << "Syntax error at index " << index
<< " in simple regular expression \"" << regex << "\": ").GetString();
}
@@ -640,7 +737,7 @@ std::string FormatRegexSyntaxError(const char* regex, int index) {
// otherwise returns true.
bool ValidateRegex(const char* regex) {
if (regex == NULL) {
- // TODO(wan@google.com): fix the source file location in the
+ // FIXME: fix the source file location in the
// assertion failures to match where the regex is used in user
// code.
ADD_FAILURE() << "NULL is not a valid simple regular expression.";
@@ -865,7 +962,6 @@ GTEST_API_ ::std::string FormatCompilerIndependentFileLocation(
return file_name + ":" + StreamableToString(line);
}
-
GTestLog::GTestLog(GTestLogSeverity severity, const char* file, int line)
: severity_(severity) {
const char* const marker =
@@ -884,9 +980,10 @@ GTestLog::~GTestLog() {
posix::Abort();
}
}
+
// Disable Microsoft deprecation warnings for POSIX functions called from
// this class (creat, dup, dup2, and close)
-GTEST_DISABLE_MSC_WARNINGS_PUSH_(4996)
+GTEST_DISABLE_MSC_DEPRECATED_PUSH_()
#if GTEST_HAS_STREAM_REDIRECTION
@@ -962,12 +1059,6 @@ class CapturedStream {
}
private:
- // Reads the entire content of a file as an std::string.
- static std::string ReadEntireFile(FILE* file);
-
- // Returns the size (in bytes) of a file.
- static size_t GetFileSize(FILE* file);
-
const int fd_; // A stream to capture.
int uncaptured_fd_;
// Name of the temporary file holding the stderr output.
@@ -976,42 +1067,14 @@ class CapturedStream {
GTEST_DISALLOW_COPY_AND_ASSIGN_(CapturedStream);
};
-// Returns the size (in bytes) of a file.
-size_t CapturedStream::GetFileSize(FILE* file) {
- fseek(file, 0, SEEK_END);
- return static_cast<size_t>(ftell(file));
-}
-
-// Reads the entire content of a file as a string.
-std::string CapturedStream::ReadEntireFile(FILE* file) {
- const size_t file_size = GetFileSize(file);
- char* const buffer = new char[file_size];
-
- size_t bytes_last_read = 0; // # of bytes read in the last fread()
- size_t bytes_read = 0; // # of bytes read so far
-
- fseek(file, 0, SEEK_SET);
-
- // Keeps reading the file until we cannot read further or the
- // pre-determined file size is reached.
- do {
- bytes_last_read = fread(buffer+bytes_read, 1, file_size-bytes_read, file);
- bytes_read += bytes_last_read;
- } while (bytes_last_read > 0 && bytes_read < file_size);
-
- const std::string content(buffer, bytes_read);
- delete[] buffer;
-
- return content;
-}
-
-GTEST_DISABLE_MSC_WARNINGS_POP_()
+GTEST_DISABLE_MSC_DEPRECATED_POP_()
static CapturedStream* g_captured_stderr = NULL;
static CapturedStream* g_captured_stdout = NULL;
// Starts capturing an output stream (stdout/stderr).
-void CaptureStream(int fd, const char* stream_name, CapturedStream** stream) {
+static void CaptureStream(int fd, const char* stream_name,
+ CapturedStream** stream) {
if (*stream != NULL) {
GTEST_LOG_(FATAL) << "Only one " << stream_name
<< " capturer can exist at a time.";
@@ -1020,7 +1083,7 @@ void CaptureStream(int fd, const char* stream_name, CapturedStream** stream) {
}
// Stops capturing the output stream and returns the captured string.
-std::string GetCapturedStream(CapturedStream** captured_stream) {
+static std::string GetCapturedStream(CapturedStream** captured_stream) {
const std::string content = (*captured_stream)->GetCapturedString();
delete *captured_stream;
@@ -1051,25 +1114,67 @@ std::string GetCapturedStderr() {
#endif // GTEST_HAS_STREAM_REDIRECTION
-#if GTEST_HAS_DEATH_TEST
-// A copy of all command line arguments. Set by InitGoogleTest().
-::std::vector<testing::internal::string> g_argvs;
-static const ::std::vector<testing::internal::string>* g_injected_test_argvs =
- NULL; // Owned.
-void SetInjectableArgvs(const ::std::vector<testing::internal::string>* argvs) {
- if (g_injected_test_argvs != argvs)
- delete g_injected_test_argvs;
- g_injected_test_argvs = argvs;
+
+size_t GetFileSize(FILE* file) {
+ fseek(file, 0, SEEK_END);
+ return static_cast<size_t>(ftell(file));
}
-const ::std::vector<testing::internal::string>& GetInjectableArgvs() {
+std::string ReadEntireFile(FILE* file) {
+ const size_t file_size = GetFileSize(file);
+ char* const buffer = new char[file_size];
+
+ size_t bytes_last_read = 0; // # of bytes read in the last fread()
+ size_t bytes_read = 0; // # of bytes read so far
+
+ fseek(file, 0, SEEK_SET);
+
+ // Keeps reading the file until we cannot read further or the
+ // pre-determined file size is reached.
+ do {
+ bytes_last_read = fread(buffer+bytes_read, 1, file_size-bytes_read, file);
+ bytes_read += bytes_last_read;
+ } while (bytes_last_read > 0 && bytes_read < file_size);
+
+ const std::string content(buffer, bytes_read);
+ delete[] buffer;
+
+ return content;
+}
+
+#if GTEST_HAS_DEATH_TEST
+static const std::vector<std::string>* g_injected_test_argvs = NULL; // Owned.
+
+std::vector<std::string> GetInjectableArgvs() {
if (g_injected_test_argvs != NULL) {
return *g_injected_test_argvs;
}
- return g_argvs;
+ return GetArgvs();
+}
+
+void SetInjectableArgvs(const std::vector<std::string>* new_argvs) {
+ if (g_injected_test_argvs != new_argvs) delete g_injected_test_argvs;
+ g_injected_test_argvs = new_argvs;
+}
+
+void SetInjectableArgvs(const std::vector<std::string>& new_argvs) {
+ SetInjectableArgvs(
+ new std::vector<std::string>(new_argvs.begin(), new_argvs.end()));
+}
+
+#if GTEST_HAS_GLOBAL_STRING
+void SetInjectableArgvs(const std::vector< ::string>& new_argvs) {
+ SetInjectableArgvs(
+ new std::vector<std::string>(new_argvs.begin(), new_argvs.end()));
+}
+#endif // GTEST_HAS_GLOBAL_STRING
+
+void ClearInjectableArgvs() {
+ delete g_injected_test_argvs;
+ g_injected_test_argvs = NULL;
}
#endif // GTEST_HAS_DEATH_TEST
@@ -1143,16 +1248,23 @@ bool ParseInt32(const Message& src_text, const char* str, Int32* value) {
//
// The value is considered true iff it's not "0".
bool BoolFromGTestEnv(const char* flag, bool default_value) {
+#if defined(GTEST_GET_BOOL_FROM_ENV_)
+ return GTEST_GET_BOOL_FROM_ENV_(flag, default_value);
+#else
const std::string env_var = FlagToEnvVar(flag);
const char* const string_value = posix::GetEnv(env_var.c_str());
return string_value == NULL ?
default_value : strcmp(string_value, "0") != 0;
+#endif // defined(GTEST_GET_BOOL_FROM_ENV_)
}
// Reads and returns a 32-bit integer stored in the environment
// variable corresponding to the given flag; if it isn't set or
// doesn't represent a valid 32-bit integer, returns default_value.
Int32 Int32FromGTestEnv(const char* flag, Int32 default_value) {
+#if defined(GTEST_GET_INT32_FROM_ENV_)
+ return GTEST_GET_INT32_FROM_ENV_(flag, default_value);
+#else
const std::string env_var = FlagToEnvVar(flag);
const char* const string_value = posix::GetEnv(env_var.c_str());
if (string_value == NULL) {
@@ -1170,14 +1282,36 @@ Int32 Int32FromGTestEnv(const char* flag, Int32 default_value) {
}
return result;
+#endif // defined(GTEST_GET_INT32_FROM_ENV_)
+}
+
+// As a special case for the 'output' flag, if GTEST_OUTPUT is not
+// set, we look for XML_OUTPUT_FILE, which is set by the Bazel build
+// system. The value of XML_OUTPUT_FILE is a filename without the
+// "xml:" prefix of GTEST_OUTPUT.
+// Note that this is meant to be called at the call site so it does
+// not check that the flag is 'output'
+// In essence this checks an env variable called XML_OUTPUT_FILE
+// and if it is set we prepend "xml:" to its value, if it not set we return ""
+std::string OutputFlagAlsoCheckEnvVar(){
+ std::string default_value_for_output_flag = "";
+ const char* xml_output_file_env = posix::GetEnv("XML_OUTPUT_FILE");
+ if (NULL != xml_output_file_env) {
+ default_value_for_output_flag = std::string("xml:") + xml_output_file_env;
+ }
+ return default_value_for_output_flag;
}
// Reads and returns the string environment variable corresponding to
// the given flag; if it's not set, returns default_value.
const char* StringFromGTestEnv(const char* flag, const char* default_value) {
+#if defined(GTEST_GET_STRING_FROM_ENV_)
+ return GTEST_GET_STRING_FROM_ENV_(flag, default_value);
+#else
const std::string env_var = FlagToEnvVar(flag);
const char* const value = posix::GetEnv(env_var.c_str());
return value == NULL ? default_value : value;
+#endif // defined(GTEST_GET_STRING_FROM_ENV_)
}
} // namespace internal
diff --git a/security/nss/gtests/google_test/gtest/src/gtest-printers.cc b/security/nss/gtests/google_test/gtest/src/gtest-printers.cc
index a2df412f8..de4d245e9 100644
--- a/security/nss/gtests/google_test/gtest/src/gtest-printers.cc
+++ b/security/nss/gtests/google_test/gtest/src/gtest-printers.cc
@@ -26,10 +26,9 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-// Google Test - The Google C++ Testing Framework
+
+// Google Test - The Google C++ Testing and Mocking Framework
//
// This file implements a universal value printer that can print a
// value of any type T:
@@ -43,12 +42,13 @@
// defines Foo.
#include "gtest/gtest-printers.h"
-#include <ctype.h>
#include <stdio.h>
+#include <cctype>
#include <cwchar>
#include <ostream> // NOLINT
#include <string>
#include "gtest/internal/gtest-port.h"
+#include "src/gtest-internal-inl.h"
namespace testing {
@@ -89,7 +89,7 @@ void PrintBytesInObjectToImpl(const unsigned char* obj_bytes, size_t count,
// If the object size is bigger than kThreshold, we'll have to omit
// some details by printing only the first and the last kChunkSize
// bytes.
- // TODO(wan): let the user control the threshold using a flag.
+ // FIXME: let the user control the threshold using a flag.
if (count < kThreshold) {
PrintByteSegmentInObjectTo(obj_bytes, 0, count, os);
} else {
@@ -123,7 +123,7 @@ namespace internal {
// Depending on the value of a char (or wchar_t), we print it in one
// of three formats:
// - as is if it's a printable ASCII (e.g. 'a', '2', ' '),
-// - as a hexidecimal escape sequence (e.g. '\x7F'), or
+// - as a hexadecimal escape sequence (e.g. '\x7F'), or
// - as a special escape sequence (e.g. '\r', '\n').
enum CharFormat {
kAsIs,
@@ -180,7 +180,10 @@ static CharFormat PrintAsCharLiteralTo(Char c, ostream* os) {
*os << static_cast<char>(c);
return kAsIs;
} else {
- *os << "\\x" + String::FormatHexInt(static_cast<UnsignedChar>(c));
+ ostream::fmtflags flags = os->flags();
+ *os << "\\x" << std::hex << std::uppercase
+ << static_cast<int>(static_cast<UnsignedChar>(c));
+ os->flags(flags);
return kHexEscape;
}
}
@@ -227,7 +230,7 @@ void PrintCharAndCodeTo(Char c, ostream* os) {
return;
*os << " (" << static_cast<int>(c);
- // For more convenience, we print c's code again in hexidecimal,
+ // For more convenience, we print c's code again in hexadecimal,
// unless c was already printed in the form '\x##' or the code is in
// [1, 9].
if (format == kHexEscape || (1 <= c && c <= 9)) {
@@ -259,11 +262,12 @@ template <typename CharType>
GTEST_ATTRIBUTE_NO_SANITIZE_MEMORY_
GTEST_ATTRIBUTE_NO_SANITIZE_ADDRESS_
GTEST_ATTRIBUTE_NO_SANITIZE_THREAD_
-static void PrintCharsAsStringTo(
+static CharFormat PrintCharsAsStringTo(
const CharType* begin, size_t len, ostream* os) {
const char* const kQuoteBegin = sizeof(CharType) == 1 ? "\"" : "L\"";
*os << kQuoteBegin;
bool is_previous_hex = false;
+ CharFormat print_format = kAsIs;
for (size_t index = 0; index < len; ++index) {
const CharType cur = begin[index];
if (is_previous_hex && IsXDigit(cur)) {
@@ -273,8 +277,13 @@ static void PrintCharsAsStringTo(
*os << "\" " << kQuoteBegin;
}
is_previous_hex = PrintAsStringLiteralTo(cur, os) == kHexEscape;
+ // Remember if any characters required hex escaping.
+ if (is_previous_hex) {
+ print_format = kHexEscape;
+ }
}
*os << "\"";
+ return print_format;
}
// Prints a (const) char/wchar_t array of 'len' elements, starting at address
@@ -344,15 +353,90 @@ void PrintTo(const wchar_t* s, ostream* os) {
}
#endif // wchar_t is native
+namespace {
+
+bool ContainsUnprintableControlCodes(const char* str, size_t length) {
+ const unsigned char *s = reinterpret_cast<const unsigned char *>(str);
+
+ for (size_t i = 0; i < length; i++) {
+ unsigned char ch = *s++;
+ if (std::iscntrl(ch)) {
+ switch (ch) {
+ case '\t':
+ case '\n':
+ case '\r':
+ break;
+ default:
+ return true;
+ }
+ }
+ }
+ return false;
+}
+
+bool IsUTF8TrailByte(unsigned char t) { return 0x80 <= t && t<= 0xbf; }
+
+bool IsValidUTF8(const char* str, size_t length) {
+ const unsigned char *s = reinterpret_cast<const unsigned char *>(str);
+
+ for (size_t i = 0; i < length;) {
+ unsigned char lead = s[i++];
+
+ if (lead <= 0x7f) {
+ continue; // single-byte character (ASCII) 0..7F
+ }
+ if (lead < 0xc2) {
+ return false; // trail byte or non-shortest form
+ } else if (lead <= 0xdf && (i + 1) <= length && IsUTF8TrailByte(s[i])) {
+ ++i; // 2-byte character
+ } else if (0xe0 <= lead && lead <= 0xef && (i + 2) <= length &&
+ IsUTF8TrailByte(s[i]) &&
+ IsUTF8TrailByte(s[i + 1]) &&
+ // check for non-shortest form and surrogate
+ (lead != 0xe0 || s[i] >= 0xa0) &&
+ (lead != 0xed || s[i] < 0xa0)) {
+ i += 2; // 3-byte character
+ } else if (0xf0 <= lead && lead <= 0xf4 && (i + 3) <= length &&
+ IsUTF8TrailByte(s[i]) &&
+ IsUTF8TrailByte(s[i + 1]) &&
+ IsUTF8TrailByte(s[i + 2]) &&
+ // check for non-shortest form
+ (lead != 0xf0 || s[i] >= 0x90) &&
+ (lead != 0xf4 || s[i] < 0x90)) {
+ i += 3; // 4-byte character
+ } else {
+ return false;
+ }
+ }
+ return true;
+}
+
+void ConditionalPrintAsText(const char* str, size_t length, ostream* os) {
+ if (!ContainsUnprintableControlCodes(str, length) &&
+ IsValidUTF8(str, length)) {
+ *os << "\n As Text: \"" << str << "\"";
+ }
+}
+
+} // anonymous namespace
+
// Prints a ::string object.
#if GTEST_HAS_GLOBAL_STRING
void PrintStringTo(const ::string& s, ostream* os) {
- PrintCharsAsStringTo(s.data(), s.size(), os);
+ if (PrintCharsAsStringTo(s.data(), s.size(), os) == kHexEscape) {
+ if (GTEST_FLAG(print_utf8)) {
+ ConditionalPrintAsText(s.data(), s.size(), os);
+ }
+ }
}
#endif // GTEST_HAS_GLOBAL_STRING
void PrintStringTo(const ::std::string& s, ostream* os) {
- PrintCharsAsStringTo(s.data(), s.size(), os);
+ if (PrintCharsAsStringTo(s.data(), s.size(), os) == kHexEscape) {
+ if (GTEST_FLAG(print_utf8)) {
+ ConditionalPrintAsText(s.data(), s.size(), os);
+ }
+ }
}
// Prints a ::wstring object.
diff --git a/security/nss/gtests/google_test/gtest/src/gtest-test-part.cc b/security/nss/gtests/google_test/gtest/src/gtest-test-part.cc
index fb0e35425..c88860d92 100644
--- a/security/nss/gtests/google_test/gtest/src/gtest-test-part.cc
+++ b/security/nss/gtests/google_test/gtest/src/gtest-test-part.cc
@@ -26,21 +26,12 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
//
-// Author: mheule@google.com (Markus Heule)
-//
-// The Google C++ Testing Framework (Google Test)
+// The Google C++ Testing and Mocking Framework (Google Test)
#include "gtest/gtest-test-part.h"
-
-// Indicates that this translation unit is part of Google Test's
-// implementation. It must come before gtest-internal-inl.h is
-// included, or there will be a compiler error. This trick exists to
-// prevent the accidental inclusion of gtest-internal-inl.h in the
-// user's code.
-#define GTEST_IMPLEMENTATION_ 1
#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
namespace testing {
diff --git a/security/nss/gtests/google_test/gtest/src/gtest-typed-test.cc b/security/nss/gtests/google_test/gtest/src/gtest-typed-test.cc
index f0079f407..1dc2ad38b 100644
--- a/security/nss/gtests/google_test/gtest/src/gtest-typed-test.cc
+++ b/security/nss/gtests/google_test/gtest/src/gtest-typed-test.cc
@@ -26,10 +26,10 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
#include "gtest/gtest-typed-test.h"
+
#include "gtest/gtest.h"
namespace testing {
@@ -45,33 +45,41 @@ static const char* SkipSpaces(const char* str) {
return str;
}
+static std::vector<std::string> SplitIntoTestNames(const char* src) {
+ std::vector<std::string> name_vec;
+ src = SkipSpaces(src);
+ for (; src != NULL; src = SkipComma(src)) {
+ name_vec.push_back(StripTrailingSpaces(GetPrefixUntilComma(src)));
+ }
+ return name_vec;
+}
+
// Verifies that registered_tests match the test names in
-// defined_test_names_; returns registered_tests if successful, or
+// registered_tests_; returns registered_tests if successful, or
// aborts the program otherwise.
const char* TypedTestCasePState::VerifyRegisteredTestNames(
const char* file, int line, const char* registered_tests) {
- typedef ::std::set<const char*>::const_iterator DefinedTestIter;
+ typedef RegisteredTestsMap::const_iterator RegisteredTestIter;
registered_ = true;
- // Skip initial whitespace in registered_tests since some
- // preprocessors prefix stringizied literals with whitespace.
- registered_tests = SkipSpaces(registered_tests);
+ std::vector<std::string> name_vec = SplitIntoTestNames(registered_tests);
Message errors;
- ::std::set<std::string> tests;
- for (const char* names = registered_tests; names != NULL;
- names = SkipComma(names)) {
- const std::string name = GetPrefixUntilComma(names);
+
+ std::set<std::string> tests;
+ for (std::vector<std::string>::const_iterator name_it = name_vec.begin();
+ name_it != name_vec.end(); ++name_it) {
+ const std::string& name = *name_it;
if (tests.count(name) != 0) {
errors << "Test " << name << " is listed more than once.\n";
continue;
}
bool found = false;
- for (DefinedTestIter it = defined_test_names_.begin();
- it != defined_test_names_.end();
+ for (RegisteredTestIter it = registered_tests_.begin();
+ it != registered_tests_.end();
++it) {
- if (name == *it) {
+ if (name == it->first) {
found = true;
break;
}
@@ -85,11 +93,11 @@ const char* TypedTestCasePState::VerifyRegisteredTestNames(
}
}
- for (DefinedTestIter it = defined_test_names_.begin();
- it != defined_test_names_.end();
+ for (RegisteredTestIter it = registered_tests_.begin();
+ it != registered_tests_.end();
++it) {
- if (tests.count(*it) == 0) {
- errors << "You forgot to list test " << *it << ".\n";
+ if (tests.count(it->first) == 0) {
+ errors << "You forgot to list test " << it->first << ".\n";
}
}
diff --git a/security/nss/gtests/google_test/gtest/src/gtest.cc b/security/nss/gtests/google_test/gtest/src/gtest.cc
index e4f3df3ea..96b07c68a 100644
--- a/security/nss/gtests/google_test/gtest/src/gtest.cc
+++ b/security/nss/gtests/google_test/gtest/src/gtest.cc
@@ -26,12 +26,12 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
//
-// Author: wan@google.com (Zhanyong Wan)
-//
-// The Google C++ Testing Framework (Google Test)
+// The Google C++ Testing and Mocking Framework (Google Test)
#include "gtest/gtest.h"
+#include "gtest/internal/custom/gtest.h"
#include "gtest/gtest-spi.h"
#include <ctype.h>
@@ -54,7 +54,7 @@
#if GTEST_OS_LINUX
-// TODO(kenton@google.com): Use autoconf to detect availability of
+// FIXME: Use autoconf to detect availability of
// gettimeofday().
# define GTEST_HAS_GETTIMEOFDAY_ 1
@@ -93,9 +93,9 @@
# if GTEST_OS_WINDOWS_MINGW
// MinGW has gettimeofday() but not _ftime64().
-// TODO(kenton@google.com): Use autoconf to detect availability of
+// FIXME: Use autoconf to detect availability of
// gettimeofday().
-// TODO(kenton@google.com): There are other ways to get the time on
+// FIXME: There are other ways to get the time on
// Windows, like GetTickCount() or GetSystemTimeAsFileTime(). MinGW
// supports these. consider using them instead.
# define GTEST_HAS_GETTIMEOFDAY_ 1
@@ -110,7 +110,7 @@
#else
// Assume other platforms have gettimeofday().
-// TODO(kenton@google.com): Use autoconf to detect availability of
+// FIXME: Use autoconf to detect availability of
// gettimeofday().
# define GTEST_HAS_GETTIMEOFDAY_ 1
@@ -128,21 +128,29 @@
#if GTEST_CAN_STREAM_RESULTS_
# include <arpa/inet.h> // NOLINT
# include <netdb.h> // NOLINT
+# include <sys/socket.h> // NOLINT
+# include <sys/types.h> // NOLINT
#endif
-// Indicates that this translation unit is part of Google Test's
-// implementation. It must come before gtest-internal-inl.h is
-// included, or there will be a compiler error. This trick is to
-// prevent a user from accidentally including gtest-internal-inl.h in
-// his code.
-#define GTEST_IMPLEMENTATION_ 1
#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
#if GTEST_OS_WINDOWS
# define vsnprintf _vsnprintf
#endif // GTEST_OS_WINDOWS
+#if GTEST_OS_MAC
+#ifndef GTEST_OS_IOS
+#include <crt_externs.h>
+#endif
+#endif
+
+#if GTEST_HAS_ABSL
+#include "absl/debugging/failure_signal_handler.h"
+#include "absl/debugging/stacktrace.h"
+#include "absl/debugging/symbolize.h"
+#include "absl/strings/str_cat.h"
+#endif // GTEST_HAS_ABSL
+
namespace testing {
using internal::CountIf;
@@ -164,8 +172,10 @@ static const char kDeathTestCaseFilter[] = "*DeathTest:*DeathTest/*";
// A test filter that matches everything.
static const char kUniversalFilter[] = "*";
-// The default output file for XML output.
-static const char kDefaultOutputFile[] = "test_detail.xml";
+// The default output format.
+static const char kDefaultOutputFormat[] = "xml";
+// The default output file.
+static const char kDefaultOutputFile[] = "test_detail";
// The environment variable name for the test shard index.
static const char kTestShardIndex[] = "GTEST_SHARD_INDEX";
@@ -184,9 +194,31 @@ const char kStackTraceMarker[] = "\nStack trace:\n";
// specified on the command line.
bool g_help_flag = false;
+// Utilty function to Open File for Writing
+static FILE* OpenFileForWriting(const std::string& output_file) {
+ FILE* fileout = NULL;
+ FilePath output_file_path(output_file);
+ FilePath output_dir(output_file_path.RemoveFileName());
+
+ if (output_dir.CreateDirectoriesRecursively()) {
+ fileout = posix::FOpen(output_file.c_str(), "w");
+ }
+ if (fileout == NULL) {
+ GTEST_LOG_(FATAL) << "Unable to open file \"" << output_file << "\"";
+ }
+ return fileout;
+}
+
} // namespace internal
+// Bazel passes in the argument to '--test_filter' via the TESTBRIDGE_TEST_ONLY
+// environment variable.
static const char* GetDefaultFilter() {
+ const char* const testbridge_test_only =
+ internal::posix::GetEnv("TESTBRIDGE_TEST_ONLY");
+ if (testbridge_test_only != NULL) {
+ return testbridge_test_only;
+ }
return kUniversalFilter;
}
@@ -223,15 +255,28 @@ GTEST_DEFINE_string_(
"exclude). A test is run if it matches one of the positive "
"patterns and does not match any of the negative patterns.");
+GTEST_DEFINE_bool_(
+ install_failure_signal_handler,
+ internal::BoolFromGTestEnv("install_failure_signal_handler", false),
+ "If true and supported on the current platform, " GTEST_NAME_ " should "
+ "install a signal handler that dumps debugging information when fatal "
+ "signals are raised.");
+
GTEST_DEFINE_bool_(list_tests, false,
"List all tests without running them.");
+// The net priority order after flag processing is thus:
+// --gtest_output command line flag
+// GTEST_OUTPUT environment variable
+// XML_OUTPUT_FILE environment variable
+// ''
GTEST_DEFINE_string_(
output,
- internal::StringFromGTestEnv("output", ""),
- "A format (currently must be \"xml\"), optionally followed "
- "by a colon and an output file name or directory. A directory "
- "is indicated by a trailing pathname separator. "
+ internal::StringFromGTestEnv("output",
+ internal::OutputFlagAlsoCheckEnvVar().c_str()),
+ "A format (defaults to \"xml\" but can be specified to be \"json\"), "
+ "optionally followed by a colon and an output file name or directory. "
+ "A directory is indicated by a trailing pathname separator. "
"Examples: \"xml:filename.xml\", \"xml::directoryname/\". "
"If a directory is specified, output files will be created "
"within that directory, with file-names based on the test "
@@ -244,6 +289,12 @@ GTEST_DEFINE_bool_(
"True iff " GTEST_NAME_
" should display elapsed time in text output.");
+GTEST_DEFINE_bool_(
+ print_utf8,
+ internal::BoolFromGTestEnv("print_utf8", true),
+ "True iff " GTEST_NAME_
+ " prints UTF8 characters as text.");
+
GTEST_DEFINE_int32_(
random_seed,
internal::Int32FromGTestEnv("random_seed", 0),
@@ -285,7 +336,14 @@ GTEST_DEFINE_bool_(
internal::BoolFromGTestEnv("throw_on_failure", false),
"When this flag is specified, a failed assertion will throw an exception "
"if exceptions are enabled or exit the program with a non-zero code "
- "otherwise.");
+ "otherwise. For use with an external test framework.");
+
+#if GTEST_USE_OWN_FLAGFILE_FLAG_
+GTEST_DEFINE_string_(
+ flagfile,
+ internal::StringFromGTestEnv("flagfile", ""),
+ "This flag specifies the flagfile to read command-line flags from.");
+#endif // GTEST_USE_OWN_FLAGFILE_FLAG_
namespace internal {
@@ -294,7 +352,8 @@ namespace internal {
// than kMaxRange.
UInt32 Random::Generate(UInt32 range) {
// These constants are the same as are used in glibc's rand(3).
- state_ = (1103515245U*state_ + 12345U) % kMaxRange;
+ // Use wider types than necessary to prevent unsigned overflow diagnostics.
+ state_ = static_cast<UInt32>(1103515245ULL*state_ + 12345U) % kMaxRange;
GTEST_CHECK_(range > 0)
<< "Cannot generate a number in the range [0, 0).";
@@ -311,13 +370,7 @@ UInt32 Random::Generate(UInt32 range) {
// GTestIsInitialized() returns true iff the user has initialized
// Google Test. Useful for catching the user mistake of not initializing
// Google Test before calling RUN_ALL_TESTS().
-//
-// A user must call testing::InitGoogleTest() to initialize Google
-// Test. g_init_gtest_count is set to the number of times
-// InitGoogleTest() has been called. We don't protect this variable
-// under a mutex as it is only accessed in the main thread.
-GTEST_API_ int g_init_gtest_count = 0;
-static bool GTestIsInitialized() { return g_init_gtest_count != 0; }
+static bool GTestIsInitialized() { return GetArgvs().size() > 0; }
// Iterates over a vector of TestCases, keeping a running sum of the
// results of calling a given int-returning method on each.
@@ -373,8 +426,19 @@ void AssertHelper::operator=(const Message& message) const {
// Mutex for linked pointers.
GTEST_API_ GTEST_DEFINE_STATIC_MUTEX_(g_linked_ptr_mutex);
-// Application pathname gotten in InitGoogleTest.
-std::string g_executable_path;
+// A copy of all command line arguments. Set by InitGoogleTest().
+static ::std::vector<std::string> g_argvs;
+
+::std::vector<std::string> GetArgvs() {
+#if defined(GTEST_CUSTOM_GET_ARGVS_)
+ // GTEST_CUSTOM_GET_ARGVS_() may return a container of std::string or
+ // ::string. This code converts it to the appropriate type.
+ const auto& custom = GTEST_CUSTOM_GET_ARGVS_();
+ return ::std::vector<std::string>(custom.begin(), custom.end());
+#else // defined(GTEST_CUSTOM_GET_ARGVS_)
+ return g_argvs;
+#endif // defined(GTEST_CUSTOM_GET_ARGVS_)
+}
// Returns the current application's name, removing directory path if that
// is present.
@@ -382,9 +446,9 @@ FilePath GetCurrentExecutableName() {
FilePath result;
#if GTEST_OS_WINDOWS
- result.Set(FilePath(g_executable_path).RemoveExtension("exe"));
+ result.Set(FilePath(GetArgvs()[0]).RemoveExtension("exe"));
#else
- result.Set(FilePath(g_executable_path));
+ result.Set(FilePath(GetArgvs()[0]));
#endif // GTEST_OS_WINDOWS
return result.RemoveDirectoryName();
@@ -395,8 +459,6 @@ FilePath GetCurrentExecutableName() {
// Returns the output format, or "" for normal printed output.
std::string UnitTestOptions::GetOutputFormat() {
const char* const gtest_output_flag = GTEST_FLAG(output).c_str();
- if (gtest_output_flag == NULL) return std::string("");
-
const char* const colon = strchr(gtest_output_flag, ':');
return (colon == NULL) ?
std::string(gtest_output_flag) :
@@ -407,19 +469,22 @@ std::string UnitTestOptions::GetOutputFormat() {
// was explicitly specified.
std::string UnitTestOptions::GetAbsolutePathToOutputFile() {
const char* const gtest_output_flag = GTEST_FLAG(output).c_str();
- if (gtest_output_flag == NULL)
- return "";
+
+ std::string format = GetOutputFormat();
+ if (format.empty())
+ format = std::string(kDefaultOutputFormat);
const char* const colon = strchr(gtest_output_flag, ':');
if (colon == NULL)
- return internal::FilePath::ConcatPaths(
+ return internal::FilePath::MakeFileName(
internal::FilePath(
UnitTest::GetInstance()->original_working_dir()),
- internal::FilePath(kDefaultOutputFile)).string();
+ internal::FilePath(kDefaultOutputFile), 0,
+ format.c_str()).string();
internal::FilePath output_name(colon + 1);
if (!output_name.IsAbsolutePath())
- // TODO(wan@google.com): on Windows \some\path is not an absolute
+ // FIXME: on Windows \some\path is not an absolute
// path (as its meaning depends on the current drive), yet the
// following logic for turning it into an absolute path is wrong.
// Fix it.
@@ -610,12 +675,12 @@ extern const TypeId kTestTypeIdInGoogleTest = GetTestTypeId();
// This predicate-formatter checks that 'results' contains a test part
// failure of the given type and that the failure message contains the
// given substring.
-AssertionResult HasOneFailure(const char* /* results_expr */,
- const char* /* type_expr */,
- const char* /* substr_expr */,
- const TestPartResultArray& results,
- TestPartResult::Type type,
- const string& substr) {
+static AssertionResult HasOneFailure(const char* /* results_expr */,
+ const char* /* type_expr */,
+ const char* /* substr_expr */,
+ const TestPartResultArray& results,
+ TestPartResult::Type type,
+ const std::string& substr) {
const std::string expected(type == TestPartResult::kFatalFailure ?
"1 fatal failure" :
"1 non-fatal failure");
@@ -649,13 +714,10 @@ AssertionResult HasOneFailure(const char* /* results_expr */,
// The constructor of SingleFailureChecker remembers where to look up
// test part results, what type of failure we expect, and what
// substring the failure message should contain.
-SingleFailureChecker:: SingleFailureChecker(
- const TestPartResultArray* results,
- TestPartResult::Type type,
- const string& substr)
- : results_(results),
- type_(type),
- substr_(substr) {}
+SingleFailureChecker::SingleFailureChecker(const TestPartResultArray* results,
+ TestPartResult::Type type,
+ const std::string& substr)
+ : results_(results), type_(type), substr_(substr) {}
// The destructor of SingleFailureChecker verifies that the given
// TestPartResultArray contains exactly one failure that has the given
@@ -776,8 +838,12 @@ int UnitTestImpl::test_to_run_count() const {
// CurrentOsStackTraceExceptTop(1), Foo() will be included in the
// trace but Bar() and CurrentOsStackTraceExceptTop() won't.
std::string UnitTestImpl::CurrentOsStackTraceExceptTop(int skip_count) {
- (void)skip_count;
- return "";
+ return os_stack_trace_getter()->CurrentStackTrace(
+ static_cast<int>(GTEST_FLAG(stack_trace_depth)),
+ skip_count + 1
+ // Skips the user-specified number of frames plus this function
+ // itself.
+ ); // NOLINT
}
// Returns the current time in milliseconds.
@@ -792,7 +858,7 @@ TimeInMillis GetTimeInMillis() {
SYSTEMTIME now_systime;
FILETIME now_filetime;
ULARGE_INTEGER now_int64;
- // TODO(kenton@google.com): Shouldn't this just use
+ // FIXME: Shouldn't this just use
// GetSystemTimeAsFileTime()?
GetSystemTime(&now_systime);
if (SystemTimeToFileTime(&now_systime, &now_filetime)) {
@@ -808,11 +874,11 @@ TimeInMillis GetTimeInMillis() {
// MSVC 8 deprecates _ftime64(), so we want to suppress warning 4996
// (deprecated function) there.
- // TODO(kenton@google.com): Use GetTickCount()? Or use
+ // FIXME: Use GetTickCount()? Or use
// SystemTimeToFileTime()
- GTEST_DISABLE_MSC_WARNINGS_PUSH_(4996)
+ GTEST_DISABLE_MSC_DEPRECATED_PUSH_()
_ftime64(&now);
- GTEST_DISABLE_MSC_WARNINGS_POP_()
+ GTEST_DISABLE_MSC_DEPRECATED_POP_()
return static_cast<TimeInMillis>(now.time) * 1000 + now.millitm;
#elif GTEST_HAS_GETTIMEOFDAY_
@@ -897,6 +963,23 @@ static void StreamWideCharsToMessage(const wchar_t* wstr, size_t length,
#endif // GTEST_HAS_STD_WSTRING || GTEST_HAS_GLOBAL_WSTRING
+void SplitString(const ::std::string& str, char delimiter,
+ ::std::vector< ::std::string>* dest) {
+ ::std::vector< ::std::string> parsed;
+ ::std::string::size_type pos = 0;
+ while (::testing::internal::AlwaysTrue()) {
+ const ::std::string::size_type colon = str.find(delimiter, pos);
+ if (colon == ::std::string::npos) {
+ parsed.push_back(str.substr(pos));
+ break;
+ } else {
+ parsed.push_back(str.substr(pos, colon - pos));
+ pos = colon + 1;
+ }
+ }
+ dest->swap(parsed);
+}
+
} // namespace internal
// Constructs an empty Message.
@@ -1132,7 +1215,7 @@ class Hunk {
// Print a unified diff header for one hunk.
// The format is
// "@@ -<left_start>,<left_length> +<right_start>,<right_length> @@"
- // where the left/right parts are ommitted if unnecessary.
+ // where the left/right parts are omitted if unnecessary.
void PrintHeader(std::ostream* ss) const {
*ss << "@@ ";
if (removes_) {
@@ -1262,41 +1345,42 @@ std::vector<std::string> SplitEscapedString(const std::string& str) {
// and their values, as strings. For example, for ASSERT_EQ(foo, bar)
// where foo is 5 and bar is 6, we have:
//
-// expected_expression: "foo"
-// actual_expression: "bar"
-// expected_value: "5"
-// actual_value: "6"
+// lhs_expression: "foo"
+// rhs_expression: "bar"
+// lhs_value: "5"
+// rhs_value: "6"
//
// The ignoring_case parameter is true iff the assertion is a
-// *_STRCASEEQ*. When it's true, the string " (ignoring case)" will
+// *_STRCASEEQ*. When it's true, the string "Ignoring case" will
// be inserted into the message.
-AssertionResult EqFailure(const char* expected_expression,
- const char* actual_expression,
- const std::string& expected_value,
- const std::string& actual_value,
+AssertionResult EqFailure(const char* lhs_expression,
+ const char* rhs_expression,
+ const std::string& lhs_value,
+ const std::string& rhs_value,
bool ignoring_case) {
Message msg;
- msg << "Value of: " << actual_expression;
- if (actual_value != actual_expression) {
- msg << "\n Actual: " << actual_value;
+ msg << "Expected equality of these values:";
+ msg << "\n " << lhs_expression;
+ if (lhs_value != lhs_expression) {
+ msg << "\n Which is: " << lhs_value;
+ }
+ msg << "\n " << rhs_expression;
+ if (rhs_value != rhs_expression) {
+ msg << "\n Which is: " << rhs_value;
}
- msg << "\nExpected: " << expected_expression;
if (ignoring_case) {
- msg << " (ignoring case)";
- }
- if (expected_value != expected_expression) {
- msg << "\nWhich is: " << expected_value;
+ msg << "\nIgnoring case";
}
- if (!expected_value.empty() && !actual_value.empty()) {
- const std::vector<std::string> expected_lines =
- SplitEscapedString(expected_value);
- const std::vector<std::string> actual_lines =
- SplitEscapedString(actual_value);
- if (expected_lines.size() > 1 || actual_lines.size() > 1) {
+ if (!lhs_value.empty() && !rhs_value.empty()) {
+ const std::vector<std::string> lhs_lines =
+ SplitEscapedString(lhs_value);
+ const std::vector<std::string> rhs_lines =
+ SplitEscapedString(rhs_value);
+ if (lhs_lines.size() > 1 || rhs_lines.size() > 1) {
msg << "\nWith diff:\n"
- << edit_distance::CreateUnifiedDiff(expected_lines, actual_lines);
+ << edit_distance::CreateUnifiedDiff(lhs_lines, rhs_lines);
}
}
@@ -1329,7 +1413,7 @@ AssertionResult DoubleNearPredFormat(const char* expr1,
const double diff = fabs(val1 - val2);
if (diff <= abs_error) return AssertionSuccess();
- // TODO(wan): do not print the value of an expression if it's
+ // FIXME: do not print the value of an expression if it's
// already a literal.
return AssertionFailure()
<< "The difference between " << expr1 << " and " << expr2
@@ -1395,18 +1479,18 @@ namespace internal {
// The helper function for {ASSERT|EXPECT}_EQ with int or enum
// arguments.
-AssertionResult CmpHelperEQ(const char* expected_expression,
- const char* actual_expression,
- BiggestInt expected,
- BiggestInt actual) {
- if (expected == actual) {
+AssertionResult CmpHelperEQ(const char* lhs_expression,
+ const char* rhs_expression,
+ BiggestInt lhs,
+ BiggestInt rhs) {
+ if (lhs == rhs) {
return AssertionSuccess();
}
- return EqFailure(expected_expression,
- actual_expression,
- FormatForComparisonFailureMessage(expected, actual),
- FormatForComparisonFailureMessage(actual, expected),
+ return EqFailure(lhs_expression,
+ rhs_expression,
+ FormatForComparisonFailureMessage(lhs, rhs),
+ FormatForComparisonFailureMessage(rhs, lhs),
false);
}
@@ -1445,34 +1529,34 @@ GTEST_IMPL_CMP_HELPER_(GT, > )
#undef GTEST_IMPL_CMP_HELPER_
// The helper function for {ASSERT|EXPECT}_STREQ.
-AssertionResult CmpHelperSTREQ(const char* expected_expression,
- const char* actual_expression,
- const char* expected,
- const char* actual) {
- if (String::CStringEquals(expected, actual)) {
+AssertionResult CmpHelperSTREQ(const char* lhs_expression,
+ const char* rhs_expression,
+ const char* lhs,
+ const char* rhs) {
+ if (String::CStringEquals(lhs, rhs)) {
return AssertionSuccess();
}
- return EqFailure(expected_expression,
- actual_expression,
- PrintToString(expected),
- PrintToString(actual),
+ return EqFailure(lhs_expression,
+ rhs_expression,
+ PrintToString(lhs),
+ PrintToString(rhs),
false);
}
// The helper function for {ASSERT|EXPECT}_STRCASEEQ.
-AssertionResult CmpHelperSTRCASEEQ(const char* expected_expression,
- const char* actual_expression,
- const char* expected,
- const char* actual) {
- if (String::CaseInsensitiveCStringEquals(expected, actual)) {
+AssertionResult CmpHelperSTRCASEEQ(const char* lhs_expression,
+ const char* rhs_expression,
+ const char* lhs,
+ const char* rhs) {
+ if (String::CaseInsensitiveCStringEquals(lhs, rhs)) {
return AssertionSuccess();
}
- return EqFailure(expected_expression,
- actual_expression,
- PrintToString(expected),
- PrintToString(actual),
+ return EqFailure(lhs_expression,
+ rhs_expression,
+ PrintToString(lhs),
+ PrintToString(rhs),
true);
}
@@ -1624,7 +1708,7 @@ namespace {
AssertionResult HRESULTFailureHelper(const char* expr,
const char* expected,
long hr) { // NOLINT
-# if GTEST_OS_WINDOWS_MOBILE
+# if GTEST_OS_WINDOWS_MOBILE || GTEST_OS_WINDOWS_TV_TITLE
// Windows CE doesn't support FormatMessage.
const char error_text[] = "";
@@ -1681,7 +1765,7 @@ AssertionResult IsHRESULTFailure(const char* expr, long hr) { // NOLINT
// Utility functions for encoding Unicode text (wide strings) in
// UTF-8.
-// A Unicode code-point can have upto 21 bits, and is encoded in UTF-8
+// A Unicode code-point can have up to 21 bits, and is encoded in UTF-8
// like this:
//
// Code-point length Encoding
@@ -1745,7 +1829,7 @@ std::string CodePointToUtf8(UInt32 code_point) {
return str;
}
-// The following two functions only make sense if the the system
+// The following two functions only make sense if the system
// uses UTF-16 for wide string encoding. All supported systems
// with 16 bit wchar_t (Windows, Cygwin, Symbian OS) do use UTF-16.
@@ -1827,18 +1911,18 @@ bool String::WideCStringEquals(const wchar_t * lhs, const wchar_t * rhs) {
}
// Helper function for *_STREQ on wide strings.
-AssertionResult CmpHelperSTREQ(const char* expected_expression,
- const char* actual_expression,
- const wchar_t* expected,
- const wchar_t* actual) {
- if (String::WideCStringEquals(expected, actual)) {
+AssertionResult CmpHelperSTREQ(const char* lhs_expression,
+ const char* rhs_expression,
+ const wchar_t* lhs,
+ const wchar_t* rhs) {
+ if (String::WideCStringEquals(lhs, rhs)) {
return AssertionSuccess();
}
- return EqFailure(expected_expression,
- actual_expression,
- PrintToString(expected),
- PrintToString(actual),
+ return EqFailure(lhs_expression,
+ rhs_expression,
+ PrintToString(lhs),
+ PrintToString(rhs),
false);
}
@@ -2057,13 +2141,8 @@ static const char* const kReservedTestSuiteAttributes[] = {
// The list of reserved attributes used in the <testcase> element of XML output.
static const char* const kReservedTestCaseAttributes[] = {
- "classname",
- "name",
- "status",
- "time",
- "type_param",
- "value_param"
-};
+ "classname", "name", "status", "time",
+ "type_param", "value_param", "file", "line"};
template <int kSize>
std::vector<std::string> ArrayAsVector(const char* const (&array)[kSize]) {
@@ -2099,8 +2178,9 @@ static std::string FormatWordList(const std::vector<std::string>& words) {
return word_list.GetString();
}
-bool ValidateTestPropertyName(const std::string& property_name,
- const std::vector<std::string>& reserved_names) {
+static bool ValidateTestPropertyName(
+ const std::string& property_name,
+ const std::vector<std::string>& reserved_names) {
if (std::find(reserved_names.begin(), reserved_names.end(), property_name) !=
reserved_names.end()) {
ADD_FAILURE() << "Reserved key used in RecordProperty(): " << property_name
@@ -2171,14 +2251,15 @@ int TestResult::test_property_count() const {
// Creates a Test object.
-// The c'tor saves the values of all Google Test flags.
+// The c'tor saves the states of all flags.
Test::Test()
- : gtest_flag_saver_(new internal::GTestFlagSaver) {
+ : gtest_flag_saver_(new GTEST_FLAG_SAVER_) {
}
-// The d'tor restores the values of all Google Test flags.
+// The d'tor restores the states of all flags. The actual work is
+// done by the d'tor of the gtest_flag_saver_ field, and thus not
+// visible here.
Test::~Test() {
- delete gtest_flag_saver_;
}
// Sets up the test fixture.
@@ -2396,6 +2477,8 @@ Result HandleExceptionsInMethodIfSupported(
#if GTEST_HAS_EXCEPTIONS
try {
return HandleSehExceptionsInMethodIfSupported(object, method, location);
+ } catch (const AssertionException&) { // NOLINT
+ // This failure was reported already.
} catch (const internal::GoogleTestFailureException&) { // NOLINT
// This exception type can only be thrown by a failed Google
// Test assertion with the intention of letting another testing
@@ -2462,12 +2545,14 @@ TestInfo::TestInfo(const std::string& a_test_case_name,
const std::string& a_name,
const char* a_type_param,
const char* a_value_param,
+ internal::CodeLocation a_code_location,
internal::TypeId fixture_class_id,
internal::TestFactoryBase* factory)
: test_case_name_(a_test_case_name),
name_(a_name),
type_param_(a_type_param ? new std::string(a_type_param) : NULL),
value_param_(a_value_param ? new std::string(a_value_param) : NULL),
+ location_(a_code_location),
fixture_class_id_(fixture_class_id),
should_run_(false),
is_disabled_(false),
@@ -2491,6 +2576,7 @@ namespace internal {
// this is not a typed or a type-parameterized test.
// value_param: text representation of the test's value parameter,
// or NULL if this is not a value-parameterized test.
+// code_location: code location where the test is defined
// fixture_class_id: ID of the test fixture class
// set_up_tc: pointer to the function that sets up the test case
// tear_down_tc: pointer to the function that tears down the test case
@@ -2502,20 +2588,20 @@ TestInfo* MakeAndRegisterTestInfo(
const char* name,
const char* type_param,
const char* value_param,
+ CodeLocation code_location,
TypeId fixture_class_id,
SetUpTestCaseFunc set_up_tc,
TearDownTestCaseFunc tear_down_tc,
TestFactoryBase* factory) {
TestInfo* const test_info =
new TestInfo(test_case_name, name, type_param, value_param,
- fixture_class_id, factory);
+ code_location, fixture_class_id, factory);
GetUnitTestImpl()->AddTestInfo(set_up_tc, tear_down_tc, test_info);
return test_info;
}
-#if GTEST_HAS_PARAM_TEST
void ReportInvalidTestCaseType(const char* test_case_name,
- const char* file, int line) {
+ CodeLocation code_location) {
Message errors;
errors
<< "Attempted redefinition of test case " << test_case_name << ".\n"
@@ -2527,11 +2613,10 @@ void ReportInvalidTestCaseType(const char* test_case_name,
<< "probably rename one of the classes to put the tests into different\n"
<< "test cases.";
- fprintf(stderr, "%s %s", FormatFileLocation(file, line).c_str(),
- errors.GetString().c_str());
+ GTEST_LOG_(ERROR) << FormatFileLocation(code_location.file.c_str(),
+ code_location.line)
+ << " " << errors.GetString();
}
-#endif // GTEST_HAS_PARAM_TEST
-
} // namespace internal
namespace {
@@ -2569,12 +2654,10 @@ namespace internal {
// and INSTANTIATE_TEST_CASE_P into regular tests and registers those.
// This will be done just once during the program runtime.
void UnitTestImpl::RegisterParameterizedTests() {
-#if GTEST_HAS_PARAM_TEST
if (!parameterized_tests_registered_) {
parameterized_test_registry_.RegisterTests();
parameterized_tests_registered_ = true;
}
-#endif
}
} // namespace internal
@@ -2602,18 +2685,18 @@ void TestInfo::Run() {
factory_, &internal::TestFactoryBase::CreateTest,
"the test fixture's constructor");
- // Runs the test only if the test object was created and its
- // constructor didn't generate a fatal failure.
- if ((test != NULL) && !Test::HasFatalFailure()) {
+ // Runs the test if the constructor didn't generate a fatal failure.
+ // Note that the object will not be null
+ if (!Test::HasFatalFailure()) {
// This doesn't throw as all user code that can throw are wrapped into
// exception handling code.
test->Run();
}
- // Deletes the test object.
- impl->os_stack_trace_getter()->UponLeavingGTest();
- internal::HandleExceptionsInMethodIfSupported(
- test, &Test::DeleteSelf_, "the test fixture's destructor");
+ // Deletes the test object.
+ impl->os_stack_trace_getter()->UponLeavingGTest();
+ internal::HandleExceptionsInMethodIfSupported(
+ test, &Test::DeleteSelf_, "the test fixture's destructor");
result_.set_elapsed_time(internal::GetTimeInMillis() - start);
@@ -2839,10 +2922,10 @@ enum GTestColor {
};
#if GTEST_OS_WINDOWS && !GTEST_OS_WINDOWS_MOBILE && \
- !GTEST_OS_WINDOWS_PHONE && !GTEST_OS_WINDOWS_RT
+ !GTEST_OS_WINDOWS_PHONE && !GTEST_OS_WINDOWS_RT && !GTEST_OS_WINDOWS_MINGW
// Returns the character attribute for the given color.
-WORD GetColorAttribute(GTestColor color) {
+static WORD GetColorAttribute(GTestColor color) {
switch (color) {
case COLOR_RED: return FOREGROUND_RED;
case COLOR_GREEN: return FOREGROUND_GREEN;
@@ -2851,11 +2934,42 @@ WORD GetColorAttribute(GTestColor color) {
}
}
+static int GetBitOffset(WORD color_mask) {
+ if (color_mask == 0) return 0;
+
+ int bitOffset = 0;
+ while ((color_mask & 1) == 0) {
+ color_mask >>= 1;
+ ++bitOffset;
+ }
+ return bitOffset;
+}
+
+static WORD GetNewColor(GTestColor color, WORD old_color_attrs) {
+ // Let's reuse the BG
+ static const WORD background_mask = BACKGROUND_BLUE | BACKGROUND_GREEN |
+ BACKGROUND_RED | BACKGROUND_INTENSITY;
+ static const WORD foreground_mask = FOREGROUND_BLUE | FOREGROUND_GREEN |
+ FOREGROUND_RED | FOREGROUND_INTENSITY;
+ const WORD existing_bg = old_color_attrs & background_mask;
+
+ WORD new_color =
+ GetColorAttribute(color) | existing_bg | FOREGROUND_INTENSITY;
+ static const int bg_bitOffset = GetBitOffset(background_mask);
+ static const int fg_bitOffset = GetBitOffset(foreground_mask);
+
+ if (((new_color & background_mask) >> bg_bitOffset) ==
+ ((new_color & foreground_mask) >> fg_bitOffset)) {
+ new_color ^= FOREGROUND_INTENSITY; // invert intensity
+ }
+ return new_color;
+}
+
#else
// Returns the ANSI color code for the given color. COLOR_DEFAULT is
// an invalid input.
-const char* GetAnsiColorCode(GTestColor color) {
+static const char* GetAnsiColorCode(GTestColor color) {
switch (color) {
case COLOR_RED: return "1";
case COLOR_GREEN: return "2";
@@ -2871,7 +2985,7 @@ bool ShouldUseColor(bool stdout_is_tty) {
const char* const gtest_color = GTEST_FLAG(color).c_str();
if (String::CaseInsensitiveCStringEquals(gtest_color, "auto")) {
-#if GTEST_OS_WINDOWS
+#if GTEST_OS_WINDOWS && !GTEST_OS_WINDOWS_MINGW
// On Windows the TERM variable is usually not set, but the
// console there does support colors.
return stdout_is_tty;
@@ -2884,6 +2998,10 @@ bool ShouldUseColor(bool stdout_is_tty) {
String::CStringEquals(term, "xterm-256color") ||
String::CStringEquals(term, "screen") ||
String::CStringEquals(term, "screen-256color") ||
+ String::CStringEquals(term, "tmux") ||
+ String::CStringEquals(term, "tmux-256color") ||
+ String::CStringEquals(term, "rxvt-unicode") ||
+ String::CStringEquals(term, "rxvt-unicode-256color") ||
String::CStringEquals(term, "linux") ||
String::CStringEquals(term, "cygwin");
return stdout_is_tty && term_supports_color;
@@ -2903,13 +3021,13 @@ bool ShouldUseColor(bool stdout_is_tty) {
// cannot simply emit special characters and have the terminal change colors.
// This routine must actually emit the characters rather than return a string
// that would be colored when printed, as can be done on Linux.
-void ColoredPrintf(GTestColor color, const char* fmt, ...) {
+static void ColoredPrintf(GTestColor color, const char* fmt, ...) {
va_list args;
va_start(args, fmt);
#if GTEST_OS_WINDOWS_MOBILE || GTEST_OS_SYMBIAN || GTEST_OS_ZOS || \
GTEST_OS_IOS || GTEST_OS_WINDOWS_PHONE || GTEST_OS_WINDOWS_RT
- const bool use_color = false;
+ const bool use_color = AlwaysFalse();
#else
static const bool in_color_mode =
ShouldUseColor(posix::IsATTY(posix::FileNo(stdout)) != 0);
@@ -2924,20 +3042,21 @@ void ColoredPrintf(GTestColor color, const char* fmt, ...) {
}
#if GTEST_OS_WINDOWS && !GTEST_OS_WINDOWS_MOBILE && \
- !GTEST_OS_WINDOWS_PHONE && !GTEST_OS_WINDOWS_RT
+ !GTEST_OS_WINDOWS_PHONE && !GTEST_OS_WINDOWS_RT && !GTEST_OS_WINDOWS_MINGW
const HANDLE stdout_handle = GetStdHandle(STD_OUTPUT_HANDLE);
// Gets the current text color.
CONSOLE_SCREEN_BUFFER_INFO buffer_info;
GetConsoleScreenBufferInfo(stdout_handle, &buffer_info);
const WORD old_color_attrs = buffer_info.wAttributes;
+ const WORD new_color = GetNewColor(color, old_color_attrs);
// We need to flush the stream buffers into the console before each
// SetConsoleTextAttribute call lest it affect the text that is already
// printed but has not yet reached the console.
fflush(stdout);
- SetConsoleTextAttribute(stdout_handle,
- GetColorAttribute(color) | FOREGROUND_INTENSITY);
+ SetConsoleTextAttribute(stdout_handle, new_color);
+
vprintf(fmt, args);
fflush(stdout);
@@ -2951,12 +3070,12 @@ void ColoredPrintf(GTestColor color, const char* fmt, ...) {
va_end(args);
}
-// Text printed in Google Test's text output and --gunit_list_tests
+// Text printed in Google Test's text output and --gtest_list_tests
// output to label the type parameter and value parameter for a test.
static const char kTypeParamLabel[] = "TypeParam";
static const char kValueParamLabel[] = "GetParam()";
-void PrintFullTestCommentIfPresent(const TestInfo& test_info) {
+static void PrintFullTestCommentIfPresent(const TestInfo& test_info) {
const char* const type_param = test_info.type_param();
const char* const value_param = test_info.value_param();
@@ -3227,7 +3346,7 @@ void TestEventRepeater::Append(TestEventListener *listener) {
listeners_.push_back(listener);
}
-// TODO(vladl@google.com): Factor the search functionality into Vector::Find.
+// FIXME: Factor the search functionality into Vector::Find.
TestEventListener* TestEventRepeater::Release(TestEventListener *listener) {
for (size_t i = 0; i < listeners_.size(); ++i) {
if (listeners_[i] == listener) {
@@ -3301,6 +3420,11 @@ class XmlUnitTestResultPrinter : public EmptyTestEventListener {
explicit XmlUnitTestResultPrinter(const char* output_file);
virtual void OnTestIterationEnd(const UnitTest& unit_test, int iteration);
+ void ListTestsMatchingFilter(const std::vector<TestCase*>& test_cases);
+
+ // Prints an XML summary of all unit tests.
+ static void PrintXmlTestsList(std::ostream* stream,
+ const std::vector<TestCase*>& test_cases);
private:
// Is c a whitespace character that is normalized to a space character
@@ -3362,6 +3486,11 @@ class XmlUnitTestResultPrinter : public EmptyTestEventListener {
// to delimit this attribute from prior attributes.
static std::string TestPropertiesAsXmlAttributes(const TestResult& result);
+ // Streams an XML representation of the test properties of a TestResult
+ // object.
+ static void OutputXmlTestProperties(std::ostream* stream,
+ const TestResult& result);
+
// The output file.
const std::string output_file_;
@@ -3371,46 +3500,30 @@ class XmlUnitTestResultPrinter : public EmptyTestEventListener {
// Creates a new XmlUnitTestResultPrinter.
XmlUnitTestResultPrinter::XmlUnitTestResultPrinter(const char* output_file)
: output_file_(output_file) {
- if (output_file_.c_str() == NULL || output_file_.empty()) {
- fprintf(stderr, "XML output file may not be null\n");
- fflush(stderr);
- exit(EXIT_FAILURE);
+ if (output_file_.empty()) {
+ GTEST_LOG_(FATAL) << "XML output file may not be null";
}
}
// Called after the unit test ends.
void XmlUnitTestResultPrinter::OnTestIterationEnd(const UnitTest& unit_test,
int /*iteration*/) {
- FILE* xmlout = NULL;
- FilePath output_file(output_file_);
- FilePath output_dir(output_file.RemoveFileName());
-
- if (output_dir.CreateDirectoriesRecursively()) {
- xmlout = posix::FOpen(output_file_.c_str(), "w");
- }
- if (xmlout == NULL) {
- // TODO(wan): report the reason of the failure.
- //
- // We don't do it for now as:
- //
- // 1. There is no urgent need for it.
- // 2. It's a bit involved to make the errno variable thread-safe on
- // all three operating systems (Linux, Windows, and Mac OS).
- // 3. To interpret the meaning of errno in a thread-safe way,
- // we need the strerror_r() function, which is not available on
- // Windows.
- fprintf(stderr,
- "Unable to open file \"%s\"\n",
- output_file_.c_str());
- fflush(stderr);
- exit(EXIT_FAILURE);
- }
+ FILE* xmlout = OpenFileForWriting(output_file_);
std::stringstream stream;
PrintXmlUnitTest(&stream, unit_test);
fprintf(xmlout, "%s", StringStreamToString(&stream).c_str());
fclose(xmlout);
}
+void XmlUnitTestResultPrinter::ListTestsMatchingFilter(
+ const std::vector<TestCase*>& test_cases) {
+ FILE* xmlout = OpenFileForWriting(output_file_);
+ std::stringstream stream;
+ PrintXmlTestsList(&stream, test_cases);
+ fprintf(xmlout, "%s", StringStreamToString(&stream).c_str());
+ fclose(xmlout);
+}
+
// Returns an XML-escaped copy of the input string str. If is_attribute
// is true, the text is meant to appear as an attribute value, and
// normalizable whitespace is preserved by replacing it with character
@@ -3421,7 +3534,7 @@ void XmlUnitTestResultPrinter::OnTestIterationEnd(const UnitTest& unit_test,
// module will consist of ordinary English text.
// If this module is ever modified to produce version 1.1 XML output,
// most invalid characters can be retained using character references.
-// TODO(wan): It might be nice to have a minimally invasive, human-readable
+// FIXME: It might be nice to have a minimally invasive, human-readable
// escaping scheme for invalid characters, rather than dropping them.
std::string XmlUnitTestResultPrinter::EscapeXml(
const std::string& str, bool is_attribute) {
@@ -3482,6 +3595,7 @@ std::string XmlUnitTestResultPrinter::RemoveInvalidXmlCharacters(
// The following routines generate an XML representation of a UnitTest
// object.
+// GOOGLETEST_CM0009 DO NOT DELETE
//
// This is how Google Test concepts map to the DTD:
//
@@ -3499,23 +3613,32 @@ std::string XmlUnitTestResultPrinter::RemoveInvalidXmlCharacters(
// Formats the given time in milliseconds as seconds.
std::string FormatTimeInMillisAsSeconds(TimeInMillis ms) {
::std::stringstream ss;
- ss << ms/1000.0;
+ ss << (static_cast<double>(ms) * 1e-3);
return ss.str();
}
+static bool PortableLocaltime(time_t seconds, struct tm* out) {
+#if defined(_MSC_VER)
+ return localtime_s(out, &seconds) == 0;
+#elif defined(__MINGW32__) || defined(__MINGW64__)
+ // MINGW <time.h> provides neither localtime_r nor localtime_s, but uses
+ // Windows' localtime(), which has a thread-local tm buffer.
+ struct tm* tm_ptr = localtime(&seconds); // NOLINT
+ if (tm_ptr == NULL)
+ return false;
+ *out = *tm_ptr;
+ return true;
+#else
+ return localtime_r(&seconds, out) != NULL;
+#endif
+}
+
// Converts the given epoch time in milliseconds to a date string in the ISO
// 8601 format, without the timezone information.
std::string FormatEpochTimeInMillisAsIso8601(TimeInMillis ms) {
- time_t seconds = static_cast<time_t>(ms / 1000);
struct tm time_struct;
-#ifdef _MSC_VER
- if (localtime_s(&time_struct, &seconds) != 0)
- return ""; // Invalid ms value
-#else
- if (localtime_r(&seconds, &time_struct) == NULL)
- return ""; // Invalid ms value
-#endif
-
+ if (!PortableLocaltime(static_cast<time_t>(ms / 1000), &time_struct))
+ return "";
// YYYY-MM-DDThh:mm:ss
return StreamableToString(time_struct.tm_year + 1900) + "-" +
String::FormatIntWidth2(time_struct.tm_mon + 1) + "-" +
@@ -3562,13 +3685,17 @@ void XmlUnitTestResultPrinter::OutputXmlAttribute(
}
// Prints an XML representation of a TestInfo object.
-// TODO(wan): There is also value in printing properties with the plain printer.
+// FIXME: There is also value in printing properties with the plain printer.
void XmlUnitTestResultPrinter::OutputXmlTestInfo(::std::ostream* stream,
const char* test_case_name,
const TestInfo& test_info) {
const TestResult& result = *test_info.result();
const std::string kTestcase = "testcase";
+ if (test_info.is_in_another_shard()) {
+ return;
+ }
+
*stream << " <testcase";
OutputXmlAttribute(stream, kTestcase, "name", test_info.name());
@@ -3579,13 +3706,19 @@ void XmlUnitTestResultPrinter::OutputXmlTestInfo(::std::ostream* stream,
if (test_info.type_param() != NULL) {
OutputXmlAttribute(stream, kTestcase, "type_param", test_info.type_param());
}
+ if (GTEST_FLAG(list_tests)) {
+ OutputXmlAttribute(stream, kTestcase, "file", test_info.file());
+ OutputXmlAttribute(stream, kTestcase, "line",
+ StreamableToString(test_info.line()));
+ *stream << " />\n";
+ return;
+ }
OutputXmlAttribute(stream, kTestcase, "status",
test_info.should_run() ? "run" : "notrun");
OutputXmlAttribute(stream, kTestcase, "time",
FormatTimeInMillisAsSeconds(result.elapsed_time()));
OutputXmlAttribute(stream, kTestcase, "classname", test_case_name);
- *stream << TestPropertiesAsXmlAttributes(result);
int failures = 0;
for (int i = 0; i < result.total_part_count(); ++i) {
@@ -3594,22 +3727,28 @@ void XmlUnitTestResultPrinter::OutputXmlTestInfo(::std::ostream* stream,
if (++failures == 1) {
*stream << ">\n";
}
- const string location = internal::FormatCompilerIndependentFileLocation(
- part.file_name(), part.line_number());
- const string summary = location + "\n" + part.summary();
+ const std::string location =
+ internal::FormatCompilerIndependentFileLocation(part.file_name(),
+ part.line_number());
+ const std::string summary = location + "\n" + part.summary();
*stream << " <failure message=\""
<< EscapeXmlAttribute(summary.c_str())
<< "\" type=\"\">";
- const string detail = location + "\n" + part.message();
+ const std::string detail = location + "\n" + part.message();
OutputXmlCDataSection(stream, RemoveInvalidXmlCharacters(detail).c_str());
*stream << "</failure>\n";
}
}
- if (failures == 0)
+ if (failures == 0 && result.test_property_count() == 0) {
*stream << " />\n";
- else
+ } else {
+ if (failures == 0) {
+ *stream << ">\n";
+ }
+ OutputXmlTestProperties(stream, result);
*stream << " </testcase>\n";
+ }
}
// Prints an XML representation of a TestCase object
@@ -3620,17 +3759,18 @@ void XmlUnitTestResultPrinter::PrintXmlTestCase(std::ostream* stream,
OutputXmlAttribute(stream, kTestsuite, "name", test_case.name());
OutputXmlAttribute(stream, kTestsuite, "tests",
StreamableToString(test_case.reportable_test_count()));
- OutputXmlAttribute(stream, kTestsuite, "failures",
- StreamableToString(test_case.failed_test_count()));
- OutputXmlAttribute(
- stream, kTestsuite, "disabled",
- StreamableToString(test_case.reportable_disabled_test_count()));
- OutputXmlAttribute(stream, kTestsuite, "errors", "0");
- OutputXmlAttribute(stream, kTestsuite, "time",
- FormatTimeInMillisAsSeconds(test_case.elapsed_time()));
- *stream << TestPropertiesAsXmlAttributes(test_case.ad_hoc_test_result())
- << ">\n";
-
+ if (!GTEST_FLAG(list_tests)) {
+ OutputXmlAttribute(stream, kTestsuite, "failures",
+ StreamableToString(test_case.failed_test_count()));
+ OutputXmlAttribute(
+ stream, kTestsuite, "disabled",
+ StreamableToString(test_case.reportable_disabled_test_count()));
+ OutputXmlAttribute(stream, kTestsuite, "errors", "0");
+ OutputXmlAttribute(stream, kTestsuite, "time",
+ FormatTimeInMillisAsSeconds(test_case.elapsed_time()));
+ *stream << TestPropertiesAsXmlAttributes(test_case.ad_hoc_test_result());
+ }
+ *stream << ">\n";
for (int i = 0; i < test_case.total_test_count(); ++i) {
if (test_case.GetTestInfo(i)->is_reportable())
OutputXmlTestInfo(stream, test_case.name(), *test_case.GetTestInfo(i));
@@ -3664,7 +3804,6 @@ void XmlUnitTestResultPrinter::PrintXmlUnitTest(std::ostream* stream,
OutputXmlAttribute(stream, kTestsuites, "random_seed",
StreamableToString(unit_test.random_seed()));
}
-
*stream << TestPropertiesAsXmlAttributes(unit_test.ad_hoc_test_result());
OutputXmlAttribute(stream, kTestsuites, "name", "AllTests");
@@ -3677,6 +3816,28 @@ void XmlUnitTestResultPrinter::PrintXmlUnitTest(std::ostream* stream,
*stream << "</" << kTestsuites << ">\n";
}
+void XmlUnitTestResultPrinter::PrintXmlTestsList(
+ std::ostream* stream, const std::vector<TestCase*>& test_cases) {
+ const std::string kTestsuites = "testsuites";
+
+ *stream << "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
+ *stream << "<" << kTestsuites;
+
+ int total_tests = 0;
+ for (size_t i = 0; i < test_cases.size(); ++i) {
+ total_tests += test_cases[i]->total_test_count();
+ }
+ OutputXmlAttribute(stream, kTestsuites, "tests",
+ StreamableToString(total_tests));
+ OutputXmlAttribute(stream, kTestsuites, "name", "AllTests");
+ *stream << ">\n";
+
+ for (size_t i = 0; i < test_cases.size(); ++i) {
+ PrintXmlTestCase(stream, *test_cases[i]);
+ }
+ *stream << "</" << kTestsuites << ">\n";
+}
+
// Produces a string representing the test properties in a result as space
// delimited XML attributes based on the property key="value" pairs.
std::string XmlUnitTestResultPrinter::TestPropertiesAsXmlAttributes(
@@ -3690,8 +3851,390 @@ std::string XmlUnitTestResultPrinter::TestPropertiesAsXmlAttributes(
return attributes.GetString();
}
+void XmlUnitTestResultPrinter::OutputXmlTestProperties(
+ std::ostream* stream, const TestResult& result) {
+ const std::string kProperties = "properties";
+ const std::string kProperty = "property";
+
+ if (result.test_property_count() <= 0) {
+ return;
+ }
+
+ *stream << "<" << kProperties << ">\n";
+ for (int i = 0; i < result.test_property_count(); ++i) {
+ const TestProperty& property = result.GetTestProperty(i);
+ *stream << "<" << kProperty;
+ *stream << " name=\"" << EscapeXmlAttribute(property.key()) << "\"";
+ *stream << " value=\"" << EscapeXmlAttribute(property.value()) << "\"";
+ *stream << "/>\n";
+ }
+ *stream << "</" << kProperties << ">\n";
+}
+
// End XmlUnitTestResultPrinter
+// This class generates an JSON output file.
+class JsonUnitTestResultPrinter : public EmptyTestEventListener {
+ public:
+ explicit JsonUnitTestResultPrinter(const char* output_file);
+
+ virtual void OnTestIterationEnd(const UnitTest& unit_test, int iteration);
+
+ // Prints an JSON summary of all unit tests.
+ static void PrintJsonTestList(::std::ostream* stream,
+ const std::vector<TestCase*>& test_cases);
+
+ private:
+ // Returns an JSON-escaped copy of the input string str.
+ static std::string EscapeJson(const std::string& str);
+
+ //// Verifies that the given attribute belongs to the given element and
+ //// streams the attribute as JSON.
+ static void OutputJsonKey(std::ostream* stream,
+ const std::string& element_name,
+ const std::string& name,
+ const std::string& value,
+ const std::string& indent,
+ bool comma = true);
+ static void OutputJsonKey(std::ostream* stream,
+ const std::string& element_name,
+ const std::string& name,
+ int value,
+ const std::string& indent,
+ bool comma = true);
+
+ // Streams a JSON representation of a TestInfo object.
+ static void OutputJsonTestInfo(::std::ostream* stream,
+ const char* test_case_name,
+ const TestInfo& test_info);
+
+ // Prints a JSON representation of a TestCase object
+ static void PrintJsonTestCase(::std::ostream* stream,
+ const TestCase& test_case);
+
+ // Prints a JSON summary of unit_test to output stream out.
+ static void PrintJsonUnitTest(::std::ostream* stream,
+ const UnitTest& unit_test);
+
+ // Produces a string representing the test properties in a result as
+ // a JSON dictionary.
+ static std::string TestPropertiesAsJson(const TestResult& result,
+ const std::string& indent);
+
+ // The output file.
+ const std::string output_file_;
+
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(JsonUnitTestResultPrinter);
+};
+
+// Creates a new JsonUnitTestResultPrinter.
+JsonUnitTestResultPrinter::JsonUnitTestResultPrinter(const char* output_file)
+ : output_file_(output_file) {
+ if (output_file_.empty()) {
+ GTEST_LOG_(FATAL) << "JSON output file may not be null";
+ }
+}
+
+void JsonUnitTestResultPrinter::OnTestIterationEnd(const UnitTest& unit_test,
+ int /*iteration*/) {
+ FILE* jsonout = OpenFileForWriting(output_file_);
+ std::stringstream stream;
+ PrintJsonUnitTest(&stream, unit_test);
+ fprintf(jsonout, "%s", StringStreamToString(&stream).c_str());
+ fclose(jsonout);
+}
+
+// Returns an JSON-escaped copy of the input string str.
+std::string JsonUnitTestResultPrinter::EscapeJson(const std::string& str) {
+ Message m;
+
+ for (size_t i = 0; i < str.size(); ++i) {
+ const char ch = str[i];
+ switch (ch) {
+ case '\\':
+ case '"':
+ case '/':
+ m << '\\' << ch;
+ break;
+ case '\b':
+ m << "\\b";
+ break;
+ case '\t':
+ m << "\\t";
+ break;
+ case '\n':
+ m << "\\n";
+ break;
+ case '\f':
+ m << "\\f";
+ break;
+ case '\r':
+ m << "\\r";
+ break;
+ default:
+ if (ch < ' ') {
+ m << "\\u00" << String::FormatByte(static_cast<unsigned char>(ch));
+ } else {
+ m << ch;
+ }
+ break;
+ }
+ }
+
+ return m.GetString();
+}
+
+// The following routines generate an JSON representation of a UnitTest
+// object.
+
+// Formats the given time in milliseconds as seconds.
+static std::string FormatTimeInMillisAsDuration(TimeInMillis ms) {
+ ::std::stringstream ss;
+ ss << (static_cast<double>(ms) * 1e-3) << "s";
+ return ss.str();
+}
+
+// Converts the given epoch time in milliseconds to a date string in the
+// RFC3339 format, without the timezone information.
+static std::string FormatEpochTimeInMillisAsRFC3339(TimeInMillis ms) {
+ struct tm time_struct;
+ if (!PortableLocaltime(static_cast<time_t>(ms / 1000), &time_struct))
+ return "";
+ // YYYY-MM-DDThh:mm:ss
+ return StreamableToString(time_struct.tm_year + 1900) + "-" +
+ String::FormatIntWidth2(time_struct.tm_mon + 1) + "-" +
+ String::FormatIntWidth2(time_struct.tm_mday) + "T" +
+ String::FormatIntWidth2(time_struct.tm_hour) + ":" +
+ String::FormatIntWidth2(time_struct.tm_min) + ":" +
+ String::FormatIntWidth2(time_struct.tm_sec) + "Z";
+}
+
+static inline std::string Indent(int width) {
+ return std::string(width, ' ');
+}
+
+void JsonUnitTestResultPrinter::OutputJsonKey(
+ std::ostream* stream,
+ const std::string& element_name,
+ const std::string& name,
+ const std::string& value,
+ const std::string& indent,
+ bool comma) {
+ const std::vector<std::string>& allowed_names =
+ GetReservedAttributesForElement(element_name);
+
+ GTEST_CHECK_(std::find(allowed_names.begin(), allowed_names.end(), name) !=
+ allowed_names.end())
+ << "Key \"" << name << "\" is not allowed for value \"" << element_name
+ << "\".";
+
+ *stream << indent << "\"" << name << "\": \"" << EscapeJson(value) << "\"";
+ if (comma)
+ *stream << ",\n";
+}
+
+void JsonUnitTestResultPrinter::OutputJsonKey(
+ std::ostream* stream,
+ const std::string& element_name,
+ const std::string& name,
+ int value,
+ const std::string& indent,
+ bool comma) {
+ const std::vector<std::string>& allowed_names =
+ GetReservedAttributesForElement(element_name);
+
+ GTEST_CHECK_(std::find(allowed_names.begin(), allowed_names.end(), name) !=
+ allowed_names.end())
+ << "Key \"" << name << "\" is not allowed for value \"" << element_name
+ << "\".";
+
+ *stream << indent << "\"" << name << "\": " << StreamableToString(value);
+ if (comma)
+ *stream << ",\n";
+}
+
+// Prints a JSON representation of a TestInfo object.
+void JsonUnitTestResultPrinter::OutputJsonTestInfo(::std::ostream* stream,
+ const char* test_case_name,
+ const TestInfo& test_info) {
+ const TestResult& result = *test_info.result();
+ const std::string kTestcase = "testcase";
+ const std::string kIndent = Indent(10);
+
+ *stream << Indent(8) << "{\n";
+ OutputJsonKey(stream, kTestcase, "name", test_info.name(), kIndent);
+
+ if (test_info.value_param() != NULL) {
+ OutputJsonKey(stream, kTestcase, "value_param",
+ test_info.value_param(), kIndent);
+ }
+ if (test_info.type_param() != NULL) {
+ OutputJsonKey(stream, kTestcase, "type_param", test_info.type_param(),
+ kIndent);
+ }
+ if (GTEST_FLAG(list_tests)) {
+ OutputJsonKey(stream, kTestcase, "file", test_info.file(), kIndent);
+ OutputJsonKey(stream, kTestcase, "line", test_info.line(), kIndent, false);
+ *stream << "\n" << Indent(8) << "}";
+ return;
+ }
+
+ OutputJsonKey(stream, kTestcase, "status",
+ test_info.should_run() ? "RUN" : "NOTRUN", kIndent);
+ OutputJsonKey(stream, kTestcase, "time",
+ FormatTimeInMillisAsDuration(result.elapsed_time()), kIndent);
+ OutputJsonKey(stream, kTestcase, "classname", test_case_name, kIndent, false);
+ *stream << TestPropertiesAsJson(result, kIndent);
+
+ int failures = 0;
+ for (int i = 0; i < result.total_part_count(); ++i) {
+ const TestPartResult& part = result.GetTestPartResult(i);
+ if (part.failed()) {
+ *stream << ",\n";
+ if (++failures == 1) {
+ *stream << kIndent << "\"" << "failures" << "\": [\n";
+ }
+ const std::string location =
+ internal::FormatCompilerIndependentFileLocation(part.file_name(),
+ part.line_number());
+ const std::string message = EscapeJson(location + "\n" + part.message());
+ *stream << kIndent << " {\n"
+ << kIndent << " \"failure\": \"" << message << "\",\n"
+ << kIndent << " \"type\": \"\"\n"
+ << kIndent << " }";
+ }
+ }
+
+ if (failures > 0)
+ *stream << "\n" << kIndent << "]";
+ *stream << "\n" << Indent(8) << "}";
+}
+
+// Prints an JSON representation of a TestCase object
+void JsonUnitTestResultPrinter::PrintJsonTestCase(std::ostream* stream,
+ const TestCase& test_case) {
+ const std::string kTestsuite = "testsuite";
+ const std::string kIndent = Indent(6);
+
+ *stream << Indent(4) << "{\n";
+ OutputJsonKey(stream, kTestsuite, "name", test_case.name(), kIndent);
+ OutputJsonKey(stream, kTestsuite, "tests", test_case.reportable_test_count(),
+ kIndent);
+ if (!GTEST_FLAG(list_tests)) {
+ OutputJsonKey(stream, kTestsuite, "failures", test_case.failed_test_count(),
+ kIndent);
+ OutputJsonKey(stream, kTestsuite, "disabled",
+ test_case.reportable_disabled_test_count(), kIndent);
+ OutputJsonKey(stream, kTestsuite, "errors", 0, kIndent);
+ OutputJsonKey(stream, kTestsuite, "time",
+ FormatTimeInMillisAsDuration(test_case.elapsed_time()),
+ kIndent, false);
+ *stream << TestPropertiesAsJson(test_case.ad_hoc_test_result(), kIndent)
+ << ",\n";
+ }
+
+ *stream << kIndent << "\"" << kTestsuite << "\": [\n";
+
+ bool comma = false;
+ for (int i = 0; i < test_case.total_test_count(); ++i) {
+ if (test_case.GetTestInfo(i)->is_reportable()) {
+ if (comma) {
+ *stream << ",\n";
+ } else {
+ comma = true;
+ }
+ OutputJsonTestInfo(stream, test_case.name(), *test_case.GetTestInfo(i));
+ }
+ }
+ *stream << "\n" << kIndent << "]\n" << Indent(4) << "}";
+}
+
+// Prints a JSON summary of unit_test to output stream out.
+void JsonUnitTestResultPrinter::PrintJsonUnitTest(std::ostream* stream,
+ const UnitTest& unit_test) {
+ const std::string kTestsuites = "testsuites";
+ const std::string kIndent = Indent(2);
+ *stream << "{\n";
+
+ OutputJsonKey(stream, kTestsuites, "tests", unit_test.reportable_test_count(),
+ kIndent);
+ OutputJsonKey(stream, kTestsuites, "failures", unit_test.failed_test_count(),
+ kIndent);
+ OutputJsonKey(stream, kTestsuites, "disabled",
+ unit_test.reportable_disabled_test_count(), kIndent);
+ OutputJsonKey(stream, kTestsuites, "errors", 0, kIndent);
+ if (GTEST_FLAG(shuffle)) {
+ OutputJsonKey(stream, kTestsuites, "random_seed", unit_test.random_seed(),
+ kIndent);
+ }
+ OutputJsonKey(stream, kTestsuites, "timestamp",
+ FormatEpochTimeInMillisAsRFC3339(unit_test.start_timestamp()),
+ kIndent);
+ OutputJsonKey(stream, kTestsuites, "time",
+ FormatTimeInMillisAsDuration(unit_test.elapsed_time()), kIndent,
+ false);
+
+ *stream << TestPropertiesAsJson(unit_test.ad_hoc_test_result(), kIndent)
+ << ",\n";
+
+ OutputJsonKey(stream, kTestsuites, "name", "AllTests", kIndent);
+ *stream << kIndent << "\"" << kTestsuites << "\": [\n";
+
+ bool comma = false;
+ for (int i = 0; i < unit_test.total_test_case_count(); ++i) {
+ if (unit_test.GetTestCase(i)->reportable_test_count() > 0) {
+ if (comma) {
+ *stream << ",\n";
+ } else {
+ comma = true;
+ }
+ PrintJsonTestCase(stream, *unit_test.GetTestCase(i));
+ }
+ }
+
+ *stream << "\n" << kIndent << "]\n" << "}\n";
+}
+
+void JsonUnitTestResultPrinter::PrintJsonTestList(
+ std::ostream* stream, const std::vector<TestCase*>& test_cases) {
+ const std::string kTestsuites = "testsuites";
+ const std::string kIndent = Indent(2);
+ *stream << "{\n";
+ int total_tests = 0;
+ for (size_t i = 0; i < test_cases.size(); ++i) {
+ total_tests += test_cases[i]->total_test_count();
+ }
+ OutputJsonKey(stream, kTestsuites, "tests", total_tests, kIndent);
+
+ OutputJsonKey(stream, kTestsuites, "name", "AllTests", kIndent);
+ *stream << kIndent << "\"" << kTestsuites << "\": [\n";
+
+ for (size_t i = 0; i < test_cases.size(); ++i) {
+ if (i != 0) {
+ *stream << ",\n";
+ }
+ PrintJsonTestCase(stream, *test_cases[i]);
+ }
+
+ *stream << "\n"
+ << kIndent << "]\n"
+ << "}\n";
+}
+// Produces a string representing the test properties in a result as
+// a JSON dictionary.
+std::string JsonUnitTestResultPrinter::TestPropertiesAsJson(
+ const TestResult& result, const std::string& indent) {
+ Message attributes;
+ for (int i = 0; i < result.test_property_count(); ++i) {
+ const TestProperty& property = result.GetTestProperty(i);
+ attributes << ",\n" << indent << "\"" << property.key() << "\": "
+ << "\"" << EscapeJson(property.value()) << "\"";
+ }
+ return attributes.GetString();
+}
+
+// End JsonUnitTestResultPrinter
+
#if GTEST_CAN_STREAM_RESULTS_
// Checks if str contains '=', '&', '%' or '\n' characters. If yes,
@@ -3699,8 +4242,8 @@ std::string XmlUnitTestResultPrinter::TestPropertiesAsXmlAttributes(
// example, replaces "=" with "%3D". This algorithm is O(strlen(str))
// in both time and space -- important as the input str may contain an
// arbitrarily long test failure message and stack trace.
-string StreamingListener::UrlEncode(const char* str) {
- string result;
+std::string StreamingListener::UrlEncode(const char* str) {
+ std::string result;
result.reserve(strlen(str) + 1);
for (char ch = *str; ch != '\0'; ch = *++str) {
switch (ch) {
@@ -3762,58 +4305,82 @@ void StreamingListener::SocketWriter::MakeConnection() {
// End of class Streaming Listener
#endif // GTEST_CAN_STREAM_RESULTS__
-// Class ScopedTrace
+// class OsStackTraceGetter
-// Pushes the given source file location and message onto a per-thread
-// trace stack maintained by Google Test.
-ScopedTrace::ScopedTrace(const char* file, int line, const Message& message)
- GTEST_LOCK_EXCLUDED_(&UnitTest::mutex_) {
- TraceInfo trace;
- trace.file = file;
- trace.line = line;
- trace.message = message.GetString();
+const char* const OsStackTraceGetterInterface::kElidedFramesMarker =
+ "... " GTEST_NAME_ " internal frames ...";
- UnitTest::GetInstance()->PushGTestTrace(trace);
-}
+std::string OsStackTraceGetter::CurrentStackTrace(int max_depth, int skip_count)
+ GTEST_LOCK_EXCLUDED_(mutex_) {
+#if GTEST_HAS_ABSL
+ std::string result;
-// Pops the info pushed by the c'tor.
-ScopedTrace::~ScopedTrace()
- GTEST_LOCK_EXCLUDED_(&UnitTest::mutex_) {
- UnitTest::GetInstance()->PopGTestTrace();
-}
+ if (max_depth <= 0) {
+ return result;
+ }
+ max_depth = std::min(max_depth, kMaxStackTraceDepth);
-// class OsStackTraceGetter
+ std::vector<void*> raw_stack(max_depth);
+ // Skips the frames requested by the caller, plus this function.
+ const int raw_stack_size =
+ absl::GetStackTrace(&raw_stack[0], max_depth, skip_count + 1);
-// Returns the current OS stack trace as an std::string. Parameters:
-//
-// max_depth - the maximum number of stack frames to be included
-// in the trace.
-// skip_count - the number of top frames to be skipped; doesn't count
-// against max_depth.
-//
-string OsStackTraceGetter::CurrentStackTrace(int /* max_depth */,
- int /* skip_count */)
- GTEST_LOCK_EXCLUDED_(mutex_) {
+ void* caller_frame = nullptr;
+ {
+ MutexLock lock(&mutex_);
+ caller_frame = caller_frame_;
+ }
+
+ for (int i = 0; i < raw_stack_size; ++i) {
+ if (raw_stack[i] == caller_frame &&
+ !GTEST_FLAG(show_internal_stack_frames)) {
+ // Add a marker to the trace and stop adding frames.
+ absl::StrAppend(&result, kElidedFramesMarker, "\n");
+ break;
+ }
+
+ char tmp[1024];
+ const char* symbol = "(unknown)";
+ if (absl::Symbolize(raw_stack[i], tmp, sizeof(tmp))) {
+ symbol = tmp;
+ }
+
+ char line[1024];
+ snprintf(line, sizeof(line), " %p: %s\n", raw_stack[i], symbol);
+ result += line;
+ }
+
+ return result;
+
+#else // !GTEST_HAS_ABSL
+ static_cast<void>(max_depth);
+ static_cast<void>(skip_count);
return "";
+#endif // GTEST_HAS_ABSL
}
-void OsStackTraceGetter::UponLeavingGTest()
- GTEST_LOCK_EXCLUDED_(mutex_) {
-}
+void OsStackTraceGetter::UponLeavingGTest() GTEST_LOCK_EXCLUDED_(mutex_) {
+#if GTEST_HAS_ABSL
+ void* caller_frame = nullptr;
+ if (absl::GetStackTrace(&caller_frame, 1, 3) <= 0) {
+ caller_frame = nullptr;
+ }
-const char* const
-OsStackTraceGetter::kElidedFramesMarker =
- "... " GTEST_NAME_ " internal frames ...";
+ MutexLock lock(&mutex_);
+ caller_frame_ = caller_frame;
+#endif // GTEST_HAS_ABSL
+}
// A helper class that creates the premature-exit file in its
// constructor and deletes the file in its destructor.
class ScopedPrematureExitFile {
public:
explicit ScopedPrematureExitFile(const char* premature_exit_filepath)
- : premature_exit_filepath_(premature_exit_filepath) {
+ : premature_exit_filepath_(premature_exit_filepath ?
+ premature_exit_filepath : "") {
// If a path to the premature-exit file is specified...
- if (premature_exit_filepath != NULL && *premature_exit_filepath != '\0') {
+ if (!premature_exit_filepath_.empty()) {
// create the file with a single "0" character in it. I/O
// errors are ignored as there's nothing better we can do and we
// don't want to fail the test because of this.
@@ -3824,13 +4391,18 @@ class ScopedPrematureExitFile {
}
~ScopedPrematureExitFile() {
- if (premature_exit_filepath_ != NULL && *premature_exit_filepath_ != '\0') {
- remove(premature_exit_filepath_);
+ if (!premature_exit_filepath_.empty()) {
+ int retval = remove(premature_exit_filepath_.c_str());
+ if (retval) {
+ GTEST_LOG_(ERROR) << "Failed to remove premature exit filepath \""
+ << premature_exit_filepath_ << "\" with error "
+ << retval;
+ }
}
}
private:
- const char* const premature_exit_filepath_;
+ const std::string premature_exit_filepath_;
GTEST_DISALLOW_COPY_AND_ASSIGN_(ScopedPrematureExitFile);
};
@@ -4100,6 +4672,11 @@ void UnitTest::AddTestPartResult(
// when a failure happens and both the --gtest_break_on_failure and
// the --gtest_catch_exceptions flags are specified.
DebugBreak();
+#elif (!defined(__native_client__)) && \
+ ((defined(__clang__) || defined(__GNUC__)) && \
+ (defined(__x86_64__) || defined(__i386__)))
+ // with clang/gcc we can achieve the same effect on x86 by invoking int3
+ asm("int3");
#else
// Dereference NULL through a volatile pointer to prevent the compiler
// from removing. We use this rather than abort() or __builtin_trap() for
@@ -4167,7 +4744,7 @@ int UnitTest::Run() {
// used for the duration of the program.
impl()->set_catch_exceptions(GTEST_FLAG(catch_exceptions));
-#if GTEST_HAS_SEH
+#if GTEST_OS_WINDOWS
// Either the user wants Google Test to catch exceptions thrown by the
// tests or this is executing in the context of death test child
// process. In either case the user does not want to see pop-up dialogs
@@ -4196,7 +4773,7 @@ int UnitTest::Run() {
// VC++ doesn't define _set_abort_behavior() prior to the version 8.0.
// Users of prior VC versions shall suffer the agony and pain of
// clicking through the countless debug dialogs.
- // TODO(vladl@google.com): find a way to suppress the abort dialog() in the
+ // FIXME: find a way to suppress the abort dialog() in the
// debug mode when compiled with VC 7.1 or lower.
if (!GTEST_FLAG(break_on_failure))
_set_abort_behavior(
@@ -4204,7 +4781,7 @@ int UnitTest::Run() {
_WRITE_ABORT_MSG | _CALL_REPORTFAULT); // pop-up window, core dump.
# endif
}
-#endif // GTEST_HAS_SEH
+#endif // GTEST_OS_WINDOWS
return internal::HandleExceptionsInMethodIfSupported(
impl(),
@@ -4237,7 +4814,6 @@ const TestInfo* UnitTest::current_test_info() const
// Returns the random seed used at the start of the current test run.
int UnitTest::random_seed() const { return impl_->random_seed(); }
-#if GTEST_HAS_PARAM_TEST
// Returns ParameterizedTestCaseRegistry object used to keep track of
// value-parameterized tests and instantiate and register them.
internal::ParameterizedTestCaseRegistry&
@@ -4245,7 +4821,6 @@ internal::ParameterizedTestCaseRegistry&
GTEST_LOCK_EXCLUDED_(mutex_) {
return impl_->parameterized_test_registry();
}
-#endif // GTEST_HAS_PARAM_TEST
// Creates an empty UnitTest.
UnitTest::UnitTest() {
@@ -4284,10 +4859,8 @@ UnitTestImpl::UnitTestImpl(UnitTest* parent)
&default_global_test_part_result_reporter_),
per_thread_test_part_result_reporter_(
&default_per_thread_test_part_result_reporter_),
-#if GTEST_HAS_PARAM_TEST
parameterized_test_registry_(),
parameterized_tests_registered_(false),
-#endif // GTEST_HAS_PARAM_TEST
last_death_test_case_(-1),
current_test_case_(NULL),
current_test_info_(NULL),
@@ -4354,10 +4927,12 @@ void UnitTestImpl::ConfigureXmlOutput() {
if (output_format == "xml") {
listeners()->SetDefaultXmlGenerator(new XmlUnitTestResultPrinter(
UnitTestOptions::GetAbsolutePathToOutputFile().c_str()));
+ } else if (output_format == "json") {
+ listeners()->SetDefaultXmlGenerator(new JsonUnitTestResultPrinter(
+ UnitTestOptions::GetAbsolutePathToOutputFile().c_str()));
} else if (output_format != "") {
- printf("WARNING: unrecognized output format \"%s\" ignored.\n",
- output_format.c_str());
- fflush(stdout);
+ GTEST_LOG_(WARNING) << "WARNING: unrecognized output format \""
+ << output_format << "\" ignored.";
}
}
@@ -4372,9 +4947,8 @@ void UnitTestImpl::ConfigureStreamingOutput() {
listeners()->Append(new StreamingListener(target.substr(0, pos),
target.substr(pos+1)));
} else {
- printf("WARNING: unrecognized streaming target \"%s\" ignored.\n",
- target.c_str());
- fflush(stdout);
+ GTEST_LOG_(WARNING) << "unrecognized streaming target \"" << target
+ << "\" ignored.";
}
}
}
@@ -4390,6 +4964,11 @@ void UnitTestImpl::PostFlagParsingInit() {
if (!post_flag_parse_init_performed_) {
post_flag_parse_init_performed_ = true;
+#if defined(GTEST_CUSTOM_TEST_EVENT_LISTENER_)
+ // Register to send notifications about key process state changes.
+ listeners()->Append(new GTEST_CUSTOM_TEST_EVENT_LISTENER_());
+#endif // defined(GTEST_CUSTOM_TEST_EVENT_LISTENER_)
+
#if GTEST_HAS_DEATH_TEST
InitDeathTestSubprocessControlInfo();
SuppressTestEventsIfInSubprocess();
@@ -4408,6 +4987,13 @@ void UnitTestImpl::PostFlagParsingInit() {
// Configures listeners for streaming test results to the specified server.
ConfigureStreamingOutput();
#endif // GTEST_CAN_STREAM_RESULTS_
+
+#if GTEST_HAS_ABSL
+ if (GTEST_FLAG(install_failure_signal_handler)) {
+ absl::FailureSignalHandlerOptions options;
+ absl::InstallFailureSignalHandler(options);
+ }
+#endif // GTEST_HAS_ABSL
}
}
@@ -4451,11 +5037,11 @@ TestCase* UnitTestImpl::GetTestCase(const char* test_case_name,
Test::SetUpTestCaseFunc set_up_tc,
Test::TearDownTestCaseFunc tear_down_tc) {
// Can we find a TestCase with the given name?
- const std::vector<TestCase*>::const_iterator test_case =
- std::find_if(test_cases_.begin(), test_cases_.end(),
+ const std::vector<TestCase*>::const_reverse_iterator test_case =
+ std::find_if(test_cases_.rbegin(), test_cases_.rend(),
TestCaseNameIs(test_case_name));
- if (test_case != test_cases_.end())
+ if (test_case != test_cases_.rend())
return *test_case;
// No. Let's create one.
@@ -4496,13 +5082,8 @@ static void TearDownEnvironment(Environment* env) { env->TearDown(); }
// All other functions called from RunAllTests() may safely assume that
// parameterized tests are ready to be counted and run.
bool UnitTestImpl::RunAllTests() {
- // Makes sure InitGoogleTest() was called.
- if (!GTestIsInitialized()) {
- printf("%s",
- "\nThis test program did NOT call ::testing::InitGoogleTest "
- "before calling RUN_ALL_TESTS(). Please fix it.\n");
- return false;
- }
+ // True iff Google Test is initialized before RUN_ALL_TESTS() is called.
+ const bool gtest_is_initialized_before_run_all_tests = GTestIsInitialized();
// Do not run any test if the --help flag was specified.
if (g_help_flag)
@@ -4523,6 +5104,11 @@ bool UnitTestImpl::RunAllTests() {
#if GTEST_HAS_DEATH_TEST
in_subprocess_for_death_test = (internal_run_death_test_flag_.get() != NULL);
+# if defined(GTEST_EXTRA_DEATH_TEST_CHILD_SETUP_)
+ if (in_subprocess_for_death_test) {
+ GTEST_EXTRA_DEATH_TEST_CHILD_SETUP_();
+ }
+# endif // defined(GTEST_EXTRA_DEATH_TEST_CHILD_SETUP_)
#endif // GTEST_HAS_DEATH_TEST
const bool should_shard = ShouldShard(kTestTotalShards, kTestShardIndex,
@@ -4625,6 +5211,20 @@ bool UnitTestImpl::RunAllTests() {
repeater->OnTestProgramEnd(*parent_);
+ if (!gtest_is_initialized_before_run_all_tests) {
+ ColoredPrintf(
+ COLOR_RED,
+ "\nIMPORTANT NOTICE - DO NOT IGNORE:\n"
+ "This test program did NOT call " GTEST_INIT_GOOGLE_TEST_NAME_
+ "() before calling RUN_ALL_TESTS(). This is INVALID. Soon " GTEST_NAME_
+ " will start to enforce the valid usage. "
+ "Please fix it ASAP, or IT WILL START TO FAIL.\n"); // NOLINT
+#if GTEST_FOR_GOOGLE_
+ ColoredPrintf(COLOR_RED,
+ "For more details, see http://wiki/Main/ValidGUnitMain.\n");
+#endif // GTEST_FOR_GOOGLE_
+ }
+
return !failed;
}
@@ -4726,8 +5326,8 @@ bool ShouldRunTestOnShard(int total_shards, int shard_index, int test_id) {
// each TestCase and TestInfo object.
// If shard_tests == true, further filters tests based on sharding
// variables in the environment - see
-// http://code.google.com/p/googletest/wiki/GoogleTestAdvancedGuide.
-// Returns the number of tests that should run.
+// https://github.com/google/googletest/blob/master/googletest/docs/advanced.md
+// . Returns the number of tests that should run.
int UnitTestImpl::FilterTests(ReactionToSharding shard_tests) {
const Int32 total_shards = shard_tests == HONOR_SHARDING_PROTOCOL ?
Int32FromEnvOrDie(kTestTotalShards, -1) : -1;
@@ -4766,10 +5366,11 @@ int UnitTestImpl::FilterTests(ReactionToSharding shard_tests) {
(GTEST_FLAG(also_run_disabled_tests) || !is_disabled) &&
matches_filter;
- const bool is_selected = is_runnable &&
- (shard_tests == IGNORE_SHARDING_PROTOCOL ||
- ShouldRunTestOnShard(total_shards, shard_index,
- num_runnable_tests));
+ const bool is_in_another_shard =
+ shard_tests != IGNORE_SHARDING_PROTOCOL &&
+ !ShouldRunTestOnShard(total_shards, shard_index, num_runnable_tests);
+ test_info->is_in_another_shard_ = is_in_another_shard;
+ const bool is_selected = is_runnable && !is_in_another_shard;
num_runnable_tests += is_runnable;
num_selected_tests += is_selected;
@@ -4839,6 +5440,23 @@ void UnitTestImpl::ListTestsMatchingFilter() {
}
}
fflush(stdout);
+ const std::string& output_format = UnitTestOptions::GetOutputFormat();
+ if (output_format == "xml" || output_format == "json") {
+ FILE* fileout = OpenFileForWriting(
+ UnitTestOptions::GetAbsolutePathToOutputFile().c_str());
+ std::stringstream stream;
+ if (output_format == "xml") {
+ XmlUnitTestResultPrinter(
+ UnitTestOptions::GetAbsolutePathToOutputFile().c_str())
+ .PrintXmlTestsList(&stream, test_cases_);
+ } else if (output_format == "json") {
+ JsonUnitTestResultPrinter(
+ UnitTestOptions::GetAbsolutePathToOutputFile().c_str())
+ .PrintJsonTestList(&stream, test_cases_);
+ }
+ fprintf(fileout, "%s", StringStreamToString(&stream).c_str());
+ fclose(fileout);
+ }
}
// Sets the OS stack trace getter.
@@ -4859,17 +5477,25 @@ void UnitTestImpl::set_os_stack_trace_getter(
// getter, and returns it.
OsStackTraceGetterInterface* UnitTestImpl::os_stack_trace_getter() {
if (os_stack_trace_getter_ == NULL) {
+#ifdef GTEST_OS_STACK_TRACE_GETTER_
+ os_stack_trace_getter_ = new GTEST_OS_STACK_TRACE_GETTER_;
+#else
os_stack_trace_getter_ = new OsStackTraceGetter;
+#endif // GTEST_OS_STACK_TRACE_GETTER_
}
return os_stack_trace_getter_;
}
-// Returns the TestResult for the test that's currently running, or
-// the TestResult for the ad hoc test if no test is running.
+// Returns the most specific TestResult currently running.
TestResult* UnitTestImpl::current_test_result() {
- return current_test_info_ ?
- &(current_test_info_->result_) : &ad_hoc_test_result_;
+ if (current_test_info_ != NULL) {
+ return ¤t_test_info_->result_;
+ }
+ if (current_test_case_ != NULL) {
+ return ¤t_test_case_->ad_hoc_test_result_;
+ }
+ return &ad_hoc_test_result_;
}
// Shuffles all test cases, and the tests within each test case,
@@ -4950,9 +5576,8 @@ bool SkipPrefix(const char* prefix, const char** pstr) {
// part can be omitted.
//
// Returns the value of the flag, or NULL if the parsing failed.
-const char* ParseFlagValue(const char* str,
- const char* flag,
- bool def_optional) {
+static const char* ParseFlagValue(const char* str, const char* flag,
+ bool def_optional) {
// str and flag must not be NULL.
if (str == NULL || flag == NULL) return NULL;
@@ -4988,7 +5613,7 @@ const char* ParseFlagValue(const char* str,
//
// On success, stores the value of the flag in *value, and returns
// true. On failure, returns false without changing *value.
-bool ParseBoolFlag(const char* str, const char* flag, bool* value) {
+static bool ParseBoolFlag(const char* str, const char* flag, bool* value) {
// Gets the value of the flag as a string.
const char* const value_str = ParseFlagValue(str, flag, true);
@@ -5022,7 +5647,8 @@ bool ParseInt32Flag(const char* str, const char* flag, Int32* value) {
//
// On success, stores the value of the flag in *value, and returns
// true. On failure, returns false without changing *value.
-bool ParseStringFlag(const char* str, const char* flag, std::string* value) {
+template <typename String>
+static bool ParseStringFlag(const char* str, const char* flag, String* value) {
// Gets the value of the flag as a string.
const char* const value_str = ParseFlagValue(str, flag, false);
@@ -5058,7 +5684,7 @@ static bool HasGoogleTestFlagPrefix(const char* str) {
// @Y changes the color to yellow.
// @D changes to the default terminal text color.
//
-// TODO(wan@google.com): Write tests for this once we add stdout
+// FIXME: Write tests for this once we add stdout
// capturing to Google Test.
static void PrintColorEncoded(const char* str) {
GTestColor color = COLOR_DEFAULT; // The current color.
@@ -5124,24 +5750,25 @@ static const char kColorEncodedHelpMessage[] =
" Enable/disable colored output. The default is @Gauto@D.\n"
" -@G-" GTEST_FLAG_PREFIX_ "print_time=0@D\n"
" Don't print the elapsed time of each test.\n"
-" @G--" GTEST_FLAG_PREFIX_ "output=xml@Y[@G:@YDIRECTORY_PATH@G"
+" @G--" GTEST_FLAG_PREFIX_ "output=@Y(@Gjson@Y|@Gxml@Y)[@G:@YDIRECTORY_PATH@G"
GTEST_PATH_SEP_ "@Y|@G:@YFILE_PATH]@D\n"
-" Generate an XML report in the given directory or with the given file\n"
-" name. @YFILE_PATH@D defaults to @Gtest_details.xml@D.\n"
-#if GTEST_CAN_STREAM_RESULTS_
+" Generate a JSON or XML report in the given directory or with the given\n"
+" file name. @YFILE_PATH@D defaults to @Gtest_details.xml@D.\n"
+# if GTEST_CAN_STREAM_RESULTS_
" @G--" GTEST_FLAG_PREFIX_ "stream_result_to=@YHOST@G:@YPORT@D\n"
" Stream test results to the given server.\n"
-#endif // GTEST_CAN_STREAM_RESULTS_
+# endif // GTEST_CAN_STREAM_RESULTS_
"\n"
"Assertion Behavior:\n"
-#if GTEST_HAS_DEATH_TEST && !GTEST_OS_WINDOWS
+# if GTEST_HAS_DEATH_TEST && !GTEST_OS_WINDOWS
" @G--" GTEST_FLAG_PREFIX_ "death_test_style=@Y(@Gfast@Y|@Gthreadsafe@Y)@D\n"
" Set the default death test style.\n"
-#endif // GTEST_HAS_DEATH_TEST && !GTEST_OS_WINDOWS
+# endif // GTEST_HAS_DEATH_TEST && !GTEST_OS_WINDOWS
" @G--" GTEST_FLAG_PREFIX_ "break_on_failure@D\n"
" Turn assertion failures into debugger break-points.\n"
" @G--" GTEST_FLAG_PREFIX_ "throw_on_failure@D\n"
-" Turn assertion failures into C++ exceptions.\n"
+" Turn assertion failures into C++ exceptions for use by an external\n"
+" test framework.\n"
" @G--" GTEST_FLAG_PREFIX_ "catch_exceptions=0@D\n"
" Do not report exceptions as test failures. Instead, allow them\n"
" to crash the program or throw a pop-up (on Windows).\n"
@@ -5158,6 +5785,56 @@ static const char kColorEncodedHelpMessage[] =
"(not one in your own code or tests), please report it to\n"
"@G<" GTEST_DEV_EMAIL_ ">@D.\n";
+static bool ParseGoogleTestFlag(const char* const arg) {
+ return ParseBoolFlag(arg, kAlsoRunDisabledTestsFlag,
+ >EST_FLAG(also_run_disabled_tests)) ||
+ ParseBoolFlag(arg, kBreakOnFailureFlag,
+ >EST_FLAG(break_on_failure)) ||
+ ParseBoolFlag(arg, kCatchExceptionsFlag,
+ >EST_FLAG(catch_exceptions)) ||
+ ParseStringFlag(arg, kColorFlag, >EST_FLAG(color)) ||
+ ParseStringFlag(arg, kDeathTestStyleFlag,
+ >EST_FLAG(death_test_style)) ||
+ ParseBoolFlag(arg, kDeathTestUseFork,
+ >EST_FLAG(death_test_use_fork)) ||
+ ParseStringFlag(arg, kFilterFlag, >EST_FLAG(filter)) ||
+ ParseStringFlag(arg, kInternalRunDeathTestFlag,
+ >EST_FLAG(internal_run_death_test)) ||
+ ParseBoolFlag(arg, kListTestsFlag, >EST_FLAG(list_tests)) ||
+ ParseStringFlag(arg, kOutputFlag, >EST_FLAG(output)) ||
+ ParseBoolFlag(arg, kPrintTimeFlag, >EST_FLAG(print_time)) ||
+ ParseBoolFlag(arg, kPrintUTF8Flag, >EST_FLAG(print_utf8)) ||
+ ParseInt32Flag(arg, kRandomSeedFlag, >EST_FLAG(random_seed)) ||
+ ParseInt32Flag(arg, kRepeatFlag, >EST_FLAG(repeat)) ||
+ ParseBoolFlag(arg, kShuffleFlag, >EST_FLAG(shuffle)) ||
+ ParseInt32Flag(arg, kStackTraceDepthFlag,
+ >EST_FLAG(stack_trace_depth)) ||
+ ParseStringFlag(arg, kStreamResultToFlag,
+ >EST_FLAG(stream_result_to)) ||
+ ParseBoolFlag(arg, kThrowOnFailureFlag,
+ >EST_FLAG(throw_on_failure));
+}
+
+#if GTEST_USE_OWN_FLAGFILE_FLAG_
+static void LoadFlagsFromFile(const std::string& path) {
+ FILE* flagfile = posix::FOpen(path.c_str(), "r");
+ if (!flagfile) {
+ GTEST_LOG_(FATAL) << "Unable to open file \"" << GTEST_FLAG(flagfile)
+ << "\"";
+ }
+ std::string contents(ReadEntireFile(flagfile));
+ posix::FClose(flagfile);
+ std::vector<std::string> lines;
+ SplitString(contents, '\n', &lines);
+ for (size_t i = 0; i < lines.size(); ++i) {
+ if (lines[i].empty())
+ continue;
+ if (!ParseGoogleTestFlag(lines[i].c_str()))
+ g_help_flag = true;
+ }
+}
+#endif // GTEST_USE_OWN_FLAGFILE_FLAG_
+
// Parses the command line for Google Test flags, without initializing
// other parts of Google Test. The type parameter CharType can be
// instantiated to either char or wchar_t.
@@ -5171,35 +5848,24 @@ void ParseGoogleTestFlagsOnlyImpl(int* argc, CharType** argv) {
using internal::ParseInt32Flag;
using internal::ParseStringFlag;
- // Do we see a Google Test flag?
- if (ParseBoolFlag(arg, kAlsoRunDisabledTestsFlag,
- >EST_FLAG(also_run_disabled_tests)) ||
- ParseBoolFlag(arg, kBreakOnFailureFlag,
- >EST_FLAG(break_on_failure)) ||
- ParseBoolFlag(arg, kCatchExceptionsFlag,
- >EST_FLAG(catch_exceptions)) ||
- ParseStringFlag(arg, kColorFlag, >EST_FLAG(color)) ||
- ParseStringFlag(arg, kDeathTestStyleFlag,
- >EST_FLAG(death_test_style)) ||
- ParseBoolFlag(arg, kDeathTestUseFork,
- >EST_FLAG(death_test_use_fork)) ||
- ParseStringFlag(arg, kFilterFlag, >EST_FLAG(filter)) ||
- ParseStringFlag(arg, kInternalRunDeathTestFlag,
- >EST_FLAG(internal_run_death_test)) ||
- ParseBoolFlag(arg, kListTestsFlag, >EST_FLAG(list_tests)) ||
- ParseStringFlag(arg, kOutputFlag, >EST_FLAG(output)) ||
- ParseBoolFlag(arg, kPrintTimeFlag, >EST_FLAG(print_time)) ||
- ParseInt32Flag(arg, kRandomSeedFlag, >EST_FLAG(random_seed)) ||
- ParseInt32Flag(arg, kRepeatFlag, >EST_FLAG(repeat)) ||
- ParseBoolFlag(arg, kShuffleFlag, >EST_FLAG(shuffle)) ||
- ParseInt32Flag(arg, kStackTraceDepthFlag,
- >EST_FLAG(stack_trace_depth)) ||
- ParseStringFlag(arg, kStreamResultToFlag,
- >EST_FLAG(stream_result_to)) ||
- ParseBoolFlag(arg, kThrowOnFailureFlag,
- >EST_FLAG(throw_on_failure))
- ) {
- // Yes. Shift the remainder of the argv list left by one. Note
+ bool remove_flag = false;
+ if (ParseGoogleTestFlag(arg)) {
+ remove_flag = true;
+#if GTEST_USE_OWN_FLAGFILE_FLAG_
+ } else if (ParseStringFlag(arg, kFlagfileFlag, >EST_FLAG(flagfile))) {
+ LoadFlagsFromFile(GTEST_FLAG(flagfile));
+ remove_flag = true;
+#endif // GTEST_USE_OWN_FLAGFILE_FLAG_
+ } else if (arg_string == "--help" || arg_string == "-h" ||
+ arg_string == "-?" || arg_string == "/?" ||
+ HasGoogleTestFlagPrefix(arg)) {
+ // Both help flag and unrecognized Google Test flags (excluding
+ // internal ones) trigger help display.
+ g_help_flag = true;
+ }
+
+ if (remove_flag) {
+ // Shift the remainder of the argv list left by one. Note
// that argv has (*argc + 1) elements, the last one always being
// NULL. The following loop moves the trailing NULL element as
// well.
@@ -5213,12 +5879,6 @@ void ParseGoogleTestFlagsOnlyImpl(int* argc, CharType** argv) {
// We also need to decrement the iterator as we just removed
// an element.
i--;
- } else if (arg_string == "--help" || arg_string == "-h" ||
- arg_string == "-?" || arg_string == "/?" ||
- HasGoogleTestFlagPrefix(arg)) {
- // Both help flag and unrecognized Google Test flags (excluding
- // internal ones) trigger help display.
- g_help_flag = true;
}
}
@@ -5234,6 +5894,17 @@ void ParseGoogleTestFlagsOnlyImpl(int* argc, CharType** argv) {
// other parts of Google Test.
void ParseGoogleTestFlagsOnly(int* argc, char** argv) {
ParseGoogleTestFlagsOnlyImpl(argc, argv);
+
+ // Fix the value of *_NSGetArgc() on macOS, but iff
+ // *_NSGetArgv() == argv
+ // Only applicable to char** version of argv
+#if GTEST_OS_MAC
+#ifndef GTEST_OS_IOS
+ if (*_NSGetArgv() == argv) {
+ *_NSGetArgc() = *argc;
+ }
+#endif
+#endif
}
void ParseGoogleTestFlagsOnly(int* argc, wchar_t** argv) {
ParseGoogleTestFlagsOnlyImpl(argc, argv);
@@ -5245,23 +5916,19 @@ void ParseGoogleTestFlagsOnly(int* argc, wchar_t** argv) {
// wchar_t.
template <typename CharType>
void InitGoogleTestImpl(int* argc, CharType** argv) {
- g_init_gtest_count++;
-
// We don't want to run the initialization code twice.
- if (g_init_gtest_count != 1) return;
+ if (GTestIsInitialized()) return;
if (*argc <= 0) return;
- internal::g_executable_path = internal::StreamableToString(argv[0]);
-
-#if GTEST_HAS_DEATH_TEST
-
g_argvs.clear();
for (int i = 0; i != *argc; i++) {
g_argvs.push_back(StreamableToString(argv[i]));
}
-#endif // GTEST_HAS_DEATH_TEST
+#if GTEST_HAS_ABSL
+ absl::InitializeSymbolizer(g_argvs[0].c_str());
+#endif // GTEST_HAS_ABSL
ParseGoogleTestFlagsOnly(argc, argv);
GetUnitTestImpl()->PostFlagParsingInit();
@@ -5279,13 +5946,62 @@ void InitGoogleTestImpl(int* argc, CharType** argv) {
//
// Calling the function for the second time has no user-visible effect.
void InitGoogleTest(int* argc, char** argv) {
+#if defined(GTEST_CUSTOM_INIT_GOOGLE_TEST_FUNCTION_)
+ GTEST_CUSTOM_INIT_GOOGLE_TEST_FUNCTION_(argc, argv);
+#else // defined(GTEST_CUSTOM_INIT_GOOGLE_TEST_FUNCTION_)
internal::InitGoogleTestImpl(argc, argv);
+#endif // defined(GTEST_CUSTOM_INIT_GOOGLE_TEST_FUNCTION_)
}
// This overloaded version can be used in Windows programs compiled in
// UNICODE mode.
void InitGoogleTest(int* argc, wchar_t** argv) {
+#if defined(GTEST_CUSTOM_INIT_GOOGLE_TEST_FUNCTION_)
+ GTEST_CUSTOM_INIT_GOOGLE_TEST_FUNCTION_(argc, argv);
+#else // defined(GTEST_CUSTOM_INIT_GOOGLE_TEST_FUNCTION_)
internal::InitGoogleTestImpl(argc, argv);
+#endif // defined(GTEST_CUSTOM_INIT_GOOGLE_TEST_FUNCTION_)
+}
+
+std::string TempDir() {
+#if defined(GTEST_CUSTOM_TEMPDIR_FUNCTION_)
+ return GTEST_CUSTOM_TEMPDIR_FUNCTION_();
+#endif
+
+#if GTEST_OS_WINDOWS_MOBILE
+ return "\\temp\\";
+#elif GTEST_OS_WINDOWS
+ const char* temp_dir = internal::posix::GetEnv("TEMP");
+ if (temp_dir == NULL || temp_dir[0] == '\0')
+ return "\\temp\\";
+ else if (temp_dir[strlen(temp_dir) - 1] == '\\')
+ return temp_dir;
+ else
+ return std::string(temp_dir) + "\\";
+#elif GTEST_OS_LINUX_ANDROID
+ return "/sdcard/";
+#else
+ return "/tmp/";
+#endif // GTEST_OS_WINDOWS_MOBILE
+}
+
+// Class ScopedTrace
+
+// Pushes the given source file location and message onto a per-thread
+// trace stack maintained by Google Test.
+void ScopedTrace::PushTrace(const char* file, int line, std::string message) {
+ internal::TraceInfo trace;
+ trace.file = file;
+ trace.line = line;
+ trace.message.swap(message);
+
+ UnitTest::GetInstance()->PushGTestTrace(trace);
+}
+
+// Pops the info pushed by the c'tor.
+ScopedTrace::~ScopedTrace()
+ GTEST_LOCK_EXCLUDED_(&UnitTest::mutex_) {
+ UnitTest::GetInstance()->PopGTestTrace();
}
} // namespace testing
diff --git a/security/nss/gtests/google_test/gtest/src/gtest_main.cc b/security/nss/gtests/google_test/gtest/src/gtest_main.cc
index f30282255..2113f621e 100644
--- a/security/nss/gtests/google_test/gtest/src/gtest_main.cc
+++ b/security/nss/gtests/google_test/gtest/src/gtest_main.cc
@@ -28,11 +28,10 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include <stdio.h>
-
#include "gtest/gtest.h"
GTEST_API_ int main(int argc, char **argv) {
- printf("Running main() from gtest_main.cc\n");
+ printf("Running main() from %s\n", __FILE__);
testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
}
diff --git a/security/nss/gtests/google_test/gtest/test/BUILD.bazel b/security/nss/gtests/google_test/gtest/test/BUILD.bazel
new file mode 100644
index 000000000..a930d65e0
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/BUILD.bazel
@@ -0,0 +1,527 @@
+# Copyright 2017 Google Inc.
+# All Rights Reserved.
+#
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# Author: misterg@google.com (Gennadiy Civil)
+#
+# Bazel BUILD for The Google C++ Testing Framework (Google Test)
+
+licenses(["notice"])
+
+config_setting(
+ name = "windows",
+ values = {"cpu": "x64_windows"},
+)
+
+config_setting(
+ name = "windows_msvc",
+ values = {"cpu": "x64_windows_msvc"},
+)
+
+config_setting(
+ name = "has_absl",
+ values = {"define": "absl=1"},
+)
+
+#on windows exclude gtest-tuple.h and googletest-tuple-test.cc
+cc_test(
+ name = "gtest_all_test",
+ size = "small",
+ srcs = glob(
+ include = [
+ "gtest-*.cc",
+ "googletest-*.cc",
+ "*.h",
+ "googletest/include/gtest/**/*.h",
+ ],
+ exclude = [
+ "gtest-unittest-api_test.cc",
+ "googletest-tuple-test.cc",
+ "googletest/src/gtest-all.cc",
+ "gtest_all_test.cc",
+ "gtest-death-test_ex_test.cc",
+ "gtest-listener_test.cc",
+ "gtest-unittest-api_test.cc",
+ "googletest-param-test-test.cc",
+ "googletest-catch-exceptions-test_.cc",
+ "googletest-color-test_.cc",
+ "googletest-env-var-test_.cc",
+ "googletest-filter-unittest_.cc",
+ "googletest-break-on-failure-unittest_.cc",
+ "googletest-listener-test.cc",
+ "googletest-output-test_.cc",
+ "googletest-list-tests-unittest_.cc",
+ "googletest-shuffle-test_.cc",
+ "googletest-uninitialized-test_.cc",
+ "googletest-death-test_ex_test.cc",
+ "googletest-param-test-test",
+ "googletest-throw-on-failure-test_.cc",
+ "googletest-param-test-invalid-name1-test_.cc",
+ "googletest-param-test-invalid-name2-test_.cc",
+
+ ],
+ ) + select({
+ "//:windows": [],
+ "//:windows_msvc": [],
+ "//conditions:default": [
+ "googletest-tuple-test.cc",
+ ],
+ }),
+ copts = select({
+ "//:windows": ["-DGTEST_USE_OWN_TR1_TUPLE=0"],
+ "//:windows_msvc": ["-DGTEST_USE_OWN_TR1_TUPLE=0"],
+ "//conditions:default": ["-DGTEST_USE_OWN_TR1_TUPLE=1"],
+ }),
+ includes = [
+ "googletest",
+ "googletest/include",
+ "googletest/include/internal",
+ "googletest/test",
+ ],
+ linkopts = select({
+ "//:windows": [],
+ "//:windows_msvc": [],
+ "//conditions:default": [
+ "-pthread",
+ ],
+ }),
+ deps = ["//:gtest_main"],
+)
+
+
+# Tests death tests.
+cc_test(
+ name = "googletest-death-test-test",
+ size = "medium",
+ srcs = ["googletest-death-test-test.cc"],
+ deps = ["//:gtest_main"],
+)
+
+cc_test(
+ name = "gtest_test_macro_stack_footprint_test",
+ size = "small",
+ srcs = ["gtest_test_macro_stack_footprint_test.cc"],
+ deps = ["//:gtest"],
+)
+
+#These googletest tests have their own main()
+cc_test(
+ name = "googletest-listener-test",
+ size = "small",
+ srcs = ["googletest-listener-test.cc"],
+ deps = ["//:gtest_main"],
+)
+
+cc_test(
+ name = "gtest-unittest-api_test",
+ size = "small",
+ srcs = [
+ "gtest-unittest-api_test.cc",
+ ],
+ deps = [
+ "//:gtest",
+ ],
+)
+
+cc_test(
+ name = "googletest-param-test-test",
+ size = "small",
+ srcs = [
+ "googletest-param-test-test.cc",
+ "googletest-param-test-test.h",
+ "googletest-param-test2-test.cc",
+ ],
+ deps = ["//:gtest"],
+)
+
+cc_test(
+ name = "gtest_unittest",
+ size = "small",
+ srcs = ["gtest_unittest.cc"],
+ args = ["--heap_check=strict"],
+ shard_count = 2,
+ deps = ["//:gtest_main"],
+)
+
+# Py tests
+
+py_library(
+ name = "gtest_test_utils",
+ testonly = 1,
+ srcs = ["gtest_test_utils.py"],
+)
+
+cc_binary(
+ name = "gtest_help_test_",
+ testonly = 1,
+ srcs = ["gtest_help_test_.cc"],
+ deps = ["//:gtest_main"],
+)
+
+py_test(
+ name = "gtest_help_test",
+ size = "small",
+ srcs = ["gtest_help_test.py"],
+ data = [":gtest_help_test_"],
+ deps = [":gtest_test_utils"],
+)
+
+cc_binary(
+ name = "googletest-output-test_",
+ testonly = 1,
+ srcs = ["googletest-output-test_.cc"],
+ deps = ["//:gtest"],
+)
+
+
+py_test(
+ name = "googletest-output-test",
+ size = "small",
+ srcs = ["googletest-output-test.py"],
+ args = select({
+ ":has_absl": [],
+ "//conditions:default": ["--no_stacktrace_support"],
+ }),
+ data = [
+ "googletest-output-test-golden-lin.txt",
+ ":googletest-output-test_",
+ ],
+ deps = [":gtest_test_utils"],
+)
+
+cc_binary(
+ name = "googletest-color-test_",
+ testonly = 1,
+ srcs = ["googletest-color-test_.cc"],
+ deps = ["//:gtest"],
+)
+
+py_test(
+ name = "googletest-color-test",
+ size = "small",
+ srcs = ["googletest-color-test.py"],
+ data = [":googletest-color-test_"],
+ deps = [":gtest_test_utils"],
+)
+
+cc_binary(
+ name = "googletest-env-var-test_",
+ testonly = 1,
+ srcs = ["googletest-env-var-test_.cc"],
+ deps = ["//:gtest"],
+)
+
+py_test(
+ name = "googletest-env-var-test",
+ size = "medium",
+ srcs = ["googletest-env-var-test.py"],
+ data = [":googletest-env-var-test_"],
+ deps = [":gtest_test_utils"],
+)
+
+cc_binary(
+ name = "googletest-filter-unittest_",
+ testonly = 1,
+ srcs = ["googletest-filter-unittest_.cc"],
+ deps = ["//:gtest"],
+)
+
+py_test(
+ name = "googletest-filter-unittest",
+ size = "medium",
+ srcs = ["googletest-filter-unittest.py"],
+ data = [":googletest-filter-unittest_"],
+ deps = [":gtest_test_utils"],
+)
+
+
+cc_binary(
+ name = "googletest-break-on-failure-unittest_",
+ testonly = 1,
+ srcs = ["googletest-break-on-failure-unittest_.cc"],
+ deps = ["//:gtest"],
+)
+
+
+
+py_test(
+ name = "googletest-break-on-failure-unittest",
+ size = "small",
+ srcs = ["googletest-break-on-failure-unittest.py"],
+ data = [":googletest-break-on-failure-unittest_"],
+ deps = [":gtest_test_utils"],
+)
+
+
+cc_test(
+ name = "gtest_assert_by_exception_test",
+ size = "small",
+ srcs = ["gtest_assert_by_exception_test.cc"],
+ deps = ["//:gtest"],
+)
+
+
+
+cc_binary(
+ name = "googletest-throw-on-failure-test_",
+ testonly = 1,
+ srcs = ["googletest-throw-on-failure-test_.cc"],
+ deps = ["//:gtest"],
+)
+
+py_test(
+ name = "googletest-throw-on-failure-test",
+ size = "small",
+ srcs = ["googletest-throw-on-failure-test.py"],
+ data = [":googletest-throw-on-failure-test_"],
+ deps = [":gtest_test_utils"],
+)
+
+
+cc_binary(
+ name = "googletest-list-tests-unittest_",
+ testonly = 1,
+ srcs = ["googletest-list-tests-unittest_.cc"],
+ deps = ["//:gtest"],
+)
+
+py_test(
+ name = "googletest-list-tests-unittest",
+ size = "small",
+ srcs = ["googletest-list-tests-unittest.py"],
+ data = [":googletest-list-tests-unittest_"],
+ deps = [":gtest_test_utils"],
+)
+
+cc_binary(
+ name = "googletest-shuffle-test_",
+ srcs = ["googletest-shuffle-test_.cc"],
+ deps = ["//:gtest"],
+)
+
+py_test(
+ name = "googletest-shuffle-test",
+ size = "small",
+ srcs = ["googletest-shuffle-test.py"],
+ data = [":googletest-shuffle-test_"],
+ deps = [":gtest_test_utils"],
+)
+
+cc_binary(
+ name = "googletest-catch-exceptions-no-ex-test_",
+ testonly = 1,
+ srcs = ["googletest-catch-exceptions-test_.cc"],
+ deps = ["//:gtest_main"],
+)
+
+cc_binary(
+ name = "googletest-catch-exceptions-ex-test_",
+ testonly = 1,
+ srcs = ["googletest-catch-exceptions-test_.cc"],
+ copts = ["-fexceptions"],
+ deps = ["//:gtest_main"],
+)
+
+py_test(
+ name = "googletest-catch-exceptions-test",
+ size = "small",
+ srcs = ["googletest-catch-exceptions-test.py"],
+ data = [
+ ":googletest-catch-exceptions-ex-test_",
+ ":googletest-catch-exceptions-no-ex-test_",
+ ],
+ deps = [":gtest_test_utils"],
+)
+
+cc_binary(
+ name = "gtest_xml_output_unittest_",
+ testonly = 1,
+ srcs = ["gtest_xml_output_unittest_.cc"],
+ deps = ["//:gtest"],
+)
+
+cc_test(
+ name = "gtest_no_test_unittest",
+ size = "small",
+ srcs = ["gtest_no_test_unittest.cc"],
+ deps = ["//:gtest"],
+)
+
+py_test(
+ name = "gtest_xml_output_unittest",
+ size = "small",
+ srcs = [
+ "gtest_xml_output_unittest.py",
+ "gtest_xml_test_utils.py",
+ ],
+ args = select({
+ ":has_absl": [],
+ "//conditions:default": ["--no_stacktrace_support"],
+ }),
+ data = [
+ # We invoke gtest_no_test_unittest to verify the XML output
+ # when the test program contains no test definition.
+ ":gtest_no_test_unittest",
+ ":gtest_xml_output_unittest_",
+ ],
+ deps = [":gtest_test_utils"],
+)
+
+cc_binary(
+ name = "gtest_xml_outfile1_test_",
+ testonly = 1,
+ srcs = ["gtest_xml_outfile1_test_.cc"],
+ deps = ["//:gtest_main"],
+)
+
+cc_binary(
+ name = "gtest_xml_outfile2_test_",
+ testonly = 1,
+ srcs = ["gtest_xml_outfile2_test_.cc"],
+ deps = ["//:gtest_main"],
+)
+
+py_test(
+ name = "gtest_xml_outfiles_test",
+ size = "small",
+ srcs = [
+ "gtest_xml_outfiles_test.py",
+ "gtest_xml_test_utils.py",
+ ],
+ data = [
+ ":gtest_xml_outfile1_test_",
+ ":gtest_xml_outfile2_test_",
+ ],
+ deps = [":gtest_test_utils"],
+)
+
+cc_binary(
+ name = "googletest-uninitialized-test_",
+ testonly = 1,
+ srcs = ["googletest-uninitialized-test_.cc"],
+ deps = ["//:gtest"],
+)
+
+py_test(
+ name = "googletest-uninitialized-test",
+ size = "medium",
+ srcs = ["googletest-uninitialized-test.py"],
+ data = ["googletest-uninitialized-test_"],
+ deps = [":gtest_test_utils"],
+)
+
+cc_binary(
+ name = "gtest_testbridge_test_",
+ testonly = 1,
+ srcs = ["gtest_testbridge_test_.cc"],
+ deps = ["//:gtest_main"],
+)
+
+# Tests that filtering via testbridge works
+py_test(
+ name = "gtest_testbridge_test",
+ size = "small",
+ srcs = ["gtest_testbridge_test.py"],
+ data = [":gtest_testbridge_test_"],
+ deps = [":gtest_test_utils"],
+)
+
+
+py_test(
+ name = "googletest-json-outfiles-test",
+ size = "small",
+ srcs = [
+ "googletest-json-outfiles-test.py",
+ "gtest_json_test_utils.py",
+ ],
+ data = [
+ ":gtest_xml_outfile1_test_",
+ ":gtest_xml_outfile2_test_",
+ ],
+ deps = [":gtest_test_utils"],
+)
+
+py_test(
+ name = "googletest-json-output-unittest",
+ size = "medium",
+ srcs = [
+ "googletest-json-output-unittest.py",
+ "gtest_json_test_utils.py",
+ ],
+ data = [
+ # We invoke gtest_no_test_unittest to verify the JSON output
+ # when the test program contains no test definition.
+ ":gtest_no_test_unittest",
+ ":gtest_xml_output_unittest_",
+ ],
+ args = select({
+ ":has_absl": [],
+ "//conditions:default": ["--no_stacktrace_support"],
+ }),
+ deps = [":gtest_test_utils"],
+)
+# Verifies interaction of death tests and exceptions.
+cc_test(
+ name = "googletest-death-test_ex_catch_test",
+ size = "medium",
+ srcs = ["googletest-death-test_ex_test.cc"],
+ copts = ["-fexceptions"],
+ defines = ["GTEST_ENABLE_CATCH_EXCEPTIONS_=1"],
+ deps = ["//:gtest"],
+)
+
+cc_binary(
+ name = "googletest-param-test-invalid-name1-test_",
+ testonly = 1,
+ srcs = ["googletest-param-test-invalid-name1-test_.cc"],
+ deps = ["//:gtest"],
+)
+
+cc_binary(
+ name = "googletest-param-test-invalid-name2-test_",
+ testonly = 1,
+ srcs = ["googletest-param-test-invalid-name2-test_.cc"],
+ deps = ["//:gtest"],
+)
+
+py_test(
+ name = "googletest-param-test-invalid-name1-test",
+ size = "small",
+ srcs = ["googletest-param-test-invalid-name1-test.py"],
+ data = [":googletest-param-test-invalid-name1-test_"],
+ deps = [":gtest_test_utils"],
+)
+
+py_test(
+ name = "googletest-param-test-invalid-name2-test",
+ size = "small",
+ srcs = ["googletest-param-test-invalid-name2-test.py"],
+ data = [":googletest-param-test-invalid-name2-test_"],
+ deps = [":gtest_test_utils"],
+)
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-break-on-failure-unittest.py b/security/nss/gtests/google_test/gtest/test/googletest-break-on-failure-unittest.py
new file mode 100644
index 000000000..a5dfbc693
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-break-on-failure-unittest.py
@@ -0,0 +1,208 @@
+#!/usr/bin/env python
+#
+# Copyright 2006, Google Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Unit test for Google Test's break-on-failure mode.
+
+A user can ask Google Test to seg-fault when an assertion fails, using
+either the GTEST_BREAK_ON_FAILURE environment variable or the
+--gtest_break_on_failure flag. This script tests such functionality
+by invoking googletest-break-on-failure-unittest_ (a program written with
+Google Test) with different environments and command line flags.
+"""
+
+import os
+import gtest_test_utils
+
+# Constants.
+
+IS_WINDOWS = os.name == 'nt'
+
+# The environment variable for enabling/disabling the break-on-failure mode.
+BREAK_ON_FAILURE_ENV_VAR = 'GTEST_BREAK_ON_FAILURE'
+
+# The command line flag for enabling/disabling the break-on-failure mode.
+BREAK_ON_FAILURE_FLAG = 'gtest_break_on_failure'
+
+# The environment variable for enabling/disabling the throw-on-failure mode.
+THROW_ON_FAILURE_ENV_VAR = 'GTEST_THROW_ON_FAILURE'
+
+# The environment variable for enabling/disabling the catch-exceptions mode.
+CATCH_EXCEPTIONS_ENV_VAR = 'GTEST_CATCH_EXCEPTIONS'
+
+# Path to the googletest-break-on-failure-unittest_ program.
+EXE_PATH = gtest_test_utils.GetTestExecutablePath(
+ 'googletest-break-on-failure-unittest_')
+
+
+environ = gtest_test_utils.environ
+SetEnvVar = gtest_test_utils.SetEnvVar
+
+# Tests in this file run a Google-Test-based test program and expect it
+# to terminate prematurely. Therefore they are incompatible with
+# the premature-exit-file protocol by design. Unset the
+# premature-exit filepath to prevent Google Test from creating
+# the file.
+SetEnvVar(gtest_test_utils.PREMATURE_EXIT_FILE_ENV_VAR, None)
+
+
+def Run(command):
+ """Runs a command; returns 1 if it was killed by a signal, or 0 otherwise."""
+
+ p = gtest_test_utils.Subprocess(command, env=environ)
+ if p.terminated_by_signal:
+ return 1
+ else:
+ return 0
+
+
+# The tests.
+
+
+class GTestBreakOnFailureUnitTest(gtest_test_utils.TestCase):
+ """Tests using the GTEST_BREAK_ON_FAILURE environment variable or
+ the --gtest_break_on_failure flag to turn assertion failures into
+ segmentation faults.
+ """
+
+ def RunAndVerify(self, env_var_value, flag_value, expect_seg_fault):
+ """Runs googletest-break-on-failure-unittest_ and verifies that it does
+ (or does not) have a seg-fault.
+
+ Args:
+ env_var_value: value of the GTEST_BREAK_ON_FAILURE environment
+ variable; None if the variable should be unset.
+ flag_value: value of the --gtest_break_on_failure flag;
+ None if the flag should not be present.
+ expect_seg_fault: 1 if the program is expected to generate a seg-fault;
+ 0 otherwise.
+ """
+
+ SetEnvVar(BREAK_ON_FAILURE_ENV_VAR, env_var_value)
+
+ if env_var_value is None:
+ env_var_value_msg = ' is not set'
+ else:
+ env_var_value_msg = '=' + env_var_value
+
+ if flag_value is None:
+ flag = ''
+ elif flag_value == '0':
+ flag = '--%s=0' % BREAK_ON_FAILURE_FLAG
+ else:
+ flag = '--%s' % BREAK_ON_FAILURE_FLAG
+
+ command = [EXE_PATH]
+ if flag:
+ command.append(flag)
+
+ if expect_seg_fault:
+ should_or_not = 'should'
+ else:
+ should_or_not = 'should not'
+
+ has_seg_fault = Run(command)
+
+ SetEnvVar(BREAK_ON_FAILURE_ENV_VAR, None)
+
+ msg = ('when %s%s, an assertion failure in "%s" %s cause a seg-fault.' %
+ (BREAK_ON_FAILURE_ENV_VAR, env_var_value_msg, ' '.join(command),
+ should_or_not))
+ self.assert_(has_seg_fault == expect_seg_fault, msg)
+
+ def testDefaultBehavior(self):
+ """Tests the behavior of the default mode."""
+
+ self.RunAndVerify(env_var_value=None,
+ flag_value=None,
+ expect_seg_fault=0)
+
+ def testEnvVar(self):
+ """Tests using the GTEST_BREAK_ON_FAILURE environment variable."""
+
+ self.RunAndVerify(env_var_value='0',
+ flag_value=None,
+ expect_seg_fault=0)
+ self.RunAndVerify(env_var_value='1',
+ flag_value=None,
+ expect_seg_fault=1)
+
+ def testFlag(self):
+ """Tests using the --gtest_break_on_failure flag."""
+
+ self.RunAndVerify(env_var_value=None,
+ flag_value='0',
+ expect_seg_fault=0)
+ self.RunAndVerify(env_var_value=None,
+ flag_value='1',
+ expect_seg_fault=1)
+
+ def testFlagOverridesEnvVar(self):
+ """Tests that the flag overrides the environment variable."""
+
+ self.RunAndVerify(env_var_value='0',
+ flag_value='0',
+ expect_seg_fault=0)
+ self.RunAndVerify(env_var_value='0',
+ flag_value='1',
+ expect_seg_fault=1)
+ self.RunAndVerify(env_var_value='1',
+ flag_value='0',
+ expect_seg_fault=0)
+ self.RunAndVerify(env_var_value='1',
+ flag_value='1',
+ expect_seg_fault=1)
+
+ def testBreakOnFailureOverridesThrowOnFailure(self):
+ """Tests that gtest_break_on_failure overrides gtest_throw_on_failure."""
+
+ SetEnvVar(THROW_ON_FAILURE_ENV_VAR, '1')
+ try:
+ self.RunAndVerify(env_var_value=None,
+ flag_value='1',
+ expect_seg_fault=1)
+ finally:
+ SetEnvVar(THROW_ON_FAILURE_ENV_VAR, None)
+
+ if IS_WINDOWS:
+ def testCatchExceptionsDoesNotInterfere(self):
+ """Tests that gtest_catch_exceptions doesn't interfere."""
+
+ SetEnvVar(CATCH_EXCEPTIONS_ENV_VAR, '1')
+ try:
+ self.RunAndVerify(env_var_value='1',
+ flag_value='1',
+ expect_seg_fault=1)
+ finally:
+ SetEnvVar(CATCH_EXCEPTIONS_ENV_VAR, None)
+
+
+if __name__ == '__main__':
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-break-on-failure-unittest_.cc b/security/nss/gtests/google_test/gtest/test/googletest-break-on-failure-unittest_.cc
new file mode 100644
index 000000000..f84957a2d
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-break-on-failure-unittest_.cc
@@ -0,0 +1,86 @@
+// Copyright 2006, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+// Unit test for Google Test's break-on-failure mode.
+//
+// A user can ask Google Test to seg-fault when an assertion fails, using
+// either the GTEST_BREAK_ON_FAILURE environment variable or the
+// --gtest_break_on_failure flag. This file is used for testing such
+// functionality.
+//
+// This program will be invoked from a Python unit test. It is
+// expected to fail. Don't run it directly.
+
+#include "gtest/gtest.h"
+
+#if GTEST_OS_WINDOWS
+# include <windows.h>
+# include <stdlib.h>
+#endif
+
+namespace {
+
+// A test that's expected to fail.
+TEST(Foo, Bar) {
+ EXPECT_EQ(2, 3);
+}
+
+#if GTEST_HAS_SEH && !GTEST_OS_WINDOWS_MOBILE
+// On Windows Mobile global exception handlers are not supported.
+LONG WINAPI ExitWithExceptionCode(
+ struct _EXCEPTION_POINTERS* exception_pointers) {
+ exit(exception_pointers->ExceptionRecord->ExceptionCode);
+}
+#endif
+
+} // namespace
+
+int main(int argc, char **argv) {
+#if GTEST_OS_WINDOWS
+ // Suppresses display of the Windows error dialog upon encountering
+ // a general protection fault (segment violation).
+ SetErrorMode(SEM_NOGPFAULTERRORBOX | SEM_FAILCRITICALERRORS);
+
+# if GTEST_HAS_SEH && !GTEST_OS_WINDOWS_MOBILE
+
+ // The default unhandled exception filter does not always exit
+ // with the exception code as exit code - for example it exits with
+ // 0 for EXCEPTION_ACCESS_VIOLATION and 1 for EXCEPTION_BREAKPOINT
+ // if the application is compiled in debug mode. Thus we use our own
+ // filter which always exits with the exception code for unhandled
+ // exceptions.
+ SetUnhandledExceptionFilter(ExitWithExceptionCode);
+
+# endif
+#endif // GTEST_OS_WINDOWS
+ testing::InitGoogleTest(&argc, argv);
+
+ return RUN_ALL_TESTS();
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-catch-exceptions-test.py b/security/nss/gtests/google_test/gtest/test/googletest-catch-exceptions-test.py
new file mode 100644
index 000000000..5d49c1023
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-catch-exceptions-test.py
@@ -0,0 +1,233 @@
+#!/usr/bin/env python
+#
+# Copyright 2010 Google Inc. All Rights Reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Tests Google Test's exception catching behavior.
+
+This script invokes googletest-catch-exceptions-test_ and
+googletest-catch-exceptions-ex-test_ (programs written with
+Google Test) and verifies their output.
+"""
+
+import gtest_test_utils
+
+# Constants.
+FLAG_PREFIX = '--gtest_'
+LIST_TESTS_FLAG = FLAG_PREFIX + 'list_tests'
+NO_CATCH_EXCEPTIONS_FLAG = FLAG_PREFIX + 'catch_exceptions=0'
+FILTER_FLAG = FLAG_PREFIX + 'filter'
+
+# Path to the googletest-catch-exceptions-ex-test_ binary, compiled with
+# exceptions enabled.
+EX_EXE_PATH = gtest_test_utils.GetTestExecutablePath(
+ 'googletest-catch-exceptions-ex-test_')
+
+# Path to the googletest-catch-exceptions-test_ binary, compiled with
+# exceptions disabled.
+EXE_PATH = gtest_test_utils.GetTestExecutablePath(
+ 'googletest-catch-exceptions-no-ex-test_')
+
+environ = gtest_test_utils.environ
+SetEnvVar = gtest_test_utils.SetEnvVar
+
+# Tests in this file run a Google-Test-based test program and expect it
+# to terminate prematurely. Therefore they are incompatible with
+# the premature-exit-file protocol by design. Unset the
+# premature-exit filepath to prevent Google Test from creating
+# the file.
+SetEnvVar(gtest_test_utils.PREMATURE_EXIT_FILE_ENV_VAR, None)
+
+TEST_LIST = gtest_test_utils.Subprocess(
+ [EXE_PATH, LIST_TESTS_FLAG], env=environ).output
+
+SUPPORTS_SEH_EXCEPTIONS = 'ThrowsSehException' in TEST_LIST
+
+if SUPPORTS_SEH_EXCEPTIONS:
+ BINARY_OUTPUT = gtest_test_utils.Subprocess([EXE_PATH], env=environ).output
+
+EX_BINARY_OUTPUT = gtest_test_utils.Subprocess(
+ [EX_EXE_PATH], env=environ).output
+
+
+# The tests.
+if SUPPORTS_SEH_EXCEPTIONS:
+ # pylint:disable-msg=C6302
+ class CatchSehExceptionsTest(gtest_test_utils.TestCase):
+ """Tests exception-catching behavior."""
+
+
+ def TestSehExceptions(self, test_output):
+ self.assert_('SEH exception with code 0x2a thrown '
+ 'in the test fixture\'s constructor'
+ in test_output)
+ self.assert_('SEH exception with code 0x2a thrown '
+ 'in the test fixture\'s destructor'
+ in test_output)
+ self.assert_('SEH exception with code 0x2a thrown in SetUpTestCase()'
+ in test_output)
+ self.assert_('SEH exception with code 0x2a thrown in TearDownTestCase()'
+ in test_output)
+ self.assert_('SEH exception with code 0x2a thrown in SetUp()'
+ in test_output)
+ self.assert_('SEH exception with code 0x2a thrown in TearDown()'
+ in test_output)
+ self.assert_('SEH exception with code 0x2a thrown in the test body'
+ in test_output)
+
+ def testCatchesSehExceptionsWithCxxExceptionsEnabled(self):
+ self.TestSehExceptions(EX_BINARY_OUTPUT)
+
+ def testCatchesSehExceptionsWithCxxExceptionsDisabled(self):
+ self.TestSehExceptions(BINARY_OUTPUT)
+
+
+class CatchCxxExceptionsTest(gtest_test_utils.TestCase):
+ """Tests C++ exception-catching behavior.
+
+ Tests in this test case verify that:
+ * C++ exceptions are caught and logged as C++ (not SEH) exceptions
+ * Exception thrown affect the remainder of the test work flow in the
+ expected manner.
+ """
+
+ def testCatchesCxxExceptionsInFixtureConstructor(self):
+ self.assert_('C++ exception with description '
+ '"Standard C++ exception" thrown '
+ 'in the test fixture\'s constructor'
+ in EX_BINARY_OUTPUT)
+ self.assert_('unexpected' not in EX_BINARY_OUTPUT,
+ 'This failure belongs in this test only if '
+ '"CxxExceptionInConstructorTest" (no quotes) '
+ 'appears on the same line as words "called unexpectedly"')
+
+ if ('CxxExceptionInDestructorTest.ThrowsExceptionInDestructor' in
+ EX_BINARY_OUTPUT):
+
+ def testCatchesCxxExceptionsInFixtureDestructor(self):
+ self.assert_('C++ exception with description '
+ '"Standard C++ exception" thrown '
+ 'in the test fixture\'s destructor'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInDestructorTest::TearDownTestCase() '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+
+ def testCatchesCxxExceptionsInSetUpTestCase(self):
+ self.assert_('C++ exception with description "Standard C++ exception"'
+ ' thrown in SetUpTestCase()'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInConstructorTest::TearDownTestCase() '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInSetUpTestCaseTest constructor '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInSetUpTestCaseTest destructor '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInSetUpTestCaseTest::SetUp() '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInSetUpTestCaseTest::TearDown() '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInSetUpTestCaseTest test body '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+
+ def testCatchesCxxExceptionsInTearDownTestCase(self):
+ self.assert_('C++ exception with description "Standard C++ exception"'
+ ' thrown in TearDownTestCase()'
+ in EX_BINARY_OUTPUT)
+
+ def testCatchesCxxExceptionsInSetUp(self):
+ self.assert_('C++ exception with description "Standard C++ exception"'
+ ' thrown in SetUp()'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInSetUpTest::TearDownTestCase() '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInSetUpTest destructor '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInSetUpTest::TearDown() '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+ self.assert_('unexpected' not in EX_BINARY_OUTPUT,
+ 'This failure belongs in this test only if '
+ '"CxxExceptionInSetUpTest" (no quotes) '
+ 'appears on the same line as words "called unexpectedly"')
+
+ def testCatchesCxxExceptionsInTearDown(self):
+ self.assert_('C++ exception with description "Standard C++ exception"'
+ ' thrown in TearDown()'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInTearDownTest::TearDownTestCase() '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInTearDownTest destructor '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+
+ def testCatchesCxxExceptionsInTestBody(self):
+ self.assert_('C++ exception with description "Standard C++ exception"'
+ ' thrown in the test body'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInTestBodyTest::TearDownTestCase() '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInTestBodyTest destructor '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+ self.assert_('CxxExceptionInTestBodyTest::TearDown() '
+ 'called as expected.'
+ in EX_BINARY_OUTPUT)
+
+ def testCatchesNonStdCxxExceptions(self):
+ self.assert_('Unknown C++ exception thrown in the test body'
+ in EX_BINARY_OUTPUT)
+
+ def testUnhandledCxxExceptionsAbortTheProgram(self):
+ # Filters out SEH exception tests on Windows. Unhandled SEH exceptions
+ # cause tests to show pop-up windows there.
+ FITLER_OUT_SEH_TESTS_FLAG = FILTER_FLAG + '=-*Seh*'
+ # By default, Google Test doesn't catch the exceptions.
+ uncaught_exceptions_ex_binary_output = gtest_test_utils.Subprocess(
+ [EX_EXE_PATH,
+ NO_CATCH_EXCEPTIONS_FLAG,
+ FITLER_OUT_SEH_TESTS_FLAG],
+ env=environ).output
+
+ self.assert_('Unhandled C++ exception terminating the program'
+ in uncaught_exceptions_ex_binary_output)
+ self.assert_('unexpected' not in uncaught_exceptions_ex_binary_output)
+
+
+if __name__ == '__main__':
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-catch-exceptions-test_.cc b/security/nss/gtests/google_test/gtest/test/googletest-catch-exceptions-test_.cc
new file mode 100644
index 000000000..09dae7003
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-catch-exceptions-test_.cc
@@ -0,0 +1,311 @@
+// Copyright 2010, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+//
+// Tests for Google Test itself. Tests in this file throw C++ or SEH
+// exceptions, and the output is verified by
+// googletest-catch-exceptions-test.py.
+
+#include <stdio.h> // NOLINT
+#include <stdlib.h> // For exit().
+
+#include "gtest/gtest.h"
+
+#if GTEST_HAS_SEH
+# include <windows.h>
+#endif
+
+#if GTEST_HAS_EXCEPTIONS
+# include <exception> // For set_terminate().
+# include <stdexcept>
+#endif
+
+using testing::Test;
+
+#if GTEST_HAS_SEH
+
+class SehExceptionInConstructorTest : public Test {
+ public:
+ SehExceptionInConstructorTest() { RaiseException(42, 0, 0, NULL); }
+};
+
+TEST_F(SehExceptionInConstructorTest, ThrowsExceptionInConstructor) {}
+
+class SehExceptionInDestructorTest : public Test {
+ public:
+ ~SehExceptionInDestructorTest() { RaiseException(42, 0, 0, NULL); }
+};
+
+TEST_F(SehExceptionInDestructorTest, ThrowsExceptionInDestructor) {}
+
+class SehExceptionInSetUpTestCaseTest : public Test {
+ public:
+ static void SetUpTestCase() { RaiseException(42, 0, 0, NULL); }
+};
+
+TEST_F(SehExceptionInSetUpTestCaseTest, ThrowsExceptionInSetUpTestCase) {}
+
+class SehExceptionInTearDownTestCaseTest : public Test {
+ public:
+ static void TearDownTestCase() { RaiseException(42, 0, 0, NULL); }
+};
+
+TEST_F(SehExceptionInTearDownTestCaseTest, ThrowsExceptionInTearDownTestCase) {}
+
+class SehExceptionInSetUpTest : public Test {
+ protected:
+ virtual void SetUp() { RaiseException(42, 0, 0, NULL); }
+};
+
+TEST_F(SehExceptionInSetUpTest, ThrowsExceptionInSetUp) {}
+
+class SehExceptionInTearDownTest : public Test {
+ protected:
+ virtual void TearDown() { RaiseException(42, 0, 0, NULL); }
+};
+
+TEST_F(SehExceptionInTearDownTest, ThrowsExceptionInTearDown) {}
+
+TEST(SehExceptionTest, ThrowsSehException) {
+ RaiseException(42, 0, 0, NULL);
+}
+
+#endif // GTEST_HAS_SEH
+
+#if GTEST_HAS_EXCEPTIONS
+
+class CxxExceptionInConstructorTest : public Test {
+ public:
+ CxxExceptionInConstructorTest() {
+ // Without this macro VC++ complains about unreachable code at the end of
+ // the constructor.
+ GTEST_SUPPRESS_UNREACHABLE_CODE_WARNING_BELOW_(
+ throw std::runtime_error("Standard C++ exception"));
+ }
+
+ static void TearDownTestCase() {
+ printf("%s",
+ "CxxExceptionInConstructorTest::TearDownTestCase() "
+ "called as expected.\n");
+ }
+
+ protected:
+ ~CxxExceptionInConstructorTest() {
+ ADD_FAILURE() << "CxxExceptionInConstructorTest destructor "
+ << "called unexpectedly.";
+ }
+
+ virtual void SetUp() {
+ ADD_FAILURE() << "CxxExceptionInConstructorTest::SetUp() "
+ << "called unexpectedly.";
+ }
+
+ virtual void TearDown() {
+ ADD_FAILURE() << "CxxExceptionInConstructorTest::TearDown() "
+ << "called unexpectedly.";
+ }
+};
+
+TEST_F(CxxExceptionInConstructorTest, ThrowsExceptionInConstructor) {
+ ADD_FAILURE() << "CxxExceptionInConstructorTest test body "
+ << "called unexpectedly.";
+}
+
+// Exceptions in destructors are not supported in C++11.
+#if !GTEST_LANG_CXX11
+class CxxExceptionInDestructorTest : public Test {
+ public:
+ static void TearDownTestCase() {
+ printf("%s",
+ "CxxExceptionInDestructorTest::TearDownTestCase() "
+ "called as expected.\n");
+ }
+
+ protected:
+ ~CxxExceptionInDestructorTest() {
+ GTEST_SUPPRESS_UNREACHABLE_CODE_WARNING_BELOW_(
+ throw std::runtime_error("Standard C++ exception"));
+ }
+};
+
+TEST_F(CxxExceptionInDestructorTest, ThrowsExceptionInDestructor) {}
+#endif // C++11 mode
+
+class CxxExceptionInSetUpTestCaseTest : public Test {
+ public:
+ CxxExceptionInSetUpTestCaseTest() {
+ printf("%s",
+ "CxxExceptionInSetUpTestCaseTest constructor "
+ "called as expected.\n");
+ }
+
+ static void SetUpTestCase() {
+ throw std::runtime_error("Standard C++ exception");
+ }
+
+ static void TearDownTestCase() {
+ printf("%s",
+ "CxxExceptionInSetUpTestCaseTest::TearDownTestCase() "
+ "called as expected.\n");
+ }
+
+ protected:
+ ~CxxExceptionInSetUpTestCaseTest() {
+ printf("%s",
+ "CxxExceptionInSetUpTestCaseTest destructor "
+ "called as expected.\n");
+ }
+
+ virtual void SetUp() {
+ printf("%s",
+ "CxxExceptionInSetUpTestCaseTest::SetUp() "
+ "called as expected.\n");
+ }
+
+ virtual void TearDown() {
+ printf("%s",
+ "CxxExceptionInSetUpTestCaseTest::TearDown() "
+ "called as expected.\n");
+ }
+};
+
+TEST_F(CxxExceptionInSetUpTestCaseTest, ThrowsExceptionInSetUpTestCase) {
+ printf("%s",
+ "CxxExceptionInSetUpTestCaseTest test body "
+ "called as expected.\n");
+}
+
+class CxxExceptionInTearDownTestCaseTest : public Test {
+ public:
+ static void TearDownTestCase() {
+ throw std::runtime_error("Standard C++ exception");
+ }
+};
+
+TEST_F(CxxExceptionInTearDownTestCaseTest, ThrowsExceptionInTearDownTestCase) {}
+
+class CxxExceptionInSetUpTest : public Test {
+ public:
+ static void TearDownTestCase() {
+ printf("%s",
+ "CxxExceptionInSetUpTest::TearDownTestCase() "
+ "called as expected.\n");
+ }
+
+ protected:
+ ~CxxExceptionInSetUpTest() {
+ printf("%s",
+ "CxxExceptionInSetUpTest destructor "
+ "called as expected.\n");
+ }
+
+ virtual void SetUp() { throw std::runtime_error("Standard C++ exception"); }
+
+ virtual void TearDown() {
+ printf("%s",
+ "CxxExceptionInSetUpTest::TearDown() "
+ "called as expected.\n");
+ }
+};
+
+TEST_F(CxxExceptionInSetUpTest, ThrowsExceptionInSetUp) {
+ ADD_FAILURE() << "CxxExceptionInSetUpTest test body "
+ << "called unexpectedly.";
+}
+
+class CxxExceptionInTearDownTest : public Test {
+ public:
+ static void TearDownTestCase() {
+ printf("%s",
+ "CxxExceptionInTearDownTest::TearDownTestCase() "
+ "called as expected.\n");
+ }
+
+ protected:
+ ~CxxExceptionInTearDownTest() {
+ printf("%s",
+ "CxxExceptionInTearDownTest destructor "
+ "called as expected.\n");
+ }
+
+ virtual void TearDown() {
+ throw std::runtime_error("Standard C++ exception");
+ }
+};
+
+TEST_F(CxxExceptionInTearDownTest, ThrowsExceptionInTearDown) {}
+
+class CxxExceptionInTestBodyTest : public Test {
+ public:
+ static void TearDownTestCase() {
+ printf("%s",
+ "CxxExceptionInTestBodyTest::TearDownTestCase() "
+ "called as expected.\n");
+ }
+
+ protected:
+ ~CxxExceptionInTestBodyTest() {
+ printf("%s",
+ "CxxExceptionInTestBodyTest destructor "
+ "called as expected.\n");
+ }
+
+ virtual void TearDown() {
+ printf("%s",
+ "CxxExceptionInTestBodyTest::TearDown() "
+ "called as expected.\n");
+ }
+};
+
+TEST_F(CxxExceptionInTestBodyTest, ThrowsStdCxxException) {
+ throw std::runtime_error("Standard C++ exception");
+}
+
+TEST(CxxExceptionTest, ThrowsNonStdCxxException) {
+ throw "C-string";
+}
+
+// This terminate handler aborts the program using exit() rather than abort().
+// This avoids showing pop-ups on Windows systems and core dumps on Unix-like
+// ones.
+void TerminateHandler() {
+ fprintf(stderr, "%s\n", "Unhandled C++ exception terminating the program.");
+ fflush(NULL);
+ exit(3);
+}
+
+#endif // GTEST_HAS_EXCEPTIONS
+
+int main(int argc, char** argv) {
+#if GTEST_HAS_EXCEPTIONS
+ std::set_terminate(&TerminateHandler);
+#endif
+ testing::InitGoogleTest(&argc, argv);
+ return RUN_ALL_TESTS();
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-color-test.py b/security/nss/gtests/google_test/gtest/test/googletest-color-test.py
new file mode 100644
index 000000000..f3b7c9990
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-color-test.py
@@ -0,0 +1,127 @@
+#!/usr/bin/env python
+#
+# Copyright 2008, Google Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Verifies that Google Test correctly determines whether to use colors."""
+
+import os
+import gtest_test_utils
+
+IS_WINDOWS = os.name == 'nt'
+
+COLOR_ENV_VAR = 'GTEST_COLOR'
+COLOR_FLAG = 'gtest_color'
+COMMAND = gtest_test_utils.GetTestExecutablePath('googletest-color-test_')
+
+
+def SetEnvVar(env_var, value):
+ """Sets the env variable to 'value'; unsets it when 'value' is None."""
+
+ if value is not None:
+ os.environ[env_var] = value
+ elif env_var in os.environ:
+ del os.environ[env_var]
+
+
+def UsesColor(term, color_env_var, color_flag):
+ """Runs googletest-color-test_ and returns its exit code."""
+
+ SetEnvVar('TERM', term)
+ SetEnvVar(COLOR_ENV_VAR, color_env_var)
+
+ if color_flag is None:
+ args = []
+ else:
+ args = ['--%s=%s' % (COLOR_FLAG, color_flag)]
+ p = gtest_test_utils.Subprocess([COMMAND] + args)
+ return not p.exited or p.exit_code
+
+
+class GTestColorTest(gtest_test_utils.TestCase):
+ def testNoEnvVarNoFlag(self):
+ """Tests the case when there's neither GTEST_COLOR nor --gtest_color."""
+
+ if not IS_WINDOWS:
+ self.assert_(not UsesColor('dumb', None, None))
+ self.assert_(not UsesColor('emacs', None, None))
+ self.assert_(not UsesColor('xterm-mono', None, None))
+ self.assert_(not UsesColor('unknown', None, None))
+ self.assert_(not UsesColor(None, None, None))
+ self.assert_(UsesColor('linux', None, None))
+ self.assert_(UsesColor('cygwin', None, None))
+ self.assert_(UsesColor('xterm', None, None))
+ self.assert_(UsesColor('xterm-color', None, None))
+ self.assert_(UsesColor('xterm-256color', None, None))
+
+ def testFlagOnly(self):
+ """Tests the case when there's --gtest_color but not GTEST_COLOR."""
+
+ self.assert_(not UsesColor('dumb', None, 'no'))
+ self.assert_(not UsesColor('xterm-color', None, 'no'))
+ if not IS_WINDOWS:
+ self.assert_(not UsesColor('emacs', None, 'auto'))
+ self.assert_(UsesColor('xterm', None, 'auto'))
+ self.assert_(UsesColor('dumb', None, 'yes'))
+ self.assert_(UsesColor('xterm', None, 'yes'))
+
+ def testEnvVarOnly(self):
+ """Tests the case when there's GTEST_COLOR but not --gtest_color."""
+
+ self.assert_(not UsesColor('dumb', 'no', None))
+ self.assert_(not UsesColor('xterm-color', 'no', None))
+ if not IS_WINDOWS:
+ self.assert_(not UsesColor('dumb', 'auto', None))
+ self.assert_(UsesColor('xterm-color', 'auto', None))
+ self.assert_(UsesColor('dumb', 'yes', None))
+ self.assert_(UsesColor('xterm-color', 'yes', None))
+
+ def testEnvVarAndFlag(self):
+ """Tests the case when there are both GTEST_COLOR and --gtest_color."""
+
+ self.assert_(not UsesColor('xterm-color', 'no', 'no'))
+ self.assert_(UsesColor('dumb', 'no', 'yes'))
+ self.assert_(UsesColor('xterm-color', 'no', 'auto'))
+
+ def testAliasesOfYesAndNo(self):
+ """Tests using aliases in specifying --gtest_color."""
+
+ self.assert_(UsesColor('dumb', None, 'true'))
+ self.assert_(UsesColor('dumb', None, 'YES'))
+ self.assert_(UsesColor('dumb', None, 'T'))
+ self.assert_(UsesColor('dumb', None, '1'))
+
+ self.assert_(not UsesColor('xterm', None, 'f'))
+ self.assert_(not UsesColor('xterm', None, 'false'))
+ self.assert_(not UsesColor('xterm', None, '0'))
+ self.assert_(not UsesColor('xterm', None, 'unknown'))
+
+
+if __name__ == '__main__':
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-color-test_.cc b/security/nss/gtests/google_test/gtest/test/googletest-color-test_.cc
new file mode 100644
index 000000000..220a3a005
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-color-test_.cc
@@ -0,0 +1,62 @@
+// Copyright 2008, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+// A helper program for testing how Google Test determines whether to use
+// colors in the output. It prints "YES" and returns 1 if Google Test
+// decides to use colors, and prints "NO" and returns 0 otherwise.
+
+#include <stdio.h>
+
+#include "gtest/gtest.h"
+#include "src/gtest-internal-inl.h"
+
+using testing::internal::ShouldUseColor;
+
+// The purpose of this is to ensure that the UnitTest singleton is
+// created before main() is entered, and thus that ShouldUseColor()
+// works the same way as in a real Google-Test-based test. We don't actual
+// run the TEST itself.
+TEST(GTestColorTest, Dummy) {
+}
+
+int main(int argc, char** argv) {
+ testing::InitGoogleTest(&argc, argv);
+
+ if (ShouldUseColor(true)) {
+ // Google Test decides to use colors in the output (assuming it
+ // goes to a TTY).
+ printf("YES\n");
+ return 1;
+ } else {
+ // Google Test decides not to use colors in the output.
+ printf("NO\n");
+ return 0;
+ }
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-death-test-test.cc b/security/nss/gtests/google_test/gtest/test/googletest-death-test-test.cc
new file mode 100644
index 000000000..c0c3026fb
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-death-test-test.cc
@@ -0,0 +1,1423 @@
+// Copyright 2005, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+//
+// Tests for death tests.
+
+#include "gtest/gtest-death-test.h"
+#include "gtest/gtest.h"
+#include "gtest/internal/gtest-filepath.h"
+
+using testing::internal::AlwaysFalse;
+using testing::internal::AlwaysTrue;
+
+#if GTEST_HAS_DEATH_TEST
+
+# if GTEST_OS_WINDOWS
+# include <direct.h> // For chdir().
+# else
+# include <unistd.h>
+# include <sys/wait.h> // For waitpid.
+# endif // GTEST_OS_WINDOWS
+
+# include <limits.h>
+# include <signal.h>
+# include <stdio.h>
+
+# if GTEST_OS_LINUX
+# include <sys/time.h>
+# endif // GTEST_OS_LINUX
+
+# include "gtest/gtest-spi.h"
+# include "src/gtest-internal-inl.h"
+
+namespace posix = ::testing::internal::posix;
+
+using testing::Message;
+using testing::internal::DeathTest;
+using testing::internal::DeathTestFactory;
+using testing::internal::FilePath;
+using testing::internal::GetLastErrnoDescription;
+using testing::internal::GetUnitTestImpl;
+using testing::internal::InDeathTestChild;
+using testing::internal::ParseNaturalNumber;
+
+namespace testing {
+namespace internal {
+
+// A helper class whose objects replace the death test factory for a
+// single UnitTest object during their lifetimes.
+class ReplaceDeathTestFactory {
+ public:
+ explicit ReplaceDeathTestFactory(DeathTestFactory* new_factory)
+ : unit_test_impl_(GetUnitTestImpl()) {
+ old_factory_ = unit_test_impl_->death_test_factory_.release();
+ unit_test_impl_->death_test_factory_.reset(new_factory);
+ }
+
+ ~ReplaceDeathTestFactory() {
+ unit_test_impl_->death_test_factory_.release();
+ unit_test_impl_->death_test_factory_.reset(old_factory_);
+ }
+ private:
+ // Prevents copying ReplaceDeathTestFactory objects.
+ ReplaceDeathTestFactory(const ReplaceDeathTestFactory&);
+ void operator=(const ReplaceDeathTestFactory&);
+
+ UnitTestImpl* unit_test_impl_;
+ DeathTestFactory* old_factory_;
+};
+
+} // namespace internal
+} // namespace testing
+
+void DieWithMessage(const ::std::string& message) {
+ fprintf(stderr, "%s", message.c_str());
+ fflush(stderr); // Make sure the text is printed before the process exits.
+
+ // We call _exit() instead of exit(), as the former is a direct
+ // system call and thus safer in the presence of threads. exit()
+ // will invoke user-defined exit-hooks, which may do dangerous
+ // things that conflict with death tests.
+ //
+ // Some compilers can recognize that _exit() never returns and issue the
+ // 'unreachable code' warning for code following this function, unless
+ // fooled by a fake condition.
+ if (AlwaysTrue())
+ _exit(1);
+}
+
+void DieInside(const ::std::string& function) {
+ DieWithMessage("death inside " + function + "().");
+}
+
+// Tests that death tests work.
+
+class TestForDeathTest : public testing::Test {
+ protected:
+ TestForDeathTest() : original_dir_(FilePath::GetCurrentDir()) {}
+
+ virtual ~TestForDeathTest() {
+ posix::ChDir(original_dir_.c_str());
+ }
+
+ // A static member function that's expected to die.
+ static void StaticMemberFunction() { DieInside("StaticMemberFunction"); }
+
+ // A method of the test fixture that may die.
+ void MemberFunction() {
+ if (should_die_)
+ DieInside("MemberFunction");
+ }
+
+ // True iff MemberFunction() should die.
+ bool should_die_;
+ const FilePath original_dir_;
+};
+
+// A class with a member function that may die.
+class MayDie {
+ public:
+ explicit MayDie(bool should_die) : should_die_(should_die) {}
+
+ // A member function that may die.
+ void MemberFunction() const {
+ if (should_die_)
+ DieInside("MayDie::MemberFunction");
+ }
+
+ private:
+ // True iff MemberFunction() should die.
+ bool should_die_;
+};
+
+// A global function that's expected to die.
+void GlobalFunction() { DieInside("GlobalFunction"); }
+
+// A non-void function that's expected to die.
+int NonVoidFunction() {
+ DieInside("NonVoidFunction");
+ return 1;
+}
+
+// A unary function that may die.
+void DieIf(bool should_die) {
+ if (should_die)
+ DieInside("DieIf");
+}
+
+// A binary function that may die.
+bool DieIfLessThan(int x, int y) {
+ if (x < y) {
+ DieInside("DieIfLessThan");
+ }
+ return true;
+}
+
+// Tests that ASSERT_DEATH can be used outside a TEST, TEST_F, or test fixture.
+void DeathTestSubroutine() {
+ EXPECT_DEATH(GlobalFunction(), "death.*GlobalFunction");
+ ASSERT_DEATH(GlobalFunction(), "death.*GlobalFunction");
+}
+
+// Death in dbg, not opt.
+int DieInDebugElse12(int* sideeffect) {
+ if (sideeffect) *sideeffect = 12;
+
+# ifndef NDEBUG
+
+ DieInside("DieInDebugElse12");
+
+# endif // NDEBUG
+
+ return 12;
+}
+
+# if GTEST_OS_WINDOWS || GTEST_OS_FUCHSIA
+
+// Tests the ExitedWithCode predicate.
+TEST(ExitStatusPredicateTest, ExitedWithCode) {
+ // On Windows, the process's exit code is the same as its exit status,
+ // so the predicate just compares the its input with its parameter.
+ EXPECT_TRUE(testing::ExitedWithCode(0)(0));
+ EXPECT_TRUE(testing::ExitedWithCode(1)(1));
+ EXPECT_TRUE(testing::ExitedWithCode(42)(42));
+ EXPECT_FALSE(testing::ExitedWithCode(0)(1));
+ EXPECT_FALSE(testing::ExitedWithCode(1)(0));
+}
+
+# else
+
+// Returns the exit status of a process that calls _exit(2) with a
+// given exit code. This is a helper function for the
+// ExitStatusPredicateTest test suite.
+static int NormalExitStatus(int exit_code) {
+ pid_t child_pid = fork();
+ if (child_pid == 0) {
+ _exit(exit_code);
+ }
+ int status;
+ waitpid(child_pid, &status, 0);
+ return status;
+}
+
+// Returns the exit status of a process that raises a given signal.
+// If the signal does not cause the process to die, then it returns
+// instead the exit status of a process that exits normally with exit
+// code 1. This is a helper function for the ExitStatusPredicateTest
+// test suite.
+static int KilledExitStatus(int signum) {
+ pid_t child_pid = fork();
+ if (child_pid == 0) {
+ raise(signum);
+ _exit(1);
+ }
+ int status;
+ waitpid(child_pid, &status, 0);
+ return status;
+}
+
+// Tests the ExitedWithCode predicate.
+TEST(ExitStatusPredicateTest, ExitedWithCode) {
+ const int status0 = NormalExitStatus(0);
+ const int status1 = NormalExitStatus(1);
+ const int status42 = NormalExitStatus(42);
+ const testing::ExitedWithCode pred0(0);
+ const testing::ExitedWithCode pred1(1);
+ const testing::ExitedWithCode pred42(42);
+ EXPECT_PRED1(pred0, status0);
+ EXPECT_PRED1(pred1, status1);
+ EXPECT_PRED1(pred42, status42);
+ EXPECT_FALSE(pred0(status1));
+ EXPECT_FALSE(pred42(status0));
+ EXPECT_FALSE(pred1(status42));
+}
+
+// Tests the KilledBySignal predicate.
+TEST(ExitStatusPredicateTest, KilledBySignal) {
+ const int status_segv = KilledExitStatus(SIGSEGV);
+ const int status_kill = KilledExitStatus(SIGKILL);
+ const testing::KilledBySignal pred_segv(SIGSEGV);
+ const testing::KilledBySignal pred_kill(SIGKILL);
+ EXPECT_PRED1(pred_segv, status_segv);
+ EXPECT_PRED1(pred_kill, status_kill);
+ EXPECT_FALSE(pred_segv(status_kill));
+ EXPECT_FALSE(pred_kill(status_segv));
+}
+
+# endif // GTEST_OS_WINDOWS || GTEST_OS_FUCHSIA
+
+// Tests that the death test macros expand to code which may or may not
+// be followed by operator<<, and that in either case the complete text
+// comprises only a single C++ statement.
+TEST_F(TestForDeathTest, SingleStatement) {
+ if (AlwaysFalse())
+ // This would fail if executed; this is a compilation test only
+ ASSERT_DEATH(return, "");
+
+ if (AlwaysTrue())
+ EXPECT_DEATH(_exit(1), "");
+ else
+ // This empty "else" branch is meant to ensure that EXPECT_DEATH
+ // doesn't expand into an "if" statement without an "else"
+ ;
+
+ if (AlwaysFalse())
+ ASSERT_DEATH(return, "") << "did not die";
+
+ if (AlwaysFalse())
+ ;
+ else
+ EXPECT_DEATH(_exit(1), "") << 1 << 2 << 3;
+}
+
+void DieWithEmbeddedNul() {
+ fprintf(stderr, "Hello%cmy null world.\n", '\0');
+ fflush(stderr);
+ _exit(1);
+}
+
+# if GTEST_USES_PCRE
+
+// Tests that EXPECT_DEATH and ASSERT_DEATH work when the error
+// message has a NUL character in it.
+TEST_F(TestForDeathTest, EmbeddedNulInMessage) {
+ EXPECT_DEATH(DieWithEmbeddedNul(), "my null world");
+ ASSERT_DEATH(DieWithEmbeddedNul(), "my null world");
+}
+
+# endif // GTEST_USES_PCRE
+
+// Tests that death test macros expand to code which interacts well with switch
+// statements.
+TEST_F(TestForDeathTest, SwitchStatement) {
+ // Microsoft compiler usually complains about switch statements without
+ // case labels. We suppress that warning for this test.
+ GTEST_DISABLE_MSC_WARNINGS_PUSH_(4065)
+
+ switch (0)
+ default:
+ ASSERT_DEATH(_exit(1), "") << "exit in default switch handler";
+
+ switch (0)
+ case 0:
+ EXPECT_DEATH(_exit(1), "") << "exit in switch case";
+
+ GTEST_DISABLE_MSC_WARNINGS_POP_()
+}
+
+// Tests that a static member function can be used in a "fast" style
+// death test.
+TEST_F(TestForDeathTest, StaticMemberFunctionFastStyle) {
+ testing::GTEST_FLAG(death_test_style) = "fast";
+ ASSERT_DEATH(StaticMemberFunction(), "death.*StaticMember");
+}
+
+// Tests that a method of the test fixture can be used in a "fast"
+// style death test.
+TEST_F(TestForDeathTest, MemberFunctionFastStyle) {
+ testing::GTEST_FLAG(death_test_style) = "fast";
+ should_die_ = true;
+ EXPECT_DEATH(MemberFunction(), "inside.*MemberFunction");
+}
+
+void ChangeToRootDir() { posix::ChDir(GTEST_PATH_SEP_); }
+
+// Tests that death tests work even if the current directory has been
+// changed.
+TEST_F(TestForDeathTest, FastDeathTestInChangedDir) {
+ testing::GTEST_FLAG(death_test_style) = "fast";
+
+ ChangeToRootDir();
+ EXPECT_EXIT(_exit(1), testing::ExitedWithCode(1), "");
+
+ ChangeToRootDir();
+ ASSERT_DEATH(_exit(1), "");
+}
+
+# if GTEST_OS_LINUX
+void SigprofAction(int, siginfo_t*, void*) { /* no op */ }
+
+// Sets SIGPROF action and ITIMER_PROF timer (interval: 1ms).
+void SetSigprofActionAndTimer() {
+ struct itimerval timer;
+ timer.it_interval.tv_sec = 0;
+ timer.it_interval.tv_usec = 1;
+ timer.it_value = timer.it_interval;
+ ASSERT_EQ(0, setitimer(ITIMER_PROF, &timer, NULL));
+ struct sigaction signal_action;
+ memset(&signal_action, 0, sizeof(signal_action));
+ sigemptyset(&signal_action.sa_mask);
+ signal_action.sa_sigaction = SigprofAction;
+ signal_action.sa_flags = SA_RESTART | SA_SIGINFO;
+ ASSERT_EQ(0, sigaction(SIGPROF, &signal_action, NULL));
+}
+
+// Disables ITIMER_PROF timer and ignores SIGPROF signal.
+void DisableSigprofActionAndTimer(struct sigaction* old_signal_action) {
+ struct itimerval timer;
+ timer.it_interval.tv_sec = 0;
+ timer.it_interval.tv_usec = 0;
+ timer.it_value = timer.it_interval;
+ ASSERT_EQ(0, setitimer(ITIMER_PROF, &timer, NULL));
+ struct sigaction signal_action;
+ memset(&signal_action, 0, sizeof(signal_action));
+ sigemptyset(&signal_action.sa_mask);
+ signal_action.sa_handler = SIG_IGN;
+ ASSERT_EQ(0, sigaction(SIGPROF, &signal_action, old_signal_action));
+}
+
+// Tests that death tests work when SIGPROF handler and timer are set.
+TEST_F(TestForDeathTest, FastSigprofActionSet) {
+ testing::GTEST_FLAG(death_test_style) = "fast";
+ SetSigprofActionAndTimer();
+ EXPECT_DEATH(_exit(1), "");
+ struct sigaction old_signal_action;
+ DisableSigprofActionAndTimer(&old_signal_action);
+ EXPECT_TRUE(old_signal_action.sa_sigaction == SigprofAction);
+}
+
+TEST_F(TestForDeathTest, ThreadSafeSigprofActionSet) {
+ testing::GTEST_FLAG(death_test_style) = "threadsafe";
+ SetSigprofActionAndTimer();
+ EXPECT_DEATH(_exit(1), "");
+ struct sigaction old_signal_action;
+ DisableSigprofActionAndTimer(&old_signal_action);
+ EXPECT_TRUE(old_signal_action.sa_sigaction == SigprofAction);
+}
+# endif // GTEST_OS_LINUX
+
+// Repeats a representative sample of death tests in the "threadsafe" style:
+
+TEST_F(TestForDeathTest, StaticMemberFunctionThreadsafeStyle) {
+ testing::GTEST_FLAG(death_test_style) = "threadsafe";
+ ASSERT_DEATH(StaticMemberFunction(), "death.*StaticMember");
+}
+
+TEST_F(TestForDeathTest, MemberFunctionThreadsafeStyle) {
+ testing::GTEST_FLAG(death_test_style) = "threadsafe";
+ should_die_ = true;
+ EXPECT_DEATH(MemberFunction(), "inside.*MemberFunction");
+}
+
+TEST_F(TestForDeathTest, ThreadsafeDeathTestInLoop) {
+ testing::GTEST_FLAG(death_test_style) = "threadsafe";
+
+ for (int i = 0; i < 3; ++i)
+ EXPECT_EXIT(_exit(i), testing::ExitedWithCode(i), "") << ": i = " << i;
+}
+
+TEST_F(TestForDeathTest, ThreadsafeDeathTestInChangedDir) {
+ testing::GTEST_FLAG(death_test_style) = "threadsafe";
+
+ ChangeToRootDir();
+ EXPECT_EXIT(_exit(1), testing::ExitedWithCode(1), "");
+
+ ChangeToRootDir();
+ ASSERT_DEATH(_exit(1), "");
+}
+
+TEST_F(TestForDeathTest, MixedStyles) {
+ testing::GTEST_FLAG(death_test_style) = "threadsafe";
+ EXPECT_DEATH(_exit(1), "");
+ testing::GTEST_FLAG(death_test_style) = "fast";
+ EXPECT_DEATH(_exit(1), "");
+}
+
+# if GTEST_HAS_CLONE && GTEST_HAS_PTHREAD
+
+namespace {
+
+bool pthread_flag;
+
+void SetPthreadFlag() {
+ pthread_flag = true;
+}
+
+} // namespace
+
+TEST_F(TestForDeathTest, DoesNotExecuteAtforkHooks) {
+ if (!testing::GTEST_FLAG(death_test_use_fork)) {
+ testing::GTEST_FLAG(death_test_style) = "threadsafe";
+ pthread_flag = false;
+ ASSERT_EQ(0, pthread_atfork(&SetPthreadFlag, NULL, NULL));
+ ASSERT_DEATH(_exit(1), "");
+ ASSERT_FALSE(pthread_flag);
+ }
+}
+
+# endif // GTEST_HAS_CLONE && GTEST_HAS_PTHREAD
+
+// Tests that a method of another class can be used in a death test.
+TEST_F(TestForDeathTest, MethodOfAnotherClass) {
+ const MayDie x(true);
+ ASSERT_DEATH(x.MemberFunction(), "MayDie\\:\\:MemberFunction");
+}
+
+// Tests that a global function can be used in a death test.
+TEST_F(TestForDeathTest, GlobalFunction) {
+ EXPECT_DEATH(GlobalFunction(), "GlobalFunction");
+}
+
+// Tests that any value convertible to an RE works as a second
+// argument to EXPECT_DEATH.
+TEST_F(TestForDeathTest, AcceptsAnythingConvertibleToRE) {
+ static const char regex_c_str[] = "GlobalFunction";
+ EXPECT_DEATH(GlobalFunction(), regex_c_str);
+
+ const testing::internal::RE regex(regex_c_str);
+ EXPECT_DEATH(GlobalFunction(), regex);
+
+# if GTEST_HAS_GLOBAL_STRING
+
+ const ::string regex_str(regex_c_str);
+ EXPECT_DEATH(GlobalFunction(), regex_str);
+
+# endif // GTEST_HAS_GLOBAL_STRING
+
+# if !GTEST_USES_PCRE
+
+ const ::std::string regex_std_str(regex_c_str);
+ EXPECT_DEATH(GlobalFunction(), regex_std_str);
+
+# endif // !GTEST_USES_PCRE
+}
+
+// Tests that a non-void function can be used in a death test.
+TEST_F(TestForDeathTest, NonVoidFunction) {
+ ASSERT_DEATH(NonVoidFunction(), "NonVoidFunction");
+}
+
+// Tests that functions that take parameter(s) can be used in a death test.
+TEST_F(TestForDeathTest, FunctionWithParameter) {
+ EXPECT_DEATH(DieIf(true), "DieIf\\(\\)");
+ EXPECT_DEATH(DieIfLessThan(2, 3), "DieIfLessThan");
+}
+
+// Tests that ASSERT_DEATH can be used outside a TEST, TEST_F, or test fixture.
+TEST_F(TestForDeathTest, OutsideFixture) {
+ DeathTestSubroutine();
+}
+
+// Tests that death tests can be done inside a loop.
+TEST_F(TestForDeathTest, InsideLoop) {
+ for (int i = 0; i < 5; i++) {
+ EXPECT_DEATH(DieIfLessThan(-1, i), "DieIfLessThan") << "where i == " << i;
+ }
+}
+
+// Tests that a compound statement can be used in a death test.
+TEST_F(TestForDeathTest, CompoundStatement) {
+ EXPECT_DEATH({ // NOLINT
+ const int x = 2;
+ const int y = x + 1;
+ DieIfLessThan(x, y);
+ },
+ "DieIfLessThan");
+}
+
+// Tests that code that doesn't die causes a death test to fail.
+TEST_F(TestForDeathTest, DoesNotDie) {
+ EXPECT_NONFATAL_FAILURE(EXPECT_DEATH(DieIf(false), "DieIf"),
+ "failed to die");
+}
+
+// Tests that a death test fails when the error message isn't expected.
+TEST_F(TestForDeathTest, ErrorMessageMismatch) {
+ EXPECT_NONFATAL_FAILURE({ // NOLINT
+ EXPECT_DEATH(DieIf(true), "DieIfLessThan") << "End of death test message.";
+ }, "died but not with expected error");
+}
+
+// On exit, *aborted will be true iff the EXPECT_DEATH() statement
+// aborted the function.
+void ExpectDeathTestHelper(bool* aborted) {
+ *aborted = true;
+ EXPECT_DEATH(DieIf(false), "DieIf"); // This assertion should fail.
+ *aborted = false;
+}
+
+// Tests that EXPECT_DEATH doesn't abort the test on failure.
+TEST_F(TestForDeathTest, EXPECT_DEATH) {
+ bool aborted = true;
+ EXPECT_NONFATAL_FAILURE(ExpectDeathTestHelper(&aborted),
+ "failed to die");
+ EXPECT_FALSE(aborted);
+}
+
+// Tests that ASSERT_DEATH does abort the test on failure.
+TEST_F(TestForDeathTest, ASSERT_DEATH) {
+ static bool aborted;
+ EXPECT_FATAL_FAILURE({ // NOLINT
+ aborted = true;
+ ASSERT_DEATH(DieIf(false), "DieIf"); // This assertion should fail.
+ aborted = false;
+ }, "failed to die");
+ EXPECT_TRUE(aborted);
+}
+
+// Tests that EXPECT_DEATH evaluates the arguments exactly once.
+TEST_F(TestForDeathTest, SingleEvaluation) {
+ int x = 3;
+ EXPECT_DEATH(DieIf((++x) == 4), "DieIf");
+
+ const char* regex = "DieIf";
+ const char* regex_save = regex;
+ EXPECT_DEATH(DieIfLessThan(3, 4), regex++);
+ EXPECT_EQ(regex_save + 1, regex);
+}
+
+// Tests that run-away death tests are reported as failures.
+TEST_F(TestForDeathTest, RunawayIsFailure) {
+ EXPECT_NONFATAL_FAILURE(EXPECT_DEATH(static_cast<void>(0), "Foo"),
+ "failed to die.");
+}
+
+// Tests that death tests report executing 'return' in the statement as
+// failure.
+TEST_F(TestForDeathTest, ReturnIsFailure) {
+ EXPECT_FATAL_FAILURE(ASSERT_DEATH(return, "Bar"),
+ "illegal return in test statement.");
+}
+
+// Tests that EXPECT_DEBUG_DEATH works as expected, that is, you can stream a
+// message to it, and in debug mode it:
+// 1. Asserts on death.
+// 2. Has no side effect.
+//
+// And in opt mode, it:
+// 1. Has side effects but does not assert.
+TEST_F(TestForDeathTest, TestExpectDebugDeath) {
+ int sideeffect = 0;
+
+ // Put the regex in a local variable to make sure we don't get an "unused"
+ // warning in opt mode.
+ const char* regex = "death.*DieInDebugElse12";
+
+ EXPECT_DEBUG_DEATH(DieInDebugElse12(&sideeffect), regex)
+ << "Must accept a streamed message";
+
+# ifdef NDEBUG
+
+ // Checks that the assignment occurs in opt mode (sideeffect).
+ EXPECT_EQ(12, sideeffect);
+
+# else
+
+ // Checks that the assignment does not occur in dbg mode (no sideeffect).
+ EXPECT_EQ(0, sideeffect);
+
+# endif
+}
+
+// Tests that ASSERT_DEBUG_DEATH works as expected, that is, you can stream a
+// message to it, and in debug mode it:
+// 1. Asserts on death.
+// 2. Has no side effect.
+//
+// And in opt mode, it:
+// 1. Has side effects but does not assert.
+TEST_F(TestForDeathTest, TestAssertDebugDeath) {
+ int sideeffect = 0;
+
+ ASSERT_DEBUG_DEATH(DieInDebugElse12(&sideeffect), "death.*DieInDebugElse12")
+ << "Must accept a streamed message";
+
+# ifdef NDEBUG
+
+ // Checks that the assignment occurs in opt mode (sideeffect).
+ EXPECT_EQ(12, sideeffect);
+
+# else
+
+ // Checks that the assignment does not occur in dbg mode (no sideeffect).
+ EXPECT_EQ(0, sideeffect);
+
+# endif
+}
+
+# ifndef NDEBUG
+
+void ExpectDebugDeathHelper(bool* aborted) {
+ *aborted = true;
+ EXPECT_DEBUG_DEATH(return, "") << "This is expected to fail.";
+ *aborted = false;
+}
+
+# if GTEST_OS_WINDOWS
+TEST(PopUpDeathTest, DoesNotShowPopUpOnAbort) {
+ printf("This test should be considered failing if it shows "
+ "any pop-up dialogs.\n");
+ fflush(stdout);
+
+ EXPECT_DEATH({
+ testing::GTEST_FLAG(catch_exceptions) = false;
+ abort();
+ }, "");
+}
+# endif // GTEST_OS_WINDOWS
+
+// Tests that EXPECT_DEBUG_DEATH in debug mode does not abort
+// the function.
+TEST_F(TestForDeathTest, ExpectDebugDeathDoesNotAbort) {
+ bool aborted = true;
+ EXPECT_NONFATAL_FAILURE(ExpectDebugDeathHelper(&aborted), "");
+ EXPECT_FALSE(aborted);
+}
+
+void AssertDebugDeathHelper(bool* aborted) {
+ *aborted = true;
+ GTEST_LOG_(INFO) << "Before ASSERT_DEBUG_DEATH";
+ ASSERT_DEBUG_DEATH(GTEST_LOG_(INFO) << "In ASSERT_DEBUG_DEATH"; return, "")
+ << "This is expected to fail.";
+ GTEST_LOG_(INFO) << "After ASSERT_DEBUG_DEATH";
+ *aborted = false;
+}
+
+// Tests that ASSERT_DEBUG_DEATH in debug mode aborts the function on
+// failure.
+TEST_F(TestForDeathTest, AssertDebugDeathAborts) {
+ static bool aborted;
+ aborted = false;
+ EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
+ EXPECT_TRUE(aborted);
+}
+
+TEST_F(TestForDeathTest, AssertDebugDeathAborts2) {
+ static bool aborted;
+ aborted = false;
+ EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
+ EXPECT_TRUE(aborted);
+}
+
+TEST_F(TestForDeathTest, AssertDebugDeathAborts3) {
+ static bool aborted;
+ aborted = false;
+ EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
+ EXPECT_TRUE(aborted);
+}
+
+TEST_F(TestForDeathTest, AssertDebugDeathAborts4) {
+ static bool aborted;
+ aborted = false;
+ EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
+ EXPECT_TRUE(aborted);
+}
+
+TEST_F(TestForDeathTest, AssertDebugDeathAborts5) {
+ static bool aborted;
+ aborted = false;
+ EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
+ EXPECT_TRUE(aborted);
+}
+
+TEST_F(TestForDeathTest, AssertDebugDeathAborts6) {
+ static bool aborted;
+ aborted = false;
+ EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
+ EXPECT_TRUE(aborted);
+}
+
+TEST_F(TestForDeathTest, AssertDebugDeathAborts7) {
+ static bool aborted;
+ aborted = false;
+ EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
+ EXPECT_TRUE(aborted);
+}
+
+TEST_F(TestForDeathTest, AssertDebugDeathAborts8) {
+ static bool aborted;
+ aborted = false;
+ EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
+ EXPECT_TRUE(aborted);
+}
+
+TEST_F(TestForDeathTest, AssertDebugDeathAborts9) {
+ static bool aborted;
+ aborted = false;
+ EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
+ EXPECT_TRUE(aborted);
+}
+
+TEST_F(TestForDeathTest, AssertDebugDeathAborts10) {
+ static bool aborted;
+ aborted = false;
+ EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
+ EXPECT_TRUE(aborted);
+}
+
+# endif // _NDEBUG
+
+// Tests the *_EXIT family of macros, using a variety of predicates.
+static void TestExitMacros() {
+ EXPECT_EXIT(_exit(1), testing::ExitedWithCode(1), "");
+ ASSERT_EXIT(_exit(42), testing::ExitedWithCode(42), "");
+
+# if GTEST_OS_WINDOWS
+
+ // Of all signals effects on the process exit code, only those of SIGABRT
+ // are documented on Windows.
+ // See https://msdn.microsoft.com/en-us/query-bi/m/dwwzkt4c.
+ EXPECT_EXIT(raise(SIGABRT), testing::ExitedWithCode(3), "") << "b_ar";
+
+# elif !GTEST_OS_FUCHSIA
+
+ // Fuchsia has no unix signals.
+ EXPECT_EXIT(raise(SIGKILL), testing::KilledBySignal(SIGKILL), "") << "foo";
+ ASSERT_EXIT(raise(SIGUSR2), testing::KilledBySignal(SIGUSR2), "") << "bar";
+
+ EXPECT_FATAL_FAILURE({ // NOLINT
+ ASSERT_EXIT(_exit(0), testing::KilledBySignal(SIGSEGV), "")
+ << "This failure is expected, too.";
+ }, "This failure is expected, too.");
+
+# endif // GTEST_OS_WINDOWS
+
+ EXPECT_NONFATAL_FAILURE({ // NOLINT
+ EXPECT_EXIT(raise(SIGSEGV), testing::ExitedWithCode(0), "")
+ << "This failure is expected.";
+ }, "This failure is expected.");
+}
+
+TEST_F(TestForDeathTest, ExitMacros) {
+ TestExitMacros();
+}
+
+TEST_F(TestForDeathTest, ExitMacrosUsingFork) {
+ testing::GTEST_FLAG(death_test_use_fork) = true;
+ TestExitMacros();
+}
+
+TEST_F(TestForDeathTest, InvalidStyle) {
+ testing::GTEST_FLAG(death_test_style) = "rococo";
+ EXPECT_NONFATAL_FAILURE({ // NOLINT
+ EXPECT_DEATH(_exit(0), "") << "This failure is expected.";
+ }, "This failure is expected.");
+}
+
+TEST_F(TestForDeathTest, DeathTestFailedOutput) {
+ testing::GTEST_FLAG(death_test_style) = "fast";
+ EXPECT_NONFATAL_FAILURE(
+ EXPECT_DEATH(DieWithMessage("death\n"),
+ "expected message"),
+ "Actual msg:\n"
+ "[ DEATH ] death\n");
+}
+
+TEST_F(TestForDeathTest, DeathTestUnexpectedReturnOutput) {
+ testing::GTEST_FLAG(death_test_style) = "fast";
+ EXPECT_NONFATAL_FAILURE(
+ EXPECT_DEATH({
+ fprintf(stderr, "returning\n");
+ fflush(stderr);
+ return;
+ }, ""),
+ " Result: illegal return in test statement.\n"
+ " Error msg:\n"
+ "[ DEATH ] returning\n");
+}
+
+TEST_F(TestForDeathTest, DeathTestBadExitCodeOutput) {
+ testing::GTEST_FLAG(death_test_style) = "fast";
+ EXPECT_NONFATAL_FAILURE(
+ EXPECT_EXIT(DieWithMessage("exiting with rc 1\n"),
+ testing::ExitedWithCode(3),
+ "expected message"),
+ " Result: died but not with expected exit code:\n"
+ " Exited with exit status 1\n"
+ "Actual msg:\n"
+ "[ DEATH ] exiting with rc 1\n");
+}
+
+TEST_F(TestForDeathTest, DeathTestMultiLineMatchFail) {
+ testing::GTEST_FLAG(death_test_style) = "fast";
+ EXPECT_NONFATAL_FAILURE(
+ EXPECT_DEATH(DieWithMessage("line 1\nline 2\nline 3\n"),
+ "line 1\nxyz\nline 3\n"),
+ "Actual msg:\n"
+ "[ DEATH ] line 1\n"
+ "[ DEATH ] line 2\n"
+ "[ DEATH ] line 3\n");
+}
+
+TEST_F(TestForDeathTest, DeathTestMultiLineMatchPass) {
+ testing::GTEST_FLAG(death_test_style) = "fast";
+ EXPECT_DEATH(DieWithMessage("line 1\nline 2\nline 3\n"),
+ "line 1\nline 2\nline 3\n");
+}
+
+// A DeathTestFactory that returns MockDeathTests.
+class MockDeathTestFactory : public DeathTestFactory {
+ public:
+ MockDeathTestFactory();
+ virtual bool Create(const char* statement,
+ const ::testing::internal::RE* regex,
+ const char* file, int line, DeathTest** test);
+
+ // Sets the parameters for subsequent calls to Create.
+ void SetParameters(bool create, DeathTest::TestRole role,
+ int status, bool passed);
+
+ // Accessors.
+ int AssumeRoleCalls() const { return assume_role_calls_; }
+ int WaitCalls() const { return wait_calls_; }
+ size_t PassedCalls() const { return passed_args_.size(); }
+ bool PassedArgument(int n) const { return passed_args_[n]; }
+ size_t AbortCalls() const { return abort_args_.size(); }
+ DeathTest::AbortReason AbortArgument(int n) const {
+ return abort_args_[n];
+ }
+ bool TestDeleted() const { return test_deleted_; }
+
+ private:
+ friend class MockDeathTest;
+ // If true, Create will return a MockDeathTest; otherwise it returns
+ // NULL.
+ bool create_;
+ // The value a MockDeathTest will return from its AssumeRole method.
+ DeathTest::TestRole role_;
+ // The value a MockDeathTest will return from its Wait method.
+ int status_;
+ // The value a MockDeathTest will return from its Passed method.
+ bool passed_;
+
+ // Number of times AssumeRole was called.
+ int assume_role_calls_;
+ // Number of times Wait was called.
+ int wait_calls_;
+ // The arguments to the calls to Passed since the last call to
+ // SetParameters.
+ std::vector<bool> passed_args_;
+ // The arguments to the calls to Abort since the last call to
+ // SetParameters.
+ std::vector<DeathTest::AbortReason> abort_args_;
+ // True if the last MockDeathTest returned by Create has been
+ // deleted.
+ bool test_deleted_;
+};
+
+
+// A DeathTest implementation useful in testing. It returns values set
+// at its creation from its various inherited DeathTest methods, and
+// reports calls to those methods to its parent MockDeathTestFactory
+// object.
+class MockDeathTest : public DeathTest {
+ public:
+ MockDeathTest(MockDeathTestFactory *parent,
+ TestRole role, int status, bool passed) :
+ parent_(parent), role_(role), status_(status), passed_(passed) {
+ }
+ virtual ~MockDeathTest() {
+ parent_->test_deleted_ = true;
+ }
+ virtual TestRole AssumeRole() {
+ ++parent_->assume_role_calls_;
+ return role_;
+ }
+ virtual int Wait() {
+ ++parent_->wait_calls_;
+ return status_;
+ }
+ virtual bool Passed(bool exit_status_ok) {
+ parent_->passed_args_.push_back(exit_status_ok);
+ return passed_;
+ }
+ virtual void Abort(AbortReason reason) {
+ parent_->abort_args_.push_back(reason);
+ }
+
+ private:
+ MockDeathTestFactory* const parent_;
+ const TestRole role_;
+ const int status_;
+ const bool passed_;
+};
+
+
+// MockDeathTestFactory constructor.
+MockDeathTestFactory::MockDeathTestFactory()
+ : create_(true),
+ role_(DeathTest::OVERSEE_TEST),
+ status_(0),
+ passed_(true),
+ assume_role_calls_(0),
+ wait_calls_(0),
+ passed_args_(),
+ abort_args_() {
+}
+
+
+// Sets the parameters for subsequent calls to Create.
+void MockDeathTestFactory::SetParameters(bool create,
+ DeathTest::TestRole role,
+ int status, bool passed) {
+ create_ = create;
+ role_ = role;
+ status_ = status;
+ passed_ = passed;
+
+ assume_role_calls_ = 0;
+ wait_calls_ = 0;
+ passed_args_.clear();
+ abort_args_.clear();
+}
+
+
+// Sets test to NULL (if create_ is false) or to the address of a new
+// MockDeathTest object with parameters taken from the last call
+// to SetParameters (if create_ is true). Always returns true.
+bool MockDeathTestFactory::Create(const char* /*statement*/,
+ const ::testing::internal::RE* /*regex*/,
+ const char* /*file*/,
+ int /*line*/,
+ DeathTest** test) {
+ test_deleted_ = false;
+ if (create_) {
+ *test = new MockDeathTest(this, role_, status_, passed_);
+ } else {
+ *test = NULL;
+ }
+ return true;
+}
+
+// A test fixture for testing the logic of the GTEST_DEATH_TEST_ macro.
+// It installs a MockDeathTestFactory that is used for the duration
+// of the test case.
+class MacroLogicDeathTest : public testing::Test {
+ protected:
+ static testing::internal::ReplaceDeathTestFactory* replacer_;
+ static MockDeathTestFactory* factory_;
+
+ static void SetUpTestCase() {
+ factory_ = new MockDeathTestFactory;
+ replacer_ = new testing::internal::ReplaceDeathTestFactory(factory_);
+ }
+
+ static void TearDownTestCase() {
+ delete replacer_;
+ replacer_ = NULL;
+ delete factory_;
+ factory_ = NULL;
+ }
+
+ // Runs a death test that breaks the rules by returning. Such a death
+ // test cannot be run directly from a test routine that uses a
+ // MockDeathTest, or the remainder of the routine will not be executed.
+ static void RunReturningDeathTest(bool* flag) {
+ ASSERT_DEATH({ // NOLINT
+ *flag = true;
+ return;
+ }, "");
+ }
+};
+
+testing::internal::ReplaceDeathTestFactory* MacroLogicDeathTest::replacer_
+ = NULL;
+MockDeathTestFactory* MacroLogicDeathTest::factory_ = NULL;
+
+
+// Test that nothing happens when the factory doesn't return a DeathTest:
+TEST_F(MacroLogicDeathTest, NothingHappens) {
+ bool flag = false;
+ factory_->SetParameters(false, DeathTest::OVERSEE_TEST, 0, true);
+ EXPECT_DEATH(flag = true, "");
+ EXPECT_FALSE(flag);
+ EXPECT_EQ(0, factory_->AssumeRoleCalls());
+ EXPECT_EQ(0, factory_->WaitCalls());
+ EXPECT_EQ(0U, factory_->PassedCalls());
+ EXPECT_EQ(0U, factory_->AbortCalls());
+ EXPECT_FALSE(factory_->TestDeleted());
+}
+
+// Test that the parent process doesn't run the death test code,
+// and that the Passed method returns false when the (simulated)
+// child process exits with status 0:
+TEST_F(MacroLogicDeathTest, ChildExitsSuccessfully) {
+ bool flag = false;
+ factory_->SetParameters(true, DeathTest::OVERSEE_TEST, 0, true);
+ EXPECT_DEATH(flag = true, "");
+ EXPECT_FALSE(flag);
+ EXPECT_EQ(1, factory_->AssumeRoleCalls());
+ EXPECT_EQ(1, factory_->WaitCalls());
+ ASSERT_EQ(1U, factory_->PassedCalls());
+ EXPECT_FALSE(factory_->PassedArgument(0));
+ EXPECT_EQ(0U, factory_->AbortCalls());
+ EXPECT_TRUE(factory_->TestDeleted());
+}
+
+// Tests that the Passed method was given the argument "true" when
+// the (simulated) child process exits with status 1:
+TEST_F(MacroLogicDeathTest, ChildExitsUnsuccessfully) {
+ bool flag = false;
+ factory_->SetParameters(true, DeathTest::OVERSEE_TEST, 1, true);
+ EXPECT_DEATH(flag = true, "");
+ EXPECT_FALSE(flag);
+ EXPECT_EQ(1, factory_->AssumeRoleCalls());
+ EXPECT_EQ(1, factory_->WaitCalls());
+ ASSERT_EQ(1U, factory_->PassedCalls());
+ EXPECT_TRUE(factory_->PassedArgument(0));
+ EXPECT_EQ(0U, factory_->AbortCalls());
+ EXPECT_TRUE(factory_->TestDeleted());
+}
+
+// Tests that the (simulated) child process executes the death test
+// code, and is aborted with the correct AbortReason if it
+// executes a return statement.
+TEST_F(MacroLogicDeathTest, ChildPerformsReturn) {
+ bool flag = false;
+ factory_->SetParameters(true, DeathTest::EXECUTE_TEST, 0, true);
+ RunReturningDeathTest(&flag);
+ EXPECT_TRUE(flag);
+ EXPECT_EQ(1, factory_->AssumeRoleCalls());
+ EXPECT_EQ(0, factory_->WaitCalls());
+ EXPECT_EQ(0U, factory_->PassedCalls());
+ EXPECT_EQ(1U, factory_->AbortCalls());
+ EXPECT_EQ(DeathTest::TEST_ENCOUNTERED_RETURN_STATEMENT,
+ factory_->AbortArgument(0));
+ EXPECT_TRUE(factory_->TestDeleted());
+}
+
+// Tests that the (simulated) child process is aborted with the
+// correct AbortReason if it does not die.
+TEST_F(MacroLogicDeathTest, ChildDoesNotDie) {
+ bool flag = false;
+ factory_->SetParameters(true, DeathTest::EXECUTE_TEST, 0, true);
+ EXPECT_DEATH(flag = true, "");
+ EXPECT_TRUE(flag);
+ EXPECT_EQ(1, factory_->AssumeRoleCalls());
+ EXPECT_EQ(0, factory_->WaitCalls());
+ EXPECT_EQ(0U, factory_->PassedCalls());
+ // This time there are two calls to Abort: one since the test didn't
+ // die, and another from the ReturnSentinel when it's destroyed. The
+ // sentinel normally isn't destroyed if a test doesn't die, since
+ // _exit(2) is called in that case by ForkingDeathTest, but not by
+ // our MockDeathTest.
+ ASSERT_EQ(2U, factory_->AbortCalls());
+ EXPECT_EQ(DeathTest::TEST_DID_NOT_DIE,
+ factory_->AbortArgument(0));
+ EXPECT_EQ(DeathTest::TEST_ENCOUNTERED_RETURN_STATEMENT,
+ factory_->AbortArgument(1));
+ EXPECT_TRUE(factory_->TestDeleted());
+}
+
+// Tests that a successful death test does not register a successful
+// test part.
+TEST(SuccessRegistrationDeathTest, NoSuccessPart) {
+ EXPECT_DEATH(_exit(1), "");
+ EXPECT_EQ(0, GetUnitTestImpl()->current_test_result()->total_part_count());
+}
+
+TEST(StreamingAssertionsDeathTest, DeathTest) {
+ EXPECT_DEATH(_exit(1), "") << "unexpected failure";
+ ASSERT_DEATH(_exit(1), "") << "unexpected failure";
+ EXPECT_NONFATAL_FAILURE({ // NOLINT
+ EXPECT_DEATH(_exit(0), "") << "expected failure";
+ }, "expected failure");
+ EXPECT_FATAL_FAILURE({ // NOLINT
+ ASSERT_DEATH(_exit(0), "") << "expected failure";
+ }, "expected failure");
+}
+
+// Tests that GetLastErrnoDescription returns an empty string when the
+// last error is 0 and non-empty string when it is non-zero.
+TEST(GetLastErrnoDescription, GetLastErrnoDescriptionWorks) {
+ errno = ENOENT;
+ EXPECT_STRNE("", GetLastErrnoDescription().c_str());
+ errno = 0;
+ EXPECT_STREQ("", GetLastErrnoDescription().c_str());
+}
+
+# if GTEST_OS_WINDOWS
+TEST(AutoHandleTest, AutoHandleWorks) {
+ HANDLE handle = ::CreateEvent(NULL, FALSE, FALSE, NULL);
+ ASSERT_NE(INVALID_HANDLE_VALUE, handle);
+
+ // Tests that the AutoHandle is correctly initialized with a handle.
+ testing::internal::AutoHandle auto_handle(handle);
+ EXPECT_EQ(handle, auto_handle.Get());
+
+ // Tests that Reset assigns INVALID_HANDLE_VALUE.
+ // Note that this cannot verify whether the original handle is closed.
+ auto_handle.Reset();
+ EXPECT_EQ(INVALID_HANDLE_VALUE, auto_handle.Get());
+
+ // Tests that Reset assigns the new handle.
+ // Note that this cannot verify whether the original handle is closed.
+ handle = ::CreateEvent(NULL, FALSE, FALSE, NULL);
+ ASSERT_NE(INVALID_HANDLE_VALUE, handle);
+ auto_handle.Reset(handle);
+ EXPECT_EQ(handle, auto_handle.Get());
+
+ // Tests that AutoHandle contains INVALID_HANDLE_VALUE by default.
+ testing::internal::AutoHandle auto_handle2;
+ EXPECT_EQ(INVALID_HANDLE_VALUE, auto_handle2.Get());
+}
+# endif // GTEST_OS_WINDOWS
+
+# if GTEST_OS_WINDOWS
+typedef unsigned __int64 BiggestParsable;
+typedef signed __int64 BiggestSignedParsable;
+# else
+typedef unsigned long long BiggestParsable;
+typedef signed long long BiggestSignedParsable;
+# endif // GTEST_OS_WINDOWS
+
+// We cannot use std::numeric_limits<T>::max() as it clashes with the
+// max() macro defined by <windows.h>.
+const BiggestParsable kBiggestParsableMax = ULLONG_MAX;
+const BiggestSignedParsable kBiggestSignedParsableMax = LLONG_MAX;
+
+TEST(ParseNaturalNumberTest, RejectsInvalidFormat) {
+ BiggestParsable result = 0;
+
+ // Rejects non-numbers.
+ EXPECT_FALSE(ParseNaturalNumber("non-number string", &result));
+
+ // Rejects numbers with whitespace prefix.
+ EXPECT_FALSE(ParseNaturalNumber(" 123", &result));
+
+ // Rejects negative numbers.
+ EXPECT_FALSE(ParseNaturalNumber("-123", &result));
+
+ // Rejects numbers starting with a plus sign.
+ EXPECT_FALSE(ParseNaturalNumber("+123", &result));
+ errno = 0;
+}
+
+TEST(ParseNaturalNumberTest, RejectsOverflownNumbers) {
+ BiggestParsable result = 0;
+
+ EXPECT_FALSE(ParseNaturalNumber("99999999999999999999999", &result));
+
+ signed char char_result = 0;
+ EXPECT_FALSE(ParseNaturalNumber("200", &char_result));
+ errno = 0;
+}
+
+TEST(ParseNaturalNumberTest, AcceptsValidNumbers) {
+ BiggestParsable result = 0;
+
+ result = 0;
+ ASSERT_TRUE(ParseNaturalNumber("123", &result));
+ EXPECT_EQ(123U, result);
+
+ // Check 0 as an edge case.
+ result = 1;
+ ASSERT_TRUE(ParseNaturalNumber("0", &result));
+ EXPECT_EQ(0U, result);
+
+ result = 1;
+ ASSERT_TRUE(ParseNaturalNumber("00000", &result));
+ EXPECT_EQ(0U, result);
+}
+
+TEST(ParseNaturalNumberTest, AcceptsTypeLimits) {
+ Message msg;
+ msg << kBiggestParsableMax;
+
+ BiggestParsable result = 0;
+ EXPECT_TRUE(ParseNaturalNumber(msg.GetString(), &result));
+ EXPECT_EQ(kBiggestParsableMax, result);
+
+ Message msg2;
+ msg2 << kBiggestSignedParsableMax;
+
+ BiggestSignedParsable signed_result = 0;
+ EXPECT_TRUE(ParseNaturalNumber(msg2.GetString(), &signed_result));
+ EXPECT_EQ(kBiggestSignedParsableMax, signed_result);
+
+ Message msg3;
+ msg3 << INT_MAX;
+
+ int int_result = 0;
+ EXPECT_TRUE(ParseNaturalNumber(msg3.GetString(), &int_result));
+ EXPECT_EQ(INT_MAX, int_result);
+
+ Message msg4;
+ msg4 << UINT_MAX;
+
+ unsigned int uint_result = 0;
+ EXPECT_TRUE(ParseNaturalNumber(msg4.GetString(), &uint_result));
+ EXPECT_EQ(UINT_MAX, uint_result);
+}
+
+TEST(ParseNaturalNumberTest, WorksForShorterIntegers) {
+ short short_result = 0;
+ ASSERT_TRUE(ParseNaturalNumber("123", &short_result));
+ EXPECT_EQ(123, short_result);
+
+ signed char char_result = 0;
+ ASSERT_TRUE(ParseNaturalNumber("123", &char_result));
+ EXPECT_EQ(123, char_result);
+}
+
+# if GTEST_OS_WINDOWS
+TEST(EnvironmentTest, HandleFitsIntoSizeT) {
+ // FIXME: Remove this test after this condition is verified
+ // in a static assertion in gtest-death-test.cc in the function
+ // GetStatusFileDescriptor.
+ ASSERT_TRUE(sizeof(HANDLE) <= sizeof(size_t));
+}
+# endif // GTEST_OS_WINDOWS
+
+// Tests that EXPECT_DEATH_IF_SUPPORTED/ASSERT_DEATH_IF_SUPPORTED trigger
+// failures when death tests are available on the system.
+TEST(ConditionalDeathMacrosDeathTest, ExpectsDeathWhenDeathTestsAvailable) {
+ EXPECT_DEATH_IF_SUPPORTED(DieInside("CondDeathTestExpectMacro"),
+ "death inside CondDeathTestExpectMacro");
+ ASSERT_DEATH_IF_SUPPORTED(DieInside("CondDeathTestAssertMacro"),
+ "death inside CondDeathTestAssertMacro");
+
+ // Empty statement will not crash, which must trigger a failure.
+ EXPECT_NONFATAL_FAILURE(EXPECT_DEATH_IF_SUPPORTED(;, ""), "");
+ EXPECT_FATAL_FAILURE(ASSERT_DEATH_IF_SUPPORTED(;, ""), "");
+}
+
+TEST(InDeathTestChildDeathTest, ReportsDeathTestCorrectlyInFastStyle) {
+ testing::GTEST_FLAG(death_test_style) = "fast";
+ EXPECT_FALSE(InDeathTestChild());
+ EXPECT_DEATH({
+ fprintf(stderr, InDeathTestChild() ? "Inside" : "Outside");
+ fflush(stderr);
+ _exit(1);
+ }, "Inside");
+}
+
+TEST(InDeathTestChildDeathTest, ReportsDeathTestCorrectlyInThreadSafeStyle) {
+ testing::GTEST_FLAG(death_test_style) = "threadsafe";
+ EXPECT_FALSE(InDeathTestChild());
+ EXPECT_DEATH({
+ fprintf(stderr, InDeathTestChild() ? "Inside" : "Outside");
+ fflush(stderr);
+ _exit(1);
+ }, "Inside");
+}
+
+#else // !GTEST_HAS_DEATH_TEST follows
+
+using testing::internal::CaptureStderr;
+using testing::internal::GetCapturedStderr;
+
+// Tests that EXPECT_DEATH_IF_SUPPORTED/ASSERT_DEATH_IF_SUPPORTED are still
+// defined but do not trigger failures when death tests are not available on
+// the system.
+TEST(ConditionalDeathMacrosTest, WarnsWhenDeathTestsNotAvailable) {
+ // Empty statement will not crash, but that should not trigger a failure
+ // when death tests are not supported.
+ CaptureStderr();
+ EXPECT_DEATH_IF_SUPPORTED(;, "");
+ std::string output = GetCapturedStderr();
+ ASSERT_TRUE(NULL != strstr(output.c_str(),
+ "Death tests are not supported on this platform"));
+ ASSERT_TRUE(NULL != strstr(output.c_str(), ";"));
+
+ // The streamed message should not be printed as there is no test failure.
+ CaptureStderr();
+ EXPECT_DEATH_IF_SUPPORTED(;, "") << "streamed message";
+ output = GetCapturedStderr();
+ ASSERT_TRUE(NULL == strstr(output.c_str(), "streamed message"));
+
+ CaptureStderr();
+ ASSERT_DEATH_IF_SUPPORTED(;, ""); // NOLINT
+ output = GetCapturedStderr();
+ ASSERT_TRUE(NULL != strstr(output.c_str(),
+ "Death tests are not supported on this platform"));
+ ASSERT_TRUE(NULL != strstr(output.c_str(), ";"));
+
+ CaptureStderr();
+ ASSERT_DEATH_IF_SUPPORTED(;, "") << "streamed message"; // NOLINT
+ output = GetCapturedStderr();
+ ASSERT_TRUE(NULL == strstr(output.c_str(), "streamed message"));
+}
+
+void FuncWithAssert(int* n) {
+ ASSERT_DEATH_IF_SUPPORTED(return;, "");
+ (*n)++;
+}
+
+// Tests that ASSERT_DEATH_IF_SUPPORTED does not return from the current
+// function (as ASSERT_DEATH does) if death tests are not supported.
+TEST(ConditionalDeathMacrosTest, AssertDeatDoesNotReturnhIfUnsupported) {
+ int n = 0;
+ FuncWithAssert(&n);
+ EXPECT_EQ(1, n);
+}
+
+#endif // !GTEST_HAS_DEATH_TEST
+
+// Tests that the death test macros expand to code which may or may not
+// be followed by operator<<, and that in either case the complete text
+// comprises only a single C++ statement.
+//
+// The syntax should work whether death tests are available or not.
+TEST(ConditionalDeathMacrosSyntaxDeathTest, SingleStatement) {
+ if (AlwaysFalse())
+ // This would fail if executed; this is a compilation test only
+ ASSERT_DEATH_IF_SUPPORTED(return, "");
+
+ if (AlwaysTrue())
+ EXPECT_DEATH_IF_SUPPORTED(_exit(1), "");
+ else
+ // This empty "else" branch is meant to ensure that EXPECT_DEATH
+ // doesn't expand into an "if" statement without an "else"
+ ; // NOLINT
+
+ if (AlwaysFalse())
+ ASSERT_DEATH_IF_SUPPORTED(return, "") << "did not die";
+
+ if (AlwaysFalse())
+ ; // NOLINT
+ else
+ EXPECT_DEATH_IF_SUPPORTED(_exit(1), "") << 1 << 2 << 3;
+}
+
+// Tests that conditional death test macros expand to code which interacts
+// well with switch statements.
+TEST(ConditionalDeathMacrosSyntaxDeathTest, SwitchStatement) {
+ // Microsoft compiler usually complains about switch statements without
+ // case labels. We suppress that warning for this test.
+ GTEST_DISABLE_MSC_WARNINGS_PUSH_(4065)
+
+ switch (0)
+ default:
+ ASSERT_DEATH_IF_SUPPORTED(_exit(1), "")
+ << "exit in default switch handler";
+
+ switch (0)
+ case 0:
+ EXPECT_DEATH_IF_SUPPORTED(_exit(1), "") << "exit in switch case";
+
+ GTEST_DISABLE_MSC_WARNINGS_POP_()
+}
+
+// Tests that a test case whose name ends with "DeathTest" works fine
+// on Windows.
+TEST(NotADeathTest, Test) {
+ SUCCEED();
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-death-test_ex_test.cc b/security/nss/gtests/google_test/gtest/test/googletest-death-test_ex_test.cc
new file mode 100644
index 000000000..b8b9470fc
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-death-test_ex_test.cc
@@ -0,0 +1,92 @@
+// Copyright 2010, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+//
+// Tests that verify interaction of exceptions and death tests.
+
+#include "gtest/gtest-death-test.h"
+#include "gtest/gtest.h"
+
+#if GTEST_HAS_DEATH_TEST
+
+# if GTEST_HAS_SEH
+# include <windows.h> // For RaiseException().
+# endif
+
+# include "gtest/gtest-spi.h"
+
+# if GTEST_HAS_EXCEPTIONS
+
+# include <exception> // For std::exception.
+
+// Tests that death tests report thrown exceptions as failures and that the
+// exceptions do not escape death test macros.
+TEST(CxxExceptionDeathTest, ExceptionIsFailure) {
+ try {
+ EXPECT_NONFATAL_FAILURE(EXPECT_DEATH(throw 1, ""), "threw an exception");
+ } catch (...) { // NOLINT
+ FAIL() << "An exception escaped a death test macro invocation "
+ << "with catch_exceptions "
+ << (testing::GTEST_FLAG(catch_exceptions) ? "enabled" : "disabled");
+ }
+}
+
+class TestException : public std::exception {
+ public:
+ virtual const char* what() const throw() { return "exceptional message"; }
+};
+
+TEST(CxxExceptionDeathTest, PrintsMessageForStdExceptions) {
+ // Verifies that the exception message is quoted in the failure text.
+ EXPECT_NONFATAL_FAILURE(EXPECT_DEATH(throw TestException(), ""),
+ "exceptional message");
+ // Verifies that the location is mentioned in the failure text.
+ EXPECT_NONFATAL_FAILURE(EXPECT_DEATH(throw TestException(), ""),
+ "googletest-death-test_ex_test.cc");
+}
+# endif // GTEST_HAS_EXCEPTIONS
+
+# if GTEST_HAS_SEH
+// Tests that enabling interception of SEH exceptions with the
+// catch_exceptions flag does not interfere with SEH exceptions being
+// treated as death by death tests.
+TEST(SehExceptionDeasTest, CatchExceptionsDoesNotInterfere) {
+ EXPECT_DEATH(RaiseException(42, 0x0, 0, NULL), "")
+ << "with catch_exceptions "
+ << (testing::GTEST_FLAG(catch_exceptions) ? "enabled" : "disabled");
+}
+# endif
+
+#endif // GTEST_HAS_DEATH_TEST
+
+int main(int argc, char** argv) {
+ testing::InitGoogleTest(&argc, argv);
+ testing::GTEST_FLAG(catch_exceptions) = GTEST_ENABLE_CATCH_EXCEPTIONS_ != 0;
+ return RUN_ALL_TESTS();
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-env-var-test.py b/security/nss/gtests/google_test/gtest/test/googletest-env-var-test.py
new file mode 100644
index 000000000..e1efeee1e
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-env-var-test.py
@@ -0,0 +1,117 @@
+#!/usr/bin/env python
+#
+# Copyright 2008, Google Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Verifies that Google Test correctly parses environment variables."""
+
+import os
+import gtest_test_utils
+
+
+IS_WINDOWS = os.name == 'nt'
+IS_LINUX = os.name == 'posix' and os.uname()[0] == 'Linux'
+
+COMMAND = gtest_test_utils.GetTestExecutablePath('googletest-env-var-test_')
+
+environ = os.environ.copy()
+
+
+def AssertEq(expected, actual):
+ if expected != actual:
+ print 'Expected: %s' % (expected,)
+ print ' Actual: %s' % (actual,)
+ raise AssertionError
+
+
+def SetEnvVar(env_var, value):
+ """Sets the env variable to 'value'; unsets it when 'value' is None."""
+
+ if value is not None:
+ environ[env_var] = value
+ elif env_var in environ:
+ del environ[env_var]
+
+
+def GetFlag(flag):
+ """Runs googletest-env-var-test_ and returns its output."""
+
+ args = [COMMAND]
+ if flag is not None:
+ args += [flag]
+ return gtest_test_utils.Subprocess(args, env=environ).output
+
+
+def TestFlag(flag, test_val, default_val):
+ """Verifies that the given flag is affected by the corresponding env var."""
+
+ env_var = 'GTEST_' + flag.upper()
+ SetEnvVar(env_var, test_val)
+ AssertEq(test_val, GetFlag(flag))
+ SetEnvVar(env_var, None)
+ AssertEq(default_val, GetFlag(flag))
+
+
+class GTestEnvVarTest(gtest_test_utils.TestCase):
+
+ def testEnvVarAffectsFlag(self):
+ """Tests that environment variable should affect the corresponding flag."""
+
+ TestFlag('break_on_failure', '1', '0')
+ TestFlag('color', 'yes', 'auto')
+ TestFlag('filter', 'FooTest.Bar', '*')
+ SetEnvVar('XML_OUTPUT_FILE', None) # For 'output' test
+ TestFlag('output', 'xml:tmp/foo.xml', '')
+ TestFlag('print_time', '0', '1')
+ TestFlag('repeat', '999', '1')
+ TestFlag('throw_on_failure', '1', '0')
+ TestFlag('death_test_style', 'threadsafe', 'fast')
+ TestFlag('catch_exceptions', '0', '1')
+
+ if IS_LINUX:
+ TestFlag('death_test_use_fork', '1', '0')
+ TestFlag('stack_trace_depth', '0', '100')
+
+
+ def testXmlOutputFile(self):
+ """Tests that $XML_OUTPUT_FILE affects the output flag."""
+
+ SetEnvVar('GTEST_OUTPUT', None)
+ SetEnvVar('XML_OUTPUT_FILE', 'tmp/bar.xml')
+ AssertEq('xml:tmp/bar.xml', GetFlag('output'))
+
+ def testXmlOutputFileOverride(self):
+ """Tests that $XML_OUTPUT_FILE is overridden by $GTEST_OUTPUT."""
+
+ SetEnvVar('GTEST_OUTPUT', 'xml:tmp/foo.xml')
+ SetEnvVar('XML_OUTPUT_FILE', 'tmp/bar.xml')
+ AssertEq('xml:tmp/foo.xml', GetFlag('output'))
+
+if __name__ == '__main__':
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-env-var-test_.cc b/security/nss/gtests/google_test/gtest/test/googletest-env-var-test_.cc
new file mode 100644
index 000000000..fd2aa82f7
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-env-var-test_.cc
@@ -0,0 +1,122 @@
+// Copyright 2008, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+// A helper program for testing that Google Test parses the environment
+// variables correctly.
+
+#include <iostream>
+
+#include "gtest/gtest.h"
+#include "src/gtest-internal-inl.h"
+
+using ::std::cout;
+
+namespace testing {
+
+// The purpose of this is to make the test more realistic by ensuring
+// that the UnitTest singleton is created before main() is entered.
+// We don't actual run the TEST itself.
+TEST(GTestEnvVarTest, Dummy) {
+}
+
+void PrintFlag(const char* flag) {
+ if (strcmp(flag, "break_on_failure") == 0) {
+ cout << GTEST_FLAG(break_on_failure);
+ return;
+ }
+
+ if (strcmp(flag, "catch_exceptions") == 0) {
+ cout << GTEST_FLAG(catch_exceptions);
+ return;
+ }
+
+ if (strcmp(flag, "color") == 0) {
+ cout << GTEST_FLAG(color);
+ return;
+ }
+
+ if (strcmp(flag, "death_test_style") == 0) {
+ cout << GTEST_FLAG(death_test_style);
+ return;
+ }
+
+ if (strcmp(flag, "death_test_use_fork") == 0) {
+ cout << GTEST_FLAG(death_test_use_fork);
+ return;
+ }
+
+ if (strcmp(flag, "filter") == 0) {
+ cout << GTEST_FLAG(filter);
+ return;
+ }
+
+ if (strcmp(flag, "output") == 0) {
+ cout << GTEST_FLAG(output);
+ return;
+ }
+
+ if (strcmp(flag, "print_time") == 0) {
+ cout << GTEST_FLAG(print_time);
+ return;
+ }
+
+ if (strcmp(flag, "repeat") == 0) {
+ cout << GTEST_FLAG(repeat);
+ return;
+ }
+
+ if (strcmp(flag, "stack_trace_depth") == 0) {
+ cout << GTEST_FLAG(stack_trace_depth);
+ return;
+ }
+
+ if (strcmp(flag, "throw_on_failure") == 0) {
+ cout << GTEST_FLAG(throw_on_failure);
+ return;
+ }
+
+ cout << "Invalid flag name " << flag
+ << ". Valid names are break_on_failure, color, filter, etc.\n";
+ exit(1);
+}
+
+} // namespace testing
+
+int main(int argc, char** argv) {
+ testing::InitGoogleTest(&argc, argv);
+
+ if (argc != 2) {
+ cout << "Usage: googletest-env-var-test_ NAME_OF_FLAG\n";
+ return 1;
+ }
+
+ testing::PrintFlag(argv[1]);
+ return 0;
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-filepath-test.cc b/security/nss/gtests/google_test/gtest/test/googletest-filepath-test.cc
new file mode 100644
index 000000000..37f02fb4b
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-filepath-test.cc
@@ -0,0 +1,651 @@
+// Copyright 2008, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Google Test filepath utilities
+//
+// This file tests classes and functions used internally by
+// Google Test. They are subject to change without notice.
+//
+// This file is #included from gtest-internal.h.
+// Do not #include this file anywhere else!
+
+#include "gtest/internal/gtest-filepath.h"
+#include "gtest/gtest.h"
+#include "src/gtest-internal-inl.h"
+
+#if GTEST_OS_WINDOWS_MOBILE
+# include <windows.h> // NOLINT
+#elif GTEST_OS_WINDOWS
+# include <direct.h> // NOLINT
+#endif // GTEST_OS_WINDOWS_MOBILE
+
+namespace testing {
+namespace internal {
+namespace {
+
+#if GTEST_OS_WINDOWS_MOBILE
+// FIXME: Move these to the POSIX adapter section in
+// gtest-port.h.
+
+// Windows CE doesn't have the remove C function.
+int remove(const char* path) {
+ LPCWSTR wpath = String::AnsiToUtf16(path);
+ int ret = DeleteFile(wpath) ? 0 : -1;
+ delete [] wpath;
+ return ret;
+}
+// Windows CE doesn't have the _rmdir C function.
+int _rmdir(const char* path) {
+ FilePath filepath(path);
+ LPCWSTR wpath = String::AnsiToUtf16(
+ filepath.RemoveTrailingPathSeparator().c_str());
+ int ret = RemoveDirectory(wpath) ? 0 : -1;
+ delete [] wpath;
+ return ret;
+}
+
+#else
+
+TEST(GetCurrentDirTest, ReturnsCurrentDir) {
+ const FilePath original_dir = FilePath::GetCurrentDir();
+ EXPECT_FALSE(original_dir.IsEmpty());
+
+ posix::ChDir(GTEST_PATH_SEP_);
+ const FilePath cwd = FilePath::GetCurrentDir();
+ posix::ChDir(original_dir.c_str());
+
+# if GTEST_OS_WINDOWS
+
+ // Skips the ":".
+ const char* const cwd_without_drive = strchr(cwd.c_str(), ':');
+ ASSERT_TRUE(cwd_without_drive != NULL);
+ EXPECT_STREQ(GTEST_PATH_SEP_, cwd_without_drive + 1);
+
+# else
+
+ EXPECT_EQ(GTEST_PATH_SEP_, cwd.string());
+
+# endif
+}
+
+#endif // GTEST_OS_WINDOWS_MOBILE
+
+TEST(IsEmptyTest, ReturnsTrueForEmptyPath) {
+ EXPECT_TRUE(FilePath("").IsEmpty());
+}
+
+TEST(IsEmptyTest, ReturnsFalseForNonEmptyPath) {
+ EXPECT_FALSE(FilePath("a").IsEmpty());
+ EXPECT_FALSE(FilePath(".").IsEmpty());
+ EXPECT_FALSE(FilePath("a/b").IsEmpty());
+ EXPECT_FALSE(FilePath("a\\b\\").IsEmpty());
+}
+
+// RemoveDirectoryName "" -> ""
+TEST(RemoveDirectoryNameTest, WhenEmptyName) {
+ EXPECT_EQ("", FilePath("").RemoveDirectoryName().string());
+}
+
+// RemoveDirectoryName "afile" -> "afile"
+TEST(RemoveDirectoryNameTest, ButNoDirectory) {
+ EXPECT_EQ("afile",
+ FilePath("afile").RemoveDirectoryName().string());
+}
+
+// RemoveDirectoryName "/afile" -> "afile"
+TEST(RemoveDirectoryNameTest, RootFileShouldGiveFileName) {
+ EXPECT_EQ("afile",
+ FilePath(GTEST_PATH_SEP_ "afile").RemoveDirectoryName().string());
+}
+
+// RemoveDirectoryName "adir/" -> ""
+TEST(RemoveDirectoryNameTest, WhereThereIsNoFileName) {
+ EXPECT_EQ("",
+ FilePath("adir" GTEST_PATH_SEP_).RemoveDirectoryName().string());
+}
+
+// RemoveDirectoryName "adir/afile" -> "afile"
+TEST(RemoveDirectoryNameTest, ShouldGiveFileName) {
+ EXPECT_EQ("afile",
+ FilePath("adir" GTEST_PATH_SEP_ "afile").RemoveDirectoryName().string());
+}
+
+// RemoveDirectoryName "adir/subdir/afile" -> "afile"
+TEST(RemoveDirectoryNameTest, ShouldAlsoGiveFileName) {
+ EXPECT_EQ("afile",
+ FilePath("adir" GTEST_PATH_SEP_ "subdir" GTEST_PATH_SEP_ "afile")
+ .RemoveDirectoryName().string());
+}
+
+#if GTEST_HAS_ALT_PATH_SEP_
+
+// Tests that RemoveDirectoryName() works with the alternate separator
+// on Windows.
+
+// RemoveDirectoryName("/afile") -> "afile"
+TEST(RemoveDirectoryNameTest, RootFileShouldGiveFileNameForAlternateSeparator) {
+ EXPECT_EQ("afile", FilePath("/afile").RemoveDirectoryName().string());
+}
+
+// RemoveDirectoryName("adir/") -> ""
+TEST(RemoveDirectoryNameTest, WhereThereIsNoFileNameForAlternateSeparator) {
+ EXPECT_EQ("", FilePath("adir/").RemoveDirectoryName().string());
+}
+
+// RemoveDirectoryName("adir/afile") -> "afile"
+TEST(RemoveDirectoryNameTest, ShouldGiveFileNameForAlternateSeparator) {
+ EXPECT_EQ("afile", FilePath("adir/afile").RemoveDirectoryName().string());
+}
+
+// RemoveDirectoryName("adir/subdir/afile") -> "afile"
+TEST(RemoveDirectoryNameTest, ShouldAlsoGiveFileNameForAlternateSeparator) {
+ EXPECT_EQ("afile",
+ FilePath("adir/subdir/afile").RemoveDirectoryName().string());
+}
+
+#endif
+
+// RemoveFileName "" -> "./"
+TEST(RemoveFileNameTest, EmptyName) {
+#if GTEST_OS_WINDOWS_MOBILE
+ // On Windows CE, we use the root as the current directory.
+ EXPECT_EQ(GTEST_PATH_SEP_, FilePath("").RemoveFileName().string());
+#else
+ EXPECT_EQ("." GTEST_PATH_SEP_, FilePath("").RemoveFileName().string());
+#endif
+}
+
+// RemoveFileName "adir/" -> "adir/"
+TEST(RemoveFileNameTest, ButNoFile) {
+ EXPECT_EQ("adir" GTEST_PATH_SEP_,
+ FilePath("adir" GTEST_PATH_SEP_).RemoveFileName().string());
+}
+
+// RemoveFileName "adir/afile" -> "adir/"
+TEST(RemoveFileNameTest, GivesDirName) {
+ EXPECT_EQ("adir" GTEST_PATH_SEP_,
+ FilePath("adir" GTEST_PATH_SEP_ "afile").RemoveFileName().string());
+}
+
+// RemoveFileName "adir/subdir/afile" -> "adir/subdir/"
+TEST(RemoveFileNameTest, GivesDirAndSubDirName) {
+ EXPECT_EQ("adir" GTEST_PATH_SEP_ "subdir" GTEST_PATH_SEP_,
+ FilePath("adir" GTEST_PATH_SEP_ "subdir" GTEST_PATH_SEP_ "afile")
+ .RemoveFileName().string());
+}
+
+// RemoveFileName "/afile" -> "/"
+TEST(RemoveFileNameTest, GivesRootDir) {
+ EXPECT_EQ(GTEST_PATH_SEP_,
+ FilePath(GTEST_PATH_SEP_ "afile").RemoveFileName().string());
+}
+
+#if GTEST_HAS_ALT_PATH_SEP_
+
+// Tests that RemoveFileName() works with the alternate separator on
+// Windows.
+
+// RemoveFileName("adir/") -> "adir/"
+TEST(RemoveFileNameTest, ButNoFileForAlternateSeparator) {
+ EXPECT_EQ("adir" GTEST_PATH_SEP_,
+ FilePath("adir/").RemoveFileName().string());
+}
+
+// RemoveFileName("adir/afile") -> "adir/"
+TEST(RemoveFileNameTest, GivesDirNameForAlternateSeparator) {
+ EXPECT_EQ("adir" GTEST_PATH_SEP_,
+ FilePath("adir/afile").RemoveFileName().string());
+}
+
+// RemoveFileName("adir/subdir/afile") -> "adir/subdir/"
+TEST(RemoveFileNameTest, GivesDirAndSubDirNameForAlternateSeparator) {
+ EXPECT_EQ("adir" GTEST_PATH_SEP_ "subdir" GTEST_PATH_SEP_,
+ FilePath("adir/subdir/afile").RemoveFileName().string());
+}
+
+// RemoveFileName("/afile") -> "\"
+TEST(RemoveFileNameTest, GivesRootDirForAlternateSeparator) {
+ EXPECT_EQ(GTEST_PATH_SEP_, FilePath("/afile").RemoveFileName().string());
+}
+
+#endif
+
+TEST(MakeFileNameTest, GenerateWhenNumberIsZero) {
+ FilePath actual = FilePath::MakeFileName(FilePath("foo"), FilePath("bar"),
+ 0, "xml");
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar.xml", actual.string());
+}
+
+TEST(MakeFileNameTest, GenerateFileNameNumberGtZero) {
+ FilePath actual = FilePath::MakeFileName(FilePath("foo"), FilePath("bar"),
+ 12, "xml");
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar_12.xml", actual.string());
+}
+
+TEST(MakeFileNameTest, GenerateFileNameWithSlashNumberIsZero) {
+ FilePath actual = FilePath::MakeFileName(FilePath("foo" GTEST_PATH_SEP_),
+ FilePath("bar"), 0, "xml");
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar.xml", actual.string());
+}
+
+TEST(MakeFileNameTest, GenerateFileNameWithSlashNumberGtZero) {
+ FilePath actual = FilePath::MakeFileName(FilePath("foo" GTEST_PATH_SEP_),
+ FilePath("bar"), 12, "xml");
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar_12.xml", actual.string());
+}
+
+TEST(MakeFileNameTest, GenerateWhenNumberIsZeroAndDirIsEmpty) {
+ FilePath actual = FilePath::MakeFileName(FilePath(""), FilePath("bar"),
+ 0, "xml");
+ EXPECT_EQ("bar.xml", actual.string());
+}
+
+TEST(MakeFileNameTest, GenerateWhenNumberIsNotZeroAndDirIsEmpty) {
+ FilePath actual = FilePath::MakeFileName(FilePath(""), FilePath("bar"),
+ 14, "xml");
+ EXPECT_EQ("bar_14.xml", actual.string());
+}
+
+TEST(ConcatPathsTest, WorksWhenDirDoesNotEndWithPathSep) {
+ FilePath actual = FilePath::ConcatPaths(FilePath("foo"),
+ FilePath("bar.xml"));
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar.xml", actual.string());
+}
+
+TEST(ConcatPathsTest, WorksWhenPath1EndsWithPathSep) {
+ FilePath actual = FilePath::ConcatPaths(FilePath("foo" GTEST_PATH_SEP_),
+ FilePath("bar.xml"));
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar.xml", actual.string());
+}
+
+TEST(ConcatPathsTest, Path1BeingEmpty) {
+ FilePath actual = FilePath::ConcatPaths(FilePath(""),
+ FilePath("bar.xml"));
+ EXPECT_EQ("bar.xml", actual.string());
+}
+
+TEST(ConcatPathsTest, Path2BeingEmpty) {
+ FilePath actual = FilePath::ConcatPaths(FilePath("foo"), FilePath(""));
+ EXPECT_EQ("foo" GTEST_PATH_SEP_, actual.string());
+}
+
+TEST(ConcatPathsTest, BothPathBeingEmpty) {
+ FilePath actual = FilePath::ConcatPaths(FilePath(""),
+ FilePath(""));
+ EXPECT_EQ("", actual.string());
+}
+
+TEST(ConcatPathsTest, Path1ContainsPathSep) {
+ FilePath actual = FilePath::ConcatPaths(FilePath("foo" GTEST_PATH_SEP_ "bar"),
+ FilePath("foobar.xml"));
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar" GTEST_PATH_SEP_ "foobar.xml",
+ actual.string());
+}
+
+TEST(ConcatPathsTest, Path2ContainsPathSep) {
+ FilePath actual = FilePath::ConcatPaths(
+ FilePath("foo" GTEST_PATH_SEP_),
+ FilePath("bar" GTEST_PATH_SEP_ "bar.xml"));
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar" GTEST_PATH_SEP_ "bar.xml",
+ actual.string());
+}
+
+TEST(ConcatPathsTest, Path2EndsWithPathSep) {
+ FilePath actual = FilePath::ConcatPaths(FilePath("foo"),
+ FilePath("bar" GTEST_PATH_SEP_));
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar" GTEST_PATH_SEP_, actual.string());
+}
+
+// RemoveTrailingPathSeparator "" -> ""
+TEST(RemoveTrailingPathSeparatorTest, EmptyString) {
+ EXPECT_EQ("", FilePath("").RemoveTrailingPathSeparator().string());
+}
+
+// RemoveTrailingPathSeparator "foo" -> "foo"
+TEST(RemoveTrailingPathSeparatorTest, FileNoSlashString) {
+ EXPECT_EQ("foo", FilePath("foo").RemoveTrailingPathSeparator().string());
+}
+
+// RemoveTrailingPathSeparator "foo/" -> "foo"
+TEST(RemoveTrailingPathSeparatorTest, ShouldRemoveTrailingSeparator) {
+ EXPECT_EQ("foo",
+ FilePath("foo" GTEST_PATH_SEP_).RemoveTrailingPathSeparator().string());
+#if GTEST_HAS_ALT_PATH_SEP_
+ EXPECT_EQ("foo", FilePath("foo/").RemoveTrailingPathSeparator().string());
+#endif
+}
+
+// RemoveTrailingPathSeparator "foo/bar/" -> "foo/bar/"
+TEST(RemoveTrailingPathSeparatorTest, ShouldRemoveLastSeparator) {
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar",
+ FilePath("foo" GTEST_PATH_SEP_ "bar" GTEST_PATH_SEP_)
+ .RemoveTrailingPathSeparator().string());
+}
+
+// RemoveTrailingPathSeparator "foo/bar" -> "foo/bar"
+TEST(RemoveTrailingPathSeparatorTest, ShouldReturnUnmodified) {
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar",
+ FilePath("foo" GTEST_PATH_SEP_ "bar")
+ .RemoveTrailingPathSeparator().string());
+}
+
+TEST(DirectoryTest, RootDirectoryExists) {
+#if GTEST_OS_WINDOWS // We are on Windows.
+ char current_drive[_MAX_PATH]; // NOLINT
+ current_drive[0] = static_cast<char>(_getdrive() + 'A' - 1);
+ current_drive[1] = ':';
+ current_drive[2] = '\\';
+ current_drive[3] = '\0';
+ EXPECT_TRUE(FilePath(current_drive).DirectoryExists());
+#else
+ EXPECT_TRUE(FilePath("/").DirectoryExists());
+#endif // GTEST_OS_WINDOWS
+}
+
+#if GTEST_OS_WINDOWS
+TEST(DirectoryTest, RootOfWrongDriveDoesNotExists) {
+ const int saved_drive_ = _getdrive();
+ // Find a drive that doesn't exist. Start with 'Z' to avoid common ones.
+ for (char drive = 'Z'; drive >= 'A'; drive--)
+ if (_chdrive(drive - 'A' + 1) == -1) {
+ char non_drive[_MAX_PATH]; // NOLINT
+ non_drive[0] = drive;
+ non_drive[1] = ':';
+ non_drive[2] = '\\';
+ non_drive[3] = '\0';
+ EXPECT_FALSE(FilePath(non_drive).DirectoryExists());
+ break;
+ }
+ _chdrive(saved_drive_);
+}
+#endif // GTEST_OS_WINDOWS
+
+#if !GTEST_OS_WINDOWS_MOBILE
+// Windows CE _does_ consider an empty directory to exist.
+TEST(DirectoryTest, EmptyPathDirectoryDoesNotExist) {
+ EXPECT_FALSE(FilePath("").DirectoryExists());
+}
+#endif // !GTEST_OS_WINDOWS_MOBILE
+
+TEST(DirectoryTest, CurrentDirectoryExists) {
+#if GTEST_OS_WINDOWS // We are on Windows.
+# ifndef _WIN32_CE // Windows CE doesn't have a current directory.
+
+ EXPECT_TRUE(FilePath(".").DirectoryExists());
+ EXPECT_TRUE(FilePath(".\\").DirectoryExists());
+
+# endif // _WIN32_CE
+#else
+ EXPECT_TRUE(FilePath(".").DirectoryExists());
+ EXPECT_TRUE(FilePath("./").DirectoryExists());
+#endif // GTEST_OS_WINDOWS
+}
+
+// "foo/bar" == foo//bar" == "foo///bar"
+TEST(NormalizeTest, MultipleConsecutiveSepaparatorsInMidstring) {
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar",
+ FilePath("foo" GTEST_PATH_SEP_ "bar").string());
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar",
+ FilePath("foo" GTEST_PATH_SEP_ GTEST_PATH_SEP_ "bar").string());
+ EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar",
+ FilePath("foo" GTEST_PATH_SEP_ GTEST_PATH_SEP_
+ GTEST_PATH_SEP_ "bar").string());
+}
+
+// "/bar" == //bar" == "///bar"
+TEST(NormalizeTest, MultipleConsecutiveSepaparatorsAtStringStart) {
+ EXPECT_EQ(GTEST_PATH_SEP_ "bar",
+ FilePath(GTEST_PATH_SEP_ "bar").string());
+ EXPECT_EQ(GTEST_PATH_SEP_ "bar",
+ FilePath(GTEST_PATH_SEP_ GTEST_PATH_SEP_ "bar").string());
+ EXPECT_EQ(GTEST_PATH_SEP_ "bar",
+ FilePath(GTEST_PATH_SEP_ GTEST_PATH_SEP_ GTEST_PATH_SEP_ "bar").string());
+}
+
+// "foo/" == foo//" == "foo///"
+TEST(NormalizeTest, MultipleConsecutiveSepaparatorsAtStringEnd) {
+ EXPECT_EQ("foo" GTEST_PATH_SEP_,
+ FilePath("foo" GTEST_PATH_SEP_).string());
+ EXPECT_EQ("foo" GTEST_PATH_SEP_,
+ FilePath("foo" GTEST_PATH_SEP_ GTEST_PATH_SEP_).string());
+ EXPECT_EQ("foo" GTEST_PATH_SEP_,
+ FilePath("foo" GTEST_PATH_SEP_ GTEST_PATH_SEP_ GTEST_PATH_SEP_).string());
+}
+
+#if GTEST_HAS_ALT_PATH_SEP_
+
+// Tests that separators at the end of the string are normalized
+// regardless of their combination (e.g. "foo\" =="foo/\" ==
+// "foo\\/").
+TEST(NormalizeTest, MixAlternateSeparatorAtStringEnd) {
+ EXPECT_EQ("foo" GTEST_PATH_SEP_,
+ FilePath("foo/").string());
+ EXPECT_EQ("foo" GTEST_PATH_SEP_,
+ FilePath("foo" GTEST_PATH_SEP_ "/").string());
+ EXPECT_EQ("foo" GTEST_PATH_SEP_,
+ FilePath("foo//" GTEST_PATH_SEP_).string());
+}
+
+#endif
+
+TEST(AssignmentOperatorTest, DefaultAssignedToNonDefault) {
+ FilePath default_path;
+ FilePath non_default_path("path");
+ non_default_path = default_path;
+ EXPECT_EQ("", non_default_path.string());
+ EXPECT_EQ("", default_path.string()); // RHS var is unchanged.
+}
+
+TEST(AssignmentOperatorTest, NonDefaultAssignedToDefault) {
+ FilePath non_default_path("path");
+ FilePath default_path;
+ default_path = non_default_path;
+ EXPECT_EQ("path", default_path.string());
+ EXPECT_EQ("path", non_default_path.string()); // RHS var is unchanged.
+}
+
+TEST(AssignmentOperatorTest, ConstAssignedToNonConst) {
+ const FilePath const_default_path("const_path");
+ FilePath non_default_path("path");
+ non_default_path = const_default_path;
+ EXPECT_EQ("const_path", non_default_path.string());
+}
+
+class DirectoryCreationTest : public Test {
+ protected:
+ virtual void SetUp() {
+ testdata_path_.Set(FilePath(
+ TempDir() + GetCurrentExecutableName().string() +
+ "_directory_creation" GTEST_PATH_SEP_ "test" GTEST_PATH_SEP_));
+ testdata_file_.Set(testdata_path_.RemoveTrailingPathSeparator());
+
+ unique_file0_.Set(FilePath::MakeFileName(testdata_path_, FilePath("unique"),
+ 0, "txt"));
+ unique_file1_.Set(FilePath::MakeFileName(testdata_path_, FilePath("unique"),
+ 1, "txt"));
+
+ remove(testdata_file_.c_str());
+ remove(unique_file0_.c_str());
+ remove(unique_file1_.c_str());
+ posix::RmDir(testdata_path_.c_str());
+ }
+
+ virtual void TearDown() {
+ remove(testdata_file_.c_str());
+ remove(unique_file0_.c_str());
+ remove(unique_file1_.c_str());
+ posix::RmDir(testdata_path_.c_str());
+ }
+
+ void CreateTextFile(const char* filename) {
+ FILE* f = posix::FOpen(filename, "w");
+ fprintf(f, "text\n");
+ fclose(f);
+ }
+
+ // Strings representing a directory and a file, with identical paths
+ // except for the trailing separator character that distinquishes
+ // a directory named 'test' from a file named 'test'. Example names:
+ FilePath testdata_path_; // "/tmp/directory_creation/test/"
+ FilePath testdata_file_; // "/tmp/directory_creation/test"
+ FilePath unique_file0_; // "/tmp/directory_creation/test/unique.txt"
+ FilePath unique_file1_; // "/tmp/directory_creation/test/unique_1.txt"
+};
+
+TEST_F(DirectoryCreationTest, CreateDirectoriesRecursively) {
+ EXPECT_FALSE(testdata_path_.DirectoryExists()) << testdata_path_.string();
+ EXPECT_TRUE(testdata_path_.CreateDirectoriesRecursively());
+ EXPECT_TRUE(testdata_path_.DirectoryExists());
+}
+
+TEST_F(DirectoryCreationTest, CreateDirectoriesForAlreadyExistingPath) {
+ EXPECT_FALSE(testdata_path_.DirectoryExists()) << testdata_path_.string();
+ EXPECT_TRUE(testdata_path_.CreateDirectoriesRecursively());
+ // Call 'create' again... should still succeed.
+ EXPECT_TRUE(testdata_path_.CreateDirectoriesRecursively());
+}
+
+TEST_F(DirectoryCreationTest, CreateDirectoriesAndUniqueFilename) {
+ FilePath file_path(FilePath::GenerateUniqueFileName(testdata_path_,
+ FilePath("unique"), "txt"));
+ EXPECT_EQ(unique_file0_.string(), file_path.string());
+ EXPECT_FALSE(file_path.FileOrDirectoryExists()); // file not there
+
+ testdata_path_.CreateDirectoriesRecursively();
+ EXPECT_FALSE(file_path.FileOrDirectoryExists()); // file still not there
+ CreateTextFile(file_path.c_str());
+ EXPECT_TRUE(file_path.FileOrDirectoryExists());
+
+ FilePath file_path2(FilePath::GenerateUniqueFileName(testdata_path_,
+ FilePath("unique"), "txt"));
+ EXPECT_EQ(unique_file1_.string(), file_path2.string());
+ EXPECT_FALSE(file_path2.FileOrDirectoryExists()); // file not there
+ CreateTextFile(file_path2.c_str());
+ EXPECT_TRUE(file_path2.FileOrDirectoryExists());
+}
+
+TEST_F(DirectoryCreationTest, CreateDirectoriesFail) {
+ // force a failure by putting a file where we will try to create a directory.
+ CreateTextFile(testdata_file_.c_str());
+ EXPECT_TRUE(testdata_file_.FileOrDirectoryExists());
+ EXPECT_FALSE(testdata_file_.DirectoryExists());
+ EXPECT_FALSE(testdata_file_.CreateDirectoriesRecursively());
+}
+
+TEST(NoDirectoryCreationTest, CreateNoDirectoriesForDefaultXmlFile) {
+ const FilePath test_detail_xml("test_detail.xml");
+ EXPECT_FALSE(test_detail_xml.CreateDirectoriesRecursively());
+}
+
+TEST(FilePathTest, DefaultConstructor) {
+ FilePath fp;
+ EXPECT_EQ("", fp.string());
+}
+
+TEST(FilePathTest, CharAndCopyConstructors) {
+ const FilePath fp("spicy");
+ EXPECT_EQ("spicy", fp.string());
+
+ const FilePath fp_copy(fp);
+ EXPECT_EQ("spicy", fp_copy.string());
+}
+
+TEST(FilePathTest, StringConstructor) {
+ const FilePath fp(std::string("cider"));
+ EXPECT_EQ("cider", fp.string());
+}
+
+TEST(FilePathTest, Set) {
+ const FilePath apple("apple");
+ FilePath mac("mac");
+ mac.Set(apple); // Implement Set() since overloading operator= is forbidden.
+ EXPECT_EQ("apple", mac.string());
+ EXPECT_EQ("apple", apple.string());
+}
+
+TEST(FilePathTest, ToString) {
+ const FilePath file("drink");
+ EXPECT_EQ("drink", file.string());
+}
+
+TEST(FilePathTest, RemoveExtension) {
+ EXPECT_EQ("app", FilePath("app.cc").RemoveExtension("cc").string());
+ EXPECT_EQ("app", FilePath("app.exe").RemoveExtension("exe").string());
+ EXPECT_EQ("APP", FilePath("APP.EXE").RemoveExtension("exe").string());
+}
+
+TEST(FilePathTest, RemoveExtensionWhenThereIsNoExtension) {
+ EXPECT_EQ("app", FilePath("app").RemoveExtension("exe").string());
+}
+
+TEST(FilePathTest, IsDirectory) {
+ EXPECT_FALSE(FilePath("cola").IsDirectory());
+ EXPECT_TRUE(FilePath("koala" GTEST_PATH_SEP_).IsDirectory());
+#if GTEST_HAS_ALT_PATH_SEP_
+ EXPECT_TRUE(FilePath("koala/").IsDirectory());
+#endif
+}
+
+TEST(FilePathTest, IsAbsolutePath) {
+ EXPECT_FALSE(FilePath("is" GTEST_PATH_SEP_ "relative").IsAbsolutePath());
+ EXPECT_FALSE(FilePath("").IsAbsolutePath());
+#if GTEST_OS_WINDOWS
+ EXPECT_TRUE(FilePath("c:\\" GTEST_PATH_SEP_ "is_not"
+ GTEST_PATH_SEP_ "relative").IsAbsolutePath());
+ EXPECT_FALSE(FilePath("c:foo" GTEST_PATH_SEP_ "bar").IsAbsolutePath());
+ EXPECT_TRUE(FilePath("c:/" GTEST_PATH_SEP_ "is_not"
+ GTEST_PATH_SEP_ "relative").IsAbsolutePath());
+#else
+ EXPECT_TRUE(FilePath(GTEST_PATH_SEP_ "is_not" GTEST_PATH_SEP_ "relative")
+ .IsAbsolutePath());
+#endif // GTEST_OS_WINDOWS
+}
+
+TEST(FilePathTest, IsRootDirectory) {
+#if GTEST_OS_WINDOWS
+ EXPECT_TRUE(FilePath("a:\\").IsRootDirectory());
+ EXPECT_TRUE(FilePath("Z:/").IsRootDirectory());
+ EXPECT_TRUE(FilePath("e://").IsRootDirectory());
+ EXPECT_FALSE(FilePath("").IsRootDirectory());
+ EXPECT_FALSE(FilePath("b:").IsRootDirectory());
+ EXPECT_FALSE(FilePath("b:a").IsRootDirectory());
+ EXPECT_FALSE(FilePath("8:/").IsRootDirectory());
+ EXPECT_FALSE(FilePath("c|/").IsRootDirectory());
+#else
+ EXPECT_TRUE(FilePath("/").IsRootDirectory());
+ EXPECT_TRUE(FilePath("//").IsRootDirectory());
+ EXPECT_FALSE(FilePath("").IsRootDirectory());
+ EXPECT_FALSE(FilePath("\\").IsRootDirectory());
+ EXPECT_FALSE(FilePath("/x").IsRootDirectory());
+#endif
+}
+
+} // namespace
+} // namespace internal
+} // namespace testing
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-filter-unittest.py b/security/nss/gtests/google_test/gtest/test/googletest-filter-unittest.py
new file mode 100644
index 000000000..dc0b5bd9a
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-filter-unittest.py
@@ -0,0 +1,636 @@
+#!/usr/bin/env python
+#
+# Copyright 2005 Google Inc. All Rights Reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Unit test for Google Test test filters.
+
+A user can specify which test(s) in a Google Test program to run via either
+the GTEST_FILTER environment variable or the --gtest_filter flag.
+This script tests such functionality by invoking
+googletest-filter-unittest_ (a program written with Google Test) with different
+environments and command line flags.
+
+Note that test sharding may also influence which tests are filtered. Therefore,
+we test that here also.
+"""
+
+import os
+import re
+import sets
+import sys
+import gtest_test_utils
+
+# Constants.
+
+# Checks if this platform can pass empty environment variables to child
+# processes. We set an env variable to an empty string and invoke a python
+# script in a subprocess to print whether the variable is STILL in
+# os.environ. We then use 'eval' to parse the child's output so that an
+# exception is thrown if the input is anything other than 'True' nor 'False'.
+CAN_PASS_EMPTY_ENV = False
+if sys.executable:
+ os.environ['EMPTY_VAR'] = ''
+ child = gtest_test_utils.Subprocess(
+ [sys.executable, '-c', 'import os; print \'EMPTY_VAR\' in os.environ'])
+ CAN_PASS_EMPTY_ENV = eval(child.output)
+
+
+# Check if this platform can unset environment variables in child processes.
+# We set an env variable to a non-empty string, unset it, and invoke
+# a python script in a subprocess to print whether the variable
+# is NO LONGER in os.environ.
+# We use 'eval' to parse the child's output so that an exception
+# is thrown if the input is neither 'True' nor 'False'.
+CAN_UNSET_ENV = False
+if sys.executable:
+ os.environ['UNSET_VAR'] = 'X'
+ del os.environ['UNSET_VAR']
+ child = gtest_test_utils.Subprocess(
+ [sys.executable, '-c', 'import os; print \'UNSET_VAR\' not in os.environ'
+ ])
+ CAN_UNSET_ENV = eval(child.output)
+
+
+# Checks if we should test with an empty filter. This doesn't
+# make sense on platforms that cannot pass empty env variables (Win32)
+# and on platforms that cannot unset variables (since we cannot tell
+# the difference between "" and NULL -- Borland and Solaris < 5.10)
+CAN_TEST_EMPTY_FILTER = (CAN_PASS_EMPTY_ENV and CAN_UNSET_ENV)
+
+
+# The environment variable for specifying the test filters.
+FILTER_ENV_VAR = 'GTEST_FILTER'
+
+# The environment variables for test sharding.
+TOTAL_SHARDS_ENV_VAR = 'GTEST_TOTAL_SHARDS'
+SHARD_INDEX_ENV_VAR = 'GTEST_SHARD_INDEX'
+SHARD_STATUS_FILE_ENV_VAR = 'GTEST_SHARD_STATUS_FILE'
+
+# The command line flag for specifying the test filters.
+FILTER_FLAG = 'gtest_filter'
+
+# The command line flag for including disabled tests.
+ALSO_RUN_DISABLED_TESTS_FLAG = 'gtest_also_run_disabled_tests'
+
+# Command to run the googletest-filter-unittest_ program.
+COMMAND = gtest_test_utils.GetTestExecutablePath('googletest-filter-unittest_')
+
+# Regex for determining whether parameterized tests are enabled in the binary.
+PARAM_TEST_REGEX = re.compile(r'/ParamTest')
+
+# Regex for parsing test case names from Google Test's output.
+TEST_CASE_REGEX = re.compile(r'^\[\-+\] \d+ tests? from (\w+(/\w+)?)')
+
+# Regex for parsing test names from Google Test's output.
+TEST_REGEX = re.compile(r'^\[\s*RUN\s*\].*\.(\w+(/\w+)?)')
+
+# The command line flag to tell Google Test to output the list of tests it
+# will run.
+LIST_TESTS_FLAG = '--gtest_list_tests'
+
+# Indicates whether Google Test supports death tests.
+SUPPORTS_DEATH_TESTS = 'HasDeathTest' in gtest_test_utils.Subprocess(
+ [COMMAND, LIST_TESTS_FLAG]).output
+
+# Full names of all tests in googletest-filter-unittests_.
+PARAM_TESTS = [
+ 'SeqP/ParamTest.TestX/0',
+ 'SeqP/ParamTest.TestX/1',
+ 'SeqP/ParamTest.TestY/0',
+ 'SeqP/ParamTest.TestY/1',
+ 'SeqQ/ParamTest.TestX/0',
+ 'SeqQ/ParamTest.TestX/1',
+ 'SeqQ/ParamTest.TestY/0',
+ 'SeqQ/ParamTest.TestY/1',
+ ]
+
+DISABLED_TESTS = [
+ 'BarTest.DISABLED_TestFour',
+ 'BarTest.DISABLED_TestFive',
+ 'BazTest.DISABLED_TestC',
+ 'DISABLED_FoobarTest.Test1',
+ 'DISABLED_FoobarTest.DISABLED_Test2',
+ 'DISABLED_FoobarbazTest.TestA',
+ ]
+
+if SUPPORTS_DEATH_TESTS:
+ DEATH_TESTS = [
+ 'HasDeathTest.Test1',
+ 'HasDeathTest.Test2',
+ ]
+else:
+ DEATH_TESTS = []
+
+# All the non-disabled tests.
+ACTIVE_TESTS = [
+ 'FooTest.Abc',
+ 'FooTest.Xyz',
+
+ 'BarTest.TestOne',
+ 'BarTest.TestTwo',
+ 'BarTest.TestThree',
+
+ 'BazTest.TestOne',
+ 'BazTest.TestA',
+ 'BazTest.TestB',
+ ] + DEATH_TESTS + PARAM_TESTS
+
+param_tests_present = None
+
+# Utilities.
+
+environ = os.environ.copy()
+
+
+def SetEnvVar(env_var, value):
+ """Sets the env variable to 'value'; unsets it when 'value' is None."""
+
+ if value is not None:
+ environ[env_var] = value
+ elif env_var in environ:
+ del environ[env_var]
+
+
+def RunAndReturnOutput(args = None):
+ """Runs the test program and returns its output."""
+
+ return gtest_test_utils.Subprocess([COMMAND] + (args or []),
+ env=environ).output
+
+
+def RunAndExtractTestList(args = None):
+ """Runs the test program and returns its exit code and a list of tests run."""
+
+ p = gtest_test_utils.Subprocess([COMMAND] + (args or []), env=environ)
+ tests_run = []
+ test_case = ''
+ test = ''
+ for line in p.output.split('\n'):
+ match = TEST_CASE_REGEX.match(line)
+ if match is not None:
+ test_case = match.group(1)
+ else:
+ match = TEST_REGEX.match(line)
+ if match is not None:
+ test = match.group(1)
+ tests_run.append(test_case + '.' + test)
+ return (tests_run, p.exit_code)
+
+
+def InvokeWithModifiedEnv(extra_env, function, *args, **kwargs):
+ """Runs the given function and arguments in a modified environment."""
+ try:
+ original_env = environ.copy()
+ environ.update(extra_env)
+ return function(*args, **kwargs)
+ finally:
+ environ.clear()
+ environ.update(original_env)
+
+
+def RunWithSharding(total_shards, shard_index, command):
+ """Runs a test program shard and returns exit code and a list of tests run."""
+
+ extra_env = {SHARD_INDEX_ENV_VAR: str(shard_index),
+ TOTAL_SHARDS_ENV_VAR: str(total_shards)}
+ return InvokeWithModifiedEnv(extra_env, RunAndExtractTestList, command)
+
+# The unit test.
+
+
+class GTestFilterUnitTest(gtest_test_utils.TestCase):
+ """Tests the env variable or the command line flag to filter tests."""
+
+ # Utilities.
+
+ def AssertSetEqual(self, lhs, rhs):
+ """Asserts that two sets are equal."""
+
+ for elem in lhs:
+ self.assert_(elem in rhs, '%s in %s' % (elem, rhs))
+
+ for elem in rhs:
+ self.assert_(elem in lhs, '%s in %s' % (elem, lhs))
+
+ def AssertPartitionIsValid(self, set_var, list_of_sets):
+ """Asserts that list_of_sets is a valid partition of set_var."""
+
+ full_partition = []
+ for slice_var in list_of_sets:
+ full_partition.extend(slice_var)
+ self.assertEqual(len(set_var), len(full_partition))
+ self.assertEqual(sets.Set(set_var), sets.Set(full_partition))
+
+ def AdjustForParameterizedTests(self, tests_to_run):
+ """Adjust tests_to_run in case value parameterized tests are disabled."""
+
+ global param_tests_present
+ if not param_tests_present:
+ return list(sets.Set(tests_to_run) - sets.Set(PARAM_TESTS))
+ else:
+ return tests_to_run
+
+ def RunAndVerify(self, gtest_filter, tests_to_run):
+ """Checks that the binary runs correct set of tests for a given filter."""
+
+ tests_to_run = self.AdjustForParameterizedTests(tests_to_run)
+
+ # First, tests using the environment variable.
+
+ # Windows removes empty variables from the environment when passing it
+ # to a new process. This means it is impossible to pass an empty filter
+ # into a process using the environment variable. However, we can still
+ # test the case when the variable is not supplied (i.e., gtest_filter is
+ # None).
+ # pylint: disable-msg=C6403
+ if CAN_TEST_EMPTY_FILTER or gtest_filter != '':
+ SetEnvVar(FILTER_ENV_VAR, gtest_filter)
+ tests_run = RunAndExtractTestList()[0]
+ SetEnvVar(FILTER_ENV_VAR, None)
+ self.AssertSetEqual(tests_run, tests_to_run)
+ # pylint: enable-msg=C6403
+
+ # Next, tests using the command line flag.
+
+ if gtest_filter is None:
+ args = []
+ else:
+ args = ['--%s=%s' % (FILTER_FLAG, gtest_filter)]
+
+ tests_run = RunAndExtractTestList(args)[0]
+ self.AssertSetEqual(tests_run, tests_to_run)
+
+ def RunAndVerifyWithSharding(self, gtest_filter, total_shards, tests_to_run,
+ args=None, check_exit_0=False):
+ """Checks that binary runs correct tests for the given filter and shard.
+
+ Runs all shards of googletest-filter-unittest_ with the given filter, and
+ verifies that the right set of tests were run. The union of tests run
+ on each shard should be identical to tests_to_run, without duplicates.
+ If check_exit_0, .
+
+ Args:
+ gtest_filter: A filter to apply to the tests.
+ total_shards: A total number of shards to split test run into.
+ tests_to_run: A set of tests expected to run.
+ args : Arguments to pass to the to the test binary.
+ check_exit_0: When set to a true value, make sure that all shards
+ return 0.
+ """
+
+ tests_to_run = self.AdjustForParameterizedTests(tests_to_run)
+
+ # Windows removes empty variables from the environment when passing it
+ # to a new process. This means it is impossible to pass an empty filter
+ # into a process using the environment variable. However, we can still
+ # test the case when the variable is not supplied (i.e., gtest_filter is
+ # None).
+ # pylint: disable-msg=C6403
+ if CAN_TEST_EMPTY_FILTER or gtest_filter != '':
+ SetEnvVar(FILTER_ENV_VAR, gtest_filter)
+ partition = []
+ for i in range(0, total_shards):
+ (tests_run, exit_code) = RunWithSharding(total_shards, i, args)
+ if check_exit_0:
+ self.assertEqual(0, exit_code)
+ partition.append(tests_run)
+
+ self.AssertPartitionIsValid(tests_to_run, partition)
+ SetEnvVar(FILTER_ENV_VAR, None)
+ # pylint: enable-msg=C6403
+
+ def RunAndVerifyAllowingDisabled(self, gtest_filter, tests_to_run):
+ """Checks that the binary runs correct set of tests for the given filter.
+
+ Runs googletest-filter-unittest_ with the given filter, and enables
+ disabled tests. Verifies that the right set of tests were run.
+
+ Args:
+ gtest_filter: A filter to apply to the tests.
+ tests_to_run: A set of tests expected to run.
+ """
+
+ tests_to_run = self.AdjustForParameterizedTests(tests_to_run)
+
+ # Construct the command line.
+ args = ['--%s' % ALSO_RUN_DISABLED_TESTS_FLAG]
+ if gtest_filter is not None:
+ args.append('--%s=%s' % (FILTER_FLAG, gtest_filter))
+
+ tests_run = RunAndExtractTestList(args)[0]
+ self.AssertSetEqual(tests_run, tests_to_run)
+
+ def setUp(self):
+ """Sets up test case.
+
+ Determines whether value-parameterized tests are enabled in the binary and
+ sets the flags accordingly.
+ """
+
+ global param_tests_present
+ if param_tests_present is None:
+ param_tests_present = PARAM_TEST_REGEX.search(
+ RunAndReturnOutput()) is not None
+
+ def testDefaultBehavior(self):
+ """Tests the behavior of not specifying the filter."""
+
+ self.RunAndVerify(None, ACTIVE_TESTS)
+
+ def testDefaultBehaviorWithShards(self):
+ """Tests the behavior without the filter, with sharding enabled."""
+
+ self.RunAndVerifyWithSharding(None, 1, ACTIVE_TESTS)
+ self.RunAndVerifyWithSharding(None, 2, ACTIVE_TESTS)
+ self.RunAndVerifyWithSharding(None, len(ACTIVE_TESTS) - 1, ACTIVE_TESTS)
+ self.RunAndVerifyWithSharding(None, len(ACTIVE_TESTS), ACTIVE_TESTS)
+ self.RunAndVerifyWithSharding(None, len(ACTIVE_TESTS) + 1, ACTIVE_TESTS)
+
+ def testEmptyFilter(self):
+ """Tests an empty filter."""
+
+ self.RunAndVerify('', [])
+ self.RunAndVerifyWithSharding('', 1, [])
+ self.RunAndVerifyWithSharding('', 2, [])
+
+ def testBadFilter(self):
+ """Tests a filter that matches nothing."""
+
+ self.RunAndVerify('BadFilter', [])
+ self.RunAndVerifyAllowingDisabled('BadFilter', [])
+
+ def testFullName(self):
+ """Tests filtering by full name."""
+
+ self.RunAndVerify('FooTest.Xyz', ['FooTest.Xyz'])
+ self.RunAndVerifyAllowingDisabled('FooTest.Xyz', ['FooTest.Xyz'])
+ self.RunAndVerifyWithSharding('FooTest.Xyz', 5, ['FooTest.Xyz'])
+
+ def testUniversalFilters(self):
+ """Tests filters that match everything."""
+
+ self.RunAndVerify('*', ACTIVE_TESTS)
+ self.RunAndVerify('*.*', ACTIVE_TESTS)
+ self.RunAndVerifyWithSharding('*.*', len(ACTIVE_TESTS) - 3, ACTIVE_TESTS)
+ self.RunAndVerifyAllowingDisabled('*', ACTIVE_TESTS + DISABLED_TESTS)
+ self.RunAndVerifyAllowingDisabled('*.*', ACTIVE_TESTS + DISABLED_TESTS)
+
+ def testFilterByTestCase(self):
+ """Tests filtering by test case name."""
+
+ self.RunAndVerify('FooTest.*', ['FooTest.Abc', 'FooTest.Xyz'])
+
+ BAZ_TESTS = ['BazTest.TestOne', 'BazTest.TestA', 'BazTest.TestB']
+ self.RunAndVerify('BazTest.*', BAZ_TESTS)
+ self.RunAndVerifyAllowingDisabled('BazTest.*',
+ BAZ_TESTS + ['BazTest.DISABLED_TestC'])
+
+ def testFilterByTest(self):
+ """Tests filtering by test name."""
+
+ self.RunAndVerify('*.TestOne', ['BarTest.TestOne', 'BazTest.TestOne'])
+
+ def testFilterDisabledTests(self):
+ """Select only the disabled tests to run."""
+
+ self.RunAndVerify('DISABLED_FoobarTest.Test1', [])
+ self.RunAndVerifyAllowingDisabled('DISABLED_FoobarTest.Test1',
+ ['DISABLED_FoobarTest.Test1'])
+
+ self.RunAndVerify('*DISABLED_*', [])
+ self.RunAndVerifyAllowingDisabled('*DISABLED_*', DISABLED_TESTS)
+
+ self.RunAndVerify('*.DISABLED_*', [])
+ self.RunAndVerifyAllowingDisabled('*.DISABLED_*', [
+ 'BarTest.DISABLED_TestFour',
+ 'BarTest.DISABLED_TestFive',
+ 'BazTest.DISABLED_TestC',
+ 'DISABLED_FoobarTest.DISABLED_Test2',
+ ])
+
+ self.RunAndVerify('DISABLED_*', [])
+ self.RunAndVerifyAllowingDisabled('DISABLED_*', [
+ 'DISABLED_FoobarTest.Test1',
+ 'DISABLED_FoobarTest.DISABLED_Test2',
+ 'DISABLED_FoobarbazTest.TestA',
+ ])
+
+ def testWildcardInTestCaseName(self):
+ """Tests using wildcard in the test case name."""
+
+ self.RunAndVerify('*a*.*', [
+ 'BarTest.TestOne',
+ 'BarTest.TestTwo',
+ 'BarTest.TestThree',
+
+ 'BazTest.TestOne',
+ 'BazTest.TestA',
+ 'BazTest.TestB', ] + DEATH_TESTS + PARAM_TESTS)
+
+ def testWildcardInTestName(self):
+ """Tests using wildcard in the test name."""
+
+ self.RunAndVerify('*.*A*', ['FooTest.Abc', 'BazTest.TestA'])
+
+ def testFilterWithoutDot(self):
+ """Tests a filter that has no '.' in it."""
+
+ self.RunAndVerify('*z*', [
+ 'FooTest.Xyz',
+
+ 'BazTest.TestOne',
+ 'BazTest.TestA',
+ 'BazTest.TestB',
+ ])
+
+ def testTwoPatterns(self):
+ """Tests filters that consist of two patterns."""
+
+ self.RunAndVerify('Foo*.*:*A*', [
+ 'FooTest.Abc',
+ 'FooTest.Xyz',
+
+ 'BazTest.TestA',
+ ])
+
+ # An empty pattern + a non-empty one
+ self.RunAndVerify(':*A*', ['FooTest.Abc', 'BazTest.TestA'])
+
+ def testThreePatterns(self):
+ """Tests filters that consist of three patterns."""
+
+ self.RunAndVerify('*oo*:*A*:*One', [
+ 'FooTest.Abc',
+ 'FooTest.Xyz',
+
+ 'BarTest.TestOne',
+
+ 'BazTest.TestOne',
+ 'BazTest.TestA',
+ ])
+
+ # The 2nd pattern is empty.
+ self.RunAndVerify('*oo*::*One', [
+ 'FooTest.Abc',
+ 'FooTest.Xyz',
+
+ 'BarTest.TestOne',
+
+ 'BazTest.TestOne',
+ ])
+
+ # The last 2 patterns are empty.
+ self.RunAndVerify('*oo*::', [
+ 'FooTest.Abc',
+ 'FooTest.Xyz',
+ ])
+
+ def testNegativeFilters(self):
+ self.RunAndVerify('*-BazTest.TestOne', [
+ 'FooTest.Abc',
+ 'FooTest.Xyz',
+
+ 'BarTest.TestOne',
+ 'BarTest.TestTwo',
+ 'BarTest.TestThree',
+
+ 'BazTest.TestA',
+ 'BazTest.TestB',
+ ] + DEATH_TESTS + PARAM_TESTS)
+
+ self.RunAndVerify('*-FooTest.Abc:BazTest.*', [
+ 'FooTest.Xyz',
+
+ 'BarTest.TestOne',
+ 'BarTest.TestTwo',
+ 'BarTest.TestThree',
+ ] + DEATH_TESTS + PARAM_TESTS)
+
+ self.RunAndVerify('BarTest.*-BarTest.TestOne', [
+ 'BarTest.TestTwo',
+ 'BarTest.TestThree',
+ ])
+
+ # Tests without leading '*'.
+ self.RunAndVerify('-FooTest.Abc:FooTest.Xyz:BazTest.*', [
+ 'BarTest.TestOne',
+ 'BarTest.TestTwo',
+ 'BarTest.TestThree',
+ ] + DEATH_TESTS + PARAM_TESTS)
+
+ # Value parameterized tests.
+ self.RunAndVerify('*/*', PARAM_TESTS)
+
+ # Value parameterized tests filtering by the sequence name.
+ self.RunAndVerify('SeqP/*', [
+ 'SeqP/ParamTest.TestX/0',
+ 'SeqP/ParamTest.TestX/1',
+ 'SeqP/ParamTest.TestY/0',
+ 'SeqP/ParamTest.TestY/1',
+ ])
+
+ # Value parameterized tests filtering by the test name.
+ self.RunAndVerify('*/0', [
+ 'SeqP/ParamTest.TestX/0',
+ 'SeqP/ParamTest.TestY/0',
+ 'SeqQ/ParamTest.TestX/0',
+ 'SeqQ/ParamTest.TestY/0',
+ ])
+
+ def testFlagOverridesEnvVar(self):
+ """Tests that the filter flag overrides the filtering env. variable."""
+
+ SetEnvVar(FILTER_ENV_VAR, 'Foo*')
+ args = ['--%s=%s' % (FILTER_FLAG, '*One')]
+ tests_run = RunAndExtractTestList(args)[0]
+ SetEnvVar(FILTER_ENV_VAR, None)
+
+ self.AssertSetEqual(tests_run, ['BarTest.TestOne', 'BazTest.TestOne'])
+
+ def testShardStatusFileIsCreated(self):
+ """Tests that the shard file is created if specified in the environment."""
+
+ shard_status_file = os.path.join(gtest_test_utils.GetTempDir(),
+ 'shard_status_file')
+ self.assert_(not os.path.exists(shard_status_file))
+
+ extra_env = {SHARD_STATUS_FILE_ENV_VAR: shard_status_file}
+ try:
+ InvokeWithModifiedEnv(extra_env, RunAndReturnOutput)
+ finally:
+ self.assert_(os.path.exists(shard_status_file))
+ os.remove(shard_status_file)
+
+ def testShardStatusFileIsCreatedWithListTests(self):
+ """Tests that the shard file is created with the "list_tests" flag."""
+
+ shard_status_file = os.path.join(gtest_test_utils.GetTempDir(),
+ 'shard_status_file2')
+ self.assert_(not os.path.exists(shard_status_file))
+
+ extra_env = {SHARD_STATUS_FILE_ENV_VAR: shard_status_file}
+ try:
+ output = InvokeWithModifiedEnv(extra_env,
+ RunAndReturnOutput,
+ [LIST_TESTS_FLAG])
+ finally:
+ # This assertion ensures that Google Test enumerated the tests as
+ # opposed to running them.
+ self.assert_('[==========]' not in output,
+ 'Unexpected output during test enumeration.\n'
+ 'Please ensure that LIST_TESTS_FLAG is assigned the\n'
+ 'correct flag value for listing Google Test tests.')
+
+ self.assert_(os.path.exists(shard_status_file))
+ os.remove(shard_status_file)
+
+ if SUPPORTS_DEATH_TESTS:
+ def testShardingWorksWithDeathTests(self):
+ """Tests integration with death tests and sharding."""
+
+ gtest_filter = 'HasDeathTest.*:SeqP/*'
+ expected_tests = [
+ 'HasDeathTest.Test1',
+ 'HasDeathTest.Test2',
+
+ 'SeqP/ParamTest.TestX/0',
+ 'SeqP/ParamTest.TestX/1',
+ 'SeqP/ParamTest.TestY/0',
+ 'SeqP/ParamTest.TestY/1',
+ ]
+
+ for flag in ['--gtest_death_test_style=threadsafe',
+ '--gtest_death_test_style=fast']:
+ self.RunAndVerifyWithSharding(gtest_filter, 3, expected_tests,
+ check_exit_0=True, args=[flag])
+ self.RunAndVerifyWithSharding(gtest_filter, 5, expected_tests,
+ check_exit_0=True, args=[flag])
+
+if __name__ == '__main__':
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-filter-unittest_.cc b/security/nss/gtests/google_test/gtest/test/googletest-filter-unittest_.cc
new file mode 100644
index 000000000..d335b6039
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-filter-unittest_.cc
@@ -0,0 +1,137 @@
+// Copyright 2005, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+// Unit test for Google Test test filters.
+//
+// A user can specify which test(s) in a Google Test program to run via
+// either the GTEST_FILTER environment variable or the --gtest_filter
+// flag. This is used for testing such functionality.
+//
+// The program will be invoked from a Python unit test. Don't run it
+// directly.
+
+#include "gtest/gtest.h"
+
+namespace {
+
+// Test case FooTest.
+
+class FooTest : public testing::Test {
+};
+
+TEST_F(FooTest, Abc) {
+}
+
+TEST_F(FooTest, Xyz) {
+ FAIL() << "Expected failure.";
+}
+
+// Test case BarTest.
+
+TEST(BarTest, TestOne) {
+}
+
+TEST(BarTest, TestTwo) {
+}
+
+TEST(BarTest, TestThree) {
+}
+
+TEST(BarTest, DISABLED_TestFour) {
+ FAIL() << "Expected failure.";
+}
+
+TEST(BarTest, DISABLED_TestFive) {
+ FAIL() << "Expected failure.";
+}
+
+// Test case BazTest.
+
+TEST(BazTest, TestOne) {
+ FAIL() << "Expected failure.";
+}
+
+TEST(BazTest, TestA) {
+}
+
+TEST(BazTest, TestB) {
+}
+
+TEST(BazTest, DISABLED_TestC) {
+ FAIL() << "Expected failure.";
+}
+
+// Test case HasDeathTest
+
+TEST(HasDeathTest, Test1) {
+ EXPECT_DEATH_IF_SUPPORTED(exit(1), ".*");
+}
+
+// We need at least two death tests to make sure that the all death tests
+// aren't on the first shard.
+TEST(HasDeathTest, Test2) {
+ EXPECT_DEATH_IF_SUPPORTED(exit(1), ".*");
+}
+
+// Test case FoobarTest
+
+TEST(DISABLED_FoobarTest, Test1) {
+ FAIL() << "Expected failure.";
+}
+
+TEST(DISABLED_FoobarTest, DISABLED_Test2) {
+ FAIL() << "Expected failure.";
+}
+
+// Test case FoobarbazTest
+
+TEST(DISABLED_FoobarbazTest, TestA) {
+ FAIL() << "Expected failure.";
+}
+
+class ParamTest : public testing::TestWithParam<int> {
+};
+
+TEST_P(ParamTest, TestX) {
+}
+
+TEST_P(ParamTest, TestY) {
+}
+
+INSTANTIATE_TEST_CASE_P(SeqP, ParamTest, testing::Values(1, 2));
+INSTANTIATE_TEST_CASE_P(SeqQ, ParamTest, testing::Values(5, 6));
+
+} // namespace
+
+int main(int argc, char **argv) {
+ ::testing::InitGoogleTest(&argc, argv);
+
+ return RUN_ALL_TESTS();
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-json-outfiles-test.py b/security/nss/gtests/google_test/gtest/test/googletest-json-outfiles-test.py
new file mode 100644
index 000000000..c99be48e8
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-json-outfiles-test.py
@@ -0,0 +1,162 @@
+#!/usr/bin/env python
+# Copyright 2018, Google Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Unit test for the gtest_json_output module."""
+
+import json
+import os
+import gtest_json_test_utils
+import gtest_test_utils
+
+GTEST_OUTPUT_SUBDIR = 'json_outfiles'
+GTEST_OUTPUT_1_TEST = 'gtest_xml_outfile1_test_'
+GTEST_OUTPUT_2_TEST = 'gtest_xml_outfile2_test_'
+
+EXPECTED_1 = {
+ u'tests': 1,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'timestamp': u'*',
+ u'name': u'AllTests',
+ u'testsuites': [{
+ u'name': u'PropertyOne',
+ u'tests': 1,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [{
+ u'name': u'TestSomeProperties',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'PropertyOne',
+ u'SetUpProp': u'1',
+ u'TestSomeProperty': u'1',
+ u'TearDownProp': u'1',
+ }],
+ }],
+}
+
+EXPECTED_2 = {
+ u'tests': 1,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'timestamp': u'*',
+ u'name': u'AllTests',
+ u'testsuites': [{
+ u'name': u'PropertyTwo',
+ u'tests': 1,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [{
+ u'name': u'TestSomeProperties',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'PropertyTwo',
+ u'SetUpProp': u'2',
+ u'TestSomeProperty': u'2',
+ u'TearDownProp': u'2',
+ }],
+ }],
+}
+
+
+class GTestJsonOutFilesTest(gtest_test_utils.TestCase):
+ """Unit test for Google Test's JSON output functionality."""
+
+ def setUp(self):
+ # We want the trailing '/' that the last "" provides in os.path.join, for
+ # telling Google Test to create an output directory instead of a single file
+ # for xml output.
+ self.output_dir_ = os.path.join(gtest_test_utils.GetTempDir(),
+ GTEST_OUTPUT_SUBDIR, '')
+ self.DeleteFilesAndDir()
+
+ def tearDown(self):
+ self.DeleteFilesAndDir()
+
+ def DeleteFilesAndDir(self):
+ try:
+ os.remove(os.path.join(self.output_dir_, GTEST_OUTPUT_1_TEST + '.json'))
+ except os.error:
+ pass
+ try:
+ os.remove(os.path.join(self.output_dir_, GTEST_OUTPUT_2_TEST + '.json'))
+ except os.error:
+ pass
+ try:
+ os.rmdir(self.output_dir_)
+ except os.error:
+ pass
+
+ def testOutfile1(self):
+ self._TestOutFile(GTEST_OUTPUT_1_TEST, EXPECTED_1)
+
+ def testOutfile2(self):
+ self._TestOutFile(GTEST_OUTPUT_2_TEST, EXPECTED_2)
+
+ def _TestOutFile(self, test_name, expected):
+ gtest_prog_path = gtest_test_utils.GetTestExecutablePath(test_name)
+ command = [gtest_prog_path, '--gtest_output=json:%s' % self.output_dir_]
+ p = gtest_test_utils.Subprocess(command,
+ working_dir=gtest_test_utils.GetTempDir())
+ self.assert_(p.exited)
+ self.assertEquals(0, p.exit_code)
+
+ # FIXME: libtool causes the built test binary to be
+ # named lt-gtest_xml_outfiles_test_ instead of
+ # gtest_xml_outfiles_test_. To account for this possibility, we
+ # allow both names in the following code. We should remove this
+ # when libtool replacement tool is ready.
+ output_file_name1 = test_name + '.json'
+ output_file1 = os.path.join(self.output_dir_, output_file_name1)
+ output_file_name2 = 'lt-' + output_file_name1
+ output_file2 = os.path.join(self.output_dir_, output_file_name2)
+ self.assert_(os.path.isfile(output_file1) or os.path.isfile(output_file2),
+ output_file1)
+
+ if os.path.isfile(output_file1):
+ with open(output_file1) as f:
+ actual = json.load(f)
+ else:
+ with open(output_file2) as f:
+ actual = json.load(f)
+ self.assertEqual(expected, gtest_json_test_utils.normalize(actual))
+
+
+if __name__ == '__main__':
+ os.environ['GTEST_STACK_TRACE_DEPTH'] = '0'
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-json-output-unittest.py b/security/nss/gtests/google_test/gtest/test/googletest-json-output-unittest.py
new file mode 100644
index 000000000..57dcd5fa1
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-json-output-unittest.py
@@ -0,0 +1,618 @@
+#!/usr/bin/env python
+# Copyright 2018, Google Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Unit test for the gtest_json_output module."""
+
+import datetime
+import errno
+import json
+import os
+import re
+import sys
+
+import gtest_json_test_utils
+import gtest_test_utils
+
+GTEST_FILTER_FLAG = '--gtest_filter'
+GTEST_LIST_TESTS_FLAG = '--gtest_list_tests'
+GTEST_OUTPUT_FLAG = '--gtest_output'
+GTEST_DEFAULT_OUTPUT_FILE = 'test_detail.json'
+GTEST_PROGRAM_NAME = 'gtest_xml_output_unittest_'
+
+# The flag indicating stacktraces are not supported
+NO_STACKTRACE_SUPPORT_FLAG = '--no_stacktrace_support'
+
+SUPPORTS_STACK_TRACES = NO_STACKTRACE_SUPPORT_FLAG not in sys.argv
+
+if SUPPORTS_STACK_TRACES:
+ STACK_TRACE_TEMPLATE = '\nStack trace:\n*'
+else:
+ STACK_TRACE_TEMPLATE = ''
+
+EXPECTED_NON_EMPTY = {
+ u'tests': 23,
+ u'failures': 4,
+ u'disabled': 2,
+ u'errors': 0,
+ u'timestamp': u'*',
+ u'time': u'*',
+ u'ad_hoc_property': u'42',
+ u'name': u'AllTests',
+ u'testsuites': [
+ {
+ u'name': u'SuccessfulTest',
+ u'tests': 1,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [
+ {
+ u'name': u'Succeeds',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'SuccessfulTest'
+ }
+ ]
+ },
+ {
+ u'name': u'FailedTest',
+ u'tests': 1,
+ u'failures': 1,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [
+ {
+ u'name': u'Fails',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'FailedTest',
+ u'failures': [
+ {
+ u'failure':
+ u'gtest_xml_output_unittest_.cc:*\n'
+ u'Expected equality of these values:\n'
+ u' 1\n 2' + STACK_TRACE_TEMPLATE,
+ u'type': u''
+ }
+ ]
+ }
+ ]
+ },
+ {
+ u'name': u'DisabledTest',
+ u'tests': 1,
+ u'failures': 0,
+ u'disabled': 1,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [
+ {
+ u'name': u'DISABLED_test_not_run',
+ u'status': u'NOTRUN',
+ u'time': u'*',
+ u'classname': u'DisabledTest'
+ }
+ ]
+ },
+ {
+ u'name': u'MixedResultTest',
+ u'tests': 3,
+ u'failures': 1,
+ u'disabled': 1,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [
+ {
+ u'name': u'Succeeds',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'MixedResultTest'
+ },
+ {
+ u'name': u'Fails',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'MixedResultTest',
+ u'failures': [
+ {
+ u'failure':
+ u'gtest_xml_output_unittest_.cc:*\n'
+ u'Expected equality of these values:\n'
+ u' 1\n 2' + STACK_TRACE_TEMPLATE,
+ u'type': u''
+ },
+ {
+ u'failure':
+ u'gtest_xml_output_unittest_.cc:*\n'
+ u'Expected equality of these values:\n'
+ u' 2\n 3' + STACK_TRACE_TEMPLATE,
+ u'type': u''
+ }
+ ]
+ },
+ {
+ u'name': u'DISABLED_test',
+ u'status': u'NOTRUN',
+ u'time': u'*',
+ u'classname': u'MixedResultTest'
+ }
+ ]
+ },
+ {
+ u'name': u'XmlQuotingTest',
+ u'tests': 1,
+ u'failures': 1,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [
+ {
+ u'name': u'OutputsCData',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'XmlQuotingTest',
+ u'failures': [
+ {
+ u'failure':
+ u'gtest_xml_output_unittest_.cc:*\n'
+ u'Failed\nXML output: <?xml encoding="utf-8">'
+ u'<top><![CDATA[cdata text]]></top>' +
+ STACK_TRACE_TEMPLATE,
+ u'type': u''
+ }
+ ]
+ }
+ ]
+ },
+ {
+ u'name': u'InvalidCharactersTest',
+ u'tests': 1,
+ u'failures': 1,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [
+ {
+ u'name': u'InvalidCharactersInMessage',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'InvalidCharactersTest',
+ u'failures': [
+ {
+ u'failure':
+ u'gtest_xml_output_unittest_.cc:*\n'
+ u'Failed\nInvalid characters in brackets'
+ u' [\x01\x02]' + STACK_TRACE_TEMPLATE,
+ u'type': u''
+ }
+ ]
+ }
+ ]
+ },
+ {
+ u'name': u'PropertyRecordingTest',
+ u'tests': 4,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'SetUpTestCase': u'yes',
+ u'TearDownTestCase': u'aye',
+ u'testsuite': [
+ {
+ u'name': u'OneProperty',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'PropertyRecordingTest',
+ u'key_1': u'1'
+ },
+ {
+ u'name': u'IntValuedProperty',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'PropertyRecordingTest',
+ u'key_int': u'1'
+ },
+ {
+ u'name': u'ThreeProperties',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'PropertyRecordingTest',
+ u'key_1': u'1',
+ u'key_2': u'2',
+ u'key_3': u'3'
+ },
+ {
+ u'name': u'TwoValuesForOneKeyUsesLastValue',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'PropertyRecordingTest',
+ u'key_1': u'2'
+ }
+ ]
+ },
+ {
+ u'name': u'NoFixtureTest',
+ u'tests': 3,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [
+ {
+ u'name': u'RecordProperty',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'NoFixtureTest',
+ u'key': u'1'
+ },
+ {
+ u'name': u'ExternalUtilityThatCallsRecordIntValuedProperty',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'NoFixtureTest',
+ u'key_for_utility_int': u'1'
+ },
+ {
+ u'name':
+ u'ExternalUtilityThatCallsRecordStringValuedProperty',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'NoFixtureTest',
+ u'key_for_utility_string': u'1'
+ }
+ ]
+ },
+ {
+ u'name': u'TypedTest/0',
+ u'tests': 1,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [
+ {
+ u'name': u'HasTypeParamAttribute',
+ u'type_param': u'int',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'TypedTest/0'
+ }
+ ]
+ },
+ {
+ u'name': u'TypedTest/1',
+ u'tests': 1,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [
+ {
+ u'name': u'HasTypeParamAttribute',
+ u'type_param': u'long',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'TypedTest/1'
+ }
+ ]
+ },
+ {
+ u'name': u'Single/TypeParameterizedTestCase/0',
+ u'tests': 1,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [
+ {
+ u'name': u'HasTypeParamAttribute',
+ u'type_param': u'int',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'Single/TypeParameterizedTestCase/0'
+ }
+ ]
+ },
+ {
+ u'name': u'Single/TypeParameterizedTestCase/1',
+ u'tests': 1,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [
+ {
+ u'name': u'HasTypeParamAttribute',
+ u'type_param': u'long',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'Single/TypeParameterizedTestCase/1'
+ }
+ ]
+ },
+ {
+ u'name': u'Single/ValueParamTest',
+ u'tests': 4,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [
+ {
+ u'name': u'HasValueParamAttribute/0',
+ u'value_param': u'33',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'Single/ValueParamTest'
+ },
+ {
+ u'name': u'HasValueParamAttribute/1',
+ u'value_param': u'42',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'Single/ValueParamTest'
+ },
+ {
+ u'name': u'AnotherTestThatHasValueParamAttribute/0',
+ u'value_param': u'33',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'Single/ValueParamTest'
+ },
+ {
+ u'name': u'AnotherTestThatHasValueParamAttribute/1',
+ u'value_param': u'42',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'Single/ValueParamTest'
+ }
+ ]
+ }
+ ]
+}
+
+EXPECTED_FILTERED = {
+ u'tests': 1,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'timestamp': u'*',
+ u'name': u'AllTests',
+ u'ad_hoc_property': u'42',
+ u'testsuites': [{
+ u'name': u'SuccessfulTest',
+ u'tests': 1,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'testsuite': [{
+ u'name': u'Succeeds',
+ u'status': u'RUN',
+ u'time': u'*',
+ u'classname': u'SuccessfulTest',
+ }]
+ }],
+}
+
+EXPECTED_EMPTY = {
+ u'tests': 0,
+ u'failures': 0,
+ u'disabled': 0,
+ u'errors': 0,
+ u'time': u'*',
+ u'timestamp': u'*',
+ u'name': u'AllTests',
+ u'testsuites': [],
+}
+
+GTEST_PROGRAM_PATH = gtest_test_utils.GetTestExecutablePath(GTEST_PROGRAM_NAME)
+
+SUPPORTS_TYPED_TESTS = 'TypedTest' in gtest_test_utils.Subprocess(
+ [GTEST_PROGRAM_PATH, GTEST_LIST_TESTS_FLAG], capture_stderr=False).output
+
+
+class GTestJsonOutputUnitTest(gtest_test_utils.TestCase):
+ """Unit test for Google Test's JSON output functionality.
+ """
+
+ # This test currently breaks on platforms that do not support typed and
+ # type-parameterized tests, so we don't run it under them.
+ if SUPPORTS_TYPED_TESTS:
+
+ def testNonEmptyJsonOutput(self):
+ """Verifies JSON output for a Google Test binary with non-empty output.
+
+ Runs a test program that generates a non-empty JSON output, and
+ tests that the JSON output is expected.
+ """
+ self._TestJsonOutput(GTEST_PROGRAM_NAME, EXPECTED_NON_EMPTY, 1)
+
+ def testEmptyJsonOutput(self):
+ """Verifies JSON output for a Google Test binary without actual tests.
+
+ Runs a test program that generates an empty JSON output, and
+ tests that the JSON output is expected.
+ """
+
+ self._TestJsonOutput('gtest_no_test_unittest', EXPECTED_EMPTY, 0)
+
+ def testTimestampValue(self):
+ """Checks whether the timestamp attribute in the JSON output is valid.
+
+ Runs a test program that generates an empty JSON output, and checks if
+ the timestamp attribute in the testsuites tag is valid.
+ """
+ actual = self._GetJsonOutput('gtest_no_test_unittest', [], 0)
+ date_time_str = actual['timestamp']
+ # datetime.strptime() is only available in Python 2.5+ so we have to
+ # parse the expected datetime manually.
+ match = re.match(r'(\d+)-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)', date_time_str)
+ self.assertTrue(
+ re.match,
+ 'JSON datettime string %s has incorrect format' % date_time_str)
+ date_time_from_json = datetime.datetime(
+ year=int(match.group(1)), month=int(match.group(2)),
+ day=int(match.group(3)), hour=int(match.group(4)),
+ minute=int(match.group(5)), second=int(match.group(6)))
+
+ time_delta = abs(datetime.datetime.now() - date_time_from_json)
+ # timestamp value should be near the current local time
+ self.assertTrue(time_delta < datetime.timedelta(seconds=600),
+ 'time_delta is %s' % time_delta)
+
+ def testDefaultOutputFile(self):
+ """Verifies the default output file name.
+
+ Confirms that Google Test produces an JSON output file with the expected
+ default name if no name is explicitly specified.
+ """
+ output_file = os.path.join(gtest_test_utils.GetTempDir(),
+ GTEST_DEFAULT_OUTPUT_FILE)
+ gtest_prog_path = gtest_test_utils.GetTestExecutablePath(
+ 'gtest_no_test_unittest')
+ try:
+ os.remove(output_file)
+ except OSError:
+ e = sys.exc_info()[1]
+ if e.errno != errno.ENOENT:
+ raise
+
+ p = gtest_test_utils.Subprocess(
+ [gtest_prog_path, '%s=json' % GTEST_OUTPUT_FLAG],
+ working_dir=gtest_test_utils.GetTempDir())
+ self.assert_(p.exited)
+ self.assertEquals(0, p.exit_code)
+ self.assert_(os.path.isfile(output_file))
+
+ def testSuppressedJsonOutput(self):
+ """Verifies that no JSON output is generated.
+
+ Tests that no JSON file is generated if the default JSON listener is
+ shut down before RUN_ALL_TESTS is invoked.
+ """
+
+ json_path = os.path.join(gtest_test_utils.GetTempDir(),
+ GTEST_PROGRAM_NAME + 'out.json')
+ if os.path.isfile(json_path):
+ os.remove(json_path)
+
+ command = [GTEST_PROGRAM_PATH,
+ '%s=json:%s' % (GTEST_OUTPUT_FLAG, json_path),
+ '--shut_down_xml']
+ p = gtest_test_utils.Subprocess(command)
+ if p.terminated_by_signal:
+ # p.signal is available only if p.terminated_by_signal is True.
+ self.assertFalse(
+ p.terminated_by_signal,
+ '%s was killed by signal %d' % (GTEST_PROGRAM_NAME, p.signal))
+ else:
+ self.assert_(p.exited)
+ self.assertEquals(1, p.exit_code,
+ "'%s' exited with code %s, which doesn't match "
+ 'the expected exit code %s.'
+ % (command, p.exit_code, 1))
+
+ self.assert_(not os.path.isfile(json_path))
+
+ def testFilteredTestJsonOutput(self):
+ """Verifies JSON output when a filter is applied.
+
+ Runs a test program that executes only some tests and verifies that
+ non-selected tests do not show up in the JSON output.
+ """
+
+ self._TestJsonOutput(GTEST_PROGRAM_NAME, EXPECTED_FILTERED, 0,
+ extra_args=['%s=SuccessfulTest.*' % GTEST_FILTER_FLAG])
+
+ def _GetJsonOutput(self, gtest_prog_name, extra_args, expected_exit_code):
+ """Returns the JSON output generated by running the program gtest_prog_name.
+
+ Furthermore, the program's exit code must be expected_exit_code.
+
+ Args:
+ gtest_prog_name: Google Test binary name.
+ extra_args: extra arguments to binary invocation.
+ expected_exit_code: program's exit code.
+ """
+ json_path = os.path.join(gtest_test_utils.GetTempDir(),
+ gtest_prog_name + 'out.json')
+ gtest_prog_path = gtest_test_utils.GetTestExecutablePath(gtest_prog_name)
+
+ command = (
+ [gtest_prog_path, '%s=json:%s' % (GTEST_OUTPUT_FLAG, json_path)] +
+ extra_args
+ )
+ p = gtest_test_utils.Subprocess(command)
+ if p.terminated_by_signal:
+ self.assert_(False,
+ '%s was killed by signal %d' % (gtest_prog_name, p.signal))
+ else:
+ self.assert_(p.exited)
+ self.assertEquals(expected_exit_code, p.exit_code,
+ "'%s' exited with code %s, which doesn't match "
+ 'the expected exit code %s.'
+ % (command, p.exit_code, expected_exit_code))
+ with open(json_path) as f:
+ actual = json.load(f)
+ return actual
+
+ def _TestJsonOutput(self, gtest_prog_name, expected,
+ expected_exit_code, extra_args=None):
+ """Checks the JSON output generated by the Google Test binary.
+
+ Asserts that the JSON document generated by running the program
+ gtest_prog_name matches expected_json, a string containing another
+ JSON document. Furthermore, the program's exit code must be
+ expected_exit_code.
+
+ Args:
+ gtest_prog_name: Google Test binary name.
+ expected: expected output.
+ expected_exit_code: program's exit code.
+ extra_args: extra arguments to binary invocation.
+ """
+
+ actual = self._GetJsonOutput(gtest_prog_name, extra_args or [],
+ expected_exit_code)
+ self.assertEqual(expected, gtest_json_test_utils.normalize(actual))
+
+
+if __name__ == '__main__':
+ if NO_STACKTRACE_SUPPORT_FLAG in sys.argv:
+ # unittest.main() can't handle unknown flags
+ sys.argv.remove(NO_STACKTRACE_SUPPORT_FLAG)
+
+ os.environ['GTEST_STACK_TRACE_DEPTH'] = '1'
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-linked-ptr-test.cc b/security/nss/gtests/google_test/gtest/test/googletest-linked-ptr-test.cc
new file mode 100644
index 000000000..fa00f3429
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-linked-ptr-test.cc
@@ -0,0 +1,151 @@
+// Copyright 2003, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#include <stdlib.h>
+
+#include "gtest/internal/gtest-linked_ptr.h"
+#include "gtest/gtest.h"
+
+namespace {
+
+using testing::Message;
+using testing::internal::linked_ptr;
+
+int num;
+Message* history = NULL;
+
+// Class which tracks allocation/deallocation
+class A {
+ public:
+ A(): mynum(num++) { *history << "A" << mynum << " ctor\n"; }
+ virtual ~A() { *history << "A" << mynum << " dtor\n"; }
+ virtual void Use() { *history << "A" << mynum << " use\n"; }
+ protected:
+ int mynum;
+};
+
+// Subclass
+class B : public A {
+ public:
+ B() { *history << "B" << mynum << " ctor\n"; }
+ ~B() { *history << "B" << mynum << " dtor\n"; }
+ virtual void Use() { *history << "B" << mynum << " use\n"; }
+};
+
+class LinkedPtrTest : public testing::Test {
+ public:
+ LinkedPtrTest() {
+ num = 0;
+ history = new Message;
+ }
+
+ virtual ~LinkedPtrTest() {
+ delete history;
+ history = NULL;
+ }
+};
+
+TEST_F(LinkedPtrTest, GeneralTest) {
+ {
+ linked_ptr<A> a0, a1, a2;
+ // Use explicit function call notation here to suppress self-assign warning.
+ a0.operator=(a0);
+ a1 = a2;
+ ASSERT_EQ(a0.get(), static_cast<A*>(NULL));
+ ASSERT_EQ(a1.get(), static_cast<A*>(NULL));
+ ASSERT_EQ(a2.get(), static_cast<A*>(NULL));
+ ASSERT_TRUE(a0 == NULL);
+ ASSERT_TRUE(a1 == NULL);
+ ASSERT_TRUE(a2 == NULL);
+
+ {
+ linked_ptr<A> a3(new A);
+ a0 = a3;
+ ASSERT_TRUE(a0 == a3);
+ ASSERT_TRUE(a0 != NULL);
+ ASSERT_TRUE(a0.get() == a3);
+ ASSERT_TRUE(a0 == a3.get());
+ linked_ptr<A> a4(a0);
+ a1 = a4;
+ linked_ptr<A> a5(new A);
+ ASSERT_TRUE(a5.get() != a3);
+ ASSERT_TRUE(a5 != a3.get());
+ a2 = a5;
+ linked_ptr<B> b0(new B);
+ linked_ptr<A> a6(b0);
+ ASSERT_TRUE(b0 == a6);
+ ASSERT_TRUE(a6 == b0);
+ ASSERT_TRUE(b0 != NULL);
+ a5 = b0;
+ a5 = b0;
+ a3->Use();
+ a4->Use();
+ a5->Use();
+ a6->Use();
+ b0->Use();
+ (*b0).Use();
+ b0.get()->Use();
+ }
+
+ a0->Use();
+ a1->Use();
+ a2->Use();
+
+ a1 = a2;
+ a2.reset(new A);
+ a0.reset();
+
+ linked_ptr<A> a7;
+ }
+
+ ASSERT_STREQ(
+ "A0 ctor\n"
+ "A1 ctor\n"
+ "A2 ctor\n"
+ "B2 ctor\n"
+ "A0 use\n"
+ "A0 use\n"
+ "B2 use\n"
+ "B2 use\n"
+ "B2 use\n"
+ "B2 use\n"
+ "B2 use\n"
+ "B2 dtor\n"
+ "A2 dtor\n"
+ "A0 use\n"
+ "A0 use\n"
+ "A1 use\n"
+ "A3 ctor\n"
+ "A0 dtor\n"
+ "A3 dtor\n"
+ "A1 dtor\n",
+ history->GetString().c_str());
+}
+
+} // Unnamed namespace
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-list-tests-unittest.py b/security/nss/gtests/google_test/gtest/test/googletest-list-tests-unittest.py
new file mode 100644
index 000000000..81423a339
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-list-tests-unittest.py
@@ -0,0 +1,205 @@
+#!/usr/bin/env python
+#
+# Copyright 2006, Google Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Unit test for Google Test's --gtest_list_tests flag.
+
+A user can ask Google Test to list all tests by specifying the
+--gtest_list_tests flag. This script tests such functionality
+by invoking googletest-list-tests-unittest_ (a program written with
+Google Test) the command line flags.
+"""
+
+import re
+import gtest_test_utils
+
+# Constants.
+
+# The command line flag for enabling/disabling listing all tests.
+LIST_TESTS_FLAG = 'gtest_list_tests'
+
+# Path to the googletest-list-tests-unittest_ program.
+EXE_PATH = gtest_test_utils.GetTestExecutablePath('googletest-list-tests-unittest_')
+
+# The expected output when running googletest-list-tests-unittest_ with
+# --gtest_list_tests
+EXPECTED_OUTPUT_NO_FILTER_RE = re.compile(r"""FooDeathTest\.
+ Test1
+Foo\.
+ Bar1
+ Bar2
+ DISABLED_Bar3
+Abc\.
+ Xyz
+ Def
+FooBar\.
+ Baz
+FooTest\.
+ Test1
+ DISABLED_Test2
+ Test3
+TypedTest/0\. # TypeParam = (VeryLo{245}|class VeryLo{239})\.\.\.
+ TestA
+ TestB
+TypedTest/1\. # TypeParam = int\s*\*( __ptr64)?
+ TestA
+ TestB
+TypedTest/2\. # TypeParam = .*MyArray<bool,\s*42>
+ TestA
+ TestB
+My/TypeParamTest/0\. # TypeParam = (VeryLo{245}|class VeryLo{239})\.\.\.
+ TestA
+ TestB
+My/TypeParamTest/1\. # TypeParam = int\s*\*( __ptr64)?
+ TestA
+ TestB
+My/TypeParamTest/2\. # TypeParam = .*MyArray<bool,\s*42>
+ TestA
+ TestB
+MyInstantiation/ValueParamTest\.
+ TestA/0 # GetParam\(\) = one line
+ TestA/1 # GetParam\(\) = two\\nlines
+ TestA/2 # GetParam\(\) = a very\\nlo{241}\.\.\.
+ TestB/0 # GetParam\(\) = one line
+ TestB/1 # GetParam\(\) = two\\nlines
+ TestB/2 # GetParam\(\) = a very\\nlo{241}\.\.\.
+""")
+
+# The expected output when running googletest-list-tests-unittest_ with
+# --gtest_list_tests and --gtest_filter=Foo*.
+EXPECTED_OUTPUT_FILTER_FOO_RE = re.compile(r"""FooDeathTest\.
+ Test1
+Foo\.
+ Bar1
+ Bar2
+ DISABLED_Bar3
+FooBar\.
+ Baz
+FooTest\.
+ Test1
+ DISABLED_Test2
+ Test3
+""")
+
+# Utilities.
+
+
+def Run(args):
+ """Runs googletest-list-tests-unittest_ and returns the list of tests printed."""
+
+ return gtest_test_utils.Subprocess([EXE_PATH] + args,
+ capture_stderr=False).output
+
+
+# The unit test.
+
+
+class GTestListTestsUnitTest(gtest_test_utils.TestCase):
+ """Tests using the --gtest_list_tests flag to list all tests."""
+
+ def RunAndVerify(self, flag_value, expected_output_re, other_flag):
+ """Runs googletest-list-tests-unittest_ and verifies that it prints
+ the correct tests.
+
+ Args:
+ flag_value: value of the --gtest_list_tests flag;
+ None if the flag should not be present.
+ expected_output_re: regular expression that matches the expected
+ output after running command;
+ other_flag: a different flag to be passed to command
+ along with gtest_list_tests;
+ None if the flag should not be present.
+ """
+
+ if flag_value is None:
+ flag = ''
+ flag_expression = 'not set'
+ elif flag_value == '0':
+ flag = '--%s=0' % LIST_TESTS_FLAG
+ flag_expression = '0'
+ else:
+ flag = '--%s' % LIST_TESTS_FLAG
+ flag_expression = '1'
+
+ args = [flag]
+
+ if other_flag is not None:
+ args += [other_flag]
+
+ output = Run(args)
+
+ if expected_output_re:
+ self.assert_(
+ expected_output_re.match(output),
+ ('when %s is %s, the output of "%s" is "%s",\n'
+ 'which does not match regex "%s"' %
+ (LIST_TESTS_FLAG, flag_expression, ' '.join(args), output,
+ expected_output_re.pattern)))
+ else:
+ self.assert_(
+ not EXPECTED_OUTPUT_NO_FILTER_RE.match(output),
+ ('when %s is %s, the output of "%s" is "%s"'%
+ (LIST_TESTS_FLAG, flag_expression, ' '.join(args), output)))
+
+ def testDefaultBehavior(self):
+ """Tests the behavior of the default mode."""
+
+ self.RunAndVerify(flag_value=None,
+ expected_output_re=None,
+ other_flag=None)
+
+ def testFlag(self):
+ """Tests using the --gtest_list_tests flag."""
+
+ self.RunAndVerify(flag_value='0',
+ expected_output_re=None,
+ other_flag=None)
+ self.RunAndVerify(flag_value='1',
+ expected_output_re=EXPECTED_OUTPUT_NO_FILTER_RE,
+ other_flag=None)
+
+ def testOverrideNonFilterFlags(self):
+ """Tests that --gtest_list_tests overrides the non-filter flags."""
+
+ self.RunAndVerify(flag_value='1',
+ expected_output_re=EXPECTED_OUTPUT_NO_FILTER_RE,
+ other_flag='--gtest_break_on_failure')
+
+ def testWithFilterFlags(self):
+ """Tests that --gtest_list_tests takes into account the
+ --gtest_filter flag."""
+
+ self.RunAndVerify(flag_value='1',
+ expected_output_re=EXPECTED_OUTPUT_FILTER_FOO_RE,
+ other_flag='--gtest_filter=Foo*')
+
+
+if __name__ == '__main__':
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-list-tests-unittest_.cc b/security/nss/gtests/google_test/gtest/test/googletest-list-tests-unittest_.cc
new file mode 100644
index 000000000..f473c7d1a
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-list-tests-unittest_.cc
@@ -0,0 +1,156 @@
+// Copyright 2006, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+// Unit test for Google Test's --gtest_list_tests flag.
+//
+// A user can ask Google Test to list all tests that will run
+// so that when using a filter, a user will know what
+// tests to look for. The tests will not be run after listing.
+//
+// This program will be invoked from a Python unit test.
+// Don't run it directly.
+
+#include "gtest/gtest.h"
+
+// Several different test cases and tests that will be listed.
+TEST(Foo, Bar1) {
+}
+
+TEST(Foo, Bar2) {
+}
+
+TEST(Foo, DISABLED_Bar3) {
+}
+
+TEST(Abc, Xyz) {
+}
+
+TEST(Abc, Def) {
+}
+
+TEST(FooBar, Baz) {
+}
+
+class FooTest : public testing::Test {
+};
+
+TEST_F(FooTest, Test1) {
+}
+
+TEST_F(FooTest, DISABLED_Test2) {
+}
+
+TEST_F(FooTest, Test3) {
+}
+
+TEST(FooDeathTest, Test1) {
+}
+
+// A group of value-parameterized tests.
+
+class MyType {
+ public:
+ explicit MyType(const std::string& a_value) : value_(a_value) {}
+
+ const std::string& value() const { return value_; }
+
+ private:
+ std::string value_;
+};
+
+// Teaches Google Test how to print a MyType.
+void PrintTo(const MyType& x, std::ostream* os) {
+ *os << x.value();
+}
+
+class ValueParamTest : public testing::TestWithParam<MyType> {
+};
+
+TEST_P(ValueParamTest, TestA) {
+}
+
+TEST_P(ValueParamTest, TestB) {
+}
+
+INSTANTIATE_TEST_CASE_P(
+ MyInstantiation, ValueParamTest,
+ testing::Values(MyType("one line"),
+ MyType("two\nlines"),
+ MyType("a very\nloooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong line"))); // NOLINT
+
+// A group of typed tests.
+
+// A deliberately long type name for testing the line-truncating
+// behavior when printing a type parameter.
+class VeryLoooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooogName { // NOLINT
+};
+
+template <typename T>
+class TypedTest : public testing::Test {
+};
+
+template <typename T, int kSize>
+class MyArray {
+};
+
+typedef testing::Types<VeryLoooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooogName, // NOLINT
+ int*, MyArray<bool, 42> > MyTypes;
+
+TYPED_TEST_CASE(TypedTest, MyTypes);
+
+TYPED_TEST(TypedTest, TestA) {
+}
+
+TYPED_TEST(TypedTest, TestB) {
+}
+
+// A group of type-parameterized tests.
+
+template <typename T>
+class TypeParamTest : public testing::Test {
+};
+
+TYPED_TEST_CASE_P(TypeParamTest);
+
+TYPED_TEST_P(TypeParamTest, TestA) {
+}
+
+TYPED_TEST_P(TypeParamTest, TestB) {
+}
+
+REGISTER_TYPED_TEST_CASE_P(TypeParamTest, TestA, TestB);
+
+INSTANTIATE_TYPED_TEST_CASE_P(My, TypeParamTest, MyTypes);
+
+int main(int argc, char **argv) {
+ ::testing::InitGoogleTest(&argc, argv);
+
+ return RUN_ALL_TESTS();
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-listener-test.cc b/security/nss/gtests/google_test/gtest/test/googletest-listener-test.cc
new file mode 100644
index 000000000..835559715
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-listener-test.cc
@@ -0,0 +1,311 @@
+// Copyright 2009 Google Inc. All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+//
+// The Google C++ Testing and Mocking Framework (Google Test)
+//
+// This file verifies Google Test event listeners receive events at the
+// right times.
+
+#include <vector>
+
+#include "gtest/gtest.h"
+
+using ::testing::AddGlobalTestEnvironment;
+using ::testing::Environment;
+using ::testing::InitGoogleTest;
+using ::testing::Test;
+using ::testing::TestCase;
+using ::testing::TestEventListener;
+using ::testing::TestInfo;
+using ::testing::TestPartResult;
+using ::testing::UnitTest;
+
+// Used by tests to register their events.
+std::vector<std::string>* g_events = NULL;
+
+namespace testing {
+namespace internal {
+
+class EventRecordingListener : public TestEventListener {
+ public:
+ explicit EventRecordingListener(const char* name) : name_(name) {}
+
+ protected:
+ virtual void OnTestProgramStart(const UnitTest& /*unit_test*/) {
+ g_events->push_back(GetFullMethodName("OnTestProgramStart"));
+ }
+
+ virtual void OnTestIterationStart(const UnitTest& /*unit_test*/,
+ int iteration) {
+ Message message;
+ message << GetFullMethodName("OnTestIterationStart")
+ << "(" << iteration << ")";
+ g_events->push_back(message.GetString());
+ }
+
+ virtual void OnEnvironmentsSetUpStart(const UnitTest& /*unit_test*/) {
+ g_events->push_back(GetFullMethodName("OnEnvironmentsSetUpStart"));
+ }
+
+ virtual void OnEnvironmentsSetUpEnd(const UnitTest& /*unit_test*/) {
+ g_events->push_back(GetFullMethodName("OnEnvironmentsSetUpEnd"));
+ }
+
+ virtual void OnTestCaseStart(const TestCase& /*test_case*/) {
+ g_events->push_back(GetFullMethodName("OnTestCaseStart"));
+ }
+
+ virtual void OnTestStart(const TestInfo& /*test_info*/) {
+ g_events->push_back(GetFullMethodName("OnTestStart"));
+ }
+
+ virtual void OnTestPartResult(const TestPartResult& /*test_part_result*/) {
+ g_events->push_back(GetFullMethodName("OnTestPartResult"));
+ }
+
+ virtual void OnTestEnd(const TestInfo& /*test_info*/) {
+ g_events->push_back(GetFullMethodName("OnTestEnd"));
+ }
+
+ virtual void OnTestCaseEnd(const TestCase& /*test_case*/) {
+ g_events->push_back(GetFullMethodName("OnTestCaseEnd"));
+ }
+
+ virtual void OnEnvironmentsTearDownStart(const UnitTest& /*unit_test*/) {
+ g_events->push_back(GetFullMethodName("OnEnvironmentsTearDownStart"));
+ }
+
+ virtual void OnEnvironmentsTearDownEnd(const UnitTest& /*unit_test*/) {
+ g_events->push_back(GetFullMethodName("OnEnvironmentsTearDownEnd"));
+ }
+
+ virtual void OnTestIterationEnd(const UnitTest& /*unit_test*/,
+ int iteration) {
+ Message message;
+ message << GetFullMethodName("OnTestIterationEnd")
+ << "(" << iteration << ")";
+ g_events->push_back(message.GetString());
+ }
+
+ virtual void OnTestProgramEnd(const UnitTest& /*unit_test*/) {
+ g_events->push_back(GetFullMethodName("OnTestProgramEnd"));
+ }
+
+ private:
+ std::string GetFullMethodName(const char* name) {
+ return name_ + "." + name;
+ }
+
+ std::string name_;
+};
+
+class EnvironmentInvocationCatcher : public Environment {
+ protected:
+ virtual void SetUp() {
+ g_events->push_back("Environment::SetUp");
+ }
+
+ virtual void TearDown() {
+ g_events->push_back("Environment::TearDown");
+ }
+};
+
+class ListenerTest : public Test {
+ protected:
+ static void SetUpTestCase() {
+ g_events->push_back("ListenerTest::SetUpTestCase");
+ }
+
+ static void TearDownTestCase() {
+ g_events->push_back("ListenerTest::TearDownTestCase");
+ }
+
+ virtual void SetUp() {
+ g_events->push_back("ListenerTest::SetUp");
+ }
+
+ virtual void TearDown() {
+ g_events->push_back("ListenerTest::TearDown");
+ }
+};
+
+TEST_F(ListenerTest, DoesFoo) {
+ // Test execution order within a test case is not guaranteed so we are not
+ // recording the test name.
+ g_events->push_back("ListenerTest::* Test Body");
+ SUCCEED(); // Triggers OnTestPartResult.
+}
+
+TEST_F(ListenerTest, DoesBar) {
+ g_events->push_back("ListenerTest::* Test Body");
+ SUCCEED(); // Triggers OnTestPartResult.
+}
+
+} // namespace internal
+
+} // namespace testing
+
+using ::testing::internal::EnvironmentInvocationCatcher;
+using ::testing::internal::EventRecordingListener;
+
+void VerifyResults(const std::vector<std::string>& data,
+ const char* const* expected_data,
+ size_t expected_data_size) {
+ const size_t actual_size = data.size();
+ // If the following assertion fails, a new entry will be appended to
+ // data. Hence we save data.size() first.
+ EXPECT_EQ(expected_data_size, actual_size);
+
+ // Compares the common prefix.
+ const size_t shorter_size = expected_data_size <= actual_size ?
+ expected_data_size : actual_size;
+ size_t i = 0;
+ for (; i < shorter_size; ++i) {
+ ASSERT_STREQ(expected_data[i], data[i].c_str())
+ << "at position " << i;
+ }
+
+ // Prints extra elements in the actual data.
+ for (; i < actual_size; ++i) {
+ printf(" Actual event #%lu: %s\n",
+ static_cast<unsigned long>(i), data[i].c_str());
+ }
+}
+
+int main(int argc, char **argv) {
+ std::vector<std::string> events;
+ g_events = &events;
+ InitGoogleTest(&argc, argv);
+
+ UnitTest::GetInstance()->listeners().Append(
+ new EventRecordingListener("1st"));
+ UnitTest::GetInstance()->listeners().Append(
+ new EventRecordingListener("2nd"));
+
+ AddGlobalTestEnvironment(new EnvironmentInvocationCatcher);
+
+ GTEST_CHECK_(events.size() == 0)
+ << "AddGlobalTestEnvironment should not generate any events itself.";
+
+ ::testing::GTEST_FLAG(repeat) = 2;
+ int ret_val = RUN_ALL_TESTS();
+
+ const char* const expected_events[] = {
+ "1st.OnTestProgramStart",
+ "2nd.OnTestProgramStart",
+ "1st.OnTestIterationStart(0)",
+ "2nd.OnTestIterationStart(0)",
+ "1st.OnEnvironmentsSetUpStart",
+ "2nd.OnEnvironmentsSetUpStart",
+ "Environment::SetUp",
+ "2nd.OnEnvironmentsSetUpEnd",
+ "1st.OnEnvironmentsSetUpEnd",
+ "1st.OnTestCaseStart",
+ "2nd.OnTestCaseStart",
+ "ListenerTest::SetUpTestCase",
+ "1st.OnTestStart",
+ "2nd.OnTestStart",
+ "ListenerTest::SetUp",
+ "ListenerTest::* Test Body",
+ "1st.OnTestPartResult",
+ "2nd.OnTestPartResult",
+ "ListenerTest::TearDown",
+ "2nd.OnTestEnd",
+ "1st.OnTestEnd",
+ "1st.OnTestStart",
+ "2nd.OnTestStart",
+ "ListenerTest::SetUp",
+ "ListenerTest::* Test Body",
+ "1st.OnTestPartResult",
+ "2nd.OnTestPartResult",
+ "ListenerTest::TearDown",
+ "2nd.OnTestEnd",
+ "1st.OnTestEnd",
+ "ListenerTest::TearDownTestCase",
+ "2nd.OnTestCaseEnd",
+ "1st.OnTestCaseEnd",
+ "1st.OnEnvironmentsTearDownStart",
+ "2nd.OnEnvironmentsTearDownStart",
+ "Environment::TearDown",
+ "2nd.OnEnvironmentsTearDownEnd",
+ "1st.OnEnvironmentsTearDownEnd",
+ "2nd.OnTestIterationEnd(0)",
+ "1st.OnTestIterationEnd(0)",
+ "1st.OnTestIterationStart(1)",
+ "2nd.OnTestIterationStart(1)",
+ "1st.OnEnvironmentsSetUpStart",
+ "2nd.OnEnvironmentsSetUpStart",
+ "Environment::SetUp",
+ "2nd.OnEnvironmentsSetUpEnd",
+ "1st.OnEnvironmentsSetUpEnd",
+ "1st.OnTestCaseStart",
+ "2nd.OnTestCaseStart",
+ "ListenerTest::SetUpTestCase",
+ "1st.OnTestStart",
+ "2nd.OnTestStart",
+ "ListenerTest::SetUp",
+ "ListenerTest::* Test Body",
+ "1st.OnTestPartResult",
+ "2nd.OnTestPartResult",
+ "ListenerTest::TearDown",
+ "2nd.OnTestEnd",
+ "1st.OnTestEnd",
+ "1st.OnTestStart",
+ "2nd.OnTestStart",
+ "ListenerTest::SetUp",
+ "ListenerTest::* Test Body",
+ "1st.OnTestPartResult",
+ "2nd.OnTestPartResult",
+ "ListenerTest::TearDown",
+ "2nd.OnTestEnd",
+ "1st.OnTestEnd",
+ "ListenerTest::TearDownTestCase",
+ "2nd.OnTestCaseEnd",
+ "1st.OnTestCaseEnd",
+ "1st.OnEnvironmentsTearDownStart",
+ "2nd.OnEnvironmentsTearDownStart",
+ "Environment::TearDown",
+ "2nd.OnEnvironmentsTearDownEnd",
+ "1st.OnEnvironmentsTearDownEnd",
+ "2nd.OnTestIterationEnd(1)",
+ "1st.OnTestIterationEnd(1)",
+ "2nd.OnTestProgramEnd",
+ "1st.OnTestProgramEnd"
+ };
+ VerifyResults(events,
+ expected_events,
+ sizeof(expected_events)/sizeof(expected_events[0]));
+
+ // We need to check manually for ad hoc test failures that happen after
+ // RUN_ALL_TESTS finishes.
+ if (UnitTest::GetInstance()->Failed())
+ ret_val = 1;
+
+ return ret_val;
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-message-test.cc b/security/nss/gtests/google_test/gtest/test/googletest-message-test.cc
new file mode 100644
index 000000000..c6445853e
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-message-test.cc
@@ -0,0 +1,158 @@
+// Copyright 2005, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+//
+// Tests for the Message class.
+
+#include "gtest/gtest-message.h"
+
+#include "gtest/gtest.h"
+
+namespace {
+
+using ::testing::Message;
+
+// Tests the testing::Message class
+
+// Tests the default constructor.
+TEST(MessageTest, DefaultConstructor) {
+ const Message msg;
+ EXPECT_EQ("", msg.GetString());
+}
+
+// Tests the copy constructor.
+TEST(MessageTest, CopyConstructor) {
+ const Message msg1("Hello");
+ const Message msg2(msg1);
+ EXPECT_EQ("Hello", msg2.GetString());
+}
+
+// Tests constructing a Message from a C-string.
+TEST(MessageTest, ConstructsFromCString) {
+ Message msg("Hello");
+ EXPECT_EQ("Hello", msg.GetString());
+}
+
+// Tests streaming a float.
+TEST(MessageTest, StreamsFloat) {
+ const std::string s = (Message() << 1.23456F << " " << 2.34567F).GetString();
+ // Both numbers should be printed with enough precision.
+ EXPECT_PRED_FORMAT2(testing::IsSubstring, "1.234560", s.c_str());
+ EXPECT_PRED_FORMAT2(testing::IsSubstring, " 2.345669", s.c_str());
+}
+
+// Tests streaming a double.
+TEST(MessageTest, StreamsDouble) {
+ const std::string s = (Message() << 1260570880.4555497 << " "
+ << 1260572265.1954534).GetString();
+ // Both numbers should be printed with enough precision.
+ EXPECT_PRED_FORMAT2(testing::IsSubstring, "1260570880.45", s.c_str());
+ EXPECT_PRED_FORMAT2(testing::IsSubstring, " 1260572265.19", s.c_str());
+}
+
+// Tests streaming a non-char pointer.
+TEST(MessageTest, StreamsPointer) {
+ int n = 0;
+ int* p = &n;
+ EXPECT_NE("(null)", (Message() << p).GetString());
+}
+
+// Tests streaming a NULL non-char pointer.
+TEST(MessageTest, StreamsNullPointer) {
+ int* p = NULL;
+ EXPECT_EQ("(null)", (Message() << p).GetString());
+}
+
+// Tests streaming a C string.
+TEST(MessageTest, StreamsCString) {
+ EXPECT_EQ("Foo", (Message() << "Foo").GetString());
+}
+
+// Tests streaming a NULL C string.
+TEST(MessageTest, StreamsNullCString) {
+ char* p = NULL;
+ EXPECT_EQ("(null)", (Message() << p).GetString());
+}
+
+// Tests streaming std::string.
+TEST(MessageTest, StreamsString) {
+ const ::std::string str("Hello");
+ EXPECT_EQ("Hello", (Message() << str).GetString());
+}
+
+// Tests that we can output strings containing embedded NULs.
+TEST(MessageTest, StreamsStringWithEmbeddedNUL) {
+ const char char_array_with_nul[] =
+ "Here's a NUL\0 and some more string";
+ const ::std::string string_with_nul(char_array_with_nul,
+ sizeof(char_array_with_nul) - 1);
+ EXPECT_EQ("Here's a NUL\\0 and some more string",
+ (Message() << string_with_nul).GetString());
+}
+
+// Tests streaming a NUL char.
+TEST(MessageTest, StreamsNULChar) {
+ EXPECT_EQ("\\0", (Message() << '\0').GetString());
+}
+
+// Tests streaming int.
+TEST(MessageTest, StreamsInt) {
+ EXPECT_EQ("123", (Message() << 123).GetString());
+}
+
+// Tests that basic IO manipulators (endl, ends, and flush) can be
+// streamed to Message.
+TEST(MessageTest, StreamsBasicIoManip) {
+ EXPECT_EQ("Line 1.\nA NUL char \\0 in line 2.",
+ (Message() << "Line 1." << std::endl
+ << "A NUL char " << std::ends << std::flush
+ << " in line 2.").GetString());
+}
+
+// Tests Message::GetString()
+TEST(MessageTest, GetString) {
+ Message msg;
+ msg << 1 << " lamb";
+ EXPECT_EQ("1 lamb", msg.GetString());
+}
+
+// Tests streaming a Message object to an ostream.
+TEST(MessageTest, StreamsToOStream) {
+ Message msg("Hello");
+ ::std::stringstream ss;
+ ss << msg;
+ EXPECT_EQ("Hello", testing::internal::StringStreamToString(&ss));
+}
+
+// Tests that a Message object doesn't take up too much stack space.
+TEST(MessageTest, DoesNotTakeUpMuchStackSpace) {
+ EXPECT_LE(sizeof(Message), 16U);
+}
+
+} // namespace
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-options-test.cc b/security/nss/gtests/google_test/gtest/test/googletest-options-test.cc
new file mode 100644
index 000000000..edd4eba3b
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-options-test.cc
@@ -0,0 +1,211 @@
+// Copyright 2008, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Google Test UnitTestOptions tests
+//
+// This file tests classes and functions used internally by
+// Google Test. They are subject to change without notice.
+//
+// This file is #included from gtest.cc, to avoid changing build or
+// make-files on Windows and other platforms. Do not #include this file
+// anywhere else!
+
+#include "gtest/gtest.h"
+
+#if GTEST_OS_WINDOWS_MOBILE
+# include <windows.h>
+#elif GTEST_OS_WINDOWS
+# include <direct.h>
+#endif // GTEST_OS_WINDOWS_MOBILE
+
+#include "src/gtest-internal-inl.h"
+
+namespace testing {
+namespace internal {
+namespace {
+
+// Turns the given relative path into an absolute path.
+FilePath GetAbsolutePathOf(const FilePath& relative_path) {
+ return FilePath::ConcatPaths(FilePath::GetCurrentDir(), relative_path);
+}
+
+// Testing UnitTestOptions::GetOutputFormat/GetOutputFile.
+
+TEST(XmlOutputTest, GetOutputFormatDefault) {
+ GTEST_FLAG(output) = "";
+ EXPECT_STREQ("", UnitTestOptions::GetOutputFormat().c_str());
+}
+
+TEST(XmlOutputTest, GetOutputFormat) {
+ GTEST_FLAG(output) = "xml:filename";
+ EXPECT_STREQ("xml", UnitTestOptions::GetOutputFormat().c_str());
+}
+
+TEST(XmlOutputTest, GetOutputFileDefault) {
+ GTEST_FLAG(output) = "";
+ EXPECT_EQ(GetAbsolutePathOf(FilePath("test_detail.xml")).string(),
+ UnitTestOptions::GetAbsolutePathToOutputFile());
+}
+
+TEST(XmlOutputTest, GetOutputFileSingleFile) {
+ GTEST_FLAG(output) = "xml:filename.abc";
+ EXPECT_EQ(GetAbsolutePathOf(FilePath("filename.abc")).string(),
+ UnitTestOptions::GetAbsolutePathToOutputFile());
+}
+
+TEST(XmlOutputTest, GetOutputFileFromDirectoryPath) {
+ GTEST_FLAG(output) = "xml:path" GTEST_PATH_SEP_;
+ const std::string expected_output_file =
+ GetAbsolutePathOf(
+ FilePath(std::string("path") + GTEST_PATH_SEP_ +
+ GetCurrentExecutableName().string() + ".xml")).string();
+ const std::string& output_file =
+ UnitTestOptions::GetAbsolutePathToOutputFile();
+#if GTEST_OS_WINDOWS
+ EXPECT_STRCASEEQ(expected_output_file.c_str(), output_file.c_str());
+#else
+ EXPECT_EQ(expected_output_file, output_file.c_str());
+#endif
+}
+
+TEST(OutputFileHelpersTest, GetCurrentExecutableName) {
+ const std::string exe_str = GetCurrentExecutableName().string();
+#if GTEST_OS_WINDOWS
+ const bool success =
+ _strcmpi("googletest-options-test", exe_str.c_str()) == 0 ||
+ _strcmpi("gtest-options-ex_test", exe_str.c_str()) == 0 ||
+ _strcmpi("gtest_all_test", exe_str.c_str()) == 0 ||
+ _strcmpi("gtest_dll_test", exe_str.c_str()) == 0;
+#elif GTEST_OS_FUCHSIA
+ const bool success = exe_str == "app";
+#else
+ // FIXME: remove the hard-coded "lt-" prefix when libtool replacement is ready
+ const bool success =
+ exe_str == "googletest-options-test" ||
+ exe_str == "gtest_all_test" ||
+ exe_str == "lt-gtest_all_test" ||
+ exe_str == "gtest_dll_test";
+#endif // GTEST_OS_WINDOWS
+ if (!success)
+ FAIL() << "GetCurrentExecutableName() returns " << exe_str;
+}
+
+#if !GTEST_OS_FUCHSIA
+
+class XmlOutputChangeDirTest : public Test {
+ protected:
+ virtual void SetUp() {
+ original_working_dir_ = FilePath::GetCurrentDir();
+ posix::ChDir("..");
+ // This will make the test fail if run from the root directory.
+ EXPECT_NE(original_working_dir_.string(),
+ FilePath::GetCurrentDir().string());
+ }
+
+ virtual void TearDown() {
+ posix::ChDir(original_working_dir_.string().c_str());
+ }
+
+ FilePath original_working_dir_;
+};
+
+TEST_F(XmlOutputChangeDirTest, PreserveOriginalWorkingDirWithDefault) {
+ GTEST_FLAG(output) = "";
+ EXPECT_EQ(FilePath::ConcatPaths(original_working_dir_,
+ FilePath("test_detail.xml")).string(),
+ UnitTestOptions::GetAbsolutePathToOutputFile());
+}
+
+TEST_F(XmlOutputChangeDirTest, PreserveOriginalWorkingDirWithDefaultXML) {
+ GTEST_FLAG(output) = "xml";
+ EXPECT_EQ(FilePath::ConcatPaths(original_working_dir_,
+ FilePath("test_detail.xml")).string(),
+ UnitTestOptions::GetAbsolutePathToOutputFile());
+}
+
+TEST_F(XmlOutputChangeDirTest, PreserveOriginalWorkingDirWithRelativeFile) {
+ GTEST_FLAG(output) = "xml:filename.abc";
+ EXPECT_EQ(FilePath::ConcatPaths(original_working_dir_,
+ FilePath("filename.abc")).string(),
+ UnitTestOptions::GetAbsolutePathToOutputFile());
+}
+
+TEST_F(XmlOutputChangeDirTest, PreserveOriginalWorkingDirWithRelativePath) {
+ GTEST_FLAG(output) = "xml:path" GTEST_PATH_SEP_;
+ const std::string expected_output_file =
+ FilePath::ConcatPaths(
+ original_working_dir_,
+ FilePath(std::string("path") + GTEST_PATH_SEP_ +
+ GetCurrentExecutableName().string() + ".xml")).string();
+ const std::string& output_file =
+ UnitTestOptions::GetAbsolutePathToOutputFile();
+#if GTEST_OS_WINDOWS
+ EXPECT_STRCASEEQ(expected_output_file.c_str(), output_file.c_str());
+#else
+ EXPECT_EQ(expected_output_file, output_file.c_str());
+#endif
+}
+
+TEST_F(XmlOutputChangeDirTest, PreserveOriginalWorkingDirWithAbsoluteFile) {
+#if GTEST_OS_WINDOWS
+ GTEST_FLAG(output) = "xml:c:\\tmp\\filename.abc";
+ EXPECT_EQ(FilePath("c:\\tmp\\filename.abc").string(),
+ UnitTestOptions::GetAbsolutePathToOutputFile());
+#else
+ GTEST_FLAG(output) ="xml:/tmp/filename.abc";
+ EXPECT_EQ(FilePath("/tmp/filename.abc").string(),
+ UnitTestOptions::GetAbsolutePathToOutputFile());
+#endif
+}
+
+TEST_F(XmlOutputChangeDirTest, PreserveOriginalWorkingDirWithAbsolutePath) {
+#if GTEST_OS_WINDOWS
+ const std::string path = "c:\\tmp\\";
+#else
+ const std::string path = "/tmp/";
+#endif
+
+ GTEST_FLAG(output) = "xml:" + path;
+ const std::string expected_output_file =
+ path + GetCurrentExecutableName().string() + ".xml";
+ const std::string& output_file =
+ UnitTestOptions::GetAbsolutePathToOutputFile();
+
+#if GTEST_OS_WINDOWS
+ EXPECT_STRCASEEQ(expected_output_file.c_str(), output_file.c_str());
+#else
+ EXPECT_EQ(expected_output_file, output_file.c_str());
+#endif
+}
+
+#endif // !GTEST_OS_FUCHSIA
+
+} // namespace
+} // namespace internal
+} // namespace testing
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-output-test-golden-lin.txt b/security/nss/gtests/google_test/gtest/test/googletest-output-test-golden-lin.txt
new file mode 100644
index 000000000..86da845b7
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-output-test-golden-lin.txt
@@ -0,0 +1,1047 @@
+The non-test part of the code is expected to have 2 failures.
+
+googletest-output-test_.cc:#: Failure
+Value of: false
+ Actual: false
+Expected: true
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 2
+ 3
+Stack trace: (omitted)
+
+�[0;32m[==========] �[mRunning 76 tests from 34 test cases.
+�[0;32m[----------] �[mGlobal test environment set-up.
+FooEnvironment::SetUp() called.
+BarEnvironment::SetUp() called.
+�[0;32m[----------] �[m1 test from ADeathTest
+�[0;32m[ RUN ] �[mADeathTest.ShouldRunFirst
+�[0;32m[ OK ] �[mADeathTest.ShouldRunFirst
+�[0;32m[----------] �[m1 test from ATypedDeathTest/0, where TypeParam = int
+�[0;32m[ RUN ] �[mATypedDeathTest/0.ShouldRunFirst
+�[0;32m[ OK ] �[mATypedDeathTest/0.ShouldRunFirst
+�[0;32m[----------] �[m1 test from ATypedDeathTest/1, where TypeParam = double
+�[0;32m[ RUN ] �[mATypedDeathTest/1.ShouldRunFirst
+�[0;32m[ OK ] �[mATypedDeathTest/1.ShouldRunFirst
+�[0;32m[----------] �[m1 test from My/ATypeParamDeathTest/0, where TypeParam = int
+�[0;32m[ RUN ] �[mMy/ATypeParamDeathTest/0.ShouldRunFirst
+�[0;32m[ OK ] �[mMy/ATypeParamDeathTest/0.ShouldRunFirst
+�[0;32m[----------] �[m1 test from My/ATypeParamDeathTest/1, where TypeParam = double
+�[0;32m[ RUN ] �[mMy/ATypeParamDeathTest/1.ShouldRunFirst
+�[0;32m[ OK ] �[mMy/ATypeParamDeathTest/1.ShouldRunFirst
+�[0;32m[----------] �[m2 tests from PassingTest
+�[0;32m[ RUN ] �[mPassingTest.PassingTest1
+�[0;32m[ OK ] �[mPassingTest.PassingTest1
+�[0;32m[ RUN ] �[mPassingTest.PassingTest2
+�[0;32m[ OK ] �[mPassingTest.PassingTest2
+�[0;32m[----------] �[m2 tests from NonfatalFailureTest
+�[0;32m[ RUN ] �[mNonfatalFailureTest.EscapesStringOperands
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ kGoldenString
+ Which is: "\"Line"
+ actual
+ Which is: "actual \"string\""
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ golden
+ Which is: "\"Line"
+ actual
+ Which is: "actual \"string\""
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mNonfatalFailureTest.EscapesStringOperands
+�[0;32m[ RUN ] �[mNonfatalFailureTest.DiffForLongStrings
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ golden_str
+ Which is: "\"Line\0 1\"\nLine 2"
+ "Line 2"
+With diff:
+@@ -1,2 @@
+-\"Line\0 1\"
+ Line 2
+
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mNonfatalFailureTest.DiffForLongStrings
+�[0;32m[----------] �[m3 tests from FatalFailureTest
+�[0;32m[ RUN ] �[mFatalFailureTest.FatalFailureInSubroutine
+(expecting a failure that x should be 1)
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1
+ x
+ Which is: 2
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mFatalFailureTest.FatalFailureInSubroutine
+�[0;32m[ RUN ] �[mFatalFailureTest.FatalFailureInNestedSubroutine
+(expecting a failure that x should be 1)
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1
+ x
+ Which is: 2
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mFatalFailureTest.FatalFailureInNestedSubroutine
+�[0;32m[ RUN ] �[mFatalFailureTest.NonfatalFailureInSubroutine
+(expecting a failure on false)
+googletest-output-test_.cc:#: Failure
+Value of: false
+ Actual: false
+Expected: true
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mFatalFailureTest.NonfatalFailureInSubroutine
+�[0;32m[----------] �[m1 test from LoggingTest
+�[0;32m[ RUN ] �[mLoggingTest.InterleavingLoggingAndAssertions
+(expecting 2 failures on (3) >= (a[i]))
+i == 0
+i == 1
+googletest-output-test_.cc:#: Failure
+Expected: (3) >= (a[i]), actual: 3 vs 9
+Stack trace: (omitted)
+
+i == 2
+i == 3
+googletest-output-test_.cc:#: Failure
+Expected: (3) >= (a[i]), actual: 3 vs 6
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mLoggingTest.InterleavingLoggingAndAssertions
+�[0;32m[----------] �[m7 tests from SCOPED_TRACETest
+�[0;32m[ RUN ] �[mSCOPED_TRACETest.AcceptedValues
+googletest-output-test_.cc:#: Failure
+Failed
+Just checking that all these values work fine.
+Google Test trace:
+googletest-output-test_.cc:#: (null)
+googletest-output-test_.cc:#: 1337
+googletest-output-test_.cc:#: std::string
+googletest-output-test_.cc:#: literal string
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.AcceptedValues
+�[0;32m[ RUN ] �[mSCOPED_TRACETest.ObeysScopes
+(expected to fail)
+googletest-output-test_.cc:#: Failure
+Failed
+This failure is expected, and shouldn't have a trace.
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+This failure is expected, and should have a trace.
+Google Test trace:
+googletest-output-test_.cc:#: Expected trace
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+This failure is expected, and shouldn't have a trace.
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.ObeysScopes
+�[0;32m[ RUN ] �[mSCOPED_TRACETest.WorksInLoop
+(expected to fail)
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 2
+ n
+ Which is: 1
+Google Test trace:
+googletest-output-test_.cc:#: i = 1
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1
+ n
+ Which is: 2
+Google Test trace:
+googletest-output-test_.cc:#: i = 2
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.WorksInLoop
+�[0;32m[ RUN ] �[mSCOPED_TRACETest.WorksInSubroutine
+(expected to fail)
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 2
+ n
+ Which is: 1
+Google Test trace:
+googletest-output-test_.cc:#: n = 1
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1
+ n
+ Which is: 2
+Google Test trace:
+googletest-output-test_.cc:#: n = 2
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.WorksInSubroutine
+�[0;32m[ RUN ] �[mSCOPED_TRACETest.CanBeNested
+(expected to fail)
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1
+ n
+ Which is: 2
+Google Test trace:
+googletest-output-test_.cc:#: n = 2
+googletest-output-test_.cc:#:
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.CanBeNested
+�[0;32m[ RUN ] �[mSCOPED_TRACETest.CanBeRepeated
+(expected to fail)
+googletest-output-test_.cc:#: Failure
+Failed
+This failure is expected, and should contain trace point A.
+Google Test trace:
+googletest-output-test_.cc:#: A
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+This failure is expected, and should contain trace point A and B.
+Google Test trace:
+googletest-output-test_.cc:#: B
+googletest-output-test_.cc:#: A
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+This failure is expected, and should contain trace point A, B, and C.
+Google Test trace:
+googletest-output-test_.cc:#: C
+googletest-output-test_.cc:#: B
+googletest-output-test_.cc:#: A
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+This failure is expected, and should contain trace point A, B, and D.
+Google Test trace:
+googletest-output-test_.cc:#: D
+googletest-output-test_.cc:#: B
+googletest-output-test_.cc:#: A
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.CanBeRepeated
+�[0;32m[ RUN ] �[mSCOPED_TRACETest.WorksConcurrently
+(expecting 6 failures)
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #1 (in thread B, only trace B alive).
+Google Test trace:
+googletest-output-test_.cc:#: Trace B
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #2 (in thread A, trace A & B both alive).
+Google Test trace:
+googletest-output-test_.cc:#: Trace A
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #3 (in thread B, trace A & B both alive).
+Google Test trace:
+googletest-output-test_.cc:#: Trace B
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #4 (in thread B, only trace A alive).
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #5 (in thread A, only trace A alive).
+Google Test trace:
+googletest-output-test_.cc:#: Trace A
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #6 (in thread A, no trace alive).
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.WorksConcurrently
+�[0;32m[----------] �[m1 test from ScopedTraceTest
+�[0;32m[ RUN ] �[mScopedTraceTest.WithExplicitFileAndLine
+googletest-output-test_.cc:#: Failure
+Failed
+Check that the trace is attached to a particular location.
+Google Test trace:
+explicit_file.cc:123: expected trace message
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mScopedTraceTest.WithExplicitFileAndLine
+�[0;32m[----------] �[m1 test from NonFatalFailureInFixtureConstructorTest
+�[0;32m[ RUN ] �[mNonFatalFailureInFixtureConstructorTest.FailureInConstructor
+(expecting 5 failures)
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #1, in the test fixture c'tor.
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #2, in SetUp().
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #3, in the test body.
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #4, in TearDown.
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #5, in the test fixture d'tor.
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mNonFatalFailureInFixtureConstructorTest.FailureInConstructor
+�[0;32m[----------] �[m1 test from FatalFailureInFixtureConstructorTest
+�[0;32m[ RUN ] �[mFatalFailureInFixtureConstructorTest.FailureInConstructor
+(expecting 2 failures)
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #1, in the test fixture c'tor.
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #2, in the test fixture d'tor.
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mFatalFailureInFixtureConstructorTest.FailureInConstructor
+�[0;32m[----------] �[m1 test from NonFatalFailureInSetUpTest
+�[0;32m[ RUN ] �[mNonFatalFailureInSetUpTest.FailureInSetUp
+(expecting 4 failures)
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #1, in SetUp().
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #2, in the test function.
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #3, in TearDown().
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #4, in the test fixture d'tor.
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mNonFatalFailureInSetUpTest.FailureInSetUp
+�[0;32m[----------] �[m1 test from FatalFailureInSetUpTest
+�[0;32m[ RUN ] �[mFatalFailureInSetUpTest.FailureInSetUp
+(expecting 3 failures)
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #1, in SetUp().
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #2, in TearDown().
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected failure #3, in the test fixture d'tor.
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mFatalFailureInSetUpTest.FailureInSetUp
+�[0;32m[----------] �[m1 test from AddFailureAtTest
+�[0;32m[ RUN ] �[mAddFailureAtTest.MessageContainsSpecifiedFileAndLineNumber
+foo.cc:42: Failure
+Failed
+Expected failure in foo.cc
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mAddFailureAtTest.MessageContainsSpecifiedFileAndLineNumber
+�[0;32m[----------] �[m4 tests from MixedUpTestCaseTest
+�[0;32m[ RUN ] �[mMixedUpTestCaseTest.FirstTestFromNamespaceFoo
+�[0;32m[ OK ] �[mMixedUpTestCaseTest.FirstTestFromNamespaceFoo
+�[0;32m[ RUN ] �[mMixedUpTestCaseTest.SecondTestFromNamespaceFoo
+�[0;32m[ OK ] �[mMixedUpTestCaseTest.SecondTestFromNamespaceFoo
+�[0;32m[ RUN ] �[mMixedUpTestCaseTest.ThisShouldFail
+gtest.cc:#: Failure
+Failed
+All tests in the same test case must use the same test fixture
+class. However, in test case MixedUpTestCaseTest,
+you defined test FirstTestFromNamespaceFoo and test ThisShouldFail
+using two different test fixture classes. This can happen if
+the two classes are from different namespaces or translation
+units and have the same name. You should probably rename one
+of the classes to put the tests into different test cases.
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mMixedUpTestCaseTest.ThisShouldFail
+�[0;32m[ RUN ] �[mMixedUpTestCaseTest.ThisShouldFailToo
+gtest.cc:#: Failure
+Failed
+All tests in the same test case must use the same test fixture
+class. However, in test case MixedUpTestCaseTest,
+you defined test FirstTestFromNamespaceFoo and test ThisShouldFailToo
+using two different test fixture classes. This can happen if
+the two classes are from different namespaces or translation
+units and have the same name. You should probably rename one
+of the classes to put the tests into different test cases.
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mMixedUpTestCaseTest.ThisShouldFailToo
+�[0;32m[----------] �[m2 tests from MixedUpTestCaseWithSameTestNameTest
+�[0;32m[ RUN ] �[mMixedUpTestCaseWithSameTestNameTest.TheSecondTestWithThisNameShouldFail
+�[0;32m[ OK ] �[mMixedUpTestCaseWithSameTestNameTest.TheSecondTestWithThisNameShouldFail
+�[0;32m[ RUN ] �[mMixedUpTestCaseWithSameTestNameTest.TheSecondTestWithThisNameShouldFail
+gtest.cc:#: Failure
+Failed
+All tests in the same test case must use the same test fixture
+class. However, in test case MixedUpTestCaseWithSameTestNameTest,
+you defined test TheSecondTestWithThisNameShouldFail and test TheSecondTestWithThisNameShouldFail
+using two different test fixture classes. This can happen if
+the two classes are from different namespaces or translation
+units and have the same name. You should probably rename one
+of the classes to put the tests into different test cases.
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mMixedUpTestCaseWithSameTestNameTest.TheSecondTestWithThisNameShouldFail
+�[0;32m[----------] �[m2 tests from TEST_F_before_TEST_in_same_test_case
+�[0;32m[ RUN ] �[mTEST_F_before_TEST_in_same_test_case.DefinedUsingTEST_F
+�[0;32m[ OK ] �[mTEST_F_before_TEST_in_same_test_case.DefinedUsingTEST_F
+�[0;32m[ RUN ] �[mTEST_F_before_TEST_in_same_test_case.DefinedUsingTESTAndShouldFail
+gtest.cc:#: Failure
+Failed
+All tests in the same test case must use the same test fixture
+class, so mixing TEST_F and TEST in the same test case is
+illegal. In test case TEST_F_before_TEST_in_same_test_case,
+test DefinedUsingTEST_F is defined using TEST_F but
+test DefinedUsingTESTAndShouldFail is defined using TEST. You probably
+want to change the TEST to TEST_F or move it to another test
+case.
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mTEST_F_before_TEST_in_same_test_case.DefinedUsingTESTAndShouldFail
+�[0;32m[----------] �[m2 tests from TEST_before_TEST_F_in_same_test_case
+�[0;32m[ RUN ] �[mTEST_before_TEST_F_in_same_test_case.DefinedUsingTEST
+�[0;32m[ OK ] �[mTEST_before_TEST_F_in_same_test_case.DefinedUsingTEST
+�[0;32m[ RUN ] �[mTEST_before_TEST_F_in_same_test_case.DefinedUsingTEST_FAndShouldFail
+gtest.cc:#: Failure
+Failed
+All tests in the same test case must use the same test fixture
+class, so mixing TEST_F and TEST in the same test case is
+illegal. In test case TEST_before_TEST_F_in_same_test_case,
+test DefinedUsingTEST_FAndShouldFail is defined using TEST_F but
+test DefinedUsingTEST is defined using TEST. You probably
+want to change the TEST to TEST_F or move it to another test
+case.
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mTEST_before_TEST_F_in_same_test_case.DefinedUsingTEST_FAndShouldFail
+�[0;32m[----------] �[m8 tests from ExpectNonfatalFailureTest
+�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.CanReferenceGlobalVariables
+�[0;32m[ OK ] �[mExpectNonfatalFailureTest.CanReferenceGlobalVariables
+�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.CanReferenceLocalVariables
+�[0;32m[ OK ] �[mExpectNonfatalFailureTest.CanReferenceLocalVariables
+�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.SucceedsWhenThereIsOneNonfatalFailure
+�[0;32m[ OK ] �[mExpectNonfatalFailureTest.SucceedsWhenThereIsOneNonfatalFailure
+�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.FailsWhenThereIsNoNonfatalFailure
+(expecting a failure)
+gtest.cc:#: Failure
+Expected: 1 non-fatal failure
+ Actual: 0 failures
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenThereIsNoNonfatalFailure
+�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.FailsWhenThereAreTwoNonfatalFailures
+(expecting a failure)
+gtest.cc:#: Failure
+Expected: 1 non-fatal failure
+ Actual: 2 failures
+googletest-output-test_.cc:#: Non-fatal failure:
+Failed
+Expected non-fatal failure 1.
+Stack trace: (omitted)
+
+
+googletest-output-test_.cc:#: Non-fatal failure:
+Failed
+Expected non-fatal failure 2.
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenThereAreTwoNonfatalFailures
+�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.FailsWhenThereIsOneFatalFailure
+(expecting a failure)
+gtest.cc:#: Failure
+Expected: 1 non-fatal failure
+ Actual:
+googletest-output-test_.cc:#: Fatal failure:
+Failed
+Expected fatal failure.
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenThereIsOneFatalFailure
+�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.FailsWhenStatementReturns
+(expecting a failure)
+gtest.cc:#: Failure
+Expected: 1 non-fatal failure
+ Actual: 0 failures
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenStatementReturns
+�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.FailsWhenStatementThrows
+(expecting a failure)
+gtest.cc:#: Failure
+Expected: 1 non-fatal failure
+ Actual: 0 failures
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenStatementThrows
+�[0;32m[----------] �[m8 tests from ExpectFatalFailureTest
+�[0;32m[ RUN ] �[mExpectFatalFailureTest.CanReferenceGlobalVariables
+�[0;32m[ OK ] �[mExpectFatalFailureTest.CanReferenceGlobalVariables
+�[0;32m[ RUN ] �[mExpectFatalFailureTest.CanReferenceLocalStaticVariables
+�[0;32m[ OK ] �[mExpectFatalFailureTest.CanReferenceLocalStaticVariables
+�[0;32m[ RUN ] �[mExpectFatalFailureTest.SucceedsWhenThereIsOneFatalFailure
+�[0;32m[ OK ] �[mExpectFatalFailureTest.SucceedsWhenThereIsOneFatalFailure
+�[0;32m[ RUN ] �[mExpectFatalFailureTest.FailsWhenThereIsNoFatalFailure
+(expecting a failure)
+gtest.cc:#: Failure
+Expected: 1 fatal failure
+ Actual: 0 failures
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenThereIsNoFatalFailure
+�[0;32m[ RUN ] �[mExpectFatalFailureTest.FailsWhenThereAreTwoFatalFailures
+(expecting a failure)
+gtest.cc:#: Failure
+Expected: 1 fatal failure
+ Actual: 2 failures
+googletest-output-test_.cc:#: Fatal failure:
+Failed
+Expected fatal failure.
+Stack trace: (omitted)
+
+
+googletest-output-test_.cc:#: Fatal failure:
+Failed
+Expected fatal failure.
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenThereAreTwoFatalFailures
+�[0;32m[ RUN ] �[mExpectFatalFailureTest.FailsWhenThereIsOneNonfatalFailure
+(expecting a failure)
+gtest.cc:#: Failure
+Expected: 1 fatal failure
+ Actual:
+googletest-output-test_.cc:#: Non-fatal failure:
+Failed
+Expected non-fatal failure.
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenThereIsOneNonfatalFailure
+�[0;32m[ RUN ] �[mExpectFatalFailureTest.FailsWhenStatementReturns
+(expecting a failure)
+gtest.cc:#: Failure
+Expected: 1 fatal failure
+ Actual: 0 failures
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenStatementReturns
+�[0;32m[ RUN ] �[mExpectFatalFailureTest.FailsWhenStatementThrows
+(expecting a failure)
+gtest.cc:#: Failure
+Expected: 1 fatal failure
+ Actual: 0 failures
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenStatementThrows
+�[0;32m[----------] �[m2 tests from TypedTest/0, where TypeParam = int
+�[0;32m[ RUN ] �[mTypedTest/0.Success
+�[0;32m[ OK ] �[mTypedTest/0.Success
+�[0;32m[ RUN ] �[mTypedTest/0.Failure
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1
+ TypeParam()
+ Which is: 0
+Expected failure
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mTypedTest/0.Failure, where TypeParam = int
+�[0;32m[----------] �[m2 tests from TypedTestWithNames/char0, where TypeParam = char
+�[0;32m[ RUN ] �[mTypedTestWithNames/char0.Success
+�[0;32m[ OK ] �[mTypedTestWithNames/char0.Success
+�[0;32m[ RUN ] �[mTypedTestWithNames/char0.Failure
+googletest-output-test_.cc:#: Failure
+Failed
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mTypedTestWithNames/char0.Failure, where TypeParam = char
+�[0;32m[----------] �[m2 tests from TypedTestWithNames/int1, where TypeParam = int
+�[0;32m[ RUN ] �[mTypedTestWithNames/int1.Success
+�[0;32m[ OK ] �[mTypedTestWithNames/int1.Success
+�[0;32m[ RUN ] �[mTypedTestWithNames/int1.Failure
+googletest-output-test_.cc:#: Failure
+Failed
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mTypedTestWithNames/int1.Failure, where TypeParam = int
+�[0;32m[----------] �[m2 tests from Unsigned/TypedTestP/0, where TypeParam = unsigned char
+�[0;32m[ RUN ] �[mUnsigned/TypedTestP/0.Success
+�[0;32m[ OK ] �[mUnsigned/TypedTestP/0.Success
+�[0;32m[ RUN ] �[mUnsigned/TypedTestP/0.Failure
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1U
+ Which is: 1
+ TypeParam()
+ Which is: '\0'
+Expected failure
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mUnsigned/TypedTestP/0.Failure, where TypeParam = unsigned char
+�[0;32m[----------] �[m2 tests from Unsigned/TypedTestP/1, where TypeParam = unsigned int
+�[0;32m[ RUN ] �[mUnsigned/TypedTestP/1.Success
+�[0;32m[ OK ] �[mUnsigned/TypedTestP/1.Success
+�[0;32m[ RUN ] �[mUnsigned/TypedTestP/1.Failure
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1U
+ Which is: 1
+ TypeParam()
+ Which is: 0
+Expected failure
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mUnsigned/TypedTestP/1.Failure, where TypeParam = unsigned int
+�[0;32m[----------] �[m2 tests from UnsignedCustomName/TypedTestP/unsignedChar0, where TypeParam = unsigned char
+�[0;32m[ RUN ] �[mUnsignedCustomName/TypedTestP/unsignedChar0.Success
+�[0;32m[ OK ] �[mUnsignedCustomName/TypedTestP/unsignedChar0.Success
+�[0;32m[ RUN ] �[mUnsignedCustomName/TypedTestP/unsignedChar0.Failure
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1U
+ Which is: 1
+ TypeParam()
+ Which is: '\0'
+Expected failure
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mUnsignedCustomName/TypedTestP/unsignedChar0.Failure, where TypeParam = unsigned char
+�[0;32m[----------] �[m2 tests from UnsignedCustomName/TypedTestP/unsignedInt1, where TypeParam = unsigned int
+�[0;32m[ RUN ] �[mUnsignedCustomName/TypedTestP/unsignedInt1.Success
+�[0;32m[ OK ] �[mUnsignedCustomName/TypedTestP/unsignedInt1.Success
+�[0;32m[ RUN ] �[mUnsignedCustomName/TypedTestP/unsignedInt1.Failure
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1U
+ Which is: 1
+ TypeParam()
+ Which is: 0
+Expected failure
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mUnsignedCustomName/TypedTestP/unsignedInt1.Failure, where TypeParam = unsigned int
+�[0;32m[----------] �[m4 tests from ExpectFailureTest
+�[0;32m[ RUN ] �[mExpectFailureTest.ExpectFatalFailure
+(expecting 1 failure)
+gtest.cc:#: Failure
+Expected: 1 fatal failure
+ Actual:
+googletest-output-test_.cc:#: Success:
+Succeeded
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+(expecting 1 failure)
+gtest.cc:#: Failure
+Expected: 1 fatal failure
+ Actual:
+googletest-output-test_.cc:#: Non-fatal failure:
+Failed
+Expected non-fatal failure.
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+(expecting 1 failure)
+gtest.cc:#: Failure
+Expected: 1 fatal failure containing "Some other fatal failure expected."
+ Actual:
+googletest-output-test_.cc:#: Fatal failure:
+Failed
+Expected fatal failure.
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectFatalFailure
+�[0;32m[ RUN ] �[mExpectFailureTest.ExpectNonFatalFailure
+(expecting 1 failure)
+gtest.cc:#: Failure
+Expected: 1 non-fatal failure
+ Actual:
+googletest-output-test_.cc:#: Success:
+Succeeded
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+(expecting 1 failure)
+gtest.cc:#: Failure
+Expected: 1 non-fatal failure
+ Actual:
+googletest-output-test_.cc:#: Fatal failure:
+Failed
+Expected fatal failure.
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+(expecting 1 failure)
+gtest.cc:#: Failure
+Expected: 1 non-fatal failure containing "Some other non-fatal failure."
+ Actual:
+googletest-output-test_.cc:#: Non-fatal failure:
+Failed
+Expected non-fatal failure.
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectNonFatalFailure
+�[0;32m[ RUN ] �[mExpectFailureTest.ExpectFatalFailureOnAllThreads
+(expecting 1 failure)
+gtest.cc:#: Failure
+Expected: 1 fatal failure
+ Actual:
+googletest-output-test_.cc:#: Success:
+Succeeded
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+(expecting 1 failure)
+gtest.cc:#: Failure
+Expected: 1 fatal failure
+ Actual:
+googletest-output-test_.cc:#: Non-fatal failure:
+Failed
+Expected non-fatal failure.
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+(expecting 1 failure)
+gtest.cc:#: Failure
+Expected: 1 fatal failure containing "Some other fatal failure expected."
+ Actual:
+googletest-output-test_.cc:#: Fatal failure:
+Failed
+Expected fatal failure.
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectFatalFailureOnAllThreads
+�[0;32m[ RUN ] �[mExpectFailureTest.ExpectNonFatalFailureOnAllThreads
+(expecting 1 failure)
+gtest.cc:#: Failure
+Expected: 1 non-fatal failure
+ Actual:
+googletest-output-test_.cc:#: Success:
+Succeeded
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+(expecting 1 failure)
+gtest.cc:#: Failure
+Expected: 1 non-fatal failure
+ Actual:
+googletest-output-test_.cc:#: Fatal failure:
+Failed
+Expected fatal failure.
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+(expecting 1 failure)
+gtest.cc:#: Failure
+Expected: 1 non-fatal failure containing "Some other non-fatal failure."
+ Actual:
+googletest-output-test_.cc:#: Non-fatal failure:
+Failed
+Expected non-fatal failure.
+Stack trace: (omitted)
+
+
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectNonFatalFailureOnAllThreads
+�[0;32m[----------] �[m2 tests from ExpectFailureWithThreadsTest
+�[0;32m[ RUN ] �[mExpectFailureWithThreadsTest.ExpectFatalFailure
+(expecting 2 failures)
+googletest-output-test_.cc:#: Failure
+Failed
+Expected fatal failure.
+Stack trace: (omitted)
+
+gtest.cc:#: Failure
+Expected: 1 fatal failure
+ Actual: 0 failures
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectFailureWithThreadsTest.ExpectFatalFailure
+�[0;32m[ RUN ] �[mExpectFailureWithThreadsTest.ExpectNonFatalFailure
+(expecting 2 failures)
+googletest-output-test_.cc:#: Failure
+Failed
+Expected non-fatal failure.
+Stack trace: (omitted)
+
+gtest.cc:#: Failure
+Expected: 1 non-fatal failure
+ Actual: 0 failures
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mExpectFailureWithThreadsTest.ExpectNonFatalFailure
+�[0;32m[----------] �[m1 test from ScopedFakeTestPartResultReporterTest
+�[0;32m[ RUN ] �[mScopedFakeTestPartResultReporterTest.InterceptOnlyCurrentThread
+(expecting 2 failures)
+googletest-output-test_.cc:#: Failure
+Failed
+Expected fatal failure.
+Stack trace: (omitted)
+
+googletest-output-test_.cc:#: Failure
+Failed
+Expected non-fatal failure.
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mScopedFakeTestPartResultReporterTest.InterceptOnlyCurrentThread
+�[0;32m[----------] �[m1 test from PrintingFailingParams/FailingParamTest
+�[0;32m[ RUN ] �[mPrintingFailingParams/FailingParamTest.Fails/0
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1
+ GetParam()
+ Which is: 2
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mPrintingFailingParams/FailingParamTest.Fails/0, where GetParam() = 2
+�[0;32m[----------] �[m2 tests from PrintingStrings/ParamTest
+�[0;32m[ RUN ] �[mPrintingStrings/ParamTest.Success/a
+�[0;32m[ OK ] �[mPrintingStrings/ParamTest.Success/a
+�[0;32m[ RUN ] �[mPrintingStrings/ParamTest.Failure/a
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ "b"
+ GetParam()
+ Which is: "a"
+Expected failure
+Stack trace: (omitted)
+
+�[0;31m[ FAILED ] �[mPrintingStrings/ParamTest.Failure/a, where GetParam() = "a"
+�[0;32m[----------] �[mGlobal test environment tear-down
+BarEnvironment::TearDown() called.
+googletest-output-test_.cc:#: Failure
+Failed
+Expected non-fatal failure.
+Stack trace: (omitted)
+
+FooEnvironment::TearDown() called.
+googletest-output-test_.cc:#: Failure
+Failed
+Expected fatal failure.
+Stack trace: (omitted)
+
+�[0;32m[==========] �[m76 tests from 34 test cases ran.
+�[0;32m[ PASSED ] �[m26 tests.
+�[0;31m[ FAILED ] �[m50 tests, listed below:
+�[0;31m[ FAILED ] �[mNonfatalFailureTest.EscapesStringOperands
+�[0;31m[ FAILED ] �[mNonfatalFailureTest.DiffForLongStrings
+�[0;31m[ FAILED ] �[mFatalFailureTest.FatalFailureInSubroutine
+�[0;31m[ FAILED ] �[mFatalFailureTest.FatalFailureInNestedSubroutine
+�[0;31m[ FAILED ] �[mFatalFailureTest.NonfatalFailureInSubroutine
+�[0;31m[ FAILED ] �[mLoggingTest.InterleavingLoggingAndAssertions
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.AcceptedValues
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.ObeysScopes
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.WorksInLoop
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.WorksInSubroutine
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.CanBeNested
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.CanBeRepeated
+�[0;31m[ FAILED ] �[mSCOPED_TRACETest.WorksConcurrently
+�[0;31m[ FAILED ] �[mScopedTraceTest.WithExplicitFileAndLine
+�[0;31m[ FAILED ] �[mNonFatalFailureInFixtureConstructorTest.FailureInConstructor
+�[0;31m[ FAILED ] �[mFatalFailureInFixtureConstructorTest.FailureInConstructor
+�[0;31m[ FAILED ] �[mNonFatalFailureInSetUpTest.FailureInSetUp
+�[0;31m[ FAILED ] �[mFatalFailureInSetUpTest.FailureInSetUp
+�[0;31m[ FAILED ] �[mAddFailureAtTest.MessageContainsSpecifiedFileAndLineNumber
+�[0;31m[ FAILED ] �[mMixedUpTestCaseTest.ThisShouldFail
+�[0;31m[ FAILED ] �[mMixedUpTestCaseTest.ThisShouldFailToo
+�[0;31m[ FAILED ] �[mMixedUpTestCaseWithSameTestNameTest.TheSecondTestWithThisNameShouldFail
+�[0;31m[ FAILED ] �[mTEST_F_before_TEST_in_same_test_case.DefinedUsingTESTAndShouldFail
+�[0;31m[ FAILED ] �[mTEST_before_TEST_F_in_same_test_case.DefinedUsingTEST_FAndShouldFail
+�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenThereIsNoNonfatalFailure
+�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenThereAreTwoNonfatalFailures
+�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenThereIsOneFatalFailure
+�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenStatementReturns
+�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenStatementThrows
+�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenThereIsNoFatalFailure
+�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenThereAreTwoFatalFailures
+�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenThereIsOneNonfatalFailure
+�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenStatementReturns
+�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenStatementThrows
+�[0;31m[ FAILED ] �[mTypedTest/0.Failure, where TypeParam = int
+�[0;31m[ FAILED ] �[mTypedTestWithNames/char0.Failure, where TypeParam = char
+�[0;31m[ FAILED ] �[mTypedTestWithNames/int1.Failure, where TypeParam = int
+�[0;31m[ FAILED ] �[mUnsigned/TypedTestP/0.Failure, where TypeParam = unsigned char
+�[0;31m[ FAILED ] �[mUnsigned/TypedTestP/1.Failure, where TypeParam = unsigned int
+�[0;31m[ FAILED ] �[mUnsignedCustomName/TypedTestP/unsignedChar0.Failure, where TypeParam = unsigned char
+�[0;31m[ FAILED ] �[mUnsignedCustomName/TypedTestP/unsignedInt1.Failure, where TypeParam = unsigned int
+�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectFatalFailure
+�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectNonFatalFailure
+�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectFatalFailureOnAllThreads
+�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectNonFatalFailureOnAllThreads
+�[0;31m[ FAILED ] �[mExpectFailureWithThreadsTest.ExpectFatalFailure
+�[0;31m[ FAILED ] �[mExpectFailureWithThreadsTest.ExpectNonFatalFailure
+�[0;31m[ FAILED ] �[mScopedFakeTestPartResultReporterTest.InterceptOnlyCurrentThread
+�[0;31m[ FAILED ] �[mPrintingFailingParams/FailingParamTest.Fails/0, where GetParam() = 2
+�[0;31m[ FAILED ] �[mPrintingStrings/ParamTest.Failure/a, where GetParam() = "a"
+
+50 FAILED TESTS
+�[0;33m YOU HAVE 1 DISABLED TEST
+
+�[mNote: Google Test filter = FatalFailureTest.*:LoggingTest.*
+[==========] Running 4 tests from 2 test cases.
+[----------] Global test environment set-up.
+[----------] 3 tests from FatalFailureTest
+[ RUN ] FatalFailureTest.FatalFailureInSubroutine
+(expecting a failure that x should be 1)
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1
+ x
+ Which is: 2
+Stack trace: (omitted)
+
+[ FAILED ] FatalFailureTest.FatalFailureInSubroutine (? ms)
+[ RUN ] FatalFailureTest.FatalFailureInNestedSubroutine
+(expecting a failure that x should be 1)
+googletest-output-test_.cc:#: Failure
+Expected equality of these values:
+ 1
+ x
+ Which is: 2
+Stack trace: (omitted)
+
+[ FAILED ] FatalFailureTest.FatalFailureInNestedSubroutine (? ms)
+[ RUN ] FatalFailureTest.NonfatalFailureInSubroutine
+(expecting a failure on false)
+googletest-output-test_.cc:#: Failure
+Value of: false
+ Actual: false
+Expected: true
+Stack trace: (omitted)
+
+[ FAILED ] FatalFailureTest.NonfatalFailureInSubroutine (? ms)
+[----------] 3 tests from FatalFailureTest (? ms total)
+
+[----------] 1 test from LoggingTest
+[ RUN ] LoggingTest.InterleavingLoggingAndAssertions
+(expecting 2 failures on (3) >= (a[i]))
+i == 0
+i == 1
+googletest-output-test_.cc:#: Failure
+Expected: (3) >= (a[i]), actual: 3 vs 9
+Stack trace: (omitted)
+
+i == 2
+i == 3
+googletest-output-test_.cc:#: Failure
+Expected: (3) >= (a[i]), actual: 3 vs 6
+Stack trace: (omitted)
+
+[ FAILED ] LoggingTest.InterleavingLoggingAndAssertions (? ms)
+[----------] 1 test from LoggingTest (? ms total)
+
+[----------] Global test environment tear-down
+[==========] 4 tests from 2 test cases ran. (? ms total)
+[ PASSED ] 0 tests.
+[ FAILED ] 4 tests, listed below:
+[ FAILED ] FatalFailureTest.FatalFailureInSubroutine
+[ FAILED ] FatalFailureTest.FatalFailureInNestedSubroutine
+[ FAILED ] FatalFailureTest.NonfatalFailureInSubroutine
+[ FAILED ] LoggingTest.InterleavingLoggingAndAssertions
+
+ 4 FAILED TESTS
+Note: Google Test filter = *DISABLED_*
+[==========] Running 1 test from 1 test case.
+[----------] Global test environment set-up.
+[----------] 1 test from DisabledTestsWarningTest
+[ RUN ] DisabledTestsWarningTest.DISABLED_AlsoRunDisabledTestsFlagSuppressesWarning
+[ OK ] DisabledTestsWarningTest.DISABLED_AlsoRunDisabledTestsFlagSuppressesWarning
+[----------] Global test environment tear-down
+[==========] 1 test from 1 test case ran.
+[ PASSED ] 1 test.
+Note: Google Test filter = PassingTest.*
+Note: This is test shard 2 of 2.
+[==========] Running 1 test from 1 test case.
+[----------] Global test environment set-up.
+[----------] 1 test from PassingTest
+[ RUN ] PassingTest.PassingTest2
+[ OK ] PassingTest.PassingTest2
+[----------] Global test environment tear-down
+[==========] 1 test from 1 test case ran.
+[ PASSED ] 1 test.
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-output-test.py b/security/nss/gtests/google_test/gtest/test/googletest-output-test.py
new file mode 100644
index 000000000..2d69e353a
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-output-test.py
@@ -0,0 +1,347 @@
+#!/usr/bin/env python
+#
+# Copyright 2008, Google Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Tests the text output of Google C++ Testing and Mocking Framework.
+
+To update the golden file:
+googletest_output_test.py --build_dir=BUILD/DIR --gengolden
+where BUILD/DIR contains the built googletest-output-test_ file.
+googletest_output_test.py --gengolden
+googletest_output_test.py
+"""
+
+import difflib
+import os
+import re
+import sys
+import gtest_test_utils
+
+
+# The flag for generating the golden file
+GENGOLDEN_FLAG = '--gengolden'
+CATCH_EXCEPTIONS_ENV_VAR_NAME = 'GTEST_CATCH_EXCEPTIONS'
+
+# The flag indicating stacktraces are not supported
+NO_STACKTRACE_SUPPORT_FLAG = '--no_stacktrace_support'
+
+IS_LINUX = os.name == 'posix' and os.uname()[0] == 'Linux'
+IS_WINDOWS = os.name == 'nt'
+
+# FIXME: remove the _lin suffix.
+GOLDEN_NAME = 'googletest-output-test-golden-lin.txt'
+
+PROGRAM_PATH = gtest_test_utils.GetTestExecutablePath('googletest-output-test_')
+
+# At least one command we exercise must not have the
+# 'internal_skip_environment_and_ad_hoc_tests' argument.
+COMMAND_LIST_TESTS = ({}, [PROGRAM_PATH, '--gtest_list_tests'])
+COMMAND_WITH_COLOR = ({}, [PROGRAM_PATH, '--gtest_color=yes'])
+COMMAND_WITH_TIME = ({}, [PROGRAM_PATH,
+ '--gtest_print_time',
+ 'internal_skip_environment_and_ad_hoc_tests',
+ '--gtest_filter=FatalFailureTest.*:LoggingTest.*'])
+COMMAND_WITH_DISABLED = (
+ {}, [PROGRAM_PATH,
+ '--gtest_also_run_disabled_tests',
+ 'internal_skip_environment_and_ad_hoc_tests',
+ '--gtest_filter=*DISABLED_*'])
+COMMAND_WITH_SHARDING = (
+ {'GTEST_SHARD_INDEX': '1', 'GTEST_TOTAL_SHARDS': '2'},
+ [PROGRAM_PATH,
+ 'internal_skip_environment_and_ad_hoc_tests',
+ '--gtest_filter=PassingTest.*'])
+
+GOLDEN_PATH = os.path.join(gtest_test_utils.GetSourceDir(), GOLDEN_NAME)
+
+
+def ToUnixLineEnding(s):
+ """Changes all Windows/Mac line endings in s to UNIX line endings."""
+
+ return s.replace('\r\n', '\n').replace('\r', '\n')
+
+
+def RemoveLocations(test_output):
+ """Removes all file location info from a Google Test program's output.
+
+ Args:
+ test_output: the output of a Google Test program.
+
+ Returns:
+ output with all file location info (in the form of
+ 'DIRECTORY/FILE_NAME:LINE_NUMBER: 'or
+ 'DIRECTORY\\FILE_NAME(LINE_NUMBER): ') replaced by
+ 'FILE_NAME:#: '.
+ """
+
+ return re.sub(r'.*[/\\]((googletest-output-test_|gtest).cc)(\:\d+|\(\d+\))\: ',
+ r'\1:#: ', test_output)
+
+
+def RemoveStackTraceDetails(output):
+ """Removes all stack traces from a Google Test program's output."""
+
+ # *? means "find the shortest string that matches".
+ return re.sub(r'Stack trace:(.|\n)*?\n\n',
+ 'Stack trace: (omitted)\n\n', output)
+
+
+def RemoveStackTraces(output):
+ """Removes all traces of stack traces from a Google Test program's output."""
+
+ # *? means "find the shortest string that matches".
+ return re.sub(r'Stack trace:(.|\n)*?\n\n', '', output)
+
+
+def RemoveTime(output):
+ """Removes all time information from a Google Test program's output."""
+
+ return re.sub(r'\(\d+ ms', '(? ms', output)
+
+
+def RemoveTypeInfoDetails(test_output):
+ """Removes compiler-specific type info from Google Test program's output.
+
+ Args:
+ test_output: the output of a Google Test program.
+
+ Returns:
+ output with type information normalized to canonical form.
+ """
+
+ # some compilers output the name of type 'unsigned int' as 'unsigned'
+ return re.sub(r'unsigned int', 'unsigned', test_output)
+
+
+def NormalizeToCurrentPlatform(test_output):
+ """Normalizes platform specific output details for easier comparison."""
+
+ if IS_WINDOWS:
+ # Removes the color information that is not present on Windows.
+ test_output = re.sub('\x1b\\[(0;3\d)?m', '', test_output)
+ # Changes failure message headers into the Windows format.
+ test_output = re.sub(r': Failure\n', r': error: ', test_output)
+ # Changes file(line_number) to file:line_number.
+ test_output = re.sub(r'((\w|\.)+)\((\d+)\):', r'\1:\3:', test_output)
+
+ return test_output
+
+
+def RemoveTestCounts(output):
+ """Removes test counts from a Google Test program's output."""
+
+ output = re.sub(r'\d+ tests?, listed below',
+ '? tests, listed below', output)
+ output = re.sub(r'\d+ FAILED TESTS',
+ '? FAILED TESTS', output)
+ output = re.sub(r'\d+ tests? from \d+ test cases?',
+ '? tests from ? test cases', output)
+ output = re.sub(r'\d+ tests? from ([a-zA-Z_])',
+ r'? tests from \1', output)
+ return re.sub(r'\d+ tests?\.', '? tests.', output)
+
+
+def RemoveMatchingTests(test_output, pattern):
+ """Removes output of specified tests from a Google Test program's output.
+
+ This function strips not only the beginning and the end of a test but also
+ all output in between.
+
+ Args:
+ test_output: A string containing the test output.
+ pattern: A regex string that matches names of test cases or
+ tests to remove.
+
+ Returns:
+ Contents of test_output with tests whose names match pattern removed.
+ """
+
+ test_output = re.sub(
+ r'.*\[ RUN \] .*%s(.|\n)*?\[( FAILED | OK )\] .*%s.*\n' % (
+ pattern, pattern),
+ '',
+ test_output)
+ return re.sub(r'.*%s.*\n' % pattern, '', test_output)
+
+
+def NormalizeOutput(output):
+ """Normalizes output (the output of googletest-output-test_.exe)."""
+
+ output = ToUnixLineEnding(output)
+ output = RemoveLocations(output)
+ output = RemoveStackTraceDetails(output)
+ output = RemoveTime(output)
+ return output
+
+
+def GetShellCommandOutput(env_cmd):
+ """Runs a command in a sub-process, and returns its output in a string.
+
+ Args:
+ env_cmd: The shell command. A 2-tuple where element 0 is a dict of extra
+ environment variables to set, and element 1 is a string with
+ the command and any flags.
+
+ Returns:
+ A string with the command's combined standard and diagnostic output.
+ """
+
+ # Spawns cmd in a sub-process, and gets its standard I/O file objects.
+ # Set and save the environment properly.
+ environ = os.environ.copy()
+ environ.update(env_cmd[0])
+ p = gtest_test_utils.Subprocess(env_cmd[1], env=environ)
+
+ return p.output
+
+
+def GetCommandOutput(env_cmd):
+ """Runs a command and returns its output with all file location
+ info stripped off.
+
+ Args:
+ env_cmd: The shell command. A 2-tuple where element 0 is a dict of extra
+ environment variables to set, and element 1 is a string with
+ the command and any flags.
+ """
+
+ # Disables exception pop-ups on Windows.
+ environ, cmdline = env_cmd
+ environ = dict(environ) # Ensures we are modifying a copy.
+ environ[CATCH_EXCEPTIONS_ENV_VAR_NAME] = '1'
+ return NormalizeOutput(GetShellCommandOutput((environ, cmdline)))
+
+
+def GetOutputOfAllCommands():
+ """Returns concatenated output from several representative commands."""
+
+ return (GetCommandOutput(COMMAND_WITH_COLOR) +
+ GetCommandOutput(COMMAND_WITH_TIME) +
+ GetCommandOutput(COMMAND_WITH_DISABLED) +
+ GetCommandOutput(COMMAND_WITH_SHARDING))
+
+
+test_list = GetShellCommandOutput(COMMAND_LIST_TESTS)
+SUPPORTS_DEATH_TESTS = 'DeathTest' in test_list
+SUPPORTS_TYPED_TESTS = 'TypedTest' in test_list
+SUPPORTS_THREADS = 'ExpectFailureWithThreadsTest' in test_list
+SUPPORTS_STACK_TRACES = NO_STACKTRACE_SUPPORT_FLAG not in sys.argv
+
+CAN_GENERATE_GOLDEN_FILE = (SUPPORTS_DEATH_TESTS and
+ SUPPORTS_TYPED_TESTS and
+ SUPPORTS_THREADS and
+ SUPPORTS_STACK_TRACES)
+
+class GTestOutputTest(gtest_test_utils.TestCase):
+ def RemoveUnsupportedTests(self, test_output):
+ if not SUPPORTS_DEATH_TESTS:
+ test_output = RemoveMatchingTests(test_output, 'DeathTest')
+ if not SUPPORTS_TYPED_TESTS:
+ test_output = RemoveMatchingTests(test_output, 'TypedTest')
+ test_output = RemoveMatchingTests(test_output, 'TypedDeathTest')
+ test_output = RemoveMatchingTests(test_output, 'TypeParamDeathTest')
+ if not SUPPORTS_THREADS:
+ test_output = RemoveMatchingTests(test_output,
+ 'ExpectFailureWithThreadsTest')
+ test_output = RemoveMatchingTests(test_output,
+ 'ScopedFakeTestPartResultReporterTest')
+ test_output = RemoveMatchingTests(test_output,
+ 'WorksConcurrently')
+ if not SUPPORTS_STACK_TRACES:
+ test_output = RemoveStackTraces(test_output)
+
+ return test_output
+
+ def testOutput(self):
+ output = GetOutputOfAllCommands()
+
+ golden_file = open(GOLDEN_PATH, 'rb')
+ # A mis-configured source control system can cause \r appear in EOL
+ # sequences when we read the golden file irrespective of an operating
+ # system used. Therefore, we need to strip those \r's from newlines
+ # unconditionally.
+ golden = ToUnixLineEnding(golden_file.read())
+ golden_file.close()
+
+ # We want the test to pass regardless of certain features being
+ # supported or not.
+
+ # We still have to remove type name specifics in all cases.
+ normalized_actual = RemoveTypeInfoDetails(output)
+ normalized_golden = RemoveTypeInfoDetails(golden)
+
+ if CAN_GENERATE_GOLDEN_FILE:
+ self.assertEqual(normalized_golden, normalized_actual,
+ '\n'.join(difflib.unified_diff(
+ normalized_golden.split('\n'),
+ normalized_actual.split('\n'),
+ 'golden', 'actual')))
+ else:
+ normalized_actual = NormalizeToCurrentPlatform(
+ RemoveTestCounts(normalized_actual))
+ normalized_golden = NormalizeToCurrentPlatform(
+ RemoveTestCounts(self.RemoveUnsupportedTests(normalized_golden)))
+
+ # This code is very handy when debugging golden file differences:
+ if os.getenv('DEBUG_GTEST_OUTPUT_TEST'):
+ open(os.path.join(
+ gtest_test_utils.GetSourceDir(),
+ '_googletest-output-test_normalized_actual.txt'), 'wb').write(
+ normalized_actual)
+ open(os.path.join(
+ gtest_test_utils.GetSourceDir(),
+ '_googletest-output-test_normalized_golden.txt'), 'wb').write(
+ normalized_golden)
+
+ self.assertEqual(normalized_golden, normalized_actual)
+
+
+if __name__ == '__main__':
+ if NO_STACKTRACE_SUPPORT_FLAG in sys.argv:
+ # unittest.main() can't handle unknown flags
+ sys.argv.remove(NO_STACKTRACE_SUPPORT_FLAG)
+
+ if GENGOLDEN_FLAG in sys.argv:
+ if CAN_GENERATE_GOLDEN_FILE:
+ output = GetOutputOfAllCommands()
+ golden_file = open(GOLDEN_PATH, 'wb')
+ golden_file.write(output)
+ golden_file.close()
+ else:
+ message = (
+ """Unable to write a golden file when compiled in an environment
+that does not support all the required features (death tests,
+typed tests, stack traces, and multiple threads).
+Please build this test and generate the golden file using Blaze on Linux.""")
+
+ sys.stderr.write(message)
+ sys.exit(1)
+ else:
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-output-test_.cc b/security/nss/gtests/google_test/gtest/test/googletest-output-test_.cc
new file mode 100644
index 000000000..f6525ec97
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-output-test_.cc
@@ -0,0 +1,1109 @@
+// Copyright 2005, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// The purpose of this file is to generate Google Test output under
+// various conditions. The output will then be verified by
+// googletest-output-test.py to ensure that Google Test generates the
+// desired messages. Therefore, most tests in this file are MEANT TO
+// FAIL.
+
+#include "gtest/gtest-spi.h"
+#include "gtest/gtest.h"
+#include "src/gtest-internal-inl.h"
+
+#include <stdlib.h>
+
+#if _MSC_VER
+GTEST_DISABLE_MSC_WARNINGS_PUSH_(4127 /* conditional expression is constant */)
+#endif // _MSC_VER
+
+#if GTEST_IS_THREADSAFE
+using testing::ScopedFakeTestPartResultReporter;
+using testing::TestPartResultArray;
+
+using testing::internal::Notification;
+using testing::internal::ThreadWithParam;
+#endif
+
+namespace posix = ::testing::internal::posix;
+
+// Tests catching fatal failures.
+
+// A subroutine used by the following test.
+void TestEq1(int x) {
+ ASSERT_EQ(1, x);
+}
+
+// This function calls a test subroutine, catches the fatal failure it
+// generates, and then returns early.
+void TryTestSubroutine() {
+ // Calls a subrountine that yields a fatal failure.
+ TestEq1(2);
+
+ // Catches the fatal failure and aborts the test.
+ //
+ // The testing::Test:: prefix is necessary when calling
+ // HasFatalFailure() outside of a TEST, TEST_F, or test fixture.
+ if (testing::Test::HasFatalFailure()) return;
+
+ // If we get here, something is wrong.
+ FAIL() << "This should never be reached.";
+}
+
+TEST(PassingTest, PassingTest1) {
+}
+
+TEST(PassingTest, PassingTest2) {
+}
+
+// Tests that parameters of failing parameterized tests are printed in the
+// failing test summary.
+class FailingParamTest : public testing::TestWithParam<int> {};
+
+TEST_P(FailingParamTest, Fails) {
+ EXPECT_EQ(1, GetParam());
+}
+
+// This generates a test which will fail. Google Test is expected to print
+// its parameter when it outputs the list of all failed tests.
+INSTANTIATE_TEST_CASE_P(PrintingFailingParams,
+ FailingParamTest,
+ testing::Values(2));
+
+static const char kGoldenString[] = "\"Line\0 1\"\nLine 2";
+
+TEST(NonfatalFailureTest, EscapesStringOperands) {
+ std::string actual = "actual \"string\"";
+ EXPECT_EQ(kGoldenString, actual);
+
+ const char* golden = kGoldenString;
+ EXPECT_EQ(golden, actual);
+}
+
+TEST(NonfatalFailureTest, DiffForLongStrings) {
+ std::string golden_str(kGoldenString, sizeof(kGoldenString) - 1);
+ EXPECT_EQ(golden_str, "Line 2");
+}
+
+// Tests catching a fatal failure in a subroutine.
+TEST(FatalFailureTest, FatalFailureInSubroutine) {
+ printf("(expecting a failure that x should be 1)\n");
+
+ TryTestSubroutine();
+}
+
+// Tests catching a fatal failure in a nested subroutine.
+TEST(FatalFailureTest, FatalFailureInNestedSubroutine) {
+ printf("(expecting a failure that x should be 1)\n");
+
+ // Calls a subrountine that yields a fatal failure.
+ TryTestSubroutine();
+
+ // Catches the fatal failure and aborts the test.
+ //
+ // When calling HasFatalFailure() inside a TEST, TEST_F, or test
+ // fixture, the testing::Test:: prefix is not needed.
+ if (HasFatalFailure()) return;
+
+ // If we get here, something is wrong.
+ FAIL() << "This should never be reached.";
+}
+
+// Tests HasFatalFailure() after a failed EXPECT check.
+TEST(FatalFailureTest, NonfatalFailureInSubroutine) {
+ printf("(expecting a failure on false)\n");
+ EXPECT_TRUE(false); // Generates a nonfatal failure
+ ASSERT_FALSE(HasFatalFailure()); // This should succeed.
+}
+
+// Tests interleaving user logging and Google Test assertions.
+TEST(LoggingTest, InterleavingLoggingAndAssertions) {
+ static const int a[4] = {
+ 3, 9, 2, 6
+ };
+
+ printf("(expecting 2 failures on (3) >= (a[i]))\n");
+ for (int i = 0; i < static_cast<int>(sizeof(a)/sizeof(*a)); i++) {
+ printf("i == %d\n", i);
+ EXPECT_GE(3, a[i]);
+ }
+}
+
+// Tests the SCOPED_TRACE macro.
+
+// A helper function for testing SCOPED_TRACE.
+void SubWithoutTrace(int n) {
+ EXPECT_EQ(1, n);
+ ASSERT_EQ(2, n);
+}
+
+// Another helper function for testing SCOPED_TRACE.
+void SubWithTrace(int n) {
+ SCOPED_TRACE(testing::Message() << "n = " << n);
+
+ SubWithoutTrace(n);
+}
+
+TEST(SCOPED_TRACETest, AcceptedValues) {
+ SCOPED_TRACE("literal string");
+ SCOPED_TRACE(std::string("std::string"));
+ SCOPED_TRACE(1337); // streamable type
+ const char* null_value = NULL;
+ SCOPED_TRACE(null_value);
+
+ ADD_FAILURE() << "Just checking that all these values work fine.";
+}
+
+// Tests that SCOPED_TRACE() obeys lexical scopes.
+TEST(SCOPED_TRACETest, ObeysScopes) {
+ printf("(expected to fail)\n");
+
+ // There should be no trace before SCOPED_TRACE() is invoked.
+ ADD_FAILURE() << "This failure is expected, and shouldn't have a trace.";
+
+ {
+ SCOPED_TRACE("Expected trace");
+ // After SCOPED_TRACE(), a failure in the current scope should contain
+ // the trace.
+ ADD_FAILURE() << "This failure is expected, and should have a trace.";
+ }
+
+ // Once the control leaves the scope of the SCOPED_TRACE(), there
+ // should be no trace again.
+ ADD_FAILURE() << "This failure is expected, and shouldn't have a trace.";
+}
+
+// Tests that SCOPED_TRACE works inside a loop.
+TEST(SCOPED_TRACETest, WorksInLoop) {
+ printf("(expected to fail)\n");
+
+ for (int i = 1; i <= 2; i++) {
+ SCOPED_TRACE(testing::Message() << "i = " << i);
+
+ SubWithoutTrace(i);
+ }
+}
+
+// Tests that SCOPED_TRACE works in a subroutine.
+TEST(SCOPED_TRACETest, WorksInSubroutine) {
+ printf("(expected to fail)\n");
+
+ SubWithTrace(1);
+ SubWithTrace(2);
+}
+
+// Tests that SCOPED_TRACE can be nested.
+TEST(SCOPED_TRACETest, CanBeNested) {
+ printf("(expected to fail)\n");
+
+ SCOPED_TRACE(""); // A trace without a message.
+
+ SubWithTrace(2);
+}
+
+// Tests that multiple SCOPED_TRACEs can be used in the same scope.
+TEST(SCOPED_TRACETest, CanBeRepeated) {
+ printf("(expected to fail)\n");
+
+ SCOPED_TRACE("A");
+ ADD_FAILURE()
+ << "This failure is expected, and should contain trace point A.";
+
+ SCOPED_TRACE("B");
+ ADD_FAILURE()
+ << "This failure is expected, and should contain trace point A and B.";
+
+ {
+ SCOPED_TRACE("C");
+ ADD_FAILURE() << "This failure is expected, and should "
+ << "contain trace point A, B, and C.";
+ }
+
+ SCOPED_TRACE("D");
+ ADD_FAILURE() << "This failure is expected, and should "
+ << "contain trace point A, B, and D.";
+}
+
+#if GTEST_IS_THREADSAFE
+// Tests that SCOPED_TRACE()s can be used concurrently from multiple
+// threads. Namely, an assertion should be affected by
+// SCOPED_TRACE()s in its own thread only.
+
+// Here's the sequence of actions that happen in the test:
+//
+// Thread A (main) | Thread B (spawned)
+// ===============================|================================
+// spawns thread B |
+// -------------------------------+--------------------------------
+// waits for n1 | SCOPED_TRACE("Trace B");
+// | generates failure #1
+// | notifies n1
+// -------------------------------+--------------------------------
+// SCOPED_TRACE("Trace A"); | waits for n2
+// generates failure #2 |
+// notifies n2 |
+// -------------------------------|--------------------------------
+// waits for n3 | generates failure #3
+// | trace B dies
+// | generates failure #4
+// | notifies n3
+// -------------------------------|--------------------------------
+// generates failure #5 | finishes
+// trace A dies |
+// generates failure #6 |
+// -------------------------------|--------------------------------
+// waits for thread B to finish |
+
+struct CheckPoints {
+ Notification n1;
+ Notification n2;
+ Notification n3;
+};
+
+static void ThreadWithScopedTrace(CheckPoints* check_points) {
+ {
+ SCOPED_TRACE("Trace B");
+ ADD_FAILURE()
+ << "Expected failure #1 (in thread B, only trace B alive).";
+ check_points->n1.Notify();
+ check_points->n2.WaitForNotification();
+
+ ADD_FAILURE()
+ << "Expected failure #3 (in thread B, trace A & B both alive).";
+ } // Trace B dies here.
+ ADD_FAILURE()
+ << "Expected failure #4 (in thread B, only trace A alive).";
+ check_points->n3.Notify();
+}
+
+TEST(SCOPED_TRACETest, WorksConcurrently) {
+ printf("(expecting 6 failures)\n");
+
+ CheckPoints check_points;
+ ThreadWithParam<CheckPoints*> thread(&ThreadWithScopedTrace,
+ &check_points,
+ NULL);
+ check_points.n1.WaitForNotification();
+
+ {
+ SCOPED_TRACE("Trace A");
+ ADD_FAILURE()
+ << "Expected failure #2 (in thread A, trace A & B both alive).";
+ check_points.n2.Notify();
+ check_points.n3.WaitForNotification();
+
+ ADD_FAILURE()
+ << "Expected failure #5 (in thread A, only trace A alive).";
+ } // Trace A dies here.
+ ADD_FAILURE()
+ << "Expected failure #6 (in thread A, no trace alive).";
+ thread.Join();
+}
+#endif // GTEST_IS_THREADSAFE
+
+// Tests basic functionality of the ScopedTrace utility (most of its features
+// are already tested in SCOPED_TRACETest).
+TEST(ScopedTraceTest, WithExplicitFileAndLine) {
+ testing::ScopedTrace trace("explicit_file.cc", 123, "expected trace message");
+ ADD_FAILURE() << "Check that the trace is attached to a particular location.";
+}
+
+TEST(DisabledTestsWarningTest,
+ DISABLED_AlsoRunDisabledTestsFlagSuppressesWarning) {
+ // This test body is intentionally empty. Its sole purpose is for
+ // verifying that the --gtest_also_run_disabled_tests flag
+ // suppresses the "YOU HAVE 12 DISABLED TESTS" warning at the end of
+ // the test output.
+}
+
+// Tests using assertions outside of TEST and TEST_F.
+//
+// This function creates two failures intentionally.
+void AdHocTest() {
+ printf("The non-test part of the code is expected to have 2 failures.\n\n");
+ EXPECT_TRUE(false);
+ EXPECT_EQ(2, 3);
+}
+
+// Runs all TESTs, all TEST_Fs, and the ad hoc test.
+int RunAllTests() {
+ AdHocTest();
+ return RUN_ALL_TESTS();
+}
+
+// Tests non-fatal failures in the fixture constructor.
+class NonFatalFailureInFixtureConstructorTest : public testing::Test {
+ protected:
+ NonFatalFailureInFixtureConstructorTest() {
+ printf("(expecting 5 failures)\n");
+ ADD_FAILURE() << "Expected failure #1, in the test fixture c'tor.";
+ }
+
+ ~NonFatalFailureInFixtureConstructorTest() {
+ ADD_FAILURE() << "Expected failure #5, in the test fixture d'tor.";
+ }
+
+ virtual void SetUp() {
+ ADD_FAILURE() << "Expected failure #2, in SetUp().";
+ }
+
+ virtual void TearDown() {
+ ADD_FAILURE() << "Expected failure #4, in TearDown.";
+ }
+};
+
+TEST_F(NonFatalFailureInFixtureConstructorTest, FailureInConstructor) {
+ ADD_FAILURE() << "Expected failure #3, in the test body.";
+}
+
+// Tests fatal failures in the fixture constructor.
+class FatalFailureInFixtureConstructorTest : public testing::Test {
+ protected:
+ FatalFailureInFixtureConstructorTest() {
+ printf("(expecting 2 failures)\n");
+ Init();
+ }
+
+ ~FatalFailureInFixtureConstructorTest() {
+ ADD_FAILURE() << "Expected failure #2, in the test fixture d'tor.";
+ }
+
+ virtual void SetUp() {
+ ADD_FAILURE() << "UNEXPECTED failure in SetUp(). "
+ << "We should never get here, as the test fixture c'tor "
+ << "had a fatal failure.";
+ }
+
+ virtual void TearDown() {
+ ADD_FAILURE() << "UNEXPECTED failure in TearDown(). "
+ << "We should never get here, as the test fixture c'tor "
+ << "had a fatal failure.";
+ }
+
+ private:
+ void Init() {
+ FAIL() << "Expected failure #1, in the test fixture c'tor.";
+ }
+};
+
+TEST_F(FatalFailureInFixtureConstructorTest, FailureInConstructor) {
+ ADD_FAILURE() << "UNEXPECTED failure in the test body. "
+ << "We should never get here, as the test fixture c'tor "
+ << "had a fatal failure.";
+}
+
+// Tests non-fatal failures in SetUp().
+class NonFatalFailureInSetUpTest : public testing::Test {
+ protected:
+ virtual ~NonFatalFailureInSetUpTest() {
+ Deinit();
+ }
+
+ virtual void SetUp() {
+ printf("(expecting 4 failures)\n");
+ ADD_FAILURE() << "Expected failure #1, in SetUp().";
+ }
+
+ virtual void TearDown() {
+ FAIL() << "Expected failure #3, in TearDown().";
+ }
+ private:
+ void Deinit() {
+ FAIL() << "Expected failure #4, in the test fixture d'tor.";
+ }
+};
+
+TEST_F(NonFatalFailureInSetUpTest, FailureInSetUp) {
+ FAIL() << "Expected failure #2, in the test function.";
+}
+
+// Tests fatal failures in SetUp().
+class FatalFailureInSetUpTest : public testing::Test {
+ protected:
+ virtual ~FatalFailureInSetUpTest() {
+ Deinit();
+ }
+
+ virtual void SetUp() {
+ printf("(expecting 3 failures)\n");
+ FAIL() << "Expected failure #1, in SetUp().";
+ }
+
+ virtual void TearDown() {
+ FAIL() << "Expected failure #2, in TearDown().";
+ }
+ private:
+ void Deinit() {
+ FAIL() << "Expected failure #3, in the test fixture d'tor.";
+ }
+};
+
+TEST_F(FatalFailureInSetUpTest, FailureInSetUp) {
+ FAIL() << "UNEXPECTED failure in the test function. "
+ << "We should never get here, as SetUp() failed.";
+}
+
+TEST(AddFailureAtTest, MessageContainsSpecifiedFileAndLineNumber) {
+ ADD_FAILURE_AT("foo.cc", 42) << "Expected failure in foo.cc";
+}
+
+#if GTEST_IS_THREADSAFE
+
+// A unary function that may die.
+void DieIf(bool should_die) {
+ GTEST_CHECK_(!should_die) << " - death inside DieIf().";
+}
+
+// Tests running death tests in a multi-threaded context.
+
+// Used for coordination between the main and the spawn thread.
+struct SpawnThreadNotifications {
+ SpawnThreadNotifications() {}
+
+ Notification spawn_thread_started;
+ Notification spawn_thread_ok_to_terminate;
+
+ private:
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(SpawnThreadNotifications);
+};
+
+// The function to be executed in the thread spawn by the
+// MultipleThreads test (below).
+static void ThreadRoutine(SpawnThreadNotifications* notifications) {
+ // Signals the main thread that this thread has started.
+ notifications->spawn_thread_started.Notify();
+
+ // Waits for permission to finish from the main thread.
+ notifications->spawn_thread_ok_to_terminate.WaitForNotification();
+}
+
+// This is a death-test test, but it's not named with a DeathTest
+// suffix. It starts threads which might interfere with later
+// death tests, so it must run after all other death tests.
+class DeathTestAndMultiThreadsTest : public testing::Test {
+ protected:
+ // Starts a thread and waits for it to begin.
+ virtual void SetUp() {
+ thread_.reset(new ThreadWithParam<SpawnThreadNotifications*>(
+ &ThreadRoutine, ¬ifications_, NULL));
+ notifications_.spawn_thread_started.WaitForNotification();
+ }
+ // Tells the thread to finish, and reaps it.
+ // Depending on the version of the thread library in use,
+ // a manager thread might still be left running that will interfere
+ // with later death tests. This is unfortunate, but this class
+ // cleans up after itself as best it can.
+ virtual void TearDown() {
+ notifications_.spawn_thread_ok_to_terminate.Notify();
+ }
+
+ private:
+ SpawnThreadNotifications notifications_;
+ testing::internal::scoped_ptr<ThreadWithParam<SpawnThreadNotifications*> >
+ thread_;
+};
+
+#endif // GTEST_IS_THREADSAFE
+
+// The MixedUpTestCaseTest test case verifies that Google Test will fail a
+// test if it uses a different fixture class than what other tests in
+// the same test case use. It deliberately contains two fixture
+// classes with the same name but defined in different namespaces.
+
+// The MixedUpTestCaseWithSameTestNameTest test case verifies that
+// when the user defines two tests with the same test case name AND
+// same test name (but in different namespaces), the second test will
+// fail.
+
+namespace foo {
+
+class MixedUpTestCaseTest : public testing::Test {
+};
+
+TEST_F(MixedUpTestCaseTest, FirstTestFromNamespaceFoo) {}
+TEST_F(MixedUpTestCaseTest, SecondTestFromNamespaceFoo) {}
+
+class MixedUpTestCaseWithSameTestNameTest : public testing::Test {
+};
+
+TEST_F(MixedUpTestCaseWithSameTestNameTest,
+ TheSecondTestWithThisNameShouldFail) {}
+
+} // namespace foo
+
+namespace bar {
+
+class MixedUpTestCaseTest : public testing::Test {
+};
+
+// The following two tests are expected to fail. We rely on the
+// golden file to check that Google Test generates the right error message.
+TEST_F(MixedUpTestCaseTest, ThisShouldFail) {}
+TEST_F(MixedUpTestCaseTest, ThisShouldFailToo) {}
+
+class MixedUpTestCaseWithSameTestNameTest : public testing::Test {
+};
+
+// Expected to fail. We rely on the golden file to check that Google Test
+// generates the right error message.
+TEST_F(MixedUpTestCaseWithSameTestNameTest,
+ TheSecondTestWithThisNameShouldFail) {}
+
+} // namespace bar
+
+// The following two test cases verify that Google Test catches the user
+// error of mixing TEST and TEST_F in the same test case. The first
+// test case checks the scenario where TEST_F appears before TEST, and
+// the second one checks where TEST appears before TEST_F.
+
+class TEST_F_before_TEST_in_same_test_case : public testing::Test {
+};
+
+TEST_F(TEST_F_before_TEST_in_same_test_case, DefinedUsingTEST_F) {}
+
+// Expected to fail. We rely on the golden file to check that Google Test
+// generates the right error message.
+TEST(TEST_F_before_TEST_in_same_test_case, DefinedUsingTESTAndShouldFail) {}
+
+class TEST_before_TEST_F_in_same_test_case : public testing::Test {
+};
+
+TEST(TEST_before_TEST_F_in_same_test_case, DefinedUsingTEST) {}
+
+// Expected to fail. We rely on the golden file to check that Google Test
+// generates the right error message.
+TEST_F(TEST_before_TEST_F_in_same_test_case, DefinedUsingTEST_FAndShouldFail) {
+}
+
+// Used for testing EXPECT_NONFATAL_FAILURE() and EXPECT_FATAL_FAILURE().
+int global_integer = 0;
+
+// Tests that EXPECT_NONFATAL_FAILURE() can reference global variables.
+TEST(ExpectNonfatalFailureTest, CanReferenceGlobalVariables) {
+ global_integer = 0;
+ EXPECT_NONFATAL_FAILURE({
+ EXPECT_EQ(1, global_integer) << "Expected non-fatal failure.";
+ }, "Expected non-fatal failure.");
+}
+
+// Tests that EXPECT_NONFATAL_FAILURE() can reference local variables
+// (static or not).
+TEST(ExpectNonfatalFailureTest, CanReferenceLocalVariables) {
+ int m = 0;
+ static int n;
+ n = 1;
+ EXPECT_NONFATAL_FAILURE({
+ EXPECT_EQ(m, n) << "Expected non-fatal failure.";
+ }, "Expected non-fatal failure.");
+}
+
+// Tests that EXPECT_NONFATAL_FAILURE() succeeds when there is exactly
+// one non-fatal failure and no fatal failure.
+TEST(ExpectNonfatalFailureTest, SucceedsWhenThereIsOneNonfatalFailure) {
+ EXPECT_NONFATAL_FAILURE({
+ ADD_FAILURE() << "Expected non-fatal failure.";
+ }, "Expected non-fatal failure.");
+}
+
+// Tests that EXPECT_NONFATAL_FAILURE() fails when there is no
+// non-fatal failure.
+TEST(ExpectNonfatalFailureTest, FailsWhenThereIsNoNonfatalFailure) {
+ printf("(expecting a failure)\n");
+ EXPECT_NONFATAL_FAILURE({
+ }, "");
+}
+
+// Tests that EXPECT_NONFATAL_FAILURE() fails when there are two
+// non-fatal failures.
+TEST(ExpectNonfatalFailureTest, FailsWhenThereAreTwoNonfatalFailures) {
+ printf("(expecting a failure)\n");
+ EXPECT_NONFATAL_FAILURE({
+ ADD_FAILURE() << "Expected non-fatal failure 1.";
+ ADD_FAILURE() << "Expected non-fatal failure 2.";
+ }, "");
+}
+
+// Tests that EXPECT_NONFATAL_FAILURE() fails when there is one fatal
+// failure.
+TEST(ExpectNonfatalFailureTest, FailsWhenThereIsOneFatalFailure) {
+ printf("(expecting a failure)\n");
+ EXPECT_NONFATAL_FAILURE({
+ FAIL() << "Expected fatal failure.";
+ }, "");
+}
+
+// Tests that EXPECT_NONFATAL_FAILURE() fails when the statement being
+// tested returns.
+TEST(ExpectNonfatalFailureTest, FailsWhenStatementReturns) {
+ printf("(expecting a failure)\n");
+ EXPECT_NONFATAL_FAILURE({
+ return;
+ }, "");
+}
+
+#if GTEST_HAS_EXCEPTIONS
+
+// Tests that EXPECT_NONFATAL_FAILURE() fails when the statement being
+// tested throws.
+TEST(ExpectNonfatalFailureTest, FailsWhenStatementThrows) {
+ printf("(expecting a failure)\n");
+ try {
+ EXPECT_NONFATAL_FAILURE({
+ throw 0;
+ }, "");
+ } catch(int) { // NOLINT
+ }
+}
+
+#endif // GTEST_HAS_EXCEPTIONS
+
+// Tests that EXPECT_FATAL_FAILURE() can reference global variables.
+TEST(ExpectFatalFailureTest, CanReferenceGlobalVariables) {
+ global_integer = 0;
+ EXPECT_FATAL_FAILURE({
+ ASSERT_EQ(1, global_integer) << "Expected fatal failure.";
+ }, "Expected fatal failure.");
+}
+
+// Tests that EXPECT_FATAL_FAILURE() can reference local static
+// variables.
+TEST(ExpectFatalFailureTest, CanReferenceLocalStaticVariables) {
+ static int n;
+ n = 1;
+ EXPECT_FATAL_FAILURE({
+ ASSERT_EQ(0, n) << "Expected fatal failure.";
+ }, "Expected fatal failure.");
+}
+
+// Tests that EXPECT_FATAL_FAILURE() succeeds when there is exactly
+// one fatal failure and no non-fatal failure.
+TEST(ExpectFatalFailureTest, SucceedsWhenThereIsOneFatalFailure) {
+ EXPECT_FATAL_FAILURE({
+ FAIL() << "Expected fatal failure.";
+ }, "Expected fatal failure.");
+}
+
+// Tests that EXPECT_FATAL_FAILURE() fails when there is no fatal
+// failure.
+TEST(ExpectFatalFailureTest, FailsWhenThereIsNoFatalFailure) {
+ printf("(expecting a failure)\n");
+ EXPECT_FATAL_FAILURE({
+ }, "");
+}
+
+// A helper for generating a fatal failure.
+void FatalFailure() {
+ FAIL() << "Expected fatal failure.";
+}
+
+// Tests that EXPECT_FATAL_FAILURE() fails when there are two
+// fatal failures.
+TEST(ExpectFatalFailureTest, FailsWhenThereAreTwoFatalFailures) {
+ printf("(expecting a failure)\n");
+ EXPECT_FATAL_FAILURE({
+ FatalFailure();
+ FatalFailure();
+ }, "");
+}
+
+// Tests that EXPECT_FATAL_FAILURE() fails when there is one non-fatal
+// failure.
+TEST(ExpectFatalFailureTest, FailsWhenThereIsOneNonfatalFailure) {
+ printf("(expecting a failure)\n");
+ EXPECT_FATAL_FAILURE({
+ ADD_FAILURE() << "Expected non-fatal failure.";
+ }, "");
+}
+
+// Tests that EXPECT_FATAL_FAILURE() fails when the statement being
+// tested returns.
+TEST(ExpectFatalFailureTest, FailsWhenStatementReturns) {
+ printf("(expecting a failure)\n");
+ EXPECT_FATAL_FAILURE({
+ return;
+ }, "");
+}
+
+#if GTEST_HAS_EXCEPTIONS
+
+// Tests that EXPECT_FATAL_FAILURE() fails when the statement being
+// tested throws.
+TEST(ExpectFatalFailureTest, FailsWhenStatementThrows) {
+ printf("(expecting a failure)\n");
+ try {
+ EXPECT_FATAL_FAILURE({
+ throw 0;
+ }, "");
+ } catch(int) { // NOLINT
+ }
+}
+
+#endif // GTEST_HAS_EXCEPTIONS
+
+// This #ifdef block tests the output of value-parameterized tests.
+
+std::string ParamNameFunc(const testing::TestParamInfo<std::string>& info) {
+ return info.param;
+}
+
+class ParamTest : public testing::TestWithParam<std::string> {
+};
+
+TEST_P(ParamTest, Success) {
+ EXPECT_EQ("a", GetParam());
+}
+
+TEST_P(ParamTest, Failure) {
+ EXPECT_EQ("b", GetParam()) << "Expected failure";
+}
+
+INSTANTIATE_TEST_CASE_P(PrintingStrings,
+ ParamTest,
+ testing::Values(std::string("a")),
+ ParamNameFunc);
+
+// This #ifdef block tests the output of typed tests.
+#if GTEST_HAS_TYPED_TEST
+
+template <typename T>
+class TypedTest : public testing::Test {
+};
+
+TYPED_TEST_CASE(TypedTest, testing::Types<int>);
+
+TYPED_TEST(TypedTest, Success) {
+ EXPECT_EQ(0, TypeParam());
+}
+
+TYPED_TEST(TypedTest, Failure) {
+ EXPECT_EQ(1, TypeParam()) << "Expected failure";
+}
+
+typedef testing::Types<char, int> TypesForTestWithNames;
+
+template <typename T>
+class TypedTestWithNames : public testing::Test {};
+
+class TypedTestNames {
+ public:
+ template <typename T>
+ static std::string GetName(int i) {
+ if (testing::internal::IsSame<T, char>::value)
+ return std::string("char") + ::testing::PrintToString(i);
+ if (testing::internal::IsSame<T, int>::value)
+ return std::string("int") + ::testing::PrintToString(i);
+ }
+};
+
+TYPED_TEST_CASE(TypedTestWithNames, TypesForTestWithNames, TypedTestNames);
+
+TYPED_TEST(TypedTestWithNames, Success) {}
+
+TYPED_TEST(TypedTestWithNames, Failure) { FAIL(); }
+
+#endif // GTEST_HAS_TYPED_TEST
+
+// This #ifdef block tests the output of type-parameterized tests.
+#if GTEST_HAS_TYPED_TEST_P
+
+template <typename T>
+class TypedTestP : public testing::Test {
+};
+
+TYPED_TEST_CASE_P(TypedTestP);
+
+TYPED_TEST_P(TypedTestP, Success) {
+ EXPECT_EQ(0U, TypeParam());
+}
+
+TYPED_TEST_P(TypedTestP, Failure) {
+ EXPECT_EQ(1U, TypeParam()) << "Expected failure";
+}
+
+REGISTER_TYPED_TEST_CASE_P(TypedTestP, Success, Failure);
+
+typedef testing::Types<unsigned char, unsigned int> UnsignedTypes;
+INSTANTIATE_TYPED_TEST_CASE_P(Unsigned, TypedTestP, UnsignedTypes);
+
+class TypedTestPNames {
+ public:
+ template <typename T>
+ static std::string GetName(int i) {
+ if (testing::internal::IsSame<T, unsigned char>::value) {
+ return std::string("unsignedChar") + ::testing::PrintToString(i);
+ }
+ if (testing::internal::IsSame<T, unsigned int>::value) {
+ return std::string("unsignedInt") + ::testing::PrintToString(i);
+ }
+ }
+};
+
+INSTANTIATE_TYPED_TEST_CASE_P(UnsignedCustomName, TypedTestP, UnsignedTypes,
+ TypedTestPNames);
+
+#endif // GTEST_HAS_TYPED_TEST_P
+
+#if GTEST_HAS_DEATH_TEST
+
+// We rely on the golden file to verify that tests whose test case
+// name ends with DeathTest are run first.
+
+TEST(ADeathTest, ShouldRunFirst) {
+}
+
+# if GTEST_HAS_TYPED_TEST
+
+// We rely on the golden file to verify that typed tests whose test
+// case name ends with DeathTest are run first.
+
+template <typename T>
+class ATypedDeathTest : public testing::Test {
+};
+
+typedef testing::Types<int, double> NumericTypes;
+TYPED_TEST_CASE(ATypedDeathTest, NumericTypes);
+
+TYPED_TEST(ATypedDeathTest, ShouldRunFirst) {
+}
+
+# endif // GTEST_HAS_TYPED_TEST
+
+# if GTEST_HAS_TYPED_TEST_P
+
+
+// We rely on the golden file to verify that type-parameterized tests
+// whose test case name ends with DeathTest are run first.
+
+template <typename T>
+class ATypeParamDeathTest : public testing::Test {
+};
+
+TYPED_TEST_CASE_P(ATypeParamDeathTest);
+
+TYPED_TEST_P(ATypeParamDeathTest, ShouldRunFirst) {
+}
+
+REGISTER_TYPED_TEST_CASE_P(ATypeParamDeathTest, ShouldRunFirst);
+
+INSTANTIATE_TYPED_TEST_CASE_P(My, ATypeParamDeathTest, NumericTypes);
+
+# endif // GTEST_HAS_TYPED_TEST_P
+
+#endif // GTEST_HAS_DEATH_TEST
+
+// Tests various failure conditions of
+// EXPECT_{,NON}FATAL_FAILURE{,_ON_ALL_THREADS}.
+class ExpectFailureTest : public testing::Test {
+ public: // Must be public and not protected due to a bug in g++ 3.4.2.
+ enum FailureMode {
+ FATAL_FAILURE,
+ NONFATAL_FAILURE
+ };
+ static void AddFailure(FailureMode failure) {
+ if (failure == FATAL_FAILURE) {
+ FAIL() << "Expected fatal failure.";
+ } else {
+ ADD_FAILURE() << "Expected non-fatal failure.";
+ }
+ }
+};
+
+TEST_F(ExpectFailureTest, ExpectFatalFailure) {
+ // Expected fatal failure, but succeeds.
+ printf("(expecting 1 failure)\n");
+ EXPECT_FATAL_FAILURE(SUCCEED(), "Expected fatal failure.");
+ // Expected fatal failure, but got a non-fatal failure.
+ printf("(expecting 1 failure)\n");
+ EXPECT_FATAL_FAILURE(AddFailure(NONFATAL_FAILURE), "Expected non-fatal "
+ "failure.");
+ // Wrong message.
+ printf("(expecting 1 failure)\n");
+ EXPECT_FATAL_FAILURE(AddFailure(FATAL_FAILURE), "Some other fatal failure "
+ "expected.");
+}
+
+TEST_F(ExpectFailureTest, ExpectNonFatalFailure) {
+ // Expected non-fatal failure, but succeeds.
+ printf("(expecting 1 failure)\n");
+ EXPECT_NONFATAL_FAILURE(SUCCEED(), "Expected non-fatal failure.");
+ // Expected non-fatal failure, but got a fatal failure.
+ printf("(expecting 1 failure)\n");
+ EXPECT_NONFATAL_FAILURE(AddFailure(FATAL_FAILURE), "Expected fatal failure.");
+ // Wrong message.
+ printf("(expecting 1 failure)\n");
+ EXPECT_NONFATAL_FAILURE(AddFailure(NONFATAL_FAILURE), "Some other non-fatal "
+ "failure.");
+}
+
+#if GTEST_IS_THREADSAFE
+
+class ExpectFailureWithThreadsTest : public ExpectFailureTest {
+ protected:
+ static void AddFailureInOtherThread(FailureMode failure) {
+ ThreadWithParam<FailureMode> thread(&AddFailure, failure, NULL);
+ thread.Join();
+ }
+};
+
+TEST_F(ExpectFailureWithThreadsTest, ExpectFatalFailure) {
+ // We only intercept the current thread.
+ printf("(expecting 2 failures)\n");
+ EXPECT_FATAL_FAILURE(AddFailureInOtherThread(FATAL_FAILURE),
+ "Expected fatal failure.");
+}
+
+TEST_F(ExpectFailureWithThreadsTest, ExpectNonFatalFailure) {
+ // We only intercept the current thread.
+ printf("(expecting 2 failures)\n");
+ EXPECT_NONFATAL_FAILURE(AddFailureInOtherThread(NONFATAL_FAILURE),
+ "Expected non-fatal failure.");
+}
+
+typedef ExpectFailureWithThreadsTest ScopedFakeTestPartResultReporterTest;
+
+// Tests that the ScopedFakeTestPartResultReporter only catches failures from
+// the current thread if it is instantiated with INTERCEPT_ONLY_CURRENT_THREAD.
+TEST_F(ScopedFakeTestPartResultReporterTest, InterceptOnlyCurrentThread) {
+ printf("(expecting 2 failures)\n");
+ TestPartResultArray results;
+ {
+ ScopedFakeTestPartResultReporter reporter(
+ ScopedFakeTestPartResultReporter::INTERCEPT_ONLY_CURRENT_THREAD,
+ &results);
+ AddFailureInOtherThread(FATAL_FAILURE);
+ AddFailureInOtherThread(NONFATAL_FAILURE);
+ }
+ // The two failures should not have been intercepted.
+ EXPECT_EQ(0, results.size()) << "This shouldn't fail.";
+}
+
+#endif // GTEST_IS_THREADSAFE
+
+TEST_F(ExpectFailureTest, ExpectFatalFailureOnAllThreads) {
+ // Expected fatal failure, but succeeds.
+ printf("(expecting 1 failure)\n");
+ EXPECT_FATAL_FAILURE_ON_ALL_THREADS(SUCCEED(), "Expected fatal failure.");
+ // Expected fatal failure, but got a non-fatal failure.
+ printf("(expecting 1 failure)\n");
+ EXPECT_FATAL_FAILURE_ON_ALL_THREADS(AddFailure(NONFATAL_FAILURE),
+ "Expected non-fatal failure.");
+ // Wrong message.
+ printf("(expecting 1 failure)\n");
+ EXPECT_FATAL_FAILURE_ON_ALL_THREADS(AddFailure(FATAL_FAILURE),
+ "Some other fatal failure expected.");
+}
+
+TEST_F(ExpectFailureTest, ExpectNonFatalFailureOnAllThreads) {
+ // Expected non-fatal failure, but succeeds.
+ printf("(expecting 1 failure)\n");
+ EXPECT_NONFATAL_FAILURE_ON_ALL_THREADS(SUCCEED(), "Expected non-fatal "
+ "failure.");
+ // Expected non-fatal failure, but got a fatal failure.
+ printf("(expecting 1 failure)\n");
+ EXPECT_NONFATAL_FAILURE_ON_ALL_THREADS(AddFailure(FATAL_FAILURE),
+ "Expected fatal failure.");
+ // Wrong message.
+ printf("(expecting 1 failure)\n");
+ EXPECT_NONFATAL_FAILURE_ON_ALL_THREADS(AddFailure(NONFATAL_FAILURE),
+ "Some other non-fatal failure.");
+}
+
+
+// Two test environments for testing testing::AddGlobalTestEnvironment().
+
+class FooEnvironment : public testing::Environment {
+ public:
+ virtual void SetUp() {
+ printf("%s", "FooEnvironment::SetUp() called.\n");
+ }
+
+ virtual void TearDown() {
+ printf("%s", "FooEnvironment::TearDown() called.\n");
+ FAIL() << "Expected fatal failure.";
+ }
+};
+
+class BarEnvironment : public testing::Environment {
+ public:
+ virtual void SetUp() {
+ printf("%s", "BarEnvironment::SetUp() called.\n");
+ }
+
+ virtual void TearDown() {
+ printf("%s", "BarEnvironment::TearDown() called.\n");
+ ADD_FAILURE() << "Expected non-fatal failure.";
+ }
+};
+
+// The main function.
+//
+// The idea is to use Google Test to run all the tests we have defined (some
+// of them are intended to fail), and then compare the test results
+// with the "golden" file.
+int main(int argc, char **argv) {
+ testing::GTEST_FLAG(print_time) = false;
+
+ // We just run the tests, knowing some of them are intended to fail.
+ // We will use a separate Python script to compare the output of
+ // this program with the golden file.
+
+ // It's hard to test InitGoogleTest() directly, as it has many
+ // global side effects. The following line serves as a sanity test
+ // for it.
+ testing::InitGoogleTest(&argc, argv);
+ bool internal_skip_environment_and_ad_hoc_tests =
+ std::count(argv, argv + argc,
+ std::string("internal_skip_environment_and_ad_hoc_tests")) > 0;
+
+#if GTEST_HAS_DEATH_TEST
+ if (testing::internal::GTEST_FLAG(internal_run_death_test) != "") {
+ // Skip the usual output capturing if we're running as the child
+ // process of an threadsafe-style death test.
+# if GTEST_OS_WINDOWS
+ posix::FReopen("nul:", "w", stdout);
+# else
+ posix::FReopen("/dev/null", "w", stdout);
+# endif // GTEST_OS_WINDOWS
+ return RUN_ALL_TESTS();
+ }
+#endif // GTEST_HAS_DEATH_TEST
+
+ if (internal_skip_environment_and_ad_hoc_tests)
+ return RUN_ALL_TESTS();
+
+ // Registers two global test environments.
+ // The golden file verifies that they are set up in the order they
+ // are registered, and torn down in the reverse order.
+ testing::AddGlobalTestEnvironment(new FooEnvironment);
+ testing::AddGlobalTestEnvironment(new BarEnvironment);
+#if _MSC_VER
+GTEST_DISABLE_MSC_WARNINGS_POP_() // 4127
+#endif // _MSC_VER
+ return RunAllTests();
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name1-test.py b/security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name1-test.py
new file mode 100644
index 000000000..2a08477a7
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name1-test.py
@@ -0,0 +1,63 @@
+#!/usr/bin/env python
+#
+# Copyright 2015 Google Inc. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Verifies that Google Test warns the user when not initialized properly."""
+
+import gtest_test_utils
+
+binary_name = 'googletest-param-test-invalid-name1-test_'
+COMMAND = gtest_test_utils.GetTestExecutablePath(binary_name)
+
+
+def Assert(condition):
+ if not condition:
+ raise AssertionError
+
+
+def TestExitCodeAndOutput(command):
+ """Runs the given command and verifies its exit code and output."""
+
+ err = ('Parameterized test name \'"InvalidWithQuotes"\' is invalid')
+
+ p = gtest_test_utils.Subprocess(command)
+ Assert(p.terminated_by_signal)
+
+ # Verify the output message contains appropriate output
+ Assert(err in p.output)
+
+
+class GTestParamTestInvalidName1Test(gtest_test_utils.TestCase):
+
+ def testExitCodeAndOutput(self):
+ TestExitCodeAndOutput(COMMAND)
+
+
+if __name__ == '__main__':
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name1-test_.cc b/security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name1-test_.cc
new file mode 100644
index 000000000..5a95155b2
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name1-test_.cc
@@ -0,0 +1,50 @@
+// Copyright 2015, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+#include "gtest/gtest.h"
+
+namespace {
+class DummyTest : public ::testing::TestWithParam<const char *> {};
+
+TEST_P(DummyTest, Dummy) {
+}
+
+INSTANTIATE_TEST_CASE_P(InvalidTestName,
+ DummyTest,
+ ::testing::Values("InvalidWithQuotes"),
+ ::testing::PrintToStringParamName());
+
+} // namespace
+
+int main(int argc, char *argv[]) {
+ testing::InitGoogleTest(&argc, argv);
+ return RUN_ALL_TESTS();
+}
+
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name2-test.py b/security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name2-test.py
new file mode 100644
index 000000000..ab838f463
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name2-test.py
@@ -0,0 +1,62 @@
+#!/usr/bin/env python
+#
+# Copyright 2015 Google Inc. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Verifies that Google Test warns the user when not initialized properly."""
+
+import gtest_test_utils
+
+binary_name = 'googletest-param-test-invalid-name2-test_'
+COMMAND = gtest_test_utils.GetTestExecutablePath(binary_name)
+
+
+def Assert(condition):
+ if not condition:
+ raise AssertionError
+
+
+def TestExitCodeAndOutput(command):
+ """Runs the given command and verifies its exit code and output."""
+
+ err = ('Duplicate parameterized test name \'a\'')
+
+ p = gtest_test_utils.Subprocess(command)
+ Assert(p.terminated_by_signal)
+
+ # Check for appropriate output
+ Assert(err in p.output)
+
+
+class GTestParamTestInvalidName2Test(gtest_test_utils.TestCase):
+
+ def testExitCodeAndOutput(self):
+ TestExitCodeAndOutput(COMMAND)
+
+if __name__ == '__main__':
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name2-test_.cc b/security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name2-test_.cc
new file mode 100644
index 000000000..ef093490e
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-param-test-invalid-name2-test_.cc
@@ -0,0 +1,55 @@
+// Copyright 2015, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+#include "gtest/gtest.h"
+
+namespace {
+class DummyTest : public ::testing::TestWithParam<const char *> {};
+
+std::string StringParamTestSuffix(
+ const testing::TestParamInfo<const char*>& info) {
+ return std::string(info.param);
+}
+
+TEST_P(DummyTest, Dummy) {
+}
+
+INSTANTIATE_TEST_CASE_P(DuplicateTestNames,
+ DummyTest,
+ ::testing::Values("a", "b", "a", "c"),
+ StringParamTestSuffix);
+} // namespace
+
+int main(int argc, char *argv[]) {
+ testing::InitGoogleTest(&argc, argv);
+ return RUN_ALL_TESTS();
+}
+
+
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-param-test-test.cc b/security/nss/gtests/google_test/gtest/test/googletest-param-test-test.cc
new file mode 100644
index 000000000..f789cab27
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-param-test-test.cc
@@ -0,0 +1,1109 @@
+// Copyright 2008, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+//
+// Tests for Google Test itself. This file verifies that the parameter
+// generators objects produce correct parameter sequences and that
+// Google Test runtime instantiates correct tests from those sequences.
+
+#include "gtest/gtest.h"
+
+# include <algorithm>
+# include <iostream>
+# include <list>
+# include <sstream>
+# include <string>
+# include <vector>
+
+# include "src/gtest-internal-inl.h" // for UnitTestOptions
+# include "test/googletest-param-test-test.h"
+
+using ::std::vector;
+using ::std::sort;
+
+using ::testing::AddGlobalTestEnvironment;
+using ::testing::Bool;
+using ::testing::Message;
+using ::testing::Range;
+using ::testing::TestWithParam;
+using ::testing::Values;
+using ::testing::ValuesIn;
+
+# if GTEST_HAS_COMBINE
+using ::testing::Combine;
+using ::testing::get;
+using ::testing::make_tuple;
+using ::testing::tuple;
+# endif // GTEST_HAS_COMBINE
+
+using ::testing::internal::ParamGenerator;
+using ::testing::internal::UnitTestOptions;
+
+// Prints a value to a string.
+//
+// FIXME: remove PrintValue() when we move matchers and
+// EXPECT_THAT() from Google Mock to Google Test. At that time, we
+// can write EXPECT_THAT(x, Eq(y)) to compare two tuples x and y, as
+// EXPECT_THAT() and the matchers know how to print tuples.
+template <typename T>
+::std::string PrintValue(const T& value) {
+ ::std::stringstream stream;
+ stream << value;
+ return stream.str();
+}
+
+# if GTEST_HAS_COMBINE
+
+// These overloads allow printing tuples in our tests. We cannot
+// define an operator<< for tuples, as that definition needs to be in
+// the std namespace in order to be picked up by Google Test via
+// Argument-Dependent Lookup, yet defining anything in the std
+// namespace in non-STL code is undefined behavior.
+
+template <typename T1, typename T2>
+::std::string PrintValue(const tuple<T1, T2>& value) {
+ ::std::stringstream stream;
+ stream << "(" << get<0>(value) << ", " << get<1>(value) << ")";
+ return stream.str();
+}
+
+template <typename T1, typename T2, typename T3>
+::std::string PrintValue(const tuple<T1, T2, T3>& value) {
+ ::std::stringstream stream;
+ stream << "(" << get<0>(value) << ", " << get<1>(value)
+ << ", "<< get<2>(value) << ")";
+ return stream.str();
+}
+
+template <typename T1, typename T2, typename T3, typename T4, typename T5,
+ typename T6, typename T7, typename T8, typename T9, typename T10>
+::std::string PrintValue(
+ const tuple<T1, T2, T3, T4, T5, T6, T7, T8, T9, T10>& value) {
+ ::std::stringstream stream;
+ stream << "(" << get<0>(value) << ", " << get<1>(value)
+ << ", "<< get<2>(value) << ", " << get<3>(value)
+ << ", "<< get<4>(value) << ", " << get<5>(value)
+ << ", "<< get<6>(value) << ", " << get<7>(value)
+ << ", "<< get<8>(value) << ", " << get<9>(value) << ")";
+ return stream.str();
+}
+
+# endif // GTEST_HAS_COMBINE
+
+// Verifies that a sequence generated by the generator and accessed
+// via the iterator object matches the expected one using Google Test
+// assertions.
+template <typename T, size_t N>
+void VerifyGenerator(const ParamGenerator<T>& generator,
+ const T (&expected_values)[N]) {
+ typename ParamGenerator<T>::iterator it = generator.begin();
+ for (size_t i = 0; i < N; ++i) {
+ ASSERT_FALSE(it == generator.end())
+ << "At element " << i << " when accessing via an iterator "
+ << "created with the copy constructor.\n";
+ // We cannot use EXPECT_EQ() here as the values may be tuples,
+ // which don't support <<.
+ EXPECT_TRUE(expected_values[i] == *it)
+ << "where i is " << i
+ << ", expected_values[i] is " << PrintValue(expected_values[i])
+ << ", *it is " << PrintValue(*it)
+ << ", and 'it' is an iterator created with the copy constructor.\n";
+ ++it;
+ }
+ EXPECT_TRUE(it == generator.end())
+ << "At the presumed end of sequence when accessing via an iterator "
+ << "created with the copy constructor.\n";
+
+ // Test the iterator assignment. The following lines verify that
+ // the sequence accessed via an iterator initialized via the
+ // assignment operator (as opposed to a copy constructor) matches
+ // just the same.
+ it = generator.begin();
+ for (size_t i = 0; i < N; ++i) {
+ ASSERT_FALSE(it == generator.end())
+ << "At element " << i << " when accessing via an iterator "
+ << "created with the assignment operator.\n";
+ EXPECT_TRUE(expected_values[i] == *it)
+ << "where i is " << i
+ << ", expected_values[i] is " << PrintValue(expected_values[i])
+ << ", *it is " << PrintValue(*it)
+ << ", and 'it' is an iterator created with the copy constructor.\n";
+ ++it;
+ }
+ EXPECT_TRUE(it == generator.end())
+ << "At the presumed end of sequence when accessing via an iterator "
+ << "created with the assignment operator.\n";
+}
+
+template <typename T>
+void VerifyGeneratorIsEmpty(const ParamGenerator<T>& generator) {
+ typename ParamGenerator<T>::iterator it = generator.begin();
+ EXPECT_TRUE(it == generator.end());
+
+ it = generator.begin();
+ EXPECT_TRUE(it == generator.end());
+}
+
+// Generator tests. They test that each of the provided generator functions
+// generates an expected sequence of values. The general test pattern
+// instantiates a generator using one of the generator functions,
+// checks the sequence produced by the generator using its iterator API,
+// and then resets the iterator back to the beginning of the sequence
+// and checks the sequence again.
+
+// Tests that iterators produced by generator functions conform to the
+// ForwardIterator concept.
+TEST(IteratorTest, ParamIteratorConformsToForwardIteratorConcept) {
+ const ParamGenerator<int> gen = Range(0, 10);
+ ParamGenerator<int>::iterator it = gen.begin();
+
+ // Verifies that iterator initialization works as expected.
+ ParamGenerator<int>::iterator it2 = it;
+ EXPECT_TRUE(*it == *it2) << "Initialized iterators must point to the "
+ << "element same as its source points to";
+
+ // Verifies that iterator assignment works as expected.
+ ++it;
+ EXPECT_FALSE(*it == *it2);
+ it2 = it;
+ EXPECT_TRUE(*it == *it2) << "Assigned iterators must point to the "
+ << "element same as its source points to";
+
+ // Verifies that prefix operator++() returns *this.
+ EXPECT_EQ(&it, &(++it)) << "Result of the prefix operator++ must be "
+ << "refer to the original object";
+
+ // Verifies that the result of the postfix operator++ points to the value
+ // pointed to by the original iterator.
+ int original_value = *it; // Have to compute it outside of macro call to be
+ // unaffected by the parameter evaluation order.
+ EXPECT_EQ(original_value, *(it++));
+
+ // Verifies that prefix and postfix operator++() advance an iterator
+ // all the same.
+ it2 = it;
+ ++it;
+ ++it2;
+ EXPECT_TRUE(*it == *it2);
+}
+
+// Tests that Range() generates the expected sequence.
+TEST(RangeTest, IntRangeWithDefaultStep) {
+ const ParamGenerator<int> gen = Range(0, 3);
+ const int expected_values[] = {0, 1, 2};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Edge case. Tests that Range() generates the single element sequence
+// as expected when provided with range limits that are equal.
+TEST(RangeTest, IntRangeSingleValue) {
+ const ParamGenerator<int> gen = Range(0, 1);
+ const int expected_values[] = {0};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Edge case. Tests that Range() with generates empty sequence when
+// supplied with an empty range.
+TEST(RangeTest, IntRangeEmpty) {
+ const ParamGenerator<int> gen = Range(0, 0);
+ VerifyGeneratorIsEmpty(gen);
+}
+
+// Tests that Range() with custom step (greater then one) generates
+// the expected sequence.
+TEST(RangeTest, IntRangeWithCustomStep) {
+ const ParamGenerator<int> gen = Range(0, 9, 3);
+ const int expected_values[] = {0, 3, 6};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Tests that Range() with custom step (greater then one) generates
+// the expected sequence when the last element does not fall on the
+// upper range limit. Sequences generated by Range() must not have
+// elements beyond the range limits.
+TEST(RangeTest, IntRangeWithCustomStepOverUpperBound) {
+ const ParamGenerator<int> gen = Range(0, 4, 3);
+ const int expected_values[] = {0, 3};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Verifies that Range works with user-defined types that define
+// copy constructor, operator=(), operator+(), and operator<().
+class DogAdder {
+ public:
+ explicit DogAdder(const char* a_value) : value_(a_value) {}
+ DogAdder(const DogAdder& other) : value_(other.value_.c_str()) {}
+
+ DogAdder operator=(const DogAdder& other) {
+ if (this != &other)
+ value_ = other.value_;
+ return *this;
+ }
+ DogAdder operator+(const DogAdder& other) const {
+ Message msg;
+ msg << value_.c_str() << other.value_.c_str();
+ return DogAdder(msg.GetString().c_str());
+ }
+ bool operator<(const DogAdder& other) const {
+ return value_ < other.value_;
+ }
+ const std::string& value() const { return value_; }
+
+ private:
+ std::string value_;
+};
+
+TEST(RangeTest, WorksWithACustomType) {
+ const ParamGenerator<DogAdder> gen =
+ Range(DogAdder("cat"), DogAdder("catdogdog"), DogAdder("dog"));
+ ParamGenerator<DogAdder>::iterator it = gen.begin();
+
+ ASSERT_FALSE(it == gen.end());
+ EXPECT_STREQ("cat", it->value().c_str());
+
+ ASSERT_FALSE(++it == gen.end());
+ EXPECT_STREQ("catdog", it->value().c_str());
+
+ EXPECT_TRUE(++it == gen.end());
+}
+
+class IntWrapper {
+ public:
+ explicit IntWrapper(int a_value) : value_(a_value) {}
+ IntWrapper(const IntWrapper& other) : value_(other.value_) {}
+
+ IntWrapper operator=(const IntWrapper& other) {
+ value_ = other.value_;
+ return *this;
+ }
+ // operator+() adds a different type.
+ IntWrapper operator+(int other) const { return IntWrapper(value_ + other); }
+ bool operator<(const IntWrapper& other) const {
+ return value_ < other.value_;
+ }
+ int value() const { return value_; }
+
+ private:
+ int value_;
+};
+
+TEST(RangeTest, WorksWithACustomTypeWithDifferentIncrementType) {
+ const ParamGenerator<IntWrapper> gen = Range(IntWrapper(0), IntWrapper(2));
+ ParamGenerator<IntWrapper>::iterator it = gen.begin();
+
+ ASSERT_FALSE(it == gen.end());
+ EXPECT_EQ(0, it->value());
+
+ ASSERT_FALSE(++it == gen.end());
+ EXPECT_EQ(1, it->value());
+
+ EXPECT_TRUE(++it == gen.end());
+}
+
+// Tests that ValuesIn() with an array parameter generates
+// the expected sequence.
+TEST(ValuesInTest, ValuesInArray) {
+ int array[] = {3, 5, 8};
+ const ParamGenerator<int> gen = ValuesIn(array);
+ VerifyGenerator(gen, array);
+}
+
+// Tests that ValuesIn() with a const array parameter generates
+// the expected sequence.
+TEST(ValuesInTest, ValuesInConstArray) {
+ const int array[] = {3, 5, 8};
+ const ParamGenerator<int> gen = ValuesIn(array);
+ VerifyGenerator(gen, array);
+}
+
+// Edge case. Tests that ValuesIn() with an array parameter containing a
+// single element generates the single element sequence.
+TEST(ValuesInTest, ValuesInSingleElementArray) {
+ int array[] = {42};
+ const ParamGenerator<int> gen = ValuesIn(array);
+ VerifyGenerator(gen, array);
+}
+
+// Tests that ValuesIn() generates the expected sequence for an STL
+// container (vector).
+TEST(ValuesInTest, ValuesInVector) {
+ typedef ::std::vector<int> ContainerType;
+ ContainerType values;
+ values.push_back(3);
+ values.push_back(5);
+ values.push_back(8);
+ const ParamGenerator<int> gen = ValuesIn(values);
+
+ const int expected_values[] = {3, 5, 8};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Tests that ValuesIn() generates the expected sequence.
+TEST(ValuesInTest, ValuesInIteratorRange) {
+ typedef ::std::vector<int> ContainerType;
+ ContainerType values;
+ values.push_back(3);
+ values.push_back(5);
+ values.push_back(8);
+ const ParamGenerator<int> gen = ValuesIn(values.begin(), values.end());
+
+ const int expected_values[] = {3, 5, 8};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Edge case. Tests that ValuesIn() provided with an iterator range specifying a
+// single value generates a single-element sequence.
+TEST(ValuesInTest, ValuesInSingleElementIteratorRange) {
+ typedef ::std::vector<int> ContainerType;
+ ContainerType values;
+ values.push_back(42);
+ const ParamGenerator<int> gen = ValuesIn(values.begin(), values.end());
+
+ const int expected_values[] = {42};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Edge case. Tests that ValuesIn() provided with an empty iterator range
+// generates an empty sequence.
+TEST(ValuesInTest, ValuesInEmptyIteratorRange) {
+ typedef ::std::vector<int> ContainerType;
+ ContainerType values;
+ const ParamGenerator<int> gen = ValuesIn(values.begin(), values.end());
+
+ VerifyGeneratorIsEmpty(gen);
+}
+
+// Tests that the Values() generates the expected sequence.
+TEST(ValuesTest, ValuesWorks) {
+ const ParamGenerator<int> gen = Values(3, 5, 8);
+
+ const int expected_values[] = {3, 5, 8};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Tests that Values() generates the expected sequences from elements of
+// different types convertible to ParamGenerator's parameter type.
+TEST(ValuesTest, ValuesWorksForValuesOfCompatibleTypes) {
+ const ParamGenerator<double> gen = Values(3, 5.0f, 8.0);
+
+ const double expected_values[] = {3.0, 5.0, 8.0};
+ VerifyGenerator(gen, expected_values);
+}
+
+TEST(ValuesTest, ValuesWorksForMaxLengthList) {
+ const ParamGenerator<int> gen = Values(
+ 10, 20, 30, 40, 50, 60, 70, 80, 90, 100,
+ 110, 120, 130, 140, 150, 160, 170, 180, 190, 200,
+ 210, 220, 230, 240, 250, 260, 270, 280, 290, 300,
+ 310, 320, 330, 340, 350, 360, 370, 380, 390, 400,
+ 410, 420, 430, 440, 450, 460, 470, 480, 490, 500);
+
+ const int expected_values[] = {
+ 10, 20, 30, 40, 50, 60, 70, 80, 90, 100,
+ 110, 120, 130, 140, 150, 160, 170, 180, 190, 200,
+ 210, 220, 230, 240, 250, 260, 270, 280, 290, 300,
+ 310, 320, 330, 340, 350, 360, 370, 380, 390, 400,
+ 410, 420, 430, 440, 450, 460, 470, 480, 490, 500};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Edge case test. Tests that single-parameter Values() generates the sequence
+// with the single value.
+TEST(ValuesTest, ValuesWithSingleParameter) {
+ const ParamGenerator<int> gen = Values(42);
+
+ const int expected_values[] = {42};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Tests that Bool() generates sequence (false, true).
+TEST(BoolTest, BoolWorks) {
+ const ParamGenerator<bool> gen = Bool();
+
+ const bool expected_values[] = {false, true};
+ VerifyGenerator(gen, expected_values);
+}
+
+# if GTEST_HAS_COMBINE
+
+// Tests that Combine() with two parameters generates the expected sequence.
+TEST(CombineTest, CombineWithTwoParameters) {
+ const char* foo = "foo";
+ const char* bar = "bar";
+ const ParamGenerator<tuple<const char*, int> > gen =
+ Combine(Values(foo, bar), Values(3, 4));
+
+ tuple<const char*, int> expected_values[] = {
+ make_tuple(foo, 3), make_tuple(foo, 4),
+ make_tuple(bar, 3), make_tuple(bar, 4)};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Tests that Combine() with three parameters generates the expected sequence.
+TEST(CombineTest, CombineWithThreeParameters) {
+ const ParamGenerator<tuple<int, int, int> > gen = Combine(Values(0, 1),
+ Values(3, 4),
+ Values(5, 6));
+ tuple<int, int, int> expected_values[] = {
+ make_tuple(0, 3, 5), make_tuple(0, 3, 6),
+ make_tuple(0, 4, 5), make_tuple(0, 4, 6),
+ make_tuple(1, 3, 5), make_tuple(1, 3, 6),
+ make_tuple(1, 4, 5), make_tuple(1, 4, 6)};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Tests that the Combine() with the first parameter generating a single value
+// sequence generates a sequence with the number of elements equal to the
+// number of elements in the sequence generated by the second parameter.
+TEST(CombineTest, CombineWithFirstParameterSingleValue) {
+ const ParamGenerator<tuple<int, int> > gen = Combine(Values(42),
+ Values(0, 1));
+
+ tuple<int, int> expected_values[] = {make_tuple(42, 0), make_tuple(42, 1)};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Tests that the Combine() with the second parameter generating a single value
+// sequence generates a sequence with the number of elements equal to the
+// number of elements in the sequence generated by the first parameter.
+TEST(CombineTest, CombineWithSecondParameterSingleValue) {
+ const ParamGenerator<tuple<int, int> > gen = Combine(Values(0, 1),
+ Values(42));
+
+ tuple<int, int> expected_values[] = {make_tuple(0, 42), make_tuple(1, 42)};
+ VerifyGenerator(gen, expected_values);
+}
+
+// Tests that when the first parameter produces an empty sequence,
+// Combine() produces an empty sequence, too.
+TEST(CombineTest, CombineWithFirstParameterEmptyRange) {
+ const ParamGenerator<tuple<int, int> > gen = Combine(Range(0, 0),
+ Values(0, 1));
+ VerifyGeneratorIsEmpty(gen);
+}
+
+// Tests that when the second parameter produces an empty sequence,
+// Combine() produces an empty sequence, too.
+TEST(CombineTest, CombineWithSecondParameterEmptyRange) {
+ const ParamGenerator<tuple<int, int> > gen = Combine(Values(0, 1),
+ Range(1, 1));
+ VerifyGeneratorIsEmpty(gen);
+}
+
+// Edge case. Tests that combine works with the maximum number
+// of parameters supported by Google Test (currently 10).
+TEST(CombineTest, CombineWithMaxNumberOfParameters) {
+ const char* foo = "foo";
+ const char* bar = "bar";
+ const ParamGenerator<tuple<const char*, int, int, int, int, int, int, int,
+ int, int> > gen = Combine(Values(foo, bar),
+ Values(1), Values(2),
+ Values(3), Values(4),
+ Values(5), Values(6),
+ Values(7), Values(8),
+ Values(9));
+
+ tuple<const char*, int, int, int, int, int, int, int, int, int>
+ expected_values[] = {make_tuple(foo, 1, 2, 3, 4, 5, 6, 7, 8, 9),
+ make_tuple(bar, 1, 2, 3, 4, 5, 6, 7, 8, 9)};
+ VerifyGenerator(gen, expected_values);
+}
+
+#if GTEST_LANG_CXX11
+
+class NonDefaultConstructAssignString {
+ public:
+ NonDefaultConstructAssignString(const std::string& s) : str_(s) {}
+
+ const std::string& str() const { return str_; }
+
+ private:
+ std::string str_;
+
+ // Not default constructible
+ NonDefaultConstructAssignString();
+ // Not assignable
+ void operator=(const NonDefaultConstructAssignString&);
+};
+
+TEST(CombineTest, NonDefaultConstructAssign) {
+ const ParamGenerator<tuple<int, NonDefaultConstructAssignString> > gen =
+ Combine(Values(0, 1), Values(NonDefaultConstructAssignString("A"),
+ NonDefaultConstructAssignString("B")));
+
+ ParamGenerator<tuple<int, NonDefaultConstructAssignString> >::iterator it =
+ gen.begin();
+
+ EXPECT_EQ(0, std::get<0>(*it));
+ EXPECT_EQ("A", std::get<1>(*it).str());
+ ++it;
+
+ EXPECT_EQ(0, std::get<0>(*it));
+ EXPECT_EQ("B", std::get<1>(*it).str());
+ ++it;
+
+ EXPECT_EQ(1, std::get<0>(*it));
+ EXPECT_EQ("A", std::get<1>(*it).str());
+ ++it;
+
+ EXPECT_EQ(1, std::get<0>(*it));
+ EXPECT_EQ("B", std::get<1>(*it).str());
+ ++it;
+
+ EXPECT_TRUE(it == gen.end());
+}
+
+#endif // GTEST_LANG_CXX11
+# endif // GTEST_HAS_COMBINE
+
+// Tests that an generator produces correct sequence after being
+// assigned from another generator.
+TEST(ParamGeneratorTest, AssignmentWorks) {
+ ParamGenerator<int> gen = Values(1, 2);
+ const ParamGenerator<int> gen2 = Values(3, 4);
+ gen = gen2;
+
+ const int expected_values[] = {3, 4};
+ VerifyGenerator(gen, expected_values);
+}
+
+// This test verifies that the tests are expanded and run as specified:
+// one test per element from the sequence produced by the generator
+// specified in INSTANTIATE_TEST_CASE_P. It also verifies that the test's
+// fixture constructor, SetUp(), and TearDown() have run and have been
+// supplied with the correct parameters.
+
+// The use of environment object allows detection of the case where no test
+// case functionality is run at all. In this case TestCaseTearDown will not
+// be able to detect missing tests, naturally.
+template <int kExpectedCalls>
+class TestGenerationEnvironment : public ::testing::Environment {
+ public:
+ static TestGenerationEnvironment* Instance() {
+ static TestGenerationEnvironment* instance = new TestGenerationEnvironment;
+ return instance;
+ }
+
+ void FixtureConstructorExecuted() { fixture_constructor_count_++; }
+ void SetUpExecuted() { set_up_count_++; }
+ void TearDownExecuted() { tear_down_count_++; }
+ void TestBodyExecuted() { test_body_count_++; }
+
+ virtual void TearDown() {
+ // If all MultipleTestGenerationTest tests have been de-selected
+ // by the filter flag, the following checks make no sense.
+ bool perform_check = false;
+
+ for (int i = 0; i < kExpectedCalls; ++i) {
+ Message msg;
+ msg << "TestsExpandedAndRun/" << i;
+ if (UnitTestOptions::FilterMatchesTest(
+ "TestExpansionModule/MultipleTestGenerationTest",
+ msg.GetString().c_str())) {
+ perform_check = true;
+ }
+ }
+ if (perform_check) {
+ EXPECT_EQ(kExpectedCalls, fixture_constructor_count_)
+ << "Fixture constructor of ParamTestGenerationTest test case "
+ << "has not been run as expected.";
+ EXPECT_EQ(kExpectedCalls, set_up_count_)
+ << "Fixture SetUp method of ParamTestGenerationTest test case "
+ << "has not been run as expected.";
+ EXPECT_EQ(kExpectedCalls, tear_down_count_)
+ << "Fixture TearDown method of ParamTestGenerationTest test case "
+ << "has not been run as expected.";
+ EXPECT_EQ(kExpectedCalls, test_body_count_)
+ << "Test in ParamTestGenerationTest test case "
+ << "has not been run as expected.";
+ }
+ }
+
+ private:
+ TestGenerationEnvironment() : fixture_constructor_count_(0), set_up_count_(0),
+ tear_down_count_(0), test_body_count_(0) {}
+
+ int fixture_constructor_count_;
+ int set_up_count_;
+ int tear_down_count_;
+ int test_body_count_;
+
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(TestGenerationEnvironment);
+};
+
+const int test_generation_params[] = {36, 42, 72};
+
+class TestGenerationTest : public TestWithParam<int> {
+ public:
+ enum {
+ PARAMETER_COUNT =
+ sizeof(test_generation_params)/sizeof(test_generation_params[0])
+ };
+
+ typedef TestGenerationEnvironment<PARAMETER_COUNT> Environment;
+
+ TestGenerationTest() {
+ Environment::Instance()->FixtureConstructorExecuted();
+ current_parameter_ = GetParam();
+ }
+ virtual void SetUp() {
+ Environment::Instance()->SetUpExecuted();
+ EXPECT_EQ(current_parameter_, GetParam());
+ }
+ virtual void TearDown() {
+ Environment::Instance()->TearDownExecuted();
+ EXPECT_EQ(current_parameter_, GetParam());
+ }
+
+ static void SetUpTestCase() {
+ bool all_tests_in_test_case_selected = true;
+
+ for (int i = 0; i < PARAMETER_COUNT; ++i) {
+ Message test_name;
+ test_name << "TestsExpandedAndRun/" << i;
+ if ( !UnitTestOptions::FilterMatchesTest(
+ "TestExpansionModule/MultipleTestGenerationTest",
+ test_name.GetString())) {
+ all_tests_in_test_case_selected = false;
+ }
+ }
+ EXPECT_TRUE(all_tests_in_test_case_selected)
+ << "When running the TestGenerationTest test case all of its tests\n"
+ << "must be selected by the filter flag for the test case to pass.\n"
+ << "If not all of them are enabled, we can't reliably conclude\n"
+ << "that the correct number of tests have been generated.";
+
+ collected_parameters_.clear();
+ }
+
+ static void TearDownTestCase() {
+ vector<int> expected_values(test_generation_params,
+ test_generation_params + PARAMETER_COUNT);
+ // Test execution order is not guaranteed by Google Test,
+ // so the order of values in collected_parameters_ can be
+ // different and we have to sort to compare.
+ sort(expected_values.begin(), expected_values.end());
+ sort(collected_parameters_.begin(), collected_parameters_.end());
+
+ EXPECT_TRUE(collected_parameters_ == expected_values);
+ }
+
+ protected:
+ int current_parameter_;
+ static vector<int> collected_parameters_;
+
+ private:
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(TestGenerationTest);
+};
+vector<int> TestGenerationTest::collected_parameters_;
+
+TEST_P(TestGenerationTest, TestsExpandedAndRun) {
+ Environment::Instance()->TestBodyExecuted();
+ EXPECT_EQ(current_parameter_, GetParam());
+ collected_parameters_.push_back(GetParam());
+}
+INSTANTIATE_TEST_CASE_P(TestExpansionModule, TestGenerationTest,
+ ValuesIn(test_generation_params));
+
+// This test verifies that the element sequence (third parameter of
+// INSTANTIATE_TEST_CASE_P) is evaluated in InitGoogleTest() and neither at
+// the call site of INSTANTIATE_TEST_CASE_P nor in RUN_ALL_TESTS(). For
+// that, we declare param_value_ to be a static member of
+// GeneratorEvaluationTest and initialize it to 0. We set it to 1 in
+// main(), just before invocation of InitGoogleTest(). After calling
+// InitGoogleTest(), we set the value to 2. If the sequence is evaluated
+// before or after InitGoogleTest, INSTANTIATE_TEST_CASE_P will create a
+// test with parameter other than 1, and the test body will fail the
+// assertion.
+class GeneratorEvaluationTest : public TestWithParam<int> {
+ public:
+ static int param_value() { return param_value_; }
+ static void set_param_value(int param_value) { param_value_ = param_value; }
+
+ private:
+ static int param_value_;
+};
+int GeneratorEvaluationTest::param_value_ = 0;
+
+TEST_P(GeneratorEvaluationTest, GeneratorsEvaluatedInMain) {
+ EXPECT_EQ(1, GetParam());
+}
+INSTANTIATE_TEST_CASE_P(GenEvalModule,
+ GeneratorEvaluationTest,
+ Values(GeneratorEvaluationTest::param_value()));
+
+// Tests that generators defined in a different translation unit are
+// functional. Generator extern_gen is defined in gtest-param-test_test2.cc.
+extern ParamGenerator<int> extern_gen;
+class ExternalGeneratorTest : public TestWithParam<int> {};
+TEST_P(ExternalGeneratorTest, ExternalGenerator) {
+ // Sequence produced by extern_gen contains only a single value
+ // which we verify here.
+ EXPECT_EQ(GetParam(), 33);
+}
+INSTANTIATE_TEST_CASE_P(ExternalGeneratorModule,
+ ExternalGeneratorTest,
+ extern_gen);
+
+// Tests that a parameterized test case can be defined in one translation
+// unit and instantiated in another. This test will be instantiated in
+// gtest-param-test_test2.cc. ExternalInstantiationTest fixture class is
+// defined in gtest-param-test_test.h.
+TEST_P(ExternalInstantiationTest, IsMultipleOf33) {
+ EXPECT_EQ(0, GetParam() % 33);
+}
+
+// Tests that a parameterized test case can be instantiated with multiple
+// generators.
+class MultipleInstantiationTest : public TestWithParam<int> {};
+TEST_P(MultipleInstantiationTest, AllowsMultipleInstances) {
+}
+INSTANTIATE_TEST_CASE_P(Sequence1, MultipleInstantiationTest, Values(1, 2));
+INSTANTIATE_TEST_CASE_P(Sequence2, MultipleInstantiationTest, Range(3, 5));
+
+// Tests that a parameterized test case can be instantiated
+// in multiple translation units. This test will be instantiated
+// here and in gtest-param-test_test2.cc.
+// InstantiationInMultipleTranslationUnitsTest fixture class
+// is defined in gtest-param-test_test.h.
+TEST_P(InstantiationInMultipleTranslaionUnitsTest, IsMultipleOf42) {
+ EXPECT_EQ(0, GetParam() % 42);
+}
+INSTANTIATE_TEST_CASE_P(Sequence1,
+ InstantiationInMultipleTranslaionUnitsTest,
+ Values(42, 42*2));
+
+// Tests that each iteration of parameterized test runs in a separate test
+// object.
+class SeparateInstanceTest : public TestWithParam<int> {
+ public:
+ SeparateInstanceTest() : count_(0) {}
+
+ static void TearDownTestCase() {
+ EXPECT_GE(global_count_, 2)
+ << "If some (but not all) SeparateInstanceTest tests have been "
+ << "filtered out this test will fail. Make sure that all "
+ << "GeneratorEvaluationTest are selected or de-selected together "
+ << "by the test filter.";
+ }
+
+ protected:
+ int count_;
+ static int global_count_;
+};
+int SeparateInstanceTest::global_count_ = 0;
+
+TEST_P(SeparateInstanceTest, TestsRunInSeparateInstances) {
+ EXPECT_EQ(0, count_++);
+ global_count_++;
+}
+INSTANTIATE_TEST_CASE_P(FourElemSequence, SeparateInstanceTest, Range(1, 4));
+
+// Tests that all instantiations of a test have named appropriately. Test
+// defined with TEST_P(TestCaseName, TestName) and instantiated with
+// INSTANTIATE_TEST_CASE_P(SequenceName, TestCaseName, generator) must be named
+// SequenceName/TestCaseName.TestName/i, where i is the 0-based index of the
+// sequence element used to instantiate the test.
+class NamingTest : public TestWithParam<int> {};
+
+TEST_P(NamingTest, TestsReportCorrectNamesAndParameters) {
+ const ::testing::TestInfo* const test_info =
+ ::testing::UnitTest::GetInstance()->current_test_info();
+
+ EXPECT_STREQ("ZeroToFiveSequence/NamingTest", test_info->test_case_name());
+
+ Message index_stream;
+ index_stream << "TestsReportCorrectNamesAndParameters/" << GetParam();
+ EXPECT_STREQ(index_stream.GetString().c_str(), test_info->name());
+
+ EXPECT_EQ(::testing::PrintToString(GetParam()), test_info->value_param());
+}
+
+INSTANTIATE_TEST_CASE_P(ZeroToFiveSequence, NamingTest, Range(0, 5));
+
+// Tests that macros in test names are expanded correctly.
+class MacroNamingTest : public TestWithParam<int> {};
+
+#define PREFIX_WITH_FOO(test_name) Foo##test_name
+#define PREFIX_WITH_MACRO(test_name) Macro##test_name
+
+TEST_P(PREFIX_WITH_MACRO(NamingTest), PREFIX_WITH_FOO(SomeTestName)) {
+ const ::testing::TestInfo* const test_info =
+ ::testing::UnitTest::GetInstance()->current_test_info();
+
+ EXPECT_STREQ("FortyTwo/MacroNamingTest", test_info->test_case_name());
+ EXPECT_STREQ("FooSomeTestName", test_info->name());
+}
+
+INSTANTIATE_TEST_CASE_P(FortyTwo, MacroNamingTest, Values(42));
+
+// Tests the same thing for non-parametrized tests.
+class MacroNamingTestNonParametrized : public ::testing::Test {};
+
+TEST_F(PREFIX_WITH_MACRO(NamingTestNonParametrized),
+ PREFIX_WITH_FOO(SomeTestName)) {
+ const ::testing::TestInfo* const test_info =
+ ::testing::UnitTest::GetInstance()->current_test_info();
+
+ EXPECT_STREQ("MacroNamingTestNonParametrized", test_info->test_case_name());
+ EXPECT_STREQ("FooSomeTestName", test_info->name());
+}
+
+// Tests that user supplied custom parameter names are working correctly.
+// Runs the test with a builtin helper method which uses PrintToString,
+// as well as a custom function and custom functor to ensure all possible
+// uses work correctly.
+class CustomFunctorNamingTest : public TestWithParam<std::string> {};
+TEST_P(CustomFunctorNamingTest, CustomTestNames) {}
+
+struct CustomParamNameFunctor {
+ std::string operator()(const ::testing::TestParamInfo<std::string>& inf) {
+ return inf.param;
+ }
+};
+
+INSTANTIATE_TEST_CASE_P(CustomParamNameFunctor,
+ CustomFunctorNamingTest,
+ Values(std::string("FunctorName")),
+ CustomParamNameFunctor());
+
+INSTANTIATE_TEST_CASE_P(AllAllowedCharacters,
+ CustomFunctorNamingTest,
+ Values("abcdefghijklmnopqrstuvwxyz",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
+ "01234567890_"),
+ CustomParamNameFunctor());
+
+inline std::string CustomParamNameFunction(
+ const ::testing::TestParamInfo<std::string>& inf) {
+ return inf.param;
+}
+
+class CustomFunctionNamingTest : public TestWithParam<std::string> {};
+TEST_P(CustomFunctionNamingTest, CustomTestNames) {}
+
+INSTANTIATE_TEST_CASE_P(CustomParamNameFunction,
+ CustomFunctionNamingTest,
+ Values(std::string("FunctionName")),
+ CustomParamNameFunction);
+
+#if GTEST_LANG_CXX11
+
+// Test custom naming with a lambda
+
+class CustomLambdaNamingTest : public TestWithParam<std::string> {};
+TEST_P(CustomLambdaNamingTest, CustomTestNames) {}
+
+INSTANTIATE_TEST_CASE_P(CustomParamNameLambda, CustomLambdaNamingTest,
+ Values(std::string("LambdaName")),
+ [](const ::testing::TestParamInfo<std::string>& inf) {
+ return inf.param;
+ });
+
+#endif // GTEST_LANG_CXX11
+
+TEST(CustomNamingTest, CheckNameRegistry) {
+ ::testing::UnitTest* unit_test = ::testing::UnitTest::GetInstance();
+ std::set<std::string> test_names;
+ for (int case_num = 0;
+ case_num < unit_test->total_test_case_count();
+ ++case_num) {
+ const ::testing::TestCase* test_case = unit_test->GetTestCase(case_num);
+ for (int test_num = 0;
+ test_num < test_case->total_test_count();
+ ++test_num) {
+ const ::testing::TestInfo* test_info = test_case->GetTestInfo(test_num);
+ test_names.insert(std::string(test_info->name()));
+ }
+ }
+ EXPECT_EQ(1u, test_names.count("CustomTestNames/FunctorName"));
+ EXPECT_EQ(1u, test_names.count("CustomTestNames/FunctionName"));
+#if GTEST_LANG_CXX11
+ EXPECT_EQ(1u, test_names.count("CustomTestNames/LambdaName"));
+#endif // GTEST_LANG_CXX11
+}
+
+// Test a numeric name to ensure PrintToStringParamName works correctly.
+
+class CustomIntegerNamingTest : public TestWithParam<int> {};
+
+TEST_P(CustomIntegerNamingTest, TestsReportCorrectNames) {
+ const ::testing::TestInfo* const test_info =
+ ::testing::UnitTest::GetInstance()->current_test_info();
+ Message test_name_stream;
+ test_name_stream << "TestsReportCorrectNames/" << GetParam();
+ EXPECT_STREQ(test_name_stream.GetString().c_str(), test_info->name());
+}
+
+INSTANTIATE_TEST_CASE_P(PrintToString,
+ CustomIntegerNamingTest,
+ Range(0, 5),
+ ::testing::PrintToStringParamName());
+
+// Test a custom struct with PrintToString.
+
+struct CustomStruct {
+ explicit CustomStruct(int value) : x(value) {}
+ int x;
+};
+
+std::ostream& operator<<(std::ostream& stream, const CustomStruct& val) {
+ stream << val.x;
+ return stream;
+}
+
+class CustomStructNamingTest : public TestWithParam<CustomStruct> {};
+
+TEST_P(CustomStructNamingTest, TestsReportCorrectNames) {
+ const ::testing::TestInfo* const test_info =
+ ::testing::UnitTest::GetInstance()->current_test_info();
+ Message test_name_stream;
+ test_name_stream << "TestsReportCorrectNames/" << GetParam();
+ EXPECT_STREQ(test_name_stream.GetString().c_str(), test_info->name());
+}
+
+INSTANTIATE_TEST_CASE_P(PrintToString,
+ CustomStructNamingTest,
+ Values(CustomStruct(0), CustomStruct(1)),
+ ::testing::PrintToStringParamName());
+
+// Test that using a stateful parameter naming function works as expected.
+
+struct StatefulNamingFunctor {
+ StatefulNamingFunctor() : sum(0) {}
+ std::string operator()(const ::testing::TestParamInfo<int>& info) {
+ int value = info.param + sum;
+ sum += info.param;
+ return ::testing::PrintToString(value);
+ }
+ int sum;
+};
+
+class StatefulNamingTest : public ::testing::TestWithParam<int> {
+ protected:
+ StatefulNamingTest() : sum_(0) {}
+ int sum_;
+};
+
+TEST_P(StatefulNamingTest, TestsReportCorrectNames) {
+ const ::testing::TestInfo* const test_info =
+ ::testing::UnitTest::GetInstance()->current_test_info();
+ sum_ += GetParam();
+ Message test_name_stream;
+ test_name_stream << "TestsReportCorrectNames/" << sum_;
+ EXPECT_STREQ(test_name_stream.GetString().c_str(), test_info->name());
+}
+
+INSTANTIATE_TEST_CASE_P(StatefulNamingFunctor,
+ StatefulNamingTest,
+ Range(0, 5),
+ StatefulNamingFunctor());
+
+// Class that cannot be streamed into an ostream. It needs to be copyable
+// (and, in case of MSVC, also assignable) in order to be a test parameter
+// type. Its default copy constructor and assignment operator do exactly
+// what we need.
+class Unstreamable {
+ public:
+ explicit Unstreamable(int value) : value_(value) {}
+
+ private:
+ int value_;
+};
+
+class CommentTest : public TestWithParam<Unstreamable> {};
+
+TEST_P(CommentTest, TestsCorrectlyReportUnstreamableParams) {
+ const ::testing::TestInfo* const test_info =
+ ::testing::UnitTest::GetInstance()->current_test_info();
+
+ EXPECT_EQ(::testing::PrintToString(GetParam()), test_info->value_param());
+}
+
+INSTANTIATE_TEST_CASE_P(InstantiationWithComments,
+ CommentTest,
+ Values(Unstreamable(1)));
+
+// Verify that we can create a hierarchy of test fixtures, where the base
+// class fixture is not parameterized and the derived class is. In this case
+// ParameterizedDerivedTest inherits from NonParameterizedBaseTest. We
+// perform simple tests on both.
+class NonParameterizedBaseTest : public ::testing::Test {
+ public:
+ NonParameterizedBaseTest() : n_(17) { }
+ protected:
+ int n_;
+};
+
+class ParameterizedDerivedTest : public NonParameterizedBaseTest,
+ public ::testing::WithParamInterface<int> {
+ protected:
+ ParameterizedDerivedTest() : count_(0) { }
+ int count_;
+ static int global_count_;
+};
+
+int ParameterizedDerivedTest::global_count_ = 0;
+
+TEST_F(NonParameterizedBaseTest, FixtureIsInitialized) {
+ EXPECT_EQ(17, n_);
+}
+
+TEST_P(ParameterizedDerivedTest, SeesSequence) {
+ EXPECT_EQ(17, n_);
+ EXPECT_EQ(0, count_++);
+ EXPECT_EQ(GetParam(), global_count_++);
+}
+
+class ParameterizedDeathTest : public ::testing::TestWithParam<int> { };
+
+TEST_F(ParameterizedDeathTest, GetParamDiesFromTestF) {
+ EXPECT_DEATH_IF_SUPPORTED(GetParam(),
+ ".* value-parameterized test .*");
+}
+
+INSTANTIATE_TEST_CASE_P(RangeZeroToFive, ParameterizedDerivedTest, Range(0, 5));
+
+
+int main(int argc, char **argv) {
+ // Used in TestGenerationTest test case.
+ AddGlobalTestEnvironment(TestGenerationTest::Environment::Instance());
+ // Used in GeneratorEvaluationTest test case. Tests that the updated value
+ // will be picked up for instantiating tests in GeneratorEvaluationTest.
+ GeneratorEvaluationTest::set_param_value(1);
+
+ ::testing::InitGoogleTest(&argc, argv);
+
+ // Used in GeneratorEvaluationTest test case. Tests that value updated
+ // here will NOT be used for instantiating tests in
+ // GeneratorEvaluationTest.
+ GeneratorEvaluationTest::set_param_value(2);
+
+ return RUN_ALL_TESTS();
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-param-test-test.h b/security/nss/gtests/google_test/gtest/test/googletest-param-test-test.h
new file mode 100644
index 000000000..632a61f49
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-param-test-test.h
@@ -0,0 +1,51 @@
+// Copyright 2008, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// The Google C++ Testing and Mocking Framework (Google Test)
+//
+// This header file provides classes and functions used internally
+// for testing Google Test itself.
+
+#ifndef GTEST_TEST_GTEST_PARAM_TEST_TEST_H_
+#define GTEST_TEST_GTEST_PARAM_TEST_TEST_H_
+
+#include "gtest/gtest.h"
+
+// Test fixture for testing definition and instantiation of a test
+// in separate translation units.
+class ExternalInstantiationTest : public ::testing::TestWithParam<int> {
+};
+
+// Test fixture for testing instantiation of a test in multiple
+// translation units.
+class InstantiationInMultipleTranslaionUnitsTest
+ : public ::testing::TestWithParam<int> {
+};
+
+#endif // GTEST_TEST_GTEST_PARAM_TEST_TEST_H_
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-param-test2-test.cc b/security/nss/gtests/google_test/gtest/test/googletest-param-test2-test.cc
new file mode 100644
index 000000000..25bb945c2
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-param-test2-test.cc
@@ -0,0 +1,61 @@
+// Copyright 2008, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+//
+// Tests for Google Test itself. This verifies that the basic constructs of
+// Google Test work.
+
+#include "gtest/gtest.h"
+#include "test/googletest-param-test-test.h"
+
+using ::testing::Values;
+using ::testing::internal::ParamGenerator;
+
+// Tests that generators defined in a different translation unit
+// are functional. The test using extern_gen is defined
+// in googletest-param-test-test.cc.
+ParamGenerator<int> extern_gen = Values(33);
+
+// Tests that a parameterized test case can be defined in one translation unit
+// and instantiated in another. The test is defined in
+// googletest-param-test-test.cc and ExternalInstantiationTest fixture class is
+// defined in gtest-param-test_test.h.
+INSTANTIATE_TEST_CASE_P(MultiplesOf33,
+ ExternalInstantiationTest,
+ Values(33, 66));
+
+// Tests that a parameterized test case can be instantiated
+// in multiple translation units. Another instantiation is defined
+// in googletest-param-test-test.cc and
+// InstantiationInMultipleTranslaionUnitsTest fixture is defined in
+// gtest-param-test_test.h
+INSTANTIATE_TEST_CASE_P(Sequence2,
+ InstantiationInMultipleTranslaionUnitsTest,
+ Values(42*3, 42*4, 42*5));
+
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-port-test.cc b/security/nss/gtests/google_test/gtest/test/googletest-port-test.cc
new file mode 100644
index 000000000..399316f95
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-port-test.cc
@@ -0,0 +1,1300 @@
+// Copyright 2008, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// This file tests the internal cross-platform support utilities.
+#include <stdio.h>
+
+#include "gtest/internal/gtest-port.h"
+
+#if GTEST_OS_MAC
+# include <time.h>
+#endif // GTEST_OS_MAC
+
+#include <list>
+#include <utility> // For std::pair and std::make_pair.
+#include <vector>
+
+#include "gtest/gtest.h"
+#include "gtest/gtest-spi.h"
+#include "src/gtest-internal-inl.h"
+
+using std::make_pair;
+using std::pair;
+
+namespace testing {
+namespace internal {
+
+TEST(IsXDigitTest, WorksForNarrowAscii) {
+ EXPECT_TRUE(IsXDigit('0'));
+ EXPECT_TRUE(IsXDigit('9'));
+ EXPECT_TRUE(IsXDigit('A'));
+ EXPECT_TRUE(IsXDigit('F'));
+ EXPECT_TRUE(IsXDigit('a'));
+ EXPECT_TRUE(IsXDigit('f'));
+
+ EXPECT_FALSE(IsXDigit('-'));
+ EXPECT_FALSE(IsXDigit('g'));
+ EXPECT_FALSE(IsXDigit('G'));
+}
+
+TEST(IsXDigitTest, ReturnsFalseForNarrowNonAscii) {
+ EXPECT_FALSE(IsXDigit(static_cast<char>('\x80')));
+ EXPECT_FALSE(IsXDigit(static_cast<char>('0' | '\x80')));
+}
+
+TEST(IsXDigitTest, WorksForWideAscii) {
+ EXPECT_TRUE(IsXDigit(L'0'));
+ EXPECT_TRUE(IsXDigit(L'9'));
+ EXPECT_TRUE(IsXDigit(L'A'));
+ EXPECT_TRUE(IsXDigit(L'F'));
+ EXPECT_TRUE(IsXDigit(L'a'));
+ EXPECT_TRUE(IsXDigit(L'f'));
+
+ EXPECT_FALSE(IsXDigit(L'-'));
+ EXPECT_FALSE(IsXDigit(L'g'));
+ EXPECT_FALSE(IsXDigit(L'G'));
+}
+
+TEST(IsXDigitTest, ReturnsFalseForWideNonAscii) {
+ EXPECT_FALSE(IsXDigit(static_cast<wchar_t>(0x80)));
+ EXPECT_FALSE(IsXDigit(static_cast<wchar_t>(L'0' | 0x80)));
+ EXPECT_FALSE(IsXDigit(static_cast<wchar_t>(L'0' | 0x100)));
+}
+
+class Base {
+ public:
+ // Copy constructor and assignment operator do exactly what we need, so we
+ // use them.
+ Base() : member_(0) {}
+ explicit Base(int n) : member_(n) {}
+ virtual ~Base() {}
+ int member() { return member_; }
+
+ private:
+ int member_;
+};
+
+class Derived : public Base {
+ public:
+ explicit Derived(int n) : Base(n) {}
+};
+
+TEST(ImplicitCastTest, ConvertsPointers) {
+ Derived derived(0);
+ EXPECT_TRUE(&derived == ::testing::internal::ImplicitCast_<Base*>(&derived));
+}
+
+TEST(ImplicitCastTest, CanUseInheritance) {
+ Derived derived(1);
+ Base base = ::testing::internal::ImplicitCast_<Base>(derived);
+ EXPECT_EQ(derived.member(), base.member());
+}
+
+class Castable {
+ public:
+ explicit Castable(bool* converted) : converted_(converted) {}
+ operator Base() {
+ *converted_ = true;
+ return Base();
+ }
+
+ private:
+ bool* converted_;
+};
+
+TEST(ImplicitCastTest, CanUseNonConstCastOperator) {
+ bool converted = false;
+ Castable castable(&converted);
+ Base base = ::testing::internal::ImplicitCast_<Base>(castable);
+ EXPECT_TRUE(converted);
+}
+
+class ConstCastable {
+ public:
+ explicit ConstCastable(bool* converted) : converted_(converted) {}
+ operator Base() const {
+ *converted_ = true;
+ return Base();
+ }
+
+ private:
+ bool* converted_;
+};
+
+TEST(ImplicitCastTest, CanUseConstCastOperatorOnConstValues) {
+ bool converted = false;
+ const ConstCastable const_castable(&converted);
+ Base base = ::testing::internal::ImplicitCast_<Base>(const_castable);
+ EXPECT_TRUE(converted);
+}
+
+class ConstAndNonConstCastable {
+ public:
+ ConstAndNonConstCastable(bool* converted, bool* const_converted)
+ : converted_(converted), const_converted_(const_converted) {}
+ operator Base() {
+ *converted_ = true;
+ return Base();
+ }
+ operator Base() const {
+ *const_converted_ = true;
+ return Base();
+ }
+
+ private:
+ bool* converted_;
+ bool* const_converted_;
+};
+
+TEST(ImplicitCastTest, CanSelectBetweenConstAndNonConstCasrAppropriately) {
+ bool converted = false;
+ bool const_converted = false;
+ ConstAndNonConstCastable castable(&converted, &const_converted);
+ Base base = ::testing::internal::ImplicitCast_<Base>(castable);
+ EXPECT_TRUE(converted);
+ EXPECT_FALSE(const_converted);
+
+ converted = false;
+ const_converted = false;
+ const ConstAndNonConstCastable const_castable(&converted, &const_converted);
+ base = ::testing::internal::ImplicitCast_<Base>(const_castable);
+ EXPECT_FALSE(converted);
+ EXPECT_TRUE(const_converted);
+}
+
+class To {
+ public:
+ To(bool* converted) { *converted = true; } // NOLINT
+};
+
+TEST(ImplicitCastTest, CanUseImplicitConstructor) {
+ bool converted = false;
+ To to = ::testing::internal::ImplicitCast_<To>(&converted);
+ (void)to;
+ EXPECT_TRUE(converted);
+}
+
+TEST(IteratorTraitsTest, WorksForSTLContainerIterators) {
+ StaticAssertTypeEq<int,
+ IteratorTraits< ::std::vector<int>::const_iterator>::value_type>();
+ StaticAssertTypeEq<bool,
+ IteratorTraits< ::std::list<bool>::iterator>::value_type>();
+}
+
+TEST(IteratorTraitsTest, WorksForPointerToNonConst) {
+ StaticAssertTypeEq<char, IteratorTraits<char*>::value_type>();
+ StaticAssertTypeEq<const void*, IteratorTraits<const void**>::value_type>();
+}
+
+TEST(IteratorTraitsTest, WorksForPointerToConst) {
+ StaticAssertTypeEq<char, IteratorTraits<const char*>::value_type>();
+ StaticAssertTypeEq<const void*,
+ IteratorTraits<const void* const*>::value_type>();
+}
+
+// Tests that the element_type typedef is available in scoped_ptr and refers
+// to the parameter type.
+TEST(ScopedPtrTest, DefinesElementType) {
+ StaticAssertTypeEq<int, ::testing::internal::scoped_ptr<int>::element_type>();
+}
+
+// FIXME: Implement THE REST of scoped_ptr tests.
+
+TEST(GtestCheckSyntaxTest, BehavesLikeASingleStatement) {
+ if (AlwaysFalse())
+ GTEST_CHECK_(false) << "This should never be executed; "
+ "It's a compilation test only.";
+
+ if (AlwaysTrue())
+ GTEST_CHECK_(true);
+ else
+ ; // NOLINT
+
+ if (AlwaysFalse())
+ ; // NOLINT
+ else
+ GTEST_CHECK_(true) << "";
+}
+
+TEST(GtestCheckSyntaxTest, WorksWithSwitch) {
+ switch (0) {
+ case 1:
+ break;
+ default:
+ GTEST_CHECK_(true);
+ }
+
+ switch (0)
+ case 0:
+ GTEST_CHECK_(true) << "Check failed in switch case";
+}
+
+// Verifies behavior of FormatFileLocation.
+TEST(FormatFileLocationTest, FormatsFileLocation) {
+ EXPECT_PRED_FORMAT2(IsSubstring, "foo.cc", FormatFileLocation("foo.cc", 42));
+ EXPECT_PRED_FORMAT2(IsSubstring, "42", FormatFileLocation("foo.cc", 42));
+}
+
+TEST(FormatFileLocationTest, FormatsUnknownFile) {
+ EXPECT_PRED_FORMAT2(
+ IsSubstring, "unknown file", FormatFileLocation(NULL, 42));
+ EXPECT_PRED_FORMAT2(IsSubstring, "42", FormatFileLocation(NULL, 42));
+}
+
+TEST(FormatFileLocationTest, FormatsUknownLine) {
+ EXPECT_EQ("foo.cc:", FormatFileLocation("foo.cc", -1));
+}
+
+TEST(FormatFileLocationTest, FormatsUknownFileAndLine) {
+ EXPECT_EQ("unknown file:", FormatFileLocation(NULL, -1));
+}
+
+// Verifies behavior of FormatCompilerIndependentFileLocation.
+TEST(FormatCompilerIndependentFileLocationTest, FormatsFileLocation) {
+ EXPECT_EQ("foo.cc:42", FormatCompilerIndependentFileLocation("foo.cc", 42));
+}
+
+TEST(FormatCompilerIndependentFileLocationTest, FormatsUknownFile) {
+ EXPECT_EQ("unknown file:42",
+ FormatCompilerIndependentFileLocation(NULL, 42));
+}
+
+TEST(FormatCompilerIndependentFileLocationTest, FormatsUknownLine) {
+ EXPECT_EQ("foo.cc", FormatCompilerIndependentFileLocation("foo.cc", -1));
+}
+
+TEST(FormatCompilerIndependentFileLocationTest, FormatsUknownFileAndLine) {
+ EXPECT_EQ("unknown file", FormatCompilerIndependentFileLocation(NULL, -1));
+}
+
+#if GTEST_OS_LINUX || GTEST_OS_MAC || GTEST_OS_QNX || GTEST_OS_FUCHSIA
+void* ThreadFunc(void* data) {
+ internal::Mutex* mutex = static_cast<internal::Mutex*>(data);
+ mutex->Lock();
+ mutex->Unlock();
+ return NULL;
+}
+
+TEST(GetThreadCountTest, ReturnsCorrectValue) {
+ const size_t starting_count = GetThreadCount();
+ pthread_t thread_id;
+
+ internal::Mutex mutex;
+ {
+ internal::MutexLock lock(&mutex);
+ pthread_attr_t attr;
+ ASSERT_EQ(0, pthread_attr_init(&attr));
+ ASSERT_EQ(0, pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE));
+
+ const int status = pthread_create(&thread_id, &attr, &ThreadFunc, &mutex);
+ ASSERT_EQ(0, pthread_attr_destroy(&attr));
+ ASSERT_EQ(0, status);
+ EXPECT_EQ(starting_count + 1, GetThreadCount());
+ }
+
+ void* dummy;
+ ASSERT_EQ(0, pthread_join(thread_id, &dummy));
+
+ // The OS may not immediately report the updated thread count after
+ // joining a thread, causing flakiness in this test. To counter that, we
+ // wait for up to .5 seconds for the OS to report the correct value.
+ for (int i = 0; i < 5; ++i) {
+ if (GetThreadCount() == starting_count)
+ break;
+
+ SleepMilliseconds(100);
+ }
+
+ EXPECT_EQ(starting_count, GetThreadCount());
+}
+#else
+TEST(GetThreadCountTest, ReturnsZeroWhenUnableToCountThreads) {
+ EXPECT_EQ(0U, GetThreadCount());
+}
+#endif // GTEST_OS_LINUX || GTEST_OS_MAC || GTEST_OS_QNX || GTEST_OS_FUCHSIA
+
+TEST(GtestCheckDeathTest, DiesWithCorrectOutputOnFailure) {
+ const bool a_false_condition = false;
+ const char regex[] =
+#ifdef _MSC_VER
+ "googletest-port-test\\.cc\\(\\d+\\):"
+#elif GTEST_USES_POSIX_RE
+ "googletest-port-test\\.cc:[0-9]+"
+#else
+ "googletest-port-test\\.cc:\\d+"
+#endif // _MSC_VER
+ ".*a_false_condition.*Extra info.*";
+
+ EXPECT_DEATH_IF_SUPPORTED(GTEST_CHECK_(a_false_condition) << "Extra info",
+ regex);
+}
+
+#if GTEST_HAS_DEATH_TEST
+
+TEST(GtestCheckDeathTest, LivesSilentlyOnSuccess) {
+ EXPECT_EXIT({
+ GTEST_CHECK_(true) << "Extra info";
+ ::std::cerr << "Success\n";
+ exit(0); },
+ ::testing::ExitedWithCode(0), "Success");
+}
+
+#endif // GTEST_HAS_DEATH_TEST
+
+// Verifies that Google Test choose regular expression engine appropriate to
+// the platform. The test will produce compiler errors in case of failure.
+// For simplicity, we only cover the most important platforms here.
+TEST(RegexEngineSelectionTest, SelectsCorrectRegexEngine) {
+#if !GTEST_USES_PCRE
+# if GTEST_HAS_POSIX_RE
+
+ EXPECT_TRUE(GTEST_USES_POSIX_RE);
+
+# else
+
+ EXPECT_TRUE(GTEST_USES_SIMPLE_RE);
+
+# endif
+#endif // !GTEST_USES_PCRE
+}
+
+#if GTEST_USES_POSIX_RE
+
+# if GTEST_HAS_TYPED_TEST
+
+template <typename Str>
+class RETest : public ::testing::Test {};
+
+// Defines StringTypes as the list of all string types that class RE
+// supports.
+typedef testing::Types<
+ ::std::string,
+# if GTEST_HAS_GLOBAL_STRING
+ ::string,
+# endif // GTEST_HAS_GLOBAL_STRING
+ const char*> StringTypes;
+
+TYPED_TEST_CASE(RETest, StringTypes);
+
+// Tests RE's implicit constructors.
+TYPED_TEST(RETest, ImplicitConstructorWorks) {
+ const RE empty(TypeParam(""));
+ EXPECT_STREQ("", empty.pattern());
+
+ const RE simple(TypeParam("hello"));
+ EXPECT_STREQ("hello", simple.pattern());
+
+ const RE normal(TypeParam(".*(\\w+)"));
+ EXPECT_STREQ(".*(\\w+)", normal.pattern());
+}
+
+// Tests that RE's constructors reject invalid regular expressions.
+TYPED_TEST(RETest, RejectsInvalidRegex) {
+ EXPECT_NONFATAL_FAILURE({
+ const RE invalid(TypeParam("?"));
+ }, "\"?\" is not a valid POSIX Extended regular expression.");
+}
+
+// Tests RE::FullMatch().
+TYPED_TEST(RETest, FullMatchWorks) {
+ const RE empty(TypeParam(""));
+ EXPECT_TRUE(RE::FullMatch(TypeParam(""), empty));
+ EXPECT_FALSE(RE::FullMatch(TypeParam("a"), empty));
+
+ const RE re(TypeParam("a.*z"));
+ EXPECT_TRUE(RE::FullMatch(TypeParam("az"), re));
+ EXPECT_TRUE(RE::FullMatch(TypeParam("axyz"), re));
+ EXPECT_FALSE(RE::FullMatch(TypeParam("baz"), re));
+ EXPECT_FALSE(RE::FullMatch(TypeParam("azy"), re));
+}
+
+// Tests RE::PartialMatch().
+TYPED_TEST(RETest, PartialMatchWorks) {
+ const RE empty(TypeParam(""));
+ EXPECT_TRUE(RE::PartialMatch(TypeParam(""), empty));
+ EXPECT_TRUE(RE::PartialMatch(TypeParam("a"), empty));
+
+ const RE re(TypeParam("a.*z"));
+ EXPECT_TRUE(RE::PartialMatch(TypeParam("az"), re));
+ EXPECT_TRUE(RE::PartialMatch(TypeParam("axyz"), re));
+ EXPECT_TRUE(RE::PartialMatch(TypeParam("baz"), re));
+ EXPECT_TRUE(RE::PartialMatch(TypeParam("azy"), re));
+ EXPECT_FALSE(RE::PartialMatch(TypeParam("zza"), re));
+}
+
+# endif // GTEST_HAS_TYPED_TEST
+
+#elif GTEST_USES_SIMPLE_RE
+
+TEST(IsInSetTest, NulCharIsNotInAnySet) {
+ EXPECT_FALSE(IsInSet('\0', ""));
+ EXPECT_FALSE(IsInSet('\0', "\0"));
+ EXPECT_FALSE(IsInSet('\0', "a"));
+}
+
+TEST(IsInSetTest, WorksForNonNulChars) {
+ EXPECT_FALSE(IsInSet('a', "Ab"));
+ EXPECT_FALSE(IsInSet('c', ""));
+
+ EXPECT_TRUE(IsInSet('b', "bcd"));
+ EXPECT_TRUE(IsInSet('b', "ab"));
+}
+
+TEST(IsAsciiDigitTest, IsFalseForNonDigit) {
+ EXPECT_FALSE(IsAsciiDigit('\0'));
+ EXPECT_FALSE(IsAsciiDigit(' '));
+ EXPECT_FALSE(IsAsciiDigit('+'));
+ EXPECT_FALSE(IsAsciiDigit('-'));
+ EXPECT_FALSE(IsAsciiDigit('.'));
+ EXPECT_FALSE(IsAsciiDigit('a'));
+}
+
+TEST(IsAsciiDigitTest, IsTrueForDigit) {
+ EXPECT_TRUE(IsAsciiDigit('0'));
+ EXPECT_TRUE(IsAsciiDigit('1'));
+ EXPECT_TRUE(IsAsciiDigit('5'));
+ EXPECT_TRUE(IsAsciiDigit('9'));
+}
+
+TEST(IsAsciiPunctTest, IsFalseForNonPunct) {
+ EXPECT_FALSE(IsAsciiPunct('\0'));
+ EXPECT_FALSE(IsAsciiPunct(' '));
+ EXPECT_FALSE(IsAsciiPunct('\n'));
+ EXPECT_FALSE(IsAsciiPunct('a'));
+ EXPECT_FALSE(IsAsciiPunct('0'));
+}
+
+TEST(IsAsciiPunctTest, IsTrueForPunct) {
+ for (const char* p = "^-!\"#$%&'()*+,./:;<=>?@[\\]_`{|}~"; *p; p++) {
+ EXPECT_PRED1(IsAsciiPunct, *p);
+ }
+}
+
+TEST(IsRepeatTest, IsFalseForNonRepeatChar) {
+ EXPECT_FALSE(IsRepeat('\0'));
+ EXPECT_FALSE(IsRepeat(' '));
+ EXPECT_FALSE(IsRepeat('a'));
+ EXPECT_FALSE(IsRepeat('1'));
+ EXPECT_FALSE(IsRepeat('-'));
+}
+
+TEST(IsRepeatTest, IsTrueForRepeatChar) {
+ EXPECT_TRUE(IsRepeat('?'));
+ EXPECT_TRUE(IsRepeat('*'));
+ EXPECT_TRUE(IsRepeat('+'));
+}
+
+TEST(IsAsciiWhiteSpaceTest, IsFalseForNonWhiteSpace) {
+ EXPECT_FALSE(IsAsciiWhiteSpace('\0'));
+ EXPECT_FALSE(IsAsciiWhiteSpace('a'));
+ EXPECT_FALSE(IsAsciiWhiteSpace('1'));
+ EXPECT_FALSE(IsAsciiWhiteSpace('+'));
+ EXPECT_FALSE(IsAsciiWhiteSpace('_'));
+}
+
+TEST(IsAsciiWhiteSpaceTest, IsTrueForWhiteSpace) {
+ EXPECT_TRUE(IsAsciiWhiteSpace(' '));
+ EXPECT_TRUE(IsAsciiWhiteSpace('\n'));
+ EXPECT_TRUE(IsAsciiWhiteSpace('\r'));
+ EXPECT_TRUE(IsAsciiWhiteSpace('\t'));
+ EXPECT_TRUE(IsAsciiWhiteSpace('\v'));
+ EXPECT_TRUE(IsAsciiWhiteSpace('\f'));
+}
+
+TEST(IsAsciiWordCharTest, IsFalseForNonWordChar) {
+ EXPECT_FALSE(IsAsciiWordChar('\0'));
+ EXPECT_FALSE(IsAsciiWordChar('+'));
+ EXPECT_FALSE(IsAsciiWordChar('.'));
+ EXPECT_FALSE(IsAsciiWordChar(' '));
+ EXPECT_FALSE(IsAsciiWordChar('\n'));
+}
+
+TEST(IsAsciiWordCharTest, IsTrueForLetter) {
+ EXPECT_TRUE(IsAsciiWordChar('a'));
+ EXPECT_TRUE(IsAsciiWordChar('b'));
+ EXPECT_TRUE(IsAsciiWordChar('A'));
+ EXPECT_TRUE(IsAsciiWordChar('Z'));
+}
+
+TEST(IsAsciiWordCharTest, IsTrueForDigit) {
+ EXPECT_TRUE(IsAsciiWordChar('0'));
+ EXPECT_TRUE(IsAsciiWordChar('1'));
+ EXPECT_TRUE(IsAsciiWordChar('7'));
+ EXPECT_TRUE(IsAsciiWordChar('9'));
+}
+
+TEST(IsAsciiWordCharTest, IsTrueForUnderscore) {
+ EXPECT_TRUE(IsAsciiWordChar('_'));
+}
+
+TEST(IsValidEscapeTest, IsFalseForNonPrintable) {
+ EXPECT_FALSE(IsValidEscape('\0'));
+ EXPECT_FALSE(IsValidEscape('\007'));
+}
+
+TEST(IsValidEscapeTest, IsFalseForDigit) {
+ EXPECT_FALSE(IsValidEscape('0'));
+ EXPECT_FALSE(IsValidEscape('9'));
+}
+
+TEST(IsValidEscapeTest, IsFalseForWhiteSpace) {
+ EXPECT_FALSE(IsValidEscape(' '));
+ EXPECT_FALSE(IsValidEscape('\n'));
+}
+
+TEST(IsValidEscapeTest, IsFalseForSomeLetter) {
+ EXPECT_FALSE(IsValidEscape('a'));
+ EXPECT_FALSE(IsValidEscape('Z'));
+}
+
+TEST(IsValidEscapeTest, IsTrueForPunct) {
+ EXPECT_TRUE(IsValidEscape('.'));
+ EXPECT_TRUE(IsValidEscape('-'));
+ EXPECT_TRUE(IsValidEscape('^'));
+ EXPECT_TRUE(IsValidEscape('$'));
+ EXPECT_TRUE(IsValidEscape('('));
+ EXPECT_TRUE(IsValidEscape(']'));
+ EXPECT_TRUE(IsValidEscape('{'));
+ EXPECT_TRUE(IsValidEscape('|'));
+}
+
+TEST(IsValidEscapeTest, IsTrueForSomeLetter) {
+ EXPECT_TRUE(IsValidEscape('d'));
+ EXPECT_TRUE(IsValidEscape('D'));
+ EXPECT_TRUE(IsValidEscape('s'));
+ EXPECT_TRUE(IsValidEscape('S'));
+ EXPECT_TRUE(IsValidEscape('w'));
+ EXPECT_TRUE(IsValidEscape('W'));
+}
+
+TEST(AtomMatchesCharTest, EscapedPunct) {
+ EXPECT_FALSE(AtomMatchesChar(true, '\\', '\0'));
+ EXPECT_FALSE(AtomMatchesChar(true, '\\', ' '));
+ EXPECT_FALSE(AtomMatchesChar(true, '_', '.'));
+ EXPECT_FALSE(AtomMatchesChar(true, '.', 'a'));
+
+ EXPECT_TRUE(AtomMatchesChar(true, '\\', '\\'));
+ EXPECT_TRUE(AtomMatchesChar(true, '_', '_'));
+ EXPECT_TRUE(AtomMatchesChar(true, '+', '+'));
+ EXPECT_TRUE(AtomMatchesChar(true, '.', '.'));
+}
+
+TEST(AtomMatchesCharTest, Escaped_d) {
+ EXPECT_FALSE(AtomMatchesChar(true, 'd', '\0'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'd', 'a'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'd', '.'));
+
+ EXPECT_TRUE(AtomMatchesChar(true, 'd', '0'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'd', '9'));
+}
+
+TEST(AtomMatchesCharTest, Escaped_D) {
+ EXPECT_FALSE(AtomMatchesChar(true, 'D', '0'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'D', '9'));
+
+ EXPECT_TRUE(AtomMatchesChar(true, 'D', '\0'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'D', 'a'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'D', '-'));
+}
+
+TEST(AtomMatchesCharTest, Escaped_s) {
+ EXPECT_FALSE(AtomMatchesChar(true, 's', '\0'));
+ EXPECT_FALSE(AtomMatchesChar(true, 's', 'a'));
+ EXPECT_FALSE(AtomMatchesChar(true, 's', '.'));
+ EXPECT_FALSE(AtomMatchesChar(true, 's', '9'));
+
+ EXPECT_TRUE(AtomMatchesChar(true, 's', ' '));
+ EXPECT_TRUE(AtomMatchesChar(true, 's', '\n'));
+ EXPECT_TRUE(AtomMatchesChar(true, 's', '\t'));
+}
+
+TEST(AtomMatchesCharTest, Escaped_S) {
+ EXPECT_FALSE(AtomMatchesChar(true, 'S', ' '));
+ EXPECT_FALSE(AtomMatchesChar(true, 'S', '\r'));
+
+ EXPECT_TRUE(AtomMatchesChar(true, 'S', '\0'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'S', 'a'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'S', '9'));
+}
+
+TEST(AtomMatchesCharTest, Escaped_w) {
+ EXPECT_FALSE(AtomMatchesChar(true, 'w', '\0'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'w', '+'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'w', ' '));
+ EXPECT_FALSE(AtomMatchesChar(true, 'w', '\n'));
+
+ EXPECT_TRUE(AtomMatchesChar(true, 'w', '0'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'w', 'b'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'w', 'C'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'w', '_'));
+}
+
+TEST(AtomMatchesCharTest, Escaped_W) {
+ EXPECT_FALSE(AtomMatchesChar(true, 'W', 'A'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'W', 'b'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'W', '9'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'W', '_'));
+
+ EXPECT_TRUE(AtomMatchesChar(true, 'W', '\0'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'W', '*'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'W', '\n'));
+}
+
+TEST(AtomMatchesCharTest, EscapedWhiteSpace) {
+ EXPECT_FALSE(AtomMatchesChar(true, 'f', '\0'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'f', '\n'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'n', '\0'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'n', '\r'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'r', '\0'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'r', 'a'));
+ EXPECT_FALSE(AtomMatchesChar(true, 't', '\0'));
+ EXPECT_FALSE(AtomMatchesChar(true, 't', 't'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'v', '\0'));
+ EXPECT_FALSE(AtomMatchesChar(true, 'v', '\f'));
+
+ EXPECT_TRUE(AtomMatchesChar(true, 'f', '\f'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'n', '\n'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'r', '\r'));
+ EXPECT_TRUE(AtomMatchesChar(true, 't', '\t'));
+ EXPECT_TRUE(AtomMatchesChar(true, 'v', '\v'));
+}
+
+TEST(AtomMatchesCharTest, UnescapedDot) {
+ EXPECT_FALSE(AtomMatchesChar(false, '.', '\n'));
+
+ EXPECT_TRUE(AtomMatchesChar(false, '.', '\0'));
+ EXPECT_TRUE(AtomMatchesChar(false, '.', '.'));
+ EXPECT_TRUE(AtomMatchesChar(false, '.', 'a'));
+ EXPECT_TRUE(AtomMatchesChar(false, '.', ' '));
+}
+
+TEST(AtomMatchesCharTest, UnescapedChar) {
+ EXPECT_FALSE(AtomMatchesChar(false, 'a', '\0'));
+ EXPECT_FALSE(AtomMatchesChar(false, 'a', 'b'));
+ EXPECT_FALSE(AtomMatchesChar(false, '$', 'a'));
+
+ EXPECT_TRUE(AtomMatchesChar(false, '$', '$'));
+ EXPECT_TRUE(AtomMatchesChar(false, '5', '5'));
+ EXPECT_TRUE(AtomMatchesChar(false, 'Z', 'Z'));
+}
+
+TEST(ValidateRegexTest, GeneratesFailureAndReturnsFalseForInvalid) {
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex(NULL)),
+ "NULL is not a valid simple regular expression");
+ EXPECT_NONFATAL_FAILURE(
+ ASSERT_FALSE(ValidateRegex("a\\")),
+ "Syntax error at index 1 in simple regular expression \"a\\\": ");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("a\\")),
+ "'\\' cannot appear at the end");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("\\n\\")),
+ "'\\' cannot appear at the end");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("\\s\\hb")),
+ "invalid escape sequence \"\\h\"");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("^^")),
+ "'^' can only appear at the beginning");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex(".*^b")),
+ "'^' can only appear at the beginning");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("$$")),
+ "'$' can only appear at the end");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("^$a")),
+ "'$' can only appear at the end");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("a(b")),
+ "'(' is unsupported");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("ab)")),
+ "')' is unsupported");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("[ab")),
+ "'[' is unsupported");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("a{2")),
+ "'{' is unsupported");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("?")),
+ "'?' can only follow a repeatable token");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("^*")),
+ "'*' can only follow a repeatable token");
+ EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("5*+")),
+ "'+' can only follow a repeatable token");
+}
+
+TEST(ValidateRegexTest, ReturnsTrueForValid) {
+ EXPECT_TRUE(ValidateRegex(""));
+ EXPECT_TRUE(ValidateRegex("a"));
+ EXPECT_TRUE(ValidateRegex(".*"));
+ EXPECT_TRUE(ValidateRegex("^a_+"));
+ EXPECT_TRUE(ValidateRegex("^a\\t\\&?"));
+ EXPECT_TRUE(ValidateRegex("09*$"));
+ EXPECT_TRUE(ValidateRegex("^Z$"));
+ EXPECT_TRUE(ValidateRegex("a\\^Z\\$\\(\\)\\|\\[\\]\\{\\}"));
+}
+
+TEST(MatchRepetitionAndRegexAtHeadTest, WorksForZeroOrOne) {
+ EXPECT_FALSE(MatchRepetitionAndRegexAtHead(false, 'a', '?', "a", "ba"));
+ // Repeating more than once.
+ EXPECT_FALSE(MatchRepetitionAndRegexAtHead(false, 'a', '?', "b", "aab"));
+
+ // Repeating zero times.
+ EXPECT_TRUE(MatchRepetitionAndRegexAtHead(false, 'a', '?', "b", "ba"));
+ // Repeating once.
+ EXPECT_TRUE(MatchRepetitionAndRegexAtHead(false, 'a', '?', "b", "ab"));
+ EXPECT_TRUE(MatchRepetitionAndRegexAtHead(false, '#', '?', ".", "##"));
+}
+
+TEST(MatchRepetitionAndRegexAtHeadTest, WorksForZeroOrMany) {
+ EXPECT_FALSE(MatchRepetitionAndRegexAtHead(false, '.', '*', "a$", "baab"));
+
+ // Repeating zero times.
+ EXPECT_TRUE(MatchRepetitionAndRegexAtHead(false, '.', '*', "b", "bc"));
+ // Repeating once.
+ EXPECT_TRUE(MatchRepetitionAndRegexAtHead(false, '.', '*', "b", "abc"));
+ // Repeating more than once.
+ EXPECT_TRUE(MatchRepetitionAndRegexAtHead(true, 'w', '*', "-", "ab_1-g"));
+}
+
+TEST(MatchRepetitionAndRegexAtHeadTest, WorksForOneOrMany) {
+ EXPECT_FALSE(MatchRepetitionAndRegexAtHead(false, '.', '+', "a$", "baab"));
+ // Repeating zero times.
+ EXPECT_FALSE(MatchRepetitionAndRegexAtHead(false, '.', '+', "b", "bc"));
+
+ // Repeating once.
+ EXPECT_TRUE(MatchRepetitionAndRegexAtHead(false, '.', '+', "b", "abc"));
+ // Repeating more than once.
+ EXPECT_TRUE(MatchRepetitionAndRegexAtHead(true, 'w', '+', "-", "ab_1-g"));
+}
+
+TEST(MatchRegexAtHeadTest, ReturnsTrueForEmptyRegex) {
+ EXPECT_TRUE(MatchRegexAtHead("", ""));
+ EXPECT_TRUE(MatchRegexAtHead("", "ab"));
+}
+
+TEST(MatchRegexAtHeadTest, WorksWhenDollarIsInRegex) {
+ EXPECT_FALSE(MatchRegexAtHead("$", "a"));
+
+ EXPECT_TRUE(MatchRegexAtHead("$", ""));
+ EXPECT_TRUE(MatchRegexAtHead("a$", "a"));
+}
+
+TEST(MatchRegexAtHeadTest, WorksWhenRegexStartsWithEscapeSequence) {
+ EXPECT_FALSE(MatchRegexAtHead("\\w", "+"));
+ EXPECT_FALSE(MatchRegexAtHead("\\W", "ab"));
+
+ EXPECT_TRUE(MatchRegexAtHead("\\sa", "\nab"));
+ EXPECT_TRUE(MatchRegexAtHead("\\d", "1a"));
+}
+
+TEST(MatchRegexAtHeadTest, WorksWhenRegexStartsWithRepetition) {
+ EXPECT_FALSE(MatchRegexAtHead(".+a", "abc"));
+ EXPECT_FALSE(MatchRegexAtHead("a?b", "aab"));
+
+ EXPECT_TRUE(MatchRegexAtHead(".*a", "bc12-ab"));
+ EXPECT_TRUE(MatchRegexAtHead("a?b", "b"));
+ EXPECT_TRUE(MatchRegexAtHead("a?b", "ab"));
+}
+
+TEST(MatchRegexAtHeadTest,
+ WorksWhenRegexStartsWithRepetionOfEscapeSequence) {
+ EXPECT_FALSE(MatchRegexAtHead("\\.+a", "abc"));
+ EXPECT_FALSE(MatchRegexAtHead("\\s?b", " b"));
+
+ EXPECT_TRUE(MatchRegexAtHead("\\(*a", "((((ab"));
+ EXPECT_TRUE(MatchRegexAtHead("\\^?b", "^b"));
+ EXPECT_TRUE(MatchRegexAtHead("\\\\?b", "b"));
+ EXPECT_TRUE(MatchRegexAtHead("\\\\?b", "\\b"));
+}
+
+TEST(MatchRegexAtHeadTest, MatchesSequentially) {
+ EXPECT_FALSE(MatchRegexAtHead("ab.*c", "acabc"));
+
+ EXPECT_TRUE(MatchRegexAtHead("ab.*c", "ab-fsc"));
+}
+
+TEST(MatchRegexAnywhereTest, ReturnsFalseWhenStringIsNull) {
+ EXPECT_FALSE(MatchRegexAnywhere("", NULL));
+}
+
+TEST(MatchRegexAnywhereTest, WorksWhenRegexStartsWithCaret) {
+ EXPECT_FALSE(MatchRegexAnywhere("^a", "ba"));
+ EXPECT_FALSE(MatchRegexAnywhere("^$", "a"));
+
+ EXPECT_TRUE(MatchRegexAnywhere("^a", "ab"));
+ EXPECT_TRUE(MatchRegexAnywhere("^", "ab"));
+ EXPECT_TRUE(MatchRegexAnywhere("^$", ""));
+}
+
+TEST(MatchRegexAnywhereTest, ReturnsFalseWhenNoMatch) {
+ EXPECT_FALSE(MatchRegexAnywhere("a", "bcde123"));
+ EXPECT_FALSE(MatchRegexAnywhere("a.+a", "--aa88888888"));
+}
+
+TEST(MatchRegexAnywhereTest, ReturnsTrueWhenMatchingPrefix) {
+ EXPECT_TRUE(MatchRegexAnywhere("\\w+", "ab1_ - 5"));
+ EXPECT_TRUE(MatchRegexAnywhere(".*=", "="));
+ EXPECT_TRUE(MatchRegexAnywhere("x.*ab?.*bc", "xaaabc"));
+}
+
+TEST(MatchRegexAnywhereTest, ReturnsTrueWhenMatchingNonPrefix) {
+ EXPECT_TRUE(MatchRegexAnywhere("\\w+", "$$$ ab1_ - 5"));
+ EXPECT_TRUE(MatchRegexAnywhere("\\.+=", "= ...="));
+}
+
+// Tests RE's implicit constructors.
+TEST(RETest, ImplicitConstructorWorks) {
+ const RE empty("");
+ EXPECT_STREQ("", empty.pattern());
+
+ const RE simple("hello");
+ EXPECT_STREQ("hello", simple.pattern());
+}
+
+// Tests that RE's constructors reject invalid regular expressions.
+TEST(RETest, RejectsInvalidRegex) {
+ EXPECT_NONFATAL_FAILURE({
+ const RE normal(NULL);
+ }, "NULL is not a valid simple regular expression");
+
+ EXPECT_NONFATAL_FAILURE({
+ const RE normal(".*(\\w+");
+ }, "'(' is unsupported");
+
+ EXPECT_NONFATAL_FAILURE({
+ const RE invalid("^?");
+ }, "'?' can only follow a repeatable token");
+}
+
+// Tests RE::FullMatch().
+TEST(RETest, FullMatchWorks) {
+ const RE empty("");
+ EXPECT_TRUE(RE::FullMatch("", empty));
+ EXPECT_FALSE(RE::FullMatch("a", empty));
+
+ const RE re1("a");
+ EXPECT_TRUE(RE::FullMatch("a", re1));
+
+ const RE re("a.*z");
+ EXPECT_TRUE(RE::FullMatch("az", re));
+ EXPECT_TRUE(RE::FullMatch("axyz", re));
+ EXPECT_FALSE(RE::FullMatch("baz", re));
+ EXPECT_FALSE(RE::FullMatch("azy", re));
+}
+
+// Tests RE::PartialMatch().
+TEST(RETest, PartialMatchWorks) {
+ const RE empty("");
+ EXPECT_TRUE(RE::PartialMatch("", empty));
+ EXPECT_TRUE(RE::PartialMatch("a", empty));
+
+ const RE re("a.*z");
+ EXPECT_TRUE(RE::PartialMatch("az", re));
+ EXPECT_TRUE(RE::PartialMatch("axyz", re));
+ EXPECT_TRUE(RE::PartialMatch("baz", re));
+ EXPECT_TRUE(RE::PartialMatch("azy", re));
+ EXPECT_FALSE(RE::PartialMatch("zza", re));
+}
+
+#endif // GTEST_USES_POSIX_RE
+
+#if !GTEST_OS_WINDOWS_MOBILE
+
+TEST(CaptureTest, CapturesStdout) {
+ CaptureStdout();
+ fprintf(stdout, "abc");
+ EXPECT_STREQ("abc", GetCapturedStdout().c_str());
+
+ CaptureStdout();
+ fprintf(stdout, "def%cghi", '\0');
+ EXPECT_EQ(::std::string("def\0ghi", 7), ::std::string(GetCapturedStdout()));
+}
+
+TEST(CaptureTest, CapturesStderr) {
+ CaptureStderr();
+ fprintf(stderr, "jkl");
+ EXPECT_STREQ("jkl", GetCapturedStderr().c_str());
+
+ CaptureStderr();
+ fprintf(stderr, "jkl%cmno", '\0');
+ EXPECT_EQ(::std::string("jkl\0mno", 7), ::std::string(GetCapturedStderr()));
+}
+
+// Tests that stdout and stderr capture don't interfere with each other.
+TEST(CaptureTest, CapturesStdoutAndStderr) {
+ CaptureStdout();
+ CaptureStderr();
+ fprintf(stdout, "pqr");
+ fprintf(stderr, "stu");
+ EXPECT_STREQ("pqr", GetCapturedStdout().c_str());
+ EXPECT_STREQ("stu", GetCapturedStderr().c_str());
+}
+
+TEST(CaptureDeathTest, CannotReenterStdoutCapture) {
+ CaptureStdout();
+ EXPECT_DEATH_IF_SUPPORTED(CaptureStdout(),
+ "Only one stdout capturer can exist at a time");
+ GetCapturedStdout();
+
+ // We cannot test stderr capturing using death tests as they use it
+ // themselves.
+}
+
+#endif // !GTEST_OS_WINDOWS_MOBILE
+
+TEST(ThreadLocalTest, DefaultConstructorInitializesToDefaultValues) {
+ ThreadLocal<int> t1;
+ EXPECT_EQ(0, t1.get());
+
+ ThreadLocal<void*> t2;
+ EXPECT_TRUE(t2.get() == NULL);
+}
+
+TEST(ThreadLocalTest, SingleParamConstructorInitializesToParam) {
+ ThreadLocal<int> t1(123);
+ EXPECT_EQ(123, t1.get());
+
+ int i = 0;
+ ThreadLocal<int*> t2(&i);
+ EXPECT_EQ(&i, t2.get());
+}
+
+class NoDefaultContructor {
+ public:
+ explicit NoDefaultContructor(const char*) {}
+ NoDefaultContructor(const NoDefaultContructor&) {}
+};
+
+TEST(ThreadLocalTest, ValueDefaultContructorIsNotRequiredForParamVersion) {
+ ThreadLocal<NoDefaultContructor> bar(NoDefaultContructor("foo"));
+ bar.pointer();
+}
+
+TEST(ThreadLocalTest, GetAndPointerReturnSameValue) {
+ ThreadLocal<std::string> thread_local_string;
+
+ EXPECT_EQ(thread_local_string.pointer(), &(thread_local_string.get()));
+
+ // Verifies the condition still holds after calling set.
+ thread_local_string.set("foo");
+ EXPECT_EQ(thread_local_string.pointer(), &(thread_local_string.get()));
+}
+
+TEST(ThreadLocalTest, PointerAndConstPointerReturnSameValue) {
+ ThreadLocal<std::string> thread_local_string;
+ const ThreadLocal<std::string>& const_thread_local_string =
+ thread_local_string;
+
+ EXPECT_EQ(thread_local_string.pointer(), const_thread_local_string.pointer());
+
+ thread_local_string.set("foo");
+ EXPECT_EQ(thread_local_string.pointer(), const_thread_local_string.pointer());
+}
+
+#if GTEST_IS_THREADSAFE
+
+void AddTwo(int* param) { *param += 2; }
+
+TEST(ThreadWithParamTest, ConstructorExecutesThreadFunc) {
+ int i = 40;
+ ThreadWithParam<int*> thread(&AddTwo, &i, NULL);
+ thread.Join();
+ EXPECT_EQ(42, i);
+}
+
+TEST(MutexDeathTest, AssertHeldShouldAssertWhenNotLocked) {
+ // AssertHeld() is flaky only in the presence of multiple threads accessing
+ // the lock. In this case, the test is robust.
+ EXPECT_DEATH_IF_SUPPORTED({
+ Mutex m;
+ { MutexLock lock(&m); }
+ m.AssertHeld();
+ },
+ "thread .*hold");
+}
+
+TEST(MutexTest, AssertHeldShouldNotAssertWhenLocked) {
+ Mutex m;
+ MutexLock lock(&m);
+ m.AssertHeld();
+}
+
+class AtomicCounterWithMutex {
+ public:
+ explicit AtomicCounterWithMutex(Mutex* mutex) :
+ value_(0), mutex_(mutex), random_(42) {}
+
+ void Increment() {
+ MutexLock lock(mutex_);
+ int temp = value_;
+ {
+ // We need to put up a memory barrier to prevent reads and writes to
+ // value_ rearranged with the call to SleepMilliseconds when observed
+ // from other threads.
+#if GTEST_HAS_PTHREAD
+ // On POSIX, locking a mutex puts up a memory barrier. We cannot use
+ // Mutex and MutexLock here or rely on their memory barrier
+ // functionality as we are testing them here.
+ pthread_mutex_t memory_barrier_mutex;
+ GTEST_CHECK_POSIX_SUCCESS_(
+ pthread_mutex_init(&memory_barrier_mutex, NULL));
+ GTEST_CHECK_POSIX_SUCCESS_(pthread_mutex_lock(&memory_barrier_mutex));
+
+ SleepMilliseconds(random_.Generate(30));
+
+ GTEST_CHECK_POSIX_SUCCESS_(pthread_mutex_unlock(&memory_barrier_mutex));
+ GTEST_CHECK_POSIX_SUCCESS_(pthread_mutex_destroy(&memory_barrier_mutex));
+#elif GTEST_OS_WINDOWS
+ // On Windows, performing an interlocked access puts up a memory barrier.
+ volatile LONG dummy = 0;
+ ::InterlockedIncrement(&dummy);
+ SleepMilliseconds(random_.Generate(30));
+ ::InterlockedIncrement(&dummy);
+#else
+# error "Memory barrier not implemented on this platform."
+#endif // GTEST_HAS_PTHREAD
+ }
+ value_ = temp + 1;
+ }
+ int value() const { return value_; }
+
+ private:
+ volatile int value_;
+ Mutex* const mutex_; // Protects value_.
+ Random random_;
+};
+
+void CountingThreadFunc(pair<AtomicCounterWithMutex*, int> param) {
+ for (int i = 0; i < param.second; ++i)
+ param.first->Increment();
+}
+
+// Tests that the mutex only lets one thread at a time to lock it.
+TEST(MutexTest, OnlyOneThreadCanLockAtATime) {
+ Mutex mutex;
+ AtomicCounterWithMutex locked_counter(&mutex);
+
+ typedef ThreadWithParam<pair<AtomicCounterWithMutex*, int> > ThreadType;
+ const int kCycleCount = 20;
+ const int kThreadCount = 7;
+ scoped_ptr<ThreadType> counting_threads[kThreadCount];
+ Notification threads_can_start;
+ // Creates and runs kThreadCount threads that increment locked_counter
+ // kCycleCount times each.
+ for (int i = 0; i < kThreadCount; ++i) {
+ counting_threads[i].reset(new ThreadType(&CountingThreadFunc,
+ make_pair(&locked_counter,
+ kCycleCount),
+ &threads_can_start));
+ }
+ threads_can_start.Notify();
+ for (int i = 0; i < kThreadCount; ++i)
+ counting_threads[i]->Join();
+
+ // If the mutex lets more than one thread to increment the counter at a
+ // time, they are likely to encounter a race condition and have some
+ // increments overwritten, resulting in the lower then expected counter
+ // value.
+ EXPECT_EQ(kCycleCount * kThreadCount, locked_counter.value());
+}
+
+template <typename T>
+void RunFromThread(void (func)(T), T param) {
+ ThreadWithParam<T> thread(func, param, NULL);
+ thread.Join();
+}
+
+void RetrieveThreadLocalValue(
+ pair<ThreadLocal<std::string>*, std::string*> param) {
+ *param.second = param.first->get();
+}
+
+TEST(ThreadLocalTest, ParameterizedConstructorSetsDefault) {
+ ThreadLocal<std::string> thread_local_string("foo");
+ EXPECT_STREQ("foo", thread_local_string.get().c_str());
+
+ thread_local_string.set("bar");
+ EXPECT_STREQ("bar", thread_local_string.get().c_str());
+
+ std::string result;
+ RunFromThread(&RetrieveThreadLocalValue,
+ make_pair(&thread_local_string, &result));
+ EXPECT_STREQ("foo", result.c_str());
+}
+
+// Keeps track of whether of destructors being called on instances of
+// DestructorTracker. On Windows, waits for the destructor call reports.
+class DestructorCall {
+ public:
+ DestructorCall() {
+ invoked_ = false;
+#if GTEST_OS_WINDOWS
+ wait_event_.Reset(::CreateEvent(NULL, TRUE, FALSE, NULL));
+ GTEST_CHECK_(wait_event_.Get() != NULL);
+#endif
+ }
+
+ bool CheckDestroyed() const {
+#if GTEST_OS_WINDOWS
+ if (::WaitForSingleObject(wait_event_.Get(), 1000) != WAIT_OBJECT_0)
+ return false;
+#endif
+ return invoked_;
+ }
+
+ void ReportDestroyed() {
+ invoked_ = true;
+#if GTEST_OS_WINDOWS
+ ::SetEvent(wait_event_.Get());
+#endif
+ }
+
+ static std::vector<DestructorCall*>& List() { return *list_; }
+
+ static void ResetList() {
+ for (size_t i = 0; i < list_->size(); ++i) {
+ delete list_->at(i);
+ }
+ list_->clear();
+ }
+
+ private:
+ bool invoked_;
+#if GTEST_OS_WINDOWS
+ AutoHandle wait_event_;
+#endif
+ static std::vector<DestructorCall*>* const list_;
+
+ GTEST_DISALLOW_COPY_AND_ASSIGN_(DestructorCall);
+};
+
+std::vector<DestructorCall*>* const DestructorCall::list_ =
+ new std::vector<DestructorCall*>;
+
+// DestructorTracker keeps track of whether its instances have been
+// destroyed.
+class DestructorTracker {
+ public:
+ DestructorTracker() : index_(GetNewIndex()) {}
+ DestructorTracker(const DestructorTracker& /* rhs */)
+ : index_(GetNewIndex()) {}
+ ~DestructorTracker() {
+ // We never access DestructorCall::List() concurrently, so we don't need
+ // to protect this access with a mutex.
+ DestructorCall::List()[index_]->ReportDestroyed();
+ }
+
+ private:
+ static size_t GetNewIndex() {
+ DestructorCall::List().push_back(new DestructorCall);
+ return DestructorCall::List().size() - 1;
+ }
+ const size_t index_;
+
+ GTEST_DISALLOW_ASSIGN_(DestructorTracker);
+};
+
+typedef ThreadLocal<DestructorTracker>* ThreadParam;
+
+void CallThreadLocalGet(ThreadParam thread_local_param) {
+ thread_local_param->get();
+}
+
+// Tests that when a ThreadLocal object dies in a thread, it destroys
+// the managed object for that thread.
+TEST(ThreadLocalTest, DestroysManagedObjectForOwnThreadWhenDying) {
+ DestructorCall::ResetList();
+
+ {
+ ThreadLocal<DestructorTracker> thread_local_tracker;
+ ASSERT_EQ(0U, DestructorCall::List().size());
+
+ // This creates another DestructorTracker object for the main thread.
+ thread_local_tracker.get();
+ ASSERT_EQ(1U, DestructorCall::List().size());
+ ASSERT_FALSE(DestructorCall::List()[0]->CheckDestroyed());
+ }
+
+ // Now thread_local_tracker has died.
+ ASSERT_EQ(1U, DestructorCall::List().size());
+ EXPECT_TRUE(DestructorCall::List()[0]->CheckDestroyed());
+
+ DestructorCall::ResetList();
+}
+
+// Tests that when a thread exits, the thread-local object for that
+// thread is destroyed.
+TEST(ThreadLocalTest, DestroysManagedObjectAtThreadExit) {
+ DestructorCall::ResetList();
+
+ {
+ ThreadLocal<DestructorTracker> thread_local_tracker;
+ ASSERT_EQ(0U, DestructorCall::List().size());
+
+ // This creates another DestructorTracker object in the new thread.
+ ThreadWithParam<ThreadParam> thread(
+ &CallThreadLocalGet, &thread_local_tracker, NULL);
+ thread.Join();
+
+ // The thread has exited, and we should have a DestroyedTracker
+ // instance created for it. But it may not have been destroyed yet.
+ ASSERT_EQ(1U, DestructorCall::List().size());
+ }
+
+ // The thread has exited and thread_local_tracker has died.
+ ASSERT_EQ(1U, DestructorCall::List().size());
+ EXPECT_TRUE(DestructorCall::List()[0]->CheckDestroyed());
+
+ DestructorCall::ResetList();
+}
+
+TEST(ThreadLocalTest, ThreadLocalMutationsAffectOnlyCurrentThread) {
+ ThreadLocal<std::string> thread_local_string;
+ thread_local_string.set("Foo");
+ EXPECT_STREQ("Foo", thread_local_string.get().c_str());
+
+ std::string result;
+ RunFromThread(&RetrieveThreadLocalValue,
+ make_pair(&thread_local_string, &result));
+ EXPECT_TRUE(result.empty());
+}
+
+#endif // GTEST_IS_THREADSAFE
+
+#if GTEST_OS_WINDOWS
+TEST(WindowsTypesTest, HANDLEIsVoidStar) {
+ StaticAssertTypeEq<HANDLE, void*>();
+}
+
+#if GTEST_OS_WINDOWS_MINGW && !defined(__MINGW64_VERSION_MAJOR)
+TEST(WindowsTypesTest, _CRITICAL_SECTIONIs_CRITICAL_SECTION) {
+ StaticAssertTypeEq<CRITICAL_SECTION, _CRITICAL_SECTION>();
+}
+#else
+TEST(WindowsTypesTest, CRITICAL_SECTIONIs_RTL_CRITICAL_SECTION) {
+ StaticAssertTypeEq<CRITICAL_SECTION, _RTL_CRITICAL_SECTION>();
+}
+#endif
+
+#endif // GTEST_OS_WINDOWS
+
+} // namespace internal
+} // namespace testing
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-printers-test.cc b/security/nss/gtests/google_test/gtest/test/googletest-printers-test.cc
new file mode 100644
index 000000000..ea8369d27
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-printers-test.cc
@@ -0,0 +1,1748 @@
+// Copyright 2007, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+// Google Test - The Google C++ Testing and Mocking Framework
+//
+// This file tests the universal value printer.
+
+#include <ctype.h>
+#include <limits.h>
+#include <string.h>
+#include <algorithm>
+#include <deque>
+#include <list>
+#include <map>
+#include <set>
+#include <sstream>
+#include <string>
+#include <utility>
+#include <vector>
+
+#include "gtest/gtest-printers.h"
+#include "gtest/gtest.h"
+
+#if GTEST_HAS_UNORDERED_MAP_
+# include <unordered_map> // NOLINT
+#endif // GTEST_HAS_UNORDERED_MAP_
+
+#if GTEST_HAS_UNORDERED_SET_
+# include <unordered_set> // NOLINT
+#endif // GTEST_HAS_UNORDERED_SET_
+
+#if GTEST_HAS_STD_FORWARD_LIST_
+# include <forward_list> // NOLINT
+#endif // GTEST_HAS_STD_FORWARD_LIST_
+
+// Some user-defined types for testing the universal value printer.
+
+// An anonymous enum type.
+enum AnonymousEnum {
+ kAE1 = -1,
+ kAE2 = 1
+};
+
+// An enum without a user-defined printer.
+enum EnumWithoutPrinter {
+ kEWP1 = -2,
+ kEWP2 = 42
+};
+
+// An enum with a << operator.
+enum EnumWithStreaming {
+ kEWS1 = 10
+};
+
+std::ostream& operator<<(std::ostream& os, EnumWithStreaming e) {
+ return os << (e == kEWS1 ? "kEWS1" : "invalid");
+}
+
+// An enum with a PrintTo() function.
+enum EnumWithPrintTo {
+ kEWPT1 = 1
+};
+
+void PrintTo(EnumWithPrintTo e, std::ostream* os) {
+ *os << (e == kEWPT1 ? "kEWPT1" : "invalid");
+}
+
+// A class implicitly convertible to BiggestInt.
+class BiggestIntConvertible {
+ public:
+ operator ::testing::internal::BiggestInt() const { return 42; }
+};
+
+// A user-defined unprintable class template in the global namespace.
+template <typename T>
+class UnprintableTemplateInGlobal {
+ public:
+ UnprintableTemplateInGlobal() : value_() {}
+ private:
+ T value_;
+};
+
+// A user-defined streamable type in the global namespace.
+class StreamableInGlobal {
+ public:
+ virtual ~StreamableInGlobal() {}
+};
+
+inline void operator<<(::std::ostream& os, const StreamableInGlobal& /* x */) {
+ os << "StreamableInGlobal";
+}
+
+void operator<<(::std::ostream& os, const StreamableInGlobal* /* x */) {
+ os << "StreamableInGlobal*";
+}
+
+namespace foo {
+
+// A user-defined unprintable type in a user namespace.
+class UnprintableInFoo {
+ public:
+ UnprintableInFoo() : z_(0) { memcpy(xy_, "\xEF\x12\x0\x0\x34\xAB\x0\x0", 8); }
+ double z() const { return z_; }
+ private:
+ char xy_[8];
+ double z_;
+};
+
+// A user-defined printable type in a user-chosen namespace.
+struct PrintableViaPrintTo {
+ PrintableViaPrintTo() : value() {}
+ int value;
+};
+
+void PrintTo(const PrintableViaPrintTo& x, ::std::ostream* os) {
+ *os << "PrintableViaPrintTo: " << x.value;
+}
+
+// A type with a user-defined << for printing its pointer.
+struct PointerPrintable {
+};
+
+::std::ostream& operator<<(::std::ostream& os,
+ const PointerPrintable* /* x */) {
+ return os << "PointerPrintable*";
+}
+
+// A user-defined printable class template in a user-chosen namespace.
+template <typename T>
+class PrintableViaPrintToTemplate {
+ public:
+ explicit PrintableViaPrintToTemplate(const T& a_value) : value_(a_value) {}
+
+ const T& value() const { return value_; }
+ private:
+ T value_;
+};
+
+template <typename T>
+void PrintTo(const PrintableViaPrintToTemplate<T>& x, ::std::ostream* os) {
+ *os << "PrintableViaPrintToTemplate: " << x.value();
+}
+
+// A user-defined streamable class template in a user namespace.
+template <typename T>
+class StreamableTemplateInFoo {
+ public:
+ StreamableTemplateInFoo() : value_() {}
+
+ const T& value() const { return value_; }
+ private:
+ T value_;
+};
+
+template <typename T>
+inline ::std::ostream& operator<<(::std::ostream& os,
+ const StreamableTemplateInFoo<T>& x) {
+ return os << "StreamableTemplateInFoo: " << x.value();
+}
+
+// A user-defined streamable but recursivly-defined container type in
+// a user namespace, it mimics therefore std::filesystem::path or
+// boost::filesystem::path.
+class PathLike {
+ public:
+ struct iterator {
+ typedef PathLike value_type;
+ };
+
+ PathLike() {}
+
+ iterator begin() const { return iterator(); }
+ iterator end() const { return iterator(); }
+
+ friend ::std::ostream& operator<<(::std::ostream& os, const PathLike&) {
+ return os << "Streamable-PathLike";
+ }
+};
+
+} // namespace foo
+
+namespace testing {
+namespace gtest_printers_test {
+
+using ::std::deque;
+using ::std::list;
+using ::std::make_pair;
+using ::std::map;
+using ::std::multimap;
+using ::std::multiset;
+using ::std::pair;
+using ::std::set;
+using ::std::vector;
+using ::testing::PrintToString;
+using ::testing::internal::FormatForComparisonFailureMessage;
+using ::testing::internal::ImplicitCast_;
+using ::testing::internal::NativeArray;
+using ::testing::internal::RE;
+using ::testing::internal::RelationToSourceReference;
+using ::testing::internal::Strings;
+using ::testing::internal::UniversalPrint;
+using ::testing::internal::UniversalPrinter;
+using ::testing::internal::UniversalTersePrint;
+#if GTEST_HAS_TR1_TUPLE || GTEST_HAS_STD_TUPLE_
+using ::testing::internal::UniversalTersePrintTupleFieldsToStrings;
+#endif
+
+// Prints a value to a string using the universal value printer. This
+// is a helper for testing UniversalPrinter<T>::Print() for various types.
+template <typename T>
+std::string Print(const T& value) {
+ ::std::stringstream ss;
+ UniversalPrinter<T>::Print(value, &ss);
+ return ss.str();
+}
+
+// Prints a value passed by reference to a string, using the universal
+// value printer. This is a helper for testing
+// UniversalPrinter<T&>::Print() for various types.
+template <typename T>
+std::string PrintByRef(const T& value) {
+ ::std::stringstream ss;
+ UniversalPrinter<T&>::Print(value, &ss);
+ return ss.str();
+}
+
+// Tests printing various enum types.
+
+TEST(PrintEnumTest, AnonymousEnum) {
+ EXPECT_EQ("-1", Print(kAE1));
+ EXPECT_EQ("1", Print(kAE2));
+}
+
+TEST(PrintEnumTest, EnumWithoutPrinter) {
+ EXPECT_EQ("-2", Print(kEWP1));
+ EXPECT_EQ("42", Print(kEWP2));
+}
+
+TEST(PrintEnumTest, EnumWithStreaming) {
+ EXPECT_EQ("kEWS1", Print(kEWS1));
+ EXPECT_EQ("invalid", Print(static_cast<EnumWithStreaming>(0)));
+}
+
+TEST(PrintEnumTest, EnumWithPrintTo) {
+ EXPECT_EQ("kEWPT1", Print(kEWPT1));
+ EXPECT_EQ("invalid", Print(static_cast<EnumWithPrintTo>(0)));
+}
+
+// Tests printing a class implicitly convertible to BiggestInt.
+
+TEST(PrintClassTest, BiggestIntConvertible) {
+ EXPECT_EQ("42", Print(BiggestIntConvertible()));
+}
+
+// Tests printing various char types.
+
+// char.
+TEST(PrintCharTest, PlainChar) {
+ EXPECT_EQ("'\\0'", Print('\0'));
+ EXPECT_EQ("'\\'' (39, 0x27)", Print('\''));
+ EXPECT_EQ("'\"' (34, 0x22)", Print('"'));
+ EXPECT_EQ("'?' (63, 0x3F)", Print('?'));
+ EXPECT_EQ("'\\\\' (92, 0x5C)", Print('\\'));
+ EXPECT_EQ("'\\a' (7)", Print('\a'));
+ EXPECT_EQ("'\\b' (8)", Print('\b'));
+ EXPECT_EQ("'\\f' (12, 0xC)", Print('\f'));
+ EXPECT_EQ("'\\n' (10, 0xA)", Print('\n'));
+ EXPECT_EQ("'\\r' (13, 0xD)", Print('\r'));
+ EXPECT_EQ("'\\t' (9)", Print('\t'));
+ EXPECT_EQ("'\\v' (11, 0xB)", Print('\v'));
+ EXPECT_EQ("'\\x7F' (127)", Print('\x7F'));
+ EXPECT_EQ("'\\xFF' (255)", Print('\xFF'));
+ EXPECT_EQ("' ' (32, 0x20)", Print(' '));
+ EXPECT_EQ("'a' (97, 0x61)", Print('a'));
+}
+
+// signed char.
+TEST(PrintCharTest, SignedChar) {
+ EXPECT_EQ("'\\0'", Print(static_cast<signed char>('\0')));
+ EXPECT_EQ("'\\xCE' (-50)",
+ Print(static_cast<signed char>(-50)));
+}
+
+// unsigned char.
+TEST(PrintCharTest, UnsignedChar) {
+ EXPECT_EQ("'\\0'", Print(static_cast<unsigned char>('\0')));
+ EXPECT_EQ("'b' (98, 0x62)",
+ Print(static_cast<unsigned char>('b')));
+}
+
+// Tests printing other simple, built-in types.
+
+// bool.
+TEST(PrintBuiltInTypeTest, Bool) {
+ EXPECT_EQ("false", Print(false));
+ EXPECT_EQ("true", Print(true));
+}
+
+// wchar_t.
+TEST(PrintBuiltInTypeTest, Wchar_t) {
+ EXPECT_EQ("L'\\0'", Print(L'\0'));
+ EXPECT_EQ("L'\\'' (39, 0x27)", Print(L'\''));
+ EXPECT_EQ("L'\"' (34, 0x22)", Print(L'"'));
+ EXPECT_EQ("L'?' (63, 0x3F)", Print(L'?'));
+ EXPECT_EQ("L'\\\\' (92, 0x5C)", Print(L'\\'));
+ EXPECT_EQ("L'\\a' (7)", Print(L'\a'));
+ EXPECT_EQ("L'\\b' (8)", Print(L'\b'));
+ EXPECT_EQ("L'\\f' (12, 0xC)", Print(L'\f'));
+ EXPECT_EQ("L'\\n' (10, 0xA)", Print(L'\n'));
+ EXPECT_EQ("L'\\r' (13, 0xD)", Print(L'\r'));
+ EXPECT_EQ("L'\\t' (9)", Print(L'\t'));
+ EXPECT_EQ("L'\\v' (11, 0xB)", Print(L'\v'));
+ EXPECT_EQ("L'\\x7F' (127)", Print(L'\x7F'));
+ EXPECT_EQ("L'\\xFF' (255)", Print(L'\xFF'));
+ EXPECT_EQ("L' ' (32, 0x20)", Print(L' '));
+ EXPECT_EQ("L'a' (97, 0x61)", Print(L'a'));
+ EXPECT_EQ("L'\\x576' (1398)", Print(static_cast<wchar_t>(0x576)));
+ EXPECT_EQ("L'\\xC74D' (51021)", Print(static_cast<wchar_t>(0xC74D)));
+}
+
+// Test that Int64 provides more storage than wchar_t.
+TEST(PrintTypeSizeTest, Wchar_t) {
+ EXPECT_LT(sizeof(wchar_t), sizeof(testing::internal::Int64));
+}
+
+// Various integer types.
+TEST(PrintBuiltInTypeTest, Integer) {
+ EXPECT_EQ("'\\xFF' (255)", Print(static_cast<unsigned char>(255))); // uint8
+ EXPECT_EQ("'\\x80' (-128)", Print(static_cast<signed char>(-128))); // int8
+ EXPECT_EQ("65535", Print(USHRT_MAX)); // uint16
+ EXPECT_EQ("-32768", Print(SHRT_MIN)); // int16
+ EXPECT_EQ("4294967295", Print(UINT_MAX)); // uint32
+ EXPECT_EQ("-2147483648", Print(INT_MIN)); // int32
+ EXPECT_EQ("18446744073709551615",
+ Print(static_cast<testing::internal::UInt64>(-1))); // uint64
+ EXPECT_EQ("-9223372036854775808",
+ Print(static_cast<testing::internal::Int64>(1) << 63)); // int64
+}
+
+// Size types.
+TEST(PrintBuiltInTypeTest, Size_t) {
+ EXPECT_EQ("1", Print(sizeof('a'))); // size_t.
+#if !GTEST_OS_WINDOWS
+ // Windows has no ssize_t type.
+ EXPECT_EQ("-2", Print(static_cast<ssize_t>(-2))); // ssize_t.
+#endif // !GTEST_OS_WINDOWS
+}
+
+// Floating-points.
+TEST(PrintBuiltInTypeTest, FloatingPoints) {
+ EXPECT_EQ("1.5", Print(1.5f)); // float
+ EXPECT_EQ("-2.5", Print(-2.5)); // double
+}
+
+// Since ::std::stringstream::operator<<(const void *) formats the pointer
+// output differently with different compilers, we have to create the expected
+// output first and use it as our expectation.
+static std::string PrintPointer(const void* p) {
+ ::std::stringstream expected_result_stream;
+ expected_result_stream << p;
+ return expected_result_stream.str();
+}
+
+// Tests printing C strings.
+
+// const char*.
+TEST(PrintCStringTest, Const) {
+ const char* p = "World";
+ EXPECT_EQ(PrintPointer(p) + " pointing to \"World\"", Print(p));
+}
+
+// char*.
+TEST(PrintCStringTest, NonConst) {
+ char p[] = "Hi";
+ EXPECT_EQ(PrintPointer(p) + " pointing to \"Hi\"",
+ Print(static_cast<char*>(p)));
+}
+
+// NULL C string.
+TEST(PrintCStringTest, Null) {
+ const char* p = NULL;
+ EXPECT_EQ("NULL", Print(p));
+}
+
+// Tests that C strings are escaped properly.
+TEST(PrintCStringTest, EscapesProperly) {
+ const char* p = "'\"?\\\a\b\f\n\r\t\v\x7F\xFF a";
+ EXPECT_EQ(PrintPointer(p) + " pointing to \"'\\\"?\\\\\\a\\b\\f"
+ "\\n\\r\\t\\v\\x7F\\xFF a\"",
+ Print(p));
+}
+
+// MSVC compiler can be configured to define whar_t as a typedef
+// of unsigned short. Defining an overload for const wchar_t* in that case
+// would cause pointers to unsigned shorts be printed as wide strings,
+// possibly accessing more memory than intended and causing invalid
+// memory accesses. MSVC defines _NATIVE_WCHAR_T_DEFINED symbol when
+// wchar_t is implemented as a native type.
+#if !defined(_MSC_VER) || defined(_NATIVE_WCHAR_T_DEFINED)
+
+// const wchar_t*.
+TEST(PrintWideCStringTest, Const) {
+ const wchar_t* p = L"World";
+ EXPECT_EQ(PrintPointer(p) + " pointing to L\"World\"", Print(p));
+}
+
+// wchar_t*.
+TEST(PrintWideCStringTest, NonConst) {
+ wchar_t p[] = L"Hi";
+ EXPECT_EQ(PrintPointer(p) + " pointing to L\"Hi\"",
+ Print(static_cast<wchar_t*>(p)));
+}
+
+// NULL wide C string.
+TEST(PrintWideCStringTest, Null) {
+ const wchar_t* p = NULL;
+ EXPECT_EQ("NULL", Print(p));
+}
+
+// Tests that wide C strings are escaped properly.
+TEST(PrintWideCStringTest, EscapesProperly) {
+ const wchar_t s[] = {'\'', '"', '?', '\\', '\a', '\b', '\f', '\n', '\r',
+ '\t', '\v', 0xD3, 0x576, 0x8D3, 0xC74D, ' ', 'a', '\0'};
+ EXPECT_EQ(PrintPointer(s) + " pointing to L\"'\\\"?\\\\\\a\\b\\f"
+ "\\n\\r\\t\\v\\xD3\\x576\\x8D3\\xC74D a\"",
+ Print(static_cast<const wchar_t*>(s)));
+}
+#endif // native wchar_t
+
+// Tests printing pointers to other char types.
+
+// signed char*.
+TEST(PrintCharPointerTest, SignedChar) {
+ signed char* p = reinterpret_cast<signed char*>(0x1234);
+ EXPECT_EQ(PrintPointer(p), Print(p));
+ p = NULL;
+ EXPECT_EQ("NULL", Print(p));
+}
+
+// const signed char*.
+TEST(PrintCharPointerTest, ConstSignedChar) {
+ signed char* p = reinterpret_cast<signed char*>(0x1234);
+ EXPECT_EQ(PrintPointer(p), Print(p));
+ p = NULL;
+ EXPECT_EQ("NULL", Print(p));
+}
+
+// unsigned char*.
+TEST(PrintCharPointerTest, UnsignedChar) {
+ unsigned char* p = reinterpret_cast<unsigned char*>(0x1234);
+ EXPECT_EQ(PrintPointer(p), Print(p));
+ p = NULL;
+ EXPECT_EQ("NULL", Print(p));
+}
+
+// const unsigned char*.
+TEST(PrintCharPointerTest, ConstUnsignedChar) {
+ const unsigned char* p = reinterpret_cast<const unsigned char*>(0x1234);
+ EXPECT_EQ(PrintPointer(p), Print(p));
+ p = NULL;
+ EXPECT_EQ("NULL", Print(p));
+}
+
+// Tests printing pointers to simple, built-in types.
+
+// bool*.
+TEST(PrintPointerToBuiltInTypeTest, Bool) {
+ bool* p = reinterpret_cast<bool*>(0xABCD);
+ EXPECT_EQ(PrintPointer(p), Print(p));
+ p = NULL;
+ EXPECT_EQ("NULL", Print(p));
+}
+
+// void*.
+TEST(PrintPointerToBuiltInTypeTest, Void) {
+ void* p = reinterpret_cast<void*>(0xABCD);
+ EXPECT_EQ(PrintPointer(p), Print(p));
+ p = NULL;
+ EXPECT_EQ("NULL", Print(p));
+}
+
+// const void*.
+TEST(PrintPointerToBuiltInTypeTest, ConstVoid) {
+ const void* p = reinterpret_cast<const void*>(0xABCD);
+ EXPECT_EQ(PrintPointer(p), Print(p));
+ p = NULL;
+ EXPECT_EQ("NULL", Print(p));
+}
+
+// Tests printing pointers to pointers.
+TEST(PrintPointerToPointerTest, IntPointerPointer) {
+ int** p = reinterpret_cast<int**>(0xABCD);
+ EXPECT_EQ(PrintPointer(p), Print(p));
+ p = NULL;
+ EXPECT_EQ("NULL", Print(p));
+}
+
+// Tests printing (non-member) function pointers.
+
+void MyFunction(int /* n */) {}
+
+TEST(PrintPointerTest, NonMemberFunctionPointer) {
+ // We cannot directly cast &MyFunction to const void* because the
+ // standard disallows casting between pointers to functions and
+ // pointers to objects, and some compilers (e.g. GCC 3.4) enforce
+ // this limitation.
+ EXPECT_EQ(
+ PrintPointer(reinterpret_cast<const void*>(
+ reinterpret_cast<internal::BiggestInt>(&MyFunction))),
+ Print(&MyFunction));
+ int (*p)(bool) = NULL; // NOLINT
+ EXPECT_EQ("NULL", Print(p));
+}
+
+// An assertion predicate determining whether a one string is a prefix for
+// another.
+template <typename StringType>
+AssertionResult HasPrefix(const StringType& str, const StringType& prefix) {
+ if (str.find(prefix, 0) == 0)
+ return AssertionSuccess();
+
+ const bool is_wide_string = sizeof(prefix[0]) > 1;
+ const char* const begin_string_quote = is_wide_string ? "L\"" : "\"";
+ return AssertionFailure()
+ << begin_string_quote << prefix << "\" is not a prefix of "
+ << begin_string_quote << str << "\"\n";
+}
+
+// Tests printing member variable pointers. Although they are called
+// pointers, they don't point to a location in the address space.
+// Their representation is implementation-defined. Thus they will be
+// printed as raw bytes.
+
+struct Foo {
+ public:
+ virtual ~Foo() {}
+ int MyMethod(char x) { return x + 1; }
+ virtual char MyVirtualMethod(int /* n */) { return 'a'; }
+
+ int value;
+};
+
+TEST(PrintPointerTest, MemberVariablePointer) {
+ EXPECT_TRUE(HasPrefix(Print(&Foo::value),
+ Print(sizeof(&Foo::value)) + "-byte object "));
+ int Foo::*p = NULL; // NOLINT
+ EXPECT_TRUE(HasPrefix(Print(p),
+ Print(sizeof(p)) + "-byte object "));
+}
+
+// Tests printing member function pointers. Although they are called
+// pointers, they don't point to a location in the address space.
+// Their representation is implementation-defined. Thus they will be
+// printed as raw bytes.
+TEST(PrintPointerTest, MemberFunctionPointer) {
+ EXPECT_TRUE(HasPrefix(Print(&Foo::MyMethod),
+ Print(sizeof(&Foo::MyMethod)) + "-byte object "));
+ EXPECT_TRUE(
+ HasPrefix(Print(&Foo::MyVirtualMethod),
+ Print(sizeof((&Foo::MyVirtualMethod))) + "-byte object "));
+ int (Foo::*p)(char) = NULL; // NOLINT
+ EXPECT_TRUE(HasPrefix(Print(p),
+ Print(sizeof(p)) + "-byte object "));
+}
+
+// Tests printing C arrays.
+
+// The difference between this and Print() is that it ensures that the
+// argument is a reference to an array.
+template <typename T, size_t N>
+std::string PrintArrayHelper(T (&a)[N]) {
+ return Print(a);
+}
+
+// One-dimensional array.
+TEST(PrintArrayTest, OneDimensionalArray) {
+ int a[5] = { 1, 2, 3, 4, 5 };
+ EXPECT_EQ("{ 1, 2, 3, 4, 5 }", PrintArrayHelper(a));
+}
+
+// Two-dimensional array.
+TEST(PrintArrayTest, TwoDimensionalArray) {
+ int a[2][5] = {
+ { 1, 2, 3, 4, 5 },
+ { 6, 7, 8, 9, 0 }
+ };
+ EXPECT_EQ("{ { 1, 2, 3, 4, 5 }, { 6, 7, 8, 9, 0 } }", PrintArrayHelper(a));
+}
+
+// Array of const elements.
+TEST(PrintArrayTest, ConstArray) {
+ const bool a[1] = { false };
+ EXPECT_EQ("{ false }", PrintArrayHelper(a));
+}
+
+// char array without terminating NUL.
+TEST(PrintArrayTest, CharArrayWithNoTerminatingNul) {
+ // Array a contains '\0' in the middle and doesn't end with '\0'.
+ char a[] = { 'H', '\0', 'i' };
+ EXPECT_EQ("\"H\\0i\" (no terminating NUL)", PrintArrayHelper(a));
+}
+
+// const char array with terminating NUL.
+TEST(PrintArrayTest, ConstCharArrayWithTerminatingNul) {
+ const char a[] = "\0Hi";
+ EXPECT_EQ("\"\\0Hi\"", PrintArrayHelper(a));
+}
+
+// const wchar_t array without terminating NUL.
+TEST(PrintArrayTest, WCharArrayWithNoTerminatingNul) {
+ // Array a contains '\0' in the middle and doesn't end with '\0'.
+ const wchar_t a[] = { L'H', L'\0', L'i' };
+ EXPECT_EQ("L\"H\\0i\" (no terminating NUL)", PrintArrayHelper(a));
+}
+
+// wchar_t array with terminating NUL.
+TEST(PrintArrayTest, WConstCharArrayWithTerminatingNul) {
+ const wchar_t a[] = L"\0Hi";
+ EXPECT_EQ("L\"\\0Hi\"", PrintArrayHelper(a));
+}
+
+// Array of objects.
+TEST(PrintArrayTest, ObjectArray) {
+ std::string a[3] = {"Hi", "Hello", "Ni hao"};
+ EXPECT_EQ("{ \"Hi\", \"Hello\", \"Ni hao\" }", PrintArrayHelper(a));
+}
+
+// Array with many elements.
+TEST(PrintArrayTest, BigArray) {
+ int a[100] = { 1, 2, 3 };
+ EXPECT_EQ("{ 1, 2, 3, 0, 0, 0, 0, 0, ..., 0, 0, 0, 0, 0, 0, 0, 0 }",
+ PrintArrayHelper(a));
+}
+
+// Tests printing ::string and ::std::string.
+
+#if GTEST_HAS_GLOBAL_STRING
+// ::string.
+TEST(PrintStringTest, StringInGlobalNamespace) {
+ const char s[] = "'\"?\\\a\b\f\n\0\r\t\v\x7F\xFF a";
+ const ::string str(s, sizeof(s));
+ EXPECT_EQ("\"'\\\"?\\\\\\a\\b\\f\\n\\0\\r\\t\\v\\x7F\\xFF a\\0\"",
+ Print(str));
+}
+#endif // GTEST_HAS_GLOBAL_STRING
+
+// ::std::string.
+TEST(PrintStringTest, StringInStdNamespace) {
+ const char s[] = "'\"?\\\a\b\f\n\0\r\t\v\x7F\xFF a";
+ const ::std::string str(s, sizeof(s));
+ EXPECT_EQ("\"'\\\"?\\\\\\a\\b\\f\\n\\0\\r\\t\\v\\x7F\\xFF a\\0\"",
+ Print(str));
+}
+
+TEST(PrintStringTest, StringAmbiguousHex) {
+ // "\x6BANANA" is ambiguous, it can be interpreted as starting with either of:
+ // '\x6', '\x6B', or '\x6BA'.
+
+ // a hex escaping sequence following by a decimal digit
+ EXPECT_EQ("\"0\\x12\" \"3\"", Print(::std::string("0\x12" "3")));
+ // a hex escaping sequence following by a hex digit (lower-case)
+ EXPECT_EQ("\"mm\\x6\" \"bananas\"", Print(::std::string("mm\x6" "bananas")));
+ // a hex escaping sequence following by a hex digit (upper-case)
+ EXPECT_EQ("\"NOM\\x6\" \"BANANA\"", Print(::std::string("NOM\x6" "BANANA")));
+ // a hex escaping sequence following by a non-xdigit
+ EXPECT_EQ("\"!\\x5-!\"", Print(::std::string("!\x5-!")));
+}
+
+// Tests printing ::wstring and ::std::wstring.
+
+#if GTEST_HAS_GLOBAL_WSTRING
+// ::wstring.
+TEST(PrintWideStringTest, StringInGlobalNamespace) {
+ const wchar_t s[] = L"'\"?\\\a\b\f\n\0\r\t\v\xD3\x576\x8D3\xC74D a";
+ const ::wstring str(s, sizeof(s)/sizeof(wchar_t));
+ EXPECT_EQ("L\"'\\\"?\\\\\\a\\b\\f\\n\\0\\r\\t\\v"
+ "\\xD3\\x576\\x8D3\\xC74D a\\0\"",
+ Print(str));
+}
+#endif // GTEST_HAS_GLOBAL_WSTRING
+
+#if GTEST_HAS_STD_WSTRING
+// ::std::wstring.
+TEST(PrintWideStringTest, StringInStdNamespace) {
+ const wchar_t s[] = L"'\"?\\\a\b\f\n\0\r\t\v\xD3\x576\x8D3\xC74D a";
+ const ::std::wstring str(s, sizeof(s)/sizeof(wchar_t));
+ EXPECT_EQ("L\"'\\\"?\\\\\\a\\b\\f\\n\\0\\r\\t\\v"
+ "\\xD3\\x576\\x8D3\\xC74D a\\0\"",
+ Print(str));
+}
+
+TEST(PrintWideStringTest, StringAmbiguousHex) {
+ // same for wide strings.
+ EXPECT_EQ("L\"0\\x12\" L\"3\"", Print(::std::wstring(L"0\x12" L"3")));
+ EXPECT_EQ("L\"mm\\x6\" L\"bananas\"",
+ Print(::std::wstring(L"mm\x6" L"bananas")));
+ EXPECT_EQ("L\"NOM\\x6\" L\"BANANA\"",
+ Print(::std::wstring(L"NOM\x6" L"BANANA")));
+ EXPECT_EQ("L\"!\\x5-!\"", Print(::std::wstring(L"!\x5-!")));
+}
+#endif // GTEST_HAS_STD_WSTRING
+
+// Tests printing types that support generic streaming (i.e. streaming
+// to std::basic_ostream<Char, CharTraits> for any valid Char and
+// CharTraits types).
+
+// Tests printing a non-template type that supports generic streaming.
+
+class AllowsGenericStreaming {};
+
+template <typename Char, typename CharTraits>
+std::basic_ostream<Char, CharTraits>& operator<<(
+ std::basic_ostream<Char, CharTraits>& os,
+ const AllowsGenericStreaming& /* a */) {
+ return os << "AllowsGenericStreaming";
+}
+
+TEST(PrintTypeWithGenericStreamingTest, NonTemplateType) {
+ AllowsGenericStreaming a;
+ EXPECT_EQ("AllowsGenericStreaming", Print(a));
+}
+
+// Tests printing a template type that supports generic streaming.
+
+template <typename T>
+class AllowsGenericStreamingTemplate {};
+
+template <typename Char, typename CharTraits, typename T>
+std::basic_ostream<Char, CharTraits>& operator<<(
+ std::basic_ostream<Char, CharTraits>& os,
+ const AllowsGenericStreamingTemplate<T>& /* a */) {
+ return os << "AllowsGenericStreamingTemplate";
+}
+
+TEST(PrintTypeWithGenericStreamingTest, TemplateType) {
+ AllowsGenericStreamingTemplate<int> a;
+ EXPECT_EQ("AllowsGenericStreamingTemplate", Print(a));
+}
+
+// Tests printing a type that supports generic streaming and can be
+// implicitly converted to another printable type.
+
+template <typename T>
+class AllowsGenericStreamingAndImplicitConversionTemplate {
+ public:
+ operator bool() const { return false; }
+};
+
+template <typename Char, typename CharTraits, typename T>
+std::basic_ostream<Char, CharTraits>& operator<<(
+ std::basic_ostream<Char, CharTraits>& os,
+ const AllowsGenericStreamingAndImplicitConversionTemplate<T>& /* a */) {
+ return os << "AllowsGenericStreamingAndImplicitConversionTemplate";
+}
+
+TEST(PrintTypeWithGenericStreamingTest, TypeImplicitlyConvertible) {
+ AllowsGenericStreamingAndImplicitConversionTemplate<int> a;
+ EXPECT_EQ("AllowsGenericStreamingAndImplicitConversionTemplate", Print(a));
+}
+
+#if GTEST_HAS_ABSL
+
+// Tests printing ::absl::string_view.
+
+TEST(PrintStringViewTest, SimpleStringView) {
+ const ::absl::string_view sp = "Hello";
+ EXPECT_EQ("\"Hello\"", Print(sp));
+}
+
+TEST(PrintStringViewTest, UnprintableCharacters) {
+ const char str[] = "NUL (\0) and \r\t";
+ const ::absl::string_view sp(str, sizeof(str) - 1);
+ EXPECT_EQ("\"NUL (\\0) and \\r\\t\"", Print(sp));
+}
+
+#endif // GTEST_HAS_ABSL
+
+// Tests printing STL containers.
+
+TEST(PrintStlContainerTest, EmptyDeque) {
+ deque<char> empty;
+ EXPECT_EQ("{}", Print(empty));
+}
+
+TEST(PrintStlContainerTest, NonEmptyDeque) {
+ deque<int> non_empty;
+ non_empty.push_back(1);
+ non_empty.push_back(3);
+ EXPECT_EQ("{ 1, 3 }", Print(non_empty));
+}
+
+#if GTEST_HAS_UNORDERED_MAP_
+
+TEST(PrintStlContainerTest, OneElementHashMap) {
+ ::std::unordered_map<int, char> map1;
+ map1[1] = 'a';
+ EXPECT_EQ("{ (1, 'a' (97, 0x61)) }", Print(map1));
+}
+
+TEST(PrintStlContainerTest, HashMultiMap) {
+ ::std::unordered_multimap<int, bool> map1;
+ map1.insert(make_pair(5, true));
+ map1.insert(make_pair(5, false));
+
+ // Elements of hash_multimap can be printed in any order.
+ const std::string result = Print(map1);
+ EXPECT_TRUE(result == "{ (5, true), (5, false) }" ||
+ result == "{ (5, false), (5, true) }")
+ << " where Print(map1) returns \"" << result << "\".";
+}
+
+#endif // GTEST_HAS_UNORDERED_MAP_
+
+#if GTEST_HAS_UNORDERED_SET_
+
+TEST(PrintStlContainerTest, HashSet) {
+ ::std::unordered_set<int> set1;
+ set1.insert(1);
+ EXPECT_EQ("{ 1 }", Print(set1));
+}
+
+TEST(PrintStlContainerTest, HashMultiSet) {
+ const int kSize = 5;
+ int a[kSize] = { 1, 1, 2, 5, 1 };
+ ::std::unordered_multiset<int> set1(a, a + kSize);
+
+ // Elements of hash_multiset can be printed in any order.
+ const std::string result = Print(set1);
+ const std::string expected_pattern = "{ d, d, d, d, d }"; // d means a digit.
+
+ // Verifies the result matches the expected pattern; also extracts
+ // the numbers in the result.
+ ASSERT_EQ(expected_pattern.length(), result.length());
+ std::vector<int> numbers;
+ for (size_t i = 0; i != result.length(); i++) {
+ if (expected_pattern[i] == 'd') {
+ ASSERT_NE(isdigit(static_cast<unsigned char>(result[i])), 0);
+ numbers.push_back(result[i] - '0');
+ } else {
+ EXPECT_EQ(expected_pattern[i], result[i]) << " where result is "
+ << result;
+ }
+ }
+
+ // Makes sure the result contains the right numbers.
+ std::sort(numbers.begin(), numbers.end());
+ std::sort(a, a + kSize);
+ EXPECT_TRUE(std::equal(a, a + kSize, numbers.begin()));
+}
+
+#endif // GTEST_HAS_UNORDERED_SET_
+
+TEST(PrintStlContainerTest, List) {
+ const std::string a[] = {"hello", "world"};
+ const list<std::string> strings(a, a + 2);
+ EXPECT_EQ("{ \"hello\", \"world\" }", Print(strings));
+}
+
+TEST(PrintStlContainerTest, Map) {
+ map<int, bool> map1;
+ map1[1] = true;
+ map1[5] = false;
+ map1[3] = true;
+ EXPECT_EQ("{ (1, true), (3, true), (5, false) }", Print(map1));
+}
+
+TEST(PrintStlContainerTest, MultiMap) {
+ multimap<bool, int> map1;
+ // The make_pair template function would deduce the type as
+ // pair<bool, int> here, and since the key part in a multimap has to
+ // be constant, without a templated ctor in the pair class (as in
+ // libCstd on Solaris), make_pair call would fail to compile as no
+ // implicit conversion is found. Thus explicit typename is used
+ // here instead.
+ map1.insert(pair<const bool, int>(true, 0));
+ map1.insert(pair<const bool, int>(true, 1));
+ map1.insert(pair<const bool, int>(false, 2));
+ EXPECT_EQ("{ (false, 2), (true, 0), (true, 1) }", Print(map1));
+}
+
+TEST(PrintStlContainerTest, Set) {
+ const unsigned int a[] = { 3, 0, 5 };
+ set<unsigned int> set1(a, a + 3);
+ EXPECT_EQ("{ 0, 3, 5 }", Print(set1));
+}
+
+TEST(PrintStlContainerTest, MultiSet) {
+ const int a[] = { 1, 1, 2, 5, 1 };
+ multiset<int> set1(a, a + 5);
+ EXPECT_EQ("{ 1, 1, 1, 2, 5 }", Print(set1));
+}
+
+#if GTEST_HAS_STD_FORWARD_LIST_
+
+TEST(PrintStlContainerTest, SinglyLinkedList) {
+ int a[] = { 9, 2, 8 };
+ const std::forward_list<int> ints(a, a + 3);
+ EXPECT_EQ("{ 9, 2, 8 }", Print(ints));
+}
+#endif // GTEST_HAS_STD_FORWARD_LIST_
+
+TEST(PrintStlContainerTest, Pair) {
+ pair<const bool, int> p(true, 5);
+ EXPECT_EQ("(true, 5)", Print(p));
+}
+
+TEST(PrintStlContainerTest, Vector) {
+ vector<int> v;
+ v.push_back(1);
+ v.push_back(2);
+ EXPECT_EQ("{ 1, 2 }", Print(v));
+}
+
+TEST(PrintStlContainerTest, LongSequence) {
+ const int a[100] = { 1, 2, 3 };
+ const vector<int> v(a, a + 100);
+ EXPECT_EQ("{ 1, 2, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, "
+ "0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ... }", Print(v));
+}
+
+TEST(PrintStlContainerTest, NestedContainer) {
+ const int a1[] = { 1, 2 };
+ const int a2[] = { 3, 4, 5 };
+ const list<int> l1(a1, a1 + 2);
+ const list<int> l2(a2, a2 + 3);
+
+ vector<list<int> > v;
+ v.push_back(l1);
+ v.push_back(l2);
+ EXPECT_EQ("{ { 1, 2 }, { 3, 4, 5 } }", Print(v));
+}
+
+TEST(PrintStlContainerTest, OneDimensionalNativeArray) {
+ const int a[3] = { 1, 2, 3 };
+ NativeArray<int> b(a, 3, RelationToSourceReference());
+ EXPECT_EQ("{ 1, 2, 3 }", Print(b));
+}
+
+TEST(PrintStlContainerTest, TwoDimensionalNativeArray) {
+ const int a[2][3] = { { 1, 2, 3 }, { 4, 5, 6 } };
+ NativeArray<int[3]> b(a, 2, RelationToSourceReference());
+ EXPECT_EQ("{ { 1, 2, 3 }, { 4, 5, 6 } }", Print(b));
+}
+
+// Tests that a class named iterator isn't treated as a container.
+
+struct iterator {
+ char x;
+};
+
+TEST(PrintStlContainerTest, Iterator) {
+ iterator it = {};
+ EXPECT_EQ("1-byte object <00>", Print(it));
+}
+
+// Tests that a class named const_iterator isn't treated as a container.
+
+struct const_iterator {
+ char x;
+};
+
+TEST(PrintStlContainerTest, ConstIterator) {
+ const_iterator it = {};
+ EXPECT_EQ("1-byte object <00>", Print(it));
+}
+
+#if GTEST_HAS_TR1_TUPLE
+// Tests printing ::std::tr1::tuples.
+
+// Tuples of various arities.
+TEST(PrintTr1TupleTest, VariousSizes) {
+ ::std::tr1::tuple<> t0;
+ EXPECT_EQ("()", Print(t0));
+
+ ::std::tr1::tuple<int> t1(5);
+ EXPECT_EQ("(5)", Print(t1));
+
+ ::std::tr1::tuple<char, bool> t2('a', true);
+ EXPECT_EQ("('a' (97, 0x61), true)", Print(t2));
+
+ ::std::tr1::tuple<bool, int, int> t3(false, 2, 3);
+ EXPECT_EQ("(false, 2, 3)", Print(t3));
+
+ ::std::tr1::tuple<bool, int, int, int> t4(false, 2, 3, 4);
+ EXPECT_EQ("(false, 2, 3, 4)", Print(t4));
+
+ ::std::tr1::tuple<bool, int, int, int, bool> t5(false, 2, 3, 4, true);
+ EXPECT_EQ("(false, 2, 3, 4, true)", Print(t5));
+
+ ::std::tr1::tuple<bool, int, int, int, bool, int> t6(false, 2, 3, 4, true, 6);
+ EXPECT_EQ("(false, 2, 3, 4, true, 6)", Print(t6));
+
+ ::std::tr1::tuple<bool, int, int, int, bool, int, int> t7(
+ false, 2, 3, 4, true, 6, 7);
+ EXPECT_EQ("(false, 2, 3, 4, true, 6, 7)", Print(t7));
+
+ ::std::tr1::tuple<bool, int, int, int, bool, int, int, bool> t8(
+ false, 2, 3, 4, true, 6, 7, true);
+ EXPECT_EQ("(false, 2, 3, 4, true, 6, 7, true)", Print(t8));
+
+ ::std::tr1::tuple<bool, int, int, int, bool, int, int, bool, int> t9(
+ false, 2, 3, 4, true, 6, 7, true, 9);
+ EXPECT_EQ("(false, 2, 3, 4, true, 6, 7, true, 9)", Print(t9));
+
+ const char* const str = "8";
+ // VC++ 2010's implementation of tuple of C++0x is deficient, requiring
+ // an explicit type cast of NULL to be used.
+ ::std::tr1::tuple<bool, char, short, testing::internal::Int32, // NOLINT
+ testing::internal::Int64, float, double, const char*, void*,
+ std::string>
+ t10(false, 'a', static_cast<short>(3), 4, 5, 1.5F, -2.5, str, // NOLINT
+ ImplicitCast_<void*>(NULL), "10");
+ EXPECT_EQ("(false, 'a' (97, 0x61), 3, 4, 5, 1.5, -2.5, " + PrintPointer(str) +
+ " pointing to \"8\", NULL, \"10\")",
+ Print(t10));
+}
+
+// Nested tuples.
+TEST(PrintTr1TupleTest, NestedTuple) {
+ ::std::tr1::tuple< ::std::tr1::tuple<int, bool>, char> nested(
+ ::std::tr1::make_tuple(5, true), 'a');
+ EXPECT_EQ("((5, true), 'a' (97, 0x61))", Print(nested));
+}
+
+#endif // GTEST_HAS_TR1_TUPLE
+
+#if GTEST_HAS_STD_TUPLE_
+// Tests printing ::std::tuples.
+
+// Tuples of various arities.
+TEST(PrintStdTupleTest, VariousSizes) {
+ ::std::tuple<> t0;
+ EXPECT_EQ("()", Print(t0));
+
+ ::std::tuple<int> t1(5);
+ EXPECT_EQ("(5)", Print(t1));
+
+ ::std::tuple<char, bool> t2('a', true);
+ EXPECT_EQ("('a' (97, 0x61), true)", Print(t2));
+
+ ::std::tuple<bool, int, int> t3(false, 2, 3);
+ EXPECT_EQ("(false, 2, 3)", Print(t3));
+
+ ::std::tuple<bool, int, int, int> t4(false, 2, 3, 4);
+ EXPECT_EQ("(false, 2, 3, 4)", Print(t4));
+
+ ::std::tuple<bool, int, int, int, bool> t5(false, 2, 3, 4, true);
+ EXPECT_EQ("(false, 2, 3, 4, true)", Print(t5));
+
+ ::std::tuple<bool, int, int, int, bool, int> t6(false, 2, 3, 4, true, 6);
+ EXPECT_EQ("(false, 2, 3, 4, true, 6)", Print(t6));
+
+ ::std::tuple<bool, int, int, int, bool, int, int> t7(
+ false, 2, 3, 4, true, 6, 7);
+ EXPECT_EQ("(false, 2, 3, 4, true, 6, 7)", Print(t7));
+
+ ::std::tuple<bool, int, int, int, bool, int, int, bool> t8(
+ false, 2, 3, 4, true, 6, 7, true);
+ EXPECT_EQ("(false, 2, 3, 4, true, 6, 7, true)", Print(t8));
+
+ ::std::tuple<bool, int, int, int, bool, int, int, bool, int> t9(
+ false, 2, 3, 4, true, 6, 7, true, 9);
+ EXPECT_EQ("(false, 2, 3, 4, true, 6, 7, true, 9)", Print(t9));
+
+ const char* const str = "8";
+ // VC++ 2010's implementation of tuple of C++0x is deficient, requiring
+ // an explicit type cast of NULL to be used.
+ ::std::tuple<bool, char, short, testing::internal::Int32, // NOLINT
+ testing::internal::Int64, float, double, const char*, void*,
+ std::string>
+ t10(false, 'a', static_cast<short>(3), 4, 5, 1.5F, -2.5, str, // NOLINT
+ ImplicitCast_<void*>(NULL), "10");
+ EXPECT_EQ("(false, 'a' (97, 0x61), 3, 4, 5, 1.5, -2.5, " + PrintPointer(str) +
+ " pointing to \"8\", NULL, \"10\")",
+ Print(t10));
+}
+
+// Nested tuples.
+TEST(PrintStdTupleTest, NestedTuple) {
+ ::std::tuple< ::std::tuple<int, bool>, char> nested(
+ ::std::make_tuple(5, true), 'a');
+ EXPECT_EQ("((5, true), 'a' (97, 0x61))", Print(nested));
+}
+
+#endif // GTEST_LANG_CXX11
+
+#if GTEST_LANG_CXX11
+TEST(PrintNullptrT, Basic) {
+ EXPECT_EQ("(nullptr)", Print(nullptr));
+}
+#endif // GTEST_LANG_CXX11
+
+// Tests printing user-defined unprintable types.
+
+// Unprintable types in the global namespace.
+TEST(PrintUnprintableTypeTest, InGlobalNamespace) {
+ EXPECT_EQ("1-byte object <00>",
+ Print(UnprintableTemplateInGlobal<char>()));
+}
+
+// Unprintable types in a user namespace.
+TEST(PrintUnprintableTypeTest, InUserNamespace) {
+ EXPECT_EQ("16-byte object <EF-12 00-00 34-AB 00-00 00-00 00-00 00-00 00-00>",
+ Print(::foo::UnprintableInFoo()));
+}
+
+// Unprintable types are that too big to be printed completely.
+
+struct Big {
+ Big() { memset(array, 0, sizeof(array)); }
+ char array[257];
+};
+
+TEST(PrintUnpritableTypeTest, BigObject) {
+ EXPECT_EQ("257-byte object <00-00 00-00 00-00 00-00 00-00 00-00 "
+ "00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 "
+ "00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 "
+ "00-00 00-00 00-00 00-00 00-00 00-00 ... 00-00 00-00 00-00 "
+ "00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 "
+ "00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 "
+ "00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00>",
+ Print(Big()));
+}
+
+// Tests printing user-defined streamable types.
+
+// Streamable types in the global namespace.
+TEST(PrintStreamableTypeTest, InGlobalNamespace) {
+ StreamableInGlobal x;
+ EXPECT_EQ("StreamableInGlobal", Print(x));
+ EXPECT_EQ("StreamableInGlobal*", Print(&x));
+}
+
+// Printable template types in a user namespace.
+TEST(PrintStreamableTypeTest, TemplateTypeInUserNamespace) {
+ EXPECT_EQ("StreamableTemplateInFoo: 0",
+ Print(::foo::StreamableTemplateInFoo<int>()));
+}
+
+// Tests printing a user-defined recursive container type that has a <<
+// operator.
+TEST(PrintStreamableTypeTest, PathLikeInUserNamespace) {
+ ::foo::PathLike x;
+ EXPECT_EQ("Streamable-PathLike", Print(x));
+ const ::foo::PathLike cx;
+ EXPECT_EQ("Streamable-PathLike", Print(cx));
+}
+
+// Tests printing user-defined types that have a PrintTo() function.
+TEST(PrintPrintableTypeTest, InUserNamespace) {
+ EXPECT_EQ("PrintableViaPrintTo: 0",
+ Print(::foo::PrintableViaPrintTo()));
+}
+
+// Tests printing a pointer to a user-defined type that has a <<
+// operator for its pointer.
+TEST(PrintPrintableTypeTest, PointerInUserNamespace) {
+ ::foo::PointerPrintable x;
+ EXPECT_EQ("PointerPrintable*", Print(&x));
+}
+
+// Tests printing user-defined class template that have a PrintTo() function.
+TEST(PrintPrintableTypeTest, TemplateInUserNamespace) {
+ EXPECT_EQ("PrintableViaPrintToTemplate: 5",
+ Print(::foo::PrintableViaPrintToTemplate<int>(5)));
+}
+
+// Tests that the universal printer prints both the address and the
+// value of a reference.
+TEST(PrintReferenceTest, PrintsAddressAndValue) {
+ int n = 5;
+ EXPECT_EQ("@" + PrintPointer(&n) + " 5", PrintByRef(n));
+
+ int a[2][3] = {
+ { 0, 1, 2 },
+ { 3, 4, 5 }
+ };
+ EXPECT_EQ("@" + PrintPointer(a) + " { { 0, 1, 2 }, { 3, 4, 5 } }",
+ PrintByRef(a));
+
+ const ::foo::UnprintableInFoo x;
+ EXPECT_EQ("@" + PrintPointer(&x) + " 16-byte object "
+ "<EF-12 00-00 34-AB 00-00 00-00 00-00 00-00 00-00>",
+ PrintByRef(x));
+}
+
+// Tests that the universal printer prints a function pointer passed by
+// reference.
+TEST(PrintReferenceTest, HandlesFunctionPointer) {
+ void (*fp)(int n) = &MyFunction;
+ const std::string fp_pointer_string =
+ PrintPointer(reinterpret_cast<const void*>(&fp));
+ // We cannot directly cast &MyFunction to const void* because the
+ // standard disallows casting between pointers to functions and
+ // pointers to objects, and some compilers (e.g. GCC 3.4) enforce
+ // this limitation.
+ const std::string fp_string = PrintPointer(reinterpret_cast<const void*>(
+ reinterpret_cast<internal::BiggestInt>(fp)));
+ EXPECT_EQ("@" + fp_pointer_string + " " + fp_string,
+ PrintByRef(fp));
+}
+
+// Tests that the universal printer prints a member function pointer
+// passed by reference.
+TEST(PrintReferenceTest, HandlesMemberFunctionPointer) {
+ int (Foo::*p)(char ch) = &Foo::MyMethod;
+ EXPECT_TRUE(HasPrefix(
+ PrintByRef(p),
+ "@" + PrintPointer(reinterpret_cast<const void*>(&p)) + " " +
+ Print(sizeof(p)) + "-byte object "));
+
+ char (Foo::*p2)(int n) = &Foo::MyVirtualMethod;
+ EXPECT_TRUE(HasPrefix(
+ PrintByRef(p2),
+ "@" + PrintPointer(reinterpret_cast<const void*>(&p2)) + " " +
+ Print(sizeof(p2)) + "-byte object "));
+}
+
+// Tests that the universal printer prints a member variable pointer
+// passed by reference.
+TEST(PrintReferenceTest, HandlesMemberVariablePointer) {
+ int Foo::*p = &Foo::value; // NOLINT
+ EXPECT_TRUE(HasPrefix(
+ PrintByRef(p),
+ "@" + PrintPointer(&p) + " " + Print(sizeof(p)) + "-byte object "));
+}
+
+// Tests that FormatForComparisonFailureMessage(), which is used to print
+// an operand in a comparison assertion (e.g. ASSERT_EQ) when the assertion
+// fails, formats the operand in the desired way.
+
+// scalar
+TEST(FormatForComparisonFailureMessageTest, WorksForScalar) {
+ EXPECT_STREQ("123",
+ FormatForComparisonFailureMessage(123, 124).c_str());
+}
+
+// non-char pointer
+TEST(FormatForComparisonFailureMessageTest, WorksForNonCharPointer) {
+ int n = 0;
+ EXPECT_EQ(PrintPointer(&n),
+ FormatForComparisonFailureMessage(&n, &n).c_str());
+}
+
+// non-char array
+TEST(FormatForComparisonFailureMessageTest, FormatsNonCharArrayAsPointer) {
+ // In expression 'array == x', 'array' is compared by pointer.
+ // Therefore we want to print an array operand as a pointer.
+ int n[] = { 1, 2, 3 };
+ EXPECT_EQ(PrintPointer(n),
+ FormatForComparisonFailureMessage(n, n).c_str());
+}
+
+// Tests formatting a char pointer when it's compared with another pointer.
+// In this case we want to print it as a raw pointer, as the comparison is by
+// pointer.
+
+// char pointer vs pointer
+TEST(FormatForComparisonFailureMessageTest, WorksForCharPointerVsPointer) {
+ // In expression 'p == x', where 'p' and 'x' are (const or not) char
+ // pointers, the operands are compared by pointer. Therefore we
+ // want to print 'p' as a pointer instead of a C string (we don't
+ // even know if it's supposed to point to a valid C string).
+
+ // const char*
+ const char* s = "hello";
+ EXPECT_EQ(PrintPointer(s),
+ FormatForComparisonFailureMessage(s, s).c_str());
+
+ // char*
+ char ch = 'a';
+ EXPECT_EQ(PrintPointer(&ch),
+ FormatForComparisonFailureMessage(&ch, &ch).c_str());
+}
+
+// wchar_t pointer vs pointer
+TEST(FormatForComparisonFailureMessageTest, WorksForWCharPointerVsPointer) {
+ // In expression 'p == x', where 'p' and 'x' are (const or not) char
+ // pointers, the operands are compared by pointer. Therefore we
+ // want to print 'p' as a pointer instead of a wide C string (we don't
+ // even know if it's supposed to point to a valid wide C string).
+
+ // const wchar_t*
+ const wchar_t* s = L"hello";
+ EXPECT_EQ(PrintPointer(s),
+ FormatForComparisonFailureMessage(s, s).c_str());
+
+ // wchar_t*
+ wchar_t ch = L'a';
+ EXPECT_EQ(PrintPointer(&ch),
+ FormatForComparisonFailureMessage(&ch, &ch).c_str());
+}
+
+// Tests formatting a char pointer when it's compared to a string object.
+// In this case we want to print the char pointer as a C string.
+
+#if GTEST_HAS_GLOBAL_STRING
+// char pointer vs ::string
+TEST(FormatForComparisonFailureMessageTest, WorksForCharPointerVsString) {
+ const char* s = "hello \"world";
+ EXPECT_STREQ("\"hello \\\"world\"", // The string content should be escaped.
+ FormatForComparisonFailureMessage(s, ::string()).c_str());
+
+ // char*
+ char str[] = "hi\1";
+ char* p = str;
+ EXPECT_STREQ("\"hi\\x1\"", // The string content should be escaped.
+ FormatForComparisonFailureMessage(p, ::string()).c_str());
+}
+#endif
+
+// char pointer vs std::string
+TEST(FormatForComparisonFailureMessageTest, WorksForCharPointerVsStdString) {
+ const char* s = "hello \"world";
+ EXPECT_STREQ("\"hello \\\"world\"", // The string content should be escaped.
+ FormatForComparisonFailureMessage(s, ::std::string()).c_str());
+
+ // char*
+ char str[] = "hi\1";
+ char* p = str;
+ EXPECT_STREQ("\"hi\\x1\"", // The string content should be escaped.
+ FormatForComparisonFailureMessage(p, ::std::string()).c_str());
+}
+
+#if GTEST_HAS_GLOBAL_WSTRING
+// wchar_t pointer vs ::wstring
+TEST(FormatForComparisonFailureMessageTest, WorksForWCharPointerVsWString) {
+ const wchar_t* s = L"hi \"world";
+ EXPECT_STREQ("L\"hi \\\"world\"", // The string content should be escaped.
+ FormatForComparisonFailureMessage(s, ::wstring()).c_str());
+
+ // wchar_t*
+ wchar_t str[] = L"hi\1";
+ wchar_t* p = str;
+ EXPECT_STREQ("L\"hi\\x1\"", // The string content should be escaped.
+ FormatForComparisonFailureMessage(p, ::wstring()).c_str());
+}
+#endif
+
+#if GTEST_HAS_STD_WSTRING
+// wchar_t pointer vs std::wstring
+TEST(FormatForComparisonFailureMessageTest, WorksForWCharPointerVsStdWString) {
+ const wchar_t* s = L"hi \"world";
+ EXPECT_STREQ("L\"hi \\\"world\"", // The string content should be escaped.
+ FormatForComparisonFailureMessage(s, ::std::wstring()).c_str());
+
+ // wchar_t*
+ wchar_t str[] = L"hi\1";
+ wchar_t* p = str;
+ EXPECT_STREQ("L\"hi\\x1\"", // The string content should be escaped.
+ FormatForComparisonFailureMessage(p, ::std::wstring()).c_str());
+}
+#endif
+
+// Tests formatting a char array when it's compared with a pointer or array.
+// In this case we want to print the array as a row pointer, as the comparison
+// is by pointer.
+
+// char array vs pointer
+TEST(FormatForComparisonFailureMessageTest, WorksForCharArrayVsPointer) {
+ char str[] = "hi \"world\"";
+ char* p = NULL;
+ EXPECT_EQ(PrintPointer(str),
+ FormatForComparisonFailureMessage(str, p).c_str());
+}
+
+// char array vs char array
+TEST(FormatForComparisonFailureMessageTest, WorksForCharArrayVsCharArray) {
+ const char str[] = "hi \"world\"";
+ EXPECT_EQ(PrintPointer(str),
+ FormatForComparisonFailureMessage(str, str).c_str());
+}
+
+// wchar_t array vs pointer
+TEST(FormatForComparisonFailureMessageTest, WorksForWCharArrayVsPointer) {
+ wchar_t str[] = L"hi \"world\"";
+ wchar_t* p = NULL;
+ EXPECT_EQ(PrintPointer(str),
+ FormatForComparisonFailureMessage(str, p).c_str());
+}
+
+// wchar_t array vs wchar_t array
+TEST(FormatForComparisonFailureMessageTest, WorksForWCharArrayVsWCharArray) {
+ const wchar_t str[] = L"hi \"world\"";
+ EXPECT_EQ(PrintPointer(str),
+ FormatForComparisonFailureMessage(str, str).c_str());
+}
+
+// Tests formatting a char array when it's compared with a string object.
+// In this case we want to print the array as a C string.
+
+#if GTEST_HAS_GLOBAL_STRING
+// char array vs string
+TEST(FormatForComparisonFailureMessageTest, WorksForCharArrayVsString) {
+ const char str[] = "hi \"w\0rld\"";
+ EXPECT_STREQ("\"hi \\\"w\"", // The content should be escaped.
+ // Embedded NUL terminates the string.
+ FormatForComparisonFailureMessage(str, ::string()).c_str());
+}
+#endif
+
+// char array vs std::string
+TEST(FormatForComparisonFailureMessageTest, WorksForCharArrayVsStdString) {
+ const char str[] = "hi \"world\"";
+ EXPECT_STREQ("\"hi \\\"world\\\"\"", // The content should be escaped.
+ FormatForComparisonFailureMessage(str, ::std::string()).c_str());
+}
+
+#if GTEST_HAS_GLOBAL_WSTRING
+// wchar_t array vs wstring
+TEST(FormatForComparisonFailureMessageTest, WorksForWCharArrayVsWString) {
+ const wchar_t str[] = L"hi \"world\"";
+ EXPECT_STREQ("L\"hi \\\"world\\\"\"", // The content should be escaped.
+ FormatForComparisonFailureMessage(str, ::wstring()).c_str());
+}
+#endif
+
+#if GTEST_HAS_STD_WSTRING
+// wchar_t array vs std::wstring
+TEST(FormatForComparisonFailureMessageTest, WorksForWCharArrayVsStdWString) {
+ const wchar_t str[] = L"hi \"w\0rld\"";
+ EXPECT_STREQ(
+ "L\"hi \\\"w\"", // The content should be escaped.
+ // Embedded NUL terminates the string.
+ FormatForComparisonFailureMessage(str, ::std::wstring()).c_str());
+}
+#endif
+
+// Useful for testing PrintToString(). We cannot use EXPECT_EQ()
+// there as its implementation uses PrintToString(). The caller must
+// ensure that 'value' has no side effect.
+#define EXPECT_PRINT_TO_STRING_(value, expected_string) \
+ EXPECT_TRUE(PrintToString(value) == (expected_string)) \
+ << " where " #value " prints as " << (PrintToString(value))
+
+TEST(PrintToStringTest, WorksForScalar) {
+ EXPECT_PRINT_TO_STRING_(123, "123");
+}
+
+TEST(PrintToStringTest, WorksForPointerToConstChar) {
+ const char* p = "hello";
+ EXPECT_PRINT_TO_STRING_(p, "\"hello\"");
+}
+
+TEST(PrintToStringTest, WorksForPointerToNonConstChar) {
+ char s[] = "hello";
+ char* p = s;
+ EXPECT_PRINT_TO_STRING_(p, "\"hello\"");
+}
+
+TEST(PrintToStringTest, EscapesForPointerToConstChar) {
+ const char* p = "hello\n";
+ EXPECT_PRINT_TO_STRING_(p, "\"hello\\n\"");
+}
+
+TEST(PrintToStringTest, EscapesForPointerToNonConstChar) {
+ char s[] = "hello\1";
+ char* p = s;
+ EXPECT_PRINT_TO_STRING_(p, "\"hello\\x1\"");
+}
+
+TEST(PrintToStringTest, WorksForArray) {
+ int n[3] = { 1, 2, 3 };
+ EXPECT_PRINT_TO_STRING_(n, "{ 1, 2, 3 }");
+}
+
+TEST(PrintToStringTest, WorksForCharArray) {
+ char s[] = "hello";
+ EXPECT_PRINT_TO_STRING_(s, "\"hello\"");
+}
+
+TEST(PrintToStringTest, WorksForCharArrayWithEmbeddedNul) {
+ const char str_with_nul[] = "hello\0 world";
+ EXPECT_PRINT_TO_STRING_(str_with_nul, "\"hello\\0 world\"");
+
+ char mutable_str_with_nul[] = "hello\0 world";
+ EXPECT_PRINT_TO_STRING_(mutable_str_with_nul, "\"hello\\0 world\"");
+}
+
+ TEST(PrintToStringTest, ContainsNonLatin) {
+ // Sanity test with valid UTF-8. Prints both in hex and as text.
+ std::string non_ascii_str = ::std::string("오전 4:30");
+ EXPECT_PRINT_TO_STRING_(non_ascii_str,
+ "\"\\xEC\\x98\\xA4\\xEC\\xA0\\x84 4:30\"\n"
+ " As Text: \"오전 4:30\"");
+ non_ascii_str = ::std::string("From ä — ẑ");
+ EXPECT_PRINT_TO_STRING_(non_ascii_str,
+ "\"From \\xC3\\xA4 \\xE2\\x80\\x94 \\xE1\\xBA\\x91\""
+ "\n As Text: \"From ä — ẑ\"");
+}
+
+TEST(IsValidUTF8Test, IllFormedUTF8) {
+ // The following test strings are ill-formed UTF-8 and are printed
+ // as hex only (or ASCII, in case of ASCII bytes) because IsValidUTF8() is
+ // expected to fail, thus output does not contain "As Text:".
+
+ static const char *const kTestdata[][2] = {
+ // 2-byte lead byte followed by a single-byte character.
+ {"\xC3\x74", "\"\\xC3t\""},
+ // Valid 2-byte character followed by an orphan trail byte.
+ {"\xC3\x84\xA4", "\"\\xC3\\x84\\xA4\""},
+ // Lead byte without trail byte.
+ {"abc\xC3", "\"abc\\xC3\""},
+ // 3-byte lead byte, single-byte character, orphan trail byte.
+ {"x\xE2\x70\x94", "\"x\\xE2p\\x94\""},
+ // Truncated 3-byte character.
+ {"\xE2\x80", "\"\\xE2\\x80\""},
+ // Truncated 3-byte character followed by valid 2-byte char.
+ {"\xE2\x80\xC3\x84", "\"\\xE2\\x80\\xC3\\x84\""},
+ // Truncated 3-byte character followed by a single-byte character.
+ {"\xE2\x80\x7A", "\"\\xE2\\x80z\""},
+ // 3-byte lead byte followed by valid 3-byte character.
+ {"\xE2\xE2\x80\x94", "\"\\xE2\\xE2\\x80\\x94\""},
+ // 4-byte lead byte followed by valid 3-byte character.
+ {"\xF0\xE2\x80\x94", "\"\\xF0\\xE2\\x80\\x94\""},
+ // Truncated 4-byte character.
+ {"\xF0\xE2\x80", "\"\\xF0\\xE2\\x80\""},
+ // Invalid UTF-8 byte sequences embedded in other chars.
+ {"abc\xE2\x80\x94\xC3\x74xyc", "\"abc\\xE2\\x80\\x94\\xC3txyc\""},
+ {"abc\xC3\x84\xE2\x80\xC3\x84xyz",
+ "\"abc\\xC3\\x84\\xE2\\x80\\xC3\\x84xyz\""},
+ // Non-shortest UTF-8 byte sequences are also ill-formed.
+ // The classics: xC0, xC1 lead byte.
+ {"\xC0\x80", "\"\\xC0\\x80\""},
+ {"\xC1\x81", "\"\\xC1\\x81\""},
+ // Non-shortest sequences.
+ {"\xE0\x80\x80", "\"\\xE0\\x80\\x80\""},
+ {"\xf0\x80\x80\x80", "\"\\xF0\\x80\\x80\\x80\""},
+ // Last valid code point before surrogate range, should be printed as text,
+ // too.
+ {"\xED\x9F\xBF", "\"\\xED\\x9F\\xBF\"\n As Text: \"\""},
+ // Start of surrogate lead. Surrogates are not printed as text.
+ {"\xED\xA0\x80", "\"\\xED\\xA0\\x80\""},
+ // Last non-private surrogate lead.
+ {"\xED\xAD\xBF", "\"\\xED\\xAD\\xBF\""},
+ // First private-use surrogate lead.
+ {"\xED\xAE\x80", "\"\\xED\\xAE\\x80\""},
+ // Last private-use surrogate lead.
+ {"\xED\xAF\xBF", "\"\\xED\\xAF\\xBF\""},
+ // Mid-point of surrogate trail.
+ {"\xED\xB3\xBF", "\"\\xED\\xB3\\xBF\""},
+ // First valid code point after surrogate range, should be printed as text,
+ // too.
+ {"\xEE\x80\x80", "\"\\xEE\\x80\\x80\"\n As Text: \"\""}
+ };
+
+ for (int i = 0; i < int(sizeof(kTestdata)/sizeof(kTestdata[0])); ++i) {
+ EXPECT_PRINT_TO_STRING_(kTestdata[i][0], kTestdata[i][1]);
+ }
+}
+
+#undef EXPECT_PRINT_TO_STRING_
+
+TEST(UniversalTersePrintTest, WorksForNonReference) {
+ ::std::stringstream ss;
+ UniversalTersePrint(123, &ss);
+ EXPECT_EQ("123", ss.str());
+}
+
+TEST(UniversalTersePrintTest, WorksForReference) {
+ const int& n = 123;
+ ::std::stringstream ss;
+ UniversalTersePrint(n, &ss);
+ EXPECT_EQ("123", ss.str());
+}
+
+TEST(UniversalTersePrintTest, WorksForCString) {
+ const char* s1 = "abc";
+ ::std::stringstream ss1;
+ UniversalTersePrint(s1, &ss1);
+ EXPECT_EQ("\"abc\"", ss1.str());
+
+ char* s2 = const_cast<char*>(s1);
+ ::std::stringstream ss2;
+ UniversalTersePrint(s2, &ss2);
+ EXPECT_EQ("\"abc\"", ss2.str());
+
+ const char* s3 = NULL;
+ ::std::stringstream ss3;
+ UniversalTersePrint(s3, &ss3);
+ EXPECT_EQ("NULL", ss3.str());
+}
+
+TEST(UniversalPrintTest, WorksForNonReference) {
+ ::std::stringstream ss;
+ UniversalPrint(123, &ss);
+ EXPECT_EQ("123", ss.str());
+}
+
+TEST(UniversalPrintTest, WorksForReference) {
+ const int& n = 123;
+ ::std::stringstream ss;
+ UniversalPrint(n, &ss);
+ EXPECT_EQ("123", ss.str());
+}
+
+TEST(UniversalPrintTest, WorksForCString) {
+ const char* s1 = "abc";
+ ::std::stringstream ss1;
+ UniversalPrint(s1, &ss1);
+ EXPECT_EQ(PrintPointer(s1) + " pointing to \"abc\"", std::string(ss1.str()));
+
+ char* s2 = const_cast<char*>(s1);
+ ::std::stringstream ss2;
+ UniversalPrint(s2, &ss2);
+ EXPECT_EQ(PrintPointer(s2) + " pointing to \"abc\"", std::string(ss2.str()));
+
+ const char* s3 = NULL;
+ ::std::stringstream ss3;
+ UniversalPrint(s3, &ss3);
+ EXPECT_EQ("NULL", ss3.str());
+}
+
+TEST(UniversalPrintTest, WorksForCharArray) {
+ const char str[] = "\"Line\0 1\"\nLine 2";
+ ::std::stringstream ss1;
+ UniversalPrint(str, &ss1);
+ EXPECT_EQ("\"\\\"Line\\0 1\\\"\\nLine 2\"", ss1.str());
+
+ const char mutable_str[] = "\"Line\0 1\"\nLine 2";
+ ::std::stringstream ss2;
+ UniversalPrint(mutable_str, &ss2);
+ EXPECT_EQ("\"\\\"Line\\0 1\\\"\\nLine 2\"", ss2.str());
+}
+
+#if GTEST_HAS_TR1_TUPLE
+
+TEST(UniversalTersePrintTupleFieldsToStringsTestWithTr1, PrintsEmptyTuple) {
+ Strings result = UniversalTersePrintTupleFieldsToStrings(
+ ::std::tr1::make_tuple());
+ EXPECT_EQ(0u, result.size());
+}
+
+TEST(UniversalTersePrintTupleFieldsToStringsTestWithTr1, PrintsOneTuple) {
+ Strings result = UniversalTersePrintTupleFieldsToStrings(
+ ::std::tr1::make_tuple(1));
+ ASSERT_EQ(1u, result.size());
+ EXPECT_EQ("1", result[0]);
+}
+
+TEST(UniversalTersePrintTupleFieldsToStringsTestWithTr1, PrintsTwoTuple) {
+ Strings result = UniversalTersePrintTupleFieldsToStrings(
+ ::std::tr1::make_tuple(1, 'a'));
+ ASSERT_EQ(2u, result.size());
+ EXPECT_EQ("1", result[0]);
+ EXPECT_EQ("'a' (97, 0x61)", result[1]);
+}
+
+TEST(UniversalTersePrintTupleFieldsToStringsTestWithTr1, PrintsTersely) {
+ const int n = 1;
+ Strings result = UniversalTersePrintTupleFieldsToStrings(
+ ::std::tr1::tuple<const int&, const char*>(n, "a"));
+ ASSERT_EQ(2u, result.size());
+ EXPECT_EQ("1", result[0]);
+ EXPECT_EQ("\"a\"", result[1]);
+}
+
+#endif // GTEST_HAS_TR1_TUPLE
+
+#if GTEST_HAS_STD_TUPLE_
+
+TEST(UniversalTersePrintTupleFieldsToStringsTestWithStd, PrintsEmptyTuple) {
+ Strings result = UniversalTersePrintTupleFieldsToStrings(::std::make_tuple());
+ EXPECT_EQ(0u, result.size());
+}
+
+TEST(UniversalTersePrintTupleFieldsToStringsTestWithStd, PrintsOneTuple) {
+ Strings result = UniversalTersePrintTupleFieldsToStrings(
+ ::std::make_tuple(1));
+ ASSERT_EQ(1u, result.size());
+ EXPECT_EQ("1", result[0]);
+}
+
+TEST(UniversalTersePrintTupleFieldsToStringsTestWithStd, PrintsTwoTuple) {
+ Strings result = UniversalTersePrintTupleFieldsToStrings(
+ ::std::make_tuple(1, 'a'));
+ ASSERT_EQ(2u, result.size());
+ EXPECT_EQ("1", result[0]);
+ EXPECT_EQ("'a' (97, 0x61)", result[1]);
+}
+
+TEST(UniversalTersePrintTupleFieldsToStringsTestWithStd, PrintsTersely) {
+ const int n = 1;
+ Strings result = UniversalTersePrintTupleFieldsToStrings(
+ ::std::tuple<const int&, const char*>(n, "a"));
+ ASSERT_EQ(2u, result.size());
+ EXPECT_EQ("1", result[0]);
+ EXPECT_EQ("\"a\"", result[1]);
+}
+
+#endif // GTEST_HAS_STD_TUPLE_
+
+#if GTEST_HAS_ABSL
+
+TEST(PrintOptionalTest, Basic) {
+ absl::optional<int> value;
+ EXPECT_EQ("(nullopt)", PrintToString(value));
+ value = {7};
+ EXPECT_EQ("(7)", PrintToString(value));
+ EXPECT_EQ("(1.1)", PrintToString(absl::optional<double>{1.1}));
+ EXPECT_EQ("(\"A\")", PrintToString(absl::optional<std::string>{"A"}));
+}
+
+struct NonPrintable {
+ unsigned char contents = 17;
+};
+
+TEST(PrintOneofTest, Basic) {
+ using Type = absl::variant<int, StreamableInGlobal, NonPrintable>;
+ EXPECT_EQ("('int' with value 7)", PrintToString(Type(7)));
+ EXPECT_EQ("('StreamableInGlobal' with value StreamableInGlobal)",
+ PrintToString(Type(StreamableInGlobal{})));
+ EXPECT_EQ(
+ "('testing::gtest_printers_test::NonPrintable' with value 1-byte object "
+ "<11>)",
+ PrintToString(Type(NonPrintable{})));
+}
+#endif // GTEST_HAS_ABSL
+
+} // namespace gtest_printers_test
+} // namespace testing
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-shuffle-test.py b/security/nss/gtests/google_test/gtest/test/googletest-shuffle-test.py
new file mode 100644
index 000000000..573cc5eca
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-shuffle-test.py
@@ -0,0 +1,323 @@
+#!/usr/bin/env python
+#
+# Copyright 2009 Google Inc. All Rights Reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Verifies that test shuffling works."""
+
+import os
+import gtest_test_utils
+
+# Command to run the googletest-shuffle-test_ program.
+COMMAND = gtest_test_utils.GetTestExecutablePath('googletest-shuffle-test_')
+
+# The environment variables for test sharding.
+TOTAL_SHARDS_ENV_VAR = 'GTEST_TOTAL_SHARDS'
+SHARD_INDEX_ENV_VAR = 'GTEST_SHARD_INDEX'
+
+TEST_FILTER = 'A*.A:A*.B:C*'
+
+ALL_TESTS = []
+ACTIVE_TESTS = []
+FILTERED_TESTS = []
+SHARDED_TESTS = []
+
+SHUFFLED_ALL_TESTS = []
+SHUFFLED_ACTIVE_TESTS = []
+SHUFFLED_FILTERED_TESTS = []
+SHUFFLED_SHARDED_TESTS = []
+
+
+def AlsoRunDisabledTestsFlag():
+ return '--gtest_also_run_disabled_tests'
+
+
+def FilterFlag(test_filter):
+ return '--gtest_filter=%s' % (test_filter,)
+
+
+def RepeatFlag(n):
+ return '--gtest_repeat=%s' % (n,)
+
+
+def ShuffleFlag():
+ return '--gtest_shuffle'
+
+
+def RandomSeedFlag(n):
+ return '--gtest_random_seed=%s' % (n,)
+
+
+def RunAndReturnOutput(extra_env, args):
+ """Runs the test program and returns its output."""
+
+ environ_copy = os.environ.copy()
+ environ_copy.update(extra_env)
+
+ return gtest_test_utils.Subprocess([COMMAND] + args, env=environ_copy).output
+
+
+def GetTestsForAllIterations(extra_env, args):
+ """Runs the test program and returns a list of test lists.
+
+ Args:
+ extra_env: a map from environment variables to their values
+ args: command line flags to pass to googletest-shuffle-test_
+
+ Returns:
+ A list where the i-th element is the list of tests run in the i-th
+ test iteration.
+ """
+
+ test_iterations = []
+ for line in RunAndReturnOutput(extra_env, args).split('\n'):
+ if line.startswith('----'):
+ tests = []
+ test_iterations.append(tests)
+ elif line.strip():
+ tests.append(line.strip()) # 'TestCaseName.TestName'
+
+ return test_iterations
+
+
+def GetTestCases(tests):
+ """Returns a list of test cases in the given full test names.
+
+ Args:
+ tests: a list of full test names
+
+ Returns:
+ A list of test cases from 'tests', in their original order.
+ Consecutive duplicates are removed.
+ """
+
+ test_cases = []
+ for test in tests:
+ test_case = test.split('.')[0]
+ if not test_case in test_cases:
+ test_cases.append(test_case)
+
+ return test_cases
+
+
+def CalculateTestLists():
+ """Calculates the list of tests run under different flags."""
+
+ if not ALL_TESTS:
+ ALL_TESTS.extend(
+ GetTestsForAllIterations({}, [AlsoRunDisabledTestsFlag()])[0])
+
+ if not ACTIVE_TESTS:
+ ACTIVE_TESTS.extend(GetTestsForAllIterations({}, [])[0])
+
+ if not FILTERED_TESTS:
+ FILTERED_TESTS.extend(
+ GetTestsForAllIterations({}, [FilterFlag(TEST_FILTER)])[0])
+
+ if not SHARDED_TESTS:
+ SHARDED_TESTS.extend(
+ GetTestsForAllIterations({TOTAL_SHARDS_ENV_VAR: '3',
+ SHARD_INDEX_ENV_VAR: '1'},
+ [])[0])
+
+ if not SHUFFLED_ALL_TESTS:
+ SHUFFLED_ALL_TESTS.extend(GetTestsForAllIterations(
+ {}, [AlsoRunDisabledTestsFlag(), ShuffleFlag(), RandomSeedFlag(1)])[0])
+
+ if not SHUFFLED_ACTIVE_TESTS:
+ SHUFFLED_ACTIVE_TESTS.extend(GetTestsForAllIterations(
+ {}, [ShuffleFlag(), RandomSeedFlag(1)])[0])
+
+ if not SHUFFLED_FILTERED_TESTS:
+ SHUFFLED_FILTERED_TESTS.extend(GetTestsForAllIterations(
+ {}, [ShuffleFlag(), RandomSeedFlag(1), FilterFlag(TEST_FILTER)])[0])
+
+ if not SHUFFLED_SHARDED_TESTS:
+ SHUFFLED_SHARDED_TESTS.extend(
+ GetTestsForAllIterations({TOTAL_SHARDS_ENV_VAR: '3',
+ SHARD_INDEX_ENV_VAR: '1'},
+ [ShuffleFlag(), RandomSeedFlag(1)])[0])
+
+
+class GTestShuffleUnitTest(gtest_test_utils.TestCase):
+ """Tests test shuffling."""
+
+ def setUp(self):
+ CalculateTestLists()
+
+ def testShufflePreservesNumberOfTests(self):
+ self.assertEqual(len(ALL_TESTS), len(SHUFFLED_ALL_TESTS))
+ self.assertEqual(len(ACTIVE_TESTS), len(SHUFFLED_ACTIVE_TESTS))
+ self.assertEqual(len(FILTERED_TESTS), len(SHUFFLED_FILTERED_TESTS))
+ self.assertEqual(len(SHARDED_TESTS), len(SHUFFLED_SHARDED_TESTS))
+
+ def testShuffleChangesTestOrder(self):
+ self.assert_(SHUFFLED_ALL_TESTS != ALL_TESTS, SHUFFLED_ALL_TESTS)
+ self.assert_(SHUFFLED_ACTIVE_TESTS != ACTIVE_TESTS, SHUFFLED_ACTIVE_TESTS)
+ self.assert_(SHUFFLED_FILTERED_TESTS != FILTERED_TESTS,
+ SHUFFLED_FILTERED_TESTS)
+ self.assert_(SHUFFLED_SHARDED_TESTS != SHARDED_TESTS,
+ SHUFFLED_SHARDED_TESTS)
+
+ def testShuffleChangesTestCaseOrder(self):
+ self.assert_(GetTestCases(SHUFFLED_ALL_TESTS) != GetTestCases(ALL_TESTS),
+ GetTestCases(SHUFFLED_ALL_TESTS))
+ self.assert_(
+ GetTestCases(SHUFFLED_ACTIVE_TESTS) != GetTestCases(ACTIVE_TESTS),
+ GetTestCases(SHUFFLED_ACTIVE_TESTS))
+ self.assert_(
+ GetTestCases(SHUFFLED_FILTERED_TESTS) != GetTestCases(FILTERED_TESTS),
+ GetTestCases(SHUFFLED_FILTERED_TESTS))
+ self.assert_(
+ GetTestCases(SHUFFLED_SHARDED_TESTS) != GetTestCases(SHARDED_TESTS),
+ GetTestCases(SHUFFLED_SHARDED_TESTS))
+
+ def testShuffleDoesNotRepeatTest(self):
+ for test in SHUFFLED_ALL_TESTS:
+ self.assertEqual(1, SHUFFLED_ALL_TESTS.count(test),
+ '%s appears more than once' % (test,))
+ for test in SHUFFLED_ACTIVE_TESTS:
+ self.assertEqual(1, SHUFFLED_ACTIVE_TESTS.count(test),
+ '%s appears more than once' % (test,))
+ for test in SHUFFLED_FILTERED_TESTS:
+ self.assertEqual(1, SHUFFLED_FILTERED_TESTS.count(test),
+ '%s appears more than once' % (test,))
+ for test in SHUFFLED_SHARDED_TESTS:
+ self.assertEqual(1, SHUFFLED_SHARDED_TESTS.count(test),
+ '%s appears more than once' % (test,))
+
+ def testShuffleDoesNotCreateNewTest(self):
+ for test in SHUFFLED_ALL_TESTS:
+ self.assert_(test in ALL_TESTS, '%s is an invalid test' % (test,))
+ for test in SHUFFLED_ACTIVE_TESTS:
+ self.assert_(test in ACTIVE_TESTS, '%s is an invalid test' % (test,))
+ for test in SHUFFLED_FILTERED_TESTS:
+ self.assert_(test in FILTERED_TESTS, '%s is an invalid test' % (test,))
+ for test in SHUFFLED_SHARDED_TESTS:
+ self.assert_(test in SHARDED_TESTS, '%s is an invalid test' % (test,))
+
+ def testShuffleIncludesAllTests(self):
+ for test in ALL_TESTS:
+ self.assert_(test in SHUFFLED_ALL_TESTS, '%s is missing' % (test,))
+ for test in ACTIVE_TESTS:
+ self.assert_(test in SHUFFLED_ACTIVE_TESTS, '%s is missing' % (test,))
+ for test in FILTERED_TESTS:
+ self.assert_(test in SHUFFLED_FILTERED_TESTS, '%s is missing' % (test,))
+ for test in SHARDED_TESTS:
+ self.assert_(test in SHUFFLED_SHARDED_TESTS, '%s is missing' % (test,))
+
+ def testShuffleLeavesDeathTestsAtFront(self):
+ non_death_test_found = False
+ for test in SHUFFLED_ACTIVE_TESTS:
+ if 'DeathTest.' in test:
+ self.assert_(not non_death_test_found,
+ '%s appears after a non-death test' % (test,))
+ else:
+ non_death_test_found = True
+
+ def _VerifyTestCasesDoNotInterleave(self, tests):
+ test_cases = []
+ for test in tests:
+ [test_case, _] = test.split('.')
+ if test_cases and test_cases[-1] != test_case:
+ test_cases.append(test_case)
+ self.assertEqual(1, test_cases.count(test_case),
+ 'Test case %s is not grouped together in %s' %
+ (test_case, tests))
+
+ def testShuffleDoesNotInterleaveTestCases(self):
+ self._VerifyTestCasesDoNotInterleave(SHUFFLED_ALL_TESTS)
+ self._VerifyTestCasesDoNotInterleave(SHUFFLED_ACTIVE_TESTS)
+ self._VerifyTestCasesDoNotInterleave(SHUFFLED_FILTERED_TESTS)
+ self._VerifyTestCasesDoNotInterleave(SHUFFLED_SHARDED_TESTS)
+
+ def testShuffleRestoresOrderAfterEachIteration(self):
+ # Get the test lists in all 3 iterations, using random seed 1, 2,
+ # and 3 respectively. Google Test picks a different seed in each
+ # iteration, and this test depends on the current implementation
+ # picking successive numbers. This dependency is not ideal, but
+ # makes the test much easier to write.
+ [tests_in_iteration1, tests_in_iteration2, tests_in_iteration3] = (
+ GetTestsForAllIterations(
+ {}, [ShuffleFlag(), RandomSeedFlag(1), RepeatFlag(3)]))
+
+ # Make sure running the tests with random seed 1 gets the same
+ # order as in iteration 1 above.
+ [tests_with_seed1] = GetTestsForAllIterations(
+ {}, [ShuffleFlag(), RandomSeedFlag(1)])
+ self.assertEqual(tests_in_iteration1, tests_with_seed1)
+
+ # Make sure running the tests with random seed 2 gets the same
+ # order as in iteration 2 above. Success means that Google Test
+ # correctly restores the test order before re-shuffling at the
+ # beginning of iteration 2.
+ [tests_with_seed2] = GetTestsForAllIterations(
+ {}, [ShuffleFlag(), RandomSeedFlag(2)])
+ self.assertEqual(tests_in_iteration2, tests_with_seed2)
+
+ # Make sure running the tests with random seed 3 gets the same
+ # order as in iteration 3 above. Success means that Google Test
+ # correctly restores the test order before re-shuffling at the
+ # beginning of iteration 3.
+ [tests_with_seed3] = GetTestsForAllIterations(
+ {}, [ShuffleFlag(), RandomSeedFlag(3)])
+ self.assertEqual(tests_in_iteration3, tests_with_seed3)
+
+ def testShuffleGeneratesNewOrderInEachIteration(self):
+ [tests_in_iteration1, tests_in_iteration2, tests_in_iteration3] = (
+ GetTestsForAllIterations(
+ {}, [ShuffleFlag(), RandomSeedFlag(1), RepeatFlag(3)]))
+
+ self.assert_(tests_in_iteration1 != tests_in_iteration2,
+ tests_in_iteration1)
+ self.assert_(tests_in_iteration1 != tests_in_iteration3,
+ tests_in_iteration1)
+ self.assert_(tests_in_iteration2 != tests_in_iteration3,
+ tests_in_iteration2)
+
+ def testShuffleShardedTestsPreservesPartition(self):
+ # If we run M tests on N shards, the same M tests should be run in
+ # total, regardless of the random seeds used by the shards.
+ [tests1] = GetTestsForAllIterations({TOTAL_SHARDS_ENV_VAR: '3',
+ SHARD_INDEX_ENV_VAR: '0'},
+ [ShuffleFlag(), RandomSeedFlag(1)])
+ [tests2] = GetTestsForAllIterations({TOTAL_SHARDS_ENV_VAR: '3',
+ SHARD_INDEX_ENV_VAR: '1'},
+ [ShuffleFlag(), RandomSeedFlag(20)])
+ [tests3] = GetTestsForAllIterations({TOTAL_SHARDS_ENV_VAR: '3',
+ SHARD_INDEX_ENV_VAR: '2'},
+ [ShuffleFlag(), RandomSeedFlag(25)])
+ sorted_sharded_tests = tests1 + tests2 + tests3
+ sorted_sharded_tests.sort()
+ sorted_active_tests = []
+ sorted_active_tests.extend(ACTIVE_TESTS)
+ sorted_active_tests.sort()
+ self.assertEqual(sorted_active_tests, sorted_sharded_tests)
+
+if __name__ == '__main__':
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-shuffle-test_.cc b/security/nss/gtests/google_test/gtest/test/googletest-shuffle-test_.cc
new file mode 100644
index 000000000..1fe5f6aba
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-shuffle-test_.cc
@@ -0,0 +1,102 @@
+// Copyright 2009, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+// Verifies that test shuffling works.
+
+#include "gtest/gtest.h"
+
+namespace {
+
+using ::testing::EmptyTestEventListener;
+using ::testing::InitGoogleTest;
+using ::testing::Message;
+using ::testing::Test;
+using ::testing::TestEventListeners;
+using ::testing::TestInfo;
+using ::testing::UnitTest;
+using ::testing::internal::scoped_ptr;
+
+// The test methods are empty, as the sole purpose of this program is
+// to print the test names before/after shuffling.
+
+class A : public Test {};
+TEST_F(A, A) {}
+TEST_F(A, B) {}
+
+TEST(ADeathTest, A) {}
+TEST(ADeathTest, B) {}
+TEST(ADeathTest, C) {}
+
+TEST(B, A) {}
+TEST(B, B) {}
+TEST(B, C) {}
+TEST(B, DISABLED_D) {}
+TEST(B, DISABLED_E) {}
+
+TEST(BDeathTest, A) {}
+TEST(BDeathTest, B) {}
+
+TEST(C, A) {}
+TEST(C, B) {}
+TEST(C, C) {}
+TEST(C, DISABLED_D) {}
+
+TEST(CDeathTest, A) {}
+
+TEST(DISABLED_D, A) {}
+TEST(DISABLED_D, DISABLED_B) {}
+
+// This printer prints the full test names only, starting each test
+// iteration with a "----" marker.
+class TestNamePrinter : public EmptyTestEventListener {
+ public:
+ virtual void OnTestIterationStart(const UnitTest& /* unit_test */,
+ int /* iteration */) {
+ printf("----\n");
+ }
+
+ virtual void OnTestStart(const TestInfo& test_info) {
+ printf("%s.%s\n", test_info.test_case_name(), test_info.name());
+ }
+};
+
+} // namespace
+
+int main(int argc, char **argv) {
+ InitGoogleTest(&argc, argv);
+
+ // Replaces the default printer with TestNamePrinter, which prints
+ // the test name only.
+ TestEventListeners& listeners = UnitTest::GetInstance()->listeners();
+ delete listeners.Release(listeners.default_result_printer());
+ listeners.Append(new TestNamePrinter);
+
+ return RUN_ALL_TESTS();
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-test-part-test.cc b/security/nss/gtests/google_test/gtest/test/googletest-test-part-test.cc
new file mode 100644
index 000000000..cd2d6f9e8
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-test-part-test.cc
@@ -0,0 +1,205 @@
+// Copyright 2008 Google Inc.
+// All Rights Reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#include "gtest/gtest-test-part.h"
+
+#include "gtest/gtest.h"
+
+using testing::Message;
+using testing::Test;
+using testing::TestPartResult;
+using testing::TestPartResultArray;
+
+namespace {
+
+// Tests the TestPartResult class.
+
+// The test fixture for testing TestPartResult.
+class TestPartResultTest : public Test {
+ protected:
+ TestPartResultTest()
+ : r1_(TestPartResult::kSuccess, "foo/bar.cc", 10, "Success!"),
+ r2_(TestPartResult::kNonFatalFailure, "foo/bar.cc", -1, "Failure!"),
+ r3_(TestPartResult::kFatalFailure, NULL, -1, "Failure!") {}
+
+ TestPartResult r1_, r2_, r3_;
+};
+
+
+TEST_F(TestPartResultTest, ConstructorWorks) {
+ Message message;
+ message << "something is terribly wrong";
+ message << static_cast<const char*>(testing::internal::kStackTraceMarker);
+ message << "some unimportant stack trace";
+
+ const TestPartResult result(TestPartResult::kNonFatalFailure,
+ "some_file.cc",
+ 42,
+ message.GetString().c_str());
+
+ EXPECT_EQ(TestPartResult::kNonFatalFailure, result.type());
+ EXPECT_STREQ("some_file.cc", result.file_name());
+ EXPECT_EQ(42, result.line_number());
+ EXPECT_STREQ(message.GetString().c_str(), result.message());
+ EXPECT_STREQ("something is terribly wrong", result.summary());
+}
+
+TEST_F(TestPartResultTest, ResultAccessorsWork) {
+ const TestPartResult success(TestPartResult::kSuccess,
+ "file.cc",
+ 42,
+ "message");
+ EXPECT_TRUE(success.passed());
+ EXPECT_FALSE(success.failed());
+ EXPECT_FALSE(success.nonfatally_failed());
+ EXPECT_FALSE(success.fatally_failed());
+
+ const TestPartResult nonfatal_failure(TestPartResult::kNonFatalFailure,
+ "file.cc",
+ 42,
+ "message");
+ EXPECT_FALSE(nonfatal_failure.passed());
+ EXPECT_TRUE(nonfatal_failure.failed());
+ EXPECT_TRUE(nonfatal_failure.nonfatally_failed());
+ EXPECT_FALSE(nonfatal_failure.fatally_failed());
+
+ const TestPartResult fatal_failure(TestPartResult::kFatalFailure,
+ "file.cc",
+ 42,
+ "message");
+ EXPECT_FALSE(fatal_failure.passed());
+ EXPECT_TRUE(fatal_failure.failed());
+ EXPECT_FALSE(fatal_failure.nonfatally_failed());
+ EXPECT_TRUE(fatal_failure.fatally_failed());
+}
+
+// Tests TestPartResult::type().
+TEST_F(TestPartResultTest, type) {
+ EXPECT_EQ(TestPartResult::kSuccess, r1_.type());
+ EXPECT_EQ(TestPartResult::kNonFatalFailure, r2_.type());
+ EXPECT_EQ(TestPartResult::kFatalFailure, r3_.type());
+}
+
+// Tests TestPartResult::file_name().
+TEST_F(TestPartResultTest, file_name) {
+ EXPECT_STREQ("foo/bar.cc", r1_.file_name());
+ EXPECT_STREQ(NULL, r3_.file_name());
+}
+
+// Tests TestPartResult::line_number().
+TEST_F(TestPartResultTest, line_number) {
+ EXPECT_EQ(10, r1_.line_number());
+ EXPECT_EQ(-1, r2_.line_number());
+}
+
+// Tests TestPartResult::message().
+TEST_F(TestPartResultTest, message) {
+ EXPECT_STREQ("Success!", r1_.message());
+}
+
+// Tests TestPartResult::passed().
+TEST_F(TestPartResultTest, Passed) {
+ EXPECT_TRUE(r1_.passed());
+ EXPECT_FALSE(r2_.passed());
+ EXPECT_FALSE(r3_.passed());
+}
+
+// Tests TestPartResult::failed().
+TEST_F(TestPartResultTest, Failed) {
+ EXPECT_FALSE(r1_.failed());
+ EXPECT_TRUE(r2_.failed());
+ EXPECT_TRUE(r3_.failed());
+}
+
+// Tests TestPartResult::fatally_failed().
+TEST_F(TestPartResultTest, FatallyFailed) {
+ EXPECT_FALSE(r1_.fatally_failed());
+ EXPECT_FALSE(r2_.fatally_failed());
+ EXPECT_TRUE(r3_.fatally_failed());
+}
+
+// Tests TestPartResult::nonfatally_failed().
+TEST_F(TestPartResultTest, NonfatallyFailed) {
+ EXPECT_FALSE(r1_.nonfatally_failed());
+ EXPECT_TRUE(r2_.nonfatally_failed());
+ EXPECT_FALSE(r3_.nonfatally_failed());
+}
+
+// Tests the TestPartResultArray class.
+
+class TestPartResultArrayTest : public Test {
+ protected:
+ TestPartResultArrayTest()
+ : r1_(TestPartResult::kNonFatalFailure, "foo/bar.cc", -1, "Failure 1"),
+ r2_(TestPartResult::kFatalFailure, "foo/bar.cc", -1, "Failure 2") {}
+
+ const TestPartResult r1_, r2_;
+};
+
+// Tests that TestPartResultArray initially has size 0.
+TEST_F(TestPartResultArrayTest, InitialSizeIsZero) {
+ TestPartResultArray results;
+ EXPECT_EQ(0, results.size());
+}
+
+// Tests that TestPartResultArray contains the given TestPartResult
+// after one Append() operation.
+TEST_F(TestPartResultArrayTest, ContainsGivenResultAfterAppend) {
+ TestPartResultArray results;
+ results.Append(r1_);
+ EXPECT_EQ(1, results.size());
+ EXPECT_STREQ("Failure 1", results.GetTestPartResult(0).message());
+}
+
+// Tests that TestPartResultArray contains the given TestPartResults
+// after two Append() operations.
+TEST_F(TestPartResultArrayTest, ContainsGivenResultsAfterTwoAppends) {
+ TestPartResultArray results;
+ results.Append(r1_);
+ results.Append(r2_);
+ EXPECT_EQ(2, results.size());
+ EXPECT_STREQ("Failure 1", results.GetTestPartResult(0).message());
+ EXPECT_STREQ("Failure 2", results.GetTestPartResult(1).message());
+}
+
+typedef TestPartResultArrayTest TestPartResultArrayDeathTest;
+
+// Tests that the program dies when GetTestPartResult() is called with
+// an invalid index.
+TEST_F(TestPartResultArrayDeathTest, DiesWhenIndexIsOutOfBound) {
+ TestPartResultArray results;
+ results.Append(r1_);
+
+ EXPECT_DEATH_IF_SUPPORTED(results.GetTestPartResult(-1), "");
+ EXPECT_DEATH_IF_SUPPORTED(results.GetTestPartResult(1), "");
+}
+
+// FIXME: Add a test for the class HasNewFatalFailureHelper.
+
+} // namespace
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-test2_test.cc b/security/nss/gtests/google_test/gtest/test/googletest-test2_test.cc
new file mode 100644
index 000000000..c2f98dc7d
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-test2_test.cc
@@ -0,0 +1,61 @@
+// Copyright 2008, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+//
+// Tests for Google Test itself. This verifies that the basic constructs of
+// Google Test work.
+
+#include "gtest/gtest.h"
+#include "googletest-param-test-test.h"
+
+using ::testing::Values;
+using ::testing::internal::ParamGenerator;
+
+// Tests that generators defined in a different translation unit
+// are functional. The test using extern_gen_2 is defined
+// in googletest-param-test-test.cc.
+ParamGenerator<int> extern_gen_2 = Values(33);
+
+// Tests that a parameterized test case can be defined in one translation unit
+// and instantiated in another. The test is defined in
+// googletest-param-test-test.cc and ExternalInstantiationTest fixture class is
+// defined in gtest-param-test_test.h.
+INSTANTIATE_TEST_CASE_P(MultiplesOf33,
+ ExternalInstantiationTest,
+ Values(33, 66));
+
+// Tests that a parameterized test case can be instantiated
+// in multiple translation units. Another instantiation is defined
+// in googletest-param-test-test.cc and
+// InstantiationInMultipleTranslaionUnitsTest fixture is defined in
+// gtest-param-test_test.h
+INSTANTIATE_TEST_CASE_P(Sequence2,
+ InstantiationInMultipleTranslaionUnitsTest,
+ Values(42*3, 42*4, 42*5));
+
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-throw-on-failure-test.py b/security/nss/gtests/google_test/gtest/test/googletest-throw-on-failure-test.py
new file mode 100644
index 000000000..46cb9f6da
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-throw-on-failure-test.py
@@ -0,0 +1,169 @@
+#!/usr/bin/env python
+#
+# Copyright 2009, Google Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Tests Google Test's throw-on-failure mode with exceptions disabled.
+
+This script invokes googletest-throw-on-failure-test_ (a program written with
+Google Test) with different environments and command line flags.
+"""
+
+import os
+import gtest_test_utils
+
+
+# Constants.
+
+# The command line flag for enabling/disabling the throw-on-failure mode.
+THROW_ON_FAILURE = 'gtest_throw_on_failure'
+
+# Path to the googletest-throw-on-failure-test_ program, compiled with
+# exceptions disabled.
+EXE_PATH = gtest_test_utils.GetTestExecutablePath(
+ 'googletest-throw-on-failure-test_')
+
+
+# Utilities.
+
+
+def SetEnvVar(env_var, value):
+ """Sets an environment variable to a given value; unsets it when the
+ given value is None.
+ """
+
+ env_var = env_var.upper()
+ if value is not None:
+ os.environ[env_var] = value
+ elif env_var in os.environ:
+ del os.environ[env_var]
+
+
+def Run(command):
+ """Runs a command; returns True/False if its exit code is/isn't 0."""
+
+ print 'Running "%s". . .' % ' '.join(command)
+ p = gtest_test_utils.Subprocess(command)
+ return p.exited and p.exit_code == 0
+
+
+# The tests. FIXME: refactor the class to share common
+# logic with code in googletest-break-on-failure-unittest.py.
+class ThrowOnFailureTest(gtest_test_utils.TestCase):
+ """Tests the throw-on-failure mode."""
+
+ def RunAndVerify(self, env_var_value, flag_value, should_fail):
+ """Runs googletest-throw-on-failure-test_ and verifies that it does
+ (or does not) exit with a non-zero code.
+
+ Args:
+ env_var_value: value of the GTEST_BREAK_ON_FAILURE environment
+ variable; None if the variable should be unset.
+ flag_value: value of the --gtest_break_on_failure flag;
+ None if the flag should not be present.
+ should_fail: True iff the program is expected to fail.
+ """
+
+ SetEnvVar(THROW_ON_FAILURE, env_var_value)
+
+ if env_var_value is None:
+ env_var_value_msg = ' is not set'
+ else:
+ env_var_value_msg = '=' + env_var_value
+
+ if flag_value is None:
+ flag = ''
+ elif flag_value == '0':
+ flag = '--%s=0' % THROW_ON_FAILURE
+ else:
+ flag = '--%s' % THROW_ON_FAILURE
+
+ command = [EXE_PATH]
+ if flag:
+ command.append(flag)
+
+ if should_fail:
+ should_or_not = 'should'
+ else:
+ should_or_not = 'should not'
+
+ failed = not Run(command)
+
+ SetEnvVar(THROW_ON_FAILURE, None)
+
+ msg = ('when %s%s, an assertion failure in "%s" %s cause a non-zero '
+ 'exit code.' %
+ (THROW_ON_FAILURE, env_var_value_msg, ' '.join(command),
+ should_or_not))
+ self.assert_(failed == should_fail, msg)
+
+ def testDefaultBehavior(self):
+ """Tests the behavior of the default mode."""
+
+ self.RunAndVerify(env_var_value=None, flag_value=None, should_fail=False)
+
+ def testThrowOnFailureEnvVar(self):
+ """Tests using the GTEST_THROW_ON_FAILURE environment variable."""
+
+ self.RunAndVerify(env_var_value='0',
+ flag_value=None,
+ should_fail=False)
+ self.RunAndVerify(env_var_value='1',
+ flag_value=None,
+ should_fail=True)
+
+ def testThrowOnFailureFlag(self):
+ """Tests using the --gtest_throw_on_failure flag."""
+
+ self.RunAndVerify(env_var_value=None,
+ flag_value='0',
+ should_fail=False)
+ self.RunAndVerify(env_var_value=None,
+ flag_value='1',
+ should_fail=True)
+
+ def testThrowOnFailureFlagOverridesEnvVar(self):
+ """Tests that --gtest_throw_on_failure overrides GTEST_THROW_ON_FAILURE."""
+
+ self.RunAndVerify(env_var_value='0',
+ flag_value='0',
+ should_fail=False)
+ self.RunAndVerify(env_var_value='0',
+ flag_value='1',
+ should_fail=True)
+ self.RunAndVerify(env_var_value='1',
+ flag_value='0',
+ should_fail=False)
+ self.RunAndVerify(env_var_value='1',
+ flag_value='1',
+ should_fail=True)
+
+
+if __name__ == '__main__':
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-throw-on-failure-test_.cc b/security/nss/gtests/google_test/gtest/test/googletest-throw-on-failure-test_.cc
new file mode 100644
index 000000000..f9a2c6448
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-throw-on-failure-test_.cc
@@ -0,0 +1,71 @@
+// Copyright 2009, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+// Tests Google Test's throw-on-failure mode with exceptions disabled.
+//
+// This program must be compiled with exceptions disabled. It will be
+// invoked by googletest-throw-on-failure-test.py, and is expected to exit
+// with non-zero in the throw-on-failure mode or 0 otherwise.
+
+#include "gtest/gtest.h"
+
+#include <stdio.h> // for fflush, fprintf, NULL, etc.
+#include <stdlib.h> // for exit
+#include <exception> // for set_terminate
+
+// This terminate handler aborts the program using exit() rather than abort().
+// This avoids showing pop-ups on Windows systems and core dumps on Unix-like
+// ones.
+void TerminateHandler() {
+ fprintf(stderr, "%s\n", "Unhandled C++ exception terminating the program.");
+ fflush(NULL);
+ exit(1);
+}
+
+int main(int argc, char** argv) {
+#if GTEST_HAS_EXCEPTIONS
+ std::set_terminate(&TerminateHandler);
+#endif
+ testing::InitGoogleTest(&argc, argv);
+
+ // We want to ensure that people can use Google Test assertions in
+ // other testing frameworks, as long as they initialize Google Test
+ // properly and set the throw-on-failure mode. Therefore, we don't
+ // use Google Test's constructs for defining and running tests
+ // (e.g. TEST and RUN_ALL_TESTS) here.
+
+ // In the throw-on-failure mode with exceptions disabled, this
+ // assertion will cause the program to exit with a non-zero code.
+ EXPECT_EQ(2, 3);
+
+ // When not in the throw-on-failure mode, the control will reach
+ // here.
+ return 0;
+}
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-tuple-test.cc b/security/nss/gtests/google_test/gtest/test/googletest-tuple-test.cc
new file mode 100644
index 000000000..dd82c160f
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-tuple-test.cc
@@ -0,0 +1,319 @@
+// Copyright 2007, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+#include "gtest/internal/gtest-tuple.h"
+#include <utility>
+#include "gtest/gtest.h"
+
+namespace {
+
+using ::std::tr1::get;
+using ::std::tr1::make_tuple;
+using ::std::tr1::tuple;
+using ::std::tr1::tuple_element;
+using ::std::tr1::tuple_size;
+using ::testing::StaticAssertTypeEq;
+
+// Tests that tuple_element<K, tuple<T0, T1, ..., TN> >::type returns TK.
+TEST(tuple_element_Test, ReturnsElementType) {
+ StaticAssertTypeEq<int, tuple_element<0, tuple<int, char> >::type>();
+ StaticAssertTypeEq<int&, tuple_element<1, tuple<double, int&> >::type>();
+ StaticAssertTypeEq<bool, tuple_element<2, tuple<double, int, bool> >::type>();
+}
+
+// Tests that tuple_size<T>::value gives the number of fields in tuple
+// type T.
+TEST(tuple_size_Test, ReturnsNumberOfFields) {
+ EXPECT_EQ(0, +tuple_size<tuple<> >::value);
+ EXPECT_EQ(1, +tuple_size<tuple<void*> >::value);
+ EXPECT_EQ(1, +tuple_size<tuple<char> >::value);
+ EXPECT_EQ(1, +(tuple_size<tuple<tuple<int, double> > >::value));
+ EXPECT_EQ(2, +(tuple_size<tuple<int&, const char> >::value));
+ EXPECT_EQ(3, +(tuple_size<tuple<char*, void, const bool&> >::value));
+}
+
+// Tests comparing a tuple with itself.
+TEST(ComparisonTest, ComparesWithSelf) {
+ const tuple<int, char, bool> a(5, 'a', false);
+
+ EXPECT_TRUE(a == a);
+ EXPECT_FALSE(a != a);
+}
+
+// Tests comparing two tuples with the same value.
+TEST(ComparisonTest, ComparesEqualTuples) {
+ const tuple<int, bool> a(5, true), b(5, true);
+
+ EXPECT_TRUE(a == b);
+ EXPECT_FALSE(a != b);
+}
+
+// Tests comparing two different tuples that have no reference fields.
+TEST(ComparisonTest, ComparesUnequalTuplesWithoutReferenceFields) {
+ typedef tuple<const int, char> FooTuple;
+
+ const FooTuple a(0, 'x');
+ const FooTuple b(1, 'a');
+
+ EXPECT_TRUE(a != b);
+ EXPECT_FALSE(a == b);
+
+ const FooTuple c(1, 'b');
+
+ EXPECT_TRUE(b != c);
+ EXPECT_FALSE(b == c);
+}
+
+// Tests comparing two different tuples that have reference fields.
+TEST(ComparisonTest, ComparesUnequalTuplesWithReferenceFields) {
+ typedef tuple<int&, const char&> FooTuple;
+
+ int i = 5;
+ const char ch = 'a';
+ const FooTuple a(i, ch);
+
+ int j = 6;
+ const FooTuple b(j, ch);
+
+ EXPECT_TRUE(a != b);
+ EXPECT_FALSE(a == b);
+
+ j = 5;
+ const char ch2 = 'b';
+ const FooTuple c(j, ch2);
+
+ EXPECT_TRUE(b != c);
+ EXPECT_FALSE(b == c);
+}
+
+// Tests that a tuple field with a reference type is an alias of the
+// variable it's supposed to reference.
+TEST(ReferenceFieldTest, IsAliasOfReferencedVariable) {
+ int n = 0;
+ tuple<bool, int&> t(true, n);
+
+ n = 1;
+ EXPECT_EQ(n, get<1>(t))
+ << "Changing a underlying variable should update the reference field.";
+
+ // Makes sure that the implementation doesn't do anything funny with
+ // the & operator for the return type of get<>().
+ EXPECT_EQ(&n, &(get<1>(t)))
+ << "The address of a reference field should equal the address of "
+ << "the underlying variable.";
+
+ get<1>(t) = 2;
+ EXPECT_EQ(2, n)
+ << "Changing a reference field should update the underlying variable.";
+}
+
+// Tests that tuple's default constructor default initializes each field.
+// This test needs to compile without generating warnings.
+TEST(TupleConstructorTest, DefaultConstructorDefaultInitializesEachField) {
+ // The TR1 report requires that tuple's default constructor default
+ // initializes each field, even if it's a primitive type. If the
+ // implementation forgets to do this, this test will catch it by
+ // generating warnings about using uninitialized variables (assuming
+ // a decent compiler).
+
+ tuple<> empty;
+
+ tuple<int> a1, b1;
+ b1 = a1;
+ EXPECT_EQ(0, get<0>(b1));
+
+ tuple<int, double> a2, b2;
+ b2 = a2;
+ EXPECT_EQ(0, get<0>(b2));
+ EXPECT_EQ(0.0, get<1>(b2));
+
+ tuple<double, char, bool*> a3, b3;
+ b3 = a3;
+ EXPECT_EQ(0.0, get<0>(b3));
+ EXPECT_EQ('\0', get<1>(b3));
+ EXPECT_TRUE(get<2>(b3) == NULL);
+
+ tuple<int, int, int, int, int, int, int, int, int, int> a10, b10;
+ b10 = a10;
+ EXPECT_EQ(0, get<0>(b10));
+ EXPECT_EQ(0, get<1>(b10));
+ EXPECT_EQ(0, get<2>(b10));
+ EXPECT_EQ(0, get<3>(b10));
+ EXPECT_EQ(0, get<4>(b10));
+ EXPECT_EQ(0, get<5>(b10));
+ EXPECT_EQ(0, get<6>(b10));
+ EXPECT_EQ(0, get<7>(b10));
+ EXPECT_EQ(0, get<8>(b10));
+ EXPECT_EQ(0, get<9>(b10));
+}
+
+// Tests constructing a tuple from its fields.
+TEST(TupleConstructorTest, ConstructsFromFields) {
+ int n = 1;
+ // Reference field.
+ tuple<int&> a(n);
+ EXPECT_EQ(&n, &(get<0>(a)));
+
+ // Non-reference fields.
+ tuple<int, char> b(5, 'a');
+ EXPECT_EQ(5, get<0>(b));
+ EXPECT_EQ('a', get<1>(b));
+
+ // Const reference field.
+ const int m = 2;
+ tuple<bool, const int&> c(true, m);
+ EXPECT_TRUE(get<0>(c));
+ EXPECT_EQ(&m, &(get<1>(c)));
+}
+
+// Tests tuple's copy constructor.
+TEST(TupleConstructorTest, CopyConstructor) {
+ tuple<double, bool> a(0.0, true);
+ tuple<double, bool> b(a);
+
+ EXPECT_DOUBLE_EQ(0.0, get<0>(b));
+ EXPECT_TRUE(get<1>(b));
+}
+
+// Tests constructing a tuple from another tuple that has a compatible
+// but different type.
+TEST(TupleConstructorTest, ConstructsFromDifferentTupleType) {
+ tuple<int, int, char> a(0, 1, 'a');
+ tuple<double, long, int> b(a);
+
+ EXPECT_DOUBLE_EQ(0.0, get<0>(b));
+ EXPECT_EQ(1, get<1>(b));
+ EXPECT_EQ('a', get<2>(b));
+}
+
+// Tests constructing a 2-tuple from an std::pair.
+TEST(TupleConstructorTest, ConstructsFromPair) {
+ ::std::pair<int, char> a(1, 'a');
+ tuple<int, char> b(a);
+ tuple<int, const char&> c(a);
+}
+
+// Tests assigning a tuple to another tuple with the same type.
+TEST(TupleAssignmentTest, AssignsToSameTupleType) {
+ const tuple<int, long> a(5, 7L);
+ tuple<int, long> b;
+ b = a;
+ EXPECT_EQ(5, get<0>(b));
+ EXPECT_EQ(7L, get<1>(b));
+}
+
+// Tests assigning a tuple to another tuple with a different but
+// compatible type.
+TEST(TupleAssignmentTest, AssignsToDifferentTupleType) {
+ const tuple<int, long, bool> a(1, 7L, true);
+ tuple<long, int, bool> b;
+ b = a;
+ EXPECT_EQ(1L, get<0>(b));
+ EXPECT_EQ(7, get<1>(b));
+ EXPECT_TRUE(get<2>(b));
+}
+
+// Tests assigning an std::pair to a 2-tuple.
+TEST(TupleAssignmentTest, AssignsFromPair) {
+ const ::std::pair<int, bool> a(5, true);
+ tuple<int, bool> b;
+ b = a;
+ EXPECT_EQ(5, get<0>(b));
+ EXPECT_TRUE(get<1>(b));
+
+ tuple<long, bool> c;
+ c = a;
+ EXPECT_EQ(5L, get<0>(c));
+ EXPECT_TRUE(get<1>(c));
+}
+
+// A fixture for testing big tuples.
+class BigTupleTest : public testing::Test {
+ protected:
+ typedef tuple<int, int, int, int, int, int, int, int, int, int> BigTuple;
+
+ BigTupleTest() :
+ a_(1, 0, 0, 0, 0, 0, 0, 0, 0, 2),
+ b_(1, 0, 0, 0, 0, 0, 0, 0, 0, 3) {}
+
+ BigTuple a_, b_;
+};
+
+// Tests constructing big tuples.
+TEST_F(BigTupleTest, Construction) {
+ BigTuple a;
+ BigTuple b(b_);
+}
+
+// Tests that get<N>(t) returns the N-th (0-based) field of tuple t.
+TEST_F(BigTupleTest, get) {
+ EXPECT_EQ(1, get<0>(a_));
+ EXPECT_EQ(2, get<9>(a_));
+
+ // Tests that get() works on a const tuple too.
+ const BigTuple a(a_);
+ EXPECT_EQ(1, get<0>(a));
+ EXPECT_EQ(2, get<9>(a));
+}
+
+// Tests comparing big tuples.
+TEST_F(BigTupleTest, Comparisons) {
+ EXPECT_TRUE(a_ == a_);
+ EXPECT_FALSE(a_ != a_);
+
+ EXPECT_TRUE(a_ != b_);
+ EXPECT_FALSE(a_ == b_);
+}
+
+TEST(MakeTupleTest, WorksForScalarTypes) {
+ tuple<bool, int> a;
+ a = make_tuple(true, 5);
+ EXPECT_TRUE(get<0>(a));
+ EXPECT_EQ(5, get<1>(a));
+
+ tuple<char, int, long> b;
+ b = make_tuple('a', 'b', 5);
+ EXPECT_EQ('a', get<0>(b));
+ EXPECT_EQ('b', get<1>(b));
+ EXPECT_EQ(5, get<2>(b));
+}
+
+TEST(MakeTupleTest, WorksForPointers) {
+ int a[] = { 1, 2, 3, 4 };
+ const char* const str = "hi";
+ int* const p = a;
+
+ tuple<const char*, int*> t;
+ t = make_tuple(str, p);
+ EXPECT_EQ(str, get<0>(t));
+ EXPECT_EQ(p, get<1>(t));
+}
+
+} // namespace
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-uninitialized-test.py b/security/nss/gtests/google_test/gtest/test/googletest-uninitialized-test.py
new file mode 100644
index 000000000..5b7d1e74f
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-uninitialized-test.py
@@ -0,0 +1,67 @@
+#!/usr/bin/env python
+#
+# Copyright 2008, Google Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Verifies that Google Test warns the user when not initialized properly."""
+
+import gtest_test_utils
+
+COMMAND = gtest_test_utils.GetTestExecutablePath('googletest-uninitialized-test_')
+
+
+def Assert(condition):
+ if not condition:
+ raise AssertionError
+
+
+def AssertEq(expected, actual):
+ if expected != actual:
+ print 'Expected: %s' % (expected,)
+ print ' Actual: %s' % (actual,)
+ raise AssertionError
+
+
+def TestExitCodeAndOutput(command):
+ """Runs the given command and verifies its exit code and output."""
+
+ # Verifies that 'command' exits with code 1.
+ p = gtest_test_utils.Subprocess(command)
+ if p.exited and p.exit_code == 0:
+ Assert('IMPORTANT NOTICE' in p.output);
+ Assert('InitGoogleTest' in p.output)
+
+
+class GTestUninitializedTest(gtest_test_utils.TestCase):
+ def testExitCodeAndOutput(self):
+ TestExitCodeAndOutput(COMMAND)
+
+
+if __name__ == '__main__':
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/googletest-uninitialized-test_.cc b/security/nss/gtests/google_test/gtest/test/googletest-uninitialized-test_.cc
new file mode 100644
index 000000000..b4434d51e
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/googletest-uninitialized-test_.cc
@@ -0,0 +1,42 @@
+// Copyright 2008, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+#include "gtest/gtest.h"
+
+TEST(DummyTest, Dummy) {
+ // This test doesn't verify anything. We just need it to create a
+ // realistic stage for testing the behavior of Google Test when
+ // RUN_ALL_TESTS() is called without
+ // testing::InitGoogleTest() being called first.
+}
+
+int main() {
+ return RUN_ALL_TESTS();
+}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-death-test_ex_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-death-test_ex_test.cc
deleted file mode 100644
index b50a13d5e..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-death-test_ex_test.cc
+++ /dev/null
@@ -1,93 +0,0 @@
-// Copyright 2010, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: vladl@google.com (Vlad Losev)
-//
-// Tests that verify interaction of exceptions and death tests.
-
-#include "gtest/gtest-death-test.h"
-#include "gtest/gtest.h"
-
-#if GTEST_HAS_DEATH_TEST
-
-# if GTEST_HAS_SEH
-# include <windows.h> // For RaiseException().
-# endif
-
-# include "gtest/gtest-spi.h"
-
-# if GTEST_HAS_EXCEPTIONS
-
-# include <exception> // For std::exception.
-
-// Tests that death tests report thrown exceptions as failures and that the
-// exceptions do not escape death test macros.
-TEST(CxxExceptionDeathTest, ExceptionIsFailure) {
- try {
- EXPECT_NONFATAL_FAILURE(EXPECT_DEATH(throw 1, ""), "threw an exception");
- } catch (...) { // NOLINT
- FAIL() << "An exception escaped a death test macro invocation "
- << "with catch_exceptions "
- << (testing::GTEST_FLAG(catch_exceptions) ? "enabled" : "disabled");
- }
-}
-
-class TestException : public std::exception {
- public:
- virtual const char* what() const throw() { return "exceptional message"; }
-};
-
-TEST(CxxExceptionDeathTest, PrintsMessageForStdExceptions) {
- // Verifies that the exception message is quoted in the failure text.
- EXPECT_NONFATAL_FAILURE(EXPECT_DEATH(throw TestException(), ""),
- "exceptional message");
- // Verifies that the location is mentioned in the failure text.
- EXPECT_NONFATAL_FAILURE(EXPECT_DEATH(throw TestException(), ""),
- "gtest-death-test_ex_test.cc");
-}
-# endif // GTEST_HAS_EXCEPTIONS
-
-# if GTEST_HAS_SEH
-// Tests that enabling interception of SEH exceptions with the
-// catch_exceptions flag does not interfere with SEH exceptions being
-// treated as death by death tests.
-TEST(SehExceptionDeasTest, CatchExceptionsDoesNotInterfere) {
- EXPECT_DEATH(RaiseException(42, 0x0, 0, NULL), "")
- << "with catch_exceptions "
- << (testing::GTEST_FLAG(catch_exceptions) ? "enabled" : "disabled");
-}
-# endif
-
-#endif // GTEST_HAS_DEATH_TEST
-
-int main(int argc, char** argv) {
- testing::InitGoogleTest(&argc, argv);
- testing::GTEST_FLAG(catch_exceptions) = GTEST_ENABLE_CATCH_EXCEPTIONS_ != 0;
- return RUN_ALL_TESTS();
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-death-test_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-death-test_test.cc
deleted file mode 100644
index b25bc2296..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-death-test_test.cc
+++ /dev/null
@@ -1,1423 +0,0 @@
-// Copyright 2005, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-//
-// Tests for death tests.
-
-#include "gtest/gtest-death-test.h"
-#include "gtest/gtest.h"
-#include "gtest/internal/gtest-filepath.h"
-
-using testing::internal::AlwaysFalse;
-using testing::internal::AlwaysTrue;
-
-#if GTEST_HAS_DEATH_TEST
-
-# if GTEST_OS_WINDOWS
-# include <direct.h> // For chdir().
-# else
-# include <unistd.h>
-# include <sys/wait.h> // For waitpid.
-# endif // GTEST_OS_WINDOWS
-
-# include <limits.h>
-# include <signal.h>
-# include <stdio.h>
-
-# if GTEST_OS_LINUX
-# include <sys/time.h>
-# endif // GTEST_OS_LINUX
-
-# include "gtest/gtest-spi.h"
-
-// Indicates that this translation unit is part of Google Test's
-// implementation. It must come before gtest-internal-inl.h is
-// included, or there will be a compiler error. This trick is to
-// prevent a user from accidentally including gtest-internal-inl.h in
-// his code.
-# define GTEST_IMPLEMENTATION_ 1
-# include "src/gtest-internal-inl.h"
-# undef GTEST_IMPLEMENTATION_
-
-namespace posix = ::testing::internal::posix;
-
-using testing::Message;
-using testing::internal::DeathTest;
-using testing::internal::DeathTestFactory;
-using testing::internal::FilePath;
-using testing::internal::GetLastErrnoDescription;
-using testing::internal::GetUnitTestImpl;
-using testing::internal::InDeathTestChild;
-using testing::internal::ParseNaturalNumber;
-
-namespace testing {
-namespace internal {
-
-// A helper class whose objects replace the death test factory for a
-// single UnitTest object during their lifetimes.
-class ReplaceDeathTestFactory {
- public:
- explicit ReplaceDeathTestFactory(DeathTestFactory* new_factory)
- : unit_test_impl_(GetUnitTestImpl()) {
- old_factory_ = unit_test_impl_->death_test_factory_.release();
- unit_test_impl_->death_test_factory_.reset(new_factory);
- }
-
- ~ReplaceDeathTestFactory() {
- unit_test_impl_->death_test_factory_.release();
- unit_test_impl_->death_test_factory_.reset(old_factory_);
- }
- private:
- // Prevents copying ReplaceDeathTestFactory objects.
- ReplaceDeathTestFactory(const ReplaceDeathTestFactory&);
- void operator=(const ReplaceDeathTestFactory&);
-
- UnitTestImpl* unit_test_impl_;
- DeathTestFactory* old_factory_;
-};
-
-} // namespace internal
-} // namespace testing
-
-void DieWithMessage(const ::std::string& message) {
- fprintf(stderr, "%s", message.c_str());
- fflush(stderr); // Make sure the text is printed before the process exits.
-
- // We call _exit() instead of exit(), as the former is a direct
- // system call and thus safer in the presence of threads. exit()
- // will invoke user-defined exit-hooks, which may do dangerous
- // things that conflict with death tests.
- //
- // Some compilers can recognize that _exit() never returns and issue the
- // 'unreachable code' warning for code following this function, unless
- // fooled by a fake condition.
- if (AlwaysTrue())
- _exit(1);
-}
-
-void DieInside(const ::std::string& function) {
- DieWithMessage("death inside " + function + "().");
-}
-
-// Tests that death tests work.
-
-class TestForDeathTest : public testing::Test {
- protected:
- TestForDeathTest() : original_dir_(FilePath::GetCurrentDir()) {}
-
- virtual ~TestForDeathTest() {
- posix::ChDir(original_dir_.c_str());
- }
-
- // A static member function that's expected to die.
- static void StaticMemberFunction() { DieInside("StaticMemberFunction"); }
-
- // A method of the test fixture that may die.
- void MemberFunction() {
- if (should_die_)
- DieInside("MemberFunction");
- }
-
- // True iff MemberFunction() should die.
- bool should_die_;
- const FilePath original_dir_;
-};
-
-// A class with a member function that may die.
-class MayDie {
- public:
- explicit MayDie(bool should_die) : should_die_(should_die) {}
-
- // A member function that may die.
- void MemberFunction() const {
- if (should_die_)
- DieInside("MayDie::MemberFunction");
- }
-
- private:
- // True iff MemberFunction() should die.
- bool should_die_;
-};
-
-// A global function that's expected to die.
-void GlobalFunction() { DieInside("GlobalFunction"); }
-
-// A non-void function that's expected to die.
-int NonVoidFunction() {
- DieInside("NonVoidFunction");
- return 1;
-}
-
-// A unary function that may die.
-void DieIf(bool should_die) {
- if (should_die)
- DieInside("DieIf");
-}
-
-// A binary function that may die.
-bool DieIfLessThan(int x, int y) {
- if (x < y) {
- DieInside("DieIfLessThan");
- }
- return true;
-}
-
-// Tests that ASSERT_DEATH can be used outside a TEST, TEST_F, or test fixture.
-void DeathTestSubroutine() {
- EXPECT_DEATH(GlobalFunction(), "death.*GlobalFunction");
- ASSERT_DEATH(GlobalFunction(), "death.*GlobalFunction");
-}
-
-// Death in dbg, not opt.
-int DieInDebugElse12(int* sideeffect) {
- if (sideeffect) *sideeffect = 12;
-
-# ifndef NDEBUG
-
- DieInside("DieInDebugElse12");
-
-# endif // NDEBUG
-
- return 12;
-}
-
-# if GTEST_OS_WINDOWS
-
-// Tests the ExitedWithCode predicate.
-TEST(ExitStatusPredicateTest, ExitedWithCode) {
- // On Windows, the process's exit code is the same as its exit status,
- // so the predicate just compares the its input with its parameter.
- EXPECT_TRUE(testing::ExitedWithCode(0)(0));
- EXPECT_TRUE(testing::ExitedWithCode(1)(1));
- EXPECT_TRUE(testing::ExitedWithCode(42)(42));
- EXPECT_FALSE(testing::ExitedWithCode(0)(1));
- EXPECT_FALSE(testing::ExitedWithCode(1)(0));
-}
-
-# else
-
-// Returns the exit status of a process that calls _exit(2) with a
-// given exit code. This is a helper function for the
-// ExitStatusPredicateTest test suite.
-static int NormalExitStatus(int exit_code) {
- pid_t child_pid = fork();
- if (child_pid == 0) {
- _exit(exit_code);
- }
- int status;
- waitpid(child_pid, &status, 0);
- return status;
-}
-
-// Returns the exit status of a process that raises a given signal.
-// If the signal does not cause the process to die, then it returns
-// instead the exit status of a process that exits normally with exit
-// code 1. This is a helper function for the ExitStatusPredicateTest
-// test suite.
-static int KilledExitStatus(int signum) {
- pid_t child_pid = fork();
- if (child_pid == 0) {
- raise(signum);
- _exit(1);
- }
- int status;
- waitpid(child_pid, &status, 0);
- return status;
-}
-
-// Tests the ExitedWithCode predicate.
-TEST(ExitStatusPredicateTest, ExitedWithCode) {
- const int status0 = NormalExitStatus(0);
- const int status1 = NormalExitStatus(1);
- const int status42 = NormalExitStatus(42);
- const testing::ExitedWithCode pred0(0);
- const testing::ExitedWithCode pred1(1);
- const testing::ExitedWithCode pred42(42);
- EXPECT_PRED1(pred0, status0);
- EXPECT_PRED1(pred1, status1);
- EXPECT_PRED1(pred42, status42);
- EXPECT_FALSE(pred0(status1));
- EXPECT_FALSE(pred42(status0));
- EXPECT_FALSE(pred1(status42));
-}
-
-// Tests the KilledBySignal predicate.
-TEST(ExitStatusPredicateTest, KilledBySignal) {
- const int status_segv = KilledExitStatus(SIGSEGV);
- const int status_kill = KilledExitStatus(SIGKILL);
- const testing::KilledBySignal pred_segv(SIGSEGV);
- const testing::KilledBySignal pred_kill(SIGKILL);
- EXPECT_PRED1(pred_segv, status_segv);
- EXPECT_PRED1(pred_kill, status_kill);
- EXPECT_FALSE(pred_segv(status_kill));
- EXPECT_FALSE(pred_kill(status_segv));
-}
-
-# endif // GTEST_OS_WINDOWS
-
-// Tests that the death test macros expand to code which may or may not
-// be followed by operator<<, and that in either case the complete text
-// comprises only a single C++ statement.
-TEST_F(TestForDeathTest, SingleStatement) {
- if (AlwaysFalse())
- // This would fail if executed; this is a compilation test only
- ASSERT_DEATH(return, "");
-
- if (AlwaysTrue())
- EXPECT_DEATH(_exit(1), "");
- else
- // This empty "else" branch is meant to ensure that EXPECT_DEATH
- // doesn't expand into an "if" statement without an "else"
- ;
-
- if (AlwaysFalse())
- ASSERT_DEATH(return, "") << "did not die";
-
- if (AlwaysFalse())
- ;
- else
- EXPECT_DEATH(_exit(1), "") << 1 << 2 << 3;
-}
-
-void DieWithEmbeddedNul() {
- fprintf(stderr, "Hello%cmy null world.\n", '\0');
- fflush(stderr);
- _exit(1);
-}
-
-# if GTEST_USES_PCRE
-// Tests that EXPECT_DEATH and ASSERT_DEATH work when the error
-// message has a NUL character in it.
-TEST_F(TestForDeathTest, EmbeddedNulInMessage) {
- // TODO(wan@google.com): <regex.h> doesn't support matching strings
- // with embedded NUL characters - find a way to workaround it.
- EXPECT_DEATH(DieWithEmbeddedNul(), "my null world");
- ASSERT_DEATH(DieWithEmbeddedNul(), "my null world");
-}
-# endif // GTEST_USES_PCRE
-
-// Tests that death test macros expand to code which interacts well with switch
-// statements.
-TEST_F(TestForDeathTest, SwitchStatement) {
- // Microsoft compiler usually complains about switch statements without
- // case labels. We suppress that warning for this test.
- GTEST_DISABLE_MSC_WARNINGS_PUSH_(4065)
-
- switch (0)
- default:
- ASSERT_DEATH(_exit(1), "") << "exit in default switch handler";
-
- switch (0)
- case 0:
- EXPECT_DEATH(_exit(1), "") << "exit in switch case";
-
- GTEST_DISABLE_MSC_WARNINGS_POP_()
-}
-
-// Tests that a static member function can be used in a "fast" style
-// death test.
-TEST_F(TestForDeathTest, StaticMemberFunctionFastStyle) {
- testing::GTEST_FLAG(death_test_style) = "fast";
- ASSERT_DEATH(StaticMemberFunction(), "death.*StaticMember");
-}
-
-// Tests that a method of the test fixture can be used in a "fast"
-// style death test.
-TEST_F(TestForDeathTest, MemberFunctionFastStyle) {
- testing::GTEST_FLAG(death_test_style) = "fast";
- should_die_ = true;
- EXPECT_DEATH(MemberFunction(), "inside.*MemberFunction");
-}
-
-void ChangeToRootDir() { posix::ChDir(GTEST_PATH_SEP_); }
-
-// Tests that death tests work even if the current directory has been
-// changed.
-TEST_F(TestForDeathTest, FastDeathTestInChangedDir) {
- testing::GTEST_FLAG(death_test_style) = "fast";
-
- ChangeToRootDir();
- EXPECT_EXIT(_exit(1), testing::ExitedWithCode(1), "");
-
- ChangeToRootDir();
- ASSERT_DEATH(_exit(1), "");
-}
-
-# if GTEST_OS_LINUX
-void SigprofAction(int, siginfo_t*, void*) { /* no op */ }
-
-// Sets SIGPROF action and ITIMER_PROF timer (interval: 1ms).
-void SetSigprofActionAndTimer() {
- struct itimerval timer;
- timer.it_interval.tv_sec = 0;
- timer.it_interval.tv_usec = 1;
- timer.it_value = timer.it_interval;
- ASSERT_EQ(0, setitimer(ITIMER_PROF, &timer, NULL));
- struct sigaction signal_action;
- memset(&signal_action, 0, sizeof(signal_action));
- sigemptyset(&signal_action.sa_mask);
- signal_action.sa_sigaction = SigprofAction;
- signal_action.sa_flags = SA_RESTART | SA_SIGINFO;
- ASSERT_EQ(0, sigaction(SIGPROF, &signal_action, NULL));
-}
-
-// Disables ITIMER_PROF timer and ignores SIGPROF signal.
-void DisableSigprofActionAndTimer(struct sigaction* old_signal_action) {
- struct itimerval timer;
- timer.it_interval.tv_sec = 0;
- timer.it_interval.tv_usec = 0;
- timer.it_value = timer.it_interval;
- ASSERT_EQ(0, setitimer(ITIMER_PROF, &timer, NULL));
- struct sigaction signal_action;
- memset(&signal_action, 0, sizeof(signal_action));
- sigemptyset(&signal_action.sa_mask);
- signal_action.sa_handler = SIG_IGN;
- ASSERT_EQ(0, sigaction(SIGPROF, &signal_action, old_signal_action));
-}
-
-// Tests that death tests work when SIGPROF handler and timer are set.
-TEST_F(TestForDeathTest, FastSigprofActionSet) {
- testing::GTEST_FLAG(death_test_style) = "fast";
- SetSigprofActionAndTimer();
- EXPECT_DEATH(_exit(1), "");
- struct sigaction old_signal_action;
- DisableSigprofActionAndTimer(&old_signal_action);
- EXPECT_TRUE(old_signal_action.sa_sigaction == SigprofAction);
-}
-
-TEST_F(TestForDeathTest, ThreadSafeSigprofActionSet) {
- testing::GTEST_FLAG(death_test_style) = "threadsafe";
- SetSigprofActionAndTimer();
- EXPECT_DEATH(_exit(1), "");
- struct sigaction old_signal_action;
- DisableSigprofActionAndTimer(&old_signal_action);
- EXPECT_TRUE(old_signal_action.sa_sigaction == SigprofAction);
-}
-# endif // GTEST_OS_LINUX
-
-// Repeats a representative sample of death tests in the "threadsafe" style:
-
-TEST_F(TestForDeathTest, StaticMemberFunctionThreadsafeStyle) {
- testing::GTEST_FLAG(death_test_style) = "threadsafe";
- ASSERT_DEATH(StaticMemberFunction(), "death.*StaticMember");
-}
-
-TEST_F(TestForDeathTest, MemberFunctionThreadsafeStyle) {
- testing::GTEST_FLAG(death_test_style) = "threadsafe";
- should_die_ = true;
- EXPECT_DEATH(MemberFunction(), "inside.*MemberFunction");
-}
-
-TEST_F(TestForDeathTest, ThreadsafeDeathTestInLoop) {
- testing::GTEST_FLAG(death_test_style) = "threadsafe";
-
- for (int i = 0; i < 3; ++i)
- EXPECT_EXIT(_exit(i), testing::ExitedWithCode(i), "") << ": i = " << i;
-}
-
-TEST_F(TestForDeathTest, ThreadsafeDeathTestInChangedDir) {
- testing::GTEST_FLAG(death_test_style) = "threadsafe";
-
- ChangeToRootDir();
- EXPECT_EXIT(_exit(1), testing::ExitedWithCode(1), "");
-
- ChangeToRootDir();
- ASSERT_DEATH(_exit(1), "");
-}
-
-TEST_F(TestForDeathTest, MixedStyles) {
- testing::GTEST_FLAG(death_test_style) = "threadsafe";
- EXPECT_DEATH(_exit(1), "");
- testing::GTEST_FLAG(death_test_style) = "fast";
- EXPECT_DEATH(_exit(1), "");
-}
-
-# if GTEST_HAS_CLONE && GTEST_HAS_PTHREAD
-
-namespace {
-
-bool pthread_flag;
-
-void SetPthreadFlag() {
- pthread_flag = true;
-}
-
-} // namespace
-
-TEST_F(TestForDeathTest, DoesNotExecuteAtforkHooks) {
- if (!testing::GTEST_FLAG(death_test_use_fork)) {
- testing::GTEST_FLAG(death_test_style) = "threadsafe";
- pthread_flag = false;
- ASSERT_EQ(0, pthread_atfork(&SetPthreadFlag, NULL, NULL));
- ASSERT_DEATH(_exit(1), "");
- ASSERT_FALSE(pthread_flag);
- }
-}
-
-# endif // GTEST_HAS_CLONE && GTEST_HAS_PTHREAD
-
-// Tests that a method of another class can be used in a death test.
-TEST_F(TestForDeathTest, MethodOfAnotherClass) {
- const MayDie x(true);
- ASSERT_DEATH(x.MemberFunction(), "MayDie\\:\\:MemberFunction");
-}
-
-// Tests that a global function can be used in a death test.
-TEST_F(TestForDeathTest, GlobalFunction) {
- EXPECT_DEATH(GlobalFunction(), "GlobalFunction");
-}
-
-// Tests that any value convertible to an RE works as a second
-// argument to EXPECT_DEATH.
-TEST_F(TestForDeathTest, AcceptsAnythingConvertibleToRE) {
- static const char regex_c_str[] = "GlobalFunction";
- EXPECT_DEATH(GlobalFunction(), regex_c_str);
-
- const testing::internal::RE regex(regex_c_str);
- EXPECT_DEATH(GlobalFunction(), regex);
-
-# if GTEST_HAS_GLOBAL_STRING
-
- const string regex_str(regex_c_str);
- EXPECT_DEATH(GlobalFunction(), regex_str);
-
-# endif // GTEST_HAS_GLOBAL_STRING
-
- const ::std::string regex_std_str(regex_c_str);
- EXPECT_DEATH(GlobalFunction(), regex_std_str);
-}
-
-// Tests that a non-void function can be used in a death test.
-TEST_F(TestForDeathTest, NonVoidFunction) {
- ASSERT_DEATH(NonVoidFunction(), "NonVoidFunction");
-}
-
-// Tests that functions that take parameter(s) can be used in a death test.
-TEST_F(TestForDeathTest, FunctionWithParameter) {
- EXPECT_DEATH(DieIf(true), "DieIf\\(\\)");
- EXPECT_DEATH(DieIfLessThan(2, 3), "DieIfLessThan");
-}
-
-// Tests that ASSERT_DEATH can be used outside a TEST, TEST_F, or test fixture.
-TEST_F(TestForDeathTest, OutsideFixture) {
- DeathTestSubroutine();
-}
-
-// Tests that death tests can be done inside a loop.
-TEST_F(TestForDeathTest, InsideLoop) {
- for (int i = 0; i < 5; i++) {
- EXPECT_DEATH(DieIfLessThan(-1, i), "DieIfLessThan") << "where i == " << i;
- }
-}
-
-// Tests that a compound statement can be used in a death test.
-TEST_F(TestForDeathTest, CompoundStatement) {
- EXPECT_DEATH({ // NOLINT
- const int x = 2;
- const int y = x + 1;
- DieIfLessThan(x, y);
- },
- "DieIfLessThan");
-}
-
-// Tests that code that doesn't die causes a death test to fail.
-TEST_F(TestForDeathTest, DoesNotDie) {
- EXPECT_NONFATAL_FAILURE(EXPECT_DEATH(DieIf(false), "DieIf"),
- "failed to die");
-}
-
-// Tests that a death test fails when the error message isn't expected.
-TEST_F(TestForDeathTest, ErrorMessageMismatch) {
- EXPECT_NONFATAL_FAILURE({ // NOLINT
- EXPECT_DEATH(DieIf(true), "DieIfLessThan") << "End of death test message.";
- }, "died but not with expected error");
-}
-
-// On exit, *aborted will be true iff the EXPECT_DEATH() statement
-// aborted the function.
-void ExpectDeathTestHelper(bool* aborted) {
- *aborted = true;
- EXPECT_DEATH(DieIf(false), "DieIf"); // This assertion should fail.
- *aborted = false;
-}
-
-// Tests that EXPECT_DEATH doesn't abort the test on failure.
-TEST_F(TestForDeathTest, EXPECT_DEATH) {
- bool aborted = true;
- EXPECT_NONFATAL_FAILURE(ExpectDeathTestHelper(&aborted),
- "failed to die");
- EXPECT_FALSE(aborted);
-}
-
-// Tests that ASSERT_DEATH does abort the test on failure.
-TEST_F(TestForDeathTest, ASSERT_DEATH) {
- static bool aborted;
- EXPECT_FATAL_FAILURE({ // NOLINT
- aborted = true;
- ASSERT_DEATH(DieIf(false), "DieIf"); // This assertion should fail.
- aborted = false;
- }, "failed to die");
- EXPECT_TRUE(aborted);
-}
-
-// Tests that EXPECT_DEATH evaluates the arguments exactly once.
-TEST_F(TestForDeathTest, SingleEvaluation) {
- int x = 3;
- EXPECT_DEATH(DieIf((++x) == 4), "DieIf");
-
- const char* regex = "DieIf";
- const char* regex_save = regex;
- EXPECT_DEATH(DieIfLessThan(3, 4), regex++);
- EXPECT_EQ(regex_save + 1, regex);
-}
-
-// Tests that run-away death tests are reported as failures.
-TEST_F(TestForDeathTest, RunawayIsFailure) {
- EXPECT_NONFATAL_FAILURE(EXPECT_DEATH(static_cast<void>(0), "Foo"),
- "failed to die.");
-}
-
-// Tests that death tests report executing 'return' in the statement as
-// failure.
-TEST_F(TestForDeathTest, ReturnIsFailure) {
- EXPECT_FATAL_FAILURE(ASSERT_DEATH(return, "Bar"),
- "illegal return in test statement.");
-}
-
-// Tests that EXPECT_DEBUG_DEATH works as expected, that is, you can stream a
-// message to it, and in debug mode it:
-// 1. Asserts on death.
-// 2. Has no side effect.
-//
-// And in opt mode, it:
-// 1. Has side effects but does not assert.
-TEST_F(TestForDeathTest, TestExpectDebugDeath) {
- int sideeffect = 0;
-
- EXPECT_DEBUG_DEATH(DieInDebugElse12(&sideeffect), "death.*DieInDebugElse12")
- << "Must accept a streamed message";
-
-# ifdef NDEBUG
-
- // Checks that the assignment occurs in opt mode (sideeffect).
- EXPECT_EQ(12, sideeffect);
-
-# else
-
- // Checks that the assignment does not occur in dbg mode (no sideeffect).
- EXPECT_EQ(0, sideeffect);
-
-# endif
-}
-
-// Tests that ASSERT_DEBUG_DEATH works as expected, that is, you can stream a
-// message to it, and in debug mode it:
-// 1. Asserts on death.
-// 2. Has no side effect.
-//
-// And in opt mode, it:
-// 1. Has side effects but does not assert.
-TEST_F(TestForDeathTest, TestAssertDebugDeath) {
- int sideeffect = 0;
-
- ASSERT_DEBUG_DEATH(DieInDebugElse12(&sideeffect), "death.*DieInDebugElse12")
- << "Must accept a streamed message";
-
-# ifdef NDEBUG
-
- // Checks that the assignment occurs in opt mode (sideeffect).
- EXPECT_EQ(12, sideeffect);
-
-# else
-
- // Checks that the assignment does not occur in dbg mode (no sideeffect).
- EXPECT_EQ(0, sideeffect);
-
-# endif
-}
-
-# ifndef NDEBUG
-
-void ExpectDebugDeathHelper(bool* aborted) {
- *aborted = true;
- EXPECT_DEBUG_DEATH(return, "") << "This is expected to fail.";
- *aborted = false;
-}
-
-# if GTEST_OS_WINDOWS
-TEST(PopUpDeathTest, DoesNotShowPopUpOnAbort) {
- printf("This test should be considered failing if it shows "
- "any pop-up dialogs.\n");
- fflush(stdout);
-
- EXPECT_DEATH({
- testing::GTEST_FLAG(catch_exceptions) = false;
- abort();
- }, "");
-}
-# endif // GTEST_OS_WINDOWS
-
-// Tests that EXPECT_DEBUG_DEATH in debug mode does not abort
-// the function.
-TEST_F(TestForDeathTest, ExpectDebugDeathDoesNotAbort) {
- bool aborted = true;
- EXPECT_NONFATAL_FAILURE(ExpectDebugDeathHelper(&aborted), "");
- EXPECT_FALSE(aborted);
-}
-
-void AssertDebugDeathHelper(bool* aborted) {
- *aborted = true;
- GTEST_LOG_(INFO) << "Before ASSERT_DEBUG_DEATH";
- ASSERT_DEBUG_DEATH(GTEST_LOG_(INFO) << "In ASSERT_DEBUG_DEATH"; return, "")
- << "This is expected to fail.";
- GTEST_LOG_(INFO) << "After ASSERT_DEBUG_DEATH";
- *aborted = false;
-}
-
-// Tests that ASSERT_DEBUG_DEATH in debug mode aborts the function on
-// failure.
-TEST_F(TestForDeathTest, AssertDebugDeathAborts) {
- static bool aborted;
- aborted = false;
- EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
- EXPECT_TRUE(aborted);
-}
-
-TEST_F(TestForDeathTest, AssertDebugDeathAborts2) {
- static bool aborted;
- aborted = false;
- EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
- EXPECT_TRUE(aborted);
-}
-
-TEST_F(TestForDeathTest, AssertDebugDeathAborts3) {
- static bool aborted;
- aborted = false;
- EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
- EXPECT_TRUE(aborted);
-}
-
-TEST_F(TestForDeathTest, AssertDebugDeathAborts4) {
- static bool aborted;
- aborted = false;
- EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
- EXPECT_TRUE(aborted);
-}
-
-TEST_F(TestForDeathTest, AssertDebugDeathAborts5) {
- static bool aborted;
- aborted = false;
- EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
- EXPECT_TRUE(aborted);
-}
-
-TEST_F(TestForDeathTest, AssertDebugDeathAborts6) {
- static bool aborted;
- aborted = false;
- EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
- EXPECT_TRUE(aborted);
-}
-
-TEST_F(TestForDeathTest, AssertDebugDeathAborts7) {
- static bool aborted;
- aborted = false;
- EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
- EXPECT_TRUE(aborted);
-}
-
-TEST_F(TestForDeathTest, AssertDebugDeathAborts8) {
- static bool aborted;
- aborted = false;
- EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
- EXPECT_TRUE(aborted);
-}
-
-TEST_F(TestForDeathTest, AssertDebugDeathAborts9) {
- static bool aborted;
- aborted = false;
- EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
- EXPECT_TRUE(aborted);
-}
-
-TEST_F(TestForDeathTest, AssertDebugDeathAborts10) {
- static bool aborted;
- aborted = false;
- EXPECT_FATAL_FAILURE(AssertDebugDeathHelper(&aborted), "");
- EXPECT_TRUE(aborted);
-}
-
-# endif // _NDEBUG
-
-// Tests the *_EXIT family of macros, using a variety of predicates.
-static void TestExitMacros() {
- EXPECT_EXIT(_exit(1), testing::ExitedWithCode(1), "");
- ASSERT_EXIT(_exit(42), testing::ExitedWithCode(42), "");
-
-# if GTEST_OS_WINDOWS
-
- // Of all signals effects on the process exit code, only those of SIGABRT
- // are documented on Windows.
- // See http://msdn.microsoft.com/en-us/library/dwwzkt4c(VS.71).aspx.
- EXPECT_EXIT(raise(SIGABRT), testing::ExitedWithCode(3), "") << "b_ar";
-
-# else
-
- EXPECT_EXIT(raise(SIGKILL), testing::KilledBySignal(SIGKILL), "") << "foo";
- ASSERT_EXIT(raise(SIGUSR2), testing::KilledBySignal(SIGUSR2), "") << "bar";
-
- EXPECT_FATAL_FAILURE({ // NOLINT
- ASSERT_EXIT(_exit(0), testing::KilledBySignal(SIGSEGV), "")
- << "This failure is expected, too.";
- }, "This failure is expected, too.");
-
-# endif // GTEST_OS_WINDOWS
-
- EXPECT_NONFATAL_FAILURE({ // NOLINT
- EXPECT_EXIT(raise(SIGSEGV), testing::ExitedWithCode(0), "")
- << "This failure is expected.";
- }, "This failure is expected.");
-}
-
-TEST_F(TestForDeathTest, ExitMacros) {
- TestExitMacros();
-}
-
-TEST_F(TestForDeathTest, ExitMacrosUsingFork) {
- testing::GTEST_FLAG(death_test_use_fork) = true;
- TestExitMacros();
-}
-
-TEST_F(TestForDeathTest, InvalidStyle) {
- testing::GTEST_FLAG(death_test_style) = "rococo";
- EXPECT_NONFATAL_FAILURE({ // NOLINT
- EXPECT_DEATH(_exit(0), "") << "This failure is expected.";
- }, "This failure is expected.");
-}
-
-TEST_F(TestForDeathTest, DeathTestFailedOutput) {
- testing::GTEST_FLAG(death_test_style) = "fast";
- EXPECT_NONFATAL_FAILURE(
- EXPECT_DEATH(DieWithMessage("death\n"),
- "expected message"),
- "Actual msg:\n"
- "[ DEATH ] death\n");
-}
-
-TEST_F(TestForDeathTest, DeathTestUnexpectedReturnOutput) {
- testing::GTEST_FLAG(death_test_style) = "fast";
- EXPECT_NONFATAL_FAILURE(
- EXPECT_DEATH({
- fprintf(stderr, "returning\n");
- fflush(stderr);
- return;
- }, ""),
- " Result: illegal return in test statement.\n"
- " Error msg:\n"
- "[ DEATH ] returning\n");
-}
-
-TEST_F(TestForDeathTest, DeathTestBadExitCodeOutput) {
- testing::GTEST_FLAG(death_test_style) = "fast";
- EXPECT_NONFATAL_FAILURE(
- EXPECT_EXIT(DieWithMessage("exiting with rc 1\n"),
- testing::ExitedWithCode(3),
- "expected message"),
- " Result: died but not with expected exit code:\n"
- " Exited with exit status 1\n"
- "Actual msg:\n"
- "[ DEATH ] exiting with rc 1\n");
-}
-
-TEST_F(TestForDeathTest, DeathTestMultiLineMatchFail) {
- testing::GTEST_FLAG(death_test_style) = "fast";
- EXPECT_NONFATAL_FAILURE(
- EXPECT_DEATH(DieWithMessage("line 1\nline 2\nline 3\n"),
- "line 1\nxyz\nline 3\n"),
- "Actual msg:\n"
- "[ DEATH ] line 1\n"
- "[ DEATH ] line 2\n"
- "[ DEATH ] line 3\n");
-}
-
-TEST_F(TestForDeathTest, DeathTestMultiLineMatchPass) {
- testing::GTEST_FLAG(death_test_style) = "fast";
- EXPECT_DEATH(DieWithMessage("line 1\nline 2\nline 3\n"),
- "line 1\nline 2\nline 3\n");
-}
-
-// A DeathTestFactory that returns MockDeathTests.
-class MockDeathTestFactory : public DeathTestFactory {
- public:
- MockDeathTestFactory();
- virtual bool Create(const char* statement,
- const ::testing::internal::RE* regex,
- const char* file, int line, DeathTest** test);
-
- // Sets the parameters for subsequent calls to Create.
- void SetParameters(bool create, DeathTest::TestRole role,
- int status, bool passed);
-
- // Accessors.
- int AssumeRoleCalls() const { return assume_role_calls_; }
- int WaitCalls() const { return wait_calls_; }
- int PassedCalls() const { return passed_args_.size(); }
- bool PassedArgument(int n) const { return passed_args_[n]; }
- int AbortCalls() const { return abort_args_.size(); }
- DeathTest::AbortReason AbortArgument(int n) const {
- return abort_args_[n];
- }
- bool TestDeleted() const { return test_deleted_; }
-
- private:
- friend class MockDeathTest;
- // If true, Create will return a MockDeathTest; otherwise it returns
- // NULL.
- bool create_;
- // The value a MockDeathTest will return from its AssumeRole method.
- DeathTest::TestRole role_;
- // The value a MockDeathTest will return from its Wait method.
- int status_;
- // The value a MockDeathTest will return from its Passed method.
- bool passed_;
-
- // Number of times AssumeRole was called.
- int assume_role_calls_;
- // Number of times Wait was called.
- int wait_calls_;
- // The arguments to the calls to Passed since the last call to
- // SetParameters.
- std::vector<bool> passed_args_;
- // The arguments to the calls to Abort since the last call to
- // SetParameters.
- std::vector<DeathTest::AbortReason> abort_args_;
- // True if the last MockDeathTest returned by Create has been
- // deleted.
- bool test_deleted_;
-};
-
-
-// A DeathTest implementation useful in testing. It returns values set
-// at its creation from its various inherited DeathTest methods, and
-// reports calls to those methods to its parent MockDeathTestFactory
-// object.
-class MockDeathTest : public DeathTest {
- public:
- MockDeathTest(MockDeathTestFactory *parent,
- TestRole role, int status, bool passed) :
- parent_(parent), role_(role), status_(status), passed_(passed) {
- }
- virtual ~MockDeathTest() {
- parent_->test_deleted_ = true;
- }
- virtual TestRole AssumeRole() {
- ++parent_->assume_role_calls_;
- return role_;
- }
- virtual int Wait() {
- ++parent_->wait_calls_;
- return status_;
- }
- virtual bool Passed(bool exit_status_ok) {
- parent_->passed_args_.push_back(exit_status_ok);
- return passed_;
- }
- virtual void Abort(AbortReason reason) {
- parent_->abort_args_.push_back(reason);
- }
-
- private:
- MockDeathTestFactory* const parent_;
- const TestRole role_;
- const int status_;
- const bool passed_;
-};
-
-
-// MockDeathTestFactory constructor.
-MockDeathTestFactory::MockDeathTestFactory()
- : create_(true),
- role_(DeathTest::OVERSEE_TEST),
- status_(0),
- passed_(true),
- assume_role_calls_(0),
- wait_calls_(0),
- passed_args_(),
- abort_args_() {
-}
-
-
-// Sets the parameters for subsequent calls to Create.
-void MockDeathTestFactory::SetParameters(bool create,
- DeathTest::TestRole role,
- int status, bool passed) {
- create_ = create;
- role_ = role;
- status_ = status;
- passed_ = passed;
-
- assume_role_calls_ = 0;
- wait_calls_ = 0;
- passed_args_.clear();
- abort_args_.clear();
-}
-
-
-// Sets test to NULL (if create_ is false) or to the address of a new
-// MockDeathTest object with parameters taken from the last call
-// to SetParameters (if create_ is true). Always returns true.
-bool MockDeathTestFactory::Create(const char* /*statement*/,
- const ::testing::internal::RE* /*regex*/,
- const char* /*file*/,
- int /*line*/,
- DeathTest** test) {
- test_deleted_ = false;
- if (create_) {
- *test = new MockDeathTest(this, role_, status_, passed_);
- } else {
- *test = NULL;
- }
- return true;
-}
-
-// A test fixture for testing the logic of the GTEST_DEATH_TEST_ macro.
-// It installs a MockDeathTestFactory that is used for the duration
-// of the test case.
-class MacroLogicDeathTest : public testing::Test {
- protected:
- static testing::internal::ReplaceDeathTestFactory* replacer_;
- static MockDeathTestFactory* factory_;
-
- static void SetUpTestCase() {
- factory_ = new MockDeathTestFactory;
- replacer_ = new testing::internal::ReplaceDeathTestFactory(factory_);
- }
-
- static void TearDownTestCase() {
- delete replacer_;
- replacer_ = NULL;
- delete factory_;
- factory_ = NULL;
- }
-
- // Runs a death test that breaks the rules by returning. Such a death
- // test cannot be run directly from a test routine that uses a
- // MockDeathTest, or the remainder of the routine will not be executed.
- static void RunReturningDeathTest(bool* flag) {
- ASSERT_DEATH({ // NOLINT
- *flag = true;
- return;
- }, "");
- }
-};
-
-testing::internal::ReplaceDeathTestFactory* MacroLogicDeathTest::replacer_
- = NULL;
-MockDeathTestFactory* MacroLogicDeathTest::factory_ = NULL;
-
-
-// Test that nothing happens when the factory doesn't return a DeathTest:
-TEST_F(MacroLogicDeathTest, NothingHappens) {
- bool flag = false;
- factory_->SetParameters(false, DeathTest::OVERSEE_TEST, 0, true);
- EXPECT_DEATH(flag = true, "");
- EXPECT_FALSE(flag);
- EXPECT_EQ(0, factory_->AssumeRoleCalls());
- EXPECT_EQ(0, factory_->WaitCalls());
- EXPECT_EQ(0, factory_->PassedCalls());
- EXPECT_EQ(0, factory_->AbortCalls());
- EXPECT_FALSE(factory_->TestDeleted());
-}
-
-// Test that the parent process doesn't run the death test code,
-// and that the Passed method returns false when the (simulated)
-// child process exits with status 0:
-TEST_F(MacroLogicDeathTest, ChildExitsSuccessfully) {
- bool flag = false;
- factory_->SetParameters(true, DeathTest::OVERSEE_TEST, 0, true);
- EXPECT_DEATH(flag = true, "");
- EXPECT_FALSE(flag);
- EXPECT_EQ(1, factory_->AssumeRoleCalls());
- EXPECT_EQ(1, factory_->WaitCalls());
- ASSERT_EQ(1, factory_->PassedCalls());
- EXPECT_FALSE(factory_->PassedArgument(0));
- EXPECT_EQ(0, factory_->AbortCalls());
- EXPECT_TRUE(factory_->TestDeleted());
-}
-
-// Tests that the Passed method was given the argument "true" when
-// the (simulated) child process exits with status 1:
-TEST_F(MacroLogicDeathTest, ChildExitsUnsuccessfully) {
- bool flag = false;
- factory_->SetParameters(true, DeathTest::OVERSEE_TEST, 1, true);
- EXPECT_DEATH(flag = true, "");
- EXPECT_FALSE(flag);
- EXPECT_EQ(1, factory_->AssumeRoleCalls());
- EXPECT_EQ(1, factory_->WaitCalls());
- ASSERT_EQ(1, factory_->PassedCalls());
- EXPECT_TRUE(factory_->PassedArgument(0));
- EXPECT_EQ(0, factory_->AbortCalls());
- EXPECT_TRUE(factory_->TestDeleted());
-}
-
-// Tests that the (simulated) child process executes the death test
-// code, and is aborted with the correct AbortReason if it
-// executes a return statement.
-TEST_F(MacroLogicDeathTest, ChildPerformsReturn) {
- bool flag = false;
- factory_->SetParameters(true, DeathTest::EXECUTE_TEST, 0, true);
- RunReturningDeathTest(&flag);
- EXPECT_TRUE(flag);
- EXPECT_EQ(1, factory_->AssumeRoleCalls());
- EXPECT_EQ(0, factory_->WaitCalls());
- EXPECT_EQ(0, factory_->PassedCalls());
- EXPECT_EQ(1, factory_->AbortCalls());
- EXPECT_EQ(DeathTest::TEST_ENCOUNTERED_RETURN_STATEMENT,
- factory_->AbortArgument(0));
- EXPECT_TRUE(factory_->TestDeleted());
-}
-
-// Tests that the (simulated) child process is aborted with the
-// correct AbortReason if it does not die.
-TEST_F(MacroLogicDeathTest, ChildDoesNotDie) {
- bool flag = false;
- factory_->SetParameters(true, DeathTest::EXECUTE_TEST, 0, true);
- EXPECT_DEATH(flag = true, "");
- EXPECT_TRUE(flag);
- EXPECT_EQ(1, factory_->AssumeRoleCalls());
- EXPECT_EQ(0, factory_->WaitCalls());
- EXPECT_EQ(0, factory_->PassedCalls());
- // This time there are two calls to Abort: one since the test didn't
- // die, and another from the ReturnSentinel when it's destroyed. The
- // sentinel normally isn't destroyed if a test doesn't die, since
- // _exit(2) is called in that case by ForkingDeathTest, but not by
- // our MockDeathTest.
- ASSERT_EQ(2, factory_->AbortCalls());
- EXPECT_EQ(DeathTest::TEST_DID_NOT_DIE,
- factory_->AbortArgument(0));
- EXPECT_EQ(DeathTest::TEST_ENCOUNTERED_RETURN_STATEMENT,
- factory_->AbortArgument(1));
- EXPECT_TRUE(factory_->TestDeleted());
-}
-
-// Tests that a successful death test does not register a successful
-// test part.
-TEST(SuccessRegistrationDeathTest, NoSuccessPart) {
- EXPECT_DEATH(_exit(1), "");
- EXPECT_EQ(0, GetUnitTestImpl()->current_test_result()->total_part_count());
-}
-
-TEST(StreamingAssertionsDeathTest, DeathTest) {
- EXPECT_DEATH(_exit(1), "") << "unexpected failure";
- ASSERT_DEATH(_exit(1), "") << "unexpected failure";
- EXPECT_NONFATAL_FAILURE({ // NOLINT
- EXPECT_DEATH(_exit(0), "") << "expected failure";
- }, "expected failure");
- EXPECT_FATAL_FAILURE({ // NOLINT
- ASSERT_DEATH(_exit(0), "") << "expected failure";
- }, "expected failure");
-}
-
-// Tests that GetLastErrnoDescription returns an empty string when the
-// last error is 0 and non-empty string when it is non-zero.
-TEST(GetLastErrnoDescription, GetLastErrnoDescriptionWorks) {
- errno = ENOENT;
- EXPECT_STRNE("", GetLastErrnoDescription().c_str());
- errno = 0;
- EXPECT_STREQ("", GetLastErrnoDescription().c_str());
-}
-
-# if GTEST_OS_WINDOWS
-TEST(AutoHandleTest, AutoHandleWorks) {
- HANDLE handle = ::CreateEvent(NULL, FALSE, FALSE, NULL);
- ASSERT_NE(INVALID_HANDLE_VALUE, handle);
-
- // Tests that the AutoHandle is correctly initialized with a handle.
- testing::internal::AutoHandle auto_handle(handle);
- EXPECT_EQ(handle, auto_handle.Get());
-
- // Tests that Reset assigns INVALID_HANDLE_VALUE.
- // Note that this cannot verify whether the original handle is closed.
- auto_handle.Reset();
- EXPECT_EQ(INVALID_HANDLE_VALUE, auto_handle.Get());
-
- // Tests that Reset assigns the new handle.
- // Note that this cannot verify whether the original handle is closed.
- handle = ::CreateEvent(NULL, FALSE, FALSE, NULL);
- ASSERT_NE(INVALID_HANDLE_VALUE, handle);
- auto_handle.Reset(handle);
- EXPECT_EQ(handle, auto_handle.Get());
-
- // Tests that AutoHandle contains INVALID_HANDLE_VALUE by default.
- testing::internal::AutoHandle auto_handle2;
- EXPECT_EQ(INVALID_HANDLE_VALUE, auto_handle2.Get());
-}
-# endif // GTEST_OS_WINDOWS
-
-# if GTEST_OS_WINDOWS
-typedef unsigned __int64 BiggestParsable;
-typedef signed __int64 BiggestSignedParsable;
-# else
-typedef unsigned long long BiggestParsable;
-typedef signed long long BiggestSignedParsable;
-# endif // GTEST_OS_WINDOWS
-
-// We cannot use std::numeric_limits<T>::max() as it clashes with the
-// max() macro defined by <windows.h>.
-const BiggestParsable kBiggestParsableMax = ULLONG_MAX;
-const BiggestSignedParsable kBiggestSignedParsableMax = LLONG_MAX;
-
-TEST(ParseNaturalNumberTest, RejectsInvalidFormat) {
- BiggestParsable result = 0;
-
- // Rejects non-numbers.
- EXPECT_FALSE(ParseNaturalNumber("non-number string", &result));
-
- // Rejects numbers with whitespace prefix.
- EXPECT_FALSE(ParseNaturalNumber(" 123", &result));
-
- // Rejects negative numbers.
- EXPECT_FALSE(ParseNaturalNumber("-123", &result));
-
- // Rejects numbers starting with a plus sign.
- EXPECT_FALSE(ParseNaturalNumber("+123", &result));
- errno = 0;
-}
-
-TEST(ParseNaturalNumberTest, RejectsOverflownNumbers) {
- BiggestParsable result = 0;
-
- EXPECT_FALSE(ParseNaturalNumber("99999999999999999999999", &result));
-
- signed char char_result = 0;
- EXPECT_FALSE(ParseNaturalNumber("200", &char_result));
- errno = 0;
-}
-
-TEST(ParseNaturalNumberTest, AcceptsValidNumbers) {
- BiggestParsable result = 0;
-
- result = 0;
- ASSERT_TRUE(ParseNaturalNumber("123", &result));
- EXPECT_EQ(123U, result);
-
- // Check 0 as an edge case.
- result = 1;
- ASSERT_TRUE(ParseNaturalNumber("0", &result));
- EXPECT_EQ(0U, result);
-
- result = 1;
- ASSERT_TRUE(ParseNaturalNumber("00000", &result));
- EXPECT_EQ(0U, result);
-}
-
-TEST(ParseNaturalNumberTest, AcceptsTypeLimits) {
- Message msg;
- msg << kBiggestParsableMax;
-
- BiggestParsable result = 0;
- EXPECT_TRUE(ParseNaturalNumber(msg.GetString(), &result));
- EXPECT_EQ(kBiggestParsableMax, result);
-
- Message msg2;
- msg2 << kBiggestSignedParsableMax;
-
- BiggestSignedParsable signed_result = 0;
- EXPECT_TRUE(ParseNaturalNumber(msg2.GetString(), &signed_result));
- EXPECT_EQ(kBiggestSignedParsableMax, signed_result);
-
- Message msg3;
- msg3 << INT_MAX;
-
- int int_result = 0;
- EXPECT_TRUE(ParseNaturalNumber(msg3.GetString(), &int_result));
- EXPECT_EQ(INT_MAX, int_result);
-
- Message msg4;
- msg4 << UINT_MAX;
-
- unsigned int uint_result = 0;
- EXPECT_TRUE(ParseNaturalNumber(msg4.GetString(), &uint_result));
- EXPECT_EQ(UINT_MAX, uint_result);
-}
-
-TEST(ParseNaturalNumberTest, WorksForShorterIntegers) {
- short short_result = 0;
- ASSERT_TRUE(ParseNaturalNumber("123", &short_result));
- EXPECT_EQ(123, short_result);
-
- signed char char_result = 0;
- ASSERT_TRUE(ParseNaturalNumber("123", &char_result));
- EXPECT_EQ(123, char_result);
-}
-
-# if GTEST_OS_WINDOWS
-TEST(EnvironmentTest, HandleFitsIntoSizeT) {
- // TODO(vladl@google.com): Remove this test after this condition is verified
- // in a static assertion in gtest-death-test.cc in the function
- // GetStatusFileDescriptor.
- ASSERT_TRUE(sizeof(HANDLE) <= sizeof(size_t));
-}
-# endif // GTEST_OS_WINDOWS
-
-// Tests that EXPECT_DEATH_IF_SUPPORTED/ASSERT_DEATH_IF_SUPPORTED trigger
-// failures when death tests are available on the system.
-TEST(ConditionalDeathMacrosDeathTest, ExpectsDeathWhenDeathTestsAvailable) {
- EXPECT_DEATH_IF_SUPPORTED(DieInside("CondDeathTestExpectMacro"),
- "death inside CondDeathTestExpectMacro");
- ASSERT_DEATH_IF_SUPPORTED(DieInside("CondDeathTestAssertMacro"),
- "death inside CondDeathTestAssertMacro");
-
- // Empty statement will not crash, which must trigger a failure.
- EXPECT_NONFATAL_FAILURE(EXPECT_DEATH_IF_SUPPORTED(;, ""), "");
- EXPECT_FATAL_FAILURE(ASSERT_DEATH_IF_SUPPORTED(;, ""), "");
-}
-
-TEST(InDeathTestChildDeathTest, ReportsDeathTestCorrectlyInFastStyle) {
- testing::GTEST_FLAG(death_test_style) = "fast";
- EXPECT_FALSE(InDeathTestChild());
- EXPECT_DEATH({
- fprintf(stderr, InDeathTestChild() ? "Inside" : "Outside");
- fflush(stderr);
- _exit(1);
- }, "Inside");
-}
-
-TEST(InDeathTestChildDeathTest, ReportsDeathTestCorrectlyInThreadSafeStyle) {
- testing::GTEST_FLAG(death_test_style) = "threadsafe";
- EXPECT_FALSE(InDeathTestChild());
- EXPECT_DEATH({
- fprintf(stderr, InDeathTestChild() ? "Inside" : "Outside");
- fflush(stderr);
- _exit(1);
- }, "Inside");
-}
-
-#else // !GTEST_HAS_DEATH_TEST follows
-
-using testing::internal::CaptureStderr;
-using testing::internal::GetCapturedStderr;
-
-// Tests that EXPECT_DEATH_IF_SUPPORTED/ASSERT_DEATH_IF_SUPPORTED are still
-// defined but do not trigger failures when death tests are not available on
-// the system.
-TEST(ConditionalDeathMacrosTest, WarnsWhenDeathTestsNotAvailable) {
- // Empty statement will not crash, but that should not trigger a failure
- // when death tests are not supported.
- CaptureStderr();
- EXPECT_DEATH_IF_SUPPORTED(;, "");
- std::string output = GetCapturedStderr();
- ASSERT_TRUE(NULL != strstr(output.c_str(),
- "Death tests are not supported on this platform"));
- ASSERT_TRUE(NULL != strstr(output.c_str(), ";"));
-
- // The streamed message should not be printed as there is no test failure.
- CaptureStderr();
- EXPECT_DEATH_IF_SUPPORTED(;, "") << "streamed message";
- output = GetCapturedStderr();
- ASSERT_TRUE(NULL == strstr(output.c_str(), "streamed message"));
-
- CaptureStderr();
- ASSERT_DEATH_IF_SUPPORTED(;, ""); // NOLINT
- output = GetCapturedStderr();
- ASSERT_TRUE(NULL != strstr(output.c_str(),
- "Death tests are not supported on this platform"));
- ASSERT_TRUE(NULL != strstr(output.c_str(), ";"));
-
- CaptureStderr();
- ASSERT_DEATH_IF_SUPPORTED(;, "") << "streamed message"; // NOLINT
- output = GetCapturedStderr();
- ASSERT_TRUE(NULL == strstr(output.c_str(), "streamed message"));
-}
-
-void FuncWithAssert(int* n) {
- ASSERT_DEATH_IF_SUPPORTED(return;, "");
- (*n)++;
-}
-
-// Tests that ASSERT_DEATH_IF_SUPPORTED does not return from the current
-// function (as ASSERT_DEATH does) if death tests are not supported.
-TEST(ConditionalDeathMacrosTest, AssertDeatDoesNotReturnhIfUnsupported) {
- int n = 0;
- FuncWithAssert(&n);
- EXPECT_EQ(1, n);
-}
-
-#endif // !GTEST_HAS_DEATH_TEST
-
-// Tests that the death test macros expand to code which may or may not
-// be followed by operator<<, and that in either case the complete text
-// comprises only a single C++ statement.
-//
-// The syntax should work whether death tests are available or not.
-TEST(ConditionalDeathMacrosSyntaxDeathTest, SingleStatement) {
- if (AlwaysFalse())
- // This would fail if executed; this is a compilation test only
- ASSERT_DEATH_IF_SUPPORTED(return, "");
-
- if (AlwaysTrue())
- EXPECT_DEATH_IF_SUPPORTED(_exit(1), "");
- else
- // This empty "else" branch is meant to ensure that EXPECT_DEATH
- // doesn't expand into an "if" statement without an "else"
- ; // NOLINT
-
- if (AlwaysFalse())
- ASSERT_DEATH_IF_SUPPORTED(return, "") << "did not die";
-
- if (AlwaysFalse())
- ; // NOLINT
- else
- EXPECT_DEATH_IF_SUPPORTED(_exit(1), "") << 1 << 2 << 3;
-}
-
-// Tests that conditional death test macros expand to code which interacts
-// well with switch statements.
-TEST(ConditionalDeathMacrosSyntaxDeathTest, SwitchStatement) {
- // Microsoft compiler usually complains about switch statements without
- // case labels. We suppress that warning for this test.
- GTEST_DISABLE_MSC_WARNINGS_PUSH_(4065)
-
- switch (0)
- default:
- ASSERT_DEATH_IF_SUPPORTED(_exit(1), "")
- << "exit in default switch handler";
-
- switch (0)
- case 0:
- EXPECT_DEATH_IF_SUPPORTED(_exit(1), "") << "exit in switch case";
-
- GTEST_DISABLE_MSC_WARNINGS_POP_()
-}
-
-// Tests that a test case whose name ends with "DeathTest" works fine
-// on Windows.
-TEST(NotADeathTest, Test) {
- SUCCEED();
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-filepath_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-filepath_test.cc
deleted file mode 100644
index ae9f55a0c..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-filepath_test.cc
+++ /dev/null
@@ -1,680 +0,0 @@
-// Copyright 2008, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Authors: keith.ray@gmail.com (Keith Ray)
-//
-// Google Test filepath utilities
-//
-// This file tests classes and functions used internally by
-// Google Test. They are subject to change without notice.
-//
-// This file is #included from gtest_unittest.cc, to avoid changing
-// build or make-files for some existing Google Test clients. Do not
-// #include this file anywhere else!
-
-#include "gtest/internal/gtest-filepath.h"
-#include "gtest/gtest.h"
-
-// Indicates that this translation unit is part of Google Test's
-// implementation. It must come before gtest-internal-inl.h is
-// included, or there will be a compiler error. This trick is to
-// prevent a user from accidentally including gtest-internal-inl.h in
-// his code.
-#define GTEST_IMPLEMENTATION_ 1
-#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
-
-#if GTEST_OS_WINDOWS_MOBILE
-# include <windows.h> // NOLINT
-#elif GTEST_OS_WINDOWS
-# include <direct.h> // NOLINT
-#endif // GTEST_OS_WINDOWS_MOBILE
-
-namespace testing {
-namespace internal {
-namespace {
-
-#if GTEST_OS_WINDOWS_MOBILE
-// TODO(wan@google.com): Move these to the POSIX adapter section in
-// gtest-port.h.
-
-// Windows CE doesn't have the remove C function.
-int remove(const char* path) {
- LPCWSTR wpath = String::AnsiToUtf16(path);
- int ret = DeleteFile(wpath) ? 0 : -1;
- delete [] wpath;
- return ret;
-}
-// Windows CE doesn't have the _rmdir C function.
-int _rmdir(const char* path) {
- FilePath filepath(path);
- LPCWSTR wpath = String::AnsiToUtf16(
- filepath.RemoveTrailingPathSeparator().c_str());
- int ret = RemoveDirectory(wpath) ? 0 : -1;
- delete [] wpath;
- return ret;
-}
-
-#else
-
-TEST(GetCurrentDirTest, ReturnsCurrentDir) {
- const FilePath original_dir = FilePath::GetCurrentDir();
- EXPECT_FALSE(original_dir.IsEmpty());
-
- posix::ChDir(GTEST_PATH_SEP_);
- const FilePath cwd = FilePath::GetCurrentDir();
- posix::ChDir(original_dir.c_str());
-
-# if GTEST_OS_WINDOWS
-
- // Skips the ":".
- const char* const cwd_without_drive = strchr(cwd.c_str(), ':');
- ASSERT_TRUE(cwd_without_drive != NULL);
- EXPECT_STREQ(GTEST_PATH_SEP_, cwd_without_drive + 1);
-
-# else
-
- EXPECT_EQ(GTEST_PATH_SEP_, cwd.string());
-
-# endif
-}
-
-#endif // GTEST_OS_WINDOWS_MOBILE
-
-TEST(IsEmptyTest, ReturnsTrueForEmptyPath) {
- EXPECT_TRUE(FilePath("").IsEmpty());
-}
-
-TEST(IsEmptyTest, ReturnsFalseForNonEmptyPath) {
- EXPECT_FALSE(FilePath("a").IsEmpty());
- EXPECT_FALSE(FilePath(".").IsEmpty());
- EXPECT_FALSE(FilePath("a/b").IsEmpty());
- EXPECT_FALSE(FilePath("a\\b\\").IsEmpty());
-}
-
-// RemoveDirectoryName "" -> ""
-TEST(RemoveDirectoryNameTest, WhenEmptyName) {
- EXPECT_EQ("", FilePath("").RemoveDirectoryName().string());
-}
-
-// RemoveDirectoryName "afile" -> "afile"
-TEST(RemoveDirectoryNameTest, ButNoDirectory) {
- EXPECT_EQ("afile",
- FilePath("afile").RemoveDirectoryName().string());
-}
-
-// RemoveDirectoryName "/afile" -> "afile"
-TEST(RemoveDirectoryNameTest, RootFileShouldGiveFileName) {
- EXPECT_EQ("afile",
- FilePath(GTEST_PATH_SEP_ "afile").RemoveDirectoryName().string());
-}
-
-// RemoveDirectoryName "adir/" -> ""
-TEST(RemoveDirectoryNameTest, WhereThereIsNoFileName) {
- EXPECT_EQ("",
- FilePath("adir" GTEST_PATH_SEP_).RemoveDirectoryName().string());
-}
-
-// RemoveDirectoryName "adir/afile" -> "afile"
-TEST(RemoveDirectoryNameTest, ShouldGiveFileName) {
- EXPECT_EQ("afile",
- FilePath("adir" GTEST_PATH_SEP_ "afile").RemoveDirectoryName().string());
-}
-
-// RemoveDirectoryName "adir/subdir/afile" -> "afile"
-TEST(RemoveDirectoryNameTest, ShouldAlsoGiveFileName) {
- EXPECT_EQ("afile",
- FilePath("adir" GTEST_PATH_SEP_ "subdir" GTEST_PATH_SEP_ "afile")
- .RemoveDirectoryName().string());
-}
-
-#if GTEST_HAS_ALT_PATH_SEP_
-
-// Tests that RemoveDirectoryName() works with the alternate separator
-// on Windows.
-
-// RemoveDirectoryName("/afile") -> "afile"
-TEST(RemoveDirectoryNameTest, RootFileShouldGiveFileNameForAlternateSeparator) {
- EXPECT_EQ("afile", FilePath("/afile").RemoveDirectoryName().string());
-}
-
-// RemoveDirectoryName("adir/") -> ""
-TEST(RemoveDirectoryNameTest, WhereThereIsNoFileNameForAlternateSeparator) {
- EXPECT_EQ("", FilePath("adir/").RemoveDirectoryName().string());
-}
-
-// RemoveDirectoryName("adir/afile") -> "afile"
-TEST(RemoveDirectoryNameTest, ShouldGiveFileNameForAlternateSeparator) {
- EXPECT_EQ("afile", FilePath("adir/afile").RemoveDirectoryName().string());
-}
-
-// RemoveDirectoryName("adir/subdir/afile") -> "afile"
-TEST(RemoveDirectoryNameTest, ShouldAlsoGiveFileNameForAlternateSeparator) {
- EXPECT_EQ("afile",
- FilePath("adir/subdir/afile").RemoveDirectoryName().string());
-}
-
-#endif
-
-// RemoveFileName "" -> "./"
-TEST(RemoveFileNameTest, EmptyName) {
-#if GTEST_OS_WINDOWS_MOBILE
- // On Windows CE, we use the root as the current directory.
- EXPECT_EQ(GTEST_PATH_SEP_, FilePath("").RemoveFileName().string());
-#else
- EXPECT_EQ("." GTEST_PATH_SEP_, FilePath("").RemoveFileName().string());
-#endif
-}
-
-// RemoveFileName "adir/" -> "adir/"
-TEST(RemoveFileNameTest, ButNoFile) {
- EXPECT_EQ("adir" GTEST_PATH_SEP_,
- FilePath("adir" GTEST_PATH_SEP_).RemoveFileName().string());
-}
-
-// RemoveFileName "adir/afile" -> "adir/"
-TEST(RemoveFileNameTest, GivesDirName) {
- EXPECT_EQ("adir" GTEST_PATH_SEP_,
- FilePath("adir" GTEST_PATH_SEP_ "afile").RemoveFileName().string());
-}
-
-// RemoveFileName "adir/subdir/afile" -> "adir/subdir/"
-TEST(RemoveFileNameTest, GivesDirAndSubDirName) {
- EXPECT_EQ("adir" GTEST_PATH_SEP_ "subdir" GTEST_PATH_SEP_,
- FilePath("adir" GTEST_PATH_SEP_ "subdir" GTEST_PATH_SEP_ "afile")
- .RemoveFileName().string());
-}
-
-// RemoveFileName "/afile" -> "/"
-TEST(RemoveFileNameTest, GivesRootDir) {
- EXPECT_EQ(GTEST_PATH_SEP_,
- FilePath(GTEST_PATH_SEP_ "afile").RemoveFileName().string());
-}
-
-#if GTEST_HAS_ALT_PATH_SEP_
-
-// Tests that RemoveFileName() works with the alternate separator on
-// Windows.
-
-// RemoveFileName("adir/") -> "adir/"
-TEST(RemoveFileNameTest, ButNoFileForAlternateSeparator) {
- EXPECT_EQ("adir" GTEST_PATH_SEP_,
- FilePath("adir/").RemoveFileName().string());
-}
-
-// RemoveFileName("adir/afile") -> "adir/"
-TEST(RemoveFileNameTest, GivesDirNameForAlternateSeparator) {
- EXPECT_EQ("adir" GTEST_PATH_SEP_,
- FilePath("adir/afile").RemoveFileName().string());
-}
-
-// RemoveFileName("adir/subdir/afile") -> "adir/subdir/"
-TEST(RemoveFileNameTest, GivesDirAndSubDirNameForAlternateSeparator) {
- EXPECT_EQ("adir" GTEST_PATH_SEP_ "subdir" GTEST_PATH_SEP_,
- FilePath("adir/subdir/afile").RemoveFileName().string());
-}
-
-// RemoveFileName("/afile") -> "\"
-TEST(RemoveFileNameTest, GivesRootDirForAlternateSeparator) {
- EXPECT_EQ(GTEST_PATH_SEP_, FilePath("/afile").RemoveFileName().string());
-}
-
-#endif
-
-TEST(MakeFileNameTest, GenerateWhenNumberIsZero) {
- FilePath actual = FilePath::MakeFileName(FilePath("foo"), FilePath("bar"),
- 0, "xml");
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar.xml", actual.string());
-}
-
-TEST(MakeFileNameTest, GenerateFileNameNumberGtZero) {
- FilePath actual = FilePath::MakeFileName(FilePath("foo"), FilePath("bar"),
- 12, "xml");
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar_12.xml", actual.string());
-}
-
-TEST(MakeFileNameTest, GenerateFileNameWithSlashNumberIsZero) {
- FilePath actual = FilePath::MakeFileName(FilePath("foo" GTEST_PATH_SEP_),
- FilePath("bar"), 0, "xml");
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar.xml", actual.string());
-}
-
-TEST(MakeFileNameTest, GenerateFileNameWithSlashNumberGtZero) {
- FilePath actual = FilePath::MakeFileName(FilePath("foo" GTEST_PATH_SEP_),
- FilePath("bar"), 12, "xml");
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar_12.xml", actual.string());
-}
-
-TEST(MakeFileNameTest, GenerateWhenNumberIsZeroAndDirIsEmpty) {
- FilePath actual = FilePath::MakeFileName(FilePath(""), FilePath("bar"),
- 0, "xml");
- EXPECT_EQ("bar.xml", actual.string());
-}
-
-TEST(MakeFileNameTest, GenerateWhenNumberIsNotZeroAndDirIsEmpty) {
- FilePath actual = FilePath::MakeFileName(FilePath(""), FilePath("bar"),
- 14, "xml");
- EXPECT_EQ("bar_14.xml", actual.string());
-}
-
-TEST(ConcatPathsTest, WorksWhenDirDoesNotEndWithPathSep) {
- FilePath actual = FilePath::ConcatPaths(FilePath("foo"),
- FilePath("bar.xml"));
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar.xml", actual.string());
-}
-
-TEST(ConcatPathsTest, WorksWhenPath1EndsWithPathSep) {
- FilePath actual = FilePath::ConcatPaths(FilePath("foo" GTEST_PATH_SEP_),
- FilePath("bar.xml"));
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar.xml", actual.string());
-}
-
-TEST(ConcatPathsTest, Path1BeingEmpty) {
- FilePath actual = FilePath::ConcatPaths(FilePath(""),
- FilePath("bar.xml"));
- EXPECT_EQ("bar.xml", actual.string());
-}
-
-TEST(ConcatPathsTest, Path2BeingEmpty) {
- FilePath actual = FilePath::ConcatPaths(FilePath("foo"), FilePath(""));
- EXPECT_EQ("foo" GTEST_PATH_SEP_, actual.string());
-}
-
-TEST(ConcatPathsTest, BothPathBeingEmpty) {
- FilePath actual = FilePath::ConcatPaths(FilePath(""),
- FilePath(""));
- EXPECT_EQ("", actual.string());
-}
-
-TEST(ConcatPathsTest, Path1ContainsPathSep) {
- FilePath actual = FilePath::ConcatPaths(FilePath("foo" GTEST_PATH_SEP_ "bar"),
- FilePath("foobar.xml"));
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar" GTEST_PATH_SEP_ "foobar.xml",
- actual.string());
-}
-
-TEST(ConcatPathsTest, Path2ContainsPathSep) {
- FilePath actual = FilePath::ConcatPaths(
- FilePath("foo" GTEST_PATH_SEP_),
- FilePath("bar" GTEST_PATH_SEP_ "bar.xml"));
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar" GTEST_PATH_SEP_ "bar.xml",
- actual.string());
-}
-
-TEST(ConcatPathsTest, Path2EndsWithPathSep) {
- FilePath actual = FilePath::ConcatPaths(FilePath("foo"),
- FilePath("bar" GTEST_PATH_SEP_));
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar" GTEST_PATH_SEP_, actual.string());
-}
-
-// RemoveTrailingPathSeparator "" -> ""
-TEST(RemoveTrailingPathSeparatorTest, EmptyString) {
- EXPECT_EQ("", FilePath("").RemoveTrailingPathSeparator().string());
-}
-
-// RemoveTrailingPathSeparator "foo" -> "foo"
-TEST(RemoveTrailingPathSeparatorTest, FileNoSlashString) {
- EXPECT_EQ("foo", FilePath("foo").RemoveTrailingPathSeparator().string());
-}
-
-// RemoveTrailingPathSeparator "foo/" -> "foo"
-TEST(RemoveTrailingPathSeparatorTest, ShouldRemoveTrailingSeparator) {
- EXPECT_EQ("foo",
- FilePath("foo" GTEST_PATH_SEP_).RemoveTrailingPathSeparator().string());
-#if GTEST_HAS_ALT_PATH_SEP_
- EXPECT_EQ("foo", FilePath("foo/").RemoveTrailingPathSeparator().string());
-#endif
-}
-
-// RemoveTrailingPathSeparator "foo/bar/" -> "foo/bar/"
-TEST(RemoveTrailingPathSeparatorTest, ShouldRemoveLastSeparator) {
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar",
- FilePath("foo" GTEST_PATH_SEP_ "bar" GTEST_PATH_SEP_)
- .RemoveTrailingPathSeparator().string());
-}
-
-// RemoveTrailingPathSeparator "foo/bar" -> "foo/bar"
-TEST(RemoveTrailingPathSeparatorTest, ShouldReturnUnmodified) {
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar",
- FilePath("foo" GTEST_PATH_SEP_ "bar")
- .RemoveTrailingPathSeparator().string());
-}
-
-TEST(DirectoryTest, RootDirectoryExists) {
-#if GTEST_OS_WINDOWS // We are on Windows.
- char current_drive[_MAX_PATH]; // NOLINT
- current_drive[0] = static_cast<char>(_getdrive() + 'A' - 1);
- current_drive[1] = ':';
- current_drive[2] = '\\';
- current_drive[3] = '\0';
- EXPECT_TRUE(FilePath(current_drive).DirectoryExists());
-#else
- EXPECT_TRUE(FilePath("/").DirectoryExists());
-#endif // GTEST_OS_WINDOWS
-}
-
-#if GTEST_OS_WINDOWS
-TEST(DirectoryTest, RootOfWrongDriveDoesNotExists) {
- const int saved_drive_ = _getdrive();
- // Find a drive that doesn't exist. Start with 'Z' to avoid common ones.
- for (char drive = 'Z'; drive >= 'A'; drive--)
- if (_chdrive(drive - 'A' + 1) == -1) {
- char non_drive[_MAX_PATH]; // NOLINT
- non_drive[0] = drive;
- non_drive[1] = ':';
- non_drive[2] = '\\';
- non_drive[3] = '\0';
- EXPECT_FALSE(FilePath(non_drive).DirectoryExists());
- break;
- }
- _chdrive(saved_drive_);
-}
-#endif // GTEST_OS_WINDOWS
-
-#if !GTEST_OS_WINDOWS_MOBILE
-// Windows CE _does_ consider an empty directory to exist.
-TEST(DirectoryTest, EmptyPathDirectoryDoesNotExist) {
- EXPECT_FALSE(FilePath("").DirectoryExists());
-}
-#endif // !GTEST_OS_WINDOWS_MOBILE
-
-TEST(DirectoryTest, CurrentDirectoryExists) {
-#if GTEST_OS_WINDOWS // We are on Windows.
-# ifndef _WIN32_CE // Windows CE doesn't have a current directory.
-
- EXPECT_TRUE(FilePath(".").DirectoryExists());
- EXPECT_TRUE(FilePath(".\\").DirectoryExists());
-
-# endif // _WIN32_CE
-#else
- EXPECT_TRUE(FilePath(".").DirectoryExists());
- EXPECT_TRUE(FilePath("./").DirectoryExists());
-#endif // GTEST_OS_WINDOWS
-}
-
-// "foo/bar" == foo//bar" == "foo///bar"
-TEST(NormalizeTest, MultipleConsecutiveSepaparatorsInMidstring) {
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar",
- FilePath("foo" GTEST_PATH_SEP_ "bar").string());
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar",
- FilePath("foo" GTEST_PATH_SEP_ GTEST_PATH_SEP_ "bar").string());
- EXPECT_EQ("foo" GTEST_PATH_SEP_ "bar",
- FilePath("foo" GTEST_PATH_SEP_ GTEST_PATH_SEP_
- GTEST_PATH_SEP_ "bar").string());
-}
-
-// "/bar" == //bar" == "///bar"
-TEST(NormalizeTest, MultipleConsecutiveSepaparatorsAtStringStart) {
- EXPECT_EQ(GTEST_PATH_SEP_ "bar",
- FilePath(GTEST_PATH_SEP_ "bar").string());
- EXPECT_EQ(GTEST_PATH_SEP_ "bar",
- FilePath(GTEST_PATH_SEP_ GTEST_PATH_SEP_ "bar").string());
- EXPECT_EQ(GTEST_PATH_SEP_ "bar",
- FilePath(GTEST_PATH_SEP_ GTEST_PATH_SEP_ GTEST_PATH_SEP_ "bar").string());
-}
-
-// "foo/" == foo//" == "foo///"
-TEST(NormalizeTest, MultipleConsecutiveSepaparatorsAtStringEnd) {
- EXPECT_EQ("foo" GTEST_PATH_SEP_,
- FilePath("foo" GTEST_PATH_SEP_).string());
- EXPECT_EQ("foo" GTEST_PATH_SEP_,
- FilePath("foo" GTEST_PATH_SEP_ GTEST_PATH_SEP_).string());
- EXPECT_EQ("foo" GTEST_PATH_SEP_,
- FilePath("foo" GTEST_PATH_SEP_ GTEST_PATH_SEP_ GTEST_PATH_SEP_).string());
-}
-
-#if GTEST_HAS_ALT_PATH_SEP_
-
-// Tests that separators at the end of the string are normalized
-// regardless of their combination (e.g. "foo\" =="foo/\" ==
-// "foo\\/").
-TEST(NormalizeTest, MixAlternateSeparatorAtStringEnd) {
- EXPECT_EQ("foo" GTEST_PATH_SEP_,
- FilePath("foo/").string());
- EXPECT_EQ("foo" GTEST_PATH_SEP_,
- FilePath("foo" GTEST_PATH_SEP_ "/").string());
- EXPECT_EQ("foo" GTEST_PATH_SEP_,
- FilePath("foo//" GTEST_PATH_SEP_).string());
-}
-
-#endif
-
-TEST(AssignmentOperatorTest, DefaultAssignedToNonDefault) {
- FilePath default_path;
- FilePath non_default_path("path");
- non_default_path = default_path;
- EXPECT_EQ("", non_default_path.string());
- EXPECT_EQ("", default_path.string()); // RHS var is unchanged.
-}
-
-TEST(AssignmentOperatorTest, NonDefaultAssignedToDefault) {
- FilePath non_default_path("path");
- FilePath default_path;
- default_path = non_default_path;
- EXPECT_EQ("path", default_path.string());
- EXPECT_EQ("path", non_default_path.string()); // RHS var is unchanged.
-}
-
-TEST(AssignmentOperatorTest, ConstAssignedToNonConst) {
- const FilePath const_default_path("const_path");
- FilePath non_default_path("path");
- non_default_path = const_default_path;
- EXPECT_EQ("const_path", non_default_path.string());
-}
-
-class DirectoryCreationTest : public Test {
- protected:
- virtual void SetUp() {
- testdata_path_.Set(FilePath(
- TempDir() + GetCurrentExecutableName().string() +
- "_directory_creation" GTEST_PATH_SEP_ "test" GTEST_PATH_SEP_));
- testdata_file_.Set(testdata_path_.RemoveTrailingPathSeparator());
-
- unique_file0_.Set(FilePath::MakeFileName(testdata_path_, FilePath("unique"),
- 0, "txt"));
- unique_file1_.Set(FilePath::MakeFileName(testdata_path_, FilePath("unique"),
- 1, "txt"));
-
- remove(testdata_file_.c_str());
- remove(unique_file0_.c_str());
- remove(unique_file1_.c_str());
- posix::RmDir(testdata_path_.c_str());
- }
-
- virtual void TearDown() {
- remove(testdata_file_.c_str());
- remove(unique_file0_.c_str());
- remove(unique_file1_.c_str());
- posix::RmDir(testdata_path_.c_str());
- }
-
- std::string TempDir() const {
-#if GTEST_OS_WINDOWS_MOBILE
- return "\\temp\\";
-#elif GTEST_OS_WINDOWS
- const char* temp_dir = posix::GetEnv("TEMP");
- if (temp_dir == NULL || temp_dir[0] == '\0')
- return "\\temp\\";
- else if (temp_dir[strlen(temp_dir) - 1] == '\\')
- return temp_dir;
- else
- return std::string(temp_dir) + "\\";
-#elif GTEST_OS_LINUX_ANDROID
- return "/sdcard/";
-#else
- return "/tmp/";
-#endif // GTEST_OS_WINDOWS_MOBILE
- }
-
- void CreateTextFile(const char* filename) {
- FILE* f = posix::FOpen(filename, "w");
- fprintf(f, "text\n");
- fclose(f);
- }
-
- // Strings representing a directory and a file, with identical paths
- // except for the trailing separator character that distinquishes
- // a directory named 'test' from a file named 'test'. Example names:
- FilePath testdata_path_; // "/tmp/directory_creation/test/"
- FilePath testdata_file_; // "/tmp/directory_creation/test"
- FilePath unique_file0_; // "/tmp/directory_creation/test/unique.txt"
- FilePath unique_file1_; // "/tmp/directory_creation/test/unique_1.txt"
-};
-
-TEST_F(DirectoryCreationTest, CreateDirectoriesRecursively) {
- EXPECT_FALSE(testdata_path_.DirectoryExists()) << testdata_path_.string();
- EXPECT_TRUE(testdata_path_.CreateDirectoriesRecursively());
- EXPECT_TRUE(testdata_path_.DirectoryExists());
-}
-
-TEST_F(DirectoryCreationTest, CreateDirectoriesForAlreadyExistingPath) {
- EXPECT_FALSE(testdata_path_.DirectoryExists()) << testdata_path_.string();
- EXPECT_TRUE(testdata_path_.CreateDirectoriesRecursively());
- // Call 'create' again... should still succeed.
- EXPECT_TRUE(testdata_path_.CreateDirectoriesRecursively());
-}
-
-TEST_F(DirectoryCreationTest, CreateDirectoriesAndUniqueFilename) {
- FilePath file_path(FilePath::GenerateUniqueFileName(testdata_path_,
- FilePath("unique"), "txt"));
- EXPECT_EQ(unique_file0_.string(), file_path.string());
- EXPECT_FALSE(file_path.FileOrDirectoryExists()); // file not there
-
- testdata_path_.CreateDirectoriesRecursively();
- EXPECT_FALSE(file_path.FileOrDirectoryExists()); // file still not there
- CreateTextFile(file_path.c_str());
- EXPECT_TRUE(file_path.FileOrDirectoryExists());
-
- FilePath file_path2(FilePath::GenerateUniqueFileName(testdata_path_,
- FilePath("unique"), "txt"));
- EXPECT_EQ(unique_file1_.string(), file_path2.string());
- EXPECT_FALSE(file_path2.FileOrDirectoryExists()); // file not there
- CreateTextFile(file_path2.c_str());
- EXPECT_TRUE(file_path2.FileOrDirectoryExists());
-}
-
-TEST_F(DirectoryCreationTest, CreateDirectoriesFail) {
- // force a failure by putting a file where we will try to create a directory.
- CreateTextFile(testdata_file_.c_str());
- EXPECT_TRUE(testdata_file_.FileOrDirectoryExists());
- EXPECT_FALSE(testdata_file_.DirectoryExists());
- EXPECT_FALSE(testdata_file_.CreateDirectoriesRecursively());
-}
-
-TEST(NoDirectoryCreationTest, CreateNoDirectoriesForDefaultXmlFile) {
- const FilePath test_detail_xml("test_detail.xml");
- EXPECT_FALSE(test_detail_xml.CreateDirectoriesRecursively());
-}
-
-TEST(FilePathTest, DefaultConstructor) {
- FilePath fp;
- EXPECT_EQ("", fp.string());
-}
-
-TEST(FilePathTest, CharAndCopyConstructors) {
- const FilePath fp("spicy");
- EXPECT_EQ("spicy", fp.string());
-
- const FilePath fp_copy(fp);
- EXPECT_EQ("spicy", fp_copy.string());
-}
-
-TEST(FilePathTest, StringConstructor) {
- const FilePath fp(std::string("cider"));
- EXPECT_EQ("cider", fp.string());
-}
-
-TEST(FilePathTest, Set) {
- const FilePath apple("apple");
- FilePath mac("mac");
- mac.Set(apple); // Implement Set() since overloading operator= is forbidden.
- EXPECT_EQ("apple", mac.string());
- EXPECT_EQ("apple", apple.string());
-}
-
-TEST(FilePathTest, ToString) {
- const FilePath file("drink");
- EXPECT_EQ("drink", file.string());
-}
-
-TEST(FilePathTest, RemoveExtension) {
- EXPECT_EQ("app", FilePath("app.cc").RemoveExtension("cc").string());
- EXPECT_EQ("app", FilePath("app.exe").RemoveExtension("exe").string());
- EXPECT_EQ("APP", FilePath("APP.EXE").RemoveExtension("exe").string());
-}
-
-TEST(FilePathTest, RemoveExtensionWhenThereIsNoExtension) {
- EXPECT_EQ("app", FilePath("app").RemoveExtension("exe").string());
-}
-
-TEST(FilePathTest, IsDirectory) {
- EXPECT_FALSE(FilePath("cola").IsDirectory());
- EXPECT_TRUE(FilePath("koala" GTEST_PATH_SEP_).IsDirectory());
-#if GTEST_HAS_ALT_PATH_SEP_
- EXPECT_TRUE(FilePath("koala/").IsDirectory());
-#endif
-}
-
-TEST(FilePathTest, IsAbsolutePath) {
- EXPECT_FALSE(FilePath("is" GTEST_PATH_SEP_ "relative").IsAbsolutePath());
- EXPECT_FALSE(FilePath("").IsAbsolutePath());
-#if GTEST_OS_WINDOWS
- EXPECT_TRUE(FilePath("c:\\" GTEST_PATH_SEP_ "is_not"
- GTEST_PATH_SEP_ "relative").IsAbsolutePath());
- EXPECT_FALSE(FilePath("c:foo" GTEST_PATH_SEP_ "bar").IsAbsolutePath());
- EXPECT_TRUE(FilePath("c:/" GTEST_PATH_SEP_ "is_not"
- GTEST_PATH_SEP_ "relative").IsAbsolutePath());
-#else
- EXPECT_TRUE(FilePath(GTEST_PATH_SEP_ "is_not" GTEST_PATH_SEP_ "relative")
- .IsAbsolutePath());
-#endif // GTEST_OS_WINDOWS
-}
-
-TEST(FilePathTest, IsRootDirectory) {
-#if GTEST_OS_WINDOWS
- EXPECT_TRUE(FilePath("a:\\").IsRootDirectory());
- EXPECT_TRUE(FilePath("Z:/").IsRootDirectory());
- EXPECT_TRUE(FilePath("e://").IsRootDirectory());
- EXPECT_FALSE(FilePath("").IsRootDirectory());
- EXPECT_FALSE(FilePath("b:").IsRootDirectory());
- EXPECT_FALSE(FilePath("b:a").IsRootDirectory());
- EXPECT_FALSE(FilePath("8:/").IsRootDirectory());
- EXPECT_FALSE(FilePath("c|/").IsRootDirectory());
-#else
- EXPECT_TRUE(FilePath("/").IsRootDirectory());
- EXPECT_TRUE(FilePath("//").IsRootDirectory());
- EXPECT_FALSE(FilePath("").IsRootDirectory());
- EXPECT_FALSE(FilePath("\\").IsRootDirectory());
- EXPECT_FALSE(FilePath("/x").IsRootDirectory());
-#endif
-}
-
-} // namespace
-} // namespace internal
-} // namespace testing
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-linked_ptr_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-linked_ptr_test.cc
deleted file mode 100644
index 6fcf5124a..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-linked_ptr_test.cc
+++ /dev/null
@@ -1,154 +0,0 @@
-// Copyright 2003, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Authors: Dan Egnor (egnor@google.com)
-// Ported to Windows: Vadim Berman (vadimb@google.com)
-
-#include "gtest/internal/gtest-linked_ptr.h"
-
-#include <stdlib.h>
-#include "gtest/gtest.h"
-
-namespace {
-
-using testing::Message;
-using testing::internal::linked_ptr;
-
-int num;
-Message* history = NULL;
-
-// Class which tracks allocation/deallocation
-class A {
- public:
- A(): mynum(num++) { *history << "A" << mynum << " ctor\n"; }
- virtual ~A() { *history << "A" << mynum << " dtor\n"; }
- virtual void Use() { *history << "A" << mynum << " use\n"; }
- protected:
- int mynum;
-};
-
-// Subclass
-class B : public A {
- public:
- B() { *history << "B" << mynum << " ctor\n"; }
- ~B() { *history << "B" << mynum << " dtor\n"; }
- virtual void Use() { *history << "B" << mynum << " use\n"; }
-};
-
-class LinkedPtrTest : public testing::Test {
- public:
- LinkedPtrTest() {
- num = 0;
- history = new Message;
- }
-
- virtual ~LinkedPtrTest() {
- delete history;
- history = NULL;
- }
-};
-
-TEST_F(LinkedPtrTest, GeneralTest) {
- {
- linked_ptr<A> a0, a1, a2;
- // Use explicit function call notation here to suppress self-assign warning.
- a0.operator=(a0);
- a1 = a2;
- ASSERT_EQ(a0.get(), static_cast<A*>(NULL));
- ASSERT_EQ(a1.get(), static_cast<A*>(NULL));
- ASSERT_EQ(a2.get(), static_cast<A*>(NULL));
- ASSERT_TRUE(a0 == NULL);
- ASSERT_TRUE(a1 == NULL);
- ASSERT_TRUE(a2 == NULL);
-
- {
- linked_ptr<A> a3(new A);
- a0 = a3;
- ASSERT_TRUE(a0 == a3);
- ASSERT_TRUE(a0 != NULL);
- ASSERT_TRUE(a0.get() == a3);
- ASSERT_TRUE(a0 == a3.get());
- linked_ptr<A> a4(a0);
- a1 = a4;
- linked_ptr<A> a5(new A);
- ASSERT_TRUE(a5.get() != a3);
- ASSERT_TRUE(a5 != a3.get());
- a2 = a5;
- linked_ptr<B> b0(new B);
- linked_ptr<A> a6(b0);
- ASSERT_TRUE(b0 == a6);
- ASSERT_TRUE(a6 == b0);
- ASSERT_TRUE(b0 != NULL);
- a5 = b0;
- a5 = b0;
- a3->Use();
- a4->Use();
- a5->Use();
- a6->Use();
- b0->Use();
- (*b0).Use();
- b0.get()->Use();
- }
-
- a0->Use();
- a1->Use();
- a2->Use();
-
- a1 = a2;
- a2.reset(new A);
- a0.reset();
-
- linked_ptr<A> a7;
- }
-
- ASSERT_STREQ(
- "A0 ctor\n"
- "A1 ctor\n"
- "A2 ctor\n"
- "B2 ctor\n"
- "A0 use\n"
- "A0 use\n"
- "B2 use\n"
- "B2 use\n"
- "B2 use\n"
- "B2 use\n"
- "B2 use\n"
- "B2 dtor\n"
- "A2 dtor\n"
- "A0 use\n"
- "A0 use\n"
- "A1 use\n"
- "A3 ctor\n"
- "A0 dtor\n"
- "A3 dtor\n"
- "A1 dtor\n",
- history->GetString().c_str());
-}
-
-} // Unnamed namespace
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-listener_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-listener_test.cc
deleted file mode 100644
index 99662cff3..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-listener_test.cc
+++ /dev/null
@@ -1,310 +0,0 @@
-// Copyright 2009 Google Inc. All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: vladl@google.com (Vlad Losev)
-//
-// The Google C++ Testing Framework (Google Test)
-//
-// This file verifies Google Test event listeners receive events at the
-// right times.
-
-#include "gtest/gtest.h"
-#include <vector>
-
-using ::testing::AddGlobalTestEnvironment;
-using ::testing::Environment;
-using ::testing::InitGoogleTest;
-using ::testing::Test;
-using ::testing::TestCase;
-using ::testing::TestEventListener;
-using ::testing::TestInfo;
-using ::testing::TestPartResult;
-using ::testing::UnitTest;
-
-// Used by tests to register their events.
-std::vector<std::string>* g_events = NULL;
-
-namespace testing {
-namespace internal {
-
-class EventRecordingListener : public TestEventListener {
- public:
- explicit EventRecordingListener(const char* name) : name_(name) {}
-
- protected:
- virtual void OnTestProgramStart(const UnitTest& /*unit_test*/) {
- g_events->push_back(GetFullMethodName("OnTestProgramStart"));
- }
-
- virtual void OnTestIterationStart(const UnitTest& /*unit_test*/,
- int iteration) {
- Message message;
- message << GetFullMethodName("OnTestIterationStart")
- << "(" << iteration << ")";
- g_events->push_back(message.GetString());
- }
-
- virtual void OnEnvironmentsSetUpStart(const UnitTest& /*unit_test*/) {
- g_events->push_back(GetFullMethodName("OnEnvironmentsSetUpStart"));
- }
-
- virtual void OnEnvironmentsSetUpEnd(const UnitTest& /*unit_test*/) {
- g_events->push_back(GetFullMethodName("OnEnvironmentsSetUpEnd"));
- }
-
- virtual void OnTestCaseStart(const TestCase& /*test_case*/) {
- g_events->push_back(GetFullMethodName("OnTestCaseStart"));
- }
-
- virtual void OnTestStart(const TestInfo& /*test_info*/) {
- g_events->push_back(GetFullMethodName("OnTestStart"));
- }
-
- virtual void OnTestPartResult(const TestPartResult& /*test_part_result*/) {
- g_events->push_back(GetFullMethodName("OnTestPartResult"));
- }
-
- virtual void OnTestEnd(const TestInfo& /*test_info*/) {
- g_events->push_back(GetFullMethodName("OnTestEnd"));
- }
-
- virtual void OnTestCaseEnd(const TestCase& /*test_case*/) {
- g_events->push_back(GetFullMethodName("OnTestCaseEnd"));
- }
-
- virtual void OnEnvironmentsTearDownStart(const UnitTest& /*unit_test*/) {
- g_events->push_back(GetFullMethodName("OnEnvironmentsTearDownStart"));
- }
-
- virtual void OnEnvironmentsTearDownEnd(const UnitTest& /*unit_test*/) {
- g_events->push_back(GetFullMethodName("OnEnvironmentsTearDownEnd"));
- }
-
- virtual void OnTestIterationEnd(const UnitTest& /*unit_test*/,
- int iteration) {
- Message message;
- message << GetFullMethodName("OnTestIterationEnd")
- << "(" << iteration << ")";
- g_events->push_back(message.GetString());
- }
-
- virtual void OnTestProgramEnd(const UnitTest& /*unit_test*/) {
- g_events->push_back(GetFullMethodName("OnTestProgramEnd"));
- }
-
- private:
- std::string GetFullMethodName(const char* name) {
- return name_ + "." + name;
- }
-
- std::string name_;
-};
-
-class EnvironmentInvocationCatcher : public Environment {
- protected:
- virtual void SetUp() {
- g_events->push_back("Environment::SetUp");
- }
-
- virtual void TearDown() {
- g_events->push_back("Environment::TearDown");
- }
-};
-
-class ListenerTest : public Test {
- protected:
- static void SetUpTestCase() {
- g_events->push_back("ListenerTest::SetUpTestCase");
- }
-
- static void TearDownTestCase() {
- g_events->push_back("ListenerTest::TearDownTestCase");
- }
-
- virtual void SetUp() {
- g_events->push_back("ListenerTest::SetUp");
- }
-
- virtual void TearDown() {
- g_events->push_back("ListenerTest::TearDown");
- }
-};
-
-TEST_F(ListenerTest, DoesFoo) {
- // Test execution order within a test case is not guaranteed so we are not
- // recording the test name.
- g_events->push_back("ListenerTest::* Test Body");
- SUCCEED(); // Triggers OnTestPartResult.
-}
-
-TEST_F(ListenerTest, DoesBar) {
- g_events->push_back("ListenerTest::* Test Body");
- SUCCEED(); // Triggers OnTestPartResult.
-}
-
-} // namespace internal
-
-} // namespace testing
-
-using ::testing::internal::EnvironmentInvocationCatcher;
-using ::testing::internal::EventRecordingListener;
-
-void VerifyResults(const std::vector<std::string>& data,
- const char* const* expected_data,
- int expected_data_size) {
- const int actual_size = data.size();
- // If the following assertion fails, a new entry will be appended to
- // data. Hence we save data.size() first.
- EXPECT_EQ(expected_data_size, actual_size);
-
- // Compares the common prefix.
- const int shorter_size = expected_data_size <= actual_size ?
- expected_data_size : actual_size;
- int i = 0;
- for (; i < shorter_size; ++i) {
- ASSERT_STREQ(expected_data[i], data[i].c_str())
- << "at position " << i;
- }
-
- // Prints extra elements in the actual data.
- for (; i < actual_size; ++i) {
- printf(" Actual event #%d: %s\n", i, data[i].c_str());
- }
-}
-
-int main(int argc, char **argv) {
- std::vector<std::string> events;
- g_events = &events;
- InitGoogleTest(&argc, argv);
-
- UnitTest::GetInstance()->listeners().Append(
- new EventRecordingListener("1st"));
- UnitTest::GetInstance()->listeners().Append(
- new EventRecordingListener("2nd"));
-
- AddGlobalTestEnvironment(new EnvironmentInvocationCatcher);
-
- GTEST_CHECK_(events.size() == 0)
- << "AddGlobalTestEnvironment should not generate any events itself.";
-
- ::testing::GTEST_FLAG(repeat) = 2;
- int ret_val = RUN_ALL_TESTS();
-
- const char* const expected_events[] = {
- "1st.OnTestProgramStart",
- "2nd.OnTestProgramStart",
- "1st.OnTestIterationStart(0)",
- "2nd.OnTestIterationStart(0)",
- "1st.OnEnvironmentsSetUpStart",
- "2nd.OnEnvironmentsSetUpStart",
- "Environment::SetUp",
- "2nd.OnEnvironmentsSetUpEnd",
- "1st.OnEnvironmentsSetUpEnd",
- "1st.OnTestCaseStart",
- "2nd.OnTestCaseStart",
- "ListenerTest::SetUpTestCase",
- "1st.OnTestStart",
- "2nd.OnTestStart",
- "ListenerTest::SetUp",
- "ListenerTest::* Test Body",
- "1st.OnTestPartResult",
- "2nd.OnTestPartResult",
- "ListenerTest::TearDown",
- "2nd.OnTestEnd",
- "1st.OnTestEnd",
- "1st.OnTestStart",
- "2nd.OnTestStart",
- "ListenerTest::SetUp",
- "ListenerTest::* Test Body",
- "1st.OnTestPartResult",
- "2nd.OnTestPartResult",
- "ListenerTest::TearDown",
- "2nd.OnTestEnd",
- "1st.OnTestEnd",
- "ListenerTest::TearDownTestCase",
- "2nd.OnTestCaseEnd",
- "1st.OnTestCaseEnd",
- "1st.OnEnvironmentsTearDownStart",
- "2nd.OnEnvironmentsTearDownStart",
- "Environment::TearDown",
- "2nd.OnEnvironmentsTearDownEnd",
- "1st.OnEnvironmentsTearDownEnd",
- "2nd.OnTestIterationEnd(0)",
- "1st.OnTestIterationEnd(0)",
- "1st.OnTestIterationStart(1)",
- "2nd.OnTestIterationStart(1)",
- "1st.OnEnvironmentsSetUpStart",
- "2nd.OnEnvironmentsSetUpStart",
- "Environment::SetUp",
- "2nd.OnEnvironmentsSetUpEnd",
- "1st.OnEnvironmentsSetUpEnd",
- "1st.OnTestCaseStart",
- "2nd.OnTestCaseStart",
- "ListenerTest::SetUpTestCase",
- "1st.OnTestStart",
- "2nd.OnTestStart",
- "ListenerTest::SetUp",
- "ListenerTest::* Test Body",
- "1st.OnTestPartResult",
- "2nd.OnTestPartResult",
- "ListenerTest::TearDown",
- "2nd.OnTestEnd",
- "1st.OnTestEnd",
- "1st.OnTestStart",
- "2nd.OnTestStart",
- "ListenerTest::SetUp",
- "ListenerTest::* Test Body",
- "1st.OnTestPartResult",
- "2nd.OnTestPartResult",
- "ListenerTest::TearDown",
- "2nd.OnTestEnd",
- "1st.OnTestEnd",
- "ListenerTest::TearDownTestCase",
- "2nd.OnTestCaseEnd",
- "1st.OnTestCaseEnd",
- "1st.OnEnvironmentsTearDownStart",
- "2nd.OnEnvironmentsTearDownStart",
- "Environment::TearDown",
- "2nd.OnEnvironmentsTearDownEnd",
- "1st.OnEnvironmentsTearDownEnd",
- "2nd.OnTestIterationEnd(1)",
- "1st.OnTestIterationEnd(1)",
- "2nd.OnTestProgramEnd",
- "1st.OnTestProgramEnd"
- };
- VerifyResults(events,
- expected_events,
- sizeof(expected_events)/sizeof(expected_events[0]));
-
- // We need to check manually for ad hoc test failures that happen after
- // RUN_ALL_TESTS finishes.
- if (UnitTest::GetInstance()->Failed())
- ret_val = 1;
-
- return ret_val;
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-message_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-message_test.cc
deleted file mode 100644
index 175238ef4..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-message_test.cc
+++ /dev/null
@@ -1,159 +0,0 @@
-// Copyright 2005, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-//
-// Tests for the Message class.
-
-#include "gtest/gtest-message.h"
-
-#include "gtest/gtest.h"
-
-namespace {
-
-using ::testing::Message;
-
-// Tests the testing::Message class
-
-// Tests the default constructor.
-TEST(MessageTest, DefaultConstructor) {
- const Message msg;
- EXPECT_EQ("", msg.GetString());
-}
-
-// Tests the copy constructor.
-TEST(MessageTest, CopyConstructor) {
- const Message msg1("Hello");
- const Message msg2(msg1);
- EXPECT_EQ("Hello", msg2.GetString());
-}
-
-// Tests constructing a Message from a C-string.
-TEST(MessageTest, ConstructsFromCString) {
- Message msg("Hello");
- EXPECT_EQ("Hello", msg.GetString());
-}
-
-// Tests streaming a float.
-TEST(MessageTest, StreamsFloat) {
- const std::string s = (Message() << 1.23456F << " " << 2.34567F).GetString();
- // Both numbers should be printed with enough precision.
- EXPECT_PRED_FORMAT2(testing::IsSubstring, "1.234560", s.c_str());
- EXPECT_PRED_FORMAT2(testing::IsSubstring, " 2.345669", s.c_str());
-}
-
-// Tests streaming a double.
-TEST(MessageTest, StreamsDouble) {
- const std::string s = (Message() << 1260570880.4555497 << " "
- << 1260572265.1954534).GetString();
- // Both numbers should be printed with enough precision.
- EXPECT_PRED_FORMAT2(testing::IsSubstring, "1260570880.45", s.c_str());
- EXPECT_PRED_FORMAT2(testing::IsSubstring, " 1260572265.19", s.c_str());
-}
-
-// Tests streaming a non-char pointer.
-TEST(MessageTest, StreamsPointer) {
- int n = 0;
- int* p = &n;
- EXPECT_NE("(null)", (Message() << p).GetString());
-}
-
-// Tests streaming a NULL non-char pointer.
-TEST(MessageTest, StreamsNullPointer) {
- int* p = NULL;
- EXPECT_EQ("(null)", (Message() << p).GetString());
-}
-
-// Tests streaming a C string.
-TEST(MessageTest, StreamsCString) {
- EXPECT_EQ("Foo", (Message() << "Foo").GetString());
-}
-
-// Tests streaming a NULL C string.
-TEST(MessageTest, StreamsNullCString) {
- char* p = NULL;
- EXPECT_EQ("(null)", (Message() << p).GetString());
-}
-
-// Tests streaming std::string.
-TEST(MessageTest, StreamsString) {
- const ::std::string str("Hello");
- EXPECT_EQ("Hello", (Message() << str).GetString());
-}
-
-// Tests that we can output strings containing embedded NULs.
-TEST(MessageTest, StreamsStringWithEmbeddedNUL) {
- const char char_array_with_nul[] =
- "Here's a NUL\0 and some more string";
- const ::std::string string_with_nul(char_array_with_nul,
- sizeof(char_array_with_nul) - 1);
- EXPECT_EQ("Here's a NUL\\0 and some more string",
- (Message() << string_with_nul).GetString());
-}
-
-// Tests streaming a NUL char.
-TEST(MessageTest, StreamsNULChar) {
- EXPECT_EQ("\\0", (Message() << '\0').GetString());
-}
-
-// Tests streaming int.
-TEST(MessageTest, StreamsInt) {
- EXPECT_EQ("123", (Message() << 123).GetString());
-}
-
-// Tests that basic IO manipulators (endl, ends, and flush) can be
-// streamed to Message.
-TEST(MessageTest, StreamsBasicIoManip) {
- EXPECT_EQ("Line 1.\nA NUL char \\0 in line 2.",
- (Message() << "Line 1." << std::endl
- << "A NUL char " << std::ends << std::flush
- << " in line 2.").GetString());
-}
-
-// Tests Message::GetString()
-TEST(MessageTest, GetString) {
- Message msg;
- msg << 1 << " lamb";
- EXPECT_EQ("1 lamb", msg.GetString());
-}
-
-// Tests streaming a Message object to an ostream.
-TEST(MessageTest, StreamsToOStream) {
- Message msg("Hello");
- ::std::stringstream ss;
- ss << msg;
- EXPECT_EQ("Hello", testing::internal::StringStreamToString(&ss));
-}
-
-// Tests that a Message object doesn't take up too much stack space.
-TEST(MessageTest, DoesNotTakeUpMuchStackSpace) {
- EXPECT_LE(sizeof(Message), 16U);
-}
-
-} // namespace
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-options_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-options_test.cc
deleted file mode 100644
index 5586dc3b1..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-options_test.cc
+++ /dev/null
@@ -1,215 +0,0 @@
-// Copyright 2008, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Authors: keith.ray@gmail.com (Keith Ray)
-//
-// Google Test UnitTestOptions tests
-//
-// This file tests classes and functions used internally by
-// Google Test. They are subject to change without notice.
-//
-// This file is #included from gtest.cc, to avoid changing build or
-// make-files on Windows and other platforms. Do not #include this file
-// anywhere else!
-
-#include "gtest/gtest.h"
-
-#if GTEST_OS_WINDOWS_MOBILE
-# include <windows.h>
-#elif GTEST_OS_WINDOWS
-# include <direct.h>
-#endif // GTEST_OS_WINDOWS_MOBILE
-
-// Indicates that this translation unit is part of Google Test's
-// implementation. It must come before gtest-internal-inl.h is
-// included, or there will be a compiler error. This trick is to
-// prevent a user from accidentally including gtest-internal-inl.h in
-// his code.
-#define GTEST_IMPLEMENTATION_ 1
-#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
-
-namespace testing {
-namespace internal {
-namespace {
-
-// Turns the given relative path into an absolute path.
-FilePath GetAbsolutePathOf(const FilePath& relative_path) {
- return FilePath::ConcatPaths(FilePath::GetCurrentDir(), relative_path);
-}
-
-// Testing UnitTestOptions::GetOutputFormat/GetOutputFile.
-
-TEST(XmlOutputTest, GetOutputFormatDefault) {
- GTEST_FLAG(output) = "";
- EXPECT_STREQ("", UnitTestOptions::GetOutputFormat().c_str());
-}
-
-TEST(XmlOutputTest, GetOutputFormat) {
- GTEST_FLAG(output) = "xml:filename";
- EXPECT_STREQ("xml", UnitTestOptions::GetOutputFormat().c_str());
-}
-
-TEST(XmlOutputTest, GetOutputFileDefault) {
- GTEST_FLAG(output) = "";
- EXPECT_EQ(GetAbsolutePathOf(FilePath("test_detail.xml")).string(),
- UnitTestOptions::GetAbsolutePathToOutputFile());
-}
-
-TEST(XmlOutputTest, GetOutputFileSingleFile) {
- GTEST_FLAG(output) = "xml:filename.abc";
- EXPECT_EQ(GetAbsolutePathOf(FilePath("filename.abc")).string(),
- UnitTestOptions::GetAbsolutePathToOutputFile());
-}
-
-TEST(XmlOutputTest, GetOutputFileFromDirectoryPath) {
- GTEST_FLAG(output) = "xml:path" GTEST_PATH_SEP_;
- const std::string expected_output_file =
- GetAbsolutePathOf(
- FilePath(std::string("path") + GTEST_PATH_SEP_ +
- GetCurrentExecutableName().string() + ".xml")).string();
- const std::string& output_file =
- UnitTestOptions::GetAbsolutePathToOutputFile();
-#if GTEST_OS_WINDOWS
- EXPECT_STRCASEEQ(expected_output_file.c_str(), output_file.c_str());
-#else
- EXPECT_EQ(expected_output_file, output_file.c_str());
-#endif
-}
-
-TEST(OutputFileHelpersTest, GetCurrentExecutableName) {
- const std::string exe_str = GetCurrentExecutableName().string();
-#if GTEST_OS_WINDOWS
- const bool success =
- _strcmpi("gtest-options_test", exe_str.c_str()) == 0 ||
- _strcmpi("gtest-options-ex_test", exe_str.c_str()) == 0 ||
- _strcmpi("gtest_all_test", exe_str.c_str()) == 0 ||
- _strcmpi("gtest_dll_test", exe_str.c_str()) == 0;
-#else
- // TODO(wan@google.com): remove the hard-coded "lt-" prefix when
- // Chandler Carruth's libtool replacement is ready.
- const bool success =
- exe_str == "gtest-options_test" ||
- exe_str == "gtest_all_test" ||
- exe_str == "lt-gtest_all_test" ||
- exe_str == "gtest_dll_test";
-#endif // GTEST_OS_WINDOWS
- if (!success)
- FAIL() << "GetCurrentExecutableName() returns " << exe_str;
-}
-
-class XmlOutputChangeDirTest : public Test {
- protected:
- virtual void SetUp() {
- original_working_dir_ = FilePath::GetCurrentDir();
- posix::ChDir("..");
- // This will make the test fail if run from the root directory.
- EXPECT_NE(original_working_dir_.string(),
- FilePath::GetCurrentDir().string());
- }
-
- virtual void TearDown() {
- posix::ChDir(original_working_dir_.string().c_str());
- }
-
- FilePath original_working_dir_;
-};
-
-TEST_F(XmlOutputChangeDirTest, PreserveOriginalWorkingDirWithDefault) {
- GTEST_FLAG(output) = "";
- EXPECT_EQ(FilePath::ConcatPaths(original_working_dir_,
- FilePath("test_detail.xml")).string(),
- UnitTestOptions::GetAbsolutePathToOutputFile());
-}
-
-TEST_F(XmlOutputChangeDirTest, PreserveOriginalWorkingDirWithDefaultXML) {
- GTEST_FLAG(output) = "xml";
- EXPECT_EQ(FilePath::ConcatPaths(original_working_dir_,
- FilePath("test_detail.xml")).string(),
- UnitTestOptions::GetAbsolutePathToOutputFile());
-}
-
-TEST_F(XmlOutputChangeDirTest, PreserveOriginalWorkingDirWithRelativeFile) {
- GTEST_FLAG(output) = "xml:filename.abc";
- EXPECT_EQ(FilePath::ConcatPaths(original_working_dir_,
- FilePath("filename.abc")).string(),
- UnitTestOptions::GetAbsolutePathToOutputFile());
-}
-
-TEST_F(XmlOutputChangeDirTest, PreserveOriginalWorkingDirWithRelativePath) {
- GTEST_FLAG(output) = "xml:path" GTEST_PATH_SEP_;
- const std::string expected_output_file =
- FilePath::ConcatPaths(
- original_working_dir_,
- FilePath(std::string("path") + GTEST_PATH_SEP_ +
- GetCurrentExecutableName().string() + ".xml")).string();
- const std::string& output_file =
- UnitTestOptions::GetAbsolutePathToOutputFile();
-#if GTEST_OS_WINDOWS
- EXPECT_STRCASEEQ(expected_output_file.c_str(), output_file.c_str());
-#else
- EXPECT_EQ(expected_output_file, output_file.c_str());
-#endif
-}
-
-TEST_F(XmlOutputChangeDirTest, PreserveOriginalWorkingDirWithAbsoluteFile) {
-#if GTEST_OS_WINDOWS
- GTEST_FLAG(output) = "xml:c:\\tmp\\filename.abc";
- EXPECT_EQ(FilePath("c:\\tmp\\filename.abc").string(),
- UnitTestOptions::GetAbsolutePathToOutputFile());
-#else
- GTEST_FLAG(output) ="xml:/tmp/filename.abc";
- EXPECT_EQ(FilePath("/tmp/filename.abc").string(),
- UnitTestOptions::GetAbsolutePathToOutputFile());
-#endif
-}
-
-TEST_F(XmlOutputChangeDirTest, PreserveOriginalWorkingDirWithAbsolutePath) {
-#if GTEST_OS_WINDOWS
- const std::string path = "c:\\tmp\\";
-#else
- const std::string path = "/tmp/";
-#endif
-
- GTEST_FLAG(output) = "xml:" + path;
- const std::string expected_output_file =
- path + GetCurrentExecutableName().string() + ".xml";
- const std::string& output_file =
- UnitTestOptions::GetAbsolutePathToOutputFile();
-
-#if GTEST_OS_WINDOWS
- EXPECT_STRCASEEQ(expected_output_file.c_str(), output_file.c_str());
-#else
- EXPECT_EQ(expected_output_file, output_file.c_str());
-#endif
-}
-
-} // namespace
-} // namespace internal
-} // namespace testing
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-param-test2_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-param-test2_test.cc
deleted file mode 100644
index 4a782fe70..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-param-test2_test.cc
+++ /dev/null
@@ -1,65 +0,0 @@
-// Copyright 2008, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: vladl@google.com (Vlad Losev)
-//
-// Tests for Google Test itself. This verifies that the basic constructs of
-// Google Test work.
-
-#include "gtest/gtest.h"
-
-#include "test/gtest-param-test_test.h"
-
-#if GTEST_HAS_PARAM_TEST
-
-using ::testing::Values;
-using ::testing::internal::ParamGenerator;
-
-// Tests that generators defined in a different translation unit
-// are functional. The test using extern_gen is defined
-// in gtest-param-test_test.cc.
-ParamGenerator<int> extern_gen = Values(33);
-
-// Tests that a parameterized test case can be defined in one translation unit
-// and instantiated in another. The test is defined in gtest-param-test_test.cc
-// and ExternalInstantiationTest fixture class is defined in
-// gtest-param-test_test.h.
-INSTANTIATE_TEST_CASE_P(MultiplesOf33,
- ExternalInstantiationTest,
- Values(33, 66));
-
-// Tests that a parameterized test case can be instantiated
-// in multiple translation units. Another instantiation is defined
-// in gtest-param-test_test.cc and InstantiationInMultipleTranslaionUnitsTest
-// fixture is defined in gtest-param-test_test.h
-INSTANTIATE_TEST_CASE_P(Sequence2,
- InstantiationInMultipleTranslaionUnitsTest,
- Values(42*3, 42*4, 42*5));
-
-#endif // GTEST_HAS_PARAM_TEST
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-param-test_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-param-test_test.cc
deleted file mode 100644
index cc1dc65fb..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-param-test_test.cc
+++ /dev/null
@@ -1,904 +0,0 @@
-// Copyright 2008, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: vladl@google.com (Vlad Losev)
-//
-// Tests for Google Test itself. This file verifies that the parameter
-// generators objects produce correct parameter sequences and that
-// Google Test runtime instantiates correct tests from those sequences.
-
-#include "gtest/gtest.h"
-
-#if GTEST_HAS_PARAM_TEST
-
-# include <algorithm>
-# include <iostream>
-# include <list>
-# include <sstream>
-# include <string>
-# include <vector>
-
-// To include gtest-internal-inl.h.
-# define GTEST_IMPLEMENTATION_ 1
-# include "src/gtest-internal-inl.h" // for UnitTestOptions
-# undef GTEST_IMPLEMENTATION_
-
-# include "test/gtest-param-test_test.h"
-
-using ::std::vector;
-using ::std::sort;
-
-using ::testing::AddGlobalTestEnvironment;
-using ::testing::Bool;
-using ::testing::Message;
-using ::testing::Range;
-using ::testing::TestWithParam;
-using ::testing::Values;
-using ::testing::ValuesIn;
-
-# if GTEST_HAS_COMBINE
-using ::testing::Combine;
-using ::testing::get;
-using ::testing::make_tuple;
-using ::testing::tuple;
-# endif // GTEST_HAS_COMBINE
-
-using ::testing::internal::ParamGenerator;
-using ::testing::internal::UnitTestOptions;
-
-// Prints a value to a string.
-//
-// TODO(wan@google.com): remove PrintValue() when we move matchers and
-// EXPECT_THAT() from Google Mock to Google Test. At that time, we
-// can write EXPECT_THAT(x, Eq(y)) to compare two tuples x and y, as
-// EXPECT_THAT() and the matchers know how to print tuples.
-template <typename T>
-::std::string PrintValue(const T& value) {
- ::std::stringstream stream;
- stream << value;
- return stream.str();
-}
-
-# if GTEST_HAS_COMBINE
-
-// These overloads allow printing tuples in our tests. We cannot
-// define an operator<< for tuples, as that definition needs to be in
-// the std namespace in order to be picked up by Google Test via
-// Argument-Dependent Lookup, yet defining anything in the std
-// namespace in non-STL code is undefined behavior.
-
-template <typename T1, typename T2>
-::std::string PrintValue(const tuple<T1, T2>& value) {
- ::std::stringstream stream;
- stream << "(" << get<0>(value) << ", " << get<1>(value) << ")";
- return stream.str();
-}
-
-template <typename T1, typename T2, typename T3>
-::std::string PrintValue(const tuple<T1, T2, T3>& value) {
- ::std::stringstream stream;
- stream << "(" << get<0>(value) << ", " << get<1>(value)
- << ", "<< get<2>(value) << ")";
- return stream.str();
-}
-
-template <typename T1, typename T2, typename T3, typename T4, typename T5,
- typename T6, typename T7, typename T8, typename T9, typename T10>
-::std::string PrintValue(
- const tuple<T1, T2, T3, T4, T5, T6, T7, T8, T9, T10>& value) {
- ::std::stringstream stream;
- stream << "(" << get<0>(value) << ", " << get<1>(value)
- << ", "<< get<2>(value) << ", " << get<3>(value)
- << ", "<< get<4>(value) << ", " << get<5>(value)
- << ", "<< get<6>(value) << ", " << get<7>(value)
- << ", "<< get<8>(value) << ", " << get<9>(value) << ")";
- return stream.str();
-}
-
-# endif // GTEST_HAS_COMBINE
-
-// Verifies that a sequence generated by the generator and accessed
-// via the iterator object matches the expected one using Google Test
-// assertions.
-template <typename T, size_t N>
-void VerifyGenerator(const ParamGenerator<T>& generator,
- const T (&expected_values)[N]) {
- typename ParamGenerator<T>::iterator it = generator.begin();
- for (size_t i = 0; i < N; ++i) {
- ASSERT_FALSE(it == generator.end())
- << "At element " << i << " when accessing via an iterator "
- << "created with the copy constructor.\n";
- // We cannot use EXPECT_EQ() here as the values may be tuples,
- // which don't support <<.
- EXPECT_TRUE(expected_values[i] == *it)
- << "where i is " << i
- << ", expected_values[i] is " << PrintValue(expected_values[i])
- << ", *it is " << PrintValue(*it)
- << ", and 'it' is an iterator created with the copy constructor.\n";
- it++;
- }
- EXPECT_TRUE(it == generator.end())
- << "At the presumed end of sequence when accessing via an iterator "
- << "created with the copy constructor.\n";
-
- // Test the iterator assignment. The following lines verify that
- // the sequence accessed via an iterator initialized via the
- // assignment operator (as opposed to a copy constructor) matches
- // just the same.
- it = generator.begin();
- for (size_t i = 0; i < N; ++i) {
- ASSERT_FALSE(it == generator.end())
- << "At element " << i << " when accessing via an iterator "
- << "created with the assignment operator.\n";
- EXPECT_TRUE(expected_values[i] == *it)
- << "where i is " << i
- << ", expected_values[i] is " << PrintValue(expected_values[i])
- << ", *it is " << PrintValue(*it)
- << ", and 'it' is an iterator created with the copy constructor.\n";
- it++;
- }
- EXPECT_TRUE(it == generator.end())
- << "At the presumed end of sequence when accessing via an iterator "
- << "created with the assignment operator.\n";
-}
-
-template <typename T>
-void VerifyGeneratorIsEmpty(const ParamGenerator<T>& generator) {
- typename ParamGenerator<T>::iterator it = generator.begin();
- EXPECT_TRUE(it == generator.end());
-
- it = generator.begin();
- EXPECT_TRUE(it == generator.end());
-}
-
-// Generator tests. They test that each of the provided generator functions
-// generates an expected sequence of values. The general test pattern
-// instantiates a generator using one of the generator functions,
-// checks the sequence produced by the generator using its iterator API,
-// and then resets the iterator back to the beginning of the sequence
-// and checks the sequence again.
-
-// Tests that iterators produced by generator functions conform to the
-// ForwardIterator concept.
-TEST(IteratorTest, ParamIteratorConformsToForwardIteratorConcept) {
- const ParamGenerator<int> gen = Range(0, 10);
- ParamGenerator<int>::iterator it = gen.begin();
-
- // Verifies that iterator initialization works as expected.
- ParamGenerator<int>::iterator it2 = it;
- EXPECT_TRUE(*it == *it2) << "Initialized iterators must point to the "
- << "element same as its source points to";
-
- // Verifies that iterator assignment works as expected.
- it++;
- EXPECT_FALSE(*it == *it2);
- it2 = it;
- EXPECT_TRUE(*it == *it2) << "Assigned iterators must point to the "
- << "element same as its source points to";
-
- // Verifies that prefix operator++() returns *this.
- EXPECT_EQ(&it, &(++it)) << "Result of the prefix operator++ must be "
- << "refer to the original object";
-
- // Verifies that the result of the postfix operator++ points to the value
- // pointed to by the original iterator.
- int original_value = *it; // Have to compute it outside of macro call to be
- // unaffected by the parameter evaluation order.
- EXPECT_EQ(original_value, *(it++));
-
- // Verifies that prefix and postfix operator++() advance an iterator
- // all the same.
- it2 = it;
- it++;
- ++it2;
- EXPECT_TRUE(*it == *it2);
-}
-
-// Tests that Range() generates the expected sequence.
-TEST(RangeTest, IntRangeWithDefaultStep) {
- const ParamGenerator<int> gen = Range(0, 3);
- const int expected_values[] = {0, 1, 2};
- VerifyGenerator(gen, expected_values);
-}
-
-// Edge case. Tests that Range() generates the single element sequence
-// as expected when provided with range limits that are equal.
-TEST(RangeTest, IntRangeSingleValue) {
- const ParamGenerator<int> gen = Range(0, 1);
- const int expected_values[] = {0};
- VerifyGenerator(gen, expected_values);
-}
-
-// Edge case. Tests that Range() with generates empty sequence when
-// supplied with an empty range.
-TEST(RangeTest, IntRangeEmpty) {
- const ParamGenerator<int> gen = Range(0, 0);
- VerifyGeneratorIsEmpty(gen);
-}
-
-// Tests that Range() with custom step (greater then one) generates
-// the expected sequence.
-TEST(RangeTest, IntRangeWithCustomStep) {
- const ParamGenerator<int> gen = Range(0, 9, 3);
- const int expected_values[] = {0, 3, 6};
- VerifyGenerator(gen, expected_values);
-}
-
-// Tests that Range() with custom step (greater then one) generates
-// the expected sequence when the last element does not fall on the
-// upper range limit. Sequences generated by Range() must not have
-// elements beyond the range limits.
-TEST(RangeTest, IntRangeWithCustomStepOverUpperBound) {
- const ParamGenerator<int> gen = Range(0, 4, 3);
- const int expected_values[] = {0, 3};
- VerifyGenerator(gen, expected_values);
-}
-
-// Verifies that Range works with user-defined types that define
-// copy constructor, operator=(), operator+(), and operator<().
-class DogAdder {
- public:
- explicit DogAdder(const char* a_value) : value_(a_value) {}
- DogAdder(const DogAdder& other) : value_(other.value_.c_str()) {}
-
- DogAdder operator=(const DogAdder& other) {
- if (this != &other)
- value_ = other.value_;
- return *this;
- }
- DogAdder operator+(const DogAdder& other) const {
- Message msg;
- msg << value_.c_str() << other.value_.c_str();
- return DogAdder(msg.GetString().c_str());
- }
- bool operator<(const DogAdder& other) const {
- return value_ < other.value_;
- }
- const std::string& value() const { return value_; }
-
- private:
- std::string value_;
-};
-
-TEST(RangeTest, WorksWithACustomType) {
- const ParamGenerator<DogAdder> gen =
- Range(DogAdder("cat"), DogAdder("catdogdog"), DogAdder("dog"));
- ParamGenerator<DogAdder>::iterator it = gen.begin();
-
- ASSERT_FALSE(it == gen.end());
- EXPECT_STREQ("cat", it->value().c_str());
-
- ASSERT_FALSE(++it == gen.end());
- EXPECT_STREQ("catdog", it->value().c_str());
-
- EXPECT_TRUE(++it == gen.end());
-}
-
-class IntWrapper {
- public:
- explicit IntWrapper(int a_value) : value_(a_value) {}
- IntWrapper(const IntWrapper& other) : value_(other.value_) {}
-
- IntWrapper operator=(const IntWrapper& other) {
- value_ = other.value_;
- return *this;
- }
- // operator+() adds a different type.
- IntWrapper operator+(int other) const { return IntWrapper(value_ + other); }
- bool operator<(const IntWrapper& other) const {
- return value_ < other.value_;
- }
- int value() const { return value_; }
-
- private:
- int value_;
-};
-
-TEST(RangeTest, WorksWithACustomTypeWithDifferentIncrementType) {
- const ParamGenerator<IntWrapper> gen = Range(IntWrapper(0), IntWrapper(2));
- ParamGenerator<IntWrapper>::iterator it = gen.begin();
-
- ASSERT_FALSE(it == gen.end());
- EXPECT_EQ(0, it->value());
-
- ASSERT_FALSE(++it == gen.end());
- EXPECT_EQ(1, it->value());
-
- EXPECT_TRUE(++it == gen.end());
-}
-
-// Tests that ValuesIn() with an array parameter generates
-// the expected sequence.
-TEST(ValuesInTest, ValuesInArray) {
- int array[] = {3, 5, 8};
- const ParamGenerator<int> gen = ValuesIn(array);
- VerifyGenerator(gen, array);
-}
-
-// Tests that ValuesIn() with a const array parameter generates
-// the expected sequence.
-TEST(ValuesInTest, ValuesInConstArray) {
- const int array[] = {3, 5, 8};
- const ParamGenerator<int> gen = ValuesIn(array);
- VerifyGenerator(gen, array);
-}
-
-// Edge case. Tests that ValuesIn() with an array parameter containing a
-// single element generates the single element sequence.
-TEST(ValuesInTest, ValuesInSingleElementArray) {
- int array[] = {42};
- const ParamGenerator<int> gen = ValuesIn(array);
- VerifyGenerator(gen, array);
-}
-
-// Tests that ValuesIn() generates the expected sequence for an STL
-// container (vector).
-TEST(ValuesInTest, ValuesInVector) {
- typedef ::std::vector<int> ContainerType;
- ContainerType values;
- values.push_back(3);
- values.push_back(5);
- values.push_back(8);
- const ParamGenerator<int> gen = ValuesIn(values);
-
- const int expected_values[] = {3, 5, 8};
- VerifyGenerator(gen, expected_values);
-}
-
-// Tests that ValuesIn() generates the expected sequence.
-TEST(ValuesInTest, ValuesInIteratorRange) {
- typedef ::std::vector<int> ContainerType;
- ContainerType values;
- values.push_back(3);
- values.push_back(5);
- values.push_back(8);
- const ParamGenerator<int> gen = ValuesIn(values.begin(), values.end());
-
- const int expected_values[] = {3, 5, 8};
- VerifyGenerator(gen, expected_values);
-}
-
-// Edge case. Tests that ValuesIn() provided with an iterator range specifying a
-// single value generates a single-element sequence.
-TEST(ValuesInTest, ValuesInSingleElementIteratorRange) {
- typedef ::std::vector<int> ContainerType;
- ContainerType values;
- values.push_back(42);
- const ParamGenerator<int> gen = ValuesIn(values.begin(), values.end());
-
- const int expected_values[] = {42};
- VerifyGenerator(gen, expected_values);
-}
-
-// Edge case. Tests that ValuesIn() provided with an empty iterator range
-// generates an empty sequence.
-TEST(ValuesInTest, ValuesInEmptyIteratorRange) {
- typedef ::std::vector<int> ContainerType;
- ContainerType values;
- const ParamGenerator<int> gen = ValuesIn(values.begin(), values.end());
-
- VerifyGeneratorIsEmpty(gen);
-}
-
-// Tests that the Values() generates the expected sequence.
-TEST(ValuesTest, ValuesWorks) {
- const ParamGenerator<int> gen = Values(3, 5, 8);
-
- const int expected_values[] = {3, 5, 8};
- VerifyGenerator(gen, expected_values);
-}
-
-// Tests that Values() generates the expected sequences from elements of
-// different types convertible to ParamGenerator's parameter type.
-TEST(ValuesTest, ValuesWorksForValuesOfCompatibleTypes) {
- const ParamGenerator<double> gen = Values(3, 5.0f, 8.0);
-
- const double expected_values[] = {3.0, 5.0, 8.0};
- VerifyGenerator(gen, expected_values);
-}
-
-TEST(ValuesTest, ValuesWorksForMaxLengthList) {
- const ParamGenerator<int> gen = Values(
- 10, 20, 30, 40, 50, 60, 70, 80, 90, 100,
- 110, 120, 130, 140, 150, 160, 170, 180, 190, 200,
- 210, 220, 230, 240, 250, 260, 270, 280, 290, 300,
- 310, 320, 330, 340, 350, 360, 370, 380, 390, 400,
- 410, 420, 430, 440, 450, 460, 470, 480, 490, 500);
-
- const int expected_values[] = {
- 10, 20, 30, 40, 50, 60, 70, 80, 90, 100,
- 110, 120, 130, 140, 150, 160, 170, 180, 190, 200,
- 210, 220, 230, 240, 250, 260, 270, 280, 290, 300,
- 310, 320, 330, 340, 350, 360, 370, 380, 390, 400,
- 410, 420, 430, 440, 450, 460, 470, 480, 490, 500};
- VerifyGenerator(gen, expected_values);
-}
-
-// Edge case test. Tests that single-parameter Values() generates the sequence
-// with the single value.
-TEST(ValuesTest, ValuesWithSingleParameter) {
- const ParamGenerator<int> gen = Values(42);
-
- const int expected_values[] = {42};
- VerifyGenerator(gen, expected_values);
-}
-
-// Tests that Bool() generates sequence (false, true).
-TEST(BoolTest, BoolWorks) {
- const ParamGenerator<bool> gen = Bool();
-
- const bool expected_values[] = {false, true};
- VerifyGenerator(gen, expected_values);
-}
-
-# if GTEST_HAS_COMBINE
-
-// Tests that Combine() with two parameters generates the expected sequence.
-TEST(CombineTest, CombineWithTwoParameters) {
- const char* foo = "foo";
- const char* bar = "bar";
- const ParamGenerator<tuple<const char*, int> > gen =
- Combine(Values(foo, bar), Values(3, 4));
-
- tuple<const char*, int> expected_values[] = {
- make_tuple(foo, 3), make_tuple(foo, 4),
- make_tuple(bar, 3), make_tuple(bar, 4)};
- VerifyGenerator(gen, expected_values);
-}
-
-// Tests that Combine() with three parameters generates the expected sequence.
-TEST(CombineTest, CombineWithThreeParameters) {
- const ParamGenerator<tuple<int, int, int> > gen = Combine(Values(0, 1),
- Values(3, 4),
- Values(5, 6));
- tuple<int, int, int> expected_values[] = {
- make_tuple(0, 3, 5), make_tuple(0, 3, 6),
- make_tuple(0, 4, 5), make_tuple(0, 4, 6),
- make_tuple(1, 3, 5), make_tuple(1, 3, 6),
- make_tuple(1, 4, 5), make_tuple(1, 4, 6)};
- VerifyGenerator(gen, expected_values);
-}
-
-// Tests that the Combine() with the first parameter generating a single value
-// sequence generates a sequence with the number of elements equal to the
-// number of elements in the sequence generated by the second parameter.
-TEST(CombineTest, CombineWithFirstParameterSingleValue) {
- const ParamGenerator<tuple<int, int> > gen = Combine(Values(42),
- Values(0, 1));
-
- tuple<int, int> expected_values[] = {make_tuple(42, 0), make_tuple(42, 1)};
- VerifyGenerator(gen, expected_values);
-}
-
-// Tests that the Combine() with the second parameter generating a single value
-// sequence generates a sequence with the number of elements equal to the
-// number of elements in the sequence generated by the first parameter.
-TEST(CombineTest, CombineWithSecondParameterSingleValue) {
- const ParamGenerator<tuple<int, int> > gen = Combine(Values(0, 1),
- Values(42));
-
- tuple<int, int> expected_values[] = {make_tuple(0, 42), make_tuple(1, 42)};
- VerifyGenerator(gen, expected_values);
-}
-
-// Tests that when the first parameter produces an empty sequence,
-// Combine() produces an empty sequence, too.
-TEST(CombineTest, CombineWithFirstParameterEmptyRange) {
- const ParamGenerator<tuple<int, int> > gen = Combine(Range(0, 0),
- Values(0, 1));
- VerifyGeneratorIsEmpty(gen);
-}
-
-// Tests that when the second parameter produces an empty sequence,
-// Combine() produces an empty sequence, too.
-TEST(CombineTest, CombineWithSecondParameterEmptyRange) {
- const ParamGenerator<tuple<int, int> > gen = Combine(Values(0, 1),
- Range(1, 1));
- VerifyGeneratorIsEmpty(gen);
-}
-
-// Edge case. Tests that combine works with the maximum number
-// of parameters supported by Google Test (currently 10).
-TEST(CombineTest, CombineWithMaxNumberOfParameters) {
- const char* foo = "foo";
- const char* bar = "bar";
- const ParamGenerator<tuple<const char*, int, int, int, int, int, int, int,
- int, int> > gen = Combine(Values(foo, bar),
- Values(1), Values(2),
- Values(3), Values(4),
- Values(5), Values(6),
- Values(7), Values(8),
- Values(9));
-
- tuple<const char*, int, int, int, int, int, int, int, int, int>
- expected_values[] = {make_tuple(foo, 1, 2, 3, 4, 5, 6, 7, 8, 9),
- make_tuple(bar, 1, 2, 3, 4, 5, 6, 7, 8, 9)};
- VerifyGenerator(gen, expected_values);
-}
-
-# endif // GTEST_HAS_COMBINE
-
-// Tests that an generator produces correct sequence after being
-// assigned from another generator.
-TEST(ParamGeneratorTest, AssignmentWorks) {
- ParamGenerator<int> gen = Values(1, 2);
- const ParamGenerator<int> gen2 = Values(3, 4);
- gen = gen2;
-
- const int expected_values[] = {3, 4};
- VerifyGenerator(gen, expected_values);
-}
-
-// This test verifies that the tests are expanded and run as specified:
-// one test per element from the sequence produced by the generator
-// specified in INSTANTIATE_TEST_CASE_P. It also verifies that the test's
-// fixture constructor, SetUp(), and TearDown() have run and have been
-// supplied with the correct parameters.
-
-// The use of environment object allows detection of the case where no test
-// case functionality is run at all. In this case TestCaseTearDown will not
-// be able to detect missing tests, naturally.
-template <int kExpectedCalls>
-class TestGenerationEnvironment : public ::testing::Environment {
- public:
- static TestGenerationEnvironment* Instance() {
- static TestGenerationEnvironment* instance = new TestGenerationEnvironment;
- return instance;
- }
-
- void FixtureConstructorExecuted() { fixture_constructor_count_++; }
- void SetUpExecuted() { set_up_count_++; }
- void TearDownExecuted() { tear_down_count_++; }
- void TestBodyExecuted() { test_body_count_++; }
-
- virtual void TearDown() {
- // If all MultipleTestGenerationTest tests have been de-selected
- // by the filter flag, the following checks make no sense.
- bool perform_check = false;
-
- for (int i = 0; i < kExpectedCalls; ++i) {
- Message msg;
- msg << "TestsExpandedAndRun/" << i;
- if (UnitTestOptions::FilterMatchesTest(
- "TestExpansionModule/MultipleTestGenerationTest",
- msg.GetString().c_str())) {
- perform_check = true;
- }
- }
- if (perform_check) {
- EXPECT_EQ(kExpectedCalls, fixture_constructor_count_)
- << "Fixture constructor of ParamTestGenerationTest test case "
- << "has not been run as expected.";
- EXPECT_EQ(kExpectedCalls, set_up_count_)
- << "Fixture SetUp method of ParamTestGenerationTest test case "
- << "has not been run as expected.";
- EXPECT_EQ(kExpectedCalls, tear_down_count_)
- << "Fixture TearDown method of ParamTestGenerationTest test case "
- << "has not been run as expected.";
- EXPECT_EQ(kExpectedCalls, test_body_count_)
- << "Test in ParamTestGenerationTest test case "
- << "has not been run as expected.";
- }
- }
-
- private:
- TestGenerationEnvironment() : fixture_constructor_count_(0), set_up_count_(0),
- tear_down_count_(0), test_body_count_(0) {}
-
- int fixture_constructor_count_;
- int set_up_count_;
- int tear_down_count_;
- int test_body_count_;
-
- GTEST_DISALLOW_COPY_AND_ASSIGN_(TestGenerationEnvironment);
-};
-
-const int test_generation_params[] = {36, 42, 72};
-
-class TestGenerationTest : public TestWithParam<int> {
- public:
- enum {
- PARAMETER_COUNT =
- sizeof(test_generation_params)/sizeof(test_generation_params[0])
- };
-
- typedef TestGenerationEnvironment<PARAMETER_COUNT> Environment;
-
- TestGenerationTest() {
- Environment::Instance()->FixtureConstructorExecuted();
- current_parameter_ = GetParam();
- }
- virtual void SetUp() {
- Environment::Instance()->SetUpExecuted();
- EXPECT_EQ(current_parameter_, GetParam());
- }
- virtual void TearDown() {
- Environment::Instance()->TearDownExecuted();
- EXPECT_EQ(current_parameter_, GetParam());
- }
-
- static void SetUpTestCase() {
- bool all_tests_in_test_case_selected = true;
-
- for (int i = 0; i < PARAMETER_COUNT; ++i) {
- Message test_name;
- test_name << "TestsExpandedAndRun/" << i;
- if ( !UnitTestOptions::FilterMatchesTest(
- "TestExpansionModule/MultipleTestGenerationTest",
- test_name.GetString())) {
- all_tests_in_test_case_selected = false;
- }
- }
- EXPECT_TRUE(all_tests_in_test_case_selected)
- << "When running the TestGenerationTest test case all of its tests\n"
- << "must be selected by the filter flag for the test case to pass.\n"
- << "If not all of them are enabled, we can't reliably conclude\n"
- << "that the correct number of tests have been generated.";
-
- collected_parameters_.clear();
- }
-
- static void TearDownTestCase() {
- vector<int> expected_values(test_generation_params,
- test_generation_params + PARAMETER_COUNT);
- // Test execution order is not guaranteed by Google Test,
- // so the order of values in collected_parameters_ can be
- // different and we have to sort to compare.
- sort(expected_values.begin(), expected_values.end());
- sort(collected_parameters_.begin(), collected_parameters_.end());
-
- EXPECT_TRUE(collected_parameters_ == expected_values);
- }
-
- protected:
- int current_parameter_;
- static vector<int> collected_parameters_;
-
- private:
- GTEST_DISALLOW_COPY_AND_ASSIGN_(TestGenerationTest);
-};
-vector<int> TestGenerationTest::collected_parameters_;
-
-TEST_P(TestGenerationTest, TestsExpandedAndRun) {
- Environment::Instance()->TestBodyExecuted();
- EXPECT_EQ(current_parameter_, GetParam());
- collected_parameters_.push_back(GetParam());
-}
-INSTANTIATE_TEST_CASE_P(TestExpansionModule, TestGenerationTest,
- ValuesIn(test_generation_params));
-
-// This test verifies that the element sequence (third parameter of
-// INSTANTIATE_TEST_CASE_P) is evaluated in InitGoogleTest() and neither at
-// the call site of INSTANTIATE_TEST_CASE_P nor in RUN_ALL_TESTS(). For
-// that, we declare param_value_ to be a static member of
-// GeneratorEvaluationTest and initialize it to 0. We set it to 1 in
-// main(), just before invocation of InitGoogleTest(). After calling
-// InitGoogleTest(), we set the value to 2. If the sequence is evaluated
-// before or after InitGoogleTest, INSTANTIATE_TEST_CASE_P will create a
-// test with parameter other than 1, and the test body will fail the
-// assertion.
-class GeneratorEvaluationTest : public TestWithParam<int> {
- public:
- static int param_value() { return param_value_; }
- static void set_param_value(int param_value) { param_value_ = param_value; }
-
- private:
- static int param_value_;
-};
-int GeneratorEvaluationTest::param_value_ = 0;
-
-TEST_P(GeneratorEvaluationTest, GeneratorsEvaluatedInMain) {
- EXPECT_EQ(1, GetParam());
-}
-INSTANTIATE_TEST_CASE_P(GenEvalModule,
- GeneratorEvaluationTest,
- Values(GeneratorEvaluationTest::param_value()));
-
-// Tests that generators defined in a different translation unit are
-// functional. Generator extern_gen is defined in gtest-param-test_test2.cc.
-extern ParamGenerator<int> extern_gen;
-class ExternalGeneratorTest : public TestWithParam<int> {};
-TEST_P(ExternalGeneratorTest, ExternalGenerator) {
- // Sequence produced by extern_gen contains only a single value
- // which we verify here.
- EXPECT_EQ(GetParam(), 33);
-}
-INSTANTIATE_TEST_CASE_P(ExternalGeneratorModule,
- ExternalGeneratorTest,
- extern_gen);
-
-// Tests that a parameterized test case can be defined in one translation
-// unit and instantiated in another. This test will be instantiated in
-// gtest-param-test_test2.cc. ExternalInstantiationTest fixture class is
-// defined in gtest-param-test_test.h.
-TEST_P(ExternalInstantiationTest, IsMultipleOf33) {
- EXPECT_EQ(0, GetParam() % 33);
-}
-
-// Tests that a parameterized test case can be instantiated with multiple
-// generators.
-class MultipleInstantiationTest : public TestWithParam<int> {};
-TEST_P(MultipleInstantiationTest, AllowsMultipleInstances) {
-}
-INSTANTIATE_TEST_CASE_P(Sequence1, MultipleInstantiationTest, Values(1, 2));
-INSTANTIATE_TEST_CASE_P(Sequence2, MultipleInstantiationTest, Range(3, 5));
-
-// Tests that a parameterized test case can be instantiated
-// in multiple translation units. This test will be instantiated
-// here and in gtest-param-test_test2.cc.
-// InstantiationInMultipleTranslationUnitsTest fixture class
-// is defined in gtest-param-test_test.h.
-TEST_P(InstantiationInMultipleTranslaionUnitsTest, IsMultipleOf42) {
- EXPECT_EQ(0, GetParam() % 42);
-}
-INSTANTIATE_TEST_CASE_P(Sequence1,
- InstantiationInMultipleTranslaionUnitsTest,
- Values(42, 42*2));
-
-// Tests that each iteration of parameterized test runs in a separate test
-// object.
-class SeparateInstanceTest : public TestWithParam<int> {
- public:
- SeparateInstanceTest() : count_(0) {}
-
- static void TearDownTestCase() {
- EXPECT_GE(global_count_, 2)
- << "If some (but not all) SeparateInstanceTest tests have been "
- << "filtered out this test will fail. Make sure that all "
- << "GeneratorEvaluationTest are selected or de-selected together "
- << "by the test filter.";
- }
-
- protected:
- int count_;
- static int global_count_;
-};
-int SeparateInstanceTest::global_count_ = 0;
-
-TEST_P(SeparateInstanceTest, TestsRunInSeparateInstances) {
- EXPECT_EQ(0, count_++);
- global_count_++;
-}
-INSTANTIATE_TEST_CASE_P(FourElemSequence, SeparateInstanceTest, Range(1, 4));
-
-// Tests that all instantiations of a test have named appropriately. Test
-// defined with TEST_P(TestCaseName, TestName) and instantiated with
-// INSTANTIATE_TEST_CASE_P(SequenceName, TestCaseName, generator) must be named
-// SequenceName/TestCaseName.TestName/i, where i is the 0-based index of the
-// sequence element used to instantiate the test.
-class NamingTest : public TestWithParam<int> {};
-
-TEST_P(NamingTest, TestsReportCorrectNamesAndParameters) {
- const ::testing::TestInfo* const test_info =
- ::testing::UnitTest::GetInstance()->current_test_info();
-
- EXPECT_STREQ("ZeroToFiveSequence/NamingTest", test_info->test_case_name());
-
- Message index_stream;
- index_stream << "TestsReportCorrectNamesAndParameters/" << GetParam();
- EXPECT_STREQ(index_stream.GetString().c_str(), test_info->name());
-
- EXPECT_EQ(::testing::PrintToString(GetParam()), test_info->value_param());
-}
-
-INSTANTIATE_TEST_CASE_P(ZeroToFiveSequence, NamingTest, Range(0, 5));
-
-// Class that cannot be streamed into an ostream. It needs to be copyable
-// (and, in case of MSVC, also assignable) in order to be a test parameter
-// type. Its default copy constructor and assignment operator do exactly
-// what we need.
-class Unstreamable {
- public:
- explicit Unstreamable(int value) : value_(value) {}
-
- private:
- int value_;
-};
-
-class CommentTest : public TestWithParam<Unstreamable> {};
-
-TEST_P(CommentTest, TestsCorrectlyReportUnstreamableParams) {
- const ::testing::TestInfo* const test_info =
- ::testing::UnitTest::GetInstance()->current_test_info();
-
- EXPECT_EQ(::testing::PrintToString(GetParam()), test_info->value_param());
-}
-
-INSTANTIATE_TEST_CASE_P(InstantiationWithComments,
- CommentTest,
- Values(Unstreamable(1)));
-
-// Verify that we can create a hierarchy of test fixtures, where the base
-// class fixture is not parameterized and the derived class is. In this case
-// ParameterizedDerivedTest inherits from NonParameterizedBaseTest. We
-// perform simple tests on both.
-class NonParameterizedBaseTest : public ::testing::Test {
- public:
- NonParameterizedBaseTest() : n_(17) { }
- protected:
- int n_;
-};
-
-class ParameterizedDerivedTest : public NonParameterizedBaseTest,
- public ::testing::WithParamInterface<int> {
- protected:
- ParameterizedDerivedTest() : count_(0) { }
- int count_;
- static int global_count_;
-};
-
-int ParameterizedDerivedTest::global_count_ = 0;
-
-TEST_F(NonParameterizedBaseTest, FixtureIsInitialized) {
- EXPECT_EQ(17, n_);
-}
-
-TEST_P(ParameterizedDerivedTest, SeesSequence) {
- EXPECT_EQ(17, n_);
- EXPECT_EQ(0, count_++);
- EXPECT_EQ(GetParam(), global_count_++);
-}
-
-class ParameterizedDeathTest : public ::testing::TestWithParam<int> { };
-
-TEST_F(ParameterizedDeathTest, GetParamDiesFromTestF) {
- EXPECT_DEATH_IF_SUPPORTED(GetParam(),
- ".* value-parameterized test .*");
-}
-
-INSTANTIATE_TEST_CASE_P(RangeZeroToFive, ParameterizedDerivedTest, Range(0, 5));
-
-#endif // GTEST_HAS_PARAM_TEST
-
-TEST(CompileTest, CombineIsDefinedOnlyWhenGtestHasParamTestIsDefined) {
-#if GTEST_HAS_COMBINE && !GTEST_HAS_PARAM_TEST
- FAIL() << "GTEST_HAS_COMBINE is defined while GTEST_HAS_PARAM_TEST is not\n"
-#endif
-}
-
-int main(int argc, char **argv) {
-#if GTEST_HAS_PARAM_TEST
- // Used in TestGenerationTest test case.
- AddGlobalTestEnvironment(TestGenerationTest::Environment::Instance());
- // Used in GeneratorEvaluationTest test case. Tests that the updated value
- // will be picked up for instantiating tests in GeneratorEvaluationTest.
- GeneratorEvaluationTest::set_param_value(1);
-#endif // GTEST_HAS_PARAM_TEST
-
- ::testing::InitGoogleTest(&argc, argv);
-
-#if GTEST_HAS_PARAM_TEST
- // Used in GeneratorEvaluationTest test case. Tests that value updated
- // here will NOT be used for instantiating tests in
- // GeneratorEvaluationTest.
- GeneratorEvaluationTest::set_param_value(2);
-#endif // GTEST_HAS_PARAM_TEST
-
- return RUN_ALL_TESTS();
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-param-test_test.h b/security/nss/gtests/google_test/gtest/test/gtest-param-test_test.h
deleted file mode 100644
index 26ea122b1..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-param-test_test.h
+++ /dev/null
@@ -1,57 +0,0 @@
-// Copyright 2008, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Authors: vladl@google.com (Vlad Losev)
-//
-// The Google C++ Testing Framework (Google Test)
-//
-// This header file provides classes and functions used internally
-// for testing Google Test itself.
-
-#ifndef GTEST_TEST_GTEST_PARAM_TEST_TEST_H_
-#define GTEST_TEST_GTEST_PARAM_TEST_TEST_H_
-
-#include "gtest/gtest.h"
-
-#if GTEST_HAS_PARAM_TEST
-
-// Test fixture for testing definition and instantiation of a test
-// in separate translation units.
-class ExternalInstantiationTest : public ::testing::TestWithParam<int> {
-};
-
-// Test fixture for testing instantiation of a test in multiple
-// translation units.
-class InstantiationInMultipleTranslaionUnitsTest
- : public ::testing::TestWithParam<int> {
-};
-
-#endif // GTEST_HAS_PARAM_TEST
-
-#endif // GTEST_TEST_GTEST_PARAM_TEST_TEST_H_
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-port_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-port_test.cc
deleted file mode 100644
index 370c952b2..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-port_test.cc
+++ /dev/null
@@ -1,1323 +0,0 @@
-// Copyright 2008, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Authors: vladl@google.com (Vlad Losev), wan@google.com (Zhanyong Wan)
-//
-// This file tests the internal cross-platform support utilities.
-
-#include "gtest/internal/gtest-port.h"
-
-#include <stdio.h>
-
-#if GTEST_OS_MAC
-# include <time.h>
-#endif // GTEST_OS_MAC
-
-#include <list>
-#include <utility> // For std::pair and std::make_pair.
-#include <vector>
-
-#include "gtest/gtest.h"
-#include "gtest/gtest-spi.h"
-
-// Indicates that this translation unit is part of Google Test's
-// implementation. It must come before gtest-internal-inl.h is
-// included, or there will be a compiler error. This trick is to
-// prevent a user from accidentally including gtest-internal-inl.h in
-// his code.
-#define GTEST_IMPLEMENTATION_ 1
-#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
-
-using std::make_pair;
-using std::pair;
-
-namespace testing {
-namespace internal {
-
-TEST(IsXDigitTest, WorksForNarrowAscii) {
- EXPECT_TRUE(IsXDigit('0'));
- EXPECT_TRUE(IsXDigit('9'));
- EXPECT_TRUE(IsXDigit('A'));
- EXPECT_TRUE(IsXDigit('F'));
- EXPECT_TRUE(IsXDigit('a'));
- EXPECT_TRUE(IsXDigit('f'));
-
- EXPECT_FALSE(IsXDigit('-'));
- EXPECT_FALSE(IsXDigit('g'));
- EXPECT_FALSE(IsXDigit('G'));
-}
-
-TEST(IsXDigitTest, ReturnsFalseForNarrowNonAscii) {
- EXPECT_FALSE(IsXDigit(static_cast<char>(0x80)));
- EXPECT_FALSE(IsXDigit(static_cast<char>('0' | 0x80)));
-}
-
-TEST(IsXDigitTest, WorksForWideAscii) {
- EXPECT_TRUE(IsXDigit(L'0'));
- EXPECT_TRUE(IsXDigit(L'9'));
- EXPECT_TRUE(IsXDigit(L'A'));
- EXPECT_TRUE(IsXDigit(L'F'));
- EXPECT_TRUE(IsXDigit(L'a'));
- EXPECT_TRUE(IsXDigit(L'f'));
-
- EXPECT_FALSE(IsXDigit(L'-'));
- EXPECT_FALSE(IsXDigit(L'g'));
- EXPECT_FALSE(IsXDigit(L'G'));
-}
-
-TEST(IsXDigitTest, ReturnsFalseForWideNonAscii) {
- EXPECT_FALSE(IsXDigit(static_cast<wchar_t>(0x80)));
- EXPECT_FALSE(IsXDigit(static_cast<wchar_t>(L'0' | 0x80)));
- EXPECT_FALSE(IsXDigit(static_cast<wchar_t>(L'0' | 0x100)));
-}
-
-class Base {
- public:
- // Copy constructor and assignment operator do exactly what we need, so we
- // use them.
- Base() : member_(0) {}
- explicit Base(int n) : member_(n) {}
- virtual ~Base() {}
- int member() { return member_; }
-
- private:
- int member_;
-};
-
-class Derived : public Base {
- public:
- explicit Derived(int n) : Base(n) {}
-};
-
-TEST(ImplicitCastTest, ConvertsPointers) {
- Derived derived(0);
- EXPECT_TRUE(&derived == ::testing::internal::ImplicitCast_<Base*>(&derived));
-}
-
-TEST(ImplicitCastTest, CanUseInheritance) {
- Derived derived(1);
- Base base = ::testing::internal::ImplicitCast_<Base>(derived);
- EXPECT_EQ(derived.member(), base.member());
-}
-
-class Castable {
- public:
- explicit Castable(bool* converted) : converted_(converted) {}
- operator Base() {
- *converted_ = true;
- return Base();
- }
-
- private:
- bool* converted_;
-};
-
-TEST(ImplicitCastTest, CanUseNonConstCastOperator) {
- bool converted = false;
- Castable castable(&converted);
- Base base = ::testing::internal::ImplicitCast_<Base>(castable);
- EXPECT_TRUE(converted);
-}
-
-class ConstCastable {
- public:
- explicit ConstCastable(bool* converted) : converted_(converted) {}
- operator Base() const {
- *converted_ = true;
- return Base();
- }
-
- private:
- bool* converted_;
-};
-
-TEST(ImplicitCastTest, CanUseConstCastOperatorOnConstValues) {
- bool converted = false;
- const ConstCastable const_castable(&converted);
- Base base = ::testing::internal::ImplicitCast_<Base>(const_castable);
- EXPECT_TRUE(converted);
-}
-
-class ConstAndNonConstCastable {
- public:
- ConstAndNonConstCastable(bool* converted, bool* const_converted)
- : converted_(converted), const_converted_(const_converted) {}
- operator Base() {
- *converted_ = true;
- return Base();
- }
- operator Base() const {
- *const_converted_ = true;
- return Base();
- }
-
- private:
- bool* converted_;
- bool* const_converted_;
-};
-
-TEST(ImplicitCastTest, CanSelectBetweenConstAndNonConstCasrAppropriately) {
- bool converted = false;
- bool const_converted = false;
- ConstAndNonConstCastable castable(&converted, &const_converted);
- Base base = ::testing::internal::ImplicitCast_<Base>(castable);
- EXPECT_TRUE(converted);
- EXPECT_FALSE(const_converted);
-
- converted = false;
- const_converted = false;
- const ConstAndNonConstCastable const_castable(&converted, &const_converted);
- base = ::testing::internal::ImplicitCast_<Base>(const_castable);
- EXPECT_FALSE(converted);
- EXPECT_TRUE(const_converted);
-}
-
-class To {
- public:
- To(bool* converted) { *converted = true; } // NOLINT
-};
-
-TEST(ImplicitCastTest, CanUseImplicitConstructor) {
- bool converted = false;
- To to = ::testing::internal::ImplicitCast_<To>(&converted);
- (void)to;
- EXPECT_TRUE(converted);
-}
-
-TEST(IteratorTraitsTest, WorksForSTLContainerIterators) {
- StaticAssertTypeEq<int,
- IteratorTraits< ::std::vector<int>::const_iterator>::value_type>();
- StaticAssertTypeEq<bool,
- IteratorTraits< ::std::list<bool>::iterator>::value_type>();
-}
-
-TEST(IteratorTraitsTest, WorksForPointerToNonConst) {
- StaticAssertTypeEq<char, IteratorTraits<char*>::value_type>();
- StaticAssertTypeEq<const void*, IteratorTraits<const void**>::value_type>();
-}
-
-TEST(IteratorTraitsTest, WorksForPointerToConst) {
- StaticAssertTypeEq<char, IteratorTraits<const char*>::value_type>();
- StaticAssertTypeEq<const void*,
- IteratorTraits<const void* const*>::value_type>();
-}
-
-// Tests that the element_type typedef is available in scoped_ptr and refers
-// to the parameter type.
-TEST(ScopedPtrTest, DefinesElementType) {
- StaticAssertTypeEq<int, ::testing::internal::scoped_ptr<int>::element_type>();
-}
-
-// TODO(vladl@google.com): Implement THE REST of scoped_ptr tests.
-
-TEST(GtestCheckSyntaxTest, BehavesLikeASingleStatement) {
- if (AlwaysFalse())
- GTEST_CHECK_(false) << "This should never be executed; "
- "It's a compilation test only.";
-
- if (AlwaysTrue())
- GTEST_CHECK_(true);
- else
- ; // NOLINT
-
- if (AlwaysFalse())
- ; // NOLINT
- else
- GTEST_CHECK_(true) << "";
-}
-
-TEST(GtestCheckSyntaxTest, WorksWithSwitch) {
- switch (0) {
- case 1:
- break;
- default:
- GTEST_CHECK_(true);
- }
-
- switch (0)
- case 0:
- GTEST_CHECK_(true) << "Check failed in switch case";
-}
-
-// Verifies behavior of FormatFileLocation.
-TEST(FormatFileLocationTest, FormatsFileLocation) {
- EXPECT_PRED_FORMAT2(IsSubstring, "foo.cc", FormatFileLocation("foo.cc", 42));
- EXPECT_PRED_FORMAT2(IsSubstring, "42", FormatFileLocation("foo.cc", 42));
-}
-
-TEST(FormatFileLocationTest, FormatsUnknownFile) {
- EXPECT_PRED_FORMAT2(
- IsSubstring, "unknown file", FormatFileLocation(NULL, 42));
- EXPECT_PRED_FORMAT2(IsSubstring, "42", FormatFileLocation(NULL, 42));
-}
-
-TEST(FormatFileLocationTest, FormatsUknownLine) {
- EXPECT_EQ("foo.cc:", FormatFileLocation("foo.cc", -1));
-}
-
-TEST(FormatFileLocationTest, FormatsUknownFileAndLine) {
- EXPECT_EQ("unknown file:", FormatFileLocation(NULL, -1));
-}
-
-// Verifies behavior of FormatCompilerIndependentFileLocation.
-TEST(FormatCompilerIndependentFileLocationTest, FormatsFileLocation) {
- EXPECT_EQ("foo.cc:42", FormatCompilerIndependentFileLocation("foo.cc", 42));
-}
-
-TEST(FormatCompilerIndependentFileLocationTest, FormatsUknownFile) {
- EXPECT_EQ("unknown file:42",
- FormatCompilerIndependentFileLocation(NULL, 42));
-}
-
-TEST(FormatCompilerIndependentFileLocationTest, FormatsUknownLine) {
- EXPECT_EQ("foo.cc", FormatCompilerIndependentFileLocation("foo.cc", -1));
-}
-
-TEST(FormatCompilerIndependentFileLocationTest, FormatsUknownFileAndLine) {
- EXPECT_EQ("unknown file", FormatCompilerIndependentFileLocation(NULL, -1));
-}
-
-#if GTEST_OS_MAC || GTEST_OS_QNX
-void* ThreadFunc(void* data) {
- pthread_mutex_t* mutex = static_cast<pthread_mutex_t*>(data);
- pthread_mutex_lock(mutex);
- pthread_mutex_unlock(mutex);
- return NULL;
-}
-
-TEST(GetThreadCountTest, ReturnsCorrectValue) {
- EXPECT_EQ(1U, GetThreadCount());
- pthread_mutex_t mutex;
- pthread_attr_t attr;
- pthread_t thread_id;
-
- // TODO(vladl@google.com): turn mutex into internal::Mutex for automatic
- // destruction.
- pthread_mutex_init(&mutex, NULL);
- pthread_mutex_lock(&mutex);
- ASSERT_EQ(0, pthread_attr_init(&attr));
- ASSERT_EQ(0, pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE));
-
- const int status = pthread_create(&thread_id, &attr, &ThreadFunc, &mutex);
- ASSERT_EQ(0, pthread_attr_destroy(&attr));
- ASSERT_EQ(0, status);
- EXPECT_EQ(2U, GetThreadCount());
- pthread_mutex_unlock(&mutex);
-
- void* dummy;
- ASSERT_EQ(0, pthread_join(thread_id, &dummy));
-
-# if GTEST_OS_MAC
-
- // MacOS X may not immediately report the updated thread count after
- // joining a thread, causing flakiness in this test. To counter that, we
- // wait for up to .5 seconds for the OS to report the correct value.
- for (int i = 0; i < 5; ++i) {
- if (GetThreadCount() == 1)
- break;
-
- SleepMilliseconds(100);
- }
-
-# endif // GTEST_OS_MAC
-
- EXPECT_EQ(1U, GetThreadCount());
- pthread_mutex_destroy(&mutex);
-}
-#else
-TEST(GetThreadCountTest, ReturnsZeroWhenUnableToCountThreads) {
- EXPECT_EQ(0U, GetThreadCount());
-}
-#endif // GTEST_OS_MAC || GTEST_OS_QNX
-
-TEST(GtestCheckDeathTest, DiesWithCorrectOutputOnFailure) {
- const bool a_false_condition = false;
- const char regex[] =
-#ifdef _MSC_VER
- "gtest-port_test\\.cc\\(\\d+\\):"
-#elif GTEST_USES_POSIX_RE
- "gtest-port_test\\.cc:[0-9]+"
-#else
- "gtest-port_test\\.cc:\\d+"
-#endif // _MSC_VER
- ".*a_false_condition.*Extra info.*";
-
- EXPECT_DEATH_IF_SUPPORTED(GTEST_CHECK_(a_false_condition) << "Extra info",
- regex);
-}
-
-#if GTEST_HAS_DEATH_TEST
-
-TEST(GtestCheckDeathTest, LivesSilentlyOnSuccess) {
- EXPECT_EXIT({
- GTEST_CHECK_(true) << "Extra info";
- ::std::cerr << "Success\n";
- exit(0); },
- ::testing::ExitedWithCode(0), "Success");
-}
-
-#endif // GTEST_HAS_DEATH_TEST
-
-// Verifies that Google Test choose regular expression engine appropriate to
-// the platform. The test will produce compiler errors in case of failure.
-// For simplicity, we only cover the most important platforms here.
-TEST(RegexEngineSelectionTest, SelectsCorrectRegexEngine) {
-#if GTEST_HAS_POSIX_RE
-
- EXPECT_TRUE(GTEST_USES_POSIX_RE);
-
-#else
-
- EXPECT_TRUE(GTEST_USES_SIMPLE_RE);
-
-#endif
-}
-
-#if GTEST_USES_POSIX_RE
-
-# if GTEST_HAS_TYPED_TEST
-
-template <typename Str>
-class RETest : public ::testing::Test {};
-
-// Defines StringTypes as the list of all string types that class RE
-// supports.
-typedef testing::Types<
- ::std::string,
-# if GTEST_HAS_GLOBAL_STRING
- ::string,
-# endif // GTEST_HAS_GLOBAL_STRING
- const char*> StringTypes;
-
-TYPED_TEST_CASE(RETest, StringTypes);
-
-// Tests RE's implicit constructors.
-TYPED_TEST(RETest, ImplicitConstructorWorks) {
- const RE empty(TypeParam(""));
- EXPECT_STREQ("", empty.pattern());
-
- const RE simple(TypeParam("hello"));
- EXPECT_STREQ("hello", simple.pattern());
-
- const RE normal(TypeParam(".*(\\w+)"));
- EXPECT_STREQ(".*(\\w+)", normal.pattern());
-}
-
-// Tests that RE's constructors reject invalid regular expressions.
-TYPED_TEST(RETest, RejectsInvalidRegex) {
- EXPECT_NONFATAL_FAILURE({
- const RE invalid(TypeParam("?"));
- }, "\"?\" is not a valid POSIX Extended regular expression.");
-}
-
-// Tests RE::FullMatch().
-TYPED_TEST(RETest, FullMatchWorks) {
- const RE empty(TypeParam(""));
- EXPECT_TRUE(RE::FullMatch(TypeParam(""), empty));
- EXPECT_FALSE(RE::FullMatch(TypeParam("a"), empty));
-
- const RE re(TypeParam("a.*z"));
- EXPECT_TRUE(RE::FullMatch(TypeParam("az"), re));
- EXPECT_TRUE(RE::FullMatch(TypeParam("axyz"), re));
- EXPECT_FALSE(RE::FullMatch(TypeParam("baz"), re));
- EXPECT_FALSE(RE::FullMatch(TypeParam("azy"), re));
-}
-
-// Tests RE::PartialMatch().
-TYPED_TEST(RETest, PartialMatchWorks) {
- const RE empty(TypeParam(""));
- EXPECT_TRUE(RE::PartialMatch(TypeParam(""), empty));
- EXPECT_TRUE(RE::PartialMatch(TypeParam("a"), empty));
-
- const RE re(TypeParam("a.*z"));
- EXPECT_TRUE(RE::PartialMatch(TypeParam("az"), re));
- EXPECT_TRUE(RE::PartialMatch(TypeParam("axyz"), re));
- EXPECT_TRUE(RE::PartialMatch(TypeParam("baz"), re));
- EXPECT_TRUE(RE::PartialMatch(TypeParam("azy"), re));
- EXPECT_FALSE(RE::PartialMatch(TypeParam("zza"), re));
-}
-
-# endif // GTEST_HAS_TYPED_TEST
-
-#elif GTEST_USES_SIMPLE_RE
-
-TEST(IsInSetTest, NulCharIsNotInAnySet) {
- EXPECT_FALSE(IsInSet('\0', ""));
- EXPECT_FALSE(IsInSet('\0', "\0"));
- EXPECT_FALSE(IsInSet('\0', "a"));
-}
-
-TEST(IsInSetTest, WorksForNonNulChars) {
- EXPECT_FALSE(IsInSet('a', "Ab"));
- EXPECT_FALSE(IsInSet('c', ""));
-
- EXPECT_TRUE(IsInSet('b', "bcd"));
- EXPECT_TRUE(IsInSet('b', "ab"));
-}
-
-TEST(IsAsciiDigitTest, IsFalseForNonDigit) {
- EXPECT_FALSE(IsAsciiDigit('\0'));
- EXPECT_FALSE(IsAsciiDigit(' '));
- EXPECT_FALSE(IsAsciiDigit('+'));
- EXPECT_FALSE(IsAsciiDigit('-'));
- EXPECT_FALSE(IsAsciiDigit('.'));
- EXPECT_FALSE(IsAsciiDigit('a'));
-}
-
-TEST(IsAsciiDigitTest, IsTrueForDigit) {
- EXPECT_TRUE(IsAsciiDigit('0'));
- EXPECT_TRUE(IsAsciiDigit('1'));
- EXPECT_TRUE(IsAsciiDigit('5'));
- EXPECT_TRUE(IsAsciiDigit('9'));
-}
-
-TEST(IsAsciiPunctTest, IsFalseForNonPunct) {
- EXPECT_FALSE(IsAsciiPunct('\0'));
- EXPECT_FALSE(IsAsciiPunct(' '));
- EXPECT_FALSE(IsAsciiPunct('\n'));
- EXPECT_FALSE(IsAsciiPunct('a'));
- EXPECT_FALSE(IsAsciiPunct('0'));
-}
-
-TEST(IsAsciiPunctTest, IsTrueForPunct) {
- for (const char* p = "^-!\"#$%&'()*+,./:;<=>?@[\\]_`{|}~"; *p; p++) {
- EXPECT_PRED1(IsAsciiPunct, *p);
- }
-}
-
-TEST(IsRepeatTest, IsFalseForNonRepeatChar) {
- EXPECT_FALSE(IsRepeat('\0'));
- EXPECT_FALSE(IsRepeat(' '));
- EXPECT_FALSE(IsRepeat('a'));
- EXPECT_FALSE(IsRepeat('1'));
- EXPECT_FALSE(IsRepeat('-'));
-}
-
-TEST(IsRepeatTest, IsTrueForRepeatChar) {
- EXPECT_TRUE(IsRepeat('?'));
- EXPECT_TRUE(IsRepeat('*'));
- EXPECT_TRUE(IsRepeat('+'));
-}
-
-TEST(IsAsciiWhiteSpaceTest, IsFalseForNonWhiteSpace) {
- EXPECT_FALSE(IsAsciiWhiteSpace('\0'));
- EXPECT_FALSE(IsAsciiWhiteSpace('a'));
- EXPECT_FALSE(IsAsciiWhiteSpace('1'));
- EXPECT_FALSE(IsAsciiWhiteSpace('+'));
- EXPECT_FALSE(IsAsciiWhiteSpace('_'));
-}
-
-TEST(IsAsciiWhiteSpaceTest, IsTrueForWhiteSpace) {
- EXPECT_TRUE(IsAsciiWhiteSpace(' '));
- EXPECT_TRUE(IsAsciiWhiteSpace('\n'));
- EXPECT_TRUE(IsAsciiWhiteSpace('\r'));
- EXPECT_TRUE(IsAsciiWhiteSpace('\t'));
- EXPECT_TRUE(IsAsciiWhiteSpace('\v'));
- EXPECT_TRUE(IsAsciiWhiteSpace('\f'));
-}
-
-TEST(IsAsciiWordCharTest, IsFalseForNonWordChar) {
- EXPECT_FALSE(IsAsciiWordChar('\0'));
- EXPECT_FALSE(IsAsciiWordChar('+'));
- EXPECT_FALSE(IsAsciiWordChar('.'));
- EXPECT_FALSE(IsAsciiWordChar(' '));
- EXPECT_FALSE(IsAsciiWordChar('\n'));
-}
-
-TEST(IsAsciiWordCharTest, IsTrueForLetter) {
- EXPECT_TRUE(IsAsciiWordChar('a'));
- EXPECT_TRUE(IsAsciiWordChar('b'));
- EXPECT_TRUE(IsAsciiWordChar('A'));
- EXPECT_TRUE(IsAsciiWordChar('Z'));
-}
-
-TEST(IsAsciiWordCharTest, IsTrueForDigit) {
- EXPECT_TRUE(IsAsciiWordChar('0'));
- EXPECT_TRUE(IsAsciiWordChar('1'));
- EXPECT_TRUE(IsAsciiWordChar('7'));
- EXPECT_TRUE(IsAsciiWordChar('9'));
-}
-
-TEST(IsAsciiWordCharTest, IsTrueForUnderscore) {
- EXPECT_TRUE(IsAsciiWordChar('_'));
-}
-
-TEST(IsValidEscapeTest, IsFalseForNonPrintable) {
- EXPECT_FALSE(IsValidEscape('\0'));
- EXPECT_FALSE(IsValidEscape('\007'));
-}
-
-TEST(IsValidEscapeTest, IsFalseForDigit) {
- EXPECT_FALSE(IsValidEscape('0'));
- EXPECT_FALSE(IsValidEscape('9'));
-}
-
-TEST(IsValidEscapeTest, IsFalseForWhiteSpace) {
- EXPECT_FALSE(IsValidEscape(' '));
- EXPECT_FALSE(IsValidEscape('\n'));
-}
-
-TEST(IsValidEscapeTest, IsFalseForSomeLetter) {
- EXPECT_FALSE(IsValidEscape('a'));
- EXPECT_FALSE(IsValidEscape('Z'));
-}
-
-TEST(IsValidEscapeTest, IsTrueForPunct) {
- EXPECT_TRUE(IsValidEscape('.'));
- EXPECT_TRUE(IsValidEscape('-'));
- EXPECT_TRUE(IsValidEscape('^'));
- EXPECT_TRUE(IsValidEscape('$'));
- EXPECT_TRUE(IsValidEscape('('));
- EXPECT_TRUE(IsValidEscape(']'));
- EXPECT_TRUE(IsValidEscape('{'));
- EXPECT_TRUE(IsValidEscape('|'));
-}
-
-TEST(IsValidEscapeTest, IsTrueForSomeLetter) {
- EXPECT_TRUE(IsValidEscape('d'));
- EXPECT_TRUE(IsValidEscape('D'));
- EXPECT_TRUE(IsValidEscape('s'));
- EXPECT_TRUE(IsValidEscape('S'));
- EXPECT_TRUE(IsValidEscape('w'));
- EXPECT_TRUE(IsValidEscape('W'));
-}
-
-TEST(AtomMatchesCharTest, EscapedPunct) {
- EXPECT_FALSE(AtomMatchesChar(true, '\\', '\0'));
- EXPECT_FALSE(AtomMatchesChar(true, '\\', ' '));
- EXPECT_FALSE(AtomMatchesChar(true, '_', '.'));
- EXPECT_FALSE(AtomMatchesChar(true, '.', 'a'));
-
- EXPECT_TRUE(AtomMatchesChar(true, '\\', '\\'));
- EXPECT_TRUE(AtomMatchesChar(true, '_', '_'));
- EXPECT_TRUE(AtomMatchesChar(true, '+', '+'));
- EXPECT_TRUE(AtomMatchesChar(true, '.', '.'));
-}
-
-TEST(AtomMatchesCharTest, Escaped_d) {
- EXPECT_FALSE(AtomMatchesChar(true, 'd', '\0'));
- EXPECT_FALSE(AtomMatchesChar(true, 'd', 'a'));
- EXPECT_FALSE(AtomMatchesChar(true, 'd', '.'));
-
- EXPECT_TRUE(AtomMatchesChar(true, 'd', '0'));
- EXPECT_TRUE(AtomMatchesChar(true, 'd', '9'));
-}
-
-TEST(AtomMatchesCharTest, Escaped_D) {
- EXPECT_FALSE(AtomMatchesChar(true, 'D', '0'));
- EXPECT_FALSE(AtomMatchesChar(true, 'D', '9'));
-
- EXPECT_TRUE(AtomMatchesChar(true, 'D', '\0'));
- EXPECT_TRUE(AtomMatchesChar(true, 'D', 'a'));
- EXPECT_TRUE(AtomMatchesChar(true, 'D', '-'));
-}
-
-TEST(AtomMatchesCharTest, Escaped_s) {
- EXPECT_FALSE(AtomMatchesChar(true, 's', '\0'));
- EXPECT_FALSE(AtomMatchesChar(true, 's', 'a'));
- EXPECT_FALSE(AtomMatchesChar(true, 's', '.'));
- EXPECT_FALSE(AtomMatchesChar(true, 's', '9'));
-
- EXPECT_TRUE(AtomMatchesChar(true, 's', ' '));
- EXPECT_TRUE(AtomMatchesChar(true, 's', '\n'));
- EXPECT_TRUE(AtomMatchesChar(true, 's', '\t'));
-}
-
-TEST(AtomMatchesCharTest, Escaped_S) {
- EXPECT_FALSE(AtomMatchesChar(true, 'S', ' '));
- EXPECT_FALSE(AtomMatchesChar(true, 'S', '\r'));
-
- EXPECT_TRUE(AtomMatchesChar(true, 'S', '\0'));
- EXPECT_TRUE(AtomMatchesChar(true, 'S', 'a'));
- EXPECT_TRUE(AtomMatchesChar(true, 'S', '9'));
-}
-
-TEST(AtomMatchesCharTest, Escaped_w) {
- EXPECT_FALSE(AtomMatchesChar(true, 'w', '\0'));
- EXPECT_FALSE(AtomMatchesChar(true, 'w', '+'));
- EXPECT_FALSE(AtomMatchesChar(true, 'w', ' '));
- EXPECT_FALSE(AtomMatchesChar(true, 'w', '\n'));
-
- EXPECT_TRUE(AtomMatchesChar(true, 'w', '0'));
- EXPECT_TRUE(AtomMatchesChar(true, 'w', 'b'));
- EXPECT_TRUE(AtomMatchesChar(true, 'w', 'C'));
- EXPECT_TRUE(AtomMatchesChar(true, 'w', '_'));
-}
-
-TEST(AtomMatchesCharTest, Escaped_W) {
- EXPECT_FALSE(AtomMatchesChar(true, 'W', 'A'));
- EXPECT_FALSE(AtomMatchesChar(true, 'W', 'b'));
- EXPECT_FALSE(AtomMatchesChar(true, 'W', '9'));
- EXPECT_FALSE(AtomMatchesChar(true, 'W', '_'));
-
- EXPECT_TRUE(AtomMatchesChar(true, 'W', '\0'));
- EXPECT_TRUE(AtomMatchesChar(true, 'W', '*'));
- EXPECT_TRUE(AtomMatchesChar(true, 'W', '\n'));
-}
-
-TEST(AtomMatchesCharTest, EscapedWhiteSpace) {
- EXPECT_FALSE(AtomMatchesChar(true, 'f', '\0'));
- EXPECT_FALSE(AtomMatchesChar(true, 'f', '\n'));
- EXPECT_FALSE(AtomMatchesChar(true, 'n', '\0'));
- EXPECT_FALSE(AtomMatchesChar(true, 'n', '\r'));
- EXPECT_FALSE(AtomMatchesChar(true, 'r', '\0'));
- EXPECT_FALSE(AtomMatchesChar(true, 'r', 'a'));
- EXPECT_FALSE(AtomMatchesChar(true, 't', '\0'));
- EXPECT_FALSE(AtomMatchesChar(true, 't', 't'));
- EXPECT_FALSE(AtomMatchesChar(true, 'v', '\0'));
- EXPECT_FALSE(AtomMatchesChar(true, 'v', '\f'));
-
- EXPECT_TRUE(AtomMatchesChar(true, 'f', '\f'));
- EXPECT_TRUE(AtomMatchesChar(true, 'n', '\n'));
- EXPECT_TRUE(AtomMatchesChar(true, 'r', '\r'));
- EXPECT_TRUE(AtomMatchesChar(true, 't', '\t'));
- EXPECT_TRUE(AtomMatchesChar(true, 'v', '\v'));
-}
-
-TEST(AtomMatchesCharTest, UnescapedDot) {
- EXPECT_FALSE(AtomMatchesChar(false, '.', '\n'));
-
- EXPECT_TRUE(AtomMatchesChar(false, '.', '\0'));
- EXPECT_TRUE(AtomMatchesChar(false, '.', '.'));
- EXPECT_TRUE(AtomMatchesChar(false, '.', 'a'));
- EXPECT_TRUE(AtomMatchesChar(false, '.', ' '));
-}
-
-TEST(AtomMatchesCharTest, UnescapedChar) {
- EXPECT_FALSE(AtomMatchesChar(false, 'a', '\0'));
- EXPECT_FALSE(AtomMatchesChar(false, 'a', 'b'));
- EXPECT_FALSE(AtomMatchesChar(false, '$', 'a'));
-
- EXPECT_TRUE(AtomMatchesChar(false, '$', '$'));
- EXPECT_TRUE(AtomMatchesChar(false, '5', '5'));
- EXPECT_TRUE(AtomMatchesChar(false, 'Z', 'Z'));
-}
-
-TEST(ValidateRegexTest, GeneratesFailureAndReturnsFalseForInvalid) {
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex(NULL)),
- "NULL is not a valid simple regular expression");
- EXPECT_NONFATAL_FAILURE(
- ASSERT_FALSE(ValidateRegex("a\\")),
- "Syntax error at index 1 in simple regular expression \"a\\\": ");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("a\\")),
- "'\\' cannot appear at the end");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("\\n\\")),
- "'\\' cannot appear at the end");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("\\s\\hb")),
- "invalid escape sequence \"\\h\"");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("^^")),
- "'^' can only appear at the beginning");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex(".*^b")),
- "'^' can only appear at the beginning");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("$$")),
- "'$' can only appear at the end");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("^$a")),
- "'$' can only appear at the end");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("a(b")),
- "'(' is unsupported");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("ab)")),
- "')' is unsupported");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("[ab")),
- "'[' is unsupported");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("a{2")),
- "'{' is unsupported");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("?")),
- "'?' can only follow a repeatable token");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("^*")),
- "'*' can only follow a repeatable token");
- EXPECT_NONFATAL_FAILURE(ASSERT_FALSE(ValidateRegex("5*+")),
- "'+' can only follow a repeatable token");
-}
-
-TEST(ValidateRegexTest, ReturnsTrueForValid) {
- EXPECT_TRUE(ValidateRegex(""));
- EXPECT_TRUE(ValidateRegex("a"));
- EXPECT_TRUE(ValidateRegex(".*"));
- EXPECT_TRUE(ValidateRegex("^a_+"));
- EXPECT_TRUE(ValidateRegex("^a\\t\\&?"));
- EXPECT_TRUE(ValidateRegex("09*$"));
- EXPECT_TRUE(ValidateRegex("^Z$"));
- EXPECT_TRUE(ValidateRegex("a\\^Z\\$\\(\\)\\|\\[\\]\\{\\}"));
-}
-
-TEST(MatchRepetitionAndRegexAtHeadTest, WorksForZeroOrOne) {
- EXPECT_FALSE(MatchRepetitionAndRegexAtHead(false, 'a', '?', "a", "ba"));
- // Repeating more than once.
- EXPECT_FALSE(MatchRepetitionAndRegexAtHead(false, 'a', '?', "b", "aab"));
-
- // Repeating zero times.
- EXPECT_TRUE(MatchRepetitionAndRegexAtHead(false, 'a', '?', "b", "ba"));
- // Repeating once.
- EXPECT_TRUE(MatchRepetitionAndRegexAtHead(false, 'a', '?', "b", "ab"));
- EXPECT_TRUE(MatchRepetitionAndRegexAtHead(false, '#', '?', ".", "##"));
-}
-
-TEST(MatchRepetitionAndRegexAtHeadTest, WorksForZeroOrMany) {
- EXPECT_FALSE(MatchRepetitionAndRegexAtHead(false, '.', '*', "a$", "baab"));
-
- // Repeating zero times.
- EXPECT_TRUE(MatchRepetitionAndRegexAtHead(false, '.', '*', "b", "bc"));
- // Repeating once.
- EXPECT_TRUE(MatchRepetitionAndRegexAtHead(false, '.', '*', "b", "abc"));
- // Repeating more than once.
- EXPECT_TRUE(MatchRepetitionAndRegexAtHead(true, 'w', '*', "-", "ab_1-g"));
-}
-
-TEST(MatchRepetitionAndRegexAtHeadTest, WorksForOneOrMany) {
- EXPECT_FALSE(MatchRepetitionAndRegexAtHead(false, '.', '+', "a$", "baab"));
- // Repeating zero times.
- EXPECT_FALSE(MatchRepetitionAndRegexAtHead(false, '.', '+', "b", "bc"));
-
- // Repeating once.
- EXPECT_TRUE(MatchRepetitionAndRegexAtHead(false, '.', '+', "b", "abc"));
- // Repeating more than once.
- EXPECT_TRUE(MatchRepetitionAndRegexAtHead(true, 'w', '+', "-", "ab_1-g"));
-}
-
-TEST(MatchRegexAtHeadTest, ReturnsTrueForEmptyRegex) {
- EXPECT_TRUE(MatchRegexAtHead("", ""));
- EXPECT_TRUE(MatchRegexAtHead("", "ab"));
-}
-
-TEST(MatchRegexAtHeadTest, WorksWhenDollarIsInRegex) {
- EXPECT_FALSE(MatchRegexAtHead("$", "a"));
-
- EXPECT_TRUE(MatchRegexAtHead("$", ""));
- EXPECT_TRUE(MatchRegexAtHead("a$", "a"));
-}
-
-TEST(MatchRegexAtHeadTest, WorksWhenRegexStartsWithEscapeSequence) {
- EXPECT_FALSE(MatchRegexAtHead("\\w", "+"));
- EXPECT_FALSE(MatchRegexAtHead("\\W", "ab"));
-
- EXPECT_TRUE(MatchRegexAtHead("\\sa", "\nab"));
- EXPECT_TRUE(MatchRegexAtHead("\\d", "1a"));
-}
-
-TEST(MatchRegexAtHeadTest, WorksWhenRegexStartsWithRepetition) {
- EXPECT_FALSE(MatchRegexAtHead(".+a", "abc"));
- EXPECT_FALSE(MatchRegexAtHead("a?b", "aab"));
-
- EXPECT_TRUE(MatchRegexAtHead(".*a", "bc12-ab"));
- EXPECT_TRUE(MatchRegexAtHead("a?b", "b"));
- EXPECT_TRUE(MatchRegexAtHead("a?b", "ab"));
-}
-
-TEST(MatchRegexAtHeadTest,
- WorksWhenRegexStartsWithRepetionOfEscapeSequence) {
- EXPECT_FALSE(MatchRegexAtHead("\\.+a", "abc"));
- EXPECT_FALSE(MatchRegexAtHead("\\s?b", " b"));
-
- EXPECT_TRUE(MatchRegexAtHead("\\(*a", "((((ab"));
- EXPECT_TRUE(MatchRegexAtHead("\\^?b", "^b"));
- EXPECT_TRUE(MatchRegexAtHead("\\\\?b", "b"));
- EXPECT_TRUE(MatchRegexAtHead("\\\\?b", "\\b"));
-}
-
-TEST(MatchRegexAtHeadTest, MatchesSequentially) {
- EXPECT_FALSE(MatchRegexAtHead("ab.*c", "acabc"));
-
- EXPECT_TRUE(MatchRegexAtHead("ab.*c", "ab-fsc"));
-}
-
-TEST(MatchRegexAnywhereTest, ReturnsFalseWhenStringIsNull) {
- EXPECT_FALSE(MatchRegexAnywhere("", NULL));
-}
-
-TEST(MatchRegexAnywhereTest, WorksWhenRegexStartsWithCaret) {
- EXPECT_FALSE(MatchRegexAnywhere("^a", "ba"));
- EXPECT_FALSE(MatchRegexAnywhere("^$", "a"));
-
- EXPECT_TRUE(MatchRegexAnywhere("^a", "ab"));
- EXPECT_TRUE(MatchRegexAnywhere("^", "ab"));
- EXPECT_TRUE(MatchRegexAnywhere("^$", ""));
-}
-
-TEST(MatchRegexAnywhereTest, ReturnsFalseWhenNoMatch) {
- EXPECT_FALSE(MatchRegexAnywhere("a", "bcde123"));
- EXPECT_FALSE(MatchRegexAnywhere("a.+a", "--aa88888888"));
-}
-
-TEST(MatchRegexAnywhereTest, ReturnsTrueWhenMatchingPrefix) {
- EXPECT_TRUE(MatchRegexAnywhere("\\w+", "ab1_ - 5"));
- EXPECT_TRUE(MatchRegexAnywhere(".*=", "="));
- EXPECT_TRUE(MatchRegexAnywhere("x.*ab?.*bc", "xaaabc"));
-}
-
-TEST(MatchRegexAnywhereTest, ReturnsTrueWhenMatchingNonPrefix) {
- EXPECT_TRUE(MatchRegexAnywhere("\\w+", "$$$ ab1_ - 5"));
- EXPECT_TRUE(MatchRegexAnywhere("\\.+=", "= ...="));
-}
-
-// Tests RE's implicit constructors.
-TEST(RETest, ImplicitConstructorWorks) {
- const RE empty("");
- EXPECT_STREQ("", empty.pattern());
-
- const RE simple("hello");
- EXPECT_STREQ("hello", simple.pattern());
-}
-
-// Tests that RE's constructors reject invalid regular expressions.
-TEST(RETest, RejectsInvalidRegex) {
- EXPECT_NONFATAL_FAILURE({
- const RE normal(NULL);
- }, "NULL is not a valid simple regular expression");
-
- EXPECT_NONFATAL_FAILURE({
- const RE normal(".*(\\w+");
- }, "'(' is unsupported");
-
- EXPECT_NONFATAL_FAILURE({
- const RE invalid("^?");
- }, "'?' can only follow a repeatable token");
-}
-
-// Tests RE::FullMatch().
-TEST(RETest, FullMatchWorks) {
- const RE empty("");
- EXPECT_TRUE(RE::FullMatch("", empty));
- EXPECT_FALSE(RE::FullMatch("a", empty));
-
- const RE re1("a");
- EXPECT_TRUE(RE::FullMatch("a", re1));
-
- const RE re("a.*z");
- EXPECT_TRUE(RE::FullMatch("az", re));
- EXPECT_TRUE(RE::FullMatch("axyz", re));
- EXPECT_FALSE(RE::FullMatch("baz", re));
- EXPECT_FALSE(RE::FullMatch("azy", re));
-}
-
-// Tests RE::PartialMatch().
-TEST(RETest, PartialMatchWorks) {
- const RE empty("");
- EXPECT_TRUE(RE::PartialMatch("", empty));
- EXPECT_TRUE(RE::PartialMatch("a", empty));
-
- const RE re("a.*z");
- EXPECT_TRUE(RE::PartialMatch("az", re));
- EXPECT_TRUE(RE::PartialMatch("axyz", re));
- EXPECT_TRUE(RE::PartialMatch("baz", re));
- EXPECT_TRUE(RE::PartialMatch("azy", re));
- EXPECT_FALSE(RE::PartialMatch("zza", re));
-}
-
-#endif // GTEST_USES_POSIX_RE
-
-#if !GTEST_OS_WINDOWS_MOBILE
-
-TEST(CaptureTest, CapturesStdout) {
- CaptureStdout();
- fprintf(stdout, "abc");
- EXPECT_STREQ("abc", GetCapturedStdout().c_str());
-
- CaptureStdout();
- fprintf(stdout, "def%cghi", '\0');
- EXPECT_EQ(::std::string("def\0ghi", 7), ::std::string(GetCapturedStdout()));
-}
-
-TEST(CaptureTest, CapturesStderr) {
- CaptureStderr();
- fprintf(stderr, "jkl");
- EXPECT_STREQ("jkl", GetCapturedStderr().c_str());
-
- CaptureStderr();
- fprintf(stderr, "jkl%cmno", '\0');
- EXPECT_EQ(::std::string("jkl\0mno", 7), ::std::string(GetCapturedStderr()));
-}
-
-// Tests that stdout and stderr capture don't interfere with each other.
-TEST(CaptureTest, CapturesStdoutAndStderr) {
- CaptureStdout();
- CaptureStderr();
- fprintf(stdout, "pqr");
- fprintf(stderr, "stu");
- EXPECT_STREQ("pqr", GetCapturedStdout().c_str());
- EXPECT_STREQ("stu", GetCapturedStderr().c_str());
-}
-
-TEST(CaptureDeathTest, CannotReenterStdoutCapture) {
- CaptureStdout();
- EXPECT_DEATH_IF_SUPPORTED(CaptureStdout(),
- "Only one stdout capturer can exist at a time");
- GetCapturedStdout();
-
- // We cannot test stderr capturing using death tests as they use it
- // themselves.
-}
-
-#endif // !GTEST_OS_WINDOWS_MOBILE
-
-TEST(ThreadLocalTest, DefaultConstructorInitializesToDefaultValues) {
- ThreadLocal<int> t1;
- EXPECT_EQ(0, t1.get());
-
- ThreadLocal<void*> t2;
- EXPECT_TRUE(t2.get() == NULL);
-}
-
-TEST(ThreadLocalTest, SingleParamConstructorInitializesToParam) {
- ThreadLocal<int> t1(123);
- EXPECT_EQ(123, t1.get());
-
- int i = 0;
- ThreadLocal<int*> t2(&i);
- EXPECT_EQ(&i, t2.get());
-}
-
-class NoDefaultContructor {
- public:
- explicit NoDefaultContructor(const char*) {}
- NoDefaultContructor(const NoDefaultContructor&) {}
-};
-
-TEST(ThreadLocalTest, ValueDefaultContructorIsNotRequiredForParamVersion) {
- ThreadLocal<NoDefaultContructor> bar(NoDefaultContructor("foo"));
- bar.pointer();
-}
-
-TEST(ThreadLocalTest, GetAndPointerReturnSameValue) {
- ThreadLocal<std::string> thread_local_string;
-
- EXPECT_EQ(thread_local_string.pointer(), &(thread_local_string.get()));
-
- // Verifies the condition still holds after calling set.
- thread_local_string.set("foo");
- EXPECT_EQ(thread_local_string.pointer(), &(thread_local_string.get()));
-}
-
-TEST(ThreadLocalTest, PointerAndConstPointerReturnSameValue) {
- ThreadLocal<std::string> thread_local_string;
- const ThreadLocal<std::string>& const_thread_local_string =
- thread_local_string;
-
- EXPECT_EQ(thread_local_string.pointer(), const_thread_local_string.pointer());
-
- thread_local_string.set("foo");
- EXPECT_EQ(thread_local_string.pointer(), const_thread_local_string.pointer());
-}
-
-#if GTEST_IS_THREADSAFE
-
-void AddTwo(int* param) { *param += 2; }
-
-TEST(ThreadWithParamTest, ConstructorExecutesThreadFunc) {
- int i = 40;
- ThreadWithParam<int*> thread(&AddTwo, &i, NULL);
- thread.Join();
- EXPECT_EQ(42, i);
-}
-
-TEST(MutexDeathTest, AssertHeldShouldAssertWhenNotLocked) {
- // AssertHeld() is flaky only in the presence of multiple threads accessing
- // the lock. In this case, the test is robust.
- EXPECT_DEATH_IF_SUPPORTED({
- Mutex m;
- { MutexLock lock(&m); }
- m.AssertHeld();
- },
- "thread .*hold");
-}
-
-TEST(MutexTest, AssertHeldShouldNotAssertWhenLocked) {
- Mutex m;
- MutexLock lock(&m);
- m.AssertHeld();
-}
-
-class AtomicCounterWithMutex {
- public:
- explicit AtomicCounterWithMutex(Mutex* mutex) :
- value_(0), mutex_(mutex), random_(42) {}
-
- void Increment() {
- MutexLock lock(mutex_);
- int temp = value_;
- {
- // We need to put up a memory barrier to prevent reads and writes to
- // value_ rearranged with the call to SleepMilliseconds when observed
- // from other threads.
-#if GTEST_HAS_PTHREAD
- // On POSIX, locking a mutex puts up a memory barrier. We cannot use
- // Mutex and MutexLock here or rely on their memory barrier
- // functionality as we are testing them here.
- pthread_mutex_t memory_barrier_mutex;
- GTEST_CHECK_POSIX_SUCCESS_(
- pthread_mutex_init(&memory_barrier_mutex, NULL));
- GTEST_CHECK_POSIX_SUCCESS_(pthread_mutex_lock(&memory_barrier_mutex));
-
- SleepMilliseconds(random_.Generate(30));
-
- GTEST_CHECK_POSIX_SUCCESS_(pthread_mutex_unlock(&memory_barrier_mutex));
- GTEST_CHECK_POSIX_SUCCESS_(pthread_mutex_destroy(&memory_barrier_mutex));
-#elif GTEST_OS_WINDOWS
- // On Windows, performing an interlocked access puts up a memory barrier.
- volatile LONG dummy = 0;
- ::InterlockedIncrement(&dummy);
- SleepMilliseconds(random_.Generate(30));
- ::InterlockedIncrement(&dummy);
-#else
-# error "Memory barrier not implemented on this platform."
-#endif // GTEST_HAS_PTHREAD
- }
- value_ = temp + 1;
- }
- int value() const { return value_; }
-
- private:
- volatile int value_;
- Mutex* const mutex_; // Protects value_.
- Random random_;
-};
-
-void CountingThreadFunc(pair<AtomicCounterWithMutex*, int> param) {
- for (int i = 0; i < param.second; ++i)
- param.first->Increment();
-}
-
-// Tests that the mutex only lets one thread at a time to lock it.
-TEST(MutexTest, OnlyOneThreadCanLockAtATime) {
- Mutex mutex;
- AtomicCounterWithMutex locked_counter(&mutex);
-
- typedef ThreadWithParam<pair<AtomicCounterWithMutex*, int> > ThreadType;
- const int kCycleCount = 20;
- const int kThreadCount = 7;
- scoped_ptr<ThreadType> counting_threads[kThreadCount];
- Notification threads_can_start;
- // Creates and runs kThreadCount threads that increment locked_counter
- // kCycleCount times each.
- for (int i = 0; i < kThreadCount; ++i) {
- counting_threads[i].reset(new ThreadType(&CountingThreadFunc,
- make_pair(&locked_counter,
- kCycleCount),
- &threads_can_start));
- }
- threads_can_start.Notify();
- for (int i = 0; i < kThreadCount; ++i)
- counting_threads[i]->Join();
-
- // If the mutex lets more than one thread to increment the counter at a
- // time, they are likely to encounter a race condition and have some
- // increments overwritten, resulting in the lower then expected counter
- // value.
- EXPECT_EQ(kCycleCount * kThreadCount, locked_counter.value());
-}
-
-template <typename T>
-void RunFromThread(void (func)(T), T param) {
- ThreadWithParam<T> thread(func, param, NULL);
- thread.Join();
-}
-
-void RetrieveThreadLocalValue(
- pair<ThreadLocal<std::string>*, std::string*> param) {
- *param.second = param.first->get();
-}
-
-TEST(ThreadLocalTest, ParameterizedConstructorSetsDefault) {
- ThreadLocal<std::string> thread_local_string("foo");
- EXPECT_STREQ("foo", thread_local_string.get().c_str());
-
- thread_local_string.set("bar");
- EXPECT_STREQ("bar", thread_local_string.get().c_str());
-
- std::string result;
- RunFromThread(&RetrieveThreadLocalValue,
- make_pair(&thread_local_string, &result));
- EXPECT_STREQ("foo", result.c_str());
-}
-
-// Keeps track of whether of destructors being called on instances of
-// DestructorTracker. On Windows, waits for the destructor call reports.
-class DestructorCall {
- public:
- DestructorCall() {
- invoked_ = false;
-#if GTEST_OS_WINDOWS
- wait_event_.Reset(::CreateEvent(NULL, TRUE, FALSE, NULL));
- GTEST_CHECK_(wait_event_.Get() != NULL);
-#endif
- }
-
- bool CheckDestroyed() const {
-#if GTEST_OS_WINDOWS
- if (::WaitForSingleObject(wait_event_.Get(), 1000) != WAIT_OBJECT_0)
- return false;
-#endif
- return invoked_;
- }
-
- void ReportDestroyed() {
- invoked_ = true;
-#if GTEST_OS_WINDOWS
- ::SetEvent(wait_event_.Get());
-#endif
- }
-
- static std::vector<DestructorCall*>& List() { return *list_; }
-
- static void ResetList() {
- for (size_t i = 0; i < list_->size(); ++i) {
- delete list_->at(i);
- }
- list_->clear();
- }
-
- private:
- bool invoked_;
-#if GTEST_OS_WINDOWS
- AutoHandle wait_event_;
-#endif
- static std::vector<DestructorCall*>* const list_;
-
- GTEST_DISALLOW_COPY_AND_ASSIGN_(DestructorCall);
-};
-
-std::vector<DestructorCall*>* const DestructorCall::list_ =
- new std::vector<DestructorCall*>;
-
-// DestructorTracker keeps track of whether its instances have been
-// destroyed.
-class DestructorTracker {
- public:
- DestructorTracker() : index_(GetNewIndex()) {}
- DestructorTracker(const DestructorTracker& /* rhs */)
- : index_(GetNewIndex()) {}
- ~DestructorTracker() {
- // We never access DestructorCall::List() concurrently, so we don't need
- // to protect this acccess with a mutex.
- DestructorCall::List()[index_]->ReportDestroyed();
- }
-
- private:
- static int GetNewIndex() {
- DestructorCall::List().push_back(new DestructorCall);
- return DestructorCall::List().size() - 1;
- }
- const int index_;
-
- GTEST_DISALLOW_ASSIGN_(DestructorTracker);
-};
-
-typedef ThreadLocal<DestructorTracker>* ThreadParam;
-
-void CallThreadLocalGet(ThreadParam thread_local_param) {
- thread_local_param->get();
-}
-
-// Tests that when a ThreadLocal object dies in a thread, it destroys
-// the managed object for that thread.
-TEST(ThreadLocalTest, DestroysManagedObjectForOwnThreadWhenDying) {
- DestructorCall::ResetList();
-
- {
- // The next line default constructs a DestructorTracker object as
- // the default value of objects managed by thread_local_tracker.
- ThreadLocal<DestructorTracker> thread_local_tracker;
- ASSERT_EQ(1U, DestructorCall::List().size());
- ASSERT_FALSE(DestructorCall::List()[0]->CheckDestroyed());
-
- // This creates another DestructorTracker object for the main thread.
- thread_local_tracker.get();
- ASSERT_EQ(2U, DestructorCall::List().size());
- ASSERT_FALSE(DestructorCall::List()[0]->CheckDestroyed());
- ASSERT_FALSE(DestructorCall::List()[1]->CheckDestroyed());
- }
-
- // Now thread_local_tracker has died. It should have destroyed both the
- // default value shared by all threads and the value for the main
- // thread.
- ASSERT_EQ(2U, DestructorCall::List().size());
- EXPECT_TRUE(DestructorCall::List()[0]->CheckDestroyed());
- EXPECT_TRUE(DestructorCall::List()[1]->CheckDestroyed());
-
- DestructorCall::ResetList();
-}
-
-// Tests that when a thread exits, the thread-local object for that
-// thread is destroyed.
-TEST(ThreadLocalTest, DestroysManagedObjectAtThreadExit) {
- DestructorCall::ResetList();
-
- {
- // The next line default constructs a DestructorTracker object as
- // the default value of objects managed by thread_local_tracker.
- ThreadLocal<DestructorTracker> thread_local_tracker;
- ASSERT_EQ(1U, DestructorCall::List().size());
- ASSERT_FALSE(DestructorCall::List()[0]->CheckDestroyed());
-
- // This creates another DestructorTracker object in the new thread.
- ThreadWithParam<ThreadParam> thread(
- &CallThreadLocalGet, &thread_local_tracker, NULL);
- thread.Join();
-
- // The thread has exited, and we should have another DestroyedTracker
- // instance created for it. But it may not have been destroyed yet.
- // The instance for the main thread should still persist.
- ASSERT_EQ(2U, DestructorCall::List().size());
- ASSERT_FALSE(DestructorCall::List()[0]->CheckDestroyed());
- }
-
- // The thread has exited and thread_local_tracker has died. The default
- // value should have been destroyed too.
- ASSERT_EQ(2U, DestructorCall::List().size());
- EXPECT_TRUE(DestructorCall::List()[0]->CheckDestroyed());
- EXPECT_TRUE(DestructorCall::List()[1]->CheckDestroyed());
-
- DestructorCall::ResetList();
-}
-
-TEST(ThreadLocalTest, ThreadLocalMutationsAffectOnlyCurrentThread) {
- ThreadLocal<std::string> thread_local_string;
- thread_local_string.set("Foo");
- EXPECT_STREQ("Foo", thread_local_string.get().c_str());
-
- std::string result;
- RunFromThread(&RetrieveThreadLocalValue,
- make_pair(&thread_local_string, &result));
- EXPECT_TRUE(result.empty());
-}
-
-#endif // GTEST_IS_THREADSAFE
-
-#if GTEST_OS_WINDOWS
-TEST(WindowsTypesTest, HANDLEIsVoidStar) {
- StaticAssertTypeEq<HANDLE, void*>();
-}
-
-TEST(WindowsTypesTest, CRITICAL_SECTIONIs_RTL_CRITICAL_SECTION) {
- StaticAssertTypeEq<CRITICAL_SECTION, _RTL_CRITICAL_SECTION>();
-}
-#endif // GTEST_OS_WINDOWS
-
-} // namespace internal
-} // namespace testing
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-printers_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-printers_test.cc
deleted file mode 100644
index 7b07fd105..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-printers_test.cc
+++ /dev/null
@@ -1,1651 +0,0 @@
-// Copyright 2007, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
-// Google Test - The Google C++ Testing Framework
-//
-// This file tests the universal value printer.
-
-#include "gtest/gtest-printers.h"
-
-#include <ctype.h>
-#include <limits.h>
-#include <string.h>
-#include <algorithm>
-#include <deque>
-#include <list>
-#include <map>
-#include <set>
-#include <sstream>
-#include <string>
-#include <utility>
-#include <vector>
-
-#include "gtest/gtest.h"
-
-// hash_map and hash_set are available under Visual C++.
-#if _MSC_VER
-# define GTEST_HAS_HASH_MAP_ 1 // Indicates that hash_map is available.
-# include <hash_map> // NOLINT
-# define GTEST_HAS_HASH_SET_ 1 // Indicates that hash_set is available.
-# include <hash_set> // NOLINT
-#endif // GTEST_OS_WINDOWS
-
-// Some user-defined types for testing the universal value printer.
-
-// An anonymous enum type.
-enum AnonymousEnum {
- kAE1 = -1,
- kAE2 = 1
-};
-
-// An enum without a user-defined printer.
-enum EnumWithoutPrinter {
- kEWP1 = -2,
- kEWP2 = 42
-};
-
-// An enum with a << operator.
-enum EnumWithStreaming {
- kEWS1 = 10
-};
-
-std::ostream& operator<<(std::ostream& os, EnumWithStreaming e) {
- return os << (e == kEWS1 ? "kEWS1" : "invalid");
-}
-
-// An enum with a PrintTo() function.
-enum EnumWithPrintTo {
- kEWPT1 = 1
-};
-
-void PrintTo(EnumWithPrintTo e, std::ostream* os) {
- *os << (e == kEWPT1 ? "kEWPT1" : "invalid");
-}
-
-// A class implicitly convertible to BiggestInt.
-class BiggestIntConvertible {
- public:
- operator ::testing::internal::BiggestInt() const { return 42; }
-};
-
-// A user-defined unprintable class template in the global namespace.
-template <typename T>
-class UnprintableTemplateInGlobal {
- public:
- UnprintableTemplateInGlobal() : value_() {}
- private:
- T value_;
-};
-
-// A user-defined streamable type in the global namespace.
-class StreamableInGlobal {
- public:
- virtual ~StreamableInGlobal() {}
-};
-
-inline void operator<<(::std::ostream& os, const StreamableInGlobal& /* x */) {
- os << "StreamableInGlobal";
-}
-
-void operator<<(::std::ostream& os, const StreamableInGlobal* /* x */) {
- os << "StreamableInGlobal*";
-}
-
-namespace foo {
-
-// A user-defined unprintable type in a user namespace.
-class UnprintableInFoo {
- public:
- UnprintableInFoo() : z_(0) { memcpy(xy_, "\xEF\x12\x0\x0\x34\xAB\x0\x0", 8); }
- double z() const { return z_; }
- private:
- char xy_[8];
- double z_;
-};
-
-// A user-defined printable type in a user-chosen namespace.
-struct PrintableViaPrintTo {
- PrintableViaPrintTo() : value() {}
- int value;
-};
-
-void PrintTo(const PrintableViaPrintTo& x, ::std::ostream* os) {
- *os << "PrintableViaPrintTo: " << x.value;
-}
-
-// A type with a user-defined << for printing its pointer.
-struct PointerPrintable {
-};
-
-::std::ostream& operator<<(::std::ostream& os,
- const PointerPrintable* /* x */) {
- return os << "PointerPrintable*";
-}
-
-// A user-defined printable class template in a user-chosen namespace.
-template <typename T>
-class PrintableViaPrintToTemplate {
- public:
- explicit PrintableViaPrintToTemplate(const T& a_value) : value_(a_value) {}
-
- const T& value() const { return value_; }
- private:
- T value_;
-};
-
-template <typename T>
-void PrintTo(const PrintableViaPrintToTemplate<T>& x, ::std::ostream* os) {
- *os << "PrintableViaPrintToTemplate: " << x.value();
-}
-
-// A user-defined streamable class template in a user namespace.
-template <typename T>
-class StreamableTemplateInFoo {
- public:
- StreamableTemplateInFoo() : value_() {}
-
- const T& value() const { return value_; }
- private:
- T value_;
-};
-
-template <typename T>
-inline ::std::ostream& operator<<(::std::ostream& os,
- const StreamableTemplateInFoo<T>& x) {
- return os << "StreamableTemplateInFoo: " << x.value();
-}
-
-} // namespace foo
-
-namespace testing {
-namespace gtest_printers_test {
-
-using ::std::deque;
-using ::std::list;
-using ::std::make_pair;
-using ::std::map;
-using ::std::multimap;
-using ::std::multiset;
-using ::std::pair;
-using ::std::set;
-using ::std::vector;
-using ::testing::PrintToString;
-using ::testing::internal::FormatForComparisonFailureMessage;
-using ::testing::internal::ImplicitCast_;
-using ::testing::internal::NativeArray;
-using ::testing::internal::RE;
-using ::testing::internal::RelationToSourceReference;
-using ::testing::internal::Strings;
-using ::testing::internal::UniversalPrint;
-using ::testing::internal::UniversalPrinter;
-using ::testing::internal::UniversalTersePrint;
-using ::testing::internal::UniversalTersePrintTupleFieldsToStrings;
-using ::testing::internal::string;
-
-// The hash_* classes are not part of the C++ standard. STLport
-// defines them in namespace std. MSVC defines them in ::stdext. GCC
-// defines them in ::.
-#ifdef _STLP_HASH_MAP // We got <hash_map> from STLport.
-using ::std::hash_map;
-using ::std::hash_set;
-using ::std::hash_multimap;
-using ::std::hash_multiset;
-#elif _MSC_VER
-using ::stdext::hash_map;
-using ::stdext::hash_set;
-using ::stdext::hash_multimap;
-using ::stdext::hash_multiset;
-#endif
-
-// Prints a value to a string using the universal value printer. This
-// is a helper for testing UniversalPrinter<T>::Print() for various types.
-template <typename T>
-string Print(const T& value) {
- ::std::stringstream ss;
- UniversalPrinter<T>::Print(value, &ss);
- return ss.str();
-}
-
-// Prints a value passed by reference to a string, using the universal
-// value printer. This is a helper for testing
-// UniversalPrinter<T&>::Print() for various types.
-template <typename T>
-string PrintByRef(const T& value) {
- ::std::stringstream ss;
- UniversalPrinter<T&>::Print(value, &ss);
- return ss.str();
-}
-
-// Tests printing various enum types.
-
-TEST(PrintEnumTest, AnonymousEnum) {
- EXPECT_EQ("-1", Print(kAE1));
- EXPECT_EQ("1", Print(kAE2));
-}
-
-TEST(PrintEnumTest, EnumWithoutPrinter) {
- EXPECT_EQ("-2", Print(kEWP1));
- EXPECT_EQ("42", Print(kEWP2));
-}
-
-TEST(PrintEnumTest, EnumWithStreaming) {
- EXPECT_EQ("kEWS1", Print(kEWS1));
- EXPECT_EQ("invalid", Print(static_cast<EnumWithStreaming>(0)));
-}
-
-TEST(PrintEnumTest, EnumWithPrintTo) {
- EXPECT_EQ("kEWPT1", Print(kEWPT1));
- EXPECT_EQ("invalid", Print(static_cast<EnumWithPrintTo>(0)));
-}
-
-// Tests printing a class implicitly convertible to BiggestInt.
-
-TEST(PrintClassTest, BiggestIntConvertible) {
- EXPECT_EQ("42", Print(BiggestIntConvertible()));
-}
-
-// Tests printing various char types.
-
-// char.
-TEST(PrintCharTest, PlainChar) {
- EXPECT_EQ("'\\0'", Print('\0'));
- EXPECT_EQ("'\\'' (39, 0x27)", Print('\''));
- EXPECT_EQ("'\"' (34, 0x22)", Print('"'));
- EXPECT_EQ("'?' (63, 0x3F)", Print('?'));
- EXPECT_EQ("'\\\\' (92, 0x5C)", Print('\\'));
- EXPECT_EQ("'\\a' (7)", Print('\a'));
- EXPECT_EQ("'\\b' (8)", Print('\b'));
- EXPECT_EQ("'\\f' (12, 0xC)", Print('\f'));
- EXPECT_EQ("'\\n' (10, 0xA)", Print('\n'));
- EXPECT_EQ("'\\r' (13, 0xD)", Print('\r'));
- EXPECT_EQ("'\\t' (9)", Print('\t'));
- EXPECT_EQ("'\\v' (11, 0xB)", Print('\v'));
- EXPECT_EQ("'\\x7F' (127)", Print('\x7F'));
- EXPECT_EQ("'\\xFF' (255)", Print('\xFF'));
- EXPECT_EQ("' ' (32, 0x20)", Print(' '));
- EXPECT_EQ("'a' (97, 0x61)", Print('a'));
-}
-
-// signed char.
-TEST(PrintCharTest, SignedChar) {
- EXPECT_EQ("'\\0'", Print(static_cast<signed char>('\0')));
- EXPECT_EQ("'\\xCE' (-50)",
- Print(static_cast<signed char>(-50)));
-}
-
-// unsigned char.
-TEST(PrintCharTest, UnsignedChar) {
- EXPECT_EQ("'\\0'", Print(static_cast<unsigned char>('\0')));
- EXPECT_EQ("'b' (98, 0x62)",
- Print(static_cast<unsigned char>('b')));
-}
-
-// Tests printing other simple, built-in types.
-
-// bool.
-TEST(PrintBuiltInTypeTest, Bool) {
- EXPECT_EQ("false", Print(false));
- EXPECT_EQ("true", Print(true));
-}
-
-// wchar_t.
-TEST(PrintBuiltInTypeTest, Wchar_t) {
- EXPECT_EQ("L'\\0'", Print(L'\0'));
- EXPECT_EQ("L'\\'' (39, 0x27)", Print(L'\''));
- EXPECT_EQ("L'\"' (34, 0x22)", Print(L'"'));
- EXPECT_EQ("L'?' (63, 0x3F)", Print(L'?'));
- EXPECT_EQ("L'\\\\' (92, 0x5C)", Print(L'\\'));
- EXPECT_EQ("L'\\a' (7)", Print(L'\a'));
- EXPECT_EQ("L'\\b' (8)", Print(L'\b'));
- EXPECT_EQ("L'\\f' (12, 0xC)", Print(L'\f'));
- EXPECT_EQ("L'\\n' (10, 0xA)", Print(L'\n'));
- EXPECT_EQ("L'\\r' (13, 0xD)", Print(L'\r'));
- EXPECT_EQ("L'\\t' (9)", Print(L'\t'));
- EXPECT_EQ("L'\\v' (11, 0xB)", Print(L'\v'));
- EXPECT_EQ("L'\\x7F' (127)", Print(L'\x7F'));
- EXPECT_EQ("L'\\xFF' (255)", Print(L'\xFF'));
- EXPECT_EQ("L' ' (32, 0x20)", Print(L' '));
- EXPECT_EQ("L'a' (97, 0x61)", Print(L'a'));
- EXPECT_EQ("L'\\x576' (1398)", Print(static_cast<wchar_t>(0x576)));
- EXPECT_EQ("L'\\xC74D' (51021)", Print(static_cast<wchar_t>(0xC74D)));
-}
-
-// Test that Int64 provides more storage than wchar_t.
-TEST(PrintTypeSizeTest, Wchar_t) {
- EXPECT_LT(sizeof(wchar_t), sizeof(testing::internal::Int64));
-}
-
-// Various integer types.
-TEST(PrintBuiltInTypeTest, Integer) {
- EXPECT_EQ("'\\xFF' (255)", Print(static_cast<unsigned char>(255))); // uint8
- EXPECT_EQ("'\\x80' (-128)", Print(static_cast<signed char>(-128))); // int8
- EXPECT_EQ("65535", Print(USHRT_MAX)); // uint16
- EXPECT_EQ("-32768", Print(SHRT_MIN)); // int16
- EXPECT_EQ("4294967295", Print(UINT_MAX)); // uint32
- EXPECT_EQ("-2147483648", Print(INT_MIN)); // int32
- EXPECT_EQ("18446744073709551615",
- Print(static_cast<testing::internal::UInt64>(-1))); // uint64
- EXPECT_EQ("-9223372036854775808",
- Print(static_cast<testing::internal::Int64>(1) << 63)); // int64
-}
-
-// Size types.
-TEST(PrintBuiltInTypeTest, Size_t) {
- EXPECT_EQ("1", Print(sizeof('a'))); // size_t.
-#if !GTEST_OS_WINDOWS
- // Windows has no ssize_t type.
- EXPECT_EQ("-2", Print(static_cast<ssize_t>(-2))); // ssize_t.
-#endif // !GTEST_OS_WINDOWS
-}
-
-// Floating-points.
-TEST(PrintBuiltInTypeTest, FloatingPoints) {
- EXPECT_EQ("1.5", Print(1.5f)); // float
- EXPECT_EQ("-2.5", Print(-2.5)); // double
-}
-
-// Since ::std::stringstream::operator<<(const void *) formats the pointer
-// output differently with different compilers, we have to create the expected
-// output first and use it as our expectation.
-static string PrintPointer(const void *p) {
- ::std::stringstream expected_result_stream;
- expected_result_stream << p;
- return expected_result_stream.str();
-}
-
-// Tests printing C strings.
-
-// const char*.
-TEST(PrintCStringTest, Const) {
- const char* p = "World";
- EXPECT_EQ(PrintPointer(p) + " pointing to \"World\"", Print(p));
-}
-
-// char*.
-TEST(PrintCStringTest, NonConst) {
- char p[] = "Hi";
- EXPECT_EQ(PrintPointer(p) + " pointing to \"Hi\"",
- Print(static_cast<char*>(p)));
-}
-
-// NULL C string.
-TEST(PrintCStringTest, Null) {
- const char* p = NULL;
- EXPECT_EQ("NULL", Print(p));
-}
-
-// Tests that C strings are escaped properly.
-TEST(PrintCStringTest, EscapesProperly) {
- const char* p = "'\"?\\\a\b\f\n\r\t\v\x7F\xFF a";
- EXPECT_EQ(PrintPointer(p) + " pointing to \"'\\\"?\\\\\\a\\b\\f"
- "\\n\\r\\t\\v\\x7F\\xFF a\"",
- Print(p));
-}
-
-// MSVC compiler can be configured to define whar_t as a typedef
-// of unsigned short. Defining an overload for const wchar_t* in that case
-// would cause pointers to unsigned shorts be printed as wide strings,
-// possibly accessing more memory than intended and causing invalid
-// memory accesses. MSVC defines _NATIVE_WCHAR_T_DEFINED symbol when
-// wchar_t is implemented as a native type.
-#if !defined(_MSC_VER) || defined(_NATIVE_WCHAR_T_DEFINED)
-
-// const wchar_t*.
-TEST(PrintWideCStringTest, Const) {
- const wchar_t* p = L"World";
- EXPECT_EQ(PrintPointer(p) + " pointing to L\"World\"", Print(p));
-}
-
-// wchar_t*.
-TEST(PrintWideCStringTest, NonConst) {
- wchar_t p[] = L"Hi";
- EXPECT_EQ(PrintPointer(p) + " pointing to L\"Hi\"",
- Print(static_cast<wchar_t*>(p)));
-}
-
-// NULL wide C string.
-TEST(PrintWideCStringTest, Null) {
- const wchar_t* p = NULL;
- EXPECT_EQ("NULL", Print(p));
-}
-
-// Tests that wide C strings are escaped properly.
-TEST(PrintWideCStringTest, EscapesProperly) {
- const wchar_t s[] = {'\'', '"', '?', '\\', '\a', '\b', '\f', '\n', '\r',
- '\t', '\v', 0xD3, 0x576, 0x8D3, 0xC74D, ' ', 'a', '\0'};
- EXPECT_EQ(PrintPointer(s) + " pointing to L\"'\\\"?\\\\\\a\\b\\f"
- "\\n\\r\\t\\v\\xD3\\x576\\x8D3\\xC74D a\"",
- Print(static_cast<const wchar_t*>(s)));
-}
-#endif // native wchar_t
-
-// Tests printing pointers to other char types.
-
-// signed char*.
-TEST(PrintCharPointerTest, SignedChar) {
- signed char* p = reinterpret_cast<signed char*>(0x1234);
- EXPECT_EQ(PrintPointer(p), Print(p));
- p = NULL;
- EXPECT_EQ("NULL", Print(p));
-}
-
-// const signed char*.
-TEST(PrintCharPointerTest, ConstSignedChar) {
- signed char* p = reinterpret_cast<signed char*>(0x1234);
- EXPECT_EQ(PrintPointer(p), Print(p));
- p = NULL;
- EXPECT_EQ("NULL", Print(p));
-}
-
-// unsigned char*.
-TEST(PrintCharPointerTest, UnsignedChar) {
- unsigned char* p = reinterpret_cast<unsigned char*>(0x1234);
- EXPECT_EQ(PrintPointer(p), Print(p));
- p = NULL;
- EXPECT_EQ("NULL", Print(p));
-}
-
-// const unsigned char*.
-TEST(PrintCharPointerTest, ConstUnsignedChar) {
- const unsigned char* p = reinterpret_cast<const unsigned char*>(0x1234);
- EXPECT_EQ(PrintPointer(p), Print(p));
- p = NULL;
- EXPECT_EQ("NULL", Print(p));
-}
-
-// Tests printing pointers to simple, built-in types.
-
-// bool*.
-TEST(PrintPointerToBuiltInTypeTest, Bool) {
- bool* p = reinterpret_cast<bool*>(0xABCD);
- EXPECT_EQ(PrintPointer(p), Print(p));
- p = NULL;
- EXPECT_EQ("NULL", Print(p));
-}
-
-// void*.
-TEST(PrintPointerToBuiltInTypeTest, Void) {
- void* p = reinterpret_cast<void*>(0xABCD);
- EXPECT_EQ(PrintPointer(p), Print(p));
- p = NULL;
- EXPECT_EQ("NULL", Print(p));
-}
-
-// const void*.
-TEST(PrintPointerToBuiltInTypeTest, ConstVoid) {
- const void* p = reinterpret_cast<const void*>(0xABCD);
- EXPECT_EQ(PrintPointer(p), Print(p));
- p = NULL;
- EXPECT_EQ("NULL", Print(p));
-}
-
-// Tests printing pointers to pointers.
-TEST(PrintPointerToPointerTest, IntPointerPointer) {
- int** p = reinterpret_cast<int**>(0xABCD);
- EXPECT_EQ(PrintPointer(p), Print(p));
- p = NULL;
- EXPECT_EQ("NULL", Print(p));
-}
-
-// Tests printing (non-member) function pointers.
-
-void MyFunction(int /* n */) {}
-
-TEST(PrintPointerTest, NonMemberFunctionPointer) {
- // We cannot directly cast &MyFunction to const void* because the
- // standard disallows casting between pointers to functions and
- // pointers to objects, and some compilers (e.g. GCC 3.4) enforce
- // this limitation.
- EXPECT_EQ(
- PrintPointer(reinterpret_cast<const void*>(
- reinterpret_cast<internal::BiggestInt>(&MyFunction))),
- Print(&MyFunction));
- int (*p)(bool) = NULL; // NOLINT
- EXPECT_EQ("NULL", Print(p));
-}
-
-// An assertion predicate determining whether a one string is a prefix for
-// another.
-template <typename StringType>
-AssertionResult HasPrefix(const StringType& str, const StringType& prefix) {
- if (str.find(prefix, 0) == 0)
- return AssertionSuccess();
-
- const bool is_wide_string = sizeof(prefix[0]) > 1;
- const char* const begin_string_quote = is_wide_string ? "L\"" : "\"";
- return AssertionFailure()
- << begin_string_quote << prefix << "\" is not a prefix of "
- << begin_string_quote << str << "\"\n";
-}
-
-// Tests printing member variable pointers. Although they are called
-// pointers, they don't point to a location in the address space.
-// Their representation is implementation-defined. Thus they will be
-// printed as raw bytes.
-
-struct Foo {
- public:
- virtual ~Foo() {}
- int MyMethod(char x) { return x + 1; }
- virtual char MyVirtualMethod(int /* n */) { return 'a'; }
-
- int value;
-};
-
-TEST(PrintPointerTest, MemberVariablePointer) {
- EXPECT_TRUE(HasPrefix(Print(&Foo::value),
- Print(sizeof(&Foo::value)) + "-byte object "));
- int (Foo::*p) = NULL; // NOLINT
- EXPECT_TRUE(HasPrefix(Print(p),
- Print(sizeof(p)) + "-byte object "));
-}
-
-// Tests printing member function pointers. Although they are called
-// pointers, they don't point to a location in the address space.
-// Their representation is implementation-defined. Thus they will be
-// printed as raw bytes.
-TEST(PrintPointerTest, MemberFunctionPointer) {
- EXPECT_TRUE(HasPrefix(Print(&Foo::MyMethod),
- Print(sizeof(&Foo::MyMethod)) + "-byte object "));
- EXPECT_TRUE(
- HasPrefix(Print(&Foo::MyVirtualMethod),
- Print(sizeof((&Foo::MyVirtualMethod))) + "-byte object "));
- int (Foo::*p)(char) = NULL; // NOLINT
- EXPECT_TRUE(HasPrefix(Print(p),
- Print(sizeof(p)) + "-byte object "));
-}
-
-// Tests printing C arrays.
-
-// The difference between this and Print() is that it ensures that the
-// argument is a reference to an array.
-template <typename T, size_t N>
-string PrintArrayHelper(T (&a)[N]) {
- return Print(a);
-}
-
-// One-dimensional array.
-TEST(PrintArrayTest, OneDimensionalArray) {
- int a[5] = { 1, 2, 3, 4, 5 };
- EXPECT_EQ("{ 1, 2, 3, 4, 5 }", PrintArrayHelper(a));
-}
-
-// Two-dimensional array.
-TEST(PrintArrayTest, TwoDimensionalArray) {
- int a[2][5] = {
- { 1, 2, 3, 4, 5 },
- { 6, 7, 8, 9, 0 }
- };
- EXPECT_EQ("{ { 1, 2, 3, 4, 5 }, { 6, 7, 8, 9, 0 } }", PrintArrayHelper(a));
-}
-
-// Array of const elements.
-TEST(PrintArrayTest, ConstArray) {
- const bool a[1] = { false };
- EXPECT_EQ("{ false }", PrintArrayHelper(a));
-}
-
-// char array without terminating NUL.
-TEST(PrintArrayTest, CharArrayWithNoTerminatingNul) {
- // Array a contains '\0' in the middle and doesn't end with '\0'.
- char a[] = { 'H', '\0', 'i' };
- EXPECT_EQ("\"H\\0i\" (no terminating NUL)", PrintArrayHelper(a));
-}
-
-// const char array with terminating NUL.
-TEST(PrintArrayTest, ConstCharArrayWithTerminatingNul) {
- const char a[] = "\0Hi";
- EXPECT_EQ("\"\\0Hi\"", PrintArrayHelper(a));
-}
-
-// const wchar_t array without terminating NUL.
-TEST(PrintArrayTest, WCharArrayWithNoTerminatingNul) {
- // Array a contains '\0' in the middle and doesn't end with '\0'.
- const wchar_t a[] = { L'H', L'\0', L'i' };
- EXPECT_EQ("L\"H\\0i\" (no terminating NUL)", PrintArrayHelper(a));
-}
-
-// wchar_t array with terminating NUL.
-TEST(PrintArrayTest, WConstCharArrayWithTerminatingNul) {
- const wchar_t a[] = L"\0Hi";
- EXPECT_EQ("L\"\\0Hi\"", PrintArrayHelper(a));
-}
-
-// Array of objects.
-TEST(PrintArrayTest, ObjectArray) {
- string a[3] = { "Hi", "Hello", "Ni hao" };
- EXPECT_EQ("{ \"Hi\", \"Hello\", \"Ni hao\" }", PrintArrayHelper(a));
-}
-
-// Array with many elements.
-TEST(PrintArrayTest, BigArray) {
- int a[100] = { 1, 2, 3 };
- EXPECT_EQ("{ 1, 2, 3, 0, 0, 0, 0, 0, ..., 0, 0, 0, 0, 0, 0, 0, 0 }",
- PrintArrayHelper(a));
-}
-
-// Tests printing ::string and ::std::string.
-
-#if GTEST_HAS_GLOBAL_STRING
-// ::string.
-TEST(PrintStringTest, StringInGlobalNamespace) {
- const char s[] = "'\"?\\\a\b\f\n\0\r\t\v\x7F\xFF a";
- const ::string str(s, sizeof(s));
- EXPECT_EQ("\"'\\\"?\\\\\\a\\b\\f\\n\\0\\r\\t\\v\\x7F\\xFF a\\0\"",
- Print(str));
-}
-#endif // GTEST_HAS_GLOBAL_STRING
-
-// ::std::string.
-TEST(PrintStringTest, StringInStdNamespace) {
- const char s[] = "'\"?\\\a\b\f\n\0\r\t\v\x7F\xFF a";
- const ::std::string str(s, sizeof(s));
- EXPECT_EQ("\"'\\\"?\\\\\\a\\b\\f\\n\\0\\r\\t\\v\\x7F\\xFF a\\0\"",
- Print(str));
-}
-
-TEST(PrintStringTest, StringAmbiguousHex) {
- // "\x6BANANA" is ambiguous, it can be interpreted as starting with either of:
- // '\x6', '\x6B', or '\x6BA'.
-
- // a hex escaping sequence following by a decimal digit
- EXPECT_EQ("\"0\\x12\" \"3\"", Print(::std::string("0\x12" "3")));
- // a hex escaping sequence following by a hex digit (lower-case)
- EXPECT_EQ("\"mm\\x6\" \"bananas\"", Print(::std::string("mm\x6" "bananas")));
- // a hex escaping sequence following by a hex digit (upper-case)
- EXPECT_EQ("\"NOM\\x6\" \"BANANA\"", Print(::std::string("NOM\x6" "BANANA")));
- // a hex escaping sequence following by a non-xdigit
- EXPECT_EQ("\"!\\x5-!\"", Print(::std::string("!\x5-!")));
-}
-
-// Tests printing ::wstring and ::std::wstring.
-
-#if GTEST_HAS_GLOBAL_WSTRING
-// ::wstring.
-TEST(PrintWideStringTest, StringInGlobalNamespace) {
- const wchar_t s[] = L"'\"?\\\a\b\f\n\0\r\t\v\xD3\x576\x8D3\xC74D a";
- const ::wstring str(s, sizeof(s)/sizeof(wchar_t));
- EXPECT_EQ("L\"'\\\"?\\\\\\a\\b\\f\\n\\0\\r\\t\\v"
- "\\xD3\\x576\\x8D3\\xC74D a\\0\"",
- Print(str));
-}
-#endif // GTEST_HAS_GLOBAL_WSTRING
-
-#if GTEST_HAS_STD_WSTRING
-// ::std::wstring.
-TEST(PrintWideStringTest, StringInStdNamespace) {
- const wchar_t s[] = L"'\"?\\\a\b\f\n\0\r\t\v\xD3\x576\x8D3\xC74D a";
- const ::std::wstring str(s, sizeof(s)/sizeof(wchar_t));
- EXPECT_EQ("L\"'\\\"?\\\\\\a\\b\\f\\n\\0\\r\\t\\v"
- "\\xD3\\x576\\x8D3\\xC74D a\\0\"",
- Print(str));
-}
-
-TEST(PrintWideStringTest, StringAmbiguousHex) {
- // same for wide strings.
- EXPECT_EQ("L\"0\\x12\" L\"3\"", Print(::std::wstring(L"0\x12" L"3")));
- EXPECT_EQ("L\"mm\\x6\" L\"bananas\"",
- Print(::std::wstring(L"mm\x6" L"bananas")));
- EXPECT_EQ("L\"NOM\\x6\" L\"BANANA\"",
- Print(::std::wstring(L"NOM\x6" L"BANANA")));
- EXPECT_EQ("L\"!\\x5-!\"", Print(::std::wstring(L"!\x5-!")));
-}
-#endif // GTEST_HAS_STD_WSTRING
-
-// Tests printing types that support generic streaming (i.e. streaming
-// to std::basic_ostream<Char, CharTraits> for any valid Char and
-// CharTraits types).
-
-// Tests printing a non-template type that supports generic streaming.
-
-class AllowsGenericStreaming {};
-
-template <typename Char, typename CharTraits>
-std::basic_ostream<Char, CharTraits>& operator<<(
- std::basic_ostream<Char, CharTraits>& os,
- const AllowsGenericStreaming& /* a */) {
- return os << "AllowsGenericStreaming";
-}
-
-TEST(PrintTypeWithGenericStreamingTest, NonTemplateType) {
- AllowsGenericStreaming a;
- EXPECT_EQ("AllowsGenericStreaming", Print(a));
-}
-
-// Tests printing a template type that supports generic streaming.
-
-template <typename T>
-class AllowsGenericStreamingTemplate {};
-
-template <typename Char, typename CharTraits, typename T>
-std::basic_ostream<Char, CharTraits>& operator<<(
- std::basic_ostream<Char, CharTraits>& os,
- const AllowsGenericStreamingTemplate<T>& /* a */) {
- return os << "AllowsGenericStreamingTemplate";
-}
-
-TEST(PrintTypeWithGenericStreamingTest, TemplateType) {
- AllowsGenericStreamingTemplate<int> a;
- EXPECT_EQ("AllowsGenericStreamingTemplate", Print(a));
-}
-
-// Tests printing a type that supports generic streaming and can be
-// implicitly converted to another printable type.
-
-template <typename T>
-class AllowsGenericStreamingAndImplicitConversionTemplate {
- public:
- operator bool() const { return false; }
-};
-
-template <typename Char, typename CharTraits, typename T>
-std::basic_ostream<Char, CharTraits>& operator<<(
- std::basic_ostream<Char, CharTraits>& os,
- const AllowsGenericStreamingAndImplicitConversionTemplate<T>& /* a */) {
- return os << "AllowsGenericStreamingAndImplicitConversionTemplate";
-}
-
-TEST(PrintTypeWithGenericStreamingTest, TypeImplicitlyConvertible) {
- AllowsGenericStreamingAndImplicitConversionTemplate<int> a;
- EXPECT_EQ("AllowsGenericStreamingAndImplicitConversionTemplate", Print(a));
-}
-
-#if GTEST_HAS_STRING_PIECE_
-
-// Tests printing StringPiece.
-
-TEST(PrintStringPieceTest, SimpleStringPiece) {
- const StringPiece sp = "Hello";
- EXPECT_EQ("\"Hello\"", Print(sp));
-}
-
-TEST(PrintStringPieceTest, UnprintableCharacters) {
- const char str[] = "NUL (\0) and \r\t";
- const StringPiece sp(str, sizeof(str) - 1);
- EXPECT_EQ("\"NUL (\\0) and \\r\\t\"", Print(sp));
-}
-
-#endif // GTEST_HAS_STRING_PIECE_
-
-// Tests printing STL containers.
-
-TEST(PrintStlContainerTest, EmptyDeque) {
- deque<char> empty;
- EXPECT_EQ("{}", Print(empty));
-}
-
-TEST(PrintStlContainerTest, NonEmptyDeque) {
- deque<int> non_empty;
- non_empty.push_back(1);
- non_empty.push_back(3);
- EXPECT_EQ("{ 1, 3 }", Print(non_empty));
-}
-
-#if GTEST_HAS_HASH_MAP_
-
-TEST(PrintStlContainerTest, OneElementHashMap) {
- hash_map<int, char> map1;
- map1[1] = 'a';
- EXPECT_EQ("{ (1, 'a' (97, 0x61)) }", Print(map1));
-}
-
-TEST(PrintStlContainerTest, HashMultiMap) {
- hash_multimap<int, bool> map1;
- map1.insert(make_pair(5, true));
- map1.insert(make_pair(5, false));
-
- // Elements of hash_multimap can be printed in any order.
- const string result = Print(map1);
- EXPECT_TRUE(result == "{ (5, true), (5, false) }" ||
- result == "{ (5, false), (5, true) }")
- << " where Print(map1) returns \"" << result << "\".";
-}
-
-#endif // GTEST_HAS_HASH_MAP_
-
-#if GTEST_HAS_HASH_SET_
-
-TEST(PrintStlContainerTest, HashSet) {
- hash_set<string> set1;
- set1.insert("hello");
- EXPECT_EQ("{ \"hello\" }", Print(set1));
-}
-
-TEST(PrintStlContainerTest, HashMultiSet) {
- const int kSize = 5;
- int a[kSize] = { 1, 1, 2, 5, 1 };
- hash_multiset<int> set1(a, a + kSize);
-
- // Elements of hash_multiset can be printed in any order.
- const string result = Print(set1);
- const string expected_pattern = "{ d, d, d, d, d }"; // d means a digit.
-
- // Verifies the result matches the expected pattern; also extracts
- // the numbers in the result.
- ASSERT_EQ(expected_pattern.length(), result.length());
- std::vector<int> numbers;
- for (size_t i = 0; i != result.length(); i++) {
- if (expected_pattern[i] == 'd') {
- ASSERT_NE(isdigit(static_cast<unsigned char>(result[i])), 0);
- numbers.push_back(result[i] - '0');
- } else {
- EXPECT_EQ(expected_pattern[i], result[i]) << " where result is "
- << result;
- }
- }
-
- // Makes sure the result contains the right numbers.
- std::sort(numbers.begin(), numbers.end());
- std::sort(a, a + kSize);
- EXPECT_TRUE(std::equal(a, a + kSize, numbers.begin()));
-}
-
-#endif // GTEST_HAS_HASH_SET_
-
-TEST(PrintStlContainerTest, List) {
- const string a[] = {
- "hello",
- "world"
- };
- const list<string> strings(a, a + 2);
- EXPECT_EQ("{ \"hello\", \"world\" }", Print(strings));
-}
-
-TEST(PrintStlContainerTest, Map) {
- map<int, bool> map1;
- map1[1] = true;
- map1[5] = false;
- map1[3] = true;
- EXPECT_EQ("{ (1, true), (3, true), (5, false) }", Print(map1));
-}
-
-TEST(PrintStlContainerTest, MultiMap) {
- multimap<bool, int> map1;
- // The make_pair template function would deduce the type as
- // pair<bool, int> here, and since the key part in a multimap has to
- // be constant, without a templated ctor in the pair class (as in
- // libCstd on Solaris), make_pair call would fail to compile as no
- // implicit conversion is found. Thus explicit typename is used
- // here instead.
- map1.insert(pair<const bool, int>(true, 0));
- map1.insert(pair<const bool, int>(true, 1));
- map1.insert(pair<const bool, int>(false, 2));
- EXPECT_EQ("{ (false, 2), (true, 0), (true, 1) }", Print(map1));
-}
-
-TEST(PrintStlContainerTest, Set) {
- const unsigned int a[] = { 3, 0, 5 };
- set<unsigned int> set1(a, a + 3);
- EXPECT_EQ("{ 0, 3, 5 }", Print(set1));
-}
-
-TEST(PrintStlContainerTest, MultiSet) {
- const int a[] = { 1, 1, 2, 5, 1 };
- multiset<int> set1(a, a + 5);
- EXPECT_EQ("{ 1, 1, 1, 2, 5 }", Print(set1));
-}
-
-TEST(PrintStlContainerTest, Pair) {
- pair<const bool, int> p(true, 5);
- EXPECT_EQ("(true, 5)", Print(p));
-}
-
-TEST(PrintStlContainerTest, Vector) {
- vector<int> v;
- v.push_back(1);
- v.push_back(2);
- EXPECT_EQ("{ 1, 2 }", Print(v));
-}
-
-TEST(PrintStlContainerTest, LongSequence) {
- const int a[100] = { 1, 2, 3 };
- const vector<int> v(a, a + 100);
- EXPECT_EQ("{ 1, 2, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, "
- "0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ... }", Print(v));
-}
-
-TEST(PrintStlContainerTest, NestedContainer) {
- const int a1[] = { 1, 2 };
- const int a2[] = { 3, 4, 5 };
- const list<int> l1(a1, a1 + 2);
- const list<int> l2(a2, a2 + 3);
-
- vector<list<int> > v;
- v.push_back(l1);
- v.push_back(l2);
- EXPECT_EQ("{ { 1, 2 }, { 3, 4, 5 } }", Print(v));
-}
-
-TEST(PrintStlContainerTest, OneDimensionalNativeArray) {
- const int a[3] = { 1, 2, 3 };
- NativeArray<int> b(a, 3, RelationToSourceReference());
- EXPECT_EQ("{ 1, 2, 3 }", Print(b));
-}
-
-TEST(PrintStlContainerTest, TwoDimensionalNativeArray) {
- const int a[2][3] = { { 1, 2, 3 }, { 4, 5, 6 } };
- NativeArray<int[3]> b(a, 2, RelationToSourceReference());
- EXPECT_EQ("{ { 1, 2, 3 }, { 4, 5, 6 } }", Print(b));
-}
-
-// Tests that a class named iterator isn't treated as a container.
-
-struct iterator {
- char x;
-};
-
-TEST(PrintStlContainerTest, Iterator) {
- iterator it = {};
- EXPECT_EQ("1-byte object <00>", Print(it));
-}
-
-// Tests that a class named const_iterator isn't treated as a container.
-
-struct const_iterator {
- char x;
-};
-
-TEST(PrintStlContainerTest, ConstIterator) {
- const_iterator it = {};
- EXPECT_EQ("1-byte object <00>", Print(it));
-}
-
-#if GTEST_HAS_TR1_TUPLE
-// Tests printing ::std::tr1::tuples.
-
-// Tuples of various arities.
-TEST(PrintTr1TupleTest, VariousSizes) {
- ::std::tr1::tuple<> t0;
- EXPECT_EQ("()", Print(t0));
-
- ::std::tr1::tuple<int> t1(5);
- EXPECT_EQ("(5)", Print(t1));
-
- ::std::tr1::tuple<char, bool> t2('a', true);
- EXPECT_EQ("('a' (97, 0x61), true)", Print(t2));
-
- ::std::tr1::tuple<bool, int, int> t3(false, 2, 3);
- EXPECT_EQ("(false, 2, 3)", Print(t3));
-
- ::std::tr1::tuple<bool, int, int, int> t4(false, 2, 3, 4);
- EXPECT_EQ("(false, 2, 3, 4)", Print(t4));
-
- ::std::tr1::tuple<bool, int, int, int, bool> t5(false, 2, 3, 4, true);
- EXPECT_EQ("(false, 2, 3, 4, true)", Print(t5));
-
- ::std::tr1::tuple<bool, int, int, int, bool, int> t6(false, 2, 3, 4, true, 6);
- EXPECT_EQ("(false, 2, 3, 4, true, 6)", Print(t6));
-
- ::std::tr1::tuple<bool, int, int, int, bool, int, int> t7(
- false, 2, 3, 4, true, 6, 7);
- EXPECT_EQ("(false, 2, 3, 4, true, 6, 7)", Print(t7));
-
- ::std::tr1::tuple<bool, int, int, int, bool, int, int, bool> t8(
- false, 2, 3, 4, true, 6, 7, true);
- EXPECT_EQ("(false, 2, 3, 4, true, 6, 7, true)", Print(t8));
-
- ::std::tr1::tuple<bool, int, int, int, bool, int, int, bool, int> t9(
- false, 2, 3, 4, true, 6, 7, true, 9);
- EXPECT_EQ("(false, 2, 3, 4, true, 6, 7, true, 9)", Print(t9));
-
- const char* const str = "8";
- // VC++ 2010's implementation of tuple of C++0x is deficient, requiring
- // an explicit type cast of NULL to be used.
- ::std::tr1::tuple<bool, char, short, testing::internal::Int32, // NOLINT
- testing::internal::Int64, float, double, const char*, void*, string>
- t10(false, 'a', 3, 4, 5, 1.5F, -2.5, str,
- ImplicitCast_<void*>(NULL), "10");
- EXPECT_EQ("(false, 'a' (97, 0x61), 3, 4, 5, 1.5, -2.5, " + PrintPointer(str) +
- " pointing to \"8\", NULL, \"10\")",
- Print(t10));
-}
-
-// Nested tuples.
-TEST(PrintTr1TupleTest, NestedTuple) {
- ::std::tr1::tuple< ::std::tr1::tuple<int, bool>, char> nested(
- ::std::tr1::make_tuple(5, true), 'a');
- EXPECT_EQ("((5, true), 'a' (97, 0x61))", Print(nested));
-}
-
-#endif // GTEST_HAS_TR1_TUPLE
-
-#if GTEST_LANG_CXX11
-// Tests printing ::std::tuples.
-
-// Tuples of various arities.
-TEST(PrintStdTupleTest, VariousSizes) {
- ::std::tuple<> t0;
- EXPECT_EQ("()", Print(t0));
-
- ::std::tuple<int> t1(5);
- EXPECT_EQ("(5)", Print(t1));
-
- ::std::tuple<char, bool> t2('a', true);
- EXPECT_EQ("('a' (97, 0x61), true)", Print(t2));
-
- ::std::tuple<bool, int, int> t3(false, 2, 3);
- EXPECT_EQ("(false, 2, 3)", Print(t3));
-
- ::std::tuple<bool, int, int, int> t4(false, 2, 3, 4);
- EXPECT_EQ("(false, 2, 3, 4)", Print(t4));
-
- ::std::tuple<bool, int, int, int, bool> t5(false, 2, 3, 4, true);
- EXPECT_EQ("(false, 2, 3, 4, true)", Print(t5));
-
- ::std::tuple<bool, int, int, int, bool, int> t6(false, 2, 3, 4, true, 6);
- EXPECT_EQ("(false, 2, 3, 4, true, 6)", Print(t6));
-
- ::std::tuple<bool, int, int, int, bool, int, int> t7(
- false, 2, 3, 4, true, 6, 7);
- EXPECT_EQ("(false, 2, 3, 4, true, 6, 7)", Print(t7));
-
- ::std::tuple<bool, int, int, int, bool, int, int, bool> t8(
- false, 2, 3, 4, true, 6, 7, true);
- EXPECT_EQ("(false, 2, 3, 4, true, 6, 7, true)", Print(t8));
-
- ::std::tuple<bool, int, int, int, bool, int, int, bool, int> t9(
- false, 2, 3, 4, true, 6, 7, true, 9);
- EXPECT_EQ("(false, 2, 3, 4, true, 6, 7, true, 9)", Print(t9));
-
- const char* const str = "8";
- // VC++ 2010's implementation of tuple of C++0x is deficient, requiring
- // an explicit type cast of NULL to be used.
- ::std::tuple<bool, char, short, testing::internal::Int32, // NOLINT
- testing::internal::Int64, float, double, const char*, void*, string>
- t10(false, 'a', 3, 4, 5, 1.5F, -2.5, str,
- ImplicitCast_<void*>(NULL), "10");
- EXPECT_EQ("(false, 'a' (97, 0x61), 3, 4, 5, 1.5, -2.5, " + PrintPointer(str) +
- " pointing to \"8\", NULL, \"10\")",
- Print(t10));
-}
-
-// Nested tuples.
-TEST(PrintStdTupleTest, NestedTuple) {
- ::std::tuple< ::std::tuple<int, bool>, char> nested(
- ::std::make_tuple(5, true), 'a');
- EXPECT_EQ("((5, true), 'a' (97, 0x61))", Print(nested));
-}
-
-#endif // GTEST_LANG_CXX11
-
-// Tests printing user-defined unprintable types.
-
-// Unprintable types in the global namespace.
-TEST(PrintUnprintableTypeTest, InGlobalNamespace) {
- EXPECT_EQ("1-byte object <00>",
- Print(UnprintableTemplateInGlobal<char>()));
-}
-
-// Unprintable types in a user namespace.
-TEST(PrintUnprintableTypeTest, InUserNamespace) {
- EXPECT_EQ("16-byte object <EF-12 00-00 34-AB 00-00 00-00 00-00 00-00 00-00>",
- Print(::foo::UnprintableInFoo()));
-}
-
-// Unprintable types are that too big to be printed completely.
-
-struct Big {
- Big() { memset(array, 0, sizeof(array)); }
- char array[257];
-};
-
-TEST(PrintUnpritableTypeTest, BigObject) {
- EXPECT_EQ("257-byte object <00-00 00-00 00-00 00-00 00-00 00-00 "
- "00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 "
- "00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 "
- "00-00 00-00 00-00 00-00 00-00 00-00 ... 00-00 00-00 00-00 "
- "00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 "
- "00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 "
- "00-00 00-00 00-00 00-00 00-00 00-00 00-00 00-00 00>",
- Print(Big()));
-}
-
-// Tests printing user-defined streamable types.
-
-// Streamable types in the global namespace.
-TEST(PrintStreamableTypeTest, InGlobalNamespace) {
- StreamableInGlobal x;
- EXPECT_EQ("StreamableInGlobal", Print(x));
- EXPECT_EQ("StreamableInGlobal*", Print(&x));
-}
-
-// Printable template types in a user namespace.
-TEST(PrintStreamableTypeTest, TemplateTypeInUserNamespace) {
- EXPECT_EQ("StreamableTemplateInFoo: 0",
- Print(::foo::StreamableTemplateInFoo<int>()));
-}
-
-// Tests printing user-defined types that have a PrintTo() function.
-TEST(PrintPrintableTypeTest, InUserNamespace) {
- EXPECT_EQ("PrintableViaPrintTo: 0",
- Print(::foo::PrintableViaPrintTo()));
-}
-
-// Tests printing a pointer to a user-defined type that has a <<
-// operator for its pointer.
-TEST(PrintPrintableTypeTest, PointerInUserNamespace) {
- ::foo::PointerPrintable x;
- EXPECT_EQ("PointerPrintable*", Print(&x));
-}
-
-// Tests printing user-defined class template that have a PrintTo() function.
-TEST(PrintPrintableTypeTest, TemplateInUserNamespace) {
- EXPECT_EQ("PrintableViaPrintToTemplate: 5",
- Print(::foo::PrintableViaPrintToTemplate<int>(5)));
-}
-
-#if GTEST_HAS_PROTOBUF_
-
-// Tests printing a short proto2 message.
-TEST(PrintProto2MessageTest, PrintsShortDebugStringWhenItIsShort) {
- testing::internal::FooMessage msg;
- msg.set_int_field(2);
- msg.set_string_field("hello");
- EXPECT_PRED2(RE::FullMatch, Print(msg),
- "<int_field:\\s*2\\s+string_field:\\s*\"hello\">");
-}
-
-// Tests printing a long proto2 message.
-TEST(PrintProto2MessageTest, PrintsDebugStringWhenItIsLong) {
- testing::internal::FooMessage msg;
- msg.set_int_field(2);
- msg.set_string_field("hello");
- msg.add_names("peter");
- msg.add_names("paul");
- msg.add_names("mary");
- EXPECT_PRED2(RE::FullMatch, Print(msg),
- "<\n"
- "int_field:\\s*2\n"
- "string_field:\\s*\"hello\"\n"
- "names:\\s*\"peter\"\n"
- "names:\\s*\"paul\"\n"
- "names:\\s*\"mary\"\n"
- ">");
-}
-
-#endif // GTEST_HAS_PROTOBUF_
-
-// Tests that the universal printer prints both the address and the
-// value of a reference.
-TEST(PrintReferenceTest, PrintsAddressAndValue) {
- int n = 5;
- EXPECT_EQ("@" + PrintPointer(&n) + " 5", PrintByRef(n));
-
- int a[2][3] = {
- { 0, 1, 2 },
- { 3, 4, 5 }
- };
- EXPECT_EQ("@" + PrintPointer(a) + " { { 0, 1, 2 }, { 3, 4, 5 } }",
- PrintByRef(a));
-
- const ::foo::UnprintableInFoo x;
- EXPECT_EQ("@" + PrintPointer(&x) + " 16-byte object "
- "<EF-12 00-00 34-AB 00-00 00-00 00-00 00-00 00-00>",
- PrintByRef(x));
-}
-
-// Tests that the universal printer prints a function pointer passed by
-// reference.
-TEST(PrintReferenceTest, HandlesFunctionPointer) {
- void (*fp)(int n) = &MyFunction;
- const string fp_pointer_string =
- PrintPointer(reinterpret_cast<const void*>(&fp));
- // We cannot directly cast &MyFunction to const void* because the
- // standard disallows casting between pointers to functions and
- // pointers to objects, and some compilers (e.g. GCC 3.4) enforce
- // this limitation.
- const string fp_string = PrintPointer(reinterpret_cast<const void*>(
- reinterpret_cast<internal::BiggestInt>(fp)));
- EXPECT_EQ("@" + fp_pointer_string + " " + fp_string,
- PrintByRef(fp));
-}
-
-// Tests that the universal printer prints a member function pointer
-// passed by reference.
-TEST(PrintReferenceTest, HandlesMemberFunctionPointer) {
- int (Foo::*p)(char ch) = &Foo::MyMethod;
- EXPECT_TRUE(HasPrefix(
- PrintByRef(p),
- "@" + PrintPointer(reinterpret_cast<const void*>(&p)) + " " +
- Print(sizeof(p)) + "-byte object "));
-
- char (Foo::*p2)(int n) = &Foo::MyVirtualMethod;
- EXPECT_TRUE(HasPrefix(
- PrintByRef(p2),
- "@" + PrintPointer(reinterpret_cast<const void*>(&p2)) + " " +
- Print(sizeof(p2)) + "-byte object "));
-}
-
-// Tests that the universal printer prints a member variable pointer
-// passed by reference.
-TEST(PrintReferenceTest, HandlesMemberVariablePointer) {
- int (Foo::*p) = &Foo::value; // NOLINT
- EXPECT_TRUE(HasPrefix(
- PrintByRef(p),
- "@" + PrintPointer(&p) + " " + Print(sizeof(p)) + "-byte object "));
-}
-
-// Tests that FormatForComparisonFailureMessage(), which is used to print
-// an operand in a comparison assertion (e.g. ASSERT_EQ) when the assertion
-// fails, formats the operand in the desired way.
-
-// scalar
-TEST(FormatForComparisonFailureMessageTest, WorksForScalar) {
- EXPECT_STREQ("123",
- FormatForComparisonFailureMessage(123, 124).c_str());
-}
-
-// non-char pointer
-TEST(FormatForComparisonFailureMessageTest, WorksForNonCharPointer) {
- int n = 0;
- EXPECT_EQ(PrintPointer(&n),
- FormatForComparisonFailureMessage(&n, &n).c_str());
-}
-
-// non-char array
-TEST(FormatForComparisonFailureMessageTest, FormatsNonCharArrayAsPointer) {
- // In expression 'array == x', 'array' is compared by pointer.
- // Therefore we want to print an array operand as a pointer.
- int n[] = { 1, 2, 3 };
- EXPECT_EQ(PrintPointer(n),
- FormatForComparisonFailureMessage(n, n).c_str());
-}
-
-// Tests formatting a char pointer when it's compared with another pointer.
-// In this case we want to print it as a raw pointer, as the comparision is by
-// pointer.
-
-// char pointer vs pointer
-TEST(FormatForComparisonFailureMessageTest, WorksForCharPointerVsPointer) {
- // In expression 'p == x', where 'p' and 'x' are (const or not) char
- // pointers, the operands are compared by pointer. Therefore we
- // want to print 'p' as a pointer instead of a C string (we don't
- // even know if it's supposed to point to a valid C string).
-
- // const char*
- const char* s = "hello";
- EXPECT_EQ(PrintPointer(s),
- FormatForComparisonFailureMessage(s, s).c_str());
-
- // char*
- char ch = 'a';
- EXPECT_EQ(PrintPointer(&ch),
- FormatForComparisonFailureMessage(&ch, &ch).c_str());
-}
-
-// wchar_t pointer vs pointer
-TEST(FormatForComparisonFailureMessageTest, WorksForWCharPointerVsPointer) {
- // In expression 'p == x', where 'p' and 'x' are (const or not) char
- // pointers, the operands are compared by pointer. Therefore we
- // want to print 'p' as a pointer instead of a wide C string (we don't
- // even know if it's supposed to point to a valid wide C string).
-
- // const wchar_t*
- const wchar_t* s = L"hello";
- EXPECT_EQ(PrintPointer(s),
- FormatForComparisonFailureMessage(s, s).c_str());
-
- // wchar_t*
- wchar_t ch = L'a';
- EXPECT_EQ(PrintPointer(&ch),
- FormatForComparisonFailureMessage(&ch, &ch).c_str());
-}
-
-// Tests formatting a char pointer when it's compared to a string object.
-// In this case we want to print the char pointer as a C string.
-
-#if GTEST_HAS_GLOBAL_STRING
-// char pointer vs ::string
-TEST(FormatForComparisonFailureMessageTest, WorksForCharPointerVsString) {
- const char* s = "hello \"world";
- EXPECT_STREQ("\"hello \\\"world\"", // The string content should be escaped.
- FormatForComparisonFailureMessage(s, ::string()).c_str());
-
- // char*
- char str[] = "hi\1";
- char* p = str;
- EXPECT_STREQ("\"hi\\x1\"", // The string content should be escaped.
- FormatForComparisonFailureMessage(p, ::string()).c_str());
-}
-#endif
-
-// char pointer vs std::string
-TEST(FormatForComparisonFailureMessageTest, WorksForCharPointerVsStdString) {
- const char* s = "hello \"world";
- EXPECT_STREQ("\"hello \\\"world\"", // The string content should be escaped.
- FormatForComparisonFailureMessage(s, ::std::string()).c_str());
-
- // char*
- char str[] = "hi\1";
- char* p = str;
- EXPECT_STREQ("\"hi\\x1\"", // The string content should be escaped.
- FormatForComparisonFailureMessage(p, ::std::string()).c_str());
-}
-
-#if GTEST_HAS_GLOBAL_WSTRING
-// wchar_t pointer vs ::wstring
-TEST(FormatForComparisonFailureMessageTest, WorksForWCharPointerVsWString) {
- const wchar_t* s = L"hi \"world";
- EXPECT_STREQ("L\"hi \\\"world\"", // The string content should be escaped.
- FormatForComparisonFailureMessage(s, ::wstring()).c_str());
-
- // wchar_t*
- wchar_t str[] = L"hi\1";
- wchar_t* p = str;
- EXPECT_STREQ("L\"hi\\x1\"", // The string content should be escaped.
- FormatForComparisonFailureMessage(p, ::wstring()).c_str());
-}
-#endif
-
-#if GTEST_HAS_STD_WSTRING
-// wchar_t pointer vs std::wstring
-TEST(FormatForComparisonFailureMessageTest, WorksForWCharPointerVsStdWString) {
- const wchar_t* s = L"hi \"world";
- EXPECT_STREQ("L\"hi \\\"world\"", // The string content should be escaped.
- FormatForComparisonFailureMessage(s, ::std::wstring()).c_str());
-
- // wchar_t*
- wchar_t str[] = L"hi\1";
- wchar_t* p = str;
- EXPECT_STREQ("L\"hi\\x1\"", // The string content should be escaped.
- FormatForComparisonFailureMessage(p, ::std::wstring()).c_str());
-}
-#endif
-
-// Tests formatting a char array when it's compared with a pointer or array.
-// In this case we want to print the array as a row pointer, as the comparison
-// is by pointer.
-
-// char array vs pointer
-TEST(FormatForComparisonFailureMessageTest, WorksForCharArrayVsPointer) {
- char str[] = "hi \"world\"";
- char* p = NULL;
- EXPECT_EQ(PrintPointer(str),
- FormatForComparisonFailureMessage(str, p).c_str());
-}
-
-// char array vs char array
-TEST(FormatForComparisonFailureMessageTest, WorksForCharArrayVsCharArray) {
- const char str[] = "hi \"world\"";
- EXPECT_EQ(PrintPointer(str),
- FormatForComparisonFailureMessage(str, str).c_str());
-}
-
-// wchar_t array vs pointer
-TEST(FormatForComparisonFailureMessageTest, WorksForWCharArrayVsPointer) {
- wchar_t str[] = L"hi \"world\"";
- wchar_t* p = NULL;
- EXPECT_EQ(PrintPointer(str),
- FormatForComparisonFailureMessage(str, p).c_str());
-}
-
-// wchar_t array vs wchar_t array
-TEST(FormatForComparisonFailureMessageTest, WorksForWCharArrayVsWCharArray) {
- const wchar_t str[] = L"hi \"world\"";
- EXPECT_EQ(PrintPointer(str),
- FormatForComparisonFailureMessage(str, str).c_str());
-}
-
-// Tests formatting a char array when it's compared with a string object.
-// In this case we want to print the array as a C string.
-
-#if GTEST_HAS_GLOBAL_STRING
-// char array vs string
-TEST(FormatForComparisonFailureMessageTest, WorksForCharArrayVsString) {
- const char str[] = "hi \"w\0rld\"";
- EXPECT_STREQ("\"hi \\\"w\"", // The content should be escaped.
- // Embedded NUL terminates the string.
- FormatForComparisonFailureMessage(str, ::string()).c_str());
-}
-#endif
-
-// char array vs std::string
-TEST(FormatForComparisonFailureMessageTest, WorksForCharArrayVsStdString) {
- const char str[] = "hi \"world\"";
- EXPECT_STREQ("\"hi \\\"world\\\"\"", // The content should be escaped.
- FormatForComparisonFailureMessage(str, ::std::string()).c_str());
-}
-
-#if GTEST_HAS_GLOBAL_WSTRING
-// wchar_t array vs wstring
-TEST(FormatForComparisonFailureMessageTest, WorksForWCharArrayVsWString) {
- const wchar_t str[] = L"hi \"world\"";
- EXPECT_STREQ("L\"hi \\\"world\\\"\"", // The content should be escaped.
- FormatForComparisonFailureMessage(str, ::wstring()).c_str());
-}
-#endif
-
-#if GTEST_HAS_STD_WSTRING
-// wchar_t array vs std::wstring
-TEST(FormatForComparisonFailureMessageTest, WorksForWCharArrayVsStdWString) {
- const wchar_t str[] = L"hi \"w\0rld\"";
- EXPECT_STREQ(
- "L\"hi \\\"w\"", // The content should be escaped.
- // Embedded NUL terminates the string.
- FormatForComparisonFailureMessage(str, ::std::wstring()).c_str());
-}
-#endif
-
-// Useful for testing PrintToString(). We cannot use EXPECT_EQ()
-// there as its implementation uses PrintToString(). The caller must
-// ensure that 'value' has no side effect.
-#define EXPECT_PRINT_TO_STRING_(value, expected_string) \
- EXPECT_TRUE(PrintToString(value) == (expected_string)) \
- << " where " #value " prints as " << (PrintToString(value))
-
-TEST(PrintToStringTest, WorksForScalar) {
- EXPECT_PRINT_TO_STRING_(123, "123");
-}
-
-TEST(PrintToStringTest, WorksForPointerToConstChar) {
- const char* p = "hello";
- EXPECT_PRINT_TO_STRING_(p, "\"hello\"");
-}
-
-TEST(PrintToStringTest, WorksForPointerToNonConstChar) {
- char s[] = "hello";
- char* p = s;
- EXPECT_PRINT_TO_STRING_(p, "\"hello\"");
-}
-
-TEST(PrintToStringTest, EscapesForPointerToConstChar) {
- const char* p = "hello\n";
- EXPECT_PRINT_TO_STRING_(p, "\"hello\\n\"");
-}
-
-TEST(PrintToStringTest, EscapesForPointerToNonConstChar) {
- char s[] = "hello\1";
- char* p = s;
- EXPECT_PRINT_TO_STRING_(p, "\"hello\\x1\"");
-}
-
-TEST(PrintToStringTest, WorksForArray) {
- int n[3] = { 1, 2, 3 };
- EXPECT_PRINT_TO_STRING_(n, "{ 1, 2, 3 }");
-}
-
-TEST(PrintToStringTest, WorksForCharArray) {
- char s[] = "hello";
- EXPECT_PRINT_TO_STRING_(s, "\"hello\"");
-}
-
-TEST(PrintToStringTest, WorksForCharArrayWithEmbeddedNul) {
- const char str_with_nul[] = "hello\0 world";
- EXPECT_PRINT_TO_STRING_(str_with_nul, "\"hello\\0 world\"");
-
- char mutable_str_with_nul[] = "hello\0 world";
- EXPECT_PRINT_TO_STRING_(mutable_str_with_nul, "\"hello\\0 world\"");
-}
-
-#undef EXPECT_PRINT_TO_STRING_
-
-TEST(UniversalTersePrintTest, WorksForNonReference) {
- ::std::stringstream ss;
- UniversalTersePrint(123, &ss);
- EXPECT_EQ("123", ss.str());
-}
-
-TEST(UniversalTersePrintTest, WorksForReference) {
- const int& n = 123;
- ::std::stringstream ss;
- UniversalTersePrint(n, &ss);
- EXPECT_EQ("123", ss.str());
-}
-
-TEST(UniversalTersePrintTest, WorksForCString) {
- const char* s1 = "abc";
- ::std::stringstream ss1;
- UniversalTersePrint(s1, &ss1);
- EXPECT_EQ("\"abc\"", ss1.str());
-
- char* s2 = const_cast<char*>(s1);
- ::std::stringstream ss2;
- UniversalTersePrint(s2, &ss2);
- EXPECT_EQ("\"abc\"", ss2.str());
-
- const char* s3 = NULL;
- ::std::stringstream ss3;
- UniversalTersePrint(s3, &ss3);
- EXPECT_EQ("NULL", ss3.str());
-}
-
-TEST(UniversalPrintTest, WorksForNonReference) {
- ::std::stringstream ss;
- UniversalPrint(123, &ss);
- EXPECT_EQ("123", ss.str());
-}
-
-TEST(UniversalPrintTest, WorksForReference) {
- const int& n = 123;
- ::std::stringstream ss;
- UniversalPrint(n, &ss);
- EXPECT_EQ("123", ss.str());
-}
-
-TEST(UniversalPrintTest, WorksForCString) {
- const char* s1 = "abc";
- ::std::stringstream ss1;
- UniversalPrint(s1, &ss1);
- EXPECT_EQ(PrintPointer(s1) + " pointing to \"abc\"", string(ss1.str()));
-
- char* s2 = const_cast<char*>(s1);
- ::std::stringstream ss2;
- UniversalPrint(s2, &ss2);
- EXPECT_EQ(PrintPointer(s2) + " pointing to \"abc\"", string(ss2.str()));
-
- const char* s3 = NULL;
- ::std::stringstream ss3;
- UniversalPrint(s3, &ss3);
- EXPECT_EQ("NULL", ss3.str());
-}
-
-TEST(UniversalPrintTest, WorksForCharArray) {
- const char str[] = "\"Line\0 1\"\nLine 2";
- ::std::stringstream ss1;
- UniversalPrint(str, &ss1);
- EXPECT_EQ("\"\\\"Line\\0 1\\\"\\nLine 2\"", ss1.str());
-
- const char mutable_str[] = "\"Line\0 1\"\nLine 2";
- ::std::stringstream ss2;
- UniversalPrint(mutable_str, &ss2);
- EXPECT_EQ("\"\\\"Line\\0 1\\\"\\nLine 2\"", ss2.str());
-}
-
-#if GTEST_HAS_TR1_TUPLE
-
-TEST(UniversalTersePrintTupleFieldsToStringsTestWithTr1, PrintsEmptyTuple) {
- Strings result = UniversalTersePrintTupleFieldsToStrings(
- ::std::tr1::make_tuple());
- EXPECT_EQ(0u, result.size());
-}
-
-TEST(UniversalTersePrintTupleFieldsToStringsTestWithTr1, PrintsOneTuple) {
- Strings result = UniversalTersePrintTupleFieldsToStrings(
- ::std::tr1::make_tuple(1));
- ASSERT_EQ(1u, result.size());
- EXPECT_EQ("1", result[0]);
-}
-
-TEST(UniversalTersePrintTupleFieldsToStringsTestWithTr1, PrintsTwoTuple) {
- Strings result = UniversalTersePrintTupleFieldsToStrings(
- ::std::tr1::make_tuple(1, 'a'));
- ASSERT_EQ(2u, result.size());
- EXPECT_EQ("1", result[0]);
- EXPECT_EQ("'a' (97, 0x61)", result[1]);
-}
-
-TEST(UniversalTersePrintTupleFieldsToStringsTestWithTr1, PrintsTersely) {
- const int n = 1;
- Strings result = UniversalTersePrintTupleFieldsToStrings(
- ::std::tr1::tuple<const int&, const char*>(n, "a"));
- ASSERT_EQ(2u, result.size());
- EXPECT_EQ("1", result[0]);
- EXPECT_EQ("\"a\"", result[1]);
-}
-
-#endif // GTEST_HAS_TR1_TUPLE
-
-#if GTEST_HAS_STD_TUPLE_
-
-TEST(UniversalTersePrintTupleFieldsToStringsTestWithStd, PrintsEmptyTuple) {
- Strings result = UniversalTersePrintTupleFieldsToStrings(::std::make_tuple());
- EXPECT_EQ(0u, result.size());
-}
-
-TEST(UniversalTersePrintTupleFieldsToStringsTestWithStd, PrintsOneTuple) {
- Strings result = UniversalTersePrintTupleFieldsToStrings(
- ::std::make_tuple(1));
- ASSERT_EQ(1u, result.size());
- EXPECT_EQ("1", result[0]);
-}
-
-TEST(UniversalTersePrintTupleFieldsToStringsTestWithStd, PrintsTwoTuple) {
- Strings result = UniversalTersePrintTupleFieldsToStrings(
- ::std::make_tuple(1, 'a'));
- ASSERT_EQ(2u, result.size());
- EXPECT_EQ("1", result[0]);
- EXPECT_EQ("'a' (97, 0x61)", result[1]);
-}
-
-TEST(UniversalTersePrintTupleFieldsToStringsTestWithStd, PrintsTersely) {
- const int n = 1;
- Strings result = UniversalTersePrintTupleFieldsToStrings(
- ::std::tuple<const int&, const char*>(n, "a"));
- ASSERT_EQ(2u, result.size());
- EXPECT_EQ("1", result[0]);
- EXPECT_EQ("\"a\"", result[1]);
-}
-
-#endif // GTEST_HAS_STD_TUPLE_
-
-} // namespace gtest_printers_test
-} // namespace testing
-
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-test-part_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-test-part_test.cc
deleted file mode 100644
index ca8ba933a..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-test-part_test.cc
+++ /dev/null
@@ -1,208 +0,0 @@
-// Copyright 2008 Google Inc.
-// All Rights Reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: mheule@google.com (Markus Heule)
-//
-
-#include "gtest/gtest-test-part.h"
-
-#include "gtest/gtest.h"
-
-using testing::Message;
-using testing::Test;
-using testing::TestPartResult;
-using testing::TestPartResultArray;
-
-namespace {
-
-// Tests the TestPartResult class.
-
-// The test fixture for testing TestPartResult.
-class TestPartResultTest : public Test {
- protected:
- TestPartResultTest()
- : r1_(TestPartResult::kSuccess, "foo/bar.cc", 10, "Success!"),
- r2_(TestPartResult::kNonFatalFailure, "foo/bar.cc", -1, "Failure!"),
- r3_(TestPartResult::kFatalFailure, NULL, -1, "Failure!") {}
-
- TestPartResult r1_, r2_, r3_;
-};
-
-
-TEST_F(TestPartResultTest, ConstructorWorks) {
- Message message;
- message << "something is terribly wrong";
- message << static_cast<const char*>(testing::internal::kStackTraceMarker);
- message << "some unimportant stack trace";
-
- const TestPartResult result(TestPartResult::kNonFatalFailure,
- "some_file.cc",
- 42,
- message.GetString().c_str());
-
- EXPECT_EQ(TestPartResult::kNonFatalFailure, result.type());
- EXPECT_STREQ("some_file.cc", result.file_name());
- EXPECT_EQ(42, result.line_number());
- EXPECT_STREQ(message.GetString().c_str(), result.message());
- EXPECT_STREQ("something is terribly wrong", result.summary());
-}
-
-TEST_F(TestPartResultTest, ResultAccessorsWork) {
- const TestPartResult success(TestPartResult::kSuccess,
- "file.cc",
- 42,
- "message");
- EXPECT_TRUE(success.passed());
- EXPECT_FALSE(success.failed());
- EXPECT_FALSE(success.nonfatally_failed());
- EXPECT_FALSE(success.fatally_failed());
-
- const TestPartResult nonfatal_failure(TestPartResult::kNonFatalFailure,
- "file.cc",
- 42,
- "message");
- EXPECT_FALSE(nonfatal_failure.passed());
- EXPECT_TRUE(nonfatal_failure.failed());
- EXPECT_TRUE(nonfatal_failure.nonfatally_failed());
- EXPECT_FALSE(nonfatal_failure.fatally_failed());
-
- const TestPartResult fatal_failure(TestPartResult::kFatalFailure,
- "file.cc",
- 42,
- "message");
- EXPECT_FALSE(fatal_failure.passed());
- EXPECT_TRUE(fatal_failure.failed());
- EXPECT_FALSE(fatal_failure.nonfatally_failed());
- EXPECT_TRUE(fatal_failure.fatally_failed());
-}
-
-// Tests TestPartResult::type().
-TEST_F(TestPartResultTest, type) {
- EXPECT_EQ(TestPartResult::kSuccess, r1_.type());
- EXPECT_EQ(TestPartResult::kNonFatalFailure, r2_.type());
- EXPECT_EQ(TestPartResult::kFatalFailure, r3_.type());
-}
-
-// Tests TestPartResult::file_name().
-TEST_F(TestPartResultTest, file_name) {
- EXPECT_STREQ("foo/bar.cc", r1_.file_name());
- EXPECT_STREQ(NULL, r3_.file_name());
-}
-
-// Tests TestPartResult::line_number().
-TEST_F(TestPartResultTest, line_number) {
- EXPECT_EQ(10, r1_.line_number());
- EXPECT_EQ(-1, r2_.line_number());
-}
-
-// Tests TestPartResult::message().
-TEST_F(TestPartResultTest, message) {
- EXPECT_STREQ("Success!", r1_.message());
-}
-
-// Tests TestPartResult::passed().
-TEST_F(TestPartResultTest, Passed) {
- EXPECT_TRUE(r1_.passed());
- EXPECT_FALSE(r2_.passed());
- EXPECT_FALSE(r3_.passed());
-}
-
-// Tests TestPartResult::failed().
-TEST_F(TestPartResultTest, Failed) {
- EXPECT_FALSE(r1_.failed());
- EXPECT_TRUE(r2_.failed());
- EXPECT_TRUE(r3_.failed());
-}
-
-// Tests TestPartResult::fatally_failed().
-TEST_F(TestPartResultTest, FatallyFailed) {
- EXPECT_FALSE(r1_.fatally_failed());
- EXPECT_FALSE(r2_.fatally_failed());
- EXPECT_TRUE(r3_.fatally_failed());
-}
-
-// Tests TestPartResult::nonfatally_failed().
-TEST_F(TestPartResultTest, NonfatallyFailed) {
- EXPECT_FALSE(r1_.nonfatally_failed());
- EXPECT_TRUE(r2_.nonfatally_failed());
- EXPECT_FALSE(r3_.nonfatally_failed());
-}
-
-// Tests the TestPartResultArray class.
-
-class TestPartResultArrayTest : public Test {
- protected:
- TestPartResultArrayTest()
- : r1_(TestPartResult::kNonFatalFailure, "foo/bar.cc", -1, "Failure 1"),
- r2_(TestPartResult::kFatalFailure, "foo/bar.cc", -1, "Failure 2") {}
-
- const TestPartResult r1_, r2_;
-};
-
-// Tests that TestPartResultArray initially has size 0.
-TEST_F(TestPartResultArrayTest, InitialSizeIsZero) {
- TestPartResultArray results;
- EXPECT_EQ(0, results.size());
-}
-
-// Tests that TestPartResultArray contains the given TestPartResult
-// after one Append() operation.
-TEST_F(TestPartResultArrayTest, ContainsGivenResultAfterAppend) {
- TestPartResultArray results;
- results.Append(r1_);
- EXPECT_EQ(1, results.size());
- EXPECT_STREQ("Failure 1", results.GetTestPartResult(0).message());
-}
-
-// Tests that TestPartResultArray contains the given TestPartResults
-// after two Append() operations.
-TEST_F(TestPartResultArrayTest, ContainsGivenResultsAfterTwoAppends) {
- TestPartResultArray results;
- results.Append(r1_);
- results.Append(r2_);
- EXPECT_EQ(2, results.size());
- EXPECT_STREQ("Failure 1", results.GetTestPartResult(0).message());
- EXPECT_STREQ("Failure 2", results.GetTestPartResult(1).message());
-}
-
-typedef TestPartResultArrayTest TestPartResultArrayDeathTest;
-
-// Tests that the program dies when GetTestPartResult() is called with
-// an invalid index.
-TEST_F(TestPartResultArrayDeathTest, DiesWhenIndexIsOutOfBound) {
- TestPartResultArray results;
- results.Append(r1_);
-
- EXPECT_DEATH_IF_SUPPORTED(results.GetTestPartResult(-1), "");
- EXPECT_DEATH_IF_SUPPORTED(results.GetTestPartResult(1), "");
-}
-
-// TODO(mheule@google.com): Add a test for the class HasNewFatalFailureHelper.
-
-} // namespace
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-tuple_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-tuple_test.cc
deleted file mode 100644
index bfaa3e0ac..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest-tuple_test.cc
+++ /dev/null
@@ -1,320 +0,0 @@
-// Copyright 2007, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
-#include "gtest/internal/gtest-tuple.h"
-#include <utility>
-#include "gtest/gtest.h"
-
-namespace {
-
-using ::std::tr1::get;
-using ::std::tr1::make_tuple;
-using ::std::tr1::tuple;
-using ::std::tr1::tuple_element;
-using ::std::tr1::tuple_size;
-using ::testing::StaticAssertTypeEq;
-
-// Tests that tuple_element<K, tuple<T0, T1, ..., TN> >::type returns TK.
-TEST(tuple_element_Test, ReturnsElementType) {
- StaticAssertTypeEq<int, tuple_element<0, tuple<int, char> >::type>();
- StaticAssertTypeEq<int&, tuple_element<1, tuple<double, int&> >::type>();
- StaticAssertTypeEq<bool, tuple_element<2, tuple<double, int, bool> >::type>();
-}
-
-// Tests that tuple_size<T>::value gives the number of fields in tuple
-// type T.
-TEST(tuple_size_Test, ReturnsNumberOfFields) {
- EXPECT_EQ(0, +tuple_size<tuple<> >::value);
- EXPECT_EQ(1, +tuple_size<tuple<void*> >::value);
- EXPECT_EQ(1, +tuple_size<tuple<char> >::value);
- EXPECT_EQ(1, +(tuple_size<tuple<tuple<int, double> > >::value));
- EXPECT_EQ(2, +(tuple_size<tuple<int&, const char> >::value));
- EXPECT_EQ(3, +(tuple_size<tuple<char*, void, const bool&> >::value));
-}
-
-// Tests comparing a tuple with itself.
-TEST(ComparisonTest, ComparesWithSelf) {
- const tuple<int, char, bool> a(5, 'a', false);
-
- EXPECT_TRUE(a == a);
- EXPECT_FALSE(a != a);
-}
-
-// Tests comparing two tuples with the same value.
-TEST(ComparisonTest, ComparesEqualTuples) {
- const tuple<int, bool> a(5, true), b(5, true);
-
- EXPECT_TRUE(a == b);
- EXPECT_FALSE(a != b);
-}
-
-// Tests comparing two different tuples that have no reference fields.
-TEST(ComparisonTest, ComparesUnequalTuplesWithoutReferenceFields) {
- typedef tuple<const int, char> FooTuple;
-
- const FooTuple a(0, 'x');
- const FooTuple b(1, 'a');
-
- EXPECT_TRUE(a != b);
- EXPECT_FALSE(a == b);
-
- const FooTuple c(1, 'b');
-
- EXPECT_TRUE(b != c);
- EXPECT_FALSE(b == c);
-}
-
-// Tests comparing two different tuples that have reference fields.
-TEST(ComparisonTest, ComparesUnequalTuplesWithReferenceFields) {
- typedef tuple<int&, const char&> FooTuple;
-
- int i = 5;
- const char ch = 'a';
- const FooTuple a(i, ch);
-
- int j = 6;
- const FooTuple b(j, ch);
-
- EXPECT_TRUE(a != b);
- EXPECT_FALSE(a == b);
-
- j = 5;
- const char ch2 = 'b';
- const FooTuple c(j, ch2);
-
- EXPECT_TRUE(b != c);
- EXPECT_FALSE(b == c);
-}
-
-// Tests that a tuple field with a reference type is an alias of the
-// variable it's supposed to reference.
-TEST(ReferenceFieldTest, IsAliasOfReferencedVariable) {
- int n = 0;
- tuple<bool, int&> t(true, n);
-
- n = 1;
- EXPECT_EQ(n, get<1>(t))
- << "Changing a underlying variable should update the reference field.";
-
- // Makes sure that the implementation doesn't do anything funny with
- // the & operator for the return type of get<>().
- EXPECT_EQ(&n, &(get<1>(t)))
- << "The address of a reference field should equal the address of "
- << "the underlying variable.";
-
- get<1>(t) = 2;
- EXPECT_EQ(2, n)
- << "Changing a reference field should update the underlying variable.";
-}
-
-// Tests that tuple's default constructor default initializes each field.
-// This test needs to compile without generating warnings.
-TEST(TupleConstructorTest, DefaultConstructorDefaultInitializesEachField) {
- // The TR1 report requires that tuple's default constructor default
- // initializes each field, even if it's a primitive type. If the
- // implementation forgets to do this, this test will catch it by
- // generating warnings about using uninitialized variables (assuming
- // a decent compiler).
-
- tuple<> empty;
-
- tuple<int> a1, b1;
- b1 = a1;
- EXPECT_EQ(0, get<0>(b1));
-
- tuple<int, double> a2, b2;
- b2 = a2;
- EXPECT_EQ(0, get<0>(b2));
- EXPECT_EQ(0.0, get<1>(b2));
-
- tuple<double, char, bool*> a3, b3;
- b3 = a3;
- EXPECT_EQ(0.0, get<0>(b3));
- EXPECT_EQ('\0', get<1>(b3));
- EXPECT_TRUE(get<2>(b3) == NULL);
-
- tuple<int, int, int, int, int, int, int, int, int, int> a10, b10;
- b10 = a10;
- EXPECT_EQ(0, get<0>(b10));
- EXPECT_EQ(0, get<1>(b10));
- EXPECT_EQ(0, get<2>(b10));
- EXPECT_EQ(0, get<3>(b10));
- EXPECT_EQ(0, get<4>(b10));
- EXPECT_EQ(0, get<5>(b10));
- EXPECT_EQ(0, get<6>(b10));
- EXPECT_EQ(0, get<7>(b10));
- EXPECT_EQ(0, get<8>(b10));
- EXPECT_EQ(0, get<9>(b10));
-}
-
-// Tests constructing a tuple from its fields.
-TEST(TupleConstructorTest, ConstructsFromFields) {
- int n = 1;
- // Reference field.
- tuple<int&> a(n);
- EXPECT_EQ(&n, &(get<0>(a)));
-
- // Non-reference fields.
- tuple<int, char> b(5, 'a');
- EXPECT_EQ(5, get<0>(b));
- EXPECT_EQ('a', get<1>(b));
-
- // Const reference field.
- const int m = 2;
- tuple<bool, const int&> c(true, m);
- EXPECT_TRUE(get<0>(c));
- EXPECT_EQ(&m, &(get<1>(c)));
-}
-
-// Tests tuple's copy constructor.
-TEST(TupleConstructorTest, CopyConstructor) {
- tuple<double, bool> a(0.0, true);
- tuple<double, bool> b(a);
-
- EXPECT_DOUBLE_EQ(0.0, get<0>(b));
- EXPECT_TRUE(get<1>(b));
-}
-
-// Tests constructing a tuple from another tuple that has a compatible
-// but different type.
-TEST(TupleConstructorTest, ConstructsFromDifferentTupleType) {
- tuple<int, int, char> a(0, 1, 'a');
- tuple<double, long, int> b(a);
-
- EXPECT_DOUBLE_EQ(0.0, get<0>(b));
- EXPECT_EQ(1, get<1>(b));
- EXPECT_EQ('a', get<2>(b));
-}
-
-// Tests constructing a 2-tuple from an std::pair.
-TEST(TupleConstructorTest, ConstructsFromPair) {
- ::std::pair<int, char> a(1, 'a');
- tuple<int, char> b(a);
- tuple<int, const char&> c(a);
-}
-
-// Tests assigning a tuple to another tuple with the same type.
-TEST(TupleAssignmentTest, AssignsToSameTupleType) {
- const tuple<int, long> a(5, 7L);
- tuple<int, long> b;
- b = a;
- EXPECT_EQ(5, get<0>(b));
- EXPECT_EQ(7L, get<1>(b));
-}
-
-// Tests assigning a tuple to another tuple with a different but
-// compatible type.
-TEST(TupleAssignmentTest, AssignsToDifferentTupleType) {
- const tuple<int, long, bool> a(1, 7L, true);
- tuple<long, int, bool> b;
- b = a;
- EXPECT_EQ(1L, get<0>(b));
- EXPECT_EQ(7, get<1>(b));
- EXPECT_TRUE(get<2>(b));
-}
-
-// Tests assigning an std::pair to a 2-tuple.
-TEST(TupleAssignmentTest, AssignsFromPair) {
- const ::std::pair<int, bool> a(5, true);
- tuple<int, bool> b;
- b = a;
- EXPECT_EQ(5, get<0>(b));
- EXPECT_TRUE(get<1>(b));
-
- tuple<long, bool> c;
- c = a;
- EXPECT_EQ(5L, get<0>(c));
- EXPECT_TRUE(get<1>(c));
-}
-
-// A fixture for testing big tuples.
-class BigTupleTest : public testing::Test {
- protected:
- typedef tuple<int, int, int, int, int, int, int, int, int, int> BigTuple;
-
- BigTupleTest() :
- a_(1, 0, 0, 0, 0, 0, 0, 0, 0, 2),
- b_(1, 0, 0, 0, 0, 0, 0, 0, 0, 3) {}
-
- BigTuple a_, b_;
-};
-
-// Tests constructing big tuples.
-TEST_F(BigTupleTest, Construction) {
- BigTuple a;
- BigTuple b(b_);
-}
-
-// Tests that get<N>(t) returns the N-th (0-based) field of tuple t.
-TEST_F(BigTupleTest, get) {
- EXPECT_EQ(1, get<0>(a_));
- EXPECT_EQ(2, get<9>(a_));
-
- // Tests that get() works on a const tuple too.
- const BigTuple a(a_);
- EXPECT_EQ(1, get<0>(a));
- EXPECT_EQ(2, get<9>(a));
-}
-
-// Tests comparing big tuples.
-TEST_F(BigTupleTest, Comparisons) {
- EXPECT_TRUE(a_ == a_);
- EXPECT_FALSE(a_ != a_);
-
- EXPECT_TRUE(a_ != b_);
- EXPECT_FALSE(a_ == b_);
-}
-
-TEST(MakeTupleTest, WorksForScalarTypes) {
- tuple<bool, int> a;
- a = make_tuple(true, 5);
- EXPECT_TRUE(get<0>(a));
- EXPECT_EQ(5, get<1>(a));
-
- tuple<char, int, long> b;
- b = make_tuple('a', 'b', 5);
- EXPECT_EQ('a', get<0>(b));
- EXPECT_EQ('b', get<1>(b));
- EXPECT_EQ(5, get<2>(b));
-}
-
-TEST(MakeTupleTest, WorksForPointers) {
- int a[] = { 1, 2, 3, 4 };
- const char* const str = "hi";
- int* const p = a;
-
- tuple<const char*, int*> t;
- t = make_tuple(str, p);
- EXPECT_EQ(str, get<0>(t));
- EXPECT_EQ(p, get<1>(t));
-}
-
-} // namespace
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-typed-test2_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-typed-test2_test.cc
index c284700b0..ed96421c6 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest-typed-test2_test.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest-typed-test2_test.cc
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
#include <vector>
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-typed-test_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-typed-test_test.cc
index c3e66c2db..4e398697d 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest-typed-test_test.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest-typed-test_test.cc
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
#include "test/gtest-typed-test_test.h"
@@ -36,6 +35,10 @@
#include "gtest/gtest.h"
+#if _MSC_VER
+GTEST_DISABLE_MSC_WARNINGS_PUSH_(4127 /* conditional expression is constant */)
+#endif // _MSC_VER
+
using testing::Test;
// Used for testing that SetUpTestCase()/TearDownTestCase(), fixture
@@ -166,6 +169,40 @@ TYPED_TEST(NumericTest, DefaultIsZero) {
} // namespace library1
+// Tests that custom names work.
+template <typename T>
+class TypedTestWithNames : public Test {};
+
+class TypedTestNames {
+ public:
+ template <typename T>
+ static std::string GetName(int i) {
+ if (testing::internal::IsSame<T, char>::value) {
+ return std::string("char") + ::testing::PrintToString(i);
+ }
+ if (testing::internal::IsSame<T, int>::value) {
+ return std::string("int") + ::testing::PrintToString(i);
+ }
+ }
+};
+
+TYPED_TEST_CASE(TypedTestWithNames, TwoTypes, TypedTestNames);
+
+TYPED_TEST(TypedTestWithNames, TestCaseName) {
+ if (testing::internal::IsSame<TypeParam, char>::value) {
+ EXPECT_STREQ(::testing::UnitTest::GetInstance()
+ ->current_test_info()
+ ->test_case_name(),
+ "TypedTestWithNames/char0");
+ }
+ if (testing::internal::IsSame<TypeParam, int>::value) {
+ EXPECT_STREQ(::testing::UnitTest::GetInstance()
+ ->current_test_info()
+ ->test_case_name(),
+ "TypedTestWithNames/int1");
+ }
+}
+
#endif // GTEST_HAS_TYPED_TEST
// This #ifdef block tests type-parameterized tests.
@@ -266,6 +303,46 @@ REGISTER_TYPED_TEST_CASE_P(DerivedTest,
typedef Types<short, long> MyTwoTypes;
INSTANTIATE_TYPED_TEST_CASE_P(My, DerivedTest, MyTwoTypes);
+// Tests that custom names work with type parametrized tests. We reuse the
+// TwoTypes from above here.
+template <typename T>
+class TypeParametrizedTestWithNames : public Test {};
+
+TYPED_TEST_CASE_P(TypeParametrizedTestWithNames);
+
+TYPED_TEST_P(TypeParametrizedTestWithNames, TestCaseName) {
+ if (testing::internal::IsSame<TypeParam, char>::value) {
+ EXPECT_STREQ(::testing::UnitTest::GetInstance()
+ ->current_test_info()
+ ->test_case_name(),
+ "CustomName/TypeParametrizedTestWithNames/parChar0");
+ }
+ if (testing::internal::IsSame<TypeParam, int>::value) {
+ EXPECT_STREQ(::testing::UnitTest::GetInstance()
+ ->current_test_info()
+ ->test_case_name(),
+ "CustomName/TypeParametrizedTestWithNames/parInt1");
+ }
+}
+
+REGISTER_TYPED_TEST_CASE_P(TypeParametrizedTestWithNames, TestCaseName);
+
+class TypeParametrizedTestNames {
+ public:
+ template <typename T>
+ static std::string GetName(int i) {
+ if (testing::internal::IsSame<T, char>::value) {
+ return std::string("parChar") + ::testing::PrintToString(i);
+ }
+ if (testing::internal::IsSame<T, int>::value) {
+ return std::string("parInt") + ::testing::PrintToString(i);
+ }
+ }
+};
+
+INSTANTIATE_TYPED_TEST_CASE_P(CustomName, TypeParametrizedTestWithNames,
+ TwoTypes, TypeParametrizedTestNames);
+
// Tests that multiple TYPED_TEST_CASE_P's can be defined in the same
// translation unit.
@@ -344,6 +421,25 @@ REGISTER_TYPED_TEST_CASE_P(NumericTest,
typedef Types<int, double> NumericTypes;
INSTANTIATE_TYPED_TEST_CASE_P(My, NumericTest, NumericTypes);
+static const char* GetTestName() {
+ return testing::UnitTest::GetInstance()->current_test_info()->name();
+}
+// Test the stripping of space from test names
+template <typename T> class TrimmedTest : public Test { };
+TYPED_TEST_CASE_P(TrimmedTest);
+TYPED_TEST_P(TrimmedTest, Test1) { EXPECT_STREQ("Test1", GetTestName()); }
+TYPED_TEST_P(TrimmedTest, Test2) { EXPECT_STREQ("Test2", GetTestName()); }
+TYPED_TEST_P(TrimmedTest, Test3) { EXPECT_STREQ("Test3", GetTestName()); }
+TYPED_TEST_P(TrimmedTest, Test4) { EXPECT_STREQ("Test4", GetTestName()); }
+TYPED_TEST_P(TrimmedTest, Test5) { EXPECT_STREQ("Test5", GetTestName()); }
+REGISTER_TYPED_TEST_CASE_P(
+ TrimmedTest,
+ Test1, Test2,Test3 , Test4 ,Test5 ); // NOLINT
+template <typename T1, typename T2> struct MyPair {};
+// Be sure to try a type with a comma in its name just in case it matters.
+typedef Types<int, double, MyPair<int, int> > TrimTypes;
+INSTANTIATE_TYPED_TEST_CASE_P(My, TrimmedTest, TrimTypes);
+
} // namespace library2
#endif // GTEST_HAS_TYPED_TEST_P
@@ -358,4 +454,8 @@ INSTANTIATE_TYPED_TEST_CASE_P(My, NumericTest, NumericTypes);
// must be defined). This dummy test keeps gtest_main linked in.
TEST(DummyTest, TypedTestsAreNotSupportedOnThisPlatform) {}
+#if _MSC_VER
+GTEST_DISABLE_MSC_WARNINGS_POP_() // 4127
+#endif // _MSC_VER
+
#endif // #if !defined(GTEST_HAS_TYPED_TEST) && !defined(GTEST_HAS_TYPED_TEST_P)
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-typed-test_test.h b/security/nss/gtests/google_test/gtest/test/gtest-typed-test_test.h
index 41d75704c..2cce67c82 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest-typed-test_test.h
+++ b/security/nss/gtests/google_test/gtest/test/gtest-typed-test_test.h
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
#ifndef GTEST_TEST_GTEST_TYPED_TEST_TEST_H_
#define GTEST_TEST_GTEST_TYPED_TEST_TEST_H_
diff --git a/security/nss/gtests/google_test/gtest/test/gtest-unittest-api_test.cc b/security/nss/gtests/google_test/gtest/test/gtest-unittest-api_test.cc
index b1f51688a..f3ea03a59 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest-unittest-api_test.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest-unittest-api_test.cc
@@ -25,10 +25,9 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
//
-// Author: vladl@google.com (Vlad Losev)
-//
-// The Google C++ Testing Framework (Google Test)
+// The Google C++ Testing and Mocking Framework (Google Test)
//
// This file contains tests verifying correctness of data provided via
// UnitTest's public methods.
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_all_test.cc b/security/nss/gtests/google_test/gtest/test/gtest_all_test.cc
index 955aa6282..e61e36b1d 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_all_test.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_all_test.cc
@@ -26,21 +26,20 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
//
-// Author: wan@google.com (Zhanyong Wan)
-//
-// Tests for Google C++ Testing Framework (Google Test)
+// Tests for Google C++ Testing and Mocking Framework (Google Test)
//
// Sometimes it's desirable to build most of Google Test's own tests
// by compiling a single file. This file serves this purpose.
-#include "test/gtest-filepath_test.cc"
-#include "test/gtest-linked_ptr_test.cc"
-#include "test/gtest-message_test.cc"
-#include "test/gtest-options_test.cc"
-#include "test/gtest-port_test.cc"
+#include "test/googletest-filepath-test.cc"
+#include "test/googletest-linked-ptr-test.cc"
+#include "test/googletest-message-test.cc"
+#include "test/googletest-options-test.cc"
+#include "test/googletest-port-test.cc"
#include "test/gtest_pred_impl_unittest.cc"
#include "test/gtest_prod_test.cc"
-#include "test/gtest-test-part_test.cc"
+#include "test/googletest-test-part-test.cc"
#include "test/gtest-typed-test_test.cc"
#include "test/gtest-typed-test2_test.cc"
#include "test/gtest_unittest.cc"
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_assert_by_exception_test.cc b/security/nss/gtests/google_test/gtest/test/gtest_assert_by_exception_test.cc
new file mode 100644
index 000000000..0eae8575f
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/gtest_assert_by_exception_test.cc
@@ -0,0 +1,118 @@
+// Copyright 2009, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+// Tests Google Test's assert-by-exception mode with exceptions enabled.
+
+#include "gtest/gtest.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdexcept>
+
+class ThrowListener : public testing::EmptyTestEventListener {
+ void OnTestPartResult(const testing::TestPartResult& result) override {
+ if (result.type() == testing::TestPartResult::kFatalFailure) {
+ throw testing::AssertionException(result);
+ }
+ }
+};
+
+// Prints the given failure message and exits the program with
+// non-zero. We use this instead of a Google Test assertion to
+// indicate a failure, as the latter is been tested and cannot be
+// relied on.
+void Fail(const char* msg) {
+ printf("FAILURE: %s\n", msg);
+ fflush(stdout);
+ exit(1);
+}
+
+static void AssertFalse() {
+ ASSERT_EQ(2, 3) << "Expected failure";
+}
+
+// Tests that an assertion failure throws a subclass of
+// std::runtime_error.
+TEST(Test, Test) {
+ // A successful assertion shouldn't throw.
+ try {
+ EXPECT_EQ(3, 3);
+ } catch(...) {
+ Fail("A successful assertion wrongfully threw.");
+ }
+
+ // A successful assertion shouldn't throw.
+ try {
+ EXPECT_EQ(3, 4);
+ } catch(...) {
+ Fail("A failed non-fatal assertion wrongfully threw.");
+ }
+
+ // A failed assertion should throw.
+ try {
+ AssertFalse();
+ } catch(const testing::AssertionException& e) {
+ if (strstr(e.what(), "Expected failure") != NULL)
+ throw;
+
+ printf("%s",
+ "A failed assertion did throw an exception of the right type, "
+ "but the message is incorrect. Instead of containing \"Expected "
+ "failure\", it is:\n");
+ Fail(e.what());
+ } catch(...) {
+ Fail("A failed assertion threw the wrong type of exception.");
+ }
+ Fail("A failed assertion should've thrown but didn't.");
+}
+
+int kTestForContinuingTest = 0;
+
+TEST(Test, Test2) {
+ // FIXME: how to force Test2 to be after Test?
+ kTestForContinuingTest = 1;
+}
+
+int main(int argc, char** argv) {
+ testing::InitGoogleTest(&argc, argv);
+ testing::UnitTest::GetInstance()->listeners().Append(new ThrowListener);
+
+ int result = RUN_ALL_TESTS();
+ if (result == 0) {
+ printf("RUN_ALL_TESTS returned %d\n", result);
+ Fail("Expected failure instead.");
+ }
+
+ if (kTestForContinuingTest == 0) {
+ Fail("Should have continued with other tests, but did not.");
+ }
+ return 0;
+}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_break_on_failure_unittest.py b/security/nss/gtests/google_test/gtest/test/gtest_break_on_failure_unittest.py
deleted file mode 100755
index 78f3e0f53..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_break_on_failure_unittest.py
+++ /dev/null
@@ -1,212 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2006, Google Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-# * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-"""Unit test for Google Test's break-on-failure mode.
-
-A user can ask Google Test to seg-fault when an assertion fails, using
-either the GTEST_BREAK_ON_FAILURE environment variable or the
---gtest_break_on_failure flag. This script tests such functionality
-by invoking gtest_break_on_failure_unittest_ (a program written with
-Google Test) with different environments and command line flags.
-"""
-
-__author__ = 'wan@google.com (Zhanyong Wan)'
-
-import gtest_test_utils
-import os
-import sys
-
-
-# Constants.
-
-IS_WINDOWS = os.name == 'nt'
-
-# The environment variable for enabling/disabling the break-on-failure mode.
-BREAK_ON_FAILURE_ENV_VAR = 'GTEST_BREAK_ON_FAILURE'
-
-# The command line flag for enabling/disabling the break-on-failure mode.
-BREAK_ON_FAILURE_FLAG = 'gtest_break_on_failure'
-
-# The environment variable for enabling/disabling the throw-on-failure mode.
-THROW_ON_FAILURE_ENV_VAR = 'GTEST_THROW_ON_FAILURE'
-
-# The environment variable for enabling/disabling the catch-exceptions mode.
-CATCH_EXCEPTIONS_ENV_VAR = 'GTEST_CATCH_EXCEPTIONS'
-
-# Path to the gtest_break_on_failure_unittest_ program.
-EXE_PATH = gtest_test_utils.GetTestExecutablePath(
- 'gtest_break_on_failure_unittest_')
-
-
-environ = gtest_test_utils.environ
-SetEnvVar = gtest_test_utils.SetEnvVar
-
-# Tests in this file run a Google-Test-based test program and expect it
-# to terminate prematurely. Therefore they are incompatible with
-# the premature-exit-file protocol by design. Unset the
-# premature-exit filepath to prevent Google Test from creating
-# the file.
-SetEnvVar(gtest_test_utils.PREMATURE_EXIT_FILE_ENV_VAR, None)
-
-
-def Run(command):
- """Runs a command; returns 1 if it was killed by a signal, or 0 otherwise."""
-
- p = gtest_test_utils.Subprocess(command, env=environ)
- if p.terminated_by_signal:
- return 1
- else:
- return 0
-
-
-# The tests.
-
-
-class GTestBreakOnFailureUnitTest(gtest_test_utils.TestCase):
- """Tests using the GTEST_BREAK_ON_FAILURE environment variable or
- the --gtest_break_on_failure flag to turn assertion failures into
- segmentation faults.
- """
-
- def RunAndVerify(self, env_var_value, flag_value, expect_seg_fault):
- """Runs gtest_break_on_failure_unittest_ and verifies that it does
- (or does not) have a seg-fault.
-
- Args:
- env_var_value: value of the GTEST_BREAK_ON_FAILURE environment
- variable; None if the variable should be unset.
- flag_value: value of the --gtest_break_on_failure flag;
- None if the flag should not be present.
- expect_seg_fault: 1 if the program is expected to generate a seg-fault;
- 0 otherwise.
- """
-
- SetEnvVar(BREAK_ON_FAILURE_ENV_VAR, env_var_value)
-
- if env_var_value is None:
- env_var_value_msg = ' is not set'
- else:
- env_var_value_msg = '=' + env_var_value
-
- if flag_value is None:
- flag = ''
- elif flag_value == '0':
- flag = '--%s=0' % BREAK_ON_FAILURE_FLAG
- else:
- flag = '--%s' % BREAK_ON_FAILURE_FLAG
-
- command = [EXE_PATH]
- if flag:
- command.append(flag)
-
- if expect_seg_fault:
- should_or_not = 'should'
- else:
- should_or_not = 'should not'
-
- has_seg_fault = Run(command)
-
- SetEnvVar(BREAK_ON_FAILURE_ENV_VAR, None)
-
- msg = ('when %s%s, an assertion failure in "%s" %s cause a seg-fault.' %
- (BREAK_ON_FAILURE_ENV_VAR, env_var_value_msg, ' '.join(command),
- should_or_not))
- self.assert_(has_seg_fault == expect_seg_fault, msg)
-
- def testDefaultBehavior(self):
- """Tests the behavior of the default mode."""
-
- self.RunAndVerify(env_var_value=None,
- flag_value=None,
- expect_seg_fault=0)
-
- def testEnvVar(self):
- """Tests using the GTEST_BREAK_ON_FAILURE environment variable."""
-
- self.RunAndVerify(env_var_value='0',
- flag_value=None,
- expect_seg_fault=0)
- self.RunAndVerify(env_var_value='1',
- flag_value=None,
- expect_seg_fault=1)
-
- def testFlag(self):
- """Tests using the --gtest_break_on_failure flag."""
-
- self.RunAndVerify(env_var_value=None,
- flag_value='0',
- expect_seg_fault=0)
- self.RunAndVerify(env_var_value=None,
- flag_value='1',
- expect_seg_fault=1)
-
- def testFlagOverridesEnvVar(self):
- """Tests that the flag overrides the environment variable."""
-
- self.RunAndVerify(env_var_value='0',
- flag_value='0',
- expect_seg_fault=0)
- self.RunAndVerify(env_var_value='0',
- flag_value='1',
- expect_seg_fault=1)
- self.RunAndVerify(env_var_value='1',
- flag_value='0',
- expect_seg_fault=0)
- self.RunAndVerify(env_var_value='1',
- flag_value='1',
- expect_seg_fault=1)
-
- def testBreakOnFailureOverridesThrowOnFailure(self):
- """Tests that gtest_break_on_failure overrides gtest_throw_on_failure."""
-
- SetEnvVar(THROW_ON_FAILURE_ENV_VAR, '1')
- try:
- self.RunAndVerify(env_var_value=None,
- flag_value='1',
- expect_seg_fault=1)
- finally:
- SetEnvVar(THROW_ON_FAILURE_ENV_VAR, None)
-
- if IS_WINDOWS:
- def testCatchExceptionsDoesNotInterfere(self):
- """Tests that gtest_catch_exceptions doesn't interfere."""
-
- SetEnvVar(CATCH_EXCEPTIONS_ENV_VAR, '1')
- try:
- self.RunAndVerify(env_var_value='1',
- flag_value='1',
- expect_seg_fault=1)
- finally:
- SetEnvVar(CATCH_EXCEPTIONS_ENV_VAR, None)
-
-
-if __name__ == '__main__':
- gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_break_on_failure_unittest_.cc b/security/nss/gtests/google_test/gtest/test/gtest_break_on_failure_unittest_.cc
deleted file mode 100644
index dd07478c0..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_break_on_failure_unittest_.cc
+++ /dev/null
@@ -1,88 +0,0 @@
-// Copyright 2006, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
-// Unit test for Google Test's break-on-failure mode.
-//
-// A user can ask Google Test to seg-fault when an assertion fails, using
-// either the GTEST_BREAK_ON_FAILURE environment variable or the
-// --gtest_break_on_failure flag. This file is used for testing such
-// functionality.
-//
-// This program will be invoked from a Python unit test. It is
-// expected to fail. Don't run it directly.
-
-#include "gtest/gtest.h"
-
-#if GTEST_OS_WINDOWS
-# include <windows.h>
-# include <stdlib.h>
-#endif
-
-namespace {
-
-// A test that's expected to fail.
-TEST(Foo, Bar) {
- EXPECT_EQ(2, 3);
-}
-
-#if GTEST_HAS_SEH && !GTEST_OS_WINDOWS_MOBILE
-// On Windows Mobile global exception handlers are not supported.
-LONG WINAPI ExitWithExceptionCode(
- struct _EXCEPTION_POINTERS* exception_pointers) {
- exit(exception_pointers->ExceptionRecord->ExceptionCode);
-}
-#endif
-
-} // namespace
-
-int main(int argc, char **argv) {
-#if GTEST_OS_WINDOWS
- // Suppresses display of the Windows error dialog upon encountering
- // a general protection fault (segment violation).
- SetErrorMode(SEM_NOGPFAULTERRORBOX | SEM_FAILCRITICALERRORS);
-
-# if GTEST_HAS_SEH && !GTEST_OS_WINDOWS_MOBILE
-
- // The default unhandled exception filter does not always exit
- // with the exception code as exit code - for example it exits with
- // 0 for EXCEPTION_ACCESS_VIOLATION and 1 for EXCEPTION_BREAKPOINT
- // if the application is compiled in debug mode. Thus we use our own
- // filter which always exits with the exception code for unhandled
- // exceptions.
- SetUnhandledExceptionFilter(ExitWithExceptionCode);
-
-# endif
-#endif
-
- testing::InitGoogleTest(&argc, argv);
-
- return RUN_ALL_TESTS();
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_catch_exceptions_test.py b/security/nss/gtests/google_test/gtest/test/gtest_catch_exceptions_test.py
deleted file mode 100755
index e6fc22fd1..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_catch_exceptions_test.py
+++ /dev/null
@@ -1,237 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2010 Google Inc. All Rights Reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-# * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-"""Tests Google Test's exception catching behavior.
-
-This script invokes gtest_catch_exceptions_test_ and
-gtest_catch_exceptions_ex_test_ (programs written with
-Google Test) and verifies their output.
-"""
-
-__author__ = 'vladl@google.com (Vlad Losev)'
-
-import os
-
-import gtest_test_utils
-
-# Constants.
-FLAG_PREFIX = '--gtest_'
-LIST_TESTS_FLAG = FLAG_PREFIX + 'list_tests'
-NO_CATCH_EXCEPTIONS_FLAG = FLAG_PREFIX + 'catch_exceptions=0'
-FILTER_FLAG = FLAG_PREFIX + 'filter'
-
-# Path to the gtest_catch_exceptions_ex_test_ binary, compiled with
-# exceptions enabled.
-EX_EXE_PATH = gtest_test_utils.GetTestExecutablePath(
- 'gtest_catch_exceptions_ex_test_')
-
-# Path to the gtest_catch_exceptions_test_ binary, compiled with
-# exceptions disabled.
-EXE_PATH = gtest_test_utils.GetTestExecutablePath(
- 'gtest_catch_exceptions_no_ex_test_')
-
-environ = gtest_test_utils.environ
-SetEnvVar = gtest_test_utils.SetEnvVar
-
-# Tests in this file run a Google-Test-based test program and expect it
-# to terminate prematurely. Therefore they are incompatible with
-# the premature-exit-file protocol by design. Unset the
-# premature-exit filepath to prevent Google Test from creating
-# the file.
-SetEnvVar(gtest_test_utils.PREMATURE_EXIT_FILE_ENV_VAR, None)
-
-TEST_LIST = gtest_test_utils.Subprocess(
- [EXE_PATH, LIST_TESTS_FLAG], env=environ).output
-
-SUPPORTS_SEH_EXCEPTIONS = 'ThrowsSehException' in TEST_LIST
-
-if SUPPORTS_SEH_EXCEPTIONS:
- BINARY_OUTPUT = gtest_test_utils.Subprocess([EXE_PATH], env=environ).output
-
-EX_BINARY_OUTPUT = gtest_test_utils.Subprocess(
- [EX_EXE_PATH], env=environ).output
-
-
-# The tests.
-if SUPPORTS_SEH_EXCEPTIONS:
- # pylint:disable-msg=C6302
- class CatchSehExceptionsTest(gtest_test_utils.TestCase):
- """Tests exception-catching behavior."""
-
-
- def TestSehExceptions(self, test_output):
- self.assert_('SEH exception with code 0x2a thrown '
- 'in the test fixture\'s constructor'
- in test_output)
- self.assert_('SEH exception with code 0x2a thrown '
- 'in the test fixture\'s destructor'
- in test_output)
- self.assert_('SEH exception with code 0x2a thrown in SetUpTestCase()'
- in test_output)
- self.assert_('SEH exception with code 0x2a thrown in TearDownTestCase()'
- in test_output)
- self.assert_('SEH exception with code 0x2a thrown in SetUp()'
- in test_output)
- self.assert_('SEH exception with code 0x2a thrown in TearDown()'
- in test_output)
- self.assert_('SEH exception with code 0x2a thrown in the test body'
- in test_output)
-
- def testCatchesSehExceptionsWithCxxExceptionsEnabled(self):
- self.TestSehExceptions(EX_BINARY_OUTPUT)
-
- def testCatchesSehExceptionsWithCxxExceptionsDisabled(self):
- self.TestSehExceptions(BINARY_OUTPUT)
-
-
-class CatchCxxExceptionsTest(gtest_test_utils.TestCase):
- """Tests C++ exception-catching behavior.
-
- Tests in this test case verify that:
- * C++ exceptions are caught and logged as C++ (not SEH) exceptions
- * Exception thrown affect the remainder of the test work flow in the
- expected manner.
- """
-
- def testCatchesCxxExceptionsInFixtureConstructor(self):
- self.assert_('C++ exception with description '
- '"Standard C++ exception" thrown '
- 'in the test fixture\'s constructor'
- in EX_BINARY_OUTPUT)
- self.assert_('unexpected' not in EX_BINARY_OUTPUT,
- 'This failure belongs in this test only if '
- '"CxxExceptionInConstructorTest" (no quotes) '
- 'appears on the same line as words "called unexpectedly"')
-
- if ('CxxExceptionInDestructorTest.ThrowsExceptionInDestructor' in
- EX_BINARY_OUTPUT):
-
- def testCatchesCxxExceptionsInFixtureDestructor(self):
- self.assert_('C++ exception with description '
- '"Standard C++ exception" thrown '
- 'in the test fixture\'s destructor'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInDestructorTest::TearDownTestCase() '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
-
- def testCatchesCxxExceptionsInSetUpTestCase(self):
- self.assert_('C++ exception with description "Standard C++ exception"'
- ' thrown in SetUpTestCase()'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInConstructorTest::TearDownTestCase() '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInSetUpTestCaseTest constructor '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInSetUpTestCaseTest destructor '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInSetUpTestCaseTest::SetUp() '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInSetUpTestCaseTest::TearDown() '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInSetUpTestCaseTest test body '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
-
- def testCatchesCxxExceptionsInTearDownTestCase(self):
- self.assert_('C++ exception with description "Standard C++ exception"'
- ' thrown in TearDownTestCase()'
- in EX_BINARY_OUTPUT)
-
- def testCatchesCxxExceptionsInSetUp(self):
- self.assert_('C++ exception with description "Standard C++ exception"'
- ' thrown in SetUp()'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInSetUpTest::TearDownTestCase() '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInSetUpTest destructor '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInSetUpTest::TearDown() '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
- self.assert_('unexpected' not in EX_BINARY_OUTPUT,
- 'This failure belongs in this test only if '
- '"CxxExceptionInSetUpTest" (no quotes) '
- 'appears on the same line as words "called unexpectedly"')
-
- def testCatchesCxxExceptionsInTearDown(self):
- self.assert_('C++ exception with description "Standard C++ exception"'
- ' thrown in TearDown()'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInTearDownTest::TearDownTestCase() '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInTearDownTest destructor '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
-
- def testCatchesCxxExceptionsInTestBody(self):
- self.assert_('C++ exception with description "Standard C++ exception"'
- ' thrown in the test body'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInTestBodyTest::TearDownTestCase() '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInTestBodyTest destructor '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
- self.assert_('CxxExceptionInTestBodyTest::TearDown() '
- 'called as expected.'
- in EX_BINARY_OUTPUT)
-
- def testCatchesNonStdCxxExceptions(self):
- self.assert_('Unknown C++ exception thrown in the test body'
- in EX_BINARY_OUTPUT)
-
- def testUnhandledCxxExceptionsAbortTheProgram(self):
- # Filters out SEH exception tests on Windows. Unhandled SEH exceptions
- # cause tests to show pop-up windows there.
- FITLER_OUT_SEH_TESTS_FLAG = FILTER_FLAG + '=-*Seh*'
- # By default, Google Test doesn't catch the exceptions.
- uncaught_exceptions_ex_binary_output = gtest_test_utils.Subprocess(
- [EX_EXE_PATH,
- NO_CATCH_EXCEPTIONS_FLAG,
- FITLER_OUT_SEH_TESTS_FLAG],
- env=environ).output
-
- self.assert_('Unhandled C++ exception terminating the program'
- in uncaught_exceptions_ex_binary_output)
- self.assert_('unexpected' not in uncaught_exceptions_ex_binary_output)
-
-
-if __name__ == '__main__':
- gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_catch_exceptions_test_.cc b/security/nss/gtests/google_test/gtest/test/gtest_catch_exceptions_test_.cc
deleted file mode 100644
index d0fc82c99..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_catch_exceptions_test_.cc
+++ /dev/null
@@ -1,311 +0,0 @@
-// Copyright 2010, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: vladl@google.com (Vlad Losev)
-//
-// Tests for Google Test itself. Tests in this file throw C++ or SEH
-// exceptions, and the output is verified by gtest_catch_exceptions_test.py.
-
-#include "gtest/gtest.h"
-
-#include <stdio.h> // NOLINT
-#include <stdlib.h> // For exit().
-
-#if GTEST_HAS_SEH
-# include <windows.h>
-#endif
-
-#if GTEST_HAS_EXCEPTIONS
-# include <exception> // For set_terminate().
-# include <stdexcept>
-#endif
-
-using testing::Test;
-
-#if GTEST_HAS_SEH
-
-class SehExceptionInConstructorTest : public Test {
- public:
- SehExceptionInConstructorTest() { RaiseException(42, 0, 0, NULL); }
-};
-
-TEST_F(SehExceptionInConstructorTest, ThrowsExceptionInConstructor) {}
-
-class SehExceptionInDestructorTest : public Test {
- public:
- ~SehExceptionInDestructorTest() { RaiseException(42, 0, 0, NULL); }
-};
-
-TEST_F(SehExceptionInDestructorTest, ThrowsExceptionInDestructor) {}
-
-class SehExceptionInSetUpTestCaseTest : public Test {
- public:
- static void SetUpTestCase() { RaiseException(42, 0, 0, NULL); }
-};
-
-TEST_F(SehExceptionInSetUpTestCaseTest, ThrowsExceptionInSetUpTestCase) {}
-
-class SehExceptionInTearDownTestCaseTest : public Test {
- public:
- static void TearDownTestCase() { RaiseException(42, 0, 0, NULL); }
-};
-
-TEST_F(SehExceptionInTearDownTestCaseTest, ThrowsExceptionInTearDownTestCase) {}
-
-class SehExceptionInSetUpTest : public Test {
- protected:
- virtual void SetUp() { RaiseException(42, 0, 0, NULL); }
-};
-
-TEST_F(SehExceptionInSetUpTest, ThrowsExceptionInSetUp) {}
-
-class SehExceptionInTearDownTest : public Test {
- protected:
- virtual void TearDown() { RaiseException(42, 0, 0, NULL); }
-};
-
-TEST_F(SehExceptionInTearDownTest, ThrowsExceptionInTearDown) {}
-
-TEST(SehExceptionTest, ThrowsSehException) {
- RaiseException(42, 0, 0, NULL);
-}
-
-#endif // GTEST_HAS_SEH
-
-#if GTEST_HAS_EXCEPTIONS
-
-class CxxExceptionInConstructorTest : public Test {
- public:
- CxxExceptionInConstructorTest() {
- // Without this macro VC++ complains about unreachable code at the end of
- // the constructor.
- GTEST_SUPPRESS_UNREACHABLE_CODE_WARNING_BELOW_(
- throw std::runtime_error("Standard C++ exception"));
- }
-
- static void TearDownTestCase() {
- printf("%s",
- "CxxExceptionInConstructorTest::TearDownTestCase() "
- "called as expected.\n");
- }
-
- protected:
- ~CxxExceptionInConstructorTest() {
- ADD_FAILURE() << "CxxExceptionInConstructorTest destructor "
- << "called unexpectedly.";
- }
-
- virtual void SetUp() {
- ADD_FAILURE() << "CxxExceptionInConstructorTest::SetUp() "
- << "called unexpectedly.";
- }
-
- virtual void TearDown() {
- ADD_FAILURE() << "CxxExceptionInConstructorTest::TearDown() "
- << "called unexpectedly.";
- }
-};
-
-TEST_F(CxxExceptionInConstructorTest, ThrowsExceptionInConstructor) {
- ADD_FAILURE() << "CxxExceptionInConstructorTest test body "
- << "called unexpectedly.";
-}
-
-// Exceptions in destructors are not supported in C++11.
-#if !defined(__GXX_EXPERIMENTAL_CXX0X__) && __cplusplus < 201103L
-class CxxExceptionInDestructorTest : public Test {
- public:
- static void TearDownTestCase() {
- printf("%s",
- "CxxExceptionInDestructorTest::TearDownTestCase() "
- "called as expected.\n");
- }
-
- protected:
- ~CxxExceptionInDestructorTest() {
- GTEST_SUPPRESS_UNREACHABLE_CODE_WARNING_BELOW_(
- throw std::runtime_error("Standard C++ exception"));
- }
-};
-
-TEST_F(CxxExceptionInDestructorTest, ThrowsExceptionInDestructor) {}
-#endif // C++11 mode
-
-class CxxExceptionInSetUpTestCaseTest : public Test {
- public:
- CxxExceptionInSetUpTestCaseTest() {
- printf("%s",
- "CxxExceptionInSetUpTestCaseTest constructor "
- "called as expected.\n");
- }
-
- static void SetUpTestCase() {
- throw std::runtime_error("Standard C++ exception");
- }
-
- static void TearDownTestCase() {
- printf("%s",
- "CxxExceptionInSetUpTestCaseTest::TearDownTestCase() "
- "called as expected.\n");
- }
-
- protected:
- ~CxxExceptionInSetUpTestCaseTest() {
- printf("%s",
- "CxxExceptionInSetUpTestCaseTest destructor "
- "called as expected.\n");
- }
-
- virtual void SetUp() {
- printf("%s",
- "CxxExceptionInSetUpTestCaseTest::SetUp() "
- "called as expected.\n");
- }
-
- virtual void TearDown() {
- printf("%s",
- "CxxExceptionInSetUpTestCaseTest::TearDown() "
- "called as expected.\n");
- }
-};
-
-TEST_F(CxxExceptionInSetUpTestCaseTest, ThrowsExceptionInSetUpTestCase) {
- printf("%s",
- "CxxExceptionInSetUpTestCaseTest test body "
- "called as expected.\n");
-}
-
-class CxxExceptionInTearDownTestCaseTest : public Test {
- public:
- static void TearDownTestCase() {
- throw std::runtime_error("Standard C++ exception");
- }
-};
-
-TEST_F(CxxExceptionInTearDownTestCaseTest, ThrowsExceptionInTearDownTestCase) {}
-
-class CxxExceptionInSetUpTest : public Test {
- public:
- static void TearDownTestCase() {
- printf("%s",
- "CxxExceptionInSetUpTest::TearDownTestCase() "
- "called as expected.\n");
- }
-
- protected:
- ~CxxExceptionInSetUpTest() {
- printf("%s",
- "CxxExceptionInSetUpTest destructor "
- "called as expected.\n");
- }
-
- virtual void SetUp() { throw std::runtime_error("Standard C++ exception"); }
-
- virtual void TearDown() {
- printf("%s",
- "CxxExceptionInSetUpTest::TearDown() "
- "called as expected.\n");
- }
-};
-
-TEST_F(CxxExceptionInSetUpTest, ThrowsExceptionInSetUp) {
- ADD_FAILURE() << "CxxExceptionInSetUpTest test body "
- << "called unexpectedly.";
-}
-
-class CxxExceptionInTearDownTest : public Test {
- public:
- static void TearDownTestCase() {
- printf("%s",
- "CxxExceptionInTearDownTest::TearDownTestCase() "
- "called as expected.\n");
- }
-
- protected:
- ~CxxExceptionInTearDownTest() {
- printf("%s",
- "CxxExceptionInTearDownTest destructor "
- "called as expected.\n");
- }
-
- virtual void TearDown() {
- throw std::runtime_error("Standard C++ exception");
- }
-};
-
-TEST_F(CxxExceptionInTearDownTest, ThrowsExceptionInTearDown) {}
-
-class CxxExceptionInTestBodyTest : public Test {
- public:
- static void TearDownTestCase() {
- printf("%s",
- "CxxExceptionInTestBodyTest::TearDownTestCase() "
- "called as expected.\n");
- }
-
- protected:
- ~CxxExceptionInTestBodyTest() {
- printf("%s",
- "CxxExceptionInTestBodyTest destructor "
- "called as expected.\n");
- }
-
- virtual void TearDown() {
- printf("%s",
- "CxxExceptionInTestBodyTest::TearDown() "
- "called as expected.\n");
- }
-};
-
-TEST_F(CxxExceptionInTestBodyTest, ThrowsStdCxxException) {
- throw std::runtime_error("Standard C++ exception");
-}
-
-TEST(CxxExceptionTest, ThrowsNonStdCxxException) {
- throw "C-string";
-}
-
-// This terminate handler aborts the program using exit() rather than abort().
-// This avoids showing pop-ups on Windows systems and core dumps on Unix-like
-// ones.
-void TerminateHandler() {
- fprintf(stderr, "%s\n", "Unhandled C++ exception terminating the program.");
- fflush(NULL);
- exit(3);
-}
-
-#endif // GTEST_HAS_EXCEPTIONS
-
-int main(int argc, char** argv) {
-#if GTEST_HAS_EXCEPTIONS
- std::set_terminate(&TerminateHandler);
-#endif
- testing::InitGoogleTest(&argc, argv);
- return RUN_ALL_TESTS();
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_color_test.py b/security/nss/gtests/google_test/gtest/test/gtest_color_test.py
deleted file mode 100755
index d02a53ed8..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_color_test.py
+++ /dev/null
@@ -1,130 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2008, Google Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-# * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-"""Verifies that Google Test correctly determines whether to use colors."""
-
-__author__ = 'wan@google.com (Zhanyong Wan)'
-
-import os
-import gtest_test_utils
-
-
-IS_WINDOWS = os.name = 'nt'
-
-COLOR_ENV_VAR = 'GTEST_COLOR'
-COLOR_FLAG = 'gtest_color'
-COMMAND = gtest_test_utils.GetTestExecutablePath('gtest_color_test_')
-
-
-def SetEnvVar(env_var, value):
- """Sets the env variable to 'value'; unsets it when 'value' is None."""
-
- if value is not None:
- os.environ[env_var] = value
- elif env_var in os.environ:
- del os.environ[env_var]
-
-
-def UsesColor(term, color_env_var, color_flag):
- """Runs gtest_color_test_ and returns its exit code."""
-
- SetEnvVar('TERM', term)
- SetEnvVar(COLOR_ENV_VAR, color_env_var)
-
- if color_flag is None:
- args = []
- else:
- args = ['--%s=%s' % (COLOR_FLAG, color_flag)]
- p = gtest_test_utils.Subprocess([COMMAND] + args)
- return not p.exited or p.exit_code
-
-
-class GTestColorTest(gtest_test_utils.TestCase):
- def testNoEnvVarNoFlag(self):
- """Tests the case when there's neither GTEST_COLOR nor --gtest_color."""
-
- if not IS_WINDOWS:
- self.assert_(not UsesColor('dumb', None, None))
- self.assert_(not UsesColor('emacs', None, None))
- self.assert_(not UsesColor('xterm-mono', None, None))
- self.assert_(not UsesColor('unknown', None, None))
- self.assert_(not UsesColor(None, None, None))
- self.assert_(UsesColor('linux', None, None))
- self.assert_(UsesColor('cygwin', None, None))
- self.assert_(UsesColor('xterm', None, None))
- self.assert_(UsesColor('xterm-color', None, None))
- self.assert_(UsesColor('xterm-256color', None, None))
-
- def testFlagOnly(self):
- """Tests the case when there's --gtest_color but not GTEST_COLOR."""
-
- self.assert_(not UsesColor('dumb', None, 'no'))
- self.assert_(not UsesColor('xterm-color', None, 'no'))
- if not IS_WINDOWS:
- self.assert_(not UsesColor('emacs', None, 'auto'))
- self.assert_(UsesColor('xterm', None, 'auto'))
- self.assert_(UsesColor('dumb', None, 'yes'))
- self.assert_(UsesColor('xterm', None, 'yes'))
-
- def testEnvVarOnly(self):
- """Tests the case when there's GTEST_COLOR but not --gtest_color."""
-
- self.assert_(not UsesColor('dumb', 'no', None))
- self.assert_(not UsesColor('xterm-color', 'no', None))
- if not IS_WINDOWS:
- self.assert_(not UsesColor('dumb', 'auto', None))
- self.assert_(UsesColor('xterm-color', 'auto', None))
- self.assert_(UsesColor('dumb', 'yes', None))
- self.assert_(UsesColor('xterm-color', 'yes', None))
-
- def testEnvVarAndFlag(self):
- """Tests the case when there are both GTEST_COLOR and --gtest_color."""
-
- self.assert_(not UsesColor('xterm-color', 'no', 'no'))
- self.assert_(UsesColor('dumb', 'no', 'yes'))
- self.assert_(UsesColor('xterm-color', 'no', 'auto'))
-
- def testAliasesOfYesAndNo(self):
- """Tests using aliases in specifying --gtest_color."""
-
- self.assert_(UsesColor('dumb', None, 'true'))
- self.assert_(UsesColor('dumb', None, 'YES'))
- self.assert_(UsesColor('dumb', None, 'T'))
- self.assert_(UsesColor('dumb', None, '1'))
-
- self.assert_(not UsesColor('xterm', None, 'f'))
- self.assert_(not UsesColor('xterm', None, 'false'))
- self.assert_(not UsesColor('xterm', None, '0'))
- self.assert_(not UsesColor('xterm', None, 'unknown'))
-
-
-if __name__ == '__main__':
- gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_color_test_.cc b/security/nss/gtests/google_test/gtest/test/gtest_color_test_.cc
deleted file mode 100644
index f61ebb89b..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_color_test_.cc
+++ /dev/null
@@ -1,71 +0,0 @@
-// Copyright 2008, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
-// A helper program for testing how Google Test determines whether to use
-// colors in the output. It prints "YES" and returns 1 if Google Test
-// decides to use colors, and prints "NO" and returns 0 otherwise.
-
-#include <stdio.h>
-
-#include "gtest/gtest.h"
-
-// Indicates that this translation unit is part of Google Test's
-// implementation. It must come before gtest-internal-inl.h is
-// included, or there will be a compiler error. This trick is to
-// prevent a user from accidentally including gtest-internal-inl.h in
-// his code.
-#define GTEST_IMPLEMENTATION_ 1
-#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
-
-using testing::internal::ShouldUseColor;
-
-// The purpose of this is to ensure that the UnitTest singleton is
-// created before main() is entered, and thus that ShouldUseColor()
-// works the same way as in a real Google-Test-based test. We don't actual
-// run the TEST itself.
-TEST(GTestColorTest, Dummy) {
-}
-
-int main(int argc, char** argv) {
- testing::InitGoogleTest(&argc, argv);
-
- if (ShouldUseColor(true)) {
- // Google Test decides to use colors in the output (assuming it
- // goes to a TTY).
- printf("YES\n");
- return 1;
- } else {
- // Google Test decides not to use colors in the output.
- printf("NO\n");
- return 0;
- }
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_env_var_test.py b/security/nss/gtests/google_test/gtest/test/gtest_env_var_test.py
deleted file mode 100755
index ac24337fa..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_env_var_test.py
+++ /dev/null
@@ -1,103 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2008, Google Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-# * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-"""Verifies that Google Test correctly parses environment variables."""
-
-__author__ = 'wan@google.com (Zhanyong Wan)'
-
-import os
-import gtest_test_utils
-
-
-IS_WINDOWS = os.name == 'nt'
-IS_LINUX = os.name == 'posix' and os.uname()[0] == 'Linux'
-
-COMMAND = gtest_test_utils.GetTestExecutablePath('gtest_env_var_test_')
-
-environ = os.environ.copy()
-
-
-def AssertEq(expected, actual):
- if expected != actual:
- print 'Expected: %s' % (expected,)
- print ' Actual: %s' % (actual,)
- raise AssertionError
-
-
-def SetEnvVar(env_var, value):
- """Sets the env variable to 'value'; unsets it when 'value' is None."""
-
- if value is not None:
- environ[env_var] = value
- elif env_var in environ:
- del environ[env_var]
-
-
-def GetFlag(flag):
- """Runs gtest_env_var_test_ and returns its output."""
-
- args = [COMMAND]
- if flag is not None:
- args += [flag]
- return gtest_test_utils.Subprocess(args, env=environ).output
-
-
-def TestFlag(flag, test_val, default_val):
- """Verifies that the given flag is affected by the corresponding env var."""
-
- env_var = 'GTEST_' + flag.upper()
- SetEnvVar(env_var, test_val)
- AssertEq(test_val, GetFlag(flag))
- SetEnvVar(env_var, None)
- AssertEq(default_val, GetFlag(flag))
-
-
-class GTestEnvVarTest(gtest_test_utils.TestCase):
- def testEnvVarAffectsFlag(self):
- """Tests that environment variable should affect the corresponding flag."""
-
- TestFlag('break_on_failure', '1', '0')
- TestFlag('color', 'yes', 'auto')
- TestFlag('filter', 'FooTest.Bar', '*')
- TestFlag('output', 'xml:tmp/foo.xml', '')
- TestFlag('print_time', '0', '1')
- TestFlag('repeat', '999', '1')
- TestFlag('throw_on_failure', '1', '0')
- TestFlag('death_test_style', 'threadsafe', 'fast')
- TestFlag('catch_exceptions', '0', '1')
-
- if IS_LINUX:
- TestFlag('death_test_use_fork', '1', '0')
- TestFlag('stack_trace_depth', '0', '100')
-
-
-if __name__ == '__main__':
- gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_env_var_test_.cc b/security/nss/gtests/google_test/gtest/test/gtest_env_var_test_.cc
deleted file mode 100644
index 539afc968..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_env_var_test_.cc
+++ /dev/null
@@ -1,126 +0,0 @@
-// Copyright 2008, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
-// A helper program for testing that Google Test parses the environment
-// variables correctly.
-
-#include "gtest/gtest.h"
-
-#include <iostream>
-
-#define GTEST_IMPLEMENTATION_ 1
-#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
-
-using ::std::cout;
-
-namespace testing {
-
-// The purpose of this is to make the test more realistic by ensuring
-// that the UnitTest singleton is created before main() is entered.
-// We don't actual run the TEST itself.
-TEST(GTestEnvVarTest, Dummy) {
-}
-
-void PrintFlag(const char* flag) {
- if (strcmp(flag, "break_on_failure") == 0) {
- cout << GTEST_FLAG(break_on_failure);
- return;
- }
-
- if (strcmp(flag, "catch_exceptions") == 0) {
- cout << GTEST_FLAG(catch_exceptions);
- return;
- }
-
- if (strcmp(flag, "color") == 0) {
- cout << GTEST_FLAG(color);
- return;
- }
-
- if (strcmp(flag, "death_test_style") == 0) {
- cout << GTEST_FLAG(death_test_style);
- return;
- }
-
- if (strcmp(flag, "death_test_use_fork") == 0) {
- cout << GTEST_FLAG(death_test_use_fork);
- return;
- }
-
- if (strcmp(flag, "filter") == 0) {
- cout << GTEST_FLAG(filter);
- return;
- }
-
- if (strcmp(flag, "output") == 0) {
- cout << GTEST_FLAG(output);
- return;
- }
-
- if (strcmp(flag, "print_time") == 0) {
- cout << GTEST_FLAG(print_time);
- return;
- }
-
- if (strcmp(flag, "repeat") == 0) {
- cout << GTEST_FLAG(repeat);
- return;
- }
-
- if (strcmp(flag, "stack_trace_depth") == 0) {
- cout << GTEST_FLAG(stack_trace_depth);
- return;
- }
-
- if (strcmp(flag, "throw_on_failure") == 0) {
- cout << GTEST_FLAG(throw_on_failure);
- return;
- }
-
- cout << "Invalid flag name " << flag
- << ". Valid names are break_on_failure, color, filter, etc.\n";
- exit(1);
-}
-
-} // namespace testing
-
-int main(int argc, char** argv) {
- testing::InitGoogleTest(&argc, argv);
-
- if (argc != 2) {
- cout << "Usage: gtest_env_var_test_ NAME_OF_FLAG\n";
- return 1;
- }
-
- testing::PrintFlag(argv[1]);
- return 0;
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_environment_test.cc b/security/nss/gtests/google_test/gtest/test/gtest_environment_test.cc
index 3cff19e70..bc9524d66 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_environment_test.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_environment_test.cc
@@ -26,18 +26,14 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
//
// Tests using global test environments.
#include <stdlib.h>
#include <stdio.h>
#include "gtest/gtest.h"
-
-#define GTEST_IMPLEMENTATION_ 1 // Required for the next #include.
#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
namespace testing {
GTEST_DECLARE_string_(filter);
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_filter_unittest.py b/security/nss/gtests/google_test/gtest/test/gtest_filter_unittest.py
deleted file mode 100755
index 0d1a77005..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_filter_unittest.py
+++ /dev/null
@@ -1,633 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2005 Google Inc. All Rights Reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-# * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-"""Unit test for Google Test test filters.
-
-A user can specify which test(s) in a Google Test program to run via either
-the GTEST_FILTER environment variable or the --gtest_filter flag.
-This script tests such functionality by invoking
-gtest_filter_unittest_ (a program written with Google Test) with different
-environments and command line flags.
-
-Note that test sharding may also influence which tests are filtered. Therefore,
-we test that here also.
-"""
-
-__author__ = 'wan@google.com (Zhanyong Wan)'
-
-import os
-import re
-import sets
-import sys
-
-import gtest_test_utils
-
-# Constants.
-
-# Checks if this platform can pass empty environment variables to child
-# processes. We set an env variable to an empty string and invoke a python
-# script in a subprocess to print whether the variable is STILL in
-# os.environ. We then use 'eval' to parse the child's output so that an
-# exception is thrown if the input is anything other than 'True' nor 'False'.
-os.environ['EMPTY_VAR'] = ''
-child = gtest_test_utils.Subprocess(
- [sys.executable, '-c', 'import os; print \'EMPTY_VAR\' in os.environ'])
-CAN_PASS_EMPTY_ENV = eval(child.output)
-
-
-# Check if this platform can unset environment variables in child processes.
-# We set an env variable to a non-empty string, unset it, and invoke
-# a python script in a subprocess to print whether the variable
-# is NO LONGER in os.environ.
-# We use 'eval' to parse the child's output so that an exception
-# is thrown if the input is neither 'True' nor 'False'.
-os.environ['UNSET_VAR'] = 'X'
-del os.environ['UNSET_VAR']
-child = gtest_test_utils.Subprocess(
- [sys.executable, '-c', 'import os; print \'UNSET_VAR\' not in os.environ'])
-CAN_UNSET_ENV = eval(child.output)
-
-
-# Checks if we should test with an empty filter. This doesn't
-# make sense on platforms that cannot pass empty env variables (Win32)
-# and on platforms that cannot unset variables (since we cannot tell
-# the difference between "" and NULL -- Borland and Solaris < 5.10)
-CAN_TEST_EMPTY_FILTER = (CAN_PASS_EMPTY_ENV and CAN_UNSET_ENV)
-
-
-# The environment variable for specifying the test filters.
-FILTER_ENV_VAR = 'GTEST_FILTER'
-
-# The environment variables for test sharding.
-TOTAL_SHARDS_ENV_VAR = 'GTEST_TOTAL_SHARDS'
-SHARD_INDEX_ENV_VAR = 'GTEST_SHARD_INDEX'
-SHARD_STATUS_FILE_ENV_VAR = 'GTEST_SHARD_STATUS_FILE'
-
-# The command line flag for specifying the test filters.
-FILTER_FLAG = 'gtest_filter'
-
-# The command line flag for including disabled tests.
-ALSO_RUN_DISABED_TESTS_FLAG = 'gtest_also_run_disabled_tests'
-
-# Command to run the gtest_filter_unittest_ program.
-COMMAND = gtest_test_utils.GetTestExecutablePath('gtest_filter_unittest_')
-
-# Regex for determining whether parameterized tests are enabled in the binary.
-PARAM_TEST_REGEX = re.compile(r'/ParamTest')
-
-# Regex for parsing test case names from Google Test's output.
-TEST_CASE_REGEX = re.compile(r'^\[\-+\] \d+ tests? from (\w+(/\w+)?)')
-
-# Regex for parsing test names from Google Test's output.
-TEST_REGEX = re.compile(r'^\[\s*RUN\s*\].*\.(\w+(/\w+)?)')
-
-# The command line flag to tell Google Test to output the list of tests it
-# will run.
-LIST_TESTS_FLAG = '--gtest_list_tests'
-
-# Indicates whether Google Test supports death tests.
-SUPPORTS_DEATH_TESTS = 'HasDeathTest' in gtest_test_utils.Subprocess(
- [COMMAND, LIST_TESTS_FLAG]).output
-
-# Full names of all tests in gtest_filter_unittests_.
-PARAM_TESTS = [
- 'SeqP/ParamTest.TestX/0',
- 'SeqP/ParamTest.TestX/1',
- 'SeqP/ParamTest.TestY/0',
- 'SeqP/ParamTest.TestY/1',
- 'SeqQ/ParamTest.TestX/0',
- 'SeqQ/ParamTest.TestX/1',
- 'SeqQ/ParamTest.TestY/0',
- 'SeqQ/ParamTest.TestY/1',
- ]
-
-DISABLED_TESTS = [
- 'BarTest.DISABLED_TestFour',
- 'BarTest.DISABLED_TestFive',
- 'BazTest.DISABLED_TestC',
- 'DISABLED_FoobarTest.Test1',
- 'DISABLED_FoobarTest.DISABLED_Test2',
- 'DISABLED_FoobarbazTest.TestA',
- ]
-
-if SUPPORTS_DEATH_TESTS:
- DEATH_TESTS = [
- 'HasDeathTest.Test1',
- 'HasDeathTest.Test2',
- ]
-else:
- DEATH_TESTS = []
-
-# All the non-disabled tests.
-ACTIVE_TESTS = [
- 'FooTest.Abc',
- 'FooTest.Xyz',
-
- 'BarTest.TestOne',
- 'BarTest.TestTwo',
- 'BarTest.TestThree',
-
- 'BazTest.TestOne',
- 'BazTest.TestA',
- 'BazTest.TestB',
- ] + DEATH_TESTS + PARAM_TESTS
-
-param_tests_present = None
-
-# Utilities.
-
-environ = os.environ.copy()
-
-
-def SetEnvVar(env_var, value):
- """Sets the env variable to 'value'; unsets it when 'value' is None."""
-
- if value is not None:
- environ[env_var] = value
- elif env_var in environ:
- del environ[env_var]
-
-
-def RunAndReturnOutput(args = None):
- """Runs the test program and returns its output."""
-
- return gtest_test_utils.Subprocess([COMMAND] + (args or []),
- env=environ).output
-
-
-def RunAndExtractTestList(args = None):
- """Runs the test program and returns its exit code and a list of tests run."""
-
- p = gtest_test_utils.Subprocess([COMMAND] + (args or []), env=environ)
- tests_run = []
- test_case = ''
- test = ''
- for line in p.output.split('\n'):
- match = TEST_CASE_REGEX.match(line)
- if match is not None:
- test_case = match.group(1)
- else:
- match = TEST_REGEX.match(line)
- if match is not None:
- test = match.group(1)
- tests_run.append(test_case + '.' + test)
- return (tests_run, p.exit_code)
-
-
-def InvokeWithModifiedEnv(extra_env, function, *args, **kwargs):
- """Runs the given function and arguments in a modified environment."""
- try:
- original_env = environ.copy()
- environ.update(extra_env)
- return function(*args, **kwargs)
- finally:
- environ.clear()
- environ.update(original_env)
-
-
-def RunWithSharding(total_shards, shard_index, command):
- """Runs a test program shard and returns exit code and a list of tests run."""
-
- extra_env = {SHARD_INDEX_ENV_VAR: str(shard_index),
- TOTAL_SHARDS_ENV_VAR: str(total_shards)}
- return InvokeWithModifiedEnv(extra_env, RunAndExtractTestList, command)
-
-# The unit test.
-
-
-class GTestFilterUnitTest(gtest_test_utils.TestCase):
- """Tests the env variable or the command line flag to filter tests."""
-
- # Utilities.
-
- def AssertSetEqual(self, lhs, rhs):
- """Asserts that two sets are equal."""
-
- for elem in lhs:
- self.assert_(elem in rhs, '%s in %s' % (elem, rhs))
-
- for elem in rhs:
- self.assert_(elem in lhs, '%s in %s' % (elem, lhs))
-
- def AssertPartitionIsValid(self, set_var, list_of_sets):
- """Asserts that list_of_sets is a valid partition of set_var."""
-
- full_partition = []
- for slice_var in list_of_sets:
- full_partition.extend(slice_var)
- self.assertEqual(len(set_var), len(full_partition))
- self.assertEqual(sets.Set(set_var), sets.Set(full_partition))
-
- def AdjustForParameterizedTests(self, tests_to_run):
- """Adjust tests_to_run in case value parameterized tests are disabled."""
-
- global param_tests_present
- if not param_tests_present:
- return list(sets.Set(tests_to_run) - sets.Set(PARAM_TESTS))
- else:
- return tests_to_run
-
- def RunAndVerify(self, gtest_filter, tests_to_run):
- """Checks that the binary runs correct set of tests for a given filter."""
-
- tests_to_run = self.AdjustForParameterizedTests(tests_to_run)
-
- # First, tests using the environment variable.
-
- # Windows removes empty variables from the environment when passing it
- # to a new process. This means it is impossible to pass an empty filter
- # into a process using the environment variable. However, we can still
- # test the case when the variable is not supplied (i.e., gtest_filter is
- # None).
- # pylint: disable-msg=C6403
- if CAN_TEST_EMPTY_FILTER or gtest_filter != '':
- SetEnvVar(FILTER_ENV_VAR, gtest_filter)
- tests_run = RunAndExtractTestList()[0]
- SetEnvVar(FILTER_ENV_VAR, None)
- self.AssertSetEqual(tests_run, tests_to_run)
- # pylint: enable-msg=C6403
-
- # Next, tests using the command line flag.
-
- if gtest_filter is None:
- args = []
- else:
- args = ['--%s=%s' % (FILTER_FLAG, gtest_filter)]
-
- tests_run = RunAndExtractTestList(args)[0]
- self.AssertSetEqual(tests_run, tests_to_run)
-
- def RunAndVerifyWithSharding(self, gtest_filter, total_shards, tests_to_run,
- args=None, check_exit_0=False):
- """Checks that binary runs correct tests for the given filter and shard.
-
- Runs all shards of gtest_filter_unittest_ with the given filter, and
- verifies that the right set of tests were run. The union of tests run
- on each shard should be identical to tests_to_run, without duplicates.
-
- Args:
- gtest_filter: A filter to apply to the tests.
- total_shards: A total number of shards to split test run into.
- tests_to_run: A set of tests expected to run.
- args : Arguments to pass to the to the test binary.
- check_exit_0: When set to a true value, make sure that all shards
- return 0.
- """
-
- tests_to_run = self.AdjustForParameterizedTests(tests_to_run)
-
- # Windows removes empty variables from the environment when passing it
- # to a new process. This means it is impossible to pass an empty filter
- # into a process using the environment variable. However, we can still
- # test the case when the variable is not supplied (i.e., gtest_filter is
- # None).
- # pylint: disable-msg=C6403
- if CAN_TEST_EMPTY_FILTER or gtest_filter != '':
- SetEnvVar(FILTER_ENV_VAR, gtest_filter)
- partition = []
- for i in range(0, total_shards):
- (tests_run, exit_code) = RunWithSharding(total_shards, i, args)
- if check_exit_0:
- self.assertEqual(0, exit_code)
- partition.append(tests_run)
-
- self.AssertPartitionIsValid(tests_to_run, partition)
- SetEnvVar(FILTER_ENV_VAR, None)
- # pylint: enable-msg=C6403
-
- def RunAndVerifyAllowingDisabled(self, gtest_filter, tests_to_run):
- """Checks that the binary runs correct set of tests for the given filter.
-
- Runs gtest_filter_unittest_ with the given filter, and enables
- disabled tests. Verifies that the right set of tests were run.
-
- Args:
- gtest_filter: A filter to apply to the tests.
- tests_to_run: A set of tests expected to run.
- """
-
- tests_to_run = self.AdjustForParameterizedTests(tests_to_run)
-
- # Construct the command line.
- args = ['--%s' % ALSO_RUN_DISABED_TESTS_FLAG]
- if gtest_filter is not None:
- args.append('--%s=%s' % (FILTER_FLAG, gtest_filter))
-
- tests_run = RunAndExtractTestList(args)[0]
- self.AssertSetEqual(tests_run, tests_to_run)
-
- def setUp(self):
- """Sets up test case.
-
- Determines whether value-parameterized tests are enabled in the binary and
- sets the flags accordingly.
- """
-
- global param_tests_present
- if param_tests_present is None:
- param_tests_present = PARAM_TEST_REGEX.search(
- RunAndReturnOutput()) is not None
-
- def testDefaultBehavior(self):
- """Tests the behavior of not specifying the filter."""
-
- self.RunAndVerify(None, ACTIVE_TESTS)
-
- def testDefaultBehaviorWithShards(self):
- """Tests the behavior without the filter, with sharding enabled."""
-
- self.RunAndVerifyWithSharding(None, 1, ACTIVE_TESTS)
- self.RunAndVerifyWithSharding(None, 2, ACTIVE_TESTS)
- self.RunAndVerifyWithSharding(None, len(ACTIVE_TESTS) - 1, ACTIVE_TESTS)
- self.RunAndVerifyWithSharding(None, len(ACTIVE_TESTS), ACTIVE_TESTS)
- self.RunAndVerifyWithSharding(None, len(ACTIVE_TESTS) + 1, ACTIVE_TESTS)
-
- def testEmptyFilter(self):
- """Tests an empty filter."""
-
- self.RunAndVerify('', [])
- self.RunAndVerifyWithSharding('', 1, [])
- self.RunAndVerifyWithSharding('', 2, [])
-
- def testBadFilter(self):
- """Tests a filter that matches nothing."""
-
- self.RunAndVerify('BadFilter', [])
- self.RunAndVerifyAllowingDisabled('BadFilter', [])
-
- def testFullName(self):
- """Tests filtering by full name."""
-
- self.RunAndVerify('FooTest.Xyz', ['FooTest.Xyz'])
- self.RunAndVerifyAllowingDisabled('FooTest.Xyz', ['FooTest.Xyz'])
- self.RunAndVerifyWithSharding('FooTest.Xyz', 5, ['FooTest.Xyz'])
-
- def testUniversalFilters(self):
- """Tests filters that match everything."""
-
- self.RunAndVerify('*', ACTIVE_TESTS)
- self.RunAndVerify('*.*', ACTIVE_TESTS)
- self.RunAndVerifyWithSharding('*.*', len(ACTIVE_TESTS) - 3, ACTIVE_TESTS)
- self.RunAndVerifyAllowingDisabled('*', ACTIVE_TESTS + DISABLED_TESTS)
- self.RunAndVerifyAllowingDisabled('*.*', ACTIVE_TESTS + DISABLED_TESTS)
-
- def testFilterByTestCase(self):
- """Tests filtering by test case name."""
-
- self.RunAndVerify('FooTest.*', ['FooTest.Abc', 'FooTest.Xyz'])
-
- BAZ_TESTS = ['BazTest.TestOne', 'BazTest.TestA', 'BazTest.TestB']
- self.RunAndVerify('BazTest.*', BAZ_TESTS)
- self.RunAndVerifyAllowingDisabled('BazTest.*',
- BAZ_TESTS + ['BazTest.DISABLED_TestC'])
-
- def testFilterByTest(self):
- """Tests filtering by test name."""
-
- self.RunAndVerify('*.TestOne', ['BarTest.TestOne', 'BazTest.TestOne'])
-
- def testFilterDisabledTests(self):
- """Select only the disabled tests to run."""
-
- self.RunAndVerify('DISABLED_FoobarTest.Test1', [])
- self.RunAndVerifyAllowingDisabled('DISABLED_FoobarTest.Test1',
- ['DISABLED_FoobarTest.Test1'])
-
- self.RunAndVerify('*DISABLED_*', [])
- self.RunAndVerifyAllowingDisabled('*DISABLED_*', DISABLED_TESTS)
-
- self.RunAndVerify('*.DISABLED_*', [])
- self.RunAndVerifyAllowingDisabled('*.DISABLED_*', [
- 'BarTest.DISABLED_TestFour',
- 'BarTest.DISABLED_TestFive',
- 'BazTest.DISABLED_TestC',
- 'DISABLED_FoobarTest.DISABLED_Test2',
- ])
-
- self.RunAndVerify('DISABLED_*', [])
- self.RunAndVerifyAllowingDisabled('DISABLED_*', [
- 'DISABLED_FoobarTest.Test1',
- 'DISABLED_FoobarTest.DISABLED_Test2',
- 'DISABLED_FoobarbazTest.TestA',
- ])
-
- def testWildcardInTestCaseName(self):
- """Tests using wildcard in the test case name."""
-
- self.RunAndVerify('*a*.*', [
- 'BarTest.TestOne',
- 'BarTest.TestTwo',
- 'BarTest.TestThree',
-
- 'BazTest.TestOne',
- 'BazTest.TestA',
- 'BazTest.TestB', ] + DEATH_TESTS + PARAM_TESTS)
-
- def testWildcardInTestName(self):
- """Tests using wildcard in the test name."""
-
- self.RunAndVerify('*.*A*', ['FooTest.Abc', 'BazTest.TestA'])
-
- def testFilterWithoutDot(self):
- """Tests a filter that has no '.' in it."""
-
- self.RunAndVerify('*z*', [
- 'FooTest.Xyz',
-
- 'BazTest.TestOne',
- 'BazTest.TestA',
- 'BazTest.TestB',
- ])
-
- def testTwoPatterns(self):
- """Tests filters that consist of two patterns."""
-
- self.RunAndVerify('Foo*.*:*A*', [
- 'FooTest.Abc',
- 'FooTest.Xyz',
-
- 'BazTest.TestA',
- ])
-
- # An empty pattern + a non-empty one
- self.RunAndVerify(':*A*', ['FooTest.Abc', 'BazTest.TestA'])
-
- def testThreePatterns(self):
- """Tests filters that consist of three patterns."""
-
- self.RunAndVerify('*oo*:*A*:*One', [
- 'FooTest.Abc',
- 'FooTest.Xyz',
-
- 'BarTest.TestOne',
-
- 'BazTest.TestOne',
- 'BazTest.TestA',
- ])
-
- # The 2nd pattern is empty.
- self.RunAndVerify('*oo*::*One', [
- 'FooTest.Abc',
- 'FooTest.Xyz',
-
- 'BarTest.TestOne',
-
- 'BazTest.TestOne',
- ])
-
- # The last 2 patterns are empty.
- self.RunAndVerify('*oo*::', [
- 'FooTest.Abc',
- 'FooTest.Xyz',
- ])
-
- def testNegativeFilters(self):
- self.RunAndVerify('*-BazTest.TestOne', [
- 'FooTest.Abc',
- 'FooTest.Xyz',
-
- 'BarTest.TestOne',
- 'BarTest.TestTwo',
- 'BarTest.TestThree',
-
- 'BazTest.TestA',
- 'BazTest.TestB',
- ] + DEATH_TESTS + PARAM_TESTS)
-
- self.RunAndVerify('*-FooTest.Abc:BazTest.*', [
- 'FooTest.Xyz',
-
- 'BarTest.TestOne',
- 'BarTest.TestTwo',
- 'BarTest.TestThree',
- ] + DEATH_TESTS + PARAM_TESTS)
-
- self.RunAndVerify('BarTest.*-BarTest.TestOne', [
- 'BarTest.TestTwo',
- 'BarTest.TestThree',
- ])
-
- # Tests without leading '*'.
- self.RunAndVerify('-FooTest.Abc:FooTest.Xyz:BazTest.*', [
- 'BarTest.TestOne',
- 'BarTest.TestTwo',
- 'BarTest.TestThree',
- ] + DEATH_TESTS + PARAM_TESTS)
-
- # Value parameterized tests.
- self.RunAndVerify('*/*', PARAM_TESTS)
-
- # Value parameterized tests filtering by the sequence name.
- self.RunAndVerify('SeqP/*', [
- 'SeqP/ParamTest.TestX/0',
- 'SeqP/ParamTest.TestX/1',
- 'SeqP/ParamTest.TestY/0',
- 'SeqP/ParamTest.TestY/1',
- ])
-
- # Value parameterized tests filtering by the test name.
- self.RunAndVerify('*/0', [
- 'SeqP/ParamTest.TestX/0',
- 'SeqP/ParamTest.TestY/0',
- 'SeqQ/ParamTest.TestX/0',
- 'SeqQ/ParamTest.TestY/0',
- ])
-
- def testFlagOverridesEnvVar(self):
- """Tests that the filter flag overrides the filtering env. variable."""
-
- SetEnvVar(FILTER_ENV_VAR, 'Foo*')
- args = ['--%s=%s' % (FILTER_FLAG, '*One')]
- tests_run = RunAndExtractTestList(args)[0]
- SetEnvVar(FILTER_ENV_VAR, None)
-
- self.AssertSetEqual(tests_run, ['BarTest.TestOne', 'BazTest.TestOne'])
-
- def testShardStatusFileIsCreated(self):
- """Tests that the shard file is created if specified in the environment."""
-
- shard_status_file = os.path.join(gtest_test_utils.GetTempDir(),
- 'shard_status_file')
- self.assert_(not os.path.exists(shard_status_file))
-
- extra_env = {SHARD_STATUS_FILE_ENV_VAR: shard_status_file}
- try:
- InvokeWithModifiedEnv(extra_env, RunAndReturnOutput)
- finally:
- self.assert_(os.path.exists(shard_status_file))
- os.remove(shard_status_file)
-
- def testShardStatusFileIsCreatedWithListTests(self):
- """Tests that the shard file is created with the "list_tests" flag."""
-
- shard_status_file = os.path.join(gtest_test_utils.GetTempDir(),
- 'shard_status_file2')
- self.assert_(not os.path.exists(shard_status_file))
-
- extra_env = {SHARD_STATUS_FILE_ENV_VAR: shard_status_file}
- try:
- output = InvokeWithModifiedEnv(extra_env,
- RunAndReturnOutput,
- [LIST_TESTS_FLAG])
- finally:
- # This assertion ensures that Google Test enumerated the tests as
- # opposed to running them.
- self.assert_('[==========]' not in output,
- 'Unexpected output during test enumeration.\n'
- 'Please ensure that LIST_TESTS_FLAG is assigned the\n'
- 'correct flag value for listing Google Test tests.')
-
- self.assert_(os.path.exists(shard_status_file))
- os.remove(shard_status_file)
-
- if SUPPORTS_DEATH_TESTS:
- def testShardingWorksWithDeathTests(self):
- """Tests integration with death tests and sharding."""
-
- gtest_filter = 'HasDeathTest.*:SeqP/*'
- expected_tests = [
- 'HasDeathTest.Test1',
- 'HasDeathTest.Test2',
-
- 'SeqP/ParamTest.TestX/0',
- 'SeqP/ParamTest.TestX/1',
- 'SeqP/ParamTest.TestY/0',
- 'SeqP/ParamTest.TestY/1',
- ]
-
- for flag in ['--gtest_death_test_style=threadsafe',
- '--gtest_death_test_style=fast']:
- self.RunAndVerifyWithSharding(gtest_filter, 3, expected_tests,
- check_exit_0=True, args=[flag])
- self.RunAndVerifyWithSharding(gtest_filter, 5, expected_tests,
- check_exit_0=True, args=[flag])
-
-if __name__ == '__main__':
- gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_filter_unittest_.cc b/security/nss/gtests/google_test/gtest/test/gtest_filter_unittest_.cc
deleted file mode 100644
index 77deffc38..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_filter_unittest_.cc
+++ /dev/null
@@ -1,140 +0,0 @@
-// Copyright 2005, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
-// Unit test for Google Test test filters.
-//
-// A user can specify which test(s) in a Google Test program to run via
-// either the GTEST_FILTER environment variable or the --gtest_filter
-// flag. This is used for testing such functionality.
-//
-// The program will be invoked from a Python unit test. Don't run it
-// directly.
-
-#include "gtest/gtest.h"
-
-namespace {
-
-// Test case FooTest.
-
-class FooTest : public testing::Test {
-};
-
-TEST_F(FooTest, Abc) {
-}
-
-TEST_F(FooTest, Xyz) {
- FAIL() << "Expected failure.";
-}
-
-// Test case BarTest.
-
-TEST(BarTest, TestOne) {
-}
-
-TEST(BarTest, TestTwo) {
-}
-
-TEST(BarTest, TestThree) {
-}
-
-TEST(BarTest, DISABLED_TestFour) {
- FAIL() << "Expected failure.";
-}
-
-TEST(BarTest, DISABLED_TestFive) {
- FAIL() << "Expected failure.";
-}
-
-// Test case BazTest.
-
-TEST(BazTest, TestOne) {
- FAIL() << "Expected failure.";
-}
-
-TEST(BazTest, TestA) {
-}
-
-TEST(BazTest, TestB) {
-}
-
-TEST(BazTest, DISABLED_TestC) {
- FAIL() << "Expected failure.";
-}
-
-// Test case HasDeathTest
-
-TEST(HasDeathTest, Test1) {
- EXPECT_DEATH_IF_SUPPORTED(exit(1), ".*");
-}
-
-// We need at least two death tests to make sure that the all death tests
-// aren't on the first shard.
-TEST(HasDeathTest, Test2) {
- EXPECT_DEATH_IF_SUPPORTED(exit(1), ".*");
-}
-
-// Test case FoobarTest
-
-TEST(DISABLED_FoobarTest, Test1) {
- FAIL() << "Expected failure.";
-}
-
-TEST(DISABLED_FoobarTest, DISABLED_Test2) {
- FAIL() << "Expected failure.";
-}
-
-// Test case FoobarbazTest
-
-TEST(DISABLED_FoobarbazTest, TestA) {
- FAIL() << "Expected failure.";
-}
-
-#if GTEST_HAS_PARAM_TEST
-class ParamTest : public testing::TestWithParam<int> {
-};
-
-TEST_P(ParamTest, TestX) {
-}
-
-TEST_P(ParamTest, TestY) {
-}
-
-INSTANTIATE_TEST_CASE_P(SeqP, ParamTest, testing::Values(1, 2));
-INSTANTIATE_TEST_CASE_P(SeqQ, ParamTest, testing::Values(5, 6));
-#endif // GTEST_HAS_PARAM_TEST
-
-} // namespace
-
-int main(int argc, char **argv) {
- ::testing::InitGoogleTest(&argc, argv);
-
- return RUN_ALL_TESTS();
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_help_test.py b/security/nss/gtests/google_test/gtest/test/gtest_help_test.py
index 093c838d9..582d24c2d 100755
--- a/security/nss/gtests/google_test/gtest/test/gtest_help_test.py
+++ b/security/nss/gtests/google_test/gtest/test/gtest_help_test.py
@@ -29,7 +29,7 @@
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-"""Tests the --help flag of Google C++ Testing Framework.
+"""Tests the --help flag of Google C++ Testing and Mocking Framework.
SYNOPSIS
gtest_help_test.py --build_dir=BUILD/DIR
@@ -37,8 +37,6 @@ SYNOPSIS
gtest_help_test.py
"""
-__author__ = 'wan@google.com (Zhanyong Wan)'
-
import os
import re
import gtest_test_utils
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_help_test_.cc b/security/nss/gtests/google_test/gtest/test/gtest_help_test_.cc
index 31f78c244..750ae6ce9 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_help_test_.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_help_test_.cc
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
// This program is meant to be run by gtest_help_test.py. Do not run
// it directly.
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_json_test_utils.py b/security/nss/gtests/google_test/gtest/test/gtest_json_test_utils.py
new file mode 100644
index 000000000..62bbfc288
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/gtest_json_test_utils.py
@@ -0,0 +1,60 @@
+# Copyright 2018, Google Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+"""Unit test utilities for gtest_json_output."""
+
+import re
+
+
+def normalize(obj):
+ """Normalize output object.
+
+ Args:
+ obj: Google Test's JSON output object to normalize.
+
+ Returns:
+ Normalized output without any references to transient information that may
+ change from run to run.
+ """
+ def _normalize(key, value):
+ if key == 'time':
+ return re.sub(r'^\d+(\.\d+)?s$', '*', value)
+ elif key == 'timestamp':
+ return re.sub(r'^\d{4}-\d\d-\d\dT\d\d:\d\d:\d\dZ$', '*', value)
+ elif key == 'failure':
+ value = re.sub(r'^.*[/\\](.*:)\d+\n', '\\1*\n', value)
+ return re.sub(r'Stack trace:\n(.|\n)*', 'Stack trace:\n*', value)
+ else:
+ return normalize(value)
+ if isinstance(obj, dict):
+ return {k: _normalize(k, v) for k, v in obj.items()}
+ if isinstance(obj, list):
+ return [normalize(x) for x in obj]
+ else:
+ return obj
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_list_output_unittest.py b/security/nss/gtests/google_test/gtest/test/gtest_list_output_unittest.py
new file mode 100644
index 000000000..3bba7ea2c
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/gtest_list_output_unittest.py
@@ -0,0 +1,141 @@
+#!/usr/bin/env python
+#
+# Copyright 2006, Google Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+"""Unit test for Google Test's --gtest_list_tests flag.
+
+A user can ask Google Test to list all tests by specifying the
+--gtest_list_tests flag. If output is requested, via --gtest_output=xml
+or --gtest_output=json, the tests are listed, with extra information in the
+output file.
+This script tests such functionality by invoking gtest_list_output_unittest_
+ (a program written with Google Test) the command line flags.
+"""
+
+import os
+import re
+import gtest_test_utils
+
+GTEST_LIST_TESTS_FLAG = '--gtest_list_tests'
+GTEST_OUTPUT_FLAG = '--gtest_output'
+
+EXPECTED_XML = """<\?xml version="1.0" encoding="UTF-8"\?>
+<testsuites tests="2" name="AllTests">
+ <testsuite name="FooTest" tests="2">
+ <testcase name="Test1" file=".*gtest_list_output_unittest_.cc" line="43" />
+ <testcase name="Test2" file=".*gtest_list_output_unittest_.cc" line="45" />
+ </testsuite>
+</testsuites>
+"""
+
+EXPECTED_JSON = """{
+ "tests": 2,
+ "name": "AllTests",
+ "testsuites": \[
+ {
+ "name": "FooTest",
+ "tests": 2,
+ "testsuite": \[
+ {
+ "name": "Test1",
+ "file": ".*gtest_list_output_unittest_.cc",
+ "line": 43
+ },
+ {
+ "name": "Test2",
+ "file": ".*gtest_list_output_unittest_.cc",
+ "line": 45
+ }
+ \]
+ }
+ \]
+}
+"""
+
+
+class GTestListTestsOutputUnitTest(gtest_test_utils.TestCase):
+ """Unit test for Google Test's list tests with output to file functionality.
+ """
+
+ def testXml(self):
+ """Verifies XML output for listing tests in a Google Test binary.
+
+ Runs a test program that generates an empty XML output, and
+ tests that the XML output is expected.
+ """
+ self._TestOutput('xml', EXPECTED_XML)
+
+ def testJSON(self):
+ """Verifies XML output for listing tests in a Google Test binary.
+
+ Runs a test program that generates an empty XML output, and
+ tests that the XML output is expected.
+ """
+ self._TestOutput('json', EXPECTED_JSON)
+
+ def _GetOutput(self, out_format):
+ file_path = os.path.join(gtest_test_utils.GetTempDir(),
+ 'test_out.' + out_format)
+ gtest_prog_path = gtest_test_utils.GetTestExecutablePath(
+ 'gtest_list_output_unittest_')
+
+ command = ([
+ gtest_prog_path,
+ '%s=%s:%s' % (GTEST_OUTPUT_FLAG, out_format, file_path),
+ '--gtest_list_tests'
+ ])
+ environ_copy = os.environ.copy()
+ p = gtest_test_utils.Subprocess(
+ command, env=environ_copy, working_dir=gtest_test_utils.GetTempDir())
+
+ self.assert_(p.exited)
+ self.assertEquals(0, p.exit_code)
+ with open(file_path) as f:
+ result = f.read()
+ return result
+
+ def _TestOutput(self, test_format, expected_output):
+ actual = self._GetOutput(test_format)
+ actual_lines = actual.splitlines()
+ expected_lines = expected_output.splitlines()
+ line_count = 0
+ for actual_line in actual_lines:
+ expected_line = expected_lines[line_count]
+ expected_line_re = re.compile(expected_line.strip())
+ self.assert_(
+ expected_line_re.match(actual_line.strip()),
+ ('actual output of "%s",\n'
+ 'which does not match expected regex of "%s"\n'
+ 'on line %d' % (actual, expected_output, line_count)))
+ line_count = line_count + 1
+
+
+if __name__ == '__main__':
+ os.environ['GTEST_STACK_TRACE_DEPTH'] = '1'
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_list_output_unittest_.cc b/security/nss/gtests/google_test/gtest/test/gtest_list_output_unittest_.cc
new file mode 100644
index 000000000..b1c7b4de3
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/gtest_list_output_unittest_.cc
@@ -0,0 +1,51 @@
+// Copyright 2018, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Author: david.schuldenfrei@gmail.com (David Schuldenfrei)
+
+// Unit test for Google Test's --gtest_list_tests and --gtest_output flag.
+//
+// A user can ask Google Test to list all tests that will run,
+// and have the output saved in a Json/Xml file.
+// The tests will not be run after listing.
+//
+// This program will be invoked from a Python unit test.
+// Don't run it directly.
+
+#include "gtest/gtest.h"
+
+TEST(FooTest, Test1) {}
+
+TEST(FooTest, Test2) {}
+
+int main(int argc, char **argv) {
+ ::testing::InitGoogleTest(&argc, argv);
+
+ return RUN_ALL_TESTS();
+}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_list_tests_unittest.py b/security/nss/gtests/google_test/gtest/test/gtest_list_tests_unittest.py
deleted file mode 100755
index 925b09d9c..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_list_tests_unittest.py
+++ /dev/null
@@ -1,207 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2006, Google Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-# * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-"""Unit test for Google Test's --gtest_list_tests flag.
-
-A user can ask Google Test to list all tests by specifying the
---gtest_list_tests flag. This script tests such functionality
-by invoking gtest_list_tests_unittest_ (a program written with
-Google Test) the command line flags.
-"""
-
-__author__ = 'phanna@google.com (Patrick Hanna)'
-
-import gtest_test_utils
-import re
-
-
-# Constants.
-
-# The command line flag for enabling/disabling listing all tests.
-LIST_TESTS_FLAG = 'gtest_list_tests'
-
-# Path to the gtest_list_tests_unittest_ program.
-EXE_PATH = gtest_test_utils.GetTestExecutablePath('gtest_list_tests_unittest_')
-
-# The expected output when running gtest_list_tests_unittest_ with
-# --gtest_list_tests
-EXPECTED_OUTPUT_NO_FILTER_RE = re.compile(r"""FooDeathTest\.
- Test1
-Foo\.
- Bar1
- Bar2
- DISABLED_Bar3
-Abc\.
- Xyz
- Def
-FooBar\.
- Baz
-FooTest\.
- Test1
- DISABLED_Test2
- Test3
-TypedTest/0\. # TypeParam = (VeryLo{245}|class VeryLo{239})\.\.\.
- TestA
- TestB
-TypedTest/1\. # TypeParam = int\s*\*
- TestA
- TestB
-TypedTest/2\. # TypeParam = .*MyArray<bool,\s*42>
- TestA
- TestB
-My/TypeParamTest/0\. # TypeParam = (VeryLo{245}|class VeryLo{239})\.\.\.
- TestA
- TestB
-My/TypeParamTest/1\. # TypeParam = int\s*\*
- TestA
- TestB
-My/TypeParamTest/2\. # TypeParam = .*MyArray<bool,\s*42>
- TestA
- TestB
-MyInstantiation/ValueParamTest\.
- TestA/0 # GetParam\(\) = one line
- TestA/1 # GetParam\(\) = two\\nlines
- TestA/2 # GetParam\(\) = a very\\nlo{241}\.\.\.
- TestB/0 # GetParam\(\) = one line
- TestB/1 # GetParam\(\) = two\\nlines
- TestB/2 # GetParam\(\) = a very\\nlo{241}\.\.\.
-""")
-
-# The expected output when running gtest_list_tests_unittest_ with
-# --gtest_list_tests and --gtest_filter=Foo*.
-EXPECTED_OUTPUT_FILTER_FOO_RE = re.compile(r"""FooDeathTest\.
- Test1
-Foo\.
- Bar1
- Bar2
- DISABLED_Bar3
-FooBar\.
- Baz
-FooTest\.
- Test1
- DISABLED_Test2
- Test3
-""")
-
-# Utilities.
-
-
-def Run(args):
- """Runs gtest_list_tests_unittest_ and returns the list of tests printed."""
-
- return gtest_test_utils.Subprocess([EXE_PATH] + args,
- capture_stderr=False).output
-
-
-# The unit test.
-
-class GTestListTestsUnitTest(gtest_test_utils.TestCase):
- """Tests using the --gtest_list_tests flag to list all tests."""
-
- def RunAndVerify(self, flag_value, expected_output_re, other_flag):
- """Runs gtest_list_tests_unittest_ and verifies that it prints
- the correct tests.
-
- Args:
- flag_value: value of the --gtest_list_tests flag;
- None if the flag should not be present.
- expected_output_re: regular expression that matches the expected
- output after running command;
- other_flag: a different flag to be passed to command
- along with gtest_list_tests;
- None if the flag should not be present.
- """
-
- if flag_value is None:
- flag = ''
- flag_expression = 'not set'
- elif flag_value == '0':
- flag = '--%s=0' % LIST_TESTS_FLAG
- flag_expression = '0'
- else:
- flag = '--%s' % LIST_TESTS_FLAG
- flag_expression = '1'
-
- args = [flag]
-
- if other_flag is not None:
- args += [other_flag]
-
- output = Run(args)
-
- if expected_output_re:
- self.assert_(
- expected_output_re.match(output),
- ('when %s is %s, the output of "%s" is "%s",\n'
- 'which does not match regex "%s"' %
- (LIST_TESTS_FLAG, flag_expression, ' '.join(args), output,
- expected_output_re.pattern)))
- else:
- self.assert_(
- not EXPECTED_OUTPUT_NO_FILTER_RE.match(output),
- ('when %s is %s, the output of "%s" is "%s"'%
- (LIST_TESTS_FLAG, flag_expression, ' '.join(args), output)))
-
- def testDefaultBehavior(self):
- """Tests the behavior of the default mode."""
-
- self.RunAndVerify(flag_value=None,
- expected_output_re=None,
- other_flag=None)
-
- def testFlag(self):
- """Tests using the --gtest_list_tests flag."""
-
- self.RunAndVerify(flag_value='0',
- expected_output_re=None,
- other_flag=None)
- self.RunAndVerify(flag_value='1',
- expected_output_re=EXPECTED_OUTPUT_NO_FILTER_RE,
- other_flag=None)
-
- def testOverrideNonFilterFlags(self):
- """Tests that --gtest_list_tests overrides the non-filter flags."""
-
- self.RunAndVerify(flag_value='1',
- expected_output_re=EXPECTED_OUTPUT_NO_FILTER_RE,
- other_flag='--gtest_break_on_failure')
-
- def testWithFilterFlags(self):
- """Tests that --gtest_list_tests takes into account the
- --gtest_filter flag."""
-
- self.RunAndVerify(flag_value='1',
- expected_output_re=EXPECTED_OUTPUT_FILTER_FOO_RE,
- other_flag='--gtest_filter=Foo*')
-
-
-if __name__ == '__main__':
- gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_list_tests_unittest_.cc b/security/nss/gtests/google_test/gtest/test/gtest_list_tests_unittest_.cc
deleted file mode 100644
index 907c176ba..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_list_tests_unittest_.cc
+++ /dev/null
@@ -1,157 +0,0 @@
-// Copyright 2006, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: phanna@google.com (Patrick Hanna)
-
-// Unit test for Google Test's --gtest_list_tests flag.
-//
-// A user can ask Google Test to list all tests that will run
-// so that when using a filter, a user will know what
-// tests to look for. The tests will not be run after listing.
-//
-// This program will be invoked from a Python unit test.
-// Don't run it directly.
-
-#include "gtest/gtest.h"
-
-// Several different test cases and tests that will be listed.
-TEST(Foo, Bar1) {
-}
-
-TEST(Foo, Bar2) {
-}
-
-TEST(Foo, DISABLED_Bar3) {
-}
-
-TEST(Abc, Xyz) {
-}
-
-TEST(Abc, Def) {
-}
-
-TEST(FooBar, Baz) {
-}
-
-class FooTest : public testing::Test {
-};
-
-TEST_F(FooTest, Test1) {
-}
-
-TEST_F(FooTest, DISABLED_Test2) {
-}
-
-TEST_F(FooTest, Test3) {
-}
-
-TEST(FooDeathTest, Test1) {
-}
-
-// A group of value-parameterized tests.
-
-class MyType {
- public:
- explicit MyType(const std::string& a_value) : value_(a_value) {}
-
- const std::string& value() const { return value_; }
-
- private:
- std::string value_;
-};
-
-// Teaches Google Test how to print a MyType.
-void PrintTo(const MyType& x, std::ostream* os) {
- *os << x.value();
-}
-
-class ValueParamTest : public testing::TestWithParam<MyType> {
-};
-
-TEST_P(ValueParamTest, TestA) {
-}
-
-TEST_P(ValueParamTest, TestB) {
-}
-
-INSTANTIATE_TEST_CASE_P(
- MyInstantiation, ValueParamTest,
- testing::Values(MyType("one line"),
- MyType("two\nlines"),
- MyType("a very\nloooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong line"))); // NOLINT
-
-// A group of typed tests.
-
-// A deliberately long type name for testing the line-truncating
-// behavior when printing a type parameter.
-class VeryLoooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooogName { // NOLINT
-};
-
-template <typename T>
-class TypedTest : public testing::Test {
-};
-
-template <typename T, int kSize>
-class MyArray {
-};
-
-typedef testing::Types<VeryLoooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooogName, // NOLINT
- int*, MyArray<bool, 42> > MyTypes;
-
-TYPED_TEST_CASE(TypedTest, MyTypes);
-
-TYPED_TEST(TypedTest, TestA) {
-}
-
-TYPED_TEST(TypedTest, TestB) {
-}
-
-// A group of type-parameterized tests.
-
-template <typename T>
-class TypeParamTest : public testing::Test {
-};
-
-TYPED_TEST_CASE_P(TypeParamTest);
-
-TYPED_TEST_P(TypeParamTest, TestA) {
-}
-
-TYPED_TEST_P(TypeParamTest, TestB) {
-}
-
-REGISTER_TYPED_TEST_CASE_P(TypeParamTest, TestA, TestB);
-
-INSTANTIATE_TYPED_TEST_CASE_P(My, TypeParamTest, MyTypes);
-
-int main(int argc, char **argv) {
- ::testing::InitGoogleTest(&argc, argv);
-
- return RUN_ALL_TESTS();
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_main_unittest.cc b/security/nss/gtests/google_test/gtest/test/gtest_main_unittest.cc
index ecd9bb876..eddedeabe 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_main_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_main_unittest.cc
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
#include "gtest/gtest.h"
@@ -41,5 +40,5 @@ TEST(GTestMainTest, ShouldSucceed) {
} // namespace
-// We are using the main() function defined in src/gtest_main.cc, so
-// we don't define it here.
+// We are using the main() function defined in gtest_main.cc, so we
+// don't define it here.
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_no_test_unittest.cc b/security/nss/gtests/google_test/gtest/test/gtest_no_test_unittest.cc
index 292599af8..d4f88dbfd 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_no_test_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_no_test_unittest.cc
@@ -29,8 +29,6 @@
// Tests that a Google Test program that has no test defined can run
// successfully.
-//
-// Author: wan@google.com (Zhanyong Wan)
#include "gtest/gtest.h"
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_output_test.py b/security/nss/gtests/google_test/gtest/test/gtest_output_test.py
deleted file mode 100755
index fa1a31172..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_output_test.py
+++ /dev/null
@@ -1,335 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2008, Google Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-# * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-"""Tests the text output of Google C++ Testing Framework.
-
-SYNOPSIS
- gtest_output_test.py --build_dir=BUILD/DIR --gengolden
- # where BUILD/DIR contains the built gtest_output_test_ file.
- gtest_output_test.py --gengolden
- gtest_output_test.py
-"""
-
-__author__ = 'wan@google.com (Zhanyong Wan)'
-
-import os
-import re
-import sys
-import gtest_test_utils
-
-
-# The flag for generating the golden file
-GENGOLDEN_FLAG = '--gengolden'
-CATCH_EXCEPTIONS_ENV_VAR_NAME = 'GTEST_CATCH_EXCEPTIONS'
-
-IS_WINDOWS = os.name == 'nt'
-
-# TODO(vladl@google.com): remove the _lin suffix.
-GOLDEN_NAME = 'gtest_output_test_golden_lin.txt'
-
-PROGRAM_PATH = gtest_test_utils.GetTestExecutablePath('gtest_output_test_')
-
-# At least one command we exercise must not have the
-# --gtest_internal_skip_environment_and_ad_hoc_tests flag.
-COMMAND_LIST_TESTS = ({}, [PROGRAM_PATH, '--gtest_list_tests'])
-COMMAND_WITH_COLOR = ({}, [PROGRAM_PATH, '--gtest_color=yes'])
-COMMAND_WITH_TIME = ({}, [PROGRAM_PATH,
- '--gtest_print_time',
- '--gtest_internal_skip_environment_and_ad_hoc_tests',
- '--gtest_filter=FatalFailureTest.*:LoggingTest.*'])
-COMMAND_WITH_DISABLED = (
- {}, [PROGRAM_PATH,
- '--gtest_also_run_disabled_tests',
- '--gtest_internal_skip_environment_and_ad_hoc_tests',
- '--gtest_filter=*DISABLED_*'])
-COMMAND_WITH_SHARDING = (
- {'GTEST_SHARD_INDEX': '1', 'GTEST_TOTAL_SHARDS': '2'},
- [PROGRAM_PATH,
- '--gtest_internal_skip_environment_and_ad_hoc_tests',
- '--gtest_filter=PassingTest.*'])
-
-GOLDEN_PATH = os.path.join(gtest_test_utils.GetSourceDir(), GOLDEN_NAME)
-
-
-def ToUnixLineEnding(s):
- """Changes all Windows/Mac line endings in s to UNIX line endings."""
-
- return s.replace('\r\n', '\n').replace('\r', '\n')
-
-
-def RemoveLocations(test_output):
- """Removes all file location info from a Google Test program's output.
-
- Args:
- test_output: the output of a Google Test program.
-
- Returns:
- output with all file location info (in the form of
- 'DIRECTORY/FILE_NAME:LINE_NUMBER: 'or
- 'DIRECTORY\\FILE_NAME(LINE_NUMBER): ') replaced by
- 'FILE_NAME:#: '.
- """
-
- return re.sub(r'.*[/\\](.+)(\:\d+|\(\d+\))\: ', r'\1:#: ', test_output)
-
-
-def RemoveStackTraceDetails(output):
- """Removes all stack traces from a Google Test program's output."""
-
- # *? means "find the shortest string that matches".
- return re.sub(r'Stack trace:(.|\n)*?\n\n',
- 'Stack trace: (omitted)\n\n', output)
-
-
-def RemoveStackTraces(output):
- """Removes all traces of stack traces from a Google Test program's output."""
-
- # *? means "find the shortest string that matches".
- return re.sub(r'Stack trace:(.|\n)*?\n\n', '', output)
-
-
-def RemoveTime(output):
- """Removes all time information from a Google Test program's output."""
-
- return re.sub(r'\(\d+ ms', '(? ms', output)
-
-
-def RemoveTypeInfoDetails(test_output):
- """Removes compiler-specific type info from Google Test program's output.
-
- Args:
- test_output: the output of a Google Test program.
-
- Returns:
- output with type information normalized to canonical form.
- """
-
- # some compilers output the name of type 'unsigned int' as 'unsigned'
- return re.sub(r'unsigned int', 'unsigned', test_output)
-
-
-def NormalizeToCurrentPlatform(test_output):
- """Normalizes platform specific output details for easier comparison."""
-
- if IS_WINDOWS:
- # Removes the color information that is not present on Windows.
- test_output = re.sub('\x1b\\[(0;3\d)?m', '', test_output)
- # Changes failure message headers into the Windows format.
- test_output = re.sub(r': Failure\n', r': error: ', test_output)
- # Changes file(line_number) to file:line_number.
- test_output = re.sub(r'((\w|\.)+)\((\d+)\):', r'\1:\3:', test_output)
-
- return test_output
-
-
-def RemoveTestCounts(output):
- """Removes test counts from a Google Test program's output."""
-
- output = re.sub(r'\d+ tests?, listed below',
- '? tests, listed below', output)
- output = re.sub(r'\d+ FAILED TESTS',
- '? FAILED TESTS', output)
- output = re.sub(r'\d+ tests? from \d+ test cases?',
- '? tests from ? test cases', output)
- output = re.sub(r'\d+ tests? from ([a-zA-Z_])',
- r'? tests from \1', output)
- return re.sub(r'\d+ tests?\.', '? tests.', output)
-
-
-def RemoveMatchingTests(test_output, pattern):
- """Removes output of specified tests from a Google Test program's output.
-
- This function strips not only the beginning and the end of a test but also
- all output in between.
-
- Args:
- test_output: A string containing the test output.
- pattern: A regex string that matches names of test cases or
- tests to remove.
-
- Returns:
- Contents of test_output with tests whose names match pattern removed.
- """
-
- test_output = re.sub(
- r'.*\[ RUN \] .*%s(.|\n)*?\[( FAILED | OK )\] .*%s.*\n' % (
- pattern, pattern),
- '',
- test_output)
- return re.sub(r'.*%s.*\n' % pattern, '', test_output)
-
-
-def NormalizeOutput(output):
- """Normalizes output (the output of gtest_output_test_.exe)."""
-
- output = ToUnixLineEnding(output)
- output = RemoveLocations(output)
- output = RemoveStackTraceDetails(output)
- output = RemoveTime(output)
- return output
-
-
-def GetShellCommandOutput(env_cmd):
- """Runs a command in a sub-process, and returns its output in a string.
-
- Args:
- env_cmd: The shell command. A 2-tuple where element 0 is a dict of extra
- environment variables to set, and element 1 is a string with
- the command and any flags.
-
- Returns:
- A string with the command's combined standard and diagnostic output.
- """
-
- # Spawns cmd in a sub-process, and gets its standard I/O file objects.
- # Set and save the environment properly.
- environ = os.environ.copy()
- environ.update(env_cmd[0])
- p = gtest_test_utils.Subprocess(env_cmd[1], env=environ)
-
- return p.output
-
-
-def GetCommandOutput(env_cmd):
- """Runs a command and returns its output with all file location
- info stripped off.
-
- Args:
- env_cmd: The shell command. A 2-tuple where element 0 is a dict of extra
- environment variables to set, and element 1 is a string with
- the command and any flags.
- """
-
- # Disables exception pop-ups on Windows.
- environ, cmdline = env_cmd
- environ = dict(environ) # Ensures we are modifying a copy.
- environ[CATCH_EXCEPTIONS_ENV_VAR_NAME] = '1'
- return NormalizeOutput(GetShellCommandOutput((environ, cmdline)))
-
-
-def GetOutputOfAllCommands():
- """Returns concatenated output from several representative commands."""
-
- return (GetCommandOutput(COMMAND_WITH_COLOR) +
- GetCommandOutput(COMMAND_WITH_TIME) +
- GetCommandOutput(COMMAND_WITH_DISABLED) +
- GetCommandOutput(COMMAND_WITH_SHARDING))
-
-
-test_list = GetShellCommandOutput(COMMAND_LIST_TESTS)
-SUPPORTS_DEATH_TESTS = 'DeathTest' in test_list
-SUPPORTS_TYPED_TESTS = 'TypedTest' in test_list
-SUPPORTS_THREADS = 'ExpectFailureWithThreadsTest' in test_list
-SUPPORTS_STACK_TRACES = False
-
-CAN_GENERATE_GOLDEN_FILE = (SUPPORTS_DEATH_TESTS and
- SUPPORTS_TYPED_TESTS and
- SUPPORTS_THREADS and
- not IS_WINDOWS)
-
-class GTestOutputTest(gtest_test_utils.TestCase):
- def RemoveUnsupportedTests(self, test_output):
- if not SUPPORTS_DEATH_TESTS:
- test_output = RemoveMatchingTests(test_output, 'DeathTest')
- if not SUPPORTS_TYPED_TESTS:
- test_output = RemoveMatchingTests(test_output, 'TypedTest')
- test_output = RemoveMatchingTests(test_output, 'TypedDeathTest')
- test_output = RemoveMatchingTests(test_output, 'TypeParamDeathTest')
- if not SUPPORTS_THREADS:
- test_output = RemoveMatchingTests(test_output,
- 'ExpectFailureWithThreadsTest')
- test_output = RemoveMatchingTests(test_output,
- 'ScopedFakeTestPartResultReporterTest')
- test_output = RemoveMatchingTests(test_output,
- 'WorksConcurrently')
- if not SUPPORTS_STACK_TRACES:
- test_output = RemoveStackTraces(test_output)
-
- return test_output
-
- def testOutput(self):
- output = GetOutputOfAllCommands()
-
- golden_file = open(GOLDEN_PATH, 'rb')
- # A mis-configured source control system can cause \r appear in EOL
- # sequences when we read the golden file irrespective of an operating
- # system used. Therefore, we need to strip those \r's from newlines
- # unconditionally.
- golden = ToUnixLineEnding(golden_file.read())
- golden_file.close()
-
- # We want the test to pass regardless of certain features being
- # supported or not.
-
- # We still have to remove type name specifics in all cases.
- normalized_actual = RemoveTypeInfoDetails(output)
- normalized_golden = RemoveTypeInfoDetails(golden)
-
- if CAN_GENERATE_GOLDEN_FILE:
- self.assertEqual(normalized_golden, normalized_actual)
- else:
- normalized_actual = NormalizeToCurrentPlatform(
- RemoveTestCounts(normalized_actual))
- normalized_golden = NormalizeToCurrentPlatform(
- RemoveTestCounts(self.RemoveUnsupportedTests(normalized_golden)))
-
- # This code is very handy when debugging golden file differences:
- if os.getenv('DEBUG_GTEST_OUTPUT_TEST'):
- open(os.path.join(
- gtest_test_utils.GetSourceDir(),
- '_gtest_output_test_normalized_actual.txt'), 'wb').write(
- normalized_actual)
- open(os.path.join(
- gtest_test_utils.GetSourceDir(),
- '_gtest_output_test_normalized_golden.txt'), 'wb').write(
- normalized_golden)
-
- self.assertEqual(normalized_golden, normalized_actual)
-
-
-if __name__ == '__main__':
- if sys.argv[1:] == [GENGOLDEN_FLAG]:
- if CAN_GENERATE_GOLDEN_FILE:
- output = GetOutputOfAllCommands()
- golden_file = open(GOLDEN_PATH, 'wb')
- golden_file.write(output)
- golden_file.close()
- else:
- message = (
- """Unable to write a golden file when compiled in an environment
-that does not support all the required features (death tests, typed tests,
-and multiple threads). Please generate the golden file using a binary built
-with those features enabled.""")
-
- sys.stderr.write(message)
- sys.exit(1)
- else:
- gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_output_test_.cc b/security/nss/gtests/google_test/gtest/test/gtest_output_test_.cc
deleted file mode 100644
index 5361d8d87..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_output_test_.cc
+++ /dev/null
@@ -1,1039 +0,0 @@
-// Copyright 2005, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// The purpose of this file is to generate Google Test output under
-// various conditions. The output will then be verified by
-// gtest_output_test.py to ensure that Google Test generates the
-// desired messages. Therefore, most tests in this file are MEANT TO
-// FAIL.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
-#include "gtest/gtest-spi.h"
-#include "gtest/gtest.h"
-
-// Indicates that this translation unit is part of Google Test's
-// implementation. It must come before gtest-internal-inl.h is
-// included, or there will be a compiler error. This trick is to
-// prevent a user from accidentally including gtest-internal-inl.h in
-// his code.
-#define GTEST_IMPLEMENTATION_ 1
-#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
-
-#include <stdlib.h>
-
-#if GTEST_IS_THREADSAFE
-using testing::ScopedFakeTestPartResultReporter;
-using testing::TestPartResultArray;
-
-using testing::internal::Notification;
-using testing::internal::ThreadWithParam;
-#endif
-
-namespace posix = ::testing::internal::posix;
-using testing::internal::scoped_ptr;
-
-// Tests catching fatal failures.
-
-// A subroutine used by the following test.
-void TestEq1(int x) {
- ASSERT_EQ(1, x);
-}
-
-// This function calls a test subroutine, catches the fatal failure it
-// generates, and then returns early.
-void TryTestSubroutine() {
- // Calls a subrountine that yields a fatal failure.
- TestEq1(2);
-
- // Catches the fatal failure and aborts the test.
- //
- // The testing::Test:: prefix is necessary when calling
- // HasFatalFailure() outside of a TEST, TEST_F, or test fixture.
- if (testing::Test::HasFatalFailure()) return;
-
- // If we get here, something is wrong.
- FAIL() << "This should never be reached.";
-}
-
-TEST(PassingTest, PassingTest1) {
-}
-
-TEST(PassingTest, PassingTest2) {
-}
-
-// Tests that parameters of failing parameterized tests are printed in the
-// failing test summary.
-class FailingParamTest : public testing::TestWithParam<int> {};
-
-TEST_P(FailingParamTest, Fails) {
- EXPECT_EQ(1, GetParam());
-}
-
-// This generates a test which will fail. Google Test is expected to print
-// its parameter when it outputs the list of all failed tests.
-INSTANTIATE_TEST_CASE_P(PrintingFailingParams,
- FailingParamTest,
- testing::Values(2));
-
-static const char kGoldenString[] = "\"Line\0 1\"\nLine 2";
-
-TEST(NonfatalFailureTest, EscapesStringOperands) {
- std::string actual = "actual \"string\"";
- EXPECT_EQ(kGoldenString, actual);
-
- const char* golden = kGoldenString;
- EXPECT_EQ(golden, actual);
-}
-
-TEST(NonfatalFailureTest, DiffForLongStrings) {
- std::string golden_str(kGoldenString, sizeof(kGoldenString) - 1);
- EXPECT_EQ(golden_str, "Line 2");
-}
-
-// Tests catching a fatal failure in a subroutine.
-TEST(FatalFailureTest, FatalFailureInSubroutine) {
- printf("(expecting a failure that x should be 1)\n");
-
- TryTestSubroutine();
-}
-
-// Tests catching a fatal failure in a nested subroutine.
-TEST(FatalFailureTest, FatalFailureInNestedSubroutine) {
- printf("(expecting a failure that x should be 1)\n");
-
- // Calls a subrountine that yields a fatal failure.
- TryTestSubroutine();
-
- // Catches the fatal failure and aborts the test.
- //
- // When calling HasFatalFailure() inside a TEST, TEST_F, or test
- // fixture, the testing::Test:: prefix is not needed.
- if (HasFatalFailure()) return;
-
- // If we get here, something is wrong.
- FAIL() << "This should never be reached.";
-}
-
-// Tests HasFatalFailure() after a failed EXPECT check.
-TEST(FatalFailureTest, NonfatalFailureInSubroutine) {
- printf("(expecting a failure on false)\n");
- EXPECT_TRUE(false); // Generates a nonfatal failure
- ASSERT_FALSE(HasFatalFailure()); // This should succeed.
-}
-
-// Tests interleaving user logging and Google Test assertions.
-TEST(LoggingTest, InterleavingLoggingAndAssertions) {
- static const int a[4] = {
- 3, 9, 2, 6
- };
-
- printf("(expecting 2 failures on (3) >= (a[i]))\n");
- for (int i = 0; i < static_cast<int>(sizeof(a)/sizeof(*a)); i++) {
- printf("i == %d\n", i);
- EXPECT_GE(3, a[i]);
- }
-}
-
-// Tests the SCOPED_TRACE macro.
-
-// A helper function for testing SCOPED_TRACE.
-void SubWithoutTrace(int n) {
- EXPECT_EQ(1, n);
- ASSERT_EQ(2, n);
-}
-
-// Another helper function for testing SCOPED_TRACE.
-void SubWithTrace(int n) {
- SCOPED_TRACE(testing::Message() << "n = " << n);
-
- SubWithoutTrace(n);
-}
-
-// Tests that SCOPED_TRACE() obeys lexical scopes.
-TEST(SCOPED_TRACETest, ObeysScopes) {
- printf("(expected to fail)\n");
-
- // There should be no trace before SCOPED_TRACE() is invoked.
- ADD_FAILURE() << "This failure is expected, and shouldn't have a trace.";
-
- {
- SCOPED_TRACE("Expected trace");
- // After SCOPED_TRACE(), a failure in the current scope should contain
- // the trace.
- ADD_FAILURE() << "This failure is expected, and should have a trace.";
- }
-
- // Once the control leaves the scope of the SCOPED_TRACE(), there
- // should be no trace again.
- ADD_FAILURE() << "This failure is expected, and shouldn't have a trace.";
-}
-
-// Tests that SCOPED_TRACE works inside a loop.
-TEST(SCOPED_TRACETest, WorksInLoop) {
- printf("(expected to fail)\n");
-
- for (int i = 1; i <= 2; i++) {
- SCOPED_TRACE(testing::Message() << "i = " << i);
-
- SubWithoutTrace(i);
- }
-}
-
-// Tests that SCOPED_TRACE works in a subroutine.
-TEST(SCOPED_TRACETest, WorksInSubroutine) {
- printf("(expected to fail)\n");
-
- SubWithTrace(1);
- SubWithTrace(2);
-}
-
-// Tests that SCOPED_TRACE can be nested.
-TEST(SCOPED_TRACETest, CanBeNested) {
- printf("(expected to fail)\n");
-
- SCOPED_TRACE(""); // A trace without a message.
-
- SubWithTrace(2);
-}
-
-// Tests that multiple SCOPED_TRACEs can be used in the same scope.
-TEST(SCOPED_TRACETest, CanBeRepeated) {
- printf("(expected to fail)\n");
-
- SCOPED_TRACE("A");
- ADD_FAILURE()
- << "This failure is expected, and should contain trace point A.";
-
- SCOPED_TRACE("B");
- ADD_FAILURE()
- << "This failure is expected, and should contain trace point A and B.";
-
- {
- SCOPED_TRACE("C");
- ADD_FAILURE() << "This failure is expected, and should "
- << "contain trace point A, B, and C.";
- }
-
- SCOPED_TRACE("D");
- ADD_FAILURE() << "This failure is expected, and should "
- << "contain trace point A, B, and D.";
-}
-
-#if GTEST_IS_THREADSAFE
-// Tests that SCOPED_TRACE()s can be used concurrently from multiple
-// threads. Namely, an assertion should be affected by
-// SCOPED_TRACE()s in its own thread only.
-
-// Here's the sequence of actions that happen in the test:
-//
-// Thread A (main) | Thread B (spawned)
-// ===============================|================================
-// spawns thread B |
-// -------------------------------+--------------------------------
-// waits for n1 | SCOPED_TRACE("Trace B");
-// | generates failure #1
-// | notifies n1
-// -------------------------------+--------------------------------
-// SCOPED_TRACE("Trace A"); | waits for n2
-// generates failure #2 |
-// notifies n2 |
-// -------------------------------|--------------------------------
-// waits for n3 | generates failure #3
-// | trace B dies
-// | generates failure #4
-// | notifies n3
-// -------------------------------|--------------------------------
-// generates failure #5 | finishes
-// trace A dies |
-// generates failure #6 |
-// -------------------------------|--------------------------------
-// waits for thread B to finish |
-
-struct CheckPoints {
- Notification n1;
- Notification n2;
- Notification n3;
-};
-
-static void ThreadWithScopedTrace(CheckPoints* check_points) {
- {
- SCOPED_TRACE("Trace B");
- ADD_FAILURE()
- << "Expected failure #1 (in thread B, only trace B alive).";
- check_points->n1.Notify();
- check_points->n2.WaitForNotification();
-
- ADD_FAILURE()
- << "Expected failure #3 (in thread B, trace A & B both alive).";
- } // Trace B dies here.
- ADD_FAILURE()
- << "Expected failure #4 (in thread B, only trace A alive).";
- check_points->n3.Notify();
-}
-
-TEST(SCOPED_TRACETest, WorksConcurrently) {
- printf("(expecting 6 failures)\n");
-
- CheckPoints check_points;
- ThreadWithParam<CheckPoints*> thread(&ThreadWithScopedTrace,
- &check_points,
- NULL);
- check_points.n1.WaitForNotification();
-
- {
- SCOPED_TRACE("Trace A");
- ADD_FAILURE()
- << "Expected failure #2 (in thread A, trace A & B both alive).";
- check_points.n2.Notify();
- check_points.n3.WaitForNotification();
-
- ADD_FAILURE()
- << "Expected failure #5 (in thread A, only trace A alive).";
- } // Trace A dies here.
- ADD_FAILURE()
- << "Expected failure #6 (in thread A, no trace alive).";
- thread.Join();
-}
-#endif // GTEST_IS_THREADSAFE
-
-TEST(DisabledTestsWarningTest,
- DISABLED_AlsoRunDisabledTestsFlagSuppressesWarning) {
- // This test body is intentionally empty. Its sole purpose is for
- // verifying that the --gtest_also_run_disabled_tests flag
- // suppresses the "YOU HAVE 12 DISABLED TESTS" warning at the end of
- // the test output.
-}
-
-// Tests using assertions outside of TEST and TEST_F.
-//
-// This function creates two failures intentionally.
-void AdHocTest() {
- printf("The non-test part of the code is expected to have 2 failures.\n\n");
- EXPECT_TRUE(false);
- EXPECT_EQ(2, 3);
-}
-
-// Runs all TESTs, all TEST_Fs, and the ad hoc test.
-int RunAllTests() {
- AdHocTest();
- return RUN_ALL_TESTS();
-}
-
-// Tests non-fatal failures in the fixture constructor.
-class NonFatalFailureInFixtureConstructorTest : public testing::Test {
- protected:
- NonFatalFailureInFixtureConstructorTest() {
- printf("(expecting 5 failures)\n");
- ADD_FAILURE() << "Expected failure #1, in the test fixture c'tor.";
- }
-
- ~NonFatalFailureInFixtureConstructorTest() {
- ADD_FAILURE() << "Expected failure #5, in the test fixture d'tor.";
- }
-
- virtual void SetUp() {
- ADD_FAILURE() << "Expected failure #2, in SetUp().";
- }
-
- virtual void TearDown() {
- ADD_FAILURE() << "Expected failure #4, in TearDown.";
- }
-};
-
-TEST_F(NonFatalFailureInFixtureConstructorTest, FailureInConstructor) {
- ADD_FAILURE() << "Expected failure #3, in the test body.";
-}
-
-// Tests fatal failures in the fixture constructor.
-class FatalFailureInFixtureConstructorTest : public testing::Test {
- protected:
- FatalFailureInFixtureConstructorTest() {
- printf("(expecting 2 failures)\n");
- Init();
- }
-
- ~FatalFailureInFixtureConstructorTest() {
- ADD_FAILURE() << "Expected failure #2, in the test fixture d'tor.";
- }
-
- virtual void SetUp() {
- ADD_FAILURE() << "UNEXPECTED failure in SetUp(). "
- << "We should never get here, as the test fixture c'tor "
- << "had a fatal failure.";
- }
-
- virtual void TearDown() {
- ADD_FAILURE() << "UNEXPECTED failure in TearDown(). "
- << "We should never get here, as the test fixture c'tor "
- << "had a fatal failure.";
- }
-
- private:
- void Init() {
- FAIL() << "Expected failure #1, in the test fixture c'tor.";
- }
-};
-
-TEST_F(FatalFailureInFixtureConstructorTest, FailureInConstructor) {
- ADD_FAILURE() << "UNEXPECTED failure in the test body. "
- << "We should never get here, as the test fixture c'tor "
- << "had a fatal failure.";
-}
-
-// Tests non-fatal failures in SetUp().
-class NonFatalFailureInSetUpTest : public testing::Test {
- protected:
- virtual ~NonFatalFailureInSetUpTest() {
- Deinit();
- }
-
- virtual void SetUp() {
- printf("(expecting 4 failures)\n");
- ADD_FAILURE() << "Expected failure #1, in SetUp().";
- }
-
- virtual void TearDown() {
- FAIL() << "Expected failure #3, in TearDown().";
- }
- private:
- void Deinit() {
- FAIL() << "Expected failure #4, in the test fixture d'tor.";
- }
-};
-
-TEST_F(NonFatalFailureInSetUpTest, FailureInSetUp) {
- FAIL() << "Expected failure #2, in the test function.";
-}
-
-// Tests fatal failures in SetUp().
-class FatalFailureInSetUpTest : public testing::Test {
- protected:
- virtual ~FatalFailureInSetUpTest() {
- Deinit();
- }
-
- virtual void SetUp() {
- printf("(expecting 3 failures)\n");
- FAIL() << "Expected failure #1, in SetUp().";
- }
-
- virtual void TearDown() {
- FAIL() << "Expected failure #2, in TearDown().";
- }
- private:
- void Deinit() {
- FAIL() << "Expected failure #3, in the test fixture d'tor.";
- }
-};
-
-TEST_F(FatalFailureInSetUpTest, FailureInSetUp) {
- FAIL() << "UNEXPECTED failure in the test function. "
- << "We should never get here, as SetUp() failed.";
-}
-
-TEST(AddFailureAtTest, MessageContainsSpecifiedFileAndLineNumber) {
- ADD_FAILURE_AT("foo.cc", 42) << "Expected failure in foo.cc";
-}
-
-#if GTEST_IS_THREADSAFE
-
-// A unary function that may die.
-void DieIf(bool should_die) {
- GTEST_CHECK_(!should_die) << " - death inside DieIf().";
-}
-
-// Tests running death tests in a multi-threaded context.
-
-// Used for coordination between the main and the spawn thread.
-struct SpawnThreadNotifications {
- SpawnThreadNotifications() {}
-
- Notification spawn_thread_started;
- Notification spawn_thread_ok_to_terminate;
-
- private:
- GTEST_DISALLOW_COPY_AND_ASSIGN_(SpawnThreadNotifications);
-};
-
-// The function to be executed in the thread spawn by the
-// MultipleThreads test (below).
-static void ThreadRoutine(SpawnThreadNotifications* notifications) {
- // Signals the main thread that this thread has started.
- notifications->spawn_thread_started.Notify();
-
- // Waits for permission to finish from the main thread.
- notifications->spawn_thread_ok_to_terminate.WaitForNotification();
-}
-
-// This is a death-test test, but it's not named with a DeathTest
-// suffix. It starts threads which might interfere with later
-// death tests, so it must run after all other death tests.
-class DeathTestAndMultiThreadsTest : public testing::Test {
- protected:
- // Starts a thread and waits for it to begin.
- virtual void SetUp() {
- thread_.reset(new ThreadWithParam<SpawnThreadNotifications*>(
- &ThreadRoutine, ¬ifications_, NULL));
- notifications_.spawn_thread_started.WaitForNotification();
- }
- // Tells the thread to finish, and reaps it.
- // Depending on the version of the thread library in use,
- // a manager thread might still be left running that will interfere
- // with later death tests. This is unfortunate, but this class
- // cleans up after itself as best it can.
- virtual void TearDown() {
- notifications_.spawn_thread_ok_to_terminate.Notify();
- }
-
- private:
- SpawnThreadNotifications notifications_;
- scoped_ptr<ThreadWithParam<SpawnThreadNotifications*> > thread_;
-};
-
-#endif // GTEST_IS_THREADSAFE
-
-// The MixedUpTestCaseTest test case verifies that Google Test will fail a
-// test if it uses a different fixture class than what other tests in
-// the same test case use. It deliberately contains two fixture
-// classes with the same name but defined in different namespaces.
-
-// The MixedUpTestCaseWithSameTestNameTest test case verifies that
-// when the user defines two tests with the same test case name AND
-// same test name (but in different namespaces), the second test will
-// fail.
-
-namespace foo {
-
-class MixedUpTestCaseTest : public testing::Test {
-};
-
-TEST_F(MixedUpTestCaseTest, FirstTestFromNamespaceFoo) {}
-TEST_F(MixedUpTestCaseTest, SecondTestFromNamespaceFoo) {}
-
-class MixedUpTestCaseWithSameTestNameTest : public testing::Test {
-};
-
-TEST_F(MixedUpTestCaseWithSameTestNameTest,
- TheSecondTestWithThisNameShouldFail) {}
-
-} // namespace foo
-
-namespace bar {
-
-class MixedUpTestCaseTest : public testing::Test {
-};
-
-// The following two tests are expected to fail. We rely on the
-// golden file to check that Google Test generates the right error message.
-TEST_F(MixedUpTestCaseTest, ThisShouldFail) {}
-TEST_F(MixedUpTestCaseTest, ThisShouldFailToo) {}
-
-class MixedUpTestCaseWithSameTestNameTest : public testing::Test {
-};
-
-// Expected to fail. We rely on the golden file to check that Google Test
-// generates the right error message.
-TEST_F(MixedUpTestCaseWithSameTestNameTest,
- TheSecondTestWithThisNameShouldFail) {}
-
-} // namespace bar
-
-// The following two test cases verify that Google Test catches the user
-// error of mixing TEST and TEST_F in the same test case. The first
-// test case checks the scenario where TEST_F appears before TEST, and
-// the second one checks where TEST appears before TEST_F.
-
-class TEST_F_before_TEST_in_same_test_case : public testing::Test {
-};
-
-TEST_F(TEST_F_before_TEST_in_same_test_case, DefinedUsingTEST_F) {}
-
-// Expected to fail. We rely on the golden file to check that Google Test
-// generates the right error message.
-TEST(TEST_F_before_TEST_in_same_test_case, DefinedUsingTESTAndShouldFail) {}
-
-class TEST_before_TEST_F_in_same_test_case : public testing::Test {
-};
-
-TEST(TEST_before_TEST_F_in_same_test_case, DefinedUsingTEST) {}
-
-// Expected to fail. We rely on the golden file to check that Google Test
-// generates the right error message.
-TEST_F(TEST_before_TEST_F_in_same_test_case, DefinedUsingTEST_FAndShouldFail) {
-}
-
-// Used for testing EXPECT_NONFATAL_FAILURE() and EXPECT_FATAL_FAILURE().
-int global_integer = 0;
-
-// Tests that EXPECT_NONFATAL_FAILURE() can reference global variables.
-TEST(ExpectNonfatalFailureTest, CanReferenceGlobalVariables) {
- global_integer = 0;
- EXPECT_NONFATAL_FAILURE({
- EXPECT_EQ(1, global_integer) << "Expected non-fatal failure.";
- }, "Expected non-fatal failure.");
-}
-
-// Tests that EXPECT_NONFATAL_FAILURE() can reference local variables
-// (static or not).
-TEST(ExpectNonfatalFailureTest, CanReferenceLocalVariables) {
- int m = 0;
- static int n;
- n = 1;
- EXPECT_NONFATAL_FAILURE({
- EXPECT_EQ(m, n) << "Expected non-fatal failure.";
- }, "Expected non-fatal failure.");
-}
-
-// Tests that EXPECT_NONFATAL_FAILURE() succeeds when there is exactly
-// one non-fatal failure and no fatal failure.
-TEST(ExpectNonfatalFailureTest, SucceedsWhenThereIsOneNonfatalFailure) {
- EXPECT_NONFATAL_FAILURE({
- ADD_FAILURE() << "Expected non-fatal failure.";
- }, "Expected non-fatal failure.");
-}
-
-// Tests that EXPECT_NONFATAL_FAILURE() fails when there is no
-// non-fatal failure.
-TEST(ExpectNonfatalFailureTest, FailsWhenThereIsNoNonfatalFailure) {
- printf("(expecting a failure)\n");
- EXPECT_NONFATAL_FAILURE({
- }, "");
-}
-
-// Tests that EXPECT_NONFATAL_FAILURE() fails when there are two
-// non-fatal failures.
-TEST(ExpectNonfatalFailureTest, FailsWhenThereAreTwoNonfatalFailures) {
- printf("(expecting a failure)\n");
- EXPECT_NONFATAL_FAILURE({
- ADD_FAILURE() << "Expected non-fatal failure 1.";
- ADD_FAILURE() << "Expected non-fatal failure 2.";
- }, "");
-}
-
-// Tests that EXPECT_NONFATAL_FAILURE() fails when there is one fatal
-// failure.
-TEST(ExpectNonfatalFailureTest, FailsWhenThereIsOneFatalFailure) {
- printf("(expecting a failure)\n");
- EXPECT_NONFATAL_FAILURE({
- FAIL() << "Expected fatal failure.";
- }, "");
-}
-
-// Tests that EXPECT_NONFATAL_FAILURE() fails when the statement being
-// tested returns.
-TEST(ExpectNonfatalFailureTest, FailsWhenStatementReturns) {
- printf("(expecting a failure)\n");
- EXPECT_NONFATAL_FAILURE({
- return;
- }, "");
-}
-
-#if GTEST_HAS_EXCEPTIONS
-
-// Tests that EXPECT_NONFATAL_FAILURE() fails when the statement being
-// tested throws.
-TEST(ExpectNonfatalFailureTest, FailsWhenStatementThrows) {
- printf("(expecting a failure)\n");
- try {
- EXPECT_NONFATAL_FAILURE({
- throw 0;
- }, "");
- } catch(int) { // NOLINT
- }
-}
-
-#endif // GTEST_HAS_EXCEPTIONS
-
-// Tests that EXPECT_FATAL_FAILURE() can reference global variables.
-TEST(ExpectFatalFailureTest, CanReferenceGlobalVariables) {
- global_integer = 0;
- EXPECT_FATAL_FAILURE({
- ASSERT_EQ(1, global_integer) << "Expected fatal failure.";
- }, "Expected fatal failure.");
-}
-
-// Tests that EXPECT_FATAL_FAILURE() can reference local static
-// variables.
-TEST(ExpectFatalFailureTest, CanReferenceLocalStaticVariables) {
- static int n;
- n = 1;
- EXPECT_FATAL_FAILURE({
- ASSERT_EQ(0, n) << "Expected fatal failure.";
- }, "Expected fatal failure.");
-}
-
-// Tests that EXPECT_FATAL_FAILURE() succeeds when there is exactly
-// one fatal failure and no non-fatal failure.
-TEST(ExpectFatalFailureTest, SucceedsWhenThereIsOneFatalFailure) {
- EXPECT_FATAL_FAILURE({
- FAIL() << "Expected fatal failure.";
- }, "Expected fatal failure.");
-}
-
-// Tests that EXPECT_FATAL_FAILURE() fails when there is no fatal
-// failure.
-TEST(ExpectFatalFailureTest, FailsWhenThereIsNoFatalFailure) {
- printf("(expecting a failure)\n");
- EXPECT_FATAL_FAILURE({
- }, "");
-}
-
-// A helper for generating a fatal failure.
-void FatalFailure() {
- FAIL() << "Expected fatal failure.";
-}
-
-// Tests that EXPECT_FATAL_FAILURE() fails when there are two
-// fatal failures.
-TEST(ExpectFatalFailureTest, FailsWhenThereAreTwoFatalFailures) {
- printf("(expecting a failure)\n");
- EXPECT_FATAL_FAILURE({
- FatalFailure();
- FatalFailure();
- }, "");
-}
-
-// Tests that EXPECT_FATAL_FAILURE() fails when there is one non-fatal
-// failure.
-TEST(ExpectFatalFailureTest, FailsWhenThereIsOneNonfatalFailure) {
- printf("(expecting a failure)\n");
- EXPECT_FATAL_FAILURE({
- ADD_FAILURE() << "Expected non-fatal failure.";
- }, "");
-}
-
-// Tests that EXPECT_FATAL_FAILURE() fails when the statement being
-// tested returns.
-TEST(ExpectFatalFailureTest, FailsWhenStatementReturns) {
- printf("(expecting a failure)\n");
- EXPECT_FATAL_FAILURE({
- return;
- }, "");
-}
-
-#if GTEST_HAS_EXCEPTIONS
-
-// Tests that EXPECT_FATAL_FAILURE() fails when the statement being
-// tested throws.
-TEST(ExpectFatalFailureTest, FailsWhenStatementThrows) {
- printf("(expecting a failure)\n");
- try {
- EXPECT_FATAL_FAILURE({
- throw 0;
- }, "");
- } catch(int) { // NOLINT
- }
-}
-
-#endif // GTEST_HAS_EXCEPTIONS
-
-// This #ifdef block tests the output of typed tests.
-#if GTEST_HAS_TYPED_TEST
-
-template <typename T>
-class TypedTest : public testing::Test {
-};
-
-TYPED_TEST_CASE(TypedTest, testing::Types<int>);
-
-TYPED_TEST(TypedTest, Success) {
- EXPECT_EQ(0, TypeParam());
-}
-
-TYPED_TEST(TypedTest, Failure) {
- EXPECT_EQ(1, TypeParam()) << "Expected failure";
-}
-
-#endif // GTEST_HAS_TYPED_TEST
-
-// This #ifdef block tests the output of type-parameterized tests.
-#if GTEST_HAS_TYPED_TEST_P
-
-template <typename T>
-class TypedTestP : public testing::Test {
-};
-
-TYPED_TEST_CASE_P(TypedTestP);
-
-TYPED_TEST_P(TypedTestP, Success) {
- EXPECT_EQ(0U, TypeParam());
-}
-
-TYPED_TEST_P(TypedTestP, Failure) {
- EXPECT_EQ(1U, TypeParam()) << "Expected failure";
-}
-
-REGISTER_TYPED_TEST_CASE_P(TypedTestP, Success, Failure);
-
-typedef testing::Types<unsigned char, unsigned int> UnsignedTypes;
-INSTANTIATE_TYPED_TEST_CASE_P(Unsigned, TypedTestP, UnsignedTypes);
-
-#endif // GTEST_HAS_TYPED_TEST_P
-
-#if GTEST_HAS_DEATH_TEST
-
-// We rely on the golden file to verify that tests whose test case
-// name ends with DeathTest are run first.
-
-TEST(ADeathTest, ShouldRunFirst) {
-}
-
-# if GTEST_HAS_TYPED_TEST
-
-// We rely on the golden file to verify that typed tests whose test
-// case name ends with DeathTest are run first.
-
-template <typename T>
-class ATypedDeathTest : public testing::Test {
-};
-
-typedef testing::Types<int, double> NumericTypes;
-TYPED_TEST_CASE(ATypedDeathTest, NumericTypes);
-
-TYPED_TEST(ATypedDeathTest, ShouldRunFirst) {
-}
-
-# endif // GTEST_HAS_TYPED_TEST
-
-# if GTEST_HAS_TYPED_TEST_P
-
-
-// We rely on the golden file to verify that type-parameterized tests
-// whose test case name ends with DeathTest are run first.
-
-template <typename T>
-class ATypeParamDeathTest : public testing::Test {
-};
-
-TYPED_TEST_CASE_P(ATypeParamDeathTest);
-
-TYPED_TEST_P(ATypeParamDeathTest, ShouldRunFirst) {
-}
-
-REGISTER_TYPED_TEST_CASE_P(ATypeParamDeathTest, ShouldRunFirst);
-
-INSTANTIATE_TYPED_TEST_CASE_P(My, ATypeParamDeathTest, NumericTypes);
-
-# endif // GTEST_HAS_TYPED_TEST_P
-
-#endif // GTEST_HAS_DEATH_TEST
-
-// Tests various failure conditions of
-// EXPECT_{,NON}FATAL_FAILURE{,_ON_ALL_THREADS}.
-class ExpectFailureTest : public testing::Test {
- public: // Must be public and not protected due to a bug in g++ 3.4.2.
- enum FailureMode {
- FATAL_FAILURE,
- NONFATAL_FAILURE
- };
- static void AddFailure(FailureMode failure) {
- if (failure == FATAL_FAILURE) {
- FAIL() << "Expected fatal failure.";
- } else {
- ADD_FAILURE() << "Expected non-fatal failure.";
- }
- }
-};
-
-TEST_F(ExpectFailureTest, ExpectFatalFailure) {
- // Expected fatal failure, but succeeds.
- printf("(expecting 1 failure)\n");
- EXPECT_FATAL_FAILURE(SUCCEED(), "Expected fatal failure.");
- // Expected fatal failure, but got a non-fatal failure.
- printf("(expecting 1 failure)\n");
- EXPECT_FATAL_FAILURE(AddFailure(NONFATAL_FAILURE), "Expected non-fatal "
- "failure.");
- // Wrong message.
- printf("(expecting 1 failure)\n");
- EXPECT_FATAL_FAILURE(AddFailure(FATAL_FAILURE), "Some other fatal failure "
- "expected.");
-}
-
-TEST_F(ExpectFailureTest, ExpectNonFatalFailure) {
- // Expected non-fatal failure, but succeeds.
- printf("(expecting 1 failure)\n");
- EXPECT_NONFATAL_FAILURE(SUCCEED(), "Expected non-fatal failure.");
- // Expected non-fatal failure, but got a fatal failure.
- printf("(expecting 1 failure)\n");
- EXPECT_NONFATAL_FAILURE(AddFailure(FATAL_FAILURE), "Expected fatal failure.");
- // Wrong message.
- printf("(expecting 1 failure)\n");
- EXPECT_NONFATAL_FAILURE(AddFailure(NONFATAL_FAILURE), "Some other non-fatal "
- "failure.");
-}
-
-#if GTEST_IS_THREADSAFE
-
-class ExpectFailureWithThreadsTest : public ExpectFailureTest {
- protected:
- static void AddFailureInOtherThread(FailureMode failure) {
- ThreadWithParam<FailureMode> thread(&AddFailure, failure, NULL);
- thread.Join();
- }
-};
-
-TEST_F(ExpectFailureWithThreadsTest, ExpectFatalFailure) {
- // We only intercept the current thread.
- printf("(expecting 2 failures)\n");
- EXPECT_FATAL_FAILURE(AddFailureInOtherThread(FATAL_FAILURE),
- "Expected fatal failure.");
-}
-
-TEST_F(ExpectFailureWithThreadsTest, ExpectNonFatalFailure) {
- // We only intercept the current thread.
- printf("(expecting 2 failures)\n");
- EXPECT_NONFATAL_FAILURE(AddFailureInOtherThread(NONFATAL_FAILURE),
- "Expected non-fatal failure.");
-}
-
-typedef ExpectFailureWithThreadsTest ScopedFakeTestPartResultReporterTest;
-
-// Tests that the ScopedFakeTestPartResultReporter only catches failures from
-// the current thread if it is instantiated with INTERCEPT_ONLY_CURRENT_THREAD.
-TEST_F(ScopedFakeTestPartResultReporterTest, InterceptOnlyCurrentThread) {
- printf("(expecting 2 failures)\n");
- TestPartResultArray results;
- {
- ScopedFakeTestPartResultReporter reporter(
- ScopedFakeTestPartResultReporter::INTERCEPT_ONLY_CURRENT_THREAD,
- &results);
- AddFailureInOtherThread(FATAL_FAILURE);
- AddFailureInOtherThread(NONFATAL_FAILURE);
- }
- // The two failures should not have been intercepted.
- EXPECT_EQ(0, results.size()) << "This shouldn't fail.";
-}
-
-#endif // GTEST_IS_THREADSAFE
-
-TEST_F(ExpectFailureTest, ExpectFatalFailureOnAllThreads) {
- // Expected fatal failure, but succeeds.
- printf("(expecting 1 failure)\n");
- EXPECT_FATAL_FAILURE_ON_ALL_THREADS(SUCCEED(), "Expected fatal failure.");
- // Expected fatal failure, but got a non-fatal failure.
- printf("(expecting 1 failure)\n");
- EXPECT_FATAL_FAILURE_ON_ALL_THREADS(AddFailure(NONFATAL_FAILURE),
- "Expected non-fatal failure.");
- // Wrong message.
- printf("(expecting 1 failure)\n");
- EXPECT_FATAL_FAILURE_ON_ALL_THREADS(AddFailure(FATAL_FAILURE),
- "Some other fatal failure expected.");
-}
-
-TEST_F(ExpectFailureTest, ExpectNonFatalFailureOnAllThreads) {
- // Expected non-fatal failure, but succeeds.
- printf("(expecting 1 failure)\n");
- EXPECT_NONFATAL_FAILURE_ON_ALL_THREADS(SUCCEED(), "Expected non-fatal "
- "failure.");
- // Expected non-fatal failure, but got a fatal failure.
- printf("(expecting 1 failure)\n");
- EXPECT_NONFATAL_FAILURE_ON_ALL_THREADS(AddFailure(FATAL_FAILURE),
- "Expected fatal failure.");
- // Wrong message.
- printf("(expecting 1 failure)\n");
- EXPECT_NONFATAL_FAILURE_ON_ALL_THREADS(AddFailure(NONFATAL_FAILURE),
- "Some other non-fatal failure.");
-}
-
-
-// Two test environments for testing testing::AddGlobalTestEnvironment().
-
-class FooEnvironment : public testing::Environment {
- public:
- virtual void SetUp() {
- printf("%s", "FooEnvironment::SetUp() called.\n");
- }
-
- virtual void TearDown() {
- printf("%s", "FooEnvironment::TearDown() called.\n");
- FAIL() << "Expected fatal failure.";
- }
-};
-
-class BarEnvironment : public testing::Environment {
- public:
- virtual void SetUp() {
- printf("%s", "BarEnvironment::SetUp() called.\n");
- }
-
- virtual void TearDown() {
- printf("%s", "BarEnvironment::TearDown() called.\n");
- ADD_FAILURE() << "Expected non-fatal failure.";
- }
-};
-
-bool GTEST_FLAG(internal_skip_environment_and_ad_hoc_tests) = false;
-
-// The main function.
-//
-// The idea is to use Google Test to run all the tests we have defined (some
-// of them are intended to fail), and then compare the test results
-// with the "golden" file.
-int main(int argc, char **argv) {
- testing::GTEST_FLAG(print_time) = false;
-
- // We just run the tests, knowing some of them are intended to fail.
- // We will use a separate Python script to compare the output of
- // this program with the golden file.
-
- // It's hard to test InitGoogleTest() directly, as it has many
- // global side effects. The following line serves as a sanity test
- // for it.
- testing::InitGoogleTest(&argc, argv);
- if (argc >= 2 &&
- (std::string(argv[1]) ==
- "--gtest_internal_skip_environment_and_ad_hoc_tests"))
- GTEST_FLAG(internal_skip_environment_and_ad_hoc_tests) = true;
-
-#if GTEST_HAS_DEATH_TEST
- if (testing::internal::GTEST_FLAG(internal_run_death_test) != "") {
- // Skip the usual output capturing if we're running as the child
- // process of an threadsafe-style death test.
-# if GTEST_OS_WINDOWS
- posix::FReopen("nul:", "w", stdout);
-# else
- posix::FReopen("/dev/null", "w", stdout);
-# endif // GTEST_OS_WINDOWS
- return RUN_ALL_TESTS();
- }
-#endif // GTEST_HAS_DEATH_TEST
-
- if (GTEST_FLAG(internal_skip_environment_and_ad_hoc_tests))
- return RUN_ALL_TESTS();
-
- // Registers two global test environments.
- // The golden file verifies that they are set up in the order they
- // are registered, and torn down in the reverse order.
- testing::AddGlobalTestEnvironment(new FooEnvironment);
- testing::AddGlobalTestEnvironment(new BarEnvironment);
-
- return RunAllTests();
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_output_test_golden_lin.txt b/security/nss/gtests/google_test/gtest/test/gtest_output_test_golden_lin.txt
deleted file mode 100644
index da541700e..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_output_test_golden_lin.txt
+++ /dev/null
@@ -1,732 +0,0 @@
-The non-test part of the code is expected to have 2 failures.
-
-gtest_output_test_.cc:#: Failure
-Value of: false
- Actual: false
-Expected: true
-gtest_output_test_.cc:#: Failure
-Value of: 3
-Expected: 2
-�[0;32m[==========] �[mRunning 64 tests from 28 test cases.
-�[0;32m[----------] �[mGlobal test environment set-up.
-FooEnvironment::SetUp() called.
-BarEnvironment::SetUp() called.
-�[0;32m[----------] �[m1 test from ADeathTest
-�[0;32m[ RUN ] �[mADeathTest.ShouldRunFirst
-�[0;32m[ OK ] �[mADeathTest.ShouldRunFirst
-�[0;32m[----------] �[m1 test from ATypedDeathTest/0, where TypeParam = int
-�[0;32m[ RUN ] �[mATypedDeathTest/0.ShouldRunFirst
-�[0;32m[ OK ] �[mATypedDeathTest/0.ShouldRunFirst
-�[0;32m[----------] �[m1 test from ATypedDeathTest/1, where TypeParam = double
-�[0;32m[ RUN ] �[mATypedDeathTest/1.ShouldRunFirst
-�[0;32m[ OK ] �[mATypedDeathTest/1.ShouldRunFirst
-�[0;32m[----------] �[m1 test from My/ATypeParamDeathTest/0, where TypeParam = int
-�[0;32m[ RUN ] �[mMy/ATypeParamDeathTest/0.ShouldRunFirst
-�[0;32m[ OK ] �[mMy/ATypeParamDeathTest/0.ShouldRunFirst
-�[0;32m[----------] �[m1 test from My/ATypeParamDeathTest/1, where TypeParam = double
-�[0;32m[ RUN ] �[mMy/ATypeParamDeathTest/1.ShouldRunFirst
-�[0;32m[ OK ] �[mMy/ATypeParamDeathTest/1.ShouldRunFirst
-�[0;32m[----------] �[m2 tests from PassingTest
-�[0;32m[ RUN ] �[mPassingTest.PassingTest1
-�[0;32m[ OK ] �[mPassingTest.PassingTest1
-�[0;32m[ RUN ] �[mPassingTest.PassingTest2
-�[0;32m[ OK ] �[mPassingTest.PassingTest2
-�[0;32m[----------] �[m2 tests from NonfatalFailureTest
-�[0;32m[ RUN ] �[mNonfatalFailureTest.EscapesStringOperands
-gtest_output_test_.cc:#: Failure
-Value of: actual
- Actual: "actual \"string\""
-Expected: kGoldenString
-Which is: "\"Line"
-gtest_output_test_.cc:#: Failure
-Value of: actual
- Actual: "actual \"string\""
-Expected: golden
-Which is: "\"Line"
-�[0;31m[ FAILED ] �[mNonfatalFailureTest.EscapesStringOperands
-�[0;32m[ RUN ] �[mNonfatalFailureTest.DiffForLongStrings
-gtest_output_test_.cc:#: Failure
-Value of: "Line 2"
-Expected: golden_str
-Which is: "\"Line\0 1\"\nLine 2"
-With diff:
-@@ -1,2 @@
--\"Line\0 1\"
- Line 2
-
-�[0;31m[ FAILED ] �[mNonfatalFailureTest.DiffForLongStrings
-�[0;32m[----------] �[m3 tests from FatalFailureTest
-�[0;32m[ RUN ] �[mFatalFailureTest.FatalFailureInSubroutine
-(expecting a failure that x should be 1)
-gtest_output_test_.cc:#: Failure
-Value of: x
- Actual: 2
-Expected: 1
-�[0;31m[ FAILED ] �[mFatalFailureTest.FatalFailureInSubroutine
-�[0;32m[ RUN ] �[mFatalFailureTest.FatalFailureInNestedSubroutine
-(expecting a failure that x should be 1)
-gtest_output_test_.cc:#: Failure
-Value of: x
- Actual: 2
-Expected: 1
-�[0;31m[ FAILED ] �[mFatalFailureTest.FatalFailureInNestedSubroutine
-�[0;32m[ RUN ] �[mFatalFailureTest.NonfatalFailureInSubroutine
-(expecting a failure on false)
-gtest_output_test_.cc:#: Failure
-Value of: false
- Actual: false
-Expected: true
-�[0;31m[ FAILED ] �[mFatalFailureTest.NonfatalFailureInSubroutine
-�[0;32m[----------] �[m1 test from LoggingTest
-�[0;32m[ RUN ] �[mLoggingTest.InterleavingLoggingAndAssertions
-(expecting 2 failures on (3) >= (a[i]))
-i == 0
-i == 1
-gtest_output_test_.cc:#: Failure
-Expected: (3) >= (a[i]), actual: 3 vs 9
-i == 2
-i == 3
-gtest_output_test_.cc:#: Failure
-Expected: (3) >= (a[i]), actual: 3 vs 6
-�[0;31m[ FAILED ] �[mLoggingTest.InterleavingLoggingAndAssertions
-�[0;32m[----------] �[m6 tests from SCOPED_TRACETest
-�[0;32m[ RUN ] �[mSCOPED_TRACETest.ObeysScopes
-(expected to fail)
-gtest_output_test_.cc:#: Failure
-Failed
-This failure is expected, and shouldn't have a trace.
-gtest_output_test_.cc:#: Failure
-Failed
-This failure is expected, and should have a trace.
-Google Test trace:
-gtest_output_test_.cc:#: Expected trace
-gtest_output_test_.cc:#: Failure
-Failed
-This failure is expected, and shouldn't have a trace.
-�[0;31m[ FAILED ] �[mSCOPED_TRACETest.ObeysScopes
-�[0;32m[ RUN ] �[mSCOPED_TRACETest.WorksInLoop
-(expected to fail)
-gtest_output_test_.cc:#: Failure
-Value of: n
- Actual: 1
-Expected: 2
-Google Test trace:
-gtest_output_test_.cc:#: i = 1
-gtest_output_test_.cc:#: Failure
-Value of: n
- Actual: 2
-Expected: 1
-Google Test trace:
-gtest_output_test_.cc:#: i = 2
-�[0;31m[ FAILED ] �[mSCOPED_TRACETest.WorksInLoop
-�[0;32m[ RUN ] �[mSCOPED_TRACETest.WorksInSubroutine
-(expected to fail)
-gtest_output_test_.cc:#: Failure
-Value of: n
- Actual: 1
-Expected: 2
-Google Test trace:
-gtest_output_test_.cc:#: n = 1
-gtest_output_test_.cc:#: Failure
-Value of: n
- Actual: 2
-Expected: 1
-Google Test trace:
-gtest_output_test_.cc:#: n = 2
-�[0;31m[ FAILED ] �[mSCOPED_TRACETest.WorksInSubroutine
-�[0;32m[ RUN ] �[mSCOPED_TRACETest.CanBeNested
-(expected to fail)
-gtest_output_test_.cc:#: Failure
-Value of: n
- Actual: 2
-Expected: 1
-Google Test trace:
-gtest_output_test_.cc:#: n = 2
-gtest_output_test_.cc:#:
-�[0;31m[ FAILED ] �[mSCOPED_TRACETest.CanBeNested
-�[0;32m[ RUN ] �[mSCOPED_TRACETest.CanBeRepeated
-(expected to fail)
-gtest_output_test_.cc:#: Failure
-Failed
-This failure is expected, and should contain trace point A.
-Google Test trace:
-gtest_output_test_.cc:#: A
-gtest_output_test_.cc:#: Failure
-Failed
-This failure is expected, and should contain trace point A and B.
-Google Test trace:
-gtest_output_test_.cc:#: B
-gtest_output_test_.cc:#: A
-gtest_output_test_.cc:#: Failure
-Failed
-This failure is expected, and should contain trace point A, B, and C.
-Google Test trace:
-gtest_output_test_.cc:#: C
-gtest_output_test_.cc:#: B
-gtest_output_test_.cc:#: A
-gtest_output_test_.cc:#: Failure
-Failed
-This failure is expected, and should contain trace point A, B, and D.
-Google Test trace:
-gtest_output_test_.cc:#: D
-gtest_output_test_.cc:#: B
-gtest_output_test_.cc:#: A
-�[0;31m[ FAILED ] �[mSCOPED_TRACETest.CanBeRepeated
-�[0;32m[ RUN ] �[mSCOPED_TRACETest.WorksConcurrently
-(expecting 6 failures)
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #1 (in thread B, only trace B alive).
-Google Test trace:
-gtest_output_test_.cc:#: Trace B
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #2 (in thread A, trace A & B both alive).
-Google Test trace:
-gtest_output_test_.cc:#: Trace A
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #3 (in thread B, trace A & B both alive).
-Google Test trace:
-gtest_output_test_.cc:#: Trace B
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #4 (in thread B, only trace A alive).
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #5 (in thread A, only trace A alive).
-Google Test trace:
-gtest_output_test_.cc:#: Trace A
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #6 (in thread A, no trace alive).
-�[0;31m[ FAILED ] �[mSCOPED_TRACETest.WorksConcurrently
-�[0;32m[----------] �[m1 test from NonFatalFailureInFixtureConstructorTest
-�[0;32m[ RUN ] �[mNonFatalFailureInFixtureConstructorTest.FailureInConstructor
-(expecting 5 failures)
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #1, in the test fixture c'tor.
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #2, in SetUp().
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #3, in the test body.
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #4, in TearDown.
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #5, in the test fixture d'tor.
-�[0;31m[ FAILED ] �[mNonFatalFailureInFixtureConstructorTest.FailureInConstructor
-�[0;32m[----------] �[m1 test from FatalFailureInFixtureConstructorTest
-�[0;32m[ RUN ] �[mFatalFailureInFixtureConstructorTest.FailureInConstructor
-(expecting 2 failures)
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #1, in the test fixture c'tor.
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #2, in the test fixture d'tor.
-�[0;31m[ FAILED ] �[mFatalFailureInFixtureConstructorTest.FailureInConstructor
-�[0;32m[----------] �[m1 test from NonFatalFailureInSetUpTest
-�[0;32m[ RUN ] �[mNonFatalFailureInSetUpTest.FailureInSetUp
-(expecting 4 failures)
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #1, in SetUp().
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #2, in the test function.
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #3, in TearDown().
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #4, in the test fixture d'tor.
-�[0;31m[ FAILED ] �[mNonFatalFailureInSetUpTest.FailureInSetUp
-�[0;32m[----------] �[m1 test from FatalFailureInSetUpTest
-�[0;32m[ RUN ] �[mFatalFailureInSetUpTest.FailureInSetUp
-(expecting 3 failures)
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #1, in SetUp().
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #2, in TearDown().
-gtest_output_test_.cc:#: Failure
-Failed
-Expected failure #3, in the test fixture d'tor.
-�[0;31m[ FAILED ] �[mFatalFailureInSetUpTest.FailureInSetUp
-�[0;32m[----------] �[m1 test from AddFailureAtTest
-�[0;32m[ RUN ] �[mAddFailureAtTest.MessageContainsSpecifiedFileAndLineNumber
-foo.cc:42: Failure
-Failed
-Expected failure in foo.cc
-�[0;31m[ FAILED ] �[mAddFailureAtTest.MessageContainsSpecifiedFileAndLineNumber
-�[0;32m[----------] �[m4 tests from MixedUpTestCaseTest
-�[0;32m[ RUN ] �[mMixedUpTestCaseTest.FirstTestFromNamespaceFoo
-�[0;32m[ OK ] �[mMixedUpTestCaseTest.FirstTestFromNamespaceFoo
-�[0;32m[ RUN ] �[mMixedUpTestCaseTest.SecondTestFromNamespaceFoo
-�[0;32m[ OK ] �[mMixedUpTestCaseTest.SecondTestFromNamespaceFoo
-�[0;32m[ RUN ] �[mMixedUpTestCaseTest.ThisShouldFail
-gtest.cc:#: Failure
-Failed
-All tests in the same test case must use the same test fixture
-class. However, in test case MixedUpTestCaseTest,
-you defined test FirstTestFromNamespaceFoo and test ThisShouldFail
-using two different test fixture classes. This can happen if
-the two classes are from different namespaces or translation
-units and have the same name. You should probably rename one
-of the classes to put the tests into different test cases.
-�[0;31m[ FAILED ] �[mMixedUpTestCaseTest.ThisShouldFail
-�[0;32m[ RUN ] �[mMixedUpTestCaseTest.ThisShouldFailToo
-gtest.cc:#: Failure
-Failed
-All tests in the same test case must use the same test fixture
-class. However, in test case MixedUpTestCaseTest,
-you defined test FirstTestFromNamespaceFoo and test ThisShouldFailToo
-using two different test fixture classes. This can happen if
-the two classes are from different namespaces or translation
-units and have the same name. You should probably rename one
-of the classes to put the tests into different test cases.
-�[0;31m[ FAILED ] �[mMixedUpTestCaseTest.ThisShouldFailToo
-�[0;32m[----------] �[m2 tests from MixedUpTestCaseWithSameTestNameTest
-�[0;32m[ RUN ] �[mMixedUpTestCaseWithSameTestNameTest.TheSecondTestWithThisNameShouldFail
-�[0;32m[ OK ] �[mMixedUpTestCaseWithSameTestNameTest.TheSecondTestWithThisNameShouldFail
-�[0;32m[ RUN ] �[mMixedUpTestCaseWithSameTestNameTest.TheSecondTestWithThisNameShouldFail
-gtest.cc:#: Failure
-Failed
-All tests in the same test case must use the same test fixture
-class. However, in test case MixedUpTestCaseWithSameTestNameTest,
-you defined test TheSecondTestWithThisNameShouldFail and test TheSecondTestWithThisNameShouldFail
-using two different test fixture classes. This can happen if
-the two classes are from different namespaces or translation
-units and have the same name. You should probably rename one
-of the classes to put the tests into different test cases.
-�[0;31m[ FAILED ] �[mMixedUpTestCaseWithSameTestNameTest.TheSecondTestWithThisNameShouldFail
-�[0;32m[----------] �[m2 tests from TEST_F_before_TEST_in_same_test_case
-�[0;32m[ RUN ] �[mTEST_F_before_TEST_in_same_test_case.DefinedUsingTEST_F
-�[0;32m[ OK ] �[mTEST_F_before_TEST_in_same_test_case.DefinedUsingTEST_F
-�[0;32m[ RUN ] �[mTEST_F_before_TEST_in_same_test_case.DefinedUsingTESTAndShouldFail
-gtest.cc:#: Failure
-Failed
-All tests in the same test case must use the same test fixture
-class, so mixing TEST_F and TEST in the same test case is
-illegal. In test case TEST_F_before_TEST_in_same_test_case,
-test DefinedUsingTEST_F is defined using TEST_F but
-test DefinedUsingTESTAndShouldFail is defined using TEST. You probably
-want to change the TEST to TEST_F or move it to another test
-case.
-�[0;31m[ FAILED ] �[mTEST_F_before_TEST_in_same_test_case.DefinedUsingTESTAndShouldFail
-�[0;32m[----------] �[m2 tests from TEST_before_TEST_F_in_same_test_case
-�[0;32m[ RUN ] �[mTEST_before_TEST_F_in_same_test_case.DefinedUsingTEST
-�[0;32m[ OK ] �[mTEST_before_TEST_F_in_same_test_case.DefinedUsingTEST
-�[0;32m[ RUN ] �[mTEST_before_TEST_F_in_same_test_case.DefinedUsingTEST_FAndShouldFail
-gtest.cc:#: Failure
-Failed
-All tests in the same test case must use the same test fixture
-class, so mixing TEST_F and TEST in the same test case is
-illegal. In test case TEST_before_TEST_F_in_same_test_case,
-test DefinedUsingTEST_FAndShouldFail is defined using TEST_F but
-test DefinedUsingTEST is defined using TEST. You probably
-want to change the TEST to TEST_F or move it to another test
-case.
-�[0;31m[ FAILED ] �[mTEST_before_TEST_F_in_same_test_case.DefinedUsingTEST_FAndShouldFail
-�[0;32m[----------] �[m8 tests from ExpectNonfatalFailureTest
-�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.CanReferenceGlobalVariables
-�[0;32m[ OK ] �[mExpectNonfatalFailureTest.CanReferenceGlobalVariables
-�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.CanReferenceLocalVariables
-�[0;32m[ OK ] �[mExpectNonfatalFailureTest.CanReferenceLocalVariables
-�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.SucceedsWhenThereIsOneNonfatalFailure
-�[0;32m[ OK ] �[mExpectNonfatalFailureTest.SucceedsWhenThereIsOneNonfatalFailure
-�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.FailsWhenThereIsNoNonfatalFailure
-(expecting a failure)
-gtest.cc:#: Failure
-Expected: 1 non-fatal failure
- Actual: 0 failures
-�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenThereIsNoNonfatalFailure
-�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.FailsWhenThereAreTwoNonfatalFailures
-(expecting a failure)
-gtest.cc:#: Failure
-Expected: 1 non-fatal failure
- Actual: 2 failures
-gtest_output_test_.cc:#: Non-fatal failure:
-Failed
-Expected non-fatal failure 1.
-
-gtest_output_test_.cc:#: Non-fatal failure:
-Failed
-Expected non-fatal failure 2.
-
-�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenThereAreTwoNonfatalFailures
-�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.FailsWhenThereIsOneFatalFailure
-(expecting a failure)
-gtest.cc:#: Failure
-Expected: 1 non-fatal failure
- Actual:
-gtest_output_test_.cc:#: Fatal failure:
-Failed
-Expected fatal failure.
-
-�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenThereIsOneFatalFailure
-�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.FailsWhenStatementReturns
-(expecting a failure)
-gtest.cc:#: Failure
-Expected: 1 non-fatal failure
- Actual: 0 failures
-�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenStatementReturns
-�[0;32m[ RUN ] �[mExpectNonfatalFailureTest.FailsWhenStatementThrows
-(expecting a failure)
-gtest.cc:#: Failure
-Expected: 1 non-fatal failure
- Actual: 0 failures
-�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenStatementThrows
-�[0;32m[----------] �[m8 tests from ExpectFatalFailureTest
-�[0;32m[ RUN ] �[mExpectFatalFailureTest.CanReferenceGlobalVariables
-�[0;32m[ OK ] �[mExpectFatalFailureTest.CanReferenceGlobalVariables
-�[0;32m[ RUN ] �[mExpectFatalFailureTest.CanReferenceLocalStaticVariables
-�[0;32m[ OK ] �[mExpectFatalFailureTest.CanReferenceLocalStaticVariables
-�[0;32m[ RUN ] �[mExpectFatalFailureTest.SucceedsWhenThereIsOneFatalFailure
-�[0;32m[ OK ] �[mExpectFatalFailureTest.SucceedsWhenThereIsOneFatalFailure
-�[0;32m[ RUN ] �[mExpectFatalFailureTest.FailsWhenThereIsNoFatalFailure
-(expecting a failure)
-gtest.cc:#: Failure
-Expected: 1 fatal failure
- Actual: 0 failures
-�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenThereIsNoFatalFailure
-�[0;32m[ RUN ] �[mExpectFatalFailureTest.FailsWhenThereAreTwoFatalFailures
-(expecting a failure)
-gtest.cc:#: Failure
-Expected: 1 fatal failure
- Actual: 2 failures
-gtest_output_test_.cc:#: Fatal failure:
-Failed
-Expected fatal failure.
-
-gtest_output_test_.cc:#: Fatal failure:
-Failed
-Expected fatal failure.
-
-�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenThereAreTwoFatalFailures
-�[0;32m[ RUN ] �[mExpectFatalFailureTest.FailsWhenThereIsOneNonfatalFailure
-(expecting a failure)
-gtest.cc:#: Failure
-Expected: 1 fatal failure
- Actual:
-gtest_output_test_.cc:#: Non-fatal failure:
-Failed
-Expected non-fatal failure.
-
-�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenThereIsOneNonfatalFailure
-�[0;32m[ RUN ] �[mExpectFatalFailureTest.FailsWhenStatementReturns
-(expecting a failure)
-gtest.cc:#: Failure
-Expected: 1 fatal failure
- Actual: 0 failures
-�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenStatementReturns
-�[0;32m[ RUN ] �[mExpectFatalFailureTest.FailsWhenStatementThrows
-(expecting a failure)
-gtest.cc:#: Failure
-Expected: 1 fatal failure
- Actual: 0 failures
-�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenStatementThrows
-�[0;32m[----------] �[m2 tests from TypedTest/0, where TypeParam = int
-�[0;32m[ RUN ] �[mTypedTest/0.Success
-�[0;32m[ OK ] �[mTypedTest/0.Success
-�[0;32m[ RUN ] �[mTypedTest/0.Failure
-gtest_output_test_.cc:#: Failure
-Value of: TypeParam()
- Actual: 0
-Expected: 1
-Expected failure
-�[0;31m[ FAILED ] �[mTypedTest/0.Failure, where TypeParam = int
-�[0;32m[----------] �[m2 tests from Unsigned/TypedTestP/0, where TypeParam = unsigned char
-�[0;32m[ RUN ] �[mUnsigned/TypedTestP/0.Success
-�[0;32m[ OK ] �[mUnsigned/TypedTestP/0.Success
-�[0;32m[ RUN ] �[mUnsigned/TypedTestP/0.Failure
-gtest_output_test_.cc:#: Failure
-Value of: TypeParam()
- Actual: '\0'
-Expected: 1U
-Which is: 1
-Expected failure
-�[0;31m[ FAILED ] �[mUnsigned/TypedTestP/0.Failure, where TypeParam = unsigned char
-�[0;32m[----------] �[m2 tests from Unsigned/TypedTestP/1, where TypeParam = unsigned int
-�[0;32m[ RUN ] �[mUnsigned/TypedTestP/1.Success
-�[0;32m[ OK ] �[mUnsigned/TypedTestP/1.Success
-�[0;32m[ RUN ] �[mUnsigned/TypedTestP/1.Failure
-gtest_output_test_.cc:#: Failure
-Value of: TypeParam()
- Actual: 0
-Expected: 1U
-Which is: 1
-Expected failure
-�[0;31m[ FAILED ] �[mUnsigned/TypedTestP/1.Failure, where TypeParam = unsigned int
-�[0;32m[----------] �[m4 tests from ExpectFailureTest
-�[0;32m[ RUN ] �[mExpectFailureTest.ExpectFatalFailure
-(expecting 1 failure)
-gtest.cc:#: Failure
-Expected: 1 fatal failure
- Actual:
-gtest_output_test_.cc:#: Success:
-Succeeded
-
-(expecting 1 failure)
-gtest.cc:#: Failure
-Expected: 1 fatal failure
- Actual:
-gtest_output_test_.cc:#: Non-fatal failure:
-Failed
-Expected non-fatal failure.
-
-(expecting 1 failure)
-gtest.cc:#: Failure
-Expected: 1 fatal failure containing "Some other fatal failure expected."
- Actual:
-gtest_output_test_.cc:#: Fatal failure:
-Failed
-Expected fatal failure.
-
-�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectFatalFailure
-�[0;32m[ RUN ] �[mExpectFailureTest.ExpectNonFatalFailure
-(expecting 1 failure)
-gtest.cc:#: Failure
-Expected: 1 non-fatal failure
- Actual:
-gtest_output_test_.cc:#: Success:
-Succeeded
-
-(expecting 1 failure)
-gtest.cc:#: Failure
-Expected: 1 non-fatal failure
- Actual:
-gtest_output_test_.cc:#: Fatal failure:
-Failed
-Expected fatal failure.
-
-(expecting 1 failure)
-gtest.cc:#: Failure
-Expected: 1 non-fatal failure containing "Some other non-fatal failure."
- Actual:
-gtest_output_test_.cc:#: Non-fatal failure:
-Failed
-Expected non-fatal failure.
-
-�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectNonFatalFailure
-�[0;32m[ RUN ] �[mExpectFailureTest.ExpectFatalFailureOnAllThreads
-(expecting 1 failure)
-gtest.cc:#: Failure
-Expected: 1 fatal failure
- Actual:
-gtest_output_test_.cc:#: Success:
-Succeeded
-
-(expecting 1 failure)
-gtest.cc:#: Failure
-Expected: 1 fatal failure
- Actual:
-gtest_output_test_.cc:#: Non-fatal failure:
-Failed
-Expected non-fatal failure.
-
-(expecting 1 failure)
-gtest.cc:#: Failure
-Expected: 1 fatal failure containing "Some other fatal failure expected."
- Actual:
-gtest_output_test_.cc:#: Fatal failure:
-Failed
-Expected fatal failure.
-
-�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectFatalFailureOnAllThreads
-�[0;32m[ RUN ] �[mExpectFailureTest.ExpectNonFatalFailureOnAllThreads
-(expecting 1 failure)
-gtest.cc:#: Failure
-Expected: 1 non-fatal failure
- Actual:
-gtest_output_test_.cc:#: Success:
-Succeeded
-
-(expecting 1 failure)
-gtest.cc:#: Failure
-Expected: 1 non-fatal failure
- Actual:
-gtest_output_test_.cc:#: Fatal failure:
-Failed
-Expected fatal failure.
-
-(expecting 1 failure)
-gtest.cc:#: Failure
-Expected: 1 non-fatal failure containing "Some other non-fatal failure."
- Actual:
-gtest_output_test_.cc:#: Non-fatal failure:
-Failed
-Expected non-fatal failure.
-
-�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectNonFatalFailureOnAllThreads
-�[0;32m[----------] �[m2 tests from ExpectFailureWithThreadsTest
-�[0;32m[ RUN ] �[mExpectFailureWithThreadsTest.ExpectFatalFailure
-(expecting 2 failures)
-gtest_output_test_.cc:#: Failure
-Failed
-Expected fatal failure.
-gtest.cc:#: Failure
-Expected: 1 fatal failure
- Actual: 0 failures
-�[0;31m[ FAILED ] �[mExpectFailureWithThreadsTest.ExpectFatalFailure
-�[0;32m[ RUN ] �[mExpectFailureWithThreadsTest.ExpectNonFatalFailure
-(expecting 2 failures)
-gtest_output_test_.cc:#: Failure
-Failed
-Expected non-fatal failure.
-gtest.cc:#: Failure
-Expected: 1 non-fatal failure
- Actual: 0 failures
-�[0;31m[ FAILED ] �[mExpectFailureWithThreadsTest.ExpectNonFatalFailure
-�[0;32m[----------] �[m1 test from ScopedFakeTestPartResultReporterTest
-�[0;32m[ RUN ] �[mScopedFakeTestPartResultReporterTest.InterceptOnlyCurrentThread
-(expecting 2 failures)
-gtest_output_test_.cc:#: Failure
-Failed
-Expected fatal failure.
-gtest_output_test_.cc:#: Failure
-Failed
-Expected non-fatal failure.
-�[0;31m[ FAILED ] �[mScopedFakeTestPartResultReporterTest.InterceptOnlyCurrentThread
-�[0;32m[----------] �[m1 test from PrintingFailingParams/FailingParamTest
-�[0;32m[ RUN ] �[mPrintingFailingParams/FailingParamTest.Fails/0
-gtest_output_test_.cc:#: Failure
-Value of: GetParam()
- Actual: 2
-Expected: 1
-�[0;31m[ FAILED ] �[mPrintingFailingParams/FailingParamTest.Fails/0, where GetParam() = 2
-�[0;32m[----------] �[mGlobal test environment tear-down
-BarEnvironment::TearDown() called.
-gtest_output_test_.cc:#: Failure
-Failed
-Expected non-fatal failure.
-FooEnvironment::TearDown() called.
-gtest_output_test_.cc:#: Failure
-Failed
-Expected fatal failure.
-�[0;32m[==========] �[m64 tests from 28 test cases ran.
-�[0;32m[ PASSED ] �[m21 tests.
-�[0;31m[ FAILED ] �[m43 tests, listed below:
-�[0;31m[ FAILED ] �[mNonfatalFailureTest.EscapesStringOperands
-�[0;31m[ FAILED ] �[mNonfatalFailureTest.DiffForLongStrings
-�[0;31m[ FAILED ] �[mFatalFailureTest.FatalFailureInSubroutine
-�[0;31m[ FAILED ] �[mFatalFailureTest.FatalFailureInNestedSubroutine
-�[0;31m[ FAILED ] �[mFatalFailureTest.NonfatalFailureInSubroutine
-�[0;31m[ FAILED ] �[mLoggingTest.InterleavingLoggingAndAssertions
-�[0;31m[ FAILED ] �[mSCOPED_TRACETest.ObeysScopes
-�[0;31m[ FAILED ] �[mSCOPED_TRACETest.WorksInLoop
-�[0;31m[ FAILED ] �[mSCOPED_TRACETest.WorksInSubroutine
-�[0;31m[ FAILED ] �[mSCOPED_TRACETest.CanBeNested
-�[0;31m[ FAILED ] �[mSCOPED_TRACETest.CanBeRepeated
-�[0;31m[ FAILED ] �[mSCOPED_TRACETest.WorksConcurrently
-�[0;31m[ FAILED ] �[mNonFatalFailureInFixtureConstructorTest.FailureInConstructor
-�[0;31m[ FAILED ] �[mFatalFailureInFixtureConstructorTest.FailureInConstructor
-�[0;31m[ FAILED ] �[mNonFatalFailureInSetUpTest.FailureInSetUp
-�[0;31m[ FAILED ] �[mFatalFailureInSetUpTest.FailureInSetUp
-�[0;31m[ FAILED ] �[mAddFailureAtTest.MessageContainsSpecifiedFileAndLineNumber
-�[0;31m[ FAILED ] �[mMixedUpTestCaseTest.ThisShouldFail
-�[0;31m[ FAILED ] �[mMixedUpTestCaseTest.ThisShouldFailToo
-�[0;31m[ FAILED ] �[mMixedUpTestCaseWithSameTestNameTest.TheSecondTestWithThisNameShouldFail
-�[0;31m[ FAILED ] �[mTEST_F_before_TEST_in_same_test_case.DefinedUsingTESTAndShouldFail
-�[0;31m[ FAILED ] �[mTEST_before_TEST_F_in_same_test_case.DefinedUsingTEST_FAndShouldFail
-�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenThereIsNoNonfatalFailure
-�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenThereAreTwoNonfatalFailures
-�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenThereIsOneFatalFailure
-�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenStatementReturns
-�[0;31m[ FAILED ] �[mExpectNonfatalFailureTest.FailsWhenStatementThrows
-�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenThereIsNoFatalFailure
-�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenThereAreTwoFatalFailures
-�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenThereIsOneNonfatalFailure
-�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenStatementReturns
-�[0;31m[ FAILED ] �[mExpectFatalFailureTest.FailsWhenStatementThrows
-�[0;31m[ FAILED ] �[mTypedTest/0.Failure, where TypeParam = int
-�[0;31m[ FAILED ] �[mUnsigned/TypedTestP/0.Failure, where TypeParam = unsigned char
-�[0;31m[ FAILED ] �[mUnsigned/TypedTestP/1.Failure, where TypeParam = unsigned int
-�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectFatalFailure
-�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectNonFatalFailure
-�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectFatalFailureOnAllThreads
-�[0;31m[ FAILED ] �[mExpectFailureTest.ExpectNonFatalFailureOnAllThreads
-�[0;31m[ FAILED ] �[mExpectFailureWithThreadsTest.ExpectFatalFailure
-�[0;31m[ FAILED ] �[mExpectFailureWithThreadsTest.ExpectNonFatalFailure
-�[0;31m[ FAILED ] �[mScopedFakeTestPartResultReporterTest.InterceptOnlyCurrentThread
-�[0;31m[ FAILED ] �[mPrintingFailingParams/FailingParamTest.Fails/0, where GetParam() = 2
-
-43 FAILED TESTS
-�[0;33m YOU HAVE 1 DISABLED TEST
-
-�[mNote: Google Test filter = FatalFailureTest.*:LoggingTest.*
-[==========] Running 4 tests from 2 test cases.
-[----------] Global test environment set-up.
-[----------] 3 tests from FatalFailureTest
-[ RUN ] FatalFailureTest.FatalFailureInSubroutine
-(expecting a failure that x should be 1)
-gtest_output_test_.cc:#: Failure
-Value of: x
- Actual: 2
-Expected: 1
-[ FAILED ] FatalFailureTest.FatalFailureInSubroutine (? ms)
-[ RUN ] FatalFailureTest.FatalFailureInNestedSubroutine
-(expecting a failure that x should be 1)
-gtest_output_test_.cc:#: Failure
-Value of: x
- Actual: 2
-Expected: 1
-[ FAILED ] FatalFailureTest.FatalFailureInNestedSubroutine (? ms)
-[ RUN ] FatalFailureTest.NonfatalFailureInSubroutine
-(expecting a failure on false)
-gtest_output_test_.cc:#: Failure
-Value of: false
- Actual: false
-Expected: true
-[ FAILED ] FatalFailureTest.NonfatalFailureInSubroutine (? ms)
-[----------] 3 tests from FatalFailureTest (? ms total)
-
-[----------] 1 test from LoggingTest
-[ RUN ] LoggingTest.InterleavingLoggingAndAssertions
-(expecting 2 failures on (3) >= (a[i]))
-i == 0
-i == 1
-gtest_output_test_.cc:#: Failure
-Expected: (3) >= (a[i]), actual: 3 vs 9
-i == 2
-i == 3
-gtest_output_test_.cc:#: Failure
-Expected: (3) >= (a[i]), actual: 3 vs 6
-[ FAILED ] LoggingTest.InterleavingLoggingAndAssertions (? ms)
-[----------] 1 test from LoggingTest (? ms total)
-
-[----------] Global test environment tear-down
-[==========] 4 tests from 2 test cases ran. (? ms total)
-[ PASSED ] 0 tests.
-[ FAILED ] 4 tests, listed below:
-[ FAILED ] FatalFailureTest.FatalFailureInSubroutine
-[ FAILED ] FatalFailureTest.FatalFailureInNestedSubroutine
-[ FAILED ] FatalFailureTest.NonfatalFailureInSubroutine
-[ FAILED ] LoggingTest.InterleavingLoggingAndAssertions
-
- 4 FAILED TESTS
-Note: Google Test filter = *DISABLED_*
-[==========] Running 1 test from 1 test case.
-[----------] Global test environment set-up.
-[----------] 1 test from DisabledTestsWarningTest
-[ RUN ] DisabledTestsWarningTest.DISABLED_AlsoRunDisabledTestsFlagSuppressesWarning
-[ OK ] DisabledTestsWarningTest.DISABLED_AlsoRunDisabledTestsFlagSuppressesWarning
-[----------] Global test environment tear-down
-[==========] 1 test from 1 test case ran.
-[ PASSED ] 1 test.
-Note: Google Test filter = PassingTest.*
-Note: This is test shard 2 of 2.
-[==========] Running 1 test from 1 test case.
-[----------] Global test environment set-up.
-[----------] 1 test from PassingTest
-[ RUN ] PassingTest.PassingTest2
-[ OK ] PassingTest.PassingTest2
-[----------] Global test environment tear-down
-[==========] 1 test from 1 test case ran.
-[ PASSED ] 1 test.
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_pred_impl_unittest.cc b/security/nss/gtests/google_test/gtest/test/gtest_pred_impl_unittest.cc
index a84eff860..b466c150a 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_pred_impl_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_pred_impl_unittest.cc
@@ -27,7 +27,7 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-// This file is AUTOMATICALLY GENERATED on 10/31/2011 by command
+// This file is AUTOMATICALLY GENERATED on 01/02/2018 by command
// 'gen_gtest_pred_impl.py 5'. DO NOT EDIT BY HAND!
// Regression test for gtest_pred_impl.h
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_premature_exit_test.cc b/security/nss/gtests/google_test/gtest/test/gtest_premature_exit_test.cc
index c1ed96866..c1e93056d 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_premature_exit_test.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_premature_exit_test.cc
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
//
// Tests that Google Test manipulates the premature-exit-detection
// file correctly.
@@ -44,10 +43,6 @@ using ::testing::internal::posix::StatStruct;
namespace {
-// Is the TEST_PREMATURE_EXIT_FILE environment variable expected to be
-// set?
-const bool kTestPrematureExitFileEnvVarShouldBeSet = false;
-
class PrematureExitTest : public Test {
public:
// Returns true iff the given file exists.
@@ -97,18 +92,6 @@ TEST_F(PrematureExitDeathTest, FileExistsDuringExecutionOfDeathTest) {
}, "");
}
-// Tests that TEST_PREMATURE_EXIT_FILE is set where it's expected to
-// be set.
-TEST_F(PrematureExitTest, TestPrematureExitFileEnvVarIsSet) {
- GTEST_INTENTIONAL_CONST_COND_PUSH_()
- if (kTestPrematureExitFileEnvVarShouldBeSet) {
- GTEST_INTENTIONAL_CONST_COND_POP_()
- const char* const filepath = GetEnv("TEST_PREMATURE_EXIT_FILE");
- ASSERT_TRUE(filepath != NULL);
- ASSERT_NE(*filepath, '\0');
- }
-}
-
// Tests that the premature-exit file exists during the execution of a
// normal (non-death) test.
TEST_F(PrematureExitTest, PrematureExitFileExistsDuringTestExecution) {
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_prod_test.cc b/security/nss/gtests/google_test/gtest/test/gtest_prod_test.cc
index 060abce18..ede81a0d1 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_prod_test.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_prod_test.cc
@@ -26,13 +26,12 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
//
-// Author: wan@google.com (Zhanyong Wan)
-//
-// Unit test for include/gtest/gtest_prod.h.
+// Unit test for gtest_prod.h.
+#include "production.h"
#include "gtest/gtest.h"
-#include "test/production.h"
// Tests that private members can be accessed from a TEST declared as
// a friend of the class.
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_repeat_test.cc b/security/nss/gtests/google_test/gtest/test/gtest_repeat_test.cc
index 481012adc..1e8f499bb 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_repeat_test.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_repeat_test.cc
@@ -26,23 +26,14 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
// Tests the --gtest_repeat=number flag.
#include <stdlib.h>
#include <iostream>
#include "gtest/gtest.h"
-
-// Indicates that this translation unit is part of Google Test's
-// implementation. It must come before gtest-internal-inl.h is
-// included, or there will be a compiler error. This trick is to
-// prevent a user from accidentally including gtest-internal-inl.h in
-// his code.
-#define GTEST_IMPLEMENTATION_ 1
#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
namespace testing {
@@ -75,7 +66,7 @@ namespace {
// Used for verifying that global environment set-up and tear-down are
-// inside the gtest_repeat loop.
+// inside the --gtest_repeat loop.
int g_environment_set_up_count = 0;
int g_environment_tear_down_count = 0;
@@ -119,7 +110,6 @@ TEST(BarDeathTest, ThreadSafeAndFast) {
EXPECT_DEATH_IF_SUPPORTED(::testing::internal::posix::Abort(), "");
}
-#if GTEST_HAS_PARAM_TEST
int g_param_test_count = 0;
const int kNumberOfParamTests = 10;
@@ -127,15 +117,13 @@ const int kNumberOfParamTests = 10;
class MyParamTest : public testing::TestWithParam<int> {};
TEST_P(MyParamTest, ShouldPass) {
- // TODO(vladl@google.com): Make parameter value checking robust
- // WRT order of tests.
+ // FIXME: Make parameter value checking robust WRT order of tests.
GTEST_CHECK_INT_EQ_(g_param_test_count % kNumberOfParamTests, GetParam());
g_param_test_count++;
}
INSTANTIATE_TEST_CASE_P(MyParamSequence,
MyParamTest,
testing::Range(0, kNumberOfParamTests));
-#endif // GTEST_HAS_PARAM_TEST
// Resets the count for each test.
void ResetCounts() {
@@ -144,9 +132,7 @@ void ResetCounts() {
g_should_fail_count = 0;
g_should_pass_count = 0;
g_death_test_count = 0;
-#if GTEST_HAS_PARAM_TEST
g_param_test_count = 0;
-#endif // GTEST_HAS_PARAM_TEST
}
// Checks that the count for each test is expected.
@@ -156,9 +142,7 @@ void CheckCounts(int expected) {
GTEST_CHECK_INT_EQ_(expected, g_should_fail_count);
GTEST_CHECK_INT_EQ_(expected, g_should_pass_count);
GTEST_CHECK_INT_EQ_(expected, g_death_test_count);
-#if GTEST_HAS_PARAM_TEST
GTEST_CHECK_INT_EQ_(expected * kNumberOfParamTests, g_param_test_count);
-#endif // GTEST_HAS_PARAM_TEST
}
// Tests the behavior of Google Test when --gtest_repeat is not specified.
@@ -201,9 +185,7 @@ void TestRepeatWithFilterForSuccessfulTests(int repeat) {
GTEST_CHECK_INT_EQ_(0, g_should_fail_count);
GTEST_CHECK_INT_EQ_(repeat, g_should_pass_count);
GTEST_CHECK_INT_EQ_(repeat, g_death_test_count);
-#if GTEST_HAS_PARAM_TEST
GTEST_CHECK_INT_EQ_(repeat * kNumberOfParamTests, g_param_test_count);
-#endif // GTEST_HAS_PARAM_TEST
}
// Tests using --gtest_repeat when --gtest_filter specifies a set of
@@ -219,15 +201,14 @@ void TestRepeatWithFilterForFailedTests(int repeat) {
GTEST_CHECK_INT_EQ_(repeat, g_should_fail_count);
GTEST_CHECK_INT_EQ_(0, g_should_pass_count);
GTEST_CHECK_INT_EQ_(0, g_death_test_count);
-#if GTEST_HAS_PARAM_TEST
GTEST_CHECK_INT_EQ_(0, g_param_test_count);
-#endif // GTEST_HAS_PARAM_TEST
}
} // namespace
int main(int argc, char **argv) {
testing::InitGoogleTest(&argc, argv);
+
testing::AddGlobalTestEnvironment(new MyEnvironment);
TestRepeatUnspecified();
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_shuffle_test.py b/security/nss/gtests/google_test/gtest/test/gtest_shuffle_test.py
deleted file mode 100755
index 30d0303d1..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_shuffle_test.py
+++ /dev/null
@@ -1,325 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2009 Google Inc. All Rights Reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-# * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-"""Verifies that test shuffling works."""
-
-__author__ = 'wan@google.com (Zhanyong Wan)'
-
-import os
-import gtest_test_utils
-
-# Command to run the gtest_shuffle_test_ program.
-COMMAND = gtest_test_utils.GetTestExecutablePath('gtest_shuffle_test_')
-
-# The environment variables for test sharding.
-TOTAL_SHARDS_ENV_VAR = 'GTEST_TOTAL_SHARDS'
-SHARD_INDEX_ENV_VAR = 'GTEST_SHARD_INDEX'
-
-TEST_FILTER = 'A*.A:A*.B:C*'
-
-ALL_TESTS = []
-ACTIVE_TESTS = []
-FILTERED_TESTS = []
-SHARDED_TESTS = []
-
-SHUFFLED_ALL_TESTS = []
-SHUFFLED_ACTIVE_TESTS = []
-SHUFFLED_FILTERED_TESTS = []
-SHUFFLED_SHARDED_TESTS = []
-
-
-def AlsoRunDisabledTestsFlag():
- return '--gtest_also_run_disabled_tests'
-
-
-def FilterFlag(test_filter):
- return '--gtest_filter=%s' % (test_filter,)
-
-
-def RepeatFlag(n):
- return '--gtest_repeat=%s' % (n,)
-
-
-def ShuffleFlag():
- return '--gtest_shuffle'
-
-
-def RandomSeedFlag(n):
- return '--gtest_random_seed=%s' % (n,)
-
-
-def RunAndReturnOutput(extra_env, args):
- """Runs the test program and returns its output."""
-
- environ_copy = os.environ.copy()
- environ_copy.update(extra_env)
-
- return gtest_test_utils.Subprocess([COMMAND] + args, env=environ_copy).output
-
-
-def GetTestsForAllIterations(extra_env, args):
- """Runs the test program and returns a list of test lists.
-
- Args:
- extra_env: a map from environment variables to their values
- args: command line flags to pass to gtest_shuffle_test_
-
- Returns:
- A list where the i-th element is the list of tests run in the i-th
- test iteration.
- """
-
- test_iterations = []
- for line in RunAndReturnOutput(extra_env, args).split('\n'):
- if line.startswith('----'):
- tests = []
- test_iterations.append(tests)
- elif line.strip():
- tests.append(line.strip()) # 'TestCaseName.TestName'
-
- return test_iterations
-
-
-def GetTestCases(tests):
- """Returns a list of test cases in the given full test names.
-
- Args:
- tests: a list of full test names
-
- Returns:
- A list of test cases from 'tests', in their original order.
- Consecutive duplicates are removed.
- """
-
- test_cases = []
- for test in tests:
- test_case = test.split('.')[0]
- if not test_case in test_cases:
- test_cases.append(test_case)
-
- return test_cases
-
-
-def CalculateTestLists():
- """Calculates the list of tests run under different flags."""
-
- if not ALL_TESTS:
- ALL_TESTS.extend(
- GetTestsForAllIterations({}, [AlsoRunDisabledTestsFlag()])[0])
-
- if not ACTIVE_TESTS:
- ACTIVE_TESTS.extend(GetTestsForAllIterations({}, [])[0])
-
- if not FILTERED_TESTS:
- FILTERED_TESTS.extend(
- GetTestsForAllIterations({}, [FilterFlag(TEST_FILTER)])[0])
-
- if not SHARDED_TESTS:
- SHARDED_TESTS.extend(
- GetTestsForAllIterations({TOTAL_SHARDS_ENV_VAR: '3',
- SHARD_INDEX_ENV_VAR: '1'},
- [])[0])
-
- if not SHUFFLED_ALL_TESTS:
- SHUFFLED_ALL_TESTS.extend(GetTestsForAllIterations(
- {}, [AlsoRunDisabledTestsFlag(), ShuffleFlag(), RandomSeedFlag(1)])[0])
-
- if not SHUFFLED_ACTIVE_TESTS:
- SHUFFLED_ACTIVE_TESTS.extend(GetTestsForAllIterations(
- {}, [ShuffleFlag(), RandomSeedFlag(1)])[0])
-
- if not SHUFFLED_FILTERED_TESTS:
- SHUFFLED_FILTERED_TESTS.extend(GetTestsForAllIterations(
- {}, [ShuffleFlag(), RandomSeedFlag(1), FilterFlag(TEST_FILTER)])[0])
-
- if not SHUFFLED_SHARDED_TESTS:
- SHUFFLED_SHARDED_TESTS.extend(
- GetTestsForAllIterations({TOTAL_SHARDS_ENV_VAR: '3',
- SHARD_INDEX_ENV_VAR: '1'},
- [ShuffleFlag(), RandomSeedFlag(1)])[0])
-
-
-class GTestShuffleUnitTest(gtest_test_utils.TestCase):
- """Tests test shuffling."""
-
- def setUp(self):
- CalculateTestLists()
-
- def testShufflePreservesNumberOfTests(self):
- self.assertEqual(len(ALL_TESTS), len(SHUFFLED_ALL_TESTS))
- self.assertEqual(len(ACTIVE_TESTS), len(SHUFFLED_ACTIVE_TESTS))
- self.assertEqual(len(FILTERED_TESTS), len(SHUFFLED_FILTERED_TESTS))
- self.assertEqual(len(SHARDED_TESTS), len(SHUFFLED_SHARDED_TESTS))
-
- def testShuffleChangesTestOrder(self):
- self.assert_(SHUFFLED_ALL_TESTS != ALL_TESTS, SHUFFLED_ALL_TESTS)
- self.assert_(SHUFFLED_ACTIVE_TESTS != ACTIVE_TESTS, SHUFFLED_ACTIVE_TESTS)
- self.assert_(SHUFFLED_FILTERED_TESTS != FILTERED_TESTS,
- SHUFFLED_FILTERED_TESTS)
- self.assert_(SHUFFLED_SHARDED_TESTS != SHARDED_TESTS,
- SHUFFLED_SHARDED_TESTS)
-
- def testShuffleChangesTestCaseOrder(self):
- self.assert_(GetTestCases(SHUFFLED_ALL_TESTS) != GetTestCases(ALL_TESTS),
- GetTestCases(SHUFFLED_ALL_TESTS))
- self.assert_(
- GetTestCases(SHUFFLED_ACTIVE_TESTS) != GetTestCases(ACTIVE_TESTS),
- GetTestCases(SHUFFLED_ACTIVE_TESTS))
- self.assert_(
- GetTestCases(SHUFFLED_FILTERED_TESTS) != GetTestCases(FILTERED_TESTS),
- GetTestCases(SHUFFLED_FILTERED_TESTS))
- self.assert_(
- GetTestCases(SHUFFLED_SHARDED_TESTS) != GetTestCases(SHARDED_TESTS),
- GetTestCases(SHUFFLED_SHARDED_TESTS))
-
- def testShuffleDoesNotRepeatTest(self):
- for test in SHUFFLED_ALL_TESTS:
- self.assertEqual(1, SHUFFLED_ALL_TESTS.count(test),
- '%s appears more than once' % (test,))
- for test in SHUFFLED_ACTIVE_TESTS:
- self.assertEqual(1, SHUFFLED_ACTIVE_TESTS.count(test),
- '%s appears more than once' % (test,))
- for test in SHUFFLED_FILTERED_TESTS:
- self.assertEqual(1, SHUFFLED_FILTERED_TESTS.count(test),
- '%s appears more than once' % (test,))
- for test in SHUFFLED_SHARDED_TESTS:
- self.assertEqual(1, SHUFFLED_SHARDED_TESTS.count(test),
- '%s appears more than once' % (test,))
-
- def testShuffleDoesNotCreateNewTest(self):
- for test in SHUFFLED_ALL_TESTS:
- self.assert_(test in ALL_TESTS, '%s is an invalid test' % (test,))
- for test in SHUFFLED_ACTIVE_TESTS:
- self.assert_(test in ACTIVE_TESTS, '%s is an invalid test' % (test,))
- for test in SHUFFLED_FILTERED_TESTS:
- self.assert_(test in FILTERED_TESTS, '%s is an invalid test' % (test,))
- for test in SHUFFLED_SHARDED_TESTS:
- self.assert_(test in SHARDED_TESTS, '%s is an invalid test' % (test,))
-
- def testShuffleIncludesAllTests(self):
- for test in ALL_TESTS:
- self.assert_(test in SHUFFLED_ALL_TESTS, '%s is missing' % (test,))
- for test in ACTIVE_TESTS:
- self.assert_(test in SHUFFLED_ACTIVE_TESTS, '%s is missing' % (test,))
- for test in FILTERED_TESTS:
- self.assert_(test in SHUFFLED_FILTERED_TESTS, '%s is missing' % (test,))
- for test in SHARDED_TESTS:
- self.assert_(test in SHUFFLED_SHARDED_TESTS, '%s is missing' % (test,))
-
- def testShuffleLeavesDeathTestsAtFront(self):
- non_death_test_found = False
- for test in SHUFFLED_ACTIVE_TESTS:
- if 'DeathTest.' in test:
- self.assert_(not non_death_test_found,
- '%s appears after a non-death test' % (test,))
- else:
- non_death_test_found = True
-
- def _VerifyTestCasesDoNotInterleave(self, tests):
- test_cases = []
- for test in tests:
- [test_case, _] = test.split('.')
- if test_cases and test_cases[-1] != test_case:
- test_cases.append(test_case)
- self.assertEqual(1, test_cases.count(test_case),
- 'Test case %s is not grouped together in %s' %
- (test_case, tests))
-
- def testShuffleDoesNotInterleaveTestCases(self):
- self._VerifyTestCasesDoNotInterleave(SHUFFLED_ALL_TESTS)
- self._VerifyTestCasesDoNotInterleave(SHUFFLED_ACTIVE_TESTS)
- self._VerifyTestCasesDoNotInterleave(SHUFFLED_FILTERED_TESTS)
- self._VerifyTestCasesDoNotInterleave(SHUFFLED_SHARDED_TESTS)
-
- def testShuffleRestoresOrderAfterEachIteration(self):
- # Get the test lists in all 3 iterations, using random seed 1, 2,
- # and 3 respectively. Google Test picks a different seed in each
- # iteration, and this test depends on the current implementation
- # picking successive numbers. This dependency is not ideal, but
- # makes the test much easier to write.
- [tests_in_iteration1, tests_in_iteration2, tests_in_iteration3] = (
- GetTestsForAllIterations(
- {}, [ShuffleFlag(), RandomSeedFlag(1), RepeatFlag(3)]))
-
- # Make sure running the tests with random seed 1 gets the same
- # order as in iteration 1 above.
- [tests_with_seed1] = GetTestsForAllIterations(
- {}, [ShuffleFlag(), RandomSeedFlag(1)])
- self.assertEqual(tests_in_iteration1, tests_with_seed1)
-
- # Make sure running the tests with random seed 2 gets the same
- # order as in iteration 2 above. Success means that Google Test
- # correctly restores the test order before re-shuffling at the
- # beginning of iteration 2.
- [tests_with_seed2] = GetTestsForAllIterations(
- {}, [ShuffleFlag(), RandomSeedFlag(2)])
- self.assertEqual(tests_in_iteration2, tests_with_seed2)
-
- # Make sure running the tests with random seed 3 gets the same
- # order as in iteration 3 above. Success means that Google Test
- # correctly restores the test order before re-shuffling at the
- # beginning of iteration 3.
- [tests_with_seed3] = GetTestsForAllIterations(
- {}, [ShuffleFlag(), RandomSeedFlag(3)])
- self.assertEqual(tests_in_iteration3, tests_with_seed3)
-
- def testShuffleGeneratesNewOrderInEachIteration(self):
- [tests_in_iteration1, tests_in_iteration2, tests_in_iteration3] = (
- GetTestsForAllIterations(
- {}, [ShuffleFlag(), RandomSeedFlag(1), RepeatFlag(3)]))
-
- self.assert_(tests_in_iteration1 != tests_in_iteration2,
- tests_in_iteration1)
- self.assert_(tests_in_iteration1 != tests_in_iteration3,
- tests_in_iteration1)
- self.assert_(tests_in_iteration2 != tests_in_iteration3,
- tests_in_iteration2)
-
- def testShuffleShardedTestsPreservesPartition(self):
- # If we run M tests on N shards, the same M tests should be run in
- # total, regardless of the random seeds used by the shards.
- [tests1] = GetTestsForAllIterations({TOTAL_SHARDS_ENV_VAR: '3',
- SHARD_INDEX_ENV_VAR: '0'},
- [ShuffleFlag(), RandomSeedFlag(1)])
- [tests2] = GetTestsForAllIterations({TOTAL_SHARDS_ENV_VAR: '3',
- SHARD_INDEX_ENV_VAR: '1'},
- [ShuffleFlag(), RandomSeedFlag(20)])
- [tests3] = GetTestsForAllIterations({TOTAL_SHARDS_ENV_VAR: '3',
- SHARD_INDEX_ENV_VAR: '2'},
- [ShuffleFlag(), RandomSeedFlag(25)])
- sorted_sharded_tests = tests1 + tests2 + tests3
- sorted_sharded_tests.sort()
- sorted_active_tests = []
- sorted_active_tests.extend(ACTIVE_TESTS)
- sorted_active_tests.sort()
- self.assertEqual(sorted_active_tests, sorted_sharded_tests)
-
-if __name__ == '__main__':
- gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_shuffle_test_.cc b/security/nss/gtests/google_test/gtest/test/gtest_shuffle_test_.cc
deleted file mode 100644
index 6fb441bd4..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_shuffle_test_.cc
+++ /dev/null
@@ -1,103 +0,0 @@
-// Copyright 2009, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
-// Verifies that test shuffling works.
-
-#include "gtest/gtest.h"
-
-namespace {
-
-using ::testing::EmptyTestEventListener;
-using ::testing::InitGoogleTest;
-using ::testing::Message;
-using ::testing::Test;
-using ::testing::TestEventListeners;
-using ::testing::TestInfo;
-using ::testing::UnitTest;
-using ::testing::internal::scoped_ptr;
-
-// The test methods are empty, as the sole purpose of this program is
-// to print the test names before/after shuffling.
-
-class A : public Test {};
-TEST_F(A, A) {}
-TEST_F(A, B) {}
-
-TEST(ADeathTest, A) {}
-TEST(ADeathTest, B) {}
-TEST(ADeathTest, C) {}
-
-TEST(B, A) {}
-TEST(B, B) {}
-TEST(B, C) {}
-TEST(B, DISABLED_D) {}
-TEST(B, DISABLED_E) {}
-
-TEST(BDeathTest, A) {}
-TEST(BDeathTest, B) {}
-
-TEST(C, A) {}
-TEST(C, B) {}
-TEST(C, C) {}
-TEST(C, DISABLED_D) {}
-
-TEST(CDeathTest, A) {}
-
-TEST(DISABLED_D, A) {}
-TEST(DISABLED_D, DISABLED_B) {}
-
-// This printer prints the full test names only, starting each test
-// iteration with a "----" marker.
-class TestNamePrinter : public EmptyTestEventListener {
- public:
- virtual void OnTestIterationStart(const UnitTest& /* unit_test */,
- int /* iteration */) {
- printf("----\n");
- }
-
- virtual void OnTestStart(const TestInfo& test_info) {
- printf("%s.%s\n", test_info.test_case_name(), test_info.name());
- }
-};
-
-} // namespace
-
-int main(int argc, char **argv) {
- InitGoogleTest(&argc, argv);
-
- // Replaces the default printer with TestNamePrinter, which prints
- // the test name only.
- TestEventListeners& listeners = UnitTest::GetInstance()->listeners();
- delete listeners.Release(listeners.default_result_printer());
- listeners.Append(new TestNamePrinter);
-
- return RUN_ALL_TESTS();
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_sole_header_test.cc b/security/nss/gtests/google_test/gtest/test/gtest_sole_header_test.cc
index ccd091a28..1d94ac6b3 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_sole_header_test.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_sole_header_test.cc
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: mheule@google.com (Markus Heule)
+
//
// This test verifies that it's possible to use Google Test by including
// the gtest.h header file alone.
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_stress_test.cc b/security/nss/gtests/google_test/gtest/test/gtest_stress_test.cc
index e7daa430d..95ada39c3 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_stress_test.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_stress_test.cc
@@ -26,23 +26,16 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
// Tests that SCOPED_TRACE() and various Google Test assertions can be
// used in a large number of threads concurrently.
#include "gtest/gtest.h"
-#include <iostream>
#include <vector>
-// We must define this macro in order to #include
-// gtest-internal-inl.h. This is how Google Test prevents a user from
-// accidentally depending on its internal implementation.
-#define GTEST_IMPLEMENTATION_ 1
#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
#if GTEST_IS_THREADSAFE
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_test_macro_stack_footprint_test.cc b/security/nss/gtests/google_test/gtest/test/gtest_test_macro_stack_footprint_test.cc
new file mode 100644
index 000000000..a48db0501
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/gtest_test_macro_stack_footprint_test.cc
@@ -0,0 +1,89 @@
+// Copyright 2013, Google Inc.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+//
+// Each TEST() expands to some static registration logic. GCC puts all
+// such static initialization logic for a translation unit in a common,
+// internal function. Since Google's build system restricts how much
+// stack space a function can use, there's a limit on how many TEST()s
+// one can put in a single C++ test file. This test ensures that a large
+// number of TEST()s can be defined in the same translation unit.
+
+#include "gtest/gtest.h"
+
+// This macro defines 10 dummy tests.
+#define TEN_TESTS_(test_case_name) \
+ TEST(test_case_name, T0) {} \
+ TEST(test_case_name, T1) {} \
+ TEST(test_case_name, T2) {} \
+ TEST(test_case_name, T3) {} \
+ TEST(test_case_name, T4) {} \
+ TEST(test_case_name, T5) {} \
+ TEST(test_case_name, T6) {} \
+ TEST(test_case_name, T7) {} \
+ TEST(test_case_name, T8) {} \
+ TEST(test_case_name, T9) {}
+
+// This macro defines 100 dummy tests.
+#define HUNDRED_TESTS_(test_case_name_prefix) \
+ TEN_TESTS_(test_case_name_prefix ## 0) \
+ TEN_TESTS_(test_case_name_prefix ## 1) \
+ TEN_TESTS_(test_case_name_prefix ## 2) \
+ TEN_TESTS_(test_case_name_prefix ## 3) \
+ TEN_TESTS_(test_case_name_prefix ## 4) \
+ TEN_TESTS_(test_case_name_prefix ## 5) \
+ TEN_TESTS_(test_case_name_prefix ## 6) \
+ TEN_TESTS_(test_case_name_prefix ## 7) \
+ TEN_TESTS_(test_case_name_prefix ## 8) \
+ TEN_TESTS_(test_case_name_prefix ## 9)
+
+// This macro defines 1000 dummy tests.
+#define THOUSAND_TESTS_(test_case_name_prefix) \
+ HUNDRED_TESTS_(test_case_name_prefix ## 0) \
+ HUNDRED_TESTS_(test_case_name_prefix ## 1) \
+ HUNDRED_TESTS_(test_case_name_prefix ## 2) \
+ HUNDRED_TESTS_(test_case_name_prefix ## 3) \
+ HUNDRED_TESTS_(test_case_name_prefix ## 4) \
+ HUNDRED_TESTS_(test_case_name_prefix ## 5) \
+ HUNDRED_TESTS_(test_case_name_prefix ## 6) \
+ HUNDRED_TESTS_(test_case_name_prefix ## 7) \
+ HUNDRED_TESTS_(test_case_name_prefix ## 8) \
+ HUNDRED_TESTS_(test_case_name_prefix ## 9)
+
+// Ensures that we can define 1000 TEST()s in the same translation
+// unit.
+THOUSAND_TESTS_(T)
+
+int main(int argc, char **argv) {
+ testing::InitGoogleTest(&argc, argv);
+
+ // We don't actually need to run the dummy tests - the purpose is to
+ // ensure that they compile.
+ return 0;
+}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_test_utils.py b/security/nss/gtests/google_test/gtest/test/gtest_test_utils.py
index 7e3cbcafd..43cba8f4c 100755
--- a/security/nss/gtests/google_test/gtest/test/gtest_test_utils.py
+++ b/security/nss/gtests/google_test/gtest/test/gtest_test_utils.py
@@ -1,5 +1,3 @@
-#!/usr/bin/env python
-#
# Copyright 2006, Google Inc.
# All rights reserved.
#
@@ -29,20 +27,21 @@
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-"""Unit test utilities for Google C++ Testing Framework."""
+"""Unit test utilities for Google C++ Testing and Mocking Framework."""
+# Suppresses the 'Import not at the top of the file' lint complaint.
+# pylint: disable-msg=C6204
+
+import os
+import sys
-__author__ = 'wan@google.com (Zhanyong Wan)'
+IS_WINDOWS = os.name == 'nt'
+IS_CYGWIN = os.name == 'posix' and 'CYGWIN' in os.uname()[0]
import atexit
-import os
import shutil
-import sys
import tempfile
-import unittest
-_test_module = unittest
+import unittest as _test_module
-# Suppresses the 'Import not at the top of the file' lint complaint.
-# pylint: disable-msg=C6204
try:
import subprocess
_SUBPROCESS_MODULE_AVAILABLE = True
@@ -53,9 +52,6 @@ except:
GTEST_OUTPUT_VAR_NAME = 'GTEST_OUTPUT'
-IS_WINDOWS = os.name == 'nt'
-IS_CYGWIN = os.name == 'posix' and 'CYGWIN' in os.uname()[0]
-
# The environment variable for specifying the path to the premature-exit file.
PREMATURE_EXIT_FILE_ENV_VAR = 'TEST_PREMATURE_EXIT_FILE'
@@ -74,7 +70,7 @@ def SetEnvVar(env_var, value):
# Here we expose a class from a particular module, depending on the
# environment. The comment suppresses the 'Invalid variable name' lint
# complaint.
-TestCase = _test_module.TestCase # pylint: disable-msg=C6409
+TestCase = _test_module.TestCase # pylint: disable=C6409
# Initially maps a flag to its default value. After
# _ParseAndStripGTestFlags() is called, maps a flag to its actual value.
@@ -88,7 +84,7 @@ def _ParseAndStripGTestFlags(argv):
# Suppresses the lint complaint about a global variable since we need it
# here to maintain module-wide state.
- global _gtest_flags_are_parsed # pylint: disable-msg=W0603
+ global _gtest_flags_are_parsed # pylint: disable=W0603
if _gtest_flags_are_parsed:
return
@@ -145,8 +141,6 @@ atexit.register(_RemoveTempDir)
def GetTempDir():
- """Returns a directory for temporary files."""
-
global _temp_dir
if not _temp_dir:
_temp_dir = tempfile.mkdtemp()
@@ -245,7 +239,7 @@ class Subprocess:
p = subprocess.Popen(command,
stdout=subprocess.PIPE, stderr=stderr,
cwd=working_dir, universal_newlines=True, env=env)
- # communicate returns a tuple with the file obect for the child's
+ # communicate returns a tuple with the file object for the child's
# output.
self.output = p.communicate()[0]
self._return_code = p.returncode
@@ -312,7 +306,7 @@ def Main():
_ParseAndStripGTestFlags(sys.argv)
# The tested binaries should not be writing XML output files unless the
# script explicitly instructs them to.
- # TODO(vladl@google.com): Move this into Subprocess when we implement
+ # FIXME: Move this into Subprocess when we implement
# passing environment into it as a parameter.
if GTEST_OUTPUT_VAR_NAME in os.environ:
del os.environ[GTEST_OUTPUT_VAR_NAME]
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_testbridge_test.py b/security/nss/gtests/google_test/gtest/test/gtest_testbridge_test.py
new file mode 100644
index 000000000..87ffad73d
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/gtest_testbridge_test.py
@@ -0,0 +1,63 @@
+#!/usr/bin/env python
+#
+# Copyright 2018 Google LLC. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+"""Verifies that Google Test uses filter provided via testbridge."""
+
+import os
+
+import gtest_test_utils
+
+binary_name = 'gtest_testbridge_test_'
+COMMAND = gtest_test_utils.GetTestExecutablePath(binary_name)
+TESTBRIDGE_NAME = 'TESTBRIDGE_TEST_ONLY'
+
+
+def Assert(condition):
+ if not condition:
+ raise AssertionError
+
+
+class GTestTestFilterTest(gtest_test_utils.TestCase):
+
+ def testTestExecutionIsFiltered(self):
+ """Tests that the test filter is picked up from the testbridge env var."""
+ subprocess_env = os.environ.copy()
+
+ subprocess_env[TESTBRIDGE_NAME] = '*.TestThatSucceeds'
+ p = gtest_test_utils.Subprocess(COMMAND, env=subprocess_env)
+
+ self.assertEquals(0, p.exit_code)
+
+ Assert('filter = *.TestThatSucceeds' in p.output)
+ Assert('[ OK ] TestFilterTest.TestThatSucceeds' in p.output)
+ Assert('[ PASSED ] 1 test.' in p.output)
+
+
+if __name__ == '__main__':
+ gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_testbridge_test_.cc b/security/nss/gtests/google_test/gtest/test/gtest_testbridge_test_.cc
new file mode 100644
index 000000000..24617b209
--- /dev/null
+++ b/security/nss/gtests/google_test/gtest/test/gtest_testbridge_test_.cc
@@ -0,0 +1,43 @@
+// Copyright 2018, Google LLC.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+// This program is meant to be run by gtest_test_filter_test.py. Do not run
+// it directly.
+
+#include "gtest/gtest.h"
+
+// These tests are used to detect if filtering is working. Only
+// 'TestThatSucceeds' should ever run.
+
+TEST(TestFilterTest, TestThatSucceeds) {}
+
+TEST(TestFilterTest, TestThatFails) {
+ ASSERT_TRUE(false) << "This test should never be run.";
+}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_throw_on_failure_ex_test.cc b/security/nss/gtests/google_test/gtest/test/gtest_throw_on_failure_ex_test.cc
index 8d46c76f1..93f59d49c 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_throw_on_failure_ex_test.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_throw_on_failure_ex_test.cc
@@ -26,8 +26,7 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
// Tests Google Test's throw-on-failure mode with exceptions enabled.
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_throw_on_failure_test.py b/security/nss/gtests/google_test/gtest/test/gtest_throw_on_failure_test.py
deleted file mode 100755
index 5678ffeaf..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_throw_on_failure_test.py
+++ /dev/null
@@ -1,171 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2009, Google Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-# * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-"""Tests Google Test's throw-on-failure mode with exceptions disabled.
-
-This script invokes gtest_throw_on_failure_test_ (a program written with
-Google Test) with different environments and command line flags.
-"""
-
-__author__ = 'wan@google.com (Zhanyong Wan)'
-
-import os
-import gtest_test_utils
-
-
-# Constants.
-
-# The command line flag for enabling/disabling the throw-on-failure mode.
-THROW_ON_FAILURE = 'gtest_throw_on_failure'
-
-# Path to the gtest_throw_on_failure_test_ program, compiled with
-# exceptions disabled.
-EXE_PATH = gtest_test_utils.GetTestExecutablePath(
- 'gtest_throw_on_failure_test_')
-
-
-# Utilities.
-
-
-def SetEnvVar(env_var, value):
- """Sets an environment variable to a given value; unsets it when the
- given value is None.
- """
-
- env_var = env_var.upper()
- if value is not None:
- os.environ[env_var] = value
- elif env_var in os.environ:
- del os.environ[env_var]
-
-
-def Run(command):
- """Runs a command; returns True/False if its exit code is/isn't 0."""
-
- print 'Running "%s". . .' % ' '.join(command)
- p = gtest_test_utils.Subprocess(command)
- return p.exited and p.exit_code == 0
-
-
-# The tests. TODO(wan@google.com): refactor the class to share common
-# logic with code in gtest_break_on_failure_unittest.py.
-class ThrowOnFailureTest(gtest_test_utils.TestCase):
- """Tests the throw-on-failure mode."""
-
- def RunAndVerify(self, env_var_value, flag_value, should_fail):
- """Runs gtest_throw_on_failure_test_ and verifies that it does
- (or does not) exit with a non-zero code.
-
- Args:
- env_var_value: value of the GTEST_BREAK_ON_FAILURE environment
- variable; None if the variable should be unset.
- flag_value: value of the --gtest_break_on_failure flag;
- None if the flag should not be present.
- should_fail: True iff the program is expected to fail.
- """
-
- SetEnvVar(THROW_ON_FAILURE, env_var_value)
-
- if env_var_value is None:
- env_var_value_msg = ' is not set'
- else:
- env_var_value_msg = '=' + env_var_value
-
- if flag_value is None:
- flag = ''
- elif flag_value == '0':
- flag = '--%s=0' % THROW_ON_FAILURE
- else:
- flag = '--%s' % THROW_ON_FAILURE
-
- command = [EXE_PATH]
- if flag:
- command.append(flag)
-
- if should_fail:
- should_or_not = 'should'
- else:
- should_or_not = 'should not'
-
- failed = not Run(command)
-
- SetEnvVar(THROW_ON_FAILURE, None)
-
- msg = ('when %s%s, an assertion failure in "%s" %s cause a non-zero '
- 'exit code.' %
- (THROW_ON_FAILURE, env_var_value_msg, ' '.join(command),
- should_or_not))
- self.assert_(failed == should_fail, msg)
-
- def testDefaultBehavior(self):
- """Tests the behavior of the default mode."""
-
- self.RunAndVerify(env_var_value=None, flag_value=None, should_fail=False)
-
- def testThrowOnFailureEnvVar(self):
- """Tests using the GTEST_THROW_ON_FAILURE environment variable."""
-
- self.RunAndVerify(env_var_value='0',
- flag_value=None,
- should_fail=False)
- self.RunAndVerify(env_var_value='1',
- flag_value=None,
- should_fail=True)
-
- def testThrowOnFailureFlag(self):
- """Tests using the --gtest_throw_on_failure flag."""
-
- self.RunAndVerify(env_var_value=None,
- flag_value='0',
- should_fail=False)
- self.RunAndVerify(env_var_value=None,
- flag_value='1',
- should_fail=True)
-
- def testThrowOnFailureFlagOverridesEnvVar(self):
- """Tests that --gtest_throw_on_failure overrides GTEST_THROW_ON_FAILURE."""
-
- self.RunAndVerify(env_var_value='0',
- flag_value='0',
- should_fail=False)
- self.RunAndVerify(env_var_value='0',
- flag_value='1',
- should_fail=True)
- self.RunAndVerify(env_var_value='1',
- flag_value='0',
- should_fail=False)
- self.RunAndVerify(env_var_value='1',
- flag_value='1',
- should_fail=True)
-
-
-if __name__ == '__main__':
- gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_throw_on_failure_test_.cc b/security/nss/gtests/google_test/gtest/test/gtest_throw_on_failure_test_.cc
deleted file mode 100644
index 2b88fe3d9..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_throw_on_failure_test_.cc
+++ /dev/null
@@ -1,72 +0,0 @@
-// Copyright 2009, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
-// Tests Google Test's throw-on-failure mode with exceptions disabled.
-//
-// This program must be compiled with exceptions disabled. It will be
-// invoked by gtest_throw_on_failure_test.py, and is expected to exit
-// with non-zero in the throw-on-failure mode or 0 otherwise.
-
-#include "gtest/gtest.h"
-
-#include <stdio.h> // for fflush, fprintf, NULL, etc.
-#include <stdlib.h> // for exit
-#include <exception> // for set_terminate
-
-// This terminate handler aborts the program using exit() rather than abort().
-// This avoids showing pop-ups on Windows systems and core dumps on Unix-like
-// ones.
-void TerminateHandler() {
- fprintf(stderr, "%s\n", "Unhandled C++ exception terminating the program.");
- fflush(NULL);
- exit(1);
-}
-
-int main(int argc, char** argv) {
-#if GTEST_HAS_EXCEPTIONS
- std::set_terminate(&TerminateHandler);
-#endif
- testing::InitGoogleTest(&argc, argv);
-
- // We want to ensure that people can use Google Test assertions in
- // other testing frameworks, as long as they initialize Google Test
- // properly and set the throw-on-failure mode. Therefore, we don't
- // use Google Test's constructs for defining and running tests
- // (e.g. TEST and RUN_ALL_TESTS) here.
-
- // In the throw-on-failure mode with exceptions disabled, this
- // assertion will cause the program to exit with a non-zero code.
- EXPECT_EQ(2, 3);
-
- // When not in the throw-on-failure mode, the control will reach
- // here.
- return 0;
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_uninitialized_test.py b/security/nss/gtests/google_test/gtest/test/gtest_uninitialized_test.py
deleted file mode 100755
index 6ae57eeed..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_uninitialized_test.py
+++ /dev/null
@@ -1,70 +0,0 @@
-#!/usr/bin/env python
-#
-# Copyright 2008, Google Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-# * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-# * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-"""Verifies that Google Test warns the user when not initialized properly."""
-
-__author__ = 'wan@google.com (Zhanyong Wan)'
-
-import gtest_test_utils
-
-
-COMMAND = gtest_test_utils.GetTestExecutablePath('gtest_uninitialized_test_')
-
-
-def Assert(condition):
- if not condition:
- raise AssertionError
-
-
-def AssertEq(expected, actual):
- if expected != actual:
- print 'Expected: %s' % (expected,)
- print ' Actual: %s' % (actual,)
- raise AssertionError
-
-
-def TestExitCodeAndOutput(command):
- """Runs the given command and verifies its exit code and output."""
-
- # Verifies that 'command' exits with code 1.
- p = gtest_test_utils.Subprocess(command)
- Assert(p.exited)
- AssertEq(1, p.exit_code)
- Assert('InitGoogleTest' in p.output)
-
-
-class GTestUninitializedTest(gtest_test_utils.TestCase):
- def testExitCodeAndOutput(self):
- TestExitCodeAndOutput(COMMAND)
-
-
-if __name__ == '__main__':
- gtest_test_utils.Main()
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_uninitialized_test_.cc b/security/nss/gtests/google_test/gtest/test/gtest_uninitialized_test_.cc
deleted file mode 100644
index 44316987f..000000000
--- a/security/nss/gtests/google_test/gtest/test/gtest_uninitialized_test_.cc
+++ /dev/null
@@ -1,43 +0,0 @@
-// Copyright 2008, Google Inc.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
-
-#include "gtest/gtest.h"
-
-TEST(DummyTest, Dummy) {
- // This test doesn't verify anything. We just need it to create a
- // realistic stage for testing the behavior of Google Test when
- // RUN_ALL_TESTS() is called without testing::InitGoogleTest() being
- // called first.
-}
-
-int main() {
- return RUN_ALL_TESTS();
-}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_unittest.cc b/security/nss/gtests/google_test/gtest/test/gtest_unittest.cc
index 9625fa4e8..f7213fbf3 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_unittest.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_unittest.cc
@@ -26,17 +26,16 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-//
-// Author: wan@google.com (Zhanyong Wan)
+
//
// Tests for Google Test itself. This verifies that the basic constructs of
// Google Test work.
#include "gtest/gtest.h"
-// Verifies that the command line flag variables can be accessed
-// in code once <gtest/gtest.h> has been #included.
-// Do not move it after other #includes.
+// Verifies that the command line flag variables can be accessed in
+// code once "gtest.h" has been #included.
+// Do not move it after other gtest #includes.
TEST(CommandLineFlagsTest, CanBeAccessedInCodeOnceGTestHIsIncluded) {
bool dummy = testing::GTEST_FLAG(also_run_disabled_tests)
|| testing::GTEST_FLAG(break_on_failure)
@@ -64,17 +63,12 @@ TEST(CommandLineFlagsTest, CanBeAccessedInCodeOnceGTestHIsIncluded) {
#include <map>
#include <vector>
#include <ostream>
+#if GTEST_LANG_CXX11
+#include <unordered_set>
+#endif // GTEST_LANG_CXX11
#include "gtest/gtest-spi.h"
-
-// Indicates that this translation unit is part of Google Test's
-// implementation. It must come before gtest-internal-inl.h is
-// included, or there will be a compiler error. This trick is to
-// prevent a user from accidentally including gtest-internal-inl.h in
-// his code.
-#define GTEST_IMPLEMENTATION_ 1
#include "src/gtest-internal-inl.h"
-#undef GTEST_IMPLEMENTATION_
namespace testing {
namespace internal {
@@ -86,18 +80,19 @@ class StreamingListenerTest : public Test {
class FakeSocketWriter : public StreamingListener::AbstractSocketWriter {
public:
// Sends a string to the socket.
- virtual void Send(const string& message) { output_ += message; }
+ virtual void Send(const std::string& message) { output_ += message; }
- string output_;
+ std::string output_;
};
StreamingListenerTest()
: fake_sock_writer_(new FakeSocketWriter),
streamer_(fake_sock_writer_),
- test_info_obj_("FooTest", "Bar", NULL, NULL, 0, NULL) {}
+ test_info_obj_("FooTest", "Bar", NULL, NULL,
+ CodeLocation(__FILE__, __LINE__), 0, NULL) {}
protected:
- string* output() { return &(fake_sock_writer_->output_); }
+ std::string* output() { return &(fake_sock_writer_->output_); }
FakeSocketWriter* const fake_sock_writer_;
StreamingListener streamer_;
@@ -265,6 +260,8 @@ using testing::internal::IsContainer;
using testing::internal::IsContainerTest;
using testing::internal::IsNotContainer;
using testing::internal::NativeArray;
+using testing::internal::OsStackTraceGetter;
+using testing::internal::OsStackTraceGetterInterface;
using testing::internal::ParseInt32Flag;
using testing::internal::RelationToSourceCopy;
using testing::internal::RelationToSourceReference;
@@ -281,13 +278,13 @@ using testing::internal::String;
using testing::internal::TestEventListenersAccessor;
using testing::internal::TestResultAccessor;
using testing::internal::UInt32;
+using testing::internal::UnitTestImpl;
using testing::internal::WideStringToUtf8;
using testing::internal::edit_distance::CalculateOptimalEdits;
using testing::internal::edit_distance::CreateUnifiedDiff;
using testing::internal::edit_distance::EditType;
using testing::internal::kMaxRandomSeed;
using testing::internal::kTestTypeIdInGoogleTest;
-using testing::internal::scoped_ptr;
using testing::kMaxStackTraceDepth;
#if GTEST_HAS_STREAM_REDIRECTION
@@ -382,6 +379,31 @@ TEST(GetTestTypeIdTest, ReturnsTheSameValueInsideOrOutsideOfGoogleTest) {
EXPECT_EQ(kTestTypeIdInGoogleTest, GetTestTypeId());
}
+// Tests CanonicalizeForStdLibVersioning.
+
+using ::testing::internal::CanonicalizeForStdLibVersioning;
+
+TEST(CanonicalizeForStdLibVersioning, LeavesUnversionedNamesUnchanged) {
+ EXPECT_EQ("std::bind", CanonicalizeForStdLibVersioning("std::bind"));
+ EXPECT_EQ("std::_", CanonicalizeForStdLibVersioning("std::_"));
+ EXPECT_EQ("std::__foo", CanonicalizeForStdLibVersioning("std::__foo"));
+ EXPECT_EQ("gtl::__1::x", CanonicalizeForStdLibVersioning("gtl::__1::x"));
+ EXPECT_EQ("__1::x", CanonicalizeForStdLibVersioning("__1::x"));
+ EXPECT_EQ("::__1::x", CanonicalizeForStdLibVersioning("::__1::x"));
+}
+
+TEST(CanonicalizeForStdLibVersioning, ElidesDoubleUnderNames) {
+ EXPECT_EQ("std::bind", CanonicalizeForStdLibVersioning("std::__1::bind"));
+ EXPECT_EQ("std::_", CanonicalizeForStdLibVersioning("std::__1::_"));
+
+ EXPECT_EQ("std::bind", CanonicalizeForStdLibVersioning("std::__g::bind"));
+ EXPECT_EQ("std::_", CanonicalizeForStdLibVersioning("std::__g::_"));
+
+ EXPECT_EQ("std::bind",
+ CanonicalizeForStdLibVersioning("std::__google::bind"));
+ EXPECT_EQ("std::_", CanonicalizeForStdLibVersioning("std::__google::_"));
+}
+
// Tests FormatTimeInMillisAsSeconds().
TEST(FormatTimeInMillisAsSecondsTest, FormatsZero) {
@@ -421,10 +443,10 @@ class FormatEpochTimeInMillisAsIso8601Test : public Test {
virtual void SetUp() {
saved_tz_ = NULL;
- GTEST_DISABLE_MSC_WARNINGS_PUSH_(4996 /* PR_GetEnvSecure, strdup: deprecated */)
- if (PR_GetEnvSecure("TZ"))
- saved_tz_ = strdup(PR_GetEnvSecure("TZ"));
- GTEST_DISABLE_MSC_WARNINGS_POP_()
+ GTEST_DISABLE_MSC_DEPRECATED_PUSH_(/* getenv, strdup: deprecated */)
+ if (getenv("TZ"))
+ saved_tz_ = strdup(getenv("TZ"));
+ GTEST_DISABLE_MSC_DEPRECATED_POP_()
// Set up the time zone for FormatEpochTimeInMillisAsIso8601 to use. We
// cannot use the local time zone because the function's output depends
@@ -442,7 +464,7 @@ class FormatEpochTimeInMillisAsIso8601Test : public Test {
// tzset() distinguishes between the TZ variable being present and empty
// and not being present, so we have to consider the case of time_zone
// being NULL.
-#if _MSC_VER
+#if _MSC_VER || GTEST_OS_WINDOWS_MINGW
// ...Unless it's MSVC, whose standard library's _putenv doesn't
// distinguish between an empty and a missing variable.
const std::string env_var =
@@ -546,7 +568,7 @@ TEST(CodePointToUtf8Test, CanEncode8To11Bits) {
// 101 0111 0110 => 110-10101 10-110110
// Some compilers (e.g., GCC on MinGW) cannot handle non-ASCII codepoints
- // in wide strings and wide chars. In order to accomodate them, we have to
+ // in wide strings and wide chars. In order to accommodate them, we have to
// introduce such character constants as integers.
EXPECT_EQ("\xD5\xB6",
CodePointToUtf8(static_cast<wchar_t>(0x576)));
@@ -1362,8 +1384,7 @@ class TestResultTest : public Test {
// In order to test TestResult, we need to modify its internal
// state, in particular the TestPartResult vector it holds.
// test_part_results() returns a const reference to this vector.
- // We cast it to a non-const object s.t. it can be modified (yes,
- // this is a hack).
+ // We cast it to a non-const object s.t. it can be modified
TPRVector* results1 = const_cast<TPRVector*>(
&TestResultAccessor::test_part_results(*r1));
TPRVector* results2 = const_cast<TPRVector*>(
@@ -1388,7 +1409,7 @@ class TestResultTest : public Test {
delete r2;
}
- // Helper that compares two two TestPartResults.
+ // Helper that compares two TestPartResults.
static void CompareTestPartResult(const TestPartResult& expected,
const TestPartResult& actual) {
EXPECT_EQ(expected.type(), actual.type());
@@ -1518,6 +1539,16 @@ TEST(TestResultPropertyTest, GetTestProperty) {
EXPECT_DEATH_IF_SUPPORTED(test_result.GetTestProperty(-1), "");
}
+// Tests the Test class.
+//
+// It's difficult to test every public method of this class (we are
+// already stretching the limit of Google Test by using it to test itself!).
+// Fortunately, we don't have to do that, as we are already testing
+// the functionalities of the Test class extensively by using Google Test
+// alone.
+//
+// Therefore, this section only contains one test.
+
// Tests that GTestFlagSaver works on Windows and Mac.
class GTestFlagSaverTest : public Test {
@@ -1661,6 +1692,8 @@ TEST(Int32FromGTestEnvTest, ReturnsDefaultWhenVariableIsNotSet) {
EXPECT_EQ(10, Int32FromGTestEnv("temp", 10));
}
+# if !defined(GTEST_GET_INT32_FROM_ENV_)
+
// Tests that Int32FromGTestEnv() returns the default value when the
// environment variable overflows as an Int32.
TEST(Int32FromGTestEnvTest, ReturnsDefaultWhenValueOverflows) {
@@ -1685,6 +1718,8 @@ TEST(Int32FromGTestEnvTest, ReturnsDefaultWhenValueIsInvalid) {
EXPECT_EQ(50, Int32FromGTestEnv("temp", 50));
}
+# endif // !defined(GTEST_GET_INT32_FROM_ENV_)
+
// Tests that Int32FromGTestEnv() parses and returns the value of the
// environment variable when it represents a valid decimal integer in
// the range of an Int32.
@@ -1773,7 +1808,7 @@ TEST(Int32FromEnvOrDieDeathTest, AbortsOnFailure) {
}
// Tests that Int32FromEnvOrDie() aborts with an error message
-// if the variable cannot be represnted by an Int32.
+// if the variable cannot be represented by an Int32.
TEST(Int32FromEnvOrDieDeathTest, AbortsOnInt32Overflow) {
SetEnv(GTEST_FLAG_PREFIX_UPPER_ "VAR", "1234567891234567891234");
EXPECT_DEATH_IF_SUPPORTED(
@@ -2055,8 +2090,8 @@ TEST_F(UnitTestRecordPropertyTest,
AddRecordWithReservedKeysGeneratesCorrectPropertyList) {
EXPECT_NONFATAL_FAILURE(
Test::RecordProperty("name", "1"),
- "'classname', 'name', 'status', 'time', 'type_param', and 'value_param'"
- " are reserved");
+ "'classname', 'name', 'status', 'time', 'type_param', 'value_param',"
+ " 'file', and 'line' are reserved");
}
class UnitTestRecordPropertyTestEnvironment : public Environment {
@@ -2416,7 +2451,7 @@ TEST(StringAssertionTest, ASSERT_STREQ) {
ASSERT_STREQ(p1, p2);
EXPECT_FATAL_FAILURE(ASSERT_STREQ("bad", "good"),
- "Expected: \"bad\"");
+ " \"bad\"\n \"good\"");
}
// Tests ASSERT_STREQ with NULL arguments.
@@ -2452,7 +2487,7 @@ TEST(StringAssertionTest, ASSERT_STRCASEEQ) {
ASSERT_STRCASEEQ("", "");
EXPECT_FATAL_FAILURE(ASSERT_STRCASEEQ("Hi", "hi2"),
- "(ignoring case)");
+ "Ignoring case");
}
// Tests ASSERT_STRCASENE.
@@ -3101,13 +3136,13 @@ TEST(DISABLED_TestCase, DISABLED_TestShouldNotRun) {
FAIL() << "Unexpected failure: Test in disabled test case should not be run.";
}
-// Check that when all tests in a test case are disabled, SetupTestCase() and
+// Check that when all tests in a test case are disabled, SetUpTestCase() and
// TearDownTestCase() are not called.
class DisabledTestsTest : public Test {
protected:
static void SetUpTestCase() {
FAIL() << "Unexpected failure: All tests disabled in test case. "
- "SetupTestCase() should not be called.";
+ "SetUpTestCase() should not be called.";
}
static void TearDownTestCase() {
@@ -3246,7 +3281,7 @@ TEST_F(SingleEvaluationTest, ASSERT_STR) {
// failed EXPECT_STRCASEEQ
EXPECT_NONFATAL_FAILURE(EXPECT_STRCASEEQ(p1_++, p2_++),
- "ignoring case");
+ "Ignoring case");
EXPECT_EQ(s1_ + 2, p1_);
EXPECT_EQ(s2_ + 2, p2_);
}
@@ -3354,7 +3389,7 @@ class NoFatalFailureTest : public Test {
void DoAssertNoFatalFailureOnFails() {
ASSERT_NO_FATAL_FAILURE(Fails());
- ADD_FAILURE() << "shold not reach here.";
+ ADD_FAILURE() << "should not reach here.";
}
void DoExpectNoFatalFailureOnFails() {
@@ -3514,35 +3549,39 @@ TEST(AssertionTest, EqFailure) {
EqFailure("foo", "bar", foo_val, bar_val, false)
.failure_message());
EXPECT_STREQ(
- "Value of: bar\n"
- " Actual: 6\n"
- "Expected: foo\n"
- "Which is: 5",
+ "Expected equality of these values:\n"
+ " foo\n"
+ " Which is: 5\n"
+ " bar\n"
+ " Which is: 6",
msg1.c_str());
const std::string msg2(
EqFailure("foo", "6", foo_val, bar_val, false)
.failure_message());
EXPECT_STREQ(
- "Value of: 6\n"
- "Expected: foo\n"
- "Which is: 5",
+ "Expected equality of these values:\n"
+ " foo\n"
+ " Which is: 5\n"
+ " 6",
msg2.c_str());
const std::string msg3(
EqFailure("5", "bar", foo_val, bar_val, false)
.failure_message());
EXPECT_STREQ(
- "Value of: bar\n"
- " Actual: 6\n"
- "Expected: 5",
+ "Expected equality of these values:\n"
+ " 5\n"
+ " bar\n"
+ " Which is: 6",
msg3.c_str());
const std::string msg4(
EqFailure("5", "6", foo_val, bar_val, false).failure_message());
EXPECT_STREQ(
- "Value of: 6\n"
- "Expected: 5",
+ "Expected equality of these values:\n"
+ " 5\n"
+ " 6",
msg4.c_str());
const std::string msg5(
@@ -3550,10 +3589,12 @@ TEST(AssertionTest, EqFailure) {
std::string("\"x\""), std::string("\"y\""),
true).failure_message());
EXPECT_STREQ(
- "Value of: bar\n"
- " Actual: \"y\"\n"
- "Expected: foo (ignoring case)\n"
- "Which is: \"x\"",
+ "Expected equality of these values:\n"
+ " foo\n"
+ " Which is: \"x\"\n"
+ " bar\n"
+ " Which is: \"y\"\n"
+ "Ignoring case",
msg5.c_str());
}
@@ -3565,11 +3606,12 @@ TEST(AssertionTest, EqFailureWithDiff) {
const std::string msg1(
EqFailure("left", "right", left, right, false).failure_message());
EXPECT_STREQ(
- "Value of: right\n"
- " Actual: 1\\n2\\n3\\n4\\n5\\n6\\n7\\n8\\n9\\n11\\n12\\n13\\n14\n"
- "Expected: left\n"
- "Which is: "
+ "Expected equality of these values:\n"
+ " left\n"
+ " Which is: "
"1\\n2XXX\\n3\\n5\\n6\\n7\\n8\\n9\\n10\\n11\\n12XXX\\n13\\n14\\n15\n"
+ " right\n"
+ " Which is: 1\\n2\\n3\\n4\\n5\\n6\\n7\\n8\\n9\\n11\\n12\\n13\\n14\n"
"With diff:\n@@ -1,5 +1,6 @@\n 1\n-2XXX\n+2\n 3\n+4\n 5\n 6\n"
"@@ -7,8 +8,6 @@\n 8\n 9\n-10\n 11\n-12XXX\n+12\n 13\n 14\n-15\n",
msg1.c_str());
@@ -3644,7 +3686,7 @@ TEST(AssertionTest, AssertFalseWithAssertionResult) {
}
#ifdef __BORLANDC__
-// Restores warnings after previous "#pragma option push" supressed them
+// Restores warnings after previous "#pragma option push" suppressed them
# pragma option pop
#endif
@@ -3664,9 +3706,10 @@ TEST(ExpectTest, ASSERT_EQ_Double) {
TEST(AssertionTest, ASSERT_EQ) {
ASSERT_EQ(5, 2 + 3);
EXPECT_FATAL_FAILURE(ASSERT_EQ(5, 2*3),
- "Value of: 2*3\n"
- " Actual: 6\n"
- "Expected: 5");
+ "Expected equality of these values:\n"
+ " 5\n"
+ " 2*3\n"
+ " Which is: 6");
}
// Tests ASSERT_EQ(NULL, pointer).
@@ -3674,7 +3717,7 @@ TEST(AssertionTest, ASSERT_EQ) {
TEST(AssertionTest, ASSERT_EQ_NULL) {
// A success.
const char* p = NULL;
- // Some older GCC versions may issue a spurious waring in this or the next
+ // Some older GCC versions may issue a spurious warning in this or the next
// assertion statement. This warning should not be suppressed with
// static_cast since the test verifies the ability to use bare NULL as the
// expected parameter to the macro.
@@ -3683,7 +3726,7 @@ TEST(AssertionTest, ASSERT_EQ_NULL) {
// A failure.
static int n = 0;
EXPECT_FATAL_FAILURE(ASSERT_EQ(NULL, &n),
- "Value of: &n\n");
+ " &n\n Which is:");
}
#endif // GTEST_CAN_COMPARE_NULL
@@ -3699,7 +3742,7 @@ TEST(ExpectTest, ASSERT_EQ_0) {
// A failure.
EXPECT_FATAL_FAILURE(ASSERT_EQ(0, 5.6),
- "Expected: 0");
+ " 0\n 5.6");
}
// Tests ASSERT_NE.
@@ -3798,7 +3841,7 @@ void TestEq1(int x) {
// Tests calling a test subroutine that's not part of a fixture.
TEST(AssertionTest, NonFixtureSubroutine) {
EXPECT_FATAL_FAILURE(TestEq1(2),
- "Value of: x");
+ " x\n Which is: 2");
}
// An uncopyable class.
@@ -3847,7 +3890,8 @@ TEST(AssertionTest, AssertWorksWithUncopyableObject) {
EXPECT_FATAL_FAILURE(TestAssertNonPositive(),
"IsPositiveUncopyable(y) evaluates to false, where\ny evaluates to -1");
EXPECT_FATAL_FAILURE(TestAssertEqualsUncopyable(),
- "Value of: y\n Actual: -1\nExpected: x\nWhich is: 5");
+ "Expected equality of these values:\n"
+ " x\n Which is: 5\n y\n Which is: -1");
}
// Tests that uncopyable objects can be used in expects.
@@ -3859,7 +3903,8 @@ TEST(AssertionTest, ExpectWorksWithUncopyableObject) {
"IsPositiveUncopyable(y) evaluates to false, where\ny evaluates to -1");
EXPECT_EQ(x, x);
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(x, y),
- "Value of: y\n Actual: -1\nExpected: x\nWhich is: 5");
+ "Expected equality of these values:\n"
+ " x\n Which is: 5\n y\n Which is: -1");
}
enum NamedEnum {
@@ -3871,7 +3916,7 @@ TEST(AssertionTest, NamedEnum) {
EXPECT_EQ(kE1, kE1);
EXPECT_LT(kE1, kE2);
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(kE1, kE2), "Which is: 0");
- EXPECT_NONFATAL_FAILURE(EXPECT_EQ(kE1, kE2), "Actual: 1");
+ EXPECT_NONFATAL_FAILURE(EXPECT_EQ(kE1, kE2), "Which is: 1");
}
// The version of gcc used in XCode 2.2 has a bug and doesn't allow
@@ -3935,13 +3980,13 @@ TEST(AssertionTest, AnonymousEnum) {
// ICE's in C++Builder.
EXPECT_FATAL_FAILURE(ASSERT_EQ(kCaseA, kCaseB),
- "Value of: kCaseB");
+ " kCaseB\n Which is: ");
EXPECT_FATAL_FAILURE(ASSERT_EQ(kCaseA, kCaseC),
- "Actual: 42");
+ "\n Which is: 42");
# endif
EXPECT_FATAL_FAILURE(ASSERT_EQ(kCaseA, kCaseC),
- "Which is: -1");
+ "\n Which is: -1");
}
#endif // !GTEST_OS_MAC && !defined(__SUNPRO_CC)
@@ -4367,7 +4412,7 @@ TEST(ExpectTest, ExpectFalseWithAssertionResult) {
}
#ifdef __BORLANDC__
-// Restores warnings after previous "#pragma option push" supressed them
+// Restores warnings after previous "#pragma option push" suppressed them
# pragma option pop
#endif
@@ -4375,9 +4420,10 @@ TEST(ExpectTest, ExpectFalseWithAssertionResult) {
TEST(ExpectTest, EXPECT_EQ) {
EXPECT_EQ(5, 2 + 3);
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(5, 2*3),
- "Value of: 2*3\n"
- " Actual: 6\n"
- "Expected: 5");
+ "Expected equality of these values:\n"
+ " 5\n"
+ " 2*3\n"
+ " Which is: 6");
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(5, 2 - 3),
"2 - 3");
}
@@ -4408,7 +4454,7 @@ TEST(ExpectTest, EXPECT_EQ_NULL) {
// A failure.
int n = 0;
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(NULL, &n),
- "Value of: &n\n");
+ " &n\n Which is:");
}
#endif // GTEST_CAN_COMPARE_NULL
@@ -4424,7 +4470,7 @@ TEST(ExpectTest, EXPECT_EQ_0) {
// A failure.
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(0, 5.6),
- "Expected: 0");
+ " 0\n 5.6");
}
// Tests EXPECT_NE.
@@ -4524,7 +4570,7 @@ TEST(ExpectTest, EXPECT_ANY_THROW) {
TEST(ExpectTest, ExpectPrecedence) {
EXPECT_EQ(1 < 2, true);
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(true, true && false),
- "Value of: true && false");
+ " true && false\n Which is: false");
}
@@ -4641,7 +4687,7 @@ TEST(MacroTest, ADD_FAILURE_AT) {
// Unfortunately, we cannot verify that the failure message contains
// the right file path and line number the same way, as
// EXPECT_NONFATAL_FAILURE() doesn't get to see the file path and
- // line number. Instead, we do that in gtest_output_test_.cc.
+ // line number. Instead, we do that in googletest-output-test_.cc.
}
// Tests FAIL.
@@ -4671,14 +4717,14 @@ TEST(EqAssertionTest, Bool) {
EXPECT_FATAL_FAILURE({
bool false_value = false;
ASSERT_EQ(false_value, true);
- }, "Value of: true");
+ }, " false_value\n Which is: false\n true");
}
// Tests using int values in {EXPECT|ASSERT}_EQ.
TEST(EqAssertionTest, Int) {
ASSERT_EQ(32, 32);
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(32, 33),
- "33");
+ " 32\n 33");
}
// Tests using time_t values in {EXPECT|ASSERT}_EQ.
@@ -4695,9 +4741,9 @@ TEST(EqAssertionTest, Char) {
ASSERT_EQ('z', 'z');
const char ch = 'b';
EXPECT_NONFATAL_FAILURE(EXPECT_EQ('\0', ch),
- "ch");
+ " ch\n Which is: 'b'");
EXPECT_NONFATAL_FAILURE(EXPECT_EQ('a', ch),
- "ch");
+ " ch\n Which is: 'b'");
}
// Tests using wchar_t values in {EXPECT|ASSERT}_EQ.
@@ -4705,10 +4751,11 @@ TEST(EqAssertionTest, WideChar) {
EXPECT_EQ(L'b', L'b');
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(L'\0', L'x'),
- "Value of: L'x'\n"
- " Actual: L'x' (120, 0x78)\n"
- "Expected: L'\0'\n"
- "Which is: L'\0' (0, 0x0)");
+ "Expected equality of these values:\n"
+ " L'\0'\n"
+ " Which is: L'\0' (0, 0x0)\n"
+ " L'x'\n"
+ " Which is: L'x' (120, 0x78)");
static wchar_t wchar;
wchar = L'b';
@@ -4716,7 +4763,7 @@ TEST(EqAssertionTest, WideChar) {
"wchar");
wchar = 0x8119;
EXPECT_FATAL_FAILURE(ASSERT_EQ(static_cast<wchar_t>(0x8120), wchar),
- "Value of: wchar");
+ " wchar\n Which is: L'");
}
// Tests using ::std::string values in {EXPECT|ASSERT}_EQ.
@@ -4745,8 +4792,7 @@ TEST(EqAssertionTest, StdString) {
static ::std::string str3(str1);
str3.at(2) = '\0';
EXPECT_FATAL_FAILURE(ASSERT_EQ(str1, str3),
- "Value of: str3\n"
- " Actual: \"A \\0 in the middle\"");
+ " str3\n Which is: \"A \\0 in the middle\"");
}
#if GTEST_HAS_STD_WSTRING
@@ -4866,9 +4912,9 @@ TEST(EqAssertionTest, CharPointer) {
ASSERT_EQ(p1, p1);
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(p0, p2),
- "Value of: p2");
+ " p2\n Which is:");
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(p1, p2),
- "p2");
+ " p2\n Which is:");
EXPECT_FATAL_FAILURE(ASSERT_EQ(reinterpret_cast<char*>(0x1234),
reinterpret_cast<char*>(0xABC0)),
"ABC0");
@@ -4888,9 +4934,9 @@ TEST(EqAssertionTest, WideCharPointer) {
EXPECT_EQ(p0, p0);
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(p0, p2),
- "Value of: p2");
+ " p2\n Which is:");
EXPECT_NONFATAL_FAILURE(EXPECT_EQ(p1, p2),
- "p2");
+ " p2\n Which is:");
void* pv3 = (void*)0x1234; // NOLINT
void* pv4 = (void*)0xABC0; // NOLINT
const wchar_t* p3 = reinterpret_cast<const wchar_t*>(pv3);
@@ -5319,6 +5365,59 @@ TEST_F(TestInfoTest, result) {
ASSERT_EQ(0, GetTestResult(test_info)->total_part_count());
}
+#define VERIFY_CODE_LOCATION \
+ const int expected_line = __LINE__ - 1; \
+ const TestInfo* const test_info = GetUnitTestImpl()->current_test_info(); \
+ ASSERT_TRUE(test_info); \
+ EXPECT_STREQ(__FILE__, test_info->file()); \
+ EXPECT_EQ(expected_line, test_info->line())
+
+TEST(CodeLocationForTEST, Verify) {
+ VERIFY_CODE_LOCATION;
+}
+
+class CodeLocationForTESTF : public Test {
+};
+
+TEST_F(CodeLocationForTESTF, Verify) {
+ VERIFY_CODE_LOCATION;
+}
+
+class CodeLocationForTESTP : public TestWithParam<int> {
+};
+
+TEST_P(CodeLocationForTESTP, Verify) {
+ VERIFY_CODE_LOCATION;
+}
+
+INSTANTIATE_TEST_CASE_P(, CodeLocationForTESTP, Values(0));
+
+template <typename T>
+class CodeLocationForTYPEDTEST : public Test {
+};
+
+TYPED_TEST_CASE(CodeLocationForTYPEDTEST, int);
+
+TYPED_TEST(CodeLocationForTYPEDTEST, Verify) {
+ VERIFY_CODE_LOCATION;
+}
+
+template <typename T>
+class CodeLocationForTYPEDTESTP : public Test {
+};
+
+TYPED_TEST_CASE_P(CodeLocationForTYPEDTESTP);
+
+TYPED_TEST_P(CodeLocationForTYPEDTESTP, Verify) {
+ VERIFY_CODE_LOCATION;
+}
+
+REGISTER_TYPED_TEST_CASE_P(CodeLocationForTYPEDTESTP, Verify);
+
+INSTANTIATE_TYPED_TEST_CASE_P(My, CodeLocationForTYPEDTESTP, int);
+
+#undef VERIFY_CODE_LOCATION
+
// Tests setting up and tearing down a test case.
class SetUpTestCaseTest : public Test {
@@ -5382,7 +5481,8 @@ TEST_F(SetUpTestCaseTest, Test2) {
EXPECT_STREQ("123", shared_resource_);
}
-// The InitGoogleTestTest test case tests testing::InitGoogleTest().
+
+// The ParseFlagsTest test case tests ParseGoogleTestFlagsOnly.
// The Flags struct stores a copy of all Google Test flags.
struct Flags {
@@ -5468,8 +5568,8 @@ struct Flags {
return flags;
}
- // Creates a Flags struct where the gtest_random_seed flag has
- // the given value.
+ // Creates a Flags struct where the gtest_random_seed flag has the given
+ // value.
static Flags RandomSeed(Int32 random_seed) {
Flags flags;
flags.random_seed = random_seed;
@@ -5484,8 +5584,8 @@ struct Flags {
return flags;
}
- // Creates a Flags struct where the gtest_shuffle flag has
- // the given value.
+ // Creates a Flags struct where the gtest_shuffle flag has the given
+ // value.
static Flags Shuffle(bool shuffle) {
Flags flags;
flags.shuffle = shuffle;
@@ -5533,8 +5633,8 @@ struct Flags {
bool throw_on_failure;
};
-// Fixture for testing InitGoogleTest().
-class InitGoogleTestTest : public Test {
+// Fixture for testing ParseGoogleTestFlagsOnly().
+class ParseFlagsTest : public Test {
protected:
// Clears the flags before each test.
virtual void SetUp() {
@@ -5595,16 +5695,16 @@ class InitGoogleTestTest : public Test {
const bool saved_help_flag = ::testing::internal::g_help_flag;
::testing::internal::g_help_flag = false;
-#if GTEST_HAS_STREAM_REDIRECTION
+# if GTEST_HAS_STREAM_REDIRECTION
CaptureStdout();
-#endif
+# endif
// Parses the command line.
internal::ParseGoogleTestFlagsOnly(&argc1, const_cast<CharType**>(argv1));
-#if GTEST_HAS_STREAM_REDIRECTION
+# if GTEST_HAS_STREAM_REDIRECTION
const std::string captured_stdout = GetCapturedStdout();
-#endif
+# endif
// Verifies the flag values.
CheckFlags(expected);
@@ -5617,7 +5717,7 @@ class InitGoogleTestTest : public Test {
// help message for the flags it recognizes.
EXPECT_EQ(should_print_help, ::testing::internal::g_help_flag);
-#if GTEST_HAS_STREAM_REDIRECTION
+# if GTEST_HAS_STREAM_REDIRECTION
const char* const expected_help_fragment =
"This program contains tests written using";
if (should_print_help) {
@@ -5626,7 +5726,7 @@ class InitGoogleTestTest : public Test {
EXPECT_PRED_FORMAT2(IsNotSubstring,
expected_help_fragment, captured_stdout);
}
-#endif // GTEST_HAS_STREAM_REDIRECTION
+# endif // GTEST_HAS_STREAM_REDIRECTION
::testing::internal::g_help_flag = saved_help_flag;
}
@@ -5634,14 +5734,14 @@ class InitGoogleTestTest : public Test {
// This macro wraps TestParsingFlags s.t. the user doesn't need
// to specify the array sizes.
-#define GTEST_TEST_PARSING_FLAGS_(argv1, argv2, expected, should_print_help) \
+# define GTEST_TEST_PARSING_FLAGS_(argv1, argv2, expected, should_print_help) \
TestParsingFlags(sizeof(argv1)/sizeof(*argv1) - 1, argv1, \
sizeof(argv2)/sizeof(*argv2) - 1, argv2, \
expected, should_print_help)
};
// Tests parsing an empty command line.
-TEST_F(InitGoogleTestTest, Empty) {
+TEST_F(ParseFlagsTest, Empty) {
const char* argv[] = {
NULL
};
@@ -5654,7 +5754,7 @@ TEST_F(InitGoogleTestTest, Empty) {
}
// Tests parsing a command line that has no flag.
-TEST_F(InitGoogleTestTest, NoFlag) {
+TEST_F(ParseFlagsTest, NoFlag) {
const char* argv[] = {
"foo.exe",
NULL
@@ -5669,7 +5769,7 @@ TEST_F(InitGoogleTestTest, NoFlag) {
}
// Tests parsing a bad --gtest_filter flag.
-TEST_F(InitGoogleTestTest, FilterBad) {
+TEST_F(ParseFlagsTest, FilterBad) {
const char* argv[] = {
"foo.exe",
"--gtest_filter",
@@ -5686,7 +5786,7 @@ TEST_F(InitGoogleTestTest, FilterBad) {
}
// Tests parsing an empty --gtest_filter flag.
-TEST_F(InitGoogleTestTest, FilterEmpty) {
+TEST_F(ParseFlagsTest, FilterEmpty) {
const char* argv[] = {
"foo.exe",
"--gtest_filter=",
@@ -5702,7 +5802,7 @@ TEST_F(InitGoogleTestTest, FilterEmpty) {
}
// Tests parsing a non-empty --gtest_filter flag.
-TEST_F(InitGoogleTestTest, FilterNonEmpty) {
+TEST_F(ParseFlagsTest, FilterNonEmpty) {
const char* argv[] = {
"foo.exe",
"--gtest_filter=abc",
@@ -5718,7 +5818,7 @@ TEST_F(InitGoogleTestTest, FilterNonEmpty) {
}
// Tests parsing --gtest_break_on_failure.
-TEST_F(InitGoogleTestTest, BreakOnFailureWithoutValue) {
+TEST_F(ParseFlagsTest, BreakOnFailureWithoutValue) {
const char* argv[] = {
"foo.exe",
"--gtest_break_on_failure",
@@ -5734,7 +5834,7 @@ TEST_F(InitGoogleTestTest, BreakOnFailureWithoutValue) {
}
// Tests parsing --gtest_break_on_failure=0.
-TEST_F(InitGoogleTestTest, BreakOnFailureFalse_0) {
+TEST_F(ParseFlagsTest, BreakOnFailureFalse_0) {
const char* argv[] = {
"foo.exe",
"--gtest_break_on_failure=0",
@@ -5750,7 +5850,7 @@ TEST_F(InitGoogleTestTest, BreakOnFailureFalse_0) {
}
// Tests parsing --gtest_break_on_failure=f.
-TEST_F(InitGoogleTestTest, BreakOnFailureFalse_f) {
+TEST_F(ParseFlagsTest, BreakOnFailureFalse_f) {
const char* argv[] = {
"foo.exe",
"--gtest_break_on_failure=f",
@@ -5766,7 +5866,7 @@ TEST_F(InitGoogleTestTest, BreakOnFailureFalse_f) {
}
// Tests parsing --gtest_break_on_failure=F.
-TEST_F(InitGoogleTestTest, BreakOnFailureFalse_F) {
+TEST_F(ParseFlagsTest, BreakOnFailureFalse_F) {
const char* argv[] = {
"foo.exe",
"--gtest_break_on_failure=F",
@@ -5783,7 +5883,7 @@ TEST_F(InitGoogleTestTest, BreakOnFailureFalse_F) {
// Tests parsing a --gtest_break_on_failure flag that has a "true"
// definition.
-TEST_F(InitGoogleTestTest, BreakOnFailureTrue) {
+TEST_F(ParseFlagsTest, BreakOnFailureTrue) {
const char* argv[] = {
"foo.exe",
"--gtest_break_on_failure=1",
@@ -5799,7 +5899,7 @@ TEST_F(InitGoogleTestTest, BreakOnFailureTrue) {
}
// Tests parsing --gtest_catch_exceptions.
-TEST_F(InitGoogleTestTest, CatchExceptions) {
+TEST_F(ParseFlagsTest, CatchExceptions) {
const char* argv[] = {
"foo.exe",
"--gtest_catch_exceptions",
@@ -5815,7 +5915,7 @@ TEST_F(InitGoogleTestTest, CatchExceptions) {
}
// Tests parsing --gtest_death_test_use_fork.
-TEST_F(InitGoogleTestTest, DeathTestUseFork) {
+TEST_F(ParseFlagsTest, DeathTestUseFork) {
const char* argv[] = {
"foo.exe",
"--gtest_death_test_use_fork",
@@ -5832,7 +5932,7 @@ TEST_F(InitGoogleTestTest, DeathTestUseFork) {
// Tests having the same flag twice with different values. The
// expected behavior is that the one coming last takes precedence.
-TEST_F(InitGoogleTestTest, DuplicatedFlags) {
+TEST_F(ParseFlagsTest, DuplicatedFlags) {
const char* argv[] = {
"foo.exe",
"--gtest_filter=a",
@@ -5849,7 +5949,7 @@ TEST_F(InitGoogleTestTest, DuplicatedFlags) {
}
// Tests having an unrecognized flag on the command line.
-TEST_F(InitGoogleTestTest, UnrecognizedFlag) {
+TEST_F(ParseFlagsTest, UnrecognizedFlag) {
const char* argv[] = {
"foo.exe",
"--gtest_break_on_failure",
@@ -5871,7 +5971,7 @@ TEST_F(InitGoogleTestTest, UnrecognizedFlag) {
}
// Tests having a --gtest_list_tests flag
-TEST_F(InitGoogleTestTest, ListTestsFlag) {
+TEST_F(ParseFlagsTest, ListTestsFlag) {
const char* argv[] = {
"foo.exe",
"--gtest_list_tests",
@@ -5887,7 +5987,7 @@ TEST_F(InitGoogleTestTest, ListTestsFlag) {
}
// Tests having a --gtest_list_tests flag with a "true" value
-TEST_F(InitGoogleTestTest, ListTestsTrue) {
+TEST_F(ParseFlagsTest, ListTestsTrue) {
const char* argv[] = {
"foo.exe",
"--gtest_list_tests=1",
@@ -5903,7 +6003,7 @@ TEST_F(InitGoogleTestTest, ListTestsTrue) {
}
// Tests having a --gtest_list_tests flag with a "false" value
-TEST_F(InitGoogleTestTest, ListTestsFalse) {
+TEST_F(ParseFlagsTest, ListTestsFalse) {
const char* argv[] = {
"foo.exe",
"--gtest_list_tests=0",
@@ -5919,7 +6019,7 @@ TEST_F(InitGoogleTestTest, ListTestsFalse) {
}
// Tests parsing --gtest_list_tests=f.
-TEST_F(InitGoogleTestTest, ListTestsFalse_f) {
+TEST_F(ParseFlagsTest, ListTestsFalse_f) {
const char* argv[] = {
"foo.exe",
"--gtest_list_tests=f",
@@ -5935,7 +6035,7 @@ TEST_F(InitGoogleTestTest, ListTestsFalse_f) {
}
// Tests parsing --gtest_list_tests=F.
-TEST_F(InitGoogleTestTest, ListTestsFalse_F) {
+TEST_F(ParseFlagsTest, ListTestsFalse_F) {
const char* argv[] = {
"foo.exe",
"--gtest_list_tests=F",
@@ -5951,7 +6051,7 @@ TEST_F(InitGoogleTestTest, ListTestsFalse_F) {
}
// Tests parsing --gtest_output (invalid).
-TEST_F(InitGoogleTestTest, OutputEmpty) {
+TEST_F(ParseFlagsTest, OutputEmpty) {
const char* argv[] = {
"foo.exe",
"--gtest_output",
@@ -5968,7 +6068,7 @@ TEST_F(InitGoogleTestTest, OutputEmpty) {
}
// Tests parsing --gtest_output=xml
-TEST_F(InitGoogleTestTest, OutputXml) {
+TEST_F(ParseFlagsTest, OutputXml) {
const char* argv[] = {
"foo.exe",
"--gtest_output=xml",
@@ -5984,7 +6084,7 @@ TEST_F(InitGoogleTestTest, OutputXml) {
}
// Tests parsing --gtest_output=xml:file
-TEST_F(InitGoogleTestTest, OutputXmlFile) {
+TEST_F(ParseFlagsTest, OutputXmlFile) {
const char* argv[] = {
"foo.exe",
"--gtest_output=xml:file",
@@ -6000,7 +6100,7 @@ TEST_F(InitGoogleTestTest, OutputXmlFile) {
}
// Tests parsing --gtest_output=xml:directory/path/
-TEST_F(InitGoogleTestTest, OutputXmlDirectory) {
+TEST_F(ParseFlagsTest, OutputXmlDirectory) {
const char* argv[] = {
"foo.exe",
"--gtest_output=xml:directory/path/",
@@ -6017,7 +6117,7 @@ TEST_F(InitGoogleTestTest, OutputXmlDirectory) {
}
// Tests having a --gtest_print_time flag
-TEST_F(InitGoogleTestTest, PrintTimeFlag) {
+TEST_F(ParseFlagsTest, PrintTimeFlag) {
const char* argv[] = {
"foo.exe",
"--gtest_print_time",
@@ -6033,7 +6133,7 @@ TEST_F(InitGoogleTestTest, PrintTimeFlag) {
}
// Tests having a --gtest_print_time flag with a "true" value
-TEST_F(InitGoogleTestTest, PrintTimeTrue) {
+TEST_F(ParseFlagsTest, PrintTimeTrue) {
const char* argv[] = {
"foo.exe",
"--gtest_print_time=1",
@@ -6049,7 +6149,7 @@ TEST_F(InitGoogleTestTest, PrintTimeTrue) {
}
// Tests having a --gtest_print_time flag with a "false" value
-TEST_F(InitGoogleTestTest, PrintTimeFalse) {
+TEST_F(ParseFlagsTest, PrintTimeFalse) {
const char* argv[] = {
"foo.exe",
"--gtest_print_time=0",
@@ -6065,7 +6165,7 @@ TEST_F(InitGoogleTestTest, PrintTimeFalse) {
}
// Tests parsing --gtest_print_time=f.
-TEST_F(InitGoogleTestTest, PrintTimeFalse_f) {
+TEST_F(ParseFlagsTest, PrintTimeFalse_f) {
const char* argv[] = {
"foo.exe",
"--gtest_print_time=f",
@@ -6081,7 +6181,7 @@ TEST_F(InitGoogleTestTest, PrintTimeFalse_f) {
}
// Tests parsing --gtest_print_time=F.
-TEST_F(InitGoogleTestTest, PrintTimeFalse_F) {
+TEST_F(ParseFlagsTest, PrintTimeFalse_F) {
const char* argv[] = {
"foo.exe",
"--gtest_print_time=F",
@@ -6097,7 +6197,7 @@ TEST_F(InitGoogleTestTest, PrintTimeFalse_F) {
}
// Tests parsing --gtest_random_seed=number
-TEST_F(InitGoogleTestTest, RandomSeed) {
+TEST_F(ParseFlagsTest, RandomSeed) {
const char* argv[] = {
"foo.exe",
"--gtest_random_seed=1000",
@@ -6113,7 +6213,7 @@ TEST_F(InitGoogleTestTest, RandomSeed) {
}
// Tests parsing --gtest_repeat=number
-TEST_F(InitGoogleTestTest, Repeat) {
+TEST_F(ParseFlagsTest, Repeat) {
const char* argv[] = {
"foo.exe",
"--gtest_repeat=1000",
@@ -6129,7 +6229,7 @@ TEST_F(InitGoogleTestTest, Repeat) {
}
// Tests having a --gtest_also_run_disabled_tests flag
-TEST_F(InitGoogleTestTest, AlsoRunDisabledTestsFlag) {
+TEST_F(ParseFlagsTest, AlsoRunDisabledTestsFlag) {
const char* argv[] = {
"foo.exe",
"--gtest_also_run_disabled_tests",
@@ -6146,7 +6246,7 @@ TEST_F(InitGoogleTestTest, AlsoRunDisabledTestsFlag) {
}
// Tests having a --gtest_also_run_disabled_tests flag with a "true" value
-TEST_F(InitGoogleTestTest, AlsoRunDisabledTestsTrue) {
+TEST_F(ParseFlagsTest, AlsoRunDisabledTestsTrue) {
const char* argv[] = {
"foo.exe",
"--gtest_also_run_disabled_tests=1",
@@ -6163,7 +6263,7 @@ TEST_F(InitGoogleTestTest, AlsoRunDisabledTestsTrue) {
}
// Tests having a --gtest_also_run_disabled_tests flag with a "false" value
-TEST_F(InitGoogleTestTest, AlsoRunDisabledTestsFalse) {
+TEST_F(ParseFlagsTest, AlsoRunDisabledTestsFalse) {
const char* argv[] = {
"foo.exe",
"--gtest_also_run_disabled_tests=0",
@@ -6180,7 +6280,7 @@ TEST_F(InitGoogleTestTest, AlsoRunDisabledTestsFalse) {
}
// Tests parsing --gtest_shuffle.
-TEST_F(InitGoogleTestTest, ShuffleWithoutValue) {
+TEST_F(ParseFlagsTest, ShuffleWithoutValue) {
const char* argv[] = {
"foo.exe",
"--gtest_shuffle",
@@ -6196,7 +6296,7 @@ TEST_F(InitGoogleTestTest, ShuffleWithoutValue) {
}
// Tests parsing --gtest_shuffle=0.
-TEST_F(InitGoogleTestTest, ShuffleFalse_0) {
+TEST_F(ParseFlagsTest, ShuffleFalse_0) {
const char* argv[] = {
"foo.exe",
"--gtest_shuffle=0",
@@ -6211,9 +6311,8 @@ TEST_F(InitGoogleTestTest, ShuffleFalse_0) {
GTEST_TEST_PARSING_FLAGS_(argv, argv2, Flags::Shuffle(false), false);
}
-// Tests parsing a --gtest_shuffle flag that has a "true"
-// definition.
-TEST_F(InitGoogleTestTest, ShuffleTrue) {
+// Tests parsing a --gtest_shuffle flag that has a "true" definition.
+TEST_F(ParseFlagsTest, ShuffleTrue) {
const char* argv[] = {
"foo.exe",
"--gtest_shuffle=1",
@@ -6229,7 +6328,7 @@ TEST_F(InitGoogleTestTest, ShuffleTrue) {
}
// Tests parsing --gtest_stack_trace_depth=number.
-TEST_F(InitGoogleTestTest, StackTraceDepth) {
+TEST_F(ParseFlagsTest, StackTraceDepth) {
const char* argv[] = {
"foo.exe",
"--gtest_stack_trace_depth=5",
@@ -6244,7 +6343,7 @@ TEST_F(InitGoogleTestTest, StackTraceDepth) {
GTEST_TEST_PARSING_FLAGS_(argv, argv2, Flags::StackTraceDepth(5), false);
}
-TEST_F(InitGoogleTestTest, StreamResultTo) {
+TEST_F(ParseFlagsTest, StreamResultTo) {
const char* argv[] = {
"foo.exe",
"--gtest_stream_result_to=localhost:1234",
@@ -6261,7 +6360,7 @@ TEST_F(InitGoogleTestTest, StreamResultTo) {
}
// Tests parsing --gtest_throw_on_failure.
-TEST_F(InitGoogleTestTest, ThrowOnFailureWithoutValue) {
+TEST_F(ParseFlagsTest, ThrowOnFailureWithoutValue) {
const char* argv[] = {
"foo.exe",
"--gtest_throw_on_failure",
@@ -6277,7 +6376,7 @@ TEST_F(InitGoogleTestTest, ThrowOnFailureWithoutValue) {
}
// Tests parsing --gtest_throw_on_failure=0.
-TEST_F(InitGoogleTestTest, ThrowOnFailureFalse_0) {
+TEST_F(ParseFlagsTest, ThrowOnFailureFalse_0) {
const char* argv[] = {
"foo.exe",
"--gtest_throw_on_failure=0",
@@ -6294,7 +6393,7 @@ TEST_F(InitGoogleTestTest, ThrowOnFailureFalse_0) {
// Tests parsing a --gtest_throw_on_failure flag that has a "true"
// definition.
-TEST_F(InitGoogleTestTest, ThrowOnFailureTrue) {
+TEST_F(ParseFlagsTest, ThrowOnFailureTrue) {
const char* argv[] = {
"foo.exe",
"--gtest_throw_on_failure=1",
@@ -6309,9 +6408,9 @@ TEST_F(InitGoogleTestTest, ThrowOnFailureTrue) {
GTEST_TEST_PARSING_FLAGS_(argv, argv2, Flags::ThrowOnFailure(true), false);
}
-#if GTEST_OS_WINDOWS
+# if GTEST_OS_WINDOWS
// Tests parsing wide strings.
-TEST_F(InitGoogleTestTest, WideStrings) {
+TEST_F(ParseFlagsTest, WideStrings) {
const wchar_t* argv[] = {
L"foo.exe",
L"--gtest_filter=Foo*",
@@ -6334,7 +6433,108 @@ TEST_F(InitGoogleTestTest, WideStrings) {
GTEST_TEST_PARSING_FLAGS_(argv, argv2, expected_flags, false);
}
-#endif // GTEST_OS_WINDOWS
+# endif // GTEST_OS_WINDOWS
+
+#if GTEST_USE_OWN_FLAGFILE_FLAG_
+class FlagfileTest : public ParseFlagsTest {
+ public:
+ virtual void SetUp() {
+ ParseFlagsTest::SetUp();
+
+ testdata_path_.Set(internal::FilePath(
+ testing::TempDir() + internal::GetCurrentExecutableName().string() +
+ "_flagfile_test"));
+ testing::internal::posix::RmDir(testdata_path_.c_str());
+ EXPECT_TRUE(testdata_path_.CreateFolder());
+ }
+
+ virtual void TearDown() {
+ testing::internal::posix::RmDir(testdata_path_.c_str());
+ ParseFlagsTest::TearDown();
+ }
+
+ internal::FilePath CreateFlagfile(const char* contents) {
+ internal::FilePath file_path(internal::FilePath::GenerateUniqueFileName(
+ testdata_path_, internal::FilePath("unique"), "txt"));
+ FILE* f = testing::internal::posix::FOpen(file_path.c_str(), "w");
+ fprintf(f, "%s", contents);
+ fclose(f);
+ return file_path;
+ }
+
+ private:
+ internal::FilePath testdata_path_;
+};
+
+// Tests an empty flagfile.
+TEST_F(FlagfileTest, Empty) {
+ internal::FilePath flagfile_path(CreateFlagfile(""));
+ std::string flagfile_flag =
+ std::string("--" GTEST_FLAG_PREFIX_ "flagfile=") + flagfile_path.c_str();
+
+ const char* argv[] = {
+ "foo.exe",
+ flagfile_flag.c_str(),
+ NULL
+ };
+
+ const char* argv2[] = {
+ "foo.exe",
+ NULL
+ };
+
+ GTEST_TEST_PARSING_FLAGS_(argv, argv2, Flags(), false);
+}
+
+// Tests passing a non-empty --gtest_filter flag via --gtest_flagfile.
+TEST_F(FlagfileTest, FilterNonEmpty) {
+ internal::FilePath flagfile_path(CreateFlagfile(
+ "--" GTEST_FLAG_PREFIX_ "filter=abc"));
+ std::string flagfile_flag =
+ std::string("--" GTEST_FLAG_PREFIX_ "flagfile=") + flagfile_path.c_str();
+
+ const char* argv[] = {
+ "foo.exe",
+ flagfile_flag.c_str(),
+ NULL
+ };
+
+ const char* argv2[] = {
+ "foo.exe",
+ NULL
+ };
+
+ GTEST_TEST_PARSING_FLAGS_(argv, argv2, Flags::Filter("abc"), false);
+}
+
+// Tests passing several flags via --gtest_flagfile.
+TEST_F(FlagfileTest, SeveralFlags) {
+ internal::FilePath flagfile_path(CreateFlagfile(
+ "--" GTEST_FLAG_PREFIX_ "filter=abc\n"
+ "--" GTEST_FLAG_PREFIX_ "break_on_failure\n"
+ "--" GTEST_FLAG_PREFIX_ "list_tests"));
+ std::string flagfile_flag =
+ std::string("--" GTEST_FLAG_PREFIX_ "flagfile=") + flagfile_path.c_str();
+
+ const char* argv[] = {
+ "foo.exe",
+ flagfile_flag.c_str(),
+ NULL
+ };
+
+ const char* argv2[] = {
+ "foo.exe",
+ NULL
+ };
+
+ Flags expected_flags;
+ expected_flags.break_on_failure = true;
+ expected_flags.filter = "abc";
+ expected_flags.list_tests = true;
+
+ GTEST_TEST_PARSING_FLAGS_(argv, argv2, expected_flags, false);
+}
+#endif // GTEST_USE_OWN_FLAGFILE_FLAG_
// Tests current_test_info() in UnitTest.
class CurrentTestInfoTest : public Test {
@@ -6389,6 +6589,7 @@ TEST_F(CurrentTestInfoTest, WorksForSecondTestInATestCase) {
} // namespace testing
+
// These two lines test that we can define tests in a namespace that
// has the name "testing" and is nested in another namespace.
namespace my_namespace {
@@ -6469,7 +6670,7 @@ TEST(StreamingAssertionsTest, Truth2) {
}
#ifdef __BORLANDC__
-// Restores warnings after previous "#pragma option push" supressed them
+// Restores warnings after previous "#pragma option push" suppressed them
# pragma option pop
#endif
@@ -6672,6 +6873,18 @@ TEST(ColoredOutputTest, UsesColorsWhenTermSupportsColors) {
SetEnv("TERM", "screen-256color"); // TERM supports colors.
EXPECT_TRUE(ShouldUseColor(true)); // Stdout is a TTY.
+ SetEnv("TERM", "tmux"); // TERM supports colors.
+ EXPECT_TRUE(ShouldUseColor(true)); // Stdout is a TTY.
+
+ SetEnv("TERM", "tmux-256color"); // TERM supports colors.
+ EXPECT_TRUE(ShouldUseColor(true)); // Stdout is a TTY.
+
+ SetEnv("TERM", "rxvt-unicode"); // TERM supports colors.
+ EXPECT_TRUE(ShouldUseColor(true)); // Stdout is a TTY.
+
+ SetEnv("TERM", "rxvt-unicode-256color"); // TERM supports colors.
+ EXPECT_TRUE(ShouldUseColor(true)); // Stdout is a TTY.
+
SetEnv("TERM", "linux"); // TERM supports colors.
EXPECT_TRUE(ShouldUseColor(true)); // Stdout is a TTY.
@@ -6707,14 +6920,6 @@ TEST(StaticAssertTypeEqTest, CompilesForEqualTypes) {
StaticAssertTypeEq<int*, IntAlias*>();
}
-TEST(GetCurrentOsStackTraceExceptTopTest, ReturnsTheStackTrace) {
- testing::UnitTest* const unit_test = testing::UnitTest::GetInstance();
-
- // We don't have a stack walker in Google Test yet.
- EXPECT_STREQ("", GetCurrentOsStackTraceExceptTop(unit_test, 0).c_str());
- EXPECT_STREQ("", GetCurrentOsStackTraceExceptTop(unit_test, 1).c_str());
-}
-
TEST(HasNonfatalFailureTest, ReturnsFalseWhenThereIsNoFailure) {
EXPECT_FALSE(HasNonfatalFailure());
}
@@ -7166,7 +7371,7 @@ GTEST_TEST(AlternativeNameTest, Works) { // GTEST_TEST is the same as TEST.
// Tests for internal utilities necessary for implementation of the universal
// printing.
-// TODO(vladl@google.com): Find a better home for them.
+// FIXME: Find a better home for them.
class ConversionHelperBase {};
class ConversionHelperDerived : public ConversionHelperBase {};
@@ -7350,6 +7555,50 @@ TEST(IsContainerTestTest, WorksForContainer) {
sizeof(IsContainerTest<std::map<int, double> >(0)));
}
+#if GTEST_LANG_CXX11
+struct ConstOnlyContainerWithPointerIterator {
+ using const_iterator = int*;
+ const_iterator begin() const;
+ const_iterator end() const;
+};
+
+struct ConstOnlyContainerWithClassIterator {
+ struct const_iterator {
+ const int& operator*() const;
+ const_iterator& operator++(/* pre-increment */);
+ };
+ const_iterator begin() const;
+ const_iterator end() const;
+};
+
+TEST(IsContainerTestTest, ConstOnlyContainer) {
+ EXPECT_EQ(sizeof(IsContainer),
+ sizeof(IsContainerTest<ConstOnlyContainerWithPointerIterator>(0)));
+ EXPECT_EQ(sizeof(IsContainer),
+ sizeof(IsContainerTest<ConstOnlyContainerWithClassIterator>(0)));
+}
+#endif // GTEST_LANG_CXX11
+
+// Tests IsHashTable.
+struct AHashTable {
+ typedef void hasher;
+};
+struct NotReallyAHashTable {
+ typedef void hasher;
+ typedef void reverse_iterator;
+};
+TEST(IsHashTable, Basic) {
+ EXPECT_TRUE(testing::internal::IsHashTable<AHashTable>::value);
+ EXPECT_FALSE(testing::internal::IsHashTable<NotReallyAHashTable>::value);
+#if GTEST_LANG_CXX11
+ EXPECT_FALSE(testing::internal::IsHashTable<std::vector<int>>::value);
+ EXPECT_TRUE(testing::internal::IsHashTable<std::unordered_set<int>>::value);
+#endif // GTEST_LANG_CXX11
+#if GTEST_HAS_HASH_SET_
+ EXPECT_TRUE(testing::internal::IsHashTable<__gnu_cxx::hash_set<int>>::value);
+#endif // GTEST_HAS_HASH_SET_
+}
+
// Tests ArrayEq().
TEST(ArrayEqTest, WorksForDegeneratedArrays) {
@@ -7523,3 +7772,24 @@ TEST(SkipPrefixTest, DoesNotSkipWhenPrefixDoesNotMatch) {
EXPECT_EQ(str, p);
}
+// Tests ad_hoc_test_result().
+
+class AdHocTestResultTest : public testing::Test {
+ protected:
+ static void SetUpTestCase() {
+ FAIL() << "A failure happened inside SetUpTestCase().";
+ }
+};
+
+TEST_F(AdHocTestResultTest, AdHocTestResultForTestCaseShowsFailure) {
+ const testing::TestResult& test_result = testing::UnitTest::GetInstance()
+ ->current_test_case()
+ ->ad_hoc_test_result();
+ EXPECT_TRUE(test_result.Failed());
+}
+
+TEST_F(AdHocTestResultTest, AdHocTestResultTestForUnitTestDoesNotShowFailure) {
+ const testing::TestResult& test_result =
+ testing::UnitTest::GetInstance()->ad_hoc_test_result();
+ EXPECT_FALSE(test_result.Failed());
+}
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_xml_outfile1_test_.cc b/security/nss/gtests/google_test/gtest/test/gtest_xml_outfile1_test_.cc
index 531ced49d..a38ebac83 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_xml_outfile1_test_.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_xml_outfile1_test_.cc
@@ -27,8 +27,6 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
-// Author: keith.ray@gmail.com (Keith Ray)
-//
// gtest_xml_outfile1_test_ writes some xml via TestProperty used by
// gtest_xml_outfiles_test.py
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_xml_outfile2_test_.cc b/security/nss/gtests/google_test/gtest/test/gtest_xml_outfile2_test_.cc
index 7b400b276..afaf15a5d 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_xml_outfile2_test_.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_xml_outfile2_test_.cc
@@ -27,8 +27,6 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
-// Author: keith.ray@gmail.com (Keith Ray)
-//
// gtest_xml_outfile2_test_ writes some xml via TestProperty used by
// gtest_xml_outfiles_test.py
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_xml_outfiles_test.py b/security/nss/gtests/google_test/gtest/test/gtest_xml_outfiles_test.py
index 524e437e6..2c031ff8d 100755
--- a/security/nss/gtests/google_test/gtest/test/gtest_xml_outfiles_test.py
+++ b/security/nss/gtests/google_test/gtest/test/gtest_xml_outfiles_test.py
@@ -31,15 +31,11 @@
"""Unit test for the gtest_xml_output module."""
-__author__ = "keith.ray@gmail.com (Keith Ray)"
-
import os
from xml.dom import minidom, Node
-
import gtest_test_utils
import gtest_xml_test_utils
-
GTEST_OUTPUT_SUBDIR = "xml_outfiles"
GTEST_OUTPUT_1_TEST = "gtest_xml_outfile1_test_"
GTEST_OUTPUT_2_TEST = "gtest_xml_outfile2_test_"
@@ -47,7 +43,13 @@ GTEST_OUTPUT_2_TEST = "gtest_xml_outfile2_test_"
EXPECTED_XML_1 = """<?xml version="1.0" encoding="UTF-8"?>
<testsuites tests="1" failures="0" disabled="0" errors="0" time="*" timestamp="*" name="AllTests">
<testsuite name="PropertyOne" tests="1" failures="0" disabled="0" errors="0" time="*">
- <testcase name="TestSomeProperties" status="run" time="*" classname="PropertyOne" SetUpProp="1" TestSomeProperty="1" TearDownProp="1" />
+ <testcase name="TestSomeProperties" status="run" time="*" classname="PropertyOne">
+ <properties>
+ <property name="SetUpProp" value="1"/>
+ <property name="TestSomeProperty" value="1"/>
+ <property name="TearDownProp" value="1"/>
+ </properties>
+ </testcase>
</testsuite>
</testsuites>
"""
@@ -55,7 +57,13 @@ EXPECTED_XML_1 = """<?xml version="1.0" encoding="UTF-8"?>
EXPECTED_XML_2 = """<?xml version="1.0" encoding="UTF-8"?>
<testsuites tests="1" failures="0" disabled="0" errors="0" time="*" timestamp="*" name="AllTests">
<testsuite name="PropertyTwo" tests="1" failures="0" disabled="0" errors="0" time="*">
- <testcase name="TestSomeProperties" status="run" time="*" classname="PropertyTwo" SetUpProp="2" TestSomeProperty="2" TearDownProp="2" />
+ <testcase name="TestSomeProperties" status="run" time="*" classname="PropertyTwo">
+ <properties>
+ <property name="SetUpProp" value="2"/>
+ <property name="TestSomeProperty" value="2"/>
+ <property name="TearDownProp" value="2"/>
+ </properties>
+ </testcase>
</testsuite>
</testsuites>
"""
@@ -103,11 +111,11 @@ class GTestXMLOutFilesTest(gtest_xml_test_utils.GTestXMLTestCase):
self.assert_(p.exited)
self.assertEquals(0, p.exit_code)
- # TODO(wan@google.com): libtool causes the built test binary to be
+ # FIXME: libtool causes the built test binary to be
# named lt-gtest_xml_outfiles_test_ instead of
- # gtest_xml_outfiles_test_. To account for this possibillity, we
+ # gtest_xml_outfiles_test_. To account for this possibility, we
# allow both names in the following code. We should remove this
- # hack when Chandler Carruth's libtool replacement tool is ready.
+ # when libtool replacement tool is ready.
output_file_name1 = test_name + ".xml"
output_file1 = os.path.join(self.output_dir_, output_file_name1)
output_file_name2 = 'lt-' + output_file_name1
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_xml_output_unittest.py b/security/nss/gtests/google_test/gtest/test/gtest_xml_output_unittest.py
index f605d4ee2..faedd4e6c 100755
--- a/security/nss/gtests/google_test/gtest/test/gtest_xml_output_unittest.py
+++ b/security/nss/gtests/google_test/gtest/test/gtest_xml_output_unittest.py
@@ -31,8 +31,6 @@
"""Unit test for the gtest_xml_output module"""
-__author__ = 'eefacm@gmail.com (Sean Mcafee)'
-
import datetime
import errno
import os
@@ -43,19 +41,28 @@ from xml.dom import minidom, Node
import gtest_test_utils
import gtest_xml_test_utils
-
GTEST_FILTER_FLAG = '--gtest_filter'
GTEST_LIST_TESTS_FLAG = '--gtest_list_tests'
-GTEST_OUTPUT_FLAG = "--gtest_output"
-GTEST_DEFAULT_OUTPUT_FILE = "test_detail.xml"
-GTEST_PROGRAM_NAME = "gtest_xml_output_unittest_"
+GTEST_OUTPUT_FLAG = '--gtest_output'
+GTEST_DEFAULT_OUTPUT_FILE = 'test_detail.xml'
+GTEST_PROGRAM_NAME = 'gtest_xml_output_unittest_'
+
+# The flag indicating stacktraces are not supported
+NO_STACKTRACE_SUPPORT_FLAG = '--no_stacktrace_support'
-SUPPORTS_STACK_TRACES = False
+# The environment variables for test sharding.
+TOTAL_SHARDS_ENV_VAR = 'GTEST_TOTAL_SHARDS'
+SHARD_INDEX_ENV_VAR = 'GTEST_SHARD_INDEX'
+SHARD_STATUS_FILE_ENV_VAR = 'GTEST_SHARD_STATUS_FILE'
+
+SUPPORTS_STACK_TRACES = NO_STACKTRACE_SUPPORT_FLAG not in sys.argv
if SUPPORTS_STACK_TRACES:
STACK_TRACE_TEMPLATE = '\nStack trace:\n*'
else:
STACK_TRACE_TEMPLATE = ''
+ # unittest.main() can't handle unknown flags
+ sys.argv.remove(NO_STACKTRACE_SUPPORT_FLAG)
EXPECTED_NON_EMPTY_XML = """<?xml version="1.0" encoding="UTF-8"?>
<testsuites tests="23" failures="4" disabled="2" errors="0" time="*" timestamp="*" name="AllTests" ad_hoc_property="42">
@@ -64,20 +71,23 @@ EXPECTED_NON_EMPTY_XML = """<?xml version="1.0" encoding="UTF-8"?>
</testsuite>
<testsuite name="FailedTest" tests="1" failures="1" disabled="0" errors="0" time="*">
<testcase name="Fails" status="run" time="*" classname="FailedTest">
- <failure message="gtest_xml_output_unittest_.cc:*
Value of: 2
Expected: 1" type=""><![CDATA[gtest_xml_output_unittest_.cc:*
-Value of: 2
-Expected: 1%(stack)s]]></failure>
+ <failure message="gtest_xml_output_unittest_.cc:*
Expected equality of these values:
 1
 2" type=""><![CDATA[gtest_xml_output_unittest_.cc:*
+Expected equality of these values:
+ 1
+ 2%(stack)s]]></failure>
</testcase>
</testsuite>
<testsuite name="MixedResultTest" tests="3" failures="1" disabled="1" errors="0" time="*">
<testcase name="Succeeds" status="run" time="*" classname="MixedResultTest"/>
<testcase name="Fails" status="run" time="*" classname="MixedResultTest">
- <failure message="gtest_xml_output_unittest_.cc:*
Value of: 2
Expected: 1" type=""><![CDATA[gtest_xml_output_unittest_.cc:*
-Value of: 2
-Expected: 1%(stack)s]]></failure>
- <failure message="gtest_xml_output_unittest_.cc:*
Value of: 3
Expected: 2" type=""><![CDATA[gtest_xml_output_unittest_.cc:*
-Value of: 3
-Expected: 2%(stack)s]]></failure>
+ <failure message="gtest_xml_output_unittest_.cc:*
Expected equality of these values:
 1
 2" type=""><![CDATA[gtest_xml_output_unittest_.cc:*
+Expected equality of these values:
+ 1
+ 2%(stack)s]]></failure>
+ <failure message="gtest_xml_output_unittest_.cc:*
Expected equality of these values:
 2
 3" type=""><![CDATA[gtest_xml_output_unittest_.cc:*
+Expected equality of these values:
+ 2
+ 3%(stack)s]]></failure>
</testcase>
<testcase name="DISABLED_test" status="notrun" time="*" classname="MixedResultTest"/>
</testsuite>
@@ -99,15 +109,45 @@ Invalid characters in brackets []%(stack)s]]></failure>
<testcase name="DISABLED_test_not_run" status="notrun" time="*" classname="DisabledTest"/>
</testsuite>
<testsuite name="PropertyRecordingTest" tests="4" failures="0" disabled="0" errors="0" time="*" SetUpTestCase="yes" TearDownTestCase="aye">
- <testcase name="OneProperty" status="run" time="*" classname="PropertyRecordingTest" key_1="1"/>
- <testcase name="IntValuedProperty" status="run" time="*" classname="PropertyRecordingTest" key_int="1"/>
- <testcase name="ThreeProperties" status="run" time="*" classname="PropertyRecordingTest" key_1="1" key_2="2" key_3="3"/>
- <testcase name="TwoValuesForOneKeyUsesLastValue" status="run" time="*" classname="PropertyRecordingTest" key_1="2"/>
+ <testcase name="OneProperty" status="run" time="*" classname="PropertyRecordingTest">
+ <properties>
+ <property name="key_1" value="1"/>
+ </properties>
+ </testcase>
+ <testcase name="IntValuedProperty" status="run" time="*" classname="PropertyRecordingTest">
+ <properties>
+ <property name="key_int" value="1"/>
+ </properties>
+ </testcase>
+ <testcase name="ThreeProperties" status="run" time="*" classname="PropertyRecordingTest">
+ <properties>
+ <property name="key_1" value="1"/>
+ <property name="key_2" value="2"/>
+ <property name="key_3" value="3"/>
+ </properties>
+ </testcase>
+ <testcase name="TwoValuesForOneKeyUsesLastValue" status="run" time="*" classname="PropertyRecordingTest">
+ <properties>
+ <property name="key_1" value="2"/>
+ </properties>
+ </testcase>
</testsuite>
<testsuite name="NoFixtureTest" tests="3" failures="0" disabled="0" errors="0" time="*">
- <testcase name="RecordProperty" status="run" time="*" classname="NoFixtureTest" key="1"/>
- <testcase name="ExternalUtilityThatCallsRecordIntValuedProperty" status="run" time="*" classname="NoFixtureTest" key_for_utility_int="1"/>
- <testcase name="ExternalUtilityThatCallsRecordStringValuedProperty" status="run" time="*" classname="NoFixtureTest" key_for_utility_string="1"/>
+ <testcase name="RecordProperty" status="run" time="*" classname="NoFixtureTest">
+ <properties>
+ <property name="key" value="1"/>
+ </properties>
+ </testcase>
+ <testcase name="ExternalUtilityThatCallsRecordIntValuedProperty" status="run" time="*" classname="NoFixtureTest">
+ <properties>
+ <property name="key_for_utility_int" value="1"/>
+ </properties>
+ </testcase>
+ <testcase name="ExternalUtilityThatCallsRecordStringValuedProperty" status="run" time="*" classname="NoFixtureTest">
+ <properties>
+ <property name="key_for_utility_string" value="1"/>
+ </properties>
+ </testcase>
</testsuite>
<testsuite name="Single/ValueParamTest" tests="4" failures="0" disabled="0" errors="0" time="*">
<testcase name="HasValueParamAttribute/0" value_param="33" status="run" time="*" classname="Single/ValueParamTest" />
@@ -138,6 +178,23 @@ EXPECTED_FILTERED_TEST_XML = """<?xml version="1.0" encoding="UTF-8"?>
</testsuite>
</testsuites>"""
+EXPECTED_SHARDED_TEST_XML = """<?xml version="1.0" encoding="UTF-8"?>
+<testsuites tests="3" failures="0" disabled="0" errors="0" time="*" timestamp="*" name="AllTests" ad_hoc_property="42">
+ <testsuite name="SuccessfulTest" tests="1" failures="0" disabled="0" errors="0" time="*">
+ <testcase name="Succeeds" status="run" time="*" classname="SuccessfulTest"/>
+ </testsuite>
+ <testsuite name="NoFixtureTest" tests="1" failures="0" disabled="0" errors="0" time="*">
+ <testcase name="RecordProperty" status="run" time="*" classname="NoFixtureTest">
+ <properties>
+ <property name="key" value="1"/>
+ </properties>
+ </testcase>
+ </testsuite>
+ <testsuite name="Single/ValueParamTest" tests="1" failures="0" disabled="0" errors="0" time="*">
+ <testcase name="AnotherTestThatHasValueParamAttribute/1" value_param="42" status="run" time="*" classname="Single/ValueParamTest" />
+ </testsuite>
+</testsuites>"""
+
EXPECTED_EMPTY_XML = """<?xml version="1.0" encoding="UTF-8"?>
<testsuites tests="0" failures="0" disabled="0" errors="0" time="*"
timestamp="*" name="AllTests">
@@ -179,7 +236,7 @@ class GTestXMLOutputUnitTest(gtest_xml_test_utils.GTestXMLTestCase):
Runs a test program that generates an empty XML output, and checks if
the timestamp attribute in the testsuites tag is valid.
"""
- actual = self._GetXmlOutput('gtest_no_test_unittest', [], 0)
+ actual = self._GetXmlOutput('gtest_no_test_unittest', [], {}, 0)
date_time_str = actual.documentElement.getAttributeNode('timestamp').value
# datetime.strptime() is only available in Python 2.5+ so we have to
# parse the expected datetime manually.
@@ -236,7 +293,7 @@ class GTestXMLOutputUnitTest(gtest_xml_test_utils.GTestXMLTestCase):
'--shut_down_xml']
p = gtest_test_utils.Subprocess(command)
if p.terminated_by_signal:
- # p.signal is avalable only if p.terminated_by_signal is True.
+ # p.signal is available only if p.terminated_by_signal is True.
self.assertFalse(
p.terminated_by_signal,
'%s was killed by signal %d' % (GTEST_PROGRAM_NAME, p.signal))
@@ -259,7 +316,22 @@ class GTestXMLOutputUnitTest(gtest_xml_test_utils.GTestXMLTestCase):
self._TestXmlOutput(GTEST_PROGRAM_NAME, EXPECTED_FILTERED_TEST_XML, 0,
extra_args=['%s=SuccessfulTest.*' % GTEST_FILTER_FLAG])
- def _GetXmlOutput(self, gtest_prog_name, extra_args, expected_exit_code):
+ def testShardedTestXmlOutput(self):
+ """Verifies XML output when run using multiple shards.
+
+ Runs a test program that executes only one shard and verifies that tests
+ from other shards do not show up in the XML output.
+ """
+
+ self._TestXmlOutput(
+ GTEST_PROGRAM_NAME,
+ EXPECTED_SHARDED_TEST_XML,
+ 0,
+ extra_env={SHARD_INDEX_ENV_VAR: '0',
+ TOTAL_SHARDS_ENV_VAR: '10'})
+
+ def _GetXmlOutput(self, gtest_prog_name, extra_args, extra_env,
+ expected_exit_code):
"""
Returns the xml output generated by running the program gtest_prog_name.
Furthermore, the program's exit code must be expected_exit_code.
@@ -270,7 +342,11 @@ class GTestXMLOutputUnitTest(gtest_xml_test_utils.GTestXMLTestCase):
command = ([gtest_prog_path, '%s=xml:%s' % (GTEST_OUTPUT_FLAG, xml_path)] +
extra_args)
- p = gtest_test_utils.Subprocess(command)
+ environ_copy = os.environ.copy()
+ if extra_env:
+ environ_copy.update(extra_env)
+ p = gtest_test_utils.Subprocess(command, env=environ_copy)
+
if p.terminated_by_signal:
self.assert_(False,
'%s was killed by signal %d' % (gtest_prog_name, p.signal))
@@ -284,7 +360,7 @@ class GTestXMLOutputUnitTest(gtest_xml_test_utils.GTestXMLTestCase):
return actual
def _TestXmlOutput(self, gtest_prog_name, expected_xml,
- expected_exit_code, extra_args=None):
+ expected_exit_code, extra_args=None, extra_env=None):
"""
Asserts that the XML document generated by running the program
gtest_prog_name matches expected_xml, a string containing another
@@ -293,7 +369,7 @@ class GTestXMLOutputUnitTest(gtest_xml_test_utils.GTestXMLTestCase):
"""
actual = self._GetXmlOutput(gtest_prog_name, extra_args or [],
- expected_exit_code)
+ extra_env or {}, expected_exit_code)
expected = minidom.parseString(expected_xml)
self.NormalizeXml(actual.documentElement)
self.AssertEquivalentNodes(expected.documentElement,
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_xml_output_unittest_.cc b/security/nss/gtests/google_test/gtest/test/gtest_xml_output_unittest_.cc
index 48b8771b5..2ee883800 100644
--- a/security/nss/gtests/google_test/gtest/test/gtest_xml_output_unittest_.cc
+++ b/security/nss/gtests/google_test/gtest/test/gtest_xml_output_unittest_.cc
@@ -27,8 +27,6 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-// Author: eefacm@gmail.com (Sean Mcafee)
-
// Unit test for Google Test XML output.
//
// A user can specify XML output in a Google Test program to run via
diff --git a/security/nss/gtests/google_test/gtest/test/gtest_xml_test_utils.py b/security/nss/gtests/google_test/gtest/test/gtest_xml_test_utils.py
index 3d0c3b2c2..1e0358592 100755
--- a/security/nss/gtests/google_test/gtest/test/gtest_xml_test_utils.py
+++ b/security/nss/gtests/google_test/gtest/test/gtest_xml_test_utils.py
@@ -1,5 +1,3 @@
-#!/usr/bin/env python
-#
# Copyright 2006, Google Inc.
# All rights reserved.
#
@@ -31,15 +29,10 @@
"""Unit test utilities for gtest_xml_output"""
-__author__ = 'eefacm@gmail.com (Sean Mcafee)'
-
import re
from xml.dom import minidom, Node
-
import gtest_test_utils
-
-GTEST_OUTPUT_FLAG = '--gtest_output'
GTEST_DEFAULT_OUTPUT_FILE = 'test_detail.xml'
class GTestXMLTestCase(gtest_test_utils.TestCase):
@@ -108,19 +101,22 @@ class GTestXMLTestCase(gtest_test_utils.TestCase):
self.AssertEquivalentNodes(child, actual_children[child_id])
identifying_attribute = {
- 'testsuites': 'name',
- 'testsuite': 'name',
- 'testcase': 'name',
- 'failure': 'message',
- }
+ 'testsuites': 'name',
+ 'testsuite': 'name',
+ 'testcase': 'name',
+ 'failure': 'message',
+ 'property': 'name',
+ }
def _GetChildren(self, element):
"""
Fetches all of the child nodes of element, a DOM Element object.
Returns them as the values of a dictionary keyed by the IDs of the
- children. For <testsuites>, <testsuite> and <testcase> elements, the ID
- is the value of their "name" attribute; for <failure> elements, it is
- the value of the "message" attribute; CDATA sections and non-whitespace
+ children. For <testsuites>, <testsuite>, <testcase>, and <property>
+ elements, the ID is the value of their "name" attribute; for <failure>
+ elements, it is the value of the "message" attribute; for <properties>
+ elements, it is the value of their parent's "name" attribute plus the
+ literal string "properties"; CDATA sections and non-whitespace
text nodes are concatenated into a single CDATA section with ID
"detail". An exception is raised if any element other than the above
four is encountered, if two child elements with the same identifying
@@ -130,11 +126,17 @@ class GTestXMLTestCase(gtest_test_utils.TestCase):
children = {}
for child in element.childNodes:
if child.nodeType == Node.ELEMENT_NODE:
- self.assert_(child.tagName in self.identifying_attribute,
- 'Encountered unknown element <%s>' % child.tagName)
- childID = child.getAttribute(self.identifying_attribute[child.tagName])
- self.assert_(childID not in children)
- children[childID] = child
+ if child.tagName == 'properties':
+ self.assert_(child.parentNode is not None,
+ 'Encountered <properties> element without a parent')
+ child_id = child.parentNode.getAttribute('name') + '-properties'
+ else:
+ self.assert_(child.tagName in self.identifying_attribute,
+ 'Encountered unknown element <%s>' % child.tagName)
+ child_id = child.getAttribute(
+ self.identifying_attribute[child.tagName])
+ self.assert_(child_id not in children)
+ children[child_id] = child
elif child.nodeType in [Node.TEXT_NODE, Node.CDATA_SECTION_NODE]:
if 'detail' not in children:
if (child.nodeType == Node.CDATA_SECTION_NODE or
@@ -187,8 +189,8 @@ class GTestXMLTestCase(gtest_test_utils.TestCase):
# Replaces the source line information with a normalized form.
cdata = re.sub(source_line_pat, '\\1*\n', child.nodeValue)
# Removes the actual stack trace.
- child.nodeValue = re.sub(r'\nStack trace:\n(.|\n)*',
- '', cdata)
+ child.nodeValue = re.sub(r'Stack trace:\n(.|\n)*',
+ 'Stack trace:\n*', cdata)
for child in element.childNodes:
if child.nodeType == Node.ELEMENT_NODE:
self.NormalizeXml(child)
diff --git a/security/nss/gtests/google_test/gtest/test/production.cc b/security/nss/gtests/google_test/gtest/test/production.cc
index 8b8a40b44..0f69f6dbd 100644
--- a/security/nss/gtests/google_test/gtest/test/production.cc
+++ b/security/nss/gtests/google_test/gtest/test/production.cc
@@ -26,10 +26,9 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
//
-// Author: wan@google.com (Zhanyong Wan)
-//
-// This is part of the unit test for include/gtest/gtest_prod.h.
+// This is part of the unit test for gtest_prod.h.
#include "production.h"
diff --git a/security/nss/gtests/google_test/gtest/test/production.h b/security/nss/gtests/google_test/gtest/test/production.h
index 98fd5e476..542723b70 100644
--- a/security/nss/gtests/google_test/gtest/test/production.h
+++ b/security/nss/gtests/google_test/gtest/test/production.h
@@ -26,10 +26,9 @@
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
//
-// Author: wan@google.com (Zhanyong Wan)
-//
-// This is part of the unit test for include/gtest/gtest_prod.h.
+// This is part of the unit test for gtest_prod.h.
#ifndef GTEST_TEST_PRODUCTION_H_
#define GTEST_TEST_PRODUCTION_H_
diff --git a/security/nss/gtests/google_test/gtest/xcode/Config/DebugProject.xcconfig b/security/nss/gtests/google_test/gtest/xcode/Config/DebugProject.xcconfig
index 3d68157d5..645701e22 100644
--- a/security/nss/gtests/google_test/gtest/xcode/Config/DebugProject.xcconfig
+++ b/security/nss/gtests/google_test/gtest/xcode/Config/DebugProject.xcconfig
@@ -5,7 +5,7 @@
// examples. It is set in the "Based On:" dropdown in the "Project" info
// dialog.
// This file is based on the Xcode Configuration files in:
-// http://code.google.com/p/google-toolbox-for-mac/
+// https://github.com/google/google-toolbox-for-mac
//
#include "General.xcconfig"
diff --git a/security/nss/gtests/google_test/gtest/xcode/Config/FrameworkTarget.xcconfig b/security/nss/gtests/google_test/gtest/xcode/Config/FrameworkTarget.xcconfig
index 357b1c8fb..77081fbcb 100644
--- a/security/nss/gtests/google_test/gtest/xcode/Config/FrameworkTarget.xcconfig
+++ b/security/nss/gtests/google_test/gtest/xcode/Config/FrameworkTarget.xcconfig
@@ -4,7 +4,7 @@
// These are Framework target settings for the gtest framework and examples. It
// is set in the "Based On:" dropdown in the "Target" info dialog.
// This file is based on the Xcode Configuration files in:
-// http://code.google.com/p/google-toolbox-for-mac/
+// https://github.com/google/google-toolbox-for-mac
//
// Dynamic libs need to be position independent
diff --git a/security/nss/gtests/google_test/gtest/xcode/Config/General.xcconfig b/security/nss/gtests/google_test/gtest/xcode/Config/General.xcconfig
index f23e32227..1aba486f0 100644
--- a/security/nss/gtests/google_test/gtest/xcode/Config/General.xcconfig
+++ b/security/nss/gtests/google_test/gtest/xcode/Config/General.xcconfig
@@ -4,7 +4,7 @@
// These are General configuration settings for the gtest framework and
// examples.
// This file is based on the Xcode Configuration files in:
-// http://code.google.com/p/google-toolbox-for-mac/
+// https://github.com/google/google-toolbox-for-mac
//
// Build for PPC and Intel, 32- and 64-bit
diff --git a/security/nss/gtests/google_test/gtest/xcode/Config/ReleaseProject.xcconfig b/security/nss/gtests/google_test/gtest/xcode/Config/ReleaseProject.xcconfig
index 5349f0a04..df9a38f89 100644
--- a/security/nss/gtests/google_test/gtest/xcode/Config/ReleaseProject.xcconfig
+++ b/security/nss/gtests/google_test/gtest/xcode/Config/ReleaseProject.xcconfig
@@ -5,7 +5,7 @@
// and examples. It is set in the "Based On:" dropdown in the "Project" info
// dialog.
// This file is based on the Xcode Configuration files in:
-// http://code.google.com/p/google-toolbox-for-mac/
+// https://github.com/google/google-toolbox-for-mac
//
#include "General.xcconfig"
diff --git a/security/nss/gtests/google_test/gtest/xcode/Config/StaticLibraryTarget.xcconfig b/security/nss/gtests/google_test/gtest/xcode/Config/StaticLibraryTarget.xcconfig
index 3922fa51d..d2424fe80 100644
--- a/security/nss/gtests/google_test/gtest/xcode/Config/StaticLibraryTarget.xcconfig
+++ b/security/nss/gtests/google_test/gtest/xcode/Config/StaticLibraryTarget.xcconfig
@@ -4,7 +4,7 @@
// These are static library target settings for libgtest.a. It
// is set in the "Based On:" dropdown in the "Target" info dialog.
// This file is based on the Xcode Configuration files in:
-// http://code.google.com/p/google-toolbox-for-mac/
+// https://github.com/google/google-toolbox-for-mac
//
// Static libs can be included in bundles so make them position independent
diff --git a/security/nss/gtests/google_test/gtest/xcode/Scripts/versiongenerate.py b/security/nss/gtests/google_test/gtest/xcode/Scripts/versiongenerate.py
index 81de8c96a..bdd7541ad 100644
--- a/security/nss/gtests/google_test/gtest/xcode/Scripts/versiongenerate.py
+++ b/security/nss/gtests/google_test/gtest/xcode/Scripts/versiongenerate.py
@@ -29,7 +29,7 @@
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-"""A script to prepare version informtion for use the gtest Info.plist file.
+"""A script to prepare version information for use the gtest Info.plist file.
This script extracts the version information from the configure.ac file and
uses it to generate a header file containing the same information. The
@@ -42,7 +42,7 @@
1. The AC_INIT macro will be contained within the first 1024 characters
of configure.ac
2. The version string will be 3 integers separated by periods and will be
- surrounded by squre brackets, "[" and "]" (e.g. [1.0.1]). The first
+ surrounded by square brackets, "[" and "]" (e.g. [1.0.1]). The first
segment represents the major version, the second represents the minor
version and the third represents the fix version.
3. No ")" character exists between the opening "(" and closing ")" of
@@ -68,7 +68,7 @@ config_file.close()
# Extract the version string from the AC_INIT macro
# The following init_expression means:
-# Extract three integers separated by periods and surrounded by squre
+# Extract three integers separated by periods and surrounded by square
# brackets(e.g. "[1.0.1]") between "AC_INIT(" and ")". Do not be greedy
# (*? is the non-greedy flag) since that would pull in everything between
# the first "(" and the last ")" in the file.
@@ -88,7 +88,7 @@ file_data = """//
// is executed in a "Run Script" build phase when creating gtest.framework. This
// header file is not used during compilation of C-source. Rather, it simply
// defines some version strings for substitution in the Info.plist. Because of
-// this, we are not not restricted to C-syntax nor are we using include guards.
+// this, we are not restricted to C-syntax nor are we using include guards.
//
#define GTEST_VERSIONINFO_SHORT %s.%s
diff --git a/security/nss/gtests/google_test/gtest/xcode/gtest.xcodeproj/project.pbxproj b/security/nss/gtests/google_test/gtest/xcode/gtest.xcodeproj/project.pbxproj
index 0452a63d0..003bff8cb 100644
--- a/security/nss/gtests/google_test/gtest/xcode/gtest.xcodeproj/project.pbxproj
+++ b/security/nss/gtests/google_test/gtest/xcode/gtest.xcodeproj/project.pbxproj
@@ -46,7 +46,7 @@
4048843B0E2F799B00CF7658 /* gtest.h in Headers */ = {isa = PBXBuildFile; fileRef = 404883DE0E2F799B00CF7658 /* gtest.h */; settings = {ATTRIBUTES = (Public, ); }; };
4048843C0E2F799B00CF7658 /* gtest_pred_impl.h in Headers */ = {isa = PBXBuildFile; fileRef = 404883DF0E2F799B00CF7658 /* gtest_pred_impl.h */; settings = {ATTRIBUTES = (Public, ); }; };
4048843D0E2F799B00CF7658 /* gtest_prod.h in Headers */ = {isa = PBXBuildFile; fileRef = 404883E00E2F799B00CF7658 /* gtest_prod.h */; settings = {ATTRIBUTES = (Public, ); }; };
- 404884500E2F799B00CF7658 /* README in Resources */ = {isa = PBXBuildFile; fileRef = 404883F60E2F799B00CF7658 /* README */; };
+ 404884500E2F799B00CF7658 /* README.md in Resources */ = {isa = PBXBuildFile; fileRef = 404883F60E2F799B00CF7658 /* README.md */; };
404884A00E2F7BE600CF7658 /* gtest-death-test-internal.h in Copy Headers Internal */ = {isa = PBXBuildFile; fileRef = 404883E20E2F799B00CF7658 /* gtest-death-test-internal.h */; };
404884A10E2F7BE600CF7658 /* gtest-filepath.h in Copy Headers Internal */ = {isa = PBXBuildFile; fileRef = 404883E30E2F799B00CF7658 /* gtest-filepath.h */; };
404884A20E2F7BE600CF7658 /* gtest-internal.h in Copy Headers Internal */ = {isa = PBXBuildFile; fileRef = 404883E40E2F799B00CF7658 /* gtest-internal.h */; };
@@ -79,6 +79,13 @@
4539C9390EC280E200A70F4C /* gtest-param-util-generated.h in Copy Headers Internal */ = {isa = PBXBuildFile; fileRef = 4539C9360EC280E200A70F4C /* gtest-param-util-generated.h */; };
4539C93A0EC280E200A70F4C /* gtest-param-util.h in Copy Headers Internal */ = {isa = PBXBuildFile; fileRef = 4539C9370EC280E200A70F4C /* gtest-param-util.h */; };
4567C8181264FF71007740BE /* gtest-printers.h in Headers */ = {isa = PBXBuildFile; fileRef = 4567C8171264FF71007740BE /* gtest-printers.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ F67D4F3E1C7F5D8B0017C729 /* gtest-port-arch.h in Headers */ = {isa = PBXBuildFile; fileRef = F67D4F3D1C7F5D8B0017C729 /* gtest-port-arch.h */; };
+ F67D4F3F1C7F5DA70017C729 /* gtest-port-arch.h in Copy Headers Internal */ = {isa = PBXBuildFile; fileRef = F67D4F3D1C7F5D8B0017C729 /* gtest-port-arch.h */; };
+ F67D4F441C7F5DD00017C729 /* gtest-port.h in Headers */ = {isa = PBXBuildFile; fileRef = F67D4F411C7F5DD00017C729 /* gtest-port.h */; };
+ F67D4F451C7F5DD00017C729 /* gtest-printers.h in Headers */ = {isa = PBXBuildFile; fileRef = F67D4F421C7F5DD00017C729 /* gtest-printers.h */; };
+ F67D4F461C7F5DD00017C729 /* gtest.h in Headers */ = {isa = PBXBuildFile; fileRef = F67D4F431C7F5DD00017C729 /* gtest.h */; };
+ F67D4F481C7F5E160017C729 /* gtest-port.h in Copy Headers Internal Custom */ = {isa = PBXBuildFile; fileRef = F67D4F411C7F5DD00017C729 /* gtest-port.h */; };
+ F67D4F491C7F5E260017C729 /* gtest-printers.h in Copy Headers Internal Custom */ = {isa = PBXBuildFile; fileRef = F67D4F421C7F5DD00017C729 /* gtest-printers.h */; };
/* End PBXBuildFile section */
/* Begin PBXContainerItemProxy section */
@@ -182,6 +189,7 @@
dstPath = Headers/internal;
dstSubfolderSpec = 6;
files = (
+ F67D4F3F1C7F5DA70017C729 /* gtest-port-arch.h in Copy Headers Internal */,
404884A00E2F7BE600CF7658 /* gtest-death-test-internal.h in Copy Headers Internal */,
404884A10E2F7BE600CF7658 /* gtest-filepath.h in Copy Headers Internal */,
404884A20E2F7BE600CF7658 /* gtest-internal.h in Copy Headers Internal */,
@@ -196,6 +204,18 @@
name = "Copy Headers Internal";
runOnlyForDeploymentPostprocessing = 0;
};
+ F67D4F471C7F5DF60017C729 /* Copy Headers Internal Custom */ = {
+ isa = PBXCopyFilesBuildPhase;
+ buildActionMask = 2147483647;
+ dstPath = Headers/internal/custom;
+ dstSubfolderSpec = 6;
+ files = (
+ F67D4F491C7F5E260017C729 /* gtest-printers.h in Copy Headers Internal Custom */,
+ F67D4F481C7F5E160017C729 /* gtest-port.h in Copy Headers Internal Custom */,
+ );
+ name = "Copy Headers Internal Custom";
+ runOnlyForDeploymentPostprocessing = 0;
+ };
/* End PBXCopyFilesBuildPhase section */
/* Begin PBXFileReference section */
@@ -217,7 +237,7 @@
404883E40E2F799B00CF7658 /* gtest-internal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "gtest-internal.h"; sourceTree = "<group>"; };
404883E50E2F799B00CF7658 /* gtest-port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "gtest-port.h"; sourceTree = "<group>"; };
404883E60E2F799B00CF7658 /* gtest-string.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "gtest-string.h"; sourceTree = "<group>"; };
- 404883F60E2F799B00CF7658 /* README */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; name = README; path = ../README; sourceTree = SOURCE_ROOT; };
+ 404883F60E2F799B00CF7658 /* README.md */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; name = README.md; path = ../README.md; sourceTree = SOURCE_ROOT; };
4048840D0E2F799B00CF7658 /* gtest_main.cc */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = gtest_main.cc; sourceTree = "<group>"; };
404884A90E2F7CD900CF7658 /* CHANGES */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; name = CHANGES; path = ../CHANGES; sourceTree = SOURCE_ROOT; };
404884AA0E2F7CD900CF7658 /* CONTRIBUTORS */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; name = CONTRIBUTORS; path = ../CONTRIBUTORS; sourceTree = SOURCE_ROOT; };
@@ -244,6 +264,10 @@
4539C9360EC280E200A70F4C /* gtest-param-util-generated.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "gtest-param-util-generated.h"; sourceTree = "<group>"; };
4539C9370EC280E200A70F4C /* gtest-param-util.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "gtest-param-util.h"; sourceTree = "<group>"; };
4567C8171264FF71007740BE /* gtest-printers.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "gtest-printers.h"; sourceTree = "<group>"; };
+ F67D4F3D1C7F5D8B0017C729 /* gtest-port-arch.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "gtest-port-arch.h"; sourceTree = "<group>"; };
+ F67D4F411C7F5DD00017C729 /* gtest-port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "gtest-port.h"; sourceTree = "<group>"; };
+ F67D4F421C7F5DD00017C729 /* gtest-printers.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "gtest-printers.h"; sourceTree = "<group>"; };
+ F67D4F431C7F5DD00017C729 /* gtest.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = gtest.h; sourceTree = "<group>"; };
/* End PBXFileReference section */
/* Begin PBXFrameworksBuildPhase section */
@@ -318,7 +342,7 @@
404884A90E2F7CD900CF7658 /* CHANGES */,
404884AA0E2F7CD900CF7658 /* CONTRIBUTORS */,
404884AB0E2F7CD900CF7658 /* LICENSE */,
- 404883F60E2F799B00CF7658 /* README */,
+ 404883F60E2F799B00CF7658 /* README.md */,
404883D90E2F799B00CF7658 /* include */,
4089A02F0FFACF84000B29AE /* samples */,
404884070E2F799B00CF7658 /* src */,
@@ -375,6 +399,7 @@
404883E10E2F799B00CF7658 /* internal */ = {
isa = PBXGroup;
children = (
+ F67D4F401C7F5DD00017C729 /* custom */,
404883E20E2F799B00CF7658 /* gtest-death-test-internal.h */,
404883E30E2F799B00CF7658 /* gtest-filepath.h */,
404883E40E2F799B00CF7658 /* gtest-internal.h */,
@@ -382,6 +407,7 @@
4539C9360EC280E200A70F4C /* gtest-param-util-generated.h */,
4539C9370EC280E200A70F4C /* gtest-param-util.h */,
404883E50E2F799B00CF7658 /* gtest-port.h */,
+ F67D4F3D1C7F5D8B0017C729 /* gtest-port-arch.h */,
404883E60E2F799B00CF7658 /* gtest-string.h */,
40899F4D0FFA7271000B29AE /* gtest-tuple.h */,
3BF6F29F0E79B5AD000F2EEE /* gtest-type-util.h */,
@@ -430,6 +456,16 @@
path = Resources;
sourceTree = "<group>";
};
+ F67D4F401C7F5DD00017C729 /* custom */ = {
+ isa = PBXGroup;
+ children = (
+ F67D4F411C7F5DD00017C729 /* gtest-port.h */,
+ F67D4F421C7F5DD00017C729 /* gtest-printers.h */,
+ F67D4F431C7F5DD00017C729 /* gtest.h */,
+ );
+ path = custom;
+ sourceTree = "<group>";
+ };
/* End PBXGroup section */
/* Begin PBXHeadersBuildPhase section */
@@ -437,10 +473,14 @@
isa = PBXHeadersBuildPhase;
buildActionMask = 2147483647;
files = (
+ F67D4F451C7F5DD00017C729 /* gtest-printers.h in Headers */,
404884380E2F799B00CF7658 /* gtest-death-test.h in Headers */,
404884390E2F799B00CF7658 /* gtest-message.h in Headers */,
4539C9340EC280AE00A70F4C /* gtest-param-test.h in Headers */,
+ F67D4F461C7F5DD00017C729 /* gtest.h in Headers */,
+ F67D4F441C7F5DD00017C729 /* gtest-port.h in Headers */,
4567C8181264FF71007740BE /* gtest-printers.h in Headers */,
+ F67D4F3E1C7F5D8B0017C729 /* gtest-port-arch.h in Headers */,
3BF6F2A50E79B616000F2EEE /* gtest-typed-test.h in Headers */,
4048843A0E2F799B00CF7658 /* gtest-spi.h in Headers */,
4048843B0E2F799B00CF7658 /* gtest.h in Headers */,
@@ -560,6 +600,7 @@
8D07F2C10486CC7A007CD1D0 /* Sources */,
8D07F2BD0486CC7A007CD1D0 /* Headers */,
404884A50E2F7C0400CF7658 /* Copy Headers Internal */,
+ F67D4F471C7F5DF60017C729 /* Copy Headers Internal Custom */,
8D07F2BF0486CC7A007CD1D0 /* Resources */,
);
buildRules = (
@@ -617,7 +658,7 @@
isa = PBXResourcesBuildPhase;
buildActionMask = 2147483647;
files = (
- 404884500E2F799B00CF7658 /* README in Resources */,
+ 404884500E2F799B00CF7658 /* README.md in Resources */,
404884AC0E2F7CD900CF7658 /* CHANGES in Resources */,
404884AD0E2F7CD900CF7658 /* CONTRIBUTORS in Resources */,
404884AE0E2F7CD900CF7658 /* LICENSE in Resources */,
@@ -1026,6 +1067,9 @@
isa = XCBuildConfiguration;
baseConfigurationReference = 40D4CDF10E30E07400294801 /* DebugProject.xcconfig */;
buildSettings = {
+ CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x";
+ CLANG_CXX_LIBRARY = "libc++";
+ MACOSX_DEPLOYMENT_TARGET = 10.7;
};
name = Debug;
};
@@ -1033,6 +1077,9 @@
isa = XCBuildConfiguration;
baseConfigurationReference = 40D4CDF40E30E07400294801 /* ReleaseProject.xcconfig */;
buildSettings = {
+ CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x";
+ CLANG_CXX_LIBRARY = "libc++";
+ MACOSX_DEPLOYMENT_TARGET = 10.7;
};
name = Release;
};
diff --git a/security/nss/gtests/google_test/update.sh b/security/nss/gtests/google_test/update.sh
new file mode 100644
index 000000000..cab804f69
--- /dev/null
+++ b/security/nss/gtests/google_test/update.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+# Use this script to update the copy of google test.
+# This won't commit any changes, so build and test afterwards.
+
+set -e
+
+if [ $# -lt 1 ]; then
+ echo "Usage: $0 <tag/commit>" 1>&2
+ exit 2
+fi
+
+cd "$(dirname "$0")"
+d=$(mktemp -d)
+trap 'rm -rf "$d"' EXIT
+../../fuzz/config/git-copy.sh https://github.com/google/googletest \
+ "$1" "$d"/googletest
+rm -rf gtest
+mv "$d"/googletest/googletest gtest
+echo "$1" > VERSION
+cat "$d"/googletest/.git-copy >> VERSION
diff --git a/security/nss/gtests/mozpkix_gtest/README.txt b/security/nss/gtests/mozpkix_gtest/README.txt
new file mode 100644
index 000000000..5d3484a21
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/README.txt
@@ -0,0 +1,61 @@
+-------------
+Running Tests
+-------------
+
+Because of the rules below, you can run all the unit tests in this directory,
+and only these tests, with:
+
+ mach gtest "pkix*"
+
+You can run just the tests for functions defined in filename pkixfoo.cpp with:
+
+ mach gtest "pkixfoo*"
+
+If you run "mach gtest" then you'll end up running every gtest in Gecko.
+
+
+
+------------
+Naming Files
+------------
+
+Name files containing tests according to one of the following patterns:
+
+ * <filename>_tests.cpp
+ * <filename>_<Function>_tests.cpp
+ * <filename>_<category>_tests.cpp
+
+ <filename> is the name of the file containing the definitions of the
+ function(s) being tested by every test.
+ <Function> is the name of the function that is being tested by every
+ test.
+ <category> describes the group of related functions that are being
+ tested by every test.
+
+
+
+------------------------------------------------
+Always Use a Fixture Class: TEST_F(), not TEST()
+------------------------------------------------
+
+Many tests don't technically need a fixture, and so TEST() could technically
+be used to define the test. However, when you use TEST_F() instead of TEST(),
+the compiler will not allow you to make any typos in the test case name, but
+if you use TEST() then the name of the test case is not checked.
+
+See https://code.google.com/p/googletest/wiki/Primer#Test_Fixtures:_Using_the_Same_Data_Configuration_for_Multiple_Te
+to learn more about test fixtures.
+
+---------------
+Naming Fixtures
+---------------
+
+When all tests in a file use the same fixture, use the base name of the file
+without the "_tests" suffix as the name of the fixture class; e.g. tests in
+"pkixocsp.cpp" should use a fixture "class pkixocsp" by default.
+
+Sometimes tests in a file need separate fixtures. In this case, name the
+fixture class according to the pattern <fixture_base>_<fixture_suffix>, where
+<fixture_base> is the base name of the file without the "_tests" suffix, and
+<fixture_suffix> is a descriptive name for the fixture class, e.g.
+"class pkixocsp_DelegatedResponder".
diff --git a/security/nss/gtests/mozpkix_gtest/mozpkix_gtest.gyp b/security/nss/gtests/mozpkix_gtest/mozpkix_gtest.gyp
new file mode 100644
index 000000000..899b849fc
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/mozpkix_gtest.gyp
@@ -0,0 +1,71 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi',
+ '../common/gtest.gypi',
+ ],
+ 'targets': [
+ {
+ 'target_name': 'mozpkix_gtest',
+ 'type': 'executable',
+ 'sources': [
+ '<(DEPTH)/gtests/common/gtests.cc',
+ 'pkixbuild_tests.cpp',
+ 'pkixcert_extension_tests.cpp',
+ 'pkixcert_signature_algorithm_tests.cpp',
+ 'pkixcheck_CheckExtendedKeyUsage_tests.cpp',
+ 'pkixcheck_CheckIssuer_tests.cpp',
+ 'pkixcheck_CheckKeyUsage_tests.cpp',
+ 'pkixcheck_CheckSignatureAlgorithm_tests.cpp',
+ 'pkixcheck_CheckValidity_tests.cpp',
+ 'pkixcheck_ParseValidity_tests.cpp',
+ 'pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp',
+ 'pkixder_input_tests.cpp',
+ 'pkixder_pki_types_tests.cpp',
+ 'pkixder_universal_types_tests.cpp',
+ 'pkixgtest.cpp',
+ 'pkixnames_tests.cpp',
+ 'pkixocsp_CreateEncodedOCSPRequest_tests.cpp',
+ 'pkixocsp_VerifyEncodedOCSPResponse.cpp',
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports',
+ '<(DEPTH)/gtests/google_test/google_test.gyp:gtest',
+ '<(DEPTH)/lib/util/util.gyp:nssutil',
+ '<(DEPTH)/lib/ssl/ssl.gyp:ssl',
+ '<(DEPTH)/lib/nss/nss.gyp:nss_static',
+ '<(DEPTH)/lib/pk11wrap/pk11wrap.gyp:pk11wrap_static',
+ '<(DEPTH)/lib/cryptohi/cryptohi.gyp:cryptohi',
+ '<(DEPTH)/lib/certhigh/certhigh.gyp:certhi',
+ '<(DEPTH)/lib/certdb/certdb.gyp:certdb',
+ '<(DEPTH)/lib/base/base.gyp:nssb',
+ '<(DEPTH)/lib/dev/dev.gyp:nssdev',
+ '<(DEPTH)/lib/pki/pki.gyp:nsspki',
+ '<(DEPTH)/lib/mozpkix/mozpkix.gyp:mozpkix',
+ '<(DEPTH)/lib/mozpkix/mozpkix.gyp:mozpkix-testlib',
+ ],
+ 'include_dirs': [
+ '<(DEPTH)/lib/mozpkix/',
+ '<(DEPTH)/lib/mozpkix/lib',
+ '<(DEPTH)/lib/mozpkix/include/',
+ '<(DEPTH)/lib/mozpkix/include/pkix-test/',
+ ],
+ 'conditions': [
+ [ 'OS=="win"', {
+ 'libraries': [
+ 'advapi32.lib',
+ ],
+ }],
+ ],
+ 'defines': [
+ 'NSS_USE_STATIC_LIBS'
+ ],
+ }
+ ],
+ 'variables': {
+ 'module': 'nss',
+ 'use_static_libs': 1,
+ }
+}
diff --git a/security/nss/gtests/mozpkix_gtest/pkixbuild_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixbuild_tests.cpp
new file mode 100644
index 000000000..e17321075
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixbuild_tests.cpp
@@ -0,0 +1,894 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if defined(_MSC_VER) && _MSC_VER < 1900
+// When building with -D_HAS_EXCEPTIONS=0, MSVC's <xtree> header triggers
+// warning C4702: unreachable code.
+// https://connect.microsoft.com/VisualStudio/feedback/details/809962
+#pragma warning(push)
+#pragma warning(disable: 4702)
+#endif
+
+#include <map>
+#include <vector>
+
+#if defined(_MSC_VER) && _MSC_VER < 1900
+#pragma warning(pop)
+#endif
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixder.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+static ByteString
+CreateCert(const char* issuerCN, // null means "empty name"
+ const char* subjectCN, // null means "empty name"
+ EndEntityOrCA endEntityOrCA,
+ /*optional modified*/ std::map<ByteString, ByteString>*
+ subjectDERToCertDER = nullptr,
+ /*optional*/ const ByteString* extension = nullptr,
+ /*optional*/ const TestKeyPair* issuerKeyPair = nullptr,
+ /*optional*/ const TestKeyPair* subjectKeyPair = nullptr)
+{
+ static long serialNumberValue = 0;
+ ++serialNumberValue;
+ ByteString serialNumber(CreateEncodedSerialNumber(serialNumberValue));
+ EXPECT_FALSE(ENCODING_FAILED(serialNumber));
+
+ ByteString issuerDER(issuerCN ? CNToDERName(issuerCN) : Name(ByteString()));
+ ByteString subjectDER(subjectCN ? CNToDERName(subjectCN) : Name(ByteString()));
+
+ std::vector<ByteString> extensions;
+ if (endEntityOrCA == EndEntityOrCA::MustBeCA) {
+ ByteString basicConstraints =
+ CreateEncodedBasicConstraints(true, nullptr, Critical::Yes);
+ EXPECT_FALSE(ENCODING_FAILED(basicConstraints));
+ extensions.push_back(basicConstraints);
+ }
+ if (extension) {
+ extensions.push_back(*extension);
+ }
+ extensions.push_back(ByteString()); // marks the end of the list
+
+ ScopedTestKeyPair reusedKey(CloneReusedKeyPair());
+ ByteString certDER(CreateEncodedCertificate(
+ v3, sha256WithRSAEncryption(), serialNumber, issuerDER,
+ oneDayBeforeNow, oneDayAfterNow, subjectDER,
+ subjectKeyPair ? *subjectKeyPair : *reusedKey,
+ extensions.data(),
+ issuerKeyPair ? *issuerKeyPair : *reusedKey,
+ sha256WithRSAEncryption()));
+ EXPECT_FALSE(ENCODING_FAILED(certDER));
+
+ if (subjectDERToCertDER) {
+ (*subjectDERToCertDER)[subjectDER] = certDER;
+ }
+
+ return certDER;
+}
+
+class TestTrustDomain final : public DefaultCryptoTrustDomain
+{
+public:
+ // The "cert chain tail" is a longish chain of certificates that is used by
+ // all of the tests here. We share this chain across all the tests in order
+ // to speed up the tests (generating keypairs for the certs is very slow).
+ bool SetUpCertChainTail()
+ {
+ static char const* const names[] = {
+ "CA1 (Root)", "CA2", "CA3", "CA4", "CA5", "CA6", "CA7"
+ };
+
+ for (size_t i = 0; i < MOZILLA_PKIX_ARRAY_LENGTH(names); ++i) {
+ const char* issuerName = i == 0 ? names[0] : names[i-1];
+ CreateCACert(issuerName, names[i]);
+ if (i == 0) {
+ rootCACertDER = leafCACertDER;
+ }
+ }
+
+ return true;
+ }
+
+ void CreateCACert(const char* issuerName, const char* subjectName)
+ {
+ leafCACertDER = CreateCert(issuerName, subjectName,
+ EndEntityOrCA::MustBeCA, &subjectDERToCertDER);
+ assert(!ENCODING_FAILED(leafCACertDER));
+ }
+
+ ByteString GetLeafCACertDER() const { return leafCACertDER; }
+
+private:
+ Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input candidateCert,
+ /*out*/ TrustLevel& trustLevel) override
+ {
+ trustLevel = InputEqualsByteString(candidateCert, rootCACertDER)
+ ? TrustLevel::TrustAnchor
+ : TrustLevel::InheritsTrust;
+ return Success;
+ }
+
+ Result FindIssuer(Input encodedIssuerName, IssuerChecker& checker, Time)
+ override
+ {
+ ByteString subjectDER(InputToByteString(encodedIssuerName));
+ ByteString certDER(subjectDERToCertDER[subjectDER]);
+ Input derCert;
+ Result rv = derCert.Init(certDER.data(), certDER.length());
+ if (rv != Success) {
+ return rv;
+ }
+ bool keepGoing;
+ rv = checker.Check(derCert, nullptr/*additionalNameConstraints*/,
+ keepGoing);
+ if (rv != Success) {
+ return rv;
+ }
+ return Success;
+ }
+
+ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
+ /*optional*/ const Input*, /*optional*/ const Input*)
+ override
+ {
+ return Success;
+ }
+
+ Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override
+ {
+ return Success;
+ }
+
+ std::map<ByteString, ByteString> subjectDERToCertDER;
+ ByteString leafCACertDER;
+ ByteString rootCACertDER;
+};
+
+class pkixbuild : public ::testing::Test
+{
+public:
+ static void SetUpTestCase()
+ {
+ if (!trustDomain.SetUpCertChainTail()) {
+ abort();
+ }
+ }
+
+protected:
+
+ static TestTrustDomain trustDomain;
+};
+
+/*static*/ TestTrustDomain pkixbuild::trustDomain;
+
+TEST_F(pkixbuild, MaxAcceptableCertChainLength)
+{
+ {
+ ByteString leafCACert(trustDomain.GetLeafCACertDER());
+ Input certDER;
+ ASSERT_EQ(Success, certDER.Init(leafCACert.data(), leafCACert.length()));
+ ASSERT_EQ(Success,
+ BuildCertChain(trustDomain, certDER, Now(),
+ EndEntityOrCA::MustBeCA,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_serverAuth,
+ CertPolicyId::anyPolicy,
+ nullptr/*stapledOCSPResponse*/));
+ }
+
+ {
+ ByteString certDER(CreateCert("CA7", "Direct End-Entity",
+ EndEntityOrCA::MustBeEndEntity));
+ ASSERT_FALSE(ENCODING_FAILED(certDER));
+ Input certDERInput;
+ ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length()));
+ ASSERT_EQ(Success,
+ BuildCertChain(trustDomain, certDERInput, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_serverAuth,
+ CertPolicyId::anyPolicy,
+ nullptr/*stapledOCSPResponse*/));
+ }
+}
+
+TEST_F(pkixbuild, BeyondMaxAcceptableCertChainLength)
+{
+ static char const* const caCertName = "CA Too Far";
+
+ trustDomain.CreateCACert("CA7", caCertName);
+
+ {
+ ByteString certDER(trustDomain.GetLeafCACertDER());
+ Input certDERInput;
+ ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length()));
+ ASSERT_EQ(Result::ERROR_UNKNOWN_ISSUER,
+ BuildCertChain(trustDomain, certDERInput, Now(),
+ EndEntityOrCA::MustBeCA,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_serverAuth,
+ CertPolicyId::anyPolicy,
+ nullptr/*stapledOCSPResponse*/));
+ }
+
+ {
+ ByteString certDER(CreateCert(caCertName, "End-Entity Too Far",
+ EndEntityOrCA::MustBeEndEntity));
+ ASSERT_FALSE(ENCODING_FAILED(certDER));
+ Input certDERInput;
+ ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length()));
+ ASSERT_EQ(Result::ERROR_UNKNOWN_ISSUER,
+ BuildCertChain(trustDomain, certDERInput, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_serverAuth,
+ CertPolicyId::anyPolicy,
+ nullptr/*stapledOCSPResponse*/));
+ }
+}
+
+// A TrustDomain that checks certificates against a given root certificate.
+// It is initialized with the DER encoding of a root certificate that
+// is treated as a trust anchor and is assumed to have issued all certificates
+// (i.e. FindIssuer always attempts to build the next step in the chain with
+// it).
+class SingleRootTrustDomain : public DefaultCryptoTrustDomain
+{
+public:
+ explicit SingleRootTrustDomain(ByteString aRootDER)
+ : rootDER(aRootDER)
+ {
+ }
+
+ // The CertPolicyId argument is unused because we don't care about EV.
+ Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input candidateCert,
+ /*out*/ TrustLevel& trustLevel) override
+ {
+ Input rootCert;
+ Result rv = rootCert.Init(rootDER.data(), rootDER.length());
+ if (rv != Success) {
+ return rv;
+ }
+ if (InputsAreEqual(candidateCert, rootCert)) {
+ trustLevel = TrustLevel::TrustAnchor;
+ } else {
+ trustLevel = TrustLevel::InheritsTrust;
+ }
+ return Success;
+ }
+
+ Result FindIssuer(Input, IssuerChecker& checker, Time) override
+ {
+ // keepGoing is an out parameter from IssuerChecker.Check. It would tell us
+ // whether or not to continue attempting other potential issuers. We only
+ // know of one potential issuer, however, so we ignore it.
+ bool keepGoing;
+ Input rootCert;
+ Result rv = rootCert.Init(rootDER.data(), rootDER.length());
+ if (rv != Success) {
+ return rv;
+ }
+ return checker.Check(rootCert, nullptr, keepGoing);
+ }
+
+ Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override
+ {
+ return Success;
+ }
+
+ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
+ /*optional*/ const Input*, /*optional*/ const Input*)
+ override
+ {
+ return Success;
+ }
+
+private:
+ ByteString rootDER;
+};
+
+// A TrustDomain that explicitly fails if CheckRevocation is called.
+class ExpiredCertTrustDomain final : public SingleRootTrustDomain
+{
+public:
+ explicit ExpiredCertTrustDomain(ByteString aRootDER)
+ : SingleRootTrustDomain(aRootDER)
+ {
+ }
+
+ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
+ /*optional*/ const Input*, /*optional*/ const Input*)
+ override
+ {
+ ADD_FAILURE();
+ return NotReached("CheckRevocation should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+};
+
+TEST_F(pkixbuild, NoRevocationCheckingForExpiredCert)
+{
+ const char* rootCN = "Root CA";
+ ByteString rootDER(CreateCert(rootCN, rootCN, EndEntityOrCA::MustBeCA,
+ nullptr));
+ EXPECT_FALSE(ENCODING_FAILED(rootDER));
+ ExpiredCertTrustDomain expiredCertTrustDomain(rootDER);
+
+ ByteString serialNumber(CreateEncodedSerialNumber(100));
+ EXPECT_FALSE(ENCODING_FAILED(serialNumber));
+ ByteString issuerDER(CNToDERName(rootCN));
+ ByteString subjectDER(CNToDERName("Expired End-Entity Cert"));
+ ScopedTestKeyPair reusedKey(CloneReusedKeyPair());
+ ByteString certDER(CreateEncodedCertificate(
+ v3, sha256WithRSAEncryption(),
+ serialNumber, issuerDER,
+ twoDaysBeforeNow,
+ oneDayBeforeNow,
+ subjectDER, *reusedKey, nullptr, *reusedKey,
+ sha256WithRSAEncryption()));
+ EXPECT_FALSE(ENCODING_FAILED(certDER));
+
+ Input cert;
+ ASSERT_EQ(Success, cert.Init(certDER.data(), certDER.length()));
+ ASSERT_EQ(Result::ERROR_EXPIRED_CERTIFICATE,
+ BuildCertChain(expiredCertTrustDomain, cert, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_serverAuth,
+ CertPolicyId::anyPolicy,
+ nullptr));
+}
+
+class DSSTrustDomain final : public EverythingFailsByDefaultTrustDomain
+{
+public:
+ Result GetCertTrust(EndEntityOrCA, const CertPolicyId&,
+ Input, /*out*/ TrustLevel& trustLevel) override
+ {
+ trustLevel = TrustLevel::TrustAnchor;
+ return Success;
+ }
+};
+
+class pkixbuild_DSS : public ::testing::Test { };
+
+TEST_F(pkixbuild_DSS, DSSEndEntityKeyNotAccepted)
+{
+ DSSTrustDomain trustDomain;
+
+ ByteString serialNumber(CreateEncodedSerialNumber(1));
+ ASSERT_FALSE(ENCODING_FAILED(serialNumber));
+
+ ByteString subjectDER(CNToDERName("DSS"));
+ ASSERT_FALSE(ENCODING_FAILED(subjectDER));
+ ScopedTestKeyPair subjectKey(GenerateDSSKeyPair());
+ ASSERT_TRUE(subjectKey.get());
+
+ ByteString issuerDER(CNToDERName("RSA"));
+ ASSERT_FALSE(ENCODING_FAILED(issuerDER));
+ ScopedTestKeyPair issuerKey(CloneReusedKeyPair());
+ ASSERT_TRUE(issuerKey.get());
+
+ ByteString cert(CreateEncodedCertificate(v3, sha256WithRSAEncryption(),
+ serialNumber, issuerDER,
+ oneDayBeforeNow, oneDayAfterNow,
+ subjectDER, *subjectKey, nullptr,
+ *issuerKey, sha256WithRSAEncryption()));
+ ASSERT_FALSE(ENCODING_FAILED(cert));
+ Input certDER;
+ ASSERT_EQ(Success, certDER.Init(cert.data(), cert.length()));
+
+ ASSERT_EQ(Result::ERROR_UNSUPPORTED_KEYALG,
+ BuildCertChain(trustDomain, certDER, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_serverAuth,
+ CertPolicyId::anyPolicy,
+ nullptr/*stapledOCSPResponse*/));
+}
+
+class IssuerNameCheckTrustDomain final : public DefaultCryptoTrustDomain
+{
+public:
+ IssuerNameCheckTrustDomain(const ByteString& aIssuer, bool aExpectedKeepGoing)
+ : issuer(aIssuer)
+ , expectedKeepGoing(aExpectedKeepGoing)
+ {
+ }
+
+ Result GetCertTrust(EndEntityOrCA endEntityOrCA, const CertPolicyId&, Input,
+ /*out*/ TrustLevel& trustLevel) override
+ {
+ trustLevel = endEntityOrCA == EndEntityOrCA::MustBeCA
+ ? TrustLevel::TrustAnchor
+ : TrustLevel::InheritsTrust;
+ return Success;
+ }
+
+ Result FindIssuer(Input, IssuerChecker& checker, Time) override
+ {
+ Input issuerInput;
+ EXPECT_EQ(Success, issuerInput.Init(issuer.data(), issuer.length()));
+ bool keepGoing;
+ EXPECT_EQ(Success,
+ checker.Check(issuerInput, nullptr /*additionalNameConstraints*/,
+ keepGoing));
+ EXPECT_EQ(expectedKeepGoing, keepGoing);
+ return Success;
+ }
+
+ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
+ /*optional*/ const Input*, /*optional*/ const Input*)
+ override
+ {
+ return Success;
+ }
+
+ Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override
+ {
+ return Success;
+ }
+
+private:
+ const ByteString issuer;
+ const bool expectedKeepGoing;
+};
+
+struct IssuerNameCheckParams
+{
+ const char* subjectIssuerCN; // null means "empty name"
+ const char* issuerSubjectCN; // null means "empty name"
+ bool matches;
+ Result expectedError;
+};
+
+static const IssuerNameCheckParams ISSUER_NAME_CHECK_PARAMS[] =
+{
+ { "foo", "foo", true, Success },
+ { "foo", "bar", false, Result::ERROR_UNKNOWN_ISSUER },
+ { "f", "foo", false, Result::ERROR_UNKNOWN_ISSUER }, // prefix
+ { "foo", "f", false, Result::ERROR_UNKNOWN_ISSUER }, // prefix
+ { "foo", "Foo", false, Result::ERROR_UNKNOWN_ISSUER }, // case sensitive
+ { "", "", true, Success },
+ { nullptr, nullptr, false, Result::ERROR_EMPTY_ISSUER_NAME }, // empty issuer
+
+ // check that certificate-related errors are deferred and superseded by
+ // ERROR_UNKNOWN_ISSUER when a chain can't be built due to name mismatches
+ { "foo", nullptr, false, Result::ERROR_UNKNOWN_ISSUER },
+ { nullptr, "foo", false, Result::ERROR_UNKNOWN_ISSUER }
+};
+
+class pkixbuild_IssuerNameCheck
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<IssuerNameCheckParams>
+{
+};
+
+TEST_P(pkixbuild_IssuerNameCheck, MatchingName)
+{
+ const IssuerNameCheckParams& params(GetParam());
+
+ ByteString issuerCertDER(CreateCert(params.issuerSubjectCN,
+ params.issuerSubjectCN,
+ EndEntityOrCA::MustBeCA, nullptr));
+ ASSERT_FALSE(ENCODING_FAILED(issuerCertDER));
+
+ ByteString subjectCertDER(CreateCert(params.subjectIssuerCN, "end-entity",
+ EndEntityOrCA::MustBeEndEntity,
+ nullptr));
+ ASSERT_FALSE(ENCODING_FAILED(subjectCertDER));
+
+ Input subjectCertDERInput;
+ ASSERT_EQ(Success, subjectCertDERInput.Init(subjectCertDER.data(),
+ subjectCertDER.length()));
+
+ IssuerNameCheckTrustDomain trustDomain(issuerCertDER, !params.matches);
+ ASSERT_EQ(params.expectedError,
+ BuildCertChain(trustDomain, subjectCertDERInput, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_serverAuth,
+ CertPolicyId::anyPolicy,
+ nullptr/*stapledOCSPResponse*/));
+}
+
+INSTANTIATE_TEST_CASE_P(pkixbuild_IssuerNameCheck, pkixbuild_IssuerNameCheck,
+ testing::ValuesIn(ISSUER_NAME_CHECK_PARAMS));
+
+
+// Records the embedded SCT list extension for later examination.
+class EmbeddedSCTListTestTrustDomain final : public SingleRootTrustDomain
+{
+public:
+ explicit EmbeddedSCTListTestTrustDomain(ByteString aRootDER)
+ : SingleRootTrustDomain(aRootDER)
+ {
+ }
+
+ virtual void NoteAuxiliaryExtension(AuxiliaryExtension extension,
+ Input extensionData) override
+ {
+ if (extension == AuxiliaryExtension::EmbeddedSCTList) {
+ signedCertificateTimestamps = InputToByteString(extensionData);
+ } else {
+ ADD_FAILURE();
+ }
+ }
+
+ ByteString signedCertificateTimestamps;
+};
+
+TEST_F(pkixbuild, CertificateTransparencyExtension)
+{
+ // python security/pkix/tools/DottedOIDToCode.py --tlv
+ // id-embeddedSctList 1.3.6.1.4.1.11129.2.4.2
+ static const uint8_t tlv_id_embeddedSctList[] = {
+ 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x04, 0x02
+ };
+ static const uint8_t dummySctList[] = {
+ 0x01, 0x02, 0x03, 0x04, 0x05
+ };
+
+ ByteString ctExtension = TLV(der::SEQUENCE,
+ BytesToByteString(tlv_id_embeddedSctList) +
+ Boolean(false) +
+ TLV(der::OCTET_STRING,
+ // SignedCertificateTimestampList structure is encoded as an OCTET STRING
+ // within the X.509v3 extension (see RFC 6962 section 3.3).
+ // pkix decodes it internally and returns the actual structure.
+ TLV(der::OCTET_STRING, BytesToByteString(dummySctList))));
+
+ const char* rootCN = "Root CA";
+ ByteString rootDER(CreateCert(rootCN, rootCN, EndEntityOrCA::MustBeCA));
+ ASSERT_FALSE(ENCODING_FAILED(rootDER));
+
+ ByteString certDER(CreateCert(rootCN, "Cert with SCT list",
+ EndEntityOrCA::MustBeEndEntity,
+ nullptr, /*subjectDERToCertDER*/
+ &ctExtension));
+ ASSERT_FALSE(ENCODING_FAILED(certDER));
+
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(certDER.data(), certDER.length()));
+
+ EmbeddedSCTListTestTrustDomain extTrustDomain(rootDER);
+ ASSERT_EQ(Success,
+ BuildCertChain(extTrustDomain, certInput, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::anyExtendedKeyUsage,
+ CertPolicyId::anyPolicy,
+ nullptr /*stapledOCSPResponse*/));
+ ASSERT_EQ(BytesToByteString(dummySctList),
+ extTrustDomain.signedCertificateTimestamps);
+}
+
+// This TrustDomain implements a hierarchy like so:
+//
+// A B
+// | |
+// C D
+// \ /
+// E
+//
+// where A is a trust anchor, B is not a trust anchor and has no known issuer, C
+// and D are intermediates with the same subject and subject public key, and E
+// is an end-entity (in practice, the end-entity will be generated by the test
+// functions using this trust domain).
+class MultiplePathTrustDomain: public DefaultCryptoTrustDomain
+{
+public:
+ void SetUpCerts()
+ {
+ ASSERT_FALSE(ENCODING_FAILED(CreateCert("UntrustedRoot", "UntrustedRoot",
+ EndEntityOrCA::MustBeCA,
+ &subjectDERToCertDER)));
+ // The subject DER -> cert DER mapping would be overwritten for subject
+ // "Intermediate" when we create the second "Intermediate" certificate, so
+ // we keep a copy of this "Intermediate".
+ intermediateSignedByUntrustedRootCertDER =
+ CreateCert("UntrustedRoot", "Intermediate", EndEntityOrCA::MustBeCA);
+ ASSERT_FALSE(ENCODING_FAILED(intermediateSignedByUntrustedRootCertDER));
+ rootCACertDER = CreateCert("TrustedRoot", "TrustedRoot",
+ EndEntityOrCA::MustBeCA, &subjectDERToCertDER);
+ ASSERT_FALSE(ENCODING_FAILED(rootCACertDER));
+ ASSERT_FALSE(ENCODING_FAILED(CreateCert("TrustedRoot", "Intermediate",
+ EndEntityOrCA::MustBeCA,
+ &subjectDERToCertDER)));
+ }
+
+private:
+ Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input candidateCert,
+ /*out*/ TrustLevel& trustLevel) override
+ {
+ trustLevel = InputEqualsByteString(candidateCert, rootCACertDER)
+ ? TrustLevel::TrustAnchor
+ : TrustLevel::InheritsTrust;
+ return Success;
+ }
+
+ Result CheckCert(ByteString& certDER, IssuerChecker& checker, bool& keepGoing)
+ {
+ Input derCert;
+ Result rv = derCert.Init(certDER.data(), certDER.length());
+ if (rv != Success) {
+ return rv;
+ }
+ return checker.Check(derCert, nullptr/*additionalNameConstraints*/,
+ keepGoing);
+ }
+
+ Result FindIssuer(Input encodedIssuerName, IssuerChecker& checker, Time)
+ override
+ {
+ ByteString subjectDER(InputToByteString(encodedIssuerName));
+ ByteString certDER(subjectDERToCertDER[subjectDER]);
+ assert(!ENCODING_FAILED(certDER));
+ bool keepGoing;
+ Result rv = CheckCert(certDER, checker, keepGoing);
+ if (rv != Success) {
+ return rv;
+ }
+ // Also try the other intermediate.
+ if (keepGoing) {
+ rv = CheckCert(intermediateSignedByUntrustedRootCertDER, checker,
+ keepGoing);
+ if (rv != Success) {
+ return rv;
+ }
+ }
+ return Success;
+ }
+
+ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
+ /*optional*/ const Input*,
+ /*optional*/ const Input*) override
+ {
+ return Success;
+ }
+
+ Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override
+ {
+ return Success;
+ }
+
+ std::map<ByteString, ByteString> subjectDERToCertDER;
+ ByteString rootCACertDER;
+ ByteString intermediateSignedByUntrustedRootCertDER;
+};
+
+TEST_F(pkixbuild, BadEmbeddedSCTWithMultiplePaths)
+{
+ MultiplePathTrustDomain localTrustDomain;
+ localTrustDomain.SetUpCerts();
+
+ // python security/pkix/tools/DottedOIDToCode.py --tlv
+ // id-embeddedSctList 1.3.6.1.4.1.11129.2.4.2
+ static const uint8_t tlv_id_embeddedSctList[] = {
+ 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x04, 0x02
+ };
+ static const uint8_t dummySctList[] = {
+ 0x01, 0x02, 0x03, 0x04, 0x05
+ };
+ ByteString ctExtension = TLV(der::SEQUENCE,
+ BytesToByteString(tlv_id_embeddedSctList) +
+ Boolean(false) +
+ // The contents of the OCTET STRING are supposed to consist of an OCTET
+ // STRING of useful data. We're testing what happens if it isn't, so shove
+ // some bogus (non-OCTET STRING) data in there.
+ TLV(der::OCTET_STRING, BytesToByteString(dummySctList)));
+ ByteString certDER(CreateCert("Intermediate", "Cert with bogus SCT list",
+ EndEntityOrCA::MustBeEndEntity,
+ nullptr, /*subjectDERToCertDER*/
+ &ctExtension));
+ ASSERT_FALSE(ENCODING_FAILED(certDER));
+ Input certDERInput;
+ ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length()));
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ BuildCertChain(localTrustDomain, certDERInput, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_serverAuth,
+ CertPolicyId::anyPolicy,
+ nullptr/*stapledOCSPResponse*/));
+}
+
+// Same as a MultiplePathTrustDomain, but the end-entity is revoked.
+class RevokedEndEntityTrustDomain final : public MultiplePathTrustDomain
+{
+public:
+ Result CheckRevocation(EndEntityOrCA endEntityOrCA, const CertID&, Time,
+ Duration, /*optional*/ const Input*,
+ /*optional*/ const Input*) override
+ {
+ if (endEntityOrCA == EndEntityOrCA::MustBeEndEntity) {
+ return Result::ERROR_REVOKED_CERTIFICATE;
+ }
+ return Success;
+ }
+};
+
+TEST_F(pkixbuild, RevokedEndEntityWithMultiplePaths)
+{
+ RevokedEndEntityTrustDomain localTrustDomain;
+ localTrustDomain.SetUpCerts();
+ ByteString certDER(CreateCert("Intermediate", "RevokedEndEntity",
+ EndEntityOrCA::MustBeEndEntity));
+ ASSERT_FALSE(ENCODING_FAILED(certDER));
+ Input certDERInput;
+ ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length()));
+ ASSERT_EQ(Result::ERROR_REVOKED_CERTIFICATE,
+ BuildCertChain(localTrustDomain, certDERInput, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_serverAuth,
+ CertPolicyId::anyPolicy,
+ nullptr/*stapledOCSPResponse*/));
+}
+
+// This represents a collection of different certificates that all have the same
+// subject and issuer distinguished name.
+class SelfIssuedCertificatesTrustDomain final : public DefaultCryptoTrustDomain
+{
+public:
+ void SetUpCerts(size_t totalCerts)
+ {
+ ASSERT_TRUE(totalCerts > 0);
+ // First we generate a trust anchor.
+ ScopedTestKeyPair rootKeyPair(GenerateKeyPair());
+ rootCACertDER = CreateCert("DN", "DN", EndEntityOrCA::MustBeCA, nullptr,
+ nullptr, rootKeyPair.get(), rootKeyPair.get());
+ ASSERT_FALSE(ENCODING_FAILED(rootCACertDER));
+ certs.push_back(rootCACertDER);
+ ScopedTestKeyPair issuerKeyPair(rootKeyPair.release());
+ size_t subCAsGenerated;
+ // Then we generate 6 sub-CAs (given that we were requested to generate at
+ // least that many).
+ for (subCAsGenerated = 0;
+ subCAsGenerated < totalCerts - 1 && subCAsGenerated < 6;
+ subCAsGenerated++) {
+ // Each certificate has to have a unique SPKI (mozilla::pkix does loop
+ // detection and stops searching if it encounters two certificates in a
+ // path with the same subject and SPKI).
+ ScopedTestKeyPair keyPair(GenerateKeyPair());
+ ByteString cert(CreateCert("DN", "DN", EndEntityOrCA::MustBeCA, nullptr,
+ nullptr, issuerKeyPair.get(), keyPair.get()));
+ ASSERT_FALSE(ENCODING_FAILED(cert));
+ certs.push_back(cert);
+ issuerKeyPair.reset(keyPair.release());
+ }
+ // We set firstIssuerKey here because we can't end up with a path that has
+ // more than 7 CAs in it (because mozilla::pkix limits the path length).
+ firstIssuerKey.reset(issuerKeyPair.release());
+ // For any more sub CAs we generate, it doesn't matter what their keys are
+ // as long as they're different.
+ for (; subCAsGenerated < totalCerts - 1; subCAsGenerated++) {
+ ScopedTestKeyPair keyPair(GenerateKeyPair());
+ ByteString cert(CreateCert("DN", "DN", EndEntityOrCA::MustBeCA, nullptr,
+ nullptr, keyPair.get(), keyPair.get()));
+ ASSERT_FALSE(ENCODING_FAILED(cert));
+ certs.insert(certs.begin(), cert);
+ }
+ }
+
+ const TestKeyPair* GetFirstIssuerKey()
+ {
+ return firstIssuerKey.get();
+ }
+
+private:
+ Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input candidateCert,
+ /*out*/ TrustLevel& trustLevel) override
+ {
+ trustLevel = InputEqualsByteString(candidateCert, rootCACertDER)
+ ? TrustLevel::TrustAnchor
+ : TrustLevel::InheritsTrust;
+ return Success;
+ }
+
+ Result FindIssuer(Input, IssuerChecker& checker, Time) override
+ {
+ bool keepGoing;
+ for (auto& cert: certs) {
+ Input certInput;
+ Result rv = certInput.Init(cert.data(), cert.length());
+ if (rv != Success) {
+ return rv;
+ }
+ rv = checker.Check(certInput, nullptr, keepGoing);
+ if (rv != Success || !keepGoing) {
+ return rv;
+ }
+ }
+ return Success;
+ }
+
+ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
+ /*optional*/ const Input*, /*optional*/ const Input*)
+ override
+ {
+ return Success;
+ }
+
+ Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override
+ {
+ return Success;
+ }
+
+ std::vector<ByteString> certs;
+ ByteString rootCACertDER;
+ ScopedTestKeyPair firstIssuerKey;
+};
+
+TEST_F(pkixbuild, AvoidUnboundedPathSearchingFailure)
+{
+ SelfIssuedCertificatesTrustDomain localTrustDomain;
+ // This creates a few hundred million potential paths of length 8 (end entity
+ // + 6 sub-CAs + root). It would be prohibitively expensive to enumerate all
+ // of these, so we give mozilla::pkix a budget that is spent when searching
+ // paths. If the budget is exhausted, it simply returns an unknown issuer
+ // error. In the future it might be nice to return a specific error that would
+ // give the front-end a hint that maybe it shouldn't have so many certificates
+ // that all have the same subject and issuer DN but different SPKIs.
+ localTrustDomain.SetUpCerts(18);
+ ByteString certDER(CreateCert("DN", "DN", EndEntityOrCA::MustBeEndEntity,
+ nullptr, nullptr,
+ localTrustDomain.GetFirstIssuerKey()));
+ ASSERT_FALSE(ENCODING_FAILED(certDER));
+ Input certDERInput;
+ ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length()));
+ ASSERT_EQ(Result::ERROR_UNKNOWN_ISSUER,
+ BuildCertChain(localTrustDomain, certDERInput, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_serverAuth,
+ CertPolicyId::anyPolicy,
+ nullptr/*stapledOCSPResponse*/));
+}
+
+TEST_F(pkixbuild, AvoidUnboundedPathSearchingSuccess)
+{
+ SelfIssuedCertificatesTrustDomain localTrustDomain;
+ // This creates a few hundred thousand possible potential paths of length 8
+ // (end entity + 6 sub-CAs + root). This will nearly exhaust mozilla::pkix's
+ // search budget, so this should succeed.
+ localTrustDomain.SetUpCerts(10);
+ ByteString certDER(CreateCert("DN", "DN", EndEntityOrCA::MustBeEndEntity,
+ nullptr, nullptr,
+ localTrustDomain.GetFirstIssuerKey()));
+ ASSERT_FALSE(ENCODING_FAILED(certDER));
+ Input certDERInput;
+ ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length()));
+ ASSERT_EQ(Success,
+ BuildCertChain(localTrustDomain, certDERInput, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_serverAuth,
+ CertPolicyId::anyPolicy,
+ nullptr/*stapledOCSPResponse*/));
+}
diff --git a/security/nss/gtests/mozpkix_gtest/pkixcert_extension_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixcert_extension_tests.cpp
new file mode 100644
index 000000000..762fac146
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixcert_extension_tests.cpp
@@ -0,0 +1,276 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixder.h"
+#include "mozpkix/test/pkixtestutil.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+// Creates a self-signed certificate with the given extension.
+static ByteString
+CreateCertWithExtensions(const char* subjectCN,
+ const ByteString* extensions)
+{
+ static long serialNumberValue = 0;
+ ++serialNumberValue;
+ ByteString serialNumber(CreateEncodedSerialNumber(serialNumberValue));
+ EXPECT_FALSE(ENCODING_FAILED(serialNumber));
+ ByteString issuerDER(CNToDERName(subjectCN));
+ EXPECT_FALSE(ENCODING_FAILED(issuerDER));
+ ByteString subjectDER(CNToDERName(subjectCN));
+ EXPECT_FALSE(ENCODING_FAILED(subjectDER));
+ ScopedTestKeyPair subjectKey(CloneReusedKeyPair());
+ return CreateEncodedCertificate(v3, sha256WithRSAEncryption(),
+ serialNumber, issuerDER,
+ oneDayBeforeNow, oneDayAfterNow,
+ subjectDER, *subjectKey, extensions,
+ *subjectKey,
+ sha256WithRSAEncryption());
+}
+
+// Creates a self-signed certificate with the given extension.
+static ByteString
+CreateCertWithOneExtension(const char* subjectStr, const ByteString& extension)
+{
+ const ByteString extensions[] = { extension, ByteString() };
+ return CreateCertWithExtensions(subjectStr, extensions);
+}
+
+class TrustEverythingTrustDomain final : public DefaultCryptoTrustDomain
+{
+private:
+ Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input,
+ /*out*/ TrustLevel& trustLevel) override
+ {
+ trustLevel = TrustLevel::TrustAnchor;
+ return Success;
+ }
+
+ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
+ /*optional*/ const Input*, /*optional*/ const Input*)
+ override
+ {
+ return Success;
+ }
+
+ Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override
+ {
+ return Success;
+ }
+};
+
+// python DottedOIDToCode.py --tlv unknownExtensionOID 1.3.6.1.4.1.13769.666.666.666.1.500.9.3
+static const uint8_t tlv_unknownExtensionOID[] = {
+ 0x06, 0x12, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xeb, 0x49, 0x85, 0x1a, 0x85, 0x1a,
+ 0x85, 0x1a, 0x01, 0x83, 0x74, 0x09, 0x03
+};
+
+// python DottedOIDToCode.py --tlv id-pe-authorityInformationAccess 1.3.6.1.5.5.7.1.1
+static const uint8_t tlv_id_pe_authorityInformationAccess[] = {
+ 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01
+};
+
+// python DottedOIDToCode.py --tlv wrongExtensionOID 1.3.6.6.1.5.5.7.1.1
+// (there is an extra "6" that shouldn't be in this OID)
+static const uint8_t tlv_wrongExtensionOID[] = {
+ 0x06, 0x09, 0x2b, 0x06, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01
+};
+
+// python DottedOIDToCode.py --tlv id-ce-unknown 2.5.29.55
+// (this is a made-up OID for testing "id-ce"-prefixed OIDs that mozilla::pkix
+// doesn't handle)
+static const uint8_t tlv_id_ce_unknown[] = {
+ 0x06, 0x03, 0x55, 0x1d, 0x37
+};
+
+// python DottedOIDToCode.py --tlv id-ce-inhibitAnyPolicy 2.5.29.54
+static const uint8_t tlv_id_ce_inhibitAnyPolicy[] = {
+ 0x06, 0x03, 0x55, 0x1d, 0x36
+};
+
+// python DottedOIDToCode.py --tlv id-pkix-ocsp-nocheck 1.3.6.1.5.5.7.48.1.5
+static const uint8_t tlv_id_pkix_ocsp_nocheck[] = {
+ 0x06, 0x09, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x05
+};
+
+struct ExtensionTestcase
+{
+ ByteString extension;
+ Result expectedResult;
+};
+
+::std::ostream& operator<<(::std::ostream& os, const ExtensionTestcase&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+static const ExtensionTestcase EXTENSION_TESTCASES[] =
+{
+ // Tests that a non-critical extension not in the id-ce or id-pe arcs (which
+ // is thus unknown to us) verifies successfully even if empty (extensions we
+ // know about aren't normally allowed to be empty).
+ { TLV(der::SEQUENCE,
+ BytesToByteString(tlv_unknownExtensionOID) +
+ TLV(der::OCTET_STRING, ByteString())),
+ Success
+ },
+
+ // Tests that a critical extension not in the id-ce or id-pe arcs (which is
+ // thus unknown to us) is detected and that verification fails with the
+ // appropriate error.
+ { TLV(der::SEQUENCE,
+ BytesToByteString(tlv_unknownExtensionOID) +
+ Boolean(true) +
+ TLV(der::OCTET_STRING, ByteString())),
+ Result::ERROR_UNKNOWN_CRITICAL_EXTENSION
+ },
+
+ // Tests that a id-pe-authorityInformationAccess critical extension
+ // is detected and that verification succeeds.
+ // XXX: According to RFC 5280 an AIA that consists of an empty sequence is
+ // not legal, but we accept it and that is not what we're testing here.
+ { TLV(der::SEQUENCE,
+ BytesToByteString(tlv_id_pe_authorityInformationAccess) +
+ Boolean(true) +
+ TLV(der::OCTET_STRING, TLV(der::SEQUENCE, ByteString()))),
+ Success
+ },
+
+ // Tests that an incorrect OID for id-pe-authorityInformationAccess
+ // (when marked critical) is detected and that verification fails.
+ // (Until bug 1020993 was fixed, this wrong value was used for
+ // id-pe-authorityInformationAccess.)
+ { TLV(der::SEQUENCE,
+ BytesToByteString(tlv_wrongExtensionOID) +
+ Boolean(true) +
+ TLV(der::OCTET_STRING, ByteString())),
+ Result::ERROR_UNKNOWN_CRITICAL_EXTENSION
+ },
+
+ // We know about some id-ce extensions (OID arc 2.5.29), but not all of them.
+ // Tests that an unknown id-ce extension is detected and that verification
+ // fails.
+ { TLV(der::SEQUENCE,
+ BytesToByteString(tlv_id_ce_unknown) +
+ Boolean(true) +
+ TLV(der::OCTET_STRING, ByteString())),
+ Result::ERROR_UNKNOWN_CRITICAL_EXTENSION
+ },
+
+ // Tests that a certificate with a known critical id-ce extension (in this
+ // case, OID 2.5.29.54, which is id-ce-inhibitAnyPolicy), verifies
+ // successfully.
+ { TLV(der::SEQUENCE,
+ BytesToByteString(tlv_id_ce_inhibitAnyPolicy) +
+ Boolean(true) +
+ TLV(der::OCTET_STRING, Integer(0))),
+ Success
+ },
+
+ // Tests that a certificate with the id-pkix-ocsp-nocheck extension (marked
+ // critical) verifies successfully.
+ // RFC 6960:
+ // ext-ocsp-nocheck EXTENSION ::= { SYNTAX NULL IDENTIFIED
+ // BY id-pkix-ocsp-nocheck }
+ { TLV(der::SEQUENCE,
+ BytesToByteString(tlv_id_pkix_ocsp_nocheck) +
+ Boolean(true) +
+ TLV(der::OCTET_STRING, TLV(der::NULLTag, ByteString()))),
+ Success
+ },
+
+ // Tests that a certificate with another representation of the
+ // id-pkix-ocsp-nocheck extension (marked critical) verifies successfully.
+ // According to http://comments.gmane.org/gmane.ietf.x509/30947,
+ // some code creates certificates where value of the extension is
+ // an empty OCTET STRING.
+ { TLV(der::SEQUENCE,
+ BytesToByteString(tlv_id_pkix_ocsp_nocheck) +
+ Boolean(true) +
+ TLV(der::OCTET_STRING, ByteString())),
+ Success
+ },
+};
+
+class pkixcert_extension
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<ExtensionTestcase>
+{
+protected:
+ static TrustEverythingTrustDomain trustDomain;
+};
+
+/*static*/ TrustEverythingTrustDomain pkixcert_extension::trustDomain;
+
+TEST_P(pkixcert_extension, ExtensionHandledProperly)
+{
+ const ExtensionTestcase& testcase(GetParam());
+ const char* cn = "Cert Extension Test";
+ ByteString cert(CreateCertWithOneExtension(cn, testcase.extension));
+ ASSERT_FALSE(ENCODING_FAILED(cert));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(cert.data(), cert.length()));
+ ASSERT_EQ(testcase.expectedResult,
+ BuildCertChain(trustDomain, certInput, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::anyExtendedKeyUsage,
+ CertPolicyId::anyPolicy,
+ nullptr/*stapledOCSPResponse*/));
+}
+
+INSTANTIATE_TEST_CASE_P(pkixcert_extension,
+ pkixcert_extension,
+ testing::ValuesIn(EXTENSION_TESTCASES));
+
+// Two subjectAltNames must result in an error.
+TEST_F(pkixcert_extension, DuplicateSubjectAltName)
+{
+ // python DottedOIDToCode.py --tlv id-ce-subjectAltName 2.5.29.17
+ static const uint8_t tlv_id_ce_subjectAltName[] = {
+ 0x06, 0x03, 0x55, 0x1d, 0x11
+ };
+
+ ByteString subjectAltName(
+ TLV(der::SEQUENCE,
+ BytesToByteString(tlv_id_ce_subjectAltName) +
+ TLV(der::OCTET_STRING, TLV(der::SEQUENCE, DNSName("example.com")))));
+ static const ByteString extensions[] = { subjectAltName, subjectAltName,
+ ByteString() };
+ static const char* certCN = "Cert With Duplicate subjectAltName";
+ ByteString cert(CreateCertWithExtensions(certCN, extensions));
+ ASSERT_FALSE(ENCODING_FAILED(cert));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(cert.data(), cert.length()));
+ ASSERT_EQ(Result::ERROR_EXTENSION_VALUE_INVALID,
+ BuildCertChain(trustDomain, certInput, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::anyExtendedKeyUsage,
+ CertPolicyId::anyPolicy,
+ nullptr/*stapledOCSPResponse*/));
+}
diff --git a/security/nss/gtests/mozpkix_gtest/pkixcert_signature_algorithm_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixcert_signature_algorithm_tests.cpp
new file mode 100644
index 000000000..00ccffb04
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixcert_signature_algorithm_tests.cpp
@@ -0,0 +1,259 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixder.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+static ByteString
+CreateCert(const char* issuerCN,
+ const char* subjectCN,
+ EndEntityOrCA endEntityOrCA,
+ const TestSignatureAlgorithm& signatureAlgorithm,
+ /*out*/ ByteString& subjectDER)
+{
+ static long serialNumberValue = 0;
+ ++serialNumberValue;
+ ByteString serialNumber(CreateEncodedSerialNumber(serialNumberValue));
+ EXPECT_FALSE(ENCODING_FAILED(serialNumber));
+
+ ByteString issuerDER(CNToDERName(issuerCN));
+ EXPECT_FALSE(ENCODING_FAILED(issuerDER));
+ subjectDER = CNToDERName(subjectCN);
+ EXPECT_FALSE(ENCODING_FAILED(subjectDER));
+
+ ByteString extensions[2];
+ if (endEntityOrCA == EndEntityOrCA::MustBeCA) {
+ extensions[0] =
+ CreateEncodedBasicConstraints(true, nullptr, Critical::Yes);
+ EXPECT_FALSE(ENCODING_FAILED(extensions[0]));
+ }
+
+ ScopedTestKeyPair reusedKey(CloneReusedKeyPair());
+ ByteString certDER(CreateEncodedCertificate(v3, signatureAlgorithm,
+ serialNumber, issuerDER,
+ oneDayBeforeNow, oneDayAfterNow,
+ subjectDER, *reusedKey,
+ extensions, *reusedKey,
+ signatureAlgorithm));
+ EXPECT_FALSE(ENCODING_FAILED(certDER));
+ return certDER;
+}
+
+class AlgorithmTestsTrustDomain final : public DefaultCryptoTrustDomain
+{
+public:
+ AlgorithmTestsTrustDomain(const ByteString& aRootDER,
+ const ByteString& aRootSubjectDER,
+ /*optional*/ const ByteString& aIntDER,
+ /*optional*/ const ByteString& aIntSubjectDER)
+ : rootDER(aRootDER)
+ , rootSubjectDER(aRootSubjectDER)
+ , intDER(aIntDER)
+ , intSubjectDER(aIntSubjectDER)
+ {
+ }
+
+private:
+ Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input candidateCert,
+ /*out*/ TrustLevel& trustLevel) override
+ {
+ if (InputEqualsByteString(candidateCert, rootDER)) {
+ trustLevel = TrustLevel::TrustAnchor;
+ } else {
+ trustLevel = TrustLevel::InheritsTrust;
+ }
+ return Success;
+ }
+
+ Result FindIssuer(Input encodedIssuerName, IssuerChecker& checker, Time)
+ override
+ {
+ ByteString* issuerDER = nullptr;
+ if (InputEqualsByteString(encodedIssuerName, rootSubjectDER)) {
+ issuerDER = &rootDER;
+ } else if (InputEqualsByteString(encodedIssuerName, intSubjectDER)) {
+ issuerDER = &intDER;
+ } else {
+ // FindIssuer just returns success if it can't find a potential issuer.
+ return Success;
+ }
+ Input issuerCert;
+ Result rv = issuerCert.Init(issuerDER->data(), issuerDER->length());
+ if (rv != Success) {
+ return rv;
+ }
+ bool keepGoing;
+ return checker.Check(issuerCert, nullptr, keepGoing);
+ }
+
+ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
+ const Input*, const Input*) override
+ {
+ return Success;
+ }
+
+ Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override
+ {
+ return Success;
+ }
+
+ ByteString rootDER;
+ ByteString rootSubjectDER;
+ ByteString intDER;
+ ByteString intSubjectDER;
+};
+
+static const TestSignatureAlgorithm NO_INTERMEDIATE
+{
+ TestPublicKeyAlgorithm(ByteString()),
+ TestDigestAlgorithmID::MD2,
+ ByteString(),
+ false
+};
+
+struct ChainValidity final
+{
+ ChainValidity(const TestSignatureAlgorithm& aEndEntitySignatureAlgorithm,
+ const TestSignatureAlgorithm& aOptionalIntSignatureAlgorithm,
+ const TestSignatureAlgorithm& aRootSignatureAlgorithm,
+ bool aIsValid)
+ : endEntitySignatureAlgorithm(aEndEntitySignatureAlgorithm)
+ , optionalIntermediateSignatureAlgorithm(aOptionalIntSignatureAlgorithm)
+ , rootSignatureAlgorithm(aRootSignatureAlgorithm)
+ , isValid(aIsValid)
+ { }
+
+ // In general, a certificate is generated for each of these. However, if
+ // optionalIntermediateSignatureAlgorithm is NO_INTERMEDIATE, then only 2
+ // certificates are generated.
+ // The certificate generated for the given rootSignatureAlgorithm is the
+ // trust anchor.
+ TestSignatureAlgorithm endEntitySignatureAlgorithm;
+ TestSignatureAlgorithm optionalIntermediateSignatureAlgorithm;
+ TestSignatureAlgorithm rootSignatureAlgorithm;
+ bool isValid;
+};
+
+static const ChainValidity CHAIN_VALIDITY[] =
+{
+ // The trust anchor may have a signature with an unsupported signature
+ // algorithm.
+ ChainValidity(sha256WithRSAEncryption(),
+ NO_INTERMEDIATE,
+ md5WithRSAEncryption(),
+ true),
+ ChainValidity(sha256WithRSAEncryption(),
+ NO_INTERMEDIATE,
+ md2WithRSAEncryption(),
+ true),
+
+ // Certificates that are not trust anchors must not have a signature with an
+ // unsupported signature algorithm.
+ ChainValidity(md5WithRSAEncryption(),
+ NO_INTERMEDIATE,
+ sha256WithRSAEncryption(),
+ false),
+ ChainValidity(md2WithRSAEncryption(),
+ NO_INTERMEDIATE,
+ sha256WithRSAEncryption(),
+ false),
+ ChainValidity(md2WithRSAEncryption(),
+ NO_INTERMEDIATE,
+ md5WithRSAEncryption(),
+ false),
+ ChainValidity(sha256WithRSAEncryption(),
+ md5WithRSAEncryption(),
+ sha256WithRSAEncryption(),
+ false),
+ ChainValidity(sha256WithRSAEncryption(),
+ md2WithRSAEncryption(),
+ sha256WithRSAEncryption(),
+ false),
+ ChainValidity(sha256WithRSAEncryption(),
+ md2WithRSAEncryption(),
+ md5WithRSAEncryption(),
+ false),
+};
+
+class pkixcert_IsValidChainForAlgorithm
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<ChainValidity>
+{
+};
+
+::std::ostream& operator<<(::std::ostream& os,
+ const pkixcert_IsValidChainForAlgorithm&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+::std::ostream& operator<<(::std::ostream& os, const ChainValidity&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+TEST_P(pkixcert_IsValidChainForAlgorithm, IsValidChainForAlgorithm)
+{
+ const ChainValidity& chainValidity(GetParam());
+ const char* rootCN = "CN=Root";
+ ByteString rootSubjectDER;
+ ByteString rootEncoded(
+ CreateCert(rootCN, rootCN, EndEntityOrCA::MustBeCA,
+ chainValidity.rootSignatureAlgorithm, rootSubjectDER));
+ EXPECT_FALSE(ENCODING_FAILED(rootEncoded));
+ EXPECT_FALSE(ENCODING_FAILED(rootSubjectDER));
+
+ const char* issuerCN = rootCN;
+
+ const char* intermediateCN = "CN=Intermediate";
+ ByteString intermediateSubjectDER;
+ ByteString intermediateEncoded;
+
+ // If the the algorithmIdentifier is empty, then it's NO_INTERMEDIATE.
+ if (!chainValidity.optionalIntermediateSignatureAlgorithm
+ .algorithmIdentifier.empty()) {
+ intermediateEncoded =
+ CreateCert(rootCN, intermediateCN, EndEntityOrCA::MustBeCA,
+ chainValidity.optionalIntermediateSignatureAlgorithm,
+ intermediateSubjectDER);
+ EXPECT_FALSE(ENCODING_FAILED(intermediateEncoded));
+ EXPECT_FALSE(ENCODING_FAILED(intermediateSubjectDER));
+ issuerCN = intermediateCN;
+ }
+
+ AlgorithmTestsTrustDomain trustDomain(rootEncoded, rootSubjectDER,
+ intermediateEncoded,
+ intermediateSubjectDER);
+
+ const char* endEntityCN = "CN=End Entity";
+ ByteString endEntitySubjectDER;
+ ByteString endEntityEncoded(
+ CreateCert(issuerCN, endEntityCN, EndEntityOrCA::MustBeEndEntity,
+ chainValidity.endEntitySignatureAlgorithm,
+ endEntitySubjectDER));
+ EXPECT_FALSE(ENCODING_FAILED(endEntityEncoded));
+ EXPECT_FALSE(ENCODING_FAILED(endEntitySubjectDER));
+
+ Input endEntity;
+ ASSERT_EQ(Success, endEntity.Init(endEntityEncoded.data(),
+ endEntityEncoded.length()));
+ Result expectedResult = chainValidity.isValid
+ ? Success
+ : Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED;
+ ASSERT_EQ(expectedResult,
+ BuildCertChain(trustDomain, endEntity, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_serverAuth,
+ CertPolicyId::anyPolicy, nullptr));
+}
+
+INSTANTIATE_TEST_CASE_P(pkixcert_IsValidChainForAlgorithm,
+ pkixcert_IsValidChainForAlgorithm,
+ testing::ValuesIn(CHAIN_VALIDITY));
diff --git a/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp
new file mode 100644
index 000000000..0aef3d5c1
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckExtendedKeyUsage_tests.cpp
@@ -0,0 +1,722 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2016 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixder.h"
+#include "mozpkix/pkixutil.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+namespace mozilla { namespace pkix {
+
+extern Result CheckExtendedKeyUsage(EndEntityOrCA endEntityOrCA,
+ const Input* encodedExtendedKeyUsage,
+ KeyPurposeId requiredEKU,
+ TrustDomain& trustDomain, Time notBefore);
+
+} } // namespace mozilla::pkix
+
+class pkixcheck_CheckExtendedKeyUsage : public ::testing::Test
+{
+protected:
+ DefaultCryptoTrustDomain mTrustDomain;
+};
+
+#define ASSERT_BAD(x) ASSERT_EQ(Result::ERROR_INADEQUATE_CERT_TYPE, x)
+
+// tlv_id_kp_OCSPSigning and tlv_id_kp_serverAuth are defined in pkixtestutil.h
+
+// python DottedOIDToCode.py --tlv id-kp-clientAuth 1.3.6.1.5.5.7.3.2
+static const uint8_t tlv_id_kp_clientAuth[] = {
+ 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02
+};
+
+// python DottedOIDToCode.py --tlv id-kp-codeSigning 1.3.6.1.5.5.7.3.3
+static const uint8_t tlv_id_kp_codeSigning[] = {
+ 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x03
+};
+
+// python DottedOIDToCode.py --tlv id_kp_emailProtection 1.3.6.1.5.5.7.3.4
+static const uint8_t tlv_id_kp_emailProtection[] = {
+ 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x04
+};
+
+// python DottedOIDToCode.py --tlv id-Netscape-stepUp 2.16.840.1.113730.4.1
+static const uint8_t tlv_id_Netscape_stepUp[] = {
+ 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x04, 0x01
+};
+
+// python DottedOIDToCode.py --tlv unknownOID 1.3.6.1.4.1.13769.666.666.666.1.500.9.3
+static const uint8_t tlv_unknownOID[] = {
+ 0x06, 0x12, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xeb, 0x49, 0x85, 0x1a, 0x85, 0x1a,
+ 0x85, 0x1a, 0x01, 0x83, 0x74, 0x09, 0x03
+};
+
+// python DottedOIDToCode.py --tlv anyExtendedKeyUsage 2.5.29.37.0
+static const uint8_t tlv_anyExtendedKeyUsage[] = {
+ 0x06, 0x04, 0x55, 0x1d, 0x25, 0x00
+};
+
+TEST_F(pkixcheck_CheckExtendedKeyUsage, none)
+{
+ // The input Input is nullptr. This means the cert had no extended key usage
+ // extension. This is always valid except for when the certificate is an
+ // end-entity and the required usage is id-kp-OCSPSigning.
+
+ ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity,
+ nullptr,
+ KeyPurposeId::anyExtendedKeyUsage,
+ mTrustDomain, Now()));
+ ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr,
+ KeyPurposeId::anyExtendedKeyUsage,
+ mTrustDomain, Now()));
+ ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity,
+ nullptr,
+ KeyPurposeId::id_kp_serverAuth,
+ mTrustDomain, Now()));
+ ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr,
+ KeyPurposeId::id_kp_serverAuth,
+ mTrustDomain, Now()));
+ ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity,
+ nullptr,
+ KeyPurposeId::id_kp_clientAuth,
+ mTrustDomain, Now()));
+ ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr,
+ KeyPurposeId::id_kp_clientAuth,
+ mTrustDomain, Now()));
+ ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity,
+ nullptr,
+ KeyPurposeId::id_kp_codeSigning,
+ mTrustDomain, Now()));
+ ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr,
+ KeyPurposeId::id_kp_codeSigning,
+ mTrustDomain, Now()));
+ ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity,
+ nullptr,
+ KeyPurposeId::id_kp_emailProtection,
+ mTrustDomain, Now()));
+ ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr,
+ KeyPurposeId::id_kp_emailProtection,
+ mTrustDomain, Now()));
+ ASSERT_BAD(CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, nullptr,
+ KeyPurposeId::id_kp_OCSPSigning,
+ mTrustDomain, Now()));
+ ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr,
+ KeyPurposeId::id_kp_OCSPSigning,
+ mTrustDomain, Now()));
+}
+
+static const Input empty_null;
+
+TEST_F(pkixcheck_CheckExtendedKeyUsage, empty)
+{
+ // The input Input is empty. The cert has an empty extended key usage
+ // extension, which is syntactically invalid.
+ ASSERT_BAD(CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, &empty_null,
+ KeyPurposeId::id_kp_serverAuth,
+ mTrustDomain, Now()));
+ ASSERT_BAD(CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, &empty_null,
+ KeyPurposeId::id_kp_serverAuth,
+ mTrustDomain, Now()));
+
+ static const uint8_t dummy = 0x00;
+ Input empty_nonnull;
+ ASSERT_EQ(Success, empty_nonnull.Init(&dummy, 0));
+ ASSERT_BAD(CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, &empty_nonnull,
+ KeyPurposeId::id_kp_serverAuth,
+ mTrustDomain, Now()));
+ ASSERT_BAD(CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, &empty_nonnull,
+ KeyPurposeId::id_kp_serverAuth,
+ mTrustDomain, Now()));
+}
+
+struct EKUTestcase
+{
+ ByteString ekuSEQUENCE;
+ KeyPurposeId keyPurposeId;
+ Result expectedResultEndEntity;
+ Result expectedResultCA;
+};
+
+::std::ostream& operator<<(::std::ostream& os, const EKUTestcase&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+class CheckExtendedKeyUsageTest
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<EKUTestcase>
+{
+protected:
+ DefaultCryptoTrustDomain mTrustDomain;
+};
+
+TEST_P(CheckExtendedKeyUsageTest, EKUTestcase)
+{
+ const EKUTestcase& param(GetParam());
+ Input encodedEKU;
+ ASSERT_EQ(Success, encodedEKU.Init(param.ekuSEQUENCE.data(),
+ param.ekuSEQUENCE.length()));
+ ASSERT_EQ(param.expectedResultEndEntity,
+ CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, &encodedEKU,
+ param.keyPurposeId,
+ mTrustDomain, Now()));
+ ASSERT_EQ(param.expectedResultCA,
+ CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, &encodedEKU,
+ param.keyPurposeId,
+ mTrustDomain, Now()));
+}
+
+#define SINGLE_EKU_SUCCESS(oidBytes, keyPurposeId) \
+ { TLV(der::SEQUENCE, BytesToByteString(oidBytes)), keyPurposeId, \
+ Success, Success }
+#define SINGLE_EKU_SUCCESS_CA(oidBytes, keyPurposeId) \
+ { TLV(der::SEQUENCE, BytesToByteString(oidBytes)), keyPurposeId, \
+ Result::ERROR_INADEQUATE_CERT_TYPE, Success }
+#define SINGLE_EKU_FAILURE(oidBytes, keyPurposeId) \
+ { TLV(der::SEQUENCE, BytesToByteString(oidBytes)), keyPurposeId, \
+ Result::ERROR_INADEQUATE_CERT_TYPE, Result::ERROR_INADEQUATE_CERT_TYPE }
+#define DOUBLE_EKU_SUCCESS(oidBytes1, oidBytes2, keyPurposeId) \
+ { TLV(der::SEQUENCE, \
+ BytesToByteString(oidBytes1) + BytesToByteString(oidBytes2)), \
+ keyPurposeId, \
+ Success, Success }
+#define DOUBLE_EKU_SUCCESS_CA(oidBytes1, oidBytes2, keyPurposeId) \
+ { TLV(der::SEQUENCE, \
+ BytesToByteString(oidBytes1) + BytesToByteString(oidBytes2)), \
+ keyPurposeId, \
+ Result::ERROR_INADEQUATE_CERT_TYPE, Success }
+#define DOUBLE_EKU_FAILURE(oidBytes1, oidBytes2, keyPurposeId) \
+ { TLV(der::SEQUENCE, \
+ BytesToByteString(oidBytes1) + BytesToByteString(oidBytes2)), \
+ keyPurposeId, \
+ Result::ERROR_INADEQUATE_CERT_TYPE, Result::ERROR_INADEQUATE_CERT_TYPE }
+
+static const EKUTestcase EKU_TESTCASES[] =
+{
+ SINGLE_EKU_SUCCESS(tlv_id_kp_serverAuth, KeyPurposeId::anyExtendedKeyUsage),
+ SINGLE_EKU_SUCCESS(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_serverAuth),
+ SINGLE_EKU_FAILURE(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_clientAuth),
+ SINGLE_EKU_FAILURE(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_codeSigning),
+ SINGLE_EKU_FAILURE(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_emailProtection),
+ SINGLE_EKU_FAILURE(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_OCSPSigning),
+
+ SINGLE_EKU_SUCCESS(tlv_id_kp_clientAuth, KeyPurposeId::anyExtendedKeyUsage),
+ SINGLE_EKU_FAILURE(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_serverAuth),
+ SINGLE_EKU_SUCCESS(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_clientAuth),
+ SINGLE_EKU_FAILURE(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_codeSigning),
+ SINGLE_EKU_FAILURE(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_emailProtection),
+ SINGLE_EKU_FAILURE(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_OCSPSigning),
+
+ SINGLE_EKU_SUCCESS(tlv_id_kp_codeSigning, KeyPurposeId::anyExtendedKeyUsage),
+ SINGLE_EKU_FAILURE(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_serverAuth),
+ SINGLE_EKU_FAILURE(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_clientAuth),
+ SINGLE_EKU_SUCCESS(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_codeSigning),
+ SINGLE_EKU_FAILURE(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_emailProtection),
+ SINGLE_EKU_FAILURE(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_OCSPSigning),
+
+ SINGLE_EKU_SUCCESS(tlv_id_kp_emailProtection, KeyPurposeId::anyExtendedKeyUsage),
+ SINGLE_EKU_FAILURE(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_serverAuth),
+ SINGLE_EKU_FAILURE(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_clientAuth),
+ SINGLE_EKU_FAILURE(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_codeSigning),
+ SINGLE_EKU_SUCCESS(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_emailProtection),
+ SINGLE_EKU_FAILURE(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_OCSPSigning),
+
+ // For end-entities, if id-kp-OCSPSigning is present, no usage is allowed
+ // except OCSPSigning.
+ SINGLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, KeyPurposeId::anyExtendedKeyUsage),
+ SINGLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_serverAuth),
+ SINGLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_clientAuth),
+ SINGLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_codeSigning),
+ SINGLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_emailProtection),
+ SINGLE_EKU_SUCCESS(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_OCSPSigning),
+
+ SINGLE_EKU_SUCCESS(tlv_id_Netscape_stepUp, KeyPurposeId::anyExtendedKeyUsage),
+ // For compatibility, id-Netscape-stepUp is treated as equivalent to
+ // id-kp-serverAuth for CAs.
+ SINGLE_EKU_SUCCESS_CA(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_serverAuth),
+ SINGLE_EKU_FAILURE(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_clientAuth),
+ SINGLE_EKU_FAILURE(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_codeSigning),
+ SINGLE_EKU_FAILURE(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_emailProtection),
+ SINGLE_EKU_FAILURE(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_OCSPSigning),
+
+ SINGLE_EKU_SUCCESS(tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage),
+ SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_serverAuth),
+ SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_clientAuth),
+ SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_codeSigning),
+ SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_emailProtection),
+ SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning),
+
+ SINGLE_EKU_SUCCESS(tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage),
+ SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth),
+ SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth),
+ SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning),
+ SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection),
+ SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_SUCCESS(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_SUCCESS_CA(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning),
+
+ DOUBLE_EKU_SUCCESS(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage),
+ DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth),
+ DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth),
+ DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning),
+ DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection),
+ DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning),
+};
+
+INSTANTIATE_TEST_CASE_P(pkixcheck_CheckExtendedKeyUsage,
+ CheckExtendedKeyUsageTest,
+ ::testing::ValuesIn(EKU_TESTCASES));
+
+struct EKUChainTestcase
+{
+ ByteString ekuExtensionEE;
+ ByteString ekuExtensionCA;
+ KeyPurposeId keyPurposeId;
+ Result expectedResult;
+};
+
+::std::ostream& operator<<(::std::ostream& os, const EKUChainTestcase&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+class CheckExtendedKeyUsageChainTest
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<EKUChainTestcase>
+{
+};
+
+static ByteString
+CreateCert(const char* issuerCN, const char* subjectCN,
+ EndEntityOrCA endEntityOrCA, ByteString encodedEKU)
+{
+ static long serialNumberValue = 0;
+ ++serialNumberValue;
+ ByteString serialNumber(CreateEncodedSerialNumber(serialNumberValue));
+ EXPECT_FALSE(ENCODING_FAILED(serialNumber));
+
+ ByteString issuerDER(CNToDERName(issuerCN));
+ ByteString subjectDER(CNToDERName(subjectCN));
+
+ ByteString extensions[3];
+ extensions[0] =
+ CreateEncodedBasicConstraints(endEntityOrCA == EndEntityOrCA::MustBeCA,
+ nullptr, Critical::Yes);
+ EXPECT_FALSE(ENCODING_FAILED(extensions[0]));
+ if (encodedEKU.length() > 0) {
+ extensions[1] = encodedEKU;
+ }
+
+ ScopedTestKeyPair reusedKey(CloneReusedKeyPair());
+ ByteString certDER(CreateEncodedCertificate(
+ v3, sha256WithRSAEncryption(), serialNumber, issuerDER,
+ oneDayBeforeNow, oneDayAfterNow, subjectDER,
+ *reusedKey, extensions, *reusedKey,
+ sha256WithRSAEncryption()));
+ EXPECT_FALSE(ENCODING_FAILED(certDER));
+
+ return certDER;
+}
+
+class EKUTrustDomain final : public DefaultCryptoTrustDomain
+{
+public:
+ explicit EKUTrustDomain(ByteString issuerCertDER)
+ : mIssuerCertDER(issuerCertDER)
+ {
+ }
+
+private:
+ Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input candidateCert,
+ TrustLevel& trustLevel) override
+ {
+ trustLevel = InputEqualsByteString(candidateCert, mIssuerCertDER)
+ ? TrustLevel::TrustAnchor
+ : TrustLevel::InheritsTrust;
+ return Success;
+ }
+
+ Result FindIssuer(Input, IssuerChecker& checker, Time) override
+ {
+ Input derCert;
+ Result rv = derCert.Init(mIssuerCertDER.data(), mIssuerCertDER.length());
+ if (rv != Success) {
+ return rv;
+ }
+ bool keepGoing;
+ return checker.Check(derCert, nullptr, keepGoing);
+ }
+
+ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
+ const Input*, const Input*) override
+ {
+ return Success;
+ }
+
+ Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override
+ {
+ return Success;
+ }
+
+ ByteString mIssuerCertDER;
+};
+
+TEST_P(CheckExtendedKeyUsageChainTest, EKUChainTestcase)
+{
+ const EKUChainTestcase& param(GetParam());
+ ByteString issuerCertDER(CreateCert("CA", "CA", EndEntityOrCA::MustBeCA,
+ param.ekuExtensionCA));
+ ByteString subjectCertDER(CreateCert("CA", "EE",
+ EndEntityOrCA::MustBeEndEntity,
+ param.ekuExtensionEE));
+
+ EKUTrustDomain trustDomain(issuerCertDER);
+
+ Input subjectCertDERInput;
+ ASSERT_EQ(Success, subjectCertDERInput.Init(subjectCertDER.data(),
+ subjectCertDER.length()));
+ ASSERT_EQ(param.expectedResult,
+ BuildCertChain(trustDomain, subjectCertDERInput, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ param.keyPurposeId,
+ CertPolicyId::anyPolicy,
+ nullptr));
+}
+
+// python DottedOIDToCode.py --tlv id-ce-extKeyUsage 2.5.29.37
+static const uint8_t tlv_id_ce_extKeyUsage[] = {
+ 0x06, 0x03, 0x55, 0x1d, 0x25
+};
+
+static inline ByteString
+CreateEKUExtension(ByteString ekuOIDs)
+{
+ return TLV(der::SEQUENCE,
+ BytesToByteString(tlv_id_ce_extKeyUsage) +
+ TLV(der::OCTET_STRING, TLV(der::SEQUENCE, ekuOIDs)));
+}
+
+static const EKUChainTestcase EKU_CHAIN_TESTCASES[] =
+{
+ {
+ // Both end-entity and CA have id-kp-serverAuth => should succeed
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)),
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)),
+ KeyPurposeId::id_kp_serverAuth,
+ Success
+ },
+ {
+ // CA has no EKU extension => should succeed
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)),
+ ByteString(),
+ KeyPurposeId::id_kp_serverAuth,
+ Success
+ },
+ {
+ // End-entity has no EKU extension => should succeed
+ ByteString(),
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)),
+ KeyPurposeId::id_kp_serverAuth,
+ Success
+ },
+ {
+ // No EKU extensions at all => should succeed
+ ByteString(),
+ ByteString(),
+ KeyPurposeId::id_kp_serverAuth,
+ Success
+ },
+ {
+ // CA has EKU without id-kp-serverAuth => should fail
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)),
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_clientAuth)),
+ KeyPurposeId::id_kp_serverAuth,
+ Result::ERROR_INADEQUATE_CERT_TYPE
+ },
+ {
+ // End-entity has EKU without id-kp-serverAuth => should fail
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_clientAuth)),
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)),
+ KeyPurposeId::id_kp_serverAuth,
+ Result::ERROR_INADEQUATE_CERT_TYPE
+ },
+ {
+ // Both end-entity and CA have EKU without id-kp-serverAuth => should fail
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_clientAuth)),
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_clientAuth)),
+ KeyPurposeId::id_kp_serverAuth,
+ Result::ERROR_INADEQUATE_CERT_TYPE
+ },
+ {
+ // End-entity has no EKU, CA doesn't have id-kp-serverAuth => should fail
+ ByteString(),
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_clientAuth)),
+ KeyPurposeId::id_kp_serverAuth,
+ Result::ERROR_INADEQUATE_CERT_TYPE
+ },
+ {
+ // End-entity doesn't have id-kp-serverAuth, CA has no EKU => should fail
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_clientAuth)),
+ ByteString(),
+ KeyPurposeId::id_kp_serverAuth,
+ Result::ERROR_INADEQUATE_CERT_TYPE
+ },
+ {
+ // CA has id-Netscape-stepUp => should succeed
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)),
+ CreateEKUExtension(BytesToByteString(tlv_id_Netscape_stepUp)),
+ KeyPurposeId::id_kp_serverAuth,
+ Success
+ },
+ {
+ // End-entity has id-Netscape-stepUp => should fail
+ CreateEKUExtension(BytesToByteString(tlv_id_Netscape_stepUp)),
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)),
+ KeyPurposeId::id_kp_serverAuth,
+ Result::ERROR_INADEQUATE_CERT_TYPE
+ },
+ {
+ // End-entity and CA have id-kp-serverAuth and id-kp-clientAuth => should
+ // succeed
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth) +
+ BytesToByteString(tlv_id_kp_clientAuth)),
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth) +
+ BytesToByteString(tlv_id_kp_clientAuth)),
+ KeyPurposeId::id_kp_serverAuth,
+ Success
+ },
+ {
+ // End-entity has id-kp-serverAuth and id-kp-OCSPSigning => should fail
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth) +
+ BytesToByteString(tlv_id_kp_OCSPSigning)),
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth) +
+ BytesToByteString(tlv_id_kp_clientAuth)),
+ KeyPurposeId::id_kp_serverAuth,
+ Result::ERROR_INADEQUATE_CERT_TYPE
+ },
+ {
+ // CA has id-kp-serverAuth and id-kp-OCSPSigning => should succeed
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth) +
+ BytesToByteString(tlv_id_kp_clientAuth)),
+ CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth) +
+ BytesToByteString(tlv_id_kp_OCSPSigning)),
+ KeyPurposeId::id_kp_serverAuth,
+ Success
+ },
+};
+
+INSTANTIATE_TEST_CASE_P(pkixcheck_CheckExtendedKeyUsage,
+ CheckExtendedKeyUsageChainTest,
+ ::testing::ValuesIn(EKU_CHAIN_TESTCASES));
diff --git a/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckIssuer_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckIssuer_tests.cpp
new file mode 100644
index 000000000..bcc2c1198
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckIssuer_tests.cpp
@@ -0,0 +1,63 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2016 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixcheck.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+class pkixcheck_CheckIssuer : public ::testing::Test { };
+
+static const uint8_t EMPTY_NAME_DATA[] = {
+ 0x30, 0x00 /* tag, length */
+};
+static const Input EMPTY_NAME(EMPTY_NAME_DATA);
+
+static const uint8_t VALID_NAME_DATA[] = {
+ /* From https://www.example.com/: C=US, O=DigiCert Inc, OU=www.digicert.com,
+ * CN=DigiCert SHA2 High Assurance Server CA */
+ 0x30, 0x70, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
+ 0x02, 0x55, 0x53, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A,
+ 0x13, 0x0C, 0x44, 0x69, 0x67, 0x69, 0x43, 0x65, 0x72, 0x74, 0x20, 0x49,
+ 0x6E, 0x63, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13,
+ 0x10, 0x77, 0x77, 0x77, 0x2E, 0x64, 0x69, 0x67, 0x69, 0x63, 0x65, 0x72,
+ 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x2F, 0x30, 0x2D, 0x06, 0x03, 0x55,
+ 0x04, 0x03, 0x13, 0x26, 0x44, 0x69, 0x67, 0x69, 0x43, 0x65, 0x72, 0x74,
+ 0x20, 0x53, 0x48, 0x41, 0x32, 0x20, 0x48, 0x69, 0x67, 0x68, 0x20, 0x41,
+ 0x73, 0x73, 0x75, 0x72, 0x61, 0x6E, 0x63, 0x65, 0x20, 0x53, 0x65, 0x72,
+ 0x76, 0x65, 0x72, 0x20, 0x43, 0x41
+};
+static const Input VALID_NAME(VALID_NAME_DATA);
+
+TEST_F(pkixcheck_CheckIssuer, ValidIssuer)
+{
+ ASSERT_EQ(Success, CheckIssuer(VALID_NAME));
+}
+
+TEST_F(pkixcheck_CheckIssuer, EmptyIssuer)
+{
+ ASSERT_EQ(Result::ERROR_EMPTY_ISSUER_NAME, CheckIssuer(EMPTY_NAME));
+}
diff --git a/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckKeyUsage_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckKeyUsage_tests.cpp
new file mode 100644
index 000000000..136f8719a
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckKeyUsage_tests.cpp
@@ -0,0 +1,284 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "pkixgtest.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+namespace mozilla { namespace pkix {
+
+extern Result CheckKeyUsage(EndEntityOrCA endEntityOrCA,
+ const Input* encodedKeyUsage,
+ KeyUsage requiredKeyUsageIfPresent);
+
+} } // namespace mozilla::pkix
+
+class pkixcheck_CheckKeyUsage : public ::testing::Test { };
+
+#define ASSERT_BAD(x) ASSERT_EQ(Result::ERROR_INADEQUATE_KEY_USAGE, x)
+
+// Make it easy to define test data for the common, simplest cases.
+#define NAMED_SIMPLE_KU(name, unusedBits, bits) \
+ const uint8_t name##_bytes[4] = { \
+ 0x03/*BIT STRING*/, 0x02/*LENGTH=2*/, unusedBits, bits \
+ }; \
+ const Input name(name##_bytes);
+
+static const Input empty_null;
+
+// Note that keyCertSign is really the only interesting case for CA
+// certificates since we don't support cRLSign.
+
+TEST_F(pkixcheck_CheckKeyUsage, EE_none)
+{
+ // The input Input is nullptr. This means the cert had no keyUsage
+ // extension. This is always valid because no key usage in an end-entity
+ // means that there are no key usage restrictions.
+
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, nullptr,
+ KeyUsage::noParticularKeyUsageRequired));
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, nullptr,
+ KeyUsage::digitalSignature));
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, nullptr,
+ KeyUsage::nonRepudiation));
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, nullptr,
+ KeyUsage::keyEncipherment));
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, nullptr,
+ KeyUsage::dataEncipherment));
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, nullptr,
+ KeyUsage::keyAgreement));
+}
+
+TEST_F(pkixcheck_CheckKeyUsage, EE_empty)
+{
+ // The input Input is empty. The cert had an empty keyUsage extension,
+ // which is syntactically invalid.
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &empty_null,
+ KeyUsage::digitalSignature));
+ static const uint8_t dummy = 0x00;
+ Input empty_nonnull;
+ ASSERT_EQ(Success, empty_nonnull.Init(&dummy, 0));
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &empty_nonnull,
+ KeyUsage::digitalSignature));
+}
+
+TEST_F(pkixcheck_CheckKeyUsage, CA_none)
+{
+ // A CA certificate does not have a KU extension.
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeCA, nullptr,
+ KeyUsage::keyCertSign));
+}
+
+TEST_F(pkixcheck_CheckKeyUsage, CA_empty)
+{
+ // A CA certificate has an empty KU extension.
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, &empty_null,
+ KeyUsage::keyCertSign));
+ static const uint8_t dummy = 0x00;
+ Input empty_nonnull;
+ ASSERT_EQ(Success, empty_nonnull.Init(&dummy, 0));
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, &empty_nonnull,
+ KeyUsage::keyCertSign));
+}
+
+TEST_F(pkixcheck_CheckKeyUsage, maxUnusedBits)
+{
+ NAMED_SIMPLE_KU(encoded, 7, 0x80);
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &encoded,
+ KeyUsage::digitalSignature));
+}
+
+TEST_F(pkixcheck_CheckKeyUsage, tooManyUnusedBits)
+{
+ static uint8_t oneValueByteData[] = {
+ 0x03/*BIT STRING*/, 0x02/*LENGTH=2*/, 8/*unused bits*/, 0x80
+ };
+ static const Input oneValueByte(oneValueByteData);
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &oneValueByte,
+ KeyUsage::digitalSignature));
+
+ static uint8_t twoValueBytesData[] = {
+ 0x03/*BIT STRING*/, 0x03/*LENGTH=3*/, 8/*unused bits*/, 0x01, 0x00
+ };
+ static const Input twoValueBytes(twoValueBytesData);
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &twoValueBytes,
+ KeyUsage::digitalSignature));
+}
+
+TEST_F(pkixcheck_CheckKeyUsage, NoValueBytes_NoPaddingBits)
+{
+ static const uint8_t DER_BYTES[] = {
+ 0x03/*BIT STRING*/, 0x01/*LENGTH=1*/, 0/*unused bits*/
+ };
+ static const Input DER(DER_BYTES);
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &DER,
+ KeyUsage::digitalSignature));
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, &DER,
+ KeyUsage::keyCertSign));
+}
+
+TEST_F(pkixcheck_CheckKeyUsage, NoValueBytes_7PaddingBits)
+{
+ static const uint8_t DER_BYTES[] = {
+ 0x03/*BIT STRING*/, 0x01/*LENGTH=1*/, 7/*unused bits*/
+ };
+ static const Input DER(DER_BYTES);
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &DER,
+ KeyUsage::digitalSignature));
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, &DER,
+ KeyUsage::keyCertSign));
+}
+
+void ASSERT_SimpleCase(uint8_t unusedBits, uint8_t bits, KeyUsage usage)
+{
+ // Test that only the right bit is accepted for the usage for both EE and CA
+ // certs.
+ NAMED_SIMPLE_KU(good, unusedBits, bits);
+ ASSERT_EQ(Success,
+ CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &good, usage));
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeCA, &good, usage));
+
+ // We use (~bits >> unusedBits) << unusedBits) instead of using the same
+ // calculation that is in CheckKeyUsage to validate that the calculation in
+ // CheckKeyUsage is correct.
+
+ // Test that none of the other non-padding bits are mistaken for the given
+ // key usage in the single-byte value case.
+ NAMED_SIMPLE_KU(notGood, unusedBits,
+ static_cast<uint8_t>((~bits >> unusedBits) << unusedBits));
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, ¬Good, usage));
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, ¬Good, usage));
+
+ // Test that none of the other non-padding bits are mistaken for the given
+ // key usage in the two-byte value case.
+ const uint8_t twoByteNotGoodData[] = {
+ 0x03/*BIT STRING*/, 0x03/*LENGTH=3*/, unusedBits,
+ static_cast<uint8_t>(~bits),
+ static_cast<uint8_t>((0xFFu >> unusedBits) << unusedBits)
+ };
+ Input twoByteNotGood(twoByteNotGoodData);
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &twoByteNotGood,
+ usage));
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, &twoByteNotGood, usage));
+}
+
+TEST_F(pkixcheck_CheckKeyUsage, simpleCases)
+{
+ ASSERT_SimpleCase(7, 0x80, KeyUsage::digitalSignature);
+ ASSERT_SimpleCase(6, 0x40, KeyUsage::nonRepudiation);
+ ASSERT_SimpleCase(5, 0x20, KeyUsage::keyEncipherment);
+ ASSERT_SimpleCase(4, 0x10, KeyUsage::dataEncipherment);
+ ASSERT_SimpleCase(3, 0x08, KeyUsage::keyAgreement);
+}
+
+// Only CAs are allowed to assert keyCertSign.
+// End-entity certs may assert it along with other key usages if keyCertSign
+// isn't the required key usage. This is for compatibility.
+TEST_F(pkixcheck_CheckKeyUsage, keyCertSign)
+{
+ NAMED_SIMPLE_KU(good, 2, 0x04);
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &good,
+ KeyUsage::keyCertSign));
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeCA, &good,
+ KeyUsage::keyCertSign));
+
+ // Test that none of the other non-padding bits are mistaken for the given
+ // key usage in the one-byte value case.
+ NAMED_SIMPLE_KU(notGood, 2, 0xFB);
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, ¬Good,
+ KeyUsage::keyCertSign));
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, ¬Good,
+ KeyUsage::keyCertSign));
+
+ // Test that none of the other non-padding bits are mistaken for the given
+ // key usage in the two-byte value case.
+ static uint8_t twoByteNotGoodData[] = {
+ 0x03/*BIT STRING*/, 0x03/*LENGTH=3*/, 2/*unused bits*/, 0xFBu, 0xFCu
+ };
+ static const Input twoByteNotGood(twoByteNotGoodData);
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &twoByteNotGood,
+ KeyUsage::keyCertSign));
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, &twoByteNotGood,
+ KeyUsage::keyCertSign));
+
+ // If an end-entity certificate does assert keyCertSign, this is allowed
+ // as long as that isn't the required key usage.
+ NAMED_SIMPLE_KU(digitalSignatureAndKeyCertSign, 2, 0x84);
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeEndEntity,
+ &digitalSignatureAndKeyCertSign,
+ KeyUsage::digitalSignature));
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity,
+ &digitalSignatureAndKeyCertSign,
+ KeyUsage::keyCertSign));
+}
+
+TEST_F(pkixcheck_CheckKeyUsage, unusedBitNotZero)
+{
+ // single byte control case
+ static uint8_t controlOneValueByteData[] = {
+ 0x03/*BIT STRING*/, 0x02/*LENGTH=2*/, 7/*unused bits*/, 0x80
+ };
+ static const Input controlOneValueByte(controlOneValueByteData);
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeEndEntity,
+ &controlOneValueByte,
+ KeyUsage::digitalSignature));
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeCA,
+ &controlOneValueByte,
+ KeyUsage::digitalSignature));
+
+ // single-byte test case
+ static uint8_t oneValueByteData[] = {
+ 0x03/*BIT STRING*/, 0x02/*LENGTH=2*/, 7/*unused bits*/, 0x80 | 0x01
+ };
+ static const Input oneValueByte(oneValueByteData);
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &oneValueByte,
+ KeyUsage::digitalSignature));
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, &oneValueByte,
+ KeyUsage::digitalSignature));
+
+ // two-byte control case
+ static uint8_t controlTwoValueBytesData[] = {
+ 0x03/*BIT STRING*/, 0x03/*LENGTH=3*/, 7/*unused bits*/,
+ 0x80 | 0x01, 0x80
+ };
+ static const Input controlTwoValueBytes(controlTwoValueBytesData);
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeEndEntity,
+ &controlTwoValueBytes,
+ KeyUsage::digitalSignature));
+ ASSERT_EQ(Success, CheckKeyUsage(EndEntityOrCA::MustBeCA,
+ &controlTwoValueBytes,
+ KeyUsage::digitalSignature));
+
+ // two-byte test case
+ static uint8_t twoValueBytesData[] = {
+ 0x03/*BIT STRING*/, 0x03/*LENGTH=3*/, 7/*unused bits*/,
+ 0x80 | 0x01, 0x80 | 0x01
+ };
+ static const Input twoValueBytes(twoValueBytesData);
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeEndEntity, &twoValueBytes,
+ KeyUsage::digitalSignature));
+ ASSERT_BAD(CheckKeyUsage(EndEntityOrCA::MustBeCA, &twoValueBytes,
+ KeyUsage::digitalSignature));
+}
diff --git a/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp
new file mode 100644
index 000000000..70e6fd410
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckSignatureAlgorithm_tests.cpp
@@ -0,0 +1,367 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2015 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixder.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+namespace mozilla { namespace pkix {
+
+extern Result CheckSignatureAlgorithm(
+ TrustDomain& trustDomain, EndEntityOrCA endEntityOrCA,
+ Time notBefore,
+ const der::SignedDataWithSignature& signedData,
+ Input signatureValue);
+
+} } // namespace mozilla::pkix
+
+struct CheckSignatureAlgorithmTestParams
+{
+ ByteString signatureAlgorithmValue;
+ ByteString signatureValue;
+ unsigned int signatureLengthInBytes;
+ Result expectedResult;
+};
+
+::std::ostream& operator<<(::std::ostream& os,
+ const CheckSignatureAlgorithmTestParams&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+#define BS(s) ByteString(s, MOZILLA_PKIX_ARRAY_LENGTH(s))
+
+// python DottedOIDToCode.py --tlv sha256WithRSAEncryption 1.2.840.113549.1.1.11
+static const uint8_t tlv_sha256WithRSAEncryption[] = {
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b
+};
+
+// Same as tlv_sha256WithRSAEncryption, except one without the "0x0b" and with
+// the DER length decreased accordingly.
+static const uint8_t tlv_sha256WithRSAEncryption_truncated[] = {
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01
+};
+
+// python DottedOIDToCode.py --tlv sha-1WithRSAEncryption 1.2.840.113549.1.1.5
+static const uint8_t tlv_sha_1WithRSAEncryption[] = {
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05
+};
+
+// python DottedOIDToCode.py --tlv sha1WithRSASignature 1.3.14.3.2.29
+static const uint8_t tlv_sha1WithRSASignature[] = {
+ 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1d
+};
+
+// python DottedOIDToCode.py --tlv md5WithRSAEncryption 1.2.840.113549.1.1.4
+static const uint8_t tlv_md5WithRSAEncryption[] = {
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04
+};
+
+static const CheckSignatureAlgorithmTestParams
+ CHECKSIGNATUREALGORITHM_TEST_PARAMS[] =
+{
+ { // Both algorithm IDs are empty
+ ByteString(),
+ ByteString(),
+ 2048 / 8,
+ Result::ERROR_BAD_DER,
+ },
+ { // signatureAlgorithm is empty, signature is supported.
+ ByteString(),
+ BS(tlv_sha256WithRSAEncryption),
+ 2048 / 8,
+ Result::ERROR_BAD_DER,
+ },
+ { // signatureAlgorithm is supported, signature is empty.
+ BS(tlv_sha256WithRSAEncryption),
+ ByteString(),
+ 2048 / 8,
+ Result::ERROR_BAD_DER,
+ },
+ { // Algorithms match, both are supported.
+ BS(tlv_sha256WithRSAEncryption),
+ BS(tlv_sha256WithRSAEncryption),
+ 2048 / 8,
+ Success
+ },
+ { // Algorithms do not match because signatureAlgorithm is truncated.
+ BS(tlv_sha256WithRSAEncryption_truncated),
+ BS(tlv_sha256WithRSAEncryption),
+ 2048 / 8,
+ Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
+ },
+ { // Algorithms do not match because signature is truncated.
+ BS(tlv_sha256WithRSAEncryption),
+ BS(tlv_sha256WithRSAEncryption_truncated),
+ 2048 / 8,
+ Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
+ },
+ { // Algorithms do not match, both are supported.
+ BS(tlv_sha_1WithRSAEncryption),
+ BS(tlv_sha256WithRSAEncryption),
+ 2048 / 8,
+ Result::ERROR_SIGNATURE_ALGORITHM_MISMATCH,
+ },
+ { // Algorithms do not match, both are supported.
+ BS(tlv_sha256WithRSAEncryption),
+ BS(tlv_sha_1WithRSAEncryption),
+ 2048 / 8,
+ Result::ERROR_SIGNATURE_ALGORITHM_MISMATCH,
+ },
+ { // Algorithms match, both are unsupported.
+ BS(tlv_md5WithRSAEncryption),
+ BS(tlv_md5WithRSAEncryption),
+ 2048 / 8,
+ Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
+ },
+ { // signatureAlgorithm is unsupported, signature is supported.
+ BS(tlv_md5WithRSAEncryption),
+ BS(tlv_sha256WithRSAEncryption),
+ 2048 / 8,
+ Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
+ },
+ { // signatureAlgorithm is supported, signature is unsupported.
+ BS(tlv_sha256WithRSAEncryption),
+ BS(tlv_md5WithRSAEncryption),
+ 2048 / 8,
+ Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
+ },
+ { // Both have the optional NULL parameter.
+ BS(tlv_sha256WithRSAEncryption) + TLV(der::NULLTag, ByteString()),
+ BS(tlv_sha256WithRSAEncryption) + TLV(der::NULLTag, ByteString()),
+ 2048 / 8,
+ Success
+ },
+ { // signatureAlgorithm has the optional NULL parameter, signature doesn't.
+ BS(tlv_sha256WithRSAEncryption) + TLV(der::NULLTag, ByteString()),
+ BS(tlv_sha256WithRSAEncryption),
+ 2048 / 8,
+ Success
+ },
+ { // signatureAlgorithm does not have the optional NULL parameter, signature
+ // does.
+ BS(tlv_sha256WithRSAEncryption),
+ BS(tlv_sha256WithRSAEncryption) + TLV(der::NULLTag, ByteString()),
+ 2048 / 8,
+ Success
+ },
+ { // The different OIDs for RSA-with-SHA1 we support are semantically
+ // equivalent.
+ BS(tlv_sha1WithRSASignature),
+ BS(tlv_sha_1WithRSAEncryption),
+ 2048 / 8,
+ Success,
+ },
+ { // The different OIDs for RSA-with-SHA1 we support are semantically
+ // equivalent (opposite order).
+ BS(tlv_sha_1WithRSAEncryption),
+ BS(tlv_sha1WithRSASignature),
+ 2048 / 8,
+ Success,
+ },
+ { // Algorithms match, both are supported, key size is not a multile of 128
+ // bits. This test verifies that we're not wrongly rounding up the
+ // signature size like we did in the original patch for bug 1131767.
+ BS(tlv_sha256WithRSAEncryption),
+ BS(tlv_sha256WithRSAEncryption),
+ (2048 / 8) - 1,
+ Success
+ },
+};
+
+class pkixcheck_CheckSignatureAlgorithm
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<CheckSignatureAlgorithmTestParams>
+{
+};
+
+class pkixcheck_CheckSignatureAlgorithm_TrustDomain final
+ : public EverythingFailsByDefaultTrustDomain
+{
+public:
+ explicit pkixcheck_CheckSignatureAlgorithm_TrustDomain(
+ unsigned int aPublicKeySizeInBits)
+ : publicKeySizeInBits(aPublicKeySizeInBits)
+ , checkedDigestAlgorithm(false)
+ , checkedModulusSizeInBits(false)
+ {
+ }
+
+ Result CheckSignatureDigestAlgorithm(DigestAlgorithm, EndEntityOrCA, Time)
+ override
+ {
+ checkedDigestAlgorithm = true;
+ return Success;
+ }
+
+ Result CheckRSAPublicKeyModulusSizeInBits(EndEntityOrCA endEntityOrCA,
+ unsigned int modulusSizeInBits)
+ override
+ {
+ EXPECT_EQ(EndEntityOrCA::MustBeEndEntity, endEntityOrCA);
+ EXPECT_EQ(publicKeySizeInBits, modulusSizeInBits);
+ checkedModulusSizeInBits = true;
+ return Success;
+ }
+
+ const unsigned int publicKeySizeInBits;
+ bool checkedDigestAlgorithm;
+ bool checkedModulusSizeInBits;
+};
+
+TEST_P(pkixcheck_CheckSignatureAlgorithm, CheckSignatureAlgorithm)
+{
+ const Time now(Now());
+ const CheckSignatureAlgorithmTestParams& params(GetParam());
+
+ Input signatureValueInput;
+ ASSERT_EQ(Success,
+ signatureValueInput.Init(params.signatureValue.data(),
+ params.signatureValue.length()));
+
+ pkixcheck_CheckSignatureAlgorithm_TrustDomain
+ trustDomain(params.signatureLengthInBytes * 8);
+
+ der::SignedDataWithSignature signedData;
+ ASSERT_EQ(Success,
+ signedData.algorithm.Init(params.signatureAlgorithmValue.data(),
+ params.signatureAlgorithmValue.length()));
+
+ ByteString dummySignature(params.signatureLengthInBytes, 0xDE);
+ ASSERT_EQ(Success,
+ signedData.signature.Init(dummySignature.data(),
+ dummySignature.length()));
+
+ ASSERT_EQ(params.expectedResult,
+ CheckSignatureAlgorithm(trustDomain, EndEntityOrCA::MustBeEndEntity,
+ now, signedData, signatureValueInput));
+ ASSERT_EQ(params.expectedResult == Success,
+ trustDomain.checkedDigestAlgorithm);
+ ASSERT_EQ(params.expectedResult == Success,
+ trustDomain.checkedModulusSizeInBits);
+}
+
+INSTANTIATE_TEST_CASE_P(
+ pkixcheck_CheckSignatureAlgorithm, pkixcheck_CheckSignatureAlgorithm,
+ testing::ValuesIn(CHECKSIGNATUREALGORITHM_TEST_PARAMS));
+
+class pkixcheck_CheckSignatureAlgorithm_BuildCertChain_TrustDomain
+ : public DefaultCryptoTrustDomain
+{
+public:
+ explicit pkixcheck_CheckSignatureAlgorithm_BuildCertChain_TrustDomain(
+ const ByteString& aIssuer)
+ : issuer(aIssuer)
+ {
+ }
+
+ Result GetCertTrust(EndEntityOrCA, const CertPolicyId&,
+ Input cert, /*out*/ TrustLevel& trustLevel) override
+ {
+ trustLevel = InputEqualsByteString(cert, issuer)
+ ? TrustLevel::TrustAnchor
+ : TrustLevel::InheritsTrust;
+ return Success;
+ }
+
+ Result FindIssuer(Input, IssuerChecker& checker, Time) override
+ {
+ EXPECT_FALSE(ENCODING_FAILED(issuer));
+
+ Input issuerInput;
+ EXPECT_EQ(Success, issuerInput.Init(issuer.data(), issuer.length()));
+
+ bool keepGoing;
+ EXPECT_EQ(Success, checker.Check(issuerInput, nullptr, keepGoing));
+ EXPECT_FALSE(keepGoing);
+
+ return Success;
+ }
+
+ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
+ /*optional*/ const Input*,
+ /*optional*/ const Input*) override
+ {
+ return Success;
+ }
+
+ Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override
+ {
+ return Success;
+ }
+
+ ByteString issuer;
+};
+
+// Test that CheckSignatureAlgorithm actually gets called at some point when
+// BuildCertChain is called.
+TEST_F(pkixcheck_CheckSignatureAlgorithm, BuildCertChain)
+{
+ ScopedTestKeyPair keyPair(CloneReusedKeyPair());
+ ASSERT_TRUE(keyPair.get());
+
+ ByteString issuerExtensions[2];
+ issuerExtensions[0] = CreateEncodedBasicConstraints(true, nullptr,
+ Critical::No);
+ ASSERT_FALSE(ENCODING_FAILED(issuerExtensions[0]));
+
+ ByteString issuer(CreateEncodedCertificate(3,
+ sha256WithRSAEncryption(),
+ CreateEncodedSerialNumber(1),
+ CNToDERName("issuer"),
+ oneDayBeforeNow, oneDayAfterNow,
+ CNToDERName("issuer"),
+ *keyPair,
+ issuerExtensions,
+ *keyPair,
+ sha256WithRSAEncryption()));
+ ASSERT_FALSE(ENCODING_FAILED(issuer));
+
+ ByteString subject(CreateEncodedCertificate(3,
+ sha1WithRSAEncryption(),
+ CreateEncodedSerialNumber(2),
+ CNToDERName("issuer"),
+ oneDayBeforeNow, oneDayAfterNow,
+ CNToDERName("subject"),
+ *keyPair,
+ nullptr,
+ *keyPair,
+ sha256WithRSAEncryption()));
+ ASSERT_FALSE(ENCODING_FAILED(subject));
+
+ Input subjectInput;
+ ASSERT_EQ(Success, subjectInput.Init(subject.data(), subject.length()));
+ pkixcheck_CheckSignatureAlgorithm_BuildCertChain_TrustDomain
+ trustDomain(issuer);
+ Result rv = BuildCertChain(trustDomain, subjectInput, Now(),
+ EndEntityOrCA::MustBeEndEntity,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::anyExtendedKeyUsage,
+ CertPolicyId::anyPolicy,
+ nullptr);
+ ASSERT_EQ(Result::ERROR_SIGNATURE_ALGORITHM_MISMATCH, rv);
+}
diff --git a/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckValidity_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckValidity_tests.cpp
new file mode 100644
index 000000000..a1a6f998b
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixcheck_CheckValidity_tests.cpp
@@ -0,0 +1,128 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2014 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixcheck.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+static const Time PAST_TIME(YMDHMS(1998, 12, 31, 12, 23, 56));
+
+#define OLDER_GENERALIZEDTIME \
+ 0x18, 15, /* tag, length */ \
+ '1', '9', '9', '9', '0', '1', '0', '1', /* 1999-01-01 */ \
+ '0', '0', '0', '0', '0', '0', 'Z' /* 00:00:00Z */
+
+#define OLDER_UTCTIME \
+ 0x17, 13, /* tag, length */ \
+ '9', '9', '0', '1', '0', '1', /* (19)99-01-01 */ \
+ '0', '0', '0', '0', '0', '0', 'Z' /* 00:00:00Z */
+
+static const Time NOW(YMDHMS(2016, 12, 31, 12, 23, 56));
+
+#define NEWER_GENERALIZEDTIME \
+ 0x18, 15, /* tag, length */ \
+ '2', '0', '2', '1', '0', '1', '0', '1', /* 2021-01-01 */ \
+ '0', '0', '0', '0', '0', '0', 'Z' /* 00:00:00Z */
+
+#define NEWER_UTCTIME \
+ 0x17, 13, /* tag, length */ \
+ '2', '1', '0', '1', '0', '1', /* 2021-01-01 */ \
+ '0', '0', '0', '0', '0', '0', 'Z' /* 00:00:00Z */
+
+static const Time FUTURE_TIME(YMDHMS(2025, 12, 31, 12, 23, 56));
+
+class pkixcheck_CheckValidity : public ::testing::Test { };
+
+static const uint8_t OLDER_UTCTIME_NEWER_UTCTIME_DATA[] = {
+ OLDER_UTCTIME,
+ NEWER_UTCTIME,
+};
+static const Input
+OLDER_UTCTIME_NEWER_UTCTIME(OLDER_UTCTIME_NEWER_UTCTIME_DATA);
+
+TEST_F(pkixcheck_CheckValidity, Valid_UTCTIME_UTCTIME)
+{
+ static Time notBefore(Time::uninitialized);
+ static Time notAfter(Time::uninitialized);
+ ASSERT_EQ(Success, ParseValidity(OLDER_UTCTIME_NEWER_UTCTIME, ¬Before, ¬After));
+ ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
+}
+
+TEST_F(pkixcheck_CheckValidity, Valid_GENERALIZEDTIME_GENERALIZEDTIME)
+{
+ static const uint8_t DER[] = {
+ OLDER_GENERALIZEDTIME,
+ NEWER_GENERALIZEDTIME,
+ };
+ static const Input validity(DER);
+ static Time notBefore(Time::uninitialized);
+ static Time notAfter(Time::uninitialized);
+ ASSERT_EQ(Success, ParseValidity(validity, ¬Before, ¬After));
+ ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
+}
+
+TEST_F(pkixcheck_CheckValidity, Valid_GENERALIZEDTIME_UTCTIME)
+{
+ static const uint8_t DER[] = {
+ OLDER_GENERALIZEDTIME,
+ NEWER_UTCTIME,
+ };
+ static const Input validity(DER);
+ static Time notBefore(Time::uninitialized);
+ static Time notAfter(Time::uninitialized);
+ ASSERT_EQ(Success, ParseValidity(validity, ¬Before, ¬After));
+ ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
+}
+
+TEST_F(pkixcheck_CheckValidity, Valid_UTCTIME_GENERALIZEDTIME)
+{
+ static const uint8_t DER[] = {
+ OLDER_UTCTIME,
+ NEWER_GENERALIZEDTIME,
+ };
+ static const Input validity(DER);
+ static Time notBefore(Time::uninitialized);
+ static Time notAfter(Time::uninitialized);
+ ASSERT_EQ(Success, ParseValidity(validity, ¬Before, ¬After));
+ ASSERT_EQ(Success, CheckValidity(NOW, notBefore, notAfter));
+}
+
+TEST_F(pkixcheck_CheckValidity, InvalidBeforeNotBefore)
+{
+ static Time notBefore(Time::uninitialized);
+ static Time notAfter(Time::uninitialized);
+ ASSERT_EQ(Success, ParseValidity(OLDER_UTCTIME_NEWER_UTCTIME, ¬Before, ¬After));
+ ASSERT_EQ(Result::ERROR_NOT_YET_VALID_CERTIFICATE, CheckValidity(PAST_TIME, notBefore, notAfter));
+}
+
+TEST_F(pkixcheck_CheckValidity, InvalidAfterNotAfter)
+{
+ static Time notBefore(Time::uninitialized);
+ static Time notAfter(Time::uninitialized);
+ ASSERT_EQ(Success, ParseValidity(OLDER_UTCTIME_NEWER_UTCTIME, ¬Before, ¬After));
+ ASSERT_EQ(Result::ERROR_EXPIRED_CERTIFICATE, CheckValidity(FUTURE_TIME, notBefore, notAfter));
+}
diff --git a/security/nss/gtests/mozpkix_gtest/pkixcheck_ParseValidity_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixcheck_ParseValidity_tests.cpp
new file mode 100644
index 000000000..7255bb5df
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixcheck_ParseValidity_tests.cpp
@@ -0,0 +1,84 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2014 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixcheck.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+#define OLDER_UTCTIME \
+ 0x17, 13, /* tag, length */ \
+ '9', '9', '0', '1', '0', '1', /* (19)99-01-01 */ \
+ '0', '0', '0', '0', '0', '0', 'Z' /* 00:00:00Z */
+
+#define NEWER_UTCTIME \
+ 0x17, 13, /* tag, length */ \
+ '2', '1', '0', '1', '0', '1', /* 2021-01-01 */ \
+ '0', '0', '0', '0', '0', '0', 'Z' /* 00:00:00Z */
+
+static const Time FUTURE_TIME(YMDHMS(2025, 12, 31, 12, 23, 56));
+
+class pkixcheck_ParseValidity : public ::testing::Test { };
+
+TEST_F(pkixcheck_ParseValidity, BothEmptyNull)
+{
+ static const uint8_t DER[] = {
+ 0x17/*UTCTime*/, 0/*length*/,
+ 0x17/*UTCTime*/, 0/*length*/,
+ };
+ static const Input validity(DER);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, ParseValidity(validity));
+}
+
+TEST_F(pkixcheck_ParseValidity, NotBeforeEmptyNull)
+{
+ static const uint8_t DER[] = {
+ 0x17/*UTCTime*/, 0x00/*length*/,
+ NEWER_UTCTIME
+ };
+ static const Input validity(DER);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, ParseValidity(validity));
+}
+
+TEST_F(pkixcheck_ParseValidity, NotAfterEmptyNull)
+{
+ static const uint8_t DER[] = {
+ NEWER_UTCTIME,
+ 0x17/*UTCTime*/, 0x00/*length*/,
+ };
+ static const Input validity(DER);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, ParseValidity(validity));
+}
+
+TEST_F(pkixcheck_ParseValidity, InvalidNotAfterBeforeNotBefore)
+{
+ static const uint8_t DER[] = {
+ NEWER_UTCTIME,
+ OLDER_UTCTIME,
+ };
+ static const Input validity(DER);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, ParseValidity(validity));
+}
diff --git a/security/nss/gtests/mozpkix_gtest/pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp
new file mode 100644
index 000000000..b7809cc60
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixcheck_TLSFeaturesSatisfiedInternal_tests.cpp
@@ -0,0 +1,120 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2015 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixder.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+namespace mozilla { namespace pkix {
+ extern Result TLSFeaturesSatisfiedInternal(const Input* requiredTLSFeatures,
+ const Input* stapledOCSPResponse);
+} } // namespace mozilla::pkix
+
+struct TLSFeaturesTestParams
+{
+ ByteString requiredTLSFeatures;
+ Result expectedResultWithResponse;
+ Result expectedResultWithoutResponse;
+};
+
+::std::ostream& operator<<(::std::ostream& os, const TLSFeaturesTestParams&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+#define BS(s) ByteString(s, MOZILLA_PKIX_ARRAY_LENGTH(s))
+static const uint8_t statusRequest[] = {
+ 0x30, 0x03, 0x02, 0x01, 0x05
+};
+
+static const uint8_t unknown[] = {
+ 0x30, 0x03, 0x02, 0x01, 0x06
+};
+
+static const uint8_t statusRequestAndUnknown[] = {
+ 0x30, 0x06, 0x02, 0x01, 0x05, 0x02, 0x01, 0x06
+};
+
+static const uint8_t duplicateStatusRequest[] = {
+ 0x30, 0x06, 0x02, 0x01, 0x05, 0x02, 0x01, 0x05
+};
+
+static const uint8_t twoByteUnknown[] = {
+ 0x30, 0x04, 0x02, 0x02, 0x05, 0x05
+};
+
+static const uint8_t zeroByteInteger[] = {
+ 0x30, 0x02, 0x02, 0x00
+};
+
+static const TLSFeaturesTestParams
+ TLSFEATURESSATISFIED_TEST_PARAMS[] =
+{
+ // some tests with checks enforced
+ { ByteString(), Result::ERROR_BAD_DER, Result::ERROR_BAD_DER },
+ { BS(statusRequest), Success, Result::ERROR_REQUIRED_TLS_FEATURE_MISSING },
+ { BS(unknown), Result::ERROR_REQUIRED_TLS_FEATURE_MISSING,
+ Result::ERROR_REQUIRED_TLS_FEATURE_MISSING },
+ { BS(statusRequestAndUnknown), Result::ERROR_REQUIRED_TLS_FEATURE_MISSING,
+ Result::ERROR_REQUIRED_TLS_FEATURE_MISSING },
+ { BS(duplicateStatusRequest), Success,
+ Result::ERROR_REQUIRED_TLS_FEATURE_MISSING },
+ { BS(twoByteUnknown), Result::ERROR_REQUIRED_TLS_FEATURE_MISSING,
+ Result::ERROR_REQUIRED_TLS_FEATURE_MISSING },
+ { BS(zeroByteInteger), Result::ERROR_REQUIRED_TLS_FEATURE_MISSING,
+ Result::ERROR_REQUIRED_TLS_FEATURE_MISSING },
+};
+
+class pkixcheck_TLSFeaturesSatisfiedInternal
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<TLSFeaturesTestParams>
+{
+};
+
+TEST_P(pkixcheck_TLSFeaturesSatisfiedInternal, TLSFeaturesSatisfiedInternal) {
+ const TLSFeaturesTestParams& params(GetParam());
+
+ Input featuresInput;
+ ASSERT_EQ(Success, featuresInput.Init(params.requiredTLSFeatures.data(),
+ params.requiredTLSFeatures.length()));
+ Input responseInput;
+ // just create an input with any data in it
+ ByteString stapledOCSPResponse = BS(statusRequest);
+ ASSERT_EQ(Success, responseInput.Init(stapledOCSPResponse.data(),
+ stapledOCSPResponse.length()));
+ // first we omit the response
+ ASSERT_EQ(params.expectedResultWithoutResponse,
+ TLSFeaturesSatisfiedInternal(&featuresInput, nullptr));
+ // then we try again with the response
+ ASSERT_EQ(params.expectedResultWithResponse,
+ TLSFeaturesSatisfiedInternal(&featuresInput, &responseInput));
+}
+
+INSTANTIATE_TEST_CASE_P(
+ pkixcheck_TLSFeaturesSatisfiedInternal,
+ pkixcheck_TLSFeaturesSatisfiedInternal,
+ testing::ValuesIn(TLSFEATURESSATISFIED_TEST_PARAMS));
diff --git a/security/nss/gtests/mozpkix_gtest/pkixder_input_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixder_input_tests.cpp
new file mode 100644
index 000000000..cf91fa2c6
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixder_input_tests.cpp
@@ -0,0 +1,920 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <functional>
+#include <vector>
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixder.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::der;
+
+namespace {
+
+class pkixder_input_tests : public ::testing::Test { };
+
+static const uint8_t DER_SEQUENCE_EMPTY[] = {
+ 0x30, // SEQUENCE
+ 0x00, // length
+};
+
+static const uint8_t DER_SEQUENCE_NOT_EMPTY[] = {
+ 0x30, // SEQUENCE
+ 0x01, // length
+ 'X', // value
+};
+
+static const uint8_t DER_SEQUENCE_NOT_EMPTY_VALUE[] = {
+ 'X', // value
+};
+
+static const uint8_t DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED[] = {
+ 0x30, // SEQUENCE
+ 0x01, // length
+};
+
+const uint8_t DER_SEQUENCE_OF_INT8[] = {
+ 0x30, // SEQUENCE
+ 0x09, // length
+ 0x02, 0x01, 0x01, // INTEGER length 1 value 0x01
+ 0x02, 0x01, 0x02, // INTEGER length 1 value 0x02
+ 0x02, 0x01, 0x03 // INTEGER length 1 value 0x03
+};
+
+const uint8_t DER_TRUNCATED_SEQUENCE_OF_INT8[] = {
+ 0x30, // SEQUENCE
+ 0x09, // length
+ 0x02, 0x01, 0x01, // INTEGER length 1 value 0x01
+ 0x02, 0x01, 0x02 // INTEGER length 1 value 0x02
+ // MISSING DATA HERE ON PURPOSE
+};
+
+const uint8_t DER_OVERRUN_SEQUENCE_OF_INT8[] = {
+ 0x30, // SEQUENCE
+ 0x09, // length
+ 0x02, 0x01, 0x01, // INTEGER length 1 value 0x01
+ 0x02, 0x01, 0x02, // INTEGER length 1 value 0x02
+ 0x02, 0x02, 0xFF, 0x03 // INTEGER length 2 value 0xFF03
+};
+
+const uint8_t DER_INT16[] = {
+ 0x02, // INTEGER
+ 0x02, // length
+ 0x12, 0x34 // 0x1234
+};
+
+static const Input EMPTY_INPUT;
+
+TEST_F(pkixder_input_tests, InputInit)
+{
+ Input buf;
+ ASSERT_EQ(Success,
+ buf.Init(DER_SEQUENCE_OF_INT8, sizeof DER_SEQUENCE_OF_INT8));
+}
+
+TEST_F(pkixder_input_tests, InputInitWithNullPointerOrZeroLength)
+{
+ Input buf;
+ ASSERT_EQ(Result::ERROR_BAD_DER, buf.Init(nullptr, 0));
+
+ ASSERT_EQ(Result::ERROR_BAD_DER, buf.Init(nullptr, 100));
+
+ // Though it seems odd to initialize with zero-length and non-null ptr, this
+ // is working as intended. The Reader class was intended to protect against
+ // buffer overflows, and there's no risk with the current behavior. See bug
+ // 1000354.
+ ASSERT_EQ(Success, buf.Init((const uint8_t*) "hello", 0));
+ ASSERT_TRUE(buf.GetLength() == 0);
+}
+
+TEST_F(pkixder_input_tests, InputInitWithLargeData)
+{
+ Input buf;
+ // Data argument length does not matter, it is not touched, just
+ // needs to be non-null
+ ASSERT_EQ(Result::ERROR_BAD_DER, buf.Init((const uint8_t*) "", 0xffff+1));
+
+ ASSERT_EQ(Success, buf.Init((const uint8_t*) "", 0xffff));
+}
+
+TEST_F(pkixder_input_tests, InputInitMultipleTimes)
+{
+ Input buf;
+
+ ASSERT_EQ(Success,
+ buf.Init(DER_SEQUENCE_OF_INT8, sizeof DER_SEQUENCE_OF_INT8));
+
+ ASSERT_EQ(Result::FATAL_ERROR_INVALID_ARGS,
+ buf.Init(DER_SEQUENCE_OF_INT8, sizeof DER_SEQUENCE_OF_INT8));
+}
+
+TEST_F(pkixder_input_tests, PeekWithinBounds)
+{
+ const uint8_t der[] = { 0x11, 0x11 };
+ Input buf(der);
+ Reader input(buf);
+ ASSERT_TRUE(input.Peek(0x11));
+ ASSERT_FALSE(input.Peek(0x22));
+}
+
+TEST_F(pkixder_input_tests, PeekPastBounds)
+{
+ const uint8_t der[] = { 0x11, 0x22 };
+ Input buf;
+ ASSERT_EQ(Success, buf.Init(der, 1));
+ Reader input(buf);
+
+ uint8_t readByte;
+ ASSERT_EQ(Success, input.Read(readByte));
+ ASSERT_EQ(0x11, readByte);
+ ASSERT_FALSE(input.Peek(0x22));
+}
+
+TEST_F(pkixder_input_tests, ReadByte)
+{
+ const uint8_t der[] = { 0x11, 0x22 };
+ Input buf(der);
+ Reader input(buf);
+
+ uint8_t readByte1;
+ ASSERT_EQ(Success, input.Read(readByte1));
+ ASSERT_EQ(0x11, readByte1);
+
+ uint8_t readByte2;
+ ASSERT_EQ(Success, input.Read(readByte2));
+ ASSERT_EQ(0x22, readByte2);
+}
+
+TEST_F(pkixder_input_tests, ReadBytePastEnd)
+{
+ const uint8_t der[] = { 0x11, 0x22 };
+ Input buf;
+ ASSERT_EQ(Success, buf.Init(der, 1));
+ Reader input(buf);
+
+ uint8_t readByte1 = 0;
+ ASSERT_EQ(Success, input.Read(readByte1));
+ ASSERT_EQ(0x11, readByte1);
+
+ uint8_t readByte2 = 0;
+ ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(readByte2));
+ ASSERT_NE(0x22, readByte2);
+}
+
+TEST_F(pkixder_input_tests, ReadByteWrapAroundPointer)
+{
+ // The original implementation of our buffer read overflow checks was
+ // susceptible to integer overflows which could make the checks ineffective.
+ // This attempts to verify that we've fixed that. Unfortunately, decrementing
+ // a null pointer is undefined behavior according to the C++ language spec.,
+ // but this should catch the problem on at least some compilers, if not all of
+ // them.
+ const uint8_t* der = nullptr;
+ --der;
+ Input buf;
+ ASSERT_EQ(Success, buf.Init(der, 0));
+ Reader input(buf);
+
+ uint8_t b;
+ ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(b));
+}
+
+TEST_F(pkixder_input_tests, ReadWord)
+{
+ const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+
+ uint16_t readWord1 = 0;
+ ASSERT_EQ(Success, input.Read(readWord1));
+ ASSERT_EQ(0x1122, readWord1);
+
+ uint16_t readWord2 = 0;
+ ASSERT_EQ(Success, input.Read(readWord2));
+ ASSERT_EQ(0x3344, readWord2);
+}
+
+TEST_F(pkixder_input_tests, ReadWordPastEnd)
+{
+ const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf;
+ ASSERT_EQ(Success, buf.Init(der, 2)); // Initialize with too-short length
+ Reader input(buf);
+
+ uint16_t readWord1 = 0;
+ ASSERT_EQ(Success, input.Read(readWord1));
+ ASSERT_EQ(0x1122, readWord1);
+
+ uint16_t readWord2 = 0;
+ ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(readWord2));
+ ASSERT_NE(0x3344, readWord2);
+}
+
+TEST_F(pkixder_input_tests, ReadWordWithInsufficentData)
+{
+ const uint8_t der[] = { 0x11, 0x22 };
+ Input buf;
+ ASSERT_EQ(Success, buf.Init(der, 1));
+ Reader input(buf);
+
+ uint16_t readWord1 = 0;
+ ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(readWord1));
+ ASSERT_NE(0x1122, readWord1);
+}
+
+TEST_F(pkixder_input_tests, ReadWordWrapAroundPointer)
+{
+ // The original implementation of our buffer read overflow checks was
+ // susceptible to integer overflows which could make the checks ineffective.
+ // This attempts to verify that we've fixed that. Unfortunately, decrementing
+ // a null pointer is undefined behavior according to the C++ language spec.,
+ // but this should catch the problem on at least some compilers, if not all of
+ // them.
+ const uint8_t* der = nullptr;
+ --der;
+ Input buf;
+ ASSERT_EQ(Success, buf.Init(der, 0));
+ Reader input(buf);
+ uint16_t b;
+ ASSERT_EQ(Result::ERROR_BAD_DER, input.Read(b));
+}
+
+TEST_F(pkixder_input_tests, Skip)
+{
+ const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+
+ ASSERT_EQ(Success, input.Skip(1));
+
+ uint8_t readByte1 = 0;
+ ASSERT_EQ(Success, input.Read(readByte1));
+ ASSERT_EQ(0x22, readByte1);
+
+ ASSERT_EQ(Success, input.Skip(1));
+
+ uint8_t readByte2 = 0;
+ ASSERT_EQ(Success, input.Read(readByte2));
+ ASSERT_EQ(0x44, readByte2);
+}
+
+TEST_F(pkixder_input_tests, Skip_ToEnd)
+{
+ const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+ ASSERT_EQ(Success, input.Skip(sizeof der));
+ ASSERT_TRUE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests, Skip_PastEnd)
+{
+ const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+
+ ASSERT_EQ(Result::ERROR_BAD_DER, input.Skip(sizeof der + 1));
+}
+
+TEST_F(pkixder_input_tests, Skip_ToNewInput)
+{
+ const uint8_t der[] = { 0x01, 0x02, 0x03, 0x04 };
+ Input buf(der);
+ Reader input(buf);
+
+ Reader skippedInput;
+ ASSERT_EQ(Success, input.Skip(3, skippedInput));
+
+ uint8_t readByte1 = 0;
+ ASSERT_EQ(Success, input.Read(readByte1));
+ ASSERT_EQ(0x04, readByte1);
+
+ ASSERT_TRUE(input.AtEnd());
+
+ // Reader has no Remaining() or Length() so we simply read the bytes
+ // and then expect to be at the end.
+
+ for (uint8_t i = 1; i <= 3; ++i) {
+ uint8_t readByte = 0;
+ ASSERT_EQ(Success, skippedInput.Read(readByte));
+ ASSERT_EQ(i, readByte);
+ }
+
+ ASSERT_TRUE(skippedInput.AtEnd());
+}
+
+TEST_F(pkixder_input_tests, Skip_ToNewInputPastEnd)
+{
+ const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+
+ Reader skippedInput;
+ ASSERT_EQ(Result::ERROR_BAD_DER, input.Skip(sizeof der * 2, skippedInput));
+}
+
+TEST_F(pkixder_input_tests, Skip_ToInput)
+{
+ const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+
+ const uint8_t expectedItemData[] = { 0x11, 0x22, 0x33 };
+
+ Input item;
+ ASSERT_EQ(Success, input.Skip(sizeof expectedItemData, item));
+
+ Input expected(expectedItemData);
+ ASSERT_TRUE(InputsAreEqual(expected, item));
+}
+
+TEST_F(pkixder_input_tests, Skip_WrapAroundPointer)
+{
+ // The original implementation of our buffer read overflow checks was
+ // susceptible to integer overflows which could make the checks ineffective.
+ // This attempts to verify that we've fixed that. Unfortunately, decrementing
+ // a null pointer is undefined behavior according to the C++ language spec.,
+ // but this should catch the problem on at least some compilers, if not all of
+ // them.
+ const uint8_t* der = nullptr;
+ --der;
+ Input buf;
+ ASSERT_EQ(Success, buf.Init(der, 0));
+ Reader input(buf);
+ ASSERT_EQ(Result::ERROR_BAD_DER, input.Skip(1));
+}
+
+TEST_F(pkixder_input_tests, Skip_ToInputPastEnd)
+{
+ const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+
+ Input skipped;
+ ASSERT_EQ(Result::ERROR_BAD_DER, input.Skip(sizeof der + 1, skipped));
+}
+
+TEST_F(pkixder_input_tests, SkipToEnd_ToInput)
+{
+ static const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+
+ Input skipped;
+ ASSERT_EQ(Success, input.SkipToEnd(skipped));
+}
+
+TEST_F(pkixder_input_tests, SkipToEnd_ToInput_InputAlreadyInited)
+{
+ static const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+
+ static const uint8_t initialValue[] = { 0x01, 0x02, 0x03 };
+ Input x(initialValue);
+ // Fails because skipped was already initialized once, and Inputs are not
+ // allowed to be Init()d multiple times.
+ ASSERT_EQ(Result::FATAL_ERROR_INVALID_ARGS, input.SkipToEnd(x));
+ ASSERT_TRUE(InputsAreEqual(x, Input(initialValue)));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndSkipValue)
+{
+ Input buf(DER_SEQUENCE_OF_INT8);
+ Reader input(buf);
+
+ ASSERT_EQ(Success, ExpectTagAndSkipValue(input, SEQUENCE));
+ ASSERT_EQ(Success, End(input));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndSkipValueWithTruncatedData)
+{
+ Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
+ Reader input(buf);
+
+ ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndSkipValue(input, SEQUENCE));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndSkipValueWithOverrunData)
+{
+ Input buf(DER_OVERRUN_SEQUENCE_OF_INT8);
+ Reader input(buf);
+ ASSERT_EQ(Success, ExpectTagAndSkipValue(input, SEQUENCE));
+ ASSERT_EQ(Result::ERROR_BAD_DER, End(input));
+}
+
+TEST_F(pkixder_input_tests, AtEndOnUnInitializedInput)
+{
+ Reader input;
+ ASSERT_TRUE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests, AtEndAtBeginning)
+{
+ const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+ ASSERT_FALSE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests, AtEndAtEnd)
+{
+ const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+ ASSERT_EQ(Success, input.Skip(sizeof der));
+ ASSERT_TRUE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests, MarkAndGetInput)
+{
+ const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+
+ Reader::Mark mark = input.GetMark();
+
+ const uint8_t expectedItemData[] = { 0x11, 0x22, 0x33 };
+
+ ASSERT_EQ(Success, input.Skip(sizeof expectedItemData));
+
+ Input item;
+ ASSERT_EQ(Success, input.GetInput(mark, item));
+ Input expected(expectedItemData);
+ ASSERT_TRUE(InputsAreEqual(expected, item));
+}
+
+// Cannot run this test on debug builds because of the NotReached
+#ifdef NDEBUG
+TEST_F(pkixder_input_tests, MarkAndGetInputDifferentInput)
+{
+ const uint8_t der[] = { 0x11, 0x22, 0x33, 0x44 };
+ Input buf(der);
+ Reader input(buf);
+
+ Reader another;
+ Reader::Mark mark = another.GetMark();
+
+ ASSERT_EQ(Success, input.Skip(3));
+
+ Input item;
+ ASSERT_EQ(Result::FATAL_ERROR_INVALID_ARGS, input.GetInput(mark, item));
+}
+#endif
+
+TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_AtEnd)
+{
+ Reader input(EMPTY_INPUT);
+ uint8_t tag;
+ Input value;
+ ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value));
+}
+
+TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_TruncatedAfterTag)
+{
+ static const uint8_t DER[] = { SEQUENCE };
+ Input buf(DER);
+ Reader input(buf);
+ uint8_t tag;
+ Input value;
+ ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value));
+}
+
+TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_ValidEmpty)
+{
+ Input buf(DER_SEQUENCE_EMPTY);
+ Reader input(buf);
+ uint8_t tag = 0;
+ Input value;
+ ASSERT_EQ(Success, ReadTagAndGetValue(input, tag, value));
+ ASSERT_EQ(SEQUENCE, tag);
+ ASSERT_EQ(0u, value.GetLength());
+ ASSERT_TRUE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_ValidNotEmpty)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY);
+ Reader input(buf);
+ uint8_t tag = 0;
+ Input value;
+ ASSERT_EQ(Success, ReadTagAndGetValue(input, tag, value));
+ ASSERT_EQ(SEQUENCE, tag);
+ Input expected(DER_SEQUENCE_NOT_EMPTY_VALUE);
+ ASSERT_TRUE(InputsAreEqual(expected, value));
+ ASSERT_TRUE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests,
+ ReadTagAndGetValue_Input_InvalidNotEmptyValueTruncated)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED);
+ Reader input(buf);
+ uint8_t tag;
+ Input value;
+ ASSERT_EQ(Result::ERROR_BAD_DER, ReadTagAndGetValue(input, tag, value));
+}
+
+TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_InvalidWrongLength)
+{
+ Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
+ Reader input(buf);
+ uint8_t tag;
+ Input value;
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ ReadTagAndGetValue(input, tag, value));
+}
+
+TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_InvalidHighTagNumberForm1)
+{
+ // High tag number form is not allowed (illegal 1 byte tag)
+ //
+ // If the decoder treats 0x1F as a valid low tag number tag, then it will
+ // treat the actual tag (1) as a length, and then it will return Success
+ // with value == { 0x00 } and tag == 0x1f.
+ //
+ // It is illegal to encode tag 1 in the high tag number form because it isn't
+ // the shortest encoding (the low tag number form is).
+ static const uint8_t DER[] = {
+ 0x1F, // high tag number form indicator
+ 1, // tag 1 (not legal!)
+ 0 // length zero
+ };
+ Input buf(DER);
+ Reader input(buf);
+ uint8_t tag;
+ Input value;
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ ReadTagAndGetValue(input, tag, value));
+}
+
+TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_InvalidHighTagNumberForm2)
+{
+ // High tag number form is not allowed (legal 1 byte tag).
+ //
+ // ReadTagAndGetValue's check to prohibit the high tag number form has no
+ // effect on whether this test passes or fails, because ReadTagAndGetValue
+ // will interpret the second byte (31) as a length, and the input doesn't
+ // have 31 bytes following it. This test is here to guard against the case
+ // where somebody actually implements high tag number form parsing, to remind
+ // that person that they need to add tests here, including in particular
+ // tests for overly-long encodings.
+ static const uint8_t DER[] = {
+ 0x1F, // high tag number form indicator
+ 31, // tag 31
+ 0 // length zero
+ };
+ Input buf(DER);
+ Reader input(buf);
+ uint8_t tag;
+ Input value;
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ ReadTagAndGetValue(input, tag, value));
+}
+
+TEST_F(pkixder_input_tests, ReadTagAndGetValue_Input_InvalidHighTagNumberForm3)
+{
+ // High tag number form is not allowed (2 byte legal tag)
+ //
+ // ReadTagAndGetValue's check to prohibit the high tag number form has no
+ // effect on whether this test passes or fails, because ReadTagAndGetValue
+ // will interpret the second byte as a length, and the input doesn't have
+ // that many bytes following it. This test is here to guard against the case
+ // where somebody actually implements high tag number form parsing, to remind
+ // that person that they need to add tests here, including in particular
+ // tests for overly-long encodings.
+ static const uint8_t DER[] = {
+ 0x1F, // high tag number form indicator
+ 0x80 | 0x01, 0x00, // tag 0x100 (256)
+ 0 // length zero
+ };
+ Input buf(DER);
+ Reader input(buf);
+ uint8_t tag;
+ Input value;
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ ReadTagAndGetValue(input, tag, value));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Reader_ValidEmpty)
+{
+ Input buf(DER_SEQUENCE_EMPTY);
+ Reader input(buf);
+ Reader value;
+ ASSERT_EQ(Success, ExpectTagAndGetValue(input, SEQUENCE, value));
+ ASSERT_TRUE(value.AtEnd());
+ ASSERT_TRUE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Reader_ValidNotEmpty)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY);
+ Reader input(buf);
+ Reader value;
+ ASSERT_EQ(Success, ExpectTagAndGetValue(input, SEQUENCE, value));
+ ASSERT_TRUE(value.MatchRest(DER_SEQUENCE_NOT_EMPTY_VALUE));
+ ASSERT_TRUE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests,
+ ExpectTagAndGetValue_Reader_InvalidNotEmptyValueTruncated)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED);
+ Reader input(buf);
+ Reader value;
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ ExpectTagAndGetValue(input, SEQUENCE, value));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Reader_InvalidWrongLength)
+{
+ Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
+ Reader input(buf);
+ Reader value;
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ ExpectTagAndGetValue(input, SEQUENCE, value));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Reader_InvalidWrongTag)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY);
+ Reader input(buf);
+ Reader value;
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ ExpectTagAndGetValue(input, INTEGER, value));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Input_ValidEmpty)
+{
+ Input buf(DER_SEQUENCE_EMPTY);
+ Reader input(buf);
+ Input value;
+ ASSERT_EQ(Success, ExpectTagAndGetValue(input, SEQUENCE, value));
+ ASSERT_EQ(0u, value.GetLength());
+ ASSERT_TRUE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Input_ValidNotEmpty)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY);
+ Reader input(buf);
+ Input value;
+ ASSERT_EQ(Success, ExpectTagAndGetValue(input, SEQUENCE, value));
+ Input expected(DER_SEQUENCE_NOT_EMPTY_VALUE);
+ ASSERT_TRUE(InputsAreEqual(expected, value));
+ ASSERT_TRUE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests,
+ ExpectTagAndGetValue_Input_InvalidNotEmptyValueTruncated)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED);
+ Reader input(buf);
+ Input value;
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ ExpectTagAndGetValue(input, SEQUENCE, value));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Input_InvalidWrongLength)
+{
+ Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
+ Reader input(buf);
+ Input value;
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ ExpectTagAndGetValue(input, SEQUENCE, value));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndGetValue_Input_InvalidWrongTag)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY);
+ Reader input(buf);
+ Input value;
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ ExpectTagAndGetValue(input, INTEGER, value));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndEmptyValue_ValidEmpty)
+{
+ Input buf(DER_SEQUENCE_EMPTY);
+ Reader input(buf);
+ ASSERT_EQ(Success, ExpectTagAndEmptyValue(input, SEQUENCE));
+ ASSERT_TRUE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndEmptyValue_InValidNotEmpty)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY);
+ Reader input(buf);
+ ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndEmptyValue(input, SEQUENCE));
+}
+
+TEST_F(pkixder_input_tests,
+ ExpectTagAndEmptyValue_Input_InvalidNotEmptyValueTruncated)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED);
+ Reader input(buf);
+ ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndEmptyValue(input, SEQUENCE));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndEmptyValue_InvalidWrongLength)
+{
+ Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
+ Reader input(buf);
+ ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndEmptyValue(input, SEQUENCE));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndEmptyValue_InvalidWrongTag)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY);
+ Reader input(buf);
+ ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndEmptyValue(input, INTEGER));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndGetTLV_Input_ValidEmpty)
+{
+ Input buf(DER_SEQUENCE_EMPTY);
+ Reader input(buf);
+ Input tlv;
+ ASSERT_EQ(Success, ExpectTagAndGetTLV(input, SEQUENCE, tlv));
+ Input expected(DER_SEQUENCE_EMPTY);
+ ASSERT_TRUE(InputsAreEqual(expected, tlv));
+ ASSERT_TRUE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndGetTLV_Input_ValidNotEmpty)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY);
+ Reader input(buf);
+ Input tlv;
+ ASSERT_EQ(Success, ExpectTagAndGetTLV(input, SEQUENCE, tlv));
+ Input expected(DER_SEQUENCE_NOT_EMPTY);
+ ASSERT_TRUE(InputsAreEqual(expected, tlv));
+ ASSERT_TRUE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests,
+ ExpectTagAndGetTLV_Input_InvalidNotEmptyValueTruncated)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY_VALUE_TRUNCATED);
+ Reader input(buf);
+ Input tlv;
+ ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndGetTLV(input, SEQUENCE, tlv));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndGetTLV_Input_InvalidWrongLength)
+{
+ Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
+ Reader input(buf);
+ Input tlv;
+ ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndGetTLV(input, SEQUENCE, tlv));
+}
+
+TEST_F(pkixder_input_tests, ExpectTagAndGetTLV_Input_InvalidWrongTag)
+{
+ Input buf(DER_SEQUENCE_NOT_EMPTY);
+ Reader input(buf);
+ Input tlv;
+ ASSERT_EQ(Result::ERROR_BAD_DER, ExpectTagAndGetTLV(input, INTEGER, tlv));
+}
+
+TEST_F(pkixder_input_tests, EndAtEnd)
+{
+ Input buf(DER_INT16);
+ Reader input(buf);
+ ASSERT_EQ(Success, input.Skip(4));
+ ASSERT_EQ(Success, End(input));
+}
+
+TEST_F(pkixder_input_tests, EndBeforeEnd)
+{
+ Input buf(DER_INT16);
+ Reader input(buf);
+ ASSERT_EQ(Success, input.Skip(2));
+ ASSERT_EQ(Result::ERROR_BAD_DER, End(input));
+}
+
+TEST_F(pkixder_input_tests, EndAtBeginning)
+{
+ Input buf(DER_INT16);
+ Reader input(buf);
+ ASSERT_EQ(Result::ERROR_BAD_DER, End(input));
+}
+
+// TODO: Need tests for Nested too?
+
+Result NestedOfHelper(Reader& input, std::vector<uint8_t>& readValues)
+{
+ uint8_t value = 0;
+ Result rv = input.Read(value);
+ EXPECT_EQ(Success, rv);
+ if (rv != Success) {
+ return rv;
+ }
+ readValues.push_back(value);
+ return Success;
+}
+
+TEST_F(pkixder_input_tests, NestedOf)
+{
+ Input buf(DER_SEQUENCE_OF_INT8);
+ Reader input(buf);
+
+ std::vector<uint8_t> readValues;
+ ASSERT_EQ(Success,
+ NestedOf(input, SEQUENCE, INTEGER, EmptyAllowed::No,
+ [&readValues](Reader& r) {
+ return NestedOfHelper(r, readValues);
+ }));
+ ASSERT_EQ(3u, readValues.size());
+ ASSERT_EQ(0x01, readValues[0]);
+ ASSERT_EQ(0x02, readValues[1]);
+ ASSERT_EQ(0x03, readValues[2]);
+ ASSERT_EQ(Success, End(input));
+}
+
+TEST_F(pkixder_input_tests, NestedOfWithTruncatedData)
+{
+ Input buf(DER_TRUNCATED_SEQUENCE_OF_INT8);
+ Reader input(buf);
+
+ std::vector<uint8_t> readValues;
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ NestedOf(input, SEQUENCE, INTEGER, EmptyAllowed::No,
+ [&readValues](Reader& r) {
+ return NestedOfHelper(r, readValues);
+ }));
+ ASSERT_EQ(0u, readValues.size());
+}
+
+TEST_F(pkixder_input_tests, MatchRestAtEnd)
+{
+ static const uint8_t der[1] = { };
+ Input buf;
+ ASSERT_EQ(Success, buf.Init(der, 0));
+ Reader input(buf);
+ ASSERT_TRUE(input.AtEnd());
+ static const uint8_t toMatch[] = { 1 };
+ ASSERT_FALSE(input.MatchRest(toMatch));
+}
+
+TEST_F(pkixder_input_tests, MatchRest1Match)
+{
+ static const uint8_t der[] = { 1 };
+ Input buf(der);
+ Reader input(buf);
+ ASSERT_FALSE(input.AtEnd());
+ ASSERT_TRUE(input.MatchRest(der));
+}
+
+TEST_F(pkixder_input_tests, MatchRest1Mismatch)
+{
+ static const uint8_t der[] = { 1 };
+ Input buf(der);
+ Reader input(buf);
+ static const uint8_t toMatch[] = { 2 };
+ ASSERT_FALSE(input.MatchRest(toMatch));
+ ASSERT_FALSE(input.AtEnd());
+}
+
+TEST_F(pkixder_input_tests, MatchRest2WithTrailingByte)
+{
+ static const uint8_t der[] = { 1, 2, 3 };
+ Input buf(der);
+ Reader input(buf);
+ static const uint8_t toMatch[] = { 1, 2 };
+ ASSERT_FALSE(input.MatchRest(toMatch));
+}
+
+TEST_F(pkixder_input_tests, MatchRest2Mismatch)
+{
+ static const uint8_t der[] = { 1, 2, 3 };
+ Input buf(der);
+ Reader input(buf);
+ static const uint8_t toMatchMismatch[] = { 1, 3 };
+ ASSERT_FALSE(input.MatchRest(toMatchMismatch));
+ ASSERT_TRUE(input.MatchRest(der));
+}
+
+} // namespace
diff --git a/security/nss/gtests/mozpkix_gtest/pkixder_pki_types_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixder_pki_types_tests.cpp
new file mode 100644
index 000000000..989f3d296
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixder_pki_types_tests.cpp
@@ -0,0 +1,480 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <functional>
+#include <vector>
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixtypes.h"
+#include "mozpkix/pkixder.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::der;
+
+class pkixder_pki_types_tests : public ::testing::Test { };
+
+TEST_F(pkixder_pki_types_tests, CertificateSerialNumber)
+{
+ const uint8_t DER_CERT_SERIAL[] = {
+ 0x02, // INTEGER
+ 8, // length
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
+ };
+ Input input(DER_CERT_SERIAL);
+ Reader reader(input);
+
+ Input item;
+ ASSERT_EQ(Success, CertificateSerialNumber(reader, item));
+
+ Input expected;
+ ASSERT_EQ(Success,
+ expected.Init(DER_CERT_SERIAL + 2, sizeof DER_CERT_SERIAL - 2));
+ ASSERT_TRUE(InputsAreEqual(expected, item));
+}
+
+TEST_F(pkixder_pki_types_tests, CertificateSerialNumberLongest)
+{
+ const uint8_t DER_CERT_SERIAL_LONGEST[] = {
+ 0x02, // INTEGER
+ 20, // length
+ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20
+ };
+ Input input(DER_CERT_SERIAL_LONGEST);
+ Reader reader(input);
+
+ Input item;
+ ASSERT_EQ(Success, CertificateSerialNumber(reader, item));
+
+ Input expected;
+ ASSERT_EQ(Success,
+ expected.Init(DER_CERT_SERIAL_LONGEST + 2,
+ sizeof DER_CERT_SERIAL_LONGEST - 2));
+ ASSERT_TRUE(InputsAreEqual(expected, item));
+}
+
+TEST_F(pkixder_pki_types_tests, CertificateSerialNumberCrazyLong)
+{
+ const uint8_t DER_CERT_SERIAL_CRAZY_LONG[] = {
+ 0x02, // INTEGER
+ 32, // length
+ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16,
+ 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32
+ };
+ Input input(DER_CERT_SERIAL_CRAZY_LONG);
+ Reader reader(input);
+
+ Input item;
+ ASSERT_EQ(Success, CertificateSerialNumber(reader, item));
+}
+
+TEST_F(pkixder_pki_types_tests, CertificateSerialNumberZeroLength)
+{
+ const uint8_t DER_CERT_SERIAL_ZERO_LENGTH[] = {
+ 0x02, // INTEGER
+ 0x00 // length
+ };
+ Input input(DER_CERT_SERIAL_ZERO_LENGTH);
+ Reader reader(input);
+
+ Input item;
+ ASSERT_EQ(Result::ERROR_INVALID_INTEGER_ENCODING,
+ CertificateSerialNumber(reader, item));
+}
+
+TEST_F(pkixder_pki_types_tests, OptionalVersionV1ExplicitEncodingAllowed)
+{
+ const uint8_t DER_OPTIONAL_VERSION_V1[] = {
+ 0xa0, 0x03, // context specific 0
+ 0x02, 0x01, 0x00 // INTEGER(0)
+ };
+ Input input(DER_OPTIONAL_VERSION_V1);
+ Reader reader(input);
+
+ // XXX(bug 1031093): We shouldn't accept an explicit encoding of v1, but we
+ // do here for compatibility reasons.
+ // Version version;
+ // ASSERT_EQ(Result::ERROR_BAD_DER, OptionalVersion(reader, version));
+ der::Version version = der::Version::v3;
+ ASSERT_EQ(Success, OptionalVersion(reader, version));
+ ASSERT_EQ(der::Version::v1, version);
+}
+
+TEST_F(pkixder_pki_types_tests, OptionalVersionV2)
+{
+ const uint8_t DER_OPTIONAL_VERSION_V2[] = {
+ 0xa0, 0x03, // context specific 0
+ 0x02, 0x01, 0x01 // INTEGER(1)
+ };
+ Input input(DER_OPTIONAL_VERSION_V2);
+ Reader reader(input);
+
+ der::Version version = der::Version::v1;
+ ASSERT_EQ(Success, OptionalVersion(reader, version));
+ ASSERT_EQ(der::Version::v2, version);
+}
+
+TEST_F(pkixder_pki_types_tests, OptionalVersionV3)
+{
+ const uint8_t DER_OPTIONAL_VERSION_V3[] = {
+ 0xa0, 0x03, // context specific 0
+ 0x02, 0x01, 0x02 // INTEGER(2)
+ };
+ Input input(DER_OPTIONAL_VERSION_V3);
+ Reader reader(input);
+
+ der::Version version = der::Version::v1;
+ ASSERT_EQ(Success, OptionalVersion(reader, version));
+ ASSERT_EQ(der::Version::v3, version);
+}
+
+TEST_F(pkixder_pki_types_tests, OptionalVersionUnknown)
+{
+ const uint8_t DER_OPTIONAL_VERSION_INVALID[] = {
+ 0xa0, 0x03, // context specific 0
+ 0x02, 0x01, 0x42 // INTEGER(0x42)
+ };
+ Input input(DER_OPTIONAL_VERSION_INVALID);
+ Reader reader(input);
+
+ der::Version version = der::Version::v1;
+ ASSERT_EQ(Result::ERROR_BAD_DER, OptionalVersion(reader, version));
+}
+
+TEST_F(pkixder_pki_types_tests, OptionalVersionInvalidTooLong)
+{
+ const uint8_t DER_OPTIONAL_VERSION_INVALID_TOO_LONG[] = {
+ 0xa0, 0x03, // context specific 0
+ 0x02, 0x02, 0x12, 0x34 // INTEGER(0x1234)
+ };
+ Input input(DER_OPTIONAL_VERSION_INVALID_TOO_LONG);
+ Reader reader(input);
+
+ der::Version version;
+ ASSERT_EQ(Result::ERROR_BAD_DER, OptionalVersion(reader, version));
+}
+
+TEST_F(pkixder_pki_types_tests, OptionalVersionMissing)
+{
+ const uint8_t DER_OPTIONAL_VERSION_MISSING[] = {
+ 0x02, 0x11, 0x22 // INTEGER
+ };
+ Input input(DER_OPTIONAL_VERSION_MISSING);
+ Reader reader(input);
+
+ der::Version version = der::Version::v3;
+ ASSERT_EQ(Success, OptionalVersion(reader, version));
+ ASSERT_EQ(der::Version::v1, version);
+}
+
+static const size_t MAX_ALGORITHM_OID_DER_LENGTH = 13;
+
+struct InvalidAlgorithmIdentifierTestInfo
+{
+ uint8_t der[MAX_ALGORITHM_OID_DER_LENGTH];
+ size_t derLength;
+};
+
+struct ValidDigestAlgorithmIdentifierTestInfo
+{
+ DigestAlgorithm algorithm;
+ uint8_t der[MAX_ALGORITHM_OID_DER_LENGTH];
+ size_t derLength;
+};
+
+class pkixder_DigestAlgorithmIdentifier_Valid
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<ValidDigestAlgorithmIdentifierTestInfo>
+{
+};
+
+static const ValidDigestAlgorithmIdentifierTestInfo
+ VALID_DIGEST_ALGORITHM_TEST_INFO[] =
+{
+ { DigestAlgorithm::sha512,
+ { 0x30, 0x0b, 0x06, 0x09,
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03 },
+ 13
+ },
+ { DigestAlgorithm::sha384,
+ { 0x30, 0x0b, 0x06, 0x09,
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02 },
+ 13
+ },
+ { DigestAlgorithm::sha256,
+ { 0x30, 0x0b, 0x06, 0x09,
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01 },
+ 13
+ },
+ { DigestAlgorithm::sha1,
+ { 0x30, 0x07, 0x06, 0x05,
+ 0x2b, 0x0e, 0x03, 0x02, 0x1a },
+ 9
+ },
+};
+
+TEST_P(pkixder_DigestAlgorithmIdentifier_Valid, Valid)
+{
+ const ValidDigestAlgorithmIdentifierTestInfo& param(GetParam());
+
+ {
+ Input input;
+ ASSERT_EQ(Success, input.Init(param.der, param.derLength));
+ Reader reader(input);
+ DigestAlgorithm alg;
+ ASSERT_EQ(Success, DigestAlgorithmIdentifier(reader, alg));
+ ASSERT_EQ(param.algorithm, alg);
+ ASSERT_EQ(Success, End(reader));
+ }
+
+ {
+ uint8_t derWithNullParam[MAX_ALGORITHM_OID_DER_LENGTH + 2];
+ memcpy(derWithNullParam, param.der, param.derLength);
+ derWithNullParam[1] += 2; // we're going to expand the value by 2 bytes
+ derWithNullParam[param.derLength] = 0x05; // NULL tag
+ derWithNullParam[param.derLength + 1] = 0x00; // length zero
+
+ Input input;
+ ASSERT_EQ(Success, input.Init(derWithNullParam, param.derLength + 2));
+ Reader reader(input);
+ DigestAlgorithm alg;
+ ASSERT_EQ(Success, DigestAlgorithmIdentifier(reader, alg));
+ ASSERT_EQ(param.algorithm, alg);
+ ASSERT_EQ(Success, End(reader));
+ }
+}
+
+INSTANTIATE_TEST_CASE_P(pkixder_DigestAlgorithmIdentifier_Valid,
+ pkixder_DigestAlgorithmIdentifier_Valid,
+ testing::ValuesIn(VALID_DIGEST_ALGORITHM_TEST_INFO));
+
+class pkixder_DigestAlgorithmIdentifier_Invalid
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<InvalidAlgorithmIdentifierTestInfo>
+{
+};
+
+static const InvalidAlgorithmIdentifierTestInfo
+ INVALID_DIGEST_ALGORITHM_TEST_INFO[] =
+{
+ { // MD5
+ { 0x30, 0x0a, 0x06, 0x08,
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05 },
+ 12,
+ },
+ { // ecdsa-with-SHA256 (1.2.840.10045.4.3.2) (not a hash algorithm)
+ { 0x30, 0x0a, 0x06, 0x08,
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02 },
+ 12,
+ },
+};
+
+TEST_P(pkixder_DigestAlgorithmIdentifier_Invalid, Invalid)
+{
+ const InvalidAlgorithmIdentifierTestInfo& param(GetParam());
+ Input input;
+ ASSERT_EQ(Success, input.Init(param.der, param.derLength));
+ Reader reader(input);
+ DigestAlgorithm alg;
+ ASSERT_EQ(Result::ERROR_INVALID_ALGORITHM,
+ DigestAlgorithmIdentifier(reader, alg));
+}
+
+INSTANTIATE_TEST_CASE_P(pkixder_DigestAlgorithmIdentifier_Invalid,
+ pkixder_DigestAlgorithmIdentifier_Invalid,
+ testing::ValuesIn(INVALID_DIGEST_ALGORITHM_TEST_INFO));
+
+struct ValidSignatureAlgorithmIdentifierValueTestInfo
+{
+ PublicKeyAlgorithm publicKeyAlg;
+ DigestAlgorithm digestAlg;
+ uint8_t der[MAX_ALGORITHM_OID_DER_LENGTH];
+ size_t derLength;
+};
+
+static const ValidSignatureAlgorithmIdentifierValueTestInfo
+ VALID_SIGNATURE_ALGORITHM_VALUE_TEST_INFO[] =
+{
+ // ECDSA
+ { PublicKeyAlgorithm::ECDSA,
+ DigestAlgorithm::sha512,
+ { 0x06, 0x08,
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04 },
+ 10,
+ },
+ { PublicKeyAlgorithm::ECDSA,
+ DigestAlgorithm::sha384,
+ { 0x06, 0x08,
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x03 },
+ 10,
+ },
+ { PublicKeyAlgorithm::ECDSA,
+ DigestAlgorithm::sha256,
+ { 0x06, 0x08,
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02 },
+ 10,
+ },
+ { PublicKeyAlgorithm::ECDSA,
+ DigestAlgorithm::sha1,
+ { 0x06, 0x07,
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01 },
+ 9,
+ },
+
+ // RSA
+ { PublicKeyAlgorithm::RSA_PKCS1,
+ DigestAlgorithm::sha512,
+ { 0x06, 0x09,
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d },
+ 11,
+ },
+ { PublicKeyAlgorithm::RSA_PKCS1,
+ DigestAlgorithm::sha384,
+ { 0x06, 0x09,
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0c },
+ 11,
+ },
+ { PublicKeyAlgorithm::RSA_PKCS1,
+ DigestAlgorithm::sha256,
+ { 0x06, 0x09,
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b },
+ 11,
+ },
+ { PublicKeyAlgorithm::RSA_PKCS1,
+ DigestAlgorithm::sha1,
+ // IETF Standard OID
+ { 0x06, 0x09,
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05 },
+ 11,
+ },
+ { PublicKeyAlgorithm::RSA_PKCS1,
+ DigestAlgorithm::sha1,
+ // Legacy OIW OID (bug 1042479)
+ { 0x06, 0x05,
+ 0x2b, 0x0e, 0x03, 0x02, 0x1d },
+ 7,
+ },
+};
+
+class pkixder_SignatureAlgorithmIdentifierValue_Valid
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<
+ ValidSignatureAlgorithmIdentifierValueTestInfo>
+{
+};
+
+TEST_P(pkixder_SignatureAlgorithmIdentifierValue_Valid, Valid)
+{
+ const ValidSignatureAlgorithmIdentifierValueTestInfo& param(GetParam());
+
+ {
+ Input input;
+ ASSERT_EQ(Success, input.Init(param.der, param.derLength));
+ Reader reader(input);
+ PublicKeyAlgorithm publicKeyAlg;
+ DigestAlgorithm digestAlg;
+ ASSERT_EQ(Success,
+ SignatureAlgorithmIdentifierValue(reader, publicKeyAlg,
+ digestAlg));
+ ASSERT_EQ(param.publicKeyAlg, publicKeyAlg);
+ ASSERT_EQ(param.digestAlg, digestAlg);
+ ASSERT_EQ(Success, End(reader));
+ }
+
+ {
+ uint8_t derWithNullParam[MAX_ALGORITHM_OID_DER_LENGTH + 2];
+ memcpy(derWithNullParam, param.der, param.derLength);
+ derWithNullParam[param.derLength] = 0x05; // NULL tag
+ derWithNullParam[param.derLength + 1] = 0x00; // length zero
+
+ Input input;
+ ASSERT_EQ(Success, input.Init(derWithNullParam, param.derLength + 2));
+ Reader reader(input);
+ PublicKeyAlgorithm publicKeyAlg;
+ DigestAlgorithm digestAlg;
+ ASSERT_EQ(Success,
+ SignatureAlgorithmIdentifierValue(reader, publicKeyAlg,
+ digestAlg));
+ ASSERT_EQ(param.publicKeyAlg, publicKeyAlg);
+ ASSERT_EQ(param.digestAlg, digestAlg);
+ ASSERT_EQ(Success, End(reader));
+ }
+}
+
+INSTANTIATE_TEST_CASE_P(
+ pkixder_SignatureAlgorithmIdentifierValue_Valid,
+ pkixder_SignatureAlgorithmIdentifierValue_Valid,
+ testing::ValuesIn(VALID_SIGNATURE_ALGORITHM_VALUE_TEST_INFO));
+
+static const InvalidAlgorithmIdentifierTestInfo
+ INVALID_SIGNATURE_ALGORITHM_VALUE_TEST_INFO[] =
+{
+ // id-dsa-with-sha256 (2.16.840.1.101.3.4.3.2)
+ { { 0x06, 0x09,
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x02 },
+ 11,
+ },
+
+ // id-dsa-with-sha1 (1.2.840.10040.4.3)
+ { { 0x06, 0x07,
+ 0x2a, 0x86, 0x48, 0xce, 0x38, 0x04, 0x03 },
+ 9,
+ },
+
+ // RSA-with-MD5 (1.2.840.113549.1.1.4)
+ { { 0x06, 0x09,
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04 },
+ 11,
+ },
+
+ // id-sha256 (2.16.840.1.101.3.4.2.1). It is invalid because SHA-256 is not
+ // a signature algorithm.
+ { { 0x06, 0x09,
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01 },
+ 11,
+ },
+};
+
+class pkixder_SignatureAlgorithmIdentifier_Invalid
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<InvalidAlgorithmIdentifierTestInfo>
+{
+};
+
+TEST_P(pkixder_SignatureAlgorithmIdentifier_Invalid, Invalid)
+{
+ const InvalidAlgorithmIdentifierTestInfo& param(GetParam());
+ Input input;
+ ASSERT_EQ(Success, input.Init(param.der, param.derLength));
+ Reader reader(input);
+ der::PublicKeyAlgorithm publicKeyAlg;
+ DigestAlgorithm digestAlg;
+ ASSERT_EQ(Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED,
+ SignatureAlgorithmIdentifierValue(reader, publicKeyAlg, digestAlg));
+}
+
+INSTANTIATE_TEST_CASE_P(
+ pkixder_SignatureAlgorithmIdentifier_Invalid,
+ pkixder_SignatureAlgorithmIdentifier_Invalid,
+ testing::ValuesIn(INVALID_SIGNATURE_ALGORITHM_VALUE_TEST_INFO));
diff --git a/security/nss/gtests/mozpkix_gtest/pkixder_universal_types_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixder_universal_types_tests.cpp
new file mode 100644
index 000000000..260c735ec
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixder_universal_types_tests.cpp
@@ -0,0 +1,1226 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <limits>
+#include <stdint.h>
+#include <vector>
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixder.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::der;
+using namespace mozilla::pkix::test;
+using namespace std;
+
+class pkixder_universal_types_tests : public ::testing::Test { };
+
+TEST_F(pkixder_universal_types_tests, BooleanTrue01)
+{
+ const uint8_t DER_BOOLEAN_TRUE_01[] = {
+ 0x01, // BOOLEAN
+ 0x01, // length
+ 0x01 // invalid
+ };
+ Input input(DER_BOOLEAN_TRUE_01);
+ Reader reader(input);
+ bool value = false;
+ ASSERT_EQ(Result::ERROR_BAD_DER, Boolean(reader, value));
+}
+
+TEST_F(pkixder_universal_types_tests, BooleanTrue42)
+{
+ const uint8_t DER_BOOLEAN_TRUE_42[] = {
+ 0x01, // BOOLEAN
+ 0x01, // length
+ 0x42 // invalid
+ };
+ Input input(DER_BOOLEAN_TRUE_42);
+ Reader reader(input);
+ bool value = false;
+ ASSERT_EQ(Result::ERROR_BAD_DER, Boolean(reader, value));
+}
+
+static const uint8_t DER_BOOLEAN_TRUE[] = {
+ 0x01, // BOOLEAN
+ 0x01, // length
+ 0xff // true
+};
+
+TEST_F(pkixder_universal_types_tests, BooleanTrueFF)
+{
+ Input input(DER_BOOLEAN_TRUE);
+ Reader reader(input);
+ bool value = false;
+ ASSERT_EQ(Success, Boolean(reader, value));
+ ASSERT_TRUE(value);
+}
+
+TEST_F(pkixder_universal_types_tests, BooleanFalse)
+{
+ const uint8_t DER_BOOLEAN_FALSE[] = {
+ 0x01, // BOOLEAN
+ 0x01, // length
+ 0x00 // false
+ };
+ Input input(DER_BOOLEAN_FALSE);
+ Reader reader(input);
+
+ bool value = true;
+ ASSERT_EQ(Success, Boolean(reader, value));
+ ASSERT_FALSE(value);
+}
+
+TEST_F(pkixder_universal_types_tests, BooleanInvalidLength)
+{
+ const uint8_t DER_BOOLEAN_INVALID_LENGTH[] = {
+ 0x01, // BOOLEAN
+ 0x02, // length
+ 0x42, 0x42 // invalid
+ };
+ Input input(DER_BOOLEAN_INVALID_LENGTH);
+ Reader reader(input);
+
+ bool value = true;
+ ASSERT_EQ(Result::ERROR_BAD_DER, Boolean(reader, value));
+}
+
+TEST_F(pkixder_universal_types_tests, BooleanInvalidZeroLength)
+{
+ const uint8_t DER_BOOLEAN_INVALID_ZERO_LENGTH[] = {
+ 0x01, // BOOLEAN
+ 0x00 // length
+ };
+ Input input(DER_BOOLEAN_INVALID_ZERO_LENGTH);
+ Reader reader(input);
+
+ bool value = true;
+ ASSERT_EQ(Result::ERROR_BAD_DER, Boolean(reader, value));
+}
+
+// OptionalBoolean implements decoding of OPTIONAL BOOLEAN DEFAULT FALSE.
+// If the field is present, it must be a valid encoding of a BOOLEAN with
+// value TRUE. If the field is not present, it defaults to FALSE. For
+// compatibility reasons, OptionalBoolean also accepts encodings where the field
+// is present with value FALSE (this is technically not a valid DER encoding).
+TEST_F(pkixder_universal_types_tests, OptionalBooleanValidEncodings)
+{
+ {
+ const uint8_t DER_OPTIONAL_BOOLEAN_PRESENT_TRUE[] = {
+ 0x01, // BOOLEAN
+ 0x01, // length
+ 0xff // true
+ };
+ Input input(DER_OPTIONAL_BOOLEAN_PRESENT_TRUE);
+ Reader reader(input);
+ bool value = false;
+ ASSERT_EQ(Success, OptionalBoolean(reader, value)) <<
+ "Should accept the only valid encoding of a present OPTIONAL BOOLEAN";
+ ASSERT_TRUE(value);
+ ASSERT_TRUE(reader.AtEnd());
+ }
+
+ {
+ // The OPTIONAL BOOLEAN is omitted in this data.
+ const uint8_t DER_INTEGER_05[] = {
+ 0x02, // INTEGER
+ 0x01, // length
+ 0x05
+ };
+ Input input(DER_INTEGER_05);
+ Reader reader(input);
+ bool value = true;
+ ASSERT_EQ(Success, OptionalBoolean(reader, value)) <<
+ "Should accept a valid encoding of an omitted OPTIONAL BOOLEAN";
+ ASSERT_FALSE(value);
+ ASSERT_FALSE(reader.AtEnd());
+ }
+
+ {
+ Input input;
+ ASSERT_EQ(Success, input.Init(reinterpret_cast<const uint8_t*>(""), 0));
+ Reader reader(input);
+ bool value = true;
+ ASSERT_EQ(Success, OptionalBoolean(reader, value)) <<
+ "Should accept another valid encoding of an omitted OPTIONAL BOOLEAN";
+ ASSERT_FALSE(value);
+ ASSERT_TRUE(reader.AtEnd());
+ }
+}
+
+TEST_F(pkixder_universal_types_tests, OptionalBooleanInvalidEncodings)
+{
+ const uint8_t DER_OPTIONAL_BOOLEAN_PRESENT_FALSE[] = {
+ 0x01, // BOOLEAN
+ 0x01, // length
+ 0x00 // false
+ };
+
+ {
+ Input input(DER_OPTIONAL_BOOLEAN_PRESENT_FALSE);
+ Reader reader(input);
+ bool value = true;
+ ASSERT_EQ(Success, OptionalBoolean(reader, value)) <<
+ "Should accept an invalid, default-value encoding of OPTIONAL BOOLEAN";
+ ASSERT_FALSE(value);
+ ASSERT_TRUE(reader.AtEnd());
+ }
+
+ const uint8_t DER_OPTIONAL_BOOLEAN_PRESENT_42[] = {
+ 0x01, // BOOLEAN
+ 0x01, // length
+ 0x42 // (invalid value for a BOOLEAN)
+ };
+
+ {
+ Input input(DER_OPTIONAL_BOOLEAN_PRESENT_42);
+ Reader reader(input);
+ bool value;
+ ASSERT_EQ(Result::ERROR_BAD_DER, OptionalBoolean(reader, value)) <<
+ "Should reject an invalid-valued encoding of OPTIONAL BOOLEAN";
+ }
+}
+
+TEST_F(pkixder_universal_types_tests, Enumerated)
+{
+ const uint8_t DER_ENUMERATED[] = {
+ 0x0a, // ENUMERATED
+ 0x01, // length
+ 0x42 // value
+ };
+ Input input(DER_ENUMERATED);
+ Reader reader(input);
+
+ uint8_t value = 0;
+ ASSERT_EQ(Success, Enumerated(reader, value));
+ ASSERT_EQ(0x42, value);
+}
+
+TEST_F(pkixder_universal_types_tests, EnumeratedNotShortestPossibleDER)
+{
+ const uint8_t DER_ENUMERATED[] = {
+ 0x0a, // ENUMERATED
+ 0x02, // length
+ 0x00, 0x01 // value
+ };
+ Input input(DER_ENUMERATED);
+ Reader reader(input);
+
+ uint8_t value = 0;
+ ASSERT_EQ(Result::ERROR_INVALID_INTEGER_ENCODING, Enumerated(reader, value));
+}
+
+TEST_F(pkixder_universal_types_tests, EnumeratedOutOfAcceptedRange)
+{
+ // Although this is a valid ENUMERATED value according to ASN.1, we
+ // intentionally don't support these large values because there are no
+ // ENUMERATED values in X.509 certs or OCSP this large, and we're trying to
+ // keep the parser simple and fast.
+ const uint8_t DER_ENUMERATED_INVALID_LENGTH[] = {
+ 0x0a, // ENUMERATED
+ 0x02, // length
+ 0x12, 0x34 // value
+ };
+ Input input(DER_ENUMERATED_INVALID_LENGTH);
+ Reader reader(input);
+
+ uint8_t value = 0;
+ ASSERT_EQ(Result::ERROR_INVALID_INTEGER_ENCODING, Enumerated(reader, value));
+}
+
+TEST_F(pkixder_universal_types_tests, EnumeratedInvalidZeroLength)
+{
+ const uint8_t DER_ENUMERATED_INVALID_ZERO_LENGTH[] = {
+ 0x0a, // ENUMERATED
+ 0x00 // length
+ };
+ Input input(DER_ENUMERATED_INVALID_ZERO_LENGTH);
+ Reader reader(input);
+
+ uint8_t value = 0;
+ ASSERT_EQ(Result::ERROR_INVALID_INTEGER_ENCODING, Enumerated(reader, value));
+}
+
+////////////////////////////////////////
+// GeneralizedTime and TimeChoice
+//
+// From RFC 5280 section 4.1.2.5.2
+//
+// For the purposes of this profile, GeneralizedTime values MUST be
+// expressed in Greenwich Mean Time (Zulu) and MUST include seconds
+// (i.e., times are YYYYMMDDHHMMSSZ), even where the number of seconds
+// is zero. GeneralizedTime values MUST NOT include fractional seconds.
+//
+// And from from RFC 6960 (OCSP) section 4.2.2.1:
+//
+// Responses can contain four times -- thisUpdate, nextUpdate,
+// producedAt, and revocationTime. The semantics of these fields are
+// defined in Section 2.4. The format for GeneralizedTime is as
+// specified in Section 4.1.2.5.2 of [RFC5280].
+//
+// So while we can could accept other ASN1 (ITU-T X.680) encodings for
+// GeneralizedTime we should not accept them, and breaking reading of these
+// other encodings is actually encouraged.
+
+// e.g. TWO_CHARS(53) => '5', '3'
+#define TWO_CHARS(t) \
+ static_cast<uint8_t>('0' + (static_cast<uint8_t>(t) / 10u)), \
+ static_cast<uint8_t>('0' + (static_cast<uint8_t>(t) % 10u))
+
+// Calls TimeChoice on the UTCTime variant of the given generalized time.
+template <uint16_t LENGTH>
+Result
+TimeChoiceForEquivalentUTCTime(const uint8_t (&generalizedTimeDER)[LENGTH],
+ /*out*/ Time& value)
+{
+ static_assert(LENGTH >= 4,
+ "TimeChoiceForEquivalentUTCTime input too small");
+ uint8_t utcTimeDER[LENGTH - 2];
+ utcTimeDER[0] = 0x17; // tag UTCTime
+ utcTimeDER[1] = LENGTH - 1/*tag*/ - 1/*value*/ - 2/*century*/;
+ // Copy the value except for the first two digits of the year
+ for (size_t i = 2; i < LENGTH - 2; ++i) {
+ utcTimeDER[i] = generalizedTimeDER[i + 2];
+ }
+
+ Input input(utcTimeDER);
+ Reader reader(input);
+ return TimeChoice(reader, value);
+}
+
+template <uint16_t LENGTH>
+void
+ExpectGoodTime(Time expectedValue,
+ const uint8_t (&generalizedTimeDER)[LENGTH])
+{
+ // GeneralizedTime
+ {
+ Input input(generalizedTimeDER);
+ Reader reader(input);
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Success, GeneralizedTime(reader, value));
+ EXPECT_EQ(expectedValue, value);
+ }
+
+ // TimeChoice: GeneralizedTime
+ {
+ Input input(generalizedTimeDER);
+ Reader reader(input);
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Success, TimeChoice(reader, value));
+ EXPECT_EQ(expectedValue, value);
+ }
+
+ // TimeChoice: UTCTime
+ {
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Success,
+ TimeChoiceForEquivalentUTCTime(generalizedTimeDER, value));
+ EXPECT_EQ(expectedValue, value);
+ }
+}
+
+template <uint16_t LENGTH>
+void
+ExpectBadTime(const uint8_t (&generalizedTimeDER)[LENGTH])
+{
+ // GeneralizedTime
+ {
+ Input input(generalizedTimeDER);
+ Reader reader(input);
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, GeneralizedTime(reader, value));
+ }
+
+ // TimeChoice: GeneralizedTime
+ {
+ Input input(generalizedTimeDER);
+ Reader reader(input);
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, TimeChoice(reader, value));
+ }
+
+ // TimeChoice: UTCTime
+ {
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME,
+ TimeChoiceForEquivalentUTCTime(generalizedTimeDER, value));
+ }
+}
+
+// Control value: a valid time
+TEST_F(pkixder_universal_types_tests, ValidControl)
+{
+ const uint8_t GT_DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '1', '9', '9', '1', '0', '5', '0', '6', '1', '6', '4', '5', '4', '0', 'Z'
+ };
+ ExpectGoodTime(YMDHMS(1991, 5, 6, 16, 45, 40), GT_DER);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeTimeZoneOffset)
+{
+ const uint8_t DER_GENERALIZED_TIME_OFFSET[] = {
+ 0x18, // Generalized Time
+ 19, // Length = 19
+ '1', '9', '9', '1', '0', '5', '0', '6', '1', '6', '4', '5', '4', '0', '-',
+ '0', '7', '0', '0'
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_OFFSET);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeInvalidZeroLength)
+{
+ const uint8_t DER_GENERALIZED_TIME_INVALID_ZERO_LENGTH[] = {
+ 0x18, // GeneralizedTime
+ 0x00 // Length = 0
+ };
+
+ Time value(Time::uninitialized);
+
+ // GeneralizedTime
+ Input gtBuf(DER_GENERALIZED_TIME_INVALID_ZERO_LENGTH);
+ Reader gt(gtBuf);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, GeneralizedTime(gt, value));
+
+ // TimeChoice: GeneralizedTime
+ Input tc_gt_buf(DER_GENERALIZED_TIME_INVALID_ZERO_LENGTH);
+ Reader tc_gt(tc_gt_buf);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, TimeChoice(tc_gt, value));
+
+ // TimeChoice: UTCTime
+ const uint8_t DER_UTCTIME_INVALID_ZERO_LENGTH[] = {
+ 0x17, // UTCTime
+ 0x00 // Length = 0
+ };
+ Input tc_utc_buf(DER_UTCTIME_INVALID_ZERO_LENGTH);
+ Reader tc_utc(tc_utc_buf);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, TimeChoice(tc_utc, value));
+}
+
+// A non zulu time should fail
+TEST_F(pkixder_universal_types_tests, TimeInvalidLocal)
+{
+ const uint8_t DER_GENERALIZED_TIME_INVALID_LOCAL[] = {
+ 0x18, // Generalized Time
+ 14, // Length = 14
+ '1', '9', '9', '1', '0', '5', '0', '6', '1', '6', '4', '5', '4', '0'
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_INVALID_LOCAL);
+}
+
+// A time missing seconds and zulu should fail
+TEST_F(pkixder_universal_types_tests, TimeInvalidTruncated)
+{
+ const uint8_t DER_GENERALIZED_TIME_INVALID_TRUNCATED[] = {
+ 0x18, // Generalized Time
+ 12, // Length = 12
+ '1', '9', '9', '1', '0', '5', '0', '6', '1', '6', '4', '5'
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_INVALID_TRUNCATED);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeNoSeconds)
+{
+ const uint8_t DER_GENERALIZED_TIME_NO_SECONDS[] = {
+ 0x18, // Generalized Time
+ 13, // Length = 13
+ '1', '9', '9', '1', '0', '5', '0', '6', '1', '6', '4', '5', 'Z'
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_NO_SECONDS);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeInvalidPrefixedYear)
+{
+ const uint8_t DER_GENERALIZED_TIME_INVALID_PREFIXED_YEAR[] = {
+ 0x18, // Generalized Time
+ 16, // Length = 16
+ ' ', '1', '9', '9', '1', '0', '1', '0', '1', '0', '1', '0', '1', '0', '1', 'Z'
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_INVALID_PREFIXED_YEAR);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeTooManyDigits)
+{
+ const uint8_t DER_GENERALIZED_TIME_TOO_MANY_DIGITS[] = {
+ 0x18, // Generalized Time
+ 16, // Length = 16
+ '1', '1', '1', '1', '1', '0', '1', '0', '1', '0', '1', '0', '1', '0', '1', 'Z'
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_TOO_MANY_DIGITS);
+}
+
+// In order to ensure we we don't run into any trouble with conversions to and
+// from time_t we only accept times from 1970 onwards.
+TEST_F(pkixder_universal_types_tests, GeneralizedTimeYearValidRange)
+{
+ // Note that by using the last second of the last day of the year, we're also
+ // effectively testing all the accumulated conversions from Gregorian to to
+ // Julian time, including in particular the effects of leap years.
+
+ for (uint16_t i = 1970; i <= 9999; ++i) {
+ const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ TWO_CHARS(i / 100), TWO_CHARS(i % 100), // YYYY
+ '1', '2', '3', '1', // 12-31
+ '2', '3', '5', '9', '5', '9', 'Z' // 23:59:59Z
+ };
+
+ Time expectedValue = YMDHMS(i, 12, 31, 23, 59, 59);
+
+ // We have to test GeneralizedTime separately from UTCTime instead of using
+ // ExpectGooDtime because the range of UTCTime is less than the range of
+ // GeneralizedTime.
+
+ // GeneralizedTime
+ {
+ Input input(DER);
+ Reader reader(input);
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Success, GeneralizedTime(reader, value));
+ EXPECT_EQ(expectedValue, value);
+ }
+
+ // TimeChoice: GeneralizedTime
+ {
+ Input input(DER);
+ Reader reader(input);
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Success, TimeChoice(reader, value));
+ EXPECT_EQ(expectedValue, value);
+ }
+
+ // TimeChoice: UTCTime, which is limited to years less than 2049.
+ if (i <= 2049) {
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Success, TimeChoiceForEquivalentUTCTime(DER, value));
+ EXPECT_EQ(expectedValue, value);
+ }
+ }
+}
+
+// In order to ensure we we don't run into any trouble with conversions to and
+// from time_t we only accept times from 1970 onwards.
+TEST_F(pkixder_universal_types_tests, TimeYearInvalid1969)
+{
+ static const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '1', '9', '6', '9', '1', '2', '3', '1', // !!!1969!!!-12-31
+ '2', '3', '5', '9', '5', '9', 'Z' // 23:59:59Z
+ };
+ ExpectBadTime(DER);
+}
+
+static const uint8_t DAYS_IN_MONTH[] = {
+ 0, // unused
+ 31, // January
+ 28, // February (leap years tested separately)
+ 31, // March
+ 30, // April
+ 31, // May
+ 30, // Jun
+ 31, // July
+ 31, // August
+ 30, // September
+ 31, // October
+ 30, // November
+ 31, // December
+};
+
+TEST_F(pkixder_universal_types_tests, TimeMonthDaysValidRange)
+{
+ for (uint16_t month = 1; month <= 12; ++month) {
+ for (uint8_t day = 1; day <= DAYS_IN_MONTH[month]; ++day) {
+ const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '5', TWO_CHARS(month), TWO_CHARS(day), // (2015-mm-dd)
+ '1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
+ };
+ ExpectGoodTime(YMDHMS(2015, month, day, 16, 45, 40), DER);
+ }
+ }
+}
+
+TEST_F(pkixder_universal_types_tests, TimeMonthInvalid0)
+{
+ static const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '5', '0', '0', '1', '5', // 2015-!!!00!!!-15
+ '1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
+ };
+ ExpectBadTime(DER);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeMonthInvalid13)
+{
+ const uint8_t DER_GENERALIZED_TIME_13TH_MONTH[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '1', '9', '9', '1', //YYYY (1991)
+ '1', '3', //MM 13th month of the year
+ '0', '6', '1', '6', '4', '5', '4', '0', 'Z'
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_13TH_MONTH);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeDayInvalid0)
+{
+ static const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '5', '0', '1', '0', '0', // 2015-01-!!!00!!!
+ '1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
+ };
+ ExpectBadTime(DER);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeMonthDayInvalidPastEndOfMonth)
+{
+ for (int16_t month = 1; month <= 12; ++month) {
+ const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '1', '9', '9', '1', // YYYY 1991
+ TWO_CHARS(month), // MM
+ TWO_CHARS(1 + (month == 2 ? 29 : DAYS_IN_MONTH[month])), // !!!DD!!!
+ '1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
+ };
+ ExpectBadTime(DER);
+ }
+}
+
+TEST_F(pkixder_universal_types_tests, TimeMonthFebLeapYear2016)
+{
+ static const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '6', '0', '2', '2', '9', // 2016-02-29
+ '1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
+ };
+ ExpectGoodTime(YMDHMS(2016, 2, 29, 16, 45, 40), DER);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeMonthFebLeapYear2000)
+{
+ static const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '0', '0', '0', '2', '2', '9', // 2000-02-29
+ '1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
+ };
+ ExpectGoodTime(YMDHMS(2000, 2, 29, 16, 45, 40), DER);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeMonthFebLeapYear2400)
+{
+ static const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '4', '0', '0', '0', '2', '2', '9', // 2400-02-29
+ '1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
+ };
+
+ // We don't use ExpectGoodTime here because UTCTime can't represent 2400.
+
+ Time expectedValue = YMDHMS(2400, 2, 29, 16, 45, 40);
+
+ // GeneralizedTime
+ {
+ Input input(DER);
+ Reader reader(input);
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Success, GeneralizedTime(reader, value));
+ EXPECT_EQ(expectedValue, value);
+ }
+
+ // TimeChoice: GeneralizedTime
+ {
+ Input input(DER);
+ Reader reader(input);
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Success, TimeChoice(reader, value));
+ EXPECT_EQ(expectedValue, value);
+ }
+}
+
+TEST_F(pkixder_universal_types_tests, TimeMonthFebNotLeapYear2014)
+{
+ static const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '4', '0', '2', '2', '9', // 2014-02-29
+ '1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
+ };
+ ExpectBadTime(DER);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeMonthFebNotLeapYear2100)
+{
+ static const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '1', '0', '0', '0', '2', '2', '9', // 2100-02-29
+ '1', '6', '4', '5', '4', '0', 'Z' // 16:45:40
+ };
+
+ // We don't use ExpectBadTime here because UTCTime can't represent 2100.
+
+ // GeneralizedTime
+ {
+ Input input(DER);
+ Reader reader(input);
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, GeneralizedTime(reader, value));
+ }
+
+ // TimeChoice: GeneralizedTime
+ {
+ Input input(DER);
+ Reader reader(input);
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, TimeChoice(reader, value));
+ }
+}
+
+TEST_F(pkixder_universal_types_tests, TimeHoursValidRange)
+{
+ for (uint8_t i = 0; i <= 23; ++i) {
+ const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
+ TWO_CHARS(i), '5', '9', '0', '1', 'Z' // HHMMSSZ (!!!!ii!!!!:59:01 Zulu)
+ };
+ ExpectGoodTime(YMDHMS(2012, 6, 30, i, 59, 1), DER);
+ }
+}
+
+TEST_F(pkixder_universal_types_tests, TimeHoursInvalid_24_00_00)
+{
+ static const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
+ '2', '4', '0', '0', '0', '0', 'Z' // HHMMSSZ (!!24!!:00:00 Zulu)
+ };
+ ExpectBadTime(DER);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeMinutesValidRange)
+{
+ for (uint8_t i = 0; i <= 59; ++i) {
+ const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
+ '2', '3', TWO_CHARS(i), '0', '1', 'Z' // HHMMSSZ (23:!!!!ii!!!!:01 Zulu)
+ };
+ ExpectGoodTime(YMDHMS(2012, 6, 30, 23, i, 1), DER);
+ }
+}
+
+TEST_F(pkixder_universal_types_tests, TimeMinutesInvalid60)
+{
+ const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
+ '2', '3', '6', '0', '5', '9', 'Z' // HHMMSSZ (23:!!!60!!!:01 Zulu)
+ };
+ ExpectBadTime(DER);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeSecondsValidRange)
+{
+ for (uint8_t i = 0; i <= 59; ++i) {
+ const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
+ '2', '3', '5', '9', TWO_CHARS(i), 'Z' // HHMMSSZ (23:59:!!!!ii!!!! Zulu)
+ };
+ ExpectGoodTime(YMDHMS(2012, 6, 30, 23, 59, i), DER);
+ }
+}
+
+// No Leap Seconds (60)
+TEST_F(pkixder_universal_types_tests, TimeSecondsInvalid60)
+{
+ static const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
+ '2', '3', '5', '9', '6', '0', 'Z' // HHMMSSZ (23:59:!!!!60!!!! Zulu)
+ };
+ ExpectBadTime(DER);
+}
+
+// No Leap Seconds (61)
+TEST_F(pkixder_universal_types_tests, TimeSecondsInvalid61)
+{
+ static const uint8_t DER[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
+ '2', '3', '5', '9', '6', '1', 'Z' // HHMMSSZ (23:59:!!!!61!!!! Zulu)
+ };
+ ExpectBadTime(DER);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeInvalidZulu)
+{
+ const uint8_t DER_GENERALIZED_TIME_INVALID_ZULU[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
+ '2', '3', '5', '9', '5', '9', 'z' // HHMMSSZ (23:59:59 !!!z!!!) should be Z
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_INVALID_ZULU);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeInvalidExtraData)
+{
+ const uint8_t DER_GENERALIZED_TIME_INVALID_EXTRA_DATA[] = {
+ 0x18, // Generalized Time
+ 16, // Length = 16
+ '2', '0', '1', '2', '0', '6', '3', '0', // YYYYMMDD (2012-06-30)
+ '2', '3', '5', '9', '5', '9', 'Z', // HHMMSSZ (23:59:59Z)
+ 0 // Extra null character
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_INVALID_EXTRA_DATA);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeInvalidCenturyChar)
+{
+ const uint8_t DER_GENERALIZED_TIME_INVALID_CENTURY_CHAR[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ 'X', '9', '9', '1', '1', '2', '0', '6', // YYYYMMDD (X991-12-06)
+ '1', '6', '4', '5', '4', '0', 'Z' // HHMMSSZ (16:45:40Z)
+ };
+
+ // We can't use ExpectBadTime here, because ExpectBadTime requires
+ // consistent results for GeneralizedTime and UTCTime, but the results
+ // for this input are different.
+
+ // GeneralizedTime
+ {
+ Input input(DER_GENERALIZED_TIME_INVALID_CENTURY_CHAR);
+ Reader reader(input);
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, GeneralizedTime(reader, value));
+ }
+
+ // TimeChoice: GeneralizedTime
+ {
+ Input input(DER_GENERALIZED_TIME_INVALID_CENTURY_CHAR);
+ Reader reader(input);
+ Time value(Time::uninitialized);
+ ASSERT_EQ(Result::ERROR_INVALID_DER_TIME, TimeChoice(reader, value));
+ }
+
+ // This test is not applicable to TimeChoice: UTCTime
+}
+
+TEST_F(pkixder_universal_types_tests, TimeInvalidYearChar)
+{
+ const uint8_t DER_GENERALIZED_TIME_INVALID_YEAR_CHAR[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '1', '9', '9', 'I', '0', '1', '0', '6', // YYYYMMDD (199I-12-06)
+ '1', '6', '4', '5', '4', '0', 'Z' // HHMMSSZ (16:45:40Z)
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_INVALID_YEAR_CHAR);
+}
+
+TEST_F(pkixder_universal_types_tests, GeneralizedTimeInvalidMonthChar)
+{
+ const uint8_t DER_GENERALIZED_TIME_INVALID_MONTH_CHAR[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '1', '9', '9', '1', '0', 'I', '0', '6', // YYYYMMDD (1991-0I-06)
+ '1', '6', '4', '5', '4', '0', 'Z' // HHMMSSZ (16:45:40Z)
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_INVALID_MONTH_CHAR);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeInvalidDayChar)
+{
+ const uint8_t DER_GENERALIZED_TIME_INVALID_DAY_CHAR[] = {
+ 0x18, // Generalized Time
+ 15, // Length = 15
+ '1', '9', '9', '1', '0', '1', '0', 'S', // YYYYMMDD (1991-01-0S)
+ '1', '6', '4', '5', '4', '0', 'Z' // HHMMSSZ (16:45:40Z)
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_INVALID_DAY_CHAR);
+}
+
+TEST_F(pkixder_universal_types_tests, TimeInvalidFractionalSeconds)
+{
+ const uint8_t DER_GENERALIZED_TIME_INVALID_FRACTIONAL_SECONDS[] = {
+ 0x18, // Generalized Time
+ 17, // Length = 17
+ '1', '9', '9', '1', '0', '1', '0', '1', // YYYYMMDD (1991-01-01)
+ '1', '6', '4', '5', '4', '0', '.', '3', 'Z' // HHMMSS.FFF (16:45:40.3Z)
+ };
+ ExpectBadTime(DER_GENERALIZED_TIME_INVALID_FRACTIONAL_SECONDS);
+}
+
+struct IntegerTestParams
+{
+ ByteString encoded;
+ struct PositiveIntegerParams
+ {
+ Result expectedResult;
+ Input::size_type significantBytesIfValid;
+ } positiveInteger;
+ struct SmallNonnegativeIntegerParams
+ {
+ Result expectedResult;
+ uint8_t valueIfValid;
+ } smallNonnegativeInteger;
+};
+
+class pkixder_universal_types_tests_Integer
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<IntegerTestParams>
+{
+};
+
+::std::ostream& operator<<(::std::ostream& os, const IntegerTestParams&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+#define INVALID 0xFF
+
+static const IntegerTestParams INTEGER_TEST_PARAMS[] =
+{
+ // Zero is encoded with one value byte of 0x00.
+ { TLV(2, ByteString()),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\x00"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Success, 0 } },
+
+ // Positive single-byte values
+ { TLV(2, "\x01"), { Success, 1 }, { Success, 1} },
+ { TLV(2, "\x02"), { Success, 1 }, { Success, 2} },
+ { TLV(2, "\x7e"), { Success, 1 }, { Success, 0x7e} },
+ { TLV(2, "\x7f"), { Success, 1 }, { Success, 0x7f} },
+
+ // Negative single-byte values
+ { TLV(2, "\x80"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\x81"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\xFE"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\xFF"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+
+ // Positive two-byte values not starting with 0x00
+ { TLV(2, "\x7F\x00"),
+ { Success, 2 },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\x01\x00"),
+ { Success, 2 },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\x01\x02"),
+ { Success, 2 },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+
+ // Negative two-byte values not starting with 0xFF
+ { TLV(2, "\x80\x00"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\x80\x7F"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\x80\x80"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\x80\xFF"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+
+ // The leading zero is necessary.
+ { TLV(2, "\x00\x80"),
+ { Success, 1},
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\x00\x81"),
+ { Success, 1},
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\x00\xFF"),
+ { Success, 1},
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+
+ // The leading zero is unnecessary.
+ { TLV(2, "\x00\x01"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\x00\x7F"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+
+ // The leading 0xFF is necessary.
+ { TLV(2, "\xFF\x00"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\xFF\x7F"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+
+ // The leading 0xFF is unnecessary.
+ { TLV(2, "\xFF\x80"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2, "\xFF\xFF"),
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+
+ // Truncated values
+ { TLV(2, 1, ByteString(/*missing value*/)),
+ { Result::ERROR_BAD_DER, INVALID },
+ { Result::ERROR_BAD_DER, INVALID } },
+ { TLV(2, 3, "\x11\x22" /*truncated*/),
+ { Result::ERROR_BAD_DER, INVALID },
+ { Result::ERROR_BAD_DER, INVALID } },
+ { TLV(2, 4, "\x11\x22" /*truncated*/),
+ { Result::ERROR_BAD_DER, INVALID },
+ { Result::ERROR_BAD_DER, INVALID } },
+ { TLV(2, 2, "\x00" /*truncated*/),
+ { Result::ERROR_BAD_DER, INVALID },
+ { Result::ERROR_BAD_DER, INVALID } },
+ { TLV(2, 2, "\xFF" /*truncated*/),
+ { Result::ERROR_BAD_DER, INVALID },
+ { Result::ERROR_BAD_DER, INVALID } },
+ { TLV(2, 3, "\x00\x80" /*truncated*/),
+ { Result::ERROR_BAD_DER, INVALID },
+ { Result::ERROR_BAD_DER, INVALID } },
+ { TLV(2, 3, "\xFF\x00" /*truncated*/),
+ { Result::ERROR_BAD_DER, INVALID },
+ { Result::ERROR_BAD_DER, INVALID } },
+
+ // Misc. larger values
+ { TLV(2, 4, "\x11\x22\x33\x44"),
+ { Success, 4 },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+ { TLV(2,
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"
+ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x00"),
+ { Success, 256 },
+ { Result::ERROR_INVALID_INTEGER_ENCODING, INVALID } },
+};
+
+TEST_P(pkixder_universal_types_tests_Integer, Integer)
+{
+ const IntegerTestParams& params(GetParam());
+ Input input;
+ ASSERT_EQ(Success, input.Init(params.encoded.data(),
+ params.encoded.length()));
+ Reader reader(input);
+ Result expectedResult = params.smallNonnegativeInteger.expectedResult;
+ uint8_t value;
+ ASSERT_EQ(expectedResult, der::Integer(reader, value));
+ if (expectedResult == Success) {
+ ASSERT_EQ(params.smallNonnegativeInteger.valueIfValid, value);
+ ASSERT_TRUE(reader.AtEnd());
+ }
+}
+
+TEST_P(pkixder_universal_types_tests_Integer,
+ PositiveInteger_without_significantBytes)
+{
+ const IntegerTestParams& params(GetParam());
+ Input input;
+ ASSERT_EQ(Success, input.Init(params.encoded.data(),
+ params.encoded.length()));
+ Reader reader(input);
+ Result expectedResult = params.positiveInteger.expectedResult;
+ Input value;
+ ASSERT_EQ(expectedResult, der::PositiveInteger(reader, value));
+ if (expectedResult == Success) {
+ Reader anotherReader(input);
+ Input expectedValue;
+ ASSERT_EQ(Success, ExpectTagAndGetValue(anotherReader,
+ der::INTEGER, expectedValue));
+ ASSERT_TRUE(InputsAreEqual(expectedValue, value));
+ ASSERT_TRUE(reader.AtEnd());
+ }
+}
+
+TEST_P(pkixder_universal_types_tests_Integer,
+ PositiveInteger_with_significantBytes)
+{
+ const IntegerTestParams& params(GetParam());
+ Input input;
+ ASSERT_EQ(Success, input.Init(params.encoded.data(),
+ params.encoded.length()));
+ Reader reader(input);
+ Result expectedResult = params.positiveInteger.expectedResult;
+ Input value;
+ Input::size_type significantBytes = INVALID;
+ ASSERT_EQ(expectedResult, der::PositiveInteger(reader, value,
+ &significantBytes));
+ if (expectedResult == Success) {
+ ASSERT_NE(INVALID, params.positiveInteger.significantBytesIfValid);
+ ASSERT_EQ(params.positiveInteger.significantBytesIfValid,
+ significantBytes);
+
+ Reader anotherReader(input);
+ Input expectedValue;
+ ASSERT_EQ(Success, ExpectTagAndGetValue(anotherReader,
+ der::INTEGER, expectedValue));
+ ASSERT_TRUE(InputsAreEqual(expectedValue, value));
+ ASSERT_TRUE(reader.AtEnd());
+ }
+}
+
+#undef INVALID
+
+INSTANTIATE_TEST_CASE_P(pkixder_universal_types_tests_Integer,
+ pkixder_universal_types_tests_Integer,
+ testing::ValuesIn(INTEGER_TEST_PARAMS));
+
+TEST_F(pkixder_universal_types_tests, OptionalIntegerSupportedDefault)
+{
+ // The input is a BOOLEAN and not INTEGER for the input so we'll not parse
+ // anything and instead use the default value.
+ Input input(DER_BOOLEAN_TRUE);
+ Reader reader(input);
+
+ long value = 1;
+ ASSERT_EQ(Success, OptionalInteger(reader, -1, value));
+ ASSERT_EQ(-1, value);
+ bool boolValue;
+ ASSERT_EQ(Success, Boolean(reader, boolValue));
+}
+
+TEST_F(pkixder_universal_types_tests, OptionalIntegerUnsupportedDefault)
+{
+ // The same as the previous test, except with an unsupported default value
+ // passed in.
+ Input input(DER_BOOLEAN_TRUE);
+ Reader reader(input);
+
+ long value;
+ ASSERT_EQ(Result::FATAL_ERROR_INVALID_ARGS, OptionalInteger(reader, 0, value));
+}
+
+TEST_F(pkixder_universal_types_tests, OptionalIntegerSupportedDefaultAtEnd)
+{
+ static const uint8_t dummy = 1;
+ Input input;
+ ASSERT_EQ(Success, input.Init(&dummy, 0));
+ Reader reader(input);
+
+ long value = 1;
+ ASSERT_EQ(Success, OptionalInteger(reader, -1, value));
+ ASSERT_EQ(-1, value);
+}
+
+TEST_F(pkixder_universal_types_tests, OptionalIntegerNonDefaultValue)
+{
+ static const uint8_t DER[] = {
+ 0x02, // INTEGER
+ 0x01, // length
+ 0x00
+ };
+ Input input(DER);
+ Reader reader(input);
+
+ long value = 2;
+ ASSERT_EQ(Success, OptionalInteger(reader, -1, value));
+ ASSERT_EQ(0, value);
+ ASSERT_TRUE(reader.AtEnd());
+}
+
+TEST_F(pkixder_universal_types_tests, Null)
+{
+ const uint8_t DER_NUL[] = {
+ 0x05,
+ 0x00
+ };
+ Input input(DER_NUL);
+ Reader reader(input);
+
+ ASSERT_EQ(Success, Null(reader));
+}
+
+TEST_F(pkixder_universal_types_tests, NullWithBadLength)
+{
+ const uint8_t DER_NULL_BAD_LENGTH[] = {
+ 0x05,
+ 0x01,
+ 0x00
+ };
+ Input input(DER_NULL_BAD_LENGTH);
+ Reader reader(input);
+
+ ASSERT_EQ(Result::ERROR_BAD_DER, Null(reader));
+}
+
+TEST_F(pkixder_universal_types_tests, OID)
+{
+ const uint8_t DER_VALID_OID[] = {
+ 0x06,
+ 0x09,
+ 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01
+ };
+ Input input(DER_VALID_OID);
+ Reader reader(input);
+
+ const uint8_t expectedOID[] = {
+ 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01
+ };
+
+ ASSERT_EQ(Success, OID(reader, expectedOID));
+}
diff --git a/security/nss/gtests/mozpkix_gtest/pkixgtest.cpp b/security/nss/gtests/mozpkix_gtest/pkixgtest.cpp
new file mode 100644
index 000000000..45932731b
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixgtest.cpp
@@ -0,0 +1,46 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "pkixgtest.h"
+
+#include <ctime>
+
+#include "mozpkix/Time.h"
+
+namespace mozilla { namespace pkix { namespace test {
+
+static const std::time_t ONE_DAY_IN_SECONDS_AS_TIME_T =
+ static_cast<std::time_t>(Time::ONE_DAY_IN_SECONDS);
+
+// This assumes that time/time_t are POSIX-compliant in that time() returns
+// the number of seconds since the Unix epoch.
+static const std::time_t now(time(nullptr));
+const std::time_t oneDayBeforeNow(now - ONE_DAY_IN_SECONDS_AS_TIME_T);
+const std::time_t oneDayAfterNow(now + ONE_DAY_IN_SECONDS_AS_TIME_T);
+const std::time_t twoDaysBeforeNow(now - (2 * ONE_DAY_IN_SECONDS_AS_TIME_T));
+const std::time_t twoDaysAfterNow(now + (2 * ONE_DAY_IN_SECONDS_AS_TIME_T));
+const std::time_t tenDaysBeforeNow(now - (10 * ONE_DAY_IN_SECONDS_AS_TIME_T));
+const std::time_t tenDaysAfterNow(now + (10 * ONE_DAY_IN_SECONDS_AS_TIME_T));
+
+} } } // namespace mozilla::pkix::test
diff --git a/security/nss/gtests/mozpkix_gtest/pkixgtest.h b/security/nss/gtests/mozpkix_gtest/pkixgtest.h
new file mode 100644
index 000000000..bb3491d44
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixgtest.h
@@ -0,0 +1,229 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2014 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef mozilla_pkix_pkixgtest_h
+#define mozilla_pkix_pkixgtest_h
+
+#include <ostream>
+
+#if defined(__clang__)
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wdeprecated"
+#pragma clang diagnostic ignored "-Wmissing-noreturn"
+#pragma clang diagnostic ignored "-Wshift-sign-overflow"
+#pragma clang diagnostic ignored "-Wsign-conversion"
+#pragma clang diagnostic ignored "-Wundef"
+#elif defined(__GNUC__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wextra"
+#elif defined(_MSC_VER)
+#pragma warning(push, 3)
+// C4224: Nonstandard extension used: formal parameter 'X' was previously
+// defined as a type.
+#pragma warning(disable : 4224)
+// C4826: Conversion from 'type1 ' to 'type_2' is sign - extended. This may
+// cause unexpected runtime behavior.
+#pragma warning(disable : 4826)
+#endif
+
+#include "gtest/gtest.h"
+
+#if defined(__clang__)
+#pragma clang diagnostic pop
+#elif defined(__GNUC__)
+#pragma GCC diagnostic pop
+#elif defined(_MSC_VER)
+#pragma warning(pop)
+#endif
+
+#include "mozpkix/pkix.h"
+#include "mozpkix/test/pkixtestutil.h"
+
+// PrintTo must be in the same namespace as the type we're overloading it for.
+namespace mozilla {
+namespace pkix {
+
+inline void PrintTo(const Result& result, ::std::ostream* os) {
+ const char* stringified = MapResultToName(result);
+ if (stringified) {
+ *os << stringified;
+ } else {
+ *os << "mozilla::pkix::Result(" << static_cast<unsigned int>(result) << ")";
+ }
+}
+}
+} // namespace mozilla::pkix
+
+namespace mozilla {
+namespace pkix {
+namespace test {
+
+extern const std::time_t oneDayBeforeNow;
+extern const std::time_t oneDayAfterNow;
+extern const std::time_t twoDaysBeforeNow;
+extern const std::time_t twoDaysAfterNow;
+extern const std::time_t tenDaysBeforeNow;
+extern const std::time_t tenDaysAfterNow;
+
+class EverythingFailsByDefaultTrustDomain : public TrustDomain {
+ public:
+ Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input,
+ /*out*/ TrustLevel&) override {
+ ADD_FAILURE();
+ return NotReached("GetCertTrust should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+
+ Result FindIssuer(Input, IssuerChecker&, Time) override {
+ ADD_FAILURE();
+ return NotReached("FindIssuer should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+
+ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
+ /*optional*/ const Input*,
+ /*optional*/ const Input*) override {
+ ADD_FAILURE();
+ return NotReached("CheckRevocation should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+
+ Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override {
+ ADD_FAILURE();
+ return NotReached("IsChainValid should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+
+ Result DigestBuf(Input, DigestAlgorithm, /*out*/ uint8_t*, size_t) override {
+ ADD_FAILURE();
+ return NotReached("DigestBuf should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+
+ Result CheckSignatureDigestAlgorithm(DigestAlgorithm, EndEntityOrCA,
+ Time) override {
+ ADD_FAILURE();
+ return NotReached("CheckSignatureDigestAlgorithm should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+
+ Result CheckECDSACurveIsAcceptable(EndEntityOrCA, NamedCurve) override {
+ ADD_FAILURE();
+ return NotReached("CheckECDSACurveIsAcceptable should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+
+ Result VerifyECDSASignedDigest(const SignedDigest&, Input) override {
+ ADD_FAILURE();
+ return NotReached("VerifyECDSASignedDigest should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+
+ Result CheckRSAPublicKeyModulusSizeInBits(EndEntityOrCA,
+ unsigned int) override {
+ ADD_FAILURE();
+ return NotReached("CheckRSAPublicKeyModulusSizeInBits should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+
+ Result VerifyRSAPKCS1SignedDigest(const SignedDigest&, Input) override {
+ ADD_FAILURE();
+ return NotReached("VerifyRSAPKCS1SignedDigest should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+
+ Result CheckValidityIsAcceptable(Time, Time, EndEntityOrCA,
+ KeyPurposeId) override {
+ ADD_FAILURE();
+ return NotReached("CheckValidityIsAcceptable should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+
+ Result NetscapeStepUpMatchesServerAuth(Time, bool&) override {
+ ADD_FAILURE();
+ return NotReached("NetscapeStepUpMatchesServerAuth should not be called",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+
+ virtual void NoteAuxiliaryExtension(AuxiliaryExtension, Input) override {
+ ADD_FAILURE();
+ }
+};
+
+class DefaultCryptoTrustDomain : public EverythingFailsByDefaultTrustDomain {
+ Result DigestBuf(Input item, DigestAlgorithm digestAlg,
+ /*out*/ uint8_t* digestBuf, size_t digestBufLen) override {
+ return TestDigestBuf(item, digestAlg, digestBuf, digestBufLen);
+ }
+
+ Result CheckSignatureDigestAlgorithm(DigestAlgorithm, EndEntityOrCA,
+ Time) override {
+ return Success;
+ }
+
+ Result CheckECDSACurveIsAcceptable(EndEntityOrCA, NamedCurve) override {
+ return Success;
+ }
+
+ Result VerifyECDSASignedDigest(const SignedDigest& signedDigest,
+ Input subjectPublicKeyInfo) override {
+ return TestVerifyECDSASignedDigest(signedDigest, subjectPublicKeyInfo);
+ }
+
+ Result CheckRSAPublicKeyModulusSizeInBits(EndEntityOrCA,
+ unsigned int) override {
+ return Success;
+ }
+
+ Result VerifyRSAPKCS1SignedDigest(const SignedDigest& signedDigest,
+ Input subjectPublicKeyInfo) override {
+ return TestVerifyRSAPKCS1SignedDigest(signedDigest, subjectPublicKeyInfo);
+ }
+
+ Result CheckValidityIsAcceptable(Time, Time, EndEntityOrCA,
+ KeyPurposeId) override {
+ return Success;
+ }
+
+ Result NetscapeStepUpMatchesServerAuth(Time, /*out*/ bool& matches) override {
+ matches = true;
+ return Success;
+ }
+
+ void NoteAuxiliaryExtension(AuxiliaryExtension, Input) override {}
+};
+
+class DefaultNameMatchingPolicy : public NameMatchingPolicy {
+ public:
+ virtual Result FallBackToCommonName(
+ Time,
+ /*out*/ FallBackToSearchWithinSubject& fallBackToCommonName) override {
+ fallBackToCommonName = FallBackToSearchWithinSubject::Yes;
+ return Success;
+ }
+};
+}
+}
+} // namespace mozilla::pkix::test
+
+#endif // mozilla_pkix_pkixgtest_h
diff --git a/security/nss/gtests/mozpkix_gtest/pkixnames_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixnames_tests.cpp
new file mode 100644
index 000000000..2169db9db
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixnames_tests.cpp
@@ -0,0 +1,2838 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2014 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixcheck.h"
+#include "mozpkix/pkixder.h"
+#include "mozpkix/pkixutil.h"
+
+namespace mozilla { namespace pkix {
+
+Result MatchPresentedDNSIDWithReferenceDNSID(Input presentedDNSID,
+ Input referenceDNSID,
+ /*out*/ bool& matches);
+
+bool IsValidReferenceDNSID(Input hostname);
+bool IsValidPresentedDNSID(Input hostname);
+bool ParseIPv4Address(Input hostname, /*out*/ uint8_t (&out)[4]);
+bool ParseIPv6Address(Input hostname, /*out*/ uint8_t (&out)[16]);
+
+} } // namespace mozilla::pkix
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+struct PresentedMatchesReference
+{
+ ByteString presentedDNSID;
+ ByteString referenceDNSID;
+ Result expectedResult;
+ bool expectedMatches; // only valid when expectedResult == Success
+};
+
+::std::ostream& operator<<(::std::ostream& os, const PresentedMatchesReference&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+#define DNS_ID_MATCH(a, b) \
+ { \
+ ByteString(reinterpret_cast<const uint8_t*>(a), sizeof(a) - 1), \
+ ByteString(reinterpret_cast<const uint8_t*>(b), sizeof(b) - 1), \
+ Success, \
+ true \
+ }
+
+#define DNS_ID_MISMATCH(a, b) \
+ { \
+ ByteString(reinterpret_cast<const uint8_t*>(a), sizeof(a) - 1), \
+ ByteString(reinterpret_cast<const uint8_t*>(b), sizeof(b) - 1), \
+ Success, \
+ false \
+ }
+
+#define DNS_ID_BAD_DER(a, b) \
+ { \
+ ByteString(reinterpret_cast<const uint8_t*>(a), sizeof(a) - 1), \
+ ByteString(reinterpret_cast<const uint8_t*>(b), sizeof(b) - 1), \
+ Result::ERROR_BAD_DER, \
+ false \
+ }
+
+static const PresentedMatchesReference DNSID_MATCH_PARAMS[] =
+{
+ DNS_ID_BAD_DER("", "a"),
+
+ DNS_ID_MATCH("a", "a"),
+ DNS_ID_MISMATCH("b", "a"),
+
+ DNS_ID_MATCH("*.b.a", "c.b.a"),
+ DNS_ID_MISMATCH("*.b.a", "b.a"),
+ DNS_ID_MISMATCH("*.b.a", "b.a."),
+
+ // We allow underscores for compatibility with existing practices.
+ DNS_ID_MATCH("a_b", "a_b"),
+ DNS_ID_MATCH("*.example.com", "uses_underscore.example.com"),
+ DNS_ID_MATCH("*.uses_underscore.example.com", "a.uses_underscore.example.com"),
+
+ // See bug 1139039
+ DNS_ID_MATCH("_.example.com", "_.example.com"),
+ DNS_ID_MATCH("*.example.com", "_.example.com"),
+ DNS_ID_MATCH("_", "_"),
+ DNS_ID_MATCH("___", "___"),
+ DNS_ID_MATCH("example_", "example_"),
+ DNS_ID_MATCH("_example", "_example"),
+ DNS_ID_MATCH("*._._", "x._._"),
+
+ // See bug 1139039
+ // A DNS-ID must not end in an all-numeric label. We don't consider
+ // underscores to be numeric.
+ DNS_ID_MATCH("_1", "_1"),
+ DNS_ID_MATCH("example._1", "example._1"),
+ DNS_ID_MATCH("example.1_", "example.1_"),
+
+ // Wildcard not in leftmost label
+ DNS_ID_MATCH("d.c.b.a", "d.c.b.a"),
+ DNS_ID_BAD_DER("d.*.b.a", "d.c.b.a"),
+ DNS_ID_BAD_DER("d.c*.b.a", "d.c.b.a"),
+ DNS_ID_BAD_DER("d.c*.b.a", "d.cc.b.a"),
+
+ // case sensitivity
+ DNS_ID_MATCH("abcdefghijklmnopqrstuvwxyz", "ABCDEFGHIJKLMNOPQRSTUVWXYZ"),
+ DNS_ID_MATCH("ABCDEFGHIJKLMNOPQRSTUVWXYZ", "abcdefghijklmnopqrstuvwxyz"),
+ DNS_ID_MATCH("aBc", "Abc"),
+
+ // digits
+ DNS_ID_MATCH("a1", "a1"),
+
+ // A trailing dot indicates an absolute name. Absolute presented names are
+ // not allowed, but absolute reference names are allowed.
+ DNS_ID_MATCH("example", "example"),
+ DNS_ID_BAD_DER("example.", "example."),
+ DNS_ID_MATCH("example", "example."),
+ DNS_ID_BAD_DER("example.", "example"),
+ DNS_ID_MATCH("example.com", "example.com"),
+ DNS_ID_BAD_DER("example.com.", "example.com."),
+ DNS_ID_MATCH("example.com", "example.com."),
+ DNS_ID_BAD_DER("example.com.", "example.com"),
+ DNS_ID_BAD_DER("example.com..", "example.com."),
+ DNS_ID_BAD_DER("example.com..", "example.com"),
+ DNS_ID_BAD_DER("example.com...", "example.com."),
+
+ // xn-- IDN prefix
+ DNS_ID_BAD_DER("x*.b.a", "xa.b.a"),
+ DNS_ID_BAD_DER("x*.b.a", "xna.b.a"),
+ DNS_ID_BAD_DER("x*.b.a", "xn-a.b.a"),
+ DNS_ID_BAD_DER("x*.b.a", "xn--a.b.a"),
+ DNS_ID_BAD_DER("xn*.b.a", "xn--a.b.a"),
+ DNS_ID_BAD_DER("xn-*.b.a", "xn--a.b.a"),
+ DNS_ID_BAD_DER("xn--*.b.a", "xn--a.b.a"),
+ DNS_ID_BAD_DER("xn*.b.a", "xn--a.b.a"),
+ DNS_ID_BAD_DER("xn-*.b.a", "xn--a.b.a"),
+ DNS_ID_BAD_DER("xn--*.b.a", "xn--a.b.a"),
+ DNS_ID_BAD_DER("xn---*.b.a", "xn--a.b.a"),
+
+ // "*" cannot expand to nothing.
+ DNS_ID_BAD_DER("c*.b.a", "c.b.a"),
+
+ /////////////////////////////////////////////////////////////////////////////
+ // These are test cases adapted from Chromium's x509_certificate_unittest.cc.
+ // The parameter order is the opposite in Chromium's tests. Also, some tests
+ // were modified to fit into this framework or due to intentional differences
+ // between mozilla::pkix and Chromium.
+
+ DNS_ID_MATCH("foo.com", "foo.com"),
+ DNS_ID_MATCH("f", "f"),
+ DNS_ID_MISMATCH("i", "h"),
+ DNS_ID_MATCH("*.foo.com", "bar.foo.com"),
+ DNS_ID_MATCH("*.test.fr", "www.test.fr"),
+ DNS_ID_MATCH("*.test.FR", "wwW.tESt.fr"),
+ DNS_ID_BAD_DER(".uk", "f.uk"),
+ DNS_ID_BAD_DER("?.bar.foo.com", "w.bar.foo.com"),
+ DNS_ID_BAD_DER("(www|ftp).foo.com", "www.foo.com"), // regex!
+ DNS_ID_BAD_DER("www.foo.com\0", "www.foo.com"),
+ DNS_ID_BAD_DER("www.foo.com\0*.foo.com", "www.foo.com"),
+ DNS_ID_MISMATCH("ww.house.example", "www.house.example"),
+ DNS_ID_MISMATCH("www.test.org", "test.org"),
+ DNS_ID_MISMATCH("*.test.org", "test.org"),
+ DNS_ID_BAD_DER("*.org", "test.org"),
+ DNS_ID_BAD_DER("w*.bar.foo.com", "w.bar.foo.com"),
+ DNS_ID_BAD_DER("ww*ww.bar.foo.com", "www.bar.foo.com"),
+ DNS_ID_BAD_DER("ww*ww.bar.foo.com", "wwww.bar.foo.com"),
+
+ // Different than Chromium, matches NSS.
+ DNS_ID_BAD_DER("w*w.bar.foo.com", "wwww.bar.foo.com"),
+
+ DNS_ID_BAD_DER("w*w.bar.foo.c0m", "wwww.bar.foo.com"),
+
+ // '*' must be the only character in the wildcard label
+ DNS_ID_BAD_DER("wa*.bar.foo.com", "WALLY.bar.foo.com"),
+
+ // We require "*" to be the last character in a wildcard label, but
+ // Chromium does not.
+ DNS_ID_BAD_DER("*Ly.bar.foo.com", "wally.bar.foo.com"),
+
+ // Chromium does URL decoding of the reference ID, but we don't, and we also
+ // require that the reference ID is valid, so we can't test these two.
+ // DNS_ID_MATCH("www.foo.com", "ww%57.foo.com"),
+ // DNS_ID_MATCH("www&.foo.com", "www%26.foo.com"),
+
+ DNS_ID_MISMATCH("*.test.de", "www.test.co.jp"),
+ DNS_ID_BAD_DER("*.jp", "www.test.co.jp"),
+ DNS_ID_MISMATCH("www.test.co.uk", "www.test.co.jp"),
+ DNS_ID_BAD_DER("www.*.co.jp", "www.test.co.jp"),
+ DNS_ID_MATCH("www.bar.foo.com", "www.bar.foo.com"),
+ DNS_ID_MISMATCH("*.foo.com", "www.bar.foo.com"),
+ DNS_ID_BAD_DER("*.*.foo.com", "www.bar.foo.com"),
+ DNS_ID_BAD_DER("*.*.foo.com", "www.bar.foo.com"),
+
+ // Our matcher requires the reference ID to be a valid DNS name, so we cannot
+ // test this case.
+ //DNS_ID_BAD_DER("*.*.bar.foo.com", "*..bar.foo.com"),
+
+ DNS_ID_MATCH("www.bath.org", "www.bath.org"),
+
+ // Our matcher requires the reference ID to be a valid DNS name, so we cannot
+ // test these cases.
+ // DNS_ID_BAD_DER("www.bath.org", ""),
+ // DNS_ID_BAD_DER("www.bath.org", "20.30.40.50"),
+ // DNS_ID_BAD_DER("www.bath.org", "66.77.88.99"),
+
+ // IDN tests
+ DNS_ID_MATCH("xn--poema-9qae5a.com.br", "xn--poema-9qae5a.com.br"),
+ DNS_ID_MATCH("*.xn--poema-9qae5a.com.br", "www.xn--poema-9qae5a.com.br"),
+ DNS_ID_MISMATCH("*.xn--poema-9qae5a.com.br", "xn--poema-9qae5a.com.br"),
+ DNS_ID_BAD_DER("xn--poema-*.com.br", "xn--poema-9qae5a.com.br"),
+ DNS_ID_BAD_DER("xn--*-9qae5a.com.br", "xn--poema-9qae5a.com.br"),
+ DNS_ID_BAD_DER("*--poema-9qae5a.com.br", "xn--poema-9qae5a.com.br"),
+
+ // The following are adapted from the examples quoted from
+ // http://tools.ietf.org/html/rfc6125#section-6.4.3
+ // (e.g., *.example.com would match foo.example.com but
+ // not bar.foo.example.com or example.com).
+ DNS_ID_MATCH("*.example.com", "foo.example.com"),
+ DNS_ID_MISMATCH("*.example.com", "bar.foo.example.com"),
+ DNS_ID_MISMATCH("*.example.com", "example.com"),
+ // (e.g., baz*.example.net and *baz.example.net and b*z.example.net would
+ // be taken to match baz1.example.net and foobaz.example.net and
+ // buzz.example.net, respectively. However, we don't allow any characters
+ // other than '*' in the wildcard label.
+ DNS_ID_BAD_DER("baz*.example.net", "baz1.example.net"),
+
+ // Both of these are different from Chromium, but match NSS, becaues the
+ // wildcard character "*" is not the last character of the label.
+ DNS_ID_BAD_DER("*baz.example.net", "foobaz.example.net"),
+ DNS_ID_BAD_DER("b*z.example.net", "buzz.example.net"),
+
+ // Wildcards should not be valid for public registry controlled domains,
+ // and unknown/unrecognized domains, at least three domain components must
+ // be present. For mozilla::pkix and NSS, there must always be at least two
+ // labels after the wildcard label.
+ DNS_ID_MATCH("*.test.example", "www.test.example"),
+ DNS_ID_MATCH("*.example.co.uk", "test.example.co.uk"),
+ DNS_ID_BAD_DER("*.exmaple", "test.example"),
+
+ // The result is different than Chromium, because Chromium takes into account
+ // the additional knowledge it has that "co.uk" is a TLD. mozilla::pkix does
+ // not know that.
+ DNS_ID_MATCH("*.co.uk", "example.co.uk"),
+
+ DNS_ID_BAD_DER("*.com", "foo.com"),
+ DNS_ID_BAD_DER("*.us", "foo.us"),
+ DNS_ID_BAD_DER("*", "foo"),
+
+ // IDN variants of wildcards and registry controlled domains.
+ DNS_ID_MATCH("*.xn--poema-9qae5a.com.br", "www.xn--poema-9qae5a.com.br"),
+ DNS_ID_MATCH("*.example.xn--mgbaam7a8h", "test.example.xn--mgbaam7a8h"),
+
+ // RFC6126 allows this, and NSS accepts it, but Chromium disallows it.
+ // TODO: File bug against Chromium.
+ DNS_ID_MATCH("*.com.br", "xn--poema-9qae5a.com.br"),
+
+ DNS_ID_BAD_DER("*.xn--mgbaam7a8h", "example.xn--mgbaam7a8h"),
+ // Wildcards should be permissible for 'private' registry-controlled
+ // domains. (In mozilla::pkix, we do not know if it is a private registry-
+ // controlled domain or not.)
+ DNS_ID_MATCH("*.appspot.com", "www.appspot.com"),
+ DNS_ID_MATCH("*.s3.amazonaws.com", "foo.s3.amazonaws.com"),
+
+ // Multiple wildcards are not valid.
+ DNS_ID_BAD_DER("*.*.com", "foo.example.com"),
+ DNS_ID_BAD_DER("*.bar.*.com", "foo.bar.example.com"),
+
+ // Absolute vs relative DNS name tests. Although not explicitly specified
+ // in RFC 6125, absolute reference names (those ending in a .) should
+ // match either absolute or relative presented names. We don't allow
+ // absolute presented names.
+ // TODO: File errata against RFC 6125 about this.
+ DNS_ID_BAD_DER("foo.com.", "foo.com"),
+ DNS_ID_MATCH("foo.com", "foo.com."),
+ DNS_ID_BAD_DER("foo.com.", "foo.com."),
+ DNS_ID_BAD_DER("f.", "f"),
+ DNS_ID_MATCH("f", "f."),
+ DNS_ID_BAD_DER("f.", "f."),
+ DNS_ID_BAD_DER("*.bar.foo.com.", "www-3.bar.foo.com"),
+ DNS_ID_MATCH("*.bar.foo.com", "www-3.bar.foo.com."),
+ DNS_ID_BAD_DER("*.bar.foo.com.", "www-3.bar.foo.com."),
+
+ // We require the reference ID to be a valid DNS name, so we cannot test this
+ // case.
+ // DNS_ID_MISMATCH(".", "."),
+
+ DNS_ID_BAD_DER("*.com.", "example.com"),
+ DNS_ID_BAD_DER("*.com", "example.com."),
+ DNS_ID_BAD_DER("*.com.", "example.com."),
+ DNS_ID_BAD_DER("*.", "foo."),
+ DNS_ID_BAD_DER("*.", "foo"),
+
+ // The result is different than Chromium because we don't know that co.uk is
+ // a TLD.
+ DNS_ID_MATCH("*.co.uk", "foo.co.uk"),
+ DNS_ID_MATCH("*.co.uk", "foo.co.uk."),
+ DNS_ID_BAD_DER("*.co.uk.", "foo.co.uk"),
+ DNS_ID_BAD_DER("*.co.uk.", "foo.co.uk."),
+
+ DNS_ID_MISMATCH("*.example.com", "localhost"),
+ DNS_ID_MISMATCH("*.example.com", "localhost."),
+ // Note that we already have the testcase DNS_ID_BAD_DER("*", "foo") above
+};
+
+struct InputValidity
+{
+ ByteString input;
+ bool isValidReferenceID;
+ bool isValidPresentedID;
+};
+
+::std::ostream& operator<<(::std::ostream& os, const InputValidity&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+// str is null-terminated, which is why we subtract 1. str may contain embedded
+// nulls (including at the end) preceding the null terminator though.
+#define I(str, validReferenceID, validPresentedID) \
+ { \
+ ByteString(reinterpret_cast<const uint8_t*>(str), sizeof(str) - 1), \
+ validReferenceID, \
+ validPresentedID, \
+ }
+
+static const InputValidity DNSNAMES_VALIDITY[] =
+{
+ I("a", true, true),
+ I("a.b", true, true),
+ I("a.b.c", true, true),
+ I("a.b.c.d", true, true),
+
+ // empty labels
+ I("", false, false),
+ I(".", false, false),
+ I("a", true, true),
+ I(".a", false, false),
+ I(".a.b", false, false),
+ I("..a", false, false),
+ I("a..b", false, false),
+ I("a...b", false, false),
+ I("a..b.c", false, false),
+ I("a.b..c", false, false),
+ I(".a.b.c.", false, false),
+
+ // absolute names (only allowed for reference names)
+ I("a.", true, false),
+ I("a.b.", true, false),
+ I("a.b.c.", true, false),
+
+ // absolute names with empty label at end
+ I("a..", false, false),
+ I("a.b..", false, false),
+ I("a.b.c..", false, false),
+ I("a...", false, false),
+
+ // Punycode
+ I("xn--", false, false),
+ I("xn--.", false, false),
+ I("xn--.a", false, false),
+ I("a.xn--", false, false),
+ I("a.xn--.", false, false),
+ I("a.xn--.b", false, false),
+ I("a.xn--.b", false, false),
+ I("a.xn--\0.b", false, false),
+ I("a.xn--a.b", true, true),
+ I("xn--a", true, true),
+ I("a.xn--a", true, true),
+ I("a.xn--a.a", true, true),
+ I("\xc4\x95.com", false, false), // UTF-8 ĕ
+ I("xn--jea.com", true, true), // punycode ĕ
+ I("xn--\xc4\x95.com", false, false), // UTF-8 ĕ, malformed punycode + UTF-8 mashup
+
+ // Surprising punycode
+ I("xn--google.com", true, true), // 䕮䕵䕶䕱.com
+ I("xn--citibank.com", true, true), // 岍岊岊岅岉岎.com
+ I("xn--cnn.com", true, true), // 䁾.com
+ I("a.xn--cnn", true, true), // a.䁾
+ I("a.xn--cnn.com", true, true), // a.䁾.com
+
+ I("1.2.3.4", false, false), // IPv4 address
+ I("1::2", false, false), // IPV6 address
+
+ // whitespace not allowed anywhere.
+ I(" ", false, false),
+ I(" a", false, false),
+ I("a ", false, false),
+ I("a b", false, false),
+ I("a.b 1", false, false),
+ I("a\t", false, false),
+
+ // Nulls not allowed
+ I("\0", false, false),
+ I("a\0", false, false),
+ I("example.org\0.example.com", false, false), // Hi Moxie!
+ I("\0a", false, false),
+ I("xn--\0", false, false),
+
+ // Allowed character set
+ I("a.b.c.d.e.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z", true, true),
+ I("A.B.C.D.E.F.G.H.I.J.K.L.M.N.O.P.Q.R.S.T.U.V.W.X.Y.Z", true, true),
+ I("0.1.2.3.4.5.6.7.8.9.a", true, true), // "a" needed to avoid numeric last label
+ I("a-b", true, true), // hyphen (a label cannot start or end with a hyphen)
+
+ // Underscores
+ I("a_b", true, true),
+ // See bug 1139039
+ I("_", true, true),
+ I("a_", true, true),
+ I("_a", true, true),
+ I("_1", true, true),
+ I("1_", true, true),
+ I("___", true, true),
+
+ // An invalid character in various positions
+ I("!", false, false),
+ I("!a", false, false),
+ I("a!", false, false),
+ I("a!b", false, false),
+ I("a.!", false, false),
+ I("a.a!", false, false),
+ I("a.!a", false, false),
+ I("a.a!a", false, false),
+ I("a.!a.a", false, false),
+ I("a.a!.a", false, false),
+ I("a.a!a.a", false, false),
+
+ // Various other invalid characters
+ I("a!", false, false),
+ I("a@", false, false),
+ I("a#", false, false),
+ I("a$", false, false),
+ I("a%", false, false),
+ I("a^", false, false),
+ I("a&", false, false),
+ I("a*", false, false),
+ I("a(", false, false),
+ I("a)", false, false),
+
+ // last label can't be fully numeric
+ I("1", false, false),
+ I("a.1", false, false),
+
+ // other labels can be fully numeric
+ I("1.a", true, true),
+ I("1.2.a", true, true),
+ I("1.2.3.a", true, true),
+
+ // last label can be *partly* numeric
+ I("1a", true, true),
+ I("1.1a", true, true),
+ I("1-1", true, true),
+ I("a.1-1", true, true),
+ I("a.1-a", true, true),
+
+ // labels cannot start with a hyphen
+ I("-", false, false),
+ I("-1", false, false),
+
+ // labels cannot end with a hyphen
+ I("1-", false, false),
+ I("1-.a", false, false),
+ I("a-", false, false),
+ I("a-.a", false, false),
+ I("a.1-.a", false, false),
+ I("a.a-.a", false, false),
+
+ // labels can contain a hyphen in the middle
+ I("a-b", true, true),
+ I("1-2", true, true),
+ I("a.a-1", true, true),
+
+ // multiple consecutive hyphens allowed
+ I("a--1", true, true),
+ I("1---a", true, true),
+ I("a-----------------b", true, true),
+
+ // Wildcard specifications are not valid reference names, but are valid
+ // presented names if there are enough labels and if '*' is the only
+ // character in the wildcard label.
+ I("*.a", false, false),
+ I("a*", false, false),
+ I("a*.", false, false),
+ I("a*.a", false, false),
+ I("a*.a.", false, false),
+ I("*.a.b", false, true),
+ I("*.a.b.", false, false),
+ I("a*.b.c", false, false),
+ I("*.a.b.c", false, true),
+ I("a*.b.c.d", false, false),
+
+ // Multiple wildcards are not allowed.
+ I("a**.b.c", false, false),
+ I("a*b*.c.d", false, false),
+ I("a*.b*.c", false, false),
+
+ // Wildcards are only allowed in the first label.
+ I("a.*", false, false),
+ I("a.*.b", false, false),
+ I("a.b.*", false, false),
+ I("a.b*.c", false, false),
+ I("*.b*.c", false, false),
+ I(".*.a.b", false, false),
+ I(".a*.b.c", false, false),
+
+ // Wildcards must be at the *end* of the first label.
+ I("*a.b.c", false, false),
+ I("a*b.c.d", false, false),
+
+ // Wildcards not allowed with IDNA prefix
+ I("x*.a.b", false, false),
+ I("xn*.a.b", false, false),
+ I("xn-*.a.b", false, false),
+ I("xn--*.a.b", false, false),
+ I("xn--w*.a.b", false, false),
+
+ // Redacted labels from RFC6962bis draft 4
+ // https://tools.ietf.org/html/draft-ietf-trans-rfc6962-bis-04#section-3.2.2
+ I("(PRIVATE).foo", false, false),
+
+ // maximum label length is 63 characters
+ I("1234567890" "1234567890" "1234567890"
+ "1234567890" "1234567890" "1234567890" "abc", true, true),
+ I("1234567890" "1234567890" "1234567890"
+ "1234567890" "1234567890" "1234567890" "abcd", false, false),
+
+ // maximum total length is 253 characters
+ I("1234567890" "1234567890" "1234567890" "1234567890" "1234567890" "."
+ "1234567890" "1234567890" "1234567890" "1234567890" "1234567890" "."
+ "1234567890" "1234567890" "1234567890" "1234567890" "1234567890" "."
+ "1234567890" "1234567890" "1234567890" "1234567890" "1234567890" "."
+ "1234567890" "1234567890" "1234567890" "1234567890" "12345678" "a",
+ true, true),
+ I("1234567890" "1234567890" "1234567890" "1234567890" "1234567890" "."
+ "1234567890" "1234567890" "1234567890" "1234567890" "1234567890" "."
+ "1234567890" "1234567890" "1234567890" "1234567890" "1234567890" "."
+ "1234567890" "1234567890" "1234567890" "1234567890" "1234567890" "."
+ "1234567890" "1234567890" "1234567890" "1234567890" "123456789" "a",
+ false, false),
+};
+
+static const InputValidity DNSNAMES_VALIDITY_TURKISH_I[] =
+{
+ // http://en.wikipedia.org/wiki/Dotted_and_dotless_I#In_computing
+ // IDN registration rules disallow "latin capital letter i with dot above,"
+ // but our checks aren't intended to enforce those rules.
+ I("I", true, true), // ASCII capital I
+ I("i", true, true), // ASCII lowercase i
+ I("\xC4\xB0", false, false), // latin capital letter i with dot above
+ I("\xC4\xB1", false, false), // latin small letter dotless i
+ I("xn--i-9bb", true, true), // latin capital letter i with dot above, in punycode
+ I("xn--cfa", true, true), // latin small letter dotless i, in punycode
+ I("xn--\xC4\xB0", false, false), // latin capital letter i with dot above, mashup
+ I("xn--\xC4\xB1", false, false), // latin small letter dotless i, mashup
+};
+
+static const uint8_t LOWERCASE_I_VALUE[1] = { 'i' };
+static const uint8_t UPPERCASE_I_VALUE[1] = { 'I' };
+static const Input LOWERCASE_I(LOWERCASE_I_VALUE);
+static const Input UPPERCASE_I(UPPERCASE_I_VALUE);
+
+template <unsigned int L>
+struct IPAddressParams
+{
+ ByteString input;
+ bool isValid;
+ uint8_t expectedValueIfValid[L];
+};
+
+template <unsigned int L>
+::std::ostream& operator<<(::std::ostream& os, const IPAddressParams<L>&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+#define IPV4_VALID(str, a, b, c, d) \
+ { \
+ ByteString(reinterpret_cast<const uint8_t*>(str), sizeof(str) - 1), \
+ true, \
+ { a, b, c, d } \
+ }
+
+// The value of expectedValueIfValid must be ignored for invalid IP addresses.
+// The value { 73, 73, 73, 73 } is used because it is unlikely to result in an
+// accidental match, unlike { 0, 0, 0, 0 }, which is a value we actually test.
+#define IPV4_INVALID(str) \
+ { \
+ ByteString(reinterpret_cast<const uint8_t*>(str), sizeof(str) - 1), \
+ false, \
+ { 73, 73, 73, 73 } \
+ }
+
+static const IPAddressParams<4> IPV4_ADDRESSES[] =
+{
+ IPV4_INVALID(""),
+ IPV4_INVALID("1"),
+ IPV4_INVALID("1.2"),
+ IPV4_INVALID("1.2.3"),
+ IPV4_VALID("1.2.3.4", 1, 2, 3, 4),
+ IPV4_INVALID("1.2.3.4.5"),
+
+ IPV4_INVALID("1.2.3.4a"), // a DNSName!
+ IPV4_INVALID("a.2.3.4"), // not even a DNSName!
+ IPV4_INVALID("1::2"), // IPv6 address
+
+ // Whitespace not allowed
+ IPV4_INVALID(" 1.2.3.4"),
+ IPV4_INVALID("1.2.3.4 "),
+ IPV4_INVALID("1 .2.3.4"),
+ IPV4_INVALID("\n1.2.3.4"),
+ IPV4_INVALID("1.2.3.4\n"),
+
+ // Nulls not allowed
+ IPV4_INVALID("\0"),
+ IPV4_INVALID("\0" "1.2.3.4"),
+ IPV4_INVALID("1.2.3.4\0"),
+ IPV4_INVALID("1.2.3.4\0.5"),
+
+ // Range
+ IPV4_VALID("0.0.0.0", 0, 0, 0, 0),
+ IPV4_VALID("255.255.255.255", 255, 255, 255, 255),
+ IPV4_INVALID("256.0.0.0"),
+ IPV4_INVALID("0.256.0.0"),
+ IPV4_INVALID("0.0.256.0"),
+ IPV4_INVALID("0.0.0.256"),
+ IPV4_INVALID("999.0.0.0"),
+ IPV4_INVALID("9999999999999999999.0.0.0"),
+
+ // All digits allowed
+ IPV4_VALID("0.1.2.3", 0, 1, 2, 3),
+ IPV4_VALID("4.5.6.7", 4, 5, 6, 7),
+ IPV4_VALID("8.9.0.1", 8, 9, 0, 1),
+
+ // Leading zeros not allowed
+ IPV4_INVALID("01.2.3.4"),
+ IPV4_INVALID("001.2.3.4"),
+ IPV4_INVALID("00000000001.2.3.4"),
+ IPV4_INVALID("010.2.3.4"),
+ IPV4_INVALID("1.02.3.4"),
+ IPV4_INVALID("1.2.03.4"),
+ IPV4_INVALID("1.2.3.04"),
+
+ // Empty components
+ IPV4_INVALID(".2.3.4"),
+ IPV4_INVALID("1..3.4"),
+ IPV4_INVALID("1.2..4"),
+ IPV4_INVALID("1.2.3."),
+
+ // Too many components
+ IPV4_INVALID("1.2.3.4.5"),
+ IPV4_INVALID("1.2.3.4.5.6"),
+ IPV4_INVALID("0.1.2.3.4"),
+ IPV4_INVALID("1.2.3.4.0"),
+
+ // Leading/trailing dot
+ IPV4_INVALID(".1.2.3.4"),
+ IPV4_INVALID("1.2.3.4."),
+
+ // Other common forms of IPv4 address
+ // http://en.wikipedia.org/wiki/IPv4#Address_representations
+ IPV4_VALID("192.0.2.235", 192, 0, 2, 235), // dotted decimal (control value)
+ IPV4_INVALID("0xC0.0x00.0x02.0xEB"), // dotted hex
+ IPV4_INVALID("0301.0000.0002.0353"), // dotted octal
+ IPV4_INVALID("0xC00002EB"), // non-dotted hex
+ IPV4_INVALID("3221226219"), // non-dotted decimal
+ IPV4_INVALID("030000001353"), // non-dotted octal
+ IPV4_INVALID("192.0.0002.0xEB"), // mixed
+};
+
+#define IPV6_VALID(str, a, b, c, d, e, f, g, h, i, j, k, l, m, n, o, p) \
+ { \
+ ByteString(reinterpret_cast<const uint8_t*>(str), sizeof(str) - 1), \
+ true, \
+ { a, b, c, d, \
+ e, f, g, h, \
+ i, j, k, l, \
+ m, n, o, p } \
+ }
+
+#define IPV6_INVALID(str) \
+ { \
+ ByteString(reinterpret_cast<const uint8_t*>(str), sizeof(str) - 1), \
+ false, \
+ { 73, 73, 73, 73, \
+ 73, 73, 73, 73, \
+ 73, 73, 73, 73, \
+ 73, 73, 73, 73 } \
+ }
+
+static const IPAddressParams<16> IPV6_ADDRESSES[] =
+{
+ IPV6_INVALID(""),
+ IPV6_INVALID("1234"),
+ IPV6_INVALID("1234:5678"),
+ IPV6_INVALID("1234:5678:9abc"),
+ IPV6_INVALID("1234:5678:9abc:def0"),
+ IPV6_INVALID("1234:5678:9abc:def0:1234:"),
+ IPV6_INVALID("1234:5678:9abc:def0:1234:5678:"),
+ IPV6_INVALID("1234:5678:9abc:def0:1234:5678:9abc:"),
+ IPV6_VALID("1234:5678:9abc:def0:1234:5678:9abc:def0",
+ 0x12, 0x34, 0x56, 0x78,
+ 0x9a, 0xbc, 0xde, 0xf0,
+ 0x12, 0x34, 0x56, 0x78,
+ 0x9a, 0xbc, 0xde, 0xf0),
+ IPV6_INVALID("1234:5678:9abc:def0:1234:5678:9abc:def0:"),
+ IPV6_INVALID(":1234:5678:9abc:def0:1234:5678:9abc:def0"),
+ IPV6_INVALID("1234:5678:9abc:def0:1234:5678:9abc:def0:0000"),
+
+ // Valid contractions
+ IPV6_VALID("::1",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01),
+ IPV6_VALID("::1234",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x12, 0x34),
+ IPV6_VALID("1234::",
+ 0x12, 0x34, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00),
+ IPV6_VALID("1234::5678",
+ 0x12, 0x34, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x56, 0x78),
+ IPV6_VALID("1234:5678::abcd",
+ 0x12, 0x34, 0x56, 0x78,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0xab, 0xcd),
+ IPV6_VALID("1234:5678:9abc:def0:1234:5678:9abc::",
+ 0x12, 0x34, 0x56, 0x78,
+ 0x9a, 0xbc, 0xde, 0xf0,
+ 0x12, 0x34, 0x56, 0x78,
+ 0x9a, 0xbc, 0x00, 0x00),
+
+ // Contraction in full IPv6 addresses not allowed
+ IPV6_INVALID("::1234:5678:9abc:def0:1234:5678:9abc:def0"), // start
+ IPV6_INVALID("1234:5678:9abc:def0:1234:5678:9abc:def0::"), // end
+ IPV6_INVALID("1234:5678::9abc:def0:1234:5678:9abc:def0"), // interior
+
+ // Multiple contractions not allowed
+ IPV6_INVALID("::1::"),
+ IPV6_INVALID("::1::2"),
+ IPV6_INVALID("1::2::"),
+
+ // Colon madness!
+ IPV6_INVALID(":"),
+ IPV6_INVALID("::"),
+ IPV6_INVALID(":::"),
+ IPV6_INVALID("::::"),
+ IPV6_INVALID(":::1"),
+ IPV6_INVALID("::::1"),
+ IPV6_INVALID("1:::2"),
+ IPV6_INVALID("1::::2"),
+ IPV6_INVALID("1:2:::"),
+ IPV6_INVALID("1:2::::"),
+ IPV6_INVALID("::1234:"),
+ IPV6_INVALID(":1234::"),
+
+ IPV6_INVALID("01234::"), // too many digits, even if zero
+ IPV6_INVALID("12345678::"), // too many digits or missing colon
+
+ // uppercase
+ IPV6_VALID("ABCD:EFAB::",
+ 0xab, 0xcd, 0xef, 0xab,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00),
+
+ // miXeD CAse
+ IPV6_VALID("aBcd:eFAb::",
+ 0xab, 0xcd, 0xef, 0xab,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00),
+
+ // IPv4-style
+ IPV6_VALID("::2.3.4.5",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x02, 0x03, 0x04, 0x05),
+ IPV6_VALID("1234::2.3.4.5",
+ 0x12, 0x34, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x02, 0x03, 0x04, 0x05),
+ IPV6_VALID("::abcd:2.3.4.5",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0xab, 0xcd,
+ 0x02, 0x03, 0x04, 0x05),
+ IPV6_VALID("1234:5678:9abc:def0:1234:5678:252.253.254.255",
+ 0x12, 0x34, 0x56, 0x78,
+ 0x9a, 0xbc, 0xde, 0xf0,
+ 0x12, 0x34, 0x56, 0x78,
+ 252, 253, 254, 255),
+ IPV6_VALID("1234:5678:9abc:def0:1234::252.253.254.255",
+ 0x12, 0x34, 0x56, 0x78,
+ 0x9a, 0xbc, 0xde, 0xf0,
+ 0x12, 0x34, 0x00, 0x00,
+ 252, 253, 254, 255),
+ IPV6_INVALID("1234::252.253.254"),
+ IPV6_INVALID("::252.253.254"),
+ IPV6_INVALID("::252.253.254.300"),
+ IPV6_INVALID("1234::252.253.254.255:"),
+ IPV6_INVALID("1234::252.253.254.255:5678"),
+
+ // Contractions that don't contract
+ IPV6_INVALID("::1234:5678:9abc:def0:1234:5678:9abc:def0"),
+ IPV6_INVALID("1234:5678:9abc:def0:1234:5678:9abc:def0::"),
+ IPV6_INVALID("1234:5678:9abc:def0::1234:5678:9abc:def0"),
+ IPV6_INVALID("1234:5678:9abc:def0:1234:5678::252.253.254.255"),
+
+ // With and without leading zeros
+ IPV6_VALID("::123",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x01, 0x23),
+ IPV6_VALID("::0123",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x01, 0x23),
+ IPV6_VALID("::012",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x12),
+ IPV6_VALID("::0012",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x12),
+ IPV6_VALID("::01",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01),
+ IPV6_VALID("::001",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01),
+ IPV6_VALID("::0001",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x01),
+ IPV6_VALID("::0",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00),
+ IPV6_VALID("::00",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00),
+ IPV6_VALID("::000",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00),
+ IPV6_VALID("::0000",
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00),
+ IPV6_INVALID("::01234"),
+ IPV6_INVALID("::00123"),
+ IPV6_INVALID("::000123"),
+
+ // Trailing zero
+ IPV6_INVALID("::12340"),
+
+ // Whitespace
+ IPV6_INVALID(" 1234:5678:9abc:def0:1234:5678:9abc:def0"),
+ IPV6_INVALID("\t1234:5678:9abc:def0:1234:5678:9abc:def0"),
+ IPV6_INVALID("\t1234:5678:9abc:def0:1234:5678:9abc:def0\n"),
+ IPV6_INVALID("1234 :5678:9abc:def0:1234:5678:9abc:def0"),
+ IPV6_INVALID("1234: 5678:9abc:def0:1234:5678:9abc:def0"),
+ IPV6_INVALID(":: 2.3.4.5"),
+ IPV6_INVALID("1234::252.253.254.255 "),
+ IPV6_INVALID("1234::252.253.254.255\n"),
+ IPV6_INVALID("1234::252.253. 254.255"),
+
+ // Nulls
+ IPV6_INVALID("\0"),
+ IPV6_INVALID("::1\0:2"),
+ IPV6_INVALID("::1\0"),
+ IPV6_INVALID("::1.2.3.4\0"),
+ IPV6_INVALID("::1.2\02.3.4"),
+};
+
+class pkixnames_MatchPresentedDNSIDWithReferenceDNSID
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<PresentedMatchesReference>
+{
+public:
+ DefaultNameMatchingPolicy mNameMatchingPolicy;
+};
+
+TEST_P(pkixnames_MatchPresentedDNSIDWithReferenceDNSID,
+ MatchPresentedDNSIDWithReferenceDNSID)
+{
+ const PresentedMatchesReference& param(GetParam());
+ SCOPED_TRACE(param.presentedDNSID.c_str());
+ SCOPED_TRACE(param.referenceDNSID.c_str());
+ Input presented;
+ ASSERT_EQ(Success, presented.Init(param.presentedDNSID.data(),
+ param.presentedDNSID.length()));
+ Input reference;
+ ASSERT_EQ(Success, reference.Init(param.referenceDNSID.data(),
+ param.referenceDNSID.length()));
+
+ // sanity check that test makes sense
+ ASSERT_TRUE(IsValidReferenceDNSID(reference));
+
+ bool matches;
+ ASSERT_EQ(param.expectedResult,
+ MatchPresentedDNSIDWithReferenceDNSID(presented, reference,
+ matches));
+ if (param.expectedResult == Success) {
+ ASSERT_EQ(param.expectedMatches, matches);
+ }
+}
+
+INSTANTIATE_TEST_CASE_P(pkixnames_MatchPresentedDNSIDWithReferenceDNSID,
+ pkixnames_MatchPresentedDNSIDWithReferenceDNSID,
+ testing::ValuesIn(DNSID_MATCH_PARAMS));
+
+class pkixnames_Turkish_I_Comparison
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<InputValidity>
+{
+public:
+ DefaultNameMatchingPolicy mNameMatchingPolicy;
+};
+
+TEST_P(pkixnames_Turkish_I_Comparison, MatchPresentedDNSIDWithReferenceDNSID)
+{
+ // Make sure we don't have the similar problems that strcasecmp and others
+ // have with the other kinds of "i" and "I" commonly used in Turkish locales.
+
+ const InputValidity& inputValidity(GetParam());
+ SCOPED_TRACE(inputValidity.input.c_str());
+ Input input;
+ ASSERT_EQ(Success, input.Init(inputValidity.input.data(),
+ inputValidity.input.length()));
+
+ bool isASCII = InputsAreEqual(LOWERCASE_I, input) ||
+ InputsAreEqual(UPPERCASE_I, input);
+ {
+ bool matches;
+ ASSERT_EQ(inputValidity.isValidPresentedID ? Success
+ : Result::ERROR_BAD_DER,
+ MatchPresentedDNSIDWithReferenceDNSID(input, LOWERCASE_I,
+ matches));
+ if (inputValidity.isValidPresentedID) {
+ ASSERT_EQ(isASCII, matches);
+ }
+ }
+ {
+ bool matches;
+ ASSERT_EQ(inputValidity.isValidPresentedID ? Success
+ : Result::ERROR_BAD_DER,
+ MatchPresentedDNSIDWithReferenceDNSID(input, UPPERCASE_I,
+ matches));
+ if (inputValidity.isValidPresentedID) {
+ ASSERT_EQ(isASCII, matches);
+ }
+ }
+}
+
+INSTANTIATE_TEST_CASE_P(pkixnames_Turkish_I_Comparison,
+ pkixnames_Turkish_I_Comparison,
+ testing::ValuesIn(DNSNAMES_VALIDITY_TURKISH_I));
+
+class pkixnames_IsValidReferenceDNSID
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<InputValidity>
+{
+public:
+ DefaultNameMatchingPolicy mNameMatchingPolicy;
+};
+
+TEST_P(pkixnames_IsValidReferenceDNSID, IsValidReferenceDNSID)
+{
+ const InputValidity& inputValidity(GetParam());
+ SCOPED_TRACE(inputValidity.input.c_str());
+ Input input;
+ ASSERT_EQ(Success, input.Init(inputValidity.input.data(),
+ inputValidity.input.length()));
+ ASSERT_EQ(inputValidity.isValidReferenceID, IsValidReferenceDNSID(input));
+ ASSERT_EQ(inputValidity.isValidPresentedID, IsValidPresentedDNSID(input));
+}
+
+INSTANTIATE_TEST_CASE_P(pkixnames_IsValidReferenceDNSID,
+ pkixnames_IsValidReferenceDNSID,
+ testing::ValuesIn(DNSNAMES_VALIDITY));
+INSTANTIATE_TEST_CASE_P(pkixnames_IsValidReferenceDNSID_Turkish_I,
+ pkixnames_IsValidReferenceDNSID,
+ testing::ValuesIn(DNSNAMES_VALIDITY_TURKISH_I));
+
+class pkixnames_ParseIPv4Address
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<IPAddressParams<4>>
+{
+public:
+ DefaultNameMatchingPolicy mNameMatchingPolicy;
+};
+
+TEST_P(pkixnames_ParseIPv4Address, ParseIPv4Address)
+{
+ const IPAddressParams<4>& param(GetParam());
+ SCOPED_TRACE(param.input.c_str());
+ Input input;
+ ASSERT_EQ(Success, input.Init(param.input.data(),
+ param.input.length()));
+ uint8_t ipAddress[4];
+ ASSERT_EQ(param.isValid, ParseIPv4Address(input, ipAddress));
+ if (param.isValid) {
+ for (size_t i = 0; i < sizeof(ipAddress); ++i) {
+ ASSERT_EQ(param.expectedValueIfValid[i], ipAddress[i]);
+ }
+ }
+}
+
+INSTANTIATE_TEST_CASE_P(pkixnames_ParseIPv4Address,
+ pkixnames_ParseIPv4Address,
+ testing::ValuesIn(IPV4_ADDRESSES));
+
+class pkixnames_ParseIPv6Address
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<IPAddressParams<16>>
+{
+public:
+ DefaultNameMatchingPolicy mNameMatchingPolicy;
+};
+
+TEST_P(pkixnames_ParseIPv6Address, ParseIPv6Address)
+{
+ const IPAddressParams<16>& param(GetParam());
+ SCOPED_TRACE(param.input.c_str());
+ Input input;
+ ASSERT_EQ(Success, input.Init(param.input.data(),
+ param.input.length()));
+ uint8_t ipAddress[16];
+ ASSERT_EQ(param.isValid, ParseIPv6Address(input, ipAddress));
+ if (param.isValid) {
+ for (size_t i = 0; i < sizeof(ipAddress); ++i) {
+ ASSERT_EQ(param.expectedValueIfValid[i], ipAddress[i]);
+ }
+ }
+}
+
+INSTANTIATE_TEST_CASE_P(pkixnames_ParseIPv6Address,
+ pkixnames_ParseIPv6Address,
+ testing::ValuesIn(IPV6_ADDRESSES));
+
+// This is an arbitrary string that is used to indicate that no SAN extension
+// should be put into the generated certificate. It needs to be different from
+// "" or any other subjectAltName value that we actually want to test, but its
+// actual value does not matter. Note that this isn't a correctly-encoded SAN
+// extension value!
+static const ByteString
+ NO_SAN(reinterpret_cast<const uint8_t*>("I'm a bad, bad, certificate"));
+
+struct CheckCertHostnameParams
+{
+ ByteString hostname;
+ ByteString subject;
+ ByteString subjectAltName;
+ Result result;
+};
+
+::std::ostream& operator<<(::std::ostream& os, const CheckCertHostnameParams&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+class pkixnames_CheckCertHostname
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<CheckCertHostnameParams>
+{
+public:
+ DefaultNameMatchingPolicy mNameMatchingPolicy;
+};
+
+#define WITH_SAN(r, ps, psan, result) \
+ { \
+ ByteString(reinterpret_cast<const uint8_t*>(r), sizeof(r) - 1), \
+ ps, \
+ psan, \
+ result \
+ }
+
+#define WITHOUT_SAN(r, ps, result) \
+ { \
+ ByteString(reinterpret_cast<const uint8_t*>(r), sizeof(r) - 1), \
+ ps, \
+ NO_SAN, \
+ result \
+ }
+
+static const uint8_t example_com[] = {
+ 'e', 'x', 'a', 'm', 'p', 'l', 'e', '.', 'c', 'o', 'm'
+};
+
+// Note that We avoid zero-valued bytes in these IP addresses so that we don't
+// get false negatives from anti-NULL-byte defenses in dNSName decoding.
+static const uint8_t ipv4_addr_bytes[] = {
+ 1, 2, 3, 4
+};
+static const uint8_t ipv4_addr_bytes_as_str[] = "\x01\x02\x03\x04";
+static const uint8_t ipv4_addr_str[] = "1.2.3.4";
+static const uint8_t ipv4_addr_bytes_FFFFFFFF[8] = {
+ 1, 2, 3, 4, 0xff, 0xff, 0xff, 0xff
+};
+
+static const uint8_t ipv4_compatible_ipv6_addr_bytes[] = {
+ 0, 0, 0, 0,
+ 0, 0, 0, 0,
+ 0, 0, 0, 0,
+ 1, 2, 3, 4
+};
+static const uint8_t ipv4_compatible_ipv6_addr_str[] = "::1.2.3.4";
+
+static const uint8_t ipv4_mapped_ipv6_addr_bytes[] = {
+ 0, 0, 0, 0,
+ 0, 0, 0, 0,
+ 0, 0, 0xFF, 0xFF,
+ 1, 2, 3, 4
+};
+static const uint8_t ipv4_mapped_ipv6_addr_str[] = "::FFFF:1.2.3.4";
+
+static const uint8_t ipv6_addr_bytes[] = {
+ 0x11, 0x22, 0x33, 0x44,
+ 0x55, 0x66, 0x77, 0x88,
+ 0x99, 0xaa, 0xbb, 0xcc,
+ 0xdd, 0xee, 0xff, 0x11
+};
+static const uint8_t ipv6_addr_bytes_as_str[] =
+ "\x11\x22\x33\x44"
+ "\x55\x66\x77\x88"
+ "\x99\xaa\xbb\xcc"
+ "\xdd\xee\xff\x11";
+
+static const uint8_t ipv6_addr_str[] =
+ "1122:3344:5566:7788:99aa:bbcc:ddee:ff11";
+
+static const uint8_t ipv6_other_addr_bytes[] = {
+ 0xff, 0xee, 0xdd, 0xcc,
+ 0xbb, 0xaa, 0x99, 0x88,
+ 0x77, 0x66, 0x55, 0x44,
+ 0x33, 0x22, 0x11, 0x00,
+};
+
+static const uint8_t ipv4_other_addr_bytes[] = {
+ 5, 6, 7, 8
+};
+static const uint8_t ipv4_other_addr_bytes_FFFFFFFF[] = {
+ 5, 6, 7, 8, 0xff, 0xff, 0xff, 0xff
+};
+
+static const uint8_t ipv4_addr_00000000_bytes[] = {
+ 0, 0, 0, 0
+};
+static const uint8_t ipv4_addr_FFFFFFFF_bytes[] = {
+ 0, 0, 0, 0
+};
+
+static const uint8_t ipv4_constraint_all_zeros_bytes[] = {
+ 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+static const uint8_t ipv6_addr_all_zeros_bytes[] = {
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+};
+
+static const uint8_t ipv6_constraint_all_zeros_bytes[] = {
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+static const uint8_t ipv4_constraint_CIDR_16_bytes[] = {
+ 1, 2, 0, 0, 0xff, 0xff, 0, 0
+};
+static const uint8_t ipv4_constraint_CIDR_17_bytes[] = {
+ 1, 2, 0, 0, 0xff, 0xff, 0x80, 0
+};
+
+// The subnet is 1.2.0.0/16 but it is specified as 1.2.3.0/16
+static const uint8_t ipv4_constraint_CIDR_16_bad_addr_bytes[] = {
+ 1, 2, 3, 0, 0xff, 0xff, 0, 0
+};
+
+// Masks are supposed to be of the form <ones><zeros>, but this one is of the
+// form <ones><zeros><ones><zeros>.
+static const uint8_t ipv4_constraint_bad_mask_bytes[] = {
+ 1, 2, 3, 0, 0xff, 0, 0xff, 0
+};
+
+static const uint8_t ipv6_constraint_CIDR_16_bytes[] = {
+ 0x11, 0x22, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0xff, 0xff, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+// The subnet is 1122::/16 but it is specified as 1122:3344::/16
+static const uint8_t ipv6_constraint_CIDR_16_bad_addr_bytes[] = {
+ 0x11, 0x22, 0x33, 0x44, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0xff, 0xff, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+// Masks are supposed to be of the form <ones><zeros>, but this one is of the
+// form <ones><zeros><ones><zeros>.
+static const uint8_t ipv6_constraint_bad_mask_bytes[] = {
+ 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0xff, 0xff, 0, 0, 0xff, 0xff, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+};
+
+static const uint8_t ipv4_addr_truncated_bytes[] = {
+ 1, 2, 3
+};
+static const uint8_t ipv4_addr_overlong_bytes[] = {
+ 1, 2, 3, 4, 5
+};
+static const uint8_t ipv4_constraint_truncated_bytes[] = {
+ 0, 0, 0, 0,
+ 0, 0, 0,
+};
+static const uint8_t ipv4_constraint_overlong_bytes[] = {
+ 0, 0, 0, 0,
+ 0, 0, 0, 0, 0
+};
+
+static const uint8_t ipv6_addr_truncated_bytes[] = {
+ 0x11, 0x22, 0x33, 0x44,
+ 0x55, 0x66, 0x77, 0x88,
+ 0x99, 0xaa, 0xbb, 0xcc,
+ 0xdd, 0xee, 0xff
+};
+static const uint8_t ipv6_addr_overlong_bytes[] = {
+ 0x11, 0x22, 0x33, 0x44,
+ 0x55, 0x66, 0x77, 0x88,
+ 0x99, 0xaa, 0xbb, 0xcc,
+ 0xdd, 0xee, 0xff, 0x11, 0x00
+};
+static const uint8_t ipv6_constraint_truncated_bytes[] = {
+ 0x11, 0x22, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0xff, 0xff, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0
+};
+static const uint8_t ipv6_constraint_overlong_bytes[] = {
+ 0x11, 0x22, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0xff, 0xff, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+// Note that, for DNSNames, these test cases in CHECK_CERT_HOSTNAME_PARAMS are
+// mostly about testing different scenerios regarding the structure of entries
+// in the subjectAltName and subject of the certificate, than about the how
+// specific presented identifier values are matched against the reference
+// identifier values. This is because we also use the test cases in
+// DNSNAMES_VALIDITY to test CheckCertHostname. Consequently, tests about
+// whether specific presented DNSNames (including wildcards, in particular) are
+// matched against a reference DNSName only need to be added to
+// DNSNAMES_VALIDITY, and not here.
+static const CheckCertHostnameParams CHECK_CERT_HOSTNAME_PARAMS[] =
+{
+ // This is technically illegal. PrintableString is defined in such a way that
+ // '*' is not an allowed character, but there are many real-world certificates
+ // that are encoded this way.
+ WITHOUT_SAN("foo.example.com", RDN(CN("*.example.com", der::PrintableString)),
+ Success),
+ WITHOUT_SAN("foo.example.com", RDN(CN("*.example.com", der::UTF8String)),
+ Success),
+
+ // Many certificates use TeletexString when encoding wildcards in CN-IDs
+ // because PrintableString is defined as not allowing '*' and UTF8String was,
+ // at one point in history, considered too new to depend on for compatibility.
+ // We accept TeletexString-encoded CN-IDs when they don't contain any escape
+ // sequences. The reference I used for the escape codes was
+ // https://tools.ietf.org/html/rfc1468. The escaping mechanism is actually
+ // pretty complex and these tests don't even come close to testing all the
+ // possibilities.
+ WITHOUT_SAN("foo.example.com", RDN(CN("*.example.com", der::TeletexString)),
+ Success),
+ // "ESC ( B" ({0x1B,0x50,0x42}) is the escape code to switch to ASCII, which
+ // is redundant because it already the default.
+ WITHOUT_SAN("foo.example.com",
+ RDN(CN("\x1B(B*.example.com", der::TeletexString)),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ WITHOUT_SAN("foo.example.com",
+ RDN(CN("*.example\x1B(B.com", der::TeletexString)),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ WITHOUT_SAN("foo.example.com",
+ RDN(CN("*.example.com\x1B(B", der::TeletexString)),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ // "ESC $ B" ({0x1B,0x24,0x42}) is the escape code to switch to
+ // JIS X 0208-1983 (a Japanese character set).
+ WITHOUT_SAN("foo.example.com",
+ RDN(CN("\x1B$B*.example.com", der::TeletexString)),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ WITHOUT_SAN("foo.example.com",
+ RDN(CN("*.example.com\x1B$B", der::TeletexString)),
+ Result::ERROR_BAD_CERT_DOMAIN),
+
+ // Match a DNSName SAN entry with a redundant (ignored) matching CN-ID.
+ WITH_SAN("a", RDN(CN("a")), DNSName("a"), Success),
+ // Match a DNSName SAN entry when there is an CN-ID that doesn't match.
+ WITH_SAN("b", RDN(CN("a")), DNSName("b"), Success),
+ // Do not match a CN-ID when there is a valid DNSName SAN Entry.
+ WITH_SAN("a", RDN(CN("a")), DNSName("b"), Result::ERROR_BAD_CERT_DOMAIN),
+ // Do not match a CN-ID when there is a malformed DNSName SAN Entry.
+ WITH_SAN("a", RDN(CN("a")), DNSName("!"), Result::ERROR_BAD_DER),
+ // Do not match a matching CN-ID when there is a valid IPAddress SAN entry.
+ WITH_SAN("a", RDN(CN("a")), IPAddress(ipv4_addr_bytes),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ // Do not match a matching CN-ID when there is a malformed IPAddress SAN entry.
+ WITH_SAN("a", RDN(CN("a")), IPAddress(example_com),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ // Match a DNSName against a matching CN-ID when there is a SAN, but the SAN
+ // does not contain an DNSName or IPAddress entry.
+ WITH_SAN("a", RDN(CN("a")), RFC822Name("foo@example.com"), Success),
+ // Match a matching CN-ID when there is no SAN.
+ WITHOUT_SAN("a", RDN(CN("a")), Success),
+ // Do not match a mismatching CN-ID when there is no SAN.
+ WITHOUT_SAN("a", RDN(CN("b")), Result::ERROR_BAD_CERT_DOMAIN),
+
+ // The first DNSName matches.
+ WITH_SAN("a", RDN(CN("foo")), DNSName("a") + DNSName("b"), Success),
+ // The last DNSName matches.
+ WITH_SAN("b", RDN(CN("foo")), DNSName("a") + DNSName("b"), Success),
+ // The middle DNSName matches.
+ WITH_SAN("b", RDN(CN("foo")),
+ DNSName("a") + DNSName("b") + DNSName("c"), Success),
+ // After an IP address.
+ WITH_SAN("b", RDN(CN("foo")),
+ IPAddress(ipv4_addr_bytes) + DNSName("b"), Success),
+ // Before an IP address.
+ WITH_SAN("a", RDN(CN("foo")),
+ DNSName("a") + IPAddress(ipv4_addr_bytes), Success),
+ // Between an RFC822Name and an IP address.
+ WITH_SAN("b", RDN(CN("foo")),
+ RFC822Name("foo@example.com") + DNSName("b") +
+ IPAddress(ipv4_addr_bytes),
+ Success),
+ // Duplicate DNSName.
+ WITH_SAN("a", RDN(CN("foo")), DNSName("a") + DNSName("a"), Success),
+ // After an invalid DNSName.
+ WITH_SAN("b", RDN(CN("foo")), DNSName("!") + DNSName("b"),
+ Result::ERROR_BAD_DER),
+
+ // http://tools.ietf.org/html/rfc5280#section-4.2.1.6: "If the subjectAltName
+ // extension is present, the sequence MUST contain at least one entry."
+ // However, for compatibility reasons, this is not enforced. See bug 1143085.
+ // This case is treated as if the extension is not present (i.e. name
+ // matching falls back to the subject CN).
+ WITH_SAN("a", RDN(CN("a")), ByteString(), Success),
+ WITH_SAN("a", RDN(CN("b")), ByteString(), Result::ERROR_BAD_CERT_DOMAIN),
+
+ // http://tools.ietf.org/html/rfc5280#section-4.1.2.6 says "If subject naming
+ // information is present only in the subjectAltName extension (e.g., a key
+ // bound only to an email address or URI), then the subject name MUST be an
+ // empty sequence and the subjectAltName extension MUST be critical." So, we
+ // have to support an empty subject. We don't enforce that the SAN must be
+ // critical or even that there is a SAN when the subject is empty, though.
+ WITH_SAN("a", ByteString(), DNSName("a"), Success),
+ // Make sure we return ERROR_BAD_CERT_DOMAIN and not ERROR_BAD_DER.
+ WITHOUT_SAN("a", ByteString(), Result::ERROR_BAD_CERT_DOMAIN),
+
+ // Two CNs in the same RDN, both match.
+ WITHOUT_SAN("a", RDN(CN("a") + CN("a")), Success),
+ // Two CNs in the same RDN, both DNSNames, first one matches.
+ WITHOUT_SAN("a", RDN(CN("a") + CN("b")),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ // Two CNs in the same RDN, both DNSNames, last one matches.
+ WITHOUT_SAN("b", RDN(CN("a") + CN("b")), Success),
+ // Two CNs in the same RDN, first one matches, second isn't a DNSName.
+ WITHOUT_SAN("a", RDN(CN("a") + CN("Not a DNSName")),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ // Two CNs in the same RDN, first one not a DNSName, second matches.
+ WITHOUT_SAN("b", RDN(CN("Not a DNSName") + CN("b")), Success),
+
+ // Two CNs in separate RDNs, both match.
+ WITHOUT_SAN("a", RDN(CN("a")) + RDN(CN("a")), Success),
+ // Two CNs in separate RDNs, both DNSNames, first one matches.
+ WITHOUT_SAN("a", RDN(CN("a")) + RDN(CN("b")),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ // Two CNs in separate RDNs, both DNSNames, last one matches.
+ WITHOUT_SAN("b", RDN(CN("a")) + RDN(CN("b")), Success),
+ // Two CNs in separate RDNs, first one matches, second isn't a DNSName.
+ WITHOUT_SAN("a", RDN(CN("a")) + RDN(CN("Not a DNSName")),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ // Two CNs in separate RDNs, first one not a DNSName, second matches.
+ WITHOUT_SAN("b", RDN(CN("Not a DNSName")) + RDN(CN("b")), Success),
+
+ // One CN, one RDN, CN is the first AVA in the RDN, CN matches.
+ WITHOUT_SAN("a", RDN(CN("a") + OU("b")), Success),
+ // One CN, one RDN, CN is the first AVA in the RDN, CN does not match.
+ WITHOUT_SAN("b", RDN(CN("a") + OU("b")),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ // One CN, one RDN, CN is not the first AVA in the RDN, CN matches.
+ WITHOUT_SAN("b", RDN(OU("a") + CN("b")), Success),
+ // One CN, one RDN, CN is not the first AVA in the RDN, CN does not match.
+ WITHOUT_SAN("a", RDN(OU("a") + CN("b")),
+ Result::ERROR_BAD_CERT_DOMAIN),
+
+ // One CN, multiple RDNs, CN is in the first RDN, CN matches.
+ WITHOUT_SAN("a", RDN(CN("a")) + RDN(OU("b")), Success),
+ // One CN, multiple RDNs, CN is in the first RDN, CN does not match.
+ WITHOUT_SAN("b", RDN(CN("a")) + RDN(OU("b")), Result::ERROR_BAD_CERT_DOMAIN),
+ // One CN, multiple RDNs, CN is not in the first RDN, CN matches.
+ WITHOUT_SAN("b", RDN(OU("a")) + RDN(CN("b")), Success),
+ // One CN, multiple RDNs, CN is not in the first RDN, CN does not match.
+ WITHOUT_SAN("a", RDN(OU("a")) + RDN(CN("b")), Result::ERROR_BAD_CERT_DOMAIN),
+
+ // One CN, one RDN, CN is not in the first or last AVA, CN matches.
+ WITHOUT_SAN("b", RDN(OU("a") + CN("b") + OU("c")), Success),
+ // One CN, multiple RDNs, CN is not in the first or last RDN, CN matches.
+ WITHOUT_SAN("b", RDN(OU("a")) + RDN(CN("b")) + RDN(OU("c")), Success),
+
+ // Empty CN does not match.
+ WITHOUT_SAN("example.com", RDN(CN("")), Result::ERROR_BAD_CERT_DOMAIN),
+
+ WITHOUT_SAN("uses_underscore.example.com", RDN(CN("*.example.com")), Success),
+ WITHOUT_SAN("a.uses_underscore.example.com",
+ RDN(CN("*.uses_underscore.example.com")), Success),
+ WITH_SAN("uses_underscore.example.com", RDN(CN("foo")),
+ DNSName("*.example.com"), Success),
+ WITH_SAN("a.uses_underscore.example.com", RDN(CN("foo")),
+ DNSName("*.uses_underscore.example.com"), Success),
+
+ // Do not match a DNSName that is encoded in a malformed IPAddress.
+ WITH_SAN("example.com", RDN(CN("foo")), IPAddress(example_com),
+ Result::ERROR_BAD_CERT_DOMAIN),
+
+ // We skip over the malformed IPAddress and match the DNSName entry because
+ // we've heard reports of real-world certificates that have malformed
+ // IPAddress SANs.
+ WITH_SAN("example.org", RDN(CN("foo")),
+ IPAddress(example_com) + DNSName("example.org"), Success),
+
+ WITH_SAN("example.com", RDN(CN("foo")),
+ DNSName("!") + DNSName("example.com"), Result::ERROR_BAD_DER),
+
+ // Match a matching IPv4 address SAN entry.
+ WITH_SAN(ipv4_addr_str, RDN(CN("foo")), IPAddress(ipv4_addr_bytes),
+ Success),
+ // Match a matching IPv4 addresses in the CN when there is no SAN
+ WITHOUT_SAN(ipv4_addr_str, RDN(CN(ipv4_addr_str)), Success),
+ // Do not match a matching IPv4 address in the CN when there is a SAN with
+ // a DNSName entry.
+ WITH_SAN(ipv4_addr_str, RDN(CN(ipv4_addr_str)),
+ DNSName("example.com"), Result::ERROR_BAD_CERT_DOMAIN),
+ // Do not match a matching IPv4 address in the CN when there is a SAN with
+ // a non-matching IPAddress entry.
+ WITH_SAN(ipv4_addr_str, RDN(CN(ipv4_addr_str)),
+ IPAddress(ipv6_addr_bytes), Result::ERROR_BAD_CERT_DOMAIN),
+ // Match a matching IPv4 address in the CN when there is a SAN with a
+ // non-IPAddress, non-DNSName entry.
+ WITH_SAN(ipv4_addr_str, RDN(CN(ipv4_addr_str)),
+ RFC822Name("foo@example.com"), Success),
+ // Do not match a matching IPv4 address in the CN when there is a SAN with a
+ // malformed IPAddress entry.
+ WITH_SAN(ipv4_addr_str, RDN(CN(ipv4_addr_str)),
+ IPAddress(example_com), Result::ERROR_BAD_CERT_DOMAIN),
+ // Do not match a matching IPv4 address in the CN when there is a SAN with a
+ // malformed DNSName entry.
+ WITH_SAN(ipv4_addr_str, RDN(CN(ipv4_addr_str)),
+ DNSName("!"), Result::ERROR_BAD_CERT_DOMAIN),
+
+ // We don't match IPv6 addresses in the CN, regardless of whether there is
+ // a SAN.
+ WITHOUT_SAN(ipv6_addr_str, RDN(CN(ipv6_addr_str)),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ WITH_SAN(ipv6_addr_str, RDN(CN(ipv6_addr_str)),
+ DNSName("example.com"), Result::ERROR_BAD_CERT_DOMAIN),
+ WITH_SAN(ipv6_addr_str, RDN(CN(ipv6_addr_str)),
+ IPAddress(ipv6_addr_bytes), Success),
+ WITH_SAN(ipv6_addr_str, RDN(CN("foo")), IPAddress(ipv6_addr_bytes),
+ Success),
+
+ // We don't match the binary encoding of the bytes of IP addresses in the
+ // CN.
+ WITHOUT_SAN(ipv4_addr_str, RDN(CN(ipv4_addr_bytes_as_str)),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ WITHOUT_SAN(ipv6_addr_str, RDN(CN(ipv6_addr_bytes_as_str)),
+ Result::ERROR_BAD_CERT_DOMAIN),
+
+ // We don't match IP addresses with DNSName SANs.
+ WITH_SAN(ipv4_addr_str, RDN(CN("foo")),
+ DNSName(ipv4_addr_bytes_as_str), Result::ERROR_BAD_CERT_DOMAIN),
+ WITH_SAN(ipv4_addr_str, RDN(CN("foo")), DNSName(ipv4_addr_str),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ WITH_SAN(ipv6_addr_str, RDN(CN("foo")),
+ DNSName(ipv6_addr_bytes_as_str), Result::ERROR_BAD_CERT_DOMAIN),
+ WITH_SAN(ipv6_addr_str, RDN(CN("foo")), DNSName(ipv6_addr_str),
+ Result::ERROR_BAD_CERT_DOMAIN),
+
+ // Do not match an IPv4 reference ID against the equivalent IPv4-compatible
+ // IPv6 SAN entry.
+ WITH_SAN(ipv4_addr_str, RDN(CN("foo")),
+ IPAddress(ipv4_compatible_ipv6_addr_bytes),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ // Do not match an IPv4 reference ID against the equivalent IPv4-mapped IPv6
+ // SAN entry.
+ WITH_SAN(ipv4_addr_str, RDN(CN("foo")),
+ IPAddress(ipv4_mapped_ipv6_addr_bytes),
+ Result::ERROR_BAD_CERT_DOMAIN),
+ // Do not match an IPv4-compatible IPv6 reference ID against the equivalent
+ // IPv4 SAN entry.
+ WITH_SAN(ipv4_compatible_ipv6_addr_str, RDN(CN("foo")),
+ IPAddress(ipv4_addr_bytes), Result::ERROR_BAD_CERT_DOMAIN),
+ // Do not match an IPv4 reference ID against the equivalent IPv4-mapped IPv6
+ // SAN entry.
+ WITH_SAN(ipv4_mapped_ipv6_addr_str, RDN(CN("foo")),
+ IPAddress(ipv4_addr_bytes),
+ Result::ERROR_BAD_CERT_DOMAIN),
+
+ // Test that the presence of an otherName entry is handled appropriately.
+ // (The actual value of the otherName entry isn't important - that's not what
+ // we're testing here.)
+ WITH_SAN("example.com", ByteString(),
+ // The tag for otherName is CONTEXT_SPECIFIC | CONSTRUCTED | 0
+ TLV((2 << 6) | (1 << 5) | 0, ByteString()) + DNSName("example.com"),
+ Success),
+ WITH_SAN("example.com", ByteString(),
+ TLV((2 << 6) | (1 << 5) | 0, ByteString()),
+ Result::ERROR_BAD_CERT_DOMAIN),
+};
+
+ByteString
+CreateCert(const ByteString& subject, const ByteString& subjectAltName,
+ EndEntityOrCA endEntityOrCA = EndEntityOrCA::MustBeEndEntity)
+{
+ ByteString serialNumber(CreateEncodedSerialNumber(1));
+ EXPECT_FALSE(ENCODING_FAILED(serialNumber));
+
+ ByteString issuerDER(Name(RDN(CN("issuer"))));
+ EXPECT_FALSE(ENCODING_FAILED(issuerDER));
+
+ ByteString extensions[2];
+ if (subjectAltName != NO_SAN) {
+ extensions[0] = CreateEncodedSubjectAltName(subjectAltName);
+ EXPECT_FALSE(ENCODING_FAILED(extensions[0]));
+ }
+ if (endEntityOrCA == EndEntityOrCA::MustBeCA) {
+ // Currently, these tests assume that if we're creating a CA certificate, it
+ // will not have a subjectAlternativeName extension. If that assumption
+ // changes, this code will have to be updated. Ideally this would be
+ // ASSERT_EQ, but that inserts a 'return;', which doesn't match this
+ // function's return type.
+ EXPECT_EQ(subjectAltName, NO_SAN);
+ extensions[0] = CreateEncodedBasicConstraints(true, nullptr,
+ Critical::Yes);
+ EXPECT_FALSE(ENCODING_FAILED(extensions[0]));
+ }
+
+ ScopedTestKeyPair keyPair(CloneReusedKeyPair());
+ return CreateEncodedCertificate(
+ v3, sha256WithRSAEncryption(), serialNumber, issuerDER,
+ oneDayBeforeNow, oneDayAfterNow, Name(subject), *keyPair,
+ extensions, *keyPair, sha256WithRSAEncryption());
+}
+
+TEST_P(pkixnames_CheckCertHostname, CheckCertHostname)
+{
+ const CheckCertHostnameParams& param(GetParam());
+
+ ByteString cert(CreateCert(param.subject, param.subjectAltName));
+ ASSERT_FALSE(ENCODING_FAILED(cert));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(cert.data(), cert.length()));
+
+ Input hostnameInput;
+ ASSERT_EQ(Success, hostnameInput.Init(param.hostname.data(),
+ param.hostname.length()));
+
+ ASSERT_EQ(param.result, CheckCertHostname(certInput, hostnameInput,
+ mNameMatchingPolicy));
+}
+
+INSTANTIATE_TEST_CASE_P(pkixnames_CheckCertHostname,
+ pkixnames_CheckCertHostname,
+ testing::ValuesIn(CHECK_CERT_HOSTNAME_PARAMS));
+
+TEST_F(pkixnames_CheckCertHostname, SANWithoutSequence)
+{
+ // A certificate with a truly empty SAN extension (one that doesn't even
+ // contain a SEQUENCE at all) is malformed. If we didn't treat this as
+ // malformed then we'd have to treat it like the CN_EmptySAN cases.
+
+ ByteString serialNumber(CreateEncodedSerialNumber(1));
+ EXPECT_FALSE(ENCODING_FAILED(serialNumber));
+
+ ByteString extensions[2];
+ extensions[0] = CreateEncodedEmptySubjectAltName();
+ ASSERT_FALSE(ENCODING_FAILED(extensions[0]));
+
+ ScopedTestKeyPair keyPair(CloneReusedKeyPair());
+ ByteString certDER(CreateEncodedCertificate(
+ v3, sha256WithRSAEncryption(), serialNumber,
+ Name(RDN(CN("issuer"))), oneDayBeforeNow, oneDayAfterNow,
+ Name(RDN(CN("a"))), *keyPair, extensions,
+ *keyPair, sha256WithRSAEncryption()));
+ ASSERT_FALSE(ENCODING_FAILED(certDER));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(certDER.data(), certDER.length()));
+
+ static const uint8_t a[] = { 'a' };
+ ASSERT_EQ(Result::ERROR_EXTENSION_VALUE_INVALID,
+ CheckCertHostname(certInput, Input(a), mNameMatchingPolicy));
+}
+
+class pkixnames_CheckCertHostname_PresentedMatchesReference
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<PresentedMatchesReference>
+{
+public:
+ DefaultNameMatchingPolicy mNameMatchingPolicy;
+};
+
+TEST_P(pkixnames_CheckCertHostname_PresentedMatchesReference, CN_NoSAN)
+{
+ // Since there is no SAN, a valid presented DNS ID in the subject CN field
+ // should result in a match.
+
+ const PresentedMatchesReference& param(GetParam());
+
+ ByteString cert(CreateCert(RDN(CN(param.presentedDNSID)), NO_SAN));
+ ASSERT_FALSE(ENCODING_FAILED(cert));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(cert.data(), cert.length()));
+
+ Input hostnameInput;
+ ASSERT_EQ(Success, hostnameInput.Init(param.referenceDNSID.data(),
+ param.referenceDNSID.length()));
+
+ ASSERT_EQ(param.expectedMatches ? Success : Result::ERROR_BAD_CERT_DOMAIN,
+ CheckCertHostname(certInput, hostnameInput, mNameMatchingPolicy));
+}
+
+TEST_P(pkixnames_CheckCertHostname_PresentedMatchesReference,
+ SubjectAltName_CNNotDNSName)
+{
+ // A DNSName SAN entry should match, regardless of the contents of the
+ // subject CN.
+
+ const PresentedMatchesReference& param(GetParam());
+
+ ByteString cert(CreateCert(RDN(CN("Common Name")),
+ DNSName(param.presentedDNSID)));
+ ASSERT_FALSE(ENCODING_FAILED(cert));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(cert.data(), cert.length()));
+
+ Input hostnameInput;
+ ASSERT_EQ(Success, hostnameInput.Init(param.referenceDNSID.data(),
+ param.referenceDNSID.length()));
+ Result expectedResult
+ = param.expectedResult != Success ? param.expectedResult
+ : param.expectedMatches ? Success
+ : Result::ERROR_BAD_CERT_DOMAIN;
+ ASSERT_EQ(expectedResult, CheckCertHostname(certInput, hostnameInput,
+ mNameMatchingPolicy));
+}
+
+INSTANTIATE_TEST_CASE_P(pkixnames_CheckCertHostname_DNSID_MATCH_PARAMS,
+ pkixnames_CheckCertHostname_PresentedMatchesReference,
+ testing::ValuesIn(DNSID_MATCH_PARAMS));
+
+TEST_P(pkixnames_Turkish_I_Comparison, CheckCertHostname_CN_NoSAN)
+{
+ // Make sure we don't have the similar problems that strcasecmp and others
+ // have with the other kinds of "i" and "I" commonly used in Turkish locales,
+ // when we're matching a CN due to lack of subjectAltName.
+
+ const InputValidity& param(GetParam());
+ SCOPED_TRACE(param.input.c_str());
+
+ Input input;
+ ASSERT_EQ(Success, input.Init(param.input.data(), param.input.length()));
+
+ ByteString cert(CreateCert(RDN(CN(param.input)), NO_SAN));
+ ASSERT_FALSE(ENCODING_FAILED(cert));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(cert.data(), cert.length()));
+
+ Result expectedResult = (InputsAreEqual(LOWERCASE_I, input) ||
+ InputsAreEqual(UPPERCASE_I, input))
+ ? Success
+ : Result::ERROR_BAD_CERT_DOMAIN;
+
+ ASSERT_EQ(expectedResult, CheckCertHostname(certInput, UPPERCASE_I,
+ mNameMatchingPolicy));
+ ASSERT_EQ(expectedResult, CheckCertHostname(certInput, LOWERCASE_I,
+ mNameMatchingPolicy));
+}
+
+TEST_P(pkixnames_Turkish_I_Comparison, CheckCertHostname_SAN)
+{
+ // Make sure we don't have the similar problems that strcasecmp and others
+ // have with the other kinds of "i" and "I" commonly used in Turkish locales,
+ // when we're matching a dNSName in the SAN.
+
+ const InputValidity& param(GetParam());
+ SCOPED_TRACE(param.input.c_str());
+
+ Input input;
+ ASSERT_EQ(Success, input.Init(param.input.data(), param.input.length()));
+
+ ByteString cert(CreateCert(RDN(CN("Common Name")), DNSName(param.input)));
+ ASSERT_FALSE(ENCODING_FAILED(cert));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(cert.data(), cert.length()));
+
+ Result expectedResult
+ = (!param.isValidPresentedID) ? Result::ERROR_BAD_DER
+ : (InputsAreEqual(LOWERCASE_I, input) ||
+ InputsAreEqual(UPPERCASE_I, input)) ? Success
+ : Result::ERROR_BAD_CERT_DOMAIN;
+
+ ASSERT_EQ(expectedResult, CheckCertHostname(certInput, UPPERCASE_I,
+ mNameMatchingPolicy));
+ ASSERT_EQ(expectedResult, CheckCertHostname(certInput, LOWERCASE_I,
+ mNameMatchingPolicy));
+}
+
+class pkixnames_CheckCertHostname_IPV4_Addresses
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<IPAddressParams<4>>
+{
+public:
+ DefaultNameMatchingPolicy mNameMatchingPolicy;
+};
+
+TEST_P(pkixnames_CheckCertHostname_IPV4_Addresses,
+ ValidIPv4AddressInIPAddressSAN)
+{
+ // When the reference hostname is a valid IPv4 address, a correctly-formed
+ // IPv4 Address SAN matches it.
+
+ const IPAddressParams<4>& param(GetParam());
+
+ ByteString cert(CreateCert(RDN(CN("Common Name")),
+ IPAddress(param.expectedValueIfValid)));
+ ASSERT_FALSE(ENCODING_FAILED(cert));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(cert.data(), cert.length()));
+
+ Input hostnameInput;
+ ASSERT_EQ(Success, hostnameInput.Init(param.input.data(),
+ param.input.length()));
+
+ ASSERT_EQ(param.isValid ? Success : Result::ERROR_BAD_CERT_DOMAIN,
+ CheckCertHostname(certInput, hostnameInput, mNameMatchingPolicy));
+}
+
+TEST_P(pkixnames_CheckCertHostname_IPV4_Addresses,
+ ValidIPv4AddressInCN_NoSAN)
+{
+ // When the reference hostname is a valid IPv4 address, a correctly-formed
+ // IPv4 Address in the CN matches it when there is no SAN.
+
+ const IPAddressParams<4>& param(GetParam());
+
+ SCOPED_TRACE(param.input.c_str());
+
+ ByteString cert(CreateCert(RDN(CN(param.input)), NO_SAN));
+ ASSERT_FALSE(ENCODING_FAILED(cert));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(cert.data(), cert.length()));
+
+ Input hostnameInput;
+ ASSERT_EQ(Success, hostnameInput.Init(param.input.data(),
+ param.input.length()));
+
+ // Some of the invalid IPv4 addresses are valid DNS names!
+ Result expectedResult = (param.isValid || IsValidReferenceDNSID(hostnameInput))
+ ? Success
+ : Result::ERROR_BAD_CERT_DOMAIN;
+
+ ASSERT_EQ(expectedResult, CheckCertHostname(certInput, hostnameInput,
+ mNameMatchingPolicy));
+}
+
+INSTANTIATE_TEST_CASE_P(pkixnames_CheckCertHostname_IPV4_ADDRESSES,
+ pkixnames_CheckCertHostname_IPV4_Addresses,
+ testing::ValuesIn(IPV4_ADDRESSES));
+
+struct NameConstraintParams
+{
+ ByteString subject;
+ ByteString subjectAltName;
+ ByteString subtrees;
+ Result expectedPermittedSubtreesResult;
+ Result expectedExcludedSubtreesResult;
+};
+
+::std::ostream& operator<<(::std::ostream& os, const NameConstraintParams&)
+{
+ return os << "TODO (bug 1318770)";
+}
+
+static ByteString
+PermittedSubtrees(const ByteString& generalSubtrees)
+{
+ return TLV(der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 0,
+ generalSubtrees);
+}
+
+static ByteString
+ExcludedSubtrees(const ByteString& generalSubtrees)
+{
+ return TLV(der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 1,
+ generalSubtrees);
+}
+
+// Does not encode min or max.
+static ByteString
+GeneralSubtree(const ByteString& base)
+{
+ return TLV(der::SEQUENCE, base);
+}
+
+static const NameConstraintParams NAME_CONSTRAINT_PARAMS[] =
+{
+ /////////////////////////////////////////////////////////////////////////////
+ // XXX: Malformed name constraints for supported types of names are ignored
+ // when there are no names of that type to constrain.
+ { ByteString(), NO_SAN,
+ GeneralSubtree(DNSName("!")),
+ Success, Success
+ },
+ { // DirectoryName constraints are an exception, because *every* certificate
+ // has at least one DirectoryName (tbsCertificate.subject).
+ ByteString(), NO_SAN,
+ GeneralSubtree(Name(ByteString(reinterpret_cast<const uint8_t*>("!"), 1))),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { ByteString(), NO_SAN,
+ GeneralSubtree(IPAddress(ipv4_constraint_truncated_bytes)),
+ Success, Success
+ },
+ { ByteString(), NO_SAN,
+ GeneralSubtree(IPAddress(ipv4_constraint_overlong_bytes)),
+ Success, Success
+ },
+ { ByteString(), NO_SAN,
+ GeneralSubtree(IPAddress(ipv6_constraint_truncated_bytes)),
+ Success, Success
+ },
+ { ByteString(), NO_SAN,
+ GeneralSubtree(IPAddress(ipv6_constraint_overlong_bytes)),
+ Success, Success
+ },
+ { ByteString(), NO_SAN,
+ GeneralSubtree(RFC822Name("!")),
+ Success, Success
+ },
+
+ /////////////////////////////////////////////////////////////////////////////
+ // Edge cases of name constraint absolute vs. relative and subdomain matching
+ // that are not clearly explained in RFC 5280. (See the long comment above
+ // MatchPresentedDNSIDWithReferenceDNSID.)
+
+ // Q: Does a presented identifier equal (case insensitive) to the name
+ // constraint match the constraint? For example, does the presented
+ // ID "host.example.com" match a "host.example.com" constraint?
+ { ByteString(), DNSName("host.example.com"),
+ GeneralSubtree(DNSName("host.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // This test case is an example from RFC 5280.
+ ByteString(), DNSName("host1.example.com"),
+ GeneralSubtree(DNSName("host.example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { ByteString(), RFC822Name("a@host.example.com"),
+ GeneralSubtree(RFC822Name("host.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // This test case is an example from RFC 5280.
+ ByteString(), RFC822Name("a@host1.example.com"),
+ GeneralSubtree(RFC822Name("host.example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+
+ // Q: When the name constraint does not start with ".", do subdomain
+ // presented identifiers match it? For example, does the presented
+ // ID "www.host.example.com" match a "host.example.com" constraint?
+ { // This test case is an example from RFC 5280.
+ ByteString(), DNSName("www.host.example.com"),
+ GeneralSubtree(DNSName( "host.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // The subdomain matching rule for host names that do not start with "." is
+ // different for RFC822Names than for DNSNames!
+ ByteString(), RFC822Name("a@www.host.example.com"),
+ GeneralSubtree(RFC822Name( "host.example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE,
+ Success
+ },
+
+ // Q: When the name constraint does not start with ".", does a
+ // non-subdomain prefix match it? For example, does "bigfoo.bar.com"
+ // match "foo.bar.com"?
+ { ByteString(), DNSName("bigfoo.bar.com"),
+ GeneralSubtree(DNSName( "foo.bar.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { ByteString(), RFC822Name("a@bigfoo.bar.com"),
+ GeneralSubtree(RFC822Name( "foo.bar.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+
+ // Q: Is a name constraint that starts with "." valid, and if so, what
+ // semantics does it have? For example, does a presented ID of
+ // "www.example.com" match a constraint of ".example.com"? Does a
+ // presented ID of "example.com" match a constraint of ".example.com"?
+ { ByteString(), DNSName("www.example.com"),
+ GeneralSubtree(DNSName( ".example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // When there is no Local-part, an RFC822 name constraint's domain may
+ // start with '.', and the semantics are the same as for DNSNames.
+ ByteString(), RFC822Name("a@www.example.com"),
+ GeneralSubtree(RFC822Name( ".example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // When there is a Local-part, an RFC822 name constraint's domain must not
+ // start with '.'.
+ ByteString(), RFC822Name("a@www.example.com"),
+ GeneralSubtree(RFC822Name( "a@.example.com")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // Check that we only allow subdomains to match.
+ ByteString(), DNSName( "example.com"),
+ GeneralSubtree(DNSName(".example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { // Check that we only allow subdomains to match.
+ ByteString(), RFC822Name("a@example.com"),
+ GeneralSubtree(RFC822Name(".example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { // Check that we don't get confused and consider "b" == "."
+ ByteString(), DNSName("bexample.com"),
+ GeneralSubtree(DNSName(".example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { // Check that we don't get confused and consider "b" == "."
+ ByteString(), RFC822Name("a@bexample.com"),
+ GeneralSubtree(RFC822Name( ".example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+
+ // Q: Is there a way to prevent subdomain matches?
+ // (This is tested in a different set of tests because it requires a
+ // combination of permittedSubtrees and excludedSubtrees.)
+
+ // Q: Are name constraints allowed to be specified as absolute names?
+ // For example, does a presented ID of "example.com" match a name
+ // constraint of "example.com." and vice versa?
+ //
+ { // The DNSName in the constraint is not valid because constraint DNS IDs
+ // are not allowed to be absolute.
+ ByteString(), DNSName("example.com"),
+ GeneralSubtree(DNSName("example.com.")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER,
+ },
+ { ByteString(), RFC822Name("a@example.com"),
+ GeneralSubtree(RFC822Name( "example.com.")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER,
+ },
+ { // The DNSName in the SAN is not valid because presented DNS IDs are not
+ // allowed to be absolute.
+ ByteString(), DNSName("example.com."),
+ GeneralSubtree(DNSName("example.com")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER,
+ },
+ { ByteString(), RFC822Name("a@example.com."),
+ GeneralSubtree(RFC822Name( "example.com")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER,
+ },
+ { // The presented DNSName is the same length as the constraint, because the
+ // subdomain is only one character long and because the constraint both
+ // begins and ends with ".". But, it doesn't matter because absolute names
+ // are not allowed for DNSName constraints.
+ ByteString(), DNSName("p.example.com"),
+ GeneralSubtree(DNSName(".example.com.")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER,
+ },
+ { // The presented DNSName is the same length as the constraint, because the
+ // subdomain is only one character long and because the constraint both
+ // begins and ends with ".".
+ ByteString(), RFC822Name("a@p.example.com"),
+ GeneralSubtree(RFC822Name( ".example.com.")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER,
+ },
+ { // Same as previous test case, but using a wildcard presented ID.
+ ByteString(), DNSName("*.example.com"),
+ GeneralSubtree(DNSName(".example.com.")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // Same as previous test case, but using a wildcard presented ID, which is
+ // invalid in an RFC822Name.
+ ByteString(), RFC822Name("a@*.example.com"),
+ GeneralSubtree(RFC822Name( ".example.com.")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+
+ // Q: Are "" and "." valid DNSName constraints? If so, what do they mean?
+ { ByteString(), DNSName("example.com"),
+ GeneralSubtree(DNSName("")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), RFC822Name("a@example.com"),
+ GeneralSubtree(RFC822Name("")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // The malformed (absolute) presented ID does not match.
+ ByteString(), DNSName("example.com."),
+ GeneralSubtree(DNSName("")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { ByteString(), RFC822Name("a@example.com."),
+ GeneralSubtree(RFC822Name("")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // Invalid syntax in name constraint
+ ByteString(), DNSName("example.com"),
+ GeneralSubtree(DNSName(".")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER,
+ },
+ { // Invalid syntax in name constraint
+ ByteString(), RFC822Name("a@example.com"),
+ GeneralSubtree(RFC822Name(".")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER,
+ },
+ { ByteString(), DNSName("example.com."),
+ GeneralSubtree(DNSName(".")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { ByteString(), RFC822Name("a@example.com."),
+ GeneralSubtree(RFC822Name(".")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+
+ /////////////////////////////////////////////////////////////////////////////
+ // Basic IP Address constraints (non-CN-ID)
+
+ // The Mozilla CA Policy says this means "no IPv4 addresses allowed."
+ { ByteString(), IPAddress(ipv4_addr_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_all_zeros_bytes)),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), IPAddress(ipv4_addr_00000000_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_all_zeros_bytes)),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), IPAddress(ipv4_addr_FFFFFFFF_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_all_zeros_bytes)),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+
+ // The Mozilla CA Policy says this means "no IPv6 addresses allowed."
+ { ByteString(), IPAddress(ipv6_addr_bytes),
+ GeneralSubtree(IPAddress(ipv6_constraint_all_zeros_bytes)),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), IPAddress(ipv6_addr_all_zeros_bytes),
+ GeneralSubtree(IPAddress(ipv6_constraint_all_zeros_bytes)),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+
+ // RFC 5280 doesn't partition IP address constraints into separate IPv4 and
+ // IPv6 categories, so a IPv4 permittedSubtrees constraint excludes all IPv6
+ // addresses, and vice versa.
+ { ByteString(), IPAddress(ipv4_addr_bytes),
+ GeneralSubtree(IPAddress(ipv6_constraint_all_zeros_bytes)),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { ByteString(), IPAddress(ipv6_addr_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_all_zeros_bytes)),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+
+ // IPv4 Subnets
+ { ByteString(), IPAddress(ipv4_addr_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_CIDR_16_bytes)),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), IPAddress(ipv4_addr_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_CIDR_17_bytes)),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), IPAddress(ipv4_other_addr_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_CIDR_16_bytes)),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { // XXX(bug 1089430): We don't reject this even though it is weird.
+ ByteString(), IPAddress(ipv4_addr_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_CIDR_16_bad_addr_bytes)),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // XXX(bug 1089430): We don't reject this even though it is weird.
+ ByteString(), IPAddress(ipv4_other_addr_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_bad_mask_bytes)),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+
+ // IPv6 Subnets
+ { ByteString(), IPAddress(ipv6_addr_bytes),
+ GeneralSubtree(IPAddress(ipv6_constraint_CIDR_16_bytes)),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), IPAddress(ipv6_other_addr_bytes),
+ GeneralSubtree(IPAddress(ipv6_constraint_CIDR_16_bytes)),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { // XXX(bug 1089430): We don't reject this even though it is weird.
+ ByteString(), IPAddress(ipv6_addr_bytes),
+ GeneralSubtree(IPAddress(ipv6_constraint_CIDR_16_bad_addr_bytes)),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // XXX(bug 1089430): We don't reject this even though it is weird.
+ ByteString(), IPAddress(ipv6_other_addr_bytes),
+ GeneralSubtree(IPAddress(ipv6_constraint_bad_mask_bytes)),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+
+ // Malformed presented IP addresses and constraints
+
+ { // The presented IPv4 address is empty
+ ByteString(), IPAddress(),
+ GeneralSubtree(IPAddress(ipv4_constraint_all_zeros_bytes)),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // The presented IPv4 address is truncated
+ ByteString(), IPAddress(ipv4_addr_truncated_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_all_zeros_bytes)),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // The presented IPv4 address is too long
+ ByteString(), IPAddress(ipv4_addr_overlong_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_all_zeros_bytes)),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // The presented IPv4 constraint is empty
+ ByteString(), IPAddress(ipv4_addr_bytes),
+ GeneralSubtree(IPAddress()),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // The presented IPv4 constraint is truncated
+ ByteString(), IPAddress(ipv4_addr_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_truncated_bytes)),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // The presented IPv4 constraint is too long
+ ByteString(), IPAddress(ipv4_addr_bytes),
+ GeneralSubtree(IPAddress(ipv4_constraint_overlong_bytes)),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // The presented IPv6 address is empty
+ ByteString(), IPAddress(),
+ GeneralSubtree(IPAddress(ipv6_constraint_all_zeros_bytes)),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // The presented IPv6 address is truncated
+ ByteString(), IPAddress(ipv6_addr_truncated_bytes),
+ GeneralSubtree(IPAddress(ipv6_constraint_all_zeros_bytes)),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // The presented IPv6 address is too long
+ ByteString(), IPAddress(ipv6_addr_overlong_bytes),
+ GeneralSubtree(IPAddress(ipv6_constraint_all_zeros_bytes)),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // The presented IPv6 constraint is empty
+ ByteString(), IPAddress(ipv6_addr_bytes),
+ GeneralSubtree(IPAddress()),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // The presented IPv6 constraint is truncated
+ ByteString(), IPAddress(ipv6_addr_bytes),
+ GeneralSubtree(IPAddress(ipv6_constraint_truncated_bytes)),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ { // The presented IPv6 constraint is too long
+ ByteString(), IPAddress(ipv6_addr_bytes),
+ GeneralSubtree(IPAddress(ipv6_constraint_overlong_bytes)),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+
+ /////////////////////////////////////////////////////////////////////////////
+ // XXX: We don't reject malformed name constraints when there are no names of
+ // that type.
+ { ByteString(), NO_SAN, GeneralSubtree(DNSName("!")),
+ Success, Success
+ },
+ { ByteString(), NO_SAN, GeneralSubtree(IPAddress(ipv4_addr_overlong_bytes)),
+ Success, Success
+ },
+ { ByteString(), NO_SAN, GeneralSubtree(IPAddress(ipv6_addr_overlong_bytes)),
+ Success, Success
+ },
+ { ByteString(), NO_SAN, GeneralSubtree(RFC822Name("\0")),
+ Success, Success
+ },
+
+ /////////////////////////////////////////////////////////////////////////////
+ // Basic CN-ID DNSName constraint tests.
+
+ { // Empty Name is ignored for DNSName constraints.
+ ByteString(), NO_SAN, GeneralSubtree(DNSName("a.example.com")),
+ Success, Success
+ },
+ { // Empty CN is ignored for DNSName constraints because it isn't a
+ // syntactically-valid DNSName.
+ //
+ // NSS gives different results.
+ RDN(CN("")), NO_SAN, GeneralSubtree(DNSName("a.example.com")),
+ Success, Success
+ },
+ { // IP Address is ignored for DNSName constraints.
+ //
+ // NSS gives different results.
+ RDN(CN("1.2.3.4")), NO_SAN, GeneralSubtree(DNSName("a.example.com")),
+ Success, Success
+ },
+ { // OU has something that looks like a dNSName that matches.
+ RDN(OU("a.example.com")), NO_SAN, GeneralSubtree(DNSName("a.example.com")),
+ Success, Success
+ },
+ { // OU has something that looks like a dNSName that does not match.
+ RDN(OU("b.example.com")), NO_SAN, GeneralSubtree(DNSName("a.example.com")),
+ Success, Success
+ },
+ { // NSS gives different results.
+ RDN(CN("Not a DNSName")), NO_SAN, GeneralSubtree(DNSName("a.example.com")),
+ Success, Success
+ },
+ { RDN(CN("a.example.com")), NO_SAN, GeneralSubtree(DNSName("a.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { RDN(CN("b.example.com")), NO_SAN, GeneralSubtree(DNSName("a.example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { // DNSName CN-ID match is detected when there is a SAN w/o any DNSName or
+ // IPAddress
+ RDN(CN("a.example.com")), RFC822Name("foo@example.com"),
+ GeneralSubtree(DNSName("a.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // DNSName CN-ID mismatch is detected when there is a SAN w/o any DNSName
+ // or IPAddress
+ RDN(CN("a.example.com")), RFC822Name("foo@example.com"),
+ GeneralSubtree(DNSName("b.example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { // DNSName CN-ID match not reported when there is a DNSName SAN
+ RDN(CN("a.example.com")), DNSName("b.example.com"),
+ GeneralSubtree(DNSName("a.example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { // DNSName CN-ID mismatch not reported when there is a DNSName SAN
+ RDN(CN("a.example.com")), DNSName("b.example.com"),
+ GeneralSubtree(DNSName("b.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE,
+ },
+ { // DNSName CN-ID match not reported when there is an IPAddress SAN
+ RDN(CN("a.example.com")), IPAddress(ipv4_addr_bytes),
+ GeneralSubtree(DNSName("a.example.com")),
+ Success, Success
+ },
+ { // DNSName CN-ID mismatch not reported when there is an IPAddress SAN
+ RDN(CN("a.example.com")), IPAddress(ipv4_addr_bytes),
+ GeneralSubtree(DNSName("b.example.com")),
+ Success, Success
+ },
+
+ { // IPAddress CN-ID match is detected when there is a SAN w/o any DNSName or
+ // IPAddress
+ RDN(CN(ipv4_addr_str)), RFC822Name("foo@example.com"),
+ GeneralSubtree(IPAddress(ipv4_addr_bytes_FFFFFFFF)),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // IPAddress CN-ID mismatch is detected when there is a SAN w/o any DNSName
+ // or IPAddress
+ RDN(CN(ipv4_addr_str)), RFC822Name("foo@example.com"),
+ GeneralSubtree(IPAddress(ipv4_other_addr_bytes_FFFFFFFF)),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { // IPAddress CN-ID match not reported when there is a DNSName SAN
+ RDN(CN(ipv4_addr_str)), DNSName("b.example.com"),
+ GeneralSubtree(IPAddress(ipv4_addr_bytes_FFFFFFFF)),
+ Success, Success
+ },
+ { // IPAddress CN-ID mismatch not reported when there is a DNSName SAN
+ RDN(CN(ipv4_addr_str)), DNSName("b.example.com"),
+ GeneralSubtree(IPAddress(ipv4_addr_bytes_FFFFFFFF)),
+ Success, Success
+ },
+ { // IPAddress CN-ID match not reported when there is an IPAddress SAN
+ RDN(CN(ipv4_addr_str)), IPAddress(ipv4_other_addr_bytes),
+ GeneralSubtree(IPAddress(ipv4_addr_bytes_FFFFFFFF)),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { // IPAddress CN-ID mismatch not reported when there is an IPAddress SAN
+ RDN(CN(ipv4_addr_str)), IPAddress(ipv4_other_addr_bytes),
+ GeneralSubtree(IPAddress(ipv4_other_addr_bytes_FFFFFFFF)),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+
+ /////////////////////////////////////////////////////////////////////////////
+ // Test that constraints are applied to the most specific (last) CN, and only
+ // that CN-ID.
+
+ { // Name constraint only matches a.example.com, but the most specific CN
+ // (i.e. the CN-ID) is b.example.com. (Two CNs in one RDN.)
+ RDN(CN("a.example.com") + CN("b.example.com")), NO_SAN,
+ GeneralSubtree(DNSName("a.example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { // Name constraint only matches a.example.com, but the most specific CN
+ // (i.e. the CN-ID) is b.example.com. (Two CNs in separate RDNs.)
+ RDN(CN("a.example.com")) + RDN(CN("b.example.com")), NO_SAN,
+ GeneralSubtree(DNSName("a.example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Success
+ },
+ { // Name constraint only permits b.example.com, and the most specific CN
+ // (i.e. the CN-ID) is b.example.com. (Two CNs in one RDN.)
+ RDN(CN("a.example.com") + CN("b.example.com")), NO_SAN,
+ GeneralSubtree(DNSName("b.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // Name constraint only permits b.example.com, and the most specific CN
+ // (i.e. the CN-ID) is b.example.com. (Two CNs in separate RDNs.)
+ RDN(CN("a.example.com")) + RDN(CN("b.example.com")), NO_SAN,
+ GeneralSubtree(DNSName("b.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+
+ /////////////////////////////////////////////////////////////////////////////
+ // Additional RFC822 name constraint tests. There are more tests regarding
+ // the DNSName part of the constraint mixed into the DNSName constraint
+ // tests.
+
+ { ByteString(), RFC822Name("a@example.com"),
+ GeneralSubtree(RFC822Name("a@example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+
+ // Bug 1056773: name constraints that omit Local-part but include '@' are
+ // invalid.
+ { ByteString(), RFC822Name("a@example.com"),
+ GeneralSubtree(RFC822Name("@example.com")),
+ Result::ERROR_BAD_DER,
+ Result::ERROR_BAD_DER
+ },
+ { ByteString(), RFC822Name("@example.com"),
+ GeneralSubtree(RFC822Name("@example.com")),
+ Result::ERROR_BAD_DER,
+ Result::ERROR_BAD_DER
+ },
+ { ByteString(), RFC822Name("example.com"),
+ GeneralSubtree(RFC822Name("@example.com")),
+ Result::ERROR_BAD_DER,
+ Result::ERROR_BAD_DER
+ },
+ { ByteString(), RFC822Name("a@mail.example.com"),
+ GeneralSubtree(RFC822Name("a@*.example.com")),
+ Result::ERROR_BAD_DER,
+ Result::ERROR_BAD_DER
+ },
+ { ByteString(), RFC822Name("a@*.example.com"),
+ GeneralSubtree(RFC822Name(".example.com")),
+ Result::ERROR_BAD_DER,
+ Result::ERROR_BAD_DER
+ },
+ { ByteString(), RFC822Name("@example.com"),
+ GeneralSubtree(RFC822Name(".example.com")),
+ Result::ERROR_BAD_DER,
+ Result::ERROR_BAD_DER
+ },
+ { ByteString(), RFC822Name("@a.example.com"),
+ GeneralSubtree(RFC822Name(".example.com")),
+ Result::ERROR_BAD_DER,
+ Result::ERROR_BAD_DER
+ },
+
+ /////////////////////////////////////////////////////////////////////////////
+ // Test name constraints with underscores.
+ //
+ { ByteString(), DNSName("uses_underscore.example.com"),
+ GeneralSubtree(DNSName("uses_underscore.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), DNSName("uses_underscore.example.com"),
+ GeneralSubtree(DNSName("example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), DNSName("a.uses_underscore.example.com"),
+ GeneralSubtree(DNSName("uses_underscore.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), RFC822Name("a@uses_underscore.example.com"),
+ GeneralSubtree(RFC822Name("uses_underscore.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), RFC822Name("uses_underscore@example.com"),
+ GeneralSubtree(RFC822Name("example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), RFC822Name("a@a.uses_underscore.example.com"),
+ GeneralSubtree(RFC822Name(".uses_underscore.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+
+ /////////////////////////////////////////////////////////////////////////////
+ // Name constraint tests that relate to having an empty SAN. According to RFC
+ // 5280 this isn't valid, but we allow it for compatibility reasons (see bug
+ // 1143085).
+ { // For DNSNames, we fall back to the subject CN.
+ RDN(CN("a.example.com")), ByteString(),
+ GeneralSubtree(DNSName("a.example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // For RFC822Names, we do not fall back to the subject emailAddress.
+ // This new implementation seems to conform better to the standards for
+ // RFC822 name constraints, by only applying the name constraints to
+ // emailAddress names in the certificate subject if there is no
+ // subjectAltName extension in the cert.
+ // In this case, the presence of the (empty) SAN extension means that RFC822
+ // name constraints are not enforced on the emailAddress attributes of the
+ // subject.
+ RDN(emailAddress("a@example.com")), ByteString(),
+ GeneralSubtree(RFC822Name("a@example.com")),
+ Success, Success
+ },
+ { // Compare this to the case where there is no SAN (i.e. the name
+ // constraints are enforced, because the extension is not present at all).
+ RDN(emailAddress("a@example.com")), NO_SAN,
+ GeneralSubtree(RFC822Name("a@example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+
+ /////////////////////////////////////////////////////////////////////////////
+ // DirectoryName name constraint tests
+
+ { // One AVA per RDN
+ RDN(OU("Example Organization")) + RDN(CN("example.com")), NO_SAN,
+ GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization")) +
+ RDN(CN("example.com"))))),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // RDNs can have multiple AVAs.
+ RDN(OU("Example Organization") + CN("example.com")), NO_SAN,
+ GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization") +
+ CN("example.com"))))),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // The constraint is a prefix of the subject DN.
+ RDN(OU("Example Organization")) + RDN(CN("example.com")), NO_SAN,
+ GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization"))))),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // The name constraint is not a prefix of the subject DN.
+ // Note that for excludedSubtrees, we simply prohibit any non-empty
+ // directoryName constraint to ensure we are not being too lenient.
+ RDN(OU("Other Example Organization")) + RDN(CN("example.com")), NO_SAN,
+ GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization")) +
+ RDN(CN("example.com"))))),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // Same as the previous one, but one RDN with multiple AVAs.
+ RDN(OU("Other Example Organization") + CN("example.com")), NO_SAN,
+ GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization") +
+ CN("example.com"))))),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // With multiple AVAs per RDN in the subject DN, the constraint is not a
+ // prefix of the subject DN.
+ RDN(OU("Example Organization") + CN("example.com")), NO_SAN,
+ GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization"))))),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // The subject DN RDN has multiple AVAs, but the name constraint has only
+ // one AVA per RDN.
+ RDN(OU("Example Organization") + CN("example.com")), NO_SAN,
+ GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization")) +
+ RDN(CN("example.com"))))),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // The name constraint RDN has multiple AVAs, but the subject DN has only
+ // one AVA per RDN.
+ RDN(OU("Example Organization")) + RDN(CN("example.com")), NO_SAN,
+ GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization") +
+ CN("example.com"))))),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // In this case, the constraint uses a different encoding from the subject.
+ // We consider them to match because we allow UTF8String and
+ // PrintableString to compare equal when their contents are equal.
+ RDN(OU("Example Organization", der::UTF8String)) + RDN(CN("example.com")),
+ NO_SAN, GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization",
+ der::PrintableString)) +
+ RDN(CN("example.com"))))),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // Same as above, but with UTF8String/PrintableString switched.
+ RDN(OU("Example Organization", der::PrintableString)) + RDN(CN("example.com")),
+ NO_SAN, GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization",
+ der::UTF8String)) +
+ RDN(CN("example.com"))))),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // If the contents aren't the same, then they shouldn't match.
+ RDN(OU("Other Example Organization", der::UTF8String)) + RDN(CN("example.com")),
+ NO_SAN, GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization",
+ der::PrintableString)) +
+ RDN(CN("example.com"))))),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { // Only UTF8String and PrintableString are considered equivalent.
+ RDN(OU("Example Organization", der::PrintableString)) + RDN(CN("example.com")),
+ NO_SAN, GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization",
+ der::TeletexString)) +
+ RDN(CN("example.com"))))),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ // Some additional tests for completeness:
+ // Ensure that wildcards are handled:
+ { RDN(CN("*.example.com")), NO_SAN, GeneralSubtree(DNSName("example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), DNSName("*.example.com"),
+ GeneralSubtree(DNSName("example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), DNSName("www.example.com"),
+ GeneralSubtree(DNSName("*.example.com")),
+ Result::ERROR_BAD_DER, Result::ERROR_BAD_DER
+ },
+ // Handle multiple name constraint entries:
+ { RDN(CN("example.com")), NO_SAN,
+ GeneralSubtree(DNSName("example.org")) +
+ GeneralSubtree(DNSName("example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { ByteString(), DNSName("example.com"),
+ GeneralSubtree(DNSName("example.org")) +
+ GeneralSubtree(DNSName("example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ // Handle multiple names in subject alternative name extension:
+ { ByteString(), DNSName("example.com") + DNSName("example.org"),
+ GeneralSubtree(DNSName("example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ // Handle a mix of DNSName and DirectoryName:
+ { RDN(OU("Example Organization")), DNSName("example.com"),
+ GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization"))))) +
+ GeneralSubtree(DNSName("example.com")),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { RDN(OU("Other Example Organization")), DNSName("example.com"),
+ GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization"))))) +
+ GeneralSubtree(DNSName("example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ { RDN(OU("Example Organization")), DNSName("example.org"),
+ GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization"))))) +
+ GeneralSubtree(DNSName("example.com")),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ // Handle a certificate with no DirectoryName:
+ { ByteString(), DNSName("example.com"),
+ GeneralSubtree(DirectoryName(Name(RDN(OU("Example Organization"))))),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+};
+
+class pkixnames_CheckNameConstraints
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<NameConstraintParams>
+{
+public:
+ DefaultNameMatchingPolicy mNameMatchingPolicy;
+};
+
+TEST_P(pkixnames_CheckNameConstraints,
+ NameConstraintsEnforcedForDirectlyIssuedEndEntity)
+{
+ // Test that name constraints are enforced on a certificate directly issued by
+ // a certificate with the given name constraints.
+
+ const NameConstraintParams& param(GetParam());
+
+ ByteString certDER(CreateCert(param.subject, param.subjectAltName));
+ ASSERT_FALSE(ENCODING_FAILED(certDER));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(certDER.data(), certDER.length()));
+ BackCert cert(certInput, EndEntityOrCA::MustBeEndEntity, nullptr);
+ ASSERT_EQ(Success, cert.Init());
+
+ {
+ ByteString nameConstraintsDER(TLV(der::SEQUENCE,
+ PermittedSubtrees(param.subtrees)));
+ Input nameConstraints;
+ ASSERT_EQ(Success,
+ nameConstraints.Init(nameConstraintsDER.data(),
+ nameConstraintsDER.length()));
+ ASSERT_EQ(param.expectedPermittedSubtreesResult,
+ CheckNameConstraints(nameConstraints, cert,
+ KeyPurposeId::id_kp_serverAuth));
+ }
+ {
+ ByteString nameConstraintsDER(TLV(der::SEQUENCE,
+ ExcludedSubtrees(param.subtrees)));
+ Input nameConstraints;
+ ASSERT_EQ(Success,
+ nameConstraints.Init(nameConstraintsDER.data(),
+ nameConstraintsDER.length()));
+ ASSERT_EQ(param.expectedExcludedSubtreesResult,
+ CheckNameConstraints(nameConstraints, cert,
+ KeyPurposeId::id_kp_serverAuth));
+ }
+ {
+ ByteString nameConstraintsDER(TLV(der::SEQUENCE,
+ PermittedSubtrees(param.subtrees) +
+ ExcludedSubtrees(param.subtrees)));
+ Input nameConstraints;
+ ASSERT_EQ(Success,
+ nameConstraints.Init(nameConstraintsDER.data(),
+ nameConstraintsDER.length()));
+ ASSERT_EQ((param.expectedPermittedSubtreesResult ==
+ param.expectedExcludedSubtreesResult)
+ ? param.expectedExcludedSubtreesResult
+ : Result::ERROR_CERT_NOT_IN_NAME_SPACE,
+ CheckNameConstraints(nameConstraints, cert,
+ KeyPurposeId::id_kp_serverAuth));
+ }
+}
+
+INSTANTIATE_TEST_CASE_P(pkixnames_CheckNameConstraints,
+ pkixnames_CheckNameConstraints,
+ testing::ValuesIn(NAME_CONSTRAINT_PARAMS));
+
+// The |subjectAltName| param is not used for these test cases (hence the use of
+// "NO_SAN").
+static const NameConstraintParams NO_FALLBACK_NAME_CONSTRAINT_PARAMS[] =
+{
+ // The only difference between end-entities being verified for serverAuth and
+ // intermediates or end-entities being verified for other uses is that for
+ // the latter cases, there is no fallback matching of DNSName entries to the
+ // subject common name.
+ { RDN(CN("Not a DNSName")), NO_SAN, GeneralSubtree(DNSName("a.example.com")),
+ Success, Success
+ },
+ { RDN(CN("a.example.com")), NO_SAN, GeneralSubtree(DNSName("a.example.com")),
+ Success, Success
+ },
+ { RDN(CN("b.example.com")), NO_SAN, GeneralSubtree(DNSName("a.example.com")),
+ Success, Success
+ },
+ // Sanity-check that name constraints are in fact enforced in these cases.
+ { RDN(CN("Example Name")), NO_SAN,
+ GeneralSubtree(DirectoryName(Name(RDN(CN("Example Name"))))),
+ Success, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+ // (In this implementation, if a DirectoryName is in excludedSubtrees, nothing
+ // is considered to be in the name space.)
+ { RDN(CN("Other Example Name")), NO_SAN,
+ GeneralSubtree(DirectoryName(Name(RDN(CN("Example Name"))))),
+ Result::ERROR_CERT_NOT_IN_NAME_SPACE, Result::ERROR_CERT_NOT_IN_NAME_SPACE
+ },
+};
+
+class pkixnames_CheckNameConstraintsOnIntermediate
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<NameConstraintParams>
+{
+};
+
+TEST_P(pkixnames_CheckNameConstraintsOnIntermediate,
+ NameConstraintsEnforcedOnIntermediate)
+{
+ // Test that name constraints are enforced on an intermediate certificate
+ // directly issued by a certificate with the given name constraints.
+
+ const NameConstraintParams& param(GetParam());
+
+ ByteString certDER(CreateCert(param.subject, NO_SAN,
+ EndEntityOrCA::MustBeCA));
+ ASSERT_FALSE(ENCODING_FAILED(certDER));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(certDER.data(), certDER.length()));
+ BackCert cert(certInput, EndEntityOrCA::MustBeCA, nullptr);
+ ASSERT_EQ(Success, cert.Init());
+
+ {
+ ByteString nameConstraintsDER(TLV(der::SEQUENCE,
+ PermittedSubtrees(param.subtrees)));
+ Input nameConstraints;
+ ASSERT_EQ(Success,
+ nameConstraints.Init(nameConstraintsDER.data(),
+ nameConstraintsDER.length()));
+ ASSERT_EQ(param.expectedPermittedSubtreesResult,
+ CheckNameConstraints(nameConstraints, cert,
+ KeyPurposeId::id_kp_serverAuth));
+ }
+ {
+ ByteString nameConstraintsDER(TLV(der::SEQUENCE,
+ ExcludedSubtrees(param.subtrees)));
+ Input nameConstraints;
+ ASSERT_EQ(Success,
+ nameConstraints.Init(nameConstraintsDER.data(),
+ nameConstraintsDER.length()));
+ ASSERT_EQ(param.expectedExcludedSubtreesResult,
+ CheckNameConstraints(nameConstraints, cert,
+ KeyPurposeId::id_kp_serverAuth));
+ }
+ {
+ ByteString nameConstraintsDER(TLV(der::SEQUENCE,
+ PermittedSubtrees(param.subtrees) +
+ ExcludedSubtrees(param.subtrees)));
+ Input nameConstraints;
+ ASSERT_EQ(Success,
+ nameConstraints.Init(nameConstraintsDER.data(),
+ nameConstraintsDER.length()));
+ ASSERT_EQ(param.expectedExcludedSubtreesResult,
+ CheckNameConstraints(nameConstraints, cert,
+ KeyPurposeId::id_kp_serverAuth));
+ }
+}
+
+INSTANTIATE_TEST_CASE_P(pkixnames_CheckNameConstraintsOnIntermediate,
+ pkixnames_CheckNameConstraintsOnIntermediate,
+ testing::ValuesIn(NO_FALLBACK_NAME_CONSTRAINT_PARAMS));
+
+class pkixnames_CheckNameConstraintsForNonServerAuthUsage
+ : public ::testing::Test
+ , public ::testing::WithParamInterface<NameConstraintParams>
+{
+};
+
+TEST_P(pkixnames_CheckNameConstraintsForNonServerAuthUsage,
+ NameConstraintsEnforcedForNonServerAuthUsage)
+{
+ // Test that for key purposes other than serverAuth, fallback to the subject
+ // common name does not occur.
+
+ const NameConstraintParams& param(GetParam());
+
+ ByteString certDER(CreateCert(param.subject, NO_SAN));
+ ASSERT_FALSE(ENCODING_FAILED(certDER));
+ Input certInput;
+ ASSERT_EQ(Success, certInput.Init(certDER.data(), certDER.length()));
+ BackCert cert(certInput, EndEntityOrCA::MustBeEndEntity, nullptr);
+ ASSERT_EQ(Success, cert.Init());
+
+ {
+ ByteString nameConstraintsDER(TLV(der::SEQUENCE,
+ PermittedSubtrees(param.subtrees)));
+ Input nameConstraints;
+ ASSERT_EQ(Success,
+ nameConstraints.Init(nameConstraintsDER.data(),
+ nameConstraintsDER.length()));
+ ASSERT_EQ(param.expectedPermittedSubtreesResult,
+ CheckNameConstraints(nameConstraints, cert,
+ KeyPurposeId::id_kp_clientAuth));
+ }
+ {
+ ByteString nameConstraintsDER(TLV(der::SEQUENCE,
+ ExcludedSubtrees(param.subtrees)));
+ Input nameConstraints;
+ ASSERT_EQ(Success,
+ nameConstraints.Init(nameConstraintsDER.data(),
+ nameConstraintsDER.length()));
+ ASSERT_EQ(param.expectedExcludedSubtreesResult,
+ CheckNameConstraints(nameConstraints, cert,
+ KeyPurposeId::id_kp_clientAuth));
+ }
+ {
+ ByteString nameConstraintsDER(TLV(der::SEQUENCE,
+ PermittedSubtrees(param.subtrees) +
+ ExcludedSubtrees(param.subtrees)));
+ Input nameConstraints;
+ ASSERT_EQ(Success,
+ nameConstraints.Init(nameConstraintsDER.data(),
+ nameConstraintsDER.length()));
+ ASSERT_EQ(param.expectedExcludedSubtreesResult,
+ CheckNameConstraints(nameConstraints, cert,
+ KeyPurposeId::id_kp_clientAuth));
+ }
+}
+
+INSTANTIATE_TEST_CASE_P(pkixnames_CheckNameConstraintsForNonServerAuthUsage,
+ pkixnames_CheckNameConstraintsForNonServerAuthUsage,
+ testing::ValuesIn(NO_FALLBACK_NAME_CONSTRAINT_PARAMS));
diff --git a/security/nss/gtests/mozpkix_gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp b/security/nss/gtests/mozpkix_gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp
new file mode 100644
index 000000000..ff154e7ec
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixocsp_CreateEncodedOCSPRequest_tests.cpp
@@ -0,0 +1,146 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixder.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+class CreateEncodedOCSPRequestTrustDomain final
+ : public EverythingFailsByDefaultTrustDomain
+{
+private:
+ Result DigestBuf(Input item, DigestAlgorithm digestAlg,
+ /*out*/ uint8_t *digestBuf, size_t digestBufLen)
+ override
+ {
+ return TestDigestBuf(item, digestAlg, digestBuf, digestBufLen);
+ }
+
+ Result CheckRSAPublicKeyModulusSizeInBits(EndEntityOrCA, unsigned int)
+ override
+ {
+ return Success;
+ }
+};
+
+class pkixocsp_CreateEncodedOCSPRequest : public ::testing::Test
+{
+protected:
+ void MakeIssuerCertIDComponents(const char* issuerASCII,
+ /*out*/ ByteString& issuerDER,
+ /*out*/ ByteString& issuerSPKI)
+ {
+ issuerDER = CNToDERName(issuerASCII);
+ ASSERT_FALSE(ENCODING_FAILED(issuerDER));
+
+ ScopedTestKeyPair keyPair(GenerateKeyPair());
+ ASSERT_TRUE(keyPair.get());
+ issuerSPKI = keyPair->subjectPublicKeyInfo;
+ }
+
+ CreateEncodedOCSPRequestTrustDomain trustDomain;
+};
+
+// Test that the large length of the child serial number causes
+// CreateEncodedOCSPRequest to fail.
+TEST_F(pkixocsp_CreateEncodedOCSPRequest, ChildCertLongSerialNumberTest)
+{
+ static const uint8_t UNSUPPORTED_LEN = 128; // must be larger than 127
+
+ ByteString serialNumberString;
+ // tag + length + value is 1 + 2 + UNSUPPORTED_LEN
+ // Encoding the length takes two bytes: one byte to indicate that a
+ // second byte follows, and the second byte to indicate the length.
+ serialNumberString.push_back(0x80 + 1);
+ serialNumberString.push_back(UNSUPPORTED_LEN);
+ // value is 0x010000...00
+ serialNumberString.push_back(0x01);
+ for (size_t i = 1; i < UNSUPPORTED_LEN; ++i) {
+ serialNumberString.push_back(0x00);
+ }
+
+ ByteString issuerDER;
+ ByteString issuerSPKI;
+ ASSERT_NO_FATAL_FAILURE(MakeIssuerCertIDComponents("CA", issuerDER,
+ issuerSPKI));
+
+ Input issuer;
+ ASSERT_EQ(Success, issuer.Init(issuerDER.data(), issuerDER.length()));
+
+ Input spki;
+ ASSERT_EQ(Success, spki.Init(issuerSPKI.data(), issuerSPKI.length()));
+
+ Input serialNumber;
+ ASSERT_EQ(Success, serialNumber.Init(serialNumberString.data(),
+ serialNumberString.length()));
+
+ uint8_t ocspRequest[OCSP_REQUEST_MAX_LENGTH];
+ size_t ocspRequestLength;
+ ASSERT_EQ(Result::ERROR_BAD_DER,
+ CreateEncodedOCSPRequest(trustDomain,
+ CertID(issuer, spki, serialNumber),
+ ocspRequest, ocspRequestLength));
+}
+
+// Test that CreateEncodedOCSPRequest handles the longest serial number that
+// it's required to support (i.e. 20 octets).
+TEST_F(pkixocsp_CreateEncodedOCSPRequest, LongestSupportedSerialNumberTest)
+{
+ static const uint8_t LONGEST_REQUIRED_LEN = 20;
+
+ ByteString serialNumberString;
+ // tag + length + value is 1 + 1 + LONGEST_REQUIRED_LEN
+ serialNumberString.push_back(der::INTEGER);
+ serialNumberString.push_back(LONGEST_REQUIRED_LEN);
+ serialNumberString.push_back(0x01);
+ // value is 0x010000...00
+ for (size_t i = 1; i < LONGEST_REQUIRED_LEN; ++i) {
+ serialNumberString.push_back(0x00);
+ }
+
+ ByteString issuerDER;
+ ByteString issuerSPKI;
+ ASSERT_NO_FATAL_FAILURE(MakeIssuerCertIDComponents("CA", issuerDER,
+ issuerSPKI));
+
+ Input issuer;
+ ASSERT_EQ(Success, issuer.Init(issuerDER.data(), issuerDER.length()));
+
+ Input spki;
+ ASSERT_EQ(Success, spki.Init(issuerSPKI.data(), issuerSPKI.length()));
+
+ Input serialNumber;
+ ASSERT_EQ(Success, serialNumber.Init(serialNumberString.data(),
+ serialNumberString.length()));
+
+ uint8_t ocspRequest[OCSP_REQUEST_MAX_LENGTH];
+ size_t ocspRequestLength;
+ ASSERT_EQ(Success,
+ CreateEncodedOCSPRequest(trustDomain,
+ CertID(issuer, spki, serialNumber),
+ ocspRequest, ocspRequestLength));
+}
diff --git a/security/nss/gtests/mozpkix_gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp b/security/nss/gtests/mozpkix_gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp
new file mode 100644
index 000000000..3fe4e7b5a
--- /dev/null
+++ b/security/nss/gtests/mozpkix_gtest/pkixocsp_VerifyEncodedOCSPResponse.cpp
@@ -0,0 +1,1064 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2014 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "pkixgtest.h"
+
+#include "mozpkix/pkixder.h"
+
+using namespace mozilla::pkix;
+using namespace mozilla::pkix::test;
+
+const uint16_t END_ENTITY_MAX_LIFETIME_IN_DAYS = 10;
+
+// Note that CheckRevocation is never called for OCSP signing certificates.
+class OCSPTestTrustDomain : public DefaultCryptoTrustDomain
+{
+public:
+ OCSPTestTrustDomain() { }
+
+ Result GetCertTrust(EndEntityOrCA endEntityOrCA, const CertPolicyId&,
+ Input, /*out*/ TrustLevel& trustLevel)
+ /*non-final*/ override
+ {
+ EXPECT_EQ(endEntityOrCA, EndEntityOrCA::MustBeEndEntity);
+ trustLevel = TrustLevel::InheritsTrust;
+ return Success;
+ }
+
+ virtual void NoteAuxiliaryExtension(AuxiliaryExtension extension,
+ Input extensionData) override
+ {
+ if (extension == AuxiliaryExtension::SCTListFromOCSPResponse) {
+ signedCertificateTimestamps = InputToByteString(extensionData);
+ } else {
+ // We do not currently expect to receive any other extension here.
+ ADD_FAILURE();
+ }
+ }
+
+ ByteString signedCertificateTimestamps;
+};
+
+namespace {
+char const* const rootName = "Test CA 1";
+} // namespace
+
+class pkixocsp_VerifyEncodedResponse : public ::testing::Test
+{
+public:
+ static void SetUpTestCase()
+ {
+ rootKeyPair.reset(GenerateKeyPair());
+ if (!rootKeyPair) {
+ abort();
+ }
+ }
+
+ void SetUp()
+ {
+ rootNameDER = CNToDERName(rootName);
+ if (ENCODING_FAILED(rootNameDER)) {
+ abort();
+ }
+ Input rootNameDERInput;
+ if (rootNameDERInput.Init(rootNameDER.data(), rootNameDER.length())
+ != Success) {
+ abort();
+ }
+
+ serialNumberDER =
+ CreateEncodedSerialNumber(static_cast<long>(++rootIssuedCount));
+ if (ENCODING_FAILED(serialNumberDER)) {
+ abort();
+ }
+ Input serialNumberDERInput;
+ if (serialNumberDERInput.Init(serialNumberDER.data(),
+ serialNumberDER.length()) != Success) {
+ abort();
+ }
+
+ Input rootSPKIDER;
+ if (rootSPKIDER.Init(rootKeyPair->subjectPublicKeyInfo.data(),
+ rootKeyPair->subjectPublicKeyInfo.length())
+ != Success) {
+ abort();
+ }
+ endEntityCertID.reset(new (std::nothrow) CertID(rootNameDERInput, rootSPKIDER,
+ serialNumberDERInput));
+ if (!endEntityCertID) {
+ abort();
+ }
+ }
+
+ static ScopedTestKeyPair rootKeyPair;
+ static uint32_t rootIssuedCount;
+ OCSPTestTrustDomain trustDomain;
+
+ // endEntityCertID references rootKeyPair, rootNameDER, and serialNumberDER.
+ ByteString rootNameDER;
+ ByteString serialNumberDER;
+ // endEntityCertID references rootKeyPair, rootNameDER, and serialNumberDER.
+ ScopedCertID endEntityCertID;
+};
+
+/*static*/ ScopedTestKeyPair pkixocsp_VerifyEncodedResponse::rootKeyPair;
+/*static*/ uint32_t pkixocsp_VerifyEncodedResponse::rootIssuedCount = 0;
+
+///////////////////////////////////////////////////////////////////////////////
+// responseStatus
+
+struct WithoutResponseBytes
+{
+ uint8_t responseStatus;
+ Result expectedError;
+};
+
+static const WithoutResponseBytes WITHOUT_RESPONSEBYTES[] = {
+ { OCSPResponseContext::successful, Result::ERROR_OCSP_MALFORMED_RESPONSE },
+ { OCSPResponseContext::malformedRequest, Result::ERROR_OCSP_MALFORMED_REQUEST },
+ { OCSPResponseContext::internalError, Result::ERROR_OCSP_SERVER_ERROR },
+ { OCSPResponseContext::tryLater, Result::ERROR_OCSP_TRY_SERVER_LATER },
+ { 4/*unused*/, Result::ERROR_OCSP_UNKNOWN_RESPONSE_STATUS },
+ { OCSPResponseContext::sigRequired, Result::ERROR_OCSP_REQUEST_NEEDS_SIG },
+ { OCSPResponseContext::unauthorized, Result::ERROR_OCSP_UNAUTHORIZED_REQUEST },
+ { OCSPResponseContext::unauthorized + 1,
+ Result::ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
+ },
+};
+
+class pkixocsp_VerifyEncodedResponse_WithoutResponseBytes
+ : public pkixocsp_VerifyEncodedResponse
+ , public ::testing::WithParamInterface<WithoutResponseBytes>
+{
+protected:
+ ByteString CreateEncodedOCSPErrorResponse(uint8_t status)
+ {
+ static const Input EMPTY;
+ OCSPResponseContext context(CertID(EMPTY, EMPTY, EMPTY),
+ oneDayBeforeNow);
+ context.responseStatus = status;
+ context.skipResponseBytes = true;
+ return CreateEncodedOCSPResponse(context);
+ }
+};
+
+TEST_P(pkixocsp_VerifyEncodedResponse_WithoutResponseBytes, CorrectErrorCode)
+{
+ ByteString
+ responseString(CreateEncodedOCSPErrorResponse(GetParam().responseStatus));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(GetParam().expectedError,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+}
+
+INSTANTIATE_TEST_CASE_P(pkixocsp_VerifyEncodedResponse_WithoutResponseBytes,
+ pkixocsp_VerifyEncodedResponse_WithoutResponseBytes,
+ testing::ValuesIn(WITHOUT_RESPONSEBYTES));
+
+///////////////////////////////////////////////////////////////////////////////
+// "successful" responses
+
+namespace {
+
+// Alias for nullptr to aid readability in the code below.
+static const char* byKey = nullptr;
+
+} // namespace
+
+class pkixocsp_VerifyEncodedResponse_successful
+ : public pkixocsp_VerifyEncodedResponse
+{
+public:
+ void SetUp()
+ {
+ pkixocsp_VerifyEncodedResponse::SetUp();
+ }
+
+ static void SetUpTestCase()
+ {
+ pkixocsp_VerifyEncodedResponse::SetUpTestCase();
+ }
+
+ ByteString CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::CertStatus certStatus,
+ const CertID& certID,
+ /*optional*/ const char* signerName,
+ const TestKeyPair& signerKeyPair,
+ time_t producedAt, time_t thisUpdate,
+ /*optional*/ const time_t* nextUpdate,
+ const TestSignatureAlgorithm& signatureAlgorithm,
+ /*optional*/ const ByteString* certs = nullptr,
+ /*optional*/ OCSPResponseExtension* singleExtensions = nullptr,
+ /*optional*/ OCSPResponseExtension* responseExtensions = nullptr)
+ {
+ OCSPResponseContext context(certID, producedAt);
+ if (signerName) {
+ context.signerNameDER = CNToDERName(signerName);
+ EXPECT_FALSE(ENCODING_FAILED(context.signerNameDER));
+ }
+ context.signerKeyPair.reset(signerKeyPair.Clone());
+ EXPECT_TRUE(context.signerKeyPair.get());
+ context.responseStatus = OCSPResponseContext::successful;
+ context.producedAt = producedAt;
+ context.signatureAlgorithm = signatureAlgorithm;
+ context.certs = certs;
+ context.singleExtensions = singleExtensions;
+ context.responseExtensions = responseExtensions;
+
+ context.certStatus = static_cast<uint8_t>(certStatus);
+ context.thisUpdate = thisUpdate;
+ context.nextUpdate = nextUpdate ? *nextUpdate : 0;
+ context.includeNextUpdate = nextUpdate != nullptr;
+
+ return CreateEncodedOCSPResponse(context);
+ }
+};
+
+TEST_F(pkixocsp_VerifyEncodedResponse_successful, good_byKey)
+{
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID, byKey,
+ *rootKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, &oneDayAfterNow,
+ sha256WithRSAEncryption()));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Success,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID,
+ Now(), END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_successful, good_byName)
+{
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID, rootName,
+ *rootKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, &oneDayAfterNow,
+ sha256WithRSAEncryption()));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Success,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_successful, good_byKey_without_nextUpdate)
+{
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID, byKey,
+ *rootKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, nullptr,
+ sha256WithRSAEncryption()));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Success,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_successful, revoked)
+{
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::revoked, *endEntityCertID, byKey,
+ *rootKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, &oneDayAfterNow,
+ sha256WithRSAEncryption()));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_REVOKED_CERTIFICATE,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_successful, unknown)
+{
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::unknown, *endEntityCertID, byKey,
+ *rootKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, &oneDayAfterNow,
+ sha256WithRSAEncryption()));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_UNKNOWN_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_successful,
+ good_unsupportedSignatureAlgorithm)
+{
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID, byKey,
+ *rootKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, &oneDayAfterNow,
+ md5WithRSAEncryption()));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID,
+ Now(), END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+// Added for bug 1079436. The output variable validThrough represents the
+// latest time for which VerifyEncodedOCSPResponse will succeed, which is
+// different from the nextUpdate time in the OCSP response due to the slop we
+// add for time comparisons to deal with clock skew.
+TEST_F(pkixocsp_VerifyEncodedResponse_successful, check_validThrough)
+{
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID, byKey,
+ *rootKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, &oneDayAfterNow,
+ sha256WithRSAEncryption()));
+ Time validThrough(Time::uninitialized);
+ {
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Success,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID,
+ Now(), END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired, nullptr,
+ &validThrough));
+ ASSERT_FALSE(expired);
+ // The response was created to be valid until one day after now, so the
+ // value we got for validThrough should be after that.
+ Time oneDayAfterNowAsPKIXTime(
+ TimeFromEpochInSeconds(static_cast<uint64_t>(oneDayAfterNow)));
+ ASSERT_TRUE(validThrough > oneDayAfterNowAsPKIXTime);
+ }
+ {
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ // Given validThrough from a previous verification, this response should be
+ // valid through that time.
+ ASSERT_EQ(Success,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID,
+ validThrough, END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+ }
+ {
+ Time noLongerValid(validThrough);
+ ASSERT_EQ(Success, noLongerValid.AddSeconds(1));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ // The verification time is now after when the response will be considered
+ // valid.
+ ASSERT_EQ(Result::ERROR_OCSP_OLD_RESPONSE,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID,
+ noLongerValid, END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_TRUE(expired);
+ }
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_successful, ct_extension)
+{
+ // python DottedOIDToCode.py --tlv
+ // id_ocsp_singleExtensionSctList 1.3.6.1.4.1.11129.2.4.5
+ static const uint8_t tlv_id_ocsp_singleExtensionSctList[] = {
+ 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x04, 0x05
+ };
+ static const uint8_t dummySctList[] = {
+ 0x01, 0x02, 0x03, 0x04, 0x05
+ };
+
+ OCSPResponseExtension ctExtension;
+ ctExtension.id = BytesToByteString(tlv_id_ocsp_singleExtensionSctList);
+ // SignedCertificateTimestampList structure is encoded as an OCTET STRING
+ // within the extension value (see RFC 6962 section 3.3).
+ // pkix decodes it internally and returns the actual structure.
+ ctExtension.value = TLV(der::OCTET_STRING, BytesToByteString(dummySctList));
+
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID, byKey,
+ *rootKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, &oneDayAfterNow,
+ sha256WithRSAEncryption(),
+ /*certs*/ nullptr,
+ &ctExtension));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+
+ bool expired;
+ ASSERT_EQ(Success,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID,
+ Now(), END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+ ASSERT_EQ(BytesToByteString(dummySctList),
+ trustDomain.signedCertificateTimestamps);
+}
+
+///////////////////////////////////////////////////////////////////////////////
+// indirect responses (signed by a delegated OCSP responder cert)
+
+class pkixocsp_VerifyEncodedResponse_DelegatedResponder
+ : public pkixocsp_VerifyEncodedResponse_successful
+{
+protected:
+ // certSubjectName should be unique for each call. This way, we avoid any
+ // issues with NSS caching the certificates internally. For the same reason,
+ // we generate a new keypair on each call. Either one of these should be
+ // sufficient to avoid issues with the NSS cache, but we do both to be
+ // cautious.
+ //
+ // signerName should be byKey to use the byKey ResponderID construction, or
+ // another value (usually equal to certSubjectName) to use the byName
+ // ResponderID construction.
+ //
+ // certSignatureAlgorithm specifies the signature algorithm that the
+ // certificate will be signed with, not the OCSP response.
+ //
+ // If signerEKU is omitted, then the certificate will have the
+ // id-kp-OCSPSigning EKU. If signerEKU is SEC_OID_UNKNOWN then it will not
+ // have any EKU extension. Otherwise, the certificate will have the given
+ // EKU.
+ ByteString CreateEncodedIndirectOCSPSuccessfulResponse(
+ const char* certSubjectName,
+ OCSPResponseContext::CertStatus certStatus,
+ const char* signerName,
+ const TestSignatureAlgorithm& certSignatureAlgorithm,
+ /*optional*/ const Input* signerEKUDER = &OCSPSigningEKUDER,
+ /*optional, out*/ ByteString* signerDEROut = nullptr)
+ {
+ assert(certSubjectName);
+
+ const ByteString extensions[] = {
+ signerEKUDER
+ ? CreateEncodedEKUExtension(*signerEKUDER, Critical::No)
+ : ByteString(),
+ ByteString()
+ };
+ ScopedTestKeyPair signerKeyPair(GenerateKeyPair());
+ ByteString signerDER(CreateEncodedCertificate(
+ ++rootIssuedCount, certSignatureAlgorithm,
+ rootName, oneDayBeforeNow, oneDayAfterNow,
+ certSubjectName, *signerKeyPair,
+ signerEKUDER ? extensions : nullptr,
+ *rootKeyPair));
+ EXPECT_FALSE(ENCODING_FAILED(signerDER));
+ if (signerDEROut) {
+ *signerDEROut = signerDER;
+ }
+
+ ByteString signerNameDER;
+ if (signerName) {
+ signerNameDER = CNToDERName(signerName);
+ EXPECT_FALSE(ENCODING_FAILED(signerNameDER));
+ }
+ ByteString certs[] = { signerDER, ByteString() };
+ return CreateEncodedOCSPSuccessfulResponse(certStatus, *endEntityCertID,
+ signerName, *signerKeyPair,
+ oneDayBeforeNow,
+ oneDayBeforeNow,
+ &oneDayAfterNow,
+ sha256WithRSAEncryption(),
+ certs);
+ }
+
+ static ByteString CreateEncodedCertificate(uint32_t serialNumber,
+ const TestSignatureAlgorithm& signatureAlg,
+ const char* issuer,
+ time_t notBefore,
+ time_t notAfter,
+ const char* subject,
+ const TestKeyPair& subjectKeyPair,
+ /*optional*/ const ByteString* extensions,
+ const TestKeyPair& signerKeyPair)
+ {
+ ByteString serialNumberDER(CreateEncodedSerialNumber(
+ static_cast<long>(serialNumber)));
+ if (ENCODING_FAILED(serialNumberDER)) {
+ return ByteString();
+ }
+ ByteString issuerDER(CNToDERName(issuer));
+ if (ENCODING_FAILED(issuerDER)) {
+ return ByteString();
+ }
+ ByteString subjectDER(CNToDERName(subject));
+ if (ENCODING_FAILED(subjectDER)) {
+ return ByteString();
+ }
+ return ::mozilla::pkix::test::CreateEncodedCertificate(
+ v3, signatureAlg, serialNumberDER,
+ issuerDER, notBefore, notAfter,
+ subjectDER, subjectKeyPair, extensions,
+ signerKeyPair, signatureAlg);
+ }
+
+ static const Input OCSPSigningEKUDER;
+};
+
+/*static*/ const Input pkixocsp_VerifyEncodedResponse_DelegatedResponder::
+ OCSPSigningEKUDER(tlv_id_kp_OCSPSigning);
+
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, good_byKey)
+{
+ ByteString responseString(
+ CreateEncodedIndirectOCSPSuccessfulResponse(
+ "good_indirect_byKey", OCSPResponseContext::good,
+ byKey, sha256WithRSAEncryption()));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Success,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, good_byName)
+{
+ ByteString responseString(
+ CreateEncodedIndirectOCSPSuccessfulResponse(
+ "good_indirect_byName", OCSPResponseContext::good,
+ "good_indirect_byName", sha256WithRSAEncryption()));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Success,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder,
+ good_byKey_missing_signer)
+{
+ ScopedTestKeyPair missingSignerKeyPair(GenerateKeyPair());
+ ASSERT_TRUE(missingSignerKeyPair.get());
+
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID, byKey,
+ *missingSignerKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, nullptr,
+ sha256WithRSAEncryption()));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_INVALID_SIGNING_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder,
+ good_byName_missing_signer)
+{
+ ScopedTestKeyPair missingSignerKeyPair(GenerateKeyPair());
+ ASSERT_TRUE(missingSignerKeyPair.get());
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID,
+ "missing", *missingSignerKeyPair,
+ oneDayBeforeNow, oneDayBeforeNow, nullptr,
+ sha256WithRSAEncryption()));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_INVALID_SIGNING_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, good_expired)
+{
+ static const char* signerName = "good_indirect_expired";
+
+ const ByteString extensions[] = {
+ CreateEncodedEKUExtension(OCSPSigningEKUDER, Critical::No),
+ ByteString()
+ };
+
+ ScopedTestKeyPair signerKeyPair(GenerateKeyPair());
+ ByteString signerDER(CreateEncodedCertificate(
+ ++rootIssuedCount, sha256WithRSAEncryption(),
+ rootName,
+ tenDaysBeforeNow,
+ twoDaysBeforeNow,
+ signerName, *signerKeyPair, extensions,
+ *rootKeyPair));
+ ASSERT_FALSE(ENCODING_FAILED(signerDER));
+
+ ByteString certs[] = { signerDER, ByteString() };
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID,
+ signerName, *signerKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, &oneDayAfterNow,
+ sha256WithRSAEncryption(), certs));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_INVALID_SIGNING_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, good_future)
+{
+ static const char* signerName = "good_indirect_future";
+
+ const ByteString extensions[] = {
+ CreateEncodedEKUExtension(OCSPSigningEKUDER, Critical::No),
+ ByteString()
+ };
+
+ ScopedTestKeyPair signerKeyPair(GenerateKeyPair());
+ ByteString signerDER(CreateEncodedCertificate(
+ ++rootIssuedCount, sha256WithRSAEncryption(),
+ rootName,
+ twoDaysAfterNow,
+ tenDaysAfterNow,
+ signerName, *signerKeyPair, extensions,
+ *rootKeyPair));
+ ASSERT_FALSE(ENCODING_FAILED(signerDER));
+
+ ByteString certs[] = { signerDER, ByteString() };
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID,
+ signerName, *signerKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, &oneDayAfterNow,
+ sha256WithRSAEncryption(), certs));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_INVALID_SIGNING_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, good_no_eku)
+{
+ ByteString responseString(
+ CreateEncodedIndirectOCSPSuccessfulResponse(
+ "good_indirect_wrong_eku",
+ OCSPResponseContext::good, byKey,
+ sha256WithRSAEncryption(), nullptr));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_INVALID_SIGNING_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+static const Input serverAuthEKUDER(tlv_id_kp_serverAuth);
+
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder,
+ good_indirect_wrong_eku)
+{
+ ByteString responseString(
+ CreateEncodedIndirectOCSPSuccessfulResponse(
+ "good_indirect_wrong_eku",
+ OCSPResponseContext::good, byKey,
+ sha256WithRSAEncryption(), &serverAuthEKUDER));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_INVALID_SIGNING_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+// Test that signature of OCSP response signer cert is verified
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, good_tampered_eku)
+{
+ ByteString tamperedResponse(
+ CreateEncodedIndirectOCSPSuccessfulResponse(
+ "good_indirect_tampered_eku",
+ OCSPResponseContext::good, byKey,
+ sha256WithRSAEncryption(), &serverAuthEKUDER));
+ ASSERT_EQ(Success,
+ TamperOnce(tamperedResponse,
+ ByteString(tlv_id_kp_serverAuth,
+ sizeof(tlv_id_kp_serverAuth)),
+ ByteString(tlv_id_kp_OCSPSigning,
+ sizeof(tlv_id_kp_OCSPSigning))));
+ Input tamperedResponseInput;
+ ASSERT_EQ(Success, tamperedResponseInput.Init(tamperedResponse.data(),
+ tamperedResponse.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_INVALID_SIGNING_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ tamperedResponseInput, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder, good_unknown_issuer)
+{
+ static const char* subCAName = "good_indirect_unknown_issuer sub-CA";
+ static const char* signerName = "good_indirect_unknown_issuer OCSP signer";
+
+ // unknown issuer
+ ScopedTestKeyPair unknownKeyPair(GenerateKeyPair());
+ ASSERT_TRUE(unknownKeyPair.get());
+
+ // Delegated responder cert signed by unknown issuer
+ const ByteString extensions[] = {
+ CreateEncodedEKUExtension(OCSPSigningEKUDER, Critical::No),
+ ByteString()
+ };
+ ScopedTestKeyPair signerKeyPair(GenerateKeyPair());
+ ByteString signerDER(CreateEncodedCertificate(
+ 1, sha256WithRSAEncryption(), subCAName,
+ oneDayBeforeNow, oneDayAfterNow, signerName,
+ *signerKeyPair, extensions, *unknownKeyPair));
+ ASSERT_FALSE(ENCODING_FAILED(signerDER));
+
+ // OCSP response signed by that delegated responder
+ ByteString certs[] = { signerDER, ByteString() };
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID,
+ signerName, *signerKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, &oneDayAfterNow,
+ sha256WithRSAEncryption(), certs));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_INVALID_SIGNING_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+// The CA that issued the OCSP responder cert is a sub-CA of the issuer of
+// the certificate that the OCSP response is for. That sub-CA cert is included
+// in the OCSP response before the OCSP responder cert.
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder,
+ good_indirect_subca_1_first)
+{
+ static const char* subCAName = "good_indirect_subca_1_first sub-CA";
+ static const char* signerName = "good_indirect_subca_1_first OCSP signer";
+ static const long zero = 0;
+
+ // sub-CA of root (root is the direct issuer of endEntity)
+ const ByteString subCAExtensions[] = {
+ CreateEncodedBasicConstraints(true, &zero, Critical::No),
+ ByteString()
+ };
+ ScopedTestKeyPair subCAKeyPair(GenerateKeyPair());
+ ByteString subCADER(CreateEncodedCertificate(
+ ++rootIssuedCount, sha256WithRSAEncryption(), rootName,
+ oneDayBeforeNow, oneDayAfterNow, subCAName,
+ *subCAKeyPair, subCAExtensions, *rootKeyPair));
+ ASSERT_FALSE(ENCODING_FAILED(subCADER));
+
+ // Delegated responder cert signed by that sub-CA
+ const ByteString extensions[] = {
+ CreateEncodedEKUExtension(OCSPSigningEKUDER, Critical::No),
+ ByteString(),
+ };
+ ScopedTestKeyPair signerKeyPair(GenerateKeyPair());
+ ByteString signerDER(CreateEncodedCertificate(
+ 1, sha256WithRSAEncryption(), subCAName,
+ oneDayBeforeNow, oneDayAfterNow, signerName,
+ *signerKeyPair, extensions, *subCAKeyPair));
+ ASSERT_FALSE(ENCODING_FAILED(signerDER));
+
+ // OCSP response signed by the delegated responder issued by the sub-CA
+ // that is trying to impersonate the root.
+ ByteString certs[] = { subCADER, signerDER, ByteString() };
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID,
+ signerName, *signerKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, &oneDayAfterNow,
+ sha256WithRSAEncryption(), certs));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_INVALID_SIGNING_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+// The CA that issued the OCSP responder cert is a sub-CA of the issuer of
+// the certificate that the OCSP response is for. That sub-CA cert is included
+// in the OCSP response after the OCSP responder cert.
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder,
+ good_indirect_subca_1_second)
+{
+ static const char* subCAName = "good_indirect_subca_1_second sub-CA";
+ static const char* signerName = "good_indirect_subca_1_second OCSP signer";
+ static const long zero = 0;
+
+ // sub-CA of root (root is the direct issuer of endEntity)
+ const ByteString subCAExtensions[] = {
+ CreateEncodedBasicConstraints(true, &zero, Critical::No),
+ ByteString()
+ };
+ ScopedTestKeyPair subCAKeyPair(GenerateKeyPair());
+ ByteString subCADER(CreateEncodedCertificate(++rootIssuedCount,
+ sha256WithRSAEncryption(),
+ rootName,
+ oneDayBeforeNow, oneDayAfterNow,
+ subCAName, *subCAKeyPair,
+ subCAExtensions, *rootKeyPair));
+ ASSERT_FALSE(ENCODING_FAILED(subCADER));
+
+ // Delegated responder cert signed by that sub-CA
+ const ByteString extensions[] = {
+ CreateEncodedEKUExtension(OCSPSigningEKUDER, Critical::No),
+ ByteString()
+ };
+ ScopedTestKeyPair signerKeyPair(GenerateKeyPair());
+ ByteString signerDER(CreateEncodedCertificate(
+ 1, sha256WithRSAEncryption(), subCAName,
+ oneDayBeforeNow, oneDayAfterNow, signerName,
+ *signerKeyPair, extensions, *subCAKeyPair));
+ ASSERT_FALSE(ENCODING_FAILED(signerDER));
+
+ // OCSP response signed by the delegated responder issued by the sub-CA
+ // that is trying to impersonate the root.
+ ByteString certs[] = { signerDER, subCADER, ByteString() };
+ ByteString responseString(
+ CreateEncodedOCSPSuccessfulResponse(
+ OCSPResponseContext::good, *endEntityCertID,
+ signerName, *signerKeyPair, oneDayBeforeNow,
+ oneDayBeforeNow, &oneDayAfterNow,
+ sha256WithRSAEncryption(), certs));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_INVALID_SIGNING_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_DelegatedResponder,
+ good_unsupportedSignatureAlgorithmOnResponder)
+{
+ // Note that the algorithm ID (md5WithRSAEncryption) identifies the signature
+ // algorithm that will be used to sign the certificate that issues the OCSP
+ // responses, not the responses themselves.
+ ByteString responseString(
+ CreateEncodedIndirectOCSPSuccessfulResponse(
+ "good_indirect_unsupportedSignatureAlgorithm",
+ OCSPResponseContext::good, byKey,
+ md5WithRSAEncryption()));
+ Input response;
+ ASSERT_EQ(Success,
+ response.Init(responseString.data(), responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_INVALID_SIGNING_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+}
+
+class pkixocsp_VerifyEncodedResponse_GetCertTrust
+ : public pkixocsp_VerifyEncodedResponse_DelegatedResponder {
+public:
+ void SetUp()
+ {
+ pkixocsp_VerifyEncodedResponse_DelegatedResponder::SetUp();
+
+ responseString =
+ CreateEncodedIndirectOCSPSuccessfulResponse(
+ "OCSPGetCertTrustTest Signer", OCSPResponseContext::good,
+ byKey, sha256WithRSAEncryption(), &OCSPSigningEKUDER,
+ &signerCertDER);
+ if (ENCODING_FAILED(responseString)) {
+ abort();
+ }
+ if (response.Init(responseString.data(), responseString.length())
+ != Success) {
+ abort();
+ }
+ if (signerCertDER.length() == 0) {
+ abort();
+ }
+ }
+
+ class TrustDomain final : public OCSPTestTrustDomain
+ {
+ public:
+ TrustDomain()
+ : certTrustLevel(TrustLevel::InheritsTrust)
+ {
+ }
+
+ bool SetCertTrust(const ByteString& aCertDER, TrustLevel aCertTrustLevel)
+ {
+ this->certDER = aCertDER;
+ this->certTrustLevel = aCertTrustLevel;
+ return true;
+ }
+ private:
+ Result GetCertTrust(EndEntityOrCA endEntityOrCA, const CertPolicyId&,
+ Input candidateCert, /*out*/ TrustLevel& trustLevel)
+ override
+ {
+ EXPECT_EQ(endEntityOrCA, EndEntityOrCA::MustBeEndEntity);
+ EXPECT_FALSE(certDER.empty());
+ Input certDERInput;
+ EXPECT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length()));
+ EXPECT_TRUE(InputsAreEqual(certDERInput, candidateCert));
+ trustLevel = certTrustLevel;
+ return Success;
+ }
+
+ ByteString certDER;
+ TrustLevel certTrustLevel;
+ };
+
+// trustDomain deliberately shadows the inherited field so that it isn't used
+// by accident. See bug 1339921.
+// Unfortunately GCC can't parse __has_warning("-Wshadow-field") even if it's
+// the latter part of a conjunction that would evaluate to false, so we have to
+// wrap it in a separate preprocessor conditional rather than using &&.
+#if defined(__clang__)
+ #if __has_warning("-Wshadow-field")
+ #pragma clang diagnostic push
+ #pragma clang diagnostic ignored "-Wshadow-field"
+ #endif
+#endif
+ TrustDomain trustDomain;
+#if defined(__clang__)
+ #if __has_warning("-Wshadow-field")
+ #pragma clang diagnostic pop
+ #endif
+#endif
+ ByteString signerCertDER;
+ ByteString responseString;
+ Input response; // references data in responseString
+};
+
+TEST_F(pkixocsp_VerifyEncodedResponse_GetCertTrust, InheritTrust)
+{
+ ASSERT_TRUE(trustDomain.SetCertTrust(signerCertDER,
+ TrustLevel::InheritsTrust));
+ bool expired;
+ ASSERT_EQ(Success,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_GetCertTrust, TrustAnchor)
+{
+ ASSERT_TRUE(trustDomain.SetCertTrust(signerCertDER,
+ TrustLevel::TrustAnchor));
+ bool expired;
+ ASSERT_EQ(Success,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ response, expired));
+ ASSERT_FALSE(expired);
+}
+
+TEST_F(pkixocsp_VerifyEncodedResponse_GetCertTrust, ActivelyDistrusted)
+{
+ ASSERT_TRUE(trustDomain.SetCertTrust(signerCertDER,
+ TrustLevel::ActivelyDistrusted));
+ Input responseInput;
+ ASSERT_EQ(Success,
+ responseInput.Init(responseString.data(),
+ responseString.length()));
+ bool expired;
+ ASSERT_EQ(Result::ERROR_OCSP_INVALID_SIGNING_CERT,
+ VerifyEncodedOCSPResponse(trustDomain, *endEntityCertID, Now(),
+ END_ENTITY_MAX_LIFETIME_IN_DAYS,
+ responseInput, expired));
+ ASSERT_FALSE(expired);
+}
diff --git a/security/nss/gtests/nss_bogo_shim/config.json b/security/nss/gtests/nss_bogo_shim/config.json
index 6dc155bef..5c7a2e348 100644
--- a/security/nss/gtests/nss_bogo_shim/config.json
+++ b/security/nss/gtests/nss_bogo_shim/config.json
@@ -1,6 +1,9 @@
{
"DisabledTests": {
"### These tests break whenever we rev versions, so just leave them here for easy uncommenting":"",
+ "*TLS13Draft*":"NSS supports RFC 8446 only.",
+ "IgnoreClientVersionOrder":"Uses draft23",
+ "DuplicateCertCompressionExt*":"BoGo expects that an alert is sent if more than one compression algorithm is sent.",
"ServerBogusVersion":"Check that SH.legacy_version=TLS12 when the server picks TLS 1.3 (Bug 1443761)",
"DummyPQPadding-Server*":"Boring is testing a dummy PQ padding extension",
"VerifyPreferences-Enforced":"NSS sends alerts in response to errors in protected handshake messages in the clear",
@@ -12,17 +15,10 @@
"ServerCipherFilter*":"Add Ed25519 support (Bug 1325335)",
"GarbageCertificate*":"Send bad_certificate alert when certificate parsing fails (Bug 1441565)",
"SupportedVersionSelection-TLS12":"Should maybe reject TLS 1.2 in SH.supported_versions (Bug 1438266)",
- "*TLS13*":"(NSS=19, BoGo=18)",
- "*HelloRetryRequest*":"(NSS=19, BoGo=18)",
- "*KeyShare*":"(NSS=19, BoGo=18)",
- "*EncryptedExtensions*":"(NSS=19, BoGo=18)",
- "*SecondClientHello*":"(NSS=19, BoGo=18)",
- "*IgnoreClientVersionOrder*":"(NSS=19, BoGo=18)",
- "SkipEarlyData*":"(NSS=19, BoGo=18)",
- "*Binder*":"(NSS=19, BoGo=18)",
"Resume-Server-BinderWrongLength":"Alert disagreement (Bug 1317633)",
"Resume-Server-NoPSKBinder":"Alert disagreement (Bug 1317633)",
"CheckRecordVersion-TLS*":"Bug 1317634",
+ "GarbageInitialRecordVersion-TLS*":"NSS doesn't strictly check the ClientHello record version",
"GREASE-Server-TLS13":"BoringSSL GREASEs without a flag, but we ignore it",
"TLS13-ExpectNoSessionTicketOnBadKEMode-Server":"Bug in NSS. Don't send ticket when not permitted by KE modes (Bug 1317635)",
"*KeyUpdate*":"KeyUpdate Unimplemented",
@@ -48,14 +44,14 @@
"StrayHelloRequest*":"NSS doesn't disable renegotiation by default",
"NoSupportedCurves-TLS13":"wanted SSL_ERROR_NO_CYPHER_OVERLAP, got missing extension error",
"FragmentedClientVersion":"received a malformed Client Hello handshake message",
- "UnofferedExtension-Client-TLS13":"nss updated/broken",
- "UnknownExtension-Client-TLS13":"nss updated/broken",
- "WrongMessageType-TLS13-EncryptedExtensions":"nss updated/broken",
- "WrongMessageType-TLS13-CertificateRequest":"nss updated/broken",
- "WrongMessageType-TLS13-ServerCertificateVerify":"nss updated/broken",
- "WrongMessageType-TLS13-ServerCertificate":"nss updated/broken",
- "WrongMessageType-TLS13-ServerFinished":"nss updated/broken",
- "EmptyEncryptedExtensions":"nss updated/broken",
+ "WrongMessageType-TLS13-EncryptedExtensions":"Boring expects CCS (Bugs 1481209, 1304603)",
+ "TrailingMessageData-TLS13-EncryptedExtensions":"Boring expects CCS (Bugs 1481209, 1304603)",
+ "UnofferedExtension-Client-TLS13":"Boring expects CCS (Bugs 1481209, 1304603)",
+ "UnknownExtension-Client-TLS13":"Boring expects CCS (Bugs 1481209, 1304603)",
+ "WrongMessageType-TLS13-CertificateRequest":"Boring expects CCS (Bugs 1481209, 1304603)",
+ "WrongMessageType-TLS13-ServerCertificateVerify":"Boring expects CCS (Bugs 1481209, 1304603)",
+ "WrongMessageType-TLS13-ServerCertificate":"Boring expects CCS (Bugs 1481209, 1304603)",
+ "WrongMessageType-TLS13-ServerFinished":"Boring expects CCS (Bugs 1481209, 1304603)",
"TrailingMessageData-*": "Bug 1304575",
"DuplicateKeyShares":"Bug 1304578",
"Resume-Server-TLS13-TLS13":"Bug 1314351",
@@ -68,7 +64,8 @@
"RequireAnyClientCertificate-TLS1*":"Bug 1339387",
"SendExtensionOnClientCertificate-TLS13":"Bug 1339392",
"ALPNClient-Mismatch-TLS13":"NSS sends alerts in response to errors in protected handshake messages in the clear",
- "P224-Server":"NSS doesn't support P-224"
+ "P224-Server":"NSS doesn't support P-224",
+ "ClientAuth-SHA1-Fallback*":"Boring wants us to fall back to SHA-1 if supported_signature_algorithms in CR is empty."
},
"ErrorMap" : {
":HANDSHAKE_FAILURE_ON_CLIENT_HELLO:":"SSL_ERROR_NO_CYPHER_OVERLAP",
diff --git a/security/nss/gtests/nss_bogo_shim/manifest.mn b/security/nss/gtests/nss_bogo_shim/manifest.mn
index 2d60ddea3..f8a6b07af 100644
--- a/security/nss/gtests/nss_bogo_shim/manifest.mn
+++ b/security/nss/gtests/nss_bogo_shim/manifest.mn
@@ -12,9 +12,11 @@ CPPSRCS = \
nss_bogo_shim.cc \
$(NULL)
-REQUIRES = nspr nss libdbm
+INCLUDES += -I$(CORE_DEPTH)/cpputil
+
+REQUIRES = nspr nss libdbm cpputil
PROGRAM = nss_bogo_shim
-#EXTRA_LIBS = $(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX)
+EXTRA_LIBS = $(DIST)/lib/$(LIB_PREFIX)cpputil.$(LIB_SUFFIX)
USE_STATIC_LIBS = 1
diff --git a/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc b/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc
index 72dbd5771..b2ce6898d 100644
--- a/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc
+++ b/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc
@@ -18,6 +18,7 @@
#include "ssl3prot.h"
#include "sslerr.h"
#include "sslproto.h"
+#include "nss_scoped_ptrs.h"
#include "nsskeys.h"
@@ -33,30 +34,9 @@ std::string FormatError(PRErrorCode code) {
class TestAgent {
public:
- TestAgent(const Config& cfg)
- : cfg_(cfg),
- pr_fd_(nullptr),
- ssl_fd_(nullptr),
- cert_(nullptr),
- key_(nullptr) {}
+ TestAgent(const Config& cfg) : cfg_(cfg) {}
- ~TestAgent() {
- if (pr_fd_) {
- PR_Close(pr_fd_);
- }
-
- if (ssl_fd_) {
- PR_Close(ssl_fd_);
- }
-
- if (key_) {
- SECKEY_DestroyPrivateKey(key_);
- }
-
- if (cert_) {
- CERT_DestroyCertificate(cert_);
- }
- }
+ ~TestAgent() {}
static std::unique_ptr<TestAgent> Create(const Config& cfg) {
std::unique_ptr<TestAgent> agent(new TestAgent(cfg));
@@ -81,39 +61,46 @@ class TestAgent {
return false;
}
- SECStatus rv = SSL_ResetHandshake(ssl_fd_, cfg_.get<bool>("server"));
+ SECStatus rv = SSL_ResetHandshake(ssl_fd_.get(), cfg_.get<bool>("server"));
if (rv != SECSuccess) return false;
return true;
}
bool ConnectTcp() {
+ // Try IPv6 first, then IPv4 in case of failure.
+ if (!OpenConnection("::1") && !OpenConnection("127.0.0.1")) {
+ return false;
+ }
+
+ ssl_fd_ = ScopedPRFileDesc(SSL_ImportFD(NULL, pr_fd_.get()));
+ if (!ssl_fd_) {
+ return false;
+ }
+ pr_fd_.release();
+
+ return true;
+ }
+
+ bool OpenConnection(const char* ip) {
PRStatus prv;
PRNetAddr addr;
- // Try IPv6 first.
- prv = PR_StringToNetAddr("::1", &addr);
+ prv = PR_StringToNetAddr(ip, &addr);
+
if (prv != PR_SUCCESS) {
- // If that fails, try IPv4.
- prv = PR_StringToNetAddr("127.0.0.1", &addr);
- if (prv != PR_SUCCESS) {
- return false;
- }
+ return false;
}
+
addr.inet.port = PR_htons(cfg_.get<int>("port"));
- pr_fd_ = PR_OpenTCPSocket(addr.raw.family);
+ pr_fd_ = ScopedPRFileDesc(PR_OpenTCPSocket(addr.raw.family));
if (!pr_fd_) return false;
- prv = PR_Connect(pr_fd_, &addr, PR_INTERVAL_NO_TIMEOUT);
+ prv = PR_Connect(pr_fd_.get(), &addr, PR_INTERVAL_NO_TIMEOUT);
if (prv != PR_SUCCESS) {
return false;
}
-
- ssl_fd_ = SSL_ImportFD(NULL, pr_fd_);
- if (!ssl_fd_) return false;
- pr_fd_ = nullptr;
-
return true;
}
@@ -121,21 +108,24 @@ class TestAgent {
SECStatus rv;
if (cfg_.get<std::string>("key-file") != "") {
- key_ = ReadPrivateKey(cfg_.get<std::string>("key-file"));
+ key_ = ScopedSECKEYPrivateKey(
+ ReadPrivateKey(cfg_.get<std::string>("key-file")));
if (!key_) return false;
}
if (cfg_.get<std::string>("cert-file") != "") {
- cert_ = ReadCertificate(cfg_.get<std::string>("cert-file"));
+ cert_ = ScopedCERTCertificate(
+ ReadCertificate(cfg_.get<std::string>("cert-file")));
if (!cert_) return false;
}
// Needed because certs are not entirely valid.
- rv = SSL_AuthCertificateHook(ssl_fd_, AuthCertificateHook, this);
+ rv = SSL_AuthCertificateHook(ssl_fd_.get(), AuthCertificateHook, this);
if (rv != SECSuccess) return false;
if (cfg_.get<bool>("server")) {
// Server
- rv = SSL_ConfigServerCert(ssl_fd_, cert_, key_, nullptr, 0);
+ rv = SSL_ConfigServerCert(ssl_fd_.get(), cert_.get(), key_.get(), nullptr,
+ 0);
if (rv != SECSuccess) {
std::cerr << "Couldn't configure server cert\n";
return false;
@@ -143,7 +133,8 @@ class TestAgent {
} else if (key_ && cert_) {
// Client.
- rv = SSL_GetClientAuthDataHook(ssl_fd_, GetClientAuthDataHook, this);
+ rv =
+ SSL_GetClientAuthDataHook(ssl_fd_.get(), GetClientAuthDataHook, this);
if (rv != SECSuccess) return false;
}
@@ -263,36 +254,36 @@ class TestAgent {
bool SetupOptions() {
SECStatus rv =
- SSL_OptionSet(ssl_fd_, SSL_ENABLE_TLS13_COMPAT_MODE, PR_TRUE);
+ SSL_OptionSet(ssl_fd_.get(), SSL_ENABLE_TLS13_COMPAT_MODE, PR_TRUE);
if (rv != SECSuccess) return false;
- rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE);
+ rv = SSL_OptionSet(ssl_fd_.get(), SSL_ENABLE_SESSION_TICKETS, PR_TRUE);
if (rv != SECSuccess) return false;
SSLVersionRange vrange;
if (!GetVersionRange(&vrange, ssl_variant_stream)) return false;
- rv = SSL_VersionRangeSet(ssl_fd_, &vrange);
+ rv = SSL_VersionRangeSet(ssl_fd_.get(), &vrange);
if (rv != SECSuccess) return false;
SSLVersionRange verify_vrange;
- rv = SSL_VersionRangeGet(ssl_fd_, &verify_vrange);
+ rv = SSL_VersionRangeGet(ssl_fd_.get(), &verify_vrange);
if (rv != SECSuccess) return false;
if (vrange.min != verify_vrange.min || vrange.max != verify_vrange.max)
return false;
- rv = SSL_OptionSet(ssl_fd_, SSL_NO_CACHE, false);
+ rv = SSL_OptionSet(ssl_fd_.get(), SSL_NO_CACHE, false);
if (rv != SECSuccess) return false;
auto alpn = cfg_.get<std::string>("advertise-alpn");
if (!alpn.empty()) {
assert(!cfg_.get<bool>("server"));
- rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_ALPN, PR_TRUE);
+ rv = SSL_OptionSet(ssl_fd_.get(), SSL_ENABLE_ALPN, PR_TRUE);
if (rv != SECSuccess) return false;
rv = SSL_SetNextProtoNego(
- ssl_fd_, reinterpret_cast<const unsigned char*>(alpn.c_str()),
+ ssl_fd_.get(), reinterpret_cast<const unsigned char*>(alpn.c_str()),
alpn.size());
if (rv != SECSuccess) return false;
}
@@ -312,23 +303,23 @@ class TestAgent {
[](int scheme) { return static_cast<SSLSignatureScheme>(scheme); });
rv = SSL_SignatureSchemePrefSet(
- ssl_fd_, sig_schemes.data(),
+ ssl_fd_.get(), sig_schemes.data(),
static_cast<unsigned int>(sig_schemes.size()));
if (rv != SECSuccess) return false;
}
if (cfg_.get<bool>("fallback-scsv")) {
- rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_FALLBACK_SCSV, PR_TRUE);
+ rv = SSL_OptionSet(ssl_fd_.get(), SSL_ENABLE_FALLBACK_SCSV, PR_TRUE);
if (rv != SECSuccess) return false;
}
if (cfg_.get<bool>("false-start")) {
- rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_FALSE_START, PR_TRUE);
+ rv = SSL_OptionSet(ssl_fd_.get(), SSL_ENABLE_FALSE_START, PR_TRUE);
if (rv != SECSuccess) return false;
}
if (cfg_.get<bool>("enable-ocsp-stapling")) {
- rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_OCSP_STAPLING, PR_TRUE);
+ rv = SSL_OptionSet(ssl_fd_.get(), SSL_ENABLE_OCSP_STAPLING, PR_TRUE);
if (rv != SECSuccess) return false;
}
@@ -336,29 +327,63 @@ class TestAgent {
if (requireClientCert || cfg_.get<bool>("verify-peer")) {
assert(cfg_.get<bool>("server"));
- rv = SSL_OptionSet(ssl_fd_, SSL_REQUEST_CERTIFICATE, PR_TRUE);
+ rv = SSL_OptionSet(ssl_fd_.get(), SSL_REQUEST_CERTIFICATE, PR_TRUE);
if (rv != SECSuccess) return false;
rv = SSL_OptionSet(
- ssl_fd_, SSL_REQUIRE_CERTIFICATE,
+ ssl_fd_.get(), SSL_REQUIRE_CERTIFICATE,
requireClientCert ? SSL_REQUIRE_ALWAYS : SSL_REQUIRE_NO_ERROR);
if (rv != SECSuccess) return false;
}
if (!cfg_.get<bool>("server")) {
// Needed to make resumption work.
- rv = SSL_SetURL(ssl_fd_, "server");
+ rv = SSL_SetURL(ssl_fd_.get(), "server");
if (rv != SECSuccess) return false;
}
- rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_EXTENDED_MASTER_SECRET, PR_TRUE);
+ rv = SSL_OptionSet(ssl_fd_.get(), SSL_ENABLE_EXTENDED_MASTER_SECRET,
+ PR_TRUE);
if (rv != SECSuccess) return false;
- if (!EnableNonExportCiphers()) return false;
+ if (!ConfigureCiphers()) return false;
return true;
}
+ bool ConfigureCiphers() {
+ auto cipherList = cfg_.get<std::string>("nss-cipher");
+
+ if (cipherList.empty()) {
+ return EnableNonExportCiphers();
+ }
+
+ for (size_t i = 0; i < SSL_NumImplementedCiphers; ++i) {
+ SSLCipherSuiteInfo csinfo;
+ std::string::size_type n;
+ SECStatus rv = SSL_GetCipherSuiteInfo(SSL_ImplementedCiphers[i], &csinfo,
+ sizeof(csinfo));
+ if (rv != SECSuccess) {
+ return false;
+ }
+
+ // Check if cipherList contains the name of the Cipher Suite and
+ // enable/disable accordingly.
+ n = cipherList.find(csinfo.cipherSuiteName, 0);
+ if (std::string::npos == n) {
+ rv = SSL_CipherPrefSet(ssl_fd_.get(), SSL_ImplementedCiphers[i],
+ PR_FALSE);
+ } else {
+ rv = SSL_CipherPrefSet(ssl_fd_.get(), SSL_ImplementedCiphers[i],
+ PR_TRUE);
+ }
+ if (rv != SECSuccess) {
+ return false;
+ }
+ }
+ return true;
+ }
+
bool EnableNonExportCiphers() {
for (size_t i = 0; i < SSL_NumImplementedCiphers; ++i) {
SSLCipherSuiteInfo csinfo;
@@ -369,7 +394,7 @@ class TestAgent {
return false;
}
- rv = SSL_CipherPrefSet(ssl_fd_, SSL_ImplementedCiphers[i], PR_TRUE);
+ rv = SSL_CipherPrefSet(ssl_fd_.get(), SSL_ImplementedCiphers[i], PR_TRUE);
if (rv != SECSuccess) {
return false;
}
@@ -388,19 +413,19 @@ class TestAgent {
CERTCertificate** cert,
SECKEYPrivateKey** privKey) {
TestAgent* a = static_cast<TestAgent*>(self);
- *cert = CERT_DupCertificate(a->cert_);
- *privKey = SECKEY_CopyPrivateKey(a->key_);
+ *cert = CERT_DupCertificate(a->cert_.get());
+ *privKey = SECKEY_CopyPrivateKey(a->key_.get());
return SECSuccess;
}
- SECStatus Handshake() { return SSL_ForceHandshake(ssl_fd_); }
+ SECStatus Handshake() { return SSL_ForceHandshake(ssl_fd_.get()); }
// Implement a trivial echo client/server. Read bytes from the other side,
// flip all the bits, and send them back.
SECStatus ReadWrite() {
for (;;) {
uint8_t block[512];
- int32_t rv = PR_Read(ssl_fd_, block, sizeof(block));
+ int32_t rv = PR_Read(ssl_fd_.get(), block, sizeof(block));
if (rv < 0) {
std::cerr << "Failure reading\n";
return SECFailure;
@@ -412,7 +437,7 @@ class TestAgent {
block[i] ^= 0xff;
}
- rv = PR_Write(ssl_fd_, block, len);
+ rv = PR_Write(ssl_fd_.get(), block, len);
if (rv != len) {
std::cerr << "Write failure\n";
PORT_SetError(SEC_ERROR_OUTPUT_LEN);
@@ -431,7 +456,7 @@ class TestAgent {
// reader and writer.
uint8_t block[600];
memset(block, ch, sizeof(block));
- int32_t rv = PR_Write(ssl_fd_, block, sizeof(block));
+ int32_t rv = PR_Write(ssl_fd_.get(), block, sizeof(block));
if (rv != sizeof(block)) {
std::cerr << "Write failure\n";
PORT_SetError(SEC_ERROR_OUTPUT_LEN);
@@ -440,7 +465,7 @@ class TestAgent {
size_t left = sizeof(block);
while (left) {
- rv = PR_Read(ssl_fd_, block, left);
+ rv = PR_Read(ssl_fd_.get(), block, left);
if (rv < 0) {
std::cerr << "Failure reading\n";
return SECFailure;
@@ -494,7 +519,7 @@ class TestAgent {
SSLNextProtoState state;
char chosen[256];
unsigned int chosen_len;
- rv = SSL_GetNextProto(ssl_fd_, &state,
+ rv = SSL_GetNextProto(ssl_fd_.get(), &state,
reinterpret_cast<unsigned char*>(chosen),
&chosen_len, sizeof(chosen));
if (rv != SECSuccess) {
@@ -514,7 +539,7 @@ class TestAgent {
auto sig_alg = cfg_.get<int>("expect-peer-signature-algorithm");
if (sig_alg) {
SSLChannelInfo info;
- rv = SSL_GetChannelInfo(ssl_fd_, &info, sizeof(info));
+ rv = SSL_GetChannelInfo(ssl_fd_.get(), &info, sizeof(info));
if (rv != SECSuccess) {
PRErrorCode err = PR_GetError();
std::cerr << "SSL_GetChannelInfo failed with error=" << FormatError(err)
@@ -534,10 +559,10 @@ class TestAgent {
private:
const Config& cfg_;
- PRFileDesc* pr_fd_;
- PRFileDesc* ssl_fd_;
- CERTCertificate* cert_;
- SECKEYPrivateKey* key_;
+ ScopedPRFileDesc pr_fd_;
+ ScopedPRFileDesc ssl_fd_;
+ ScopedCERTCertificate cert_;
+ ScopedSECKEYPrivateKey key_;
};
std::unique_ptr<const Config> ReadConfig(int argc, char** argv) {
@@ -559,11 +584,14 @@ std::unique_ptr<const Config> ReadConfig(int argc, char** argv) {
cfg->AddEntry<bool>("write-then-read", false);
cfg->AddEntry<bool>("require-any-client-certificate", false);
cfg->AddEntry<bool>("verify-peer", false);
+ cfg->AddEntry<bool>("is-handshaker-supported", false);
+ cfg->AddEntry<std::string>("handshaker-path", ""); // Ignore this
cfg->AddEntry<std::string>("advertise-alpn", "");
cfg->AddEntry<std::string>("expect-alpn", "");
cfg->AddEntry<std::vector<int>>("signing-prefs", std::vector<int>());
cfg->AddEntry<std::vector<int>>("verify-prefs", std::vector<int>());
cfg->AddEntry<int>("expect-peer-signature-algorithm", 0);
+ cfg->AddEntry<std::string>("nss-cipher", "");
auto rv = cfg->ParseArgs(argc, argv);
switch (rv) {
@@ -602,6 +630,11 @@ int main(int argc, char** argv) {
return GetExitCode(false);
}
+ if (cfg->get<bool>("is-handshaker-supported")) {
+ std::cout << "No\n";
+ return 0;
+ }
+
if (cfg->get<bool>("server")) {
if (SSL_ConfigServerSessionIDCache(1024, 0, 0, ".") != SECSuccess) {
std::cerr << "Couldn't configure session cache\n";
diff --git a/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.gyp b/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.gyp
index b8f71f95f..d08a6bde3 100644
--- a/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.gyp
+++ b/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.gyp
@@ -37,6 +37,7 @@
'<(DEPTH)/lib/freebl/freebl.gyp:freebl',
'<(DEPTH)/lib/zlib/zlib.gyp:nss_zlib',
'<(DEPTH)/lib/libpkix/libpkix.gyp:libpkix',
+ '<(DEPTH)/cpputil/cpputil.gyp:cpputil',
],
'conditions': [
[ 'disable_dbm==0', {
diff --git a/security/nss/gtests/pk11_gtest/manifest.mn b/security/nss/gtests/pk11_gtest/manifest.mn
index a3dff9d10..ea7b43a2b 100644
--- a/security/nss/gtests/pk11_gtest/manifest.mn
+++ b/security/nss/gtests/pk11_gtest/manifest.mn
@@ -16,6 +16,7 @@ CPPSRCS = \
pk11_pbkdf2_unittest.cc \
pk11_prf_unittest.cc \
pk11_prng_unittest.cc \
+ pk11_rsapkcs1_unittest.cc \
pk11_rsapss_unittest.cc \
pk11_der_private_key_import_unittest.cc \
$(NULL)
diff --git a/security/nss/gtests/pk11_gtest/pk11_aes_gcm_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_aes_gcm_unittest.cc
index a4e8bedba..4072cf2b7 100644
--- a/security/nss/gtests/pk11_gtest/pk11_aes_gcm_unittest.cc
+++ b/security/nss/gtests/pk11_gtest/pk11_aes_gcm_unittest.cc
@@ -10,7 +10,7 @@
#include "secerr.h"
#include "sechash.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "gcm-vectors.h"
#include "gtest/gtest.h"
diff --git a/security/nss/gtests/pk11_gtest/pk11_aeskeywrap_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_aeskeywrap_unittest.cc
index a0226e6df..4d4250a5e 100644
--- a/security/nss/gtests/pk11_gtest/pk11_aeskeywrap_unittest.cc
+++ b/security/nss/gtests/pk11_gtest/pk11_aeskeywrap_unittest.cc
@@ -9,7 +9,7 @@
#include "pk11pub.h"
#include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
namespace nss_test {
@@ -129,4 +129,4 @@ TEST_F(Pkcs11AESKeyWrapTest, WrapUnwrepTest6) {
WrapUnwrap(kKEK3, sizeof(kKEK3), kKD6, sizeof(kKD6), kC6);
}
-} /* nss_test */
\ No newline at end of file
+} /* nss_test */
diff --git a/security/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc
index dac2a41ba..07bc91ee6 100644
--- a/security/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc
+++ b/security/nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc
@@ -10,7 +10,7 @@
#include "sechash.h"
#include "cpputil.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "gtest/gtest.h"
diff --git a/security/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc
new file mode 100644
index 000000000..38982fd88
--- /dev/null
+++ b/security/nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc
@@ -0,0 +1,80 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this file,
+// You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#include "gtest/gtest.h"
+
+#include <assert.h>
+#include <limits.h>
+#include <prinit.h>
+#include <nss.h>
+#include <pk11pub.h>
+
+static const size_t kKeyLen = 128 / 8;
+
+namespace nss_test {
+
+//
+// The ciper tests using the bltest command cover a great deal of testing.
+// However, Bug 1489691 revealed a corner case which is covered here.
+// This test will make multiple calls to PK11_CipherOp using the same
+// cipher context with data that is not cipher block aligned.
+//
+
+static SECStatus GetBytes(PK11Context* ctx, uint8_t* bytes, size_t len) {
+ std::vector<uint8_t> in(len, 0);
+
+ int outlen;
+ SECStatus rv = PK11_CipherOp(ctx, bytes, &outlen, len, &in[0], len);
+ if (static_cast<size_t>(outlen) != len) {
+ return SECFailure;
+ }
+ return rv;
+}
+
+TEST(Pkcs11CipherOp, SingleCtxMultipleUnalignedCipherOps) {
+ PK11SlotInfo* slot;
+ PK11SymKey* key;
+ PK11Context* ctx;
+
+ NSSInitContext* globalctx =
+ NSS_InitContext("", "", "", "", NULL,
+ NSS_INIT_READONLY | NSS_INIT_NOCERTDB | NSS_INIT_NOMODDB |
+ NSS_INIT_FORCEOPEN | NSS_INIT_NOROOTINIT);
+
+ const CK_MECHANISM_TYPE cipher = CKM_AES_CTR;
+
+ slot = PK11_GetInternalSlot();
+ ASSERT_TRUE(slot);
+
+ // Use arbitrary bytes for the AES key
+ uint8_t key_bytes[kKeyLen];
+ for (size_t i = 0; i < kKeyLen; i++) {
+ key_bytes[i] = i;
+ }
+
+ SECItem keyItem = {siBuffer, key_bytes, kKeyLen};
+
+ // The IV can be all zeros since we only encrypt once with
+ // each AES key.
+ CK_AES_CTR_PARAMS param = {128, {}};
+ SECItem paramItem = {siBuffer, reinterpret_cast<unsigned char*>(¶m),
+ sizeof(CK_AES_CTR_PARAMS)};
+
+ key = PK11_ImportSymKey(slot, cipher, PK11_OriginUnwrap, CKA_ENCRYPT,
+ &keyItem, NULL);
+ ctx = PK11_CreateContextBySymKey(cipher, CKA_ENCRYPT, key, ¶mItem);
+ ASSERT_TRUE(key);
+ ASSERT_TRUE(ctx);
+
+ uint8_t outbuf[128];
+ ASSERT_EQ(GetBytes(ctx, outbuf, 7), SECSuccess);
+ ASSERT_EQ(GetBytes(ctx, outbuf, 17), SECSuccess);
+
+ PK11_FreeSymKey(key);
+ PK11_FreeSlot(slot);
+ PK11_DestroyContext(ctx, PR_TRUE);
+ NSS_ShutdownContext(globalctx);
+}
+
+} // namespace nss_test
diff --git a/security/nss/gtests/pk11_gtest/pk11_curve25519_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_curve25519_unittest.cc
index 40b536207..009c44fce 100644
--- a/security/nss/gtests/pk11_gtest/pk11_curve25519_unittest.cc
+++ b/security/nss/gtests/pk11_gtest/pk11_curve25519_unittest.cc
@@ -7,7 +7,7 @@
#include "pk11pub.h"
#include "cpputil.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "gtest/gtest.h"
diff --git a/security/nss/gtests/pk11_gtest/pk11_der_private_key_import_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_der_private_key_import_unittest.cc
index 836cc7876..88c283317 100644
--- a/security/nss/gtests/pk11_gtest/pk11_der_private_key_import_unittest.cc
+++ b/security/nss/gtests/pk11_gtest/pk11_der_private_key_import_unittest.cc
@@ -11,7 +11,7 @@
#include "secutil.h"
#include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
namespace nss_test {
diff --git a/security/nss/gtests/pk11_gtest/pk11_ecdsa_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_ecdsa_unittest.cc
index fb0659852..e905f7835 100644
--- a/security/nss/gtests/pk11_gtest/pk11_ecdsa_unittest.cc
+++ b/security/nss/gtests/pk11_gtest/pk11_ecdsa_unittest.cc
@@ -8,7 +8,7 @@
#include "sechash.h"
#include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "pk11_ecdsa_vectors.h"
#include "pk11_signature_test.h"
diff --git a/security/nss/gtests/pk11_gtest/pk11_encrypt_derive_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_encrypt_derive_unittest.cc
index aa92756f2..f4accac02 100644
--- a/security/nss/gtests/pk11_gtest/pk11_encrypt_derive_unittest.cc
+++ b/security/nss/gtests/pk11_gtest/pk11_encrypt_derive_unittest.cc
@@ -8,7 +8,7 @@
#include "prerror.h"
#include "nss.h"
#include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "cpputil.h"
#include "databuffer.h"
#include "util.h"
diff --git a/security/nss/gtests/pk11_gtest/pk11_export_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_export_unittest.cc
index e5d5ae8e9..bfd65b952 100644
--- a/security/nss/gtests/pk11_gtest/pk11_export_unittest.cc
+++ b/security/nss/gtests/pk11_gtest/pk11_export_unittest.cc
@@ -9,7 +9,7 @@
#include "pk11pub.h"
#include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
namespace nss_test {
diff --git a/security/nss/gtests/pk11_gtest/pk11_gtest.gyp b/security/nss/gtests/pk11_gtest/pk11_gtest.gyp
index 076b4d37f..c73139b05 100644
--- a/security/nss/gtests/pk11_gtest/pk11_gtest.gyp
+++ b/security/nss/gtests/pk11_gtest/pk11_gtest.gyp
@@ -14,12 +14,14 @@
'pk11_aeskeywrap_unittest.cc',
'pk11_aes_gcm_unittest.cc',
'pk11_chacha20poly1305_unittest.cc',
+ 'pk11_cipherop_unittest.cc',
'pk11_curve25519_unittest.cc',
'pk11_ecdsa_unittest.cc',
'pk11_encrypt_derive_unittest.cc',
'pk11_pbkdf2_unittest.cc',
'pk11_prf_unittest.cc',
'pk11_prng_unittest.cc',
+ 'pk11_rsapkcs1_unittest.cc',
'pk11_rsapss_unittest.cc',
'pk11_der_private_key_import_unittest.cc',
'<(DEPTH)/gtests/common/gtests.cc'
diff --git a/security/nss/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc
index d72f94c2c..fc055f400 100644
--- a/security/nss/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc
+++ b/security/nss/gtests/pk11_gtest/pk11_pbkdf2_unittest.cc
@@ -9,7 +9,7 @@
#include "pk11pub.h"
#include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
namespace nss_test {
diff --git a/security/nss/gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc
new file mode 100644
index 000000000..044d4e25e
--- /dev/null
+++ b/security/nss/gtests/pk11_gtest/pk11_rsapkcs1_unittest.cc
@@ -0,0 +1,109 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <stdint.h>
+#include "cryptohi.h"
+#include "nss.h"
+#include "pk11pub.h"
+
+#include "gtest/gtest.h"
+#include "nss_scoped_ptrs.h"
+#include "cpputil.h"
+
+namespace nss_test {
+
+// Test that the RSASSA-PKCS1-v1_5 implementation enforces the missing NULL
+// parameter.
+TEST(RsaPkcs1Test, RequireNullParameter) {
+ // kSpki is an RSA public key in an X.509 SubjectPublicKeyInfo.
+ const uint8_t kSpki[] = {
+ 0x30, 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
+ 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81,
+ 0x89, 0x02, 0x81, 0x81, 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9,
+ 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb,
+ 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0,
+ 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef,
+ 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa,
+ 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76,
+ 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25,
+ 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79,
+ 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49,
+ 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd,
+ 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61,
+ 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
+ };
+ // kHash is the SHA-256 hash of {1,2,3,4}.
+ const uint8_t kHash[] = {
+ 0x9f, 0x64, 0xa7, 0x47, 0xe1, 0xb9, 0x7f, 0x13, 0x1f, 0xab, 0xb6,
+ 0xb4, 0x47, 0x29, 0x6c, 0x9b, 0x6f, 0x02, 0x01, 0xe7, 0x9f, 0xb3,
+ 0xc5, 0x35, 0x6e, 0x6c, 0x77, 0xe8, 0x9b, 0x6a, 0x80, 0x6a,
+ };
+ // kSignature is the signature of kHash with RSASSA-PKCS1-v1_5.
+ const uint8_t kSignature[] = {
+ 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
+ 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
+ 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
+ 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
+ 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
+ 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
+ 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
+ 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
+ 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
+ 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
+ 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
+ };
+ // kSignature is an invalid signature of kHash with RSASSA-PKCS1-v1_5 with the
+ // NULL parameter omitted.
+ const uint8_t kSignatureInvalid[] = {
+ 0x71, 0x6c, 0x24, 0x4e, 0xc9, 0x9b, 0x19, 0xc7, 0x49, 0x29, 0xb8, 0xd4,
+ 0xfb, 0x26, 0x23, 0xc0, 0x96, 0x18, 0xcd, 0x1e, 0x60, 0xe8, 0x88, 0x94,
+ 0x8c, 0x59, 0xfb, 0x58, 0x5c, 0x61, 0x58, 0x7a, 0xae, 0xcc, 0xeb, 0xee,
+ 0x1e, 0x85, 0x7d, 0x83, 0xa9, 0xdc, 0x6f, 0x4c, 0x34, 0x5c, 0xcb, 0xd9,
+ 0xde, 0x58, 0x76, 0xdf, 0x1f, 0x5e, 0xd4, 0x57, 0x5b, 0xeb, 0xaf, 0x4f,
+ 0x7a, 0xa7, 0x6b, 0x21, 0xf1, 0x0a, 0x96, 0x78, 0xc7, 0xa8, 0x02, 0x7a,
+ 0xc2, 0x06, 0xd3, 0x18, 0x79, 0x72, 0x6b, 0xfe, 0x2d, 0xec, 0xd8, 0x8e,
+ 0x98, 0x86, 0x89, 0xf4, 0x67, 0x14, 0x2b, 0xac, 0x6d, 0xd7, 0x04, 0xd8,
+ 0xab, 0x05, 0xe6, 0x51, 0xf6, 0xee, 0x58, 0x63, 0xef, 0x6a, 0x3e, 0x89,
+ 0x99, 0x2a, 0x1c, 0x10, 0xc2, 0xd0, 0x41, 0x9e, 0x1e, 0x9a, 0x9a, 0x57,
+ 0x32, 0x0f, 0x49, 0xb4, 0x57, 0x37, 0xa4, 0x26,
+ };
+
+ // The test vectors may be verified with:
+ //
+ // openssl rsautl -keyform der -pubin -inkey spki.bin -in sig.bin | der2ascii
+ // openssl rsautl -keyform der -pubin -inkey spki.bin -in sig2.bin | der2ascii
+
+ // Import public key.
+ SECItem spkiItem = {siBuffer, toUcharPtr(kSpki), sizeof(kSpki)};
+ ScopedCERTSubjectPublicKeyInfo certSpki(
+ SECKEY_DecodeDERSubjectPublicKeyInfo(&spkiItem));
+ ASSERT_TRUE(certSpki);
+ ScopedSECKEYPublicKey pubKey(SECKEY_ExtractPublicKey(certSpki.get()));
+ ASSERT_TRUE(pubKey);
+
+ SECItem hash = {siBuffer, toUcharPtr(kHash), sizeof(kHash)};
+
+ // kSignature is a valid signature.
+ SECItem sigItem = {siBuffer, toUcharPtr(kSignature), sizeof(kSignature)};
+ SECStatus rv = VFY_VerifyDigestDirect(&hash, pubKey.get(), &sigItem,
+ SEC_OID_PKCS1_RSA_ENCRYPTION,
+ SEC_OID_SHA256, nullptr);
+ EXPECT_EQ(SECSuccess, rv);
+
+ // kSignatureInvalid is not.
+ sigItem = {siBuffer, toUcharPtr(kSignatureInvalid),
+ sizeof(kSignatureInvalid)};
+ rv = VFY_VerifyDigestDirect(&hash, pubKey.get(), &sigItem,
+ SEC_OID_PKCS1_RSA_ENCRYPTION, SEC_OID_SHA256,
+ nullptr);
+#ifdef NSS_PKCS1_AllowMissingParameters
+ EXPECT_EQ(SECSuccess, rv);
+#else
+ EXPECT_EQ(SECFailure, rv);
+#endif
+}
+
+} // namespace nss_test
diff --git a/security/nss/gtests/pk11_gtest/pk11_rsapss_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_rsapss_unittest.cc
index 6c8c5ab4e..ed0573027 100644
--- a/security/nss/gtests/pk11_gtest/pk11_rsapss_unittest.cc
+++ b/security/nss/gtests/pk11_gtest/pk11_rsapss_unittest.cc
@@ -10,7 +10,7 @@
#include "sechash.h"
#include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "pk11_signature_test.h"
#include "pk11_rsapss_vectors.h"
diff --git a/security/nss/gtests/pk11_gtest/pk11_signature_test.h b/security/nss/gtests/pk11_gtest/pk11_signature_test.h
index 8a12171a0..0526fea55 100644
--- a/security/nss/gtests/pk11_gtest/pk11_signature_test.h
+++ b/security/nss/gtests/pk11_gtest/pk11_signature_test.h
@@ -8,7 +8,7 @@
#include "sechash.h"
#include "cpputil.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "databuffer.h"
#include "gtest/gtest.h"
diff --git a/security/nss/gtests/softoken_gtest/softoken_gtest.cc b/security/nss/gtests/softoken_gtest/softoken_gtest.cc
index d61e2e75f..5e2a497b8 100644
--- a/security/nss/gtests/softoken_gtest/softoken_gtest.cc
+++ b/security/nss/gtests/softoken_gtest/softoken_gtest.cc
@@ -11,7 +11,7 @@
#include "pk11pub.h"
#include "secerr.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#define GTEST_HAS_RTTI 0
#include "gtest/gtest.h"
diff --git a/security/nss/gtests/ssl_gtest/manifest.mn b/security/nss/gtests/ssl_gtest/manifest.mn
index 8547e56d1..7f4ee7953 100644
--- a/security/nss/gtests/ssl_gtest/manifest.mn
+++ b/security/nss/gtests/ssl_gtest/manifest.mn
@@ -52,6 +52,7 @@ CPPSRCS = \
tls_hkdf_unittest.cc \
tls_filter.cc \
tls_protect.cc \
+ tls_esni_unittest.cc \
$(NULL)
INCLUDES += -I$(CORE_DEPTH)/gtests/google_test/gtest/include \
diff --git a/security/nss/gtests/ssl_gtest/rsa8193.h b/security/nss/gtests/ssl_gtest/rsa8193.h
index 626516389..1ac8503bc 100644
--- a/security/nss/gtests/ssl_gtest/rsa8193.h
+++ b/security/nss/gtests/ssl_gtest/rsa8193.h
@@ -206,4 +206,4 @@ static const uint8_t rsa8193[] = {
0x13, 0x34, 0x9d, 0x34, 0xb8, 0xef, 0x13, 0x3a, 0x20, 0xf5, 0x74, 0x02,
0x70, 0x3b, 0x41, 0x60, 0x1f, 0x5e, 0x76, 0x0a, 0xb1, 0x17, 0xd5, 0xcf,
0x79, 0xef, 0xf7, 0xab, 0xe7, 0xd6, 0x0f, 0xad, 0x85, 0x2c, 0x52, 0x67,
- 0xb5, 0xa0, 0x4a, 0xfd, 0xaf};
\ No newline at end of file
+ 0xb5, 0xa0, 0x4a, 0xfd, 0xaf};
diff --git a/security/nss/gtests/ssl_gtest/selfencrypt_unittest.cc b/security/nss/gtests/ssl_gtest/selfencrypt_unittest.cc
index 4bae9dec9..0c62c4cac 100644
--- a/security/nss/gtests/ssl_gtest/selfencrypt_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/selfencrypt_unittest.cc
@@ -19,7 +19,7 @@ extern "C" {
#include "databuffer.h"
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
namespace nss_test {
diff --git a/security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc
index 28fdc6631..07eadfbd1 100644
--- a/security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc
@@ -16,7 +16,7 @@ extern "C" {
}
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
diff --git a/security/nss/gtests/ssl_gtest/ssl_agent_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_agent_unittest.cc
index 6be3b61f8..c3455d130 100644
--- a/security/nss/gtests/ssl_gtest/ssl_agent_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_agent_unittest.cc
@@ -34,7 +34,7 @@ const static uint8_t kCannedTls13ClientHello[] = {
0xc2, 0xb3, 0xc6, 0x80, 0x72, 0x86, 0x08, 0x86, 0x8f, 0x52, 0xc5, 0xcb,
0xbf, 0x2a, 0xb5, 0x59, 0x64, 0xcc, 0x0c, 0x49, 0x95, 0x36, 0xe4, 0xd9,
0x2f, 0xd4, 0x24, 0x66, 0x71, 0x6f, 0x5d, 0x70, 0xe2, 0xa0, 0xea, 0x26,
- 0x00, 0x2b, 0x00, 0x03, 0x02, 0x7f, kD13, 0x00, 0x0d, 0x00, 0x20, 0x00,
+ 0x00, 0x2b, 0x00, 0x03, 0x02, 0x03, 0x04, 0x00, 0x0d, 0x00, 0x20, 0x00,
0x1e, 0x04, 0x03, 0x05, 0x03, 0x06, 0x03, 0x02, 0x03, 0x08, 0x04, 0x08,
0x05, 0x08, 0x06, 0x04, 0x01, 0x05, 0x01, 0x06, 0x01, 0x02, 0x01, 0x04,
0x02, 0x05, 0x02, 0x06, 0x02, 0x02, 0x02};
@@ -64,8 +64,8 @@ TEST_P(TlsAgentTestClient13, CannedHello) {
auto sh = MakeCannedTls13ServerHello();
MakeHandshakeMessage(kTlsHandshakeServerHello, sh.data(), sh.len(),
&server_hello);
- MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
- server_hello.data(), server_hello.len(), &buffer);
+ MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3, server_hello.data(),
+ server_hello.len(), &buffer);
ProcessMessage(buffer, TlsAgent::STATE_CONNECTING);
}
@@ -79,8 +79,8 @@ TEST_P(TlsAgentTestClient13, EncryptedExtensionsInClear) {
&encrypted_extensions, 1);
server_hello.Append(encrypted_extensions);
DataBuffer buffer;
- MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
- server_hello.data(), server_hello.len(), &buffer);
+ MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3, server_hello.data(),
+ server_hello.len(), &buffer);
EnsureInit();
ExpectAlert(kTlsAlertUnexpectedMessage);
ProcessMessage(buffer, TlsAgent::STATE_ERROR,
@@ -97,11 +97,11 @@ TEST_F(TlsAgentStreamTestClient, EncryptedExtensionsInClearTwoPieces) {
&encrypted_extensions, 1);
server_hello.Append(encrypted_extensions);
DataBuffer buffer;
- MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
- server_hello.data(), kFirstFragmentSize, &buffer);
+ MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3, server_hello.data(),
+ kFirstFragmentSize, &buffer);
DataBuffer buffer2;
- MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
+ MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3,
server_hello.data() + kFirstFragmentSize,
server_hello.len() - kFirstFragmentSize, &buffer2);
@@ -129,11 +129,11 @@ TEST_F(TlsAgentDgramTestClient, EncryptedExtensionsInClearTwoPieces) {
&encrypted_extensions, 1);
server_hello_frag2.Append(encrypted_extensions);
DataBuffer buffer;
- MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
+ MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3,
server_hello_frag1.data(), server_hello_frag1.len(), &buffer);
DataBuffer buffer2;
- MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
+ MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3,
server_hello_frag2.data(), server_hello_frag2.len(), &buffer2, 1);
EnsureInit();
@@ -150,7 +150,7 @@ TEST_F(TlsAgentDgramTestClient, AckWithBogusLengthField) {
// Length doesn't match
const uint8_t ackBuf[] = {0x00, 0x08, 0x00};
DataBuffer record;
- MakeRecord(variant_, kTlsAckType, SSL_LIBRARY_VERSION_TLS_1_2, ackBuf,
+ MakeRecord(variant_, ssl_ct_ack, SSL_LIBRARY_VERSION_TLS_1_2, ackBuf,
sizeof(ackBuf), &record, 0);
agent_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_3,
SSL_LIBRARY_VERSION_TLS_1_3);
@@ -164,7 +164,7 @@ TEST_F(TlsAgentDgramTestClient, AckWithNonEvenLength) {
// Length isn't a multiple of 8
const uint8_t ackBuf[] = {0x00, 0x01, 0x00};
DataBuffer record;
- MakeRecord(variant_, kTlsAckType, SSL_LIBRARY_VERSION_TLS_1_2, ackBuf,
+ MakeRecord(variant_, ssl_ct_ack, SSL_LIBRARY_VERSION_TLS_1_2, ackBuf,
sizeof(ackBuf), &record, 0);
agent_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_3,
SSL_LIBRARY_VERSION_TLS_1_3);
@@ -196,7 +196,7 @@ TEST_F(TlsAgentStreamTestClient, Set0RttOptionThenRead) {
agent_->StartConnect();
agent_->Set0RttEnabled(true);
DataBuffer buffer;
- MakeRecord(kTlsApplicationDataType, SSL_LIBRARY_VERSION_TLS_1_3,
+ MakeRecord(ssl_ct_application_data, SSL_LIBRARY_VERSION_TLS_1_3,
reinterpret_cast<const uint8_t *>(k0RttData), strlen(k0RttData),
&buffer);
ExpectAlert(kTlsAlertUnexpectedMessage);
@@ -214,10 +214,10 @@ TEST_F(TlsAgentStreamTestServer, Set0RttOptionClientHelloThenRead) {
agent_->StartConnect();
agent_->Set0RttEnabled(true);
DataBuffer buffer;
- MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3,
+ MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3,
kCannedTls13ClientHello, sizeof(kCannedTls13ClientHello), &buffer);
ProcessMessage(buffer, TlsAgent::STATE_CONNECTING);
- MakeRecord(kTlsApplicationDataType, SSL_LIBRARY_VERSION_TLS_1_3,
+ MakeRecord(ssl_ct_application_data, SSL_LIBRARY_VERSION_TLS_1_3,
reinterpret_cast<const uint8_t *>(k0RttData), strlen(k0RttData),
&buffer);
ExpectAlert(kTlsAlertBadRecordMac);
diff --git a/security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc
index e2a30e6bc..3a52ac20c 100644
--- a/security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc
@@ -15,7 +15,7 @@ extern "C" {
}
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
@@ -37,6 +37,50 @@ TEST_P(TlsConnectGeneric, ServerAuthRsaChain) {
EXPECT_EQ(2UL, chain_length);
}
+TEST_P(TlsConnectTls12Plus, ServerAuthRsaPss) {
+ static const SSLSignatureScheme kSignatureSchemePss[] = {
+ ssl_sig_rsa_pss_pss_sha256};
+
+ Reset(TlsAgent::kServerRsaPss);
+ client_->SetSignatureSchemes(kSignatureSchemePss,
+ PR_ARRAY_SIZE(kSignatureSchemePss));
+ server_->SetSignatureSchemes(kSignatureSchemePss,
+ PR_ARRAY_SIZE(kSignatureSchemePss));
+ Connect();
+ CheckKeys(ssl_kea_ecdh, ssl_grp_ec_curve25519, ssl_auth_rsa_pss,
+ ssl_sig_rsa_pss_pss_sha256);
+}
+
+// PSS doesn't work with TLS 1.0 or 1.1 because we can't signal it.
+TEST_P(TlsConnectPre12, ServerAuthRsaPssFails) {
+ static const SSLSignatureScheme kSignatureSchemePss[] = {
+ ssl_sig_rsa_pss_pss_sha256};
+
+ Reset(TlsAgent::kServerRsaPss);
+ client_->SetSignatureSchemes(kSignatureSchemePss,
+ PR_ARRAY_SIZE(kSignatureSchemePss));
+ server_->SetSignatureSchemes(kSignatureSchemePss,
+ PR_ARRAY_SIZE(kSignatureSchemePss));
+ ConnectExpectAlert(server_, kTlsAlertHandshakeFailure);
+ server_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP);
+ client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP);
+}
+
+// Check that a PSS certificate with no parameters works.
+TEST_P(TlsConnectTls12Plus, ServerAuthRsaPssNoParameters) {
+ static const SSLSignatureScheme kSignatureSchemePss[] = {
+ ssl_sig_rsa_pss_pss_sha256};
+
+ Reset("rsa_pss_noparam");
+ client_->SetSignatureSchemes(kSignatureSchemePss,
+ PR_ARRAY_SIZE(kSignatureSchemePss));
+ server_->SetSignatureSchemes(kSignatureSchemePss,
+ PR_ARRAY_SIZE(kSignatureSchemePss));
+ Connect();
+ CheckKeys(ssl_kea_ecdh, ssl_grp_ec_curve25519, ssl_auth_rsa_pss,
+ ssl_sig_rsa_pss_pss_sha256);
+}
+
TEST_P(TlsConnectGeneric, ServerAuthRsaPssChain) {
Reset("rsa_pss_chain");
Connect();
@@ -55,6 +99,76 @@ TEST_P(TlsConnectGeneric, ServerAuthRsaCARsaPssChain) {
EXPECT_EQ(2UL, chain_length);
}
+TEST_P(TlsConnectGeneric, ServerAuthRejected) {
+ EnsureTlsSetup();
+ client_->SetAuthCertificateCallback(
+ [](TlsAgent*, PRBool, PRBool) -> SECStatus { return SECFailure; });
+ ConnectExpectAlert(client_, kTlsAlertBadCertificate);
+ client_->CheckErrorCode(SSL_ERROR_BAD_CERTIFICATE);
+ server_->CheckErrorCode(SSL_ERROR_BAD_CERT_ALERT);
+ EXPECT_EQ(TlsAgent::STATE_ERROR, client_->state());
+}
+
+struct AuthCompleteArgs : public PollTarget {
+ AuthCompleteArgs(const std::shared_ptr<TlsAgent>& a, PRErrorCode c)
+ : agent(a), code(c) {}
+
+ std::shared_ptr<TlsAgent> agent;
+ PRErrorCode code;
+};
+
+static void CallAuthComplete(PollTarget* target, Event event) {
+ EXPECT_EQ(TIMER_EVENT, event);
+ auto args = reinterpret_cast<AuthCompleteArgs*>(target);
+ std::cerr << args->agent->role_str() << ": call SSL_AuthCertificateComplete "
+ << (args->code ? PR_ErrorToName(args->code) : "no error")
+ << std::endl;
+ EXPECT_EQ(SECSuccess,
+ SSL_AuthCertificateComplete(args->agent->ssl_fd(), args->code));
+ args->agent->Handshake(); // Make the TlsAgent aware of the error.
+ delete args;
+}
+
+// Install an AuthCertificateCallback that blocks when called. Then
+// SSL_AuthCertificateComplete is called on a very short timer. This allows any
+// processing that might follow the callback to complete.
+static void SetDeferredAuthCertificateCallback(std::shared_ptr<TlsAgent> agent,
+ PRErrorCode code) {
+ auto args = new AuthCompleteArgs(agent, code);
+ agent->SetAuthCertificateCallback(
+ [args](TlsAgent*, PRBool, PRBool) -> SECStatus {
+ // This can't be 0 or we race the message from the client to the server,
+ // and tests assume that we lose that race.
+ std::shared_ptr<Poller::Timer> timer_handle;
+ Poller::Instance()->SetTimer(1U, args, CallAuthComplete, &timer_handle);
+ return SECWouldBlock;
+ });
+}
+
+TEST_P(TlsConnectTls13, ServerAuthRejectAsync) {
+ SetDeferredAuthCertificateCallback(client_, SEC_ERROR_REVOKED_CERTIFICATE);
+ ConnectExpectAlert(client_, kTlsAlertCertificateRevoked);
+ // We only detect the error here when we attempt to handshake, so all the
+ // client learns is that the handshake has already failed.
+ client_->CheckErrorCode(SSL_ERROR_HANDSHAKE_FAILED);
+ server_->CheckErrorCode(SSL_ERROR_REVOKED_CERT_ALERT);
+}
+
+// In TLS 1.2 and earlier, this will result in the client sending its Finished
+// before learning that the server certificate is bad. That means that the
+// server will believe that the handshake is complete.
+TEST_P(TlsConnectGenericPre13, ServerAuthRejectAsync) {
+ SetDeferredAuthCertificateCallback(client_, SEC_ERROR_EXPIRED_CERTIFICATE);
+ client_->ExpectSendAlert(kTlsAlertCertificateExpired);
+ server_->ExpectReceiveAlert(kTlsAlertCertificateExpired);
+ ConnectExpectFailOneSide(TlsAgent::CLIENT);
+ client_->CheckErrorCode(SSL_ERROR_HANDSHAKE_FAILED);
+
+ // The server might not receive the alert that the client sends, which would
+ // cause the test to fail when it cleans up. Reset expectations.
+ server_->ExpectReceiveAlert(kTlsAlertCloseNotify, kTlsAlertWarning);
+}
+
TEST_P(TlsConnectGeneric, ClientAuth) {
client_->SetupClientAuth();
server_->RequestClientAuth(true);
@@ -153,6 +267,81 @@ TEST_P(TlsConnectTls12, ClientAuthBigRsaCheckSigAlg) {
2048);
}
+// Replaces the signature scheme in a CertificateVerify message.
+class TlsReplaceSignatureSchemeFilter : public TlsHandshakeFilter {
+ public:
+ TlsReplaceSignatureSchemeFilter(const std::shared_ptr<TlsAgent>& a,
+ SSLSignatureScheme scheme)
+ : TlsHandshakeFilter(a, {kTlsHandshakeCertificateVerify}),
+ scheme_(scheme) {
+ EnableDecryption();
+ }
+
+ protected:
+ virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header,
+ const DataBuffer& input,
+ DataBuffer* output) {
+ *output = input;
+ output->Write(0, scheme_, 2);
+ return CHANGE;
+ }
+
+ private:
+ SSLSignatureScheme scheme_;
+};
+
+// Check if CertificateVerify signed with rsa_pss_rsae_* is properly
+// rejected when the certificate is RSA-PSS.
+//
+// This only works under TLS 1.2, because PSS doesn't work with TLS
+// 1.0 or TLS 1.1 and the TLS 1.3 1-RTT handshake is partially
+// successful at the client side.
+TEST_P(TlsConnectTls12, ClientAuthInconsistentRsaeSignatureScheme) {
+ static const SSLSignatureScheme kSignatureSchemePss[] = {
+ ssl_sig_rsa_pss_pss_sha256, ssl_sig_rsa_pss_rsae_sha256};
+
+ Reset(TlsAgent::kServerRsa, "rsa_pss");
+ client_->SetSignatureSchemes(kSignatureSchemePss,
+ PR_ARRAY_SIZE(kSignatureSchemePss));
+ server_->SetSignatureSchemes(kSignatureSchemePss,
+ PR_ARRAY_SIZE(kSignatureSchemePss));
+ client_->SetupClientAuth();
+ server_->RequestClientAuth(true);
+
+ EnsureTlsSetup();
+
+ MakeTlsFilter<TlsReplaceSignatureSchemeFilter>(client_,
+ ssl_sig_rsa_pss_rsae_sha256);
+
+ ConnectExpectAlert(server_, kTlsAlertIllegalParameter);
+}
+
+// Check if CertificateVerify signed with rsa_pss_pss_* is properly
+// rejected when the certificate is RSA.
+//
+// This only works under TLS 1.2, because PSS doesn't work with TLS
+// 1.0 or TLS 1.1 and the TLS 1.3 1-RTT handshake is partially
+// successful at the client side.
+TEST_P(TlsConnectTls12, ClientAuthInconsistentPssSignatureScheme) {
+ static const SSLSignatureScheme kSignatureSchemePss[] = {
+ ssl_sig_rsa_pss_rsae_sha256, ssl_sig_rsa_pss_pss_sha256};
+
+ Reset(TlsAgent::kServerRsa, "rsa");
+ client_->SetSignatureSchemes(kSignatureSchemePss,
+ PR_ARRAY_SIZE(kSignatureSchemePss));
+ server_->SetSignatureSchemes(kSignatureSchemePss,
+ PR_ARRAY_SIZE(kSignatureSchemePss));
+ client_->SetupClientAuth();
+ server_->RequestClientAuth(true);
+
+ EnsureTlsSetup();
+
+ MakeTlsFilter<TlsReplaceSignatureSchemeFilter>(client_,
+ ssl_sig_rsa_pss_pss_sha256);
+
+ ConnectExpectAlert(server_, kTlsAlertIllegalParameter);
+}
+
class TlsZeroCertificateRequestSigAlgsFilter : public TlsHandshakeFilter {
public:
TlsZeroCertificateRequestSigAlgsFilter(const std::shared_ptr<TlsAgent>& a)
@@ -197,9 +386,9 @@ class TlsZeroCertificateRequestSigAlgsFilter : public TlsHandshakeFilter {
}
};
-// Check that we fall back to SHA-1 when the server doesn't provide any
+// Check that we send an alert when the server doesn't provide any
// supported_signature_algorithms in the CertificateRequest message.
-TEST_P(TlsConnectTls12, ClientAuthNoSigAlgsFallback) {
+TEST_P(TlsConnectTls12, ClientAuthNoSigAlgs) {
EnsureTlsSetup();
MakeTlsFilter<TlsZeroCertificateRequestSigAlgsFilter>(server_);
auto capture_cert_verify = MakeTlsFilter<TlsHandshakeRecorder>(
@@ -207,24 +396,19 @@ TEST_P(TlsConnectTls12, ClientAuthNoSigAlgsFallback) {
client_->SetupClientAuth();
server_->RequestClientAuth(true);
- ConnectExpectAlert(server_, kTlsAlertDecryptError);
-
- // We're expecting a bad signature here because we tampered with a handshake
- // message (CertReq). Previously, without the SHA-1 fallback, we would've
- // seen a malformed record alert.
- server_->CheckErrorCode(SEC_ERROR_BAD_SIGNATURE);
- client_->CheckErrorCode(SSL_ERROR_DECRYPT_ERROR_ALERT);
+ ConnectExpectAlert(client_, kTlsAlertHandshakeFailure);
- CheckSigScheme(capture_cert_verify, 0, server_, ssl_sig_rsa_pkcs1_sha1, 1024);
+ server_->CheckErrorCode(SSL_ERROR_HANDSHAKE_FAILURE_ALERT);
+ client_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
}
-static const SSLSignatureScheme SignatureSchemeEcdsaSha384[] = {
+static const SSLSignatureScheme kSignatureSchemeEcdsaSha384[] = {
ssl_sig_ecdsa_secp384r1_sha384};
-static const SSLSignatureScheme SignatureSchemeEcdsaSha256[] = {
+static const SSLSignatureScheme kSignatureSchemeEcdsaSha256[] = {
ssl_sig_ecdsa_secp256r1_sha256};
-static const SSLSignatureScheme SignatureSchemeRsaSha384[] = {
+static const SSLSignatureScheme kSignatureSchemeRsaSha384[] = {
ssl_sig_rsa_pkcs1_sha384};
-static const SSLSignatureScheme SignatureSchemeRsaSha256[] = {
+static const SSLSignatureScheme kSignatureSchemeRsaSha256[] = {
ssl_sig_rsa_pkcs1_sha256};
static SSLNamedGroup NamedGroupForEcdsa384(uint16_t version) {
@@ -241,10 +425,10 @@ static SSLNamedGroup NamedGroupForEcdsa384(uint16_t version) {
// for TLS 1.1 and 1.0, where they should be ignored.
TEST_P(TlsConnectGeneric, SignatureAlgorithmServerAuth) {
Reset(TlsAgent::kServerEcdsa384);
- client_->SetSignatureSchemes(SignatureSchemeEcdsaSha384,
- PR_ARRAY_SIZE(SignatureSchemeEcdsaSha384));
- server_->SetSignatureSchemes(SignatureSchemeEcdsaSha384,
- PR_ARRAY_SIZE(SignatureSchemeEcdsaSha384));
+ client_->SetSignatureSchemes(kSignatureSchemeEcdsaSha384,
+ PR_ARRAY_SIZE(kSignatureSchemeEcdsaSha384));
+ server_->SetSignatureSchemes(kSignatureSchemeEcdsaSha384,
+ PR_ARRAY_SIZE(kSignatureSchemeEcdsaSha384));
Connect();
CheckKeys(ssl_kea_ecdh, NamedGroupForEcdsa384(version_), ssl_auth_ecdsa,
ssl_sig_ecdsa_secp384r1_sha384);
@@ -273,8 +457,8 @@ TEST_P(TlsConnectGeneric, SignatureAlgorithmClientOnly) {
// Defaults on the client include the provided option.
TEST_P(TlsConnectGeneric, SignatureAlgorithmServerOnly) {
Reset(TlsAgent::kServerEcdsa384);
- server_->SetSignatureSchemes(SignatureSchemeEcdsaSha384,
- PR_ARRAY_SIZE(SignatureSchemeEcdsaSha384));
+ server_->SetSignatureSchemes(kSignatureSchemeEcdsaSha384,
+ PR_ARRAY_SIZE(kSignatureSchemeEcdsaSha384));
Connect();
CheckKeys(ssl_kea_ecdh, NamedGroupForEcdsa384(version_), ssl_auth_ecdsa,
ssl_sig_ecdsa_secp384r1_sha384);
@@ -283,16 +467,16 @@ TEST_P(TlsConnectGeneric, SignatureAlgorithmServerOnly) {
// In TLS 1.2, curve and hash aren't bound together.
TEST_P(TlsConnectTls12, SignatureSchemeCurveMismatch) {
Reset(TlsAgent::kServerEcdsa256);
- client_->SetSignatureSchemes(SignatureSchemeEcdsaSha384,
- PR_ARRAY_SIZE(SignatureSchemeEcdsaSha384));
+ client_->SetSignatureSchemes(kSignatureSchemeEcdsaSha384,
+ PR_ARRAY_SIZE(kSignatureSchemeEcdsaSha384));
Connect();
}
// In TLS 1.3, curve and hash are coupled.
TEST_P(TlsConnectTls13, SignatureSchemeCurveMismatch) {
Reset(TlsAgent::kServerEcdsa256);
- client_->SetSignatureSchemes(SignatureSchemeEcdsaSha384,
- PR_ARRAY_SIZE(SignatureSchemeEcdsaSha384));
+ client_->SetSignatureSchemes(kSignatureSchemeEcdsaSha384,
+ PR_ARRAY_SIZE(kSignatureSchemeEcdsaSha384));
ConnectExpectAlert(server_, kTlsAlertHandshakeFailure);
server_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP);
@@ -301,16 +485,16 @@ TEST_P(TlsConnectTls13, SignatureSchemeCurveMismatch) {
// Configuring a P-256 cert with only SHA-384 signatures is OK in TLS 1.2.
TEST_P(TlsConnectTls12, SignatureSchemeBadConfig) {
Reset(TlsAgent::kServerEcdsa256); // P-256 cert can't be used.
- server_->SetSignatureSchemes(SignatureSchemeEcdsaSha384,
- PR_ARRAY_SIZE(SignatureSchemeEcdsaSha384));
+ server_->SetSignatureSchemes(kSignatureSchemeEcdsaSha384,
+ PR_ARRAY_SIZE(kSignatureSchemeEcdsaSha384));
Connect();
}
// A P-256 certificate in TLS 1.3 needs a SHA-256 signature scheme.
TEST_P(TlsConnectTls13, SignatureSchemeBadConfig) {
Reset(TlsAgent::kServerEcdsa256); // P-256 cert can't be used.
- server_->SetSignatureSchemes(SignatureSchemeEcdsaSha384,
- PR_ARRAY_SIZE(SignatureSchemeEcdsaSha384));
+ server_->SetSignatureSchemes(kSignatureSchemeEcdsaSha384,
+ PR_ARRAY_SIZE(kSignatureSchemeEcdsaSha384));
ConnectExpectAlert(server_, kTlsAlertHandshakeFailure);
server_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP);
@@ -319,10 +503,10 @@ TEST_P(TlsConnectTls13, SignatureSchemeBadConfig) {
// Where there is no overlap on signature schemes, we still connect successfully
// if we aren't going to use a signature.
TEST_P(TlsConnectGenericPre13, SignatureAlgorithmNoOverlapStaticRsa) {
- client_->SetSignatureSchemes(SignatureSchemeRsaSha384,
- PR_ARRAY_SIZE(SignatureSchemeRsaSha384));
- server_->SetSignatureSchemes(SignatureSchemeRsaSha256,
- PR_ARRAY_SIZE(SignatureSchemeRsaSha256));
+ client_->SetSignatureSchemes(kSignatureSchemeRsaSha384,
+ PR_ARRAY_SIZE(kSignatureSchemeRsaSha384));
+ server_->SetSignatureSchemes(kSignatureSchemeRsaSha256,
+ PR_ARRAY_SIZE(kSignatureSchemeRsaSha256));
EnableOnlyStaticRsaCiphers();
Connect();
CheckKeys(ssl_kea_rsa, ssl_auth_rsa_decrypt);
@@ -330,10 +514,10 @@ TEST_P(TlsConnectGenericPre13, SignatureAlgorithmNoOverlapStaticRsa) {
TEST_P(TlsConnectTls12Plus, SignatureAlgorithmNoOverlapEcdsa) {
Reset(TlsAgent::kServerEcdsa256);
- client_->SetSignatureSchemes(SignatureSchemeEcdsaSha384,
- PR_ARRAY_SIZE(SignatureSchemeEcdsaSha384));
- server_->SetSignatureSchemes(SignatureSchemeEcdsaSha256,
- PR_ARRAY_SIZE(SignatureSchemeEcdsaSha256));
+ client_->SetSignatureSchemes(kSignatureSchemeEcdsaSha384,
+ PR_ARRAY_SIZE(kSignatureSchemeEcdsaSha384));
+ server_->SetSignatureSchemes(kSignatureSchemeEcdsaSha256,
+ PR_ARRAY_SIZE(kSignatureSchemeEcdsaSha256));
ConnectExpectAlert(server_, kTlsAlertHandshakeFailure);
client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP);
server_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
@@ -342,10 +526,10 @@ TEST_P(TlsConnectTls12Plus, SignatureAlgorithmNoOverlapEcdsa) {
// Pre 1.2, a mismatch on signature algorithms shouldn't affect anything.
TEST_P(TlsConnectPre12, SignatureAlgorithmNoOverlapEcdsa) {
Reset(TlsAgent::kServerEcdsa256);
- client_->SetSignatureSchemes(SignatureSchemeEcdsaSha384,
- PR_ARRAY_SIZE(SignatureSchemeEcdsaSha384));
- server_->SetSignatureSchemes(SignatureSchemeEcdsaSha256,
- PR_ARRAY_SIZE(SignatureSchemeEcdsaSha256));
+ client_->SetSignatureSchemes(kSignatureSchemeEcdsaSha384,
+ PR_ARRAY_SIZE(kSignatureSchemeEcdsaSha384));
+ server_->SetSignatureSchemes(kSignatureSchemeEcdsaSha256,
+ PR_ARRAY_SIZE(kSignatureSchemeEcdsaSha256));
Connect();
}
@@ -366,29 +550,6 @@ TEST_P(TlsConnectTls12, SignatureAlgorithmDrop) {
server_->CheckErrorCode(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
}
-// Replaces the signature scheme in a TLS 1.3 CertificateVerify message.
-class TlsReplaceSignatureSchemeFilter : public TlsHandshakeFilter {
- public:
- TlsReplaceSignatureSchemeFilter(const std::shared_ptr<TlsAgent>& a,
- SSLSignatureScheme scheme)
- : TlsHandshakeFilter(a, {kTlsHandshakeCertificateVerify}),
- scheme_(scheme) {
- EnableDecryption();
- }
-
- protected:
- virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header,
- const DataBuffer& input,
- DataBuffer* output) {
- *output = input;
- output->Write(0, scheme_, 2);
- return CHANGE;
- }
-
- private:
- SSLSignatureScheme scheme_;
-};
-
TEST_P(TlsConnectTls13, UnsupportedSignatureSchemeAlert) {
EnsureTlsSetup();
MakeTlsFilter<TlsReplaceSignatureSchemeFilter>(server_, ssl_sig_none);
@@ -411,8 +572,8 @@ TEST_P(TlsConnectTls13, InconsistentSignatureSchemeAlert) {
}
TEST_P(TlsConnectTls12Plus, RequestClientAuthWithSha384) {
- server_->SetSignatureSchemes(SignatureSchemeRsaSha384,
- PR_ARRAY_SIZE(SignatureSchemeRsaSha384));
+ server_->SetSignatureSchemes(kSignatureSchemeRsaSha384,
+ PR_ARRAY_SIZE(kSignatureSchemeRsaSha384));
server_->RequestClientAuth(false);
Connect();
}
@@ -438,7 +599,7 @@ class BeforeFinished : public TlsRecordFilter {
switch (state_) {
case BEFORE_CCS:
// Awaken when we see the CCS.
- if (header.content_type() == kTlsChangeCipherSpecType) {
+ if (header.content_type() == ssl_ct_change_cipher_spec) {
before_ccs_();
// Write the CCS out as a separate write, so that we can make
@@ -455,7 +616,7 @@ class BeforeFinished : public TlsRecordFilter {
break;
case AFTER_CCS:
- EXPECT_EQ(kTlsHandshakeType, header.content_type());
+ EXPECT_EQ(ssl_ct_handshake, header.content_type());
// This could check that data contains a Finished message, but it's
// encrypted, so that's too much extra work.
@@ -552,25 +713,11 @@ TEST_F(TlsConnectDatagram13, AuthCompleteBeforeFinished) {
Connect();
}
-static void TriggerAuthComplete(PollTarget* target, Event event) {
- std::cerr << "client: call SSL_AuthCertificateComplete" << std::endl;
- EXPECT_EQ(TIMER_EVENT, event);
- TlsAgent* client = static_cast<TlsAgent*>(target);
- EXPECT_EQ(SECSuccess, SSL_AuthCertificateComplete(client->ssl_fd(), 0));
-}
-
// This test uses a simple AuthCertificateCallback. Due to the way that the
// entire server flight is processed, the call to SSL_AuthCertificateComplete
// will trigger after the Finished message is processed.
TEST_F(TlsConnectDatagram13, AuthCompleteAfterFinished) {
- client_->SetAuthCertificateCallback(
- [this](TlsAgent*, PRBool, PRBool) -> SECStatus {
- std::shared_ptr<Poller::Timer> timer_handle;
- // This is really just to unroll the stack.
- Poller::Instance()->SetTimer(1U, client_.get(), TriggerAuthComplete,
- &timer_handle);
- return SECWouldBlock;
- });
+ SetDeferredAuthCertificateCallback(client_, 0); // 0 = success.
Connect();
}
@@ -754,15 +901,15 @@ TEST_F(TlsAgentStreamTestServer, ConfigureCertRsaPkcs1SignAndKEX) {
PRFileDesc* ssl_fd = agent_->ssl_fd();
EXPECT_TRUE(SSLInt_HasCertWithAuthType(ssl_fd, ssl_auth_rsa_decrypt));
EXPECT_TRUE(SSLInt_HasCertWithAuthType(ssl_fd, ssl_auth_rsa_sign));
- EXPECT_TRUE(SSLInt_HasCertWithAuthType(ssl_fd, ssl_auth_rsa_pss));
+ EXPECT_FALSE(SSLInt_HasCertWithAuthType(ssl_fd, ssl_auth_rsa_pss));
- // Configuring for only rsa_sign, rsa_pss, or rsa_decrypt should work.
+ // Configuring for only rsa_sign or rsa_decrypt should work.
EXPECT_TRUE(agent_->ConfigServerCert(TlsAgent::kServerRsa, false,
&ServerCertDataRsaPkcs1Decrypt));
EXPECT_TRUE(agent_->ConfigServerCert(TlsAgent::kServerRsa, false,
&ServerCertDataRsaPkcs1Sign));
- EXPECT_TRUE(agent_->ConfigServerCert(TlsAgent::kServerRsa, false,
- &ServerCertDataRsaPss));
+ EXPECT_FALSE(agent_->ConfigServerCert(TlsAgent::kServerRsa, false,
+ &ServerCertDataRsaPss));
}
// Test RSA cert with usage=[signature].
@@ -772,17 +919,17 @@ TEST_F(TlsAgentStreamTestServer, ConfigureCertRsaPkcs1Sign) {
PRFileDesc* ssl_fd = agent_->ssl_fd();
EXPECT_FALSE(SSLInt_HasCertWithAuthType(ssl_fd, ssl_auth_rsa_decrypt));
EXPECT_TRUE(SSLInt_HasCertWithAuthType(ssl_fd, ssl_auth_rsa_sign));
- EXPECT_TRUE(SSLInt_HasCertWithAuthType(ssl_fd, ssl_auth_rsa_pss));
+ EXPECT_FALSE(SSLInt_HasCertWithAuthType(ssl_fd, ssl_auth_rsa_pss));
// Configuring for only rsa_decrypt should fail.
EXPECT_FALSE(agent_->ConfigServerCert(TlsAgent::kServerRsaSign, false,
&ServerCertDataRsaPkcs1Decrypt));
- // Configuring for only rsa_sign or rsa_pss should work.
+ // Configuring for only rsa_sign should work.
EXPECT_TRUE(agent_->ConfigServerCert(TlsAgent::kServerRsaSign, false,
&ServerCertDataRsaPkcs1Sign));
- EXPECT_TRUE(agent_->ConfigServerCert(TlsAgent::kServerRsaSign, false,
- &ServerCertDataRsaPss));
+ EXPECT_FALSE(agent_->ConfigServerCert(TlsAgent::kServerRsaSign, false,
+ &ServerCertDataRsaPss));
}
// Test RSA cert with usage=[encipherment].
diff --git a/security/nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc
index ec289bdd6..194cbab47 100644
--- a/security/nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc
@@ -84,6 +84,18 @@ class TlsCipherSuiteTestBase : public TlsConnectTestBase {
Reset(TlsAgent::kRsa2048);
auth_type_ = ssl_auth_rsa_sign;
break;
+ case ssl_sig_rsa_pss_pss_sha256:
+ Reset(TlsAgent::kServerRsaPss);
+ auth_type_ = ssl_auth_rsa_pss;
+ break;
+ case ssl_sig_rsa_pss_pss_sha384:
+ Reset("rsa_pss384");
+ auth_type_ = ssl_auth_rsa_pss;
+ break;
+ case ssl_sig_rsa_pss_pss_sha512:
+ Reset("rsa_pss512");
+ auth_type_ = ssl_auth_rsa_pss;
+ break;
case ssl_sig_ecdsa_secp256r1_sha256:
Reset(TlsAgent::kServerEcdsa256);
auth_type_ = ssl_auth_ecdsa;
@@ -270,7 +282,7 @@ TEST_P(TlsCipherSuiteTest, ReadLimit) {
} else {
epoch = 0;
}
- TlsAgentTestBase::MakeRecord(variant_, kTlsApplicationDataType, version_,
+ TlsAgentTestBase::MakeRecord(variant_, ssl_ct_application_data, version_,
payload, sizeof(payload), &record,
(epoch << 48) | record_limit());
client_->SendDirect(record);
@@ -310,14 +322,13 @@ static const auto kDummyNamedGroupParams = ::testing::Values(ssl_grp_none);
static const auto kDummySignatureSchemesParams =
::testing::Values(ssl_sig_none);
-#ifndef NSS_DISABLE_TLS_1_3
static SSLSignatureScheme kSignatureSchemesParamsArr[] = {
ssl_sig_rsa_pkcs1_sha256, ssl_sig_rsa_pkcs1_sha384,
ssl_sig_rsa_pkcs1_sha512, ssl_sig_ecdsa_secp256r1_sha256,
ssl_sig_ecdsa_secp384r1_sha384, ssl_sig_rsa_pss_rsae_sha256,
ssl_sig_rsa_pss_rsae_sha384, ssl_sig_rsa_pss_rsae_sha512,
-};
-#endif
+ ssl_sig_rsa_pss_pss_sha256, ssl_sig_rsa_pss_pss_sha384,
+ ssl_sig_rsa_pss_pss_sha512};
INSTANTIATE_CIPHER_TEST_P(RC4, Stream, V10ToV12, kDummyNamedGroupParams,
kDummySignatureSchemesParams,
@@ -372,6 +383,14 @@ INSTANTIATE_CIPHER_TEST_P(
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA);
+INSTANTIATE_CIPHER_TEST_P(
+ TLS12SigSchemes, All, V12, ::testing::ValuesIn(kFasterDHEGroups),
+ ::testing::ValuesIn(kSignatureSchemesParamsArr),
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+ TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA256);
#ifndef NSS_DISABLE_TLS_1_3
INSTANTIATE_CIPHER_TEST_P(TLS13, All, V13,
::testing::ValuesIn(kFasterDHEGroups),
diff --git a/security/nss/gtests/ssl_gtest/ssl_custext_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_custext_unittest.cc
index 5be62e506..68c789a38 100644
--- a/security/nss/gtests/ssl_gtest/ssl_custext_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_custext_unittest.cc
@@ -132,7 +132,7 @@ TEST_F(TlsConnectStreamTls13, CustomExtensionEmptyWriterServer) {
// Sending extensions that the client doesn't expect leads to extensions
// appearing even if the client didn't send one, or in the wrong messages.
client_->ExpectSendAlert(kTlsAlertUnsupportedExtension);
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
ConnectExpectFail();
}
@@ -350,7 +350,7 @@ TEST_F(TlsConnectStreamTls13, CustomExtensionUnsolicitedServer) {
auto capture = MakeTlsFilter<TlsExtensionCapture>(server_, extension_code);
client_->ExpectSendAlert(kTlsAlertUnsupportedExtension);
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
ConnectExpectFail();
EXPECT_TRUE(capture->captured());
@@ -401,7 +401,7 @@ TEST_F(TlsConnectStreamTls13, CustomExtensionClientReject) {
EXPECT_EQ(SECSuccess, rv);
client_->ExpectSendAlert(kTlsAlertHandshakeFailure);
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
ConnectExpectFail();
}
@@ -451,7 +451,7 @@ TEST_F(TlsConnectStreamTls13, CustomExtensionClientRejectAlert) {
EXPECT_EQ(SECSuccess, rv);
client_->ExpectSendAlert(kCustomAlert);
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
ConnectExpectFail();
}
diff --git a/security/nss/gtests/ssl_gtest/ssl_damage_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_damage_unittest.cc
index b8836d7fc..0723c9bee 100644
--- a/security/nss/gtests/ssl_gtest/ssl_damage_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_damage_unittest.cc
@@ -17,7 +17,7 @@ extern "C" {
}
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
diff --git a/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc
index b99461632..f1ccc2864 100644
--- a/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc
@@ -13,7 +13,7 @@
#include "sslproto.h"
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
@@ -643,4 +643,43 @@ TEST_P(TlsConnectGenericPre13, InvalidDERSignatureFfdhe) {
client_->CheckErrorCode(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
}
+// Replace SignatureAndHashAlgorithm of a SKE.
+class DHEServerKEXSigAlgReplacer : public TlsHandshakeFilter {
+ public:
+ DHEServerKEXSigAlgReplacer(const std::shared_ptr<TlsAgent>& server,
+ SSLSignatureScheme sig_scheme)
+ : TlsHandshakeFilter(server, {kTlsHandshakeServerKeyExchange}),
+ sig_scheme_(sig_scheme) {}
+
+ protected:
+ virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header,
+ const DataBuffer& input,
+ DataBuffer* output) {
+ *output = input;
+
+ uint32_t len;
+ uint32_t idx = 0;
+ EXPECT_TRUE(output->Read(idx, 2, &len));
+ idx += 2 + len;
+ EXPECT_TRUE(output->Read(idx, 2, &len));
+ idx += 2 + len;
+ EXPECT_TRUE(output->Read(idx, 2, &len));
+ idx += 2 + len;
+ output->Write(idx, sig_scheme_, 2);
+
+ return CHANGE;
+ }
+
+ private:
+ SSLSignatureScheme sig_scheme_;
+};
+
+TEST_P(TlsConnectTls12, ConnectInconsistentSigAlgDHE) {
+ EnableOnlyDheCiphers();
+
+ MakeTlsFilter<DHEServerKEXSigAlgReplacer>(server_,
+ ssl_sig_ecdsa_secp256r1_sha256);
+ ConnectExpectAlert(client_, kTlsAlertIllegalParameter);
+}
+
} // namespace nss_test
diff --git a/security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc
index e5b52ff06..f25efc77a 100644
--- a/security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc
@@ -14,7 +14,7 @@ extern "C" {
}
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
@@ -123,7 +123,7 @@ class TlsDropDatagram13 : public TlsConnectDatagram13,
void Init(const std::shared_ptr<TlsAgent>& agent) {
records_ = std::make_shared<TlsRecordRecorder>(agent);
- ack_ = std::make_shared<TlsRecordRecorder>(agent, content_ack);
+ ack_ = std::make_shared<TlsRecordRecorder>(agent, ssl_ct_ack);
ack_->EnableDecryption();
drop_ = std::make_shared<SelectiveRecordDropFilter>(agent, 0, false);
chain_ = std::make_shared<ChainedPacketFilter>(
@@ -670,7 +670,7 @@ TEST_P(TlsDropDatagram13, SendOutOfOrderAppWithHandshakeKey) {
ASSERT_NE(nullptr, spec.get());
ASSERT_EQ(2, spec->epoch());
ASSERT_TRUE(client_->SendEncryptedRecord(spec, 0x0002000000000002,
- kTlsApplicationDataType,
+ ssl_ct_application_data,
DataBuffer(buf, sizeof(buf))));
// Now have the server consume the bogus message.
@@ -696,7 +696,7 @@ TEST_P(TlsDropDatagram13, SendOutOfOrderHsNonsenseWithHandshakeKey) {
ASSERT_NE(nullptr, spec.get());
ASSERT_EQ(2, spec->epoch());
ASSERT_TRUE(client_->SendEncryptedRecord(spec, 0x0002000000000002,
- kTlsHandshakeType,
+ ssl_ct_handshake,
DataBuffer(buf, sizeof(buf))));
server_->Handshake();
EXPECT_EQ(2UL, server_filters_.ack_->count());
@@ -899,7 +899,7 @@ class TlsReplaceFirstRecordWithJunk : public TlsRecordFilter {
}
replaced_ = true;
TlsRecordHeader out_header(header.variant(), header.version(),
- kTlsApplicationDataType,
+ ssl_ct_application_data,
header.sequence_number());
static const uint8_t junk[] = {1, 2, 3, 4};
diff --git a/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc
index 12c6e8516..f1cf1fabc 100644
--- a/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc
@@ -17,7 +17,7 @@ extern "C" {
}
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
diff --git a/security/nss/gtests/ssl_gtest/ssl_ems_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_ems_unittest.cc
index dad6ca026..39b2d5873 100644
--- a/security/nss/gtests/ssl_gtest/ssl_ems_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_ems_unittest.cc
@@ -10,7 +10,7 @@
#include "sslproto.h"
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
diff --git a/security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc
index 6965e9ca7..5819af746 100644
--- a/security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc
@@ -9,6 +9,9 @@
#include "sslerr.h"
#include "sslproto.h"
+// This is only to get DTLS_1_3_DRAFT_VERSION
+#include "ssl3prot.h"
+
#include <memory>
#include "tls_connect.h"
@@ -41,28 +44,6 @@ class TlsExtensionTruncator : public TlsExtensionFilter {
size_t length_;
};
-class TlsExtensionDamager : public TlsExtensionFilter {
- public:
- TlsExtensionDamager(const std::shared_ptr<TlsAgent>& a, uint16_t extension,
- size_t index)
- : TlsExtensionFilter(a), extension_(extension), index_(index) {}
- virtual PacketFilter::Action FilterExtension(uint16_t extension_type,
- const DataBuffer& input,
- DataBuffer* output) {
- if (extension_type != extension_) {
- return KEEP;
- }
-
- *output = input;
- output->data()[index_] += 73; // Increment selected for maximum damage
- return CHANGE;
- }
-
- private:
- uint16_t extension_;
- size_t index_;
-};
-
class TlsExtensionAppender : public TlsHandshakeFilter {
public:
TlsExtensionAppender(const std::shared_ptr<TlsAgent>& a,
@@ -454,6 +435,25 @@ TEST_P(TlsExtensionTest12Plus, SignatureAlgorithmsOddLength) {
client_, ssl_signature_algorithms_xtn, extension));
}
+TEST_F(TlsExtensionTest13Stream, SignatureAlgorithmsPrecedingGarbage) {
+ // 31 unknown signature algorithms followed by sha-256, rsa
+ const uint8_t val[] = {
+ 0x00, 0x40, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x04, 0x01};
+ DataBuffer extension(val, sizeof(val));
+ MakeTlsFilter<TlsExtensionReplacer>(client_, ssl_signature_algorithms_xtn,
+ extension);
+ client_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ ConnectExpectFail();
+ client_->CheckErrorCode(SSL_ERROR_BAD_MAC_READ);
+ server_->CheckErrorCode(SSL_ERROR_BAD_MAC_READ);
+}
+
TEST_P(TlsExtensionTestGeneric, NoSupportedGroups) {
ClientHelloErrorTest(
std::make_shared<TlsExtensionDropper>(client_, ssl_supported_groups_xtn),
@@ -563,10 +563,10 @@ TEST_F(TlsExtensionTest13Stream, DropServerKeyShare) {
EnsureTlsSetup();
MakeTlsFilter<TlsExtensionDropper>(server_, ssl_tls13_key_share_xtn);
client_->ExpectSendAlert(kTlsAlertMissingExtension);
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
ConnectExpectFail();
EXPECT_EQ(SSL_ERROR_MISSING_KEY_SHARE, client_->error_code());
- EXPECT_EQ(SSL_ERROR_BAD_MAC_READ, server_->error_code());
+ EXPECT_EQ(SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE, server_->error_code());
}
TEST_F(TlsExtensionTest13Stream, WrongServerKeyShare) {
@@ -583,13 +583,12 @@ TEST_F(TlsExtensionTest13Stream, WrongServerKeyShare) {
EnsureTlsSetup();
MakeTlsFilter<TlsExtensionReplacer>(server_, ssl_tls13_key_share_xtn, buf);
client_->ExpectSendAlert(kTlsAlertIllegalParameter);
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
ConnectExpectFail();
EXPECT_EQ(SSL_ERROR_RX_MALFORMED_KEY_SHARE, client_->error_code());
- EXPECT_EQ(SSL_ERROR_BAD_MAC_READ, server_->error_code());
+ EXPECT_EQ(SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE, server_->error_code());
}
-// TODO(ekr@rtfm.com): This is the wrong error code. See bug 1307269.
TEST_F(TlsExtensionTest13Stream, UnknownServerKeyShare) {
const uint16_t wrong_group = 0xffff;
@@ -603,11 +602,11 @@ TEST_F(TlsExtensionTest13Stream, UnknownServerKeyShare) {
DataBuffer buf(key_share, sizeof(key_share));
EnsureTlsSetup();
MakeTlsFilter<TlsExtensionReplacer>(server_, ssl_tls13_key_share_xtn, buf);
- client_->ExpectSendAlert(kTlsAlertMissingExtension);
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ client_->ExpectSendAlert(kTlsAlertIllegalParameter);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
ConnectExpectFail();
- EXPECT_EQ(SSL_ERROR_MISSING_KEY_SHARE, client_->error_code());
- EXPECT_EQ(SSL_ERROR_BAD_MAC_READ, server_->error_code());
+ EXPECT_EQ(SSL_ERROR_RX_MALFORMED_KEY_SHARE, client_->error_code());
+ EXPECT_EQ(SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE, server_->error_code());
}
TEST_F(TlsExtensionTest13Stream, AddServerSignatureAlgorithmsOnResumption) {
@@ -616,10 +615,10 @@ TEST_F(TlsExtensionTest13Stream, AddServerSignatureAlgorithmsOnResumption) {
MakeTlsFilter<TlsExtensionInjector>(server_, ssl_signature_algorithms_xtn,
empty);
client_->ExpectSendAlert(kTlsAlertUnsupportedExtension);
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
ConnectExpectFail();
EXPECT_EQ(SSL_ERROR_EXTENSION_DISALLOWED_FOR_VERSION, client_->error_code());
- EXPECT_EQ(SSL_ERROR_BAD_MAC_READ, server_->error_code());
+ EXPECT_EQ(SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE, server_->error_code());
}
struct PskIdentity {
@@ -912,23 +911,32 @@ TEST_P(TlsExtensionTest13, RemoveTls13FromVersionListServerV12) {
// 3. Server supports 1.2 and 1.3, client supports 1.2 and 1.3
// but advertises 1.2 (because we changed things).
TEST_P(TlsExtensionTest13, RemoveTls13FromVersionListBothV12) {
+ client_->SetOption(SSL_ENABLE_HELLO_DOWNGRADE_CHECK, PR_TRUE);
client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
SSL_LIBRARY_VERSION_TLS_1_3);
server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
SSL_LIBRARY_VERSION_TLS_1_3);
-#ifndef TLS_1_3_DRAFT_VERSION
- ExpectAlert(server_, kTlsAlertIllegalParameter);
-#else
- ExpectAlert(server_, kTlsAlertDecryptError);
+// The downgrade check is disabled in DTLS 1.3, so all that happens when we
+// tamper with the supported versions is that the Finished check fails.
+#ifdef DTLS_1_3_DRAFT_VERSION
+ if (variant_ == ssl_variant_datagram) {
+ ExpectAlert(server_, kTlsAlertDecryptError);
+ } else
#endif
+ {
+ ExpectAlert(client_, kTlsAlertIllegalParameter);
+ }
ConnectWithReplacementVersionList(SSL_LIBRARY_VERSION_TLS_1_2);
-#ifndef TLS_1_3_DRAFT_VERSION
- client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO);
- server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT);
-#else
- client_->CheckErrorCode(SSL_ERROR_DECRYPT_ERROR_ALERT);
- server_->CheckErrorCode(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
+#ifdef DTLS_1_3_DRAFT_VERSION
+ if (variant_ == ssl_variant_datagram) {
+ client_->CheckErrorCode(SSL_ERROR_DECRYPT_ERROR_ALERT);
+ server_->CheckErrorCode(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
+ } else
#endif
+ {
+ client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO);
+ server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT);
+ }
}
TEST_P(TlsExtensionTest13, HrrThenRemoveSignatureAlgorithms) {
@@ -1017,7 +1025,7 @@ class TlsBogusExtensionTest13 : public TlsBogusExtensionTest {
client_->ExpectSendAlert(alert);
client_->Handshake();
if (variant_ == ssl_variant_stream) {
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
}
server_->Handshake();
}
diff --git a/security/nss/gtests/ssl_gtest/ssl_fragment_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_fragment_unittest.cc
index 92947c2c7..375281263 100644
--- a/security/nss/gtests/ssl_gtest/ssl_fragment_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_fragment_unittest.cc
@@ -10,7 +10,7 @@
#include "sslproto.h"
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
@@ -106,8 +106,8 @@ class RecordFragmenter : public PacketFilter {
}
// Just rewrite the sequence number (CCS only).
- if (header.content_type() != kTlsHandshakeType) {
- EXPECT_EQ(kTlsChangeCipherSpecType, header.content_type());
+ if (header.content_type() != ssl_ct_handshake) {
+ EXPECT_EQ(ssl_ct_change_cipher_spec, header.content_type());
WriteRecord(header, record);
continue;
}
diff --git a/security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc
index f0afc9118..f033b7843 100644
--- a/security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc
@@ -33,7 +33,7 @@ class TlsApplicationDataRecorder : public TlsRecordFilter {
virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
const DataBuffer& input,
DataBuffer* output) {
- if (header.content_type() == kTlsApplicationDataType) {
+ if (header.content_type() == ssl_ct_application_data) {
buffer_.Append(input);
}
diff --git a/security/nss/gtests/ssl_gtest/ssl_gather_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_gather_unittest.cc
index f47b2f445..745432951 100644
--- a/security/nss/gtests/ssl_gtest/ssl_gather_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_gather_unittest.cc
@@ -15,6 +15,7 @@ class GatherV2ClientHelloTest : public TlsConnectTestBase {
void ConnectExpectMalformedClientHello(const DataBuffer &data) {
EnsureTlsSetup();
+ server_->SetOption(SSL_ENABLE_V2_COMPATIBLE_HELLO, PR_TRUE);
server_->ExpectSendAlert(kTlsAlertIllegalParameter);
client_->SendDirect(data);
server_->StartConnect();
diff --git a/security/nss/gtests/ssl_gtest/ssl_gtest.gyp b/security/nss/gtests/ssl_gtest/ssl_gtest.gyp
index 17677713d..be1c4ea32 100644
--- a/security/nss/gtests/ssl_gtest/ssl_gtest.gyp
+++ b/security/nss/gtests/ssl_gtest/ssl_gtest.gyp
@@ -51,6 +51,7 @@
'tls_connect.cc',
'tls_filter.cc',
'tls_hkdf_unittest.cc',
+ 'tls_esni_unittest.cc',
'tls_protect.cc'
],
'dependencies': [
diff --git a/security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc
index 77b335e86..27bc03654 100644
--- a/security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc
@@ -9,11 +9,11 @@
#include "sslerr.h"
#include "sslproto.h"
-// This is internal, just to get TLS_1_3_DRAFT_VERSION.
+// This is internal, just to get DTLS_1_3_DRAFT_VERSION.
#include "ssl3prot.h"
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
@@ -76,7 +76,7 @@ class CorrectMessageSeqAfterHrrFilter : public TlsRecordFilter {
PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
const DataBuffer& record, size_t* offset,
DataBuffer* output) {
- if (filtered_packets() > 0 || header.content_type() != content_handshake) {
+ if (filtered_packets() > 0 || header.content_type() != ssl_ct_handshake) {
return KEEP;
}
@@ -718,6 +718,86 @@ TEST_F(TlsConnectStreamTls13, RetryStatelessDamageSecondClientHello) {
client_->CheckErrorCode(SSL_ERROR_BAD_MAC_READ);
}
+// Stream because SSL_SendSessionTicket only supports that.
+TEST_F(TlsConnectStreamTls13, SecondClientHelloSendSameTicket) {
+ // This simulates the scenario described at:
+ // https://bugzilla.mozilla.org/show_bug.cgi?id=1481271#c7
+ //
+ // Here two connections are interleaved. Tickets are issued on one
+ // connection. A HelloRetryRequest is triggered on the second connection,
+ // meaning that there are two ClientHellos. We need to check that both
+ // ClientHellos have the same ticket, even if a new ticket is issued on the
+ // other connection in the meantime.
+ //
+ // Connection 1: <handshake>
+ // Connection 1: S->C: NST=X
+ // Connection 2: C->S: CH [PSK_ID=X]
+ // Connection 1: S->C: NST=Y
+ // Connection 2: S->C: HRR
+ // Connection 2: C->S: CH [PSK_ID=Y]
+
+ // Connection 1, send a ticket after handshake is complete.
+ ConfigureSessionCache(RESUME_TICKET, RESUME_TICKET);
+
+ Connect();
+
+ // Set this token so that RetryHelloWithToken() will check that this
+ // is the token that it receives in the HelloRetryRequest callback.
+ EXPECT_EQ(SECSuccess,
+ SSL_SendSessionTicket(server_->ssl_fd(), kApplicationToken,
+ sizeof(kApplicationToken)));
+ SendReceive(50);
+
+ // Connection 2, trigger HRR.
+ auto client2 =
+ std::make_shared<TlsAgent>(client_->name(), TlsAgent::CLIENT, variant_);
+ auto server2 =
+ std::make_shared<TlsAgent>(server_->name(), TlsAgent::SERVER, variant_);
+
+ client2->SetPeer(server2);
+ server2->SetPeer(client2);
+
+ client_.swap(client2);
+ server_.swap(server2);
+
+ ConfigureSessionCache(RESUME_TICKET, RESUME_TICKET);
+
+ ConfigureVersion(SSL_LIBRARY_VERSION_TLS_1_3);
+
+ client_->StartConnect();
+ server_->StartConnect();
+
+ size_t cb_called = 0;
+ EXPECT_EQ(SECSuccess,
+ SSL_HelloRetryRequestCallback(server_->ssl_fd(),
+ RetryHelloWithToken, &cb_called));
+ client_->Handshake(); // Send ClientHello.
+ server_->Handshake(); // Process ClientHello, send HelloRetryRequest.
+
+ EXPECT_EQ(1U, cb_called) << "callback should be called once here";
+
+ // Connection 1, send another ticket.
+ client_.swap(client2);
+ server_.swap(server2);
+
+ // If the client uses this token, RetryHelloWithToken() will fail the test.
+ const uint8_t kAnotherApplicationToken[] = {0x92, 0x44, 0x01};
+ EXPECT_EQ(SECSuccess,
+ SSL_SendSessionTicket(server_->ssl_fd(), kAnotherApplicationToken,
+ sizeof(kAnotherApplicationToken)));
+ SendReceive(60);
+
+ // Connection 2, continue the handshake.
+ // The client should use kApplicationToken, not kAnotherApplicationToken.
+ client_.swap(client2);
+ server_.swap(server2);
+
+ client_->Handshake();
+ server_->Handshake();
+
+ EXPECT_EQ(2U, cb_called) << "callback should be called twice here";
+}
+
// Read the cipher suite from the HRR and disable it on the identified agent.
static void DisableSuiteFromHrr(
std::shared_ptr<TlsAgent>& agent,
@@ -844,10 +924,10 @@ TEST_F(TlsConnectStreamTls13, RetryWithDifferentCipherSuite) {
TLS_CHACHA20_POLY1305_SHA256);
client_->ExpectSendAlert(kTlsAlertIllegalParameter);
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
ConnectExpectFail();
EXPECT_EQ(SSL_ERROR_RX_MALFORMED_SERVER_HELLO, client_->error_code());
- EXPECT_EQ(SSL_ERROR_BAD_MAC_READ, server_->error_code());
+ EXPECT_EQ(SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE, server_->error_code());
}
// This tests that the second attempt at sending a ClientHello (after receiving
@@ -1007,14 +1087,17 @@ class HelloRetryRequestAgentTest : public TlsAgentTestClient {
// Now the supported version.
i = hrr_data.Write(i, ssl_tls13_supported_versions_xtn, 2);
i = hrr_data.Write(i, 2, 2);
- i = hrr_data.Write(i, 0x7f00 | TLS_1_3_DRAFT_VERSION, 2);
+ i = hrr_data.Write(i, (variant_ == ssl_variant_datagram)
+ ? (0x7f00 | DTLS_1_3_DRAFT_VERSION)
+ : SSL_LIBRARY_VERSION_TLS_1_3,
+ 2);
if (len) {
hrr_data.Write(i, body, len);
}
DataBuffer hrr;
MakeHandshakeMessage(kTlsHandshakeServerHello, hrr_data.data(),
hrr_data.len(), &hrr, seq_num);
- MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3, hrr.data(),
+ MakeRecord(ssl_ct_handshake, SSL_LIBRARY_VERSION_TLS_1_3, hrr.data(),
hrr.len(), hrr_record, seq_num);
}
diff --git a/security/nss/gtests/ssl_gtest/ssl_keyupdate_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_keyupdate_unittest.cc
index d03775c25..d6ac99a58 100644
--- a/security/nss/gtests/ssl_gtest/ssl_keyupdate_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_keyupdate_unittest.cc
@@ -15,7 +15,7 @@ extern "C" {
}
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
diff --git a/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc
index 5adbd9dc7..12c2496a6 100644
--- a/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc
@@ -18,7 +18,7 @@ extern "C" {
}
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
@@ -65,7 +65,7 @@ class TlsAlertRecorder : public TlsRecordFilter {
if (level_ != 255) { // Already captured.
return KEEP;
}
- if (header.content_type() != kTlsAlertType) {
+ if (header.content_type() != ssl_ct_alert) {
return KEEP;
}
@@ -130,7 +130,7 @@ TEST_P(TlsConnectTls13, CaptureAlertClient) {
client_->Handshake();
if (variant_ == ssl_variant_stream) {
// DTLS just drops the alert it can't decrypt.
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
}
server_->Handshake();
EXPECT_EQ(kTlsAlertFatal, alert_recorder->level());
@@ -320,6 +320,53 @@ TEST_F(TlsConnectStreamTls13, DropRecordClient) {
SendReceive();
}
+// Check that a server can use 0.5 RTT if client authentication isn't enabled.
+TEST_P(TlsConnectTls13, WriteBeforeClientFinished) {
+ EnsureTlsSetup();
+ StartConnect();
+ client_->Handshake(); // ClientHello
+ server_->Handshake(); // ServerHello
+
+ server_->SendData(10);
+ client_->ReadBytes(10); // Client should emit the Finished as a side-effect.
+ server_->Handshake(); // Server consumes the Finished.
+ CheckConnected();
+}
+
+// We don't allow 0.5 RTT if client authentication is requested.
+TEST_P(TlsConnectTls13, WriteBeforeClientFinishedClientAuth) {
+ client_->SetupClientAuth();
+ server_->RequestClientAuth(false);
+ StartConnect();
+ client_->Handshake(); // ClientHello
+ server_->Handshake(); // ServerHello
+
+ static const uint8_t data[] = {1, 2, 3};
+ EXPECT_GT(0, PR_Write(server_->ssl_fd(), data, sizeof(data)));
+ EXPECT_EQ(PR_WOULD_BLOCK_ERROR, PORT_GetError());
+
+ Handshake();
+ CheckConnected();
+ SendReceive();
+}
+
+// 0.5 RTT should fail with client authentication required.
+TEST_P(TlsConnectTls13, WriteBeforeClientFinishedClientAuthRequired) {
+ client_->SetupClientAuth();
+ server_->RequestClientAuth(true);
+ StartConnect();
+ client_->Handshake(); // ClientHello
+ server_->Handshake(); // ServerHello
+
+ static const uint8_t data[] = {1, 2, 3};
+ EXPECT_GT(0, PR_Write(server_->ssl_fd(), data, sizeof(data)));
+ EXPECT_EQ(PR_WOULD_BLOCK_ERROR, PORT_GetError());
+
+ Handshake();
+ CheckConnected();
+ SendReceive();
+}
+
// The next two tests takes advantage of the fact that we
// automatically read the first 1024 bytes, so if
// we provide 1200 bytes, they overrun the read buffer
@@ -426,13 +473,15 @@ class TlsPreCCSHeaderInjector : public TlsRecordFilter {
virtual PacketFilter::Action FilterRecord(
const TlsRecordHeader& record_header, const DataBuffer& input,
size_t* offset, DataBuffer* output) override {
- if (record_header.content_type() != kTlsChangeCipherSpecType) return KEEP;
+ if (record_header.content_type() != ssl_ct_change_cipher_spec) {
+ return KEEP;
+ }
std::cerr << "Injecting Finished header before CCS\n";
const uint8_t hhdr[] = {kTlsHandshakeFinished, 0x00, 0x00, 0x0c};
DataBuffer hhdr_buf(hhdr, sizeof(hhdr));
TlsRecordHeader nhdr(record_header.variant(), record_header.version(),
- kTlsHandshakeType, 0);
+ ssl_ct_handshake, 0);
*offset = nhdr.Write(output, *offset, hhdr_buf);
*offset = record_header.Write(output, *offset, input);
return CHANGE;
@@ -477,6 +526,26 @@ TEST_P(TlsConnectTls13, AlertWrongLevel) {
client_->WaitForErrorCode(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT, 2000);
}
+TEST_P(TlsConnectTls13, UnknownRecord) {
+ static const uint8_t kUknownRecord[] = {
+ 0xff, SSL_LIBRARY_VERSION_TLS_1_2 >> 8,
+ SSL_LIBRARY_VERSION_TLS_1_2 & 0xff, 0, 0};
+
+ Connect();
+ if (variant_ == ssl_variant_stream) {
+ // DTLS just drops the record with an invalid type.
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
+ }
+ client_->SendDirect(DataBuffer(kUknownRecord, sizeof(kUknownRecord)));
+ server_->ExpectReadWriteError();
+ server_->ReadBytes();
+ if (variant_ == ssl_variant_stream) {
+ EXPECT_EQ(SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE, server_->error_code());
+ } else {
+ EXPECT_EQ(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE, server_->error_code());
+ }
+}
+
TEST_F(TlsConnectStreamTls13, Tls13FailedWriteSecondFlight) {
EnsureTlsSetup();
StartConnect();
@@ -539,6 +608,126 @@ TEST_F(TlsConnectTest, OneNRecordSplitting) {
EXPECT_EQ(ExpectedCbcLen(20), records->record(2).buffer.len());
}
+// We can't test for randomness easily here, but we can test that we don't
+// produce a zero value, or produce the same value twice. There are 5 values
+// here: two ClientHello.random, two ServerHello.random, and one zero value.
+// Matrix them and fail if any are the same.
+TEST_P(TlsConnectGeneric, CheckRandoms) {
+ ConfigureSessionCache(RESUME_NONE, RESUME_NONE);
+
+ static const size_t random_len = 32;
+ uint8_t crandom1[random_len], srandom1[random_len];
+ uint8_t z[random_len] = {0};
+
+ auto ch = MakeTlsFilter<TlsHandshakeRecorder>(client_, ssl_hs_client_hello);
+ auto sh = MakeTlsFilter<TlsHandshakeRecorder>(server_, ssl_hs_server_hello);
+ Connect();
+ ASSERT_TRUE(ch->buffer().len() > (random_len + 2));
+ ASSERT_TRUE(sh->buffer().len() > (random_len + 2));
+ memcpy(crandom1, ch->buffer().data() + 2, random_len);
+ memcpy(srandom1, sh->buffer().data() + 2, random_len);
+ EXPECT_NE(0, memcmp(crandom1, srandom1, random_len));
+ EXPECT_NE(0, memcmp(crandom1, z, random_len));
+ EXPECT_NE(0, memcmp(srandom1, z, random_len));
+
+ Reset();
+ ch = MakeTlsFilter<TlsHandshakeRecorder>(client_, ssl_hs_client_hello);
+ sh = MakeTlsFilter<TlsHandshakeRecorder>(server_, ssl_hs_server_hello);
+ Connect();
+ ASSERT_TRUE(ch->buffer().len() > (random_len + 2));
+ ASSERT_TRUE(sh->buffer().len() > (random_len + 2));
+ const uint8_t* crandom2 = ch->buffer().data() + 2;
+ const uint8_t* srandom2 = sh->buffer().data() + 2;
+
+ EXPECT_NE(0, memcmp(crandom2, srandom2, random_len));
+ EXPECT_NE(0, memcmp(crandom2, z, random_len));
+ EXPECT_NE(0, memcmp(srandom2, z, random_len));
+
+ EXPECT_NE(0, memcmp(crandom1, crandom2, random_len));
+ EXPECT_NE(0, memcmp(crandom1, srandom2, random_len));
+ EXPECT_NE(0, memcmp(srandom1, crandom2, random_len));
+ EXPECT_NE(0, memcmp(srandom1, srandom2, random_len));
+}
+
+void FailOnCloseNotify(const PRFileDesc* fd, void* arg, const SSLAlert* alert) {
+ ADD_FAILURE() << "received alert " << alert->description;
+}
+
+void CheckCloseNotify(const PRFileDesc* fd, void* arg, const SSLAlert* alert) {
+ *reinterpret_cast<bool*>(arg) = true;
+ EXPECT_EQ(close_notify, alert->description);
+ EXPECT_EQ(alert_warning, alert->level);
+}
+
+TEST_P(TlsConnectGeneric, ShutdownOneSide) {
+ Connect();
+
+ // Setup to check alerts.
+ EXPECT_EQ(SECSuccess, SSL_AlertSentCallback(server_->ssl_fd(),
+ FailOnCloseNotify, nullptr));
+ EXPECT_EQ(SECSuccess, SSL_AlertReceivedCallback(client_->ssl_fd(),
+ FailOnCloseNotify, nullptr));
+
+ bool client_sent = false;
+ EXPECT_EQ(SECSuccess, SSL_AlertSentCallback(client_->ssl_fd(),
+ CheckCloseNotify, &client_sent));
+ bool server_received = false;
+ EXPECT_EQ(SECSuccess,
+ SSL_AlertReceivedCallback(server_->ssl_fd(), CheckCloseNotify,
+ &server_received));
+ EXPECT_EQ(PR_SUCCESS, PR_Shutdown(client_->ssl_fd(), PR_SHUTDOWN_SEND));
+
+ // Make sure that the server reads out the close_notify.
+ uint8_t buf[10];
+ EXPECT_EQ(0, PR_Read(server_->ssl_fd(), buf, sizeof(buf)));
+
+ // Reading and writing should still work in the one open direction.
+ EXPECT_TRUE(client_sent);
+ EXPECT_TRUE(server_received);
+ server_->SendData(10, 10);
+ client_->ReadBytes(10);
+
+ // Now close the other side and do the same checks.
+ bool server_sent = false;
+ EXPECT_EQ(SECSuccess, SSL_AlertSentCallback(server_->ssl_fd(),
+ CheckCloseNotify, &server_sent));
+ bool client_received = false;
+ EXPECT_EQ(SECSuccess,
+ SSL_AlertReceivedCallback(client_->ssl_fd(), CheckCloseNotify,
+ &client_received));
+ EXPECT_EQ(PR_SUCCESS, PR_Shutdown(server_->ssl_fd(), PR_SHUTDOWN_SEND));
+
+ EXPECT_EQ(0, PR_Read(client_->ssl_fd(), buf, sizeof(buf)));
+ EXPECT_TRUE(server_sent);
+ EXPECT_TRUE(client_received);
+}
+
+TEST_P(TlsConnectGeneric, ShutdownOneSideThenCloseTcp) {
+ Connect();
+
+ bool client_sent = false;
+ EXPECT_EQ(SECSuccess, SSL_AlertSentCallback(client_->ssl_fd(),
+ CheckCloseNotify, &client_sent));
+ bool server_received = false;
+ EXPECT_EQ(SECSuccess,
+ SSL_AlertReceivedCallback(server_->ssl_fd(), CheckCloseNotify,
+ &server_received));
+ EXPECT_EQ(PR_SUCCESS, PR_Shutdown(client_->ssl_fd(), PR_SHUTDOWN_SEND));
+
+ // Make sure that the server reads out the close_notify.
+ uint8_t buf[10];
+ EXPECT_EQ(0, PR_Read(server_->ssl_fd(), buf, sizeof(buf)));
+
+ // Now simulate the underlying connection closing.
+ client_->adapter()->Reset();
+
+ // Now close the other side and see that things don't explode.
+ EXPECT_EQ(PR_SUCCESS, PR_Shutdown(server_->ssl_fd(), PR_SHUTDOWN_SEND));
+
+ EXPECT_GT(0, PR_Read(client_->ssl_fd(), buf, sizeof(buf)));
+ EXPECT_EQ(PR_NOT_CONNECTED_ERROR, PR_GetError());
+}
+
INSTANTIATE_TEST_CASE_P(
GenericStream, TlsConnectGeneric,
::testing::Combine(TlsConnectTestBase::kTlsVariantsStream,
diff --git a/security/nss/gtests/ssl_gtest/ssl_record_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_record_unittest.cc
index 53b11c61a..f1e85e898 100644
--- a/security/nss/gtests/ssl_gtest/ssl_record_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_record_unittest.cc
@@ -111,7 +111,7 @@ class RecordReplacer : public TlsRecordFilter {
PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
const DataBuffer& data,
DataBuffer* changed) override {
- EXPECT_EQ(kTlsApplicationDataType, header.content_type());
+ EXPECT_EQ(ssl_ct_application_data, header.content_type());
changed->Allocate(size_);
for (size_t i = 0; i < size_; ++i) {
diff --git a/security/nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc
index 00651aec5..0a54ae1a8 100644
--- a/security/nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc
@@ -10,7 +10,7 @@
#include "sslproto.h"
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
@@ -34,7 +34,7 @@ class TlsRecordMaximum : public TlsRecordFilter {
DataBuffer* output) override {
std::cerr << "max: " << record << std::endl;
// Ignore unprotected packets.
- if (header.content_type() != kTlsApplicationDataType) {
+ if (header.content_type() != ssl_ct_application_data) {
return KEEP;
}
@@ -187,7 +187,7 @@ class TlsRecordExpander : public TlsRecordFilter {
virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
const DataBuffer& data,
DataBuffer* changed) {
- if (header.content_type() != kTlsApplicationDataType) {
+ if (header.content_type() != ssl_ct_application_data) {
return KEEP;
}
changed->Allocate(data.len() + expansion_);
@@ -252,7 +252,7 @@ class TlsRecordPadder : public TlsRecordFilter {
PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
const DataBuffer& record, size_t* offset,
DataBuffer* output) override {
- if (header.content_type() != kTlsApplicationDataType) {
+ if (header.content_type() != ssl_ct_application_data) {
return KEEP;
}
@@ -262,7 +262,7 @@ class TlsRecordPadder : public TlsRecordFilter {
return KEEP;
}
- if (inner_content_type != kTlsApplicationDataType) {
+ if (inner_content_type != ssl_ct_application_data) {
return KEEP;
}
diff --git a/security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc
index 2cc98a327..264bde67f 100644
--- a/security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc
@@ -18,7 +18,8 @@ extern "C" {
}
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
+#include "scoped_ptrs_ssl.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
@@ -171,21 +172,143 @@ TEST_P(TlsConnectGenericResumption, ConnectResumeClientNoneServerBoth) {
SendReceive();
}
-TEST_P(TlsConnectGenericPre13, ConnectResumeWithHigherVersion) {
+TEST_P(TlsConnectGenericPre13, ResumeWithHigherVersionTls13) {
+ uint16_t lower_version = version_;
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
+ Connect();
+ SendReceive();
+ CheckKeys();
+
+ Reset();
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
+ EnsureTlsSetup();
+ auto psk_ext = std::make_shared<TlsExtensionCapture>(
+ client_, ssl_tls13_pre_shared_key_xtn);
+ auto ticket_ext =
+ std::make_shared<TlsExtensionCapture>(client_, ssl_session_ticket_xtn);
+ client_->SetFilter(std::make_shared<ChainedPacketFilter>(
+ ChainedPacketFilterInit({psk_ext, ticket_ext})));
+ SetExpectedVersion(SSL_LIBRARY_VERSION_TLS_1_3);
+ client_->SetVersionRange(lower_version, SSL_LIBRARY_VERSION_TLS_1_3);
+ server_->SetVersionRange(lower_version, SSL_LIBRARY_VERSION_TLS_1_3);
+ ExpectResumption(RESUME_NONE);
+ Connect();
+
+ // The client shouldn't have sent a PSK, though it will send a ticket.
+ EXPECT_FALSE(psk_ext->captured());
+ EXPECT_TRUE(ticket_ext->captured());
+}
+
+class CaptureSessionId : public TlsHandshakeFilter {
+ public:
+ CaptureSessionId(const std::shared_ptr<TlsAgent>& a)
+ : TlsHandshakeFilter(
+ a, {kTlsHandshakeClientHello, kTlsHandshakeServerHello}),
+ sid_() {}
+
+ const DataBuffer& sid() const { return sid_; }
+
+ protected:
+ PacketFilter::Action FilterHandshake(const HandshakeHeader& header,
+ const DataBuffer& input,
+ DataBuffer* output) override {
+ // The session_id is in the same place in both Hello messages:
+ size_t offset = 2 + 32; // Version(2) + Random(32)
+ uint32_t len = 0;
+ EXPECT_TRUE(input.Read(offset, 1, &len));
+ offset++;
+ if (input.len() < offset + len) {
+ ADD_FAILURE() << "session_id overflows the Hello message";
+ return KEEP;
+ }
+ sid_.Assign(input.data() + offset, len);
+ return KEEP;
+ }
+
+ private:
+ DataBuffer sid_;
+};
+
+// Attempting to resume from TLS 1.2 when 1.3 is possible should not result in
+// resumption, though it will appear to be TLS 1.3 compatibility mode if the
+// server uses a session ID.
+TEST_P(TlsConnectGenericPre13, ResumeWithHigherVersionTls13SessionId) {
+ uint16_t lower_version = version_;
ConfigureSessionCache(RESUME_SESSIONID, RESUME_SESSIONID);
- ConfigureVersion(SSL_LIBRARY_VERSION_TLS_1_1);
- SetExpectedVersion(SSL_LIBRARY_VERSION_TLS_1_1);
+ auto original_sid = MakeTlsFilter<CaptureSessionId>(server_);
+ Connect();
+ CheckKeys();
+ EXPECT_EQ(32U, original_sid->sid().len());
+
+ // The client should now attempt to resume with the session ID from the last
+ // connection. This looks like compatibility mode, we just want to ensure
+ // that we get TLS 1.3 rather than 1.2 (and no resumption).
+ Reset();
+ auto client_sid = MakeTlsFilter<CaptureSessionId>(client_);
+ auto server_sid = MakeTlsFilter<CaptureSessionId>(server_);
+ ConfigureSessionCache(RESUME_SESSIONID, RESUME_SESSIONID);
+ SetExpectedVersion(SSL_LIBRARY_VERSION_TLS_1_3);
+ client_->SetVersionRange(lower_version, SSL_LIBRARY_VERSION_TLS_1_3);
+ server_->SetVersionRange(lower_version, SSL_LIBRARY_VERSION_TLS_1_3);
+ ExpectResumption(RESUME_NONE);
+
+ Connect();
+ SendReceive();
+
+ EXPECT_EQ(client_sid->sid(), original_sid->sid());
+ if (variant_ == ssl_variant_stream) {
+ EXPECT_EQ(client_sid->sid(), server_sid->sid());
+ } else {
+ // DTLS servers don't echo the session ID.
+ EXPECT_EQ(0U, server_sid->sid().len());
+ }
+}
+
+TEST_P(TlsConnectPre12, ResumeWithHigherVersionTls12) {
+ uint16_t lower_version = version_;
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
Connect();
Reset();
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
EnsureTlsSetup();
- SetExpectedVersion(SSL_LIBRARY_VERSION_TLS_1_2);
- client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1,
- SSL_LIBRARY_VERSION_TLS_1_2);
- server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1,
- SSL_LIBRARY_VERSION_TLS_1_2);
+ SetExpectedVersion(SSL_LIBRARY_VERSION_TLS_1_3);
+ client_->SetVersionRange(lower_version, SSL_LIBRARY_VERSION_TLS_1_3);
+ server_->SetVersionRange(lower_version, SSL_LIBRARY_VERSION_TLS_1_3);
+ ExpectResumption(RESUME_NONE);
+ Connect();
+}
+
+TEST_P(TlsConnectGenericPre13, ResumeWithLowerVersionFromTls13) {
+ uint16_t original_version = version_;
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
+ ConfigureVersion(SSL_LIBRARY_VERSION_TLS_1_3);
+ Connect();
+ SendReceive();
+ CheckKeys();
+
+ Reset();
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
+ ConfigureVersion(original_version);
ExpectResumption(RESUME_NONE);
Connect();
+ SendReceive();
+}
+
+TEST_P(TlsConnectPre12, ResumeWithLowerVersionFromTls12) {
+ uint16_t original_version = version_;
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
+ ConfigureVersion(SSL_LIBRARY_VERSION_TLS_1_2);
+ Connect();
+ SendReceive();
+ CheckKeys();
+
+ Reset();
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
+ ConfigureVersion(original_version);
+ ExpectResumption(RESUME_NONE);
+ Connect();
+ SendReceive();
}
TEST_P(TlsConnectGeneric, ConnectResumeClientBothTicketServerTicketForget) {
@@ -276,8 +399,13 @@ TEST_P(TlsConnectGeneric, ConnectResumeCorruptTicket) {
ASSERT_NE(nullptr, hmac_key);
SSLInt_SetSelfEncryptMacKey(hmac_key);
ConfigureSessionCache(RESUME_BOTH, RESUME_TICKET);
- ConnectExpectAlert(server_, illegal_parameter);
- server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO);
+ if (version_ >= SSL_LIBRARY_VERSION_TLS_1_3) {
+ ExpectResumption(RESUME_NONE);
+ Connect();
+ } else {
+ ConnectExpectAlert(server_, illegal_parameter);
+ server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO);
+ }
}
// This callback switches out the "server" cert used on the server with
@@ -394,6 +522,64 @@ TEST_P(TlsConnectTls13, TestTls13ResumeDifferentGroup) {
ssl_sig_rsa_pss_rsae_sha256);
}
+// Verify that TLS 1.3 server doesn't request certificate in the main
+// handshake, after resumption.
+TEST_P(TlsConnectTls13, TestTls13ResumeNoCertificateRequest) {
+ ConfigureSessionCache(RESUME_BOTH, RESUME_TICKET);
+ client_->SetupClientAuth();
+ server_->RequestClientAuth(true);
+ Connect();
+ SendReceive(); // Need to read so that we absorb the session ticket.
+ ScopedCERTCertificate cert1(SSL_LocalCertificate(client_->ssl_fd()));
+
+ Reset();
+ ConfigureSessionCache(RESUME_BOTH, RESUME_TICKET);
+ ExpectResumption(RESUME_TICKET);
+ server_->RequestClientAuth(false);
+ auto cr_capture =
+ MakeTlsFilter<TlsHandshakeRecorder>(server_, ssl_hs_certificate_request);
+ cr_capture->EnableDecryption();
+ Connect();
+ SendReceive();
+ EXPECT_EQ(0U, cr_capture->buffer().len()) << "expect nothing captured yet";
+
+ // Sanity check whether the client certificate matches the one
+ // decrypted from ticket.
+ ScopedCERTCertificate cert2(SSL_PeerCertificate(server_->ssl_fd()));
+ EXPECT_TRUE(SECITEM_ItemsAreEqual(&cert1->derCert, &cert2->derCert));
+}
+
+// Here we test that 0.5 RTT is available at the server when resuming, even if
+// configured to request a client certificate. The resumed handshake relies on
+// the authentication from the original handshake, so no certificate is
+// requested this time around. The server can write before the handshake
+// completes because the PSK binder is sufficient authentication for the client.
+TEST_P(TlsConnectTls13, WriteBeforeHandshakeCompleteOnResumption) {
+ ConfigureSessionCache(RESUME_BOTH, RESUME_TICKET);
+ client_->SetupClientAuth();
+ server_->RequestClientAuth(true);
+ Connect();
+ SendReceive(); // Absorb the session ticket.
+ ScopedCERTCertificate cert1(SSL_LocalCertificate(client_->ssl_fd()));
+
+ Reset();
+ ConfigureSessionCache(RESUME_BOTH, RESUME_TICKET);
+ ExpectResumption(RESUME_TICKET);
+ server_->RequestClientAuth(false);
+ StartConnect();
+ client_->Handshake(); // ClientHello
+ server_->Handshake(); // ServerHello
+
+ server_->SendData(10);
+ client_->ReadBytes(10); // Client should emit the Finished as a side-effect.
+ server_->Handshake(); // Server consumes the Finished.
+ CheckConnected();
+
+ // Check whether the client certificate matches the one from the ticket.
+ ScopedCERTCertificate cert2(SSL_PeerCertificate(server_->ssl_fd()));
+ EXPECT_TRUE(SECITEM_ItemsAreEqual(&cert1->derCert, &cert2->derCert));
+}
+
// We need to enable different cipher suites at different times in the following
// tests. Those cipher suites need to be suited to the version.
static uint16_t ChooseOneCipher(uint16_t version) {
@@ -467,7 +653,7 @@ TEST_P(TlsConnectStream, TestResumptionOverrideCipher) {
if (version_ >= SSL_LIBRARY_VERSION_TLS_1_3) {
client_->ExpectSendAlert(kTlsAlertIllegalParameter);
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
} else {
ExpectAlert(client_, kTlsAlertHandshakeFailure);
}
@@ -476,7 +662,7 @@ TEST_P(TlsConnectStream, TestResumptionOverrideCipher) {
if (version_ >= SSL_LIBRARY_VERSION_TLS_1_3) {
// The reason this test is stream only: the server is unable to decrypt
// the alert that the client sends, see bug 1304603.
- server_->CheckErrorCode(SSL_ERROR_BAD_MAC_READ);
+ server_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE);
} else {
server_->CheckErrorCode(SSL_ERROR_HANDSHAKE_FAILURE_ALERT);
}
@@ -760,6 +946,36 @@ TEST_F(TlsConnectDatagram13, SendSessionTicketDtls) {
EXPECT_EQ(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION, PORT_GetError());
}
+TEST_F(TlsConnectStreamTls13, ExternalResumptionUseSecondTicket) {
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
+ ConfigureVersion(SSL_LIBRARY_VERSION_TLS_1_3);
+
+ struct ResumptionTicketState {
+ std::vector<uint8_t> ticket;
+ size_t invoked = 0;
+ } ticket_state;
+ auto cb = [](PRFileDesc* fd, const PRUint8* ticket, unsigned int ticket_len,
+ void* arg) -> SECStatus {
+ auto state = reinterpret_cast<ResumptionTicketState*>(arg);
+ state->ticket.assign(ticket, ticket + ticket_len);
+ state->invoked++;
+ return SECSuccess;
+ };
+ SSL_SetResumptionTokenCallback(client_->ssl_fd(), cb, &ticket_state);
+
+ Connect();
+ EXPECT_EQ(SECSuccess, SSL_SendSessionTicket(server_->ssl_fd(), nullptr, 0));
+ SendReceive();
+ EXPECT_EQ(2U, ticket_state.invoked);
+
+ Reset();
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
+ client_->SetResumptionToken(ticket_state.ticket);
+ ExpectResumption(RESUME_TICKET);
+ Connect();
+ SendReceive();
+}
+
TEST_F(TlsConnectTest, TestTls13ResumptionDowngrade) {
ConfigureSessionCache(RESUME_BOTH, RESUME_TICKET);
ConfigureVersion(SSL_LIBRARY_VERSION_TLS_1_3);
@@ -830,10 +1046,10 @@ TEST_F(TlsConnectTest, TestTls13ResumptionForcedDowngrade) {
// client expects to receive an unencrypted TLS 1.2 Certificate message.
// The server can't decrypt the alert.
client_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
- server_->ExpectSendAlert(kTlsAlertBadRecordMac); // Server can't read
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage); // Server can't read
ConnectExpectFail();
client_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA);
- server_->CheckErrorCode(SSL_ERROR_BAD_MAC_READ);
+ server_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE);
}
TEST_P(TlsConnectGenericResumption, ReConnectTicket) {
@@ -908,6 +1124,36 @@ void CheckGetInfoResult(uint32_t alpnSize, uint32_t earlyDataSize,
EXPECT_EQ(0, memcmp("a", token->alpnSelection, token->alpnSelectionLen));
ASSERT_EQ(earlyDataSize, token->maxEarlyDataSize);
+
+ ASSERT_LT(ssl_TimeUsec(), token->expirationTime);
+}
+
+// The client should generate a new, randomized session_id
+// when resuming using an external token.
+TEST_P(TlsConnectGenericResumptionToken, CheckSessionId) {
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
+ auto original_sid = MakeTlsFilter<CaptureSessionId>(client_);
+ Connect();
+ SendReceive();
+
+ Reset();
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
+ ExpectResumption(RESUME_TICKET);
+
+ StartConnect();
+ ASSERT_TRUE(client_->MaybeSetResumptionToken());
+ auto resumed_sid = MakeTlsFilter<CaptureSessionId>(client_);
+
+ Handshake();
+ CheckConnected();
+ SendReceive();
+
+ if (version_ < SSL_LIBRARY_VERSION_TLS_1_3) {
+ EXPECT_NE(resumed_sid->sid(), original_sid->sid());
+ EXPECT_EQ(32U, resumed_sid->sid().len());
+ } else {
+ EXPECT_EQ(0U, resumed_sid->sid().len());
+ }
}
TEST_P(TlsConnectGenericResumptionToken, ConnectResumeGetInfo) {
@@ -1026,4 +1272,34 @@ TEST_P(TlsConnectGenericResumption, ConnectResumeClientAuth) {
SendReceive();
}
+TEST_F(TlsConnectStreamTls13, ExternalTokenAfterHrr) {
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
+ Connect();
+ SendReceive();
+
+ Reset();
+ ConfigureSessionCache(RESUME_BOTH, RESUME_BOTH);
+ ExpectResumption(RESUME_TICKET);
+
+ static const std::vector<SSLNamedGroup> groups = {ssl_grp_ec_secp384r1,
+ ssl_grp_ec_secp521r1};
+ server_->ConfigNamedGroups(groups);
+
+ StartConnect();
+ ASSERT_TRUE(client_->MaybeSetResumptionToken());
+
+ client_->Handshake(); // Send ClientHello.
+ server_->Handshake(); // Process ClientHello, send HelloRetryRequest.
+
+ auto& token = client_->GetResumptionToken();
+ SECStatus rv =
+ SSL_SetResumptionToken(client_->ssl_fd(), token.data(), token.size());
+ ASSERT_EQ(SECFailure, rv);
+ ASSERT_EQ(SEC_ERROR_INVALID_ARGS, PORT_GetError());
+
+ Handshake();
+ CheckConnected();
+ SendReceive();
+}
+
} // namespace nss_test
diff --git a/security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc
index 9ef19653b..3ed42e86b 100644
--- a/security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc
@@ -32,7 +32,7 @@ class TlsHandshakeSkipFilter : public TlsRecordFilter {
virtual PacketFilter::Action FilterRecord(
const TlsRecordHeader& record_header, const DataBuffer& input,
DataBuffer* output) {
- if (record_header.content_type() != kTlsHandshakeType) {
+ if (record_header.content_type() != ssl_ct_handshake) {
return KEEP;
}
diff --git a/security/nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc
index ff4091b9a..abddaa5b6 100644
--- a/security/nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc
@@ -17,7 +17,7 @@ extern "C" {
}
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
diff --git a/security/nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc
index 42f1065f6..ecb63d476 100644
--- a/security/nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc
@@ -82,7 +82,7 @@ class Tls13CompatTest : public TlsConnectStreamTls13 {
// Only the second record can be a CCS.
bool expected_match = expected && (i == 1);
EXPECT_EQ(expected_match,
- kTlsChangeCipherSpecType ==
+ ssl_ct_change_cipher_spec ==
records_->record(i).header.content_type());
}
}
@@ -299,15 +299,15 @@ TEST_F(TlsConnectTest, TLS13NonCompatModeSessionID) {
MakeTlsFilter<TlsSessionIDInjectFilter>(server_);
client_->ExpectSendAlert(kTlsAlertIllegalParameter);
- server_->ExpectSendAlert(kTlsAlertBadRecordMac);
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
ConnectExpectFail();
client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO);
- server_->CheckErrorCode(SSL_ERROR_BAD_MAC_READ);
+ server_->CheckErrorCode(SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE);
}
static const uint8_t kCannedCcs[] = {
- kTlsChangeCipherSpecType,
+ ssl_ct_change_cipher_spec,
SSL_LIBRARY_VERSION_TLS_1_2 >> 8,
SSL_LIBRARY_VERSION_TLS_1_2 & 0xff,
0,
@@ -362,6 +362,19 @@ TEST_F(TlsConnectStreamTls13, ChangeCipherSpecBeforeClientHello12) {
client_->CheckErrorCode(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT);
}
+TEST_F(TlsConnectStreamTls13, ChangeCipherSpecAfterFinished13) {
+ EnsureTlsSetup();
+ ConfigureVersion(SSL_LIBRARY_VERSION_TLS_1_3);
+ Connect();
+ SendReceive(10);
+ // Client sends CCS after the handshake.
+ client_->SendDirect(DataBuffer(kCannedCcs, sizeof(kCannedCcs)));
+ server_->ExpectSendAlert(kTlsAlertUnexpectedMessage);
+ server_->ExpectReadWriteError();
+ server_->ReadBytes();
+ EXPECT_EQ(SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE, server_->error_code());
+}
+
TEST_F(TlsConnectDatagram13, CompatModeDtlsClient) {
EnsureTlsSetup();
client_->SetOption(SSL_ENABLE_TLS13_COMPAT_MODE, PR_TRUE);
@@ -370,14 +383,14 @@ TEST_F(TlsConnectDatagram13, CompatModeDtlsClient) {
Connect();
ASSERT_EQ(2U, client_records->count()); // CH, Fin
- EXPECT_EQ(kTlsHandshakeType, client_records->record(0).header.content_type());
- EXPECT_EQ(kTlsApplicationDataType,
+ EXPECT_EQ(ssl_ct_handshake, client_records->record(0).header.content_type());
+ EXPECT_EQ(ssl_ct_application_data,
client_records->record(1).header.content_type());
ASSERT_EQ(6U, server_records->count()); // SH, EE, CT, CV, Fin, Ack
- EXPECT_EQ(kTlsHandshakeType, server_records->record(0).header.content_type());
+ EXPECT_EQ(ssl_ct_handshake, server_records->record(0).header.content_type());
for (size_t i = 1; i < server_records->count(); ++i) {
- EXPECT_EQ(kTlsApplicationDataType,
+ EXPECT_EQ(ssl_ct_application_data,
server_records->record(i).header.content_type());
}
}
@@ -422,12 +435,12 @@ TEST_F(TlsConnectDatagram13, CompatModeDtlsServer) {
client_->Handshake();
ASSERT_EQ(1U, client_records->count());
- EXPECT_EQ(kTlsHandshakeType, client_records->record(0).header.content_type());
+ EXPECT_EQ(ssl_ct_handshake, client_records->record(0).header.content_type());
ASSERT_EQ(5U, server_records->count()); // SH, EE, CT, CV, Fin
- EXPECT_EQ(kTlsHandshakeType, server_records->record(0).header.content_type());
+ EXPECT_EQ(ssl_ct_handshake, server_records->record(0).header.content_type());
for (size_t i = 1; i < server_records->count(); ++i) {
- EXPECT_EQ(kTlsApplicationDataType,
+ EXPECT_EQ(ssl_ct_application_data,
server_records->record(i).header.content_type());
}
diff --git a/security/nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc
index 100595732..cafbcce68 100644
--- a/security/nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc
@@ -151,6 +151,7 @@ class SSLv2ClientHelloTestF : public TlsConnectTestBase {
void SetUp() override {
TlsConnectTestBase::SetUp();
filter_ = MakeTlsFilter<SSLv2ClientHelloFilter>(client_, version_);
+ server_->SetOption(SSL_ENABLE_V2_COMPATIBLE_HELLO, PR_TRUE);
}
void SetExpectedVersion(uint16_t version) {
@@ -197,6 +198,27 @@ TEST_P(SSLv2ClientHelloTest, Connect) {
Connect();
}
+TEST_P(SSLv2ClientHelloTest, ConnectDisabled) {
+ server_->SetOption(SSL_ENABLE_V2_COMPATIBLE_HELLO, PR_FALSE);
+ SetAvailableCipherSuite(TLS_DHE_RSA_WITH_AES_128_CBC_SHA);
+
+ StartConnect();
+ client_->Handshake(); // Send the modified ClientHello.
+ server_->Handshake(); // Read some.
+ // The problem here is that the v2 ClientHello puts the version where the v3
+ // ClientHello puts a version number. So the version number (0x0301+) appears
+ // to be a length and server blocks waiting for that much data.
+ EXPECT_EQ(PR_WOULD_BLOCK_ERROR, PORT_GetError());
+
+ // This is usually what happens with v2-compatible: the server hangs.
+ // But to be certain, feed in more data to see if an error comes out.
+ uint8_t zeros[SSL_LIBRARY_VERSION_TLS_1_2] = {0};
+ client_->SendDirect(DataBuffer(zeros, sizeof(zeros)));
+ ExpectAlert(server_, kTlsAlertIllegalParameter);
+ server_->Handshake();
+ client_->Handshake();
+}
+
// Sending a v2 ClientHello after a no-op v3 record must fail.
TEST_P(SSLv2ClientHelloTest, ConnectAfterEmptyV3Record) {
DataBuffer buffer;
@@ -328,6 +350,30 @@ TEST_P(SSLv2ClientHelloTest, RequireSafeRenegotiationWithSCSV) {
Connect();
}
+TEST_P(SSLv2ClientHelloTest, CheckServerRandom) {
+ ConfigureSessionCache(RESUME_NONE, RESUME_NONE);
+ SetAvailableCipherSuite(TLS_DHE_RSA_WITH_AES_128_CBC_SHA);
+
+ static const size_t random_len = 32;
+ uint8_t srandom1[random_len];
+ uint8_t z[random_len] = {0};
+
+ auto sh = MakeTlsFilter<TlsHandshakeRecorder>(server_, ssl_hs_server_hello);
+ Connect();
+ ASSERT_TRUE(sh->buffer().len() > (random_len + 2));
+ memcpy(srandom1, sh->buffer().data() + 2, random_len);
+ EXPECT_NE(0, memcmp(srandom1, z, random_len));
+
+ Reset();
+ sh = MakeTlsFilter<TlsHandshakeRecorder>(server_, ssl_hs_server_hello);
+ Connect();
+ ASSERT_TRUE(sh->buffer().len() > (random_len + 2));
+ const uint8_t* srandom2 = sh->buffer().data() + 2;
+
+ EXPECT_NE(0, memcmp(srandom2, z, random_len));
+ EXPECT_NE(0, memcmp(srandom1, srandom2, random_len));
+}
+
// Connect to the server with TLS 1.1, signalling that this is a fallback from
// a higher version. As the server doesn't support anything higher than TLS 1.1
// it must accept the connection.
diff --git a/security/nss/gtests/ssl_gtest/ssl_version_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_version_unittest.cc
index 4e9099561..ffc0893e9 100644
--- a/security/nss/gtests/ssl_gtest/ssl_version_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_version_unittest.cc
@@ -11,7 +11,7 @@
#include "sslproto.h"
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
@@ -48,7 +48,6 @@ TEST_P(TlsConnectGeneric, ServerNegotiateTls12) {
SSL_LIBRARY_VERSION_TLS_1_2);
Connect();
}
-#ifndef TLS_1_3_DRAFT_VERSION
// Test the ServerRandom version hack from
// [draft-ietf-tls-tls13-11 Section 6.3.1.1].
@@ -56,71 +55,116 @@ TEST_P(TlsConnectGeneric, ServerNegotiateTls12) {
// two validate that we can also detect fallback using the
// SSL_SetDowngradeCheckVersion() API.
TEST_F(TlsConnectTest, TestDowngradeDetectionToTls11) {
+ client_->SetOption(SSL_ENABLE_HELLO_DOWNGRADE_CHECK, PR_TRUE);
MakeTlsFilter<TlsClientHelloVersionSetter>(client_,
SSL_LIBRARY_VERSION_TLS_1_1);
- ConnectExpectFail();
- ASSERT_EQ(SSL_ERROR_RX_MALFORMED_SERVER_HELLO, client_->error_code());
+ ConnectExpectAlert(client_, kTlsAlertIllegalParameter);
+ client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO);
+ server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT);
}
-/* Attempt to negotiate the bogus DTLS 1.1 version. */
+// Attempt to negotiate the bogus DTLS 1.1 version.
TEST_F(DtlsConnectTest, TestDtlsVersion11) {
MakeTlsFilter<TlsClientHelloVersionSetter>(client_, ((~0x0101) & 0xffff));
- ConnectExpectFail();
+ ConnectExpectAlert(server_, kTlsAlertHandshakeFailure);
// It's kind of surprising that SSL_ERROR_NO_CYPHER_OVERLAP is
// what is returned here, but this is deliberate in ssl3_HandleAlert().
- EXPECT_EQ(SSL_ERROR_NO_CYPHER_OVERLAP, client_->error_code());
- EXPECT_EQ(SSL_ERROR_UNSUPPORTED_VERSION, server_->error_code());
+ client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP);
+ server_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_VERSION);
}
-// Disabled as long as we have draft version.
TEST_F(TlsConnectTest, TestDowngradeDetectionToTls12) {
- EnsureTlsSetup();
- MakeTlsFilter<TlsClientHelloVersionSetter>(client_,
- SSL_LIBRARY_VERSION_TLS_1_2);
+ client_->SetOption(SSL_ENABLE_HELLO_DOWNGRADE_CHECK, PR_TRUE);
+ MakeTlsFilter<TlsExtensionDropper>(client_, ssl_tls13_supported_versions_xtn);
client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
SSL_LIBRARY_VERSION_TLS_1_3);
server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
SSL_LIBRARY_VERSION_TLS_1_3);
- ConnectExpectFail();
- ASSERT_EQ(SSL_ERROR_RX_MALFORMED_SERVER_HELLO, client_->error_code());
+ ConnectExpectAlert(client_, kTlsAlertIllegalParameter);
+ client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO);
+ server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT);
+}
+
+// Disabling downgrade checks will be caught when the Finished MAC check fails.
+TEST_F(TlsConnectTest, TestDisableDowngradeDetection) {
+ client_->SetOption(SSL_ENABLE_HELLO_DOWNGRADE_CHECK, PR_FALSE);
+ MakeTlsFilter<TlsExtensionDropper>(client_, ssl_tls13_supported_versions_xtn);
+ client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
+ SSL_LIBRARY_VERSION_TLS_1_3);
+ server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
+ SSL_LIBRARY_VERSION_TLS_1_3);
+ ConnectExpectAlert(server_, kTlsAlertDecryptError);
+ client_->CheckErrorCode(SSL_ERROR_DECRYPT_ERROR_ALERT);
+ server_->CheckErrorCode(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
}
// TLS 1.1 clients do not check the random values, so we should
// instead get a handshake failure alert from the server.
TEST_F(TlsConnectTest, TestDowngradeDetectionToTls10) {
+ // Setting the option here has no effect.
+ client_->SetOption(SSL_ENABLE_HELLO_DOWNGRADE_CHECK, PR_TRUE);
MakeTlsFilter<TlsClientHelloVersionSetter>(client_,
SSL_LIBRARY_VERSION_TLS_1_0);
client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_0,
SSL_LIBRARY_VERSION_TLS_1_1);
server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_0,
SSL_LIBRARY_VERSION_TLS_1_2);
- ConnectExpectFail();
- ASSERT_EQ(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE, server_->error_code());
- ASSERT_EQ(SSL_ERROR_DECRYPT_ERROR_ALERT, client_->error_code());
+ ConnectExpectAlert(server_, kTlsAlertDecryptError);
+ server_->CheckErrorCode(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
+ client_->CheckErrorCode(SSL_ERROR_DECRYPT_ERROR_ALERT);
}
TEST_F(TlsConnectTest, TestFallbackFromTls12) {
- EnsureTlsSetup();
+ client_->SetOption(SSL_ENABLE_HELLO_DOWNGRADE_CHECK, PR_TRUE);
client_->SetDowngradeCheckVersion(SSL_LIBRARY_VERSION_TLS_1_2);
client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1,
SSL_LIBRARY_VERSION_TLS_1_1);
server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1,
SSL_LIBRARY_VERSION_TLS_1_2);
- ConnectExpectFail();
- ASSERT_EQ(SSL_ERROR_RX_MALFORMED_SERVER_HELLO, client_->error_code());
+ ConnectExpectAlert(client_, kTlsAlertIllegalParameter);
+ client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO);
+ server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT);
+}
+
+static SECStatus AllowFalseStart(PRFileDesc* fd, void* arg,
+ PRBool* can_false_start) {
+ bool* false_start_attempted = reinterpret_cast<bool*>(arg);
+ *false_start_attempted = true;
+ *can_false_start = PR_TRUE;
+ return SECSuccess;
+}
+
+// If we disable the downgrade check, the sentinel is still generated, and we
+// disable false start instead.
+TEST_F(TlsConnectTest, DisableFalseStartOnFallback) {
+ // Don't call client_->EnableFalseStart(), because that sets the client up for
+ // success, and we want false start to fail.
+ client_->SetOption(SSL_ENABLE_FALSE_START, PR_TRUE);
+ bool false_start_attempted = false;
+ EXPECT_EQ(SECSuccess,
+ SSL_SetCanFalseStartCallback(client_->ssl_fd(), AllowFalseStart,
+ &false_start_attempted));
+
+ client_->SetDowngradeCheckVersion(SSL_LIBRARY_VERSION_TLS_1_3);
+ client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
+ SSL_LIBRARY_VERSION_TLS_1_2);
+ server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
+ SSL_LIBRARY_VERSION_TLS_1_3);
+ Connect();
+ EXPECT_FALSE(false_start_attempted);
}
TEST_F(TlsConnectTest, TestFallbackFromTls13) {
- EnsureTlsSetup();
+ client_->SetOption(SSL_ENABLE_HELLO_DOWNGRADE_CHECK, PR_TRUE);
client_->SetDowngradeCheckVersion(SSL_LIBRARY_VERSION_TLS_1_3);
client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
SSL_LIBRARY_VERSION_TLS_1_2);
server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1,
SSL_LIBRARY_VERSION_TLS_1_3);
- ConnectExpectFail();
- ASSERT_EQ(SSL_ERROR_RX_MALFORMED_SERVER_HELLO, client_->error_code());
+ ConnectExpectAlert(client_, kTlsAlertIllegalParameter);
+ client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO);
+ server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT);
}
-#endif
TEST_P(TlsConnectGeneric, TestFallbackSCSVVersionMatch) {
client_->SetOption(SSL_ENABLE_FALLBACK_SCSV, PR_TRUE);
@@ -132,6 +176,7 @@ TEST_P(TlsConnectGenericPre13, TestFallbackSCSVVersionMismatch) {
server_->SetVersionRange(version_, version_ + 1);
ConnectExpectAlert(server_, kTlsAlertInappropriateFallback);
client_->CheckErrorCode(SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT);
+ server_->CheckErrorCode(SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT);
}
// The TLS v1.3 spec section C.4 states that 'Implementations MUST NOT send or
@@ -158,7 +203,7 @@ TEST_P(TlsConnectGeneric, AlertBeforeServerHello) {
static const uint8_t kWarningAlert[] = {kTlsAlertWarning,
kTlsAlertUnrecognizedName};
DataBuffer alert;
- TlsAgentTestBase::MakeRecord(variant_, kTlsAlertType,
+ TlsAgentTestBase::MakeRecord(variant_, ssl_ct_alert,
SSL_LIBRARY_VERSION_TLS_1_0, kWarningAlert,
PR_ARRAY_SIZE(kWarningAlert), &alert);
client_->adapter()->PacketReceived(alert);
diff --git a/security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc
index 09d7801e9..a75dbb7aa 100644
--- a/security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc
@@ -12,7 +12,7 @@
#include "sslproto.h"
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "tls_connect.h"
#include "tls_filter.h"
#include "tls_parser.h"
diff --git a/security/nss/gtests/ssl_gtest/test_io.cc b/security/nss/gtests/ssl_gtest/test_io.cc
index d76b3526c..6d792c520 100644
--- a/security/nss/gtests/ssl_gtest/test_io.cc
+++ b/security/nss/gtests/ssl_gtest/test_io.cc
@@ -31,6 +31,20 @@ ScopedPRFileDesc DummyPrSocket::CreateFD() {
return DummyIOLayerMethods::CreateFD(test_fd_identity, this);
}
+void DummyPrSocket::Reset() {
+ auto p = peer_.lock();
+ peer_.reset();
+ if (p) {
+ p->peer_.reset();
+ p->Reset();
+ }
+ while (!input_.empty()) {
+ input_.pop();
+ }
+ filter_ = nullptr;
+ write_error_ = 0;
+}
+
void DummyPrSocket::PacketReceived(const DataBuffer &packet) {
input_.push(Packet(packet));
}
@@ -42,6 +56,12 @@ int32_t DummyPrSocket::Read(PRFileDesc *f, void *data, int32_t len) {
return -1;
}
+ auto dst = peer_.lock();
+ if (!dst) {
+ PR_SetError(PR_NOT_CONNECTED_ERROR, 0);
+ return -1;
+ }
+
if (input_.empty()) {
LOGV("Read --> wouldblock " << len);
PR_SetError(PR_WOULD_BLOCK_ERROR, 0);
@@ -74,6 +94,12 @@ int32_t DummyPrSocket::Recv(PRFileDesc *f, void *buf, int32_t buflen,
return Read(f, buf, buflen);
}
+ auto dst = peer_.lock();
+ if (!dst) {
+ PR_SetError(PR_NOT_CONNECTED_ERROR, 0);
+ return -1;
+ }
+
if (input_.empty()) {
PR_SetError(PR_WOULD_BLOCK_ERROR, 0);
return -1;
@@ -101,7 +127,7 @@ int32_t DummyPrSocket::Write(PRFileDesc *f, const void *buf, int32_t length) {
auto dst = peer_.lock();
if (!dst) {
- PR_SetError(PR_IO_ERROR, 0);
+ PR_SetError(PR_NOT_CONNECTED_ERROR, 0);
return -1;
}
diff --git a/security/nss/gtests/ssl_gtest/test_io.h b/security/nss/gtests/ssl_gtest/test_io.h
index 8327373ce..062ae86c8 100644
--- a/security/nss/gtests/ssl_gtest/test_io.h
+++ b/security/nss/gtests/ssl_gtest/test_io.h
@@ -17,7 +17,7 @@
#include "databuffer.h"
#include "dummy_io.h"
#include "prio.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "sslt.h"
namespace nss_test {
diff --git a/security/nss/gtests/ssl_gtest/tls_agent.cc b/security/nss/gtests/ssl_gtest/tls_agent.cc
index 9bed1ce1b..fb66196b5 100644
--- a/security/nss/gtests/ssl_gtest/tls_agent.cc
+++ b/security/nss/gtests/ssl_gtest/tls_agent.cc
@@ -15,6 +15,9 @@
#include "tls_filter.h"
#include "tls_parser.h"
+// This is an internal header, used to get DTLS_1_3_DRAFT_VERSION.
+#include "ssl3prot.h"
+
extern "C" {
// This is not something that should make you happy.
#include "libssl_internals.h"
@@ -23,7 +26,7 @@ extern "C" {
#define GTEST_HAS_RTTI 0
#include "gtest/gtest.h"
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
extern std::string g_working_dir_path;
@@ -53,7 +56,7 @@ static const uint8_t kCannedTls13ServerHello[] = {
0x00, 0x1d, 0x00, 0x20, 0xc2, 0xcf, 0x23, 0x17, 0x64, 0x23, 0x03,
0xf0, 0xfb, 0x45, 0x98, 0x26, 0xd1, 0x65, 0x24, 0xa1, 0x6c, 0xa9,
0x80, 0x8f, 0x2c, 0xac, 0x0a, 0xea, 0x53, 0x3a, 0xcb, 0xe3, 0x08,
- 0x84, 0xae, 0x19, 0x00, 0x2b, 0x00, 0x02, 0x7f, kD13};
+ 0x84, 0xae, 0x19, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04};
TlsAgent::TlsAgent(const std::string& nm, Role rl, SSLProtocolVariant var)
: name_(nm),
@@ -226,6 +229,7 @@ bool TlsAgent::EnsureTlsSetup(PRFileDesc* modelSocket) {
bool TlsAgent::MaybeSetResumptionToken() {
if (!resumption_token_.empty()) {
+ LOG("setting external resumption token");
SECStatus rv = SSL_SetResumptionToken(ssl_fd(), resumption_token_.data(),
resumption_token_.size());
@@ -583,6 +587,7 @@ void TlsAgent::CheckAuthType(SSLAuthType auth,
// switch statement because default label is different.
switch (auth) {
case ssl_auth_rsa_sign:
+ case ssl_auth_rsa_pss:
EXPECT_EQ(ssl_auth_rsa_decrypt, csinfo_.authAlgorithm)
<< "authAlgorithm for RSA is always decrypt";
break;
@@ -934,8 +939,8 @@ void TlsAgent::SendRecordDirect(const TlsRecord& record) {
SendDirect(buf);
}
-static bool ErrorIsNonFatal(PRErrorCode code) {
- return code == PR_WOULD_BLOCK_ERROR || code == SSL_ERROR_RX_SHORT_DTLS_READ;
+static bool ErrorIsFatal(PRErrorCode code) {
+ return code != PR_WOULD_BLOCK_ERROR && code != SSL_ERROR_RX_SHORT_DTLS_READ;
}
void TlsAgent::SendData(size_t bytes, size_t blocksize) {
@@ -975,7 +980,7 @@ bool TlsAgent::SendEncryptedRecord(const std::shared_ptr<TlsCipherSpec>& spec,
LOGV("Encrypting " << buf.len() << " bytes");
// Ensure that we are doing TLS 1.3.
EXPECT_GE(expected_version_, SSL_LIBRARY_VERSION_TLS_1_3);
- TlsRecordHeader header(variant_, expected_version_, kTlsApplicationDataType,
+ TlsRecordHeader header(variant_, expected_version_, ssl_ct_application_data,
seq);
DataBuffer padded = buf;
padded.Write(padded.len(), ct, 1);
@@ -994,28 +999,39 @@ bool TlsAgent::SendEncryptedRecord(const std::shared_ptr<TlsCipherSpec>& spec,
void TlsAgent::ReadBytes(size_t amount) {
uint8_t block[16384];
- int32_t rv = PR_Read(ssl_fd(), block, (std::min)(amount, sizeof(block)));
- LOGV("ReadBytes " << rv);
- int32_t err;
+ size_t remaining = amount;
+ while (remaining > 0) {
+ int32_t rv = PR_Read(ssl_fd(), block, (std::min)(amount, sizeof(block)));
+ LOGV("ReadBytes " << rv);
- if (rv >= 0) {
- size_t count = static_cast<size_t>(rv);
- for (size_t i = 0; i < count; ++i) {
- ASSERT_EQ(recv_ctr_ & 0xff, block[i]);
- recv_ctr_++;
- }
- } else {
- err = PR_GetError();
- LOG("Read error " << PORT_ErrorToName(err) << ": "
- << PORT_ErrorToString(err));
- if (err != PR_WOULD_BLOCK_ERROR && expect_readwrite_error_) {
- error_code_ = err;
- expect_readwrite_error_ = false;
+ if (rv > 0) {
+ size_t count = static_cast<size_t>(rv);
+ for (size_t i = 0; i < count; ++i) {
+ ASSERT_EQ(recv_ctr_ & 0xff, block[i]);
+ recv_ctr_++;
+ }
+ remaining -= rv;
+ } else {
+ PRErrorCode err = 0;
+ if (rv < 0) {
+ err = PR_GetError();
+ LOG("Read error " << PORT_ErrorToName(err) << ": "
+ << PORT_ErrorToString(err));
+ if (err != PR_WOULD_BLOCK_ERROR && expect_readwrite_error_) {
+ error_code_ = err;
+ expect_readwrite_error_ = false;
+ }
+ }
+ if (err != 0 && ErrorIsFatal(err)) {
+ // If we hit a fatal error, we're done.
+ remaining = 0;
+ }
+ break;
}
}
// If closed, then don't bother waiting around.
- if (rv > 0 || (rv < 0 && ErrorIsNonFatal(err))) {
+ if (remaining) {
LOGV("Re-arming");
Poller::Instance()->Wait(READABLE_EVENT, adapter_, this,
&TlsAgent::ReadableCallback);
@@ -1104,7 +1120,7 @@ void TlsAgentTestBase::MakeRecord(SSLProtocolVariant variant, uint8_t type,
if (variant == ssl_variant_stream) {
index = out->Write(index, version, 2);
} else if (version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
- type == kTlsApplicationDataType) {
+ type == ssl_ct_application_data) {
uint32_t epoch = (sequence_number >> 48) & 0x3;
uint32_t seqno = sequence_number & ((1ULL << 30) - 1);
index = out->Write(index, (epoch << 30) | seqno, 4);
@@ -1157,10 +1173,10 @@ void TlsAgentTestBase::MakeTrivialHandshakeRecord(uint8_t hs_type,
size_t hs_len,
DataBuffer* out) {
size_t index = 0;
- index = out->Write(index, kTlsHandshakeType, 1); // Content Type
- index = out->Write(index, 3, 1); // Version high
- index = out->Write(index, 1, 1); // Version low
- index = out->Write(index, 4 + hs_len, 2); // Length
+ index = out->Write(index, ssl_ct_handshake, 1); // Content Type
+ index = out->Write(index, 3, 1); // Version high
+ index = out->Write(index, 1, 1); // Version low
+ index = out->Write(index, 4 + hs_len, 2); // Length
index = out->Write(index, hs_type, 1); // Handshake record type.
index = out->Write(index, hs_len, 3); // Handshake length
@@ -1173,6 +1189,11 @@ DataBuffer TlsAgentTestBase::MakeCannedTls13ServerHello() {
DataBuffer sh(kCannedTls13ServerHello, sizeof(kCannedTls13ServerHello));
if (variant_ == ssl_variant_datagram) {
sh.Write(0, SSL_LIBRARY_VERSION_DTLS_1_2_WIRE, 2);
+ // The version should be at the end.
+ uint32_t v;
+ EXPECT_TRUE(sh.Read(sh.len() - 2, 2, &v));
+ EXPECT_EQ(static_cast<uint32_t>(SSL_LIBRARY_VERSION_TLS_1_3), v);
+ sh.Write(sh.len() - 2, 0x7f00 | DTLS_1_3_DRAFT_VERSION, 2);
}
return sh;
}
diff --git a/security/nss/gtests/ssl_gtest/tls_agent.h b/security/nss/gtests/ssl_gtest/tls_agent.h
index a93d0c6ee..020221868 100644
--- a/security/nss/gtests/ssl_gtest/tls_agent.h
+++ b/security/nss/gtests/ssl_gtest/tls_agent.h
@@ -10,9 +10,6 @@
#include "prio.h"
#include "ssl.h"
-// This is an internal header, used to get TLS_1_3_DRAFT_VERSION.
-#include "ssl3prot.h"
-
#include <functional>
#include <iostream>
@@ -20,7 +17,8 @@
#define GTEST_HAS_RTTI 0
#include "gtest/gtest.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
+#include "scoped_ptrs_ssl.h"
extern bool g_ssl_gtest_verbose;
@@ -60,8 +58,6 @@ typedef std::function<int32_t(TlsAgent* agent, const SECItem* srvNameArr,
PRUint32 srvNameArrSize)>
SniCallbackFunction;
-static const uint8_t kD13 = TLS_1_3_DRAFT_VERSION;
-
class TlsAgent : public PollTarget {
public:
enum Role { CLIENT, SERVER };
diff --git a/security/nss/gtests/ssl_gtest/tls_connect.cc b/security/nss/gtests/ssl_gtest/tls_connect.cc
index 68f6d21e9..c48ae38ec 100644
--- a/security/nss/gtests/ssl_gtest/tls_connect.cc
+++ b/security/nss/gtests/ssl_gtest/tls_connect.cc
@@ -14,7 +14,7 @@ extern "C" {
#include "databuffer.h"
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "sslproto.h"
extern std::string g_working_dir_path;
@@ -559,13 +559,15 @@ void TlsConnectTestBase::CheckResumption(SessionResumptionMode expected) {
EXPECT_EQ(stateless_count, stats->hsh_sid_stateless_resumes);
if (expected != RESUME_NONE) {
- if (client_->version() < SSL_LIBRARY_VERSION_TLS_1_3) {
+ if (client_->version() < SSL_LIBRARY_VERSION_TLS_1_3 &&
+ client_->GetResumptionToken().size() == 0) {
// Check that the last two session ids match.
ASSERT_EQ(1U + expected_resumptions_, session_ids_.size());
EXPECT_EQ(session_ids_[session_ids_.size() - 1],
session_ids_[session_ids_.size() - 2]);
} else {
- // TLS 1.3 only uses tickets.
+ // We've either chosen TLS 1.3 or are using an external resumption token,
+ // both of which only use tickets.
EXPECT_TRUE(expected & RESUME_TICKET);
}
}
diff --git a/security/nss/gtests/ssl_gtest/tls_esni_unittest.cc b/security/nss/gtests/ssl_gtest/tls_esni_unittest.cc
new file mode 100644
index 000000000..3c860a0b2
--- /dev/null
+++ b/security/nss/gtests/ssl_gtest/tls_esni_unittest.cc
@@ -0,0 +1,470 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include <ctime>
+
+#include "secerr.h"
+#include "ssl.h"
+
+#include "gtest_utils.h"
+#include "tls_agent.h"
+#include "tls_connect.h"
+
+namespace nss_test {
+
+static const char* kDummySni("dummy.invalid");
+
+std::vector<uint16_t> kDefaultSuites = {TLS_AES_256_GCM_SHA384,
+ TLS_AES_128_GCM_SHA256};
+std::vector<uint16_t> kChaChaSuite = {TLS_CHACHA20_POLY1305_SHA256};
+std::vector<uint16_t> kBogusSuites = {0};
+std::vector<uint16_t> kTls12Suites = {
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256};
+
+static void NamedGroup2ECParams(SSLNamedGroup group, SECItem* params) {
+ auto groupDef = ssl_LookupNamedGroup(group);
+ ASSERT_NE(nullptr, groupDef);
+
+ auto oidData = SECOID_FindOIDByTag(groupDef->oidTag);
+ ASSERT_NE(nullptr, oidData);
+ ASSERT_NE(nullptr,
+ SECITEM_AllocItem(nullptr, params, (2 + oidData->oid.len)));
+
+ /*
+ * params->data needs to contain the ASN encoding of an object ID (OID)
+ * representing the named curve. The actual OID is in
+ * oidData->oid.data so we simply prepend 0x06 and OID length
+ */
+ params->data[0] = SEC_ASN1_OBJECT_ID;
+ params->data[1] = oidData->oid.len;
+ memcpy(params->data + 2, oidData->oid.data, oidData->oid.len);
+}
+
+/* Checksum is a 4-byte array. */
+static void UpdateEsniKeysChecksum(DataBuffer* buf) {
+ SECStatus rv;
+ PRUint8 sha256[32];
+
+ /* Stomp the checksum. */
+ PORT_Memset(buf->data() + 2, 0, 4);
+
+ rv = PK11_HashBuf(ssl3_HashTypeToOID(ssl_hash_sha256), sha256, buf->data(),
+ buf->len());
+ ASSERT_EQ(SECSuccess, rv);
+ buf->Write(2, sha256, 4);
+}
+
+static void GenerateEsniKey(time_t windowStart, SSLNamedGroup group,
+ std::vector<uint16_t>& cipher_suites,
+ DataBuffer* record,
+ ScopedSECKEYPublicKey* pubKey = nullptr,
+ ScopedSECKEYPrivateKey* privKey = nullptr) {
+ SECKEYECParams ecParams = {siBuffer, NULL, 0};
+ NamedGroup2ECParams(group, &ecParams);
+
+ SECKEYPublicKey* pub = nullptr;
+ SECKEYPrivateKey* priv = SECKEY_CreateECPrivateKey(&ecParams, &pub, nullptr);
+ ASSERT_NE(nullptr, priv);
+ SECITEM_FreeItem(&ecParams, PR_FALSE);
+ PRUint8 encoded[1024];
+ unsigned int encoded_len;
+
+ SECStatus rv = SSL_EncodeESNIKeys(
+ &cipher_suites[0], cipher_suites.size(), group, pub, 100, windowStart,
+ windowStart + 10, encoded, &encoded_len, sizeof(encoded));
+ ASSERT_EQ(SECSuccess, rv);
+ ASSERT_GT(encoded_len, 0U);
+
+ if (pubKey) {
+ pubKey->reset(pub);
+ } else {
+ SECKEY_DestroyPublicKey(pub);
+ }
+ if (privKey) {
+ privKey->reset(priv);
+ } else {
+ SECKEY_DestroyPrivateKey(priv);
+ }
+ record->Truncate(0);
+ record->Write(0, encoded, encoded_len);
+}
+
+static void SetupEsni(const std::shared_ptr<TlsAgent>& client,
+ const std::shared_ptr<TlsAgent>& server,
+ SSLNamedGroup group = ssl_grp_ec_curve25519) {
+ ScopedSECKEYPublicKey pub;
+ ScopedSECKEYPrivateKey priv;
+ DataBuffer record;
+
+ GenerateEsniKey(time(nullptr), ssl_grp_ec_curve25519, kDefaultSuites, &record,
+ &pub, &priv);
+ SECStatus rv = SSL_SetESNIKeyPair(server->ssl_fd(), priv.get(), record.data(),
+ record.len());
+ ASSERT_EQ(SECSuccess, rv);
+
+ rv = SSL_EnableESNI(client->ssl_fd(), record.data(), record.len(), kDummySni);
+ ASSERT_EQ(SECSuccess, rv);
+}
+
+static void CheckSniExtension(const DataBuffer& data) {
+ TlsParser parser(data.data(), data.len());
+ uint32_t tmp;
+ ASSERT_TRUE(parser.Read(&tmp, 2));
+ ASSERT_EQ(parser.remaining(), tmp);
+ ASSERT_TRUE(parser.Read(&tmp, 1));
+ ASSERT_EQ(0U, tmp); /* sni_nametype_hostname */
+ DataBuffer name;
+ ASSERT_TRUE(parser.ReadVariable(&name, 2));
+ ASSERT_EQ(0U, parser.remaining());
+ DataBuffer expected(reinterpret_cast<const uint8_t*>(kDummySni),
+ strlen(kDummySni));
+ ASSERT_EQ(expected, name);
+}
+
+static void ClientInstallEsni(std::shared_ptr<TlsAgent>& agent,
+ const DataBuffer& record, PRErrorCode err = 0) {
+ SECStatus rv =
+ SSL_EnableESNI(agent->ssl_fd(), record.data(), record.len(), kDummySni);
+ if (err == 0) {
+ ASSERT_EQ(SECSuccess, rv);
+ } else {
+ ASSERT_EQ(SECFailure, rv);
+ ASSERT_EQ(err, PORT_GetError());
+ }
+}
+
+TEST_P(TlsAgentTestClient13, EsniInstall) {
+ EnsureInit();
+ DataBuffer record;
+ GenerateEsniKey(time(0), ssl_grp_ec_curve25519, kDefaultSuites, &record);
+ ClientInstallEsni(agent_, record);
+}
+
+// The next set of tests fail at setup time.
+TEST_P(TlsAgentTestClient13, EsniInvalidHash) {
+ EnsureInit();
+ DataBuffer record;
+ GenerateEsniKey(time(0), ssl_grp_ec_curve25519, kDefaultSuites, &record);
+ record.data()[2]++;
+ ClientInstallEsni(agent_, record, SSL_ERROR_RX_MALFORMED_ESNI_KEYS);
+}
+
+TEST_P(TlsAgentTestClient13, EsniInvalidVersion) {
+ EnsureInit();
+ DataBuffer record;
+ GenerateEsniKey(time(0), ssl_grp_ec_curve25519, kDefaultSuites, &record);
+ record.Write(0, 0xffff, 2);
+ ClientInstallEsni(agent_, record, SSL_ERROR_UNSUPPORTED_VERSION);
+}
+
+TEST_P(TlsAgentTestClient13, EsniShort) {
+ EnsureInit();
+ DataBuffer record;
+ GenerateEsniKey(time(0), ssl_grp_ec_curve25519, kDefaultSuites, &record);
+ record.Truncate(record.len() - 1);
+ UpdateEsniKeysChecksum(&record);
+ ClientInstallEsni(agent_, record, SSL_ERROR_RX_MALFORMED_ESNI_KEYS);
+}
+
+TEST_P(TlsAgentTestClient13, EsniLong) {
+ EnsureInit();
+ DataBuffer record;
+ GenerateEsniKey(time(0), ssl_grp_ec_curve25519, kDefaultSuites, &record);
+ record.Write(record.len(), 1, 1);
+ UpdateEsniKeysChecksum(&record);
+ ClientInstallEsni(agent_, record, SSL_ERROR_RX_MALFORMED_ESNI_KEYS);
+}
+
+TEST_P(TlsAgentTestClient13, EsniExtensionMismatch) {
+ EnsureInit();
+ DataBuffer record;
+ GenerateEsniKey(time(0), ssl_grp_ec_curve25519, kDefaultSuites, &record);
+ record.Write(record.len() - 1, 1, 1);
+ UpdateEsniKeysChecksum(&record);
+ ClientInstallEsni(agent_, record, SSL_ERROR_RX_MALFORMED_ESNI_KEYS);
+}
+
+// The following tests fail by ignoring the Esni block.
+TEST_P(TlsAgentTestClient13, EsniUnknownGroup) {
+ EnsureInit();
+ DataBuffer record;
+ GenerateEsniKey(time(0), ssl_grp_ec_curve25519, kDefaultSuites, &record);
+ record.Write(8, 0xffff, 2); // Fake group
+ UpdateEsniKeysChecksum(&record);
+ ClientInstallEsni(agent_, record, 0);
+ auto filter =
+ MakeTlsFilter<TlsExtensionCapture>(agent_, ssl_tls13_encrypted_sni_xtn);
+ agent_->Handshake();
+ ASSERT_EQ(TlsAgent::STATE_CONNECTING, agent_->state());
+ ASSERT_TRUE(!filter->captured());
+}
+
+TEST_P(TlsAgentTestClient13, EsniUnknownCS) {
+ EnsureInit();
+ DataBuffer record;
+ GenerateEsniKey(time(0), ssl_grp_ec_curve25519, kBogusSuites, &record);
+ ClientInstallEsni(agent_, record, 0);
+ auto filter =
+ MakeTlsFilter<TlsExtensionCapture>(agent_, ssl_tls13_encrypted_sni_xtn);
+ agent_->Handshake();
+ ASSERT_EQ(TlsAgent::STATE_CONNECTING, agent_->state());
+ ASSERT_TRUE(!filter->captured());
+}
+
+TEST_P(TlsAgentTestClient13, EsniInvalidCS) {
+ EnsureInit();
+ DataBuffer record;
+ GenerateEsniKey(time(0), ssl_grp_ec_curve25519, kTls12Suites, &record);
+ UpdateEsniKeysChecksum(&record);
+ ClientInstallEsni(agent_, record, 0);
+ auto filter =
+ MakeTlsFilter<TlsExtensionCapture>(agent_, ssl_tls13_encrypted_sni_xtn);
+ agent_->Handshake();
+ ASSERT_EQ(TlsAgent::STATE_CONNECTING, agent_->state());
+ ASSERT_TRUE(!filter->captured());
+}
+
+TEST_P(TlsAgentTestClient13, EsniNotReady) {
+ EnsureInit();
+ DataBuffer record;
+ GenerateEsniKey(time(0) + 1000, ssl_grp_ec_curve25519, kDefaultSuites,
+ &record);
+ ClientInstallEsni(agent_, record, 0);
+ auto filter =
+ MakeTlsFilter<TlsExtensionCapture>(agent_, ssl_tls13_encrypted_sni_xtn);
+ agent_->Handshake();
+ ASSERT_TRUE(!filter->captured());
+}
+
+TEST_P(TlsAgentTestClient13, EsniExpired) {
+ EnsureInit();
+ DataBuffer record;
+ GenerateEsniKey(time(0) - 1000, ssl_grp_ec_curve25519, kDefaultSuites,
+ &record);
+ ClientInstallEsni(agent_, record, 0);
+ auto filter =
+ MakeTlsFilter<TlsExtensionCapture>(agent_, ssl_tls13_encrypted_sni_xtn);
+ agent_->Handshake();
+ ASSERT_TRUE(!filter->captured());
+}
+
+TEST_P(TlsAgentTestClient13, NoSniSoNoEsni) {
+ EnsureInit();
+ DataBuffer record;
+ GenerateEsniKey(time(0), ssl_grp_ec_curve25519, kDefaultSuites, &record);
+ SSL_SetURL(agent_->ssl_fd(), "");
+ ClientInstallEsni(agent_, record, 0);
+ auto filter =
+ MakeTlsFilter<TlsExtensionCapture>(agent_, ssl_tls13_encrypted_sni_xtn);
+ agent_->Handshake();
+ ASSERT_TRUE(!filter->captured());
+}
+
+static int32_t SniCallback(TlsAgent* agent, const SECItem* srvNameAddr,
+ PRUint32 srvNameArrSize) {
+ EXPECT_EQ(1U, srvNameArrSize);
+ SECItem expected = {
+ siBuffer, reinterpret_cast<unsigned char*>(const_cast<char*>("server")),
+ 6};
+ EXPECT_TRUE(!SECITEM_CompareItem(&expected, &srvNameAddr[0]));
+ return SECSuccess;
+}
+
+TEST_P(TlsConnectTls13, ConnectEsni) {
+ EnsureTlsSetup();
+ SetupEsni(client_, server_);
+ auto cFilterSni =
+ MakeTlsFilter<TlsExtensionCapture>(client_, ssl_server_name_xtn);
+ auto cFilterEsni =
+ MakeTlsFilter<TlsExtensionCapture>(client_, ssl_tls13_encrypted_sni_xtn);
+ client_->SetFilter(std::make_shared<ChainedPacketFilter>(
+ ChainedPacketFilterInit({cFilterSni, cFilterEsni})));
+ auto sfilter =
+ MakeTlsFilter<TlsExtensionCapture>(server_, ssl_server_name_xtn);
+ sfilter->EnableDecryption();
+ server_->SetSniCallback(SniCallback);
+ Connect();
+ CheckSniExtension(cFilterSni->extension());
+ ASSERT_TRUE(cFilterEsni->captured());
+ // Check that our most preferred suite got chosen.
+ uint32_t suite;
+ ASSERT_TRUE(cFilterEsni->extension().Read(0, 2, &suite));
+ ASSERT_EQ(TLS_AES_128_GCM_SHA256, static_cast<PRUint16>(suite));
+ ASSERT_TRUE(!sfilter->captured());
+}
+
+TEST_P(TlsConnectTls13, ConnectEsniHrr) {
+ EnsureTlsSetup();
+ const std::vector<SSLNamedGroup> groups = {ssl_grp_ec_secp384r1};
+ server_->ConfigNamedGroups(groups);
+ SetupEsni(client_, server_);
+ auto hrr_capture = MakeTlsFilter<TlsHandshakeRecorder>(
+ server_, kTlsHandshakeHelloRetryRequest);
+ auto filter =
+ MakeTlsFilter<TlsExtensionCapture>(client_, ssl_server_name_xtn);
+ auto cfilter =
+ MakeTlsFilter<TlsExtensionCapture>(client_, ssl_server_name_xtn);
+ server_->SetSniCallback(SniCallback);
+ Connect();
+ CheckSniExtension(cfilter->extension());
+ EXPECT_NE(0UL, hrr_capture->buffer().len());
+}
+
+TEST_P(TlsConnectTls13, ConnectEsniNoDummy) {
+ EnsureTlsSetup();
+ ScopedSECKEYPublicKey pub;
+ ScopedSECKEYPrivateKey priv;
+ DataBuffer record;
+
+ GenerateEsniKey(time(nullptr), ssl_grp_ec_curve25519, kDefaultSuites, &record,
+ &pub, &priv);
+ SECStatus rv = SSL_SetESNIKeyPair(server_->ssl_fd(), priv.get(),
+ record.data(), record.len());
+ ASSERT_EQ(SECSuccess, rv);
+ rv = SSL_EnableESNI(client_->ssl_fd(), record.data(), record.len(), "");
+ ASSERT_EQ(SECSuccess, rv);
+
+ auto cfilter =
+ MakeTlsFilter<TlsExtensionCapture>(client_, ssl_server_name_xtn);
+ auto sfilter =
+ MakeTlsFilter<TlsExtensionCapture>(server_, ssl_server_name_xtn);
+ server_->SetSniCallback(SniCallback);
+ Connect();
+ ASSERT_TRUE(!cfilter->captured());
+ ASSERT_TRUE(!sfilter->captured());
+}
+
+TEST_P(TlsConnectTls13, ConnectEsniNullDummy) {
+ EnsureTlsSetup();
+ ScopedSECKEYPublicKey pub;
+ ScopedSECKEYPrivateKey priv;
+ DataBuffer record;
+
+ GenerateEsniKey(time(nullptr), ssl_grp_ec_curve25519, kDefaultSuites, &record,
+ &pub, &priv);
+ SECStatus rv = SSL_SetESNIKeyPair(server_->ssl_fd(), priv.get(),
+ record.data(), record.len());
+ ASSERT_EQ(SECSuccess, rv);
+ rv = SSL_EnableESNI(client_->ssl_fd(), record.data(), record.len(), nullptr);
+ ASSERT_EQ(SECSuccess, rv);
+
+ auto cfilter =
+ MakeTlsFilter<TlsExtensionCapture>(client_, ssl_server_name_xtn);
+ auto sfilter =
+ MakeTlsFilter<TlsExtensionCapture>(server_, ssl_server_name_xtn);
+ server_->SetSniCallback(SniCallback);
+ Connect();
+ ASSERT_TRUE(!cfilter->captured());
+ ASSERT_TRUE(!sfilter->captured());
+}
+
+/* Tell the client that it supports AES but the server that it supports ChaCha
+ */
+TEST_P(TlsConnectTls13, ConnectEsniCSMismatch) {
+ EnsureTlsSetup();
+ ScopedSECKEYPublicKey pub;
+ ScopedSECKEYPrivateKey priv;
+ DataBuffer record;
+
+ GenerateEsniKey(time(nullptr), ssl_grp_ec_curve25519, kDefaultSuites, &record,
+ &pub, &priv);
+ PRUint8 encoded[1024];
+ unsigned int encoded_len;
+
+ SECStatus rv = SSL_EncodeESNIKeys(
+ &kChaChaSuite[0], kChaChaSuite.size(), ssl_grp_ec_curve25519, pub.get(),
+ 100, time(0), time(0) + 10, encoded, &encoded_len, sizeof(encoded));
+ rv = SSL_SetESNIKeyPair(server_->ssl_fd(), priv.get(), encoded, encoded_len);
+ ASSERT_EQ(SECSuccess, rv);
+ rv = SSL_EnableESNI(client_->ssl_fd(), record.data(), record.len(), "");
+ ASSERT_EQ(SECSuccess, rv);
+ ConnectExpectAlert(server_, illegal_parameter);
+ server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO);
+}
+
+TEST_P(TlsConnectTls13, ConnectEsniP256) {
+ EnsureTlsSetup();
+ SetupEsni(client_, server_, ssl_grp_ec_secp256r1);
+ auto cfilter =
+ MakeTlsFilter<TlsExtensionCapture>(client_, ssl_server_name_xtn);
+ auto sfilter =
+ MakeTlsFilter<TlsExtensionCapture>(server_, ssl_server_name_xtn);
+ server_->SetSniCallback(SniCallback);
+ Connect();
+ CheckSniExtension(cfilter->extension());
+ ASSERT_TRUE(!sfilter->captured());
+}
+
+TEST_P(TlsConnectTls13, ConnectMismatchedEsniKeys) {
+ EnsureTlsSetup();
+ SetupEsni(client_, server_);
+ // Now install a new set of keys on the client, so we have a mismatch.
+ DataBuffer record;
+ GenerateEsniKey(time(0), ssl_grp_ec_curve25519, kDefaultSuites, &record);
+ ClientInstallEsni(client_, record, 0);
+ ConnectExpectAlert(server_, illegal_parameter);
+ server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO);
+}
+
+TEST_P(TlsConnectTls13, ConnectDamagedEsniExtensionCH) {
+ EnsureTlsSetup();
+ SetupEsni(client_, server_);
+ auto filter = MakeTlsFilter<TlsExtensionDamager>(
+ client_, ssl_tls13_encrypted_sni_xtn, 50); // in the ciphertext
+ ConnectExpectAlert(server_, illegal_parameter);
+ server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO);
+}
+
+TEST_P(TlsConnectTls13, ConnectRemoveEsniExtensionEE) {
+ EnsureTlsSetup();
+ SetupEsni(client_, server_);
+ auto filter =
+ MakeTlsFilter<TlsExtensionDropper>(server_, ssl_tls13_encrypted_sni_xtn);
+ filter->EnableDecryption();
+ ConnectExpectAlert(client_, missing_extension);
+ client_->CheckErrorCode(SSL_ERROR_MISSING_ESNI_EXTENSION);
+}
+
+TEST_P(TlsConnectTls13, ConnectShortEsniExtensionEE) {
+ EnsureTlsSetup();
+ SetupEsni(client_, server_);
+ DataBuffer shortNonce;
+ auto filter = MakeTlsFilter<TlsExtensionReplacer>(
+ server_, ssl_tls13_encrypted_sni_xtn, shortNonce);
+ filter->EnableDecryption();
+ ConnectExpectAlert(client_, illegal_parameter);
+ client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_ESNI_EXTENSION);
+}
+
+TEST_P(TlsConnectTls13, ConnectBogusEsniExtensionEE) {
+ EnsureTlsSetup();
+ SetupEsni(client_, server_);
+ const uint8_t bogusNonceBuf[16] = {0};
+ DataBuffer bogusNonce(bogusNonceBuf, sizeof(bogusNonceBuf));
+ auto filter = MakeTlsFilter<TlsExtensionReplacer>(
+ server_, ssl_tls13_encrypted_sni_xtn, bogusNonce);
+ filter->EnableDecryption();
+ ConnectExpectAlert(client_, illegal_parameter);
+ client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_ESNI_EXTENSION);
+}
+
+// ESNI is a commitment to doing TLS 1.3 or above.
+// The TLS 1.2 server ignores ESNI and processes the dummy SNI.
+// The client then aborts when it sees the server did TLS 1.2.
+TEST_P(TlsConnectTls13, EsniButTLS12Server) {
+ EnsureTlsSetup();
+ SetupEsni(client_, server_);
+ client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
+ SSL_LIBRARY_VERSION_TLS_1_3);
+ server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
+ SSL_LIBRARY_VERSION_TLS_1_2);
+ ConnectExpectAlert(client_, kTlsAlertProtocolVersion);
+ client_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_VERSION);
+ server_->CheckErrorCode(SSL_ERROR_PROTOCOL_VERSION_ALERT);
+ ASSERT_FALSE(SSLInt_ExtensionNegotiated(server_->ssl_fd(),
+ ssl_tls13_encrypted_sni_xtn));
+}
+}
diff --git a/security/nss/gtests/ssl_gtest/tls_filter.cc b/security/nss/gtests/ssl_gtest/tls_filter.cc
index aa03cba70..25ad606fc 100644
--- a/security/nss/gtests/ssl_gtest/tls_filter.cc
+++ b/security/nss/gtests/ssl_gtest/tls_filter.cc
@@ -131,7 +131,7 @@ PacketFilter::Action TlsRecordFilter::Filter(const DataBuffer& input,
// spec to another active cipher spec (KeyUpdate for instance) AND writes
// are consolidated across that change, this code could use the wrong
// sequence numbers when re-encrypting records with the old keys.
- if (header.content_type() == kTlsApplicationDataType) {
+ if (header.content_type() == ssl_ct_application_data) {
in_sequence_number_ =
(std::max)(in_sequence_number_, header.sequence_number() + 1);
}
@@ -194,7 +194,7 @@ PacketFilter::Action TlsRecordFilter::FilterRecord(
uint64_t seq_num;
if (header.is_dtls() || !cipher_spec_ ||
- header.content_type() != kTlsApplicationDataType) {
+ header.content_type() != ssl_ct_application_data) {
seq_num = header.sequence_number();
} else {
seq_num = out_sequence_number_++;
@@ -277,7 +277,7 @@ bool TlsRecordHeader::Parse(bool is_dtls13, uint64_t seqno, TlsParser* parser,
#ifndef UNSAFE_FUZZER_MODE
// Deal with the 7 octet header.
- if (content_type_ == kTlsApplicationDataType) {
+ if (content_type_ == ssl_ct_application_data) {
uint32_t tmp;
if (!parser->Read(&tmp, 4)) {
return false;
@@ -298,7 +298,7 @@ bool TlsRecordHeader::Parse(bool is_dtls13, uint64_t seqno, TlsParser* parser,
}
// Need to use the low 5 bits of the first octet too.
tmp |= (content_type_ & 0x1f) << 8;
- content_type_ = kTlsApplicationDataType;
+ content_type_ = ssl_ct_application_data;
sequence_number_ = ParseSequenceNumber(seqno, tmp, 12, 1);
if (!parser->ReadFromMark(&header_, parser->consumed() - mark, mark)) {
@@ -308,9 +308,9 @@ bool TlsRecordHeader::Parse(bool is_dtls13, uint64_t seqno, TlsParser* parser,
}
// The full 13 octet header can only be used for a few types.
- EXPECT_TRUE(content_type_ == kTlsAlertType ||
- content_type_ == kTlsHandshakeType ||
- content_type_ == kTlsAckType);
+ EXPECT_TRUE(content_type_ == ssl_ct_alert ||
+ content_type_ == ssl_ct_handshake ||
+ content_type_ == ssl_ct_ack);
#endif
}
@@ -347,7 +347,7 @@ size_t TlsRecordHeader::WriteHeader(DataBuffer* buffer, size_t offset,
size_t body_len) const {
offset = buffer->Write(offset, content_type_, 1);
if (is_dtls() && version_ >= SSL_LIBRARY_VERSION_TLS_1_3 &&
- content_type() == kTlsApplicationDataType) {
+ content_type() == ssl_ct_application_data) {
// application_data records in TLS 1.3 have a different header format.
// Always use the long header here for simplicity.
uint32_t e = (sequence_number_ >> 48) & 0x3;
@@ -377,7 +377,7 @@ bool TlsRecordFilter::Unprotect(const TlsRecordHeader& header,
const DataBuffer& ciphertext,
uint8_t* inner_content_type,
DataBuffer* plaintext) {
- if (!cipher_spec_ || header.content_type() != kTlsApplicationDataType) {
+ if (!cipher_spec_ || header.content_type() != ssl_ct_application_data) {
*inner_content_type = header.content_type();
*plaintext = ciphertext;
return true;
@@ -411,7 +411,7 @@ bool TlsRecordFilter::Protect(const TlsRecordHeader& header,
uint8_t inner_content_type,
const DataBuffer& plaintext,
DataBuffer* ciphertext, size_t padding) {
- if (!cipher_spec_ || header.content_type() != kTlsApplicationDataType) {
+ if (!cipher_spec_ || header.content_type() != ssl_ct_application_data) {
*ciphertext = plaintext;
return true;
}
@@ -453,8 +453,7 @@ PacketFilter::Action TlsHandshakeFilter::FilterRecord(
const TlsRecordHeader& record_header, const DataBuffer& input,
DataBuffer* output) {
// Check that the first byte is as requested.
- if ((record_header.content_type() != kTlsHandshakeType) &&
- (record_header.content_type() != kTlsAltHandshakeType)) {
+ if (record_header.content_type() != ssl_ct_handshake) {
return KEEP;
}
@@ -879,6 +878,17 @@ PacketFilter::Action TlsExtensionDropper::FilterExtension(
return KEEP;
}
+PacketFilter::Action TlsExtensionDamager::FilterExtension(
+ uint16_t extension_type, const DataBuffer& input, DataBuffer* output) {
+ if (extension_type != extension_) {
+ return KEEP;
+ }
+
+ *output = input;
+ output->data()[index_] += 73; // Increment selected for maximum damage
+ return CHANGE;
+}
+
PacketFilter::Action TlsExtensionInjector::FilterHandshake(
const HandshakeHeader& header, const DataBuffer& input,
DataBuffer* output) {
diff --git a/security/nss/gtests/ssl_gtest/tls_filter.h b/security/nss/gtests/ssl_gtest/tls_filter.h
index effda4aa0..2b6e88645 100644
--- a/security/nss/gtests/ssl_gtest/tls_filter.h
+++ b/security/nss/gtests/ssl_gtest/tls_filter.h
@@ -172,20 +172,19 @@ inline std::ostream& operator<<(std::ostream& stream,
hdr.WriteStream(stream);
stream << ' ';
switch (hdr.content_type()) {
- case kTlsChangeCipherSpecType:
+ case ssl_ct_change_cipher_spec:
stream << "CCS";
break;
- case kTlsAlertType:
+ case ssl_ct_alert:
stream << "Alert";
break;
- case kTlsHandshakeType:
- case kTlsAltHandshakeType:
+ case ssl_ct_handshake:
stream << "Handshake";
break;
- case kTlsApplicationDataType:
+ case ssl_ct_application_data:
stream << "Data";
break;
- case kTlsAckType:
+ case ssl_ct_ack:
stream << "ACK";
break;
default:
@@ -301,7 +300,7 @@ class TlsRecordRecorder : public TlsRecordFilter {
TlsRecordRecorder(const std::shared_ptr<TlsAgent>& a)
: TlsRecordFilter(a),
filter_(false),
- ct_(content_handshake), // dummy (<optional> is C++14)
+ ct_(ssl_ct_handshake), // dummy (<optional> is C++14)
records_() {}
virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header,
const DataBuffer& input,
@@ -466,6 +465,20 @@ class TlsExtensionInjector : public TlsHandshakeFilter {
const DataBuffer data_;
};
+class TlsExtensionDamager : public TlsExtensionFilter {
+ public:
+ TlsExtensionDamager(const std::shared_ptr<TlsAgent>& a, uint16_t extension,
+ size_t index)
+ : TlsExtensionFilter(a), extension_(extension), index_(index) {}
+ virtual PacketFilter::Action FilterExtension(uint16_t extension_type,
+ const DataBuffer& input,
+ DataBuffer* output);
+
+ private:
+ uint16_t extension_;
+ size_t index_;
+};
+
typedef std::function<void(void)> VoidFunction;
class AfterRecordN : public TlsRecordFilter {
diff --git a/security/nss/gtests/ssl_gtest/tls_hkdf_unittest.cc b/security/nss/gtests/ssl_gtest/tls_hkdf_unittest.cc
index 45f6cf2bd..004da3b1c 100644
--- a/security/nss/gtests/ssl_gtest/tls_hkdf_unittest.cc
+++ b/security/nss/gtests/ssl_gtest/tls_hkdf_unittest.cc
@@ -11,7 +11,7 @@
#include "databuffer.h"
#include "gtest_utils.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
namespace nss_test {
@@ -60,9 +60,11 @@ const std::string kHashName[] = {"None", "MD5", "SHA-1", "SHA-224",
"SHA-256", "SHA-384", "SHA-512"};
static void ImportKey(ScopedPK11SymKey* to, const DataBuffer& key,
- PK11SlotInfo* slot) {
+ SSLHashType hash_type, PK11SlotInfo* slot) {
+ ASSERT_LT(hash_type, sizeof(kHashLength));
+ ASSERT_LE(kHashLength[hash_type], key.len());
SECItem key_item = {siBuffer, const_cast<uint8_t*>(key.data()),
- static_cast<unsigned int>(key.len())};
+ static_cast<unsigned int>(kHashLength[hash_type])};
PK11SymKey* inner =
PK11_ImportSymKey(slot, CKM_SSL3_MASTER_KEY_DERIVE, PK11_OriginUnwrap,
@@ -106,8 +108,8 @@ class TlsHkdfTest : public ::testing::Test,
}
void SetUp() {
- ImportKey(&k1_, kKey1, slot_.get());
- ImportKey(&k2_, kKey2, slot_.get());
+ ImportKey(&k1_, kKey1, hash_type_, slot_.get());
+ ImportKey(&k2_, kKey2, hash_type_, slot_.get());
}
void VerifyKey(const ScopedPK11SymKey& key, const DataBuffer& expected) {
@@ -183,9 +185,9 @@ TEST_P(TlsHkdfTest, HkdfKey1Only) {
{/* ssl_hash_md5 */},
{/* ssl_hash_sha1 */},
{/* ssl_hash_sha224 */},
- {0x11, 0x87, 0x38, 0x28, 0xa9, 0x19, 0x78, 0x11, 0x33, 0x91, 0x24,
- 0xb5, 0x8a, 0x1b, 0xb0, 0x9f, 0x7f, 0x0d, 0x8d, 0xbb, 0x10, 0xf4,
- 0x9c, 0x54, 0xbd, 0x1f, 0xd8, 0x85, 0xcd, 0x15, 0x30, 0x33},
+ {0x41, 0x6c, 0x53, 0x92, 0xb9, 0xf3, 0x6d, 0xf1, 0x88, 0xe9, 0x0e,
+ 0xb1, 0x4d, 0x17, 0xbf, 0x0d, 0xa1, 0x90, 0xbf, 0xdb, 0x7f, 0x1f,
+ 0x49, 0x56, 0xe6, 0xe5, 0x66, 0xa5, 0x69, 0xc8, 0xb1, 0x5c},
{0x51, 0xb1, 0xd5, 0xb4, 0x59, 0x79, 0x79, 0x08, 0x4a, 0x15, 0xb2, 0xdb,
0x84, 0xd3, 0xd6, 0xbc, 0xfc, 0x93, 0x45, 0xd9, 0xdc, 0x74, 0xda, 0x1a,
0x57, 0xc2, 0x76, 0x9f, 0x3f, 0x83, 0x45, 0x2f, 0xf6, 0xf3, 0x56, 0x1f,
@@ -201,11 +203,9 @@ TEST_P(TlsHkdfTest, HkdfKey2Only) {
{/* ssl_hash_md5 */},
{/* ssl_hash_sha1 */},
{/* ssl_hash_sha224 */},
- {
- 0x2f, 0x5f, 0x78, 0xd0, 0xa4, 0xc4, 0x36, 0xee, 0x6c, 0x8a, 0x4e,
- 0xf9, 0xd0, 0x43, 0x81, 0x02, 0x13, 0xfd, 0x47, 0x83, 0x63, 0x3a,
- 0xd2, 0xe1, 0x40, 0x6d, 0x2d, 0x98, 0x00, 0xfd, 0xc1, 0x87,
- },
+ {0x16, 0xaf, 0x00, 0x54, 0x3a, 0x56, 0xc8, 0x26, 0xa2, 0xa7, 0xfc,
+ 0xb6, 0x34, 0x66, 0x8a, 0xfd, 0x36, 0xdc, 0x8e, 0xce, 0xc4, 0xd2,
+ 0x6c, 0x7a, 0xdc, 0xe3, 0x70, 0x36, 0x3d, 0x60, 0xfa, 0x0b},
{0x7b, 0x40, 0xf9, 0xef, 0x91, 0xff, 0xc9, 0xd1, 0x29, 0x24, 0x5c, 0xbf,
0xf8, 0x82, 0x76, 0x68, 0xae, 0x4b, 0x63, 0xe8, 0x03, 0xdd, 0x39, 0xa8,
0xd4, 0x6a, 0xf6, 0xe5, 0xec, 0xea, 0xf8, 0x7d, 0x91, 0x71, 0x81, 0xf1,
@@ -221,11 +221,9 @@ TEST_P(TlsHkdfTest, HkdfKey1Key2) {
{/* ssl_hash_md5 */},
{/* ssl_hash_sha1 */},
{/* ssl_hash_sha224 */},
- {
- 0x79, 0x53, 0xb8, 0xdd, 0x6b, 0x98, 0xce, 0x00, 0xb7, 0xdc, 0xe8,
- 0x03, 0x70, 0x8c, 0xe3, 0xac, 0x06, 0x8b, 0x22, 0xfd, 0x0e, 0x34,
- 0x48, 0xe6, 0xe5, 0xe0, 0x8a, 0xd6, 0x16, 0x18, 0xe5, 0x48,
- },
+ {0xa5, 0x68, 0x02, 0x5a, 0x95, 0xc9, 0x7f, 0x55, 0x38, 0xbc, 0xf7,
+ 0x97, 0xcc, 0x0f, 0xd5, 0xf6, 0xa8, 0x8d, 0x15, 0xbc, 0x0e, 0x85,
+ 0x74, 0x70, 0x3c, 0xa3, 0x65, 0xbd, 0x76, 0xcf, 0x9f, 0xd3},
{0x01, 0x93, 0xc0, 0x07, 0x3f, 0x6a, 0x83, 0x0e, 0x2e, 0x4f, 0xb2, 0x58,
0xe4, 0x00, 0x08, 0x5c, 0x68, 0x9c, 0x37, 0x32, 0x00, 0x37, 0xff, 0xc3,
0x1c, 0x5b, 0x98, 0x0b, 0x02, 0x92, 0x3f, 0xfd, 0x73, 0x5a, 0x6f, 0x2a,
@@ -241,9 +239,9 @@ TEST_P(TlsHkdfTest, HkdfExpandLabel) {
{/* ssl_hash_md5 */},
{/* ssl_hash_sha1 */},
{/* ssl_hash_sha224 */},
- {0xc6, 0xdd, 0x6e, 0xc4, 0x76, 0xb8, 0x55, 0xf2, 0xa4, 0xfc, 0x59,
- 0x04, 0xa4, 0x90, 0xdc, 0xa7, 0xa7, 0x0d, 0x94, 0x8f, 0xc2, 0xdc,
- 0x15, 0x6d, 0x48, 0x93, 0x9d, 0x05, 0xbb, 0x9a, 0xbc, 0xc1},
+ {0x3e, 0x4e, 0x6e, 0xd0, 0xbc, 0xc4, 0xf4, 0xff, 0xf0, 0xf5, 0x69,
+ 0xd0, 0x6c, 0x1e, 0x0e, 0x10, 0x32, 0xaa, 0xd7, 0xa3, 0xef, 0xf6,
+ 0xa8, 0x65, 0x8e, 0xbe, 0xee, 0xc7, 0x1f, 0x01, 0x6d, 0x3c},
{0x41, 0xea, 0x77, 0x09, 0x8c, 0x90, 0x04, 0x10, 0xec, 0xbc, 0x37, 0xd8,
0x5b, 0x54, 0xcd, 0x7b, 0x08, 0x15, 0x13, 0x20, 0xed, 0x1e, 0x3f, 0x54,
0x74, 0xf7, 0x8b, 0x06, 0x38, 0x28, 0x06, 0x37, 0x75, 0x23, 0xa2, 0xb7,
diff --git a/security/nss/gtests/util_gtest/util_pkcs11uri_unittest.cc b/security/nss/gtests/util_gtest/util_pkcs11uri_unittest.cc
index 5f1d94acf..680e2f4a2 100644
--- a/security/nss/gtests/util_gtest/util_pkcs11uri_unittest.cc
+++ b/security/nss/gtests/util_gtest/util_pkcs11uri_unittest.cc
@@ -160,6 +160,7 @@ TEST_F(PK11URITest, ParseRetrieveTest) {
TEST_F(PK11URITest, ParseFormatTest) {
TestParseFormat("pkcs11:", "pkcs11:");
+ TestParseFormat("PKCS11:", "pkcs11:");
TestParseFormat("pkcs11:token=aaa", "pkcs11:token=aaa");
TestParseFormat("pkcs11:token=aaa;manufacturer=bbb",
"pkcs11:token=aaa;manufacturer=bbb");
diff --git a/security/nss/help.txt b/security/nss/help.txt
index b4ffc0382..1df72736e 100644
--- a/security/nss/help.txt
+++ b/security/nss/help.txt
@@ -1,15 +1,15 @@
-Usage: build.sh [-hcv] [-cc] [-j <n>] [--nspr] [--gyp|-g] [--opt|-o] [-m32]
- [--test] [--pprof] [--scan-build[=output]] [--ct-verif]
- [--asan] [--ubsan] [--msan] [--sancov[=edge|bb|func|...]]
- [--disable-tests] [--fuzz[=tls|oss]] [--system-sqlite]
- [--no-zdefs] [--with-nspr] [--system-nspr] [--enable-libpkix]
- [--enable-fips]
+Usage: build.sh [-h] [-c|-cc] [-v] [-j <n>] [--gyp|-g] [--opt|-o]
+ [-t <x64|x86|...>|--target=<x64|x86|...>]
+ [--clang|--gcc|--msvc] [--scan-build[=dir]] [--disable-tests]
+ [--pprof] [--asan] [--msan] [--ubsan[=bool,shift,...]
+ [--fuzz[=tls|oss]] [--sancov[=edge|bb|func|...]]
+ [--emit-llvm] [--no-zdefs] [--test] [--ct-verif]
+ [--nspr|--with-nspr=<include>:<lib>|--system-nspr]
+ [--system-sqlite] [--enable-fips] [--enable-libpkix]
+ [--mozpkix-only]
This script builds NSS with gyp and ninja.
-This build system is still under development. It does not yet support all
-the features or platforms that NSS supports.
-
NSS build tool options:
-h display this help and exit
@@ -17,34 +17,37 @@ NSS build tool options:
-cc clean without building
-v verbose build
-j <n> run at most <n> concurrent jobs
- --nspr force a rebuild of NSPR
--gyp|-g force a rerun of gyp
--opt|-o do an opt build
- -m32 do a 32-bit build on a 64-bit system
+ --target|-t specify target architecture (e.g., x86, x64, aarch64)
--clang build with clang and clang++
--gcc build with gcc and g++
- --test ignore map files and export everything we have
+ --msvc build with MSVC
+ --scan-build run the build with scan-build
+ --scan-build=<dir> sets the output path for scan-build
+ --disable-tests don't build tests and corresponding cmdline utils
+ --pprof build with gperftool support
+ --asan enable address sanitizer
+ --msan enable memory sanitizer
+ --ubsan enable undefined behavior sanitizer
+ --ubsan=bool,shift,... sets specific UB sanitizers
--fuzz build fuzzing targets (this always enables test builds)
--fuzz=tls to enable TLS fuzzing mode
--fuzz=oss to build for OSS-Fuzz
- --pprof build with gperftool support
- --ct-verif build with valgrind for ct-verif
- --scan-build run the build with scan-build (scan-build has to be in the path)
- --scan-build=/out/path sets the output path for scan-build
- --asan do an asan build
- --ubsan do an ubsan build
- --ubsan=bool,shift,... sets specific UB sanitizers
- --msan do an msan build
--sancov do sanitize coverage builds
--sancov=func sets coverage to function level for example
--emit-llvm emit LLVM bitcode while building
(requires the gold linker, use clang-3.8 for SAW)
- --disable-tests don't build tests and corresponding cmdline utils
- --system-sqlite use system sqlite
--no-zdefs don't set -Wl,-z,defs
- --with-nspr don't build NSPR but use the one at the given location, e.g.
- --with-nspr=/path/to/nspr/include:/path/to/nspr/lib
- --system-nspr use system nspr. This requires an installation of NSPR and
- might not work on all systems.
- --enable-libpkix make libpkix part of the build.
- --enable-fips don't disable FIPS checks.
+ --test ignore map files and export everything we have
+ --ct-verif build with valgrind for ct-verif
+ --nspr force a rebuild of NSPR
+ --with-nspr use the NSPR build at the given locations
+ --with-nspr=<include>:<lib> sets include and lib paths
+ --system-nspr attempt to use system nspr
+ shorthand for --with-nspr=/usr/include/nspr:
+ --system-sqlite use system sqlite
+ --enable-fips enable FIPS checks
+ --enable-libpkix make libpkix part of the build
+ --mozpkix-only build only static mozpkix and mozpkix-test libraries
+ support for this build option is limited
diff --git a/security/nss/lib/base/error.c b/security/nss/lib/base/error.c
index 95a76cf79..2ef032933 100644
--- a/security/nss/lib/base/error.c
+++ b/security/nss/lib/base/error.c
@@ -15,6 +15,10 @@
#include <limits.h> /* for UINT_MAX */
#include <string.h> /* for memmove */
+#if defined(__MINGW32__)
+#include <windows.h>
+#endif
+
#define NSS_MAX_ERROR_STACK_COUNT 16 /* error codes */
/*
@@ -65,7 +69,32 @@ static const PRCallOnceType error_call_again;
static PRStatus
error_once_function(void)
{
+
+/*
+ * This #ifdef function is redundant. It performs the same thing as the
+ * else case.
+ *
+ * However, the MinGW version looks up the function from nss3's export
+ * table, and on MinGW _that_ behaves differently than passing a
+ * function pointer in a different module because MinGW has
+ * -mnop-fun-dllimport specified, which generates function thunks for
+ * cross-module calls. And when a module (like nssckbi) gets unloaded,
+ * and you try to call into that thunk (which is now missing) you'll
+ * crash. So we do this bit of ugly to avoid that crash. Fortunately
+ * this is the only place we've had to do this.
+ */
+#if defined(__MINGW32__)
+ HMODULE nss3 = GetModuleHandleW(L"nss3");
+ if (nss3) {
+ FARPROC freePtr = GetProcAddress(nss3, "PR_Free");
+ if (freePtr) {
+ return PR_NewThreadPrivateIndex(&error_stack_index, freePtr);
+ }
+ }
+ return PR_NewThreadPrivateIndex(&error_stack_index, PR_Free);
+#else
return PR_NewThreadPrivateIndex(&error_stack_index, PR_Free);
+#endif
}
/*
diff --git a/security/nss/lib/certdb/cert.h b/security/nss/lib/certdb/cert.h
index c76a5a9b0..333ba4c9d 100644
--- a/security/nss/lib/certdb/cert.h
+++ b/security/nss/lib/certdb/cert.h
@@ -18,7 +18,7 @@
#include "seccomon.h"
#include "secdert.h"
#include "secoidt.h"
-#include "keyt.h"
+#include "keythi.h"
#include "certt.h"
SEC_BEGIN_PROTOS
diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c
index 1a676a720..85b5f2917 100644
--- a/security/nss/lib/certdb/certdb.c
+++ b/security/nss/lib/certdb/certdb.c
@@ -446,6 +446,74 @@ cert_GetCertType(CERTCertificate *cert)
return SECSuccess;
}
+PRBool
+cert_EKUAllowsIPsecIKE(CERTCertificate *cert, PRBool *isCritical)
+{
+ SECStatus rv;
+ SECItem encodedExtKeyUsage;
+ CERTOidSequence *extKeyUsage = NULL;
+ PRBool result = PR_FALSE;
+
+ rv = CERT_GetExtenCriticality(cert->extensions,
+ SEC_OID_X509_EXT_KEY_USAGE,
+ isCritical);
+ if (rv != SECSuccess) {
+ *isCritical = PR_FALSE;
+ }
+
+ encodedExtKeyUsage.data = NULL;
+ rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE,
+ &encodedExtKeyUsage);
+ if (rv != SECSuccess) {
+ /* EKU not present, allowed. */
+ result = PR_TRUE;
+ goto done;
+ }
+
+ extKeyUsage = CERT_DecodeOidSequence(&encodedExtKeyUsage);
+ if (!extKeyUsage) {
+ /* failure */
+ goto done;
+ }
+
+ if (findOIDinOIDSeqByTagNum(extKeyUsage,
+ SEC_OID_X509_ANY_EXT_KEY_USAGE) ==
+ SECSuccess) {
+ result = PR_TRUE;
+ goto done;
+ }
+
+ if (findOIDinOIDSeqByTagNum(extKeyUsage,
+ SEC_OID_EXT_KEY_USAGE_IPSEC_IKE) ==
+ SECSuccess) {
+ result = PR_TRUE;
+ goto done;
+ }
+
+ if (findOIDinOIDSeqByTagNum(extKeyUsage,
+ SEC_OID_IPSEC_IKE_END) ==
+ SECSuccess) {
+ result = PR_TRUE;
+ goto done;
+ }
+
+ if (findOIDinOIDSeqByTagNum(extKeyUsage,
+ SEC_OID_IPSEC_IKE_INTERMEDIATE) ==
+ SECSuccess) {
+ result = PR_TRUE;
+ goto done;
+ }
+
+done:
+ if (encodedExtKeyUsage.data != NULL) {
+ PORT_Free(encodedExtKeyUsage.data);
+ }
+ if (extKeyUsage != NULL) {
+ CERT_DestroyOidSequence(extKeyUsage);
+ }
+ return result;
+}
+
PRUint32
cert_ComputeCertType(CERTCertificate *cert)
{
@@ -1083,6 +1151,10 @@ CERT_KeyUsageAndTypeForCertUsage(SECCertUsage usage, PRBool ca,
requiredKeyUsage = KU_KEY_CERT_SIGN;
requiredCertType = NS_CERT_TYPE_SSL_CA;
break;
+ case certUsageIPsec:
+ requiredKeyUsage = KU_KEY_CERT_SIGN;
+ requiredCertType = NS_CERT_TYPE_SSL_CA;
+ break;
case certUsageSSLCA:
requiredKeyUsage = KU_KEY_CERT_SIGN;
requiredCertType = NS_CERT_TYPE_SSL_CA;
@@ -1125,6 +1197,11 @@ CERT_KeyUsageAndTypeForCertUsage(SECCertUsage usage, PRBool ca,
requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT;
requiredCertType = NS_CERT_TYPE_SSL_SERVER;
break;
+ case certUsageIPsec:
+ /* RFC 4945 Section 5.1.3.2 */
+ requiredKeyUsage = KU_DIGITAL_SIGNATURE_OR_NON_REPUDIATION;
+ requiredCertType = 0;
+ break;
case certUsageSSLServerWithStepUp:
requiredKeyUsage =
KU_KEY_AGREEMENT_OR_ENCIPHERMENT | KU_NS_GOVT_APPROVED;
diff --git a/security/nss/lib/certdb/certi.h b/security/nss/lib/certdb/certi.h
index 456f2fc4e..2a8ae2758 100644
--- a/security/nss/lib/certdb/certi.h
+++ b/security/nss/lib/certdb/certi.h
@@ -294,6 +294,9 @@ extern SECStatus cert_GetCertType(CERTCertificate* cert);
*/
extern PRUint32 cert_ComputeCertType(CERTCertificate* cert);
+extern PRBool cert_EKUAllowsIPsecIKE(CERTCertificate* cert,
+ PRBool* isCritical);
+
void cert_AddToVerifyLog(CERTVerifyLog* log, CERTCertificate* cert,
long errorCode, unsigned int depth, void* arg);
diff --git a/security/nss/lib/certdb/certt.h b/security/nss/lib/certdb/certt.h
index 797f9f585..9cac70ca6 100644
--- a/security/nss/lib/certdb/certt.h
+++ b/security/nss/lib/certdb/certt.h
@@ -447,7 +447,8 @@ typedef enum SECCertUsageEnum {
certUsageVerifyCA = 8,
certUsageProtectedObjectSigner = 9,
certUsageStatusResponder = 10,
- certUsageAnyCA = 11
+ certUsageAnyCA = 11,
+ certUsageIPsec = 12
} SECCertUsage;
typedef PRInt64 SECCertificateUsage;
@@ -465,8 +466,9 @@ typedef PRInt64 SECCertificateUsage;
#define certificateUsageProtectedObjectSigner (0x0200)
#define certificateUsageStatusResponder (0x0400)
#define certificateUsageAnyCA (0x0800)
+#define certificateUsageIPsec (0x1000)
-#define certificateUsageHighest certificateUsageAnyCA
+#define certificateUsageHighest certificateUsageIPsec
/*
* Does the cert belong to the user, a peer, or a CA.
diff --git a/security/nss/lib/certhigh/certreq.c b/security/nss/lib/certhigh/certreq.c
index 4087bc978..2ab4f1ab7 100644
--- a/security/nss/lib/certhigh/certreq.c
+++ b/security/nss/lib/certhigh/certreq.c
@@ -5,7 +5,7 @@
#include "cert.h"
#include "certt.h"
#include "secder.h"
-#include "key.h"
+#include "keyhi.h"
#include "secitem.h"
#include "secasn1.h"
#include "secerr.h"
diff --git a/security/nss/lib/certhigh/certvfy.c b/security/nss/lib/certhigh/certvfy.c
index ccd38e660..3a94a4150 100644
--- a/security/nss/lib/certhigh/certvfy.c
+++ b/security/nss/lib/certhigh/certvfy.c
@@ -25,7 +25,7 @@
#include "pkim.h"
#include "pki3hack.h"
#include "base.h"
-#include "keyhi.h"
+#include "keyi.h"
/*
* Check the validity times of a certificate
@@ -73,12 +73,38 @@ checkKeyParams(const SECAlgorithmID *sigAlgorithm, const SECKEYPublicKey *key)
return SECFailure;
}
return SECSuccess;
+
+ case SEC_OID_PKCS1_RSA_PSS_SIGNATURE: {
+ PORTCheapArenaPool tmpArena;
+ SECOidTag hashAlg;
+ SECOidTag maskHashAlg;
+
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+ rv = sec_DecodeRSAPSSParams(&tmpArena.arena,
+ &sigAlgorithm->parameters,
+ &hashAlg, &maskHashAlg, NULL);
+ PORT_DestroyCheapArena(&tmpArena);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ if (NSS_GetAlgorithmPolicy(hashAlg, &policyFlags) == SECSuccess &&
+ !(policyFlags & NSS_USE_ALG_IN_CERT_SIGNATURE)) {
+ PORT_SetError(SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED);
+ return SECFailure;
+ }
+ if (NSS_GetAlgorithmPolicy(maskHashAlg, &policyFlags) == SECSuccess &&
+ !(policyFlags & NSS_USE_ALG_IN_CERT_SIGNATURE)) {
+ PORT_SetError(SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED);
+ return SECFailure;
+ }
+ }
+ /* fall through to RSA key checking */
case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
case SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE:
if (key->keyType != rsaKey && key->keyType != rsaPssKey) {
@@ -289,6 +315,10 @@ CERT_TrustFlagsForCACertUsage(SECCertUsage usage,
requiredFlags = CERTDB_TRUSTED_CA;
trustType = trustSSL;
break;
+ case certUsageIPsec:
+ requiredFlags = CERTDB_TRUSTED_CA;
+ trustType = trustSSL;
+ break;
case certUsageSSLServerWithStepUp:
requiredFlags = CERTDB_TRUSTED_CA | CERTDB_GOVT_APPROVED_CA;
trustType = trustSSL;
@@ -579,6 +609,7 @@ cert_VerifyCertChainOld(CERTCertDBHandle *handle, CERTCertificate *cert,
switch (certUsage) {
case certUsageSSLClient:
case certUsageSSLServer:
+ case certUsageIPsec:
case certUsageSSLCA:
case certUsageSSLServerWithStepUp:
case certUsageEmailSigner:
@@ -645,7 +676,8 @@ cert_VerifyCertChainOld(CERTCertDBHandle *handle, CERTCertificate *cert,
CERTGeneralName *subjectNameList;
int subjectNameListLen;
int i;
- PRBool getSubjectCN = (!count && certUsage == certUsageSSLServer);
+ PRBool getSubjectCN = (!count &&
+ (certUsage == certUsageSSLServer || certUsage == certUsageIPsec));
subjectNameList =
CERT_GetConstrainedCertificateNames(subjectCert, arena,
getSubjectCN);
@@ -986,6 +1018,7 @@ CERT_VerifyCACertForUsage(CERTCertDBHandle *handle, CERTCertificate *cert,
switch (certUsage) {
case certUsageSSLClient:
case certUsageSSLServer:
+ case certUsageIPsec:
case certUsageSSLCA:
case certUsageSSLServerWithStepUp:
case certUsageEmailSigner:
@@ -1171,6 +1204,7 @@ cert_CheckLeafTrust(CERTCertificate *cert, SECCertUsage certUsage,
switch (certUsage) {
case certUsageSSLClient:
case certUsageSSLServer:
+ case certUsageIPsec:
flags = trust.sslFlags;
/* is the cert directly trusted or not trusted ? */
@@ -1347,7 +1381,8 @@ CERT_VerifyCertificate(CERTCertDBHandle *handle, CERTCertificate *cert,
/* make sure that the cert is valid at time t */
allowOverride = (PRBool)((requiredUsages & certificateUsageSSLServer) ||
- (requiredUsages & certificateUsageSSLServerWithStepUp));
+ (requiredUsages & certificateUsageSSLServerWithStepUp) ||
+ (requiredUsages & certificateUsageIPsec));
validity = CERT_CheckCertValidTimes(cert, t, allowOverride);
if (validity != secCertTimeValid) {
valid = SECFailure;
@@ -1360,6 +1395,7 @@ CERT_VerifyCertificate(CERTCertDBHandle *handle, CERTCertificate *cert,
for (i = 1; i <= certificateUsageHighest &&
(SECSuccess == valid || returnedUsages || log);) {
+ PRBool typeAndEKUAllowed = PR_TRUE;
PRBool requiredUsage = (i & requiredUsages) ? PR_TRUE : PR_FALSE;
if (PR_FALSE == requiredUsage && PR_FALSE == checkAllUsages) {
NEXT_USAGE();
@@ -1376,6 +1412,7 @@ CERT_VerifyCertificate(CERTCertDBHandle *handle, CERTCertificate *cert,
case certUsageEmailRecipient:
case certUsageObjectSigner:
case certUsageStatusResponder:
+ case certUsageIPsec:
rv = CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_FALSE,
&requiredKeyUsage,
&requiredCertType);
@@ -1408,7 +1445,19 @@ CERT_VerifyCertificate(CERTCertDBHandle *handle, CERTCertificate *cert,
LOG_ERROR(log, cert, 0, requiredKeyUsage);
INVALID_USAGE();
}
- if (!(certType & requiredCertType)) {
+ if (certUsage != certUsageIPsec) {
+ if (!(certType & requiredCertType)) {
+ typeAndEKUAllowed = PR_FALSE;
+ }
+ } else {
+ PRBool isCritical;
+ PRBool allowed = cert_EKUAllowsIPsecIKE(cert, &isCritical);
+ /* If the extension isn't critical, we allow any EKU value. */
+ if (isCritical && !allowed) {
+ typeAndEKUAllowed = PR_FALSE;
+ }
+ }
+ if (!typeAndEKUAllowed) {
if (PR_TRUE == requiredUsage) {
PORT_SetError(SEC_ERROR_INADEQUATE_CERT_TYPE);
}
@@ -1508,7 +1557,8 @@ cert_VerifyCertWithFlags(CERTCertDBHandle *handle, CERTCertificate *cert,
/* make sure that the cert is valid at time t */
allowOverride = (PRBool)((certUsage == certUsageSSLServer) ||
- (certUsage == certUsageSSLServerWithStepUp));
+ (certUsage == certUsageSSLServerWithStepUp) ||
+ (certUsage == certUsageIPsec));
validity = CERT_CheckCertValidTimes(cert, t, allowOverride);
if (validity != secCertTimeValid) {
LOG_ERROR_OR_EXIT(log, cert, 0, validity);
@@ -1521,6 +1571,7 @@ cert_VerifyCertWithFlags(CERTCertDBHandle *handle, CERTCertificate *cert,
case certUsageSSLClient:
case certUsageSSLServer:
case certUsageSSLServerWithStepUp:
+ case certUsageIPsec:
case certUsageSSLCA:
case certUsageEmailSigner:
case certUsageEmailRecipient:
@@ -1633,6 +1684,7 @@ CERT_VerifyCertNow(CERTCertDBHandle *handle, CERTCertificate *cert,
* certUsageSSLClient
* certUsageSSLServer
* certUsageSSLServerWithStepUp
+ * certUsageIPsec
* certUsageEmailSigner
* certUsageEmailRecipient
* certUsageObjectSigner
diff --git a/security/nss/lib/certhigh/ocsp.h b/security/nss/lib/certhigh/ocsp.h
index ac9dd6465..1b94aec2e 100644
--- a/security/nss/lib/certhigh/ocsp.h
+++ b/security/nss/lib/certhigh/ocsp.h
@@ -12,7 +12,7 @@
#include "plarena.h"
#include "seccomon.h"
#include "secoidt.h"
-#include "keyt.h"
+#include "keythi.h"
#include "certt.h"
#include "ocspt.h"
diff --git a/security/nss/lib/ckfw/builtins/certdata.txt b/security/nss/lib/ckfw/builtins/certdata.txt
index d291f28a5..182dda65e 100644
--- a/security/nss/lib/ckfw/builtins/certdata.txt
+++ b/security/nss/lib/ckfw/builtins/certdata.txt
@@ -2144,146 +2144,6 @@ CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-#
-# Certificate "Visa eCommerce Root"
-#
-# Issuer: CN=Visa eCommerce Root,OU=Visa International Service Association,O=VISA,C=US
-# Serial Number:13:86:35:4d:1d:3f:06:f2:c1:f9:65:05:d5:90:1c:62
-# Subject: CN=Visa eCommerce Root,OU=Visa International Service Association,O=VISA,C=US
-# Not Valid Before: Wed Jun 26 02:18:36 2002
-# Not Valid After : Fri Jun 24 00:16:12 2022
-# Fingerprint (MD5): FC:11:B8:D8:08:93:30:00:6D:23:F9:7E:EB:52:1E:02
-# Fingerprint (SHA1): 70:17:9B:86:8C:00:A4:FA:60:91:52:22:3F:9F:3E:32:BD:E0:05:62
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa eCommerce Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\034\060\032\006\003\125\004\003\023\023\126\151\163\141\040\145
-\103\157\155\155\145\162\143\145\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\034\060\032\006\003\125\004\003\023\023\126\151\163\141\040\145
-\103\157\155\155\145\162\143\145\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\023\206\065\115\035\077\006\362\301\371\145\005\325\220
-\034\142
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\242\060\202\002\212\240\003\002\001\002\002\020\023
-\206\065\115\035\077\006\362\301\371\145\005\325\220\034\142\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\153
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\015\060
-\013\006\003\125\004\012\023\004\126\111\123\101\061\057\060\055
-\006\003\125\004\013\023\046\126\151\163\141\040\111\156\164\145
-\162\156\141\164\151\157\156\141\154\040\123\145\162\166\151\143
-\145\040\101\163\163\157\143\151\141\164\151\157\156\061\034\060
-\032\006\003\125\004\003\023\023\126\151\163\141\040\145\103\157
-\155\155\145\162\143\145\040\122\157\157\164\060\036\027\015\060
-\062\060\066\062\066\060\062\061\070\063\066\132\027\015\062\062
-\060\066\062\064\060\060\061\066\061\062\132\060\153\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\015\060\013\006\003
-\125\004\012\023\004\126\111\123\101\061\057\060\055\006\003\125
-\004\013\023\046\126\151\163\141\040\111\156\164\145\162\156\141
-\164\151\157\156\141\154\040\123\145\162\166\151\143\145\040\101
-\163\163\157\143\151\141\164\151\157\156\061\034\060\032\006\003
-\125\004\003\023\023\126\151\163\141\040\145\103\157\155\155\145
-\162\143\145\040\122\157\157\164\060\202\001\042\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000
-\060\202\001\012\002\202\001\001\000\257\127\336\126\036\156\241
-\332\140\261\224\047\313\027\333\007\077\200\205\117\310\234\266
-\320\364\157\117\317\231\330\341\333\302\110\134\072\254\071\063
-\307\037\152\213\046\075\053\065\365\110\261\221\301\002\116\004
-\226\221\173\260\063\360\261\024\116\021\157\265\100\257\033\105
-\245\112\357\176\266\254\362\240\037\130\077\022\106\140\074\215
-\241\340\175\317\127\076\063\036\373\107\361\252\025\227\007\125
-\146\245\265\055\056\330\200\131\262\247\015\267\106\354\041\143
-\377\065\253\245\002\317\052\364\114\376\173\365\224\135\204\115
-\250\362\140\217\333\016\045\074\237\163\161\317\224\337\112\352
-\333\337\162\070\214\363\226\275\361\027\274\322\272\073\105\132
-\306\247\366\306\027\213\001\235\374\031\250\052\203\026\270\072
-\110\376\116\076\240\253\006\031\351\123\363\200\023\007\355\055
-\277\077\012\074\125\040\071\054\054\000\151\164\225\112\274\040
-\262\251\171\345\030\211\221\250\334\034\115\357\273\176\067\013
-\135\376\071\245\210\122\214\000\154\354\030\174\101\275\366\213
-\165\167\272\140\235\204\347\376\055\002\003\001\000\001\243\102
-\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003
-\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003
-\002\001\006\060\035\006\003\125\035\016\004\026\004\024\025\070
-\203\017\077\054\077\160\063\036\315\106\376\007\214\040\340\327
-\303\267\060\015\006\011\052\206\110\206\367\015\001\001\005\005
-\000\003\202\001\001\000\137\361\101\175\174\134\010\271\053\340
-\325\222\107\372\147\134\245\023\303\003\041\233\053\114\211\106
-\317\131\115\311\376\245\100\266\143\315\335\161\050\225\147\021
-\314\044\254\323\104\154\161\256\001\040\153\003\242\217\030\267
-\051\072\175\345\026\140\123\170\074\300\257\025\203\367\217\122
-\063\044\275\144\223\227\356\213\367\333\030\250\155\161\263\367
-\054\027\320\164\045\151\367\376\153\074\224\276\115\113\101\214
-\116\342\163\320\343\220\042\163\103\315\363\357\352\163\316\105
-\212\260\246\111\377\114\175\235\161\210\304\166\035\220\133\035
-\356\375\314\367\356\375\140\245\261\172\026\161\321\026\320\174
-\022\074\154\151\227\333\256\137\071\232\160\057\005\074\031\106
-\004\231\040\066\320\140\156\141\006\273\026\102\214\160\367\060
-\373\340\333\146\243\000\001\275\346\054\332\221\137\240\106\213
-\115\152\234\075\075\335\005\106\376\166\277\240\012\074\344\000
-\346\047\267\377\204\055\336\272\042\047\226\020\161\353\042\355
-\337\337\063\234\317\343\255\256\216\324\216\346\117\121\257\026
-\222\340\134\366\007\017
-END
-CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-
-# Trust for Certificate "Visa eCommerce Root"
-# Issuer: CN=Visa eCommerce Root,OU=Visa International Service Association,O=VISA,C=US
-# Serial Number:13:86:35:4d:1d:3f:06:f2:c1:f9:65:05:d5:90:1c:62
-# Subject: CN=Visa eCommerce Root,OU=Visa International Service Association,O=VISA,C=US
-# Not Valid Before: Wed Jun 26 02:18:36 2002
-# Not Valid After : Fri Jun 24 00:16:12 2022
-# Fingerprint (MD5): FC:11:B8:D8:08:93:30:00:6D:23:F9:7E:EB:52:1E:02
-# Fingerprint (SHA1): 70:17:9B:86:8C:00:A4:FA:60:91:52:22:3F:9F:3E:32:BD:E0:05:62
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa eCommerce Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\160\027\233\206\214\000\244\372\140\221\122\042\077\237\076\062
-\275\340\005\142
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\374\021\270\330\010\223\060\000\155\043\371\176\353\122\036\002
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\153\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\034\060\032\006\003\125\004\003\023\023\126\151\163\141\040\145
-\103\157\155\155\145\162\143\145\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\023\206\065\115\035\077\006\362\301\371\145\005\325\220
-\034\142
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
#
# Certificate "Certum Root CA"
#
@@ -7053,193 +6913,6 @@ CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-#
-# Certificate "AC Raiz Certicamara S.A."
-#
-# Issuer: CN=AC Ra..z Certic..mara S.A.,O=Sociedad Cameral de Certificaci..n Digital - Certic..mara S.A.,C=CO
-# Serial Number:07:7e:52:93:7b:e0:15:e3:57:f0:69:8c:cb:ec:0c
-# Subject: CN=AC Ra..z Certic..mara S.A.,O=Sociedad Cameral de Certificaci..n Digital - Certic..mara S.A.,C=CO
-# Not Valid Before: Mon Nov 27 20:46:29 2006
-# Not Valid After : Tue Apr 02 21:42:02 2030
-# Fingerprint (MD5): 93:2A:3E:F6:FD:23:69:0D:71:20:D4:2B:47:99:2B:A6
-# Fingerprint (SHA1): CB:A1:C5:F8:B0:E3:5E:B8:B9:45:12:D3:F9:34:A2:E9:06:10:D3:36
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AC Ra\xC3\xADz Certic\xC3\xA1mara S.A."
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\173\061\013\060\011\006\003\125\004\006\023\002\103\117\061
-\107\060\105\006\003\125\004\012\014\076\123\157\143\151\145\144
-\141\144\040\103\141\155\145\162\141\154\040\144\145\040\103\145
-\162\164\151\146\151\143\141\143\151\303\263\156\040\104\151\147
-\151\164\141\154\040\055\040\103\145\162\164\151\143\303\241\155
-\141\162\141\040\123\056\101\056\061\043\060\041\006\003\125\004
-\003\014\032\101\103\040\122\141\303\255\172\040\103\145\162\164
-\151\143\303\241\155\141\162\141\040\123\056\101\056
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\173\061\013\060\011\006\003\125\004\006\023\002\103\117\061
-\107\060\105\006\003\125\004\012\014\076\123\157\143\151\145\144
-\141\144\040\103\141\155\145\162\141\154\040\144\145\040\103\145
-\162\164\151\146\151\143\141\143\151\303\263\156\040\104\151\147
-\151\164\141\154\040\055\040\103\145\162\164\151\143\303\241\155
-\141\162\141\040\123\056\101\056\061\043\060\041\006\003\125\004
-\003\014\032\101\103\040\122\141\303\255\172\040\103\145\162\164
-\151\143\303\241\155\141\162\141\040\123\056\101\056
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\017\007\176\122\223\173\340\025\343\127\360\151\214\313\354
-\014
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\006\146\060\202\004\116\240\003\002\001\002\002\017\007
-\176\122\223\173\340\025\343\127\360\151\214\313\354\014\060\015
-\006\011\052\206\110\206\367\015\001\001\005\005\000\060\173\061
-\013\060\011\006\003\125\004\006\023\002\103\117\061\107\060\105
-\006\003\125\004\012\014\076\123\157\143\151\145\144\141\144\040
-\103\141\155\145\162\141\154\040\144\145\040\103\145\162\164\151
-\146\151\143\141\143\151\303\263\156\040\104\151\147\151\164\141
-\154\040\055\040\103\145\162\164\151\143\303\241\155\141\162\141
-\040\123\056\101\056\061\043\060\041\006\003\125\004\003\014\032
-\101\103\040\122\141\303\255\172\040\103\145\162\164\151\143\303
-\241\155\141\162\141\040\123\056\101\056\060\036\027\015\060\066
-\061\061\062\067\062\060\064\066\062\071\132\027\015\063\060\060
-\064\060\062\062\061\064\062\060\062\132\060\173\061\013\060\011
-\006\003\125\004\006\023\002\103\117\061\107\060\105\006\003\125
-\004\012\014\076\123\157\143\151\145\144\141\144\040\103\141\155
-\145\162\141\154\040\144\145\040\103\145\162\164\151\146\151\143
-\141\143\151\303\263\156\040\104\151\147\151\164\141\154\040\055
-\040\103\145\162\164\151\143\303\241\155\141\162\141\040\123\056
-\101\056\061\043\060\041\006\003\125\004\003\014\032\101\103\040
-\122\141\303\255\172\040\103\145\162\164\151\143\303\241\155\141
-\162\141\040\123\056\101\056\060\202\002\042\060\015\006\011\052
-\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060
-\202\002\012\002\202\002\001\000\253\153\211\243\123\314\110\043
-\010\373\303\317\121\226\010\056\270\010\172\155\074\220\027\206
-\251\351\355\056\023\064\107\262\320\160\334\311\074\320\215\312
-\356\113\027\253\320\205\260\247\043\004\313\250\242\374\345\165
-\333\100\312\142\211\217\120\236\001\075\046\133\030\204\034\313
-\174\067\267\175\354\323\177\163\031\260\152\262\330\210\212\055
-\105\164\250\367\263\270\300\324\332\315\042\211\164\115\132\025
-\071\163\030\164\117\265\353\231\247\301\036\210\264\302\223\220
-\143\227\363\247\247\022\262\011\042\007\063\331\221\315\016\234
-\037\016\040\307\356\273\063\215\217\302\322\130\247\137\375\145
-\067\342\210\302\330\217\206\165\136\371\055\247\207\063\362\170
-\067\057\213\274\035\206\067\071\261\224\362\330\274\112\234\203
-\030\132\006\374\363\324\324\272\214\025\011\045\360\371\266\215
-\004\176\027\022\063\153\127\110\114\117\333\046\036\353\314\220
-\347\213\371\150\174\160\017\243\052\320\072\070\337\067\227\342
-\133\336\200\141\323\200\330\221\203\102\132\114\004\211\150\021
-\074\254\137\150\200\101\314\140\102\316\015\132\052\014\017\233
-\060\300\246\360\206\333\253\111\327\227\155\110\213\371\003\300
-\122\147\233\022\367\302\362\056\230\145\102\331\326\232\343\320
-\031\061\014\255\207\325\127\002\172\060\350\206\046\373\217\043
-\212\124\207\344\277\074\356\353\303\165\110\137\036\071\157\201
-\142\154\305\055\304\027\124\031\267\067\215\234\067\221\310\366
-\013\325\352\143\157\203\254\070\302\363\077\336\232\373\341\043
-\141\360\310\046\313\066\310\241\363\060\217\244\243\242\241\335
-\123\263\336\360\232\062\037\203\221\171\060\301\251\037\123\233
-\123\242\025\123\077\335\235\263\020\073\110\175\211\017\374\355
-\003\365\373\045\144\165\016\027\031\015\217\000\026\147\171\172
-\100\374\055\131\007\331\220\372\232\255\075\334\200\212\346\134
-\065\242\147\114\021\153\261\370\200\144\000\055\157\042\141\305
-\254\113\046\345\132\020\202\233\244\203\173\064\367\236\211\221
-\040\227\216\267\102\307\146\303\320\351\244\326\365\040\215\304
-\303\225\254\104\012\235\133\163\074\046\075\057\112\276\247\311
-\247\020\036\373\237\120\151\363\002\003\001\000\001\243\201\346
-\060\201\343\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
-\003\002\001\006\060\035\006\003\125\035\016\004\026\004\024\321
-\011\320\351\327\316\171\164\124\371\072\060\263\364\155\054\003
-\003\033\150\060\201\240\006\003\125\035\040\004\201\230\060\201
-\225\060\201\222\006\004\125\035\040\000\060\201\211\060\053\006
-\010\053\006\001\005\005\007\002\001\026\037\150\164\164\160\072
-\057\057\167\167\167\056\143\145\162\164\151\143\141\155\141\162
-\141\056\143\157\155\057\144\160\143\057\060\132\006\010\053\006
-\001\005\005\007\002\002\060\116\032\114\114\151\155\151\164\141
-\143\151\157\156\145\163\040\144\145\040\147\141\162\141\156\164
-\355\141\163\040\144\145\040\145\163\164\145\040\143\145\162\164
-\151\146\151\143\141\144\157\040\163\145\040\160\165\145\144\145
-\156\040\145\156\143\157\156\164\162\141\162\040\145\156\040\154
-\141\040\104\120\103\056\060\015\006\011\052\206\110\206\367\015
-\001\001\005\005\000\003\202\002\001\000\134\224\265\270\105\221
-\115\216\141\037\003\050\017\123\174\346\244\131\251\263\212\172
-\305\260\377\010\174\054\243\161\034\041\023\147\241\225\022\100
-\065\203\203\217\164\333\063\134\360\111\166\012\201\122\335\111
-\324\232\062\063\357\233\247\313\165\345\172\313\227\022\220\134
-\272\173\305\233\337\273\071\043\310\377\230\316\012\115\042\001
-\110\007\176\212\300\325\040\102\224\104\357\277\167\242\211\147
-\110\033\100\003\005\241\211\354\317\142\343\075\045\166\146\277
-\046\267\273\042\276\157\377\071\127\164\272\172\311\001\225\301
-\225\121\350\253\054\370\261\206\040\351\077\313\065\133\322\027
-\351\052\376\203\023\027\100\356\210\142\145\133\325\073\140\351
-\173\074\270\311\325\177\066\002\045\252\150\302\061\025\267\060
-\145\353\177\035\110\171\261\317\071\342\102\200\026\323\365\223
-\043\374\114\227\311\132\067\154\174\042\330\112\315\322\216\066
-\203\071\221\220\020\310\361\311\065\176\077\270\323\201\306\040
-\144\032\266\120\302\041\244\170\334\320\057\073\144\223\164\360
-\226\220\361\357\373\011\132\064\100\226\360\066\022\301\243\164
-\214\223\176\101\336\167\213\354\206\331\322\017\077\055\321\314
-\100\242\211\146\110\036\040\263\234\043\131\163\251\104\163\274
-\044\171\220\126\067\263\306\051\176\243\017\361\051\071\357\176
-\134\050\062\160\065\254\332\270\310\165\146\374\233\114\071\107
-\216\033\157\233\115\002\124\042\063\357\141\272\236\051\204\357
-\116\113\063\107\166\227\152\313\176\137\375\025\246\236\102\103
-\133\146\132\212\210\015\367\026\271\077\121\145\053\146\152\213
-\321\070\122\242\326\106\021\372\374\232\034\164\236\217\227\013
-\002\117\144\306\365\150\323\113\055\377\244\067\036\213\077\277
-\104\276\141\106\241\204\075\010\047\114\201\040\167\211\010\352
-\147\100\136\154\010\121\137\064\132\214\226\150\315\327\367\211
-\302\034\323\062\000\257\122\313\323\140\133\052\072\107\176\153
-\060\063\241\142\051\177\112\271\341\055\347\024\043\016\016\030
-\107\341\171\374\025\125\320\261\374\045\161\143\165\063\034\043
-\053\257\134\331\355\107\167\140\016\073\017\036\322\300\334\144
-\005\211\374\170\326\134\054\046\103\251
-END
-CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-
-# Trust for Certificate "AC Raiz Certicamara S.A."
-# Issuer: CN=AC Ra..z Certic..mara S.A.,O=Sociedad Cameral de Certificaci..n Digital - Certic..mara S.A.,C=CO
-# Serial Number:07:7e:52:93:7b:e0:15:e3:57:f0:69:8c:cb:ec:0c
-# Subject: CN=AC Ra..z Certic..mara S.A.,O=Sociedad Cameral de Certificaci..n Digital - Certic..mara S.A.,C=CO
-# Not Valid Before: Mon Nov 27 20:46:29 2006
-# Not Valid After : Tue Apr 02 21:42:02 2030
-# Fingerprint (MD5): 93:2A:3E:F6:FD:23:69:0D:71:20:D4:2B:47:99:2B:A6
-# Fingerprint (SHA1): CB:A1:C5:F8:B0:E3:5E:B8:B9:45:12:D3:F9:34:A2:E9:06:10:D3:36
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AC Ra\xC3\xADz Certic\xC3\xA1mara S.A."
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\313\241\305\370\260\343\136\270\271\105\022\323\371\064\242\351
-\006\020\323\066
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\223\052\076\366\375\043\151\015\161\040\324\053\107\231\053\246
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\173\061\013\060\011\006\003\125\004\006\023\002\103\117\061
-\107\060\105\006\003\125\004\012\014\076\123\157\143\151\145\144
-\141\144\040\103\141\155\145\162\141\154\040\144\145\040\103\145
-\162\164\151\146\151\143\141\143\151\303\263\156\040\104\151\147
-\151\164\141\154\040\055\040\103\145\162\164\151\143\303\241\155
-\141\162\141\040\123\056\101\056\061\043\060\041\006\003\125\004
-\003\014\032\101\103\040\122\141\303\255\172\040\103\145\162\164
-\151\143\303\241\155\141\162\141\040\123\056\101\056
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\017\007\176\122\223\173\340\025\343\127\360\151\214\313\354
-\014
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
#
# Certificate "Deutsche Telekom Root CA 2"
#
@@ -7381,136 +7054,6 @@ CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-#
-# Certificate "ComSign CA"
-#
-# Issuer: C=IL,O=ComSign,CN=ComSign CA
-# Serial Number:14:13:96:83:14:55:8c:ea:7b:63:e5:fc:34:87:77:44
-# Subject: C=IL,O=ComSign,CN=ComSign CA
-# Not Valid Before: Wed Mar 24 11:32:18 2004
-# Not Valid After : Mon Mar 19 15:02:18 2029
-# Fingerprint (MD5): CD:F4:39:F3:B5:18:50:D7:3E:A4:C5:91:A0:3E:21:4B
-# Fingerprint (SHA1): E1:A4:5B:14:1A:21:DA:1A:79:F4:1A:42:A9:61:D6:69:CD:06:34:C1
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ComSign CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\064\061\023\060\021\006\003\125\004\003\023\012\103\157\155
-\123\151\147\156\040\103\101\061\020\060\016\006\003\125\004\012
-\023\007\103\157\155\123\151\147\156\061\013\060\011\006\003\125
-\004\006\023\002\111\114
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\064\061\023\060\021\006\003\125\004\003\023\012\103\157\155
-\123\151\147\156\040\103\101\061\020\060\016\006\003\125\004\012
-\023\007\103\157\155\123\151\147\156\061\013\060\011\006\003\125
-\004\006\023\002\111\114
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\024\023\226\203\024\125\214\352\173\143\345\374\064\207
-\167\104
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\223\060\202\002\173\240\003\002\001\002\002\020\024
-\023\226\203\024\125\214\352\173\143\345\374\064\207\167\104\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\064
-\061\023\060\021\006\003\125\004\003\023\012\103\157\155\123\151
-\147\156\040\103\101\061\020\060\016\006\003\125\004\012\023\007
-\103\157\155\123\151\147\156\061\013\060\011\006\003\125\004\006
-\023\002\111\114\060\036\027\015\060\064\060\063\062\064\061\061
-\063\062\061\070\132\027\015\062\071\060\063\061\071\061\065\060
-\062\061\070\132\060\064\061\023\060\021\006\003\125\004\003\023
-\012\103\157\155\123\151\147\156\040\103\101\061\020\060\016\006
-\003\125\004\012\023\007\103\157\155\123\151\147\156\061\013\060
-\011\006\003\125\004\006\023\002\111\114\060\202\001\042\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
-\017\000\060\202\001\012\002\202\001\001\000\360\344\124\151\053
-\323\307\217\152\104\344\176\130\047\370\013\320\344\224\022\212
-\361\033\070\070\057\037\061\234\006\324\054\247\336\013\052\256
-\032\240\343\236\152\277\237\074\307\156\242\371\213\144\154\072
-\255\205\125\121\124\245\070\125\270\253\203\004\362\077\144\066
-\367\300\215\103\103\152\146\321\367\027\052\325\357\066\372\060
-\020\102\327\123\315\371\372\063\163\114\263\351\204\040\212\326
-\101\047\065\344\070\372\224\233\270\172\344\171\037\063\373\033
-\330\041\011\050\174\115\030\151\136\144\212\172\031\223\312\176
-\354\363\162\347\067\007\130\131\050\254\102\371\305\377\315\077
-\347\245\372\070\261\320\014\307\331\122\032\123\326\201\314\102
-\172\065\133\355\113\072\172\366\265\216\314\377\017\174\344\140
-\066\207\057\255\360\241\045\175\377\322\113\021\210\160\124\246
-\101\250\147\123\122\102\136\344\064\236\344\276\243\354\252\142
-\135\335\303\114\246\202\101\344\063\013\254\311\063\017\144\202
-\127\052\375\014\255\066\341\014\256\113\305\357\073\231\331\043
-\263\133\135\264\127\354\164\160\014\052\117\002\003\001\000\001
-\243\201\240\060\201\235\060\014\006\003\125\035\023\004\005\060
-\003\001\001\377\060\075\006\003\125\035\037\004\066\060\064\060
-\062\240\060\240\056\206\054\150\164\164\160\072\057\057\146\145
-\144\151\162\056\143\157\155\163\151\147\156\056\143\157\056\151
-\154\057\143\162\154\057\103\157\155\123\151\147\156\103\101\056
-\143\162\154\060\016\006\003\125\035\017\001\001\377\004\004\003
-\002\001\206\060\037\006\003\125\035\043\004\030\060\026\200\024
-\113\001\233\076\126\032\145\066\166\313\173\227\252\222\005\356
-\062\347\050\061\060\035\006\003\125\035\016\004\026\004\024\113
-\001\233\076\126\032\145\066\166\313\173\227\252\222\005\356\062
-\347\050\061\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\202\001\001\000\320\331\245\176\376\051\140\105\235
-\176\203\317\156\274\107\156\365\032\236\124\166\102\161\264\074
-\130\077\055\100\045\102\366\201\234\361\211\020\310\016\252\170
-\117\070\011\127\260\074\300\010\374\065\216\361\110\121\215\014
-\161\164\272\204\304\327\162\233\204\174\070\116\144\006\047\052
-\341\247\265\354\010\231\264\012\015\324\205\163\310\022\341\065
-\355\361\005\061\035\163\231\014\353\226\312\335\323\346\205\252
-\360\212\373\165\301\362\011\074\145\145\144\363\114\330\255\313
-\210\151\363\344\203\267\014\275\027\132\226\027\312\133\377\255
-\273\034\351\055\204\200\330\041\276\205\122\331\324\164\271\151
-\205\272\115\355\050\062\353\371\141\112\344\304\066\036\031\334
-\157\204\021\037\225\365\203\050\030\250\063\222\103\047\335\135
-\023\004\105\117\207\325\106\315\075\250\272\360\363\270\126\044
-\105\353\067\307\341\166\117\162\071\030\337\176\164\162\307\163
-\055\071\352\140\346\255\021\242\126\207\173\303\150\232\376\370
-\214\160\250\337\145\062\364\244\100\214\241\302\104\003\016\224
-\000\147\240\161\000\202\110
-END
-CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-
-# Trust for Certificate "ComSign CA"
-# Issuer: C=IL,O=ComSign,CN=ComSign CA
-# Serial Number:14:13:96:83:14:55:8c:ea:7b:63:e5:fc:34:87:77:44
-# Subject: C=IL,O=ComSign,CN=ComSign CA
-# Not Valid Before: Wed Mar 24 11:32:18 2004
-# Not Valid After : Mon Mar 19 15:02:18 2029
-# Fingerprint (MD5): CD:F4:39:F3:B5:18:50:D7:3E:A4:C5:91:A0:3E:21:4B
-# Fingerprint (SHA1): E1:A4:5B:14:1A:21:DA:1A:79:F4:1A:42:A9:61:D6:69:CD:06:34:C1
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ComSign CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\341\244\133\024\032\041\332\032\171\364\032\102\251\141\326\151
-\315\006\064\301
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\315\364\071\363\265\030\120\327\076\244\305\221\240\076\041\113
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\064\061\023\060\021\006\003\125\004\003\023\012\103\157\155
-\123\151\147\156\040\103\101\061\020\060\016\006\003\125\004\012
-\023\007\103\157\155\123\151\147\156\061\013\060\011\006\003\125
-\004\006\023\002\111\114
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\024\023\226\203\024\125\214\352\173\143\345\374\064\207
-\167\104
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
-
#
# Certificate "Cybertrust Global Root"
#
@@ -19149,427 +18692,450 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "Certplus Root CA G1"
+# Certificate "ISRG Root X1"
#
-# Issuer: CN=Certplus Root CA G1,O=Certplus,C=FR
-# Serial Number:11:20:55:83:e4:2d:3e:54:56:85:2d:83:37:b7:2c:dc:46:11
-# Subject: CN=Certplus Root CA G1,O=Certplus,C=FR
-# Not Valid Before: Mon May 26 00:00:00 2014
-# Not Valid After : Fri Jan 15 00:00:00 2038
-# Fingerprint (SHA-256): 15:2A:40:2B:FC:DF:2C:D5:48:05:4D:22:75:B3:9C:7F:CA:3E:C0:97:80:78:B0:F0:EA:76:E5:61:A6:C7:43:3E
-# Fingerprint (SHA1): 22:FD:D0:B7:FD:A2:4E:0D:AC:49:2C:A0:AC:A6:7B:6A:1F:E3:F7:66
+# Issuer: CN=ISRG Root X1,O=Internet Security Research Group,C=US
+# Serial Number:00:82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00
+# Subject: CN=ISRG Root X1,O=Internet Security Research Group,C=US
+# Not Valid Before: Thu Jun 04 11:04:38 2015
+# Not Valid After : Mon Jun 04 11:04:38 2035
+# Fingerprint (SHA-256): 96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0:BD:DF:08:C6
+# Fingerprint (SHA1): CA:BD:2A:79:A1:07:6A:31:F2:1D:25:36:35:CB:03:9D:43:29:A5:E8
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Certplus Root CA G1"
+CKA_LABEL UTF8 "ISRG Root X1"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
-\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
-\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\061
+\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\051\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156
+\145\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145
+\141\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003
+\125\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130
+\061
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
-\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
-\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\061
+\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\051\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156
+\145\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145
+\141\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003
+\125\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130
+\061
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\022\021\040\125\203\344\055\076\124\126\205\055\203\067\267
-\054\334\106\021
+\002\021\000\202\020\317\260\322\100\343\131\104\143\340\273\143
+\202\213\000
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\005\153\060\202\003\123\240\003\002\001\002\002\022\021
-\040\125\203\344\055\076\124\126\205\055\203\067\267\054\334\106
-\021\060\015\006\011\052\206\110\206\367\015\001\001\015\005\000
-\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
-\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
-\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\061
-\060\036\027\015\061\064\060\065\062\066\060\060\060\060\060\060
-\132\027\015\063\070\060\061\061\065\060\060\060\060\060\060\132
-\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
-\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
-\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\061
-\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001
-\000\332\120\207\266\332\270\251\076\235\144\372\126\063\232\126
-\075\026\345\003\225\262\064\034\232\155\142\005\324\330\217\347
-\211\144\237\272\333\144\213\144\346\171\052\141\315\257\217\132
-\211\221\145\271\130\374\264\003\137\221\077\055\020\025\340\176
-\317\274\374\177\103\147\250\255\136\066\043\330\230\263\115\363
-\103\236\071\174\052\374\354\210\325\210\356\160\275\205\026\055
-\352\113\211\074\243\161\102\376\034\375\323\034\055\020\270\206
-\124\352\103\270\333\306\207\332\250\256\200\045\317\172\046\035
-\252\221\260\110\157\256\265\336\236\330\327\372\000\375\306\217
-\320\121\273\142\175\244\261\214\262\377\040\021\272\065\143\005
-\206\107\140\103\063\220\366\107\242\003\117\226\115\235\117\301
-\352\352\234\242\376\064\056\336\267\312\033\166\244\267\255\237
-\351\250\324\170\077\170\376\362\070\011\066\035\322\026\002\310
-\354\052\150\257\365\216\224\357\055\023\172\036\102\112\035\025
-\061\256\014\004\127\374\141\163\363\061\126\206\061\200\240\304
-\021\156\060\166\343\224\360\137\004\304\254\207\162\211\230\305
-\235\314\127\010\232\364\014\374\175\172\005\072\372\107\200\071
-\266\317\204\023\167\157\047\352\377\226\147\027\010\155\351\015
-\326\043\120\060\260\025\164\023\076\345\057\377\016\315\304\013
-\112\135\360\330\000\063\111\146\353\241\030\174\131\056\075\050
-\271\141\161\313\265\245\272\270\352\334\342\160\157\010\152\334
-\207\147\064\357\337\060\162\335\363\311\077\043\377\065\341\276
-\041\051\040\060\201\344\031\245\040\351\045\312\163\061\164\051
-\276\342\102\325\363\262\046\146\307\150\375\031\263\347\040\223
-\231\350\135\340\136\207\347\106\350\045\234\012\051\044\324\315
-\130\206\122\100\044\262\173\017\230\022\040\044\366\220\154\107
-\310\015\273\030\040\056\331\375\374\213\362\051\352\207\164\225
-\340\102\120\170\204\004\101\141\260\364\041\043\217\055\313\050
-\041\362\152\154\364\032\246\305\024\264\067\145\117\225\375\200
-\310\370\162\345\045\153\304\140\261\173\155\216\112\212\163\316
-\131\373\160\172\163\006\023\331\323\164\067\044\101\012\021\157
-\227\334\347\344\176\241\275\025\362\272\207\017\075\150\212\026
-\007\002\003\001\000\001\243\143\060\141\060\016\006\003\125\035
-\017\001\001\377\004\004\003\002\001\006\060\017\006\003\125\035
-\023\001\001\377\004\005\060\003\001\001\377\060\035\006\003\125
-\035\016\004\026\004\024\250\301\300\233\221\250\103\025\174\135
-\006\047\264\052\121\330\227\013\201\261\060\037\006\003\125\035
-\043\004\030\060\026\200\024\250\301\300\233\221\250\103\025\174
-\135\006\047\264\052\121\330\227\013\201\261\060\015\006\011\052
-\206\110\206\367\015\001\001\015\005\000\003\202\002\001\000\234
-\126\157\001\176\321\275\114\365\212\306\360\046\037\344\340\070
-\030\314\062\303\051\073\235\101\051\064\141\306\327\360\000\241
-\353\244\162\217\224\027\274\023\054\165\264\127\356\012\174\011
-\172\334\325\312\241\320\064\023\370\167\253\237\345\376\330\036
-\164\212\205\007\217\177\314\171\172\312\226\315\315\375\117\373
-\375\043\015\220\365\364\136\323\306\141\175\236\021\340\002\356
-\011\004\331\007\335\246\212\267\014\203\044\273\203\120\222\376
-\140\165\021\076\330\235\260\212\172\265\340\235\233\313\220\122
-\113\260\223\052\324\076\026\063\345\236\306\145\025\076\144\073
-\004\077\333\014\217\137\134\035\151\037\257\363\351\041\214\363
-\357\227\366\232\267\031\266\204\164\234\243\124\265\160\116\143
-\330\127\135\123\041\233\100\222\103\372\326\167\125\063\117\144
-\325\373\320\054\152\216\155\045\246\357\205\350\002\304\123\076
-\271\236\207\274\314\065\032\336\241\351\212\143\207\145\036\021
-\052\333\143\167\227\024\276\232\024\231\021\262\300\356\260\117
-\370\024\041\062\103\117\237\253\242\313\250\017\252\073\006\125
-\306\022\051\127\010\324\067\327\207\047\255\111\131\247\221\253
-\104\172\136\215\160\333\227\316\110\120\261\163\223\366\360\203
-\140\371\315\361\341\061\375\133\174\161\041\143\024\024\252\257
-\305\336\223\176\150\261\354\042\242\252\220\165\236\265\103\162
-\352\144\243\204\113\375\014\250\046\153\161\227\356\126\143\146
-\350\102\124\371\307\035\337\320\217\133\337\310\060\157\210\376
-\015\304\063\034\123\250\243\375\110\020\362\344\012\116\341\025
-\127\374\156\144\060\302\125\021\334\352\251\315\112\124\254\051
-\143\104\317\112\100\240\326\150\131\033\063\371\357\072\213\333
-\040\222\334\102\204\277\001\253\207\300\325\040\202\333\306\271
-\203\205\102\134\017\103\073\152\111\065\325\230\364\025\277\372
-\141\201\014\011\040\030\322\320\027\014\313\110\000\120\351\166
-\202\214\144\327\072\240\007\125\314\036\061\300\357\072\264\145
-\373\343\277\102\153\236\017\250\275\153\230\334\330\333\313\213
-\244\335\327\131\364\156\335\376\252\303\221\320\056\102\007\300
-\014\115\123\315\044\261\114\133\036\121\364\337\351\222\372
+\060\202\005\153\060\202\003\123\240\003\002\001\002\002\021\000
+\202\020\317\260\322\100\343\131\104\143\340\273\143\202\213\000
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061\051
+\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156\145
+\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145\141
+\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003\125
+\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130\061
+\060\036\027\015\061\065\060\066\060\064\061\061\060\064\063\070
+\132\027\015\063\065\060\066\060\064\061\061\060\064\063\070\132
+\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\051\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156
+\145\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145
+\141\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003
+\125\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130
+\061\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001
+\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002
+\001\000\255\350\044\163\364\024\067\363\233\236\053\127\050\034
+\207\276\334\267\337\070\220\214\156\074\346\127\240\170\367\165
+\302\242\376\365\152\156\366\000\117\050\333\336\150\206\154\104
+\223\266\261\143\375\024\022\153\277\037\322\352\061\233\041\176
+\321\063\074\272\110\365\335\171\337\263\270\377\022\361\041\232
+\113\301\212\206\161\151\112\146\146\154\217\176\074\160\277\255
+\051\042\006\363\344\300\346\200\256\342\113\217\267\231\176\224
+\003\237\323\107\227\174\231\110\043\123\350\070\256\117\012\157
+\203\056\321\111\127\214\200\164\266\332\057\320\070\215\173\003
+\160\041\033\165\362\060\074\372\217\256\335\332\143\253\353\026
+\117\302\216\021\113\176\317\013\350\377\265\167\056\364\262\173
+\112\340\114\022\045\014\160\215\003\051\240\341\123\044\354\023
+\331\356\031\277\020\263\112\214\077\211\243\141\121\336\254\207
+\007\224\364\143\161\354\056\342\157\133\230\201\341\211\134\064
+\171\154\166\357\073\220\142\171\346\333\244\232\057\046\305\320
+\020\341\016\336\331\020\216\026\373\267\367\250\367\307\345\002
+\007\230\217\066\010\225\347\342\067\226\015\066\165\236\373\016
+\162\261\035\233\274\003\371\111\005\330\201\335\005\264\052\326
+\101\351\254\001\166\225\012\017\330\337\325\275\022\037\065\057
+\050\027\154\322\230\301\250\011\144\167\156\107\067\272\316\254
+\131\136\150\235\177\162\326\211\305\006\101\051\076\131\076\335
+\046\365\044\311\021\247\132\243\114\100\037\106\241\231\265\247
+\072\121\156\206\073\236\175\162\247\022\005\170\131\355\076\121
+\170\025\013\003\217\215\320\057\005\262\076\173\112\034\113\163
+\005\022\374\306\352\340\120\023\174\103\223\164\263\312\164\347
+\216\037\001\010\320\060\324\133\161\066\264\007\272\301\060\060
+\134\110\267\202\073\230\246\175\140\212\242\243\051\202\314\272
+\275\203\004\033\242\203\003\101\241\326\005\361\033\302\266\360
+\250\174\206\073\106\250\110\052\210\334\166\232\166\277\037\152
+\245\075\031\217\353\070\363\144\336\310\053\015\012\050\377\367
+\333\342\025\102\324\042\320\047\135\341\171\376\030\347\160\210
+\255\116\346\331\213\072\306\335\047\121\156\377\274\144\365\063
+\103\117\002\003\001\000\001\243\102\060\100\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\035\006\003
+\125\035\016\004\026\004\024\171\264\131\346\173\266\345\344\001
+\163\200\010\210\310\032\130\366\351\233\156\060\015\006\011\052
+\206\110\206\367\015\001\001\013\005\000\003\202\002\001\000\125
+\037\130\251\274\262\250\120\320\014\261\330\032\151\040\047\051
+\010\254\141\165\134\212\156\370\202\345\151\057\325\366\126\113
+\271\270\163\020\131\323\041\227\176\347\114\161\373\262\322\140
+\255\071\250\013\352\027\041\126\205\361\120\016\131\353\316\340
+\131\351\272\311\025\357\206\235\217\204\200\366\344\351\221\220
+\334\027\233\142\033\105\360\146\225\322\174\157\302\352\073\357
+\037\317\313\326\256\047\361\251\260\310\256\375\175\176\232\372
+\042\004\353\377\331\177\352\221\053\042\261\027\016\217\362\212
+\064\133\130\330\374\001\311\124\271\270\046\314\212\210\063\211
+\114\055\204\074\202\337\356\226\127\005\272\054\273\367\304\267
+\307\116\073\202\276\061\310\042\163\163\222\321\302\200\244\071
+\071\020\063\043\202\114\074\237\206\262\125\230\035\276\051\206
+\214\042\233\236\342\153\073\127\072\202\160\115\334\011\307\211
+\313\012\007\115\154\350\135\216\311\357\316\253\307\273\265\053
+\116\105\326\112\320\046\314\345\162\312\010\152\245\225\343\025
+\241\367\244\355\311\054\137\245\373\377\254\050\002\056\276\327
+\173\273\343\161\173\220\026\323\007\136\106\123\174\067\007\102
+\214\323\304\226\234\325\231\265\052\340\225\032\200\110\256\114
+\071\007\316\314\107\244\122\225\053\272\270\373\255\322\063\123
+\175\345\035\115\155\325\241\261\307\102\157\346\100\047\065\134
+\243\050\267\007\215\347\215\063\220\347\043\237\373\120\234\171
+\154\106\325\264\025\263\226\156\176\233\014\226\072\270\122\055
+\077\326\133\341\373\010\302\204\376\044\250\243\211\332\254\152
+\341\030\052\261\250\103\141\133\323\037\334\073\215\166\362\055
+\350\215\165\337\027\063\154\075\123\373\173\313\101\137\377\334
+\242\320\141\070\341\226\270\254\135\213\067\327\165\325\063\300
+\231\021\256\235\101\301\162\165\204\276\002\101\102\137\147\044
+\110\224\321\233\047\276\007\077\271\270\117\201\164\121\341\172
+\267\355\235\043\342\276\340\325\050\004\023\074\061\003\236\335
+\172\154\217\306\007\030\306\177\336\107\216\077\050\236\004\006
+\317\245\124\064\167\275\354\211\233\351\027\103\337\133\333\137
+\376\216\036\127\242\315\100\235\176\142\042\332\336\030\047
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "Certplus Root CA G1"
-# Issuer: CN=Certplus Root CA G1,O=Certplus,C=FR
-# Serial Number:11:20:55:83:e4:2d:3e:54:56:85:2d:83:37:b7:2c:dc:46:11
-# Subject: CN=Certplus Root CA G1,O=Certplus,C=FR
-# Not Valid Before: Mon May 26 00:00:00 2014
-# Not Valid After : Fri Jan 15 00:00:00 2038
-# Fingerprint (SHA-256): 15:2A:40:2B:FC:DF:2C:D5:48:05:4D:22:75:B3:9C:7F:CA:3E:C0:97:80:78:B0:F0:EA:76:E5:61:A6:C7:43:3E
-# Fingerprint (SHA1): 22:FD:D0:B7:FD:A2:4E:0D:AC:49:2C:A0:AC:A6:7B:6A:1F:E3:F7:66
+# Trust for "ISRG Root X1"
+# Issuer: CN=ISRG Root X1,O=Internet Security Research Group,C=US
+# Serial Number:00:82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00
+# Subject: CN=ISRG Root X1,O=Internet Security Research Group,C=US
+# Not Valid Before: Thu Jun 04 11:04:38 2015
+# Not Valid After : Mon Jun 04 11:04:38 2035
+# Fingerprint (SHA-256): 96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0:BD:DF:08:C6
+# Fingerprint (SHA1): CA:BD:2A:79:A1:07:6A:31:F2:1D:25:36:35:CB:03:9D:43:29:A5:E8
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Certplus Root CA G1"
+CKA_LABEL UTF8 "ISRG Root X1"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\042\375\320\267\375\242\116\015\254\111\054\240\254\246\173\152
-\037\343\367\146
+\312\275\052\171\241\007\152\061\362\035\045\066\065\313\003\235
+\103\051\245\350
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\177\011\234\367\331\271\134\151\151\126\325\067\076\024\015\102
+\014\322\371\340\332\027\163\351\355\206\115\245\343\160\347\116
END
CKA_ISSUER MULTILINE_OCTAL
-\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
-\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
-\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\061
+\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\051\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156
+\145\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145
+\141\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003
+\125\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130
+\061
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\022\021\040\125\203\344\055\076\124\126\205\055\203\067\267
-\054\334\106\021
+\002\021\000\202\020\317\260\322\100\343\131\104\143\340\273\143
+\202\213\000
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "Certplus Root CA G2"
+# Certificate "AC RAIZ FNMT-RCM"
#
-# Issuer: CN=Certplus Root CA G2,O=Certplus,C=FR
-# Serial Number:11:20:d9:91:ce:ae:a3:e8:c5:e7:ff:e9:02:af:cf:73:bc:55
-# Subject: CN=Certplus Root CA G2,O=Certplus,C=FR
-# Not Valid Before: Mon May 26 00:00:00 2014
-# Not Valid After : Fri Jan 15 00:00:00 2038
-# Fingerprint (SHA-256): 6C:C0:50:41:E6:44:5E:74:69:6C:4C:FB:C9:F8:0F:54:3B:7E:AB:BB:44:B4:CE:6F:78:7C:6A:99:71:C4:2F:17
-# Fingerprint (SHA1): 4F:65:8E:1F:E9:06:D8:28:02:E9:54:47:41:C9:54:25:5D:69:CC:1A
+# Issuer: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
+# Serial Number:5d:93:8d:30:67:36:c8:06:1d:1a:c7:54:84:69:07
+# Subject: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
+# Not Valid Before: Wed Oct 29 15:59:56 2008
+# Not Valid After : Tue Jan 01 00:00:00 2030
+# Fingerprint (SHA-256): EB:C5:57:0C:29:01:8C:4D:67:B1:AA:12:7B:AF:12:F7:03:B4:61:1E:BC:17:B7:DA:B5:57:38:94:17:9B:93:FA
+# Fingerprint (SHA1): EC:50:35:07:B2:15:C4:95:62:19:E2:A8:9A:5B:42:99:2C:4C:2C:20
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Certplus Root CA G2"
+CKA_LABEL UTF8 "AC RAIZ FNMT-RCM"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
-\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
-\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\062
-END
+\060\073\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\021\060\017\006\003\125\004\012\014\010\106\116\115\124\055\122
+\103\115\061\031\060\027\006\003\125\004\013\014\020\101\103\040
+\122\101\111\132\040\106\116\115\124\055\122\103\115
+END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
-\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
-\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\062
+\060\073\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\021\060\017\006\003\125\004\012\014\010\106\116\115\124\055\122
+\103\115\061\031\060\027\006\003\125\004\013\014\020\101\103\040
+\122\101\111\132\040\106\116\115\124\055\122\103\115
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\022\021\040\331\221\316\256\243\350\305\347\377\351\002\257
-\317\163\274\125
+\002\017\135\223\215\060\147\066\310\006\035\032\307\124\204\151
+\007
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\002\034\060\202\001\242\240\003\002\001\002\002\022\021
-\040\331\221\316\256\243\350\305\347\377\351\002\257\317\163\274
-\125\060\012\006\010\052\206\110\316\075\004\003\003\060\076\061
-\013\060\011\006\003\125\004\006\023\002\106\122\061\021\060\017
-\006\003\125\004\012\014\010\103\145\162\164\160\154\165\163\061
-\034\060\032\006\003\125\004\003\014\023\103\145\162\164\160\154
-\165\163\040\122\157\157\164\040\103\101\040\107\062\060\036\027
-\015\061\064\060\065\062\066\060\060\060\060\060\060\132\027\015
-\063\070\060\061\061\065\060\060\060\060\060\060\132\060\076\061
-\013\060\011\006\003\125\004\006\023\002\106\122\061\021\060\017
-\006\003\125\004\012\014\010\103\145\162\164\160\154\165\163\061
-\034\060\032\006\003\125\004\003\014\023\103\145\162\164\160\154
-\165\163\040\122\157\157\164\040\103\101\040\107\062\060\166\060
-\020\006\007\052\206\110\316\075\002\001\006\005\053\201\004\000
-\042\003\142\000\004\315\017\133\126\202\337\360\105\032\326\255
-\367\171\360\035\311\254\226\326\236\116\234\037\264\102\021\312
-\206\277\155\373\205\243\305\345\031\134\327\356\246\077\151\147
-\330\170\342\246\311\304\333\055\171\056\347\213\215\002\157\061
-\042\115\006\343\140\162\105\235\016\102\167\236\316\317\345\177
-\205\233\030\344\374\314\056\162\323\026\223\116\312\231\143\134
-\241\005\052\154\006\243\143\060\141\060\016\006\003\125\035\017
-\001\001\377\004\004\003\002\001\006\060\017\006\003\125\035\023
-\001\001\377\004\005\060\003\001\001\377\060\035\006\003\125\035
-\016\004\026\004\024\332\203\143\002\171\216\332\114\306\074\043
-\024\330\217\303\040\253\050\140\131\060\037\006\003\125\035\043
-\004\030\060\026\200\024\332\203\143\002\171\216\332\114\306\074
-\043\024\330\217\303\040\253\050\140\131\060\012\006\010\052\206
-\110\316\075\004\003\003\003\150\000\060\145\002\060\160\376\260
-\013\331\367\203\227\354\363\125\035\324\334\263\006\016\376\063
-\230\235\213\071\220\153\224\041\355\266\327\135\326\114\327\041
-\247\347\277\041\017\053\315\367\052\334\205\007\235\002\061\000
-\206\024\026\345\334\260\145\302\300\216\024\237\277\044\026\150
-\345\274\371\171\151\334\255\105\053\367\266\061\163\314\006\245
-\123\223\221\032\223\256\160\152\147\272\327\236\345\141\032\137
+\060\202\005\203\060\202\003\153\240\003\002\001\002\002\017\135
+\223\215\060\147\066\310\006\035\032\307\124\204\151\007\060\015
+\006\011\052\206\110\206\367\015\001\001\013\005\000\060\073\061
+\013\060\011\006\003\125\004\006\023\002\105\123\061\021\060\017
+\006\003\125\004\012\014\010\106\116\115\124\055\122\103\115\061
+\031\060\027\006\003\125\004\013\014\020\101\103\040\122\101\111
+\132\040\106\116\115\124\055\122\103\115\060\036\027\015\060\070
+\061\060\062\071\061\065\065\071\065\066\132\027\015\063\060\060
+\061\060\061\060\060\060\060\060\060\132\060\073\061\013\060\011
+\006\003\125\004\006\023\002\105\123\061\021\060\017\006\003\125
+\004\012\014\010\106\116\115\124\055\122\103\115\061\031\060\027
+\006\003\125\004\013\014\020\101\103\040\122\101\111\132\040\106
+\116\115\124\055\122\103\115\060\202\002\042\060\015\006\011\052
+\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060
+\202\002\012\002\202\002\001\000\272\161\200\172\114\206\156\177
+\310\023\155\300\306\175\034\000\227\217\054\014\043\273\020\232
+\100\251\032\267\207\210\370\233\126\152\373\346\173\216\213\222
+\216\247\045\135\131\021\333\066\056\267\121\027\037\251\010\037
+\004\027\044\130\252\067\112\030\337\345\071\324\127\375\327\301
+\054\221\001\221\342\042\324\003\300\130\374\167\107\354\217\076
+\164\103\272\254\064\215\115\070\166\147\216\260\310\157\060\063
+\130\161\134\264\365\153\156\324\001\120\270\023\176\154\112\243
+\111\321\040\031\356\274\300\051\030\145\247\336\376\357\335\012
+\220\041\347\032\147\222\102\020\230\137\117\060\274\076\034\105
+\264\020\327\150\100\024\300\100\372\347\167\027\172\346\013\217
+\145\133\074\331\232\122\333\265\275\236\106\317\075\353\221\005
+\002\300\226\262\166\114\115\020\226\073\222\372\234\177\017\231
+\337\276\043\065\105\036\002\134\376\265\250\233\231\045\332\136
+\363\042\303\071\365\344\052\056\323\306\037\304\154\252\305\034
+\152\001\005\112\057\322\305\301\250\064\046\135\146\245\322\002
+\041\371\030\267\006\365\116\231\157\250\253\114\121\350\317\120
+\030\305\167\310\071\011\054\111\222\062\231\250\273\027\027\171
+\260\132\305\346\243\304\131\145\107\065\203\136\251\350\065\013
+\231\273\344\315\040\306\233\112\006\071\265\150\374\042\272\356
+\125\214\053\116\352\363\261\343\374\266\231\232\325\102\372\161
+\115\010\317\207\036\152\161\175\371\323\264\351\245\161\201\173
+\302\116\107\226\245\366\166\205\243\050\217\351\200\156\201\123
+\245\155\137\270\110\371\302\371\066\246\056\111\377\270\226\302
+\214\007\263\233\210\130\374\353\033\034\336\055\160\342\227\222
+\060\241\211\343\274\125\250\047\326\113\355\220\255\213\372\143
+\045\131\055\250\065\335\312\227\063\274\345\315\307\235\321\354
+\357\136\016\112\220\006\046\143\255\271\331\065\055\007\272\166
+\145\054\254\127\217\175\364\007\224\327\201\002\226\135\243\007
+\111\325\172\320\127\371\033\347\123\106\165\252\260\171\102\313
+\150\161\010\351\140\275\071\151\316\364\257\303\126\100\307\255
+\122\242\011\344\157\206\107\212\037\353\050\047\135\203\040\257
+\004\311\154\126\232\213\106\365\002\003\001\000\001\243\201\203
+\060\201\200\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\006\060\035\006\003\125\035\016\004\026\004\024\367
+\175\305\375\304\350\232\033\167\144\247\365\035\240\314\277\207
+\140\232\155\060\076\006\003\125\035\040\004\067\060\065\060\063
+\006\004\125\035\040\000\060\053\060\051\006\010\053\006\001\005
+\005\007\002\001\026\035\150\164\164\160\072\057\057\167\167\167
+\056\143\145\162\164\056\146\156\155\164\056\145\163\057\144\160
+\143\163\057\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\003\202\002\001\000\007\220\112\337\363\043\116\360\303
+\234\121\145\233\234\042\242\212\014\205\363\163\051\153\115\376
+\001\342\251\014\143\001\277\004\147\245\235\230\137\375\001\023
+\372\354\232\142\351\206\376\266\142\322\156\114\224\373\300\165
+\105\174\145\014\370\262\067\317\254\017\317\215\157\371\031\367
+\217\354\036\362\160\236\360\312\270\357\267\377\166\067\166\133
+\366\156\210\363\257\142\062\042\223\015\072\152\216\024\146\014
+\055\123\164\127\145\036\325\262\335\043\201\073\245\146\043\047
+\147\011\217\341\167\252\103\315\145\121\010\355\121\130\376\346
+\071\371\313\107\204\244\025\361\166\273\244\356\244\073\304\137
+\357\262\063\226\021\030\267\311\145\276\030\341\243\244\334\372
+\030\371\323\274\023\233\071\172\064\272\323\101\373\372\062\212
+\052\267\053\206\013\151\203\070\276\315\212\056\013\160\255\215
+\046\222\356\036\365\001\053\012\331\326\227\233\156\340\250\031
+\034\072\041\213\014\036\100\255\003\347\335\146\176\365\271\040
+\015\003\350\226\371\202\105\324\071\340\240\000\135\327\230\346
+\175\236\147\163\303\232\052\367\253\213\241\072\024\357\064\274
+\122\016\211\230\232\004\100\204\035\176\105\151\223\127\316\353
+\316\370\120\174\117\034\156\004\103\233\371\326\073\043\030\351
+\352\216\321\115\106\215\361\073\344\152\312\272\373\043\267\233
+\372\231\001\051\132\130\132\055\343\371\324\155\016\046\255\301
+\156\064\274\062\370\014\005\372\145\243\333\073\067\203\042\351
+\326\334\162\063\375\135\362\040\275\166\074\043\332\050\367\371
+\033\353\131\144\325\334\137\162\176\040\374\315\211\265\220\147
+\115\142\172\077\116\255\035\303\071\376\172\364\050\026\337\101
+\366\110\200\005\327\017\121\171\254\020\253\324\354\003\146\346
+\152\260\272\061\222\102\100\152\276\072\323\162\341\152\067\125
+\274\254\035\225\267\151\141\362\103\221\164\346\240\323\012\044
+\106\241\010\257\326\332\105\031\226\324\123\035\133\204\171\360
+\300\367\107\357\213\217\305\006\256\235\114\142\235\377\106\004
+\370\323\311\266\020\045\100\165\376\026\252\311\112\140\206\057
+\272\357\060\167\344\124\342\270\204\231\130\200\252\023\213\121
+\072\117\110\366\213\266\263
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "Certplus Root CA G2"
-# Issuer: CN=Certplus Root CA G2,O=Certplus,C=FR
-# Serial Number:11:20:d9:91:ce:ae:a3:e8:c5:e7:ff:e9:02:af:cf:73:bc:55
-# Subject: CN=Certplus Root CA G2,O=Certplus,C=FR
-# Not Valid Before: Mon May 26 00:00:00 2014
-# Not Valid After : Fri Jan 15 00:00:00 2038
-# Fingerprint (SHA-256): 6C:C0:50:41:E6:44:5E:74:69:6C:4C:FB:C9:F8:0F:54:3B:7E:AB:BB:44:B4:CE:6F:78:7C:6A:99:71:C4:2F:17
-# Fingerprint (SHA1): 4F:65:8E:1F:E9:06:D8:28:02:E9:54:47:41:C9:54:25:5D:69:CC:1A
+# Trust for "AC RAIZ FNMT-RCM"
+# Issuer: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
+# Serial Number:5d:93:8d:30:67:36:c8:06:1d:1a:c7:54:84:69:07
+# Subject: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
+# Not Valid Before: Wed Oct 29 15:59:56 2008
+# Not Valid After : Tue Jan 01 00:00:00 2030
+# Fingerprint (SHA-256): EB:C5:57:0C:29:01:8C:4D:67:B1:AA:12:7B:AF:12:F7:03:B4:61:1E:BC:17:B7:DA:B5:57:38:94:17:9B:93:FA
+# Fingerprint (SHA1): EC:50:35:07:B2:15:C4:95:62:19:E2:A8:9A:5B:42:99:2C:4C:2C:20
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Certplus Root CA G2"
+CKA_LABEL UTF8 "AC RAIZ FNMT-RCM"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\117\145\216\037\351\006\330\050\002\351\124\107\101\311\124\045
-\135\151\314\032
+\354\120\065\007\262\025\304\225\142\031\342\250\232\133\102\231
+\054\114\054\040
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\247\356\304\170\055\033\356\055\271\051\316\326\247\226\062\061
+\342\011\004\264\323\275\321\240\024\375\032\322\107\304\127\035
END
CKA_ISSUER MULTILINE_OCTAL
-\060\076\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\021\060\017\006\003\125\004\012\014\010\103\145\162\164\160\154
-\165\163\061\034\060\032\006\003\125\004\003\014\023\103\145\162
-\164\160\154\165\163\040\122\157\157\164\040\103\101\040\107\062
+\060\073\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\021\060\017\006\003\125\004\012\014\010\106\116\115\124\055\122
+\103\115\061\031\060\027\006\003\125\004\013\014\020\101\103\040
+\122\101\111\132\040\106\116\115\124\055\122\103\115
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\022\021\040\331\221\316\256\243\350\305\347\377\351\002\257
-\317\163\274\125
+\002\017\135\223\215\060\147\066\310\006\035\032\307\124\204\151
+\007
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "OpenTrust Root CA G1"
+# Certificate "Amazon Root CA 1"
#
-# Issuer: CN=OpenTrust Root CA G1,O=OpenTrust,C=FR
-# Serial Number:11:20:b3:90:55:39:7d:7f:36:6d:64:c2:a7:9f:6b:63:8e:67
-# Subject: CN=OpenTrust Root CA G1,O=OpenTrust,C=FR
-# Not Valid Before: Mon May 26 08:45:50 2014
-# Not Valid After : Fri Jan 15 00:00:00 2038
-# Fingerprint (SHA-256): 56:C7:71:28:D9:8C:18:D9:1B:4C:FD:FF:BC:25:EE:91:03:D4:75:8E:A2:AB:AD:82:6A:90:F3:45:7D:46:0E:B4
-# Fingerprint (SHA1): 79:91:E8:34:F7:E2:EE:DD:08:95:01:52:E9:55:2D:14:E9:58:D5:7E
+# Issuer: CN=Amazon Root CA 1,O=Amazon,C=US
+# Serial Number:06:6c:9f:cf:99:bf:8c:0a:39:e2:f0:78:8a:43:e6:96:36:5b:ca
+# Subject: CN=Amazon Root CA 1,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sun Jan 17 00:00:00 2038
+# Fingerprint (SHA-256): 8E:CD:E6:88:4F:3D:87:B1:12:5B:A3:1A:C3:FC:B1:3D:70:16:DE:7F:57:CC:90:4F:E1:CB:97:C6:AE:98:19:6E
+# Fingerprint (SHA1): 8D:A7:F9:65:EC:5E:FC:37:91:0F:1C:6E:59:FD:C1:CC:6A:6E:DE:16
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "OpenTrust Root CA G1"
+CKA_LABEL UTF8 "Amazon Root CA 1"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
-\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
-\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
-\107\061
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\061
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
-\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
-\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
-\107\061
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\061
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\022\021\040\263\220\125\071\175\177\066\155\144\302\247\237
-\153\143\216\147
+\002\023\006\154\237\317\231\277\214\012\071\342\360\170\212\103
+\346\226\066\133\312
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\005\157\060\202\003\127\240\003\002\001\002\002\022\021
-\040\263\220\125\071\175\177\066\155\144\302\247\237\153\143\216
-\147\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000
-\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
-\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
-\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
-\107\061\060\036\027\015\061\064\060\065\062\066\060\070\064\065
-\065\060\132\027\015\063\070\060\061\061\065\060\060\060\060\060
-\060\132\060\100\061\013\060\011\006\003\125\004\006\023\002\106
-\122\061\022\060\020\006\003\125\004\012\014\011\117\160\145\156
-\124\162\165\163\164\061\035\060\033\006\003\125\004\003\014\024
-\117\160\145\156\124\162\165\163\164\040\122\157\157\164\040\103
-\101\040\107\061\060\202\002\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\002\017\000\060\202\002\012
-\002\202\002\001\000\370\171\106\332\226\305\060\136\212\161\003
-\055\160\244\273\260\305\010\334\315\346\065\300\200\244\021\055
-\335\346\207\256\135\075\221\322\207\154\067\267\332\142\236\233
-\302\044\327\217\361\333\246\246\337\106\157\121\246\161\313\076
-\033\061\147\142\367\021\133\064\047\325\171\116\214\233\130\275
-\042\020\015\134\047\014\335\060\345\250\323\135\041\070\164\027
-\376\343\037\266\117\073\153\055\333\175\140\037\214\175\114\005
-\302\353\001\026\025\230\024\216\321\220\167\042\077\354\302\071
-\270\171\072\360\111\044\342\225\221\334\141\064\222\214\124\164
-\357\261\175\214\001\342\070\175\301\137\152\137\044\262\216\142
-\027\255\171\040\255\253\035\267\340\264\226\110\117\146\103\020
-\006\026\044\003\341\340\234\216\306\106\117\216\032\231\341\217
-\271\216\063\154\151\336\130\255\240\016\247\144\124\021\151\104
-\146\117\114\022\247\216\054\175\304\324\133\305\000\064\060\301
-\331\231\376\062\316\007\204\264\116\315\012\377\066\115\142\361
-\247\143\127\344\333\152\247\256\277\053\271\311\346\262\047\211
-\345\176\232\034\115\150\306\301\030\336\063\053\121\106\113\034
-\216\367\075\014\371\212\064\024\304\373\063\065\043\361\314\361
-\052\307\245\273\260\242\316\376\123\153\115\101\033\146\050\262
-\226\372\247\256\012\116\271\071\063\104\234\164\301\223\034\370
-\340\236\044\045\103\361\233\043\202\252\337\054\040\260\334\066
-\116\003\263\174\002\324\346\173\032\252\207\023\277\076\241\164
-\273\233\016\341\300\223\237\327\244\146\312\273\033\073\343\060
-\364\063\131\212\007\162\003\125\347\163\152\003\061\156\157\226
-\033\343\242\237\257\222\307\355\365\102\267\045\114\073\023\004
-\317\034\226\257\034\042\243\320\253\005\262\114\022\043\122\334
-\375\031\133\047\234\036\073\172\375\102\043\333\043\200\023\360
-\274\121\025\124\224\246\167\076\320\164\121\275\121\024\010\071
-\067\313\037\064\251\060\235\122\204\056\125\220\261\272\337\125
-\000\013\330\126\055\261\111\111\162\200\251\142\327\300\366\030
-\021\004\125\315\164\173\317\141\160\171\364\173\054\134\134\222
-\374\345\270\132\253\114\223\225\241\047\356\245\276\317\161\043
-\102\272\233\166\055\002\003\001\000\001\243\143\060\141\060\016
-\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060\017
-\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
-\035\006\003\125\035\016\004\026\004\024\227\106\041\127\041\065
-\332\066\125\307\363\361\067\160\345\010\366\223\051\266\060\037
-\006\003\125\035\043\004\030\060\026\200\024\227\106\041\127\041
-\065\332\066\125\307\363\361\067\160\345\010\366\223\051\266\060
-\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202
-\002\001\000\035\335\002\140\174\340\065\247\346\230\173\352\104
-\316\147\100\117\362\223\156\146\324\071\211\046\254\323\115\004
-\074\273\207\041\077\067\364\161\045\332\113\272\253\226\202\201
-\221\266\355\331\261\244\145\227\342\157\144\131\244\226\356\140
-\312\037\043\373\105\272\377\217\044\360\312\251\061\177\171\037
-\200\263\055\062\272\144\147\140\257\271\131\315\337\232\111\323
-\250\202\261\371\230\224\212\314\340\273\340\004\033\231\140\261
-\106\145\334\010\242\262\106\236\104\210\352\223\176\127\026\322
-\025\162\137\056\113\253\324\235\143\270\343\110\345\376\204\056
-\130\012\237\103\035\376\267\030\222\206\103\113\016\234\062\206
-\054\140\365\351\110\352\225\355\160\051\361\325\057\375\065\264
-\127\317\333\205\110\231\271\302\157\154\217\315\170\225\254\144
-\050\375\126\260\303\157\303\276\131\122\341\137\204\217\200\362
-\364\015\066\255\166\263\243\265\341\144\166\072\130\334\175\117
-\136\126\154\345\125\131\127\245\337\361\212\146\060\214\324\122
-\142\070\167\264\276\050\327\312\066\304\233\005\360\370\025\333
-\333\361\357\064\235\035\170\112\210\126\147\156\140\377\217\310
-\213\341\216\275\102\251\063\012\131\102\022\022\052\372\261\235
-\103\216\005\233\231\332\142\255\127\066\263\035\266\015\171\055
-\226\270\353\362\014\113\014\245\224\306\060\247\046\031\055\355
-\114\006\120\060\361\375\130\075\271\113\027\137\031\264\152\204
-\124\264\070\117\071\242\015\226\150\303\050\224\375\355\055\037
-\112\153\103\226\056\220\001\020\373\070\246\201\013\320\277\165
-\323\324\271\316\361\077\157\016\034\036\067\161\345\030\207\165
-\031\077\120\271\136\244\105\064\255\260\312\346\345\023\166\017
-\061\024\251\216\055\224\326\325\205\115\163\025\117\113\362\262
-\076\355\154\275\375\016\235\146\163\260\075\264\367\277\250\340
-\021\244\304\256\165\011\112\143\000\110\040\246\306\235\013\011
-\212\264\340\346\316\076\307\076\046\070\351\053\336\246\010\111
-\003\004\220\212\351\217\277\350\266\264\052\243\043\215\034\034
-\262\071\222\250\217\002\134\100\071\165\324\163\101\002\167\336
-\315\340\103\207\326\344\272\112\303\154\022\177\376\052\346\043
-\326\214\161
+\060\202\003\101\060\202\002\051\240\003\002\001\002\002\023\006
+\154\237\317\231\277\214\012\071\342\360\170\212\103\346\226\066
+\133\312\060\015\006\011\052\206\110\206\367\015\001\001\013\005
+\000\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157
+\156\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172
+\157\156\040\122\157\157\164\040\103\101\040\061\060\036\027\015
+\061\065\060\065\062\066\060\060\060\060\060\060\132\027\015\063
+\070\060\061\061\067\060\060\060\060\060\060\132\060\071\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\017\060\015\006
+\003\125\004\012\023\006\101\155\141\172\157\156\061\031\060\027
+\006\003\125\004\003\023\020\101\155\141\172\157\156\040\122\157
+\157\164\040\103\101\040\061\060\202\001\042\060\015\006\011\052
+\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060
+\202\001\012\002\202\001\001\000\262\170\200\161\312\170\325\343
+\161\257\107\200\120\164\175\156\330\327\210\166\364\231\150\367
+\130\041\140\371\164\204\001\057\254\002\055\206\323\240\103\172
+\116\262\244\320\066\272\001\276\215\333\110\310\007\027\066\114
+\364\356\210\043\307\076\353\067\365\265\031\370\111\150\260\336
+\327\271\166\070\035\141\236\244\376\202\066\245\345\112\126\344
+\105\341\371\375\264\026\372\164\332\234\233\065\071\057\372\260
+\040\120\006\154\172\320\200\262\246\371\257\354\107\031\217\120
+\070\007\334\242\207\071\130\370\272\325\251\371\110\147\060\226
+\356\224\170\136\157\211\243\121\300\060\206\146\241\105\146\272
+\124\353\243\303\221\371\110\334\377\321\350\060\055\175\055\164
+\160\065\327\210\044\367\236\304\131\156\273\163\207\027\362\062
+\106\050\270\103\372\267\035\252\312\264\362\237\044\016\055\113
+\367\161\134\136\151\377\352\225\002\313\070\212\256\120\070\157
+\333\373\055\142\033\305\307\036\124\341\167\340\147\310\017\234
+\207\043\326\077\100\040\177\040\200\304\200\114\076\073\044\046
+\216\004\256\154\232\310\252\015\002\003\001\000\001\243\102\060
+\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
+\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002
+\001\206\060\035\006\003\125\035\016\004\026\004\024\204\030\314
+\205\064\354\274\014\224\224\056\010\131\234\307\262\020\116\012
+\010\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000
+\003\202\001\001\000\230\362\067\132\101\220\241\032\305\166\121
+\050\040\066\043\016\256\346\050\273\252\370\224\256\110\244\060
+\177\033\374\044\215\113\264\310\241\227\366\266\361\172\160\310
+\123\223\314\010\050\343\230\045\317\043\244\371\336\041\323\174
+\205\011\255\116\232\165\072\302\013\152\211\170\166\104\107\030
+\145\154\215\101\216\073\177\232\313\364\265\247\120\327\005\054
+\067\350\003\113\255\351\141\240\002\156\365\362\360\305\262\355
+\133\267\334\372\224\134\167\236\023\245\177\122\255\225\362\370
+\223\073\336\213\134\133\312\132\122\133\140\257\024\367\113\357
+\243\373\237\100\225\155\061\124\374\102\323\307\106\037\043\255
+\331\017\110\160\232\331\165\170\161\321\162\103\064\165\156\127
+\131\302\002\134\046\140\051\317\043\031\026\216\210\103\245\324
+\344\313\010\373\043\021\103\350\103\051\162\142\241\251\135\136
+\010\324\220\256\270\330\316\024\302\320\125\362\206\366\304\223
+\103\167\146\141\300\271\350\101\327\227\170\140\003\156\112\162
+\256\245\321\175\272\020\236\206\154\033\212\271\131\063\370\353
+\304\220\276\361\271
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "OpenTrust Root CA G1"
-# Issuer: CN=OpenTrust Root CA G1,O=OpenTrust,C=FR
-# Serial Number:11:20:b3:90:55:39:7d:7f:36:6d:64:c2:a7:9f:6b:63:8e:67
-# Subject: CN=OpenTrust Root CA G1,O=OpenTrust,C=FR
-# Not Valid Before: Mon May 26 08:45:50 2014
-# Not Valid After : Fri Jan 15 00:00:00 2038
-# Fingerprint (SHA-256): 56:C7:71:28:D9:8C:18:D9:1B:4C:FD:FF:BC:25:EE:91:03:D4:75:8E:A2:AB:AD:82:6A:90:F3:45:7D:46:0E:B4
-# Fingerprint (SHA1): 79:91:E8:34:F7:E2:EE:DD:08:95:01:52:E9:55:2D:14:E9:58:D5:7E
+# Trust for "Amazon Root CA 1"
+# Issuer: CN=Amazon Root CA 1,O=Amazon,C=US
+# Serial Number:06:6c:9f:cf:99:bf:8c:0a:39:e2:f0:78:8a:43:e6:96:36:5b:ca
+# Subject: CN=Amazon Root CA 1,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sun Jan 17 00:00:00 2038
+# Fingerprint (SHA-256): 8E:CD:E6:88:4F:3D:87:B1:12:5B:A3:1A:C3:FC:B1:3D:70:16:DE:7F:57:CC:90:4F:E1:CB:97:C6:AE:98:19:6E
+# Fingerprint (SHA1): 8D:A7:F9:65:EC:5E:FC:37:91:0F:1C:6E:59:FD:C1:CC:6A:6E:DE:16
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "OpenTrust Root CA G1"
+CKA_LABEL UTF8 "Amazon Root CA 1"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\171\221\350\064\367\342\356\335\010\225\001\122\351\125\055\024
-\351\130\325\176
+\215\247\371\145\354\136\374\067\221\017\034\156\131\375\301\314
+\152\156\336\026
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\166\000\314\201\051\315\125\136\210\152\172\056\367\115\071\332
+\103\306\277\256\354\376\255\057\030\306\210\150\060\374\310\346
END
CKA_ISSUER MULTILINE_OCTAL
-\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
-\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
-\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
-\107\061
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\061
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\022\021\040\263\220\125\071\175\177\066\155\144\302\247\237
-\153\143\216\147
+\002\023\006\154\237\317\231\277\214\012\071\342\360\170\212\103
+\346\226\066\133\312
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
@@ -19577,162 +19143,156 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "OpenTrust Root CA G2"
+# Certificate "Amazon Root CA 2"
#
-# Issuer: CN=OpenTrust Root CA G2,O=OpenTrust,C=FR
-# Serial Number:11:20:a1:69:1b:bf:bd:b9:bd:52:96:8f:23:e8:48:bf:26:11
-# Subject: CN=OpenTrust Root CA G2,O=OpenTrust,C=FR
-# Not Valid Before: Mon May 26 00:00:00 2014
-# Not Valid After : Fri Jan 15 00:00:00 2038
-# Fingerprint (SHA-256): 27:99:58:29:FE:6A:75:15:C1:BF:E8:48:F9:C4:76:1D:B1:6C:22:59:29:25:7B:F4:0D:08:94:F2:9E:A8:BA:F2
-# Fingerprint (SHA1): 79:5F:88:60:C5:AB:7C:3D:92:E6:CB:F4:8D:E1:45:CD:11:EF:60:0B
+# Issuer: CN=Amazon Root CA 2,O=Amazon,C=US
+# Serial Number:06:6c:9f:d2:96:35:86:9f:0a:0f:e5:86:78:f8:5b:26:bb:8a:37
+# Subject: CN=Amazon Root CA 2,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sat May 26 00:00:00 2040
+# Fingerprint (SHA-256): 1B:A5:B2:AA:8C:65:40:1A:82:96:01:18:F8:0B:EC:4F:62:30:4D:83:CE:C4:71:3A:19:C3:9C:01:1E:A4:6D:B4
+# Fingerprint (SHA1): 5A:8C:EF:45:D7:A6:98:59:76:7A:8C:8B:44:96:B5:78:CF:47:4B:1A
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "OpenTrust Root CA G2"
+CKA_LABEL UTF8 "Amazon Root CA 2"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
-\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
-\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
-\107\062
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\062
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
-\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
-\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
-\107\062
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\062
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\022\021\040\241\151\033\277\275\271\275\122\226\217\043\350
-\110\277\046\021
+\002\023\006\154\237\322\226\065\206\237\012\017\345\206\170\370
+\133\046\273\212\067
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\005\157\060\202\003\127\240\003\002\001\002\002\022\021
-\040\241\151\033\277\275\271\275\122\226\217\043\350\110\277\046
-\021\060\015\006\011\052\206\110\206\367\015\001\001\015\005\000
-\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
-\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
-\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
-\107\062\060\036\027\015\061\064\060\065\062\066\060\060\060\060
-\060\060\132\027\015\063\070\060\061\061\065\060\060\060\060\060
-\060\132\060\100\061\013\060\011\006\003\125\004\006\023\002\106
-\122\061\022\060\020\006\003\125\004\012\014\011\117\160\145\156
-\124\162\165\163\164\061\035\060\033\006\003\125\004\003\014\024
-\117\160\145\156\124\162\165\163\164\040\122\157\157\164\040\103
-\101\040\107\062\060\202\002\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\002\017\000\060\202\002\012
-\002\202\002\001\000\314\266\127\245\063\224\020\201\062\123\337
-\141\176\017\166\071\317\134\302\123\165\035\111\172\226\070\335
-\242\163\152\361\157\336\136\242\132\271\161\041\276\066\331\241
-\374\274\356\154\250\174\064\032\161\032\350\032\330\137\016\104
-\006\355\247\340\363\322\141\013\340\062\242\226\321\070\360\302
-\332\001\027\374\344\254\117\350\356\211\036\164\253\117\277\036
-\011\266\066\152\126\363\341\356\226\211\146\044\006\344\315\102
-\072\112\335\340\232\260\304\202\105\263\376\311\253\134\174\076
-\311\353\027\057\014\175\156\256\245\217\310\254\045\012\157\372
-\325\105\230\322\065\011\366\003\103\224\376\331\277\040\225\171
-\200\230\212\331\211\065\273\121\033\244\067\175\374\231\073\253
-\377\277\254\015\217\103\261\231\173\026\020\176\035\157\107\304
-\025\217\004\226\010\006\102\004\370\204\326\035\274\221\246\102
-\276\111\325\152\210\077\274\055\121\321\236\215\340\122\314\127
-\335\065\065\130\333\264\217\044\210\344\213\337\334\153\124\322
-\201\053\262\316\222\113\034\037\106\372\035\330\222\313\166\147
-\265\011\231\011\345\254\027\024\125\160\306\074\240\126\012\003
-\263\334\142\031\337\310\265\060\177\365\074\046\165\021\275\327
-\033\263\207\236\007\257\145\161\345\240\317\032\247\011\020\035
-\223\211\146\133\350\074\142\062\265\265\072\156\351\205\001\213
-\236\103\214\147\163\050\131\133\353\343\334\054\314\245\046\162
-\142\022\264\346\234\203\104\366\121\244\342\300\172\044\127\312
-\016\245\077\072\265\073\213\345\166\356\160\346\222\336\026\134
-\050\133\227\031\047\222\376\172\222\124\316\223\071\012\026\207
-\274\143\263\365\261\223\134\340\156\267\320\352\371\142\062\210
-\104\373\277\047\050\266\060\225\135\022\050\271\225\276\217\123
-\030\345\242\030\026\342\126\244\262\054\020\365\035\067\246\370
-\267\366\320\131\134\211\367\302\325\265\224\164\321\325\376\033
-\266\360\346\326\036\173\322\074\313\250\343\365\030\363\041\037
-\156\357\115\150\006\173\055\135\156\103\211\246\300\371\240\277
-\202\036\317\123\177\264\353\054\333\135\366\152\175\100\044\005
-\162\211\070\001\223\313\161\302\071\135\006\021\366\157\170\370
-\067\015\071\204\047\002\003\001\000\001\243\143\060\141\060\016
-\006\003\125\035\017\001\001\377\004\004\003\002\001\006\060\017
-\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
-\035\006\003\125\035\016\004\026\004\024\152\071\372\102\042\367
-\346\211\000\115\136\175\063\203\313\270\156\167\206\257\060\037
-\006\003\125\035\043\004\030\060\026\200\024\152\071\372\102\042
-\367\346\211\000\115\136\175\063\203\313\270\156\167\206\257\060
-\015\006\011\052\206\110\206\367\015\001\001\015\005\000\003\202
-\002\001\000\230\313\253\100\074\345\063\002\227\177\055\207\246
-\217\324\136\112\257\270\036\347\273\161\373\200\144\045\251\263
-\032\076\150\135\047\046\247\272\052\341\360\127\203\012\144\117
-\036\042\164\033\351\220\137\360\254\317\377\117\150\172\070\244
-\020\154\015\261\307\244\167\200\030\266\242\050\104\166\247\064
-\235\161\204\057\312\131\322\107\210\231\101\042\311\060\230\141
-\156\075\250\250\005\155\321\037\300\121\104\126\177\047\065\002
-\335\136\230\012\102\353\060\277\215\241\233\121\252\073\352\223
-\106\144\305\000\171\336\041\153\366\127\240\206\327\006\162\354
-\160\106\113\213\163\335\240\041\165\076\334\035\300\217\323\117
-\163\034\205\331\376\177\142\310\225\157\266\323\173\214\272\123
-\302\157\233\104\114\171\320\035\160\263\327\237\002\364\262\007
-\260\307\345\370\255\043\016\246\126\311\051\022\167\110\331\057
-\106\375\073\360\374\164\160\222\245\216\070\010\037\144\060\266
-\267\113\373\066\254\020\216\240\122\063\143\235\003\065\126\305
-\151\275\306\043\132\047\224\366\244\022\370\055\063\074\241\126
-\245\137\326\031\351\355\174\010\275\167\315\047\144\314\224\332
-\116\106\120\207\340\371\301\123\200\036\273\255\373\107\122\213
-\033\375\242\371\336\016\042\267\075\063\131\154\324\336\365\225
-\006\062\015\121\031\101\134\076\117\006\367\271\053\200\047\366
-\243\252\172\174\006\341\103\303\023\071\142\032\066\275\340\050
-\056\224\002\344\051\056\140\125\256\100\075\260\164\222\136\360
-\040\144\226\077\137\105\135\210\265\212\332\002\240\133\105\124
-\336\070\075\011\300\250\112\145\106\026\374\252\277\124\116\115
-\133\276\070\103\267\050\312\213\063\252\032\045\272\045\134\051
-\057\133\112\156\214\352\055\234\052\366\005\166\340\167\227\200
-\210\335\147\023\157\035\150\044\213\117\267\164\201\345\364\140
-\237\172\125\327\076\067\332\026\153\076\167\254\256\030\160\225
-\010\171\051\003\212\376\301\073\263\077\032\017\244\073\136\037
-\130\241\225\311\253\057\163\112\320\055\156\232\131\017\125\030
-\170\055\074\121\246\227\213\346\273\262\160\252\114\021\336\377
-\174\053\067\324\172\321\167\064\217\347\371\102\367\074\201\014
-\113\122\012
-END
-CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-
-# Trust for "OpenTrust Root CA G2"
-# Issuer: CN=OpenTrust Root CA G2,O=OpenTrust,C=FR
-# Serial Number:11:20:a1:69:1b:bf:bd:b9:bd:52:96:8f:23:e8:48:bf:26:11
-# Subject: CN=OpenTrust Root CA G2,O=OpenTrust,C=FR
-# Not Valid Before: Mon May 26 00:00:00 2014
-# Not Valid After : Fri Jan 15 00:00:00 2038
-# Fingerprint (SHA-256): 27:99:58:29:FE:6A:75:15:C1:BF:E8:48:F9:C4:76:1D:B1:6C:22:59:29:25:7B:F4:0D:08:94:F2:9E:A8:BA:F2
-# Fingerprint (SHA1): 79:5F:88:60:C5:AB:7C:3D:92:E6:CB:F4:8D:E1:45:CD:11:EF:60:0B
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "OpenTrust Root CA G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\171\137\210\140\305\253\174\075\222\346\313\364\215\341\105\315
-\021\357\140\013
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\127\044\266\131\044\153\256\310\376\034\014\040\362\300\116\353
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
-\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
-\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
-\107\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\022\021\040\241\151\033\277\275\271\275\122\226\217\043\350
-\110\277\046\021
+\060\202\005\101\060\202\003\051\240\003\002\001\002\002\023\006
+\154\237\322\226\065\206\237\012\017\345\206\170\370\133\046\273
+\212\067\060\015\006\011\052\206\110\206\367\015\001\001\014\005
+\000\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157
+\156\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172
+\157\156\040\122\157\157\164\040\103\101\040\062\060\036\027\015
+\061\065\060\065\062\066\060\060\060\060\060\060\132\027\015\064
+\060\060\065\062\066\060\060\060\060\060\060\132\060\071\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\017\060\015\006
+\003\125\004\012\023\006\101\155\141\172\157\156\061\031\060\027
+\006\003\125\004\003\023\020\101\155\141\172\157\156\040\122\157
+\157\164\040\103\101\040\062\060\202\002\042\060\015\006\011\052
+\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060
+\202\002\012\002\202\002\001\000\255\226\237\055\234\112\114\112
+\201\171\121\231\354\212\313\153\140\121\023\274\115\155\006\374
+\260\010\215\335\031\020\152\307\046\014\065\330\300\157\040\204
+\351\224\261\233\205\003\303\133\333\112\350\310\370\220\166\331
+\133\117\343\114\350\006\066\115\314\232\254\075\014\220\053\222
+\324\006\031\140\254\067\104\171\205\201\202\255\132\067\340\015
+\314\235\246\114\122\166\352\103\235\267\004\321\120\366\125\340
+\325\322\246\111\205\351\067\351\312\176\256\134\225\115\110\232
+\077\256\040\132\155\210\225\331\064\270\122\032\103\220\260\277
+\154\005\271\266\170\267\352\320\344\072\074\022\123\142\377\112
+\362\173\276\065\005\251\022\064\343\363\144\164\142\054\075\000
+\111\132\050\376\062\104\273\207\335\145\047\002\161\073\332\112
+\367\037\332\315\367\041\125\220\117\017\354\256\202\341\237\153
+\331\105\323\273\360\137\207\355\074\054\071\206\332\077\336\354
+\162\125\353\171\243\255\333\335\174\260\272\034\316\374\336\117
+\065\166\317\017\370\170\037\152\066\121\106\047\141\133\351\236
+\317\360\242\125\175\174\045\212\157\057\264\305\317\204\056\053
+\375\015\121\020\154\373\137\033\274\033\176\305\256\073\230\001
+\061\222\377\013\127\364\232\262\271\127\351\253\357\015\166\321
+\360\356\364\316\206\247\340\156\351\264\151\241\337\151\366\063
+\306\151\056\227\023\236\245\207\260\127\020\201\067\311\123\263
+\273\177\366\222\321\234\320\030\364\222\156\332\203\117\246\143
+\231\114\245\373\136\357\041\144\172\040\137\154\144\205\025\313
+\067\351\142\014\013\052\026\334\001\056\062\332\076\113\365\236
+\072\366\027\100\224\357\236\221\010\206\372\276\143\250\132\063
+\354\313\164\103\225\371\154\151\122\066\307\051\157\374\125\003
+\134\037\373\237\275\107\353\347\111\107\225\013\116\211\042\011
+\111\340\365\141\036\361\277\056\212\162\156\200\131\377\127\072
+\371\165\062\243\116\137\354\355\050\142\331\115\163\362\314\201
+\027\140\355\315\353\334\333\247\312\305\176\002\275\362\124\010
+\124\375\264\055\011\054\027\124\112\230\321\124\341\121\147\010
+\322\355\156\176\157\077\322\055\201\131\051\146\313\220\071\225
+\021\036\164\047\376\335\353\257\002\003\001\000\001\243\102\060
+\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
+\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002
+\001\206\060\035\006\003\125\035\016\004\026\004\024\260\014\360
+\114\060\364\005\130\002\110\375\063\345\122\257\113\204\343\146
+\122\060\015\006\011\052\206\110\206\367\015\001\001\014\005\000
+\003\202\002\001\000\252\250\200\217\016\170\243\340\242\324\315
+\346\365\230\172\073\352\000\003\260\227\016\223\274\132\250\366
+\054\214\162\207\251\261\374\177\163\375\143\161\170\245\207\131
+\317\060\341\015\020\262\023\132\155\202\365\152\346\200\237\240
+\005\013\150\344\107\153\307\152\337\266\375\167\062\162\345\030
+\372\011\364\240\223\054\135\322\214\165\205\166\145\220\014\003
+\171\267\061\043\143\255\170\203\011\206\150\204\312\377\371\317
+\046\232\222\171\347\315\113\305\347\141\247\027\313\363\251\022
+\223\223\153\247\350\057\123\222\304\140\130\260\314\002\121\030
+\133\205\215\142\131\143\266\255\264\336\232\373\046\367\000\047
+\300\135\125\067\164\231\311\120\177\343\131\056\104\343\054\045
+\356\354\114\062\167\264\237\032\351\113\135\040\305\332\375\034
+\207\026\306\103\350\324\273\046\232\105\160\136\251\013\067\123
+\342\106\173\047\375\340\106\362\211\267\314\102\266\313\050\046
+\156\331\245\311\072\310\101\023\140\367\120\214\025\256\262\155
+\032\025\032\127\170\346\222\052\331\145\220\202\077\154\002\257
+\256\022\072\047\226\066\004\327\035\242\200\143\251\233\361\345
+\272\264\174\024\260\116\311\261\037\164\137\070\366\121\352\233
+\372\054\242\021\324\251\055\047\032\105\261\257\262\116\161\015
+\300\130\106\326\151\006\313\123\313\263\376\153\101\315\101\176
+\175\114\017\174\162\171\172\131\315\136\112\016\254\233\251\230
+\163\171\174\264\364\314\271\270\007\014\262\164\134\270\307\157
+\210\241\220\247\364\252\371\277\147\072\364\032\025\142\036\267
+\237\276\075\261\051\257\147\241\022\362\130\020\031\123\003\060
+\033\270\032\211\366\234\275\227\003\216\243\011\363\035\213\041
+\361\264\337\344\034\321\237\145\002\006\352\134\326\023\263\204
+\357\242\245\134\214\167\051\247\150\300\153\256\100\322\250\264
+\352\315\360\215\113\070\234\031\232\033\050\124\270\211\220\357
+\312\165\201\076\036\362\144\044\307\030\257\116\377\107\236\007
+\366\065\145\244\323\012\126\377\365\027\144\154\357\250\042\045
+\111\223\266\337\000\027\332\130\176\135\356\305\033\260\321\321
+\137\041\020\307\371\363\272\002\012\047\007\305\361\326\307\323
+\340\373\011\140\154
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+
+# Trust for "Amazon Root CA 2"
+# Issuer: CN=Amazon Root CA 2,O=Amazon,C=US
+# Serial Number:06:6c:9f:d2:96:35:86:9f:0a:0f:e5:86:78:f8:5b:26:bb:8a:37
+# Subject: CN=Amazon Root CA 2,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sat May 26 00:00:00 2040
+# Fingerprint (SHA-256): 1B:A5:B2:AA:8C:65:40:1A:82:96:01:18:F8:0B:EC:4F:62:30:4D:83:CE:C4:71:3A:19:C3:9C:01:1E:A4:6D:B4
+# Fingerprint (SHA1): 5A:8C:EF:45:D7:A6:98:59:76:7A:8C:8B:44:96:B5:78:CF:47:4B:1A
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Amazon Root CA 2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\132\214\357\105\327\246\230\131\166\172\214\213\104\226\265\170
+\317\107\113\032
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\310\345\215\316\250\102\342\172\300\052\134\174\236\046\277\146
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\023\006\154\237\322\226\065\206\237\012\017\345\206\170\370
+\133\046\273\212\067
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
@@ -19740,109 +19300,99 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "OpenTrust Root CA G3"
+# Certificate "Amazon Root CA 3"
#
-# Issuer: CN=OpenTrust Root CA G3,O=OpenTrust,C=FR
-# Serial Number:11:20:e6:f8:4c:fc:24:b0:be:05:40:ac:da:83:1b:34:60:3f
-# Subject: CN=OpenTrust Root CA G3,O=OpenTrust,C=FR
-# Not Valid Before: Mon May 26 00:00:00 2014
-# Not Valid After : Fri Jan 15 00:00:00 2038
-# Fingerprint (SHA-256): B7:C3:62:31:70:6E:81:07:8C:36:7C:B8:96:19:8F:1E:32:08:DD:92:69:49:DD:8F:57:09:A4:10:F7:5B:62:92
-# Fingerprint (SHA1): 6E:26:64:F3:56:BF:34:55:BF:D1:93:3F:7C:01:DE:D8:13:DA:8A:A6
+# Issuer: CN=Amazon Root CA 3,O=Amazon,C=US
+# Serial Number:06:6c:9f:d5:74:97:36:66:3f:3b:0b:9a:d9:e8:9e:76:03:f2:4a
+# Subject: CN=Amazon Root CA 3,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sat May 26 00:00:00 2040
+# Fingerprint (SHA-256): 18:CE:6C:FE:7B:F1:4E:60:B2:E3:47:B8:DF:E8:68:CB:31:D0:2E:BB:3A:DA:27:15:69:F5:03:43:B4:6D:B3:A4
+# Fingerprint (SHA1): 0D:44:DD:8C:3C:8C:1A:1A:58:75:64:81:E9:0F:2E:2A:FF:B3:D2:6E
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "OpenTrust Root CA G3"
+CKA_LABEL UTF8 "Amazon Root CA 3"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
-\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
-\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
-\107\063
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\063
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
-\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
-\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
-\107\063
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\063
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\022\021\040\346\370\114\374\044\260\276\005\100\254\332\203
-\033\064\140\077
+\002\023\006\154\237\325\164\227\066\146\077\073\013\232\331\350
+\236\166\003\362\112
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\002\041\060\202\001\246\240\003\002\001\002\002\022\021
-\040\346\370\114\374\044\260\276\005\100\254\332\203\033\064\140
-\077\060\012\006\010\052\206\110\316\075\004\003\003\060\100\061
-\013\060\011\006\003\125\004\006\023\002\106\122\061\022\060\020
-\006\003\125\004\012\014\011\117\160\145\156\124\162\165\163\164
-\061\035\060\033\006\003\125\004\003\014\024\117\160\145\156\124
-\162\165\163\164\040\122\157\157\164\040\103\101\040\107\063\060
-\036\027\015\061\064\060\065\062\066\060\060\060\060\060\060\132
-\027\015\063\070\060\061\061\065\060\060\060\060\060\060\132\060
-\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061\022
-\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162\165
-\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160\145
-\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040\107
-\063\060\166\060\020\006\007\052\206\110\316\075\002\001\006\005
-\053\201\004\000\042\003\142\000\004\112\356\130\256\115\312\146
-\336\006\072\243\021\374\340\030\360\156\034\272\055\060\014\211
-\331\326\356\233\163\203\251\043\025\214\057\131\212\132\335\024
-\352\235\131\053\103\267\006\354\062\266\272\356\101\265\255\135
-\241\205\314\352\035\024\146\243\147\176\106\342\224\363\347\266
-\126\241\025\131\241\117\067\227\271\042\036\275\021\353\364\262
-\037\136\303\024\232\345\331\227\231\243\143\060\141\060\016\006
-\003\125\035\017\001\001\377\004\004\003\002\001\006\060\017\006
-\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\035
-\006\003\125\035\016\004\026\004\024\107\167\303\024\213\142\071
-\014\311\157\341\120\115\320\020\130\334\225\210\155\060\037\006
-\003\125\035\043\004\030\060\026\200\024\107\167\303\024\213\142
-\071\014\311\157\341\120\115\320\020\130\334\225\210\155\060\012
-\006\010\052\206\110\316\075\004\003\003\003\151\000\060\146\002
-\061\000\217\250\334\235\272\014\004\027\372\025\351\075\057\051
-\001\227\277\201\026\063\100\223\154\374\371\355\200\160\157\252
-\217\333\204\302\213\365\065\312\006\334\144\157\150\026\341\217
-\221\271\002\061\000\330\113\245\313\302\320\010\154\351\030\373
-\132\335\115\137\044\013\260\000\041\045\357\217\247\004\046\161
-\342\174\151\345\135\232\370\101\037\073\071\223\223\235\125\352
-\315\215\361\373\301
+\060\202\001\266\060\202\001\133\240\003\002\001\002\002\023\006
+\154\237\325\164\227\066\146\077\073\013\232\331\350\236\166\003
+\362\112\060\012\006\010\052\206\110\316\075\004\003\002\060\071
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\017\060
+\015\006\003\125\004\012\023\006\101\155\141\172\157\156\061\031
+\060\027\006\003\125\004\003\023\020\101\155\141\172\157\156\040
+\122\157\157\164\040\103\101\040\063\060\036\027\015\061\065\060
+\065\062\066\060\060\060\060\060\060\132\027\015\064\060\060\065
+\062\066\060\060\060\060\060\060\132\060\071\061\013\060\011\006
+\003\125\004\006\023\002\125\123\061\017\060\015\006\003\125\004
+\012\023\006\101\155\141\172\157\156\061\031\060\027\006\003\125
+\004\003\023\020\101\155\141\172\157\156\040\122\157\157\164\040
+\103\101\040\063\060\131\060\023\006\007\052\206\110\316\075\002
+\001\006\010\052\206\110\316\075\003\001\007\003\102\000\004\051
+\227\247\306\101\177\300\015\233\350\001\033\126\306\362\122\245
+\272\055\262\022\350\322\056\327\372\311\305\330\252\155\037\163
+\201\073\073\230\153\071\174\063\245\305\116\206\216\200\027\150
+\142\105\127\175\104\130\035\263\067\345\147\010\353\146\336\243
+\102\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060
+\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
+\003\002\001\206\060\035\006\003\125\035\016\004\026\004\024\253
+\266\333\327\006\236\067\254\060\206\007\221\160\307\234\304\031
+\261\170\300\060\012\006\010\052\206\110\316\075\004\003\002\003
+\111\000\060\106\002\041\000\340\205\222\243\027\267\215\371\053
+\006\245\223\254\032\230\150\141\162\372\341\241\320\373\034\170
+\140\246\103\231\305\270\304\002\041\000\234\002\357\361\224\234
+\263\226\371\353\306\052\370\266\054\376\072\220\024\026\327\214
+\143\044\110\034\337\060\175\325\150\073
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "OpenTrust Root CA G3"
-# Issuer: CN=OpenTrust Root CA G3,O=OpenTrust,C=FR
-# Serial Number:11:20:e6:f8:4c:fc:24:b0:be:05:40:ac:da:83:1b:34:60:3f
-# Subject: CN=OpenTrust Root CA G3,O=OpenTrust,C=FR
-# Not Valid Before: Mon May 26 00:00:00 2014
-# Not Valid After : Fri Jan 15 00:00:00 2038
-# Fingerprint (SHA-256): B7:C3:62:31:70:6E:81:07:8C:36:7C:B8:96:19:8F:1E:32:08:DD:92:69:49:DD:8F:57:09:A4:10:F7:5B:62:92
-# Fingerprint (SHA1): 6E:26:64:F3:56:BF:34:55:BF:D1:93:3F:7C:01:DE:D8:13:DA:8A:A6
+# Trust for "Amazon Root CA 3"
+# Issuer: CN=Amazon Root CA 3,O=Amazon,C=US
+# Serial Number:06:6c:9f:d5:74:97:36:66:3f:3b:0b:9a:d9:e8:9e:76:03:f2:4a
+# Subject: CN=Amazon Root CA 3,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sat May 26 00:00:00 2040
+# Fingerprint (SHA-256): 18:CE:6C:FE:7B:F1:4E:60:B2:E3:47:B8:DF:E8:68:CB:31:D0:2E:BB:3A:DA:27:15:69:F5:03:43:B4:6D:B3:A4
+# Fingerprint (SHA1): 0D:44:DD:8C:3C:8C:1A:1A:58:75:64:81:E9:0F:2E:2A:FF:B3:D2:6E
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "OpenTrust Root CA G3"
+CKA_LABEL UTF8 "Amazon Root CA 3"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\156\046\144\363\126\277\064\125\277\321\223\077\174\001\336\330
-\023\332\212\246
+\015\104\335\214\074\214\032\032\130\165\144\201\351\017\056\052
+\377\263\322\156
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\041\067\264\027\026\222\173\147\106\160\251\226\327\250\023\044
+\240\324\357\013\367\265\330\111\225\052\354\365\304\374\201\207
END
CKA_ISSUER MULTILINE_OCTAL
-\060\100\061\013\060\011\006\003\125\004\006\023\002\106\122\061
-\022\060\020\006\003\125\004\012\014\011\117\160\145\156\124\162
-\165\163\164\061\035\060\033\006\003\125\004\003\014\024\117\160
-\145\156\124\162\165\163\164\040\122\157\157\164\040\103\101\040
-\107\063
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\063
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\022\021\040\346\370\114\374\044\260\276\005\100\254\332\203
-\033\064\140\077
+\002\023\006\154\237\325\164\227\066\146\077\073\013\232\331\350
+\236\166\003\362\112
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
@@ -19850,325 +19400,271 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "ISRG Root X1"
+# Certificate "Amazon Root CA 4"
#
-# Issuer: CN=ISRG Root X1,O=Internet Security Research Group,C=US
-# Serial Number:00:82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00
-# Subject: CN=ISRG Root X1,O=Internet Security Research Group,C=US
-# Not Valid Before: Thu Jun 04 11:04:38 2015
-# Not Valid After : Mon Jun 04 11:04:38 2035
-# Fingerprint (SHA-256): 96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0:BD:DF:08:C6
-# Fingerprint (SHA1): CA:BD:2A:79:A1:07:6A:31:F2:1D:25:36:35:CB:03:9D:43:29:A5:E8
+# Issuer: CN=Amazon Root CA 4,O=Amazon,C=US
+# Serial Number:06:6c:9f:d7:c1:bb:10:4c:29:43:e5:71:7b:7b:2c:c8:1a:c1:0e
+# Subject: CN=Amazon Root CA 4,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sat May 26 00:00:00 2040
+# Fingerprint (SHA-256): E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92
+# Fingerprint (SHA1): F6:10:84:07:D6:F8:BB:67:98:0C:C2:E2:44:C2:EB:AE:1C:EF:63:BE
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ISRG Root X1"
+CKA_LABEL UTF8 "Amazon Root CA 4"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\051\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156
-\145\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145
-\141\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003
-\125\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130
-\061
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\064
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\051\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156
-\145\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145
-\141\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003
-\125\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130
-\061
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\064
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\202\020\317\260\322\100\343\131\104\143\340\273\143
-\202\213\000
+\002\023\006\154\237\327\301\273\020\114\051\103\345\161\173\173
+\054\310\032\301\016
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\005\153\060\202\003\123\240\003\002\001\002\002\021\000
-\202\020\317\260\322\100\343\131\104\143\340\273\143\202\213\000
-\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
-\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061\051
-\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156\145
-\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145\141
-\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003\125
-\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130\061
-\060\036\027\015\061\065\060\066\060\064\061\061\060\064\063\070
-\132\027\015\063\065\060\066\060\064\061\061\060\064\063\070\132
-\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\051\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156
-\145\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145
-\141\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003
-\125\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130
-\061\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002
-\001\000\255\350\044\163\364\024\067\363\233\236\053\127\050\034
-\207\276\334\267\337\070\220\214\156\074\346\127\240\170\367\165
-\302\242\376\365\152\156\366\000\117\050\333\336\150\206\154\104
-\223\266\261\143\375\024\022\153\277\037\322\352\061\233\041\176
-\321\063\074\272\110\365\335\171\337\263\270\377\022\361\041\232
-\113\301\212\206\161\151\112\146\146\154\217\176\074\160\277\255
-\051\042\006\363\344\300\346\200\256\342\113\217\267\231\176\224
-\003\237\323\107\227\174\231\110\043\123\350\070\256\117\012\157
-\203\056\321\111\127\214\200\164\266\332\057\320\070\215\173\003
-\160\041\033\165\362\060\074\372\217\256\335\332\143\253\353\026
-\117\302\216\021\113\176\317\013\350\377\265\167\056\364\262\173
-\112\340\114\022\045\014\160\215\003\051\240\341\123\044\354\023
-\331\356\031\277\020\263\112\214\077\211\243\141\121\336\254\207
-\007\224\364\143\161\354\056\342\157\133\230\201\341\211\134\064
-\171\154\166\357\073\220\142\171\346\333\244\232\057\046\305\320
-\020\341\016\336\331\020\216\026\373\267\367\250\367\307\345\002
-\007\230\217\066\010\225\347\342\067\226\015\066\165\236\373\016
-\162\261\035\233\274\003\371\111\005\330\201\335\005\264\052\326
-\101\351\254\001\166\225\012\017\330\337\325\275\022\037\065\057
-\050\027\154\322\230\301\250\011\144\167\156\107\067\272\316\254
-\131\136\150\235\177\162\326\211\305\006\101\051\076\131\076\335
-\046\365\044\311\021\247\132\243\114\100\037\106\241\231\265\247
-\072\121\156\206\073\236\175\162\247\022\005\170\131\355\076\121
-\170\025\013\003\217\215\320\057\005\262\076\173\112\034\113\163
-\005\022\374\306\352\340\120\023\174\103\223\164\263\312\164\347
-\216\037\001\010\320\060\324\133\161\066\264\007\272\301\060\060
-\134\110\267\202\073\230\246\175\140\212\242\243\051\202\314\272
-\275\203\004\033\242\203\003\101\241\326\005\361\033\302\266\360
-\250\174\206\073\106\250\110\052\210\334\166\232\166\277\037\152
-\245\075\031\217\353\070\363\144\336\310\053\015\012\050\377\367
-\333\342\025\102\324\042\320\047\135\341\171\376\030\347\160\210
-\255\116\346\331\213\072\306\335\047\121\156\377\274\144\365\063
-\103\117\002\003\001\000\001\243\102\060\100\060\016\006\003\125
-\035\017\001\001\377\004\004\003\002\001\006\060\017\006\003\125
-\035\023\001\001\377\004\005\060\003\001\001\377\060\035\006\003
-\125\035\016\004\026\004\024\171\264\131\346\173\266\345\344\001
-\163\200\010\210\310\032\130\366\351\233\156\060\015\006\011\052
-\206\110\206\367\015\001\001\013\005\000\003\202\002\001\000\125
-\037\130\251\274\262\250\120\320\014\261\330\032\151\040\047\051
-\010\254\141\165\134\212\156\370\202\345\151\057\325\366\126\113
-\271\270\163\020\131\323\041\227\176\347\114\161\373\262\322\140
-\255\071\250\013\352\027\041\126\205\361\120\016\131\353\316\340
-\131\351\272\311\025\357\206\235\217\204\200\366\344\351\221\220
-\334\027\233\142\033\105\360\146\225\322\174\157\302\352\073\357
-\037\317\313\326\256\047\361\251\260\310\256\375\175\176\232\372
-\042\004\353\377\331\177\352\221\053\042\261\027\016\217\362\212
-\064\133\130\330\374\001\311\124\271\270\046\314\212\210\063\211
-\114\055\204\074\202\337\356\226\127\005\272\054\273\367\304\267
-\307\116\073\202\276\061\310\042\163\163\222\321\302\200\244\071
-\071\020\063\043\202\114\074\237\206\262\125\230\035\276\051\206
-\214\042\233\236\342\153\073\127\072\202\160\115\334\011\307\211
-\313\012\007\115\154\350\135\216\311\357\316\253\307\273\265\053
-\116\105\326\112\320\046\314\345\162\312\010\152\245\225\343\025
-\241\367\244\355\311\054\137\245\373\377\254\050\002\056\276\327
-\173\273\343\161\173\220\026\323\007\136\106\123\174\067\007\102
-\214\323\304\226\234\325\231\265\052\340\225\032\200\110\256\114
-\071\007\316\314\107\244\122\225\053\272\270\373\255\322\063\123
-\175\345\035\115\155\325\241\261\307\102\157\346\100\047\065\134
-\243\050\267\007\215\347\215\063\220\347\043\237\373\120\234\171
-\154\106\325\264\025\263\226\156\176\233\014\226\072\270\122\055
-\077\326\133\341\373\010\302\204\376\044\250\243\211\332\254\152
-\341\030\052\261\250\103\141\133\323\037\334\073\215\166\362\055
-\350\215\165\337\027\063\154\075\123\373\173\313\101\137\377\334
-\242\320\141\070\341\226\270\254\135\213\067\327\165\325\063\300
-\231\021\256\235\101\301\162\165\204\276\002\101\102\137\147\044
-\110\224\321\233\047\276\007\077\271\270\117\201\164\121\341\172
-\267\355\235\043\342\276\340\325\050\004\023\074\061\003\236\335
-\172\154\217\306\007\030\306\177\336\107\216\077\050\236\004\006
-\317\245\124\064\167\275\354\211\233\351\027\103\337\133\333\137
-\376\216\036\127\242\315\100\235\176\142\042\332\336\030\047
+\060\202\001\362\060\202\001\170\240\003\002\001\002\002\023\006
+\154\237\327\301\273\020\114\051\103\345\161\173\173\054\310\032
+\301\016\060\012\006\010\052\206\110\316\075\004\003\003\060\071
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\017\060
+\015\006\003\125\004\012\023\006\101\155\141\172\157\156\061\031
+\060\027\006\003\125\004\003\023\020\101\155\141\172\157\156\040
+\122\157\157\164\040\103\101\040\064\060\036\027\015\061\065\060
+\065\062\066\060\060\060\060\060\060\132\027\015\064\060\060\065
+\062\066\060\060\060\060\060\060\132\060\071\061\013\060\011\006
+\003\125\004\006\023\002\125\123\061\017\060\015\006\003\125\004
+\012\023\006\101\155\141\172\157\156\061\031\060\027\006\003\125
+\004\003\023\020\101\155\141\172\157\156\040\122\157\157\164\040
+\103\101\040\064\060\166\060\020\006\007\052\206\110\316\075\002
+\001\006\005\053\201\004\000\042\003\142\000\004\322\253\212\067
+\117\243\123\015\376\301\212\173\113\250\173\106\113\143\260\142
+\366\055\033\333\010\161\041\322\000\350\143\275\232\047\373\360
+\071\156\135\352\075\245\311\201\252\243\133\040\230\105\135\026
+\333\375\350\020\155\343\234\340\343\275\137\204\142\363\160\144
+\063\240\313\044\057\160\272\210\241\052\240\165\370\201\256\142
+\006\304\201\333\071\156\051\260\036\372\056\134\243\102\060\100
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\206\060\035\006\003\125\035\016\004\026\004\024\323\354\307\072
+\145\156\314\341\332\166\232\126\373\234\363\206\155\127\345\201
+\060\012\006\010\052\206\110\316\075\004\003\003\003\150\000\060
+\145\002\060\072\213\041\361\275\176\021\255\320\357\130\226\057
+\326\353\235\176\220\215\053\317\146\125\303\054\343\050\251\160
+\012\107\016\360\067\131\022\377\055\231\224\050\116\052\117\065
+\115\063\132\002\061\000\352\165\000\116\073\304\072\224\022\221
+\311\130\106\235\041\023\162\247\210\234\212\344\114\112\333\226
+\324\254\213\153\153\111\022\123\063\255\327\344\276\044\374\265
+\012\166\324\245\274\020
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "ISRG Root X1"
-# Issuer: CN=ISRG Root X1,O=Internet Security Research Group,C=US
-# Serial Number:00:82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00
-# Subject: CN=ISRG Root X1,O=Internet Security Research Group,C=US
-# Not Valid Before: Thu Jun 04 11:04:38 2015
-# Not Valid After : Mon Jun 04 11:04:38 2035
-# Fingerprint (SHA-256): 96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0:BD:DF:08:C6
-# Fingerprint (SHA1): CA:BD:2A:79:A1:07:6A:31:F2:1D:25:36:35:CB:03:9D:43:29:A5:E8
+# Trust for "Amazon Root CA 4"
+# Issuer: CN=Amazon Root CA 4,O=Amazon,C=US
+# Serial Number:06:6c:9f:d7:c1:bb:10:4c:29:43:e5:71:7b:7b:2c:c8:1a:c1:0e
+# Subject: CN=Amazon Root CA 4,O=Amazon,C=US
+# Not Valid Before: Tue May 26 00:00:00 2015
+# Not Valid After : Sat May 26 00:00:00 2040
+# Fingerprint (SHA-256): E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92
+# Fingerprint (SHA1): F6:10:84:07:D6:F8:BB:67:98:0C:C2:E2:44:C2:EB:AE:1C:EF:63:BE
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ISRG Root X1"
+CKA_LABEL UTF8 "Amazon Root CA 4"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\312\275\052\171\241\007\152\061\362\035\045\066\065\313\003\235
-\103\051\245\350
+\366\020\204\007\326\370\273\147\230\014\302\342\104\302\353\256
+\034\357\143\276
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\014\322\371\340\332\027\163\351\355\206\115\245\343\160\347\116
+\211\274\047\325\353\027\215\006\152\151\325\375\211\107\264\315
END
CKA_ISSUER MULTILINE_OCTAL
-\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\051\060\047\006\003\125\004\012\023\040\111\156\164\145\162\156
-\145\164\040\123\145\143\165\162\151\164\171\040\122\145\163\145
-\141\162\143\150\040\107\162\157\165\160\061\025\060\023\006\003
-\125\004\003\023\014\111\123\122\107\040\122\157\157\164\040\130
-\061
+\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
+\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
+\156\040\122\157\157\164\040\103\101\040\064
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\021\000\202\020\317\260\322\100\343\131\104\143\340\273\143
-\202\213\000
+\002\023\006\154\237\327\301\273\020\114\051\103\345\161\173\173
+\054\310\032\301\016
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "AC RAIZ FNMT-RCM"
+# Certificate "LuxTrust Global Root 2"
#
-# Issuer: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
-# Serial Number:5d:93:8d:30:67:36:c8:06:1d:1a:c7:54:84:69:07
-# Subject: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
-# Not Valid Before: Wed Oct 29 15:59:56 2008
-# Not Valid After : Tue Jan 01 00:00:00 2030
-# Fingerprint (SHA-256): EB:C5:57:0C:29:01:8C:4D:67:B1:AA:12:7B:AF:12:F7:03:B4:61:1E:BC:17:B7:DA:B5:57:38:94:17:9B:93:FA
-# Fingerprint (SHA1): EC:50:35:07:B2:15:C4:95:62:19:E2:A8:9A:5B:42:99:2C:4C:2C:20
+# Issuer: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
+# Serial Number:0a:7e:a6:df:4b:44:9e:da:6a:24:85:9e:e6:b8:15:d3:16:7f:bb:b1
+# Subject: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
+# Not Valid Before: Thu Mar 05 13:21:57 2015
+# Not Valid After : Mon Mar 05 13:21:57 2035
+# Fingerprint (SHA-256): 54:45:5F:71:29:C2:0B:14:47:C4:18:F9:97:16:8F:24:C5:8F:C5:02:3B:F5:DA:5B:E2:EB:6E:1D:D8:90:2E:D5
+# Fingerprint (SHA1): 1E:0E:56:19:0A:D1:8B:25:98:B2:04:44:FF:66:8A:04:17:99:5F:3F
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AC RAIZ FNMT-RCM"
+CKA_LABEL UTF8 "LuxTrust Global Root 2"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\073\061\013\060\011\006\003\125\004\006\023\002\105\123\061
-\021\060\017\006\003\125\004\012\014\010\106\116\115\124\055\122
-\103\115\061\031\060\027\006\003\125\004\013\014\020\101\103\040
-\122\101\111\132\040\106\116\115\124\055\122\103\115
+\060\106\061\013\060\011\006\003\125\004\006\023\002\114\125\061
+\026\060\024\006\003\125\004\012\014\015\114\165\170\124\162\165
+\163\164\040\123\056\101\056\061\037\060\035\006\003\125\004\003
+\014\026\114\165\170\124\162\165\163\164\040\107\154\157\142\141
+\154\040\122\157\157\164\040\062
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\073\061\013\060\011\006\003\125\004\006\023\002\105\123\061
-\021\060\017\006\003\125\004\012\014\010\106\116\115\124\055\122
-\103\115\061\031\060\027\006\003\125\004\013\014\020\101\103\040
-\122\101\111\132\040\106\116\115\124\055\122\103\115
+\060\106\061\013\060\011\006\003\125\004\006\023\002\114\125\061
+\026\060\024\006\003\125\004\012\014\015\114\165\170\124\162\165
+\163\164\040\123\056\101\056\061\037\060\035\006\003\125\004\003
+\014\026\114\165\170\124\162\165\163\164\040\107\154\157\142\141
+\154\040\122\157\157\164\040\062
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\017\135\223\215\060\147\066\310\006\035\032\307\124\204\151
-\007
+\002\024\012\176\246\337\113\104\236\332\152\044\205\236\346\270
+\025\323\026\177\273\261
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\005\203\060\202\003\153\240\003\002\001\002\002\017\135
-\223\215\060\147\066\310\006\035\032\307\124\204\151\007\060\015
-\006\011\052\206\110\206\367\015\001\001\013\005\000\060\073\061
-\013\060\011\006\003\125\004\006\023\002\105\123\061\021\060\017
-\006\003\125\004\012\014\010\106\116\115\124\055\122\103\115\061
-\031\060\027\006\003\125\004\013\014\020\101\103\040\122\101\111
-\132\040\106\116\115\124\055\122\103\115\060\036\027\015\060\070
-\061\060\062\071\061\065\065\071\065\066\132\027\015\063\060\060
-\061\060\061\060\060\060\060\060\060\132\060\073\061\013\060\011
-\006\003\125\004\006\023\002\105\123\061\021\060\017\006\003\125
-\004\012\014\010\106\116\115\124\055\122\103\115\061\031\060\027
-\006\003\125\004\013\014\020\101\103\040\122\101\111\132\040\106
-\116\115\124\055\122\103\115\060\202\002\042\060\015\006\011\052
-\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060
-\202\002\012\002\202\002\001\000\272\161\200\172\114\206\156\177
-\310\023\155\300\306\175\034\000\227\217\054\014\043\273\020\232
-\100\251\032\267\207\210\370\233\126\152\373\346\173\216\213\222
-\216\247\045\135\131\021\333\066\056\267\121\027\037\251\010\037
-\004\027\044\130\252\067\112\030\337\345\071\324\127\375\327\301
-\054\221\001\221\342\042\324\003\300\130\374\167\107\354\217\076
-\164\103\272\254\064\215\115\070\166\147\216\260\310\157\060\063
-\130\161\134\264\365\153\156\324\001\120\270\023\176\154\112\243
-\111\321\040\031\356\274\300\051\030\145\247\336\376\357\335\012
-\220\041\347\032\147\222\102\020\230\137\117\060\274\076\034\105
-\264\020\327\150\100\024\300\100\372\347\167\027\172\346\013\217
-\145\133\074\331\232\122\333\265\275\236\106\317\075\353\221\005
-\002\300\226\262\166\114\115\020\226\073\222\372\234\177\017\231
-\337\276\043\065\105\036\002\134\376\265\250\233\231\045\332\136
-\363\042\303\071\365\344\052\056\323\306\037\304\154\252\305\034
-\152\001\005\112\057\322\305\301\250\064\046\135\146\245\322\002
-\041\371\030\267\006\365\116\231\157\250\253\114\121\350\317\120
-\030\305\167\310\071\011\054\111\222\062\231\250\273\027\027\171
-\260\132\305\346\243\304\131\145\107\065\203\136\251\350\065\013
-\231\273\344\315\040\306\233\112\006\071\265\150\374\042\272\356
-\125\214\053\116\352\363\261\343\374\266\231\232\325\102\372\161
-\115\010\317\207\036\152\161\175\371\323\264\351\245\161\201\173
-\302\116\107\226\245\366\166\205\243\050\217\351\200\156\201\123
-\245\155\137\270\110\371\302\371\066\246\056\111\377\270\226\302
-\214\007\263\233\210\130\374\353\033\034\336\055\160\342\227\222
-\060\241\211\343\274\125\250\047\326\113\355\220\255\213\372\143
-\045\131\055\250\065\335\312\227\063\274\345\315\307\235\321\354
-\357\136\016\112\220\006\046\143\255\271\331\065\055\007\272\166
-\145\054\254\127\217\175\364\007\224\327\201\002\226\135\243\007
-\111\325\172\320\127\371\033\347\123\106\165\252\260\171\102\313
-\150\161\010\351\140\275\071\151\316\364\257\303\126\100\307\255
-\122\242\011\344\157\206\107\212\037\353\050\047\135\203\040\257
-\004\311\154\126\232\213\106\365\002\003\001\000\001\243\201\203
-\060\201\200\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
-\003\002\001\006\060\035\006\003\125\035\016\004\026\004\024\367
-\175\305\375\304\350\232\033\167\144\247\365\035\240\314\277\207
-\140\232\155\060\076\006\003\125\035\040\004\067\060\065\060\063
-\006\004\125\035\040\000\060\053\060\051\006\010\053\006\001\005
-\005\007\002\001\026\035\150\164\164\160\072\057\057\167\167\167
-\056\143\145\162\164\056\146\156\155\164\056\145\163\057\144\160
-\143\163\057\060\015\006\011\052\206\110\206\367\015\001\001\013
-\005\000\003\202\002\001\000\007\220\112\337\363\043\116\360\303
-\234\121\145\233\234\042\242\212\014\205\363\163\051\153\115\376
-\001\342\251\014\143\001\277\004\147\245\235\230\137\375\001\023
-\372\354\232\142\351\206\376\266\142\322\156\114\224\373\300\165
-\105\174\145\014\370\262\067\317\254\017\317\215\157\371\031\367
-\217\354\036\362\160\236\360\312\270\357\267\377\166\067\166\133
-\366\156\210\363\257\142\062\042\223\015\072\152\216\024\146\014
-\055\123\164\127\145\036\325\262\335\043\201\073\245\146\043\047
-\147\011\217\341\167\252\103\315\145\121\010\355\121\130\376\346
-\071\371\313\107\204\244\025\361\166\273\244\356\244\073\304\137
-\357\262\063\226\021\030\267\311\145\276\030\341\243\244\334\372
-\030\371\323\274\023\233\071\172\064\272\323\101\373\372\062\212
-\052\267\053\206\013\151\203\070\276\315\212\056\013\160\255\215
-\046\222\356\036\365\001\053\012\331\326\227\233\156\340\250\031
-\034\072\041\213\014\036\100\255\003\347\335\146\176\365\271\040
-\015\003\350\226\371\202\105\324\071\340\240\000\135\327\230\346
-\175\236\147\163\303\232\052\367\253\213\241\072\024\357\064\274
-\122\016\211\230\232\004\100\204\035\176\105\151\223\127\316\353
-\316\370\120\174\117\034\156\004\103\233\371\326\073\043\030\351
-\352\216\321\115\106\215\361\073\344\152\312\272\373\043\267\233
-\372\231\001\051\132\130\132\055\343\371\324\155\016\046\255\301
-\156\064\274\062\370\014\005\372\145\243\333\073\067\203\042\351
-\326\334\162\063\375\135\362\040\275\166\074\043\332\050\367\371
-\033\353\131\144\325\334\137\162\176\040\374\315\211\265\220\147
-\115\142\172\077\116\255\035\303\071\376\172\364\050\026\337\101
-\366\110\200\005\327\017\121\171\254\020\253\324\354\003\146\346
-\152\260\272\061\222\102\100\152\276\072\323\162\341\152\067\125
-\274\254\035\225\267\151\141\362\103\221\164\346\240\323\012\044
-\106\241\010\257\326\332\105\031\226\324\123\035\133\204\171\360
-\300\367\107\357\213\217\305\006\256\235\114\142\235\377\106\004
-\370\323\311\266\020\045\100\165\376\026\252\311\112\140\206\057
-\272\357\060\167\344\124\342\270\204\231\130\200\252\023\213\121
-\072\117\110\366\213\266\263
+\060\202\005\303\060\202\003\253\240\003\002\001\002\002\024\012
+\176\246\337\113\104\236\332\152\044\205\236\346\270\025\323\026
+\177\273\261\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\114
+\125\061\026\060\024\006\003\125\004\012\014\015\114\165\170\124
+\162\165\163\164\040\123\056\101\056\061\037\060\035\006\003\125
+\004\003\014\026\114\165\170\124\162\165\163\164\040\107\154\157
+\142\141\154\040\122\157\157\164\040\062\060\036\027\015\061\065
+\060\063\060\065\061\063\062\061\065\067\132\027\015\063\065\060
+\063\060\065\061\063\062\061\065\067\132\060\106\061\013\060\011
+\006\003\125\004\006\023\002\114\125\061\026\060\024\006\003\125
+\004\012\014\015\114\165\170\124\162\165\163\164\040\123\056\101
+\056\061\037\060\035\006\003\125\004\003\014\026\114\165\170\124
+\162\165\163\164\040\107\154\157\142\141\154\040\122\157\157\164
+\040\062\060\202\002\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202
+\002\001\000\327\205\227\277\021\230\351\360\142\203\114\074\207
+\371\123\152\067\013\362\017\074\207\316\157\334\046\051\275\305
+\211\272\311\203\075\367\356\312\133\306\155\111\163\264\311\106
+\243\033\064\023\077\301\211\105\127\364\331\261\373\066\145\113
+\373\010\342\110\161\021\310\156\073\236\235\337\211\145\067\246
+\205\366\073\104\030\266\306\067\060\142\104\222\227\151\175\102
+\060\044\344\015\014\211\153\143\336\305\341\337\116\251\024\154
+\123\340\141\316\366\027\057\035\074\275\346\042\114\035\223\365
+\020\304\241\166\354\152\336\305\154\337\226\264\126\100\102\300
+\142\222\060\241\055\025\224\240\322\040\006\011\156\152\155\345
+\353\267\276\324\360\361\025\174\213\346\116\272\023\314\113\047
+\136\231\074\027\135\217\201\177\063\075\117\323\077\033\354\134
+\077\360\074\114\165\156\362\246\325\235\332\055\007\143\002\306
+\162\351\224\274\114\111\225\117\210\122\310\333\350\151\202\370
+\314\064\133\042\360\206\247\211\275\110\012\155\146\201\155\310
+\310\144\373\001\341\364\341\336\331\236\335\333\133\324\052\231
+\046\025\033\036\114\222\051\202\236\325\222\201\222\101\160\031
+\367\244\345\223\113\274\167\147\061\335\034\375\061\160\015\027
+\231\014\371\014\071\031\052\027\265\060\161\125\325\017\256\130
+\341\075\057\064\233\317\237\366\170\205\302\223\172\162\076\146
+\217\234\026\021\140\217\236\211\157\147\276\340\107\132\073\014
+\232\147\213\317\106\306\256\070\243\362\247\274\346\326\205\153
+\063\044\160\042\113\313\010\233\273\310\370\002\051\035\276\040
+\014\106\277\153\207\233\263\052\146\102\065\106\154\252\272\255
+\371\230\173\351\120\125\024\061\277\261\332\055\355\200\255\150
+\044\373\151\253\330\161\023\060\346\147\263\207\100\375\211\176
+\362\103\321\021\337\057\145\057\144\316\137\024\271\261\277\061
+\275\207\170\132\131\145\210\252\374\131\062\110\206\326\114\271
+\051\113\225\323\166\363\167\045\155\102\034\070\203\115\375\243
+\137\233\177\055\254\171\033\016\102\061\227\143\244\373\212\151
+\325\042\015\064\220\060\056\250\264\340\155\266\224\254\274\213
+\116\327\160\374\305\070\216\144\045\341\115\071\220\316\311\207
+\204\130\161\002\003\001\000\001\243\201\250\060\201\245\060\017
+\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
+\102\006\003\125\035\040\004\073\060\071\060\067\006\007\053\201
+\053\001\001\001\012\060\054\060\052\006\010\053\006\001\005\005
+\007\002\001\026\036\150\164\164\160\163\072\057\057\162\145\160
+\157\163\151\164\157\162\171\056\154\165\170\164\162\165\163\164
+\056\154\165\060\016\006\003\125\035\017\001\001\377\004\004\003
+\002\001\006\060\037\006\003\125\035\043\004\030\060\026\200\024
+\377\030\050\166\371\110\005\054\241\256\361\053\033\053\262\123
+\370\113\174\263\060\035\006\003\125\035\016\004\026\004\024\377
+\030\050\166\371\110\005\054\241\256\361\053\033\053\262\123\370
+\113\174\263\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\003\202\002\001\000\152\031\024\355\156\171\301\054\207
+\324\015\160\176\327\366\170\311\013\004\116\304\261\316\223\160
+\376\260\124\300\062\315\231\060\144\027\277\017\345\342\063\375
+\007\066\100\162\016\032\266\152\131\326\000\345\150\040\335\056
+\162\015\037\152\144\061\040\204\175\111\246\132\067\353\105\311
+\205\365\324\307\027\231\007\346\233\125\344\014\350\251\264\316
+\214\133\265\021\134\317\212\016\015\326\254\167\201\376\062\234
+\044\236\162\316\124\363\320\157\242\126\326\354\303\067\054\145
+\130\276\127\000\032\362\065\372\353\173\061\135\302\301\022\075
+\226\201\210\226\211\301\131\134\172\346\177\160\064\347\203\342
+\261\341\341\270\130\357\324\225\344\140\234\360\226\227\162\214
+\353\204\002\056\145\217\244\267\322\177\147\335\310\323\236\134
+\252\251\244\240\045\024\006\233\354\117\176\055\013\177\035\165
+\361\063\330\355\316\270\165\155\076\133\271\230\035\061\015\126
+\330\103\017\060\221\262\004\153\335\126\276\225\200\125\147\276
+\330\315\203\331\030\356\056\017\206\055\222\236\160\023\354\336
+\121\311\103\170\002\245\115\310\371\137\304\221\130\106\026\167
+\132\164\252\100\274\007\237\060\271\261\367\022\027\335\343\377
+\044\100\035\172\152\321\117\030\012\252\220\035\353\100\036\337
+\241\036\104\222\020\232\362\215\341\321\113\106\236\350\105\102
+\227\352\105\231\363\354\146\325\002\372\362\246\112\044\252\336
+\316\271\312\371\077\223\157\371\243\272\352\245\076\231\255\375
+\377\173\231\365\145\356\360\131\050\147\327\220\225\244\023\204
+\251\204\301\350\316\316\165\223\143\032\274\074\352\325\144\037
+\055\052\022\071\306\303\132\062\355\107\221\026\016\274\070\301
+\120\336\217\312\052\220\064\034\356\101\224\234\136\031\056\370
+\105\111\231\164\221\260\004\157\343\004\132\261\253\052\253\376
+\307\320\226\266\332\341\112\144\006\156\140\115\275\102\116\377
+\170\332\044\312\033\264\327\226\071\154\256\361\016\252\247\175
+\110\213\040\114\317\144\326\270\227\106\260\116\321\052\126\072
+\240\223\275\257\200\044\340\012\176\347\312\325\312\350\205\125
+\334\066\052\341\224\150\223\307\146\162\104\017\200\041\062\154
+\045\307\043\200\203\012\353
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "AC RAIZ FNMT-RCM"
-# Issuer: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
-# Serial Number:5d:93:8d:30:67:36:c8:06:1d:1a:c7:54:84:69:07
-# Subject: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES
-# Not Valid Before: Wed Oct 29 15:59:56 2008
-# Not Valid After : Tue Jan 01 00:00:00 2030
-# Fingerprint (SHA-256): EB:C5:57:0C:29:01:8C:4D:67:B1:AA:12:7B:AF:12:F7:03:B4:61:1E:BC:17:B7:DA:B5:57:38:94:17:9B:93:FA
-# Fingerprint (SHA1): EC:50:35:07:B2:15:C4:95:62:19:E2:A8:9A:5B:42:99:2C:4C:2C:20
+# Trust for "LuxTrust Global Root 2"
+# Issuer: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
+# Serial Number:0a:7e:a6:df:4b:44:9e:da:6a:24:85:9e:e6:b8:15:d3:16:7f:bb:b1
+# Subject: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
+# Not Valid Before: Thu Mar 05 13:21:57 2015
+# Not Valid After : Mon Mar 05 13:21:57 2035
+# Fingerprint (SHA-256): 54:45:5F:71:29:C2:0B:14:47:C4:18:F9:97:16:8F:24:C5:8F:C5:02:3B:F5:DA:5B:E2:EB:6E:1D:D8:90:2E:D5
+# Fingerprint (SHA1): 1E:0E:56:19:0A:D1:8B:25:98:B2:04:44:FF:66:8A:04:17:99:5F:3F
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AC RAIZ FNMT-RCM"
+CKA_LABEL UTF8 "LuxTrust Global Root 2"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\354\120\065\007\262\025\304\225\142\031\342\250\232\133\102\231
-\054\114\054\040
+\036\016\126\031\012\321\213\045\230\262\004\104\377\146\212\004
+\027\231\137\077
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\342\011\004\264\323\275\321\240\024\375\032\322\107\304\127\035
+\262\341\011\000\141\257\367\361\221\157\304\255\215\136\073\174
END
CKA_ISSUER MULTILINE_OCTAL
-\060\073\061\013\060\011\006\003\125\004\006\023\002\105\123\061
-\021\060\017\006\003\125\004\012\014\010\106\116\115\124\055\122
-\103\115\061\031\060\027\006\003\125\004\013\014\020\101\103\040
-\122\101\111\132\040\106\116\115\124\055\122\103\115
+\060\106\061\013\060\011\006\003\125\004\006\023\002\114\125\061
+\026\060\024\006\003\125\004\012\014\015\114\165\170\124\162\165
+\163\164\040\123\056\101\056\061\037\060\035\006\003\125\004\003
+\014\026\114\165\170\124\162\165\163\164\040\107\154\157\142\141
+\154\040\122\157\157\164\040\062
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\017\135\223\215\060\147\066\310\006\035\032\307\124\204\151
-\007
+\002\024\012\176\246\337\113\104\236\332\152\044\205\236\346\270
+\025\323\026\177\273\261
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
@@ -20176,1537 +19672,2037 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "Amazon Root CA 1"
+# Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
#
-# Issuer: CN=Amazon Root CA 1,O=Amazon,C=US
-# Serial Number:06:6c:9f:cf:99:bf:8c:0a:39:e2:f0:78:8a:43:e6:96:36:5b:ca
-# Subject: CN=Amazon Root CA 1,O=Amazon,C=US
-# Not Valid Before: Tue May 26 00:00:00 2015
-# Not Valid After : Sun Jan 17 00:00:00 2038
-# Fingerprint (SHA-256): 8E:CD:E6:88:4F:3D:87:B1:12:5B:A3:1A:C3:FC:B1:3D:70:16:DE:7F:57:CC:90:4F:E1:CB:97:C6:AE:98:19:6E
-# Fingerprint (SHA1): 8D:A7:F9:65:EC:5E:FC:37:91:0F:1C:6E:59:FD:C1:CC:6A:6E:DE:16
+# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:24:32:75:f2:1d:2f:d2:09:33:f7:b4:6a:ca:d0:f3:98
+# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Tue Oct 18 00:00:00 2011
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (SHA-256): 9D:19:0B:2E:31:45:66:68:5B:E8:A8:89:E2:7A:A8:C7:D7:AE:1D:8A:AD:DB:A3:C1:EC:F9:D2:48:63:CD:34:B9
+# Fingerprint (SHA1): 51:7F:61:1E:29:91:6B:53:82:FB:72:E7:44:D9:8D:C3:CC:53:6D:64
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Amazon Root CA 1"
+CKA_LABEL UTF8 "Symantec Class 1 Public Primary Certification Authority - G6"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
-\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
-\156\040\122\157\157\164\040\103\101\040\061
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\066
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
-\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
-\156\040\122\157\157\164\040\103\101\040\061
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\066
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\023\006\154\237\317\231\277\214\012\071\342\360\170\212\103
-\346\226\066\133\312
+\002\020\044\062\165\362\035\057\322\011\063\367\264\152\312\320
+\363\230
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\003\101\060\202\002\051\240\003\002\001\002\002\023\006
-\154\237\317\231\277\214\012\071\342\360\170\212\103\346\226\066
-\133\312\060\015\006\011\052\206\110\206\367\015\001\001\013\005
-\000\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157
-\156\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172
-\157\156\040\122\157\157\164\040\103\101\040\061\060\036\027\015
-\061\065\060\065\062\066\060\060\060\060\060\060\132\027\015\063
-\070\060\061\061\067\060\060\060\060\060\060\132\060\071\061\013
-\060\011\006\003\125\004\006\023\002\125\123\061\017\060\015\006
-\003\125\004\012\023\006\101\155\141\172\157\156\061\031\060\027
-\006\003\125\004\003\023\020\101\155\141\172\157\156\040\122\157
-\157\164\040\103\101\040\061\060\202\001\042\060\015\006\011\052
-\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060
-\202\001\012\002\202\001\001\000\262\170\200\161\312\170\325\343
-\161\257\107\200\120\164\175\156\330\327\210\166\364\231\150\367
-\130\041\140\371\164\204\001\057\254\002\055\206\323\240\103\172
-\116\262\244\320\066\272\001\276\215\333\110\310\007\027\066\114
-\364\356\210\043\307\076\353\067\365\265\031\370\111\150\260\336
-\327\271\166\070\035\141\236\244\376\202\066\245\345\112\126\344
-\105\341\371\375\264\026\372\164\332\234\233\065\071\057\372\260
-\040\120\006\154\172\320\200\262\246\371\257\354\107\031\217\120
-\070\007\334\242\207\071\130\370\272\325\251\371\110\147\060\226
-\356\224\170\136\157\211\243\121\300\060\206\146\241\105\146\272
-\124\353\243\303\221\371\110\334\377\321\350\060\055\175\055\164
-\160\065\327\210\044\367\236\304\131\156\273\163\207\027\362\062
-\106\050\270\103\372\267\035\252\312\264\362\237\044\016\055\113
-\367\161\134\136\151\377\352\225\002\313\070\212\256\120\070\157
-\333\373\055\142\033\305\307\036\124\341\167\340\147\310\017\234
-\207\043\326\077\100\040\177\040\200\304\200\114\076\073\044\046
-\216\004\256\154\232\310\252\015\002\003\001\000\001\243\102\060
-\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
-\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002
-\001\206\060\035\006\003\125\035\016\004\026\004\024\204\030\314
-\205\064\354\274\014\224\224\056\010\131\234\307\262\020\116\012
-\010\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000
-\003\202\001\001\000\230\362\067\132\101\220\241\032\305\166\121
-\050\040\066\043\016\256\346\050\273\252\370\224\256\110\244\060
-\177\033\374\044\215\113\264\310\241\227\366\266\361\172\160\310
-\123\223\314\010\050\343\230\045\317\043\244\371\336\041\323\174
-\205\011\255\116\232\165\072\302\013\152\211\170\166\104\107\030
-\145\154\215\101\216\073\177\232\313\364\265\247\120\327\005\054
-\067\350\003\113\255\351\141\240\002\156\365\362\360\305\262\355
-\133\267\334\372\224\134\167\236\023\245\177\122\255\225\362\370
-\223\073\336\213\134\133\312\132\122\133\140\257\024\367\113\357
-\243\373\237\100\225\155\061\124\374\102\323\307\106\037\043\255
-\331\017\110\160\232\331\165\170\161\321\162\103\064\165\156\127
-\131\302\002\134\046\140\051\317\043\031\026\216\210\103\245\324
-\344\313\010\373\043\021\103\350\103\051\162\142\241\251\135\136
-\010\324\220\256\270\330\316\024\302\320\125\362\206\366\304\223
-\103\167\146\141\300\271\350\101\327\227\170\140\003\156\112\162
-\256\245\321\175\272\020\236\206\154\033\212\271\131\063\370\353
-\304\220\276\361\271
-END
-CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-
-# Trust for "Amazon Root CA 1"
-# Issuer: CN=Amazon Root CA 1,O=Amazon,C=US
-# Serial Number:06:6c:9f:cf:99:bf:8c:0a:39:e2:f0:78:8a:43:e6:96:36:5b:ca
-# Subject: CN=Amazon Root CA 1,O=Amazon,C=US
-# Not Valid Before: Tue May 26 00:00:00 2015
-# Not Valid After : Sun Jan 17 00:00:00 2038
-# Fingerprint (SHA-256): 8E:CD:E6:88:4F:3D:87:B1:12:5B:A3:1A:C3:FC:B1:3D:70:16:DE:7F:57:CC:90:4F:E1:CB:97:C6:AE:98:19:6E
-# Fingerprint (SHA1): 8D:A7:F9:65:EC:5E:FC:37:91:0F:1C:6E:59:FD:C1:CC:6A:6E:DE:16
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Amazon Root CA 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\215\247\371\145\354\136\374\067\221\017\034\156\131\375\301\314
-\152\156\336\026
+\060\202\003\366\060\202\002\336\240\003\002\001\002\002\020\044
+\062\165\362\035\057\322\011\063\367\264\152\312\320\363\230\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\201
+\224\061\013\060\011\006\003\125\004\006\023\002\125\123\061\035
+\060\033\006\003\125\004\012\023\024\123\171\155\141\156\164\145
+\143\040\103\157\162\160\157\162\141\164\151\157\156\061\037\060
+\035\006\003\125\004\013\023\026\123\171\155\141\156\164\145\143
+\040\124\162\165\163\164\040\116\145\164\167\157\162\153\061\105
+\060\103\006\003\125\004\003\023\074\123\171\155\141\156\164\145
+\143\040\103\154\141\163\163\040\061\040\120\165\142\154\151\143
+\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\055\040\107\066\060\036\027\015\061\061\061\060\061\070\060
+\060\060\060\060\060\132\027\015\063\067\061\062\060\061\062\063
+\065\071\065\071\132\060\201\224\061\013\060\011\006\003\125\004
+\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024
+\123\171\155\141\156\164\145\143\040\103\157\162\160\157\162\141
+\164\151\157\156\061\037\060\035\006\003\125\004\013\023\026\123
+\171\155\141\156\164\145\143\040\124\162\165\163\164\040\116\145
+\164\167\157\162\153\061\105\060\103\006\003\125\004\003\023\074
+\123\171\155\141\156\164\145\143\040\103\154\141\163\163\040\061
+\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171\040
+\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
+\164\150\157\162\151\164\171\040\055\040\107\066\060\202\001\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\001\017\000\060\202\001\012\002\202\001\001\000\307\071\327
+\111\144\251\231\202\042\114\352\105\331\007\026\343\173\364\203
+\350\231\163\372\153\261\066\340\232\167\240\100\302\201\215\001
+\307\314\214\275\217\175\367\171\343\172\114\003\115\331\373\375
+\207\070\050\054\335\232\213\124\010\333\147\373\033\214\376\050
+\222\057\276\267\262\110\247\201\241\330\136\210\303\314\071\100
+\101\132\321\334\345\332\020\237\057\332\001\115\375\056\106\174
+\371\056\047\012\151\067\356\221\243\033\152\314\104\277\033\307
+\303\324\021\262\120\140\227\011\275\056\042\365\101\204\146\237
+\315\100\246\251\000\200\301\037\225\222\237\336\363\110\357\333
+\035\167\141\374\177\337\356\226\244\162\320\266\076\377\170\047
+\257\313\222\025\151\010\333\143\020\342\346\227\254\156\334\254
+\366\242\316\036\107\231\271\211\267\022\346\241\324\315\131\021
+\147\303\157\205\330\102\116\050\276\131\125\131\004\225\253\217
+\067\200\277\015\360\374\037\072\144\061\130\201\170\327\342\065
+\366\040\077\051\270\217\026\156\076\110\334\265\114\007\341\362
+\032\352\176\012\171\326\250\275\353\135\206\053\115\002\003\001
+\000\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026
+\004\024\063\101\350\310\071\022\025\223\110\362\226\062\056\132
+\365\332\224\137\123\140\060\015\006\011\052\206\110\206\367\015
+\001\001\013\005\000\003\202\001\001\000\025\343\163\127\261\027
+\266\137\111\151\104\246\366\136\172\147\254\322\336\165\111\253
+\376\045\125\307\072\311\104\025\020\156\277\061\153\313\331\007
+\223\177\034\205\143\000\343\062\022\340\314\313\373\071\154\217
+\342\123\342\074\100\063\331\244\214\107\346\255\130\373\211\257
+\343\336\206\051\126\064\054\105\270\022\372\104\211\156\055\024
+\045\050\044\001\145\326\352\122\254\005\156\126\022\011\075\320
+\164\364\327\275\006\312\250\072\215\126\102\372\215\162\076\164
+\361\003\162\337\207\033\136\016\172\125\226\054\070\267\230\205
+\315\115\063\104\311\224\217\132\061\060\067\113\243\072\022\263
+\347\066\321\041\150\113\055\070\346\123\256\034\045\126\010\126
+\003\147\204\235\306\303\316\044\142\307\114\066\317\260\006\104
+\267\365\137\002\335\331\124\351\057\220\116\172\310\116\203\100
+\014\232\227\074\067\277\277\354\366\360\264\205\167\050\301\013
+\310\147\202\020\027\070\242\267\006\352\233\277\072\370\351\043
+\007\277\164\340\230\070\025\125\170\356\162\000\134\031\243\364
+\322\063\340\377\275\321\124\071\051\017
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+
+# Trust for "Symantec Class 1 Public Primary Certification Authority - G6"
+# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:24:32:75:f2:1d:2f:d2:09:33:f7:b4:6a:ca:d0:f3:98
+# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Tue Oct 18 00:00:00 2011
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (SHA-256): 9D:19:0B:2E:31:45:66:68:5B:E8:A8:89:E2:7A:A8:C7:D7:AE:1D:8A:AD:DB:A3:C1:EC:F9:D2:48:63:CD:34:B9
+# Fingerprint (SHA1): 51:7F:61:1E:29:91:6B:53:82:FB:72:E7:44:D9:8D:C3:CC:53:6D:64
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Symantec Class 1 Public Primary Certification Authority - G6"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\121\177\141\036\051\221\153\123\202\373\162\347\104\331\215\303
+\314\123\155\144
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\103\306\277\256\354\376\255\057\030\306\210\150\060\374\310\346
+\057\250\264\332\366\144\113\036\202\371\106\075\124\032\174\260
END
CKA_ISSUER MULTILINE_OCTAL
-\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
-\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
-\156\040\122\157\157\164\040\103\101\040\061
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\066
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\023\006\154\237\317\231\277\214\012\071\342\360\170\212\103
-\346\226\066\133\312
+\002\020\044\062\165\362\035\057\322\011\063\367\264\152\312\320
+\363\230
END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "Amazon Root CA 2"
+# Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
#
-# Issuer: CN=Amazon Root CA 2,O=Amazon,C=US
-# Serial Number:06:6c:9f:d2:96:35:86:9f:0a:0f:e5:86:78:f8:5b:26:bb:8a:37
-# Subject: CN=Amazon Root CA 2,O=Amazon,C=US
-# Not Valid Before: Tue May 26 00:00:00 2015
-# Not Valid After : Sat May 26 00:00:00 2040
-# Fingerprint (SHA-256): 1B:A5:B2:AA:8C:65:40:1A:82:96:01:18:F8:0B:EC:4F:62:30:4D:83:CE:C4:71:3A:19:C3:9C:01:1E:A4:6D:B4
-# Fingerprint (SHA1): 5A:8C:EF:45:D7:A6:98:59:76:7A:8C:8B:44:96:B5:78:CF:47:4B:1A
+# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:64:82:9e:fc:37:1e:74:5d:fc:97:ff:97:c8:b1:ff:41
+# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Tue Oct 18 00:00:00 2011
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (SHA-256): CB:62:7D:18:B5:8A:D5:6D:DE:33:1A:30:45:6B:C6:5C:60:1A:4E:9B:18:DE:DC:EA:08:E7:DA:AA:07:81:5F:F0
+# Fingerprint (SHA1): 40:B3:31:A0:E9:BF:E8:55:BC:39:93:CA:70:4F:4E:C2:51:D4:1D:8F
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Amazon Root CA 2"
+CKA_LABEL UTF8 "Symantec Class 2 Public Primary Certification Authority - G6"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
-\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
-\156\040\122\157\157\164\040\103\101\040\062
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\066
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
-\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
-\156\040\122\157\157\164\040\103\101\040\062
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\066
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\023\006\154\237\322\226\065\206\237\012\017\345\206\170\370
-\133\046\273\212\067
+\002\020\144\202\236\374\067\036\164\135\374\227\377\227\310\261
+\377\101
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\005\101\060\202\003\051\240\003\002\001\002\002\023\006
-\154\237\322\226\065\206\237\012\017\345\206\170\370\133\046\273
-\212\067\060\015\006\011\052\206\110\206\367\015\001\001\014\005
-\000\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157
-\156\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172
-\157\156\040\122\157\157\164\040\103\101\040\062\060\036\027\015
-\061\065\060\065\062\066\060\060\060\060\060\060\132\027\015\064
-\060\060\065\062\066\060\060\060\060\060\060\132\060\071\061\013
-\060\011\006\003\125\004\006\023\002\125\123\061\017\060\015\006
-\003\125\004\012\023\006\101\155\141\172\157\156\061\031\060\027
-\006\003\125\004\003\023\020\101\155\141\172\157\156\040\122\157
-\157\164\040\103\101\040\062\060\202\002\042\060\015\006\011\052
-\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060
-\202\002\012\002\202\002\001\000\255\226\237\055\234\112\114\112
-\201\171\121\231\354\212\313\153\140\121\023\274\115\155\006\374
-\260\010\215\335\031\020\152\307\046\014\065\330\300\157\040\204
-\351\224\261\233\205\003\303\133\333\112\350\310\370\220\166\331
-\133\117\343\114\350\006\066\115\314\232\254\075\014\220\053\222
-\324\006\031\140\254\067\104\171\205\201\202\255\132\067\340\015
-\314\235\246\114\122\166\352\103\235\267\004\321\120\366\125\340
-\325\322\246\111\205\351\067\351\312\176\256\134\225\115\110\232
-\077\256\040\132\155\210\225\331\064\270\122\032\103\220\260\277
-\154\005\271\266\170\267\352\320\344\072\074\022\123\142\377\112
-\362\173\276\065\005\251\022\064\343\363\144\164\142\054\075\000
-\111\132\050\376\062\104\273\207\335\145\047\002\161\073\332\112
-\367\037\332\315\367\041\125\220\117\017\354\256\202\341\237\153
-\331\105\323\273\360\137\207\355\074\054\071\206\332\077\336\354
-\162\125\353\171\243\255\333\335\174\260\272\034\316\374\336\117
-\065\166\317\017\370\170\037\152\066\121\106\047\141\133\351\236
-\317\360\242\125\175\174\045\212\157\057\264\305\317\204\056\053
-\375\015\121\020\154\373\137\033\274\033\176\305\256\073\230\001
-\061\222\377\013\127\364\232\262\271\127\351\253\357\015\166\321
-\360\356\364\316\206\247\340\156\351\264\151\241\337\151\366\063
-\306\151\056\227\023\236\245\207\260\127\020\201\067\311\123\263
-\273\177\366\222\321\234\320\030\364\222\156\332\203\117\246\143
-\231\114\245\373\136\357\041\144\172\040\137\154\144\205\025\313
-\067\351\142\014\013\052\026\334\001\056\062\332\076\113\365\236
-\072\366\027\100\224\357\236\221\010\206\372\276\143\250\132\063
-\354\313\164\103\225\371\154\151\122\066\307\051\157\374\125\003
-\134\037\373\237\275\107\353\347\111\107\225\013\116\211\042\011
-\111\340\365\141\036\361\277\056\212\162\156\200\131\377\127\072
-\371\165\062\243\116\137\354\355\050\142\331\115\163\362\314\201
-\027\140\355\315\353\334\333\247\312\305\176\002\275\362\124\010
-\124\375\264\055\011\054\027\124\112\230\321\124\341\121\147\010
-\322\355\156\176\157\077\322\055\201\131\051\146\313\220\071\225
-\021\036\164\047\376\335\353\257\002\003\001\000\001\243\102\060
-\100\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
-\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002
-\001\206\060\035\006\003\125\035\016\004\026\004\024\260\014\360
-\114\060\364\005\130\002\110\375\063\345\122\257\113\204\343\146
-\122\060\015\006\011\052\206\110\206\367\015\001\001\014\005\000
-\003\202\002\001\000\252\250\200\217\016\170\243\340\242\324\315
-\346\365\230\172\073\352\000\003\260\227\016\223\274\132\250\366
-\054\214\162\207\251\261\374\177\163\375\143\161\170\245\207\131
-\317\060\341\015\020\262\023\132\155\202\365\152\346\200\237\240
-\005\013\150\344\107\153\307\152\337\266\375\167\062\162\345\030
-\372\011\364\240\223\054\135\322\214\165\205\166\145\220\014\003
-\171\267\061\043\143\255\170\203\011\206\150\204\312\377\371\317
-\046\232\222\171\347\315\113\305\347\141\247\027\313\363\251\022
-\223\223\153\247\350\057\123\222\304\140\130\260\314\002\121\030
-\133\205\215\142\131\143\266\255\264\336\232\373\046\367\000\047
-\300\135\125\067\164\231\311\120\177\343\131\056\104\343\054\045
-\356\354\114\062\167\264\237\032\351\113\135\040\305\332\375\034
-\207\026\306\103\350\324\273\046\232\105\160\136\251\013\067\123
-\342\106\173\047\375\340\106\362\211\267\314\102\266\313\050\046
-\156\331\245\311\072\310\101\023\140\367\120\214\025\256\262\155
-\032\025\032\127\170\346\222\052\331\145\220\202\077\154\002\257
-\256\022\072\047\226\066\004\327\035\242\200\143\251\233\361\345
-\272\264\174\024\260\116\311\261\037\164\137\070\366\121\352\233
-\372\054\242\021\324\251\055\047\032\105\261\257\262\116\161\015
-\300\130\106\326\151\006\313\123\313\263\376\153\101\315\101\176
-\175\114\017\174\162\171\172\131\315\136\112\016\254\233\251\230
-\163\171\174\264\364\314\271\270\007\014\262\164\134\270\307\157
-\210\241\220\247\364\252\371\277\147\072\364\032\025\142\036\267
-\237\276\075\261\051\257\147\241\022\362\130\020\031\123\003\060
-\033\270\032\211\366\234\275\227\003\216\243\011\363\035\213\041
-\361\264\337\344\034\321\237\145\002\006\352\134\326\023\263\204
-\357\242\245\134\214\167\051\247\150\300\153\256\100\322\250\264
-\352\315\360\215\113\070\234\031\232\033\050\124\270\211\220\357
-\312\165\201\076\036\362\144\044\307\030\257\116\377\107\236\007
-\366\065\145\244\323\012\126\377\365\027\144\154\357\250\042\045
-\111\223\266\337\000\027\332\130\176\135\356\305\033\260\321\321
-\137\041\020\307\371\363\272\002\012\047\007\305\361\326\307\323
-\340\373\011\140\154
-END
-CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-
-# Trust for "Amazon Root CA 2"
-# Issuer: CN=Amazon Root CA 2,O=Amazon,C=US
-# Serial Number:06:6c:9f:d2:96:35:86:9f:0a:0f:e5:86:78:f8:5b:26:bb:8a:37
-# Subject: CN=Amazon Root CA 2,O=Amazon,C=US
-# Not Valid Before: Tue May 26 00:00:00 2015
-# Not Valid After : Sat May 26 00:00:00 2040
-# Fingerprint (SHA-256): 1B:A5:B2:AA:8C:65:40:1A:82:96:01:18:F8:0B:EC:4F:62:30:4D:83:CE:C4:71:3A:19:C3:9C:01:1E:A4:6D:B4
-# Fingerprint (SHA1): 5A:8C:EF:45:D7:A6:98:59:76:7A:8C:8B:44:96:B5:78:CF:47:4B:1A
-CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Amazon Root CA 2"
+\060\202\003\366\060\202\002\336\240\003\002\001\002\002\020\144
+\202\236\374\067\036\164\135\374\227\377\227\310\261\377\101\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\201
+\224\061\013\060\011\006\003\125\004\006\023\002\125\123\061\035
+\060\033\006\003\125\004\012\023\024\123\171\155\141\156\164\145
+\143\040\103\157\162\160\157\162\141\164\151\157\156\061\037\060
+\035\006\003\125\004\013\023\026\123\171\155\141\156\164\145\143
+\040\124\162\165\163\164\040\116\145\164\167\157\162\153\061\105
+\060\103\006\003\125\004\003\023\074\123\171\155\141\156\164\145
+\143\040\103\154\141\163\163\040\062\040\120\165\142\154\151\143
+\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\055\040\107\066\060\036\027\015\061\061\061\060\061\070\060
+\060\060\060\060\060\132\027\015\063\067\061\062\060\061\062\063
+\065\071\065\071\132\060\201\224\061\013\060\011\006\003\125\004
+\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024
+\123\171\155\141\156\164\145\143\040\103\157\162\160\157\162\141
+\164\151\157\156\061\037\060\035\006\003\125\004\013\023\026\123
+\171\155\141\156\164\145\143\040\124\162\165\163\164\040\116\145
+\164\167\157\162\153\061\105\060\103\006\003\125\004\003\023\074
+\123\171\155\141\156\164\145\143\040\103\154\141\163\163\040\062
+\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171\040
+\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
+\164\150\157\162\151\164\171\040\055\040\107\066\060\202\001\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\001\017\000\060\202\001\012\002\202\001\001\000\315\314\351
+\005\310\143\205\313\077\100\143\027\275\030\372\065\346\004\147
+\127\145\230\051\244\117\311\134\217\017\064\322\370\332\250\023
+\142\252\270\036\120\147\170\260\026\114\240\071\251\025\172\256
+\355\322\242\300\360\220\067\051\030\046\134\350\015\074\266\154
+\111\077\301\340\334\331\113\266\024\031\013\246\323\226\341\326
+\011\343\031\046\034\371\037\145\113\371\032\103\034\000\203\326
+\320\252\111\242\324\333\346\142\070\272\120\024\103\155\371\061
+\370\126\026\331\070\002\221\317\353\154\335\273\071\116\231\341
+\060\147\105\361\324\360\215\303\337\376\362\070\007\041\175\000
+\136\126\104\263\344\140\275\221\053\234\253\133\004\162\017\262
+\050\331\162\253\005\040\102\045\251\133\003\152\040\020\314\061
+\360\053\332\065\054\320\373\232\227\116\360\202\113\053\330\137
+\066\243\013\055\257\143\015\035\045\177\241\156\134\142\241\215
+\050\076\241\374\034\040\370\001\057\272\125\232\021\260\031\322
+\310\120\171\153\016\152\005\327\252\004\066\262\243\362\341\137
+\167\247\167\234\345\036\334\351\337\152\301\145\135\002\003\001
+\000\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026
+\004\024\207\214\040\225\310\230\112\321\326\200\006\112\220\064
+\104\337\034\115\277\260\060\015\006\011\052\206\110\206\367\015
+\001\001\013\005\000\003\202\001\001\000\201\216\262\245\146\226
+\267\041\245\266\357\157\043\132\137\333\201\305\102\245\170\301
+\151\375\364\074\327\371\134\153\160\162\032\374\132\227\115\000
+\200\210\210\202\212\303\161\015\216\305\211\233\054\355\215\013
+\322\162\124\365\175\324\134\103\127\351\363\256\245\002\021\366
+\166\053\201\127\335\175\332\164\060\375\124\107\366\340\026\156
+\246\264\012\110\346\347\165\007\017\051\031\071\316\171\364\266
+\154\305\137\231\325\037\113\372\337\155\054\074\015\124\200\160
+\360\210\013\200\317\306\150\242\270\035\160\331\166\214\374\356
+\245\311\317\255\035\317\231\045\127\132\142\105\313\026\153\275
+\111\315\245\243\214\151\171\045\256\270\114\154\213\100\146\113
+\026\077\317\002\032\335\341\154\153\007\141\152\166\025\051\231
+\177\033\335\210\200\301\277\265\217\163\305\246\226\043\204\246
+\050\206\044\063\152\001\056\127\163\045\266\136\277\217\346\035
+\141\250\100\051\147\035\207\233\035\177\233\237\231\315\061\326
+\124\276\142\273\071\254\150\022\110\221\040\245\313\261\335\376
+\157\374\132\344\202\125\131\257\061\251
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+
+# Trust for "Symantec Class 2 Public Primary Certification Authority - G6"
+# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:64:82:9e:fc:37:1e:74:5d:fc:97:ff:97:c8:b1:ff:41
+# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Tue Oct 18 00:00:00 2011
+# Not Valid After : Tue Dec 01 23:59:59 2037
+# Fingerprint (SHA-256): CB:62:7D:18:B5:8A:D5:6D:DE:33:1A:30:45:6B:C6:5C:60:1A:4E:9B:18:DE:DC:EA:08:E7:DA:AA:07:81:5F:F0
+# Fingerprint (SHA1): 40:B3:31:A0:E9:BF:E8:55:BC:39:93:CA:70:4F:4E:C2:51:D4:1D:8F
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "Symantec Class 2 Public Primary Certification Authority - G6"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\132\214\357\105\327\246\230\131\166\172\214\213\104\226\265\170
-\317\107\113\032
+\100\263\061\240\351\277\350\125\274\071\223\312\160\117\116\302
+\121\324\035\217
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\310\345\215\316\250\102\342\172\300\052\134\174\236\046\277\146
+\175\013\203\345\373\174\255\007\117\040\251\265\337\143\355\171
END
CKA_ISSUER MULTILINE_OCTAL
-\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
-\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
-\156\040\122\157\157\164\040\103\101\040\062
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\066
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\023\006\154\237\322\226\065\206\237\012\017\345\206\170\370
-\133\046\273\212\067
+\002\020\144\202\236\374\067\036\164\135\374\227\377\227\310\261
+\377\101
END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "Amazon Root CA 3"
+# Certificate "Symantec Class 1 Public Primary Certification Authority - G4"
#
-# Issuer: CN=Amazon Root CA 3,O=Amazon,C=US
-# Serial Number:06:6c:9f:d5:74:97:36:66:3f:3b:0b:9a:d9:e8:9e:76:03:f2:4a
-# Subject: CN=Amazon Root CA 3,O=Amazon,C=US
-# Not Valid Before: Tue May 26 00:00:00 2015
-# Not Valid After : Sat May 26 00:00:00 2040
-# Fingerprint (SHA-256): 18:CE:6C:FE:7B:F1:4E:60:B2:E3:47:B8:DF:E8:68:CB:31:D0:2E:BB:3A:DA:27:15:69:F5:03:43:B4:6D:B3:A4
-# Fingerprint (SHA1): 0D:44:DD:8C:3C:8C:1A:1A:58:75:64:81:E9:0F:2E:2A:FF:B3:D2:6E
+# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:21:6e:33:a5:cb:d3:88:a4:6f:29:07:b4:27:3c:c4:d8
+# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Wed Oct 05 00:00:00 2011
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): 36:3F:3C:84:9E:AB:03:B0:A2:A0:F6:36:D7:B8:6D:04:D3:AC:7F:CF:E2:6A:0A:91:21:AB:97:95:F6:E1:76:DF
+# Fingerprint (SHA1): 84:F2:E3:DD:83:13:3E:A9:1D:19:52:7F:02:D7:29:BF:C1:5F:E6:67
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Amazon Root CA 3"
+CKA_LABEL UTF8 "Symantec Class 1 Public Primary Certification Authority - G4"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
-\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
-\156\040\122\157\157\164\040\103\101\040\063
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\064
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
-\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
-\156\040\122\157\157\164\040\103\101\040\063
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\064
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\023\006\154\237\325\164\227\066\146\077\073\013\232\331\350
-\236\166\003\362\112
+\002\020\041\156\063\245\313\323\210\244\157\051\007\264\047\074
+\304\330
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\001\266\060\202\001\133\240\003\002\001\002\002\023\006
-\154\237\325\164\227\066\146\077\073\013\232\331\350\236\166\003
-\362\112\060\012\006\010\052\206\110\316\075\004\003\002\060\071
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\017\060
-\015\006\003\125\004\012\023\006\101\155\141\172\157\156\061\031
-\060\027\006\003\125\004\003\023\020\101\155\141\172\157\156\040
-\122\157\157\164\040\103\101\040\063\060\036\027\015\061\065\060
-\065\062\066\060\060\060\060\060\060\132\027\015\064\060\060\065
-\062\066\060\060\060\060\060\060\132\060\071\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\017\060\015\006\003\125\004
-\012\023\006\101\155\141\172\157\156\061\031\060\027\006\003\125
-\004\003\023\020\101\155\141\172\157\156\040\122\157\157\164\040
-\103\101\040\063\060\131\060\023\006\007\052\206\110\316\075\002
-\001\006\010\052\206\110\316\075\003\001\007\003\102\000\004\051
-\227\247\306\101\177\300\015\233\350\001\033\126\306\362\122\245
-\272\055\262\022\350\322\056\327\372\311\305\330\252\155\037\163
-\201\073\073\230\153\071\174\063\245\305\116\206\216\200\027\150
-\142\105\127\175\104\130\035\263\067\345\147\010\353\146\336\243
-\102\060\100\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004
-\003\002\001\206\060\035\006\003\125\035\016\004\026\004\024\253
-\266\333\327\006\236\067\254\060\206\007\221\160\307\234\304\031
-\261\170\300\060\012\006\010\052\206\110\316\075\004\003\002\003
-\111\000\060\106\002\041\000\340\205\222\243\027\267\215\371\053
-\006\245\223\254\032\230\150\141\162\372\341\241\320\373\034\170
-\140\246\103\231\305\270\304\002\041\000\234\002\357\361\224\234
-\263\226\371\353\306\052\370\266\054\376\072\220\024\026\327\214
-\143\044\110\034\337\060\175\325\150\073
+\060\202\002\250\060\202\002\055\240\003\002\001\002\002\020\041
+\156\063\245\313\323\210\244\157\051\007\264\047\074\304\330\060
+\012\006\010\052\206\110\316\075\004\003\003\060\201\224\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\035\060\033\006
+\003\125\004\012\023\024\123\171\155\141\156\164\145\143\040\103
+\157\162\160\157\162\141\164\151\157\156\061\037\060\035\006\003
+\125\004\013\023\026\123\171\155\141\156\164\145\143\040\124\162
+\165\163\164\040\116\145\164\167\157\162\153\061\105\060\103\006
+\003\125\004\003\023\074\123\171\155\141\156\164\145\143\040\103
+\154\141\163\163\040\061\040\120\165\142\154\151\143\040\120\162
+\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040
+\107\064\060\036\027\015\061\061\061\060\060\065\060\060\060\060
+\060\060\132\027\015\063\070\060\061\061\070\062\063\065\071\065
+\071\132\060\201\224\061\013\060\011\006\003\125\004\006\023\002
+\125\123\061\035\060\033\006\003\125\004\012\023\024\123\171\155
+\141\156\164\145\143\040\103\157\162\160\157\162\141\164\151\157
+\156\061\037\060\035\006\003\125\004\013\023\026\123\171\155\141
+\156\164\145\143\040\124\162\165\163\164\040\116\145\164\167\157
+\162\153\061\105\060\103\006\003\125\004\003\023\074\123\171\155
+\141\156\164\145\143\040\103\154\141\163\163\040\061\040\120\165
+\142\154\151\143\040\120\162\151\155\141\162\171\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\040\055\040\107\064\060\166\060\020\006\007\052
+\206\110\316\075\002\001\006\005\053\201\004\000\042\003\142\000
+\004\327\146\265\033\333\256\263\140\356\106\352\210\143\165\073
+\052\224\155\363\137\022\366\343\017\236\266\012\024\123\110\122
+\310\334\072\263\313\110\040\046\022\116\372\211\204\324\337\221
+\344\051\175\050\001\331\333\030\103\151\241\037\265\323\206\026
+\334\307\177\147\043\337\337\061\061\203\003\065\160\261\113\267
+\310\027\273\121\313\334\224\027\333\352\011\073\166\022\336\252
+\265\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004
+\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
+\024\145\300\215\045\365\014\272\227\167\220\077\236\056\340\132
+\365\316\325\341\344\060\012\006\010\052\206\110\316\075\004\003
+\003\003\151\000\060\146\002\061\000\245\256\343\106\123\370\230
+\066\343\042\372\056\050\111\015\356\060\176\063\363\354\077\161
+\136\314\125\211\170\231\254\262\375\334\034\134\063\216\051\271
+\153\027\310\021\150\265\334\203\007\002\061\000\234\310\104\332
+\151\302\066\303\124\031\020\205\002\332\235\107\357\101\347\154
+\046\235\011\075\367\155\220\321\005\104\057\260\274\203\223\150
+\362\014\105\111\071\277\231\004\034\323\020\240
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "Amazon Root CA 3"
-# Issuer: CN=Amazon Root CA 3,O=Amazon,C=US
-# Serial Number:06:6c:9f:d5:74:97:36:66:3f:3b:0b:9a:d9:e8:9e:76:03:f2:4a
-# Subject: CN=Amazon Root CA 3,O=Amazon,C=US
-# Not Valid Before: Tue May 26 00:00:00 2015
-# Not Valid After : Sat May 26 00:00:00 2040
-# Fingerprint (SHA-256): 18:CE:6C:FE:7B:F1:4E:60:B2:E3:47:B8:DF:E8:68:CB:31:D0:2E:BB:3A:DA:27:15:69:F5:03:43:B4:6D:B3:A4
-# Fingerprint (SHA1): 0D:44:DD:8C:3C:8C:1A:1A:58:75:64:81:E9:0F:2E:2A:FF:B3:D2:6E
+# Trust for "Symantec Class 1 Public Primary Certification Authority - G4"
+# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:21:6e:33:a5:cb:d3:88:a4:6f:29:07:b4:27:3c:c4:d8
+# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Wed Oct 05 00:00:00 2011
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): 36:3F:3C:84:9E:AB:03:B0:A2:A0:F6:36:D7:B8:6D:04:D3:AC:7F:CF:E2:6A:0A:91:21:AB:97:95:F6:E1:76:DF
+# Fingerprint (SHA1): 84:F2:E3:DD:83:13:3E:A9:1D:19:52:7F:02:D7:29:BF:C1:5F:E6:67
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Amazon Root CA 3"
+CKA_LABEL UTF8 "Symantec Class 1 Public Primary Certification Authority - G4"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\015\104\335\214\074\214\032\032\130\165\144\201\351\017\056\052
-\377\263\322\156
+\204\362\343\335\203\023\076\251\035\031\122\177\002\327\051\277
+\301\137\346\147
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\240\324\357\013\367\265\330\111\225\052\354\365\304\374\201\207
+\004\345\200\077\125\377\131\207\244\062\322\025\245\345\252\346
END
CKA_ISSUER MULTILINE_OCTAL
-\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
-\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
-\156\040\122\157\157\164\040\103\101\040\063
-END
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\064
+END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\023\006\154\237\325\164\227\066\146\077\073\013\232\331\350
-\236\166\003\362\112
+\002\020\041\156\063\245\313\323\210\244\157\051\007\264\047\074
+\304\330
END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "Amazon Root CA 4"
+# Certificate "Symantec Class 2 Public Primary Certification Authority - G4"
#
-# Issuer: CN=Amazon Root CA 4,O=Amazon,C=US
-# Serial Number:06:6c:9f:d7:c1:bb:10:4c:29:43:e5:71:7b:7b:2c:c8:1a:c1:0e
-# Subject: CN=Amazon Root CA 4,O=Amazon,C=US
-# Not Valid Before: Tue May 26 00:00:00 2015
-# Not Valid After : Sat May 26 00:00:00 2040
-# Fingerprint (SHA-256): E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92
-# Fingerprint (SHA1): F6:10:84:07:D6:F8:BB:67:98:0C:C2:E2:44:C2:EB:AE:1C:EF:63:BE
+# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:34:17:65:12:40:3b:b7:56:80:2d:80:cb:79:55:a6:1e
+# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Wed Oct 05 00:00:00 2011
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): FE:86:3D:08:22:FE:7A:23:53:FA:48:4D:59:24:E8:75:65:6D:3D:C9:FB:58:77:1F:6F:61:6F:9D:57:1B:C5:92
+# Fingerprint (SHA1): 67:24:90:2E:48:01:B0:22:96:40:10:46:B4:B1:67:2C:A9:75:FD:2B
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Amazon Root CA 4"
+CKA_LABEL UTF8 "Symantec Class 2 Public Primary Certification Authority - G4"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
-\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
-\156\040\122\157\157\164\040\103\101\040\064
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\064
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
-\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
-\156\040\122\157\157\164\040\103\101\040\064
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\064
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\023\006\154\237\327\301\273\020\114\051\103\345\161\173\173
-\054\310\032\301\016
+\002\020\064\027\145\022\100\073\267\126\200\055\200\313\171\125
+\246\036
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\001\362\060\202\001\170\240\003\002\001\002\002\023\006
-\154\237\327\301\273\020\114\051\103\345\161\173\173\054\310\032
-\301\016\060\012\006\010\052\206\110\316\075\004\003\003\060\071
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\017\060
-\015\006\003\125\004\012\023\006\101\155\141\172\157\156\061\031
-\060\027\006\003\125\004\003\023\020\101\155\141\172\157\156\040
-\122\157\157\164\040\103\101\040\064\060\036\027\015\061\065\060
-\065\062\066\060\060\060\060\060\060\132\027\015\064\060\060\065
-\062\066\060\060\060\060\060\060\132\060\071\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\017\060\015\006\003\125\004
-\012\023\006\101\155\141\172\157\156\061\031\060\027\006\003\125
-\004\003\023\020\101\155\141\172\157\156\040\122\157\157\164\040
-\103\101\040\064\060\166\060\020\006\007\052\206\110\316\075\002
-\001\006\005\053\201\004\000\042\003\142\000\004\322\253\212\067
-\117\243\123\015\376\301\212\173\113\250\173\106\113\143\260\142
-\366\055\033\333\010\161\041\322\000\350\143\275\232\047\373\360
-\071\156\135\352\075\245\311\201\252\243\133\040\230\105\135\026
-\333\375\350\020\155\343\234\340\343\275\137\204\142\363\160\144
-\063\240\313\044\057\160\272\210\241\052\240\165\370\201\256\142
-\006\304\201\333\071\156\051\260\036\372\056\134\243\102\060\100
-\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
-\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
-\206\060\035\006\003\125\035\016\004\026\004\024\323\354\307\072
-\145\156\314\341\332\166\232\126\373\234\363\206\155\127\345\201
-\060\012\006\010\052\206\110\316\075\004\003\003\003\150\000\060
-\145\002\060\072\213\041\361\275\176\021\255\320\357\130\226\057
-\326\353\235\176\220\215\053\317\146\125\303\054\343\050\251\160
-\012\107\016\360\067\131\022\377\055\231\224\050\116\052\117\065
-\115\063\132\002\061\000\352\165\000\116\073\304\072\224\022\221
-\311\130\106\235\041\023\162\247\210\234\212\344\114\112\333\226
-\324\254\213\153\153\111\022\123\063\255\327\344\276\044\374\265
-\012\166\324\245\274\020
+\060\202\002\250\060\202\002\055\240\003\002\001\002\002\020\064
+\027\145\022\100\073\267\126\200\055\200\313\171\125\246\036\060
+\012\006\010\052\206\110\316\075\004\003\003\060\201\224\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\035\060\033\006
+\003\125\004\012\023\024\123\171\155\141\156\164\145\143\040\103
+\157\162\160\157\162\141\164\151\157\156\061\037\060\035\006\003
+\125\004\013\023\026\123\171\155\141\156\164\145\143\040\124\162
+\165\163\164\040\116\145\164\167\157\162\153\061\105\060\103\006
+\003\125\004\003\023\074\123\171\155\141\156\164\145\143\040\103
+\154\141\163\163\040\062\040\120\165\142\154\151\143\040\120\162
+\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040
+\107\064\060\036\027\015\061\061\061\060\060\065\060\060\060\060
+\060\060\132\027\015\063\070\060\061\061\070\062\063\065\071\065
+\071\132\060\201\224\061\013\060\011\006\003\125\004\006\023\002
+\125\123\061\035\060\033\006\003\125\004\012\023\024\123\171\155
+\141\156\164\145\143\040\103\157\162\160\157\162\141\164\151\157
+\156\061\037\060\035\006\003\125\004\013\023\026\123\171\155\141
+\156\164\145\143\040\124\162\165\163\164\040\116\145\164\167\157
+\162\153\061\105\060\103\006\003\125\004\003\023\074\123\171\155
+\141\156\164\145\143\040\103\154\141\163\163\040\062\040\120\165
+\142\154\151\143\040\120\162\151\155\141\162\171\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\040\055\040\107\064\060\166\060\020\006\007\052
+\206\110\316\075\002\001\006\005\053\201\004\000\042\003\142\000
+\004\321\331\112\216\114\015\204\112\121\272\174\357\323\314\372
+\072\232\265\247\143\023\075\001\340\111\076\372\301\107\311\222
+\263\072\327\376\157\234\367\232\072\017\365\016\012\012\303\077
+\310\347\022\024\216\325\325\155\230\054\263\161\062\012\353\052
+\275\366\327\152\040\013\147\105\234\322\262\277\123\042\146\011
+\135\333\021\363\361\005\063\130\243\342\270\317\174\315\202\233
+\275\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004
+\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
+\024\075\062\363\072\251\014\220\204\371\242\214\151\006\141\124
+\057\207\162\376\005\060\012\006\010\052\206\110\316\075\004\003
+\003\003\151\000\060\146\002\061\000\310\246\251\257\101\177\265
+\311\021\102\026\150\151\114\134\270\047\030\266\230\361\300\177
+\220\155\207\323\214\106\027\360\076\117\374\352\260\010\304\172
+\113\274\010\057\307\342\247\157\145\002\061\000\326\131\336\206
+\316\137\016\312\124\325\306\320\025\016\374\213\224\162\324\216
+\000\130\123\317\176\261\113\015\345\120\206\353\236\153\337\377
+\051\246\330\107\331\240\226\030\333\362\105\263
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "Amazon Root CA 4"
-# Issuer: CN=Amazon Root CA 4,O=Amazon,C=US
-# Serial Number:06:6c:9f:d7:c1:bb:10:4c:29:43:e5:71:7b:7b:2c:c8:1a:c1:0e
-# Subject: CN=Amazon Root CA 4,O=Amazon,C=US
-# Not Valid Before: Tue May 26 00:00:00 2015
-# Not Valid After : Sat May 26 00:00:00 2040
-# Fingerprint (SHA-256): E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92
-# Fingerprint (SHA1): F6:10:84:07:D6:F8:BB:67:98:0C:C2:E2:44:C2:EB:AE:1C:EF:63:BE
+# Trust for "Symantec Class 2 Public Primary Certification Authority - G4"
+# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Serial Number:34:17:65:12:40:3b:b7:56:80:2d:80:cb:79:55:a6:1e
+# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
+# Not Valid Before: Wed Oct 05 00:00:00 2011
+# Not Valid After : Mon Jan 18 23:59:59 2038
+# Fingerprint (SHA-256): FE:86:3D:08:22:FE:7A:23:53:FA:48:4D:59:24:E8:75:65:6D:3D:C9:FB:58:77:1F:6F:61:6F:9D:57:1B:C5:92
+# Fingerprint (SHA1): 67:24:90:2E:48:01:B0:22:96:40:10:46:B4:B1:67:2C:A9:75:FD:2B
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Amazon Root CA 4"
+CKA_LABEL UTF8 "Symantec Class 2 Public Primary Certification Authority - G4"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\366\020\204\007\326\370\273\147\230\014\302\342\104\302\353\256
-\034\357\143\276
+\147\044\220\056\110\001\260\042\226\100\020\106\264\261\147\054
+\251\165\375\053
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\211\274\047\325\353\027\215\006\152\151\325\375\211\107\264\315
+\160\325\060\361\332\224\227\324\327\164\337\276\355\150\336\226
END
CKA_ISSUER MULTILINE_OCTAL
-\060\071\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\017\060\015\006\003\125\004\012\023\006\101\155\141\172\157\156
-\061\031\060\027\006\003\125\004\003\023\020\101\155\141\172\157
-\156\040\122\157\157\164\040\103\101\040\064
+\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
+\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
+\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
+\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
+\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
+\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
+\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
+\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
+\164\171\040\055\040\107\064
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\023\006\154\237\327\301\273\020\114\051\103\345\161\173\173
-\054\310\032\301\016
+\002\020\064\027\145\022\100\073\267\126\200\055\200\313\171\125
+\246\036
END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "LuxTrust Global Root 2"
+# Certificate "D-TRUST Root CA 3 2013"
#
-# Issuer: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
-# Serial Number:0a:7e:a6:df:4b:44:9e:da:6a:24:85:9e:e6:b8:15:d3:16:7f:bb:b1
-# Subject: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
-# Not Valid Before: Thu Mar 05 13:21:57 2015
-# Not Valid After : Mon Mar 05 13:21:57 2035
-# Fingerprint (SHA-256): 54:45:5F:71:29:C2:0B:14:47:C4:18:F9:97:16:8F:24:C5:8F:C5:02:3B:F5:DA:5B:E2:EB:6E:1D:D8:90:2E:D5
-# Fingerprint (SHA1): 1E:0E:56:19:0A:D1:8B:25:98:B2:04:44:FF:66:8A:04:17:99:5F:3F
+# Issuer: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
+# Serial Number: 1039788 (0xfddac)
+# Subject: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
+# Not Valid Before: Fri Sep 20 08:25:51 2013
+# Not Valid After : Wed Sep 20 08:25:51 2028
+# Fingerprint (SHA-256): A1:A8:6D:04:12:1E:B8:7F:02:7C:66:F5:33:03:C2:8E:57:39:F9:43:FC:84:B3:8A:D6:AF:00:90:35:DD:94:57
+# Fingerprint (SHA1): 6C:7C:CC:E7:D4:AE:51:5F:99:08:CD:3F:F6:E8:C3:78:DF:6F:EF:97
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "LuxTrust Global Root 2"
+CKA_LABEL UTF8 "D-TRUST Root CA 3 2013"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\114\125\061
-\026\060\024\006\003\125\004\012\014\015\114\165\170\124\162\165
-\163\164\040\123\056\101\056\061\037\060\035\006\003\125\004\003
-\014\026\114\165\170\124\162\165\163\164\040\107\154\157\142\141
-\154\040\122\157\157\164\040\062
+\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003\014
+\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103\101
+\040\063\040\062\060\061\063
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\114\125\061
-\026\060\024\006\003\125\004\012\014\015\114\165\170\124\162\165
-\163\164\040\123\056\101\056\061\037\060\035\006\003\125\004\003
-\014\026\114\165\170\124\162\165\163\164\040\107\154\157\142\141
-\154\040\122\157\157\164\040\062
+\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003\014
+\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103\101
+\040\063\040\062\060\061\063
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\024\012\176\246\337\113\104\236\332\152\044\205\236\346\270
-\025\323\026\177\273\261
+\002\003\017\335\254
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\005\303\060\202\003\253\240\003\002\001\002\002\024\012
-\176\246\337\113\104\236\332\152\044\205\236\346\270\025\323\026
-\177\273\261\060\015\006\011\052\206\110\206\367\015\001\001\013
-\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\114
-\125\061\026\060\024\006\003\125\004\012\014\015\114\165\170\124
-\162\165\163\164\040\123\056\101\056\061\037\060\035\006\003\125
-\004\003\014\026\114\165\170\124\162\165\163\164\040\107\154\157
-\142\141\154\040\122\157\157\164\040\062\060\036\027\015\061\065
-\060\063\060\065\061\063\062\061\065\067\132\027\015\063\065\060
-\063\060\065\061\063\062\061\065\067\132\060\106\061\013\060\011
-\006\003\125\004\006\023\002\114\125\061\026\060\024\006\003\125
-\004\012\014\015\114\165\170\124\162\165\163\164\040\123\056\101
-\056\061\037\060\035\006\003\125\004\003\014\026\114\165\170\124
-\162\165\163\164\040\107\154\157\142\141\154\040\122\157\157\164
-\040\062\060\202\002\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202
-\002\001\000\327\205\227\277\021\230\351\360\142\203\114\074\207
-\371\123\152\067\013\362\017\074\207\316\157\334\046\051\275\305
-\211\272\311\203\075\367\356\312\133\306\155\111\163\264\311\106
-\243\033\064\023\077\301\211\105\127\364\331\261\373\066\145\113
-\373\010\342\110\161\021\310\156\073\236\235\337\211\145\067\246
-\205\366\073\104\030\266\306\067\060\142\104\222\227\151\175\102
-\060\044\344\015\014\211\153\143\336\305\341\337\116\251\024\154
-\123\340\141\316\366\027\057\035\074\275\346\042\114\035\223\365
-\020\304\241\166\354\152\336\305\154\337\226\264\126\100\102\300
-\142\222\060\241\055\025\224\240\322\040\006\011\156\152\155\345
-\353\267\276\324\360\361\025\174\213\346\116\272\023\314\113\047
-\136\231\074\027\135\217\201\177\063\075\117\323\077\033\354\134
-\077\360\074\114\165\156\362\246\325\235\332\055\007\143\002\306
-\162\351\224\274\114\111\225\117\210\122\310\333\350\151\202\370
-\314\064\133\042\360\206\247\211\275\110\012\155\146\201\155\310
-\310\144\373\001\341\364\341\336\331\236\335\333\133\324\052\231
-\046\025\033\036\114\222\051\202\236\325\222\201\222\101\160\031
-\367\244\345\223\113\274\167\147\061\335\034\375\061\160\015\027
-\231\014\371\014\071\031\052\027\265\060\161\125\325\017\256\130
-\341\075\057\064\233\317\237\366\170\205\302\223\172\162\076\146
-\217\234\026\021\140\217\236\211\157\147\276\340\107\132\073\014
-\232\147\213\317\106\306\256\070\243\362\247\274\346\326\205\153
-\063\044\160\042\113\313\010\233\273\310\370\002\051\035\276\040
-\014\106\277\153\207\233\263\052\146\102\065\106\154\252\272\255
-\371\230\173\351\120\125\024\061\277\261\332\055\355\200\255\150
-\044\373\151\253\330\161\023\060\346\147\263\207\100\375\211\176
-\362\103\321\021\337\057\145\057\144\316\137\024\271\261\277\061
-\275\207\170\132\131\145\210\252\374\131\062\110\206\326\114\271
-\051\113\225\323\166\363\167\045\155\102\034\070\203\115\375\243
-\137\233\177\055\254\171\033\016\102\061\227\143\244\373\212\151
-\325\042\015\064\220\060\056\250\264\340\155\266\224\254\274\213
-\116\327\160\374\305\070\216\144\045\341\115\071\220\316\311\207
-\204\130\161\002\003\001\000\001\243\201\250\060\201\245\060\017
-\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
-\102\006\003\125\035\040\004\073\060\071\060\067\006\007\053\201
-\053\001\001\001\012\060\054\060\052\006\010\053\006\001\005\005
-\007\002\001\026\036\150\164\164\160\163\072\057\057\162\145\160
-\157\163\151\164\157\162\171\056\154\165\170\164\162\165\163\164
-\056\154\165\060\016\006\003\125\035\017\001\001\377\004\004\003
-\002\001\006\060\037\006\003\125\035\043\004\030\060\026\200\024
-\377\030\050\166\371\110\005\054\241\256\361\053\033\053\262\123
-\370\113\174\263\060\035\006\003\125\035\016\004\026\004\024\377
-\030\050\166\371\110\005\054\241\256\361\053\033\053\262\123\370
-\113\174\263\060\015\006\011\052\206\110\206\367\015\001\001\013
-\005\000\003\202\002\001\000\152\031\024\355\156\171\301\054\207
-\324\015\160\176\327\366\170\311\013\004\116\304\261\316\223\160
-\376\260\124\300\062\315\231\060\144\027\277\017\345\342\063\375
-\007\066\100\162\016\032\266\152\131\326\000\345\150\040\335\056
-\162\015\037\152\144\061\040\204\175\111\246\132\067\353\105\311
-\205\365\324\307\027\231\007\346\233\125\344\014\350\251\264\316
-\214\133\265\021\134\317\212\016\015\326\254\167\201\376\062\234
-\044\236\162\316\124\363\320\157\242\126\326\354\303\067\054\145
-\130\276\127\000\032\362\065\372\353\173\061\135\302\301\022\075
-\226\201\210\226\211\301\131\134\172\346\177\160\064\347\203\342
-\261\341\341\270\130\357\324\225\344\140\234\360\226\227\162\214
-\353\204\002\056\145\217\244\267\322\177\147\335\310\323\236\134
-\252\251\244\240\045\024\006\233\354\117\176\055\013\177\035\165
-\361\063\330\355\316\270\165\155\076\133\271\230\035\061\015\126
-\330\103\017\060\221\262\004\153\335\126\276\225\200\125\147\276
-\330\315\203\331\030\356\056\017\206\055\222\236\160\023\354\336
-\121\311\103\170\002\245\115\310\371\137\304\221\130\106\026\167
-\132\164\252\100\274\007\237\060\271\261\367\022\027\335\343\377
-\044\100\035\172\152\321\117\030\012\252\220\035\353\100\036\337
-\241\036\104\222\020\232\362\215\341\321\113\106\236\350\105\102
-\227\352\105\231\363\354\146\325\002\372\362\246\112\044\252\336
-\316\271\312\371\077\223\157\371\243\272\352\245\076\231\255\375
-\377\173\231\365\145\356\360\131\050\147\327\220\225\244\023\204
-\251\204\301\350\316\316\165\223\143\032\274\074\352\325\144\037
-\055\052\022\071\306\303\132\062\355\107\221\026\016\274\070\301
-\120\336\217\312\052\220\064\034\356\101\224\234\136\031\056\370
-\105\111\231\164\221\260\004\157\343\004\132\261\253\052\253\376
-\307\320\226\266\332\341\112\144\006\156\140\115\275\102\116\377
-\170\332\044\312\033\264\327\226\071\154\256\361\016\252\247\175
-\110\213\040\114\317\144\326\270\227\106\260\116\321\052\126\072
-\240\223\275\257\200\044\340\012\176\347\312\325\312\350\205\125
-\334\066\052\341\224\150\223\307\146\162\104\017\200\041\062\154
-\045\307\043\200\203\012\353
+\060\202\004\016\060\202\002\366\240\003\002\001\002\002\003\017
+\335\254\060\015\006\011\052\206\110\206\367\015\001\001\013\005
+\000\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105
+\061\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165
+\163\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003
+\014\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103
+\101\040\063\040\062\060\061\063\060\036\027\015\061\063\060\071
+\062\060\060\070\062\065\065\061\132\027\015\062\070\060\071\062
+\060\060\070\062\065\065\061\132\060\105\061\013\060\011\006\003
+\125\004\006\023\002\104\105\061\025\060\023\006\003\125\004\012
+\014\014\104\055\124\162\165\163\164\040\107\155\142\110\061\037
+\060\035\006\003\125\004\003\014\026\104\055\124\122\125\123\124
+\040\122\157\157\164\040\103\101\040\063\040\062\060\061\063\060
+\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001
+\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000
+\304\173\102\222\202\037\354\355\124\230\216\022\300\312\011\337
+\223\156\072\223\134\033\344\020\167\236\116\151\210\154\366\341
+\151\362\366\233\242\141\261\275\007\040\164\230\145\361\214\046
+\010\315\250\065\312\200\066\321\143\155\350\104\172\202\303\154
+\136\336\273\350\066\322\304\150\066\214\237\062\275\204\042\340
+\334\302\356\020\106\071\155\257\223\071\256\207\346\303\274\011
+\311\054\153\147\133\331\233\166\165\114\013\340\273\305\327\274
+\076\171\362\137\276\321\220\127\371\256\366\146\137\061\277\323
+\155\217\247\272\112\363\043\145\273\267\357\243\045\327\012\352
+\130\266\357\210\372\372\171\262\122\130\325\360\254\214\241\121
+\164\051\225\252\121\073\220\062\003\237\034\162\164\220\336\075
+\355\141\322\345\343\375\144\107\345\271\267\112\251\367\037\256
+\226\206\004\254\057\343\244\201\167\267\132\026\377\330\017\077
+\366\267\170\314\244\257\372\133\074\022\133\250\122\211\162\357
+\210\363\325\104\201\206\225\043\237\173\335\274\331\064\357\174
+\224\074\252\300\101\302\343\235\120\032\300\344\031\042\374\263
+\002\003\001\000\001\243\202\001\005\060\202\001\001\060\017\006
+\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\035
+\006\003\125\035\016\004\026\004\024\077\220\310\175\307\025\157
+\363\044\217\251\303\057\113\242\017\041\262\057\347\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\006\060\201\276
+\006\003\125\035\037\004\201\266\060\201\263\060\164\240\162\240
+\160\206\156\154\144\141\160\072\057\057\144\151\162\145\143\164
+\157\162\171\056\144\055\164\162\165\163\164\056\156\145\164\057
+\103\116\075\104\055\124\122\125\123\124\045\062\060\122\157\157
+\164\045\062\060\103\101\045\062\060\063\045\062\060\062\060\061
+\063\054\117\075\104\055\124\162\165\163\164\045\062\060\107\155
+\142\110\054\103\075\104\105\077\143\145\162\164\151\146\151\143
+\141\164\145\162\145\166\157\143\141\164\151\157\156\154\151\163
+\164\060\073\240\071\240\067\206\065\150\164\164\160\072\057\057
+\143\162\154\056\144\055\164\162\165\163\164\056\156\145\164\057
+\143\162\154\057\144\055\164\162\165\163\164\137\162\157\157\164
+\137\143\141\137\063\137\062\060\061\063\056\143\162\154\060\015
+\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202\001
+\001\000\016\131\016\130\344\164\110\043\104\317\064\041\265\234
+\024\032\255\232\113\267\263\210\155\134\251\027\160\360\052\237
+\215\173\371\173\205\372\307\071\350\020\010\260\065\053\137\317
+\002\322\323\234\310\013\036\356\005\124\256\067\223\004\011\175
+\154\217\302\164\274\370\034\224\276\061\001\100\055\363\044\040
+\267\204\125\054\134\310\365\164\112\020\031\213\243\307\355\065
+\326\011\110\323\016\300\272\071\250\260\106\002\260\333\306\210
+\131\302\276\374\173\261\053\317\176\142\207\125\226\314\001\157
+\233\147\041\225\065\213\370\020\374\161\033\267\113\067\151\246
+\073\326\354\213\356\301\260\363\045\311\217\222\175\241\352\303
+\312\104\277\046\245\164\222\234\343\164\353\235\164\331\313\115
+\207\330\374\264\151\154\213\240\103\007\140\170\227\351\331\223
+\174\302\106\274\233\067\122\243\355\212\074\023\251\173\123\113
+\111\232\021\005\054\013\156\126\254\037\056\202\154\340\151\147
+\265\016\155\055\331\344\300\025\361\077\372\030\162\341\025\155
+\047\133\055\060\050\053\237\110\232\144\053\231\357\362\165\111
+\137\134
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "LuxTrust Global Root 2"
-# Issuer: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
-# Serial Number:0a:7e:a6:df:4b:44:9e:da:6a:24:85:9e:e6:b8:15:d3:16:7f:bb:b1
-# Subject: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU
-# Not Valid Before: Thu Mar 05 13:21:57 2015
-# Not Valid After : Mon Mar 05 13:21:57 2035
-# Fingerprint (SHA-256): 54:45:5F:71:29:C2:0B:14:47:C4:18:F9:97:16:8F:24:C5:8F:C5:02:3B:F5:DA:5B:E2:EB:6E:1D:D8:90:2E:D5
-# Fingerprint (SHA1): 1E:0E:56:19:0A:D1:8B:25:98:B2:04:44:FF:66:8A:04:17:99:5F:3F
+# Trust for "D-TRUST Root CA 3 2013"
+# Issuer: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
+# Serial Number: 1039788 (0xfddac)
+# Subject: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
+# Not Valid Before: Fri Sep 20 08:25:51 2013
+# Not Valid After : Wed Sep 20 08:25:51 2028
+# Fingerprint (SHA-256): A1:A8:6D:04:12:1E:B8:7F:02:7C:66:F5:33:03:C2:8E:57:39:F9:43:FC:84:B3:8A:D6:AF:00:90:35:DD:94:57
+# Fingerprint (SHA1): 6C:7C:CC:E7:D4:AE:51:5F:99:08:CD:3F:F6:E8:C3:78:DF:6F:EF:97
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "LuxTrust Global Root 2"
+CKA_LABEL UTF8 "D-TRUST Root CA 3 2013"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\036\016\126\031\012\321\213\045\230\262\004\104\377\146\212\004
-\027\231\137\077
+\154\174\314\347\324\256\121\137\231\010\315\077\366\350\303\170
+\337\157\357\227
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\262\341\011\000\141\257\367\361\221\157\304\255\215\136\073\174
+\267\042\146\230\176\326\003\340\301\161\346\165\315\126\105\277
END
CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\114\125\061
-\026\060\024\006\003\125\004\012\014\015\114\165\170\124\162\165
-\163\164\040\123\056\101\056\061\037\060\035\006\003\125\004\003
-\014\026\114\165\170\124\162\165\163\164\040\107\154\157\142\141
-\154\040\122\157\157\164\040\062
+\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105\061
+\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
+\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003\014
+\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103\101
+\040\063\040\062\060\061\063
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\024\012\176\246\337\113\104\236\332\152\044\205\236\346\270
-\025\323\026\177\273\261
+\002\003\017\335\254
END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
+# Certificate "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
#
-# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Serial Number:24:32:75:f2:1d:2f:d2:09:33:f7:b4:6a:ca:d0:f3:98
-# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Not Valid Before: Tue Oct 18 00:00:00 2011
-# Not Valid After : Tue Dec 01 23:59:59 2037
-# Fingerprint (SHA-256): 9D:19:0B:2E:31:45:66:68:5B:E8:A8:89:E2:7A:A8:C7:D7:AE:1D:8A:AD:DB:A3:C1:EC:F9:D2:48:63:CD:34:B9
-# Fingerprint (SHA1): 51:7F:61:1E:29:91:6B:53:82:FB:72:E7:44:D9:8D:C3:CC:53:6D:64
+# Issuer: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
+# Serial Number: 1 (0x1)
+# Subject: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
+# Not Valid Before: Mon Nov 25 08:25:55 2013
+# Not Valid After : Sun Oct 25 08:25:55 2043
+# Fingerprint (SHA-256): 46:ED:C3:68:90:46:D5:3A:45:3F:B3:10:4A:B8:0D:CA:EC:65:8B:26:60:EA:16:29:DD:7E:86:79:90:64:87:16
+# Fingerprint (SHA1): 31:43:64:9B:EC:CE:27:EC:ED:3A:3F:0B:8F:0D:E4:E8:91:DD:EE:CA
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Symantec Class 1 Public Primary Certification Authority - G6"
+CKA_LABEL UTF8 "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
-\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
-\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
-\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
-\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\066
+\060\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145
+\040\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003
+\125\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154
+\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
+\152\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165
+\162\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055
+\060\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145
+\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
+\145\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060
+\064\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040
+\113\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040
+\123\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165
+\162\165\155\040\061
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
-\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
-\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
-\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
-\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\066
+\060\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145
+\040\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003
+\125\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154
+\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
+\152\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165
+\162\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055
+\060\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145
+\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
+\145\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060
+\064\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040
+\113\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040
+\123\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165
+\162\165\155\040\061
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\044\062\165\362\035\057\322\011\063\367\264\152\312\320
-\363\230
+\002\001\001
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\003\366\060\202\002\336\240\003\002\001\002\002\020\044
-\062\165\362\035\057\322\011\063\367\264\152\312\320\363\230\060
-\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\201
-\224\061\013\060\011\006\003\125\004\006\023\002\125\123\061\035
-\060\033\006\003\125\004\012\023\024\123\171\155\141\156\164\145
-\143\040\103\157\162\160\157\162\141\164\151\157\156\061\037\060
-\035\006\003\125\004\013\023\026\123\171\155\141\156\164\145\143
-\040\124\162\165\163\164\040\116\145\164\167\157\162\153\061\105
-\060\103\006\003\125\004\003\023\074\123\171\155\141\156\164\145
-\143\040\103\154\141\163\163\040\061\040\120\165\142\154\151\143
-\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\055\040\107\066\060\036\027\015\061\061\061\060\061\070\060
-\060\060\060\060\060\132\027\015\063\067\061\062\060\061\062\063
-\065\071\065\071\132\060\201\224\061\013\060\011\006\003\125\004
-\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024
-\123\171\155\141\156\164\145\143\040\103\157\162\160\157\162\141
-\164\151\157\156\061\037\060\035\006\003\125\004\013\023\026\123
-\171\155\141\156\164\145\143\040\124\162\165\163\164\040\116\145
-\164\167\157\162\153\061\105\060\103\006\003\125\004\003\023\074
-\123\171\155\141\156\164\145\143\040\103\154\141\163\163\040\061
-\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171\040\055\040\107\066\060\202\001\042
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\202\001\017\000\060\202\001\012\002\202\001\001\000\307\071\327
-\111\144\251\231\202\042\114\352\105\331\007\026\343\173\364\203
-\350\231\163\372\153\261\066\340\232\167\240\100\302\201\215\001
-\307\314\214\275\217\175\367\171\343\172\114\003\115\331\373\375
-\207\070\050\054\335\232\213\124\010\333\147\373\033\214\376\050
-\222\057\276\267\262\110\247\201\241\330\136\210\303\314\071\100
-\101\132\321\334\345\332\020\237\057\332\001\115\375\056\106\174
-\371\056\047\012\151\067\356\221\243\033\152\314\104\277\033\307
-\303\324\021\262\120\140\227\011\275\056\042\365\101\204\146\237
-\315\100\246\251\000\200\301\037\225\222\237\336\363\110\357\333
-\035\167\141\374\177\337\356\226\244\162\320\266\076\377\170\047
-\257\313\222\025\151\010\333\143\020\342\346\227\254\156\334\254
-\366\242\316\036\107\231\271\211\267\022\346\241\324\315\131\021
-\147\303\157\205\330\102\116\050\276\131\125\131\004\225\253\217
-\067\200\277\015\360\374\037\072\144\061\130\201\170\327\342\065
-\366\040\077\051\270\217\026\156\076\110\334\265\114\007\341\362
-\032\352\176\012\171\326\250\275\353\135\206\053\115\002\003\001
-\000\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377
-\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
-\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026
-\004\024\063\101\350\310\071\022\025\223\110\362\226\062\056\132
-\365\332\224\137\123\140\060\015\006\011\052\206\110\206\367\015
-\001\001\013\005\000\003\202\001\001\000\025\343\163\127\261\027
-\266\137\111\151\104\246\366\136\172\147\254\322\336\165\111\253
-\376\045\125\307\072\311\104\025\020\156\277\061\153\313\331\007
-\223\177\034\205\143\000\343\062\022\340\314\313\373\071\154\217
-\342\123\342\074\100\063\331\244\214\107\346\255\130\373\211\257
-\343\336\206\051\126\064\054\105\270\022\372\104\211\156\055\024
-\045\050\044\001\145\326\352\122\254\005\156\126\022\011\075\320
-\164\364\327\275\006\312\250\072\215\126\102\372\215\162\076\164
-\361\003\162\337\207\033\136\016\172\125\226\054\070\267\230\205
-\315\115\063\104\311\224\217\132\061\060\067\113\243\072\022\263
-\347\066\321\041\150\113\055\070\346\123\256\034\045\126\010\126
-\003\147\204\235\306\303\316\044\142\307\114\066\317\260\006\104
-\267\365\137\002\335\331\124\351\057\220\116\172\310\116\203\100
-\014\232\227\074\067\277\277\354\366\360\264\205\167\050\301\013
-\310\147\202\020\027\070\242\267\006\352\233\277\072\370\351\043
-\007\277\164\340\230\070\025\125\170\356\162\000\134\031\243\364
-\322\063\340\377\275\321\124\071\051\017
+\060\202\004\143\060\202\003\113\240\003\002\001\002\002\001\001
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122\061
+\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145\040
+\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003\125
+\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154\151
+\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157\152
+\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165\162
+\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055\060
+\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145\162
+\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153\145
+\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060\064
+\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040\113
+\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040\123
+\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165\162
+\165\155\040\061\060\036\027\015\061\063\061\061\062\065\060\070
+\062\065\065\065\132\027\015\064\063\061\060\062\065\060\070\062
+\065\065\065\132\060\201\322\061\013\060\011\006\003\125\004\006
+\023\002\124\122\061\030\060\026\006\003\125\004\007\023\017\107
+\145\142\172\145\040\055\040\113\157\143\141\145\154\151\061\102
+\060\100\006\003\125\004\012\023\071\124\165\162\153\151\171\145
+\040\102\151\154\151\155\163\145\154\040\166\145\040\124\145\153
+\156\157\154\157\152\151\153\040\101\162\141\163\164\151\162\155
+\141\040\113\165\162\165\155\165\040\055\040\124\125\102\111\124
+\101\113\061\055\060\053\006\003\125\004\013\023\044\113\141\155
+\165\040\123\145\162\164\151\146\151\153\141\163\171\157\156\040
+\115\145\162\153\145\172\151\040\055\040\113\141\155\165\040\123
+\115\061\066\060\064\006\003\125\004\003\023\055\124\125\102\111
+\124\101\113\040\113\141\155\165\040\123\115\040\123\123\114\040
+\113\157\153\040\123\145\162\164\151\146\151\153\141\163\151\040
+\055\040\123\165\162\165\155\040\061\060\202\001\042\060\015\006
+\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
+\000\060\202\001\012\002\202\001\001\000\257\165\060\063\252\273
+\153\323\231\054\022\067\204\331\215\173\227\200\323\156\347\377
+\233\120\225\076\220\225\126\102\327\031\174\046\204\215\222\372
+\001\035\072\017\342\144\070\267\214\274\350\210\371\213\044\253
+\056\243\365\067\344\100\216\030\045\171\203\165\037\073\377\154
+\250\305\306\126\370\264\355\212\104\243\253\154\114\374\035\320
+\334\357\150\275\317\344\252\316\360\125\367\242\064\324\203\153
+\067\174\034\302\376\265\003\354\127\316\274\264\265\305\355\000
+\017\123\067\052\115\364\117\014\203\373\206\317\313\376\214\116
+\275\207\371\247\213\041\127\234\172\337\003\147\211\054\235\227
+\141\247\020\270\125\220\177\016\055\047\070\164\337\347\375\332
+\116\022\343\115\025\042\002\310\340\340\374\017\255\212\327\311
+\124\120\314\073\017\312\026\200\204\320\121\126\303\216\126\177
+\211\042\063\057\346\205\012\275\245\250\033\066\336\323\334\054
+\155\073\307\023\275\131\043\054\346\345\244\367\330\013\355\352
+\220\100\104\250\225\273\223\325\320\200\064\266\106\170\016\037
+\000\223\106\341\356\351\371\354\117\027\002\003\001\000\001\243
+\102\060\100\060\035\006\003\125\035\016\004\026\004\024\145\077
+\307\212\206\306\074\335\074\124\134\065\370\072\355\122\014\107
+\127\310\060\016\006\003\125\035\017\001\001\377\004\004\003\002
+\001\006\060\017\006\003\125\035\023\001\001\377\004\005\060\003
+\001\001\377\060\015\006\011\052\206\110\206\367\015\001\001\013
+\005\000\003\202\001\001\000\052\077\341\361\062\216\256\341\230
+\134\113\136\317\153\036\152\011\322\042\251\022\307\136\127\175
+\163\126\144\200\204\172\223\344\011\271\020\315\237\052\047\341
+\000\167\276\110\310\065\250\201\237\344\270\054\311\177\016\260
+\322\113\067\135\352\271\325\013\136\064\275\364\163\051\303\355
+\046\025\234\176\010\123\212\130\215\320\113\050\337\301\263\337
+\040\363\371\343\343\072\337\314\234\224\330\116\117\303\153\027
+\267\367\162\350\255\146\063\265\045\123\253\340\370\114\251\235
+\375\362\015\272\256\271\331\252\306\153\371\223\273\256\253\270
+\227\074\003\032\272\103\306\226\271\105\162\070\263\247\241\226
+\075\221\173\176\300\041\123\114\207\355\362\013\124\225\121\223
+\325\042\245\015\212\361\223\016\076\124\016\260\330\311\116\334
+\362\061\062\126\352\144\371\352\265\235\026\146\102\162\363\177
+\323\261\061\103\374\244\216\027\361\155\043\253\224\146\370\255
+\373\017\010\156\046\055\177\027\007\011\262\214\373\120\300\237
+\226\215\317\266\375\000\235\132\024\232\277\002\104\365\301\302
+\237\042\136\242\017\241\343
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "Symantec Class 1 Public Primary Certification Authority - G6"
-# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Serial Number:24:32:75:f2:1d:2f:d2:09:33:f7:b4:6a:ca:d0:f3:98
-# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Not Valid Before: Tue Oct 18 00:00:00 2011
-# Not Valid After : Tue Dec 01 23:59:59 2037
-# Fingerprint (SHA-256): 9D:19:0B:2E:31:45:66:68:5B:E8:A8:89:E2:7A:A8:C7:D7:AE:1D:8A:AD:DB:A3:C1:EC:F9:D2:48:63:CD:34:B9
-# Fingerprint (SHA1): 51:7F:61:1E:29:91:6B:53:82:FB:72:E7:44:D9:8D:C3:CC:53:6D:64
+# Trust for "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+# Issuer: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
+# Serial Number: 1 (0x1)
+# Subject: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
+# Not Valid Before: Mon Nov 25 08:25:55 2013
+# Not Valid After : Sun Oct 25 08:25:55 2043
+# Fingerprint (SHA-256): 46:ED:C3:68:90:46:D5:3A:45:3F:B3:10:4A:B8:0D:CA:EC:65:8B:26:60:EA:16:29:DD:7E:86:79:90:64:87:16
+# Fingerprint (SHA1): 31:43:64:9B:EC:CE:27:EC:ED:3A:3F:0B:8F:0D:E4:E8:91:DD:EE:CA
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Symantec Class 1 Public Primary Certification Authority - G6"
+CKA_LABEL UTF8 "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\121\177\141\036\051\221\153\123\202\373\162\347\104\331\215\303
-\314\123\155\144
+\061\103\144\233\354\316\047\354\355\072\077\013\217\015\344\350
+\221\335\356\312
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\057\250\264\332\366\144\113\036\202\371\106\075\124\032\174\260
+\334\000\201\334\151\057\076\057\260\073\366\075\132\221\216\111
END
CKA_ISSUER MULTILINE_OCTAL
-\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
-\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
-\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
-\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
-\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\066
+\060\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122
+\061\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145
+\040\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003
+\125\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154
+\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
+\152\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165
+\162\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055
+\060\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145
+\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
+\145\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060
+\064\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040
+\113\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040
+\123\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165
+\162\165\155\040\061
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\044\062\165\362\035\057\322\011\063\367\264\152\312\320
-\363\230
+\002\001\001
END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
+# Certificate "GDCA TrustAUTH R5 ROOT"
#
-# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Serial Number:64:82:9e:fc:37:1e:74:5d:fc:97:ff:97:c8:b1:ff:41
-# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Not Valid Before: Tue Oct 18 00:00:00 2011
-# Not Valid After : Tue Dec 01 23:59:59 2037
-# Fingerprint (SHA-256): CB:62:7D:18:B5:8A:D5:6D:DE:33:1A:30:45:6B:C6:5C:60:1A:4E:9B:18:DE:DC:EA:08:E7:DA:AA:07:81:5F:F0
-# Fingerprint (SHA1): 40:B3:31:A0:E9:BF:E8:55:BC:39:93:CA:70:4F:4E:C2:51:D4:1D:8F
+# Issuer: CN=GDCA TrustAUTH R5 ROOT,O="GUANG DONG CERTIFICATE AUTHORITY CO.,LTD.",C=CN
+# Serial Number:7d:09:97:fe:f0:47:ea:7a
+# Subject: CN=GDCA TrustAUTH R5 ROOT,O="GUANG DONG CERTIFICATE AUTHORITY CO.,LTD.",C=CN
+# Not Valid Before: Wed Nov 26 05:13:15 2014
+# Not Valid After : Mon Dec 31 15:59:59 2040
+# Fingerprint (SHA-256): BF:FF:8F:D0:44:33:48:7D:6A:8A:A6:0C:1A:29:76:7A:9F:C2:BB:B0:5E:42:0F:71:3A:13:B9:92:89:1D:38:93
+# Fingerprint (SHA1): 0F:36:38:5B:81:1A:25:C3:9B:31:4E:83:CA:E9:34:66:70:CC:74:B4
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Symantec Class 2 Public Primary Certification Authority - G6"
+CKA_LABEL UTF8 "GDCA TrustAUTH R5 ROOT"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
-\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
-\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
-\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
-\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\066
+\060\142\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\062\060\060\006\003\125\004\012\014\051\107\125\101\116\107\040
+\104\117\116\107\040\103\105\122\124\111\106\111\103\101\124\105
+\040\101\125\124\110\117\122\111\124\131\040\103\117\056\054\114
+\124\104\056\061\037\060\035\006\003\125\004\003\014\026\107\104
+\103\101\040\124\162\165\163\164\101\125\124\110\040\122\065\040
+\122\117\117\124
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
-\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
-\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
-\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
-\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\066
+\060\142\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\062\060\060\006\003\125\004\012\014\051\107\125\101\116\107\040
+\104\117\116\107\040\103\105\122\124\111\106\111\103\101\124\105
+\040\101\125\124\110\117\122\111\124\131\040\103\117\056\054\114
+\124\104\056\061\037\060\035\006\003\125\004\003\014\026\107\104
+\103\101\040\124\162\165\163\164\101\125\124\110\040\122\065\040
+\122\117\117\124
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\144\202\236\374\067\036\164\135\374\227\377\227\310\261
-\377\101
+\002\010\175\011\227\376\360\107\352\172
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\003\366\060\202\002\336\240\003\002\001\002\002\020\144
-\202\236\374\067\036\164\135\374\227\377\227\310\261\377\101\060
-\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\201
-\224\061\013\060\011\006\003\125\004\006\023\002\125\123\061\035
-\060\033\006\003\125\004\012\023\024\123\171\155\141\156\164\145
-\143\040\103\157\162\160\157\162\141\164\151\157\156\061\037\060
-\035\006\003\125\004\013\023\026\123\171\155\141\156\164\145\143
-\040\124\162\165\163\164\040\116\145\164\167\157\162\153\061\105
-\060\103\006\003\125\004\003\023\074\123\171\155\141\156\164\145
-\143\040\103\154\141\163\163\040\062\040\120\165\142\154\151\143
-\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\055\040\107\066\060\036\027\015\061\061\061\060\061\070\060
-\060\060\060\060\060\132\027\015\063\067\061\062\060\061\062\063
-\065\071\065\071\132\060\201\224\061\013\060\011\006\003\125\004
-\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024
-\123\171\155\141\156\164\145\143\040\103\157\162\160\157\162\141
-\164\151\157\156\061\037\060\035\006\003\125\004\013\023\026\123
-\171\155\141\156\164\145\143\040\124\162\165\163\164\040\116\145
-\164\167\157\162\153\061\105\060\103\006\003\125\004\003\023\074
-\123\171\155\141\156\164\145\143\040\103\154\141\163\163\040\062
-\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171\040\055\040\107\066\060\202\001\042
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\202\001\017\000\060\202\001\012\002\202\001\001\000\315\314\351
-\005\310\143\205\313\077\100\143\027\275\030\372\065\346\004\147
-\127\145\230\051\244\117\311\134\217\017\064\322\370\332\250\023
-\142\252\270\036\120\147\170\260\026\114\240\071\251\025\172\256
-\355\322\242\300\360\220\067\051\030\046\134\350\015\074\266\154
-\111\077\301\340\334\331\113\266\024\031\013\246\323\226\341\326
-\011\343\031\046\034\371\037\145\113\371\032\103\034\000\203\326
-\320\252\111\242\324\333\346\142\070\272\120\024\103\155\371\061
-\370\126\026\331\070\002\221\317\353\154\335\273\071\116\231\341
-\060\147\105\361\324\360\215\303\337\376\362\070\007\041\175\000
-\136\126\104\263\344\140\275\221\053\234\253\133\004\162\017\262
-\050\331\162\253\005\040\102\045\251\133\003\152\040\020\314\061
-\360\053\332\065\054\320\373\232\227\116\360\202\113\053\330\137
-\066\243\013\055\257\143\015\035\045\177\241\156\134\142\241\215
-\050\076\241\374\034\040\370\001\057\272\125\232\021\260\031\322
-\310\120\171\153\016\152\005\327\252\004\066\262\243\362\341\137
-\167\247\167\234\345\036\334\351\337\152\301\145\135\002\003\001
-\000\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377
-\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
-\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026
-\004\024\207\214\040\225\310\230\112\321\326\200\006\112\220\064
-\104\337\034\115\277\260\060\015\006\011\052\206\110\206\367\015
-\001\001\013\005\000\003\202\001\001\000\201\216\262\245\146\226
-\267\041\245\266\357\157\043\132\137\333\201\305\102\245\170\301
-\151\375\364\074\327\371\134\153\160\162\032\374\132\227\115\000
-\200\210\210\202\212\303\161\015\216\305\211\233\054\355\215\013
-\322\162\124\365\175\324\134\103\127\351\363\256\245\002\021\366
-\166\053\201\127\335\175\332\164\060\375\124\107\366\340\026\156
-\246\264\012\110\346\347\165\007\017\051\031\071\316\171\364\266
-\154\305\137\231\325\037\113\372\337\155\054\074\015\124\200\160
-\360\210\013\200\317\306\150\242\270\035\160\331\166\214\374\356
-\245\311\317\255\035\317\231\045\127\132\142\105\313\026\153\275
-\111\315\245\243\214\151\171\045\256\270\114\154\213\100\146\113
-\026\077\317\002\032\335\341\154\153\007\141\152\166\025\051\231
-\177\033\335\210\200\301\277\265\217\163\305\246\226\043\204\246
-\050\206\044\063\152\001\056\127\163\045\266\136\277\217\346\035
-\141\250\100\051\147\035\207\233\035\177\233\237\231\315\061\326
-\124\276\142\273\071\254\150\022\110\221\040\245\313\261\335\376
-\157\374\132\344\202\125\131\257\061\251
+\060\202\005\210\060\202\003\160\240\003\002\001\002\002\010\175
+\011\227\376\360\107\352\172\060\015\006\011\052\206\110\206\367
+\015\001\001\013\005\000\060\142\061\013\060\011\006\003\125\004
+\006\023\002\103\116\061\062\060\060\006\003\125\004\012\014\051
+\107\125\101\116\107\040\104\117\116\107\040\103\105\122\124\111
+\106\111\103\101\124\105\040\101\125\124\110\117\122\111\124\131
+\040\103\117\056\054\114\124\104\056\061\037\060\035\006\003\125
+\004\003\014\026\107\104\103\101\040\124\162\165\163\164\101\125
+\124\110\040\122\065\040\122\117\117\124\060\036\027\015\061\064
+\061\061\062\066\060\065\061\063\061\065\132\027\015\064\060\061
+\062\063\061\061\065\065\071\065\071\132\060\142\061\013\060\011
+\006\003\125\004\006\023\002\103\116\061\062\060\060\006\003\125
+\004\012\014\051\107\125\101\116\107\040\104\117\116\107\040\103
+\105\122\124\111\106\111\103\101\124\105\040\101\125\124\110\117
+\122\111\124\131\040\103\117\056\054\114\124\104\056\061\037\060
+\035\006\003\125\004\003\014\026\107\104\103\101\040\124\162\165
+\163\164\101\125\124\110\040\122\065\040\122\117\117\124\060\202
+\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
+\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000\331
+\243\026\360\310\164\164\167\233\357\063\015\073\006\176\125\374
+\265\140\217\166\206\022\102\175\126\146\076\210\202\355\162\143
+\016\236\213\335\064\054\002\121\121\303\031\375\131\124\204\311
+\361\153\263\114\260\351\350\106\135\070\306\242\247\056\021\127
+\272\202\025\242\234\217\155\260\231\112\012\362\353\211\160\143
+\116\171\304\267\133\275\242\135\261\362\101\002\053\255\251\072
+\243\354\171\012\354\137\072\343\375\357\200\074\255\064\233\032
+\253\210\046\173\126\242\202\206\037\353\065\211\203\177\137\256
+\051\116\075\266\156\354\256\301\360\047\233\256\343\364\354\357
+\256\177\367\206\075\162\172\353\245\373\131\116\247\353\225\214
+\042\071\171\341\055\010\217\314\274\221\270\101\367\024\301\043
+\251\303\255\232\105\104\263\262\327\054\315\306\051\342\120\020
+\256\134\313\202\216\027\030\066\175\227\346\210\232\260\115\064
+\011\364\054\271\132\146\052\260\027\233\236\036\166\235\112\146
+\061\101\337\077\373\305\006\357\033\266\176\032\106\066\367\144
+\143\073\343\071\030\043\347\147\165\024\325\165\127\222\067\275
+\276\152\033\046\120\362\066\046\006\220\305\160\001\144\155\166
+\146\341\221\333\156\007\300\141\200\056\262\056\057\214\160\247
+\321\073\074\263\221\344\156\266\304\073\160\362\154\222\227\011
+\315\107\175\030\300\363\273\236\017\326\213\256\007\266\132\017
+\316\013\014\107\247\345\076\270\275\175\307\233\065\240\141\227
+\072\101\165\027\314\053\226\167\052\222\041\036\331\225\166\040
+\147\150\317\015\275\337\326\037\011\152\232\342\314\163\161\244
+\057\175\022\200\267\123\060\106\136\113\124\231\017\147\311\245
+\310\362\040\301\202\354\235\021\337\302\002\373\032\073\321\355
+\040\232\357\145\144\222\020\015\052\342\336\160\361\030\147\202
+\214\141\336\270\274\321\057\234\373\017\320\053\355\033\166\271
+\344\071\125\370\370\241\035\270\252\200\000\114\202\347\262\177
+\011\270\274\060\240\057\015\365\122\236\216\367\222\263\012\000
+\035\000\124\227\006\340\261\007\331\307\017\134\145\175\074\155
+\131\127\344\355\245\215\351\100\123\237\025\113\240\161\366\032
+\041\343\332\160\006\041\130\024\207\205\167\171\252\202\171\002
+\003\001\000\001\243\102\060\100\060\035\006\003\125\035\016\004
+\026\004\024\342\311\100\237\115\316\350\232\241\174\317\016\077
+\145\305\051\210\152\031\121\060\017\006\003\125\035\023\001\001
+\377\004\005\060\003\001\001\377\060\016\006\003\125\035\017\001
+\001\377\004\004\003\002\001\206\060\015\006\011\052\206\110\206
+\367\015\001\001\013\005\000\003\202\002\001\000\321\111\127\340
+\247\314\150\130\272\001\017\053\031\315\215\260\141\105\254\021
+\355\143\120\151\370\037\177\276\026\217\375\235\353\013\252\062
+\107\166\322\147\044\355\275\174\063\062\227\052\307\005\206\146
+\015\027\175\024\025\033\324\353\375\037\232\366\136\227\151\267
+\032\045\244\012\263\221\077\137\066\254\213\354\127\250\076\347
+\201\212\030\127\071\205\164\032\102\307\351\133\023\137\217\371
+\010\351\222\164\215\365\107\322\253\073\326\373\170\146\116\066
+\175\371\351\222\351\004\336\375\111\143\374\155\373\024\161\223
+\147\057\107\112\267\271\377\036\052\163\160\106\060\277\132\362
+\057\171\245\341\215\014\331\371\262\143\067\214\067\145\205\160
+\152\134\133\011\162\271\255\143\074\261\335\370\374\062\277\067
+\206\344\273\216\230\047\176\272\037\026\341\160\021\362\003\337
+\045\142\062\047\046\030\062\204\237\377\000\072\023\272\232\115
+\364\117\270\024\160\042\261\312\053\220\316\051\301\160\364\057
+\235\177\362\220\036\326\132\337\267\106\374\346\206\372\313\340
+\040\166\172\272\246\313\365\174\336\142\245\261\213\356\336\202
+\146\212\116\072\060\037\077\200\313\255\047\272\014\136\327\320
+\261\126\312\167\161\262\265\165\241\120\251\100\103\027\302\050
+\331\317\122\213\133\310\143\324\102\076\240\063\172\106\056\367
+\012\040\106\124\176\152\117\061\361\201\176\102\164\070\145\163
+\047\356\306\174\270\216\327\245\072\327\230\241\234\214\020\125
+\323\333\113\354\100\220\362\315\156\127\322\142\016\174\127\223
+\261\247\155\315\235\203\273\052\347\345\266\073\161\130\255\375
+\321\105\274\132\221\356\123\025\157\323\105\011\165\156\272\220
+\135\036\004\317\067\337\036\250\146\261\214\346\040\152\357\374
+\110\116\164\230\102\257\051\157\056\152\307\373\175\321\146\061
+\042\314\206\000\176\146\203\014\102\364\275\064\222\303\032\352
+\117\312\176\162\115\013\160\214\246\110\273\246\241\024\366\373
+\130\104\231\024\256\252\013\223\151\240\051\045\112\245\313\053
+\335\212\146\007\026\170\025\127\161\033\354\365\107\204\363\236
+\061\067\172\325\177\044\255\344\274\375\375\314\156\203\350\014
+\250\267\101\154\007\335\275\074\206\227\057\322
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "Symantec Class 2 Public Primary Certification Authority - G6"
-# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Serial Number:64:82:9e:fc:37:1e:74:5d:fc:97:ff:97:c8:b1:ff:41
-# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Not Valid Before: Tue Oct 18 00:00:00 2011
-# Not Valid After : Tue Dec 01 23:59:59 2037
-# Fingerprint (SHA-256): CB:62:7D:18:B5:8A:D5:6D:DE:33:1A:30:45:6B:C6:5C:60:1A:4E:9B:18:DE:DC:EA:08:E7:DA:AA:07:81:5F:F0
-# Fingerprint (SHA1): 40:B3:31:A0:E9:BF:E8:55:BC:39:93:CA:70:4F:4E:C2:51:D4:1D:8F
+# Trust for "GDCA TrustAUTH R5 ROOT"
+# Issuer: CN=GDCA TrustAUTH R5 ROOT,O="GUANG DONG CERTIFICATE AUTHORITY CO.,LTD.",C=CN
+# Serial Number:7d:09:97:fe:f0:47:ea:7a
+# Subject: CN=GDCA TrustAUTH R5 ROOT,O="GUANG DONG CERTIFICATE AUTHORITY CO.,LTD.",C=CN
+# Not Valid Before: Wed Nov 26 05:13:15 2014
+# Not Valid After : Mon Dec 31 15:59:59 2040
+# Fingerprint (SHA-256): BF:FF:8F:D0:44:33:48:7D:6A:8A:A6:0C:1A:29:76:7A:9F:C2:BB:B0:5E:42:0F:71:3A:13:B9:92:89:1D:38:93
+# Fingerprint (SHA1): 0F:36:38:5B:81:1A:25:C3:9B:31:4E:83:CA:E9:34:66:70:CC:74:B4
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Symantec Class 2 Public Primary Certification Authority - G6"
+CKA_LABEL UTF8 "GDCA TrustAUTH R5 ROOT"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\100\263\061\240\351\277\350\125\274\071\223\312\160\117\116\302
-\121\324\035\217
+\017\066\070\133\201\032\045\303\233\061\116\203\312\351\064\146
+\160\314\164\264
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\175\013\203\345\373\174\255\007\117\040\251\265\337\143\355\171
+\143\314\331\075\064\065\134\157\123\243\342\010\160\110\037\264
END
CKA_ISSUER MULTILINE_OCTAL
-\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
-\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
-\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
-\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
-\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\066
+\060\142\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\062\060\060\006\003\125\004\012\014\051\107\125\101\116\107\040
+\104\117\116\107\040\103\105\122\124\111\106\111\103\101\124\105
+\040\101\125\124\110\117\122\111\124\131\040\103\117\056\054\114
+\124\104\056\061\037\060\035\006\003\125\004\003\014\026\107\104
+\103\101\040\124\162\165\163\164\101\125\124\110\040\122\065\040
+\122\117\117\124
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\144\202\236\374\067\036\164\135\374\227\377\227\310\261
-\377\101
+\002\010\175\011\227\376\360\107\352\172
END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "Symantec Class 1 Public Primary Certification Authority - G4"
+# Certificate "TrustCor RootCert CA-1"
#
-# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Serial Number:21:6e:33:a5:cb:d3:88:a4:6f:29:07:b4:27:3c:c4:d8
-# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Not Valid Before: Wed Oct 05 00:00:00 2011
-# Not Valid After : Mon Jan 18 23:59:59 2038
-# Fingerprint (SHA-256): 36:3F:3C:84:9E:AB:03:B0:A2:A0:F6:36:D7:B8:6D:04:D3:AC:7F:CF:E2:6A:0A:91:21:AB:97:95:F6:E1:76:DF
-# Fingerprint (SHA1): 84:F2:E3:DD:83:13:3E:A9:1D:19:52:7F:02:D7:29:BF:C1:5F:E6:67
+# Issuer: CN=TrustCor RootCert CA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
+# Serial Number:00:da:9b:ec:71:f3:03:b0:19
+# Subject: CN=TrustCor RootCert CA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
+# Not Valid Before: Thu Feb 04 12:32:16 2016
+# Not Valid After : Mon Dec 31 17:23:16 2029
+# Fingerprint (SHA-256): D4:0E:9C:86:CD:8F:E4:68:C1:77:69:59:F4:9E:A7:74:FA:54:86:84:B6:C4:06:F3:90:92:61:F4:DC:E2:57:5C
+# Fingerprint (SHA1): FF:BD:CD:E7:82:C8:43:5E:3C:6F:26:86:5C:CA:A8:3A:45:5B:C3:0A
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Symantec Class 1 Public Primary Certification Authority - G4"
+CKA_LABEL UTF8 "TrustCor RootCert CA-1"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
-\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
-\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
-\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
-\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\064
+\060\201\244\061\013\060\011\006\003\125\004\006\023\002\120\101
+\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
+\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
+\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
+\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
+\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
+\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\061\037\060\035\006\003\125\004\003\014
+\026\124\162\165\163\164\103\157\162\040\122\157\157\164\103\145
+\162\164\040\103\101\055\061
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
-\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
-\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
-\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
-\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\064
+\060\201\244\061\013\060\011\006\003\125\004\006\023\002\120\101
+\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
+\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
+\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
+\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
+\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
+\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\061\037\060\035\006\003\125\004\003\014
+\026\124\162\165\163\164\103\157\162\040\122\157\157\164\103\145
+\162\164\040\103\101\055\061
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\041\156\063\245\313\323\210\244\157\051\007\264\047\074
-\304\330
+\002\011\000\332\233\354\161\363\003\260\031
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\002\250\060\202\002\055\240\003\002\001\002\002\020\041
-\156\063\245\313\323\210\244\157\051\007\264\047\074\304\330\060
-\012\006\010\052\206\110\316\075\004\003\003\060\201\224\061\013
-\060\011\006\003\125\004\006\023\002\125\123\061\035\060\033\006
-\003\125\004\012\023\024\123\171\155\141\156\164\145\143\040\103
-\157\162\160\157\162\141\164\151\157\156\061\037\060\035\006\003
-\125\004\013\023\026\123\171\155\141\156\164\145\143\040\124\162
-\165\163\164\040\116\145\164\167\157\162\153\061\105\060\103\006
-\003\125\004\003\023\074\123\171\155\141\156\164\145\143\040\103
-\154\141\163\163\040\061\040\120\165\142\154\151\143\040\120\162
-\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040
-\107\064\060\036\027\015\061\061\061\060\060\065\060\060\060\060
-\060\060\132\027\015\063\070\060\061\061\070\062\063\065\071\065
-\071\132\060\201\224\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\035\060\033\006\003\125\004\012\023\024\123\171\155
-\141\156\164\145\143\040\103\157\162\160\157\162\141\164\151\157
-\156\061\037\060\035\006\003\125\004\013\023\026\123\171\155\141
-\156\164\145\143\040\124\162\165\163\164\040\116\145\164\167\157
-\162\153\061\105\060\103\006\003\125\004\003\023\074\123\171\155
-\141\156\164\145\143\040\103\154\141\163\163\040\061\040\120\165
-\142\154\151\143\040\120\162\151\155\141\162\171\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\055\040\107\064\060\166\060\020\006\007\052
-\206\110\316\075\002\001\006\005\053\201\004\000\042\003\142\000
-\004\327\146\265\033\333\256\263\140\356\106\352\210\143\165\073
-\052\224\155\363\137\022\366\343\017\236\266\012\024\123\110\122
-\310\334\072\263\313\110\040\046\022\116\372\211\204\324\337\221
-\344\051\175\050\001\331\333\030\103\151\241\037\265\323\206\026
-\334\307\177\147\043\337\337\061\061\203\003\065\160\261\113\267
-\310\027\273\121\313\334\224\027\333\352\011\073\166\022\336\252
-\265\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004
-\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
-\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
-\024\145\300\215\045\365\014\272\227\167\220\077\236\056\340\132
-\365\316\325\341\344\060\012\006\010\052\206\110\316\075\004\003
-\003\003\151\000\060\146\002\061\000\245\256\343\106\123\370\230
-\066\343\042\372\056\050\111\015\356\060\176\063\363\354\077\161
-\136\314\125\211\170\231\254\262\375\334\034\134\063\216\051\271
-\153\027\310\021\150\265\334\203\007\002\061\000\234\310\104\332
-\151\302\066\303\124\031\020\205\002\332\235\107\357\101\347\154
-\046\235\011\075\367\155\220\321\005\104\057\260\274\203\223\150
-\362\014\105\111\071\277\231\004\034\323\020\240
+\060\202\004\060\060\202\003\030\240\003\002\001\002\002\011\000
+\332\233\354\161\363\003\260\031\060\015\006\011\052\206\110\206
+\367\015\001\001\013\005\000\060\201\244\061\013\060\011\006\003
+\125\004\006\023\002\120\101\061\017\060\015\006\003\125\004\010
+\014\006\120\141\156\141\155\141\061\024\060\022\006\003\125\004
+\007\014\013\120\141\156\141\155\141\040\103\151\164\171\061\044
+\060\042\006\003\125\004\012\014\033\124\162\165\163\164\103\157
+\162\040\123\171\163\164\145\155\163\040\123\056\040\144\145\040
+\122\056\114\056\061\047\060\045\006\003\125\004\013\014\036\124
+\162\165\163\164\103\157\162\040\103\145\162\164\151\146\151\143
+\141\164\145\040\101\165\164\150\157\162\151\164\171\061\037\060
+\035\006\003\125\004\003\014\026\124\162\165\163\164\103\157\162
+\040\122\157\157\164\103\145\162\164\040\103\101\055\061\060\036
+\027\015\061\066\060\062\060\064\061\062\063\062\061\066\132\027
+\015\062\071\061\062\063\061\061\067\062\063\061\066\132\060\201
+\244\061\013\060\011\006\003\125\004\006\023\002\120\101\061\017
+\060\015\006\003\125\004\010\014\006\120\141\156\141\155\141\061
+\024\060\022\006\003\125\004\007\014\013\120\141\156\141\155\141
+\040\103\151\164\171\061\044\060\042\006\003\125\004\012\014\033
+\124\162\165\163\164\103\157\162\040\123\171\163\164\145\155\163
+\040\123\056\040\144\145\040\122\056\114\056\061\047\060\045\006
+\003\125\004\013\014\036\124\162\165\163\164\103\157\162\040\103
+\145\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157
+\162\151\164\171\061\037\060\035\006\003\125\004\003\014\026\124
+\162\165\163\164\103\157\162\040\122\157\157\164\103\145\162\164
+\040\103\101\055\061\060\202\001\042\060\015\006\011\052\206\110
+\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
+\012\002\202\001\001\000\277\216\267\225\342\302\046\022\153\063
+\031\307\100\130\012\253\131\252\215\000\243\374\200\307\120\173
+\216\324\040\046\272\062\022\330\043\124\111\045\020\042\230\235
+\106\322\301\311\236\116\033\056\054\016\070\363\032\045\150\034
+\246\132\005\346\036\213\110\277\230\226\164\076\151\312\351\265
+\170\245\006\274\325\000\136\011\012\362\047\172\122\374\055\325
+\261\352\264\211\141\044\363\032\023\333\251\317\122\355\014\044
+\272\271\236\354\176\000\164\372\223\255\154\051\222\256\121\264
+\273\323\127\277\263\363\250\215\234\364\044\113\052\326\231\236
+\364\236\376\300\176\102\072\347\013\225\123\332\267\150\016\220
+\114\373\160\077\217\112\054\224\363\046\335\143\151\251\224\330
+\020\116\305\107\010\220\231\033\027\115\271\154\156\357\140\225
+\021\216\041\200\265\275\240\163\330\320\262\167\304\105\352\132
+\046\373\146\166\166\370\006\037\141\155\017\125\305\203\267\020
+\126\162\006\007\245\363\261\032\003\005\144\016\235\132\212\326
+\206\160\033\044\336\376\050\212\053\320\152\260\374\172\242\334
+\262\171\016\213\145\017\002\003\001\000\001\243\143\060\141\060
+\035\006\003\125\035\016\004\026\004\024\356\153\111\074\172\077
+\015\343\261\011\267\212\310\253\031\237\163\063\120\347\060\037
+\006\003\125\035\043\004\030\060\026\200\024\356\153\111\074\172
+\077\015\343\261\011\267\212\310\253\031\237\163\063\120\347\060
+\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\206
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003
+\202\001\001\000\045\030\324\221\217\023\356\217\036\035\021\123
+\332\055\104\051\031\240\036\153\061\236\115\016\236\255\075\134
+\101\157\225\053\044\241\171\230\072\070\066\373\273\146\236\110
+\377\220\220\357\075\324\270\233\264\207\165\077\040\233\316\162
+\317\241\125\301\115\144\242\031\006\241\007\063\014\013\051\345
+\361\352\253\243\354\265\012\164\220\307\175\162\362\327\134\237
+\221\357\221\213\267\334\355\146\242\317\216\146\073\274\237\072
+\002\340\047\335\026\230\300\225\324\012\244\344\201\232\165\224
+\065\234\220\137\210\067\006\255\131\225\012\260\321\147\323\031
+\312\211\347\062\132\066\034\076\202\250\132\223\276\306\320\144
+\221\266\317\331\266\030\317\333\176\322\145\243\246\304\216\027
+\061\301\373\176\166\333\323\205\343\130\262\167\172\166\073\154
+\057\120\034\347\333\366\147\171\037\365\202\225\232\007\247\024
+\257\217\334\050\041\147\011\322\326\115\132\034\031\034\216\167
+\134\303\224\044\075\062\153\113\176\324\170\224\203\276\067\115
+\316\137\307\036\116\074\340\211\063\225\013\017\245\062\326\074
+\132\171\054\031
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "Symantec Class 1 Public Primary Certification Authority - G4"
-# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Serial Number:21:6e:33:a5:cb:d3:88:a4:6f:29:07:b4:27:3c:c4:d8
-# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Not Valid Before: Wed Oct 05 00:00:00 2011
-# Not Valid After : Mon Jan 18 23:59:59 2038
-# Fingerprint (SHA-256): 36:3F:3C:84:9E:AB:03:B0:A2:A0:F6:36:D7:B8:6D:04:D3:AC:7F:CF:E2:6A:0A:91:21:AB:97:95:F6:E1:76:DF
-# Fingerprint (SHA1): 84:F2:E3:DD:83:13:3E:A9:1D:19:52:7F:02:D7:29:BF:C1:5F:E6:67
+# Trust for "TrustCor RootCert CA-1"
+# Issuer: CN=TrustCor RootCert CA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
+# Serial Number:00:da:9b:ec:71:f3:03:b0:19
+# Subject: CN=TrustCor RootCert CA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
+# Not Valid Before: Thu Feb 04 12:32:16 2016
+# Not Valid After : Mon Dec 31 17:23:16 2029
+# Fingerprint (SHA-256): D4:0E:9C:86:CD:8F:E4:68:C1:77:69:59:F4:9E:A7:74:FA:54:86:84:B6:C4:06:F3:90:92:61:F4:DC:E2:57:5C
+# Fingerprint (SHA1): FF:BD:CD:E7:82:C8:43:5E:3C:6F:26:86:5C:CA:A8:3A:45:5B:C3:0A
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Symantec Class 1 Public Primary Certification Authority - G4"
+CKA_LABEL UTF8 "TrustCor RootCert CA-1"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\204\362\343\335\203\023\076\251\035\031\122\177\002\327\051\277
-\301\137\346\147
+\377\275\315\347\202\310\103\136\074\157\046\206\134\312\250\072
+\105\133\303\012
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\004\345\200\077\125\377\131\207\244\062\322\025\245\345\252\346
+\156\205\361\334\032\000\323\042\325\262\262\254\153\067\005\105
END
CKA_ISSUER MULTILINE_OCTAL
-\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
-\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
-\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
-\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
-\164\145\143\040\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\064
+\060\201\244\061\013\060\011\006\003\125\004\006\023\002\120\101
+\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
+\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
+\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
+\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
+\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
+\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\061\037\060\035\006\003\125\004\003\014
+\026\124\162\165\163\164\103\157\162\040\122\157\157\164\103\145
+\162\164\040\103\101\055\061
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\041\156\063\245\313\323\210\244\157\051\007\264\047\074
-\304\330
+\002\011\000\332\233\354\161\363\003\260\031
END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "Symantec Class 2 Public Primary Certification Authority - G4"
+# Certificate "TrustCor RootCert CA-2"
#
-# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Serial Number:34:17:65:12:40:3b:b7:56:80:2d:80:cb:79:55:a6:1e
-# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Not Valid Before: Wed Oct 05 00:00:00 2011
-# Not Valid After : Mon Jan 18 23:59:59 2038
-# Fingerprint (SHA-256): FE:86:3D:08:22:FE:7A:23:53:FA:48:4D:59:24:E8:75:65:6D:3D:C9:FB:58:77:1F:6F:61:6F:9D:57:1B:C5:92
-# Fingerprint (SHA1): 67:24:90:2E:48:01:B0:22:96:40:10:46:B4:B1:67:2C:A9:75:FD:2B
+# Issuer: CN=TrustCor RootCert CA-2,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
+# Serial Number:25:a1:df:ca:33:cb:59:02
+# Subject: CN=TrustCor RootCert CA-2,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
+# Not Valid Before: Thu Feb 04 12:32:23 2016
+# Not Valid After : Sun Dec 31 17:26:39 2034
+# Fingerprint (SHA-256): 07:53:E9:40:37:8C:1B:D5:E3:83:6E:39:5D:AE:A5:CB:83:9E:50:46:F1:BD:0E:AE:19:51:CF:10:FE:C7:C9:65
+# Fingerprint (SHA1): B8:BE:6D:CB:56:F1:55:B9:63:D4:12:CA:4E:06:34:C7:94:B2:1C:C0
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Symantec Class 2 Public Primary Certification Authority - G4"
+CKA_LABEL UTF8 "TrustCor RootCert CA-2"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
-\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
-\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
-\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
-\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\064
+\060\201\244\061\013\060\011\006\003\125\004\006\023\002\120\101
+\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
+\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
+\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
+\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
+\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
+\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\061\037\060\035\006\003\125\004\003\014
+\026\124\162\165\163\164\103\157\162\040\122\157\157\164\103\145
+\162\164\040\103\101\055\062
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
-\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
-\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
-\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
-\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\064
+\060\201\244\061\013\060\011\006\003\125\004\006\023\002\120\101
+\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
+\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
+\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
+\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
+\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
+\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\061\037\060\035\006\003\125\004\003\014
+\026\124\162\165\163\164\103\157\162\040\122\157\157\164\103\145
+\162\164\040\103\101\055\062
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\064\027\145\022\100\073\267\126\200\055\200\313\171\125
-\246\036
+\002\010\045\241\337\312\063\313\131\002
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\002\250\060\202\002\055\240\003\002\001\002\002\020\064
-\027\145\022\100\073\267\126\200\055\200\313\171\125\246\036\060
-\012\006\010\052\206\110\316\075\004\003\003\060\201\224\061\013
-\060\011\006\003\125\004\006\023\002\125\123\061\035\060\033\006
-\003\125\004\012\023\024\123\171\155\141\156\164\145\143\040\103
-\157\162\160\157\162\141\164\151\157\156\061\037\060\035\006\003
-\125\004\013\023\026\123\171\155\141\156\164\145\143\040\124\162
-\165\163\164\040\116\145\164\167\157\162\153\061\105\060\103\006
-\003\125\004\003\023\074\123\171\155\141\156\164\145\143\040\103
-\154\141\163\163\040\062\040\120\165\142\154\151\143\040\120\162
-\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040
-\107\064\060\036\027\015\061\061\061\060\060\065\060\060\060\060
-\060\060\132\027\015\063\070\060\061\061\070\062\063\065\071\065
-\071\132\060\201\224\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\035\060\033\006\003\125\004\012\023\024\123\171\155
-\141\156\164\145\143\040\103\157\162\160\157\162\141\164\151\157
-\156\061\037\060\035\006\003\125\004\013\023\026\123\171\155\141
-\156\164\145\143\040\124\162\165\163\164\040\116\145\164\167\157
-\162\153\061\105\060\103\006\003\125\004\003\023\074\123\171\155
-\141\156\164\145\143\040\103\154\141\163\163\040\062\040\120\165
-\142\154\151\143\040\120\162\151\155\141\162\171\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\055\040\107\064\060\166\060\020\006\007\052
-\206\110\316\075\002\001\006\005\053\201\004\000\042\003\142\000
-\004\321\331\112\216\114\015\204\112\121\272\174\357\323\314\372
-\072\232\265\247\143\023\075\001\340\111\076\372\301\107\311\222
-\263\072\327\376\157\234\367\232\072\017\365\016\012\012\303\077
-\310\347\022\024\216\325\325\155\230\054\263\161\062\012\353\052
-\275\366\327\152\040\013\147\105\234\322\262\277\123\042\146\011
-\135\333\021\363\361\005\063\130\243\342\270\317\174\315\202\233
-\275\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004
-\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
-\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
-\024\075\062\363\072\251\014\220\204\371\242\214\151\006\141\124
-\057\207\162\376\005\060\012\006\010\052\206\110\316\075\004\003
-\003\003\151\000\060\146\002\061\000\310\246\251\257\101\177\265
-\311\021\102\026\150\151\114\134\270\047\030\266\230\361\300\177
-\220\155\207\323\214\106\027\360\076\117\374\352\260\010\304\172
-\113\274\010\057\307\342\247\157\145\002\061\000\326\131\336\206
-\316\137\016\312\124\325\306\320\025\016\374\213\224\162\324\216
-\000\130\123\317\176\261\113\015\345\120\206\353\236\153\337\377
-\051\246\330\107\331\240\226\030\333\362\105\263
-END
-CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-
-# Trust for "Symantec Class 2 Public Primary Certification Authority - G4"
-# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Serial Number:34:17:65:12:40:3b:b7:56:80:2d:80:cb:79:55:a6:1e
-# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US
-# Not Valid Before: Wed Oct 05 00:00:00 2011
-# Not Valid After : Mon Jan 18 23:59:59 2038
-# Fingerprint (SHA-256): FE:86:3D:08:22:FE:7A:23:53:FA:48:4D:59:24:E8:75:65:6D:3D:C9:FB:58:77:1F:6F:61:6F:9D:57:1B:C5:92
-# Fingerprint (SHA1): 67:24:90:2E:48:01:B0:22:96:40:10:46:B4:B1:67:2C:A9:75:FD:2B
+\060\202\006\057\060\202\004\027\240\003\002\001\002\002\010\045
+\241\337\312\063\313\131\002\060\015\006\011\052\206\110\206\367
+\015\001\001\013\005\000\060\201\244\061\013\060\011\006\003\125
+\004\006\023\002\120\101\061\017\060\015\006\003\125\004\010\014
+\006\120\141\156\141\155\141\061\024\060\022\006\003\125\004\007
+\014\013\120\141\156\141\155\141\040\103\151\164\171\061\044\060
+\042\006\003\125\004\012\014\033\124\162\165\163\164\103\157\162
+\040\123\171\163\164\145\155\163\040\123\056\040\144\145\040\122
+\056\114\056\061\047\060\045\006\003\125\004\013\014\036\124\162
+\165\163\164\103\157\162\040\103\145\162\164\151\146\151\143\141
+\164\145\040\101\165\164\150\157\162\151\164\171\061\037\060\035
+\006\003\125\004\003\014\026\124\162\165\163\164\103\157\162\040
+\122\157\157\164\103\145\162\164\040\103\101\055\062\060\036\027
+\015\061\066\060\062\060\064\061\062\063\062\062\063\132\027\015
+\063\064\061\062\063\061\061\067\062\066\063\071\132\060\201\244
+\061\013\060\011\006\003\125\004\006\023\002\120\101\061\017\060
+\015\006\003\125\004\010\014\006\120\141\156\141\155\141\061\024
+\060\022\006\003\125\004\007\014\013\120\141\156\141\155\141\040
+\103\151\164\171\061\044\060\042\006\003\125\004\012\014\033\124
+\162\165\163\164\103\157\162\040\123\171\163\164\145\155\163\040
+\123\056\040\144\145\040\122\056\114\056\061\047\060\045\006\003
+\125\004\013\014\036\124\162\165\163\164\103\157\162\040\103\145
+\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162
+\151\164\171\061\037\060\035\006\003\125\004\003\014\026\124\162
+\165\163\164\103\157\162\040\122\157\157\164\103\145\162\164\040
+\103\101\055\062\060\202\002\042\060\015\006\011\052\206\110\206
+\367\015\001\001\001\005\000\003\202\002\017\000\060\202\002\012
+\002\202\002\001\000\247\040\156\302\052\242\142\044\225\220\166
+\310\070\176\200\322\253\301\233\145\005\224\364\301\012\020\325
+\002\254\355\237\223\307\207\310\260\047\053\102\014\075\012\076
+\101\132\236\165\335\215\312\340\233\354\150\062\244\151\222\150
+\214\013\201\016\126\240\076\032\335\054\045\024\202\057\227\323
+\144\106\364\124\251\334\072\124\055\061\053\231\202\362\331\052
+\327\357\161\000\270\061\244\276\172\044\007\303\102\040\362\212
+\324\222\004\033\145\126\114\154\324\373\266\141\132\107\043\264
+\330\151\264\267\072\320\164\074\014\165\241\214\116\166\241\351
+\333\052\245\073\372\316\260\377\176\152\050\375\047\034\310\261
+\351\051\361\127\156\144\264\320\301\025\155\016\276\056\016\106
+\310\136\364\121\376\357\016\143\072\073\161\272\317\157\131\312
+\014\343\233\135\111\270\114\342\127\261\230\212\102\127\234\166
+\357\357\275\321\150\250\322\364\011\273\167\065\276\045\202\010
+\304\026\054\104\040\126\251\104\021\167\357\135\264\035\252\136
+\153\076\213\062\366\007\057\127\004\222\312\365\376\235\302\351
+\350\263\216\114\113\002\061\331\344\074\110\202\047\367\030\202
+\166\110\072\161\261\023\241\071\325\056\305\064\302\035\142\205
+\337\003\376\115\364\257\075\337\134\133\215\372\160\341\245\176
+\047\307\206\056\152\217\022\306\204\136\103\121\120\234\031\233
+\170\346\374\366\355\107\176\173\075\146\357\023\023\210\137\074
+\241\143\373\371\254\207\065\237\363\202\236\244\077\012\234\061
+\151\213\231\244\210\112\216\156\146\115\357\026\304\017\171\050
+\041\140\015\205\026\175\327\124\070\361\222\126\375\265\063\114
+\203\334\327\020\237\113\375\306\370\102\275\272\174\163\002\340
+\377\175\315\133\341\324\254\141\173\127\325\112\173\133\324\205
+\130\047\135\277\370\053\140\254\240\046\256\024\041\047\306\167
+\232\063\200\074\136\106\077\367\303\261\243\206\063\306\350\136
+\015\271\065\054\252\106\301\205\002\165\200\240\353\044\373\025
+\252\344\147\177\156\167\077\364\004\212\057\174\173\343\027\141
+\360\335\011\251\040\310\276\011\244\320\176\104\303\262\060\112
+\070\252\251\354\030\232\007\202\053\333\270\234\030\255\332\340
+\106\027\254\317\135\002\003\001\000\001\243\143\060\141\060\035
+\006\003\125\035\016\004\026\004\024\331\376\041\100\156\224\236
+\274\233\075\234\175\230\040\031\345\214\060\142\262\060\037\006
+\003\125\035\043\004\030\060\026\200\024\331\376\041\100\156\224
+\236\274\233\075\234\175\230\040\031\345\214\060\142\262\060\017
+\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
+\016\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202
+\002\001\000\236\105\236\014\073\266\357\341\072\310\174\321\000
+\075\317\342\352\006\265\262\072\273\006\113\150\172\320\043\227
+\164\247\054\360\010\330\171\132\327\132\204\212\330\022\232\033
+\331\175\134\115\160\305\245\371\253\345\243\211\211\335\001\372
+\354\335\371\351\222\227\333\260\106\102\363\323\142\252\225\376
+\061\147\024\151\130\220\012\252\013\356\067\043\307\120\121\264
+\365\176\236\343\173\367\344\314\102\062\055\111\014\313\377\111
+\014\233\036\064\375\156\156\226\212\171\003\266\157\333\011\313
+\375\137\145\024\067\341\070\365\363\141\026\130\344\265\155\015
+\013\004\033\077\120\055\177\263\307\172\032\026\200\140\370\212
+\037\351\033\052\306\371\272\001\032\151\277\322\130\307\124\127
+\010\217\341\071\140\167\113\254\131\204\032\210\361\335\313\117
+\170\327\347\341\063\055\374\356\101\372\040\260\276\313\367\070
+\224\300\341\320\205\017\273\355\054\163\253\355\376\222\166\032
+\144\177\133\015\063\011\007\063\173\006\077\021\244\134\160\074
+\205\300\317\343\220\250\203\167\372\333\346\305\214\150\147\020
+\147\245\122\055\360\304\231\217\177\277\321\153\342\265\107\326
+\331\320\205\231\115\224\233\017\113\215\356\000\132\107\035\021
+\003\254\101\030\257\207\267\157\014\072\217\312\317\334\003\301
+\242\011\310\345\375\200\136\310\140\102\001\033\032\123\132\273
+\067\246\267\274\272\204\351\036\154\032\324\144\332\324\103\376
+\223\213\113\362\054\171\026\020\324\223\013\210\217\241\330\206
+\024\106\221\107\233\050\044\357\127\122\116\134\102\234\252\367
+\111\354\047\350\100\036\263\246\211\042\162\234\365\015\063\264
+\130\243\060\073\335\324\152\124\223\276\032\115\363\223\224\367
+\374\204\013\077\204\040\134\064\003\104\305\332\255\274\012\301
+\002\317\036\345\224\331\363\216\133\330\114\360\235\354\141\027
+\273\024\062\124\014\002\051\223\036\222\206\366\177\357\347\222
+\005\016\131\335\231\010\056\056\372\234\000\122\323\305\146\051
+\344\247\227\104\244\016\050\201\023\065\305\366\157\144\346\101
+\304\325\057\314\064\105\045\317\101\000\226\075\112\056\302\226
+\230\117\116\112\234\227\267\333\037\222\062\310\377\017\121\156
+\326\354\011
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+
+# Trust for "TrustCor RootCert CA-2"
+# Issuer: CN=TrustCor RootCert CA-2,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
+# Serial Number:25:a1:df:ca:33:cb:59:02
+# Subject: CN=TrustCor RootCert CA-2,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
+# Not Valid Before: Thu Feb 04 12:32:23 2016
+# Not Valid After : Sun Dec 31 17:26:39 2034
+# Fingerprint (SHA-256): 07:53:E9:40:37:8C:1B:D5:E3:83:6E:39:5D:AE:A5:CB:83:9E:50:46:F1:BD:0E:AE:19:51:CF:10:FE:C7:C9:65
+# Fingerprint (SHA1): B8:BE:6D:CB:56:F1:55:B9:63:D4:12:CA:4E:06:34:C7:94:B2:1C:C0
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Symantec Class 2 Public Primary Certification Authority - G4"
+CKA_LABEL UTF8 "TrustCor RootCert CA-2"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\147\044\220\056\110\001\260\042\226\100\020\106\264\261\147\054
-\251\165\375\053
+\270\276\155\313\126\361\125\271\143\324\022\312\116\006\064\307
+\224\262\034\300
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\160\325\060\361\332\224\227\324\327\164\337\276\355\150\336\226
+\242\341\370\030\013\272\105\325\307\101\052\273\067\122\105\144
END
CKA_ISSUER MULTILINE_OCTAL
-\060\201\224\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\123\171\155\141\156
-\164\145\143\040\103\157\162\160\157\162\141\164\151\157\156\061
-\037\060\035\006\003\125\004\013\023\026\123\171\155\141\156\164
-\145\143\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\105\060\103\006\003\125\004\003\023\074\123\171\155\141\156
-\164\145\143\040\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\064
+\060\201\244\061\013\060\011\006\003\125\004\006\023\002\120\101
+\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
+\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
+\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
+\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
+\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
+\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\061\037\060\035\006\003\125\004\003\014
+\026\124\162\165\163\164\103\157\162\040\122\157\157\164\103\145
+\162\164\040\103\101\055\062
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\020\064\027\145\022\100\073\267\126\200\055\200\313\171\125
-\246\036
+\002\010\045\241\337\312\063\313\131\002
END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "D-TRUST Root CA 3 2013"
+# Certificate "TrustCor ECA-1"
#
-# Issuer: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
-# Serial Number: 1039788 (0xfddac)
-# Subject: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
-# Not Valid Before: Fri Sep 20 08:25:51 2013
-# Not Valid After : Wed Sep 20 08:25:51 2028
-# Fingerprint (SHA-256): A1:A8:6D:04:12:1E:B8:7F:02:7C:66:F5:33:03:C2:8E:57:39:F9:43:FC:84:B3:8A:D6:AF:00:90:35:DD:94:57
-# Fingerprint (SHA1): 6C:7C:CC:E7:D4:AE:51:5F:99:08:CD:3F:F6:E8:C3:78:DF:6F:EF:97
+# Issuer: CN=TrustCor ECA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
+# Serial Number:00:84:82:2c:5f:1c:62:d0:40
+# Subject: CN=TrustCor ECA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
+# Not Valid Before: Thu Feb 04 12:32:33 2016
+# Not Valid After : Mon Dec 31 17:28:07 2029
+# Fingerprint (SHA-256): 5A:88:5D:B1:9C:01:D9:12:C5:75:93:88:93:8C:AF:BB:DF:03:1A:B2:D4:8E:91:EE:15:58:9B:42:97:1D:03:9C
+# Fingerprint (SHA1): 58:D1:DF:95:95:67:6B:63:C0:F0:5B:1C:17:4D:8B:84:0B:C8:78:BD
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "D-TRUST Root CA 3 2013"
+CKA_LABEL UTF8 "TrustCor ECA-1"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
-\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003\014
-\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103\101
-\040\063\040\062\060\061\063
+\060\201\234\061\013\060\011\006\003\125\004\006\023\002\120\101
+\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
+\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
+\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
+\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
+\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
+\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\061\027\060\025\006\003\125\004\003\014
+\016\124\162\165\163\164\103\157\162\040\105\103\101\055\061
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
-\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003\014
-\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103\101
-\040\063\040\062\060\061\063
+\060\201\234\061\013\060\011\006\003\125\004\006\023\002\120\101
+\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
+\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
+\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
+\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
+\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
+\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\061\027\060\025\006\003\125\004\003\014
+\016\124\162\165\163\164\103\157\162\040\105\103\101\055\061
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\003\017\335\254
+\002\011\000\204\202\054\137\034\142\320\100
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\004\016\060\202\002\366\240\003\002\001\002\002\003\017
-\335\254\060\015\006\011\052\206\110\206\367\015\001\001\013\005
-\000\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165
-\163\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003
-\014\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103
-\101\040\063\040\062\060\061\063\060\036\027\015\061\063\060\071
-\062\060\060\070\062\065\065\061\132\027\015\062\070\060\071\062
-\060\060\070\062\065\065\061\132\060\105\061\013\060\011\006\003
-\125\004\006\023\002\104\105\061\025\060\023\006\003\125\004\012
-\014\014\104\055\124\162\165\163\164\040\107\155\142\110\061\037
-\060\035\006\003\125\004\003\014\026\104\055\124\122\125\123\124
-\040\122\157\157\164\040\103\101\040\063\040\062\060\061\063\060
-\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001
-\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000
-\304\173\102\222\202\037\354\355\124\230\216\022\300\312\011\337
-\223\156\072\223\134\033\344\020\167\236\116\151\210\154\366\341
-\151\362\366\233\242\141\261\275\007\040\164\230\145\361\214\046
-\010\315\250\065\312\200\066\321\143\155\350\104\172\202\303\154
-\136\336\273\350\066\322\304\150\066\214\237\062\275\204\042\340
-\334\302\356\020\106\071\155\257\223\071\256\207\346\303\274\011
-\311\054\153\147\133\331\233\166\165\114\013\340\273\305\327\274
-\076\171\362\137\276\321\220\127\371\256\366\146\137\061\277\323
-\155\217\247\272\112\363\043\145\273\267\357\243\045\327\012\352
-\130\266\357\210\372\372\171\262\122\130\325\360\254\214\241\121
-\164\051\225\252\121\073\220\062\003\237\034\162\164\220\336\075
-\355\141\322\345\343\375\144\107\345\271\267\112\251\367\037\256
-\226\206\004\254\057\343\244\201\167\267\132\026\377\330\017\077
-\366\267\170\314\244\257\372\133\074\022\133\250\122\211\162\357
-\210\363\325\104\201\206\225\043\237\173\335\274\331\064\357\174
-\224\074\252\300\101\302\343\235\120\032\300\344\031\042\374\263
-\002\003\001\000\001\243\202\001\005\060\202\001\001\060\017\006
-\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\035
-\006\003\125\035\016\004\026\004\024\077\220\310\175\307\025\157
-\363\044\217\251\303\057\113\242\017\041\262\057\347\060\016\006
-\003\125\035\017\001\001\377\004\004\003\002\001\006\060\201\276
-\006\003\125\035\037\004\201\266\060\201\263\060\164\240\162\240
-\160\206\156\154\144\141\160\072\057\057\144\151\162\145\143\164
-\157\162\171\056\144\055\164\162\165\163\164\056\156\145\164\057
-\103\116\075\104\055\124\122\125\123\124\045\062\060\122\157\157
-\164\045\062\060\103\101\045\062\060\063\045\062\060\062\060\061
-\063\054\117\075\104\055\124\162\165\163\164\045\062\060\107\155
-\142\110\054\103\075\104\105\077\143\145\162\164\151\146\151\143
-\141\164\145\162\145\166\157\143\141\164\151\157\156\154\151\163
-\164\060\073\240\071\240\067\206\065\150\164\164\160\072\057\057
-\143\162\154\056\144\055\164\162\165\163\164\056\156\145\164\057
-\143\162\154\057\144\055\164\162\165\163\164\137\162\157\157\164
-\137\143\141\137\063\137\062\060\061\063\056\143\162\154\060\015
-\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202\001
-\001\000\016\131\016\130\344\164\110\043\104\317\064\041\265\234
-\024\032\255\232\113\267\263\210\155\134\251\027\160\360\052\237
-\215\173\371\173\205\372\307\071\350\020\010\260\065\053\137\317
-\002\322\323\234\310\013\036\356\005\124\256\067\223\004\011\175
-\154\217\302\164\274\370\034\224\276\061\001\100\055\363\044\040
-\267\204\125\054\134\310\365\164\112\020\031\213\243\307\355\065
-\326\011\110\323\016\300\272\071\250\260\106\002\260\333\306\210
-\131\302\276\374\173\261\053\317\176\142\207\125\226\314\001\157
-\233\147\041\225\065\213\370\020\374\161\033\267\113\067\151\246
-\073\326\354\213\356\301\260\363\045\311\217\222\175\241\352\303
-\312\104\277\046\245\164\222\234\343\164\353\235\164\331\313\115
-\207\330\374\264\151\154\213\240\103\007\140\170\227\351\331\223
-\174\302\106\274\233\067\122\243\355\212\074\023\251\173\123\113
-\111\232\021\005\054\013\156\126\254\037\056\202\154\340\151\147
-\265\016\155\055\331\344\300\025\361\077\372\030\162\341\025\155
-\047\133\055\060\050\053\237\110\232\144\053\231\357\362\165\111
-\137\134
+\060\202\004\040\060\202\003\010\240\003\002\001\002\002\011\000
+\204\202\054\137\034\142\320\100\060\015\006\011\052\206\110\206
+\367\015\001\001\013\005\000\060\201\234\061\013\060\011\006\003
+\125\004\006\023\002\120\101\061\017\060\015\006\003\125\004\010
+\014\006\120\141\156\141\155\141\061\024\060\022\006\003\125\004
+\007\014\013\120\141\156\141\155\141\040\103\151\164\171\061\044
+\060\042\006\003\125\004\012\014\033\124\162\165\163\164\103\157
+\162\040\123\171\163\164\145\155\163\040\123\056\040\144\145\040
+\122\056\114\056\061\047\060\045\006\003\125\004\013\014\036\124
+\162\165\163\164\103\157\162\040\103\145\162\164\151\146\151\143
+\141\164\145\040\101\165\164\150\157\162\151\164\171\061\027\060
+\025\006\003\125\004\003\014\016\124\162\165\163\164\103\157\162
+\040\105\103\101\055\061\060\036\027\015\061\066\060\062\060\064
+\061\062\063\062\063\063\132\027\015\062\071\061\062\063\061\061
+\067\062\070\060\067\132\060\201\234\061\013\060\011\006\003\125
+\004\006\023\002\120\101\061\017\060\015\006\003\125\004\010\014
+\006\120\141\156\141\155\141\061\024\060\022\006\003\125\004\007
+\014\013\120\141\156\141\155\141\040\103\151\164\171\061\044\060
+\042\006\003\125\004\012\014\033\124\162\165\163\164\103\157\162
+\040\123\171\163\164\145\155\163\040\123\056\040\144\145\040\122
+\056\114\056\061\047\060\045\006\003\125\004\013\014\036\124\162
+\165\163\164\103\157\162\040\103\145\162\164\151\146\151\143\141
+\164\145\040\101\165\164\150\157\162\151\164\171\061\027\060\025
+\006\003\125\004\003\014\016\124\162\165\163\164\103\157\162\040
+\105\103\101\055\061\060\202\001\042\060\015\006\011\052\206\110
+\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
+\012\002\202\001\001\000\317\217\340\021\265\237\250\166\166\333
+\337\017\124\357\163\143\051\202\255\107\306\243\153\355\376\137
+\063\370\103\121\351\032\063\221\061\027\240\164\304\324\247\001
+\346\262\222\076\152\235\355\016\371\164\230\100\323\077\003\200
+\006\202\100\350\261\342\247\121\247\035\203\046\153\253\336\372
+\027\221\053\330\306\254\036\261\236\031\001\325\227\246\352\015
+\267\304\125\037\047\174\322\010\325\166\037\051\025\207\100\071
+\335\070\105\021\165\320\232\247\064\340\277\315\310\122\035\271
+\107\176\015\270\273\306\014\366\163\127\026\132\176\103\221\037
+\125\072\306\155\104\004\252\234\251\234\247\114\211\027\203\256
+\243\004\136\122\200\213\036\022\045\021\031\327\014\175\175\061
+\104\101\352\333\257\260\034\357\201\320\054\305\232\041\233\075
+\355\102\073\120\046\362\354\316\161\141\006\142\041\124\116\177
+\301\235\076\177\040\214\200\313\052\330\227\142\310\203\063\221
+\175\260\242\132\017\127\350\073\314\362\045\262\324\174\057\354
+\115\306\241\072\025\172\347\266\135\065\365\366\110\112\066\105
+\146\324\272\230\130\301\002\003\001\000\001\243\143\060\141\060
+\035\006\003\125\035\016\004\026\004\024\104\236\110\365\314\155
+\110\324\240\113\177\376\131\044\057\203\227\231\232\206\060\037
+\006\003\125\035\043\004\030\060\026\200\024\104\236\110\365\314
+\155\110\324\240\113\177\376\131\044\057\203\227\231\232\206\060
+\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
+\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\206
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003
+\202\001\001\000\005\076\065\134\025\160\233\311\307\163\141\157
+\162\053\324\302\217\362\103\135\002\316\304\224\271\224\021\203
+\147\135\342\147\154\165\166\277\273\014\252\066\306\255\107\223
+\143\334\036\176\326\336\056\376\351\031\062\070\003\177\024\366
+\000\163\054\131\261\041\006\341\373\254\030\225\014\243\377\231
+\226\367\053\047\233\325\044\314\035\335\301\072\340\230\104\260
+\304\344\076\167\261\163\251\144\054\366\034\001\174\077\135\105
+\205\300\205\347\045\217\225\334\027\363\074\237\032\156\260\312
+\343\035\052\351\114\143\372\044\141\142\326\332\176\266\034\154
+\365\002\035\324\052\335\125\220\353\052\021\107\074\056\136\164
+\262\202\042\245\175\123\037\105\354\047\221\175\347\042\026\350
+\300\150\066\330\306\361\117\200\104\062\371\341\321\321\035\252
+\336\250\253\234\004\257\255\040\016\144\230\115\245\153\300\110
+\130\226\151\115\334\007\214\121\223\242\337\237\017\075\213\140
+\264\202\215\252\010\116\142\105\340\371\013\322\340\340\074\133
+\336\134\161\047\045\302\346\003\201\213\020\123\343\307\125\242
+\264\237\327\346
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "D-TRUST Root CA 3 2013"
-# Issuer: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
-# Serial Number: 1039788 (0xfddac)
-# Subject: CN=D-TRUST Root CA 3 2013,O=D-Trust GmbH,C=DE
-# Not Valid Before: Fri Sep 20 08:25:51 2013
-# Not Valid After : Wed Sep 20 08:25:51 2028
-# Fingerprint (SHA-256): A1:A8:6D:04:12:1E:B8:7F:02:7C:66:F5:33:03:C2:8E:57:39:F9:43:FC:84:B3:8A:D6:AF:00:90:35:DD:94:57
-# Fingerprint (SHA1): 6C:7C:CC:E7:D4:AE:51:5F:99:08:CD:3F:F6:E8:C3:78:DF:6F:EF:97
+# Trust for "TrustCor ECA-1"
+# Issuer: CN=TrustCor ECA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
+# Serial Number:00:84:82:2c:5f:1c:62:d0:40
+# Subject: CN=TrustCor ECA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
+# Not Valid Before: Thu Feb 04 12:32:33 2016
+# Not Valid After : Mon Dec 31 17:28:07 2029
+# Fingerprint (SHA-256): 5A:88:5D:B1:9C:01:D9:12:C5:75:93:88:93:8C:AF:BB:DF:03:1A:B2:D4:8E:91:EE:15:58:9B:42:97:1D:03:9C
+# Fingerprint (SHA1): 58:D1:DF:95:95:67:6B:63:C0:F0:5B:1C:17:4D:8B:84:0B:C8:78:BD
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "D-TRUST Root CA 3 2013"
+CKA_LABEL UTF8 "TrustCor ECA-1"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\154\174\314\347\324\256\121\137\231\010\315\077\366\350\303\170
-\337\157\357\227
+\130\321\337\225\225\147\153\143\300\360\133\034\027\115\213\204
+\013\310\170\275
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\267\042\146\230\176\326\003\340\301\161\346\165\315\126\105\277
+\047\222\043\035\012\365\100\174\351\346\153\235\330\365\347\154
END
CKA_ISSUER MULTILINE_OCTAL
-\060\105\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\025\060\023\006\003\125\004\012\014\014\104\055\124\162\165\163
-\164\040\107\155\142\110\061\037\060\035\006\003\125\004\003\014
-\026\104\055\124\122\125\123\124\040\122\157\157\164\040\103\101
-\040\063\040\062\060\061\063
+\060\201\234\061\013\060\011\006\003\125\004\006\023\002\120\101
+\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
+\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
+\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
+\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
+\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
+\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
+\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
+\150\157\162\151\164\171\061\027\060\025\006\003\125\004\003\014
+\016\124\162\165\163\164\103\157\162\040\105\103\101\055\061
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\003\017\335\254
+\002\011\000\204\202\054\137\034\142\320\100
END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+# Certificate "SSL.com Root Certification Authority RSA"
#
-# Issuer: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
-# Serial Number: 1 (0x1)
-# Subject: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
-# Not Valid Before: Mon Nov 25 08:25:55 2013
-# Not Valid After : Sun Oct 25 08:25:55 2043
-# Fingerprint (SHA-256): 46:ED:C3:68:90:46:D5:3A:45:3F:B3:10:4A:B8:0D:CA:EC:65:8B:26:60:EA:16:29:DD:7E:86:79:90:64:87:16
-# Fingerprint (SHA1): 31:43:64:9B:EC:CE:27:EC:ED:3A:3F:0B:8F:0D:E4:E8:91:DD:EE:CA
+# Issuer: CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Serial Number:7b:2c:9b:d3:16:80:32:99
+# Subject: CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Not Valid Before: Fri Feb 12 17:39:39 2016
+# Not Valid After : Tue Feb 12 17:39:39 2041
+# Fingerprint (SHA-256): 85:66:6A:56:2E:E0:BE:5C:E9:25:C1:D8:89:0A:6F:76:A8:7E:C1:6D:4D:7D:5F:29:EA:74:19:CF:20:12:3B:69
+# Fingerprint (SHA1): B7:AB:33:08:D1:EA:44:77:BA:14:80:12:5A:6F:BD:A9:36:49:0C:BB
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+CKA_LABEL UTF8 "SSL.com Root Certification Authority RSA"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122
-\061\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145
-\040\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003
-\125\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154
-\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
-\152\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165
-\162\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055
-\060\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145
-\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
-\145\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060
-\064\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040
-\113\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040
-\123\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165
-\162\165\155\040\061
+\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
+\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
+\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
+\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057\006
+\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122\157
+\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171\040\122\123\101
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122
-\061\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145
-\040\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003
-\125\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154
-\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
-\152\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165
-\162\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055
-\060\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145
-\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
-\145\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060
-\064\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040
-\113\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040
-\123\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165
-\162\165\155\040\061
+\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
+\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
+\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
+\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057\006
+\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122\157
+\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171\040\122\123\101
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
+\002\010\173\054\233\323\026\200\062\231
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\004\143\060\202\003\113\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
-\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122\061
-\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145\040
-\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003\125
-\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154\151
-\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157\152
-\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165\162
-\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055\060
-\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145\162
-\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153\145
-\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060\064
-\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040\113
-\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040\123
-\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165\162
-\165\155\040\061\060\036\027\015\061\063\061\061\062\065\060\070
-\062\065\065\065\132\027\015\064\063\061\060\062\065\060\070\062
-\065\065\065\132\060\201\322\061\013\060\011\006\003\125\004\006
-\023\002\124\122\061\030\060\026\006\003\125\004\007\023\017\107
-\145\142\172\145\040\055\040\113\157\143\141\145\154\151\061\102
-\060\100\006\003\125\004\012\023\071\124\165\162\153\151\171\145
-\040\102\151\154\151\155\163\145\154\040\166\145\040\124\145\153
-\156\157\154\157\152\151\153\040\101\162\141\163\164\151\162\155
-\141\040\113\165\162\165\155\165\040\055\040\124\125\102\111\124
-\101\113\061\055\060\053\006\003\125\004\013\023\044\113\141\155
-\165\040\123\145\162\164\151\146\151\153\141\163\171\157\156\040
-\115\145\162\153\145\172\151\040\055\040\113\141\155\165\040\123
-\115\061\066\060\064\006\003\125\004\003\023\055\124\125\102\111
-\124\101\113\040\113\141\155\165\040\123\115\040\123\123\114\040
-\113\157\153\040\123\145\162\164\151\146\151\153\141\163\151\040
-\055\040\123\165\162\165\155\040\061\060\202\001\042\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
-\000\060\202\001\012\002\202\001\001\000\257\165\060\063\252\273
-\153\323\231\054\022\067\204\331\215\173\227\200\323\156\347\377
-\233\120\225\076\220\225\126\102\327\031\174\046\204\215\222\372
-\001\035\072\017\342\144\070\267\214\274\350\210\371\213\044\253
-\056\243\365\067\344\100\216\030\045\171\203\165\037\073\377\154
-\250\305\306\126\370\264\355\212\104\243\253\154\114\374\035\320
-\334\357\150\275\317\344\252\316\360\125\367\242\064\324\203\153
-\067\174\034\302\376\265\003\354\127\316\274\264\265\305\355\000
-\017\123\067\052\115\364\117\014\203\373\206\317\313\376\214\116
-\275\207\371\247\213\041\127\234\172\337\003\147\211\054\235\227
-\141\247\020\270\125\220\177\016\055\047\070\164\337\347\375\332
-\116\022\343\115\025\042\002\310\340\340\374\017\255\212\327\311
-\124\120\314\073\017\312\026\200\204\320\121\126\303\216\126\177
-\211\042\063\057\346\205\012\275\245\250\033\066\336\323\334\054
-\155\073\307\023\275\131\043\054\346\345\244\367\330\013\355\352
-\220\100\104\250\225\273\223\325\320\200\064\266\106\170\016\037
-\000\223\106\341\356\351\371\354\117\027\002\003\001\000\001\243
-\102\060\100\060\035\006\003\125\035\016\004\026\004\024\145\077
-\307\212\206\306\074\335\074\124\134\065\370\072\355\122\014\107
-\127\310\060\016\006\003\125\035\017\001\001\377\004\004\003\002
-\001\006\060\017\006\003\125\035\023\001\001\377\004\005\060\003
-\001\001\377\060\015\006\011\052\206\110\206\367\015\001\001\013
-\005\000\003\202\001\001\000\052\077\341\361\062\216\256\341\230
-\134\113\136\317\153\036\152\011\322\042\251\022\307\136\127\175
-\163\126\144\200\204\172\223\344\011\271\020\315\237\052\047\341
-\000\167\276\110\310\065\250\201\237\344\270\054\311\177\016\260
-\322\113\067\135\352\271\325\013\136\064\275\364\163\051\303\355
-\046\025\234\176\010\123\212\130\215\320\113\050\337\301\263\337
-\040\363\371\343\343\072\337\314\234\224\330\116\117\303\153\027
-\267\367\162\350\255\146\063\265\045\123\253\340\370\114\251\235
-\375\362\015\272\256\271\331\252\306\153\371\223\273\256\253\270
-\227\074\003\032\272\103\306\226\271\105\162\070\263\247\241\226
-\075\221\173\176\300\041\123\114\207\355\362\013\124\225\121\223
-\325\042\245\015\212\361\223\016\076\124\016\260\330\311\116\334
-\362\061\062\126\352\144\371\352\265\235\026\146\102\162\363\177
-\323\261\061\103\374\244\216\027\361\155\043\253\224\146\370\255
-\373\017\010\156\046\055\177\027\007\011\262\214\373\120\300\237
-\226\215\317\266\375\000\235\132\024\232\277\002\104\365\301\302
-\237\042\136\242\017\241\343
-END
-CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-
-# Trust for "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
-# Issuer: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
-# Serial Number: 1 (0x1)
-# Subject: CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1,OU=Kamu Sertifikasyon Merkezi - Kamu SM,O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK,L=Gebze - Kocaeli,C=TR
-# Not Valid Before: Mon Nov 25 08:25:55 2013
-# Not Valid After : Sun Oct 25 08:25:55 2043
-# Fingerprint (SHA-256): 46:ED:C3:68:90:46:D5:3A:45:3F:B3:10:4A:B8:0D:CA:EC:65:8B:26:60:EA:16:29:DD:7E:86:79:90:64:87:16
-# Fingerprint (SHA1): 31:43:64:9B:EC:CE:27:EC:ED:3A:3F:0B:8F:0D:E4:E8:91:DD:EE:CA
+\060\202\005\335\060\202\003\305\240\003\002\001\002\002\010\173
+\054\233\323\026\200\062\231\060\015\006\011\052\206\110\206\367
+\015\001\001\013\005\000\060\174\061\013\060\011\006\003\125\004
+\006\023\002\125\123\061\016\060\014\006\003\125\004\010\014\005
+\124\145\170\141\163\061\020\060\016\006\003\125\004\007\014\007
+\110\157\165\163\164\157\156\061\030\060\026\006\003\125\004\012
+\014\017\123\123\114\040\103\157\162\160\157\162\141\164\151\157
+\156\061\061\060\057\006\003\125\004\003\014\050\123\123\114\056
+\143\157\155\040\122\157\157\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\122\123\101\060\036\027\015\061\066\060\062\061\062\061\067
+\063\071\063\071\132\027\015\064\061\060\062\061\062\061\067\063
+\071\063\071\132\060\174\061\013\060\011\006\003\125\004\006\023
+\002\125\123\061\016\060\014\006\003\125\004\010\014\005\124\145
+\170\141\163\061\020\060\016\006\003\125\004\007\014\007\110\157
+\165\163\164\157\156\061\030\060\026\006\003\125\004\012\014\017
+\123\123\114\040\103\157\162\160\157\162\141\164\151\157\156\061
+\061\060\057\006\003\125\004\003\014\050\123\123\114\056\143\157
+\155\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\122
+\123\101\060\202\002\042\060\015\006\011\052\206\110\206\367\015
+\001\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202
+\002\001\000\371\017\335\243\053\175\313\320\052\376\354\147\205
+\246\347\056\033\272\167\341\343\365\257\244\354\372\112\135\221
+\304\127\107\153\030\167\153\166\362\375\223\344\075\017\302\026
+\236\013\146\303\126\224\236\027\203\205\316\126\357\362\026\375
+\000\142\365\042\011\124\350\145\027\116\101\271\340\117\106\227
+\252\033\310\270\156\142\136\151\261\137\333\052\002\176\374\154
+\312\363\101\330\355\320\350\374\077\141\110\355\260\003\024\035
+\020\016\113\031\340\273\116\354\206\145\377\066\363\136\147\002
+\013\235\206\125\141\375\172\070\355\376\342\031\000\267\157\241
+\120\142\165\164\074\240\372\310\045\222\264\156\172\042\307\370
+\036\241\343\262\335\221\061\253\053\035\004\377\245\112\004\067
+\351\205\244\063\053\375\342\326\125\064\174\031\244\112\150\307
+\262\250\323\267\312\241\223\210\353\301\227\274\214\371\035\331
+\042\204\044\164\307\004\075\152\251\051\223\314\353\270\133\341
+\376\137\045\252\064\130\310\301\043\124\235\033\230\021\303\070
+\234\176\075\206\154\245\017\100\206\174\002\364\134\002\117\050
+\313\256\161\237\017\072\310\063\376\021\045\065\352\374\272\305
+\140\075\331\174\030\325\262\251\323\165\170\003\162\042\312\072
+\303\037\357\054\345\056\251\372\236\054\266\121\106\375\257\003
+\326\352\140\150\352\205\026\066\153\205\351\036\300\263\335\304
+\044\334\200\052\201\101\155\224\076\310\340\311\201\101\000\236
+\136\277\177\305\010\230\242\030\054\102\100\263\371\157\070\047
+\113\116\200\364\075\201\107\340\210\174\352\034\316\265\165\134
+\121\056\034\053\177\032\162\050\347\000\265\321\164\306\327\344
+\237\255\007\223\266\123\065\065\374\067\344\303\366\135\026\276
+\041\163\336\222\012\370\240\143\152\274\226\222\152\076\370\274
+\145\125\233\336\365\015\211\046\004\374\045\032\246\045\151\313
+\302\155\312\174\342\131\137\227\254\353\357\056\310\274\327\033
+\131\074\053\314\362\031\310\223\153\047\143\031\317\374\351\046
+\370\312\161\233\177\223\376\064\147\204\116\231\353\374\263\170
+\011\063\160\272\146\246\166\355\033\163\353\032\245\015\304\042
+\023\040\224\126\012\116\054\154\116\261\375\317\234\011\272\242
+\063\355\207\002\003\001\000\001\243\143\060\141\060\035\006\003
+\125\035\016\004\026\004\024\335\004\011\007\242\365\172\175\122
+\123\022\222\225\356\070\200\045\015\246\131\060\017\006\003\125
+\035\023\001\001\377\004\005\060\003\001\001\377\060\037\006\003
+\125\035\043\004\030\060\026\200\024\335\004\011\007\242\365\172
+\175\122\123\022\222\225\356\070\200\045\015\246\131\060\016\006
+\003\125\035\017\001\001\377\004\004\003\002\001\206\060\015\006
+\011\052\206\110\206\367\015\001\001\013\005\000\003\202\002\001
+\000\040\030\021\224\051\373\046\235\034\036\036\160\141\361\225
+\162\223\161\044\255\150\223\130\216\062\257\033\263\160\003\374
+\045\053\164\205\220\075\170\152\364\271\213\245\227\073\265\030
+\221\273\036\247\371\100\133\221\371\125\231\257\036\021\320\134
+\035\247\146\343\261\224\007\014\062\071\246\352\033\260\171\330
+\035\234\160\104\343\212\335\304\371\225\037\212\070\103\077\001
+\205\245\107\247\075\106\262\274\345\042\150\367\173\234\330\054
+\076\012\041\310\055\063\254\277\305\201\231\061\164\301\165\161
+\305\276\261\360\043\105\364\235\153\374\031\143\235\243\274\004
+\306\030\013\045\273\123\211\017\263\200\120\336\105\356\104\177
+\253\224\170\144\230\323\366\050\335\207\330\160\145\164\373\016
+\271\023\353\247\017\141\251\062\226\314\336\273\355\143\114\030
+\273\251\100\367\240\124\156\040\210\161\165\030\352\172\264\064
+\162\340\043\047\167\134\266\220\352\206\045\100\253\357\063\017
+\313\237\202\276\242\040\373\366\265\055\032\346\302\205\261\164
+\017\373\310\145\002\244\122\001\107\335\111\042\301\277\330\353
+\153\254\176\336\354\143\063\025\267\043\010\217\306\017\215\101
+\132\335\216\305\271\217\345\105\077\170\333\272\322\033\100\261
+\376\161\115\077\340\201\242\272\136\264\354\025\340\223\335\010
+\037\176\341\125\231\013\041\336\223\236\012\373\346\243\111\275
+\066\060\376\347\167\262\240\165\227\265\055\201\210\027\145\040
+\367\332\220\000\237\311\122\314\062\312\065\174\365\075\017\330
+\053\327\365\046\154\311\006\064\226\026\352\160\131\032\062\171
+\171\013\266\210\177\017\122\110\075\277\154\330\242\104\056\321
+\116\267\162\130\323\211\023\225\376\104\253\370\327\213\033\156
+\234\274\054\240\133\325\152\000\257\137\067\341\325\372\020\013
+\230\234\206\347\046\217\316\360\354\156\212\127\013\200\343\116
+\262\300\240\143\141\220\272\125\150\067\164\152\266\222\333\237
+\241\206\042\266\145\047\016\354\266\237\102\140\344\147\302\265
+\332\101\013\304\323\213\141\033\274\372\037\221\053\327\104\007
+\136\272\051\254\331\305\351\357\123\110\132\353\200\361\050\130
+\041\315\260\006\125\373\047\077\123\220\160\251\004\036\127\047
+\271
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+
+# Trust for "SSL.com Root Certification Authority RSA"
+# Issuer: CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Serial Number:7b:2c:9b:d3:16:80:32:99
+# Subject: CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Not Valid Before: Fri Feb 12 17:39:39 2016
+# Not Valid After : Tue Feb 12 17:39:39 2041
+# Fingerprint (SHA-256): 85:66:6A:56:2E:E0:BE:5C:E9:25:C1:D8:89:0A:6F:76:A8:7E:C1:6D:4D:7D:5F:29:EA:74:19:CF:20:12:3B:69
+# Fingerprint (SHA1): B7:AB:33:08:D1:EA:44:77:BA:14:80:12:5A:6F:BD:A9:36:49:0C:BB
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
+CKA_LABEL UTF8 "SSL.com Root Certification Authority RSA"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\061\103\144\233\354\316\047\354\355\072\077\013\217\015\344\350
-\221\335\356\312
+\267\253\063\010\321\352\104\167\272\024\200\022\132\157\275\251
+\066\111\014\273
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\334\000\201\334\151\057\076\057\260\073\366\075\132\221\216\111
+\206\151\022\300\160\361\354\254\254\302\325\274\245\133\241\051
END
CKA_ISSUER MULTILINE_OCTAL
-\060\201\322\061\013\060\011\006\003\125\004\006\023\002\124\122
-\061\030\060\026\006\003\125\004\007\023\017\107\145\142\172\145
-\040\055\040\113\157\143\141\145\154\151\061\102\060\100\006\003
-\125\004\012\023\071\124\165\162\153\151\171\145\040\102\151\154
-\151\155\163\145\154\040\166\145\040\124\145\153\156\157\154\157
-\152\151\153\040\101\162\141\163\164\151\162\155\141\040\113\165
-\162\165\155\165\040\055\040\124\125\102\111\124\101\113\061\055
-\060\053\006\003\125\004\013\023\044\113\141\155\165\040\123\145
-\162\164\151\146\151\153\141\163\171\157\156\040\115\145\162\153
-\145\172\151\040\055\040\113\141\155\165\040\123\115\061\066\060
-\064\006\003\125\004\003\023\055\124\125\102\111\124\101\113\040
-\113\141\155\165\040\123\115\040\123\123\114\040\113\157\153\040
-\123\145\162\164\151\146\151\153\141\163\151\040\055\040\123\165
-\162\165\155\040\061
+\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
+\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
+\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
+\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057\006
+\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122\157
+\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171\040\122\123\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\173\054\233\323\026\200\062\231
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "SSL.com Root Certification Authority ECC"
+#
+# Issuer: CN=SSL.com Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Serial Number:75:e6:df:cb:c1:68:5b:a8
+# Subject: CN=SSL.com Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Not Valid Before: Fri Feb 12 18:14:03 2016
+# Not Valid After : Tue Feb 12 18:14:03 2041
+# Fingerprint (SHA-256): 34:17:BB:06:CC:60:07:DA:1B:96:1C:92:0B:8A:B4:CE:3F:AD:82:0E:4A:A3:0B:9A:CB:C4:A7:4E:BD:CE:BC:65
+# Fingerprint (SHA1): C3:19:7C:39:24:E6:54:AF:1B:C4:AB:20:95:7A:E2:C3:0E:13:02:6A
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SSL.com Root Certification Authority ECC"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
+\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
+\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
+\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057\006
+\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122\157
+\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171\040\105\103\103
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
+\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
+\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
+\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057\006
+\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122\157
+\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171\040\105\103\103
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\165\346\337\313\301\150\133\250
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\215\060\202\002\024\240\003\002\001\002\002\010\165
+\346\337\313\301\150\133\250\060\012\006\010\052\206\110\316\075
+\004\003\002\060\174\061\013\060\011\006\003\125\004\006\023\002
+\125\123\061\016\060\014\006\003\125\004\010\014\005\124\145\170
+\141\163\061\020\060\016\006\003\125\004\007\014\007\110\157\165
+\163\164\157\156\061\030\060\026\006\003\125\004\012\014\017\123
+\123\114\040\103\157\162\160\157\162\141\164\151\157\156\061\061
+\060\057\006\003\125\004\003\014\050\123\123\114\056\143\157\155
+\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\105\103
+\103\060\036\027\015\061\066\060\062\061\062\061\070\061\064\060
+\063\132\027\015\064\061\060\062\061\062\061\070\061\064\060\063
+\132\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163
+\061\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164
+\157\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114
+\040\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057
+\006\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122
+\157\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157
+\156\040\101\165\164\150\157\162\151\164\171\040\105\103\103\060
+\166\060\020\006\007\052\206\110\316\075\002\001\006\005\053\201
+\004\000\042\003\142\000\004\105\156\251\120\304\246\043\066\236
+\137\050\215\027\313\226\042\144\077\334\172\216\035\314\010\263
+\242\161\044\272\216\111\271\004\033\107\226\130\253\055\225\310
+\355\236\010\065\310\047\353\211\214\123\130\353\142\212\376\360
+\133\017\153\061\122\143\101\073\211\315\354\354\266\215\031\323
+\064\007\334\273\306\006\177\302\105\225\354\313\177\250\043\340
+\011\351\201\372\363\107\323\243\143\060\141\060\035\006\003\125
+\035\016\004\026\004\024\202\321\205\163\060\347\065\004\323\216
+\002\222\373\345\244\321\304\041\350\315\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\037\006\003\125
+\035\043\004\030\060\026\200\024\202\321\205\163\060\347\065\004
+\323\216\002\222\373\345\244\321\304\041\350\315\060\016\006\003
+\125\035\017\001\001\377\004\004\003\002\001\206\060\012\006\010
+\052\206\110\316\075\004\003\002\003\147\000\060\144\002\060\157
+\347\353\131\021\244\140\317\141\260\226\173\355\005\371\057\023
+\221\334\355\345\374\120\153\021\106\106\263\034\041\000\142\273
+\276\303\347\350\315\007\231\371\015\013\135\162\076\304\252\002
+\060\037\274\272\013\342\060\044\373\174\155\200\125\012\231\076
+\200\015\063\345\146\243\263\243\273\245\325\213\217\011\054\246
+\135\176\342\360\007\010\150\155\322\174\151\156\137\337\345\152
+\145
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+
+# Trust for "SSL.com Root Certification Authority ECC"
+# Issuer: CN=SSL.com Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Serial Number:75:e6:df:cb:c1:68:5b:a8
+# Subject: CN=SSL.com Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Not Valid Before: Fri Feb 12 18:14:03 2016
+# Not Valid After : Tue Feb 12 18:14:03 2041
+# Fingerprint (SHA-256): 34:17:BB:06:CC:60:07:DA:1B:96:1C:92:0B:8A:B4:CE:3F:AD:82:0E:4A:A3:0B:9A:CB:C4:A7:4E:BD:CE:BC:65
+# Fingerprint (SHA1): C3:19:7C:39:24:E6:54:AF:1B:C4:AB:20:95:7A:E2:C3:0E:13:02:6A
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SSL.com Root Certification Authority ECC"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\303\031\174\071\044\346\124\257\033\304\253\040\225\172\342\303
+\016\023\002\152
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\056\332\344\071\177\234\217\067\321\160\237\046\027\121\072\216
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
+\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
+\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
+\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057\006
+\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122\157
+\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
+\040\101\165\164\150\157\162\151\164\171\040\105\103\103
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\165\346\337\313\301\150\133\250
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "SSL.com EV Root Certification Authority RSA R2"
+#
+# Issuer: CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Serial Number:56:b6:29:cd:34:bc:78:f6
+# Subject: CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Not Valid Before: Wed May 31 18:14:37 2017
+# Not Valid After : Fri May 30 18:14:37 2042
+# Fingerprint (SHA-256): 2E:7B:F1:6C:C2:24:85:A7:BB:E2:AA:86:96:75:07:61:B0:AE:39:BE:3B:2F:E9:D0:CC:6D:4E:F7:34:91:42:5C
+# Fingerprint (SHA1): 74:3A:F0:52:9B:D0:32:A0:F4:4A:83:CD:D4:BA:A9:7B:7C:2E:C4:9A
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SSL.com EV Root Certification Authority RSA R2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163
+\061\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164
+\157\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114
+\040\103\157\162\160\157\162\141\164\151\157\156\061\067\060\065
+\006\003\125\004\003\014\056\123\123\114\056\143\157\155\040\105
+\126\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\122
+\123\101\040\122\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163
+\061\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164
+\157\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114
+\040\103\157\162\160\157\162\141\164\151\157\156\061\067\060\065
+\006\003\125\004\003\014\056\123\123\114\056\143\157\155\040\105
+\126\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\122
+\123\101\040\122\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\010\126\266\051\315\064\274\170\366
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\353\060\202\003\323\240\003\002\001\002\002\010\126
+\266\051\315\064\274\170\366\060\015\006\011\052\206\110\206\367
+\015\001\001\013\005\000\060\201\202\061\013\060\011\006\003\125
+\004\006\023\002\125\123\061\016\060\014\006\003\125\004\010\014
+\005\124\145\170\141\163\061\020\060\016\006\003\125\004\007\014
+\007\110\157\165\163\164\157\156\061\030\060\026\006\003\125\004
+\012\014\017\123\123\114\040\103\157\162\160\157\162\141\164\151
+\157\156\061\067\060\065\006\003\125\004\003\014\056\123\123\114
+\056\143\157\155\040\105\126\040\122\157\157\164\040\103\145\162
+\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
+\162\151\164\171\040\122\123\101\040\122\062\060\036\027\015\061
+\067\060\065\063\061\061\070\061\064\063\067\132\027\015\064\062
+\060\065\063\060\061\070\061\064\063\067\132\060\201\202\061\013
+\060\011\006\003\125\004\006\023\002\125\123\061\016\060\014\006
+\003\125\004\010\014\005\124\145\170\141\163\061\020\060\016\006
+\003\125\004\007\014\007\110\157\165\163\164\157\156\061\030\060
+\026\006\003\125\004\012\014\017\123\123\114\040\103\157\162\160
+\157\162\141\164\151\157\156\061\067\060\065\006\003\125\004\003
+\014\056\123\123\114\056\143\157\155\040\105\126\040\122\157\157
+\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
+\101\165\164\150\157\162\151\164\171\040\122\123\101\040\122\062
+\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001
+\000\217\066\145\100\341\326\115\300\327\264\351\106\332\153\352
+\063\107\315\114\371\175\175\276\275\055\075\360\333\170\341\206
+\245\331\272\011\127\150\355\127\076\240\320\010\101\203\347\050
+\101\044\037\343\162\025\320\001\032\373\136\160\043\262\313\237
+\071\343\317\305\116\306\222\155\046\306\173\273\263\332\047\235
+\012\206\351\201\067\005\376\360\161\161\354\303\034\351\143\242
+\027\024\235\357\033\147\323\205\125\002\002\326\111\311\314\132
+\341\261\367\157\062\237\311\324\073\210\101\250\234\275\313\253
+\333\155\173\011\037\242\114\162\220\332\053\010\374\317\074\124
+\316\147\017\250\317\135\226\031\013\304\343\162\353\255\321\175
+\035\047\357\222\353\020\277\133\353\073\257\317\200\335\301\322
+\226\004\133\172\176\244\251\074\070\166\244\142\216\240\071\136
+\352\167\317\135\000\131\217\146\054\076\007\242\243\005\046\021
+\151\227\352\205\267\017\226\013\113\310\100\341\120\272\056\212
+\313\367\017\232\042\347\177\232\067\023\315\362\115\023\153\041
+\321\300\314\042\362\241\106\366\104\151\234\312\141\065\007\000
+\157\326\141\010\021\352\272\270\366\351\263\140\345\115\271\354
+\237\024\146\311\127\130\333\315\207\151\370\212\206\022\003\107
+\277\146\023\166\254\167\175\064\044\205\203\315\327\252\234\220
+\032\237\041\054\177\170\267\144\270\330\350\246\364\170\263\125
+\313\204\322\062\304\170\256\243\217\141\335\316\010\123\255\354
+\210\374\025\344\232\015\346\237\032\167\316\114\217\270\024\025
+\075\142\234\206\070\006\000\146\022\344\131\166\132\123\300\002
+\230\242\020\053\150\104\173\216\171\316\063\112\166\252\133\201
+\026\033\265\212\330\320\000\173\136\142\264\011\326\206\143\016
+\246\005\225\111\272\050\213\210\223\262\064\034\330\244\125\156
+\267\034\320\336\231\125\073\043\364\042\340\371\051\146\046\354
+\040\120\167\333\112\013\217\276\345\002\140\160\101\136\324\256
+\120\071\042\024\046\313\262\073\163\164\125\107\007\171\201\071
+\250\060\023\104\345\004\212\256\226\023\045\102\017\271\123\304
+\233\374\315\344\034\336\074\372\253\326\006\112\037\147\246\230
+\060\034\335\054\333\334\030\225\127\146\306\377\134\213\126\365
+\167\002\003\001\000\001\243\143\060\141\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\037\006\003\125
+\035\043\004\030\060\026\200\024\371\140\273\324\343\325\064\366
+\270\365\006\200\045\247\163\333\106\151\250\236\060\035\006\003
+\125\035\016\004\026\004\024\371\140\273\324\343\325\064\366\270
+\365\006\200\045\247\163\333\106\151\250\236\060\016\006\003\125
+\035\017\001\001\377\004\004\003\002\001\206\060\015\006\011\052
+\206\110\206\367\015\001\001\013\005\000\003\202\002\001\000\126
+\263\216\313\012\235\111\216\277\244\304\221\273\146\027\005\121
+\230\165\373\345\120\054\172\236\361\024\372\253\323\212\076\377
+\221\051\217\143\213\330\264\251\124\001\015\276\223\206\057\371
+\112\155\307\136\365\127\371\312\125\034\022\276\107\017\066\305
+\337\152\267\333\165\302\107\045\177\271\361\143\370\150\055\125
+\004\321\362\215\260\244\317\274\074\136\037\170\347\245\240\040
+\160\260\004\305\267\367\162\247\336\042\015\275\063\045\106\214
+\144\222\046\343\076\056\143\226\332\233\214\075\370\030\011\327
+\003\314\175\206\202\340\312\004\007\121\120\327\377\222\325\014
+\357\332\206\237\231\327\353\267\257\150\342\071\046\224\272\150
+\267\277\203\323\352\172\147\075\142\147\256\045\345\162\350\342
+\344\354\256\022\366\113\053\074\237\351\260\100\363\070\124\263
+\375\267\150\310\332\306\217\121\074\262\373\221\334\034\347\233
+\235\341\267\015\162\217\342\244\304\251\170\371\353\024\254\306
+\103\005\302\145\071\050\030\002\303\202\262\235\005\276\145\355
+\226\137\145\164\074\373\011\065\056\173\234\023\375\033\017\135
+\307\155\201\072\126\017\314\073\341\257\002\057\042\254\106\312
+\106\074\240\034\114\326\104\264\136\056\134\025\146\011\341\046
+\051\376\306\122\141\272\261\163\377\303\014\234\345\154\152\224
+\077\024\312\100\026\225\204\363\131\251\254\137\114\141\223\155
+\321\073\314\242\225\014\042\246\147\147\104\056\271\331\322\212
+\101\263\146\013\132\373\175\043\245\362\032\260\377\336\233\203
+\224\056\321\077\337\222\267\221\257\005\073\145\307\240\154\261
+\315\142\022\303\220\033\343\045\316\064\274\157\167\166\261\020
+\303\367\005\032\300\326\257\164\142\110\027\167\222\151\220\141
+\034\336\225\200\164\124\217\030\034\303\363\003\320\277\244\103
+\165\206\123\030\172\012\056\011\034\066\237\221\375\202\212\042
+\113\321\016\120\045\335\313\003\014\027\311\203\000\010\116\065
+\115\212\213\355\360\002\224\146\054\104\177\313\225\047\226\027
+\255\011\060\254\266\161\027\156\213\027\366\034\011\324\055\073
+\230\245\161\323\124\023\331\140\363\365\113\146\117\372\361\356
+\040\022\215\264\254\127\261\105\143\241\254\166\251\302\373
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+
+# Trust for "SSL.com EV Root Certification Authority RSA R2"
+# Issuer: CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Serial Number:56:b6:29:cd:34:bc:78:f6
+# Subject: CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Not Valid Before: Wed May 31 18:14:37 2017
+# Not Valid After : Fri May 30 18:14:37 2042
+# Fingerprint (SHA-256): 2E:7B:F1:6C:C2:24:85:A7:BB:E2:AA:86:96:75:07:61:B0:AE:39:BE:3B:2F:E9:D0:CC:6D:4E:F7:34:91:42:5C
+# Fingerprint (SHA1): 74:3A:F0:52:9B:D0:32:A0:F4:4A:83:CD:D4:BA:A9:7B:7C:2E:C4:9A
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "SSL.com EV Root Certification Authority RSA R2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\164\072\360\122\233\320\062\240\364\112\203\315\324\272\251\173
+\174\056\304\232
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\341\036\061\130\032\256\124\123\002\366\027\152\021\173\115\225
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\201\202\061\013\060\011\006\003\125\004\006\023\002\125\123
+\061\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163
+\061\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164
+\157\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114
+\040\103\157\162\160\157\162\141\164\151\157\156\061\067\060\065
+\006\003\125\004\003\014\056\123\123\114\056\143\157\155\040\105
+\126\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
+\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\122
+\123\101\040\122\062
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\001\001
+\002\010\126\266\051\315\064\274\170\366
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
@@ -21714,167 +21710,126 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "GDCA TrustAUTH R5 ROOT"
+# Certificate "SSL.com EV Root Certification Authority ECC"
#
-# Issuer: CN=GDCA TrustAUTH R5 ROOT,O="GUANG DONG CERTIFICATE AUTHORITY CO.,LTD.",C=CN
-# Serial Number:7d:09:97:fe:f0:47:ea:7a
-# Subject: CN=GDCA TrustAUTH R5 ROOT,O="GUANG DONG CERTIFICATE AUTHORITY CO.,LTD.",C=CN
-# Not Valid Before: Wed Nov 26 05:13:15 2014
-# Not Valid After : Mon Dec 31 15:59:59 2040
-# Fingerprint (SHA-256): BF:FF:8F:D0:44:33:48:7D:6A:8A:A6:0C:1A:29:76:7A:9F:C2:BB:B0:5E:42:0F:71:3A:13:B9:92:89:1D:38:93
-# Fingerprint (SHA1): 0F:36:38:5B:81:1A:25:C3:9B:31:4E:83:CA:E9:34:66:70:CC:74:B4
+# Issuer: CN=SSL.com EV Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Serial Number:2c:29:9c:5b:16:ed:05:95
+# Subject: CN=SSL.com EV Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Not Valid Before: Fri Feb 12 18:15:23 2016
+# Not Valid After : Tue Feb 12 18:15:23 2041
+# Fingerprint (SHA-256): 22:A2:C1:F7:BD:ED:70:4C:C1:E7:01:B5:F4:08:C3:10:88:0F:E9:56:B5:DE:2A:4A:44:F9:9C:87:3A:25:A7:C8
+# Fingerprint (SHA1): 4C:DD:51:A3:D1:F5:20:32:14:B0:C6:C5:32:23:03:91:C7:46:42:6D
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GDCA TrustAUTH R5 ROOT"
+CKA_LABEL UTF8 "SSL.com EV Root Certification Authority ECC"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\142\061\013\060\011\006\003\125\004\006\023\002\103\116\061
-\062\060\060\006\003\125\004\012\014\051\107\125\101\116\107\040
-\104\117\116\107\040\103\105\122\124\111\106\111\103\101\124\105
-\040\101\125\124\110\117\122\111\124\131\040\103\117\056\054\114
-\124\104\056\061\037\060\035\006\003\125\004\003\014\026\107\104
-\103\101\040\124\162\165\163\164\101\125\124\110\040\122\065\040
-\122\117\117\124
+\060\177\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
+\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
+\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
+\103\157\162\160\157\162\141\164\151\157\156\061\064\060\062\006
+\003\125\004\003\014\053\123\123\114\056\143\157\155\040\105\126
+\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\105\103
+\103
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\142\061\013\060\011\006\003\125\004\006\023\002\103\116\061
-\062\060\060\006\003\125\004\012\014\051\107\125\101\116\107\040
-\104\117\116\107\040\103\105\122\124\111\106\111\103\101\124\105
-\040\101\125\124\110\117\122\111\124\131\040\103\117\056\054\114
-\124\104\056\061\037\060\035\006\003\125\004\003\014\026\107\104
-\103\101\040\124\162\165\163\164\101\125\124\110\040\122\065\040
-\122\117\117\124
+\060\177\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
+\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
+\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
+\103\157\162\160\157\162\141\164\151\157\156\061\064\060\062\006
+\003\125\004\003\014\053\123\123\114\056\143\157\155\040\105\126
+\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\105\103
+\103
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\010\175\011\227\376\360\107\352\172
+\002\010\054\051\234\133\026\355\005\225
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\005\210\060\202\003\160\240\003\002\001\002\002\010\175
-\011\227\376\360\107\352\172\060\015\006\011\052\206\110\206\367
-\015\001\001\013\005\000\060\142\061\013\060\011\006\003\125\004
-\006\023\002\103\116\061\062\060\060\006\003\125\004\012\014\051
-\107\125\101\116\107\040\104\117\116\107\040\103\105\122\124\111
-\106\111\103\101\124\105\040\101\125\124\110\117\122\111\124\131
-\040\103\117\056\054\114\124\104\056\061\037\060\035\006\003\125
-\004\003\014\026\107\104\103\101\040\124\162\165\163\164\101\125
-\124\110\040\122\065\040\122\117\117\124\060\036\027\015\061\064
-\061\061\062\066\060\065\061\063\061\065\132\027\015\064\060\061
-\062\063\061\061\065\065\071\065\071\132\060\142\061\013\060\011
-\006\003\125\004\006\023\002\103\116\061\062\060\060\006\003\125
-\004\012\014\051\107\125\101\116\107\040\104\117\116\107\040\103
-\105\122\124\111\106\111\103\101\124\105\040\101\125\124\110\117
-\122\111\124\131\040\103\117\056\054\114\124\104\056\061\037\060
-\035\006\003\125\004\003\014\026\107\104\103\101\040\124\162\165
-\163\164\101\125\124\110\040\122\065\040\122\117\117\124\060\202
-\002\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
-\000\003\202\002\017\000\060\202\002\012\002\202\002\001\000\331
-\243\026\360\310\164\164\167\233\357\063\015\073\006\176\125\374
-\265\140\217\166\206\022\102\175\126\146\076\210\202\355\162\143
-\016\236\213\335\064\054\002\121\121\303\031\375\131\124\204\311
-\361\153\263\114\260\351\350\106\135\070\306\242\247\056\021\127
-\272\202\025\242\234\217\155\260\231\112\012\362\353\211\160\143
-\116\171\304\267\133\275\242\135\261\362\101\002\053\255\251\072
-\243\354\171\012\354\137\072\343\375\357\200\074\255\064\233\032
-\253\210\046\173\126\242\202\206\037\353\065\211\203\177\137\256
-\051\116\075\266\156\354\256\301\360\047\233\256\343\364\354\357
-\256\177\367\206\075\162\172\353\245\373\131\116\247\353\225\214
-\042\071\171\341\055\010\217\314\274\221\270\101\367\024\301\043
-\251\303\255\232\105\104\263\262\327\054\315\306\051\342\120\020
-\256\134\313\202\216\027\030\066\175\227\346\210\232\260\115\064
-\011\364\054\271\132\146\052\260\027\233\236\036\166\235\112\146
-\061\101\337\077\373\305\006\357\033\266\176\032\106\066\367\144
-\143\073\343\071\030\043\347\147\165\024\325\165\127\222\067\275
-\276\152\033\046\120\362\066\046\006\220\305\160\001\144\155\166
-\146\341\221\333\156\007\300\141\200\056\262\056\057\214\160\247
-\321\073\074\263\221\344\156\266\304\073\160\362\154\222\227\011
-\315\107\175\030\300\363\273\236\017\326\213\256\007\266\132\017
-\316\013\014\107\247\345\076\270\275\175\307\233\065\240\141\227
-\072\101\165\027\314\053\226\167\052\222\041\036\331\225\166\040
-\147\150\317\015\275\337\326\037\011\152\232\342\314\163\161\244
-\057\175\022\200\267\123\060\106\136\113\124\231\017\147\311\245
-\310\362\040\301\202\354\235\021\337\302\002\373\032\073\321\355
-\040\232\357\145\144\222\020\015\052\342\336\160\361\030\147\202
-\214\141\336\270\274\321\057\234\373\017\320\053\355\033\166\271
-\344\071\125\370\370\241\035\270\252\200\000\114\202\347\262\177
-\011\270\274\060\240\057\015\365\122\236\216\367\222\263\012\000
-\035\000\124\227\006\340\261\007\331\307\017\134\145\175\074\155
-\131\127\344\355\245\215\351\100\123\237\025\113\240\161\366\032
-\041\343\332\160\006\041\130\024\207\205\167\171\252\202\171\002
-\003\001\000\001\243\102\060\100\060\035\006\003\125\035\016\004
-\026\004\024\342\311\100\237\115\316\350\232\241\174\317\016\077
-\145\305\051\210\152\031\121\060\017\006\003\125\035\023\001\001
-\377\004\005\060\003\001\001\377\060\016\006\003\125\035\017\001
-\001\377\004\004\003\002\001\206\060\015\006\011\052\206\110\206
-\367\015\001\001\013\005\000\003\202\002\001\000\321\111\127\340
-\247\314\150\130\272\001\017\053\031\315\215\260\141\105\254\021
-\355\143\120\151\370\037\177\276\026\217\375\235\353\013\252\062
-\107\166\322\147\044\355\275\174\063\062\227\052\307\005\206\146
-\015\027\175\024\025\033\324\353\375\037\232\366\136\227\151\267
-\032\045\244\012\263\221\077\137\066\254\213\354\127\250\076\347
-\201\212\030\127\071\205\164\032\102\307\351\133\023\137\217\371
-\010\351\222\164\215\365\107\322\253\073\326\373\170\146\116\066
-\175\371\351\222\351\004\336\375\111\143\374\155\373\024\161\223
-\147\057\107\112\267\271\377\036\052\163\160\106\060\277\132\362
-\057\171\245\341\215\014\331\371\262\143\067\214\067\145\205\160
-\152\134\133\011\162\271\255\143\074\261\335\370\374\062\277\067
-\206\344\273\216\230\047\176\272\037\026\341\160\021\362\003\337
-\045\142\062\047\046\030\062\204\237\377\000\072\023\272\232\115
-\364\117\270\024\160\042\261\312\053\220\316\051\301\160\364\057
-\235\177\362\220\036\326\132\337\267\106\374\346\206\372\313\340
-\040\166\172\272\246\313\365\174\336\142\245\261\213\356\336\202
-\146\212\116\072\060\037\077\200\313\255\047\272\014\136\327\320
-\261\126\312\167\161\262\265\165\241\120\251\100\103\027\302\050
-\331\317\122\213\133\310\143\324\102\076\240\063\172\106\056\367
-\012\040\106\124\176\152\117\061\361\201\176\102\164\070\145\163
-\047\356\306\174\270\216\327\245\072\327\230\241\234\214\020\125
-\323\333\113\354\100\220\362\315\156\127\322\142\016\174\127\223
-\261\247\155\315\235\203\273\052\347\345\266\073\161\130\255\375
-\321\105\274\132\221\356\123\025\157\323\105\011\165\156\272\220
-\135\036\004\317\067\337\036\250\146\261\214\346\040\152\357\374
-\110\116\164\230\102\257\051\157\056\152\307\373\175\321\146\061
-\042\314\206\000\176\146\203\014\102\364\275\064\222\303\032\352
-\117\312\176\162\115\013\160\214\246\110\273\246\241\024\366\373
-\130\104\231\024\256\252\013\223\151\240\051\045\112\245\313\053
-\335\212\146\007\026\170\025\127\161\033\354\365\107\204\363\236
-\061\067\172\325\177\044\255\344\274\375\375\314\156\203\350\014
-\250\267\101\154\007\335\275\074\206\227\057\322
+\060\202\002\224\060\202\002\032\240\003\002\001\002\002\010\054
+\051\234\133\026\355\005\225\060\012\006\010\052\206\110\316\075
+\004\003\002\060\177\061\013\060\011\006\003\125\004\006\023\002
+\125\123\061\016\060\014\006\003\125\004\010\014\005\124\145\170
+\141\163\061\020\060\016\006\003\125\004\007\014\007\110\157\165
+\163\164\157\156\061\030\060\026\006\003\125\004\012\014\017\123
+\123\114\040\103\157\162\160\157\162\141\164\151\157\156\061\064
+\060\062\006\003\125\004\003\014\053\123\123\114\056\143\157\155
+\040\105\126\040\122\157\157\164\040\103\145\162\164\151\146\151
+\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
+\040\105\103\103\060\036\027\015\061\066\060\062\061\062\061\070
+\061\065\062\063\132\027\015\064\061\060\062\061\062\061\070\061
+\065\062\063\132\060\177\061\013\060\011\006\003\125\004\006\023
+\002\125\123\061\016\060\014\006\003\125\004\010\014\005\124\145
+\170\141\163\061\020\060\016\006\003\125\004\007\014\007\110\157
+\165\163\164\157\156\061\030\060\026\006\003\125\004\012\014\017
+\123\123\114\040\103\157\162\160\157\162\141\164\151\157\156\061
+\064\060\062\006\003\125\004\003\014\053\123\123\114\056\143\157
+\155\040\105\126\040\122\157\157\164\040\103\145\162\164\151\146
+\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
+\171\040\105\103\103\060\166\060\020\006\007\052\206\110\316\075
+\002\001\006\005\053\201\004\000\042\003\142\000\004\252\022\107
+\220\230\033\373\357\303\100\007\203\040\116\361\060\202\242\006
+\321\362\222\206\141\362\366\041\150\312\000\304\307\352\103\000
+\124\206\334\375\037\337\000\270\101\142\134\334\160\026\062\336
+\037\231\324\314\305\007\310\010\037\141\026\007\121\075\175\134
+\007\123\343\065\070\214\337\315\237\331\056\015\112\266\031\056
+\132\160\132\006\355\276\360\241\260\312\320\011\051\243\143\060
+\141\060\035\006\003\125\035\016\004\026\004\024\133\312\136\345
+\336\322\201\252\315\250\055\144\121\266\331\162\233\227\346\117
+\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
+\377\060\037\006\003\125\035\043\004\030\060\026\200\024\133\312
+\136\345\336\322\201\252\315\250\055\144\121\266\331\162\233\227
+\346\117\060\016\006\003\125\035\017\001\001\377\004\004\003\002
+\001\206\060\012\006\010\052\206\110\316\075\004\003\002\003\150
+\000\060\145\002\061\000\212\346\100\211\067\353\351\325\023\331
+\312\324\153\044\363\260\075\207\106\130\032\354\261\337\157\373
+\126\272\160\153\307\070\314\350\261\214\117\017\367\361\147\166
+\016\203\320\036\121\217\002\060\075\366\043\050\046\114\306\140
+\207\223\046\233\262\065\036\272\326\367\074\321\034\316\372\045
+\074\246\032\201\025\133\363\022\017\154\356\145\212\311\207\250
+\371\007\340\142\232\214\134\112
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "GDCA TrustAUTH R5 ROOT"
-# Issuer: CN=GDCA TrustAUTH R5 ROOT,O="GUANG DONG CERTIFICATE AUTHORITY CO.,LTD.",C=CN
-# Serial Number:7d:09:97:fe:f0:47:ea:7a
-# Subject: CN=GDCA TrustAUTH R5 ROOT,O="GUANG DONG CERTIFICATE AUTHORITY CO.,LTD.",C=CN
-# Not Valid Before: Wed Nov 26 05:13:15 2014
-# Not Valid After : Mon Dec 31 15:59:59 2040
-# Fingerprint (SHA-256): BF:FF:8F:D0:44:33:48:7D:6A:8A:A6:0C:1A:29:76:7A:9F:C2:BB:B0:5E:42:0F:71:3A:13:B9:92:89:1D:38:93
-# Fingerprint (SHA1): 0F:36:38:5B:81:1A:25:C3:9B:31:4E:83:CA:E9:34:66:70:CC:74:B4
+# Trust for "SSL.com EV Root Certification Authority ECC"
+# Issuer: CN=SSL.com EV Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Serial Number:2c:29:9c:5b:16:ed:05:95
+# Subject: CN=SSL.com EV Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
+# Not Valid Before: Fri Feb 12 18:15:23 2016
+# Not Valid After : Tue Feb 12 18:15:23 2041
+# Fingerprint (SHA-256): 22:A2:C1:F7:BD:ED:70:4C:C1:E7:01:B5:F4:08:C3:10:88:0F:E9:56:B5:DE:2A:4A:44:F9:9C:87:3A:25:A7:C8
+# Fingerprint (SHA1): 4C:DD:51:A3:D1:F5:20:32:14:B0:C6:C5:32:23:03:91:C7:46:42:6D
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GDCA TrustAUTH R5 ROOT"
+CKA_LABEL UTF8 "SSL.com EV Root Certification Authority ECC"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\017\066\070\133\201\032\045\303\233\061\116\203\312\351\064\146
-\160\314\164\264
+\114\335\121\243\321\365\040\062\024\260\306\305\062\043\003\221
+\307\106\102\155
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\143\314\331\075\064\065\134\157\123\243\342\010\160\110\037\264
+\131\123\042\145\203\102\001\124\300\316\102\271\132\174\362\220
END
CKA_ISSUER MULTILINE_OCTAL
-\060\142\061\013\060\011\006\003\125\004\006\023\002\103\116\061
-\062\060\060\006\003\125\004\012\014\051\107\125\101\116\107\040
-\104\117\116\107\040\103\105\122\124\111\106\111\103\101\124\105
-\040\101\125\124\110\117\122\111\124\131\040\103\117\056\054\114
-\124\104\056\061\037\060\035\006\003\125\004\003\014\026\107\104
-\103\101\040\124\162\165\163\164\101\125\124\110\040\122\065\040
-\122\117\117\124
+\060\177\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
+\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
+\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
+\103\157\162\160\157\162\141\164\151\157\156\061\064\060\062\006
+\003\125\004\003\014\053\123\123\114\056\143\157\155\040\105\126
+\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164
+\151\157\156\040\101\165\164\150\157\162\151\164\171\040\105\103
+\103
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\010\175\011\227\376\360\107\352\172
+\002\010\054\051\234\133\026\355\005\225
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
@@ -21882,158 +21837,161 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "TrustCor RootCert CA-1"
+# Certificate "GlobalSign Root CA - R6"
#
-# Issuer: CN=TrustCor RootCert CA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
-# Serial Number:00:da:9b:ec:71:f3:03:b0:19
-# Subject: CN=TrustCor RootCert CA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
-# Not Valid Before: Thu Feb 04 12:32:16 2016
-# Not Valid After : Mon Dec 31 17:23:16 2029
-# Fingerprint (SHA-256): D4:0E:9C:86:CD:8F:E4:68:C1:77:69:59:F4:9E:A7:74:FA:54:86:84:B6:C4:06:F3:90:92:61:F4:DC:E2:57:5C
-# Fingerprint (SHA1): FF:BD:CD:E7:82:C8:43:5E:3C:6F:26:86:5C:CA:A8:3A:45:5B:C3:0A
+# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R6
+# Serial Number:45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
+# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R6
+# Not Valid Before: Wed Dec 10 00:00:00 2014
+# Not Valid After : Sun Dec 10 00:00:00 2034
+# Fingerprint (SHA-256): 2C:AB:EA:FE:37:D0:6C:A2:2A:BA:73:91:C0:03:3D:25:98:29:52:C4:53:64:73:49:76:3A:3A:B5:AD:6C:CF:69
+# Fingerprint (SHA1): 80:94:64:0E:B5:A7:A1:CA:11:9C:1F:DD:D5:9F:81:02:63:A7:FB:D1
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TrustCor RootCert CA-1"
+CKA_LABEL UTF8 "GlobalSign Root CA - R6"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\201\244\061\013\060\011\006\003\125\004\006\023\002\120\101
-\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
-\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
-\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
-\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
-\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
-\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
-\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
-\150\157\162\151\164\171\061\037\060\035\006\003\125\004\003\014
-\026\124\162\165\163\164\103\157\162\040\122\157\157\164\103\145
-\162\164\040\103\101\055\061
+\060\114\061\040\060\036\006\003\125\004\013\023\027\107\154\157
+\142\141\154\123\151\147\156\040\122\157\157\164\040\103\101\040
+\055\040\122\066\061\023\060\021\006\003\125\004\012\023\012\107
+\154\157\142\141\154\123\151\147\156\061\023\060\021\006\003\125
+\004\003\023\012\107\154\157\142\141\154\123\151\147\156
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\201\244\061\013\060\011\006\003\125\004\006\023\002\120\101
-\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
-\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
-\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
-\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
-\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
-\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
-\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
-\150\157\162\151\164\171\061\037\060\035\006\003\125\004\003\014
-\026\124\162\165\163\164\103\157\162\040\122\157\157\164\103\145
-\162\164\040\103\101\055\061
+\060\114\061\040\060\036\006\003\125\004\013\023\027\107\154\157
+\142\141\154\123\151\147\156\040\122\157\157\164\040\103\101\040
+\055\040\122\066\061\023\060\021\006\003\125\004\012\023\012\107
+\154\157\142\141\154\123\151\147\156\061\023\060\021\006\003\125
+\004\003\023\012\107\154\157\142\141\154\123\151\147\156
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\011\000\332\233\354\161\363\003\260\031
+\002\016\105\346\273\003\203\063\303\205\145\110\346\377\105\121
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\004\060\060\202\003\030\240\003\002\001\002\002\011\000
-\332\233\354\161\363\003\260\031\060\015\006\011\052\206\110\206
-\367\015\001\001\013\005\000\060\201\244\061\013\060\011\006\003
-\125\004\006\023\002\120\101\061\017\060\015\006\003\125\004\010
-\014\006\120\141\156\141\155\141\061\024\060\022\006\003\125\004
-\007\014\013\120\141\156\141\155\141\040\103\151\164\171\061\044
-\060\042\006\003\125\004\012\014\033\124\162\165\163\164\103\157
-\162\040\123\171\163\164\145\155\163\040\123\056\040\144\145\040
-\122\056\114\056\061\047\060\045\006\003\125\004\013\014\036\124
-\162\165\163\164\103\157\162\040\103\145\162\164\151\146\151\143
-\141\164\145\040\101\165\164\150\157\162\151\164\171\061\037\060
-\035\006\003\125\004\003\014\026\124\162\165\163\164\103\157\162
-\040\122\157\157\164\103\145\162\164\040\103\101\055\061\060\036
-\027\015\061\066\060\062\060\064\061\062\063\062\061\066\132\027
-\015\062\071\061\062\063\061\061\067\062\063\061\066\132\060\201
-\244\061\013\060\011\006\003\125\004\006\023\002\120\101\061\017
-\060\015\006\003\125\004\010\014\006\120\141\156\141\155\141\061
-\024\060\022\006\003\125\004\007\014\013\120\141\156\141\155\141
-\040\103\151\164\171\061\044\060\042\006\003\125\004\012\014\033
-\124\162\165\163\164\103\157\162\040\123\171\163\164\145\155\163
-\040\123\056\040\144\145\040\122\056\114\056\061\047\060\045\006
-\003\125\004\013\014\036\124\162\165\163\164\103\157\162\040\103
-\145\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157
-\162\151\164\171\061\037\060\035\006\003\125\004\003\014\026\124
-\162\165\163\164\103\157\162\040\122\157\157\164\103\145\162\164
-\040\103\101\055\061\060\202\001\042\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
-\012\002\202\001\001\000\277\216\267\225\342\302\046\022\153\063
-\031\307\100\130\012\253\131\252\215\000\243\374\200\307\120\173
-\216\324\040\046\272\062\022\330\043\124\111\045\020\042\230\235
-\106\322\301\311\236\116\033\056\054\016\070\363\032\045\150\034
-\246\132\005\346\036\213\110\277\230\226\164\076\151\312\351\265
-\170\245\006\274\325\000\136\011\012\362\047\172\122\374\055\325
-\261\352\264\211\141\044\363\032\023\333\251\317\122\355\014\044
-\272\271\236\354\176\000\164\372\223\255\154\051\222\256\121\264
-\273\323\127\277\263\363\250\215\234\364\044\113\052\326\231\236
-\364\236\376\300\176\102\072\347\013\225\123\332\267\150\016\220
-\114\373\160\077\217\112\054\224\363\046\335\143\151\251\224\330
-\020\116\305\107\010\220\231\033\027\115\271\154\156\357\140\225
-\021\216\041\200\265\275\240\163\330\320\262\167\304\105\352\132
-\046\373\146\166\166\370\006\037\141\155\017\125\305\203\267\020
-\126\162\006\007\245\363\261\032\003\005\144\016\235\132\212\326
-\206\160\033\044\336\376\050\212\053\320\152\260\374\172\242\334
-\262\171\016\213\145\017\002\003\001\000\001\243\143\060\141\060
-\035\006\003\125\035\016\004\026\004\024\356\153\111\074\172\077
-\015\343\261\011\267\212\310\253\031\237\163\063\120\347\060\037
-\006\003\125\035\043\004\030\060\026\200\024\356\153\111\074\172
-\077\015\343\261\011\267\212\310\253\031\237\163\063\120\347\060
-\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
-\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\206
-\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003
-\202\001\001\000\045\030\324\221\217\023\356\217\036\035\021\123
-\332\055\104\051\031\240\036\153\061\236\115\016\236\255\075\134
-\101\157\225\053\044\241\171\230\072\070\066\373\273\146\236\110
-\377\220\220\357\075\324\270\233\264\207\165\077\040\233\316\162
-\317\241\125\301\115\144\242\031\006\241\007\063\014\013\051\345
-\361\352\253\243\354\265\012\164\220\307\175\162\362\327\134\237
-\221\357\221\213\267\334\355\146\242\317\216\146\073\274\237\072
-\002\340\047\335\026\230\300\225\324\012\244\344\201\232\165\224
-\065\234\220\137\210\067\006\255\131\225\012\260\321\147\323\031
-\312\211\347\062\132\066\034\076\202\250\132\223\276\306\320\144
-\221\266\317\331\266\030\317\333\176\322\145\243\246\304\216\027
-\061\301\373\176\166\333\323\205\343\130\262\167\172\166\073\154
-\057\120\034\347\333\366\147\171\037\365\202\225\232\007\247\024
-\257\217\334\050\041\147\011\322\326\115\132\034\031\034\216\167
-\134\303\224\044\075\062\153\113\176\324\170\224\203\276\067\115
-\316\137\307\036\116\074\340\211\063\225\013\017\245\062\326\074
-\132\171\054\031
+\060\202\005\203\060\202\003\153\240\003\002\001\002\002\016\105
+\346\273\003\203\063\303\205\145\110\346\377\105\121\060\015\006
+\011\052\206\110\206\367\015\001\001\014\005\000\060\114\061\040
+\060\036\006\003\125\004\013\023\027\107\154\157\142\141\154\123
+\151\147\156\040\122\157\157\164\040\103\101\040\055\040\122\066
+\061\023\060\021\006\003\125\004\012\023\012\107\154\157\142\141
+\154\123\151\147\156\061\023\060\021\006\003\125\004\003\023\012
+\107\154\157\142\141\154\123\151\147\156\060\036\027\015\061\064
+\061\062\061\060\060\060\060\060\060\060\132\027\015\063\064\061
+\062\061\060\060\060\060\060\060\060\132\060\114\061\040\060\036
+\006\003\125\004\013\023\027\107\154\157\142\141\154\123\151\147
+\156\040\122\157\157\164\040\103\101\040\055\040\122\066\061\023
+\060\021\006\003\125\004\012\023\012\107\154\157\142\141\154\123
+\151\147\156\061\023\060\021\006\003\125\004\003\023\012\107\154
+\157\142\141\154\123\151\147\156\060\202\002\042\060\015\006\011
+\052\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000
+\060\202\002\012\002\202\002\001\000\225\007\350\163\312\146\371
+\354\024\312\173\074\367\015\010\361\264\105\013\054\202\264\110
+\306\353\133\074\256\203\270\101\222\063\024\244\157\177\351\052
+\314\306\260\210\153\305\266\211\321\306\262\377\024\316\121\024
+\041\354\112\335\033\132\306\326\207\356\115\072\025\006\355\144
+\146\013\222\200\312\104\336\163\224\116\363\247\211\177\117\170
+\143\010\310\022\120\155\102\146\057\115\271\171\050\115\122\032
+\212\032\200\267\031\201\016\176\304\212\274\144\114\041\034\103
+\150\327\075\074\212\305\262\146\325\220\232\267\061\006\305\276
+\342\155\062\006\246\036\371\271\353\252\243\270\277\276\202\143
+\120\320\360\030\211\337\344\017\171\365\352\242\037\052\322\160
+\056\173\347\274\223\273\155\123\342\110\174\214\020\007\070\377
+\146\262\167\141\176\340\352\214\074\252\264\244\366\363\225\112
+\022\007\155\375\214\262\211\317\320\240\141\167\310\130\164\260
+\324\043\072\367\135\072\312\242\333\235\011\336\135\104\055\220
+\361\201\315\127\222\372\176\274\120\004\143\064\337\153\223\030
+\276\153\066\262\071\344\254\044\066\267\360\357\266\034\023\127
+\223\266\336\262\370\342\205\267\163\242\270\065\252\105\362\340
+\235\066\241\157\124\212\361\162\126\156\056\210\305\121\102\104
+\025\224\356\243\305\070\226\233\116\116\132\013\107\363\006\066
+\111\167\060\274\161\067\345\246\354\041\010\165\374\346\141\026
+\077\167\325\331\221\227\204\012\154\324\002\115\164\300\024\355
+\375\071\373\203\362\136\024\241\004\260\013\351\376\356\217\341
+\156\013\262\010\263\141\146\011\152\261\006\072\145\226\131\300
+\360\065\375\311\332\050\215\032\021\207\160\201\012\250\232\165
+\035\236\072\206\005\000\236\333\200\326\045\371\334\005\236\047
+\131\114\166\071\133\352\371\245\241\330\203\017\321\377\337\060
+\021\371\205\317\063\110\365\312\155\144\024\054\172\130\117\323
+\113\010\111\305\225\144\032\143\016\171\075\365\263\214\312\130
+\255\234\102\105\171\156\016\207\031\134\124\261\145\266\277\214
+\233\334\023\351\015\157\270\056\334\147\156\311\213\021\265\204
+\024\212\000\031\160\203\171\221\227\221\324\032\047\277\067\036
+\062\007\330\024\143\074\050\114\257\002\003\001\000\001\243\143
+\060\141\060\016\006\003\125\035\017\001\001\377\004\004\003\002
+\001\006\060\017\006\003\125\035\023\001\001\377\004\005\060\003
+\001\001\377\060\035\006\003\125\035\016\004\026\004\024\256\154
+\005\243\223\023\342\242\347\342\327\034\326\307\360\177\310\147
+\123\240\060\037\006\003\125\035\043\004\030\060\026\200\024\256
+\154\005\243\223\023\342\242\347\342\327\034\326\307\360\177\310
+\147\123\240\060\015\006\011\052\206\110\206\367\015\001\001\014
+\005\000\003\202\002\001\000\203\045\355\350\321\375\225\122\315
+\236\300\004\240\221\151\346\134\320\204\336\334\255\242\117\350
+\107\170\326\145\230\251\133\250\074\207\174\002\212\321\156\267
+\026\163\346\137\300\124\230\325\164\276\301\315\342\021\221\255
+\043\030\075\335\341\162\104\226\264\225\136\300\173\216\231\170
+\026\103\023\126\127\263\242\263\073\265\167\334\100\162\254\243
+\353\233\065\076\261\010\041\241\347\304\103\067\171\062\276\265
+\347\234\054\114\274\103\051\231\216\060\323\254\041\340\343\035
+\372\330\007\063\166\124\000\042\052\271\115\040\056\160\150\332
+\345\123\374\203\134\323\235\362\377\104\014\104\146\362\322\343
+\275\106\000\032\155\002\272\045\135\215\241\061\121\335\124\106
+\034\115\333\231\226\357\032\034\004\134\246\025\357\170\340\171
+\376\135\333\076\252\114\125\375\232\025\251\157\341\246\373\337
+\160\060\351\303\356\102\106\355\302\223\005\211\372\175\143\173
+\077\320\161\201\174\000\350\230\256\016\170\064\303\045\373\257
+\012\237\040\153\335\073\023\217\022\214\342\101\032\110\172\163
+\240\167\151\307\266\134\177\202\310\036\376\130\033\050\053\250
+\154\255\136\155\300\005\322\173\267\353\200\376\045\067\376\002
+\233\150\254\102\135\303\356\365\314\334\360\120\165\322\066\151
+\234\346\173\004\337\156\006\151\266\336\012\011\110\131\207\353
+\173\024\140\172\144\252\151\103\357\221\307\114\354\030\335\154
+\357\123\055\214\231\341\136\362\162\076\317\124\310\275\147\354
+\244\017\114\105\377\323\271\060\043\007\114\217\020\277\206\226
+\331\231\132\264\231\127\034\244\314\273\025\211\123\272\054\005
+\017\344\304\236\031\261\030\064\325\114\235\272\355\367\037\257
+\044\225\004\170\250\003\273\356\201\345\332\137\174\213\112\241
+\220\164\045\247\263\076\113\310\054\126\275\307\310\357\070\342
+\134\222\360\171\367\234\204\272\164\055\141\001\040\176\176\321
+\362\117\007\131\137\213\055\103\122\353\106\014\224\341\365\146
+\107\171\167\325\124\133\037\255\044\067\313\105\132\116\240\104
+\110\310\330\260\231\305\025\204\011\366\326\111\111\300\145\270
+\346\032\161\156\240\250\361\202\350\105\076\154\326\002\327\012
+\147\203\005\132\311\244\020
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "TrustCor RootCert CA-1"
-# Issuer: CN=TrustCor RootCert CA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
-# Serial Number:00:da:9b:ec:71:f3:03:b0:19
-# Subject: CN=TrustCor RootCert CA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
-# Not Valid Before: Thu Feb 04 12:32:16 2016
-# Not Valid After : Mon Dec 31 17:23:16 2029
-# Fingerprint (SHA-256): D4:0E:9C:86:CD:8F:E4:68:C1:77:69:59:F4:9E:A7:74:FA:54:86:84:B6:C4:06:F3:90:92:61:F4:DC:E2:57:5C
-# Fingerprint (SHA1): FF:BD:CD:E7:82:C8:43:5E:3C:6F:26:86:5C:CA:A8:3A:45:5B:C3:0A
+# Trust for "GlobalSign Root CA - R6"
+# Issuer: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R6
+# Serial Number:45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
+# Subject: CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R6
+# Not Valid Before: Wed Dec 10 00:00:00 2014
+# Not Valid After : Sun Dec 10 00:00:00 2034
+# Fingerprint (SHA-256): 2C:AB:EA:FE:37:D0:6C:A2:2A:BA:73:91:C0:03:3D:25:98:29:52:C4:53:64:73:49:76:3A:3A:B5:AD:6C:CF:69
+# Fingerprint (SHA1): 80:94:64:0E:B5:A7:A1:CA:11:9C:1F:DD:D5:9F:81:02:63:A7:FB:D1
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TrustCor RootCert CA-1"
+CKA_LABEL UTF8 "GlobalSign Root CA - R6"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\377\275\315\347\202\310\103\136\074\157\046\206\134\312\250\072
-\105\133\303\012
+\200\224\144\016\265\247\241\312\021\234\037\335\325\237\201\002
+\143\247\373\321
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\156\205\361\334\032\000\323\042\325\262\262\254\153\067\005\105
+\117\335\007\344\324\042\144\071\036\014\067\102\352\321\306\256
END
CKA_ISSUER MULTILINE_OCTAL
-\060\201\244\061\013\060\011\006\003\125\004\006\023\002\120\101
-\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
-\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
-\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
-\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
-\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
-\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
-\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
-\150\157\162\151\164\171\061\037\060\035\006\003\125\004\003\014
-\026\124\162\165\163\164\103\157\162\040\122\157\157\164\103\145
-\162\164\040\103\101\055\061
+\060\114\061\040\060\036\006\003\125\004\013\023\027\107\154\157
+\142\141\154\123\151\147\156\040\122\157\157\164\040\103\101\040
+\055\040\122\066\061\023\060\021\006\003\125\004\012\023\012\107
+\154\157\142\141\154\123\151\147\156\061\023\060\021\006\003\125
+\004\003\023\012\107\154\157\142\141\154\123\151\147\156
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\011\000\332\233\354\161\363\003\260\031
+\002\016\105\346\273\003\203\063\303\205\145\110\346\377\105\121
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
@@ -22041,190 +21999,119 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "TrustCor RootCert CA-2"
+# Certificate "OISTE WISeKey Global Root GC CA"
#
-# Issuer: CN=TrustCor RootCert CA-2,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
-# Serial Number:25:a1:df:ca:33:cb:59:02
-# Subject: CN=TrustCor RootCert CA-2,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
-# Not Valid Before: Thu Feb 04 12:32:23 2016
-# Not Valid After : Sun Dec 31 17:26:39 2034
-# Fingerprint (SHA-256): 07:53:E9:40:37:8C:1B:D5:E3:83:6E:39:5D:AE:A5:CB:83:9E:50:46:F1:BD:0E:AE:19:51:CF:10:FE:C7:C9:65
-# Fingerprint (SHA1): B8:BE:6D:CB:56:F1:55:B9:63:D4:12:CA:4E:06:34:C7:94:B2:1C:C0
+# Issuer: CN=OISTE WISeKey Global Root GC CA,OU=OISTE Foundation Endorsed,O=WISeKey,C=CH
+# Serial Number:21:2a:56:0c:ae:da:0c:ab:40:45:bf:2b:a2:2d:3a:ea
+# Subject: CN=OISTE WISeKey Global Root GC CA,OU=OISTE Foundation Endorsed,O=WISeKey,C=CH
+# Not Valid Before: Tue May 09 09:48:34 2017
+# Not Valid After : Fri May 09 09:58:33 2042
+# Fingerprint (SHA-256): 85:60:F9:1C:36:24:DA:BA:95:70:B5:FE:A0:DB:E3:6F:F1:1A:83:23:BE:94:86:85:4F:B3:F3:4A:55:71:19:8D
+# Fingerprint (SHA1): E0:11:84:5E:34:DE:BE:88:81:B9:9C:F6:16:26:D1:96:1F:C3:B9:31
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TrustCor RootCert CA-2"
+CKA_LABEL UTF8 "OISTE WISeKey Global Root GC CA"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\201\244\061\013\060\011\006\003\125\004\006\023\002\120\101
-\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
-\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
-\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
-\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
-\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
-\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
-\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
-\150\157\162\151\164\171\061\037\060\035\006\003\125\004\003\014
-\026\124\162\165\163\164\103\157\162\040\122\157\157\164\103\145
-\162\164\040\103\101\055\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\244\061\013\060\011\006\003\125\004\006\023\002\120\101
-\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
-\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
-\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
-\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
-\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
-\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
-\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
-\150\157\162\151\164\171\061\037\060\035\006\003\125\004\003\014
-\026\124\162\165\163\164\103\157\162\040\122\157\157\164\103\145
-\162\164\040\103\101\055\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\010\045\241\337\312\063\313\131\002
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\006\057\060\202\004\027\240\003\002\001\002\002\010\045
-\241\337\312\063\313\131\002\060\015\006\011\052\206\110\206\367
-\015\001\001\013\005\000\060\201\244\061\013\060\011\006\003\125
-\004\006\023\002\120\101\061\017\060\015\006\003\125\004\010\014
-\006\120\141\156\141\155\141\061\024\060\022\006\003\125\004\007
-\014\013\120\141\156\141\155\141\040\103\151\164\171\061\044\060
-\042\006\003\125\004\012\014\033\124\162\165\163\164\103\157\162
-\040\123\171\163\164\145\155\163\040\123\056\040\144\145\040\122
-\056\114\056\061\047\060\045\006\003\125\004\013\014\036\124\162
-\165\163\164\103\157\162\040\103\145\162\164\151\146\151\143\141
-\164\145\040\101\165\164\150\157\162\151\164\171\061\037\060\035
-\006\003\125\004\003\014\026\124\162\165\163\164\103\157\162\040
-\122\157\157\164\103\145\162\164\040\103\101\055\062\060\036\027
-\015\061\066\060\062\060\064\061\062\063\062\062\063\132\027\015
-\063\064\061\062\063\061\061\067\062\066\063\071\132\060\201\244
-\061\013\060\011\006\003\125\004\006\023\002\120\101\061\017\060
-\015\006\003\125\004\010\014\006\120\141\156\141\155\141\061\024
-\060\022\006\003\125\004\007\014\013\120\141\156\141\155\141\040
-\103\151\164\171\061\044\060\042\006\003\125\004\012\014\033\124
-\162\165\163\164\103\157\162\040\123\171\163\164\145\155\163\040
-\123\056\040\144\145\040\122\056\114\056\061\047\060\045\006\003
-\125\004\013\014\036\124\162\165\163\164\103\157\162\040\103\145
-\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162
-\151\164\171\061\037\060\035\006\003\125\004\003\014\026\124\162
-\165\163\164\103\157\162\040\122\157\157\164\103\145\162\164\040
-\103\101\055\062\060\202\002\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\002\017\000\060\202\002\012
-\002\202\002\001\000\247\040\156\302\052\242\142\044\225\220\166
-\310\070\176\200\322\253\301\233\145\005\224\364\301\012\020\325
-\002\254\355\237\223\307\207\310\260\047\053\102\014\075\012\076
-\101\132\236\165\335\215\312\340\233\354\150\062\244\151\222\150
-\214\013\201\016\126\240\076\032\335\054\045\024\202\057\227\323
-\144\106\364\124\251\334\072\124\055\061\053\231\202\362\331\052
-\327\357\161\000\270\061\244\276\172\044\007\303\102\040\362\212
-\324\222\004\033\145\126\114\154\324\373\266\141\132\107\043\264
-\330\151\264\267\072\320\164\074\014\165\241\214\116\166\241\351
-\333\052\245\073\372\316\260\377\176\152\050\375\047\034\310\261
-\351\051\361\127\156\144\264\320\301\025\155\016\276\056\016\106
-\310\136\364\121\376\357\016\143\072\073\161\272\317\157\131\312
-\014\343\233\135\111\270\114\342\127\261\230\212\102\127\234\166
-\357\357\275\321\150\250\322\364\011\273\167\065\276\045\202\010
-\304\026\054\104\040\126\251\104\021\167\357\135\264\035\252\136
-\153\076\213\062\366\007\057\127\004\222\312\365\376\235\302\351
-\350\263\216\114\113\002\061\331\344\074\110\202\047\367\030\202
-\166\110\072\161\261\023\241\071\325\056\305\064\302\035\142\205
-\337\003\376\115\364\257\075\337\134\133\215\372\160\341\245\176
-\047\307\206\056\152\217\022\306\204\136\103\121\120\234\031\233
-\170\346\374\366\355\107\176\173\075\146\357\023\023\210\137\074
-\241\143\373\371\254\207\065\237\363\202\236\244\077\012\234\061
-\151\213\231\244\210\112\216\156\146\115\357\026\304\017\171\050
-\041\140\015\205\026\175\327\124\070\361\222\126\375\265\063\114
-\203\334\327\020\237\113\375\306\370\102\275\272\174\163\002\340
-\377\175\315\133\341\324\254\141\173\127\325\112\173\133\324\205
-\130\047\135\277\370\053\140\254\240\046\256\024\041\047\306\167
-\232\063\200\074\136\106\077\367\303\261\243\206\063\306\350\136
-\015\271\065\054\252\106\301\205\002\165\200\240\353\044\373\025
-\252\344\147\177\156\167\077\364\004\212\057\174\173\343\027\141
-\360\335\011\251\040\310\276\011\244\320\176\104\303\262\060\112
-\070\252\251\354\030\232\007\202\053\333\270\234\030\255\332\340
-\106\027\254\317\135\002\003\001\000\001\243\143\060\141\060\035
-\006\003\125\035\016\004\026\004\024\331\376\041\100\156\224\236
-\274\233\075\234\175\230\040\031\345\214\060\142\262\060\037\006
-\003\125\035\043\004\030\060\026\200\024\331\376\041\100\156\224
-\236\274\233\075\234\175\230\040\031\345\214\060\142\262\060\017
-\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060
-\016\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060
-\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003\202
-\002\001\000\236\105\236\014\073\266\357\341\072\310\174\321\000
-\075\317\342\352\006\265\262\072\273\006\113\150\172\320\043\227
-\164\247\054\360\010\330\171\132\327\132\204\212\330\022\232\033
-\331\175\134\115\160\305\245\371\253\345\243\211\211\335\001\372
-\354\335\371\351\222\227\333\260\106\102\363\323\142\252\225\376
-\061\147\024\151\130\220\012\252\013\356\067\043\307\120\121\264
-\365\176\236\343\173\367\344\314\102\062\055\111\014\313\377\111
-\014\233\036\064\375\156\156\226\212\171\003\266\157\333\011\313
-\375\137\145\024\067\341\070\365\363\141\026\130\344\265\155\015
-\013\004\033\077\120\055\177\263\307\172\032\026\200\140\370\212
-\037\351\033\052\306\371\272\001\032\151\277\322\130\307\124\127
-\010\217\341\071\140\167\113\254\131\204\032\210\361\335\313\117
-\170\327\347\341\063\055\374\356\101\372\040\260\276\313\367\070
-\224\300\341\320\205\017\273\355\054\163\253\355\376\222\166\032
-\144\177\133\015\063\011\007\063\173\006\077\021\244\134\160\074
-\205\300\317\343\220\250\203\167\372\333\346\305\214\150\147\020
-\147\245\122\055\360\304\231\217\177\277\321\153\342\265\107\326
-\331\320\205\231\115\224\233\017\113\215\356\000\132\107\035\021
-\003\254\101\030\257\207\267\157\014\072\217\312\317\334\003\301
-\242\011\310\345\375\200\136\310\140\102\001\033\032\123\132\273
-\067\246\267\274\272\204\351\036\154\032\324\144\332\324\103\376
-\223\213\113\362\054\171\026\020\324\223\013\210\217\241\330\206
-\024\106\221\107\233\050\044\357\127\122\116\134\102\234\252\367
-\111\354\047\350\100\036\263\246\211\042\162\234\365\015\063\264
-\130\243\060\073\335\324\152\124\223\276\032\115\363\223\224\367
-\374\204\013\077\204\040\134\064\003\104\305\332\255\274\012\301
-\002\317\036\345\224\331\363\216\133\330\114\360\235\354\141\027
-\273\024\062\124\014\002\051\223\036\222\206\366\177\357\347\222
-\005\016\131\335\231\010\056\056\372\234\000\122\323\305\146\051
-\344\247\227\104\244\016\050\201\023\065\305\366\157\144\346\101
-\304\325\057\314\064\105\045\317\101\000\226\075\112\056\302\226
-\230\117\116\112\234\227\267\333\037\222\062\310\377\017\121\156
-\326\354\011
+\060\155\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\020\060\016\006\003\125\004\012\023\007\127\111\123\145\113\145
+\171\061\042\060\040\006\003\125\004\013\023\031\117\111\123\124
+\105\040\106\157\165\156\144\141\164\151\157\156\040\105\156\144
+\157\162\163\145\144\061\050\060\046\006\003\125\004\003\023\037
+\117\111\123\124\105\040\127\111\123\145\113\145\171\040\107\154
+\157\142\141\154\040\122\157\157\164\040\107\103\040\103\101
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\155\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\020\060\016\006\003\125\004\012\023\007\127\111\123\145\113\145
+\171\061\042\060\040\006\003\125\004\013\023\031\117\111\123\124
+\105\040\106\157\165\156\144\141\164\151\157\156\040\105\156\144
+\157\162\163\145\144\061\050\060\046\006\003\125\004\003\023\037
+\117\111\123\124\105\040\127\111\123\145\113\145\171\040\107\154
+\157\142\141\154\040\122\157\157\164\040\107\103\040\103\101
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\041\052\126\014\256\332\014\253\100\105\277\053\242\055
+\072\352
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\151\060\202\001\357\240\003\002\001\002\002\020\041
+\052\126\014\256\332\014\253\100\105\277\053\242\055\072\352\060
+\012\006\010\052\206\110\316\075\004\003\003\060\155\061\013\060
+\011\006\003\125\004\006\023\002\103\110\061\020\060\016\006\003
+\125\004\012\023\007\127\111\123\145\113\145\171\061\042\060\040
+\006\003\125\004\013\023\031\117\111\123\124\105\040\106\157\165
+\156\144\141\164\151\157\156\040\105\156\144\157\162\163\145\144
+\061\050\060\046\006\003\125\004\003\023\037\117\111\123\124\105
+\040\127\111\123\145\113\145\171\040\107\154\157\142\141\154\040
+\122\157\157\164\040\107\103\040\103\101\060\036\027\015\061\067
+\060\065\060\071\060\071\064\070\063\064\132\027\015\064\062\060
+\065\060\071\060\071\065\070\063\063\132\060\155\061\013\060\011
+\006\003\125\004\006\023\002\103\110\061\020\060\016\006\003\125
+\004\012\023\007\127\111\123\145\113\145\171\061\042\060\040\006
+\003\125\004\013\023\031\117\111\123\124\105\040\106\157\165\156
+\144\141\164\151\157\156\040\105\156\144\157\162\163\145\144\061
+\050\060\046\006\003\125\004\003\023\037\117\111\123\124\105\040
+\127\111\123\145\113\145\171\040\107\154\157\142\141\154\040\122
+\157\157\164\040\107\103\040\103\101\060\166\060\020\006\007\052
+\206\110\316\075\002\001\006\005\053\201\004\000\042\003\142\000
+\004\114\351\120\300\306\017\162\030\274\330\361\272\263\211\342
+\171\112\243\026\247\153\124\044\333\121\377\352\364\011\044\303
+\013\042\237\313\152\047\202\201\015\322\300\257\061\344\164\202
+\156\312\045\331\214\165\235\361\333\320\232\242\113\041\176\026
+\247\143\220\322\071\324\261\207\170\137\030\226\017\120\033\065
+\067\017\152\306\334\331\023\115\244\216\220\067\346\275\133\061
+\221\243\124\060\122\060\016\006\003\125\035\017\001\001\377\004
+\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
+\024\110\207\024\254\343\303\236\220\140\072\327\312\211\356\323
+\255\214\264\120\146\060\020\006\011\053\006\001\004\001\202\067
+\025\001\004\003\002\001\000\060\012\006\010\052\206\110\316\075
+\004\003\003\003\150\000\060\145\002\060\046\307\151\133\334\325
+\347\262\347\310\014\214\214\303\335\171\214\033\143\325\311\122
+\224\116\115\202\112\163\036\262\200\204\251\045\300\114\132\155
+\111\051\140\170\023\342\176\110\353\144\002\061\000\333\064\040
+\062\010\377\232\111\002\266\210\336\024\257\135\154\231\161\215
+\032\077\213\327\340\242\066\206\034\007\202\072\166\123\375\302
+\242\355\357\173\260\200\117\130\017\113\123\071\275
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "TrustCor RootCert CA-2"
-# Issuer: CN=TrustCor RootCert CA-2,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
-# Serial Number:25:a1:df:ca:33:cb:59:02
-# Subject: CN=TrustCor RootCert CA-2,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
-# Not Valid Before: Thu Feb 04 12:32:23 2016
-# Not Valid After : Sun Dec 31 17:26:39 2034
-# Fingerprint (SHA-256): 07:53:E9:40:37:8C:1B:D5:E3:83:6E:39:5D:AE:A5:CB:83:9E:50:46:F1:BD:0E:AE:19:51:CF:10:FE:C7:C9:65
-# Fingerprint (SHA1): B8:BE:6D:CB:56:F1:55:B9:63:D4:12:CA:4E:06:34:C7:94:B2:1C:C0
+# Trust for "OISTE WISeKey Global Root GC CA"
+# Issuer: CN=OISTE WISeKey Global Root GC CA,OU=OISTE Foundation Endorsed,O=WISeKey,C=CH
+# Serial Number:21:2a:56:0c:ae:da:0c:ab:40:45:bf:2b:a2:2d:3a:ea
+# Subject: CN=OISTE WISeKey Global Root GC CA,OU=OISTE Foundation Endorsed,O=WISeKey,C=CH
+# Not Valid Before: Tue May 09 09:48:34 2017
+# Not Valid After : Fri May 09 09:58:33 2042
+# Fingerprint (SHA-256): 85:60:F9:1C:36:24:DA:BA:95:70:B5:FE:A0:DB:E3:6F:F1:1A:83:23:BE:94:86:85:4F:B3:F3:4A:55:71:19:8D
+# Fingerprint (SHA1): E0:11:84:5E:34:DE:BE:88:81:B9:9C:F6:16:26:D1:96:1F:C3:B9:31
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TrustCor RootCert CA-2"
+CKA_LABEL UTF8 "OISTE WISeKey Global Root GC CA"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\270\276\155\313\126\361\125\271\143\324\022\312\116\006\064\307
-\224\262\034\300
+\340\021\204\136\064\336\276\210\201\271\234\366\026\046\321\226
+\037\303\271\061
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\242\341\370\030\013\272\105\325\307\101\052\273\067\122\105\144
+\251\326\271\055\057\223\144\370\245\151\312\221\351\150\007\043
END
CKA_ISSUER MULTILINE_OCTAL
-\060\201\244\061\013\060\011\006\003\125\004\006\023\002\120\101
-\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
-\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
-\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
-\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
-\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
-\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
-\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
-\150\157\162\151\164\171\061\037\060\035\006\003\125\004\003\014
-\026\124\162\165\163\164\103\157\162\040\122\157\157\164\103\145
-\162\164\040\103\101\055\062
+\060\155\061\013\060\011\006\003\125\004\006\023\002\103\110\061
+\020\060\016\006\003\125\004\012\023\007\127\111\123\145\113\145
+\171\061\042\060\040\006\003\125\004\013\023\031\117\111\123\124
+\105\040\106\157\165\156\144\141\164\151\157\156\040\105\156\144
+\157\162\163\145\144\061\050\060\046\006\003\125\004\003\023\037
+\117\111\123\124\105\040\127\111\123\145\113\145\171\040\107\154
+\157\142\141\154\040\122\157\157\164\040\107\103\040\103\101
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\010\045\241\337\312\063\313\131\002
+\002\020\041\052\126\014\256\332\014\253\100\105\277\053\242\055
+\072\352
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
@@ -22232,455 +22119,694 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "TrustCor ECA-1"
+# Certificate "GTS Root R1"
#
-# Issuer: CN=TrustCor ECA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
-# Serial Number:00:84:82:2c:5f:1c:62:d0:40
-# Subject: CN=TrustCor ECA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
-# Not Valid Before: Thu Feb 04 12:32:33 2016
-# Not Valid After : Mon Dec 31 17:28:07 2029
-# Fingerprint (SHA-256): 5A:88:5D:B1:9C:01:D9:12:C5:75:93:88:93:8C:AF:BB:DF:03:1A:B2:D4:8E:91:EE:15:58:9B:42:97:1D:03:9C
-# Fingerprint (SHA1): 58:D1:DF:95:95:67:6B:63:C0:F0:5B:1C:17:4D:8B:84:0B:C8:78:BD
+# Issuer: CN=GTS Root R1,O=Google Trust Services LLC,C=US
+# Serial Number:6e:47:a9:c5:4b:47:0c:0d:ec:33:d0:89:b9:1c:f4:e1
+# Subject: CN=GTS Root R1,O=Google Trust Services LLC,C=US
+# Not Valid Before: Wed Jun 22 00:00:00 2016
+# Not Valid After : Sun Jun 22 00:00:00 2036
+# Fingerprint (SHA-256): 2A:57:54:71:E3:13:40:BC:21:58:1C:BD:2C:F1:3E:15:84:63:20:3E:CE:94:BC:F9:D3:CC:19:6B:F0:9A:54:72
+# Fingerprint (SHA1): E1:C9:50:E6:EF:22:F8:4C:56:45:72:8B:92:20:60:D7:D5:A7:A3:E8
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TrustCor ECA-1"
+CKA_LABEL UTF8 "GTS Root R1"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\201\234\061\013\060\011\006\003\125\004\006\023\002\120\101
-\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
-\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
-\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
-\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
-\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
-\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
-\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
-\150\157\162\151\164\171\061\027\060\025\006\003\125\004\003\014
-\016\124\162\165\163\164\103\157\162\040\105\103\101\055\061
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\042\060\040\006\003\125\004\012\023\031\107\157\157\147\154\145
+\040\124\162\165\163\164\040\123\145\162\166\151\143\145\163\040
+\114\114\103\061\024\060\022\006\003\125\004\003\023\013\107\124
+\123\040\122\157\157\164\040\122\061
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\201\234\061\013\060\011\006\003\125\004\006\023\002\120\101
-\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
-\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
-\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
-\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
-\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
-\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
-\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
-\150\157\162\151\164\171\061\027\060\025\006\003\125\004\003\014
-\016\124\162\165\163\164\103\157\162\040\105\103\101\055\061
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\042\060\040\006\003\125\004\012\023\031\107\157\157\147\154\145
+\040\124\162\165\163\164\040\123\145\162\166\151\143\145\163\040
+\114\114\103\061\024\060\022\006\003\125\004\003\023\013\107\124
+\123\040\122\157\157\164\040\122\061
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\011\000\204\202\054\137\034\142\320\100
+\002\020\156\107\251\305\113\107\014\015\354\063\320\211\271\034
+\364\341
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\004\040\060\202\003\010\240\003\002\001\002\002\011\000
-\204\202\054\137\034\142\320\100\060\015\006\011\052\206\110\206
-\367\015\001\001\013\005\000\060\201\234\061\013\060\011\006\003
-\125\004\006\023\002\120\101\061\017\060\015\006\003\125\004\010
-\014\006\120\141\156\141\155\141\061\024\060\022\006\003\125\004
-\007\014\013\120\141\156\141\155\141\040\103\151\164\171\061\044
-\060\042\006\003\125\004\012\014\033\124\162\165\163\164\103\157
-\162\040\123\171\163\164\145\155\163\040\123\056\040\144\145\040
-\122\056\114\056\061\047\060\045\006\003\125\004\013\014\036\124
-\162\165\163\164\103\157\162\040\103\145\162\164\151\146\151\143
-\141\164\145\040\101\165\164\150\157\162\151\164\171\061\027\060
-\025\006\003\125\004\003\014\016\124\162\165\163\164\103\157\162
-\040\105\103\101\055\061\060\036\027\015\061\066\060\062\060\064
-\061\062\063\062\063\063\132\027\015\062\071\061\062\063\061\061
-\067\062\070\060\067\132\060\201\234\061\013\060\011\006\003\125
-\004\006\023\002\120\101\061\017\060\015\006\003\125\004\010\014
-\006\120\141\156\141\155\141\061\024\060\022\006\003\125\004\007
-\014\013\120\141\156\141\155\141\040\103\151\164\171\061\044\060
-\042\006\003\125\004\012\014\033\124\162\165\163\164\103\157\162
-\040\123\171\163\164\145\155\163\040\123\056\040\144\145\040\122
-\056\114\056\061\047\060\045\006\003\125\004\013\014\036\124\162
-\165\163\164\103\157\162\040\103\145\162\164\151\146\151\143\141
-\164\145\040\101\165\164\150\157\162\151\164\171\061\027\060\025
-\006\003\125\004\003\014\016\124\162\165\163\164\103\157\162\040
-\105\103\101\055\061\060\202\001\042\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
-\012\002\202\001\001\000\317\217\340\021\265\237\250\166\166\333
-\337\017\124\357\163\143\051\202\255\107\306\243\153\355\376\137
-\063\370\103\121\351\032\063\221\061\027\240\164\304\324\247\001
-\346\262\222\076\152\235\355\016\371\164\230\100\323\077\003\200
-\006\202\100\350\261\342\247\121\247\035\203\046\153\253\336\372
-\027\221\053\330\306\254\036\261\236\031\001\325\227\246\352\015
-\267\304\125\037\047\174\322\010\325\166\037\051\025\207\100\071
-\335\070\105\021\165\320\232\247\064\340\277\315\310\122\035\271
-\107\176\015\270\273\306\014\366\163\127\026\132\176\103\221\037
-\125\072\306\155\104\004\252\234\251\234\247\114\211\027\203\256
-\243\004\136\122\200\213\036\022\045\021\031\327\014\175\175\061
-\104\101\352\333\257\260\034\357\201\320\054\305\232\041\233\075
-\355\102\073\120\046\362\354\316\161\141\006\142\041\124\116\177
-\301\235\076\177\040\214\200\313\052\330\227\142\310\203\063\221
-\175\260\242\132\017\127\350\073\314\362\045\262\324\174\057\354
-\115\306\241\072\025\172\347\266\135\065\365\366\110\112\066\105
-\146\324\272\230\130\301\002\003\001\000\001\243\143\060\141\060
-\035\006\003\125\035\016\004\026\004\024\104\236\110\365\314\155
-\110\324\240\113\177\376\131\044\057\203\227\231\232\206\060\037
-\006\003\125\035\043\004\030\060\026\200\024\104\236\110\365\314
-\155\110\324\240\113\177\376\131\044\057\203\227\231\232\206\060
-\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
-\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\206
-\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\003
-\202\001\001\000\005\076\065\134\025\160\233\311\307\163\141\157
-\162\053\324\302\217\362\103\135\002\316\304\224\271\224\021\203
-\147\135\342\147\154\165\166\277\273\014\252\066\306\255\107\223
-\143\334\036\176\326\336\056\376\351\031\062\070\003\177\024\366
-\000\163\054\131\261\041\006\341\373\254\030\225\014\243\377\231
-\226\367\053\047\233\325\044\314\035\335\301\072\340\230\104\260
-\304\344\076\167\261\163\251\144\054\366\034\001\174\077\135\105
-\205\300\205\347\045\217\225\334\027\363\074\237\032\156\260\312
-\343\035\052\351\114\143\372\044\141\142\326\332\176\266\034\154
-\365\002\035\324\052\335\125\220\353\052\021\107\074\056\136\164
-\262\202\042\245\175\123\037\105\354\047\221\175\347\042\026\350
-\300\150\066\330\306\361\117\200\104\062\371\341\321\321\035\252
-\336\250\253\234\004\257\255\040\016\144\230\115\245\153\300\110
-\130\226\151\115\334\007\214\121\223\242\337\237\017\075\213\140
-\264\202\215\252\010\116\142\105\340\371\013\322\340\340\074\133
-\336\134\161\047\045\302\346\003\201\213\020\123\343\307\125\242
-\264\237\327\346
+\060\202\005\132\060\202\003\102\240\003\002\001\002\002\020\156
+\107\251\305\113\107\014\015\354\063\320\211\271\034\364\341\060
+\015\006\011\052\206\110\206\367\015\001\001\014\005\000\060\107
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\042\060
+\040\006\003\125\004\012\023\031\107\157\157\147\154\145\040\124
+\162\165\163\164\040\123\145\162\166\151\143\145\163\040\114\114
+\103\061\024\060\022\006\003\125\004\003\023\013\107\124\123\040
+\122\157\157\164\040\122\061\060\036\027\015\061\066\060\066\062
+\062\060\060\060\060\060\060\132\027\015\063\066\060\066\062\062
+\060\060\060\060\060\060\132\060\107\061\013\060\011\006\003\125
+\004\006\023\002\125\123\061\042\060\040\006\003\125\004\012\023
+\031\107\157\157\147\154\145\040\124\162\165\163\164\040\123\145
+\162\166\151\143\145\163\040\114\114\103\061\024\060\022\006\003
+\125\004\003\023\013\107\124\123\040\122\157\157\164\040\122\061
+\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001
+\000\266\021\002\213\036\343\241\167\233\073\334\277\224\076\267
+\225\247\100\074\241\375\202\371\175\062\006\202\161\366\366\214
+\177\373\350\333\274\152\056\227\227\243\214\113\371\053\366\261
+\371\316\204\035\261\371\305\227\336\357\271\362\243\351\274\022
+\211\136\247\252\122\253\370\043\047\313\244\261\234\143\333\327
+\231\176\360\012\136\353\150\246\364\306\132\107\015\115\020\063
+\343\116\261\023\243\310\030\154\113\354\374\011\220\337\235\144
+\051\045\043\007\241\264\322\075\056\140\340\317\322\011\207\273
+\315\110\360\115\302\302\172\210\212\273\272\317\131\031\326\257
+\217\260\007\260\236\061\361\202\301\300\337\056\246\155\154\031
+\016\265\330\176\046\032\105\003\075\260\171\244\224\050\255\017
+\177\046\345\250\010\376\226\350\074\150\224\123\356\203\072\210
+\053\025\226\011\262\340\172\214\056\165\326\234\353\247\126\144
+\217\226\117\150\256\075\227\302\204\217\300\274\100\300\013\134
+\275\366\207\263\065\154\254\030\120\177\204\340\114\315\222\323
+\040\351\063\274\122\231\257\062\265\051\263\045\052\264\110\371
+\162\341\312\144\367\346\202\020\215\350\235\302\212\210\372\070
+\146\212\374\143\371\001\371\170\375\173\134\167\372\166\207\372
+\354\337\261\016\171\225\127\264\275\046\357\326\001\321\353\026
+\012\273\216\013\265\305\305\212\125\253\323\254\352\221\113\051
+\314\031\244\062\045\116\052\361\145\104\320\002\316\252\316\111
+\264\352\237\174\203\260\100\173\347\103\253\247\154\243\217\175
+\211\201\372\114\245\377\325\216\303\316\113\340\265\330\263\216
+\105\317\166\300\355\100\053\375\123\017\260\247\325\073\015\261
+\212\242\003\336\061\255\314\167\352\157\173\076\326\337\221\042
+\022\346\276\372\330\062\374\020\143\024\121\162\336\135\326\026
+\223\275\051\150\063\357\072\146\354\007\212\046\337\023\327\127
+\145\170\047\336\136\111\024\000\242\000\177\232\250\041\266\251
+\261\225\260\245\271\015\026\021\332\307\154\110\074\100\340\176
+\015\132\315\126\074\321\227\005\271\313\113\355\071\113\234\304
+\077\322\125\023\156\044\260\326\161\372\364\301\272\314\355\033
+\365\376\201\101\330\000\230\075\072\310\256\172\230\067\030\005
+\225\002\003\001\000\001\243\102\060\100\060\016\006\003\125\035
+\017\001\001\377\004\004\003\002\001\006\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\035\006\003\125
+\035\016\004\026\004\024\344\257\053\046\161\032\053\110\047\205
+\057\122\146\054\357\360\211\023\161\076\060\015\006\011\052\206
+\110\206\367\015\001\001\014\005\000\003\202\002\001\000\070\226
+\012\356\075\264\226\036\137\357\235\234\013\063\237\053\340\312
+\375\322\216\012\037\101\164\245\174\252\204\324\345\362\036\346
+\067\122\062\234\013\321\141\035\277\050\301\266\104\051\065\165
+\167\230\262\174\331\275\164\254\212\150\343\251\061\011\051\001
+\140\163\343\107\174\123\250\220\112\047\357\113\327\237\223\347
+\202\066\316\232\150\014\202\347\317\324\020\026\157\137\016\231
+\134\366\037\161\175\357\357\173\057\176\352\066\326\227\160\013
+\025\356\327\134\126\152\063\245\343\111\070\014\270\175\373\215
+\205\244\261\131\136\364\152\341\335\241\366\144\104\256\346\121
+\203\041\146\306\021\076\363\316\107\356\234\050\037\045\332\377
+\254\146\225\335\065\017\134\357\040\054\142\375\221\272\251\314
+\374\132\234\223\201\203\051\227\112\174\132\162\264\071\320\267
+\167\313\171\375\151\072\222\067\355\156\070\145\106\176\351\140
+\275\171\210\227\137\070\022\364\356\257\133\202\310\206\325\341
+\231\155\214\004\362\166\272\111\366\156\351\155\036\137\240\357
+\047\202\166\100\370\246\323\130\134\017\054\102\332\102\306\173
+\210\064\307\301\330\105\233\301\076\305\141\035\331\143\120\111
+\366\064\205\152\340\030\305\156\107\253\101\102\051\233\366\140
+\015\322\061\323\143\230\043\223\132\000\201\110\264\357\315\212
+\315\311\317\231\356\331\236\252\066\341\150\113\161\111\024\066
+\050\072\075\035\316\232\217\045\346\200\161\141\053\265\173\314
+\371\045\026\201\341\061\137\241\243\176\026\244\234\026\152\227
+\030\275\166\162\245\013\236\035\066\346\057\241\057\276\160\221
+\017\250\346\332\370\304\222\100\154\045\176\173\263\011\334\262
+\027\255\200\104\360\150\245\217\224\165\377\164\132\350\250\002
+\174\014\011\342\251\113\013\240\205\013\142\271\357\241\061\222
+\373\357\366\121\004\211\154\350\251\164\241\273\027\263\265\375
+\111\017\174\074\354\203\030\040\103\116\325\223\272\264\064\261
+\037\026\066\037\014\346\144\071\026\114\334\340\376\035\310\251
+\142\075\100\352\312\305\064\002\264\256\211\210\063\065\334\054
+\023\163\330\047\361\320\162\356\165\073\042\336\230\150\146\133
+\361\306\143\107\125\034\272\245\010\121\165\246\110\045
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "TrustCor ECA-1"
-# Issuer: CN=TrustCor ECA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
-# Serial Number:00:84:82:2c:5f:1c:62:d0:40
-# Subject: CN=TrustCor ECA-1,OU=TrustCor Certificate Authority,O=TrustCor Systems S. de R.L.,L=Panama City,ST=Panama,C=PA
-# Not Valid Before: Thu Feb 04 12:32:33 2016
-# Not Valid After : Mon Dec 31 17:28:07 2029
-# Fingerprint (SHA-256): 5A:88:5D:B1:9C:01:D9:12:C5:75:93:88:93:8C:AF:BB:DF:03:1A:B2:D4:8E:91:EE:15:58:9B:42:97:1D:03:9C
-# Fingerprint (SHA1): 58:D1:DF:95:95:67:6B:63:C0:F0:5B:1C:17:4D:8B:84:0B:C8:78:BD
+# Trust for "GTS Root R1"
+# Issuer: CN=GTS Root R1,O=Google Trust Services LLC,C=US
+# Serial Number:6e:47:a9:c5:4b:47:0c:0d:ec:33:d0:89:b9:1c:f4:e1
+# Subject: CN=GTS Root R1,O=Google Trust Services LLC,C=US
+# Not Valid Before: Wed Jun 22 00:00:00 2016
+# Not Valid After : Sun Jun 22 00:00:00 2036
+# Fingerprint (SHA-256): 2A:57:54:71:E3:13:40:BC:21:58:1C:BD:2C:F1:3E:15:84:63:20:3E:CE:94:BC:F9:D3:CC:19:6B:F0:9A:54:72
+# Fingerprint (SHA1): E1:C9:50:E6:EF:22:F8:4C:56:45:72:8B:92:20:60:D7:D5:A7:A3:E8
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TrustCor ECA-1"
+CKA_LABEL UTF8 "GTS Root R1"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\130\321\337\225\225\147\153\143\300\360\133\034\027\115\213\204
-\013\310\170\275
+\341\311\120\346\357\042\370\114\126\105\162\213\222\040\140\327
+\325\247\243\350
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\047\222\043\035\012\365\100\174\351\346\153\235\330\365\347\154
+\202\032\357\324\322\112\362\237\342\075\227\006\024\160\162\205
END
CKA_ISSUER MULTILINE_OCTAL
-\060\201\234\061\013\060\011\006\003\125\004\006\023\002\120\101
-\061\017\060\015\006\003\125\004\010\014\006\120\141\156\141\155
-\141\061\024\060\022\006\003\125\004\007\014\013\120\141\156\141
-\155\141\040\103\151\164\171\061\044\060\042\006\003\125\004\012
-\014\033\124\162\165\163\164\103\157\162\040\123\171\163\164\145
-\155\163\040\123\056\040\144\145\040\122\056\114\056\061\047\060
-\045\006\003\125\004\013\014\036\124\162\165\163\164\103\157\162
-\040\103\145\162\164\151\146\151\143\141\164\145\040\101\165\164
-\150\157\162\151\164\171\061\027\060\025\006\003\125\004\003\014
-\016\124\162\165\163\164\103\157\162\040\105\103\101\055\061
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\042\060\040\006\003\125\004\012\023\031\107\157\157\147\154\145
+\040\124\162\165\163\164\040\123\145\162\166\151\143\145\163\040
+\114\114\103\061\024\060\022\006\003\125\004\003\023\013\107\124
+\123\040\122\157\157\164\040\122\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\156\107\251\305\113\107\014\015\354\063\320\211\271\034
+\364\341
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GTS Root R2"
+#
+# Issuer: CN=GTS Root R2,O=Google Trust Services LLC,C=US
+# Serial Number:6e:47:a9:c6:5a:b3:e7:20:c5:30:9a:3f:68:52:f2:6f
+# Subject: CN=GTS Root R2,O=Google Trust Services LLC,C=US
+# Not Valid Before: Wed Jun 22 00:00:00 2016
+# Not Valid After : Sun Jun 22 00:00:00 2036
+# Fingerprint (SHA-256): C4:5D:7B:B0:8E:6D:67:E6:2E:42:35:11:0B:56:4E:5F:78:FD:92:EF:05:8C:84:0A:EA:4E:64:55:D7:58:5C:60
+# Fingerprint (SHA1): D2:73:96:2A:2A:5E:39:9F:73:3F:E1:C7:1E:64:3F:03:38:34:FC:4D
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GTS Root R2"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\042\060\040\006\003\125\004\012\023\031\107\157\157\147\154\145
+\040\124\162\165\163\164\040\123\145\162\166\151\143\145\163\040
+\114\114\103\061\024\060\022\006\003\125\004\003\023\013\107\124
+\123\040\122\157\157\164\040\122\062
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\042\060\040\006\003\125\004\012\023\031\107\157\157\147\154\145
+\040\124\162\165\163\164\040\123\145\162\166\151\143\145\163\040
+\114\114\103\061\024\060\022\006\003\125\004\003\023\013\107\124
+\123\040\122\157\157\164\040\122\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\156\107\251\306\132\263\347\040\305\060\232\077\150\122
+\362\157
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\005\132\060\202\003\102\240\003\002\001\002\002\020\156
+\107\251\306\132\263\347\040\305\060\232\077\150\122\362\157\060
+\015\006\011\052\206\110\206\367\015\001\001\014\005\000\060\107
+\061\013\060\011\006\003\125\004\006\023\002\125\123\061\042\060
+\040\006\003\125\004\012\023\031\107\157\157\147\154\145\040\124
+\162\165\163\164\040\123\145\162\166\151\143\145\163\040\114\114
+\103\061\024\060\022\006\003\125\004\003\023\013\107\124\123\040
+\122\157\157\164\040\122\062\060\036\027\015\061\066\060\066\062
+\062\060\060\060\060\060\060\132\027\015\063\066\060\066\062\062
+\060\060\060\060\060\060\132\060\107\061\013\060\011\006\003\125
+\004\006\023\002\125\123\061\042\060\040\006\003\125\004\012\023
+\031\107\157\157\147\154\145\040\124\162\165\163\164\040\123\145
+\162\166\151\143\145\163\040\114\114\103\061\024\060\022\006\003
+\125\004\003\023\013\107\124\123\040\122\157\157\164\040\122\062
+\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001
+\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001
+\000\316\336\375\246\373\354\354\024\064\074\007\006\132\154\131
+\367\031\065\335\367\301\235\125\252\323\315\073\244\223\162\357
+\012\372\155\235\366\360\205\200\133\241\110\122\237\071\305\267
+\356\050\254\357\313\166\150\024\271\337\255\001\154\231\037\304
+\042\035\237\376\162\167\340\054\133\257\344\004\277\117\162\240
+\032\064\230\350\071\150\354\225\045\173\166\241\346\151\271\205
+\031\275\211\214\376\255\355\066\352\163\274\377\203\342\313\175
+\301\322\316\112\263\215\005\236\213\111\223\337\301\133\320\156
+\136\360\056\060\056\202\374\372\274\264\027\012\110\345\210\233
+\305\233\153\336\260\312\264\003\360\332\364\220\270\145\144\367
+\134\114\255\350\176\146\136\231\327\270\302\076\310\320\023\235
+\255\356\344\105\173\211\125\367\212\037\142\122\204\022\263\302
+\100\227\343\212\037\107\221\246\164\132\322\370\261\143\050\020
+\270\263\011\270\126\167\100\242\046\230\171\306\376\337\045\356
+\076\345\240\177\324\141\017\121\113\074\077\214\332\341\160\164
+\330\302\150\241\371\301\014\351\241\342\177\273\125\074\166\006
+\356\152\116\314\222\210\060\115\232\275\117\013\110\232\204\265
+\230\243\325\373\163\301\127\141\335\050\126\165\023\256\207\216
+\347\014\121\011\020\165\210\114\274\215\371\173\074\324\042\110
+\037\052\334\353\153\273\104\261\313\063\161\062\106\257\255\112
+\361\214\350\164\072\254\347\032\042\163\200\322\060\367\045\102
+\307\042\073\073\022\255\226\056\306\303\166\007\252\040\267\065
+\111\127\351\222\111\350\166\026\162\061\147\053\226\176\212\243
+\307\224\126\042\277\152\113\176\001\041\262\043\062\337\344\232
+\104\155\131\133\135\365\000\240\034\233\306\170\227\215\220\377
+\233\310\252\264\257\021\121\071\136\331\373\147\255\325\133\021
+\235\062\232\033\275\325\272\133\245\311\313\045\151\123\125\047
+\134\340\312\066\313\210\141\373\036\267\320\313\356\026\373\323
+\246\114\336\222\245\324\342\337\365\006\124\336\056\235\113\264
+\223\060\252\201\316\335\032\334\121\163\015\117\160\351\345\266
+\026\041\031\171\262\346\211\013\165\144\312\325\253\274\011\301
+\030\241\377\324\124\241\205\074\375\024\044\003\262\207\323\244
+\267\002\003\001\000\001\243\102\060\100\060\016\006\003\125\035
+\017\001\001\377\004\004\003\002\001\006\060\017\006\003\125\035
+\023\001\001\377\004\005\060\003\001\001\377\060\035\006\003\125
+\035\016\004\026\004\024\273\377\312\216\043\237\117\231\312\333
+\342\150\246\245\025\047\027\036\331\016\060\015\006\011\052\206
+\110\206\367\015\001\001\014\005\000\003\202\002\001\000\266\151
+\360\246\167\376\236\356\013\201\255\341\300\251\307\371\065\035
+\100\202\253\346\004\264\337\313\367\035\017\203\360\176\023\115
+\215\214\356\343\063\042\303\071\374\100\337\156\101\113\102\123
+\276\026\210\361\322\070\136\304\150\231\034\230\122\223\214\347
+\150\355\033\152\163\172\005\100\115\177\145\073\326\130\361\316
+\203\107\140\343\377\227\251\234\140\167\030\125\265\176\010\223
+\317\320\366\074\147\003\025\141\011\371\201\171\365\354\123\244
+\237\311\217\001\213\163\304\167\166\334\203\242\365\014\111\032
+\250\166\336\222\233\144\370\263\054\305\047\323\007\300\010\200
+\244\230\222\343\001\226\002\252\002\356\217\073\305\321\155\012
+\063\060\163\170\271\117\124\026\277\013\007\241\244\134\346\313
+\311\134\204\217\017\340\025\167\054\176\046\176\332\304\113\333
+\247\026\167\007\260\315\165\350\162\102\326\225\204\235\206\203
+\362\344\220\315\011\107\324\213\003\160\332\132\306\003\102\364
+\355\067\242\360\033\120\124\113\016\330\204\336\031\050\231\201
+\107\256\011\033\077\110\321\303\157\342\260\140\027\365\356\043
+\002\245\332\000\133\155\220\253\356\242\351\033\073\351\307\104
+\047\105\216\153\237\365\244\204\274\167\371\153\227\254\076\121
+\105\242\021\246\314\205\356\012\150\362\076\120\070\172\044\142
+\036\027\040\067\155\152\115\267\011\233\311\374\244\130\365\266
+\373\234\116\030\273\225\002\347\241\255\233\007\356\066\153\044
+\322\071\206\301\223\203\120\322\201\106\250\137\142\127\054\273
+\154\144\210\010\156\357\023\124\137\335\055\304\147\143\323\317
+\211\067\277\235\040\364\373\172\203\233\240\036\201\000\120\302
+\344\014\042\131\122\020\355\103\126\207\000\370\024\122\247\035
+\213\223\214\242\115\106\177\047\306\161\233\044\336\344\332\206
+\213\015\176\153\040\301\300\236\341\145\330\152\243\246\350\205
+\213\072\007\010\034\272\365\217\125\232\030\165\176\345\354\201
+\146\321\041\163\241\065\104\013\200\075\133\234\136\157\052\027
+\226\321\203\043\210\146\155\346\206\342\160\062\057\122\042\347
+\310\347\177\304\054\140\135\057\303\257\236\105\005\303\204\002
+\267\375\054\010\122\117\202\335\243\360\324\206\011\002
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+
+# Trust for "GTS Root R2"
+# Issuer: CN=GTS Root R2,O=Google Trust Services LLC,C=US
+# Serial Number:6e:47:a9:c6:5a:b3:e7:20:c5:30:9a:3f:68:52:f2:6f
+# Subject: CN=GTS Root R2,O=Google Trust Services LLC,C=US
+# Not Valid Before: Wed Jun 22 00:00:00 2016
+# Not Valid After : Sun Jun 22 00:00:00 2036
+# Fingerprint (SHA-256): C4:5D:7B:B0:8E:6D:67:E6:2E:42:35:11:0B:56:4E:5F:78:FD:92:EF:05:8C:84:0A:EA:4E:64:55:D7:58:5C:60
+# Fingerprint (SHA1): D2:73:96:2A:2A:5E:39:9F:73:3F:E1:C7:1E:64:3F:03:38:34:FC:4D
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GTS Root R2"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\322\163\226\052\052\136\071\237\163\077\341\307\036\144\077\003
+\070\064\374\115
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\104\355\232\016\244\011\073\000\362\256\114\243\306\141\260\213
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\042\060\040\006\003\125\004\012\023\031\107\157\157\147\154\145
+\040\124\162\165\163\164\040\123\145\162\166\151\143\145\163\040
+\114\114\103\061\024\060\022\006\003\125\004\003\023\013\107\124
+\123\040\122\157\157\164\040\122\062
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\156\107\251\306\132\263\347\040\305\060\232\077\150\122
+\362\157
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "GTS Root R3"
+#
+# Issuer: CN=GTS Root R3,O=Google Trust Services LLC,C=US
+# Serial Number:6e:47:a9:c7:6c:a9:73:24:40:89:0f:03:55:dd:8d:1d
+# Subject: CN=GTS Root R3,O=Google Trust Services LLC,C=US
+# Not Valid Before: Wed Jun 22 00:00:00 2016
+# Not Valid After : Sun Jun 22 00:00:00 2036
+# Fingerprint (SHA-256): 15:D5:B8:77:46:19:EA:7D:54:CE:1C:A6:D0:B0:C4:03:E0:37:A9:17:F1:31:E8:A0:4E:1E:6B:7A:71:BA:BC:E5
+# Fingerprint (SHA1): 30:D4:24:6F:07:FF:DB:91:89:8A:0B:E9:49:66:11:EB:8C:5E:46:E5
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GTS Root R3"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\042\060\040\006\003\125\004\012\023\031\107\157\157\147\154\145
+\040\124\162\165\163\164\040\123\145\162\166\151\143\145\163\040
+\114\114\103\061\024\060\022\006\003\125\004\003\023\013\107\124
+\123\040\122\157\157\164\040\122\063
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\042\060\040\006\003\125\004\012\023\031\107\157\157\147\154\145
+\040\124\162\165\163\164\040\123\145\162\166\151\143\145\163\040
+\114\114\103\061\024\060\022\006\003\125\004\003\023\013\107\124
+\123\040\122\157\157\164\040\122\063
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\156\107\251\307\154\251\163\044\100\211\017\003\125\335
+\215\035
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\014\060\202\001\221\240\003\002\001\002\002\020\156
+\107\251\307\154\251\163\044\100\211\017\003\125\335\215\035\060
+\012\006\010\052\206\110\316\075\004\003\003\060\107\061\013\060
+\011\006\003\125\004\006\023\002\125\123\061\042\060\040\006\003
+\125\004\012\023\031\107\157\157\147\154\145\040\124\162\165\163
+\164\040\123\145\162\166\151\143\145\163\040\114\114\103\061\024
+\060\022\006\003\125\004\003\023\013\107\124\123\040\122\157\157
+\164\040\122\063\060\036\027\015\061\066\060\066\062\062\060\060
+\060\060\060\060\132\027\015\063\066\060\066\062\062\060\060\060
+\060\060\060\132\060\107\061\013\060\011\006\003\125\004\006\023
+\002\125\123\061\042\060\040\006\003\125\004\012\023\031\107\157
+\157\147\154\145\040\124\162\165\163\164\040\123\145\162\166\151
+\143\145\163\040\114\114\103\061\024\060\022\006\003\125\004\003
+\023\013\107\124\123\040\122\157\157\164\040\122\063\060\166\060
+\020\006\007\052\206\110\316\075\002\001\006\005\053\201\004\000
+\042\003\142\000\004\037\117\063\207\063\051\212\241\204\336\313
+\307\041\130\101\211\352\126\235\053\113\205\306\035\114\047\274
+\177\046\121\162\157\342\237\326\243\312\314\105\024\106\213\255
+\357\176\206\214\354\261\176\057\377\251\161\235\030\204\105\004
+\101\125\156\053\352\046\177\273\220\001\343\113\031\272\344\124
+\226\105\011\261\325\154\221\104\255\204\023\216\232\214\015\200
+\014\062\366\340\047\243\102\060\100\060\016\006\003\125\035\017
+\001\001\377\004\004\003\002\001\006\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\035\006\003\125\035
+\016\004\026\004\024\301\361\046\272\240\055\256\205\201\317\323
+\361\052\022\275\270\012\147\375\274\060\012\006\010\052\206\110
+\316\075\004\003\003\003\151\000\060\146\002\061\000\200\133\244
+\174\043\300\225\245\054\334\276\211\157\043\271\243\335\145\000
+\122\136\221\254\310\235\162\164\202\123\013\175\251\100\275\150
+\140\305\341\270\124\073\301\066\027\045\330\301\275\002\061\000
+\236\065\222\164\205\045\121\365\044\354\144\122\044\120\245\037
+\333\350\313\311\166\354\354\202\156\365\205\030\123\350\270\343
+\232\051\252\226\323\203\043\311\244\173\141\263\314\002\350\135
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+
+# Trust for "GTS Root R3"
+# Issuer: CN=GTS Root R3,O=Google Trust Services LLC,C=US
+# Serial Number:6e:47:a9:c7:6c:a9:73:24:40:89:0f:03:55:dd:8d:1d
+# Subject: CN=GTS Root R3,O=Google Trust Services LLC,C=US
+# Not Valid Before: Wed Jun 22 00:00:00 2016
+# Not Valid After : Sun Jun 22 00:00:00 2036
+# Fingerprint (SHA-256): 15:D5:B8:77:46:19:EA:7D:54:CE:1C:A6:D0:B0:C4:03:E0:37:A9:17:F1:31:E8:A0:4E:1E:6B:7A:71:BA:BC:E5
+# Fingerprint (SHA1): 30:D4:24:6F:07:FF:DB:91:89:8A:0B:E9:49:66:11:EB:8C:5E:46:E5
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "GTS Root R3"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\060\324\044\157\007\377\333\221\211\212\013\351\111\146\021\353
+\214\136\106\345
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\032\171\133\153\004\122\234\135\307\164\063\033\045\232\371\045
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\042\060\040\006\003\125\004\012\023\031\107\157\157\147\154\145
+\040\124\162\165\163\164\040\123\145\162\166\151\143\145\163\040
+\114\114\103\061\024\060\022\006\003\125\004\003\023\013\107\124
+\123\040\122\157\157\164\040\122\063
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\011\000\204\202\054\137\034\142\320\100
+\002\020\156\107\251\307\154\251\163\044\100\211\017\003\125\335
+\215\035
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "SSL.com Root Certification Authority RSA"
+# Certificate "GTS Root R4"
#
-# Issuer: CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Serial Number:7b:2c:9b:d3:16:80:32:99
-# Subject: CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Not Valid Before: Fri Feb 12 17:39:39 2016
-# Not Valid After : Tue Feb 12 17:39:39 2041
-# Fingerprint (SHA-256): 85:66:6A:56:2E:E0:BE:5C:E9:25:C1:D8:89:0A:6F:76:A8:7E:C1:6D:4D:7D:5F:29:EA:74:19:CF:20:12:3B:69
-# Fingerprint (SHA1): B7:AB:33:08:D1:EA:44:77:BA:14:80:12:5A:6F:BD:A9:36:49:0C:BB
+# Issuer: CN=GTS Root R4,O=Google Trust Services LLC,C=US
+# Serial Number:6e:47:a9:c8:8b:94:b6:e8:bb:3b:2a:d8:a2:b2:c1:99
+# Subject: CN=GTS Root R4,O=Google Trust Services LLC,C=US
+# Not Valid Before: Wed Jun 22 00:00:00 2016
+# Not Valid After : Sun Jun 22 00:00:00 2036
+# Fingerprint (SHA-256): 71:CC:A5:39:1F:9E:79:4B:04:80:25:30:B3:63:E1:21:DA:8A:30:43:BB:26:66:2F:EA:4D:CA:7F:C9:51:A4:BD
+# Fingerprint (SHA1): 2A:1D:60:27:D9:4A:B1:0A:1C:4D:91:5C:CD:33:A0:CB:3E:2D:54:CB
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "SSL.com Root Certification Authority RSA"
+CKA_LABEL UTF8 "GTS Root R4"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
-\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
-\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
-\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057\006
-\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122\157
-\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\040\122\123\101
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\042\060\040\006\003\125\004\012\023\031\107\157\157\147\154\145
+\040\124\162\165\163\164\040\123\145\162\166\151\143\145\163\040
+\114\114\103\061\024\060\022\006\003\125\004\003\023\013\107\124
+\123\040\122\157\157\164\040\122\064
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
-\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
-\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
-\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057\006
-\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122\157
-\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\040\122\123\101
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\042\060\040\006\003\125\004\012\023\031\107\157\157\147\154\145
+\040\124\162\165\163\164\040\123\145\162\166\151\143\145\163\040
+\114\114\103\061\024\060\022\006\003\125\004\003\023\013\107\124
+\123\040\122\157\157\164\040\122\064
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\010\173\054\233\323\026\200\062\231
+\002\020\156\107\251\310\213\224\266\350\273\073\052\330\242\262
+\301\231
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\005\335\060\202\003\305\240\003\002\001\002\002\010\173
-\054\233\323\026\200\062\231\060\015\006\011\052\206\110\206\367
-\015\001\001\013\005\000\060\174\061\013\060\011\006\003\125\004
-\006\023\002\125\123\061\016\060\014\006\003\125\004\010\014\005
-\124\145\170\141\163\061\020\060\016\006\003\125\004\007\014\007
-\110\157\165\163\164\157\156\061\030\060\026\006\003\125\004\012
-\014\017\123\123\114\040\103\157\162\160\157\162\141\164\151\157
-\156\061\061\060\057\006\003\125\004\003\014\050\123\123\114\056
-\143\157\155\040\122\157\157\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\122\123\101\060\036\027\015\061\066\060\062\061\062\061\067
-\063\071\063\071\132\027\015\064\061\060\062\061\062\061\067\063
-\071\063\071\132\060\174\061\013\060\011\006\003\125\004\006\023
-\002\125\123\061\016\060\014\006\003\125\004\010\014\005\124\145
-\170\141\163\061\020\060\016\006\003\125\004\007\014\007\110\157
-\165\163\164\157\156\061\030\060\026\006\003\125\004\012\014\017
-\123\123\114\040\103\157\162\160\157\162\141\164\151\157\156\061
-\061\060\057\006\003\125\004\003\014\050\123\123\114\056\143\157
-\155\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\122
-\123\101\060\202\002\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\002\017\000\060\202\002\012\002\202
-\002\001\000\371\017\335\243\053\175\313\320\052\376\354\147\205
-\246\347\056\033\272\167\341\343\365\257\244\354\372\112\135\221
-\304\127\107\153\030\167\153\166\362\375\223\344\075\017\302\026
-\236\013\146\303\126\224\236\027\203\205\316\126\357\362\026\375
-\000\142\365\042\011\124\350\145\027\116\101\271\340\117\106\227
-\252\033\310\270\156\142\136\151\261\137\333\052\002\176\374\154
-\312\363\101\330\355\320\350\374\077\141\110\355\260\003\024\035
-\020\016\113\031\340\273\116\354\206\145\377\066\363\136\147\002
-\013\235\206\125\141\375\172\070\355\376\342\031\000\267\157\241
-\120\142\165\164\074\240\372\310\045\222\264\156\172\042\307\370
-\036\241\343\262\335\221\061\253\053\035\004\377\245\112\004\067
-\351\205\244\063\053\375\342\326\125\064\174\031\244\112\150\307
-\262\250\323\267\312\241\223\210\353\301\227\274\214\371\035\331
-\042\204\044\164\307\004\075\152\251\051\223\314\353\270\133\341
-\376\137\045\252\064\130\310\301\043\124\235\033\230\021\303\070
-\234\176\075\206\154\245\017\100\206\174\002\364\134\002\117\050
-\313\256\161\237\017\072\310\063\376\021\045\065\352\374\272\305
-\140\075\331\174\030\325\262\251\323\165\170\003\162\042\312\072
-\303\037\357\054\345\056\251\372\236\054\266\121\106\375\257\003
-\326\352\140\150\352\205\026\066\153\205\351\036\300\263\335\304
-\044\334\200\052\201\101\155\224\076\310\340\311\201\101\000\236
-\136\277\177\305\010\230\242\030\054\102\100\263\371\157\070\047
-\113\116\200\364\075\201\107\340\210\174\352\034\316\265\165\134
-\121\056\034\053\177\032\162\050\347\000\265\321\164\306\327\344
-\237\255\007\223\266\123\065\065\374\067\344\303\366\135\026\276
-\041\163\336\222\012\370\240\143\152\274\226\222\152\076\370\274
-\145\125\233\336\365\015\211\046\004\374\045\032\246\045\151\313
-\302\155\312\174\342\131\137\227\254\353\357\056\310\274\327\033
-\131\074\053\314\362\031\310\223\153\047\143\031\317\374\351\046
-\370\312\161\233\177\223\376\064\147\204\116\231\353\374\263\170
-\011\063\160\272\146\246\166\355\033\163\353\032\245\015\304\042
-\023\040\224\126\012\116\054\154\116\261\375\317\234\011\272\242
-\063\355\207\002\003\001\000\001\243\143\060\141\060\035\006\003
-\125\035\016\004\026\004\024\335\004\011\007\242\365\172\175\122
-\123\022\222\225\356\070\200\045\015\246\131\060\017\006\003\125
-\035\023\001\001\377\004\005\060\003\001\001\377\060\037\006\003
-\125\035\043\004\030\060\026\200\024\335\004\011\007\242\365\172
-\175\122\123\022\222\225\356\070\200\045\015\246\131\060\016\006
-\003\125\035\017\001\001\377\004\004\003\002\001\206\060\015\006
-\011\052\206\110\206\367\015\001\001\013\005\000\003\202\002\001
-\000\040\030\021\224\051\373\046\235\034\036\036\160\141\361\225
-\162\223\161\044\255\150\223\130\216\062\257\033\263\160\003\374
-\045\053\164\205\220\075\170\152\364\271\213\245\227\073\265\030
-\221\273\036\247\371\100\133\221\371\125\231\257\036\021\320\134
-\035\247\146\343\261\224\007\014\062\071\246\352\033\260\171\330
-\035\234\160\104\343\212\335\304\371\225\037\212\070\103\077\001
-\205\245\107\247\075\106\262\274\345\042\150\367\173\234\330\054
-\076\012\041\310\055\063\254\277\305\201\231\061\164\301\165\161
-\305\276\261\360\043\105\364\235\153\374\031\143\235\243\274\004
-\306\030\013\045\273\123\211\017\263\200\120\336\105\356\104\177
-\253\224\170\144\230\323\366\050\335\207\330\160\145\164\373\016
-\271\023\353\247\017\141\251\062\226\314\336\273\355\143\114\030
-\273\251\100\367\240\124\156\040\210\161\165\030\352\172\264\064
-\162\340\043\047\167\134\266\220\352\206\045\100\253\357\063\017
-\313\237\202\276\242\040\373\366\265\055\032\346\302\205\261\164
-\017\373\310\145\002\244\122\001\107\335\111\042\301\277\330\353
-\153\254\176\336\354\143\063\025\267\043\010\217\306\017\215\101
-\132\335\216\305\271\217\345\105\077\170\333\272\322\033\100\261
-\376\161\115\077\340\201\242\272\136\264\354\025\340\223\335\010
-\037\176\341\125\231\013\041\336\223\236\012\373\346\243\111\275
-\066\060\376\347\167\262\240\165\227\265\055\201\210\027\145\040
-\367\332\220\000\237\311\122\314\062\312\065\174\365\075\017\330
-\053\327\365\046\154\311\006\064\226\026\352\160\131\032\062\171
-\171\013\266\210\177\017\122\110\075\277\154\330\242\104\056\321
-\116\267\162\130\323\211\023\225\376\104\253\370\327\213\033\156
-\234\274\054\240\133\325\152\000\257\137\067\341\325\372\020\013
-\230\234\206\347\046\217\316\360\354\156\212\127\013\200\343\116
-\262\300\240\143\141\220\272\125\150\067\164\152\266\222\333\237
-\241\206\042\266\145\047\016\354\266\237\102\140\344\147\302\265
-\332\101\013\304\323\213\141\033\274\372\037\221\053\327\104\007
-\136\272\051\254\331\305\351\357\123\110\132\353\200\361\050\130
-\041\315\260\006\125\373\047\077\123\220\160\251\004\036\127\047
-\271
+\060\202\002\012\060\202\001\221\240\003\002\001\002\002\020\156
+\107\251\310\213\224\266\350\273\073\052\330\242\262\301\231\060
+\012\006\010\052\206\110\316\075\004\003\003\060\107\061\013\060
+\011\006\003\125\004\006\023\002\125\123\061\042\060\040\006\003
+\125\004\012\023\031\107\157\157\147\154\145\040\124\162\165\163
+\164\040\123\145\162\166\151\143\145\163\040\114\114\103\061\024
+\060\022\006\003\125\004\003\023\013\107\124\123\040\122\157\157
+\164\040\122\064\060\036\027\015\061\066\060\066\062\062\060\060
+\060\060\060\060\132\027\015\063\066\060\066\062\062\060\060\060
+\060\060\060\132\060\107\061\013\060\011\006\003\125\004\006\023
+\002\125\123\061\042\060\040\006\003\125\004\012\023\031\107\157
+\157\147\154\145\040\124\162\165\163\164\040\123\145\162\166\151
+\143\145\163\040\114\114\103\061\024\060\022\006\003\125\004\003
+\023\013\107\124\123\040\122\157\157\164\040\122\064\060\166\060
+\020\006\007\052\206\110\316\075\002\001\006\005\053\201\004\000
+\042\003\142\000\004\363\164\163\247\150\213\140\256\103\270\065
+\305\201\060\173\113\111\235\373\301\141\316\346\336\106\275\153
+\325\141\030\065\256\100\335\163\367\211\221\060\132\353\074\356
+\205\174\242\100\166\073\251\306\270\107\330\052\347\222\221\152
+\163\351\261\162\071\237\051\237\242\230\323\137\136\130\206\145
+\017\241\204\145\006\321\334\213\311\307\163\310\214\152\057\345
+\304\253\321\035\212\243\102\060\100\060\016\006\003\125\035\017
+\001\001\377\004\004\003\002\001\006\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\035\006\003\125\035
+\016\004\026\004\024\200\114\326\353\164\377\111\066\243\325\330
+\374\265\076\305\152\360\224\035\214\060\012\006\010\052\206\110
+\316\075\004\003\003\003\147\000\060\144\002\060\152\120\122\164
+\010\304\160\334\236\120\164\041\350\215\172\041\303\117\226\156
+\025\321\042\065\141\055\372\010\067\356\031\155\255\333\262\314
+\175\007\064\365\140\031\054\265\064\331\157\040\002\060\003\161
+\261\272\243\140\013\206\355\232\010\152\225\150\237\342\263\341
+\223\144\174\136\223\246\337\171\055\215\205\343\224\317\043\135
+\161\314\362\260\115\326\376\231\310\224\251\165\242\343
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "SSL.com Root Certification Authority RSA"
-# Issuer: CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Serial Number:7b:2c:9b:d3:16:80:32:99
-# Subject: CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Not Valid Before: Fri Feb 12 17:39:39 2016
-# Not Valid After : Tue Feb 12 17:39:39 2041
-# Fingerprint (SHA-256): 85:66:6A:56:2E:E0:BE:5C:E9:25:C1:D8:89:0A:6F:76:A8:7E:C1:6D:4D:7D:5F:29:EA:74:19:CF:20:12:3B:69
-# Fingerprint (SHA1): B7:AB:33:08:D1:EA:44:77:BA:14:80:12:5A:6F:BD:A9:36:49:0C:BB
+# Trust for "GTS Root R4"
+# Issuer: CN=GTS Root R4,O=Google Trust Services LLC,C=US
+# Serial Number:6e:47:a9:c8:8b:94:b6:e8:bb:3b:2a:d8:a2:b2:c1:99
+# Subject: CN=GTS Root R4,O=Google Trust Services LLC,C=US
+# Not Valid Before: Wed Jun 22 00:00:00 2016
+# Not Valid After : Sun Jun 22 00:00:00 2036
+# Fingerprint (SHA-256): 71:CC:A5:39:1F:9E:79:4B:04:80:25:30:B3:63:E1:21:DA:8A:30:43:BB:26:66:2F:EA:4D:CA:7F:C9:51:A4:BD
+# Fingerprint (SHA1): 2A:1D:60:27:D9:4A:B1:0A:1C:4D:91:5C:CD:33:A0:CB:3E:2D:54:CB
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "SSL.com Root Certification Authority RSA"
+CKA_LABEL UTF8 "GTS Root R4"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\267\253\063\010\321\352\104\167\272\024\200\022\132\157\275\251
-\066\111\014\273
+\052\035\140\047\331\112\261\012\034\115\221\134\315\063\240\313
+\076\055\124\313
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\206\151\022\300\160\361\354\254\254\302\325\274\245\133\241\051
+\135\266\152\304\140\027\044\152\032\231\250\113\356\136\264\046
END
CKA_ISSUER MULTILINE_OCTAL
-\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
-\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
-\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
-\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057\006
-\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122\157
-\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\040\122\123\101
+\060\107\061\013\060\011\006\003\125\004\006\023\002\125\123\061
+\042\060\040\006\003\125\004\012\023\031\107\157\157\147\154\145
+\040\124\162\165\163\164\040\123\145\162\166\151\143\145\163\040
+\114\114\103\061\024\060\022\006\003\125\004\003\023\013\107\124
+\123\040\122\157\157\164\040\122\064
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\010\173\054\233\323\026\200\062\231
+\002\020\156\107\251\310\213\224\266\350\273\073\052\330\242\262
+\301\231
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "SSL.com Root Certification Authority ECC"
+# Certificate "UCA Global G2 Root"
#
-# Issuer: CN=SSL.com Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Serial Number:75:e6:df:cb:c1:68:5b:a8
-# Subject: CN=SSL.com Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Not Valid Before: Fri Feb 12 18:14:03 2016
-# Not Valid After : Tue Feb 12 18:14:03 2041
-# Fingerprint (SHA-256): 34:17:BB:06:CC:60:07:DA:1B:96:1C:92:0B:8A:B4:CE:3F:AD:82:0E:4A:A3:0B:9A:CB:C4:A7:4E:BD:CE:BC:65
-# Fingerprint (SHA1): C3:19:7C:39:24:E6:54:AF:1B:C4:AB:20:95:7A:E2:C3:0E:13:02:6A
+# Issuer: CN=UCA Global G2 Root,O=UniTrust,C=CN
+# Serial Number:5d:df:b1:da:5a:a3:ed:5d:be:5a:65:20:65:03:90:ef
+# Subject: CN=UCA Global G2 Root,O=UniTrust,C=CN
+# Not Valid Before: Fri Mar 11 00:00:00 2016
+# Not Valid After : Mon Dec 31 00:00:00 2040
+# Fingerprint (SHA-256): 9B:EA:11:C9:76:FE:01:47:64:C1:BE:56:A6:F9:14:B5:A5:60:31:7A:BD:99:88:39:33:82:E5:16:1A:A0:49:3C
+# Fingerprint (SHA1): 28:F9:78:16:19:7A:FF:18:25:18:AA:44:FE:C1:A0:CE:5C:B6:4C:8A
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "SSL.com Root Certification Authority ECC"
+CKA_LABEL UTF8 "UCA Global G2 Root"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
-\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
-\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
-\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057\006
-\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122\157
-\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\040\105\103\103
+\060\075\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\021\060\017\006\003\125\004\012\014\010\125\156\151\124\162\165
+\163\164\061\033\060\031\006\003\125\004\003\014\022\125\103\101
+\040\107\154\157\142\141\154\040\107\062\040\122\157\157\164
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
-\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
-\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
-\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057\006
-\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122\157
-\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\040\105\103\103
+\060\075\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\021\060\017\006\003\125\004\012\014\010\125\156\151\124\162\165
+\163\164\061\033\060\031\006\003\125\004\003\014\022\125\103\101
+\040\107\154\157\142\141\154\040\107\062\040\122\157\157\164
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\010\165\346\337\313\301\150\133\250
+\002\020\135\337\261\332\132\243\355\135\276\132\145\040\145\003
+\220\357
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\002\215\060\202\002\024\240\003\002\001\002\002\010\165
-\346\337\313\301\150\133\250\060\012\006\010\052\206\110\316\075
-\004\003\002\060\174\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\016\060\014\006\003\125\004\010\014\005\124\145\170
-\141\163\061\020\060\016\006\003\125\004\007\014\007\110\157\165
-\163\164\157\156\061\030\060\026\006\003\125\004\012\014\017\123
-\123\114\040\103\157\162\160\157\162\141\164\151\157\156\061\061
-\060\057\006\003\125\004\003\014\050\123\123\114\056\143\157\155
-\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\105\103
-\103\060\036\027\015\061\066\060\062\061\062\061\070\061\064\060
-\063\132\027\015\064\061\060\062\061\062\061\070\061\064\060\063
-\132\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163
-\061\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164
-\157\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114
-\040\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057
-\006\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122
-\157\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\105\103\103\060
-\166\060\020\006\007\052\206\110\316\075\002\001\006\005\053\201
-\004\000\042\003\142\000\004\105\156\251\120\304\246\043\066\236
-\137\050\215\027\313\226\042\144\077\334\172\216\035\314\010\263
-\242\161\044\272\216\111\271\004\033\107\226\130\253\055\225\310
-\355\236\010\065\310\047\353\211\214\123\130\353\142\212\376\360
-\133\017\153\061\122\143\101\073\211\315\354\354\266\215\031\323
-\064\007\334\273\306\006\177\302\105\225\354\313\177\250\043\340
-\011\351\201\372\363\107\323\243\143\060\141\060\035\006\003\125
-\035\016\004\026\004\024\202\321\205\163\060\347\065\004\323\216
-\002\222\373\345\244\321\304\041\350\315\060\017\006\003\125\035
-\023\001\001\377\004\005\060\003\001\001\377\060\037\006\003\125
-\035\043\004\030\060\026\200\024\202\321\205\163\060\347\065\004
-\323\216\002\222\373\345\244\321\304\041\350\315\060\016\006\003
-\125\035\017\001\001\377\004\004\003\002\001\206\060\012\006\010
-\052\206\110\316\075\004\003\002\003\147\000\060\144\002\060\157
-\347\353\131\021\244\140\317\141\260\226\173\355\005\371\057\023
-\221\334\355\345\374\120\153\021\106\106\263\034\041\000\142\273
-\276\303\347\350\315\007\231\371\015\013\135\162\076\304\252\002
-\060\037\274\272\013\342\060\044\373\174\155\200\125\012\231\076
-\200\015\063\345\146\243\263\243\273\245\325\213\217\011\054\246
-\135\176\342\360\007\010\150\155\322\174\151\156\137\337\345\152
-\145
+\060\202\005\106\060\202\003\056\240\003\002\001\002\002\020\135
+\337\261\332\132\243\355\135\276\132\145\040\145\003\220\357\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\075
+\061\013\060\011\006\003\125\004\006\023\002\103\116\061\021\060
+\017\006\003\125\004\012\014\010\125\156\151\124\162\165\163\164
+\061\033\060\031\006\003\125\004\003\014\022\125\103\101\040\107
+\154\157\142\141\154\040\107\062\040\122\157\157\164\060\036\027
+\015\061\066\060\063\061\061\060\060\060\060\060\060\132\027\015
+\064\060\061\062\063\061\060\060\060\060\060\060\132\060\075\061
+\013\060\011\006\003\125\004\006\023\002\103\116\061\021\060\017
+\006\003\125\004\012\014\010\125\156\151\124\162\165\163\164\061
+\033\060\031\006\003\125\004\003\014\022\125\103\101\040\107\154
+\157\142\141\154\040\107\062\040\122\157\157\164\060\202\002\042
+\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
+\202\002\017\000\060\202\002\012\002\202\002\001\000\305\346\053
+\157\174\357\046\005\047\243\201\044\332\157\313\001\371\231\232
+\251\062\302\042\207\141\101\221\073\313\303\150\033\006\305\114
+\251\053\301\147\027\042\035\053\355\371\051\211\223\242\170\275
+\222\153\240\243\015\242\176\312\223\263\246\321\214\065\325\165
+\371\027\366\317\105\305\345\172\354\167\223\240\217\043\256\016
+\032\003\177\276\324\320\355\056\173\253\106\043\133\377\054\346
+\124\172\224\300\052\025\360\311\215\260\172\073\044\341\327\150
+\342\061\074\006\063\106\266\124\021\246\245\057\042\124\052\130
+\015\001\002\361\372\025\121\147\154\300\372\327\266\033\177\321
+\126\210\057\032\072\215\073\273\202\021\340\107\000\320\122\207
+\253\373\206\176\017\044\153\100\235\064\147\274\215\307\055\206
+\157\171\076\216\251\074\027\113\177\260\231\343\260\161\140\334
+\013\365\144\303\316\103\274\155\161\271\322\336\047\133\212\350
+\330\306\256\341\131\175\317\050\055\065\270\225\126\032\361\262
+\130\113\267\022\067\310\174\263\355\113\200\341\215\372\062\043
+\266\157\267\110\225\010\261\104\116\205\214\072\002\124\040\057
+\337\277\127\117\073\072\220\041\327\301\046\065\124\040\354\307
+\077\107\354\357\132\277\113\172\301\255\073\027\120\134\142\330
+\017\113\112\334\053\372\156\274\163\222\315\354\307\120\350\101
+\226\327\251\176\155\330\351\035\217\212\265\271\130\222\272\112
+\222\053\014\126\375\200\353\010\360\136\051\156\033\034\014\257
+\217\223\211\255\333\275\243\236\041\312\211\031\354\337\265\303
+\032\353\026\376\170\066\114\326\156\320\076\027\034\220\027\153
+\046\272\373\172\057\277\021\034\030\016\055\163\003\217\240\345
+\065\240\132\342\114\165\035\161\341\071\070\123\170\100\314\203
+\223\327\012\236\235\133\217\212\344\345\340\110\344\110\262\107
+\315\116\052\165\052\173\362\042\366\311\276\011\221\226\127\172
+\210\210\254\356\160\254\371\334\051\343\014\034\073\022\116\104
+\326\247\116\260\046\310\363\331\032\227\221\150\352\357\215\106
+\006\322\126\105\130\232\074\014\017\203\270\005\045\303\071\317
+\073\244\064\211\267\171\022\057\107\305\347\251\227\151\374\246
+\167\147\265\337\173\361\172\145\025\344\141\126\145\002\003\001
+\000\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377
+\004\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026
+\004\024\201\304\214\314\365\344\060\377\245\014\010\137\214\025
+\147\041\164\001\337\337\060\015\006\011\052\206\110\206\367\015
+\001\001\013\005\000\003\202\002\001\000\023\145\042\365\216\053
+\255\104\344\313\377\271\150\346\303\200\110\075\004\173\372\043
+\057\172\355\066\332\262\316\155\366\346\236\345\137\130\217\313
+\067\062\241\310\145\266\256\070\075\065\033\076\274\073\266\004
+\320\274\371\111\365\233\367\205\305\066\266\313\274\370\310\071
+\325\344\137\007\275\025\124\227\164\312\312\355\117\272\272\144
+\166\237\201\270\204\105\111\114\215\157\242\353\261\314\321\303
+\224\332\104\302\346\342\352\030\350\242\037\047\005\272\327\345
+\326\251\315\335\357\166\230\215\000\016\315\033\372\003\267\216
+\200\130\016\047\077\122\373\224\242\312\136\145\311\326\204\332
+\271\065\161\363\046\300\117\167\346\201\047\322\167\073\232\024
+\157\171\364\366\320\341\323\224\272\320\127\121\275\047\005\015
+\301\375\310\022\060\356\157\215\021\053\010\235\324\324\277\200
+\105\024\232\210\104\332\060\352\264\247\343\356\357\133\202\325
+\076\326\255\170\222\333\134\074\363\330\255\372\270\153\177\304
+\066\050\266\002\025\212\124\054\234\260\027\163\216\320\067\243
+\024\074\230\225\000\014\051\005\133\236\111\111\261\137\307\343
+\313\317\047\145\216\065\027\267\127\310\060\331\101\133\271\024
+\266\350\302\017\224\061\247\224\230\314\152\353\265\341\047\365
+\020\250\001\350\216\022\142\350\210\314\265\177\106\227\300\233
+\020\146\070\032\066\106\137\042\150\075\337\311\306\023\047\253
+\123\006\254\242\074\206\006\145\157\261\176\261\051\104\232\243
+\272\111\151\050\151\217\327\345\137\255\004\206\144\157\032\240
+\014\305\010\142\316\200\243\320\363\354\150\336\276\063\307\027
+\133\177\200\304\114\114\261\246\204\212\303\073\270\011\315\024
+\201\272\030\343\124\127\066\376\333\057\174\107\241\072\063\310
+\371\130\073\104\117\261\312\002\211\004\226\050\150\305\113\270
+\046\211\273\326\063\057\120\325\376\232\211\272\030\062\222\124
+\306\133\340\235\371\136\345\015\042\233\366\332\342\310\041\262
+\142\041\252\206\100\262\056\144\323\137\310\343\176\021\147\105
+\037\005\376\343\242\357\263\250\263\363\175\217\370\014\037\042
+\037\055\160\264\270\001\064\166\060\000\345\043\170\247\126\327
+\120\037\212\373\006\365\302\031\360\320
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "SSL.com Root Certification Authority ECC"
-# Issuer: CN=SSL.com Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Serial Number:75:e6:df:cb:c1:68:5b:a8
-# Subject: CN=SSL.com Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Not Valid Before: Fri Feb 12 18:14:03 2016
-# Not Valid After : Tue Feb 12 18:14:03 2041
-# Fingerprint (SHA-256): 34:17:BB:06:CC:60:07:DA:1B:96:1C:92:0B:8A:B4:CE:3F:AD:82:0E:4A:A3:0B:9A:CB:C4:A7:4E:BD:CE:BC:65
-# Fingerprint (SHA1): C3:19:7C:39:24:E6:54:AF:1B:C4:AB:20:95:7A:E2:C3:0E:13:02:6A
+# Trust for "UCA Global G2 Root"
+# Issuer: CN=UCA Global G2 Root,O=UniTrust,C=CN
+# Serial Number:5d:df:b1:da:5a:a3:ed:5d:be:5a:65:20:65:03:90:ef
+# Subject: CN=UCA Global G2 Root,O=UniTrust,C=CN
+# Not Valid Before: Fri Mar 11 00:00:00 2016
+# Not Valid After : Mon Dec 31 00:00:00 2040
+# Fingerprint (SHA-256): 9B:EA:11:C9:76:FE:01:47:64:C1:BE:56:A6:F9:14:B5:A5:60:31:7A:BD:99:88:39:33:82:E5:16:1A:A0:49:3C
+# Fingerprint (SHA1): 28:F9:78:16:19:7A:FF:18:25:18:AA:44:FE:C1:A0:CE:5C:B6:4C:8A
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "SSL.com Root Certification Authority ECC"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\303\031\174\071\044\346\124\257\033\304\253\040\225\172\342\303
-\016\023\002\152
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\056\332\344\071\177\234\217\067\321\160\237\046\027\121\072\216
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\174\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
-\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
-\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
-\103\157\162\160\157\162\141\164\151\157\156\061\061\060\057\006
-\003\125\004\003\014\050\123\123\114\056\143\157\155\040\122\157
-\157\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\040\105\103\103
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "UCA Global G2 Root"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\050\371\170\026\031\172\377\030\045\030\252\104\376\301\240\316
+\134\266\114\212
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\200\376\360\304\112\360\134\142\062\237\034\272\170\251\120\370
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\075\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\021\060\017\006\003\125\004\012\014\010\125\156\151\124\162\165
+\163\164\061\033\060\031\006\003\125\004\003\014\022\125\103\101
+\040\107\154\157\142\141\154\040\107\062\040\122\157\157\164
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\010\165\346\337\313\301\150\133\250
+\002\020\135\337\261\332\132\243\355\135\276\132\145\040\145\003
+\220\357
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
@@ -22688,179 +22814,160 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "SSL.com EV Root Certification Authority RSA R2"
+# Certificate "UCA Extended Validation Root"
#
-# Issuer: CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Serial Number:56:b6:29:cd:34:bc:78:f6
-# Subject: CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Not Valid Before: Wed May 31 18:14:37 2017
-# Not Valid After : Fri May 30 18:14:37 2042
-# Fingerprint (SHA-256): 2E:7B:F1:6C:C2:24:85:A7:BB:E2:AA:86:96:75:07:61:B0:AE:39:BE:3B:2F:E9:D0:CC:6D:4E:F7:34:91:42:5C
-# Fingerprint (SHA1): 74:3A:F0:52:9B:D0:32:A0:F4:4A:83:CD:D4:BA:A9:7B:7C:2E:C4:9A
+# Issuer: CN=UCA Extended Validation Root,O=UniTrust,C=CN
+# Serial Number:4f:d2:2b:8f:f5:64:c8:33:9e:4f:34:58:66:23:70:60
+# Subject: CN=UCA Extended Validation Root,O=UniTrust,C=CN
+# Not Valid Before: Fri Mar 13 00:00:00 2015
+# Not Valid After : Fri Dec 31 00:00:00 2038
+# Fingerprint (SHA-256): D4:3A:F9:B3:54:73:75:5C:96:84:FC:06:D7:D8:CB:70:EE:5C:28:E7:73:FB:29:4E:B4:1E:E7:17:22:92:4D:24
+# Fingerprint (SHA1): A3:A1:B0:6F:24:61:23:4A:E3:36:A5:C2:37:FC:A6:FF:DD:F0:D7:3A
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "SSL.com EV Root Certification Authority RSA R2"
+CKA_LABEL UTF8 "UCA Extended Validation Root"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\201\202\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163
-\061\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164
-\157\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114
-\040\103\157\162\160\157\162\141\164\151\157\156\061\067\060\065
-\006\003\125\004\003\014\056\123\123\114\056\143\157\155\040\105
-\126\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\122
-\123\101\040\122\062
+\060\107\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\021\060\017\006\003\125\004\012\014\010\125\156\151\124\162\165
+\163\164\061\045\060\043\006\003\125\004\003\014\034\125\103\101
+\040\105\170\164\145\156\144\145\144\040\126\141\154\151\144\141
+\164\151\157\156\040\122\157\157\164
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\201\202\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163
-\061\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164
-\157\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114
-\040\103\157\162\160\157\162\141\164\151\157\156\061\067\060\065
-\006\003\125\004\003\014\056\123\123\114\056\143\157\155\040\105
-\126\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\122
-\123\101\040\122\062
+\060\107\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\021\060\017\006\003\125\004\012\014\010\125\156\151\124\162\165
+\163\164\061\045\060\043\006\003\125\004\003\014\034\125\103\101
+\040\105\170\164\145\156\144\145\144\040\126\141\154\151\144\141
+\164\151\157\156\040\122\157\157\164
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\010\126\266\051\315\064\274\170\366
+\002\020\117\322\053\217\365\144\310\063\236\117\064\130\146\043
+\160\140
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\005\353\060\202\003\323\240\003\002\001\002\002\010\126
-\266\051\315\064\274\170\366\060\015\006\011\052\206\110\206\367
-\015\001\001\013\005\000\060\201\202\061\013\060\011\006\003\125
-\004\006\023\002\125\123\061\016\060\014\006\003\125\004\010\014
-\005\124\145\170\141\163\061\020\060\016\006\003\125\004\007\014
-\007\110\157\165\163\164\157\156\061\030\060\026\006\003\125\004
-\012\014\017\123\123\114\040\103\157\162\160\157\162\141\164\151
-\157\156\061\067\060\065\006\003\125\004\003\014\056\123\123\114
-\056\143\157\155\040\105\126\040\122\157\157\164\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\122\123\101\040\122\062\060\036\027\015\061
-\067\060\065\063\061\061\070\061\064\063\067\132\027\015\064\062
-\060\065\063\060\061\070\061\064\063\067\132\060\201\202\061\013
-\060\011\006\003\125\004\006\023\002\125\123\061\016\060\014\006
-\003\125\004\010\014\005\124\145\170\141\163\061\020\060\016\006
-\003\125\004\007\014\007\110\157\165\163\164\157\156\061\030\060
-\026\006\003\125\004\012\014\017\123\123\114\040\103\157\162\160
-\157\162\141\164\151\157\156\061\067\060\065\006\003\125\004\003
-\014\056\123\123\114\056\143\157\155\040\105\126\040\122\157\157
-\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\122\123\101\040\122\062
+\060\202\005\132\060\202\003\102\240\003\002\001\002\002\020\117
+\322\053\217\365\144\310\063\236\117\064\130\146\043\160\140\060
+\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\107
+\061\013\060\011\006\003\125\004\006\023\002\103\116\061\021\060
+\017\006\003\125\004\012\014\010\125\156\151\124\162\165\163\164
+\061\045\060\043\006\003\125\004\003\014\034\125\103\101\040\105
+\170\164\145\156\144\145\144\040\126\141\154\151\144\141\164\151
+\157\156\040\122\157\157\164\060\036\027\015\061\065\060\063\061
+\063\060\060\060\060\060\060\132\027\015\063\070\061\062\063\061
+\060\060\060\060\060\060\132\060\107\061\013\060\011\006\003\125
+\004\006\023\002\103\116\061\021\060\017\006\003\125\004\012\014
+\010\125\156\151\124\162\165\163\164\061\045\060\043\006\003\125
+\004\003\014\034\125\103\101\040\105\170\164\145\156\144\145\144
+\040\126\141\154\151\144\141\164\151\157\156\040\122\157\157\164
\060\202\002\042\060\015\006\011\052\206\110\206\367\015\001\001
\001\005\000\003\202\002\017\000\060\202\002\012\002\202\002\001
-\000\217\066\145\100\341\326\115\300\327\264\351\106\332\153\352
-\063\107\315\114\371\175\175\276\275\055\075\360\333\170\341\206
-\245\331\272\011\127\150\355\127\076\240\320\010\101\203\347\050
-\101\044\037\343\162\025\320\001\032\373\136\160\043\262\313\237
-\071\343\317\305\116\306\222\155\046\306\173\273\263\332\047\235
-\012\206\351\201\067\005\376\360\161\161\354\303\034\351\143\242
-\027\024\235\357\033\147\323\205\125\002\002\326\111\311\314\132
-\341\261\367\157\062\237\311\324\073\210\101\250\234\275\313\253
-\333\155\173\011\037\242\114\162\220\332\053\010\374\317\074\124
-\316\147\017\250\317\135\226\031\013\304\343\162\353\255\321\175
-\035\047\357\222\353\020\277\133\353\073\257\317\200\335\301\322
-\226\004\133\172\176\244\251\074\070\166\244\142\216\240\071\136
-\352\167\317\135\000\131\217\146\054\076\007\242\243\005\046\021
-\151\227\352\205\267\017\226\013\113\310\100\341\120\272\056\212
-\313\367\017\232\042\347\177\232\067\023\315\362\115\023\153\041
-\321\300\314\042\362\241\106\366\104\151\234\312\141\065\007\000
-\157\326\141\010\021\352\272\270\366\351\263\140\345\115\271\354
-\237\024\146\311\127\130\333\315\207\151\370\212\206\022\003\107
-\277\146\023\166\254\167\175\064\044\205\203\315\327\252\234\220
-\032\237\041\054\177\170\267\144\270\330\350\246\364\170\263\125
-\313\204\322\062\304\170\256\243\217\141\335\316\010\123\255\354
-\210\374\025\344\232\015\346\237\032\167\316\114\217\270\024\025
-\075\142\234\206\070\006\000\146\022\344\131\166\132\123\300\002
-\230\242\020\053\150\104\173\216\171\316\063\112\166\252\133\201
-\026\033\265\212\330\320\000\173\136\142\264\011\326\206\143\016
-\246\005\225\111\272\050\213\210\223\262\064\034\330\244\125\156
-\267\034\320\336\231\125\073\043\364\042\340\371\051\146\046\354
-\040\120\167\333\112\013\217\276\345\002\140\160\101\136\324\256
-\120\071\042\024\046\313\262\073\163\164\125\107\007\171\201\071
-\250\060\023\104\345\004\212\256\226\023\045\102\017\271\123\304
-\233\374\315\344\034\336\074\372\253\326\006\112\037\147\246\230
-\060\034\335\054\333\334\030\225\127\146\306\377\134\213\126\365
-\167\002\003\001\000\001\243\143\060\141\060\017\006\003\125\035
-\023\001\001\377\004\005\060\003\001\001\377\060\037\006\003\125
-\035\043\004\030\060\026\200\024\371\140\273\324\343\325\064\366
-\270\365\006\200\045\247\163\333\106\151\250\236\060\035\006\003
-\125\035\016\004\026\004\024\371\140\273\324\343\325\064\366\270
-\365\006\200\045\247\163\333\106\151\250\236\060\016\006\003\125
-\035\017\001\001\377\004\004\003\002\001\206\060\015\006\011\052
-\206\110\206\367\015\001\001\013\005\000\003\202\002\001\000\126
-\263\216\313\012\235\111\216\277\244\304\221\273\146\027\005\121
-\230\165\373\345\120\054\172\236\361\024\372\253\323\212\076\377
-\221\051\217\143\213\330\264\251\124\001\015\276\223\206\057\371
-\112\155\307\136\365\127\371\312\125\034\022\276\107\017\066\305
-\337\152\267\333\165\302\107\045\177\271\361\143\370\150\055\125
-\004\321\362\215\260\244\317\274\074\136\037\170\347\245\240\040
-\160\260\004\305\267\367\162\247\336\042\015\275\063\045\106\214
-\144\222\046\343\076\056\143\226\332\233\214\075\370\030\011\327
-\003\314\175\206\202\340\312\004\007\121\120\327\377\222\325\014
-\357\332\206\237\231\327\353\267\257\150\342\071\046\224\272\150
-\267\277\203\323\352\172\147\075\142\147\256\045\345\162\350\342
-\344\354\256\022\366\113\053\074\237\351\260\100\363\070\124\263
-\375\267\150\310\332\306\217\121\074\262\373\221\334\034\347\233
-\235\341\267\015\162\217\342\244\304\251\170\371\353\024\254\306
-\103\005\302\145\071\050\030\002\303\202\262\235\005\276\145\355
-\226\137\145\164\074\373\011\065\056\173\234\023\375\033\017\135
-\307\155\201\072\126\017\314\073\341\257\002\057\042\254\106\312
-\106\074\240\034\114\326\104\264\136\056\134\025\146\011\341\046
-\051\376\306\122\141\272\261\163\377\303\014\234\345\154\152\224
-\077\024\312\100\026\225\204\363\131\251\254\137\114\141\223\155
-\321\073\314\242\225\014\042\246\147\147\104\056\271\331\322\212
-\101\263\146\013\132\373\175\043\245\362\032\260\377\336\233\203
-\224\056\321\077\337\222\267\221\257\005\073\145\307\240\154\261
-\315\142\022\303\220\033\343\045\316\064\274\157\167\166\261\020
-\303\367\005\032\300\326\257\164\142\110\027\167\222\151\220\141
-\034\336\225\200\164\124\217\030\034\303\363\003\320\277\244\103
-\165\206\123\030\172\012\056\011\034\066\237\221\375\202\212\042
-\113\321\016\120\045\335\313\003\014\027\311\203\000\010\116\065
-\115\212\213\355\360\002\224\146\054\104\177\313\225\047\226\027
-\255\011\060\254\266\161\027\156\213\027\366\034\011\324\055\073
-\230\245\161\323\124\023\331\140\363\365\113\146\117\372\361\356
-\040\022\215\264\254\127\261\105\143\241\254\166\251\302\373
+\000\251\011\007\050\023\002\260\231\340\144\252\036\103\026\172
+\163\261\221\240\165\076\250\372\343\070\000\172\354\211\152\040
+\017\213\305\260\233\063\003\132\206\306\130\206\325\301\205\273
+\117\306\234\100\115\312\276\356\151\226\270\255\201\060\232\174
+\222\005\353\005\053\232\110\320\270\166\076\226\310\040\273\322
+\260\361\217\330\254\105\106\377\252\147\140\264\167\176\152\037
+\074\032\122\172\004\075\007\074\205\015\204\320\037\166\012\367
+\152\024\337\162\343\064\174\127\116\126\001\076\171\361\252\051
+\073\154\372\370\217\155\115\310\065\337\256\353\334\044\356\171
+\105\247\205\266\005\210\336\210\135\045\174\227\144\147\011\331
+\277\132\025\005\206\363\011\036\354\130\062\063\021\363\167\144
+\260\166\037\344\020\065\027\033\362\016\261\154\244\052\243\163
+\374\011\037\036\062\031\123\021\347\331\263\054\056\166\056\241
+\243\336\176\152\210\011\350\362\007\212\370\262\315\020\347\342
+\163\100\223\273\010\321\077\341\374\013\224\263\045\357\174\246
+\327\321\257\237\377\226\232\365\221\173\230\013\167\324\176\350
+\007\322\142\265\225\071\343\363\361\155\017\016\145\204\212\143
+\124\305\200\266\340\236\113\175\107\046\247\001\010\135\321\210
+\236\327\303\062\104\372\202\112\012\150\124\177\070\123\003\314
+\244\000\063\144\121\131\013\243\202\221\172\136\354\026\302\363
+\052\346\142\332\052\333\131\142\020\045\112\052\201\013\107\007
+\103\006\160\207\322\372\223\021\051\172\110\115\353\224\307\160
+\115\257\147\325\121\261\200\040\001\001\264\172\010\246\220\177
+\116\340\357\007\101\207\257\152\245\136\213\373\317\120\262\232
+\124\257\303\211\272\130\055\365\060\230\261\066\162\071\176\111
+\004\375\051\247\114\171\344\005\127\333\224\271\026\123\215\106
+\263\035\225\141\127\126\177\257\360\026\133\141\130\157\066\120
+\021\013\330\254\053\225\026\032\016\037\010\315\066\064\145\020
+\142\146\325\200\137\024\040\137\055\014\240\170\012\150\326\054
+\327\351\157\053\322\112\005\223\374\236\157\153\147\377\210\361
+\116\245\151\112\122\067\005\352\306\026\215\322\304\231\321\202
+\053\073\272\065\165\367\121\121\130\363\310\007\335\344\264\003
+\177\002\003\001\000\001\243\102\060\100\060\035\006\003\125\035
+\016\004\026\004\024\331\164\072\344\060\075\015\367\022\334\176
+\132\005\237\036\064\232\367\341\024\060\017\006\003\125\035\023
+\001\001\377\004\005\060\003\001\001\377\060\016\006\003\125\035
+\017\001\001\377\004\004\003\002\001\206\060\015\006\011\052\206
+\110\206\367\015\001\001\013\005\000\003\202\002\001\000\066\215
+\227\314\102\025\144\051\067\233\046\054\326\373\256\025\151\054
+\153\032\032\367\137\266\371\007\114\131\352\363\311\310\271\256
+\314\272\056\172\334\300\365\260\055\300\073\257\237\160\005\021
+\152\237\045\117\001\051\160\343\345\014\341\352\132\174\334\111
+\273\301\036\052\201\365\026\113\162\221\310\242\061\271\252\332
+\374\235\037\363\135\100\002\023\374\116\034\006\312\263\024\220
+\124\027\031\022\032\361\037\327\014\151\132\366\161\170\364\224
+\175\221\013\216\354\220\124\216\274\157\241\114\253\374\164\144
+\375\161\232\370\101\007\241\315\221\344\074\232\340\233\062\071
+\163\253\052\325\151\310\170\221\046\061\175\342\307\060\361\374
+\024\170\167\022\016\023\364\335\026\224\277\113\147\173\160\123
+\205\312\260\273\363\070\115\054\220\071\300\015\302\135\153\351
+\342\345\325\210\215\326\054\277\253\033\276\265\050\207\022\027
+\164\156\374\175\374\217\320\207\046\260\033\373\271\154\253\342
+\236\075\025\301\073\056\147\002\130\221\237\357\370\102\037\054
+\267\150\365\165\255\317\265\366\377\021\175\302\360\044\245\255
+\323\372\240\074\251\372\135\334\245\240\357\104\244\276\326\350
+\345\344\023\226\027\173\006\076\062\355\307\267\102\274\166\243
+\330\145\070\053\070\065\121\041\016\016\157\056\064\023\100\341
+\053\147\014\155\112\101\060\030\043\132\062\125\231\311\027\340
+\074\336\366\354\171\255\053\130\031\242\255\054\042\032\225\216
+\276\226\220\135\102\127\304\371\024\003\065\053\034\055\121\127
+\010\247\072\336\077\344\310\264\003\163\302\301\046\200\273\013
+\102\037\255\015\257\046\162\332\314\276\263\243\203\130\015\202
+\305\037\106\121\343\234\030\314\215\233\215\354\111\353\165\120
+\325\214\050\131\312\164\064\332\214\013\041\253\036\352\033\345
+\307\375\025\076\300\027\252\373\043\156\046\106\313\372\371\261
+\162\153\151\317\042\204\013\142\017\254\331\031\000\224\242\166
+\074\324\055\232\355\004\236\055\006\142\020\067\122\034\205\162
+\033\047\345\314\306\061\354\067\354\143\131\233\013\035\166\314
+\176\062\232\210\225\010\066\122\273\336\166\137\166\111\111\255
+\177\275\145\040\262\311\301\053\166\030\166\237\126\261
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "SSL.com EV Root Certification Authority RSA R2"
-# Issuer: CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Serial Number:56:b6:29:cd:34:bc:78:f6
-# Subject: CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Not Valid Before: Wed May 31 18:14:37 2017
-# Not Valid After : Fri May 30 18:14:37 2042
-# Fingerprint (SHA-256): 2E:7B:F1:6C:C2:24:85:A7:BB:E2:AA:86:96:75:07:61:B0:AE:39:BE:3B:2F:E9:D0:CC:6D:4E:F7:34:91:42:5C
-# Fingerprint (SHA1): 74:3A:F0:52:9B:D0:32:A0:F4:4A:83:CD:D4:BA:A9:7B:7C:2E:C4:9A
+# Trust for "UCA Extended Validation Root"
+# Issuer: CN=UCA Extended Validation Root,O=UniTrust,C=CN
+# Serial Number:4f:d2:2b:8f:f5:64:c8:33:9e:4f:34:58:66:23:70:60
+# Subject: CN=UCA Extended Validation Root,O=UniTrust,C=CN
+# Not Valid Before: Fri Mar 13 00:00:00 2015
+# Not Valid After : Fri Dec 31 00:00:00 2038
+# Fingerprint (SHA-256): D4:3A:F9:B3:54:73:75:5C:96:84:FC:06:D7:D8:CB:70:EE:5C:28:E7:73:FB:29:4E:B4:1E:E7:17:22:92:4D:24
+# Fingerprint (SHA1): A3:A1:B0:6F:24:61:23:4A:E3:36:A5:C2:37:FC:A6:FF:DD:F0:D7:3A
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "SSL.com EV Root Certification Authority RSA R2"
+CKA_LABEL UTF8 "UCA Extended Validation Root"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\164\072\360\122\233\320\062\240\364\112\203\315\324\272\251\173
-\174\056\304\232
+\243\241\260\157\044\141\043\112\343\066\245\302\067\374\246\377
+\335\360\327\072
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\341\036\061\130\032\256\124\123\002\366\027\152\021\173\115\225
+\241\363\137\103\306\064\233\332\277\214\176\005\123\255\226\342
END
CKA_ISSUER MULTILINE_OCTAL
-\060\201\202\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163
-\061\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164
-\157\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114
-\040\103\157\162\160\157\162\141\164\151\157\156\061\067\060\065
-\006\003\125\004\003\014\056\123\123\114\056\143\157\155\040\105
-\126\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\122
-\123\101\040\122\062
+\060\107\061\013\060\011\006\003\125\004\006\023\002\103\116\061
+\021\060\017\006\003\125\004\012\014\010\125\156\151\124\162\165
+\163\164\061\045\060\043\006\003\125\004\003\014\034\125\103\101
+\040\105\170\164\145\156\144\145\144\040\126\141\154\151\144\141
+\164\151\157\156\040\122\157\157\164
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\010\126\266\051\315\064\274\170\366
+\002\020\117\322\053\217\365\144\310\063\236\117\064\130\146\043
+\160\140
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
@@ -22868,128 +22975,181 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
#
-# Certificate "SSL.com EV Root Certification Authority ECC"
+# Certificate "Certigna Root CA"
#
-# Issuer: CN=SSL.com EV Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Serial Number:2c:29:9c:5b:16:ed:05:95
-# Subject: CN=SSL.com EV Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Not Valid Before: Fri Feb 12 18:15:23 2016
-# Not Valid After : Tue Feb 12 18:15:23 2041
-# Fingerprint (SHA-256): 22:A2:C1:F7:BD:ED:70:4C:C1:E7:01:B5:F4:08:C3:10:88:0F:E9:56:B5:DE:2A:4A:44:F9:9C:87:3A:25:A7:C8
-# Fingerprint (SHA1): 4C:DD:51:A3:D1:F5:20:32:14:B0:C6:C5:32:23:03:91:C7:46:42:6D
+# Issuer: CN=Certigna Root CA,OU=0002 48146308100036,O=Dhimyotis,C=FR
+# Serial Number:00:ca:e9:1b:89:f1:55:03:0d:a3:e6:41:6d:c4:e3:a6:e1
+# Subject: CN=Certigna Root CA,OU=0002 48146308100036,O=Dhimyotis,C=FR
+# Not Valid Before: Tue Oct 01 08:32:27 2013
+# Not Valid After : Sat Oct 01 08:32:27 2033
+# Fingerprint (SHA-256): D4:8D:3D:23:EE:DB:50:A4:59:E5:51:97:60:1C:27:77:4B:9D:7B:18:C9:4D:5A:05:95:11:A1:02:50:B9:31:68
+# Fingerprint (SHA1): 2D:0D:52:14:FF:9E:AD:99:24:01:74:20:47:6E:6C:85:27:27:F5:43
CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "SSL.com EV Root Certification Authority ECC"
+CKA_LABEL UTF8 "Certigna Root CA"
CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
CKA_SUBJECT MULTILINE_OCTAL
-\060\177\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
-\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
-\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
-\103\157\162\160\157\162\141\164\151\157\156\061\064\060\062\006
-\003\125\004\003\014\053\123\123\114\056\143\157\155\040\105\126
-\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\105\103
-\103
+\060\132\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\104\150\151\155\171\157
+\164\151\163\061\034\060\032\006\003\125\004\013\014\023\060\060
+\060\062\040\064\070\061\064\066\063\060\070\061\060\060\060\063
+\066\061\031\060\027\006\003\125\004\003\014\020\103\145\162\164
+\151\147\156\141\040\122\157\157\164\040\103\101
END
CKA_ID UTF8 "0"
CKA_ISSUER MULTILINE_OCTAL
-\060\177\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
-\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
-\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
-\103\157\162\160\157\162\141\164\151\157\156\061\064\060\062\006
-\003\125\004\003\014\053\123\123\114\056\143\157\155\040\105\126
-\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\105\103
-\103
+\060\132\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\104\150\151\155\171\157
+\164\151\163\061\034\060\032\006\003\125\004\013\014\023\060\060
+\060\062\040\064\070\061\064\066\063\060\070\061\060\060\060\063
+\066\061\031\060\027\006\003\125\004\003\014\020\103\145\162\164
+\151\147\156\141\040\122\157\157\164\040\103\101
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\010\054\051\234\133\026\355\005\225
+\002\021\000\312\351\033\211\361\125\003\015\243\346\101\155\304
+\343\246\341
END
CKA_VALUE MULTILINE_OCTAL
-\060\202\002\224\060\202\002\032\240\003\002\001\002\002\010\054
-\051\234\133\026\355\005\225\060\012\006\010\052\206\110\316\075
-\004\003\002\060\177\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\016\060\014\006\003\125\004\010\014\005\124\145\170
-\141\163\061\020\060\016\006\003\125\004\007\014\007\110\157\165
-\163\164\157\156\061\030\060\026\006\003\125\004\012\014\017\123
-\123\114\040\103\157\162\160\157\162\141\164\151\157\156\061\064
-\060\062\006\003\125\004\003\014\053\123\123\114\056\143\157\155
-\040\105\126\040\122\157\157\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\105\103\103\060\036\027\015\061\066\060\062\061\062\061\070
-\061\065\062\063\132\027\015\064\061\060\062\061\062\061\070\061
-\065\062\063\132\060\177\061\013\060\011\006\003\125\004\006\023
-\002\125\123\061\016\060\014\006\003\125\004\010\014\005\124\145
-\170\141\163\061\020\060\016\006\003\125\004\007\014\007\110\157
-\165\163\164\157\156\061\030\060\026\006\003\125\004\012\014\017
-\123\123\114\040\103\157\162\160\157\162\141\164\151\157\156\061
-\064\060\062\006\003\125\004\003\014\053\123\123\114\056\143\157
-\155\040\105\126\040\122\157\157\164\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\040\105\103\103\060\166\060\020\006\007\052\206\110\316\075
-\002\001\006\005\053\201\004\000\042\003\142\000\004\252\022\107
-\220\230\033\373\357\303\100\007\203\040\116\361\060\202\242\006
-\321\362\222\206\141\362\366\041\150\312\000\304\307\352\103\000
-\124\206\334\375\037\337\000\270\101\142\134\334\160\026\062\336
-\037\231\324\314\305\007\310\010\037\141\026\007\121\075\175\134
-\007\123\343\065\070\214\337\315\237\331\056\015\112\266\031\056
-\132\160\132\006\355\276\360\241\260\312\320\011\051\243\143\060
-\141\060\035\006\003\125\035\016\004\026\004\024\133\312\136\345
-\336\322\201\252\315\250\055\144\121\266\331\162\233\227\346\117
-\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
-\377\060\037\006\003\125\035\043\004\030\060\026\200\024\133\312
-\136\345\336\322\201\252\315\250\055\144\121\266\331\162\233\227
-\346\117\060\016\006\003\125\035\017\001\001\377\004\004\003\002
-\001\206\060\012\006\010\052\206\110\316\075\004\003\002\003\150
-\000\060\145\002\061\000\212\346\100\211\067\353\351\325\023\331
-\312\324\153\044\363\260\075\207\106\130\032\354\261\337\157\373
-\126\272\160\153\307\070\314\350\261\214\117\017\367\361\147\166
-\016\203\320\036\121\217\002\060\075\366\043\050\046\114\306\140
-\207\223\046\233\262\065\036\272\326\367\074\321\034\316\372\045
-\074\246\032\201\025\133\363\022\017\154\356\145\212\311\207\250
-\371\007\340\142\232\214\134\112
+\060\202\006\133\060\202\004\103\240\003\002\001\002\002\021\000
+\312\351\033\211\361\125\003\015\243\346\101\155\304\343\246\341
+\060\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060
+\132\061\013\060\011\006\003\125\004\006\023\002\106\122\061\022
+\060\020\006\003\125\004\012\014\011\104\150\151\155\171\157\164
+\151\163\061\034\060\032\006\003\125\004\013\014\023\060\060\060
+\062\040\064\070\061\064\066\063\060\070\061\060\060\060\063\066
+\061\031\060\027\006\003\125\004\003\014\020\103\145\162\164\151
+\147\156\141\040\122\157\157\164\040\103\101\060\036\027\015\061
+\063\061\060\060\061\060\070\063\062\062\067\132\027\015\063\063
+\061\060\060\061\060\070\063\062\062\067\132\060\132\061\013\060
+\011\006\003\125\004\006\023\002\106\122\061\022\060\020\006\003
+\125\004\012\014\011\104\150\151\155\171\157\164\151\163\061\034
+\060\032\006\003\125\004\013\014\023\060\060\060\062\040\064\070
+\061\064\066\063\060\070\061\060\060\060\063\066\061\031\060\027
+\006\003\125\004\003\014\020\103\145\162\164\151\147\156\141\040
+\122\157\157\164\040\103\101\060\202\002\042\060\015\006\011\052
+\206\110\206\367\015\001\001\001\005\000\003\202\002\017\000\060
+\202\002\012\002\202\002\001\000\315\030\071\145\032\131\261\352
+\144\026\016\214\224\044\225\174\203\323\305\071\046\334\014\357
+\026\127\215\327\330\254\243\102\177\202\312\355\315\133\333\016
+\267\055\355\105\010\027\262\331\263\313\326\027\122\162\050\333
+\216\116\236\212\266\013\371\236\204\232\115\166\336\042\051\134
+\322\263\322\006\076\060\071\251\164\243\222\126\034\241\157\114
+\012\040\155\237\043\172\264\306\332\054\344\035\054\334\263\050
+\320\023\362\114\116\002\111\241\124\100\236\346\345\005\240\055
+\204\310\377\230\154\320\353\212\032\204\010\036\267\150\043\356
+\043\325\160\316\155\121\151\020\356\241\172\302\321\042\061\302
+\202\205\322\362\125\166\120\174\045\172\311\204\134\013\254\335
+\102\116\053\347\202\242\044\211\313\220\262\320\356\043\272\146
+\114\273\142\244\371\123\132\144\173\174\230\372\243\110\236\017
+\225\256\247\030\364\152\354\056\003\105\257\360\164\370\052\315
+\172\135\321\276\104\046\062\051\361\361\365\154\314\176\002\041
+\013\237\157\244\077\276\235\123\342\317\175\251\054\174\130\032
+\227\341\075\067\067\030\146\050\322\100\305\121\212\214\303\055
+\316\123\210\044\130\144\060\026\305\252\340\326\012\246\100\337
+\170\366\365\004\174\151\023\204\274\321\321\247\006\317\001\367
+\150\300\250\127\273\072\141\255\004\214\223\343\255\374\360\333
+\104\155\131\334\111\131\256\254\232\231\066\060\101\173\166\063
+\042\207\243\302\222\206\156\371\160\356\256\207\207\225\033\304
+\172\275\061\363\324\322\345\231\377\276\110\354\165\365\170\026
+\035\246\160\301\177\074\033\241\222\373\317\310\074\326\305\223
+\012\217\365\125\072\166\225\316\131\230\212\011\225\167\062\232
+\203\272\054\004\072\227\275\324\057\276\327\154\233\242\312\175
+\155\046\311\125\325\317\303\171\122\010\011\231\007\044\055\144
+\045\153\246\041\151\233\152\335\164\115\153\227\172\101\275\253
+\027\371\220\027\110\217\066\371\055\325\305\333\356\252\205\105
+\101\372\315\072\105\261\150\346\066\114\233\220\127\354\043\271
+\207\010\302\304\011\361\227\206\052\050\115\342\164\300\332\304
+\214\333\337\342\241\027\131\316\044\131\164\061\332\177\375\060
+\155\331\334\341\152\341\374\137\002\003\001\000\001\243\202\001
+\032\060\202\001\026\060\017\006\003\125\035\023\001\001\377\004
+\005\060\003\001\001\377\060\016\006\003\125\035\017\001\001\377
+\004\004\003\002\001\006\060\035\006\003\125\035\016\004\026\004
+\024\030\207\126\340\156\167\356\044\065\074\116\163\232\037\326
+\341\342\171\176\053\060\037\006\003\125\035\043\004\030\060\026
+\200\024\030\207\126\340\156\167\356\044\065\074\116\163\232\037
+\326\341\342\171\176\053\060\104\006\003\125\035\040\004\075\060
+\073\060\071\006\004\125\035\040\000\060\061\060\057\006\010\053
+\006\001\005\005\007\002\001\026\043\150\164\164\160\163\072\057
+\057\167\167\167\167\056\143\145\162\164\151\147\156\141\056\146
+\162\057\141\165\164\157\162\151\164\145\163\057\060\155\006\003
+\125\035\037\004\146\060\144\060\057\240\055\240\053\206\051\150
+\164\164\160\072\057\057\143\162\154\056\143\145\162\164\151\147
+\156\141\056\146\162\057\143\145\162\164\151\147\156\141\162\157
+\157\164\143\141\056\143\162\154\060\061\240\057\240\055\206\053
+\150\164\164\160\072\057\057\143\162\154\056\144\150\151\155\171
+\157\164\151\163\056\143\157\155\057\143\145\162\164\151\147\156
+\141\162\157\157\164\143\141\056\143\162\154\060\015\006\011\052
+\206\110\206\367\015\001\001\013\005\000\003\202\002\001\000\224
+\270\236\117\360\343\225\010\042\347\315\150\101\367\034\125\325
+\174\000\342\055\072\211\135\150\070\057\121\042\013\112\215\313
+\351\273\135\076\273\134\075\261\050\376\344\123\125\023\317\241
+\220\033\002\035\137\146\106\011\063\050\341\015\044\227\160\323
+\020\037\352\144\127\226\273\135\332\347\304\214\117\114\144\106
+\035\134\207\343\131\336\102\321\233\250\176\246\211\335\217\034
+\311\060\202\355\073\234\315\300\351\031\340\152\330\002\165\067
+\253\367\064\050\050\221\362\004\012\117\065\343\140\046\001\372
+\320\021\214\371\021\152\356\257\075\303\120\323\217\137\063\171
+\074\206\250\163\105\220\214\040\266\162\163\027\043\276\007\145
+\345\170\222\015\272\001\300\353\214\034\146\277\254\206\167\001
+\224\015\234\346\351\071\215\037\246\121\214\231\014\071\167\341
+\264\233\372\034\147\127\157\152\152\216\251\053\114\127\171\172
+\127\042\317\315\137\143\106\215\134\131\072\206\370\062\107\142
+\243\147\015\030\221\334\373\246\153\365\110\141\163\043\131\216
+\002\247\274\104\352\364\111\235\361\124\130\371\140\257\332\030
+\244\057\050\105\334\172\240\210\206\135\363\073\347\377\051\065
+\200\374\144\103\224\346\343\034\157\276\255\016\052\143\231\053
+\311\176\205\366\161\350\006\003\225\376\336\217\110\034\132\324
+\222\350\053\356\347\061\333\272\004\152\207\230\347\305\137\357
+\175\247\042\367\001\330\115\371\211\320\016\232\005\131\244\236
+\230\331\157\053\312\160\276\144\302\125\243\364\351\257\303\222
+\051\334\210\026\044\231\074\215\046\230\266\133\267\314\316\267
+\067\007\375\046\331\230\205\044\377\131\043\003\232\355\235\235
+\250\344\136\070\316\327\122\015\157\322\077\155\261\005\153\111
+\316\212\221\106\163\364\366\057\360\250\163\167\016\145\254\241
+\215\146\122\151\176\113\150\014\307\036\067\047\203\245\214\307
+\002\344\024\315\111\001\260\163\263\375\306\220\072\157\322\154
+\355\073\356\354\221\276\242\103\135\213\000\112\146\045\104\160
+\336\100\017\370\174\025\367\242\316\074\327\136\023\214\201\027
+\030\027\321\275\361\167\020\072\324\145\071\301\047\254\127\054
+\045\124\377\242\332\117\212\141\071\136\256\075\112\214\275
END
CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
-# Trust for "SSL.com EV Root Certification Authority ECC"
-# Issuer: CN=SSL.com EV Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Serial Number:2c:29:9c:5b:16:ed:05:95
-# Subject: CN=SSL.com EV Root Certification Authority ECC,O=SSL Corporation,L=Houston,ST=Texas,C=US
-# Not Valid Before: Fri Feb 12 18:15:23 2016
-# Not Valid After : Tue Feb 12 18:15:23 2041
-# Fingerprint (SHA-256): 22:A2:C1:F7:BD:ED:70:4C:C1:E7:01:B5:F4:08:C3:10:88:0F:E9:56:B5:DE:2A:4A:44:F9:9C:87:3A:25:A7:C8
-# Fingerprint (SHA1): 4C:DD:51:A3:D1:F5:20:32:14:B0:C6:C5:32:23:03:91:C7:46:42:6D
+# Trust for "Certigna Root CA"
+# Issuer: CN=Certigna Root CA,OU=0002 48146308100036,O=Dhimyotis,C=FR
+# Serial Number:00:ca:e9:1b:89:f1:55:03:0d:a3:e6:41:6d:c4:e3:a6:e1
+# Subject: CN=Certigna Root CA,OU=0002 48146308100036,O=Dhimyotis,C=FR
+# Not Valid Before: Tue Oct 01 08:32:27 2013
+# Not Valid After : Sat Oct 01 08:32:27 2033
+# Fingerprint (SHA-256): D4:8D:3D:23:EE:DB:50:A4:59:E5:51:97:60:1C:27:77:4B:9D:7B:18:C9:4D:5A:05:95:11:A1:02:50:B9:31:68
+# Fingerprint (SHA1): 2D:0D:52:14:FF:9E:AD:99:24:01:74:20:47:6E:6C:85:27:27:F5:43
CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
CKA_TOKEN CK_BBOOL CK_TRUE
CKA_PRIVATE CK_BBOOL CK_FALSE
CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "SSL.com EV Root Certification Authority ECC"
+CKA_LABEL UTF8 "Certigna Root CA"
CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\114\335\121\243\321\365\040\062\024\260\306\305\062\043\003\221
-\307\106\102\155
+\055\015\122\024\377\236\255\231\044\001\164\040\107\156\154\205
+\047\047\365\103
END
CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\131\123\042\145\203\102\001\124\300\316\102\271\132\174\362\220
+\016\134\060\142\047\353\133\274\327\256\142\272\351\325\337\167
END
CKA_ISSUER MULTILINE_OCTAL
-\060\177\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\016\060\014\006\003\125\004\010\014\005\124\145\170\141\163\061
-\020\060\016\006\003\125\004\007\014\007\110\157\165\163\164\157
-\156\061\030\060\026\006\003\125\004\012\014\017\123\123\114\040
-\103\157\162\160\157\162\141\164\151\157\156\061\064\060\062\006
-\003\125\004\003\014\053\123\123\114\056\143\157\155\040\105\126
-\040\122\157\157\164\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\105\103
-\103
+\060\132\061\013\060\011\006\003\125\004\006\023\002\106\122\061
+\022\060\020\006\003\125\004\012\014\011\104\150\151\155\171\157
+\164\151\163\061\034\060\032\006\003\125\004\013\014\023\060\060
+\060\062\040\064\070\061\064\066\063\060\070\061\060\060\060\063
+\066\061\031\060\027\006\003\125\004\003\014\020\103\145\162\164
+\151\147\156\141\040\122\157\157\164\040\103\101
END
CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\010\054\051\234\133\026\355\005\225
+\002\021\000\312\351\033\211\361\125\003\015\243\346\101\155\304
+\343\246\341
END
CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
diff --git a/security/nss/lib/ckfw/builtins/nssckbi.h b/security/nss/lib/ckfw/builtins/nssckbi.h
index d40c8080e..157d9c40d 100644
--- a/security/nss/lib/ckfw/builtins/nssckbi.h
+++ b/security/nss/lib/ckfw/builtins/nssckbi.h
@@ -46,8 +46,8 @@
* It's recommend to switch back to 0 after having reached version 98/99.
*/
#define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 2
-#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 24
-#define NSS_BUILTINS_LIBRARY_VERSION "2.24"
+#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 30
+#define NSS_BUILTINS_LIBRARY_VERSION "2.30"
/* These version numbers detail the semantic changes to the ckfw engine. */
#define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1
diff --git a/security/nss/lib/ckfw/ckfw.h b/security/nss/lib/ckfw/ckfw.h
index d4a2ead99..9e7e17e36 100644
--- a/security/nss/lib/ckfw/ckfw.h
+++ b/security/nss/lib/ckfw/ckfw.h
@@ -1604,8 +1604,8 @@ nssCKFWSession_InitPIN(
NSS_EXTERN CK_RV
nssCKFWSession_SetPIN(
NSSCKFWSession *fwSession,
- NSSItem *newPin,
- NSSItem *oldPin);
+ const NSSItem *oldPin,
+ NSSItem *newPin);
/*
* nssCKFWSession_GetOperationStateLen
diff --git a/security/nss/lib/ckfw/session.c b/security/nss/lib/ckfw/session.c
index 7efedf403..e2613089b 100644
--- a/security/nss/lib/ckfw/session.c
+++ b/security/nss/lib/ckfw/session.c
@@ -871,7 +871,7 @@ nssCKFWSession_InitPIN(
NSS_IMPLEMENT CK_RV
nssCKFWSession_SetPIN(
NSSCKFWSession *fwSession,
- NSSItem *oldPin,
+ const NSSItem *oldPin,
NSSItem *newPin)
{
CK_RV error = CKR_OK;
@@ -907,7 +907,7 @@ nssCKFWSession_SetPIN(
error = fwSession->mdSession->SetPIN(fwSession->mdSession, fwSession,
fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, oldPin, newPin);
+ fwSession->fwInstance, (NSSItem *)oldPin, newPin);
return error;
}
diff --git a/security/nss/lib/cryptohi/cryptohi.h b/security/nss/lib/cryptohi/cryptohi.h
index e529fa34f..7b66f0b0b 100644
--- a/security/nss/lib/cryptohi/cryptohi.h
+++ b/security/nss/lib/cryptohi/cryptohi.h
@@ -14,7 +14,7 @@
#include "secoidt.h"
#include "secdert.h"
#include "cryptoht.h"
-#include "keyt.h"
+#include "keythi.h"
#include "certt.h"
SEC_BEGIN_PROTOS
diff --git a/security/nss/lib/cryptohi/key.h b/security/nss/lib/cryptohi/key.h
index 3e89b74cb..8392031c5 100644
--- a/security/nss/lib/cryptohi/key.h
+++ b/security/nss/lib/cryptohi/key.h
@@ -2,11 +2,13 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-/* This header is deprecated. Please include keyhi.h instead. */
-
#ifndef _KEY_H_
#define _KEY_H_
+#if defined(_MSC_VER) || defined(__GNUC__) || defined(__clang__)
+#pragma message("key.h is deprecated. Please include keyhi.h instead.")
+#endif
+
#include "keyhi.h"
#endif /* _KEY_H_ */
diff --git a/security/nss/lib/cryptohi/keyi.h b/security/nss/lib/cryptohi/keyi.h
index ee11fc905..b746d3c8d 100644
--- a/security/nss/lib/cryptohi/keyi.h
+++ b/security/nss/lib/cryptohi/keyi.h
@@ -17,8 +17,21 @@ KeyType seckey_GetKeyType(SECOidTag pubKeyOid);
SECStatus sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg,
const SECItem *param, SECOidTag *encalg, SECOidTag *hashalg);
-SECStatus sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_PSS_PARAMS *mech,
- const SECKEYRSAPSSParams *params);
+/* extract the RSA-PSS hash algorithms and salt length from
+ * parameters, taking into account of the default implications.
+ *
+ * (parameters is the parameters field of a algorithm ID structure
+ * (SECAlgorithmID)*/
+SECStatus sec_DecodeRSAPSSParams(PLArenaPool *arena,
+ const SECItem *params,
+ SECOidTag *hashAlg,
+ SECOidTag *maskHashAlg,
+ unsigned long *saltLength);
+
+/* convert the encoded RSA-PSS parameters into PKCS #11 mechanism parameters */
+SECStatus sec_DecodeRSAPSSParamsToMechanism(PLArenaPool *arena,
+ const SECItem *params,
+ CK_RSA_PKCS_PSS_PARAMS *mech);
SEC_END_PROTOS
diff --git a/security/nss/lib/cryptohi/keyt.h b/security/nss/lib/cryptohi/keyt.h
index 99da312f6..5a0d2c2e7 100644
--- a/security/nss/lib/cryptohi/keyt.h
+++ b/security/nss/lib/cryptohi/keyt.h
@@ -5,6 +5,10 @@
#ifndef _KEYT_H_
#define _KEYT_H_
+#if defined(_MSC_VER) || defined(__GNUC__) || defined(__clang__)
+#pragma message("keyt.h is deprecated. Please include keythi.h instead.")
+#endif
+
#include "keythi.h"
#endif /* _KEYT_H_ */
diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c
index 0f9353f3b..080909772 100644
--- a/security/nss/lib/cryptohi/seckey.c
+++ b/security/nss/lib/cryptohi/seckey.c
@@ -2015,66 +2015,63 @@ sec_GetMgfTypeByOidTag(SECOidTag tag)
}
SECStatus
-sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_PSS_PARAMS *mech,
- const SECKEYRSAPSSParams *params)
+sec_DecodeRSAPSSParams(PLArenaPool *arena,
+ const SECItem *params,
+ SECOidTag *retHashAlg, SECOidTag *retMaskHashAlg,
+ unsigned long *retSaltLength)
{
- SECStatus rv = SECSuccess;
- SECOidTag hashAlgTag;
+ SECKEYRSAPSSParams pssParams;
+ SECOidTag hashAlg;
+ SECOidTag maskHashAlg;
unsigned long saltLength;
unsigned long trailerField;
+ SECStatus rv;
- PORT_Memset(mech, 0, sizeof(CK_RSA_PKCS_PSS_PARAMS));
+ PORT_Memset(&pssParams, 0, sizeof(pssParams));
+ rv = SEC_QuickDERDecodeItem(arena, &pssParams,
+ SECKEY_RSAPSSParamsTemplate,
+ params);
+ if (rv != SECSuccess) {
+ return rv;
+ }
- if (params->hashAlg) {
- hashAlgTag = SECOID_GetAlgorithmTag(params->hashAlg);
+ if (pssParams.hashAlg) {
+ hashAlg = SECOID_GetAlgorithmTag(pssParams.hashAlg);
} else {
- hashAlgTag = SEC_OID_SHA1; /* default, SHA-1 */
- }
- mech->hashAlg = sec_GetHashMechanismByOidTag(hashAlgTag);
- if (mech->hashAlg == CKM_INVALID_MECHANISM) {
- return SECFailure;
+ hashAlg = SEC_OID_SHA1; /* default, SHA-1 */
}
- if (params->maskAlg) {
- SECAlgorithmID maskHashAlg;
- SECOidTag maskHashAlgTag;
- PORTCheapArenaPool tmpArena;
+ if (pssParams.maskAlg) {
+ SECAlgorithmID algId;
- if (SECOID_GetAlgorithmTag(params->maskAlg) != SEC_OID_PKCS1_MGF1) {
+ if (SECOID_GetAlgorithmTag(pssParams.maskAlg) != SEC_OID_PKCS1_MGF1) {
/* only MGF1 is known to PKCS#11 */
PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
return SECFailure;
}
- PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
- rv = SEC_QuickDERDecodeItem(&tmpArena.arena, &maskHashAlg,
+ rv = SEC_QuickDERDecodeItem(arena, &algId,
SEC_ASN1_GET(SECOID_AlgorithmIDTemplate),
- ¶ms->maskAlg->parameters);
- PORT_DestroyCheapArena(&tmpArena);
+ &pssParams.maskAlg->parameters);
if (rv != SECSuccess) {
return rv;
}
- maskHashAlgTag = SECOID_GetAlgorithmTag(&maskHashAlg);
- mech->mgf = sec_GetMgfTypeByOidTag(maskHashAlgTag);
- if (mech->mgf == 0) {
- return SECFailure;
- }
+ maskHashAlg = SECOID_GetAlgorithmTag(&algId);
} else {
- mech->mgf = CKG_MGF1_SHA1; /* default, MGF1 with SHA-1 */
+ maskHashAlg = SEC_OID_SHA1; /* default, MGF1 with SHA-1 */
}
- if (params->saltLength.data) {
- rv = SEC_ASN1DecodeInteger((SECItem *)¶ms->saltLength, &saltLength);
+ if (pssParams.saltLength.data) {
+ rv = SEC_ASN1DecodeInteger((SECItem *)&pssParams.saltLength, &saltLength);
if (rv != SECSuccess) {
return rv;
}
} else {
saltLength = 20; /* default, 20 */
}
- mech->sLen = saltLength;
- if (params->trailerField.data) {
- rv = SEC_ASN1DecodeInteger((SECItem *)¶ms->trailerField, &trailerField);
+ if (pssParams.trailerField.data) {
+ rv = SEC_ASN1DecodeInteger((SECItem *)&pssParams.trailerField, &trailerField);
if (rv != SECSuccess) {
return rv;
}
@@ -2086,5 +2083,46 @@ sec_RSAPSSParamsToMechanism(CK_RSA_PKCS_PSS_PARAMS *mech,
}
}
- return rv;
+ if (retHashAlg) {
+ *retHashAlg = hashAlg;
+ }
+ if (retMaskHashAlg) {
+ *retMaskHashAlg = maskHashAlg;
+ }
+ if (retSaltLength) {
+ *retSaltLength = saltLength;
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+sec_DecodeRSAPSSParamsToMechanism(PLArenaPool *arena,
+ const SECItem *params,
+ CK_RSA_PKCS_PSS_PARAMS *mech)
+{
+ SECOidTag hashAlg;
+ SECOidTag maskHashAlg;
+ unsigned long saltLength;
+ SECStatus rv;
+
+ rv = sec_DecodeRSAPSSParams(arena, params,
+ &hashAlg, &maskHashAlg, &saltLength);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ mech->hashAlg = sec_GetHashMechanismByOidTag(hashAlg);
+ if (mech->hashAlg == CKM_INVALID_MECHANISM) {
+ return SECFailure;
+ }
+
+ mech->mgf = sec_GetMgfTypeByOidTag(maskHashAlg);
+ if (mech->mgf == 0) {
+ return SECFailure;
+ }
+
+ mech->sLen = saltLength;
+
+ return SECSuccess;
}
diff --git a/security/nss/lib/cryptohi/secsign.c b/security/nss/lib/cryptohi/secsign.c
index dc10f2fa6..8a8d0f664 100644
--- a/security/nss/lib/cryptohi/secsign.c
+++ b/security/nss/lib/cryptohi/secsign.c
@@ -225,22 +225,13 @@ SGN_End(SGNContext *cx, SECItem *result)
PORT_Memset(&mech, 0, sizeof(mech));
if (cx->params && cx->params->data) {
- SECKEYRSAPSSParams params;
-
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if (!arena) {
rv = SECFailure;
goto loser;
}
- PORT_Memset(¶ms, 0, sizeof(params));
- rv = SEC_QuickDERDecodeItem(arena, ¶ms,
- SECKEY_RSAPSSParamsTemplate,
- cx->params);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = sec_RSAPSSParamsToMechanism(&mech, ¶ms);
+ rv = sec_DecodeRSAPSSParamsToMechanism(arena, cx->params, &mech);
if (rv != SECSuccess) {
goto loser;
}
diff --git a/security/nss/lib/cryptohi/secvfy.c b/security/nss/lib/cryptohi/secvfy.c
index 83c9c579d..aa3d6778c 100644
--- a/security/nss/lib/cryptohi/secvfy.c
+++ b/security/nss/lib/cryptohi/secvfy.c
@@ -161,7 +161,7 @@ verifyPKCS1DigestInfo(const VFYContext *cx, const SECItem *digest)
pkcs1DigestInfo.len = cx->pkcs1RSADigestInfoLen;
return _SGN_VerifyPKCS1DigestInfo(
cx->hashAlg, digest, &pkcs1DigestInfo,
- PR_TRUE /*XXX: unsafeAllowMissingParameters*/);
+ PR_FALSE /*XXX: unsafeAllowMissingParameters*/);
}
/*
@@ -257,25 +257,13 @@ sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg,
break;
case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
if (param && param->data) {
- SECKEYRSAPSSParams pssParam;
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- return SECFailure;
- }
- PORT_Memset(&pssParam, 0, sizeof pssParam);
- rv = SEC_QuickDERDecodeItem(arena, &pssParam,
- SECKEY_RSAPSSParamsTemplate,
- param);
- if (rv != SECSuccess) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
- if (pssParam.hashAlg) {
- *hashalg = SECOID_GetAlgorithmTag(pssParam.hashAlg);
- } else {
- *hashalg = SEC_OID_SHA1; /* default, SHA-1 */
- }
- PORT_FreeArena(arena, PR_FALSE);
+ PORTCheapArenaPool tmpArena;
+
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+ rv = sec_DecodeRSAPSSParams(&tmpArena.arena, param,
+ hashalg, NULL, NULL);
+ PORT_DestroyCheapArena(&tmpArena);
+
/* only accept hash algorithms */
if (HASH_GetHashTypeByOidTag(*hashalg) == HASH_AlgNULL) {
/* error set by HASH_GetHashTypeByOidTag */
@@ -658,27 +646,17 @@ VFY_EndWithSignature(VFYContext *cx, SECItem *sig)
if (cx->encAlg == SEC_OID_PKCS1_RSA_PSS_SIGNATURE) {
CK_RSA_PKCS_PSS_PARAMS mech;
SECItem mechItem = { siBuffer, (unsigned char *)&mech, sizeof(mech) };
- SECKEYRSAPSSParams params;
- PLArenaPool *arena;
+ PORTCheapArenaPool tmpArena;
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- return SECFailure;
- }
-
- PORT_Memset(¶ms, 0, sizeof(params));
- rv = SEC_QuickDERDecodeItem(arena, ¶ms,
- SECKEY_RSAPSSParamsTemplate,
- cx->params);
- if (rv != SECSuccess) {
- PORT_FreeArena(arena, PR_FALSE);
- return SECFailure;
- }
- rv = sec_RSAPSSParamsToMechanism(&mech, ¶ms);
- PORT_FreeArena(arena, PR_FALSE);
+ PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE);
+ rv = sec_DecodeRSAPSSParamsToMechanism(&tmpArena.arena,
+ cx->params,
+ &mech);
+ PORT_DestroyCheapArena(&tmpArena);
if (rv != SECSuccess) {
return SECFailure;
}
+
rsasig.data = cx->u.buffer;
rsasig.len = SECKEY_SignatureLen(cx->key);
if (rsasig.len == 0) {
diff --git a/security/nss/lib/freebl/ctr.c b/security/nss/lib/freebl/ctr.c
index b7167d4c4..d7652c060 100644
--- a/security/nss/lib/freebl/ctr.c
+++ b/security/nss/lib/freebl/ctr.c
@@ -219,15 +219,18 @@ CTR_Update_HW_AES(CTRContext *ctr, unsigned char *outbuf,
PORT_Assert(ctr->bufPtr == blocksize);
}
- intel_aes_ctr_worker(((AESContext *)(ctr->context))->Nr)(
- ctr, outbuf, outlen, maxout, inbuf, inlen, blocksize);
- /* XXX intel_aes_ctr_worker should set *outlen. */
- PORT_Assert(*outlen == 0);
- fullblocks = (inlen / blocksize) * blocksize;
- *outlen += fullblocks;
- outbuf += fullblocks;
- inbuf += fullblocks;
- inlen -= fullblocks;
+ if (inlen >= blocksize) {
+ rv = intel_aes_ctr_worker(((AESContext *)(ctr->context))->Nr)(
+ ctr, outbuf, outlen, maxout, inbuf, inlen, blocksize);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ fullblocks = (inlen / blocksize) * blocksize;
+ *outlen += fullblocks;
+ outbuf += fullblocks;
+ inbuf += fullblocks;
+ inlen -= fullblocks;
+ }
if (inlen == 0) {
return SECSuccess;
diff --git a/security/nss/lib/freebl/freebl.gyp b/security/nss/lib/freebl/freebl.gyp
index 004807483..288ff07a3 100644
--- a/security/nss/lib/freebl/freebl.gyp
+++ b/security/nss/lib/freebl/freebl.gyp
@@ -6,6 +6,30 @@
'../../coreconf/config.gypi'
],
'targets': [
+ {
+ 'target_name': 'intel-gcm-s_lib',
+ 'type': 'static_library',
+ 'sources': [
+ 'intel-aes.s',
+ 'intel-gcm.s',
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ],
+ 'conditions': [
+ [ 'cc_is_clang==1', {
+ 'cflags': [
+ '-no-integrated-as',
+ ],
+ 'cflags_mozilla': [
+ '-no-integrated-as',
+ ],
+ 'asflags_mozilla': [
+ '-no-integrated-as',
+ ],
+ }],
+ ],
+ },
{
'target_name': 'intel-gcm-wrap_c_lib',
'type': 'static_library',
@@ -15,12 +39,19 @@
'dependencies': [
'<(DEPTH)/exports.gyp:nss_exports'
],
+ 'conditions': [
+ [ '(OS=="linux" or OS=="android") and target_arch=="x64"', {
+ 'dependencies': [
+ 'intel-gcm-s_lib',
+ ],
+ }],
+ ],
'cflags': [
- '-mssse3'
+ '-mssse3',
],
'cflags_mozilla': [
'-mssse3'
- ]
+ ],
},
{
# TODO: make this so that all hardware accelerated code is in here.
diff --git a/security/nss/lib/freebl/freebl_base.gypi b/security/nss/lib/freebl/freebl_base.gypi
index 1372994f4..76df71497 100644
--- a/security/nss/lib/freebl/freebl_base.gypi
+++ b/security/nss/lib/freebl/freebl_base.gypi
@@ -67,14 +67,12 @@
[ 'target_arch=="x64"', {
'sources': [
'arcfour-amd64-gas.s',
- 'intel-aes.s',
- 'intel-gcm.s',
'mpi/mpi_amd64.c',
'mpi/mpi_amd64_gas.s',
'mpi/mp_comba.c',
],
'conditions': [
- [ 'cc_is_clang==1', {
+ [ 'cc_is_clang==1 and fuzz!=1', {
'cflags': [
'-no-integrated-as',
],
@@ -114,8 +112,7 @@
'intel-gcm-x64-masm.asm',
],
}],
- [ 'cc_use_gnu_ld!=1 and target_arch!="x64"', {
- # not x64
+ [ 'cc_use_gnu_ld!=1 and target_arch=="ia32"', {
'sources': [
'mpi/mpi_x86_asm.c',
'intel-aes-x86-masm.asm',
diff --git a/security/nss/lib/freebl/mpi/mpi.c b/security/nss/lib/freebl/mpi/mpi.c
index 8c893fb5f..401eac51d 100644
--- a/security/nss/lib/freebl/mpi/mpi.c
+++ b/security/nss/lib/freebl/mpi/mpi.c
@@ -4775,38 +4775,61 @@ mp_to_signed_octets(const mp_int *mp, unsigned char *str, mp_size maxlen)
/* }}} */
/* {{{ mp_to_fixlen_octets(mp, str) */
-/* output a buffer of big endian octets exactly as long as requested. */
+/* output a buffer of big endian octets exactly as long as requested.
+ constant time on the value of mp. */
mp_err
mp_to_fixlen_octets(const mp_int *mp, unsigned char *str, mp_size length)
{
- int ix, pos = 0;
+ int ix, jx;
unsigned int bytes;
- ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
-
- bytes = mp_unsigned_octet_size(mp);
- ARGCHK(bytes <= length, MP_BADARG);
+ ARGCHK(mp != NULL, MP_BADARG);
+ ARGCHK(str != NULL, MP_BADARG);
+ ARGCHK(!SIGN(mp), MP_BADARG);
+ ARGCHK(length > 0, MP_BADARG);
+
+ /* Constant time on the value of mp. Don't use mp_unsigned_octet_size. */
+ bytes = USED(mp) * MP_DIGIT_SIZE;
+
+ /* If the output is shorter than the native size of mp, then check that any
+ * bytes not written have zero values. This check isn't constant time on
+ * the assumption that timing-sensitive callers can guarantee that mp fits
+ * in the allocated space. */
+ ix = USED(mp) - 1;
+ if (bytes > length) {
+ unsigned int zeros = bytes - length;
+
+ while (zeros >= MP_DIGIT_SIZE) {
+ ARGCHK(DIGIT(mp, ix) == 0, MP_BADARG);
+ zeros -= MP_DIGIT_SIZE;
+ ix--;
+ }
- /* place any needed leading zeros */
- for (; length > bytes; --length) {
- *str++ = 0;
+ if (zeros > 0) {
+ mp_digit d = DIGIT(mp, ix);
+ mp_digit m = ~0ULL << ((MP_DIGIT_SIZE - zeros) * CHAR_BIT);
+ ARGCHK((d & m) == 0, MP_BADARG);
+ for (jx = MP_DIGIT_SIZE - zeros - 1; jx >= 0; jx--) {
+ *str++ = d >> (jx * CHAR_BIT);
+ }
+ ix--;
+ }
+ } else if (bytes < length) {
+ /* Place any needed leading zeros. */
+ unsigned int zeros = length - bytes;
+ memset(str, 0, zeros);
+ str += zeros;
}
- /* Iterate over each digit... */
- for (ix = USED(mp) - 1; ix >= 0; ix--) {
+ /* Iterate over each whole digit... */
+ for (; ix >= 0; ix--) {
mp_digit d = DIGIT(mp, ix);
- int jx;
/* Unpack digit bytes, high order first */
- for (jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
- unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
- if (!pos && !x) /* suppress leading zeros */
- continue;
- str[pos++] = x;
+ for (jx = MP_DIGIT_SIZE - 1; jx >= 0; jx--) {
+ *str++ = d >> (jx * CHAR_BIT);
}
}
- if (!pos)
- str[pos++] = 0;
return MP_OKAY;
} /* end mp_to_fixlen_octets() */
/* }}} */
diff --git a/security/nss/lib/freebl/mpi/mpi.h b/security/nss/lib/freebl/mpi/mpi.h
index 97af0f069..d5aef46d7 100644
--- a/security/nss/lib/freebl/mpi/mpi.h
+++ b/security/nss/lib/freebl/mpi/mpi.h
@@ -128,7 +128,8 @@ typedef int mp_sword;
#define MP_WORD_MAX UINT_MAX
#endif
-#define MP_DIGIT_BIT (CHAR_BIT * sizeof(mp_digit))
+#define MP_DIGIT_SIZE sizeof(mp_digit)
+#define MP_DIGIT_BIT (CHAR_BIT * MP_DIGIT_SIZE)
#define MP_WORD_BIT (CHAR_BIT * sizeof(mp_word))
#define MP_RADIX (1 + (mp_word)MP_DIGIT_MAX)
diff --git a/security/nss/lib/freebl/mpi/mpi_arm.c b/security/nss/lib/freebl/mpi/mpi_arm.c
index b5139f28d..27e4efdad 100644
--- a/security/nss/lib/freebl/mpi/mpi_arm.c
+++ b/security/nss/lib/freebl/mpi/mpi_arm.c
@@ -29,17 +29,17 @@ s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
"1:\n"
"mov r4, #0\n"
"ldr r6, [%0], #4\n"
- "umlal r5, r4, r6, %2\n"
- "str r5, [%3], #4\n"
+ "umlal r5, r4, r6, %3\n"
+ "str r5, [%2], #4\n"
"mov r5, r4\n"
"subs %1, #1\n"
"bne 1b\n"
"2:\n"
- "str r5, [%3]\n"
- :
- : "r"(a), "r"(a_len), "r"(b), "r"(c)
+ "str r5, [%2]\n"
+ : "+r"(a), "+l"(a_len), "+r"(c)
+ : "r"(b)
: "memory", "cc", "%r4", "%r5", "%r6");
}
@@ -57,22 +57,22 @@ s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
"1:\n"
"mov r4, #0\n"
- "ldr r6, [%3]\n"
+ "ldr r6, [%2]\n"
"adds r5, r6\n"
"adc r4, r4, #0\n"
"ldr r6, [%0], #4\n"
- "umlal r5, r4, r6, %2\n"
- "str r5, [%3], #4\n"
+ "umlal r5, r4, r6, %3\n"
+ "str r5, [%2], #4\n"
"mov r5, r4\n"
"subs %1, #1\n"
"bne 1b\n"
"2:\n"
- "str r5, [%3]\n"
- :
- : "r"(a), "r"(a_len), "r"(b), "r"(c)
+ "str r5, [%2]\n"
+ : "+r"(a), "+l"(a_len), "+r"(c)
+ : "r"(b)
: "memory", "cc", "%r4", "%r5", "%r6");
}
@@ -87,12 +87,12 @@ s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
"1:\n"
"mov r4, #0\n"
- "ldr r6, [%3]\n"
+ "ldr r6, [%2]\n"
"adds r5, r6\n"
"adc r4, r4, #0\n"
"ldr r6, [%0], #4\n"
- "umlal r5, r4, r6, %2\n"
- "str r5, [%3], #4\n"
+ "umlal r5, r4, r6, %3\n"
+ "str r5, [%2], #4\n"
"mov r5, r4\n"
"subs %1, #1\n"
@@ -107,16 +107,16 @@ s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
"2:\n"
"mov r4, #0\n"
- "ldr r6, [%3]\n"
+ "ldr r6, [%2]\n"
"adds r5, r6\n"
"adc r4, r4, #0\n"
- "str r5, [%3], #4\n"
+ "str r5, [%2], #4\n"
"movs r5, r4\n"
"bne 2b\n"
"3:\n"
- :
- : "r"(a), "r"(a_len), "r"(b), "r"(c)
+ : "+r"(a), "+l"(a_len), "+r"(c)
+ : "r"(b)
: "memory", "cc", "%r4", "%r5", "%r6");
}
#endif
@@ -167,8 +167,8 @@ s_mpv_sqr_add_prop(const mp_digit *pa, mp_size a_len, mp_digit *ps)
"bne 2b\n"
"3:"
+ : "+r"(pa), "+r"(a_len), "+r"(ps)
:
- : "r"(pa), "r"(a_len), "r"(ps)
: "memory", "cc", "%r3", "%r4", "%r5", "%r6");
}
#endif
diff --git a/security/nss/lib/freebl/rsapkcs.c b/security/nss/lib/freebl/rsapkcs.c
index ad18c8b73..875e4e28d 100644
--- a/security/nss/lib/freebl/rsapkcs.c
+++ b/security/nss/lib/freebl/rsapkcs.c
@@ -938,48 +938,56 @@ RSA_DecryptBlock(RSAPrivateKey *key,
const unsigned char *input,
unsigned int inputLen)
{
- SECStatus rv;
+ PRInt8 rv;
unsigned int modulusLen = rsa_modulusLen(&key->modulus);
unsigned int i;
- unsigned char *buffer;
+ unsigned char *buffer = NULL;
+ unsigned int outLen = 0;
+ unsigned int copyOutLen = modulusLen - 11;
- if (inputLen != modulusLen)
- goto failure;
+ if (inputLen != modulusLen || modulusLen < 10) {
+ return SECFailure;
+ }
- buffer = (unsigned char *)PORT_Alloc(modulusLen + 1);
- if (!buffer)
- goto failure;
+ if (copyOutLen > maxOutputLen) {
+ copyOutLen = maxOutputLen;
+ }
- rv = RSA_PrivateKeyOp(key, buffer, input);
- if (rv != SECSuccess)
- goto loser;
+ // Allocate enough space to decrypt + copyOutLen to allow copying outLen later.
+ buffer = PORT_ZAlloc(modulusLen + 1 + copyOutLen);
+ if (!buffer) {
+ return SECFailure;
+ }
- /* XXX(rsleevi): Constant time */
- if (buffer[0] != RSA_BLOCK_FIRST_OCTET ||
- buffer[1] != (unsigned char)RSA_BlockPublic) {
- goto loser;
+ // rv is 0 if everything is going well and 1 if an error occurs.
+ rv = RSA_PrivateKeyOp(key, buffer, input) != SECSuccess;
+ rv |= (buffer[0] != RSA_BLOCK_FIRST_OCTET) |
+ (buffer[1] != (unsigned char)RSA_BlockPublic);
+
+ // There have to be at least 8 bytes of padding.
+ for (i = 2; i < 10; i++) {
+ rv |= buffer[i] == RSA_BLOCK_AFTER_PAD_OCTET;
}
- *outputLen = 0;
- for (i = 2; i < modulusLen; i++) {
- if (buffer[i] == RSA_BLOCK_AFTER_PAD_OCTET) {
- *outputLen = modulusLen - i - 1;
- break;
- }
+
+ for (i = 10; i < modulusLen; i++) {
+ unsigned int newLen = modulusLen - i - 1;
+ unsigned int c = (buffer[i] == RSA_BLOCK_AFTER_PAD_OCTET) & (outLen == 0);
+ outLen = constantTimeCondition(c, newLen, outLen);
}
- if (*outputLen == 0)
- goto loser;
- if (*outputLen > maxOutputLen)
- goto loser;
+ rv |= outLen == 0;
+ rv |= outLen > maxOutputLen;
- PORT_Memcpy(output, buffer + modulusLen - *outputLen, *outputLen);
+ // Note that output is set even if SECFailure is returned.
+ PORT_Memcpy(output, buffer + modulusLen - outLen, copyOutLen);
+ *outputLen = constantTimeCondition(outLen > maxOutputLen, maxOutputLen,
+ outLen);
PORT_Free(buffer);
- return SECSuccess;
-loser:
- PORT_Free(buffer);
-failure:
- return SECFailure;
+ for (i = 1; i < sizeof(rv) * 8; i <<= 1) {
+ rv |= rv << i;
+ }
+ return (SECStatus)rv;
}
/*
diff --git a/security/nss/lib/jar/jarint.h b/security/nss/lib/jar/jarint.h
index 21aecef89..0f40f931f 100644
--- a/security/nss/lib/jar/jarint.h
+++ b/security/nss/lib/jar/jarint.h
@@ -5,7 +5,7 @@
/* JAR internal routines */
#include "nspr.h"
-#include "key.h"
+#include "keyhi.h"
#include "base64.h"
extern CERTCertDBHandle *JAR_open_database(void);
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
index fa8f1851e..145dcff9a 100644
--- a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
@@ -2914,7 +2914,8 @@ PKIX_PL_Cert_CheckValidity(
requiredUsages = ((PKIX_PL_NssContext*)plContext)->certificateUsage;
allowOverride =
(PRBool)((requiredUsages & certificateUsageSSLServer) ||
- (requiredUsages & certificateUsageSSLServerWithStepUp));
+ (requiredUsages & certificateUsageSSLServerWithStepUp) ||
+ (requiredUsages & certificateUsageIPsec));
val = CERT_CheckCertValidTimes(cert->nssCert, timeToCheck, allowOverride);
if (val != secCertTimeValid){
PKIX_ERROR(PKIX_CERTCHECKCERTVALIDTIMESFAILED);
@@ -3001,8 +3002,17 @@ PKIX_PL_Cert_VerifyCertAndKeyType(
if (CERT_CheckKeyUsage(cert->nssCert, requiredKeyUsage) != SECSuccess) {
PKIX_ERROR(PKIX_CERTCHECKKEYUSAGEFAILED);
}
- if (!(certType & requiredCertType)) {
- PKIX_ERROR(PKIX_CERTCHECKCERTTYPEFAILED);
+ if (certUsage != certUsageIPsec) {
+ if (!(certType & requiredCertType)) {
+ PKIX_ERROR(PKIX_CERTCHECKCERTTYPEFAILED);
+ }
+ } else {
+ PRBool isCritical;
+ PRBool allowed = cert_EKUAllowsIPsecIKE(cert->nssCert, &isCritical);
+ /* If the extension isn't critical, we allow any EKU value. */
+ if (isCritical && !allowed) {
+ PKIX_ERROR(PKIX_CERTCHECKCERTTYPEFAILED);
+ }
}
cleanup:
PKIX_DECREF(basicConstraints);
diff --git a/security/nss/lib/mozpkix/.clang-format b/security/nss/lib/mozpkix/.clang-format
new file mode 100644
index 000000000..06e3c5115
--- /dev/null
+++ b/security/nss/lib/mozpkix/.clang-format
@@ -0,0 +1,4 @@
+---
+Language: Cpp
+BasedOnStyle: Google
+...
diff --git a/security/nss/lib/mozpkix/exports.gyp b/security/nss/lib/mozpkix/exports.gyp
new file mode 100644
index 000000000..248efc910
--- /dev/null
+++ b/security/nss/lib/mozpkix/exports.gyp
@@ -0,0 +1,47 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'lib_mozpkix_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ '<(DEPTH)/cpputil/nss_scoped_ptrs.h',
+ 'include/pkix/Input.h',
+ 'include/pkix/Time.h',
+ 'include/pkix/Result.h',
+ 'include/pkix/pkix.h',
+ 'include/pkix/pkixnss.h',
+ 'include/pkix/pkixtypes.h',
+ 'include/pkix/pkixutil.h',
+ 'include/pkix/pkixcheck.h',
+ 'include/pkix/pkixder.h',
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)/mozpkix'
+ },
+ ],
+ },
+ {
+ 'target_name': 'lib_mozpkix_test_exports',
+ 'type': 'none',
+ 'copies': [
+ {
+ 'files': [
+ 'include/pkix-test/pkixtestutil.h',
+ 'include/pkix-test/pkixtestnss.h',
+ ],
+ 'destination': '<(nss_public_dist_dir)/<(module)/mozpkix/test'
+ },
+ ],
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+}
\ No newline at end of file
diff --git a/security/nss/lib/mozpkix/include/pkix-test/pkixtestnss.h b/security/nss/lib/mozpkix/include/pkix-test/pkixtestnss.h
new file mode 100644
index 000000000..5ae776f6a
--- /dev/null
+++ b/security/nss/lib/mozpkix/include/pkix-test/pkixtestnss.h
@@ -0,0 +1,48 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2018 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// This file provides some implementation-specific test utilities. This is only
+// necessary because some PSM xpcshell test utilities overlap in functionality
+// with these test utilities, so the underlying implementation is shared.
+
+#ifndef mozilla_pkix_test_pkixtestnss_h
+#define mozilla_pkix_test_pkixtestnss_h
+
+#include <keyhi.h>
+#include <keythi.h>
+#include "mozpkix/nss_scoped_ptrs.h"
+#include "mozpkix/test/pkixtestutil.h"
+
+namespace mozilla {
+namespace pkix {
+namespace test {
+
+TestKeyPair* CreateTestKeyPair(const TestPublicKeyAlgorithm publicKeyAlg,
+ const ScopedSECKEYPublicKey& publicKey,
+ const ScopedSECKEYPrivateKey& privateKey);
+}
+}
+} // namespace mozilla::pkix::test
+
+#endif // mozilla_pkix_test_pkixtestnss_h
diff --git a/security/nss/lib/mozpkix/include/pkix-test/pkixtestutil.h b/security/nss/lib/mozpkix/include/pkix-test/pkixtestutil.h
new file mode 100644
index 000000000..55c435419
--- /dev/null
+++ b/security/nss/lib/mozpkix/include/pkix-test/pkixtestutil.h
@@ -0,0 +1,406 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef mozilla_pkix_test_pkixtestutil_h
+#define mozilla_pkix_test_pkixtestutil_h
+
+#include <cstdint>
+#include <cstring>
+#include <ctime>
+#include <string>
+
+#include "mozpkix/pkixtypes.h"
+
+namespace mozilla {
+namespace pkix {
+namespace test {
+
+typedef std::basic_string<uint8_t> ByteString;
+
+inline bool ENCODING_FAILED(const ByteString& bs) { return bs.empty(); }
+
+template <size_t L>
+inline ByteString BytesToByteString(const uint8_t (&bytes)[L]) {
+ return ByteString(bytes, L);
+}
+
+// XXX: Ideally, we should define this instead:
+//
+// template <typename T, std::size_t N>
+// constexpr inline std::size_t
+// ArrayLength(T (&)[N])
+// {
+// return N;
+// }
+//
+// However, we don't because not all supported compilers support constexpr,
+// and we need to calculate array lengths in static_assert sometimes.
+//
+// XXX: Evaluates its argument twice
+#define MOZILLA_PKIX_ARRAY_LENGTH(x) (sizeof(x) / sizeof((x)[0]))
+
+bool InputEqualsByteString(Input input, const ByteString& bs);
+ByteString InputToByteString(Input input);
+
+// python DottedOIDToCode.py --tlv id-kp-OCSPSigning 1.3.6.1.5.5.7.3.9
+static const uint8_t tlv_id_kp_OCSPSigning[] = {0x06, 0x08, 0x2b, 0x06, 0x01,
+ 0x05, 0x05, 0x07, 0x03, 0x09};
+
+// python DottedOIDToCode.py --tlv id-kp-serverAuth 1.3.6.1.5.5.7.3.1
+static const uint8_t tlv_id_kp_serverAuth[] = {0x06, 0x08, 0x2b, 0x06, 0x01,
+ 0x05, 0x05, 0x07, 0x03, 0x01};
+
+enum class TestDigestAlgorithmID {
+ MD2,
+ MD5,
+ SHA1,
+ SHA224,
+ SHA256,
+ SHA384,
+ SHA512,
+};
+
+struct TestPublicKeyAlgorithm {
+ explicit TestPublicKeyAlgorithm(const ByteString& aAlgorithmIdentifier)
+ : algorithmIdentifier(aAlgorithmIdentifier) {}
+ bool operator==(const TestPublicKeyAlgorithm& other) const {
+ return algorithmIdentifier == other.algorithmIdentifier;
+ }
+ ByteString algorithmIdentifier;
+};
+
+ByteString DSS_P();
+ByteString DSS_Q();
+ByteString DSS_G();
+
+TestPublicKeyAlgorithm DSS();
+TestPublicKeyAlgorithm RSA_PKCS1();
+
+struct TestSignatureAlgorithm {
+ TestSignatureAlgorithm(const TestPublicKeyAlgorithm& publicKeyAlg,
+ TestDigestAlgorithmID digestAlg,
+ const ByteString& algorithmIdentifier, bool accepted);
+
+ TestPublicKeyAlgorithm publicKeyAlg;
+ TestDigestAlgorithmID digestAlg;
+ ByteString algorithmIdentifier;
+ bool accepted;
+};
+
+TestSignatureAlgorithm md2WithRSAEncryption();
+TestSignatureAlgorithm md5WithRSAEncryption();
+TestSignatureAlgorithm sha1WithRSAEncryption();
+TestSignatureAlgorithm sha256WithRSAEncryption();
+
+// e.g. YMDHMS(2016, 12, 31, 1, 23, 45) => 2016-12-31:01:23:45 (GMT)
+mozilla::pkix::Time YMDHMS(uint16_t year, uint16_t month, uint16_t day,
+ uint16_t hour, uint16_t minutes, uint16_t seconds);
+
+ByteString TLV(uint8_t tag, size_t length, const ByteString& value);
+
+inline ByteString TLV(uint8_t tag, const ByteString& value) {
+ return TLV(tag, value.length(), value);
+}
+
+// Although we can't enforce it without relying on Cuser-defined literals,
+// which aren't supported by all of our compilers yet, you should only pass
+// string literals as the last parameter to the following two functions.
+
+template <size_t N>
+inline ByteString TLV(uint8_t tag, const char (&value)[N]) {
+ static_assert(N > 0, "cannot have string literal of size 0");
+ assert(value[N - 1] == 0);
+ return TLV(tag, ByteString(reinterpret_cast<const uint8_t*>(&value), N - 1));
+}
+
+template <size_t N>
+inline ByteString TLV(uint8_t tag, size_t length, const char (&value)[N]) {
+ static_assert(N > 0, "cannot have string literal of size 0");
+ assert(value[N - 1] == 0);
+ return TLV(tag, length,
+ ByteString(reinterpret_cast<const uint8_t*>(&value), N - 1));
+}
+
+ByteString Boolean(bool value);
+ByteString Integer(long value);
+
+ByteString CN(const ByteString&, uint8_t encodingTag = 0x0c /*UTF8String*/);
+
+inline ByteString CN(const char* value,
+ uint8_t encodingTag = 0x0c /*UTF8String*/) {
+ return CN(
+ ByteString(reinterpret_cast<const uint8_t*>(value), std::strlen(value)),
+ encodingTag);
+}
+
+ByteString OU(const ByteString&, uint8_t encodingTag = 0x0c /*UTF8String*/);
+
+inline ByteString OU(const char* value,
+ uint8_t encodingTag = 0x0c /*UTF8String*/) {
+ return OU(
+ ByteString(reinterpret_cast<const uint8_t*>(value), std::strlen(value)),
+ encodingTag);
+}
+
+ByteString emailAddress(const ByteString&);
+
+inline ByteString emailAddress(const char* value) {
+ return emailAddress(
+ ByteString(reinterpret_cast<const uint8_t*>(value), std::strlen(value)));
+}
+
+// RelativeDistinguishedName ::=
+// SET SIZE (1..MAX) OF AttributeTypeAndValue
+//
+ByteString RDN(const ByteString& avas);
+
+// Name ::= CHOICE { -- only one possibility for now --
+// rdnSequence RDNSequence }
+//
+// RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+//
+ByteString Name(const ByteString& rdns);
+
+inline ByteString CNToDERName(const ByteString& cn) {
+ return Name(RDN(CN(cn)));
+}
+
+inline ByteString CNToDERName(const char* cn) { return Name(RDN(CN(cn))); }
+
+// GeneralName ::= CHOICE {
+// otherName [0] OtherName,
+// rfc822Name [1] IA5String,
+// dNSName [2] IA5String,
+// x400Address [3] ORAddress,
+// directoryName [4] Name,
+// ediPartyName [5] EDIPartyName,
+// uniformResourceIdentifier [6] IA5String,
+// iPAddress [7] OCTET STRING,
+// registeredID [8] OBJECT IDENTIFIER }
+
+inline ByteString RFC822Name(const ByteString& name) {
+ // (2 << 6) means "context-specific", 1 is the GeneralName tag.
+ return TLV((2 << 6) | 1, name);
+}
+
+template <size_t L>
+inline ByteString RFC822Name(const char (&bytes)[L]) {
+ return RFC822Name(
+ ByteString(reinterpret_cast<const uint8_t*>(&bytes), L - 1));
+}
+
+inline ByteString DNSName(const ByteString& name) {
+ // (2 << 6) means "context-specific", 2 is the GeneralName tag.
+ return TLV((2 << 6) | 2, name);
+}
+
+template <size_t L>
+inline ByteString DNSName(const char (&bytes)[L]) {
+ return DNSName(ByteString(reinterpret_cast<const uint8_t*>(&bytes), L - 1));
+}
+
+inline ByteString DirectoryName(const ByteString& name) {
+ // (2 << 6) means "context-specific", (1 << 5) means "constructed", and 4 is
+ // the DirectoryName tag.
+ return TLV((2 << 6) | (1 << 5) | 4, name);
+}
+
+inline ByteString IPAddress() {
+ // (2 << 6) means "context-specific", 7 is the GeneralName tag.
+ return TLV((2 << 6) | 7, ByteString());
+}
+
+template <size_t L>
+inline ByteString IPAddress(const uint8_t (&bytes)[L]) {
+ // (2 << 6) means "context-specific", 7 is the GeneralName tag.
+ return TLV((2 << 6) | 7, ByteString(bytes, L));
+}
+
+// Names should be zero or more GeneralNames, like DNSName and IPAddress return,
+// concatenated together.
+//
+// CreatedEncodedSubjectAltName(ByteString()) results in a SAN with an empty
+// sequence. CreateEmptyEncodedSubjectName() results in a SAN without any
+// sequence.
+ByteString CreateEncodedSubjectAltName(const ByteString& names);
+ByteString CreateEncodedEmptySubjectAltName();
+
+class TestKeyPair {
+ public:
+ virtual ~TestKeyPair() {}
+
+ const TestPublicKeyAlgorithm publicKeyAlg;
+
+ // The DER encoding of the entire SubjectPublicKeyInfo structure. This is
+ // what is encoded in certificates.
+ const ByteString subjectPublicKeyInfo;
+
+ // The DER encoding of subjectPublicKeyInfo.subjectPublicKey. This is what is
+ // hashed to create CertIDs for OCSP.
+ const ByteString subjectPublicKey;
+
+ virtual Result SignData(const ByteString& tbs,
+ const TestSignatureAlgorithm& signatureAlgorithm,
+ /*out*/ ByteString& signature) const = 0;
+
+ virtual TestKeyPair* Clone() const = 0;
+
+ protected:
+ TestKeyPair(const TestPublicKeyAlgorithm& publicKeyAlg,
+ const ByteString& spk);
+ TestKeyPair(const TestKeyPair&) = delete;
+ void operator=(const TestKeyPair&) = delete;
+};
+
+TestKeyPair* CloneReusedKeyPair();
+TestKeyPair* GenerateKeyPair();
+TestKeyPair* GenerateDSSKeyPair();
+inline void DeleteTestKeyPair(TestKeyPair* keyPair) { delete keyPair; }
+typedef std::unique_ptr<TestKeyPair> ScopedTestKeyPair;
+
+Result TestVerifyECDSASignedDigest(const SignedDigest& signedDigest,
+ Input subjectPublicKeyInfo);
+Result TestVerifyRSAPKCS1SignedDigest(const SignedDigest& signedDigest,
+ Input subjectPublicKeyInfo);
+Result TestDigestBuf(Input item, DigestAlgorithm digestAlg,
+ /*out*/ uint8_t* digestBuf, size_t digestBufLen);
+
+// Replace one substring in item with another of the same length, but only if
+// the substring was found exactly once. The "same length" restriction is
+// useful for avoiding invalidating lengths encoded within the item. The
+// "only once" restriction is helpful for avoiding making accidental changes.
+//
+// The string to search for must be 8 or more bytes long so that it is
+// extremely unlikely that there will ever be any false positive matches
+// in digital signatures, keys, hashes, etc.
+Result TamperOnce(/*in/out*/ ByteString& item, const ByteString& from,
+ const ByteString& to);
+
+///////////////////////////////////////////////////////////////////////////////
+// Encode Certificates
+
+enum Version { v1 = 0, v2 = 1, v3 = 2 };
+
+// signature is assumed to be the DER encoding of an AlgorithmIdentifer. It is
+// put into the signature field of the TBSCertificate. In most cases, it will
+// be the same as signatureAlgorithm, which is the algorithm actually used
+// to sign the certificate.
+// serialNumber is assumed to be the DER encoding of an INTEGER.
+//
+// If extensions is null, then no extensions will be encoded. Otherwise,
+// extensions must point to an array of ByteStrings, terminated with an empty
+// ByteString. (If the first item of the array is empty then an empty
+// Extensions sequence will be encoded.)
+ByteString CreateEncodedCertificate(
+ long version, const TestSignatureAlgorithm& signature,
+ const ByteString& serialNumber, const ByteString& issuerNameDER,
+ time_t notBefore, time_t notAfter, const ByteString& subjectNameDER,
+ const TestKeyPair& subjectKeyPair,
+ /*optional*/ const ByteString* extensions, const TestKeyPair& issuerKeyPair,
+ const TestSignatureAlgorithm& signatureAlgorithm);
+
+ByteString CreateEncodedSerialNumber(long value);
+
+enum class Critical { No = 0, Yes = 1 };
+
+ByteString CreateEncodedBasicConstraints(
+ bool isCA,
+ /*optional in*/ const long* pathLenConstraint, Critical critical);
+
+// Creates a DER-encoded extKeyUsage extension with one EKU OID.
+ByteString CreateEncodedEKUExtension(Input eku, Critical critical);
+
+///////////////////////////////////////////////////////////////////////////////
+// Encode OCSP responses
+
+class OCSPResponseExtension final {
+ public:
+ OCSPResponseExtension();
+
+ ByteString id;
+ bool critical;
+ ByteString value;
+ OCSPResponseExtension* next;
+};
+
+class OCSPResponseContext final {
+ public:
+ OCSPResponseContext(const CertID& certID, std::time_t time);
+
+ const CertID& certID;
+ // TODO(bug 980538): add a way to specify what certificates are included.
+
+ // The fields below are in the order that they appear in an OCSP response.
+
+ enum OCSPResponseStatus {
+ successful = 0,
+ malformedRequest = 1,
+ internalError = 2,
+ tryLater = 3,
+ // 4 is not used
+ sigRequired = 5,
+ unauthorized = 6,
+ };
+ uint8_t responseStatus; // an OCSPResponseStatus or an invalid value
+ bool skipResponseBytes; // If true, don't include responseBytes
+
+ // responderID
+ ByteString signerNameDER; // If set, responderID will use the byName
+ // form; otherwise responderID will use the
+ // byKeyHash form.
+
+ std::time_t producedAt;
+
+ // SingleResponse extensions (for the certID given in the constructor).
+ OCSPResponseExtension* singleExtensions;
+ // ResponseData extensions.
+ OCSPResponseExtension* responseExtensions;
+ bool includeEmptyExtensions; // If true, include the extension wrapper
+ // regardless of if there are any actual
+ // extensions.
+ ScopedTestKeyPair signerKeyPair;
+ TestSignatureAlgorithm signatureAlgorithm;
+ bool badSignature; // If true, alter the signature to fail verification
+ const ByteString* certs; // optional; array terminated by an empty string
+
+ // The following fields are on a per-SingleResponse basis. In the future we
+ // may support including multiple SingleResponses per response.
+ enum CertStatus {
+ good = 0,
+ revoked = 1,
+ unknown = 2,
+ };
+ uint8_t certStatus; // CertStatus or an invalid value
+ std::time_t revocationTime; // For certStatus == revoked
+ std::time_t thisUpdate;
+ std::time_t nextUpdate;
+ bool includeNextUpdate;
+};
+
+ByteString CreateEncodedOCSPResponse(OCSPResponseContext& context);
+}
+}
+} // namespace mozilla::pkix::test
+
+#endif // mozilla_pkix_test_pkixtestutil_h
diff --git a/security/nss/lib/mozpkix/include/pkix/Input.h b/security/nss/lib/mozpkix/include/pkix/Input.h
new file mode 100644
index 000000000..11b2a0f7e
--- /dev/null
+++ b/security/nss/lib/mozpkix/include/pkix/Input.h
@@ -0,0 +1,310 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef mozilla_pkix_Input_h
+#define mozilla_pkix_Input_h
+
+#include <algorithm>
+
+#include "mozpkix/Result.h"
+#include "stdint.h"
+
+namespace mozilla {
+namespace pkix {
+
+class Reader;
+
+// An Input is a safety-oriented immutable weak reference to a array of bytes
+// of a known size. The data can only be legally accessed by constructing a
+// Reader object, which guarantees all accesses to the data are memory safe.
+// Neither Input not Reader provide any facilities for modifying the data
+// they reference.
+//
+// Inputs are small and should usually be passed by value, not by reference,
+// though for inline functions the distinction doesn't matter:
+//
+// Result GoodExample(Input input);
+// Result BadExample(const Input& input);
+// Result WorseExample(const uint8_t* input, size_t len);
+//
+// Note that in the example, GoodExample has the same performance
+// characteristics as WorseExample, but with much better safety guarantees.
+class Input final {
+ public:
+ typedef uint16_t size_type;
+
+ // This constructor is useful for inputs that are statically known to be of a
+ // fixed size, e.g.:
+ //
+ // static const uint8_t EXPECTED_BYTES[] = { 0x00, 0x01, 0x02 };
+ // const Input expected(EXPECTED_BYTES);
+ //
+ // This is equivalent to (and preferred over):
+ //
+ // static const uint8_t EXPECTED_BYTES[] = { 0x00, 0x01, 0x02 };
+ // Input expected;
+ // Result rv = expected.Init(EXPECTED_BYTES, sizeof EXPECTED_BYTES);
+ template <size_type N>
+ explicit Input(const uint8_t (&aData)[N]) : data(aData), len(N) {}
+
+ // Construct a valid, empty, Init-able Input.
+ Input() : data(nullptr), len(0u) {}
+
+ // This is intentionally not explicit in order to allow value semantics.
+ Input(const Input&) = default;
+
+ // Initialize the input. data must be non-null and len must be less than
+ // 65536. Init may not be called more than once.
+ Result Init(const uint8_t* aData, size_t aLen) {
+ if (this->data) {
+ // already initialized
+ return Result::FATAL_ERROR_INVALID_ARGS;
+ }
+ if (!aData || aLen > 0xffffu) {
+ // input too large
+ return Result::ERROR_BAD_DER;
+ }
+
+ this->data = aData;
+ this->len = aLen;
+
+ return Success;
+ }
+
+ // Initialize the input to be equivalent to the given input. Init may not be
+ // called more than once.
+ //
+ // This is basically operator=, but it wasn't given that name because
+ // normally callers do not check the result of operator=, and normally
+ // operator= can be used multiple times.
+ Result Init(Input other) { return Init(other.data, other.len); }
+
+ // Returns the length of the input.
+ //
+ // Having the return type be size_type instead of size_t avoids the need for
+ // callers to ensure that the result is small enough.
+ size_type GetLength() const { return static_cast<size_type>(len); }
+
+ // Don't use this. It is here because we have some "friend" functions that we
+ // don't want to declare in this header file.
+ const uint8_t* UnsafeGetData() const { return data; }
+
+ private:
+ const uint8_t* data;
+ size_t len;
+
+ void operator=(const Input&) = delete; // Use Init instead.
+};
+
+inline bool InputsAreEqual(const Input& a, const Input& b) {
+ return a.GetLength() == b.GetLength() &&
+ std::equal(a.UnsafeGetData(), a.UnsafeGetData() + a.GetLength(),
+ b.UnsafeGetData());
+}
+
+// An Reader is a cursor/iterator through the contents of an Input, designed to
+// maximize safety during parsing while minimizing the performance cost of that
+// safety. In particular, all methods do strict bounds checking to ensure
+// buffer overflows are impossible, and they are all inline so that the
+// compiler can coalesce as many of those checks together as possible.
+//
+// In general, Reader allows for one byte of lookahead and no backtracking.
+// However, the Match* functions internally may have more lookahead.
+class Reader final {
+ public:
+ Reader() : input(nullptr), end(nullptr) {}
+
+ explicit Reader(Input aInput)
+ : input(aInput.UnsafeGetData()),
+ end(aInput.UnsafeGetData() + aInput.GetLength()) {}
+
+ Result Init(Input aInput) {
+ if (this->input) {
+ return Result::FATAL_ERROR_INVALID_ARGS;
+ }
+ this->input = aInput.UnsafeGetData();
+ this->end = aInput.UnsafeGetData() + aInput.GetLength();
+ return Success;
+ }
+
+ bool Peek(uint8_t expectedByte) const {
+ return input < end && *input == expectedByte;
+ }
+
+ Result Read(uint8_t& out) {
+ Result rv = EnsureLength(1);
+ if (rv != Success) {
+ return rv;
+ }
+ out = *input++;
+ return Success;
+ }
+
+ Result Read(uint16_t& out) {
+ Result rv = EnsureLength(2);
+ if (rv != Success) {
+ return rv;
+ }
+ out = *input++;
+ out <<= 8u;
+ out |= *input++;
+ return Success;
+ }
+
+ template <Input::size_type N>
+ bool MatchRest(const uint8_t (&toMatch)[N]) {
+ // Normally we use EnsureLength which compares (input + len < end), but
+ // here we want to be sure that there is nothing following the matched
+ // bytes
+ if (static_cast<size_t>(end - input) != N) {
+ return false;
+ }
+ if (!std::equal(input, end, toMatch)) {
+ return false;
+ }
+ input = end;
+ return true;
+ }
+
+ bool MatchRest(Input toMatch) {
+ // Normally we use EnsureLength which compares (input + len < end), but
+ // here we want to be sure that there is nothing following the matched
+ // bytes
+ size_t remaining = static_cast<size_t>(end - input);
+ if (toMatch.GetLength() != remaining) {
+ return false;
+ }
+ if (!std::equal(input, end, toMatch.UnsafeGetData())) {
+ return false;
+ }
+ input = end;
+ return true;
+ }
+
+ Result Skip(Input::size_type len) {
+ Result rv = EnsureLength(len);
+ if (rv != Success) {
+ return rv;
+ }
+ input += len;
+ return Success;
+ }
+
+ Result Skip(Input::size_type len, Reader& skipped) {
+ Result rv = EnsureLength(len);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = skipped.Init(input, len);
+ if (rv != Success) {
+ return rv;
+ }
+ input += len;
+ return Success;
+ }
+
+ Result Skip(Input::size_type len, /*out*/ Input& skipped) {
+ Result rv = EnsureLength(len);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = skipped.Init(input, len);
+ if (rv != Success) {
+ return rv;
+ }
+ input += len;
+ return Success;
+ }
+
+ void SkipToEnd() { input = end; }
+
+ Result SkipToEnd(/*out*/ Input& skipped) {
+ return Skip(static_cast<Input::size_type>(end - input), skipped);
+ }
+
+ Result EnsureLength(Input::size_type len) {
+ if (static_cast<size_t>(end - input) < len) {
+ return Result::ERROR_BAD_DER;
+ }
+ return Success;
+ }
+
+ bool AtEnd() const { return input == end; }
+
+ class Mark final {
+ public:
+ Mark(const Mark&) = default; // Intentionally not explicit.
+ private:
+ friend class Reader;
+ Mark(const Reader& aInput, const uint8_t* aMark)
+ : input(aInput), mark(aMark) {}
+ const Reader& input;
+ const uint8_t* const mark;
+ void operator=(const Mark&) = delete;
+ };
+
+ Mark GetMark() const { return Mark(*this, input); }
+
+ Result GetInput(const Mark& mark, /*out*/ Input& item) {
+ if (&mark.input != this || mark.mark > input) {
+ return NotReached("invalid mark", Result::FATAL_ERROR_INVALID_ARGS);
+ }
+ return item.Init(mark.mark,
+ static_cast<Input::size_type>(input - mark.mark));
+ }
+
+ private:
+ Result Init(const uint8_t* data, Input::size_type len) {
+ if (input) {
+ // already initialized
+ return Result::FATAL_ERROR_INVALID_ARGS;
+ }
+ input = data;
+ end = data + len;
+ return Success;
+ }
+
+ const uint8_t* input;
+ const uint8_t* end;
+
+ Reader(const Reader&) = delete;
+ void operator=(const Reader&) = delete;
+};
+
+inline bool InputContains(const Input& input, uint8_t toFind) {
+ Reader reader(input);
+ for (;;) {
+ uint8_t b;
+ if (reader.Read(b) != Success) {
+ return false;
+ }
+ if (b == toFind) {
+ return true;
+ }
+ }
+}
+}
+} // namespace mozilla::pkix
+
+#endif // mozilla_pkix_Input_h
diff --git a/security/nss/lib/mozpkix/include/pkix/Result.h b/security/nss/lib/mozpkix/include/pkix/Result.h
new file mode 100644
index 000000000..29461dc1a
--- /dev/null
+++ b/security/nss/lib/mozpkix/include/pkix/Result.h
@@ -0,0 +1,219 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef mozilla_pkix_Result_h
+#define mozilla_pkix_Result_h
+
+#include <cassert>
+
+namespace mozilla {
+namespace pkix {
+
+static const unsigned int FATAL_ERROR_FLAG = 0x800;
+
+// ----------------------------------------------------------------------------
+// SELECTED ERROR CODE EXPLANATIONS
+//
+// Result::ERROR_UNTRUSTED_CERT
+// means that the end-entity certificate was actively distrusted.
+// Result::ERROR_UNTRUSTED_ISSUER
+// means that path building failed because of active distrust.
+// Result::ERROR_INVALID_DER_TIME
+// means the DER-encoded time was unexpected, such as being before the
+// UNIX epoch (allowed by X500, but not valid here).
+// Result::ERROR_EXPIRED_CERTIFICATE
+// means the end entity certificate expired.
+// Result::ERROR_EXPIRED_ISSUER_CERTIFICATE
+// means the CA certificate expired.
+// Result::ERROR_UNKNOWN_ISSUER
+// means that the CA could not be found in the root store.
+// Result::ERROR_POLICY_VALIDATION_FAILED
+// means that an encoded policy could not be applied or wasn't present
+// when expected. Usually this is in the context of Extended Validation.
+// Result::ERROR_BAD_CERT_DOMAIN
+// means that the certificate's name couldn't be matched to the
+// reference identifier.
+// Result::ERROR_CERT_NOT_IN_NAME_SPACE
+// typically means the certificate violates name constraints applied
+// by the issuer.
+// Result::ERROR_BAD_DER
+// means the input was improperly encoded.
+// Result::ERROR_UNKNOWN_ERROR
+// means that an external library (NSS) provided an error we didn't
+// anticipate. See the map below in Result.h to add new ones.
+// Result::FATAL_ERROR_LIBRARY_FAILURE
+// is an unexpected fatal error indicating a library had an unexpected
+// failure, and we can't proceed.
+// Result::FATAL_ERROR_INVALID_ARGS
+// means that we violated our own expectations on inputs and there's a
+// bug somewhere.
+// Result::FATAL_ERROR_INVALID_STATE
+// means that we violated our own expectations on state and there's a
+// bug somewhere.
+// Result::FATAL_ERROR_NO_MEMORY
+// means a memory allocation failed, prohibiting validation.
+// ----------------------------------------------------------------------------
+
+// The first argument to MOZILLA_PKIX_MAP() is used for building the mapping
+// from error code to error name in MapResultToName.
+//
+// The second argument is for defining the value for the enum literal in the
+// Result enum class.
+//
+// The third argument to MOZILLA_PKIX_MAP() is used, along with the first
+// argument, for maintaining the mapping of mozilla::pkix error codes to
+// NSS/NSPR error codes in pkixnss.cpp.
+#define MOZILLA_PKIX_MAP_LIST \
+ MOZILLA_PKIX_MAP(Success, 0, 0) \
+ MOZILLA_PKIX_MAP(ERROR_BAD_DER, 1, SEC_ERROR_BAD_DER) \
+ MOZILLA_PKIX_MAP(ERROR_CA_CERT_INVALID, 2, SEC_ERROR_CA_CERT_INVALID) \
+ MOZILLA_PKIX_MAP(ERROR_BAD_SIGNATURE, 3, SEC_ERROR_BAD_SIGNATURE) \
+ MOZILLA_PKIX_MAP(ERROR_CERT_BAD_ACCESS_LOCATION, 4, \
+ SEC_ERROR_CERT_BAD_ACCESS_LOCATION) \
+ MOZILLA_PKIX_MAP(ERROR_CERT_NOT_IN_NAME_SPACE, 5, \
+ SEC_ERROR_CERT_NOT_IN_NAME_SPACE) \
+ MOZILLA_PKIX_MAP(ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED, 6, \
+ SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED) \
+ MOZILLA_PKIX_MAP(ERROR_CONNECT_REFUSED, 7, PR_CONNECT_REFUSED_ERROR) \
+ MOZILLA_PKIX_MAP(ERROR_EXPIRED_CERTIFICATE, 8, \
+ SEC_ERROR_EXPIRED_CERTIFICATE) \
+ MOZILLA_PKIX_MAP(ERROR_EXTENSION_VALUE_INVALID, 9, \
+ SEC_ERROR_EXTENSION_VALUE_INVALID) \
+ MOZILLA_PKIX_MAP(ERROR_INADEQUATE_CERT_TYPE, 10, \
+ SEC_ERROR_INADEQUATE_CERT_TYPE) \
+ MOZILLA_PKIX_MAP(ERROR_INADEQUATE_KEY_USAGE, 11, \
+ SEC_ERROR_INADEQUATE_KEY_USAGE) \
+ MOZILLA_PKIX_MAP(ERROR_INVALID_ALGORITHM, 12, SEC_ERROR_INVALID_ALGORITHM) \
+ MOZILLA_PKIX_MAP(ERROR_INVALID_DER_TIME, 13, SEC_ERROR_INVALID_TIME) \
+ MOZILLA_PKIX_MAP(ERROR_KEY_PINNING_FAILURE, 14, \
+ MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE) \
+ MOZILLA_PKIX_MAP(ERROR_PATH_LEN_CONSTRAINT_INVALID, 15, \
+ SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID) \
+ MOZILLA_PKIX_MAP(ERROR_POLICY_VALIDATION_FAILED, 16, \
+ SEC_ERROR_POLICY_VALIDATION_FAILED) \
+ MOZILLA_PKIX_MAP(ERROR_REVOKED_CERTIFICATE, 17, \
+ SEC_ERROR_REVOKED_CERTIFICATE) \
+ MOZILLA_PKIX_MAP(ERROR_UNKNOWN_CRITICAL_EXTENSION, 18, \
+ SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION) \
+ MOZILLA_PKIX_MAP(ERROR_UNKNOWN_ERROR, 19, PR_UNKNOWN_ERROR) \
+ MOZILLA_PKIX_MAP(ERROR_UNKNOWN_ISSUER, 20, SEC_ERROR_UNKNOWN_ISSUER) \
+ MOZILLA_PKIX_MAP(ERROR_UNTRUSTED_CERT, 21, SEC_ERROR_UNTRUSTED_CERT) \
+ MOZILLA_PKIX_MAP(ERROR_UNTRUSTED_ISSUER, 22, SEC_ERROR_UNTRUSTED_ISSUER) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_BAD_SIGNATURE, 23, SEC_ERROR_OCSP_BAD_SIGNATURE) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_INVALID_SIGNING_CERT, 24, \
+ SEC_ERROR_OCSP_INVALID_SIGNING_CERT) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_MALFORMED_REQUEST, 25, \
+ SEC_ERROR_OCSP_MALFORMED_REQUEST) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_MALFORMED_RESPONSE, 26, \
+ SEC_ERROR_OCSP_MALFORMED_RESPONSE) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_OLD_RESPONSE, 27, SEC_ERROR_OCSP_OLD_RESPONSE) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_REQUEST_NEEDS_SIG, 28, \
+ SEC_ERROR_OCSP_REQUEST_NEEDS_SIG) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_RESPONDER_CERT_INVALID, 29, \
+ SEC_ERROR_OCSP_RESPONDER_CERT_INVALID) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_SERVER_ERROR, 30, SEC_ERROR_OCSP_SERVER_ERROR) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_TRY_SERVER_LATER, 31, \
+ SEC_ERROR_OCSP_TRY_SERVER_LATER) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_UNAUTHORIZED_REQUEST, 32, \
+ SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, 33, \
+ SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_UNKNOWN_CERT, 34, SEC_ERROR_OCSP_UNKNOWN_CERT) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_FUTURE_RESPONSE, 35, \
+ SEC_ERROR_OCSP_FUTURE_RESPONSE) \
+ MOZILLA_PKIX_MAP(ERROR_INVALID_KEY, 36, SEC_ERROR_INVALID_KEY) \
+ MOZILLA_PKIX_MAP(ERROR_UNSUPPORTED_KEYALG, 37, SEC_ERROR_UNSUPPORTED_KEYALG) \
+ MOZILLA_PKIX_MAP(ERROR_EXPIRED_ISSUER_CERTIFICATE, 38, \
+ SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE) \
+ MOZILLA_PKIX_MAP(ERROR_CA_CERT_USED_AS_END_ENTITY, 39, \
+ MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY) \
+ MOZILLA_PKIX_MAP(ERROR_INADEQUATE_KEY_SIZE, 40, \
+ MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE) \
+ MOZILLA_PKIX_MAP(ERROR_V1_CERT_USED_AS_CA, 41, \
+ MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA) \
+ MOZILLA_PKIX_MAP(ERROR_BAD_CERT_DOMAIN, 42, SSL_ERROR_BAD_CERT_DOMAIN) \
+ MOZILLA_PKIX_MAP(ERROR_NO_RFC822NAME_MATCH, 43, \
+ MOZILLA_PKIX_ERROR_NO_RFC822NAME_MATCH) \
+ MOZILLA_PKIX_MAP(ERROR_UNSUPPORTED_ELLIPTIC_CURVE, 44, \
+ SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE) \
+ MOZILLA_PKIX_MAP(ERROR_NOT_YET_VALID_CERTIFICATE, 45, \
+ MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE) \
+ MOZILLA_PKIX_MAP(ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE, 46, \
+ MOZILLA_PKIX_ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE) \
+ MOZILLA_PKIX_MAP(ERROR_UNSUPPORTED_EC_POINT_FORM, 47, \
+ SEC_ERROR_UNSUPPORTED_EC_POINT_FORM) \
+ MOZILLA_PKIX_MAP(ERROR_SIGNATURE_ALGORITHM_MISMATCH, 48, \
+ MOZILLA_PKIX_ERROR_SIGNATURE_ALGORITHM_MISMATCH) \
+ MOZILLA_PKIX_MAP(ERROR_OCSP_RESPONSE_FOR_CERT_MISSING, 49, \
+ MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING) \
+ MOZILLA_PKIX_MAP(ERROR_VALIDITY_TOO_LONG, 50, \
+ MOZILLA_PKIX_ERROR_VALIDITY_TOO_LONG) \
+ MOZILLA_PKIX_MAP(ERROR_REQUIRED_TLS_FEATURE_MISSING, 51, \
+ MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING) \
+ MOZILLA_PKIX_MAP(ERROR_INVALID_INTEGER_ENCODING, 52, \
+ MOZILLA_PKIX_ERROR_INVALID_INTEGER_ENCODING) \
+ MOZILLA_PKIX_MAP(ERROR_EMPTY_ISSUER_NAME, 53, \
+ MOZILLA_PKIX_ERROR_EMPTY_ISSUER_NAME) \
+ MOZILLA_PKIX_MAP(ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED, 54, \
+ MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED) \
+ MOZILLA_PKIX_MAP(ERROR_SELF_SIGNED_CERT, 55, \
+ MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT) \
+ MOZILLA_PKIX_MAP(ERROR_MITM_DETECTED, 56, MOZILLA_PKIX_ERROR_MITM_DETECTED) \
+ MOZILLA_PKIX_MAP(FATAL_ERROR_INVALID_ARGS, FATAL_ERROR_FLAG | 1, \
+ SEC_ERROR_INVALID_ARGS) \
+ MOZILLA_PKIX_MAP(FATAL_ERROR_INVALID_STATE, FATAL_ERROR_FLAG | 2, \
+ PR_INVALID_STATE_ERROR) \
+ MOZILLA_PKIX_MAP(FATAL_ERROR_LIBRARY_FAILURE, FATAL_ERROR_FLAG | 3, \
+ SEC_ERROR_LIBRARY_FAILURE) \
+ MOZILLA_PKIX_MAP(FATAL_ERROR_NO_MEMORY, FATAL_ERROR_FLAG | 4, \
+ SEC_ERROR_NO_MEMORY) \
+/* nothing here */
+
+enum class Result {
+#define MOZILLA_PKIX_MAP(name, value, nss_name) name = value,
+ MOZILLA_PKIX_MAP_LIST
+#undef MOZILLA_PKIX_MAP
+};
+
+// Returns the stringified name of the given result, e.g. "Result::Success",
+// or nullptr if result is unknown (invalid).
+const char* MapResultToName(Result result);
+
+// We write many comparisons as (x != Success), and this shortened name makes
+// those comparisons clearer, especially because the shortened name often
+// results in less line wrapping.
+static const Result Success = Result::Success;
+
+inline bool IsFatalError(Result rv) {
+ return (static_cast<unsigned int>(rv) & FATAL_ERROR_FLAG) != 0;
+}
+
+inline Result NotReached(const char* /*explanation*/, Result result) {
+ assert(false);
+ return result;
+}
+}
+} // namespace mozilla::pkix
+
+#endif // mozilla_pkix_Result_h
diff --git a/security/nss/lib/mozpkix/include/pkix/Time.h b/security/nss/lib/mozpkix/include/pkix/Time.h
new file mode 100644
index 000000000..8aea5479b
--- /dev/null
+++ b/security/nss/lib/mozpkix/include/pkix/Time.h
@@ -0,0 +1,137 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2014 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef mozilla_pkix_Time_h
+#define mozilla_pkix_Time_h
+
+#include <stdint.h>
+#include <ctime>
+#include <limits>
+
+#include "mozpkix/Result.h"
+
+namespace mozilla {
+namespace pkix {
+
+// Time with a range from the first second of year 0 (AD) through at least the
+// last second of year 9999, which is the range of legal times in X.509 and
+// OCSP. This type has second-level precision. The time zone is always UTC.
+//
+// Pass by value, not by reference.
+class Time final {
+ public:
+ // Construct an uninitialized instance.
+ //
+ // This will fail to compile because there is no default constructor:
+ // Time x;
+ //
+ // This will succeed, leaving the time uninitialized:
+ // Time x(Time::uninitialized);
+ enum Uninitialized { uninitialized };
+ explicit Time(Uninitialized) {}
+
+ bool operator==(const Time& other) const {
+ return elapsedSecondsAD == other.elapsedSecondsAD;
+ }
+ bool operator>(const Time& other) const {
+ return elapsedSecondsAD > other.elapsedSecondsAD;
+ }
+ bool operator>=(const Time& other) const {
+ return elapsedSecondsAD >= other.elapsedSecondsAD;
+ }
+ bool operator<(const Time& other) const {
+ return elapsedSecondsAD < other.elapsedSecondsAD;
+ }
+ bool operator<=(const Time& other) const {
+ return elapsedSecondsAD <= other.elapsedSecondsAD;
+ }
+
+ Result AddSeconds(uint64_t seconds) {
+ if (std::numeric_limits<uint64_t>::max() - elapsedSecondsAD < seconds) {
+ return Result::FATAL_ERROR_INVALID_ARGS; // integer overflow
+ }
+ elapsedSecondsAD += seconds;
+ return Success;
+ }
+
+ Result SubtractSeconds(uint64_t seconds) {
+ if (seconds > elapsedSecondsAD) {
+ return Result::FATAL_ERROR_INVALID_ARGS; // integer overflow
+ }
+ elapsedSecondsAD -= seconds;
+ return Success;
+ }
+
+ static const uint64_t ONE_DAY_IN_SECONDS =
+ UINT64_C(24) * UINT64_C(60) * UINT64_C(60);
+
+ private:
+ // This constructor is hidden to prevent accidents like this:
+ //
+ // Time foo(time_t t)
+ // {
+ // // WRONG! 1970-01-01-00:00:00 == time_t(0), but not Time(0)!
+ // return Time(t);
+ // }
+ explicit Time(uint64_t aElapsedSecondsAD)
+ : elapsedSecondsAD(aElapsedSecondsAD) {}
+ friend Time TimeFromElapsedSecondsAD(uint64_t);
+ friend class Duration;
+
+ uint64_t elapsedSecondsAD;
+};
+
+inline Time TimeFromElapsedSecondsAD(uint64_t aElapsedSecondsAD) {
+ return Time(aElapsedSecondsAD);
+}
+
+Time Now();
+
+// Note the epoch is the unix epoch (ie 00:00:00 UTC, 1 January 1970)
+Time TimeFromEpochInSeconds(uint64_t secondsSinceEpoch);
+
+class Duration final {
+ public:
+ Duration(Time timeA, Time timeB)
+ : durationInSeconds(
+ timeA < timeB ? timeB.elapsedSecondsAD - timeA.elapsedSecondsAD
+ : timeA.elapsedSecondsAD - timeB.elapsedSecondsAD) {}
+
+ explicit Duration(uint64_t aDurationInSeconds)
+ : durationInSeconds(aDurationInSeconds) {}
+
+ bool operator>(const Duration& other) const {
+ return durationInSeconds > other.durationInSeconds;
+ }
+ bool operator<(const Duration& other) const {
+ return durationInSeconds < other.durationInSeconds;
+ }
+
+ private:
+ uint64_t durationInSeconds;
+};
+}
+} // namespace mozilla::pkix
+
+#endif // mozilla_pkix_Time_h
diff --git a/security/nss/lib/mozpkix/include/pkix/pkix.h b/security/nss/lib/mozpkix/include/pkix/pkix.h
new file mode 100644
index 000000000..1cd6548e4
--- /dev/null
+++ b/security/nss/lib/mozpkix/include/pkix/pkix.h
@@ -0,0 +1,160 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef mozilla_pkix_pkix_h
+#define mozilla_pkix_pkix_h
+
+#include "mozpkix/pkixtypes.h"
+
+namespace mozilla {
+namespace pkix {
+
+// ----------------------------------------------------------------------------
+// LIMITED SUPPORT FOR CERTIFICATE POLICIES
+//
+// If SEC_OID_X509_ANY_POLICY is passed as the value of the requiredPolicy
+// parameter then all policy validation will be skipped. Otherwise, path
+// building and validation will be done for the given policy.
+//
+// In RFC 5280 terms:
+//
+// * user-initial-policy-set = { requiredPolicy }.
+// * initial-explicit-policy = true
+// * initial-any-policy-inhibit = false
+//
+// We allow intermediate cerificates to use this extension but since
+// we do not process the inhibit anyPolicy extesion we will fail if this
+// extension is present. TODO(bug 989051)
+// Because we force explicit policy and because we prohibit policy mapping, we
+// do not bother processing the policy mapping, or policy constraint.
+//
+// ----------------------------------------------------------------------------
+// ERROR RANKING
+//
+// BuildCertChain prioritizes certain checks ahead of others so that when a
+// certificate chain has multiple errors, the "most serious" error is
+// returned. In practice, this ranking of seriousness is tied directly to how
+// Firefox's certificate error override mechanism.
+//
+// The ranking is:
+//
+// 1. Active distrust (Result::ERROR_UNTRUSTED_CERT).
+// 2. Problems with issuer-independent properties for CA certificates.
+// 3. Unknown issuer (Result::ERROR_UNKNOWN_ISSUER).
+// 4. Problems with issuer-independent properties for EE certificates.
+// 5. Revocation.
+//
+// In particular, if BuildCertChain returns Result::ERROR_UNKNOWN_ISSUER then
+// the caller can call CERT_CheckCertValidTimes to determine if the certificate
+// is ALSO expired.
+//
+// It would be better if revocation were prioritized above expiration and
+// unknown issuer. However, it is impossible to do revocation checking without
+// knowing the issuer, since the issuer information is needed to validate the
+// revocation information. Also, generally revocation checking only works
+// during the validity period of the certificate.
+//
+// In general, when path building fails, BuildCertChain will return
+// Result::ERROR_UNKNOWN_ISSUER. However, if all attempted paths resulted in
+// the same error (which is trivially true when there is only one potential
+// path), more specific errors will be returned.
+//
+// ----------------------------------------------------------------------------
+// Meanings of specific error codes can be found in Result.h
+
+// This function attempts to find a trustworthy path from the supplied
+// certificate to a trust anchor. In the event that no trusted path is found,
+// the method returns an error result; the error ranking is described above.
+//
+// Parameters:
+// time:
+// Timestamp for which the chain should be valid; this is useful to
+// analyze whether a record was trustworthy when it was made.
+// requiredKeyUsageIfPresent:
+// What key usage bits must be set, if the extension is present at all,
+// to be considered a valid chain. Multiple values should be OR'd
+// together. If you don't want to specify anything, use
+// KeyUsage::noParticularKeyUsageRequired.
+// requiredEKUIfPresent:
+// What extended key usage bits must be set, if the EKU extension
+// exists, to be considered a valid chain. Multiple values should be
+// OR'd together. If you don't want to specify anything, use
+// KeyPurposeId::anyExtendedKeyUsage.
+// requiredPolicy:
+// This is the policy to apply; typically included in EV certificates.
+// If there is no policy, pass in CertPolicyId::anyPolicy.
+Result BuildCertChain(TrustDomain& trustDomain, Input cert, Time time,
+ EndEntityOrCA endEntityOrCA,
+ KeyUsage requiredKeyUsageIfPresent,
+ KeyPurposeId requiredEKUIfPresent,
+ const CertPolicyId& requiredPolicy,
+ /*optional*/ const Input* stapledOCSPResponse);
+
+// Verify that the given end-entity cert, which is assumed to have been already
+// validated with BuildCertChain, is valid for the given hostname. The matching
+// function attempts to implement RFC 6125 with a couple of differences:
+// - IP addresses are out of scope of RFC 6125, but this method accepts them for
+// backward compatibility (see SearchNames in pkixnames.cpp)
+// - A wildcard in a DNS-ID may only appear as the entirety of the first label.
+Result CheckCertHostname(Input cert, Input hostname,
+ NameMatchingPolicy& nameMatchingPolicy);
+
+// Construct an RFC-6960-encoded OCSP request, ready for submission to a
+// responder, for the provided CertID. The request has no extensions.
+static const size_t OCSP_REQUEST_MAX_LENGTH = 127;
+Result CreateEncodedOCSPRequest(TrustDomain& trustDomain, const CertID& certID,
+ /*out*/ uint8_t (&out)[OCSP_REQUEST_MAX_LENGTH],
+ /*out*/ size_t& outLen);
+
+// The out parameter expired will be true if the response has expired. If the
+// response also indicates a revoked or unknown certificate, that error
+// will be returned. Otherwise, Result::ERROR_OCSP_OLD_RESPONSE will be
+// returned for an expired response.
+//
+// The optional parameter thisUpdate will be the thisUpdate value of
+// the encoded response if it is considered trustworthy. Only
+// good, unknown, or revoked responses that verify correctly are considered
+// trustworthy. If the response is not trustworthy, thisUpdate will be 0.
+// Similarly, the optional parameter validThrough will be the time through
+// which the encoded response is considered trustworthy (that is, as long as
+// the given time at which to validate is less than or equal to validThrough,
+// the response will be considered trustworthy).
+Result VerifyEncodedOCSPResponse(
+ TrustDomain& trustDomain, const CertID& certID, Time time,
+ uint16_t maxLifetimeInDays, Input encodedResponse,
+ /* out */ bool& expired,
+ /* optional out */ Time* thisUpdate = nullptr,
+ /* optional out */ Time* validThrough = nullptr);
+
+// Check that the TLSFeature extensions in a given end-entity cert (which is
+// assumed to have been already validated with BuildCertChain) are satisfied.
+// The only feature which we cancurrently process a requirement for is
+// status_request (OCSP stapling) so we reject any extension that specifies a
+// requirement for another value. Empty extensions are also rejected.
+Result CheckTLSFeaturesAreSatisfied(Input& cert,
+ const Input* stapledOCSPResponse);
+}
+} // namespace mozilla::pkix
+
+#endif // mozilla_pkix_pkix_h
diff --git a/security/nss/lib/mozpkix/include/pkix/pkixcheck.h b/security/nss/lib/mozpkix/include/pkix/pkixcheck.h
new file mode 100644
index 000000000..e04780e57
--- /dev/null
+++ b/security/nss/lib/mozpkix/include/pkix/pkixcheck.h
@@ -0,0 +1,65 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef mozilla_pkix_pkixcheck_h
+#define mozilla_pkix_pkixcheck_h
+
+#include "mozpkix/pkixtypes.h"
+
+namespace mozilla {
+namespace pkix {
+
+class BackCert;
+
+Result CheckIssuerIndependentProperties(TrustDomain& trustDomain,
+ const BackCert& cert, Time time,
+ KeyUsage requiredKeyUsageIfPresent,
+ KeyPurposeId requiredEKUIfPresent,
+ const CertPolicyId& requiredPolicy,
+ unsigned int subCACount,
+ /*out*/ TrustLevel& trustLevel);
+
+Result CheckNameConstraints(Input encodedNameConstraints,
+ const BackCert& firstChild,
+ KeyPurposeId requiredEKUIfPresent);
+
+Result CheckIssuer(Input encodedIssuer);
+
+// ParseValidity and CheckValidity are usually used together. First you parse
+// the dates from the DER Validity sequence, then you compare them to the time
+// at which you are validating. They are separate so that the notBefore and
+// notAfter times can be used for other things before they are checked against
+// the time of validation.
+Result ParseValidity(Input encodedValidity,
+ /*optional out*/ Time* notBeforeOut = nullptr,
+ /*optional out*/ Time* notAfterOut = nullptr);
+Result CheckValidity(Time time, Time notBefore, Time notAfter);
+
+// Check that a subject has TLS Feature (rfc7633) requirements that match its
+// potential issuer
+Result CheckTLSFeatures(const BackCert& subject, BackCert& potentialIssuer);
+}
+} // namespace mozilla::pkix
+
+#endif // mozilla_pkix_pkixcheck_h
diff --git a/security/nss/lib/mozpkix/include/pkix/pkixder.h b/security/nss/lib/mozpkix/include/pkix/pkixder.h
new file mode 100644
index 000000000..3aae0ecf6
--- /dev/null
+++ b/security/nss/lib/mozpkix/include/pkix/pkixder.h
@@ -0,0 +1,520 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef mozilla_pkix_pkixder_h
+#define mozilla_pkix_pkixder_h
+
+// Expect* functions advance the input mark and return Success if the input
+// matches the given criteria; they fail with the input mark in an undefined
+// state if the input does not match the criteria.
+//
+// Match* functions advance the input mark and return true if the input matches
+// the given criteria; they return false without changing the input mark if the
+// input does not match the criteria.
+//
+// Skip* functions unconditionally advance the input mark and return Success if
+// they are able to do so; otherwise they fail with the input mark in an
+// undefined state.
+
+#include "mozpkix/Input.h"
+#include "mozpkix/pkixtypes.h"
+
+namespace mozilla {
+namespace pkix {
+namespace der {
+
+enum Class : uint8_t {
+ UNIVERSAL = 0 << 6,
+ // APPLICATION = 1 << 6, // unused
+ CONTEXT_SPECIFIC = 2 << 6,
+ // PRIVATE = 3 << 6 // unused
+};
+
+enum Constructed { CONSTRUCTED = 1 << 5 };
+
+enum Tag : uint8_t {
+ BOOLEAN = UNIVERSAL | 0x01,
+ INTEGER = UNIVERSAL | 0x02,
+ BIT_STRING = UNIVERSAL | 0x03,
+ OCTET_STRING = UNIVERSAL | 0x04,
+ NULLTag = UNIVERSAL | 0x05,
+ OIDTag = UNIVERSAL | 0x06,
+ ENUMERATED = UNIVERSAL | 0x0a,
+ UTF8String = UNIVERSAL | 0x0c,
+ SEQUENCE = UNIVERSAL | CONSTRUCTED | 0x10, // 0x30
+ SET = UNIVERSAL | CONSTRUCTED | 0x11, // 0x31
+ PrintableString = UNIVERSAL | 0x13,
+ TeletexString = UNIVERSAL | 0x14,
+ IA5String = UNIVERSAL | 0x16,
+ UTCTime = UNIVERSAL | 0x17,
+ GENERALIZED_TIME = UNIVERSAL | 0x18,
+};
+
+enum class EmptyAllowed { No = 0, Yes = 1 };
+
+Result ReadTagAndGetValue(Reader& input, /*out*/ uint8_t& tag,
+ /*out*/ Input& value);
+Result End(Reader& input);
+
+inline Result ExpectTagAndGetValue(Reader& input, uint8_t tag,
+ /*out*/ Input& value) {
+ uint8_t actualTag;
+ Result rv = ReadTagAndGetValue(input, actualTag, value);
+ if (rv != Success) {
+ return rv;
+ }
+ if (tag != actualTag) {
+ return Result::ERROR_BAD_DER;
+ }
+ return Success;
+}
+
+inline Result ExpectTagAndGetValue(Reader& input, uint8_t tag,
+ /*out*/ Reader& value) {
+ Input valueInput;
+ Result rv = ExpectTagAndGetValue(input, tag, valueInput);
+ if (rv != Success) {
+ return rv;
+ }
+ return value.Init(valueInput);
+}
+
+inline Result ExpectTagAndEmptyValue(Reader& input, uint8_t tag) {
+ Reader value;
+ Result rv = ExpectTagAndGetValue(input, tag, value);
+ if (rv != Success) {
+ return rv;
+ }
+ return End(value);
+}
+
+inline Result ExpectTagAndSkipValue(Reader& input, uint8_t tag) {
+ Input ignoredValue;
+ return ExpectTagAndGetValue(input, tag, ignoredValue);
+}
+
+// Like ExpectTagAndGetValue, except the output Input will contain the
+// encoded tag and length along with the value.
+inline Result ExpectTagAndGetTLV(Reader& input, uint8_t tag,
+ /*out*/ Input& tlv) {
+ Reader::Mark mark(input.GetMark());
+ Result rv = ExpectTagAndSkipValue(input, tag);
+ if (rv != Success) {
+ return rv;
+ }
+ return input.GetInput(mark, tlv);
+}
+
+inline Result End(Reader& input) {
+ if (!input.AtEnd()) {
+ return Result::ERROR_BAD_DER;
+ }
+
+ return Success;
+}
+
+template <typename Decoder>
+inline Result Nested(Reader& input, uint8_t tag, Decoder decoder) {
+ Reader nested;
+ Result rv = ExpectTagAndGetValue(input, tag, nested);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = decoder(nested);
+ if (rv != Success) {
+ return rv;
+ }
+ return End(nested);
+}
+
+template <typename Decoder>
+inline Result Nested(Reader& input, uint8_t outerTag, uint8_t innerTag,
+ Decoder decoder) {
+ Reader nestedInput;
+ Result rv = ExpectTagAndGetValue(input, outerTag, nestedInput);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = Nested(nestedInput, innerTag, decoder);
+ if (rv != Success) {
+ return rv;
+ }
+ return End(nestedInput);
+}
+
+// This can be used to decode constructs like this:
+//
+// ...
+// foos SEQUENCE OF Foo,
+// ...
+// Foo ::= SEQUENCE {
+// }
+//
+// using code like this:
+//
+// Result Foo(Reader& r) { /*...*/ }
+//
+// rv = der::NestedOf(input, der::SEQEUENCE, der::SEQUENCE, Foo);
+//
+// or:
+//
+// Result Bar(Reader& r, int value) { /*...*/ }
+//
+// int value = /*...*/;
+//
+// rv = der::NestedOf(input, der::SEQUENCE, [value](Reader& r) {
+// return Bar(r, value);
+// });
+//
+// In these examples the function will get called once for each element of
+// foos.
+//
+template <typename Decoder>
+inline Result NestedOf(Reader& input, uint8_t outerTag, uint8_t innerTag,
+ EmptyAllowed mayBeEmpty, Decoder decoder) {
+ Reader inner;
+ Result rv = ExpectTagAndGetValue(input, outerTag, inner);
+ if (rv != Success) {
+ return rv;
+ }
+
+ if (inner.AtEnd()) {
+ if (mayBeEmpty != EmptyAllowed::Yes) {
+ return Result::ERROR_BAD_DER;
+ }
+ return Success;
+ }
+
+ do {
+ rv = Nested(inner, innerTag, decoder);
+ if (rv != Success) {
+ return rv;
+ }
+ } while (!inner.AtEnd());
+
+ return Success;
+}
+
+// Often, a function will need to decode an Input or Reader that contains
+// DER-encoded data wrapped in a SEQUENCE (or similar) with nothing after it.
+// This function reduces the boilerplate necessary for stripping the outermost
+// SEQUENCE (or similar) and ensuring that nothing follows it.
+inline Result ExpectTagAndGetValueAtEnd(Reader& outer, uint8_t expectedTag,
+ /*out*/ Reader& inner) {
+ Result rv = der::ExpectTagAndGetValue(outer, expectedTag, inner);
+ if (rv != Success) {
+ return rv;
+ }
+ return der::End(outer);
+}
+
+// Similar to the above, but takes an Input instead of a Reader&.
+inline Result ExpectTagAndGetValueAtEnd(Input outer, uint8_t expectedTag,
+ /*out*/ Reader& inner) {
+ Reader outerReader(outer);
+ return ExpectTagAndGetValueAtEnd(outerReader, expectedTag, inner);
+}
+
+// Universal types
+
+namespace internal {
+
+enum class IntegralValueRestriction {
+ NoRestriction,
+ MustBePositive,
+ MustBe0To127,
+};
+
+Result IntegralBytes(
+ Reader& input, uint8_t tag, IntegralValueRestriction valueRestriction,
+ /*out*/ Input& value,
+ /*optional out*/ Input::size_type* significantBytes = nullptr);
+
+// This parser will only parse values between 0..127. If this range is
+// increased then callers will need to be changed.
+Result IntegralValue(Reader& input, uint8_t tag, /*out*/ uint8_t& value);
+
+} // namespace internal
+
+Result BitStringWithNoUnusedBits(Reader& input, /*out*/ Input& value);
+
+inline Result Boolean(Reader& input, /*out*/ bool& value) {
+ Reader valueReader;
+ Result rv = ExpectTagAndGetValue(input, BOOLEAN, valueReader);
+ if (rv != Success) {
+ return rv;
+ }
+
+ uint8_t intValue;
+ rv = valueReader.Read(intValue);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = End(valueReader);
+ if (rv != Success) {
+ return rv;
+ }
+ switch (intValue) {
+ case 0:
+ value = false;
+ return Success;
+ case 0xFF:
+ value = true;
+ return Success;
+ default:
+ return Result::ERROR_BAD_DER;
+ }
+}
+
+// This is for BOOLEAN DEFAULT FALSE.
+// The standard stipulates that "The encoding of a set value or sequence value
+// shall not include an encoding for any component value which is equal to its
+// default value." However, it appears to be common that other libraries
+// incorrectly include the value of a BOOLEAN even when it's equal to the
+// default value, so we allow invalid explicit encodings here.
+inline Result OptionalBoolean(Reader& input, /*out*/ bool& value) {
+ value = false;
+ if (input.Peek(BOOLEAN)) {
+ Result rv = Boolean(input, value);
+ if (rv != Success) {
+ return rv;
+ }
+ }
+ return Success;
+}
+
+// This parser will only parse values between 0..127. If this range is
+// increased then callers will need to be changed.
+inline Result Enumerated(Reader& input, uint8_t& value) {
+ return internal::IntegralValue(input, ENUMERATED | 0, value);
+}
+
+namespace internal {
+
+// internal::TimeChoice implements the shared functionality of GeneralizedTime
+// and TimeChoice. tag must be either UTCTime or GENERALIZED_TIME.
+//
+// Only times from 1970-01-01-00:00:00 onward are accepted, in order to
+// eliminate the chance for complications in converting times to traditional
+// time formats that start at 1970.
+Result TimeChoice(Reader& input, uint8_t tag, /*out*/ Time& time);
+
+} // namespace internal
+
+// Only times from 1970-01-01-00:00:00 onward are accepted, in order to
+// eliminate the chance for complications in converting times to traditional
+// time formats that start at 1970.
+inline Result GeneralizedTime(Reader& input, /*out*/ Time& time) {
+ return internal::TimeChoice(input, GENERALIZED_TIME, time);
+}
+
+// Only times from 1970-01-01-00:00:00 onward are accepted, in order to
+// eliminate the chance for complications in converting times to traditional
+// time formats that start at 1970.
+inline Result TimeChoice(Reader& input, /*out*/ Time& time) {
+ uint8_t expectedTag = input.Peek(UTCTime) ? UTCTime : GENERALIZED_TIME;
+ return internal::TimeChoice(input, expectedTag, time);
+}
+
+// Parse a DER integer value into value. Empty values, negative values, and
+// zero are rejected. If significantBytes is not null, then it will be set to
+// the number of significant bytes in the value (the length of the value, less
+// the length of any leading padding), which is useful for key size checks.
+inline Result PositiveInteger(
+ Reader& input, /*out*/ Input& value,
+ /*optional out*/ Input::size_type* significantBytes = nullptr) {
+ return internal::IntegralBytes(
+ input, INTEGER, internal::IntegralValueRestriction::MustBePositive, value,
+ significantBytes);
+}
+
+// This parser will only parse values between 0..127. If this range is
+// increased then callers will need to be changed.
+inline Result Integer(Reader& input, /*out*/ uint8_t& value) {
+ return internal::IntegralValue(input, INTEGER, value);
+}
+
+// This parser will only parse values between 0..127. If this range is
+// increased then callers will need to be changed. The default value must be
+// -1; defaultValue is only a parameter to make it clear in the calling code
+// what the default value is.
+inline Result OptionalInteger(Reader& input, long defaultValue,
+ /*out*/ long& value) {
+ // If we need to support a different default value in the future, we need to
+ // test that parsedValue != defaultValue.
+ if (defaultValue != -1) {
+ return Result::FATAL_ERROR_INVALID_ARGS;
+ }
+
+ if (!input.Peek(INTEGER)) {
+ value = defaultValue;
+ return Success;
+ }
+
+ uint8_t parsedValue;
+ Result rv = Integer(input, parsedValue);
+ if (rv != Success) {
+ return rv;
+ }
+ value = parsedValue;
+ return Success;
+}
+
+inline Result Null(Reader& input) {
+ return ExpectTagAndEmptyValue(input, NULLTag);
+}
+
+template <uint8_t Len>
+Result OID(Reader& input, const uint8_t (&expectedOid)[Len]) {
+ Reader value;
+ Result rv = ExpectTagAndGetValue(input, OIDTag, value);
+ if (rv != Success) {
+ return rv;
+ }
+ if (!value.MatchRest(expectedOid)) {
+ return Result::ERROR_BAD_DER;
+ }
+ return Success;
+}
+
+// PKI-specific types
+
+inline Result CertificateSerialNumber(Reader& input, /*out*/ Input& value) {
+ // http://tools.ietf.org/html/rfc5280#section-4.1.2.2:
+ //
+ // * "The serial number MUST be a positive integer assigned by the CA to
+ // each certificate."
+ // * "Certificate users MUST be able to handle serialNumber values up to 20
+ // octets. Conforming CAs MUST NOT use serialNumber values longer than 20
+ // octets."
+ // * "Note: Non-conforming CAs may issue certificates with serial numbers
+ // that are negative or zero. Certificate users SHOULD be prepared to
+ // gracefully handle such certificates."
+ return internal::IntegralBytes(
+ input, INTEGER, internal::IntegralValueRestriction::NoRestriction, value);
+}
+
+// x.509 and OCSP both use this same version numbering scheme, though OCSP
+// only supports v1.
+enum class Version { v1 = 0, v2 = 1, v3 = 2, v4 = 3, Uninitialized = 255 };
+
+// X.509 Certificate and OCSP ResponseData both use
+// "[0] EXPLICIT Version DEFAULT v1". Although an explicit encoding of v1 is
+// illegal, we support it because some real-world OCSP responses explicitly
+// encode it.
+Result OptionalVersion(Reader& input, /*out*/ Version& version);
+
+template <typename ExtensionHandler>
+inline Result OptionalExtensions(Reader& input, uint8_t tag,
+ ExtensionHandler extensionHandler) {
+ if (!input.Peek(tag)) {
+ return Success;
+ }
+
+ return Nested(input, tag, [extensionHandler](Reader& tagged) {
+ // Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
+ //
+ // TODO(bug 997994): According to the specification, there should never be
+ // an empty sequence of extensions but we've found OCSP responses that have
+ // that (see bug 991898).
+ return NestedOf(
+ tagged, SEQUENCE, SEQUENCE, EmptyAllowed::Yes,
+ [extensionHandler](Reader& extension) -> Result {
+ // Extension ::= SEQUENCE {
+ // extnID OBJECT IDENTIFIER,
+ // critical BOOLEAN DEFAULT FALSE,
+ // extnValue OCTET STRING
+ // }
+ Reader extnID;
+ Result rv = ExpectTagAndGetValue(extension, OIDTag, extnID);
+ if (rv != Success) {
+ return rv;
+ }
+ bool critical;
+ rv = OptionalBoolean(extension, critical);
+ if (rv != Success) {
+ return rv;
+ }
+ Input extnValue;
+ rv = ExpectTagAndGetValue(extension, OCTET_STRING, extnValue);
+ if (rv != Success) {
+ return rv;
+ }
+ bool understood = false;
+ rv = extensionHandler(extnID, extnValue, critical, understood);
+ if (rv != Success) {
+ return rv;
+ }
+ if (critical && !understood) {
+ return Result::ERROR_UNKNOWN_CRITICAL_EXTENSION;
+ }
+ return Success;
+ });
+ });
+}
+
+Result DigestAlgorithmIdentifier(Reader& input,
+ /*out*/ DigestAlgorithm& algorithm);
+
+enum class PublicKeyAlgorithm { RSA_PKCS1, ECDSA, Uninitialized };
+
+Result SignatureAlgorithmIdentifierValue(
+ Reader& input,
+ /*out*/ PublicKeyAlgorithm& publicKeyAlgorithm,
+ /*out*/ DigestAlgorithm& digestAlgorithm);
+
+struct SignedDataWithSignature final {
+ public:
+ Input data;
+ Input algorithm;
+ Input signature;
+
+ void operator=(const SignedDataWithSignature&) = delete;
+};
+
+// Parses a SEQUENCE into tbs and then parses an AlgorithmIdentifier followed
+// by a BIT STRING into signedData. This handles the commonality between
+// parsing the signed/signature fields of certificates and OCSP responses. In
+// the case of an OCSP response, the caller needs to parse the certs
+// separately.
+//
+// Note that signatureAlgorithm is NOT parsed or validated.
+//
+// Certificate ::= SEQUENCE {
+// tbsCertificate TBSCertificate,
+// signatureAlgorithm AlgorithmIdentifier,
+// signatureValue BIT STRING }
+//
+// BasicOCSPResponse ::= SEQUENCE {
+// tbsResponseData ResponseData,
+// signatureAlgorithm AlgorithmIdentifier,
+// signature BIT STRING,
+// certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+Result SignedData(Reader& input, /*out*/ Reader& tbs,
+ /*out*/ SignedDataWithSignature& signedDataWithSignature);
+}
+}
+} // namespace mozilla::pkix::der
+
+#endif // mozilla_pkix_pkixder_h
diff --git a/security/nss/lib/mozpkix/include/pkix/pkixnss.h b/security/nss/lib/mozpkix/include/pkix/pkixnss.h
new file mode 100644
index 000000000..b181ca541
--- /dev/null
+++ b/security/nss/lib/mozpkix/include/pkix/pkixnss.h
@@ -0,0 +1,106 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef mozilla_pkix_pkixnss_h
+#define mozilla_pkix_pkixnss_h
+
+#include <seccomon.h>
+#include "mozpkix/pkixtypes.h"
+#include "prerror.h"
+
+namespace mozilla {
+namespace pkix {
+
+// Verifies the PKCS#1.5 signature on the given data using the given RSA public
+// key.
+Result VerifyRSAPKCS1SignedDigestNSS(const SignedDigest& sd,
+ Input subjectPublicKeyInfo,
+ void* pkcs11PinArg);
+
+// Verifies the ECDSA signature on the given data using the given ECC public
+// key.
+Result VerifyECDSASignedDigestNSS(const SignedDigest& sd,
+ Input subjectPublicKeyInfo,
+ void* pkcs11PinArg);
+
+// Computes the digest of the given data using the given digest algorithm.
+//
+// item contains the data to hash.
+// digestBuf must point to a buffer to where the digest will be written.
+// digestBufLen must be the size of the buffer, which must be exactly equal
+// to the size of the digest output (20 for SHA-1, 32 for SHA-256,
+// etc.)
+//
+// TODO: Taking the output buffer as (uint8_t*, size_t) is counter to our
+// other, extensive, memory safety efforts in mozilla::pkix, and we should find
+// a way to provide a more-obviously-safe interface.
+Result DigestBufNSS(Input item, DigestAlgorithm digestAlg,
+ /*out*/ uint8_t* digestBuf, size_t digestBufLen);
+
+Result MapPRErrorCodeToResult(PRErrorCode errorCode);
+PRErrorCode MapResultToPRErrorCode(Result result);
+
+// The error codes within each module must fit in 16 bits. We want these
+// errors to fit in the same module as the NSS errors but not overlap with
+// any of them. Converting an NSS SEC, NSS SSL, or PSM error to an NS error
+// involves negating the value of the error and then synthesizing an error
+// in the NS_ERROR_MODULE_SECURITY module. Hence, PSM errors will start at
+// a negative value that both doesn't overlap with the current value
+// ranges for NSS errors and that will fit in 16 bits when negated.
+static const PRErrorCode ERROR_BASE = -0x4000;
+static const PRErrorCode ERROR_LIMIT = ERROR_BASE + 1000;
+
+enum ErrorCode {
+ MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE = ERROR_BASE + 0,
+ MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY = ERROR_BASE + 1,
+ MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE = ERROR_BASE + 2,
+ MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA = ERROR_BASE + 3,
+ MOZILLA_PKIX_ERROR_NO_RFC822NAME_MATCH = ERROR_BASE + 4,
+ MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE = ERROR_BASE + 5,
+ MOZILLA_PKIX_ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE = ERROR_BASE + 6,
+ MOZILLA_PKIX_ERROR_SIGNATURE_ALGORITHM_MISMATCH = ERROR_BASE + 7,
+ MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING = ERROR_BASE + 8,
+ MOZILLA_PKIX_ERROR_VALIDITY_TOO_LONG = ERROR_BASE + 9,
+ MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING = ERROR_BASE + 10,
+ MOZILLA_PKIX_ERROR_INVALID_INTEGER_ENCODING = ERROR_BASE + 11,
+ MOZILLA_PKIX_ERROR_EMPTY_ISSUER_NAME = ERROR_BASE + 12,
+ MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED = ERROR_BASE + 13,
+ MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT = ERROR_BASE + 14,
+ MOZILLA_PKIX_ERROR_MITM_DETECTED = ERROR_BASE + 15,
+ END_OF_LIST
+};
+
+void RegisterErrorTable();
+
+inline SECItem UnsafeMapInputToSECItem(Input input) {
+ SECItem result = {siBuffer, const_cast<uint8_t*>(input.UnsafeGetData()),
+ input.GetLength()};
+ static_assert(sizeof(decltype(input.GetLength())) <= sizeof(result.len),
+ "input.GetLength() must fit in a SECItem");
+ return result;
+}
+}
+} // namespace mozilla::pkix
+
+#endif // mozilla_pkix_pkixnss_h
diff --git a/security/nss/lib/mozpkix/include/pkix/pkixtypes.h b/security/nss/lib/mozpkix/include/pkix/pkixtypes.h
new file mode 100644
index 000000000..6b12edbb1
--- /dev/null
+++ b/security/nss/lib/mozpkix/include/pkix/pkixtypes.h
@@ -0,0 +1,400 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef mozilla_pkix_pkixtypes_h
+#define mozilla_pkix_pkixtypes_h
+
+#include <memory>
+
+#include "mozpkix/Input.h"
+#include "mozpkix/Time.h"
+#include "stdint.h"
+
+namespace mozilla {
+namespace pkix {
+
+enum class DigestAlgorithm {
+ sha512 = 1,
+ sha384 = 2,
+ sha256 = 3,
+ sha1 = 4,
+};
+
+enum class NamedCurve {
+ // secp521r1 (OID 1.3.132.0.35, RFC 5480)
+ secp521r1 = 1,
+
+ // secp384r1 (OID 1.3.132.0.34, RFC 5480)
+ secp384r1 = 2,
+
+ // secp256r1 (OID 1.2.840.10045.3.1.7, RFC 5480)
+ secp256r1 = 3,
+};
+
+struct SignedDigest final {
+ Input digest;
+ DigestAlgorithm digestAlgorithm;
+ Input signature;
+
+ void operator=(const SignedDigest&) = delete;
+};
+
+enum class EndEntityOrCA { MustBeEndEntity = 0, MustBeCA = 1 };
+
+enum class KeyUsage : uint8_t {
+ digitalSignature = 0,
+ nonRepudiation = 1,
+ keyEncipherment = 2,
+ dataEncipherment = 3,
+ keyAgreement = 4,
+ keyCertSign = 5,
+ // cRLSign = 6,
+ // encipherOnly = 7,
+ // decipherOnly = 8,
+ noParticularKeyUsageRequired = 0xff,
+};
+
+enum class KeyPurposeId {
+ anyExtendedKeyUsage = 0,
+ id_kp_serverAuth = 1, // id-kp-serverAuth
+ id_kp_clientAuth = 2, // id-kp-clientAuth
+ id_kp_codeSigning = 3, // id-kp-codeSigning
+ id_kp_emailProtection = 4, // id-kp-emailProtection
+ id_kp_OCSPSigning = 9, // id-kp-OCSPSigning
+};
+
+struct CertPolicyId final {
+ uint16_t numBytes;
+ static const uint16_t MAX_BYTES = 24;
+ uint8_t bytes[MAX_BYTES];
+
+ bool IsAnyPolicy() const;
+ bool operator==(const CertPolicyId& other) const;
+
+ static const CertPolicyId anyPolicy;
+};
+
+enum class TrustLevel {
+ TrustAnchor = 1, // certificate is a trusted root CA certificate or
+ // equivalent *for the given policy*.
+ ActivelyDistrusted = 2, // certificate is known to be bad
+ InheritsTrust = 3 // certificate must chain to a trust anchor
+};
+
+// Extensions extracted during the verification flow.
+// See TrustDomain::NoteAuxiliaryExtension.
+enum class AuxiliaryExtension {
+ // Certificate Transparency data, specifically Signed Certificate
+ // Timestamps (SCTs). See RFC 6962.
+
+ // SCT list embedded in the end entity certificate. Called by BuildCertChain
+ // after the certificate containing the SCTs has passed the revocation checks.
+ EmbeddedSCTList = 1,
+ // SCT list from OCSP response. Called by VerifyEncodedOCSPResponse
+ // when its result is a success and the SCT list is present.
+ SCTListFromOCSPResponse = 2
+};
+
+// CertID references the information needed to do revocation checking for the
+// certificate issued by the given issuer with the given serial number.
+//
+// issuer must be the DER-encoded issuer field from the certificate for which
+// revocation checking is being done, **NOT** the subject field of the issuer
+// certificate. (Those two fields must be equal to each other, but they may not
+// be encoded exactly the same, and the encoding matters for OCSP.)
+// issuerSubjectPublicKeyInfo is the entire DER-encoded subjectPublicKeyInfo
+// field from the issuer's certificate. serialNumber is the entire DER-encoded
+// serial number from the subject certificate (the certificate for which we are
+// checking the revocation status).
+struct CertID final {
+ public:
+ CertID(Input aIssuer, Input aIssuerSubjectPublicKeyInfo, Input aSerialNumber)
+ : issuer(aIssuer),
+ issuerSubjectPublicKeyInfo(aIssuerSubjectPublicKeyInfo),
+ serialNumber(aSerialNumber) {}
+ const Input issuer;
+ const Input issuerSubjectPublicKeyInfo;
+ const Input serialNumber;
+
+ void operator=(const CertID&) = delete;
+};
+typedef std::unique_ptr<CertID> ScopedCertID;
+
+class DERArray {
+ public:
+ // Returns the number of DER-encoded items in the array.
+ virtual size_t GetLength() const = 0;
+
+ // Returns a weak (non-owning) pointer the ith DER-encoded item in the array
+ // (0-indexed). The result is guaranteed to be non-null if i < GetLength(),
+ // and the result is guaranteed to be nullptr if i >= GetLength().
+ virtual const Input* GetDER(size_t i) const = 0;
+
+ protected:
+ DERArray() {}
+ virtual ~DERArray() {}
+};
+
+// Applications control the behavior of path building and verification by
+// implementing the TrustDomain interface. The TrustDomain is used for all
+// cryptography and for determining which certificates are trusted or
+// distrusted.
+class TrustDomain {
+ public:
+ virtual ~TrustDomain() {}
+
+ // Determine the level of trust in the given certificate for the given role.
+ // This will be called for every certificate encountered during path
+ // building.
+ //
+ // When policy.IsAnyPolicy(), then no policy-related checking should be done.
+ // When !policy.IsAnyPolicy(), then GetCertTrust MUST NOT return with
+ // trustLevel == TrustAnchor unless the given cert is considered a trust
+ // anchor *for that policy*. In particular, if the user has marked an
+ // intermediate certificate as trusted, but that intermediate isn't in the
+ // list of EV roots, then GetCertTrust must result in
+ // trustLevel == InheritsTrust instead of trustLevel == TrustAnchor
+ // (assuming the candidate cert is not actively distrusted).
+ virtual Result GetCertTrust(EndEntityOrCA endEntityOrCA,
+ const CertPolicyId& policy,
+ Input candidateCertDER,
+ /*out*/ TrustLevel& trustLevel) = 0;
+
+ class IssuerChecker {
+ public:
+ // potentialIssuerDER is the complete DER encoding of the certificate to
+ // be checked as a potential issuer.
+ //
+ // If additionalNameConstraints is not nullptr then it must point to an
+ // encoded NameConstraints extension value; in that case, those name
+ // constraints will be checked in addition to any any name constraints
+ // contained in potentialIssuerDER.
+ virtual Result Check(Input potentialIssuerDER,
+ /*optional*/ const Input* additionalNameConstraints,
+ /*out*/ bool& keepGoing) = 0;
+
+ protected:
+ IssuerChecker();
+ virtual ~IssuerChecker();
+
+ IssuerChecker(const IssuerChecker&) = delete;
+ void operator=(const IssuerChecker&) = delete;
+ };
+
+ // Search for a CA certificate with the given name. The implementation must
+ // call checker.Check with the DER encoding of the potential issuer
+ // certificate. The implementation must follow these rules:
+ //
+ // * The implementation must be reentrant and must limit the amount of stack
+ // space it uses; see the note on reentrancy and stack usage below.
+ // * When checker.Check does not return Success then immediately return its
+ // return value.
+ // * When checker.Check returns Success and sets keepGoing = false, then
+ // immediately return Success.
+ // * When checker.Check returns Success and sets keepGoing = true, then
+ // call checker.Check again with a different potential issuer certificate,
+ // if any more are available.
+ // * When no more potential issuer certificates are available, return
+ // Success.
+ // * Don't call checker.Check with the same potential issuer certificate more
+ // than once in a given call of FindIssuer.
+ // * The given time parameter may be used to filter out certificates that are
+ // not valid at the given time, or it may be ignored.
+ //
+ // Note on reentrancy and stack usage: checker.Check will attempt to
+ // recursively build a certificate path from the potential issuer it is given
+ // to a trusted root, as determined by this TrustDomain. That means that
+ // checker.Check may call any/all of the methods on this TrustDomain. In
+ // particular, there will be call stacks that look like this:
+ //
+ // BuildCertChain
+ // [...]
+ // TrustDomain::FindIssuer
+ // [...]
+ // IssuerChecker::Check
+ // [...]
+ // TrustDomain::FindIssuer
+ // [...]
+ // IssuerChecker::Check
+ // [...]
+ //
+ // checker.Check is responsible for limiting the recursion to a reasonable
+ // limit.
+ //
+ // checker.Check will verify that the subject's issuer field matches the
+ // potential issuer's subject field. It will also check that the potential
+ // issuer is valid at the given time. However, if the FindIssuer
+ // implementation has an efficient way of filtering potential issuers by name
+ // and/or validity period itself, then it is probably better for performance
+ // for it to do so.
+ virtual Result FindIssuer(Input encodedIssuerName, IssuerChecker& checker,
+ Time time) = 0;
+
+ // Called as soon as we think we have a valid chain but before revocation
+ // checks are done. This function can be used to compute additional checks,
+ // especially checks that require the entire certificate chain. This callback
+ // can also be used to save a copy of the built certificate chain for later
+ // use.
+ //
+ // This function may be called multiple times, regardless of whether it
+ // returns success or failure. It is guaranteed that BuildCertChain will not
+ // return Success unless the last call to IsChainValid returns Success.
+ // Further,
+ // it is guaranteed that when BuildCertChain returns Success the last chain
+ // passed to IsChainValid is the valid chain that should be used for further
+ // operations that require the whole chain.
+ //
+ // Keep in mind, in particular, that if the application saves a copy of the
+ // certificate chain the last invocation of IsChainValid during a validation,
+ // it is still possible for BuildCertChain to fail, in which case the
+ // application must not assume anything about the validity of the last
+ // certificate chain passed to IsChainValid; especially, it would be very
+ // wrong to assume that the certificate chain is valid.
+ //
+ // certChain.GetDER(0) is the trust anchor.
+ virtual Result IsChainValid(const DERArray& certChain, Time time,
+ const CertPolicyId& requiredPolicy) = 0;
+
+ virtual Result CheckRevocation(EndEntityOrCA endEntityOrCA,
+ const CertID& certID, Time time,
+ Duration validityDuration,
+ /*optional*/ const Input* stapledOCSPresponse,
+ /*optional*/ const Input* aiaExtension) = 0;
+
+ // Check that the given digest algorithm is acceptable for use in signatures.
+ //
+ // Return Success if the algorithm is acceptable,
+ // Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED if the algorithm is not
+ // acceptable, or another error code if another error occurred.
+ virtual Result CheckSignatureDigestAlgorithm(DigestAlgorithm digestAlg,
+ EndEntityOrCA endEntityOrCA,
+ Time notBefore) = 0;
+
+ // Check that the RSA public key size is acceptable.
+ //
+ // Return Success if the key size is acceptable,
+ // Result::ERROR_INADEQUATE_KEY_SIZE if the key size is not acceptable,
+ // or another error code if another error occurred.
+ virtual Result CheckRSAPublicKeyModulusSizeInBits(
+ EndEntityOrCA endEntityOrCA, unsigned int modulusSizeInBits) = 0;
+
+ // Verify the given RSA PKCS#1.5 signature on the given digest using the
+ // given RSA public key.
+ //
+ // CheckRSAPublicKeyModulusSizeInBits will be called before calling this
+ // function, so it is not necessary to repeat those checks here. However,
+ // VerifyRSAPKCS1SignedDigest *is* responsible for doing the mathematical
+ // verification of the public key validity as specified in NIST SP 800-56A.
+ virtual Result VerifyRSAPKCS1SignedDigest(const SignedDigest& signedDigest,
+ Input subjectPublicKeyInfo) = 0;
+
+ // Check that the given named ECC curve is acceptable for ECDSA signatures.
+ //
+ // Return Success if the curve is acceptable,
+ // Result::ERROR_UNSUPPORTED_ELLIPTIC_CURVE if the curve is not acceptable,
+ // or another error code if another error occurred.
+ virtual Result CheckECDSACurveIsAcceptable(EndEntityOrCA endEntityOrCA,
+ NamedCurve curve) = 0;
+
+ // Verify the given ECDSA signature on the given digest using the given ECC
+ // public key.
+ //
+ // CheckECDSACurveIsAcceptable will be called before calling this function,
+ // so it is not necessary to repeat that check here. However,
+ // VerifyECDSASignedDigest *is* responsible for doing the mathematical
+ // verification of the public key validity as specified in NIST SP 800-56A.
+ virtual Result VerifyECDSASignedDigest(const SignedDigest& signedDigest,
+ Input subjectPublicKeyInfo) = 0;
+
+ // Check that the validity duration is acceptable.
+ //
+ // Return Success if the validity duration is acceptable,
+ // Result::ERROR_VALIDITY_TOO_LONG if the validity duration is not acceptable,
+ // or another error code if another error occurred.
+ virtual Result CheckValidityIsAcceptable(Time notBefore, Time notAfter,
+ EndEntityOrCA endEntityOrCA,
+ KeyPurposeId keyPurpose) = 0;
+
+ // For compatibility, a CA certificate with an extended key usage that
+ // contains the id-Netscape-stepUp OID but does not contain the
+ // id-kp-serverAuth OID may be considered valid for issuing server auth
+ // certificates. This function allows TrustDomain implementations to control
+ // this setting based on the start of the validity period of the certificate
+ // in question.
+ virtual Result NetscapeStepUpMatchesServerAuth(Time notBefore,
+ /*out*/ bool& matches) = 0;
+
+ // Some certificate or OCSP response extensions do not directly participate
+ // in the verification flow, but might still be of interest to the clients
+ // (notably Certificate Transparency data, RFC 6962). Such extensions are
+ // extracted and passed to this function for further processing.
+ virtual void NoteAuxiliaryExtension(AuxiliaryExtension extension,
+ Input extensionData) = 0;
+
+ // Compute a digest of the data in item using the given digest algorithm.
+ //
+ // item contains the data to hash.
+ // digestBuf points to a buffer to where the digest will be written.
+ // digestBufLen will be the size of the digest output (20 for SHA-1,
+ // 32 for SHA-256, etc.).
+ //
+ // TODO: Taking the output buffer as (uint8_t*, size_t) is counter to our
+ // other, extensive, memory safety efforts in mozilla::pkix, and we should
+ // find a way to provide a more-obviously-safe interface.
+ virtual Result DigestBuf(Input item, DigestAlgorithm digestAlg,
+ /*out*/ uint8_t* digestBuf, size_t digestBufLen) = 0;
+
+ protected:
+ TrustDomain() {}
+
+ TrustDomain(const TrustDomain&) = delete;
+ void operator=(const TrustDomain&) = delete;
+};
+
+enum class FallBackToSearchWithinSubject { No = 0, Yes = 1 };
+
+// Applications control the behavior of matching presented name information from
+// a certificate against a reference hostname by implementing the
+// NameMatchingPolicy interface. Used in concert with CheckCertHostname.
+class NameMatchingPolicy {
+ public:
+ virtual ~NameMatchingPolicy() {}
+
+ // Given that the certificate in question has a notBefore field with the given
+ // value, should name matching fall back to searching within the subject
+ // common name field?
+ virtual Result FallBackToCommonName(
+ Time notBefore,
+ /*out*/ FallBackToSearchWithinSubject& fallBackToCommonName) = 0;
+
+ protected:
+ NameMatchingPolicy() {}
+
+ NameMatchingPolicy(const NameMatchingPolicy&) = delete;
+ void operator=(const NameMatchingPolicy&) = delete;
+};
+}
+} // namespace mozilla::pkix
+
+#endif // mozilla_pkix_pkixtypes_h
diff --git a/security/nss/lib/mozpkix/include/pkix/pkixutil.h b/security/nss/lib/mozpkix/include/pkix/pkixutil.h
new file mode 100644
index 000000000..ca5b5a2d7
--- /dev/null
+++ b/security/nss/lib/mozpkix/include/pkix/pkixutil.h
@@ -0,0 +1,265 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef mozilla_pkix_pkixutil_h
+#define mozilla_pkix_pkixutil_h
+
+#include "mozpkix/pkixder.h"
+
+namespace mozilla {
+namespace pkix {
+
+// During path building and verification, we build a linked list of BackCerts
+// from the current cert toward the end-entity certificate. The linked list
+// is used to verify properties that aren't local to the current certificate
+// and/or the direct link between the current certificate and its issuer,
+// such as name constraints.
+//
+// Each BackCert contains pointers to all the given certificate's extensions
+// so that we can parse the extension block once and then process the
+// extensions in an order that may be different than they appear in the cert.
+class BackCert final {
+ public:
+ // certDER and childCert must be valid for the lifetime of BackCert.
+ BackCert(Input aCertDER, EndEntityOrCA aEndEntityOrCA,
+ const BackCert* aChildCert)
+ : der(aCertDER),
+ endEntityOrCA(aEndEntityOrCA),
+ childCert(aChildCert),
+ version(der::Version::Uninitialized) {}
+
+ Result Init();
+
+ const Input GetDER() const { return der; }
+ const der::SignedDataWithSignature& GetSignedData() const {
+ return signedData;
+ }
+
+ der::Version GetVersion() const { return version; }
+ const Input GetSerialNumber() const { return serialNumber; }
+ const Input GetSignature() const { return signature; }
+ const Input GetIssuer() const { return issuer; }
+ // XXX: "validity" is a horrible name for the structure that holds
+ // notBefore & notAfter, but that is the name used in RFC 5280 and we use the
+ // RFC 5280 names for everything.
+ const Input GetValidity() const { return validity; }
+ const Input GetSubject() const { return subject; }
+ const Input GetSubjectPublicKeyInfo() const { return subjectPublicKeyInfo; }
+ const Input* GetAuthorityInfoAccess() const {
+ return MaybeInput(authorityInfoAccess);
+ }
+ const Input* GetBasicConstraints() const {
+ return MaybeInput(basicConstraints);
+ }
+ const Input* GetCertificatePolicies() const {
+ return MaybeInput(certificatePolicies);
+ }
+ const Input* GetExtKeyUsage() const { return MaybeInput(extKeyUsage); }
+ const Input* GetKeyUsage() const { return MaybeInput(keyUsage); }
+ const Input* GetInhibitAnyPolicy() const {
+ return MaybeInput(inhibitAnyPolicy);
+ }
+ const Input* GetNameConstraints() const {
+ return MaybeInput(nameConstraints);
+ }
+ const Input* GetSubjectAltName() const { return MaybeInput(subjectAltName); }
+ const Input* GetRequiredTLSFeatures() const {
+ return MaybeInput(requiredTLSFeatures);
+ }
+ const Input* GetSignedCertificateTimestamps() const {
+ return MaybeInput(signedCertificateTimestamps);
+ }
+
+ private:
+ const Input der;
+
+ public:
+ const EndEntityOrCA endEntityOrCA;
+ BackCert const* const childCert;
+
+ private:
+ // When parsing certificates in BackCert::Init, we don't accept empty
+ // extensions. Consequently, we don't have to store a distinction between
+ // empty extensions and extensions that weren't included. However, when
+ // *processing* extensions, we distinguish between whether an extension was
+ // included or not based on whetehr the GetXXX function for the extension
+ // returns nullptr.
+ static inline const Input* MaybeInput(const Input& item) {
+ return item.GetLength() > 0 ? &item : nullptr;
+ }
+
+ der::SignedDataWithSignature signedData;
+
+ der::Version version;
+ Input serialNumber;
+ Input signature;
+ Input issuer;
+ // XXX: "validity" is a horrible name for the structure that holds
+ // notBefore & notAfter, but that is the name used in RFC 5280 and we use the
+ // RFC 5280 names for everything.
+ Input validity;
+ Input subject;
+ Input subjectPublicKeyInfo;
+
+ Input authorityInfoAccess;
+ Input basicConstraints;
+ Input certificatePolicies;
+ Input extKeyUsage;
+ Input inhibitAnyPolicy;
+ Input keyUsage;
+ Input nameConstraints;
+ Input subjectAltName;
+ Input criticalNetscapeCertificateType;
+ Input requiredTLSFeatures;
+ Input signedCertificateTimestamps; // RFC 6962 (Certificate Transparency)
+
+ Result RememberExtension(Reader& extnID, Input extnValue, bool critical,
+ /*out*/ bool& understood);
+
+ BackCert(const BackCert&) = delete;
+ void operator=(const BackCert&) = delete;
+};
+
+class NonOwningDERArray final : public DERArray {
+ public:
+ NonOwningDERArray() : numItems(0) {
+ // we don't need to initialize the items array because we always check
+ // numItems before accessing i.
+ }
+
+ size_t GetLength() const override { return numItems; }
+
+ const Input* GetDER(size_t i) const override {
+ return i < numItems ? &items[i] : nullptr;
+ }
+
+ Result Append(Input der) {
+ if (numItems >= MAX_LENGTH) {
+ return Result::FATAL_ERROR_INVALID_ARGS;
+ }
+ Result rv = items[numItems].Init(der); // structure assignment
+ if (rv != Success) {
+ return rv;
+ }
+ ++numItems;
+ return Success;
+ }
+
+ // Public so we can static_assert on this. Keep in sync with MAX_SUBCA_COUNT.
+ static const size_t MAX_LENGTH = 8;
+
+ private:
+ Input items[MAX_LENGTH]; // avoids any heap allocations
+ size_t numItems;
+
+ NonOwningDERArray(const NonOwningDERArray&) = delete;
+ void operator=(const NonOwningDERArray&) = delete;
+};
+
+// Extracts the SignedCertificateTimestampList structure which is encoded as an
+// OCTET STRING within the X.509v3 / OCSP extensions (see RFC 6962 section 3.3).
+Result ExtractSignedCertificateTimestampListFromExtension(Input extnValue,
+ Input& sctList);
+
+inline unsigned int DaysBeforeYear(unsigned int year) {
+ assert(year <= 9999);
+ return ((year - 1u) * 365u) +
+ ((year - 1u) / 4u) // leap years are every 4 years,
+ - ((year - 1u) / 100u) // except years divisible by 100,
+ + ((year - 1u) / 400u); // except years divisible by 400.
+}
+
+static const size_t MAX_DIGEST_SIZE_IN_BYTES = 512 / 8; // sha-512
+
+Result DigestSignedData(TrustDomain& trustDomain,
+ const der::SignedDataWithSignature& signedData,
+ /*out*/ uint8_t (&digestBuf)[MAX_DIGEST_SIZE_IN_BYTES],
+ /*out*/ der::PublicKeyAlgorithm& publicKeyAlg,
+ /*out*/ SignedDigest& signedDigest);
+
+Result VerifySignedDigest(TrustDomain& trustDomain,
+ der::PublicKeyAlgorithm publicKeyAlg,
+ const SignedDigest& signedDigest,
+ Input signerSubjectPublicKeyInfo);
+
+// Combines DigestSignedData and VerifySignedDigest
+Result VerifySignedData(TrustDomain& trustDomain,
+ const der::SignedDataWithSignature& signedData,
+ Input signerSubjectPublicKeyInfo);
+
+// Extracts the key parameters from |subjectPublicKeyInfo|, invoking
+// the relevant methods of |trustDomain|.
+Result CheckSubjectPublicKeyInfo(Input subjectPublicKeyInfo,
+ TrustDomain& trustDomain,
+ EndEntityOrCA endEntityOrCA);
+
+// In a switch over an enum, sometimes some compilers are not satisfied that
+// all control flow paths have been considered unless there is a default case.
+// However, in our code, such a default case is almost always unreachable dead
+// code. That can be particularly problematic when the compiler wants the code
+// to choose a value, such as a return value, for the default case, but there's
+// no appropriate "impossible case" value to choose.
+//
+// MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM accounts for this. Example:
+//
+// // In xy.cpp
+// #include "xt.h"
+//
+// enum class XY { X, Y };
+//
+// int func(XY xy) {
+// switch (xy) {
+// case XY::X: return 1;
+// case XY::Y; return 2;
+// MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+// }
+// }
+#if defined(__clang__)
+// Clang will warn if not all cases are covered (-Wswitch-enum) AND it will
+// warn if a switch statement that covers every enum label has a default case
+// (-W-covered-switch-default). Versions prior to 3.5 warned about unreachable
+// code in such default cases (-Wunreachable-code) even when
+// -W-covered-switch-default was disabled, but that changed in Clang 3.5.
+#define MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM // empty
+#elif defined(__GNUC__)
+// GCC will warn if not all cases are covered (-Wswitch-enum). It does not
+// assume that the default case is unreachable.
+#define MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM \
+ default: \
+ assert(false); \
+ __builtin_unreachable();
+#elif defined(_MSC_VER)
+// MSVC will warn if not all cases are covered (C4061, level 4). It does not
+// assume that the default case is unreachable.
+#define MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM \
+ default: \
+ assert(false); \
+ __assume(0);
+#else
+#error Unsupported compiler for MOZILLA_PKIX_UNREACHABLE_DEFAULT.
+#endif
+}
+} // namespace mozilla::pkix
+
+#endif // mozilla_pkix_pkixutil_h
diff --git a/security/nss/lib/mozpkix/lib/pkixbuild.cpp b/security/nss/lib/mozpkix/lib/pkixbuild.cpp
new file mode 100644
index 000000000..0ac2cb883
--- /dev/null
+++ b/security/nss/lib/mozpkix/lib/pkixbuild.cpp
@@ -0,0 +1,418 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "mozpkix/pkix.h"
+
+#include "mozpkix/pkixcheck.h"
+#include "mozpkix/pkixutil.h"
+
+namespace mozilla { namespace pkix {
+
+static Result BuildForward(TrustDomain& trustDomain,
+ const BackCert& subject,
+ Time time,
+ KeyUsage requiredKeyUsageIfPresent,
+ KeyPurposeId requiredEKUIfPresent,
+ const CertPolicyId& requiredPolicy,
+ /*optional*/ const Input* stapledOCSPResponse,
+ unsigned int subCACount,
+ unsigned int& buildForwardCallBudget);
+
+TrustDomain::IssuerChecker::IssuerChecker() { }
+TrustDomain::IssuerChecker::~IssuerChecker() { }
+
+// The implementation of TrustDomain::IssuerTracker is in a subclass only to
+// hide the implementation from external users.
+class PathBuildingStep final : public TrustDomain::IssuerChecker
+{
+public:
+ PathBuildingStep(TrustDomain& aTrustDomain, const BackCert& aSubject,
+ Time aTime, KeyPurposeId aRequiredEKUIfPresent,
+ const CertPolicyId& aRequiredPolicy,
+ /*optional*/ const Input* aStapledOCSPResponse,
+ unsigned int aSubCACount, Result aDeferredSubjectError,
+ unsigned int& aBuildForwardCallBudget)
+ : trustDomain(aTrustDomain)
+ , subject(aSubject)
+ , time(aTime)
+ , requiredEKUIfPresent(aRequiredEKUIfPresent)
+ , requiredPolicy(aRequiredPolicy)
+ , stapledOCSPResponse(aStapledOCSPResponse)
+ , subCACount(aSubCACount)
+ , deferredSubjectError(aDeferredSubjectError)
+ , subjectSignaturePublicKeyAlg(der::PublicKeyAlgorithm::Uninitialized)
+ , result(Result::FATAL_ERROR_LIBRARY_FAILURE)
+ , resultWasSet(false)
+ , buildForwardCallBudget(aBuildForwardCallBudget)
+ {
+ }
+
+ Result Check(Input potentialIssuerDER,
+ /*optional*/ const Input* additionalNameConstraints,
+ /*out*/ bool& keepGoing) override;
+
+ Result CheckResult() const;
+
+private:
+ TrustDomain& trustDomain;
+ const BackCert& subject;
+ const Time time;
+ const KeyPurposeId requiredEKUIfPresent;
+ const CertPolicyId& requiredPolicy;
+ /*optional*/ Input const* const stapledOCSPResponse;
+ const unsigned int subCACount;
+ const Result deferredSubjectError;
+
+ // Initialized lazily.
+ uint8_t subjectSignatureDigestBuf[MAX_DIGEST_SIZE_IN_BYTES];
+ der::PublicKeyAlgorithm subjectSignaturePublicKeyAlg;
+ SignedDigest subjectSignature;
+
+ Result RecordResult(Result currentResult, /*out*/ bool& keepGoing);
+ Result result;
+ bool resultWasSet;
+ unsigned int& buildForwardCallBudget;
+
+ PathBuildingStep(const PathBuildingStep&) = delete;
+ void operator=(const PathBuildingStep&) = delete;
+};
+
+Result
+PathBuildingStep::RecordResult(Result newResult, /*out*/ bool& keepGoing)
+{
+ if (newResult == Result::ERROR_UNTRUSTED_CERT) {
+ newResult = Result::ERROR_UNTRUSTED_ISSUER;
+ } else if (newResult == Result::ERROR_EXPIRED_CERTIFICATE) {
+ newResult = Result::ERROR_EXPIRED_ISSUER_CERTIFICATE;
+ } else if (newResult == Result::ERROR_NOT_YET_VALID_CERTIFICATE) {
+ newResult = Result::ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE;
+ }
+
+ if (resultWasSet) {
+ if (result == Success) {
+ return NotReached("RecordResult called after finding a chain",
+ Result::FATAL_ERROR_INVALID_STATE);
+ }
+ // If every potential issuer has the same problem (e.g. expired) and/or if
+ // there is only one bad potential issuer, then return a more specific
+ // error. Otherwise, punt on trying to decide which error should be
+ // returned by returning the generic Result::ERROR_UNKNOWN_ISSUER error.
+ if (newResult != Success && newResult != result) {
+ newResult = Result::ERROR_UNKNOWN_ISSUER;
+ }
+ }
+
+ result = newResult;
+ resultWasSet = true;
+ keepGoing = result != Success;
+ return Success;
+}
+
+Result
+PathBuildingStep::CheckResult() const
+{
+ if (!resultWasSet) {
+ return Result::ERROR_UNKNOWN_ISSUER;
+ }
+ return result;
+}
+
+// The code that executes in the inner loop of BuildForward
+Result
+PathBuildingStep::Check(Input potentialIssuerDER,
+ /*optional*/ const Input* additionalNameConstraints,
+ /*out*/ bool& keepGoing)
+{
+ BackCert potentialIssuer(potentialIssuerDER, EndEntityOrCA::MustBeCA,
+ &subject);
+ Result rv = potentialIssuer.Init();
+ if (rv != Success) {
+ return RecordResult(rv, keepGoing);
+ }
+
+ // Simple TrustDomain::FindIssuers implementations may pass in all possible
+ // CA certificates without any filtering. Because of this, we don't consider
+ // a mismatched name to be an error. Instead, we just pretend that any
+ // certificate without a matching name was never passed to us. In particular,
+ // we treat the case where the TrustDomain only asks us to check CA
+ // certificates with mismatched names as equivalent to the case where the
+ // TrustDomain never called Check() at all.
+ if (!InputsAreEqual(potentialIssuer.GetSubject(), subject.GetIssuer())) {
+ keepGoing = true;
+ return Success;
+ }
+
+ // Loop prevention, done as recommended by RFC4158 Section 5.2
+ // TODO: this doesn't account for subjectAltNames!
+ // TODO(perf): This probably can and should be optimized in some way.
+ for (const BackCert* prev = potentialIssuer.childCert; prev;
+ prev = prev->childCert) {
+ if (InputsAreEqual(potentialIssuer.GetSubjectPublicKeyInfo(),
+ prev->GetSubjectPublicKeyInfo()) &&
+ InputsAreEqual(potentialIssuer.GetSubject(), prev->GetSubject())) {
+ // XXX: error code
+ return RecordResult(Result::ERROR_UNKNOWN_ISSUER, keepGoing);
+ }
+ }
+
+ if (potentialIssuer.GetNameConstraints()) {
+ rv = CheckNameConstraints(*potentialIssuer.GetNameConstraints(),
+ subject, requiredEKUIfPresent);
+ if (rv != Success) {
+ return RecordResult(rv, keepGoing);
+ }
+ }
+
+ if (additionalNameConstraints) {
+ rv = CheckNameConstraints(*additionalNameConstraints, subject,
+ requiredEKUIfPresent);
+ if (rv != Success) {
+ return RecordResult(rv, keepGoing);
+ }
+ }
+
+ rv = CheckTLSFeatures(subject, potentialIssuer);
+ if (rv != Success) {
+ return RecordResult(rv, keepGoing);
+ }
+
+ // If we've ran out of budget, stop searching.
+ if (buildForwardCallBudget == 0) {
+ Result savedRv = RecordResult(Result::ERROR_UNKNOWN_ISSUER, keepGoing);
+ keepGoing = false;
+ return savedRv;
+ }
+ buildForwardCallBudget--;
+
+ // RFC 5280, Section 4.2.1.3: "If the keyUsage extension is present, then the
+ // subject public key MUST NOT be used to verify signatures on certificates
+ // or CRLs unless the corresponding keyCertSign or cRLSign bit is set."
+ rv = BuildForward(trustDomain, potentialIssuer, time, KeyUsage::keyCertSign,
+ requiredEKUIfPresent, requiredPolicy, nullptr, subCACount,
+ buildForwardCallBudget);
+ if (rv != Success) {
+ return RecordResult(rv, keepGoing);
+ }
+
+ // Calculate the digest of the subject's signed data if we haven't already
+ // done so. We do this lazily to avoid doing it at all if we backtrack before
+ // getting to this point. We cache the result to avoid recalculating it if we
+ // backtrack after getting to this point.
+ if (subjectSignature.digest.GetLength() == 0) {
+ rv = DigestSignedData(trustDomain, subject.GetSignedData(),
+ subjectSignatureDigestBuf,
+ subjectSignaturePublicKeyAlg, subjectSignature);
+ if (rv != Success) {
+ return rv;
+ }
+ }
+
+ rv = VerifySignedDigest(trustDomain, subjectSignaturePublicKeyAlg,
+ subjectSignature,
+ potentialIssuer.GetSubjectPublicKeyInfo());
+ if (rv != Success) {
+ return RecordResult(rv, keepGoing);
+ }
+
+ // We avoid doing revocation checking for expired certificates because OCSP
+ // responders are allowed to forget about expired certificates, and many OCSP
+ // responders return an error when asked for the status of an expired
+ // certificate.
+ if (deferredSubjectError != Result::ERROR_EXPIRED_CERTIFICATE) {
+ CertID certID(subject.GetIssuer(), potentialIssuer.GetSubjectPublicKeyInfo(),
+ subject.GetSerialNumber());
+ Time notBefore(Time::uninitialized);
+ Time notAfter(Time::uninitialized);
+ // This should never fail. If we're here, we've already parsed the validity
+ // and checked that the given time is in the certificate's validity period.
+ rv = ParseValidity(subject.GetValidity(), ¬Before, ¬After);
+ if (rv != Success) {
+ return rv;
+ }
+ Duration validityDuration(notAfter, notBefore);
+ rv = trustDomain.CheckRevocation(subject.endEntityOrCA, certID, time,
+ validityDuration, stapledOCSPResponse,
+ subject.GetAuthorityInfoAccess());
+ if (rv != Success) {
+ // Since this is actually a problem with the current subject certificate
+ // (rather than the issuer), it doesn't make sense to keep going; all
+ // paths through this certificate will fail.
+ Result savedRv = RecordResult(rv, keepGoing);
+ keepGoing = false;
+ return savedRv;
+ }
+
+ if (subject.endEntityOrCA == EndEntityOrCA::MustBeEndEntity) {
+ const Input* sctExtension = subject.GetSignedCertificateTimestamps();
+ if (sctExtension) {
+ Input sctList;
+ rv = ExtractSignedCertificateTimestampListFromExtension(*sctExtension,
+ sctList);
+ if (rv != Success) {
+ // Again, the problem is with this certificate, and all paths through
+ // it will fail.
+ Result savedRv = RecordResult(rv, keepGoing);
+ keepGoing = false;
+ return savedRv;
+ }
+ trustDomain.NoteAuxiliaryExtension(AuxiliaryExtension::EmbeddedSCTList,
+ sctList);
+ }
+ }
+ }
+
+ return RecordResult(Success, keepGoing);
+}
+
+// Recursively build the path from the given subject certificate to the root.
+//
+// Be very careful about changing the order of checks. The order is significant
+// because it affects which error we return when a certificate or certificate
+// chain has multiple problems. See the error ranking documentation in
+// pkix/pkix.h.
+static Result
+BuildForward(TrustDomain& trustDomain,
+ const BackCert& subject,
+ Time time,
+ KeyUsage requiredKeyUsageIfPresent,
+ KeyPurposeId requiredEKUIfPresent,
+ const CertPolicyId& requiredPolicy,
+ /*optional*/ const Input* stapledOCSPResponse,
+ unsigned int subCACount,
+ unsigned int& buildForwardCallBudget)
+{
+ Result rv;
+
+ TrustLevel trustLevel;
+ // If this is an end-entity and not a trust anchor, we defer reporting
+ // any error found here until after attempting to find a valid chain.
+ // See the explanation of error prioritization in pkix.h.
+ rv = CheckIssuerIndependentProperties(trustDomain, subject, time,
+ requiredKeyUsageIfPresent,
+ requiredEKUIfPresent, requiredPolicy,
+ subCACount, trustLevel);
+ Result deferredEndEntityError = Success;
+ if (rv != Success) {
+ if (subject.endEntityOrCA == EndEntityOrCA::MustBeEndEntity &&
+ trustLevel != TrustLevel::TrustAnchor) {
+ deferredEndEntityError = rv;
+ } else {
+ return rv;
+ }
+ }
+
+ if (trustLevel == TrustLevel::TrustAnchor) {
+ // End of the recursion.
+
+ NonOwningDERArray chain;
+ for (const BackCert* cert = &subject; cert; cert = cert->childCert) {
+ rv = chain.Append(cert->GetDER());
+ if (rv != Success) {
+ return NotReached("NonOwningDERArray::SetItem failed.", rv);
+ }
+ }
+
+ // This must be done here, after the chain is built but before any
+ // revocation checks have been done.
+ return trustDomain.IsChainValid(chain, time, requiredPolicy);
+ }
+
+ if (subject.endEntityOrCA == EndEntityOrCA::MustBeCA) {
+ // Avoid stack overflows and poor performance by limiting cert chain
+ // length.
+ static const unsigned int MAX_SUBCA_COUNT = 6;
+ static_assert(1/*end-entity*/ + MAX_SUBCA_COUNT + 1/*root*/ ==
+ NonOwningDERArray::MAX_LENGTH,
+ "MAX_SUBCA_COUNT and NonOwningDERArray::MAX_LENGTH mismatch.");
+ if (subCACount >= MAX_SUBCA_COUNT) {
+ return Result::ERROR_UNKNOWN_ISSUER;
+ }
+ ++subCACount;
+ } else {
+ assert(subCACount == 0);
+ }
+
+ // Find a trusted issuer.
+
+ PathBuildingStep pathBuilder(trustDomain, subject, time,
+ requiredEKUIfPresent, requiredPolicy,
+ stapledOCSPResponse, subCACount,
+ deferredEndEntityError, buildForwardCallBudget);
+
+ // TODO(bug 965136): Add SKI/AKI matching optimizations
+ rv = trustDomain.FindIssuer(subject.GetIssuer(), pathBuilder, time);
+ if (rv != Success) {
+ return rv;
+ }
+
+ rv = pathBuilder.CheckResult();
+ if (rv != Success) {
+ return rv;
+ }
+
+ // If we found a valid chain but deferred reporting an error with the
+ // end-entity certificate, report it now.
+ if (deferredEndEntityError != Success) {
+ return deferredEndEntityError;
+ }
+
+ // We've built a valid chain from the subject cert up to a trusted root.
+ return Success;
+}
+
+Result
+BuildCertChain(TrustDomain& trustDomain, Input certDER,
+ Time time, EndEntityOrCA endEntityOrCA,
+ KeyUsage requiredKeyUsageIfPresent,
+ KeyPurposeId requiredEKUIfPresent,
+ const CertPolicyId& requiredPolicy,
+ /*optional*/ const Input* stapledOCSPResponse)
+{
+ // XXX: Support the legacy use of the subject CN field for indicating the
+ // domain name the certificate is valid for.
+ BackCert cert(certDER, endEntityOrCA, nullptr);
+ Result rv = cert.Init();
+ if (rv != Success) {
+ return rv;
+ }
+
+ // See bug 1056341 for context. If mozilla::pkix is being used in an
+ // environment where there are many certificates that all have the same
+ // distinguished name as their subject and issuer (but different SPKIs - see
+ // the loop prevention as per RFC4158 Section 5.2 in PathBuildingStep::Check),
+ // the space to search becomes exponential. Because it would be prohibitively
+ // expensive to explore the entire space, we introduce a budget here that,
+ // when exhausted, terminates the search with the result
+ // Result::ERROR_UNKNOWN_ISSUER. Essentially, we limit the total number of
+ // times `BuildForward` can be called. The current value appears to be a good
+ // balance between finding a path when one exists (when the space isn't too
+ // large) and timing out quickly enough when the space is too large or there
+ // is no valid path to a trust anchor.
+ unsigned int buildForwardCallBudget = 200000;
+ return BuildForward(trustDomain, cert, time, requiredKeyUsageIfPresent,
+ requiredEKUIfPresent, requiredPolicy, stapledOCSPResponse,
+ 0/*subCACount*/, buildForwardCallBudget);
+}
+
+} } // namespace mozilla::pkix
diff --git a/security/nss/lib/mozpkix/lib/pkixcert.cpp b/security/nss/lib/mozpkix/lib/pkixcert.cpp
new file mode 100644
index 000000000..a30483738
--- /dev/null
+++ b/security/nss/lib/mozpkix/lib/pkixcert.cpp
@@ -0,0 +1,323 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2014 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "mozpkix/pkixutil.h"
+
+namespace mozilla { namespace pkix {
+
+Result
+BackCert::Init()
+{
+ Result rv;
+
+ // Certificate ::= SEQUENCE {
+ // tbsCertificate TBSCertificate,
+ // signatureAlgorithm AlgorithmIdentifier,
+ // signatureValue BIT STRING }
+
+ Reader tbsCertificate;
+
+ // The scope of |input| and |certificate| are limited to this block so we
+ // don't accidentally confuse them for tbsCertificate later.
+ {
+ Reader certificate;
+ rv = der::ExpectTagAndGetValueAtEnd(der, der::SEQUENCE, certificate);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::SignedData(certificate, tbsCertificate, signedData);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::End(certificate);
+ if (rv != Success) {
+ return rv;
+ }
+ }
+
+ // TBSCertificate ::= SEQUENCE {
+ // version [0] EXPLICIT Version DEFAULT v1,
+ // serialNumber CertificateSerialNumber,
+ // signature AlgorithmIdentifier,
+ // issuer Name,
+ // validity Validity,
+ // subject Name,
+ // subjectPublicKeyInfo SubjectPublicKeyInfo,
+ // issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
+ // -- If present, version MUST be v2 or v3
+ // subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
+ // -- If present, version MUST be v2 or v3
+ // extensions [3] EXPLICIT Extensions OPTIONAL
+ // -- If present, version MUST be v3
+ // }
+ rv = der::OptionalVersion(tbsCertificate, version);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::CertificateSerialNumber(tbsCertificate, serialNumber);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::ExpectTagAndGetValue(tbsCertificate, der::SEQUENCE, signature);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::ExpectTagAndGetTLV(tbsCertificate, der::SEQUENCE, issuer);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::ExpectTagAndGetValue(tbsCertificate, der::SEQUENCE, validity);
+ if (rv != Success) {
+ return rv;
+ }
+ // TODO(bug XXXXXXX): We rely on the the caller of mozilla::pkix to validate
+ // that the name is syntactically valid, if they care. In Gecko we do this
+ // implicitly by parsing the certificate into a CERTCertificate object.
+ // Instead of relying on the caller to do this, we should do it ourselves.
+ rv = der::ExpectTagAndGetTLV(tbsCertificate, der::SEQUENCE, subject);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::ExpectTagAndGetTLV(tbsCertificate, der::SEQUENCE,
+ subjectPublicKeyInfo);
+ if (rv != Success) {
+ return rv;
+ }
+
+ static const uint8_t CSC = der::CONTEXT_SPECIFIC | der::CONSTRUCTED;
+
+ // According to RFC 5280, all fields below this line are forbidden for
+ // certificate versions less than v3. However, for compatibility reasons,
+ // we parse v1/v2 certificates in the same way as v3 certificates. So if
+ // these fields appear in a v1 certificate, they will be used.
+
+ // Ignore issuerUniqueID if present.
+ if (tbsCertificate.Peek(CSC | 1)) {
+ rv = der::ExpectTagAndSkipValue(tbsCertificate, CSC | 1);
+ if (rv != Success) {
+ return rv;
+ }
+ }
+
+ // Ignore subjectUniqueID if present.
+ if (tbsCertificate.Peek(CSC | 2)) {
+ rv = der::ExpectTagAndSkipValue(tbsCertificate, CSC | 2);
+ if (rv != Success) {
+ return rv;
+ }
+ }
+
+ rv = der::OptionalExtensions(
+ tbsCertificate, CSC | 3,
+ [this](Reader& extnID, const Input& extnValue, bool critical,
+ /*out*/ bool& understood) {
+ return RememberExtension(extnID, extnValue, critical, understood);
+ });
+ if (rv != Success) {
+ return rv;
+ }
+
+ // The Netscape Certificate Type extension is an obsolete
+ // Netscape-proprietary mechanism that we ignore in favor of the standard
+ // extensions. However, some CAs have issued certificates with the Netscape
+ // Cert Type extension marked critical. Thus, for compatibility reasons, we
+ // "understand" this extension by ignoring it when it is not critical, and
+ // by ensuring that the equivalent standardized extensions are present when
+ // it is marked critical, based on the assumption that the information in
+ // the Netscape Cert Type extension is consistent with the information in
+ // the standard extensions.
+ //
+ // Here is a mapping between the Netscape Cert Type extension and the
+ // standard extensions:
+ //
+ // Netscape Cert Type | BasicConstraints.cA | Extended Key Usage
+ // --------------------+-----------------------+----------------------
+ // SSL Server | false | id_kp_serverAuth
+ // SSL Client | false | id_kp_clientAuth
+ // S/MIME Client | false | id_kp_emailProtection
+ // Object Signing | false | id_kp_codeSigning
+ // SSL Server CA | true | id_kp_serverAuth
+ // SSL Client CA | true | id_kp_clientAuth
+ // S/MIME CA | true | id_kp_emailProtection
+ // Object Signing CA | true | id_kp_codeSigning
+ if (criticalNetscapeCertificateType.GetLength() > 0 &&
+ (basicConstraints.GetLength() == 0 || extKeyUsage.GetLength() == 0)) {
+ return Result::ERROR_UNKNOWN_CRITICAL_EXTENSION;
+ }
+
+ return der::End(tbsCertificate);
+}
+
+Result
+BackCert::RememberExtension(Reader& extnID, Input extnValue,
+ bool critical, /*out*/ bool& understood)
+{
+ understood = false;
+
+ // python DottedOIDToCode.py id-ce-keyUsage 2.5.29.15
+ static const uint8_t id_ce_keyUsage[] = {
+ 0x55, 0x1d, 0x0f
+ };
+ // python DottedOIDToCode.py id-ce-subjectAltName 2.5.29.17
+ static const uint8_t id_ce_subjectAltName[] = {
+ 0x55, 0x1d, 0x11
+ };
+ // python DottedOIDToCode.py id-ce-basicConstraints 2.5.29.19
+ static const uint8_t id_ce_basicConstraints[] = {
+ 0x55, 0x1d, 0x13
+ };
+ // python DottedOIDToCode.py id-ce-nameConstraints 2.5.29.30
+ static const uint8_t id_ce_nameConstraints[] = {
+ 0x55, 0x1d, 0x1e
+ };
+ // python DottedOIDToCode.py id-ce-certificatePolicies 2.5.29.32
+ static const uint8_t id_ce_certificatePolicies[] = {
+ 0x55, 0x1d, 0x20
+ };
+ // python DottedOIDToCode.py id-ce-policyConstraints 2.5.29.36
+ static const uint8_t id_ce_policyConstraints[] = {
+ 0x55, 0x1d, 0x24
+ };
+ // python DottedOIDToCode.py id-ce-extKeyUsage 2.5.29.37
+ static const uint8_t id_ce_extKeyUsage[] = {
+ 0x55, 0x1d, 0x25
+ };
+ // python DottedOIDToCode.py id-ce-inhibitAnyPolicy 2.5.29.54
+ static const uint8_t id_ce_inhibitAnyPolicy[] = {
+ 0x55, 0x1d, 0x36
+ };
+ // python DottedOIDToCode.py id-pe-authorityInfoAccess 1.3.6.1.5.5.7.1.1
+ static const uint8_t id_pe_authorityInfoAccess[] = {
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01
+ };
+ // python DottedOIDToCode.py id-pkix-ocsp-nocheck 1.3.6.1.5.5.7.48.1.5
+ static const uint8_t id_pkix_ocsp_nocheck[] = {
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x05
+ };
+ // python DottedOIDToCode.py Netscape-certificate-type 2.16.840.1.113730.1.1
+ static const uint8_t Netscape_certificate_type[] = {
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, 0x01
+ };
+ // python DottedOIDToCode.py id-pe-tlsfeature 1.3.6.1.5.5.7.1.24
+ static const uint8_t id_pe_tlsfeature[] = {
+ 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x18
+ };
+ // python DottedOIDToCode.py id-embeddedSctList 1.3.6.1.4.1.11129.2.4.2
+ // See Section 3.3 of RFC 6962.
+ static const uint8_t id_embeddedSctList[] = {
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x04, 0x02
+ };
+
+ Input* out = nullptr;
+
+ // We already enforce the maximum possible constraints for policies so we
+ // can safely ignore even critical policy constraint extensions.
+ //
+ // XXX: Doing it this way won't allow us to detect duplicate
+ // policyConstraints extensions, but that's OK because (and only because) we
+ // ignore the extension.
+ Input dummyPolicyConstraints;
+
+ // We don't need to save the contents of this extension if it is present. We
+ // just need to handle its presence (it is essentially ignored right now).
+ Input dummyOCSPNocheck;
+
+ // For compatibility reasons, for some extensions we have to allow empty
+ // extension values. This would normally interfere with our duplicate
+ // extension checking code. However, as long as the extensions we allow to
+ // have empty values are also the ones we implicitly allow duplicates of,
+ // this will work fine.
+ bool emptyValueAllowed = false;
+
+ // RFC says "Conforming CAs MUST mark this extension as non-critical" for
+ // both authorityKeyIdentifier and subjectKeyIdentifier, and we do not use
+ // them for anything, so we totally ignore them here.
+
+ if (extnID.MatchRest(id_ce_keyUsage)) {
+ out = &keyUsage;
+ } else if (extnID.MatchRest(id_ce_subjectAltName)) {
+ out = &subjectAltName;
+ } else if (extnID.MatchRest(id_ce_basicConstraints)) {
+ out = &basicConstraints;
+ } else if (extnID.MatchRest(id_ce_nameConstraints)) {
+ out = &nameConstraints;
+ } else if (extnID.MatchRest(id_ce_certificatePolicies)) {
+ out = &certificatePolicies;
+ } else if (extnID.MatchRest(id_ce_policyConstraints)) {
+ out = &dummyPolicyConstraints;
+ } else if (extnID.MatchRest(id_ce_extKeyUsage)) {
+ out = &extKeyUsage;
+ } else if (extnID.MatchRest(id_ce_inhibitAnyPolicy)) {
+ out = &inhibitAnyPolicy;
+ } else if (extnID.MatchRest(id_pe_authorityInfoAccess)) {
+ out = &authorityInfoAccess;
+ } else if (extnID.MatchRest(id_pe_tlsfeature)) {
+ out = &requiredTLSFeatures;
+ } else if (extnID.MatchRest(id_embeddedSctList)) {
+ out = &signedCertificateTimestamps;
+ } else if (extnID.MatchRest(id_pkix_ocsp_nocheck) && critical) {
+ // We need to make sure we don't reject delegated OCSP response signing
+ // certificates that contain the id-pkix-ocsp-nocheck extension marked as
+ // critical when validating OCSP responses. Without this, an application
+ // that implements soft-fail OCSP might ignore a valid Revoked or Unknown
+ // response, and an application that implements hard-fail OCSP might fail
+ // to connect to a server given a valid Good response.
+ out = &dummyOCSPNocheck;
+ // We allow this extension to have an empty value.
+ // See http://comments.gmane.org/gmane.ietf.x509/30947
+ emptyValueAllowed = true;
+ } else if (extnID.MatchRest(Netscape_certificate_type) && critical) {
+ out = &criticalNetscapeCertificateType;
+ }
+
+ if (out) {
+ // Don't allow an empty value for any extension we understand. This way, we
+ // can test out->GetLength() != 0 or out->Init() to check for duplicates.
+ if (extnValue.GetLength() == 0 && !emptyValueAllowed) {
+ return Result::ERROR_EXTENSION_VALUE_INVALID;
+ }
+ if (out->Init(extnValue) != Success) {
+ // Duplicate extension
+ return Result::ERROR_EXTENSION_VALUE_INVALID;
+ }
+ understood = true;
+ }
+
+ return Success;
+}
+
+Result
+ExtractSignedCertificateTimestampListFromExtension(Input extnValue,
+ Input& sctList)
+{
+ Reader decodedValue;
+ Result rv = der::ExpectTagAndGetValueAtEnd(extnValue, der::OCTET_STRING,
+ decodedValue);
+ if (rv != Success) {
+ return rv;
+ }
+ return decodedValue.SkipToEnd(sctList);
+}
+
+} } // namespace mozilla::pkix
diff --git a/security/nss/lib/mozpkix/lib/pkixcheck.cpp b/security/nss/lib/mozpkix/lib/pkixcheck.cpp
new file mode 100644
index 000000000..317db01e2
--- /dev/null
+++ b/security/nss/lib/mozpkix/lib/pkixcheck.cpp
@@ -0,0 +1,1100 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "mozpkix/pkixcheck.h"
+
+#include "mozpkix/pkixder.h"
+#include "mozpkix/pkixutil.h"
+
+namespace mozilla { namespace pkix {
+
+// 4.1.1.2 signatureAlgorithm
+// 4.1.2.3 signature
+
+Result
+CheckSignatureAlgorithm(TrustDomain& trustDomain,
+ EndEntityOrCA endEntityOrCA,
+ Time notBefore,
+ const der::SignedDataWithSignature& signedData,
+ Input signatureValue)
+{
+ // 4.1.1.2. signatureAlgorithm
+ der::PublicKeyAlgorithm publicKeyAlg;
+ DigestAlgorithm digestAlg;
+ Reader signatureAlgorithmReader(signedData.algorithm);
+ Result rv = der::SignatureAlgorithmIdentifierValue(signatureAlgorithmReader,
+ publicKeyAlg, digestAlg);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::End(signatureAlgorithmReader);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // 4.1.2.3. Signature
+ der::PublicKeyAlgorithm signedPublicKeyAlg;
+ DigestAlgorithm signedDigestAlg;
+ Reader signedSignatureAlgorithmReader(signatureValue);
+ rv = der::SignatureAlgorithmIdentifierValue(signedSignatureAlgorithmReader,
+ signedPublicKeyAlg,
+ signedDigestAlg);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::End(signedSignatureAlgorithmReader);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // "This field MUST contain the same algorithm identifier as the
+ // signatureAlgorithm field in the sequence Certificate." However, it may
+ // be encoded differently. In particular, one of the fields may have a NULL
+ // parameter while the other one may omit the parameter field altogether, and
+ // these are considered equivalent. Some certificates generation software
+ // actually generates certificates like that, so we compare the parsed values
+ // instead of comparing the encoded values byte-for-byte.
+ //
+ // Along the same lines, we accept two different OIDs for RSA-with-SHA1, and
+ // we consider those OIDs to be equivalent here.
+ if (publicKeyAlg != signedPublicKeyAlg || digestAlg != signedDigestAlg) {
+ return Result::ERROR_SIGNATURE_ALGORITHM_MISMATCH;
+ }
+
+ // During the time of the deprecation of SHA-1 and the deprecation of RSA
+ // keys of less than 2048 bits, we will encounter many certs signed using
+ // SHA-1 and/or too-small RSA keys. With this in mind, we ask the trust
+ // domain early on if it knows it will reject the signature purely based on
+ // the digest algorithm and/or the RSA key size (if an RSA signature). This
+ // is a good optimization because it completely avoids calling
+ // trustDomain.FindIssuers (which may be slow) for such rejected certs, and
+ // more generally it short-circuits any path building with them (which, of
+ // course, is even slower).
+
+ rv = trustDomain.CheckSignatureDigestAlgorithm(digestAlg, endEntityOrCA,
+ notBefore);
+ if (rv != Success) {
+ return rv;
+ }
+
+ switch (publicKeyAlg) {
+ case der::PublicKeyAlgorithm::RSA_PKCS1:
+ {
+ // The RSA computation may give a result that requires fewer bytes to
+ // encode than the public key (since it is modular arithmetic). However,
+ // the last step of generating a PKCS#1.5 signature is the I2OSP
+ // procedure, which pads any such shorter result with zeros so that it
+ // is exactly the same length as the public key.
+ unsigned int signatureSizeInBits = signedData.signature.GetLength() * 8u;
+ return trustDomain.CheckRSAPublicKeyModulusSizeInBits(
+ endEntityOrCA, signatureSizeInBits);
+ }
+
+ case der::PublicKeyAlgorithm::ECDSA:
+ // In theory, we could implement a similar early-pruning optimization for
+ // ECDSA curves. However, since there has been no similar deprecation for
+ // for any curve that we support, the chances of us encountering a curve
+ // during path building is too low to be worth bothering with.
+ break;
+ case der::PublicKeyAlgorithm::Uninitialized:
+ {
+ assert(false);
+ return Result::FATAL_ERROR_LIBRARY_FAILURE;
+ }
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+
+ return Success;
+}
+
+// 4.1.2.4 Issuer
+
+Result
+CheckIssuer(Input encodedIssuer)
+{
+ // "The issuer field MUST contain a non-empty distinguished name (DN)."
+ Reader issuer(encodedIssuer);
+ Input encodedRDNs;
+ ExpectTagAndGetValue(issuer, der::SEQUENCE, encodedRDNs);
+ Reader rdns(encodedRDNs);
+ // Check that the issuer name contains at least one RDN
+ // (Note: this does not check related grammar rules, such as there being one
+ // or more AVAs in each RDN, or the values in AVAs not being empty strings)
+ if (rdns.AtEnd()) {
+ return Result::ERROR_EMPTY_ISSUER_NAME;
+ }
+ return Success;
+}
+
+// 4.1.2.5 Validity
+
+Result
+ParseValidity(Input encodedValidity,
+ /*optional out*/ Time* notBeforeOut,
+ /*optional out*/ Time* notAfterOut)
+{
+ Reader validity(encodedValidity);
+ Time notBefore(Time::uninitialized);
+ if (der::TimeChoice(validity, notBefore) != Success) {
+ return Result::ERROR_INVALID_DER_TIME;
+ }
+
+ Time notAfter(Time::uninitialized);
+ if (der::TimeChoice(validity, notAfter) != Success) {
+ return Result::ERROR_INVALID_DER_TIME;
+ }
+
+ if (der::End(validity) != Success) {
+ return Result::ERROR_INVALID_DER_TIME;
+ }
+
+ if (notBefore > notAfter) {
+ return Result::ERROR_INVALID_DER_TIME;
+ }
+
+ if (notBeforeOut) {
+ *notBeforeOut = notBefore;
+ }
+ if (notAfterOut) {
+ *notAfterOut = notAfter;
+ }
+
+ return Success;
+}
+
+Result
+CheckValidity(Time time, Time notBefore, Time notAfter)
+{
+ if (time < notBefore) {
+ return Result::ERROR_NOT_YET_VALID_CERTIFICATE;
+ }
+
+ if (time > notAfter) {
+ return Result::ERROR_EXPIRED_CERTIFICATE;
+ }
+
+ return Success;
+}
+
+// 4.1.2.7 Subject Public Key Info
+
+Result
+CheckSubjectPublicKeyInfoContents(Reader& input, TrustDomain& trustDomain,
+ EndEntityOrCA endEntityOrCA)
+{
+ // Here, we validate the syntax and do very basic semantic validation of the
+ // public key of the certificate. The intention here is to filter out the
+ // types of bad inputs that are most likely to trigger non-mathematical
+ // security vulnerabilities in the TrustDomain, like buffer overflows or the
+ // use of unsafe elliptic curves.
+ //
+ // We don't check (all of) the mathematical properties of the public key here
+ // because it is more efficient for the TrustDomain to do it during signature
+ // verification and/or other use of the public key. In particular, we
+ // delegate the arithmetic validation of the public key, as specified in
+ // NIST SP800-56A section 5.6.2, to the TrustDomain, at least for now.
+
+ Reader algorithm;
+ Input subjectPublicKey;
+ Result rv = der::ExpectTagAndGetValue(input, der::SEQUENCE, algorithm);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::BitStringWithNoUnusedBits(input, subjectPublicKey);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::End(input);
+ if (rv != Success) {
+ return rv;
+ }
+
+ Reader subjectPublicKeyReader(subjectPublicKey);
+
+ Reader algorithmOID;
+ rv = der::ExpectTagAndGetValue(algorithm, der::OIDTag, algorithmOID);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // RFC 3279 Section 2.3.1
+ // python DottedOIDToCode.py rsaEncryption 1.2.840.113549.1.1.1
+ static const uint8_t rsaEncryption[] = {
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01
+ };
+
+ // RFC 3279 Section 2.3.5 and RFC 5480 Section 2.1.1
+ // python DottedOIDToCode.py id-ecPublicKey 1.2.840.10045.2.1
+ static const uint8_t id_ecPublicKey[] = {
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01
+ };
+
+ if (algorithmOID.MatchRest(id_ecPublicKey)) {
+ // An id-ecPublicKey AlgorithmIdentifier has a parameter that identifes
+ // the curve being used. Although RFC 5480 specifies multiple forms, we
+ // only supported the NamedCurve form, where the curve is identified by an
+ // OID.
+
+ Reader namedCurveOIDValue;
+ rv = der::ExpectTagAndGetValue(algorithm, der::OIDTag,
+ namedCurveOIDValue);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // RFC 5480
+ // python DottedOIDToCode.py secp256r1 1.2.840.10045.3.1.7
+ static const uint8_t secp256r1[] = {
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
+ };
+
+ // RFC 5480
+ // python DottedOIDToCode.py secp384r1 1.3.132.0.34
+ static const uint8_t secp384r1[] = {
+ 0x2b, 0x81, 0x04, 0x00, 0x22
+ };
+
+ // RFC 5480
+ // python DottedOIDToCode.py secp521r1 1.3.132.0.35
+ static const uint8_t secp521r1[] = {
+ 0x2b, 0x81, 0x04, 0x00, 0x23
+ };
+
+ // Matching is attempted based on a rough estimate of the commonality of the
+ // elliptic curve, to minimize the number of MatchRest calls.
+ NamedCurve curve;
+ unsigned int bits;
+ if (namedCurveOIDValue.MatchRest(secp256r1)) {
+ curve = NamedCurve::secp256r1;
+ bits = 256;
+ } else if (namedCurveOIDValue.MatchRest(secp384r1)) {
+ curve = NamedCurve::secp384r1;
+ bits = 384;
+ } else if (namedCurveOIDValue.MatchRest(secp521r1)) {
+ curve = NamedCurve::secp521r1;
+ bits = 521;
+ } else {
+ return Result::ERROR_UNSUPPORTED_ELLIPTIC_CURVE;
+ }
+
+ rv = trustDomain.CheckECDSACurveIsAcceptable(endEntityOrCA, curve);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // RFC 5480 Section 2.2 says that the first octet will be 0x04 to indicate
+ // an uncompressed point, which is the only encoding we support.
+ uint8_t compressedOrUncompressed;
+ rv = subjectPublicKeyReader.Read(compressedOrUncompressed);
+ if (rv != Success) {
+ return rv;
+ }
+ if (compressedOrUncompressed != 0x04) {
+ return Result::ERROR_UNSUPPORTED_EC_POINT_FORM;
+ }
+
+ // The point is encoded as two raw (not DER-encoded) integers, each padded
+ // to the bit length (rounded up to the nearest byte).
+ Input point;
+ rv = subjectPublicKeyReader.SkipToEnd(point);
+ if (rv != Success) {
+ return rv;
+ }
+ if (point.GetLength() != ((bits + 7) / 8u) * 2u) {
+ return Result::ERROR_BAD_DER;
+ }
+
+ // XXX: We defer the mathematical verification of the validity of the point
+ // until signature verification. This means that if we never verify a
+ // signature, we'll never fully check whether the public key is valid.
+ } else if (algorithmOID.MatchRest(rsaEncryption)) {
+ // RFC 3279 Section 2.3.1 says "The parameters field MUST have ASN.1 type
+ // NULL for this algorithm identifier."
+ rv = der::ExpectTagAndEmptyValue(algorithm, der::NULLTag);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // RSAPublicKey :: = SEQUENCE{
+ // modulus INTEGER, --n
+ // publicExponent INTEGER } --e
+ rv = der::Nested(subjectPublicKeyReader, der::SEQUENCE,
+ [&trustDomain, endEntityOrCA](Reader& r) {
+ Input modulus;
+ Input::size_type modulusSignificantBytes;
+ Result nestedRv =
+ der::PositiveInteger(r, modulus, &modulusSignificantBytes);
+ if (nestedRv != Success) {
+ return nestedRv;
+ }
+ // XXX: Should we do additional checks of the modulus?
+ nestedRv = trustDomain.CheckRSAPublicKeyModulusSizeInBits(
+ endEntityOrCA, modulusSignificantBytes * 8u);
+ if (nestedRv != Success) {
+ return nestedRv;
+ }
+
+ // XXX: We don't allow the TrustDomain to validate the exponent.
+ // XXX: We don't do our own sanity checking of the exponent.
+ Input exponent;
+ return der::PositiveInteger(r, exponent);
+ });
+ if (rv != Success) {
+ return rv;
+ }
+ } else {
+ return Result::ERROR_UNSUPPORTED_KEYALG;
+ }
+
+ rv = der::End(algorithm);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::End(subjectPublicKeyReader);
+ if (rv != Success) {
+ return rv;
+ }
+
+ return Success;
+}
+
+Result
+CheckSubjectPublicKeyInfo(Input subjectPublicKeyInfo, TrustDomain& trustDomain,
+ EndEntityOrCA endEntityOrCA)
+{
+ Reader spkiReader(subjectPublicKeyInfo);
+ Result rv = der::Nested(spkiReader, der::SEQUENCE, [&](Reader& r) {
+ return CheckSubjectPublicKeyInfoContents(r, trustDomain, endEntityOrCA);
+ });
+ if (rv != Success) {
+ return rv;
+ }
+ return der::End(spkiReader);
+}
+
+// 4.2.1.3. Key Usage (id-ce-keyUsage)
+
+// As explained in the comment in CheckKeyUsage, bit 0 is the most significant
+// bit and bit 7 is the least significant bit.
+inline uint8_t KeyUsageToBitMask(KeyUsage keyUsage)
+{
+ assert(keyUsage != KeyUsage::noParticularKeyUsageRequired);
+ return 0x80u >> static_cast<uint8_t>(keyUsage);
+}
+
+Result
+CheckKeyUsage(EndEntityOrCA endEntityOrCA, const Input* encodedKeyUsage,
+ KeyUsage requiredKeyUsageIfPresent)
+{
+ if (!encodedKeyUsage) {
+ // TODO(bug 970196): Reject certificates that are being used to verify
+ // certificate signatures unless the certificate is a trust anchor, to
+ // reduce the chances of an end-entity certificate being abused as a CA
+ // certificate.
+ // if (endEntityOrCA == EndEntityOrCA::MustBeCA && !isTrustAnchor) {
+ // return Result::ERROR_INADEQUATE_KEY_USAGE;
+ // }
+ //
+ // TODO: Users may configure arbitrary certificates as trust anchors, not
+ // just roots. We should only allow a certificate without a key usage to be
+ // used as a CA when it is self-issued and self-signed.
+ return Success;
+ }
+
+ Reader input(*encodedKeyUsage);
+ Reader value;
+ if (der::ExpectTagAndGetValue(input, der::BIT_STRING, value) != Success) {
+ return Result::ERROR_INADEQUATE_KEY_USAGE;
+ }
+
+ uint8_t numberOfPaddingBits;
+ if (value.Read(numberOfPaddingBits) != Success) {
+ return Result::ERROR_INADEQUATE_KEY_USAGE;
+ }
+ if (numberOfPaddingBits > 7) {
+ return Result::ERROR_INADEQUATE_KEY_USAGE;
+ }
+
+ uint8_t bits;
+ if (value.Read(bits) != Success) {
+ // Reject empty bit masks.
+ return Result::ERROR_INADEQUATE_KEY_USAGE;
+ }
+
+ // The most significant bit is numbered 0 (digitalSignature) and the least
+ // significant bit is numbered 7 (encipherOnly), and the padding is in the
+ // least significant bits of the last byte. The numbering of bits in a byte
+ // is backwards from how we usually interpret them.
+ //
+ // For example, let's say bits is encoded in one byte with of value 0xB0 and
+ // numberOfPaddingBits == 4. Then, bits is 10110000 in binary:
+ //
+ // bit 0 bit 3
+ // | |
+ // v v
+ // 10110000
+ // ^^^^
+ // |
+ // 4 padding bits
+ //
+ // Since bits is the last byte, we have to consider the padding by ensuring
+ // that the least significant 4 bits are all zero, since DER rules require
+ // all padding bits to be zero. Then we have to look at the bit N bits to the
+ // right of the most significant bit, where N is a value from the KeyUsage
+ // enumeration.
+ //
+ // Let's say we're interested in the keyCertSign (5) bit. We'd need to look
+ // at bit 5, which is zero, so keyCertSign is not asserted. (Since we check
+ // that the padding is all zeros, it is OK to read from the padding bits.)
+ //
+ // Let's say we're interested in the digitalSignature (0) bit. We'd need to
+ // look at the bit 0 (the most significant bit), which is set, so that means
+ // digitalSignature is asserted. Similarly, keyEncipherment (2) and
+ // dataEncipherment (3) are asserted.
+ //
+ // Note that since the KeyUsage enumeration is limited to values 0-7, we
+ // only ever need to examine the first byte test for
+ // requiredKeyUsageIfPresent.
+
+ if (requiredKeyUsageIfPresent != KeyUsage::noParticularKeyUsageRequired) {
+ // Check that the required key usage bit is set.
+ if ((bits & KeyUsageToBitMask(requiredKeyUsageIfPresent)) == 0) {
+ return Result::ERROR_INADEQUATE_KEY_USAGE;
+ }
+ }
+
+ // RFC 5280 says "The keyCertSign bit is asserted when the subject public
+ // key is used for verifying signatures on public key certificates. If the
+ // keyCertSign bit is asserted, then the cA bit in the basic constraints
+ // extension (Section 4.2.1.9) MUST also be asserted."
+ // However, we allow end-entity certificates (i.e. certificates without
+ // basicConstraints.cA set to TRUE) to claim keyCertSign for compatibility
+ // reasons. This does not compromise security because we only allow
+ // certificates with basicConstraints.cA set to TRUE to act as CAs.
+ if (requiredKeyUsageIfPresent == KeyUsage::keyCertSign &&
+ endEntityOrCA != EndEntityOrCA::MustBeCA) {
+ return Result::ERROR_INADEQUATE_KEY_USAGE;
+ }
+
+ // The padding applies to the last byte, so skip to the last byte.
+ while (!value.AtEnd()) {
+ if (value.Read(bits) != Success) {
+ return Result::ERROR_INADEQUATE_KEY_USAGE;
+ }
+ }
+
+ // All of the padding bits must be zero, according to DER rules.
+ uint8_t paddingMask = static_cast<uint8_t>((1 << numberOfPaddingBits) - 1);
+ if ((bits & paddingMask) != 0) {
+ return Result::ERROR_INADEQUATE_KEY_USAGE;
+ }
+
+ return Success;
+}
+
+// RFC5820 4.2.1.4. Certificate Policies
+
+// "The user-initial-policy-set contains the special value any-policy if the
+// user is not concerned about certificate policy."
+//
+// python DottedOIDToCode.py anyPolicy 2.5.29.32.0
+
+static const uint8_t anyPolicy[] = {
+ 0x55, 0x1d, 0x20, 0x00
+};
+
+/*static*/ const CertPolicyId CertPolicyId::anyPolicy = {
+ 4, { 0x55, 0x1d, 0x20, 0x00 }
+};
+
+bool
+CertPolicyId::IsAnyPolicy() const {
+ if (this == &CertPolicyId::anyPolicy) {
+ return true;
+ }
+ return numBytes == sizeof(::mozilla::pkix::anyPolicy) &&
+ std::equal(bytes, bytes + numBytes, ::mozilla::pkix::anyPolicy);
+}
+
+bool
+CertPolicyId::operator==(const CertPolicyId& other) const
+{
+ return numBytes == other.numBytes &&
+ std::equal(bytes, bytes + numBytes, other.bytes);
+}
+
+// certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
+Result
+CheckCertificatePolicies(EndEntityOrCA endEntityOrCA,
+ const Input* encodedCertificatePolicies,
+ const Input* encodedInhibitAnyPolicy,
+ TrustLevel trustLevel,
+ const CertPolicyId& requiredPolicy)
+{
+ if (requiredPolicy.numBytes == 0 ||
+ requiredPolicy.numBytes > sizeof requiredPolicy.bytes) {
+ return Result::FATAL_ERROR_INVALID_ARGS;
+ }
+
+ bool requiredPolicyFound = requiredPolicy.IsAnyPolicy();
+ if (requiredPolicyFound) {
+ return Success;
+ }
+
+ // Bug 989051. Until we handle inhibitAnyPolicy we will fail close when
+ // inhibitAnyPolicy extension is present and we are validating for a policy.
+ if (!requiredPolicyFound && encodedInhibitAnyPolicy) {
+ return Result::ERROR_POLICY_VALIDATION_FAILED;
+ }
+
+ // The root CA certificate may omit the policies that it has been
+ // trusted for, so we cannot require the policies to be present in those
+ // certificates. Instead, the determination of which roots are trusted for
+ // which policies is made by the TrustDomain's GetCertTrust method.
+ if (trustLevel == TrustLevel::TrustAnchor &&
+ endEntityOrCA == EndEntityOrCA::MustBeCA) {
+ requiredPolicyFound = true;
+ }
+
+ Input requiredPolicyDER;
+ if (requiredPolicyDER.Init(requiredPolicy.bytes, requiredPolicy.numBytes)
+ != Success) {
+ return Result::FATAL_ERROR_INVALID_ARGS;
+ }
+
+ if (encodedCertificatePolicies) {
+ Reader extension(*encodedCertificatePolicies);
+ Reader certificatePolicies;
+ Result rv = der::ExpectTagAndGetValue(extension, der::SEQUENCE,
+ certificatePolicies);
+ if (rv != Success) {
+ return Result::ERROR_POLICY_VALIDATION_FAILED;
+ }
+ if (!extension.AtEnd()) {
+ return Result::ERROR_POLICY_VALIDATION_FAILED;
+ }
+
+ do {
+ // PolicyInformation ::= SEQUENCE {
+ // policyIdentifier CertPolicyId,
+ // policyQualifiers SEQUENCE SIZE (1..MAX) OF
+ // PolicyQualifierInfo OPTIONAL }
+ Reader policyInformation;
+ rv = der::ExpectTagAndGetValue(certificatePolicies, der::SEQUENCE,
+ policyInformation);
+ if (rv != Success) {
+ return Result::ERROR_POLICY_VALIDATION_FAILED;
+ }
+
+ Reader policyIdentifier;
+ rv = der::ExpectTagAndGetValue(policyInformation, der::OIDTag,
+ policyIdentifier);
+ if (rv != Success) {
+ return rv;
+ }
+
+ if (policyIdentifier.MatchRest(requiredPolicyDER)) {
+ requiredPolicyFound = true;
+ } else if (endEntityOrCA == EndEntityOrCA::MustBeCA &&
+ policyIdentifier.MatchRest(anyPolicy)) {
+ requiredPolicyFound = true;
+ }
+
+ // RFC 5280 Section 4.2.1.4 says "Optional qualifiers, which MAY be
+ // present, are not expected to change the definition of the policy." Also,
+ // it seems that Section 6, which defines validation, does not require any
+ // matching of qualifiers. Thus, doing anything with the policy qualifiers
+ // would be a waste of time and a source of potential incompatibilities, so
+ // we just ignore them.
+ } while (!requiredPolicyFound && !certificatePolicies.AtEnd());
+ }
+
+ if (!requiredPolicyFound) {
+ return Result::ERROR_POLICY_VALIDATION_FAILED;
+ }
+
+ return Success;
+}
+
+static const long UNLIMITED_PATH_LEN = -1; // must be less than zero
+
+// BasicConstraints ::= SEQUENCE {
+// cA BOOLEAN DEFAULT FALSE,
+// pathLenConstraint INTEGER (0..MAX) OPTIONAL }
+
+// RFC5280 4.2.1.9. Basic Constraints (id-ce-basicConstraints)
+Result
+CheckBasicConstraints(EndEntityOrCA endEntityOrCA,
+ const Input* encodedBasicConstraints,
+ const der::Version version, TrustLevel trustLevel,
+ unsigned int subCACount)
+{
+ bool isCA = false;
+ long pathLenConstraint = UNLIMITED_PATH_LEN;
+
+ if (encodedBasicConstraints) {
+ Reader input(*encodedBasicConstraints);
+ Result rv = der::Nested(input, der::SEQUENCE,
+ [&isCA, &pathLenConstraint](Reader& r) {
+ Result nestedRv = der::OptionalBoolean(r, isCA);
+ if (nestedRv != Success) {
+ return nestedRv;
+ }
+ // TODO(bug 985025): If isCA is false, pathLenConstraint
+ // MUST NOT be included (as per RFC 5280 section
+ // 4.2.1.9), but for compatibility reasons, we don't
+ // check this.
+ return der::OptionalInteger(r, UNLIMITED_PATH_LEN, pathLenConstraint);
+ });
+ if (rv != Success) {
+ return Result::ERROR_EXTENSION_VALUE_INVALID;
+ }
+ if (der::End(input) != Success) {
+ return Result::ERROR_EXTENSION_VALUE_INVALID;
+ }
+ } else {
+ // "If the basic constraints extension is not present in a version 3
+ // certificate, or the extension is present but the cA boolean is not
+ // asserted, then the certified public key MUST NOT be used to verify
+ // certificate signatures."
+ //
+ // For compatibility, we must accept v1 trust anchors without basic
+ // constraints as CAs.
+ //
+ // There are devices with v1 certificates that are unlikely to be trust
+ // anchors. In order to allow applications to treat this case differently
+ // from other basic constraints violations (e.g. allowing certificate error
+ // overrides for only this case), we return a different error code.
+ //
+ // TODO: add check for self-signedness?
+ if (endEntityOrCA == EndEntityOrCA::MustBeCA && version == der::Version::v1) {
+ if (trustLevel == TrustLevel::TrustAnchor) {
+ isCA = true;
+ } else {
+ return Result::ERROR_V1_CERT_USED_AS_CA;
+ }
+ }
+ }
+
+ if (endEntityOrCA == EndEntityOrCA::MustBeEndEntity) {
+ // CA certificates are not trusted as EE certs.
+
+ if (isCA) {
+ // Note that this check prevents a delegated OCSP response signing
+ // certificate with the CA bit from successfully validating when we check
+ // it from pkixocsp.cpp, which is a good thing.
+ return Result::ERROR_CA_CERT_USED_AS_END_ENTITY;
+ }
+
+ return Success;
+ }
+
+ assert(endEntityOrCA == EndEntityOrCA::MustBeCA);
+
+ // End-entity certificates are not allowed to act as CA certs.
+ if (!isCA) {
+ return Result::ERROR_CA_CERT_INVALID;
+ }
+
+ if (pathLenConstraint >= 0 &&
+ static_cast<long>(subCACount) > pathLenConstraint) {
+ return Result::ERROR_PATH_LEN_CONSTRAINT_INVALID;
+ }
+
+ return Success;
+}
+
+// 4.2.1.12. Extended Key Usage (id-ce-extKeyUsage)
+
+static Result
+MatchEKU(Reader& value, KeyPurposeId requiredEKU,
+ EndEntityOrCA endEntityOrCA, TrustDomain& trustDomain,
+ Time notBefore, /*in/out*/ bool& found,
+ /*in/out*/ bool& foundOCSPSigning)
+{
+ // See Section 5.9 of "A Layman's Guide to a Subset of ASN.1, BER, and DER"
+ // for a description of ASN.1 DER encoding of OIDs.
+
+ // id-pkix OBJECT IDENTIFIER ::=
+ // { iso(1) identified-organization(3) dod(6) internet(1)
+ // security(5) mechanisms(5) pkix(7) }
+ // id-kp OBJECT IDENTIFIER ::= { id-pkix 3 }
+ // id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 }
+ // id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 }
+ // id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 }
+ // id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 }
+ // id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 }
+ static const uint8_t server[] = { (40*1)+3, 6, 1, 5, 5, 7, 3, 1 };
+ static const uint8_t client[] = { (40*1)+3, 6, 1, 5, 5, 7, 3, 2 };
+ static const uint8_t code [] = { (40*1)+3, 6, 1, 5, 5, 7, 3, 3 };
+ static const uint8_t email [] = { (40*1)+3, 6, 1, 5, 5, 7, 3, 4 };
+ static const uint8_t ocsp [] = { (40*1)+3, 6, 1, 5, 5, 7, 3, 9 };
+
+ // id-Netscape OBJECT IDENTIFIER ::= { 2 16 840 1 113730 }
+ // id-Netscape-policy OBJECT IDENTIFIER ::= { id-Netscape 4 }
+ // id-Netscape-stepUp OBJECT IDENTIFIER ::= { id-Netscape-policy 1 }
+ static const uint8_t serverStepUp[] =
+ { (40*2)+16, 128+6,72, 1, 128+6,128+120,66, 4, 1 };
+
+ bool match = false;
+
+ if (!found) {
+ switch (requiredEKU) {
+ case KeyPurposeId::id_kp_serverAuth: {
+ if (value.MatchRest(server)) {
+ match = true;
+ break;
+ }
+ // Potentially treat CA certs with step-up OID as also having SSL server
+ // type. Comodo has issued certificates that require this behavior that
+ // don't expire until June 2020!
+ if (endEntityOrCA == EndEntityOrCA::MustBeCA &&
+ value.MatchRest(serverStepUp)) {
+ Result rv = trustDomain.NetscapeStepUpMatchesServerAuth(notBefore,
+ match);
+ if (rv != Success) {
+ return rv;
+ }
+ }
+ break;
+ }
+
+ case KeyPurposeId::id_kp_clientAuth:
+ match = value.MatchRest(client);
+ break;
+
+ case KeyPurposeId::id_kp_codeSigning:
+ match = value.MatchRest(code);
+ break;
+
+ case KeyPurposeId::id_kp_emailProtection:
+ match = value.MatchRest(email);
+ break;
+
+ case KeyPurposeId::id_kp_OCSPSigning:
+ match = value.MatchRest(ocsp);
+ break;
+
+ case KeyPurposeId::anyExtendedKeyUsage:
+ return NotReached("anyExtendedKeyUsage should start with found==true",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+ }
+
+ if (match) {
+ found = true;
+ if (requiredEKU == KeyPurposeId::id_kp_OCSPSigning) {
+ foundOCSPSigning = true;
+ }
+ } else if (value.MatchRest(ocsp)) {
+ foundOCSPSigning = true;
+ }
+
+ value.SkipToEnd(); // ignore unmatched OIDs.
+
+ return Success;
+}
+
+Result
+CheckExtendedKeyUsage(EndEntityOrCA endEntityOrCA,
+ const Input* encodedExtendedKeyUsage,
+ KeyPurposeId requiredEKU, TrustDomain& trustDomain,
+ Time notBefore)
+{
+ // XXX: We're using Result::ERROR_INADEQUATE_CERT_TYPE here so that callers
+ // can distinguish EKU mismatch from KU mismatch from basic constraints
+ // mismatch. We should probably add a new error code that is more clear for
+ // this type of problem.
+
+ bool foundOCSPSigning = false;
+
+ if (encodedExtendedKeyUsage) {
+ bool found = requiredEKU == KeyPurposeId::anyExtendedKeyUsage;
+
+ Reader input(*encodedExtendedKeyUsage);
+ Result rv = der::NestedOf(input, der::SEQUENCE, der::OIDTag,
+ der::EmptyAllowed::No, [&](Reader& r) {
+ return MatchEKU(r, requiredEKU, endEntityOrCA, trustDomain, notBefore,
+ found, foundOCSPSigning);
+ });
+ if (rv != Success) {
+ return Result::ERROR_INADEQUATE_CERT_TYPE;
+ }
+ if (der::End(input) != Success) {
+ return Result::ERROR_INADEQUATE_CERT_TYPE;
+ }
+
+ // If the EKU extension was included, then the required EKU must be in the
+ // list.
+ if (!found) {
+ return Result::ERROR_INADEQUATE_CERT_TYPE;
+ }
+ }
+
+ // pkixocsp.cpp depends on the following additional checks.
+
+ if (endEntityOrCA == EndEntityOrCA::MustBeEndEntity) {
+ // When validating anything other than an delegated OCSP signing cert,
+ // reject any cert that also claims to be an OCSP responder, because such
+ // a cert does not make sense. For example, if an SSL certificate were to
+ // assert id-kp-OCSPSigning then it could sign OCSP responses for itself,
+ // if not for this check.
+ // That said, we accept CA certificates with id-kp-OCSPSigning because
+ // some CAs in Mozilla's CA program have issued such intermediate
+ // certificates, and because some CAs have reported some Microsoft server
+ // software wrongly requires CA certificates to have id-kp-OCSPSigning.
+ // Allowing this exception does not cause any security issues because we
+ // require delegated OCSP response signing certificates to be end-entity
+ // certificates.
+ if (foundOCSPSigning && requiredEKU != KeyPurposeId::id_kp_OCSPSigning) {
+ return Result::ERROR_INADEQUATE_CERT_TYPE;
+ }
+ // http://tools.ietf.org/html/rfc6960#section-4.2.2.2:
+ // "OCSP signing delegation SHALL be designated by the inclusion of
+ // id-kp-OCSPSigning in an extended key usage certificate extension
+ // included in the OCSP response signer's certificate."
+ //
+ // id-kp-OCSPSigning is the only EKU that isn't implicitly assumed when the
+ // EKU extension is missing from an end-entity certificate. However, any CA
+ // certificate can issue a delegated OCSP response signing certificate, so
+ // we can't require the EKU be explicitly included for CA certificates.
+ if (!foundOCSPSigning && requiredEKU == KeyPurposeId::id_kp_OCSPSigning) {
+ return Result::ERROR_INADEQUATE_CERT_TYPE;
+ }
+ }
+
+ return Success;
+}
+
+Result
+CheckTLSFeatures(const BackCert& subject, BackCert& potentialIssuer)
+{
+ const Input* issuerTLSFeatures = potentialIssuer.GetRequiredTLSFeatures();
+ if (!issuerTLSFeatures) {
+ return Success;
+ }
+
+ const Input* subjectTLSFeatures = subject.GetRequiredTLSFeatures();
+ if (issuerTLSFeatures->GetLength() == 0 ||
+ !subjectTLSFeatures ||
+ !InputsAreEqual(*issuerTLSFeatures, *subjectTLSFeatures)) {
+ return Result::ERROR_REQUIRED_TLS_FEATURE_MISSING;
+ }
+
+ return Success;
+}
+
+Result
+TLSFeaturesSatisfiedInternal(const Input* requiredTLSFeatures,
+ const Input* stapledOCSPResponse)
+{
+ if (!requiredTLSFeatures) {
+ return Success;
+ }
+
+ // RFC 6066 10.2: ExtensionType status_request
+ const static uint8_t status_request = 5;
+ const static uint8_t status_request_bytes[] = { status_request };
+
+ Reader input(*requiredTLSFeatures);
+ return der::NestedOf(input, der::SEQUENCE, der::INTEGER,
+ der::EmptyAllowed::No, [&](Reader& r) {
+ if (!r.MatchRest(status_request_bytes)) {
+ return Result::ERROR_REQUIRED_TLS_FEATURE_MISSING;
+ }
+
+ if (!stapledOCSPResponse) {
+ return Result::ERROR_REQUIRED_TLS_FEATURE_MISSING;
+ }
+
+ return Result::Success;
+ });
+}
+
+Result
+CheckTLSFeaturesAreSatisfied(Input& cert,
+ const Input* stapledOCSPResponse)
+{
+ BackCert backCert(cert, EndEntityOrCA::MustBeEndEntity, nullptr);
+ Result rv = backCert.Init();
+ if (rv != Success) {
+ return rv;
+ }
+
+ return TLSFeaturesSatisfiedInternal(backCert.GetRequiredTLSFeatures(),
+ stapledOCSPResponse);
+}
+
+Result
+CheckIssuerIndependentProperties(TrustDomain& trustDomain,
+ const BackCert& cert,
+ Time time,
+ KeyUsage requiredKeyUsageIfPresent,
+ KeyPurposeId requiredEKUIfPresent,
+ const CertPolicyId& requiredPolicy,
+ unsigned int subCACount,
+ /*out*/ TrustLevel& trustLevel)
+{
+ Result rv;
+
+ const EndEntityOrCA endEntityOrCA = cert.endEntityOrCA;
+
+ // Check the cert's trust first, because we want to minimize the amount of
+ // processing we do on a distrusted cert, in case it is trying to exploit
+ // some bug in our processing.
+ rv = trustDomain.GetCertTrust(endEntityOrCA, requiredPolicy, cert.GetDER(),
+ trustLevel);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // IMPORTANT: We parse the validity interval here, so that we can use the
+ // notBefore and notAfter values in checks for things that might be deprecated
+ // over time. However, we must not fail for semantic errors until the end of
+ // this method, in order to preserve error ranking.
+ Time notBefore(Time::uninitialized);
+ Time notAfter(Time::uninitialized);
+ rv = ParseValidity(cert.GetValidity(), ¬Before, ¬After);
+ if (rv != Success) {
+ return rv;
+ }
+
+ if (trustLevel == TrustLevel::TrustAnchor &&
+ endEntityOrCA == EndEntityOrCA::MustBeEndEntity &&
+ requiredEKUIfPresent == KeyPurposeId::id_kp_OCSPSigning) {
+ // OCSP signer certificates can never be trust anchors, especially
+ // since we don't support designated OCSP responders. All of the checks
+ // below that are dependent on trustLevel rely on this overriding of the
+ // trust level for OCSP signers.
+ trustLevel = TrustLevel::InheritsTrust;
+ }
+
+ switch (trustLevel) {
+ case TrustLevel::InheritsTrust:
+ rv = CheckSignatureAlgorithm(trustDomain, endEntityOrCA, notBefore,
+ cert.GetSignedData(), cert.GetSignature());
+ if (rv != Success) {
+ return rv;
+ }
+ break;
+
+ case TrustLevel::TrustAnchor:
+ // We don't even bother checking signatureAlgorithm or signature for
+ // syntactic validity for trust anchors, because we don't use those
+ // fields for anything, and because the trust anchor might be signed
+ // with a signature algorithm we don't actually support.
+ break;
+
+ case TrustLevel::ActivelyDistrusted:
+ return Result::ERROR_UNTRUSTED_CERT;
+ }
+
+ // Check the SPKI early, because it is one of the most selective properties
+ // of the certificate due to SHA-1 deprecation and the deprecation of
+ // certificates with keys weaker than RSA 2048.
+ rv = CheckSubjectPublicKeyInfo(cert.GetSubjectPublicKeyInfo(), trustDomain,
+ endEntityOrCA);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // 4.1.2.4. Issuer
+ rv = CheckIssuer(cert.GetIssuer());
+ if (rv != Success) {
+ return rv;
+ }
+
+ // 4.2.1.1. Authority Key Identifier is ignored (see bug 965136).
+
+ // 4.2.1.2. Subject Key Identifier is ignored (see bug 965136).
+
+ // 4.2.1.3. Key Usage
+ rv = CheckKeyUsage(endEntityOrCA, cert.GetKeyUsage(),
+ requiredKeyUsageIfPresent);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // 4.2.1.4. Certificate Policies
+ rv = CheckCertificatePolicies(endEntityOrCA, cert.GetCertificatePolicies(),
+ cert.GetInhibitAnyPolicy(), trustLevel,
+ requiredPolicy);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // 4.2.1.5. Policy Mappings are not supported; see the documentation about
+ // policy enforcement in pkix.h.
+
+ // 4.2.1.6. Subject Alternative Name dealt with during name constraint
+ // checking and during name verification (CERT_VerifyCertName).
+
+ // 4.2.1.7. Issuer Alternative Name is not something that needs checking.
+
+ // 4.2.1.8. Subject Directory Attributes is not something that needs
+ // checking.
+
+ // 4.2.1.9. Basic Constraints.
+ rv = CheckBasicConstraints(endEntityOrCA, cert.GetBasicConstraints(),
+ cert.GetVersion(), trustLevel, subCACount);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // 4.2.1.10. Name Constraints is dealt with in during path building.
+
+ // 4.2.1.11. Policy Constraints are implicitly supported; see the
+ // documentation about policy enforcement in pkix.h.
+
+ // 4.2.1.12. Extended Key Usage
+ rv = CheckExtendedKeyUsage(endEntityOrCA, cert.GetExtKeyUsage(),
+ requiredEKUIfPresent, trustDomain, notBefore);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // 4.2.1.13. CRL Distribution Points is not supported, though the
+ // TrustDomain's CheckRevocation method may parse it and process it
+ // on its own.
+
+ // 4.2.1.14. Inhibit anyPolicy is implicitly supported; see the documentation
+ // about policy enforcement in pkix.h.
+
+ // IMPORTANT: Even though we parse validity above, we wait until this point to
+ // check it, so that error ranking works correctly.
+ rv = CheckValidity(time, notBefore, notAfter);
+ if (rv != Success) {
+ return rv;
+ }
+
+ rv = trustDomain.CheckValidityIsAcceptable(notBefore, notAfter, endEntityOrCA,
+ requiredEKUIfPresent);
+ if (rv != Success) {
+ return rv;
+ }
+
+ return Success;
+}
+
+} } // namespace mozilla::pkix
diff --git a/security/nss/lib/mozpkix/lib/pkixder.cpp b/security/nss/lib/mozpkix/lib/pkixder.cpp
new file mode 100644
index 000000000..152d11a23
--- /dev/null
+++ b/security/nss/lib/mozpkix/lib/pkixder.cpp
@@ -0,0 +1,611 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "mozpkix/pkixder.h"
+
+#include "mozpkix/pkixutil.h"
+
+namespace mozilla { namespace pkix { namespace der {
+
+// Too complicated to be inline
+Result
+ReadTagAndGetValue(Reader& input, /*out*/ uint8_t& tag, /*out*/ Input& value)
+{
+ Result rv;
+
+ rv = input.Read(tag);
+ if (rv != Success) {
+ return rv;
+ }
+ if ((tag & 0x1F) == 0x1F) {
+ return Result::ERROR_BAD_DER; // high tag number form not allowed
+ }
+
+ uint16_t length;
+
+ // The short form of length is a single byte with the high order bit set
+ // to zero. The long form of length is one byte with the high order bit
+ // set, followed by N bytes, where N is encoded in the lowest 7 bits of
+ // the first byte.
+ uint8_t length1;
+ rv = input.Read(length1);
+ if (rv != Success) {
+ return rv;
+ }
+ if (!(length1 & 0x80)) {
+ length = length1;
+ } else if (length1 == 0x81) {
+ uint8_t length2;
+ rv = input.Read(length2);
+ if (rv != Success) {
+ return rv;
+ }
+ if (length2 < 128) {
+ // Not shortest possible encoding
+ return Result::ERROR_BAD_DER;
+ }
+ length = length2;
+ } else if (length1 == 0x82) {
+ rv = input.Read(length);
+ if (rv != Success) {
+ return rv;
+ }
+ if (length < 256) {
+ // Not shortest possible encoding
+ return Result::ERROR_BAD_DER;
+ }
+ } else {
+ // We don't support lengths larger than 2^16 - 1.
+ return Result::ERROR_BAD_DER;
+ }
+
+ return input.Skip(length, value);
+}
+
+static Result
+OptionalNull(Reader& input)
+{
+ if (input.Peek(NULLTag)) {
+ return Null(input);
+ }
+ return Success;
+}
+
+namespace {
+
+Result
+AlgorithmIdentifierValue(Reader& input, /*out*/ Reader& algorithmOIDValue)
+{
+ Result rv = ExpectTagAndGetValue(input, der::OIDTag, algorithmOIDValue);
+ if (rv != Success) {
+ return rv;
+ }
+ return OptionalNull(input);
+}
+
+} // namespace
+
+Result
+SignatureAlgorithmIdentifierValue(Reader& input,
+ /*out*/ PublicKeyAlgorithm& publicKeyAlgorithm,
+ /*out*/ DigestAlgorithm& digestAlgorithm)
+{
+ // RFC 5758 Section 3.2 (ECDSA with SHA-2), and RFC 3279 Section 2.2.3
+ // (ECDSA with SHA-1) say that parameters must be omitted.
+ //
+ // RFC 4055 Section 5 and RFC 3279 Section 2.2.1 both say that parameters for
+ // RSA must be encoded as NULL; we relax that requirement by allowing the
+ // NULL to be omitted, to match all the other signature algorithms we support
+ // and for compatibility.
+ Reader algorithmID;
+ Result rv = AlgorithmIdentifierValue(input, algorithmID);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // RFC 5758 Section 3.2 (ecdsa-with-SHA224 is intentionally excluded)
+ // python DottedOIDToCode.py ecdsa-with-SHA256 1.2.840.10045.4.3.2
+ static const uint8_t ecdsa_with_SHA256[] = {
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02
+ };
+ // python DottedOIDToCode.py ecdsa-with-SHA384 1.2.840.10045.4.3.3
+ static const uint8_t ecdsa_with_SHA384[] = {
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x03
+ };
+ // python DottedOIDToCode.py ecdsa-with-SHA512 1.2.840.10045.4.3.4
+ static const uint8_t ecdsa_with_SHA512[] = {
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04
+ };
+
+ // RFC 4055 Section 5 (sha224WithRSAEncryption is intentionally excluded)
+ // python DottedOIDToCode.py sha256WithRSAEncryption 1.2.840.113549.1.1.11
+ static const uint8_t sha256WithRSAEncryption[] = {
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b
+ };
+ // python DottedOIDToCode.py sha384WithRSAEncryption 1.2.840.113549.1.1.12
+ static const uint8_t sha384WithRSAEncryption[] = {
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0c
+ };
+ // python DottedOIDToCode.py sha512WithRSAEncryption 1.2.840.113549.1.1.13
+ static const uint8_t sha512WithRSAEncryption[] = {
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d
+ };
+
+ // RFC 3279 Section 2.2.1
+ // python DottedOIDToCode.py sha-1WithRSAEncryption 1.2.840.113549.1.1.5
+ static const uint8_t sha_1WithRSAEncryption[] = {
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05
+ };
+
+ // NIST Open Systems Environment (OSE) Implementor's Workshop (OIW)
+ // http://www.oiw.org/agreements/stable/12s-9412.txt (no longer works).
+ // http://www.imc.org/ietf-pkix/old-archive-97/msg01166.html
+ // We need to support this this non-PKIX OID for compatibility.
+ // python DottedOIDToCode.py sha1WithRSASignature 1.3.14.3.2.29
+ static const uint8_t sha1WithRSASignature[] = {
+ 0x2b, 0x0e, 0x03, 0x02, 0x1d
+ };
+
+ // RFC 3279 Section 2.2.3
+ // python DottedOIDToCode.py ecdsa-with-SHA1 1.2.840.10045.4.1
+ static const uint8_t ecdsa_with_SHA1[] = {
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01
+ };
+
+ // Matching is attempted based on a rough estimate of the commonality of the
+ // algorithm, to minimize the number of MatchRest calls.
+ if (algorithmID.MatchRest(sha256WithRSAEncryption)) {
+ publicKeyAlgorithm = PublicKeyAlgorithm::RSA_PKCS1;
+ digestAlgorithm = DigestAlgorithm::sha256;
+ } else if (algorithmID.MatchRest(ecdsa_with_SHA256)) {
+ publicKeyAlgorithm = PublicKeyAlgorithm::ECDSA;
+ digestAlgorithm = DigestAlgorithm::sha256;
+ } else if (algorithmID.MatchRest(sha_1WithRSAEncryption)) {
+ publicKeyAlgorithm = PublicKeyAlgorithm::RSA_PKCS1;
+ digestAlgorithm = DigestAlgorithm::sha1;
+ } else if (algorithmID.MatchRest(ecdsa_with_SHA1)) {
+ publicKeyAlgorithm = PublicKeyAlgorithm::ECDSA;
+ digestAlgorithm = DigestAlgorithm::sha1;
+ } else if (algorithmID.MatchRest(ecdsa_with_SHA384)) {
+ publicKeyAlgorithm = PublicKeyAlgorithm::ECDSA;
+ digestAlgorithm = DigestAlgorithm::sha384;
+ } else if (algorithmID.MatchRest(ecdsa_with_SHA512)) {
+ publicKeyAlgorithm = PublicKeyAlgorithm::ECDSA;
+ digestAlgorithm = DigestAlgorithm::sha512;
+ } else if (algorithmID.MatchRest(sha384WithRSAEncryption)) {
+ publicKeyAlgorithm = PublicKeyAlgorithm::RSA_PKCS1;
+ digestAlgorithm = DigestAlgorithm::sha384;
+ } else if (algorithmID.MatchRest(sha512WithRSAEncryption)) {
+ publicKeyAlgorithm = PublicKeyAlgorithm::RSA_PKCS1;
+ digestAlgorithm = DigestAlgorithm::sha512;
+ } else if (algorithmID.MatchRest(sha1WithRSASignature)) {
+ // XXX(bug 1042479): recognize this old OID for compatibility.
+ publicKeyAlgorithm = PublicKeyAlgorithm::RSA_PKCS1;
+ digestAlgorithm = DigestAlgorithm::sha1;
+ } else {
+ return Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED;
+ }
+
+ return Success;
+}
+
+Result
+DigestAlgorithmIdentifier(Reader& input, /*out*/ DigestAlgorithm& algorithm)
+{
+ return der::Nested(input, SEQUENCE, [&algorithm](Reader& r) -> Result {
+ Reader algorithmID;
+ Result rv = AlgorithmIdentifierValue(r, algorithmID);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // RFC 4055 Section 2.1
+ // python DottedOIDToCode.py id-sha1 1.3.14.3.2.26
+ static const uint8_t id_sha1[] = {
+ 0x2b, 0x0e, 0x03, 0x02, 0x1a
+ };
+ // python DottedOIDToCode.py id-sha256 2.16.840.1.101.3.4.2.1
+ static const uint8_t id_sha256[] = {
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
+ };
+ // python DottedOIDToCode.py id-sha384 2.16.840.1.101.3.4.2.2
+ static const uint8_t id_sha384[] = {
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
+ };
+ // python DottedOIDToCode.py id-sha512 2.16.840.1.101.3.4.2.3
+ static const uint8_t id_sha512[] = {
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
+ };
+
+ // Matching is attempted based on a rough estimate of the commonality of the
+ // algorithm, to minimize the number of MatchRest calls.
+ if (algorithmID.MatchRest(id_sha1)) {
+ algorithm = DigestAlgorithm::sha1;
+ } else if (algorithmID.MatchRest(id_sha256)) {
+ algorithm = DigestAlgorithm::sha256;
+ } else if (algorithmID.MatchRest(id_sha384)) {
+ algorithm = DigestAlgorithm::sha384;
+ } else if (algorithmID.MatchRest(id_sha512)) {
+ algorithm = DigestAlgorithm::sha512;
+ } else {
+ return Result::ERROR_INVALID_ALGORITHM;
+ }
+
+ return Success;
+ });
+}
+
+Result
+SignedData(Reader& input, /*out*/ Reader& tbs,
+ /*out*/ SignedDataWithSignature& signedData)
+{
+ Reader::Mark mark(input.GetMark());
+
+ Result rv;
+ rv = ExpectTagAndGetValue(input, SEQUENCE, tbs);
+ if (rv != Success) {
+ return rv;
+ }
+
+ rv = input.GetInput(mark, signedData.data);
+ if (rv != Success) {
+ return rv;
+ }
+
+ rv = ExpectTagAndGetValue(input, der::SEQUENCE, signedData.algorithm);
+ if (rv != Success) {
+ return rv;
+ }
+
+ rv = BitStringWithNoUnusedBits(input, signedData.signature);
+ if (rv == Result::ERROR_BAD_DER) {
+ rv = Result::ERROR_BAD_SIGNATURE;
+ }
+ return rv;
+}
+
+Result
+BitStringWithNoUnusedBits(Reader& input, /*out*/ Input& value)
+{
+ Reader valueWithUnusedBits;
+ Result rv = ExpectTagAndGetValue(input, BIT_STRING, valueWithUnusedBits);
+ if (rv != Success) {
+ return rv;
+ }
+
+ uint8_t unusedBitsAtEnd;
+ if (valueWithUnusedBits.Read(unusedBitsAtEnd) != Success) {
+ return Result::ERROR_BAD_DER;
+ }
+ // XXX: Really the constraint should be that unusedBitsAtEnd must be less
+ // than 7. But, we suspect there are no real-world values in OCSP responses
+ // or certificates with non-zero unused bits. It seems like NSS assumes this
+ // in various places, so we enforce it too in order to simplify this code. If
+ // we find compatibility issues, we'll know we're wrong and we'll have to
+ // figure out how to shift the bits around.
+ if (unusedBitsAtEnd != 0) {
+ return Result::ERROR_BAD_DER;
+ }
+ return valueWithUnusedBits.SkipToEnd(value);
+}
+
+static inline Result
+ReadDigit(Reader& input, /*out*/ unsigned int& value)
+{
+ uint8_t b;
+ if (input.Read(b) != Success) {
+ return Result::ERROR_INVALID_DER_TIME;
+ }
+ if (b < '0' || b > '9') {
+ return Result::ERROR_INVALID_DER_TIME;
+ }
+ value = static_cast<unsigned int>(b - static_cast<uint8_t>('0'));
+ return Success;
+}
+
+static inline Result
+ReadTwoDigits(Reader& input, unsigned int minValue, unsigned int maxValue,
+ /*out*/ unsigned int& value)
+{
+ unsigned int hi;
+ Result rv = ReadDigit(input, hi);
+ if (rv != Success) {
+ return rv;
+ }
+ unsigned int lo;
+ rv = ReadDigit(input, lo);
+ if (rv != Success) {
+ return rv;
+ }
+ value = (hi * 10) + lo;
+ if (value < minValue || value > maxValue) {
+ return Result::ERROR_INVALID_DER_TIME;
+ }
+ return Success;
+}
+
+namespace internal {
+
+// We parse GeneralizedTime and UTCTime according to RFC 5280 and we do not
+// accept all time formats allowed in the ASN.1 spec. That is,
+// GeneralizedTime must always be in the format YYYYMMDDHHMMSSZ and UTCTime
+// must always be in the format YYMMDDHHMMSSZ. Timezone formats of the form
+// +HH:MM or -HH:MM or NOT accepted.
+Result
+TimeChoice(Reader& tagged, uint8_t expectedTag, /*out*/ Time& time)
+{
+ unsigned int days;
+
+ Reader input;
+ Result rv = ExpectTagAndGetValue(tagged, expectedTag, input);
+ if (rv != Success) {
+ return rv;
+ }
+
+ unsigned int yearHi;
+ unsigned int yearLo;
+ if (expectedTag == GENERALIZED_TIME) {
+ rv = ReadTwoDigits(input, 0, 99, yearHi);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = ReadTwoDigits(input, 0, 99, yearLo);
+ if (rv != Success) {
+ return rv;
+ }
+ } else if (expectedTag == UTCTime) {
+ rv = ReadTwoDigits(input, 0, 99, yearLo);
+ if (rv != Success) {
+ return rv;
+ }
+ yearHi = yearLo >= 50u ? 19u : 20u;
+ } else {
+ return NotReached("invalid tag given to TimeChoice",
+ Result::ERROR_INVALID_DER_TIME);
+ }
+ unsigned int year = (yearHi * 100u) + yearLo;
+ if (year < 1970u) {
+ // We don't support dates before January 1, 1970 because that is the epoch.
+ return Result::ERROR_INVALID_DER_TIME;
+ }
+ days = DaysBeforeYear(year);
+
+ unsigned int month;
+ rv = ReadTwoDigits(input, 1u, 12u, month);
+ if (rv != Success) {
+ return rv;
+ }
+ unsigned int daysInMonth;
+ static const unsigned int jan = 31u;
+ const unsigned int feb = ((year % 4u == 0u) &&
+ ((year % 100u != 0u) || (year % 400u == 0u)))
+ ? 29u
+ : 28u;
+ static const unsigned int mar = 31u;
+ static const unsigned int apr = 30u;
+ static const unsigned int may = 31u;
+ static const unsigned int jun = 30u;
+ static const unsigned int jul = 31u;
+ static const unsigned int aug = 31u;
+ static const unsigned int sep = 30u;
+ static const unsigned int oct = 31u;
+ static const unsigned int nov = 30u;
+ static const unsigned int dec = 31u;
+ switch (month) {
+ case 1: daysInMonth = jan; break;
+ case 2: daysInMonth = feb; days += jan; break;
+ case 3: daysInMonth = mar; days += jan + feb; break;
+ case 4: daysInMonth = apr; days += jan + feb + mar; break;
+ case 5: daysInMonth = may; days += jan + feb + mar + apr; break;
+ case 6: daysInMonth = jun; days += jan + feb + mar + apr + may; break;
+ case 7: daysInMonth = jul; days += jan + feb + mar + apr + may + jun;
+ break;
+ case 8: daysInMonth = aug; days += jan + feb + mar + apr + may + jun +
+ jul;
+ break;
+ case 9: daysInMonth = sep; days += jan + feb + mar + apr + may + jun +
+ jul + aug;
+ break;
+ case 10: daysInMonth = oct; days += jan + feb + mar + apr + may + jun +
+ jul + aug + sep;
+ break;
+ case 11: daysInMonth = nov; days += jan + feb + mar + apr + may + jun +
+ jul + aug + sep + oct;
+ break;
+ case 12: daysInMonth = dec; days += jan + feb + mar + apr + may + jun +
+ jul + aug + sep + oct + nov;
+ break;
+ default:
+ return NotReached("month already bounds-checked by ReadTwoDigits",
+ Result::FATAL_ERROR_INVALID_STATE);
+ }
+
+ unsigned int dayOfMonth;
+ rv = ReadTwoDigits(input, 1u, daysInMonth, dayOfMonth);
+ if (rv != Success) {
+ return rv;
+ }
+ days += dayOfMonth - 1;
+
+ unsigned int hours;
+ rv = ReadTwoDigits(input, 0u, 23u, hours);
+ if (rv != Success) {
+ return rv;
+ }
+ unsigned int minutes;
+ rv = ReadTwoDigits(input, 0u, 59u, minutes);
+ if (rv != Success) {
+ return rv;
+ }
+ unsigned int seconds;
+ rv = ReadTwoDigits(input, 0u, 59u, seconds);
+ if (rv != Success) {
+ return rv;
+ }
+
+ uint8_t b;
+ if (input.Read(b) != Success) {
+ return Result::ERROR_INVALID_DER_TIME;
+ }
+ if (b != 'Z') {
+ return Result::ERROR_INVALID_DER_TIME;
+ }
+ if (End(input) != Success) {
+ return Result::ERROR_INVALID_DER_TIME;
+ }
+
+ uint64_t totalSeconds = (static_cast<uint64_t>(days) * 24u * 60u * 60u) +
+ (static_cast<uint64_t>(hours) * 60u * 60u) +
+ (static_cast<uint64_t>(minutes) * 60u) +
+ seconds;
+
+ time = TimeFromElapsedSecondsAD(totalSeconds);
+ return Success;
+}
+
+Result
+IntegralBytes(Reader& input, uint8_t tag,
+ IntegralValueRestriction valueRestriction,
+ /*out*/ Input& value,
+ /*optional out*/ Input::size_type* significantBytes)
+{
+ Result rv = ExpectTagAndGetValue(input, tag, value);
+ if (rv != Success) {
+ return rv;
+ }
+ Reader reader(value);
+
+ // There must be at least one byte in the value. (Zero is encoded with a
+ // single 0x00 value byte.)
+ uint8_t firstByte;
+ rv = reader.Read(firstByte);
+ if (rv != Success) {
+ if (rv == Result::ERROR_BAD_DER) {
+ return Result::ERROR_INVALID_INTEGER_ENCODING;
+ }
+
+ return rv;
+ }
+
+ // If there is a byte after an initial 0x00/0xFF, then the initial byte
+ // indicates a positive/negative integer value with its high bit set/unset.
+ bool prefixed = !reader.AtEnd() && (firstByte == 0 || firstByte == 0xff);
+
+ if (prefixed) {
+ uint8_t nextByte;
+ if (reader.Read(nextByte) != Success) {
+ return NotReached("Read of one byte failed but not at end.",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+ if ((firstByte & 0x80) == (nextByte & 0x80)) {
+ return Result::ERROR_INVALID_INTEGER_ENCODING;
+ }
+ }
+
+ switch (valueRestriction) {
+ case IntegralValueRestriction::MustBe0To127:
+ if (value.GetLength() != 1 || (firstByte & 0x80) != 0) {
+ return Result::ERROR_INVALID_INTEGER_ENCODING;
+ }
+ break;
+
+ case IntegralValueRestriction::MustBePositive:
+ if ((value.GetLength() == 1 && firstByte == 0) ||
+ (firstByte & 0x80) != 0) {
+ return Result::ERROR_INVALID_INTEGER_ENCODING;
+ }
+ break;
+
+ case IntegralValueRestriction::NoRestriction:
+ break;
+ }
+
+ if (significantBytes) {
+ *significantBytes = value.GetLength();
+ if (prefixed) {
+ assert(*significantBytes > 1);
+ --*significantBytes;
+ }
+
+ assert(*significantBytes > 0);
+ }
+
+ return Success;
+}
+
+// This parser will only parse values between 0..127. If this range is
+// increased then callers will need to be changed.
+Result
+IntegralValue(Reader& input, uint8_t tag, /*out*/ uint8_t& value)
+{
+ // Conveniently, all the Integers that we actually have to be able to parse
+ // are positive and very small. Consequently, this parser is *much* simpler
+ // than a general Integer parser would need to be.
+ Input valueBytes;
+ Result rv = IntegralBytes(input, tag, IntegralValueRestriction::MustBe0To127,
+ valueBytes, nullptr);
+ if (rv != Success) {
+ return rv;
+ }
+ Reader valueReader(valueBytes);
+ rv = valueReader.Read(value);
+ if (rv != Success) {
+ return NotReached("IntegralBytes already validated the value.", rv);
+ }
+ rv = End(valueReader);
+ assert(rv == Success); // guaranteed by IntegralBytes's range checks.
+ return rv;
+}
+
+} // namespace internal
+
+Result
+OptionalVersion(Reader& input, /*out*/ Version& version)
+{
+ static const uint8_t TAG = CONTEXT_SPECIFIC | CONSTRUCTED | 0;
+ if (!input.Peek(TAG)) {
+ version = Version::v1;
+ return Success;
+ }
+ return Nested(input, TAG, [&version](Reader& value) -> Result {
+ uint8_t integerValue;
+ Result rv = Integer(value, integerValue);
+ if (rv != Success) {
+ return rv;
+ }
+ // XXX(bug 1031093): We shouldn't accept an explicit encoding of v1,
+ // but we do here for compatibility reasons.
+ switch (integerValue) {
+ case static_cast<uint8_t>(Version::v3): version = Version::v3; break;
+ case static_cast<uint8_t>(Version::v2): version = Version::v2; break;
+ case static_cast<uint8_t>(Version::v1): version = Version::v1; break;
+ case static_cast<uint8_t>(Version::v4): version = Version::v4; break;
+ default:
+ return Result::ERROR_BAD_DER;
+ }
+ return Success;
+ });
+}
+
+} } } // namespace mozilla::pkix::der
diff --git a/security/nss/lib/mozpkix/lib/pkixnames.cpp b/security/nss/lib/mozpkix/lib/pkixnames.cpp
new file mode 100644
index 000000000..6f40800d7
--- /dev/null
+++ b/security/nss/lib/mozpkix/lib/pkixnames.cpp
@@ -0,0 +1,2050 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2014 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// This code implements RFC6125-ish name matching, RFC5280-ish name constraint
+// checking, and related things.
+//
+// In this code, identifiers are classified as either "presented" or
+// "reference" identifiers are defined in
+// http://tools.ietf.org/html/rfc6125#section-1.8. A "presented identifier" is
+// one in the subjectAltName of the certificate, or sometimes within a CN of
+// the certificate's subject. The "reference identifier" is the one we are
+// being asked to match the certificate against. When checking name
+// constraints, the reference identifier is the entire encoded name constraint
+// extension value.
+
+#include <algorithm>
+
+#include "mozpkix/pkixcheck.h"
+#include "mozpkix/pkixutil.h"
+
+namespace mozilla { namespace pkix {
+
+namespace {
+
+// GeneralName ::= CHOICE {
+// otherName [0] OtherName,
+// rfc822Name [1] IA5String,
+// dNSName [2] IA5String,
+// x400Address [3] ORAddress,
+// directoryName [4] Name,
+// ediPartyName [5] EDIPartyName,
+// uniformResourceIdentifier [6] IA5String,
+// iPAddress [7] OCTET STRING,
+// registeredID [8] OBJECT IDENTIFIER }
+enum class GeneralNameType : uint8_t
+{
+ // Note that these values are NOT contiguous. Some values have the
+ // der::CONSTRUCTED bit set while others do not.
+ // (The der::CONSTRUCTED bit is for types where the value is a SEQUENCE.)
+ otherName = der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 0,
+ rfc822Name = der::CONTEXT_SPECIFIC | 1,
+ dNSName = der::CONTEXT_SPECIFIC | 2,
+ x400Address = der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 3,
+ directoryName = der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 4,
+ ediPartyName = der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 5,
+ uniformResourceIdentifier = der::CONTEXT_SPECIFIC | 6,
+ iPAddress = der::CONTEXT_SPECIFIC | 7,
+ registeredID = der::CONTEXT_SPECIFIC | 8,
+ // nameConstraints is a pseudo-GeneralName used to signify that a
+ // reference ID is actually the entire name constraint extension.
+ nameConstraints = 0xff
+};
+
+inline Result
+ReadGeneralName(Reader& reader,
+ /*out*/ GeneralNameType& generalNameType,
+ /*out*/ Input& value)
+{
+ uint8_t tag;
+ Result rv = der::ReadTagAndGetValue(reader, tag, value);
+ if (rv != Success) {
+ return rv;
+ }
+ switch (tag) {
+ case static_cast<uint8_t>(GeneralNameType::otherName):
+ generalNameType = GeneralNameType::otherName;
+ break;
+ case static_cast<uint8_t>(GeneralNameType::rfc822Name):
+ generalNameType = GeneralNameType::rfc822Name;
+ break;
+ case static_cast<uint8_t>(GeneralNameType::dNSName):
+ generalNameType = GeneralNameType::dNSName;
+ break;
+ case static_cast<uint8_t>(GeneralNameType::x400Address):
+ generalNameType = GeneralNameType::x400Address;
+ break;
+ case static_cast<uint8_t>(GeneralNameType::directoryName):
+ generalNameType = GeneralNameType::directoryName;
+ break;
+ case static_cast<uint8_t>(GeneralNameType::ediPartyName):
+ generalNameType = GeneralNameType::ediPartyName;
+ break;
+ case static_cast<uint8_t>(GeneralNameType::uniformResourceIdentifier):
+ generalNameType = GeneralNameType::uniformResourceIdentifier;
+ break;
+ case static_cast<uint8_t>(GeneralNameType::iPAddress):
+ generalNameType = GeneralNameType::iPAddress;
+ break;
+ case static_cast<uint8_t>(GeneralNameType::registeredID):
+ generalNameType = GeneralNameType::registeredID;
+ break;
+ default:
+ return Result::ERROR_BAD_DER;
+ }
+ return Success;
+}
+
+enum class MatchResult
+{
+ NoNamesOfGivenType = 0,
+ Mismatch = 1,
+ Match = 2
+};
+
+Result SearchNames(const Input* subjectAltName, Input subject,
+ GeneralNameType referenceIDType,
+ Input referenceID,
+ FallBackToSearchWithinSubject fallBackToCommonName,
+ /*out*/ MatchResult& match);
+Result SearchWithinRDN(Reader& rdn,
+ GeneralNameType referenceIDType,
+ Input referenceID,
+ FallBackToSearchWithinSubject fallBackToEmailAddress,
+ FallBackToSearchWithinSubject fallBackToCommonName,
+ /*in/out*/ MatchResult& match);
+Result MatchAVA(Input type,
+ uint8_t valueEncodingTag,
+ Input presentedID,
+ GeneralNameType referenceIDType,
+ Input referenceID,
+ FallBackToSearchWithinSubject fallBackToEmailAddress,
+ FallBackToSearchWithinSubject fallBackToCommonName,
+ /*in/out*/ MatchResult& match);
+Result ReadAVA(Reader& rdn,
+ /*out*/ Input& type,
+ /*out*/ uint8_t& valueTag,
+ /*out*/ Input& value);
+void MatchSubjectPresentedIDWithReferenceID(GeneralNameType presentedIDType,
+ Input presentedID,
+ GeneralNameType referenceIDType,
+ Input referenceID,
+ /*in/out*/ MatchResult& match);
+
+Result MatchPresentedIDWithReferenceID(GeneralNameType presentedIDType,
+ Input presentedID,
+ GeneralNameType referenceIDType,
+ Input referenceID,
+ /*in/out*/ MatchResult& matchResult);
+Result CheckPresentedIDConformsToConstraints(GeneralNameType referenceIDType,
+ Input presentedID,
+ Input nameConstraints);
+
+uint8_t LocaleInsensitveToLower(uint8_t a);
+bool StartsWithIDNALabel(Input id);
+
+enum class IDRole
+{
+ ReferenceID = 0,
+ PresentedID = 1,
+ NameConstraint = 2,
+};
+
+enum class AllowWildcards { No = 0, Yes = 1 };
+
+// DNSName constraints implicitly allow subdomain matching when there is no
+// leading dot ("foo.example.com" matches a constraint of "example.com"), but
+// RFC822Name constraints only allow subdomain matching when there is a leading
+// dot ("foo.example.com" does not match "example.com" but does match
+// ".example.com").
+enum class AllowDotlessSubdomainMatches { No = 0, Yes = 1 };
+
+bool IsValidDNSID(Input hostname, IDRole idRole,
+ AllowWildcards allowWildcards);
+
+Result MatchPresentedDNSIDWithReferenceDNSID(
+ Input presentedDNSID,
+ AllowWildcards allowWildcards,
+ AllowDotlessSubdomainMatches allowDotlessSubdomainMatches,
+ IDRole referenceDNSIDRole,
+ Input referenceDNSID,
+ /*out*/ bool& matches);
+
+Result MatchPresentedRFC822NameWithReferenceRFC822Name(
+ Input presentedRFC822Name, IDRole referenceRFC822NameRole,
+ Input referenceRFC822Name, /*out*/ bool& matches);
+
+} // namespace
+
+bool IsValidReferenceDNSID(Input hostname);
+bool IsValidPresentedDNSID(Input hostname);
+bool ParseIPv4Address(Input hostname, /*out*/ uint8_t (&out)[4]);
+bool ParseIPv6Address(Input hostname, /*out*/ uint8_t (&out)[16]);
+
+// This is used by the pkixnames_tests.cpp tests.
+Result
+MatchPresentedDNSIDWithReferenceDNSID(Input presentedDNSID,
+ Input referenceDNSID,
+ /*out*/ bool& matches)
+{
+ return MatchPresentedDNSIDWithReferenceDNSID(
+ presentedDNSID, AllowWildcards::Yes,
+ AllowDotlessSubdomainMatches::Yes, IDRole::ReferenceID,
+ referenceDNSID, matches);
+}
+
+// Verify that the given end-entity cert, which is assumed to have been already
+// validated with BuildCertChain, is valid for the given hostname. hostname is
+// assumed to be a string representation of an IPv4 address, an IPv6 addresss,
+// or a normalized ASCII (possibly punycode) DNS name.
+Result
+CheckCertHostname(Input endEntityCertDER, Input hostname,
+ NameMatchingPolicy& nameMatchingPolicy)
+{
+ BackCert cert(endEntityCertDER, EndEntityOrCA::MustBeEndEntity, nullptr);
+ Result rv = cert.Init();
+ if (rv != Success) {
+ return rv;
+ }
+
+ Time notBefore(Time::uninitialized);
+ rv = ParseValidity(cert.GetValidity(), ¬Before);
+ if (rv != Success) {
+ return rv;
+ }
+ FallBackToSearchWithinSubject fallBackToSearchWithinSubject;
+ rv = nameMatchingPolicy.FallBackToCommonName(notBefore,
+ fallBackToSearchWithinSubject);
+ if (rv != Success) {
+ return rv;
+ }
+
+ const Input* subjectAltName(cert.GetSubjectAltName());
+ Input subject(cert.GetSubject());
+
+ // For backward compatibility with legacy certificates, we may fall back to
+ // searching for a name match in the subject common name for DNS names and
+ // IPv4 addresses. We don't do so for IPv6 addresses because we do not think
+ // there are many certificates that would need such fallback, and because
+ // comparisons of string representations of IPv6 addresses are particularly
+ // error prone due to the syntactic flexibility that IPv6 addresses have.
+ //
+ // IPv4 and IPv6 addresses are represented using the same type of GeneralName
+ // (iPAddress); they are differentiated by the lengths of the values.
+ MatchResult match;
+ uint8_t ipv6[16];
+ uint8_t ipv4[4];
+ if (IsValidReferenceDNSID(hostname)) {
+ rv = SearchNames(subjectAltName, subject, GeneralNameType::dNSName,
+ hostname, fallBackToSearchWithinSubject, match);
+ } else if (ParseIPv6Address(hostname, ipv6)) {
+ rv = SearchNames(subjectAltName, subject, GeneralNameType::iPAddress,
+ Input(ipv6), FallBackToSearchWithinSubject::No, match);
+ } else if (ParseIPv4Address(hostname, ipv4)) {
+ rv = SearchNames(subjectAltName, subject, GeneralNameType::iPAddress,
+ Input(ipv4), fallBackToSearchWithinSubject, match);
+ } else {
+ return Result::ERROR_BAD_CERT_DOMAIN;
+ }
+ if (rv != Success) {
+ return rv;
+ }
+ switch (match) {
+ case MatchResult::NoNamesOfGivenType: // fall through
+ case MatchResult::Mismatch:
+ return Result::ERROR_BAD_CERT_DOMAIN;
+ case MatchResult::Match:
+ return Success;
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+}
+
+// 4.2.1.10. Name Constraints
+Result
+CheckNameConstraints(Input encodedNameConstraints,
+ const BackCert& firstChild,
+ KeyPurposeId requiredEKUIfPresent)
+{
+ for (const BackCert* child = &firstChild; child; child = child->childCert) {
+ FallBackToSearchWithinSubject fallBackToCommonName
+ = (child->endEntityOrCA == EndEntityOrCA::MustBeEndEntity &&
+ requiredEKUIfPresent == KeyPurposeId::id_kp_serverAuth)
+ ? FallBackToSearchWithinSubject::Yes
+ : FallBackToSearchWithinSubject::No;
+
+ MatchResult match;
+ Result rv = SearchNames(child->GetSubjectAltName(), child->GetSubject(),
+ GeneralNameType::nameConstraints,
+ encodedNameConstraints, fallBackToCommonName,
+ match);
+ if (rv != Success) {
+ return rv;
+ }
+ switch (match) {
+ case MatchResult::Match: // fall through
+ case MatchResult::NoNamesOfGivenType:
+ break;
+ case MatchResult::Mismatch:
+ return Result::ERROR_CERT_NOT_IN_NAME_SPACE;
+ }
+ }
+
+ return Success;
+}
+
+namespace {
+
+// SearchNames is used by CheckCertHostname and CheckNameConstraints.
+//
+// When called during name constraint checking, referenceIDType is
+// GeneralNameType::nameConstraints and referenceID is the entire encoded name
+// constraints extension value.
+//
+// The main benefit of using the exact same code paths for both is that we
+// ensure consistency between name validation and name constraint enforcement
+// regarding thing like "Which CN attributes should be considered as potential
+// CN-IDs" and "Which character sets are acceptable for CN-IDs?" If the name
+// matching and the name constraint enforcement logic were out of sync on these
+// issues (e.g. if name matching were to consider all subject CN attributes,
+// but name constraints were only enforced on the most specific subject CN),
+// trivial name constraint bypasses could result.
+
+Result
+SearchNames(/*optional*/ const Input* subjectAltName,
+ Input subject,
+ GeneralNameType referenceIDType,
+ Input referenceID,
+ FallBackToSearchWithinSubject fallBackToCommonName,
+ /*out*/ MatchResult& match)
+{
+ Result rv;
+
+ match = MatchResult::NoNamesOfGivenType;
+
+ // RFC 6125 says "A client MUST NOT seek a match for a reference identifier
+ // of CN-ID if the presented identifiers include a DNS-ID, SRV-ID, URI-ID, or
+ // any application-specific identifier types supported by the client."
+ // Accordingly, we only consider CN-IDs if there are no DNS-IDs in the
+ // subjectAltName.
+ //
+ // RFC 6125 says that IP addresses are out of scope, but for backward
+ // compatibility we accept them, by considering IP addresses to be an
+ // "application-specific identifier type supported by the client."
+ //
+ // TODO(bug XXXXXXX): Consider strengthening this check to "A client MUST NOT
+ // seek a match for a reference identifier of CN-ID if the certificate
+ // contains a subjectAltName extension."
+ //
+ // TODO(bug XXXXXXX): Consider dropping support for IP addresses as
+ // identifiers completely.
+
+ if (subjectAltName) {
+ Reader altNames;
+ rv = der::ExpectTagAndGetValueAtEnd(*subjectAltName, der::SEQUENCE,
+ altNames);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // According to RFC 5280, "If the subjectAltName extension is present, the
+ // sequence MUST contain at least one entry." For compatibility reasons, we
+ // do not enforce this. See bug 1143085.
+ while (!altNames.AtEnd()) {
+ GeneralNameType presentedIDType;
+ Input presentedID;
+ rv = ReadGeneralName(altNames, presentedIDType, presentedID);
+ if (rv != Success) {
+ return rv;
+ }
+
+ rv = MatchPresentedIDWithReferenceID(presentedIDType, presentedID,
+ referenceIDType, referenceID,
+ match);
+ if (rv != Success) {
+ return rv;
+ }
+ if (referenceIDType != GeneralNameType::nameConstraints &&
+ match == MatchResult::Match) {
+ return Success;
+ }
+ if (presentedIDType == GeneralNameType::dNSName ||
+ presentedIDType == GeneralNameType::iPAddress) {
+ fallBackToCommonName = FallBackToSearchWithinSubject::No;
+ }
+ }
+ }
+
+ if (referenceIDType == GeneralNameType::nameConstraints) {
+ rv = CheckPresentedIDConformsToConstraints(GeneralNameType::directoryName,
+ subject, referenceID);
+ if (rv != Success) {
+ return rv;
+ }
+ }
+
+ FallBackToSearchWithinSubject fallBackToEmailAddress;
+ if (!subjectAltName &&
+ (referenceIDType == GeneralNameType::rfc822Name ||
+ referenceIDType == GeneralNameType::nameConstraints)) {
+ fallBackToEmailAddress = FallBackToSearchWithinSubject::Yes;
+ } else {
+ fallBackToEmailAddress = FallBackToSearchWithinSubject::No;
+ }
+
+ // Short-circuit the parsing of the subject name if we're not going to match
+ // any names in it
+ if (fallBackToEmailAddress == FallBackToSearchWithinSubject::No &&
+ fallBackToCommonName == FallBackToSearchWithinSubject::No) {
+ return Success;
+ }
+
+ // Attempt to match the reference ID against the CN-ID, which we consider to
+ // be the most-specific CN AVA in the subject field.
+ //
+ // https://tools.ietf.org/html/rfc6125#section-2.3.1 says:
+ //
+ // To reduce confusion, in this specification we avoid such terms and
+ // instead use the terms provided under Section 1.8; in particular, we
+ // do not use the term "(most specific) Common Name field in the subject
+ // field" from [HTTP-TLS] and instead state that a CN-ID is a Relative
+ // Distinguished Name (RDN) in the certificate subject containing one
+ // and only one attribute-type-and-value pair of type Common Name (thus
+ // removing the possibility that an RDN might contain multiple AVAs
+ // (Attribute Value Assertions) of type CN, one of which could be
+ // considered "most specific").
+ //
+ // https://tools.ietf.org/html/rfc6125#section-7.4 says:
+ //
+ // [...] Although it would be preferable to
+ // forbid multiple CN-IDs entirely, there are several reasons at this
+ // time why this specification states that they SHOULD NOT (instead of
+ // MUST NOT) be included [...]
+ //
+ // Consequently, it is unclear what to do when there are multiple CNs in the
+ // subject, regardless of whether there "SHOULD NOT" be.
+ //
+ // NSS's CERT_VerifyCertName mostly follows RFC2818 in this instance, which
+ // says:
+ //
+ // If a subjectAltName extension of type dNSName is present, that MUST
+ // be used as the identity. Otherwise, the (most specific) Common Name
+ // field in the Subject field of the certificate MUST be used.
+ //
+ // [...]
+ //
+ // In some cases, the URI is specified as an IP address rather than a
+ // hostname. In this case, the iPAddress subjectAltName must be present
+ // in the certificate and must exactly match the IP in the URI.
+ //
+ // (The main difference from RFC2818 is that NSS's CERT_VerifyCertName also
+ // matches IP addresses in the most-specific CN.)
+ //
+ // NSS's CERT_VerifyCertName finds the most specific CN via
+ // CERT_GetCommoName, which uses CERT_GetLastNameElement. Note that many
+ // NSS-based applications, including Gecko, also use CERT_GetCommonName. It
+ // is likely that other, non-NSS-based, applications also expect only the
+ // most specific CN to be matched against the reference ID.
+ //
+ // "A Layman's Guide to a Subset of ASN.1, BER, and DER" and other sources
+ // agree that an RDNSequence is ordered from most significant (least
+ // specific) to least significant (most specific), as do other references.
+ //
+ // However, Chromium appears to use the least-specific (first) CN instead of
+ // the most-specific; see https://crbug.com/366957. Also, MSIE and some other
+ // popular implementations apparently attempt to match the reference ID
+ // against any/all CNs in the subject. Since we're trying to phase out the
+ // use of CN-IDs, we intentionally avoid trying to match MSIE's more liberal
+ // behavior.
+
+ // Name ::= CHOICE { -- only one possibility for now --
+ // rdnSequence RDNSequence }
+ //
+ // RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+ //
+ // RelativeDistinguishedName ::=
+ // SET SIZE (1..MAX) OF AttributeTypeAndValue
+ Reader subjectReader(subject);
+ return der::NestedOf(subjectReader, der::SEQUENCE, der::SET,
+ der::EmptyAllowed::Yes, [&](Reader& r) {
+ return SearchWithinRDN(r, referenceIDType, referenceID,
+ fallBackToEmailAddress, fallBackToCommonName, match);
+ });
+}
+
+// RelativeDistinguishedName ::=
+// SET SIZE (1..MAX) OF AttributeTypeAndValue
+//
+// AttributeTypeAndValue ::= SEQUENCE {
+// type AttributeType,
+// value AttributeValue }
+Result
+SearchWithinRDN(Reader& rdn,
+ GeneralNameType referenceIDType,
+ Input referenceID,
+ FallBackToSearchWithinSubject fallBackToEmailAddress,
+ FallBackToSearchWithinSubject fallBackToCommonName,
+ /*in/out*/ MatchResult& match)
+{
+ do {
+ Input type;
+ uint8_t valueTag;
+ Input value;
+ Result rv = ReadAVA(rdn, type, valueTag, value);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = MatchAVA(type, valueTag, value, referenceIDType, referenceID,
+ fallBackToEmailAddress, fallBackToCommonName, match);
+ if (rv != Success) {
+ return rv;
+ }
+ } while (!rdn.AtEnd());
+
+ return Success;
+}
+
+// AttributeTypeAndValue ::= SEQUENCE {
+// type AttributeType,
+// value AttributeValue }
+//
+// AttributeType ::= OBJECT IDENTIFIER
+//
+// AttributeValue ::= ANY -- DEFINED BY AttributeType
+//
+// DirectoryString ::= CHOICE {
+// teletexString TeletexString (SIZE (1..MAX)),
+// printableString PrintableString (SIZE (1..MAX)),
+// universalString UniversalString (SIZE (1..MAX)),
+// utf8String UTF8String (SIZE (1..MAX)),
+// bmpString BMPString (SIZE (1..MAX)) }
+Result
+MatchAVA(Input type, uint8_t valueEncodingTag, Input presentedID,
+ GeneralNameType referenceIDType,
+ Input referenceID,
+ FallBackToSearchWithinSubject fallBackToEmailAddress,
+ FallBackToSearchWithinSubject fallBackToCommonName,
+ /*in/out*/ MatchResult& match)
+{
+ // Try to match the CN as a DNSName or an IPAddress.
+ //
+ // id-at-commonName AttributeType ::= { id-at 3 }
+ //
+ // -- Naming attributes of type X520CommonName:
+ // -- X520CommonName ::= DirectoryName (SIZE (1..ub-common-name))
+ // --
+ // -- Expanded to avoid parameterized type:
+ // X520CommonName ::= CHOICE {
+ // teletexString TeletexString (SIZE (1..ub-common-name)),
+ // printableString PrintableString (SIZE (1..ub-common-name)),
+ // universalString UniversalString (SIZE (1..ub-common-name)),
+ // utf8String UTF8String (SIZE (1..ub-common-name)),
+ // bmpString BMPString (SIZE (1..ub-common-name)) }
+ //
+ // python DottedOIDToCode.py id-at-commonName 2.5.4.3
+ static const uint8_t id_at_commonName[] = {
+ 0x55, 0x04, 0x03
+ };
+ if (fallBackToCommonName == FallBackToSearchWithinSubject::Yes &&
+ InputsAreEqual(type, Input(id_at_commonName))) {
+ // We might have previously found a match. Now that we've found another CN,
+ // we no longer consider that previous match to be a match, so "forget" about
+ // it.
+ match = MatchResult::NoNamesOfGivenType;
+
+ // PrintableString is a subset of ASCII that contains all the characters
+ // allowed in CN-IDs except '*'. Although '*' is illegal, there are many
+ // real-world certificates that are encoded this way, so we accept it.
+ //
+ // In the case of UTF8String, we rely on the fact that in UTF-8 the octets in
+ // a multi-byte encoding of a code point are always distinct from ASCII. Any
+ // non-ASCII byte in a UTF-8 string causes us to fail to match. We make no
+ // attempt to detect or report malformed UTF-8 (e.g. incomplete or overlong
+ // encodings of code points, or encodings of invalid code points).
+ //
+ // TeletexString is supported as long as it does not contain any escape
+ // sequences, which are not supported. We'll reject escape sequences as
+ // invalid characters in names, which means we only accept strings that are
+ // in the default character set, which is a superset of ASCII. Note that NSS
+ // actually treats TeletexString as ISO-8859-1. Many certificates that have
+ // wildcard CN-IDs (e.g. "*.example.com") use TeletexString because
+ // PrintableString is defined to not allow '*' and because, at one point in
+ // history, UTF8String was too new to use for compatibility reasons.
+ //
+ // UniversalString and BMPString are also deprecated, and they are a little
+ // harder to support because they are not single-byte ASCII superset
+ // encodings, so we don't bother.
+ if (valueEncodingTag != der::PrintableString &&
+ valueEncodingTag != der::UTF8String &&
+ valueEncodingTag != der::TeletexString) {
+ return Success;
+ }
+
+ if (IsValidPresentedDNSID(presentedID)) {
+ MatchSubjectPresentedIDWithReferenceID(GeneralNameType::dNSName,
+ presentedID, referenceIDType,
+ referenceID, match);
+ } else {
+ // We don't match CN-IDs for IPv6 addresses.
+ // MatchSubjectPresentedIDWithReferenceID ensures that it won't match an
+ // IPv4 address with an IPv6 address, so we don't need to check that
+ // referenceID is an IPv4 address here.
+ uint8_t ipv4[4];
+ if (ParseIPv4Address(presentedID, ipv4)) {
+ MatchSubjectPresentedIDWithReferenceID(GeneralNameType::iPAddress,
+ Input(ipv4), referenceIDType,
+ referenceID, match);
+ }
+ }
+
+ // Regardless of whether there was a match, we keep going in case we find
+ // another CN later. If we do find another one, then this match/mismatch
+ // will be ignored, because we only care about the most specific CN.
+
+ return Success;
+ }
+
+ // Match an email address against an emailAddress attribute in the
+ // subject.
+ //
+ // id-emailAddress AttributeType ::= { pkcs-9 1 }
+ //
+ // EmailAddress ::= IA5String (SIZE (1..ub-emailaddress-length))
+ //
+ // python DottedOIDToCode.py id-emailAddress 1.2.840.113549.1.9.1
+ static const uint8_t id_emailAddress[] = {
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01
+ };
+ if (fallBackToEmailAddress == FallBackToSearchWithinSubject::Yes &&
+ InputsAreEqual(type, Input(id_emailAddress))) {
+ if (referenceIDType == GeneralNameType::rfc822Name &&
+ match == MatchResult::Match) {
+ // We already found a match; we don't need to match another one
+ return Success;
+ }
+ if (valueEncodingTag != der::IA5String) {
+ return Result::ERROR_BAD_DER;
+ }
+ return MatchPresentedIDWithReferenceID(GeneralNameType::rfc822Name,
+ presentedID, referenceIDType,
+ referenceID, match);
+ }
+
+ return Success;
+}
+
+void
+MatchSubjectPresentedIDWithReferenceID(GeneralNameType presentedIDType,
+ Input presentedID,
+ GeneralNameType referenceIDType,
+ Input referenceID,
+ /*in/out*/ MatchResult& match)
+{
+ Result rv = MatchPresentedIDWithReferenceID(presentedIDType, presentedID,
+ referenceIDType, referenceID,
+ match);
+ if (rv != Success) {
+ match = MatchResult::Mismatch;
+ }
+}
+
+Result
+MatchPresentedIDWithReferenceID(GeneralNameType presentedIDType,
+ Input presentedID,
+ GeneralNameType referenceIDType,
+ Input referenceID,
+ /*out*/ MatchResult& matchResult)
+{
+ if (referenceIDType == GeneralNameType::nameConstraints) {
+ // matchResult is irrelevant when checking name constraints; only the
+ // pass/fail result of CheckPresentedIDConformsToConstraints matters.
+ return CheckPresentedIDConformsToConstraints(presentedIDType, presentedID,
+ referenceID);
+ }
+
+ if (presentedIDType != referenceIDType) {
+ matchResult = MatchResult::Mismatch;
+ return Success;
+ }
+
+ Result rv;
+ bool foundMatch;
+
+ switch (referenceIDType) {
+ case GeneralNameType::dNSName:
+ rv = MatchPresentedDNSIDWithReferenceDNSID(
+ presentedID, AllowWildcards::Yes,
+ AllowDotlessSubdomainMatches::Yes, IDRole::ReferenceID,
+ referenceID, foundMatch);
+ break;
+
+ case GeneralNameType::iPAddress:
+ foundMatch = InputsAreEqual(presentedID, referenceID);
+ rv = Success;
+ break;
+
+ case GeneralNameType::rfc822Name:
+ rv = MatchPresentedRFC822NameWithReferenceRFC822Name(
+ presentedID, IDRole::ReferenceID, referenceID, foundMatch);
+ break;
+
+ case GeneralNameType::directoryName:
+ // TODO: At some point, we may add APIs for matching DirectoryNames.
+ // fall through
+
+ case GeneralNameType::otherName: // fall through
+ case GeneralNameType::x400Address: // fall through
+ case GeneralNameType::ediPartyName: // fall through
+ case GeneralNameType::uniformResourceIdentifier: // fall through
+ case GeneralNameType::registeredID: // fall through
+ case GeneralNameType::nameConstraints:
+ return NotReached("unexpected nameType for SearchType::Match",
+ Result::FATAL_ERROR_INVALID_ARGS);
+
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+
+ if (rv != Success) {
+ return rv;
+ }
+ matchResult = foundMatch ? MatchResult::Match : MatchResult::Mismatch;
+ return Success;
+}
+
+enum class NameConstraintsSubtrees : uint8_t
+{
+ permittedSubtrees = der::CONSTRUCTED | der::CONTEXT_SPECIFIC | 0,
+ excludedSubtrees = der::CONSTRUCTED | der::CONTEXT_SPECIFIC | 1
+};
+
+Result CheckPresentedIDConformsToNameConstraintsSubtrees(
+ GeneralNameType presentedIDType,
+ Input presentedID,
+ Reader& nameConstraints,
+ NameConstraintsSubtrees subtreesType);
+Result MatchPresentedIPAddressWithConstraint(Input presentedID,
+ Input iPAddressConstraint,
+ /*out*/ bool& foundMatch);
+Result MatchPresentedDirectoryNameWithConstraint(
+ NameConstraintsSubtrees subtreesType, Input presentedID,
+ Input directoryNameConstraint, /*out*/ bool& matches);
+
+Result
+CheckPresentedIDConformsToConstraints(
+ GeneralNameType presentedIDType,
+ Input presentedID,
+ Input encodedNameConstraints)
+{
+ // NameConstraints ::= SEQUENCE {
+ // permittedSubtrees [0] GeneralSubtrees OPTIONAL,
+ // excludedSubtrees [1] GeneralSubtrees OPTIONAL }
+ Reader nameConstraints;
+ Result rv = der::ExpectTagAndGetValueAtEnd(encodedNameConstraints,
+ der::SEQUENCE, nameConstraints);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // RFC 5280 says "Conforming CAs MUST NOT issue certificates where name
+ // constraints is an empty sequence. That is, either the permittedSubtrees
+ // field or the excludedSubtrees MUST be present."
+ if (nameConstraints.AtEnd()) {
+ return Result::ERROR_BAD_DER;
+ }
+
+ rv = CheckPresentedIDConformsToNameConstraintsSubtrees(
+ presentedIDType, presentedID, nameConstraints,
+ NameConstraintsSubtrees::permittedSubtrees);
+ if (rv != Success) {
+ return rv;
+ }
+
+ rv = CheckPresentedIDConformsToNameConstraintsSubtrees(
+ presentedIDType, presentedID, nameConstraints,
+ NameConstraintsSubtrees::excludedSubtrees);
+ if (rv != Success) {
+ return rv;
+ }
+
+ return der::End(nameConstraints);
+}
+
+Result
+CheckPresentedIDConformsToNameConstraintsSubtrees(
+ GeneralNameType presentedIDType,
+ Input presentedID,
+ Reader& nameConstraints,
+ NameConstraintsSubtrees subtreesType)
+{
+ if (!nameConstraints.Peek(static_cast<uint8_t>(subtreesType))) {
+ return Success;
+ }
+
+ Reader subtrees;
+ Result rv = der::ExpectTagAndGetValue(nameConstraints,
+ static_cast<uint8_t>(subtreesType),
+ subtrees);
+ if (rv != Success) {
+ return rv;
+ }
+
+ bool hasPermittedSubtreesMatch = false;
+ bool hasPermittedSubtreesMismatch = false;
+
+ // GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
+ //
+ // do { ... } while(...) because subtrees isn't allowed to be empty.
+ do {
+ // GeneralSubtree ::= SEQUENCE {
+ // base GeneralName,
+ // minimum [0] BaseDistance DEFAULT 0,
+ // maximum [1] BaseDistance OPTIONAL }
+ Reader subtree;
+ rv = ExpectTagAndGetValue(subtrees, der::SEQUENCE, subtree);
+ if (rv != Success) {
+ return rv;
+ }
+ GeneralNameType nameConstraintType;
+ Input base;
+ rv = ReadGeneralName(subtree, nameConstraintType, base);
+ if (rv != Success) {
+ return rv;
+ }
+ // http://tools.ietf.org/html/rfc5280#section-4.2.1.10: "Within this
+ // profile, the minimum and maximum fields are not used with any name
+ // forms, thus, the minimum MUST be zero, and maximum MUST be absent."
+ //
+ // Since the default value isn't allowed to be encoded according to the DER
+ // encoding rules for DEFAULT, this is equivalent to saying that neither
+ // minimum or maximum must be encoded.
+ rv = der::End(subtree);
+ if (rv != Success) {
+ return rv;
+ }
+
+ if (presentedIDType == nameConstraintType) {
+ bool matches;
+
+ switch (presentedIDType) {
+ case GeneralNameType::dNSName:
+ rv = MatchPresentedDNSIDWithReferenceDNSID(
+ presentedID, AllowWildcards::Yes,
+ AllowDotlessSubdomainMatches::Yes, IDRole::NameConstraint,
+ base, matches);
+ if (rv != Success) {
+ return rv;
+ }
+ break;
+
+ case GeneralNameType::iPAddress:
+ rv = MatchPresentedIPAddressWithConstraint(presentedID, base,
+ matches);
+ if (rv != Success) {
+ return rv;
+ }
+ break;
+
+ case GeneralNameType::directoryName:
+ rv = MatchPresentedDirectoryNameWithConstraint(subtreesType,
+ presentedID, base,
+ matches);
+ if (rv != Success) {
+ return rv;
+ }
+ break;
+
+ case GeneralNameType::rfc822Name:
+ rv = MatchPresentedRFC822NameWithReferenceRFC822Name(
+ presentedID, IDRole::NameConstraint, base, matches);
+ if (rv != Success) {
+ return rv;
+ }
+ break;
+
+ // RFC 5280 says "Conforming CAs [...] SHOULD NOT impose name
+ // constraints on the x400Address, ediPartyName, or registeredID
+ // name forms. It also says "Applications conforming to this profile
+ // [...] SHOULD be able to process name constraints that are imposed
+ // on [...] uniformResourceIdentifier [...]", but we don't bother.
+ //
+ // TODO: Ask to have spec updated to say ""Conforming CAs [...] SHOULD
+ // NOT impose name constraints on the otherName, x400Address,
+ // ediPartyName, uniformResourceIdentifier, or registeredID name
+ // forms."
+ case GeneralNameType::otherName: // fall through
+ case GeneralNameType::x400Address: // fall through
+ case GeneralNameType::ediPartyName: // fall through
+ case GeneralNameType::uniformResourceIdentifier: // fall through
+ case GeneralNameType::registeredID: // fall through
+ return Result::ERROR_CERT_NOT_IN_NAME_SPACE;
+
+ case GeneralNameType::nameConstraints:
+ return NotReached("invalid presentedIDType",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+
+ switch (subtreesType) {
+ case NameConstraintsSubtrees::permittedSubtrees:
+ if (matches) {
+ hasPermittedSubtreesMatch = true;
+ } else {
+ hasPermittedSubtreesMismatch = true;
+ }
+ break;
+ case NameConstraintsSubtrees::excludedSubtrees:
+ if (matches) {
+ return Result::ERROR_CERT_NOT_IN_NAME_SPACE;
+ }
+ break;
+ }
+ }
+ } while (!subtrees.AtEnd());
+
+ if (hasPermittedSubtreesMismatch && !hasPermittedSubtreesMatch) {
+ // If there was any entry of the given type in permittedSubtrees, then it
+ // required that at least one of them must match. Since none of them did,
+ // we have a failure.
+ return Result::ERROR_CERT_NOT_IN_NAME_SPACE;
+ }
+
+ return Success;
+}
+
+// We do not distinguish between a syntactically-invalid presentedDNSID and one
+// that is syntactically valid but does not match referenceDNSID; in both
+// cases, the result is false.
+//
+// We assume that both presentedDNSID and referenceDNSID are encoded in such a
+// way that US-ASCII (7-bit) characters are encoded in one byte and no encoding
+// of a non-US-ASCII character contains a code point in the range 0-127. For
+// example, UTF-8 is OK but UTF-16 is not.
+//
+// RFC6125 says that a wildcard label may be of the form <x>*<y>.<DNSID>, where
+// <x> and/or <y> may be empty. However, NSS requires <y> to be empty, and we
+// follow NSS's stricter policy by accepting wildcards only of the form
+// <x>*.<DNSID>, where <x> may be empty.
+//
+// An relative presented DNS ID matches both an absolute reference ID and a
+// relative reference ID. Absolute presented DNS IDs are not supported:
+//
+// Presented ID Reference ID Result
+// -------------------------------------
+// example.com example.com Match
+// example.com. example.com Mismatch
+// example.com example.com. Match
+// example.com. example.com. Mismatch
+//
+// There are more subtleties documented inline in the code.
+//
+// Name constraints ///////////////////////////////////////////////////////////
+//
+// This is all RFC 5280 has to say about DNSName constraints:
+//
+// DNS name restrictions are expressed as host.example.com. Any DNS
+// name that can be constructed by simply adding zero or more labels to
+// the left-hand side of the name satisfies the name constraint. For
+// example, www.host.example.com would satisfy the constraint but
+// host1.example.com would not.
+//
+// This lack of specificity has lead to a lot of uncertainty regarding
+// subdomain matching. In particular, the following questions have been
+// raised and answered:
+//
+// Q: Does a presented identifier equal (case insensitive) to the name
+// constraint match the constraint? For example, does the presented
+// ID "host.example.com" match a "host.example.com" constraint?
+// A: Yes. RFC5280 says "by simply adding zero or more labels" and this
+// is the case of adding zero labels.
+//
+// Q: When the name constraint does not start with ".", do subdomain
+// presented identifiers match it? For example, does the presented
+// ID "www.host.example.com" match a "host.example.com" constraint?
+// A: Yes. RFC5280 says "by simply adding zero or more labels" and this
+// is the case of adding more than zero labels. The example is the
+// one from RFC 5280.
+//
+// Q: When the name constraint does not start with ".", does a
+// non-subdomain prefix match it? For example, does "bigfoo.bar.com"
+// match "foo.bar.com"? [4]
+// A: No. We interpret RFC 5280's language of "adding zero or more labels"
+// to mean that whole labels must be prefixed.
+//
+// (Note that the above three scenarios are the same as the RFC 6265
+// domain matching rules [0].)
+//
+// Q: Is a name constraint that starts with "." valid, and if so, what
+// semantics does it have? For example, does a presented ID of
+// "www.example.com" match a constraint of ".example.com"? Does a
+// presented ID of "example.com" match a constraint of ".example.com"?
+// A: This implementation, NSS[1], and SChannel[2] all support a
+// leading ".", but OpenSSL[3] does not yet. Amongst the
+// implementations that support it, a leading "." is legal and means
+// the same thing as when the "." is omitted, EXCEPT that a
+// presented identifier equal (case insensitive) to the name
+// constraint is not matched; i.e. presented DNSName identifiers
+// must be subdomains. Some CAs in Mozilla's CA program (e.g. HARICA)
+// have name constraints with the leading "." in their root
+// certificates. The name constraints imposed on DCISS by Mozilla also
+// have the it, so supporting this is a requirement for backward
+// compatibility, even if it is not yet standardized. So, for example, a
+// presented ID of "www.example.com" matches a constraint of
+// ".example.com" but a presented ID of "example.com" does not.
+//
+// Q: Is there a way to prevent subdomain matches?
+// A: Yes.
+//
+// Some people have proposed that dNSName constraints that do not
+// start with a "." should be restricted to exact (case insensitive)
+// matches. However, such a change of semantics from what RFC5280
+// specifies would be a non-backward-compatible change in the case of
+// permittedSubtrees constraints, and it would be a security issue for
+// excludedSubtrees constraints.
+//
+// However, it can be done with a combination of permittedSubtrees and
+// excludedSubtrees, e.g. "example.com" in permittedSubtrees and
+// ".example.com" in excudedSubtrees.
+//
+// Q: Are name constraints allowed to be specified as absolute names?
+// For example, does a presented ID of "example.com" match a name
+// constraint of "example.com." and vice versa.
+// A: Absolute names are not supported as presented IDs or name
+// constraints. Only reference IDs may be absolute.
+//
+// Q: Is "" a valid DNSName constraints? If so, what does it mean?
+// A: Yes. Any valid presented DNSName can be formed "by simply adding zero
+// or more labels to the left-hand side" of "". In particular, an
+// excludedSubtrees DNSName constraint of "" forbids all DNSNames.
+//
+// Q: Is "." a valid DNSName constraints? If so, what does it mean?
+// A: No, because absolute names are not allowed (see above).
+//
+// [0] RFC 6265 (Cookies) Domain Matching rules:
+// http://tools.ietf.org/html/rfc6265#section-5.1.3
+// [1] NSS source code:
+// https://mxr.mozilla.org/nss/source/lib/certdb/genname.c?rev=2a7348f013cb#1209
+// [2] Description of SChannel's behavior from Microsoft:
+// http://www.imc.org/ietf-pkix/mail-archive/msg04668.html
+// [3] Proposal to add such support to OpenSSL:
+// http://www.mail-archive.com/openssl-dev%40openssl.org/msg36204.html
+// https://rt.openssl.org/Ticket/Display.html?id=3562
+// [4] Feedback on the lack of clarify in the definition that never got
+// incorporated into the spec:
+// https://www.ietf.org/mail-archive/web/pkix/current/msg21192.html
+Result
+MatchPresentedDNSIDWithReferenceDNSID(
+ Input presentedDNSID,
+ AllowWildcards allowWildcards,
+ AllowDotlessSubdomainMatches allowDotlessSubdomainMatches,
+ IDRole referenceDNSIDRole,
+ Input referenceDNSID,
+ /*out*/ bool& matches)
+{
+ if (!IsValidDNSID(presentedDNSID, IDRole::PresentedID, allowWildcards)) {
+ return Result::ERROR_BAD_DER;
+ }
+
+ if (!IsValidDNSID(referenceDNSID, referenceDNSIDRole, AllowWildcards::No)) {
+ return Result::ERROR_BAD_DER;
+ }
+
+ Reader presented(presentedDNSID);
+ Reader reference(referenceDNSID);
+
+ switch (referenceDNSIDRole)
+ {
+ case IDRole::ReferenceID:
+ break;
+
+ case IDRole::NameConstraint:
+ {
+ if (presentedDNSID.GetLength() > referenceDNSID.GetLength()) {
+ if (referenceDNSID.GetLength() == 0) {
+ // An empty constraint matches everything.
+ matches = true;
+ return Success;
+ }
+ // If the reference ID starts with a dot then skip the prefix of
+ // of the presented ID and start the comparison at the position of that
+ // dot. Examples:
+ //
+ // Matches Doesn't Match
+ // -----------------------------------------------------------
+ // original presented ID: www.example.com badexample.com
+ // skipped: www ba
+ // presented ID w/o prefix: .example.com dexample.com
+ // reference ID: .example.com .example.com
+ //
+ // If the reference ID does not start with a dot then we skip the
+ // prefix of the presented ID but also verify that the prefix ends with
+ // a dot. Examples:
+ //
+ // Matches Doesn't Match
+ // -----------------------------------------------------------
+ // original presented ID: www.example.com badexample.com
+ // skipped: www ba
+ // must be '.': . d
+ // presented ID w/o prefix: example.com example.com
+ // reference ID: example.com example.com
+ //
+ if (reference.Peek('.')) {
+ if (presented.Skip(static_cast<Input::size_type>(
+ presentedDNSID.GetLength() -
+ referenceDNSID.GetLength())) != Success) {
+ return NotReached("skipping subdomain failed",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+ } else if (allowDotlessSubdomainMatches ==
+ AllowDotlessSubdomainMatches::Yes) {
+ if (presented.Skip(static_cast<Input::size_type>(
+ presentedDNSID.GetLength() -
+ referenceDNSID.GetLength() - 1)) != Success) {
+ return NotReached("skipping subdomains failed",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+ uint8_t b;
+ if (presented.Read(b) != Success) {
+ return NotReached("reading from presentedDNSID failed",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+ if (b != '.') {
+ matches = false;
+ return Success;
+ }
+ }
+ }
+ break;
+ }
+
+ case IDRole::PresentedID: // fall through
+ return NotReached("IDRole::PresentedID is not a valid referenceDNSIDRole",
+ Result::FATAL_ERROR_INVALID_ARGS);
+ }
+
+ // We only allow wildcard labels that consist only of '*'.
+ if (presented.Peek('*')) {
+ if (presented.Skip(1) != Success) {
+ return NotReached("Skipping '*' failed",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+ do {
+ // This will happen if reference is a single, relative label
+ if (reference.AtEnd()) {
+ matches = false;
+ return Success;
+ }
+ uint8_t referenceByte;
+ if (reference.Read(referenceByte) != Success) {
+ return NotReached("invalid reference ID",
+ Result::FATAL_ERROR_INVALID_ARGS);
+ }
+ } while (!reference.Peek('.'));
+ }
+
+ for (;;) {
+ uint8_t presentedByte;
+ if (presented.Read(presentedByte) != Success) {
+ matches = false;
+ return Success;
+ }
+ uint8_t referenceByte;
+ if (reference.Read(referenceByte) != Success) {
+ matches = false;
+ return Success;
+ }
+ if (LocaleInsensitveToLower(presentedByte) !=
+ LocaleInsensitveToLower(referenceByte)) {
+ matches = false;
+ return Success;
+ }
+ if (presented.AtEnd()) {
+ // Don't allow presented IDs to be absolute.
+ if (presentedByte == '.') {
+ return Result::ERROR_BAD_DER;
+ }
+ break;
+ }
+ }
+
+ // Allow a relative presented DNS ID to match an absolute reference DNS ID,
+ // unless we're matching a name constraint.
+ if (!reference.AtEnd()) {
+ if (referenceDNSIDRole != IDRole::NameConstraint) {
+ uint8_t referenceByte;
+ if (reference.Read(referenceByte) != Success) {
+ return NotReached("read failed but not at end",
+ Result::FATAL_ERROR_LIBRARY_FAILURE);
+ }
+ if (referenceByte != '.') {
+ matches = false;
+ return Success;
+ }
+ }
+ if (!reference.AtEnd()) {
+ matches = false;
+ return Success;
+ }
+ }
+
+ matches = true;
+ return Success;
+}
+
+// https://tools.ietf.org/html/rfc5280#section-4.2.1.10 says:
+//
+// For IPv4 addresses, the iPAddress field of GeneralName MUST contain
+// eight (8) octets, encoded in the style of RFC 4632 (CIDR) to represent
+// an address range [RFC4632]. For IPv6 addresses, the iPAddress field
+// MUST contain 32 octets similarly encoded. For example, a name
+// constraint for "class C" subnet 192.0.2.0 is represented as the
+// octets C0 00 02 00 FF FF FF 00, representing the CIDR notation
+// 192.0.2.0/24 (mask 255.255.255.0).
+Result
+MatchPresentedIPAddressWithConstraint(Input presentedID,
+ Input iPAddressConstraint,
+ /*out*/ bool& foundMatch)
+{
+ if (presentedID.GetLength() != 4 && presentedID.GetLength() != 16) {
+ return Result::ERROR_BAD_DER;
+ }
+ if (iPAddressConstraint.GetLength() != 8 &&
+ iPAddressConstraint.GetLength() != 32) {
+ return Result::ERROR_BAD_DER;
+ }
+
+ // an IPv4 address never matches an IPv6 constraint, and vice versa.
+ if (presentedID.GetLength() * 2 != iPAddressConstraint.GetLength()) {
+ foundMatch = false;
+ return Success;
+ }
+
+ Reader constraint(iPAddressConstraint);
+ Reader constraintAddress;
+ Result rv = constraint.Skip(iPAddressConstraint.GetLength() / 2u,
+ constraintAddress);
+ if (rv != Success) {
+ return rv;
+ }
+ Reader constraintMask;
+ rv = constraint.Skip(iPAddressConstraint.GetLength() / 2u, constraintMask);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::End(constraint);
+ if (rv != Success) {
+ return rv;
+ }
+
+ Reader presented(presentedID);
+ do {
+ uint8_t presentedByte;
+ rv = presented.Read(presentedByte);
+ if (rv != Success) {
+ return rv;
+ }
+ uint8_t constraintAddressByte;
+ rv = constraintAddress.Read(constraintAddressByte);
+ if (rv != Success) {
+ return rv;
+ }
+ uint8_t constraintMaskByte;
+ rv = constraintMask.Read(constraintMaskByte);
+ if (rv != Success) {
+ return rv;
+ }
+ foundMatch =
+ ((presentedByte ^ constraintAddressByte) & constraintMaskByte) == 0;
+ } while (foundMatch && !presented.AtEnd());
+
+ return Success;
+}
+
+// AttributeTypeAndValue ::= SEQUENCE {
+// type AttributeType,
+// value AttributeValue }
+//
+// AttributeType ::= OBJECT IDENTIFIER
+//
+// AttributeValue ::= ANY -- DEFINED BY AttributeType
+Result
+ReadAVA(Reader& rdn,
+ /*out*/ Input& type,
+ /*out*/ uint8_t& valueTag,
+ /*out*/ Input& value)
+{
+ return der::Nested(rdn, der::SEQUENCE, [&](Reader& ava) -> Result {
+ Result rv = der::ExpectTagAndGetValue(ava, der::OIDTag, type);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::ReadTagAndGetValue(ava, valueTag, value);
+ if (rv != Success) {
+ return rv;
+ }
+ return Success;
+ });
+}
+
+// Names are sequences of RDNs. RDNS are sets of AVAs. That means that RDNs are
+// unordered, so in theory we should match RDNs with equivalent AVAs that are
+// in different orders. Within the AVAs are DirectoryNames that are supposed to
+// be compared according to LDAP stringprep normalization rules (e.g.
+// normalizing whitespace), consideration of different character encodings,
+// etc. Indeed, RFC 5280 says we MUST deal with all of that.
+//
+// In practice, many implementations, including NSS, only match Names in a way
+// that only meets a subset of the requirements of RFC 5280. Those
+// normalization and character encoding conversion steps appear to be
+// unnecessary for processing real-world certificates, based on experience from
+// having used NSS in Firefox for many years.
+//
+// RFC 5280 also says "CAs issuing certificates with a restriction of the form
+// directoryName SHOULD NOT rely on implementation of the full
+// ISO DN name comparison algorithm. This implies name restrictions MUST
+// be stated identically to the encoding used in the subject field or
+// subjectAltName extension." It goes on to say, in the security
+// considerations:
+//
+// In addition, name constraints for distinguished names MUST be stated
+// identically to the encoding used in the subject field or
+// subjectAltName extension. If not, then name constraints stated as
+// excludedSubtrees will not match and invalid paths will be accepted
+// and name constraints expressed as permittedSubtrees will not match
+// and valid paths will be rejected. To avoid acceptance of invalid
+// paths, CAs SHOULD state name constraints for distinguished names as
+// permittedSubtrees wherever possible.
+//
+// For permittedSubtrees, the MUST-level requirement is relaxed for
+// compatibility in the case of PrintableString and UTF8String. That is, if a
+// name constraint has been encoded using UTF8String and the presented ID has
+// been encoded with a PrintableString (or vice-versa), they are considered to
+// match if they are equal everywhere except for the tag identifying the
+// encoding. See bug 1150114.
+//
+// For excludedSubtrees, we simply prohibit any non-empty directoryName
+// constraint to ensure we are not being too lenient. We support empty
+// DirectoryName constraints in excludedSubtrees so that a CA can say "Do not
+// allow any DirectoryNames in issued certificates."
+Result
+MatchPresentedDirectoryNameWithConstraint(NameConstraintsSubtrees subtreesType,
+ Input presentedID,
+ Input directoryNameConstraint,
+ /*out*/ bool& matches)
+{
+ Reader constraintRDNs;
+ Result rv = der::ExpectTagAndGetValueAtEnd(directoryNameConstraint,
+ der::SEQUENCE, constraintRDNs);
+ if (rv != Success) {
+ return rv;
+ }
+ Reader presentedRDNs;
+ rv = der::ExpectTagAndGetValueAtEnd(presentedID, der::SEQUENCE,
+ presentedRDNs);
+ if (rv != Success) {
+ return rv;
+ }
+
+ switch (subtreesType) {
+ case NameConstraintsSubtrees::permittedSubtrees:
+ break; // dealt with below
+ case NameConstraintsSubtrees::excludedSubtrees:
+ if (!constraintRDNs.AtEnd() || !presentedRDNs.AtEnd()) {
+ return Result::ERROR_CERT_NOT_IN_NAME_SPACE;
+ }
+ matches = true;
+ return Success;
+ }
+
+ for (;;) {
+ // The AVAs have to be fully equal, but the constraint RDNs just need to be
+ // a prefix of the presented RDNs.
+ if (constraintRDNs.AtEnd()) {
+ matches = true;
+ return Success;
+ }
+ if (presentedRDNs.AtEnd()) {
+ matches = false;
+ return Success;
+ }
+ Reader constraintRDN;
+ rv = der::ExpectTagAndGetValue(constraintRDNs, der::SET, constraintRDN);
+ if (rv != Success) {
+ return rv;
+ }
+ Reader presentedRDN;
+ rv = der::ExpectTagAndGetValue(presentedRDNs, der::SET, presentedRDN);
+ if (rv != Success) {
+ return rv;
+ }
+ while (!constraintRDN.AtEnd() && !presentedRDN.AtEnd()) {
+ Input constraintType;
+ uint8_t constraintValueTag;
+ Input constraintValue;
+ rv = ReadAVA(constraintRDN, constraintType, constraintValueTag,
+ constraintValue);
+ if (rv != Success) {
+ return rv;
+ }
+ Input presentedType;
+ uint8_t presentedValueTag;
+ Input presentedValue;
+ rv = ReadAVA(presentedRDN, presentedType, presentedValueTag,
+ presentedValue);
+ if (rv != Success) {
+ return rv;
+ }
+ // TODO (bug 1155767): verify that if an AVA is a PrintableString it
+ // consists only of characters valid for PrintableStrings.
+ bool avasMatch =
+ InputsAreEqual(constraintType, presentedType) &&
+ InputsAreEqual(constraintValue, presentedValue) &&
+ (constraintValueTag == presentedValueTag ||
+ (constraintValueTag == der::Tag::UTF8String &&
+ presentedValueTag == der::Tag::PrintableString) ||
+ (constraintValueTag == der::Tag::PrintableString &&
+ presentedValueTag == der::Tag::UTF8String));
+ if (!avasMatch) {
+ matches = false;
+ return Success;
+ }
+ }
+ if (!constraintRDN.AtEnd() || !presentedRDN.AtEnd()) {
+ matches = false;
+ return Success;
+ }
+ }
+}
+
+// RFC 5280 says:
+//
+// The format of an rfc822Name is a "Mailbox" as defined in Section 4.1.2
+// of [RFC2821]. A Mailbox has the form "Local-part@Domain". Note that a
+// Mailbox has no phrase (such as a common name) before it, has no comment
+// (text surrounded in parentheses) after it, and is not surrounded by "<"
+// and ">". Rules for encoding Internet mail addresses that include
+// internationalized domain names are specified in Section 7.5.
+//
+// and:
+//
+// A name constraint for Internet mail addresses MAY specify a
+// particular mailbox, all addresses at a particular host, or all
+// mailboxes in a domain. To indicate a particular mailbox, the
+// constraint is the complete mail address. For example,
+// "root@example.com" indicates the root mailbox on the host
+// "example.com". To indicate all Internet mail addresses on a
+// particular host, the constraint is specified as the host name. For
+// example, the constraint "example.com" is satisfied by any mail
+// address at the host "example.com". To specify any address within a
+// domain, the constraint is specified with a leading period (as with
+// URIs). For example, ".example.com" indicates all the Internet mail
+// addresses in the domain "example.com", but not Internet mail
+// addresses on the host "example.com".
+
+bool
+IsValidRFC822Name(Input input)
+{
+ Reader reader(input);
+
+ // Local-part@.
+ bool startOfAtom = true;
+ for (;;) {
+ uint8_t presentedByte;
+ if (reader.Read(presentedByte) != Success) {
+ return false;
+ }
+ switch (presentedByte) {
+ // atext is defined in https://tools.ietf.org/html/rfc2822#section-3.2.4
+ case 'A': case 'a': case 'N': case 'n': case '0': case '!': case '#':
+ case 'B': case 'b': case 'O': case 'o': case '1': case '$': case '%':
+ case 'C': case 'c': case 'P': case 'p': case '2': case '&': case '\'':
+ case 'D': case 'd': case 'Q': case 'q': case '3': case '*': case '+':
+ case 'E': case 'e': case 'R': case 'r': case '4': case '-': case '/':
+ case 'F': case 'f': case 'S': case 's': case '5': case '=': case '?':
+ case 'G': case 'g': case 'T': case 't': case '6': case '^': case '_':
+ case 'H': case 'h': case 'U': case 'u': case '7': case '`': case '{':
+ case 'I': case 'i': case 'V': case 'v': case '8': case '|': case '}':
+ case 'J': case 'j': case 'W': case 'w': case '9': case '~':
+ case 'K': case 'k': case 'X': case 'x':
+ case 'L': case 'l': case 'Y': case 'y':
+ case 'M': case 'm': case 'Z': case 'z':
+ startOfAtom = false;
+ break;
+
+ case '.':
+ if (startOfAtom) {
+ return false;
+ }
+ startOfAtom = true;
+ break;
+
+ case '@':
+ {
+ if (startOfAtom) {
+ return false;
+ }
+ Input domain;
+ if (reader.SkipToEnd(domain) != Success) {
+ return false;
+ }
+ return IsValidDNSID(domain, IDRole::PresentedID, AllowWildcards::No);
+ }
+
+ default:
+ return false;
+ }
+ }
+}
+
+Result
+MatchPresentedRFC822NameWithReferenceRFC822Name(Input presentedRFC822Name,
+ IDRole referenceRFC822NameRole,
+ Input referenceRFC822Name,
+ /*out*/ bool& matches)
+{
+ if (!IsValidRFC822Name(presentedRFC822Name)) {
+ return Result::ERROR_BAD_DER;
+ }
+ Reader presented(presentedRFC822Name);
+
+ switch (referenceRFC822NameRole)
+ {
+ case IDRole::PresentedID:
+ return Result::FATAL_ERROR_INVALID_ARGS;
+
+ case IDRole::ReferenceID:
+ break;
+
+ case IDRole::NameConstraint:
+ {
+ if (InputContains(referenceRFC822Name, '@')) {
+ // The constraint is of the form "Local-part@Domain".
+ break;
+ }
+
+ // The constraint is of the form "example.com" or ".example.com".
+
+ // Skip past the '@' in the presented ID.
+ for (;;) {
+ uint8_t presentedByte;
+ if (presented.Read(presentedByte) != Success) {
+ return Result::FATAL_ERROR_LIBRARY_FAILURE;
+ }
+ if (presentedByte == '@') {
+ break;
+ }
+ }
+
+ Input presentedDNSID;
+ if (presented.SkipToEnd(presentedDNSID) != Success) {
+ return Result::FATAL_ERROR_LIBRARY_FAILURE;
+ }
+
+ return MatchPresentedDNSIDWithReferenceDNSID(
+ presentedDNSID, AllowWildcards::No,
+ AllowDotlessSubdomainMatches::No, IDRole::NameConstraint,
+ referenceRFC822Name, matches);
+ }
+ }
+
+ if (!IsValidRFC822Name(referenceRFC822Name)) {
+ return Result::ERROR_BAD_DER;
+ }
+
+ Reader reference(referenceRFC822Name);
+
+ for (;;) {
+ uint8_t presentedByte;
+ if (presented.Read(presentedByte) != Success) {
+ matches = reference.AtEnd();
+ return Success;
+ }
+ uint8_t referenceByte;
+ if (reference.Read(referenceByte) != Success) {
+ matches = false;
+ return Success;
+ }
+ if (LocaleInsensitveToLower(presentedByte) !=
+ LocaleInsensitveToLower(referenceByte)) {
+ matches = false;
+ return Success;
+ }
+ }
+}
+
+// We avoid isdigit because it is locale-sensitive. See
+// http://pubs.opengroup.org/onlinepubs/009695399/functions/tolower.html.
+inline uint8_t
+LocaleInsensitveToLower(uint8_t a)
+{
+ if (a >= 'A' && a <= 'Z') { // unlikely
+ return static_cast<uint8_t>(
+ static_cast<uint8_t>(a - static_cast<uint8_t>('A')) +
+ static_cast<uint8_t>('a'));
+ }
+ return a;
+}
+
+bool
+StartsWithIDNALabel(Input id)
+{
+ static const uint8_t IDN_ALABEL_PREFIX[4] = { 'x', 'n', '-', '-' };
+ Reader input(id);
+ for (const uint8_t prefixByte : IDN_ALABEL_PREFIX) {
+ uint8_t b;
+ if (input.Read(b) != Success) {
+ return false;
+ }
+ if (b != prefixByte) {
+ return false;
+ }
+ }
+ return true;
+}
+
+bool
+ReadIPv4AddressComponent(Reader& input, bool lastComponent,
+ /*out*/ uint8_t& valueOut)
+{
+ size_t length = 0;
+ unsigned int value = 0; // Must be larger than uint8_t.
+
+ for (;;) {
+ if (input.AtEnd() && lastComponent) {
+ break;
+ }
+
+ uint8_t b;
+ if (input.Read(b) != Success) {
+ return false;
+ }
+
+ if (b >= '0' && b <= '9') {
+ if (value == 0 && length > 0) {
+ return false; // Leading zeros are not allowed.
+ }
+ value = (value * 10) + (b - '0');
+ if (value > 255) {
+ return false; // Component's value is too large.
+ }
+ ++length;
+ } else if (!lastComponent && b == '.') {
+ break;
+ } else {
+ return false; // Invalid character.
+ }
+ }
+
+ if (length == 0) {
+ return false; // empty components not allowed
+ }
+
+ valueOut = static_cast<uint8_t>(value);
+ return true;
+}
+
+} // namespace
+
+// On Windows and maybe other platforms, OS-provided IP address parsing
+// functions might fail if the protocol (IPv4 or IPv6) has been disabled, so we
+// can't rely on them.
+bool
+ParseIPv4Address(Input hostname, /*out*/ uint8_t (&out)[4])
+{
+ Reader input(hostname);
+ return ReadIPv4AddressComponent(input, false, out[0]) &&
+ ReadIPv4AddressComponent(input, false, out[1]) &&
+ ReadIPv4AddressComponent(input, false, out[2]) &&
+ ReadIPv4AddressComponent(input, true, out[3]);
+}
+
+namespace {
+
+bool
+FinishIPv6Address(/*in/out*/ uint8_t (&address)[16], int numComponents,
+ int contractionIndex)
+{
+ assert(numComponents >= 0);
+ assert(numComponents <= 8);
+ assert(contractionIndex >= -1);
+ assert(contractionIndex <= 8);
+ assert(contractionIndex <= numComponents);
+ if (!(numComponents >= 0 &&
+ numComponents <= 8 &&
+ contractionIndex >= -1 &&
+ contractionIndex <= 8 &&
+ contractionIndex <= numComponents)) {
+ return false;
+ }
+
+ if (contractionIndex == -1) {
+ // no contraction
+ return numComponents == 8;
+ }
+
+ if (numComponents >= 8) {
+ return false; // no room left to expand the contraction.
+ }
+
+ // Shift components that occur after the contraction over.
+ std::copy_backward(address + (2u * static_cast<size_t>(contractionIndex)),
+ address + (2u * static_cast<size_t>(numComponents)),
+ address + (2u * 8u));
+ // Fill in the contracted area with zeros.
+ std::fill_n(address + 2u * static_cast<size_t>(contractionIndex),
+ (8u - static_cast<size_t>(numComponents)) * 2u, static_cast<uint8_t>(0u));
+
+ return true;
+}
+
+} // namespace
+
+// On Windows and maybe other platforms, OS-provided IP address parsing
+// functions might fail if the protocol (IPv4 or IPv6) has been disabled, so we
+// can't rely on them.
+bool
+ParseIPv6Address(Input hostname, /*out*/ uint8_t (&out)[16])
+{
+ Reader input(hostname);
+
+ int currentComponentIndex = 0;
+ int contractionIndex = -1;
+
+ if (input.Peek(':')) {
+ // A valid input can only start with ':' if there is a contraction at the
+ // beginning.
+ uint8_t b;
+ if (input.Read(b) != Success || b != ':') {
+ assert(false);
+ return false;
+ }
+ if (input.Read(b) != Success) {
+ return false;
+ }
+ if (b != ':') {
+ return false;
+ }
+ contractionIndex = 0;
+ }
+
+ for (;;) {
+ // If we encounter a '.' then we'll have to backtrack to parse the input
+ // from startOfComponent to the end of the input as an IPv4 address.
+ Reader::Mark startOfComponent(input.GetMark());
+ uint16_t componentValue = 0;
+ size_t componentLength = 0;
+ while (!input.AtEnd() && !input.Peek(':')) {
+ uint8_t value;
+ uint8_t b;
+ if (input.Read(b) != Success) {
+ assert(false);
+ return false;
+ }
+ switch (b) {
+ case '0': case '1': case '2': case '3': case '4':
+ case '5': case '6': case '7': case '8': case '9':
+ value = static_cast<uint8_t>(b - static_cast<uint8_t>('0'));
+ break;
+ case 'a': case 'b': case 'c': case 'd': case 'e': case 'f':
+ value = static_cast<uint8_t>(b - static_cast<uint8_t>('a') +
+ UINT8_C(10));
+ break;
+ case 'A': case 'B': case 'C': case 'D': case 'E': case 'F':
+ value = static_cast<uint8_t>(b - static_cast<uint8_t>('A') +
+ UINT8_C(10));
+ break;
+ case '.':
+ {
+ // A dot indicates we hit a IPv4-syntax component. Backtrack, parsing
+ // the input from startOfComponent to the end of the input as an IPv4
+ // address, and then combine it with the other components.
+
+ if (currentComponentIndex > 6) {
+ return false; // Too many components before the IPv4 component
+ }
+
+ input.SkipToEnd();
+ Input ipv4Component;
+ if (input.GetInput(startOfComponent, ipv4Component) != Success) {
+ return false;
+ }
+ uint8_t (*ipv4)[4] =
+ reinterpret_cast<uint8_t(*)[4]>(&out[2 * currentComponentIndex]);
+ if (!ParseIPv4Address(ipv4Component, *ipv4)) {
+ return false;
+ }
+ assert(input.AtEnd());
+ currentComponentIndex += 2;
+
+ return FinishIPv6Address(out, currentComponentIndex,
+ contractionIndex);
+ }
+ default:
+ return false;
+ }
+ if (componentLength >= 4) {
+ // component too long
+ return false;
+ }
+ ++componentLength;
+ componentValue = (componentValue * 0x10u) + value;
+ }
+
+ if (currentComponentIndex >= 8) {
+ return false; // too many components
+ }
+
+ if (componentLength == 0) {
+ if (input.AtEnd() && currentComponentIndex == contractionIndex) {
+ if (contractionIndex == 0) {
+ // don't accept "::"
+ return false;
+ }
+ return FinishIPv6Address(out, currentComponentIndex,
+ contractionIndex);
+ }
+ return false;
+ }
+
+ out[2 * currentComponentIndex] =
+ static_cast<uint8_t>(componentValue / 0x100);
+ out[(2 * currentComponentIndex) + 1] =
+ static_cast<uint8_t>(componentValue % 0x100);
+
+ ++currentComponentIndex;
+
+ if (input.AtEnd()) {
+ return FinishIPv6Address(out, currentComponentIndex,
+ contractionIndex);
+ }
+
+ uint8_t b;
+ if (input.Read(b) != Success || b != ':') {
+ assert(false);
+ return false;
+ }
+
+ if (input.Peek(':')) {
+ // Contraction
+ if (contractionIndex != -1) {
+ return false; // multiple contractions are not allowed.
+ }
+ if (input.Read(b) != Success || b != ':') {
+ assert(false);
+ return false;
+ }
+ contractionIndex = currentComponentIndex;
+ if (input.AtEnd()) {
+ // "::" at the end of the input.
+ return FinishIPv6Address(out, currentComponentIndex,
+ contractionIndex);
+ }
+ }
+ }
+}
+
+bool
+IsValidReferenceDNSID(Input hostname)
+{
+ return IsValidDNSID(hostname, IDRole::ReferenceID, AllowWildcards::No);
+}
+
+bool
+IsValidPresentedDNSID(Input hostname)
+{
+ return IsValidDNSID(hostname, IDRole::PresentedID, AllowWildcards::Yes);
+}
+
+namespace {
+
+// RFC 5280 Section 4.2.1.6 says that a dNSName "MUST be in the 'preferred name
+// syntax', as specified by Section 3.5 of [RFC1034] and as modified by Section
+// 2.1 of [RFC1123]" except "a dNSName of ' ' MUST NOT be used." Additionally,
+// we allow underscores for compatibility with existing practice.
+bool
+IsValidDNSID(Input hostname, IDRole idRole, AllowWildcards allowWildcards)
+{
+ if (hostname.GetLength() > 253) {
+ return false;
+ }
+
+ Reader input(hostname);
+
+ if (idRole == IDRole::NameConstraint && input.AtEnd()) {
+ return true;
+ }
+
+ size_t dotCount = 0;
+ size_t labelLength = 0;
+ bool labelIsAllNumeric = false;
+ bool labelEndsWithHyphen = false;
+
+ // Only presented IDs are allowed to have wildcard labels. And, like
+ // Chromium, be stricter than RFC 6125 requires by insisting that a
+ // wildcard label consist only of '*'.
+ bool isWildcard = allowWildcards == AllowWildcards::Yes && input.Peek('*');
+ bool isFirstByte = !isWildcard;
+ if (isWildcard) {
+ Result rv = input.Skip(1);
+ if (rv != Success) {
+ assert(false);
+ return false;
+ }
+
+ uint8_t b;
+ rv = input.Read(b);
+ if (rv != Success) {
+ return false;
+ }
+ if (b != '.') {
+ return false;
+ }
+ ++dotCount;
+ }
+
+ do {
+ static const size_t MAX_LABEL_LENGTH = 63;
+
+ uint8_t b;
+ if (input.Read(b) != Success) {
+ return false;
+ }
+ switch (b) {
+ case '-':
+ if (labelLength == 0) {
+ return false; // Labels must not start with a hyphen.
+ }
+ labelIsAllNumeric = false;
+ labelEndsWithHyphen = true;
+ ++labelLength;
+ if (labelLength > MAX_LABEL_LENGTH) {
+ return false;
+ }
+ break;
+
+ // We avoid isdigit because it is locale-sensitive. See
+ // http://pubs.opengroup.org/onlinepubs/009695399/functions/isdigit.html
+ case '0': case '5':
+ case '1': case '6':
+ case '2': case '7':
+ case '3': case '8':
+ case '4': case '9':
+ if (labelLength == 0) {
+ labelIsAllNumeric = true;
+ }
+ labelEndsWithHyphen = false;
+ ++labelLength;
+ if (labelLength > MAX_LABEL_LENGTH) {
+ return false;
+ }
+ break;
+
+ // We avoid using islower/isupper/tolower/toupper or similar things, to
+ // avoid any possibility of this code being locale-sensitive. See
+ // http://pubs.opengroup.org/onlinepubs/009695399/functions/isupper.html
+ case 'a': case 'A': case 'n': case 'N':
+ case 'b': case 'B': case 'o': case 'O':
+ case 'c': case 'C': case 'p': case 'P':
+ case 'd': case 'D': case 'q': case 'Q':
+ case 'e': case 'E': case 'r': case 'R':
+ case 'f': case 'F': case 's': case 'S':
+ case 'g': case 'G': case 't': case 'T':
+ case 'h': case 'H': case 'u': case 'U':
+ case 'i': case 'I': case 'v': case 'V':
+ case 'j': case 'J': case 'w': case 'W':
+ case 'k': case 'K': case 'x': case 'X':
+ case 'l': case 'L': case 'y': case 'Y':
+ case 'm': case 'M': case 'z': case 'Z':
+ // We allow underscores for compatibility with existing practices.
+ // See bug 1136616.
+ case '_':
+ labelIsAllNumeric = false;
+ labelEndsWithHyphen = false;
+ ++labelLength;
+ if (labelLength > MAX_LABEL_LENGTH) {
+ return false;
+ }
+ break;
+
+ case '.':
+ ++dotCount;
+ if (labelLength == 0 &&
+ (idRole != IDRole::NameConstraint || !isFirstByte)) {
+ return false;
+ }
+ if (labelEndsWithHyphen) {
+ return false; // Labels must not end with a hyphen.
+ }
+ labelLength = 0;
+ break;
+
+ default:
+ return false; // Invalid character.
+ }
+ isFirstByte = false;
+ } while (!input.AtEnd());
+
+ // Only reference IDs, not presented IDs or name constraints, may be
+ // absolute.
+ if (labelLength == 0 && idRole != IDRole::ReferenceID) {
+ return false;
+ }
+
+ if (labelEndsWithHyphen) {
+ return false; // Labels must not end with a hyphen.
+ }
+
+ if (labelIsAllNumeric) {
+ return false; // Last label must not be all numeric.
+ }
+
+ if (isWildcard) {
+ // If the DNS ID ends with a dot, the last dot signifies an absolute ID.
+ size_t labelCount = (labelLength == 0) ? dotCount : (dotCount + 1);
+
+ // Like NSS, require at least two labels to follow the wildcard label.
+ //
+ // TODO(bug XXXXXXX): Allow the TrustDomain to control this on a
+ // per-eTLD+1 basis, similar to Chromium. Even then, it might be better to
+ // still enforce that there are at least two labels after the wildcard.
+ if (labelCount < 3) {
+ return false;
+ }
+ // XXX: RFC6125 says that we shouldn't accept wildcards within an IDN
+ // A-Label. The consequence of this is that we effectively discriminate
+ // against users of languages that cannot be encoded with ASCII.
+ if (StartsWithIDNALabel(hostname)) {
+ return false;
+ }
+
+ // TODO(bug XXXXXXX): Wildcards are not allowed for EV certificates.
+ // Provide an option to indicate whether wildcards should be matched, for
+ // the purpose of helping the application enforce this.
+ }
+
+ return true;
+}
+
+} // namespace
+
+} } // namespace mozilla::pkix
diff --git a/security/nss/lib/mozpkix/lib/pkixnss.cpp b/security/nss/lib/mozpkix/lib/pkixnss.cpp
new file mode 100644
index 000000000..9b293d5fd
--- /dev/null
+++ b/security/nss/lib/mozpkix/lib/pkixnss.cpp
@@ -0,0 +1,236 @@
+/*- *- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "mozpkix/pkixnss.h"
+
+#include <limits>
+
+#include "cryptohi.h"
+#include "keyhi.h"
+#include "pk11pub.h"
+#include "mozpkix/nss_scoped_ptrs.h"
+#include "mozpkix/pkix.h"
+#include "mozpkix/pkixutil.h"
+#include "secerr.h"
+#include "sslerr.h"
+
+namespace mozilla { namespace pkix {
+
+namespace {
+
+Result
+VerifySignedDigest(const SignedDigest& sd,
+ Input subjectPublicKeyInfo,
+ SECOidTag pubKeyAlg,
+ void* pkcs11PinArg)
+{
+ SECOidTag digestAlg;
+ switch (sd.digestAlgorithm) {
+ case DigestAlgorithm::sha512: digestAlg = SEC_OID_SHA512; break;
+ case DigestAlgorithm::sha384: digestAlg = SEC_OID_SHA384; break;
+ case DigestAlgorithm::sha256: digestAlg = SEC_OID_SHA256; break;
+ case DigestAlgorithm::sha1: digestAlg = SEC_OID_SHA1; break;
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+
+ SECItem subjectPublicKeyInfoSECItem =
+ UnsafeMapInputToSECItem(subjectPublicKeyInfo);
+ ScopedCERTSubjectPublicKeyInfo
+ spki(SECKEY_DecodeDERSubjectPublicKeyInfo(&subjectPublicKeyInfoSECItem));
+ if (!spki) {
+ return MapPRErrorCodeToResult(PR_GetError());
+ }
+ ScopedSECKEYPublicKey
+ pubKey(SECKEY_ExtractPublicKey(spki.get()));
+ if (!pubKey) {
+ return MapPRErrorCodeToResult(PR_GetError());
+ }
+
+ SECItem digestSECItem(UnsafeMapInputToSECItem(sd.digest));
+ SECItem signatureSECItem(UnsafeMapInputToSECItem(sd.signature));
+ SECStatus srv = VFY_VerifyDigestDirect(&digestSECItem, pubKey.get(),
+ &signatureSECItem, pubKeyAlg,
+ digestAlg, pkcs11PinArg);
+ if (srv != SECSuccess) {
+ return MapPRErrorCodeToResult(PR_GetError());
+ }
+
+ return Success;
+}
+
+} // namespace
+
+Result
+VerifyRSAPKCS1SignedDigestNSS(const SignedDigest& sd,
+ Input subjectPublicKeyInfo,
+ void* pkcs11PinArg)
+{
+ return VerifySignedDigest(sd, subjectPublicKeyInfo,
+ SEC_OID_PKCS1_RSA_ENCRYPTION, pkcs11PinArg);
+}
+
+Result
+VerifyECDSASignedDigestNSS(const SignedDigest& sd,
+ Input subjectPublicKeyInfo,
+ void* pkcs11PinArg)
+{
+ return VerifySignedDigest(sd, subjectPublicKeyInfo,
+ SEC_OID_ANSIX962_EC_PUBLIC_KEY, pkcs11PinArg);
+}
+
+Result
+DigestBufNSS(Input item,
+ DigestAlgorithm digestAlg,
+ /*out*/ uint8_t* digestBuf,
+ size_t digestBufLen)
+{
+ SECOidTag oid;
+ size_t bits;
+ switch (digestAlg) {
+ case DigestAlgorithm::sha512: oid = SEC_OID_SHA512; bits = 512; break;
+ case DigestAlgorithm::sha384: oid = SEC_OID_SHA384; bits = 384; break;
+ case DigestAlgorithm::sha256: oid = SEC_OID_SHA256; bits = 256; break;
+ case DigestAlgorithm::sha1: oid = SEC_OID_SHA1; bits = 160; break;
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+ if (digestBufLen != bits / 8) {
+ return Result::FATAL_ERROR_INVALID_ARGS;
+ }
+
+ SECItem itemSECItem = UnsafeMapInputToSECItem(item);
+ if (itemSECItem.len >
+ static_cast<decltype(itemSECItem.len)>(
+ std::numeric_limits<int32_t>::max())) {
+ PR_NOT_REACHED("large items should not be possible here");
+ return Result::FATAL_ERROR_INVALID_ARGS;
+ }
+ SECStatus srv = PK11_HashBuf(oid, digestBuf, itemSECItem.data,
+ static_cast<int32_t>(itemSECItem.len));
+ if (srv != SECSuccess) {
+ return MapPRErrorCodeToResult(PR_GetError());
+ }
+ return Success;
+}
+
+Result
+MapPRErrorCodeToResult(PRErrorCode error)
+{
+ switch (error)
+ {
+#define MOZILLA_PKIX_MAP(mozilla_pkix_result, value, nss_result) \
+ case nss_result: return Result::mozilla_pkix_result;
+
+ MOZILLA_PKIX_MAP_LIST
+
+#undef MOZILLA_PKIX_MAP
+
+ default:
+ return Result::ERROR_UNKNOWN_ERROR;
+ }
+}
+
+PRErrorCode
+MapResultToPRErrorCode(Result result)
+{
+ switch (result)
+ {
+#define MOZILLA_PKIX_MAP(mozilla_pkix_result, value, nss_result) \
+ case Result::mozilla_pkix_result: return nss_result;
+
+ MOZILLA_PKIX_MAP_LIST
+
+#undef MOZILLA_PKIX_MAP
+
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+}
+
+void
+RegisterErrorTable()
+{
+ // Note that these error strings are not localizable.
+ // When these strings change, update the localization information too.
+ static const PRErrorMessage ErrorTableText[] = {
+ { "MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE",
+ "The server uses key pinning (HPKP) but no trusted certificate chain "
+ "could be constructed that matches the pinset. Key pinning violations "
+ "cannot be overridden." },
+ { "MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY",
+ "The server uses a certificate with a basic constraints extension "
+ "identifying it as a certificate authority. For a properly-issued "
+ "certificate, this should not be the case." },
+ { "MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE",
+ "The server presented a certificate with a key size that is too small "
+ "to establish a secure connection." },
+ { "MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA",
+ "An X.509 version 1 certificate that is not a trust anchor was used to "
+ "issue the server's certificate. X.509 version 1 certificates are "
+ "deprecated and should not be used to sign other certificates." },
+ { "MOZILLA_PKIX_ERROR_NO_RFC822NAME_MATCH",
+ "The certificate is not valid for the given email address." },
+ { "MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE",
+ "The server presented a certificate that is not yet valid." },
+ { "MOZILLA_PKIX_ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE",
+ "A certificate that is not yet valid was used to issue the server's "
+ "certificate." },
+ { "MOZILLA_PKIX_ERROR_SIGNATURE_ALGORITHM_MISMATCH",
+ "The signature algorithm in the signature field of the certificate does "
+ "not match the algorithm in its signatureAlgorithm field." },
+ { "MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING",
+ "The OCSP response does not include a status for the certificate being "
+ "verified." },
+ { "MOZILLA_PKIX_ERROR_VALIDITY_TOO_LONG",
+ "The server presented a certificate that is valid for too long." },
+ { "MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING",
+ "A required TLS feature is missing." },
+ { "MOZILLA_PKIX_ERROR_INVALID_INTEGER_ENCODING",
+ "The server presented a certificate that contains an invalid encoding of "
+ "an integer. Common causes include negative serial numbers, negative RSA "
+ "moduli, and encodings that are longer than necessary." },
+ { "MOZILLA_PKIX_ERROR_EMPTY_ISSUER_NAME",
+ "The server presented a certificate with an empty issuer distinguished "
+ "name." },
+ { "MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED",
+ "An additional policy constraint failed when validating this "
+ "certificate." },
+ { "MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT",
+ "The certificate is not trusted because it is self-signed." },
+ { "MOZILLA_PKIX_ERROR_MITM_DETECTED",
+ "Your connection is being intercepted by a TLS proxy. Uninstall it if "
+ "possible or configure your device to trust its root certificate." },
+ };
+ // Note that these error strings are not localizable.
+ // When these strings change, update the localization information too.
+
+ static const PRErrorTable ErrorTable = {
+ ErrorTableText,
+ "pkixerrors",
+ ERROR_BASE,
+ PR_ARRAY_SIZE(ErrorTableText)
+ };
+
+ (void) PR_ErrorInstallTable(&ErrorTable);
+}
+
+} } // namespace mozilla::pkix
diff --git a/security/nss/lib/mozpkix/lib/pkixocsp.cpp b/security/nss/lib/mozpkix/lib/pkixocsp.cpp
new file mode 100644
index 000000000..a81154417
--- /dev/null
+++ b/security/nss/lib/mozpkix/lib/pkixocsp.cpp
@@ -0,0 +1,1012 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <limits>
+
+#include "mozpkix/pkix.h"
+#include "mozpkix/pkixcheck.h"
+#include "mozpkix/pkixutil.h"
+
+namespace {
+
+const size_t SHA1_DIGEST_LENGTH = 160 / 8;
+
+} // namespace
+
+namespace mozilla { namespace pkix {
+
+// These values correspond to the tag values in the ASN.1 CertStatus
+enum class CertStatus : uint8_t {
+ Good = der::CONTEXT_SPECIFIC | 0,
+ Revoked = der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 1,
+ Unknown = der::CONTEXT_SPECIFIC | 2
+};
+
+class Context final
+{
+public:
+ Context(TrustDomain& aTrustDomain, const CertID& aCertID, Time aTime,
+ uint16_t aMaxLifetimeInDays, /*optional out*/ Time* aThisUpdate,
+ /*optional out*/ Time* aValidThrough)
+ : trustDomain(aTrustDomain)
+ , certID(aCertID)
+ , time(aTime)
+ , maxLifetimeInDays(aMaxLifetimeInDays)
+ , certStatus(CertStatus::Unknown)
+ , thisUpdate(aThisUpdate)
+ , validThrough(aValidThrough)
+ , expired(false)
+ , matchFound(false)
+ {
+ if (thisUpdate) {
+ *thisUpdate = TimeFromElapsedSecondsAD(0);
+ }
+ if (validThrough) {
+ *validThrough = TimeFromElapsedSecondsAD(0);
+ }
+ }
+
+ TrustDomain& trustDomain;
+ const CertID& certID;
+ const Time time;
+ const uint16_t maxLifetimeInDays;
+ CertStatus certStatus;
+ Time* thisUpdate;
+ Time* validThrough;
+ bool expired;
+
+ Input signedCertificateTimestamps;
+
+ // Keep track of whether the OCSP response contains the status of the
+ // certificate we're interested in. Responders might reply without
+ // including the status of any of the requested certs, we should
+ // indicate a server failure in those cases.
+ bool matchFound;
+
+ Context(const Context&) = delete;
+ void operator=(const Context&) = delete;
+};
+
+// Verify that potentialSigner is a valid delegated OCSP response signing cert
+// according to RFC 6960 section 4.2.2.2.
+static Result
+CheckOCSPResponseSignerCert(TrustDomain& trustDomain,
+ BackCert& potentialSigner,
+ Input issuerSubject,
+ Input issuerSubjectPublicKeyInfo,
+ Time time)
+{
+ Result rv;
+
+ // We don't need to do a complete verification of the signer (i.e. we don't
+ // have to call BuildCertChain to verify the entire chain) because we
+ // already know that the issuer is valid, since revocation checking is done
+ // from the root to the parent after we've built a complete chain that we
+ // know is otherwise valid. Rather, we just need to do a one-step validation
+ // from potentialSigner to the issuer.
+ //
+ // It seems reasonable to require the KU_DIGITAL_SIGNATURE key usage on the
+ // OCSP responder certificate if the OCSP responder certificate has a
+ // key usage extension. However, according to bug 240456, some OCSP responder
+ // certificates may have only the nonRepudiation bit set. Also, the OCSP
+ // specification (RFC 6960) does not mandate any particular key usage to be
+ // asserted for OCSP responde signers. Oddly, the CABForum Baseline
+ // Requirements v.1.1.5 do say "If the Root CA Private Key is used for
+ // signing OCSP responses, then the digitalSignature bit MUST be set."
+ //
+ // Note that CheckIssuerIndependentProperties processes
+ // SEC_OID_OCSP_RESPONDER in the way that the OCSP specification requires us
+ // to--in particular, it doesn't allow SEC_OID_OCSP_RESPONDER to be implied
+ // by a missing EKU extension, unlike other EKUs.
+ //
+ // TODO(bug 926261): If we're validating for a policy then the policy OID we
+ // are validating for should be passed to CheckIssuerIndependentProperties.
+ TrustLevel unusedTrustLevel;
+ rv = CheckIssuerIndependentProperties(trustDomain, potentialSigner, time,
+ KeyUsage::noParticularKeyUsageRequired,
+ KeyPurposeId::id_kp_OCSPSigning,
+ CertPolicyId::anyPolicy, 0,
+ unusedTrustLevel);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // It is possible that there exists a certificate with the same key as the
+ // issuer but with a different name, so we need to compare names
+ // XXX(bug 926270) XXX(bug 1008133) XXX(bug 980163): Improve name
+ // comparison.
+ // TODO: needs test
+ if (!InputsAreEqual(potentialSigner.GetIssuer(), issuerSubject)) {
+ return Result::ERROR_OCSP_RESPONDER_CERT_INVALID;
+ }
+
+ // TODO(bug 926260): check name constraints
+
+ rv = VerifySignedData(trustDomain, potentialSigner.GetSignedData(),
+ issuerSubjectPublicKeyInfo);
+
+ // TODO: check for revocation of the OCSP responder certificate unless no-check
+ // or the caller forcing no-check. To properly support the no-check policy, we'd
+ // need to enforce policy constraints from the issuerChain.
+
+ return rv;
+}
+
+enum class ResponderIDType : uint8_t
+{
+ byName = der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 1,
+ byKey = der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 2
+};
+
+static inline Result OCSPResponse(Reader&, Context&);
+static inline Result ResponseBytes(Reader&, Context&);
+static inline Result BasicResponse(Reader&, Context&);
+static inline Result ResponseData(
+ Reader& tbsResponseData,
+ Context& context,
+ const der::SignedDataWithSignature& signedResponseData,
+ const DERArray& certs);
+static inline Result SingleResponse(Reader& input, Context& context);
+static Result ExtensionNotUnderstood(Reader& extnID, Input extnValue,
+ bool critical, /*out*/ bool& understood);
+static Result RememberSingleExtension(Context& context, Reader& extnID,
+ Input extnValue, bool critical,
+ /*out*/ bool& understood);
+// It is convention to name the function after the part of the data structure
+// we're parsing from the RFC (e.g. OCSPResponse, ResponseBytes).
+// But since we also have a C++ type called CertID, this function doesn't
+// follow the convention to prevent shadowing.
+static inline Result MatchCertID(Reader& input,
+ const Context& context,
+ /*out*/ bool& match);
+static Result MatchKeyHash(TrustDomain& trustDomain,
+ Input issuerKeyHash,
+ Input issuerSubjectPublicKeyInfo,
+ /*out*/ bool& match);
+static Result KeyHash(TrustDomain& trustDomain,
+ Input subjectPublicKeyInfo,
+ /*out*/ uint8_t* hashBuf, size_t hashBufSize);
+
+static Result
+MatchResponderID(TrustDomain& trustDomain,
+ ResponderIDType responderIDType,
+ Input responderID,
+ Input potentialSignerSubject,
+ Input potentialSignerSubjectPublicKeyInfo,
+ /*out*/ bool& match)
+{
+ match = false;
+
+ switch (responderIDType) {
+ case ResponderIDType::byName:
+ // XXX(bug 926270) XXX(bug 1008133) XXX(bug 980163): Improve name
+ // comparison.
+ match = InputsAreEqual(responderID, potentialSignerSubject);
+ return Success;
+
+ case ResponderIDType::byKey:
+ {
+ Reader input(responderID);
+ Input keyHash;
+ Result rv = der::ExpectTagAndGetValue(input, der::OCTET_STRING, keyHash);
+ if (rv != Success) {
+ return rv;
+ }
+ return MatchKeyHash(trustDomain, keyHash,
+ potentialSignerSubjectPublicKeyInfo, match);
+ }
+
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+}
+
+static Result
+VerifyOCSPSignedData(TrustDomain& trustDomain,
+ const der::SignedDataWithSignature& signedResponseData,
+ Input spki)
+{
+ Result rv = VerifySignedData(trustDomain, signedResponseData, spki);
+ if (rv == Result::ERROR_BAD_SIGNATURE) {
+ rv = Result::ERROR_OCSP_BAD_SIGNATURE;
+ }
+ return rv;
+}
+
+// RFC 6960 section 4.2.2.2: The OCSP responder must either be the issuer of
+// the cert or it must be a delegated OCSP response signing cert directly
+// issued by the issuer. If the OCSP responder is a delegated OCSP response
+// signer, then its certificate is (probably) embedded within the OCSP
+// response and we'll need to verify that it is a valid certificate that chains
+// *directly* to issuerCert.
+static Result
+VerifySignature(Context& context, ResponderIDType responderIDType,
+ Input responderID, const DERArray& certs,
+ const der::SignedDataWithSignature& signedResponseData)
+{
+ bool match;
+ Result rv = MatchResponderID(context.trustDomain, responderIDType,
+ responderID, context.certID.issuer,
+ context.certID.issuerSubjectPublicKeyInfo,
+ match);
+ if (rv != Success) {
+ return rv;
+ }
+ if (match) {
+ return VerifyOCSPSignedData(context.trustDomain, signedResponseData,
+ context.certID.issuerSubjectPublicKeyInfo);
+ }
+
+ size_t numCerts = certs.GetLength();
+ for (size_t i = 0; i < numCerts; ++i) {
+ BackCert cert(*certs.GetDER(i), EndEntityOrCA::MustBeEndEntity, nullptr);
+ rv = cert.Init();
+ if (rv != Success) {
+ return rv;
+ }
+ rv = MatchResponderID(context.trustDomain, responderIDType, responderID,
+ cert.GetSubject(), cert.GetSubjectPublicKeyInfo(),
+ match);
+ if (rv != Success) {
+ if (IsFatalError(rv)) {
+ return rv;
+ }
+ continue;
+ }
+
+ if (match) {
+ rv = CheckOCSPResponseSignerCert(context.trustDomain, cert,
+ context.certID.issuer,
+ context.certID.issuerSubjectPublicKeyInfo,
+ context.time);
+ if (rv != Success) {
+ if (IsFatalError(rv)) {
+ return rv;
+ }
+ continue;
+ }
+
+ return VerifyOCSPSignedData(context.trustDomain, signedResponseData,
+ cert.GetSubjectPublicKeyInfo());
+ }
+ }
+
+ return Result::ERROR_OCSP_INVALID_SIGNING_CERT;
+}
+
+static inline Result
+MapBadDERToMalformedOCSPResponse(Result rv)
+{
+ if (rv == Result::ERROR_BAD_DER) {
+ return Result::ERROR_OCSP_MALFORMED_RESPONSE;
+ }
+ return rv;
+}
+
+Result
+VerifyEncodedOCSPResponse(TrustDomain& trustDomain, const struct CertID& certID,
+ Time time, uint16_t maxOCSPLifetimeInDays,
+ Input encodedResponse,
+ /*out*/ bool& expired,
+ /*optional out*/ Time* thisUpdate,
+ /*optional out*/ Time* validThrough)
+{
+ // Always initialize this to something reasonable.
+ expired = false;
+
+ Context context(trustDomain, certID, time, maxOCSPLifetimeInDays,
+ thisUpdate, validThrough);
+
+ Reader input(encodedResponse);
+ Result rv = der::Nested(input, der::SEQUENCE, [&context](Reader& r) {
+ return OCSPResponse(r, context);
+ });
+ if (rv != Success) {
+ return MapBadDERToMalformedOCSPResponse(rv);
+ }
+ rv = der::End(input);
+ if (rv != Success) {
+ return MapBadDERToMalformedOCSPResponse(rv);
+ }
+ if (!context.matchFound) {
+ return Result::ERROR_OCSP_RESPONSE_FOR_CERT_MISSING;
+ }
+
+ expired = context.expired;
+
+ switch (context.certStatus) {
+ case CertStatus::Good:
+ if (expired) {
+ return Result::ERROR_OCSP_OLD_RESPONSE;
+ }
+ if (context.signedCertificateTimestamps.GetLength()) {
+ Input sctList;
+ rv = ExtractSignedCertificateTimestampListFromExtension(
+ context.signedCertificateTimestamps, sctList);
+ if (rv != Success) {
+ return MapBadDERToMalformedOCSPResponse(rv);
+ }
+ context.trustDomain.NoteAuxiliaryExtension(
+ AuxiliaryExtension::SCTListFromOCSPResponse, sctList);
+ }
+ return Success;
+ case CertStatus::Revoked:
+ return Result::ERROR_REVOKED_CERTIFICATE;
+ case CertStatus::Unknown:
+ return Result::ERROR_OCSP_UNKNOWN_CERT;
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+}
+
+// OCSPResponse ::= SEQUENCE {
+// responseStatus OCSPResponseStatus,
+// responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
+//
+static inline Result
+OCSPResponse(Reader& input, Context& context)
+{
+ // OCSPResponseStatus ::= ENUMERATED {
+ // successful (0), -- Response has valid confirmations
+ // malformedRequest (1), -- Illegal confirmation request
+ // internalError (2), -- Internal error in issuer
+ // tryLater (3), -- Try again later
+ // -- (4) is not used
+ // sigRequired (5), -- Must sign the request
+ // unauthorized (6) -- Request unauthorized
+ // }
+ uint8_t responseStatus;
+
+ Result rv = der::Enumerated(input, responseStatus);
+ if (rv != Success) {
+ return rv;
+ }
+ switch (responseStatus) {
+ case 0: break; // successful
+ case 1: return Result::ERROR_OCSP_MALFORMED_REQUEST;
+ case 2: return Result::ERROR_OCSP_SERVER_ERROR;
+ case 3: return Result::ERROR_OCSP_TRY_SERVER_LATER;
+ case 5: return Result::ERROR_OCSP_REQUEST_NEEDS_SIG;
+ case 6: return Result::ERROR_OCSP_UNAUTHORIZED_REQUEST;
+ default: return Result::ERROR_OCSP_UNKNOWN_RESPONSE_STATUS;
+ }
+
+ return der::Nested(input, der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 0,
+ der::SEQUENCE, [&context](Reader& r) {
+ return ResponseBytes(r, context);
+ });
+}
+
+// ResponseBytes ::= SEQUENCE {
+// responseType OBJECT IDENTIFIER,
+// response OCTET STRING }
+static inline Result
+ResponseBytes(Reader& input, Context& context)
+{
+ static const uint8_t id_pkix_ocsp_basic[] = {
+ 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01
+ };
+
+ Result rv = der::OID(input, id_pkix_ocsp_basic);
+ if (rv != Success) {
+ return rv;
+ }
+
+ return der::Nested(input, der::OCTET_STRING, der::SEQUENCE,
+ [&context](Reader& r) {
+ return BasicResponse(r, context);
+ });
+}
+
+// BasicOCSPResponse ::= SEQUENCE {
+// tbsResponseData ResponseData,
+// signatureAlgorithm AlgorithmIdentifier,
+// signature BIT STRING,
+// certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+Result
+BasicResponse(Reader& input, Context& context)
+{
+ Reader tbsResponseData;
+ der::SignedDataWithSignature signedData;
+ Result rv = der::SignedData(input, tbsResponseData, signedData);
+ if (rv != Success) {
+ if (rv == Result::ERROR_BAD_SIGNATURE) {
+ return Result::ERROR_OCSP_BAD_SIGNATURE;
+ }
+ return rv;
+ }
+
+ // Parse certificates, if any
+ NonOwningDERArray certs;
+ if (!input.AtEnd()) {
+ rv = der::Nested(input, der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 0,
+ der::SEQUENCE, [&certs](Reader& certsDER) -> Result {
+ while (!certsDER.AtEnd()) {
+ Input cert;
+ Result nestedRv =
+ der::ExpectTagAndGetTLV(certsDER, der::SEQUENCE, cert);
+ if (nestedRv != Success) {
+ return nestedRv;
+ }
+ nestedRv = certs.Append(cert);
+ if (nestedRv != Success) {
+ return Result::ERROR_BAD_DER; // Too many certs
+ }
+ }
+ return Success;
+ });
+ if (rv != Success) {
+ return rv;
+ }
+ }
+
+ return ResponseData(tbsResponseData, context, signedData, certs);
+}
+
+// ResponseData ::= SEQUENCE {
+// version [0] EXPLICIT Version DEFAULT v1,
+// responderID ResponderID,
+// producedAt GeneralizedTime,
+// responses SEQUENCE OF SingleResponse,
+// responseExtensions [1] EXPLICIT Extensions OPTIONAL }
+static inline Result
+ResponseData(Reader& input, Context& context,
+ const der::SignedDataWithSignature& signedResponseData,
+ const DERArray& certs)
+{
+ der::Version version;
+ Result rv = der::OptionalVersion(input, version);
+ if (rv != Success) {
+ return rv;
+ }
+ if (version != der::Version::v1) {
+ // TODO: more specific error code for bad version?
+ return Result::ERROR_BAD_DER;
+ }
+
+ // ResponderID ::= CHOICE {
+ // byName [1] Name,
+ // byKey [2] KeyHash }
+ Input responderID;
+ ResponderIDType responderIDType
+ = input.Peek(static_cast<uint8_t>(ResponderIDType::byName))
+ ? ResponderIDType::byName
+ : ResponderIDType::byKey;
+ rv = der::ExpectTagAndGetValue(input, static_cast<uint8_t>(responderIDType),
+ responderID);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // This is the soonest we can verify the signature. We verify the signature
+ // right away to follow the principal of minimizing the processing of data
+ // before verifying its signature.
+ rv = VerifySignature(context, responderIDType, responderID, certs,
+ signedResponseData);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // TODO: Do we even need to parse this? Should we just skip it?
+ Time producedAt(Time::uninitialized);
+ rv = der::GeneralizedTime(input, producedAt);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // We don't accept an empty sequence of responses. In practice, a legit OCSP
+ // responder will never return an empty response, and handling the case of an
+ // empty response makes things unnecessarily complicated.
+ rv = der::NestedOf(input, der::SEQUENCE, der::SEQUENCE,
+ der::EmptyAllowed::No, [&context](Reader& r) {
+ return SingleResponse(r, context);
+ });
+ if (rv != Success) {
+ return rv;
+ }
+
+ return der::OptionalExtensions(input,
+ der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 1,
+ ExtensionNotUnderstood);
+}
+
+// SingleResponse ::= SEQUENCE {
+// certID CertID,
+// certStatus CertStatus,
+// thisUpdate GeneralizedTime,
+// nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
+// singleExtensions [1] EXPLICIT Extensions{{re-ocsp-crl |
+// re-ocsp-archive-cutoff |
+// CrlEntryExtensions, ...}
+// } OPTIONAL }
+static inline Result
+SingleResponse(Reader& input, Context& context)
+{
+ bool match = false;
+ Result rv = der::Nested(input, der::SEQUENCE, [&context, &match](Reader& r) {
+ return MatchCertID(r, context, match);
+ });
+ if (rv != Success) {
+ return rv;
+ }
+
+ if (!match) {
+ // This response does not reference the certificate we're interested in.
+ // By consuming the rest of our input and returning successfully, we can
+ // continue processing and examine another response that might have what
+ // we want.
+ input.SkipToEnd();
+ return Success;
+ }
+
+ // We found a response for the cert we're interested in.
+ context.matchFound = true;
+
+ // CertStatus ::= CHOICE {
+ // good [0] IMPLICIT NULL,
+ // revoked [1] IMPLICIT RevokedInfo,
+ // unknown [2] IMPLICIT UnknownInfo }
+ //
+ // In the event of multiple SingleResponses for a cert that have conflicting
+ // statuses, we use the following precedence rules:
+ //
+ // * revoked overrides good and unknown
+ // * good overrides unknown
+ if (input.Peek(static_cast<uint8_t>(CertStatus::Good))) {
+ rv = der::ExpectTagAndEmptyValue(input,
+ static_cast<uint8_t>(CertStatus::Good));
+ if (rv != Success) {
+ return rv;
+ }
+ if (context.certStatus != CertStatus::Revoked) {
+ context.certStatus = CertStatus::Good;
+ }
+ } else if (input.Peek(static_cast<uint8_t>(CertStatus::Revoked))) {
+ // We don't need any info from the RevokedInfo structure, so we don't even
+ // parse it. TODO: We should mention issues like this in the explanation of
+ // why we treat invalid OCSP responses equivalently to revoked for OCSP
+ // stapling.
+ rv = der::ExpectTagAndSkipValue(input,
+ static_cast<uint8_t>(CertStatus::Revoked));
+ if (rv != Success) {
+ return rv;
+ }
+ context.certStatus = CertStatus::Revoked;
+ } else {
+ rv = der::ExpectTagAndEmptyValue(input,
+ static_cast<uint8_t>(CertStatus::Unknown));
+ if (rv != Success) {
+ return rv;
+ }
+ }
+
+ // http://tools.ietf.org/html/rfc6960#section-3.2
+ // 5. The time at which the status being indicated is known to be
+ // correct (thisUpdate) is sufficiently recent;
+ // 6. When available, the time at or before which newer information will
+ // be available about the status of the certificate (nextUpdate) is
+ // greater than the current time.
+
+ Time thisUpdate(Time::uninitialized);
+ rv = der::GeneralizedTime(input, thisUpdate);
+ if (rv != Success) {
+ return rv;
+ }
+
+ static const uint64_t SLOP_SECONDS = Time::ONE_DAY_IN_SECONDS;
+
+ Time timePlusSlop(context.time);
+ rv = timePlusSlop.AddSeconds(SLOP_SECONDS);
+ if (rv != Success) {
+ return rv;
+ }
+ if (thisUpdate > timePlusSlop) {
+ return Result::ERROR_OCSP_FUTURE_RESPONSE;
+ }
+
+ Time notAfter(Time::uninitialized);
+ static const uint8_t NEXT_UPDATE_TAG =
+ der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 0;
+ if (input.Peek(NEXT_UPDATE_TAG)) {
+ Time nextUpdate(Time::uninitialized);
+ rv = der::Nested(input, NEXT_UPDATE_TAG, [&nextUpdate](Reader& r) {
+ return der::GeneralizedTime(r, nextUpdate);
+ });
+ if (rv != Success) {
+ return rv;
+ }
+
+ if (nextUpdate < thisUpdate) {
+ return Result::ERROR_OCSP_MALFORMED_RESPONSE;
+ }
+ notAfter = thisUpdate;
+ if (notAfter.AddSeconds(context.maxLifetimeInDays *
+ Time::ONE_DAY_IN_SECONDS) != Success) {
+ // This could only happen if we're dealing with times beyond the year
+ // 10,000AD.
+ return Result::ERROR_OCSP_FUTURE_RESPONSE;
+ }
+ if (nextUpdate <= notAfter) {
+ notAfter = nextUpdate;
+ }
+ } else {
+ // NSS requires all OCSP responses without a nextUpdate to be recent.
+ // Match that stricter behavior.
+ notAfter = thisUpdate;
+ if (notAfter.AddSeconds(Time::ONE_DAY_IN_SECONDS) != Success) {
+ // This could only happen if we're dealing with times beyond the year
+ // 10,000AD.
+ return Result::ERROR_OCSP_FUTURE_RESPONSE;
+ }
+ }
+
+ // Add some slop to hopefully handle clock-skew.
+ Time notAfterPlusSlop(notAfter);
+ rv = notAfterPlusSlop.AddSeconds(SLOP_SECONDS);
+ if (rv != Success) {
+ // This could only happen if we're dealing with times beyond the year
+ // 10,000AD.
+ return Result::ERROR_OCSP_FUTURE_RESPONSE;
+ }
+ if (context.time > notAfterPlusSlop) {
+ context.expired = true;
+ }
+
+ rv = der::OptionalExtensions(
+ input,
+ der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 1,
+ [&context](Reader& extnID, const Input& extnValue, bool critical,
+ /*out*/ bool& understood) {
+ return RememberSingleExtension(context, extnID, extnValue, critical,
+ understood);
+ });
+
+ if (rv != Success) {
+ return rv;
+ }
+
+ if (context.thisUpdate) {
+ *context.thisUpdate = thisUpdate;
+ }
+ if (context.validThrough) {
+ *context.validThrough = notAfterPlusSlop;
+ }
+
+ return Success;
+}
+
+// CertID ::= SEQUENCE {
+// hashAlgorithm AlgorithmIdentifier,
+// issuerNameHash OCTET STRING, -- Hash of issuer's DN
+// issuerKeyHash OCTET STRING, -- Hash of issuer's public key
+// serialNumber CertificateSerialNumber }
+static inline Result
+MatchCertID(Reader& input, const Context& context, /*out*/ bool& match)
+{
+ match = false;
+
+ DigestAlgorithm hashAlgorithm;
+ Result rv = der::DigestAlgorithmIdentifier(input, hashAlgorithm);
+ if (rv != Success) {
+ if (rv == Result::ERROR_INVALID_ALGORITHM) {
+ // Skip entries that are hashed with algorithms we don't support.
+ input.SkipToEnd();
+ return Success;
+ }
+ return rv;
+ }
+
+ Input issuerNameHash;
+ rv = der::ExpectTagAndGetValue(input, der::OCTET_STRING, issuerNameHash);
+ if (rv != Success) {
+ return rv;
+ }
+
+ Input issuerKeyHash;
+ rv = der::ExpectTagAndGetValue(input, der::OCTET_STRING, issuerKeyHash);
+ if (rv != Success) {
+ return rv;
+ }
+
+ Input serialNumber;
+ rv = der::CertificateSerialNumber(input, serialNumber);
+ if (rv != Success) {
+ return rv;
+ }
+
+ if (!InputsAreEqual(serialNumber, context.certID.serialNumber)) {
+ // This does not reference the certificate we're interested in.
+ // Consume the rest of the input and return successfully to
+ // potentially continue processing other responses.
+ input.SkipToEnd();
+ return Success;
+ }
+
+ // TODO: support SHA-2 hashes.
+
+ if (hashAlgorithm != DigestAlgorithm::sha1) {
+ // Again, not interested in this response. Consume input, return success.
+ input.SkipToEnd();
+ return Success;
+ }
+
+ if (issuerNameHash.GetLength() != SHA1_DIGEST_LENGTH) {
+ return Result::ERROR_OCSP_MALFORMED_RESPONSE;
+ }
+
+ // From http://tools.ietf.org/html/rfc6960#section-4.1.1:
+ // "The hash shall be calculated over the DER encoding of the
+ // issuer's name field in the certificate being checked."
+ uint8_t hashBuf[SHA1_DIGEST_LENGTH];
+ rv = context.trustDomain.DigestBuf(context.certID.issuer,
+ DigestAlgorithm::sha1, hashBuf,
+ sizeof(hashBuf));
+ if (rv != Success) {
+ return rv;
+ }
+ Input computed(hashBuf);
+ if (!InputsAreEqual(computed, issuerNameHash)) {
+ // Again, not interested in this response. Consume input, return success.
+ input.SkipToEnd();
+ return Success;
+ }
+
+ return MatchKeyHash(context.trustDomain, issuerKeyHash,
+ context.certID.issuerSubjectPublicKeyInfo, match);
+}
+
+// From http://tools.ietf.org/html/rfc6960#section-4.1.1:
+// "The hash shall be calculated over the value (excluding tag and length) of
+// the subject public key field in the issuer's certificate."
+//
+// From http://tools.ietf.org/html/rfc6960#appendix-B.1:
+// KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key
+// -- (i.e., the SHA-1 hash of the value of the
+// -- BIT STRING subjectPublicKey [excluding
+// -- the tag, length, and number of unused
+// -- bits] in the responder's certificate)
+static Result
+MatchKeyHash(TrustDomain& trustDomain, Input keyHash,
+ const Input subjectPublicKeyInfo, /*out*/ bool& match)
+{
+ if (keyHash.GetLength() != SHA1_DIGEST_LENGTH) {
+ return Result::ERROR_OCSP_MALFORMED_RESPONSE;
+ }
+ uint8_t hashBuf[SHA1_DIGEST_LENGTH];
+ Result rv = KeyHash(trustDomain, subjectPublicKeyInfo, hashBuf,
+ sizeof hashBuf);
+ if (rv != Success) {
+ return rv;
+ }
+ Input computed(hashBuf);
+ match = InputsAreEqual(computed, keyHash);
+ return Success;
+}
+
+// TODO(bug 966856): support SHA-2 hashes
+Result
+KeyHash(TrustDomain& trustDomain, const Input subjectPublicKeyInfo,
+ /*out*/ uint8_t* hashBuf, size_t hashBufSize)
+{
+ if (!hashBuf || hashBufSize != SHA1_DIGEST_LENGTH) {
+ return Result::FATAL_ERROR_LIBRARY_FAILURE;
+ }
+
+ // RFC 5280 Section 4.1
+ //
+ // SubjectPublicKeyInfo ::= SEQUENCE {
+ // algorithm AlgorithmIdentifier,
+ // subjectPublicKey BIT STRING }
+
+ Reader spki;
+ Result rv = der::ExpectTagAndGetValueAtEnd(subjectPublicKeyInfo,
+ der::SEQUENCE, spki);
+ if (rv != Success) {
+ return rv;
+ }
+
+ // Skip AlgorithmIdentifier
+ rv = der::ExpectTagAndSkipValue(spki, der::SEQUENCE);
+ if (rv != Success) {
+ return rv;
+ }
+
+ Input subjectPublicKey;
+ rv = der::BitStringWithNoUnusedBits(spki, subjectPublicKey);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = der::End(spki);
+ if (rv != Success) {
+ return rv;
+ }
+
+ return trustDomain.DigestBuf(subjectPublicKey, DigestAlgorithm::sha1,
+ hashBuf, hashBufSize);
+}
+
+Result
+ExtensionNotUnderstood(Reader& /*extnID*/, Input /*extnValue*/,
+ bool /*critical*/, /*out*/ bool& understood)
+{
+ understood = false;
+ return Success;
+}
+
+Result
+RememberSingleExtension(Context& context, Reader& extnID, Input extnValue,
+ bool /*critical*/, /*out*/ bool& understood)
+{
+ understood = false;
+
+ // SingleExtension for Signed Certificate Timestamp List.
+ // See Section 3.3 of RFC 6962.
+ // python DottedOIDToCode.py
+ // id_ocsp_singleExtensionSctList 1.3.6.1.4.1.11129.2.4.5
+ static const uint8_t id_ocsp_singleExtensionSctList[] = {
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x04, 0x05
+ };
+
+ if (extnID.MatchRest(id_ocsp_singleExtensionSctList)) {
+ // Empty values are not allowed for this extension. Note that
+ // we assume this later, when checking if the extension was present.
+ if (extnValue.GetLength() == 0) {
+ return Result::ERROR_EXTENSION_VALUE_INVALID;
+ }
+ if (context.signedCertificateTimestamps.Init(extnValue) != Success) {
+ // Duplicate extension.
+ return Result::ERROR_EXTENSION_VALUE_INVALID;
+ }
+ understood = true;
+ }
+
+ return Success;
+}
+
+// 1. The certificate identified in a received response corresponds to
+// the certificate that was identified in the corresponding request;
+// 2. The signature on the response is valid;
+// 3. The identity of the signer matches the intended recipient of the
+// request;
+// 4. The signer is currently authorized to provide a response for the
+// certificate in question;
+// 5. The time at which the status being indicated is known to be
+// correct (thisUpdate) is sufficiently recent;
+// 6. When available, the time at or before which newer information will
+// be available about the status of the certificate (nextUpdate) is
+// greater than the current time.
+//
+// Responses whose nextUpdate value is earlier than
+// the local system time value SHOULD be considered unreliable.
+// Responses whose thisUpdate time is later than the local system time
+// SHOULD be considered unreliable.
+//
+// If nextUpdate is not set, the responder is indicating that newer
+// revocation information is available all the time.
+//
+// http://tools.ietf.org/html/rfc5019#section-4
+
+Result
+CreateEncodedOCSPRequest(TrustDomain& trustDomain, const struct CertID& certID,
+ /*out*/ uint8_t (&out)[OCSP_REQUEST_MAX_LENGTH],
+ /*out*/ size_t& outLen)
+{
+ // We do not add any extensions to the request.
+
+ // RFC 6960 says "An OCSP client MAY wish to specify the kinds of response
+ // types it understands. To do so, it SHOULD use an extension with the OID
+ // id-pkix-ocsp-response." This use of MAY and SHOULD is unclear. MSIE11
+ // on Windows 8.1 does not include any extensions, whereas NSS has always
+ // included the id-pkix-ocsp-response extension. Avoiding the sending the
+ // extension is better for OCSP GET because it makes the request smaller,
+ // and thus more likely to fit within the 255 byte limit for OCSP GET that
+ // is specified in RFC 5019 Section 5.
+
+ // Bug 966856: Add the id-pkix-ocsp-pref-sig-algs extension.
+
+ // Since we don't know whether the OCSP responder supports anything other
+ // than SHA-1, we have no choice but to use SHA-1 for issuerNameHash and
+ // issuerKeyHash.
+ static const uint8_t hashAlgorithm[11] = {
+ 0x30, 0x09, // SEQUENCE
+ 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, // OBJECT IDENTIFIER id-sha1
+ 0x05, 0x00, // NULL
+ };
+ static const uint8_t hashLen = 160 / 8;
+
+ static const unsigned int totalLenWithoutSerialNumberData
+ = 2 // OCSPRequest
+ + 2 // tbsRequest
+ + 2 // requestList
+ + 2 // Request
+ + 2 // reqCert (CertID)
+ + sizeof(hashAlgorithm) // hashAlgorithm
+ + 2 + hashLen // issuerNameHash
+ + 2 + hashLen // issuerKeyHash
+ + 2; // serialNumber (header)
+
+ // The only way we could have a request this large is if the serialNumber was
+ // ridiculously and unreasonably large. RFC 5280 says "Conforming CAs MUST
+ // NOT use serialNumber values longer than 20 octets." With this restriction,
+ // we allow for some amount of non-conformance with that requirement while
+ // still ensuring we can encode the length values in the ASN.1 TLV structures
+ // in a single byte.
+ static_assert(totalLenWithoutSerialNumberData < OCSP_REQUEST_MAX_LENGTH,
+ "totalLenWithoutSerialNumberData too big");
+ if (certID.serialNumber.GetLength() >
+ OCSP_REQUEST_MAX_LENGTH - totalLenWithoutSerialNumberData) {
+ return Result::ERROR_BAD_DER;
+ }
+
+ outLen = totalLenWithoutSerialNumberData + certID.serialNumber.GetLength();
+
+ uint8_t totalLen = static_cast<uint8_t>(outLen);
+
+ uint8_t* d = out;
+ *d++ = 0x30; *d++ = totalLen - 2u; // OCSPRequest (SEQUENCE)
+ *d++ = 0x30; *d++ = totalLen - 4u; // tbsRequest (SEQUENCE)
+ *d++ = 0x30; *d++ = totalLen - 6u; // requestList (SEQUENCE OF)
+ *d++ = 0x30; *d++ = totalLen - 8u; // Request (SEQUENCE)
+ *d++ = 0x30; *d++ = totalLen - 10u; // reqCert (CertID SEQUENCE)
+
+ // reqCert.hashAlgorithm
+ for (const uint8_t hashAlgorithmByte : hashAlgorithm) {
+ *d++ = hashAlgorithmByte;
+ }
+
+ // reqCert.issuerNameHash (OCTET STRING)
+ *d++ = 0x04;
+ *d++ = hashLen;
+ Result rv = trustDomain.DigestBuf(certID.issuer, DigestAlgorithm::sha1, d,
+ hashLen);
+ if (rv != Success) {
+ return rv;
+ }
+ d += hashLen;
+
+ // reqCert.issuerKeyHash (OCTET STRING)
+ *d++ = 0x04;
+ *d++ = hashLen;
+ rv = KeyHash(trustDomain, certID.issuerSubjectPublicKeyInfo, d, hashLen);
+ if (rv != Success) {
+ return rv;
+ }
+ d += hashLen;
+
+ // reqCert.serialNumber (INTEGER)
+ *d++ = 0x02; // INTEGER
+ *d++ = static_cast<uint8_t>(certID.serialNumber.GetLength());
+ Reader serialNumber(certID.serialNumber);
+ do {
+ rv = serialNumber.Read(*d);
+ if (rv != Success) {
+ return rv;
+ }
+ ++d;
+ } while (!serialNumber.AtEnd());
+
+ assert(d == out + totalLen);
+
+ return Success;
+}
+
+} } // namespace mozilla::pkix
diff --git a/security/nss/lib/mozpkix/lib/pkixresult.cpp b/security/nss/lib/mozpkix/lib/pkixresult.cpp
new file mode 100644
index 000000000..871d9a0fe
--- /dev/null
+++ b/security/nss/lib/mozpkix/lib/pkixresult.cpp
@@ -0,0 +1,46 @@
+/*- *- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "mozpkix/Result.h"
+#include "mozpkix/pkixutil.h"
+
+namespace mozilla { namespace pkix {
+
+const char*
+MapResultToName(Result result)
+{
+ switch (result)
+ {
+#define MOZILLA_PKIX_MAP(mozilla_pkix_result, value, nss_result) \
+ case Result::mozilla_pkix_result: return "Result::" #mozilla_pkix_result;
+
+ MOZILLA_PKIX_MAP_LIST
+
+#undef MOZILLA_PKIX_MAP
+
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+}
+
+} } // namespace mozilla::pkix
diff --git a/security/nss/lib/mozpkix/lib/pkixtime.cpp b/security/nss/lib/mozpkix/lib/pkixtime.cpp
new file mode 100644
index 000000000..38e063804
--- /dev/null
+++ b/security/nss/lib/mozpkix/lib/pkixtime.cpp
@@ -0,0 +1,78 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2014 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "mozpkix/Time.h"
+#include "mozpkix/pkixutil.h"
+
+#ifdef _WINDOWS
+#ifdef _MSC_VER
+#pragma warning(push, 3)
+#endif
+#include "windows.h"
+#ifdef _MSC_VER
+#pragma warning(pop)
+#endif
+#else
+#include "sys/time.h"
+#endif
+
+namespace mozilla { namespace pkix {
+
+Time
+Now()
+{
+ uint64_t seconds;
+
+#ifdef _WINDOWS
+ // "Contains a 64-bit value representing the number of 100-nanosecond
+ // intervals since January 1, 1601 (UTC)."
+ // - http://msdn.microsoft.com/en-us/library/windows/desktop/ms724284(v=vs.85).aspx
+ FILETIME ft;
+ GetSystemTimeAsFileTime(&ft);
+ uint64_t ft64 = (static_cast<uint64_t>(ft.dwHighDateTime) << 32) |
+ ft.dwLowDateTime;
+ seconds = (DaysBeforeYear(1601) * Time::ONE_DAY_IN_SECONDS) +
+ ft64 / (1000u * 1000u * 1000u / 100u);
+#else
+ // "The gettimeofday() function shall obtain the current time, expressed as
+ // seconds and microseconds since the Epoch."
+ // - http://pubs.opengroup.org/onlinepubs/009695399/functions/gettimeofday.html
+ timeval tv;
+ (void) gettimeofday(&tv, nullptr);
+ seconds = (DaysBeforeYear(1970) * Time::ONE_DAY_IN_SECONDS) +
+ static_cast<uint64_t>(tv.tv_sec);
+#endif
+
+ return TimeFromElapsedSecondsAD(seconds);
+}
+
+Time
+TimeFromEpochInSeconds(uint64_t secondsSinceEpoch)
+{
+ uint64_t seconds = (DaysBeforeYear(1970) * Time::ONE_DAY_IN_SECONDS) +
+ secondsSinceEpoch;
+ return TimeFromElapsedSecondsAD(seconds);
+}
+
+} } // namespace mozilla::pkix
diff --git a/security/nss/lib/mozpkix/lib/pkixverify.cpp b/security/nss/lib/mozpkix/lib/pkixverify.cpp
new file mode 100644
index 000000000..8ceb2c184
--- /dev/null
+++ b/security/nss/lib/mozpkix/lib/pkixverify.cpp
@@ -0,0 +1,106 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2015 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "mozpkix/pkixutil.h"
+
+namespace mozilla { namespace pkix {
+
+Result
+DigestSignedData(TrustDomain& trustDomain,
+ const der::SignedDataWithSignature& signedData,
+ /*out*/ uint8_t(&digestBuf)[MAX_DIGEST_SIZE_IN_BYTES],
+ /*out*/ der::PublicKeyAlgorithm& publicKeyAlg,
+ /*out*/ SignedDigest& signedDigest)
+{
+ Reader signatureAlg(signedData.algorithm);
+ Result rv = der::SignatureAlgorithmIdentifierValue(
+ signatureAlg, publicKeyAlg, signedDigest.digestAlgorithm);
+ if (rv != Success) {
+ return rv;
+ }
+ if (!signatureAlg.AtEnd()) {
+ return Result::ERROR_BAD_DER;
+ }
+
+ size_t digestLen;
+ switch (signedDigest.digestAlgorithm) {
+ case DigestAlgorithm::sha512: digestLen = 512 / 8; break;
+ case DigestAlgorithm::sha384: digestLen = 384 / 8; break;
+ case DigestAlgorithm::sha256: digestLen = 256 / 8; break;
+ case DigestAlgorithm::sha1: digestLen = 160 / 8; break;
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+ assert(digestLen <= sizeof(digestBuf));
+
+ rv = trustDomain.DigestBuf(signedData.data, signedDigest.digestAlgorithm,
+ digestBuf, digestLen);
+ if (rv != Success) {
+ return rv;
+ }
+ rv = signedDigest.digest.Init(digestBuf, digestLen);
+ if (rv != Success) {
+ return rv;
+ }
+
+ return signedDigest.signature.Init(signedData.signature);
+}
+
+Result
+VerifySignedDigest(TrustDomain& trustDomain,
+ der::PublicKeyAlgorithm publicKeyAlg,
+ const SignedDigest& signedDigest,
+ Input signerSubjectPublicKeyInfo)
+{
+ switch (publicKeyAlg) {
+ case der::PublicKeyAlgorithm::ECDSA:
+ return trustDomain.VerifyECDSASignedDigest(signedDigest,
+ signerSubjectPublicKeyInfo);
+ case der::PublicKeyAlgorithm::RSA_PKCS1:
+ return trustDomain.VerifyRSAPKCS1SignedDigest(signedDigest,
+ signerSubjectPublicKeyInfo);
+ case der::PublicKeyAlgorithm::Uninitialized:
+ assert(false);
+ return Result::FATAL_ERROR_LIBRARY_FAILURE;
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+}
+
+Result
+VerifySignedData(TrustDomain& trustDomain,
+ const der::SignedDataWithSignature& signedData,
+ Input signerSubjectPublicKeyInfo)
+{
+ uint8_t digestBuf[MAX_DIGEST_SIZE_IN_BYTES];
+ der::PublicKeyAlgorithm publicKeyAlg;
+ SignedDigest signedDigest;
+ Result rv = DigestSignedData(trustDomain, signedData, digestBuf,
+ publicKeyAlg, signedDigest);
+ if (rv != Success) {
+ return rv;
+ }
+ return VerifySignedDigest(trustDomain, publicKeyAlg, signedDigest,
+ signerSubjectPublicKeyInfo);
+}
+
+} } // namespace mozilla::pkix
diff --git a/security/nss/lib/mozpkix/mozpkix.gyp b/security/nss/lib/mozpkix/mozpkix.gyp
new file mode 100644
index 000000000..1c552ba5f
--- /dev/null
+++ b/security/nss/lib/mozpkix/mozpkix.gyp
@@ -0,0 +1,60 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'mozpkix',
+ 'type': 'static_library',
+ 'standalone_static_library': 1,
+ 'sources': [
+ 'lib/pkixbuild.cpp',
+ 'lib/pkixcert.cpp',
+ 'lib/pkixcheck.cpp',
+ 'lib/pkixder.cpp',
+ 'lib/pkixnames.cpp',
+ 'lib/pkixnss.cpp',
+ 'lib/pkixocsp.cpp',
+ 'lib/pkixresult.cpp',
+ 'lib/pkixtime.cpp',
+ 'lib/pkixverify.cpp',
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_mozpkix_exports',
+ ],
+ 'conditions': [
+ [ 'mozpkix_only==0', {
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ],
+ }],
+ ],
+ },
+ {
+ 'target_name': 'mozpkix-testlib',
+ 'type': 'static_library',
+ 'standalone_static_library': 1,
+ 'sources': [
+ 'test-lib/pkixtestalg.cpp',
+ 'test-lib/pkixtestnss.cpp',
+ 'test-lib/pkixtestutil.cpp',
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_mozpkix_exports',
+ ],
+ 'conditions': [
+ [ 'mozpkix_only==0', {
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ],
+ }],
+ ],
+ },
+ ],
+ 'variables': {
+ 'module': 'nss',
+ }
+}
diff --git a/security/nss/lib/mozpkix/test-lib/pkixtestalg.cpp b/security/nss/lib/mozpkix/test-lib/pkixtestalg.cpp
new file mode 100644
index 000000000..304641e2f
--- /dev/null
+++ b/security/nss/lib/mozpkix/test-lib/pkixtestalg.cpp
@@ -0,0 +1,211 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2015 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "mozpkix/test/pkixtestutil.h"
+
+#include "mozpkix/pkixder.h"
+#include "mozpkix/nss_scoped_ptrs.h"
+
+// python DottedOIDToCode.py --prefixdefine PREFIX_1_2_840_10040 1.2.840.10040
+#define PREFIX_1_2_840_10040 0x2a, 0x86, 0x48, 0xce, 0x38
+
+// python DottedOIDToCode.py --prefixdefine PREFIX_1_2_840_10045 1.2.840.10045
+#define PREFIX_1_2_840_10045 0x2a, 0x86, 0x48, 0xce, 0x3d
+
+// python DottedOIDToCode.py --prefixdefine PREFIX_1_2_840_113549 1.2.840.113549
+#define PREFIX_1_2_840_113549 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d
+
+namespace mozilla { namespace pkix { namespace test {
+
+namespace {
+
+enum class NULLParam { NO, YES };
+
+template <size_t SIZE>
+ByteString
+OID(const uint8_t (&rawValue)[SIZE])
+{
+ return TLV(der::OIDTag, ByteString(rawValue, SIZE));
+}
+
+template <size_t SIZE>
+ByteString
+SimpleAlgID(const uint8_t (&rawValue)[SIZE],
+ NULLParam nullParam = NULLParam::NO)
+{
+ ByteString sequenceValue(OID(rawValue));
+ if (nullParam == NULLParam::YES) {
+ sequenceValue.append(TLV(der::NULLTag, ByteString()));
+ }
+ return TLV(der::SEQUENCE, sequenceValue);
+}
+
+template <size_t SIZE>
+ByteString
+DERInteger(const uint8_t (&rawValue)[SIZE])
+{
+ ByteString value(rawValue, SIZE);
+ if (value[0] & 0x80u) {
+ // Prefix with a leading zero to disambiguate this from a negative value.
+ value.insert(value.begin(), 0x00);
+ }
+ return TLV(der::INTEGER, value);
+}
+
+// Generated with "openssl dsaparam -C -noout 2048" and reformatted.
+// openssl 1.0 or later must be used so that a 256-bit Q value is
+// generated.
+static const uint8_t DSS_P_RAW[] =
+{
+ 0xB3,0xCD,0x29,0x44,0xF0,0x25,0xA7,0x73,0xFC,0x86,0x70,0xA2,
+ 0x69,0x5A,0x97,0x3F,0xBD,0x1C,0x6F,0xAA,0x4A,0x40,0x42,0x8E,
+ 0xCF,0xAE,0x62,0x12,0xED,0xB4,0xFD,0x05,0xC2,0xAE,0xB1,0x8C,
+ 0xFC,0xBE,0x38,0x90,0xBB,0x7C,0xFF,0x16,0xF4,0xED,0xCE,0x72,
+ 0x12,0x93,0x83,0xF0,0xA4,0xA1,0x71,0xDC,0x4B,0xF0,0x4E,0x3A,
+ 0x2B,0xFA,0x17,0xB7,0xB3,0x2A,0xCC,0x2C,0xD3,0xC8,0x21,0x49,
+ 0x7A,0x83,0x71,0x8B,0x3D,0x62,0x96,0xDC,0xAD,0xA8,0x03,0xBE,
+ 0x1D,0x33,0x11,0xF3,0xEB,0xD8,0x1B,0x8D,0xDB,0x62,0x79,0x83,
+ 0xF8,0x67,0x4E,0x62,0x21,0x2C,0x81,0x59,0xE8,0x73,0xD7,0xAF,
+ 0xB9,0x63,0x60,0xEA,0xAE,0xEC,0x68,0x6A,0xB4,0xB0,0x65,0xBA,
+ 0xA3,0x4C,0x09,0x99,0x29,0x6A,0x2E,0x2B,0xFC,0x6D,0x51,0xCA,
+ 0x30,0xA2,0x2F,0x7A,0x65,0x76,0xA7,0x55,0x13,0x11,0xA0,0x02,
+ 0xA2,0x59,0x4B,0xCE,0xA7,0x05,0xF6,0x07,0x35,0x9B,0x41,0xD7,
+ 0x11,0x5A,0x18,0x57,0xA7,0x78,0x88,0xC3,0xA8,0xE3,0x39,0xF5,
+ 0x47,0x3D,0x2E,0x18,0x54,0xB0,0xF0,0xBF,0x65,0x3F,0x77,0xC7,
+ 0x11,0xB8,0x0D,0x52,0xAD,0xC8,0xE8,0x6D,0xF6,0x7E,0x88,0x65,
+ 0x84,0x2B,0xF7,0xEF,0x8E,0xB5,0x7C,0xBD,0x2E,0x0D,0xF3,0xC6,
+ 0xDD,0x0B,0xB4,0xF2,0x23,0x1F,0xDA,0x55,0x05,0xF5,0xDC,0x53,
+ 0xA6,0x83,0xDA,0x5C,0xEF,0x29,0x02,0x78,0x68,0xD0,0xA4,0x39,
+ 0x09,0x7F,0xFA,0x49,0x18,0xD0,0xB5,0x19,0x35,0x31,0x8E,0xDE,
+ 0x43,0x35,0xA3,0xB9,0x6D,0xC1,0x70,0xC6,0x0D,0x18,0x24,0xEB,
+ 0x1E,0x4D,0x52,0xB7,
+};
+
+static const uint8_t DSS_Q_RAW[] =
+{
+ 0x8D,0x6B,0x86,0x89,0x9C,0x8D,0x30,0x91,0xCC,0x6E,0x34,0xF1,
+ 0xE8,0x9C,0x8A,0x5C,0xD6,0xAB,0x01,0x1E,0xC4,0xDB,0xFD,0x07,
+ 0xEB,0x5F,0x4E,0xE8,0xFA,0xFC,0x98,0x2D,
+};
+
+static const uint8_t DSS_G_RAW[] =
+{
+ 0x0E,0x2C,0x34,0xB2,0xE1,0x66,0x49,0xB6,0x9A,0x7D,0x67,0x3E,
+ 0xEE,0x98,0x35,0x18,0x28,0x35,0xFC,0x05,0x36,0x3B,0x94,0xE6,
+ 0x1E,0x1C,0x5B,0x05,0x3E,0x86,0x1B,0xE3,0xED,0xD2,0xE1,0xF3,
+ 0xF7,0xF7,0x60,0x6D,0x7D,0xA1,0xAF,0x9A,0xD1,0xDF,0xA2,0x9C,
+ 0xFC,0xA2,0xEB,0x90,0x8B,0x1C,0x82,0x92,0x45,0x7B,0x30,0x2A,
+ 0xFD,0x7A,0xE6,0x68,0x8F,0xEC,0x89,0x3A,0x9A,0xAD,0xFE,0x25,
+ 0x5E,0x51,0xC5,0x29,0x45,0x7F,0xAC,0xDE,0xFC,0xB4,0x1B,0x3A,
+ 0xDA,0xC7,0x21,0x68,0x87,0x27,0x8D,0x7B,0xB2,0xBB,0x41,0x60,
+ 0x46,0x42,0x5B,0x6B,0xE8,0x80,0xD2,0xE4,0xA3,0x30,0x8F,0xD5,
+ 0x71,0x07,0x8A,0x7B,0x32,0x56,0x84,0x41,0x1C,0xDF,0x69,0xE9,
+ 0xFD,0xBA,0x48,0xE0,0x43,0xA0,0x38,0x92,0x12,0xF3,0x52,0xA5,
+ 0x40,0x87,0xCB,0x34,0xBB,0x3E,0x25,0x29,0x3C,0xC6,0xA5,0x17,
+ 0xFD,0x58,0x47,0x89,0xDB,0x9B,0xB9,0xCF,0xE9,0xA8,0xF2,0xEC,
+ 0x55,0x76,0xF5,0xF1,0x9C,0x6E,0x0A,0x3F,0x16,0x5F,0x49,0x31,
+ 0x31,0x1C,0x43,0xA2,0x83,0xDA,0xDD,0x7F,0x1C,0xEA,0x05,0x36,
+ 0x7B,0xED,0x09,0xFB,0x6F,0x8A,0x2B,0x55,0xB9,0xBC,0x4A,0x8C,
+ 0x28,0xC1,0x4D,0x13,0x6E,0x47,0xF4,0xAD,0x79,0x00,0xE9,0x5A,
+ 0xB6,0xC7,0x73,0x28,0xA9,0x89,0xAD,0xE8,0x6E,0xC6,0x54,0xA5,
+ 0x56,0x2D,0xAA,0x81,0x83,0x9E,0xC1,0x13,0x79,0xA4,0x12,0xE0,
+ 0x76,0x1F,0x25,0x43,0xB6,0xDE,0x56,0xF7,0x52,0xCC,0x07,0xB8,
+ 0x37,0xE2,0x8C,0xC5,0x56,0x8C,0xDD,0x63,0xF5,0xB6,0xA3,0x46,
+ 0x62,0xF6,0x35,0x76,
+};
+
+} // namespace
+
+TestSignatureAlgorithm::TestSignatureAlgorithm(
+ const TestPublicKeyAlgorithm& aPublicKeyAlg,
+ TestDigestAlgorithmID aDigestAlg,
+ const ByteString& aAlgorithmIdentifier,
+ bool aAccepted)
+ : publicKeyAlg(aPublicKeyAlg)
+ , digestAlg(aDigestAlg)
+ , algorithmIdentifier(aAlgorithmIdentifier)
+ , accepted(aAccepted)
+{
+}
+
+ByteString DSS_P() { return ByteString(DSS_P_RAW, sizeof(DSS_P_RAW)); }
+ByteString DSS_Q() { return ByteString(DSS_Q_RAW, sizeof(DSS_Q_RAW)); }
+ByteString DSS_G() { return ByteString(DSS_G_RAW, sizeof(DSS_G_RAW)); }
+
+TestPublicKeyAlgorithm
+DSS()
+{
+ static const uint8_t oidValue[] = { PREFIX_1_2_840_10040, 4, 1 };
+
+ // RFC 3279 Section-2.3.2
+ return TestPublicKeyAlgorithm(
+ TLV(der::SEQUENCE,
+ OID(oidValue) +
+ TLV(der::SEQUENCE,
+ DERInteger(DSS_P_RAW) +
+ DERInteger(DSS_Q_RAW) +
+ DERInteger(DSS_G_RAW))));
+}
+
+// RFC 3279 Section 2.3.1
+TestPublicKeyAlgorithm
+RSA_PKCS1()
+{
+ static const uint8_t rsaEncryption[] = { PREFIX_1_2_840_113549, 1, 1, 1 };
+ return TestPublicKeyAlgorithm(SimpleAlgID(rsaEncryption, NULLParam::YES));
+}
+
+// RFC 3279 Section 2.2.1
+TestSignatureAlgorithm md2WithRSAEncryption()
+{
+ static const uint8_t oidValue[] = { PREFIX_1_2_840_113549, 1, 1, 2 };
+ return TestSignatureAlgorithm(RSA_PKCS1(), TestDigestAlgorithmID::MD2,
+ SimpleAlgID(oidValue), false);
+}
+
+// RFC 3279 Section 2.2.1
+TestSignatureAlgorithm md5WithRSAEncryption()
+{
+ static const uint8_t oidValue[] = { PREFIX_1_2_840_113549, 1, 1, 4 };
+ return TestSignatureAlgorithm(RSA_PKCS1(), TestDigestAlgorithmID::MD5,
+ SimpleAlgID(oidValue), false);
+}
+
+// RFC 3279 Section 2.2.1
+TestSignatureAlgorithm sha1WithRSAEncryption()
+{
+ static const uint8_t oidValue[] = { PREFIX_1_2_840_113549, 1, 1, 5 };
+ return TestSignatureAlgorithm(RSA_PKCS1(), TestDigestAlgorithmID::SHA1,
+ SimpleAlgID(oidValue), true);
+}
+
+// RFC 4055 Section 5
+TestSignatureAlgorithm sha256WithRSAEncryption()
+{
+ static const uint8_t oidValue[] = { PREFIX_1_2_840_113549, 1, 1, 11 };
+ return TestSignatureAlgorithm(RSA_PKCS1(), TestDigestAlgorithmID::SHA256,
+ SimpleAlgID(oidValue), true);
+}
+
+} } } // namespace mozilla::pkix
diff --git a/security/nss/lib/mozpkix/test-lib/pkixtestnss.cpp b/security/nss/lib/mozpkix/test-lib/pkixtestnss.cpp
new file mode 100644
index 000000000..ee59b1d97
--- /dev/null
+++ b/security/nss/lib/mozpkix/test-lib/pkixtestnss.cpp
@@ -0,0 +1,364 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "mozpkix/test/pkixtestutil.h"
+#include "mozpkix/test/pkixtestnss.h"
+
+#include <limits>
+
+#include "cryptohi.h"
+#include "keyhi.h"
+#include "nss.h"
+#include "pk11pqg.h"
+#include "pk11pub.h"
+#include "mozpkix/nss_scoped_ptrs.h"
+#include "mozpkix/pkixnss.h"
+#include "mozpkix/pkixder.h"
+#include "mozpkix/pkixutil.h"
+#include "prinit.h"
+#include "secerr.h"
+#include "secitem.h"
+
+namespace mozilla { namespace pkix { namespace test {
+
+namespace {
+
+TestKeyPair* GenerateKeyPairInner();
+
+void
+InitNSSIfNeeded()
+{
+ if (NSS_NoDB_Init(nullptr) != SECSuccess) {
+ abort();
+ }
+}
+
+static ScopedTestKeyPair reusedKeyPair;
+
+PRStatus
+InitReusedKeyPair()
+{
+ InitNSSIfNeeded();
+ reusedKeyPair.reset(GenerateKeyPairInner());
+ return reusedKeyPair ? PR_SUCCESS : PR_FAILURE;
+}
+
+class NSSTestKeyPair final : public TestKeyPair
+{
+public:
+ NSSTestKeyPair(const TestPublicKeyAlgorithm& aPublicKeyAlg,
+ const ByteString& spk,
+ const ByteString& aEncryptedPrivateKey,
+ const ByteString& aEncryptionAlgorithm,
+ const ByteString& aEncryptionParams)
+ : TestKeyPair(aPublicKeyAlg, spk)
+ , encryptedPrivateKey(aEncryptedPrivateKey)
+ , encryptionAlgorithm(aEncryptionAlgorithm)
+ , encryptionParams(aEncryptionParams)
+ {
+ }
+
+ Result SignData(const ByteString& tbs,
+ const TestSignatureAlgorithm& signatureAlgorithm,
+ /*out*/ ByteString& signature) const override
+ {
+ SECOidTag oidTag;
+ if (signatureAlgorithm.publicKeyAlg == RSA_PKCS1()) {
+ switch (signatureAlgorithm.digestAlg) {
+ case TestDigestAlgorithmID::MD2:
+ oidTag = SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
+ break;
+ case TestDigestAlgorithmID::MD5:
+ oidTag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
+ break;
+ case TestDigestAlgorithmID::SHA1:
+ oidTag = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
+ break;
+ case TestDigestAlgorithmID::SHA224:
+ oidTag = SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION;
+ break;
+ case TestDigestAlgorithmID::SHA256:
+ oidTag = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
+ break;
+ case TestDigestAlgorithmID::SHA384:
+ oidTag = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION;
+ break;
+ case TestDigestAlgorithmID::SHA512:
+ oidTag = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION;
+ break;
+ MOZILLA_PKIX_UNREACHABLE_DEFAULT_ENUM
+ }
+ } else {
+ abort();
+ }
+
+ ScopedPK11SlotInfo slot(PK11_GetInternalSlot());
+ if (!slot) {
+ return MapPRErrorCodeToResult(PR_GetError());
+ }
+ SECItem encryptedPrivateKeyInfoItem = {
+ siBuffer,
+ const_cast<uint8_t*>(encryptedPrivateKey.data()),
+ static_cast<unsigned int>(encryptedPrivateKey.length())
+ };
+ SECItem encryptionAlgorithmItem = {
+ siBuffer,
+ const_cast<uint8_t*>(encryptionAlgorithm.data()),
+ static_cast<unsigned int>(encryptionAlgorithm.length())
+ };
+ SECItem encryptionParamsItem = {
+ siBuffer,
+ const_cast<uint8_t*>(encryptionParams.data()),
+ static_cast<unsigned int>(encryptionParams.length())
+ };
+ SECKEYEncryptedPrivateKeyInfo encryptedPrivateKeyInfo = {
+ nullptr,
+ { encryptionAlgorithmItem, encryptionParamsItem },
+ encryptedPrivateKeyInfoItem
+ };
+ SECItem passwordItem = { siBuffer, nullptr, 0 };
+ SECItem publicValueItem = {
+ siBuffer,
+ const_cast<uint8_t*>(subjectPublicKey.data()),
+ static_cast<unsigned int>(subjectPublicKey.length())
+ };
+ SECKEYPrivateKey* privateKey;
+ // This should always be an RSA key (we'll have aborted above if we're not
+ // doing an RSA signature).
+ if (PK11_ImportEncryptedPrivateKeyInfoAndReturnKey(
+ slot.get(), &encryptedPrivateKeyInfo, &passwordItem, nullptr,
+ &publicValueItem, false, false, rsaKey, KU_ALL, &privateKey,
+ nullptr) != SECSuccess) {
+ return MapPRErrorCodeToResult(PR_GetError());
+ }
+ ScopedSECKEYPrivateKey scopedPrivateKey(privateKey);
+ SECItem signatureItem;
+ if (SEC_SignData(&signatureItem, tbs.data(),
+ static_cast<int>(tbs.length()),
+ scopedPrivateKey.get(), oidTag) != SECSuccess) {
+ return MapPRErrorCodeToResult(PR_GetError());
+ }
+ signature.assign(signatureItem.data, signatureItem.len);
+ SECITEM_FreeItem(&signatureItem, false);
+ return Success;
+ }
+
+ TestKeyPair* Clone() const override
+ {
+ return new (std::nothrow) NSSTestKeyPair(publicKeyAlg,
+ subjectPublicKey,
+ encryptedPrivateKey,
+ encryptionAlgorithm,
+ encryptionParams);
+ }
+
+private:
+ const ByteString encryptedPrivateKey;
+ const ByteString encryptionAlgorithm;
+ const ByteString encryptionParams;
+};
+
+} // namespace
+
+// This private function is also used by Gecko's PSM test framework
+// (OCSPCommon.cpp).
+TestKeyPair* CreateTestKeyPair(const TestPublicKeyAlgorithm publicKeyAlg,
+ const ScopedSECKEYPublicKey& publicKey,
+ const ScopedSECKEYPrivateKey& privateKey)
+{
+ ScopedCERTSubjectPublicKeyInfo
+ spki(SECKEY_CreateSubjectPublicKeyInfo(publicKey.get()));
+ if (!spki) {
+ return nullptr;
+ }
+ SECItem spkDER = spki->subjectPublicKey;
+ DER_ConvertBitString(&spkDER); // bits to bytes
+ ScopedPK11SlotInfo slot(PK11_GetInternalSlot());
+ if (!slot) {
+ return nullptr;
+ }
+ // Because NSSTestKeyPair isn't tracked by XPCOM and won't otherwise be aware
+ // of shutdown, we don't have a way to release NSS resources at the
+ // appropriate time. To work around this, NSSTestKeyPair doesn't hold on to
+ // NSS resources. Instead, we export the generated private key part as an
+ // encrypted blob (with an empty password and fairly lame encryption). When we
+ // need to use it (e.g. to sign something), we decrypt it and create a
+ // temporary key object.
+ SECItem passwordItem = { siBuffer, nullptr, 0 };
+ ScopedSECKEYEncryptedPrivateKeyInfo encryptedPrivateKey(
+ PK11_ExportEncryptedPrivKeyInfo(
+ slot.get(), SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC,
+ &passwordItem, privateKey.get(), 1, nullptr));
+ if (!encryptedPrivateKey) {
+ return nullptr;
+ }
+
+ return new (std::nothrow) NSSTestKeyPair(
+ publicKeyAlg,
+ ByteString(spkDER.data, spkDER.len),
+ ByteString(encryptedPrivateKey->encryptedData.data,
+ encryptedPrivateKey->encryptedData.len),
+ ByteString(encryptedPrivateKey->algorithm.algorithm.data,
+ encryptedPrivateKey->algorithm.algorithm.len),
+ ByteString(encryptedPrivateKey->algorithm.parameters.data,
+ encryptedPrivateKey->algorithm.parameters.len));
+}
+
+namespace {
+
+TestKeyPair*
+GenerateKeyPairInner()
+{
+ ScopedPK11SlotInfo slot(PK11_GetInternalSlot());
+ if (!slot) {
+ abort();
+ }
+
+ // Bug 1012786: PK11_GenerateKeyPair can fail if there is insufficient
+ // entropy to generate a random key. Attempting to add some entropy and
+ // retrying appears to solve this issue.
+ for (uint32_t retries = 0; retries < 10; retries++) {
+ PK11RSAGenParams params;
+ params.keySizeInBits = 2048;
+ params.pe = 3;
+ SECKEYPublicKey* publicKeyTemp = nullptr;
+ ScopedSECKEYPrivateKey
+ privateKey(PK11_GenerateKeyPair(slot.get(), CKM_RSA_PKCS_KEY_PAIR_GEN,
+ ¶ms, &publicKeyTemp, false, true,
+ nullptr));
+ ScopedSECKEYPublicKey publicKey(publicKeyTemp);
+ if (privateKey) {
+ return CreateTestKeyPair(RSA_PKCS1(), publicKey, privateKey);
+ }
+
+ assert(!publicKeyTemp);
+
+ if (PR_GetError() != SEC_ERROR_PKCS11_FUNCTION_FAILED) {
+ break;
+ }
+
+ // Since these keys are only for testing, we don't need them to be good,
+ // random keys.
+ // https://xkcd.com/221/
+ static const uint8_t RANDOM_NUMBER[] = { 4, 4, 4, 4, 4, 4, 4, 4 };
+ if (PK11_RandomUpdate((void*) &RANDOM_NUMBER,
+ sizeof(RANDOM_NUMBER)) != SECSuccess) {
+ break;
+ }
+ }
+
+ abort();
+}
+
+} // namespace
+
+TestKeyPair*
+GenerateKeyPair()
+{
+ InitNSSIfNeeded();
+ return GenerateKeyPairInner();
+}
+
+TestKeyPair*
+CloneReusedKeyPair()
+{
+ static PRCallOnceType initCallOnce;
+ if (PR_CallOnce(&initCallOnce, InitReusedKeyPair) != PR_SUCCESS) {
+ abort();
+ }
+ assert(reusedKeyPair);
+ return reusedKeyPair->Clone();
+}
+
+TestKeyPair*
+GenerateDSSKeyPair()
+{
+ InitNSSIfNeeded();
+
+ ScopedPK11SlotInfo slot(PK11_GetInternalSlot());
+ if (!slot) {
+ return nullptr;
+ }
+
+ ByteString p(DSS_P());
+ ByteString q(DSS_Q());
+ ByteString g(DSS_G());
+
+ static const PQGParams PARAMS = {
+ nullptr,
+ { siBuffer,
+ const_cast<uint8_t*>(p.data()),
+ static_cast<unsigned int>(p.length())
+ },
+ { siBuffer,
+ const_cast<uint8_t*>(q.data()),
+ static_cast<unsigned int>(q.length())
+ },
+ { siBuffer,
+ const_cast<uint8_t*>(g.data()),
+ static_cast<unsigned int>(g.length())
+ }
+ };
+
+ SECKEYPublicKey* publicKeyTemp = nullptr;
+ ScopedSECKEYPrivateKey
+ privateKey(PK11_GenerateKeyPair(slot.get(), CKM_DSA_KEY_PAIR_GEN,
+ const_cast<PQGParams*>(&PARAMS),
+ &publicKeyTemp, false, true, nullptr));
+ if (!privateKey) {
+ return nullptr;
+ }
+ ScopedSECKEYPublicKey publicKey(publicKeyTemp);
+ return CreateTestKeyPair(DSS(), publicKey, privateKey);
+}
+
+Result
+TestVerifyECDSASignedDigest(const SignedDigest& signedDigest,
+ Input subjectPublicKeyInfo)
+{
+ InitNSSIfNeeded();
+ return VerifyECDSASignedDigestNSS(signedDigest, subjectPublicKeyInfo,
+ nullptr);
+}
+
+Result
+TestVerifyRSAPKCS1SignedDigest(const SignedDigest& signedDigest,
+ Input subjectPublicKeyInfo)
+{
+ InitNSSIfNeeded();
+ return VerifyRSAPKCS1SignedDigestNSS(signedDigest, subjectPublicKeyInfo,
+ nullptr);
+}
+
+Result
+TestDigestBuf(Input item,
+ DigestAlgorithm digestAlg,
+ /*out*/ uint8_t* digestBuf,
+ size_t digestBufLen)
+{
+ InitNSSIfNeeded();
+ return DigestBufNSS(item, digestAlg, digestBuf, digestBufLen);
+}
+
+} } } // namespace mozilla::pkix::test
diff --git a/security/nss/lib/mozpkix/test-lib/pkixtestutil.cpp b/security/nss/lib/mozpkix/test-lib/pkixtestutil.cpp
new file mode 100644
index 000000000..b1b89c07e
--- /dev/null
+++ b/security/nss/lib/mozpkix/test-lib/pkixtestutil.cpp
@@ -0,0 +1,1155 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This code is made available to you under your choice of the following sets
+ * of licensing terms:
+ */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+/* Copyright 2013 Mozilla Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "mozpkix/test/pkixtestutil.h"
+
+#include <cerrno>
+#include <cstdio>
+#include <limits>
+#include <new>
+#include <sstream>
+#include <cstdlib>
+
+#include "mozpkix/pkixder.h"
+#include "mozpkix/pkixutil.h"
+
+using namespace std;
+
+namespace mozilla { namespace pkix { namespace test {
+
+namespace {
+
+struct ScopedMaybeDeleteFile {
+ void operator()(FILE* f) {
+ if (f) {
+ (void)fclose(f);
+ }
+ }
+};
+typedef std::unique_ptr<FILE, ScopedMaybeDeleteFile> ScopedFILE;
+
+FILE*
+OpenFile(const string& dir, const string& filename, const string& mode)
+{
+ string path = dir + '/' + filename;
+
+ ScopedFILE file;
+#ifdef _MSC_VER
+ {
+ FILE* rawFile;
+ errno_t error = fopen_s(&rawFile, path.c_str(), mode.c_str());
+ if (error) {
+ // TODO: map error to NSPR error code
+ rawFile = nullptr;
+ }
+ file.reset(rawFile);
+ }
+#else
+ file.reset(fopen(path.c_str(), mode.c_str()));
+#endif
+ return file.release();
+}
+
+} // namespace
+
+bool
+InputEqualsByteString(Input input, const ByteString& bs)
+{
+ Input bsInput;
+ if (bsInput.Init(bs.data(), bs.length()) != Success) {
+ // Init can only fail if it is given a bad pointer or if the input is too
+ // long, which won't ever happen. Plus, if it does, it is ok to call abort
+ // since this is only test code.
+ abort();
+ }
+ return InputsAreEqual(input, bsInput);
+}
+
+ByteString
+InputToByteString(Input input)
+{
+ ByteString result;
+ Reader reader(input);
+ for (;;) {
+ uint8_t b;
+ if (reader.Read(b) != Success) {
+ return result;
+ }
+ result.push_back(b);
+ }
+}
+
+Result
+TamperOnce(/*in/out*/ ByteString& item, const ByteString& from,
+ const ByteString& to)
+{
+ if (from.length() < 8) {
+ return Result::FATAL_ERROR_INVALID_ARGS;
+ }
+ if (from.length() != to.length()) {
+ return Result::FATAL_ERROR_INVALID_ARGS;
+ }
+ size_t pos = item.find(from);
+ if (pos == string::npos) {
+ return Result::FATAL_ERROR_INVALID_ARGS; // No matches.
+ }
+ if (item.find(from, pos + from.length()) != string::npos) {
+ return Result::FATAL_ERROR_INVALID_ARGS; // More than once match.
+ }
+ item.replace(pos, from.length(), to);
+ return Success;
+}
+
+// Given a tag and a value, generates a DER-encoded tag-length-value item.
+ByteString
+TLV(uint8_t tag, size_t length, const ByteString& value)
+{
+ ByteString result;
+ result.push_back(tag);
+
+ if (value.length() < 128) {
+ result.push_back(static_cast<uint8_t>(length));
+ } else if (value.length() < 256) {
+ result.push_back(0x81u);
+ result.push_back(static_cast<uint8_t>(length));
+ } else if (value.length() < 65536) {
+ result.push_back(0x82u);
+ result.push_back(static_cast<uint8_t>(length / 256));
+ result.push_back(static_cast<uint8_t>(length % 256));
+ } else {
+ // It is MUCH more convenient for TLV to be infallible than for it to have
+ // "proper" error handling.
+ abort();
+ }
+ result.append(value);
+ return result;
+}
+
+OCSPResponseExtension::OCSPResponseExtension()
+ : id()
+ , critical(false)
+ , value()
+ , next(nullptr)
+{
+}
+
+OCSPResponseContext::OCSPResponseContext(const CertID& aCertID, time_t time)
+ : certID(aCertID)
+ , responseStatus(successful)
+ , skipResponseBytes(false)
+ , producedAt(time)
+ , singleExtensions(nullptr)
+ , responseExtensions(nullptr)
+ , includeEmptyExtensions(false)
+ , signatureAlgorithm(sha256WithRSAEncryption())
+ , badSignature(false)
+ , certs(nullptr)
+
+ , certStatus(good)
+ , revocationTime(0)
+ , thisUpdate(time)
+ , nextUpdate(time + static_cast<time_t>(Time::ONE_DAY_IN_SECONDS))
+ , includeNextUpdate(true)
+{
+}
+
+static ByteString ResponseBytes(OCSPResponseContext& context);
+static ByteString BasicOCSPResponse(OCSPResponseContext& context);
+static ByteString ResponseData(OCSPResponseContext& context);
+static ByteString ResponderID(OCSPResponseContext& context);
+static ByteString KeyHash(const ByteString& subjectPublicKeyInfo);
+static ByteString SingleResponse(OCSPResponseContext& context);
+static ByteString CertID(OCSPResponseContext& context);
+static ByteString CertStatus(OCSPResponseContext& context);
+
+static ByteString
+SHA1(const ByteString& toHash)
+{
+ uint8_t digestBuf[20];
+ Input input;
+ if (input.Init(toHash.data(), toHash.length()) != Success) {
+ abort();
+ }
+ Result rv = TestDigestBuf(input, DigestAlgorithm::sha1, digestBuf,
+ sizeof(digestBuf));
+ if (rv != Success) {
+ abort();
+ }
+ return ByteString(digestBuf, sizeof(digestBuf));
+}
+
+static ByteString
+HashedOctetString(const ByteString& bytes)
+{
+ ByteString digest(SHA1(bytes));
+ if (ENCODING_FAILED(digest)) {
+ return ByteString();
+ }
+ return TLV(der::OCTET_STRING, digest);
+}
+
+static ByteString
+BitString(const ByteString& rawBytes, bool corrupt)
+{
+ ByteString prefixed;
+ // We have to add a byte at the beginning indicating no unused bits.
+ // TODO: add ability to have bit strings of bit length not divisible by 8,
+ // resulting in unused bits in the bitstring encoding
+ prefixed.push_back(0);
+ prefixed.append(rawBytes);
+ if (corrupt) {
+ assert(prefixed.length() > 8);
+ prefixed[8]++;
+ }
+ return TLV(der::BIT_STRING, prefixed);
+}
+
+ByteString
+Boolean(bool value)
+{
+ ByteString encodedValue;
+ encodedValue.push_back(value ? 0xffu : 0x00u);
+ return TLV(der::BOOLEAN, encodedValue);
+}
+
+ByteString
+Integer(long value)
+{
+ if (value < 0 || value > 127) {
+ // TODO: add encoding of larger values
+ // It is MUCH more convenient for Integer to be infallible than for it to
+ // have "proper" error handling.
+ abort();
+ }
+
+ ByteString encodedValue;
+ encodedValue.push_back(static_cast<uint8_t>(value));
+ return TLV(der::INTEGER, encodedValue);
+}
+
+enum TimeEncoding { UTCTime = 0, GeneralizedTime = 1 };
+
+// Windows doesn't provide gmtime_r, but it provides something very similar.
+#if defined(_WINDOWS) && (!defined(_POSIX_C_SOURCE) || !defined(_POSIX_THREAD_SAFE_FUNCTIONS))
+static tm*
+gmtime_r(const time_t* t, /*out*/ tm* exploded)
+{
+ if (gmtime_s(exploded, t) != 0) {
+ return nullptr;
+ }
+ return exploded;
+}
+#endif
+
+// http://tools.ietf.org/html/rfc5280#section-4.1.2.5
+// UTCTime: YYMMDDHHMMSSZ (years 1950-2049 only)
+// GeneralizedTime: YYYYMMDDHHMMSSZ
+//
+// This assumes that time/time_t are POSIX-compliant in that time() returns
+// the number of seconds since the Unix epoch.
+static ByteString
+TimeToEncodedTime(time_t time, TimeEncoding encoding)
+{
+ assert(encoding == UTCTime || encoding == GeneralizedTime);
+
+ tm exploded;
+ if (!gmtime_r(&time, &exploded)) {
+ return ByteString();
+ }
+
+ if (exploded.tm_sec >= 60) {
+ // round down for leap seconds
+ exploded.tm_sec = 59;
+ }
+
+ // exploded.tm_year is the year offset by 1900.
+ int year = exploded.tm_year + 1900;
+
+ if (encoding == UTCTime && (year < 1950 || year >= 2050)) {
+ return ByteString();
+ }
+
+ ByteString value;
+
+ if (encoding == GeneralizedTime) {
+ value.push_back(static_cast<uint8_t>('0' + (year / 1000)));
+ value.push_back(static_cast<uint8_t>('0' + ((year % 1000) / 100)));
+ }
+
+ value.push_back(static_cast<uint8_t>('0' + ((year % 100) / 10)));
+ value.push_back(static_cast<uint8_t>('0' + (year % 10)));
+ value.push_back(static_cast<uint8_t>('0' + ((exploded.tm_mon + 1) / 10)));
+ value.push_back(static_cast<uint8_t>('0' + ((exploded.tm_mon + 1) % 10)));
+ value.push_back(static_cast<uint8_t>('0' + (exploded.tm_mday / 10)));
+ value.push_back(static_cast<uint8_t>('0' + (exploded.tm_mday % 10)));
+ value.push_back(static_cast<uint8_t>('0' + (exploded.tm_hour / 10)));
+ value.push_back(static_cast<uint8_t>('0' + (exploded.tm_hour % 10)));
+ value.push_back(static_cast<uint8_t>('0' + (exploded.tm_min / 10)));
+ value.push_back(static_cast<uint8_t>('0' + (exploded.tm_min % 10)));
+ value.push_back(static_cast<uint8_t>('0' + (exploded.tm_sec / 10)));
+ value.push_back(static_cast<uint8_t>('0' + (exploded.tm_sec % 10)));
+ value.push_back('Z');
+
+ return TLV(encoding == GeneralizedTime ? der::GENERALIZED_TIME : der::UTCTime,
+ value);
+}
+
+static ByteString
+TimeToGeneralizedTime(time_t time)
+{
+ return TimeToEncodedTime(time, GeneralizedTime);
+}
+
+// http://tools.ietf.org/html/rfc5280#section-4.1.2.5: "CAs conforming to this
+// profile MUST always encode certificate validity dates through the year 2049
+// as UTCTime; certificate validity dates in 2050 or later MUST be encoded as
+// GeneralizedTime." (This is a special case of the rule that we must always
+// use the shortest possible encoding.)
+static ByteString
+TimeToTimeChoice(time_t time)
+{
+ tm exploded;
+ if (!gmtime_r(&time, &exploded)) {
+ return ByteString();
+ }
+ TimeEncoding encoding = (exploded.tm_year + 1900 >= 1950 &&
+ exploded.tm_year + 1900 < 2050)
+ ? UTCTime
+ : GeneralizedTime;
+
+ return TimeToEncodedTime(time, encoding);
+}
+
+Time
+YMDHMS(uint16_t year, uint16_t month, uint16_t day,
+ uint16_t hour, uint16_t minutes, uint16_t seconds)
+{
+ assert(year <= 9999);
+ assert(month >= 1);
+ assert(month <= 12);
+ assert(day >= 1);
+ assert(hour < 24);
+ assert(minutes < 60);
+ assert(seconds < 60);
+
+ uint64_t days = DaysBeforeYear(year);
+
+ {
+ static const int16_t DAYS_IN_MONTH[] = {
+ 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
+ };
+
+ int16_t i = 1;
+ for (;;) {
+ int16_t daysInMonth = DAYS_IN_MONTH[i - 1];
+ if (i == 2 &&
+ ((year % 4 == 0) && ((year % 100 != 0) || (year % 400 == 0)))) {
+ // Add leap day
+ ++daysInMonth;
+ }
+ if (i == month) {
+ assert(day <= daysInMonth);
+ break;
+ }
+ days += daysInMonth;
+ ++i;
+ }
+ }
+
+ days += (day - 1);
+
+ uint64_t totalSeconds = days * Time::ONE_DAY_IN_SECONDS;
+ totalSeconds += hour * 60 * 60;
+ totalSeconds += minutes * 60;
+ totalSeconds += seconds;
+ return TimeFromElapsedSecondsAD(totalSeconds);
+}
+
+static ByteString
+SignedData(const ByteString& tbsData,
+ const TestKeyPair& keyPair,
+ const TestSignatureAlgorithm& signatureAlgorithm,
+ bool corrupt, /*optional*/ const ByteString* certs)
+{
+ ByteString signature;
+ if (keyPair.SignData(tbsData, signatureAlgorithm, signature) != Success) {
+ return ByteString();
+ }
+
+ // TODO: add ability to have signatures of bit length not divisible by 8,
+ // resulting in unused bits in the bitstring encoding
+ ByteString signatureNested(BitString(signature, corrupt));
+ if (ENCODING_FAILED(signatureNested)) {
+ return ByteString();
+ }
+
+ ByteString certsNested;
+ if (certs) {
+ ByteString certsSequenceValue;
+ while (!(*certs).empty()) {
+ certsSequenceValue.append(*certs);
+ ++certs;
+ }
+ ByteString certsSequence(TLV(der::SEQUENCE, certsSequenceValue));
+ certsNested = TLV(der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 0,
+ certsSequence);
+ }
+
+ ByteString value;
+ value.append(tbsData);
+ value.append(signatureAlgorithm.algorithmIdentifier);
+ value.append(signatureNested);
+ value.append(certsNested);
+ return TLV(der::SEQUENCE, value);
+}
+
+// Extension ::= SEQUENCE {
+// extnID OBJECT IDENTIFIER,
+// critical BOOLEAN DEFAULT FALSE,
+// extnValue OCTET STRING
+// -- contains the DER encoding of an ASN.1 value
+// -- corresponding to the extension type identified
+// -- by extnID
+// }
+static ByteString
+Extension(Input extnID, Critical critical, const ByteString& extnValueBytes)
+{
+ ByteString encoded;
+
+ encoded.append(ByteString(extnID.UnsafeGetData(), extnID.GetLength()));
+
+ if (critical == Critical::Yes) {
+ encoded.append(Boolean(true));
+ }
+
+ ByteString extnValueSequence(TLV(der::SEQUENCE, extnValueBytes));
+ ByteString extnValue(TLV(der::OCTET_STRING, extnValueSequence));
+ encoded.append(extnValue);
+ return TLV(der::SEQUENCE, encoded);
+}
+
+static ByteString
+EmptyExtension(Input extnID, Critical critical)
+{
+ ByteString encoded(extnID.UnsafeGetData(), extnID.GetLength());
+
+ if (critical == Critical::Yes) {
+ encoded.append(Boolean(true));
+ }
+
+ ByteString extnValue(TLV(der::OCTET_STRING, ByteString()));
+ encoded.append(extnValue);
+ return TLV(der::SEQUENCE, encoded);
+}
+
+std::string
+GetEnv(const char* name)
+{
+ std::string result;
+
+#ifndef _MSC_VER
+ // XXX: Not thread safe.
+ const char* value = getenv(name);
+ if (value) {
+ result = value;
+ }
+#else
+ char* value = nullptr;
+ size_t valueLength = 0;
+ if (_dupenv_s(&value, &valueLength, name) != 0) {
+ abort();
+ }
+ if (value) {
+ result = value;
+ free(value);
+ }
+#endif
+ return result;
+}
+
+void
+MaybeLogOutput(const ByteString& result, const char* suffix)
+{
+ assert(suffix);
+
+ // This allows us to more easily debug the generated output, by creating a
+ // file in the directory given by MOZILLA_PKIX_TEST_LOG_DIR for each
+ // NOT THREAD-SAFE!!!
+ std::string logPath(GetEnv("MOZILLA_PKIX_TEST_LOG_DIR"));
+ if (!logPath.empty()) {
+ static int counter = 0;
+
+ std::ostringstream counterStream;
+ counterStream << counter;
+ if (!counterStream) {
+ assert(false);
+ return;
+ }
+ string filename = counterStream.str() + '-' + suffix + ".der";
+
+ ++counter;
+ ScopedFILE file(OpenFile(logPath, filename, "wb"));
+ if (file) {
+ (void) fwrite(result.data(), result.length(), 1, file.get());
+ }
+ }
+}
+
+///////////////////////////////////////////////////////////////////////////////
+// Certificates
+
+static ByteString TBSCertificate(long version, const ByteString& serialNumber,
+ const ByteString& signature,
+ const ByteString& issuer,
+ time_t notBefore, time_t notAfter,
+ const ByteString& subject,
+ const ByteString& subjectPublicKeyInfo,
+ /*optional*/ const ByteString* extensions);
+
+// Certificate ::= SEQUENCE {
+// tbsCertificate TBSCertificate,
+// signatureAlgorithm AlgorithmIdentifier,
+// signatureValue BIT STRING }
+ByteString
+CreateEncodedCertificate(long version,
+ const TestSignatureAlgorithm& signature,
+ const ByteString& serialNumber,
+ const ByteString& issuerNameDER,
+ time_t notBefore, time_t notAfter,
+ const ByteString& subjectNameDER,
+ const TestKeyPair& subjectKeyPair,
+ /*optional*/ const ByteString* extensions,
+ const TestKeyPair& issuerKeyPair,
+ const TestSignatureAlgorithm& signatureAlgorithm)
+{
+ ByteString tbsCertificate(TBSCertificate(version, serialNumber,
+ signature.algorithmIdentifier,
+ issuerNameDER, notBefore,
+ notAfter, subjectNameDER,
+ subjectKeyPair.subjectPublicKeyInfo,
+ extensions));
+ if (ENCODING_FAILED(tbsCertificate)) {
+ return ByteString();
+ }
+
+ ByteString result(SignedData(tbsCertificate, issuerKeyPair,
+ signatureAlgorithm, false, nullptr));
+ if (ENCODING_FAILED(result)) {
+ return ByteString();
+ }
+
+ MaybeLogOutput(result, "cert");
+
+ return result;
+}
+
+// TBSCertificate ::= SEQUENCE {
+// version [0] Version DEFAULT v1,
+// serialNumber CertificateSerialNumber,
+// signature AlgorithmIdentifier,
+// issuer Name,
+// validity Validity,
+// subject Name,
+// subjectPublicKeyInfo SubjectPublicKeyInfo,
+// issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
+// -- If present, version MUST be v2 or v3
+// subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
+// -- If present, version MUST be v2 or v3
+// extensions [3] Extensions OPTIONAL
+// -- If present, version MUST be v3 -- }
+static ByteString
+TBSCertificate(long versionValue,
+ const ByteString& serialNumber, const ByteString& signature,
+ const ByteString& issuer, time_t notBeforeTime,
+ time_t notAfterTime, const ByteString& subject,
+ const ByteString& subjectPublicKeyInfo,
+ /*optional*/ const ByteString* extensions)
+{
+ ByteString value;
+
+ if (versionValue != static_cast<long>(der::Version::v1)) {
+ ByteString versionInteger(Integer(versionValue));
+ ByteString version(TLV(der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 0,
+ versionInteger));
+ value.append(version);
+ }
+
+ value.append(serialNumber);
+ value.append(signature);
+ value.append(issuer);
+
+ // Validity ::= SEQUENCE {
+ // notBefore Time,
+ // notAfter Time }
+ ByteString validity;
+ {
+ ByteString notBefore(TimeToTimeChoice(notBeforeTime));
+ if (ENCODING_FAILED(notBefore)) {
+ return ByteString();
+ }
+ ByteString notAfter(TimeToTimeChoice(notAfterTime));
+ if (ENCODING_FAILED(notAfter)) {
+ return ByteString();
+ }
+ ByteString validityValue;
+ validityValue.append(notBefore);
+ validityValue.append(notAfter);
+ validity = TLV(der::SEQUENCE, validityValue);
+ if (ENCODING_FAILED(validity)) {
+ return ByteString();
+ }
+ }
+ value.append(validity);
+
+ value.append(subject);
+
+ value.append(subjectPublicKeyInfo);
+
+ if (extensions) {
+ ByteString extensionsValue;
+ while (!(*extensions).empty()) {
+ extensionsValue.append(*extensions);
+ ++extensions;
+ }
+ ByteString extensionsSequence(TLV(der::SEQUENCE, extensionsValue));
+ if (ENCODING_FAILED(extensionsSequence)) {
+ return ByteString();
+ }
+ ByteString extensionsWrapped(
+ TLV(der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 3, extensionsSequence));
+ if (ENCODING_FAILED(extensionsWrapped)) {
+ return ByteString();
+ }
+ value.append(extensionsWrapped);
+ }
+
+ return TLV(der::SEQUENCE, value);
+}
+
+// AttributeTypeAndValue ::= SEQUENCE {
+// type AttributeType,
+// value AttributeValue }
+//
+// AttributeType ::= OBJECT IDENTIFIER
+//
+// AttributeValue ::= ANY -- DEFINED BY AttributeType
+//
+// DirectoryString ::= CHOICE {
+// teletexString TeletexString (SIZE (1..MAX)),
+// printableString PrintableString (SIZE (1..MAX)),
+// universalString UniversalString (SIZE (1..MAX)),
+// utf8String UTF8String (SIZE (1..MAX)),
+// bmpString BMPString (SIZE (1..MAX)) }
+template <size_t N>
+static ByteString
+AVA(const uint8_t (&type)[N], uint8_t directoryStringType,
+ const ByteString& value)
+{
+ ByteString wrappedValue(TLV(directoryStringType, value));
+ ByteString ava;
+ ava.append(type, N);
+ ava.append(wrappedValue);
+ return TLV(der::SEQUENCE, ava);
+}
+
+ByteString
+CN(const ByteString& value, uint8_t encodingTag)
+{
+ // id-at OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) ds(5) 4 }
+ // id-at-commonName AttributeType ::= { id-at 3 }
+ // python DottedOIDToCode.py --tlv id-at-commonName 2.5.4.3
+ static const uint8_t tlv_id_at_commonName[] = {
+ 0x06, 0x03, 0x55, 0x04, 0x03
+ };
+ return AVA(tlv_id_at_commonName, encodingTag, value);
+}
+
+ByteString
+OU(const ByteString& value, uint8_t encodingTag)
+{
+ // id-at OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) ds(5) 4 }
+ // id-at-organizationalUnitName AttributeType ::= { id-at 11 }
+ // python DottedOIDToCode.py --tlv id-at-organizationalUnitName 2.5.4.11
+ static const uint8_t tlv_id_at_organizationalUnitName[] = {
+ 0x06, 0x03, 0x55, 0x04, 0x0b
+ };
+
+ return AVA(tlv_id_at_organizationalUnitName, encodingTag, value);
+}
+
+ByteString
+emailAddress(const ByteString& value)
+{
+ // id-emailAddress AttributeType ::= { pkcs-9 1 }
+ // python DottedOIDToCode.py --tlv id-emailAddress 1.2.840.113549.1.9.1
+ static const uint8_t tlv_id_emailAddress[] = {
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01
+ };
+
+ return AVA(tlv_id_emailAddress, der::IA5String, value);
+}
+
+// RelativeDistinguishedName ::=
+// SET SIZE (1..MAX) OF AttributeTypeAndValue
+//
+ByteString
+RDN(const ByteString& avas)
+{
+ return TLV(der::SET, avas);
+}
+
+// Name ::= CHOICE { -- only one possibility for now --
+// rdnSequence RDNSequence }
+//
+// RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+//
+ByteString
+Name(const ByteString& rdns)
+{
+ return TLV(der::SEQUENCE, rdns);
+}
+
+ByteString
+CreateEncodedSerialNumber(long serialNumberValue)
+{
+ return Integer(serialNumberValue);
+}
+
+// BasicConstraints ::= SEQUENCE {
+// cA BOOLEAN DEFAULT FALSE,
+// pathLenConstraint INTEGER (0..MAX) OPTIONAL }
+ByteString
+CreateEncodedBasicConstraints(bool isCA,
+ /*optional in*/ const long* pathLenConstraintValue,
+ Critical critical)
+{
+ ByteString value;
+
+ if (isCA) {
+ ByteString cA(Boolean(true));
+ value.append(cA);
+ }
+
+ if (pathLenConstraintValue) {
+ ByteString pathLenConstraint(Integer(*pathLenConstraintValue));
+ value.append(pathLenConstraint);
+ }
+
+ // python DottedOIDToCode.py --tlv id-ce-basicConstraints 2.5.29.19
+ static const uint8_t tlv_id_ce_basicConstraints[] = {
+ 0x06, 0x03, 0x55, 0x1d, 0x13
+ };
+ return Extension(Input(tlv_id_ce_basicConstraints), critical, value);
+}
+
+// ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
+// KeyPurposeId ::= OBJECT IDENTIFIER
+ByteString
+CreateEncodedEKUExtension(Input ekuOID, Critical critical)
+{
+ ByteString value(ekuOID.UnsafeGetData(), ekuOID.GetLength());
+
+ // python DottedOIDToCode.py --tlv id-ce-extKeyUsage 2.5.29.37
+ static const uint8_t tlv_id_ce_extKeyUsage[] = {
+ 0x06, 0x03, 0x55, 0x1d, 0x25
+ };
+
+ return Extension(Input(tlv_id_ce_extKeyUsage), critical, value);
+}
+
+// python DottedOIDToCode.py --tlv id-ce-subjectAltName 2.5.29.17
+static const uint8_t tlv_id_ce_subjectAltName[] = {
+ 0x06, 0x03, 0x55, 0x1d, 0x11
+};
+
+ByteString
+CreateEncodedSubjectAltName(const ByteString& names)
+{
+ return Extension(Input(tlv_id_ce_subjectAltName), Critical::No, names);
+}
+
+ByteString
+CreateEncodedEmptySubjectAltName()
+{
+ return EmptyExtension(Input(tlv_id_ce_subjectAltName), Critical::No);
+}
+
+///////////////////////////////////////////////////////////////////////////////
+// OCSP responses
+
+ByteString
+CreateEncodedOCSPResponse(OCSPResponseContext& context)
+{
+ if (!context.skipResponseBytes) {
+ if (!context.signerKeyPair) {
+ return ByteString();
+ }
+ }
+
+ // OCSPResponse ::= SEQUENCE {
+ // responseStatus OCSPResponseStatus,
+ // responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
+
+ // OCSPResponseStatus ::= ENUMERATED {
+ // successful (0), -- Response has valid confirmations
+ // malformedRequest (1), -- Illegal confirmation request
+ // internalError (2), -- Internal error in issuer
+ // tryLater (3), -- Try again later
+ // -- (4) is not used
+ // sigRequired (5), -- Must sign the request
+ // unauthorized (6) -- Request unauthorized
+ // }
+ ByteString reponseStatusValue;
+ reponseStatusValue.push_back(context.responseStatus);
+ ByteString responseStatus(TLV(der::ENUMERATED, reponseStatusValue));
+
+ ByteString responseBytesNested;
+ if (!context.skipResponseBytes) {
+ ByteString responseBytes(ResponseBytes(context));
+ if (ENCODING_FAILED(responseBytes)) {
+ return ByteString();
+ }
+
+ responseBytesNested = TLV(der::CONSTRUCTED | der::CONTEXT_SPECIFIC,
+ responseBytes);
+ }
+
+ ByteString value;
+ value.append(responseStatus);
+ value.append(responseBytesNested);
+ ByteString result(TLV(der::SEQUENCE, value));
+
+ MaybeLogOutput(result, "ocsp");
+
+ return result;
+}
+
+// ResponseBytes ::= SEQUENCE {
+// responseType OBJECT IDENTIFIER,
+// response OCTET STRING }
+ByteString
+ResponseBytes(OCSPResponseContext& context)
+{
+ // Includes tag and length
+ static const uint8_t id_pkix_ocsp_basic_encoded[] = {
+ 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01
+ };
+ ByteString response(BasicOCSPResponse(context));
+ if (ENCODING_FAILED(response)) {
+ return ByteString();
+ }
+ ByteString responseNested = TLV(der::OCTET_STRING, response);
+
+ ByteString value;
+ value.append(id_pkix_ocsp_basic_encoded,
+ sizeof(id_pkix_ocsp_basic_encoded));
+ value.append(responseNested);
+ return TLV(der::SEQUENCE, value);
+}
+
+// BasicOCSPResponse ::= SEQUENCE {
+// tbsResponseData ResponseData,
+// signatureAlgorithm AlgorithmIdentifier,
+// signature BIT STRING,
+// certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+ByteString
+BasicOCSPResponse(OCSPResponseContext& context)
+{
+ ByteString tbsResponseData(ResponseData(context));
+ if (ENCODING_FAILED(tbsResponseData)) {
+ return ByteString();
+ }
+
+ return SignedData(tbsResponseData, *context.signerKeyPair,
+ context.signatureAlgorithm, context.badSignature,
+ context.certs);
+}
+
+// Extension ::= SEQUENCE {
+// id OBJECT IDENTIFIER,
+// critical BOOLEAN DEFAULT FALSE
+// value OCTET STRING
+// }
+static ByteString
+OCSPExtension(OCSPResponseExtension& extension)
+{
+ ByteString encoded;
+ encoded.append(extension.id);
+ if (extension.critical) {
+ encoded.append(Boolean(true));
+ }
+ ByteString value(TLV(der::OCTET_STRING, extension.value));
+ encoded.append(value);
+ return TLV(der::SEQUENCE, encoded);
+}
+
+// Extensions ::= [1] {
+// SEQUENCE OF Extension
+// }
+static ByteString
+OCSPExtensions(OCSPResponseExtension* extensions)
+{
+ ByteString value;
+ for (OCSPResponseExtension* extension = extensions;
+ extension; extension = extension->next) {
+ ByteString extensionEncoded(OCSPExtension(*extension));
+ if (ENCODING_FAILED(extensionEncoded)) {
+ return ByteString();
+ }
+ value.append(extensionEncoded);
+ }
+ ByteString sequence(TLV(der::SEQUENCE, value));
+ return TLV(der::CONSTRUCTED | der::CONTEXT_SPECIFIC | 1, sequence);
+}
+
+// ResponseData ::= SEQUENCE {
+// version [0] EXPLICIT Version DEFAULT v1,
+// responderID ResponderID,
+// producedAt GeneralizedTime,
+// responses SEQUENCE OF SingleResponse,
+// responseExtensions [1] EXPLICIT Extensions OPTIONAL }
+ByteString
+ResponseData(OCSPResponseContext& context)
+{
+ ByteString responderID(ResponderID(context));
+ if (ENCODING_FAILED(responderID)) {
+ return ByteString();
+ }
+ ByteString producedAtEncoded(TimeToGeneralizedTime(context.producedAt));
+ if (ENCODING_FAILED(producedAtEncoded)) {
+ return ByteString();
+ }
+ ByteString response(SingleResponse(context));
+ if (ENCODING_FAILED(response)) {
+ return ByteString();
+ }
+ ByteString responses(TLV(der::SEQUENCE, response));
+ ByteString responseExtensions;
+ if (context.responseExtensions || context.includeEmptyExtensions) {
+ responseExtensions = OCSPExtensions(context.responseExtensions);
+ }
+
+ ByteString value;
+ value.append(responderID);
+ value.append(producedAtEncoded);
+ value.append(responses);
+ value.append(responseExtensions);
+ return TLV(der::SEQUENCE, value);
+}
+
+// ResponderID ::= CHOICE {
+// byName [1] Name,
+// byKey [2] KeyHash }
+// }
+ByteString
+ResponderID(OCSPResponseContext& context)
+{
+ ByteString contents;
+ uint8_t responderIDType;
+ if (!context.signerNameDER.empty()) {
+ contents = context.signerNameDER;
+ responderIDType = 1; // byName
+ } else {
+ contents = KeyHash(context.signerKeyPair->subjectPublicKey);
+ if (ENCODING_FAILED(contents)) {
+ return ByteString();
+ }
+ responderIDType = 2; // byKey
+ }
+
+ // XXX: MSVC 2015 wrongly warns about signed/unsigned conversion without the
+ // static_cast.
+ uint8_t tag = static_cast<uint8_t>(der::CONSTRUCTED | der::CONTEXT_SPECIFIC |
+ responderIDType);
+ return TLV(tag, contents);
+}
+
+// KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key
+// -- (i.e., the SHA-1 hash of the value of the
+// -- BIT STRING subjectPublicKey [excluding
+// -- the tag, length, and number of unused
+// -- bits] in the responder's certificate)
+ByteString
+KeyHash(const ByteString& subjectPublicKey)
+{
+ return HashedOctetString(subjectPublicKey);
+}
+
+// SingleResponse ::= SEQUENCE {
+// certID CertID,
+// certStatus CertStatus,
+// thisUpdate GeneralizedTime,
+// nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
+// singleExtensions [1] EXPLICIT Extensions OPTIONAL }
+ByteString
+SingleResponse(OCSPResponseContext& context)
+{
+ ByteString certID(CertID(context));
+ if (ENCODING_FAILED(certID)) {
+ return ByteString();
+ }
+ ByteString certStatus(CertStatus(context));
+ if (ENCODING_FAILED(certStatus)) {
+ return ByteString();
+ }
+ ByteString thisUpdateEncoded(TimeToGeneralizedTime(context.thisUpdate));
+ if (ENCODING_FAILED(thisUpdateEncoded)) {
+ return ByteString();
+ }
+ ByteString nextUpdateEncodedNested;
+ if (context.includeNextUpdate) {
+ ByteString nextUpdateEncoded(TimeToGeneralizedTime(context.nextUpdate));
+ if (ENCODING_FAILED(nextUpdateEncoded)) {
+ return ByteString();
+ }
+ nextUpdateEncodedNested = TLV(der::CONSTRUCTED | der::CONTEXT_SPECIFIC | 0,
+ nextUpdateEncoded);
+ }
+ ByteString singleExtensions;
+ if (context.singleExtensions || context.includeEmptyExtensions) {
+ singleExtensions = OCSPExtensions(context.singleExtensions);
+ }
+
+ ByteString value;
+ value.append(certID);
+ value.append(certStatus);
+ value.append(thisUpdateEncoded);
+ value.append(nextUpdateEncodedNested);
+ value.append(singleExtensions);
+ return TLV(der::SEQUENCE, value);
+}
+
+// CertID ::= SEQUENCE {
+// hashAlgorithm AlgorithmIdentifier,
+// issuerNameHash OCTET STRING, -- Hash of issuer's DN
+// issuerKeyHash OCTET STRING, -- Hash of issuer's public key
+// serialNumber CertificateSerialNumber }
+ByteString
+CertID(OCSPResponseContext& context)
+{
+ ByteString issuerName(context.certID.issuer.UnsafeGetData(),
+ context.certID.issuer.GetLength());
+ ByteString issuerNameHash(HashedOctetString(issuerName));
+ if (ENCODING_FAILED(issuerNameHash)) {
+ return ByteString();
+ }
+
+ ByteString issuerKeyHash;
+ {
+ // context.certID.issuerSubjectPublicKeyInfo is the entire
+ // SubjectPublicKeyInfo structure, but we need just the subjectPublicKey
+ // part.
+ Reader input(context.certID.issuerSubjectPublicKeyInfo);
+ Reader contents;
+ if (der::ExpectTagAndGetValue(input, der::SEQUENCE, contents) != Success) {
+ return ByteString();
+ }
+ // Skip AlgorithmIdentifier
+ if (der::ExpectTagAndSkipValue(contents, der::SEQUENCE) != Success) {
+ return ByteString();
+ }
+ Input subjectPublicKey;
+ if (der::BitStringWithNoUnusedBits(contents, subjectPublicKey)
+ != Success) {
+ return ByteString();
+ }
+ issuerKeyHash = KeyHash(ByteString(subjectPublicKey.UnsafeGetData(),
+ subjectPublicKey.GetLength()));
+ if (ENCODING_FAILED(issuerKeyHash)) {
+ return ByteString();
+ }
+ }
+
+ ByteString serialNumberValue(context.certID.serialNumber.UnsafeGetData(),
+ context.certID.serialNumber.GetLength());
+ ByteString serialNumber(TLV(der::INTEGER, serialNumberValue));
+
+ // python DottedOIDToCode.py --alg id-sha1 1.3.14.3.2.26
+ static const uint8_t alg_id_sha1[] = {
+ 0x30, 0x07, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a
+ };
+
+ ByteString value;
+ value.append(alg_id_sha1, sizeof(alg_id_sha1));
+ value.append(issuerNameHash);
+ value.append(issuerKeyHash);
+ value.append(serialNumber);
+ return TLV(der::SEQUENCE, value);
+}
+
+// CertStatus ::= CHOICE {
+// good [0] IMPLICIT NULL,
+// revoked [1] IMPLICIT RevokedInfo,
+// unknown [2] IMPLICIT UnknownInfo }
+//
+// RevokedInfo ::= SEQUENCE {
+// revocationTime GeneralizedTime,
+// revocationReason [0] EXPLICIT CRLReason OPTIONAL }
+//
+// UnknownInfo ::= NULL
+//
+ByteString
+CertStatus(OCSPResponseContext& context)
+{
+ switch (context.certStatus) {
+ // Both good and unknown are ultimately represented as NULL - the only
+ // difference is in the tag that identifies them.
+ case 0:
+ case 2:
+ {
+ // XXX: MSVC 2015 wrongly warns about signed/unsigned conversion without
+ // the static cast.
+ return TLV(static_cast<uint8_t>(der::CONTEXT_SPECIFIC |
+ context.certStatus), ByteString());
+ }
+ case 1:
+ {
+ ByteString revocationTime(TimeToGeneralizedTime(context.revocationTime));
+ if (ENCODING_FAILED(revocationTime)) {
+ return ByteString();
+ }
+ // TODO(bug 980536): add support for revocationReason
+ return TLV(der::CONTEXT_SPECIFIC | der::CONSTRUCTED | 1, revocationTime);
+ }
+ default:
+ assert(false);
+ // fall through
+ }
+ return ByteString();
+}
+
+static const ByteString NO_UNUSED_BITS(1, 0x00);
+
+// The SubjectPublicKeyInfo syntax is specified in RFC 5280 Section 4.1.
+TestKeyPair::TestKeyPair(const TestPublicKeyAlgorithm& aPublicKeyAlg,
+ const ByteString& spk)
+ : publicKeyAlg(aPublicKeyAlg)
+ , subjectPublicKeyInfo(TLV(der::SEQUENCE,
+ aPublicKeyAlg.algorithmIdentifier +
+ TLV(der::BIT_STRING, NO_UNUSED_BITS + spk)))
+ , subjectPublicKey(spk)
+{
+}
+
+} } } // namespace mozilla::pkix::test
diff --git a/security/nss/lib/mozpkix/tools/DottedOIDToCode.py b/security/nss/lib/mozpkix/tools/DottedOIDToCode.py
new file mode 100644
index 000000000..dfd4ade07
--- /dev/null
+++ b/security/nss/lib/mozpkix/tools/DottedOIDToCode.py
@@ -0,0 +1,216 @@
+# This code is made available to you under your choice of the following sets
+# of licensing terms:
+###############################################################################
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+###############################################################################
+# Copyright 2013 Mozilla Contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from __future__ import print_function
+import argparse
+import itertools
+import sys
+
+
+def base128(value):
+ """
+ Given an integral value, returns an array of the base-128 representation
+ of that value, with all but the last byte having the high bit set as
+ required by the DER rules for the nodes of an OID after the first two
+ bytes.
+
+ >>> base128(1)
+ [1]
+ >>> base128(10045)
+ [206, 61]
+ """
+
+ if value < 0:
+ raise ValueError("An OID must have only positive-value nodes.")
+
+ # least significant byte has highest bit unset
+ result = [value % 0x80]
+ value /= 0x80
+
+ while value != 0:
+ result = [0x80 | (value % 0x80)] + result
+ value /= 0x80
+
+ return result
+
+
+def dottedOIDToEncodedArray(dottedOID):
+ """
+ Takes a dotted OID string (e.g. '1.2.840.10045.4.3.4') as input, and
+ returns an array that contains the DER encoding of its value, without
+ the tag and length (e.g. [0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04]).
+ """
+ nodes = [int(x) for x in dottedOID.strip().split(".")]
+ if len(nodes) < 2:
+ raise ValueError("An OID must have at least two nodes.")
+ if not (0 <= nodes[0] <= 2):
+ raise ValueError("The first node of an OID must be 0, 1, or 2.")
+ if not (0 <= nodes[1] <= 39):
+ # XXX: Does this restriction apply when the first part is 2?
+ raise ValueError("The second node of an OID must be 0-39.")
+ firstByte = (40 * nodes[0]) + nodes[1]
+ restBase128 = [base128(x) for x in nodes[2:]]
+ return [firstByte] + list(itertools.chain.from_iterable(restBase128))
+
+
+def dottedOIDToCArray(dottedOID, mode):
+ """
+ Takes a dotted OID string (e.g. '1.2.840.10045.4.3.4') as input, and
+ returns a string that contains the hex encoding of the OID in C++ literal
+ notation, e.g. '0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04'.
+ """
+ bytes = dottedOIDToEncodedArray(dottedOID)
+
+ if mode != "value" and mode != "prefixdefine":
+ bytes = [0x06, len(bytes)] + bytes
+
+ if mode == "alg":
+ # Wrap the DER-encoded OID in a SEQUENCE to create an
+ # AlgorithmIdentifier with no parameters.
+ bytes = [0x30, len(bytes)] + bytes
+
+ return ", ".join(["0x%.2x" % b for b in bytes])
+
+
+def specNameToCName(specName):
+ """
+ Given an string containing an ASN.1 name, returns a string that is a valid
+ C++ identifier that is as similar to that name as possible. Since most
+ ASN.1 identifiers used in PKIX specifications are legal C++ names except
+ for containing hyphens, this function just converts the hyphens to
+ underscores. This may need to be improved in the future if we encounter
+ names with other funny characters.
+ """
+ return specName.replace("-", "_")
+
+
+def toCode(programName, specName, dottedOID, mode):
+ """
+ Given an ASN.1 name and a string containing the dotted representation of an
+ OID, returns a string that contains a C++ declaration for a named constant
+ that contains that OID value. If mode is "value" then only the value of
+ the OID (without the tag or length) will be included in the output. If mode
+ is "tlv" then the value will be prefixed with the tag and length. If mode
+ is "alg" then the value will be a complete der-encoded AlgorithmIdentifier
+ with no parameters.
+
+ This:
+
+ toCode("DottedOIDToCode.py", "ecdsa-with-SHA512", "1.2.840.10045.4.3.4",
+ "value")
+
+ would result in a string like:
+
+ // python DottedOIDToCode.py ecdsa-with-SHA512 1.2.840.10045.4.3.4
+ static const uint8_t ecdsa_with_SHA512[] = {
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04
+ };
+
+ This:
+
+ toCode("DottedOIDToCode.py", "ecdsa-with-SHA512", "1.2.840.10045.4.3.4",
+ "tlv")
+
+ would result in a string like:
+
+ // python DottedOIDToCode.py --tlv ecdsa-with-SHA512 1.2.840.10045.4.3.4
+ static const uint8_t tlv_ecdsa_with_SHA512[] = {
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04
+ };
+
+ This:
+
+ toCode("DottedOIDToCode.py", "ecdsa-with-SHA512", "1.2.840.10045.4.3.4",
+ "alg")
+
+ would result in a string like:
+
+ // python DottedOIDToCode.py --alg ecdsa-with-SHA512 1.2.840.10045.4.3.4
+ static const uint8_t alg_ecdsa_with_SHA512[] = {
+ 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04
+ };
+
+ This:
+
+ toCode("DottedOIDToCode.py", "PREFIX_1_2_840_10045", "1.2.840.10045",
+ "prefixdefine")
+
+ would result in a string like this (note the lack of indention):
+
+ // python DottedOIDToCode.py --prefixdefine PREFIX_1_2_840_10045 1.2.840.10045
+ #define PREFIX_1_2_840_10045 0x2a, 0x86, 0x48, 0xce, 0x3d
+ """
+ programNameWithOptions = programName
+
+ if mode == "prefixdefine":
+ programNameWithOptions += " --prefixdefine"
+ varName = specName
+ return ("// python %s %s %s\n" +
+ "#define %s %s\n") % (programNameWithOptions, specName,
+ dottedOID, varName,
+ dottedOIDToCArray(dottedOID, mode))
+
+ varName = specNameToCName(specName)
+ if mode == "tlv":
+ programNameWithOptions += " --tlv"
+ varName = "tlv_" + varName
+ elif mode == "alg":
+ programNameWithOptions += " --alg"
+ varName = "alg_" + varName
+ elif mode == "prefixdefine":
+ programNameWithOptions += " --alg"
+ varName = varName
+
+ return (" // python %s %s %s\n" +
+ " static const uint8_t %s[] = {\n" +
+ " %s\n" +
+ " };\n") % (programNameWithOptions, specName, dottedOID, varName,
+ dottedOIDToCArray(dottedOID, mode))
+
+
+if __name__ == "__main__":
+ parser = argparse.ArgumentParser(
+ description="Generate code snippets to handle OIDs in C++",
+ epilog="example: python %s ecdsa-with-SHA1 1.2.840.10045.4.1"
+ % sys.argv[0])
+ group = parser.add_mutually_exclusive_group()
+ group.add_argument("--tlv", action='store_true',
+ help="Wrap the encoded OID value with the tag and length")
+ group.add_argument("--alg", action='store_true',
+ help="Wrap the encoded OID value in an encoded SignatureAlgorithm")
+ group.add_argument("--prefixdefine", action='store_true',
+ help="generate a OID prefix #define")
+ parser.add_argument("name",
+ help="The name given to the OID in the specification")
+ parser.add_argument("dottedOID", metavar="dotted-oid",
+ help="The OID value, in dotted notation")
+
+ args = parser.parse_args()
+ if args.alg:
+ mode = 'alg'
+ elif args.tlv:
+ mode = 'tlv'
+ elif args.prefixdefine:
+ mode = 'prefixdefine'
+ else:
+ mode = 'value'
+
+ print(toCode(sys.argv[0], args.name, args.dottedOID, mode))
diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def
index 4f0ade4d0..8a9b3b030 100644
--- a/security/nss/lib/nss/nss.def
+++ b/security/nss/lib/nss/nss.def
@@ -1133,3 +1133,9 @@ SEC_CreateSignatureAlgorithmParameters;
;+ local:
;+ *;
;+};
+;+NSS_3.39 { # NSS 3.39 release
+;+ global:
+CERT_GetCertKeyType;
+;+ local:
+;+ *;
+;+};
diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h
index efb0827c5..49c545ecc 100644
--- a/security/nss/lib/nss/nss.h
+++ b/security/nss/lib/nss/nss.h
@@ -22,9 +22,9 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
*/
-#define NSS_VERSION "3.38" _NSS_CUSTOMIZED
+#define NSS_VERSION "3.41" _NSS_CUSTOMIZED
#define NSS_VMAJOR 3
-#define NSS_VMINOR 38
+#define NSS_VMINOR 41
#define NSS_VPATCH 0
#define NSS_VBUILD 0
#define NSS_BETA PR_FALSE
diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c
index 5d62d479c..9b6012771 100644
--- a/security/nss/lib/nss/nssinit.c
+++ b/security/nss/lib/nss/nssinit.c
@@ -12,7 +12,7 @@
#include "prprf.h"
#include "prmem.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secmod.h"
#include "secoid.h"
#include "nss.h"
@@ -54,7 +54,7 @@ nss_mktemp(char *path)
#define NSS_MAX_FLAG_SIZE sizeof("readOnly") + sizeof("noCertDB") + \
sizeof("noModDB") + sizeof("forceOpen") + sizeof("passwordRequired") + \
- sizeof("optimizeSpace")
+ sizeof("optimizeSpace") + sizeof("printPolicyFeedback")
#define NSS_DEFAULT_MOD_NAME "NSS Internal Module"
static char *
@@ -702,6 +702,30 @@ nss_Init(const char *configdir, const char *certPrefix, const char *keyPrefix,
if (SECOID_Init() != SECSuccess) {
goto loser;
}
+#ifdef POLICY_FILE
+ /* Load the system crypto policy file if it exists,
+ * unless the NSS_IGNORE_SYSTEM_POLICY environment
+ * variable has been set to 1. */
+ ignoreVar = PR_GetEnvSecure("NSS_IGNORE_SYSTEM_POLICY");
+ if (ignoreVar == NULL || strncmp(ignoreVar, "1", sizeof("1")) != 0) {
+ if (PR_Access(POLICY_PATH "/" POLICY_FILE, PR_ACCESS_READ_OK) == PR_SUCCESS) {
+ SECMODModule *module = SECMOD_LoadModule(
+ "name=\"Policy File\" "
+ "parameters=\"configdir='sql:" POLICY_PATH "' "
+ "secmod='" POLICY_FILE "' "
+ "flags=readOnly,noCertDB,forceSecmodChoice,forceOpen\" "
+ "NSS=\"flags=internal,moduleDB,skipFirst,moduleDBOnly,critical\"",
+ parent, PR_TRUE);
+ if (module) {
+ PRBool isLoaded = module->loaded;
+ SECMOD_DestroyModule(module);
+ if (!isLoaded) {
+ goto loser;
+ }
+ }
+ }
+ }
+#endif
if (STAN_LoadDefaultNSS3TrustDomain() != PR_SUCCESS) {
goto loser;
}
@@ -730,30 +754,6 @@ nss_Init(const char *configdir, const char *certPrefix, const char *keyPrefix,
}
}
}
-#ifdef POLICY_FILE
- /* Load the system crypto policy file if it exists,
- * unless the NSS_IGNORE_SYSTEM_POLICY environment
- * variable has been set to 1. */
- ignoreVar = PR_GetEnvSecure("NSS_IGNORE_SYSTEM_POLICY");
- if (ignoreVar == NULL || strncmp(ignoreVar, "1", sizeof("1")) != 0) {
- if (PR_Access(POLICY_PATH "/" POLICY_FILE, PR_ACCESS_READ_OK) == PR_SUCCESS) {
- SECMODModule *module = SECMOD_LoadModule(
- "name=\"Policy File\" "
- "parameters=\"configdir='sql:" POLICY_PATH "' "
- "secmod='" POLICY_FILE "' "
- "flags=readOnly,noCertDB,forceSecmodChoice,forceOpen\" "
- "NSS=\"flags=internal,moduleDB,skipFirst,moduleDBOnly,critical\"",
- parent, PR_TRUE);
- if (module) {
- PRBool isLoaded = module->loaded;
- SECMOD_DestroyModule(module);
- if (!isLoaded) {
- goto loser;
- }
- }
- }
- }
-#endif
pk11sdr_Init();
cert_CreateSubjectKeyIDHashTable();
diff --git a/security/nss/lib/pk11wrap/pk11akey.c b/security/nss/lib/pk11wrap/pk11akey.c
index 346e473a9..c6070e264 100644
--- a/security/nss/lib/pk11wrap/pk11akey.c
+++ b/security/nss/lib/pk11wrap/pk11akey.c
@@ -13,7 +13,7 @@
#include "pkcs11t.h"
#include "pk11func.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "keyi.h"
#include "secitem.h"
#include "secasn1.h"
@@ -804,30 +804,12 @@ PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType,
/* don't know? look it up */
if (keyType == nullKey) {
CK_KEY_TYPE pk11Type = CKK_RSA;
- SECItem info;
pk11Type = PK11_ReadULongAttribute(slot, privID, CKA_KEY_TYPE);
isTemp = (PRBool)!PK11_HasAttributeSet(slot, privID, CKA_TOKEN, PR_FALSE);
switch (pk11Type) {
case CKK_RSA:
keyType = rsaKey;
- /* determine RSA key type from the CKA_PUBLIC_KEY_INFO if present */
- rv = PK11_ReadAttribute(slot, privID, CKA_PUBLIC_KEY_INFO, NULL, &info);
- if (rv == SECSuccess) {
- CERTSubjectPublicKeyInfo *spki;
-
- spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&info);
- if (spki) {
- SECOidTag tag;
-
- tag = SECOID_GetAlgorithmTag(&spki->algorithm);
- if (tag == SEC_OID_PKCS1_RSA_PSS_SIGNATURE)
- keyType = rsaPssKey;
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- }
- SECITEM_FreeItem(&info, PR_FALSE);
- }
-
break;
case CKK_DSA:
keyType = dsaKey;
diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c
index c1caf5e60..819769643 100644
--- a/security/nss/lib/pk11wrap/pk11cert.c
+++ b/security/nss/lib/pk11wrap/pk11cert.c
@@ -15,7 +15,7 @@
#include "cert.h"
#include "certi.h"
#include "secitem.h"
-#include "key.h"
+#include "keyhi.h"
#include "secoid.h"
#include "pkcs7t.h"
#include "cmsreclist.h"
@@ -741,7 +741,7 @@ find_certs_from_nickname(const char *nickname, void *wincx)
char *delimit = NULL;
char *tokenName;
- if (!strncmp(nickname, "pkcs11:", strlen("pkcs11:"))) {
+ if (!PORT_Strncasecmp(nickname, "pkcs11:", strlen("pkcs11:"))) {
certs = find_certs_from_uri(nickname, wincx);
if (certs)
return certs;
diff --git a/security/nss/lib/pk11wrap/pk11kea.c b/security/nss/lib/pk11wrap/pk11kea.c
index 331a19c16..1f228cfaf 100644
--- a/security/nss/lib/pk11wrap/pk11kea.c
+++ b/security/nss/lib/pk11wrap/pk11kea.c
@@ -14,7 +14,7 @@
#include "pkcs11.h"
#include "pk11func.h"
#include "secitem.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "sechash.h"
#include "cert.h"
diff --git a/security/nss/lib/pk11wrap/pk11obj.c b/security/nss/lib/pk11wrap/pk11obj.c
index b97caddd4..937ac654a 100644
--- a/security/nss/lib/pk11wrap/pk11obj.c
+++ b/security/nss/lib/pk11wrap/pk11obj.c
@@ -11,7 +11,7 @@
#include "pkcs11.h"
#include "pkcs11t.h"
#include "pk11func.h"
-#include "key.h"
+#include "keyhi.h"
#include "secitem.h"
#include "secerr.h"
#include "sslerr.h"
diff --git a/security/nss/lib/pk11wrap/pk11pars.c b/security/nss/lib/pk11wrap/pk11pars.c
index c165e1ef2..db60f7c9d 100644
--- a/security/nss/lib/pk11wrap/pk11pars.c
+++ b/security/nss/lib/pk11wrap/pk11pars.c
@@ -109,6 +109,7 @@ secmod_NewModule(void)
*other flags are set */
#define SECMOD_FLAG_MODULE_DB_SKIP_FIRST 0x02
#define SECMOD_FLAG_MODULE_DB_DEFAULT_MODDB 0x04
+#define SECMOD_FLAG_MODULE_DB_POLICY_ONLY 0x08
/* private flags for internal (field in SECMODModule). */
/* The meaing of these flags is as follows:
@@ -193,7 +194,7 @@ typedef struct {
* This table should be merged with the SECOID table.
*/
#define CIPHER_NAME(x) x, (sizeof(x) - 1)
-static const oidValDef algOptList[] = {
+static const oidValDef curveOptList[] = {
/* Curves */
{ CIPHER_NAME("PRIME192V1"), SEC_OID_ANSIX962_EC_PRIME192V1,
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
@@ -315,7 +316,9 @@ static const oidValDef algOptList[] = {
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
{ CIPHER_NAME("SECT571R1"), SEC_OID_SECG_EC_SECT571R1,
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+};
+static const oidValDef hashOptList[] = {
/* Hashes */
{ CIPHER_NAME("MD2"), SEC_OID_MD2,
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
@@ -333,7 +336,9 @@ static const oidValDef algOptList[] = {
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
{ CIPHER_NAME("SHA512"), SEC_OID_SHA512,
NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_CERT_SIGNATURE },
+};
+static const oidValDef macOptList[] = {
/* MACs */
{ CIPHER_NAME("HMAC-SHA1"), SEC_OID_HMAC_SHA1, NSS_USE_ALG_IN_SSL },
{ CIPHER_NAME("HMAC-SHA224"), SEC_OID_HMAC_SHA224, NSS_USE_ALG_IN_SSL },
@@ -341,7 +346,9 @@ static const oidValDef algOptList[] = {
{ CIPHER_NAME("HMAC-SHA384"), SEC_OID_HMAC_SHA384, NSS_USE_ALG_IN_SSL },
{ CIPHER_NAME("HMAC-SHA512"), SEC_OID_HMAC_SHA512, NSS_USE_ALG_IN_SSL },
{ CIPHER_NAME("HMAC-MD5"), SEC_OID_HMAC_MD5, NSS_USE_ALG_IN_SSL },
+};
+static const oidValDef cipherOptList[] = {
/* Ciphers */
{ CIPHER_NAME("AES128-CBC"), SEC_OID_AES_128_CBC, NSS_USE_ALG_IN_SSL },
{ CIPHER_NAME("AES192-CBC"), SEC_OID_AES_192_CBC, NSS_USE_ALG_IN_SSL },
@@ -361,7 +368,9 @@ static const oidValDef algOptList[] = {
{ CIPHER_NAME("RC2"), SEC_OID_RC2_CBC, NSS_USE_ALG_IN_SSL },
{ CIPHER_NAME("RC4"), SEC_OID_RC4, NSS_USE_ALG_IN_SSL },
{ CIPHER_NAME("IDEA"), SEC_OID_IDEA_CBC, NSS_USE_ALG_IN_SSL },
+};
+static const oidValDef kxOptList[] = {
/* Key exchange */
{ CIPHER_NAME("RSA"), SEC_OID_TLS_RSA, NSS_USE_ALG_IN_SSL_KX },
{ CIPHER_NAME("RSA-EXPORT"), SEC_OID_TLS_RSA_EXPORT, NSS_USE_ALG_IN_SSL_KX },
@@ -375,6 +384,20 @@ static const oidValDef algOptList[] = {
{ CIPHER_NAME("ECDH-RSA"), SEC_OID_TLS_ECDH_RSA, NSS_USE_ALG_IN_SSL_KX },
};
+typedef struct {
+ const oidValDef *list;
+ PRUint32 entries;
+ const char *description;
+} algListsDef;
+
+static const algListsDef algOptLists[] = {
+ { curveOptList, PR_ARRAY_SIZE(curveOptList), "ECC" },
+ { hashOptList, PR_ARRAY_SIZE(hashOptList), "HASH" },
+ { macOptList, PR_ARRAY_SIZE(macOptList), "MAC" },
+ { cipherOptList, PR_ARRAY_SIZE(cipherOptList), "CIPHER" },
+ { kxOptList, PR_ARRAY_SIZE(kxOptList), "OTHER-KX" },
+};
+
static const optionFreeDef sslOptList[] = {
/* Versions */
{ CIPHER_NAME("SSL2.0"), 0x002 },
@@ -401,7 +424,7 @@ static const optionFreeDef freeOptList[] = {
{ CIPHER_NAME("TLS-VERSION-MAX"), NSS_TLS_VERSION_MAX_POLICY },
/* constraints on DTLS Protocols */
{ CIPHER_NAME("DTLS-VERSION-MIN"), NSS_DTLS_VERSION_MIN_POLICY },
- { CIPHER_NAME("DTLS-VERSION-MAX"), NSS_DTLS_VERSION_MIN_POLICY }
+ { CIPHER_NAME("DTLS-VERSION-MAX"), NSS_DTLS_VERSION_MAX_POLICY }
};
static const policyFlagDef policyFlagList[] = {
@@ -446,7 +469,8 @@ secmod_ArgGetSubValue(const char *cipher, char sep1, char sep2,
}
static PRUint32
-secmod_parsePolicyValue(const char *policyFlags, int policyLength)
+secmod_parsePolicyValue(const char *policyFlags, int policyLength,
+ PRBool printPolicyFeedback)
{
const char *flag, *currentString;
PRUint32 flags = 0;
@@ -455,6 +479,7 @@ secmod_parsePolicyValue(const char *policyFlags, int policyLength)
for (currentString = policyFlags; currentString &&
currentString < policyFlags + policyLength;) {
int length;
+ PRBool unknown = PR_TRUE;
flag = secmod_ArgGetSubValue(currentString, ',', ':', &length,
¤tString);
if (length == 0) {
@@ -466,41 +491,49 @@ secmod_parsePolicyValue(const char *policyFlags, int policyLength)
if ((policy->name_size == length) &&
PORT_Strncasecmp(policy->name, flag, name_size) == 0) {
flags |= policy->flag;
+ unknown = PR_FALSE;
break;
}
}
+ if (unknown && printPolicyFeedback) {
+ PR_SetEnv("NSS_POLICY_FAIL=1");
+ fprintf(stderr, "NSS-POLICY-FAIL %.*s: unknown value: %.*s\n",
+ policyLength, policyFlags, length, flag);
+ }
}
return flags;
}
/* allow symbolic names for values. The only ones currently defines or
* SSL protocol versions. */
-static PRInt32
-secmod_getPolicyOptValue(const char *policyValue, int policyValueLength)
+static SECStatus
+secmod_getPolicyOptValue(const char *policyValue, int policyValueLength,
+ PRInt32 *result)
{
PRInt32 val = atoi(policyValue);
int i;
if ((val != 0) || (*policyValue == '0')) {
- return val;
+ *result = val;
+ return SECSuccess;
}
for (i = 0; i < PR_ARRAY_SIZE(sslOptList); i++) {
if (policyValueLength == sslOptList[i].name_size &&
PORT_Strncasecmp(sslOptList[i].name, policyValue,
sslOptList[i].name_size) == 0) {
- val = sslOptList[i].option;
- break;
+ *result = sslOptList[i].option;
+ return SECSuccess;
}
}
- return val;
+ return SECFailure;
}
static SECStatus
-secmod_applyCryptoPolicy(const char *policyString,
- PRBool allow)
+secmod_applyCryptoPolicy(const char *policyString, PRBool allow,
+ PRBool printPolicyFeedback)
{
const char *cipher, *currentString;
- unsigned i;
+ unsigned i, j;
SECStatus rv = SECSuccess;
PRBool unknown;
@@ -525,56 +558,63 @@ secmod_applyCryptoPolicy(const char *policyString,
/* disable or enable all options by default */
PRUint32 value = 0;
if (newValue) {
- value = secmod_parsePolicyValue(&cipher[3] + 1, length - 3 - 1);
+ value = secmod_parsePolicyValue(&cipher[3] + 1, length - 3 - 1, printPolicyFeedback);
}
- for (i = 0; i < PR_ARRAY_SIZE(algOptList); i++) {
- PRUint32 enable, disable;
- if (!newValue) {
- value = algOptList[i].val;
- }
- if (allow) {
- enable = value;
- disable = 0;
- } else {
- enable = 0;
- disable = value;
+ for (i = 0; i < PR_ARRAY_SIZE(algOptLists); i++) {
+ const algListsDef *algOptList = &algOptLists[i];
+ for (j = 0; j < algOptList->entries; j++) {
+ PRUint32 enable, disable;
+ if (!newValue) {
+ value = algOptList->list[j].val;
+ }
+ if (allow) {
+ enable = value;
+ disable = 0;
+ } else {
+ enable = 0;
+ disable = value;
+ }
+ NSS_SetAlgorithmPolicy(algOptList->list[j].oid, enable, disable);
}
- NSS_SetAlgorithmPolicy(algOptList[i].oid, enable, disable);
}
continue;
}
- for (i = 0; i < PR_ARRAY_SIZE(algOptList); i++) {
- const oidValDef *algOpt = &algOptList[i];
- unsigned name_size = algOpt->name_size;
- PRBool newOption = PR_FALSE;
+ for (i = 0; i < PR_ARRAY_SIZE(algOptLists); i++) {
+ const algListsDef *algOptList = &algOptLists[i];
+ for (j = 0; j < algOptList->entries; j++) {
+ const oidValDef *algOpt = &algOptList->list[j];
+ unsigned name_size = algOpt->name_size;
+ PRBool newOption = PR_FALSE;
- if ((length >= name_size) && (cipher[name_size] == '/')) {
- newOption = PR_TRUE;
- }
- if ((newOption || algOpt->name_size == length) &&
- PORT_Strncasecmp(algOpt->name, cipher, name_size) == 0) {
- PRUint32 value = algOpt->val;
- PRUint32 enable, disable;
- if (newOption) {
- value = secmod_parsePolicyValue(&cipher[name_size] + 1,
- length - name_size - 1);
+ if ((length >= name_size) && (cipher[name_size] == '/')) {
+ newOption = PR_TRUE;
}
- if (allow) {
- enable = value;
- disable = 0;
- } else {
- enable = 0;
- disable = value;
- }
- rv = NSS_SetAlgorithmPolicy(algOpt->oid, enable, disable);
- if (rv != SECSuccess) {
- /* could not enable option */
- /* NSS_SetAlgorithPolicy should have set the error code */
- return SECFailure;
+ if ((newOption || algOpt->name_size == length) &&
+ PORT_Strncasecmp(algOpt->name, cipher, name_size) == 0) {
+ PRUint32 value = algOpt->val;
+ PRUint32 enable, disable;
+ if (newOption) {
+ value = secmod_parsePolicyValue(&cipher[name_size] + 1,
+ length - name_size - 1,
+ printPolicyFeedback);
+ }
+ if (allow) {
+ enable = value;
+ disable = 0;
+ } else {
+ enable = 0;
+ disable = value;
+ }
+ rv = NSS_SetAlgorithmPolicy(algOpt->oid, enable, disable);
+ if (rv != SECSuccess) {
+ /* could not enable option */
+ /* NSS_SetAlgorithPolicy should have set the error code */
+ return SECFailure;
+ }
+ unknown = PR_FALSE;
+ break;
}
- unknown = PR_FALSE;
- break;
}
}
if (!unknown) {
@@ -587,9 +627,19 @@ secmod_applyCryptoPolicy(const char *policyString,
if ((length > name_size) && cipher[name_size] == '=' &&
PORT_Strncasecmp(freeOpt->name, cipher, name_size) == 0) {
- PRInt32 val = secmod_getPolicyOptValue(&cipher[name_size + 1],
- length - name_size - 1);
-
+ PRInt32 val;
+ const char *policyValue = &cipher[name_size + 1];
+ int policyValueLength = length - name_size - 1;
+ rv = secmod_getPolicyOptValue(policyValue, policyValueLength,
+ &val);
+ if (rv != SECSuccess) {
+ if (printPolicyFeedback) {
+ PR_SetEnv("NSS_POLICY_FAIL=1");
+ fprintf(stderr, "NSS-POLICY-FAIL %.*s: unknown value: %.*s\n",
+ length, cipher, policyValueLength, policyValue);
+ }
+ return SECFailure;
+ }
rv = NSS_OptionSet(freeOpt->option, val);
if (rv != SECSuccess) {
/* could not enable option */
@@ -602,12 +652,83 @@ secmod_applyCryptoPolicy(const char *policyString,
break;
}
}
+
+ if (unknown && printPolicyFeedback) {
+ PR_SetEnv("NSS_POLICY_FAIL=1");
+ fprintf(stderr, "NSS-POLICY-FAIL %s: unknown identifier: %.*s\n",
+ allow ? "allow" : "disallow", length, cipher);
+ }
}
return rv;
}
+static void
+secmod_sanityCheckCryptoPolicy(void)
+{
+ unsigned i, j;
+ SECStatus rv = SECSuccess;
+ unsigned num_kx_enabled = 0;
+ unsigned num_ssl_enabled = 0;
+ unsigned num_sig_enabled = 0;
+ unsigned enabledCount[PR_ARRAY_SIZE(algOptLists)];
+ const char *sWarn = "WARN";
+ const char *sInfo = "INFO";
+ PRBool haveWarning = PR_FALSE;
+
+ for (i = 0; i < PR_ARRAY_SIZE(algOptLists); i++) {
+ const algListsDef *algOptList = &algOptLists[i];
+ enabledCount[i] = 0;
+ for (j = 0; j < algOptList->entries; j++) {
+ const oidValDef *algOpt = &algOptList->list[j];
+ PRUint32 value;
+ PRBool anyEnabled = PR_FALSE;
+ rv = NSS_GetAlgorithmPolicy(algOpt->oid, &value);
+ if (rv != SECSuccess) {
+ PR_SetEnv("NSS_POLICY_FAIL=1");
+ fprintf(stderr, "NSS-POLICY-FAIL: internal failure with NSS_GetAlgorithmPolicy at %u\n", i);
+ return;
+ }
+
+ if ((algOpt->val & NSS_USE_ALG_IN_SSL_KX) && (value & NSS_USE_ALG_IN_SSL_KX)) {
+ ++num_kx_enabled;
+ anyEnabled = PR_TRUE;
+ fprintf(stderr, "NSS-POLICY-INFO: %s is enabled for KX\n", algOpt->name);
+ }
+ if ((algOpt->val & NSS_USE_ALG_IN_SSL) && (value & NSS_USE_ALG_IN_SSL)) {
+ ++num_ssl_enabled;
+ anyEnabled = PR_TRUE;
+ fprintf(stderr, "NSS-POLICY-INFO: %s is enabled for SSL\n", algOpt->name);
+ }
+ if ((algOpt->val & NSS_USE_ALG_IN_CERT_SIGNATURE) && (value & NSS_USE_ALG_IN_CERT_SIGNATURE)) {
+ ++num_sig_enabled;
+ anyEnabled = PR_TRUE;
+ fprintf(stderr, "NSS-POLICY-INFO: %s is enabled for CERT-SIGNATURE\n", algOpt->name);
+ }
+ if (anyEnabled) {
+ ++enabledCount[i];
+ }
+ }
+ }
+ fprintf(stderr, "NSS-POLICY-%s: NUMBER-OF-SSL-ALG-KX: %u\n", num_kx_enabled ? sInfo : sWarn, num_kx_enabled);
+ fprintf(stderr, "NSS-POLICY-%s: NUMBER-OF-SSL-ALG: %u\n", num_ssl_enabled ? sInfo : sWarn, num_ssl_enabled);
+ fprintf(stderr, "NSS-POLICY-%s: NUMBER-OF-CERT-SIG: %u\n", num_sig_enabled ? sInfo : sWarn, num_sig_enabled);
+ if (!num_kx_enabled || !num_ssl_enabled || !num_sig_enabled) {
+ haveWarning = PR_TRUE;
+ }
+ for (i = 0; i < PR_ARRAY_SIZE(algOptLists); i++) {
+ const algListsDef *algOptList = &algOptLists[i];
+ fprintf(stderr, "NSS-POLICY-%s: NUMBER-OF-%s: %u\n", enabledCount[i] ? sInfo : sWarn, algOptList->description, enabledCount[i]);
+ if (!enabledCount[i]) {
+ haveWarning = PR_TRUE;
+ }
+ }
+ if (haveWarning) {
+ PR_SetEnv("NSS_POLICY_WARN=1");
+ }
+}
+
static SECStatus
-secmod_parseCryptoPolicy(const char *policyConfig)
+secmod_parseCryptoPolicy(const char *policyConfig, PRBool printPolicyFeedback)
{
char *disallow, *allow;
SECStatus rv;
@@ -622,16 +743,26 @@ secmod_parseCryptoPolicy(const char *policyConfig)
return rv;
}
disallow = NSSUTIL_ArgGetParamValue("disallow", policyConfig);
- rv = secmod_applyCryptoPolicy(disallow, PR_FALSE);
+ rv = secmod_applyCryptoPolicy(disallow, PR_FALSE, printPolicyFeedback);
if (disallow)
PORT_Free(disallow);
if (rv != SECSuccess) {
return rv;
}
allow = NSSUTIL_ArgGetParamValue("allow", policyConfig);
- rv = secmod_applyCryptoPolicy(allow, PR_TRUE);
+ rv = secmod_applyCryptoPolicy(allow, PR_TRUE, printPolicyFeedback);
if (allow)
PORT_Free(allow);
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ if (printPolicyFeedback) {
+ /* This helps to distinguish configurations that don't contain any
+ * policy config= statement. */
+ PR_SetEnv("NSS_POLICY_LOADED=1");
+ fprintf(stderr, "NSS-POLICY-INFO: LOADED-SUCCESSFULLY\n");
+ secmod_sanityCheckCryptoPolicy();
+ }
return rv;
}
@@ -648,11 +779,16 @@ SECMOD_CreateModuleEx(const char *library, const char *moduleName,
char *slotParams, *ciphers;
/* pk11pars.h still does not have const char * interfaces */
char *nssc = (char *)nss;
+ PRBool printPolicyFeedback = NSSUTIL_ArgHasFlag("flags", "printPolicyFeedback", nssc);
- rv = secmod_parseCryptoPolicy(config);
+ rv = secmod_parseCryptoPolicy(config, printPolicyFeedback);
/* do not load the module if policy parsing fails */
if (rv != SECSuccess) {
+ if (printPolicyFeedback) {
+ PR_SetEnv("NSS_POLICY_FAIL=1");
+ fprintf(stderr, "NSS-POLICY-FAIL: policy config parsing failed, not loading module %s\n", moduleName);
+ }
return NULL;
}
@@ -703,6 +839,9 @@ SECMOD_CreateModuleEx(const char *library, const char *moduleName,
if (NSSUTIL_ArgHasFlag("flags", "defaultModDB", nssc)) {
flags |= SECMOD_FLAG_MODULE_DB_DEFAULT_MODDB;
}
+ if (NSSUTIL_ArgHasFlag("flags", "policyOnly", nssc)) {
+ flags |= SECMOD_FLAG_MODULE_DB_POLICY_ONLY;
+ }
/* additional moduleDB flags could be added here in the future */
mod->isModuleDB = (PRBool)flags;
}
@@ -742,6 +881,14 @@ SECMOD_GetDefaultModDBFlag(SECMODModule *mod)
return (flags & SECMOD_FLAG_MODULE_DB_DEFAULT_MODDB) ? PR_TRUE : PR_FALSE;
}
+PRBool
+secmod_PolicyOnly(SECMODModule *mod)
+{
+ char flags = (char)mod->isModuleDB;
+
+ return (flags & SECMOD_FLAG_MODULE_DB_POLICY_ONLY) ? PR_TRUE : PR_FALSE;
+}
+
PRBool
secmod_IsInternalKeySlot(SECMODModule *mod)
{
@@ -1635,6 +1782,7 @@ SECMOD_LoadModule(char *modulespec, SECMODModule *parent, PRBool recurse)
SECMODModule *module = NULL;
SECMODModule *oldModule = NULL;
SECStatus rv;
+ PRBool forwardPolicyFeedback = PR_FALSE;
/* initialize the underlying module structures */
SECMOD_Init();
@@ -1647,6 +1795,7 @@ SECMOD_LoadModule(char *modulespec, SECMODModule *parent, PRBool recurse)
}
module = SECMOD_CreateModuleEx(library, moduleName, parameters, nss, config);
+ forwardPolicyFeedback = NSSUTIL_ArgHasFlag("flags", "printPolicyFeedback", nss);
if (library)
PORT_Free(library);
if (moduleName)
@@ -1660,6 +1809,12 @@ SECMOD_LoadModule(char *modulespec, SECMODModule *parent, PRBool recurse)
if (!module) {
goto loser;
}
+
+ /* a policy only stanza doesn't actually get 'loaded'. policy has already
+ * been parsed as a side effect of the CreateModuleEx call */
+ if (secmod_PolicyOnly(module)) {
+ return module;
+ }
if (parent) {
module->parent = SECMOD_ReferenceModule(parent);
if (module->internal && secmod_IsInternalKeySlot(parent)) {
@@ -1703,7 +1858,15 @@ SECMOD_LoadModule(char *modulespec, SECMODModule *parent, PRBool recurse)
rv = SECFailure;
break;
}
- child = SECMOD_LoadModule(*index, module, PR_TRUE);
+ if (!forwardPolicyFeedback) {
+ child = SECMOD_LoadModule(*index, module, PR_TRUE);
+ } else {
+ /* Add printPolicyFeedback to the nss flags */
+ char *specWithForwards =
+ NSSUTIL_AddNSSFlagToModuleSpec(*index, "printPolicyFeedback");
+ child = SECMOD_LoadModule(specWithForwards, module, PR_TRUE);
+ PORT_Free(specWithForwards);
+ }
if (!child)
break;
if (child->isCritical && !child->loaded) {
diff --git a/security/nss/lib/pk11wrap/pk11pbe.c b/security/nss/lib/pk11wrap/pk11pbe.c
index 5f68f399e..4b6645578 100644
--- a/security/nss/lib/pk11wrap/pk11pbe.c
+++ b/security/nss/lib/pk11wrap/pk11pbe.c
@@ -23,7 +23,7 @@
#include "pkcs11.h"
#include "pk11func.h"
#include "secitem.h"
-#include "key.h"
+#include "keyhi.h"
typedef struct SEC_PKCS5PBEParameterStr SEC_PKCS5PBEParameter;
struct SEC_PKCS5PBEParameterStr {
diff --git a/security/nss/lib/pk11wrap/pk11pk12.c b/security/nss/lib/pk11wrap/pk11pk12.c
index 035143af8..47b6702c6 100644
--- a/security/nss/lib/pk11wrap/pk11pk12.c
+++ b/security/nss/lib/pk11wrap/pk11pk12.c
@@ -14,7 +14,7 @@
#include "pkcs11.h"
#include "pk11func.h"
#include "secitem.h"
-#include "key.h"
+#include "keyhi.h"
#include "secoid.h"
#include "secasn1.h"
#include "secerr.h"
diff --git a/security/nss/lib/pk11wrap/pk11priv.h b/security/nss/lib/pk11wrap/pk11priv.h
index 9281923fa..8848c81ec 100644
--- a/security/nss/lib/pk11wrap/pk11priv.h
+++ b/security/nss/lib/pk11wrap/pk11priv.h
@@ -7,7 +7,7 @@
#include "seccomon.h"
#include "secoidt.h"
#include "secdert.h"
-#include "keyt.h"
+#include "keythi.h"
#include "certt.h"
#include "pkcs11t.h"
#include "secmodt.h"
diff --git a/security/nss/lib/pk11wrap/pk11pub.h b/security/nss/lib/pk11wrap/pk11pub.h
index dbd8da092..8db969e4c 100644
--- a/security/nss/lib/pk11wrap/pk11pub.h
+++ b/security/nss/lib/pk11wrap/pk11pub.h
@@ -7,7 +7,7 @@
#include "seccomon.h"
#include "secoidt.h"
#include "secdert.h"
-#include "keyt.h"
+#include "keythi.h"
#include "certt.h"
#include "pkcs11t.h"
#include "secmodt.h"
diff --git a/security/nss/lib/pk11wrap/pk11slot.c b/security/nss/lib/pk11wrap/pk11slot.c
index c39abe17e..ebe54d495 100644
--- a/security/nss/lib/pk11wrap/pk11slot.c
+++ b/security/nss/lib/pk11wrap/pk11slot.c
@@ -607,12 +607,32 @@ PK11_FindSlotsByNames(const char *dllName, const char *slotName,
return slotList;
}
-PK11SlotInfo *
-PK11_FindSlotByName(const char *name)
+typedef PRBool (*PK11SlotMatchFunc)(PK11SlotInfo *slot, const void *arg);
+
+static PRBool
+pk11_MatchSlotByTokenName(PK11SlotInfo *slot, const void *arg)
+{
+ return PORT_Strcmp(slot->token_name, arg) == 0;
+}
+
+static PRBool
+pk11_MatchSlotBySerial(PK11SlotInfo *slot, const void *arg)
{
+ return PORT_Memcmp(slot->serial, arg, sizeof(slot->serial)) == 0;
+}
+
+static PRBool
+pk11_MatchSlotByTokenURI(PK11SlotInfo *slot, const void *arg)
+{
+ return pk11_MatchUriTokenInfo(slot, (PK11URI *)arg);
+}
+
+static PK11SlotInfo *
+pk11_FindSlot(const void *arg, PK11SlotMatchFunc func)
+{
+ SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
SECMODModuleList *mlp;
SECMODModuleList *modules;
- SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
int i;
PK11SlotInfo *slot = NULL;
@@ -620,10 +640,6 @@ PK11_FindSlotByName(const char *name)
PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
return slot;
}
- if ((name == NULL) || (*name == 0)) {
- return PK11_GetInternalKeySlot();
- }
-
/* work through all the slots */
SECMOD_GetReadLock(moduleLock);
modules = SECMOD_GetDefaultModuleList();
@@ -631,7 +647,7 @@ PK11_FindSlotByName(const char *name)
for (i = 0; i < mlp->module->slotCount; i++) {
PK11SlotInfo *tmpSlot = mlp->module->slots[i];
if (PK11_IsPresent(tmpSlot)) {
- if (PORT_Strcmp(tmpSlot->token_name, name) == 0) {
+ if (func(tmpSlot, arg)) {
slot = PK11_ReferenceSlot(tmpSlot);
break;
}
@@ -649,43 +665,41 @@ PK11_FindSlotByName(const char *name)
return slot;
}
-PK11SlotInfo *
-PK11_FindSlotBySerial(char *serial)
+static PK11SlotInfo *
+pk11_FindSlotByTokenURI(const char *uriString)
{
- SECMODModuleList *mlp;
- SECMODModuleList *modules;
- SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
- int i;
PK11SlotInfo *slot = NULL;
+ PK11URI *uri;
- if (!moduleLock) {
- PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
+ uri = PK11URI_ParseURI(uriString);
+ if (!uri) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
return slot;
}
- /* work through all the slots */
- SECMOD_GetReadLock(moduleLock);
- modules = SECMOD_GetDefaultModuleList();
- for (mlp = modules; mlp != NULL; mlp = mlp->next) {
- for (i = 0; i < mlp->module->slotCount; i++) {
- PK11SlotInfo *tmpSlot = mlp->module->slots[i];
- if (PK11_IsPresent(tmpSlot)) {
- if (PORT_Memcmp(tmpSlot->serial, serial,
- sizeof(tmpSlot->serial)) == 0) {
- slot = PK11_ReferenceSlot(tmpSlot);
- break;
- }
- }
- }
- if (slot != NULL)
- break;
+
+ slot = pk11_FindSlot(uri, pk11_MatchSlotByTokenURI);
+ PK11URI_DestroyURI(uri);
+ return slot;
+}
+
+PK11SlotInfo *
+PK11_FindSlotByName(const char *name)
+{
+ if ((name == NULL) || (*name == 0)) {
+ return PK11_GetInternalKeySlot();
}
- SECMOD_ReleaseReadLock(moduleLock);
- if (slot == NULL) {
- PORT_SetError(SEC_ERROR_NO_TOKEN);
+ if (!PORT_Strncasecmp(name, "pkcs11:", strlen("pkcs11:"))) {
+ return pk11_FindSlotByTokenURI(name);
}
- return slot;
+ return pk11_FindSlot(name, pk11_MatchSlotByTokenName);
+}
+
+PK11SlotInfo *
+PK11_FindSlotBySerial(char *serial)
+{
+ return pk11_FindSlot(serial, pk11_MatchSlotBySerial);
}
/*
diff --git a/security/nss/lib/pk11wrap/secmodi.h b/security/nss/lib/pk11wrap/secmodi.h
index 84f5f2a30..7ec77ced6 100644
--- a/security/nss/lib/pk11wrap/secmodi.h
+++ b/security/nss/lib/pk11wrap/secmodi.h
@@ -13,7 +13,7 @@
#include "secdert.h"
#include "certt.h"
#include "secmodt.h"
-#include "keyt.h"
+#include "keythi.h"
SEC_BEGIN_PROTOS
diff --git a/security/nss/lib/pkcs12/p12.h b/security/nss/lib/pkcs12/p12.h
index 118db6efa..495bbf6c4 100644
--- a/security/nss/lib/pkcs12/p12.h
+++ b/security/nss/lib/pkcs12/p12.h
@@ -6,7 +6,7 @@
#define _P12_H_
#include "secoid.h"
-#include "key.h"
+#include "keyhi.h"
#include "secpkcs7.h"
#include "p12t.h"
diff --git a/security/nss/lib/pkcs12/p12t.h b/security/nss/lib/pkcs12/p12t.h
index 62c2b502e..b22f0dd82 100644
--- a/security/nss/lib/pkcs12/p12t.h
+++ b/security/nss/lib/pkcs12/p12t.h
@@ -6,7 +6,7 @@
#define _P12T_H_
#include "secoid.h"
-#include "key.h"
+#include "keythi.h"
#include "pkcs11.h"
#include "secpkcs7.h"
#include "secdig.h" /* for SGNDigestInfo */
diff --git a/security/nss/lib/pkcs12/pkcs12t.h b/security/nss/lib/pkcs12/pkcs12t.h
index ad00d7b5b..db10d28af 100644
--- a/security/nss/lib/pkcs12/pkcs12t.h
+++ b/security/nss/lib/pkcs12/pkcs12t.h
@@ -8,7 +8,7 @@
#include "seccomon.h"
#include "secoid.h"
#include "cert.h"
-#include "key.h"
+#include "keythi.h"
#include "plarena.h"
#include "secpkcs7.h"
#include "secdig.h" /* for SGNDigestInfo */
diff --git a/security/nss/lib/pkcs7/p7decode.c b/security/nss/lib/pkcs7/p7decode.c
index ba51955ab..641d201e5 100644
--- a/security/nss/lib/pkcs7/p7decode.c
+++ b/security/nss/lib/pkcs7/p7decode.c
@@ -16,7 +16,7 @@
/* include should be removed! */
/*#include "cdbhdl.h" */
#include "cryptohi.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "secitem.h"
#include "secoid.h"
diff --git a/security/nss/lib/pkcs7/secmime.c b/security/nss/lib/pkcs7/secmime.c
index ca1046aa5..8a4afe45b 100644
--- a/security/nss/lib/pkcs7/secmime.c
+++ b/security/nss/lib/pkcs7/secmime.c
@@ -14,7 +14,7 @@
#include "secasn1.h"
#include "secitem.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secerr.h"
typedef struct smime_cipher_map_struct {
diff --git a/security/nss/lib/pkcs7/secpkcs7.h b/security/nss/lib/pkcs7/secpkcs7.h
index 78270bd15..4a88df1df 100644
--- a/security/nss/lib/pkcs7/secpkcs7.h
+++ b/security/nss/lib/pkcs7/secpkcs7.h
@@ -13,7 +13,7 @@
#include "secoidt.h"
#include "certt.h"
-#include "keyt.h"
+#include "keythi.h"
#include "hasht.h"
#include "pkcs7t.h"
diff --git a/security/nss/lib/smime/cms.h b/security/nss/lib/smime/cms.h
index 244df4879..f4a8a39e9 100644
--- a/security/nss/lib/smime/cms.h
+++ b/security/nss/lib/smime/cms.h
@@ -13,7 +13,7 @@
#include "secoidt.h"
#include "certt.h"
-#include "keyt.h"
+#include "keythi.h"
#include "hasht.h"
#include "cmst.h"
diff --git a/security/nss/lib/smime/cmsasn1.c b/security/nss/lib/smime/cmsasn1.c
index 15cf08fcc..8ba95d044 100644
--- a/security/nss/lib/smime/cmsasn1.c
+++ b/security/nss/lib/smime/cmsasn1.c
@@ -9,7 +9,7 @@
#include "cmslocal.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "secitem.h"
#include "secoid.h"
diff --git a/security/nss/lib/smime/cmsdecode.c b/security/nss/lib/smime/cmsdecode.c
index 62b4ebfe5..69965bdd7 100644
--- a/security/nss/lib/smime/cmsdecode.c
+++ b/security/nss/lib/smime/cmsdecode.c
@@ -9,7 +9,7 @@
#include "cmslocal.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "secitem.h"
#include "secoid.h"
diff --git a/security/nss/lib/smime/cmsdigest.c b/security/nss/lib/smime/cmsdigest.c
index 64b64a0f8..bd1474068 100644
--- a/security/nss/lib/smime/cmsdigest.c
+++ b/security/nss/lib/smime/cmsdigest.c
@@ -9,7 +9,7 @@
#include "cmslocal.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secitem.h"
#include "secoid.h"
#include "pk11func.h"
diff --git a/security/nss/lib/smime/cmsencdata.c b/security/nss/lib/smime/cmsencdata.c
index c3a4549ad..d2fc3358b 100644
--- a/security/nss/lib/smime/cmsencdata.c
+++ b/security/nss/lib/smime/cmsencdata.c
@@ -8,7 +8,7 @@
#include "cmslocal.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "secitem.h"
#include "secoid.h"
diff --git a/security/nss/lib/smime/cmsencode.c b/security/nss/lib/smime/cmsencode.c
index 0d723e865..703492b5e 100644
--- a/security/nss/lib/smime/cmsencode.c
+++ b/security/nss/lib/smime/cmsencode.c
@@ -9,7 +9,7 @@
#include "cmslocal.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "secoid.h"
#include "secitem.h"
diff --git a/security/nss/lib/smime/cmsenvdata.c b/security/nss/lib/smime/cmsenvdata.c
index f2c8e171d..d5d5c4123 100644
--- a/security/nss/lib/smime/cmsenvdata.c
+++ b/security/nss/lib/smime/cmsenvdata.c
@@ -9,7 +9,7 @@
#include "cmslocal.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "secitem.h"
#include "secoid.h"
diff --git a/security/nss/lib/smime/cmspubkey.c b/security/nss/lib/smime/cmspubkey.c
index bc3cd993e..8f18f60de 100644
--- a/security/nss/lib/smime/cmspubkey.c
+++ b/security/nss/lib/smime/cmspubkey.c
@@ -9,7 +9,7 @@
#include "cmslocal.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "secitem.h"
#include "secoid.h"
diff --git a/security/nss/lib/smime/cmsrecinfo.c b/security/nss/lib/smime/cmsrecinfo.c
index 8cab288d2..20dd698e8 100644
--- a/security/nss/lib/smime/cmsrecinfo.c
+++ b/security/nss/lib/smime/cmsrecinfo.c
@@ -9,7 +9,7 @@
#include "cmslocal.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "secitem.h"
#include "secoid.h"
diff --git a/security/nss/lib/smime/cmsreclist.c b/security/nss/lib/smime/cmsreclist.c
index 99d7e9087..f75347407 100644
--- a/security/nss/lib/smime/cmsreclist.c
+++ b/security/nss/lib/smime/cmsreclist.c
@@ -9,7 +9,7 @@
#include "cmslocal.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "secitem.h"
#include "secoid.h"
diff --git a/security/nss/lib/smime/cmssiginfo.c b/security/nss/lib/smime/cmssiginfo.c
index ce4f87c0a..79aaf8f0a 100644
--- a/security/nss/lib/smime/cmssiginfo.c
+++ b/security/nss/lib/smime/cmssiginfo.c
@@ -9,7 +9,7 @@
#include "cmslocal.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "secitem.h"
#include "secoid.h"
diff --git a/security/nss/lib/smime/cmsutil.c b/security/nss/lib/smime/cmsutil.c
index cd12603fa..713b94aac 100644
--- a/security/nss/lib/smime/cmsutil.c
+++ b/security/nss/lib/smime/cmsutil.c
@@ -9,7 +9,7 @@
#include "cmslocal.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "secitem.h"
#include "secoid.h"
diff --git a/security/nss/lib/smime/smimemessage.c b/security/nss/lib/smime/smimemessage.c
index 774b9f3fd..3073ab245 100644
--- a/security/nss/lib/smime/smimemessage.c
+++ b/security/nss/lib/smime/smimemessage.c
@@ -10,7 +10,7 @@
#include "smime.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secasn1.h"
#include "secitem.h"
#include "secoid.h"
diff --git a/security/nss/lib/smime/smimeutil.c b/security/nss/lib/smime/smimeutil.c
index 7674a65fd..0e6bd32fd 100644
--- a/security/nss/lib/smime/smimeutil.c
+++ b/security/nss/lib/smime/smimeutil.c
@@ -13,7 +13,7 @@
#include "secasn1.h"
#include "secitem.h"
#include "cert.h"
-#include "key.h"
+#include "keyhi.h"
#include "secerr.h"
#include "cms.h"
#include "nss.h"
diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c
index 385d3c144..7eec3d7ee 100644
--- a/security/nss/lib/softoken/pkcs11c.c
+++ b/security/nss/lib/softoken/pkcs11c.c
@@ -3106,7 +3106,7 @@ RSA_HashCheckSign(SECOidTag digestOid, NSSLOWKEYPublicKey *key,
digest.len = digestLen;
rv = _SGN_VerifyPKCS1DigestInfo(
digestOid, &digest, &pkcs1DigestInfo,
- PR_TRUE /*XXX: unsafeAllowMissingParameters*/);
+ PR_FALSE /*XXX: unsafeAllowMissingParameters*/);
}
PORT_Free(pkcs1DigestInfoData);
diff --git a/security/nss/lib/softoken/softkver.h b/security/nss/lib/softoken/softkver.h
index 827bf2e22..c1f63d769 100644
--- a/security/nss/lib/softoken/softkver.h
+++ b/security/nss/lib/softoken/softkver.h
@@ -17,9 +17,9 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
*/
-#define SOFTOKEN_VERSION "3.38" SOFTOKEN_ECC_STRING
+#define SOFTOKEN_VERSION "3.41" SOFTOKEN_ECC_STRING
#define SOFTOKEN_VMAJOR 3
-#define SOFTOKEN_VMINOR 38
+#define SOFTOKEN_VMINOR 41
#define SOFTOKEN_VPATCH 0
#define SOFTOKEN_VBUILD 0
#define SOFTOKEN_BETA PR_FALSE
diff --git a/security/nss/lib/ssl/SSLerrs.h b/security/nss/lib/ssl/SSLerrs.h
index f01d16583..9be219494 100644
--- a/security/nss/lib/ssl/SSLerrs.h
+++ b/security/nss/lib/ssl/SSLerrs.h
@@ -552,3 +552,15 @@ ER3(SSL_ERROR_RX_MALFORMED_DTLS_ACK, (SSL_ERROR_BASE + 174),
ER3(SSL_ERROR_DH_KEY_TOO_LONG, (SSL_ERROR_BASE + 175),
"SSL received a DH key share that's too long (>8192 bit).")
+
+ER3(SSL_ERROR_RX_MALFORMED_ESNI_KEYS, (SSL_ERROR_BASE + 176),
+ "SSL received a malformed ESNI keys structure")
+
+ER3(SSL_ERROR_RX_MALFORMED_ESNI_EXTENSION, (SSL_ERROR_BASE + 177),
+ "SSL received a malformed ESNI extension")
+
+ER3(SSL_ERROR_MISSING_ESNI_EXTENSION, (SSL_ERROR_BASE + 178),
+ "SSL did not receive an ESNI extension")
+
+ER3(SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE, (SSL_ERROR_BASE + 179),
+ "SSL received an unexpected record type.")
diff --git a/security/nss/lib/ssl/authcert.c b/security/nss/lib/ssl/authcert.c
index 2765c8342..d05b30a72 100644
--- a/security/nss/lib/ssl/authcert.c
+++ b/security/nss/lib/ssl/authcert.c
@@ -13,7 +13,7 @@
#include "cert.h"
#include "nspr.h"
#include "secder.h"
-#include "key.h"
+#include "keyhi.h"
#include "nss.h"
#include "ssl.h"
#include "pk11func.h" /* for PK11_ function calls */
diff --git a/security/nss/lib/ssl/cmpcert.c b/security/nss/lib/ssl/cmpcert.c
index e6edbee83..8ab4a7f8d 100644
--- a/security/nss/lib/ssl/cmpcert.c
+++ b/security/nss/lib/ssl/cmpcert.c
@@ -13,7 +13,7 @@
#include "cert.h"
#include "nspr.h"
#include "secder.h"
-#include "key.h"
+#include "keyhi.h"
#include "nss.h"
/*
@@ -27,13 +27,9 @@ NSS_CmpCertChainWCANames(CERTCertificate *cert, CERTDistNames *caNames)
SECItem *caname;
CERTCertificate *curcert;
CERTCertificate *oldcert;
- PRInt32 contentlen;
int j;
- int headerlen;
int depth;
- SECStatus rv;
SECItem issuerName;
- SECItem compatIssuerName;
if (!cert || !caNames || !caNames->nnames || !caNames->names ||
!caNames->names->data)
@@ -44,29 +40,11 @@ NSS_CmpCertChainWCANames(CERTCertificate *cert, CERTDistNames *caNames)
while (curcert) {
issuerName = curcert->derIssuer;
- /* compute an alternate issuer name for compatibility with 2.0
- * enterprise server, which send the CA names without
- * the outer layer of DER header
- */
- rv = DER_Lengths(&issuerName, &headerlen, (PRUint32 *)&contentlen);
- if (rv == SECSuccess) {
- compatIssuerName.data = &issuerName.data[headerlen];
- compatIssuerName.len = issuerName.len - headerlen;
- } else {
- compatIssuerName.data = NULL;
- compatIssuerName.len = 0;
- }
-
for (j = 0; j < caNames->nnames; j++) {
caname = &caNames->names[j];
if (SECITEM_CompareItem(&issuerName, caname) == SECEqual) {
- rv = SECSuccess;
CERT_DestroyCertificate(curcert);
- goto done;
- } else if (SECITEM_CompareItem(&compatIssuerName, caname) == SECEqual) {
- rv = SECSuccess;
- CERT_DestroyCertificate(curcert);
- goto done;
+ return SECSuccess;
}
}
if ((depth <= 20) &&
@@ -82,8 +60,5 @@ NSS_CmpCertChainWCANames(CERTCertificate *cert, CERTDistNames *caNames)
curcert = NULL;
}
}
- rv = SECFailure;
-
-done:
- return rv;
+ return SECFailure;
}
diff --git a/security/nss/lib/ssl/config.mk b/security/nss/lib/ssl/config.mk
index d13613f78..b901a8830 100644
--- a/security/nss/lib/ssl/config.mk
+++ b/security/nss/lib/ssl/config.mk
@@ -60,3 +60,7 @@ endif
ifdef NSS_DISABLE_TLS_1_3
DEFINES += -DNSS_DISABLE_TLS_1_3
endif
+
+ifeq (,$(filter-out DragonFly FreeBSD Linux NetBSD OpenBSD, $(OS_TARGET)))
+CFLAGS += -std=gnu99
+endif
diff --git a/security/nss/lib/ssl/dtls13con.c b/security/nss/lib/ssl/dtls13con.c
index de6cb47ca..81d196dee 100644
--- a/security/nss/lib/ssl/dtls13con.c
+++ b/security/nss/lib/ssl/dtls13con.c
@@ -32,7 +32,7 @@ dtls13_InsertCipherTextHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec,
return sslBuffer_AppendNumber(wrBuf, seq, 2);
}
- rv = sslBuffer_AppendNumber(wrBuf, content_application_data, 1);
+ rv = sslBuffer_AppendNumber(wrBuf, ssl_ct_application_data, 1);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -147,7 +147,7 @@ dtls13_SendAck(sslSocket *ss)
}
ssl_GetXmitBufLock(ss);
- sent = ssl3_SendRecord(ss, NULL, content_ack,
+ sent = ssl3_SendRecord(ss, NULL, ssl_ct_ack,
buf.buf, buf.len, 0);
ssl_ReleaseXmitBufLock(ss);
if (sent != buf.len) {
@@ -343,7 +343,7 @@ dtls13_SetupAcks(sslSocket *ss)
*/
SECStatus
dtls13_HandleOutOfEpochRecord(sslSocket *ss, const ssl3CipherSpec *spec,
- SSL3ContentType rType,
+ SSLContentType rType,
sslBuffer *databuf)
{
SECStatus rv;
@@ -360,7 +360,7 @@ dtls13_HandleOutOfEpochRecord(sslSocket *ss, const ssl3CipherSpec *spec,
SSL_TRC(10, ("%d: DTLS13[%d]: handle out of epoch record: type=%d", SSL_GETPID(),
ss->fd, rType));
- if (rType == content_ack) {
+ if (rType == ssl_ct_ack) {
ssl_GetSSL3HandshakeLock(ss);
rv = dtls13_HandleAck(ss, &buf);
ssl_ReleaseSSL3HandshakeLock(ss);
@@ -380,7 +380,7 @@ dtls13_HandleOutOfEpochRecord(sslSocket *ss, const ssl3CipherSpec *spec,
* retransmitted Finished (e.g., because our ACK got lost.)
* We just retransmit the previous Finished to let the client
* complete. */
- if (rType == content_handshake) {
+ if (rType == ssl_ct_handshake) {
if ((ss->sec.isServer) &&
(ss->ssl3.hs.ws == idle_handshake)) {
PORT_Assert(dtls_TimerActive(ss, ss->ssl3.hs.hdTimer));
diff --git a/security/nss/lib/ssl/dtls13con.h b/security/nss/lib/ssl/dtls13con.h
index ca48ef363..ce92a8a55 100644
--- a/security/nss/lib/ssl/dtls13con.h
+++ b/security/nss/lib/ssl/dtls13con.h
@@ -21,7 +21,7 @@ PRBool dtls_NextUnackedRange(sslSocket *ss, PRUint16 msgSeq, PRUint32 offset,
PRUint32 len, PRUint32 *startOut, PRUint32 *endOut);
SECStatus dtls13_SetupAcks(sslSocket *ss);
SECStatus dtls13_HandleOutOfEpochRecord(sslSocket *ss, const ssl3CipherSpec *spec,
- SSL3ContentType rType,
+ SSLContentType rType,
sslBuffer *databuf);
SECStatus dtls13_HandleAck(sslSocket *ss, sslBuffer *databuf);
diff --git a/security/nss/lib/ssl/dtlscon.c b/security/nss/lib/ssl/dtlscon.c
index a82295c66..a5c604bca 100644
--- a/security/nss/lib/ssl/dtlscon.c
+++ b/security/nss/lib/ssl/dtlscon.c
@@ -120,7 +120,7 @@ ssl3_DisableNonDTLSSuites(sslSocket *ss)
* Called from dtls_QueueMessage()
*/
static DTLSQueuedMessage *
-dtls_AllocQueuedMessage(ssl3CipherSpec *cwSpec, SSL3ContentType type,
+dtls_AllocQueuedMessage(ssl3CipherSpec *cwSpec, SSLContentType ct,
const unsigned char *data, PRUint32 len)
{
DTLSQueuedMessage *msg;
@@ -138,7 +138,7 @@ dtls_AllocQueuedMessage(ssl3CipherSpec *cwSpec, SSL3ContentType type,
msg->len = len;
msg->cwSpec = cwSpec;
- msg->type = type;
+ msg->type = ct;
/* Safe if we are < 1.3, since the refct is
* already very high. */
ssl_CipherSpecAddRef(cwSpec);
@@ -517,7 +517,7 @@ loser:
* ssl3_SendChangeCipherSpecs()
*/
SECStatus
-dtls_QueueMessage(sslSocket *ss, SSL3ContentType type,
+dtls_QueueMessage(sslSocket *ss, SSLContentType ct,
const PRUint8 *pIn, PRInt32 nIn)
{
SECStatus rv = SECSuccess;
@@ -528,7 +528,7 @@ dtls_QueueMessage(sslSocket *ss, SSL3ContentType type,
PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
spec = ss->ssl3.cwSpec;
- msg = dtls_AllocQueuedMessage(spec, type, pIn, nIn);
+ msg = dtls_AllocQueuedMessage(spec, ct, pIn, nIn);
if (!msg) {
PORT_SetError(SEC_ERROR_NO_MEMORY);
@@ -562,7 +562,7 @@ dtls_StageHandshakeMessage(sslSocket *ss)
if (!ss->sec.ci.sendBuf.buf || !ss->sec.ci.sendBuf.len)
return rv;
- rv = dtls_QueueMessage(ss, content_handshake,
+ rv = dtls_QueueMessage(ss, ssl_ct_handshake,
ss->sec.ci.sendBuf.buf, ss->sec.ci.sendBuf.len);
/* Whether we succeeded or failed, toss the old handshake data. */
@@ -696,7 +696,7 @@ dtls_FragmentHandshake(sslSocket *ss, DTLSQueuedMessage *msg)
PORT_Assert(msg->len >= DTLS_HS_HDR_LEN);
/* DTLS only supports fragmenting handshaking messages. */
- PORT_Assert(msg->type == content_handshake);
+ PORT_Assert(msg->type == ssl_ct_handshake);
msgSeq = (msg->data[4] << 8) | msg->data[5];
@@ -848,7 +848,7 @@ dtls_TransmitMessageFlight(sslSocket *ss)
* be quite fragmented. Adding an extra flush here would push new
* messages into new records and reduce fragmentation. */
- if (msg->type == content_handshake) {
+ if (msg->type == ssl_ct_handshake) {
rv = dtls_FragmentHandshake(ss, msg);
} else {
PORT_Assert(!tls13_MaybeTls13(ss));
@@ -1327,9 +1327,9 @@ dtls_IsLongHeader(SSL3ProtocolVersion version, PRUint8 firstOctet)
{
#ifndef UNSAFE_FUZZER_MODE
return version < SSL_LIBRARY_VERSION_TLS_1_3 ||
- firstOctet == content_handshake ||
- firstOctet == content_ack ||
- firstOctet == content_alert;
+ firstOctet == ssl_ct_handshake ||
+ firstOctet == ssl_ct_ack ||
+ firstOctet == ssl_ct_alert;
#else
return PR_TRUE;
#endif
@@ -1359,7 +1359,7 @@ dtls_ReadEpoch(const ssl3CipherSpec *crSpec, const PRUint8 *hdr)
}
/* dtls_GatherData should ensure that this works. */
- PORT_Assert(hdr[0] == content_application_data);
+ PORT_Assert(hdr[0] == ssl_ct_application_data);
/* This uses the same method as is used to recover the sequence number in
* dtls_ReadSequenceNumber, except that the maximum value is set to the
diff --git a/security/nss/lib/ssl/dtlscon.h b/security/nss/lib/ssl/dtlscon.h
index 45fc069b9..4ede3c2ca 100644
--- a/security/nss/lib/ssl/dtlscon.h
+++ b/security/nss/lib/ssl/dtlscon.h
@@ -23,7 +23,7 @@ extern SECStatus dtls_HandleHandshake(sslSocket *ss, DTLSEpoch epoch,
extern SECStatus dtls_HandleHelloVerifyRequest(sslSocket *ss,
PRUint8 *b, PRUint32 length);
extern SECStatus dtls_StageHandshakeMessage(sslSocket *ss);
-extern SECStatus dtls_QueueMessage(sslSocket *ss, SSL3ContentType type,
+extern SECStatus dtls_QueueMessage(sslSocket *ss, SSLContentType type,
const PRUint8 *pIn, PRInt32 nIn);
extern SECStatus dtls_FlushHandshakeMessages(sslSocket *ss, PRInt32 flags);
SECStatus ssl3_DisableNonDTLSSuites(sslSocket *ss);
diff --git a/security/nss/lib/ssl/manifest.mn b/security/nss/lib/ssl/manifest.mn
index ca9b9ee7b..fe9470bd0 100644
--- a/security/nss/lib/ssl/manifest.mn
+++ b/security/nss/lib/ssl/manifest.mn
@@ -1,4 +1,3 @@
-#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
@@ -56,6 +55,7 @@ CSRCS = \
tls13replay.c \
sslcert.c \
sslgrp.c \
+ tls13esni.c \
$(NULL)
LIBRARY_NAME = ssl
diff --git a/security/nss/lib/ssl/ssl.gyp b/security/nss/lib/ssl/ssl.gyp
index 3694ab91a..2e28f6775 100644
--- a/security/nss/lib/ssl/ssl.gyp
+++ b/security/nss/lib/ssl/ssl.gyp
@@ -43,6 +43,7 @@
'ssltrace.c',
'sslver.c',
'tls13con.c',
+ 'tls13esni.c',
'tls13exthandle.c',
'tls13hashstate.c',
'tls13hkdf.c',
@@ -67,6 +68,11 @@
'UNSAFE_FUZZER_MODE',
],
}],
+ [ 'OS=="dragonfly" or OS=="freebsd" or OS=="netbsd" or OS=="openbsd" or OS=="linux"', {
+ 'cflags': [
+ '-std=gnu99',
+ ],
+ }],
],
'dependencies': [
'<(DEPTH)/exports.gyp:nss_exports',
diff --git a/security/nss/lib/ssl/ssl.h b/security/nss/lib/ssl/ssl.h
index ecc4f9506..fc4a4a70c 100644
--- a/security/nss/lib/ssl/ssl.h
+++ b/security/nss/lib/ssl/ssl.h
@@ -13,7 +13,7 @@
#include "prio.h"
#include "seccomon.h"
#include "cert.h"
-#include "keyt.h"
+#include "keythi.h"
#include "sslt.h" /* public ssl data types */
@@ -282,6 +282,23 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd);
*/
#define SSL_ENABLE_DTLS_SHORT_HEADER 36
+/*
+ * Enables the processing of the downgrade sentinel that can be added to the
+ * ServerHello.random by a server that supports Section 4.1.3 of TLS 1.3
+ * [RFC8446]. This sentinel will always be generated by a server that
+ * negotiates a version lower than its maximum, this only controls whether a
+ * client will treat receipt of a value that indicates a downgrade as an error.
+ */
+#define SSL_ENABLE_HELLO_DOWNGRADE_CHECK 37
+
+/* Enables the SSLv2-compatible ClientHello for servers. NSS does not support
+ * SSLv2 and will never send an SSLv2-compatible ClientHello as a client. An
+ * NSS server with this option enabled will accept a ClientHello that is
+ * v2-compatible as defined in Appendix E.1 of RFC 6101.
+ *
+ * This is disabled by default and will be removed in a future version. */
+#define SSL_ENABLE_V2_COMPATIBLE_HELLO 38
+
#ifdef SSL_DEPRECATED_FUNCTION
/* Old deprecated function names */
SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRIntn on);
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
index 466fc296f..3b5c69b11 100644
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -93,8 +93,8 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
{ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
- { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
- { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
+ { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
/* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is out of order to work around
* bug 946147.
*/
@@ -114,7 +114,7 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
{ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,SSL_ALLOWED,PR_TRUE, PR_FALSE},
{ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_FALSE, PR_FALSE},
- { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
@@ -143,7 +143,7 @@ static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
/* RSA */
{ TLS_RSA_WITH_AES_128_GCM_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
- { TLS_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_FALSE, PR_FALSE},
+ { TLS_RSA_WITH_AES_256_GCM_SHA384, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_RSA_WITH_AES_128_CBC_SHA, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_RSA_WITH_AES_128_CBC_SHA256, SSL_ALLOWED, PR_TRUE, PR_FALSE},
{ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, SSL_ALLOWED, PR_FALSE, PR_FALSE},
@@ -501,19 +501,19 @@ ssl3_DecodeContentType(int msgType)
static char line[40];
switch (msgType) {
- case content_change_cipher_spec:
+ case ssl_ct_change_cipher_spec:
rv = "change_cipher_spec (20)";
break;
- case content_alert:
+ case ssl_ct_alert:
rv = "alert (21)";
break;
- case content_handshake:
+ case ssl_ct_handshake:
rv = "handshake (22)";
break;
- case content_application_data:
+ case ssl_ct_application_data:
rv = "application_data (23)";
break;
- case content_ack:
+ case ssl_ct_ack:
rv = "ack (25)";
break;
default:
@@ -656,7 +656,7 @@ ssl_LookupCipherSuiteCfgMutable(ssl3CipherSuite suite,
return NULL;
}
-const static ssl3CipherSuiteCfg *
+const ssl3CipherSuiteCfg *
ssl_LookupCipherSuiteCfg(ssl3CipherSuite suite, const ssl3CipherSuiteCfg *suites)
{
return ssl_LookupCipherSuiteCfgMutable(suite,
@@ -765,6 +765,9 @@ ssl_HasCert(const sslSocket *ss, SSLAuthType authType)
}
return PR_TRUE;
}
+ if (authType == ssl_auth_rsa_sign) {
+ return ssl_HasCert(ss, ssl_auth_rsa_pss);
+ }
return PR_FALSE;
}
@@ -851,9 +854,9 @@ ssl3_config_match_init(sslSocket *ss)
/* Return PR_TRUE if suite is usable. This if the suite is permitted by policy,
* enabled, has a certificate (as needed), has a viable key agreement method, is
* usable with the negotiated TLS version, and is otherwise usable. */
-static PRBool
-config_match(const ssl3CipherSuiteCfg *suite, PRUint8 policy,
- const SSLVersionRange *vrange, const sslSocket *ss)
+PRBool
+ssl3_config_match(const ssl3CipherSuiteCfg *suite, PRUint8 policy,
+ const SSLVersionRange *vrange, const sslSocket *ss)
{
const ssl3CipherSuiteDef *cipher_def;
const ssl3KEADef *kea_def;
@@ -896,7 +899,7 @@ count_cipher_suites(sslSocket *ss, PRUint8 policy)
return 0;
}
for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- if (config_match(&ss->cipherSuites[i], policy, &ss->vrange, ss))
+ if (ssl3_config_match(&ss->cipherSuites[i], policy, &ss->vrange, ss))
count++;
}
if (count == 0) {
@@ -1120,6 +1123,8 @@ ssl3_SignHashes(sslSocket *ss, SSL3Hashes *hash, SECKEYPrivateKey *key,
if (ss->sec.isServer) {
ss->sec.signatureScheme = ss->ssl3.hs.signatureScheme;
+ ss->sec.authType =
+ ssl_SignatureSchemeToAuthType(ss->ssl3.hs.signatureScheme);
}
PRINT_BUF(60, (NULL, "signed hashes", (unsigned char *)buf->data, buf->len));
done:
@@ -1255,6 +1260,7 @@ ssl3_VerifySignedHashes(sslSocket *ss, SSLSignatureScheme scheme, SSL3Hashes *ha
}
if (!ss->sec.isServer) {
ss->sec.signatureScheme = scheme;
+ ss->sec.authType = ssl_SignatureSchemeToAuthType(scheme);
}
loser:
@@ -1506,7 +1512,7 @@ loser:
static SECStatus
ssl3_BuildRecordPseudoHeader(DTLSEpoch epoch,
sslSequenceNumber seqNum,
- SSL3ContentType type,
+ SSLContentType ct,
PRBool includesVersion,
SSL3ProtocolVersion version,
PRBool isDTLS,
@@ -1526,7 +1532,7 @@ ssl3_BuildRecordPseudoHeader(DTLSEpoch epoch,
if (rv != SECSuccess) {
return SECFailure;
}
- rv = sslBuffer_AppendNumber(buf, type, 1);
+ rv = sslBuffer_AppendNumber(buf, ct, 1);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -1994,7 +2000,7 @@ SECStatus
ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec,
PRBool isServer,
PRBool isDTLS,
- SSL3ContentType type,
+ SSLContentType ct,
const PRUint8 *pIn,
PRUint32 contentLen,
sslBuffer *wrBuf)
@@ -2041,7 +2047,7 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec,
}
rv = ssl3_BuildRecordPseudoHeader(
- cwSpec->epoch, cwSpec->nextSeqNum, type,
+ cwSpec->epoch, cwSpec->nextSeqNum, ct,
cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_0, cwSpec->recordVersion,
isDTLS, contentLen, &pseudoHeader);
PORT_Assert(rv == SECSuccess);
@@ -2163,7 +2169,7 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec,
/* Note: though this can report failure, it shouldn't. */
SECStatus
ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec,
- SSL3ContentType contentType, sslBuffer *wrBuf,
+ SSLContentType contentType, sslBuffer *wrBuf,
PRBool *needsLength)
{
SECStatus rv;
@@ -2175,7 +2181,7 @@ ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec,
return dtls13_InsertCipherTextHeader(ss, cwSpec, wrBuf,
needsLength);
}
- contentType = content_application_data;
+ contentType = ssl_ct_application_data;
}
#endif
rv = sslBuffer_AppendNumber(wrBuf, contentType, 1);
@@ -2202,7 +2208,7 @@ ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec,
}
SECStatus
-ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSL3ContentType type,
+ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSLContentType ct,
const PRUint8 *pIn, PRUint32 contentLen, sslBuffer *wrBuf)
{
PRBool needsLength;
@@ -2222,7 +2228,7 @@ ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSL3ContentType type,
return SECFailure;
}
- rv = ssl_InsertRecordHeader(ss, cwSpec, type, wrBuf, &needsLength);
+ rv = ssl_InsertRecordHeader(ss, cwSpec, ct, wrBuf, &needsLength);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -2246,9 +2252,9 @@ ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSL3ContentType type,
}
#else
if (cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_3) {
- rv = tls13_ProtectRecord(ss, cwSpec, type, pIn, contentLen, wrBuf);
+ rv = tls13_ProtectRecord(ss, cwSpec, ct, pIn, contentLen, wrBuf);
} else {
- rv = ssl3_MACEncryptRecord(cwSpec, ss->sec.isServer, IS_DTLS(ss), type,
+ rv = ssl3_MACEncryptRecord(cwSpec, ss->sec.isServer, IS_DTLS(ss), ct,
pIn, contentLen, wrBuf);
}
#endif
@@ -2270,7 +2276,7 @@ ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSL3ContentType type,
}
SECStatus
-ssl_ProtectNextRecord(sslSocket *ss, ssl3CipherSpec *spec, SSL3ContentType type,
+ssl_ProtectNextRecord(sslSocket *ss, ssl3CipherSpec *spec, SSLContentType ct,
const PRUint8 *pIn, unsigned int nIn,
unsigned int *written)
{
@@ -2294,7 +2300,7 @@ ssl_ProtectNextRecord(sslSocket *ss, ssl3CipherSpec *spec, SSL3ContentType type,
}
}
- rv = ssl_ProtectRecord(ss, spec, type, pIn, contentLen, wrBuf);
+ rv = ssl_ProtectRecord(ss, spec, ct, pIn, contentLen, wrBuf);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -2328,7 +2334,7 @@ ssl_ProtectNextRecord(sslSocket *ss, ssl3CipherSpec *spec, SSL3ContentType type,
PRInt32
ssl3_SendRecord(sslSocket *ss,
ssl3CipherSpec *cwSpec, /* non-NULL for DTLS retransmits */
- SSL3ContentType type,
+ SSLContentType ct,
const PRUint8 *pIn, /* input buffer */
PRInt32 nIn, /* bytes of input */
PRInt32 flags)
@@ -2339,7 +2345,7 @@ ssl3_SendRecord(sslSocket *ss,
PRInt32 totalSent = 0;
SSL_TRC(3, ("%d: SSL3[%d] SendRecord type: %s nIn=%d",
- SSL_GETPID(), ss->fd, ssl3_DecodeContentType(type),
+ SSL_GETPID(), ss->fd, ssl3_DecodeContentType(ct),
nIn));
PRINT_BUF(50, (ss, "Send record (plain text)", pIn, nIn));
@@ -2349,7 +2355,7 @@ ssl3_SendRecord(sslSocket *ss,
if (ss->ssl3.fatalAlertSent) {
SSL_TRC(3, ("%d: SSL3[%d] Suppress write, fatal alert already sent",
SSL_GETPID(), ss->fd));
- if (type != content_alert) {
+ if (ct != ssl_ct_alert) {
/* If we are sending an alert, then we already have an
* error, so don't overwrite. */
PORT_SetError(SSL_ERROR_HANDSHAKE_FAILED);
@@ -2366,8 +2372,8 @@ ssl3_SendRecord(sslSocket *ss,
if (cwSpec) {
/* cwSpec can only be set for retransmissions of the DTLS handshake. */
PORT_Assert(IS_DTLS(ss) &&
- (type == content_handshake ||
- type == content_change_cipher_spec));
+ (ct == ssl_ct_handshake ||
+ ct == ssl_ct_change_cipher_spec));
spec = cwSpec;
} else {
spec = ss->ssl3.cwSpec;
@@ -2378,7 +2384,7 @@ ssl3_SendRecord(sslSocket *ss,
PRInt32 sent;
ssl_GetSpecReadLock(ss);
- rv = ssl_ProtectNextRecord(ss, spec, type, pIn, nIn, &written);
+ rv = ssl_ProtectNextRecord(ss, spec, ct, pIn, nIn, &written);
ssl_ReleaseSpecReadLock(ss);
if (rv != SECSuccess) {
goto loser;
@@ -2386,7 +2392,7 @@ ssl3_SendRecord(sslSocket *ss,
PORT_Assert(written > 0);
/* DTLS should not fragment non-application data here. */
- if (IS_DTLS(ss) && type != content_application_data) {
+ if (IS_DTLS(ss) && ct != ssl_ct_application_data) {
PORT_Assert(written == nIn);
}
@@ -2535,7 +2541,7 @@ ssl3_SendApplicationData(sslSocket *ss, const unsigned char *in,
* Note that the 0 epoch is OK because flags will never require
* its use, as guaranteed by the PORT_Assert above.
*/
- sent = ssl3_SendRecord(ss, NULL, content_application_data,
+ sent = ssl3_SendRecord(ss, NULL, ssl_ct_application_data,
in + totalSent, toSend, flags);
if (sent < 0) {
if (totalSent > 0 && PR_GetError() == PR_WOULD_BLOCK_ERROR) {
@@ -2618,7 +2624,7 @@ ssl3_FlushHandshakeMessages(sslSocket *ss, PRInt32 flags)
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
- count = ssl3_SendRecord(ss, NULL, content_handshake,
+ count = ssl3_SendRecord(ss, NULL, ssl_ct_handshake,
ss->sec.ci.sendBuf.buf,
ss->sec.ci.sendBuf.len, flags);
if (count < 0) {
@@ -2744,7 +2750,7 @@ SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level, SSL3AlertDescription desc)
rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
if (rv == SECSuccess) {
PRInt32 sent;
- sent = ssl3_SendRecord(ss, NULL, content_alert, bytes, 2,
+ sent = ssl3_SendRecord(ss, NULL, ssl_ct_alert, bytes, 2,
(desc == no_certificate) ? ssl_SEND_FLAG_FORCE_INTO_BUFFER : 0);
rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
}
@@ -3041,13 +3047,13 @@ ssl3_SendChangeCipherSpecsInt(sslSocket *ss)
if (!IS_DTLS(ss)) {
PRInt32 sent;
- sent = ssl3_SendRecord(ss, NULL, content_change_cipher_spec,
+ sent = ssl3_SendRecord(ss, NULL, ssl_ct_change_cipher_spec,
&change, 1, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
if (sent < 0) {
return SECFailure; /* error code set by ssl3_SendRecord */
}
} else {
- rv = dtls_QueueMessage(ss, content_change_cipher_spec, &change, 1);
+ rv = dtls_QueueMessage(ss, ssl_ct_change_cipher_spec, &change, 1);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -4002,8 +4008,8 @@ ssl_SignatureSchemeToHashType(SSLSignatureScheme scheme)
return ssl_hash_none;
}
-KeyType
-ssl_SignatureSchemeToKeyType(SSLSignatureScheme scheme)
+static PRBool
+ssl_SignatureSchemeMatchesSpkiOid(SSLSignatureScheme scheme, SECOidTag spkiOid)
{
switch (scheme) {
case ssl_sig_rsa_pkcs1_sha256:
@@ -4013,133 +4019,243 @@ ssl_SignatureSchemeToKeyType(SSLSignatureScheme scheme)
case ssl_sig_rsa_pss_rsae_sha256:
case ssl_sig_rsa_pss_rsae_sha384:
case ssl_sig_rsa_pss_rsae_sha512:
+ case ssl_sig_rsa_pkcs1_sha1md5:
+ return (spkiOid == SEC_OID_X500_RSA_ENCRYPTION) ||
+ (spkiOid == SEC_OID_PKCS1_RSA_ENCRYPTION);
case ssl_sig_rsa_pss_pss_sha256:
case ssl_sig_rsa_pss_pss_sha384:
case ssl_sig_rsa_pss_pss_sha512:
- case ssl_sig_rsa_pkcs1_sha1md5:
- return rsaKey;
+ return spkiOid == SEC_OID_PKCS1_RSA_PSS_SIGNATURE;
case ssl_sig_ecdsa_secp256r1_sha256:
case ssl_sig_ecdsa_secp384r1_sha384:
case ssl_sig_ecdsa_secp521r1_sha512:
case ssl_sig_ecdsa_sha1:
- return ecKey;
+ return spkiOid == SEC_OID_ANSIX962_EC_PUBLIC_KEY;
case ssl_sig_dsa_sha256:
case ssl_sig_dsa_sha384:
case ssl_sig_dsa_sha512:
case ssl_sig_dsa_sha1:
- return dsaKey;
+ return spkiOid == SEC_OID_ANSIX9_DSA_SIGNATURE;
case ssl_sig_none:
case ssl_sig_ed25519:
case ssl_sig_ed448:
break;
}
PORT_Assert(0);
- return nullKey;
+ return PR_FALSE;
}
-static SSLNamedGroup
-ssl_NamedGroupForSignatureScheme(SSLSignatureScheme scheme)
+/* Validate that the signature scheme works for the given key type. */
+static PRBool
+ssl_SignatureSchemeValid(SSLSignatureScheme scheme, SECOidTag spkiOid,
+ PRBool isTls13)
{
- switch (scheme) {
- case ssl_sig_ecdsa_secp256r1_sha256:
- return ssl_grp_ec_secp256r1;
- case ssl_sig_ecdsa_secp384r1_sha384:
- return ssl_grp_ec_secp384r1;
- case ssl_sig_ecdsa_secp521r1_sha512:
- return ssl_grp_ec_secp521r1;
- default:
+ if (!ssl_IsSupportedSignatureScheme(scheme)) {
+ return PR_FALSE;
+ }
+ if (!ssl_SignatureSchemeMatchesSpkiOid(scheme, spkiOid)) {
+ return PR_FALSE;
+ }
+ if (isTls13) {
+ if (ssl_SignatureSchemeToHashType(scheme) == ssl_hash_sha1) {
+ return PR_FALSE;
+ }
+ /* With TLS 1.3, EC keys should have been selected based on calling
+ * ssl_SignatureSchemeFromSpki(), reject them otherwise. */
+ return spkiOid != SEC_OID_ANSIX962_EC_PUBLIC_KEY;
+ }
+ return PR_TRUE;
+}
+
+static SECStatus
+ssl_SignatureSchemeFromPssSpki(CERTSubjectPublicKeyInfo *spki,
+ SSLSignatureScheme *scheme)
+{
+ SECKEYRSAPSSParams pssParam = { 0 };
+ PORTCheapArenaPool arena;
+ SECStatus rv;
+
+ /* The key doesn't have parameters, boo. */
+ if (!spki->algorithm.parameters.len) {
+ *scheme = ssl_sig_none;
+ return SECSuccess;
+ }
+
+ PORT_InitCheapArena(&arena, DER_DEFAULT_CHUNKSIZE);
+ rv = SEC_QuickDERDecodeItem(&arena.arena, &pssParam,
+ SEC_ASN1_GET(SECKEY_RSAPSSParamsTemplate),
+ &spki->algorithm.parameters);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* Not having hashAlg means SHA-1 and we don't accept that. */
+ if (!pssParam.hashAlg) {
+ goto loser;
+ }
+ switch (SECOID_GetAlgorithmTag(pssParam.hashAlg)) {
+ case SEC_OID_SHA256:
+ *scheme = ssl_sig_rsa_pss_pss_sha256;
break;
+ case SEC_OID_SHA384:
+ *scheme = ssl_sig_rsa_pss_pss_sha384;
+ break;
+ case SEC_OID_SHA512:
+ *scheme = ssl_sig_rsa_pss_pss_sha512;
+ break;
+ default:
+ goto loser;
}
- PORT_Assert(0);
- return 0;
+
+ PORT_DestroyCheapArena(&arena);
+ return SECSuccess;
+
+loser:
+ PORT_DestroyCheapArena(&arena);
+ PORT_SetError(SSL_ERROR_BAD_CERTIFICATE);
+ return SECFailure;
}
-/* Validate that the signature scheme works for the given key.
- * If |allowSha1| is set, we allow the use of SHA-1.
- * If |matchGroup| is set, we also check that the group and hash match. */
-static PRBool
-ssl_SignatureSchemeValidForKey(PRBool allowSha1, PRBool matchGroup,
- KeyType keyType,
- const sslNamedGroupDef *ecGroup,
- SSLSignatureScheme scheme)
+static SECStatus
+ssl_SignatureSchemeFromEcSpki(CERTSubjectPublicKeyInfo *spki,
+ SSLSignatureScheme *scheme)
{
- if (!ssl_IsSupportedSignatureScheme(scheme)) {
- return PR_FALSE;
+ const sslNamedGroupDef *group;
+ SECKEYPublicKey *key;
+
+ key = SECKEY_ExtractPublicKey(spki);
+ if (!key) {
+ PORT_SetError(SSL_ERROR_BAD_CERTIFICATE);
+ return SECFailure;
}
- if (keyType != ssl_SignatureSchemeToKeyType(scheme)) {
- return PR_FALSE;
+ group = ssl_ECPubKey2NamedGroup(key);
+ SECKEY_DestroyPublicKey(key);
+ if (!group) {
+ PORT_SetError(SSL_ERROR_BAD_CERTIFICATE);
+ return SECFailure;
}
- if (!allowSha1 && ssl_SignatureSchemeToHashType(scheme) == ssl_hash_sha1) {
- return PR_FALSE;
+ switch (group->name) {
+ case ssl_grp_ec_secp256r1:
+ *scheme = ssl_sig_ecdsa_secp256r1_sha256;
+ return SECSuccess;
+ case ssl_grp_ec_secp384r1:
+ *scheme = ssl_sig_ecdsa_secp384r1_sha384;
+ return SECSuccess;
+ case ssl_grp_ec_secp521r1:
+ *scheme = ssl_sig_ecdsa_secp521r1_sha512;
+ return SECSuccess;
+ default:
+ break;
}
- if (keyType != ecKey) {
- return PR_TRUE;
+ PORT_SetError(SSL_ERROR_BAD_CERTIFICATE);
+ return SECFailure;
+}
+
+/* Newer signature schemes are designed so that a single SPKI can be used with
+ * that scheme. This determines that scheme from the SPKI. If the SPKI doesn't
+ * have a single scheme, |*scheme| is set to ssl_sig_none. */
+static SECStatus
+ssl_SignatureSchemeFromSpki(CERTSubjectPublicKeyInfo *spki,
+ PRBool isTls13, SSLSignatureScheme *scheme)
+{
+ SECOidTag spkiOid = SECOID_GetAlgorithmTag(&spki->algorithm);
+
+ if (spkiOid == SEC_OID_PKCS1_RSA_PSS_SIGNATURE) {
+ return ssl_SignatureSchemeFromPssSpki(spki, scheme);
}
- if (!ecGroup) {
- return PR_FALSE;
+
+ /* Only do this lookup for TLS 1.3, where the scheme can be determined from
+ * the SPKI alone because the ECDSA key size determines the hash. Earlier
+ * TLS versions allow the same EC key to be used with different hashes. */
+ if (isTls13 && spkiOid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) {
+ return ssl_SignatureSchemeFromEcSpki(spki, scheme);
}
- /* If |allowSha1| is present and the scheme is ssl_sig_ecdsa_sha1, it's OK.
- * This scheme isn't bound to a specific group. */
- if (allowSha1 && (scheme == ssl_sig_ecdsa_sha1)) {
- return PR_TRUE;
+
+ *scheme = ssl_sig_none;
+ return SECSuccess;
+}
+
+static PRBool
+ssl_SignatureSchemeEnabled(sslSocket *ss, SSLSignatureScheme scheme)
+{
+ unsigned int i;
+ for (i = 0; i < ss->ssl3.signatureSchemeCount; ++i) {
+ if (scheme == ss->ssl3.signatureSchemes[i]) {
+ return PR_TRUE;
+ }
}
- if (!matchGroup) {
- return PR_TRUE;
+ return PR_FALSE;
+}
+
+static PRBool
+ssl_SignatureKeyMatchesSpkiOid(const ssl3KEADef *keaDef, SECOidTag spkiOid)
+{
+ switch (spkiOid) {
+ case SEC_OID_X500_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_ENCRYPTION:
+ case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
+ return keaDef->signKeyType == rsaKey;
+ case SEC_OID_ANSIX9_DSA_SIGNATURE:
+ return keaDef->signKeyType == dsaKey;
+ case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
+ return keaDef->signKeyType == ecKey;
+ default:
+ break;
}
- return ecGroup->name == ssl_NamedGroupForSignatureScheme(scheme);
+ return PR_FALSE;
}
-/* ssl3_CheckSignatureSchemeConsistency checks that the signature
- * algorithm identifier in |sigAndHash| is consistent with the public key in
- * |cert|. It also checks the hash algorithm against the configured signature
- * algorithms. If all the tests pass, SECSuccess is returned. Otherwise,
- * PORT_SetError is called and SECFailure is returned. */
+/* ssl3_CheckSignatureSchemeConsistency checks that the signature algorithm
+ * identifier in |scheme| is consistent with the public key in |cert|. It also
+ * checks the hash algorithm against the configured signature algorithms. If
+ * all the tests pass, SECSuccess is returned. Otherwise, PORT_SetError is
+ * called and SECFailure is returned. */
SECStatus
-ssl_CheckSignatureSchemeConsistency(
- sslSocket *ss, SSLSignatureScheme scheme, CERTCertificate *cert)
+ssl_CheckSignatureSchemeConsistency(sslSocket *ss, SSLSignatureScheme scheme,
+ CERTCertificate *cert)
{
- unsigned int i;
- const sslNamedGroupDef *group = NULL;
- SECKEYPublicKey *key;
- KeyType keyType;
+ SSLSignatureScheme spkiScheme;
PRBool isTLS13 = ss->version == SSL_LIBRARY_VERSION_TLS_1_3;
+ SECOidTag spkiOid;
+ SECStatus rv;
- key = CERT_ExtractPublicKey(cert);
- if (key == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
+ rv = ssl_SignatureSchemeFromSpki(&cert->subjectPublicKeyInfo, isTLS13,
+ &spkiScheme);
+ if (rv != SECSuccess) {
return SECFailure;
}
-
- keyType = SECKEY_GetPublicKeyType(key);
- if (keyType == ecKey) {
- group = ssl_ECPubKey2NamedGroup(key);
+ if (spkiScheme != ssl_sig_none) {
+ /* The SPKI in the certificate can only be used for a single scheme. */
+ if (spkiScheme != scheme ||
+ !ssl_SignatureSchemeEnabled(ss, scheme)) {
+ PORT_SetError(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM);
+ return SECFailure;
+ }
+ return SECSuccess;
}
- SECKEY_DestroyPublicKey(key);
+
+ spkiOid = SECOID_GetAlgorithmTag(&cert->subjectPublicKeyInfo.algorithm);
/* If we're a client, check that the signature algorithm matches the signing
* key type of the cipher suite. */
- if (!isTLS13 &&
- !ss->sec.isServer &&
- ss->ssl3.hs.kea_def->signKeyType != keyType) {
- PORT_SetError(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM);
- return SECFailure;
+ if (!isTLS13 && !ss->sec.isServer) {
+ if (!ssl_SignatureKeyMatchesSpkiOid(ss->ssl3.hs.kea_def, spkiOid)) {
+ PORT_SetError(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM);
+ return SECFailure;
+ }
}
/* Verify that the signature scheme matches the signing key. */
- if (!ssl_SignatureSchemeValidForKey(!isTLS13 /* allowSha1 */,
- isTLS13 /* matchGroup */,
- keyType, group, scheme)) {
+ if (!ssl_SignatureSchemeValid(scheme, spkiOid, isTLS13)) {
PORT_SetError(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM);
return SECFailure;
}
- for (i = 0; i < ss->ssl3.signatureSchemeCount; ++i) {
- if (scheme == ss->ssl3.signatureSchemes[i]) {
- return SECSuccess;
- }
+ if (!ssl_SignatureSchemeEnabled(ss, scheme)) {
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
+ return SECFailure;
}
- PORT_SetError(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
- return SECFailure;
+
+ return SECSuccess;
}
PRBool
@@ -4153,6 +4269,9 @@ ssl_IsSupportedSignatureScheme(SSLSignatureScheme scheme)
case ssl_sig_rsa_pss_rsae_sha256:
case ssl_sig_rsa_pss_rsae_sha384:
case ssl_sig_rsa_pss_rsae_sha512:
+ case ssl_sig_rsa_pss_pss_sha256:
+ case ssl_sig_rsa_pss_pss_sha384:
+ case ssl_sig_rsa_pss_pss_sha512:
case ssl_sig_ecdsa_secp256r1_sha256:
case ssl_sig_ecdsa_secp384r1_sha384:
case ssl_sig_ecdsa_secp521r1_sha512:
@@ -4164,9 +4283,6 @@ ssl_IsSupportedSignatureScheme(SSLSignatureScheme scheme)
return PR_TRUE;
case ssl_sig_rsa_pkcs1_sha1md5:
- case ssl_sig_rsa_pss_pss_sha256:
- case ssl_sig_rsa_pss_pss_sha384:
- case ssl_sig_rsa_pss_pss_sha512:
case ssl_sig_none:
case ssl_sig_ed25519:
case ssl_sig_ed448:
@@ -4182,6 +4298,9 @@ ssl_IsRsaPssSignatureScheme(SSLSignatureScheme scheme)
case ssl_sig_rsa_pss_rsae_sha256:
case ssl_sig_rsa_pss_rsae_sha384:
case ssl_sig_rsa_pss_rsae_sha512:
+ case ssl_sig_rsa_pss_pss_sha256:
+ case ssl_sig_rsa_pss_pss_sha384:
+ case ssl_sig_rsa_pss_pss_sha512:
return PR_TRUE;
default:
@@ -4190,6 +4309,41 @@ ssl_IsRsaPssSignatureScheme(SSLSignatureScheme scheme)
return PR_FALSE;
}
+SSLAuthType
+ssl_SignatureSchemeToAuthType(SSLSignatureScheme scheme)
+{
+ switch (scheme) {
+ case ssl_sig_rsa_pkcs1_sha1:
+ case ssl_sig_rsa_pkcs1_sha1md5:
+ case ssl_sig_rsa_pkcs1_sha256:
+ case ssl_sig_rsa_pkcs1_sha384:
+ case ssl_sig_rsa_pkcs1_sha512:
+ /* We report based on the key type for PSS signatures. */
+ case ssl_sig_rsa_pss_rsae_sha256:
+ case ssl_sig_rsa_pss_rsae_sha384:
+ case ssl_sig_rsa_pss_rsae_sha512:
+ return ssl_auth_rsa_sign;
+ case ssl_sig_rsa_pss_pss_sha256:
+ case ssl_sig_rsa_pss_pss_sha384:
+ case ssl_sig_rsa_pss_pss_sha512:
+ return ssl_auth_rsa_pss;
+ case ssl_sig_ecdsa_secp256r1_sha256:
+ case ssl_sig_ecdsa_secp384r1_sha384:
+ case ssl_sig_ecdsa_secp521r1_sha512:
+ case ssl_sig_ecdsa_sha1:
+ return ssl_auth_ecdsa;
+ case ssl_sig_dsa_sha1:
+ case ssl_sig_dsa_sha256:
+ case ssl_sig_dsa_sha384:
+ case ssl_sig_dsa_sha512:
+ return ssl_auth_dsa;
+
+ default:
+ PORT_Assert(0);
+ }
+ return ssl_auth_null;
+}
+
/* ssl_ConsumeSignatureScheme reads a SSLSignatureScheme (formerly
* SignatureAndHashAlgorithm) structure from |b| and puts the resulting value
* into |out|. |b| and |length| are updated accordingly.
@@ -4617,9 +4771,13 @@ ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type)
* If we have an sid and it comes from an external cache, we use it. */
if (ss->sec.ci.sid && ss->sec.ci.sid->cached == in_external_cache) {
PORT_Assert(!ss->sec.isServer);
- sid = ss->sec.ci.sid;
+ sid = ssl_ReferenceSID(ss->sec.ci.sid);
SSL_TRC(3, ("%d: SSL3[%d]: using external resumption token in ClientHello",
SSL_GETPID(), ss->fd));
+ } else if (ss->sec.ci.sid && ss->statelessResume && type == client_hello_retry) {
+ /* If we are sending a second ClientHello, reuse the same SID
+ * as the original one. */
+ sid = ssl_ReferenceSID(ss->sec.ci.sid);
} else if (!ss->opt.noCache) {
/* We ignore ss->sec.ci.sid here, and use ssl_Lookup because Lookup
* handles expired entries and other details.
@@ -4644,7 +4802,7 @@ ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type)
suite = ssl_LookupCipherSuiteCfg(sid->u.ssl3.cipherSuite,
ss->cipherSuites);
PORT_Assert(suite);
- if (!suite || !config_match(suite, ss->ssl3.policy, &ss->vrange, ss)) {
+ if (!suite || !ssl3_config_match(suite, ss->ssl3.policy, &ss->vrange, ss)) {
sidOK = PR_FALSE;
}
@@ -4765,9 +4923,7 @@ ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type)
}
ssl_ReleaseSpecWriteLock(ss);
- if (ss->sec.ci.sid != NULL) {
- ssl_FreeSID(ss->sec.ci.sid); /* decrement ref count, free if zero */
- }
+ ssl_FreeSID(ss->sec.ci.sid); /* release the old sid */
ss->sec.ci.sid = sid;
/* HACK for SCSV in SSL 3.0. On initial handshake, prepend SCSV,
@@ -4792,6 +4948,14 @@ ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type)
PR_RWLock_Rlock(sid->u.ssl3.lock);
}
+ /* Generate a new random if this is the first attempt. */
+ if (type == client_hello_initial) {
+ rv = ssl3_GetNewRandom(ss->ssl3.hs.client_random);
+ if (rv != SECSuccess) {
+ goto loser; /* err set by GetNewRandom. */
+ }
+ }
+
if (ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_3 &&
type == client_hello_initial) {
rv = tls13_SetupClientHello(ss);
@@ -4799,6 +4963,7 @@ ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type)
goto loser;
}
}
+
if (isTLS || (ss->firstHsDone && ss->peerRequestedProtection)) {
rv = ssl_ConstructExtensions(ss, &extensionBuf, ssl_hs_client_hello);
if (rv != SECSuccess) {
@@ -4870,13 +5035,6 @@ ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type)
goto loser; /* err set by ssl3_AppendHandshake* */
}
- /* Generate a new random if this is the first attempt. */
- if (type == client_hello_initial) {
- rv = ssl3_GetNewRandom(ss->ssl3.hs.client_random);
- if (rv != SECSuccess) {
- goto loser; /* err set by GetNewRandom. */
- }
- }
rv = ssl3_AppendHandshake(ss, ss->ssl3.hs.client_random,
SSL3_RANDOM_LENGTH);
if (rv != SECSuccess) {
@@ -4931,7 +5089,7 @@ ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type)
}
for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
- if (config_match(suite, ss->ssl3.policy, &ss->vrange, ss)) {
+ if (ssl3_config_match(suite, ss->ssl3.policy, &ss->vrange, ss)) {
actual_count++;
if (actual_count > num_suites) {
/* set error card removal/insertion error */
@@ -5394,6 +5552,7 @@ ssl3_GetWrappingKey(sslSocket *ss,
switch (authType) {
case ssl_auth_rsa_decrypt:
case ssl_auth_rsa_sign: /* bad: see Bug 1248320 */
+ case ssl_auth_rsa_pss:
asymWrapMechanism = CKM_RSA_PKCS;
rv = PK11_PubWrapSymKey(asymWrapMechanism, svrPubKey,
unwrappedWrappingKey, &wrappedKey);
@@ -5843,20 +6002,59 @@ ssl3_SendClientKeyExchange(sslSocket *ss)
return rv; /* err code already set. */
}
+/* Used by ssl_PickSignatureScheme(). */
+static PRBool
+ssl_CanUseSignatureScheme(SSLSignatureScheme scheme,
+ const SSLSignatureScheme *peerSchemes,
+ unsigned int peerSchemeCount,
+ PRBool requireSha1,
+ PRBool slotDoesPss)
+{
+ SSLHashType hashType;
+ SECOidTag hashOID;
+ PRUint32 policy;
+ unsigned int i;
+
+ /* Skip RSA-PSS schemes when the certificate's private key slot does
+ * not support this signature mechanism. */
+ if (ssl_IsRsaPssSignatureScheme(scheme) && !slotDoesPss) {
+ return PR_FALSE;
+ }
+
+ hashType = ssl_SignatureSchemeToHashType(scheme);
+ if (requireSha1 && (hashType != ssl_hash_sha1)) {
+ return PR_FALSE;
+ }
+ hashOID = ssl3_HashTypeToOID(hashType);
+ if ((NSS_GetAlgorithmPolicy(hashOID, &policy) == SECSuccess) &&
+ !(policy & NSS_USE_ALG_IN_SSL_KX)) {
+ return PR_FALSE;
+ }
+
+ for (i = 0; i < peerSchemeCount; i++) {
+ if (peerSchemes[i] == scheme) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
+
SECStatus
ssl_PickSignatureScheme(sslSocket *ss,
+ CERTCertificate *cert,
SECKEYPublicKey *pubKey,
SECKEYPrivateKey *privKey,
const SSLSignatureScheme *peerSchemes,
unsigned int peerSchemeCount,
PRBool requireSha1)
{
- unsigned int i, j;
- const sslNamedGroupDef *group = NULL;
- KeyType keyType;
+ unsigned int i;
PK11SlotInfo *slot;
PRBool slotDoesPss;
PRBool isTLS13 = ss->version >= SSL_LIBRARY_VERSION_TLS_1_3;
+ SECStatus rv;
+ SSLSignatureScheme scheme;
+ SECOidTag spkiOid;
/* We can't require SHA-1 in TLS 1.3. */
PORT_Assert(!(requireSha1 && isTLS13));
@@ -5874,47 +6072,35 @@ ssl_PickSignatureScheme(sslSocket *ss,
slotDoesPss = PK11_DoesMechanism(slot, auth_alg_defs[ssl_auth_rsa_pss]);
PK11_FreeSlot(slot);
- keyType = SECKEY_GetPublicKeyType(pubKey);
- if (keyType == ecKey) {
- group = ssl_ECPubKey2NamedGroup(pubKey);
+ /* If the certificate SPKI indicates a single scheme, don't search. */
+ rv = ssl_SignatureSchemeFromSpki(&cert->subjectPublicKeyInfo,
+ isTLS13, &scheme);
+ if (rv != SECSuccess) {
+ return SECFailure;
}
-
- /* Here we look for the first local preference that the client has
- * indicated support for in their signature_algorithms extension. */
- for (i = 0; i < ss->ssl3.signatureSchemeCount; ++i) {
- SSLHashType hashType;
- SECOidTag hashOID;
- SSLSignatureScheme preferred = ss->ssl3.signatureSchemes[i];
- PRUint32 policy;
-
- if (!ssl_SignatureSchemeValidForKey(!isTLS13 /* allowSha1 */,
- isTLS13 /* matchGroup */,
- keyType, group, preferred)) {
- continue;
+ if (scheme != ssl_sig_none) {
+ if (!ssl_SignatureSchemeEnabled(ss, scheme) ||
+ !ssl_CanUseSignatureScheme(scheme, peerSchemes, peerSchemeCount,
+ requireSha1, slotDoesPss)) {
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM);
+ return SECFailure;
}
+ ss->ssl3.hs.signatureScheme = scheme;
+ return SECSuccess;
+ }
- /* Skip RSA-PSS schemes when the certificate's private key slot does
- * not support this signature mechanism. */
- if (ssl_IsRsaPssSignatureScheme(preferred) && !slotDoesPss) {
- continue;
- }
+ spkiOid = SECOID_GetAlgorithmTag(&cert->subjectPublicKeyInfo.algorithm);
- hashType = ssl_SignatureSchemeToHashType(preferred);
- if (requireSha1 && (hashType != ssl_hash_sha1)) {
- continue;
- }
- hashOID = ssl3_HashTypeToOID(hashType);
- if ((NSS_GetAlgorithmPolicy(hashOID, &policy) == SECSuccess) &&
- !(policy & NSS_USE_ALG_IN_SSL_KX)) {
- /* we ignore hashes we don't support */
- continue;
- }
+ /* Now we have to search based on the key type. Go through our preferred
+ * schemes in order and find the first that can be used. */
+ for (i = 0; i < ss->ssl3.signatureSchemeCount; ++i) {
+ scheme = ss->ssl3.signatureSchemes[i];
- for (j = 0; j < peerSchemeCount; j++) {
- if (peerSchemes[j] == preferred) {
- ss->ssl3.hs.signatureScheme = preferred;
- return SECSuccess;
- }
+ if (ssl_SignatureSchemeValid(scheme, spkiOid, isTLS13) &&
+ ssl_CanUseSignatureScheme(scheme, peerSchemes, peerSchemeCount,
+ requireSha1, slotDoesPss)) {
+ ss->ssl3.hs.signatureScheme = scheme;
+ return SECSuccess;
}
}
@@ -5956,17 +6142,19 @@ ssl_PickFallbackSignatureScheme(sslSocket *ss, SECKEYPublicKey *pubKey)
static SECStatus
ssl3_PickServerSignatureScheme(sslSocket *ss)
{
- sslKeyPair *keyPair = ss->sec.serverCert->serverKeyPair;
+ const sslServerCert *cert = ss->sec.serverCert;
PRBool isTLS12 = ss->version >= SSL_LIBRARY_VERSION_TLS_1_2;
if (!isTLS12 || !ssl3_ExtensionNegotiated(ss, ssl_signature_algorithms_xtn)) {
/* If the client didn't provide any signature_algorithms extension then
* we can assume that they support SHA-1: RFC5246, Section 7.4.1.4.1. */
- return ssl_PickFallbackSignatureScheme(ss, keyPair->pubKey);
+ return ssl_PickFallbackSignatureScheme(ss, cert->serverKeyPair->pubKey);
}
/* Sets error code, if needed. */
- return ssl_PickSignatureScheme(ss, keyPair->pubKey, keyPair->privKey,
+ return ssl_PickSignatureScheme(ss, cert->serverCert,
+ cert->serverKeyPair->pubKey,
+ cert->serverKeyPair->privKey,
ss->xtnData.sigSchemes,
ss->xtnData.numSigSchemes,
PR_FALSE /* requireSha1 */);
@@ -5977,23 +6165,18 @@ ssl_PickClientSignatureScheme(sslSocket *ss, const SSLSignatureScheme *schemes,
unsigned int numSchemes)
{
SECKEYPrivateKey *privKey = ss->ssl3.clientPrivateKey;
- SECKEYPublicKey *pubKey;
SECStatus rv;
-
PRBool isTLS13 = (PRBool)ss->version >= SSL_LIBRARY_VERSION_TLS_1_3;
- pubKey = CERT_ExtractPublicKey(ss->ssl3.clientCertificate);
+ SECKEYPublicKey *pubKey = CERT_ExtractPublicKey(ss->ssl3.clientCertificate);
+
PORT_Assert(pubKey);
- if (!isTLS13 && numSchemes == 0) {
- /* If the server didn't provide any signature algorithms
- * then let's assume they support SHA-1. */
- rv = ssl_PickFallbackSignatureScheme(ss, pubKey);
- SECKEY_DestroyPublicKey(pubKey);
- return rv;
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_2) {
+ /* We should have already checked that a signature scheme was
+ * listed in the request. */
+ PORT_Assert(schemes && numSchemes > 0);
}
- PORT_Assert(schemes && numSchemes > 0);
-
if (!isTLS13 &&
(SECKEY_GetPublicKeyType(pubKey) == rsaKey ||
SECKEY_GetPublicKeyType(pubKey) == dsaKey) &&
@@ -6004,7 +6187,8 @@ ssl_PickClientSignatureScheme(sslSocket *ss, const SSLSignatureScheme *schemes,
* older, DSA key size is at most 1024 bits and the hash function must
* be SHA-1.
*/
- rv = ssl_PickSignatureScheme(ss, pubKey, privKey, schemes, numSchemes,
+ rv = ssl_PickSignatureScheme(ss, ss->ssl3.clientCertificate,
+ pubKey, privKey, schemes, numSchemes,
PR_TRUE /* requireSha1 */);
if (rv == SECSuccess) {
SECKEY_DestroyPublicKey(pubKey);
@@ -6013,7 +6197,8 @@ ssl_PickClientSignatureScheme(sslSocket *ss, const SSLSignatureScheme *schemes,
/* If this fails, that's because the peer doesn't advertise SHA-1,
* so fall back to the full negotiation. */
}
- rv = ssl_PickSignatureScheme(ss, pubKey, privKey, schemes, numSchemes,
+ rv = ssl_PickSignatureScheme(ss, ss->ssl3.clientCertificate,
+ pubKey, privKey, schemes, numSchemes,
PR_FALSE /* requireSha1 */);
SECKEY_DestroyPublicKey(pubKey);
return rv;
@@ -6141,7 +6326,7 @@ ssl_ClientSetCipherSuite(sslSocket *ss, SSL3ProtocolVersion version,
ssl3CipherSuiteCfg *suiteCfg = &ss->cipherSuites[i];
if (suite == suiteCfg->cipher_suite) {
SSLVersionRange vrange = { version, version };
- if (!config_match(suiteCfg, ss->ssl3.policy, &vrange, ss)) {
+ if (!ssl3_config_match(suiteCfg, ss->ssl3.policy, &vrange, ss)) {
/* config_match already checks whether the cipher suite is
* acceptable for the version, but the check is repeated here
* in order to give a more precise error code. */
@@ -6201,18 +6386,56 @@ ssl_CheckServerSessionIdCorrectness(sslSocket *ss, SECItem *sidBytes)
/* TLS 1.2: Session ID shouldn't match if we sent a fake. */
if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
- return !sentFakeSid || !sidMatch;
+ if (sentFakeSid) {
+ return !sidMatch;
+ }
+ return PR_TRUE;
}
/* TLS 1.3: We sent a session ID. The server's should match. */
- if (sentRealSid || sentFakeSid) {
+ if (!IS_DTLS(ss) && (sentRealSid || sentFakeSid)) {
return sidMatch;
}
- /* TLS 1.3: The server shouldn't send a session ID. */
+ /* TLS 1.3 (no SID)/DTLS 1.3: The server shouldn't send a session ID. */
return sidBytes->len == 0;
}
+static SECStatus
+ssl_CheckServerRandom(sslSocket *ss)
+{
+ /* Check the ServerHello.random per [RFC 8446 Section 4.1.3].
+ *
+ * TLS 1.3 clients receiving a ServerHello indicating TLS 1.2 or below
+ * MUST check that the last 8 bytes are not equal to either of these
+ * values. TLS 1.2 clients SHOULD also check that the last 8 bytes are
+ * not equal to the second value if the ServerHello indicates TLS 1.1 or
+ * below. If a match is found, the client MUST abort the handshake with
+ * an "illegal_parameter" alert.
+ */
+ SSL3ProtocolVersion checkVersion =
+ ss->ssl3.downgradeCheckVersion ? ss->ssl3.downgradeCheckVersion
+ : ss->vrange.max;
+
+ if (checkVersion >= SSL_LIBRARY_VERSION_TLS_1_2 &&
+ checkVersion > ss->version) {
+ /* Both sections use the same sentinel region. */
+ PRUint8 *downgrade_sentinel =
+ ss->ssl3.hs.server_random +
+ SSL3_RANDOM_LENGTH - sizeof(tls13_downgrade_random);
+ if (!PORT_Memcmp(downgrade_sentinel,
+ tls13_downgrade_random,
+ sizeof(tls13_downgrade_random)) ||
+ !PORT_Memcmp(downgrade_sentinel,
+ tls12_downgrade_random,
+ sizeof(tls12_downgrade_random))) {
+ return SECFailure;
+ }
+ }
+
+ return SECSuccess;
+}
+
/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
* ssl3 ServerHello message.
* Caller must hold Handshake and RecvBuf locks.
@@ -6229,9 +6452,6 @@ ssl3_HandleServerHello(sslSocket *ss, PRUint8 *b, PRUint32 length)
SSL3AlertDescription desc = illegal_parameter;
const PRUint8 *savedMsg = b;
const PRUint32 savedLength = length;
-#ifndef TLS_1_3_DRAFT_VERSION
- SSL3ProtocolVersion downgradeCheckVersion;
-#endif
SSL_TRC(3, ("%d: SSL3[%d]: handle server_hello handshake",
SSL_GETPID(), ss->fd));
@@ -6341,9 +6561,20 @@ ssl3_HandleServerHello(sslSocket *ss, PRUint8 *b, PRUint32 length)
goto alert_loser;
}
- /* The server didn't pick 1.3 although we either received a
- * HelloRetryRequest, or we prepared to send early app data. */
+ /* There are three situations in which the server must pick
+ * TLS 1.3.
+ *
+ * 1. We offered ESNI.
+ * 2. We received HRR
+ * 3. We sent early app data.
+ *
+ */
if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ if (ss->xtnData.esniPrivateKey) {
+ desc = protocol_version;
+ errCode = SSL_ERROR_UNSUPPORTED_VERSION;
+ goto alert_loser;
+ }
if (isHelloRetry || ss->ssl3.hs.helloRetry) {
/* SSL3_SendAlert() will uncache the SID. */
desc = illegal_parameter;
@@ -6368,39 +6599,19 @@ ssl3_HandleServerHello(sslSocket *ss, PRUint8 *b, PRUint32 length)
goto alert_loser;
}
-#ifndef TLS_1_3_DRAFT_VERSION
- /* Check the ServerHello.random per
- * [draft-ietf-tls-tls13-11 Section 6.3.1.1].
- *
- * TLS 1.3 clients receiving a TLS 1.2 or below ServerHello MUST check
- * that the top eight octets are not equal to either of these values.
- * TLS 1.2 clients SHOULD also perform this check if the ServerHello
- * indicates TLS 1.1 or below. If a match is found the client MUST
- * abort the handshake with a fatal "illegal_parameter" alert.
- *
- * Disable this test during the TLS 1.3 draft version period.
- */
- downgradeCheckVersion = ss->ssl3.downgradeCheckVersion ? ss->ssl3.downgradeCheckVersion
- : ss->vrange.max;
-
- if (downgradeCheckVersion >= SSL_LIBRARY_VERSION_TLS_1_2 &&
- downgradeCheckVersion > ss->version) {
- /* Both sections use the same sentinel region. */
- PRUint8 *downgrade_sentinel =
- ss->ssl3.hs.server_random +
- SSL3_RANDOM_LENGTH - sizeof(tls13_downgrade_random);
- if (!PORT_Memcmp(downgrade_sentinel,
- tls13_downgrade_random,
- sizeof(tls13_downgrade_random)) ||
- !PORT_Memcmp(downgrade_sentinel,
- tls12_downgrade_random,
- sizeof(tls12_downgrade_random))) {
+ if (ss->opt.enableHelloDowngradeCheck
+#ifdef DTLS_1_3_DRAFT_VERSION
+ /* Disable this check while we are on draft DTLS 1.3 versions. */
+ && !IS_DTLS(ss)
+#endif
+ ) {
+ rv = ssl_CheckServerRandom(ss);
+ if (rv != SECSuccess) {
desc = illegal_parameter;
errCode = SSL_ERROR_RX_MALFORMED_SERVER_HELLO;
goto alert_loser;
}
}
-#endif
/* Finally, now all the version-related checks have passed. */
ss->ssl3.hs.preliminaryInfo |= ssl_preinfo_version;
@@ -6776,12 +6987,12 @@ ssl_HandleDHServerKeyExchange(sslSocket *ss, PRUint8 *b, PRUint32 length)
if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_2) {
rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme);
if (rv != SECSuccess) {
- goto loser; /* malformed or unsupported. */
+ goto alert_loser; /* malformed or unsupported. */
}
rv = ssl_CheckSignatureSchemeConsistency(ss, sigScheme,
ss->sec.peerCert);
if (rv != SECSuccess) {
- goto loser;
+ goto alert_loser;
}
hashAlg = ssl_SignatureSchemeToHashType(sigScheme);
} else {
@@ -7005,7 +7216,8 @@ ssl_ParseSignatureSchemes(const sslSocket *ss, PLArenaPool *arena,
SECStatus rv;
SECItem buf;
SSLSignatureScheme *schemes = NULL;
- unsigned int numSchemes = 0;
+ unsigned int numSupported = 0;
+ unsigned int numRemaining = 0;
unsigned int max;
rv = ssl3_ExtConsumeHandshakeVariable(ss, &buf, 2, b, len);
@@ -7024,7 +7236,8 @@ ssl_ParseSignatureSchemes(const sslSocket *ss, PLArenaPool *arena,
}
/* Limit the number of schemes we read. */
- max = PR_MIN(buf.len / 2, MAX_SIGNATURE_SCHEMES);
+ numRemaining = buf.len / 2;
+ max = PR_MIN(numRemaining, MAX_SIGNATURE_SCHEMES);
if (arena) {
schemes = PORT_ArenaZNewArray(arena, SSLSignatureScheme, max);
@@ -7036,7 +7249,7 @@ ssl_ParseSignatureSchemes(const sslSocket *ss, PLArenaPool *arena,
return SECFailure;
}
- for (; max; --max) {
+ for (; numRemaining && numSupported < MAX_SIGNATURE_SCHEMES; --numRemaining) {
PRUint32 tmp;
rv = ssl3_ExtConsumeHandshakeNumber(ss, &tmp, 2, &buf.data, &buf.len);
if (rv != SECSuccess) {
@@ -7045,11 +7258,11 @@ ssl_ParseSignatureSchemes(const sslSocket *ss, PLArenaPool *arena,
return SECFailure;
}
if (ssl_IsSupportedSignatureScheme((SSLSignatureScheme)tmp)) {
- schemes[numSchemes++] = (SSLSignatureScheme)tmp;
+ schemes[numSupported++] = (SSLSignatureScheme)tmp;
}
}
- if (!numSchemes) {
+ if (!numSupported) {
if (!arena) {
PORT_Free(schemes);
}
@@ -7058,7 +7271,7 @@ ssl_ParseSignatureSchemes(const sslSocket *ss, PLArenaPool *arena,
done:
*schemesOut = schemes;
- *numSchemesOut = numSchemes;
+ *numSchemesOut = numSupported;
return SECSuccess;
}
@@ -7114,6 +7327,11 @@ ssl3_HandleCertificateRequest(sslSocket *ss, PRUint8 *b, PRUint32 length)
PORT_SetError(SSL_ERROR_RX_MALFORMED_CERT_REQUEST);
goto loser; /* malformed, alert has been sent */
}
+ if (signatureSchemeCount == 0) {
+ errCode = SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM;
+ desc = handshake_failure;
+ goto alert_loser;
+ }
}
rv = ssl3_ParseCertificateRequestCAs(ss, &b, &length, &ca_list);
@@ -7239,16 +7457,25 @@ ssl3_CheckFalseStart(sslSocket *ss)
SSL_TRC(3, ("%d: SSL[%d]: no false start callback so no false start",
SSL_GETPID(), ss->fd));
} else {
- PRBool maybeFalseStart;
+ PRBool maybeFalseStart = PR_TRUE;
SECStatus rv;
+ rv = ssl_CheckServerRandom(ss);
+ if (rv != SECSuccess) {
+ SSL_TRC(3, ("%d: SSL[%d]: no false start due to possible downgrade",
+ SSL_GETPID(), ss->fd));
+ maybeFalseStart = PR_FALSE;
+ }
+
/* An attacker can control the selected ciphersuite so we only wish to
* do False Start in the case that the selected ciphersuite is
* sufficiently strong that the attack can gain no advantage.
* Therefore we always require an 80-bit cipher. */
- ssl_GetSpecReadLock(ss);
- maybeFalseStart = ss->ssl3.cwSpec->cipherDef->secret_key_size >= 10;
- ssl_ReleaseSpecReadLock(ss);
+ if (maybeFalseStart) {
+ ssl_GetSpecReadLock(ss);
+ maybeFalseStart = ss->ssl3.cwSpec->cipherDef->secret_key_size >= 10;
+ ssl_ReleaseSpecReadLock(ss);
+ }
if (!maybeFalseStart) {
SSL_TRC(3, ("%d: SSL[%d]: no false start due to weak cipher",
@@ -7647,6 +7874,30 @@ ssl3_KEASupportsTickets(const ssl3KEADef *kea_def)
return PR_TRUE;
}
+SECStatus
+ssl3_NegotiateCipherSuiteInner(sslSocket *ss, const SECItem *suites,
+ PRUint16 version, PRUint16 *suitep)
+{
+ unsigned int j;
+ unsigned int i;
+
+ for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
+ ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
+ SSLVersionRange vrange = { version, version };
+ if (!ssl3_config_match(suite, ss->ssl3.policy, &vrange, ss)) {
+ continue;
+ }
+ for (i = 0; i + 1 < suites->len; i += 2) {
+ PRUint16 suite_i = (suites->data[i] << 8) | suites->data[i + 1];
+ if (suite_i == suite->cipher_suite) {
+ *suitep = suite_i;
+ return SECSuccess;
+ }
+ }
+ }
+ return SECFailure;
+}
+
/* Select a cipher suite.
**
** NOTE: This suite selection algorithm should be the same as the one in
@@ -7665,24 +7916,16 @@ SECStatus
ssl3_NegotiateCipherSuite(sslSocket *ss, const SECItem *suites,
PRBool initHashes)
{
- unsigned int j;
- unsigned int i;
+ PRUint16 selected;
+ SECStatus rv;
- for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
- SSLVersionRange vrange = { ss->version, ss->version };
- if (!config_match(suite, ss->ssl3.policy, &vrange, ss)) {
- continue;
- }
- for (i = 0; i + 1 < suites->len; i += 2) {
- PRUint16 suite_i = (suites->data[i] << 8) | suites->data[i + 1];
- if (suite_i == suite->cipher_suite) {
- ss->ssl3.hs.cipher_suite = suite_i;
- return ssl3_SetupCipherSuite(ss, initHashes);
- }
- }
+ rv = ssl3_NegotiateCipherSuiteInner(ss, suites, ss->version, &selected);
+ if (rv != SECSuccess) {
+ return SECFailure;
}
- return SECFailure;
+
+ ss->ssl3.hs.cipher_suite = selected;
+ return ssl3_SetupCipherSuite(ss, initHashes);
}
/*
@@ -7814,9 +8057,12 @@ ssl3_ServerCallSNICallback(sslSocket *ss)
}
/* Need to tell the client that application has picked
* the name from the offered list and reconfigured the socket.
+ * Don't do this if we negotiated ESNI.
*/
- ssl3_RegisterExtensionSender(ss, &ss->xtnData, ssl_server_name_xtn,
- ssl_SendEmptyExtension);
+ if (!ssl3_ExtensionNegotiated(ss, ssl_tls13_encrypted_sni_xtn)) {
+ ssl3_RegisterExtensionSender(ss, &ss->xtnData, ssl_server_name_xtn,
+ ssl_SendEmptyExtension);
+ }
} else {
/* Callback returned index outside of the boundary. */
PORT_Assert((unsigned int)ret < ss->xtnData.sniNameArrSize);
@@ -7845,6 +8091,7 @@ ssl3_SelectServerCert(sslSocket *ss)
{
const ssl3KEADef *kea_def = ss->ssl3.hs.kea_def;
PRCList *cursor;
+ SECStatus rv;
/* If the client didn't include the supported groups extension, assume just
* P-256 support and disable all the other ECDHE groups. This also affects
@@ -7870,30 +8117,102 @@ ssl3_SelectServerCert(sslSocket *ss)
cursor != &ss->serverCerts;
cursor = PR_NEXT_LINK(cursor)) {
sslServerCert *cert = (sslServerCert *)cursor;
- if (!SSL_CERT_IS(cert, kea_def->authKeyType)) {
- continue;
- }
- if (SSL_CERT_IS_EC(cert) &&
- !ssl_NamedGroupEnabled(ss, cert->namedCurve)) {
- continue;
+ if (kea_def->authKeyType == ssl_auth_rsa_sign) {
+ /* We consider PSS certificates here as well for TLS 1.2. */
+ if (!SSL_CERT_IS(cert, ssl_auth_rsa_sign) &&
+ (!SSL_CERT_IS(cert, ssl_auth_rsa_pss) ||
+ ss->version < SSL_LIBRARY_VERSION_TLS_1_2)) {
+ continue;
+ }
+ } else {
+ if (!SSL_CERT_IS(cert, kea_def->authKeyType)) {
+ continue;
+ }
+ if (SSL_CERT_IS_EC(cert) &&
+ !ssl_NamedGroupEnabled(ss, cert->namedCurve)) {
+ continue;
+ }
}
/* Found one. */
ss->sec.serverCert = cert;
- ss->sec.authType = kea_def->authKeyType;
ss->sec.authKeyBits = cert->serverKeyBits;
/* Don't pick a signature scheme if we aren't going to use it. */
if (kea_def->signKeyType == nullKey) {
+ ss->sec.authType = kea_def->authKeyType;
return SECSuccess;
}
- return ssl3_PickServerSignatureScheme(ss);
+
+ rv = ssl3_PickServerSignatureScheme(ss);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ ss->sec.authType =
+ ssl_SignatureSchemeToAuthType(ss->ssl3.hs.signatureScheme);
+ return SECSuccess;
}
PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
return SECFailure;
}
+static SECStatus
+ssl_GenerateServerRandom(sslSocket *ss)
+{
+ SECStatus rv = ssl3_GetNewRandom(ss->ssl3.hs.server_random);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ if (ss->version == ss->vrange.max) {
+ return SECSuccess;
+ }
+#ifdef DTLS_1_3_DRAFT_VERSION
+ if (IS_DTLS(ss)) {
+ return SECSuccess;
+ }
+#endif
+
+ /*
+ * [RFC 8446 Section 4.1.3].
+ *
+ * TLS 1.3 servers which negotiate TLS 1.2 or below in response to a
+ * ClientHello MUST set the last 8 bytes of their Random value specially in
+ * their ServerHello.
+ *
+ * If negotiating TLS 1.2, TLS 1.3 servers MUST set the last 8 bytes of
+ * their Random value to the bytes:
+ *
+ * 44 4F 57 4E 47 52 44 01
+ *
+ * If negotiating TLS 1.1 or below, TLS 1.3 servers MUST, and TLS 1.2
+ * servers SHOULD, set the last 8 bytes of their ServerHello.Random value to
+ * the bytes:
+ *
+ * 44 4F 57 4E 47 52 44 00
+ */
+ PRUint8 *downgradeSentinel =
+ ss->ssl3.hs.server_random +
+ SSL3_RANDOM_LENGTH - sizeof(tls13_downgrade_random);
+
+ switch (ss->vrange.max) {
+ case SSL_LIBRARY_VERSION_TLS_1_3:
+ PORT_Memcpy(downgradeSentinel,
+ tls13_downgrade_random, sizeof(tls13_downgrade_random));
+ break;
+ case SSL_LIBRARY_VERSION_TLS_1_2:
+ PORT_Memcpy(downgradeSentinel,
+ tls12_downgrade_random, sizeof(tls12_downgrade_random));
+ break;
+ default:
+ /* Do not change random. */
+ break;
+ }
+
+ return SECSuccess;
+}
+
/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
* ssl3 Client Hello message.
* Caller must hold Handshake and RecvBuf locks.
@@ -8088,56 +8407,6 @@ ssl3_HandleClientHello(sslSocket *ss, PRUint8 *b, PRUint32 length)
}
}
- /* Generate the Server Random now so it is available
- * when we process the ClientKeyShare in TLS 1.3 */
- rv = ssl3_GetNewRandom(ss->ssl3.hs.server_random);
- if (rv != SECSuccess) {
- errCode = SSL_ERROR_GENERATE_RANDOM_FAILURE;
- goto loser;
- }
-
-#ifndef TLS_1_3_DRAFT_VERSION
- /*
- * [draft-ietf-tls-tls13-11 Section 6.3.1.1].
- * TLS 1.3 server implementations which respond to a ClientHello with a
- * client_version indicating TLS 1.2 or below MUST set the last eight
- * bytes of their Random value to the bytes:
- *
- * 44 4F 57 4E 47 52 44 01
- *
- * TLS 1.2 server implementations which respond to a ClientHello with a
- * client_version indicating TLS 1.1 or below SHOULD set the last eight
- * bytes of their Random value to the bytes:
- *
- * 44 4F 57 4E 47 52 44 00
- *
- * TODO(ekr@rtfm.com): Note this change was not added in the SSLv2
- * compat processing code since that will most likely be removed before
- * we ship the final version of TLS 1.3. Bug 1306672.
- */
- if (ss->vrange.max > ss->version) {
- PRUint8 *downgrade_sentinel =
- ss->ssl3.hs.server_random +
- SSL3_RANDOM_LENGTH - sizeof(tls13_downgrade_random);
-
- switch (ss->vrange.max) {
- case SSL_LIBRARY_VERSION_TLS_1_3:
- PORT_Memcpy(downgrade_sentinel,
- tls13_downgrade_random,
- sizeof(tls13_downgrade_random));
- break;
- case SSL_LIBRARY_VERSION_TLS_1_2:
- PORT_Memcpy(downgrade_sentinel,
- tls12_downgrade_random,
- sizeof(tls12_downgrade_random));
- break;
- default:
- /* Do not change random. */
- break;
- }
- }
-#endif
-
/* If there is a cookie, then this is a second ClientHello (TLS 1.3). */
if (ssl3_FindExtension(ss, ssl_tls13_cookie_xtn)) {
ss->ssl3.hs.helloRetry = PR_TRUE;
@@ -8397,7 +8666,7 @@ ssl3_HandleClientHelloPart2(sslSocket *ss,
* The product policy won't change during the process lifetime.
* Implemented ("isPresent") shouldn't change for servers.
*/
- if (!config_match(suite, ss->ssl3.policy, &vrange, ss))
+ if (!ssl3_config_match(suite, ss->ssl3.policy, &vrange, ss))
break;
#else
if (!suite->enabled)
@@ -8779,7 +9048,7 @@ ssl3_HandleV2ClientHello(sslSocket *ss, unsigned char *buffer, unsigned int leng
for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
SSLVersionRange vrange = { ss->version, ss->version };
- if (!config_match(suite, ss->ssl3.policy, &vrange, ss)) {
+ if (!ssl3_config_match(suite, ss->ssl3.policy, &vrange, ss)) {
continue;
}
for (i = 0; i + 2 < suite_length; i += 3) {
@@ -8884,6 +9153,7 @@ ssl_ConstructServerHello(sslSocket *ss, PRBool helloRetry,
SECStatus rv;
SSL3ProtocolVersion version;
sslSessionID *sid = ss->sec.ci.sid;
+ const PRUint8 *random;
version = PR_MIN(ss->version, SSL_LIBRARY_VERSION_TLS_1_2);
if (IS_DTLS(ss)) {
@@ -8893,9 +9163,17 @@ ssl_ConstructServerHello(sslSocket *ss, PRBool helloRetry,
if (rv != SECSuccess) {
return SECFailure;
}
- /* Random already generated in ssl3_HandleClientHello */
- rv = sslBuffer_Append(messageBuf, helloRetry ? ssl_hello_retry_random : ss->ssl3.hs.server_random,
- SSL3_RANDOM_LENGTH);
+
+ if (helloRetry) {
+ random = ssl_hello_retry_random;
+ } else {
+ rv = ssl_GenerateServerRandom(ss);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ random = ss->ssl3.hs.server_random;
+ }
+ rv = sslBuffer_Append(messageBuf, random, SSL3_RANDOM_LENGTH);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -9368,7 +9646,7 @@ ssl3_HandleCertificateVerify(sslSocket *ss, PRUint8 *b, PRUint32 length)
ss->sec.peerCert);
if (rv != SECSuccess) {
errCode = PORT_GetError();
- desc = decrypt_error;
+ desc = illegal_parameter;
goto alert_loser;
}
@@ -9501,6 +9779,23 @@ ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
return pms;
}
+static void
+ssl3_CSwapPK11SymKey(PK11SymKey **x, PK11SymKey **y, PRBool c)
+{
+ uintptr_t mask = (uintptr_t)c;
+ unsigned int i;
+ for (i = 1; i < sizeof(uintptr_t) * 8; i <<= 1) {
+ mask |= mask << i;
+ }
+ uintptr_t x_ptr = (uintptr_t)*x;
+ uintptr_t y_ptr = (uintptr_t)*y;
+ uintptr_t tmp = (x_ptr ^ y_ptr) & mask;
+ x_ptr = x_ptr ^ tmp;
+ y_ptr = y_ptr ^ tmp;
+ *x = (PK11SymKey *)x_ptr;
+ *y = (PK11SymKey *)y_ptr;
+}
+
/* Note: The Bleichenbacher attack on PKCS#1 necessitates that we NEVER
* return any indication of failure of the Client Key Exchange message,
* where that failure is caused by the content of the client's message.
@@ -9521,9 +9816,9 @@ ssl3_HandleRSAClientKeyExchange(sslSocket *ss,
{
SECStatus rv;
SECItem enc_pms;
- PK11SymKey *tmpPms[2] = { NULL, NULL };
- PK11SlotInfo *slot;
- int useFauxPms = 0;
+ PK11SymKey *pms = NULL;
+ PK11SymKey *fauxPms = NULL;
+ PK11SlotInfo *slot = NULL;
PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
@@ -9544,11 +9839,6 @@ ssl3_HandleRSAClientKeyExchange(sslSocket *ss,
}
}
-#define currentPms tmpPms[!useFauxPms]
-#define unusedPms tmpPms[useFauxPms]
-#define realPms tmpPms[1]
-#define fauxPms tmpPms[0]
-
/*
* Get as close to algorithm 2 from RFC 5246; Section 7.4.7.1
* as we can within the constraints of the PKCS#11 interface.
@@ -9603,40 +9893,33 @@ ssl3_HandleRSAClientKeyExchange(sslSocket *ss,
* the unwrap. Rather, it is the mechanism with which the
* unwrapped pms will be used.
*/
- realPms = PK11_PubUnwrapSymKey(serverKeyPair->privKey, &enc_pms,
- CKM_SSL3_MASTER_KEY_DERIVE, CKA_DERIVE, 0);
+ pms = PK11_PubUnwrapSymKey(serverKeyPair->privKey, &enc_pms,
+ CKM_SSL3_MASTER_KEY_DERIVE, CKA_DERIVE, 0);
/* Temporarily use the PMS if unwrapping the real PMS fails. */
- useFauxPms |= (realPms == NULL);
+ ssl3_CSwapPK11SymKey(&pms, &fauxPms, pms == NULL);
/* Attempt to derive the MS from the PMS. This is the only way to
* check the version field in the RSA PMS. If this fails, we
* then use the faux PMS in place of the PMS. Note that this
* operation should never fail if we are using the faux PMS
* since it is correctly formatted. */
- rv = ssl3_ComputeMasterSecret(ss, currentPms, NULL);
-
- /* If we succeeded, then select the true PMS and discard the
- * FPMS. Else, select the FPMS and select the true PMS */
- useFauxPms |= (rv != SECSuccess);
+ rv = ssl3_ComputeMasterSecret(ss, pms, NULL);
- if (unusedPms) {
- PK11_FreeSymKey(unusedPms);
- }
+ /* If we succeeded, then select the true PMS, else select the FPMS. */
+ ssl3_CSwapPK11SymKey(&pms, &fauxPms, (rv != SECSuccess) & (fauxPms != NULL));
/* This step will derive the MS from the PMS, among other things. */
- rv = ssl3_InitPendingCipherSpecs(ss, currentPms, PR_TRUE);
- PK11_FreeSymKey(currentPms);
+ rv = ssl3_InitPendingCipherSpecs(ss, pms, PR_TRUE);
+
+ /* Clear both PMS. */
+ PK11_FreeSymKey(pms);
+ PK11_FreeSymKey(fauxPms);
if (rv != SECSuccess) {
(void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
return SECFailure; /* error code set by ssl3_InitPendingCipherSpec */
}
-#undef currentPms
-#undef unusedPms
-#undef realPms
-#undef fauxPms
-
return SECSuccess;
}
@@ -10429,6 +10712,9 @@ ssl3_AuthCertificate(sslSocket *ss)
PR_TRUE, isServer);
if (rv != SECSuccess) {
errCode = PORT_GetError();
+ if (errCode == 0) {
+ errCode = SSL_ERROR_BAD_CERTIFICATE;
+ }
if (rv != SECWouldBlock) {
if (ss->handleBadCert) {
rv = (*ss->handleBadCert)(ss->badCertArg, ss->fd);
@@ -11252,7 +11538,7 @@ ssl3_FinishHandshake(sslSocket *ss)
}
SECStatus
-ssl_HashHandshakeMessageInt(sslSocket *ss, SSLHandshakeType type,
+ssl_HashHandshakeMessageInt(sslSocket *ss, SSLHandshakeType ct,
PRUint32 dtlsSeq,
const PRUint8 *b, PRUint32 length)
{
@@ -11262,7 +11548,7 @@ ssl_HashHandshakeMessageInt(sslSocket *ss, SSLHandshakeType type,
PRINT_BUF(50, (ss, "Hash handshake message:", b, length));
- hdr[0] = (PRUint8)type;
+ hdr[0] = (PRUint8)ct;
hdr[1] = (PRUint8)(length >> 16);
hdr[2] = (PRUint8)(length >> 8);
hdr[3] = (PRUint8)(length);
@@ -11302,10 +11588,10 @@ ssl_HashHandshakeMessageInt(sslSocket *ss, SSLHandshakeType type,
}
SECStatus
-ssl_HashHandshakeMessage(sslSocket *ss, SSLHandshakeType type,
+ssl_HashHandshakeMessage(sslSocket *ss, SSLHandshakeType ct,
const PRUint8 *b, PRUint32 length)
{
- return ssl_HashHandshakeMessageInt(ss, type, ss->ssl3.hs.recvMessageSeq,
+ return ssl_HashHandshakeMessageInt(ss, ct, ss->ssl3.hs.recvMessageSeq,
b, length);
}
@@ -11885,7 +12171,7 @@ ssl3_UnprotectRecord(sslSocket *ss,
PRBool isTLS;
unsigned int good;
unsigned int ivLen = 0;
- SSL3ContentType rType;
+ SSLContentType rType;
SSL3ProtocolVersion rVersion;
unsigned int minLength;
unsigned int originalLen = 0;
@@ -11959,7 +12245,7 @@ ssl3_UnprotectRecord(sslSocket *ss,
return SECFailure;
}
- rType = (SSL3ContentType)cText->hdr[0];
+ rType = (SSLContentType)cText->hdr[0];
rVersion = ((SSL3ProtocolVersion)cText->hdr[1] << 8) |
(SSL3ProtocolVersion)cText->hdr[2];
if (cipher_def->type == type_aead) {
@@ -12071,7 +12357,7 @@ ssl3_UnprotectRecord(sslSocket *ss,
}
SECStatus
-ssl3_HandleNonApplicationData(sslSocket *ss, SSL3ContentType rType,
+ssl3_HandleNonApplicationData(sslSocket *ss, SSLContentType rType,
DTLSEpoch epoch, sslSequenceNumber seqNum,
sslBuffer *databuf)
{
@@ -12089,20 +12375,20 @@ ssl3_HandleNonApplicationData(sslSocket *ss, SSL3ContentType rType,
** they return SECFailure or SECWouldBlock.
*/
switch (rType) {
- case content_change_cipher_spec:
+ case ssl_ct_change_cipher_spec:
rv = ssl3_HandleChangeCipherSpecs(ss, databuf);
break;
- case content_alert:
+ case ssl_ct_alert:
rv = ssl3_HandleAlert(ss, databuf);
break;
- case content_handshake:
+ case ssl_ct_handshake:
if (!IS_DTLS(ss)) {
rv = ssl3_HandleHandshake(ss, databuf);
} else {
rv = dtls_HandleHandshake(ss, epoch, seqNum, databuf);
}
break;
- case content_ack:
+ case ssl_ct_ack:
if (IS_DTLS(ss) && tls13_MaybeTls13(ss)) {
rv = dtls13_HandleAck(ss, databuf);
break;
@@ -12190,7 +12476,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText)
ssl3CipherSpec *spec = NULL;
PRUint16 recordSizeLimit;
PRBool outOfOrderSpec = PR_FALSE;
- SSL3ContentType rType;
+ SSLContentType rType;
sslBuffer *plaintext = &ss->gs.buf;
SSL3AlertDescription alert = internal_error;
PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
@@ -12208,7 +12494,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText)
/* We're waiting for another ClientHello, which will appear unencrypted.
* Use the content type to tell whether this should be discarded. */
if (ss->ssl3.hs.zeroRttIgnore == ssl_0rtt_ignore_hrr &&
- cText->hdr[0] == content_application_data) {
+ cText->hdr[0] == ssl_ct_application_data) {
PORT_Assert(ss->ssl3.hs.ws == wait_client_hello);
return SECSuccess;
}
@@ -12269,7 +12555,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText)
/* Encrypted application data records could arrive before the handshake
* completes in DTLS 1.3. These can look like valid TLS 1.2 application_data
* records in epoch 0, which is never valid. Pretend they didn't decrypt. */
- if (spec->epoch == 0 && rType == content_application_data) {
+ if (spec->epoch == 0 && rType == ssl_ct_application_data) {
PORT_SetError(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA);
alert = unexpected_message;
rv = SECFailure;
@@ -12304,7 +12590,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText)
* 0-RTT session that is resumed from a session that did negotiate it.
* We don't care about that corner case right now. */
if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
- cText->hdr[0] == content_change_cipher_spec &&
+ cText->hdr[0] == ssl_ct_change_cipher_spec &&
ss->ssl3.hs.ws != idle_handshake &&
cText->buf->len == 1 &&
cText->buf->buf[0] == change_cipher_spec_choice) {
@@ -12364,7 +12650,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText)
/* Application data records are processed by the caller of this
** function, not by this function.
*/
- if (rType == content_application_data) {
+ if (rType == ssl_ct_application_data) {
if (ss->firstHsDone)
return SECSuccess;
if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
diff --git a/security/nss/lib/ssl/ssl3ecc.c b/security/nss/lib/ssl/ssl3ecc.c
index f8b9a9400..52d5bb515 100644
--- a/security/nss/lib/ssl/ssl3ecc.c
+++ b/security/nss/lib/ssl/ssl3ecc.c
@@ -327,16 +327,13 @@ ssl3_HandleECDHClientKeyExchange(sslSocket *ss, PRUint8 *b,
** Take an encoded key share and make a public key out of it.
*/
SECStatus
-ssl_ImportECDHKeyShare(sslSocket *ss, SECKEYPublicKey *peerKey,
+ssl_ImportECDHKeyShare(SECKEYPublicKey *peerKey,
PRUint8 *b, PRUint32 length,
const sslNamedGroupDef *ecGroup)
{
SECStatus rv;
SECItem ecPoint = { siBuffer, NULL, 0 };
- PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss));
- PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
-
if (!length) {
PORT_SetError(SSL_ERROR_RX_MALFORMED_ECDHE_KEY_SHARE);
return SECFailure;
@@ -616,7 +613,7 @@ ssl3_HandleECDHServerKeyExchange(sslSocket *ss, PRUint8 *b, PRUint32 length)
peerKey->arena = arena;
/* create public key from point data */
- rv = ssl_ImportECDHKeyShare(ss, peerKey, ec_point.data, ec_point.len,
+ rv = ssl_ImportECDHKeyShare(peerKey, ec_point.data, ec_point.len,
ecGroup);
if (rv != SECSuccess) {
/* error code is set */
diff --git a/security/nss/lib/ssl/ssl3ext.c b/security/nss/lib/ssl/ssl3ext.c
index 9b6c719f8..60b5889e7 100644
--- a/security/nss/lib/ssl/ssl3ext.c
+++ b/security/nss/lib/ssl/ssl3ext.c
@@ -50,6 +50,7 @@ static const ssl3ExtensionHandler clientHelloHandlers[] = {
{ ssl_tls13_early_data_xtn, &tls13_ServerHandleEarlyDataXtn },
{ ssl_tls13_psk_key_exchange_modes_xtn, &tls13_ServerHandlePskModesXtn },
{ ssl_tls13_cookie_xtn, &tls13_ServerHandleCookieXtn },
+ { ssl_tls13_encrypted_sni_xtn, &tls13_ServerHandleEsniXtn },
{ ssl_record_size_limit_xtn, &ssl_HandleRecordSizeLimitXtn },
{ 0, NULL }
};
@@ -136,6 +137,7 @@ static const sslExtensionBuilder clientHelloSendersTLS[] =
{ ssl_signature_algorithms_xtn, &ssl3_SendSigAlgsXtn },
{ ssl_tls13_cookie_xtn, &tls13_ClientSendHrrCookieXtn },
{ ssl_tls13_psk_key_exchange_modes_xtn, &tls13_ClientSendPskModesXtn },
+ { ssl_tls13_encrypted_sni_xtn, &tls13_ClientSendEsniXtn },
{ ssl_record_size_limit_xtn, &ssl_SendRecordSizeLimitXtn },
/* The pre_shared_key extension MUST be last. */
{ ssl_tls13_pre_shared_key_xtn, &tls13_ClientSendPreSharedKeyXtn },
@@ -338,8 +340,6 @@ ssl3_ParseExtensions(sslSocket *ss, PRUint8 **b, PRUint32 *length)
return SECFailure; /* alert already sent */
}
- SSL_TRC(10, ("%d: SSL3[%d]: parsing extension %d",
- SSL_GETPID(), ss->fd, extension_type));
/* Check whether an extension has been sent multiple times. */
for (cursor = PR_NEXT_LINK(&ss->ssl3.hs.remoteExtensions);
cursor != &ss->ssl3.hs.remoteExtensions;
@@ -357,6 +357,9 @@ ssl3_ParseExtensions(sslSocket *ss, PRUint8 **b, PRUint32 *length)
return rv; /* alert already sent */
}
+ SSL_TRC(10, ("%d: SSL3[%d]: parsed extension %d len=%u",
+ SSL_GETPID(), ss->fd, extension_type, extension_data.len));
+
extension = PORT_ZNew(TLSExtension);
if (!extension) {
return SECFailure;
@@ -409,7 +412,9 @@ ssl_CallExtensionHandler(sslSocket *ss, SSLHandshakeType handshakeMessage,
/* Find extension_type in table of Hello Extension Handlers. */
for (; handler->ex_handler != NULL; ++handler) {
if (handler->ex_type == extension->type) {
- rv = (*handler->ex_handler)(ss, &ss->xtnData, &extension->data);
+ SECItem tmp = extension->data;
+
+ rv = (*handler->ex_handler)(ss, &ss->xtnData, &tmp);
break;
}
}
@@ -960,6 +965,8 @@ ssl3_DestroyExtensionData(TLSExtensionData *xtnData)
xtnData->certReqAuthorities.arena = NULL;
}
PORT_Free(xtnData->advertised);
+ ssl_FreeEphemeralKeyPair(xtnData->esniPrivateKey);
+ SECITEM_FreeItem(&xtnData->keyShareExtension, PR_FALSE);
}
/* Free everything that has been allocated and then reset back to
diff --git a/security/nss/lib/ssl/ssl3ext.h b/security/nss/lib/ssl/ssl3ext.h
index 6d77c7459..d96b4cffe 100644
--- a/security/nss/lib/ssl/ssl3ext.h
+++ b/security/nss/lib/ssl/ssl3ext.h
@@ -11,6 +11,8 @@
#include "sslencode.h"
+#define TLS13_ESNI_NONCE_SIZE 16
+
typedef enum {
sni_nametype_hostname
} SNINameType;
@@ -101,6 +103,14 @@ struct TLSExtensionDataStr {
/* The record size limit set by the peer. Our value is kept in ss->opt. */
PRUint16 recordSizeLimit;
+
+ /* ESNI working state */
+ SECItem keyShareExtension;
+ ssl3CipherSuite esniSuite;
+ sslEphemeralKeyPair *esniPrivateKey;
+ /* Pointer into |ss->esniKeys->keyShares| */
+ TLS13KeyShareEntry *peerEsniShare;
+ PRUint8 esniNonce[TLS13_ESNI_NONCE_SIZE];
};
typedef struct TLSExtensionStr {
diff --git a/security/nss/lib/ssl/ssl3exthandle.c b/security/nss/lib/ssl/ssl3exthandle.c
index d1f286dc3..a2d83fa97 100644
--- a/security/nss/lib/ssl/ssl3exthandle.c
+++ b/security/nss/lib/ssl/ssl3exthandle.c
@@ -15,30 +15,40 @@
#include "selfencrypt.h"
#include "ssl3ext.h"
#include "ssl3exthandle.h"
+#include "tls13esni.h"
#include "tls13exthandle.h" /* For tls13_ServerSendStatusRequestXtn. */
+PRBool
+ssl_ShouldSendSNIExtension(const sslSocket *ss, const char *url)
+{
+ PRNetAddr netAddr;
+
+ /* must have a hostname */
+ if (!url || !url[0]) {
+ return PR_FALSE;
+ }
+ /* must not be an IPv4 or IPv6 address */
+ if (PR_SUCCESS == PR_StringToNetAddr(url, &netAddr)) {
+ /* is an IP address (v4 or v6) */
+ return PR_FALSE;
+ }
+
+ return PR_TRUE;
+}
+
/* Format an SNI extension, using the name from the socket's URL,
* unless that name is a dotted decimal string.
* Used by client and server.
*/
SECStatus
-ssl3_ClientSendServerNameXtn(const sslSocket *ss, TLSExtensionData *xtnData,
- sslBuffer *buf, PRBool *added)
+ssl3_ClientFormatServerNameXtn(const sslSocket *ss, const char *url,
+ TLSExtensionData *xtnData,
+ sslBuffer *buf)
{
unsigned int len;
- PRNetAddr netAddr;
SECStatus rv;
- /* must have a hostname */
- if (!ss->url || !ss->url[0]) {
- return SECSuccess;
- }
- /* must not be an IPv4 or IPv6 address */
- if (PR_SUCCESS == PR_StringToNetAddr(ss->url, &netAddr)) {
- /* is an IP address (v4 or v6) */
- return SECSuccess;
- }
- len = PORT_Strlen(ss->url);
+ len = PORT_Strlen(url);
/* length of server_name_list */
rv = sslBuffer_AppendNumber(buf, len + 3, 2);
if (rv != SECSuccess) {
@@ -50,7 +60,33 @@ ssl3_ClientSendServerNameXtn(const sslSocket *ss, TLSExtensionData *xtnData,
return SECFailure;
}
/* HostName (length and value) */
- rv = sslBuffer_AppendVariable(buf, (const PRUint8 *)ss->url, len, 2);
+ rv = sslBuffer_AppendVariable(buf, (const PRUint8 *)url, len, 2);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+SECStatus
+ssl3_ClientSendServerNameXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ sslBuffer *buf, PRBool *added)
+{
+ SECStatus rv;
+
+ const char *url = ss->url;
+
+ /* We only make an ESNI private key if we are going to
+ * send ESNI. */
+ if (ss->xtnData.esniPrivateKey != NULL) {
+ url = ss->esniKeys->dummySni;
+ }
+
+ if (!ssl_ShouldSendSNIExtension(ss, url)) {
+ return SECSuccess;
+ }
+
+ rv = ssl3_ClientFormatServerNameXtn(ss, url, xtnData, buf);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -59,7 +95,6 @@ ssl3_ClientSendServerNameXtn(const sslSocket *ss, TLSExtensionData *xtnData,
return SECSuccess;
}
-/* Handle an incoming SNI extension. */
SECStatus
ssl3_HandleServerNameXtn(const sslSocket *ss, TLSExtensionData *xtnData,
SECItem *data)
@@ -72,6 +107,13 @@ ssl3_HandleServerNameXtn(const sslSocket *ss, TLSExtensionData *xtnData,
return SECSuccess; /* ignore extension */
}
+ if (ssl3_ExtensionNegotiated(ss, ssl_tls13_encrypted_sni_xtn)) {
+ /* If we already have ESNI, make sure we don't overwrite
+ * the value. */
+ PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_TLS_1_3);
+ return SECSuccess;
+ }
+
/* Server side - consume client data and register server sender. */
/* do not parse the data if don't have user extension handling function. */
if (!ss->sniSocketConfig) {
@@ -1174,17 +1216,18 @@ ssl3_ProcessSessionTicketCommon(sslSocket *ss, const SECItem *ticket,
&decryptedTicket.len,
decryptedTicket.len);
if (rv != SECSuccess) {
- SECITEM_ZfreeItem(&decryptedTicket, PR_FALSE);
-
- /* Fail with no ticket if we're not a recipient. Otherwise
- * it's a hard failure. */
- if (PORT_GetError() != SEC_ERROR_NOT_A_RECIPIENT) {
- SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
- return SECFailure;
+ /* Ignore decryption failure if we are doing TLS 1.3; that
+ * means the server rejects the client's resumption
+ * attempt. In TLS 1.2, however, it's a hard failure, unless
+ * it's just because we're not the recipient of the ticket. */
+ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 ||
+ PORT_GetError() == SEC_ERROR_NOT_A_RECIPIENT) {
+ SECITEM_ZfreeItem(&decryptedTicket, PR_FALSE);
+ return SECSuccess;
}
- /* We didn't have the right key, so pretend we don't have a
- * ticket. */
+ SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
+ goto loser;
}
rv = ssl_ParseSessionTicket(ss, &decryptedTicket, &parsedTicket);
diff --git a/security/nss/lib/ssl/ssl3exthandle.h b/security/nss/lib/ssl/ssl3exthandle.h
index eaf7f0081..3e9b418cf 100644
--- a/security/nss/lib/ssl/ssl3exthandle.h
+++ b/security/nss/lib/ssl/ssl3exthandle.h
@@ -91,6 +91,10 @@ SECStatus ssl3_HandleExtendedMasterSecretXtn(const sslSocket *ss,
SECItem *data);
SECStatus ssl3_ProcessSessionTicketCommon(sslSocket *ss, const SECItem *ticket,
/* out */ SECItem *appToken);
+PRBool ssl_ShouldSendSNIExtension(const sslSocket *ss, const char *url);
+SECStatus ssl3_ClientFormatServerNameXtn(const sslSocket *ss, const char *url,
+ TLSExtensionData *xtnData,
+ sslBuffer *buf);
SECStatus ssl3_ClientSendServerNameXtn(const sslSocket *ss,
TLSExtensionData *xtnData,
sslBuffer *buf, PRBool *added);
diff --git a/security/nss/lib/ssl/ssl3gthr.c b/security/nss/lib/ssl/ssl3gthr.c
index 5ea7cc249..64a1878f7 100644
--- a/security/nss/lib/ssl/ssl3gthr.c
+++ b/security/nss/lib/ssl/ssl3gthr.c
@@ -60,8 +60,8 @@ ssl3_isLikelyV3Hello(const unsigned char *buf)
}
/* Check for a typical V3 record header. */
- return (PRBool)(buf[0] >= content_change_cipher_spec &&
- buf[0] <= content_application_data &&
+ return (PRBool)(buf[0] >= ssl_ct_change_cipher_spec &&
+ buf[0] <= ssl_ct_application_data &&
buf[1] == MSB(SSL_LIBRARY_VERSION_3_0));
}
@@ -314,7 +314,7 @@ dtls_GatherData(sslSocket *ss, sslGather *gs, int flags)
contentType = gs->dtlsPacket.buf[gs->dtlsPacketOffset];
if (dtls_IsLongHeader(ss->version, contentType)) {
headerLen = 13;
- } else if (contentType == content_application_data) {
+ } else if (contentType == ssl_ct_application_data) {
headerLen = 7;
} else if ((contentType & 0xe0) == 0x20) {
headerLen = 2;
@@ -463,15 +463,15 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
SSL_DBG(("%d: SSL3[%d]: resuming handshake",
SSL_GETPID(), ss->fd));
PORT_Assert(!IS_DTLS(ss));
- rv = ssl3_HandleNonApplicationData(ss, content_handshake,
+ rv = ssl3_HandleNonApplicationData(ss, ssl_ct_handshake,
0, 0, &ss->gs.buf);
} else {
/* State for SSLv2 client hello support. */
ssl2Gather ssl2gs = { PR_FALSE, 0 };
ssl2Gather *ssl2gs_ptr = NULL;
- /* If we're a server and waiting for a client hello, accept v2. */
- if (ss->sec.isServer && ss->ssl3.hs.ws == wait_client_hello) {
+ if (ss->sec.isServer && ss->opt.enableV2CompatibleHello &&
+ ss->ssl3.hs.ws == wait_client_hello) {
ssl2gs_ptr = &ssl2gs;
}
@@ -484,8 +484,8 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
}
if (!IS_DTLS(ss)) {
- /* If we're a server waiting for a ClientHello then pass
- * ssl2gs to support SSLv2 ClientHello messages. */
+ /* Passing a non-NULL ssl2gs here enables detection of
+ * SSLv2-compatible ClientHello messages. */
rv = ssl3_GatherData(ss, &ss->gs, flags, ssl2gs_ptr);
} else {
rv = dtls_GatherData(ss, &ss->gs, flags);
diff --git a/security/nss/lib/ssl/ssl3prot.h b/security/nss/lib/ssl/ssl3prot.h
index 8e6cf2745..bfaa10d3f 100644
--- a/security/nss/lib/ssl/ssl3prot.h
+++ b/security/nss/lib/ssl/ssl3prot.h
@@ -13,10 +13,8 @@
typedef PRUint16 SSL3ProtocolVersion;
/* version numbers are defined in sslproto.h */
-/* The TLS 1.3 draft version. Used to avoid negotiating
- * between incompatible pre-standard TLS 1.3 drafts.
- * TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */
-#define TLS_1_3_DRAFT_VERSION 28
+/* DTLS 1.3 is still a draft. */
+#define DTLS_1_3_DRAFT_VERSION 28
typedef PRUint16 ssl3CipherSuite;
/* The cipher suites are defined in sslproto.h */
@@ -35,15 +33,6 @@ typedef PRUint16 ssl3CipherSuite;
#define MAX_FRAGMENT_LENGTH 16384
-typedef enum {
- content_change_cipher_spec = 20,
- content_alert = 21,
- content_handshake = 22,
- content_application_data = 23,
- content_alt_handshake = 24,
- content_ack = 25
-} SSL3ContentType;
-
typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
typedef enum { alert_warning = 1,
diff --git a/security/nss/lib/ssl/sslcert.c b/security/nss/lib/ssl/sslcert.c
index 1c3ddb0e7..878df761e 100644
--- a/security/nss/lib/ssl/sslcert.c
+++ b/security/nss/lib/ssl/sslcert.c
@@ -436,8 +436,6 @@ ssl_GetCertificateAuthTypes(CERTCertificate *cert, SSLAuthType targetAuthType)
case SEC_OID_PKCS1_RSA_ENCRYPTION:
if (cert->keyUsage & KU_DIGITAL_SIGNATURE) {
authTypes |= 1 << ssl_auth_rsa_sign;
- /* This certificate is RSA, assume that it's also PSS. */
- authTypes |= 1 << ssl_auth_rsa_pss;
}
if (cert->keyUsage & KU_KEY_ENCIPHERMENT) {
diff --git a/security/nss/lib/ssl/sslerr.h b/security/nss/lib/ssl/sslerr.h
index 518a2b887..a4aa27657 100644
--- a/security/nss/lib/ssl/sslerr.h
+++ b/security/nss/lib/ssl/sslerr.h
@@ -264,6 +264,10 @@ typedef enum {
SSL_ERROR_BAD_RESUMPTION_TOKEN_ERROR = (SSL_ERROR_BASE + 173),
SSL_ERROR_RX_MALFORMED_DTLS_ACK = (SSL_ERROR_BASE + 174),
SSL_ERROR_DH_KEY_TOO_LONG = (SSL_ERROR_BASE + 175),
+ SSL_ERROR_RX_MALFORMED_ESNI_KEYS = (SSL_ERROR_BASE + 176),
+ SSL_ERROR_RX_MALFORMED_ESNI_EXTENSION = (SSL_ERROR_BASE + 177),
+ SSL_ERROR_MISSING_ESNI_EXTENSION = (SSL_ERROR_BASE + 178),
+ SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE = (SSL_ERROR_BASE + 179),
SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */
} SSLErrorCodes;
#endif /* NO_SECURITY_ERROR_ENUM */
diff --git a/security/nss/lib/ssl/sslexp.h b/security/nss/lib/ssl/sslexp.h
index 08654f885..f450e528d 100644
--- a/security/nss/lib/ssl/sslexp.h
+++ b/security/nss/lib/ssl/sslexp.h
@@ -367,6 +367,7 @@ typedef struct SSLResumptionTokenInfoStr {
PRUint8 *alpnSelection;
PRUint32 alpnSelectionLen;
PRUint32 maxEarlyDataSize;
+ PRTime expirationTime; /* added in NSS 3.41 */
} SSLResumptionTokenInfo;
/*
@@ -452,8 +453,65 @@ typedef SECStatus(PR_CALLBACK *SSLResumptionTokenCallback)(
(PRFileDesc * _fd, PRUint32 _size), \
(fd, size))
-/* Deprecated experimental APIs */
+/* Set the ESNI key pair on a socket (server side)
+ *
+ * fd -- the socket
+ * record/recordLen -- the encoded DNS record (not base64)
+ *
+ * Important: the suites that are advertised in the record must
+ * be configured on, or this call will fail.
+ */
+#define SSL_SetESNIKeyPair(fd, \
+ privKey, record, recordLen) \
+ SSL_EXPERIMENTAL_API("SSL_SetESNIKeyPair", \
+ (PRFileDesc * _fd, \
+ SECKEYPrivateKey * _privKey, \
+ const PRUint8 *_record, unsigned int _recordLen), \
+ (fd, privKey, \
+ record, recordLen))
+/* Set the ESNI keys on a client
+ *
+ * fd -- the socket
+ * ensikeys/esniKeysLen -- the ESNI key structure (not base64)
+ * dummyESNI -- the dummy ESNI to use (if any)
+ */
+#define SSL_EnableESNI(fd, esniKeys, esniKeysLen, dummySNI) \
+ SSL_EXPERIMENTAL_API("SSL_EnableESNI", \
+ (PRFileDesc * _fd, \
+ const PRUint8 *_esniKeys, \
+ unsigned int _esniKeysLen, \
+ const char *_dummySNI), \
+ (fd, esniKeys, esniKeysLen, dummySNI))
+
+/*
+ * Generate an encoded ESNIKeys structure (presumably server side).
+ *
+ * cipherSuites -- the cipher suites that can be used
+ * cipherSuitesCount -- the number of suites in cipherSuites
+ * group -- the named group this key corresponds to
+ * pubKey -- the public key for the key pair
+ * pad -- the length to pad to
+ * notBefore/notAfter -- validity range
+ * out/outlen/maxlen -- where to output the data
+ */
+#define SSL_EncodeESNIKeys(cipherSuites, cipherSuiteCount, \
+ group, pubKey, pad, notBefore, notAfter, \
+ out, outlen, maxlen) \
+ SSL_EXPERIMENTAL_API("SSL_EncodeESNIKeys", \
+ (PRUint16 * _cipherSuites, \
+ unsigned int _cipherSuiteCount, \
+ SSLNamedGroup _group, \
+ SECKEYPublicKey *_pubKey, \
+ PRUint16 _pad, \
+ PRUint64 _notBefore, PRUint64 _notAfter, \
+ PRUint8 *_out, unsigned int *_outlen, \
+ unsigned int _maxlen), \
+ (cipherSuites, cipherSuiteCount, \
+ group, pubKey, pad, notBefore, notAfter, \
+ out, outlen, maxlen))
+
+/* Deprecated experimental APIs */
#define SSL_UseAltServerHelloType(fd, enable) SSL_DEPRECATED_EXPERIMENTAL_API
SEC_END_PROTOS
diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h
index a2209e90a..35240d2fb 100644
--- a/security/nss/lib/ssl/sslimpl.h
+++ b/security/nss/lib/ssl/sslimpl.h
@@ -36,6 +36,10 @@
typedef struct sslSocketStr sslSocket;
typedef struct sslNamedGroupDefStr sslNamedGroupDef;
+typedef struct sslEsniKeysStr sslEsniKeys;
+typedef struct sslEphemeralKeyPairStr sslEphemeralKeyPair;
+typedef struct TLS13KeyShareEntryStr TLS13KeyShareEntry;
+
#include "sslencode.h"
#include "sslexp.h"
#include "ssl3ext.h"
@@ -230,7 +234,7 @@ typedef struct {
#define MAX_DTLS_SRTP_CIPHER_SUITES 4
/* MAX_SIGNATURE_SCHEMES allows for all the values we support. */
-#define MAX_SIGNATURE_SCHEMES 15
+#define MAX_SIGNATURE_SCHEMES 18
typedef struct sslOptionsStr {
/* If SSL_SetNextProtoNego has been called, then this contains the
@@ -266,6 +270,8 @@ typedef struct sslOptionsStr {
unsigned int enable0RttData : 1;
unsigned int enableTls13CompatMode : 1;
unsigned int enableDtlsShortHeader : 1;
+ unsigned int enableHelloDowngradeCheck : 1;
+ unsigned int enableV2CompatibleHello : 1;
} sslOptions;
typedef enum { sslHandshakingUndetermined = 0,
@@ -552,16 +558,16 @@ typedef SECStatus (*sslRestartTarget)(sslSocket *);
typedef struct DTLSQueuedMessageStr {
PRCList link; /* The linked list link */
ssl3CipherSpec *cwSpec; /* The cipher spec to use, null for none */
- SSL3ContentType type; /* The message type */
+ SSLContentType type; /* The message type */
unsigned char *data; /* The data */
PRUint16 len; /* The data length */
} DTLSQueuedMessage;
-typedef struct TLS13KeyShareEntryStr {
+struct TLS13KeyShareEntryStr {
PRCList link; /* The linked list link */
const sslNamedGroupDef *group; /* The group for the entry */
SECItem key_exchange; /* The share itself */
-} TLS13KeyShareEntry;
+};
typedef struct TLS13EarlyDataStr {
PRCList link; /* The linked list link */
@@ -803,11 +809,11 @@ struct sslKeyPairStr {
PRInt32 refCount; /* use PR_Atomic calls for this. */
};
-typedef struct {
+struct sslEphemeralKeyPairStr {
PRCList link;
const sslNamedGroupDef *group;
sslKeyPair *keys;
-} sslEphemeralKeyPair;
+};
struct ssl3DHParamsStr {
SSLNamedGroup name;
@@ -1064,6 +1070,10 @@ struct sslSocketStr {
/* Whether we are doing stream or datagram mode */
SSLProtocolVariant protocolVariant;
+
+ /* The information from the ESNI keys record
+ * (also the private key for the server). */
+ sslEsniKeys *esniKeys;
};
struct sslSelfEncryptKeysStr {
@@ -1168,11 +1178,13 @@ extern int ssl_Do1stHandshake(sslSocket *ss);
extern SECStatus ssl3_InitPendingCipherSpecs(sslSocket *ss, PK11SymKey *secret,
PRBool derive);
+extern void ssl_DestroyKeyMaterial(ssl3KeyMaterial *keyMaterial);
extern sslSessionID *ssl3_NewSessionID(sslSocket *ss, PRBool is_server);
extern sslSessionID *ssl_LookupSID(const PRIPv6Addr *addr, PRUint16 port,
const char *peerID, const char *urlSvrName);
extern void ssl_FreeSID(sslSessionID *sid);
extern void ssl_DestroySID(sslSessionID *sid, PRBool freeIt);
+extern sslSessionID *ssl_ReferenceSID(sslSessionID *sid);
extern int ssl3_SendApplicationData(sslSocket *ss, const PRUint8 *in,
int len, int flags);
@@ -1215,7 +1227,7 @@ SECStatus ssl_HashHandshakeMessage(sslSocket *ss, SSLHandshakeType type,
extern PRBool ssl3_WaitingForServerSecondRound(sslSocket *ss);
extern PRInt32 ssl3_SendRecord(sslSocket *ss, ssl3CipherSpec *cwSpec,
- SSL3ContentType type,
+ SSLContentType type,
const PRUint8 *pIn, PRInt32 nIn,
PRInt32 flags);
@@ -1387,7 +1399,7 @@ SECStatus ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type);
* input into the SSL3 machinery from the actualy network reading code
*/
SECStatus ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cipher);
-SECStatus ssl3_HandleNonApplicationData(sslSocket *ss, SSL3ContentType rType,
+SECStatus ssl3_HandleNonApplicationData(sslSocket *ss, SSLContentType rType,
DTLSEpoch epoch,
sslSequenceNumber seqNum,
sslBuffer *databuf);
@@ -1497,7 +1509,7 @@ extern SECStatus ssl3_HandleECDHClientKeyExchange(sslSocket *ss,
sslKeyPair *serverKeys);
extern SECStatus ssl3_SendECDHServerKeyExchange(sslSocket *ss);
extern SECStatus ssl_ImportECDHKeyShare(
- sslSocket *ss, SECKEYPublicKey *peerKey,
+ SECKEYPublicKey *peerKey,
PRUint8 *b, PRUint32 length, const sslNamedGroupDef *curve);
extern SECStatus ssl3_ComputeCommonKeyHash(SSLHashType hashAlg,
@@ -1562,6 +1574,12 @@ extern void ssl_FreePRSocket(PRFileDesc *fd);
* various ciphers */
extern unsigned int ssl3_config_match_init(sslSocket *);
+/* Return PR_TRUE if suite is usable. This if the suite is permitted by policy,
+ * enabled, has a certificate (as needed), has a viable key agreement method, is
+ * usable with the negotiated TLS version, and is otherwise usable. */
+PRBool ssl3_config_match(const ssl3CipherSuiteCfg *suite, PRUint8 policy,
+ const SSLVersionRange *vrange, const sslSocket *ss);
+
/* calls for accessing wrapping keys across processes. */
extern SECStatus
ssl_GetWrappingKey(unsigned int symWrapMechIndex, unsigned int wrapKeyIndex,
@@ -1591,6 +1609,8 @@ extern SECStatus ssl_InitSessionCacheLocks(PRBool lazyInit);
extern SECStatus ssl_FreeSessionCacheLocks(void);
CK_MECHANISM_TYPE ssl3_Alg2Mech(SSLCipherAlgorithm calg);
+SECStatus ssl3_NegotiateCipherSuiteInner(sslSocket *ss, const SECItem *suites,
+ PRUint16 version, PRUint16 *suitep);
SECStatus ssl3_NegotiateCipherSuite(sslSocket *ss, const SECItem *suites,
PRBool initHashes);
SECStatus ssl3_InitHandshakeHashes(sslSocket *ss);
@@ -1638,8 +1658,12 @@ PK11SymKey *ssl3_GetWrappingKey(sslSocket *ss,
SECStatus ssl3_FillInCachedSID(sslSocket *ss, sslSessionID *sid,
PK11SymKey *secret);
const ssl3CipherSuiteDef *ssl_LookupCipherSuiteDef(ssl3CipherSuite suite);
+const ssl3CipherSuiteCfg *ssl_LookupCipherSuiteCfg(ssl3CipherSuite suite,
+ const ssl3CipherSuiteCfg *suites);
+
SECStatus ssl3_SelectServerCert(sslSocket *ss);
SECStatus ssl_PickSignatureScheme(sslSocket *ss,
+ CERTCertificate *cert,
SECKEYPublicKey *pubKey,
SECKEYPrivateKey *privKey,
const SSLSignatureScheme *peerSchemes,
@@ -1647,11 +1671,11 @@ SECStatus ssl_PickSignatureScheme(sslSocket *ss,
PRBool requireSha1);
SECOidTag ssl3_HashTypeToOID(SSLHashType hashType);
SSLHashType ssl_SignatureSchemeToHashType(SSLSignatureScheme scheme);
-KeyType ssl_SignatureSchemeToKeyType(SSLSignatureScheme scheme);
+SSLAuthType ssl_SignatureSchemeToAuthType(SSLSignatureScheme scheme);
SECStatus ssl3_SetupCipherSuite(sslSocket *ss, PRBool initHashes);
SECStatus ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec,
- SSL3ContentType contentType, sslBuffer *wrBuf,
+ SSLContentType contentType, sslBuffer *wrBuf,
PRBool *needsLength);
/* Pull in DTLS functions */
@@ -1703,7 +1727,7 @@ void ssl_Trace(const char *format, ...);
void ssl_CacheExternalToken(sslSocket *ss);
SECStatus ssl_DecodeResumptionToken(sslSessionID *sid, const PRUint8 *encodedTicket,
PRUint32 encodedTicketLen);
-PRBool ssl_IsResumptionTokenValid(sslSocket *ss);
+PRBool ssl_IsResumptionTokenUsable(sslSocket *ss, sslSessionID *sid);
/* Remove when stable. */
diff --git a/security/nss/lib/ssl/sslnonce.c b/security/nss/lib/ssl/sslnonce.c
index f79c23fc7..f8fb5d50f 100644
--- a/security/nss/lib/ssl/sslnonce.c
+++ b/security/nss/lib/ssl/sslnonce.c
@@ -233,10 +233,21 @@ ssl_FreeLockedSID(sslSessionID *sid)
*/
void
ssl_FreeSID(sslSessionID *sid)
+{
+ if (sid) {
+ LOCK_CACHE;
+ ssl_FreeLockedSID(sid);
+ UNLOCK_CACHE;
+ }
+}
+
+sslSessionID *
+ssl_ReferenceSID(sslSessionID *sid)
{
LOCK_CACHE;
- ssl_FreeLockedSID(sid);
+ sid->references++;
UNLOCK_CACHE;
+ return sid;
}
/************************************************************************/
@@ -704,10 +715,9 @@ ssl_DecodeResumptionToken(sslSessionID *sid, const PRUint8 *encodedToken,
}
PRBool
-ssl_IsResumptionTokenValid(sslSocket *ss)
+ssl_IsResumptionTokenUsable(sslSocket *ss, sslSessionID *sid)
{
PORT_Assert(ss);
- sslSessionID *sid = ss->sec.ci.sid;
PORT_Assert(sid);
// Check that the ticket didn't expire.
@@ -1093,10 +1103,12 @@ ssl_CacheExternalToken(sslSocket *ss)
PRINT_BUF(40, (ss, "SSL: encoded resumption token",
SSL_BUFFER_BASE(&encodedToken),
SSL_BUFFER_LEN(&encodedToken)));
- ss->resumptionTokenCallback(ss->fd, SSL_BUFFER_BASE(&encodedToken),
- SSL_BUFFER_LEN(&encodedToken),
- ss->resumptionTokenContext);
-
+ SECStatus rv = ss->resumptionTokenCallback(
+ ss->fd, SSL_BUFFER_BASE(&encodedToken), SSL_BUFFER_LEN(&encodedToken),
+ ss->resumptionTokenContext);
+ if (rv == SECSuccess) {
+ sid->cached = in_external_cache;
+ }
sslBuffer_Clear(&encodedToken);
}
@@ -1200,17 +1212,23 @@ ssl3_SetSIDSessionTicket(sslSessionID *sid,
PORT_Assert(newSessionTicket->ticket.data);
PORT_Assert(newSessionTicket->ticket.len != 0);
- /* if sid->u.ssl3.lock, we are updating an existing entry that is already
- * cached or was once cached, so we need to acquire and release the write
- * lock. Otherwise, this is a new session that isn't shared with anything
- * yet, so no locking is needed.
+ /* If this is in the client cache, we are updating an existing entry that is
+ * already cached or was once cached, so we need to acquire and release the
+ * write lock. Otherwise, this is a new session that isn't shared with
+ * anything yet, so no locking is needed.
*/
if (sid->u.ssl3.lock) {
+ PORT_Assert(sid->cached == in_client_cache);
PR_RWLock_Wlock(sid->u.ssl3.lock);
- if (sid->u.ssl3.locked.sessionTicket.ticket.data) {
- SECITEM_FreeItem(&sid->u.ssl3.locked.sessionTicket.ticket,
- PR_FALSE);
- }
+ }
+ /* If this was in the client cache, then we might have to free the old
+ * ticket. In TLS 1.3, we might get a replacement ticket if the server
+ * sends more than one ticket. */
+ if (sid->u.ssl3.locked.sessionTicket.ticket.data) {
+ PORT_Assert(sid->cached == in_client_cache ||
+ sid->version >= SSL_LIBRARY_VERSION_TLS_1_3);
+ SECITEM_FreeItem(&sid->u.ssl3.locked.sessionTicket.ticket,
+ PR_FALSE);
}
PORT_Assert(!sid->u.ssl3.locked.sessionTicket.ticket.data);
diff --git a/security/nss/lib/ssl/sslsecur.c b/security/nss/lib/ssl/sslsecur.c
index a1d389214..c011b66a1 100644
--- a/security/nss/lib/ssl/sslsecur.c
+++ b/security/nss/lib/ssl/sslsecur.c
@@ -685,23 +685,6 @@ ssl_SecureConnect(sslSocket *ss, const PRNetAddr *sa)
}
/*
- * The TLS 1.2 RFC 5246, Section 7.2.1 says:
- *
- * Unless some other fatal alert has been transmitted, each party is
- * required to send a close_notify alert before closing the write side
- * of the connection. The other party MUST respond with a close_notify
- * alert of its own and close down the connection immediately,
- * discarding any pending writes. It is not required for the initiator
- * of the close to wait for the responding close_notify alert before
- * closing the read side of the connection.
- *
- * The second sentence requires that we send a close_notify alert when we
- * have received a close_notify alert. In practice, all SSL implementations
- * close the socket immediately after sending a close_notify alert (which is
- * allowed by the third sentence), so responding with a close_notify alert
- * would result in a write failure with the ECONNRESET error. This is why
- * we don't respond with a close_notify alert.
- *
* Also, in the unlikely event that the TCP pipe is full and the peer stops
* reading, the SSL3_SendAlert call in ssl_SecureClose and ssl_SecureShutdown
* may block indefinitely in blocking mode, and may fail (without retrying)
@@ -714,8 +697,7 @@ ssl_SecureClose(sslSocket *ss)
int rv;
if (!(ss->shutdownHow & ssl_SHUTDOWN_SEND) &&
- ss->firstHsDone &&
- !ss->recvdCloseNotify) {
+ ss->firstHsDone) {
/* We don't want the final alert to be Nagle delayed. */
if (!ss->delayDisabled) {
@@ -744,8 +726,7 @@ ssl_SecureShutdown(sslSocket *ss, int nsprHow)
if ((sslHow & ssl_SHUTDOWN_SEND) != 0 &&
!(ss->shutdownHow & ssl_SHUTDOWN_SEND) &&
- ss->firstHsDone &&
- !ss->recvdCloseNotify) {
+ ss->firstHsDone) {
(void)SSL3_SendAlert(ss, alert_warning, close_notify);
}
@@ -936,6 +917,25 @@ ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
firstClientWrite = ss->ssl3.hs.ws == idle_handshake;
ssl_ReleaseSSL3HandshakeLock(ss);
}
+ /* Allow the server to send 0.5 RTT data in TLS 1.3. Requesting a
+ * certificate implies that the server might condition its sending on
+ * client authentication, so force servers that do that to wait.
+ *
+ * What might not be obvious here is that this allows 0.5 RTT when doing
+ * PSK-based resumption. As a result, 0.5 RTT is always enabled when
+ * early data is accepted.
+ *
+ * This check might be more conservative than absolutely necessary.
+ * It's possible that allowing 0.5 RTT data when the server requests,
+ * but does not require client authentication is safe because we can
+ * expect the server to check for a client certificate properly. */
+ if (ss->sec.isServer &&
+ ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
+ !tls13_ShouldRequestClientAuth(ss)) {
+ ssl_GetSSL3HandshakeLock(ss);
+ allowEarlySend = TLS13_IN_HS_STATE(ss, wait_finished);
+ ssl_ReleaseSSL3HandshakeLock(ss);
+ }
if (!allowEarlySend && ss->handshake) {
rv = ssl_Do1stHandshake(ss);
}
@@ -971,7 +971,7 @@ ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
* 1-RTT later.
*/
ssl_GetSpecReadLock(ss);
- len = tls13_LimitEarlyData(ss, content_application_data, len);
+ len = tls13_LimitEarlyData(ss, ssl_ct_application_data, len);
ssl_ReleaseSpecReadLock(ss);
}
diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c
index 33595ffae..ae904e29b 100644
--- a/security/nss/lib/ssl/sslsock.c
+++ b/security/nss/lib/ssl/sslsock.c
@@ -18,6 +18,8 @@
#include "private/pprio.h"
#include "nss.h"
#include "pk11pqg.h"
+#include "pk11pub.h"
+#include "tls13esni.h"
static const sslSocketOps ssl_default_ops = { /* No SSL. */
ssl_DefConnect,
@@ -82,7 +84,9 @@ static sslOptions ssl_defaults = {
.requireDHENamedGroups = PR_FALSE,
.enable0RttData = PR_FALSE,
.enableTls13CompatMode = PR_FALSE,
- .enableDtlsShortHeader = PR_FALSE
+ .enableDtlsShortHeader = PR_FALSE,
+ .enableHelloDowngradeCheck = PR_FALSE,
+ .enableV2CompatibleHello = PR_FALSE
};
/*
@@ -359,6 +363,13 @@ ssl_DupSocket(sslSocket *os)
ss->resumptionTokenCallback = os->resumptionTokenCallback;
ss->resumptionTokenContext = os->resumptionTokenContext;
+ if (os->esniKeys) {
+ ss->esniKeys = tls13_CopyESNIKeys(os->esniKeys);
+ if (!ss->esniKeys) {
+ goto loser;
+ }
+ }
+
/* Create security data */
rv = ssl_CopySecurityInfo(ss, os);
if (rv != SECSuccess) {
@@ -444,6 +455,8 @@ ssl_DestroySocketContents(sslSocket *ss)
ssl_ClearPRCList(&ss->ssl3.hs.dtlsSentHandshake, NULL);
ssl_ClearPRCList(&ss->ssl3.hs.dtlsRcvdHandshake, NULL);
+
+ tls13_DestroyESNIKeys(ss->esniKeys);
}
/*
@@ -821,6 +834,14 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRIntn val)
ss->opt.enableDtlsShortHeader = val;
break;
+ case SSL_ENABLE_HELLO_DOWNGRADE_CHECK:
+ ss->opt.enableHelloDowngradeCheck = val;
+ break;
+
+ case SSL_ENABLE_V2_COMPATIBLE_HELLO:
+ ss->opt.enableV2CompatibleHello = val;
+ break;
+
default:
PORT_SetError(SEC_ERROR_INVALID_ARGS);
rv = SECFailure;
@@ -963,6 +984,12 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRIntn *pVal)
case SSL_ENABLE_DTLS_SHORT_HEADER:
val = ss->opt.enableDtlsShortHeader;
break;
+ case SSL_ENABLE_HELLO_DOWNGRADE_CHECK:
+ val = ss->opt.enableHelloDowngradeCheck;
+ break;
+ case SSL_ENABLE_V2_COMPATIBLE_HELLO:
+ val = ss->opt.enableV2CompatibleHello;
+ break;
default:
PORT_SetError(SEC_ERROR_INVALID_ARGS);
rv = SECFailure;
@@ -1089,6 +1116,12 @@ SSL_OptionGetDefault(PRInt32 which, PRIntn *pVal)
case SSL_ENABLE_DTLS_SHORT_HEADER:
val = ssl_defaults.enableDtlsShortHeader;
break;
+ case SSL_ENABLE_HELLO_DOWNGRADE_CHECK:
+ val = ssl_defaults.enableHelloDowngradeCheck;
+ break;
+ case SSL_ENABLE_V2_COMPATIBLE_HELLO:
+ val = ssl_defaults.enableV2CompatibleHello;
+ break;
default:
PORT_SetError(SEC_ERROR_INVALID_ARGS);
rv = SECFailure;
@@ -1284,6 +1317,14 @@ SSL_OptionSetDefault(PRInt32 which, PRIntn val)
ssl_defaults.enableDtlsShortHeader = val;
break;
+ case SSL_ENABLE_HELLO_DOWNGRADE_CHECK:
+ ssl_defaults.enableHelloDowngradeCheck = val;
+ break;
+
+ case SSL_ENABLE_V2_COMPATIBLE_HELLO:
+ ssl_defaults.enableV2CompatibleHello = val;
+ break;
+
default:
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
@@ -3742,6 +3783,10 @@ ssl_GetKeyPairRef(sslKeyPair *keyPair)
void
ssl_FreeKeyPair(sslKeyPair *keyPair)
{
+ if (!keyPair) {
+ return;
+ }
+
PRInt32 newCount = PR_ATOMIC_DECREMENT(&keyPair->refCount);
if (!newCount) {
SECKEY_DestroyPrivateKey(keyPair->privKey);
@@ -3801,6 +3846,10 @@ ssl_CopyEphemeralKeyPair(sslEphemeralKeyPair *keyPair)
void
ssl_FreeEphemeralKeyPair(sslEphemeralKeyPair *keyPair)
{
+ if (!keyPair) {
+ return;
+ }
+
ssl_FreeKeyPair(keyPair->keys);
PR_REMOVE_LINK(&keyPair->link);
PORT_Free(keyPair);
@@ -3908,6 +3957,8 @@ ssl_NewSocket(PRBool makeLocks, SSLProtocolVariant protocolVariant)
PR_INIT_CLIST(&ss->ssl3.hs.dtlsRcvdHandshake);
dtls_InitTimers(ss);
+ ss->esniKeys = NULL;
+
if (makeLocks) {
rv = ssl_MakeLocks(ss);
if (rv != SECSuccess)
@@ -3984,6 +4035,9 @@ struct {
EXP(SetResumptionToken),
EXP(GetResumptionTokenInfo),
EXP(DestroyResumptionTokenInfo),
+ EXP(SetESNIKeyPair),
+ EXP(EncodeESNIKeys),
+ EXP(EnableESNI),
#endif
{ "", NULL }
};
@@ -4049,6 +4103,7 @@ SSLExp_SetResumptionToken(PRFileDesc *fd, const PRUint8 *token,
unsigned int len)
{
sslSocket *ss = ssl_FindSocket(fd);
+ sslSessionID *sid = NULL;
if (!ss) {
SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetResumptionToken",
@@ -4062,7 +4117,7 @@ SSLExp_SetResumptionToken(PRFileDesc *fd, const PRUint8 *token,
if (ss->firstHsDone || ss->ssl3.hs.ws != idle_handshake ||
ss->sec.isServer || len == 0 || !token) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto done;
+ goto loser;
}
// We override any previously set session.
@@ -4073,41 +4128,44 @@ SSLExp_SetResumptionToken(PRFileDesc *fd, const PRUint8 *token,
PRINT_BUF(50, (ss, "incoming resumption token", token, len));
- ss->sec.ci.sid = ssl3_NewSessionID(ss, PR_FALSE);
- if (!ss->sec.ci.sid) {
- goto done;
+ sid = ssl3_NewSessionID(ss, PR_FALSE);
+ if (!sid) {
+ goto loser;
}
/* Populate NewSessionTicket values */
- SECStatus rv = ssl_DecodeResumptionToken(ss->sec.ci.sid, token, len);
+ SECStatus rv = ssl_DecodeResumptionToken(sid, token, len);
if (rv != SECSuccess) {
// If decoding fails, we assume the token is bad.
PORT_SetError(SSL_ERROR_BAD_RESUMPTION_TOKEN_ERROR);
- ssl_FreeSID(ss->sec.ci.sid);
- ss->sec.ci.sid = NULL;
- goto done;
+ goto loser;
}
- // Make sure that the token is valid.
- if (!ssl_IsResumptionTokenValid(ss)) {
- ssl_FreeSID(ss->sec.ci.sid);
- ss->sec.ci.sid = NULL;
+ // Make sure that the token is currently usable.
+ if (!ssl_IsResumptionTokenUsable(ss, sid)) {
PORT_SetError(SSL_ERROR_BAD_RESUMPTION_TOKEN_ERROR);
- goto done;
+ goto loser;
}
+ // Generate a new random session ID for this ticket.
+ rv = PK11_GenerateRandom(sid->u.ssl3.sessionID, SSL3_SESSIONID_BYTES);
+ if (rv != SECSuccess) {
+ goto loser; // Code set by PK11_GenerateRandom.
+ }
+ sid->u.ssl3.sessionIDLength = SSL3_SESSIONID_BYTES;
/* Use the sid->cached as marker that this is from an external cache and
* we don't have to look up anything in the NSS internal cache. */
- ss->sec.ci.sid->cached = in_external_cache;
- // This has to be 2 to not free this in sendClientHello.
- ss->sec.ci.sid->references = 2;
- ss->sec.ci.sid->lastAccessTime = ssl_TimeSec();
+ sid->cached = in_external_cache;
+ sid->lastAccessTime = ssl_TimeSec();
+
+ ss->sec.ci.sid = sid;
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
return SECSuccess;
-done:
+loser:
+ ssl_FreeSID(sid);
ssl_ReleaseSSL3HandshakeLock(ss);
ssl_Release1stHandshakeLock(ss);
@@ -4164,6 +4222,7 @@ SSLExp_GetResumptionTokenInfo(const PRUint8 *tokenData, unsigned int tokenLen,
} else {
token.maxEarlyDataSize = 0;
}
+ token.expirationTime = sid.expirationTime;
token.length = PR_MIN(sizeof(SSLResumptionTokenInfo), len);
PORT_Memcpy(tokenOut, &token, token.length);
diff --git a/security/nss/lib/ssl/sslspec.c b/security/nss/lib/ssl/sslspec.c
index 7833eeab6..f2e72a4ec 100644
--- a/security/nss/lib/ssl/sslspec.c
+++ b/security/nss/lib/ssl/sslspec.c
@@ -203,7 +203,7 @@ ssl_CipherSpecAddRef(ssl3CipherSpec *spec)
SSL_GETPID(), SPEC_DIR(spec), spec, spec->refCt));
}
-static void
+void
ssl_DestroyKeyMaterial(ssl3KeyMaterial *keyMaterial)
{
PK11_FreeSymKey(keyMaterial->key);
diff --git a/security/nss/lib/ssl/sslt.h b/security/nss/lib/ssl/sslt.h
index bb1bec7a3..bd32a6e18 100644
--- a/security/nss/lib/ssl/sslt.h
+++ b/security/nss/lib/ssl/sslt.h
@@ -35,6 +35,14 @@ typedef enum {
ssl_hs_message_hash = 254, /* Not a real message. */
} SSLHandshakeType;
+typedef enum {
+ ssl_ct_change_cipher_spec = 20,
+ ssl_ct_alert = 21,
+ ssl_ct_handshake = 22,
+ ssl_ct_application_data = 23,
+ ssl_ct_ack = 25
+} SSLContentType;
+
typedef struct SSL3StatisticsStr {
/* statistics from ssl3_SendClientHello (sch) */
long sch_sid_cache_hits;
@@ -446,7 +454,8 @@ typedef enum {
ssl_tls13_key_share_xtn = 51,
ssl_next_proto_nego_xtn = 13172, /* Deprecated. */
ssl_renegotiation_info_xtn = 0xff01,
- ssl_tls13_short_header_xtn = 0xff03 /* Deprecated. */
+ ssl_tls13_short_header_xtn = 0xff03, /* Deprecated. */
+ ssl_tls13_encrypted_sni_xtn = 0xffce,
} SSLExtensionType;
/* This is the old name for the supported_groups extensions. */
diff --git a/security/nss/lib/ssl/tls13con.c b/security/nss/lib/ssl/tls13con.c
index 4d9170fb0..461cd2eb9 100644
--- a/security/nss/lib/ssl/tls13con.c
+++ b/security/nss/lib/ssl/tls13con.c
@@ -21,6 +21,7 @@
#include "tls13hkdf.h"
#include "tls13con.h"
#include "tls13err.h"
+#include "tls13esni.h"
#include "tls13exthandle.h"
#include "tls13hashstate.h"
@@ -117,6 +118,7 @@ const char kHkdfLabelFinishedSecret[] = "finished";
const char kHkdfLabelResumptionMasterSecret[] = "res master";
const char kHkdfLabelExporterMasterSecret[] = "exp master";
const char kHkdfLabelResumption[] = "resumption";
+const char kHkdfLabelTrafficUpdate[] = "traffic upd";
const char kHkdfPurposeKey[] = "key";
const char kHkdfPurposeIv[] = "iv";
@@ -132,21 +134,6 @@ const char keylogLabelExporterSecret[] = "EXPORTER_SECRET";
PR_STATIC_ASSERT(SSL_LIBRARY_VERSION_MAX_SUPPORTED <=
SSL_LIBRARY_VERSION_TLS_1_3);
-/* Use this instead of FATAL_ERROR when no alert shall be sent. */
-#define LOG_ERROR(ss, prError) \
- do { \
- SSL_TRC(3, ("%d: TLS13[%d]: fatal error %d in %s (%s:%d)", \
- SSL_GETPID(), ss->fd, prError, __func__, __FILE__, __LINE__)); \
- PORT_SetError(prError); \
- } while (0)
-
-/* Log an error and generate an alert because something is irreparably wrong. */
-#define FATAL_ERROR(ss, prError, desc) \
- do { \
- LOG_ERROR(ss, prError); \
- tls13_FatalError(ss, prError, desc); \
- } while (0)
-
void
tls13_FatalError(sslSocket *ss, PRErrorCode prError, SSL3AlertDescription desc)
{
@@ -354,16 +341,16 @@ tls13_ComputeHash(sslSocket *ss, SSL3Hashes *hashes,
}
SECStatus
-tls13_CreateKeyShare(sslSocket *ss, const sslNamedGroupDef *groupDef)
+tls13_CreateKeyShare(sslSocket *ss, const sslNamedGroupDef *groupDef,
+ sslEphemeralKeyPair **keyPair)
{
SECStatus rv;
- sslEphemeralKeyPair *keyPair = NULL;
const ssl3DHParams *params;
PORT_Assert(groupDef);
switch (groupDef->keaType) {
case ssl_kea_ecdh:
- rv = ssl_CreateECDHEphemeralKeyPair(ss, groupDef, &keyPair);
+ rv = ssl_CreateECDHEphemeralKeyPair(ss, groupDef, keyPair);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -371,7 +358,7 @@ tls13_CreateKeyShare(sslSocket *ss, const sslNamedGroupDef *groupDef)
case ssl_kea_dh:
params = ssl_GetDHEParams(groupDef);
PORT_Assert(params->name != ssl_grp_ffdhe_custom);
- rv = ssl_CreateDHEKeyPair(groupDef, params, &keyPair);
+ rv = ssl_CreateDHEKeyPair(groupDef, params, keyPair);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -382,10 +369,23 @@ tls13_CreateKeyShare(sslSocket *ss, const sslNamedGroupDef *groupDef)
return SECFailure;
}
- PR_APPEND_LINK(&keyPair->link, &ss->ephemeralKeyPairs);
return rv;
}
+SECStatus
+tls13_AddKeyShare(sslSocket *ss, const sslNamedGroupDef *groupDef)
+{
+ sslEphemeralKeyPair *keyPair = NULL;
+ SECStatus rv;
+
+ rv = tls13_CreateKeyShare(ss, groupDef, &keyPair);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ PR_APPEND_LINK(&keyPair->link, &ss->ephemeralKeyPairs);
+ return SECSuccess;
+}
+
SECStatus
SSL_SendAdditionalKeyShares(PRFileDesc *fd, unsigned int count)
{
@@ -413,20 +413,26 @@ tls13_SetupClientHello(sslSocket *ss)
NewSessionTicket *session_ticket = NULL;
sslSessionID *sid = ss->sec.ci.sid;
unsigned int numShares = 0;
+ SECStatus rv;
PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
PORT_Assert(PR_CLIST_IS_EMPTY(&ss->ephemeralKeyPairs));
+ /* Do encrypted SNI. This may create a key share as a side effect. */
+ rv = tls13_ClientSetupESNI(ss);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
/* Select the first enabled group.
* TODO(ekr@rtfm.com): be smarter about offering the group
* that the other side negotiated if we are resuming. */
for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
- SECStatus rv;
if (!ss->namedGroupPreferences[i]) {
continue;
}
- rv = tls13_CreateKeyShare(ss, ss->namedGroupPreferences[i]);
+ rv = tls13_AddKeyShare(ss, ss->namedGroupPreferences[i]);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -455,8 +461,6 @@ tls13_SetupClientHello(sslSocket *ss)
}
if (ss->statelessResume) {
- SECStatus rv;
-
PORT_Assert(ss->sec.ci.sid);
rv = tls13_RecoverWrappedSharedSecret(ss, ss->sec.ci.sid);
if (rv != SECSuccess) {
@@ -486,7 +490,7 @@ tls13_SetupClientHello(sslSocket *ss)
}
static SECStatus
-tls13_ImportDHEKeyShare(sslSocket *ss, SECKEYPublicKey *peerKey,
+tls13_ImportDHEKeyShare(SECKEYPublicKey *peerKey,
PRUint8 *b, PRUint32 length,
SECKEYPublicKey *pubKey)
{
@@ -517,16 +521,20 @@ tls13_ImportDHEKeyShare(sslSocket *ss, SECKEYPublicKey *peerKey,
return SECSuccess;
}
-static SECStatus
+SECStatus
tls13_HandleKeyShare(sslSocket *ss,
TLS13KeyShareEntry *entry,
- sslKeyPair *keyPair)
+ sslKeyPair *keyPair,
+ SSLHashType hash,
+ PK11SymKey **out)
{
PORTCheapArenaPool arena;
SECKEYPublicKey *peerKey;
CK_MECHANISM_TYPE mechanism;
PRErrorCode errorCode;
+ PK11SymKey *key;
SECStatus rv;
+ int keySize = 0;
PORT_InitCheapArena(&arena, DER_DEFAULT_CHUNKSIZE);
peerKey = PORT_ArenaZNew(&arena.arena, SECKEYPublicKey);
@@ -539,18 +547,19 @@ tls13_HandleKeyShare(sslSocket *ss,
switch (entry->group->keaType) {
case ssl_kea_ecdh:
- rv = ssl_ImportECDHKeyShare(ss, peerKey,
+ rv = ssl_ImportECDHKeyShare(peerKey,
entry->key_exchange.data,
entry->key_exchange.len,
entry->group);
mechanism = CKM_ECDH1_DERIVE;
break;
case ssl_kea_dh:
- rv = tls13_ImportDHEKeyShare(ss, peerKey,
+ rv = tls13_ImportDHEKeyShare(peerKey,
entry->key_exchange.data,
entry->key_exchange.len,
keyPair->pubKey);
mechanism = CKM_DH_PKCS_DERIVE;
+ keySize = peerKey->u.dh.publicValue.len;
break;
default:
PORT_Assert(0);
@@ -560,13 +569,14 @@ tls13_HandleKeyShare(sslSocket *ss,
goto loser;
}
- ss->ssl3.hs.dheSecret = PK11_PubDeriveWithKDF(
+ key = PK11_PubDeriveWithKDF(
keyPair->privKey, peerKey, PR_FALSE, NULL, NULL, mechanism,
- tls13_GetHkdfMechanism(ss), CKA_DERIVE, 0, CKD_NULL, NULL, NULL);
- if (!ss->ssl3.hs.dheSecret) {
+ tls13_GetHkdfMechanismForHash(hash), CKA_DERIVE, keySize, CKD_NULL, NULL, NULL);
+ if (!key) {
ssl_MapLowLevelError(SSL_ERROR_KEY_EXCHANGE_FAILURE);
goto loser;
}
+ *out = key;
PORT_DestroyCheapArena(&arena);
return SECSuccess;
@@ -603,8 +613,8 @@ tls13_UpdateTrafficKeys(sslSocket *ss, CipherSpecDirection direction)
secret = tls13_TrafficSecretRef(ss, direction);
rv = tls13_HkdfExpandLabel(*secret, tls13_GetHash(ss),
NULL, 0,
- kHkdfLabelApplicationTrafficSecret,
- strlen(kHkdfLabelApplicationTrafficSecret),
+ kHkdfLabelTrafficUpdate,
+ strlen(kHkdfLabelTrafficUpdate),
tls13_GetHmacMechanism(ss),
tls13_GetHashSize(ss),
&updatedSecret);
@@ -1417,30 +1427,6 @@ tls13_NegotiateKeyExchange(sslSocket *ss,
return SECSuccess;
}
-SSLAuthType
-ssl_SignatureSchemeToAuthType(SSLSignatureScheme scheme)
-{
- switch (scheme) {
- case ssl_sig_rsa_pkcs1_sha1:
- case ssl_sig_rsa_pkcs1_sha256:
- case ssl_sig_rsa_pkcs1_sha384:
- case ssl_sig_rsa_pkcs1_sha512:
- /* We report PSS signatures as being just RSA signatures. */
- case ssl_sig_rsa_pss_rsae_sha256:
- case ssl_sig_rsa_pss_rsae_sha384:
- case ssl_sig_rsa_pss_rsae_sha512:
- return ssl_auth_rsa_sign;
- case ssl_sig_ecdsa_secp256r1_sha256:
- case ssl_sig_ecdsa_secp384r1_sha384:
- case ssl_sig_ecdsa_secp521r1_sha512:
- case ssl_sig_ecdsa_sha1:
- return ssl_auth_ecdsa;
- default:
- PORT_Assert(0);
- }
- return ssl_auth_null;
-}
-
SECStatus
tls13_SelectServerCert(sslSocket *ss)
{
@@ -1469,6 +1455,7 @@ tls13_SelectServerCert(sslSocket *ss)
}
rv = ssl_PickSignatureScheme(ss,
+ cert->serverCert,
cert->serverKeyPair->pubKey,
cert->serverKeyPair->privKey,
ss->xtnData.sigSchemes,
@@ -2047,7 +2034,7 @@ tls13_HandleClientKeyShare(sslSocket *ss, TLS13KeyShareEntry *peerShare)
tls13_SetKeyExchangeType(ss, peerShare->group);
/* Generate our key */
- rv = tls13_CreateKeyShare(ss, peerShare->group);
+ rv = tls13_AddKeyShare(ss, peerShare->group);
if (rv != SECSuccess) {
return rv;
}
@@ -2067,7 +2054,9 @@ tls13_HandleClientKeyShare(sslSocket *ss, TLS13KeyShareEntry *peerShare)
return SECFailure; /* Error code set already. */
}
- rv = tls13_HandleKeyShare(ss, peerShare, keyPair->keys);
+ rv = tls13_HandleKeyShare(ss, peerShare, keyPair->keys,
+ tls13_GetHash(ss),
+ &ss->ssl3.hs.dheSecret);
return rv; /* Error code set already. */
}
@@ -2334,6 +2323,13 @@ tls13_HandleCertificateRequest(sslSocket *ss, PRUint8 *b, PRUint32 length)
return SECSuccess;
}
+PRBool
+tls13_ShouldRequestClientAuth(sslSocket *ss)
+{
+ return ss->opt.requestCertificate &&
+ ss->ssl3.hs.kea_def->authKeyType != ssl_auth_psk;
+}
+
static SECStatus
tls13_SendEncryptedServerSequence(sslSocket *ss)
{
@@ -2365,7 +2361,7 @@ tls13_SendEncryptedServerSequence(sslSocket *ss)
return SECFailure; /* error code is set. */
}
- if (ss->opt.requestCertificate) {
+ if (tls13_ShouldRequestClientAuth(ss)) {
rv = tls13_SendCertificateRequest(ss);
if (rv != SECSuccess) {
return SECFailure; /* error code is set. */
@@ -2484,9 +2480,11 @@ tls13_SendServerHelloSequence(sslSocket *ss)
LOG_ERROR(ss, SEC_ERROR_LIBRARY_FAILURE);
return SECFailure;
}
- TLS13_SET_HS_STATE(ss,
- ss->opt.requestCertificate ? wait_client_cert
- : wait_finished);
+ if (tls13_ShouldRequestClientAuth(ss)) {
+ TLS13_SET_HS_STATE(ss, wait_client_cert);
+ } else {
+ TLS13_SET_HS_STATE(ss, wait_finished);
+ }
}
ss->ssl3.hs.serverHelloTime = ssl_TimeUsec();
@@ -2512,6 +2510,7 @@ tls13_HandleServerHelloPart2(sslSocket *ss)
}
if (ss->statelessResume) {
+ PORT_Assert(sid->version >= SSL_LIBRARY_VERSION_TLS_1_3);
if (tls13_GetHash(ss) !=
tls13_GetHashForCipherSuite(sid->u.ssl3.cipherSuite)) {
FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_SERVER_HELLO,
@@ -2657,7 +2656,9 @@ tls13_HandleServerKeyShare(sslSocket *ss)
PORT_Assert(ssl_NamedGroupEnabled(ss, entry->group));
- rv = tls13_HandleKeyShare(ss, entry, keyPair->keys);
+ rv = tls13_HandleKeyShare(ss, entry, keyPair->keys,
+ tls13_GetHash(ss),
+ &ss->ssl3.hs.dheSecret);
if (rv != SECSuccess)
return SECFailure; /* Error code set by caller. */
@@ -3213,6 +3214,21 @@ tls13_SetSpecRecordVersion(sslSocket *ss, ssl3CipherSpec *spec)
SSL_GETPID(), ss->fd, spec, spec->recordVersion));
}
+SSLAEADCipher
+tls13_GetAead(const ssl3BulkCipherDef *cipherDef)
+{
+ switch (cipherDef->calg) {
+ case ssl_calg_aes_gcm:
+ return tls13_AESGCM;
+ case ssl_calg_chacha20:
+ return tls13_ChaCha20Poly1305;
+ default:
+ PORT_Assert(PR_FALSE);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return NULL;
+ }
+}
+
static SECStatus
tls13_SetupPendingCipherSpec(sslSocket *ss, ssl3CipherSpec *spec)
{
@@ -3236,16 +3252,9 @@ tls13_SetupPendingCipherSpec(sslSocket *ss, ssl3CipherSpec *spec)
SSL_GETPID(), ss->fd, suite));
spec->cipherDef = ssl_GetBulkCipherDef(ssl_LookupCipherSuiteDef(suite));
- switch (spec->cipherDef->calg) {
- case ssl_calg_aes_gcm:
- spec->aead = tls13_AESGCM;
- break;
- case ssl_calg_chacha20:
- spec->aead = tls13_ChaCha20Poly1305;
- break;
- default:
- PORT_Assert(0);
- return SECFailure;
+ spec->aead = tls13_GetAead(spec->cipherDef);
+ if (!spec->aead) {
+ return SECFailure;
}
if (spec->epoch == TrafficKeyEarlyApplicationData) {
@@ -3427,9 +3436,31 @@ loser:
return SECFailure;
}
+TLS13KeyShareEntry *
+tls13_CopyKeyShareEntry(TLS13KeyShareEntry *o)
+{
+ TLS13KeyShareEntry *n;
+
+ PORT_Assert(o);
+ n = PORT_ZNew(TLS13KeyShareEntry);
+ if (!n) {
+ return NULL;
+ }
+
+ if (SECSuccess != SECITEM_CopyItem(NULL, &n->key_exchange, &o->key_exchange)) {
+ PORT_Free(n);
+ return NULL;
+ }
+ n->group = o->group;
+ return n;
+}
+
void
tls13_DestroyKeyShareEntry(TLS13KeyShareEntry *offer)
{
+ if (!offer) {
+ return;
+ }
SECITEM_ZfreeItem(&offer->key_exchange, PR_FALSE);
PORT_ZFree(offer, sizeof(*offer));
}
@@ -3550,7 +3581,7 @@ tls13_AESGCM(ssl3KeyMaterial *keys,
CK_GCM_PARAMS gcmParams;
unsigned char nonce[12];
- PORT_Assert(additionalDataLen > 8);
+ PORT_Assert(additionalDataLen >= 8);
memset(&gcmParams, 0, sizeof(gcmParams));
gcmParams.pIv = nonce;
gcmParams.ulIvLen = sizeof(nonce);
@@ -3627,7 +3658,23 @@ tls13_HandleEncryptedExtensions(sslSocket *ss, PRUint8 *b, PRUint32 length)
ss->xtnData.nextProto.data = NULL;
ss->xtnData.nextProtoState = SSL_NEXT_PROTO_NO_SUPPORT;
}
- rv = ssl3_HandleExtensions(ss, &b, &length, ssl_hs_encrypted_extensions);
+
+ rv = ssl3_ParseExtensions(ss, &b, &length);
+ if (rv != SECSuccess) {
+ return SECFailure; /* Error code set below */
+ }
+
+ /* If we sent ESNI, check the nonce. */
+ if (ss->xtnData.esniPrivateKey) {
+ PORT_Assert(ssl3_ExtensionAdvertised(ss, ssl_tls13_encrypted_sni_xtn));
+ rv = tls13_ClientCheckEsniXtn(ss);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+
+ /* Handle the rest of the extensions. */
+ rv = ssl3_HandleParsedExtensions(ss, ssl_hs_encrypted_extensions);
if (rv != SECSuccess) {
return SECFailure; /* Error code set below */
}
@@ -4025,6 +4072,7 @@ tls13_ComputeFinished(sslSocket *ss, PK11SymKey *baseKey,
PK11_FreeSymKey(secret);
PK11_DestroyContext(hmacCtx, PR_TRUE);
+ PRINT_BUF(50, (ss, "finished value", output, outputLenUint));
return SECSuccess;
abort:
@@ -4189,7 +4237,7 @@ tls13_ServerHandleFinished(sslSocket *ss, PRUint8 *b, PRUint32 length)
return SECFailure;
}
- if (!ss->opt.requestCertificate &&
+ if (!tls13_ShouldRequestClientAuth(ss) &&
(ss->ssl3.hs.zeroRttState != ssl_0rtt_done)) {
dtls_ReceivedFirstMessageInFlight(ss);
}
@@ -4679,7 +4727,8 @@ tls13_HandleNewSessionTicket(sslSocket *ss, PRUint8 *b, PRUint32 length)
/* Replace a previous session ticket when
* we receive a second NewSessionTicket message. */
- if (ss->sec.ci.sid->cached == in_client_cache) {
+ if (ss->sec.ci.sid->cached == in_client_cache ||
+ ss->sec.ci.sid->cached == in_external_cache) {
/* Create a new session ID. */
sslSessionID *sid = ssl3_NewSessionID(ss, PR_FALSE);
if (!sid) {
@@ -4758,7 +4807,8 @@ static const struct {
{ ssl_tls13_certificate_authorities_xtn, _M1(certificate_request) },
{ ssl_tls13_supported_versions_xtn, _M3(client_hello, server_hello,
hello_retry_request) },
- { ssl_record_size_limit_xtn, _M2(client_hello, encrypted_extensions) }
+ { ssl_record_size_limit_xtn, _M2(client_hello, encrypted_extensions) },
+ { ssl_tls13_encrypted_sni_xtn, _M2(client_hello, encrypted_extensions) }
};
tls13ExtensionStatus
@@ -4834,11 +4884,11 @@ tls13_FormatAdditionalData(
}
PRInt32
-tls13_LimitEarlyData(sslSocket *ss, SSL3ContentType type, PRInt32 toSend)
+tls13_LimitEarlyData(sslSocket *ss, SSLContentType type, PRInt32 toSend)
{
PRInt32 reduced;
- PORT_Assert(type == content_application_data);
+ PORT_Assert(type == ssl_ct_application_data);
PORT_Assert(ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_3);
PORT_Assert(!ss->firstHsDone);
if (ss->ssl3.cwSpec->epoch != TrafficKeyEarlyApplicationData) {
@@ -4858,7 +4908,7 @@ tls13_LimitEarlyData(sslSocket *ss, SSL3ContentType type, PRInt32 toSend)
SECStatus
tls13_ProtectRecord(sslSocket *ss,
ssl3CipherSpec *cwSpec,
- SSL3ContentType type,
+ SSLContentType type,
const PRUint8 *pIn,
PRUint32 contentLen,
sslBuffer *wrBuf)
@@ -4899,7 +4949,7 @@ tls13_ProtectRecord(sslSocket *ss,
*(SSL_BUFFER_NEXT(wrBuf) + contentLen) = type;
/* Create the header (ugly that we have to do it twice). */
- rv = ssl_InsertRecordHeader(ss, cwSpec, content_application_data,
+ rv = ssl_InsertRecordHeader(ss, cwSpec, ssl_ct_application_data,
&buf, &needsLength);
if (rv != SECSuccess) {
return SECFailure;
@@ -4951,7 +5001,7 @@ tls13_UnprotectRecord(sslSocket *ss,
ssl3CipherSpec *spec,
SSL3Ciphertext *cText,
sslBuffer *plaintext,
- SSL3ContentType *innerType,
+ SSLContentType *innerType,
SSL3AlertDescription *alert)
{
const ssl3BulkCipherDef *cipher_def = spec->cipherDef;
@@ -4966,26 +5016,26 @@ tls13_UnprotectRecord(sslSocket *ss,
SSL_GETPID(), ss->fd, spec, spec->epoch, spec->phase,
cText->seqNum, cText->buf->len));
- /* We can perform this test in variable time because the record's total
- * length and the ciphersuite are both public knowledge. */
- if (cText->buf->len < cipher_def->tag_size) {
- SSL_TRC(3,
- ("%d: TLS13[%d]: record too short to contain valid AEAD data",
- SSL_GETPID(), ss->fd));
- PORT_SetError(SSL_ERROR_BAD_MAC_READ);
- return SECFailure;
- }
-
/* Verify that the content type is right, even though we overwrite it.
* Also allow the DTLS short header in TLS 1.3. */
- if (!(cText->hdr[0] == content_application_data ||
+ if (!(cText->hdr[0] == ssl_ct_application_data ||
(IS_DTLS(ss) &&
ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 &&
(cText->hdr[0] & 0xe0) == 0x20))) {
SSL_TRC(3,
("%d: TLS13[%d]: record has invalid exterior type=%2.2x",
SSL_GETPID(), ss->fd, cText->hdr[0]));
- /* Do we need a better error here? */
+ PORT_SetError(SSL_ERROR_RX_UNEXPECTED_RECORD_TYPE);
+ *alert = unexpected_message;
+ return SECFailure;
+ }
+
+ /* We can perform this test in variable time because the record's total
+ * length and the ciphersuite are both public knowledge. */
+ if (cText->buf->len < cipher_def->tag_size) {
+ SSL_TRC(3,
+ ("%d: TLS13[%d]: record too short to contain valid AEAD data",
+ SSL_GETPID(), ss->fd));
PORT_SetError(SSL_ERROR_BAD_MAC_READ);
return SECFailure;
}
@@ -5054,12 +5104,12 @@ tls13_UnprotectRecord(sslSocket *ss,
}
/* Record the type. */
- *innerType = (SSL3ContentType)plaintext->buf[plaintext->len - 1];
+ *innerType = (SSLContentType)plaintext->buf[plaintext->len - 1];
--plaintext->len;
/* Check that we haven't received too much 0-RTT data. */
if (spec->epoch == TrafficKeyEarlyApplicationData &&
- *innerType == content_application_data) {
+ *innerType == ssl_ct_application_data) {
if (plaintext->len > spec->earlyDataRemaining) {
*alert = unexpected_message;
PORT_SetError(SSL_ERROR_TOO_MUCH_EARLY_DATA);
@@ -5242,9 +5292,11 @@ tls13_HandleEndOfEarlyData(sslSocket *ss, PRUint8 *b, PRUint32 length)
}
ss->ssl3.hs.zeroRttState = ssl_0rtt_done;
- TLS13_SET_HS_STATE(ss,
- ss->opt.requestCertificate ? wait_client_cert
- : wait_finished);
+ if (tls13_ShouldRequestClientAuth(ss)) {
+ TLS13_SET_HS_STATE(ss, wait_client_cert);
+ } else {
+ TLS13_SET_HS_STATE(ss, wait_finished);
+ }
return SECSuccess;
}
@@ -5283,11 +5335,12 @@ tls13_HandleEarlyApplicationData(sslSocket *ss, sslBuffer *origBuf)
}
PRUint16
-tls13_EncodeDraftVersion(SSL3ProtocolVersion version)
+tls13_EncodeDraftVersion(SSL3ProtocolVersion version, SSLProtocolVariant variant)
{
-#ifdef TLS_1_3_DRAFT_VERSION
- if (version == SSL_LIBRARY_VERSION_TLS_1_3) {
- return 0x7f00 | TLS_1_3_DRAFT_VERSION;
+#ifdef DTLS_1_3_DRAFT_VERSION
+ if (version == SSL_LIBRARY_VERSION_TLS_1_3 &&
+ variant == ssl_variant_datagram) {
+ return 0x7f00 | DTLS_1_3_DRAFT_VERSION;
}
#endif
return (PRUint16)version;
@@ -5297,7 +5350,6 @@ SECStatus
tls13_ClientReadSupportedVersion(sslSocket *ss)
{
PRUint32 temp;
- SSL3ProtocolVersion v;
TLSExtension *versionExtension;
SECItem it;
SECStatus rv;
@@ -5319,29 +5371,15 @@ tls13_ClientReadSupportedVersion(sslSocket *ss)
FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_SERVER_HELLO, illegal_parameter);
return SECFailure;
}
- v = (SSL3ProtocolVersion)temp;
- /* You cannot negotiate < TLS 1.3 with supported_versions. */
- if (v < SSL_LIBRARY_VERSION_TLS_1_3) {
+ if (temp != tls13_EncodeDraftVersion(SSL_LIBRARY_VERSION_TLS_1_3,
+ ss->protocolVariant)) {
+ /* You cannot negotiate < TLS 1.3 with supported_versions. */
FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_SERVER_HELLO, illegal_parameter);
return SECFailure;
}
-#ifdef TLS_1_3_DRAFT_VERSION
- if (temp == SSL_LIBRARY_VERSION_TLS_1_3) {
- FATAL_ERROR(ss, SSL_ERROR_UNSUPPORTED_VERSION, protocol_version);
- return SECFailure;
- }
- if (temp == tls13_EncodeDraftVersion(SSL_LIBRARY_VERSION_TLS_1_3)) {
- v = SSL_LIBRARY_VERSION_TLS_1_3;
- } else {
- v = (SSL3ProtocolVersion)temp;
- }
-#else
- v = (SSL3ProtocolVersion)temp;
-#endif
-
- ss->version = v;
+ ss->version = SSL_LIBRARY_VERSION_TLS_1_3;
return SECSuccess;
}
@@ -5365,7 +5403,7 @@ tls13_NegotiateVersion(sslSocket *ss, const TLSExtension *supportedVersions)
return SECFailure;
}
for (version = ss->vrange.max; version >= ss->vrange.min; --version) {
- PRUint16 wire = tls13_EncodeDraftVersion(version);
+ PRUint16 wire = tls13_EncodeDraftVersion(version, ss->protocolVariant);
unsigned long offset;
for (offset = 0; offset < versions.len; offset += 2) {
diff --git a/security/nss/lib/ssl/tls13con.h b/security/nss/lib/ssl/tls13con.h
index f35b20023..f3b2cb390 100644
--- a/security/nss/lib/ssl/tls13con.h
+++ b/security/nss/lib/ssl/tls13con.h
@@ -28,7 +28,7 @@ typedef enum {
SECStatus tls13_UnprotectRecord(
sslSocket *ss, ssl3CipherSpec *spec,
SSL3Ciphertext *cText, sslBuffer *plaintext,
- SSL3ContentType *innerType,
+ SSLContentType *innerType,
SSL3AlertDescription *alert);
#if defined(WIN32)
@@ -64,7 +64,7 @@ void tls13_FatalError(sslSocket *ss, PRErrorCode prError,
SSL3AlertDescription desc);
SECStatus tls13_SetupClientHello(sslSocket *ss);
SECStatus tls13_MaybeDo0RTTHandshake(sslSocket *ss);
-PRInt32 tls13_LimitEarlyData(sslSocket *ss, SSL3ContentType type, PRInt32 toSend);
+PRInt32 tls13_LimitEarlyData(sslSocket *ss, SSLContentType type, PRInt32 toSend);
PRBool tls13_AllowPskCipher(const sslSocket *ss,
const ssl3CipherSuiteDef *cipher_def);
PRBool tls13_PskSuiteEnabled(sslSocket *ss);
@@ -85,26 +85,36 @@ SECStatus tls13_ConstructHelloRetryRequest(sslSocket *ss,
sslBuffer *buffer);
SECStatus tls13_HandleHelloRetryRequest(sslSocket *ss, const PRUint8 *b,
PRUint32 length);
+SECStatus tls13_HandleKeyShare(sslSocket *ss,
+ TLS13KeyShareEntry *entry,
+ sslKeyPair *keyPair,
+ SSLHashType hash,
+ PK11SymKey **out);
+TLS13KeyShareEntry *tls13_CopyKeyShareEntry(TLS13KeyShareEntry *o);
void tls13_DestroyKeyShareEntry(TLS13KeyShareEntry *entry);
void tls13_DestroyKeyShares(PRCList *list);
-SECStatus tls13_CreateKeyShare(sslSocket *ss, const sslNamedGroupDef *groupDef);
+SECStatus tls13_CreateKeyShare(sslSocket *ss, const sslNamedGroupDef *groupDef,
+ sslEphemeralKeyPair **keyPair);
+SECStatus tls13_AddKeyShare(sslSocket *ss, const sslNamedGroupDef *groupDef);
void tls13_DestroyEarlyData(PRCList *list);
SECStatus tls13_SetAlertCipherSpec(sslSocket *ss);
tls13ExtensionStatus tls13_ExtensionStatus(PRUint16 extension,
SSLHandshakeType message);
SECStatus tls13_ProtectRecord(sslSocket *ss,
ssl3CipherSpec *cwSpec,
- SSL3ContentType type,
+ SSLContentType type,
const PRUint8 *pIn,
PRUint32 contentLen,
sslBuffer *wrBuf);
PRInt32 tls13_Read0RttData(sslSocket *ss, void *buf, PRInt32 len);
SECStatus tls13_HandleEarlyApplicationData(sslSocket *ss, sslBuffer *origBuf);
PRBool tls13_ClientAllow0Rtt(const sslSocket *ss, const sslSessionID *sid);
-PRUint16 tls13_EncodeDraftVersion(SSL3ProtocolVersion version);
+PRUint16 tls13_EncodeDraftVersion(SSL3ProtocolVersion version,
+ SSLProtocolVariant variant);
SECStatus tls13_ClientReadSupportedVersion(sslSocket *ss);
SECStatus tls13_NegotiateVersion(sslSocket *ss,
const TLSExtension *supported_versions);
+PRBool tls13_ShouldRequestClientAuth(sslSocket *ss);
PRBool tls13_IsReplay(const sslSocket *ss, const sslSessionID *sid);
void tls13_AntiReplayRollover(PRTime now);
@@ -119,6 +129,22 @@ SECStatus tls13_SendKeyUpdate(sslSocket *ss, tls13KeyUpdateRequest request,
PRBool buffer);
SECStatus SSLExp_KeyUpdate(PRFileDesc *fd, PRBool requestUpdate);
PRBool tls13_MaybeTls13(sslSocket *ss);
+SSLAEADCipher tls13_GetAead(const ssl3BulkCipherDef *cipherDef);
void tls13_SetSpecRecordVersion(sslSocket *ss, ssl3CipherSpec *spec);
+/* Use this instead of FATAL_ERROR when no alert shall be sent. */
+#define LOG_ERROR(ss, prError) \
+ do { \
+ SSL_TRC(3, ("%d: TLS13[%d]: fatal error %d in %s (%s:%d)", \
+ SSL_GETPID(), ss->fd, prError, __func__, __FILE__, __LINE__)); \
+ PORT_SetError(prError); \
+ } while (0)
+
+/* Log an error and generate an alert because something is irreparably wrong. */
+#define FATAL_ERROR(ss, prError, desc) \
+ do { \
+ LOG_ERROR(ss, prError); \
+ tls13_FatalError(ss, prError, desc); \
+ } while (0)
+
#endif /* __tls13con_h_ */
diff --git a/security/nss/lib/ssl/tls13esni.c b/security/nss/lib/ssl/tls13esni.c
new file mode 100644
index 000000000..e2328769b
--- /dev/null
+++ b/security/nss/lib/ssl/tls13esni.c
@@ -0,0 +1,844 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#define TLS13_ESNI_VERSION 0xff01
+
+/*
+ * struct {
+ * uint16 version;
+ * uint8 checksum[4];
+ * KeyShareEntry keys<4..2^16-1>;
+ * CipherSuite cipher_suites<2..2^16-2>;
+ * uint16 padded_length;
+ * uint64 not_before;
+ * uint64 not_after;
+ * Extension extensions<0..2^16-1>;
+ * } ESNIKeys;
+ */
+#include "nss.h"
+#include "pk11func.h"
+#include "ssl.h"
+#include "sslproto.h"
+#include "sslimpl.h"
+#include "ssl3exthandle.h"
+#include "tls13esni.h"
+#include "tls13exthandle.h"
+#include "tls13hkdf.h"
+
+const char kHkdfPurposeEsniKey[] = "esni key";
+const char kHkdfPurposeEsniIv[] = "esni iv";
+
+void
+tls13_DestroyESNIKeys(sslEsniKeys *keys)
+{
+ if (!keys) {
+ return;
+ }
+ SECITEM_FreeItem(&keys->data, PR_FALSE);
+ PORT_Free((void *)keys->dummySni);
+ tls13_DestroyKeyShares(&keys->keyShares);
+ ssl_FreeEphemeralKeyPair(keys->privKey);
+ SECITEM_FreeItem(&keys->suites, PR_FALSE);
+ PORT_ZFree(keys, sizeof(sslEsniKeys));
+}
+
+sslEsniKeys *
+tls13_CopyESNIKeys(sslEsniKeys *okeys)
+{
+ sslEsniKeys *nkeys;
+ SECStatus rv;
+
+ PORT_Assert(okeys);
+
+ nkeys = PORT_ZNew(sslEsniKeys);
+ if (!nkeys) {
+ return NULL;
+ }
+ PR_INIT_CLIST(&nkeys->keyShares);
+ rv = SECITEM_CopyItem(NULL, &nkeys->data, &okeys->data);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if (okeys->dummySni) {
+ nkeys->dummySni = PORT_Strdup(okeys->dummySni);
+ if (!nkeys->dummySni) {
+ goto loser;
+ }
+ }
+ for (PRCList *cur_p = PR_LIST_HEAD(&okeys->keyShares);
+ cur_p != &okeys->keyShares;
+ cur_p = PR_NEXT_LINK(cur_p)) {
+ TLS13KeyShareEntry *copy = tls13_CopyKeyShareEntry(
+ (TLS13KeyShareEntry *)cur_p);
+ if (!copy) {
+ goto loser;
+ }
+ PR_APPEND_LINK(©->link, &nkeys->keyShares);
+ }
+ if (okeys->privKey) {
+ nkeys->privKey = ssl_CopyEphemeralKeyPair(okeys->privKey);
+ if (!nkeys->privKey) {
+ goto loser;
+ }
+ }
+ rv = SECITEM_CopyItem(NULL, &nkeys->suites, &okeys->suites);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ nkeys->paddedLength = okeys->paddedLength;
+ nkeys->notBefore = okeys->notBefore;
+ nkeys->notAfter = okeys->notAfter;
+ return nkeys;
+
+loser:
+ tls13_DestroyESNIKeys(nkeys);
+ return NULL;
+}
+
+/* Checksum is a 4-byte array. */
+static SECStatus
+tls13_ComputeESNIKeysChecksum(const PRUint8 *buf, unsigned int len,
+ PRUint8 *checksum)
+{
+ SECItem copy;
+ SECStatus rv;
+ PRUint8 sha256[32];
+
+ rv = SECITEM_MakeItem(NULL, ©, buf, len);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* Stomp the checksum. */
+ PORT_Memset(copy.data + 2, 0, 4);
+
+ rv = PK11_HashBuf(ssl3_HashTypeToOID(ssl_hash_sha256),
+ sha256,
+ copy.data, copy.len);
+ SECITEM_FreeItem(©, PR_FALSE);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ PORT_Memcpy(checksum, sha256, 4);
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_DecodeESNIKeys(SECItem *data, sslEsniKeys **keysp)
+{
+ SECStatus rv;
+ sslReadBuffer tmp;
+ PRUint64 tmpn;
+ sslEsniKeys *keys;
+ PRUint8 checksum[4];
+ sslReader rdr = SSL_READER(data->data, data->len);
+
+ rv = sslRead_ReadNumber(&rdr, 2, &tmpn);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ if (tmpn != TLS13_ESNI_VERSION) {
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION);
+ return SECFailure;
+ }
+ keys = PORT_ZNew(sslEsniKeys);
+ if (!keys) {
+ return SECFailure;
+ }
+ PR_INIT_CLIST(&keys->keyShares);
+
+ /* Make a copy. */
+ rv = SECITEM_CopyItem(NULL, &keys->data, data);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = tls13_ComputeESNIKeysChecksum(data->data, data->len, checksum);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Read and check checksum. */
+ rv = sslRead_Read(&rdr, 4, &tmp);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ if (0 != NSS_SecureMemcmp(tmp.buf, checksum, 4)) {
+ goto loser;
+ }
+
+ /* Parse the key shares. */
+ rv = sslRead_ReadVariable(&rdr, 2, &tmp);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ sslReader rdr2 = SSL_READER(tmp.buf, tmp.len);
+ while (SSL_READER_REMAINING(&rdr2)) {
+ TLS13KeyShareEntry *ks = NULL;
+
+ rv = tls13_DecodeKeyShareEntry(&rdr2, &ks);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ if (ks) {
+ PR_APPEND_LINK(&ks->link, &keys->keyShares);
+ }
+ }
+
+ /* Parse cipher suites. */
+ rv = sslRead_ReadVariable(&rdr, 2, &tmp);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* This can't be odd. */
+ if (tmp.len & 1) {
+ goto loser;
+ }
+ rv = SECITEM_MakeItem(NULL, &keys->suites, (PRUint8 *)tmp.buf, tmp.len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Padded Length */
+ rv = sslRead_ReadNumber(&rdr, 2, &tmpn);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ keys->paddedLength = (PRUint16)tmpn;
+
+ /* Not Before */
+ rv = sslRead_ReadNumber(&rdr, 8, &keys->notBefore);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Not After */
+ rv = sslRead_ReadNumber(&rdr, 8, &keys->notAfter);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Extensions, which we ignore. */
+ rv = sslRead_ReadVariable(&rdr, 2, &tmp);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Check that this is empty. */
+ if (SSL_READER_REMAINING(&rdr) > 0) {
+ goto loser;
+ }
+
+ *keysp = keys;
+ return SECSuccess;
+
+loser:
+ tls13_DestroyESNIKeys(keys);
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_ESNI_KEYS);
+
+ return SECFailure;
+}
+
+/* Encode an ESNI keys structure. We only allow one key
+ * share. */
+SECStatus
+SSLExp_EncodeESNIKeys(PRUint16 *cipherSuites, unsigned int cipherSuiteCount,
+ SSLNamedGroup group, SECKEYPublicKey *pubKey,
+ PRUint16 pad, PRUint64 notBefore, PRUint64 notAfter,
+ PRUint8 *out, unsigned int *outlen, unsigned int maxlen)
+{
+ unsigned int savedOffset;
+ SECStatus rv;
+ sslBuffer b = SSL_BUFFER_EMPTY;
+
+ rv = sslBuffer_AppendNumber(&b, TLS13_ESNI_VERSION, 2);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = sslBuffer_Skip(&b, 4, &savedOffset);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Length of vector. */
+ rv = sslBuffer_AppendNumber(
+ &b, tls13_SizeOfKeyShareEntry(pubKey), 2);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Our one key share. */
+ rv = tls13_EncodeKeyShareEntry(&b, group, pubKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Cipher suites. */
+ rv = sslBuffer_AppendNumber(&b, cipherSuiteCount * 2, 2);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ for (unsigned int i = 0; i < cipherSuiteCount; i++) {
+ rv = sslBuffer_AppendNumber(&b, cipherSuites[i], 2);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+
+ /* Padding Length. Fixed for now. */
+ rv = sslBuffer_AppendNumber(&b, pad, 2);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Start time. */
+ rv = sslBuffer_AppendNumber(&b, notBefore, 8);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* End time. */
+ rv = sslBuffer_AppendNumber(&b, notAfter, 8);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* No extensions. */
+ rv = sslBuffer_AppendNumber(&b, 0, 2);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = tls13_ComputeESNIKeysChecksum(SSL_BUFFER_BASE(&b),
+ SSL_BUFFER_LEN(&b),
+ SSL_BUFFER_BASE(&b) + 2);
+ if (rv != SECSuccess) {
+ PORT_Assert(PR_FALSE);
+ goto loser;
+ }
+
+ if (SSL_BUFFER_LEN(&b) > maxlen) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ PORT_Memcpy(out, SSL_BUFFER_BASE(&b), SSL_BUFFER_LEN(&b));
+ *outlen = SSL_BUFFER_LEN(&b);
+
+ sslBuffer_Clear(&b);
+ return SECSuccess;
+loser:
+ sslBuffer_Clear(&b);
+ return SECFailure;
+}
+
+SECStatus
+SSLExp_SetESNIKeyPair(PRFileDesc *fd,
+ SECKEYPrivateKey *privKey,
+ const PRUint8 *record, unsigned int recordLen)
+{
+ sslSocket *ss;
+ SECStatus rv;
+ sslEsniKeys *keys = NULL;
+ SECKEYPublicKey *pubKey = NULL;
+ SECItem data = { siBuffer, CONST_CAST(PRUint8, record), recordLen };
+ PLArenaPool *arena = NULL;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in %s",
+ SSL_GETPID(), fd, __FUNCTION__));
+ return SECFailure;
+ }
+
+ rv = tls13_DecodeESNIKeys(&data, &keys);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* Check the cipher suites. */
+ (void)ssl3_config_match_init(ss);
+ /* Make sure the cipher suite is OK. */
+ SSLVersionRange vrange = { SSL_LIBRARY_VERSION_TLS_1_3,
+ SSL_LIBRARY_VERSION_TLS_1_3 };
+
+ sslReader csrdr = SSL_READER(keys->suites.data,
+ keys->suites.len);
+ while (SSL_READER_REMAINING(&csrdr)) {
+ PRUint64 asuite;
+
+ rv = sslRead_ReadNumber(&csrdr, 2, &asuite);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ const ssl3CipherSuiteCfg *suiteCfg =
+ ssl_LookupCipherSuiteCfg(asuite, ss->cipherSuites);
+ if (!ssl3_config_match(suiteCfg, ss->ssl3.policy, &vrange, ss)) {
+ /* Illegal suite. */
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ }
+
+ if (PR_CLIST_IS_EMPTY(&keys->keyShares)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ if (PR_PREV_LINK(&keys->keyShares) != PR_NEXT_LINK(&keys->keyShares)) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ TLS13KeyShareEntry *entry = (TLS13KeyShareEntry *)PR_LIST_HEAD(
+ &keys->keyShares);
+ if (entry->group->keaType != ssl_kea_ecdh) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (!arena) {
+ goto loser;
+ }
+ pubKey = PORT_ArenaZNew(arena, SECKEYPublicKey);
+ if (!pubKey) {
+ goto loser;
+ }
+ pubKey->arena = arena;
+ arena = NULL; /* From here, this will be destroyed with the pubkey. */
+ /* Dummy PKCS11 values because this key isn't on a slot. */
+ pubKey->pkcs11Slot = NULL;
+ pubKey->pkcs11ID = CK_INVALID_HANDLE;
+ rv = ssl_ImportECDHKeyShare(pubKey,
+ entry->key_exchange.data,
+ entry->key_exchange.len,
+ entry->group);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ privKey = SECKEY_CopyPrivateKey(privKey);
+ if (!privKey) {
+ goto loser;
+ }
+ keys->privKey = ssl_NewEphemeralKeyPair(entry->group, privKey, pubKey);
+ if (!keys->privKey) {
+ goto loser;
+ }
+ pubKey = NULL;
+ ss->esniKeys = keys;
+ return SECSuccess;
+
+loser:
+ PORT_FreeArena(arena, PR_FALSE);
+ SECKEY_DestroyPublicKey(pubKey);
+ tls13_DestroyESNIKeys(keys);
+ return SECFailure;
+}
+
+SECStatus
+SSLExp_EnableESNI(PRFileDesc *fd,
+ const PRUint8 *esniKeys,
+ unsigned int esniKeysLen,
+ const char *dummySNI)
+{
+ sslSocket *ss;
+ sslEsniKeys *keys = NULL;
+ SECItem data = { siBuffer, CONST_CAST(PRUint8, esniKeys), esniKeysLen };
+ SECStatus rv;
+
+ ss = ssl_FindSocket(fd);
+ if (!ss) {
+ SSL_DBG(("%d: SSL[%d]: bad socket in %s",
+ SSL_GETPID(), fd, __FUNCTION__));
+ return SECFailure;
+ }
+
+ rv = tls13_DecodeESNIKeys(&data, &keys);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ if (dummySNI) {
+ keys->dummySni = PORT_Strdup(dummySNI);
+ if (!keys->dummySni) {
+ tls13_DestroyESNIKeys(keys);
+ return SECFailure;
+ }
+ }
+
+ /* Delete in case it was set before. */
+ tls13_DestroyESNIKeys(ss->esniKeys);
+ ss->esniKeys = keys;
+
+ return SECSuccess;
+}
+
+/*
+ * struct {
+ * opaque record_digest<0..2^16-1>;
+ * KeyShareEntry esni_key_share;
+ * Random client_hello_random;
+ * } ESNIContents;
+ */
+SECStatus
+tls13_ComputeESNIKeys(const sslSocket *ss,
+ TLS13KeyShareEntry *entry,
+ sslKeyPair *keyPair,
+ const ssl3CipherSuiteDef *suite,
+ const PRUint8 *esniKeysHash,
+ const PRUint8 *keyShareBuf,
+ unsigned int keyShareBufLen,
+ const PRUint8 *clientRandom,
+ ssl3KeyMaterial *keyMat)
+{
+ PK11SymKey *Z = NULL;
+ PK11SymKey *Zx = NULL;
+ SECStatus ret = SECFailure;
+ PRUint8 esniContentsBuf[256]; /* Just big enough. */
+ sslBuffer esniContents = SSL_BUFFER(esniContentsBuf);
+ PRUint8 hash[64];
+ const ssl3BulkCipherDef *cipherDef = ssl_GetBulkCipherDef(suite);
+ size_t keySize = cipherDef->key_size;
+ size_t ivSize = cipherDef->iv_size +
+ cipherDef->explicit_nonce_size; /* This isn't always going to
+ * work, but it does for
+ * AES-GCM */
+ unsigned int hashSize = tls13_GetHashSizeForHash(suite->prf_hash);
+ SECStatus rv;
+
+ rv = tls13_HandleKeyShare(CONST_CAST(sslSocket, ss), entry, keyPair,
+ suite->prf_hash, &Z);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = tls13_HkdfExtract(NULL, Z, suite->prf_hash, &Zx);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Encode ESNIContents. */
+ rv = sslBuffer_AppendVariable(&esniContents,
+ esniKeysHash, hashSize, 2);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = sslBuffer_Append(&esniContents, keyShareBuf, keyShareBufLen);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = sslBuffer_Append(&esniContents, clientRandom, SSL3_RANDOM_LENGTH);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ PORT_Assert(hashSize <= sizeof(hash));
+ rv = PK11_HashBuf(ssl3_HashTypeToOID(suite->prf_hash),
+ hash,
+ SSL_BUFFER_BASE(&esniContents),
+ SSL_BUFFER_LEN(&esniContents));
+ ;
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = tls13_HkdfExpandLabel(Zx, suite->prf_hash,
+ hash, hashSize,
+ kHkdfPurposeEsniKey, strlen(kHkdfPurposeEsniKey),
+ ssl3_Alg2Mech(cipherDef->calg),
+ keySize,
+ &keyMat->key);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rv = tls13_HkdfExpandLabelRaw(Zx, suite->prf_hash,
+ hash, hashSize,
+ kHkdfPurposeEsniIv, strlen(kHkdfPurposeEsniIv),
+ keyMat->iv, ivSize);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ ret = SECSuccess;
+
+loser:
+ PK11_FreeSymKey(Z);
+ PK11_FreeSymKey(Zx);
+ return ret;
+}
+
+/* Set up ESNI. This generates a private key as a side effect. */
+SECStatus
+tls13_ClientSetupESNI(sslSocket *ss)
+{
+ ssl3CipherSuite suite;
+ sslEphemeralKeyPair *keyPair;
+ size_t i;
+ PRCList *cur;
+ SECStatus rv;
+ TLS13KeyShareEntry *share;
+ const sslNamedGroupDef *group = NULL;
+ PRTime now = PR_Now() / PR_USEC_PER_SEC;
+
+ if (!ss->esniKeys) {
+ return SECSuccess;
+ }
+
+ if ((ss->esniKeys->notBefore > now) || (ss->esniKeys->notAfter < now)) {
+ return SECSuccess;
+ }
+
+ /* If we're not sending SNI, don't send ESNI. */
+ if (!ssl_ShouldSendSNIExtension(ss, ss->url)) {
+ return SECSuccess;
+ }
+
+ /* Pick the group. */
+ for (i = 0; i < SSL_NAMED_GROUP_COUNT; ++i) {
+ for (cur = PR_NEXT_LINK(&ss->esniKeys->keyShares);
+ cur != &ss->esniKeys->keyShares;
+ cur = PR_NEXT_LINK(cur)) {
+ if (!ss->namedGroupPreferences[i]) {
+ continue;
+ }
+ share = (TLS13KeyShareEntry *)cur;
+ if (share->group->name == ss->namedGroupPreferences[i]->name) {
+ group = ss->namedGroupPreferences[i];
+ break;
+ }
+ }
+ }
+
+ if (!group) {
+ /* No compatible group. */
+ return SECSuccess;
+ }
+
+ rv = ssl3_NegotiateCipherSuiteInner(ss, &ss->esniKeys->suites,
+ SSL_LIBRARY_VERSION_TLS_1_3, &suite);
+ if (rv != SECSuccess) {
+ return SECSuccess;
+ }
+
+ rv = tls13_CreateKeyShare(ss, group, &keyPair);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ ss->xtnData.esniPrivateKey = keyPair;
+ ss->xtnData.esniSuite = suite;
+ ss->xtnData.peerEsniShare = share;
+
+ return SECSuccess;
+}
+
+/*
+ * struct {
+ * CipherSuite suite;
+ * KeyShareEntry key_share;
+ * opaque record_digest<0..2^16-1>;
+ * opaque encrypted_sni<0..2^16-1>;
+ * } ClientEncryptedSNI;
+ *
+ * struct {
+ * ServerNameList sni;
+ * opaque zeros[ESNIKeys.padded_length - length(sni)];
+ * } PaddedServerNameList;
+ *
+ * struct {
+ * uint8 nonce[16];
+ * PaddedServerNameList realSNI;
+ * } ClientESNIInner;
+ */
+SECStatus
+tls13_FormatEsniAADInput(sslBuffer *aadInput,
+ PRUint8 *keyShare, unsigned int keyShareLen)
+{
+ SECStatus rv;
+
+ /* 8 bytes of 0 for the sequence number. */
+ rv = sslBuffer_AppendNumber(aadInput, 0, 8);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* Key share. */
+ PORT_Assert(keyShareLen > 0);
+ rv = sslBuffer_Append(aadInput, keyShare, keyShareLen);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_ServerGetEsniAEAD(const sslSocket *ss, PRUint64 suite,
+ const ssl3CipherSuiteDef **suiteDefp,
+ SSLAEADCipher *aeadp)
+{
+ SECStatus rv;
+ const ssl3CipherSuiteDef *suiteDef;
+ SSLAEADCipher aead;
+
+ /* Check against the suite list for ESNI */
+ PRBool csMatch = PR_FALSE;
+ sslReader csrdr = SSL_READER(ss->esniKeys->suites.data,
+ ss->esniKeys->suites.len);
+ while (SSL_READER_REMAINING(&csrdr)) {
+ PRUint64 asuite;
+
+ rv = sslRead_ReadNumber(&csrdr, 2, &asuite);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ if (asuite == suite) {
+ csMatch = PR_TRUE;
+ break;
+ }
+ }
+ if (!csMatch) {
+ return SECFailure;
+ }
+
+ suiteDef = ssl_LookupCipherSuiteDef(suite);
+ PORT_Assert(suiteDef);
+ if (!suiteDef) {
+ return SECFailure;
+ }
+ aead = tls13_GetAead(ssl_GetBulkCipherDef(suiteDef));
+ if (!aead) {
+ return SECFailure;
+ }
+
+ *suiteDefp = suiteDef;
+ *aeadp = aead;
+ return SECSuccess;
+}
+
+SECStatus
+tls13_ServerDecryptEsniXtn(const sslSocket *ss, PRUint8 *in, unsigned int inLen,
+ PRUint8 *out, int *outLen, int maxLen)
+{
+ sslReader rdr = SSL_READER(in, inLen);
+ PRUint64 suite;
+ const ssl3CipherSuiteDef *suiteDef;
+ SSLAEADCipher aead = NULL;
+ TLSExtension *keyShareExtension;
+ TLS13KeyShareEntry *entry = NULL;
+ ssl3KeyMaterial keyMat = { NULL };
+
+ sslBuffer aadInput = SSL_BUFFER_EMPTY;
+ const PRUint8 *keyShareBuf;
+ sslReadBuffer buf;
+ unsigned int keyShareBufLen;
+ PRUint8 hash[64];
+ SECStatus rv;
+
+ /* Read the cipher suite. */
+ rv = sslRead_ReadNumber(&rdr, 2, &suite);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Find the AEAD */
+ rv = tls13_ServerGetEsniAEAD(ss, suite, &suiteDef, &aead);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Note where the KeyShare starts. */
+ keyShareBuf = SSL_READER_CURRENT(&rdr);
+ rv = tls13_DecodeKeyShareEntry(&rdr, &entry);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ keyShareBufLen = SSL_READER_CURRENT(&rdr) - keyShareBuf;
+ if (!entry || entry->group->name != ss->esniKeys->privKey->group->name) {
+ goto loser;
+ }
+
+ /* The hash of the ESNIKeys structure. */
+ rv = sslRead_ReadVariable(&rdr, 2, &buf);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Check that the hash matches. */
+ unsigned int hashLen = tls13_GetHashSizeForHash(suiteDef->prf_hash);
+ PORT_Assert(hashLen <= sizeof(hash));
+ rv = PK11_HashBuf(ssl3_HashTypeToOID(suiteDef->prf_hash),
+ hash,
+ ss->esniKeys->data.data, ss->esniKeys->data.len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ if (buf.len != hashLen) {
+ /* This is malformed. */
+ goto loser;
+ }
+ if (0 != NSS_SecureMemcmp(hash, buf.buf, hashLen)) {
+ goto loser;
+ }
+
+ rv = tls13_ComputeESNIKeys(ss, entry,
+ ss->esniKeys->privKey->keys,
+ suiteDef,
+ hash, keyShareBuf, keyShareBufLen,
+ ((sslSocket *)ss)->ssl3.hs.client_random,
+ &keyMat);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Read the ciphertext. */
+ rv = sslRead_ReadVariable(&rdr, 2, &buf);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Check that this is empty. */
+ if (SSL_READER_REMAINING(&rdr) > 0) {
+ goto loser;
+ }
+
+ /* Find the key share extension. */
+ keyShareExtension = ssl3_FindExtension(CONST_CAST(sslSocket, ss),
+ ssl_tls13_key_share_xtn);
+ if (!keyShareExtension) {
+ goto loser;
+ }
+ rv = tls13_FormatEsniAADInput(&aadInput,
+ keyShareExtension->data.data,
+ keyShareExtension->data.len);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = aead(&keyMat, PR_TRUE /* Decrypt */,
+ out, outLen, maxLen,
+ buf.buf, buf.len,
+ SSL_BUFFER_BASE(&aadInput),
+ SSL_BUFFER_LEN(&aadInput));
+ sslBuffer_Clear(&aadInput);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ ssl_DestroyKeyMaterial(&keyMat);
+ tls13_DestroyKeyShareEntry(entry);
+ return SECSuccess;
+
+loser:
+ FATAL_ERROR(CONST_CAST(sslSocket, ss), SSL_ERROR_RX_MALFORMED_ESNI_EXTENSION, illegal_parameter);
+ ssl_DestroyKeyMaterial(&keyMat); /* Safe because zeroed. */
+ if (entry) {
+ tls13_DestroyKeyShareEntry(entry);
+ }
+ return SECFailure;
+}
diff --git a/security/nss/lib/ssl/tls13esni.h b/security/nss/lib/ssl/tls13esni.h
new file mode 100644
index 000000000..6c52c9952
--- /dev/null
+++ b/security/nss/lib/ssl/tls13esni.h
@@ -0,0 +1,51 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is PRIVATE to SSL.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __tls13esni_h_
+#define __tls13esni_h_
+
+struct sslEsniKeysStr {
+ SECItem data; /* The encoded record. */
+ sslEphemeralKeyPair *privKey;
+ const char *dummySni;
+ PRCList keyShares; /* List of TLS13KeyShareEntry */
+ SECItem suites;
+ PRUint16 paddedLength;
+ PRUint64 notBefore;
+ PRUint64 notAfter;
+};
+
+SECStatus SSLExp_SetESNIKeyPair(PRFileDesc *fd,
+ SECKEYPrivateKey *privKey,
+ const PRUint8 *record, unsigned int recordLen);
+
+SECStatus SSLExp_EnableESNI(PRFileDesc *fd, const PRUint8 *esniKeys,
+ unsigned int esniKeysLen, const char *dummySNI);
+SECStatus SSLExp_EncodeESNIKeys(PRUint16 *cipherSuites, unsigned int cipherSuiteCount,
+ SSLNamedGroup group, SECKEYPublicKey *pubKey,
+ PRUint16 pad, PRUint64 notBefore, PRUint64 notAfter,
+ PRUint8 *out, unsigned int *outlen, unsigned int maxlen);
+sslEsniKeys *tls13_CopyESNIKeys(sslEsniKeys *okeys);
+void tls13_DestroyESNIKeys(sslEsniKeys *keys);
+SECStatus tls13_ClientSetupESNI(sslSocket *ss);
+SECStatus tls13_ComputeESNIKeys(const sslSocket *ss,
+ TLS13KeyShareEntry *entry,
+ sslKeyPair *keyPair,
+ const ssl3CipherSuiteDef *suite,
+ const PRUint8 *esniKeysHash,
+ const PRUint8 *keyShareBuf,
+ unsigned int keyShareBufLen,
+ const PRUint8 *clientRandom,
+ ssl3KeyMaterial *keyMat);
+SECStatus tls13_FormatEsniAADInput(sslBuffer *aadInput,
+ PRUint8 *keyShare, unsigned int keyShareLen);
+
+SECStatus tls13_ServerDecryptEsniXtn(const sslSocket *ss, PRUint8 *in, unsigned int inLen,
+ PRUint8 *out, int *outLen, int maxLen);
+
+#endif
diff --git a/security/nss/lib/ssl/tls13exthandle.c b/security/nss/lib/ssl/tls13exthandle.c
index 1ab8a8e59..8ed18f69c 100644
--- a/security/nss/lib/ssl/tls13exthandle.c
+++ b/security/nss/lib/ssl/tls13exthandle.c
@@ -12,6 +12,7 @@
#include "pk11pub.h"
#include "ssl3ext.h"
#include "ssl3exthandle.h"
+#include "tls13esni.h"
#include "tls13exthandle.h"
SECStatus
@@ -71,7 +72,7 @@ tls13_ServerSendStatusRequestXtn(const sslSocket *ss, TLSExtensionData *xtnData,
*
* opaque point <1..2^8-1>;
*/
-static PRUint32
+PRUint32
tls13_SizeOfKeyShareEntry(const SECKEYPublicKey *pubKey)
{
/* Size = NamedGroup(2) + length(2) + opaque<?> share */
@@ -86,14 +87,14 @@ tls13_SizeOfKeyShareEntry(const SECKEYPublicKey *pubKey)
return 0;
}
-static SECStatus
-tls13_EncodeKeyShareEntry(sslBuffer *buf, const sslEphemeralKeyPair *keyPair)
+SECStatus
+tls13_EncodeKeyShareEntry(sslBuffer *buf, SSLNamedGroup group,
+ SECKEYPublicKey *pubKey)
{
SECStatus rv;
- SECKEYPublicKey *pubKey = keyPair->keys->pubKey;
unsigned int size = tls13_SizeOfKeyShareEntry(pubKey);
- rv = sslBuffer_AppendNumber(buf, keyPair->group->name, 2);
+ rv = sslBuffer_AppendNumber(buf, group, 2);
if (rv != SECSuccess)
return rv;
rv = sslBuffer_AppendNumber(buf, size - 4, 2);
@@ -123,6 +124,7 @@ tls13_ClientSendKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData,
{
SECStatus rv;
PRCList *cursor;
+ unsigned int extStart;
unsigned int lengthOffset;
if (ss->vrange.max < SSL_LIBRARY_VERSION_TLS_1_3) {
@@ -134,6 +136,8 @@ tls13_ClientSendKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData,
SSL_TRC(3, ("%d: TLS13[%d]: send client key share xtn",
SSL_GETPID(), ss->fd));
+ extStart = SSL_BUFFER_LEN(buf);
+
/* Save the offset to the length. */
rv = sslBuffer_Skip(buf, 2, &lengthOffset);
if (rv != SECSuccess) {
@@ -144,7 +148,9 @@ tls13_ClientSendKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData,
cursor != &ss->ephemeralKeyPairs;
cursor = PR_NEXT_LINK(cursor)) {
sslEphemeralKeyPair *keyPair = (sslEphemeralKeyPair *)cursor;
- rv = tls13_EncodeKeyShareEntry(buf, keyPair);
+ rv = tls13_EncodeKeyShareEntry(buf,
+ keyPair->group->name,
+ keyPair->keys->pubKey);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -154,50 +160,62 @@ tls13_ClientSendKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData,
return SECFailure;
}
+ rv = SECITEM_MakeItem(NULL, &xtnData->keyShareExtension,
+ SSL_BUFFER_BASE(buf) + extStart,
+ SSL_BUFFER_LEN(buf) - extStart);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
*added = PR_TRUE;
return SECSuccess;
}
-static SECStatus
-tls13_HandleKeyShareEntry(const sslSocket *ss, TLSExtensionData *xtnData, SECItem *data)
+SECStatus
+tls13_DecodeKeyShareEntry(sslReader *rdr, TLS13KeyShareEntry **ksp)
{
SECStatus rv;
- PRUint32 group;
+ PRUint64 group;
const sslNamedGroupDef *groupDef;
TLS13KeyShareEntry *ks = NULL;
- SECItem share = { siBuffer, NULL, 0 };
+ sslReadBuffer share;
- rv = ssl3_ExtConsumeHandshakeNumber(ss, &group, 2, &data->data, &data->len);
+ rv = sslRead_ReadNumber(rdr, 2, &group);
if (rv != SECSuccess) {
- PORT_SetError(SSL_ERROR_RX_MALFORMED_KEY_SHARE);
goto loser;
}
groupDef = ssl_LookupNamedGroup(group);
- rv = ssl3_ExtConsumeHandshakeVariable(ss, &share, 2, &data->data,
- &data->len);
+ rv = sslRead_ReadVariable(rdr, 2, &share);
if (rv != SECSuccess) {
goto loser;
}
+
+ /* This has to happen here because we want to consume
+ * the entire entry even if the group is unknown
+ * or disabled. */
/* If the group is disabled, continue. */
if (!groupDef) {
return SECSuccess;
}
ks = PORT_ZNew(TLS13KeyShareEntry);
- if (!ks)
+ if (!ks) {
goto loser;
+ }
ks->group = groupDef;
- rv = SECITEM_CopyItem(NULL, &ks->key_exchange, &share);
- if (rv != SECSuccess)
+ rv = SECITEM_MakeItem(NULL, &ks->key_exchange,
+ share.buf, share.len);
+ if (rv != SECSuccess) {
goto loser;
+ }
- PR_APPEND_LINK(&ks->link, &xtnData->remoteKeyShares);
+ *ksp = ks;
return SECSuccess;
loser:
- if (ks)
- tls13_DestroyKeyShareEntry(ks);
+ tls13_DestroyKeyShareEntry(ks);
+
return SECFailure;
}
/* Handle an incoming KeyShare extension at the client and copy to
@@ -209,6 +227,7 @@ tls13_ClientHandleKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData,
{
SECStatus rv;
PORT_Assert(PR_CLIST_IS_EMPTY(&xtnData->remoteKeyShares));
+ TLS13KeyShareEntry *ks = NULL;
PORT_Assert(!ss->sec.isServer);
@@ -221,16 +240,20 @@ tls13_ClientHandleKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData,
SSL_TRC(3, ("%d: SSL3[%d]: handle key_share extension",
SSL_GETPID(), ss->fd));
- rv = tls13_HandleKeyShareEntry(ss, xtnData, data);
- if (rv != SECSuccess) {
+ sslReader rdr = SSL_READER(data->data, data->len);
+ rv = tls13_DecodeKeyShareEntry(&rdr, &ks);
+ if ((rv != SECSuccess) || !ks) {
+ ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter);
PORT_SetError(SSL_ERROR_RX_MALFORMED_KEY_SHARE);
return SECFailure;
}
- if (data->len) {
+ if (SSL_READER_REMAINING(&rdr)) {
+ tls13_DestroyKeyShareEntry(ks);
PORT_SetError(SSL_ERROR_RX_MALFORMED_KEY_SHARE);
return SECFailure;
}
+ PR_APPEND_LINK(&ks->link, &xtnData->remoteKeyShares);
return SECSuccess;
}
@@ -273,7 +296,7 @@ tls13_ClientHandleKeyShareXtnHrr(const sslSocket *ss, TLSExtensionData *xtnData,
ssl_FreeEphemeralKeyPairs(CONST_CAST(sslSocket, ss));
/* And replace with our new share. */
- rv = tls13_CreateKeyShare(CONST_CAST(sslSocket, ss), group);
+ rv = tls13_AddKeyShare(CONST_CAST(sslSocket, ss), group);
if (rv != SECSuccess) {
ssl3_ExtSendAlert(ss, alert_fatal, internal_error);
PORT_SetError(SEC_ERROR_KEYGEN_FAIL);
@@ -315,12 +338,24 @@ tls13_ServerHandleKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData,
goto loser;
}
- while (data->len) {
- rv = tls13_HandleKeyShareEntry(ss, xtnData, data);
- if (rv != SECSuccess)
+ sslReader rdr = SSL_READER(data->data, data->len);
+ while (SSL_READER_REMAINING(&rdr)) {
+ TLS13KeyShareEntry *ks = NULL;
+ rv = tls13_DecodeKeyShareEntry(&rdr, &ks);
+ if (rv != SECSuccess) {
+ PORT_SetError(SSL_ERROR_RX_MALFORMED_KEY_SHARE);
goto loser;
+ }
+ if (ks) {
+ /* |ks| == NULL if this is an unknown group. */
+ PR_APPEND_LINK(&ks->link, &xtnData->remoteKeyShares);
+ }
}
+ /* Keep track of negotiated extensions. */
+ xtnData->negotiated[xtnData->numNegotiated++] =
+ ssl_tls13_key_share_xtn;
+
return SECSuccess;
loser:
@@ -342,7 +377,8 @@ tls13_ServerSendKeyShareXtn(const sslSocket *ss, TLSExtensionData *xtnData,
keyPair = (sslEphemeralKeyPair *)PR_NEXT_LINK(&ss->ephemeralKeyPairs);
- rv = tls13_EncodeKeyShareEntry(buf, keyPair);
+ rv = tls13_EncodeKeyShareEntry(buf, keyPair->group->name,
+ keyPair->keys->pubKey);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -396,6 +432,7 @@ tls13_ClientSendPreSharedKeyXtn(const sslSocket *ss, TLSExtensionData *xtnData,
xtnData->lastXtnOffset = buf->len - 4;
PORT_Assert(ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_3);
+ PORT_Assert(ss->sec.ci.sid->version >= SSL_LIBRARY_VERSION_TLS_1_3);
/* Send a single ticket identity. */
session_ticket = &ss->sec.ci.sid->u.ssl3.locked.sessionTicket;
@@ -751,7 +788,9 @@ tls13_ClientSendSupportedVersionsXtn(const sslSocket *ss, TLSExtensionData *xtnD
}
for (version = ss->vrange.max; version >= ss->vrange.min; --version) {
- rv = sslBuffer_AppendNumber(buf, tls13_EncodeDraftVersion(version), 2);
+ PRUint16 wire = tls13_EncodeDraftVersion(version,
+ ss->protocolVariant);
+ rv = sslBuffer_AppendNumber(buf, wire, 2);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -779,8 +818,9 @@ tls13_ServerSendSupportedVersionsXtn(const sslSocket *ss, TLSExtensionData *xtnD
SSL_TRC(3, ("%d: TLS13[%d]: server send supported_versions extension",
SSL_GETPID(), ss->fd));
- rv = sslBuffer_AppendNumber(
- buf, tls13_EncodeDraftVersion(SSL_LIBRARY_VERSION_TLS_1_3), 2);
+ PRUint16 ver = tls13_EncodeDraftVersion(SSL_LIBRARY_VERSION_TLS_1_3,
+ ss->protocolVariant);
+ rv = sslBuffer_AppendNumber(buf, ver, 2);
if (rv != SECSuccess) {
return SECFailure;
}
@@ -1056,3 +1096,276 @@ tls13_ServerSendHrrCookieXtn(const sslSocket *ss, TLSExtensionData *xtnData,
*added = PR_TRUE;
return SECSuccess;
}
+
+SECStatus
+tls13_ClientSendEsniXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ sslBuffer *buf, PRBool *added)
+{
+ SECStatus rv;
+ PRUint8 sniBuf[1024];
+ PRUint8 hash[64];
+ sslBuffer sni = SSL_BUFFER(sniBuf);
+ const ssl3CipherSuiteDef *suiteDef;
+ ssl3KeyMaterial keyMat;
+ SSLAEADCipher aead;
+ PRUint8 outBuf[1024];
+ int outLen;
+ unsigned int sniStart;
+ unsigned int sniLen;
+ sslBuffer aadInput = SSL_BUFFER_EMPTY;
+ unsigned int keyShareBufStart;
+ unsigned int keyShareBufLen;
+
+ PORT_Memset(&keyMat, 0, sizeof(keyMat));
+
+ if (!ss->xtnData.esniPrivateKey) {
+ return SECSuccess;
+ }
+
+ /* nonce */
+ rv = PK11_GenerateRandom(
+ (unsigned char *)xtnData->esniNonce, sizeof(xtnData->esniNonce));
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ rv = sslBuffer_Append(&sni, xtnData->esniNonce, sizeof(xtnData->esniNonce));
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* sni */
+ sniStart = SSL_BUFFER_LEN(&sni);
+ rv = ssl3_ClientFormatServerNameXtn(ss, ss->url, xtnData, &sni);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ sniLen = SSL_BUFFER_LEN(&sni) - sniStart;
+ /* Padding. */
+ if (ss->esniKeys->paddedLength > sniLen) {
+ unsigned int paddingRequired = ss->esniKeys->paddedLength - sniLen;
+ while (paddingRequired--) {
+ rv = sslBuffer_AppendNumber(&sni, 0, 1);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ }
+ }
+
+ suiteDef = ssl_LookupCipherSuiteDef(xtnData->esniSuite);
+ PORT_Assert(suiteDef);
+ if (!suiteDef) {
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+ aead = tls13_GetAead(ssl_GetBulkCipherDef(suiteDef));
+ if (!aead) {
+ return SECFailure;
+ }
+
+ /* Format the first part of the extension so we have the
+ * encoded KeyShareEntry. */
+ rv = sslBuffer_AppendNumber(buf, xtnData->esniSuite, 2);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ keyShareBufStart = SSL_BUFFER_LEN(buf);
+ rv = tls13_EncodeKeyShareEntry(buf,
+ xtnData->esniPrivateKey->group->name,
+ xtnData->esniPrivateKey->keys->pubKey);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+ keyShareBufLen = SSL_BUFFER_LEN(buf) - keyShareBufStart;
+
+ if (tls13_GetHashSizeForHash(suiteDef->prf_hash) > sizeof(hash)) {
+ PORT_Assert(PR_FALSE);
+ PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
+ return SECFailure;
+ }
+
+ rv = PK11_HashBuf(ssl3_HashTypeToOID(suiteDef->prf_hash),
+ hash,
+ ss->esniKeys->data.data,
+ ss->esniKeys->data.len);
+ if (rv != SECSuccess) {
+ PORT_Assert(PR_FALSE);
+ return SECFailure;
+ }
+
+ rv = sslBuffer_AppendVariable(buf, hash,
+ tls13_GetHashSizeForHash(suiteDef->prf_hash), 2);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* Compute the ESNI keys. */
+ rv = tls13_ComputeESNIKeys(ss, xtnData->peerEsniShare,
+ xtnData->esniPrivateKey->keys,
+ suiteDef,
+ hash,
+ SSL_BUFFER_BASE(buf) + keyShareBufStart,
+ keyShareBufLen,
+ CONST_CAST(PRUint8, ss->ssl3.hs.client_random),
+ &keyMat);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ rv = tls13_FormatEsniAADInput(&aadInput,
+ xtnData->keyShareExtension.data,
+ xtnData->keyShareExtension.len);
+ if (rv != SECSuccess) {
+ ssl_DestroyKeyMaterial(&keyMat);
+ return SECFailure;
+ }
+ /* Now encrypt. */
+ rv = aead(&keyMat, PR_FALSE /* Encrypt */,
+ outBuf, &outLen, sizeof(outBuf),
+ SSL_BUFFER_BASE(&sni),
+ SSL_BUFFER_LEN(&sni),
+ SSL_BUFFER_BASE(&aadInput),
+ SSL_BUFFER_LEN(&aadInput));
+ ssl_DestroyKeyMaterial(&keyMat);
+ sslBuffer_Clear(&aadInput);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ /* Encode the rest. */
+ rv = sslBuffer_AppendVariable(buf, outBuf, outLen, 2);
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ *added = PR_TRUE;
+ return SECSuccess;
+}
+
+static SECStatus
+tls13_ServerSendEsniXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ sslBuffer *buf, PRBool *added)
+{
+ SECStatus rv;
+
+ rv = sslBuffer_Append(buf, xtnData->esniNonce, sizeof(xtnData->esniNonce));
+ if (rv != SECSuccess) {
+ return SECFailure;
+ }
+
+ *added = PR_TRUE;
+ return SECSuccess;
+}
+
+SECStatus
+tls13_ServerHandleEsniXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ SECItem *data)
+{
+ sslReadBuffer buf;
+ PRUint8 *plainText = NULL;
+ int ptLen;
+ SECStatus rv;
+
+ /* If we are doing < TLS 1.3, then ignore this. */
+ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
+ return SECSuccess;
+ }
+
+ if (!ss->esniKeys) {
+ /* Apparently we used to be configured for ESNI, but
+ * no longer. This violates the spec, or the client is
+ * broken. */
+ return SECFailure;
+ }
+
+ plainText = PORT_ZAlloc(data->len);
+ if (!plainText) {
+ return SECFailure;
+ }
+ rv = tls13_ServerDecryptEsniXtn(ss, data->data, data->len,
+ plainText, &ptLen, data->len);
+ if (rv) {
+ goto loser;
+ }
+
+ /* Read out the interior extension. */
+ sslReader sniRdr = SSL_READER(plainText, ptLen);
+
+ rv = sslRead_Read(&sniRdr, sizeof(xtnData->esniNonce), &buf);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ PORT_Memcpy(xtnData->esniNonce, buf.buf, sizeof(xtnData->esniNonce));
+
+ /* We need to capture the whole block with the length. */
+ SECItem sniItem = { siBuffer, (unsigned char *)SSL_READER_CURRENT(&sniRdr), 0 };
+ rv = sslRead_ReadVariable(&sniRdr, 2, &buf);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ sniItem.len = buf.len + 2;
+
+ /* Check the padding. Note we don't need to do this in constant time
+ * because it's inside the AEAD boundary. */
+ /* TODO(ekr@rtfm.com): check that the padding is the right length. */
+ PRUint64 tmp;
+ while (SSL_READER_REMAINING(&sniRdr)) {
+ rv = sslRead_ReadNumber(&sniRdr, 1, &tmp);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if (tmp != 0) {
+ goto loser;
+ }
+ }
+
+ rv = ssl3_HandleServerNameXtn(ss, xtnData, &sniItem);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ rv = ssl3_RegisterExtensionSender(ss, xtnData,
+ ssl_tls13_encrypted_sni_xtn,
+ tls13_ServerSendEsniXtn);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+
+ /* Keep track of negotiated extensions. */
+ xtnData->negotiated[xtnData->numNegotiated++] =
+ ssl_tls13_encrypted_sni_xtn;
+
+ PORT_ZFree(plainText, data->len);
+ return SECSuccess;
+loser:
+ PORT_ZFree(plainText, data->len);
+ return SECFailure;
+}
+
+/* Function to check the extension. We don't install a handler here
+ * because we need to check for the presence of the extension as
+ * well and it's easier to do it in one place. */
+SECStatus
+tls13_ClientCheckEsniXtn(sslSocket *ss)
+{
+ TLSExtension *esniExtension =
+ ssl3_FindExtension(ss, ssl_tls13_encrypted_sni_xtn);
+ if (!esniExtension) {
+ FATAL_ERROR(ss, SSL_ERROR_MISSING_ESNI_EXTENSION, missing_extension);
+ return SECFailure;
+ }
+
+ if (esniExtension->data.len != sizeof(ss->xtnData.esniNonce)) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_ESNI_EXTENSION, illegal_parameter);
+ return SECFailure;
+ }
+
+ if (0 != NSS_SecureMemcmp(esniExtension->data.data,
+ ss->xtnData.esniNonce,
+ sizeof(ss->xtnData.esniNonce))) {
+ FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_ESNI_EXTENSION, illegal_parameter);
+ return SECFailure;
+ }
+
+ return SECSuccess;
+}
diff --git a/security/nss/lib/ssl/tls13exthandle.h b/security/nss/lib/ssl/tls13exthandle.h
index edce94d83..dd64b44ff 100644
--- a/security/nss/lib/ssl/tls13exthandle.h
+++ b/security/nss/lib/ssl/tls13exthandle.h
@@ -84,5 +84,14 @@ SECStatus tls13_ServerSendHrrKeyShareXtn(const sslSocket *ss,
SECStatus tls13_ServerSendHrrCookieXtn(const sslSocket *ss,
TLSExtensionData *xtnData,
sslBuffer *buf, PRBool *added);
+SECStatus tls13_DecodeKeyShareEntry(sslReader *rdr, TLS13KeyShareEntry **ksp);
+PRUint32 tls13_SizeOfKeyShareEntry(const SECKEYPublicKey *pubKey);
+SECStatus tls13_EncodeKeyShareEntry(sslBuffer *buf, SSLNamedGroup group,
+ SECKEYPublicKey *pubKey);
+SECStatus tls13_ClientSendEsniXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ sslBuffer *buf, PRBool *added);
+SECStatus tls13_ServerHandleEsniXtn(const sslSocket *ss, TLSExtensionData *xtnData,
+ SECItem *data);
+SECStatus tls13_ClientCheckEsniXtn(sslSocket *ss);
#endif
diff --git a/security/nss/lib/util/nssutil.def b/security/nss/lib/util/nssutil.def
index 26e438ba6..8c233f7d3 100644
--- a/security/nss/lib/util/nssutil.def
+++ b/security/nss/lib/util/nssutil.def
@@ -328,3 +328,9 @@ SECITEM_MakeItem;
;+ local:
;+ *;
;+};
+;+NSSUTIL_3.39 { # NSS Utilities 3.39 release
+;+ global:
+NSSUTIL_AddNSSFlagToModuleSpec;
+;+ local:
+;+ *;
+;+};
diff --git a/security/nss/lib/util/nssutil.h b/security/nss/lib/util/nssutil.h
index 2749abaa1..62511eafe 100644
--- a/security/nss/lib/util/nssutil.h
+++ b/security/nss/lib/util/nssutil.h
@@ -19,9 +19,9 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
*/
-#define NSSUTIL_VERSION "3.38"
+#define NSSUTIL_VERSION "3.41"
#define NSSUTIL_VMAJOR 3
-#define NSSUTIL_VMINOR 38
+#define NSSUTIL_VMINOR 41
#define NSSUTIL_VPATCH 0
#define NSSUTIL_VBUILD 0
#define NSSUTIL_BETA PR_FALSE
diff --git a/security/nss/lib/util/pkcs11p.h b/security/nss/lib/util/pkcs11p.h
index 2e904ee50..1c9201350 100644
--- a/security/nss/lib/util/pkcs11p.h
+++ b/security/nss/lib/util/pkcs11p.h
@@ -13,7 +13,10 @@
* though it's still needed. put in a central file to help merging..
*/
-#if defined(_WIN32)
+#if defined(_WIN32) || defined(_WINDOWS)
+#ifdef __clang__
+#pragma clang diagnostic ignored "-Wpragma-pack"
+#endif
#ifdef _MSC_VER
#pragma warning(disable : 4103)
#endif
diff --git a/security/nss/lib/util/pkcs11u.h b/security/nss/lib/util/pkcs11u.h
index be949bcd4..64ec2fdb5 100644
--- a/security/nss/lib/util/pkcs11u.h
+++ b/security/nss/lib/util/pkcs11u.h
@@ -11,7 +11,10 @@
* reset any packing set by pkcs11p.h
*/
-#if defined(_WIN32)
+#if defined(_WIN32) || defined(_WINDOWS)
+#ifdef __clang__
+#pragma clang diagnostic ignored "-Wpragma-pack"
+#endif
#ifdef _MSC_VER
#pragma warning(disable : 4103)
#endif
diff --git a/security/nss/lib/util/pkcs11uri.c b/security/nss/lib/util/pkcs11uri.c
index 94b00171e..c29521080 100644
--- a/security/nss/lib/util/pkcs11uri.c
+++ b/security/nss/lib/util/pkcs11uri.c
@@ -674,7 +674,7 @@ PK11URI_ParseURI(const char *string)
const char *p = string;
SECStatus ret;
- if (strncmp("pkcs11:", p, 7) != 0) {
+ if (PORT_Strncasecmp("pkcs11:", p, 7) != 0) {
return NULL;
}
p += 7;
diff --git a/security/nss/lib/util/pkcs1sig.c b/security/nss/lib/util/pkcs1sig.c
index 502119aa5..68588c7f8 100644
--- a/security/nss/lib/util/pkcs1sig.c
+++ b/security/nss/lib/util/pkcs1sig.c
@@ -15,13 +15,6 @@ struct pkcs1PrefixStr {
PRUint8 *data;
};
-typedef struct pkcs1PrefixesStr pkcs1Prefixes;
-struct pkcs1PrefixesStr {
- unsigned int digestLen;
- pkcs1Prefix prefixWithParams;
- pkcs1Prefix prefixWithoutParams;
-};
-
/* The value for SGN_PKCS1_DIGESTINFO_MAX_PREFIX_LEN_EXCLUDING_OID is based on
* the possible prefix encodings as explained below.
*/
@@ -101,9 +94,8 @@ _SGN_VerifyPKCS1DigestInfo(SECOidTag digestAlg,
PRBool unsafeAllowMissingParameters)
{
SECOidData *hashOid;
- pkcs1Prefixes pp;
- const pkcs1Prefix *expectedPrefix;
- SECStatus rv, rv2, rv3;
+ pkcs1Prefix prefix;
+ SECStatus rv;
if (!digest || !digest->data ||
!dataRecoveredFromSignature || !dataRecoveredFromSignature->data) {
@@ -117,17 +109,9 @@ _SGN_VerifyPKCS1DigestInfo(SECOidTag digestAlg,
return SECFailure;
}
- pp.digestLen = digest->len;
- pp.prefixWithParams.data = NULL;
- pp.prefixWithoutParams.data = NULL;
+ prefix.data = NULL;
- rv2 = encodePrefix(hashOid, pp.digestLen, &pp.prefixWithParams, PR_TRUE);
- rv3 = encodePrefix(hashOid, pp.digestLen, &pp.prefixWithoutParams, PR_FALSE);
-
- rv = SECSuccess;
- if (rv2 != SECSuccess || rv3 != SECSuccess) {
- rv = SECFailure;
- }
+ rv = encodePrefix(hashOid, digest->len, &prefix, PR_TRUE);
if (rv == SECSuccess) {
/* We don't attempt to avoid timing attacks on these comparisons because
@@ -135,34 +119,39 @@ _SGN_VerifyPKCS1DigestInfo(SECOidTag digestAlg,
* operation.
*/
- if (dataRecoveredFromSignature->len ==
- pp.prefixWithParams.len + pp.digestLen) {
- expectedPrefix = &pp.prefixWithParams;
- } else if (unsafeAllowMissingParameters &&
- dataRecoveredFromSignature->len ==
- pp.prefixWithoutParams.len + pp.digestLen) {
- expectedPrefix = &pp.prefixWithoutParams;
- } else {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- rv = SECFailure;
+ if (dataRecoveredFromSignature->len != prefix.len + digest->len) {
+ PRBool lengthMismatch = PR_TRUE;
+#ifdef NSS_PKCS1_AllowMissingParameters
+ if (unsafeAllowMissingParameters) {
+ if (prefix.data) {
+ PORT_Free(prefix.data);
+ prefix.data = NULL;
+ }
+ rv = encodePrefix(hashOid, digest->len, &prefix, PR_FALSE);
+ if (rv != SECSuccess ||
+ dataRecoveredFromSignature->len == prefix.len + digest->len) {
+ lengthMismatch = PR_FALSE;
+ }
+ }
+#endif
+ if (lengthMismatch) {
+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+ rv = SECFailure;
+ }
}
}
if (rv == SECSuccess) {
- if (memcmp(dataRecoveredFromSignature->data, expectedPrefix->data,
- expectedPrefix->len) ||
- memcmp(dataRecoveredFromSignature->data + expectedPrefix->len,
- digest->data, digest->len)) {
+ if (memcmp(dataRecoveredFromSignature->data, prefix.data, prefix.len) ||
+ memcmp(dataRecoveredFromSignature->data + prefix.len, digest->data,
+ digest->len)) {
PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
rv = SECFailure;
}
}
- if (pp.prefixWithParams.data) {
- PORT_Free(pp.prefixWithParams.data);
- }
- if (pp.prefixWithoutParams.data) {
- PORT_Free(pp.prefixWithoutParams.data);
+ if (prefix.data) {
+ PORT_Free(prefix.data);
}
return rv;
diff --git a/security/nss/lib/util/secder.h b/security/nss/lib/util/secder.h
index dbc35807d..1b487d193 100644
--- a/security/nss/lib/util/secder.h
+++ b/security/nss/lib/util/secder.h
@@ -34,6 +34,9 @@ SEC_BEGIN_PROTOS
extern SECStatus DER_Encode(PLArenaPool *arena, SECItem *dest, DERTemplate *t,
void *src);
+/*
+** This function is deprecated.
+*/
extern SECStatus DER_Lengths(SECItem *item, int *header_len_p,
PRUint32 *contents_len_p);
diff --git a/security/nss/lib/util/secitem.c b/security/nss/lib/util/secitem.c
index 1e505a9af..cd6996178 100644
--- a/security/nss/lib/util/secitem.c
+++ b/security/nss/lib/util/secitem.c
@@ -76,10 +76,10 @@ loser:
}
SECStatus
-SECITEM_MakeItem(PLArenaPool *arena, SECItem *dest, unsigned char *data,
+SECITEM_MakeItem(PLArenaPool *arena, SECItem *dest, const unsigned char *data,
unsigned int len)
{
- SECItem it = { siBuffer, data, len };
+ SECItem it = { siBuffer, (unsigned char *)data, len };
return SECITEM_CopyItem(arena, dest, &it);
}
diff --git a/security/nss/lib/util/secitem.h b/security/nss/lib/util/secitem.h
index 4fb123938..f7a8241b5 100644
--- a/security/nss/lib/util/secitem.h
+++ b/security/nss/lib/util/secitem.h
@@ -41,7 +41,7 @@ extern SECItem *SECITEM_AllocItem(PLArenaPool *arena, SECItem *item,
* always siBuffer.
*/
extern SECStatus SECITEM_MakeItem(PLArenaPool *arena, SECItem *dest,
- unsigned char *data, unsigned int len);
+ const unsigned char *data, unsigned int len);
/*
** This is a legacy function containing bugs. It doesn't update item->len,
diff --git a/security/nss/lib/util/secoid.c b/security/nss/lib/util/secoid.c
index a05621c59..06b0cbcc4 100644
--- a/security/nss/lib/util/secoid.c
+++ b/security/nss/lib/util/secoid.c
@@ -122,7 +122,9 @@ const char __nss_util_version[] = "Version: NSS " NSSUTIL_VERSION _DEBUG_STRING;
#define VERISIGN 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x45
-#define PKIX 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07
+#define INTERNET_SECURITY_MECH 0x2b, 0x06, 0x01, 0x05, 0x05
+
+#define PKIX INTERNET_SECURITY_MECH, 0x07
#define PKIX_CERT_EXTENSIONS PKIX, 1
#define PKIX_POLICY_QUALIFIERS PKIX, 2
#define PKIX_KEY_USAGE PKIX, 3
@@ -360,6 +362,7 @@ CONST_OID x509FreshestCRL[] = { ID_CE_OID, 46 };
CONST_OID x509InhibitAnyPolicy[] = { ID_CE_OID, 54 };
CONST_OID x509CertificatePoliciesAnyPolicy[] = { ID_CE_OID, 32, 0 };
+CONST_OID x509ExtKeyUsageAnyUsage[] = { ID_CE_OID, 37, 0 };
CONST_OID x509AuthInfoAccess[] = { PKIX_CERT_EXTENSIONS, 1 };
CONST_OID x509SubjectInfoAccess[] = { PKIX_CERT_EXTENSIONS, 11 };
@@ -454,8 +457,13 @@ CONST_OID pkixExtendedKeyUsageCodeSign[] = { PKIX_KEY_USAGE, 3 };
CONST_OID pkixExtendedKeyUsageEMailProtect[] = { PKIX_KEY_USAGE, 4 };
CONST_OID pkixExtendedKeyUsageTimeStamp[] = { PKIX_KEY_USAGE, 8 };
CONST_OID pkixOCSPResponderExtendedKeyUsage[] = { PKIX_KEY_USAGE, 9 };
+/* 17 replaces 5 + 6 + 7 (declared obsolete in RFC 4945) */
+CONST_OID pkixExtendedKeyUsageIPsecIKE[] = { PKIX_KEY_USAGE, 17 };
CONST_OID msExtendedKeyUsageTrustListSigning[] = { MS_CRYPTO_EKU, 1 };
+CONST_OID ipsecIKEEnd[] = { INTERNET_SECURITY_MECH, 0x08, 0x02, 0x01 };
+CONST_OID ipsecIKEIntermediate[] = { INTERNET_SECURITY_MECH, 0x08, 0x02, 0x02 };
+
/* OIDs for Netscape defined algorithms */
CONST_OID netscapeSMimeKEA[] = { NETSCAPE_ALGS, 0x01 };
@@ -1754,6 +1762,22 @@ const static SECOidData oids[SEC_OID_TOTAL] = {
"Curve25519", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
ODE(SEC_OID_TLS13_KEA_ANY,
"TLS 1.3 fake key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ OD(x509ExtKeyUsageAnyUsage, SEC_OID_X509_ANY_EXT_KEY_USAGE,
+ "Any Extended Key Usage",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(pkixExtendedKeyUsageIPsecIKE,
+ SEC_OID_EXT_KEY_USAGE_IPSEC_IKE,
+ "IPsec IKE Certificate",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(ipsecIKEEnd,
+ SEC_OID_IPSEC_IKE_END,
+ "IPsec IKE End",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ OD(ipsecIKEIntermediate,
+ SEC_OID_IPSEC_IKE_INTERMEDIATE,
+ "IPsec IKE Intermediate",
+ CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
};
/* PRIVATE EXTENDED SECOID Table
diff --git a/security/nss/lib/util/secoidt.h b/security/nss/lib/util/secoidt.h
index 0a40f29fd..c77aeb19f 100644
--- a/security/nss/lib/util/secoidt.h
+++ b/security/nss/lib/util/secoidt.h
@@ -494,6 +494,11 @@ typedef enum {
SEC_OID_TLS13_KEA_ANY = 356,
+ SEC_OID_X509_ANY_EXT_KEY_USAGE = 357,
+ SEC_OID_EXT_KEY_USAGE_IPSEC_IKE = 358,
+ SEC_OID_IPSEC_IKE_END = 359,
+ SEC_OID_IPSEC_IKE_INTERMEDIATE = 360,
+
SEC_OID_TOTAL
} SECOidTag;
diff --git a/security/nss/lib/util/secport.c b/security/nss/lib/util/secport.c
index e5bd4c1bb..ae979ebad 100644
--- a/security/nss/lib/util/secport.c
+++ b/security/nss/lib/util/secport.c
@@ -199,9 +199,6 @@ PORT_Strdup(const char *str)
void
PORT_SetError(int value)
{
-#ifdef DEBUG_jp96085
- PORT_Assert(value != SEC_ERROR_REUSED_ISSUER_AND_SERIAL);
-#endif
PR_SetError(value, 0);
return;
}
diff --git a/security/nss/lib/util/utilpars.c b/security/nss/lib/util/utilpars.c
index e7435bfcc..f9b807f7e 100644
--- a/security/nss/lib/util/utilpars.c
+++ b/security/nss/lib/util/utilpars.c
@@ -913,6 +913,92 @@ NSSUTIL_MkModuleSpec(char *dllName, char *commonName, char *parameters,
return NSSUTIL_MkModuleSpecEx(dllName, commonName, parameters, NSS, NULL);
}
+/************************************************************************
+ * add a single flag to the Flags= section inside the spec's NSS= section */
+char *
+NSSUTIL_AddNSSFlagToModuleSpec(char *spec, char *addFlag)
+{
+ const char *prefix = "flags=";
+ const size_t prefixLen = strlen(prefix);
+ char *lib = NULL, *name = NULL, *param = NULL, *nss = NULL, *conf = NULL;
+ char *nss2 = NULL, *result = NULL;
+ SECStatus rv;
+
+ rv = NSSUTIL_ArgParseModuleSpecEx(spec, &lib, &name, ¶m, &nss, &conf);
+ if (rv != SECSuccess) {
+ return NULL;
+ }
+
+ if (nss && NSSUTIL_ArgHasFlag("flags", addFlag, nss)) {
+ /* It's already there, nothing to do! */
+ PORT_Free(lib);
+ PORT_Free(name);
+ PORT_Free(param);
+ PORT_Free(nss);
+ PORT_Free(conf);
+ return PORT_Strdup(spec);
+ }
+
+ if (!nss || !strlen(nss)) {
+ nss2 = PORT_Alloc(prefixLen + strlen(addFlag) + 1);
+ PORT_Strcpy(nss2, prefix);
+ PORT_Strcat(nss2, addFlag);
+ } else {
+ const char *iNss = nss;
+ PRBool alreadyAdded = PR_FALSE;
+ size_t maxSize = strlen(nss) + strlen(addFlag) + prefixLen + 2; /* space and null terminator */
+ nss2 = PORT_Alloc(maxSize);
+ *nss2 = 0;
+ while (*iNss) {
+ iNss = NSSUTIL_ArgStrip(iNss);
+ if (PORT_Strncasecmp(iNss, prefix, prefixLen) == 0) {
+ /* We found an existing Flags= section. */
+ char *oldFlags;
+ const char *valPtr;
+ int valSize;
+ valPtr = iNss + prefixLen;
+ oldFlags = NSSUTIL_ArgFetchValue(valPtr, &valSize);
+ iNss = valPtr + valSize;
+ PORT_Strcat(nss2, prefix);
+ PORT_Strcat(nss2, oldFlags);
+ PORT_Strcat(nss2, ",");
+ PORT_Strcat(nss2, addFlag);
+ PORT_Strcat(nss2, " ");
+ PORT_Free(oldFlags);
+ alreadyAdded = PR_TRUE;
+ iNss = NSSUTIL_ArgStrip(iNss);
+ PORT_Strcat(nss2, iNss); /* remainder of input */
+ break;
+ } else {
+ /* Append this other name=value pair and continue. */
+ const char *startOfNext = NSSUTIL_ArgSkipParameter(iNss);
+ PORT_Strncat(nss2, iNss, (startOfNext - iNss));
+ if (nss2[strlen(nss2) - 1] != ' ') {
+ PORT_Strcat(nss2, " ");
+ }
+ iNss = startOfNext;
+ }
+ iNss = NSSUTIL_ArgStrip(iNss);
+ }
+ if (!alreadyAdded) {
+ /* nss wasn't empty, and it didn't contain a Flags section. We can
+ * assume that other content from nss has already been added to
+ * nss2, which means we already have a trailing space separator. */
+ PORT_Strcat(nss2, prefix);
+ PORT_Strcat(nss2, addFlag);
+ }
+ }
+
+ result = NSSUTIL_MkModuleSpecEx(lib, name, param, nss2, conf);
+ PORT_Free(lib);
+ PORT_Free(name);
+ PORT_Free(param);
+ PORT_Free(nss);
+ PORT_Free(nss2);
+ PORT_Free(conf);
+ return result;
+}
+
#define NSSUTIL_ARG_FORTEZZA_FLAG "FORTEZZA"
/******************************************************************************
* Parse the cipher flags from the NSS parameter
diff --git a/security/nss/lib/util/utilpars.h b/security/nss/lib/util/utilpars.h
index 1b0b1ff1c..289fdca97 100644
--- a/security/nss/lib/util/utilpars.h
+++ b/security/nss/lib/util/utilpars.h
@@ -46,6 +46,7 @@ char *NSSUTIL_MkModuleSpec(char *dllName, char *commonName,
char *parameters, char *NSS);
char *NSSUTIL_MkModuleSpecEx(char *dllName, char *commonName,
char *parameters, char *NSS, char *config);
+char *NSSUTIL_AddNSSFlagToModuleSpec(char *spec, char *addFlag);
void NSSUTIL_ArgParseCipherFlags(unsigned long *newCiphers,
const char *cipherList);
char *NSSUTIL_MkNSSString(char **slotStrings, int slotCount, PRBool internal,
diff --git a/security/nss/mach b/security/nss/mach
index 715f1a9e3..178cfeb74 100644
--- a/security/nss/mach
+++ b/security/nss/mach
@@ -10,13 +10,32 @@
import sys
import argparse
+import fnmatch
import subprocess
import os
import platform
+import tempfile
+
from hashlib import sha256
+DEVNULL = open(os.devnull, 'wb')
cwd = os.path.dirname(os.path.abspath(__file__))
+def run_tests(test, cycles="standard", env={}, silent=False):
+ domsuf = os.getenv('DOMSUF', "localdomain")
+ host = os.getenv('HOST', "localhost")
+ env = env.copy()
+ env.update({
+ "NSS_TESTS": test,
+ "NSS_CYCLES": cycles,
+ "DOMSUF": domsuf,
+ "HOST": host
+ })
+ os_env = os.environ
+ os_env.update(env)
+ command = cwd + "/tests/all.sh"
+ stdout = stderr = DEVNULL if silent else None
+ subprocess.check_call(command, env=os_env, stdout=stdout, stderr=stderr)
class cfAction(argparse.Action):
docker_command = ["docker"]
@@ -103,7 +122,7 @@ class cfAction(argparse.Action):
files = []
if os.path.exists(os.path.join(cwd, '.hg')):
st = subprocess.Popen(['hg', 'status', '-m', '-a'],
- cwd=cwd, stdout=subprocess.PIPE)
+ cwd=cwd, stdout=subprocess.PIPE, universal_newlines=True)
for line in iter(st.stdout.readline, ''):
files += [line[2:].rstrip()]
elif os.path.exists(os.path.join(cwd, '.git')):
@@ -127,29 +146,63 @@ class cfAction(argparse.Action):
class buildAction(argparse.Action):
def __call__(self, parser, args, values, option_string=None):
- cwd = os.path.dirname(os.path.abspath(__file__))
subprocess.check_call([cwd + "/build.sh"] + values)
class testAction(argparse.Action):
- def runTest(self, test, cycles="standard"):
- cwd = os.path.dirname(os.path.abspath(__file__))
- domsuf = os.getenv('DOMSUF', "localdomain")
- host = os.getenv('HOST', "localhost")
+ def __call__(self, parser, args, values, option_string=None):
+ run_tests(values)
+
+
+class covAction(argparse.Action):
+
+ def runSslGtests(self, outdir):
env = {
- "NSS_TESTS": test,
- "NSS_CYCLES": cycles,
- "DOMSUF": domsuf,
- "HOST": host
+ "GTESTFILTER": "*", # Prevent parallel test runs.
+ "ASAN_OPTIONS": "coverage=1:coverage_dir=" + outdir
}
- os_env = os.environ
- os_env.update(env)
- command = cwd + "/tests/all.sh"
- subprocess.check_call(command, env=os_env)
+
+ run_tests("ssl_gtests", env=env, silent=True)
+
+ def findSanCovFile(self, outdir):
+ for file in os.listdir(outdir):
+ if fnmatch.fnmatch(file, 'ssl_gtest.*.sancov'):
+ return os.path.join(outdir, file)
+
+ return None
def __call__(self, parser, args, values, option_string=None):
- self.runTest(values)
+ outdir = args.outdir
+ print("Output directory: " + outdir)
+
+ print("\nBuild with coverage sanitizers...\n")
+ sancov_args = "edge,no-prune,trace-pc-guard,trace-cmp"
+ subprocess.check_call([
+ os.path.join(cwd, "build.sh"), "-c", "--clang", "--asan",
+ "--sancov=" + sancov_args
+ ])
+
+ print("\nRun ssl_gtests to get a coverage report...")
+ self.runSslGtests(outdir)
+ print("Done.")
+
+ sancov_file = self.findSanCovFile(outdir)
+ if not sancov_file:
+ print("Couldn't find .sancov file.")
+ sys.exit(1)
+
+ symcov_file = os.path.join(outdir, "ssl_gtest.symcov")
+ out = open(symcov_file, 'wb')
+ subprocess.check_call([
+ "sancov",
+ "-blacklist=" + os.path.join(cwd, ".sancov-blacklist"),
+ "-symbolize", sancov_file,
+ os.path.join(cwd, "../dist/Debug/bin/ssl_gtest")
+ ], stdout=out)
+ out.close()
+
+ print("\nCoverage report: " + symcov_file)
class commandsAction(argparse.Action):
@@ -194,11 +247,21 @@ def parse_arguments():
tests = [
"cipher", "lowhash", "chains", "cert", "dbtests", "tools", "fips",
"sdr", "crmf", "smime", "ssl", "ocsp", "merge", "pkits", "ec",
- "gtests", "ssl_gtests"
+ "gtests", "ssl_gtests", "bogo", "interop", "policy"
]
parser_test.add_argument(
'test', choices=tests, help="Available tests", action=testAction)
+ parser_cov = subparsers.add_parser(
+ 'coverage', help='Generate coverage report')
+ cov_modules = ["ssl_gtests"]
+ parser_cov.add_argument(
+ '--outdir', help='Output directory for coverage report data.',
+ default=tempfile.mkdtemp())
+ parser_cov.add_argument(
+ 'module', choices=cov_modules, help="Available coverage modules",
+ action=covAction)
+
parser_commands = subparsers.add_parser(
'mach-commands',
help="list commands")
diff --git a/security/nss/nss-tool/common/util.h b/security/nss/nss-tool/common/util.h
index 58fb05839..e7076336b 100644
--- a/security/nss/nss-tool/common/util.h
+++ b/security/nss/nss-tool/common/util.h
@@ -6,7 +6,7 @@
#define util_h__
#include "nspr.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include <secmodt.h>
#include <string>
diff --git a/security/nss/nss-tool/db/dbtool.cc b/security/nss/nss-tool/db/dbtool.cc
index 8c369cf05..5cd1f5608 100644
--- a/security/nss/nss-tool/db/dbtool.cc
+++ b/security/nss/nss-tool/db/dbtool.cc
@@ -4,7 +4,7 @@
#include "dbtool.h"
#include "argparse.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "util.h"
#include <iomanip>
diff --git a/security/nss/nss-tool/digest/digesttool.cc b/security/nss/nss-tool/digest/digesttool.cc
index 08c3e3ba7..5efe6390c 100644
--- a/security/nss/nss-tool/digest/digesttool.cc
+++ b/security/nss/nss-tool/digest/digesttool.cc
@@ -4,7 +4,7 @@
#include "digesttool.h"
#include "argparse.h"
-#include "scoped_ptrs.h"
+#include "nss_scoped_ptrs.h"
#include "util.h"
#include <algorithm>
diff --git a/security/nss/nss-tool/enc/enctool.h b/security/nss/nss-tool/enc/enctool.h
index 5a6a5a164..f2296bb26 100644
--- a/security/nss/nss-tool/enc/enctool.h
+++ b/security/nss/nss-tool/enc/enctool.h
@@ -8,8 +8,8 @@
#include <string>
#include <vector>
#include "argparse.h"
+#include "nss_scoped_ptrs.h"
#include "prerror.h"
-#include "scoped_ptrs.h"
#include "tool.h"
class EncTool : public Tool {
diff --git a/security/nss/nss.gyp b/security/nss/nss.gyp
index 36b0dd974..18fa92f12 100644
--- a/security/nss/nss.gyp
+++ b/security/nss/nss.gyp
@@ -5,115 +5,133 @@
'includes': [
'coreconf/config.gypi'
],
- 'targets': [
- {
- 'target_name': 'nss_libs',
- 'type': 'none',
- 'dependencies': [
- 'lib/ckfw/builtins/builtins.gyp:nssckbi',
- 'lib/freebl/freebl.gyp:freebl3',
- 'lib/softoken/softoken.gyp:softokn3',
- ],
- 'conditions': [
- [ 'moz_fold_libs==0', {
- 'dependencies': [
- 'lib/nss/nss.gyp:nss3',
- 'lib/smime/smime.gyp:smime3',
- 'lib/sqlite/sqlite.gyp:sqlite3',
- 'lib/ssl/ssl.gyp:ssl3',
- 'lib/util/util.gyp:nssutil3',
- ],
- }],
- [ 'OS=="linux"', {
+ 'conditions': [
+ [ 'mozpkix_only==0', {
+ 'targets': [
+ {
+ 'target_name': 'nss_libs',
+ 'type': 'none',
'dependencies': [
- 'lib/freebl/freebl.gyp:freeblpriv3',
- 'lib/sysinit/sysinit.gyp:nsssysinit',
+ 'lib/ckfw/builtins/builtins.gyp:nssckbi',
+ 'lib/freebl/freebl.gyp:freebl3',
+ 'lib/softoken/softoken.gyp:softokn3',
],
- }],
- [ 'disable_dbm==0', {
- 'dependencies': [
- 'lib/softoken/legacydb/legacydb.gyp:nssdbm3',
+ 'conditions': [
+ [ 'moz_fold_libs==0', {
+ 'dependencies': [
+ 'lib/nss/nss.gyp:nss3',
+ 'lib/smime/smime.gyp:smime3',
+ 'lib/sqlite/sqlite.gyp:sqlite3',
+ 'lib/ssl/ssl.gyp:ssl3',
+ 'lib/util/util.gyp:nssutil3',
+ ],
+ }],
+ [ 'OS=="linux"', {
+ 'dependencies': [
+ 'lib/freebl/freebl.gyp:freeblpriv3',
+ 'lib/sysinit/sysinit.gyp:nsssysinit',
+ ],
+ }],
+ [ 'disable_dbm==0', {
+ 'dependencies': [
+ 'lib/softoken/legacydb/legacydb.gyp:nssdbm3',
+ ],
+ }],
],
- }],
- ],
- },
- {
- 'target_name': 'nss_static_libs',
- 'type': 'none',
- 'dependencies': [
- 'cmd/lib/lib.gyp:sectool',
- 'lib/base/base.gyp:nssb',
- 'lib/certdb/certdb.gyp:certdb',
- 'lib/certhigh/certhigh.gyp:certhi',
- 'lib/ckfw/ckfw.gyp:nssckfw',
- 'lib/crmf/crmf.gyp:crmf',
- 'lib/cryptohi/cryptohi.gyp:cryptohi',
- 'lib/dev/dev.gyp:nssdev',
- 'lib/freebl/freebl.gyp:freebl',
- 'lib/jar/jar.gyp:jar',
- 'lib/nss/nss.gyp:nss_static',
- 'lib/pk11wrap/pk11wrap.gyp:pk11wrap',
- 'lib/pkcs12/pkcs12.gyp:pkcs12',
- 'lib/pkcs7/pkcs7.gyp:pkcs7',
- 'lib/pki/pki.gyp:nsspki',
- 'lib/smime/smime.gyp:smime',
- 'lib/softoken/softoken.gyp:softokn',
- 'lib/ssl/ssl.gyp:ssl',
- 'lib/util/util.gyp:nssutil',
- 'lib/libpkix/libpkix.gyp:libpkix',
- ],
- 'conditions': [
- [ 'OS=="linux"', {
+ },
+ {
+ 'target_name': 'nss_static_libs',
+ 'type': 'none',
'dependencies': [
- 'lib/sysinit/sysinit.gyp:nsssysinit_static',
+ 'cmd/lib/lib.gyp:sectool',
+ 'lib/base/base.gyp:nssb',
+ 'lib/certdb/certdb.gyp:certdb',
+ 'lib/certhigh/certhigh.gyp:certhi',
+ 'lib/ckfw/ckfw.gyp:nssckfw',
+ 'lib/crmf/crmf.gyp:crmf',
+ 'lib/cryptohi/cryptohi.gyp:cryptohi',
+ 'lib/dev/dev.gyp:nssdev',
+ 'lib/freebl/freebl.gyp:freebl',
+ 'lib/jar/jar.gyp:jar',
+ 'lib/libpkix/libpkix.gyp:libpkix',
+ # mozpkix and mozpkix-testlib are static C++ libs
+ 'lib/mozpkix/mozpkix.gyp:mozpkix',
+ 'lib/mozpkix/mozpkix.gyp:mozpkix-testlib',
+ 'lib/nss/nss.gyp:nss_static',
+ 'lib/pk11wrap/pk11wrap.gyp:pk11wrap',
+ 'lib/pkcs12/pkcs12.gyp:pkcs12',
+ 'lib/pkcs7/pkcs7.gyp:pkcs7',
+ 'lib/pki/pki.gyp:nsspki',
+ 'lib/smime/smime.gyp:smime',
+ 'lib/softoken/softoken.gyp:softokn',
+ 'lib/ssl/ssl.gyp:ssl',
+ 'lib/util/util.gyp:nssutil',
],
- }],
- [ 'disable_dbm==0', {
- 'dependencies': [
- 'lib/dbm/src/src.gyp:dbm',
- 'lib/softoken/legacydb/legacydb.gyp:nssdbm',
+ 'conditions': [
+ [ 'OS=="linux"', {
+ 'dependencies': [
+ 'lib/sysinit/sysinit.gyp:nsssysinit_static',
+ ],
+ }],
+ [ 'disable_dbm==0', {
+ 'dependencies': [
+ 'lib/dbm/src/src.gyp:dbm',
+ 'lib/softoken/legacydb/legacydb.gyp:nssdbm',
+ ],
+ }],
+ [ 'use_system_sqlite==0', {
+ 'dependencies': [
+ 'lib/sqlite/sqlite.gyp:sqlite',
+ ],
+ }],
+ [ 'moz_fold_libs==1', {
+ 'dependencies': [
+ 'lib/nss/nss.gyp:nss3_static',
+ 'lib/smime/smime.gyp:smime3_static',
+ ],
+ }],
],
- }],
- [ 'use_system_sqlite==0', {
+ },
+ {
+ 'target_name': 'nss_cmds',
+ 'type': 'none',
'dependencies': [
- 'lib/sqlite/sqlite.gyp:sqlite',
+ 'cmd/certutil/certutil.gyp:certutil',
+ 'cmd/modutil/modutil.gyp:modutil',
+ 'cmd/pk12util/pk12util.gyp:pk12util',
+ 'cmd/shlibsign/shlibsign.gyp:shlibsign',
],
- }],
- [ 'moz_fold_libs==1', {
- 'dependencies': [
- 'lib/nss/nss.gyp:nss3_static',
- 'lib/smime/smime.gyp:smime3_static',
+ 'conditions': [
+ [ 'mozilla_client==0', {
+ 'dependencies': [
+ 'cmd/crlutil/crlutil.gyp:crlutil',
+ 'cmd/pwdecrypt/pwdecrypt.gyp:pwdecrypt',
+ 'cmd/signtool/signtool.gyp:signtool',
+ 'cmd/signver/signver.gyp:signver',
+ 'cmd/smimetools/smimetools.gyp:cmsutil',
+ 'cmd/ssltap/ssltap.gyp:ssltap',
+ 'cmd/symkeyutil/symkeyutil.gyp:symkeyutil',
+ 'nss-tool/nss_tool.gyp:nss',
+ 'nss-tool/nss_tool.gyp:hw-support',
+ ],
+ }],
],
- }],
- ],
- },
- {
- 'target_name': 'nss_cmds',
- 'type': 'none',
- 'dependencies': [
- 'cmd/certutil/certutil.gyp:certutil',
- 'cmd/modutil/modutil.gyp:modutil',
- 'cmd/pk12util/pk12util.gyp:pk12util',
- 'cmd/shlibsign/shlibsign.gyp:shlibsign',
+ },
],
- 'conditions': [
- [ 'mozilla_client==0', {
+ }, { # else, i.e. mozpkix_only==1
+ # Build only mozpkix.
+ 'targets': [
+ {
+ 'target_name': 'nss_mozpkix_libs',
+ 'type': 'none',
'dependencies': [
- 'cmd/crlutil/crlutil.gyp:crlutil',
- 'cmd/pwdecrypt/pwdecrypt.gyp:pwdecrypt',
- 'cmd/signtool/signtool.gyp:signtool',
- 'cmd/signver/signver.gyp:signver',
- 'cmd/smimetools/smimetools.gyp:cmsutil',
- 'cmd/ssltap/ssltap.gyp:ssltap',
- 'cmd/symkeyutil/symkeyutil.gyp:symkeyutil',
- 'nss-tool/nss_tool.gyp:nss',
- 'nss-tool/nss_tool.gyp:hw-support',
+ # mozpkix and mozpkix-testlib are static C++ libs
+ 'lib/mozpkix/mozpkix.gyp:mozpkix',
+ 'lib/mozpkix/mozpkix.gyp:mozpkix-testlib',
],
- }],
+ },
],
- },
- ],
- 'conditions': [
+ }],
[ 'disable_tests==0', {
'targets': [
{
@@ -135,6 +153,7 @@
'cmd/listsuites/listsuites.gyp:listsuites',
'cmd/makepqg/makepqg.gyp:makepqg',
'cmd/multinit/multinit.gyp:multinit',
+ 'cmd/nss-policy-check/nss-policy-check.gyp:nss-policy-check',
'cmd/ocspclnt/ocspclnt.gyp:ocspclnt',
'cmd/ocspresp/ocspresp.gyp:ocspresp',
'cmd/oidcalc/oidcalc.gyp:oidcalc',
@@ -169,11 +188,12 @@
'gtests/certdb_gtest/certdb_gtest.gyp:certdb_gtest',
'gtests/freebl_gtest/freebl_gtest.gyp:prng_gtest',
'gtests/freebl_gtest/freebl_gtest.gyp:blake2b_gtest',
+ 'gtests/mozpkix_gtest/mozpkix_gtest.gyp:mozpkix_gtest',
+ 'gtests/nss_bogo_shim/nss_bogo_shim.gyp:nss_bogo_shim',
'gtests/pk11_gtest/pk11_gtest.gyp:pk11_gtest',
'gtests/softoken_gtest/softoken_gtest.gyp:softoken_gtest',
'gtests/ssl_gtest/ssl_gtest.gyp:ssl_gtest',
'gtests/util_gtest/util_gtest.gyp:util_gtest',
- 'gtests/nss_bogo_shim/nss_bogo_shim.gyp:nss_bogo_shim',
],
'conditions': [
[ 'OS=="linux"', {
diff --git a/security/nss/readme.md b/security/nss/readme.md
index 17b99e805..67eca19fb 100644
--- a/security/nss/readme.md
+++ b/security/nss/readme.md
@@ -97,7 +97,7 @@ e.g. `NSS_TESTS=ssl_gtests ./all.sh` or by changing into the according directory
and running the bash script there `cd ssl_gtests && ./ssl_gtests.sh`. The
following tests are available:
- cipher lowhash libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains ec gtests ssl_gtests bogo
+ cipher lowhash libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains ec gtests ssl_gtests bogo policy
To make tests run faster it's recommended to set `NSS_CYCLES=standard` to run
only the standard cycle.
diff --git a/security/nss/tests/all.sh b/security/nss/tests/all.sh
index f8a777fb3..5ad0b522e 100755
--- a/security/nss/tests/all.sh
+++ b/security/nss/tests/all.sh
@@ -37,10 +37,13 @@
# memleak.sh - memory leak testing (optional)
# ssl_gtests.sh- Gtest based unit tests for ssl
# gtests.sh - Gtest based unit tests for everything else
+# policy.sh - Crypto Policy tests
# bogo.sh - Bogo interop tests (disabled by default)
# https://boringssl.googlesource.com/boringssl/+/master/ssl/test/PORTING.md
# interop.sh - Interoperability tests (disabled by default)
# https://github.com/ekr/tls_interop
+# tlsfuzzer.sh - tlsfuzzer interop tests (disabled by default)
+# https://github.com/tomato42/tlsfuzzer/
#
# NSS testing is now devided to 4 cycles:
# ---------------------------------------
@@ -300,7 +303,7 @@ if [ $NO_INIT_SUPPORT -eq 0 ]; then
RUN_FIPS="fips"
fi
-tests="cipher lowhash libpkix cert dbtests tools $RUN_FIPS sdr crmf smime ssl ocsp merge pkits ec gtests ssl_gtests"
+tests="cipher lowhash libpkix cert dbtests tools $RUN_FIPS sdr crmf smime ssl ocsp merge pkits ec gtests ssl_gtests policy"
# Don't run chains tests when we have a gyp build.
if [ "$OBJDIR" != "Debug" -a "$OBJDIR" != "Release" ]; then
tests="$tests chains"
@@ -315,7 +318,7 @@ if [ $NO_INIT_SUPPORT -eq 0 ]; then
fi
NSS_SSL_TESTS="${NSS_SSL_TESTS:-$nss_ssl_tests}"
-nss_ssl_run="cov auth stapling stress"
+nss_ssl_run="cov auth stapling signed_cert_timestamps stress scheme"
NSS_SSL_RUN="${NSS_SSL_RUN:-$nss_ssl_run}"
# NOTE:
diff --git a/security/nss/tests/bogo/bogo.sh b/security/nss/tests/bogo/bogo.sh
index 4fccb845b..e3e9c32df 100755
--- a/security/nss/tests/bogo/bogo.sh
+++ b/security/nss/tests/bogo/bogo.sh
@@ -25,7 +25,7 @@ bogo_init()
BORING=${BORING:=boringssl}
if [ ! -d "$BORING" ]; then
git clone -q https://boringssl.googlesource.com/boringssl "$BORING"
- git -C "$BORING" checkout -q ec55dc15d3a39e5f1a58bfd79148729f38f6acb4
+ git -C "$BORING" checkout -q 7f4f41fa81c03e0f8ef1ab5b3d1d566b5968f107
fi
SCRIPTNAME="bogo.sh"
@@ -39,9 +39,9 @@ bogo_cleanup()
. common/cleanup.sh
}
-cd ../
-cwd=$(cd $(dirname $0); pwd -P)
-SOURCE_DIR="$cwd"/..
+cd "$(dirname "$0")"
+cwd=$(pwd -P)
+SOURCE_DIR="$(cd "$cwd"/../..; pwd -P)"
bogo_init
(cd "$BORING"/ssl/test/runner;
GOPATH="$cwd" go test -pipe -shim-path "${BINDIR}"/nss_bogo_shim \
diff --git a/security/nss/tests/cert/TestUser-rsa-pss-interop.p12 b/security/nss/tests/cert/TestUser-rsa-pss-interop.p12
new file mode 100644
index 000000000..f0e8d24d6
Binary files /dev/null and b/security/nss/tests/cert/TestUser-rsa-pss-interop.p12 differ
diff --git a/security/nss/tests/cert/cert.sh b/security/nss/tests/cert/cert.sh
index 34006efd1..b74de9be5 100755
--- a/security/nss/tests/cert/cert.sh
+++ b/security/nss/tests/cert/cert.sh
@@ -448,6 +448,27 @@ cert_add_cert()
fi
cert_log "SUCCESS: $CERTNAME's mixed EC Cert Created"
+ echo "Importing RSA-PSS server certificate"
+ pk12u -i ${QADIR}/cert/TestUser-rsa-pss-interop.p12 -k ${R_PWFILE} -w ${R_PWFILE} -d ${PROFILEDIR}
+ # Let's get the key ID of the imported private key.
+ KEYID=`${BINDIR}/certutil -d ${PROFILEDIR} -K -f ${R_PWFILE} | \
+ grep 'TestUser-rsa-pss-interop$' | sed -n 's/^<.*> [^ ]\{1,\} *\([^ ]\{1,\}\).*/\1/p'`
+
+ CU_ACTION="Generate RSA-PSS Cert Request for $CERTNAME"
+ CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}-rsa-pss@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
+ certu -R -d "${PROFILEDIR}" -k ${KEYID} -f "${R_PWFILE}" \
+ -z "${R_NOISE_FILE}" -o req 2>&1
+
+ CU_ACTION="Sign ${CERTNAME}'s RSA-PSS Request"
+ NEWSERIAL=`expr ${CERTSERIAL} + 30000`
+ certu -C -c "TestCA" -m "$NEWSERIAL" -v 60 -d "${P_R_CADIR}" \
+ -i req -o "${CERTNAME}-rsa-pss.cert" -f "${R_PWFILE}" "$1" 2>&1
+
+ CU_ACTION="Import $CERTNAME's RSA-PSS Cert -t u,u,u"
+ certu -A -n "$CERTNAME-rsa-pss" -t "u,u,u" -d "${PROFILEDIR}" -f "${R_PWFILE}" \
+ -i "${CERTNAME}-rsa-pss.cert" 2>&1
+ cert_log "SUCCESS: $CERTNAME's RSA-PSS Cert Created"
+
return 0
}
@@ -2103,6 +2124,23 @@ cert_test_implicit_db_init()
certu -A -n ca -t 'C,C,C' -d ${P_R_IMPLICIT_INIT_DIR} -i "${SERVER_CADIR}/serverCA.ca.cert"
}
+cert_test_token_uri()
+{
+ echo "$SCRIPTNAME: specify token with PKCS#11 URI"
+
+ CERTIFICATE_DB_URI=`${BINDIR}/certutil -U -f "${R_PWFILE}" -d ${P_R_SERVERDIR} | sed -n 's/^ *uri: \(.*NSS%20Certificate%20DB.*\)/\1/p'`
+ BUILTIN_OBJECTS_URI=`${BINDIR}/certutil -U -f "${R_PWFILE}" -d ${P_R_SERVERDIR} | sed -n 's/^ *uri: \(.*Builtin%20Object%20Token.*\)/\1/p'`
+
+ CU_ACTION="List keys in NSS Certificate DB"
+ certu -K -f "${R_PWFILE}" -d ${P_R_SERVERDIR} -h ${CERTIFICATE_DB_URI}
+
+ # This token shouldn't have any keys
+ CU_ACTION="List keys in NSS Builtin Objects"
+ RETEXPECTED=255
+ certu -K -f "${R_PWFILE}" -d ${P_R_SERVERDIR} -h ${BUILTIN_OBJECTS_URI}
+ RETEXPECTED=0
+}
+
check_sign_algo()
{
certu -L -n "$CERTNAME" -d "${PROFILEDIR}" -f "${R_PWFILE}" | \
@@ -2475,6 +2513,29 @@ EOF
RETEXPECTED=0
}
+cert_test_orphan_key_delete()
+{
+ CU_ACTION="Create orphan key in serverdir"
+ certu -G -k ec -q nistp256 -f "${R_PWFILE}" -z ${R_NOISE_FILE} -d ${PROFILEDIR}
+ # Let's get the key ID of the first orphan key.
+ # The output of certutil -K (list keys) isn't well formatted.
+ # The initial <key-number> part may or may not contain white space, which
+ # makes the use of awk to filter the column unreliable.
+ # To fix that, we remove the initial <number> field using sed, then select the
+ # column that contains the key ID.
+ ORPHAN=`${BINDIR}/certutil -d ${PROFILEDIR} -K -f ${R_PWFILE} | \
+ sed 's/^<.*>//g' | grep -w orphan | head -1 | awk '{print $2}'`
+ CU_ACTION="Delete orphan key"
+ certu -F -f "${R_PWFILE}" -k ${ORPHAN} -d ${PROFILEDIR}
+ # Ensure that the key is removed
+ certu -K -f "${R_PWFILE}" -d ${PROFILEDIR} | grep ${ORPHAN}
+ RET=$?
+ if [ "$RET" -eq 0 ]; then
+ html_failed "Deleting orphan key ($RET)"
+ cert_log "ERROR: Deleting orphan key failed $RET"
+ fi
+}
+
cert_test_orphan_key_reuse()
{
CU_ACTION="Create orphan key in serverdir"
@@ -2500,6 +2561,43 @@ cert_test_orphan_key_reuse()
fi
}
+cert_test_rsapss_policy()
+{
+ CERTSERIAL=`expr $CERTSERIAL + 1`
+
+ CERTNAME="TestUser-rsa-pss-policy"
+
+ # Subject certificate: RSA-PSS
+ # Issuer certificate: RSA
+ # Signature: RSA-PSS (explicit, with --pss-sign and -Z SHA1)
+ CU_ACTION="Generate Cert Request for $CERTNAME"
+ CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
+ certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" --pss -o req 2>&1
+
+ CU_ACTION="Sign ${CERTNAME}'s Request"
+ certu -C -c "TestCA" --pss-sign -Z SHA1 -m "${CERTSERIAL}" -v 60 -d "${P_R_CADIR}" \
+ -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1
+
+ CU_ACTION="Import $CERTNAME's Cert"
+ certu -A -n "$CERTNAME" -t ",," -d "${PROFILEDIR}" -f "${R_PWFILE}" \
+ -i "${CERTNAME}.cert" 2>&1
+
+ CU_ACTION="Verify $CERTNAME's Cert"
+ certu -V -n "TestUser-rsa-pss-policy" -u V -V -e -d "${PROFILEDIR}" -f "${R_PWFILE}"
+
+ CU_ACTION="Verify $CERTNAME's Cert with Policy"
+ cp ${PROFILEDIR}/pkcs11.txt pkcs11.txt.orig
+ cat >> ${PROFILEDIR}/pkcs11.txt << ++EOF++
+library=
+name=Policy
+config="disallow=SHA1"
+++EOF++
+ RETEXPECTED=255
+ certu -V -n "TestUser-rsa-pss-policy" -u V -V -e -d "${PROFILEDIR}" -f "${R_PWFILE}"
+ RETEXPECTED=0
+ cp pkcs11.txt.orig ${PROFILEDIR}/pkcs11.txt
+}
+
############################## cert_cleanup ############################
# local shell function to finish this script (no exit since it might be
# sourced)
@@ -2519,6 +2617,7 @@ cert_all_CA
cert_test_implicit_db_init
cert_extended_ssl
cert_ssl
+cert_test_orphan_key_delete
cert_test_orphan_key_reuse
cert_smime_client
IS_FIPS_DISABLED=`certutil --build-flags |grep -cw NSS_FIPS_DISABLED`
@@ -2534,6 +2633,10 @@ cert_test_password
cert_test_distrust
cert_test_ocspresp
cert_test_rsapss
+if [ "${TEST_MODE}" = "SHARED_DB" ] ; then
+ cert_test_rsapss_policy
+fi
+cert_test_token_uri
if [ -z "$NSS_TEST_DISABLE_CRL" ] ; then
cert_crl_ssl
diff --git a/security/nss/tests/chains/chains.sh b/security/nss/tests/chains/chains.sh
index 4c3fa57a0..32c7ef54c 100755
--- a/security/nss/tests/chains/chains.sh
+++ b/security/nss/tests/chains/chains.sh
@@ -51,13 +51,13 @@ is_httpserv_alive()
wait_for_httpserv()
{
echo "trying to connect to httpserv at `date`"
- echo "tstclnt -p ${NSS_AIA_PORT} -h ${HOSTADDR} -q -v"
- ${BINDIR}/tstclnt -p ${NSS_AIA_PORT} -h ${HOSTADDR} -q -v
+ echo "tstclnt -4 -p ${NSS_AIA_PORT} -h ${HOSTADDR} -q -v"
+ ${BINDIR}/tstclnt -4 -p ${NSS_AIA_PORT} -h ${HOSTADDR} -q -v
if [ $? -ne 0 ]; then
sleep 5
echo "retrying to connect to httpserv at `date`"
- echo "tstclnt -p ${NSS_AIA_PORT} -h ${HOSTADDR} -q -v"
- ${BINDIR}/tstclnt -p ${NSS_AIA_PORT} -h ${HOSTADDR} -q -v
+ echo "tstclnt -4 -p ${NSS_AIA_PORT} -h ${HOSTADDR} -q -v"
+ ${BINDIR}/tstclnt -4 -p ${NSS_AIA_PORT} -h ${HOSTADDR} -q -v
if [ $? -ne 0 ]; then
html_failed "Waiting for Server"
fi
@@ -351,6 +351,12 @@ create_cert_req()
EXT_DATA="y
-1
y
+"
+ else
+ CA_FLAG="-2"
+ EXT_DATA="n
+-1
+y
"
fi
@@ -974,8 +980,8 @@ check_ocsp()
OCSP_HOST=$(${BINDIR}/pp -w -t certificate -i ${CERT_FILE} | grep URI | sed "s/.*:\/\///" | sed "s/:.*//")
OCSP_PORT=$(${BINDIR}/pp -w -t certificate -i ${CERT_FILE} | grep URI | sed "s/^.*:.*:\/\/.*:\([0-9]*\).*$/\1/")
- echo "tstclnt -h ${OCSP_HOST} -p ${OCSP_PORT} -q -t 20"
- tstclnt -h ${OCSP_HOST} -p ${OCSP_PORT} -q -t 20
+ echo "tstclnt -4 -h ${OCSP_HOST} -p ${OCSP_PORT} -q -t 20"
+ tstclnt -4 -h ${OCSP_HOST} -p ${OCSP_PORT} -q -t 20
return $?
}
@@ -1258,6 +1264,12 @@ process_scenario()
rm ${AIA_FILES}
}
+# process ipsec.cfg separately
+chains_ipsec()
+{
+ process_scenario "ipsec.cfg"
+}
+
# process ocspd.cfg separately
chains_ocspd()
{
@@ -1279,6 +1291,7 @@ chains_main()
do
[ `echo ${LINE} | cut -b 1` != "#" ] || continue
+ [ ${LINE} != 'ipsec.cfg' ] || continue
[ ${LINE} != 'ocspd.cfg' ] || continue
[ ${LINE} != 'method.cfg' ] || continue
@@ -1292,6 +1305,7 @@ chains_init
VERIFY_CLASSIC_ENGINE_TOO=
chains_ocspd
VERIFY_CLASSIC_ENGINE_TOO=1
+chains_ipsec
chains_run_httpserv get
chains_method
chains_stop_httpserv
diff --git a/security/nss/tests/chains/scenarios/ipsec.cfg b/security/nss/tests/chains/scenarios/ipsec.cfg
new file mode 100644
index 000000000..811bf9c09
--- /dev/null
+++ b/security/nss/tests/chains/scenarios/ipsec.cfg
@@ -0,0 +1,61 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+scenario IPsec
+
+entity Root
+ type Root
+
+entity CA1
+ type Intermediate
+ issuer Root
+
+entity NoKU
+ type EE
+ issuer CA1
+
+entity DigSig
+ type EE
+ issuer CA1
+ ku digitalSignature
+
+entity NonRep
+ type EE
+ issuer CA1
+ ku nonRepudiation
+
+entity DigSigNonRepAndExtra
+ type EE
+ issuer CA1
+ ku digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement
+
+entity NoMatch
+ type EE
+ issuer CA1
+ ku keyEncipherment,dataEncipherment,keyAgreement
+
+db All
+
+import Root::C,,
+import CA1:Root:
+
+verify NoKU:CA1
+ usage 12
+ result pass
+
+verify DigSig:CA1
+ usage 12
+ result pass
+
+verify NonRep:CA1
+ usage 12
+ result pass
+
+verify DigSigNonRepAndExtra:CA1
+ usage 12
+ result pass
+
+verify NoMatch:CA1
+ usage 12
+ result fail
diff --git a/security/nss/tests/chains/scenarios/realcerts.cfg b/security/nss/tests/chains/scenarios/realcerts.cfg
index d2a8c7143..305443fc3 100644
--- a/security/nss/tests/chains/scenarios/realcerts.cfg
+++ b/security/nss/tests/chains/scenarios/realcerts.cfg
@@ -21,7 +21,7 @@ verify TestUser51:x
result pass
verify PayPalEE:x
- policy OID.2.16.840.1.114412.1.1
+ policy OID.2.16.840.1.114412.2.1
result pass
verify BrAirWaysBadSig:x
diff --git a/security/nss/tests/chains/scenarios/scenarios b/security/nss/tests/chains/scenarios/scenarios
index d26c3f92e..4eafd9c8d 100644
--- a/security/nss/tests/chains/scenarios/scenarios
+++ b/security/nss/tests/chains/scenarios/scenarios
@@ -22,3 +22,4 @@ ocsp.cfg
crldp.cfg
trustanchors.cfg
nameconstraints.cfg
+ipsec.cfg
diff --git a/security/nss/tests/common/certsetup.sh b/security/nss/tests/common/certsetup.sh
new file mode 100644
index 000000000..2b5cef840
--- /dev/null
+++ b/security/nss/tests/common/certsetup.sh
@@ -0,0 +1,57 @@
+# Generate input to certutil
+certscript() {
+ ca=n
+ while [ $# -gt 0 ]; do
+ case $1 in
+ sign) echo 0 ;;
+ kex) echo 2 ;;
+ ca) echo 5;echo 6;ca=y ;;
+ esac; shift
+ done;
+ echo 9
+ echo n
+ echo $ca
+ echo
+ echo n
+}
+
+# $1: name
+# $2: type
+# $3+: usages: sign or kex
+make_cert() {
+ name=$1
+ type=$2
+
+ # defaults
+ type_args=()
+ trust=',,'
+ sign=(-x)
+ sighash=(-Z SHA256)
+
+ case $type in
+ dsa) type_args=(-g 1024) ;;
+ rsa) type_args=(-g 1024) ;;
+ rsa2048) type_args=(-g 2048);type=rsa ;;
+ rsa8192) type_args=(-g 8192);type=rsa ;;
+ rsapss) type_args=(-g 1024 --pss);type=rsa ;;
+ rsapss384) type_args=(-g 1024 --pss);type=rsa;sighash=(-Z SHA384) ;;
+ rsapss512) type_args=(-g 2048 --pss);type=rsa;sighash=(-Z SHA512) ;;
+ rsapss_noparam) type_args=(-g 2048 --pss);type=rsa;sighash=() ;;
+ p256) type_args=(-q nistp256);type=ec ;;
+ p384) type_args=(-q secp384r1);type=ec ;;
+ p521) type_args=(-q secp521r1);type=ec ;;
+ rsa_ca) type_args=(-g 1024);trust='CT,CT,CT';type=rsa ;;
+ rsa_chain) type_args=(-g 1024);sign=(-c rsa_ca);type=rsa;;
+ rsapss_ca) type_args=(-g 1024 --pss);trust='CT,CT,CT';type=rsa ;;
+ rsapss_chain) type_args=(-g 1024);sign=(-c rsa_pss_ca);type=rsa;;
+ rsa_ca_rsapss_chain) type_args=(-g 1024 --pss-sign);sign=(-c rsa_ca);type=rsa;;
+ ecdh_rsa) type_args=(-q nistp256);sign=(-c rsa_ca);type=ec ;;
+ esac
+ shift 2
+ counter=$(($counter + 1))
+ certscript $@ | ${BINDIR}/certutil -S \
+ -z ${R_NOISE_FILE} -d "${PROFILEDIR}" \
+ -n $name -s "CN=$name" -t "$trust" "${sign[@]}" -m "$counter" \
+ -w -2 -v 120 -k "$type" "${type_args[@]}" "${sighash[@]}" -1 -2
+ html_msg $? 0 "create certificate: $@"
+}
diff --git a/security/nss/tests/common/init.sh b/security/nss/tests/common/init.sh
index 6aa22af8d..2896f1321 100644
--- a/security/nss/tests/common/init.sh
+++ b/security/nss/tests/common/init.sh
@@ -356,40 +356,34 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
#HOST and DOMSUF are needed for the server cert
- DOMAINNAME=`which domainname`
- if [ -z "${DOMSUF}" -a $? -eq 0 -a -n "${DOMAINNAME}" ]; then
+ if [ -z "$DOMSUF" ] && hash domainname 2>/dev/null; then
DOMSUF=`domainname`
fi
+ # hostname -d and domainname both return (none) if hostname doesn't
+ # include a dot. Pretend we didn't get an answer.
+ if [ "$DOMSUF" = "(none)" ]; then
+ DOMSUF=
+ fi
- case $HOST in
+ if [ -z "$HOST" ]; then
+ HOST=`uname -n`
+ fi
+ case "$HOST" in
*\.*)
- if [ -z "${DOMSUF}" ]; then
- DOMSUF=`echo $HOST | sed -e "s/^[^.]*\.//"`
+ if [ -z "$DOMSUF" ]; then
+ DOMSUF="${HOST#*.}"
fi
- HOST=`echo $HOST | sed -e "s/\..*//"`
+ HOST="${HOST%%.*}"
;;
?*)
;;
*)
- HOST=`uname -n`
- case $HOST in
- *\.*)
- if [ -z "${DOMSUF}" ]; then
- DOMSUF=`echo $HOST | sed -e "s/^[^.]*\.//"`
- fi
- HOST=`echo $HOST | sed -e "s/\..*//"`
- ;;
- ?*)
- ;;
- *)
- echo "$SCRIPTNAME: Fatal HOST environment variable is not defined."
- exit 1 #does not need to be Exit, very early in script
- ;;
- esac
+ echo "$SCRIPTNAME: Fatal HOST environment variable is not defined."
+ exit 1 #does not need to be Exit, very early in script
;;
esac
- if [ -z "${DOMSUF}" -a "${OS_ARCH}" != "Android" ]; then
+ if [ -z "$DOMSUF" -a "$OS_ARCH" != "Android" ]; then
echo "$SCRIPTNAME: Fatal DOMSUF env. variable is not defined."
exit 1 #does not need to be Exit, very early in script
fi
@@ -397,8 +391,8 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
#HOSTADDR was a workaround for the dist. stress test, and is probably
#not needed anymore (purpose: be able to use IP address for the server
#cert instead of PC name which was not in the DNS because of dyn IP address
- if [ -z "$USE_IP" -o "$USE_IP" != "TRUE" ] ; then
- if [ -z "${DOMSUF}" ]; then
+ if [ "$USE_IP" != "TRUE" ] ; then
+ if [ -z "$DOMSUF" ]; then
HOSTADDR=${HOST}
else
HOSTADDR=${HOST}.${DOMSUF}
@@ -595,7 +589,7 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
P_R_EXT_SERVERDIR="multiaccess:${D_EXT_SERVER}"
P_R_EXT_CLIENTDIR="multiaccess:${D_EXT_CLIENT}"
P_R_IMPLICIT_INIT_DIR="multiaccess:${D_IMPLICIT_INIT}"
- P_R_RSAPSSDIR="multiaccess:${D_RSAPSS}"
+ P_R_RSAPSSDIR="multiaccess:${D_RSAPSS}"
fi
R_PWFILE=../tests.pw
diff --git a/security/nss/tests/interop/interop.sh b/security/nss/tests/interop/interop.sh
index 50c8bb3c1..18737c726 100644
--- a/security/nss/tests/interop/interop.sh
+++ b/security/nss/tests/interop/interop.sh
@@ -24,8 +24,8 @@ interop_init()
cd "${HOSTDIR}/interop"
INTEROP=${INTEROP:=tls_interop}
if [ ! -d "$INTEROP" ]; then
- git clone -q https://github.com/ttaubert/tls-interop "$INTEROP"
- git -C "$INTEROP" checkout -q d07b28ac32b390dea1c9bcca5c56716247d23e5e
+ git clone -q https://github.com/mozilla/tls-interop "$INTEROP"
+ git -C "$INTEROP" checkout -q c00685aa953c49f1e844e614746aadc783e81b19
fi
INTEROP=$(cd "$INTEROP";pwd -P)
@@ -33,9 +33,34 @@ interop_init()
BORING=${BORING:=boringssl}
if [ ! -d "$BORING" ]; then
git clone -q https://boringssl.googlesource.com/boringssl "$BORING"
- git -C "$BORING" checkout -q ea80f9d5df4c302de391e999395e1c87f9c786b3
+ git -C "$BORING" checkout -q 7f4f41fa81c03e0f8ef1ab5b3d1d566b5968f107
fi
BORING=$(cd "$BORING";pwd -P)
+ mkdir "$BORING/build"
+ cd "$BORING/build"
+
+ # Build boring explicitly with gcc because it fails on builds where
+ # CC=clang-5.0, for example on asan-builds.
+ export CC=gcc
+ cmake ..
+ make -j$(nproc)
+
+ # Check out and build OpenSSL.
+ # Build with "enable-external-tests" to include the shim in the build.
+ cd "${HOSTDIR}"
+ OSSL=${OSSL:=openssl}
+ if [ ! -d "$OSSL" ]; then
+ git clone -q https://github.com/openssl/openssl.git "$OSSL"
+ git -C "$OSSL" checkout -q 7d38ca3f8bca58bf7b69e78c1f1ab69e5f429dff
+ fi
+ OSSL=$(cd "$OSSL";pwd -P)
+ cd "$OSSL"
+ ./config enable-external-tests
+ make -j$(nproc)
+
+ #Some filenames in the OpenSSL repository contain "core".
+ #This prevents false positive "core file detected" errors.
+ detect_core
SCRIPTNAME="interop.sh"
html_head "interop test"
@@ -56,21 +81,26 @@ interop_run()
server=$3
(cd "$INTEROP";
- cargo run -- --client "$client" --server "$server" --rootdir "$BORING"/ssl/test/runner/ --test-cases cases.json) 2>interop-${test_name}.errors | tee interop-${test_name}.log
+ cargo run -- --client "$client" --server "$server" --rootdir "$BORING"/ssl/test/runner/ --test-cases cases.json $4 $5 ) 2>interop-${test_name}.errors | tee interop-${test_name}.log
RESULT=${PIPESTATUS[0]}
- html_msg "${RESULT}" 0 "Interop" "Run successfully"
+ html_msg "${RESULT}" 0 "Interop ${test_name}" "Run successfully"
if [ $RESULT -ne 0 ]; then
cat interop-${test_name}.errors
cat interop-${test_name}.log
fi
grep -i 'FAILED\|Assertion failure' interop-${test_name}.errors
- html_msg $? 1 "Interop" "No failures"
+ html_msg $? 1 "Interop ${test_name}" "No failures"
}
cd "$(dirname "$0")"
-SOURCE_DIR="$PWD"/../..
interop_init
NSS_SHIM="$BINDIR"/nss_bogo_shim
BORING_SHIM="$BORING"/build/ssl/test/bssl_shim
+OSSL_SHIM="$OSSL"/test/ossl_shim/ossl_shim
+export LD_LIBRARY_PATH="$LD_LIBRARY_PATH":"$OSSL"
interop_run "nss_nss" ${NSS_SHIM} ${NSS_SHIM}
+interop_run "bssl_nss" ${BORING_SHIM} ${NSS_SHIM}
+interop_run "nss_bssl" ${NSS_SHIM} ${BORING_SHIM} "--client-writes-first"
+interop_run "ossl_nss" ${OSSL_SHIM} ${NSS_SHIM} "--force-IPv4"
+interop_run "nss_ossl" ${NSS_SHIM} ${OSSL_SHIM} "--client-writes-first" "--force-IPv4"
interop_cleanup
diff --git a/security/nss/tests/libpkix/certs/PayPalEE.cert b/security/nss/tests/libpkix/certs/PayPalEE.cert
index d71fbb501..aef408676 100644
Binary files a/security/nss/tests/libpkix/certs/PayPalEE.cert and b/security/nss/tests/libpkix/certs/PayPalEE.cert differ
diff --git a/security/nss/tests/libpkix/certs/PayPalICA.cert b/security/nss/tests/libpkix/certs/PayPalICA.cert
index 07e025def..dd14c1b21 100644
Binary files a/security/nss/tests/libpkix/certs/PayPalICA.cert and b/security/nss/tests/libpkix/certs/PayPalICA.cert differ
diff --git a/security/nss/tests/libpkix/vfychain_test.lst b/security/nss/tests/libpkix/vfychain_test.lst
index 78d6185c3..624c6466d 100644
--- a/security/nss/tests/libpkix/vfychain_test.lst
+++ b/security/nss/tests/libpkix/vfychain_test.lst
@@ -1,4 +1,4 @@
# Status | Leaf Cert | Policies | Others(undef)
0 TestUser50 undef
0 TestUser51 undef
-0 PayPalEE OID.2.16.840.1.114412.1.1
+0 PayPalEE OID.2.16.840.1.114412.2.1
diff --git a/security/nss/tests/policy/crypto-policy.txt b/security/nss/tests/policy/crypto-policy.txt
new file mode 100644
index 000000000..9a8c0cd1b
--- /dev/null
+++ b/security/nss/tests/policy/crypto-policy.txt
@@ -0,0 +1,19 @@
+# col 1: expected return value of nss-policy-check
+# col 2: policy config statement, using _ instead of space
+# col 3: an extended regular expression, expected to match the output
+# col 4: description of the test
+#
+0 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA1:HMAC-SHA384:HMAC-SHA512:SECP256R1:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:aes256-cbc:camellia256-cbc:aes128-gcm:aes128-cbc:camellia128-cbc:SHA256:SHA384:SHA512:SHA1:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:tls-version-min=tls1.0:dtls-version-min=dtls1.0:DH-MIN=1023:DSA-MIN=2048:RSA-MIN=2048 NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Standard policy
+0 disallow=ALL_allow=HMAC-SHA1:HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP256R1:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:aes256-cbc:camellia256-cbc:aes128-gcm:aes128-cbc:camellia128-cbc:des-ede3-cbc:rc4:SHA256:SHA384:SHA512:SHA1:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:DHE-DSS:tls-version-min=tls1.0:dtls-version-min=tls1.0:DH-MIN=1023:DSA-MIN=1023:RSA-MIN=1023 NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Legacy policy
+0 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:SHA384:SHA512:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:tls-version-min=tls1.2:dtls-version-min=dtls1.2:DH-MIN=3072:DSA-MIN=3072:RSA-MIN=3072 NSS-POLICY-INFO.*LOADED-SUCCESSFULLY Reduced policy
+2 disallow=ALL_allow=dtls-version-min=:dtls-version-max= NSS-POLICY-FAIL Missing value
+2 disallow=ALL_allow=RSA-MIN=whatever NSS-POLICY-FAIL Invalid value
+2 disallow=ALL_allow=flower NSS-POLICY-FAIL Invalid identifier
+1 disallow=all NSS-POLICY-WARN.*NUMBER-OF-CERT-SIG disallow all
+1 disallow=ALL_allow=HMAC-SHA256:HMAC-SHA384:HMAC-SHA512:SECP384R1:SECP521R1:aes256-gcm:chacha20-poly1305:ECDHE-RSA:ECDHE-ECDSA:RSA:DHE-RSA:tls-version-min=tls1.2:dtls-version-min=dtls1.2:DH-MIN=3072:DSA-MIN=3072:RSA-MIN=3072 NSS-POLICY-WARN.*NUMBER-OF-HASH No Hashes
+1 disallow=ALL_allow=tls-version-min=0:tls-version-max=0 NSS-POLICY-WARN.*NUMBER-OF-TLS-VERSIONS All TLS versions disabled
+1 disallow=ALL_allow=dtls-version-min=0:dtls-version-max=0 NSS-POLICY-WARN.*NUMBER-OF-DTLS-VERSIONS All DTLS versions disabled
+1 disallow=ALL_allow=tls-version-min=tls1.2:tls-version-max=tls1.1 NSS-POLICY-WARN.*NUMBER-OF-TLS-VERSIONS Invalid range of TLS versions
+1 disallow=ALL_allow=dtls-version-min=tls1.2:dtls-version-max=tls1.1 NSS-POLICY-WARN.*NUMBER-OF-DTLS-VERSIONS Invalid range of DTLS versions
+1 disallow=ALL_allow=tls-version-min=tls1.1:tls-version-max=tls1.2 NSS-POLICY-INFO.*NUMBER-OF-TLS-VERSIONS Valid range of TLS versions
+1 disallow=ALL_allow=dtls-version-min=tls1.1:dtls-version-max=tls1.2 NSS-POLICY-INFO.*NUMBER-OF-DTLS-VERSIONS Valid range of DTLS versions
diff --git a/security/nss/tests/policy/policy.sh b/security/nss/tests/policy/policy.sh
new file mode 100644
index 000000000..228c982a5
--- /dev/null
+++ b/security/nss/tests/policy/policy.sh
@@ -0,0 +1,58 @@
+#! /bin/bash
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+########################################################################
+#
+# mozilla/security/nss/tests/policy/policy.sh
+#
+# Script to test NSS crypto policy code
+#
+########################################################################
+
+ignore_blank_lines()
+{
+ LC_ALL=C grep -v '^[[:space:]]*\(#\|$\)' "$1"
+}
+
+policy_run_tests()
+{
+ html_head "CRYPTO-POLICY"
+
+ POLICY_INPUT=${QADIR}/policy/crypto-policy.txt
+
+ ignore_blank_lines ${POLICY_INPUT} | \
+ while read value policy match testname
+ do
+ echo "$SCRIPTNAME: running \"$testname\" ----------------------------"
+ policy=`echo ${policy} | sed -e 's;_; ;g'`
+ match=`echo ${match} | sed -e 's;_; ;g'`
+ POLICY_FILE="${TMP}/nss-policy"
+
+ echo "$SCRIPTNAME: policy: \"$policy\""
+
+ cat > "$POLICY_FILE" << ++EOF++
+library=
+name=Policy
+NSS=flags=policyOnly,moduleDB
+++EOF++
+ echo "config=\"${policy}\"" >> "$POLICY_FILE"
+ echo "" >> "$POLICY_FILE"
+
+ nss-policy-check "$POLICY_FILE" >${TMP}/$HOST.tmp.$$ 2>&1
+ ret=$?
+ cat ${TMP}/$HOST.tmp.$$
+
+ html_msg $ret $value "\"${testname}\"" \
+ "produced a returncode of $ret, expected is $value"
+
+ egrep "${match}" ${TMP}/$HOST.tmp.$$
+ ret=$?
+ html_msg $ret 0 "\"${testname}\" output is expected to match \"${match}\""
+
+ done
+}
+
+policy_run_tests
diff --git a/security/nss/tests/ssl/ssl.sh b/security/nss/tests/ssl/ssl.sh
index 9a63bd997..c1730d8d7 100755
--- a/security/nss/tests/ssl/ssl.sh
+++ b/security/nss/tests/ssl/ssl.sh
@@ -64,9 +64,9 @@ ssl_init()
PORT=$(($PORT + $padd))
fi
NSS_SSL_TESTS=${NSS_SSL_TESTS:-normal_normal}
- nss_ssl_run="stapling signed_cert_timestamps cov auth stress dtls"
+ nss_ssl_run="stapling signed_cert_timestamps cov auth stress dtls scheme"
NSS_SSL_RUN=${NSS_SSL_RUN:-$nss_ssl_run}
-
+
# Test case files
SSLCOV=${QADIR}/ssl/sslcov.txt
SSLAUTH=${QADIR}/ssl/sslauth.txt
@@ -210,24 +210,28 @@ start_selfserv()
if [ -n "$testname" ] ; then
echo "$SCRIPTNAME: $testname ----"
fi
- sparam=`echo $sparam | sed -e 's;_; ;g'`
- if [ -z "$NO_ECC_CERTS" -o "$NO_ECC_CERTS" != "1" ] ; then
+ if [ -z "$NO_ECC_CERTS" -o "$NO_ECC_CERTS" != "1" ] ; then
ECC_OPTIONS="-e ${HOSTADDR}-ecmixed -e ${HOSTADDR}-ec"
else
ECC_OPTIONS=""
fi
+ if [ -z "$RSA_PSS_CERT" -o "$RSA_PSS_CERT" != "1" ] ; then
+ RSA_OPTIONS="-n ${HOSTADDR}"
+ else
+ RSA_OPTIONS="-n ${HOSTADDR}-rsa-pss"
+ fi
echo "selfserv starting at `date`"
- echo "selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} ${SERVER_OPTIONS} \\"
- echo " ${ECC_OPTIONS} -S ${HOSTADDR}-dsa -w nss ${sparam} -i ${R_SERVERPID}\\"
+ echo "selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} ${RSA_OPTIONS} ${SERVER_OPTIONS} \\"
+ echo " ${ECC_OPTIONS} -S ${HOSTADDR}-dsa -w nss "$@" -i ${R_SERVERPID}\\"
echo " -V ssl3:tls1.2 $verbose -H 1 &"
if [ ${fileout} -eq 1 ]; then
- ${PROFTOOL} ${BINDIR}/selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} ${SERVER_OPTIONS} \
- ${ECC_OPTIONS} -S ${HOSTADDR}-dsa -w nss ${sparam} -i ${R_SERVERPID} -V ssl3:tls1.2 $verbose -H 1 \
+ ${PROFTOOL} ${BINDIR}/selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} ${RSA_OPTIONS} ${SERVER_OPTIONS} \
+ ${ECC_OPTIONS} -S ${HOSTADDR}-dsa -w nss "$@" -i ${R_SERVERPID} -V ssl3:tls1.2 $verbose -H 1 \
> ${SERVEROUTFILE} 2>&1 &
RET=$?
else
- ${PROFTOOL} ${BINDIR}/selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} ${SERVER_OPTIONS} \
- ${ECC_OPTIONS} -S ${HOSTADDR}-dsa -w nss ${sparam} -i ${R_SERVERPID} -V ssl3:tls1.2 $verbose -H 1 &
+ ${PROFTOOL} ${BINDIR}/selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} ${RSA_OPTIONS} ${SERVER_OPTIONS} \
+ ${ECC_OPTIONS} -S ${HOSTADDR}-dsa -w nss "$@" -i ${R_SERVERPID} -V ssl3:tls1.2 $verbose -H 1 &
RET=$?
fi
@@ -270,9 +274,8 @@ ssl_cov()
html_head "SSL Cipher Coverage $NORM_EXT - server $SERVER_MODE/client $CLIENT_MODE"
testname=""
- sparam="$CIPHER_SUITES"
- start_selfserv # Launch the server
+ start_selfserv $CIPHER_SUITES # Launch the server
VMIN="ssl3"
VMAX="tls1.1"
@@ -283,6 +286,13 @@ ssl_cov()
echo "${testname}" | grep "EXPORT" > /dev/null
EXP=$?
+ # RSA-PSS tests are handled in a separate function
+ case $testname in
+ *RSA-PSS)
+ continue
+ ;;
+ esac
+
echo "$SCRIPTNAME: running $testname ----------------------------"
VMAX="ssl3"
if [ "$testmax" = "TLS10" ]; then
@@ -313,6 +323,58 @@ ssl_cov()
html "</TABLE><BR>"
}
+ssl_cov_rsa_pss()
+{
+ #verbose="-v"
+ html_head "SSL Cipher Coverage (RSA-PSS) $NORM_EXT - server $SERVER_MODE/client $CLIENT_MODE"
+
+ testname=""
+
+ if [ "$NORM_EXT" = "Extended Test" ] ; then
+ echo "$SCRIPTNAME: skipping SSL Cipher Coverage (RSA-PSS) for $NORM_EXT"
+ return 0
+ fi
+
+ RSA_PSS_CERT=1
+ NO_ECC_CERTS=1
+ start_selfserv $CIPHER_SUITES
+ RSA_PSS_CERT=0
+ NO_ECC_CERTS=0
+
+ VMIN="tls1.2"
+ VMAX="tls1.2"
+
+ ignore_blank_lines ${SSLCOV} | \
+ while read ectype testmax param testname
+ do
+ case $testname in
+ *RSA-PSS)
+ ;;
+ *)
+ continue
+ ;;
+ esac
+
+ echo "$SCRIPTNAME: running $testname (RSA-PSS) ----------------------------"
+
+ echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\"
+ echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}"
+
+ rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
+ ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \
+ -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE} \
+ >${TMP}/$HOST.tmp.$$ 2>&1
+ ret=$?
+ cat ${TMP}/$HOST.tmp.$$
+ rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
+ html_msg $ret 0 "${testname}" \
+ "produced a returncode of $ret, expected is 0"
+ done
+
+ kill_selfserv
+ html "</TABLE><BR>"
+}
+
############################## ssl_auth ################################
# local shell function to perform SSL Client Authentication tests
########################################################################
@@ -337,7 +399,7 @@ ssl_auth()
cparam=`echo $cparam | sed -e "s/Host/$HOST/g" -e "s/Dom/$DOMSUF/g" `
sparam=`echo $sparam | sed -e "s/Host/$HOST/g" -e "s/Dom/$DOMSUF/g" `
fi
- start_selfserv
+ start_selfserv `echo "$sparam" | sed -e 's,_, ,g'`
echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f -d ${P_R_CLIENTDIR} $verbose ${CLIENT_OPTIONS} \\"
echo " ${cparam} < ${REQUEST_FILE}"
@@ -370,15 +432,15 @@ ssl_stapling_sub()
value=$3
if [ "$NORM_EXT" = "Extended Test" ] ; then
- # these tests use the ext_client directory for tstclnt,
- # which doesn't contain the required "TestCA" for server cert
- # verification, I don't know if it would be OK to add it...
- echo "$SCRIPTNAME: skipping $testname for $NORM_EXT"
- return 0
+ # these tests use the ext_client directory for tstclnt,
+ # which doesn't contain the required "TestCA" for server cert
+ # verification, I don't know if it would be OK to add it...
+ echo "$SCRIPTNAME: skipping $testname for $NORM_EXT"
+ return 0
fi
if [ "$SERVER_MODE" = "fips" -o "$CLIENT_MODE" = "fips" ] ; then
echo "$SCRIPTNAME: skipping $testname (non-FIPS only)"
- return 0
+ return 0
fi
SAVE_SERVER_OPTIONS=${SERVER_OPTIONS}
@@ -395,8 +457,8 @@ ssl_stapling_sub()
echo " -c v -T -O -F -M 1 -V ssl3:tls1.2 < ${REQUEST_FILE}"
rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f ${CLIENT_OPTIONS} \
- -d ${P_R_CLIENTDIR} $verbose -c v -T -O -F -M 1 -V ssl3:tls1.2 < ${REQUEST_FILE} \
- >${TMP}/$HOST.tmp.$$ 2>&1
+ -d ${P_R_CLIENTDIR} $verbose -c v -T -O -F -M 1 -V ssl3:tls1.2 < ${REQUEST_FILE} \
+ >${TMP}/$HOST.tmp.$$ 2>&1
ret=$?
cat ${TMP}/$HOST.tmp.$$
rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
@@ -405,7 +467,7 @@ ssl_stapling_sub()
# (see commands in ssl_auth
html_msg $ret $value "${testname}" \
- "produced a returncode of $ret, expected is $value"
+ "produced a returncode of $ret, expected is $value"
kill_selfserv
SERVER_OPTIONS=${SAVE_SERVER_OPTIONS}
@@ -419,15 +481,15 @@ ssl_stapling_stress()
value=0
if [ "$NORM_EXT" = "Extended Test" ] ; then
- # these tests use the ext_client directory for tstclnt,
- # which doesn't contain the required "TestCA" for server cert
- # verification, I don't know if it would be OK to add it...
- echo "$SCRIPTNAME: skipping $testname for $NORM_EXT"
- return 0
+ # these tests use the ext_client directory for tstclnt,
+ # which doesn't contain the required "TestCA" for server cert
+ # verification, I don't know if it would be OK to add it...
+ echo "$SCRIPTNAME: skipping $testname for $NORM_EXT"
+ return 0
fi
if [ "$SERVER_MODE" = "fips" -o "$CLIENT_MODE" = "fips" ] ; then
echo "$SCRIPTNAME: skipping $testname (non-FIPS only)"
- return 0
+ return 0
fi
SAVE_SERVER_OPTIONS=${SERVER_OPTIONS}
@@ -443,13 +505,13 @@ ssl_stapling_stress()
echo " -c 1000 -V ssl3:tls1.2 -N -T $verbose ${HOSTADDR}"
echo "strsclnt started at `date`"
${PROFTOOL} ${BINDIR}/strsclnt -q -p ${PORT} -d ${P_R_CLIENTDIR} ${CLIENT_OPTIONS} -w nss \
- -c 1000 -V ssl3:tls1.2 -N -T $verbose ${HOSTADDR}
+ -c 1000 -V ssl3:tls1.2 -N -T $verbose ${HOSTADDR}
ret=$?
echo "strsclnt completed at `date`"
html_msg $ret $value \
- "${testname}" \
- "produced a returncode of $ret, expected is $value."
+ "${testname}" \
+ "produced a returncode of $ret, expected is $value."
kill_selfserv
SERVER_OPTIONS=${SAVE_SERVER_OPTIONS}
@@ -556,7 +618,7 @@ ssl_stress()
sparam=`echo $sparam | sed -e "s/Host/$HOST/g" -e "s/Dom/$DOMSUF/g" `
fi
- start_selfserv
+ start_selfserv `echo "$sparam" | sed -e 's,_, ,g'`
if [ "`uname -n`" = "sjsu" ] ; then
echo "debugging disapering selfserv... ps -ef | grep selfserv"
@@ -610,56 +672,56 @@ ssl_crl_ssl()
if [ "$ectype" = "SNI" ]; then
continue
else
- servarg=`echo $sparam | awk '{r=split($0,a,"-r") - 1;print r;}'`
- pwd=`echo $cparam | grep nss`
- user=`echo $cparam | grep TestUser`
- _cparam=$cparam
- case $servarg in
- 1) if [ -z "$pwd" -o -z "$user" ]; then
+ servarg=`echo $sparam | awk '{r=split($0,a,"-r") - 1;print r;}'`
+ pwd=`echo $cparam | grep nss`
+ user=`echo $cparam | grep TestUser`
+ _cparam=$cparam
+ case $servarg in
+ 1) if [ -z "$pwd" -o -z "$user" ]; then
rev_modvalue=0
else
- rev_modvalue=254
+ rev_modvalue=254
fi
;;
- 2) rev_modvalue=254 ;;
- 3) if [ -z "$pwd" -o -z "$user" ]; then
- rev_modvalue=0
- else
- rev_modvalue=1
- fi
- ;;
- 4) rev_modvalue=1 ;;
- esac
- TEMP_NUM=0
- while [ $TEMP_NUM -lt $CRL_GROUP_RANGE ]
- do
- CURR_SER_NUM=`expr ${CRL_GROUP_BEGIN} + ${TEMP_NUM}`
- TEMP_NUM=`expr $TEMP_NUM + 1`
- USER_NICKNAME="TestUser${CURR_SER_NUM}"
- cparam=`echo $_cparam | sed -e 's;_; ;g' -e "s/TestUser/$USER_NICKNAME/g" `
- start_selfserv
-
- echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f -d ${R_CLIENTDIR} $verbose \\"
- echo " ${cparam} < ${REQUEST_FILE}"
- rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
- ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f ${cparam} \
- -d ${R_CLIENTDIR} $verbose < ${REQUEST_FILE} \
- >${TMP}/$HOST.tmp.$$ 2>&1
- ret=$?
- cat ${TMP}/$HOST.tmp.$$
- rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
- if [ $CURR_SER_NUM -ne $UNREVOKED_CERT ]; then
- modvalue=$rev_modvalue
+ 2) rev_modvalue=254 ;;
+ 3) if [ -z "$pwd" -o -z "$user" ]; then
+ rev_modvalue=0
+ else
+ rev_modvalue=1
+ fi
+ ;;
+ 4) rev_modvalue=1 ;;
+ esac
+ TEMP_NUM=0
+ while [ $TEMP_NUM -lt $CRL_GROUP_RANGE ]
+ do
+ CURR_SER_NUM=`expr ${CRL_GROUP_BEGIN} + ${TEMP_NUM}`
+ TEMP_NUM=`expr $TEMP_NUM + 1`
+ USER_NICKNAME="TestUser${CURR_SER_NUM}"
+ cparam=`echo $_cparam | sed -e 's;_; ;g' -e "s/TestUser/$USER_NICKNAME/g" `
+ start_selfserv `echo "$sparam" | sed -e 's,_, ,g'`
+
+ echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f -d ${R_CLIENTDIR} $verbose \\"
+ echo " ${cparam} < ${REQUEST_FILE}"
+ rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
+ ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f ${cparam} \
+ -d ${R_CLIENTDIR} $verbose < ${REQUEST_FILE} \
+ >${TMP}/$HOST.tmp.$$ 2>&1
+ ret=$?
+ cat ${TMP}/$HOST.tmp.$$
+ rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
+ if [ $CURR_SER_NUM -ne $UNREVOKED_CERT ]; then
+ modvalue=$rev_modvalue
testAddMsg="revoked"
- else
+ else
testAddMsg="not revoked"
- modvalue=$value
- fi
+ modvalue=$value
+ fi
- html_msg $ret $modvalue "${testname} (cert ${USER_NICKNAME} - $testAddMsg)" \
- "produced a returncode of $ret, expected is $modvalue"
- kill_selfserv
- done
+ html_msg $ret $modvalue "${testname} (cert ${USER_NICKNAME} - $testAddMsg)" \
+ "produced a returncode of $ret, expected is $modvalue"
+ kill_selfserv
+ done
fi
done
@@ -702,7 +764,6 @@ ssl_policy()
html_head "SSL POLICY $NORM_EXT - server $SERVER_MODE/client $CLIENT_MODE"
testname=""
- sparam="$CIPHER_SUITES"
if [ ! -f "${P_R_CLIENTDIR}/pkcs11.txt" ] ; then
html_failed "${SCRIPTNAME}: ${P_R_CLIENTDIR} is not initialized"
@@ -712,7 +773,7 @@ ssl_policy()
echo "Saving pkcs11.txt"
cp ${P_R_CLIENTDIR}/pkcs11.txt ${P_R_CLIENTDIR}/pkcs11.txt.sav
- start_selfserv # Launch the server
+ start_selfserv $CIPHER_SUITES
ignore_blank_lines ${SSLPOLICY} | \
while read value ectype testmax param policy testname
@@ -775,7 +836,6 @@ ssl_policy_listsuites()
html_head "SSL POLICY LISTSUITES $NORM_EXT - server $SERVER_MODE/client $CLIENT_MODE"
testname=""
- sparam="$CIPHER_SUITES"
if [ ! -f "${P_R_CLIENTDIR}/pkcs11.txt" ] ; then
html_failed "${SCRIPTNAME}: ${P_R_CLIENTDIR} is not initialized"
@@ -815,7 +875,6 @@ ssl_policy_selfserv()
html_head "SSL POLICY SELFSERV $NORM_EXT - server $SERVER_MODE/client $CLIENT_MODE"
testname=""
- sparam="$CIPHER_SUITES"
if [ ! -f "${P_R_SERVERDIR}/pkcs11.txt" ] ; then
html_failed "${SCRIPTNAME}: ${P_R_SERVERDIR} is not initialized"
@@ -828,7 +887,7 @@ ssl_policy_selfserv()
# Disallow RSA in key exchange explicitly
setup_policy "disallow=rsa/ssl-key-exchange" ${P_R_SERVERDIR}
- start_selfserv # Launch the server
+ start_selfserv $CIPHER_SUITES
VMIN="ssl3"
VMAX="tls1.2"
@@ -956,7 +1015,7 @@ _EOF_REQUEST_
-p ../tests.pw.928
ret=$?
if [ "$ret" -eq 0 ]; then
- html_passed "${CU_ACTION}"
+ html_passed "${CU_ACTION}"
return 1
fi
start_selfserv
@@ -984,8 +1043,7 @@ ssl_crl_cache()
echo $?
while [ $? -eq 0 -a -f ${SSLAUTH_TMP} ]
do
- sparam=$SERV_ARG
- start_selfserv
+ start_selfserv `echo $SERV_ARG | sed -e 's,_, ,g'`
exec < ${SSLAUTH_TMP}
while read ectype value sparam cparam testname
do
@@ -1013,7 +1071,7 @@ ssl_crl_cache()
fi
;;
4) rev_modvalue=1 ;;
- esac
+ esac
TEMP_NUM=0
LOADED_GRP=1
while [ ${LOADED_GRP} -le ${TOTAL_GRP_NUM} ]
@@ -1030,7 +1088,7 @@ ssl_crl_cache()
echo " ${cparam} < ${REQUEST_FILE}"
rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f ${cparam} \
- -d ${R_CLIENTDIR} $verbose < ${REQUEST_FILE} \
+ -d ${R_CLIENTDIR} $verbose < ${REQUEST_FILE} \
>${TMP}/$HOST.tmp.$$ 2>&1
ret=$?
cat ${TMP}/$HOST.tmp.$$
@@ -1069,7 +1127,7 @@ ssl_crl_cache()
# Restart selfserv to roll back to two initial group 1 crls
# TestCA CRL and TestCA-ec CRL
kill_selfserv
- start_selfserv
+ start_selfserv `echo "$sparam" | sed -e 's,_, ,g'`
fi
done
kill_selfserv
@@ -1106,22 +1164,66 @@ ssl_dtls()
-d ${P_R_SERVERDIR} $verbose -U -V tls1.1:tls1.2 -P server -n ${HOSTADDR} -w nss < ${REQUEST_FILE} 2>&1 &
PID=$!
-
+
sleep 1
-
+
echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f -d ${P_R_CLIENTDIR} $verbose ${CLIENT_OPTIONS} \\"
echo " -U -V tls1.1:tls1.2 -P client -Q < ${REQUEST_FILE}"
${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f ${CLIENT_OPTIONS} \
- -d ${P_R_CLIENTDIR} $verbose -U -V tls1.1:tls1.2 -P client -Q < ${REQUEST_FILE} 2>&1
+ -d ${P_R_CLIENTDIR} $verbose -U -V tls1.1:tls1.2 -P client -Q < ${REQUEST_FILE} 2>&1
ret=$?
html_msg $ret $value "${testname}" \
"produced a returncode of $ret, expected is $value"
kill ${PID}
-
+
html "</TABLE><BR>"
}
+############################ ssl_scheme ###################################
+# local shell function to test tstclnt and selfserv handling of signature schemes
+#########################################################################
+ssl_scheme()
+{
+ if [ "$SERVER_MODE" = "fips" -o "$CLIENT_MODE" = "fips" ] ; then
+ echo "$SCRIPTNAME: skipping $testname (non-FIPS only)"
+ return 0
+ fi
+
+ html_head "SSL SCHEME $NORM_EXT - server $SERVER_MODE/client $CLIENT_MODE"
+
+ NO_ECC_CERTS=1
+ schemes=("rsa_pkcs1_sha256" "rsa_pss_rsae_sha256" "rsa_pkcs1_sha256,rsa_pss_rsae_sha256")
+ for sscheme in "${schemes[@]}"; do
+ for cscheme in "${schemes[@]}"; do
+ testname="ssl_scheme server='$sscheme' client='$cscheme'"
+ echo "${testname}"
+
+ start_selfserv -V tls1.2:tls1.2 -J "$sscheme"
+
+ echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f -d ${P_R_CLIENTDIR} $verbose ${CLIENT_OPTIONS} \\"
+ echo " -V tls1.2:tls1.2 -J "$cscheme" < ${REQUEST_FILE}"
+ ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f ${CLIENT_OPTIONS} \
+ -d ${P_R_CLIENTDIR} $verbose -V tls1.2:tls1.2 -J "$cscheme" < ${REQUEST_FILE} 2>&1
+ ret=$?
+ # If both schemes include just one option and those options don't
+ # match, then the test should fail; otherwise, assume that it works.
+ if [ "${cscheme#*,}" = "$cscheme" -a \
+ "${sscheme#*,}" = "$sscheme" -a \
+ "$cscheme" != "$sscheme" ]; then
+ expected=254
+ else
+ expected=0
+ fi
+ html_msg $ret $expected "${testname}" \
+ "produced a returncode of $ret, expected is $expected"
+ kill_selfserv
+ done
+ done
+ NO_ECC_CERTS=0
+
+ html "</TABLE><BR>"
+}
############################## ssl_cleanup #############################
# local shell function to finish this script (no exit since it might be
@@ -1152,6 +1254,7 @@ ssl_run()
;;
"cov")
ssl_cov
+ ssl_cov_rsa_pss
;;
"auth")
ssl_auth
@@ -1162,6 +1265,9 @@ ssl_run()
"dtls")
ssl_dtls
;;
+ "scheme")
+ ssl_scheme
+ ;;
esac
done
}
@@ -1182,9 +1288,9 @@ ssl_run_all()
# in FIPS mode, so cope with that. Note there's also semicolon in here
# but it doesn't need escaping/quoting; the shell copes.
if [ "${CLIENT_MODE}" = "fips" ]; then
- USER_NICKNAME="pkcs11:token=NSS%20FIPS%20140-2%20Certificate%20DB;object=TestUser"
+ USER_NICKNAME="pkcs11:token=NSS%20FIPS%20140-2%20Certificate%20DB;object=TestUser"
else
- USER_NICKNAME="pkcs11:token=NSS%20Certificate%20DB;object=TestUser"
+ USER_NICKNAME="pkcs11:token=NSS%20Certificate%20DB;object=TestUser"
fi
NORM_EXT=""
cd ${CLIENTDIR}
@@ -1346,4 +1452,3 @@ ssl_run_tests()
ssl_init
ssl_run_tests
ssl_cleanup
-
diff --git a/security/nss/tests/ssl/sslcov.txt b/security/nss/tests/ssl/sslcov.txt
index 1eb7f47de..93f247b96 100644
--- a/security/nss/tests/ssl/sslcov.txt
+++ b/security/nss/tests/ssl/sslcov.txt
@@ -141,3 +141,8 @@
ECC TLS12 :C030 TLS12_ECDHE_RSA_WITH_AES_256_GCM_SHA384
ECC TLS12 :CCA8 TLS12_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
ECC TLS12 :CCA9 TLS12_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+#
+# Test against server with RSA-PSS server certificate
+#
+ ECC TLS12 :C02F TLS12_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - RSA-PSS
+ ECC TLS12 :C030 TLS12_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - RSA-PSS
diff --git a/security/nss/tests/ssl/sslstress.txt b/security/nss/tests/ssl/sslstress.txt
index a87eedad7..44794f10f 100644
--- a/security/nss/tests/ssl/sslstress.txt
+++ b/security/nss/tests/ssl/sslstress.txt
@@ -12,9 +12,6 @@
noECC 0 _ -c_1000_-C_c Stress TLS RC4 128 with MD5
noECC 0 _ -c_1000_-C_c_-g Stress TLS RC4 128 with MD5 (false start)
noECC 0 -u -V_ssl3:tls1.2_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket)
- noECC 0 -z -V_ssl3:tls1.2_-c_1000_-C_c_-z Stress TLS RC4 128 with MD5 (compression)
- noECC 0 -u_-z -V_ssl3:tls1.2_-c_1000_-C_c_-u_-z Stress TLS RC4 128 with MD5 (session ticket, compression)
- noECC 0 -u_-z -V_ssl3:tls1.2_-c_1000_-C_c_-u_-z_-g Stress TLS RC4 128 with MD5 (session ticket, compression, false start)
SNI 0 -u_-a_Host-sni.Dom -V_tls1.0:tls1.2_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket, SNI)
#
@@ -24,10 +21,6 @@
noECC 0 -r_-r -c_100_-C_c_-V_ssl3:ssl3_-N_-n_TestUser Stress SSL3 RC4 128 with MD5 (no reuse, client auth, no login)
noECC 0 -r_-r -c_100_-C_c_-N_-n_TestUser Stress TLS RC4 128 with MD5 (no reuse, client auth)
noECC 0 -r_-r_-u -V_ssl3:tls1.2_-c_100_-C_c_-n_TestUser_-u Stress TLS RC4 128 with MD5 (session ticket, client auth)
- noECC 0 -r_-r_-z -V_ssl3:tls1.2_-c_100_-C_c_-n_TestUser_-z Stress TLS RC4 128 with MD5 (compression, client auth)
- noECC 0 -r_-r_-z -V_ssl3:tls1.2_-c_100_-C_c_-n_TestUser_-z_-g Stress TLS RC4 128 with MD5 (compression, client auth, false start)
- noECC 0 -r_-r_-u_-z -V_ssl3:tls1.2_-c_100_-C_c_-n_TestUser_-u_-z Stress TLS RC4 128 with MD5 (session ticket, compression, client auth)
- noECC 0 -r_-r_-u_-z -V_ssl3:tls1.2_-c_100_-C_c_-n_TestUser_-u_-z_-g Stress TLS RC4 128 with MD5 (session ticket, compression, client auth, false start)
SNI 0 -r_-r_-u_-a_Host-sni.Dom -V_tls1.0:tls1.2_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket, SNI, client auth, default virt host)
SNI 0 -r_-r_-u_-a_Host-sni.Dom_-k_Host-sni.Dom -V_tls1.0:tls1.2_-c_1000_-C_c_-u_-a_Host-sni.Dom Stress TLS RC4 128 with MD5 (session ticket, SNI, client auth, change virt host)
diff --git a/security/nss/tests/ssl_gtests/ssl_gtests.sh b/security/nss/tests/ssl_gtests/ssl_gtests.sh
index eef77f16f..6c088d8a6 100755
--- a/security/nss/tests/ssl_gtests/ssl_gtests.sh
+++ b/security/nss/tests/ssl_gtests/ssl_gtests.sh
@@ -19,55 +19,6 @@
#
########################################################################
-# Generate input to certutil
-certscript() {
- ca=n
- while [ $# -gt 0 ]; do
- case $1 in
- sign) echo 0 ;;
- kex) echo 2 ;;
- ca) echo 5;echo 6;ca=y ;;
- esac; shift
- done;
- echo 9
- echo n
- echo $ca
- echo
- echo n
-}
-
-# $1: name
-# $2: type
-# $3+: usages: sign or kex
-make_cert() {
- name=$1
- type=$2
- unset type_args trust sign
- case $type in
- dsa) type_args='-g 1024' ;;
- rsa) type_args='-g 1024' ;;
- rsa2048) type_args='-g 2048';type=rsa ;;
- rsa8192) type_args='-g 8192';type=rsa ;;
- rsapss) type_args='-g 1024 --pss';type=rsa ;;
- p256) type_args='-q nistp256';type=ec ;;
- p384) type_args='-q secp384r1';type=ec ;;
- p521) type_args='-q secp521r1';type=ec ;;
- rsa_ca) type_args='-g 1024';trust='CT,CT,CT';type=rsa ;;
- rsa_chain) type_args='-g 1024';sign='-c rsa_ca';type=rsa;;
- rsapss_ca) type_args='-g 1024 --pss';trust='CT,CT,CT';type=rsa ;;
- rsapss_chain) type_args='-g 1024';sign='-c rsa_pss_ca';type=rsa;;
- rsa_ca_rsapss_chain) type_args='-g 1024 --pss-sign';sign='-c rsa_ca';type=rsa;;
- ecdh_rsa) type_args='-q nistp256';sign='-c rsa_ca';type=ec ;;
- esac
- shift 2
- counter=$(($counter + 1))
- certscript $@ | ${BINDIR}/certutil -S \
- -z ${R_NOISE_FILE} -d "${PROFILEDIR}" \
- -n $name -s "CN=$name" -t ${trust:-,,} ${sign:--x} -m $counter \
- -w -2 -v 120 -k $type $type_args -Z SHA256 -1 -2
- html_msg $? 0 "create certificate: $@"
-}
-
ssl_gtest_certs() {
mkdir -p "${SSLGTESTDIR}"
cd "${SSLGTESTDIR}"
@@ -80,6 +31,10 @@ ssl_gtest_certs() {
${BINDIR}/certutil -N -d "${PROFILEDIR}" --empty-password 2>&1
html_msg $? 0 "create ssl_gtest database"
+ pushd "${QADIR}"
+ . common/certsetup.sh
+ popd
+
counter=0
make_cert client rsa sign
make_cert rsa rsa sign kex
@@ -87,6 +42,9 @@ ssl_gtest_certs() {
make_cert rsa8192 rsa8192 sign kex
make_cert rsa_sign rsa sign
make_cert rsa_pss rsapss sign
+ make_cert rsa_pss384 rsapss384 sign
+ make_cert rsa_pss512 rsapss512 sign
+ make_cert rsa_pss_noparam rsapss_noparam sign
make_cert rsa_decrypt rsa kex
make_cert ecdsa256 p256 sign
make_cert ecdsa384 p384 sign
diff --git a/security/nss/tests/tlsfuzzer/config.json.in b/security/nss/tests/tlsfuzzer/config.json.in
new file mode 100644
index 000000000..051bae2be
--- /dev/null
+++ b/security/nss/tests/tlsfuzzer/config.json.in
@@ -0,0 +1,166 @@
+[
+ {
+ "server_command": [
+ "@SELFSERV@", "-w", "nss", "-d", "@SERVERDIR@",
+ "-V", "tls1.0:", "-H", "1",
+ "-n", "rsa",
+ "-n", "rsa-pss",
+ "-J", "rsa_pss_rsae_sha256,rsa_pss_rsae_sha384,rsa_pss_rsae_sha512,rsa_pss_pss_sha256",
+ "-u", "-Z", "-p", "@PORT@"
+ ],
+ "server_hostname": "@HOSTADDR@",
+ "server_port": @PORT@,
+ "tests" : [
+ {
+ "name" : "test-tls13-conversation.py",
+ "arguments": [
+ "-p", "@PORT@"
+ ]
+ },
+ {
+ "name" : "test-tls13-count-tickets.py",
+ "arguments": [
+ "-p", "@PORT@", "-t", "1"
+ ]
+ },
+ {
+ "name" : "test-tls13-dhe-shared-secret-padding.py",
+ "comment": "https://bugzilla.mozilla.org/show_bug.cgi?id=1305243",
+ "arguments": [
+ "-p", "@PORT@",
+ "-e", "TLS 1.3 with x448"
+ ]
+ },
+ {
+ "name" : "test-tls13-empty-alert.py",
+ "arguments": [
+ "-p", "@PORT@"
+ ],
+ "comment": "https://bugzilla.mozilla.org/show_bug.cgi?id=1471656",
+ "exp_pass": false
+ },
+ {
+ "name" : "test-tls13-ffdhe-sanity.py",
+ "arguments": [
+ "-p", "@PORT@"
+ ]
+ },
+ {
+ "name" : "test-tls13-finished.py",
+ "arguments": [
+ "-p", "@PORT@"
+ ],
+ "comment" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1472747",
+ "exp_pass": false
+ },
+ {
+ "name" : "test-tls13-0rtt-garbage.py",
+ "comment": "the disabled test timeouts because of https://bugzilla.mozilla.org/show_bug.cgi?id=1472747",
+ "arguments": [
+ "-p", "@PORT@", "--cookie",
+ "-e", "undecryptable record later in handshake together with early_data"
+ ]
+ },
+ {
+ "name" : "test-tls13-hrr.py",
+ "arguments": [
+ "-p", "@PORT@", "--cookie"
+ ]
+ },
+ {
+ "name" : "test-tls13-legacy-version.py",
+ "arguments": [
+ "-p", "@PORT@"
+ ],
+ "comment": "https://bugzilla.mozilla.org/show_bug.cgi?id=1490006",
+ "exp_pass": false
+ },
+ {
+ "name" : "test-tls13-nociphers.py",
+ "arguments": [
+ "-p", "@PORT@"
+ ]
+ },
+ {
+ "name" : "test-tls13-pkcs-signature.py",
+ "comment": "https://bugzilla.mozilla.org/show_bug.cgi?id=1489997",
+ "arguments": [
+ "-p", "@PORT@",
+ "-e", "rsa_pkcs1_sha256 signature",
+ "-e", "rsa_pkcs1_sha384 signature",
+ "-e", "rsa_pkcs1_sha512 signature"
+ ]
+ },
+ {
+ "name" : "test-tls13-rsa-signatures.py",
+ "comment": "selfserv can be set up to use multiple certs, but only one for each auth type",
+ "arguments": [
+ "-p", "@PORT@", "-b",
+ "-e", "tls13 signature rsa_pss_pss_sha384",
+ "-e", "tls13 signature rsa_pss_pss_sha512"
+ ]
+ },
+ {
+ "name" : "test-tls13-rsapss-signatures.py",
+ "comment": "selfserv can be set up to use multiple certs, but only one to each auth type",
+ "arguments": [
+ "-p", "@PORT@", "-b",
+ "-e", "tls13 signature rsa_pss_pss_sha384",
+ "-e", "tls13 signature rsa_pss_pss_sha512"
+ ]
+ },
+ {
+ "name" : "test-tls13-record-padding.py",
+ "arguments": [
+ "-p", "@PORT@"
+ ]
+ },
+ {
+ "name" : "test-tls13-session-resumption.py",
+ "arguments": [
+ "-p", "@PORT@"
+ ]
+ },
+ {
+ "name" : "test-tls13-signature-algorithms.py",
+ "arguments": [
+ "-p", "@PORT@"
+ ],
+ "comment": "https://bugzilla.mozilla.org/show_bug.cgi?id=1482386",
+ "exp_pass": false
+ },
+ {
+ "name" : "test-tls13-unrecognised-groups.py",
+ "arguments": [
+ "-p", "@PORT@", "--cookie"
+ ]
+ },
+ {
+ "name" : "test-tls13-version-negotiation.py",
+ "comment": "the disabled test timeouts because of https://github.com/tomato42/tlsfuzzer/issues/452",
+ "arguments": [
+ "-p", "@PORT@",
+ "-e", "SSL 2.0 ClientHello with TLS 1.3 version and TLS 1.3 only ciphersuites"
+ ]
+ },
+ {
+ "name" : "test-tls13-zero-length-data.py",
+ "arguments": [
+ "-p", "@PORT@"
+ ]
+ },
+ {
+ "name" : "test-dhe-no-shared-secret-padding.py",
+ "comment": "https://bugzilla.mozilla.org/show_bug.cgi?id=1494221 and SSLv3 cannot be enabled in server",
+ "arguments": [
+ "-p", "@PORT@",
+ "-e", "Protocol (3, 0) in SSLv2 compatible ClientHello",
+ "-e", "Protocol (3, 1) in SSLv2 compatible ClientHello",
+ "-e", "Protocol (3, 2) in SSLv2 compatible ClientHello",
+ "-e", "Protocol (3, 3) in SSLv2 compatible ClientHello",
+ "-e", "Protocol (3, 0)"
+ ]
+ }
+ ]
+ }
+]
diff --git a/security/nss/tests/tlsfuzzer/tlsfuzzer.sh b/security/nss/tests/tlsfuzzer/tlsfuzzer.sh
new file mode 100644
index 000000000..ecc146c24
--- /dev/null
+++ b/security/nss/tests/tlsfuzzer/tlsfuzzer.sh
@@ -0,0 +1,110 @@
+#!/bin/bash
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+########################################################################
+#
+# tests/tlsfuzzer/tlsfuzzer.sh
+#
+# Script to drive the ssl tlsfuzzer interop unit tests
+#
+########################################################################
+
+tlsfuzzer_certs()
+{
+ PROFILEDIR=`pwd`
+
+ ${BINDIR}/certutil -N -d "${PROFILEDIR}" --empty-password 2>&1
+ html_msg $? 0 "create tlsfuzzer database"
+
+ pushd "${QADIR}"
+ . common/certsetup.sh
+ popd
+
+ counter=0
+ make_cert rsa rsa2048 sign kex
+ make_cert rsa-pss rsapss sign kex
+}
+
+tlsfuzzer_init()
+{
+ SCRIPTNAME="tlsfuzzer.sh"
+ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ] ; then
+ cd ../common
+ . ./init.sh
+ fi
+
+ mkdir -p "${HOSTDIR}/tlsfuzzer"
+ pushd "${HOSTDIR}/tlsfuzzer"
+ tlsfuzzer_certs
+
+ TLSFUZZER=${TLSFUZZER:=tlsfuzzer}
+ if [ ! -d "$TLSFUZZER" ]; then
+ # Can't use git-copy.sh here, as tlsfuzzer doesn't have any tags
+ git clone -q https://github.com/tomato42/tlsfuzzer/ "$TLSFUZZER"
+ git -C "$TLSFUZZER" checkout a40ce4085052a4da9a05f9149b835a76c194a0c6
+
+ # We could use tlslite-ng from pip, but the pip command installed
+ # on TC is too old to support --pre
+ ${QADIR}/../fuzz/config/git-copy.sh https://github.com/tomato42/tlslite-ng/ v0.8.0-alpha18 tlslite-ng
+
+ pushd "$TLSFUZZER"
+ ln -s ../tlslite-ng/tlslite tlslite
+ popd
+
+ # Install tlslite-ng dependencies
+ ${QADIR}/../fuzz/config/git-copy.sh https://github.com/warner/python-ecdsa master python-ecdsa
+ ${QADIR}/../fuzz/config/git-copy.sh https://github.com/benjaminp/six master six
+
+ pushd "$TLSFUZZER"
+ ln -s ../python-ecdsa/src/ecdsa ecdsa
+ ln -s ../six/six.py .
+ popd
+ fi
+
+ # Find usable port
+ PORT=${PORT-8443}
+ while true; do
+ "${BINDIR}/selfserv" -w nss -d "${HOSTDIR}/tlsfuzzer" -n rsa \
+ -p "${PORT}" -i selfserv.pid &
+ [ -f selfserv.pid ] || sleep 5
+ if [ -f selfserv.pid ]; then
+ kill $(cat selfserv.pid)
+ wait $(cat selfserv.pid)
+ rm -f selfserv.pid
+ break
+ fi
+ PORT=$(($PORT + 1))
+ done
+
+ sed -e "s|@PORT@|${PORT}|g" \
+ -e "s|@SELFSERV@|${BINDIR}/selfserv|g" \
+ -e "s|@SERVERDIR@|${HOSTDIR}/tlsfuzzer|g" \
+ -e "s|@HOSTADDR@|${HOSTADDR}|g" \
+ ${QADIR}/tlsfuzzer/config.json.in > ${TLSFUZZER}/config.json
+ popd
+
+ SCRIPTNAME="tlsfuzzer.sh"
+ html_head "tlsfuzzer test"
+}
+
+tlsfuzzer_cleanup()
+{
+ cd ${QADIR}
+ . common/cleanup.sh
+}
+
+tlsfuzzer_run_tests()
+{
+ pushd "${HOSTDIR}/tlsfuzzer/${TLSFUZZER}"
+ PYTHONPATH=. python tests/scripts_retention.py config.json "${BINDIR}/selfserv"
+ html_msg $? 0 "tlsfuzzer" "Run successfully"
+ popd
+}
+
+cd "$(dirname "$0")"
+tlsfuzzer_init
+tlsfuzzer_run_tests
+tlsfuzzer_cleanup
--
cgit v1.2.3
From f0fe6b69db8b0c8d7d2cf5ecdad60947029b82a8 Mon Sep 17 00:00:00 2001
From: trav90 <travawine@palemoon.org>
Date: Sat, 15 Dec 2018 17:51:30 -0600
Subject: Update HSTS preload list
Tag #447
---
security/manager/ssl/nsSTSPreloadList.errors | 2675 ++++++++++++++---------
security/manager/ssl/nsSTSPreloadList.inc | 2995 +++++++++++++++-----------
2 files changed, 3430 insertions(+), 2240 deletions(-)
(limited to 'security')
diff --git a/security/manager/ssl/nsSTSPreloadList.errors b/security/manager/ssl/nsSTSPreloadList.errors
index be60cc0ed..92e7ea00f 100644
--- a/security/manager/ssl/nsSTSPreloadList.errors
+++ b/security/manager/ssl/nsSTSPreloadList.errors
@@ -1,7 +1,7 @@
0-1.party: could not connect to host
0.me.uk: did not receive HSTS header
00001.am: max-age too low: 129600
-0005.com: could not connect to host
+0005.com: did not receive HSTS header
0005aa.com: could not connect to host
0005pay.com: did not receive HSTS header
00100010.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -13,10 +13,10 @@
00180018.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
00190019.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
00220022.net: could not connect to host
-00330033.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+00330033.net: could not connect to host
00440044.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
00550055.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-00660066.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+00660066.net: could not connect to host
007-preisvergleich.de: could not connect to host
00770077.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
00778899.com: did not receive HSTS header
@@ -38,7 +38,7 @@
0222.mg: did not receive HSTS header
0222aa.com: could not connect to host
023838.com: could not connect to host
-02607.com: could not connect to host
+023sec.com: could not connect to host
028718.com: did not receive HSTS header
029978.com: did not receive HSTS header
029inno.com: could not connect to host
@@ -46,7 +46,6 @@
02smh.com: could not connect to host
03-09-2016.wedding: could not connect to host
0311buy.cn: did not receive HSTS header
-03170317.com: could not connect to host
040fit.nl: did not receive HSTS header
040fitvitality.nl: did not receive HSTS header
048.ag: could not connect to host
@@ -66,9 +65,7 @@
078860.com: did not receive HSTS header
078890.com: did not receive HSTS header
081638.com: did not receive HSTS header
-083962.com: could not connect to host
086628.com: did not receive HSTS header
-09115.com: could not connect to host
0c.eu: did not receive HSTS header
0cdn.ga: could not connect to host
0day.su: could not connect to host
@@ -76,7 +73,6 @@
0fl.com: did not receive HSTS header
0g.org.uk: could not connect to host
0i0.nl: could not connect to host
-0iz.net: could not connect to host
0o0.ooo: could not connect to host
0p.no: did not receive HSTS header
0vi.org: could not connect to host
@@ -99,15 +95,17 @@
0xf00.ch: could not connect to host
1.0.0.1: max-age too low: 0
1000hats.com: did not receive HSTS header
+1000serien.com: could not connect to host
1001.best: could not connect to host
+1001carats.fr: could not connect to host
100onrainkajino.com: could not connect to host
+100rembourse.be: did not receive HSTS header
1017scribes.com: could not connect to host
1018hosting.nl: did not receive HSTS header
1022996493.rsc.cdn77.org: could not connect to host
10414.org: could not connect to host
1066.io: could not connect to host
1091.jp: could not connect to host
-10gb.io: could not connect to host
10gbit.ovh: could not connect to host
10seos.com: did not receive HSTS header
10tacle.io: could not connect to host
@@ -125,7 +123,9 @@
11scc.com: could not connect to host
120dayweightloss.com: could not connect to host
123110.com: could not connect to host
+123djdrop.com: did not receive HSTS header
123movies.fyi: did not receive HSTS header
+123pay.ir: did not receive HSTS header
123share.org: did not receive HSTS header
123termpapers.com: could not connect to host
123test.com: did not receive HSTS header
@@ -155,7 +155,7 @@
1481485.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
1481485.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
1481486.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-1481486.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+1481486.net: could not connect to host
1536.cf: could not connect to host
16164f.com: could not connect to host
163pwd.com: could not connect to host
@@ -181,10 +181,12 @@
188trafalgar.ca: did not receive HSTS header
189dv.com: could not connect to host
1912x.com: could not connect to host
-19216811.online: could not connect to host
+19216811.online: did not receive HSTS header
1921958389.rsc.cdn77.org: could not connect to host
195gm.com: could not connect to host
1a-jva.de: could not connect to host
+1a-vermessung.at: did not receive HSTS header
+1a-werkstattgeraete.de: did not receive HSTS header
1aim.com: did not receive HSTS header
1atic.com: could not connect to host
1b1.pl: could not connect to host
@@ -202,13 +204,13 @@
1q365a.com: could not connect to host
1s.tn: could not connect to host
1salland.nl: could not connect to host
-1st4abounce.co.uk: did not receive HSTS header
+1st4abounce.co.uk: could not connect to host
1stcapital.com.sg: did not receive HSTS header
1ststop.co.uk: did not receive HSTS header
1three1.net: did not receive HSTS header
1upinternet.com: could not connect to host
1xcess.com: did not receive HSTS header
-1years.cc: could not connect to host
+1years.cc: did not receive HSTS header
2-cpu.de: could not connect to host
200fcw.com: could not connect to host
2018.wales: could not connect to host
@@ -216,6 +218,7 @@
2048game.co.uk: could not connect to host
206rc.net: max-age too low: 2592000
208.es: did not receive HSTS header
+20denier.com: could not connect to host
20hs.cn: did not receive HSTS header
20zq.com: could not connect to host
21.co.uk: did not receive HSTS header
@@ -238,8 +241,10 @@
256k.me: could not connect to host
258da.com: did not receive HSTS header
25daysof.io: could not connect to host
+263.info: could not connect to host
27728522.com: could not connect to host
2859cc.com: could not connect to host
+286.com: did not receive HSTS header
288da.com: did not receive HSTS header
29227.com: could not connect to host
298da.com: did not receive HSTS header
@@ -253,7 +258,7 @@
2carpros.com: did not receive HSTS header
2fl.me: did not receive HSTS header
2intermediate.co.uk: did not receive HSTS header
-2li.ch: could not connect to host
+2mir.com: could not connect to host
2or3.tk: could not connect to host
2smart4food.com: could not connect to host
2ss.jp: did not receive HSTS header
@@ -289,6 +294,7 @@
38888msc.com: could not connect to host
38blog.com: did not receive HSTS header
38sihu.com: could not connect to host
+398.info: could not connect to host
3candy.com: could not connect to host
3chit.cf: could not connect to host
3click-loan.com: could not connect to host
@@ -300,14 +306,12 @@
3fl.com: did not receive HSTS header
3hl0.net: could not connect to host
3ik.us: could not connect to host
-3james.com: could not connect to host
3mbo.de: did not receive HSTS header
3sreporting.com: did not receive HSTS header
3vlnaeet.cz: could not connect to host
3wecommerce.com.br: could not connect to host
3weekdietworks.com: did not receive HSTS header
3xx.link: could not connect to host
-40-grad.de: max-age too low: 2628000
4036aa.com: did not receive HSTS header
4036bb.com: did not receive HSTS header
4036cc.com: did not receive HSTS header
@@ -330,7 +334,9 @@
44957.com: could not connect to host
44scc.com: could not connect to host
4500.co.il: did not receive HSTS header
+4553vip.com: could not connect to host
4679.space: did not receive HSTS header
+4736666.com: could not connect to host
478933.com: could not connect to host
47essays.com: could not connect to host
47tech.com: could not connect to host
@@ -346,6 +352,7 @@
4miners.net: could not connect to host
4mybaby.ch: did not receive HSTS header
4ourty2.org: could not connect to host
+4sics.se: could not connect to host
4sqsu.eu: could not connect to host
4w-performers.link: could not connect to host
4web-hosting.com: could not connect to host
@@ -354,8 +361,6 @@
500103.com: did not receive HSTS header
500108.com: did not receive HSTS header
500fcw.com: could not connect to host
-500k.nl: could not connect to host
-508088.com: could not connect to host
50ma.xyz: could not connect to host
50millionablaze.org: could not connect to host
50plusnet.nl: could not connect to host
@@ -363,38 +368,41 @@
517vpn.cn: could not connect to host
518maicai.com: could not connect to host
51aifuli.com: could not connect to host
-51tiaojiu.com: could not connect to host
5214889.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
5214889.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
52b9.com: could not connect to host
52b9.net: could not connect to host
+52hentai.ml: could not connect to host
52kb.net: could not connect to host
52kb1.com: could not connect to host
52neptune.com: did not receive HSTS header
5310899.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
5310899.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-5364.com: could not connect to host
540.co: did not receive HSTS header
5432.cc: did not receive HSTS header
54bf.com: could not connect to host
-555fl.com: max-age too low: 129600
555xl.com: could not connect to host
+558da.com: could not connect to host
55bt.cc: did not receive HSTS header
55scc.com: could not connect to host
56877.com: could not connect to host
56ct.com: could not connect to host
57aromas.com: did not receive HSTS header
57he.com: could not connect to host
+593380.com: could not connect to host
+598380.com: could not connect to host
598598598.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+5986fc.com: could not connect to host
5chat.it: could not connect to host
5ece.de: could not connect to host
5piecesofadvice.com: could not connect to host
-5starbouncycastlehire.co.uk: did not receive HSTS header
-5w5.la: did not receive HSTS header
+5starbouncycastlehire.co.uk: could not connect to host
+5w5.la: could not connect to host
605508.cc: could not connect to host
605508.com: could not connect to host
60ych.net: did not receive HSTS header
6120.eu: did not receive HSTS header
+626380.com: could not connect to host
62755.com: did not receive HSTS header
645ds.cn: did not receive HSTS header
645ds.com: did not receive HSTS header
@@ -404,16 +412,19 @@
64bitservers.net: could not connect to host
65d88.com: could not connect to host
660011.com: did not receive HSTS header
+6616fc.com: could not connect to host
66205.net: did not receive HSTS header
6677.us: could not connect to host
668da.com: did not receive HSTS header
+66bwf.com: could not connect to host
67899876.com: did not receive HSTS header
688da.com: could not connect to host
692b8c32.de: could not connect to host
69mentor.com: could not connect to host
69square.com: could not connect to host
-6w6.la: did not receive HSTS header
+6w6.la: could not connect to host
6z3.net: could not connect to host
+7045.com: could not connect to host
7183.org: could not connect to host
721av.com: could not connect to host
724go.com: could not connect to host
@@ -421,7 +432,6 @@
72ty.com: could not connect to host
72ty.net: could not connect to host
73223.com: did not receive HSTS header
-73info.com: could not connect to host
7570.com: did not receive HSTS header
771122.tv: did not receive HSTS header
7717a.com: did not receive HSTS header
@@ -437,13 +447,13 @@
7kovrikov.ru: did not receive HSTS header
7links.com.br: did not receive HSTS header
7nw.eu: could not connect to host
-7proxies.com: did not receive HSTS header
7thheavenrestaurant.com: could not connect to host
8.net.co: could not connect to host
-80036.com: did not receive HSTS header
+80036.com: could not connect to host
8003pay.com: could not connect to host
808.lv: did not receive HSTS header
808phone.net: could not connect to host
+818bwf.com: could not connect to host
81uc.com: could not connect to host
8206688.com: did not receive HSTS header
826468.com: could not connect to host
@@ -454,17 +464,22 @@
8522cn.com: did not receive HSTS header
8522top.com: could not connect to host
8560.be: could not connect to host
+8649955.com: could not connect to host
+8649966.com: could not connect to host
+8649977.com: could not connect to host
8688fc.com: could not connect to host
-86metro.ru: could not connect to host
8722.com: did not receive HSTS header
87577.com: could not connect to host
88.to: did not receive HSTS header
+8876205.com: did not receive HSTS header
8887999.com: could not connect to host
8888av.co: could not connect to host
8888esb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
888azino.com: did not receive HSTS header
+888bwf.com: could not connect to host
888lu.co: could not connect to host
-888msc.vip: did not receive HSTS header
+888msc.vip: could not connect to host
+88bwf.com: did not receive HSTS header
88d.com: could not connect to host
88laohu.cc: could not connect to host
88laohu.com: could not connect to host
@@ -491,17 +506,18 @@
8mpay.com: did not receive HSTS header
8pecxstudios.com: could not connect to host
8shequapp.com: could not connect to host
-8svn.com: could not connect to host
+8svn.com: did not receive HSTS header
8t88.biz: could not connect to host
-8ung.online: did not receive HSTS header
8xx.bet: could not connect to host
8xx.io: could not connect to host
8xx888.com: could not connect to host
+8xxxxxxx.com: could not connect to host
90smthng.com: could not connect to host
91-freedom.com: could not connect to host
9118b.com: could not connect to host
911911.pw: could not connect to host
915ers.com: could not connect to host
+918yy.com: could not connect to host
919945.com: did not receive HSTS header
91dh.cc: could not connect to host
91lt.info: did not receive HSTS header
@@ -526,12 +542,13 @@
9bingo.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
9iwan.net: did not receive HSTS header
9jadirect.com: could not connect to host
+9jaxtreme.com.ng: did not receive HSTS header
9point6.com: could not connect to host
9ss6.com: could not connect to host
+9tolife.be: did not receive HSTS header
9vies.ca: could not connect to host
9won.kr: could not connect to host
-9y.at: could not connect to host
-a-intel.com: could not connect to host
+a-intel.com: did not receive HSTS header
a-ix.net: could not connect to host
a-plus.space: could not connect to host
a-rickroll-n.pw: could not connect to host
@@ -548,6 +565,7 @@ a3workshop.swiss: could not connect to host
a7m2.me: could not connect to host
a8q.org: could not connect to host
a9c.co: could not connect to host
+aa-tour.ru: could not connect to host
aa43d.cn: could not connect to host
aa6688.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
aa7733.com: could not connect to host
@@ -560,8 +578,7 @@ aapp.space: could not connect to host
aardvarksolutions.co.za: did not receive HSTS header
aariefhaafiz.com: could not connect to host
aaron-gustafson.com: did not receive HSTS header
-aaronburt.co.uk: could not connect to host
-aaronmcguire.me: did not receive HSTS header
+aaronmcguire.me: could not connect to host
aarvinproperties.com: could not connect to host
ab-bauservice-berlin.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
abacus-events.co.uk: did not receive HSTS header
@@ -570,6 +587,7 @@ abasky.net: could not connect to host
abcdentalcare.com: did not receive HSTS header
abcdobebe.com: did not receive HSTS header
abchelp.net: could not connect to host
+abdullah.pw: could not connect to host
abearofsoap.com: could not connect to host
abecodes.net: could not connect to host
aberdeenalmeras.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -613,7 +631,6 @@ accelerate.network: could not connect to host
accelerole.com: did not receive HSTS header
accelight.co.jp: did not receive HSTS header
accelight.jp: did not receive HSTS header
-accelsnow.com: could not connect to host
access-sofia.org: did not receive HSTS header
accolade.com.br: could not connect to host
accoun.technology: could not connect to host
@@ -623,17 +640,18 @@ accwing.com: could not connect to host
aceadvisory.biz: did not receive HSTS header
acelpb.com: could not connect to host
acemypaper.com: could not connect to host
+acevik.de: could not connect to host
acg.mn: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
acg.sb: could not connect to host
acg18.us: max-age too low: 0
acgaudio.com: could not connect to host
-acgmoon.org: did not receive HSTS header
acgpiano.club: could not connect to host
acheirj.com.br: could not connect to host
-acheritage.co.uk: did not receive HSTS header
+acheritage.co.uk: could not connect to host
achmadfamily.com: could not connect to host
achow101.com: did not receive HSTS header
achterhoekseveiligheidsbeurs.nl: could not connect to host
+acidbin.co: could not connect to host
acisonline.net: did not receive HSTS header
acksoft.fr: did not receive HSTS header
acksoftdemo.fr: did not receive HSTS header
@@ -655,28 +673,31 @@ activateplay.com: did not receive HSTS header
active-escape.com: did not receive HSTS header
activeclearweb.com: could not connect to host
activeweb.top: could not connect to host
+activeworld.net: max-age too low: 2592000
activistasconstructivos.org: did not receive HSTS header
activiti.alfresco.com: did not receive HSTS header
actu-film.com: max-age too low: 0
actu-medias.com: could not connect to host
actualite-videos.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+acupofsalt.tv: could not connect to host
acuve.jp: could not connect to host
-acyume.com: did not receive HSTS header
ad-disruptio.fr: could not connect to host
-ad13.in: did not receive HSTS header
+ad13.in: could not connect to host
ada.is: max-age too low: 2592000
adajwells.me: could not connect to host
-adambryant.ca: could not connect to host
adamcoffee.net: could not connect to host
adamdixon.co.uk: could not connect to host
+adamjoycegames.co.uk: could not connect to host
adamricheimer.com: could not connect to host
adamsfoundationrepair.com: did not receive HSTS header
+adamwilcox.org: did not receive HSTS header
adamwk.com: did not receive HSTS header
adastra.re: could not connect to host
adblock.ovh: could not connect to host
adboos.com: could not connect to host
addaxpetroleum.com: could not connect to host
addcrazy.com: did not receive HSTS header
+addiko.net: could not connect to host
addvocate.com: could not connect to host
adec-emsa.ae: could not connect to host
adelaides.com: did not receive HSTS header
@@ -734,12 +755,10 @@ adventistdeploy.org: could not connect to host
adventures.is: did not receive HSTS header
adver.top: could not connect to host
advertisemant.com: could not connect to host
+advicepro.org.uk: did not receive HSTS header
adviespuntklokkenluiders.nl: could not connect to host
-adwokatkosterka.pl: did not receive HSTS header
adzie.xyz: could not connect to host
adzuna.co.uk: did not receive HSTS header
-ae-dir.com: could not connect to host
-ae-dir.org: could not connect to host
aegialis.com: did not receive HSTS header
aelisya.ch: could not connect to host
aelurus.com: could not connect to host
@@ -756,20 +775,23 @@ aether.pw: could not connect to host
aethonan.pro: could not connect to host
aevpn.net: could not connect to host
aevpn.org: could not connect to host
+aeyoun.com: did not receive HSTS header
af-fotografie.net: did not receive HSTS header
af-internet.nl: did not receive HSTS header
afdkompakt.de: max-age too low: 86400
afeefzarapackages.com: did not receive HSTS header
affily.io: could not connect to host
affinity.vc: did not receive HSTS header
+affloc.com: could not connect to host
affordablebouncycastle.co.uk: did not receive HSTS header
affordablepapers.com: could not connect to host
aficotroceni.ro: did not receive HSTS header
afiru.net: could not connect to host
aflamtorrent.com: could not connect to host
-afmchandler.com: did not receive HSTS header
+afmchandler.com: could not connect to host
afp548.tk: could not connect to host
-after.im: did not receive HSTS header
+africatravel.de: did not receive HSTS header
+after.im: could not connect to host
afterskool.eu: could not connect to host
afterstack.net: could not connect to host
afvallendoeje.nu: could not connect to host
@@ -777,11 +799,12 @@ afyou.co.kr: could not connect to host
afzco.asia: did not receive HSTS header
agalaxyfarfaraway.co.uk: could not connect to host
agatheetraphael.fr: could not connect to host
-agbremen.de: did not receive HSTS header
+agbremen.de: could not connect to host
agdalieso.com.ba: could not connect to host
agelesscitizen.com: could not connect to host
agelesscitizens.com: could not connect to host
agenbettingasia.com: did not receive HSTS header
+agenceactiv.immo: did not receive HSTS header
agenceklic.com: did not receive HSTS header
agenciagriff.com: did not receive HSTS header
agencymanager.be: could not connect to host
@@ -789,9 +812,8 @@ agentseeker.ca: could not connect to host
agevio.com: could not connect to host
agiairini.cz: could not connect to host
agilebits.net: could not connect to host
-agileecommerce.com.br: could not connect to host
agingstop.net: could not connect to host
-agonswim.com: could not connect to host
+agonswim.com: did not receive HSTS header
agoravm.tk: could not connect to host
agowa.eu: did not receive HSTS header
agowa338.de: did not receive HSTS header
@@ -807,17 +829,16 @@ ahabingo.com: did not receive HSTS header
ahelos.tk: could not connect to host
ahiru3.com: did not receive HSTS header
aholic.co: did not receive HSTS header
-ahoynetwork.com: could not connect to host
+ahoynetwork.com: did not receive HSTS header
ahri.ovh: could not connect to host
ahsin.online: could not connect to host
ahwah.net: could not connect to host
-ahwatukeefoothillsmontessori.com: did not receive HSTS header
+ahwatukeefoothillsmontessori.com: could not connect to host
ai1989.com: could not connect to host
aibaoyou.com: could not connect to host
aibsoftware.mx: could not connect to host
aicial.com: did not receive HSTS header
aicial.com.au: could not connect to host
-aid-web.ch: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
aidanwoods.com: did not receive HSTS header
aide-admin.com: did not receive HSTS header
aide-valais.ch: could not connect to host
@@ -825,6 +846,7 @@ aidikofflaw.com: did not receive HSTS header
aiesecarad.ro: could not connect to host
aifreeze.ru: could not connect to host
aify.eu: could not connect to host
+aiheisi.com: did not receive HSTS header
aikenorganics.com: could not connect to host
aim-consultants.com: did not receive HSTS header
aimrom.org: could not connect to host
@@ -851,16 +873,19 @@ airsick.guide: did not receive HSTS header
airtimefranchise.com: did not receive HSTS header
aishnair.com: could not connect to host
aisle3.space: could not connect to host
+aisr.nl: did not receive HSTS header
aiticon.de: did not receive HSTS header
aivene.com: could not connect to host
aiw-thkoeln.online: could not connect to host
aixxe.net: did not receive HSTS header
+aizxxs.com: could not connect to host
aizxxs.net: could not connect to host
ajetaci.cz: could not connect to host
ajibot.com: could not connect to host
ajmahal.com: could not connect to host
ajouin.com: could not connect to host
ajw-group.com: did not receive HSTS header
+ak-webit.de: could not connect to host
aka.my: did not receive HSTS header
akboy.pw: could not connect to host
akclinics.org: did not receive HSTS header
@@ -874,7 +899,6 @@ akihiro.xyz: could not connect to host
akita-boutique.com: could not connect to host
akita-stream.com: could not connect to host
akkadia.cc: could not connect to host
-akkeylab.com: could not connect to host
akoch.net: could not connect to host
akombakom.net: could not connect to host
akracing.se: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -887,7 +911,7 @@ aktuelle-uhrzeit.at: did not receive HSTS header
akul.co.in: could not connect to host
al-f.net: could not connect to host
al-shami.net: could not connect to host
-alanhuang.name: did not receive HSTS header
+al3366.tech: could not connect to host
alanlee.net: could not connect to host
alanrickmanflipstable.com: did not receive HSTS header
alanya.law: did not receive HSTS header
@@ -915,11 +939,10 @@ aldred.cloud: could not connect to host
aleax.me: could not connect to host
alecvannoten.be: did not receive HSTS header
aledg.cl: could not connect to host
-alela.fr: could not connect to host
alenan.org: could not connect to host
aleph.land: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
alertaenlinea.gov: did not receive HSTS header
-alessandro.pw: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+alessandro.pw: could not connect to host
alessandroz.ddns.net: could not connect to host
alessandroz.pro: could not connect to host
alethearose.com: did not receive HSTS header
@@ -939,20 +962,24 @@ alexkidd.de: did not receive HSTS header
alexmak.net: did not receive HSTS header
alexmol.tk: could not connect to host
alexperry.io: could not connect to host
+alexsinnott.me: could not connect to host
alfa24.pro: could not connect to host
+alfaperfumes.com.br: could not connect to host
alfaponny.se: could not connect to host
alfirous.com: could not connect to host
alfredxing.com: did not receive HSTS header
algarmatic-automatismos.pt: could not connect to host
algebraaec.com: did not receive HSTS header
+algercounty.gov: could not connect to host
alghaib.com: could not connect to host
-alibababee.com: did not receive HSTS header
+alibababee.com: could not connect to host
alibip.de: could not connect to host
alicialab.org: could not connect to host
alien.bz: did not receive HSTS header
alilialili.ga: could not connect to host
alinemaciel.adm.br: could not connect to host
alinode.com: could not connect to host
+alis-test.tk: could not connect to host
alistairholland.me: did not receive HSTS header
alistairpialek.com: max-age too low: 86400
alisync.com: could not connect to host
@@ -960,7 +987,6 @@ alittlebitcheeky.com: did not receive HSTS header
aliwebstore.com: could not connect to host
aljammaz.holdings: could not connect to host
aljmz.com: did not receive HSTS header
-aljweb.com: could not connect to host
alkami.com: max-age too low: 0
alkamitech.com: max-age too low: 0
alkel.info: did not receive HSTS header
@@ -972,13 +998,15 @@ alldaymonitoring.com: could not connect to host
alldm.ru: could not connect to host
allegro-inc.com: did not receive HSTS header
allemobieleproviders.nl: could not connect to host
+allenosgood.com: could not connect to host
allerbestefreunde.de: did not receive HSTS header
+allfreelancers.su: did not receive HSTS header
allgrass.es: did not receive HSTS header
allgrass.net: did not receive HSTS header
allhard.org: could not connect to host
alliance-compacts.com: did not receive HSTS header
-alliances-faq.de: could not connect to host
allinnote.com: could not connect to host
+allinone-ranking150.com: did not receive HSTS header
allinonecyprus.com: could not connect to host
allkindzabeats.com: did not receive HSTS header
allladyboys.com: could not connect to host
@@ -995,14 +1023,12 @@ allrealty.co.za: could not connect to host
allscammers.exposed: could not connect to host
allseasons-cleaning.co.uk: could not connect to host
allsortscastles.co.uk: could not connect to host
+allstarautokiaparts.com: could not connect to host
allstarswithus.com: could not connect to host
allstorebrasil.com.br: could not connect to host
alltheducks.com: max-age too low: 43200
allthingsblogging.com: could not connect to host
allthingsfpl.com: could not connect to host
-allthingssquared.com: could not connect to host
-alltubedownload.net: could not connect to host
-allvips.ru: could not connect to host
almagalla.com: could not connect to host
almatinki.com: could not connect to host
aloalabs.com: did not receive HSTS header
@@ -1014,11 +1040,11 @@ alpe-d-or.dyn-o-saur.com: could not connect to host
alpencam.com: could not connect to host
alpha.irccloud.com: could not connect to host
alphabit-secure.com: could not connect to host
+alphabrock.cn: could not connect to host
alphabuild.io: could not connect to host
alphagamers.net: did not receive HSTS header
alphahunks.com: could not connect to host
alphalabs.xyz: could not connect to host
-alrait.com: could not connect to host
als-hardware.co.za: did not receive HSTS header
alspolska.pl: max-age too low: 2592000
alt-tab-design.com: did not receive HSTS header
@@ -1034,12 +1060,12 @@ altered.network: could not connect to host
altfire.ca: could not connect to host
altiacaselight.com: could not connect to host
altitudemoversdenver.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-altonblom.com: did not receive HSTS header
altoneum.com: could not connect to host
altporn.xyz: could not connect to host
altruistgroup.net: max-age too low: 300
+alttrackr.com: could not connect to host
aluminium-scaffolding.co.uk: could not connect to host
-alunjam.es: could not connect to host
+alunjam.es: did not receive HSTS header
alunonaescola.com.br: did not receive HSTS header
aluoblog.pw: could not connect to host
aluoblog.top: could not connect to host
@@ -1052,7 +1078,10 @@ amadilo.de: could not connect to host
amadoraslindas.com: could not connect to host
amaforro.com: could not connect to host
amaforums.org: did not receive HSTS header
+amalficoastchauffeur.com: could not connect to host
+amalfirock.it: could not connect to host
amandaonishi.com: could not connect to host
+amandaworldstudies.com: could not connect to host
amaranthus.com.ph: could not connect to host
amateri.com: could not connect to host
amatzen.dk: did not receive HSTS header
@@ -1114,7 +1143,6 @@ anacruz.es: did not receive HSTS header
anadoluefessk.org: did not receive HSTS header
anadoluefessporkulubu.org: could not connect to host
anagra.ms: could not connect to host
-anaiscoachpersonal.es: could not connect to host
anaisypirueta.es: did not receive HSTS header
anajianu.ro: max-age too low: 2592000
anakros.me: could not connect to host
@@ -1122,7 +1150,6 @@ analangelsteen.com: could not connect to host
analpantyhose.org: could not connect to host
analteengirls.net: could not connect to host
analytic-s.ml: could not connect to host
-analytics-shop.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
analyticsinmotion.net: could not connect to host
analyzemyfriends.com: could not connect to host
anastasiafond.com: did not receive HSTS header
@@ -1147,7 +1174,6 @@ andreastoneman.com: could not connect to host
andrefaber.nl: did not receive HSTS header
andrei-coman.com: did not receive HSTS header
andreigec.net: did not receive HSTS header
-andrejbenz.com: could not connect to host
andrejstefanovski.com: did not receive HSTS header
andrepicard.de: could not connect to host
andrerose.ca: did not receive HSTS header
@@ -1163,6 +1189,7 @@ andrewregan.me: could not connect to host
andrewtebert.com: did not receive HSTS header
andrewthelott.net: could not connect to host
andrewvoce.com: did not receive HSTS header
+andrewx.net: could not connect to host
andrewyg.net: could not connect to host
andreypopp.com: could not connect to host
android: could not connect to host
@@ -1176,6 +1203,7 @@ andycloud.dynu.net: could not connect to host
andycraftz.eu: did not receive HSTS header
andymartin.cc: could not connect to host
andymelichar.com: max-age too low: 0
+andys-place.co.uk: could not connect to host
andyuk.org: could not connect to host
anecuni-club.com: could not connect to host
anecuni-rec.com: could not connect to host
@@ -1191,7 +1219,6 @@ angervillelorcher.fr: did not receive HSTS header
anghami.com: did not receive HSTS header
anglertanke.de: could not connect to host
anglictinatabor.cz: could not connect to host
-angrut.com: could not connect to host
angry-monk.com: could not connect to host
angrydragonproductions.com: could not connect to host
angrylab.com: did not receive HSTS header
@@ -1201,12 +1228,12 @@ aniaimichal.eu: could not connect to host
anim.ee: could not connect to host
animalnet.de: max-age too low: 7776000
animalstropic.com: could not connect to host
-animatelluris.nl: max-age too low: 300
+animatelluris.nl: max-age too low: 2628000
anime1.top: could not connect to host
anime1video.tk: could not connect to host
animeday.ml: could not connect to host
+animes-portal.info: did not receive HSTS header
animesfusion.com.br: could not connect to host
-animojis.es: could not connect to host
animurecs.com: could not connect to host
aniplus.cf: could not connect to host
aniplus.gq: could not connect to host
@@ -1218,7 +1245,8 @@ anitube-nocookie.ch: could not connect to host
anivar.net: could not connect to host
ankakaak.com: could not connect to host
ankaraprofesyonelnakliyat.com: did not receive HSTS header
-ankaraprofesyonelnakliyat.com.tr: did not receive HSTS header
+ankaraprofesyonelnakliyat.com.tr: could not connect to host
+ankenbrand.me: did not receive HSTS header
ankitha.in: max-age too low: 0
ankya9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
anlp.top: could not connect to host
@@ -1232,9 +1260,9 @@ annicascakes.nl: could not connect to host
annotate.software: could not connect to host
annrusnak.com: did not receive HSTS header
annsbouncycastles.com: could not connect to host
+anohana.org: could not connect to host
anomaly.ws: did not receive HSTS header
anonboards.com: could not connect to host
-anoneko.com: could not connect to host
anonrea.ch: could not connect to host
anonukradio.org: could not connect to host
anonymo.co.uk: could not connect to host
@@ -1259,7 +1287,7 @@ anthonyavon.com: could not connect to host
anthonyloop.com: did not receive HSTS header
anthro.id: did not receive HSTS header
antifraud.net.ru: could not connect to host
-antimatiere.space: could not connect to host
+antimatiere.space: did not receive HSTS header
antimine.kr: could not connect to host
antipa.ch: could not connect to host
antirayapmalang.com: did not receive HSTS header
@@ -1274,7 +1302,7 @@ antons.io: did not receive HSTS header
antraxx.ee: could not connect to host
antscript.com: did not receive HSTS header
anunayk.com: could not connect to host
-anycoin.me: could not connect to host
+anycoin.me: did not receive HSTS header
anyfood.fi: could not connect to host
anypool.fr: did not receive HSTS header
anypool.net: did not receive HSTS header
@@ -1297,15 +1325,19 @@ apaginastore.com.br: could not connect to host
apeasternpower.com: could not connect to host
aperim.com: max-age too low: 43200
aperture-laboratories.science: did not receive HSTS header
+apexitsolutions.ca: could not connect to host
api.mega.co.nz: could not connect to host
apibot.de: could not connect to host
apience.com: did not receive HSTS header
+apila.care: could not connect to host
+apila.us: could not connect to host
apiled.io: could not connect to host
apis.blue: could not connect to host
apis.google.com: did not receive HSTS header (error ignored - included regardless)
apis.world: could not connect to host
apivia.fr: did not receive HSTS header
apkdv.com: did not receive HSTS header
+apkmod.id: did not receive HSTS header
apkoyunlar.club: could not connect to host
apkriver.com: did not receive HSTS header
apl2bits.net: did not receive HSTS header
@@ -1326,12 +1358,13 @@ app-arena.com: did not receive HSTS header
app.manilla.com: could not connect to host
apparels24.com: did not receive HSTS header
appart.ninja: could not connect to host
-appchive.net: could not connect to host
appcoins.io: did not receive HSTS header
appdb.cc: did not receive HSTS header
appdrinks.com: could not connect to host
+appel-aide.ch: could not connect to host
appeldorn.me: did not receive HSTS header
appengine.google.com: did not receive HSTS header (error ignored - included regardless)
+appformacpc.com: did not receive HSTS header
appimlab.it: could not connect to host
apple-watch-zubehoer.de: could not connect to host
apple.ax: could not connect to host
@@ -1352,23 +1385,23 @@ appsdash.io: could not connect to host
appson.co.uk: did not receive HSTS header
apptoutou.com: could not connect to host
appuro.com: did not receive HSTS header
+appxcrypto.com: did not receive HSTS header
aprefix.com: could not connect to host
aprpullmanportermuseum.org: did not receive HSTS header
-aptitude9.com: did not receive HSTS header
+aptitude9.com: could not connect to host
aqilacademy.com.au: could not connect to host
aqqrate.com: could not connect to host
aquariumaccessories.shop: could not connect to host
-aquaselect.eu: could not connect to host
+aquaron.com: did not receive HSTS header
aquilaguild.com: could not connect to host
aquilalab.com: could not connect to host
aquireceitas.com: did not receive HSTS header
ar.al: did not receive HSTS header
-arabdigitalexpression.org: could not connect to host
+arabdigitalexpression.org: did not receive HSTS header
arabsexi.info: could not connect to host
aradulconteaza.ro: could not connect to host
aran.me.uk: could not connect to host
aranel.me: could not connect to host
-arawaza.biz: did not receive HSTS header
arawaza.info: could not connect to host
arboineuropa.nl: did not receive HSTS header
arboleda-hurtado.com: could not connect to host
@@ -1384,11 +1417,13 @@ arctica.io: did not receive HSTS header
ardao.me: could not connect to host
ardorlabs.se: did not receive HSTS header
area3.org: could not connect to host
+area536.com: did not receive HSTS header
areallyneatwebsite.com: could not connect to host
arent.kz: did not receive HSTS header
arenzanaphotography.com: could not connect to host
arewedubstepyet.com: could not connect to host
areyouever.me: could not connect to host
+argama-nature.com: did not receive HSTS header
argennon.xyz: could not connect to host
argh.io: could not connect to host
arguggi.co.uk: could not connect to host
@@ -1416,7 +1451,7 @@ armeni-jewellery.gr: did not receive HSTS header
armenians.online: could not connect to host
armingrodon.de: did not receive HSTS header
armodec.com: did not receive HSTS header
-armor.com: could not connect to host
+armor.com: did not receive HSTS header
armored.ninja: did not receive HSTS header
armory.consulting: could not connect to host
armory.supplies: could not connect to host
@@ -1439,7 +1474,6 @@ arrowgrove.com: could not connect to host
ars-design.net: could not connect to host
arsenal.ru: could not connect to host
arsk1.com: could not connect to host
-art2web.net: could not connect to host
artansoft.com: could not connect to host
artaronquieres.com: did not receive HSTS header
artartefatos.com.br: could not connect to host
@@ -1466,8 +1500,10 @@ arto.bg: did not receive HSTS header
artofeyes.nl: could not connect to host
artsinthevalley.net.au: did not receive HSTS header
artstopinc.com: did not receive HSTS header
+arturkohut.com: could not connect to host
artyland.ru: could not connect to host
arvamus.eu: could not connect to host
+arw.me: did not receive HSTS header
arzaroth.com: did not receive HSTS header
as.se: could not connect to host
as9178.net: could not connect to host
@@ -1479,7 +1515,11 @@ asc16.com: could not connect to host
aschaefer.net: could not connect to host
asdpress.cn: could not connect to host
aseith.com: could not connect to host
+aseko.gr: did not receive HSTS header
asepms.com: max-age too low: 7776000
+ashd1.goip.de: could not connect to host
+ashd2.goip.de: could not connect to host
+ashd3.goip.de: could not connect to host
ashlane-cottages.com: could not connect to host
ashleakunowski.com: could not connect to host
ashleyadum.com: could not connect to host
@@ -1490,7 +1530,6 @@ asian-archi.com.tw: did not receive HSTS header
asianbet77.co: did not receive HSTS header
asianbet77.net: did not receive HSTS header
asisee.co.il: could not connect to host
-ask.pe: could not connect to host
askfit.cz: did not receive HSTS header
askmagicconch.com: could not connect to host
aslinfinity.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -1501,6 +1540,7 @@ asmui.ga: could not connect to host
asmui.ml: did not receive HSTS header
asoftwareco.com: did not receive HSTS header
asphaltfruehling.de: could not connect to host
+aspisdata.com: did not receive HSTS header
asral7.com: could not connect to host
asryflorist.com: did not receive HSTS header
ass.org.au: did not receive HSTS header
@@ -1509,13 +1549,14 @@ assdecoeur.org: could not connect to host
assekuranzjobs.de: could not connect to host
asset-alive.com: did not receive HSTS header
asset-alive.net: could not connect to host
+assetict.com: max-age too low: 0
assetsupervision.com: could not connect to host
assindia.nl: did not receive HSTS header
assistance-personnes-agees.ch: could not connect to host
assistcart.com: could not connect to host
-asspinter.me: could not connect to host
assurancesmons.be: did not receive HSTS header
astaninki.com: could not connect to host
+astenretail.com: could not connect to host
asthon.cn: could not connect to host
astraalivankila.net: could not connect to host
astral.gq: did not receive HSTS header
@@ -1524,7 +1565,6 @@ astrea-voetbal-groningen.nl: could not connect to host
astrolpost.com: could not connect to host
astromelody.com: did not receive HSTS header
astronomie-fulda.de: did not receive HSTS header
-astrosnail.pt.eu.org: could not connect to host
astutr.co: could not connect to host
asuhe.cc: could not connect to host
asuhe.win: did not receive HSTS header
@@ -1532,6 +1572,7 @@ asuhe.xyz: could not connect to host
async.be: could not connect to host
at-one.ca: did not receive HSTS header
at1.co: could not connect to host
+ataber.pw: could not connect to host
atacadooptico.com.br: could not connect to host
atavio.at: could not connect to host
atavio.ch: could not connect to host
@@ -1548,15 +1589,16 @@ athaliasoft.com: could not connect to host
athenelive.com: could not connect to host
athensbusinessresources.us: could not connect to host
atheoryofchange.com: could not connect to host
+atherosense.ga: could not connect to host
athi.pl: did not receive HSTS header
athul.xyz: could not connect to host
atk.me: could not connect to host
atkdesign.pt: did not receive HSTS header
+atlantahairsurgeon.com: did not receive HSTS header
atlas-5.site: could not connect to host
atlas-staging.ml: could not connect to host
atlas.co: did not receive HSTS header
atlassian.net: did not receive HSTS header
-atlayo.com: could not connect to host
atlex.nl: did not receive HSTS header
atlseccon.com: did not receive HSTS header
atmocdn.com: could not connect to host
@@ -1568,7 +1610,6 @@ atracaosexshop.com.br: could not connect to host
atrevillot.com: could not connect to host
attelage.net: did not receive HSTS header
attic118.com: could not connect to host
-attilagyorffy.com: could not connect to host
attimidesigns.com: did not receive HSTS header
attogproductions.com: did not receive HSTS header
au-pair24.de: did not receive HSTS header
@@ -1585,11 +1626,9 @@ aufprise.de: did not receive HSTS header
augaware.org: did not receive HSTS header
augenblicke-blog.de: could not connect to host
augias.org: could not connect to host
-augiero.it: could not connect to host
-augix.net: could not connect to host
augrandinquisiteur.com: did not receive HSTS header
-august.black: could not connect to host
aujapan.ru: could not connect to host
+aulaschrank.gq: could not connect to host
auntieme.com: did not receive HSTS header
auntmia.com: could not connect to host
aur.rocks: did not receive HSTS header
@@ -1633,6 +1672,7 @@ autodeploy.it: could not connect to host
autoecolebudget.ch: did not receive HSTS header
autoecoledumontblanc.com: could not connect to host
autoeet.cz: did not receive HSTS header
+autohaus-snater.de: did not receive HSTS header
autojuhos.sk: could not connect to host
autokovrik-diskont.ru: did not receive HSTS header
automobiles5.com: could not connect to host
@@ -1652,6 +1692,7 @@ av.de: did not receive HSTS header
av01.tv: could not connect to host
av163.cc: could not connect to host
avadatravel.com: did not receive HSTS header
+avalon-studios.de: could not connect to host
avalyuan.com: could not connect to host
avantmfg.com: did not receive HSTS header
avaq.fr: did not receive HSTS header
@@ -1670,7 +1711,7 @@ avmemo.com: could not connect to host
avmo.pw: could not connect to host
avmoo.com: could not connect to host
avonlearningcampus.com: could not connect to host
-avotoma.com: did not receive HSTS header
+avotoma.com: could not connect to host
avso.pw: could not connect to host
avspot.net: could not connect to host
avus-automobile.com: did not receive HSTS header
@@ -1697,7 +1738,7 @@ axg.io: did not receive HSTS header
axialsports.com: did not receive HSTS header
axis-stralis.co.uk: could not connect to host
axiumacademy.com: did not receive HSTS header
-axka.com: could not connect to host
+axka.com: did not receive HSTS header
axolsoft.com: max-age too low: 10540800
axtudo.com: did not receive HSTS header
axtux.tk: could not connect to host
@@ -1711,10 +1752,8 @@ ayor.jp: could not connect to host
ayor.tech: could not connect to host
ayuru.info: could not connect to host
az-vinyl-boden.de: could not connect to host
-azabani.com: did not receive HSTS header
azamra.com: did not receive HSTS header
azia.info: could not connect to host
-azino777.ru: could not connect to host
azirevpn.com: did not receive HSTS header
azlo.com: did not receive HSTS header
azprep.us: could not connect to host
@@ -1725,6 +1764,7 @@ b-entropy.com: could not connect to host
b-pi.duckdns.org: could not connect to host
b-rickroll-e.pw: could not connect to host
b-space.de: could not connect to host
+b-ticket.ch: could not connect to host
b0618.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b0618.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b0868.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -1742,6 +1782,7 @@ b2b-nestle.com.br: could not connect to host
b2bpromoteit.com: did not receive HSTS header
b3orion.com: could not connect to host
b422edu.com: could not connect to host
+b4r7.de: did not receive HSTS header
b5189.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b5189.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b5289.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -1753,7 +1794,7 @@ b8591.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_
b8591.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b8979.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b8979.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-b8a.me: could not connect to host
+b8a.me: did not receive HSTS header
b9018.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b9018.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b9108.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -1765,7 +1806,7 @@ b9112.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_
b911gt.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b911gt.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b9168.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-b91688.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+b91688.com: could not connect to host
b91688.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b91688.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
b91688.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -1853,7 +1894,7 @@ babybic.hu: could not connect to host
babycs.house: could not connect to host
babyhouse.xyz: could not connect to host
babyliss-pro.com: could not connect to host
-babyliss-pro.net: max-age too low: 0
+babyliss-pro.net: did not receive HSTS header
babysaying.me: could not connect to host
babystep.tv: did not receive HSTS header
bacchanallia.com: could not connect to host
@@ -1861,13 +1902,11 @@ bacgrouppublishing.com: could not connect to host
bacimg.com: did not receive HSTS header
back-bone.nl: did not receive HSTS header
backenmachtgluecklich.de: max-age too low: 2592000
-backgroundchecks.online: did not receive HSTS header
backgroundz.net: could not connect to host
backintomotionphysiotherapy.com: did not receive HSTS header
backlogapp.io: could not connect to host
backpacken.org: could not connect to host
backscattering.de: did not receive HSTS header
-backupsinop.com.br: did not receive HSTS header
backyardbbqbash.com: did not receive HSTS header
baconate.com: did not receive HSTS header
bad.show: could not connect to host
@@ -1880,6 +1919,7 @@ badkamergigant.com: could not connect to host
baff.lu: could not connect to host
baffinlee.com: did not receive HSTS header
bagiobella.com: max-age too low: 0
+baglu.com: could not connect to host
bagstage.de: did not receive HSTS header
baiduaccount.com: could not connect to host
baildonhottubs.co.uk: could not connect to host
@@ -1887,12 +1927,12 @@ bair.io: could not connect to host
bairdzhang.com: could not connect to host
baito-j.jp: did not receive HSTS header
baixoutudo.com: did not receive HSTS header
+bajajfinserv.in: did not receive HSTS header
bakabt.info: could not connect to host
bakanin.ru: could not connect to host
bakaweb.fr: could not connect to host
bakhansen.com: did not receive HSTS header
bakkerdesignandbuild.com: did not receive HSTS header
-bakongcondo.com: could not connect to host
bakxnet.com: could not connect to host
balatoni-nyar.hu: did not receive HSTS header
balcan-underground.net: could not connect to host
@@ -1902,6 +1942,7 @@ balenciaspa.com: did not receive HSTS header
balihai.com: did not receive HSTS header
balilingo.ooo: could not connect to host
ballbusting-cbt.com: could not connect to host
+balle.dk: could not connect to host
ballitolocksmith.com: could not connect to host
balloonphp.com: could not connect to host
balnearionaturaspa.com: did not receive HSTS header
@@ -1921,12 +1962,12 @@ bandar303.id: did not receive HSTS header
bandar303.win: did not receive HSTS header
bandarifamily.com: could not connect to host
bandb.xyz: did not receive HSTS header
-bandrcrafts.com: did not receive HSTS header
+bandrcrafts.com: could not connect to host
banduhn.com: did not receive HSTS header
bangzafran.com: could not connect to host
bank: could not connect to host
bankcircle.co.in: could not connect to host
-bankfreeoffers.com: did not receive HSTS header
+bankersonline.com: could not connect to host
bankitt.network: could not connect to host
bankmilhas.com.br: did not receive HSTS header
bankofrealty.review: could not connect to host
@@ -1948,7 +1989,7 @@ barcouniforms.com: did not receive HSTS header
barely.sexy: did not receive HSTS header
barf-alarm.de: did not receive HSTS header
bargainmovingcompany.com: did not receive HSTS header
-bariller.fr: could not connect to host
+bariller.fr: did not receive HSTS header
baris-sagdic.com: could not connect to host
barnrats.com: could not connect to host
baropkamp.be: did not receive HSTS header
@@ -1960,7 +2001,7 @@ barrett.ag: did not receive HSTS header
barrut.me: did not receive HSTS header
barshout.co.uk: could not connect to host
barss.io: could not connect to host
-bartbania.com: did not receive HSTS header
+bartel.ws: could not connect to host
bartelldrugs.com: did not receive HSTS header
barunisystems.com: could not connect to host
bascht.com: did not receive HSTS header
@@ -1983,6 +2024,7 @@ bat909.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR
bat9vip.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
bat9vip.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
batfoundry.com: could not connect to host
+batipresta.ch: did not receive HSTS header
batonger.com: could not connect to host
batten.eu.org: could not connect to host
batteryservice.ru: did not receive HSTS header
@@ -1992,6 +2034,7 @@ baudairenergyservices.com: did not receive HSTS header
bauen-mit-ziegel.de: max-age too low: 604800
baum.ga: did not receive HSTS header
baumstark.ca: could not connect to host
+bautied.de: did not receive HSTS header
bayinstruments.com: could not connect to host
bayrisch-fuer-anfaenger.de: did not receive HSTS header
baysse.eu: did not receive HSTS header
@@ -2030,10 +2073,11 @@ bcnet.com.hk: could not connect to host
bcnet.hk: could not connect to host
bcodeur.com: did not receive HSTS header
bcradio.org: could not connect to host
+bcs.adv.br: did not receive HSTS header
bcsytv.com: could not connect to host
-bcvps.com: could not connect to host
+bcvps.com: did not receive HSTS header
bcweightlifting.ca: could not connect to host
-bdata.cl: did not receive HSTS header
+bdata.cl: could not connect to host
bddemir.com: could not connect to host
bde-epitech.fr: could not connect to host
bdenzer.com: did not receive HSTS header
@@ -2041,19 +2085,20 @@ bdenzer.xyz: could not connect to host
bdikaros-network.net: could not connect to host
bdsmxxxpics.com: could not connect to host
be9418.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-be9418.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+be9418.info: could not connect to host
be9418.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-be9418.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+be9418.org: could not connect to host
be9458.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
be9458.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
be9458.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
be9458.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
be958.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-be958.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+be958.info: could not connect to host
be958.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-be958.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+be958.org: could not connect to host
be9966.com: could not connect to host
beach-inspector.com: did not receive HSTS header
+beachfutbolclub.com: did not receive HSTS header
beachi.es: could not connect to host
beacinsight.com: could not connect to host
beaglewatch.com: could not connect to host
@@ -2061,7 +2106,7 @@ beagreenbean.co.uk: could not connect to host
beamitapp.com: could not connect to host
beanbot.party: could not connect to host
beanworks.ca: did not receive HSTS header
-bearden.io: did not receive HSTS header
+bearden.io: could not connect to host
beardydave.com: did not receive HSTS header
beasel.biz: could not connect to host
beastlog.tk: could not connect to host
@@ -2072,6 +2117,7 @@ bebeefy.uk: could not connect to host
bebesurdoue.com: could not connect to host
beccajoshwedding.com: could not connect to host
becklove.cn: could not connect to host
+beckon.com: did not receive HSTS header
becoast.fr: did not receive HSTS header
becubed.co: could not connect to host
bedabox.com: did not receive HSTS header
@@ -2091,11 +2137,12 @@ befundup.com: could not connect to host
begcykel.com: did not receive HSTS header
begoodny.co.il: max-age too low: 7889238
behere.be: could not connect to host
-beholdthehurricane.com: did not receive HSTS header
+beholdthehurricane.com: could not connect to host
beier.io: could not connect to host
beikeil.de: did not receive HSTS header
beingmad.org: did not receive HSTS header
belairsewvac.com: could not connect to host
+belastingdienst-in-beeld.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
belcompany.nl: could not connect to host
belewpictures.com: could not connect to host
belgien.guide: could not connect to host
@@ -2107,6 +2154,7 @@ belmontprom.com: could not connect to host
belpbleibtbelp.ch: could not connect to host
belua.com: did not receive HSTS header
belwederczykow.eu: could not connect to host
+belyvly.com: did not receive HSTS header
bemvindoaolar.com.br: could not connect to host
bemyvictim.com: max-age too low: 2678400
benchcast.com: did not receive HSTS header
@@ -2128,7 +2176,8 @@ benjamindietrich.com: could not connect to host
benjaminesims.com: did not receive HSTS header
benjaminjurke.net: did not receive HSTS header
benk.press: could not connect to host
-benny003.de: could not connect to host
+benmorecentre.co.uk: did not receive HSTS header
+benny003.de: did not receive HSTS header
benohead.com: did not receive HSTS header
bentphotos.se: could not connect to host
benwattie.com: did not receive HSTS header
@@ -2140,15 +2189,13 @@ bep362.vn: could not connect to host
beraru.tk: could not connect to host
beraten-entwickeln-steuern.de: could not connect to host
berdaguermontes.eu: could not connect to host
-berdu.id: did not receive HSTS header
berduri.com: did not receive HSTS header
beretech.fr: could not connect to host
berger.work: could not connect to host
bergfex.at: did not receive HSTS header
bergland-seefeld.at: did not receive HSTS header
berhampore-gateway.tk: could not connect to host
-berinhard.pl: did not receive HSTS header
-berlatih.com: could not connect to host
+berlatih.com: did not receive HSTS header
berliancom.com: did not receive HSTS header
berlin-kohlefrei.de: could not connect to host
berlinleaks.com: could not connect to host
@@ -2160,6 +2207,7 @@ berseb.se: could not connect to host
berthelier.me: could not connect to host
berz.one: could not connect to host
besb66.club: could not connect to host
+besb66.com: did not receive HSTS header
besb66.me: could not connect to host
besb66.ninja: could not connect to host
besb66.rocks: could not connect to host
@@ -2200,11 +2248,10 @@ bet9bet9.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERR
betaclean.fr: did not receive HSTS header
betafive.net: could not connect to host
betakah.net: did not receive HSTS header
-betamint.org: could not connect to host
+betamint.org: did not receive HSTS header
betcafearena.ro: could not connect to host
betformular.com: could not connect to host
betgo9.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-bethanyduke.com: could not connect to host
bethditto.com: did not receive HSTS header
betkoo.com: could not connect to host
betnet.fr: could not connect to host
@@ -2251,15 +2298,17 @@ bgdaddy.com: did not receive HSTS header
bgenlisted.com: could not connect to host
bgfashion.net: could not connect to host
bgneuesheim.de: did not receive HSTS header
+bgp.ee: could not connect to host
bhatia.at: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
bhosted.nl: did not receive HSTS header
+biancolievito.it: did not receive HSTS header
bianinapiccanovias.com: could not connect to host
biaoqingfuhao.net: did not receive HSTS header
biaoqingfuhao.org: did not receive HSTS header
biapinheiro.com.br: max-age too low: 5184000
-biathloncup.ru: could not connect to host
biblerhymes.com: did not receive HSTS header
bibliafeminina.com.br: could not connect to host
+biblio.wiki: could not connect to host
bichines.es: did not receive HSTS header
bichonfrise.com.br: could not connect to host
bichonmaltes.com.br: could not connect to host
@@ -2273,7 +2322,7 @@ bienenblog.cc: could not connect to host
bier.jp: did not receive HSTS header
bierbringer.at: could not connect to host
bierochs.org: could not connect to host
-biewen.me: could not connect to host
+biewen.me: did not receive HSTS header
big-black.de: did not receive HSTS header
bigbbqbrush.bid: could not connect to host
bigbounceentertainment.co.uk: could not connect to host
@@ -2286,19 +2335,20 @@ biglagoonrentals.com: did not receive HSTS header
bigshinylock.minazo.net: could not connect to host
bigshort.org: could not connect to host
biguixhe.net: could not connect to host
-bijoux.com.br: could not connect to host
bijouxbrasil.com.br: did not receive HSTS header
bijouxdegriffe.com.br: could not connect to host
bijugeral.com.br: could not connect to host
bijuteriicualint.ro: could not connect to host
bikelifetvkidsquads.co.uk: could not connect to host
bikermusic.net: could not connect to host
+bikeshopitalia.com: could not connect to host
bilanligne.com: did not receive HSTS header
bildermachr.de: could not connect to host
+biletru.net: could not connect to host
biletua.de: could not connect to host
biletyplus.ru: did not receive HSTS header
bilibili.red: could not connect to host
-bill-nye-the.science: did not receive HSTS header
+bill-nye-the.science: could not connect to host
billdestler.com: did not receive HSTS header
billigssl.dk: did not receive HSTS header
billkiss.com: could not connect to host
@@ -2310,7 +2360,6 @@ binam.center: could not connect to host
binarization.net: could not connect to host
binarization.org: did not receive HSTS header
binaryabstraction.com: could not connect to host
-binaryevolved.com: could not connect to host
binaryfigments.com: max-age too low: 7776000
binbin9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
binbin9.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -2323,7 +2372,8 @@ bingofriends.com: could not connect to host
bingostars.com: did not receive HSTS header
binimo.com: could not connect to host
binkanhada.biz: could not connect to host
-biocrafting.net: did not receive HSTS header
+binsp.net: could not connect to host
+bintelligence.nl: did not receive HSTS header
bioespuna.eu: did not receive HSTS header
biofam.ru: did not receive HSTS header
biomax-mep.com.br: did not receive HSTS header
@@ -2334,13 +2384,13 @@ biospeak.solutions: could not connect to host
biou.me: could not connect to host
biovalue.eu: could not connect to host
bip.gov.sa: could not connect to host
+birchbarkfurniture.ch: could not connect to host
birdandbranchnyc.com: max-age too low: 43200
birkengarten.ch: could not connect to host
birkman.com: did not receive HSTS header
biscuits-rec.com: could not connect to host
biscuits-shop.com: could not connect to host
-bismarck-tb.de: could not connect to host
-bismarck.moe: did not receive HSTS header
+bismarck.moe: could not connect to host
bisterfeldt.com: did not receive HSTS header
bistrodeminas.com: could not connect to host
biswas.me: could not connect to host
@@ -2348,6 +2398,7 @@ bit.voyage: did not receive HSTS header
bitace.com: did not receive HSTS header
bitbit.org: did not receive HSTS header
bitbr.net: did not receive HSTS header
+bitcalt.ga: could not connect to host
bitcantor.com: did not receive HSTS header
bitchan.it: could not connect to host
bitclubfun.com: did not receive HSTS header
@@ -2361,10 +2412,10 @@ bitcoinfo.jp: did not receive HSTS header
bitcoinhk.org: did not receive HSTS header
bitcoinjpn.com: could not connect to host
bitcoinprivacy.net: did not receive HSTS header
+bitcoinwalletscript.tk: could not connect to host
bitcoinworld.me: could not connect to host
bitconcepts.co.uk: could not connect to host
bitedge.com: did not receive HSTS header
-bitenose.com: could not connect to host
bitenose.net: could not connect to host
bitenose.org: could not connect to host
biteoftech.com: did not receive HSTS header
@@ -2402,16 +2453,18 @@ bitvigor.com: could not connect to host
bitwrought.net: could not connect to host
bityes.org: could not connect to host
bivsi.com: could not connect to host
+biyori.moe: did not receive HSTS header
bizcms.com: could not connect to host
bizedge.co.nz: did not receive HSTS header
bizon.sk: did not receive HSTS header
-bizpare.com: did not receive HSTS header
+bizpare.com: max-age too low: 2592000
bizzartech.com: did not receive HSTS header
bizzi.tv: could not connect to host
bizzybeebouncers.co.uk: could not connect to host
bjgongyi.com: did not receive HSTS header
bjl5689.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
bjl5689.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+bjolanta.pl: could not connect to host
bjrn.io: could not connect to host
bjtxl.cn: could not connect to host
bk-wife.com: could not connect to host
@@ -2431,11 +2484,13 @@ blackburn.link: could not connect to host
blackdesertsp.com: could not connect to host
blackdiam.net: did not receive HSTS header
blackdragoninc.org: could not connect to host
+blackhell.xyz: could not connect to host
blacklane.com: did not receive HSTS header
blackly.uk: max-age too low: 0
blackmagic.sk: could not connect to host
blackmirror.com.au: did not receive HSTS header
blackphantom.de: could not connect to host
+blackroot.eu: max-age too low: 10368000
blackscreen.me: could not connect to host
blackunicorn.wtf: could not connect to host
bladesmith.io: did not receive HSTS header
@@ -2443,7 +2498,6 @@ blakerandall.xyz: did not receive HSTS header
blantik.net: could not connect to host
blantr.com: could not connect to host
blarg.co: could not connect to host
-blauerhunger.de: could not connect to host
blauwwit.be: did not receive HSTS header
blazeit.io: could not connect to host
blechpirat.name: could not connect to host
@@ -2455,7 +2509,6 @@ blessnet.jp: did not receive HSTS header
bleutecmedia.com: did not receive HSTS header
blha303.com.au: could not connect to host
bliker.ga: could not connect to host
-blikund.swedbank.se: did not receive HSTS header
blindaryproduction.tk: could not connect to host
blindsexdate.nl: did not receive HSTS header
bling9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -2464,6 +2517,7 @@ bling999.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERR
bling999.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
blinkenlight.co.uk: could not connect to host
blinkenlight.com.au: could not connect to host
+blitzvendor.com: could not connect to host
blizz.news: max-age too low: 0
blmiller.com: did not receive HSTS header
blocksatz-medien.de: could not connect to host
@@ -2494,10 +2548,11 @@ bls-fiduciaire.be: did not receive HSTS header
bltc.co: could not connect to host
blubbablasen.de: could not connect to host
blucas.org: did not receive HSTS header
+bludnykoren.ml: could not connect to host
blue17.co.uk: did not receive HSTS header
+bluebahari.gq: could not connect to host
bluebill.net: did not receive HSTS header
-bluecardlottery.eu: did not receive HSTS header
-bluecards.eu: did not receive HSTS header
+bluecardlottery.eu: could not connect to host
bluecon.eu: could not connect to host
bluefinger.nl: did not receive HSTS header
blueglobalmedia.com: could not connect to host
@@ -2505,6 +2560,7 @@ bluehawk.cloud: could not connect to host
bluehelixmusic.com: could not connect to host
blueliv.com: did not receive HSTS header
bluemoonroleplaying.com: could not connect to host
+bluemosh.com: could not connect to host
bluepearl.tk: could not connect to host
bluepoint.foundation: could not connect to host
bluepoint.institute: could not connect to host
@@ -2515,7 +2571,6 @@ bluesecure.com.br: could not connect to host
bluetenmeer.com: did not receive HSTS header
bluezonehealth.co.uk: did not receive HSTS header
blui.cf: max-age too low: 1209600
-bluiandaj.ml: could not connect to host
bluketing.com: did not receive HSTS header
blumen-binder.ch: did not receive HSTS header
blumen-garage.de: could not connect to host
@@ -2532,6 +2587,8 @@ bm-i.ch: could not connect to host
bm-trading.nl: did not receive HSTS header
bmet.de: did not receive HSTS header
bmoattachments.org: did not receive HSTS header
+bmone.net: could not connect to host
+bn4t.me: did not receive HSTS header
bnb-buddy.nl: could not connect to host
bnboy.cn: could not connect to host
bngsecure.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -2557,7 +2614,6 @@ bodrumfarm.com: could not connect to host
bodyblog.nl: did not receive HSTS header
bodybuilding-legends.com: could not connect to host
bodybuilding.events: could not connect to host
-bodymusclejournal.com: could not connect to host
bodyweightsolution.com: could not connect to host
boel073.nl: did not receive HSTS header
boensou.com: did not receive HSTS header
@@ -2578,20 +2634,22 @@ bombsquad.studio: could not connect to host
bonamihome.ro: could not connect to host
bonapp.restaurant: could not connect to host
bondagefetishstore.com: could not connect to host
-bondtofte.dk: did not receive HSTS header
boneko.de: did not receive HSTS header
-bonigo.de: did not receive HSTS header
+bonigo.de: could not connect to host
+bonita.com.br: could not connect to host
bonitabrazilian.co.nz: did not receive HSTS header
+bonniekitchen.com: could not connect to host
bonnin.fr: did not receive HSTS header
bonobo.cz: could not connect to host
-bonop.com: could not connect to host
+bonop.com: did not receive HSTS header
+bonsi.net: could not connect to host
bonta.one: could not connect to host
bonus-flexi.com: did not receive HSTS header
boobox.xyz: could not connect to host
-boodaah.com: did not receive HSTS header
book-of-ra.de: could not connect to host
bookcelerator.com: did not receive HSTS header
booked.holiday: could not connect to host
+bookingdeluxesp.com: did not receive HSTS header
bookingentertainment.com: did not receive HSTS header
bookmakersfreebets.com.au: did not receive HSTS header
bookofraonlinecasinos.com: could not connect to host
@@ -2616,12 +2674,12 @@ borchers-media.de: could not connect to host
borchers.ninja: did not receive HSTS header
borderlinegroup.com: could not connect to host
borgmestervangen.xyz: could not connect to host
+borgodigatteraia.it: could not connect to host
boringsecurity.net: could not connect to host
boris.one: could not connect to host
borisavstankovic.rs: could not connect to host
borisbesemer.com: could not connect to host
born-to-learn.com: could not connect to host
-borowski.pw: could not connect to host
borrelioz.com: did not receive HSTS header
borscheid-wenig.com: did not receive HSTS header
borzoi.com.br: could not connect to host
@@ -2631,10 +2689,12 @@ botlab.ch: could not connect to host
botmanager.pl: could not connect to host
botox.bz: did not receive HSTS header
bots.cat: could not connect to host
-bottke.berlin: could not connect to host
+botserver.de: could not connect to host
+botstack.host: could not connect to host
boueki.jp: did not receive HSTS header
boueki.org: did not receive HSTS header
bouk.co: could not connect to host
+bounceaboutsussex.co.uk: did not receive HSTS header
bouncebeyondcastles.co.uk: did not receive HSTS header
bounceboxspc.com: did not receive HSTS header
bouncecoffee.com: did not receive HSTS header
@@ -2650,6 +2710,8 @@ bouncycastles.me: could not connect to host
bouncycastlesperth.net: could not connect to host
bouncyhouses.co.uk: did not receive HSTS header
bouncymadness.com: did not receive HSTS header
+bountiful.gov: could not connect to host
+bourgdepabos.com: did not receive HSTS header
bouwbedrijfpurmerend.nl: did not receive HSTS header
bowlsheet.com: did not receive HSTS header
bownty.pt: could not connect to host
@@ -2683,6 +2745,7 @@ braintm.com: could not connect to host
braintreebouncycastles.com: could not connect to host
braintreegateway.com: did not receive HSTS header
braintreepayments.com: did not receive HSTS header
+bramburek.net: could not connect to host
bran.cc: could not connect to host
bran.soy: could not connect to host
branchzero.com: did not receive HSTS header
@@ -2697,11 +2760,12 @@ brandons.site: could not connect to host
brandontaylor-black.com: could not connect to host
brandred.net: could not connect to host
brandspray.com: could not connect to host
+brandtrapselfie.nl: could not connect to host
+brandweeruitgeest.nl: could not connect to host
brasilien.guide: could not connect to host
brasilmorar.com: did not receive HSTS header
bravz.de: could not connect to host
brb.city: did not receive HSTS header
-breadofgod.org: could not connect to host
breatheav.com: did not receive HSTS header
breatheproduction.com: did not receive HSTS header
breeswish.org: did not receive HSTS header
@@ -2709,7 +2773,6 @@ bregnedalsystems.dk: did not receive HSTS header
bremensaki.com: max-age too low: 2592000
brenden.net.au: could not connect to host
bress.cloud: could not connect to host
-brettcornwall.com: did not receive HSTS header
brettpemberton.xyz: did not receive HSTS header
bretz-hufer.de: did not receive HSTS header
brfvh24.se: could not connect to host
@@ -2719,6 +2782,7 @@ brianpcurran.com: did not receive HSTS header
brickoo.com: could not connect to host
brickwerks.io: could not connect to host
brickyardbuffalo.com: did not receive HSTS header
+brideandgroomdirect.ie: did not receive HSTS header
bridgeout.com: could not connect to host
bridholm.se: could not connect to host
brightfuturemadebyme.com: could not connect to host
@@ -2741,8 +2805,10 @@ brivadois.ovh: did not receive HSTS header
brix.ninja: did not receive HSTS header
brks.xyz: could not connect to host
brmascots.com: could not connect to host
+brn.by: could not connect to host
broerweb.nl: could not connect to host
broken-oak.com: could not connect to host
+brokenjoysticks.net: did not receive HSTS header
brookechase.com: did not receive HSTS header
brookframework.org: could not connect to host
brossman.it: could not connect to host
@@ -2750,14 +2816,15 @@ brouwerijkoelit.nl: could not connect to host
brownlawoffice.us: did not receive HSTS header
browserid.org: could not connect to host
brplusdigital.com: could not connect to host
-brrd.io: could not connect to host
bruckner.li: could not connect to host
brunix.net: did not receive HSTS header
brunoonline.co.uk: could not connect to host
+brunoramos.org: could not connect to host
bryancastillo.site: could not connect to host
bryanshearer.accountant: did not receive HSTS header
bryn.xyz: could not connect to host
brynnan.nl: could not connect to host
+brztec.com: could not connect to host
bsagan.fr: did not receive HSTS header
bsalyzer.com: could not connect to host
bsc01.dyndns.org: could not connect to host
@@ -2785,6 +2852,7 @@ btcpot.ltd: could not connect to host
btku.org: could not connect to host
btrb.ml: could not connect to host
btserv.de: did not receive HSTS header
+btth.xyz: could not connect to host
bturboo.com: could not connect to host
btxiaobai.com: did not receive HSTS header
bubba.cc: could not connect to host
@@ -2812,13 +2880,14 @@ buiko.com: did not receive HSTS header
build.chromium.org: did not receive HSTS header (error ignored - included regardless)
buildci.asia: could not connect to host
buildify.co.za: could not connect to host
+building-cost-estimators.com: did not receive HSTS header
buildingclouds.at: could not connect to host
buildingclouds.ch: could not connect to host
buildingclouds.es: could not connect to host
buildingclouds.eu: could not connect to host
buildingclouds.fr: could not connect to host
buildsaver.co.za: did not receive HSTS header
-builmaker.com: did not receive HSTS header
+builmaker.com: could not connect to host
built.by: did not receive HSTS header
buka.jp: could not connect to host
bukai.men: did not receive HSTS header
@@ -2873,6 +2942,7 @@ businessmodeler.se: could not connect to host
bustabit.com: could not connect to host
bustimes.org.uk: did not receive HSTS header
busybee360.com: could not connect to host
+busyon.cloud: could not connect to host
butchersworkshop.com: did not receive HSTS header
butian518.com: did not receive HSTS header
butt.repair: could not connect to host
@@ -2896,9 +2966,11 @@ buynowdepot.com: did not receive HSTS header
buyshoe.org: could not connect to host
buywood.shop: could not connect to host
buzzconcert.com: could not connect to host
+buzzconf.io: could not connect to host
buzzdeck.com: did not receive HSTS header
buzztelco.com.au: could not connect to host
bvexplained.co.uk: could not connect to host
+bvgg.eu: did not receive HSTS header
bvionline.eu: did not receive HSTS header
bvv-europe.eu: could not connect to host
bw81.xyz: could not connect to host
@@ -2920,12 +2992,13 @@ bwwb.nu: did not receive HSTS header
bx-web.com: did not receive HSTS header
by.cx: did not receive HSTS header
by1896.com: could not connect to host
-by1898.com: could not connect to host
+by1898.com: did not receive HSTS header
by1899.com: could not connect to host
by4cqb.cn: could not connect to host
by77.com: could not connect to host
by777.com: did not receive HSTS header
bydisk.com: could not connect to host
+byhe.me: could not connect to host
byji.com: could not connect to host
bypass.kr: could not connect to host
bypassed.bid: could not connect to host
@@ -2947,7 +3020,6 @@ bypassed.today: could not connect to host
bypassed.works: could not connect to host
bypassed.world: could not connect to host
bypro.xyz: could not connect to host
-byronkg.us: could not connect to host
byronprivaterehab.com.au: did not receive HSTS header
byronr.com: did not receive HSTS header
byronwade.com: did not receive HSTS header
@@ -2976,15 +3048,20 @@ c3bbs.com: could not connect to host
c3hv.cn: could not connect to host
c3ie.com: did not receive HSTS header
c4.hk: could not connect to host
+ca-terminal-multiservices.fr: did not receive HSTS header
cablehighspeed.net: could not connect to host
cabsites.com: could not connect to host
cabusar.fr: could not connect to host
cachethome.com: could not connect to host
cachethq.io: did not receive HSTS header
caconnect.org: could not connect to host
+cacr.pw: could not connect to host
cadao.me: did not receive HSTS header
-cadburymovies.in.net: could not connect to host
+cadburymovies.in.net: did not receive HSTS header
+cadcreations.co.ke: could not connect to host
cadenadg.gr: did not receive HSTS header
+cadra.nl: could not connect to host
+cadusilva.com: could not connect to host
caerostris.com: could not connect to host
caesreon.com: could not connect to host
cafe-murr.de: could not connect to host
@@ -2993,7 +3070,7 @@ cafe-service.ru: could not connect to host
cafechesscourt.com: could not connect to host
cafefresco.pe: did not receive HSTS header
cafesg.net: did not receive HSTS header
-caibi.io: could not connect to host
+caijunyi.net: did not receive HSTS header
caim.cz: did not receive HSTS header
caipai.fm: could not connect to host
cairnterrier.com.br: could not connect to host
@@ -3009,6 +3086,7 @@ calgaryconstructionjobs.com: did not receive HSTS header
calidoinvierno.com: could not connect to host
callabs.net: could not connect to host
callanbryant.co.uk: did not receive HSTS header
+callawayracing.se: could not connect to host
calleveryday.com: could not connect to host
callision.com: did not receive HSTS header
callmereda.com: could not connect to host
@@ -3021,6 +3099,7 @@ calvin.me: did not receive HSTS header
calypso-tour.net: could not connect to host
calypsogames.net: could not connect to host
camaya.net: did not receive HSTS header
+cambridge-security.com: could not connect to host
cambridgeanalytica.net: could not connect to host
cambridgeanalytica.org: did not receive HSTS header
camisadotorcedor.com.br: could not connect to host
@@ -3049,12 +3128,16 @@ candratech.com: could not connect to host
candygirl.shop: could not connect to host
candykidsentertainment.co.uk: did not receive HSTS header
candylion.rocks: could not connect to host
+canerkorkmaz.com: could not connect to host
+canfield.gov: did not receive HSTS header
+canglong.net: could not connect to host
canifis.net: did not receive HSTS header
cannarobotics.com: could not connect to host
+canterberry.cc: did not receive HSTS header
canterbury.ws: could not connect to host
-canva-dev.com: could not connect to host
canyons.media: did not receive HSTS header
caodecristachines.com.br: could not connect to host
+caodesantohumberto.com.br: could not connect to host
caoyu.info: did not receive HSTS header
capacent.is: did not receive HSTS header
capacitacionyautoempleo.com: did not receive HSTS header
@@ -3097,7 +3180,7 @@ carlsbouncycastlesandhottubs.co.uk: did not receive HSTS header
carlscatering.com: did not receive HSTS header
caroli.biz: could not connect to host
caroli.info: could not connect to host
-carpliyz.com: did not receive HSTS header
+carpliyz.com: could not connect to host
carrando.de: could not connect to host
carredejardin.com: did not receive HSTS header
carrentalsathens.com: max-age too low: 0
@@ -3105,7 +3188,6 @@ carroarmato0.be: did not receive HSTS header
carsforbackpackers.com: could not connect to host
carsten.pw: did not receive HSTS header
carstenfeuls.de: did not receive HSTS header
-cartelcircuit.com: could not connect to host
carterorland.com: could not connect to host
cartesunicef.be: did not receive HSTS header
carwashvapeur.be: could not connect to host
@@ -3119,6 +3201,7 @@ casefall.com: could not connect to host
cash-pos.com: did not receive HSTS header
cashfortulsahouses.com: could not connect to host
cashless.fr: did not receive HSTS header
+cashlink.io: did not receive HSTS header
cashmyphone.ch: could not connect to host
cashsector.ga: could not connect to host
casinocashflow.ru: could not connect to host
@@ -3134,8 +3217,9 @@ casovi.cf: could not connect to host
castagnonavocats.com: did not receive HSTS header
castlejackpot.com: did not receive HSTS header
castleswa.com.au: could not connect to host
+cat-blum.com: could not connect to host
cata.ga: could not connect to host
-catalin.pw: could not connect to host
+catalin.pw: did not receive HSTS header
catarsisvr.com: could not connect to host
catcontent.cloud: could not connect to host
caterkids.com: did not receive HSTS header
@@ -3148,12 +3232,13 @@ cathosting.org: could not connect to host
catinmay.com: did not receive HSTS header
catnapstudios.com: could not connect to host
catnmeow.com: could not connect to host
-catprog.org: could not connect to host
+catprog.org: did not receive HSTS header
catsmagic.pp.ua: could not connect to host
causae-fincas.es: did not receive HSTS header
causae.es: did not receive HSTS header
cavaleria.ro: did not receive HSTS header
cavalierkingcharlesspaniel.com.br: could not connect to host
+cave-reynard.ch: could not connect to host
caveclan.org: did not receive HSTS header
cavedevs.de: could not connect to host
cavedroid.xyz: could not connect to host
@@ -3161,6 +3246,7 @@ cavern.tv: did not receive HSTS header
cayafashion.de: did not receive HSTS header
cayounglab.co.jp: did not receive HSTS header
cbamo.org: did not receive HSTS header
+cbdev.de: could not connect to host
cbi-epa.gov: could not connect to host
cc2729.com: did not receive HSTS header
ccayearbook.com: could not connect to host
@@ -3177,7 +3263,7 @@ cd0.us: could not connect to host
cdcpartners.gov: could not connect to host
cdeck.net: could not connect to host
cdkeyworld.de: did not receive HSTS header
-cdlcenter.com: could not connect to host
+cdlcenter.com: did not receive HSTS header
cdmhp.org.nz: could not connect to host
cdmon.tech: could not connect to host
cdn.sx.cn: could not connect to host
@@ -3187,6 +3273,7 @@ cdnk39.com: could not connect to host
cdreporting.co.uk: did not receive HSTS header
cdt.org: did not receive HSTS header
ce-agentur.de: did not receive HSTS header
+ceagriproducts.com: did not receive HSTS header
cecilwalker.com.au: did not receive HSTS header
cee.io: could not connect to host
cefak.org.br: did not receive HSTS header
@@ -3201,10 +3288,12 @@ celigo.com: did not receive HSTS header
celina-reads.de: could not connect to host
cellartracker.com: could not connect to host
cellsites.nz: could not connect to host
+celtadigital.com: did not receive HSTS header
cem.pw: did not receive HSTS header
cencalvia.org: could not connect to host
centennialrewards.com: did not receive HSTS header
centerforpolicy.org: could not connect to host
+centerpoint.ovh: did not receive HSTS header
centillien.com: did not receive HSTS header
centos.pub: could not connect to host
central4.me: could not connect to host
@@ -3220,7 +3309,7 @@ centrolavoro.org: did not receive HSTS header
centsforchange.net: could not connect to host
century-group.com: max-age too low: 2592000
ceoimon.com: did not receive HSTS header
-ceoptique.com: could not connect to host
+ceoptique.com: did not receive HSTS header
cercevelet.com: did not receive HSTS header
ceres1.space: did not receive HSTS header
ceresia.ch: could not connect to host
@@ -3238,11 +3327,14 @@ certly.io: could not connect to host
certmgr.org: could not connect to host
ceruleanmainbeach.com.au: did not receive HSTS header
cesal.net: could not connect to host
+cesantias.co: could not connect to host
cesidianroot.eu: could not connect to host
cespri.com.pe: did not receive HSTS header
ceta.one: did not receive HSTS header
cevrimici.com: could not connect to host
cf11.de: did not receive HSTS header
+cfa.gov: did not receive HSTS header
+cfan.space: could not connect to host
cfcnexus.org: could not connect to host
cfcproperties.com: did not receive HSTS header
cfetengineering.com: could not connect to host
@@ -3257,6 +3349,7 @@ chadklass.com: could not connect to host
chadtaljaardt.com: could not connect to host
chahub.com: could not connect to host
chainmonitor.com: could not connect to host
+chaip.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
chairinstitute.com: did not receive HSTS header
chaldeen.pro: did not receive HSTS header
challengeskins.com: could not connect to host
@@ -3278,8 +3371,10 @@ channyc.com: could not connect to host
chaos.fail: could not connect to host
chaoscastles.co.uk: did not receive HSTS header
chaoswebs.net: did not receive HSTS header
+chaotichive.com: could not connect to host
chaoticlaw.com: did not receive HSTS header
chaouby.com: could not connect to host
+chapelaria.tf: could not connect to host
charakato.com: could not connect to host
chargejuice.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
charityclear.com: could not connect to host
@@ -3290,10 +3385,10 @@ charlestonsecuritysystems.net: did not receive HSTS header
charliemcneive.com: could not connect to host
charlimarie.com: did not receive HSTS header
charlipopkids.com.au: did not receive HSTS header
-charmyadesara.com: could not connect to host
charnleyhouse.co.uk: did not receive HSTS header
charonsecurity.com: could not connect to host
charp.eu: could not connect to host
+charr.xyz: could not connect to host
chartstoffarm.de: did not receive HSTS header
chasafilli.ch: could not connect to host
chaseganey.com: did not receive HSTS header
@@ -3303,6 +3398,8 @@ chasse-et-plaisir.com: did not receive HSTS header
chat-porc.eu: did not receive HSTS header
chatbot.me: did not receive HSTS header
chatbot.one: could not connect to host
+chatbotclic.com: could not connect to host
+chatbotclick.com: could not connect to host
chatbots.email: could not connect to host
chateau-belvoir.com: could not connect to host
chateauconstellation.ch: did not receive HSTS header
@@ -3312,6 +3409,8 @@ chatup.cf: could not connect to host
chatxp.com: could not connect to host
chaulootz.com: did not receive HSTS header
chaverde.org: could not connect to host
+chaz6.com: did not receive HSTS header
+chazgie.se: did not receive HSTS header
chcemvediet.sk: max-age too low: 1555200
chdgaming.xyz: could not connect to host
cheah.xyz: could not connect to host
@@ -3325,7 +3424,6 @@ checkhost.org: could not connect to host
checkmateshoes.com: did not receive HSTS header
checkmatewebsolutions.com: max-age too low: 0
checkout.google.com: could not connect to host (error ignored - included regardless)
-checkras.tk: could not connect to host
checkyourmeds.com: did not receive HSTS header
cheekylittlerascals.co.uk: did not receive HSTS header
cheerflow.com: could not connect to host
@@ -3334,7 +3432,6 @@ cheesehosting.net: did not receive HSTS header
cheesetart.my: could not connect to host
cheesypicsbooths.co.uk: could not connect to host
cheetah85.de: could not connect to host
-cheetahwerx.com: could not connect to host
chefgalles.com.br: could not connect to host
chejianer.cn: could not connect to host
chelema.xyz: could not connect to host
@@ -3344,19 +3441,20 @@ chelseafs.co.uk: did not receive HSTS header
chemicalguys-ruhrpott.de: could not connect to host
chenfengyi.com: could not connect to host
chengtongled.com: could not connect to host
-chenky.com: could not connect to host
chensir.net: could not connect to host
chepaofen.com: did not receive HSTS header
cherekerry.com: could not connect to host
+cherrett.digital: did not receive HSTS header
cherrydropscandycarts.co.uk: could not connect to host
cherylsoleway.com: did not receive HSTS header
chessreporter.nl: did not receive HSTS header
chesterbrass.uk: did not receive HSTS header
chez-janine.de: could not connect to host
+chhy.at: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
chiamata-aiuto.ch: could not connect to host
chiaramail.com: could not connect to host
chib.chat: could not connect to host
-chicorycom.net: could not connect to host
+chicorycom.net: did not receive HSTS header
chihiro.xyz: could not connect to host
chijiokeindustries.co.uk: could not connect to host
chikan-beacon.net: could not connect to host
@@ -3364,7 +3462,7 @@ chikatomo-ryugaku.com: did not receive HSTS header
chikory.com: could not connect to host
childcaresolutionscny.org: did not receive HSTS header
childrendeservebetter.org: could not connect to host
-chilli943.info: could not connect to host
+chilli943.info: did not receive HSTS header
chimparoo.ca: did not receive HSTS header
china-dhl.org: could not connect to host
china-line.org: could not connect to host
@@ -3372,6 +3470,7 @@ chinacdn.org: could not connect to host
chinawhale.com: could not connect to host
chinternet.xyz: could not connect to host
chiphell.com: did not receive HSTS header
+chiralsoftware.com: could not connect to host
chirgui.eu: could not connect to host
chloca.jp: did not receive HSTS header
chloe.re: did not receive HSTS header
@@ -3388,13 +3487,13 @@ choiralberta.ca: did not receive HSTS header
choisirmonerp.com: did not receive HSTS header
chollima.pro: could not connect to host
chontalpa.pw: could not connect to host
+choootto.club: did not receive HSTS header
chopperforums.com: could not connect to host
chordso.com: did not receive HSTS header
chorkley.me: could not connect to host
chorleiterverband.de: did not receive HSTS header
choruscrowd.com: could not connect to host
chotu.net: could not connect to host
-chr0me.sh: could not connect to host
chris-web.info: could not connect to host
chrisandsarahinasia.com: could not connect to host
chrisbrakebill.com: did not receive HSTS header
@@ -3406,7 +3505,6 @@ chriskirchner.de: did not receive HSTS header
chriskyrouac.com: could not connect to host
chrisopperwall.com: could not connect to host
chrisself.xyz: could not connect to host
-chrissx.ga: could not connect to host
christiaandruif.nl: could not connect to host
christian-krug.website: did not receive HSTS header
christianbro.gq: could not connect to host
@@ -3423,9 +3521,10 @@ christophheich.me: did not receive HSTS header
christophkreileder.com: could not connect to host
chrisupjohn.com: could not connect to host
chrisupjohn.xyz: could not connect to host
+chrisvannooten.tk: could not connect to host
chrisvicmall.com: did not receive HSTS header
chromaryu.net: could not connect to host
-chromaxa.com: could not connect to host
+chromaxa.com: did not receive HSTS header
chrome: could not connect to host
chrome-devtools-frontend.appspot.com: did not receive HSTS header (error ignored - included regardless)
chrome.google.com: did not receive HSTS header (error ignored - included regardless)
@@ -3435,9 +3534,9 @@ chronoproject.com: did not receive HSTS header
chrst.ph: could not connect to host
chs.us: max-age too low: 0
chsh.moe: could not connect to host
-chua.cf: could not connect to host
+chua.cf: did not receive HSTS header
chua.family: did not receive HSTS header
-chuckame.fr: did not receive HSTS header
+chuckame.fr: could not connect to host
chulado.com: did not receive HSTS header
chundelac.com: could not connect to host
churchlinkpro.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -3453,6 +3552,7 @@ cigarblogs.net: could not connect to host
cigarterminal.com: could not connect to host
cigi.site: could not connect to host
ciicutini.ro: did not receive HSTS header
+ciiex.co: could not connect to host
cim2b.de: could not connect to host
cimalando.eu: could not connect to host
cinartelorgu.com: did not receive HSTS header
@@ -3463,11 +3563,12 @@ cinelite.club: could not connect to host
cinema5.ru: did not receive HSTS header
cinemaclub.co: could not connect to host
ciner.is: could not connect to host
+cinerama.com.br: did not receive HSTS header
cintactimber.com: did not receive HSTS header
cintdirect.com: could not connect to host
cioconference.co.nz: could not connect to host
cipher.co.th: did not receive HSTS header
-cipher.land: could not connect to host
+cipher.land: did not receive HSTS header
cipherli.st: did not receive HSTS header
ciplanutrition.com: could not connect to host
cipriano.nl: did not receive HSTS header
@@ -3475,16 +3576,20 @@ cira.email: could not connect to host
circ-logic.com: did not receive HSTS header
circlebox.rocks: could not connect to host
cirfi.com: could not connect to host
+cirope.com: could not connect to host
cirrohost.com: did not receive HSTS header
+cirugiasplasticas.com.mx: did not receive HSTS header
+cirujanooral.com: could not connect to host
ciscohomeanalytics.com: could not connect to host
ciscommerce.net: could not connect to host
citationgurus.com: could not connect to host
citiagent.cz: could not connect to host
citra-emu.org: did not receive HSTS header
-citroner.blog: could not connect to host
+citroner.blog: did not receive HSTS header
citybusexpress.com: did not receive HSTS header
cityofeastpointemi.gov: could not connect to host
cityoflaurel.org: did not receive HSTS header
+cityoftitansmmo.com: could not connect to host
cityofwadley-ga.gov: did not receive HSTS header
citywalkr.com: could not connect to host
ciuciucadou.ro: could not connect to host
@@ -3496,6 +3601,7 @@ cjessett.com: max-age too low: 0
cjtkfan.club: could not connect to host
ckcameron.net: could not connect to host
ckp.io: could not connect to host
+clacetandil.com.ar: could not connect to host
clad.cf: could not connect to host
claibornecountytn.gov: could not connect to host
claimit.ml: could not connect to host
@@ -3508,8 +3614,10 @@ claretandbanter.uk: did not receive HSTS header
clarity-c2ced.appspot.com: did not receive HSTS header
claritysrv.com: did not receive HSTS header
clarksgaragedoorrepair.com: did not receive HSTS header
+clash-movies.de: max-age too low: 172800
clashersrepublic.com: could not connect to host
classicday.nl: could not connect to host
+classics.io: did not receive HSTS header
classicsandexotics.com: could not connect to host
classicshop.ua: did not receive HSTS header
classicspublishing.com: could not connect to host
@@ -3523,7 +3631,7 @@ cleanexperts.co.uk: could not connect to host
cleaningsquad.ca: did not receive HSTS header
cleanmta.com: could not connect to host
cleanstar.org: could not connect to host
-clear.ml: did not receive HSTS header
+clear.ml: could not connect to host
clearc.tk: could not connect to host
clearchatsandbox.com: could not connect to host
clearsky.me: did not receive HSTS header
@@ -3549,11 +3657,13 @@ clicnbio.com: could not connect to host
cliftons.com: did not receive HSTS header
climaencusco.com: could not connect to host
clinia.ca: did not receive HSTS header
+clinicadelogopedia.net: did not receive HSTS header
clinicaferrusbratos.com: did not receive HSTS header
clinicasilos.com: did not receive HSTS header
cliniko.com: did not receive HSTS header
clintonbloodworth.com: could not connect to host
clintonbloodworth.io: could not connect to host
+clintonplasticsurgery.com: did not receive HSTS header
clintwilson.technology: max-age too low: 2592000
clip.ovh: did not receive HSTS header
clipped4u.com: could not connect to host
@@ -3569,25 +3679,25 @@ cloud-project.com: could not connect to host
cloud.wtf: could not connect to host
cloud2go.de: did not receive HSTS header
cloud58.org: did not receive HSTS header
+cloudalice.com: could not connect to host
+cloudalice.net: could not connect to host
cloudapi.vc: could not connect to host
cloudbased.info: did not receive HSTS header
cloudbasedsite.com: did not receive HSTS header
cloudberlin.goip.de: could not connect to host
cloudbleed.info: could not connect to host
cloudbreaker.de: could not connect to host
-cloudcert.org: did not receive HSTS header
cloudconsulting.net.za: did not receive HSTS header
cloudconsulting.org.za: did not receive HSTS header
cloudconsulting.web.za: did not receive HSTS header
cloudcy.net: could not connect to host
clouddesktop.co.nz: could not connect to host
-cloudfiles.at: could not connect to host
-cloudfren.com: did not receive HSTS header
+cloudfren.com: could not connect to host
cloudimag.es: could not connect to host
cloudimproved.com: could not connect to host
cloudimprovedtest.com: could not connect to host
-cloudlink.club: could not connect to host
-cloudmigrator365.com: could not connect to host
+cloudlink.club: did not receive HSTS header
+cloudmigrator365.com: did not receive HSTS header
cloudns.com.au: could not connect to host
cloudopt.net: did not receive HSTS header
cloudpagesforwork.com: did not receive HSTS header
@@ -3603,7 +3713,7 @@ cloudteam.de: could not connect to host
cloudwalk.io: did not receive HSTS header
cloudwarez.xyz: could not connect to host
clounix.online: could not connect to host
-clovissantos.com: did not receive HSTS header
+clovissantos.com: could not connect to host
clowde.in: could not connect to host
clownaroundbouncycastles.co.uk: did not receive HSTS header
clownish.co.il: could not connect to host
@@ -3612,9 +3722,7 @@ clubcall.com: did not receive HSTS header
clubdeslecteurs.net: could not connect to host
clubmix.co.kr: could not connect to host
clubscannan.ie: did not receive HSTS header
-cluefulca.com: could not connect to host
-cluefulca.net: could not connect to host
-cluefulca.org: could not connect to host
+clueful.ca: max-age too low: 0
cluj.apartments: could not connect to host
clush.pw: did not receive HSTS header
cluster.id: could not connect to host
@@ -3644,13 +3752,13 @@ cncmachinemetal.com: did not receive HSTS header
cncn.us: did not receive HSTS header
cnetw.xyz: could not connect to host
cnitdog.com: could not connect to host
-cnlau.com: did not receive HSTS header
+cnlau.com: could not connect to host
cnlic.com: could not connect to host
-cnrd.me: could not connect to host
+cnrd.me: did not receive HSTS header
cnsyear.com: did not receive HSTS header
cnwage.com: could not connect to host
cnwarn.com: could not connect to host
-co-driversphoto.se: could not connect to host
+co-driversphoto.se: did not receive HSTS header
co-yutaka.com: could not connect to host
co2eco.cn: did not receive HSTS header
coa.one: could not connect to host
@@ -3677,6 +3785,7 @@ code-digsite.com: could not connect to host
code-judge.tk: could not connect to host
code.google.com: did not receive HSTS header (error ignored - included regardless)
codealkemy.co: could not connect to host
+codebreaking.org: did not receive HSTS header
codeco.pw: could not connect to host
codecontrollers.de: could not connect to host
codeforce.io: could not connect to host
@@ -3696,12 +3805,14 @@ codeproxy.ddns.net: could not connect to host
codepx.com: could not connect to host
codercy.com: could not connect to host
coderhangout.com: could not connect to host
+codersatlas.co: could not connect to host
codersatlas.com: could not connect to host
-codersbistro.com: did not receive HSTS header
+codersatlas.xyz: could not connect to host
+codersbistro.com: could not connect to host
codestep.io: could not connect to host
codewiththepros.org: could not connect to host
codewiz.xyz: could not connect to host
-codigodelbonusbet365.com: could not connect to host
+codimaker.com: did not receive HSTS header
codymoniz.com: could not connect to host
coecrafters.com: could not connect to host
coffeedino.com: did not receive HSTS header
@@ -3713,11 +3824,14 @@ cognixia.com: did not receive HSTS header
cogumelosmagicos.org: could not connect to host
cohesive.io: could not connect to host
coin-exchange.cz: could not connect to host
+coincoele.com.br: could not connect to host
coindam.com: could not connect to host
+coindatabase.net: could not connect to host
coinessa.com: could not connect to host
coinjar-sandbox.com: could not connect to host
colarelli.ch: could not connect to host
coldaddy.com: could not connect to host
+coldawn.com: could not connect to host
coldlostsick.net: did not receive HSTS header
coldwatericecream.com: did not receive HSTS header
colearnr.com: could not connect to host
@@ -3739,10 +3853,9 @@ collision.fyi: could not connect to host
colmexpro.com: did not receive HSTS header
colo-tech.com: could not connect to host
colognegaming.net: could not connect to host
-cololi.moe: max-age too low: 2592000
coloradocomputernetworking.net: could not connect to host
colorcentertoner.com.br: did not receive HSTS header
-coloringnotebook.com: could not connect to host
+coloringnotebook.com: did not receive HSTS header
colorlib.com: did not receive HSTS header
colorunhas.com.br: did not receive HSTS header
com-news.io: could not connect to host
@@ -3754,9 +3867,6 @@ comeoncolleen.com: did not receive HSTS header
comercialtrading.eu: could not connect to host
cometbot.cf: could not connect to host
cometrueunlimited.com: could not connect to host
-comevius.com: could not connect to host
-comevius.org: could not connect to host
-comevius.xyz: could not connect to host
comfortdom.ua: did not receive HSTS header
comfortticket.de: did not receive HSTS header
comfy.cafe: could not connect to host
@@ -3774,17 +3884,13 @@ commercialplanet.eu: could not connect to host
commune-preuilly.fr: did not receive HSTS header
community-cupboard.org: did not receive HSTS header
communityflow.info: could not connect to host
-comocurarlagastritis24.online: did not receive HSTS header
comocurarlashemorroides.org: did not receive HSTS header
comocurarlashemorroidesya.com: did not receive HSTS header
-comodesinflamarlashemorroides.org: did not receive HSTS header
-comohacerelamoraunhombrenet.com: did not receive HSTS header
-comoquitarlacaspa24.com: did not receive HSTS header
-comoquitarlasestriasrapidamente.com: did not receive HSTS header
comorecuperaratumujerpdf.com: could not connect to host
comotalk.com: could not connect to host
compalytics.com: could not connect to host
comparamejor.com: did not receive HSTS header
+compareandrecycle.com: did not receive HSTS header
comparejewelleryprices.co.uk: could not connect to host
comparetravelinsurance.com.au: did not receive HSTS header
compassionate-biology.com: could not connect to host
@@ -3793,6 +3899,7 @@ compiledworks.com: could not connect to host
completesportperformance.com: did not receive HSTS header
completionist.audio: could not connect to host
complex-organization.com: could not connect to host
+complexsystems.fail: did not receive HSTS header
complt.xyz: could not connect to host
complymd.com: did not receive HSTS header
compredietlight.com.br: did not receive HSTS header
@@ -3801,12 +3908,14 @@ comprehensiveihc.com: could not connect to host
compromised.com: could not connect to host
compros.me: could not connect to host
compsmag.com: did not receive HSTS header
-comptrollerofthecurrency.gov: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+compucastell.ch: could not connect to host
compucorner.com.mx: could not connect to host
compusolve.nl: could not connect to host
+computeracademy.co.za: could not connect to host
computercraft.net: could not connect to host
computertal.de: could not connect to host
comssa.org.au: did not receive HSTS header
+comw.cc: could not connect to host
comyuno.com: did not receive HSTS header
concentrade.de: did not receive HSTS header
conceptatelier.de: could not connect to host
@@ -3834,10 +3943,12 @@ connaitre-les-astres.com: did not receive HSTS header
connect.ua: could not connect to host
connected-verhuurservice.nl: did not receive HSTS header
connectfss.com: could not connect to host
-connectingconcepts.com: did not receive HSTS header
+connectingconcepts.com: could not connect to host
conniesacademy.com: could not connect to host
+conocimientosdigitales.com: could not connect to host
conrad.am: could not connect to host
consciousandglamorous.com: could not connect to host
+consciousbrand.co: did not receive HSTS header
consciousbrand.org.au: could not connect to host
consciousbranding.org.au: could not connect to host
consciousbrands.net.au: could not connect to host
@@ -3856,6 +3967,8 @@ contaimo.com: did not receive HSTS header
container-lion.com: did not receive HSTS header
containerstatistics.com: could not connect to host
contarkos.xyz: could not connect to host
+content-design.de: did not receive HSTS header
+contentdesign.de: did not receive HSTS header
contents.ga: did not receive HSTS header
continuation.io: could not connect to host
continuumgaming.com: could not connect to host
@@ -3864,6 +3977,7 @@ contraout.com: could not connect to host
controlcenter.gigahost.dk: did not receive HSTS header
contxt-agentur.de: did not receive HSTS header
convergemagazine.com: did not receive HSTS header
+convert.zone: could not connect to host
converter.ml: could not connect to host
convertimg.com: could not connect to host
convoitises.com: did not receive HSTS header
@@ -3877,18 +3991,21 @@ coole-meister.de: could not connect to host
cooljs.me: could not connect to host
coolkidsbouncycastles.co.uk: did not receive HSTS header
coolrc.me: did not receive HSTS header
+cooltang.ooo: did not receive HSTS header
coolviewthermostat.com: did not receive HSTS header
coolvox.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
coonelnel.net: did not receive HSTS header
-coor.fun: did not receive HSTS header
+cooperativehandmade.com: did not receive HSTS header
+cooperativehandmade.pe: did not receive HSTS header
cooxa.com: could not connect to host
+copperhead.co: did not receive HSTS header
copshop.com.br: could not connect to host
coptic-treasures.com: max-age too low: 2592000
copycaught.com: could not connect to host
copytrack.com: did not receive HSTS header
cor-ser.es: could not connect to host
coralproject.net: did not receive HSTS header
-coralrosado.com.br: did not receive HSTS header
+coralrosado.com.br: could not connect to host
coramcdaniel.com: could not connect to host
corbinhesse.com: did not receive HSTS header
corderoscleaning.com: did not receive HSTS header
@@ -3900,6 +4017,7 @@ coreinfrastructure.org: did not receive HSTS header
corenetworking.de: could not connect to host
coresos.com: could not connect to host
corex.io: could not connect to host
+corgi.party: could not connect to host
corgicloud.com: could not connect to host
corinnanese.de: could not connect to host
coriver.me: did not receive HSTS header
@@ -3909,23 +4027,24 @@ cormilu.com.br: did not receive HSTS header
cornishcamels.com: did not receive HSTS header
cornmachine.com: did not receive HSTS header
coroasdefloresonline.com.br: could not connect to host
-coropiacere.org: could not connect to host
corozanu.ro: did not receive HSTS header
corpoatletico.com.br: could not connect to host
corporateencryption.com: could not connect to host
corporatesubscriptions.com.au: did not receive HSTS header
correct.horse: did not receive HSTS header
correctpaardbatterijnietje.nl: did not receive HSTS header
-correiodovale.com.br: could not connect to host
+correiodovale.com.br: did not receive HSTS header
corruption-mc.net: could not connect to host
corruption-rsps.net: could not connect to host
corruption-server.net: could not connect to host
-corzntin.fr: did not receive HSTS header
-cosmeticosdelivery.com.br: did not receive HSTS header
+cosmeticosdelivery.com.br: could not connect to host
cosmeticosnet.com.br: did not receive HSTS header
cosmiatria.pe: could not connect to host
+cosmic-os.org: did not receive HSTS header
cosmoluziluminacion.com: did not receive HSTS header
cosmoss-departure.com: could not connect to host
+cosni.co: could not connect to host
+costa-rica-reisen.ch: did not receive HSTS header
costcofinance.com: did not receive HSTS header
costow.club: did not receive HSTS header
cotonea.de: did not receive HSTS header
@@ -3955,6 +4074,7 @@ cozitop.com.br: could not connect to host
cozmaadrian.ro: could not connect to host
cozy.io: did not receive HSTS header
cozycloud.cc: did not receive HSTS header
+cpahunt.com: did not receive HSTS header
cpaneltips.com: could not connect to host
cpbanq.com: could not connect to host
cpuvinf.eu.org: could not connect to host
@@ -3962,16 +4082,15 @@ cqchome.com: did not receive HSTS header
cracking.org: did not receive HSTS header
crackingking.com: could not connect to host
crackpfer.de: could not connect to host
-crackslut.eu: could not connect to host
craftbeerbarn.co.uk: could not connect to host
craftedge.xyz: could not connect to host
craftination.net: could not connect to host
-craftinghand.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
craftmain.eu: could not connect to host
craftmine.cz: could not connect to host
craftngo.hu: could not connect to host
craftwmcp.xyz: could not connect to host
craftydev.design: could not connect to host
+craigary.net: could not connect to host
cranems.com.ua: could not connect to host
cranesafe.com: max-age too low: 7889238
cranioschule.com: did not receive HSTS header
@@ -3989,7 +4108,6 @@ crazyker.com: did not receive HSTS header
crbug.com: did not receive HSTS header (error ignored - included regardless)
crc-online.nl: did not receive HSTS header
creaescola.com: did not receive HSTS header
-crealogix-online.com: could not connect to host
creamybuild.com: could not connect to host
create-ls.jp: could not connect to host
create-test-publish.co.uk: could not connect to host
@@ -4001,6 +4119,7 @@ creativecommons.cl: did not receive HSTS header
creativecommonscatpictures.com: could not connect to host
creativephysics.ml: could not connect to host
creativeplayuk.com: did not receive HSTS header
+creativlabor.ch: did not receive HSTS header
creato.top: could not connect to host
creators.co: could not connect to host
crecips.com: could not connect to host
@@ -4008,19 +4127,22 @@ crecket.me: could not connect to host
credia.jp: did not receive HSTS header
creditclear.com.au: did not receive HSTS header
creditreporttips.net: did not receive HSTS header
+creepycraft.nl: could not connect to host
crendontech.com: did not receive HSTS header
creorin.com: did not receive HSTS header
crestoncottage.com: could not connect to host
+creusalp.ch: did not receive HSTS header
crewplanner.eu: did not receive HSTS header
-crge.eu: max-age too low: 0
+crge.eu: could not connect to host
criadorespet.com.br: could not connect to host
crickey.eu: could not connect to host
crimewatch.net.za: could not connect to host
crimson.no: did not receive HSTS header
crip-usk.ba: could not connect to host
crisissurvivalspecialists.com: could not connect to host
+cristiandeluxe.com: did not receive HSTS header
cristianhares.com: could not connect to host
-critcola.com: did not receive HSTS header
+critcola.com: could not connect to host
criticalaim.com: could not connect to host
crizk.com: could not connect to host
crl-autos.com: could not connect to host
@@ -4037,7 +4159,6 @@ croome.no-ip.org: could not connect to host
crop-alert.com: could not connect to host
croquette.net: did not receive HSTS header
crosbug.com: did not receive HSTS header (error ignored - included regardless)
-crosscom.ch: could not connect to host
crosspeakoms.com: did not receive HSTS header
crosssec.com: did not receive HSTS header
crow.tw: could not connect to host
@@ -4057,12 +4178,11 @@ crushroom.com: max-age too low: 43200
cruzadobalcazarabogados.com: could not connect to host
cruzeiropedia.org: did not receive HSTS header
cruzr.xyz: could not connect to host
-crypalert.com: could not connect to host
+crypalert.com: did not receive HSTS header
crypt.guru: did not receive HSTS header
cryptify.eu: could not connect to host
-crypto-armory.com: could not connect to host
crypto-navi.org: did not receive HSTS header
-crypto.tube: did not receive HSTS header
+crypto.tube: max-age too low: 2592000
cryptobells.com: did not receive HSTS header
cryptobin.org: could not connect to host
cryptocaseproject.com: could not connect to host
@@ -4079,10 +4199,10 @@ cryptopro.shop: could not connect to host
cryptopush.com: did not receive HSTS header
crysadm.com: could not connect to host
crystalclassics.co.uk: did not receive HSTS header
+crystallizedcouture.com: did not receive HSTS header
crystalmate.eu: did not receive HSTS header
cs-colorscreed-betongulve.dk: could not connect to host
cs-ubladego.pl: could not connect to host
-csacongress.org: max-age too low: 2592000
csapak.com: did not receive HSTS header
csawctf.poly.edu: could not connect to host
csbgtribalta.com: did not receive HSTS header
@@ -4143,6 +4263,7 @@ cuongthach.com: did not receive HSTS header
cuonic.com: could not connect to host
cupcake.io: did not receive HSTS header
cupcake.is: did not receive HSTS header
+cupi.co: could not connect to host
cupidosshop.com: could not connect to host
cupofarchitects.net: could not connect to host
curacao-license.com: could not connect to host
@@ -4155,7 +4276,6 @@ curroapp.com: could not connect to host
cursosdnc.cl: did not receive HSTS header
cursosgratuitos.com.br: did not receive HSTS header
curveweb.co.uk: did not receive HSTS header
-curvylove.de: could not connect to host
cusfit.com: did not receive HSTS header
custe.rs: could not connect to host
custerweb.com: did not receive HSTS header
@@ -4180,7 +4300,7 @@ cvsoftub.com: did not receive HSTS header
cvtparking.co.uk: did not receive HSTS header
cw-bw.de: could not connect to host
cwage.com: could not connect to host
-cwbw.network: did not receive HSTS header
+cwbw.network: could not connect to host
cwilson.ga: could not connect to host
cy.technology: did not receive HSTS header
cyanogenmod.xxx: could not connect to host
@@ -4198,7 +4318,6 @@ cyberpeace.nl: could not connect to host
cyberphaze.com: did not receive HSTS header
cyberprey.com: did not receive HSTS header
cyberpunk.ca: could not connect to host
-cybersantri.com: could not connect to host
cyberserver.org: could not connect to host
cybershambles.com: could not connect to host
cybersmart.co.uk: did not receive HSTS header
@@ -4211,15 +4330,18 @@ cygu.ch: did not receive HSTS header
cymtech.net: could not connect to host
cynoshair.com: could not connect to host
cyoda.com: did not receive HSTS header
+cypad.cn: did not receive HSTS header
cype.dedyn.io: could not connect to host
cypherpunk.ws: could not connect to host
cyphertite.com: could not connect to host
cytadel.fr: did not receive HSTS header
-cyyzaid.cn: could not connect to host
+cyyzaid.cn: max-age too low: 0
czaw.org: did not receive HSTS header
-czirnich.org: could not connect to host
+czechamlp.com: could not connect to host
+czirnich.org: did not receive HSTS header
czlx.co: could not connect to host
d-academia.com: did not receive HSTS header
+d-garnier-delaunay.fr: did not receive HSTS header
d-macindustries.com: did not receive HSTS header
d-rickroll-e.pw: could not connect to host
d.rip: max-age too low: 900
@@ -4228,9 +4350,6 @@ d0xq.net: could not connect to host
d1ves.io: did not receive HSTS header
d3njjcbhbojbot.cloudfront.net: did not receive HSTS header
d3x.pw: could not connect to host
-d3xx3r.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-d4rkdeagle.tk: could not connect to host
-d4wson.com: could not connect to host
d88688.com: could not connect to host
d88871.com: could not connect to host
d8studio.net: could not connect to host
@@ -4257,10 +4376,13 @@ dakl-shop.de: did not receive HSTS header
dakotasilencer.com: did not receive HSTS header
dakrib.net: could not connect to host
daku.gdn: could not connect to host
+dalepresencia.com: did not receive HSTS header
dalfiume.it: did not receive HSTS header
dalingk.co: could not connect to host
+dallas.gov: could not connect to host
daltonedwards.me: could not connect to host
dam74.com.ar: could not connect to host
+damedrogy.cz: could not connect to host
damianuv-blog.cz: could not connect to host
damienpontifex.com: did not receive HSTS header
damjanovic.work: could not connect to host
@@ -4268,6 +4390,7 @@ dan.org.nz: could not connect to host
danbarrett.com.au: could not connect to host
dancebuzz.co.uk: did not receive HSTS header
dancerdates.net: did not receive HSTS header
+dancingshiva.at: could not connect to host
dandymrsb.com: could not connect to host
dango.in: could not connect to host
daniel-du.com: could not connect to host
@@ -4279,8 +4402,10 @@ danielcowie.me: could not connect to host
danieldk.eu: did not receive HSTS header
danielgraziano.ca: could not connect to host
danieliancu.com: could not connect to host
+danieljireh.com: did not receive HSTS header
danielkratz.com: max-age too low: 172800
-danielmarquard.com: did not receive HSTS header
+danielnaaman.net: could not connect to host
+danielnaaman.org: could not connect to host
danielt.co.uk: did not receive HSTS header
danielverlaan.nl: could not connect to host
danielworthy.com: did not receive HSTS header
@@ -4294,15 +4419,12 @@ dannycrichton.com: did not receive HSTS header
danova.de: did not receive HSTS header
danoz.net: could not connect to host
danrl.de: could not connect to host
-dansa.com.co: could not connect to host
danskringsporta.be: did not receive HSTS header
danwillenberg.com: did not receive HSTS header
daolerp.xyz: could not connect to host
-dapim.co.il: did not receive HSTS header
dargasia.is: could not connect to host
darinjohnson.ca: did not receive HSTS header
dario.im: did not receive HSTS header
-dariosirangelo.me: could not connect to host
dark-x.cf: could not connect to host
darkanzali.pl: max-age too low: 0
darkdestiny.ch: could not connect to host
@@ -4370,7 +4492,6 @@ davewut.ca: did not receive HSTS header
david-mallett.com: did not receive HSTS header
davidandkailey.com: could not connect to host
davidbrito.tech: could not connect to host
-davidbuckell.com: could not connect to host
davidglidden.eu: did not receive HSTS header
davidgrudl.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
davidhunter.scot: did not receive HSTS header
@@ -4382,7 +4503,6 @@ davidscherzer.at: could not connect to host
davimun.org: could not connect to host
davros.eu: could not connect to host
davros.ru: could not connect to host
-daw.nz: could not connect to host
dawnofeden.org: did not receive HSTS header
dawnson.is: could not connect to host
dawnsonb.com: could not connect to host
@@ -4407,14 +4527,15 @@ dcl.re: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAI
dctxf.com: did not receive HSTS header
dcuofriends.net: could not connect to host
dd.art.pl: could not connect to host
-ddatsh.com: did not receive HSTS header
dden.website: could not connect to host
dden.xyz: could not connect to host
+ddholdingservices.com: did not receive HSTS header
ddmeportal.com: could not connect to host
ddns-anbieter.de: could not connect to host
ddocu.me: could not connect to host
ddos-mitigation.co.uk: could not connect to host
ddos-mitigation.info: could not connect to host
+de-osopanda.com: could not connect to host
de-servers.de: could not connect to host
deadmann.com: could not connect to host
deadsoul.net: could not connect to host
@@ -4422,9 +4543,11 @@ deai-life.biz: could not connect to host
debank.tv: did not receive HSTS header
debatch.se: could not connect to host
debian-vhost.de: could not connect to host
+debigare.com: did not receive HSTS header
debiton.dk: could not connect to host
debitoutil.com: did not receive HSTS header
debitpaie.com: did not receive HSTS header
+debkleinteam.com: did not receive HSTS header
deborahmarinelli.eu: could not connect to host
debtkit.co.uk: did not receive HSTS header
debtprotectionreporting.com: did not receive HSTS header
@@ -4448,7 +4571,10 @@ dede.ml: could not connect to host
dedeo.tk: could not connect to host
dedicatutiempo.es: could not connect to host
dedietrich-asia.com: did not receive HSTS header
+deeonix.eu: could not connect to host
+deep.club: could not connect to host
deep.social: did not receive HSTS header
+deepaero.com: could not connect to host
deepcovelabs.net: could not connect to host
deepcreampie.com: could not connect to host
deepearth.uk: could not connect to host
@@ -4477,17 +4603,20 @@ degroetenvanrosaline.nl: could not connect to host
dehydrated.de: did not receive HSTS header
deight.co: could not connect to host
deight.in: could not connect to host
+dejan.media: could not connect to host
dekasan.ru: could not connect to host
+dekoh-shouyu.com: did not receive HSTS header
delandalucia.com: did not receive HSTS header
delayrefunds.co.uk: could not connect to host
-delcopa.gov: could not connect to host
+delcopa.gov: did not receive HSTS header
delf.co.jp: did not receive HSTS header
deliberatedigital.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+delitto.top: could not connect to host
deliver.moe: did not receive HSTS header
deliverance.co.uk: could not connect to host
-deliveryiquique.cl: did not receive HSTS header
deloittequant.com: could not connect to host
deltaconcepts.de: could not connect to host
+deltasmart.ch: did not receive HSTS header
delvj.org: could not connect to host
demandware.com: did not receive HSTS header
demarche-expresse.com: did not receive HSTS header
@@ -4495,11 +4624,11 @@ demdis.org: could not connect to host
demilitarized.ninja: could not connect to host
demo-server.us: could not connect to host
demo.sb: could not connect to host
-demo.swedbank.se: did not receive HSTS header
democracy.io: did not receive HSTS header
democraticdifference.com: could not connect to host
demomanca.com: did not receive HSTS header
demotops.com: could not connect to host
+demuzere.eu: could not connect to host
dengchangdong.com: did not receive HSTS header
denh.am: did not receive HSTS header
denimio.com: did not receive HSTS header
@@ -4511,7 +4640,7 @@ dentaldomain.org: did not receive HSTS header
dentaldomain.ph: did not receive HSTS header
denvercybersecurity.com: did not receive HSTS header
denverphilharmonic.org: did not receive HSTS header
-denverprophit.us: could not connect to host
+denverprophit.us: did not receive HSTS header
depaco.com: did not receive HSTS header
deped.blog: could not connect to host
depedshs.com: could not connect to host
@@ -4524,13 +4653,12 @@ deprobe.pro: could not connect to host
dequehablamos.es: could not connect to host
derbyshiredotnet.co.uk: did not receive HSTS header
derchris.me: could not connect to host
-derekkent.com: could not connect to host
derevtsov.com: did not receive HSTS header
derivativeshub.pro: could not connect to host
derive.cc: could not connect to host
dermacarecomplex.com: could not connect to host
derpumpkinfuhrer.com: could not connect to host
-derrickemery.com: could not connect to host
+derrickemery.com: did not receive HSTS header
derwaldschrat.net: did not receive HSTS header
derwolfe.net: did not receive HSTS header
desiccantpackets.com: did not receive HSTS header
@@ -4542,14 +4670,15 @@ designgraphic.fr: did not receive HSTS header
designsbykerrialee.co.uk: could not connect to host
designthinking.or.jp: did not receive HSTS header
desormiers.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+despachomartinyasociados.com: could not connect to host
despora.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
despotika.de: could not connect to host
desserteagleselvenar.tk: could not connect to host
destinationbijoux.fr: could not connect to host
destinopiriapolis.com: did not receive HSTS header
destom.be: could not connect to host
+desuperheroes.co: could not connect to host
desveja.com.br: could not connect to host
-detalhecomercio.com.br: could not connect to host
detechnologiecooperatie.nl: did not receive HSTS header
detecte-fuite.ch: could not connect to host
detecte.ch: could not connect to host
@@ -4571,28 +4700,26 @@ deuxvia.com: could not connect to host
dev: could not connect to host
dev-aegon.azurewebsites.net: did not receive HSTS header
dev-bluep.pantheonsite.io: did not receive HSTS header
-dev-talk.eu: did not receive HSTS header
+dev-talk.eu: could not connect to host
dev-talk.net: could not connect to host
devafterdark.com: could not connect to host
-devcast.io: could not connect to host
devdesco.com: could not connect to host
devdom.io: max-age too low: 172800
devdoodle.net: could not connect to host
-develerik.com: could not connect to host
develop.cool: could not connect to host
develop.fitness: could not connect to host
developersclub.website: could not connect to host
devenney.io: did not receive HSTS header
devh.de: could not connect to host
-deviltracks.net: could not connect to host
+devh.net: could not connect to host
+deviltracks.net: did not receive HSTS header
+deviltraxxx.de: could not connect to host
devin-balimuhac.de: did not receive HSTS header
devincrow.me: could not connect to host
devinpacker.com: could not connect to host
devisonline.ch: could not connect to host
devistravaux.org: did not receive HSTS header
-devjack.de: could not connect to host
-devkit.cc: could not connect to host
-devlux.ch: did not receive HSTS header
+devjack.de: did not receive HSTS header
devmsg.com: could not connect to host
devnsec.com: could not connect to host
devnull.team: could not connect to host
@@ -4600,12 +4727,13 @@ devolution.ws: could not connect to host
devopps.me: could not connect to host
devops.moe: could not connect to host
devopsconnected.com: could not connect to host
-devpgsv.com: could not connect to host
+devpgsv.com: did not receive HSTS header
devtestfan1.gov: could not connect to host
devtub.com: could not connect to host
devuan.org: did not receive HSTS header
dewebwerf.nl: did not receive HSTS header
dewin.io: could not connect to host
+dexonsoftware.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
dfixit.com: could not connect to host
dfrance.com.br: did not receive HSTS header
dfviana.com.br: max-age too low: 2592000
@@ -4642,17 +4770,16 @@ dichvudangkygiayphep.com: could not connect to host
dicio.com.br: did not receive HSTS header
dick.red: could not connect to host
didierlaumen.be: did not receive HSTS header
-didikhari.web.id: did not receive HSTS header
die-besten-weisheiten.de: could not connect to host
die-gruenen-teufel.de: could not connect to host
dieb.photo: could not connect to host
diejanssens.net: did not receive HSTS header
diemogebhardt.com: could not connect to host
-dierabenmutti.de: max-age too low: 7776000
dierencompleet.nl: did not receive HSTS header
dierenkruiden.nl: did not receive HSTS header
dieser.me: could not connect to host
dietagespresse.com: did not receive HSTS header
+dietergreven.de: did not receive HSTS header
diewebstube.de: could not connect to host
diezel.com: could not connect to host
diferenca.com: did not receive HSTS header
@@ -4660,11 +4787,13 @@ diff2html.xyz: did not receive HSTS header
diggable.co: max-age too low: 2592000
digihyp.ch: did not receive HSTS header
digikol.net: could not connect to host
+digimomedia.co.uk: did not receive HSTS header
diginota.com: did not receive HSTS header
digired.ro: could not connect to host
digired.xyz: could not connect to host
-digital1world.com: did not receive HSTS header
+digital1world.com: could not connect to host
digitalbank.kz: could not connect to host
+digitalcash.cf: could not connect to host
digitalcloud.ovh: could not connect to host
digitalcuko.com: did not receive HSTS header
digitaldaddy.net: could not connect to host
@@ -4680,8 +4809,7 @@ digitalnonplus.com: could not connect to host
digitalquery.com: did not receive HSTS header
digitalriver.tk: did not receive HSTS header
digitalrxcloud.com: could not connect to host
-digitalunite.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-digitalwasteland.net: could not connect to host
+digitalwasteland.net: did not receive HSTS header
digiworks.se: did not receive HSTS header
diguass.us: could not connect to host
dijks.com: could not connect to host
@@ -4721,6 +4849,7 @@ direwolfsoftware.ca: could not connect to host
dirips.com: did not receive HSTS header
dirtycat.ru: could not connect to host
disadattamentolavorativo.it: could not connect to host
+discipul.nl: did not receive HSTS header
disclosure.io: did not receive HSTS header
disco-crazy-world.de: could not connect to host
discord-chan.net: could not connect to host
@@ -4728,7 +4857,7 @@ discountmania.eu: did not receive HSTS header
discountmetaux.fr: did not receive HSTS header
discover-mercure.com: could not connect to host
discoveringdocker.com: could not connect to host
-discoverrsv.com: did not receive HSTS header
+discoverrsv.com: could not connect to host
discoverucluelet.com: did not receive HSTS header
discoverwellness.center: could not connect to host
discovery.lookout.com: did not receive HSTS header
@@ -4739,6 +4868,7 @@ disruptivelabs.net: could not connect to host
disruptivelabs.org: could not connect to host
dissieux.com: did not receive HSTS header
dissimulo.me: could not connect to host
+distiduffer.org: could not connect to host
distinctivephotography.com.au: could not connect to host
distinguishedwindows.co.uk: did not receive HSTS header
distractionco.de: did not receive HSTS header
@@ -4763,7 +4893,9 @@ dj4et.de: could not connect to host
djieno.com: could not connect to host
djsk.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
djul.net: could not connect to host
+djursland-psykologen.dk: did not receive HSTS header
djxmmx.net: did not receive HSTS header
+djz4music.com: did not receive HSTS header
dkn.go.id: did not receive HSTS header
dkniss.de: could not connect to host
dl.google.com: did not receive HSTS header (error ignored - included regardless)
@@ -4778,11 +4910,11 @@ dmcastles.com: did not receive HSTS header
dmcglobaltravel.com.mx: did not receive HSTS header
dmcibulldog.com: did not receive HSTS header
dmdre.com: did not receive HSTS header
+dmeevalumate.com: did not receive HSTS header
dmenergy.ru: did not receive HSTS header
dmfd.net: could not connect to host
dmix.ca: could not connect to host
dmlogic.com: could not connect to host
-dmmkenya.co.ke: could not connect to host
dmtry.me: did not receive HSTS header
dmwall.cn: could not connect to host
dmz.ninja: could not connect to host
@@ -4794,7 +4926,7 @@ dns.google.com: did not receive HSTS header (error ignored - included regardless
dnsbird.net: could not connect to host
dnsbird.org: could not connect to host
dnscrypt.nl: could not connect to host
-dnscrypt.org: could not connect to host
+dnscrypt.org: did not receive HSTS header
dnsknowledge.com: did not receive HSTS header
dnsql.io: could not connect to host
dnzz123.com: did not receive HSTS header
@@ -4802,7 +4934,6 @@ do-do.tk: could not connect to host
do-it.cz: could not connect to host
doak.io: did not receive HSTS header
dobet.in: could not connect to host
-dobrev.family: could not connect to host
doc-justice.com: did not receive HSTS header
docid.io: could not connect to host
dockerm.com: could not connect to host
@@ -4810,18 +4941,21 @@ dockerturkiye.com: could not connect to host
docket.news: could not connect to host
doclassworks.com: could not connect to host
doclot.io: could not connect to host
-docplexus.in: could not connect to host
+docplexus.in: did not receive HSTS header
docplexus.org: did not receive HSTS header
docset.io: could not connect to host
docsoc.org.uk: could not connect to host
docufiel.com: could not connect to host
doculus.io: could not connect to host
documentations-sociales.com: could not connect to host
+docupet.com: did not receive HSTS header
docxtemplater.com: did not receive HSTS header
doesmycodehavebugs.today: could not connect to host
doeswindowssuckforeveryoneorjustme.com: could not connect to host
+dog-blum.com: could not connect to host
dogbox.se: did not receive HSTS header
dogcratereview.info: could not connect to host
+doge.town: could not connect to host
dogespeed.ga: could not connect to host
dogfi.sh: could not connect to host
doggieholic.net: could not connect to host
@@ -4844,7 +4978,7 @@ dolphin-cloud.com: could not connect to host
dolphin-hosting.com: could not connect to host
dolphincorp.co.uk: could not connect to host
dolphinswithlasers.com: could not connect to host
-dolt.xyz: could not connect to host
+dolt.xyz: did not receive HSTS header
domaine-aigoual-cevennes.com: did not receive HSTS header
domainelaremejeanne.com: did not receive HSTS header
domaris.de: did not receive HSTS header
@@ -4853,10 +4987,12 @@ domen-reg.ru: could not connect to host
domengrad.ru: did not receive HSTS header
domenicocatelli.com: did not receive HSTS header
domfee.com: could not connect to host
+domian.cz: could not connect to host
dominikanskarepubliken.guide: could not connect to host
dominioanimal.com: could not connect to host
dominioanimal.com.br: could not connect to host
dominique-mueller.de: could not connect to host
+domwkwiatach.pl: did not receive HSTS header
domytermpaper.com: could not connect to host
don.yokohama: could not connect to host
dong8.top: could not connect to host
@@ -4869,11 +5005,11 @@ donna-bellini-business-fotografie-muenchen.de: did not receive HSTS header
donotspampls.me: could not connect to host
donotspellitgav.in: did not receive HSTS header
donpaginasweb.com: did not receive HSTS header
-donpomodoro.com.co: did not receive HSTS header
donsbach-edv.de: did not receive HSTS header
donthedragonwilson.com: could not connect to host
donttrustrobots.nl: could not connect to host
donzelot.co.uk: did not receive HSTS header
+donzool.es: could not connect to host
doobydude.us: could not connect to host
doodledraw.ninja: could not connect to host
doodlefinder.de: max-age too low: 600000
@@ -4884,13 +5020,13 @@ doopdidoop.com: did not receive HSTS header
door.cards: could not connect to host
dopfer-fenstertechnik.de: did not receive HSTS header
dopost.it: could not connect to host
+doppenpost.nl: could not connect to host
doriginal.es: did not receive HSTS header
dorkfarm.com: did not receive HSTS header
dormebebe.com.br: could not connect to host
dosipe.com: could not connect to host
doska.kz: could not connect to host
dostavkakurierom.ru: could not connect to host
-dot.ro: did not receive HSTS header
dotadata.me: could not connect to host
dotb.dn.ua: did not receive HSTS header
dotbrick.co.th: could not connect to host
@@ -4900,6 +5036,7 @@ dotspaperie.com: could not connect to host
doublethink.online: could not connect to host
doubleyummy.uk: did not receive HSTS header
dougferris.id.au: could not connect to host
+douglas-ma.gov: did not receive HSTS header
douglasstafford.com: did not receive HSTS header
doujin-domain.cz: could not connect to host
doujin.nagoya: could not connect to host
@@ -4907,6 +5044,7 @@ doulasofgreaterkansascity.org: max-age too low: 300
dovecotadmin.org: could not connect to host
doveholesband.co.uk: did not receive HSTS header
dovetailnow.com: could not connect to host
+dovro.de: could not connect to host
dowc.org: did not receive HSTS header
download.jitsi.org: did not receive HSTS header
downsouthweddings.com.au: did not receive HSTS header
@@ -4927,15 +5065,16 @@ dragons-of-highlands.cz: did not receive HSTS header
dragonsmoke.cloud: could not connect to host
dragonstower.net: could not connect to host
dragonteam.ninja: could not connect to host
+drahcro.uk: could not connect to host
drainagebuizen.nl: did not receive HSTS header
drakefortreasurer.sexy: could not connect to host
drakensberg-tourism.com: did not receive HSTS header
drakfot.se: could not connect to host
dralexjimenez.com: did not receive HSTS header
-dranek.com: max-age too low: 2592000
drastosasports.com.br: could not connect to host
-drawvesly.ovh: did not receive HSTS header
+drawvesly.ovh: could not connect to host
drbarnabus.com: could not connect to host
+drbethanybarnes.com: could not connect to host
drdavidgilpin.com: did not receive HSTS header
drdevil.ru: could not connect to host
drdim.ru: could not connect to host
@@ -4947,6 +5086,8 @@ dreamersgiftshopec.com: could not connect to host
dreaming.solutions: could not connect to host
dreamlighteyeserum.com: could not connect to host
dreamsforabetterworld.com.au: did not receive HSTS header
+dreamtechie.com: did not receive HSTS header
+dreatho.com: did not receive HSTS header
dreax.win: could not connect to host
dredgepress.com: did not receive HSTS header
dreischneidiger.de: could not connect to host
@@ -4989,6 +5130,8 @@ droomhuisophetplattelandverkopen.nl: could not connect to host
dropcam.com: did not receive HSTS header
drostschocolates.com: did not receive HSTS header
drpure.pw: could not connect to host
+drpure.top: did not receive HSTS header
+drrodina.com: did not receive HSTS header
drtroyhendrickson.com: could not connect to host
drtti.io: could not connect to host
drturner.com.au: did not receive HSTS header
@@ -4996,7 +5139,6 @@ drubn.de: could not connect to host
drugagodba.si: did not receive HSTS header
drumbandesperanto.nl: could not connect to host
drump-truck.com: did not receive HSTS header
-drunkscifi.com: could not connect to host
drupal123.com: could not connect to host
druznek.rocks: could not connect to host
druznek.xyz: could not connect to host
@@ -5008,19 +5150,17 @@ ds-christiansen.de: could not connect to host
dshiv.io: could not connect to host
dsne.com.mx: could not connect to host
dsouzamusic.com: did not receive HSTS header
-dsrw.org: max-age too low: 1576800
dsuinnovation.com: could not connect to host
-dsyunmall.com: did not receive HSTS header
+dsyunmall.com: could not connect to host
dtechstore.com.br: did not receive HSTS header
dtub.co: could not connect to host
dualias.xyz: could not connect to host
duan.li: could not connect to host
-dubai-company.ae: could not connect to host
dubaosheng.com: could not connect to host
dubik.su: did not receive HSTS header
duchyoffeann.com: could not connect to host
+ducius.net: could not connect to host
duckasylum.com: did not receive HSTS header
-duckyubuntu.tk: could not connect to host
ducohosting.com: did not receive HSTS header
dudesunderwear.com.br: could not connect to host
duelsow.eu: could not connect to host
@@ -5033,20 +5173,24 @@ dukec.me: could not connect to host
dukefox.com: could not connect to host
duks.com.br: did not receive HSTS header
dullsir.com: did not receive HSTS header
+dum.moe: could not connect to host
dumbdemo.com: could not connect to host
dunamiscommunity.com: could not connect to host
dunashoes.com: could not connect to host
dune.io: did not receive HSTS header
dunea.nl: did not receive HSTS header
dung-massage.fr: did not receive HSTS header
-dunklau.fr: could not connect to host
duo.money: could not connect to host
duocircle.com: did not receive HSTS header
duole30.com: could not connect to host
+duonganhtuan.com: could not connect to host
duongpho.com: did not receive HSTS header
+duploclique.pt: did not receive HSTS header
durangoenergyllc.com: could not connect to host
dushu.cat: could not connect to host
duskopy.top: could not connect to host
+dustycloth.com: could not connect to host
+dutchessuganda.com: did not receive HSTS header
dutchrank.com: did not receive HSTS header
dutyfreeonboard.com: did not receive HSTS header
duuu.ch: could not connect to host
@@ -5055,6 +5199,7 @@ dvotx.org: did not receive HSTS header
dwellstudio.com: did not receive HSTS header
dwhd.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
dwnld.me: could not connect to host
+dxm.no-ip.biz: could not connect to host
dycem-ns.com: did not receive HSTS header
dycontrol.de: could not connect to host
dylanscott.com.au: did not receive HSTS header
@@ -5063,16 +5208,18 @@ dynamic-networks.be: could not connect to host
dynamize.solutions: did not receive HSTS header
dyncdn.me: could not connect to host
dynts.pro: could not connect to host
-dyz.pw: did not receive HSTS header
+dyz.pw: could not connect to host
dziekonski.com: could not connect to host
dzimejl.sk: did not receive HSTS header
dzlibs.io: could not connect to host
dzndk.net: could not connect to host
dzndk.org: could not connect to host
dzytdl.com: did not receive HSTS header
+e-apack.com.br: could not connect to host
e-aut.net: could not connect to host
e-baraxolka.ru: could not connect to host
e-deca2.org: did not receive HSTS header
+e-gemeinde.at: could not connect to host
e-isfa.eu: did not receive HSTS header
e-mak.eu: could not connect to host
e-migration.ch: could not connect to host
@@ -5081,6 +5228,7 @@ e-planetelec.fr: did not receive HSTS header
e-pokupki.eu: did not receive HSTS header
e-rickroll-r.pw: could not connect to host
e-sa.com: did not receive HSTS header
+e-tune-mt.net: could not connect to host
e-vau.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
e-vo-linka.cz: did not receive HSTS header
e-wishlist.net: could not connect to host
@@ -5109,6 +5257,7 @@ earlybirdsnacks.com: could not connect to host
earth-people.org: could not connect to host
earthrise16.com: could not connect to host
easew.com: could not connect to host
+easez.net: could not connect to host
eason-yang.com: could not connect to host
east-line.su: could not connect to host
eastcoastbubbleandbounce.co.uk: could not connect to host
@@ -5144,9 +5293,10 @@ ebooksgratuits.org: could not connect to host
ebop.ch: could not connect to host
ebp2p.com: could not connect to host
ebraph.com: could not connect to host
+ebrnd.de: could not connect to host
ebrowz.com: could not connect to host
ec-baran.de: could not connect to host
-ecake.in: did not receive HSTS header
+ecake.in: could not connect to host
ecc-kaufbeuren.de: could not connect to host
eccux.com: could not connect to host
ecelembrou.ovh: could not connect to host
@@ -5154,7 +5304,8 @@ ecfs.link: could not connect to host
ecg.fr: could not connect to host
echipstore.com: did not receive HSTS header
echoactive.com: max-age too low: 7776000
-echomanchester.net: could not connect to host
+echomanchester.net: did not receive HSTS header
+ecir.pro: could not connect to host
eckro.com: could not connect to host
eco-wiki.com: could not connect to host
ecobrain.be: max-age too low: 0
@@ -5171,7 +5322,10 @@ econativa.pt: could not connect to host
economy.st: did not receive HSTS header
economycarrentalscyprus.com: could not connect to host
ecorus.eu: did not receive HSTS header
+ecos.srl: did not receive HSTS header
+ecoskif.ru: could not connect to host
ecosoftconsult.com: could not connect to host
+ecosystemmanager.azurewebsites.net: did not receive HSTS header
ecotruck-pooling.com: did not receive HSTS header
ecrimex.net: did not receive HSTS header
ectora.com: could not connect to host
@@ -5181,6 +5335,7 @@ edcphenix.tk: could not connect to host
eddmixpanel.com: could not connect to host
edelblack.ch: could not connect to host
edelsteincosmetic.com: did not receive HSTS header
+eden-institut-carita-valdisere.com: did not receive HSTS header
eden-mobility.co.uk: did not receive HSTS header
eden-noel.at: could not connect to host
edenaya.com: could not connect to host
@@ -5195,6 +5350,7 @@ edisonchee.com: did not receive HSTS header
edissecurity.sk: did not receive HSTS header
edition-pommern.com: max-age too low: 86400
editoraacademiacrista.com.br: could not connect to host
+editoraimaculada.com.br: did not receive HSTS header
edix.ru: could not connect to host
edk.com.tr: did not receive HSTS header
edpubs.gov: could not connect to host
@@ -5213,6 +5369,7 @@ eduvance.in: did not receive HSTS header
ee-terminals.com: could not connect to host
eeb98.com: could not connect to host
eeetrust.org: could not connect to host
+eemcevn.com: could not connect to host
eenekorea.com: could not connect to host
eengezinswoning-in-alphen-aan-den-rijn-kopen.nl: could not connect to host
eengezinswoning-in-de-friese-meren-kopen.nl: could not connect to host
@@ -5234,21 +5391,20 @@ eez.ee: could not connect to host
effectiveosgi.com: could not connect to host
effectivepapers.com: could not connect to host
efficienthealth.com: could not connect to host
+effizienta.ch: did not receive HSTS header
eftcorp.biz: did not receive HSTS header
egfl.org.uk: did not receive HSTS header
egge.com: max-age too low: 0
egit.co: could not connect to host
-eglek.com: could not connect to host
ego-world.org: could not connect to host
egupova.ru: did not receive HSTS header
-ehcommerce.com: did not receive HSTS header
ehealthcounselor.com: could not connect to host
ehipaadev.com: could not connect to host
ehito.ovh: could not connect to host
ehr.gov: could not connect to host
ehrenamt-skpfcw.de: could not connect to host
ehrlichesbier.de: could not connect to host
-ehseller.com: did not receive HSTS header
+ehsellert.com: did not receive HSTS header
ehuber.info: could not connect to host
eicfood.com: could not connect to host
eidolonhost.com: did not receive HSTS header
@@ -5257,7 +5413,6 @@ eigenbubi.de: could not connect to host
eightyfour.ca: could not connect to host
eigo.work: did not receive HSTS header
eimanavicius.lt: did not receive HSTS header
-einar.io: max-age too low: 86400
einfachmaldiefressehalten.de: could not connect to host
einhorn.space: could not connect to host
einmonolog.de: could not connect to host
@@ -5267,9 +5422,10 @@ einsitapis.com: could not connect to host
ejgconsultancy.co.uk: did not receive HSTS header
ejuicelab.co.uk: did not receive HSTS header
ejusu.com: could not connect to host
-ek.network: could not connect to host
+ek.network: did not receive HSTS header
ekbanden.nl: could not connect to host
ekobudisantoso.net: could not connect to host
+ekodevices.com: could not connect to host
ekong366.com: could not connect to host
eksik.com: could not connect to host
el-soul.com: did not receive HSTS header
@@ -5283,10 +5439,10 @@ elbaal.gov: did not receive HSTS header
elblein.de: did not receive HSTS header
elblogdegoyo.mx: max-age too low: 2592000
elbohlyart.com: did not receive HSTS header
-eldevo.com: could not connect to host
eldietista.es: could not connect to host
eldisagjapi.de: could not connect to host
elearningpilot.com: did not receive HSTS header
+eleaut.com.br: did not receive HSTS header
electicofficial.com: did not receive HSTS header
electricalcontrolpanels.co.uk: could not connect to host
electricant.com: did not receive HSTS header
@@ -5311,13 +5467,16 @@ elenagherta.ga: could not connect to host
elenoon.ir: max-age too low: 1
elenorsmadness.org: could not connect to host
eleonorengland.com: did not receive HSTS header
-elestanteliterario.com: did not receive HSTS header
+elestanteliterario.com: max-age too low: 43200
elevateandprosper.com: could not connect to host
+elevator.ee: could not connect to host
+elexel.ru: could not connect to host
elgacien.de: could not connect to host
elguillatun.cl: did not receive HSTS header
elhall.pro: did not receive HSTS header
elhall.ru: did not receive HSTS header
eliasojala.me: did not receive HSTS header
+elielaloum.com: could not connect to host
elimdengelen.com: did not receive HSTS header
eline168.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
eliott.be: could not connect to host
@@ -5327,8 +5486,10 @@ elite-box.org: did not receive HSTS header
elite-porno.ru: could not connect to host
elitecovering.fr: did not receive HSTS header
elitefishtank.com: could not connect to host
+elitehosting.de: did not receive HSTS header
elitesensual.com.br: did not receive HSTS header
elizeugomes.com.br: did not receive HSTS header
+ell-net.tokyo: could not connect to host
ellen-skye.de: max-age too low: 604800
elliff.net: did not receive HSTS header
elliotgluck.com: did not receive HSTS header
@@ -5340,13 +5501,13 @@ elo.fyi: could not connect to host
elohna.ch: did not receive HSTS header
elonbase.com: could not connect to host
elonm.ru: could not connect to host
+elosuite.com: could not connect to host
eloxt.com: could not connect to host
elpay.kz: did not receive HSTS header
elpo.xyz: could not connect to host
elsamakhin.com: could not connect to host
elsemanario.com: did not receive HSTS header
elsensohn.ch: did not receive HSTS header
-elsignificadodesonar.com: did not receive HSTS header
elsitar.com: could not connect to host
elsword.moe: could not connect to host
eltransportquevolem.org: could not connect to host
@@ -5356,9 +5517,12 @@ elyisus.info: did not receive HSTS header
elytronsecurity.com: did not receive HSTS header
email.lookout.com: could not connect to host
email2rss.net: could not connect to host
+emailalaperformance.fr: could not connect to host
emailcontrol.nl: did not receive HSTS header
+emailing.alsace: could not connect to host
emanatepixels.com: could not connect to host
emanga.su: did not receive HSTS header
+emasex.es: could not connect to host
emavok.eu: could not connect to host
embellir-aroma.com: could not connect to host
embellir-kyujin.com: could not connect to host
@@ -5371,6 +5535,7 @@ emergencymedicinefoundations.com: did not receive HSTS header
emergentvisiontec.com: did not receive HSTS header
emesolutions.net: did not receive HSTS header
emiele.com.br: could not connect to host
+emiliendevos.be: could not connect to host
emilyhorsman.com: could not connect to host
emilyshepherd.me: did not receive HSTS header
eminhuseynov.com: could not connect to host
@@ -5378,6 +5543,7 @@ eminovic.me: could not connect to host
emjainteractive.com: did not receive HSTS header
emjimadhu.com: could not connect to host
emma-o.com: could not connect to host
+emma.ca: did not receive HSTS header
emmable.com: could not connect to host
emmaliddell.com: did not receive HSTS header
emmanuelle-et-julien.ch: could not connect to host
@@ -5398,17 +5564,15 @@ empty-r.com: could not connect to host
emptypath.com: did not receive HSTS header
emupedia.net: did not receive HSTS header
emyself.info: could not connect to host
-emyself.org: did not receive HSTS header
+emyself.org: could not connect to host
en4u.org: could not connect to host
-enaah.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
enaia.fr: did not receive HSTS header
+enaim.de: max-age too low: 0
encadrer-mon-enfant.com: did not receive HSTS header
encode.space: could not connect to host
encode.uk.com: did not receive HSTS header
encoder.pw: could not connect to host
-encoderx.uk: could not connect to host
encontrebarato.com.br: could not connect to host
-encore.io: could not connect to host
encrypted.google.com: did not receive HSTS header (error ignored - included regardless)
encryptedaudience.com: could not connect to host
encryptio.com: could not connect to host
@@ -5416,8 +5580,7 @@ end.pp.ua: could not connect to host
endangeredwatch.com: could not connect to host
ende-x.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
endlessdark.net: max-age too low: 600
-endlessdiy.ca: could not connect to host
-endlesshorizon.net: could not connect to host
+endlesshorizon.net: max-age too low: 0
endlesstone.com: did not receive HSTS header
endofinternet.goip.de: could not connect to host
endofnet.org: could not connect to host
@@ -5431,7 +5594,7 @@ enefan.jp: could not connect to host
enelacto.com: did not receive HSTS header
energethik-tulln.at: did not receive HSTS header
energisammenslutningen.dk: could not connect to host
-energy.eu: did not receive HSTS header
+energyradio.mk: max-age too low: 0
enersaveapp.org: could not connect to host
enersec.co.uk: could not connect to host
enfoqueseguro.com: did not receive HSTS header
@@ -5444,12 +5607,12 @@ englishdirectory.de: could not connect to host
englishyamal.ru: did not receive HSTS header
enigmacpt.com: did not receive HSTS header
enigmail.net: did not receive HSTS header
-enixgaming.com: could not connect to host
enjen.net: did not receive HSTS header
enjoymayfield.com: max-age too low: 0
enjoystudio.ro: did not receive HSTS header
enlatte.com: could not connect to host
enlazaresbueno.cl: could not connect to host
+enlighten10x.ga: could not connect to host
enlightened.si: did not receive HSTS header
enoou.com: could not connect to host
enpalmademallorca.info: could not connect to host
@@ -5465,6 +5628,7 @@ enterdev.co: did not receive HSTS header
enterprisecarclub.co.uk: could not connect to host
enterprisechannel.asia: did not receive HSTS header
enterprivacy.com: did not receive HSTS header
+entersynapse.com: could not connect to host
entheorie.net: did not receive HSTS header
entourneebeetle.com: could not connect to host
entrepreneur.or.id: could not connect to host
@@ -5491,8 +5655,9 @@ epave.paris: could not connect to host
epaygateway.net: could not connect to host
ephe.be: could not connect to host
ephry.com: could not connect to host
+epicbouncycastlehirenorwich.co.uk: could not connect to host
epicmc.games: could not connect to host
-epicsoft.de: could not connect to host
+epicpages.com: could not connect to host
eposcloud.net: could not connect to host
eposmidlands.co.uk: could not connect to host
eposnewport.co.uk: did not receive HSTS header
@@ -5505,13 +5670,14 @@ eposwales.co.uk: could not connect to host
epoxate.com: could not connect to host
eprofitacademy.com: did not receive HSTS header
epsorting.cz: did not receive HSTS header
-epulsar.ru: max-age too low: 604800
+epulsar.ru: did not receive HSTS header
epvin.com: could not connect to host
eq8.net.au: could not connect to host
eqib.nl: did not receive HSTS header
+eqibank.com: could not connect to host
eqim.me: could not connect to host
eqorg.com: could not connect to host
-equallyy.com: could not connect to host
+equallyy.com: did not receive HSTS header
equalparts.eu: could not connect to host
equate.net.au: did not receive HSTS header
equatetechnologies.com.au: did not receive HSTS header
@@ -5523,7 +5689,6 @@ equitee.co: did not receive HSTS header
equityflows.com: did not receive HSTS header
er-music.com: could not connect to host
erad.fr: could not connect to host
-erasmo.info: could not connect to host
erawanarifnugroho.com: did not receive HSTS header
erclab.kr: could not connect to host
erecciontotalal100.com: could not connect to host
@@ -5534,7 +5699,7 @@ ericbond.net: could not connect to host
erichalv.com: could not connect to host
ericloud.tk: could not connect to host
ericorporation.com: did not receive HSTS header
-ericyl.com: could not connect to host
+eridanus.uk: could not connect to host
eriel.com.br: could not connect to host
erikwagner.de: did not receive HSTS header
erinlin.com: did not receive HSTS header
@@ -5548,6 +5713,7 @@ eromixx.com: could not connect to host
eromon.net: could not connect to host
erotalia.es: could not connect to host
erotic4me.ch: did not receive HSTS header
+eroticforce.com: could not connect to host
erotische-aanbiedingen.nl: could not connect to host
erotpo.cz: could not connect to host
erpiv.com: could not connect to host
@@ -5561,6 +5727,7 @@ es8888.net: could not connect to host
es888999.com: could not connect to host
es999.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
es9999.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+esaborit.ddns.net: could not connect to host
esb-in.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
esb-top.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
esb-top.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -5671,6 +5838,7 @@ esbm4.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_
esbm5.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
esbuilders.co.nz: did not receive HSTS header
escalate.eu: could not connect to host
+escape2rooms.fr: did not receive HSTS header
escapees.com: did not receive HSTS header
escolaengenharia.com.br: did not receive HSTS header
escort-byuro.net: could not connect to host
@@ -5685,6 +5853,7 @@ esh.ink: could not connect to host
eshepperd.com: did not receive HSTS header
eshobe.com: did not receive HSTS header
eshtapay.com: could not connect to host
+esipublications.com: did not receive HSTS header
esko.bar: could not connect to host
esln.org: did not receive HSTS header
esmoney.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -5711,6 +5880,7 @@ essayscam.org: could not connect to host
essayshark.com: could not connect to host
essaywebsite.com: did not receive HSTS header
essenceofvitalitydetox.com: could not connect to host
+essencesdeprana.org: did not receive HSTS header
essential12.com: could not connect to host
essentialoilsimports.com: could not connect to host
essentiel-physique.com: could not connect to host
@@ -5746,6 +5916,7 @@ ethantskinner.com: did not receive HSTS header
ether.school: could not connect to host
etherderbies.com: could not connect to host
etheria-software.tk: did not receive HSTS header
+etherpad.fr: did not receive HSTS header
ethicalexploiting.com: could not connect to host
ethicall.org.uk: did not receive HSTS header
ethicaltek.com: could not connect to host
@@ -5764,6 +5935,7 @@ ettebiz.com: max-age too low: 0
etula.ga: did not receive HSTS header
etula.me: could not connect to host
etys.no: did not receive HSTS header
+etzi.myds.me: did not receive HSTS header
euanbaines.com: did not receive HSTS header
eucl3d.com: could not connect to host
euclideanpostulates.xyz: could not connect to host
@@ -5781,11 +5953,11 @@ eupresidency2018.com: could not connect to host
euren.se: could not connect to host
eurocamping.se: could not connect to host
eurocomcompany.cz: could not connect to host
+euroconthr.ro: could not connect to host
euroescortguide.com: could not connect to host
europapier.at: did not receive HSTS header
europapier.ba: did not receive HSTS header
europapier.bg: did not receive HSTS header
-europapier.com: did not receive HSTS header
europapier.cz: did not receive HSTS header
europapier.hr: did not receive HSTS header
europapier.rs: did not receive HSTS header
@@ -5798,7 +5970,7 @@ eurospecautowerks.com: did not receive HSTS header
eurostrategy.vn.ua: could not connect to host
euvo.tk: could not connect to host
evades.io: did not receive HSTS header
-evangelosm.com: could not connect to host
+evadifranco.com: did not receive HSTS header
evanhandgraaf.nl: did not receive HSTS header
evankurniawan.com: did not receive HSTS header
evanreev.es: could not connect to host
@@ -5822,13 +5994,14 @@ everygayporn.xyz: could not connect to host
everylab.org: could not connect to host
everymove.org: could not connect to host
everything.place: could not connect to host
+everythingstech.com: could not connect to host
everytruckjob.com: did not receive HSTS header
eveseat.net: could not connect to host
eveshaiwu.com: could not connect to host
evi.be: did not receive HSTS header
+evilarmy.com: did not receive HSTS header
evilbeasts.ru: could not connect to host
evilcult.me: did not receive HSTS header
-evileden.com: could not connect to host
evilnerd.de: did not receive HSTS header
evilness.nl: could not connect to host
evilsay.com: could not connect to host
@@ -5836,6 +6009,7 @@ evilvolcanolairs.com: did not receive HSTS header
evin.ml: could not connect to host
evio.com: did not receive HSTS header
evites.me: could not connect to host
+evokepk.com: could not connect to host
evoludis.net: did not receive HSTS header
evolutionexpeditions.com: did not receive HSTS header
evomon.com: could not connect to host
@@ -5853,15 +6027,17 @@ exceptionalbits.com: could not connect to host
exceptionalservices.us: could not connect to host
exchangecoordinator.com: could not connect to host
exchangeworks.co: did not receive HSTS header
-exclusivedesignz.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+exclusivedesignz.com: could not connect to host
exebouncycastles.co.uk: did not receive HSTS header
exembit.com: did not receive HSTS header
exfiles.cz: could not connect to host
exgaywatch.com: could not connect to host
exgravitus.com: could not connect to host
+exhaledayspa.com.au: did not receive HSTS header
exno.co: could not connect to host
exnovin.co: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
exocen.com: could not connect to host
+exoplatform.com: did not receive HSTS header
exoticads.com: could not connect to host
exousiakaidunamis.xyz: could not connect to host
expatads.com: could not connect to host
@@ -5871,6 +6047,7 @@ experticon.com: did not receive HSTS header
expertmile.com: did not receive HSTS header
experts-en-gestion.fr: did not receive HSTS header
explodingcamera.com: did not receive HSTS header
+exploration.ga: did not receive HSTS header
expo-designers.com: did not receive HSTS header
expokohler.com: did not receive HSTS header
expoort.com.br: could not connect to host
@@ -5890,7 +6067,7 @@ extratorrents.tech: could not connect to host
extremenetworking.net: could not connect to host
extremeservicesandrestoration.com: could not connect to host
exy.pw: could not connect to host
-eyasc.nl: did not receive HSTS header
+eyasc.nl: could not connect to host
eyedarts.com: did not receive HSTS header
eyeglassuniverse.com: did not receive HSTS header
eyenote.gov: did not receive HSTS header
@@ -5899,6 +6076,7 @@ eyesoccer-didikh.rhcloud.com: could not connect to host
eyesonly.cc: did not receive HSTS header
eytosh.net: could not connect to host
ez.fi: could not connect to host
+ezequiel-garzon.net: could not connect to host
ezgamble.com: did not receive HSTS header
ezimoeko.net: could not connect to host
ezmod.org: could not connect to host
@@ -5919,11 +6097,12 @@ faber.io: could not connect to host
faberusa.com: did not receive HSTS header
fabhub.io: could not connect to host
fabian-kluge.de: could not connect to host
+fabian-koeppen.de: did not receive HSTS header
fabianasantiago.com: could not connect to host
fabianfischer.de: did not receive HSTS header
fabianmunoz.com: did not receive HSTS header
fabienbaker.com: could not connect to host
-fabled.com: did not receive HSTS header
+fabled.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
fabriko.fr: did not receive HSTS header
fabriziorocca.com: could not connect to host
fabulouslyyouthfulskin.com: could not connect to host
@@ -5979,7 +6158,7 @@ familie-sprink.de: did not receive HSTS header
familie-zimmermann.at: could not connect to host
familiegrottendieck.de: max-age too low: 7776000
familletouret.fr: did not receive HSTS header
-famio.cn: did not receive HSTS header
+famio.cn: could not connect to host
fanflow.com: could not connect to host
fansmade.art: could not connect to host
fant.dk: did not receive HSTS header
@@ -5994,7 +6173,6 @@ faraonplay5.com: could not connect to host
faraonplay7.com: could not connect to host
faraonplay8.com: could not connect to host
faraslot8.net: could not connect to host
-farces.com: could not connect to host
faretravel.co.uk: could not connect to host
farkas.bz: did not receive HSTS header
farm24.co.uk: could not connect to host
@@ -6002,6 +6180,9 @@ farmacia.pt: did not receive HSTS header
farmaciaformula.com.br: could not connect to host
farmaciamedicom.com.br: could not connect to host
farmmaximizer.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+farrel-f.id: could not connect to host
+farsil.eu: could not connect to host
+fascia.fit: could not connect to host
fashion.net: did not receive HSTS header
fashioncare.cz: did not receive HSTS header
fashiondays.bg: max-age too low: 0
@@ -6015,14 +6196,13 @@ fastbackmbg.be: could not connect to host
fastbackmbm.be: could not connect to host
fastcomcorp.net: did not receive HSTS header
fastconfirm.com: could not connect to host
-fastforwardsociety.nl: could not connect to host
+fastcp.top: could not connect to host
fastograph.com: could not connect to host
fastopen.ml: could not connect to host
fastwebsites.com.br: did not receive HSTS header
fastworx.com: did not receive HSTS header
fatdoge.cn: did not receive HSTS header
fatgeekflix.net: could not connect to host
-fatherhood.gov: did not receive HSTS header
fatlossguide.xyz: could not connect to host
fator25.com.br: could not connect to host
fatox.de: could not connect to host
@@ -6030,12 +6210,11 @@ fattorino.it: did not receive HSTS header
fatwin.pw: could not connect to host
fatzebra.com.au: max-age too low: 0
favorit.club: did not receive HSTS header
-fawkex.me: could not connect to host
+fawkex.me: did not receive HSTS header
faxreader.net: could not connect to host
-fayntic.com: could not connect to host
fayolle.info: did not receive HSTS header
fbf.gov: did not receive HSTS header
-fbi.pw: did not receive HSTS header
+fbi.pw: could not connect to host
fbook.top: could not connect to host
fbox.li: could not connect to host
fcapartsdb.com: could not connect to host
@@ -6046,12 +6225,13 @@ fdm.ro: did not receive HSTS header
fdt.name: did not receive HSTS header
feard.space: could not connect to host
fecik.sk: did not receive HSTS header
-fed51.com: could not connect to host
+fed51.com: did not receive HSTS header
fedbizopps.gov: could not connect to host
fedemo.top: did not receive HSTS header
federalregister.gov: did not receive HSTS header
fedn.it: could not connect to host
fedo.moe: could not connect to host
+fee-hosting.com: max-age too low: 0
feedstringer.com: could not connect to host
feedthebot.com: did not receive HSTS header
feegg.com.br: could not connect to host
@@ -6061,11 +6241,13 @@ fegans.org.uk: did not receive HSTS header
feirlane.org: could not connect to host
feist.io: could not connect to host
feitobrasilcosmeticos.com.br: did not receive HSTS header
+fejes.house: could not connect to host
felger-times.fr: could not connect to host
felgitscher.xyz: max-age too low: 2592000
felisslovakia.sk: did not receive HSTS header
feliwyn.fr: did not receive HSTS header
felixhefner.de: did not receive HSTS header
+felixqu.com: did not receive HSTS header
felixrr.pro: could not connect to host
femaledom.xyz: could not connect to host
femdombbw.com: could not connect to host
@@ -6086,23 +6268,22 @@ fernangp.com: could not connect to host
fernseher-kauf.de: could not connect to host
ferrolatino.com: could not connect to host
feschiyan.com: could not connect to host
-festember.com: could not connect to host
+festember.com: did not receive HSTS header
festival.house: did not receive HSTS header
festivalxdentro.com: did not receive HSTS header
festrip.com: could not connect to host
-fetch.co.uk: did not receive HSTS header
+fetch.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
fetclips.se: could not connect to host
fetlife.com: could not connect to host
fettbrot.tk: did not receive HSTS header
feudaltactics.com: could not connect to host
feuerwehr-dachaufsetzer.de: could not connect to host
-fexmen.com: did not receive HSTS header
+fexmen.com: could not connect to host
ff-bg.xyz: could not connect to host
-ffh.me: could not connect to host
+ffbans.org: did not receive HSTS header
ffl123.com: did not receive HSTS header
-ffsociety.nl: could not connect to host
fgequipamentos.com.br: did not receive HSTS header
-fhg90.com: could not connect to host
+fhg90.com: did not receive HSTS header
fhsseniormens.club: could not connect to host
fi-sanki.co.jp: could not connect to host
fibrasynormasdecolombia.com: did not receive HSTS header
@@ -6124,6 +6305,7 @@ fightr.co: could not connect to host
figura.cz: did not receive HSTS header
figura.im: did not receive HSTS header
figuurzagers.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+fiissh.tech: did not receive HSTS header
fiksel.info: could not connect to host
fikt.space: could not connect to host
filamentia.nl: could not connect to host
@@ -6159,7 +6341,8 @@ findmybottleshop.com.au: could not connect to host
findthere.net: could not connect to host
findtutorsnearme.com: did not receive HSTS header
findyour.diet: could not connect to host
-finer04.pw: did not receive HSTS header
+fine-services.paris: could not connect to host
+finer04.pw: could not connect to host
finewineonline.com: could not connect to host
fingent.com: did not receive HSTS header
fingerscrossed.style: could not connect to host
@@ -6177,7 +6360,6 @@ firebird.io: did not receive HSTS header
firefall.rocks: could not connect to host
firehost.com: did not receive HSTS header
fireinthedeep.com: could not connect to host
-firekoi.com: did not receive HSTS header
firemail.io: could not connect to host
fireorbit.de: did not receive HSTS header
firepeak.ru: could not connect to host
@@ -6190,6 +6372,7 @@ firstchoicepool.com: did not receive HSTS header
firstdogonthemoon.com.au: did not receive HSTS header
firstforex.co.uk: did not receive HSTS header
firstlook.org: did not receive HSTS header
+fischer-its.com: could not connect to host
fiscoeconti.it: did not receive HSTS header
fishfinders.info: did not receive HSTS header
fiskestang.com: did not receive HSTS header
@@ -6200,7 +6383,6 @@ fitfitup.com: did not receive HSTS header
fitiapp.com: could not connect to host
fitnesswerk.de: could not connect to host
fitqbe.com: did not receive HSTS header
-fitseven.ru: did not receive HSTS header
fitshop.com.br: could not connect to host
fitsw.com: did not receive HSTS header
fiuxy.org: could not connect to host
@@ -6212,7 +6394,7 @@ fivezerocreative.com: did not receive HSTS header
fiws.net: did not receive HSTS header
fix-the-timeline.com: could not connect to host
fix-the-timeline.org: could not connect to host
-fixate.ru: max-age too low: 3153600
+fixate.ru: could not connect to host
fixeaide.com: did not receive HSTS header
fixeaider.com: did not receive HSTS header
fixico-staging.nl: could not connect to host
@@ -6253,10 +6435,10 @@ flc111.com: did not receive HSTS header
flc999.com: max-age too low: 129600
fleamarketgoods.com: did not receive HSTS header
flemingtonaudiparts.com: could not connect to host
+flesters.com.br: did not receive HSTS header
fleurette.me: could not connect to host
fleursdesoleil.fr: did not receive HSTS header
flexdrukker.nl: could not connect to host
-fleximaal.com: could not connect to host
flexinvesting.fi: could not connect to host
flextribly.xyz: could not connect to host
fliexer.com: could not connect to host
@@ -6264,11 +6446,11 @@ flightschoolusa.com: did not receive HSTS header
flikmsg.co: could not connect to host
fling.dating: could not connect to host
flipagram.com: did not receive HSTS header
-flipbell.com: did not receive HSTS header
+flipbell.com: could not connect to host
flipkey.com: did not receive HSTS header
flirchi.com: did not receive HSTS header
-flirtycourts.com: did not receive HSTS header
-flixhaven.net: could not connect to host
+flirtycourts.com: could not connect to host
+flixhaven.net: did not receive HSTS header
flixtor.net: could not connect to host
flkrpxl.com: max-age too low: 86400
flood.io: did not receive HSTS header
@@ -6277,6 +6459,7 @@ flopy.club: could not connect to host
florafiora.com.br: did not receive HSTS header
florian-lillpopp.de: did not receive HSTS header
florian-schlachter.de: did not receive HSTS header
+florian2833z.de: could not connect to host
florianlillpopp.de: did not receive HSTS header
floridaderi.ru: did not receive HSTS header
floridaescapes.co.uk: did not receive HSTS header
@@ -6295,6 +6478,7 @@ floweslawncare.com: could not connect to host
flowlo.me: could not connect to host
flox.io: could not connect to host
floydm.com: did not receive HSTS header
+flucky.xyz: could not connect to host
flucto.com: did not receive HSTS header
flue-ducting.co.uk: did not receive HSTS header
flugplatz-edvc.de: could not connect to host
@@ -6314,19 +6498,20 @@ flyingyoung.top: could not connect to host
flyspace.ga: did not receive HSTS header
flyspace.ml: did not receive HSTS header
flyss.net: could not connect to host
+flyssh.net: could not connect to host
fm83.nl: could not connect to host
fm992.com: could not connect to host
fmapplication.com: could not connect to host
fmi.gov: did not receive HSTS header
fmovies.fyi: did not receive HSTS header
-fmovies.life: could not connect to host
+fmovies.life: did not receive HSTS header
fnfpt.co.uk: could not connect to host
fniephaus.com: did not receive HSTS header
fnncat.com: did not receive HSTS header
fnvsecurity.com: could not connect to host
fobc-usa.org: did not receive HSTS header
focalforest.com: could not connect to host
-foerster-kunststoff.de: could not connect to host
+foerster-kunststoff.de: did not receive HSTS header
fognini-depablo.eu: could not connect to host
fohome.ca: could not connect to host
fokan.ch: did not receive HSTS header
@@ -6334,7 +6519,6 @@ fol.tf: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAI
foliekonsulenten.dk: did not receive HSTS header
folioapp.io: could not connect to host
folkfests.org: did not receive HSTS header
-folwarkwiazy.pl: could not connect to host
fondanastasia.ru: did not receive HSTS header
fondy.ru: did not receive HSTS header
foneo.com: could not connect to host
@@ -6365,10 +6549,10 @@ fordshop.by: [Exception... "Component returned failure code: 0x80004005 (NS_ERRO
foreignexchangeresource.com: did not receive HSTS header
forestfinance.fr: did not receive HSTS header
foreveralone.io: could not connect to host
-foreverssl.com: could not connect to host
foreveryoung.pt: did not receive HSTS header
forex-dan.com: did not receive HSTS header
forex-plus.com: did not receive HSTS header
+forexsignals7.com: could not connect to host
forgix.com: could not connect to host
forglemmigej.net: could not connect to host
forlagetmarx.dk: did not receive HSTS header
@@ -6376,16 +6560,14 @@ formadmin.com: did not receive HSTS header
formaliteo.com: did not receive HSTS header
formasdemaquillarse.com: did not receive HSTS header
formazioneopen.it: could not connect to host
-formbetter.com: could not connect to host
formersessalaries.com: did not receive HSTS header
formkiq.com: could not connect to host
formula.cf: could not connect to host
+forpc.us: did not receive HSTS header
forplanetsake.com: could not connect to host
forplayers.pl: could not connect to host
forquilhinhanoticias.com.br: did not receive HSTS header
forsyththeatre.com: could not connect to host
-fort.eu: did not receive HSTS header
-fortknox.cz: did not receive HSTS header
fortoglethorpega.gov: could not connect to host
fortricks.in: did not receive HSTS header
fortuna-loessnitz.de: could not connect to host
@@ -6411,7 +6593,6 @@ fotopasja.info: could not connect to host
fotostravestisbr.com: could not connect to host
fourchin.net: could not connect to host
fourwheelpartloanssimple.com: did not receive HSTS header
-fox.my: could not connect to host
foxdev.io: could not connect to host
foxelbox.com: did not receive HSTS header
foxes.no: could not connect to host
@@ -6440,7 +6621,6 @@ franklinhua.com: could not connect to host
fransallen.com: did not receive HSTS header
franta.biz: did not receive HSTS header
franta.email: did not receive HSTS header
-frantorregrosa.me: did not receive HSTS header
franzt.de: could not connect to host
franzt.ovh: could not connect to host
frasesaniversarios.com.br: did not receive HSTS header
@@ -6449,11 +6629,68 @@ frasys.cloud: max-age too low: 2592000
frasys.io: could not connect to host
fraudempire.com: could not connect to host
freakyamazing.com: could not connect to host
-freakyawesome.ca: did not receive HSTS header
-freakyawesome.co.uk: did not receive HSTS header
-freakyawesome.com: max-age too low: 86400
-freakyawesome.in: did not receive HSTS header
-freakyawesome.net: could not connect to host
+freakyaweso.me: did not receive HSTS header
+freakyawesome.blog: max-age too low: 86400
+freakyawesome.club: did not receive HSTS header
+freakyawesome.co: did not receive HSTS header
+freakyawesome.com: did not receive HSTS header
+freakyawesome.company: did not receive HSTS header
+freakyawesome.dance: did not receive HSTS header
+freakyawesome.design: could not connect to host
+freakyawesome.education: did not receive HSTS header
+freakyawesome.email: did not receive HSTS header
+freakyawesome.events: did not receive HSTS header
+freakyawesome.fashion: did not receive HSTS header
+freakyawesome.fitness: did not receive HSTS header
+freakyawesome.fm: did not receive HSTS header
+freakyawesome.fun: did not receive HSTS header
+freakyawesome.fyi: did not receive HSTS header
+freakyawesome.games: did not receive HSTS header
+freakyawesome.guide: did not receive HSTS header
+freakyawesome.guru: did not receive HSTS header
+freakyawesome.info: did not receive HSTS header
+freakyawesome.io: did not receive HSTS header
+freakyawesome.lgbt: did not receive HSTS header
+freakyawesome.life: did not receive HSTS header
+freakyawesome.live: did not receive HSTS header
+freakyawesome.management: did not receive HSTS header
+freakyawesome.marketing: did not receive HSTS header
+freakyawesome.me: did not receive HSTS header
+freakyawesome.media: did not receive HSTS header
+freakyawesome.network: did not receive HSTS header
+freakyawesome.news: did not receive HSTS header
+freakyawesome.online: did not receive HSTS header
+freakyawesome.photography: did not receive HSTS header
+freakyawesome.photos: did not receive HSTS header
+freakyawesome.press: did not receive HSTS header
+freakyawesome.recipes: did not receive HSTS header
+freakyawesome.rentals: did not receive HSTS header
+freakyawesome.reviews: did not receive HSTS header
+freakyawesome.science: did not receive HSTS header
+freakyawesome.services: did not receive HSTS header
+freakyawesome.shop: did not receive HSTS header
+freakyawesome.site: did not receive HSTS header
+freakyawesome.social: did not receive HSTS header
+freakyawesome.software: did not receive HSTS header
+freakyawesome.solutions: could not connect to host
+freakyawesome.space: did not receive HSTS header
+freakyawesome.store: did not receive HSTS header
+freakyawesome.support: did not receive HSTS header
+freakyawesome.team: did not receive HSTS header
+freakyawesome.tech: did not receive HSTS header
+freakyawesome.technology: did not receive HSTS header
+freakyawesome.tips: did not receive HSTS header
+freakyawesome.today: did not receive HSTS header
+freakyawesome.tours: did not receive HSTS header
+freakyawesome.training: did not receive HSTS header
+freakyawesome.tv: did not receive HSTS header
+freakyawesome.video: did not receive HSTS header
+freakyawesome.website: did not receive HSTS header
+freakyawesome.work: did not receive HSTS header
+freakyawesome.world: could not connect to host
+freakyawesome.wtf: did not receive HSTS header
+freakyawesome.xyz: did not receive HSTS header
+freakyawesome.yoga: could not connect to host
freakyawesomeblog.com: could not connect to host
freakyawesomeio.com: could not connect to host
freakyawesomemedia.com: could not connect to host
@@ -6465,39 +6702,47 @@ freakyawesometeam.com: could not connect to host
freakyawesometheme.com: could not connect to host
freakyawesomethemes.com: could not connect to host
freakyawesomewp.com: could not connect to host
+frebi.org: could not connect to host
+frebib.co.uk: could not connect to host
+frebib.com: could not connect to host
frebib.me: could not connect to host
+frebib.net: could not connect to host
freddythechick.uk: could not connect to host
+fredericcote.com: could not connect to host
frederickalcantara.com: could not connect to host
fredliang.cn: could not connect to host
fredriksslekt.se: did not receive HSTS header
free-your-pc.com: could not connect to host
free8.xyz: could not connect to host
freeasinlliure.org: did not receive HSTS header
-freeassangenow.org: did not receive HSTS header
freeben666.fr: could not connect to host
freebies.id: could not connect to host
freeblog.me: could not connect to host
freebookmakerbets.com.au: did not receive HSTS header
+freecookies.nl: did not receive HSTS header
freedomrealtyoftexas.com: did not receive HSTS header
freedomvote.nl: could not connect to host
freeexampapers.com: could not connect to host
freeflow.tv: could not connect to host
freehao123.cn: could not connect to host
freejidi.com: could not connect to host
-freekdevries.nl: did not receive HSTS header
freelancecollab.com: could not connect to host
freelanced.co.za: could not connect to host
freelanceshipping.com: did not receive HSTS header
freelandinnovation.com: did not receive HSTS header
freelansir.com: could not connect to host
freemanning.de: could not connect to host
-freematthale.net: could not connect to host
+freematthale.net: did not receive HSTS header
+freepoints.us: could not connect to host
freeslots.guru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
freesoftwaredriver.com: could not connect to host
freesounding.com: did not receive HSTS header
freesounding.ru: did not receive HSTS header
freethought.org.au: could not connect to host
freeutopia.org: did not receive HSTS header
+freevps.us: did not receive HSTS header
+freitasul.com.br: could not connect to host
+freitasul.io: could not connect to host
frenzel.dk: could not connect to host
freqlabs.com: did not receive HSTS header
freshfind.xyz: could not connect to host
@@ -6512,7 +6757,6 @@ fridaperfumaria.com.br: could not connect to host
friedhelm-wolf.de: could not connect to host
friendica.ch: could not connect to host
friendlyfiregameshow.com: could not connect to host
-friendlysiberia.com: could not connect to host
friller.com.au: did not receive HSTS header
frimons.com: max-age too low: 7889238
fritteli.ch: did not receive HSTS header
@@ -6574,7 +6818,6 @@ fuelministry.com: did not receive HSTS header
fugamo.de: did not receive HSTS header
fugle.de: could not connect to host
fuitedeau.ch: could not connect to host
-fujianshipbuilding.com: could not connect to host
fujiorganics.com: did not receive HSTS header
fukuko.biz: could not connect to host
fukuko.xyz: could not connect to host
@@ -6590,11 +6833,12 @@ fumiware.com: could not connect to host
fun25.tk: could not connect to host
fun9.cc: could not connect to host
fun99.cc: could not connect to host
-funarena.com.ua: did not receive HSTS header
+funarena.com.ua: could not connect to host
fundacionfranciscofiasco.org: could not connect to host
fundacionhijosdelsol.org: could not connect to host
fundayltd.com: could not connect to host
funderburg.me: did not receive HSTS header
+fundingempire.com: could not connect to host
funerariahogardecristo.cl: did not receive HSTS header
fungame.eu: did not receive HSTS header
funi4u.com: could not connect to host
@@ -6604,12 +6848,13 @@ funkyweddingideas.com.au: could not connect to host
funnelweb.xyz: could not connect to host
funny-joke-pictures.com: did not receive HSTS header
funnyang.com: could not connect to host
-funoverip.net: could not connect to host
funrun.com: did not receive HSTS header
funtastic-event-hire.co.uk: did not receive HSTS header
funtastic.ie: could not connect to host
funtimebourne.co.uk: did not receive HSTS header
fuorifuocogenova.it: could not connect to host
+furaje-iasi.com: could not connect to host
+furcity.me: could not connect to host
furi.ga: could not connect to host
furiffic.com: did not receive HSTS header
furikake.xyz: could not connect to host
@@ -6643,11 +6888,12 @@ fwww7.com: could not connect to host
fxgame.online: could not connect to host
fxpig-ib.com: could not connect to host
fxwebstudio.com.au: max-age too low: 0
+fydjbsd.cn: could not connect to host
fyodorpi.com: did not receive HSTS header
fyol.pw: could not connect to host
fysiohaenraets.nl: did not receive HSTS header
fzn.io: did not receive HSTS header
-fzslm.me: could not connect to host
+fzslm.me: did not receive HSTS header
g-i-s.vn: did not receive HSTS header
g-marketing.ro: could not connect to host
g-o.pl: did not receive HSTS header
@@ -6660,6 +6906,7 @@ g2a.co: did not receive HSTS header
g2g.com: did not receive HSTS header
g4w.co: could not connect to host (error ignored - included regardless)
g5led.nl: could not connect to host
+g6666g.tk: could not connect to host
g77.ca: could not connect to host
gaanbaksho.com.au: did not receive HSTS header
gaasuper6.com: could not connect to host
@@ -6673,29 +6920,32 @@ gabriele-kluge.de: could not connect to host
gabrielsimonet.ch: could not connect to host
gaelleetarnaud.com: did not receive HSTS header
gafachi.com: could not connect to host
+gagne-enterprises.com: did not receive HSTS header
gaichanh.com: did not receive HSTS header
gainesvillegoneaustin.org: did not receive HSTS header
gaiserik.com: did not receive HSTS header
gaite.me: did not receive HSTS header
gajas18.com: could not connect to host
-gakkainavi.net: could not connect to host
+gakkainavi-epsilon.jp: could not connect to host
gakkainavi4.com: could not connect to host
+gala.kiev.ua: could not connect to host
galardi.org: could not connect to host
galena.io: could not connect to host
galenskap.eu: could not connect to host
galeriadobimba.com.br: could not connect to host
+galeriart.xyz: could not connect to host
galerieautodirect.com: did not receive HSTS header
galgoafegao.com.br: could not connect to host
galgoingles.com.br: could not connect to host
galgopersa.com.br: could not connect to host
gali.review: did not receive HSTS header
galileomtz.com: did not receive HSTS header
+gallerify.eu: could not connect to host
gallery44.org: did not receive HSTS header
galoisvpn.xyz: could not connect to host
gam3rs.de: could not connect to host
gamajo.com: did not receive HSTS header
gambitcloud.net: could not connect to host
-game-files.net: did not receive HSTS header
game-gentle.com: could not connect to host
game.yt: could not connect to host
game88city.com: could not connect to host
@@ -6729,11 +6979,11 @@ gametium.es: could not connect to host
gamhealth.net: could not connect to host
gamingmedia.eu: did not receive HSTS header
gamingreinvented.com: did not receive HSTS header
-gamisalya.com: did not receive HSTS header
gamismodelbaru.com: did not receive HSTS header
gamismu.com: did not receive HSTS header
gamoice.com: did not receive HSTS header
gampenhof.de: could not connect to host
+gan.wtf: could not connect to host
gangnam-club.com: could not connect to host
gangnam-karaoke.com: did not receive HSTS header
ganhonet.com.br: did not receive HSTS header
@@ -6759,7 +7009,7 @@ gartenhauszentrum.de: [Exception... "Component returned failure code: 0x80004005
gasbarkenora.com: could not connect to host
gasnews.net: could not connect to host
gasser-daniel.ch: did not receive HSTS header
-gassouthkenticoqa.azurewebsites.net: did not receive HSTS header
+gassouthkenticoqa.azurewebsites.net: could not connect to host
gastauftritt.net: did not receive HSTS header
gastritisolucion.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
gatapro.net: could not connect to host
@@ -6770,11 +7020,11 @@ gatilagata.com.br: could not connect to host
gatomix.net: could not connect to host
gatorsa.es: could not connect to host
gaussorgues.me: could not connect to host
-gautham.pro: could not connect to host
+gautham.pro: did not receive HSTS header
gavick.com: did not receive HSTS header
gay-jays.com: could not connect to host
gay-sissies.com: could not connect to host
-gaya-sa.org: did not receive HSTS header
+gaya-sa.org: could not connect to host
gayauthors.org: could not connect to host
gayforgenji.com: could not connect to host
gaygeeks.de: could not connect to host
@@ -6792,9 +7042,10 @@ gchp.ie: did not receive HSTS header
gcodetools.com: could not connect to host
gdegem.org: did not receive HSTS header
gdevpenze.ru: could not connect to host
-gdprhallofshame.com: could not connect to host
+gdprhallofshame.com: did not receive HSTS header
gdutnic.com: could not connect to host
gdz-otvety.com: could not connect to host
+gdz.tv: could not connect to host
gear-acquisition-syndrome.community: could not connect to host
gearseo.com.br: did not receive HSTS header
geaskb.nl: could not connect to host
@@ -6802,10 +7053,12 @@ geass.xyz: could not connect to host
geblitzt.de: did not receive HSTS header
gedankenbude.info: could not connect to host
gedankenworks.com: could not connect to host
+geek.ch: could not connect to host
+geek1.de: did not receive HSTS header
geekbaba.com: could not connect to host
geekcast.co.uk: could not connect to host
geekchimp.com: could not connect to host
-geekdt.com: did not receive HSTS header
+geekdt.com: could not connect to host
geekmind.org: max-age too low: 172800
geeks.berlin: could not connect to host
geeks.lgbt: could not connect to host
@@ -6817,17 +7070,18 @@ geemo.top: could not connect to host
gehrke.nrw: could not connect to host
geigr.de: could not connect to host
geiser.io: did not receive HSTS header
+gekosoft.eu: could not connect to host
geldteveel.eu: could not connect to host
geli-graphics.com: did not receive HSTS header
-gem-info.fr: could not connect to host
gemeinfreie-lieder.de: did not receive HSTS header
gemsoftheworld.org: could not connect to host
gemuplay.com: could not connect to host
+genbright.com: could not connect to host
genemesservwparts.com: could not connect to host
general-insurance.tk: could not connect to host
generalpants.com.au: did not receive HSTS header
generationnext.pl: could not connect to host
-genesischangelog.com: could not connect to host
+genesischangelog.com: did not receive HSTS header
geneve.guide: could not connect to host
genia-life.de: could not connect to host
genie-seiner-generation.de: did not receive HSTS header
@@ -6838,6 +7092,7 @@ genshiken.org: could not connect to host
gensokyo.chat: could not connect to host
genuu.com: did not receive HSTS header
genuxation.com: could not connect to host
+genuxtsg.com: did not receive HSTS header
genxbeats.com: could not connect to host
genxnotes.com: could not connect to host
genyaa.com: could not connect to host
@@ -6848,6 +7103,7 @@ geoffdev.com: could not connect to host
geoffmyers.com: did not receive HSTS header
geoffreyrichard.com: did not receive HSTS header
geopals.net: did not receive HSTS header
+georgehalachev.com: did not receive HSTS header
georgeperez.me: could not connect to host
georgesonarthurs.com.au: did not receive HSTS header
gepe.ch: did not receive HSTS header
@@ -6855,6 +7111,7 @@ gereja.ga: max-age too low: 1209600
gerencianet.com.br: did not receive HSTS header
gereon.ch: could not connect to host
geri.be: could not connect to host
+germancraft.net: could not connect to host
germansoldiers.net: could not connect to host
gers-authentique.com: could not connect to host
gerum.dynv6.net: did not receive HSTS header
@@ -6874,6 +7131,7 @@ getcarina.com: could not connect to host
getcleartouch.com: did not receive HSTS header
getcolor.com: did not receive HSTS header
getdigitized.net: could not connect to host
+geteduroam.no: could not connect to host
getenergized2018.kpn: could not connect to host
getfestify.com: did not receive HSTS header
getfilterlive.org: could not connect to host
@@ -6892,6 +7150,7 @@ getgeek.se: did not receive HSTS header
getinternet.de: did not receive HSTS header
getkai.co.nz: did not receive HSTS header
getlantern.org: did not receive HSTS header
+getleanflorida.gov: could not connect to host
getlifti.com: could not connect to host
getlittleapps.com: could not connect to host
getlolaccount.com: did not receive HSTS header
@@ -6942,13 +7201,16 @@ ghowell.io: could not connect to host
gianlucapartengo.photography: did not receive HSTS header
giant-powerfit.co.uk: did not receive HSTS header
gibraltar-firma.com: did not receive HSTS header
+gibraltar.at: could not connect to host
+gicl.dk: could not connect to host
giddyaunt.net: could not connect to host
gidea.nu: could not connect to host
giduv.com: did not receive HSTS header
giegler.software: could not connect to host
giftbg.org: did not receive HSTS header
+giftedconsortium.com: could not connect to host
giftgofers.com: max-age too low: 2592000
-giftservices.nl: did not receive HSTS header
+giftservices.nl: could not connect to host
gifzilla.net: could not connect to host
gigacloud.org: could not connect to host
gigawattz.com: did not receive HSTS header
@@ -6959,6 +7221,7 @@ gilescountytn.gov: did not receive HSTS header
gilgaz.com: did not receive HSTS header
gillet-cros.fr: could not connect to host
gilly.berlin: did not receive HSTS header
+gilpinmanagement.com: did not receive HSTS header
gilpinrealty.com: did not receive HSTS header
gilroywestwood.org: did not receive HSTS header
gincher.net: did not receive HSTS header
@@ -6966,6 +7229,7 @@ gingali.de: did not receive HSTS header
ginie.de: did not receive HSTS header
ginijony.com: did not receive HSTS header
ginkel.com: did not receive HSTS header
+ginnegappen.nl: could not connect to host
gintenreiter-photography.com: did not receive HSTS header
giochistem.it: could not connect to host
giogadesign.com: did not receive HSTS header
@@ -6973,6 +7237,7 @@ gip-carif-idf.net: could not connect to host
gip-carif-idf.org: could not connect to host
gipsamsfashion.com: could not connect to host
gipsic.com: did not receive HSTS header
+giraffeinflatables.co.uk: did not receive HSTS header
girlsgonesporty.com: could not connect to host
girlsnet.work: could not connect to host
gis3m.org: did not receive HSTS header
@@ -6986,13 +7251,17 @@ github.party: did not receive HSTS header
givemyanswer.com: could not connect to host
giverang.biz: could not connect to host
giverang.com: could not connect to host
+givip.eu: could not connect to host
gix.net.pl: could not connect to host
gixtools.co.uk: could not connect to host
gixtools.uk: could not connect to host
gizmo.ovh: could not connect to host
gizzo.sk: could not connect to host
+gkimanyar.org: did not receive HSTS header
glabiatoren-kst.de: could not connect to host
gladystudio.com: did not receive HSTS header
+glahcks.com: could not connect to host
+glaspe.com: could not connect to host
glass.google.com: did not receive HSTS header (error ignored - included regardless)
glasslikes.com: did not receive HSTS header
glbg.eu: did not receive HSTS header
@@ -7005,6 +7274,7 @@ glicerina.online: could not connect to host
glittersjabloon.nl: did not receive HSTS header
glitzmirror.com: could not connect to host
glnpo.gov: could not connect to host
+global.hr: could not connect to host
globalado.com: could not connect to host
globalbridge-japan.com: did not receive HSTS header
globalelite.black: did not receive HSTS header
@@ -7015,7 +7285,7 @@ globalinstitutefortraining.org.au: did not receive HSTS header
globalittech.com: could not connect to host
globalmoneyapp.com: could not connect to host
globalmusic.ga: could not connect to host
-globalnewsdaily.cf: could not connect to host
+globalnewsdaily.cf: did not receive HSTS header
globalnomadvintage.com: could not connect to host
globalperspectivescanada.com: could not connect to host
globalsites.nl: did not receive HSTS header
@@ -7028,7 +7298,6 @@ gloomyspark.com: could not connect to host
glotter.com: did not receive HSTS header
gloucesterphotographer.com: did not receive HSTS header
glubbforum.de: did not receive HSTS header
-gluecksgriff-taschen.de: could not connect to host
glutenfreiheit.at: could not connect to host
glws.org: did not receive HSTS header
gm-assicurazioni.it: could not connect to host
@@ -7041,7 +7310,6 @@ gmplab.com: did not receive HSTS header
gnaptracker.tk: could not connect to host
gnom.me: could not connect to host
gnosticjade.net: did not receive HSTS header
-gnwp.eu: could not connect to host
gnylf.com: could not connect to host
go.ax: did not receive HSTS header
go2sh.de: did not receive HSTS header
@@ -7062,6 +7330,7 @@ godbo9.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_
godbo9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
godbo9.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
godesb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+godofnea.com: could not connect to host
godrealms.com: could not connect to host
godruoyi.com: did not receive HSTS header
goedeke.ml: could not connect to host
@@ -7113,7 +7382,6 @@ goozz.nl: did not receive HSTS header
gopay.cz: did not receive HSTS header
gopokego.cz: could not connect to host
goranrango.ch: could not connect to host
-gordonobrecht.com: did not receive HSTS header
gorgiaxx.com: could not connect to host
gorilla-gym.site: could not connect to host
gorillow.com: could not connect to host
@@ -7128,29 +7396,29 @@ gotobrno.cz: did not receive HSTS header
gotocloud.ru: could not connect to host
gotowned.org: could not connect to host
gotspot.com: could not connect to host
-gottfridsberg.org: could not connect to host
gottfriedfeyen.com: did not receive HSTS header
goubi.me: did not receive HSTS header
goujianwen.com: did not receive HSTS header
goukon.ru: could not connect to host
gourmettia.com: did not receive HSTS header
-gouthro-goteborg.se: could not connect to host
+gouthro-goteborg.se: did not receive HSTS header
gouv.ovh: did not receive HSTS header
gov.ax: could not connect to host
goverage.org: could not connect to host
govillemo.ca: did not receive HSTS header
-govtjobs.blog: could not connect to host
gowin9.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
gowin9.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
gozadentro.com: could not connect to host
gozel.com.tr: did not receive HSTS header
gpalabs.com: could not connect to host
gparent.org: did not receive HSTS header
+gpfclan.de: could not connect to host
gpga.cf: could not connect to host
gplintegratedit.com: could not connect to host
gpo.gov: did not receive HSTS header
gps.com.br: could not connect to host
gpsarena.ro: could not connect to host
+gpsfix.cz: could not connect to host
gpstuner.com: did not receive HSTS header
graavaapi.elasticbeanstalk.com: could not connect to host
grabi.ga: could not connect to host
@@ -7158,8 +7426,8 @@ gracechurchpc.net: could not connect to host
graceful-project.eu: did not receive HSTS header
gracesofgrief.com: could not connect to host
grachtenpandverkopen.nl: could not connect to host
-grademymac.com: did not receive HSTS header
-grademypc.com: did not receive HSTS header
+grademymac.com: could not connect to host
+grademypc.com: could not connect to host
gradenotify.com: could not connect to host
grads360.org: could not connect to host
gradsm-ci.net: could not connect to host
@@ -7194,20 +7462,24 @@ greatfire.kr: could not connect to host
greatideahub.com: did not receive HSTS header
greatlengthshairextensionssalon.com: did not receive HSTS header
greatnet.de: did not receive HSTS header
-greatsong.net: did not receive HSTS header
-greedbutt.com: could not connect to host
+greatsong.net: max-age too low: 2592000
+greedbutt.com: max-age too low: 2592000
green-light.cf: could not connect to host
green-light.ga: could not connect to host
green-light.gq: could not connect to host
green-light.ml: could not connect to host
+greenbaysecuritysolutions.com: did not receive HSTS header
greencardtalent.com: could not connect to host
greenconn.ca: could not connect to host
+greendroid.de: did not receive HSTS header
greenenergysolution.uk: did not receive HSTS header
greenesting.ch: could not connect to host
greenesting.com: could not connect to host
+greenglam.biz: did not receive HSTS header
+greengoblindev.com: could not connect to host
greengov.gov: could not connect to host
greenhillantiques.co.uk: did not receive HSTS header
-greenitpark.net: could not connect to host
+greenitpark.net: did not receive HSTS header
greensolid.biz: could not connect to host
greenville.ag: did not receive HSTS header
greenvines.com.tw: did not receive HSTS header
@@ -7215,8 +7487,6 @@ greenvpn.ltd: could not connect to host
greenvpn.pro: did not receive HSTS header
greggsfoundation.org.uk: could not connect to host
gregmartyn.com: could not connect to host
-gregmarziomedia.co.za: did not receive HSTS header
-gregmilton.com: could not connect to host
gregmilton.org: could not connect to host
gregorytlee.me: could not connect to host
grekland.guide: could not connect to host
@@ -7228,12 +7498,12 @@ grettogeek.com: did not receive HSTS header
greuel.online: could not connect to host
greve.xyz: could not connect to host
grevesgarten.de: could not connect to host
-greybeards.ca: could not connect to host
greyline.se: could not connect to host
grian-bam.at: did not receive HSTS header
gribani.com: could not connect to host
grid2osm.org: could not connect to host
gridle.io: did not receive HSTS header
+griecopelino.com: did not receive HSTS header
grifomarchetti.com: did not receive HSTS header
grigalanzsoftware.com: could not connect to host
grillinfools.com: did not receive HSTS header
@@ -7279,6 +7549,7 @@ gtdgo.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_
gtech.work: did not receive HSTS header
gtldna.com: could not connect to host
gtraxapp.com: could not connect to host
+gts-dp.de: did not receive HSTS header
gts-schulsoftware.de: did not receive HSTS header
gtts.space: did not receive HSTS header
guarajubaimoveis.com.br: did not receive HSTS header
@@ -7312,6 +7583,7 @@ gulitsky.me: could not connect to host
gulleyperformancecenter.com: did not receive HSTS header
gulshankumar.net: did not receive HSTS header
gumannp.de: did not receive HSTS header
+gumballs.com: did not receive HSTS header
gummibande.noip.me: could not connect to host
gunhunter.com: could not connect to host
guniram.com: did not receive HSTS header
@@ -7365,21 +7637,27 @@ h3x.jp: could not connect to host
haarkliniek.com: did not receive HSTS header
habbixed.tk: could not connect to host
habbo.life: could not connect to host
+habbos.es: could not connect to host
habbotalk.nl: could not connect to host
habeo.si: could not connect to host
hablemosdetecnologia.com.ve: could not connect to host
+habtium.com: could not connect to host
hac30.com: could not connect to host
+hack.club: could not connect to host
hack.cz: could not connect to host
hack.li: could not connect to host
hackbubble.me: could not connect to host
+hacker.club: could not connect to host
hacker.deals: could not connect to host
hacker8.cn: could not connect to host
hackercat.ninja: max-age too low: 2592000
+hackerco.com: did not receive HSTS header
hackerforever.com: did not receive HSTS header
hackerlite.xyz: max-age too low: 0
hackerone-ext-adroll.com: could not connect to host
hackerpoints.com: did not receive HSTS header
hackerspace-ntnu.no: did not receive HSTS header
+hackerstxt.org: could not connect to host
hackest.org: did not receive HSTS header
hackingsafe.com: could not connect to host
hackit.im: could not connect to host
@@ -7389,7 +7667,7 @@ hacksnack.io: could not connect to host
hackyourfaceoff.com: could not connect to host
hackzogtum-coburg.de: did not receive HSTS header
hadaf.pro: could not connect to host
-hadret.com: could not connect to host
+hadret.com: did not receive HSTS header
hadret.sh: could not connect to host
hadzic.co: could not connect to host
haeckdesign.com: did not receive HSTS header
@@ -7399,6 +7677,7 @@ haemmerle.net: [Exception... "Component returned failure code: 0x80004005 (NS_ER
haf.gr: could not connect to host
hafoda.com: did not receive HSTS header
hahayidu.org: could not connect to host
+haidihai.ro: did not receive HSTS header
hail2u.net: did not receive HSTS header
hainoni.com: did not receive HSTS header
hairlossstop.net: could not connect to host
@@ -7416,8 +7695,8 @@ hal-9th.space: could not connect to host
halcyonsbastion.com: could not connect to host
half-logic.eu.org: could not connect to host
halfwaythere.eu: could not connect to host
-halletienne.fr: could not connect to host
-halloweenthings.website: did not receive HSTS header
+halledesprix.fr: did not receive HSTS header
+halloweenthings.website: could not connect to host
halo.red: could not connect to host
halta.info: did not receive HSTS header
halyul.cc: did not receive HSTS header
@@ -7474,6 +7753,7 @@ happytiger.eu: could not connect to host
hapsfordmill.co.uk: could not connect to host
hapvm.com: could not connect to host
haqaza.com.br: did not receive HSTS header
+harald-pfeiffer.de: could not connect to host
harambe.site: could not connect to host
harbourweb.net: did not receive HSTS header
hardline.xyz: could not connect to host
@@ -7486,6 +7766,7 @@ harlentimberproducts.co.uk: did not receive HSTS header
harmonycosmetic.com: max-age too low: 300
harrisonsdirect.co.uk: did not receive HSTS header
harristony.com: could not connect to host
+harry-baker.com: could not connect to host
harryharrison.co: did not receive HSTS header
harrypottereditor.com: could not connect to host
harrypottereditor.net: could not connect to host
@@ -7533,7 +7814,7 @@ haze-productions.com: could not connect to host
haze.network: did not receive HSTS header
haze.sucks: could not connect to host
hazeltime.com: could not connect to host
-hazloconlapix.com: could not connect to host
+hazeltime.se: did not receive HSTS header
hazyrom.net: could not connect to host
hb1111.com: could not connect to host
hb3333.com: could not connect to host
@@ -7553,9 +7834,8 @@ hcfhomelottery.ca: did not receive HSTS header
hcoe.fi: did not receive HSTS header
hcr.io: did not receive HSTS header
hcs-company.com: did not receive HSTS header
-hcs-company.nl: did not receive HSTS header
+hcs-company.nl: could not connect to host
hcstr.com: did not receive HSTS header
-hd1tj.org: did not receive HSTS header
hda.me: did not receive HSTS header
hdm.io: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
hdrboundless.com: could not connect to host
@@ -7568,40 +7848,43 @@ hdwallpapers.net: could not connect to host
hdy.nz: could not connect to host
head-shop.lt: could not connect to host
head-shop.lv: could not connect to host
-head.org: could not connect to host
headmates.xyz: could not connect to host
health-match.com.au: could not connect to host
+health.gov: could not connect to host
healthcare6.com: did not receive HSTS header
+healthfinder.gov: could not connect to host
healthjoy.com: did not receive HSTS header
healthlabs.com: did not receive HSTS header
healthmatchapp.com: could not connect to host
healthyandnaturalliving.com: could not connect to host
healthycod.in: could not connect to host
-healtious.com: did not receive HSTS header
+healtious.com: could not connect to host
hearingshofar.com: could not connect to host
heart.ge: could not connect to host
-heart.taxi: max-age too low: 0
heartlandrentals.com: did not receive HSTS header
hearty.cf: did not receive HSTS header
hearty.ink: could not connect to host
hearty.space: could not connect to host
hearty.tech: could not connect to host
+hearty.us: could not connect to host
heartyapp.com: could not connect to host
heartyme.net: could not connect to host
heathmanners.com: could not connect to host
heavenlyseals.com: could not connect to host
heavenlysmokenc.com: could not connect to host
heavystresser.com: could not connect to host
+heayao.com: could not connect to host
hebaus.com: could not connect to host
heberut.gov: did not receive HSTS header
hebriff.com: could not connect to host
+hechamano.es: did not receive HSTS header
hectorj.net: could not connect to host
hedweb.com: could not connect to host
heeler.blue: could not connect to host
heeler.red: could not connect to host
heidilein.info: did not receive HSTS header
heimnetze.org: could not connect to host
-heisenberg.co: could not connect to host
+hejahanif.se: could not connect to host
hejsupport.se: could not connect to host
hekeki.com: could not connect to host
hele.cz: could not connect to host
@@ -7611,6 +7894,7 @@ helgakristoffer.wedding: could not connect to host
helicaldash.com: could not connect to host
helixflight.com: did not receive HSTS header
hellenicaward.com: did not receive HSTS header
+hellerup.net: could not connect to host
hello-nestor.com: did not receive HSTS header
helloanselm.com: did not receive HSTS header
hellofilters.com: could not connect to host
@@ -7632,12 +7916,12 @@ helpium.de: did not receive HSTS header
helpmebuild.com: did not receive HSTS header
helppresta.com: did not receive HSTS header
helpverif.com: did not receive HSTS header
-helpwithmybank.gov: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
helsingfors.guide: could not connect to host
helup.com: did not receive HSTS header
hemlockhillscabinrentals.com: did not receive HSTS header
hencagon.com: could not connect to host
hendersonrealestatepros.com: did not receive HSTS header
+hendyisaac.com: did not receive HSTS header
henhenlu.com: could not connect to host
henkbrink.com: did not receive HSTS header
henningkerstan.org: did not receive HSTS header
@@ -7648,25 +7932,25 @@ hentaimaster.net: could not connect to host
hentaiz.net: could not connect to host
hepteract.us: could not connect to host
heptner24.de: could not connect to host
+heracles-hotel.eu: did not receive HSTS header
herbal-id.com: did not receive HSTS header
herbandpat.org: could not connect to host
herbertmouwen.nl: could not connect to host
here.ml: could not connect to host
-here4funpartysolutions.ie: did not receive HSTS header
+here4funpartysolutions.ie: could not connect to host
heribe-maruo.com: did not receive HSTS header
heritagedentistry.ca: did not receive HSTS header
hermann.in: could not connect to host
hermes-servizi.it: could not connect to host
+hermes.cat: could not connect to host
heroin.org.uk: could not connect to host
herpaderp.net: could not connect to host
herr-webdesign.de: could not connect to host
herramientasbazarot.com: did not receive HSTS header
herrenfahrt.com: did not receive HSTS header
herrtxbias.org: could not connect to host
-hethely.ch: did not receive HSTS header
hetmeisjeachterpauw.nl: could not connect to host
hetmer.com: did not receive HSTS header
-hetmer.cz: did not receive HSTS header
hetmer.net: did not receive HSTS header
hetzflix.stream: did not receive HSTS header
heutger.net: did not receive HSTS header
@@ -7675,7 +7959,7 @@ hex.bz: could not connect to host
hex2013.com: did not receive HSTS header
hexacon.io: could not connect to host
hexadecimal.tech: could not connect to host
-hexe.net: did not receive HSTS header
+hexe.net: could not connect to host
hexhu.com: could not connect to host
hexieshe.com: could not connect to host
hexobind.com: could not connect to host
@@ -7708,9 +7992,10 @@ hig.gov: could not connect to host
highgrove.org.uk: could not connect to host
highland-webcams.com: could not connect to host
highlandparkcog.org: did not receive HSTS header
+highlatitudestravel.com: did not receive HSTS header
highperformancehvac.com: did not receive HSTS header
highseer.com: did not receive HSTS header
-highspeedinternetservices.ca: could not connect to host
+highspeedinternetservices.ca: did not receive HSTS header
highsurf-miyazaki.com: could not connect to host
hightechgadgets.net: could not connect to host
hightimes.com: could not connect to host
@@ -7742,9 +8027,9 @@ hiojbk.com: did not receive HSTS header
hipercultura.com: did not receive HSTS header
hiphopconvention.nl: could not connect to host
hipi.jp: could not connect to host
-hipnos.net: did not receive HSTS header
hipnoseinstitute.org: did not receive HSTS header
-hiraku.me: did not receive HSTS header
+hiqfleet.co.uk: did not receive HSTS header
+hiraku.me: could not connect to host
hirefitness.co.uk: did not receive HSTS header
hireprofs.com: could not connect to host
hiresuccessstaffing.com: did not receive HSTS header
@@ -7753,7 +8038,6 @@ hirevets.gov: did not receive HSTS header
hirokilog.com: could not connect to host
hirte-digital.de: did not receive HSTS header
hisingenrunt.se: did not receive HSTS header
-hisnet.de: could not connect to host
histoire-theatre.com: did not receive HSTS header
history.pe: could not connect to host
hitchunion.org: could not connect to host
@@ -7766,13 +8050,15 @@ hjf-immobilien.de: did not receive HSTS header
hjkhs.cn: did not receive HSTS header
hknet.at: did not receive HSTS header
hlacosedora.com: max-age too low: 7889238
+hloe0xff.ru: could not connect to host
hlpublicidad.com: could not connect to host
hlyue.com: did not receive HSTS header
hm1ch.com: could not connect to host
hm1ch.ovh: could not connect to host
hmksq.ae: max-age too low: 7776000
hmm.nyc: could not connect to host
-hoast.xyz: could not connect to host
+hnwebi.com: did not receive HSTS header
+hoast.xyz: did not receive HSTS header
hobaugh.social: could not connect to host
hobby-gamerz-community.de: did not receive HSTS header
hocassian.cn: did not receive HSTS header
@@ -7786,6 +8072,7 @@ hoerbuecher-und-hoerspiele.de: could not connect to host
hoffens.se: could not connect to host
hofiprojekt.cz: did not receive HSTS header
hogar123.es: could not connect to host
+hohm.in: could not connect to host
hoiku-map.tokyo: could not connect to host
hoiku-navi.com: did not receive HSTS header
hokepon.com: did not receive HSTS header
@@ -7800,7 +8087,6 @@ hollandguns.com: did not receive HSTS header
hollerau.de: could not connect to host
holowaty.me: could not connect to host
holstphoto.com: max-age too low: 2592000
-holy-hi.com: did not receive HSTS header
holymoly.lu: could not connect to host
holymolycasinos.com: did not receive HSTS header
homa.website: could not connect to host
@@ -7810,7 +8096,7 @@ home-coaching.be: did not receive HSTS header
home-craft.de: could not connect to host
home-insurance-quotes.tk: could not connect to host
home-v.ind.in: could not connect to host
-home-work-jobs.com: did not receive HSTS header
+home-work-jobs.com: could not connect to host
homeandyarddetailing.com: could not connect to host
homecarpetcleaning.co.uk: could not connect to host
homeclouding.de: could not connect to host
@@ -7823,7 +8109,7 @@ homeownersassociationmanagementla.com: could not connect to host
homeremodelingcontractorsca.com: did not receive HSTS header
homesandal.com: did not receive HSTS header
homeseller.co.uk: could not connect to host
-homesfordinner.ca: could not connect to host
+homesfordinner.ca: did not receive HSTS header
homeyantra.com: did not receive HSTS header
homezhi.com.tw: could not connect to host
homoglyph.net: could not connect to host
@@ -7860,6 +8146,7 @@ horvathtom.com: could not connect to host
horvatnyelvkonyv.hu: could not connect to host
host.black: could not connect to host
hostam.link: could not connect to host
+hostcoz.com: did not receive HSTS header
hosted-oswa.org: did not receive HSTS header
hostedbgp.net: did not receive HSTS header
hostedtalkgadget.google.com: did not receive HSTS header (error ignored - included regardless)
@@ -7879,6 +8166,7 @@ hotchoc.io: could not connect to host
hotel-huberhof.at: did not receive HSTS header
hotel-tongruben.de: max-age too low: 0
hotelaustria-wien.at: did not receive HSTS header
+hotello.io: could not connect to host
hotelmadhuwanvihar.com: could not connect to host
hotelvictoriaoax-mailing.com: could not connect to host
hotelvillahermosa-mailing.com: could not connect to host
@@ -7917,11 +8205,11 @@ hqq.tv: could not connect to host
hr-intranet.com: could not connect to host
hr-tech.store: could not connect to host
hr98.tk: could not connect to host
-hr98.xyz: did not receive HSTS header
+hr98.xyz: could not connect to host
hrackydomino.cz: did not receive HSTS header
hrfhomelottery.com: did not receive HSTS header
hrjfeedstock.com: did not receive HSTS header
-hrk.io: did not receive HSTS header
+hrk.io: could not connect to host
hrtech.store: could not connect to host
hrtraining.com.au: did not receive HSTS header
hru.gov: could not connect to host
@@ -7934,6 +8222,7 @@ hsts-preload-test.xyz: could not connect to host
hsts.com.br: could not connect to host
hsts.date: could not connect to host
hstspreload.me: could not connect to host
+hsulei.com: could not connect to host
hszhyy120.com: could not connect to host
htlball.at: could not connect to host
html-lab.tk: could not connect to host
@@ -7948,10 +8237,8 @@ hua-in.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR
hua-in.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
hua-li88.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
hua-li88.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-huang.nu: could not connect to host
+huang-haitao.com: could not connect to host
huangguancq.com: could not connect to host
-huangh.com: could not connect to host
-huangliangbo.com: did not receive HSTS header
huangting.me: did not receive HSTS header
huangzenghao.com: could not connect to host
huarongdao.com: did not receive HSTS header
@@ -7979,12 +8266,13 @@ humortuga.pt: did not receive HSTS header
hump.dk: could not connect to host
humpi.at: could not connect to host
humpteedumptee.in: did not receive HSTS header
+huniverse.co: could not connect to host
hunqz.com: could not connect to host
hunterjohnson.io: could not connect to host
huodongweb.com: could not connect to host
huoduan.com: did not receive HSTS header
huongquynh.com: could not connect to host
-hup.blue: did not receive HSTS header
+hup.blue: could not connect to host
hurleyhomestead.com: could not connect to host
hurricanelabs.com: did not receive HSTS header
huskybutt.dog: could not connect to host
@@ -7994,6 +8282,7 @@ hustle.life: did not receive HSTS header
huwjones.me: could not connect to host
huzu.com: did not receive HSTS header
huzurmetal.net: could not connect to host
+hveradistributions.com: could not connect to host
hwcine.com: could not connect to host
hwinfo.com: did not receive HSTS header
hwpkasse.de: max-age too low: 2592000
@@ -8009,7 +8298,7 @@ hydra.zone: could not connect to host
hydrabit.nl: did not receive HSTS header
hydrante.ch: could not connect to host
hydrocloud.net: could not connect to host
-hydrodipcenter.nl: did not receive HSTS header
+hydrodipcenter.nl: could not connect to host
hydronium.cf: could not connect to host
hydronium.ga: could not connect to host
hydronium.me: could not connect to host
@@ -8023,17 +8312,15 @@ hymerscollege.co.uk: max-age too low: 43200
hypa.net.au: did not receive HSTS header
hyper-matrix.org: could not connect to host
hyper69.com: could not connect to host
-hyperactive.am: could not connect to host
hyperporn.net: could not connect to host
hyperreal.info: could not connect to host
hypnoresults.com.au: did not receive HSTS header
-hypnos.hu: could not connect to host
+hypnos.hu: did not receive HSTS header
hypotheques24.ch: could not connect to host
hysg.me: could not connect to host
-hysh.jp: could not connect to host
+hytzongxuan.com: did not receive HSTS header
hyvive.com: could not connect to host
hzh.pub: did not receive HSTS header
-i--b.com: did not receive HSTS header
i-jp.net: could not connect to host
i-partners.sk: could not connect to host
i-rickroll-n.pw: could not connect to host
@@ -8047,7 +8334,9 @@ i9multiequipamentos.com.br: did not receive HSTS header
ia1000.com: could not connect to host
iadttaveras.com: could not connect to host
iain.tech: did not receive HSTS header
+iamlbk.com: could not connect to host
iamlizu.com: did not receive HSTS header
+iamlzh.com: did not receive HSTS header
iamokay.nl: did not receive HSTS header
iamreubin.co.uk: did not receive HSTS header
iamsoareyou.se: could not connect to host
@@ -8060,26 +8349,27 @@ ibarf.nl: did not receive HSTS header
ibase.com: did not receive HSTS header
ibenchu.com: did not receive HSTS header
ibestreview.com: did not receive HSTS header
+ibiu.xyz: did not receive HSTS header
ibizatopcharter.com: did not receive HSTS header
ibna.online: could not connect to host
ibnuwebhost.com: could not connect to host
ibnw.de: did not receive HSTS header
ibox.ovh: did not receive HSTS header
ibpegasus.tk: could not connect to host
-ibps.blog: could not connect to host
+ibps.blog: did not receive HSTS header
ibpsrecruitment.co.in: could not connect to host
ibron.co: could not connect to host
ibsafrica.co.za: could not connect to host
ibsglobal.co.za: could not connect to host
icabanken.se: did not receive HSTS header
icaforsakring.se: did not receive HSTS header
-icake.life: could not connect to host
+icake.life: did not receive HSTS header
icasnetwork.com: did not receive HSTS header
+icbemp.gov: could not connect to host
ice.yt: could not connect to host
icebat.dyndns.org: could not connect to host
icebound.cc: did not receive HSTS header
icebound.win: could not connect to host
-icedream.tech: could not connect to host
iceiu.com: could not connect to host
iceloch.com: could not connect to host
icepink.com.br: could not connect to host
@@ -8087,7 +8377,7 @@ icewoman.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERR
icfl.com.br: could not connect to host
ich-find-den-g.net: could not connect to host
ich-mach-druck.eu: did not receive HSTS header
-ichasco.com: could not connect to host
+ichasco.com: did not receive HSTS header
ichnichtskaufmann.de: could not connect to host
ichoosebtec.com: did not receive HSTS header
ichronos.net: did not receive HSTS header
@@ -8109,7 +8399,6 @@ icusignature.com: could not connect to host
icys2017.com: did not receive HSTS header
id-co.in: could not connect to host
id-conf.com: did not receive HSTS header
-idafauziyah.com: could not connect to host
idblab.tk: could not connect to host
idc.yn.cn: could not connect to host
idcrane.com: could not connect to host
@@ -8130,16 +8419,16 @@ idemo.in: could not connect to host
identity-hash.online: could not connect to host
identitylabs.uk: could not connect to host
identitysandbox.gov: could not connect to host
-idgsupply.com: could not connect to host
+idgsupply.com: did not receive HSTS header
idinby.dk: did not receive HSTS header
-idiopolis.org: could not connect to host
+idiopolis.org: did not receive HSTS header
idisplay.es: could not connect to host
idlekernel.com: could not connect to host
idol-bikes.ru: could not connect to host
-idolish7.fun: did not receive HSTS header
idontexist.me: could not connect to host
idsafe.co.za: could not connect to host
idsoccer.com: did not receive HSTS header
+idvl.de: could not connect to host
iec.pe: could not connect to host
iemas.azurewebsites.net: did not receive HSTS header
iemb.cf: could not connect to host
@@ -8165,15 +8454,15 @@ ifxor.com: could not connect to host
igamingforums.com: could not connect to host
igaryhe.io: did not receive HSTS header
igd.chat: could not connect to host
-igforums.com: could not connect to host
-igi.codes: did not receive HSTS header
+igforums.com: did not receive HSTS header
+igi.codes: could not connect to host
igiftcards.nl: did not receive HSTS header
ignatisd.gr: did not receive HSTS header
igule.net: could not connect to host
iha6.com: could not connect to host
+ihatethissh.it: could not connect to host
ihc.im: did not receive HSTS header
ihcr.top: did not receive HSTS header
-ihls.world: could not connect to host
ihls.xyz: did not receive HSTS header
ihongzu.com: could not connect to host
ihrlotto.de: could not connect to host
@@ -8187,15 +8476,18 @@ iilin.com: did not receive HSTS header
iispeed.com: did not receive HSTS header
ijn-dd.nl: could not connect to host
ijoda.com: could not connect to host
+ijr.com: did not receive HSTS header
ike.io: did not receive HSTS header
ikenmeyer.com: could not connect to host
ikenmeyer.eu: could not connect to host
ikocik.sk: could not connect to host
ikon.name: could not connect to host
ikudo.top: could not connect to host
+ikuuuu.com: could not connect to host
ikwilguidobellen.nl: could not connect to host
ikzoekeengoedkopeauto.nl: could not connect to host
ikzoekjeugdhulp.nl: did not receive HSTS header
+ilazycat.com: could not connect to host
ilbuongiorno.it: did not receive HSTS header
ildomani.it: did not receive HSTS header
ileat.com: could not connect to host
@@ -8203,7 +8495,7 @@ ilgi.work: could not connect to host
ilii.me: could not connect to host
ilikerainbows.co: did not receive HSTS header
ilikerainbows.co.uk: could not connect to host
-ilikfreshweedstores.com: did not receive HSTS header
+ilikfreshweedstores.com: could not connect to host
ilmconpm.de: could not connect to host
iloilofit.org: did not receive HSTS header
ilona.graphics: did not receive HSTS header
@@ -8214,6 +8506,7 @@ imadalin.ro: could not connect to host
image.tf: could not connect to host
imagecurl.com: could not connect to host
imagecurl.org: could not connect to host
+imagenesdedibujosalapizfacilesdehacer.com: could not connect to host
imaginarymakings.me: could not connect to host
imakepoems.net: could not connect to host
imanhearts.com: max-age too low: 0
@@ -8263,16 +8556,18 @@ imoner.com: could not connect to host
imoner.ga: could not connect to host
imoni-blog.net: could not connect to host
imoto.me: could not connect to host
+imperdin.com: could not connect to host
imperdintechnologies.com: could not connect to host
imperialonlinestore.com: did not receive HSTS header
imperialwebsolutions.com: did not receive HSTS header
-imperiodigital.online: did not receive HSTS header
imprenta-es.com: did not receive HSTS header
improvingwp.com: could not connect to host
impulse-clan.de: could not connect to host
imu.li: did not receive HSTS header
imusic.dk: did not receive HSTS header
imy.life: did not receive HSTS header
+imydl.com: could not connect to host
+imyjy.cn: could not connect to host
inandeyes.com: did not receive HSTS header
inb4.us: could not connect to host
inbox.li: did not receive HSTS header
@@ -8288,18 +8583,22 @@ indexyz.me: could not connect to host
indiawise.co.uk: could not connect to host
indiecert.net: did not receive HSTS header
indieethos.com: did not receive HSTS header
-indiemods.com: could not connect to host
+indiemods.com: did not receive HSTS header
indien.guide: could not connect to host
indilens.com: did not receive HSTS header
indiraactive.com: could not connect to host
indiroyunu.com: did not receive HSTS header
+indochina.io: could not connect to host
indogerman.de: did not receive HSTS header
indogermantrade.de: could not connect to host
+indoorplantsexpert.com: could not connect to host
indoorskiassen.nl: did not receive HSTS header
indostar303.com: did not receive HSTS header
indredouglas.me: could not connect to host
+indusfastremit.com: could not connect to host
industreiler.com: could not connect to host
industreiler.com.br: could not connect to host
+industriasrenova.com: could not connect to host
industrybazar.com: did not receive HSTS header
ineed.com.mt: could not connect to host
inetpub.cn: could not connect to host
@@ -8325,9 +8624,9 @@ info-bay.com: could not connect to host
info-sys.tk: could not connect to host
infoamin.com: did not receive HSTS header
infocoin.es: did not receive HSTS header
+infopagina.es: could not connect to host
inforichjapan.com: did not receive HSTS header
inforisposte.com: did not receive HSTS header
-informaciondeciclismo.com: did not receive HSTS header
informaticapremium.com: did not receive HSTS header
informatik.zone: could not connect to host
infos-generation.com: did not receive HSTS header
@@ -8337,6 +8636,7 @@ infosoph.org: could not connect to host
infotics.es: did not receive HSTS header
infovae-idf.com: could not connect to host
infoworm.org: could not connect to host
+infr.red: did not receive HSTS header
infradio.am: could not connect to host
infranix.eu: max-age too low: 7360000
infruction.com: could not connect to host
@@ -8369,7 +8669,6 @@ inku.ovh: did not receive HSTS header
inkvisual.tk: could not connect to host
inleaked.com: could not connect to host
inme.ga: did not receive HSTS header
-inmusrv.de: could not connect to host
innerform.com: could not connect to host
innit.be: could not connect to host
innobatics.com: did not receive HSTS header
@@ -8378,7 +8677,6 @@ innovamag.ca: did not receive HSTS header
innovativebuildingsolutions.co.za: could not connect to host
innovativeideaz.org: could not connect to host
innoventure.de: could not connect to host
-innwan.com: could not connect to host
inondation.ch: could not connect to host
inorder.website: could not connect to host
inovatec.com: did not receive HSTS header
@@ -8424,8 +8722,11 @@ intelbet.ro: did not receive HSTS header
intelhost.net: max-age too low: 0
intelldynamics.com: could not connect to host
intelliance.eu: did not receive HSTS header
+interabbit.com: could not connect to host
interboursegeneva.ch: did not receive HSTS header
interchanges.io: max-age too low: 0
+intercom.com: did not receive HSTS header
+intercom.io: did not receive HSTS header
interference.io: did not receive HSTS header
interfloraservices.co.uk: could not connect to host
intergenx.co.uk: could not connect to host
@@ -8437,7 +8738,7 @@ interim-cto.de: could not connect to host
interiorcheapo.com: could not connect to host
interiortradingco.com.au: could not connect to host
interleucina.org: did not receive HSTS header
-interlocal.co.uk: could not connect to host
+interlocal.co.uk: did not receive HSTS header
interlun.com: could not connect to host
intermezzo-emmerich.de: did not receive HSTS header
intermezzo-emmerich.nl: did not receive HSTS header
@@ -8463,10 +8764,12 @@ intim-uslugi-kazan.net: could not connect to host
intimateperrierjouet.com: could not connect to host
intimici.com.br: could not connect to host
intimtoy.com.ua: could not connect to host
+intracom.com: did not receive HSTS header
intranetsec.fr: could not connect to host
intreaba.xyz: could not connect to host
+intrigue3d.com: could not connect to host
+introverted.ninja: did not receive HSTS header
introvertedtravel.space: max-age too low: 0
-intrp.net: did not receive HSTS header
invenio.software: could not connect to host
inventoryexpress.xyz: could not connect to host
inverselink.com: could not connect to host
@@ -8481,17 +8784,17 @@ invinsec.com: max-age too low: 86400
invis.net: could not connect to host
invitation-factory.tk: could not connect to host
invite24.pro: could not connect to host
-invitescene.com: did not receive HSTS header
invuelto.com: did not receive HSTS header
iodev.nl: could not connect to host
iodice.org: did not receive HSTS header
iodu.re: could not connect to host
+ioerror.us: did not receive HSTS header
ioiart.eu: could not connect to host
iolife.dk: could not connect to host
ionas-law.ro: did not receive HSTS header
ionc.ca: could not connect to host
ionote.me: could not connect to host
-iop.intuit.com: did not receive HSTS header
+iop.intuit.com: max-age too low: 86400
iora.fr: could not connect to host
iostips.ru: could not connect to host
iotfen.com: could not connect to host
@@ -8506,8 +8809,9 @@ ipcfg.me: could not connect to host
ipfp.pl: did not receive HSTS header
iphonechina.net: could not connect to host
iphoneportfolioapp.com: did not receive HSTS header
+ipid.me: could not connect to host
+iplabs.de: did not receive HSTS header
iplife.cn: could not connect to host
-iplog.info: could not connect to host
ipmimagazine.com: did not receive HSTS header
ipmotion.ca: could not connect to host
ipnetworking.net: could not connect to host
@@ -8521,21 +8825,25 @@ iprice.vn: did not receive HSTS header
ipricethailand.com: did not receive HSTS header
iprody.com: could not connect to host
ipsilon-project.org: did not receive HSTS header
+ipstoragesolutions.com: did not receive HSTS header
iptel.ro: could not connect to host
+iptvmakedonija.mk: did not receive HSTS header
ipuservicedesign.com: could not connect to host
ipv6.watch: did not receive HSTS header
ipv6cloud.club: could not connect to host
ipv6demo.de: could not connect to host
ipv6only.network: could not connect to host
+ipv8.net: could not connect to host
ipvsec.nl: could not connect to host
iqcn.co: could not connect to host
iqualtech.com: max-age too low: 7889238
ir-saitama.com: could not connect to host
iran-geo.com: could not connect to host
iran-poll.org: max-age too low: 0
-irandp.net: did not receive HSTS header
+irandp.net: could not connect to host
iranianlawschool.com: could not connect to host
iraqidinar.org: did not receive HSTS header
+irasandi.com: could not connect to host
irazimina.ru: did not receive HSTS header
irccloud.com: did not receive HSTS header
ircmett.de: did not receive HSTS header
@@ -8546,7 +8854,6 @@ irische-segenswuensche.info: could not connect to host
irisdina.de: could not connect to host
irishmusic.nu: did not receive HSTS header
irland.guide: could not connect to host
-irmag.ru: did not receive HSTS header
irmtrudjurke.de: did not receive HSTS header
irodorinet.com: max-age too low: 0
iron-guard.net: did not receive HSTS header
@@ -8570,10 +8877,11 @@ isdf.me: could not connect to host
isdown.cz: could not connect to host
isef-eg.com: did not receive HSTS header
iserv.fr: did not receive HSTS header
+isfff.com: could not connect to host
isfriday.com: could not connect to host
ishadowsocks.ltd: could not connect to host
+ishet.al: max-age too low: 0
ishillaryclintoninprisonyet.com: could not connect to host
-ishome.org: could not connect to host
isidom.fr: did not receive HSTS header
isipulsa.web.id: did not receive HSTS header
isisfighters.info: could not connect to host
@@ -8589,11 +8897,10 @@ islandpumpandtank.com: did not receive HSTS header
islandzero.net: could not connect to host
islazia.fr: did not receive HSTS header
isntall.us: did not receive HSTS header
-isocom.eu: could not connect to host
+isocom.eu: did not receive HSTS header
isoface33.fr: did not receive HSTS header
isogen5.com: could not connect to host
isogram.nl: did not receive HSTS header
-isondo.com: could not connect to host
isoroc-nidzica.pl: could not connect to host
ispringcloud.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
ispweb.es: did not receive HSTS header
@@ -8607,35 +8914,33 @@ istgame.com: did not receive HSTS header
isthefieldcontrolsystemdown.com: could not connect to host
istherrienstillcoach.com: could not connect to host
isv.online: did not receive HSTS header
+iszy.me: could not connect to host
it-cave.com: could not connect to host
it-enthusiasts.tech: could not connect to host
it-go.net: did not receive HSTS header
-it-kron.de: did not receive HSTS header
it-labor.info: did not receive HSTS header
it-schwerin.de: could not connect to host
-it1b.com: could not connect to host
itad.top: could not connect to host
itblog.pp.ua: did not receive HSTS header
itbrief.co.nz: did not receive HSTS header
itbrief.com.au: did not receive HSTS header
itchimes.com: did not receive HSTS header
-itchy.nl: could not connect to host
itchybrainscentral.com: could not connect to host
itds-consulting.com: could not connect to host
itds-consulting.cz: could not connect to host
itds-consulting.eu: could not connect to host
itechgeek.com: did not receive HSTS header
-iteli.eu: did not receive HSTS header
items.lv: did not receive HSTS header
itemton.com: could not connect to host
-iterror.co: could not connect to host
+iterasoft.de: did not receive HSTS header
itfaq.nl: did not receive HSTS header
-itfensi.net: max-age too low: 6307200
+itfensi.net: could not connect to host
itforcc.com: did not receive HSTS header
ithakama.com: could not connect to host
itinsight.hu: did not receive HSTS header
itiomassagem.com.br: did not receive HSTS header
itisjustnot.cricket: could not connect to host
+itmanie.cz: could not connect to host
itnews-bg.com: could not connect to host
itogoyomi.com: did not receive HSTS header
itos.asia: did not receive HSTS header
@@ -8647,6 +8952,7 @@ itrack.in.th: did not receive HSTS header
itriskltd.com: did not receive HSTS header
its-schindler.de: could not connect to host
its-v.de: could not connect to host
+its4living.com: could not connect to host
itsadog.co.uk: did not receive HSTS header
itsagadget.com: did not receive HSTS header
itsamurai.ru: max-age too low: 2592000
@@ -8656,6 +8962,7 @@ itsg-faq.de: could not connect to host
itshka.rv.ua: max-age too low: 604800
itshost.ru: could not connect to host
itsmejohn.org: could not connect to host
+itspartytimesweetinflations.com: could not connect to host
itsupport-luzern.ch: could not connect to host
ittop-gabon.com: could not connect to host
itu2015.de: could not connect to host
@@ -8682,9 +8989,14 @@ ixec2.tk: could not connect to host
ixh.me: did not receive HSTS header
ixio.cz: could not connect to host
izdiwho.com: could not connect to host
+izevg.ru: could not connect to host
+izhaojie.com: could not connect to host
izolight.ch: could not connect to host
izonemart.com: did not receive HSTS header
izoox.com: did not receive HSTS header
+izxxs.com: could not connect to host
+izxxs.net: could not connect to host
+izxzw.net: could not connect to host
izzzorgconcerten.nl: could not connect to host
j-eck.nl: did not receive HSTS header
j-lsolutions.com: could not connect to host
@@ -8693,6 +9005,7 @@ j0ng.xyz: could not connect to host
j15t98j.co.uk: did not receive HSTS header
j2ee.cz: could not connect to host
j8y.de: did not receive HSTS header
+ja-publications.agency: did not receive HSTS header
ja-publications.com: did not receive HSTS header
jaan.su: could not connect to host
jaaxypro.com: could not connect to host
@@ -8704,7 +9017,7 @@ jackops.com: could not connect to host
jackrusselterrier.com.br: could not connect to host
jackyyf.com: could not connect to host
jaco.by: could not connect to host
-jacobparry.ca: max-age too low: 0
+jacobparry.ca: did not receive HSTS header
jadara.info: could not connect to host
jaepinformatica.com: did not receive HSTS header
jagido.de: did not receive HSTS header
@@ -8726,7 +9039,7 @@ jamberry.com.mx: could not connect to host
james-parker.com: did not receive HSTS header
james.je: could not connect to host
jamesandanneke.com: could not connect to host
-jamesbradach.com: could not connect to host
+jamesbradach.com: did not receive HSTS header
jamesburton.london: could not connect to host
jamesbywater.co.uk: could not connect to host
jamesbywater.com: could not connect to host
@@ -8763,13 +9076,15 @@ janmachynka.cz: could not connect to host
janmg.com: could not connect to host
janosh.com: did not receive HSTS header
janssen.fm: could not connect to host
+janssenwigman.nl: did not receive HSTS header
janus-engineering.de: did not receive HSTS header
janverlaan.nl: did not receive HSTS header
jap-nope.de: did not receive HSTS header
japan4you.org: did not receive HSTS header
japanbaths.com: did not receive HSTS header
-japaneseemoticons.org: did not receive HSTS header
+japaneseemoticons.org: could not connect to host
japanesenames.biz: did not receive HSTS header
+japangids.nl: max-age too low: 86400
japansm.com: could not connect to host
japanwide.net: did not receive HSTS header
japaripark.com: could not connect to host
@@ -8782,17 +9097,20 @@ jaredfraser.com: could not connect to host
jarivisual.com: could not connect to host
jarl.ninja: could not connect to host
jarnail.ca: could not connect to host
+jaroslavc.eu: could not connect to host
jaroslavtrsek.cz: did not receive HSTS header
jarrodcastaing.com: did not receive HSTS header
jarrodcastaing.com.au: did not receive HSTS header
jarsater.com: could not connect to host
jartza.org: could not connect to host
+jasl.works: could not connect to host
jasmineconseil.com: did not receive HSTS header
jasoncosper.com: did not receive HSTS header
jasonian-photo.com: could not connect to host
jasonradin.com: did not receive HSTS header
jasonrobinson.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
jasonroe.me: did not receive HSTS header
+jasonsansone.com: could not connect to host
jasonwindholz.com: could not connect to host
jastoria.pl: did not receive HSTS header
jastrow.me: did not receive HSTS header
@@ -8800,18 +9118,19 @@ jateng.press: could not connect to host
jav-collective.com: could not connect to host
java-board.com: could not connect to host
javachip.win: could not connect to host
-javan.ga: could not connect to host
+javan.ga: did not receive HSTS header
javascriptlab.fr: could not connect to host
javelinsms.com: could not connect to host
javfree.me: could not connect to host
javiermixdjs.com: did not receive HSTS header
+javik.net: did not receive HSTS header
javilacat.info: could not connect to host
jawn.ca: could not connect to host
jawnelodzkie.org.pl: could not connect to host
jaxageto.de: did not receive HSTS header
jayblock.com: did not receive HSTS header
jayharris.ca: could not connect to host
-jaylen.com.ar: did not receive HSTS header
+jaylen.com.ar: could not connect to host
jayna.design: did not receive HSTS header
jayschulman.com: did not receive HSTS header
jayscoaching.com: could not connect to host
@@ -8839,14 +9158,13 @@ jcyz.cf: could not connect to host
jdav-leipzig.de: could not connect to host
jdcdirectsales.com.ph: could not connect to host
jdfk.net: could not connect to host
-jdgonzalez95.com: did not receive HSTS header
+jdgonzalez95.com: could not connect to host
jdh8.org: did not receive HSTS header
-jdsf.tk: did not receive HSTS header
+jdsf.tk: could not connect to host
jean-remy.ch: could not connect to host
jebengotai.com: did not receive HSTS header
-jec-dekrone.be: did not receive HSTS header
-jecho.cn: could not connect to host
jedayoshi.me: could not connect to host
+jedayoshi.tk: could not connect to host
jeepmafia.com: did not receive HSTS header
jeff.forsale: did not receive HSTS header
jeff.is: could not connect to host
@@ -8854,12 +9172,13 @@ jeff393.com: could not connect to host
jeffanderson.me: did not receive HSTS header
jeffersonregan.org: could not connect to host
jeffhuxley.com: could not connect to host
+jeffmcneill.com: did not receive HSTS header
jeffreymagee.com: did not receive HSTS header
jeil-makes.co.kr: could not connect to host
jelewa.de: did not receive HSTS header
-jelleglebbeek.com: max-age too low: 0
jellow.nl: did not receive HSTS header
jemoticons.com: did not receive HSTS header
+jena.space: could not connect to host
jenjoit.de: could not connect to host
jennedebleser.com: did not receive HSTS header
jenniferchan.id.au: could not connect to host
@@ -8868,12 +9187,14 @@ jennybeaned.com: did not receive HSTS header
jens-prangenberg.de: did not receive HSTS header
jens.hk: could not connect to host
jensenbanden.no: could not connect to host
-jenssen.org: could not connect to host
+jenssen.org: did not receive HSTS header
+jeparamedia.com: did not receive HSTS header
jeremye77.com: did not receive HSTS header
jeremymade.com: did not receive HSTS header
jeremywagner.me: did not receive HSTS header
jermann.biz: did not receive HSTS header
jeroenensanne.wedding: could not connect to host
+jeroensangers.com: could not connect to host
jeroenvanderwal.nl: did not receive HSTS header
jeroldirvin.com: did not receive HSTS header
jerrypau.ca: could not connect to host
@@ -8899,7 +9220,6 @@ jewellerymarvels.com: did not receive HSTS header
jez.nl: could not connect to host
jfmel.com: did not receive HSTS header
jfnllc.com: could not connect to host
-jfr.im: did not receive HSTS header
jfx.space: did not receive HSTS header
jh-media.eu: could not connect to host
jhburton.co.uk: could not connect to host
@@ -8915,17 +9235,19 @@ jiangzequn.com: could not connect to host
jiangzm.com: could not connect to host
jianjiantv.com: could not connect to host
jiaqiang.vip: could not connect to host
+jiazhao.ga: could not connect to host
jichi.me: could not connect to host
jie.dance: could not connect to host
jief.me: could not connect to host
jigsawdevelopments.com: could not connect to host
jiid.ga: could not connect to host
jikegu.com: could not connect to host
-jikken.de: could not connect to host
+jikken.de: did not receive HSTS header
jimas.eu: did not receive HSTS header
jimenacocina.com: did not receive HSTS header
jimgao.tk: did not receive HSTS header
jimmehcai.com: could not connect to host
+jimmycn.com: could not connect to host
jimmynelson.com: did not receive HSTS header
jinancy.fr: could not connect to host
jing-in.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -8949,8 +9271,10 @@ jkest.cc: could not connect to host
jkng.eu: could not connect to host
jko.works: could not connect to host
jkuvw.xyz: could not connect to host
+jkyuan.tk: could not connect to host
jldp.org: did not receive HSTS header
jlhmedia.com: did not receive HSTS header
+jlot.org: did not receive HSTS header
jm06.com: did not receive HSTS header
jm22.com: could not connect to host
jmb.lc: could not connect to host
@@ -8986,6 +9310,8 @@ joefixit.co.uk: could not connect to host
joelgonewild.com: did not receive HSTS header
joerg-wellpott.de: did not receive HSTS header
joetyson.io: could not connect to host
+joeyfelix.com: could not connect to host
+joeyvilaro.com: could not connect to host
johand.io: could not connect to host
johannaojanen.com: could not connect to host
johannes-bugenhagen.de: did not receive HSTS header
@@ -8994,8 +9320,7 @@ johnbrownphotography.ch: did not receive HSTS header
johncardell.com: did not receive HSTS header
johners.me: could not connect to host
johngaltgroup.com: did not receive HSTS header
-johnhgaunt.com: did not receive HSTS header
-johnmichel.org: could not connect to host
+johngo.tk: did not receive HSTS header
johnmorganpartnership.co.uk: did not receive HSTS header
johnrom.com: could not connect to host
johntomasowa.com: could not connect to host
@@ -9007,15 +9332,19 @@ jonarcher.info: did not receive HSTS header
jonas-keidel.de: did not receive HSTS header
jonasgroth.se: did not receive HSTS header
jonathan.ir: could not connect to host
+jonathancarter.org: could not connect to host
jonathandowning.uk: did not receive HSTS header
jonathanmassacand.ch: could not connect to host
jonathanreyes.com: did not receive HSTS header
jonathansanchez.pro: could not connect to host
+jonathanselea.se: did not receive HSTS header
jonesopolis.xyz: could not connect to host
+jonferwerda.net: could not connect to host
jonfor.net: could not connect to host
jongha.me: could not connect to host
jonn.me: could not connect to host
jonnichols.info: could not connect to host
+jons.org: could not connect to host
jonsno.ws: could not connect to host
joostbovee.nl: did not receive HSTS header
jooto.com: did not receive HSTS header
@@ -9031,12 +9360,10 @@ jornadasciberdefensa2016.es: could not connect to host
jorovik.com: did not receive HSTS header
jorrit.info: max-age too low: 0
josahrens.me: could not connect to host
-josc.com.au: could not connect to host
jose.eti.br: did not receive HSTS header
joseaveleira.es: did not receive HSTS header
josecage.com: could not connect to host
josegerber.ch: did not receive HSTS header
-josemikkola.fi: could not connect to host
josericaurte.com: could not connect to host
joshi.su: could not connect to host
joshplant.co.uk: could not connect to host
@@ -9061,22 +9388,25 @@ jptun.com: could not connect to host
jrgold.me: could not connect to host
jrmd.io: could not connect to host
jrvar.com: could not connect to host
+js3311.com: could not connect to host
js88.sg: could not connect to host
+js93029.com: could not connect to host
jsanders.us: did not receive HSTS header
jsbentertainment.nl: could not connect to host
jsbevents.nl: could not connect to host
jsblights.nl: could not connect to host
jsc7776.com: could not connect to host
jsdelivr.net: could not connect to host
+jsevilleja.org: could not connect to host
jsg-technologies.de: did not receive HSTS header
jsjyhzy.cc: could not connect to host
jslidong.top: did not receive HSTS header
json-viewer.com: did not receive HSTS header
jstelecom.com.br: did not receive HSTS header
-jstore.ch: could not connect to host
jsuse.xyz: could not connect to host
jsvr.tk: could not connect to host
jsxc.ch: could not connect to host
+jtcat.com: could not connect to host
jtcjewelry.com: could not connect to host
ju1ro.de: could not connect to host
jualautoclave.com: did not receive HSTS header
@@ -9089,6 +9419,7 @@ jucktehkeinen.de: did not receive HSTS header
juiced.gs: did not receive HSTS header
juka.pp.ua: could not connect to host
julegoerke.de: did not receive HSTS header
+julenlanda.com: could not connect to host
juliamweber.de: could not connect to host
julian-kipka.de: did not receive HSTS header
julian-witusch.de: could not connect to host
@@ -9108,17 +9439,18 @@ jumping-duck.com: could not connect to host
jumpman-iphone-design.de: could not connect to host
junaos.com: did not receive HSTS header
junaos.xyz: did not receive HSTS header
+junctioncitywisconsin.gov: could not connect to host
jundimax.com.br: could not connect to host
junge-selbsthilfe.info: could not connect to host
jungleculture.co.za: did not receive HSTS header
junglegoat.xyz: did not receive HSTS header
+junias-fenske.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
juniwalk.cz: could not connect to host
junjung.me: could not connect to host
junoaroma.com: could not connect to host
junqtion.com: could not connect to host
-jupp0r.de: did not receive HSTS header
+jupp0r.de: could not connect to host
juridiqueo.com: did not receive HSTS header
-jurisprudent.by: did not receive HSTS header
juristas.com.br: did not receive HSTS header
juristeo.com: did not receive HSTS header
jurke.com: did not receive HSTS header
@@ -9127,29 +9459,30 @@ just-english.online: did not receive HSTS header
just-pools.co.za: could not connect to host
just2trade.com: did not receive HSTS header
justbelieverecovery.com: did not receive HSTS header
-justiceforfathers.com: could not connect to host
+justiceforfathers.com: did not receive HSTS header
justiceo.org: did not receive HSTS header
justinellingwood.com: could not connect to host
+justinharrison.ca: could not connect to host
justinlemay.com: could not connect to host
justinrudio.com: did not receive HSTS header
justlikethat.hosting: did not receive HSTS header
justmy.website: did not receive HSTS header
justnaw.co.uk: could not connect to host
-justonce.net: could not connect to host
justudin.com: did not receive HSTS header
justwood.cz: did not receive HSTS header
justzz.xyz: could not connect to host
jutella.de: did not receive HSTS header
juul.xyz: could not connect to host
-juventusclublugano.ch: could not connect to host
+juventusclublugano.ch: did not receive HSTS header
juventusmania1897.com: could not connect to host
juwairen.cn: could not connect to host
juzgalo.com: did not receive HSTS header
+jva-wuerzburg.de: could not connect to host
jvn.com: did not receive HSTS header
-jvoice.net: could not connect to host
+jvoice.net: did not receive HSTS header
+jwallet.cc: did not receive HSTS header
jwilsson.me: could not connect to host
jwolt-lx.com: could not connect to host
-jxir.de: could not connect to host
jysperm.me: did not receive HSTS header
jzachpearson.com: max-age too low: 0
jzcapital.co: could not connect to host
@@ -9158,21 +9491,21 @@ k-dev.de: could not connect to host
k-rickroll-g.pw: could not connect to host
k-wallet.com: could not connect to host
k1cp.com: could not connect to host
-k33k00.com: did not receive HSTS header
+k3508.com: could not connect to host
k38.cc: could not connect to host
ka-clan.com: could not connect to host
kaanduman.com: could not connect to host
kaasbijwijn.nl: did not receive HSTS header
kaashosting.nl: did not receive HSTS header
+kabarlinux.id: could not connect to host
kabinapp.com: did not receive HSTS header
kabuabc.com: could not connect to host
-kabus.org: could not connect to host
kackscharf.de: could not connect to host
kadioglumakina.com.tr: did not receive HSTS header
kadmec.com: did not receive HSTS header
kaela.design: could not connect to host
kahopoon.net: could not connect to host
-kai.cool: did not receive HSTS header
+kai.cool: could not connect to host
kaibol.com: could not connect to host
kaika-facilitymanagement.de: could not connect to host
kaika-hms.de: did not receive HSTS header
@@ -9200,6 +9533,7 @@ kambodja.guide: could not connect to host
kamcvicit.sk: could not connect to host
kamikano.com: could not connect to host
kamitech.ch: could not connect to host
+kampunginggris-ue.com: could not connect to host
kanada.guide: could not connect to host
kanagawachuo-hospital.jp: could not connect to host
kanar.nl: could not connect to host
@@ -9212,7 +9546,6 @@ kanganer.com: could not connect to host
kangzaber.com: could not connect to host
kaniklani.co.za: did not receive HSTS header
kanmitao.com: did not receive HSTS header
-kannchen.de: could not connect to host
kanotijd.nl: could not connect to host
kanr.in: could not connect to host
kanscooking.org: could not connect to host
@@ -9225,7 +9558,8 @@ kaomojis.net: did not receive HSTS header
kaotik4266.com: could not connect to host
kapiorr.duckdns.org: could not connect to host
kaplatz.is: could not connect to host
-kapo.info: could not connect to host
+kaplatzis.com: could not connect to host
+kapo.info: did not receive HSTS header
kappit.dk: could not connect to host
kapucini.si: max-age too low: 0
kaputt.com: could not connect to host
@@ -9245,6 +9579,7 @@ karpanhellas.com: could not connect to host
kars.ooo: could not connect to host
karting34.com: did not receive HSTS header
karuneshjohri.com: could not connect to host
+kasadara.com: did not receive HSTS header
kashdash.ca: could not connect to host
kashis.com.au: max-age too low: 0
kat.al: could not connect to host
@@ -9261,7 +9596,7 @@ katproxy.site: could not connect to host
katproxy.tech: could not connect to host
katproxy.top: could not connect to host
katrinjanke.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-kattenfun.be: did not receive HSTS header
+kattenfun.be: could not connect to host
kattenfun.nl: could not connect to host
katthewaffle.fr: could not connect to host
katzen.me: could not connect to host
@@ -9274,7 +9609,7 @@ kausta.me: could not connect to host
kaverti.com: did not receive HSTS header
kavik.no: could not connect to host
kavinvin.me: could not connect to host
-kawaiii.link: did not receive HSTS header
+kawaii.io: could not connect to host
kawaiiku.com: could not connect to host
kawaiiku.de: could not connect to host
kaydan.io: could not connect to host
@@ -9285,7 +9620,6 @@ kaysis.gov.tr: did not receive HSTS header
kazamasion.com: could not connect to host
kazanasolutions.de: could not connect to host
kazenojiyu.fr: did not receive HSTS header
-kazumi.ooo: could not connect to host
kbfl.org: could not connect to host
kcluster.io: could not connect to host
kcptun.com: could not connect to host
@@ -9299,7 +9633,8 @@ keechain.io: could not connect to host
keeley.gq: could not connect to host
keeley.ml: could not connect to host
keeleysam.me: could not connect to host
-keepaa.com: could not connect to host
+keematdekho.com: could not connect to host
+keepaa.com: did not receive HSTS header
keepassa.co: could not connect to host
keepclean.me: could not connect to host
keepcoalintheground.org: could not connect to host
@@ -9316,6 +9651,7 @@ kelm.me: could not connect to host
kelmarsafety.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
kelp.agency: did not receive HSTS header
ken-electric.com.br: could not connect to host
+kenbillionsyuan.tk: could not connect to host
kenc.dk: max-age too low: 2592000
kenchristensen.dk: max-age too low: 2592000
kenderbeton-magyarorszag.hu: did not receive HSTS header
@@ -9340,16 +9676,16 @@ keskeces.com: did not receive HSTS header
kessel-runners.com: could not connect to host
kesteren.com: could not connect to host
kevindekoninck.com: could not connect to host
-kevinfoley.cc: could not connect to host
-kevinfoley.org: could not connect to host
+kevinheslinphoto.com: did not receive HSTS header
kevinmoreland.com: could not connect to host
kevinroebert.de: did not receive HSTS header
kevlar.pw: did not receive HSTS header
kewego.co.uk: could not connect to host
keymaster.lookout.com: did not receive HSTS header
-keys.fedoraproject.org: could not connect to host
+keypersonins.com: did not receive HSTS header
keyserver.sexy: could not connect to host
kfbrussels.be: could not connect to host
+kfm.ink: did not receive HSTS header
kg-rating.com: could not connect to host
kgb.us: did not receive HSTS header
kgregorczyk.pl: could not connect to host
@@ -9375,11 +9711,15 @@ kiel-media.de: did not receive HSTS header
kielderweather.org.uk: did not receive HSTS header
kielwi.gov: could not connect to host
kienlen.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+kieran.ie: could not connect to host
+kieranjones.uk: could not connect to host
kieranweightman.me: could not connect to host
kiesuwcursus.nl: did not receive HSTS header
kievradio.com: could not connect to host
+kikimilyatacado.com.br: could not connect to host
kikuzuki.org: could not connect to host
kiladera.be: did not receive HSTS header
+kilerd.me: could not connect to host
kill-paff.com: did not receive HSTS header
kimana.pe: did not receive HSTS header
kimberg.co.uk: did not receive HSTS header
@@ -9410,7 +9750,7 @@ kinnon.enterprises: could not connect to host
kinow.com: did not receive HSTS header
kinsmenhomelottery.com: did not receive HSTS header
kintoandar.com: max-age too low: 0
-kintrip.com: did not receive HSTS header
+kintrip.com: could not connect to host
kintzingerfilm.de: did not receive HSTS header
kionetworks.com: did not receive HSTS header
kipin.fr: did not receive HSTS header
@@ -9423,13 +9763,14 @@ kirillpokrovsky.de: could not connect to host
kirito.kr: did not receive HSTS header
kirkforsenate.com: could not connect to host
kirkpatrickdavis.com: could not connect to host
-kirrie.pe.kr: could not connect to host
+kis-toitoidixi.de: could not connect to host
kisa.io: could not connect to host
kiss-register.org: could not connect to host
kissart.net: could not connect to host
kissesb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
kissesb.net: could not connect to host
kisskiss.ch: could not connect to host
+kissoft.ro: could not connect to host
kisstube.tv: could not connect to host
kisstyle.ru: did not receive HSTS header
kisun.co.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -9439,8 +9780,8 @@ kitakemon.com: could not connect to host
kitashop.com.br: could not connect to host
kitatec.com.br: could not connect to host
kitchenaccessories.pro: did not receive HSTS header
-kitchenalley.ca: could not connect to host
-kitchenalley.com: could not connect to host
+kitchenalley.ca: max-age too low: 86400
+kitchenalley.com: max-age too low: 86400
kitchenchaos.de: could not connect to host
kitegarage.eu: did not receive HSTS header
kiteschoolamsterdam.nl: could not connect to host
@@ -9462,8 +9803,9 @@ kj1396.net: did not receive HSTS header
kj1397.com: did not receive HSTS header
kjaermaxi.me: did not receive HSTS header
kjg-bachrain.de: could not connect to host
+kjg-ummeln.de: did not receive HSTS header
kjoglum.me: could not connect to host
-kkomputer.net: could not connect to host
+kkomputer.net: did not receive HSTS header
kkull.tv: could not connect to host
kkws.co: could not connect to host
klantenadvies.nl: did not receive HSTS header
@@ -9474,6 +9816,7 @@ klauwd.com: could not connect to host
klaxn.org: could not connect to host
klean-ritekc.com: did not receive HSTS header
kleberstoff.xyz: could not connect to host
+kleding.website: did not receive HSTS header
kleertjesvoordelig.nl: could not connect to host
kleidertauschpartys.de: could not connect to host
kleinerarchitekturfuehrer.de: could not connect to host
@@ -9484,6 +9827,7 @@ kletterkater.com: did not receive HSTS header
klicktojob.de: could not connect to host
klingeletest.de: could not connect to host
klingsundet.no: did not receive HSTS header
+klinkerstreet.com.ua: did not receive HSTS header
kliqsd.com: could not connect to host
kloentrup.de: max-age too low: 604800
klotz-labs.com: max-age too low: 7889238
@@ -9493,9 +9837,9 @@ km-net.pl: did not receive HSTS header
kmdev.me: did not receive HSTS header
knapen.io: max-age too low: 604800
knccloud.com: could not connect to host
-knegten-agilis.com: could not connect to host
kneipi.de: did not receive HSTS header
kngk-azs.ru: could not connect to host
+kniga.market: could not connect to host
knigadel.com: did not receive HSTS header
knightsbridgegroup.org: could not connect to host
knightsweep.com: could not connect to host
@@ -9512,7 +9856,10 @@ koddsson.com: did not receive HSTS header
kodexplorer.ml: could not connect to host
kodiaklabs.org: could not connect to host
kodokushi.fr: could not connect to host
+koehn.com: could not connect to host
+koelbli.ch: could not connect to host
koen.io: max-age too low: 86400
+koenen-bau.de: did not receive HSTS header
koenvdheuvel.me: could not connect to host
koerper-wie-seele.de: did not receive HSTS header
koerperimpuls.ch: did not receive HSTS header
@@ -9524,20 +9871,22 @@ kokenmetaanbiedingen.nl: could not connect to host
kokoiroworks.com: could not connect to host
kola-entertainments.de: did not receive HSTS header
kolania.com: could not connect to host
-kolania.net: could not connect to host
kolaykaydet.com: could not connect to host
kolbeck.tk: could not connect to host
kollawat.me: could not connect to host
kolozsvaricsuhe.hu: did not receive HSTS header
+kombidorango.com.br: did not receive HSTS header
komikito.com: could not connect to host
kompetenzwerft.de: did not receive HSTS header
konata.us: could not connect to host
kongbaofang.com: could not connect to host
konicaprinterdriver.com: could not connect to host
konings.it: could not connect to host
+konkai.store: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
konkurs.ba: could not connect to host
kontakthuman.hu: did not receive HSTS header
kontaxis.network: could not connect to host
+kontrolapovinnosti.cz: did not receive HSTS header
konventseliten.se: could not connect to host
koop-bremen.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
koopjesnel.nl: could not connect to host
@@ -9545,6 +9894,7 @@ koordinate.net: could not connect to host
kopio.jp: did not receive HSTS header
koppelvlak.net: could not connect to host
kopular.com: could not connect to host
+koretech.nl: could not connect to host
kori.ml: did not receive HSTS header
koriyoukai.net: did not receive HSTS header
kornersafe.com: did not receive HSTS header
@@ -9554,7 +9904,7 @@ kostuumstore.nl: could not connect to host
kostya.net: did not receive HSTS header
kotakoo.id: could not connect to host
kotausaha.com: could not connect to host
-kotelezobiztositas.eu: could not connect to host
+kotelezobiztositas.eu: did not receive HSTS header
kotomei.moe: could not connect to host
kotonehoko.net: could not connect to host
kotorimusic.ga: could not connect to host
@@ -9564,6 +9914,7 @@ koukni.cz: did not receive HSTS header
kourpe.online: could not connect to host
kousaku.jp: could not connect to host
kovnsk.net: could not connect to host
+kovuthehusky.com: did not receive HSTS header
kozmik.co: could not connect to host
kpdyer.com: did not receive HSTS header
kpebetka.net: did not receive HSTS header
@@ -9575,7 +9926,7 @@ kraigwalker.com: could not connect to host
kraiwan.com: did not receive HSTS header
krasavchik.by: could not connect to host
krasota.ru: did not receive HSTS header
-krausen.ca: did not receive HSTS header
+krausen.ca: could not connect to host
krausoft.hu: did not receive HSTS header
kravelindo-adventure.com: could not connect to host
kraynik.com: could not connect to host
@@ -9586,7 +9937,7 @@ kreb.io: could not connect to host
kredietpaspoort.nl: could not connect to host
kredite.sale: could not connect to host
kredite24.de: did not receive HSTS header
-kreditkarte-fuer-backpacker.de: did not receive HSTS header
+kreditkarte-fuer-backpacker.de: could not connect to host
krestanskydarek.cz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
kreza.de: could not connect to host
kriegskindernothilfe.de: could not connect to host
@@ -9605,14 +9956,12 @@ kroodle.nl: did not receive HSTS header
krouzkyliduska.cz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
kruegerrand-wert.de: did not receive HSTS header
krunut.com: did not receive HSTS header
-krusesec.com: could not connect to host
kryha.io: did not receive HSTS header
krypteia.org: could not connect to host
-kryptomech.com: could not connect to host
kryptomodkingz.com: could not connect to host
-ks88.com: could not connect to host
ksfh-mail.de: could not connect to host
ksk-agentur.de: did not receive HSTS header
+kspg.tv: could not connect to host
kstan.me: could not connect to host
kswcosmetics.com: could not connect to host
kswriter.com: could not connect to host
@@ -9622,10 +9971,9 @@ kuba.guide: could not connect to host
kubiwa.net: could not connect to host
kubusadvocaten.nl: could not connect to host
kuchenschock.de: did not receive HSTS header
-kucheryavenkovn.ru: did not receive HSTS header
+kucheryavenkovn.ru: could not connect to host
kucom.it: did not receive HSTS header
-kueche-co.de: max-age too low: 9190324
-kuechenplan.online: could not connect to host
+kuechenplan.online: did not receive HSTS header
kueulangtahunanak.net: could not connect to host
kuko-crews.org: could not connect to host
kultmobil.se: did not receive HSTS header
@@ -9638,9 +9986,10 @@ kunstfehler.at: did not receive HSTS header
kunstschule-krabax.de: did not receive HSTS header
kuops.com: did not receive HSTS header
kupdokuchyne.cz: could not connect to host
-kupelne-ptacek.sk: could not connect to host
+kupelne-ptacek.sk: did not receive HSTS header
kuppingercole.com: did not receive HSTS header
kura.io: could not connect to host
+kurashino-mall.com: could not connect to host
kurehun.org: could not connect to host
kuro346.moe: could not connect to host
kuroisalva.xyz: did not receive HSTS header
@@ -9652,17 +10001,16 @@ kurumi.io: did not receive HSTS header
kurz.pw: could not connect to host
kurzonline.com.br: could not connect to host
kuwago.io: could not connect to host
-kuzdrowiu24.pl: did not receive HSTS header
+kuzdrowiu24.pl: could not connect to host
kvt.berlin: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
kwidz.fr: did not receive HSTS header
kwikmed.eu: could not connect to host
kwiknews.com: did not receive HSTS header
kwipi.com: did not receive HSTS header
kwmr.me: did not receive HSTS header
-kwok.cc: could not connect to host
kwok.tv: could not connect to host
kwondratsch.com: could not connect to host
-kxind.cn: could not connect to host
+kxind.cn: did not receive HSTS header
kyanite.co: max-age too low: 7889238
kyberna.xyz: could not connect to host
kykoonn.net: did not receive HSTS header
@@ -9677,7 +10025,6 @@ kymo.org: did not receive HSTS header
kynaston.org.uk: could not connect to host
kyochon.fr: could not connect to host
kyonagashima.com: did not receive HSTS header
-kyoto-k9.com: did not receive HSTS header
kyoto-sake.net: could not connect to host
kyouko.nl: could not connect to host
kyujin-office.net: could not connect to host
@@ -9715,6 +10062,7 @@ lacentral.com: did not receive HSTS header
lacledeslan.ninja: could not connect to host
lacuevadechauvet.com: did not receive HSTS header
ladadate.com: could not connect to host
+ladenzeile.de: did not receive HSTS header
ladybugjam.com: could not connect to host
ladylikeit.com: could not connect to host
ladylucks.co.uk: could not connect to host
@@ -9723,7 +10071,7 @@ laemen.nl: could not connect to host
laf.in.net: could not connect to host
lafamillemusique.fr: did not receive HSTS header
lafeemam.fr: could not connect to host
-lafema.de: could not connect to host
+lafka.org: could not connect to host
laforetenchantee.ch: could not connect to host
lafosseobservatoire.be: did not receive HSTS header
lafr4nc3.xyz: could not connect to host
@@ -9743,7 +10091,9 @@ lakewoodcomputerservices.com: could not connect to host
lalajj.com: could not connect to host
laltroweb.it: did not receive HSTS header
lamafioso.com: could not connect to host
+lamaisondelatransformationculturelle.com: did not receive HSTS header
lamaland.ru: did not receive HSTS header
+lamanwebinfo.com: did not receive HSTS header
lambda-complex.org: could not connect to host
lambdafive.co.uk: could not connect to host
lamiaposta.email: did not receive HSTS header
@@ -9751,7 +10101,6 @@ lamomebijou.paris: did not receive HSTS header
lampl.info: could not connect to host
lamtv.com.mx: could not connect to host
lan2k.org: max-age too low: 86400
-lana.swedbank.se: did not receive HSTS header
lanauzedesigns.com: did not receive HSTS header
lanboll.com: could not connect to host
lanbyte.se: could not connect to host
@@ -9768,9 +10117,10 @@ langenbach.rocks: could not connect to host
langendorf-ernaehrung-training.de: could not connect to host
langendries.eu: did not receive HSTS header
langhun.me: could not connect to host
+lanhhuyet510.tk: could not connect to host
laniakean.com: did not receive HSTS header
+lannainnovation.com: did not receive HSTS header
lanonfire.com: could not connect to host
-lanseyujie.com: max-age too low: 0
lansinoh.co.uk: did not receive HSTS header
lanzainc.xyz: could not connect to host
laobox.fr: could not connect to host
@@ -9778,18 +10128,19 @@ laohei.org: did not receive HSTS header
laospage.com: did not receive HSTS header
lapakus.com: could not connect to host
laperfumista.es: could not connect to host
-lapix.com.co: could not connect to host
laplaceduvillage.net: could not connect to host
laquack.com: could not connect to host
lared.ovh: did not receive HSTS header
laredsemanario.com: could not connect to host
-larotayogaming.stream: could not connect to host
larsgujord.no: did not receive HSTS header
larsmerke.de: did not receive HSTS header
lasepiataca.com: did not receive HSTS header
lasercloud.ml: could not connect to host
+laserfuchs.de: did not receive HSTS header
lashstuff.com: did not receive HSTS header
lasnaves.com: did not receive HSTS header
+lassesworld.com: could not connect to host
+lassesworld.se: could not connect to host
lasst-uns-beten.de: could not connect to host
latabaccheria.net: could not connect to host
latable-bowling-vire.fr: did not receive HSTS header
@@ -9803,12 +10154,15 @@ lathamlabs.com: could not connect to host
lathamlabs.net: could not connect to host
lathamlabs.org: could not connect to host
lathen-wahn.de: did not receive HSTS header
+latiendadelbebefeliz.com: did not receive HSTS header
+latinphone.com: could not connect to host
latinred.com: did not receive HSTS header
latitude42technology.com: did not receive HSTS header
latour-managedcare.ch: could not connect to host
latterdaybride.com: max-age too low: 7889238
latus.xyz: could not connect to host
laufcampus.com: did not receive HSTS header
+laufers.pl: did not receive HSTS header
laufseminare-laufreisen.com: did not receive HSTS header
lauftrainer-ausbildung.com: did not receive HSTS header
laurel4th.org: did not receive HSTS header
@@ -9838,8 +10192,12 @@ lbrlh.tk: could not connect to host
lbrli.tk: could not connect to host
lbrls.tk: could not connect to host
lbrt.xyz: could not connect to host
+lbsi-nordwest.de: did not receive HSTS header
+lcbizsolutions.com: could not connect to host
lclarkpdx.com: could not connect to host
lcti.biz: could not connect to host
+lcy.cat: could not connect to host
+lcybox.com: did not receive HSTS header
ldarby.me.uk: could not connect to host
ldcraft.pw: could not connect to host
leadbook.ru: max-age too low: 604800
@@ -9850,6 +10208,7 @@ leaks.directory: could not connect to host
leanclub.org: could not connect to host
leaodarodesia.com.br: could not connect to host
leardev.de: did not receive HSTS header
+learn-smart.uk: did not receive HSTS header
learnedhacker.com: could not connect to host
learnedovo.com: did not receive HSTS header
learnfrenchfluently.com: could not connect to host
@@ -9871,13 +10230,11 @@ leebiblestudycenter.com: could not connect to host
leebiblestudycentre.com: could not connect to host
leebiblestudycentre.net: could not connect to host
leebiblestudycentre.org: could not connect to host
-leech360.com: did not receive HSTS header
leefindlow.com: could not connect to host
leegyuho.com: could not connect to host
leelou.wedding: could not connect to host
leen.io: could not connect to host
leerkotte.eu: could not connect to host
-leet2.com: could not connect to host
leetsaber.com: did not receive HSTS header
legal.farm: could not connect to host
legaleus.co.uk: could not connect to host
@@ -9901,12 +10258,13 @@ leinir.dk: did not receive HSTS header
leition.com: did not receive HSTS header
leitionusercontent.com: did not receive HSTS header
leitner.com.au: did not receive HSTS header
+leiyun.me: could not connect to host
lelehei.com: could not connect to host
lellyboi.ml: could not connect to host
lelongbank.com: did not receive HSTS header
lelubre.info: did not receive HSTS header
lemon.co: could not connect to host
-lemondrops.xyz: could not connect to host
+lemonthy.ca: could not connect to host
lemp.io: did not receive HSTS header
lenders.direct: could not connect to host
lenguajedeprogramacion.com: did not receive HSTS header
@@ -9926,8 +10284,8 @@ leochedibracchio.com: did not receive HSTS header
leodaniels.com: did not receive HSTS header
leon-jaekel.com: could not connect to host
leonardcamacho.me: could not connect to host
+leonauto.de: could not connect to host
leonhooijer.nl: could not connect to host
-leonmahler.consulting: did not receive HSTS header
leopold.email: could not connect to host
leopotamgroup.com: could not connect to host
lepiquillo.fr: did not receive HSTS header
@@ -9942,21 +10300,22 @@ lesbiansslaves.com: could not connect to host
lesbofight.com: could not connect to host
lescomptoirsdepierrot.com: could not connect to host
lesconteursavis.org: could not connect to host
+lescourtiersbordelais.com: did not receive HSTS header
lesdouceursdeliyana.com: could not connect to host
lesecuadors.com: did not receive HSTS header
lesformations.net: could not connect to host
lesh.eu: could not connect to host
lesharris.com: could not connect to host
-lesjardinsdubanchet.fr: could not connect to host
+leshervelines.com: could not connect to host
lesliekearney.com: did not receive HSTS header
lesperlesdunet.fr: could not connect to host
lesquatredauphins.fr: did not receive HSTS header
-lesquerda.cat: did not receive HSTS header
lessing.consulting: did not receive HSTS header
letempsdunefleur.be: could not connect to host
leter.io: did not receive HSTS header
lethbridgecoffee.com: did not receive HSTS header
letitfly.me: could not connect to host
+letraba.com: could not connect to host
letras.mus.br: did not receive HSTS header
letreview.ph: could not connect to host
letsgetintouch.com: could not connect to host
@@ -9972,16 +10331,18 @@ levelum.com: did not receive HSTS header
levelupwear.com: max-age too low: 7889238
leveredge.net: could not connect to host
levert.ch: could not connect to host
+lewdgamer.com: could not connect to host
lewisjuggins.co.uk: did not receive HSTS header
lewisseals.com: could not connect to host
lexiphanic.co.uk: did not receive HSTS header
lexpartsofac.com: could not connect to host
+lexxyn.nl: did not receive HSTS header
lez-cuties.com: could not connect to host
lezdomsm.com: could not connect to host
lfaz.org: could not connect to host
lg21.co: could not connect to host
-lgbtqventures.com: did not receive HSTS header
-lgbtventures.com: could not connect to host
+lgbtqventures.com: max-age too low: 86400
+lgbtventures.com: did not receive HSTS header
lgiswa.com.au: did not receive HSTS header
lgrs.com.au: did not receive HSTS header
lgsg.us: could not connect to host
@@ -10008,7 +10369,6 @@ lianyexiuchang.in: could not connect to host
liaoshuma.com: could not connect to host
liaozheqi.cn: could not connect to host
liaronce.win: could not connect to host
-liautard.fr: could not connect to host
libanco.com: could not connect to host
libdeer.so: could not connect to host
libertas-tech.com: could not connect to host
@@ -10018,7 +10378,6 @@ libfte.org: did not receive HSTS header
librairie-asie.com: did not receive HSTS header
library.linode.com: did not receive HSTS header
librechan.net: could not connect to host
-librends.org: could not connect to host
libricks.fr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
librisulibri.it: did not receive HSTS header
licence-registry.com: could not connect to host
@@ -10031,7 +10390,7 @@ lidl-selection.at: did not receive HSTS header
liduan.com: could not connect to host
liebach.me: did not receive HSTS header
liebestarot.at: did not receive HSTS header
-lieblingsholz.de: did not receive HSTS header
+lieblingsholz.de: could not connect to host
lied8.eu: could not connect to host
liehuojun.com: could not connect to host
lietaer.eu: did not receive HSTS header
@@ -10040,18 +10399,19 @@ lifecoach.tw: did not receive HSTS header
lifecoachproviders.com: could not connect to host
lifeguard.aecom.com: did not receive HSTS header
lifeinitsownway.com: could not connect to host
-lifeinsurances.pro: did not receive HSTS header
+lifeinsurances.pro: could not connect to host
lifeinsurances24.com: did not receive HSTS header
-lifekiss.ru: could not connect to host
lifemarque.co.uk: did not receive HSTS header
lifenexto.com: could not connect to host
lifeng.us: could not connect to host
lifeskillsdirect.com: did not receive HSTS header
+lifestyle7788.com: could not connect to host
lifestyler.me: could not connect to host
lifetimemoneymachine.com: did not receive HSTS header
lifeventure.co.uk: did not receive HSTS header
lightarmory.com: could not connect to host
lightcloud.com: did not receive HSTS header
+lightdark.xyz: could not connect to host
lighthouseinstruments.com: did not receive HSTS header
lightning-ashe.com: did not receive HSTS header
lightnovelsekai.com: could not connect to host
@@ -10074,16 +10434,19 @@ lilpwny.com: could not connect to host
lilycms.com: could not connect to host
lilygreen.co.za: did not receive HSTS header
limalama.eu: max-age too low: 1
+limeburst.net: did not receive HSTS header
limeyeti.com: could not connect to host
limiteddata.co.uk: could not connect to host
-limitget.com: did not receive HSTS header
+limitget.com: could not connect to host
limn.me: could not connect to host
limodo-shop.de: did not receive HSTS header
limpens.net: did not receive HSTS header
limpido.it: could not connect to host
limunana.com: could not connect to host
+lincolncountytn.gov: could not connect to host
lincsbouncycastlehire.co.uk: did not receive HSTS header
lindberg.io: did not receive HSTS header
+lindnerhof.info: could not connect to host
lineauniformes.com.br: could not connect to host
linernotekids.com: could not connect to host
linext.cn: did not receive HSTS header
@@ -10107,10 +10470,10 @@ linmi.cc: did not receive HSTS header
linno.me: could not connect to host
linorman1997.me: could not connect to host
linostassi.net: could not connect to host
-linpx.com: could not connect to host
linux-admin-california.com: could not connect to host
linux-mint.cz: could not connect to host
linux.army: could not connect to host
+linux.im: did not receive HSTS header
linux.sb: could not connect to host
linuxandstuff.de: could not connect to host
linuxcode.net: could not connect to host
@@ -10123,7 +10486,7 @@ linuxmint.cz: could not connect to host
linuxmonitoring.net: could not connect to host
linvx.org: did not receive HSTS header
linxmind.eu: could not connect to host
-lionlyrics.com: could not connect to host
+lionhosting.nl: could not connect to host
lipo.lol: could not connect to host
liquid.solutions: did not receive HSTS header
liquidcomm.net: could not connect to host
@@ -10149,9 +10512,8 @@ littledisney.ro: did not receive HSTS header
littlefreelibrary.org: did not receive HSTS header
littlelife.co.uk: did not receive HSTS header
littleservice.cn: could not connect to host
-littleskin.cn: did not receive HSTS header
liud.im: could not connect to host
-liujunyang.com: could not connect to host
+liujunyang.com: did not receive HSTS header
liukang.tech: could not connect to host
liushuyu.tk: did not receive HSTS header
liv3ly.com: did not receive HSTS header
@@ -10165,17 +10527,21 @@ liviababynet.com.br: could not connect to host
livinghealthywithchocolate.com: did not receive HSTS header
livrariacoad.com.br: could not connect to host
livrariahugodesaovitor.com.br: could not connect to host
+livroseuniformes.com.br: could not connect to host
lixiang.one: could not connect to host
lixiaojiang.ga: could not connect to host
lixingcong.com: could not connect to host
liyinjia.com: did not receive HSTS header
lizzythepooch.com: did not receive HSTS header
+ljason.cn: could not connect to host
lkiserver.com: max-age too low: 43200
lll.st: could not connect to host
llvm.us: could not connect to host
+lmerza.com: did not receive HSTS header
lmrcouncil.gov: could not connect to host
ln.io: could not connect to host
lnbeauty.ru: max-age too low: 0
+lnmp.me: could not connect to host
lnoldan.com: could not connect to host
loacg.com: did not receive HSTS header
loadingdeck.com: did not receive HSTS header
@@ -10184,6 +10550,7 @@ loadtraining.com: did not receive HSTS header
loafbox.com: could not connect to host
loafhead.me: could not connect to host
loanmatch.sg: could not connect to host
+loansharkpro.com: could not connect to host
loansonline.today: could not connect to host
loanstreet.be: could not connect to host
lobin21.com: could not connect to host
@@ -10196,8 +10563,8 @@ localblitz.com: did not receive HSTS header
localchum.com: could not connect to host
localdata.us: could not connect to host
localdrive.me: could not connect to host
+localhorst.xyz: could not connect to host
localnetwork.nz: could not connect to host
-location-fichier-email.com: could not connect to host
locationvoitureautriche.com: could not connect to host
locationvoiturecorse.net: could not connect to host
locationvoiturefinlande.com: could not connect to host
@@ -10252,23 +10619,23 @@ lojashowdecozinha.com.br: could not connect to host
lojasviavento.com.br: could not connect to host
lojatema.com.br: could not connect to host
lojavalcapelli.com.br: could not connect to host
-lolhax.org: could not connect to host
+lojavirtualfct.com.br: did not receive HSTS header
loli.bz: could not connect to host
loli.com: could not connect to host
-loli.ski: did not receive HSTS header
-loli.vip: did not receive HSTS header
+loli.vip: could not connect to host
lolicon.info: could not connect to host
lolicore.ch: could not connect to host
lolidunno.com: could not connect to host
lolis.stream: could not connect to host
lollaconcept.com.br: could not connect to host
-lonasdigital.com: did not receive HSTS header
+lonasdigital.com: could not connect to host
lonbali.com: did not receive HSTS header
londoncalling.co: did not receive HSTS header
londonlanguageexchange.com: could not connect to host
londonseedcentre.co.uk: could not connect to host
lonerwolf.com: did not receive HSTS header
long139.com: could not connect to host
+long18.cc: could not connect to host
long688.com: could not connect to host
longboarding-ulm.de: could not connect to host
longma.pw: could not connect to host
@@ -10285,7 +10652,6 @@ loperetti.ch: could not connect to host
loqyu.co: could not connect to host
lordgun.com: did not receive HSTS header
lordjevington.co.uk: did not receive HSTS header
-lormansas.com: could not connect to host
losebellyfat.pro: could not connect to host
losrascadoresparagatos.com: did not receive HSTS header
loss.no: could not connect to host
@@ -10305,7 +10671,7 @@ lotuscloud.de: could not connect to host
lotuscloud.org: could not connect to host
louduniverse.net: did not receive HSTS header
louiewatch.com: could not connect to host
-louisvillevmug.info: could not connect to host
+louisvillevmug.info: did not receive HSTS header
love-schna.jp: could not connect to host
love4taylor.eu.org: could not connect to host
loveable.de: could not connect to host
@@ -10327,6 +10693,7 @@ lovemen.cc: did not receive HSTS header
lovemysafetynet.com: did not receive HSTS header
loveread-ec.appspot.com: did not receive HSTS header
loveto.at: could not connect to host
+lovetravel360.com: could not connect to host
lovingpenguin.com: did not receive HSTS header
lowhangingfruitgrabber.com: could not connect to host
lowt.us: could not connect to host
@@ -10334,38 +10701,40 @@ lowtherpavilion.co.uk: did not receive HSTS header
loxal.org: could not connect to host
loxis.be: did not receive HSTS header
loyaltech.ch: could not connect to host
-lp-support.nl: could not connect to host
lpacademy.com.br: could not connect to host
lpak.nl: could not connect to host
+lpcom.de: max-age too low: 172800
lpgram.ga: could not connect to host
lpm-uk.com: did not receive HSTS header
+lqs.me: could not connect to host
lrhsclubs.com: could not connect to host
lrhstsa.com: could not connect to host
ls-a.org: did not receive HSTS header
ls-reallife.de: did not receive HSTS header
ls-rp.es: did not receive HSTS header
+lshiy.com: did not receive HSTS header
lsky.cn: could not connect to host
lsp-sports.de: did not receive HSTS header
lstma.com: could not connect to host
lsvih.com: did not receive HSTS header
lswim.com: did not receive HSTS header
lsws.de: could not connect to host
-lsys.ac: could not connect to host
+lsy.cn: did not receive HSTS header
lszj.com: could not connect to host
ltba.org: could not connect to host
ltbytes.com: could not connect to host
-ltechnologygroup.com: did not receive HSTS header
+ltechnologygroup.com: could not connect to host
ltransferts.com: could not connect to host
ltu.social: could not connect to host
-luan.ma: did not receive HSTS header
+lubomirkazakov.com: did not receive HSTS header
lubot.net: could not connect to host
lucakrebs.de: could not connect to host
lucas-garte.com: did not receive HSTS header
lucascantor.com: did not receive HSTS header
lucascobb.com: did not receive HSTS header
lucascodes.com: could not connect to host
-lucassoler.com.ar: could not connect to host
lucaterzini.com: could not connect to host
+lucianoalbanes.com: did not receive HSTS header
lucidlogs.com: could not connect to host
luckydog.pw: could not connect to host
luckystarfishing.com: did not receive HSTS header
@@ -10377,6 +10746,7 @@ luginbuehl.eu: could not connect to host
luis-checa.com: could not connect to host
luisgf.es: did not receive HSTS header
luisv.me: could not connect to host
+luizkowalski.net: could not connect to host
luk.photo: could not connect to host
lukas-schauer.de: did not receive HSTS header
lukas.im: did not receive HSTS header
@@ -10395,11 +10765,10 @@ luma.pink: could not connect to host
lumd.me: could not connect to host
lumer.tech: could not connect to host
lumi.do: did not receive HSTS header
-luminancy.com: did not receive HSTS header
+luminancy.com: could not connect to host
lunapatch.com: max-age too low: 7889238
lunarift.com: could not connect to host
lunarrift.net: could not connect to host
-lunarsoft.net: did not receive HSTS header
luneta.nearbuysystems.com: could not connect to host
lunight.ml: could not connect to host
lunix.io: did not receive HSTS header
@@ -10409,10 +10778,10 @@ luolikong.vip: did not receive HSTS header
luom.net: could not connect to host
luoxiao.im: could not connect to host
luoxingyu.ml: could not connect to host
-luqsus.pl: could not connect to host
luripump.se: could not connect to host
lusis.fr: did not receive HSTS header
lusis.net: could not connect to host
+lustige-zitate.com: did not receive HSTS header
lustrumxi.nl: could not connect to host
luther.fi: could not connect to host
luvplay.co.uk: could not connect to host
@@ -10430,8 +10799,9 @@ lydia-und-simon.de: could not connect to host
lydiagorstein.com: did not receive HSTS header
lyfbits.com: could not connect to host
lylares.com: did not receive HSTS header
-lynkos.com: could not connect to host
+lynkos.com: did not receive HSTS header
lyonelkaufmann.ch: did not receive HSTS header
+lyoness.digital: could not connect to host
lyonl.com: could not connect to host
lyscnd.com: could not connect to host
lysergion.com: could not connect to host
@@ -10458,7 +10828,7 @@ ma-plancha.ch: did not receive HSTS header
maarten.nyc: could not connect to host
maartenprovo.be: did not receive HSTS header
maartenterpstra.xyz: could not connect to host
-mac-torrents.me: did not receive HSTS header
+mac-torrents.me: could not connect to host
mac-world.pl: did not receive HSTS header
macandtonic.com: could not connect to host
macbolo.com: could not connect to host
@@ -10466,25 +10836,28 @@ macchaberrycream.com: could not connect to host
macchedil.com: did not receive HSTS header
macdj.tk: could not connect to host
macedopesca.com.br: did not receive HSTS header
-macgeneral.de: did not receive HSTS header
mach1club.com: did not receive HSTS header
machbach.net: could not connect to host
+machijun.net: did not receive HSTS header
machinelearningjavascript.com: could not connect to host
maciespartyhire.co.uk: did not receive HSTS header
mack.space: could not connect to host
+mackey7.net: did not receive HSTS header
macleodnc.com: did not receive HSTS header
macsandcheesedreams.com: could not connect to host
macstore.pe: did not receive HSTS header
macustar.eu: did not receive HSTS header
+madbicicletas.com: could not connect to host
madcatdesign.de: did not receive HSTS header
maddin.ga: could not connect to host
+made-to-usb.com: did not receive HSTS header
madebyfalcon.co.uk: did not receive HSTS header
madebymagnitude.com: did not receive HSTS header
madeglobal.com: did not receive HSTS header
madeinorder.com: could not connect to host
madeintucson.org: could not connect to host
mademoiselle-emma.be: could not connect to host
-mademoiselle-emma.fr: could not connect to host
+mademoiselle-emma.fr: did not receive HSTS header
maderasbrown.com: could not connect to host
maderwin.com: did not receive HSTS header
madesoftware.com.br: could not connect to host
@@ -10500,7 +10873,6 @@ magazinedabeleza.net: could not connect to host
magebankin.com: did not receive HSTS header
magenx.com: did not receive HSTS header
magia360.com: did not receive HSTS header
-magicball.co: could not connect to host
magickmoments.co.uk: did not receive HSTS header
magieamour.com: did not receive HSTS header
magieblanche.fr: did not receive HSTS header
@@ -10520,7 +10892,7 @@ mailchuck.com: could not connect to host
maildragon.com: did not receive HSTS header
mailgarant.nl: could not connect to host
mailhost.it: could not connect to host
-mailing-femprendedores.com: did not receive HSTS header
+mailing-femprendedores.com: could not connect to host
mailing-jbgg.com: could not connect to host
maillink.store: could not connect to host
mailon.ga: could not connect to host
@@ -10530,8 +10902,12 @@ main-unit.com: could not connect to host
mainston.com: could not connect to host
maintainerheaven.ch: could not connect to host
maisalto.ind.br: could not connect to host
+maitrechaton.fr: did not receive HSTS header
maitriser-son-stress.com: could not connect to host
majesticcolorado.com: did not receive HSTS header
+majkl.me: could not connect to host
+majkl.xyz: could not connect to host
+majkl578.cz: could not connect to host
majncloud.tk: could not connect to host
make-pizza.info: could not connect to host
makedonien.guide: could not connect to host
@@ -10539,7 +10915,7 @@ makeit-so.de: could not connect to host
makeitdynamic.com: could not connect to host
makemejob.com: could not connect to host
makemyvape.co.uk: max-age too low: 7889238
-makerstuff.net: did not receive HSTS header
+makerstuff.net: could not connect to host
makeshiftco.de: could not connect to host
makeuplove.nl: could not connect to host
makeyourlaws.org: did not receive HSTS header
@@ -10557,6 +10933,7 @@ maljaars-media.nl: could not connect to host
malkaso.com.ua: could not connect to host
malmstroms-co.se: could not connect to host
malone.link: could not connect to host
+malte-kiefer.de: did not receive HSTS header
maltes.website: could not connect to host
malvy.kiev.ua: could not connect to host
malwareverse.us: did not receive HSTS header
@@ -10577,7 +10954,7 @@ manaboutahor.se: could not connect to host
manage.zenpayroll.com: did not receive HSTS header
manage4all.com: could not connect to host
manageall.de: could not connect to host
-managed-varnish.de: did not receive HSTS header
+managed-varnish.de: could not connect to host
manageforall.com: could not connect to host
manageforall.de: could not connect to host
management-ethics.com: did not receive HSTS header
@@ -10610,6 +10987,7 @@ mansiontech.cn: did not receive HSTS header
manududu.com.br: could not connect to host
manuel7espejo.com: did not receive HSTS header
manuelrueger.de: could not connect to host
+manuscript.com: did not receive HSTS header
manutrol.com.br: did not receive HSTS header
maomao.blog: could not connect to host
maomaobt.com: did not receive HSTS header
@@ -10623,15 +11001,14 @@ maquillage-permanent-tatoo.com: did not receive HSTS header
maquininhamercadopoint.com.br: could not connect to host
maranatha.pl: did not receive HSTS header
marbinvest.com: did not receive HSTS header
-marcaudefroy.com: could not connect to host
+marcaudefroy.com: did not receive HSTS header
marcberman.co: did not receive HSTS header
marcbuehlmann.com: did not receive HSTS header
marcelmarnitz.com: could not connect to host
marcelparra.com: could not connect to host
marchagen.nl: did not receive HSTS header
marche-nordic-jorat.ch: could not connect to host
-marchhappy.tech: did not receive HSTS header
-marco-kretz.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+marco-kretz.de: did not receive HSTS header
marco01809.net: could not connect to host
marcoececilia.it: did not receive HSTS header
marcofinke.de: could not connect to host
@@ -10640,14 +11017,15 @@ marcontrol.com: did not receive HSTS header
marcosteixeira.tk: could not connect to host
marcschlagenhauf.de: could not connect to host
marcus-scheffler.com: did not receive HSTS header
-marcush.de: could not connect to host
-marcusserver.synology.me: did not receive HSTS header
+marcush.de: did not receive HSTS header
+marcusserver.synology.me: could not connect to host
mardelcupon.com: could not connect to host
mare92.cz: could not connect to host
mareklecian.cz: did not receive HSTS header
margan.ch: could not connect to host
margaretrosefashions.co.uk: could not connect to host
margo.ml: could not connect to host
+mariacorzo.com: could not connect to host
mariacristinadoces.com.br: did not receive HSTS header
mariannematthew.com: could not connect to host
marianwehlus.de: did not receive HSTS header
@@ -10657,7 +11035,6 @@ marie-en-provence.com: could not connect to host
marie.club: could not connect to host
marienschule-sundern.de: did not receive HSTS header
marinecadastre.gov: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-mario.party: could not connect to host
marioabela.com: did not receive HSTS header
mariusschulte.de: did not receive HSTS header
marix.ro: could not connect to host
@@ -10671,6 +11048,7 @@ marketing-advertising.eu: could not connect to host
marketingdesignu.cz: could not connect to host
marketingromania.ro: did not receive HSTS header
marketio.co: did not receive HSTS header
+marketlinks.org: did not receive HSTS header
markllego.com: could not connect to host
marko-fenster24.de: did not receive HSTS header
markorszulak.com: did not receive HSTS header
@@ -10679,6 +11057,7 @@ markrego.com: could not connect to host
marksill.com: could not connect to host
marktboten.de: did not receive HSTS header
markusabraham.com: did not receive HSTS header
+markusgran.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
markusueberallassetmanagement.de: could not connect to host
markusueberallconsulting.de: could not connect to host
markusweimar.de: did not receive HSTS header
@@ -10747,7 +11126,7 @@ mastodon.fun: could not connect to host
mastodon.my: could not connect to host
mastodon.org.uk: did not receive HSTS header
mastodon.pl: did not receive HSTS header
-mastodones.club: could not connect to host
+mastodones.club: did not receive HSTS header
masty.nl: could not connect to host
masumreza.tk: could not connect to host
mat99.dk: could not connect to host
@@ -10755,10 +11134,16 @@ matarrosabierzo.com: could not connect to host
matchneedle.com: did not receive HSTS header
mateusmeyer.com.br: could not connect to host
mateuszpilszek.pl: could not connect to host
-mathematris.com: did not receive HSTS header
+mathematris.com: could not connect to host
mathers.ovh: did not receive HSTS header
+matheusmacedo.ddns.net: could not connect to host
mathias.re: did not receive HSTS header
+mathieui.net: could not connect to host
mathijskingma.nl: could not connect to host
+mathsource.ga: could not connect to host
+mathsweek.nz: could not connect to host
+mathsweek.org.nz: could not connect to host
+mathsweek.school.nz: could not connect to host
matillat.ovh: did not receive HSTS header
matlabjo.ir: did not receive HSTS header
matmessages.com: did not receive HSTS header
@@ -10793,6 +11178,7 @@ mavisang.cf: could not connect to host
mawe.red: could not connect to host
max-mad.com: could not connect to host
maxbachmann.de: did not receive HSTS header
+maxdev72.freeboxos.fr: could not connect to host
maxfox.me: could not connect to host
maxhorvath.com: could not connect to host
maxibanki.ovh: could not connect to host
@@ -10807,14 +11193,15 @@ maya-ro.com: could not connect to host
maya.mg: could not connect to host
maybeul.com: could not connect to host
maynardnetworks.com: could not connect to host
+mayoimobiliare.ro: did not receive HSTS header
mayoristassexshop.com: did not receive HSTS header
+mazternet.ru: could not connect to host
mazyun.com: did not receive HSTS header
mazz-tech.com: could not connect to host
mb300sd.com: could not connect to host
mb300sd.net: could not connect to host
mbconsultancy.nu: did not receive HSTS header
mbdrogenbos-usedcars.be: could not connect to host
-mbsec.net: could not connect to host
mbwemmel-usedcars.be: could not connect to host
mc81.com: did not receive HSTS header
mca2017.org: did not receive HSTS header
@@ -10824,11 +11211,11 @@ mcb-bank.com: did not receive HSTS header
mcc.re: could not connect to host
mccordworks.com: did not receive HSTS header
mcdanieldevelopmentservices.com: could not connect to host
-mcdona1d.me: could not connect to host
mcdonalds.ru: did not receive HSTS header
mcga.media: could not connect to host
mcgavocknissanwichitaparts.com: could not connect to host
mchan.us: did not receive HSTS header
+mchopkins.net: could not connect to host
mcideas.tk: could not connect to host
mcjackk77.com: could not connect to host
mckinley1.com: could not connect to host
@@ -10836,7 +11223,6 @@ mckinleytk.com: could not connect to host
mcl.gg: did not receive HSTS header
mclab.su: max-age too low: 2592000
mclist.it: could not connect to host
-mclyr.com: could not connect to host
mcnoobs.pro: could not connect to host
mcooperlaw.com: did not receive HSTS header
mcqyy.com: could not connect to host
@@ -10847,6 +11233,8 @@ mctherealm.net: could not connect to host
mcuexchange.com: did not receive HSTS header
mcuong.tk: could not connect to host
md-student.com: did not receive HSTS header
+mdbouncycastlehirelondon.co.uk: did not receive HSTS header
+mdcloudpracticesolutions.com: could not connect to host
mdfnet.se: did not receive HSTS header
mdscomp.net: could not connect to host
mdwftw.com: could not connect to host
@@ -10863,13 +11251,16 @@ mecenat-cassous.com: did not receive HSTS header
mechok.ru: could not connect to host
medallia.io: could not connect to host
meddatix.com: could not connect to host
+medi-link.co.il: did not receive HSTS header
media-access.online: did not receive HSTS header
media-courses.com: could not connect to host
+mediabm.jp: did not receive HSTS header
mediacru.sh: could not connect to host
mediadandy.com: could not connect to host
mediafinancelab.org: could not connect to host
mediamag.am: max-age too low: 0
-mediastorm.us: did not receive HSTS header
+mediarocks.de: did not receive HSTS header
+mediastorm.us: could not connect to host
mediawikicn.org: could not connect to host
medicinskavranje.edu.rs: could not connect to host
medienservice-fritz.de: did not receive HSTS header
@@ -10889,7 +11280,6 @@ medy-me.com: could not connect to host
medzinenews.com: did not receive HSTS header
meedoenzaanstad.nl: did not receive HSTS header
meetfinch.com: could not connect to host
-meetmibaby.co.uk: could not connect to host
mega-aukcion.ru: could not connect to host
megadrol.com: could not connect to host
megaflix.nl: could not connect to host
@@ -10900,7 +11290,7 @@ megashur.se: could not connect to host
megasystem.cl: could not connect to host
meghudson.com: could not connect to host
meifrench.com: could not connect to host
-meimeistartup.com: could not connect to host
+meilleur.xyz: did not receive HSTS header
meincloudspeicher.de: could not connect to host
meine-plancha.ch: did not receive HSTS header
meine-reise-gut-versichert.de: did not receive HSTS header
@@ -10922,12 +11312,12 @@ melody-lyrics.com: could not connect to host
melonstudios.net: could not connect to host
melpomene.me: could not connect to host
melted.pw: could not connect to host
-meltzow.net: could not connect to host
melvinlammerts.nl: could not connect to host
melvinlow.com: did not receive HSTS header
memberpress.com: did not receive HSTS header
members.mayfirst.org: did not receive HSTS header
membersonline.org: did not receive HSTS header
+memberstweets.com: could not connect to host
memdoc.org: could not connect to host
memeblast.ninja: could not connect to host
memepasmal.org: could not connect to host
@@ -10941,13 +11331,13 @@ menaraannonces.com: could not connect to host
menchez.me: could not connect to host
menhera.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
menntagatt.is: did not receive HSTS header
+menotag.com: could not connect to host
mensachterdepatient.nl: max-age too low: 2592000
mensmaximus.de: did not receive HSTS header
mentalhealth.gov: did not receive HSTS header
mentax.net: did not receive HSTS header
mentesemprendedoras.net: could not connect to host
menthix.net: could not connect to host
-mentorithm.com: could not connect to host
menu.fyi: could not connect to host
menudrivetest.com: could not connect to host
menuiserie-berard.com: did not receive HSTS header
@@ -10956,6 +11346,7 @@ menzel-motors.com: did not receive HSTS header
meo.de: could not connect to host
meow.cloud: could not connect to host
meozcraft.com: could not connect to host
+meraseo.com: could not connect to host
mercanix.co.uk: could not connect to host
merccorp.de: max-age too low: 0
mercedes-benz-usedcars.be: could not connect to host
@@ -10989,17 +11380,20 @@ metrans-spedition.de: could not connect to host
metricaid.com: did not receive HSTS header
metrix-money-ptc.com: could not connect to host
metrix.design: could not connect to host
+metropolisil.gov: did not receive HSTS header
metzgerei-birkenhof.de: could not connect to host
meu-smartphone.com: did not receive HSTS header
meucosmetico.com.br: could not connect to host
meuemail.pro: could not connect to host
meupedido.online: did not receive HSTS header
meusigno.com: could not connect to host
+mevanshop.com: could not connect to host
mexbt.com: could not connect to host
mexicanbusinessweb.mx: did not receive HSTS header
mexicansbook.ru: could not connect to host
mexior.nl: could not connect to host
meyeraviation.com: could not connect to host
+mfacko.cz: did not receive HSTS header
mfcatalin.com: could not connect to host
mfedderke.com: could not connect to host
mfgod.com: did not receive HSTS header
@@ -11009,8 +11403,8 @@ mfrsgb45.org: did not receive HSTS header
mft.global: could not connect to host
mfxer.com: could not connect to host
mfz.mk: did not receive HSTS header
-mgcraft.net: did not receive HSTS header
-mgdigital.fr: did not receive HSTS header
+mgcraft.net: could not connect to host
+mgdigital.fr: could not connect to host
mgiay.com: did not receive HSTS header
mgoessel.de: did not receive HSTS header
mh-bloemen.co.jp: could not connect to host
@@ -11018,6 +11412,7 @@ mhdsyarif.com: did not receive HSTS header
mhealthdemocamp.com: could not connect to host
mhertel.com: did not receive HSTS header
mhict.nl: could not connect to host
+mhjuma.com: could not connect to host
mht-travel.com: could not connect to host
mhx.pw: could not connect to host
mia.ac: could not connect to host
@@ -11042,6 +11437,7 @@ michaelwaite.org: could not connect to host
michal-kral.cz: could not connect to host
michalborka.cz: could not connect to host
michalkral.tk: could not connect to host
+michalp.pl: did not receive HSTS header
michalvasicek.cz: did not receive HSTS header
michasfahrschule.com: could not connect to host
michel.pt: did not receive HSTS header
@@ -11058,9 +11454,11 @@ micropple.net: could not connect to host
microtalk.org: could not connect to host
middletowndelcopa.gov: could not connect to host
midirs.org: did not receive HSTS header
+midlgx.com: max-age too low: 0
midonet.org: did not receive HSTS header
midriversmotorsllc.com: did not receive HSTS header
midterm.us: could not connect to host
+midweststructuralrepair.com: could not connect to host
midwestwomenworkers.org: could not connect to host
miegl.cz: could not connect to host
miemie.jp: could not connect to host
@@ -11075,8 +11473,8 @@ migrator.co: could not connect to host
miguelgfierro.com: did not receive HSTS header
miguksaram.com: could not connect to host
mijn-email.org: could not connect to host
-mijnavg.eu: did not receive HSTS header
mijndiad.nl: did not receive HSTS header
+mijnetickets.nl: did not receive HSTS header
mijnkredietpaspoort.nl: could not connect to host
mijnsite.ovh: could not connect to host
mika.cat: could not connect to host
@@ -11088,7 +11486,7 @@ mikeg.de: did not receive HSTS header
mikek.work: did not receive HSTS header
mikeology.org: could not connect to host
mikepair.net: could not connect to host
-mikes.tk: could not connect to host
+mikes.tk: did not receive HSTS header
mikeybot.com: could not connect to host
mikii.club: could not connect to host
mikk.cz: could not connect to host
@@ -11102,7 +11500,6 @@ mikumiku.stream: could not connect to host
mikusinec.com: could not connect to host
milahendri.com: did not receive HSTS header
milang.xyz: could not connect to host
-milanpala.cz: could not connect to host
milatrans.pl: did not receive HSTS header
milcoresonline.com: could not connect to host
milesgeek.com: did not receive HSTS header
@@ -11110,18 +11507,68 @@ military-portal.cz: did not receive HSTS header
militarycarlot.com: did not receive HSTS header
militaryconsumer.gov: did not receive HSTS header
milkingit.net: could not connect to host
-milktea.info: could not connect to host
millibitcoin.jp: could not connect to host
+million5.com: did not receive HSTS header
+million6.com: did not receive HSTS header
+million8.com: did not receive HSTS header
millionairessecrets.com: could not connect to host
+millions11.com: did not receive HSTS header
+millions13.com: did not receive HSTS header
+millions14.com: did not receive HSTS header
+millions15.com: did not receive HSTS header
+millions16.com: did not receive HSTS header
+millions17.com: did not receive HSTS header
+millions19.com: did not receive HSTS header
+millions20.com: did not receive HSTS header
+millions22.com: did not receive HSTS header
+millions25.com: did not receive HSTS header
+millions26.com: did not receive HSTS header
+millions27.com: did not receive HSTS header
+millions28.com: did not receive HSTS header
+millions29.com: did not receive HSTS header
+millions31.com: did not receive HSTS header
+millions33.com: did not receive HSTS header
+millions35.com: did not receive HSTS header
+millions36.com: did not receive HSTS header
+millions37.com: did not receive HSTS header
+millions38.com: did not receive HSTS header
+millions39.com: could not connect to host
+millions40.com: could not connect to host
+millions41.com: could not connect to host
+millions42.com: could not connect to host
+millions43.com: could not connect to host
+millions5.com: did not receive HSTS header
+millions50.com: did not receive HSTS header
+millions55.com: did not receive HSTS header
+millions56.com: did not receive HSTS header
+millions58.com: did not receive HSTS header
+millions59.com: did not receive HSTS header
+millions6.com: did not receive HSTS header
+millions61.com: did not receive HSTS header
+millions62.com: did not receive HSTS header
+millions63.com: did not receive HSTS header
+millions66.com: did not receive HSTS header
+millions7.com: did not receive HSTS header
+millions70.com: did not receive HSTS header
+millions71.com: did not receive HSTS header
+millions72.com: did not receive HSTS header
+millions80.com: did not receive HSTS header
+millions81.com: did not receive HSTS header
+millions82.com: did not receive HSTS header
+millions88.com: did not receive HSTS header
+millions9.com: did not receive HSTS header
+millions99.com: did not receive HSTS header
millstep.de: did not receive HSTS header
milonga.tips: could not connect to host
mim.properties: could not connect to host
mimbeim.com: did not receive HSTS header
mimm.gov: did not receive HSTS header
+mimobile.website: could not connect to host
mimoderoupa.pt: could not connect to host
min.kiwi: could not connect to host
minacssas.com: could not connect to host
minantavla.se: could not connect to host
+mind-moves.es: could not connect to host
mind.sh: did not receive HSTS header
mindbodycontinuum.com: could not connect to host
mindbodytherapymn.com: did not receive HSTS header
@@ -11142,6 +11589,7 @@ minecraftforums.gq: could not connect to host
minecraftforums.ml: could not connect to host
minecraftserverz.com: could not connect to host
minecraftvoter.com: could not connect to host
+minei.me: did not receive HSTS header
mineover.es: could not connect to host
minetude.com: could not connect to host
mingkyaa.com: could not connect to host
@@ -11156,19 +11604,21 @@ minimaliston.com: could not connect to host
minimoo.se: could not connect to host
minipainting.net: could not connect to host
miniskipper.at: did not receive HSTS header
+miniwallaby.com: could not connect to host
minkondom.nu: could not connect to host
minnesotadata.com: could not connect to host
-minor.news: could not connect to host
+minor.news: did not receive HSTS header
minora.io: could not connect to host
minoris.se: did not receive HSTS header
mintea-noua.ro: could not connect to host
+minu.link: could not connect to host
mipiaci.co.nz: did not receive HSTS header
mipiaci.com.au: did not receive HSTS header
+mipla.ch: could not connect to host
miragrow.com: could not connect to host
mireillewendling.com.br: could not connect to host
mirgleich.dnshome.de: could not connect to host
mirindadomo.ru: did not receive HSTS header
-mirjamderijk.nl: could not connect to host
mirodasilva.be: could not connect to host
mironized.com: did not receive HSTS header
mirrorsedgearchive.ga: could not connect to host
@@ -11177,7 +11627,7 @@ miruc.co: did not receive HSTS header
mirucon.com: did not receive HSTS header
misconfigured.io: could not connect to host
miscreant.me: could not connect to host
-misericordiasegrate.org: did not receive HSTS header
+misericordiasegrate.org: could not connect to host
misgluteosperfectos.com: did not receive HSTS header
misiondelosangeles-mailing.com: could not connect to host
misiru.jp: could not connect to host
@@ -11196,8 +11646,6 @@ mittenhacks.com: could not connect to host
mityinc.com: did not receive HSTS header
miukimodafeminina.com: could not connect to host
mivcon.net: could not connect to host
-mivestuariolaboral.com: did not receive HSTS header
-mivzaklive.co.il: did not receive HSTS header
mixer.cash: could not connect to host
miya.io: could not connect to host
miyako-kyoto.jp: could not connect to host
@@ -11213,7 +11661,6 @@ mkakh.xyz: could not connect to host
mkfs.be: could not connect to host
mkfs.fr: could not connect to host
mkg-palais-hanau.de: did not receive HSTS header
-mkie.cf: could not connect to host
mkp-deutschland.de: did not receive HSTS header
mkplay.io: could not connect to host
mkw.st: could not connect to host
@@ -11237,6 +11684,7 @@ mmilog.hu: could not connect to host
mmmm.com: could not connect to host
mmstick.tk: could not connect to host
mna7e.com: did not receive HSTS header
+mncr.nl: could not connect to host
mnec.io: could not connect to host
mneeb.de: could not connect to host
mnemotiv.com: could not connect to host
@@ -11247,7 +11695,6 @@ mo3.club: could not connect to host
moar.so: did not receive HSTS header
moas.design: did not receive HSTS header
moas.photos: did not receive HSTS header
-mobag.ru: did not receive HSTS header
mobaircon.com: did not receive HSTS header
mobi4.tk: could not connect to host
mobile-gesundheit.org: could not connect to host
@@ -11292,7 +11739,7 @@ moderntld.net: could not connect to host
mododo.de: could not connect to host
modx.by: max-age too low: 31536
modx.io: could not connect to host
-modydev.club: could not connect to host
+modydev.club: did not receive HSTS header
moe.pe: could not connect to host
moe.wtf: could not connect to host
moe4sale.in: did not receive HSTS header
@@ -11315,11 +11762,14 @@ moitur.com: did not receive HSTS header
mojapraca.sk: did not receive HSTS header
mojefilmy.xyz: could not connect to host
mojizuri.jp: max-age too low: 86400
+mojnet.eu: could not connect to host
+mojnet.net: could not connect to host
mokadev.com: did not receive HSTS header
mokken-fabriek.nl: did not receive HSTS header
mols.me: could not connect to host
momento.co.id: did not receive HSTS header
momfulfilled.com: could not connect to host
+momjoyas.com: did not receive HSTS header
mommel.com: could not connect to host
mommelonline.de: could not connect to host
momoka.moe: could not connect to host
@@ -11331,6 +11781,7 @@ monarca.systems: could not connect to host
monasterialis.eu: could not connect to host
monautoneuve.fr: did not receive HSTS header
mondar.io: could not connect to host
+mondedesnovels.com: did not receive HSTS header
mondopoint.com: did not receive HSTS header
mondwandler.de: could not connect to host
moneoci.com.br: could not connect to host
@@ -11346,6 +11797,7 @@ monitaure.io: could not connect to host
monitman.solutions: could not connect to host
monitorchain.com: did not receive HSTS header
monitori.ng: could not connect to host
+monkeydust.net: max-age too low: 0
monkieteel.nl: did not receive HSTS header
monochrometoys.com: could not connect to host
monodukuri.cafe: could not connect to host
@@ -11366,8 +11818,8 @@ moonless.net: could not connect to host
moonlightcapital.ml: could not connect to host
moonloupe.com: could not connect to host
moonrhythm.info: could not connect to host
-moonrhythm.io: did not receive HSTS header
moonysbouncycastles.co.uk: could not connect to host
+mooretownrancheria-nsn.gov: could not connect to host
moosemanstudios.com: could not connect to host
moov.is: could not connect to host
moparcraft.com: could not connect to host
@@ -11407,7 +11859,7 @@ mostwuat.com: could not connect to host
motherbase.io: could not connect to host
motherboard.services: could not connect to host
motionfreight.com: could not connect to host
-motionpicturesolutions.com: did not receive HSTS header
+motionpicturesolutions.com: could not connect to host
motocyklovedily.cz: did not receive HSTS header
motomorgen.com: could not connect to host
motorbiketourhanoi.com: could not connect to host
@@ -11422,10 +11874,12 @@ moucloud.cn: did not receive HSTS header
moudicat.com: max-age too low: 6307200
moula.com.au: did not receive HSTS header
moumaobuchiyu.com: could not connect to host
+mounp.me: max-age too low: 2592000
mountainadventureseminars.com: did not receive HSTS header
mountainmusicpromotions.com: did not receive HSTS header
+mountairymd.gov: could not connect to host
mousemessages.com: did not receive HSTS header
-movabletype.net: max-age too low: 3600
+movabletype.net: did not receive HSTS header
moveek.com: did not receive HSTS header
moveisfit.com.br: could not connect to host
movepin.com: could not connect to host
@@ -11434,6 +11888,7 @@ movie4k.life: could not connect to host
movie4kto.site: could not connect to host
moviedollars.com: could not connect to host
movienang.com: max-age too low: 0
+movienized.de: did not receive HSTS header
moviesabout.net: could not connect to host
moviespur.info: did not receive HSTS header
moving-pixtures.de: could not connect to host
@@ -11442,7 +11897,6 @@ movio.ga: could not connect to host
mowalls.net: could not connect to host
moy-gorod.od.ua: did not receive HSTS header
moyoo.net: did not receive HSTS header
-moysovet.info: did not receive HSTS header
moyu.host: did not receive HSTS header
mozart-game.cz: could not connect to host
mozartgame.cz: could not connect to host
@@ -11493,7 +11947,7 @@ mruganiepodspacja.pl: could not connect to host
ms-alternativ.de: did not receive HSTS header
msc-seereisen.net: could not connect to host
msgallery.tk: could not connect to host
-msopopop.cn: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+msopopop.cn: max-age too low: 5184000
msp66.de: could not connect to host
mstd.tokyo: did not receive HSTS header
mstdn-tech.jp: could not connect to host
@@ -11505,6 +11959,7 @@ mt.me.uk: could not connect to host
mtamaki.com: could not connect to host
mtau.com: max-age too low: 2592000
mtcgf.com: could not connect to host
+mtcq.jp: could not connect to host
mtd.ovh: could not connect to host
mtdn.jp: could not connect to host
mtfgnettoyage.fr: could not connect to host
@@ -11512,10 +11967,10 @@ mtg-esport.de: did not receive HSTS header
mtirc.co: could not connect to host
mtn.cc: could not connect to host
mtr.md: could not connect to host
-mu3on.com: could not connect to host
+mu3on.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+muahahahaha.co.uk: could not connect to host
muchohentai.com: could not connect to host
mudgezero.one: could not connect to host
-muel.io: could not connect to host
muenzubi.de: did not receive HSTS header
muffet.pw: did not receive HSTS header
muga.space: could not connect to host
@@ -11523,7 +11978,8 @@ muj-svet.cz: could not connect to host
mujadin.se: did not receive HSTS header
mulenvo.com: did not receive HSTS header
mulheres18.com: could not connect to host
-mullen.net.au: could not connect to host
+mullen.net.au: did not receive HSTS header
+multiplexcy.com: could not connect to host
multiterm.org: could not connect to host
multivpn.cn.com: could not connect to host
multivpn.com.de: could not connect to host
@@ -11534,6 +11990,7 @@ multizone.games: could not connect to host
mumei.space: could not connect to host
mundoadulto.com.br: did not receive HSTS header
mundoalpha.com.br: did not receive HSTS header
+mundodoscarbonos.com.br: could not connect to host
munecoscabezones.com: did not receive HSTS header
munich-rage.de: did not receive HSTS header
munkiepus.com: did not receive HSTS header
@@ -11565,7 +12022,9 @@ musicaconleali.it: did not receive HSTS header
musiccitycats.com: did not receive HSTS header
musikkfondene.no: did not receive HSTS header
musikzug-bookholzberg.de: did not receive HSTS header
+musique2nuit.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
muslimbanter.co.za: could not connect to host
+mustafa.space: could not connect to host
mustika.cf: did not receive HSTS header
mutamatic.com: could not connect to host
mutuelle-obligatoire-pme.fr: did not receive HSTS header
@@ -11581,7 +12040,7 @@ mxawei.cn: could not connect to host
mxlife.org: could not connect to host
mxp.tw: did not receive HSTS header
my-demo.co: could not connect to host
-my-dick.ru: could not connect to host
+my-dick.ru: did not receive HSTS header
my-owncloud.com: could not connect to host
my-pawnshop.com.ua: could not connect to host
my-plancha.ch: did not receive HSTS header
@@ -11606,7 +12065,8 @@ mycollab.net: could not connect to host
mycolorado.gov: could not connect to host
mycontrolmonitor.com: could not connect to host
mycoted.com: did not receive HSTS header
-myday.eu.com: could not connect to host
+mycreativeartsconsulting.com: could not connect to host
+myday.eu.com: did not receive HSTS header
mydeos.com: could not connect to host
mydigipass.com: did not receive HSTS header
mydmdi.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -11614,6 +12074,7 @@ mydnaresults.com: could not connect to host
mydnatest.com: did not receive HSTS header
mydriversedge.com: did not receive HSTS header
mydrone.services: could not connect to host
+myeasybooking.de: could not connect to host
myeml.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
myepass.bg: could not connect to host
myepass.de: could not connect to host
@@ -11624,7 +12085,6 @@ myfishpalace.at: could not connect to host
myfunworld.de: could not connect to host
mygalgame.com: did not receive HSTS header
mygaysitges.com: could not connect to host
-mygeneral.org: could not connect to host
mygivingcircle.org: did not receive HSTS header
mygooder.com: did not receive HSTS header
mygov.scot: did not receive HSTS header
@@ -11636,7 +12096,6 @@ myhloli.com: did not receive HSTS header
myicare.org: did not receive HSTS header
myiocc.org: did not receive HSTS header
myip.tech: max-age too low: 2592000
-myjumpsuit.de: did not receive HSTS header
mykolab.com: did not receive HSTS header
mykreuzfahrt.de: could not connect to host
mylene-chandelier.me: did not receive HSTS header
@@ -11661,6 +12120,7 @@ myownconference.fr: did not receive HSTS header
myownconference.lt: did not receive HSTS header
myownconference.lv: did not receive HSTS header
myownconference.pt: did not receive HSTS header
+myownwebinar.com: could not connect to host
mypagella.com: could not connect to host
mypagella.eu: could not connect to host
mypagella.it: could not connect to host
@@ -11675,12 +12135,10 @@ myqdu.cn: could not connect to host
myqdu.com: could not connect to host
myrig.com.ua: did not receive HSTS header
myrig.io: could not connect to host
-myrig.net: could not connect to host
myrig.ru: did not receive HSTS header
myrsa.in: did not receive HSTS header
myruststats.com: could not connect to host
mysa.is: could not connect to host
-mysecretcase.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
mysecretrewards.com: could not connect to host
myseo.ga: could not connect to host
myserv.one: could not connect to host
@@ -11691,6 +12149,7 @@ mystery-science-theater-3000.de: did not receive HSTS header
mysteryblog.de: did not receive HSTS header
mystown.org: could not connect to host
mystudy.me: could not connect to host
+mysupboard.de: could not connect to host
mytc.fr: could not connect to host
mythlogic.com: did not receive HSTS header
mythslegendscollection.com: did not receive HSTS header
@@ -11713,13 +12172,13 @@ n2x.in: could not connect to host
n3twork.net: could not connect to host
n4l.pw: could not connect to host
n64chan.me: did not receive HSTS header
-n7.education: did not receive HSTS header
-n8ch.net: could not connect to host
-na.hn: did not receive HSTS header
+na.hn: could not connect to host
naano.org: could not connect to host
nabru.co.uk: did not receive HSTS header
nabu-bad-nauheim.de: did not receive HSTS header
nabytko.cz: could not connect to host
+nacktwanderfreunde.de: did not receive HSTS header
+nadaquenosepas.com: could not connect to host
nadia.pt: could not connect to host
nagajanroshiya.info: did not receive HSTS header
nagaragem.com.br: did not receive HSTS header
@@ -11729,7 +12188,6 @@ naiaspa.fr: did not receive HSTS header
naiharngym.com: did not receive HSTS header
nailedithomebuilders.com: max-age too low: 300
nais.me: did not receive HSTS header
-najedlo.sk: could not connect to host
nakamastreamingcommunity.com: could not connect to host
nakanishi-paint.com: could not connect to host
nakhonidc.com: could not connect to host
@@ -11748,8 +12206,9 @@ nameme.xyz: could not connect to host
nametaken-cloud.duckdns.org: could not connect to host
namethatbone.com: could not connect to host
namethatporn.com: could not connect to host
+nami.exchange: did not receive HSTS header
namikawatetsuji.jp: could not connect to host
-namorico.me: could not connect to host
+namorico.me: did not receive HSTS header
namuwikiusercontent.com: could not connect to host
nan.ci: did not receive HSTS header
nan.zone: could not connect to host
@@ -11767,6 +12226,7 @@ naoar.com: could not connect to host
naphex.rocks: could not connect to host
napisynapomniky.cz: did not receive HSTS header
narach.com: did not receive HSTS header
+narazaka.net: could not connect to host
nargele.eu: did not receive HSTS header
narko.space: could not connect to host
narodniki.com: did not receive HSTS header
@@ -11781,7 +12241,7 @@ nastysclaw.com: could not connect to host
natalia-fadeeva.ru: could not connect to host
natalia.io: did not receive HSTS header
natalieandjoshua.com: could not connect to host
-natalt.org: could not connect to host
+natalt.org: did not receive HSTS header
natalydanilova.com: max-age too low: 300
nataniel-perissier.fr: could not connect to host
natatorium.org: did not receive HSTS header
@@ -11790,7 +12250,6 @@ natecraun.net: did not receive HSTS header
natenom.com: max-age too low: 7200
natenom.de: max-age too low: 7200
natenom.name: max-age too low: 7200
-nathan.io: did not receive HSTS header
nationalmall.gov: could not connect to host
nationwidevehiclecontracts.co.uk: did not receive HSTS header
natropie.pl: could not connect to host
@@ -11806,22 +12265,25 @@ nauck.org: did not receive HSTS header
naudles.me: could not connect to host
nav.jobs: could not connect to host
naval.tf: could not connect to host
-navegos.net: did not receive HSTS header
+navegos.net: could not connect to host
+navenlle.com: could not connect to host
naviaddress.io: did not receive HSTS header
naviteq.eu: could not connect to host
navitime.me: did not receive HSTS header
navjobs.com: could not connect to host
+navstivime.cz: did not receive HSTS header
nawroth.info: could not connect to host
-nax.io: did not receive HSTS header
-nay.moe: did not receive HSTS header
-nazigol.com: could not connect to host
+nax.io: could not connect to host
+nay.moe: could not connect to host
+nazigol.com: did not receive HSTS header
nba2kqq.com: could not connect to host
nba669.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
nba686.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-nbb.io: could not connect to host
+nbb.io: did not receive HSTS header
nbg-ha.de: could not connect to host
nbis.gov: could not connect to host
nbl.org.tw: could not connect to host
+nbp.com.pk: did not receive HSTS header
nbtparse.org: could not connect to host
nc2c.com: could not connect to host
ncaq.net: did not receive HSTS header
@@ -11833,16 +12295,17 @@ ncpc.gov: could not connect to host
ncpw.gov: did not receive HSTS header
ncrmnt.org: did not receive HSTS header
nct.org.uk: did not receive HSTS header
+ndatc.com: did not receive HSTS header
ndmath.club: could not connect to host
ndtblog.com: could not connect to host
ndtmarket.place: could not connect to host
ne1home.dyndns.org: did not receive HSTS header
neap.io: could not connect to host
near.st: did not receive HSTS header
+nearbi.com.mx: could not connect to host
nearbiwa.com: did not receive HSTS header
nearon.nl: could not connect to host
neavision.de: did not receive HSTS header
-nebula.exchange: did not receive HSTS header
nebulousenhanced.com: could not connect to host
necesitodinero.org: could not connect to host
necio.ca: could not connect to host
@@ -11852,7 +12315,7 @@ nedwave.com: did not receive HSTS header
nedys.top: did not receive HSTS header
needle.net.nz: could not connect to host
needle.nz: could not connect to host
-neels.ch: did not receive HSTS header
+neels.ch: could not connect to host
neer.io: could not connect to host
neet-investor.biz: could not connect to host
neftaly.com: did not receive HSTS header
@@ -11867,9 +12330,14 @@ neko-life.com: did not receive HSTS header
neko.li: could not connect to host
nekoku.io: could not connect to host
nekox.ml: could not connect to host
+nella-project.org: could not connect to host
nella.io: could not connect to host
+nellacms.com: could not connect to host
+nellacms.org: could not connect to host
+nellafw.org: could not connect to host
nellen.it: did not receive HSTS header
nemanja.top: did not receive HSTS header
+nemecl.eu: could not connect to host
nemno.de: could not connect to host
nemovement.org: could not connect to host
neoani.me: did not receive HSTS header
@@ -11880,6 +12348,7 @@ neoeliteconsulting.com: could not connect to host
neofelhz.space: could not connect to host
neojames.me: could not connect to host
neokobe.city: could not connect to host
+neolink.dk: could not connect to host
neonisi.com: could not connect to host
neonnuke.tech: did not receive HSTS header
neosolution.ca: did not receive HSTS header
@@ -11894,6 +12363,7 @@ nerfroute.com: could not connect to host
neris.io: could not connect to host
neriumhcp.com: did not receive HSTS header
nesantuoka.lt: could not connect to host
+nestedquotes.ca: could not connect to host
nesterov.pw: could not connect to host
nestone.ru: could not connect to host
net-navi.cc: did not receive HSTS header
@@ -11907,7 +12377,6 @@ netbox.cc: could not connect to host
netbrief.ml: could not connect to host
netde.jp: did not receive HSTS header
netdego.jp: could not connect to host
-netducks.com: could not connect to host
netducks.space: could not connect to host
netfs.pl: did not receive HSTS header
netguide.co.nz: did not receive HSTS header
@@ -11915,16 +12384,16 @@ netherwind.eu: did not receive HSTS header
netlilo.com: could not connect to host
netloanusa.com: could not connect to host
netmagik.com: did not receive HSTS header
-netprofile.com.au: did not receive HSTS header
+netprofile.com.au: could not connect to host
netresourcedesign.com: could not connect to host
netsafeid.biz: did not receive HSTS header
netscaler.expert: could not connect to host
netsight.org: could not connect to host
netsparkercloud.com: did not receive HSTS header
netsystems.pro: could not connect to host
-nettacompany.com.tr: did not receive HSTS header
nettefoundation.com: could not connect to host
nettopower.dk: did not receive HSTS header
+nettoyage.email: could not connect to host
nettplusultra-rhone.fr: did not receive HSTS header
networkmon.net: could not connect to host
networx-online.de: could not connect to host
@@ -11938,6 +12407,7 @@ neueonlinecasino2016.com: could not connect to host
neuhaus-city.de: could not connect to host
neuralgic.net: could not connect to host
neuro-plus-100.com: could not connect to host
+neurogroove.info: did not receive HSTS header
neuronasdigitales.com: did not receive HSTS header
neuronfactor.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
neutralvehicle.com: did not receive HSTS header
@@ -11946,6 +12416,7 @@ never-afk.de: did not receive HSTS header
neveta.com: could not connect to host
new: could not connect to host
newantiagingcreams.com: could not connect to host
+newbasemedia.us: did not receive HSTS header
newbieboss.com: did not receive HSTS header
newbownerton.xyz: could not connect to host
newchance.store: could not connect to host
@@ -11959,10 +12430,10 @@ newhdmovies.io: could not connect to host
newline.online: did not receive HSTS header
newlooknow.com: did not receive HSTS header
newparadigmventures.net: did not receive HSTS header
-newpathintegratedtherapy.com: did not receive HSTS header
+newpathintegratedtherapy.com: could not connect to host
newpoke.net: could not connect to host
newportpropertygroup.com: could not connect to host
-newposts.ru: could not connect to host
+news47ell.com: did not receive HSTS header
news4c.com: did not receive HSTS header
newsa2.com: could not connect to host
newsaboutgames.de: did not receive HSTS header
@@ -11974,17 +12445,19 @@ newtonhaus.com: could not connect to host
newtonwarp.com: could not connect to host
nexgeneration-solutions.com: could not connect to host
nexlab.org: did not receive HSTS header
+nexril.net: max-age too low: 7776000
next-taxi.ru: could not connect to host
next47.com: did not receive HSTS header
-nextcloud.li: could not connect to host
+nextcloud.nerdpol.ovh: could not connect to host
nextcloud.org: could not connect to host
-nextend.net: could not connect to host
+nextend.net: did not receive HSTS header
nextend.org: did not receive HSTS header
nexth.de: could not connect to host
nexth.net: did not receive HSTS header
nexth.us: could not connect to host
nexthop.co.jp: could not connect to host
nexthop.co.th: did not receive HSTS header
+nexthop.jp: could not connect to host
nextlevel-it.co.uk: could not connect to host
nextpages.de: could not connect to host
nextproject.us: could not connect to host
@@ -11992,7 +12465,6 @@ nextshutter.com: did not receive HSTS header
nexusbyte.de: could not connect to host
nexuscorporation.in: could not connect to host
nfhome.be: did not receive HSTS header
-nfls.io: did not receive HSTS header
nfluence.org: could not connect to host
nfo.so: could not connect to host
nfrost.me: could not connect to host
@@ -12002,10 +12474,12 @@ ngiemboon.net: could not connect to host
ngine.ch: did not receive HSTS header
nginxnudes.com: could not connect to host
nginxyii.tk: could not connect to host
+ngla.gov: could not connect to host
nglr.org: could not connect to host
ngocuong.net: could not connect to host
ngt-service.ru: could not connect to host
ngtoys.com.br: did not receive HSTS header
+nhccnews.org: could not connect to host
nhliberty.org: did not receive HSTS header
nhsuites.com: did not receive HSTS header
nhus.de: max-age too low: 172800
@@ -12013,8 +12487,7 @@ niallator.com: could not connect to host
nibiisclaim.com: could not connect to host
nicestresser.fr: could not connect to host
nickcleans.co.uk: could not connect to host
-nickmertin.ca: did not receive HSTS header
-nickmorri.com: could not connect to host
+nicktheitguy.com: could not connect to host
nicky.io: did not receive HSTS header
nico.one: could not connect to host
nicoborghuis.nl: could not connect to host
@@ -12029,6 +12502,7 @@ nicorevin.ru: could not connect to host
nidux.com: did not receive HSTS header
niduxcomercial.com: could not connect to host
niedersetz.de: could not connect to host
+niedrigsterpreis.de: did not receive HSTS header
nien.chat: could not connect to host
nien.com.tw: could not connect to host
nienfun.com: could not connect to host
@@ -12049,7 +12523,7 @@ niklaslindblad.se: did not receive HSTS header
nikobradshaw.com: could not connect to host
nikolaichik.photo: did not receive HSTS header
nikolasbradshaw.com: could not connect to host
-nikolasgrottendieck.com: max-age too low: 7776000
+nikz.in: did not receive HSTS header
nilianwo.com: could not connect to host
niloxy.com: did not receive HSTS header
ninchisho-online.com: did not receive HSTS header
@@ -12074,6 +12548,7 @@ nishisbma.com: could not connect to host
nitaonline.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
niva.synology.me: could not connect to host
niveldron.com: could not connect to host
+nivi.ca: could not connect to host
nixien.fr: could not connect to host
nixmag.net: could not connect to host
nixne.st: could not connect to host
@@ -12084,7 +12559,7 @@ nkb.in.th: could not connect to host
nll.fi: could not connect to host
nlrb.gov: did not receive HSTS header
nmadda.com: did not receive HSTS header
-nmctest.net: could not connect to host
+nmctest.net: did not receive HSTS header
nmd.so: did not receive HSTS header
nmgb.ga: could not connect to host
nmgb.ml: could not connect to host
@@ -12097,6 +12572,7 @@ no17sifangjie.cc: could not connect to host
noc.wang: could not connect to host
nocallaghan.com: could not connect to host
noclegi-online.pl: did not receive HSTS header
+nocmd.com: did not receive HSTS header
noctinus.tk: could not connect to host
nodalr.com: did not receive HSTS header
node-core-app.com: could not connect to host
@@ -12109,12 +12585,11 @@ nodelab-it.de: could not connect to host
nodepanel.net: did not receive HSTS header
nodepositcasinouk.com: did not receive HSTS header
nodeselect.com: could not connect to host
-nodespin.com: did not receive HSTS header
nodesturut.cl: did not receive HSTS header
nodetemple.com: could not connect to host
-nodi.at: could not connect to host
+nodi.at: did not receive HSTS header
nodum.io: did not receive HSTS header
-noegoph.com: did not receive HSTS header
+noegoph.com: could not connect to host
noelblog.ga: could not connect to host
noelssanssoucipensacola.com: did not receive HSTS header
noesberts-weidmoos.de: did not receive HSTS header
@@ -12140,9 +12615,9 @@ nopex.no: could not connect to host
nopol.de: could not connect to host
norandom.com: could not connect to host
norb.at: could not connect to host
-norden.eu.org: could not connect to host
nordic-survival.de: did not receive HSTS header
nordiccasinocommunity.com: did not receive HSTS header
+nordicess.dk: could not connect to host
nordlicht.photography: did not receive HSTS header
noref.tk: could not connect to host
noreply.mx: could not connect to host
@@ -12158,6 +12633,7 @@ northwest-events.co.uk: could not connect to host
northwoodsfish.com: could not connect to host
nosbenevolesontdutalent.com: could not connect to host
nosecretshop.com: could not connect to host
+nosfermiers.com: could not connect to host
nosproduitsdequalite.fr: did not receive HSTS header
nossasenhoradaconceicao.com.br: could not connect to host
nostraspace.com: could not connect to host
@@ -12212,10 +12688,11 @@ nowremindme.com: could not connect to host
noxi.ga: could not connect to host
nozoe.jp: could not connect to host
npm.li: did not receive HSTS header
-npol.de: did not receive HSTS header
-npool.org: could not connect to host
+npol.de: could not connect to host
+npool.org: did not receive HSTS header
nq7.pl: could not connect to host
-nqesh.com: did not receive HSTS header
+nqesh.com: could not connect to host
+nqeshreviewer.com: could not connect to host
nrc-gateway.gov: could not connect to host
nrechn.de: could not connect to host
nrizzio.me: could not connect to host
@@ -12233,7 +12710,7 @@ nstyleintl.ca: did not receive HSTS header
nsure.us: could not connect to host
nsweb.solutions: could not connect to host
ntbs.pro: could not connect to host
-nth.sh: could not connect to host
+nth.sh: did not receive HSTS header
ntse.xyz: could not connect to host
nu-pogodi.net: could not connect to host
nu3.at: did not receive HSTS header
@@ -12247,6 +12724,7 @@ nu3.fr: did not receive HSTS header
nu3.no: did not receive HSTS header
nu3.se: did not receive HSTS header
nube.ninja: did not receive HSTS header
+nubella.com.au: did not receive HSTS header
nubeslayer.com: could not connect to host
nuclear-crimes.com: did not receive HSTS header
nuclearcrimes.com: did not receive HSTS header
@@ -12271,7 +12749,7 @@ numis.tech: could not connect to host
numista.com: did not receive HSTS header
numm.fr: did not receive HSTS header
nuovamoda.al: could not connect to host
-nup.pw: max-age too low: 0
+nup.pw: did not receive HSTS header
nupef.org.br: did not receive HSTS header
nurserybook.co: did not receive HSTS header
nurture.be: did not receive HSTS header
@@ -12313,6 +12791,7 @@ nzbs.io: could not connect to host
nzdmo.govt.nz: did not receive HSTS header
nzmk.cz: could not connect to host
nzquakes.maori.nz: did not receive HSTS header
+o-loska.cz: did not receive HSTS header
o-rickroll-y.pw: could not connect to host
o0o.one: did not receive HSTS header
oakesfam.net: did not receive HSTS header
@@ -12324,20 +12803,20 @@ oben.pl: did not receive HSTS header
oberam.de: could not connect to host
oberhof.co: could not connect to host
oberhofjuice.com: could not connect to host
+oberoi.de: did not receive HSTS header
obioncountytn.gov: could not connect to host
objectif-leger.com: did not receive HSTS header
-obligacjekk.pl: could not connect to host
oblikdom.pro: did not receive HSTS header
oblikdom.ru: did not receive HSTS header
oblondata.io: did not receive HSTS header
obrienlab.com: did not receive HSTS header
+obscur.us: could not connect to host
obscuredfiles.com: could not connect to host
observatory.se: could not connect to host
obsydian.org: could not connect to host
oc-minecraft.com: could not connect to host
ocad.com.au: did not receive HSTS header
ocapic.com: could not connect to host
-occ.gov: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
occasion-impro.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
occupymedia.org: could not connect to host
ochaken.cf: could not connect to host
@@ -12348,7 +12827,7 @@ octanio.com: could not connect to host
octo.im: could not connect to host
octocat.ninja: could not connect to host
octod.tk: could not connect to host
-octohost.net: did not receive HSTS header
+octohost.net: could not connect to host
oddmouse.com: could not connect to host
odin.xxx: could not connect to host
odinkapital.no: did not receive HSTS header
@@ -12369,6 +12848,7 @@ offgames.pro: could not connect to host
office-ruru.com: could not connect to host
officeclub.com.mx: did not receive HSTS header
officeprint.co.th: could not connect to host
+officium.tech: could not connect to host
offshore-firma.org: could not connect to host
offshore-unternehmen.com: could not connect to host
offshorefirma-gruenden.com: could not connect to host
@@ -12385,7 +12865,7 @@ ohayosoro.me: could not connect to host
ohhdeertrade.com: did not receive HSTS header
ohm2013.org: did not receive HSTS header
ohma.ga: did not receive HSTS header
-ohnemusik.com: max-age too low: 0
+ohnemusik.com: did not receive HSTS header
ohohrazi.com: did not receive HSTS header
ohreally.de: could not connect to host
ohsocool.org: did not receive HSTS header
@@ -12394,6 +12874,7 @@ oiepoie.nl: could not connect to host
oilfieldinjury.attorney: could not connect to host
oinky.ddns.net: could not connect to host
oishioffice.com: did not receive HSTS header
+ojanaho.com: did not receive HSTS header
ojbk.eu: could not connect to host
ojeremy.com: did not receive HSTS header
ojls.co: could not connect to host
@@ -12401,7 +12882,6 @@ okad-center.de: did not receive HSTS header
okad.de: did not receive HSTS header
okad.eu: did not receive HSTS header
okaidi.es: could not connect to host
-okaidi.fr: could not connect to host
okane.love: did not receive HSTS header
okaz.de: did not receive HSTS header
oklahomamoversassociation.org: could not connect to host
@@ -12412,9 +12892,10 @@ okutama.in.th: could not connect to host
olafnorge.de: did not receive HSTS header
olcso-vps-szerver.hu: could not connect to host
oldandyounglesbians.us: could not connect to host
+oldbrookinflatables.co.uk: did not receive HSTS header
+oldenglishsheepdog.com.br: could not connect to host
oldschool-criminal.com: did not receive HSTS header
oldtimer-trifft-flugplatz.de: did not receive HSTS header
-olifant.fr: did not receive HSTS header
olightstore.com: did not receive HSTS header
oliode.tk: could not connect to host
olivlabs.com: could not connect to host
@@ -12424,6 +12905,7 @@ ols.io: did not receive HSTS header
olswangtrainees.com: could not connect to host
olympe-transport.fr: did not receive HSTS header
omacostudio.com: could not connect to host
+omar.yt: did not receive HSTS header
omarsuniagamusic.ga: did not receive HSTS header
omeuanimal.com: did not receive HSTS header
omgaanmetidealen.com: could not connect to host
@@ -12433,11 +12915,10 @@ omise.co: did not receive HSTS header
ommahpost.com: did not receive HSTS header
omnigon.network: could not connect to host
omnilab.tech: could not connect to host
-omnisiens.se: could not connect to host
+omnisafira.com: did not receive HSTS header
omniti.com: max-age too low: 1
omorashi.org: could not connect to host
omquote.gq: could not connect to host
-omsdieppe.fr: did not receive HSTS header
omskit.ru: could not connect to host
omyogarishikesh.com: did not receive HSTS header
on-te.ch: did not receive HSTS header
@@ -12448,6 +12929,7 @@ oneb4nk.com: could not connect to host
onecycling.my: could not connect to host
onecycling.world: could not connect to host
onefour.co: could not connect to host
+onegoodthingbyjillee.com: did not receive HSTS header
onehourloan.com: could not connect to host
onehourloan.sg: did not receive HSTS header
oneiros.cc: could not connect to host
@@ -12457,11 +12939,12 @@ oneminutefilm.tv: did not receive HSTS header
onemusou.com: could not connect to host
onepathnetwork.com: max-age too low: 7776000
onepluscamps.com: did not receive HSTS header
+onepointsafeband.ca: could not connect to host
+onepointsafeband.com: could not connect to host
onepopstore.com: could not connect to host
onespiritinc.com: did not receive HSTS header
onet.space: could not connect to host
onetly.com: could not connect to host
-onetwentyseven001.com: did not receive HSTS header
onewebdev.info: could not connect to host
oneworldbank.com: did not receive HSTS header
onewpst.com: could not connect to host
@@ -12471,11 +12954,12 @@ onionbot.ga: could not connect to host
onioncloud.org: could not connect to host
onionplay.live: could not connect to host
onionsburg.com: could not connect to host
+onkfaktor.de: could not connect to host
online-casino.eu: did not receive HSTS header
online-horoskop.ch: did not receive HSTS header
+online-results.dk: did not receive HSTS header
online-scene.com: did not receive HSTS header
online-wetten.de: could not connect to host
-online.swedbank.se: did not receive HSTS header
onlinebiller.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
onlinebillingform.com: could not connect to host
onlinecasinobluebook.com: could not connect to host
@@ -12560,7 +13044,7 @@ opensourcehouse.net: could not connect to host
openspace.xxx: did not receive HSTS header
opensrd.com: could not connect to host
openssf.org: did not receive HSTS header
-opentexon.com: did not receive HSTS header
+opentexon.com: could not connect to host
openxmpp.com: could not connect to host
operad.fr: could not connect to host
opiates.net: did not receive HSTS header
@@ -12582,8 +13066,17 @@ opteamax.eu: did not receive HSTS header
optenhoefel.de: could not connect to host
optiekzien.nl: did not receive HSTS header
optimal-e.com: did not receive HSTS header
+optimised.cloud: could not connect to host
+optimised.io: could not connect to host
+optimisedlabs.info: could not connect to host
+optimisedlabs.net: could not connect to host
+optimisedlabs.uk: could not connect to host
optimista.soy: could not connect to host
optimize-jpg.com: could not connect to host
+optimizedlabs.co.uk: could not connect to host
+optimizedlabs.info: could not connect to host
+optimizedlabs.net: could not connect to host
+optimizedlabs.uk: could not connect to host
optisure.de: did not receive HSTS header
optometriepunt.nl: did not receive HSTS header
optumrxhealthstore.com: could not connect to host
@@ -12593,7 +13086,6 @@ opure.ru: could not connect to host
oracaodocredo.com.br: could not connect to host
orangekey.tk: could not connect to host
oranges.tokyo: did not receive HSTS header
-orangetravel.eu: did not receive HSTS header
oranic.com: did not receive HSTS header
orbiosales.com: could not connect to host
orbitcom.de: did not receive HSTS header
@@ -12613,17 +13105,22 @@ orfeo-engineering.ch: could not connect to host
organic-superfood.net: could not connect to host
organicae.com: did not receive HSTS header
oricejoc.com: could not connect to host
+orientravelmacas.com: did not receive HSTS header
originalmockups.com: did not receive HSTS header
originalsport.com.br: could not connect to host
orioncustompcs.com: could not connect to host
orionfcu.com: did not receive HSTS header
orionrebellion.com: did not receive HSTS header
orleika.ml: could not connect to host
+orovillelaw.com: could not connect to host
oroweatorganic.com: could not connect to host
+orro.ro: did not receive HSTS header
ortho-graz.at: max-age too low: 86400
orthodoxy.lt: did not receive HSTS header
ortodonciaian.com: did not receive HSTS header
-orui.com.br: could not connect to host
+orui.com.br: did not receive HSTS header
+orum.in: max-age too low: 0
+orz.uno: did not receive HSTS header
osaiyuwu.com: could not connect to host
osaka-onakura.com: did not receive HSTS header
oscamp.eu: could not connect to host
@@ -12633,11 +13130,11 @@ oscloud.com: could not connect to host
oscloud.com.ua: could not connect to host
oscreen.me: could not connect to host
oscreen.org: could not connect to host
-oscsdp.cz: did not receive HSTS header
+oscsdp.cz: could not connect to host
osdls.gov: did not receive HSTS header
osha-kimi.com: did not receive HSTS header
oshanko.de: could not connect to host
-oshinagaki.jp: could not connect to host
+oshinagaki.jp: did not receive HSTS header
oslfoundation.org: did not receive HSTS header
osmestres.com: did not receive HSTS header
osp.cx: could not connect to host
@@ -12647,24 +13144,26 @@ ossbinaries.com: could not connect to host
osteammate.com: could not connect to host
ostendorf.com: did not receive HSTS header
osticketawesome.com: did not receive HSTS header
-ostrov8.com: could not connect to host
oswaldmattgroup.com: did not receive HSTS header
otako.pl: did not receive HSTS header
+otakucloud.net: did not receive HSTS header
otakuworld.de: could not connect to host
-otakuyun.com: could not connect to host
otchecker.com: could not connect to host
othercode.nl: could not connect to host
otherkinforum.com: could not connect to host
othermedia.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
otherstuff.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-otichi.com: did not receive HSTS header
+otichi.com: could not connect to host
otinane.eu: could not connect to host
otmns.net: could not connect to host
otmo7.com: could not connect to host
+otoblok.com: did not receive HSTS header
otokonna.com: could not connect to host
otrsdemo.hu: did not receive HSTS header
otsu.beer: could not connect to host
ottospora.nl: could not connect to host
+ouimoove.com: could not connect to host
+ouowo.gq: could not connect to host
ourbank.com: max-age too low: 2592000
ourchoice2016.com: could not connect to host
ouruglyfood.com: could not connect to host
@@ -12677,12 +13176,13 @@ ouvirmusica.com.br: did not receive HSTS header
ovabag.com: did not receive HSTS header
ovenapp.io: did not receive HSTS header
over25tips.com: did not receive HSTS header
+overceny.cz: did not receive HSTS header
override.io: could not connect to host
overrustle.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-overseamusic.de: did not receive HSTS header
oversight.io: could not connect to host
overstappen.nl: did not receive HSTS header
overture.london: did not receive HSTS header
+overwall.org: could not connect to host
ovuscloud.de: could not connect to host
ovwane.com: could not connect to host
owall.ml: did not receive HSTS header
@@ -12718,11 +13218,10 @@ p3in.com: could not connect to host
p3ter.fr: did not receive HSTS header
p8r.de: could not connect to host
paavolastudio.com: did not receive HSTS header
-pabloarteaga.name: did not receive HSTS header
pablocamino.tk: could not connect to host
-pablofain.com: did not receive HSTS header
pablorey-art.com: did not receive HSTS header
pachaiyappas.org: did not receive HSTS header
+pacificpalisadeselectrician.com: could not connect to host
packair.com: did not receive HSTS header
packer.io: did not receive HSTS header
packetapp.ru: could not connect to host
@@ -12757,6 +13256,8 @@ pajonzeck.de: could not connect to host
paket.io: could not connect to host
paket.ml: did not receive HSTS header
paketkreditsuzuki.com: could not connect to host
+pakeystonescholars.gov: could not connect to host
+pakowanie-polska.pl: could not connect to host
paku.me: could not connect to host
palationtrade.com: could not connect to host
palawan.jp: could not connect to host
@@ -12782,8 +13283,10 @@ panjee.com: did not receive HSTS header
panjee.fr: did not receive HSTS header
panlex.org: did not receive HSTS header
panni.me: could not connect to host
+panoma.de: did not receive HSTS header
panoranordic.net: could not connect to host
panos.io: did not receive HSTS header
+panoti.com: could not connect to host
pansu.space: could not connect to host
pantsu.cat: did not receive HSTS header
paolo565.org: did not receive HSTS header
@@ -12811,11 +13314,12 @@ parav.xyz: did not receive HSTS header
pardnoy.com: could not connect to host
parent5446.us: could not connect to host
parentmail.co.uk: did not receive HSTS header
-parfum-baza.ru: did not receive HSTS header
+parfum-baza.ru: could not connect to host
pariga.co.uk: could not connect to host
paris-cyber.fr: did not receive HSTS header
parisdimanche.com: did not receive HSTS header
parishome.jp: could not connect to host
+parisprovincedemenagements.fr: did not receive HSTS header
parisvox.info: did not receive HSTS header
parithy.net: could not connect to host
parkhillsbaptist.church: did not receive HSTS header
@@ -12824,7 +13328,6 @@ parkrocker.com: max-age too low: 604800
parksland.net: did not receive HSTS header
parksubaruoemparts.com: could not connect to host
parkwithark.com: could not connect to host
-parleu2016.nl: could not connect to host
parodybit.net: did not receive HSTS header
parpaing-paillette.net: could not connect to host
parquet-lascazes.fr: did not receive HSTS header
@@ -12833,9 +13336,9 @@ participatorybudgeting.de: did not receive HSTS header
participatorybudgeting.info: did not receive HSTS header
particonpsplus.it: could not connect to host
partirkyoto.jp: did not receive HSTS header
-partiwatch.com: could not connect to host
+partiwatch.com: max-age too low: 2592000
partnerbeam.com: could not connect to host
-partnercardservices.com: did not receive HSTS header
+partnersfcu.org: did not receive HSTS header
partnerwerk.de: did not receive HSTS header
partyhaus.ovh: could not connect to host
partyhireformby.co.uk: did not receive HSTS header
@@ -12846,9 +13349,11 @@ partyvan.it: could not connect to host
partyvan.moe: could not connect to host
partyvan.nl: could not connect to host
partyvan.se: could not connect to host
-pascal-kannchen.de: could not connect to host
pascalchristen.ch: did not receive HSTS header
+pascalspoerri.ch: could not connect to host
pasportaservo.org: did not receive HSTS header
+passendonderwijs.nl: did not receive HSTS header
+passionebenessere.com: did not receive HSTS header
passpilot.co.uk: did not receive HSTS header
passwd.io: did not receive HSTS header
password.codes: could not connect to host
@@ -12863,23 +13368,26 @@ pastenib.com: could not connect to host
paster.li: did not receive HSTS header
pasteros.io: could not connect to host
pastie.se: could not connect to host
+pastorbelgagroenendael.com.br: could not connect to host
pastorcanadense.com.br: could not connect to host
+pastormaremanoabruzes.com.br: could not connect to host
pastorsuico.com.br: could not connect to host
pataua.kiwi: did not receive HSTS header
paternitydnatest.com: could not connect to host
patfs.com: did not receive HSTS header
pathwaytofaith.com: could not connect to host
patientinsight.net: could not connect to host
+patouille-et-gribouille.fr: did not receive HSTS header
patriaco.net: did not receive HSTS header
+patric-lenhart.de: could not connect to host
patrick.dark.name: could not connect to host
patrickbusch.net: could not connect to host
patrickmcnamara.xyz: did not receive HSTS header
patrickneuro.de: could not connect to host
patrickquinn.ca: did not receive HSTS header
patrickschneider.me: could not connect to host
-patt.us: did not receive HSTS header
+patt.us: could not connect to host
patterson.mp: could not connect to host
-paul-bronski.de: could not connect to host
paul-kerebel.pro: could not connect to host
paul-schmidt.de: max-age too low: 0
paulbunyanmls.com: did not receive HSTS header
@@ -12887,13 +13395,10 @@ paulewen.ca: could not connect to host
paulpetersen.dk: did not receive HSTS header
paulproell.at: did not receive HSTS header
paulrudge.codes: could not connect to host
-paulshir.com: could not connect to host
-paulshir.is: could not connect to host
paulyang.cn: did not receive HSTS header
paveljanda.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
pavelkahouseforcisco.com: did not receive HSTS header
pavelstriz.cz: could not connect to host
-pawfriends.org.za: did not receive HSTS header
pawsru.org: could not connect to host
paxdei.com.br: could not connect to host
paxwinkel.nl: could not connect to host
@@ -12912,6 +13417,7 @@ payroll.ch: could not connect to host
paytwopay.com: could not connect to host
payzwin.com: did not receive HSTS header
pb-design.ch: could not connect to host
+pb.ax: could not connect to host
pbapp.net: did not receive HSTS header
pbbr.com: did not receive HSTS header
pbcknd.ml: could not connect to host
@@ -12976,14 +13482,14 @@ peperiot.com: did not receive HSTS header
pepper.dog: could not connect to host
pepperhead.com: did not receive HSTS header
pepperworldhotshop.de: did not receive HSTS header
-pepsicoemployeepreferencesurvey.com: did not receive HSTS header
+pepsicoemployeepreferencesurvey.com: could not connect to host
per-pedes.at: did not receive HSTS header
perdel.cn: could not connect to host
pereuda.com: could not connect to host
perez-marrero.com: could not connect to host
perfect-radiant-wrinkles.com: could not connect to host
perfectionis.me: could not connect to host
-perfectionunite.com: did not receive HSTS header
+perfectionunite.com: could not connect to host
perfectseourl.com: did not receive HSTS header
performancesantafe.org: did not receive HSTS header
performaride.com.au: did not receive HSTS header
@@ -12998,6 +13504,7 @@ perm-juridique.ch: could not connect to host
permanence-juridique.com: could not connect to host
permanencejuridique-ge.ch: could not connect to host
permanencejuridique.com: could not connect to host
+permiscoderoute.fr: did not receive HSTS header
pernatie.ru: could not connect to host
peromsik.com: did not receive HSTS header
perplex.nl: did not receive HSTS header
@@ -13035,31 +13542,32 @@ petplum.com: did not receive HSTS header
petrkrapek.cz: did not receive HSTS header
petrotranz.com: did not receive HSTS header
petrovsky.pro: could not connect to host
+petruzz.net: did not receive HSTS header
petsittersservices.com: could not connect to host
pettsy.com: did not receive HSTS header
peuf.shop: could not connect to host
peuterspeelzaalhoekvanholland.nl: could not connect to host
+pewat.com: could not connect to host
pewboards.com: could not connect to host
pexieapp.com: did not receive HSTS header
peykezamin.ir: did not receive HSTS header
peyote.org: could not connect to host
peytonfarrar.com: could not connect to host
pf.dk: did not receive HSTS header
-pfadfinder-grossauheim.de: could not connect to host
pferdeeinstreu-kaufen.com: did not receive HSTS header
pfgshop.com.br: could not connect to host
pflegedienst-gratia.de: max-age too low: 300
pfo.io: could not connect to host
pfolta.net: could not connect to host
-pfrost.me: could not connect to host
pgcpbc.com: could not connect to host
pgmsource.com: could not connect to host
pgpm.io: could not connect to host
-pgregg.com: did not receive HSTS header
pgtb.be: could not connect to host
phalconist.com: could not connect to host
+phantasie.cc: could not connect to host
pharmaboard.org: did not receive HSTS header
pharmgkb.org: could not connect to host
+phaux.uno: could not connect to host
phcmembers.com: did not receive HSTS header
phdsupply.com: could not connect to host
phdwuda.com: could not connect to host
@@ -13072,6 +13580,7 @@ philadelphiadancefoundation.org: could not connect to host
philipkohn.com: did not receive HSTS header
philipmordue.co.uk: could not connect to host
philippa.cool: could not connect to host
+philippinedroneassociation.org: did not receive HSTS header
phillippi.me: could not connect to host
phillmoore.com: did not receive HSTS header
phillprice.com: did not receive HSTS header
@@ -13079,9 +13588,9 @@ philonas.net: did not receive HSTS header
philpropertygroup.com: could not connect to host
phippsreporting.com: did not receive HSTS header
phishing.rs: did not receive HSTS header
-phocean.net: could not connect to host
phoebe.co.nz: did not receive HSTS header
phoenicis.com.ua: did not receive HSTS header
+phoenics.de: did not receive HSTS header
phoenix.dj: did not receive HSTS header
phonenumberinfo.co.uk: could not connect to host
phongmay24h.com: could not connect to host
@@ -13100,14 +13609,15 @@ php-bach.org: could not connect to host
phpdistribution.com: did not receive HSTS header
phperformances.fr: did not receive HSTS header
phpfashion.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+phpkari.cz: could not connect to host
phr34kz.pw: did not receive HSTS header
phra.gs: could not connect to host
phrasing.me: could not connect to host
+phrive.space: could not connect to host
phryneas.de: did not receive HSTS header
phumin.in.th: did not receive HSTS header
phuong.faith: could not connect to host
physicpezeshki.com: did not receive HSTS header
-pi-box.ml: could not connect to host
pi-eng.fr: did not receive HSTS header
pianetaottica.eu: could not connect to host
pianetaottica.info: could not connect to host
@@ -13121,10 +13631,11 @@ picardiascr.com: could not connect to host
pickr.co: could not connect to host
picone.com.au: could not connect to host
picotronic.biz: could not connect to host
-picsandtours.com: could not connect to host
+picotronic.de: did not receive HSTS header
+picsandtours.com: did not receive HSTS header
picscare.co.uk: did not receive HSTS header
picshare.nz: could not connect to host
-pidatacenters.com: did not receive HSTS header
+pidatacenters.com: could not connect to host
pidomex.com: did not receive HSTS header
piedfeed.com: did not receive HSTS header
pieinsurance.com: did not receive HSTS header
@@ -13136,11 +13647,13 @@ piggott.me.uk: did not receive HSTS header
pigritia.de: could not connect to host
piils.fr: did not receive HSTS header
pikalongwar.com: did not receive HSTS header
+pikeitservices.com.au: did not receive HSTS header
pikmy.com: could not connect to host
pilgermaske.org: did not receive HSTS header
piligrimname.com: could not connect to host
pillowandpepper.com: did not receive HSTS header
pilotcrowd.nl: did not receive HSTS header
+pimg136.com: could not connect to host
pimpmymac.ru: did not receive HSTS header
pimpmypaper.com: could not connect to host
pims.global: did not receive HSTS header
@@ -13156,10 +13669,8 @@ pinkhq.com: did not receive HSTS header
pinkinked.com: could not connect to host
pinoylinux.org: did not receive HSTS header
pinscher.com.br: could not connect to host
-pintosbeeremovals.co.za: did not receive HSTS header
pintoselectrician.co.za: did not receive HSTS header
pioche.ovh: did not receive HSTS header
-pipenny.net: could not connect to host
pippen.io: could not connect to host
pips.rocks: could not connect to host
pir9.com: did not receive HSTS header
@@ -13200,11 +13711,12 @@ pixelpoint.io: did not receive HSTS header
pixelrain.info: could not connect to host
pixi.chat: could not connect to host
pixi.me: did not receive HSTS header
+pixiv.rip: could not connect to host
pixivimg.me: could not connect to host
pizala.de: could not connect to host
pizzacook.ch: did not receive HSTS header
pizzadoc.ch: could not connect to host
-pizzafunny.com.br: did not receive HSTS header
+pizzafunny.com.br: could not connect to host
pizzamc.eu: could not connect to host
pj00100.com: did not receive HSTS header
pj00200.com: did not receive HSTS header
@@ -13213,15 +13725,15 @@ pj00400.com: did not receive HSTS header
pj00600.com: did not receive HSTS header
pj00700.com: did not receive HSTS header
pj00800.com: did not receive HSTS header
-pj009.com: did not receive HSTS header
+pj009.com: could not connect to host
pj00900.com: did not receive HSTS header
pj02.com: did not receive HSTS header
pj83.duckdns.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
pj881988.com: could not connect to host
pjbet.mg: could not connect to host
+pjili.com: did not receive HSTS header
pjsec.tk: could not connect to host
pkautodesign.com: did not receive HSTS header
-pkbjateng.or.id: could not connect to host
pko.ch: did not receive HSTS header
pkschat.com: could not connect to host
plaasprodukte.com: could not connect to host
@@ -13240,29 +13752,28 @@ planete-secu.com: could not connect to host
planetromeo.com: could not connect to host
planformation.com: did not receive HSTS header
planktonholland.com: did not receive HSTS header
-planolowcarb.com: could not connect to host
planpharmacy.com: could not connect to host
plant.ml: could not connect to host
plantroon.com: could not connect to host
plass.hamburg: could not connect to host
plasti-pac.ch: did not receive HSTS header
plasticsurgeryartist.com: max-age too low: 300
-plasticsurgerynola.com: did not receive HSTS header
-plasticsurgeryservices.com: did not receive HSTS header
plastiflex.it: could not connect to host
plasvilledescartaveis.com.br: could not connect to host
platform.lookout.com: could not connect to host
platinumpeek.com: did not receive HSTS header
platomania.eu: did not receive HSTS header
+plattner.club: could not connect to host
play: could not connect to host
play.google.com: did not receive HSTS header (error ignored - included regardless)
playdreamcraft.com.br: did not receive HSTS header
playerhunter.com: did not receive HSTS header
playflick.com: could not connect to host
+playhappywheelsunblocked.com: could not connect to host
playkh.com: did not receive HSTS header
playkinder.com: did not receive HSTS header
playmaker.io: did not receive HSTS header
-playmaza.live: did not receive HSTS header
+playmaza.live: could not connect to host
playmfe.com: could not connect to host
playsoundevents.be: could not connect to host
playsource.co: could not connect to host
@@ -13274,12 +13785,12 @@ pleasure.forsale: could not connect to host
plen.io: could not connect to host
plexi.dyndns.tv: could not connect to host
plexpy13.ddns.net: could not connect to host
+plextv.de: did not receive HSTS header
plexusmd.com: did not receive HSTS header
plfgr.eu.org: could not connect to host
plhdb.org: did not receive HSTS header
plinc.co: could not connect to host
plirt.ru: could not connect to host
-ploader.ru: max-age too low: 604800
plogable.co: could not connect to host
plomberierenga.com: max-age too low: 2592000
plombirator.kz: did not receive HSTS header
@@ -13290,12 +13801,15 @@ plugboard.xyz: could not connect to host
pluggedhead.com: did not receive HSTS header
plumbingboksburg.co.za: did not receive HSTS header
plumbingman.com.au: did not receive HSTS header
+plumnet.ch: could not connect to host
plus-digital.net: could not connect to host
plus-u.com.au: did not receive HSTS header
plus.sandbox.google.com: did not receive HSTS header (error ignored - included regardless)
+plus1s.site: could not connect to host
plus1s.tk: could not connect to host
plushev.com: did not receive HSTS header
plussizereviews.com: could not connect to host
+plustech.id: did not receive HSTS header
plut.org: did not receive HSTS header
pluth.org: did not receive HSTS header
plymouthglassgallery.com: did not receive HSTS header
@@ -13314,6 +13828,7 @@ pneumonline.be: did not receive HSTS header
pneusgppremium.com.br: did not receive HSTS header
pnukee.com: did not receive HSTS header
po.gl: could not connect to host
+poc17.com: could not connect to host
pocakdrops.com: did not receive HSTS header
pocakking.tk: could not connect to host
pocket-lint.com: did not receive HSTS header
@@ -13326,7 +13841,6 @@ podcast.style: could not connect to host
podiumsdiskussion.org: did not receive HSTS header
poed.com.au: could not connect to host
poeg.cz: did not receive HSTS header
-pogetback.pl: could not connect to host
pogoswine.com: could not connect to host
pogs.us: could not connect to host
poiema.com.sg: did not receive HSTS header
@@ -13366,7 +13880,6 @@ polypho.nyc: could not connect to host
polysage.org: did not receive HSTS header
polytechecosystem.vc: could not connect to host
pomardaserra.com: could not connect to host
-pomfe.co: could not connect to host
pompefunebrilariviera.it: could not connect to host
pompompoes.com: could not connect to host
pondof.fish: could not connect to host
@@ -13390,6 +13903,7 @@ popkins.ml: did not receive HSTS header
popkins.tk: could not connect to host
popupsoftplay.com: could not connect to host
poris.web.id: could not connect to host
+pormat.cl: did not receive HSTS header
porn77.info: could not connect to host
pornalpha.com: could not connect to host
pornbay.org: could not connect to host
@@ -13407,7 +13921,6 @@ pornsocket.com: could not connect to host
pornstars.me: did not receive HSTS header
pornteddy.com: could not connect to host
pornultra.net: could not connect to host
-porpcr.com: could not connect to host
porschen.fr: could not connect to host
port.im: did not receive HSTS header
port.social: could not connect to host
@@ -13424,13 +13937,11 @@ portalzine.de: did not receive HSTS header
portefeuillesignalen.nl: could not connect to host
portraitsystem.biz: did not receive HSTS header
poshpak.com: max-age too low: 86400
-positivenames.net: could not connect to host
positivesobrietyinstitute.com: did not receive HSTS header
-post.we.bs: did not receive HSTS header
+posoiu.net: could not connect to host
postback.io: did not receive HSTS header
postcardpayment.com: could not connect to host
postcodegarant.nl: could not connect to host
-postdeck.de: did not receive HSTS header
posters.win: could not connect to host
postscheduler.org: could not connect to host
posylka.de: did not receive HSTS header
@@ -13477,13 +13988,13 @@ pozzitiv.ro: could not connect to host
pozzo-balbi.com: did not receive HSTS header
ppembed.com: did not receive HSTS header
ppoou.co.uk: could not connect to host
-ppoozl.com: could not connect to host
pppo.gov: could not connect to host
ppr-truby.ru: could not connect to host
ppsvcs2.com: did not receive HSTS header
ppuu.org: did not receive HSTS header
ppy3.com: did not receive HSTS header
practodev.com: could not connect to host
+prajwalkoirala.com: could not connect to host
pratinav.xyz: could not connect to host
prattpokemon.com: could not connect to host
praxis-research.info: could not connect to host
@@ -13506,14 +14017,15 @@ premioambiente.it: did not receive HSTS header
premiumzweirad.de: max-age too low: 7776000
prepaidgirl.com: could not connect to host
prepandgo-euro.com: could not connect to host
-preposted.com: did not receive HSTS header
+preposted.com: could not connect to host
preppertactics.com: did not receive HSTS header
preprodfan.gov: could not connect to host
+presbee.com: could not connect to host
prescriptionrex.com: did not receive HSTS header
presentesdegrife.com.br: could not connect to host
presidentials2016.com: could not connect to host
press-anime-nenkan.com: did not receive HSTS header
-press-presse.ca: did not receive HSTS header
+press-presse.ca: max-age too low: 2592000
pressakey.de: did not receive HSTS header
pressenews.net: could not connect to host
pressfreedomfoundation.org: did not receive HSTS header
@@ -13523,26 +14035,24 @@ prestonapp.com: could not connect to host
prettygrouse.com: did not receive HSTS header
prettyphotoart.de: did not receive HSTS header
prettytunesapp.com: could not connect to host
-pretwolk.nl: could not connect to host
pretzlaff.info: did not receive HSTS header
preworkout.me: could not connect to host
prgslab.net: could not connect to host
priceholic.com: could not connect to host
-prideindomination.com: could not connect to host
pridoc.se: did not receive HSTS header
prifo.se: could not connect to host
prijsvergelijken.ml: could not connect to host
prilock.com: did not receive HSTS header
-primaconsulting.net: could not connect to host
primecaplending.com: could not connect to host
primewho.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
primordialsnooze.com: could not connect to host
-primotiles.co.uk: did not receive HSTS header
+primotiles.co.uk: could not connect to host
primotilesandbathrooms.co.uk: max-age too low: 2592000
prinbanat.ngo: did not receive HSTS header
princeagency.com: did not receive HSTS header
princessbackpack.de: could not connect to host
princessmargaretlotto.com: did not receive HSTS header
+principalship.net: could not connect to host
prinesdoma.at: did not receive HSTS header
printerest.io: could not connect to host
printersonline.be: did not receive HSTS header
@@ -13556,6 +14066,7 @@ privacylabs.io: did not receive HSTS header
privacymanatee.com: could not connect to host
privacyrup.net: could not connect to host
privategiant.com: could not connect to host
+privatepokertour.com: could not connect to host
privatstunden.express: could not connect to host
privcloud.cc: could not connect to host
privcloud.org: could not connect to host
@@ -13574,17 +14085,21 @@ procens.us: could not connect to host
proclubs.news: did not receive HSTS header
procode.gq: could not connect to host
procrastinatingengineer.co.uk: could not connect to host
+prodottogiusto.com: could not connect to host
prodpad.com: did not receive HSTS header
produccioneskm.cl: did not receive HSTS header
productgap.com: did not receive HSTS header
productived.net: did not receive HSTS header
producto8.com: did not receive HSTS header
+productoinnovador.com: did not receive HSTS header
+produkttest-online.com: did not receive HSTS header
proesb.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
proesb.net: could not connect to host
profi-durchgangsmelder.de: did not receive HSTS header
profinetz.de: could not connect to host
profivps.com: could not connect to host
profloorstl.com: did not receive HSTS header
+proformer.io: could not connect to host
profpay.com: could not connect to host
profundr.com: could not connect to host
profusion.io: could not connect to host
@@ -13595,6 +14110,7 @@ programmingstudent.com: could not connect to host
progress-technologies.com: could not connect to host
progressivecfo.co.nz: could not connect to host
prohostonline.fi: could not connect to host
+proimpact.it: did not receive HSTS header
proitconsulting.com.au: could not connect to host
proj.org.cn: could not connect to host
project-rune.tech: could not connect to host
@@ -13609,15 +14125,13 @@ projectherogames.xyz: could not connect to host
projectl1b1t1na.tk: could not connect to host
projectmercury.space: did not receive HSTS header
projectte.ch: could not connect to host
-projectunity.io: could not connect to host
projectvault.ovh: did not receive HSTS header
projectx.top: could not connect to host
projekt-umbriel.de: could not connect to host
projektik.cz: did not receive HSTS header
-projet-fly.ch: could not connect to host
projetoresecia.com: could not connect to host
prok.pw: did not receive HSTS header
-prokop.ovh: could not connect to host
+prokop.ovh: did not receive HSTS header
promarketer.net: did not receive HSTS header
promecon-gmbh.de: did not receive HSTS header
promedicalapplications.com: did not receive HSTS header
@@ -13629,6 +14143,7 @@ pronostic-king.fr: could not connect to host
prontocleaners.co.uk: could not connect to host
prontolight.com: did not receive HSTS header
prontomovers.co.uk: could not connect to host
+proobec.cz: did not receive HSTS header
propactrading.com: could not connect to host
propagandism.org: did not receive HSTS header
propepper.net: did not receive HSTS header
@@ -13647,9 +14162,7 @@ prostoporno.sexy: could not connect to host
proteapower.co.za: could not connect to host
protecciondelconsumidor.gov: did not receive HSTS header
proteinnuts.cz: could not connect to host
-proteinnuts.sk: did not receive HSTS header
protonmail.ch: did not receive HSTS header
-protoyou.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
provisionaldriving.com: did not receive HSTS header
provisionircd.tk: did not receive HSTS header
provitacare.com: did not receive HSTS header
@@ -13659,7 +14172,7 @@ proxbox.net: did not receive HSTS header
proxi.cf: could not connect to host
proximato.com: could not connect to host
proxybay.al: could not connect to host
-proxybay.club: could not connect to host
+proxybay.club: did not receive HSTS header
proxybay.info: did not receive HSTS header
proxybay.top: could not connect to host
proxydesk.eu: could not connect to host
@@ -13694,6 +14207,7 @@ pstrozniak.com: could not connect to host
pstudio.me: max-age too low: 0
psw.academy: could not connect to host
psw.consulting: could not connect to host
+psxtr.com: could not connect to host
psychiatrie-betreuung.ch: could not connect to host
psychologie-hofner.at: could not connect to host
psynapse.net.au: could not connect to host
@@ -13714,7 +14228,8 @@ puetter.eu: could not connect to host
pugilares.com.pl: could not connect to host
pugliese.fr: could not connect to host
puhe.se: could not connect to host
-puikheid.nl: could not connect to host
+puhka.me: could not connect to host
+puikheid.nl: did not receive HSTS header
puiterwijk.org: could not connect to host
puli.com.br: could not connect to host
pulledporkheaven.com: could not connect to host
@@ -13730,6 +14245,7 @@ purahealthyliving.com: did not receive HSTS header
purbd.com: did not receive HSTS header
pureessentialoil.biz: max-age too low: 300
pureholisticliving.me: could not connect to host
+purelunch.co.uk: could not connect to host
purewebmasters.com: could not connect to host
purikore.com: could not connect to host
purplehippie.in: did not receive HSTS header
@@ -13737,7 +14253,8 @@ purplez.pw: did not receive HSTS header
purpoz.com.br: could not connect to host
purpspc.com: could not connect to host
push.world: did not receive HSTS header
-pushapp.org: could not connect to host
+pushapp.org: did not receive HSTS header
+pushphp.com: could not connect to host
pushstar.com: max-age too low: 0
puzz.gg: could not connect to host
pvagner.tk: did not receive HSTS header
@@ -13745,8 +14262,9 @@ pwd.ovh: could not connect to host
pwfrance.com: could not connect to host
pwi.agency: did not receive HSTS header
pwm.jp: could not connect to host
-pwnsdx.pw: could not connect to host
+pwnsdx.pw: did not receive HSTS header
pwntr.com: could not connect to host
+pwt.pw: could not connect to host
pxio.de: did not receive HSTS header
pyjiaoyi.cf: could not connect to host
pyol.org: could not connect to host
@@ -13787,6 +14305,7 @@ qirinus.com: did not receive HSTS header
qiuxian.ddns.net: could not connect to host
qixxit.de: did not receive HSTS header
qkka.org: did not receive HSTS header
+qkzy.net: did not receive HSTS header
qldconservation.org: could not connect to host
qnatek.org: could not connect to host
qonqa.de: did not receive HSTS header
@@ -13804,6 +14323,7 @@ qrforex.com: did not receive HSTS header
qrlending.com: could not connect to host
qrlfinancial.com: could not connect to host
qswoo.org: could not connect to host
+qtap.me: could not connect to host
qto.org: could not connect to host
quaedam.org: did not receive HSTS header
quail.solutions: could not connect to host
@@ -13829,7 +14349,7 @@ quarus.net: could not connect to host
quebecmailbox.com: could not connect to host
queenbrownie.com.br: could not connect to host
queenshaflo.com: could not connect to host
-queextensiones.com: did not receive HSTS header
+queercinema.ch: could not connect to host
quelmandataire.fr: did not receive HSTS header
querkommentar.de: did not receive HSTS header
queroreceitasoberana.com.br: did not receive HSTS header
@@ -13837,6 +14357,7 @@ queryplayground.com: could not connect to host
questionable.host: could not connect to host
questions-admin.com: did not receive HSTS header
questionyu.com: did not receive HSTS header
+questoj.cn: did not receive HSTS header
questsandrewards.com: could not connect to host
quic.fr: did not receive HSTS header
quickandroid.tools: could not connect to host
@@ -13844,6 +14365,7 @@ quickpayservice.com: could not connect to host
quietus.gq: could not connect to host
quikrmovies.to: could not connect to host
quikstorhawaii.com: max-age too low: 300
+quilmo.com: could not connect to host
quimsertek.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
quizionic.com: could not connect to host
quizl.io: did not receive HSTS header
@@ -13857,23 +14379,22 @@ qweepi.de: could not connect to host
qwertyatom100.me: could not connect to host
qwilink.me: did not receive HSTS header
qybot.cc: did not receive HSTS header
-r-ay.club: did not receive HSTS header
+r-ay.club: could not connect to host
r-core.org: could not connect to host
r-core.ru: could not connect to host
r-cut.fr: could not connect to host
r-rickroll-u.pw: could not connect to host
-r0uzic.net: could not connect to host
+r0t.co: could not connect to host
+r0uzic.net: did not receive HSTS header
r10n.com: did not receive HSTS header
r15.me: did not receive HSTS header
r18.moe: could not connect to host
raajheshkannaa.com: could not connect to host
rabbitvcactus.eu: did not receive HSTS header
rabota-x.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-rabotaescort.com: did not receive HSTS header
racasdecachorro.org: could not connect to host
-racdek.com: max-age too low: 300
-racdek.net: max-age too low: 300
-racdek.nl: max-age too low: 300
+racdek.net: max-age too low: 2628000
+racdek.nl: max-age too low: 2628000
rachaelrussell.com: did not receive HSTS header
rackblue.com: could not connect to host
racktear.com: did not receive HSTS header
@@ -13885,13 +14406,13 @@ raddavarden.nu: did not receive HSTS header
radicaleducation.net: could not connect to host
radioactivenetwork.xyz: could not connect to host
radioafibra.com.br: could not connect to host
+radionicabg.com: could not connect to host
radior9.it: could not connect to host
radom-pack.pl: could not connect to host
-radtke.bayern: could not connect to host
+radtke.bayern: did not receive HSTS header
rafaelcz.de: could not connect to host
raft.pub: could not connect to host
-rage-overload.ch: could not connect to host
-rage.rip: could not connect to host
+raghavdua.in: could not connect to host
ragingserenity.com: did not receive HSTS header
ragnaroktop.com.br: could not connect to host
rahadiana.com: could not connect to host
@@ -13900,18 +14421,16 @@ rai-co.net: did not receive HSTS header
raiblockscommunity.net: could not connect to host
raidstone.com: could not connect to host
raidstone.rocks: could not connect to host
-raiffeisen-kosovo.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
railjob.cn: could not connect to host
railyardurgentcare.com: did not receive HSTS header
rainbin.com: could not connect to host
rainbowbarracuda.com: could not connect to host
-raisecorp.com: could not connect to host
raitza.de: could not connect to host
rakugaki.cn: could not connect to host
ramatola.uk: could not connect to host
rambii.de: could not connect to host
ramblingrf.tech: could not connect to host
-ramezanloo.com: could not connect to host
+ramezanloo.com: did not receive HSTS header
ramitmittal.com: could not connect to host
ramon-c.nl: could not connect to host
ramonj.nl: could not connect to host
@@ -13928,21 +14447,25 @@ rantanda.com: could not connect to host
rany.duckdns.org: could not connect to host
rany.io: did not receive HSTS header
rany.pw: could not connect to host
+ranyeh.co: could not connect to host
+rapdogg.com: could not connect to host
raphaelmoura.ddns.net: could not connect to host
rapidemobile.com: did not receive HSTS header
rapidflow.io: could not connect to host
rapido.nu: could not connect to host
rapidresearch.me: could not connect to host
rapidthunder.io: could not connect to host
+rasebo.ro: could not connect to host
rasing.me: max-age too low: 43200
raspass.me: did not receive HSTS header
raspberry.us: could not connect to host
raspberryultradrops.com: did not receive HSTS header
+raspitec.ddns.net: could not connect to host
rastreador.com.es: did not receive HSTS header
-rastreie.net: did not receive HSTS header
+rastreie.net: could not connect to host
ratajczak.fr: could not connect to host
rate-esport.de: could not connect to host
-rathorian.fr: did not receive HSTS header
+rathorian.fr: could not connect to host
rationem.nl: did not receive HSTS header
ratuseks.com: could not connect to host
ratuseks.net: could not connect to host
@@ -13950,12 +14473,13 @@ ratuseks.us: could not connect to host
rauchenwald.net: could not connect to host
raucris.ro: could not connect to host
raulfraile.net: could not connect to host
-raum4224.de: max-age too low: 0
-rautermods.net: could not connect to host
+rautermods.net: did not receive HSTS header
ravage.fm: did not receive HSTS header
raven.lipetsk.ru: could not connect to host
ravengergaming.ga: could not connect to host
ravengergaming.net: could not connect to host
+ravenx.me: could not connect to host
+raviparekh.co.uk: could not connect to host
ravse.dk: could not connect to host
raw-diets.com: could not connect to host
rawet.se: could not connect to host
@@ -13985,6 +14509,7 @@ rburchell.com: did not receive HSTS header
rbxcatalog.com: could not connect to host
rc4.io: could not connect to host
rc7.ch: could not connect to host
+rca.ink: could not connect to host
rcafox.com: could not connect to host
rcoliveira.com: could not connect to host
rcorporation.be: did not receive HSTS header
@@ -13993,8 +14518,6 @@ rcraigmurphy.net: could not connect to host
rcvd.io: did not receive HSTS header
rcx.io: could not connect to host
rdfz.tech: could not connect to host
-rdh.asia: could not connect to host
-rdns.cc: could not connect to host
rdns.im: did not receive HSTS header
rdplumbingsolutions.com.au: did not receive HSTS header
rdxsattamatka.mobi: could not connect to host
@@ -14003,6 +14526,7 @@ re-customer.net: could not connect to host
re-wilding.com: could not connect to host
reachr.com: could not connect to host
reactdatepicker.com: did not receive HSTS header
+reactions.ai: could not connect to host
reactor92.com: could not connect to host
reader.ga: could not connect to host
readify.com.au: did not receive HSTS header
@@ -14022,7 +14546,6 @@ realfamilyincest.com: could not connect to host
realgarant-shop.de: did not receive HSTS header
realhost.name: could not connect to host
realincest.tv: could not connect to host
-really.ai: could not connect to host
really.io: did not receive HSTS header
reallyreally.io: did not receive HSTS header
realmic.net: could not connect to host
@@ -14035,6 +14558,7 @@ reaper.rip: could not connect to host
reardenporn.com: could not connect to host
rebekaesgabor.online: could not connect to host
rebootmc.com: could not connect to host
+rebtoor.com: could not connect to host
receitas-de-bolos.pt: could not connect to host
receitasdebacalhau.pt: could not connect to host
receptionsbook.com: could not connect to host
@@ -14048,6 +14572,7 @@ recreation.gov: did not receive HSTS header
recruitsecuritytraining.co.uk: could not connect to host
recruitsecuritytraining.com: could not connect to host
rectoraudiparts.com: could not connect to host
+red-trigger.net: did not receive HSTS header
redair.es: could not connect to host
redar.xyz: could not connect to host
redburn.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -14056,12 +14581,15 @@ reddiseals.com: [Exception... "Component returned failure code: 0x80004005 (NS_E
reddit.com: did not receive HSTS header
rede.ca: did not receive HSTS header
redeemingbeautyminerals.com: max-age too low: 0
+redespaulista.com: did not receive HSTS header
redheeler.com.br: could not connect to host
redhorsemountainranch.com: did not receive HSTS header
redicabo.de: could not connect to host
+redigest.it: max-age too low: 0
redirectman.com: could not connect to host
redizoo.com: did not receive HSTS header
redlatam.org: did not receive HSTS header
+redletter.link: could not connect to host
redmbk.com: did not receive HSTS header
redneck-gaming.de: did not receive HSTS header
redner.cc: did not receive HSTS header
@@ -14114,6 +14642,7 @@ reinaertvandecruys.com: could not connect to host
reinaertvandecruys.me: could not connect to host
reineberthe.ch: could not connect to host
reinoldus.ddns.net: could not connect to host
+reisenbauer.ee: could not connect to host
reismil.ch: could not connect to host
reisyukaku.org: did not receive HSTS header
reithguard-it.de: did not receive HSTS header
@@ -14131,34 +14660,36 @@ rem.pe: did not receive HSTS header
rema.site: did not receive HSTS header
remain.london: could not connect to host
remedica.fr: could not connect to host
-remedioparaherpes.com: did not receive HSTS header
-remedios-caserospara.com: did not receive HSTS header
+remedioscaserosparalacistitis.com: did not receive HSTS header
remedium.de: could not connect to host
remedyrehab.com: did not receive HSTS header
rememberthis.co.za: could not connect to host
remodela.com.ve: could not connect to host
remodelwithlegacy.com: did not receive HSTS header
remonttitekniikka.fi: could not connect to host
-remoteham.com: could not connect to host
remotestance.com: did not receive HSTS header
rencaijia.com: did not receive HSTS header
rencontres-erotiques.com: did not receive HSTS header
-reneclemens.nl: max-age too low: 300
-renedekoeijer.nl: max-age too low: 300
-renewed.technology: could not connect to host
+rene-guitton.fr: did not receive HSTS header
+reneclemens.nl: max-age too low: 2628000
+renedekoeijer.nl: max-age too low: 2628000
rengarenkblog.com: could not connect to host
renideo.fr: could not connect to host
renkhosting.com: could not connect to host
renlong.org: did not receive HSTS header
rennfire.org: could not connect to host
renrenss.com: could not connect to host
+renscreations.com: could not connect to host
rentacarcluj.xyz: did not receive HSTS header
rentalmed.com.br: did not receive HSTS header
+rentasweb.gob.ar: did not receive HSTS header
rentbrowser.com: could not connect to host
rentbrowsertrain.me: could not connect to host
rentcarassist.com: could not connect to host
renteater.com: could not connect to host
rentex.com: did not receive HSTS header
+reo.gov: could not connect to host
+reorz.com: could not connect to host
reparo.pe: did not receive HSTS header
repex.co.il: could not connect to host
replaceits.me: could not connect to host
@@ -14181,6 +14712,7 @@ reptilauksjonen.no: could not connect to host
republicmo.gov: could not connect to host
repustate.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
reqognize.com: could not connect to host
+reqrut.net: could not connect to host
request-trent.com: could not connect to host
res-rheingau.de: could not connect to host
res42.com: did not receive HSTS header
@@ -14200,6 +14732,8 @@ restaurantemiperu.com: did not receive HSTS header
restaurantesimonetti.com.br: could not connect to host
restaurantmangal.ch: could not connect to host
restchart.com: did not receive HSTS header
+rester-a-domicile.ch: could not connect to host
+rester-autonome-chez-soi.ch: could not connect to host
restioson.me: could not connect to host
restopro.nyc: could not connect to host
restoreresearchstudy.com: could not connect to host
@@ -14236,6 +14770,7 @@ reykjavik.guide: could not connect to host
rezun.cloud: did not receive HSTS header
rf.tn: could not connect to host
rfeif.org: could not connect to host
+rfxanalyst.com: could not connect to host
rgservers.com: did not receive HSTS header
rhapsodhy.hu: could not connect to host
rhdigital.pro: could not connect to host
@@ -14244,10 +14779,10 @@ rhering.de: could not connect to host
rhetthenckel.com: max-age too low: 0
rheuma-online.de: could not connect to host
rhiskiapril.com: could not connect to host
+rhnet.at: could not connect to host
rhodes.ml: could not connect to host
rhodesianridgeback.com.br: could not connect to host
rhodosdreef.nl: could not connect to host
-riaucybersolution.net: did not receive HSTS header
ribopierre.fr: could not connect to host
riceglue.com: could not connect to host
richamorindonesia.com: did not receive HSTS header
@@ -14277,20 +14812,21 @@ riesenmagnete.de: could not connect to host
riester.pl: did not receive HSTS header
right-to-love.name: did not receive HSTS header
right2.org: could not connect to host
+rightcapital.com: did not receive HSTS header
righteousendeavour.com: could not connect to host
righttoknow.ie: did not receive HSTS header
rijndael.xyz: could not connect to host
rijnmondeg.nl: did not receive HSTS header
rika.me: could not connect to host
+rimediogiusto.com: could not connect to host
rincon-nsn.gov: could not connect to host
ring0.xyz: did not receive HSTS header
ringh.am: could not connect to host
rinj.se: did not receive HSTS header
rionewyork.com.br: could not connect to host
-ripa.io: did not receive HSTS header
+ripa.io: could not connect to host
ripple.com: did not receive HSTS header
rippleunion.com: could not connect to host
-ris.fi: could not connect to host
risi-china.com: could not connect to host
risingsun.red: could not connect to host
riskmgt.com.au: could not connect to host
@@ -14299,13 +14835,11 @@ ristorantefattoamano.eu: could not connect to host
rithm.ch: did not receive HSTS header
rittis.ru: did not receive HSTS header
rivagecare.it: did not receive HSTS header
-riverbed.com: did not receive HSTS header
rivercruiseadvisor.com: did not receive HSTS header
rivermendhealthcenters.com: did not receive HSTS header
riversideauto.net: did not receive HSTS header
riverstyxgame.com: could not connect to host
rivlo.com: could not connect to host
-riwick.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
rj.gg: could not connect to host
rjnutrition.consulting: did not receive HSTS header
rk6.cz: could not connect to host
@@ -14325,13 +14859,15 @@ roan24.pl: did not receive HSTS header
roave.com: could not connect to host
rob.uk.com: did not receive HSTS header
robertabittle.com: could not connect to host
-robertbln.com: could not connect to host
+robertg.me: did not receive HSTS header
+robertglastra.com: could not connect to host
roberto-webhosting.nl: could not connect to host
robertocasares.no-ip.biz: could not connect to host
robi-net.it: could not connect to host
robin-novotny.com: could not connect to host
-robinadr.com: could not connect to host
+robinadr.com: did not receive HSTS header
robomonkey.org: could not connect to host
+robtatemusic.com: could not connect to host
robteix.com: did not receive HSTS header
robtex.net: did not receive HSTS header
robtex.org: did not receive HSTS header
@@ -14339,6 +14875,7 @@ robust.ga: could not connect to host
roc.net.au: could not connect to host
rochman.id: did not receive HSTS header
rockcellar.ch: could not connect to host
+rocketgnomes.com: could not connect to host
rocketnet.ml: could not connect to host
rockeyscrivo.com: did not receive HSTS header
rocksberg.net: could not connect to host
@@ -14359,6 +14896,7 @@ rofrank.space: could not connect to host
rogeiro.net: could not connect to host
roger101.com: did not receive HSTS header
rogerdat.ovh: could not connect to host
+roguesignal.net: could not connect to host
rohanbassett.com: could not connect to host
rohankrishnadev.in: could not connect to host
rohlik.cz: did not receive HSTS header
@@ -14372,7 +14910,7 @@ rolroer.co.za: could not connect to host
romaimperator.com: did not receive HSTS header
romainmuller.xyz: did not receive HSTS header
romans-place.me.uk: could not connect to host
-romantic-quotes.co.uk: could not connect to host
+romantic-quotes.co.uk: did not receive HSTS header
romanticschemermovie.com: could not connect to host
romeoferraris.com: did not receive HSTS header
romleg.cf: could not connect to host
@@ -14391,7 +14929,7 @@ rool.me: did not receive HSTS header
roolevoi.ru: could not connect to host
room-checkin24.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
roomongo.com: did not receive HSTS header
-roosteroriginals.com: could not connect to host
+roosterpgplus.nl: did not receive HSTS header
rootbsd.at: could not connect to host
rootforum.org: did not receive HSTS header
rootrelativity.com: could not connect to host
@@ -14401,6 +14939,7 @@ rop.io: did not receive HSTS header
roquecenter.org: did not receive HSTS header
roromendut.online: could not connect to host
rorymcdaniel.com: could not connect to host
+roseofyork.com: did not receive HSTS header
rosetiger.life: could not connect to host
rosewoodranch.com: did not receive HSTS header
roshiya.co.in: could not connect to host
@@ -14408,6 +14947,7 @@ rosi-royal.com: could not connect to host
rospa100.com: did not receive HSTS header
rossclark.com: did not receive HSTS header
rossen.be: did not receive HSTS header
+rossfrancis.co.uk: did not receive HSTS header
rossiworld.com: did not receive HSTS header
rosslug.org.uk: could not connect to host
rotex1840.de: did not receive HSTS header
@@ -14422,10 +14962,50 @@ rous.se: could not connect to host
rouvray.org: could not connect to host
royal-forest.org: max-age too low: 0
royal-mangal.ch: could not connect to host
+royal806.com: did not receive HSTS header
+royal810.com: could not connect to host
+royal811.com: could not connect to host
+royal816.com: could not connect to host
+royal817.com: could not connect to host
+royal830.com: could not connect to host
+royal833.com: did not receive HSTS header
+royal851.com: could not connect to host
+royal852.com: did not receive HSTS header
+royal855.com: could not connect to host
+royal856.com: did not receive HSTS header
+royal857.com: did not receive HSTS header
+royal859.com: did not receive HSTS header
+royal86.com: did not receive HSTS header
+royal861.com: did not receive HSTS header
+royal865.com: did not receive HSTS header
+royal869.com: did not receive HSTS header
+royal872.com: could not connect to host
+royal873.com: did not receive HSTS header
+royal875.com: did not receive HSTS header
royal876.com: could not connect to host
+royal877.com: could not connect to host
+royal879.com: could not connect to host
+royal88.tech: did not receive HSTS header
+royal881.com: could not connect to host
+royal882.com: could not connect to host
+royal883.com: could not connect to host
+royal885.com: did not receive HSTS header
+royal886.com: did not receive HSTS header
+royal887.com: did not receive HSTS header
+royal888888.com: did not receive HSTS header
+royal889.com: did not receive HSTS header
+royal890.com: could not connect to host
+royal891.com: could not connect to host
+royal892.com: could not connect to host
+royal893.com: could not connect to host
+royal894.com: could not connect to host
+royal895.com: could not connect to host
+royal896.com: did not receive HSTS header
+royal899.com: did not receive HSTS header
royalhop.co: could not connect to host
royalsignaturecruise.com: could not connect to host
royaltube.net: could not connect to host
+royalyule.com: did not receive HSTS header
roychan.org: max-age too low: 0
royzez.com: could not connect to host
rozalisbengal.ro: could not connect to host
@@ -14434,7 +15014,8 @@ rpasafrica.com: could not connect to host
rr.in.th: could not connect to host
rring.me: could not connect to host
rritv.com: could not connect to host
-rrke.cc: did not receive HSTS header
+rrke.cc: could not connect to host
+rro.rs: could not connect to host
rrom.me: did not receive HSTS header
rs-devdemo.host: could not connect to host
rsajeey.info: could not connect to host
@@ -14450,6 +15031,7 @@ rsships.com: could not connect to host
rstraining.co.uk: did not receive HSTS header
rstsecuritygroup.co.uk: could not connect to host
rtc.fun: could not connect to host
+rtd.uk.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
rtfpessoa.xyz: did not receive HSTS header
rtho.me: did not receive HSTS header
rttss.com: could not connect to host
@@ -14463,6 +15045,8 @@ rubendv.be: did not receive HSTS header
rubenschulz.nl: did not receive HSTS header
rubi-ka.net: max-age too low: 0
ruborr.se: did not receive HSTS header
+rubyquincunx.com: could not connect to host
+rubyquincunx.org: could not connect to host
rubysecurity.org: did not receive HSTS header
rubyshop.nl: could not connect to host
rudeotter.com: did not receive HSTS header
@@ -14472,7 +15056,7 @@ ruflay.ru: could not connect to host
rugirlfriend.com: could not connect to host
rugs.ca: did not receive HSTS header
rugstorene.co.uk: did not receive HSTS header
-ruhr3.de: could not connect to host
+ruhr3.de: did not receive HSTS header
ruig.jp: could not connect to host
ruigomes.me: did not receive HSTS header
ruitershoponline.nl: did not receive HSTS header
@@ -14481,11 +15065,9 @@ rukhaiyar.com: could not connect to host
rullzer.com: did not receive HSTS header
rummel-platz.de: could not connect to host
rumoterra.com.br: could not connect to host
-run-forrest.run: could not connect to host
runawebinar.nl: could not connect to host
runcarina.com: could not connect to host
rundumcolumn.xyz: could not connect to host
-runefake.com: did not receive HSTS header
runementors.com: could not connect to host
runhardt.eu: did not receive HSTS header
runtl.com: did not receive HSTS header
@@ -14496,7 +15078,6 @@ rusadmin.biz: did not receive HSTS header
rusl.me: could not connect to host
rusl.net: did not receive HSTS header
russmarshall.com: could not connect to host
-russpuss.ru: did not receive HSTS header
rustbyexample.com: did not receive HSTS header
rustfanatic.com: did not receive HSTS header
rustralasia.net: max-age too low: 0
@@ -14510,9 +15091,11 @@ rvolve.net: could not connect to host
rw-solutions.tech: could not connect to host
rwanderlust.com: did not receive HSTS header
rwgamernl.ml: could not connect to host
+rxgroup.io: could not connect to host
rxprep.com: did not receive HSTS header
rxt.social: could not connect to host
rxv.cc: could not connect to host
+ryancarter.co.uk: did not receive HSTS header
ryanroberts.co.uk: could not connect to host
ryanteck.uk: did not receive HSTS header
rybox.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -14520,6 +15103,7 @@ ryejuice.sytes.net: could not connect to host
rylin.net: did not receive HSTS header
rylore.com: could not connect to host
ryssland.guide: could not connect to host
+ryyule.com: did not receive HSTS header
ryzex.de: could not connect to host
rzegroup.com: did not receive HSTS header
s-d-v.ch: could not connect to host
@@ -14528,27 +15112,28 @@ s-on.li: could not connect to host
s-rickroll-p.pw: could not connect to host
s.how: could not connect to host
s0923.com: could not connect to host
-s0laris.co.uk: could not connect to host
s1mplescripts.de: could not connect to host
s1ris.org: did not receive HSTS header
s3cases.com: did not receive HSTS header
+s3gfault.com: could not connect to host
s3n.se: could not connect to host
-s4ur0n.com: could not connect to host
saabwa.org: could not connect to host
sabatek.pl: did not receive HSTS header
sabrinajoiasprontaentrega.com.br: could not connect to host
sabtunes.com: did not receive HSTS header
sac-shop.com: did not receive HSTS header
+saccounty.gov: could not connect to host
sacharidovejednotky.eu: could not connect to host
sachk.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
sackers.com: did not receive HSTS header
saco-ceso.com: could not connect to host
sadiejanehair.com: could not connect to host
+sadmansh.com: could not connect to host
sadsu.com: did not receive HSTS header
saenforcement.agency: could not connect to host
safari-afrique.com: did not receive HSTS header
safe.space: could not connect to host
-safedevice.net: did not receive HSTS header
+safedevice.net: could not connect to host
safelist.eu: did not receive HSTS header
safemovescheme.co.uk: could not connect to host
safemt.gov: could not connect to host
@@ -14566,11 +15151,10 @@ sageth.com: could not connect to host
sah3.net: could not connect to host
saigonstar.de: could not connect to host
sail-nyc.com: did not receive HSTS header
-saimoe.org: did not receive HSTS header
saint-astier-triathlon.com: did not receive HSTS header
+saintefoy-tarentaise.com: did not receive HSTS header
saintjohnlutheran.church: did not receive HSTS header
saintmichelqud.com: did not receive HSTS header
-saintw.com: could not connect to host
sairai.bid: could not connect to host
saiyasu-search.com: did not receive HSTS header
sakaserver.com: did not receive HSTS header
@@ -14581,10 +15165,9 @@ sale.sh: did not receive HSTS header
saleaks.org: could not connect to host
salearnership.co.za: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
saleslift.pl: could not connect to host
-salishseawhalewatching.ca: could not connect to host
+salishseawhalewatching.ca: did not receive HSTS header
sallysubs.com: could not connect to host
salmo23.com.br: could not connect to host
-salmonrecovery.gov: could not connect to host
salon-claudia.ch: could not connect to host
salonestella.it: could not connect to host
salserocafe.com: did not receive HSTS header
@@ -14592,20 +15175,23 @@ salserototal.com: could not connect to host
saltedskies.com: could not connect to host
saltra.online: could not connect to host
saltro.nl: did not receive HSTS header
-saludsexualmasculina.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+saludsexualmasculina.org: did not receive HSTS header
salvaalocombia.com: could not connect to host
salverainha.org: could not connect to host
salzamt.tk: could not connect to host
+samanacafe.com: could not connect to host
samanthahumphreysstudio.com: did not receive HSTS header
+samanthasicecream.com: could not connect to host
samaritan.tech: could not connect to host
samaritansnet.org: did not receive HSTS header
sametovymesic.cz: could not connect to host
samin.tk: could not connect to host
+samip.fi: did not receive HSTS header
saml2.com: could not connect to host
samlamac.com: could not connect to host
samm.com.au: did not receive HSTS header
sammenlignakasser.dk: did not receive HSTS header
-sammyjohnson.com: could not connect to host
+sammyslimos.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
samp.im: could not connect to host
sampcup.com: could not connect to host
sampoznay.ru: could not connect to host
@@ -14616,7 +15202,7 @@ samsungxoa.com: could not connect to host
samvanderkris.com: could not connect to host
samvanderkris.xyz: did not receive HSTS header
samyerkes.com: did not receive HSTS header
-san-mian-ka.ml: could not connect to host
+san-mian-ka.ml: did not receive HSTS header
sanalbayrak.com: could not connect to host
sanandreasstories.com: did not receive HSTS header
sanasalud.org: could not connect to host
@@ -14624,10 +15210,11 @@ sanatfilan.com: did not receive HSTS header
sanatrans.com: could not connect to host
sanchez.adv.br: could not connect to host
sanderknape.com: did not receive HSTS header
+sandtonvipcompanions.com: did not receive HSTS header
sandviks.com: did not receive HSTS header
sanguoxiu.com: could not connect to host
sanhei.ch: did not receive HSTS header
-sanik.my: could not connect to host
+sanik.my: did not receive HSTS header
sanmuding.com: could not connect to host
sanradon.by: did not receive HSTS header
sansage.com.br: did not receive HSTS header
@@ -14710,9 +15297,8 @@ sbox-archives.com: could not connect to host
sbsrv.ml: could not connect to host
sby.de: did not receive HSTS header
sc4le.com: could not connect to host
+scaarus.com: could not connect to host
scaffoldhireeastrand.co.za: did not receive HSTS header
-scaffoldhirefourways.co.za: did not receive HSTS header
-scaffoldhirerandburg.co.za: did not receive HSTS header
scaffoldhiresandton.co.za: did not receive HSTS header
scala.click: did not receive HSTS header
scannabi.com: could not connect to host
@@ -14722,7 +15308,8 @@ schaafenstrasse.koeln: could not connect to host
schachburg.de: did not receive HSTS header
schadegarant.net: could not connect to host
schalkoortbv.nl: did not receive HSTS header
-schatmeester.be: could not connect to host
+schaper-sport.com: did not receive HSTS header
+schatmeester.be: did not receive HSTS header
schau-rein.co.at: did not receive HSTS header
schauer.so: could not connect to host
schd.io: did not receive HSTS header
@@ -14738,8 +15325,8 @@ schmitz.link: could not connect to host
schneider-electric.tg: did not receive HSTS header
schnell-abnehmen.tips: could not connect to host
schnell-gold.com: could not connect to host
-schnellsuche.de: could not connect to host
scholl.io: could not connect to host
+schollbox.de: could not connect to host
school.in.th: could not connect to host
schooli.io: could not connect to host
schooltrends.co.uk: did not receive HSTS header
@@ -14770,6 +15357,7 @@ science-anatomie.com: did not receive HSTS header
scienceathome.org: did not receive HSTS header
sciencemonster.co.uk: could not connect to host
scionasset.com: did not receive HSTS header
+sciototownship-oh.gov: did not receive HSTS header
scivillage.com: did not receive HSTS header
sckc.stream: could not connect to host
sclgroup.cc: did not receive HSTS header
@@ -14778,6 +15366,8 @@ scooshonline.co.uk: did not receive HSTS header
scopea.fr: max-age too low: 0
score-savers.com: max-age too low: 10540800
scores4schools.com: could not connect to host
+scorobudem.ru: could not connect to host
+scorocode.ru: did not receive HSTS header
scotbirchfield.com: did not receive HSTS header
scottainslie.me.uk: could not connect to host
scottdial.com: did not receive HSTS header
@@ -14790,14 +15380,15 @@ scottynordstrom.org: could not connect to host
scourt.info: max-age too low: 0
scourt.org.ua: could not connect to host
scoutdb.ch: did not receive HSTS header
+scpartyentertainment.co.uk: did not receive HSTS header
scrambl.is: could not connect to host
-scramble.io: did not receive HSTS header
+scramble.io: could not connect to host
scrambler.in: could not connect to host
scrapings.net: could not connect to host
-screencaster.io: did not receive HSTS header
+screencaster.io: could not connect to host
screenresolution.space: could not connect to host
screensaversplanet.com: did not receive HSTS header
-scribbleserver.com: could not connect to host
+scribbleserver.com: did not receive HSTS header
scribe.systems: could not connect to host
scrion.com: could not connect to host
script.google.com: did not receive HSTS header (error ignored - included regardless)
@@ -14809,6 +15400,8 @@ scrollstory.com: did not receive HSTS header
scruffymen.com: could not connect to host
scrumplex.net: did not receive HSTS header
sctm.at: could not connect to host
+scuters.club: could not connect to host
+scw.com: did not receive HSTS header
scw.nz: could not connect to host
scwilliams.co.uk: could not connect to host
scwilliams.uk: could not connect to host
@@ -14827,9 +15420,10 @@ seans.cc: did not receive HSTS header
seanstrout.com: did not receive HSTS header
seansyardservice.com: did not receive HSTS header
searchgov.gov.il: did not receive HSTS header
-searchshops.com: could not connect to host
+searchshops.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
searx.pw: could not connect to host
-searx.xyz: did not receive HSTS header
+seatshare.co.uk: did not receive HSTS header
+seattleprivacy.org: could not connect to host
seavancouver.com: did not receive HSTS header
sebastian-bair.de: could not connect to host
sebastian-lutsch.de: could not connect to host
@@ -14842,10 +15436,10 @@ sebster.com: did not receive HSTS header
sec4share.me: did not receive HSTS header
secandtech.com: could not connect to host
secanje.nl: did not receive HSTS header
-secboom.com: could not connect to host
+secboom.com: did not receive HSTS header
seccomp.ru: did not receive HSTS header
seceye.cn: could not connect to host
-secitem.at: did not receive HSTS header
+secitem.at: could not connect to host
secitem.de: could not connect to host
secitem.eu: could not connect to host
secnet.ga: could not connect to host
@@ -14879,6 +15473,7 @@ secureideas.com: did not receive HSTS header
secureindia.co: could not connect to host
secureradio.net: could not connect to host
securesuisse.ch: could not connect to host
+securetronic.ch: could not connect to host
securita.eu: did not receive HSTS header
security-carpet.com: could not connect to host
security-thoughts.org: could not connect to host
@@ -14915,10 +15510,10 @@ seefunk.net: did not receive HSTS header
seehimnaked.com: could not connect to host
seehimnude.com: could not connect to host
seehisnudes.com: could not connect to host
-seekthe.net: could not connect to host
+seekthe.net: did not receive HSTS header
seele.ca: could not connect to host
seemeasaperson.com: did not receive HSTS header
-seen.life: could not connect to host
+seen.life: did not receive HSTS header
sehenderson.com: did not receive HSTS header
seida.at: could not connect to host
seiko-dojo.com: could not connect to host
@@ -14937,8 +15532,7 @@ selfhosters.com: could not connect to host
selfie-france.fr: could not connect to host
selfserverx.com: could not connect to host
selitysvideot.fi: did not receive HSTS header
-selldorado.com: could not connect to host
-sellercritic.com: did not receive HSTS header
+sellercritic.com: could not connect to host
sellocdn.com: could not connect to host
sellservs.co.za: could not connect to host
seltendoof.de: could not connect to host
@@ -14947,6 +15541,7 @@ semen3325.xyz: could not connect to host
semenkovich.com: did not receive HSTS header
sementes.gratis: could not connect to host
semianalog.com: could not connect to host
+semirben.de: max-age too low: 172800
semmlers.com: did not receive HSTS header
semps-servers.de: could not connect to host
sendash.com: did not receive HSTS header
@@ -14960,8 +15555,7 @@ sensibus.com: did not receive HSTS header
sensoft-int.com: could not connect to host
sensoft-int.net: could not connect to host
sensualism.com: could not connect to host
-sentic.info: did not receive HSTS header
-seo-lagniappe.com: could not connect to host
+seo-lagniappe.com: did not receive HSTS header
seoarchive.org: could not connect to host
seobot.com.au: could not connect to host
seoenmexico.com.mx: did not receive HSTS header
@@ -14975,12 +15569,14 @@ seomen.biz: could not connect to host
seomobo.com: could not connect to host
seosanantonioinc.com: did not receive HSTS header
seoscribe.net: could not connect to host
+seosec.xyz: could not connect to host
seotronix.net: did not receive HSTS header
seowarp.net: did not receive HSTS header
sep23.ru: did not receive HSTS header
sepakbola.win: could not connect to host
sephr.com: did not receive HSTS header
sepie.gob.es: did not receive HSTS header
+seproco.com: could not connect to host
septakkordeon.de: could not connect to host
seq.tf: did not receive HSTS header
sequatchiecountytn.gov: could not connect to host
@@ -14989,6 +15585,7 @@ serathius.ovh: could not connect to host
serbien.guide: could not connect to host
serenitycreams.com: did not receive HSTS header
serfdom.io: did not receive HSTS header
+sergeemond.ca: could not connect to host
sergivb01.me: did not receive HSTS header
serized.pw: could not connect to host
serkaneles.com: did not receive HSTS header
@@ -14998,7 +15595,6 @@ servecrypt.net: could not connect to host
servecrypt.ru: could not connect to host
server-bg.net: could not connect to host
server.pk: did not receive HSTS header
-serverangels.co.uk: did not receive HSTS header
servercode.ca: did not receive HSTS header
serverdensity.io: did not receive HSTS header
servergno.me: did not receive HSTS header
@@ -15040,6 +15636,8 @@ sfcomercio.com.br: could not connect to host
sfhobbies.com.br: could not connect to host
sfsltd.com: did not receive HSTS header
sgovaard.nl: did not receive HSTS header
+sgroup-hitoduma.com: did not receive HSTS header
+sgroup-rec.com: did not receive HSTS header
sgthotshot.com: could not connect to host
sgtsnookums.net: could not connect to host
sh11.pp.ua: did not receive HSTS header
@@ -15083,6 +15681,7 @@ shanxiapark.com: could not connect to host
shanyhs.com: could not connect to host
shapesedinburgh.co.uk: did not receive HSTS header
shardsoft.com: could not connect to host
+sharecc.co: could not connect to host
shareeri.com: could not connect to host
shareimg.xyz: could not connect to host
sharemessage.net: could not connect to host
@@ -15109,11 +15708,12 @@ shawnh.net: could not connect to host
shawnstarrcustomhomes.com: did not receive HSTS header
shawnwilson.info: could not connect to host
shazbots.org: could not connect to host
+shellday.cc: could not connect to host
shellot.com: could not connect to host
shellsec.pw: did not receive HSTS header
-shemissed.me: could not connect to host
shena.co.uk: could not connect to host
shengrenyu.com: could not connect to host
+shens.ai: could not connect to host
shentengtu.idv.tw: could not connect to host
shep.co.il: did not receive HSTS header
sheratan.web.id: could not connect to host
@@ -15126,6 +15726,7 @@ sheying.tm: could not connect to host
shiatsu-institut.ch: could not connect to host
shibainu.com.br: could not connect to host
shibe.club: could not connect to host
+shieldofachilles.in: could not connect to host
shift.ooo: did not receive HSTS header
shiftins.com: could not connect to host
shiftnrg.org: did not receive HSTS header
@@ -15148,11 +15749,12 @@ shishamania.de: could not connect to host
shishkin.link: did not receive HSTS header
shitfest.info: did not receive HSTS header
shitposting.life: could not connect to host
-shivamber.com: did not receive HSTS header
shk.im: could not connect to host
shlemenkov.by: could not connect to host
shm-forum.org.uk: could not connect to host
-sho-tanaka.jp: did not receive HSTS header
+shmibbles.me: could not connect to host
+shmunky.co.uk: did not receive HSTS header
+sho-tanaka.jp: could not connect to host
shocksrv.com: did not receive HSTS header
shoemuse.com: did not receive HSTS header
shooshosha.com: could not connect to host
@@ -15179,6 +15781,7 @@ showdepiscinas.com.br: did not receive HSTS header
shower.im: did not receive HSTS header
showkeeper.tv: did not receive HSTS header
showroom.de: did not receive HSTS header
+showroom113.ru: could not connect to host
shoxmusic.net: max-age too low: 2592000
shred.ch: could not connect to host
shredoptics.ch: could not connect to host
@@ -15195,6 +15798,7 @@ shybynature.com: did not receive HSTS header
shymeck.pw: could not connect to host
shypp.it: could not connect to host
shyrydan.es: could not connect to host
+si.to: could not connect to host
siamega.com: could not connect to host
siammedia.co: could not connect to host
siamojo.com: could not connect to host
@@ -15202,14 +15806,20 @@ sianimacion.com: could not connect to host
siao-mei.com: did not receive HSTS header
sichere-kartenakzeptanz.de: could not connect to host
siciliadigitale.pro: could not connect to host
+sickfile.com: could not connect to host
sicklepod.com: could not connect to host
+siconnect.us: did not receive HSTS header
sictame-tigf.org: did not receive HSTS header
sideropolisnoticias.com.br: did not receive HSTS header
+sidpod.ru: could not connect to host
+siduga.com: could not connect to host
siebens.net: could not connect to host
sieh.es: did not receive HSTS header
sieulog.com: could not connect to host
sifls.com: could not connect to host
sifreuret.com: could not connect to host
+signaltransmitter.de: did not receive HSTS header
+signdesk.com: did not receive HSTS header
signere.com: could not connect to host
signere.no: did not receive HSTS header
signoracle.com: could not connect to host
@@ -15234,8 +15844,9 @@ silver-drachenkrieger.de: did not receive HSTS header
silverartcollector.com: did not receive HSTS header
silverback.is: did not receive HSTS header
silvergoldbull.ba: could not connect to host
+silvergoldbull.bg: could not connect to host
silvergoldbull.kg: could not connect to host
-silvergoldbull.lt: could not connect to host
+silvergoldbull.ky: could not connect to host
silvergoldbull.md: could not connect to host
silvergoldbull.ml: could not connect to host
silvergoldbull.ph: could not connect to host
@@ -15269,6 +15880,7 @@ simpan.id: could not connect to host
simpeo.fr: did not receive HSTS header
simpeo.org: did not receive HSTS header
simpleai.net: max-age too low: 600
+simpleclassiclife.com: could not connect to host
simplefraud.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
simplelearner.com: could not connect to host
simplepractice.com: did not receive HSTS header
@@ -15287,9 +15899,10 @@ sincai666.com: could not connect to host
sinceschool.com: could not connect to host
sinclairmoving.com: did not receive HSTS header
sincron.org: could not connect to host
+sinefili.com: could not connect to host
sinful.pw: could not connect to host
singee.site: could not connect to host
-singerwang.com: could not connect to host
+singerwang.com: did not receive HSTS header
singles-berlin.de: could not connect to host
singul4rity.com: could not connect to host
sinkip.com: could not connect to host
@@ -15302,6 +15915,7 @@ sinsojb.me: could not connect to host
sintesysglobal.com: did not receive HSTS header
sinusbot.online: did not receive HSTS header
sion.moe: did not receive HSTS header
+sipc.org: did not receive HSTS header
sipsik.net: did not receive HSTS header
siqi.wang: could not connect to host
sirburton.com: could not connect to host
@@ -15310,7 +15924,7 @@ sirius-lee.net: could not connect to host
siro.gq: did not receive HSTS header
siroop.ch: did not receive HSTS header
sisgopro.com: could not connect to host
-sistemasespecializados.com: could not connect to host
+sistemasespecializados.com: did not receive HSTS header
sistemlash.com: did not receive HSTS header
sistemos.net: could not connect to host
sistersurprise.de: did not receive HSTS header
@@ -15329,10 +15943,9 @@ sitesuccessful.com: did not receive HSTS header
sitsy.ru: did not receive HSTS header
sittinginoblivion.com: did not receive HSTS header
sizingservers.be: did not receive HSTS header
-sizzle.co.uk: did not receive HSTS header
+sizzle.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
sja-se-training.com: could not connect to host
sjatsh.com: could not connect to host
-sjdaws.com: could not connect to host
sjdtaxi.com: did not receive HSTS header
sjhyl11.com: could not connect to host
sjsc.fr: did not receive HSTS header
@@ -15363,13 +15976,14 @@ skinbet.co: could not connect to host
skinmarket.co: could not connect to host
skischuleulm.de: did not receive HSTS header
skk.io: could not connect to host
-sklotechnik.cz: did not receive HSTS header
skocia.net: did not receive HSTS header
skoda-clever-lead.de: could not connect to host
skoda-im-dialog.de: could not connect to host
skoda-nurdiebesten.de: did not receive HSTS header
skoda-service-team-cup.de: did not receive HSTS header
+skolnieks.lv: could not connect to host
skomski.org: did not receive HSTS header
+skoolergraph.azurewebsites.net: did not receive HSTS header
skpdev.net: could not connect to host
skrimix.tk: could not connect to host
skrivande.co: could not connect to host
@@ -15379,19 +15993,19 @@ sky-universe.net: did not receive HSTS header
skyasker.cn: could not connect to host
skyasker.com: could not connect to host
skybloom.com: could not connect to host
+skybloom.io: could not connect to host
skybound.link: did not receive HSTS header
skyflix.me: could not connect to host
skyline.link: could not connect to host
skyline.tw: did not receive HSTS header
skylocker.net: could not connect to host
skylocker.nl: did not receive HSTS header
-skynetz.tk: could not connect to host
skyoy.com: did not receive HSTS header
skypeassets.com: could not connect to host
skypoker.com: could not connect to host
skyris.co: could not connect to host
skyrunners.ch: could not connect to host
-skytec.host: did not receive HSTS header
+skytec.host: could not connect to host
skyvault.io: could not connect to host
skyveo.ml: did not receive HSTS header
skyway.capital: did not receive HSTS header
@@ -15408,6 +16022,7 @@ slashbits.no: did not receive HSTS header
slashdesign.it: did not receive HSTS header
slashem.me: did not receive HSTS header
slatemc.fun: could not connect to host
+slatko.io: could not connect to host
slattery.co: did not receive HSTS header
slauber.de: did not receive HSTS header
sld08.com: did not receive HSTS header
@@ -15419,12 +16034,13 @@ slicketl.com: did not receive HSTS header
slicss.com: could not connect to host
slides.zone: could not connect to host
slightfuture.click: could not connect to host
+slightfuture.com: did not receive HSTS header
slimk1nd.nl: could not connect to host
slimmerbouwen.be: did not receive HSTS header
slingo.com: did not receive HSTS header
-slingoweb.com: did not receive HSTS header
slix.io: could not connect to host
sln.cloud: could not connect to host
+slo-net.net: could not connect to host
slope.haus: could not connect to host
slotboss.co.uk: did not receive HSTS header
slovakiana.sk: did not receive HSTS header
@@ -15433,12 +16049,13 @@ slovoice.org: could not connect to host
slowfood.es: did not receive HSTS header
slowsociety.org: could not connect to host
slse.ca: max-age too low: 0
-sluplift.com: did not receive HSTS header
+sluplift.com: could not connect to host
slycurity.de: could not connect to host
slytech.ch: could not connect to host
smallcdn.rocks: could not connect to host
smallchat.nl: could not connect to host
smallcloudsolutions.co.za: could not connect to host
+smallpath.me: could not connect to host
smallplanet.ch: did not receive HSTS header
smallshopit.com: did not receive HSTS header
smart-mirror.de: did not receive HSTS header
@@ -15477,11 +16094,6 @@ sml.lc: could not connect to host
smmcab.ru: could not connect to host
smmcab.website: could not connect to host
smokinghunks.com: could not connect to host
-smoothics.at: could not connect to host
-smoothics.com: could not connect to host
-smoothics.eu: could not connect to host
-smoothics.mobi: could not connect to host
-smoothics.net: could not connect to host
smove.sg: did not receive HSTS header
smplix.com: could not connect to host
smries.com: could not connect to host
@@ -15493,10 +16105,12 @@ smtp.bz: did not receive HSTS header
smtpdev.com: could not connect to host
smuhelper.cn: could not connect to host
smusg.com: did not receive HSTS header
+smutba.se: did not receive HSTS header
snafarms.com: did not receive HSTS header
snailing.org: could not connect to host
snake.dog: could not connect to host
snakehosting.dk: did not receive HSTS header
+snapappts.com: could not connect to host
snapworks.net: did not receive HSTS header
snarf.in: could not connect to host
sneaker.date: could not connect to host
@@ -15510,7 +16124,6 @@ sniderman.pro: could not connect to host
sniderman.xyz: could not connect to host
snip.host: could not connect to host
snod.land: did not receive HSTS header
-snoot.club: did not receive HSTS header
snoozedds.com: max-age too low: 600
snoqualmiefiber.org: could not connect to host
snoringhq.com: did not receive HSTS header
@@ -15518,10 +16131,12 @@ snovey.com: could not connect to host
snow-online.de: could not connect to host
snowdy.eu: could not connect to host
snowdy.link: could not connect to host
+snrat.com: did not receive HSTS header
so-healthy.co.uk: did not receive HSTS header
sobabox.ru: could not connect to host
sobinski.pl: did not receive HSTS header
soboleva-pr.com.ua: could not connect to host
+soc.net: could not connect to host
socal-babes.com: could not connect to host
soccergif.com: could not connect to host
soci.ml: could not connect to host
@@ -15529,7 +16144,7 @@ social-journey.com: could not connect to host
socialbillboard.com: could not connect to host
socialcs.xyz: could not connect to host
socialdj.de: did not receive HSTS header
-socialfacecook.com: could not connect to host
+socialfacecook.com: did not receive HSTS header
socialgrowing.cl: did not receive HSTS header
socialhead.io: could not connect to host
socialhub.com: did not receive HSTS header
@@ -15541,9 +16156,11 @@ socialworkout.org: could not connect to host
socialworkout.tv: could not connect to host
socketize.com: did not receive HSTS header
sockeye.cc: could not connect to host
+socoastal.com: could not connect to host
socomponents.co.uk: could not connect to host
sodacore.com: could not connect to host
sodamakerclub.com: did not receive HSTS header
+sodiao.cc: could not connect to host
softballsavings.com: did not receive HSTS header
softbebe.com: did not receive HSTS header
softclean.pt: did not receive HSTS header
@@ -15560,7 +16177,8 @@ soldbygold.net: did not receive HSTS header
solentes.com.br: could not connect to host
solidfuelappliancespares.co.uk: did not receive HSTS header
solidimage.com.br: could not connect to host
-solidus.systems: did not receive HSTS header
+solidtuesday.com: could not connect to host
+solidus.systems: could not connect to host
solidwebnetworks.co.uk: did not receive HSTS header
solinter.com.br: did not receive HSTS header
solisrey.es: could not connect to host
@@ -15574,6 +16192,7 @@ solymar.co: could not connect to host
some.rip: max-age too low: 6307200
somebodycares.org: did not receive HSTS header
somepills.com: did not receive HSTS header
+somersetscr.nhs.uk: could not connect to host
someshit.xyz: could not connect to host
something-else.cf: could not connect to host
somethingnew.xyz: could not connect to host
@@ -15588,13 +16207,15 @@ sonicrainboom.rocks: could not connect to host
sonix.dk: could not connect to host
sonja-daniels.com: could not connect to host
sonja-kowa.de: could not connect to host
+sonoecoracao.com.br: could not connect to host
sonyforum.no: did not receive HSTS header
soobi.org: did not receive HSTS header
-soondy.com: did not receive HSTS header
+soodwatthanaphon.net: did not receive HSTS header
+soondy.com: could not connect to host
soothemobilemassage.com.au: did not receive HSTS header
soply.com: could not connect to host
soporte.cc: could not connect to host
-sorenam.com: could not connect to host
+sorenam.com: did not receive HSTS header
sorensen-online.com: could not connect to host
sorex.photo: did not receive HSTS header
sorinmuntean.ro: did not receive HSTS header
@@ -15604,6 +16225,7 @@ soruly.moe: did not receive HSTS header
sos.de: did not receive HSTS header
sosaka.ml: could not connect to host
sosecu.red: could not connect to host
+sosesh.shop: could not connect to host
sosiolog.com: did not receive HSTS header
sosko.in.rs: could not connect to host
sotavasara.net: did not receive HSTS header
@@ -15611,7 +16233,7 @@ sotiran.com: did not receive HSTS header
sotor.de: did not receive HSTS header
soucorneteiro.com.br: could not connect to host
soulcraft.bz: could not connect to host
-soulema.com: could not connect to host
+soulema.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
soulfulglamour.uk: could not connect to host
soulsteer.com: could not connect to host
soundedj.com.br: could not connect to host
@@ -15623,13 +16245,13 @@ sourcecode.love: could not connect to host
sourcelair.com: did not receive HSTS header
sourcely.net: could not connect to host
sourcitec.com: did not receive HSTS header
-sous-surveillance.net: could not connect to host
southcoastkitesurf.co.uk: did not receive HSTS header
southcoastswords.com: did not receive HSTS header
southernjamusa.com: did not receive HSTS header
southernlights.xyz: could not connect to host
southgale.condos: could not connect to host
southside-crew.club: could not connect to host
+southwindsor-ct.gov: could not connect to host
southworcestershiregpservices.co.uk: could not connect to host
soutien-naissance.com: could not connect to host
souvik.me: did not receive HSTS header
@@ -15662,12 +16284,12 @@ sparkreviewcenter.com: did not receive HSTS header
sparkwood.org: could not connect to host
sparmedo.de: did not receive HSTS header
sparsa.army: could not connect to host
-sparta-en.org: could not connect to host
sparta-trade.com: could not connect to host
spartantheatre.org: could not connect to host
spauted.com: could not connect to host
spawn.cz: could not connect to host
spcx.eu: could not connect to host
+spd-pulheim-mitte.de: did not receive HSTS header
spdysync.com: could not connect to host
specialedesigns.com: could not connect to host
specialistnow.com.au: did not receive HSTS header
@@ -15687,7 +16309,6 @@ spendwise.com.au: could not connect to host
sperohub.com: could not connect to host
sperohub.io: could not connect to host
sperohub.lt: did not receive HSTS header
-spherenix.org: could not connect to host
sphinx.network: could not connect to host
spicydog.tk: could not connect to host
spicywombat.com: could not connect to host
@@ -15696,10 +16317,10 @@ spiel-teppich.de: could not connect to host
spielcasinos.com: did not receive HSTS header
spikeykc.me: could not connect to host
spillersfamily.net: could not connect to host
-spillmaker.no: did not receive HSTS header
spilsbury.io: could not connect to host
spineandscoliosis.com: did not receive HSTS header
spinner.dnshome.de: could not connect to host
+spinor.im: could not connect to host
spirit-dev.net: max-age too low: 0
spirit-hunters-germany.de: did not receive HSTS header
spiritbionic.ro: could not connect to host
@@ -15709,7 +16330,7 @@ spitefultowel.com: did not receive HSTS header
spitfireuav.com: could not connect to host
spititout.it: could not connect to host
split.is: could not connect to host
-splunk.zone: could not connect to host
+splunk.zone: did not receive HSTS header
spoketwist.com: did not receive HSTS header
spokonline.com: could not connect to host
spon.cz: did not receive HSTS header
@@ -15736,6 +16357,7 @@ spr.id.au: could not connect to host
spreadsheets.google.com: did not receive HSTS header (error ignored - included regardless)
spresso.me: did not receive HSTS header
sprigings.com: did not receive HSTS header
+springreizen.nl: did not receive HSTS header
springsoffthegrid.com: could not connect to host
sprint.ml: did not receive HSTS header
sprk.fitness: did not receive HSTS header
@@ -15753,6 +16375,7 @@ sqshq.de: did not receive HSTS header
squaddraft.com: did not receive HSTS header
squadlinx.com: did not receive HSTS header
square.gs: could not connect to host
+squarelab.it: could not connect to host
squareonebgc.com.ph: could not connect to host
squatldf.org: could not connect to host
squids.space: could not connect to host
@@ -15762,6 +16385,7 @@ sr-cs.net: did not receive HSTS header
srcc.fr: could not connect to host
sreeharis.tk: could not connect to host
srevilak.net: did not receive HSTS header
+srichan.net: could not connect to host
sritest.io: could not connect to host
srmaximo.com: could not connect to host
srna.sk: did not receive HSTS header
@@ -15775,13 +16399,13 @@ ssc8689.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERRO
ssc8689.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
ssco.xyz: did not receive HSTS header
ssconn.com: could not connect to host
-ssh.nu: could not connect to host
+ssh.nu: did not receive HSTS header
sshool.at: could not connect to host
ssl.panoramio.com: could not connect to host
ssl.rip: could not connect to host
sslzilla.de: did not receive HSTS header
ssn1.ru: did not receive HSTS header
-sspanda.com: did not receive HSTS header
+sspanda.com: could not connect to host
ssrvpn.tech: could not connect to host
sss3s.com: could not connect to host
ssworld.ga: could not connect to host
@@ -15798,7 +16422,6 @@ staffjoystaging.com: could not connect to host
stagingjobshq.com: could not connect to host
stahl.xyz: did not receive HSTS header
stakestrategy.com: could not connect to host
-stalder.work: could not connect to host
stalkerhispano.com: max-age too low: 0
stalkthe.net: could not connect to host
stall-zur-linde.de: did not receive HSTS header
@@ -15808,14 +16431,14 @@ stamboomvanderwal.nl: did not receive HSTS header
stanandjerre.org: could not connect to host
standardssuck.org: did not receive HSTS header
standingmist.com: did not receive HSTS header
-standoutbooks.com: did not receive HSTS header
+standoutbooks.com: max-age too low: 0
standuppaddlesports.com.au: did not receive HSTS header
stang.moe: did not receive HSTS header
stannahtrapliften.nl: did not receive HSTS header
star-citizen.wiki: did not receive HSTS header
star-killer.net: could not connect to host
-star-stuff.de: did not receive HSTS header
-star.do: could not connect to host
+star-stuff.de: could not connect to host
+star.do: did not receive HSTS header
starandshield.com: did not receive HSTS header
starapple.nl: did not receive HSTS header
starcafe.me: could not connect to host
@@ -15824,7 +16447,7 @@ stardust-entertainments.co.uk: did not receive HSTS header
starease.net: could not connect to host
starfeeling.net: could not connect to host
stargatepartners.com: did not receive HSTS header
-starinvestors.in: did not receive HSTS header
+starinvestors.in: could not connect to host
starklane.com: max-age too low: 300
starlightentertainmentdevon.co.uk: did not receive HSTS header
starmusic.ga: could not connect to host
@@ -15866,8 +16489,9 @@ stcomex.com: did not receive HSTS header
stdev.org: could not connect to host
steamhours.com: could not connect to host
steampunkrobot.com: did not receive HSTS header
+steborio.pw: could not connect to host
+steckel.cc: could not connect to host
steelbea.ms: could not connect to host
-steelmounta.in: could not connect to host
steelrhino.co: could not connect to host
steem.io: did not receive HSTS header
steenackers.be: did not receive HSTS header
@@ -15875,7 +16499,6 @@ stefanweiser.de: did not receive HSTS header
steffi-in-australien.com: could not connect to host
stellarvale.net: could not connect to host
stellen.ch: did not receive HSTS header
-stellenticket.de: did not receive HSTS header
stem.is: did not receive HSTS header
stepbystep3d.com: did not receive HSTS header
steph-autoecole.ch: did not receive HSTS header
@@ -15883,12 +16506,12 @@ steph3n.me: could not connect to host
stephanierxo.com: did not receive HSTS header
stephanos.me: could not connect to host
stephenandburns.com: did not receive HSTS header
+stephenjvoiceovers.com: did not receive HSTS header
stephensolis.net: could not connect to host
stephensolisrey.es: could not connect to host
steplogictalent.com: could not connect to host
sterjoski.com: did not receive HSTS header
stesti.cz: could not connect to host
-steuerberater-essen-steele.com: could not connect to host
steuerkanzlei-und-wirtschaftsberater-manke.de: could not connect to host
steve.kiwi: could not connect to host
stevechekblain.win: could not connect to host
@@ -15896,6 +16519,7 @@ stevengoodpaster.com: could not connect to host
stevenkwan.me: could not connect to host
stevensheffey.me: could not connect to host
stevensononthe.net: did not receive HSTS header
+steventruesdell.com: could not connect to host
stewartremodelingadvantage.com: could not connect to host
stewonet.nl: did not receive HSTS header
stge.uk: could not connect to host
@@ -15912,6 +16536,7 @@ stijnbelmans.be: max-age too low: 604800
stikkie.me: could not connect to host
stilettomoda.com.br: could not connect to host
stillblackhat.id: could not connect to host
+stillnessproject.com: did not receive HSTS header
stillyarts.com: did not receive HSTS header
stinkytrashhound.com: could not connect to host
stirlingpoon.net: could not connect to host
@@ -15925,7 +16550,6 @@ stl.news: max-age too low: 0
stlucasmuseum.org: did not receive HSTS header
stm32f4.jp: could not connect to host
stmbgr.com: could not connect to host
-stmkza.net: max-age too low: 0
stn.me.uk: did not receive HSTS header
stnl.de: could not connect to host
stockseyeserum.com: could not connect to host
@@ -15935,6 +16559,7 @@ stoffelen.nl: did not receive HSTS header
stoianlawfirm.com: could not connect to host
stoick.me: could not connect to host
stoinov.com: could not connect to host
+stolbart.com: could not connect to host
stole-my.bike: could not connect to host
stole-my.tv: could not connect to host
stolkschepen.nl: did not receive HSTS header
@@ -15953,6 +16578,7 @@ store10.de: could not connect to host
storecove.com: did not receive HSTS header
storeden.com: did not receive HSTS header
storefrontify.com: could not connect to host
+storeprijs.nl: did not receive HSTS header
storiesofhealth.org: could not connect to host
stormhub.org: could not connect to host
stormwatcher.org: could not connect to host
@@ -15990,13 +16616,13 @@ streamzilla.com: did not receive HSTS header
strehl.tk: could not connect to host
strelitzia02.com: could not connect to host
stressfreehousehold.com: could not connect to host
+stretchpc.com: could not connect to host
strictlynormal.com: could not connect to host
strictlysudo.com: could not connect to host
strife.tk: did not receive HSTS header
strila.me: could not connect to host
striptizer.tk: could not connect to host
strming.com: could not connect to host
-stroeder.com: could not connect to host
stroeercrm.de: could not connect to host
strongest-privacy.com: could not connect to host
struxureon.com: did not receive HSTS header
@@ -16008,7 +16634,7 @@ student.andover.edu: could not connect to host
studentrdh.com: did not receive HSTS header
studentresearcher.org: did not receive HSTS header
studentskydenik.cz: could not connect to host
-studenttravel.cz: did not receive HSTS header
+studenttravel.cz: could not connect to host
studer.su: could not connect to host
studiemeter.nl: did not receive HSTS header
studiereader.nl: did not receive HSTS header
@@ -16018,7 +16644,6 @@ studio-webdigi.com: did not receive HSTS header
studiocn.cn: could not connect to host
studiodoprazer.com.br: could not connect to host
studiozelden.com: did not receive HSTS header
-studisys.net: could not connect to host
studlan.no: could not connect to host
studport.rv.ua: max-age too low: 604800
studyabroadstation.com: could not connect to host
@@ -16036,9 +16661,11 @@ sturbi.de: did not receive HSTS header
sturbock.me: did not receive HSTS header
sturdio.com.br: could not connect to host
sturge.co.uk: did not receive HSTS header
+stutsmancounty.gov: could not connect to host
stuttgart-gablenberg.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
stuudium.cloud: could not connect to host
stuudium.life: could not connect to host
+stylaq.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
stylenda.com: could not connect to host
stylle.me: could not connect to host
stytt.com: could not connect to host
@@ -16046,7 +16673,6 @@ suaraangin.com: could not connect to host
suareforma.com: could not connect to host
suave.io: did not receive HSTS header
subbing.work: could not connect to host
-subdimension.org: could not connect to host
subeesu.com: could not connect to host
subhacker.net: could not connect to host
subjektzentrisch.de: could not connect to host
@@ -16054,26 +16680,28 @@ sublevel.net: did not receive HSTS header
subrain.com: did not receive HSTS header
subrosa.io: could not connect to host
subsys.no: did not receive HSTS header
+subterfuge.io: did not receive HSTS header
subtitle.rip: could not connect to host
subwayz.de: did not receive HSTS header
subzerolosangeles.com: did not receive HSTS header
-subzerotech.co.uk: could not connect to host
successwithflora.com: could not connect to host
succubus.network: could not connect to host
succubus.xxx: could not connect to host
suchprogrammer.net: did not receive HSTS header
sudo.im: could not connect to host
-sudoschool.com: could not connect to host
sudosu.fr: could not connect to host
suempresa.cloud: could not connect to host
-suffts.de: could not connect to host
+suffts.de: did not receive HSTS header
sugarcitycon.com: could not connect to host
sugarsweetorsour.com: did not receive HSTS header
sugartownfarm.com: could not connect to host
suian.or.jp: max-age too low: 86400
suite73.org: could not connect to host
+suited21.com: did not receive HSTS header
suitocracy.com: could not connect to host
+summa-prefis.com: did not receive HSTS header
summer.ga: could not connect to host
+summermc.cc: could not connect to host
summitbankofkc.com: did not receive HSTS header
summitmasters.net: did not receive HSTS header
sumoatm.com: did not receive HSTS header
@@ -16089,7 +16717,7 @@ sunfireshop.com.br: could not connect to host
sunlandsg.vn: did not receive HSTS header
sunnyfruit.ru: could not connect to host
sunriseafricarelief.com: did not receive HSTS header
-sunset.im: did not receive HSTS header
+sunset.im: could not connect to host
sunshinepress.org: could not connect to host
sunxchina.com: could not connect to host
sunyanzi.tk: could not connect to host
@@ -16122,19 +16750,23 @@ supersecurefancydomain.com: could not connect to host
supertramp-dafonseca.com: did not receive HSTS header
superuser.fi: could not connect to host
superwally.org: could not connect to host
+superway.es: did not receive HSTS header
supes.io: did not receive HSTS header
supperclub.es: could not connect to host
support4server.de: could not connect to host
supportfan.gov: could not connect to host
suprlink.net: could not connect to host
-supweb.ovh: did not receive HSTS header
+supweb.ovh: could not connect to host
+surasak.io: could not connect to host
surasak.xyz: could not connect to host
suraya.online: could not connect to host
+surdam.casa: could not connect to host
surfeasy.com: did not receive HSTS header
surfone-leucate.com: did not receive HSTS header
surgiclinic.gr: did not receive HSTS header
surkatty.org: did not receive HSTS header
suruifu.tk: could not connect to host
+survivalistplanet.com: could not connect to host
survivebox.fr: did not receive HSTS header
susanvelez.com: did not receive HSTS header
susastudentenjobs.de: could not connect to host
@@ -16157,6 +16789,7 @@ svarovani.tk: could not connect to host
svatba-frantovi.cz: could not connect to host
sve-hosting.nl: could not connect to host
svenbacia.me: could not connect to host
+svendubbeld.nl: did not receive HSTS header
svenskacasino.com: could not connect to host
svenskaservern.se: could not connect to host
svetdrzaku.cz: did not receive HSTS header
@@ -16176,10 +16809,10 @@ swarmation.com: did not receive HSTS header
sway.com: did not receive HSTS header
swdatlantico.pt: could not connect to host
sweep.cards: did not receive HSTS header
-sweet-spatula.com: could not connect to host
sweetlegs.jp: could not connect to host
sweetstreats.ca: could not connect to host
sweetvanilla.jp: could not connect to host
+swehack.org: could not connect to host
swfloshatraining.com: could not connect to host
swift-devedge.de: could not connect to host
swiftconf.com: did not receive HSTS header
@@ -16189,8 +16822,10 @@ swiggy.com: did not receive HSTS header
swimming.ca: did not receive HSTS header
swimmingpoolaccidentattorney.net: could not connect to host
swingular.com: could not connect to host
+swisscannabis.club: could not connect to host
swissentreprises.ch: could not connect to host
swissfreshaircan.com: could not connect to host
+swisstechtalks.ch: did not receive HSTS header
swisstranslate.ch: did not receive HSTS header
swisstranslate.fr: did not receive HSTS header
swisswebhelp.ch: could not connect to host
@@ -16204,8 +16839,13 @@ sxbk.pw: could not connect to host
syam.cc: could not connect to host
syamuwatching.xyz: could not connect to host
sydgrabber.tk: could not connect to host
+syhost.at: did not receive HSTS header
+syhost.ch: did not receive HSTS header
+syhost.de: did not receive HSTS header
sykl.us: could not connect to host
sylvaincombe.net: could not connect to host
+sylvan.me: could not connect to host
+sylvangarden.net: could not connect to host
sylvangarden.org: could not connect to host
sylvanorder.com: did not receive HSTS header
synackr.com: could not connect to host
@@ -16214,15 +16854,16 @@ syncaddict.net: could not connect to host
syncappate.com: could not connect to host
syncclinicalstudy.com: could not connect to host
syncer.jp: did not receive HSTS header
-synchtu.be: could not connect to host
syncmylife.net: could not connect to host
syncserve.net: did not receive HSTS header
-syneic.com: could not connect to host
+syneic.com: did not receive HSTS header
synergisticsoccer.com: could not connect to host
syno.gq: could not connect to host
syntaxoff.com: could not connect to host
syntheticmotoroil.org: did not receive HSTS header
syobon.org: could not connect to host
+syoier.com: could not connect to host
+syracuseut.gov: could not connect to host
syrocon.ch: could not connect to host
sys.tf: could not connect to host
sysadmins.ro: could not connect to host
@@ -16237,6 +16878,7 @@ systea.net: could not connect to host
system-online.cz: did not receive HSTS header
systemd.me: could not connect to host
sytk.me: could not connect to host
+syunpay.cn: did not receive HSTS header
syy.hk: did not receive HSTS header
szagun.net: did not receive HSTS header
szaszm.tk: could not connect to host
@@ -16253,17 +16895,19 @@ t-tz.com: could not connect to host
t0dd.eu: could not connect to host
t2000headphones.com: could not connect to host
t2000laserpointers.com: could not connect to host
+t3rror.net: could not connect to host
t4c-rebirth.com: could not connect to host
t4x.org: could not connect to host
taabe.xyz: could not connect to host
taartenfeesies.nl: did not receive HSTS header
tab.watch: did not receive HSTS header
taberu-fujitsubo.com: did not receive HSTS header
-tabhui.com: could not connect to host
+tabhui.com: did not receive HSTS header
tabitatsu.jp: did not receive HSTS header
tabla-periodica.com: could not connect to host
tachyonapp.com: could not connect to host
tacoma-games.com: did not receive HSTS header
+tacostea.net: could not connect to host
tacotown.tk: could not connect to host
tadata.me: could not connect to host
tadcastercircuit.org.uk: did not receive HSTS header
@@ -16304,16 +16948,17 @@ talroo.com: could not connect to host
talsi.eu: could not connect to host
tam7t.com: did not receive HSTS header
tamex.xyz: could not connect to host
-tanak3n.xyz: could not connect to host
tandarts-haarlem.nl: did not receive HSTS header
tandblekningidag.com: could not connect to host
-tangerine.ga: did not receive HSTS header
+tandilmap.com.ar: did not receive HSTS header
+tangerine.ga: could not connect to host
tangibilizing.com: could not connect to host
tangiblesecurity.com: did not receive HSTS header
tango-cats.de: could not connect to host
tangsisi.com: could not connect to host
tangyue.date: could not connect to host
tangzhao.net: could not connect to host
+tanhit.com: could not connect to host
taniesianie.pl: did not receive HSTS header
tankfreunde.de: did not receive HSTS header
tante-bugil.net: could not connect to host
@@ -16328,7 +16973,6 @@ tapfinder.ca: could not connect to host
tapka.cz: did not receive HSTS header
tappublisher.com: did not receive HSTS header
taqun.club: could not connect to host
-taranis.re: could not connect to host
tarantul.org.ua: could not connect to host
taravancil.com: did not receive HSTS header
tarek.link: could not connect to host
@@ -16337,7 +16981,7 @@ tarhauskielto.fi: did not receive HSTS header
tarots-et-oracles.com: did not receive HSTS header
tarsashaz-biztositas.hu: did not receive HSTS header
tartaros.fi: could not connect to host
-taskstats.com: could not connect to host
+taskstats.com: did not receive HSTS header
tasmansecurity.com: could not connect to host
tassup.com: could not connect to host
tasta.ro: could not connect to host
@@ -16349,10 +16993,11 @@ tatilmix.com: could not connect to host
tatort-fanpage.de: could not connect to host
tatt.io: could not connect to host
tauchkater.de: could not connect to host
+tauschen.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
tavoittaja.fi: did not receive HSTS header
tavopica.lt: did not receive HSTS header
taxbench.com: could not connect to host
-taxi-24std.de: could not connect to host
+taxi-24std.de: did not receive HSTS header
taxiindenbosch.nl: did not receive HSTS header
taxmadras.com: could not connect to host
taxsnaps.co.nz: did not receive HSTS header
@@ -16389,6 +17034,8 @@ tdsbhack.tk: could not connect to host
teacherph.net: did not receive HSTS header
teachforcanada.ca: did not receive HSTS header
tealdrones.com: did not receive HSTS header
+team-bbd.com: could not connect to host
+team-pancake.eu: could not connect to host
team-teasers.com: could not connect to host
team2fou.cf: did not receive HSTS header
teamassists.com: did not receive HSTS header
@@ -16400,6 +17047,7 @@ teamnetsol.com: did not receive HSTS header
teampoint.cz: could not connect to host
teams.microsoft.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
teamsocial.co: did not receive HSTS header
+teamtravel.co: could not connect to host
teamx-gaming.de: could not connect to host
teamzeus.cz: could not connect to host
teaparty.id: could not connect to host
@@ -16412,6 +17060,7 @@ tech55i.com: could not connect to host
techandtux.de: could not connect to host
techask.it: could not connect to host
techassist.io: did not receive HSTS header
+techbelife.com: could not connect to host
techbrawl.org: could not connect to host
techcavern.ml: could not connect to host
techcentric.com: did not receive HSTS header
@@ -16430,6 +17079,7 @@ techmasters.andover.edu: could not connect to host
techmatehq.com: could not connect to host
technicalforensic.com: could not connect to host
technicalpenguins.com: did not receive HSTS header
+technifocal.com: could not connect to host
technogroup.cz: did not receive HSTS header
technologyand.me: did not receive HSTS header
technosavvyport.com: did not receive HSTS header
@@ -16447,12 +17097,12 @@ techtraveller.com.au: did not receive HSTS header
techtuts.info: could not connect to host
techunit.org: could not connect to host
techvalue.gr: did not receive HSTS header
+techwords.io: could not connect to host
tecit.ch: could not connect to host
tecnimotos.com: did not receive HSTS header
-tecnogaming.com: did not receive HSTS header
tecnologino.com: could not connect to host
-tecture.de: did not receive HSTS header
-tedovo.com: could not connect to host
+tecture.de: could not connect to host
+tedovo.com: did not receive HSTS header
tedxkmitl.com: could not connect to host
tee-idf.net: could not connect to host
teehaus-shila.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -16474,7 +17124,9 @@ teksuperior.com: could not connect to host
tektoria.de: did not receive HSTS header
tektuts.com: could not connect to host
tel-dithmarschen.de: did not receive HSTS header
+tele-alarme.ch: could not connect to host
tele-assistance.ch: could not connect to host
+telealarmevalais.ch: could not connect to host
teleallarme.ch: could not connect to host
telecharger-itunes.com: could not connect to host
telecharger-open-office.com: could not connect to host
@@ -16482,7 +17134,7 @@ telecharger-winrar.com: could not connect to host
telefisk.org: did not receive HSTS header
telefonnummer.online: could not connect to host
telefonogratuito.com: did not receive HSTS header
-telefonsinyalguclendirici.com: did not receive HSTS header
+telefonsinyalguclendirici.com: could not connect to host
telefoonnummerinfo.nl: could not connect to host
telekollektiv.org: could not connect to host
telepons.com: could not connect to host
@@ -16505,6 +17157,7 @@ tengu.cloud: could not connect to host
tenispopular.com: could not connect to host
tenma.pro: could not connect to host
tenni.xyz: could not connect to host
+tennisadmin.com: could not connect to host
tennisapp.org: could not connect to host
tennispensacola.com: could not connect to host
tensei-slime.com: did not receive HSTS header
@@ -16559,6 +17212,7 @@ textracer.dk: could not connect to host
tezcam.tk: could not connect to host
tf-network.de: did not receive HSTS header
tf2stadium.com: did not receive HSTS header
+tf7879.com: could not connect to host
tfcoms-sp-tracker-client.azurewebsites.net: could not connect to host
tffans.com: could not connect to host
tfl.lu: did not receive HSTS header
@@ -16566,7 +17220,7 @@ tgbyte.com: did not receive HSTS header
tgod.co: could not connect to host
tgr.re: could not connect to host
th-bl.de: did not receive HSTS header
-th3nd.com: could not connect to host
+th3nd.com: did not receive HSTS header
thackert.myfirewall.org: could not connect to host
thagki9.com: did not receive HSTS header
thaianthro.com: max-age too low: 0
@@ -16578,7 +17232,6 @@ thalskarth.com: did not receive HSTS header
thatgudstuff.com: could not connect to host
thatpodcast.io: did not receive HSTS header
thatvizsla.life: did not receive HSTS header
-thcpbees.co.uk: did not receive HSTS header
the-construct.com: could not connect to host
the-delta.net.eu.org: could not connect to host
the-digitale.com: did not receive HSTS header
@@ -16595,6 +17248,7 @@ thearcheryguide.com: did not receive HSTS header
theater.cf: could not connect to host
theavenuegallery.com: did not receive HSTS header
thebakingclass.com: max-age too low: 60
+thebarneystyle.com: did not receive HSTS header
thebasementguys.com: could not connect to host
thebeautifulmusic.net: did not receive HSTS header
thebeginningisnye.com: could not connect to host
@@ -16618,30 +17272,30 @@ thecodeninja.net: did not receive HSTS header
thecoffeehouse.xyz: could not connect to host
thecoffeepod.co.uk: did not receive HSTS header
thecozycastle.com: did not receive HSTS header
+thecrochetcottage.net: could not connect to host
thecskr.in: did not receive HSTS header
thecsw.com: did not receive HSTS header
thecuriouscat.net: could not connect to host
thedailyupvote.com: could not connect to host
thedarkartsandcrafts.com: could not connect to host
-thedebug.life: did not receive HSTS header
thedevilwearswibra.nl: did not receive HSTS header
thediaryofadam.com: did not receive HSTS header
-thedominatorsclan.com: did not receive HSTS header
+thedominatorsclan.com: could not connect to host
thedrinks.co: did not receive HSTS header
thedrop.pw: did not receive HSTS header
thedrunkencabbage.com: could not connect to host
thedystance.com: could not connect to host
theel0ja.info: did not receive HSTS header
theelitebuzz.com: could not connect to host
-theendofzion.com: could not connect to host
+theendofzion.com: did not receive HSTS header
theepankar.com: could not connect to host
theescapistswiki.com: could not connect to host
theevergreen.me: could not connect to host
theexpatriate.de: could not connect to host
-theeyeopener.com: did not receive HSTS header
thefarbeyond.com: could not connect to host
thefasterweb.com: did not receive HSTS header
thefilmcolor.com: max-age too low: 0
+theflyingbear.net: could not connect to host
thefootballanalyst.com: did not receive HSTS header
thefox.co: did not receive HSTS header
thefox.com.fr: could not connect to host
@@ -16689,6 +17343,7 @@ themerchandiser.net: [Exception... "Component returned failure code: 0x80004005
themesurgeons.net: could not connect to host
themicrocapital.com: could not connect to host
themoderate.xyz: could not connect to host
+thenarcissisticlife.com: did not receive HSTS header
thenextstep.events: could not connect to host
thenichecast.com: could not connect to host
thenorthschool.org.uk: did not receive HSTS header
@@ -16701,6 +17356,7 @@ theosophie-afrique.org: could not connect to host
theoverfly.co: could not connect to host
thepartywarehouse.co.uk: did not receive HSTS header
thepcweb.tk: could not connect to host
+thepiabo.ovh: did not receive HSTS header
thepiratebay.al: could not connect to host
thepiratebay.poker: could not connect to host
thepiratebay.tech: could not connect to host
@@ -16709,6 +17365,7 @@ thepostoffice.ro: did not receive HSTS header
theprincegame.com: could not connect to host
theprivacysolution.com: could not connect to host
thepurem.com: could not connect to host
+thepythianseed.com: did not receive HSTS header
thequillmagazine.org: could not connect to host
therewill.be: could not connect to host
therise.ca: max-age too low: 300
@@ -16752,6 +17409,7 @@ thewp.pro: max-age too low: 0
theyachtteam.com: could not connect to host
thezonders.com: did not receive HSTS header
thgros.fr: could not connect to host
+thibaultwalle.com: could not connect to host
thibautcharles.net: did not receive HSTS header
thienteakee.com: did not receive HSTS header
thierfreund.de: did not receive HSTS header
@@ -16763,7 +17421,6 @@ thinkdo.jp: could not connect to host
thinklikeanentrepreneur.com: did not receive HSTS header
thinkswap.com: did not receive HSTS header
thinlyveiledcontempt.com: could not connect to host
-thirdbearsolutions.com: could not connect to host
thirdpartytrade.com: did not receive HSTS header
thirdworld.moe: could not connect to host
thirty5.net: did not receive HSTS header
@@ -16800,8 +17457,8 @@ throughthelookingglasslens.co.uk: could not connect to host
thrx.net: did not receive HSTS header
thumbtack.com: did not receive HSTS header
thundercampaign.com: could not connect to host
-thuviensoft.com: could not connect to host
thuviensoft.net: could not connect to host
+thynx.io: could not connect to host
thyrex.fr: could not connect to host
ti-js.com: could not connect to host
ti.blog.br: did not receive HSTS header
@@ -16813,8 +17470,6 @@ tianxing.pro: did not receive HSTS header
tianxingvpn.pro: could not connect to host
tibbitshall.ca: could not connect to host
tibovanheule.site: could not connect to host
-ticfleet.com: could not connect to host
-tichieru.pw: could not connect to host
ticketmates.com.au: did not receive HSTS header
ticketoplichting.nl: did not receive HSTS header
tickopa.co.uk: could not connect to host
@@ -16829,7 +17484,6 @@ tiendschuurstraat.nl: could not connect to host
tiensnet.com: could not connect to host
tierarztpraxis-illerwinkel.de: did not receive HSTS header
tiernanx.com: could not connect to host
-tierraprohibida.net: did not receive HSTS header
tierrarp.com: could not connect to host
tiggi.pw: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
tightlineproductions.com: did not receive HSTS header
@@ -16842,7 +17496,7 @@ tilkah.com.au: could not connect to host
tillcraft.com: could not connect to host
timbeilby.com: could not connect to host
timbuktutimber.com: did not receive HSTS header
-timcamara.com: could not connect to host
+timcamara.com: did not receive HSTS header
timchanhxe.com: did not receive HSTS header
timdebruijn.nl: did not receive HSTS header
time-river.xyz: could not connect to host
@@ -16859,12 +17513,13 @@ timestamp.io: did not receive HSTS header
timestamp.uk: could not connect to host
timetab.org: could not connect to host
timhieubenh.net: could not connect to host
+timhieuthuoc.com: could not connect to host
timhjalpen.se: could not connect to host
timklefisch.de: did not receive HSTS header
timmy.im: could not connect to host
timmy.ws: could not connect to host
-timotrans.de: did not receive HSTS header
-timotrans.eu: did not receive HSTS header
+timotrans.de: could not connect to host
+timotrans.eu: could not connect to host
timowi.net: could not connect to host
timroes.de: did not receive HSTS header
timschubert.net: max-age too low: 172800
@@ -16875,7 +17530,7 @@ tinchbear.xyz: could not connect to host
tindewen.net: could not connect to host
tink.network: could not connect to host
tinkerboard.org: could not connect to host
-tinkerers-trunk.co.za: did not receive HSTS header
+tinkerers-trunk.co.za: could not connect to host
tipiakers.club: could not connect to host
tipps-fuer-den-haushalt.de: could not connect to host
tippspiel.cc: could not connect to host
@@ -16890,6 +17545,7 @@ titanleaf.com: could not connect to host
titanpointe.org: did not receive HSTS header
tittarpuls.se: could not connect to host
titties.ml: could not connect to host
+tivido.nl: could not connect to host
tjandpals.com: could not connect to host
tjc.wiki: could not connect to host
tjeckien.guide: could not connect to host
@@ -16899,14 +17555,13 @@ tkappertjedemetamorfose.nl: could not connect to host
tkarstens.de: did not receive HSTS header
tkeycoin.com: did not receive HSTS header
tkhw.tk: could not connect to host
-tkirch.de: could not connect to host
-tkn.tokyo: could not connect to host
tkonstantopoulos.tk: could not connect to host
tkts.cl: could not connect to host
tlcdn.net: could not connect to host
tlo.hosting: could not connect to host
tlo.link: could not connect to host
tlo.network: could not connect to host
+tls.builders: could not connect to host
tls.li: could not connect to host
tlsbv.nl: did not receive HSTS header
tlshost.net: could not connect to host
@@ -16920,15 +17575,19 @@ tmi.news: did not receive HSTS header
tmin.cf: could not connect to host
tmitchell.io: could not connect to host
tmprod.com: did not receive HSTS header
-tmtradingmorocco.ma: could not connect to host
+tmtradingmorocco.ma: did not receive HSTS header
tnb-plattform.de: could not connect to host
tncnanet.com.br: could not connect to host
tno.io: could not connect to host
+tnwioa.gov: could not connect to host
to2mbn.org: could not connect to host
+toabsentfamily.com: did not receive HSTS header
tobaby.com.br: could not connect to host
tobacco.gov: could not connect to host
tobaccore.eu: could not connect to host
tobaccore.sk: could not connect to host
+tobi-server.goip.de: could not connect to host
+tobi-videos.goip.de: could not connect to host
tobias-bielefeld.de: did not receive HSTS header
tobiasbergius.se: could not connect to host
tobiasmathes.com: could not connect to host
@@ -16937,8 +17596,8 @@ tobiasofficial.at: could not connect to host
tobiassachs.cf: could not connect to host
tobiassachs.tk: could not connect to host
tobis-webservice.de: did not receive HSTS header
-tobyx.eu: could not connect to host
tobyx.is: could not connect to host
+toddmissiontx.gov: did not receive HSTS header
todesschaf.org: could not connect to host
todo.is: could not connect to host
todobazar.es: could not connect to host
@@ -16950,12 +17609,13 @@ tofa-koeln.de: could not connect to host
tofilmhub.com: could not connect to host
tofu.im: could not connect to host
togelonlinecommunity.com: did not receive HSTS header
+tohokufd.com: could not connect to host
tojeto.eu: did not receive HSTS header
toka.sg: could not connect to host
tokage.me: could not connect to host
+tokbijouxs.com.br: did not receive HSTS header
tokenloan.com: could not connect to host
-tokfun.com: could not connect to host
-tokintu.com: did not receive HSTS header
+tokintu.com: could not connect to host
tokky.eu: could not connect to host
tokobungaasryflorist.com: did not receive HSTS header
tokobungadijambi.com: did not receive HSTS header
@@ -16974,6 +17634,7 @@ tom-maxwell.com: did not receive HSTS header
tom.run: did not receive HSTS header
tomandshirley.com: could not connect to host
tomaspialek.cz: did not receive HSTS header
+tomaz.eu: could not connect to host
tomberek.info: did not receive HSTS header
tomcort.com: could not connect to host
tomdudfield.com: did not receive HSTS header
@@ -16991,9 +17652,10 @@ tomoyaf.com: could not connect to host
tomphill.co.uk: could not connect to host
tomudding.com: did not receive HSTS header
tomy.icu: could not connect to host
-tonburi.jp: could not connect to host
+tonburi.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
tongmu.me: could not connect to host
tonguetechnology.com: could not connect to host
+toni-dis.ch: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
toniharant.de: could not connect to host
toomanypillows.com: could not connect to host
toomy.ddns.net: could not connect to host
@@ -17029,7 +17691,8 @@ toretfaction.net: could not connect to host
torlock.download: could not connect to host
torproject.org.uk: could not connect to host
torproject.ovh: could not connect to host
-torrentdownloads.bid: could not connect to host
+torrentdownloads.bid: did not receive HSTS header
+torrentfunk.com: could not connect to host
torrentgamesps2.info: could not connect to host
torrenttop100.net: could not connect to host
torrentz.website: could not connect to host
@@ -17037,10 +17700,10 @@ torrentz2.eu: did not receive HSTS header
tortocan.com: could not connect to host
tortugalife.de: could not connect to host
torv.rocks: did not receive HSTS header
+tosainu.com.br: could not connect to host
tosecure.link: could not connect to host
toshnix.com: could not connect to host
toshub.com: could not connect to host
-toskana-appartement.de: did not receive HSTS header
totalbeauty.co.uk: could not connect to host
totaldragonshop.com.br: could not connect to host
totalle.com.br: could not connect to host
@@ -17062,12 +17725,13 @@ touchstonefms.co.uk: did not receive HSTS header
tougetu.com: could not connect to host
touhou.cc: did not receive HSTS header
touray-enterprise.ch: could not connect to host
+tourispo.com: could not connect to host
tourpeer.com: did not receive HSTS header
toursandtransfers.it: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
tousproducteurs.fr: did not receive HSTS header
-tout-art.ch: could not connect to host
-toutart.ch: could not connect to host
+tovp.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
towaway.ru: could not connect to host
+townofruthnc.gov: could not connect to host
tox.im: did not receive HSTS header
toxicboot.com: could not connect to host
toxicip.com: could not connect to host
@@ -17078,14 +17742,12 @@ tpbcdn.com: could not connect to host
tpblist.xyz: could not connect to host
tpbunblocked.org: could not connect to host
tpe-edu.com: could not connect to host
-tpms4u.at: did not receive HSTS header
+tpms4u.at: could not connect to host
tppdebate.org: did not receive HSTS header
trabajarenperu.com: did not receive HSTS header
tracalada.cl: did not receive HSTS header
-traces.ml: could not connect to host
tracetracker.com: did not receive HSTS header
tracewind.top: could not connect to host
-track.plus: could not connect to host
trackdays4fun.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
tracker-gps.ch: could not connect to host
trackfeed.tokyo: could not connect to host
@@ -17118,7 +17780,6 @@ trainline.se: could not connect to host
trainut.com: could not connect to host
trakfusion.com: could not connect to host
trancendances.fr: could not connect to host
-trangell.com: did not receive HSTS header
tranos.de: did not receive HSTS header
transbike.es: did not receive HSTS header
transcendmotor.sg: could not connect to host
@@ -17133,7 +17794,6 @@ translate.googleapis.com: did not receive HSTS header (error ignored - included
translateblender.ru: could not connect to host
translatoruk.co.uk: did not receive HSTS header
transmithe.net: could not connect to host
-transport.eu: did not receive HSTS header
transportal.sk: did not receive HSTS header
transsexualpantyhose.com: could not connect to host
tratamentoparacelulite.biz: could not connect to host
@@ -17141,6 +17801,8 @@ trauertexte.info: could not connect to host
traumhuetten.de: did not receive HSTS header
travality.ru: could not connect to host
travel-kuban.ru: did not receive HSTS header
+travel-to-nature.ch: did not receive HSTS header
+travel.co.za: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
travel1x1.com: did not receive HSTS header
traveling-thailand.info: could not connect to host
travelinsightswriter.com: could not connect to host
@@ -17154,6 +17816,7 @@ trazosdearte.com: did not receive HSTS header
treasuredinheritanceministry.com: did not receive HSTS header
treatment.org: could not connect to host
treatprostatewithhifu.com: could not connect to host
+treebaglia.xyz: could not connect to host
treeby.net: could not connect to host
treehousebydesign.com: did not receive HSTS header
treeremovaljohannesburg.co.za: could not connect to host
@@ -17174,10 +17837,6 @@ triadwars.com: did not receive HSTS header
triageo.com.au: could not connect to host
trialmock.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
trianon.xyz: could not connect to host
-tributh.ga: could not connect to host
-tributh.gq: could not connect to host
-tributh.ml: could not connect to host
-tributh.tk: could not connect to host
trickedguys.com: could not connect to host
tricks.clothing: did not receive HSTS header
triddi.com: could not connect to host
@@ -17190,12 +17849,15 @@ trinity.fr.eu.org: could not connect to host
trinityaffirmations.com: max-age too low: 0
trinitycore.org: max-age too low: 2592000
trinitytechdev.com: did not receive HSTS header
+trink-und-partyspiele.de: could not connect to host
tripcombi.com: did not receive HSTS header
tripdelta.com: did not receive HSTS header
tripinsider.club: did not receive HSTS header
triple-mmm.de: max-age too low: 0
+tripout.tech: did not receive HSTS header
trisportas.lt: did not receive HSTS header
tristanfarkas.one: could not connect to host
+triticeaetoolbox.org: did not receive HSTS header
trixati.org.ua: did not receive HSTS header
trixies-wish.nz: could not connect to host
trixy.com.br: could not connect to host
@@ -17203,7 +17865,7 @@ trizone.com.au: did not receive HSTS header
troisdorf-gestalten.de: did not receive HSTS header
trollme.me: could not connect to host
trollscave.xyz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-trondelan.no: could not connect to host
+trondelan.no: did not receive HSTS header
tronflix.com: did not receive HSTS header
troo.ly: could not connect to host
trouter.io: could not connect to host
@@ -17212,7 +17874,6 @@ troykelly.com: did not receive HSTS header
trpg.wiki: could not connect to host
truckgpsreviews.com: did not receive HSTS header
true.ink: did not receive HSTS header
-trueblueessentials.com: could not connect to host
truebred-labradors.com: did not receive HSTS header
trueessayhelp.co.uk: did not receive HSTS header
truejob.com: did not receive HSTS header
@@ -17221,11 +17882,10 @@ trumeet.top: did not receive HSTS header
trunkjunk.co: could not connect to host
trush.in: could not connect to host
trustedinnovators.com: could not connect to host
-trustednewssites.com: did not receive HSTS header
+trustednewssites.com: could not connect to host
trusteecar.com: did not receive HSTS header
trustmeimfancy.com: could not connect to host
trustocean.com: did not receive HSTS header
-try2services.cm: did not receive HSTS header
trybind.com: could not connect to host
tryfabulousdiet.com: could not connect to host
tryfm.net: did not receive HSTS header
@@ -17254,7 +17914,6 @@ tsumi.moe: could not connect to host
tsura.org: could not connect to host
tsurezurematome.ga: could not connect to host
ttackmedical.com.br: could not connect to host
-ttrade.ga: did not receive HSTS header
tts.co.nz: did not receive HSTS header
ttspttsp.com: could not connect to host
tty.space: could not connect to host
@@ -17275,6 +17934,8 @@ tufilo.com: could not connect to host
tugers.com: did not receive HSTS header
tulenceria.es: could not connect to host
tulsameetingroom.com: could not connect to host
+tumagiri.net: did not receive HSTS header
+tumutanzi.com: did not receive HSTS header
tunca.it: did not receive HSTS header
tunebitfm.de: could not connect to host
tungstenroyce.com: did not receive HSTS header
@@ -17283,7 +17944,6 @@ tuou.xyz: could not connect to host
tupizm.com: could not connect to host
turismo.cl: could not connect to host
turkiet.guide: could not connect to host
-turkrock.com: did not receive HSTS header
turn-sticks.com: could not connect to host
turnik-67.ru: could not connect to host
turniker.ru: could not connect to host
@@ -17300,6 +17960,7 @@ tutorio.ga: could not connect to host
tutu.ro: could not connect to host
tuturulianda.com: did not receive HSTS header
tuvalie.com: did not receive HSTS header
+tuxflow.de: could not connect to host
tuxhound.org: could not connect to host
tuxrtfm.com: could not connect to host
tv.search.yahoo.com: could not connect to host
@@ -17353,6 +18014,8 @@ twolinepassbrewing.com: could not connect to host
twolivelife.com: could not connect to host
twoo.com: could not connect to host
twotube.ie: could not connect to host
+twun.io: could not connect to host
+twuni.org: did not receive HSTS header
tx041cap.org: could not connect to host
txbi.de: could not connect to host
txclimbers.com: could not connect to host
@@ -17360,15 +18023,12 @@ txcp01.com: could not connect to host
txcp02.com: could not connect to host
txf.pw: could not connect to host
ty2u.com: did not receive HSTS header
-tycjt.vip: did not receive HSTS header
-tyil.nl: could not connect to host
+tycjt.vip: could not connect to host
tykoon.com: could not connect to host
tyl.io: did not receive HSTS header
tyler.coach: could not connect to host
tylercoach.com: could not connect to host
-tylerharcourt.ca: max-age too low: 86400
-tylerharcourt.com: could not connect to host
-tylerharcourt.org: did not receive HSTS header
+tylerharcourt.net: could not connect to host
tylerharcourt.xyz: could not connect to host
tylerjharcourt.com: could not connect to host
tylian.net: max-age too low: 0
@@ -17377,7 +18037,6 @@ type1joe.net: could not connect to host
type1joe.org: could not connect to host
typehub.net: could not connect to host
typeofweb.com: did not receive HSTS header
-typeonejoe.com: could not connect to host
typeonejoe.net: could not connect to host
typeonejoe.org: could not connect to host
typingrevolution.com: did not receive HSTS header
@@ -17391,14 +18050,15 @@ tzwe.com: could not connect to host
u-master.net: did not receive HSTS header
u-metals.com: did not receive HSTS header
u175.com: could not connect to host
+uaci.edu.mx: could not connect to host
uadp.pw: could not connect to host
uahs.org.uk: did not receive HSTS header
ubalert.com: could not connect to host
uber.com.au: did not receive HSTS header
ubercalculator.com: did not receive HSTS header
uberfunction.com: did not receive HSTS header
-ubermail.me: could not connect to host
-ubicloud.de: could not connect to host
+ubertt.org: could not connect to host
+ubicloud.de: did not receive HSTS header
ubicv.com: could not connect to host
ublox.com: did not receive HSTS header
ubtce.com: could not connect to host
@@ -17409,6 +18069,7 @@ uchiha.ml: could not connect to host
uclanmasterplan.co.uk: did not receive HSTS header
udbhav.me: could not connect to host
uega.net: did not receive HSTS header
+uel-thompson-okanagan.ca: could not connect to host
uerdingen.info: did not receive HSTS header
uesociedadlimitada.com: could not connect to host
ueu.me: could not connect to host
@@ -17420,14 +18081,42 @@ ugcdn.com: could not connect to host
ugisgutless.com: could not connect to host
ugo.ninja: could not connect to host
ugosadventures.com: could not connect to host
-uhappy69.com: could not connect to host
-uhappy70.com: could not connect to host
-uhappy72.com: could not connect to host
-uhappy80.com: could not connect to host
-uhappy81.com: could not connect to host
+uhappy11.com: did not receive HSTS header
+uhappy21.com: did not receive HSTS header
+uhappy23.com: did not receive HSTS header
+uhappy24.com: did not receive HSTS header
+uhappy25.com: did not receive HSTS header
+uhappy26.com: did not receive HSTS header
+uhappy27.com: did not receive HSTS header
+uhappy28.com: did not receive HSTS header
+uhappy29.com: did not receive HSTS header
+uhappy3.com: did not receive HSTS header
+uhappy31.com: did not receive HSTS header
+uhappy33.com: did not receive HSTS header
+uhappy55.com: did not receive HSTS header
+uhappy56.com: did not receive HSTS header
+uhappy58.com: did not receive HSTS header
+uhappy59.com: did not receive HSTS header
+uhappy60.com: did not receive HSTS header
+uhappy61.com: did not receive HSTS header
+uhappy62.com: did not receive HSTS header
+uhappy66.com: did not receive HSTS header
+uhappy67.com: did not receive HSTS header
+uhappy71.com: did not receive HSTS header
+uhappy73.com: could not connect to host
+uhappy74.com: could not connect to host
+uhappy75.com: could not connect to host
+uhappy76.com: could not connect to host
+uhappy77.com: did not receive HSTS header
+uhappy78.com: could not connect to host
+uhappy8.com: did not receive HSTS header
+uhappy86.com: did not receive HSTS header
+uhappy9.com: did not receive HSTS header
+uhappy99.com: did not receive HSTS header
uhasseltctf.ga: could not connect to host
uhasseltodin.be: did not receive HSTS header
uhm.io: did not receive HSTS header
+uhssl.com: did not receive HSTS header
uhuru-market.com: did not receive HSTS header
uitslagensoftware.nl: did not receive HSTS header
ukas.com: could not connect to host
@@ -17448,6 +18137,7 @@ ultimate-memoryplus.com: could not connect to host
ultimate-neuroplus.com: could not connect to host
ultramax.biz: could not connect to host
ultraporn.biz: could not connect to host
+ultrasite.tk: could not connect to host
ultrasteam.net: could not connect to host
ultros.io: did not receive HSTS header
umaimise.info: did not receive HSTS header
@@ -17458,7 +18148,9 @@ umidev.com: could not connect to host
umie.cc: did not receive HSTS header
umkmjogja.com: did not receive HSTS header
ump45.moe: could not connect to host
-umsolugar.com.br: did not receive HSTS header
+umsolugar.com.br: could not connect to host
+umwandeln-online.de: could not connect to host
+unapolegetic.co: did not receive HSTS header
unart.info: could not connect to host
unbanthe.net: could not connect to host
unblockat.tk: did not receive HSTS header
@@ -17487,6 +18179,7 @@ unblockthe.site: could not connect to host
unblockthe.top: could not connect to host
unccdesign.club: could not connect to host
unclegen.xyz: could not connect to host
+undecidable.de: could not connect to host
under30stravelinsurance.com.au: did not receive HSTS header
undercovercondoms.com: could not connect to host
underkin.com: could not connect to host
@@ -17494,6 +18187,7 @@ undone.me: could not connect to host
unefuite.ch: could not connect to host
unfiltered.nyc: could not connect to host
unfuddle.cn: could not connect to host
+ungeek.eu: did not receive HSTS header
ungern.guide: could not connect to host
unhu.fr: could not connect to host
uni-games.com: could not connect to host
@@ -17513,24 +18207,27 @@ uniformespousoalegre.com.br: did not receive HSTS header
unikitty-on-tour.com: could not connect to host
unikrn.com: could not connect to host
uninet.cf: could not connect to host
-uniojeda.ml: did not receive HSTS header
+uniojeda.ml: could not connect to host
unionstationapp.com: could not connect to host
unirenter.ru: did not receive HSTS header
unison.com: did not receive HSTS header
-unisyssecurity.com: could not connect to host
+unisyssecurity.com: did not receive HSTS header
unitedcyberdevelopment.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
unitlabs.net: could not connect to host
unitrade-425.co.za: did not receive HSTS header
+univerpack.net: could not connect to host
university4industry.com: did not receive HSTS header
universogay.com: could not connect to host
univstore.win: could not connect to host
univz.com: could not connect to host
+unixapp.ml: could not connect to host
+unixfox.eu: could not connect to host
unixtime.pro: could not connect to host
unknownbreakup.com: max-age too low: 2592000
unknownphenomena.net: could not connect to host
unleash.pw: could not connect to host
unlogis.ch: could not connect to host
-unmanaged.space: could not connect to host
+unmanaged.space: did not receive HSTS header
unplugg3r.dk: could not connect to host
unpossible.xyz: could not connect to host
unravel.ie: could not connect to host
@@ -17553,6 +18250,7 @@ up1.ca: could not connect to host
upaknship.com: did not receive HSTS header
upandclear.org: max-age too low: 0
upboard.jp: could not connect to host
+updatehub.io: did not receive HSTS header
upldr.pw: could not connect to host
uploadbro.com: could not connect to host
upmchealthsecurity.us: could not connect to host
@@ -17569,13 +18267,14 @@ ur-lauber.de: did not receive HSTS header
urban-garden.lt: could not connect to host
urban-garden.lv: could not connect to host
urban-karuizawa.co.jp: max-age too low: 0
+urbanfi.sh: did not receive HSTS header
urbanmic.com: could not connect to host
urbanstylestaging.com: could not connect to host
urbpic.com: could not connect to host
urcentral.org: could not connect to host
-url.cab: could not connect to host
+urgences-valais.ch: could not connect to host
+url.cab: did not receive HSTS header
urlachershop.com.br: did not receive HSTS header
-urlakite.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
urlchomp.com: did not receive HSTS header
urology.wiki: did not receive HSTS header
urphp.com: did not receive HSTS header
@@ -17588,11 +18287,11 @@ usbtypeccompliant.com: could not connect to host
uscitizenship.info: did not receive HSTS header
uscntalk.com: could not connect to host
uscp8.com: could not connect to host
-uscurrency.gov: did not receive HSTS header
use.ci: could not connect to host
used-in.jp: could not connect to host
usedesk.ru: did not receive HSTS header
usedoor.jp: did not receive HSTS header
+usedu.us: could not connect to host
useevlo.com.br: could not connect to host
user-new.com: did not receive HSTS header
usercare.com: could not connect to host
@@ -17605,7 +18304,9 @@ usparklodging.com: did not receive HSTS header
usportsgo.com: could not connect to host
usr.nz: did not receive HSTS header
usuluddin.ga: did not receive HSTS header
+utahfireinfo.gov: did not receive HSTS header
utdscanner.com: did not receive HSTS header
+utdsgda.com: could not connect to host
uteam.it: could not connect to host
utilio.nl: max-age too low: 2592000
utilitronium-shockwave.com: could not connect to host
@@ -17622,6 +18323,7 @@ uttnetgroup.fr: could not connect to host
utube.tw: could not connect to host
utumno.ch: could not connect to host
utvbloggen.se: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
+uuid.cf: could not connect to host
uvarov.pw: could not connect to host
uvolejniku.cz: did not receive HSTS header
uwekoetter.com: did not receive HSTS header
@@ -17657,7 +18359,7 @@ vaclavambroz.cz: did not receive HSTS header
vaclavambroz.eu: could not connect to host
vacuumreviewcenter.com: did not receive HSTS header
vaddder.com: could not connect to host
-vadennissanofhinesvilleparts.com: could not connect to host
+vadennissanofhinesvilleparts.com: did not receive HSTS header
vadik.me: could not connect to host
vadodesign.nl: did not receive HSTS header
vaibhavchatarkar.com: could not connect to host
@@ -17669,12 +18371,12 @@ valenhub.com: could not connect to host
valenhub.es: could not connect to host
valenscaelum.com: could not connect to host
valentin-ochs.de: could not connect to host
-valentin.ml: could not connect to host
valesdev.com: max-age too low: 0
valethound.com: could not connect to host
valhallacostarica.com: could not connect to host
valhallamovement.com: did not receive HSTS header
valitron.se: did not receive HSTS header
+valkor.pro: could not connect to host
valkyrja.xyz: could not connect to host
valleyridgepta.org: could not connect to host
valleyshop.ca: could not connect to host
@@ -17692,15 +18394,17 @@ vanderstraeten.dynv6.net: could not connect to host
vanessabalibridal.com: could not connect to host
vanestack.com: could not connect to host
vanetv.com: could not connect to host
-vangeluwedeberlaere.be: did not receive HSTS header
+vangeluwedeberlaere.be: could not connect to host
vanhaos.com: could not connect to host
vanitas.xyz: could not connect to host
vanitynailworkz.com: could not connect to host
vanlaanen.com: did not receive HSTS header
+vanohaker.ru: could not connect to host
vansieleghem.com: could not connect to host
vantaio.com: did not receive HSTS header
vapecom-shop.com: could not connect to host
vapecraftinc.com: did not receive HSTS header
+vapehour.com: could not connect to host
vapemania.eu: could not connect to host
vapeshopsupply.com: max-age too low: 7889238
vaporpunk.space: did not receive HSTS header
@@ -17722,12 +18426,11 @@ vayaport.com: could not connect to host
vb-oa.co.uk: did not receive HSTS header
vbest.net: could not connect to host
vbestreviews.com: did not receive HSTS header
-vbhelp.org: did not receive HSTS header
+vbhelp.org: could not connect to host
vbulletin-russia.com: could not connect to host
vbulletinrussia.com: could not connect to host
vcdn.xyz: could not connect to host
vcdove.com: could not connect to host
-vcelin-na-doliku.cz: could not connect to host
vconcept.ch: could not connect to host
vconcept.me: could not connect to host
vcr.re: could not connect to host
@@ -17752,13 +18455,13 @@ veggiesbourg.fr: did not receive HSTS header
vegis.ro: did not receive HSTS header
veglog.com: could not connect to host
vehent.org: did not receive HSTS header
+vehicletransportservices.co: did not receive HSTS header
vehicleuplift.co.uk: did not receive HSTS header
vekenz.com: could not connect to host
velasense.com: could not connect to host
velonustraduction.com: could not connect to host
velotyretz.fr: did not receive HSTS header
vemokin.net: could not connect to host
-venenum.org: could not connect to host
venicecomputerrepair.com: could not connect to host
venicefloridawebsitedesign.com: could not connect to host
venicerealdeal.com: could not connect to host
@@ -17771,11 +18474,13 @@ venoom.eu: did not receive HSTS header
vensl.org: could not connect to host
venturedisplay.co.uk: did not receive HSTS header
venturepro.com: did not receive HSTS header
+venusbymariatash.com: could not connect to host
venzocrm.com: did not receive HSTS header
-ver-ooginoog.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
-veraandsteve.date: could not connect to host
+ver-ooginoog.nl: max-age too low: 2592000
+veraandsteve.date: did not receive HSTS header
verdeandco.co.uk: could not connect to host
vergeaccessories.com: could not connect to host
+vergessen.cn: could not connect to host
verifiedinvesting.com: could not connect to host
verifikatorindonesia.com: could not connect to host
veriomed.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -17789,8 +18494,8 @@ versbeton.nl: max-age too low: 864000
versfin.net: could not connect to host
versia.ru: did not receive HSTS header
veryhax.de: could not connect to host
+veryimportantusers.com: could not connect to host
veryyounglesbians.com: could not connect to host
-verzick.com: could not connect to host
ves.vn.ua: could not connect to host
vestacp.top: could not connect to host
vetdnacenter.com: did not receive HSTS header
@@ -17798,7 +18503,7 @@ veterinaire-cazeres-foucault.fr: could not connect to host
vethouse.com.ua: did not receive HSTS header
vetmgmt.com: could not connect to host
veto.fish: could not connect to host
-vforvendetta.science: could not connect to host
+vforvendetta.science: did not receive HSTS header
vfree.org: could not connect to host
vgatest.nl: could not connect to host
vglimg.com: could not connect to host
@@ -17816,8 +18521,20 @@ viciousflora.com: could not connect to host
viciousviscosity.xyz: could not connect to host
vickshomes.com: could not connect to host
victorenxovais.com.br: could not connect to host
+victoreriksson.ch: could not connect to host
+victoreriksson.co: could not connect to host
+victoreriksson.com: could not connect to host
+victoreriksson.eu: could not connect to host
+victoreriksson.info: could not connect to host
+victoreriksson.me: could not connect to host
+victoreriksson.net: could not connect to host
+victoreriksson.nu: could not connect to host
+victoreriksson.org: could not connect to host
+victoreriksson.se: could not connect to host
+victoreriksson.us: could not connect to host
victoriapemberton.com: did not receive HSTS header
victoriaville.ca: did not receive HSTS header
+victornilsson.pw: did not receive HSTS header
vid.me: did not receive HSTS header
vidb.me: could not connect to host
vidbuchanan.co.uk: did not receive HSTS header
@@ -17827,13 +18544,13 @@ videnskabsklubben.dk: did not receive HSTS header
videobola.win: could not connect to host
videoload.co: could not connect to host
videomuz.com: could not connect to host
-videorullen.se: could not connect to host
+videorullen.se: did not receive HSTS header
videosxgays.com: could not connect to host
videotogel.net: could not connect to host
videoueberwachung-set.de: did not receive HSTS header
vider.ga: could not connect to host
vidid.net: did not receive HSTS header
-vidiproject.com: did not receive HSTS header
+vidiproject.com: could not connect to host
viditut.com: could not connect to host
vidkovaomara.si: could not connect to host
vidlyoficial.com: could not connect to host
@@ -17850,6 +18567,7 @@ vigilo.ga: could not connect to host
viikko.eu: could not connect to host
vijos.org: did not receive HSTS header
vikasbabyworld.de: could not connect to host
+vikodek.com: did not receive HSTS header
viktor-machnik.de: could not connect to host
viktorsvantesson.net: did not receive HSTS header
vilabiamodas.com.br: could not connect to host
@@ -17880,16 +18598,19 @@ vinesauce.info: could not connect to host
vinetalk.net: could not connect to host
vinicius.sl: could not connect to host
viniferawineclub.com: did not receive HSTS header
+vinigas.com: did not receive HSTS header
vinihk.com: did not receive HSTS header
+vinnie.gq: could not connect to host
vinogradovka.com: did not receive HSTS header
vintock.com: could not connect to host
vio.no: did not receive HSTS header
violenceinterrupted.org: did not receive HSTS header
violet-letter.delivery: could not connect to host
-violetraven.co.uk: could not connect to host
+violetraven.co.uk: did not receive HSTS header
viosey.com: could not connect to host
vioye.com: could not connect to host
vip-9649.com: did not receive HSTS header
+vip4553.com: could not connect to host
vip9649.com: did not receive HSTS header
viperdns.com: could not connect to host
vipesball.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -17903,12 +18624,14 @@ vipnettikasinoklubi.com: did not receive HSTS header
viral8.jp: could not connect to host
viralboombox.xyz: could not connect to host
virginiacrimeanalysisnetwork.org: did not receive HSTS header
+virial.de: did not receive HSTS header
viris.si: max-age too low: 536000
virtualhealth.com: did not receive HSTS header
virtualstrongbox.ca: did not receive HSTS header
visa-shinsei.com: did not receive HSTS header
visanhigia.com: could not connect to host
viserproject.com: did not receive HSTS header
+visioflux-premium.com: did not receive HSTS header
vision-painting.com: did not receive HSTS header
visiondigitalsog.com: could not connect to host
visiongamestudios.com: could not connect to host
@@ -17926,6 +18649,8 @@ vitagenda.nl: could not connect to host
vital-tel.co.uk: did not receive HSTS header
vitalamin.at: could not connect to host
vitalamin.ch: could not connect to host
+vitalamin.com: could not connect to host
+vitalamin.de: did not receive HSTS header
vitalita.cz: did not receive HSTS header
vitalorange.com: did not receive HSTS header
vitalthings.de: could not connect to host
@@ -17934,6 +18659,7 @@ vitamineproteine.com: did not receive HSTS header
vitta.me: did not receive HSTS header
vitzro.kr: could not connect to host
viva-french.com: did not receive HSTS header
+vivamusic.es: did not receive HSTS header
vivasports.com.br: could not connect to host
viveconsalud.club: could not connect to host
vivocloud.com: could not connect to host
@@ -17949,11 +18675,12 @@ vleij.family: could not connect to host
vlogge.com: did not receive HSTS header
vlsk.eu: did not receive HSTS header
vlzbazar.ru: could not connect to host
+vmem.jp: did not receive HSTS header
vmrdev.com: could not connect to host
vmstan.com: did not receive HSTS header
vndb.org: could not connect to host
vocab.guru: could not connect to host
-vocalik.com: did not receive HSTS header
+vocalik.com: could not connect to host
vocalsynth.space: could not connect to host
voceinveste.com: did not receive HSTS header
vodpay.com: could not connect to host
@@ -17969,13 +18696,13 @@ voidpay.org: could not connect to host
voids.org: could not connect to host
voidserv.net: could not connect to host
voidshift.com: could not connect to host
-voidzehn.com: did not receive HSTS header
voilo.club: could not connect to host
voilodaisuki.club: could not connect to host
voipkb.com: did not receive HSTS header
voiro.club: could not connect to host
voirodaisuki.club: could not connect to host
vokalsystem.com: did not receive HSTS header
+vokurka.net: did not receive HSTS header
volatimer.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
volbyzive.cz: did not receive HSTS header
volcain.io: could not connect to host
@@ -18006,9 +18733,10 @@ vosjesweb.nl: could not connect to host
votercircle.com: did not receive HSTS header
voterstartingpoint.uk: did not receive HSTS header
votewa.gov: could not connect to host
+votre-site-internet.ch: could not connect to host
votresiteweb.ch: could not connect to host
vow.vn: could not connect to host
-voyageofyume.com: could not connect to host
+vox.vg: did not receive HSTS header
vozami.com: could not connect to host
vpip.net: could not connect to host
vpl.me: did not receive HSTS header
@@ -18044,12 +18772,14 @@ vsamsonov.com: could not connect to host
vsc-don-stocksport.de: did not receive HSTS header
vtuber-schedule.info: could not connect to host
vucdn.com: could not connect to host
+vulndetect.org: did not receive HSTS header
vulnerabilities.io: could not connect to host
vuosaarenmontessoritalo.fi: did not receive HSTS header
vvl.me: did not receive HSTS header
vw-touranclub.cz: could not connect to host
vwoforangeparts.com: could not connect to host
vwt-event.nl: could not connect to host
+vww-8522.com: could not connect to host
vxapps.com: could not connect to host
vxml.club: could not connect to host
vxst.org: max-age too low: 2592000
@@ -18063,6 +18793,7 @@ vyvygen.com: did not receive HSTS header
vyzner.cz: could not connect to host
vzk.io: could not connect to host
w10club.com: could not connect to host
+w1221.com: could not connect to host
w2gshop.com.br: could not connect to host
w4a.fr: could not connect to host
w4b.in: could not connect to host
@@ -18071,19 +18802,17 @@ w4xzr.xyz: could not connect to host
w84.it: could not connect to host
w9rld.com: did not receive HSTS header
wabifoggynuts.com: could not connect to host
-wachter.biz: did not receive HSTS header
+wachter.biz: could not connect to host
wachtwoordencheck.nl: could not connect to host
wadvisor.com: could not connect to host
waelti.xxx: could not connect to host
wafa4hw.com: could not connect to host
wafairhaven.com.au: did not receive HSTS header
wafni.com: could not connect to host
-wahhoi.net: could not connect to host
wai-in.com: could not connect to host
wai-in.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
waidu.de: did not receive HSTS header
wail.net: could not connect to host
-wait.jp: could not connect to host
wait.moe: could not connect to host
waixingrenfuli7.vip: could not connect to host
waka-mono.com: could not connect to host
@@ -18094,6 +18823,7 @@ waka88.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR
wakapp.de: could not connect to host
wakened.net: did not receive HSTS header
waldkinder-ilmenau.de: did not receive HSTS header
+waligorska.pl: could not connect to host
walkeryoung.ca: could not connect to host
walkingforhealth.org.uk: did not receive HSTS header
wallabag.it: did not receive HSTS header
@@ -18112,7 +18842,7 @@ wanda79.com: could not connect to host
wanda96.com: could not connect to host
wanda97.com: could not connect to host
wanda98.com: could not connect to host
-wandercue.com: did not receive HSTS header
+wandercue.com: could not connect to host
wangjiatun.com.tw: could not connect to host
wangjun.me: did not receive HSTS header
wangkezun.com: could not connect to host
@@ -18122,9 +18852,7 @@ wangqiliang.xn--fiqs8s: could not connect to host
wangql.cn: could not connect to host
wanquanojbk.com: did not receive HSTS header
wantshow.com.br: did not receive HSTS header
-wanvi.net: did not receive HSTS header
wanybug.cn: did not receive HSTS header
-wanybug.com: could not connect to host
wapgu.cc: could not connect to host
wapjt.cn: could not connect to host
wapking.live: could not connect to host
@@ -18150,15 +18878,17 @@ warsentech.com: did not receive HSTS header
warumsuchen.at: did not receive HSTS header
wasatchconstables.com: did not receive HSTS header
wasatchcrest.com: did not receive HSTS header
-washandfun.com: could not connect to host
+washandfun.com: did not receive HSTS header
wassim.is: did not receive HSTS header
watashi.bid: could not connect to host
watchium.com: did not receive HSTS header
watchtv-online.pw: could not connect to host
watchweasel.com: could not connect to host
+waterfedpole.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
waterforlife.net.au: did not receive HSTS header
waterpoint.com.br: could not connect to host
watersportmarkt.net: did not receive HSTS header
+watertrails.io: could not connect to host
watsonhall.uk: could not connect to host
wattechweb.com: did not receive HSTS header
wave-ola.es: did not receive HSTS header
@@ -18166,6 +18896,7 @@ wavefloatrooms.com: did not receive HSTS header
wavefrontsystemstech.com: could not connect to host
wavesoftime.com: could not connect to host
waxlrs.com: could not connect to host
+wayfairertravel.com: did not receive HSTS header
waylaydesign.com: did not receive HSTS header
waylee.net: did not receive HSTS header
wbit.co.il: did not receive HSTS header
@@ -18176,7 +18907,6 @@ wdesk.com: did not receive HSTS header
wdrl.info: did not receive HSTS header
wdt.io: could not connect to host
we.serveftp.net: could not connect to host
-wealthcentral.com.au: did not receive HSTS header
wealthformyhealth.com: did not receive HSTS header
wear2work.nl: could not connect to host
wearedisneyland.com: did not receive HSTS header
@@ -18187,8 +18917,10 @@ weaverhairextensions.nl: could not connect to host
web-adminy.co.uk: could not connect to host
web-advisor.co.uk: could not connect to host
web-demarche.com: could not connect to host
+web-dl.cc: did not receive HSTS header
web-industry.fr: could not connect to host
web-insider.net: did not receive HSTS header
+web-thinker.ru: could not connect to host
web-vision.de: did not receive HSTS header
web4all.fr: did not receive HSTS header
web4pro.fr: could not connect to host
@@ -18213,6 +18945,7 @@ webdosh.com: did not receive HSTS header
webeconomia.it: did not receive HSTS header
webelement.sk: did not receive HSTS header
weberjulia.com: could not connect to host
+webfox.com.br: did not receive HSTS header
webfronten.dk: did not receive HSTS header
webgaff.com: could not connect to host
webgap.me: did not receive HSTS header
@@ -18241,7 +18974,7 @@ webninja.work: could not connect to host
webnoob.net: could not connect to host
webnosql.com: could not connect to host
webogram.org: could not connect to host
-webperformance.ru: could not connect to host
+webperformance.ru: did not receive HSTS header
webproshosting.tk: could not connect to host
webproxy.pw: could not connect to host
webpublica.pt: could not connect to host
@@ -18262,12 +18995,12 @@ webtechgadgetry.com: could not connect to host
webtek.nu: could not connect to host
webthings.com.br: could not connect to host
webtiles.co.uk: could not connect to host
-webukhost.com: could not connect to host
webuni.hu: did not receive HSTS header
webveloper.com: did not receive HSTS header
-webwolf.co.za: did not receive HSTS header
+webwolf.co.za: could not connect to host
webwork.pw: did not receive HSTS header
webypass.xyz: could not connect to host
+webz.one: could not connect to host
webzanem.com: could not connect to host
wecanfindit.co.za: could not connect to host
wecanvisit.com: could not connect to host
@@ -18283,6 +19016,8 @@ weedcircles.com: did not receive HSTS header
weedlandia.org: could not connect to host
weekly.fyi: could not connect to host
wegenaer.nl: could not connect to host
+wegethitched.co.uk: could not connect to host
+weggeweest.nl: could not connect to host
wegner.no: could not connect to host
weicn.org: did not receive HSTS header
weightreviews.com: could not connect to host
@@ -18291,11 +19026,11 @@ weiler.xyz: could not connect to host
weimaraner.com.br: could not connect to host
weinhandel-preissler.de: could not connect to host
weirdserver.com: could not connect to host
-weixiaojun.org: could not connect to host
+weixiaojun.org: did not receive HSTS header
weizenke.im: could not connect to host
wejumall.com: could not connect to host
wekibe.de: could not connect to host
-welby.cat: could not connect to host
+welby.cat: did not receive HSTS header
welches-kinderfahrrad.de: could not connect to host
welcomehelp.de: could not connect to host
welkers.org: could not connect to host
@@ -18331,7 +19066,7 @@ werdeeintimo.de: could not connect to host
wereldplanner.nl: could not connect to host
werhatunsverraten.eu: could not connect to host
werken-bij-inwork.nl: could not connect to host
-werkenbijkfc.nl: could not connect to host
+werkenbijkfc.nl: did not receive HSTS header
werkplaatsoost.nl: did not receive HSTS header
werkruimtebottendaal.nl: could not connect to host
werkz.io: could not connect to host
@@ -18339,7 +19074,6 @@ wes-dev.com: did not receive HSTS header
wesayyesprogram.com: could not connect to host
wesleyharris.ca: did not receive HSTS header
wespeakgeek.co.za: could not connect to host
-wessner.co: could not connect to host
westcoastaggregate.com: could not connect to host
westendzone.com: could not connect to host
westerhoud.nl: did not receive HSTS header
@@ -18358,7 +19092,6 @@ wetthost.com: could not connect to host
wetttipps.com: could not connect to host
wetttipps.de: could not connect to host
wevahoo.com: could not connect to host
-wevg.org: did not receive HSTS header
wevolver.com: did not receive HSTS header
wewillgo.com: could not connect to host
wewillgo.org: did not receive HSTS header
@@ -18366,6 +19099,7 @@ wewlad.me: could not connect to host
weyland.tech: did not receive HSTS header
weynaphotography.com: did not receive HSTS header
wf-training-master.appspot.com: did not receive HSTS header (error ignored - included regardless)
+wfl.ro: did not receive HSTS header
wftda.com: did not receive HSTS header
wg-tools.de: could not connect to host
whanau.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -18383,7 +19117,7 @@ whereismyorigin.cf: could not connect to host
wherephoto.com: did not receive HSTS header
wheresben.today: could not connect to host
whilsttraveling.com: could not connect to host
-whimtrip.fr: did not receive HSTS header
+whimtrip.fr: could not connect to host
whisker.network: could not connect to host
whistler-transfers.com: did not receive HSTS header
whitehat.id: could not connect to host
@@ -18391,6 +19125,7 @@ whiterabbit.org: did not receive HSTS header
whiterabbitcakery.com: could not connect to host
whiteready.it: did not receive HSTS header
whiteroom.agency: did not receive HSTS header
+whiterose.goip.de: could not connect to host
whitestagforge.com: did not receive HSTS header
whoasome.com: could not connect to host
whoclicks.net: could not connect to host
@@ -18406,7 +19141,6 @@ whoownsmyavailability.com: [Exception... "Component returned failure code: 0x800
whoshotya.de: did not receive HSTS header
whysuck.com: could not connect to host
wiapply.com: could not connect to host
-wiberg.nu: could not connect to host
wibruje.pl: did not receive HSTS header
wibuw.com: could not connect to host
widdleguy.com: did not receive HSTS header
@@ -18416,7 +19150,6 @@ wienerwichtelchallenge.at: did not receive HSTS header
wieninternational.at: did not receive HSTS header
wificafehosting.com: did not receive HSTS header
wifimapa.cz: could not connect to host
-wifimask.com: did not receive HSTS header
wiiaam.com: could not connect to host
wiiforum.no: did not receive HSTS header
wiire.me: could not connect to host
@@ -18439,7 +19172,6 @@ william.si: could not connect to host
williamboundsltd.com: could not connect to host
williamsapiens.com: could not connect to host
williamsflintlocks.com: did not receive HSTS header
-williamsroom.com: did not receive HSTS header
williamtm.design: could not connect to host
willkommen-fuerstenberg.de: did not receive HSTS header
willosagiede.com: did not receive HSTS header
@@ -18447,6 +19179,7 @@ wilsonovi.com: could not connect to host
wilsonvilleoregon.gov: could not connect to host
winaes.com: did not receive HSTS header
winclient.cn: could not connect to host
+wind.moe: could not connect to host
windholz.us: could not connect to host
windows10insider.com: did not receive HSTS header
windowsforum.com: did not receive HSTS header
@@ -18502,6 +19235,7 @@ wittepapaver.nl: did not receive HSTS header
witting.co: could not connect to host
wittydonut.com: could not connect to host
witzemaschine.com: max-age too low: 0
+wixguide.co: did not receive HSTS header
wizardmeow.xin: could not connect to host
wizardspire.com: did not receive HSTS header
wizznab.tk: could not connect to host
@@ -18511,8 +19245,10 @@ wlzhiyin.cn: could not connect to host
wmawri.com: did not receive HSTS header
wmcuk.net: did not receive HSTS header
wmfinanz.com: could not connect to host
+wmnrj.com: did not receive HSTS header
wmoda.com.br: could not connect to host
-wnmed.com.au: could not connect to host
+wmustore.com: did not receive HSTS header
+wnmed.com.au: did not receive HSTS header
wnmm.nl: could not connect to host
wnnc.co.uk: could not connect to host
woaiuhd.com: could not connect to host
@@ -18525,7 +19261,7 @@ wodice.com: could not connect to host
wohnungsbau-ludwigsburg.de: did not receive HSTS header
woi.vision: could not connect to host
woima.fi: max-age too low: 604800
-wokeai.net: could not connect to host
+wokeai.net: did not receive HSTS header
woktoss.com: could not connect to host
wolfemg.com: could not connect to host
wolfenland.net: did not receive HSTS header
@@ -18533,8 +19269,10 @@ wolfesden.com: could not connect to host
wolfram.io: could not connect to host
wolkenspeicher.org: could not connect to host
wollekorb.de: could not connect to host
+womb.city: could not connect to host
womf.org: did not receive HSTS header
womosale.de: could not connect to host
+wonabo.com: could not connect to host
wonderbooks.club: could not connect to host
wonderfall.xyz: could not connect to host
wonderhost.info: could not connect to host
@@ -18559,6 +19297,7 @@ wordsofamaster.com: could not connect to host
work-and-jockel.de: did not receive HSTS header
workemy.com: could not connect to host
workfone.io: could not connect to host
+workingmachine.info: could not connect to host
workissime.com: did not receive HSTS header
workpermit.com.vn: could not connect to host
workplaces.online: did not receive HSTS header
@@ -18566,6 +19305,7 @@ worksofwyoming.org: did not receive HSTS header
workwithgo.com: could not connect to host
world-education-association.org: could not connect to host
worldchess.london: could not connect to host
+worldcrafts.org: did not receive HSTS header
worldfree4.org: did not receive HSTS header
worldlist.org: could not connect to host
worldofterra.net: could not connect to host
@@ -18575,6 +19315,8 @@ worldwhisperer.net: could not connect to host
wormdisk.net: could not connect to host
wormholevpn.net: could not connect to host
worshapp.com: did not receive HSTS header
+woti.dedyn.io: could not connect to host
+wow-foederation.de: could not connect to host
wow-travel.eu: could not connect to host
wow202y5.com: did not receive HSTS header
wowapi.org: could not connect to host
@@ -18591,6 +19333,7 @@ wpcheck.io: could not connect to host
wpcontrol.se: could not connect to host
wpdesigner.ir: did not receive HSTS header
wpdublin.com: could not connect to host
+wpexplainer.com: did not receive HSTS header
wpfast.net: could not connect to host
wpfortify.com: could not connect to host
wpg-inc.com: did not receive HSTS header
@@ -18609,7 +19352,6 @@ wpzhiku.com: did not receive HSTS header
wql.zj.cn: did not receive HSTS header
wrapit.hu: could not connect to host
wrapitup.co.uk: did not receive HSTS header
-wrara.org: could not connect to host
wrbunderwriting.com: did not receive HSTS header
wrfu.co.nz: did not receive HSTS header
wriedts.de: did not receive HSTS header
@@ -18622,7 +19364,6 @@ writing-expert.com: could not connect to host
wrldevelopment.com: did not receive HSTS header
wroffle.com: did not receive HSTS header
wrwg.ca: could not connect to host
-ws-meca.com: did not receive HSTS header
wsb-immo.at: could not connect to host
wsdcap.com: could not connect to host
wsor.group: did not receive HSTS header
@@ -18635,6 +19376,7 @@ wubify.com: did not receive HSTS header
wubocong.com: did not receive HSTS header
wubthecaptain.eu: could not connect to host
wuchipc.com: could not connect to host
+wufu.org: did not receive HSTS header
wufupay.com: could not connect to host
wuhengmin.com: could not connect to host
wulpi.it: did not receive HSTS header
@@ -18651,9 +19393,9 @@ wusx.club: could not connect to host
wutianxian.com: could not connect to host
wvr-law.de: did not receive HSTS header
wvv-8522.com: could not connect to host
+wvw-8522.com: could not connect to host
wvw698.com: max-age too low: 2592000
wwbsb.xyz: could not connect to host
-wwjd.dynu.net: could not connect to host
wwv-8522.com: could not connect to host
www-001133.com: could not connect to host
www-0385.com: could not connect to host
@@ -18674,6 +19416,7 @@ www-9649.com: did not receive HSTS header
www-9995.com: could not connect to host
www-djbet.com: could not connect to host
www-jinshavip.com: could not connect to host
+www-pj009.com: could not connect to host
www.captaintrain.com: did not receive HSTS header
www.cueup.com: could not connect to host
www.cyveillance.com: did not receive HSTS header
@@ -18683,7 +19426,7 @@ www.gmail.com: did not receive HSTS header (error ignored - included regardless)
www.googlemail.com: did not receive HSTS header (error ignored - included regardless)
www.gpo.gov: did not receive HSTS header
www.greplin.com: could not connect to host
-www.icann.org: did not receive HSTS header
+www.intercom.io: did not receive HSTS header
www.jitsi.org: did not receive HSTS header
www.ledgerscope.net: could not connect to host
www.logentries.com: did not receive HSTS header
@@ -18714,7 +19457,7 @@ wzrd.in: did not receive HSTS header
x-pertservice.com: did not receive HSTS header
x-power-detox.com: could not connect to host
x-ripped-hd.com: could not connect to host
-x1be.win: could not connect to host
+x1be.win: did not receive HSTS header
x23.eu: did not receive HSTS header
x2c0.net: did not receive HSTS header
x2w.io: could not connect to host
@@ -18729,6 +19472,7 @@ xat.re: did not receive HSTS header
xavier.is: could not connect to host
xavierbarroso.com: did not receive HSTS header
xbc.nz: could not connect to host
+xbertschy.com: did not receive HSTS header
xbind.io: could not connect to host
xchangeinfo.com: could not connect to host
xchating.com: could not connect to host
@@ -18738,7 +19482,6 @@ xcoop.me: did not receive HSTS header
xd.fi: did not receive HSTS header
xd.gov: did not receive HSTS header
xdd.io: could not connect to host
-xdty.org: could not connect to host
xehoivn.vn: could not connect to host
xellos.ga: could not connect to host
xellos.ml: could not connect to host
@@ -18755,13 +19498,15 @@ xhadius.de: could not connect to host
xia100.xyz: could not connect to host
xiangqiushi.com: did not receive HSTS header
xianguocy.com: could not connect to host
+xiaobude.cn: did not receive HSTS header
xiaody.me: could not connect to host
+xiaofengsky.com: did not receive HSTS header
xiaolan.me: could not connect to host
xiaolvmu.com: could not connect to host
xiaolvmu.me: could not connect to host
xiaoxiao.im: could not connect to host
xiaxuejin.cn: could not connect to host
-xiazhanjian.com: could not connect to host
+xiazhanjian.com: did not receive HSTS header
xice.cf: could not connect to host
xilegames.com: could not connect to host
ximage.me: could not connect to host
@@ -18769,28 +19514,29 @@ ximens.me: could not connect to host
xin-in.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
xin-in.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
xinbiji.cn: could not connect to host
+xinbo270.com: could not connect to host
xinex.cz: did not receive HSTS header
xing-in.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
xing.ml: could not connect to host
xinghuokeji.xin: could not connect to host
xingiahanvisa.net: did not receive HSTS header
xinnixwebshop.be: did not receive HSTS header
-xiongx.cn: did not receive HSTS header
+xinplay.net: max-age too low: 0
+xinsane.com: could not connect to host
xiqi.us: did not receive HSTS header
-xirion.net: could not connect to host
+xirion.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
xisa.it: could not connect to host
xivpn.com: could not connect to host
xiyu.it: did not receive HSTS header
xiyu.moe: did not receive HSTS header
xj8876.com: max-age too low: 2592000
-xjoi.net: did not receive HSTS header
xlaff.com: did not receive HSTS header
-xlboo.com: could not connect to host
+xlboo.com: did not receive HSTS header
xlfblog.com: did not receive HSTS header
xlinar.com: could not connect to host
+xlui.me: did not receive HSTS header
xmerak.com: did not receive HSTS header
xmiui.com: could not connect to host
-xmlogin288.com: could not connect to host
xmonk.org: did not receive HSTS header
xmr.my: could not connect to host
xn-----8kcgbo2bmdgkdacthvjf.xn--p1ai: could not connect to host
@@ -18828,14 +19574,13 @@ xn--dckya4a0bya6x.com: could not connect to host
xn--dckya4a0bya6x.jp: could not connect to host
xn--die-zahnrzte-ncb.de: did not receive HSTS header
xn--dk8haaa.ws: could not connect to host
-xn--dmontaa-9za.com: could not connect to host
xn--e--0g4aiy1b8rmfg3o.jp: could not connect to host
xn--e--4h4axau6ld4lna0g.com: could not connect to host
xn--e--ig4a4c3f6bvc5et632i.com: could not connect to host
xn--e--k83a5h244w54gttk.xyz: could not connect to host
+xn--eckle6c0exa0b0modc7054g7h8ajw6f.com: did not receive HSTS header
xn--ehq13kgw4e.ml: could not connect to host
xn--ekr87w7se89ay98ezcs.biz: did not receive HSTS header
-xn--elsignificadodesoar-c4b.com: did not receive HSTS header
xn--gfrrli-yxa.ch: could not connect to host
xn--gmq92k.nagoya: could not connect to host
xn--grnderlehrstuhl-0vb.de: could not connect to host
@@ -18861,15 +19606,15 @@ xn--mhsv04avtt1xi.com: could not connect to host
xn--milchaufschumer-test-lzb.de: could not connect to host
xn--n8jubz39q0g0afpa985c.com: could not connect to host
xn--neb-tma3u8u.xyz: could not connect to host
-xn--nf1a578axkh.xn--fiqs8s: did not receive HSTS header
xn--o77hka.ga: could not connect to host
+xn--oiqt18e8e2a.eu.org: could not connect to host
xn--p8jskj.jp: could not connect to host
xn--pck4e3a2ex597b4ml.xyz: did not receive HSTS header
xn--pckqk6xk43lunk.net: could not connect to host
xn--qckqc0nxbyc4cdb4527err7c.biz: did not receive HSTS header
xn--qckyd1cu698a35zarib.xyz: could not connect to host
+xn--qfun83b.ga: could not connect to host
xn--r77hya.ga: could not connect to host
-xn--rlcus7b3d.xn--xkc2dl3a5ee0h: could not connect to host
xn--rt-cja.eu: could not connect to host
xn--sdkwa9azd389v01ya.com: could not connect to host
xn--srenpind-54a.dk: could not connect to host
@@ -18891,17 +19636,18 @@ xn--xdtx3pfzbiw3ar8e7yedqrhui.com: could not connect to host
xn--xz1a.jp: could not connect to host
xn--y8j2eb5631a4qf5n0h.com: could not connect to host
xn--y8j5gq14rbdd.net: did not receive HSTS header
-xn--y8ja6lb.xn--q9jyb4c: could not connect to host
xn--yj8h0m.ws: could not connect to host
xn--ykrp42k.com: could not connect to host
xn--yoamomisuasbcn-ynb.com: could not connect to host
xn--zck9a4b352yuua.jp: did not receive HSTS header
xng.io: did not receive HSTS header
+xnode.org: could not connect to host
xobox.me: could not connect to host
xoda.pw: could not connect to host
xoffy.com: did not receive HSTS header
xom.party: could not connect to host
xombra.com: could not connect to host
+xoonth.net: could not connect to host
xor-a.net: could not connect to host
xotika.tv: could not connect to host
xpbytes.com: did not receive HSTS header
@@ -18911,7 +19657,10 @@ xpi.fr: could not connect to host
xpj.bet: did not receive HSTS header
xpj.sx: could not connect to host
xpjcunkuan.com: could not connect to host
+xplore-dna.net: could not connect to host
xpressprint.com.br: max-age too low: 90
+xps2pdf.co.uk: could not connect to host
+xps2pdf.info: could not connect to host
xpwn.cz: did not receive HSTS header
xq55.com: did not receive HSTS header
xqin.net: could not connect to host
@@ -18944,12 +19693,6 @@ xxx3dbdsm.com: could not connect to host
xxxladyboysporn.com: could not connect to host
xxxred.net: could not connect to host
xy1919.com: could not connect to host
-xy6161.com: could not connect to host
-xy6262.com: could not connect to host
-xy6363.com: could not connect to host
-xy7171.com: could not connect to host
-xy7272.com: could not connect to host
-xy7373.com: could not connect to host
xyndrac.net: max-age too low: 2592000
xynex.us: could not connect to host
xyngular-health.com: did not receive HSTS header
@@ -18987,10 +19730,11 @@ yaucy.win: could not connect to host
yawen.tw: did not receive HSTS header
yawnbox.com: did not receive HSTS header
yayart.club: could not connect to host
+yazaral.com: did not receive HSTS header
ybscareers.co.uk: did not receive HSTS header
+ybt520.com: did not receive HSTS header
ycaaz.com: did not receive HSTS header
ycc.wtf: could not connect to host
-ycherbonnel.fr: could not connect to host
ycm2.wtf: could not connect to host
ydy.jp: could not connect to host
yello.website: could not connect to host
@@ -19008,6 +19752,7 @@ yepbitcoin.com: could not connect to host
yesdevnull.net: did not receive HSTS header
yesfone.com.br: could not connect to host
yeshu.org: could not connect to host
+yesiammaisey.me: could not connect to host
yestees.com: did not receive HSTS header
yetcore.io: could not connect to host
yetishirt.com: could not connect to host
@@ -19023,28 +19768,27 @@ yicknam.my: could not connect to host
yiffy.tips: did not receive HSTS header
yiffy.zone: did not receive HSTS header
yikzu.cn: could not connect to host
-yimgo.fr: could not connect to host
yin.roma.it: did not receive HSTS header
yin8888.tv: did not receive HSTS header
ying299.com: could not connect to host
ying299.net: could not connect to host
yinga.ga: did not receive HSTS header
yingsuo.ltd: could not connect to host
-yingyj.com: could not connect to host
+yingyj.com: did not receive HSTS header
yinhe12.net: did not receive HSTS header
yipingguo.com: could not connect to host
yippie.nl: could not connect to host
yizhu.com: could not connect to host
yjsw.sh.cn: could not connect to host
-ykhut.com: could not connect to host
-ylde.de: could not connect to host
ylilauta.org: could not connect to host
ylk.io: could not connect to host
ylwz.cc: did not receive HSTS header
ynode.co: did not receive HSTS header
ynsn.nl: could not connect to host
yntongji.com: could not connect to host
+ynxfh.cn: did not receive HSTS header
yob.vn: could not connect to host
+yobai28.com: did not receive HSTS header
yobst.tk: could not connect to host
yocchan1513.net: did not receive HSTS header
yoga-prive.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
@@ -19063,21 +19807,21 @@ yomena.in: could not connect to host
yomepre.com: could not connect to host
yopers.com: did not receive HSTS header
yorkshireterrier.com.br: could not connect to host
-yorname.ml: did not receive HSTS header
yoru.me: could not connect to host
yosheenetwork.fr: could not connect to host
yotilab.com: could not connect to host
yotilabs.com: could not connect to host
-youcaitian.com: did not receive HSTS header
+youcaitian.com: could not connect to host
youcancraft.de: could not connect to host
-youcanmakeit.at: could not connect to host
youcontrol.ru: could not connect to host
youdowell.com: did not receive HSTS header
youfencun.com: did not receive HSTS header
+youftp.tk: could not connect to host
yougot.pw: could not connect to host
youjizz.bz: could not connect to host
youlend.com: did not receive HSTS header
youlog.net: could not connect to host
+youmiracle.com: could not connect to host
youmonit.me: could not connect to host
youngandunited.nl: did not receive HSTS header
younl.net: could not connect to host
@@ -19114,16 +19858,16 @@ ytbmp3.com: did not receive HSTS header
ytbmp4.com: did not receive HSTS header
ytcuber.xyz: could not connect to host
ythyth.com: max-age too low: 2592000
-ytpak.com: did not receive HSTS header
+ytpak.com: could not connect to host
ytvwld.de: did not receive HSTS header
yu7.jp: did not receive HSTS header
yuanbenlian.com: did not receive HSTS header
+yuanjiazhao.tk: could not connect to host
yudan.com.br: could not connect to host
yude.ml: could not connect to host
yue2.net: could not connect to host
yuema.net.cn: could not connect to host
yufan.me: did not receive HSTS header
-yugasun.com: could not connect to host
yugege.cf: could not connect to host
yuhen.ru: did not receive HSTS header
yui.cat: did not receive HSTS header
@@ -19148,8 +19892,7 @@ yuntama.xyz: could not connect to host
yunzhan.io: could not connect to host
yunzhu.org: could not connect to host
yuppi.tv: max-age too low: 43200
-yuqi.me: did not receive HSTS header
-yurimoens.be: could not connect to host
+yuqi.me: could not connect to host
yurinet.org: could not connect to host
yuriykuzmin.com: did not receive HSTS header
yutabon.com: could not connect to host
@@ -19162,7 +19905,9 @@ yuzu.tk: did not receive HSTS header
yvetteerasmus.com: max-age too low: 0
ywei.org: could not connect to host
ywyz.tech: could not connect to host
-yya.bid: could not connect to host
+yxs.me: could not connect to host
+yxt521.com: did not receive HSTS header
+yya.bid: did not receive HSTS header
yya.men: could not connect to host
yyrss.com: could not connect to host
z-coder.com: could not connect to host
@@ -19173,14 +19918,13 @@ z33.co: could not connect to host
z3liff.com: could not connect to host
z3liff.net: could not connect to host
zaalleatherwear.nl: did not receive HSTS header
-zabavno.mk: max-age too low: 0
+zabavno.mk: did not receive HSTS header
zacharopoulos.me: could not connect to host
zachbolinger.com: could not connect to host
zachpeters.org: did not receive HSTS header
zadieheimlich.com: did not receive HSTS header
zadroweb.com: did not receive HSTS header
zaem.tv: could not connect to host
-zagluszaczgps.pl: could not connect to host
zahnrechner-staging.azurewebsites.net: could not connect to host
zahyantechnologies.com: did not receive HSTS header
zaidan.de: did not receive HSTS header
@@ -19212,17 +19956,18 @@ zberger.com: could not connect to host
zbetcheck.in: could not connect to host
zbigniewgalucki.eu: did not receive HSTS header
zbp.at: did not receive HSTS header
-zby.io: could not connect to host
zdravesteny.cz: could not connect to host
zdravotnickasluzba.eu: could not connect to host
zdrowiepaleo.pl: could not connect to host
zdx.ch: max-age too low: 0
+zeal-and.jp: could not connect to host
zeb.fun: could not connect to host
-zebibyte.cn: could not connect to host
+zebibyte.cn: did not receive HSTS header
zebrababy.cn: could not connect to host
zebry.nl: did not receive HSTS header
zecrypto.com: could not connect to host
zeedroom.be: did not receive HSTS header
+zeelynk.com: could not connect to host
zefiris.org: did not receive HSTS header
zefu.ca: could not connect to host
zehdenick-bleibt-bunt.de: could not connect to host
@@ -19236,18 +19981,18 @@ zeloz.xyz: could not connect to host
zenfusion.fr: could not connect to host
zenhaiku.com: could not connect to host
zenics.co.uk: did not receive HSTS header
+zenmate.com.tr: could not connect to host
zeno-system.com: did not receive HSTS header
zenpayroll.com: did not receive HSTS header
+zenram.com: did not receive HSTS header
zentience.dk: did not receive HSTS header
zentience.net: did not receive HSTS header
zentience.org: did not receive HSTS header
zentiweb.nl: did not receive HSTS header
zentraler-kreditausschuss.de: did not receive HSTS header
zentralwolke.de: did not receive HSTS header
-zenvite.com: could not connect to host
zenwears.com: could not connect to host
-zenycosta.com: could not connect to host
-zeparadox.com: could not connect to host
+zeparadox.com: did not receive HSTS header
zepect.com: did not receive HSTS header
zera.com.au: could not connect to host
zerekin.net: max-age too low: 86400
@@ -19259,8 +20004,8 @@ zerofox.gq: could not connect to host
zeroling.com: could not connect to host
zeroml.ml: could not connect to host
zerosource.net: could not connect to host
-zerowastesavvy.com: could not connect to host
zerowastesonoma.gov: could not connect to host
+zertif.info: could not connect to host
zerudi.com: did not receive HSTS header
zetadisseny.es: did not receive HSTS header
zeto365.pl: did not receive HSTS header
@@ -19283,6 +20028,7 @@ zhengouwu.com: could not connect to host
zhenmeish.com: could not connect to host
zhenyan.org: could not connect to host
zhh.in: could not connect to host
+zhih.me: could not connect to host
zhihua-lai.com: did not receive HSTS header
zhiin.net: could not connect to host
zhikin.com: could not connect to host
@@ -19296,27 +20042,29 @@ zhuweiyou.com: did not receive HSTS header
zi0r.com: did not receive HSTS header
zian.online: could not connect to host
zicklam.com: could not connect to host
+ziegler-family.com: could not connect to host
zigcore.com.br: could not connect to host
zikirakhirzaman.com: could not connect to host
zinc-x.com: did not receive HSTS header
zinenapse.info: could not connect to host
zippy-download.com: could not connect to host
zippy-download.de: could not connect to host
+ziptie.com: max-age too low: 0
zirtue.io: could not connect to host
zitrone44.de: did not receive HSTS header
-zivagold.com: did not receive HSTS header
zivy-ruzenec.cz: could not connect to host
zixo.sk: could not connect to host
ziyuanabc.xyz: could not connect to host
ziz.exchange: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
zizoo.com: did not receive HSTS header
-zju.tv: could not connect to host
+zju.tv: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no]
zjubtv.com: could not connect to host
+zjuqsc.com: could not connect to host
zjutv.com: could not connect to host
zjyifa.cn: could not connect to host
zkillboard.com: did not receive HSTS header
zking.ga: could not connect to host
-zl0iu.com: did not receive HSTS header
+zl0iu.com: could not connect to host
zl8862.com: could not connect to host
zlc1994.com: did not receive HSTS header
zlcp.com: could not connect to host
@@ -19336,7 +20084,6 @@ zokster.net: could not connect to host
zolokar.xyz: could not connect to host
zolotoy-standart.com.ua: did not receive HSTS header
zombiesecured.com: could not connect to host
-zomiac.pp.ua: could not connect to host
zonadebolsa.es: did not receive HSTS header
zone403.net: could not connect to host
zoneminder.com: did not receive HSTS header
@@ -19346,9 +20093,9 @@ zoo.city: could not connect to host
zoo24.de: did not receive HSTS header
zoofaeth.de: did not receive HSTS header
zoofit.com.au: did not receive HSTS header
-zoological-gardens.eu: could not connect to host
zoomingin.net: max-age too low: 5184000
zoommailing.com: did not receive HSTS header
+zoomseoservices.com: max-age too low: 2592000
zoorigin.com: did not receive HSTS header
zooxdata.com: could not connect to host
zorki.nl: did not receive HSTS header
@@ -19360,8 +20107,6 @@ zq789.com: could not connect to host
zqhong.com: could not connect to host
zqjs.tk: could not connect to host
zqstudio.top: could not connect to host
-zrhdwz.cn: could not connect to host
-zrkr.de: could not connect to host
zrn.in: did not receive HSTS header
ztan.tk: could not connect to host
ztcaoll222.cn: could not connect to host
diff --git a/security/manager/ssl/nsSTSPreloadList.inc b/security/manager/ssl/nsSTSPreloadList.inc
index 209beded5..75d35a777 100644
--- a/security/manager/ssl/nsSTSPreloadList.inc
+++ b/security/manager/ssl/nsSTSPreloadList.inc
@@ -8,7 +8,7 @@
/*****************************************************************************/
#include <stdint.h>
-const PRTime gPreloadListExpirationTime = INT64_C(1554207118864000);
+const PRTime gPreloadListExpirationTime = INT64_C(1555803903526000);
class nsSTSPreload
{
@@ -41,11 +41,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "022610.com", true },
{ "02327.net", true },
{ "02375.net", true },
- { "023sec.com", true },
+ { "02607.com", true },
{ "026122.com", true },
{ "02638.net", true },
+ { "03170317.com", true },
{ "0391315.com", true },
{ "046569.com", true },
+ { "04911701.cn", true },
{ "050.ca", true },
{ "050media.nl", true },
{ "0511315.net", true },
@@ -81,16 +83,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "083912.com", true },
{ "083957.com", true },
{ "083960.com", true },
+ { "083962.com", true },
{ "083965.com", true },
{ "083967.com", true },
{ "08detaxe.fr", true },
+ { "09115.com", true },
{ "0916app.com", true },
{ "09892.net", true },
{ "0au.de", true },
{ "0c3.de", true },
{ "0day.agency", true },
{ "0des.com", true },
+ { "0ii0.cf", true },
{ "0ik.de", true },
+ { "0iz.net", true },
{ "0knowledge.de", false },
{ "0o0.edu.pl", true },
{ "0paste.com", true },
@@ -123,8 +129,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "100-downloads.com", true },
{ "10000v.ru", true },
{ "1000minds.com", true },
- { "1000serien.com", true },
- { "1001carats.fr", true },
{ "1001firms.com", true },
{ "1001kartini.com", true },
{ "1001kerstpakketten.com", false },
@@ -136,7 +140,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "100lat.pl", true },
{ "100mani.it", true },
{ "100pounds.co.uk", true },
- { "100rembourse.be", true },
{ "101.qa", true },
{ "1011100.com", true },
{ "101sauna.kz", true },
@@ -151,6 +154,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "10495.net", true },
{ "10774.net", true },
{ "10840.net", true },
+ { "10gb.io", true },
{ "10hz.de", true },
{ "10og.de", true },
{ "10ppm.com", true },
@@ -173,10 +177,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "123bearing.com", true },
{ "123bearing.eu", true },
{ "123comparer.fr", true },
- { "123djdrop.com", true },
{ "123midterm.com", true },
+ { "123nutricion.es", true },
{ "123opstalverzekeringen.nl", true },
- { "123pay.ir", false },
{ "123plons.nl", true },
{ "123roulement.be", true },
{ "123roulement.com", true },
@@ -221,6 +224,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "159cp.com", true },
{ "1600esplanade.com", true },
{ "160887.com", true },
+ { "162jonesrd.ca", true },
{ "1644091933.rsc.cdn77.org", true },
{ "1661237.com", true },
{ "1750studios.com", false },
@@ -237,6 +241,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "18f.gov", true },
{ "18f.gsa.gov", false },
{ "1911trust.com", true },
+ { "192.io", true },
{ "192168ll.repair", true },
{ "192433.com", true },
{ "1972969867.rsc.cdn77.org", true },
@@ -244,8 +249,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "19area.cn", true },
{ "19hundert84.de", true },
{ "1a-diamantscheiben.de", true },
- { "1a-vermessung.at", true },
- { "1a-werkstattgeraete.de", true },
{ "1ab-machinery.com", true },
{ "1c-power.ru", true },
{ "1cover.co.nz", true },
@@ -294,10 +297,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "1wl.uk", true },
{ "2.wtf", true },
{ "200.network", true },
+ { "2001y.me", true },
{ "2012.ovh", true },
{ "20188088.com", true },
{ "20at.com", true },
- { "20denier.com", true },
{ "215dy.net", true },
{ "21sthammersmith.org.uk", true },
{ "21stnc.us", true },
@@ -309,11 +312,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "23333.link", true },
{ "2333666.xyz", true },
{ "2333blog.com", true },
- { "233abc.com", true },
+ { "233abc.com", false },
{ "233blog.com", true },
{ "233boy.com", true },
{ "233bwg.com", true },
{ "233hugo.com", true },
+ { "233now.com", true },
{ "233ss.net", true },
{ "233vps.com", true },
{ "233yes.com", true },
@@ -343,12 +347,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "2600edinburgh.org", true },
{ "2600hq.com", true },
{ "260887.com", true },
- { "263.info", true },
{ "2718282.net", true },
{ "28-industries.com", true },
{ "281180.de", true },
{ "2858958.com", true },
- { "286.com", true },
{ "28peaks.com", true },
{ "28spots.net", true },
{ "291167.xyz", true },
@@ -381,9 +383,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "2hypeenterprises.com", true },
{ "2kgwf.fi", true },
{ "2krueger.de", true },
+ { "2li.ch", true },
{ "2manydots.nl", true },
{ "2mb.solutions", true },
- { "2mir.com", true },
{ "2nains.ch", true },
{ "2nerds1bit.com", true },
{ "2nics.net", true },
@@ -392,6 +394,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "2rsc.com", true },
{ "2rsc.net", true },
{ "2stv.net", true },
+ { "2tuu.com", true },
{ "2ulcceria.nl", true },
{ "2wheel.com", true },
{ "2y.fi", true },
@@ -522,7 +525,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "394622.com", true },
{ "394922.com", true },
{ "396422.com", true },
- { "398.info", true },
{ "39sihu.com", false },
{ "3aandl.com", true },
{ "3ags.de", true },
@@ -536,8 +538,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "3countiescastlehire.co.uk", true },
{ "3cs.ch", true },
{ "3d-fotoservice.de", true },
+ { "3dcollective.es", true },
{ "3de5.nl", true },
{ "3deeplearner.com", true },
+ { "3dgep.com", true },
{ "3djuegos.com", true },
{ "3dmedium.de", true },
{ "3dmusiclab.nl", true },
@@ -546,9 +550,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "3drenaline.com", true },
{ "3haeuserprojekt.org", true },
{ "3haueserprojekt.org", true },
+ { "3james.com", true },
{ "3logic.ru", true },
{ "3lot.ru", true },
{ "3n5b.com", true },
+ { "3niu168.com", true },
+ { "3niu178.com", true },
+ { "3niu6.com", true },
+ { "3niu66.com", true },
+ { "3niu666.com", true },
+ { "3niu8.com", true },
+ { "3niu88.com", true },
+ { "3niu8888.com", true },
+ { "3niuurl.com", true },
{ "3os.ooo", true },
{ "3phase.pw", true },
{ "3plusdesign.gr", true },
@@ -603,11 +617,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "44sec.com", true },
{ "451.ooo", true },
{ "4553s.com", true },
- { "4553vip.com", true },
{ "4706666.com", true },
{ "4716666.com", true },
{ "4726666.com", true },
- { "4736666.com", true },
{ "4756666.com", true },
{ "4786666.com", true },
{ "491mhz.net", true },
@@ -623,11 +635,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "4garage.com.br", true },
{ "4host.ch", true },
{ "4kprojektory.cz", true },
+ { "4lock.com.br", true },
{ "4mm.org", true },
{ "4plebs.moe", true },
{ "4project.co.il", true },
{ "4share.tv", true },
- { "4sics.se", true },
{ "4th-ave-studio.com", true },
{ "4thdc.com", true },
{ "4u.services", true },
@@ -650,6 +662,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "500h500.com", true },
{ "500i500.com", true },
{ "500j500.com", true },
+ { "500k.nl", true },
{ "500k500.com", true },
{ "500l500.com", true },
{ "500m500.com", true },
@@ -671,6 +684,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "504922.com", true },
{ "506422.com", true },
{ "506pay.com", true },
+ { "508088.com", true },
{ "50lakeshore.com", true },
{ "50north.de", true },
{ "514122.com", true },
@@ -682,11 +696,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "51877.net", true },
{ "519422.com", true },
{ "51acg.eu.org", true },
+ { "51tiaojiu.com", true },
+ { "5219.ml", true },
{ "524022.com", true },
{ "524622.com", true },
{ "524922.com", true },
{ "525.info", true },
- { "52hentai.ml", true },
+ { "52hentai.us", true },
{ "52kb365.com", true },
{ "52ncp.net", true },
{ "52sykb.com", true },
@@ -694,6 +710,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "534122.com", true },
{ "534622.com", true },
{ "534922.com", true },
+ { "5364.com", true },
{ "536422.com", true },
{ "5364b.com", true },
{ "5364c.com", true },
@@ -713,7 +730,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "5555yh.com", true },
{ "55639.com", true },
{ "55797.com", true },
- { "558da.com", true },
{ "566380.com", true },
{ "575380.com", true },
{ "576422.com", true },
@@ -730,13 +746,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "592380.com", true },
{ "592422.com", true },
{ "5930593.com", true },
- { "593380.com", true },
{ "594022.com", true },
{ "594622.com", true },
{ "595422.com", true },
{ "596422.com", true },
- { "598380.com", true },
- { "5986fc.com", true },
{ "5997891.com", true },
{ "5apps.com", true },
{ "5c1fd0f31022cbc40af9f785847baaf9.space", true },
@@ -763,13 +776,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "614322.com", true },
{ "614922.com", true },
{ "61730123.com", true },
+ { "618media.com", true },
{ "621422.com", true },
{ "624022.com", true },
{ "624122.com", true },
{ "624322.com", true },
{ "624522.com", true },
{ "624922.com", true },
- { "626380.com", true },
{ "626422.com", true },
{ "630422.com", true },
{ "631422.com", true },
@@ -832,7 +845,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "656088.com", true },
{ "659422.com", true },
{ "66136.com", true },
- { "6616fc.com", true },
{ "6633445.com", true },
{ "6652566.com", true },
{ "6660111.ru", true },
@@ -841,7 +853,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "6666yh.com", true },
{ "666omg.com", true },
{ "66b.com", true },
- { "66bwf.com", true },
{ "670422.com", true },
{ "671422.com", true },
{ "672422.com", true },
@@ -872,7 +883,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "6t-montjoye.org", true },
{ "700.az", true },
{ "704233.com", true },
- { "7045.com", true },
{ "704533.com", true },
{ "7045h.com", true },
{ "704633.com", true },
@@ -895,12 +905,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "736433.com", true },
{ "738433.com", true },
{ "739433.com", true },
+ { "73info.com", true },
{ "740833.com", true },
{ "741833.com", true },
{ "742833.com", true },
{ "743833.com", true },
{ "74th.jp", true },
{ "755k3.com", true },
+ { "758global.com", true },
{ "762.ch", true },
{ "7733445.com", true },
{ "7777yh.com", true },
@@ -917,6 +929,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "7geese.com", true },
{ "7graus.pt", true },
{ "7kicks.com", true },
+ { "7proxies.com", true },
{ "7qly.com", true },
{ "7sons.de", true },
{ "7thcircledesigns.com", true },
@@ -929,7 +942,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "814022.com", true },
{ "81818app.com", true },
{ "8189196.com", true },
- { "818bwf.com", true },
{ "818da.com", true },
{ "8349822.com", true },
{ "850226.com", true },
@@ -941,9 +953,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "8522usa.com", true },
{ "86286286.com", true },
{ "86499.com", true },
- { "8649955.com", true },
- { "8649966.com", true },
- { "8649977.com", true },
+ { "86metro.ru", true },
{ "8722.am", true },
{ "8722am.com", true },
{ "8722cn.com", true },
@@ -963,7 +973,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "8876008.com", true },
{ "8876009.com", true },
{ "8876138.com", true },
- { "8876205.com", true },
{ "8876278.com", true },
{ "8876289.com", true },
{ "8876290.com", true },
@@ -1037,10 +1046,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "8889893.com", true },
{ "8889903.com", true },
{ "8889910.com", true },
- { "888bwf.com", true },
{ "888funcity.com", true },
{ "888funcity.net", true },
- { "88bwf.com", true },
{ "88yule11.com", true },
{ "88yule112.com", true },
{ "88yule113.com", true },
@@ -1064,6 +1071,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "8tech.com.hk", true },
{ "8thportsmouth.org.uk", true },
{ "8tuffbeers.com", true },
+ { "8ung.online", true },
{ "8xxbet.net", true },
{ "8y.network", true },
{ "9-11commission.gov", true },
@@ -1078,7 +1086,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "914122.com", true },
{ "918116.com", true },
{ "918gd.com", true },
- { "918yy.com", true },
{ "919422.com", true },
{ "91966.com", true },
{ "91tianmi.com", false },
@@ -1130,9 +1137,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "9jajuice.com", true },
{ "9pkfz.com", true },
{ "9riddles.com", true },
- { "9tolife.be", true },
{ "9uelle.jp", true },
{ "9vx.org", true },
+ { "9y.at", true },
{ "9yw.me", true },
{ "a-1basements.com", true },
{ "a-1indianawaterproofing.com", true },
@@ -1142,6 +1149,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "a-little-linux-box.at", true },
{ "a-msystems.com", true },
{ "a-oben.org", true },
+ { "a-players.team", true },
{ "a-wife.net", true },
{ "a-ztransmission.com", true },
{ "a0print.nl", true },
@@ -1157,13 +1165,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "a4sound.com", true },
{ "a632079.me", true },
{ "a7la-chat.com", true },
- { "aa-tour.ru", true },
{ "aa1718.net", true },
{ "aaapl.com", true },
{ "aabanet.com.br", true },
{ "aaben-bank.dk", true },
{ "aabenbank.dk", true },
{ "aacfree.com", true },
+ { "aacs-design.com", true },
+ { "aadw.de", true },
{ "aaex.cloud", true },
{ "aagetransport.no", true },
{ "aalalbayt.com", true },
@@ -1181,6 +1190,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aarkue.eu", true },
{ "aaron.cm", true },
{ "aaron.xin", true },
+ { "aaronburt.co.uk", false },
{ "aaronhorler.com", true },
{ "aaronhorler.com.au", true },
{ "aaronkimmig.de", true },
@@ -1216,7 +1226,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "abcstudio.com.au", true },
{ "abdel.me", true },
{ "abdelsater.net", true },
- { "abdullah.pw", true },
{ "abdulwahaab.ca", true },
{ "abe-elektro.de", true },
{ "abe-medical.jp", true },
@@ -1344,6 +1353,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "acceleratenetworks.com", true },
{ "accelerateyourworld.org", true },
{ "accelerator.net", true },
+ { "accelsnow.com", true },
{ "accentthailand.com", true },
{ "accesloges.com", true },
{ "accessacab.co.uk", true },
@@ -1357,6 +1367,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "accoladescreens.com.au", true },
{ "accord-application.com", true },
{ "accordiondoor.com", true },
+ { "account.bbc.com", true },
{ "accounts.firefox.com", true },
{ "accounts.google.com", true },
{ "accpl.co", true },
@@ -1383,9 +1394,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "acerentalandsales.com", true },
{ "acerislaw.com", true },
{ "acessoeducacao.com", true },
- { "acevik.de", true },
{ "acfo.org", true },
{ "acg.social", true },
+ { "acgmoon.com", true },
+ { "acgmoon.org", true },
{ "acgtalktw.com", true },
{ "achalay.org", true },
{ "acheconcursos.com.br", true },
@@ -1399,7 +1411,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "achtzig20.de", true },
{ "achwo.de", true },
{ "acid.ninja", true },
- { "acidbin.co", true },
{ "aciety.com", true },
{ "aciksite.com", true },
{ "ackermann.ch", true },
@@ -1423,6 +1434,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "acousticalsolutions.com", true },
{ "acoustics.network", true },
{ "acoustics.tech", true },
+ { "acousticsoundrecords.com", true },
{ "acoustique-tardy.com", true },
{ "acpcoils.com", true },
{ "acperu.ch", true },
@@ -1464,7 +1476,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "activeexcavator.com", true },
{ "activehire.co.uk", true },
{ "activeleisure.ie", true },
- { "activeworld.net", false },
{ "activiteithardenberg.nl", true },
{ "activitesaintnicaise.org", true },
{ "activityeventhire.co.uk", true },
@@ -1485,12 +1496,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "actuatemedia.com", true },
{ "acuica.co.uk", false },
{ "acul.me", true },
- { "acupofsalt.tv", true },
{ "acus.gov", true },
{ "acwcerts.co.uk", true },
{ "acwi.gov", true },
{ "acy.com", true },
{ "acyfxasia.com", true },
+ { "acyume.com", true },
{ "ad-notam.asia", true },
{ "ad-notam.ch", true },
{ "ad-notam.co.uk", true },
@@ -1509,11 +1520,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "adam.lgbt", true },
{ "adamas-magicus.ru", true },
{ "adambalogh.net", true },
+ { "adambryant.ca", false },
{ "adambyers.com", true },
{ "adamek.online", true },
{ "adamfontenot.com", true },
{ "adamh.us", true },
- { "adamjoycegames.co.uk", true },
{ "adamkaminski.com", true },
{ "adamkostecki.de", true },
{ "adamoutler.com", true },
@@ -1522,14 +1533,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "adamsbouncycastles.co.uk", true },
{ "adamstas.com", true },
{ "adamwallington.co.uk", true },
- { "adamwilcox.org", true },
{ "adamyuan.xyz", true },
+ { "adappt.co.uk", true },
+ { "adapptlabs.com", true },
{ "adapt-elektronik.com", true },
{ "adapt.de", true },
{ "adaptablesecurity.org", true },
{ "adapti.de", true },
{ "adaptivemechanics.edu.au", true },
{ "adarshthapa.in", true },
+ { "adativos.com.br", true },
{ "adawolfa.cz", true },
{ "adayinthelifeof.nl", true },
{ "adblockextreme.com", true },
@@ -1540,7 +1553,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "addicional.com", true },
{ "addictionresource.com", true },
{ "addictively.com", true },
- { "addiko.net", true },
{ "addisoncrump.info", true },
{ "addnine.com", true },
{ "addon.watch", true },
@@ -1550,6 +1562,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "addvalue-renovations.co.uk", true },
{ "addydari.us", true },
{ "adelebeals.com", true },
+ { "adelianz.com", true },
{ "adelightfulglow.com", true },
{ "adeline.mobi", true },
{ "adentalsolution.com", true },
@@ -1562,6 +1575,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "adhd-inattentive.com", true },
{ "adhesivelaundry.co.uk", true },
{ "adhoc.is", true },
+ { "adiehard.party", true },
{ "adimaja.com", true },
{ "adinariversloveschool.com", true },
{ "adingenierie.fr", true },
@@ -1582,6 +1596,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "admin.google.com", true },
{ "admin.stg.fedoraproject.org", true },
{ "adminforge.de", true },
+ { "administrator.de", true },
{ "administratorserwera.pl", true },
{ "adminlinux.pl", true },
{ "admino.cz", true },
@@ -1594,6 +1609,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "admongo.gov", true },
{ "adnanoktar.com", true },
{ "adnanotoyedekparca.com", true },
+ { "adnolesh.com", true },
{ "adnot.am", true },
{ "adnseguros.es", true },
{ "adonizer.science", true },
@@ -1612,6 +1628,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "adr.gov", true },
{ "adra.com", true },
{ "adrafinil.wiki", true },
+ { "adresults.com", true },
+ { "adresults.nl", true },
{ "adrianbechtold.de", true },
{ "adriancitu.com", true },
{ "adriancostin.ro", true },
@@ -1649,6 +1667,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "advento.bg", true },
{ "adventure-inn.com", true },
{ "adventureally.com", true },
+ { "adventuredrives.com", true },
{ "adventureforest.co.nz", true },
{ "adventureforest.de", false },
{ "adventureforest.nz", true },
@@ -1658,7 +1677,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "adventureswithlillie.ca", true },
{ "adventurousway.com", true },
{ "advertis.biz", true },
- { "advicepro.org.uk", true },
{ "advocate-europe.eu", true },
{ "advocaten-avocats.be", true },
{ "advocatenalkmaar.org", true },
@@ -1668,6 +1686,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "advokat-romanov.com", true },
{ "advtran.com", true },
{ "adware.pl", true },
+ { "adwokatkosterka.pl", true },
{ "adwokatzdunek.pl", true },
{ "adws.io", true },
{ "adxperience.com", true },
@@ -1687,6 +1706,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "adzuna.ru", true },
{ "adzuna.sg", true },
{ "ae-construction.co.uk", true },
+ { "ae-dir.com", true },
+ { "ae-dir.org", true },
{ "aebian.org", true },
{ "aecexpert.fr", true },
{ "aedollon.com", true },
@@ -1729,7 +1750,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aextron.com", true },
{ "aextron.de", true },
{ "aextron.org", true },
- { "aeyoun.com", true },
{ "afavre.io", true },
{ "afb24.de", true },
{ "afbeelding.im", true },
@@ -1737,6 +1757,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "afcmrs.org", true },
{ "afcompany.it", true },
{ "afcurgentcarelyndhurst.com", true },
+ { "affarsnatverk.nu", true },
{ "affichagepub3.com", true },
{ "affiliatefeatures.com", true },
{ "affiliateroyale.com", true },
@@ -1747,7 +1768,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "affittacamere.roma.it", true },
{ "affittialmare.it", true },
{ "affittisalento.it", true },
- { "affloc.com", true },
{ "affordableazdivorce.com", true },
{ "affordableblindsexpress.com", true },
{ "affordableenergyadvocates.com", true },
@@ -1759,6 +1779,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "affping.com", true },
{ "affvps.net", true },
{ "afghan.dating", true },
+ { "afgn.com.ua", true },
{ "afi-business-consulting.com", true },
{ "aficionados.com.br", true },
{ "afinadoronline.com.br", true },
@@ -1774,13 +1795,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "africanexponent.com", true },
{ "africanimpact.com", true },
{ "africantourer.com", true },
- { "africatravel.de", true },
{ "afrikarl.de", true },
{ "afrodigital.uk", true },
{ "afs-asso.org", true },
{ "afscheidsportret.nl", true },
{ "aftab-alam.de", true },
{ "after.digital", true },
+ { "afterdwi.info", true },
{ "afterhate.fr", true },
{ "afuh.de", true },
{ "afva.net", true },
@@ -1802,6 +1823,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "agenda-loto.net", false },
{ "agenda21senden.de", true },
{ "agendatelefonica.com.br", true },
+ { "agendazilei.com", true },
{ "agent-grow.com", true },
{ "agent6.com.au", true },
{ "agentprocessing.com", true },
@@ -1815,6 +1837,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "agic.io", true },
{ "agilebits.com", true },
{ "agilecraft.com", true },
+ { "agileecommerce.com.br", true },
{ "agileui.com", true },
{ "agiley.se", true },
{ "agilizing.us", true },
@@ -1897,6 +1920,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aibenzi.com", true },
{ "aibiying.com", true },
{ "aicial.co.uk", true },
+ { "aid-web.ch", true },
{ "aidanapple.com", true },
{ "aidanmitchell.co.uk", true },
{ "aidanmitchell.uk", true },
@@ -1915,7 +1939,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aignermunich.com", true },
{ "aignermunich.de", true },
{ "aignermunich.jp", true },
- { "aiheisi.com", true },
{ "aiho.stream", true },
{ "aiicy.org", true },
{ "aiida.se", true },
@@ -1932,7 +1955,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ailitonia.xyz", true },
{ "aimax.com", true },
{ "aimeeandalec.com", true },
- { "aimerworld.com", true },
+ { "aimerworld.com", false },
{ "aimgroup.co.tz", true },
{ "aimi-salon.com", true },
{ "aimotive.com", true },
@@ -2057,7 +2080,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ais.fashion", true },
{ "aisance-co.com", true },
{ "aisi316l.net", true },
- { "aisr.nl", true },
{ "aistockcharts.com", true },
{ "aistrope.com", true },
{ "ait.com.ar", true },
@@ -2067,7 +2089,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aivd.lol", true },
{ "aiwdirect.com", true },
{ "aixvox.com", false },
- { "aizxxs.com", true },
{ "ajapaik.ee", true },
{ "ajarope.com", true },
{ "ajaxed.net", true },
@@ -2083,7 +2104,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ajnasz.hu", true },
{ "ajsb85.com", true },
{ "ak-varazdin.hr", true },
- { "ak-webit.de", true },
{ "aka.ms", true },
{ "akachanikuji.com", true },
{ "akademeia.moe", true },
@@ -2104,6 +2124,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "akiym.com", true },
{ "akj.io", true },
{ "akkbouncycastles.co.uk", true },
+ { "akkeylab.com", true },
{ "akostecki.de", true },
{ "akovana.com", true },
{ "akoww.de", false },
@@ -2116,7 +2137,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "akropol.cz", false },
{ "akropolis-ravensburg.de", true },
{ "aksehir.bel.tr", true },
- { "akselinurmio.fi", false },
+ { "akselinurmio.fi", true },
+ { "akshay.in.eu.org", true },
{ "akshi.in", true },
{ "aktin.cz", true },
{ "aktin.sk", true },
@@ -2131,7 +2153,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "akutun.cl", true },
{ "akvorrat.at", true },
{ "akyildiz.net", true },
- { "al3366.tech", true },
{ "al3xpro.com", true },
{ "alab.space", true },
{ "alabamadebtrelief.org", true },
@@ -2150,6 +2171,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alamgir.works", true },
{ "alanberger.me.uk", true },
{ "alanhua.ng", true },
+ { "alanhuang.name", true },
{ "alaninkenya.org", true },
{ "alaricfavier.eu", false },
{ "alarmcomplete.co.uk", true },
@@ -2184,12 +2206,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aldomedia.com", true },
{ "aldorr.net", false },
{ "aldous-huxley.com", true },
+ { "alecel.de", true },
{ "alecpap.com", true },
{ "alecpapierniak.com", true },
{ "alecrust.com", true },
{ "alek.in", true },
{ "aleksejjocic.tk", true },
{ "aleksib.fi", true },
+ { "alela.fr", true },
{ "alerbon.net", true },
{ "alertboxx.com", true },
{ "alertonline.nl", true },
@@ -2220,6 +2244,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alexei.su", false },
{ "alexey-shamara.ru", true },
{ "alexeykopytko.com", true },
+ { "alexfabian.myftp.org", true },
{ "alexgaynor.net", true },
{ "alexgebhard.com", true },
{ "alexhd.de", true },
@@ -2239,7 +2264,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alexschroeder.ch", true },
{ "alexsergeyev.com", true },
{ "alexsexton.com", true },
- { "alexsinnott.me", true },
{ "alextaffe.com", true },
{ "alexthayne.co.uk", true },
{ "alextjam.es", true },
@@ -2250,7 +2274,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alexwilliams.tech", true },
{ "alexyang.me", true },
{ "alfa-tech.su", true },
- { "alfaperfumes.com.br", true },
{ "alfred-figge.de", true },
{ "alftrain.com", true },
{ "algbee.com", true },
@@ -2285,7 +2308,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alinasmusicstudio.com", true },
{ "alinbu.net", true },
{ "aliorange.com", true },
- { "alis-test.tk", true },
{ "alisonisrealestate.com", true },
{ "alisonlitchfield.com", true },
{ "alistairstowing.com", true },
@@ -2294,6 +2316,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aljaspod.com", true },
{ "aljaspod.hu", true },
{ "aljaspod.net", true },
+ { "aljweb.com", true },
+ { "alkacoin.net", true },
{ "all-connect.net", false },
{ "all-fashion-schools.com", true },
{ "all-markup-news.com", true },
@@ -2325,24 +2349,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alle.bg", true },
{ "allemoz.com", true },
{ "allemoz.fr", true },
- { "allenosgood.com", true },
{ "allenscaravans.co.uk", true },
{ "allensun.org", true },
{ "allesisonline.nl", true },
{ "alleskomtgoed.org", true },
{ "allesrocknroll.de", true },
{ "allforyou.at", true },
- { "allfreelancers.su", false },
{ "allfundsconnect.com", true },
{ "allgaragefloors.com", true },
{ "allgreenturf.com.au", true },
{ "alliance-psychiatry.com", true },
+ { "alliances-faq.de", true },
{ "alliances-globalsolutions.com", true },
{ "alliedfrozenstorage.com", true },
{ "alligatorge.de", true },
{ "allinagency.com", true },
{ "allincoin.shop", true },
- { "allinone-ranking150.com", true },
{ "allis.studio", true },
{ "allius.de", true },
{ "alljamin.com", true },
@@ -2364,7 +2386,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "allsearch.io", true },
{ "allshousedesigns.com", true },
{ "allstakesupply.com.au", true },
- { "allstarautokiaparts.com", true },
{ "allstarcashforcars.com", true },
{ "allstarpartyinflatables.co.uk", true },
{ "allstarquilts.com", true },
@@ -2375,10 +2396,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "allthecryptonews.com", true },
{ "allthethings.co.nz", true },
{ "allthings.me", true },
+ { "allthingssquared.com", true },
{ "allthingswild.co.uk", true },
+ { "alltubedownload.net", true },
{ "allurebikerental.com", true },
{ "allurescarves.com", true },
{ "alluvion.studio", true },
+ { "allvips.ru", true },
{ "allweatherlandscaping.net", true },
{ "almaatlantica.com", true },
{ "almavios.com", false },
@@ -2402,7 +2426,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alphaantileak.net", true },
{ "alphabetsigns.com", true },
{ "alphabouncycastles.co.uk", true },
- { "alphabrock.cn", true },
{ "alphachat.net", true },
{ "alphadote.com", true },
{ "alphaetomega3d.fr", true },
@@ -2411,6 +2434,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alphagateanddoor.com", true },
{ "alphainflatablehire.com", true },
{ "alphaman.ooo", true },
+ { "alphanodes.com", true },
{ "alphapengu.in", true },
{ "alpharotary.com", true },
{ "alphasall.com", false },
@@ -2431,6 +2455,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alqassam.net", true },
{ "alquiaga.com", true },
{ "alquiladoramexico.com", true },
+ { "alrait.com", true },
+ { "alre-outillage.fr", true },
{ "alroniks.com", true },
{ "als-japan.com", true },
{ "alstertouch.com", true },
@@ -2446,10 +2472,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "alterbaum.net", true },
{ "alternador.com.br", true },
{ "alternative.bike", true },
+ { "alternative.hosting", true },
{ "alternativebit.fr", true },
{ "alternativedev.ca", true },
{ "alternativeinternet.ca", true },
{ "alternativet.party", true },
+ { "alternativetomeds.com", true },
{ "alterspalter.de", true },
{ "altes-sportamt.de", true },
{ "altesses.eu", true },
@@ -2457,13 +2485,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "altisdev.com", true },
{ "altkremsmuensterer.at", true },
{ "altmaestrat.es", true },
+ { "altmann-systems.de", true },
{ "altoa.cz", true },
+ { "altonblom.com", true },
{ "altopartners.com", true },
{ "altopia.com", true },
{ "altphotos.com", true },
{ "alts.li", true },
{ "altstipendiaten.de", true },
- { "alttrackr.com", true },
{ "altunbas.info", true },
{ "alumni-kusa.jp", true },
{ "alupferd.de", true },
@@ -2497,11 +2526,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "amagical.net", false },
{ "amaiz.com", true },
{ "amalfi5stars.com", true },
- { "amalficoastchauffeur.com", true },
{ "amalfilapiazzetta.it", true },
{ "amalfipositanoboatrental.com", true },
- { "amalfirock.it", true },
{ "amalfitabula.it", true },
+ { "amaliagamis.com", true },
{ "amanatrustbooks.org.uk", true },
{ "amandadamsphotography.com", true },
{ "amandasage.ca", true },
@@ -2520,6 +2548,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "amazili-communication.com", true },
{ "amazing-castles.co.uk", true },
{ "amazinginflatables.co.uk", true },
+ { "amazingraymond.com", true },
+ { "amazingraymond.com.au", true },
{ "amb.tf", true },
{ "amberalert.gov", true },
{ "amberglowleisure.co.uk", true },
@@ -2578,8 +2608,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aminafrance.com", true },
{ "amineptine.com", true },
{ "aminorth.com", true },
+ { "aminullrouted.com", true },
{ "amionvpn.com", true },
- { "amirautos.com", true },
+ { "amirautos.com", false },
{ "amirmahdy.com", true },
{ "amisderodin.fr", true },
{ "amitabhsirkiclasses.org.in", true },
@@ -2600,6 +2631,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ampersandnbspsemicolon.com", true },
{ "amphetamines.org", true },
{ "amphibo.ly", true },
+ { "ampleroads.com", true },
{ "ampol-agd.pl", true },
{ "ampproject.com", true },
{ "ampproject.org", true },
@@ -2615,14 +2647,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "amyrussellhair.com", true },
{ "amyyeung.com", true },
{ "amzn.rocks", true },
+ { "an-alles-gedacht.de", true },
{ "anabolic.co", true },
{ "anacreon.de", true },
{ "anadiyogacentre.com", true },
{ "anaethelion.fr", true },
+ { "anaiscoachpersonal.es", true },
{ "analbleachingguide.com", true },
{ "analgesia.net", true },
{ "analisilaica.it", true },
{ "analogist.net", true },
+ { "analytics-shop.com", true },
{ "analyticsinmotion.com", true },
{ "analyticum.at", true },
{ "analyticum.com", true },
@@ -2639,6 +2674,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "anassiriphotography.com", false },
{ "anastasia-shamara.ru", true },
{ "anaveragehuman.eu.org", true },
+ { "ance.lv", true },
{ "ancestramil.fr", true },
{ "anchev.net", true },
{ "anchorit.gov", true },
@@ -2684,6 +2720,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "andree.cloud", true },
{ "andrehansen.de", true },
{ "andrei-nakov.org", true },
+ { "andrejbenz.com", true },
{ "andrelauzier.com", true },
{ "andreoliveira.io", true },
{ "andrespaz.com", true },
@@ -2704,7 +2741,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "andrewryno.com", true },
{ "andrewsun.com", true },
{ "andrewtchin.com", true },
- { "andrewx.net", true },
{ "andrezadnik.com", true },
{ "andro2id.com", true },
{ "andro4all.com", true },
@@ -2722,7 +2758,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "androticsdirect.com", true },
{ "andruvision.cz", true },
{ "andsat.org", true },
- { "andschwa.com", true },
+ { "andschwa.com", false },
{ "andso.cn", true },
{ "anduril.de", true },
{ "anduril.eu", true },
@@ -2730,7 +2766,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "andyc.cc", true },
{ "andycrockett.io", true },
{ "andymoore.info", true },
- { "andys-place.co.uk", true },
{ "andysroom.dynu.net", true },
{ "andyt.eu", true },
{ "andzia.art.pl", true },
@@ -2763,6 +2798,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "angrapa.ru", true },
{ "angristan.fr", true },
{ "angristan.xyz", true },
+ { "angrut.com", true },
{ "angry.im", true },
{ "angrysnarl.com", true },
{ "angryteeth.net", true },
@@ -2791,9 +2827,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "animeai.com", true },
{ "animefluxxx.com", true },
{ "animeinsights.net", true },
- { "animes-portal.info", true },
{ "animesharp.com", true },
{ "animetriad.com", true },
+ { "animojis.es", true },
{ "animorphsfanforum.com", true },
{ "anipassion.com", false },
{ "anitaalbersen.nl", true },
@@ -2807,7 +2843,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ankarauzmanlarnakliyat.com", true },
{ "ankarayilmaznakliyat.com", true },
{ "ankarayucelnakliyat.com", true },
- { "ankenbrand.me", true },
{ "ankitpati.in", true },
{ "ankiuser.net", true },
{ "ankiweb.net", true },
@@ -2818,6 +2853,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "anleitung-zum-schreiben.de", true },
{ "anleitung-zum-schweissen.de", true },
{ "anleitung-zum-toepfern.de", true },
+ { "anlovegeek.net", true },
{ "anna.info", true },
{ "annaenemma.nl", true },
{ "annafiore.com.br", true },
@@ -2841,15 +2877,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "annuaire-jcb.com", true },
{ "annuaire-photographe.fr", false },
{ "annunciationbvmchurch.org", true },
- { "anohana.org", true },
{ "anojan.com", true },
{ "anon-next.de", true },
{ "anoncom.net", true },
{ "anoncrypto.org", true },
+ { "anoneko.com", true },
{ "anongoth.pl", true },
{ "anons.fr", true },
{ "anonym-surfen.de", true },
{ "anonyme-spieler.at", true },
+ { "anopan.tk", true },
{ "anorak.tech", true },
{ "another.ch", true },
{ "anotherchef.com", true },
@@ -2883,6 +2920,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "antennista.pavia.it", true },
{ "antennista.roma.it", true },
{ "antennista.tv", true },
+ { "antennistaroma.it", true },
{ "antennisti.milano.it", true },
{ "antennisti.roma.it", true },
{ "anteprima.info", true },
@@ -2897,6 +2935,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "anthropoid.ca", true },
{ "anti-bible.com", true },
{ "anti-radar.org", true },
+ { "antiaz.com", true },
{ "antibioticshome.com", true },
{ "anticopyright.com", true },
{ "antiekboerderijgraafland.nl", true },
@@ -2904,6 +2943,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "antik-trodelmarkt.de", true },
{ "antikvariat.ru", true },
{ "antikvarius.ro", true },
+ { "antilaserpriority.com", true },
{ "antiled.by", true },
{ "antimine.me", true },
{ "antipolygraph.org", true },
@@ -2921,8 +2961,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "antonin.one", true },
{ "antonio-gartenbau.de", true },
{ "antonjuulnaber.dk", true },
+ { "antonuotila.fi", true },
{ "antota.lt", true },
{ "antragsgruen.de", true },
+ { "antroposboutique.it", true },
{ "antroposofica.com.br", true },
{ "anttitenhunen.com", true },
{ "antvklik.com", true },
@@ -2969,6 +3011,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "apartmentkroatien.at", true },
{ "apartmentregister.com.au", true },
{ "apasaja.tech", true },
+ { "apbank.ch", true },
{ "apbox.de", true },
{ "apcemporium.co.uk", true },
{ "apcube.com", true },
@@ -2978,7 +3021,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "apertis.org", true },
{ "aperturesciencelabs.de", true },
{ "apervita.net", true },
- { "apexitsolutions.ca", true },
{ "apfelcholest.de", true },
{ "apgw.jp", true },
{ "aphelionentertainment.com", true },
@@ -2998,8 +3040,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "apiary.store", true },
{ "apiary.supplies", true },
{ "apiary.supply", true },
- { "apila.care", true },
- { "apila.us", true },
+ { "apimon.de", true },
{ "apination.com", true },
{ "apio.systems", true },
{ "apis.google.com", true },
@@ -3007,7 +3048,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "apisyouwonthate.com", true },
{ "apk.li", true },
{ "apk4fun.com", true },
- { "apkmod.id", true },
{ "aplikaceproandroid.cz", true },
{ "aplpackaging.co.uk", true },
{ "aplu.fr", true },
@@ -3040,13 +3080,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "appartement-evolene.net", true },
{ "appartementhaus-badria.de", true },
{ "appartementmarsum.nl", true },
+ { "appchive.net", true },
{ "appearance-plm.de", true },
- { "appel-aide.ch", true },
{ "appelaprojets.fr", true },
{ "appelboomdefilm.nl", true },
{ "appengine.google.com", true },
{ "apperio.com", true },
- { "appformacpc.com", true },
{ "appgeek.com.br", true },
{ "appharbor.com", true },
{ "appify.org", true },
@@ -3070,6 +3109,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "apprenticeships.gov", true },
{ "approbo.com", true },
{ "approvedtreecare.com", true },
+ { "apps-perso.com", true },
{ "apps.co", true },
{ "apps.facebook.com", false },
{ "apps.fedoraproject.org", true },
@@ -3084,7 +3124,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "appuals.com", true },
{ "appui-de-fenetre.fr", true },
{ "appveyor.com", true },
- { "appxcrypto.com", true },
{ "appzoojoo.be", true },
{ "apratimsaha.com", true },
{ "apretatuercas.es", true },
@@ -3115,7 +3154,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aqualysis.nl", true },
{ "aquapoint.kiev.ua", true },
{ "aquarium-supplement.net", true },
- { "aquaron.com", true },
+ { "aquaselect.eu", true },
{ "aquatechnologygroup.com", true },
{ "aquaundine.net", true },
{ "aquavitaedayspa.com.au", true },
@@ -3139,6 +3178,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "araratour.com", true },
{ "araro.ch", true },
{ "araseifudousan.com", true },
+ { "arawaza.biz", true },
{ "arawaza.com", false },
{ "araxis.com", true },
{ "arbeitsch.eu", true },
@@ -3149,6 +3189,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arbitrary.ch", true },
{ "arboworks.com", true },
{ "arbu.eu", false },
+ { "arcaea.net", true },
{ "arcaik.net", true },
{ "arcbouncycastles.co.uk", true },
{ "arcenergy.co.uk", true },
@@ -3160,6 +3201,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "architectureandgovernance.com", true },
{ "archivero.es", true },
{ "archivesdelavieordinaire.ch", true },
+ { "archivosstl.com", true },
{ "archlinux.de", true },
{ "archlinux.org", true },
{ "arclandholdings.com.au", true },
@@ -3172,7 +3214,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ardor.noip.me", true },
{ "ardtrade.ru", true },
{ "area4pro.com", true },
- { "area536.com", true },
{ "areaclienti.net", true },
{ "areafiftylan.nl", true },
{ "areatrend.com", true },
@@ -3189,7 +3230,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arethsu.se", true },
{ "arfad.ch", true },
{ "arg.zone", true },
- { "argama-nature.com", true },
{ "arganaderm.ch", true },
{ "argb.de", true },
{ "argekultur.at", true },
@@ -3250,6 +3290,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "armstrongsengineering.com", true },
{ "army24.cz", true },
{ "armyprodej.cz", true },
+ { "arnakdanielian.com", true },
{ "arnaudb.net", true },
{ "arnaudfeld.de", true },
{ "arne.codes", true },
@@ -3267,6 +3308,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arnsmedia.nl", true },
{ "arod.tk", true },
{ "arogov.com", true },
+ { "arogyadhamhealth.com", true },
{ "arokha.com", true },
{ "aromacos.ch", true },
{ "aromatlas.com", true },
@@ -3274,6 +3316,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aroonchande.com", true },
{ "aros.pl", true },
{ "arose.io", true },
+ { "around-cms.de", true },
{ "arox.eu", true },
{ "arpamip.org", true },
{ "arpnet.co.jp", true },
@@ -3297,6 +3340,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arswb.men", true },
{ "art-auction.jp", true },
{ "art-et-culture.ch", true },
+ { "art-pix.com", true },
+ { "art-pix.de", true },
+ { "art-pix.net", true },
+ { "art2web.net", true },
{ "artboja.com", true },
{ "artdeco-photo.com", true },
{ "arte-soft.co", true },
@@ -3326,6 +3373,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arthermitage.org", true },
{ "arthur.cn", true },
{ "arthurlaw.ca", true },
+ { "articu.no", true },
{ "artificial.army", true },
{ "artificialgrassandlandscaping.com", true },
{ "artik.cloud", true },
@@ -3356,7 +3404,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arts.gov", true },
{ "artschmidtoptical.com", true },
{ "artspac.es", true },
- { "arturkohut.com", true },
+ { "arturopinto.com.mx", true },
{ "arturrossa.de", true },
{ "arturszalak.com", true },
{ "artweby.cz", true },
@@ -3369,7 +3417,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "arvindhariharan.com", true },
{ "arvindhariharan.me", true },
{ "arvutiladu.ee", true },
- { "arw.me", true },
{ "arxell.com", true },
{ "aryalaroca.de", true },
{ "aryan-nation.com", true },
@@ -3400,18 +3447,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "asdyx.de", true },
{ "asec01.net", true },
{ "asegem.es", true },
- { "aseko.gr", true },
{ "asenno.com", true },
{ "aserver.co", true },
{ "asexualitat.cat", true },
{ "asgapps.co.za", true },
{ "asge-handel.de", true },
{ "ashastalent.com", true },
- { "ashd1.goip.de", true },
- { "ashd2.goip.de", true },
- { "ashd3.goip.de", true },
{ "ashkan-rechtsanwalt-arbeitsrecht-paderborn.de", true },
{ "ashleyedisonuk.com", true },
+ { "ashleythouret.com", true },
{ "ashlocklawgroup.com", true },
{ "ashmportfolio.com", true },
{ "ashutoshmishra.org", true },
@@ -3429,8 +3473,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "asiinc-tex.com", true },
{ "asile-colis.fr", true },
{ "asinetasima.com", true },
+ { "asirviablog.com", true },
{ "asisee.photography", true },
{ "ask.fi", true },
+ { "ask.pe", true },
{ "ask1.org", true },
{ "askcaisse.com", true },
{ "askcascade.com", true },
@@ -3456,7 +3502,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "aspiradorasbaratas.net", true },
{ "aspirateur-anti-pollution.fr", true },
{ "aspires.co.jp", true },
- { "aspisdata.com", true },
+ { "asprion.org", true },
{ "asproni.it", true },
{ "asr.cloud", true },
{ "asr.li", true },
@@ -3468,7 +3514,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "assempsaibiza.com", true },
{ "assertion.de", true },
{ "assessoriati.com.br", true },
- { "assetict.com", true },
{ "assetvault.co.za", true },
{ "assguidesporrentruy.ch", true },
{ "assign-it.co.uk", true },
@@ -3478,6 +3523,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "assistenzalavatrice.org", true },
{ "assistenzamicroonde.org", true },
{ "assodigitale.it", true },
+ { "asspinter.me", true },
{ "assumptionpj.org", true },
{ "astal.rs", true },
{ "astarbouncycastles.co.uk", true },
@@ -3486,11 +3532,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "astec-informatica.com", true },
{ "astengox.com", true },
{ "astenotarili.online", true },
- { "astenretail.com", true },
{ "astral-imperium.uk", true },
{ "astral.org.pl", true },
{ "astrology42.com", true },
{ "astroscopy.ch", true },
+ { "astrosnail.pt.eu.org", true },
{ "astrovandalistas.cc", true },
{ "astural.org", true },
{ "astutikhonda.com", true },
@@ -3505,13 +3551,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "asws.nl", true },
{ "asystent-dzierzawy.pl", true },
{ "at.search.yahoo.com", false },
- { "ataber.pw", true },
+ { "at7s.me", true },
{ "atac.no", true },
{ "atacadocervejeiro.com.br", true },
{ "atacadodesandalias.com.br", true },
{ "atallo.com", true },
{ "atallo.es", true },
{ "ataton.ch", true },
+ { "atc.cuneo.it", true },
{ "atc.io", true },
{ "atchleyjazz.com", true },
{ "atchleyjazz.org", true },
@@ -3544,11 +3591,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "atgseed.uk", true },
{ "ath0.org", false },
{ "atheist-refugees.com", true },
+ { "atheistfrontier.com", true },
{ "athena-bartholdi.com", true },
{ "athena-garage.co.uk", true },
{ "athenadynamics.com", true },
{ "athenaneuro.com", true },
- { "atherosense.ga", true },
{ "athlin.de", true },
{ "atigerseye.com", true },
{ "atimbertownservices.com", true },
@@ -3562,7 +3609,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "atitude.com", true },
{ "ativapsicologia.com.br", true },
{ "atl-paas.net", true },
- { "atlantahairsurgeon.com", true },
{ "atlantareroof.com", true },
{ "atlantaspringroll.com", true },
{ "atlantichomes.com.au", true },
@@ -3579,6 +3625,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "atlasone.us", true },
{ "atlassian.io", true },
{ "atlassignsandplaques.com", true },
+ { "atlayo.com", false },
{ "atletika.hu", true },
{ "atmschambly.com", true },
{ "atnis.com", true },
@@ -3604,6 +3651,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "attendantdesign.com", true },
{ "attendu.cz", true },
{ "attention.horse", true },
+ { "attilagyorffy.com", true },
{ "attilavandervelde.nl", true },
{ "attinderdhillon.com", true },
{ "attitudes-bureaux.fr", true },
@@ -3653,19 +3701,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "auditos.com", true },
{ "audits.io", true },
{ "auditsquare.com", true },
+ { "audreyhossepian.fr", true },
{ "audreyjudson.com", true },
{ "auenhof-agrar.de", true },
{ "auerbach-verlag.de", true },
{ "auf-feindgebiet.de", true },
{ "augen-seite.de", true },
+ { "augiero.it", true },
+ { "augix.net", true },
{ "augmentable.de", false },
{ "augmented-portal.com", true },
{ "august-don.site", true },
+ { "august.black", true },
{ "augustian-life.cz", true },
{ "augustiner-kantorei-erfurt.de", true },
{ "augustiner-kantorei.de", true },
{ "aukaraoke.su", true },
- { "aulaschrank.gq", true },
{ "aulo.in", false },
{ "aumilieudumonde.gf", true },
{ "aunali1.com", true },
@@ -3703,9 +3754,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "austintxlocksmiths.com", true },
{ "austinuniversityhouse.com", true },
{ "australian.dating", true },
+ { "australianairbrushedtattoos.com.au", true },
{ "australianarmedforces.org", true },
{ "australianattractions.com.au", true },
{ "australianimmigrationadvisors.com.au", true },
+ { "australiantemporarytattoos.com", true },
+ { "australiantemporarytattoos.com.au", true },
{ "australien-tipps.info", true },
{ "austromorph.space", true },
{ "auszeit-lanzarote.com", true },
@@ -3745,7 +3799,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "autodidacticstudios.org", true },
{ "autoentrepreneurinfo.com", true },
{ "autoepc.ro", true },
- { "autohaus-snater.de", true },
+ { "autoeshop.eu", true },
{ "autoinsurancehavasu.com", true },
{ "autokeyreplacementsanantonio.com", true },
{ "autoledky.sk", true },
@@ -3769,6 +3823,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "autoproshouston.com", true },
{ "autorando.com", true },
{ "autorijschoolrichardschut.nl", true },
+ { "autos-mertens.com", true },
{ "autoschadeschreuder.nl", true },
{ "autoscuola.roma.it", true },
{ "autosecurityfinance.com", true },
@@ -3803,10 +3858,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "avaaz.org", true },
{ "avabouncehire.co.uk", true },
{ "avacariu.me", true },
+ { "avaemr-development-environment.ca", true },
+ { "avaeon.com", true },
{ "availablecastles.com", true },
{ "avalon-island.ru", true },
{ "avalon-rpg.com", true },
- { "avalon-studios.de", true },
{ "avanet.ch", true },
{ "avanet.com", true },
{ "avanovum.de", true },
@@ -3832,6 +3888,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "avia-krasnoyarsk.ru", true },
{ "avia-ufa.ru", true },
{ "aviapoisk.kz", true },
+ { "aviationstrategies.aero", true },
{ "aviationstrategy.aero", true },
{ "avid.blue", true },
{ "avidmode-dev.com", true },
@@ -3846,6 +3903,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "avocadooo.stream", true },
{ "avocatbeziau.com", true },
{ "avocode.com", true },
+ { "avonture.be", true },
{ "avova.de", true },
{ "avpres.net", true },
{ "avptp.org", true },
@@ -3853,9 +3911,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "avs-building-services.co.uk", true },
{ "avsox.com", true },
{ "avticket.ru", false },
+ { "avtobania.pro", true },
{ "avtoforex.ru", true },
{ "avtogara-isperih.com", true },
{ "avtomarket.ru", true },
+ { "avtoveles.by", true },
{ "avtovokzaly.ru", true },
{ "avv.li", true },
{ "avvaterra.ch", true },
@@ -3871,8 +3931,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "awaro.net", true },
{ "awbouncycastlehire.com", true },
{ "awecademy.org", true },
+ { "awesome-coconut-software.fr", true },
{ "awesomebouncycastles.co.uk", true },
{ "awesomesit.es", true },
+ { "awic.ca", true },
{ "awk.tw", true },
{ "awksolutions.com", true },
{ "awningcanopyus.com", true },
@@ -3904,6 +3966,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ayanomimi.com", true },
{ "aycomba.de", true },
{ "ayesh.me", true },
+ { "ayj.solutions", true },
{ "aykutcevik.com", true },
{ "aylak.com", true },
{ "aylesburycastlehire.co.uk", true },
@@ -3916,6 +3979,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ayurveda-mantry.com", true },
{ "az-moga.bg", true },
{ "az.search.yahoo.com", false },
+ { "azabani.com", true },
{ "azadliq.info", true },
{ "azane.ga", true },
{ "azarus.ch", true },
@@ -3923,11 +3987,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "azgfd.com", true },
{ "aziende.com.ar", true },
{ "azimut.fr", true },
+ { "azino777.ru", true },
{ "azizfirat.com", true },
- { "azizvicdan.com", true },
+ { "azizvicdan.com", false },
{ "azlk-team.ru", true },
+ { "azmusica.biz", true },
+ { "azmusica.com", true },
{ "azort.com", true },
{ "azrazalea.net", true },
+ { "azsgeniedev.azurewebsites.net", true },
{ "azso.pro", true },
{ "azsupport.com", true },
{ "aztraslochi.it", true },
@@ -3935,6 +4003,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "azu-l.com", true },
{ "azu-l.jp", true },
{ "azuki.cloud", true },
+ { "azukie.com", true },
{ "azurecrimson.com", true },
{ "azuriasky.com", true },
{ "azuriasky.net", true },
@@ -3948,7 +4017,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "b-landia.net", true },
{ "b-root-force.de", true },
{ "b-services.net", true },
- { "b-ticket.ch", true },
{ "b0k.org", true },
{ "b0rk.com", true },
{ "b1788.net", false },
@@ -3959,7 +4027,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "b303.me", true },
{ "b4bouncycastles.co.uk", true },
{ "b4ckbone.de", true },
- { "b4r7.de", true },
{ "b4z.eu", true },
{ "b64.club", true },
{ "b72.com", true },
@@ -3987,6 +4054,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "baches-piscines.com", true },
{ "baciu.ch", true },
{ "backeby.eu", true },
+ { "backgroundchecks.online", true },
{ "backmountaingas.com", true },
{ "backpacker.dating", true },
{ "backschues.com", true },
@@ -3996,16 +4064,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "backsideverbier.ch", true },
{ "backterris.com", true },
{ "backtest.org", true },
+ { "backup-kurumsal.com", true },
{ "backupcloud.ru", true },
+ { "backupsinop.com.br", true },
{ "bacon-monitoring.org", true },
{ "baconismagic.ca", true },
{ "bacontreeconsulting.com", true },
{ "bacoux.com", true },
{ "bacsituvansuckhoe.com", true },
{ "bacula.jp", true },
+ { "bad-wurzach.de", true },
{ "bad.horse", true },
{ "bad.pet", true },
{ "badam.co", true },
+ { "badanka.com", true },
{ "badanteinfamiglia.it", true },
{ "badaparda.com", true },
{ "badblock.fr", true },
@@ -4037,7 +4109,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bageluncle.com", true },
{ "baggy.me.uk", true },
{ "bagheera.me.uk", true },
- { "baglu.com", true },
{ "bagsofbounce.co.uk", true },
{ "bagspecialist.nl", true },
{ "bah.im", false },
@@ -4057,11 +4128,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bailonga.com", true },
{ "baitulongbaycruises.com", true },
{ "baiyangliu.com", true },
- { "bajajfinserv.in", true },
{ "bajic.ch", true },
{ "baka-gamer.net", true },
{ "baka.network", true },
{ "baka.org.cn", true },
+ { "baka.red", true },
{ "bakaproxy.moe", true },
{ "bakermen.com", true },
{ "bakersafari.co", true },
@@ -4070,6 +4141,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bakim.li", true },
{ "bakingstone.com", true },
{ "bakkerinjebuurt.be", true },
+ { "bakongcondo.com", true },
{ "balade-commune.ch", true },
{ "baladecommune.ch", true },
{ "balancascia.com.br", true },
@@ -4095,7 +4167,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ball.holdings", true },
{ "ball3d.es", true },
{ "ballarin.cc", true },
- { "balle.dk", true },
{ "ballejaune.com", true },
{ "balletcenterofhouston.com", true },
{ "ballinarsl.com.au", true },
@@ -4144,8 +4215,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bankcardoffer.com", true },
{ "bankee.us", true },
{ "bankerbuch.de", true },
- { "bankersonline.com", true },
{ "banketbesteld.nl", true },
+ { "bankfreeoffers.com", true },
{ "bankgradesecurity.com", true },
{ "bankin.com", true },
{ "bankinter.pt", true },
@@ -4160,6 +4231,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bannermarquees.ie", true },
{ "bannsecurity.com", true },
{ "banquevanbreda.be", true },
+ { "bantaihost.com", true },
{ "banter.city", true },
{ "baobeiglass.com", true },
{ "baofengtech.com", true },
@@ -4213,7 +4285,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "barslecht.nl", true },
{ "bart-f.com", true },
{ "barta.me", true },
- { "bartel.ws", true },
+ { "bartbania.com", true },
{ "bartelt.name", true },
{ "barter4crypto.com", true },
{ "barthonia-showroom.de", true },
@@ -4262,7 +4334,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "batch.com", true },
{ "bati-alu.fr", true },
{ "batiburrillo.net", true },
- { "batipresta.ch", true },
{ "batistareisfloresonline.com.br", true },
{ "batlab.ch", true },
{ "batolis.com", true },
@@ -4281,7 +4352,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bausep.de", true },
{ "baustils.com", true },
{ "bauthier-occasions.be", true },
- { "bautied.de", true },
{ "bauunternehmen-herr.de", true },
{ "bauwens.cloud", true },
{ "bavartec.de", true },
@@ -4356,9 +4426,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bcmhire.co.uk", true },
{ "bcpc-ccgpfcheminots.com", true },
{ "bcrook.com", true },
- { "bcs.adv.br", true },
{ "bcswampcabins.com", true },
- { "bcyw56.live", true },
+ { "bcyw56.live", false },
{ "bd2positivo.com", true },
{ "bda-boulevarddesairs.com", true },
{ "bdbxml.net", true },
@@ -4374,7 +4443,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "be2cloud.de", true },
{ "beacham.online", true },
{ "beachcitycastles.com", true },
- { "beachfutbolclub.com", true },
{ "beadare.com", true },
{ "beadare.nl", true },
{ "beaglesecurity.com", true },
@@ -4390,6 +4458,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bearded.sexy", true },
{ "beardic.cn", true },
{ "bearingworks.com", true },
+ { "bearlakelife.com", true },
{ "beastiejob.com", true },
{ "beastowner.li", true },
{ "beatfeld.de", true },
@@ -4415,7 +4484,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bebout.pw", true },
{ "beckenhamcastles.co.uk", true },
{ "beckerantiques.com", true },
- { "beckon.com", true },
{ "becs.ch", true },
{ "becydog.cz", true },
{ "bedamedia.com", true },
@@ -4426,6 +4494,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bedfordnissanparts.com", true },
{ "bednar.co", true },
{ "bedrijfsfotoreportages.nl", true },
+ { "bedrijfshulpverleningfriesland.nl", true },
{ "bedrijfsportaal.nl", true },
{ "bedrocklinux.org", true },
{ "bedste10.dk", true },
@@ -4486,6 +4555,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "beginwp.top", true },
{ "behamepresrdce.sk", true },
{ "behamzdarma.cz", true },
+ { "behead.de", true },
{ "behindthethrills.com", true },
{ "behna24hodin.cz", true },
{ "behoerden-online-dienste.de", true },
@@ -4509,14 +4579,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "belarto.it", true },
{ "belarto.nl", true },
{ "belarto.pl", true },
- { "belastingdienst-in-beeld.nl", false },
{ "belastingmiddeling.nl", true },
{ "belavis.com", true },
{ "beleggingspanden-financiering.nl", true },
{ "belegit.org", true },
+ { "belezashopping.com.br", true },
{ "belfastbounce.co.uk", true },
{ "belfastlocks.com", true },
{ "belfasttechservices.co.uk", true },
+ { "belfor-probleme.de", true },
{ "belge.rs", true },
{ "belgers.com", true },
{ "belhopro.be", true },
@@ -4540,7 +4611,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "belt.black", true },
{ "belvoirbouncycastles.co.uk", true },
{ "bely-mishka.by", true },
- { "belyvly.com", true },
{ "bemcorp.de", true },
{ "bemindly.com", true },
{ "bemsoft.pl", true },
@@ -4550,6 +4620,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ben.ninja", true },
{ "ben2.co.il", true },
{ "benabrams.it", true },
+ { "benandsarah.life", true },
{ "benary.org", true },
{ "benbozsa.ca", true },
{ "benburwell.com", true },
@@ -4576,6 +4647,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "benhavenarchives.org", true },
{ "benjamin-hering.com", true },
{ "benjamin.pe", true },
+ { "benjaminbedard.com", true },
{ "benjaminblack.net", true },
{ "benjamindietrich.de", true },
{ "benjaminjurke.com", true },
@@ -4587,7 +4659,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "benleemd.com", true },
{ "benmatthews.com.au", true },
{ "benmillett.us", false },
- { "benmorecentre.co.uk", true },
{ "bennettsbouncycastlehire.co.uk", true },
{ "bennettshire.co.uk", true },
{ "benni1.eu", true },
@@ -4602,6 +4673,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "benscobie.com", true },
{ "benshoof.org", true },
{ "bensinflatables.co.uk", true },
+ { "bensokol.com", true },
{ "bentertain.de", true },
{ "bentley.blog", true },
{ "bentley.link", true },
@@ -4613,9 +4685,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "beoordelingen.be", true },
{ "bepenak.com", true },
{ "bephoenix.org.uk", true },
+ { "bepsvpt.me", true },
{ "bequiia.com", true },
{ "beranovi.com", true },
{ "berasavocate.com", true },
+ { "berdu.id", true },
{ "bergenhave.nl", true },
{ "berger-chiro.com", true },
{ "bergevoet-fa.nl", true },
@@ -4642,6 +4716,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bergstoneware.com", true },
{ "berichtsheft-vorlage.de", true },
{ "berikod.ru", true },
+ { "beringsoegaard.dk", true },
{ "berlin-flirt.de", true },
{ "berlin.dating", true },
{ "bermeitinger.eu", true },
@@ -4682,7 +4757,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bertsmithvwparts.com", true },
{ "beryl.net", true },
{ "besb.io", true },
- { "besb66.com", true },
{ "beschriftung-metz.de", true },
{ "bescover.com", true },
{ "beserberg.tk", true },
@@ -4726,6 +4800,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bestbyte.com.br", true },
{ "bestcellular.com", false },
{ "bestdating.today", false },
+ { "bestdoc.com.br", true },
{ "bestdownloadscenter.com", true },
{ "bestelectricnd.com", true },
{ "bestemailmarketingsoftware.org", true },
@@ -4734,9 +4809,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bestfriendsequality.org", true },
{ "bestgiftever.ca", true },
{ "bestgifts4you.com", true },
+ { "besti.it", true },
{ "bestinductioncooktop.us", true },
{ "bestinshowing.com", true },
- { "bestinver.es", true },
+ { "bestinver.es", false },
{ "bestjumptrampolines.be", true },
{ "bestkenmoredentists.com", true },
{ "bestlashesandbrows.com", true },
@@ -4749,11 +4825,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bestperfumebrands.com", true },
{ "bestpig.fr", true },
{ "bestplumbing.com", true },
+ { "bestpractice.domains", true },
{ "bestschools.io", true },
{ "bestschools.top", true },
{ "bestseries.tv", true },
{ "bestshoesmix.com", true },
{ "bestwebsite.gallery", true },
+ { "bet.eu", true },
{ "betaal.my", true },
{ "betacavi.com", true },
{ "betacloud.io", true },
@@ -4763,12 +4841,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "betaworx.de", true },
{ "betaworx.eu", true },
{ "betecnet.de", true },
+ { "bethanyduke.com", true },
{ "bethpage.net", true },
{ "betleakbot.com", true },
{ "betobaccofree.gov", true },
{ "betonbit.com", true },
+ { "betonmarkets.info", true },
{ "betpamm.com", true },
- { "betrallyarabia.com", true },
+ { "betrallyarabia.com", false },
{ "bets.gg", true },
{ "betseybuckheit.com", true },
{ "betsharpangles.com", true },
@@ -4841,6 +4921,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bfi.wien", false },
{ "bflix.tv", true },
{ "bforb.sk", true },
+ { "bfp-mail.de", true },
{ "bfpg.org", true },
{ "bft-media.com", true },
{ "bftbradio.com", true },
@@ -4868,14 +4949,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bhxch.moe", true },
{ "bi.search.yahoo.com", false },
{ "biaggeo.com", true },
- { "biancolievito.it", true },
{ "biano-ai.com", true },
{ "biasmath.es", true },
+ { "biathloncup.ru", true },
+ { "bibica.net", true },
{ "bible-maroc.com", true },
{ "bible.ru", true },
{ "bibleonline.ru", true },
+ { "biblethoughts.blog", true },
{ "bibliaon.com", true },
- { "biblio.wiki", true },
{ "biblioblog.fr", true },
{ "bibliomarkt.ch", true },
{ "biblionaut.net", true },
@@ -4931,12 +5013,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bignumworks.com", true },
{ "bigorbitgallery.org", true },
{ "bigserp.com", true },
+ { "bigshopper.com", true },
+ { "bigshopper.nl", true },
{ "bigsisterchannel.com", true },
{ "bigskylifestylerealestate.com", true },
{ "bigskymontanalandforsale.com", true },
{ "bigwiseguide.com", true },
{ "bihub.io", true },
{ "biilo.com", true },
+ { "bijancompany.com", true },
+ { "bijoux.com.br", true },
{ "bijouxcherie.com", true },
{ "biju-neko.jp", true },
{ "bike-discount.de", true },
@@ -4946,7 +5032,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bikehistory.org", true },
{ "biker.dating", true },
{ "bikerebel.com", true },
- { "bikeshopitalia.com", true },
{ "bikiniatoll.com", true },
{ "bikiniseli.com", true },
{ "bikkelbroeders.com", false },
@@ -4958,7 +5043,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bildiri.ci", true },
{ "bildkomponist.de", true },
{ "bildschirmflackern.de", true },
- { "biletru.net", true },
{ "biletyplus.by", true },
{ "biletyplus.com", true },
{ "biletyplus.ua", true },
@@ -5005,6 +5089,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "binaryappdev.com", true },
{ "binarycreations.scot", true },
{ "binarydream.fi", true },
+ { "binaryevolved.com", true },
{ "binaryrebel.net", true },
{ "binarystud.io", true },
{ "binding-problem.com", true },
@@ -5014,10 +5099,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "binhex.net", true },
{ "binkconsulting.be", true },
{ "binnenmeer.de", true },
- { "binsp.net", true },
{ "bintangsyurga.com", true },
{ "bintelligence.info", true },
- { "bintelligence.nl", true },
{ "binti.com", true },
{ "bintooshoots.com", true },
{ "bio-disinfestazione.it", true },
@@ -5026,6 +5109,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bioatelier.it", true },
{ "biobuttons.ch", true },
{ "biocheminee.com", true },
+ { "biocrafting.net", false },
{ "biodiagnostiki.clinic", true },
{ "biodieseldata.com", true },
{ "biodots.at", true },
@@ -5053,6 +5137,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "biomed-hospital.ch", true },
{ "biomed.ch", true },
{ "biometrics.es", true },
+ { "biomin.co.uk", true },
{ "biomodra.cz", true },
{ "biopsychiatry.com", true },
{ "bioresonanz-ibiza.com", true },
@@ -5066,7 +5151,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "biotin.ch", true },
{ "bipyo.com", true },
{ "birbaumer.li", true },
- { "birchbarkfurniture.ch", true },
{ "birchbarkfurniture.com", true },
{ "birchbarkfurniture.fr", true },
{ "birdbrowser.com", true },
@@ -5090,6 +5174,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "biscoint.io", true },
{ "biscuitcute.com.br", true },
{ "biser-borisov.eu", true },
+ { "bishopscourt-hawarden.co.uk", true },
+ { "bismarck-tb.de", true },
{ "biso.ga", true },
{ "bison.co", true },
{ "bisq.community", true },
@@ -5113,7 +5199,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bitbucket.org", true },
{ "bitburner.de", true },
{ "bitcalt.eu.org", true },
- { "bitcalt.ga", true },
{ "bitchigo.com", true },
{ "bitcoin-india.net", true },
{ "bitcoin-india.org", true },
@@ -5132,11 +5217,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bitcoinkarlsruhe.de", true },
{ "bitcoinrealestate.com.au", true },
{ "bitcointhefts.com", true },
- { "bitcoinwalletscript.tk", true },
{ "bitcoinx.gr", true },
{ "bitcoinx.ro", true },
{ "bitcork.io", true },
{ "bitcqr.io", true },
+ { "bitenose.com", true },
{ "bitex.la", true },
{ "bitfasching.de", false },
{ "bitfehler.net", true },
@@ -5192,22 +5277,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "biupay.com.br", true },
{ "biurokarier.edu.pl", true },
{ "bixservice.com", true },
- { "biyori.moe", true },
{ "biyou-homme.com", true },
{ "biz4x.com", true },
{ "bizbudding.com", true },
{ "bizcash.co.za", true },
{ "bizeau.ch", true },
+ { "biznesonline.info", true },
{ "bizniskatalog.mk", true },
{ "biznpro.ru", true },
{ "bizstarter.cz", true },
{ "biztera.com", true },
{ "biztok.eu", true },
{ "biztouch.work", true },
+ { "bizzdesign.com", true },
{ "bjarnerest.de", true },
{ "bjmgeek.science", true },
{ "bjmun.cn", true },
- { "bjolanta.pl", true },
{ "bjornhelmersson.se", true },
{ "bjornjohansen.no", true },
{ "bjs.gov", true },
@@ -5267,7 +5352,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blackgate.org", true },
{ "blackhat.dk", true },
{ "blackhelicopters.net", true },
- { "blackhell.xyz", true },
{ "blackhillsinfosec.com", true },
{ "blackilli.de", true },
{ "blackislegroup.com", true },
@@ -5284,14 +5368,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blackphoenix.de", true },
{ "blackpi.dedyn.io", true },
{ "blackroadphotography.de", true },
- { "blackroot.eu", true },
{ "blackscytheconsulting.com", true },
{ "blackseals.net", true },
+ { "blacktown.eu", true },
{ "blackyau.cc", true },
{ "blackys-chamber.de", true },
{ "blaise.io", true },
{ "blakecoin.org", true },
{ "blakekhan.com", true },
+ { "blakezone.com", true },
{ "blameomar.com", true },
{ "blancodent.com", true },
{ "blankersfamily.com", true },
@@ -5301,6 +5386,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blastersklan.com", true },
{ "blastzoneentertainments.co.uk", true },
{ "blaudev.es", true },
+ { "blauerhunger.de", true },
{ "blayne.me", true },
{ "blayneallan.com", true },
{ "blazing.cz", true },
@@ -5316,6 +5402,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blendle.com", true },
{ "blendle.nl", true },
{ "blendr.com", true },
+ { "blendstudios.com", true },
{ "blenheimears.com", true },
{ "blenneros.net", false },
{ "blessedguy.com", true },
@@ -5326,6 +5413,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blieque.co.uk", true },
{ "bliesekow.net", true },
{ "blikk.no", true },
+ { "blikund.swedbank.se", true },
{ "blinder.com.co", true },
{ "blindpigandtheacorn.com", true },
{ "blinds-unlimited.com", true },
@@ -5338,7 +5426,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blissjoe.com", true },
{ "blissplan.com", true },
{ "blitzprog.org", true },
- { "blitzvendor.com", true },
{ "blivawesome.dk", true },
{ "blivvektor.dk", true },
{ "blizhost.com", true },
@@ -5393,7 +5480,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "blood4pets.tk", true },
{ "bloodhunt.pl", true },
{ "bloodsports.org", true },
+ { "bloody.pw", true },
{ "bloom-avenue.com", true },
+ { "bloom.sh", true },
{ "bltc.co.uk", true },
{ "bltc.com", true },
{ "bltc.net", true },
@@ -5401,12 +5490,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bltc.org.uk", true },
{ "bltdirect.com", true },
{ "blubberladen.de", true },
- { "bludnykoren.ml", true },
{ "blue-gmbh-erfahrungen.de", true },
{ "blue-gmbh.de", true },
{ "blue-leaf81.net", true },
{ "blue42.net", true },
{ "blueblou.com", true },
+ { "bluecards.eu", true },
{ "bluechilli.com", true },
{ "bluecon.ninja", true },
{ "bluecrazii.nl", true },
@@ -5420,7 +5509,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bluekrypt.com", true },
{ "blueliquiddesigns.com.au", true },
{ "bluemeda.web.id", true },
- { "bluemosh.com", true },
{ "bluemtnrentalmanagement.ca", true },
{ "bluenote9.com", true },
{ "blueoakart.com", true },
@@ -5442,6 +5530,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bluex.org", true },
{ "blueyed.eu", true },
{ "blui.ml", true },
+ { "bluiandaj.ml", true },
{ "bluimedia.com", true },
{ "blumenfeldart.com", true },
{ "blumiges-fischbachtal.de", false },
@@ -5457,13 +5546,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bm-immo.ch", true },
{ "bmhglobal.com.au", true },
{ "bminton.is-a-geek.net", true },
- { "bmone.net", true },
+ { "bmk-kramsach.at", true },
{ "bmriv.com", true },
{ "bmros.com.ar", true },
{ "bmw-motorradclub-seefeld.de", true },
{ "bmwcolors.com", true },
{ "bn1digital.co.uk", true },
- { "bn4t.me", true },
{ "bnbsinflatablehire.co.uk", true },
{ "bngs.pl", true },
{ "bnin.org", true },
@@ -5500,6 +5588,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bodybuildingworld.com", true },
{ "bodyconshop.com", true },
{ "bodygearguide.com", true },
+ { "bodymusclejournal.com", true },
{ "bodypainter.pl", true },
{ "bodypainting.waw.pl", true },
{ "bodyshopnews.net", true },
@@ -5537,6 +5626,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bolte.org", true },
{ "bomb.codes", true },
{ "bombe-lacrymogene.fr", true },
+ { "bomhard.de", true },
{ "bonaccorso.eu", true },
{ "bonami.cz", true },
{ "bonami.hu", true },
@@ -5551,13 +5641,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bondlink.com", true },
{ "bondoer.fr", true },
{ "bondskampeerder.nl", true },
+ { "bondtofte.dk", true },
{ "bonebunny.de", true },
{ "bonesserver.com", true },
{ "bonfi.net", true },
{ "bongo.cat", true },
{ "bonibuty.com", true },
{ "bonifacius.be", true },
- { "bonita.com.br", true },
{ "bonito.pl", true },
{ "bonnant-associes.ch", true },
{ "bonnant-partners.ch", true },
@@ -5574,7 +5664,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bonqoeur.ca", true },
{ "bonrecipe.com", true },
{ "bonsaimedia.nl", true },
- { "bonsi.net", true },
{ "bonux.co", true },
{ "boodmo.com", true },
{ "boogaerdtmakelaars.nl", true },
@@ -5583,7 +5672,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "booker.ly", true },
{ "bookingapp.be", true },
{ "bookingapp.nl", true },
- { "bookingdeluxesp.com", true },
{ "bookingready.com", true },
{ "bookingslog.com", true },
{ "bookingworldspeakers.com", true },
@@ -5591,12 +5679,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bookmein.in", true },
{ "booksearch.jp", true },
{ "booksinthefridge.at", true },
+ { "booksouthafrica.travel", true },
{ "booktracker-org.appspot.com", true },
{ "bool.be", true },
{ "boombv.com", true },
{ "boomersurf.com", true },
{ "boomshelf.com", true },
{ "boomshelf.org", true },
+ { "boomvm.pw", true },
{ "boonbox.com", true },
{ "booox.biz", true },
{ "booox.cc", true },
@@ -5629,6 +5719,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "borneodictionary.com", true },
{ "bornfiber.dk", true },
{ "bornhack.dk", true },
+ { "borowski.pw", true },
{ "borrelpartybus.nl", true },
{ "borysek.net", true },
{ "bosabosa.org", true },
@@ -5644,11 +5735,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "botguard.net", true },
{ "bothellwaygarage.net", true },
{ "botoes-primor.pt", true },
- { "botserver.de", true },
{ "botsindiscord.me", true },
- { "botstack.host", true },
{ "bottaerisposta.net", true },
{ "bottineauneighborhood.org", true },
+ { "bottke.berlin", true },
+ { "bottledstories.de", true },
+ { "bou.cloud", true },
{ "bou.lt", true },
{ "bouah.net", true },
{ "bouchard-mathieux.com", true },
@@ -5673,7 +5765,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bouncea-bout.com", true },
{ "bounceaboutandplay.co.uk", true },
{ "bounceaboutnewark.co.uk", true },
- { "bounceaboutsussex.co.uk", true },
{ "bouncealotcastlehire.co.uk", true },
{ "bouncealotnorthwest.co.uk", true },
{ "bounceandwobble.co.uk", true },
@@ -5765,7 +5856,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bountyfactory.io", true },
{ "bourasse.fr", true },
{ "bourdon.fr.eu.org", true },
- { "bourgdepabos.com", true },
{ "bourhis.info", true },
{ "bournefun.co.uk", true },
{ "bourqu.in", true },
@@ -5815,6 +5905,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "braams.nl", true },
{ "braathe.no", true },
{ "bracho.xyz", true },
+ { "brachotelborak.com", true },
{ "brackets-salad.com", true },
{ "bradbrockmeyer.com", true },
{ "bradfergusonrealestate.com", true },
@@ -5849,7 +5940,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "brakstad.org", true },
{ "bralnik.com", true },
{ "brambogaerts.nl", true },
- { "bramburek.net", true },
{ "bramhallsamusements.com", true },
{ "brammingfys.dk", true },
{ "bramsikkens.be", true },
@@ -5870,10 +5960,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "brandonwalker.me", true },
{ "brandrocket.dk", true },
{ "brandstead.com", true },
- { "brandtrapselfie.nl", true },
{ "brandweerfraneker.nl", true },
{ "brandweertrainingen.nl", true },
- { "brandweeruitgeest.nl", true },
{ "brank.as", true },
{ "branw.xyz", true },
{ "brasal.ma", true },
@@ -5904,9 +5992,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "brazenfol.io", true },
{ "brazilian.dating", true },
{ "brazillens.com", true },
+ { "brazoriabar.org", true },
{ "brck.nl", true },
{ "brd.ro", true },
{ "breadandlife.org", true },
+ { "breadofgod.org", true },
{ "breakingtech.it", true },
{ "breakpoint.at", true },
{ "breaky.de", true },
@@ -5929,6 +6019,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "breitband.bz.it", true },
{ "breitbild-beamer.de", true },
{ "brejoc.com", true },
+ { "brelahotelberulia.com", true },
{ "bremen-restaurants.de", true },
{ "bremerfriedensforum.de", true },
{ "brendanbatliner.com", true },
@@ -5938,6 +6029,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bressier.fr", true },
{ "bretcarmichael.com", true },
{ "brettabel.com", true },
+ { "brettcornwall.com", true },
{ "brettelliff.com", true },
{ "brettlawyer.com", true },
{ "brettw.xyz", true },
@@ -5966,7 +6058,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bricolajeux.ch", true },
{ "brid.gy", false },
{ "bridalshoes.com", true },
- { "brideandgroomdirect.ie", true },
{ "bridgedirectoutreach.com", true },
{ "bridgeglobalmarketing.com", true },
{ "bridgehomeloans.com", true },
@@ -5974,6 +6065,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bridgevest.com", true },
{ "bridgingdirectory.com", true },
{ "bridltaceng.com", true },
+ { "bridzius.lt", true },
{ "brie.tech", true },
{ "briefassistant.com", true },
{ "briefhansa.de", true },
@@ -5995,6 +6087,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "brilliantproductions.co.nz", true },
{ "brimspark.systems", true },
{ "brio-shop.ch", true },
+ { "brioukraine.store", true },
{ "brisbanelogistics.com.au", true },
{ "bristebein.com", true },
{ "bristolandwestonsuperbounce.com", true },
@@ -6012,9 +6105,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "britton-photography.com", true },
{ "brk.st", true },
{ "brmsalescommunity.com", true },
- { "brn.by", true },
{ "brnojebozi.cz", true },
{ "bro.hk", true },
+ { "broadbandnd.com", true },
{ "broadleft.org", true },
{ "broadsheet.com.au", true },
{ "brockmeyer.net", true },
@@ -6025,7 +6118,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "broersma.com", true },
{ "broeselei.at", true },
{ "brokenhands.io", true },
- { "brokenjoysticks.net", true },
{ "brokervalues.com", true },
{ "brompton-cocktail.com", true },
{ "bronetb2b.com.br", true },
@@ -6047,16 +6139,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "browntowncountryclub.com", true },
{ "browsemycity.com", true },
{ "browserleaks.com", true },
+ { "brrd.io", true },
{ "brring.com", true },
{ "brrr.fr", true },
{ "bru6.de", true },
+ { "brubankv1-staging.azurewebsites.net", true },
{ "brucekovner.com", true },
{ "brucemartin.net", true },
{ "brucemobile.de", false },
{ "bruck.me", true },
+ { "brudkista.nu", true },
{ "brudkista.se", true },
{ "brudkistan.nu", true },
{ "brudkistan.se", true },
+ { "brueser-gmbh.de", true },
{ "bruna-cdn.nl", true },
{ "brunick.de", false },
{ "brunn.email", true },
@@ -6064,10 +6160,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "brunohenc.from.hr", true },
{ "brunoproduit.ch", true },
{ "brunoramos.com", true },
- { "brunoramos.org", true },
{ "brunosouza.org", true },
{ "brush.ninja", true },
+ { "brutus2.ga", true },
{ "bruun.co", true },
+ { "bry.do", true },
{ "bryankaplan.com", true },
{ "bryanquigley.com", true },
{ "bryansmith.net", true },
@@ -6075,7 +6172,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "brycecanyon.net", true },
{ "brycecanyonnationalpark.com", true },
{ "bryggebladet.dk", true },
- { "brztec.com", true },
{ "brzy-svoji.cz", true },
{ "bs-network.net", true },
{ "bs-security.com", true },
@@ -6083,6 +6179,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bs.to", true },
{ "bs12v.ru", true },
{ "bsa157.org", true },
+ { "bsapack564.org", true },
{ "bsatroop794.org", true },
{ "bsc-rietz.at", true },
{ "bscc.support", true },
@@ -6127,7 +6224,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "btth.live", true },
{ "btth.pl", true },
{ "btth.tv", true },
- { "btth.xyz", true },
{ "bttorj45.com", true },
{ "buayacorp.com", true },
{ "bubblegumblog.com", true },
@@ -6184,8 +6280,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "build.chromium.org", true },
{ "buildbox.io", true },
{ "buildbytes.com", true },
+ { "buildfaith.ca", true },
{ "buildhoscaletraingi.com", true },
- { "building-cost-estimators.com", true },
{ "buildingclouds.de", true },
{ "buildingcostestimators.co.uk", true },
{ "builditsolutions.net", true },
@@ -6203,6 +6299,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bulario.com", true },
{ "bulario.net", true },
{ "bulbcompare.com", true },
+ { "bulgarianwine.com", true },
{ "bulkcandystore.com", true },
{ "bulkingtime.com", true },
{ "bulkowespacerkowo.nl", true },
@@ -6285,11 +6382,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bustimes.org", true },
{ "bustup-tips.com", true },
{ "busuttil.org.uk", true },
- { "busyon.cloud", true },
{ "butarque.es", true },
{ "buthowdoyoubuygroceries.com", true },
{ "butikpris.se", true },
{ "butikvip.ru", true },
+ { "butlerfm.dk", true },
{ "butteramotors.com", true },
{ "buttonline.ch", true },
{ "buttonrun.com", true },
@@ -6320,11 +6417,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "buytheway.co.za", true },
{ "buywine.shop", true },
{ "buzz.tools", true },
- { "buzzconf.io", true },
{ "buzzcontent.com", true },
{ "buzzprint.it", true },
{ "bvalle.com", true },
- { "bvgg.eu", true },
{ "bvl.aero", true },
{ "bw.codes", true },
{ "bwcscorecard.org", true },
@@ -6340,9 +6435,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bxp40.at", true },
{ "byange.pro", true },
{ "byatte.com", true },
+ { "bye-bye.us", true },
{ "byeskille.no", true },
{ "bygningsregistrering.dk", true },
- { "byhe.me", true },
{ "byiu.info", false },
{ "byken.cn", true },
{ "bymark.co", true },
@@ -6354,6 +6449,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "byr.moe", true },
{ "byrko.cz", true },
{ "byrko.sk", true },
+ { "byronkg.us", true },
{ "byrtz.de", true },
{ "bytanchan.com", true },
{ "byte-time.com", true },
@@ -6385,7 +6481,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "bytrain.net", true },
{ "byvshie.com", true },
{ "bziaks.xyz", true },
- { "bzsparks.com", true },
+ { "bzsparks.com", false },
{ "bztech.com.br", true },
{ "bztraveler.com", true },
{ "bztraveler.net", true },
@@ -6411,7 +6507,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "c5h8no4na.net", true },
{ "c7dn.com", true },
{ "ca-key.de", true },
- { "ca-terminal-multiservices.fr", true },
{ "ca.gparent.org", true },
{ "ca.search.yahoo.com", false },
{ "ca5.de", true },
@@ -6437,21 +6532,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cachetagalong.com", true },
{ "cachetur.no", true },
{ "cackette.com", true },
+ { "cacn.pw", true },
{ "cad-noerdlingen.de", true },
{ "cadacoon.com", true },
{ "cadafamilia.de", true },
{ "cadams.io", true },
- { "cadcreations.co.ke", true },
{ "cadetsge.ch", true },
{ "cadmail.nl", true },
{ "cadman.pw", true },
{ "cadooz.com", true },
{ "cadorama.fr", true },
{ "cadoth.net", true },
- { "cadra.nl", false },
{ "cadre.com", true },
{ "cadsys.net", true },
- { "cadusilva.com", true },
{ "caesarkabalan.com", true },
{ "cafedupont.be", true },
{ "cafedupont.co.uk", true },
@@ -6464,9 +6557,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cafericoy.com", true },
{ "cafeterasbaratas.net", true },
{ "caffeinatedcode.com", true },
- { "cagalogluyayinevi.com", true },
+ { "cafled.org", true },
+ { "cagalogluyayinevi.com", false },
{ "caglarcakici.com", true },
- { "caijunyi.net", true },
+ { "caibi.io", true },
{ "cainhosting.com", false },
{ "caitcs.com", true },
{ "caiwenjian.xyz", true },
@@ -6475,6 +6569,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cajio.ru", true },
{ "cajunuk.co.uk", true },
{ "cake-time.co.uk", true },
+ { "cakearific.com", true },
{ "cakestart.net", true },
{ "caketoindia.com", true },
{ "cakingandbaking.com", true },
@@ -6519,10 +6614,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "calibso.net", true },
{ "caliderumba.com", true },
{ "calixte-concept.fr", true },
+ { "calkinsmusic.com", true },
{ "call.me", true },
{ "callanan.nl", true },
{ "callantonia.com", true },
- { "callawayracing.se", false },
{ "callear.org", true },
{ "callhub.io", true },
{ "callidus-vulpes.de", true },
@@ -6531,6 +6626,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "callumsilcock.com", true },
{ "callumsilcock.me", true },
{ "calluna.nl", true },
+ { "calminteractive.fr", true },
{ "calmtech.com", true },
{ "calotte-academy.com", true },
{ "calrotaract.org", true },
@@ -6552,7 +6648,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cambier.org", true },
{ "cambiowatch.ch", true },
{ "cambodian.dating", true },
- { "cambridge-security.com", true },
+ { "cambreaconsulting.com", true },
+ { "cambridge-examen.nl", true },
{ "cambridgebouncers.co.uk", true },
{ "cambridgesecuritygroup.org", true },
{ "camcapital.com", true },
@@ -6603,6 +6700,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "canadasmotorcycle.ca", true },
{ "canadian-nurse.com", true },
{ "canadian.dating", true },
+ { "canadianatheists.ca", true },
+ { "canadianatheists.com", true },
{ "canadianchristianity.com", false },
{ "canadianoutdoorequipment.com", true },
{ "canadiantouristboard.com", true },
@@ -6623,11 +6722,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "candlcastles.co.uk", true },
{ "cando.eu", true },
{ "candyout.com", true },
- { "canerkorkmaz.com", true },
{ "cangelloplasticsurgery.com", true },
{ "cangku.in", true },
{ "cangku.moe", false },
- { "canglong.net", true },
{ "canhazip.com", true },
{ "canicaprice.com", true },
{ "canihavesome.coffee", true },
@@ -6641,18 +6738,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cannoli.london", true },
{ "cannyfoxx.me", true },
{ "canoonic.se", true },
+ { "canopycleaningmelbourne.com.au", true },
{ "cant.at", true },
{ "cantatio.ch", true },
- { "canterberry.cc", true },
{ "canterburybouncycastlehire.co.uk", true },
+ { "cantonroadjewelry.com", true },
{ "cantrack.com", true },
+ { "canva-dev.com", true },
{ "canva.com", true },
{ "canx.org", true },
{ "canyonshoa.com", true },
{ "canyoupwn.me", true },
{ "cao.gov", true },
{ "cao.la", true },
- { "caodesantohumberto.com.br", true },
{ "caoshan60.com", true },
{ "capachitos.cl", true },
{ "capacityproject.org", true },
@@ -6681,9 +6779,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "capstansecurity.co.uk", true },
{ "capstansecurity.com", true },
{ "capstoneinsights.com", true },
+ { "capsule.org", true },
{ "capsulesubs.fr", true },
{ "captain-dandelion.com", true },
{ "captainark.net", true },
+ { "captainsfarm.in", true },
{ "captainsinn.com", true },
{ "captivationtheory.com", true },
{ "capturapp.com", false },
@@ -6781,6 +6881,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "carlosfelic.io", true },
{ "carlosjeurissen.com", true },
{ "carlot-j.com", true },
+ { "carmelrise.co.uk", true },
{ "carnaticalifornia.com", true },
{ "carnet-du-voyageur.com", true },
{ "carnildo.com", true },
@@ -6806,6 +6907,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "carroceriascarluis.com", true },
{ "carrollservicecompany.com", true },
{ "carrosserie-dubois.com", true },
+ { "carrouselcompany.fr", true },
+ { "cars4salecy.com", true },
{ "carseatchecks.ca", true },
{ "carshippingcarriers.com", true },
{ "carson-aviation-adventures.com", true },
@@ -6825,11 +6928,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cartadeviajes.pe", true },
{ "cartadeviajes.uk", true },
{ "carteirasedistintivos.com.br", true },
+ { "cartelcircuit.com", true },
{ "carterstad.se", true },
{ "cartertonscouts.org.nz", true },
{ "cartesentreprises-unicef.fr", true },
{ "carthedral.com", true },
- { "cartierplan.ga", true },
+ { "cartierplan.ga", false },
{ "carto.la", true },
{ "cartongesso.roma.it", true },
{ "cartooncastles.ie", true },
@@ -6857,6 +6961,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "casadoarbitro.com.br", true },
{ "casadowifi.com.br", true },
{ "casaessencias.com.br", true },
+ { "casalborgo.it", true },
{ "casalindamex.com", true },
{ "casalunchbreak.de", true },
{ "casamariposaspi.com", true },
@@ -6881,7 +6986,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cashbot.cz", true },
{ "cashfazz.com", true },
{ "cashlink.de", true },
- { "cashlink.io", true },
{ "cashlogic.ch", true },
{ "cashmaxtexas.com", true },
{ "cashplk.com", true },
@@ -6894,6 +6998,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "casinomucho.org", true },
{ "casinomucho.se", true },
{ "casinoonlinesicuri.com", true },
+ { "casinorewards.info", true },
{ "casinovergleich.com", true },
{ "casio-caisses-enregistreuses.fr", true },
{ "casirus.com", true },
@@ -6921,7 +7026,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "castlesrus-kent.com", true },
{ "casualdesignsfurniture.com", true },
{ "casusgrillcaribbean.com", true },
- { "cat-blum.com", true },
{ "cat-box.de", true },
{ "cat.net", true },
{ "cat73.org", true },
@@ -6973,7 +7077,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "caulong-ao.net", true },
{ "cav.ac", true },
{ "cavac.at", true },
- { "cave-reynard.ch", true },
{ "cavevinsdefrance.fr", true },
{ "cavzodiaco.com.br", true },
{ "caxalt.com", true },
@@ -6986,8 +7089,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cbcf.info", true },
{ "cbd.casa", true },
{ "cbd.supply", true },
- { "cbdev.de", true },
+ { "cbdcontact.pl", true },
{ "cbdmarket.space", true },
+ { "cbdoilcures.co", true },
{ "cbecrft.net", true },
{ "cbhq.net", true },
{ "cbin168.com", true },
@@ -6998,6 +7102,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cbw.sh", true },
{ "cc-brantomois.fr", true },
{ "ccac.gov", true },
+ { "ccattestprep.com", true },
{ "ccavenue.com", true },
{ "ccc-ch.ch", true },
{ "cccwien.at", true },
@@ -7027,6 +7132,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cdda.ch", true },
{ "cdepot.eu", true },
{ "cdkeykopen.com", true },
+ { "cdmlb.net", true },
{ "cdn.ampproject.org", true },
{ "cdn6.de", true },
{ "cdncompanies.com", true },
@@ -7040,7 +7146,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cduckett.net", true },
{ "cdvl.org", true },
{ "ce-pimkie.fr", true },
- { "ceagriproducts.com", true },
+ { "ceanimalhealth.com", true },
{ "cebz.org", true },
{ "cecame.ch", true },
{ "ceciliacolombara.com", true },
@@ -7054,6 +7160,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ceebee.com", true },
{ "cejhon.cz", false },
{ "celcomhomefibre.com.my", true },
+ { "cele.bi", true },
{ "celebmasta.com", true },
{ "celebrityhealthcritic.com", true },
{ "celebrityscope.net", true },
@@ -7065,7 +7172,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "celltesequ.com", true },
{ "celluliteorangeskin.com", true },
{ "celluliteremovaldiet.com", true },
- { "celtadigital.com", true },
{ "celti.ie.eu.org", true },
{ "celti.name", true },
{ "celuliteonline.com", true },
@@ -7083,12 +7189,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "centennialradon.com", true },
{ "centennialseptic.com", true },
{ "centerpereezd.ru", false },
- { "centerpoint.ovh", true },
{ "centio.bg", true },
{ "centos.tips", true },
{ "centralbank.ae", true },
{ "centralebigmat.eu", true },
{ "centralegedimat.eu", true },
+ { "centrallotus.com", true },
{ "centralmarket.com", true },
{ "centralmissourifoundationrepair.com", true },
{ "centralpoint.be", false },
@@ -7152,7 +7258,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "certspotter.org", true },
{ "cervejista.com", true },
{ "ces-ltd.co.uk", true },
- { "cesantias.co", true },
{ "cesboard.com", true },
{ "cesdb.com", true },
{ "cesipagano.com", true },
@@ -7169,8 +7274,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ceyizlikelisleri.com", true },
{ "cf-ide.de", true },
{ "cf-tm.net", true },
- { "cfa.gov", true },
- { "cfan.space", true },
{ "cfda.gov", true },
{ "cfdcre5.org", true },
{ "cfh.com", true },
@@ -7194,6 +7297,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cgbassurances.ch", true },
{ "cgbilling.com", true },
{ "cgcookiemarkets.com", true },
+ { "cgminc.net", true },
{ "cgnparts.com", true },
{ "cgpe.com", true },
{ "cgsmart.com", true },
@@ -7211,7 +7315,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chaffeyconstruction.com", true },
{ "chaifeng.com", true },
{ "chainedunion.info", true },
- { "chaip.org", true },
{ "chaisystems.net", true },
{ "chaletdemontagne.org", true },
{ "chaletmanager.com", true },
@@ -7260,15 +7363,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chaospott.de", true },
{ "chaosriftgames.com", true },
{ "chaoswars.ddns.net", true },
- { "chaotichive.com", true },
- { "chapelaria.tf", true },
{ "chapelfordbouncers.co.uk", true },
{ "chapiteauxduleman.fr", true },
{ "chaplain.co", true },
{ "charbonnel.eu", true },
{ "charcoal-se.org", true },
{ "charcoalvenice.com", true },
- { "charge.co", true },
+ { "charge.co", false },
{ "chargedmonkey.com", true },
{ "chargify.com", true },
{ "charisma.ai", true },
@@ -7295,8 +7396,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "charmander.me", true },
{ "charmanterelefant.at", true },
{ "charmingsaul.com", true },
- { "charr.xyz", true },
- { "chars.ga", true },
+ { "charmyadesara.com", true },
+ { "chars.ga", false },
{ "charta-digitale-vernetzung.de", true },
{ "charteroak.org", true },
{ "chartkick.com", true },
@@ -7314,13 +7415,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chat2.cf", true },
{ "chat40.net", true },
{ "chatbelgie.eu", true },
- { "chatbotclic.com", true },
- { "chatbotclick.com", true },
{ "chatbots.systems", true },
{ "chatear.social", true },
{ "chateau-de-lisle.fr", true },
{ "chateaudestrainchamps.com", true },
{ "chatfacile.org", true },
+ { "chatforskning.no", true },
{ "chatgrape.com", true },
{ "chatint.com", true },
{ "chatitaly.org", true },
@@ -7344,10 +7444,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chaurocks.com", true },
{ "chaussenot.net", true },
{ "chavetaro.com", true },
- { "chaz6.com", true },
{ "chazalet.fr", true },
{ "chazay.net", false },
- { "chazgie.se", true },
{ "chbk.co", true },
{ "chbs.me", true },
{ "chch.it", true },
@@ -7384,6 +7482,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "checkmypsoriasis.com", true },
{ "checkout.google.com", true },
{ "checkpoint-tshirt.com", true },
+ { "checkras.tk", true },
{ "checkrente.nl", true },
{ "checkspf.net", true },
{ "checktype.com", true },
@@ -7397,6 +7496,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cheekymonkeysinflatables.co.uk", true },
{ "cheela.org", true },
{ "cheeseemergency.co.uk", true },
+ { "cheetahwerx.com", true },
{ "cheez.systems", true },
{ "cheezflix.uk", true },
{ "chefwear.com", true },
@@ -7411,6 +7511,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chenapartment.com", true },
{ "chengxindong.com", true },
{ "chenkun.pro", true },
+ { "chenky.com", true },
{ "chenna.me", true },
{ "chennien.com", true },
{ "chenpei.org", true },
@@ -7421,8 +7522,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cheolguso.com", true },
{ "cherevoiture.com", true },
{ "cherie-belle.com", true },
- { "cherrett.digital", true },
{ "cherry-green.ch", true },
+ { "cherrybread.net", true },
{ "cherryonit.com", true },
{ "cherrywoodtech.com", true },
{ "chertseybouncycastles.co.uk", true },
@@ -7434,6 +7535,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chesspoint.ch", true },
{ "chesterlestreetasc.co.uk", false },
{ "chestnut.cf", true },
+ { "chetwood.se", true },
{ "chevy37.com", true },
{ "chevymotor-occasions.be", true },
{ "chewey.de", true },
@@ -7443,12 +7545,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chez.moe", true },
{ "chfr.search.yahoo.com", false },
{ "chhory.com", true },
- { "chhy.at", true },
{ "chiaraiuola.com", false },
{ "chiaseeds24.com", true },
{ "chiboard.co", true },
{ "chibr.eu", true },
{ "chic-leather.com", true },
+ { "chicagoemergencyclosings.com", true },
{ "chicagolug.org", true },
{ "chicagostudentactivists.org", true },
{ "chicisimo.com", true },
@@ -7490,7 +7592,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chipglobe.com", true },
{ "chippy.ch", false },
{ "chips-scheduler.de", true },
- { "chiralsoftware.com", true },
+ { "chipset.no", true },
{ "chireiden.net", true },
{ "chiro-neuchatel.ch", true },
{ "chiropractic.gr", true },
@@ -7527,7 +7629,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chon.io", true },
{ "chonghe.org", true },
{ "chook.as", true },
- { "choootto.club", true },
+ { "choootto.net", true },
{ "choosemypc.net", true },
{ "chopperdesign.com", true },
{ "chorkley.co.uk", true },
@@ -7540,7 +7642,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chovancova.sk", true },
{ "chowii.com", true },
{ "choyri.com", true },
+ { "chr0me.sh", true },
{ "chris-edwards.net", true },
+ { "chrisahrweileryoga.com", true },
{ "chrisaitch.com", true },
{ "chrisb.me", true },
{ "chrisb.xyz", true },
@@ -7560,6 +7664,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chrisnekarda.com", true },
{ "chrisplankhomes.com", true },
{ "chrispstreet.com", true },
+ { "chrissx.ga", true },
{ "christadelphiananswers.org", true },
{ "christadelphians.eu", true },
{ "christchurchbouncycastles.co.uk", true },
@@ -7624,6 +7729,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "chrpaul.de", true },
{ "chrstn.eu", true },
{ "chrysanthos.net", true },
+ { "chrystajewelry.com", true },
{ "chshouyu.com", true },
{ "chsterz.de", true },
{ "chuchote-moi.fr", true },
@@ -7654,9 +7760,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ciaracode.com", true },
{ "ciat.no", false },
{ "cibercactus.com", true },
+ { "cica.es", true },
{ "cidbot.com", true },
{ "cidersus.com.ec", true },
{ "cie-theatre-montfaucon.ch", true },
+ { "ciel.pro", true },
{ "cielbleu.org", true },
{ "cielly.com", true },
{ "cierreperimetral.com", true },
@@ -7664,9 +7772,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ciftlikesintisi.com", true },
{ "cig-dem.com", true },
{ "cigar-cartel.com", true },
- { "ciiex.co", true },
{ "cilloc.be", true },
{ "cima-idf.fr", true },
+ { "cimbalino.org", true },
{ "cimballa.com", true },
{ "cimfax.com", true },
{ "cinafilm.com", true },
@@ -7679,7 +7787,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cinemasetfree.com", true },
{ "cinemysticism.com", true },
{ "cineplex.my", true },
- { "cinerama.com.br", false },
{ "cinnabon.com", true },
{ "cinq-elements.com", true },
{ "cinq-elements.fr", true },
@@ -7711,14 +7818,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "circulatedigital.com", true },
{ "circule.cc", true },
{ "ciri.com.co", true },
- { "cirope.com", true },
{ "cirrus0.de", true },
- { "cirugiasplasticas.com.mx", true },
- { "cirujanooral.com", true },
{ "cirurgicagervasio.com.br", true },
{ "cirurgicalucena.com.br", true },
{ "cirurgicasalutar.com.br", true },
- { "ciscodude.net", true },
+ { "cirurgicavirtual.com.br", true },
+ { "cisa.gov", true },
+ { "ciscodude.net", false },
{ "cisoaid.com", true },
{ "cisofy.com", true },
{ "cispeo.org", true },
@@ -7726,11 +7832,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cisum-cycling.com", true },
{ "cisy.me", true },
{ "citcuit.in", true },
+ { "citfin.cz", true },
{ "cities.cl", true },
{ "citimarinestore.com", true },
{ "citizen-cam.de", true },
{ "citizensbankal.com", true },
{ "citizenscience.gov", false },
+ { "citizenscience.org", true },
{ "citizenslasvegas.com", true },
{ "citizensleague.org", true },
{ "citizenspact.eu", true },
@@ -7742,11 +7850,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "city-walks.info", true },
{ "citya.com", true },
{ "citybeat.de", true },
+ { "citycreek.studio", true },
+ { "cityextra.com.au", true },
{ "cityfloorsupply.com", true },
{ "citylights.eu", true },
{ "citymoobel.ee", true },
{ "cityoftitans.com", true },
- { "cityoftitansmmo.com", true },
{ "citysportapp.com", true },
{ "cityworksonline.com", true },
{ "ciubotaru.tk", true },
@@ -7781,13 +7890,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cktennis.com", true },
{ "cl.search.yahoo.com", false },
{ "cl0ud.space", true },
- { "clacetandil.com.ar", true },
{ "claimconnect.com", true },
{ "claimconnect.us", true },
{ "claimjeidee.be", true },
{ "claimnote.com", true },
{ "clairegold.com", true },
{ "clairescastles.co.uk", true },
+ { "clamofon.com", true },
{ "clanebouncycastles.com", true },
{ "clangwarnings.com", true },
{ "clanrose.org.uk", true },
@@ -7795,12 +7904,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "clarkeaward.com", true },
{ "clarkwinkelmann.com", true },
{ "clase3.tk", true },
- { "clash-movies.de", true },
{ "clash.lol", true },
{ "class.com.au", true },
{ "classdojo.com", true },
{ "classicalpilates.ca", true },
- { "classics.io", true },
{ "classictheatrecumbria.co.uk", true },
{ "classpoint.cz", true },
{ "classroom.google.com", true },
@@ -7837,6 +7944,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "clearblueday.co.uk", true },
{ "clearbookscdn.uk", true },
{ "clearbreezesecuritydoors.com.au", true },
+ { "clearer.cloud", true },
{ "clearip.com", true },
{ "clearkonjac.com", true },
{ "clearsettle-admin.com", true },
@@ -7872,7 +7980,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "clindoeilmontagne.com", true },
{ "clingout.com", true },
{ "clinicadam.com", true },
- { "clinicadelogopedia.net", true },
{ "clinicalrehabilitation.info", true },
{ "clinicaltrials.gov", true },
{ "clinicasmedicas.com.br", true },
@@ -7880,7 +7987,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cliniquecomplementaire.com", true },
{ "cliniquevethuy.be", true },
{ "clintonlibrary.gov", true },
- { "clintonplasticsurgery.com", true },
{ "clipclip.com", true },
{ "clippings.com", true },
{ "clive.io", true },
@@ -7911,11 +8017,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cloudbrothers.info", true },
{ "cloudcactuar.com", false },
{ "cloudcaprice.net", true },
+ { "cloudcert.org", true },
{ "cloudchart.site", true },
{ "cloudcite.net", true },
{ "cloudcloudcloud.cloud", true },
{ "cloudcrux.net", true },
{ "cloudey.net", true },
+ { "cloudfiles.at", true },
{ "cloudflare-dns.com", true },
{ "cloudflare.com", true },
{ "cloudflareonazure.com", true },
@@ -7943,6 +8051,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cloudtropia.de", true },
{ "cloudtskr.com", true },
{ "cloudup.com", true },
+ { "cloudwellmarketing.com", true },
{ "clouz.de", true },
{ "cloveros.ga", true },
{ "clownindeklas.nl", true },
@@ -7970,13 +8079,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "clubempleos.com", true },
{ "clubeohara.com", true },
{ "clubfamily.de", true },
- { "clubgalaxy.futbol", true },
+ { "clubgalaxy.futbol", false },
{ "clubiconkenosha.com", true },
{ "clubmate.rocks", true },
{ "clubmini.jp", true },
{ "clubnoetig-ink2g.de", true },
{ "clubon.space", true },
- { "clueful.ca", true },
{ "cluster.biz.tr", true },
{ "clusteranalyse.net", true },
{ "clusterfuck.nz", true },
@@ -8041,6 +8149,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "coathangerstrangla.com", true },
{ "coathangerstrangler.com", true },
{ "coatl-industries.com", false },
+ { "coatsandcocktails.org", true },
{ "cobalt.io", true },
{ "cobaltgp.com", true },
{ "cobaltis.co.uk", true },
@@ -8078,7 +8187,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "code67.com", true },
{ "codeandpeace.com", true },
{ "codebrahma.com", false },
- { "codebreaking.org", true },
{ "codecommunity.io", true },
{ "codedelarouteenligne.fr", true },
{ "codedump.net", true },
@@ -8104,6 +8212,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "codereview.appspot.com", false },
{ "codereview.chromium.org", false },
{ "coderme.com", true },
+ { "codersbase.org", true },
{ "coderware.co.uk", true },
{ "codes.pk", true },
{ "codesplain.in", true },
@@ -8125,8 +8234,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "codific.com", true },
{ "codific.eu", true },
{ "codigo-bonus-bet.es", true },
+ { "codigodelbonusbet365.com", true },
{ "codigosddd.com.br", true },
- { "codimaker.com", true },
{ "coding-minds.com", true },
{ "coding.lv", true },
{ "coding.net", true },
@@ -8164,10 +8273,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "coinbit.trade", true },
{ "coincealed.com", true },
{ "coinchat.im", true },
- { "coincoele.com.br", true },
{ "coincoin.eu.org", true },
{ "coincolors.co", true },
- { "coindatabase.net", true },
{ "coindeal.com", true },
{ "coinf.it", true },
{ "coinflux.com", true },
@@ -8187,7 +8294,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "colaborativa.tv", true },
{ "colapsys.net", true },
{ "colasjourdain.fr", true },
- { "coldawn.com", false },
{ "coldcardwallet.com", true },
{ "coldfff.com", false },
{ "coldhak.ca", true },
@@ -8231,6 +8337,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "collinelhossari.com", true },
{ "collinklippel.com", true },
{ "collinmbarrett.com", true },
+ { "cololi.moe", true },
{ "colombian.dating", true },
{ "coloppe.com", true },
{ "coloraid.net", true },
@@ -8239,6 +8346,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "colorcodedlyrics.com", true },
{ "colorectalcompounding.com", true },
{ "colorfuldots.com", true },
+ { "colorguni.com", true },
{ "colorhexa.com", true },
{ "coloristcafe.com", true },
{ "colorsbycarin.com", true },
@@ -8246,6 +8354,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "colotimes.com", true },
{ "colourfulcastles.co.uk", true },
{ "colpacpackaging.com", true },
+ { "colpatriaws.azurewebsites.net", true },
{ "colson-occasions.be", true },
{ "coltellisurvival.com", true },
{ "coltonrb.com", true },
@@ -8253,6 +8362,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "colyakootees.com", true },
{ "com-in.de", true },
{ "comalia.com", true },
+ { "comame.xyz", true },
{ "comandofilmes.club", true },
{ "comarkinstruments.net", true },
{ "combatircelulitis.com", true },
@@ -8271,6 +8381,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "comestoarra.com", true },
{ "cometcache.com", true },
{ "cometonovascotia.ca", true },
+ { "comevius.com", true },
+ { "comevius.org", true },
+ { "comevius.xyz", true },
{ "comff.net", true },
{ "comfintouch.com", true },
{ "comflores.com.br", true },
@@ -8278,6 +8391,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "comfun.net", true },
{ "comhack.com", true },
{ "comicspornos.com", true },
+ { "comicspornow.com", true },
{ "comicspornoxxx.com", true },
{ "comicwiki.dk", true },
{ "comidasperuanas.net", true },
@@ -8301,16 +8415,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "communitymanagertorrejon.com", true },
{ "communote.net", true },
{ "como-se-escribe.com", true },
+ { "comocurarlagastritis24.online", true },
{ "comocurarlagastritistratamientonatural.com", true },
+ { "comodesinflamarlashemorroides.org", true },
{ "comodo.nl", true },
{ "comodormirmasrapido.com", true },
{ "comodosslstore.com", true },
{ "comoeliminarlaspapulasperladasenelglande.com", true },
{ "comogene.com", true },
{ "comohacerblog.net", true },
+ { "comohacerelamoraunhombrenet.com", true },
{ "comohacerpara.com", true },
{ "comoimportar.net", true },
{ "comopuededejardefumar.net", true },
+ { "comoquitarlacaspa24.com", true },
+ { "comoquitarlasestriasrapidamente.com", true },
{ "comosatisfaceraunhombreenlacamaydejarloloco.com", true },
{ "comosecarabarriga.net", true },
{ "comoseduzir.net", true },
@@ -8321,7 +8440,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "compagniemartin.com", true },
{ "comparatif-moto.fr", true },
{ "compareandrecycle.co.uk", true },
- { "compareandrecycle.com", false },
{ "compareinsurance.com.au", true },
{ "comparesoft.com", true },
{ "comparexcloudcenter.com", true },
@@ -8341,7 +8459,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "completionist.me", true },
{ "complexart.ro", true },
{ "complexorganizations.com", true },
- { "complexsystems.fail", true },
{ "compliance-management.ch", true },
{ "compliance-systeme.de", true },
{ "compliancedictionary.com", true },
@@ -8349,20 +8466,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "compostatebien.com.ar", true },
{ "compoundingrxusa.com", true },
{ "compraneta.com", false },
+ { "compraporinternet.online", true },
+ { "comprarimpresoras-3d.com", true },
{ "comprasoffie.com.br", true },
{ "compreautomacao.com.br", true },
{ "compree.com", true },
{ "compservice.in.ua", true },
+ { "comptrollerofthecurrency.gov", true },
{ "comptu.com", true },
{ "compubench.com", true },
- { "compucastell.ch", true },
{ "compucorner.mx", true },
{ "compunetwor.com", true },
{ "compuplast.cz", true },
{ "computehealth.com", true },
{ "computer-acquisti.com", true },
+ { "computer-menschen.de", true },
{ "computer-science-schools.com", true },
- { "computeracademy.co.za", true },
{ "computerassistance.co.uk", true },
{ "computerbas.nl", true },
{ "computerbase.de", true },
@@ -8377,7 +8496,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "comtily.com", true },
{ "comunidadmontepinar.es", true },
{ "comvos.de", true },
- { "comw.cc", true },
{ "conalcorp.com", true },
{ "conatus.ai", true },
{ "conaudisa.com", false },
@@ -8442,7 +8560,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "connorsmith.co", true },
{ "connyduck.at", true },
{ "conociendosalama.com", true },
- { "conocimientosdigitales.com", true },
{ "conorboyd.info", true },
{ "conory.com", true },
{ "conpath.net", true },
@@ -8452,7 +8569,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "conradsautotransmissionrepair.com", true },
{ "conrail.blue", true },
{ "consagracionamariasantisima.org", true },
- { "consciousbrand.co", true },
{ "consciouschoices.net", true },
{ "consciousnesschange.com", true },
{ "consec-systems.de", true },
@@ -8482,6 +8598,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "constructive.men", true },
{ "consul.io", true },
{ "consulenza.pro", true },
+ { "consultanta-in-afaceri.ro", true },
{ "consultation.biz.tr", true },
{ "consultimator.com", true },
{ "consultimedia.de", true },
@@ -8497,9 +8614,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "contaquanto.com.br", true },
{ "contemplativeeducation.org", true },
{ "content-api-dev.azurewebsites.net", false },
- { "content-design.de", true },
{ "contentcoms.co.uk", true },
- { "contentdesign.de", true },
{ "contentpass.net", true },
{ "contessa32experience.com", true },
{ "contextplatform.com", true },
@@ -8524,7 +8639,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "conversiones.com", true },
{ "conversionsciences.com", true },
{ "convert.im", true },
- { "convert.zone", true },
{ "converticacommerce.com", false },
{ "convexset.org", true },
{ "convocatoriafundacionpepsicomexico.org", false },
@@ -8561,14 +8675,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "coolwallet.io", true },
{ "coonawarrawines.com.au", true },
{ "coopens.com", true },
- { "cooperativehandmade.com", true },
- { "cooperativehandmade.pe", true },
+ { "coor.fun", true },
{ "coore.jp", true },
{ "coorpacademy.com", true },
{ "copdfoundation.org", true },
{ "copinstant.com", true },
{ "copperandtileroofing.com", true },
- { "copperhead.co", true },
{ "copperheados.com", true },
{ "coppermein.co.za", true },
{ "copplaw.com", true },
@@ -8604,7 +8716,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "coresolutions.ca", true },
{ "coreum.ca", true },
{ "coreyjmahler.com", true },
- { "corgi.party", true },
{ "coribi.com", true },
{ "corinastefan.ro", true },
{ "corintech.net", true },
@@ -8622,6 +8733,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "corona-academy.com", true },
{ "corona-renderer.cloud", true },
{ "corona-renderer.com", true },
+ { "coropiacere.org", true },
{ "corourbano.es", true },
{ "corpfin.net", true },
{ "corpio.nl", true },
@@ -8640,6 +8752,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "corpuschristisouthriver.org", true },
{ "corpusslayer.com", true },
{ "corrbee.com", true },
+ { "correct.cf", true },
+ { "correcthorse.cf", true },
{ "correctiv.org", true },
{ "corrick.io", true },
{ "corrupted.io", true },
@@ -8664,16 +8778,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cosmeticappraisal.com", true },
{ "cosmeticasimple.com", true },
{ "cosmeticos-naturales.com", true },
- { "cosmic-os.org", true },
{ "cosmicnavigator.com", true },
{ "cosmintataru.ro", true },
{ "cosmodacollection.com", true },
{ "cosmofunnel.com", true },
{ "cosmundi.de", true },
- { "cosni.co", true },
{ "cosplayer.com", true },
{ "cospol.ch", true },
- { "costa-rica-reisen.ch", true },
{ "costa-rica-reisen.de", true },
{ "costablanca.villas", true },
{ "costablancavoorjou.com", true },
@@ -8698,6 +8809,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "countersolutions.co.uk", true },
{ "countetime.com", true },
{ "countingto.one", true },
+ { "country-creativ.de", true },
{ "countryattire.com", true },
{ "countrybrewer.com.au", true },
{ "countryfrog.uk", true },
@@ -8735,7 +8847,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cozo.me", true },
{ "cozyeggdesigns.com", true },
{ "cp-st-martin.be", true },
- { "cpahunt.com", false },
{ "cpap.com", true },
{ "cpasperdu.com", true },
{ "cpbapremiocaduceo.com.ar", true },
@@ -8770,11 +8881,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crackers4cheese.com", true },
{ "crackle.io", true },
{ "crackorsquad.in", true },
+ { "crackslut.eu", true },
{ "crackstation.net", true },
{ "cradlepointecm.com", true },
{ "craft-verlag.de", true },
{ "craftandbuild.de", true },
{ "craftcommerce.com", true },
+ { "craftinghand.com", false },
{ "craftinginredlipstick.com", true },
{ "craftist.de", true },
{ "craftsmandruggets.com", true },
@@ -8782,7 +8895,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "craftyguy.net", true },
{ "craftyphotons.net", true },
{ "crag.com.tw", true },
- { "craigary.net", true },
{ "craigbates.co.uk", true },
{ "craigfrancis.co.uk", true },
{ "craigleclaireteam.com", true },
@@ -8806,6 +8918,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crazy-coders.com", true },
{ "crazybulk.co.uk", true },
{ "crazybulk.com", true },
+ { "crazybulk.de", true },
{ "crazybulk.fr", true },
{ "crazycastles.ie", true },
{ "crazydomains.ae", true },
@@ -8824,6 +8937,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crea-shops.ch", true },
{ "crea.bg", true },
{ "creadstudy.com", true },
+ { "crealogix-online.com", true },
{ "creamcastles.co.uk", true },
{ "creared.edu.co", true },
{ "createcos.com", true },
@@ -8852,7 +8966,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "creativesurvey.com", true },
{ "creativeweb.biz", true },
{ "creativewolf.net", true },
- { "creativlabor.ch", true },
+ { "creativosonline.org", true },
{ "creatixx-network.de", false },
{ "creators-design.com", true },
{ "creators.direct", true },
@@ -8871,7 +8985,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "credittoken.io", true },
{ "creeks-coworking.com", true },
{ "creep.im", true },
- { "creepycraft.nl", true },
{ "creepypastas.com", true },
{ "creepypastas.net", true },
{ "creer-une-boutique-en-ligne.com", true },
@@ -8887,7 +9000,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cretdupuy.com", true },
{ "creteangle.com", true },
{ "cretica.no", true },
- { "creusalp.ch", true },
{ "crew505.org", true },
{ "crgalvin.com", true },
{ "crgm.net", true },
@@ -8912,7 +9024,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crispinusphotography.com", true },
{ "cristarta.com", true },
{ "cristau.org", true },
- { "cristiandeluxe.com", false },
{ "critical.today", false },
{ "criticalsurveys.co.uk", true },
{ "crizin.io", true },
@@ -8936,6 +9047,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cross-x.com", true },
{ "cross.lol", true },
{ "crossborderreturns.com", true },
+ { "crosscom.ch", true },
{ "crossedwires.net", true },
{ "crossfitblackwater.com", true },
{ "crossfunctional.com", true },
@@ -8980,6 +9092,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crypted.chat", true },
{ "crypteianetworks.com", true },
{ "crypticshell.co.uk", true },
+ { "crypto-armory.com", true },
{ "crypto.cat", false },
{ "crypto.graphics", true },
{ "crypto.is", false },
@@ -9015,13 +9128,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "crystalapp.ca", true },
{ "crystalchandelierservices.com", true },
{ "crystalgrid.net", true },
- { "crystallizedcouture.com", true },
{ "crystaloscillat.com", true },
{ "crystalzoneshop.com", true },
{ "crystone.me", true },
{ "cryz.ru", true },
{ "cs2016.ch", true },
{ "csabg.org", true },
+ { "csacongress.org", true },
{ "csbs.fr", true },
{ "csbuilder.io", true },
{ "csca.me", true },
@@ -9073,6 +9186,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ctomp.io", false },
{ "ctoresms.com", true },
{ "ctpe.net", true },
+ { "ctr.id", true },
{ "ctrl.blog", true },
{ "ctrld.me", true },
{ "cu247secure.ie", true },
@@ -9123,7 +9237,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cup.al", true },
{ "cupcakesandcrinoline.com", true },
{ "cupcao.gov", true },
- { "cupi.co", true },
{ "cupom.net", true },
{ "cuppycakes.fi", true },
{ "cur.by", true },
@@ -9162,6 +9275,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "curveprotect.org", true },
{ "curvesandwords.com", true },
{ "curvissa.co.uk", true },
+ { "curvylove.de", true },
{ "custodyxchange.com", true },
{ "custombikes.cl", true },
{ "customdissertation.com", true },
@@ -9229,6 +9343,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cyberdos.de", false },
{ "cyberduck.io", true },
{ "cyberexplained.info", true },
+ { "cybergates.org", true },
{ "cybergrx.com", true },
{ "cyberguerrilla.info", true },
{ "cyberguerrilla.org", true },
@@ -9236,6 +9351,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cyberianhusky.com", true },
{ "cyberkov.com", true },
{ "cyberlab.kiev.ua", false },
+ { "cyberlegal.co", true },
{ "cyberlightapp.com", true },
{ "cybermeldpunt.nl", true },
{ "cyberogism.com", true },
@@ -9245,6 +9361,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cyberregister.nl", true },
{ "cyberregister.org", true },
{ "cybersafesolutions.com", true },
+ { "cybersantri.com", true },
{ "cyberscan.io", true },
{ "cybersecurity.nz", true },
{ "cybersecurity.run", true },
@@ -9285,7 +9402,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "cylindehea.com", true },
{ "cylindricity.com", true },
{ "cyon.ch", true },
- { "cypad.cn", true },
{ "cyph.audio", true },
{ "cyph.com", true },
{ "cyph.healthcare", true },
@@ -9312,7 +9428,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "czbix.com", true },
{ "czbtm.com", true },
{ "czc.cz", true },
- { "czechamlp.com", true },
{ "czechcrystals.co.uk", true },
{ "czechvirus.cz", true },
{ "czerno.com", true },
@@ -9339,8 +9454,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "d2s.uk", true },
{ "d3lab.net", true },
{ "d3xt3r01.tk", true },
+ { "d3xx3r.de", true },
{ "d42.no", true },
{ "d4done.com", true },
+ { "d4rkdeagle.tk", true },
+ { "d4wson.com", true },
{ "d4x.de", true },
{ "d66.nl", true },
{ "d6c5yfulmsbv6.cloudfront.net", true },
@@ -9385,6 +9503,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dailyhealthguard.com", true },
{ "dailykos.com", true },
{ "dailyrover.com", true },
+ { "dailyroverr.com", true },
{ "dailyxenang.com", true },
{ "daintymeal.com", true },
{ "dairyshrine.org", true },
@@ -9403,7 +9522,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dalb.in", true },
{ "dale-electric.com", true },
{ "dalek.co.nz", true },
- { "dalepresencia.com", true },
{ "dalfsennet.nl", true },
{ "dalingk.com", true },
{ "dallaslu.com", true },
@@ -9412,7 +9530,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dalmatiersheusden.be", true },
{ "damaged.org", true },
{ "damasexpress.com", true },
- { "damedrogy.cz", true },
{ "damejidlo.cz", true },
{ "dameocio.com", true },
{ "damghaem.ir", true },
@@ -9437,7 +9554,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dance-colleges.com", true },
{ "danchen.org", true },
{ "dancingcubs.co.uk", true },
- { "dancingshiva.at", true },
{ "dandenongroadapartments.com.au", true },
{ "daneandthepain.com", true },
{ "dangmai.tk", true },
@@ -9460,7 +9576,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "danielhinterlechner.eu", true },
{ "danielhochleitner.de", true },
{ "danieljamesscott.org", true },
- { "danieljireh.com", true },
{ "danieljstevens.com", true },
{ "danielkoster.nl", true },
{ "daniellockyer.com", true },
@@ -9469,9 +9584,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "danielmorell.com", true },
{ "danielmostertman.com", true },
{ "danielmostertman.nl", true },
+ { "danieln.tech", true },
{ "danielnaaman.com", true },
- { "danielnaaman.net", true },
- { "danielnaaman.org", true },
+ { "danielparker.com.au", true },
{ "danielpeukert.cz", true },
{ "danielran.com", true },
{ "danielrozenberg.com", true },
@@ -9498,6 +9613,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "danminkevitch.com", true },
{ "danna-salary.com", true },
{ "dannhanks.com", true },
+ { "dannicholas.net", true },
{ "danny-tittel.de", true },
{ "danny.fm", true },
{ "dannycairns.com", true },
@@ -9506,6 +9622,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "danonsecurity.com", true },
{ "danotage.tv", true },
{ "danpiel.net", true },
+ { "dansa.com.co", true },
{ "dansage.co", true },
{ "danscomp.com", true },
{ "dansdiscounttools.com", true },
@@ -9527,6 +9644,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dao.spb.su", true },
{ "daoro.net", true },
{ "daphne.informatik.uni-freiburg.de", true },
+ { "dapim.co.il", true },
{ "daplie.com", true },
{ "dapps.earth", true },
{ "dappworld.com", true },
@@ -9543,6 +9661,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "darinkotter.com", true },
{ "darioackermann.ch", true },
{ "darioclip.com", true },
+ { "dariosirangelo.me", true },
{ "darioturchetti.me", true },
{ "darisni.me", true },
{ "dark-infection.de", true },
@@ -9554,6 +9673,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "darkengine.net", true },
{ "darkerlystormy.com", true },
{ "darkerstormy.com", true },
+ { "darkestproductions.net", true },
{ "darkeststar.org", true },
{ "darkfire.ch", true },
{ "darklaunch.com", true },
@@ -9591,6 +9711,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "das-sommercamp.de", true },
{ "dasgeestig.nl", true },
{ "dashboard.run", true },
+ { "dashcloud.co", true },
{ "dashnearby.com", true },
{ "dashwebconsulting.com", true },
{ "dasignsource.com", true },
@@ -9615,6 +9736,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "datagrail.io", true },
{ "dataguidance.com", true },
{ "dataharvest.at", true },
+ { "datahive360.com", true },
{ "datahjalp.nu", true },
{ "datahoarder.xyz", true },
{ "datajobs.ai", true },
@@ -9680,6 +9802,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "davevelopment.net", true },
{ "davewardle.com", true },
{ "david-corry.com", true },
+ { "david-hinschberger.me", true },
{ "david-jeffery.co.uk", true },
{ "david-pearce.com", true },
{ "david-reess.de", true },
@@ -9688,6 +9811,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "davidadrian.org", true },
{ "davidandersson.se", true },
{ "davidbranco.me", true },
+ { "davidbuckell.com", true },
{ "davidcrx.net", true },
{ "daviddever.net", true },
{ "davidfetveit.com", true },
@@ -9721,6 +9845,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "davo-usedcars.be", true },
{ "davy-server.com", true },
{ "davypropper.com", true },
+ { "daw.nz", true },
{ "dawena.de", true },
{ "dawgs.ga", true },
{ "dawnbringer.eu", true },
@@ -9751,6 +9876,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dbldub.net", true },
{ "dbmiller.org", true },
{ "dbmteam.com", true },
+ { "dbmxpca.com", true },
{ "dborcard.com", true },
{ "dbpkg.com", true },
{ "dbq.com", true },
@@ -9780,11 +9906,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dcpower.eu", true },
{ "dcrdev.com", true },
{ "dcw.io", true },
+ { "ddatsh.com", true },
{ "ddays2008.org", true },
{ "ddel.de", true },
{ "dden.ca", true },
{ "ddepot.us", true },
- { "ddholdingservices.com", true },
{ "ddhosted.com", true },
{ "ddns-test.de", true },
{ "ddnsweb.com", true },
@@ -9844,8 +9970,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "debarrasnanterre.com", true },
{ "debbyefurd.com", true },
{ "debie-usedcars.be", true },
- { "debigare.com", true },
- { "debkleinteam.com", true },
{ "debora-singkreis.de", true },
{ "debron-ot.nl", true },
{ "debrusoft.ch", true },
@@ -9856,6 +9980,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "decaffeinated.io", true },
{ "decalquai.ch", true },
{ "decay24.de", true },
+ { "decfun.com", true },
{ "dechat.nl", true },
{ "decher.de", true },
{ "decidetreatment.org", true },
@@ -9877,6 +10002,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "decorestilo.com.br", true },
{ "decosoftware.com", true },
{ "decrousaz-ceramique.ch", true },
+ { "decrypto.net", true },
{ "decs.es", true },
{ "dedelta.net", true },
{ "dedg3.com", true },
@@ -9892,8 +10018,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "deejayevents.ro", true },
{ "deelmijnreis.nl", true },
{ "deep-chess.com", true },
- { "deep.club", true },
- { "deepaero.com", true },
{ "deeparamaraj.com", true },
{ "deepbluecrafting.co.uk", true },
{ "deepblueemail.com", true },
@@ -9918,6 +10042,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "defendinnovation.org", true },
{ "defendtheweb.co.uk", true },
{ "defero.io", true },
+ { "define-atheism.com", true },
+ { "define-atheist.com", true },
+ { "defineatheism.com", true },
+ { "defineatheist.com", true },
{ "deflect.ca", true },
{ "deflumeri.com", true },
{ "deflumeriker.com", true },
@@ -9948,16 +10076,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "deinfoto.ch", true },
{ "deinserverhost.de", true },
{ "deitti.net", true },
- { "dejan.media", true },
{ "dejandayoff.com", true },
{ "dejure.org", true },
{ "dejw.cz", true },
+ { "dekasegi-kansai.com", true },
{ "dekasiba.com", true },
{ "dekeurslagers.nl", true },
{ "dekka.cz", true },
{ "dekkercreativedesign.nl", true },
{ "dekko.io", true },
- { "dekoh-shouyu.com", true },
{ "dekonix.ru", true },
{ "dekulk.nl", true },
{ "delahrzolder.nl", true },
@@ -9974,8 +10101,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "deliciousmedia.net", true },
{ "delicioustable.com", true },
{ "delid.cz", true },
- { "delitto.top", true },
{ "delivery.co.at", true },
+ { "deliveryiquique.cl", true },
{ "dellipaoli.com", true },
{ "delogo.nl", true },
{ "delorenzi.dk", true },
@@ -9991,7 +10118,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "deltaonlineguards.com", true },
{ "deltaservers.com.br", true },
{ "deltasigmachi.org", true },
- { "deltasmart.ch", true },
{ "deltava.org", true },
{ "demarle.ch", true },
{ "dementiapraecox.de", true },
@@ -10001,6 +10127,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "demilletech.net", true },
{ "demiranda.com", true },
{ "demmer.one", true },
+ { "demo.swedbank.se", true },
{ "demo9.ovh", true },
{ "democracychronicles.com", true },
{ "democracyineurope.eu", true },
@@ -10013,7 +10140,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dempsters.ca", false },
{ "demuzere.be", true },
{ "demuzere.com", true },
- { "demuzere.eu", true },
{ "demuzere.net", true },
{ "demuzere.org", true },
{ "denabot.pw", true },
@@ -10038,12 +10164,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dent.uy", true },
{ "dental-colleges.com", true },
{ "dentallaborgeraeteservice.de", true },
+ { "dentechnica.co.uk", true },
{ "dentfix.ro", false },
{ "dentistesdarveauetrioux.com", true },
{ "dentistglasgow.com", true },
{ "dentrassi.de", true },
{ "dentystabirmingham.co.uk", true },
+ { "denvergospelhall.org", true },
{ "denwauranailab.com", true },
+ { "deonlinespecialist.nl", true },
{ "deontology.com", true },
{ "depaddestoeltjes.be", true },
{ "depannage-traceur.fr", true },
@@ -10073,16 +10202,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "derattizzazioni.org", true },
{ "derbuntering.de", true },
{ "derbybouncycastles.com", true },
+ { "derbyware.com", true },
{ "derdewereldrommelmarkt.nl", true },
{ "derechosdigitales.org", true },
{ "dereddingsklos.nl", true },
{ "dereferenced.net", true },
{ "derehamcastles.co.uk", true },
{ "derekheld.com", true },
+ { "derekkent.com", true },
{ "derekseaman.com", true },
{ "derekseaman.studio", true },
{ "dergeilstestammderwelt.de", true },
{ "derhil.de", true },
+ { "derivedata.com", true },
{ "derk-jan.com", true },
{ "derkuki.de", true },
{ "derma-expert.eu", true },
@@ -10105,6 +10237,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "desarrollowp.com", true },
{ "descartes-finance.com", true },
{ "desec.io", true },
+ { "desertmedaesthetics.com", true },
{ "desertsounds.org", true },
{ "desgenst.ch", true },
{ "design-in-bad.eu", true },
@@ -10129,7 +10262,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "deskvip.com", true },
{ "desmaakvanplanten.be", true },
{ "desmo.gg", true },
- { "despachomartinyasociados.com", true },
{ "despertadoronline.com.es", true },
{ "desplats.com.ar", true },
{ "dessinemoilademocratie.ch", true },
@@ -10143,8 +10275,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "desu.ne.jp", true },
{ "desuchan.eu", true },
{ "desuchan.org", true },
- { "desuperheroes.co", true },
{ "det-te.ch", true },
+ { "detalhecomercio.com.br", true },
{ "detalika.ru", true },
{ "detalyedesigngroup.com", true },
{ "detecmon.com", true },
@@ -10157,7 +10289,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "detoxic.vn", true },
{ "detoxsinutritie.ro", true },
{ "detroit-english.de", true },
- { "detroitstylepizza.com", true },
+ { "detroitstylepizza.com", false },
{ "detroitzoo.org", true },
{ "detski.center", true },
{ "detskysad.com", true },
@@ -10166,6 +10298,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "deuchnord.fr", true },
{ "deude.de", true },
{ "deukie.nl", true },
+ { "deumavan.ch", true },
{ "deurenfabriek.nl", true },
{ "deutsch-vietnamesisch-dolmetscher.com", true },
{ "deutsche-seniorenbetreuung.de", true },
@@ -10202,11 +10335,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "developyourelement.com", true },
{ "develux.com", true },
{ "develux.net", true },
- { "devh.net", true },
{ "deviant.email", true },
{ "devillers-occasions.be", true },
{ "devilshakerz.com", true },
- { "deviltraxxx.de", true },
{ "devinfo.net", false },
{ "devirc.net", true },
{ "deviser.wang", true },
@@ -10228,6 +10359,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "devsrvr.ru", true },
{ "devstaff.gr", true },
{ "devstroke.io", true },
+ { "devswag.io", true },
{ "devtty.org", true },
{ "devyn.ca", false },
{ "devzero.io", true },
@@ -10238,6 +10370,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dex.top", true },
{ "dexalo.de", true },
{ "dexigner.com", true },
+ { "dexonrest.azurewebsites.net", true },
{ "deyute.com", true },
{ "dez-online.de", true },
{ "dezeregio.nl", true },
@@ -10266,6 +10399,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dhautefeuille.eu", true },
{ "dhauwer.nl", true },
{ "dhaynes.xyz", true },
+ { "dhbr.org", true },
{ "dhconcept.ch", true },
{ "dheart.net", true },
{ "dhhs.gov", true },
@@ -10276,6 +10410,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "di2pra.com", true },
{ "di2pra.fr", true },
{ "dia-de.com", true },
+ { "dia.com.br", true },
{ "diablovalleytech.com", true },
{ "diadorafitness.es", true },
{ "diadorafitness.it", true },
@@ -10294,6 +10429,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dianurse.com", true },
{ "diare-na-miru.cz", true },
{ "diario-egipto.com", true },
+ { "diaroma.it", true },
{ "diarynote.jp", true },
{ "diasdasemana.com", true },
{ "diasp.org", true },
@@ -10302,6 +10438,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dibiphp.com", true },
{ "diccionarioabierto.com", true },
{ "diccionariodedudas.com", true },
+ { "diccionarqui.com", true },
{ "dice.tokyo", true },
{ "dicelab.co.uk", true },
{ "dicesites.com", true },
@@ -10328,6 +10465,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "didesalud.com", true },
{ "didierghez.com", true },
{ "didigotoffer.com", true },
+ { "didikhari.web.id", true },
{ "die-bergfuehrer.de", true },
{ "die-blahuts.de", true },
{ "die-borts.ch", true },
@@ -10336,6 +10474,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "die-seide.de", true },
{ "die-sinlosen.de", true },
{ "die-speisekammer-reutlingen.de", true },
+ { "diebestengutscheine.de", true },
{ "diedrich.co", true },
{ "diedrich.me", true },
{ "dieecpd.org", true },
@@ -10351,6 +10490,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dienchaninstitute.com", true },
{ "dienstplan.cc", true },
{ "dienstplan.one", true },
+ { "dierabenmutti.de", true },
{ "dierenartsdeconinck.be", true },
{ "dieselanimals.lt", true },
{ "dieselgalleri.com", true },
@@ -10387,7 +10527,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "digilicious.com", true },
{ "digimagical.com", true },
{ "digimedia.cd", false },
- { "digimomedia.co.uk", true },
{ "digioccumss.ddns.net", true },
{ "digipitch.com", true },
{ "digital-compounds.com", true },
@@ -10400,7 +10539,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "digital2web.com", false },
{ "digitalarchitecture.com", true },
{ "digitalbitbox.com", true },
- { "digitalcash.cf", true },
{ "digitalcitizen.life", true },
{ "digitalcitizen.ro", true },
{ "digitalcraftmarketing.co.uk", true },
@@ -10429,10 +10567,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "digitalposition.com", true },
{ "digitalrights.center", true },
{ "digitalrights.fund", true },
+ { "digitalroar.com", true },
{ "digitalskillswap.com", true },
{ "digitalsurge.io", true },
{ "digitaltcertifikat.dk", true },
{ "digitaltechnologies.ltd.uk", true },
+ { "digitalunite.de", true },
{ "digitkon.com", true },
{ "digitreads.com", true },
{ "digminecraft.com", true },
@@ -10486,6 +10626,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dipalma.me", true },
{ "dipdaq.com", true },
{ "dipling.de", true },
+ { "diplomatiq.org", true },
{ "diplona.de", true },
{ "dipulse.it", true },
{ "dir2epub.com", true },
@@ -10524,7 +10665,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dischempharmacie.com", true },
{ "disciples.io", true },
{ "disciplina.io", true },
- { "discipul.nl", true },
{ "discofitta.com", true },
{ "disconformity.net", true },
{ "discord.gg", true },
@@ -10532,6 +10672,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "discordapp.com", true },
{ "discordghost.space", true },
{ "discordia.me", true },
+ { "discordservers.com", true },
{ "discotek.club", true },
{ "discount24.de", true },
{ "discountlumberspokane.com", true },
@@ -10565,6 +10706,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "disinfestazioni.gorizia.it", true },
{ "disinfestazioni.info", true },
{ "disinfestazioni.milano.it", true },
+ { "disinfestazioni.napoli.it", true },
{ "disinfestazioni.net", true },
{ "disinfestazioni.padova.it", true },
{ "disinfestazioni.rimini.it", true },
@@ -10592,7 +10734,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dist-it.com", true },
{ "dist.torproject.org", false },
{ "disti.com", true },
- { "distiduffer.org", true },
{ "distillery.com", true },
{ "distinguishedprisoner.com", true },
{ "distribuidoracristal.com.br", true },
@@ -10613,6 +10754,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "diveidc.com", true },
{ "diveplan.org", true },
{ "divergenz.org", true },
+ { "diversifiedproduct.com", true },
{ "diversityflags.com", true },
{ "diversityflags.com.au", true },
{ "diversityflags.nz", true },
@@ -10651,15 +10793,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "djeung.org", true },
{ "djipanov.com", true },
{ "djleon.net", true },
+ { "djlinux.cz", true },
{ "djlive.pl", true },
{ "djlnetworks.co.uk", true },
{ "djroynomden.nl", true },
{ "djsbouncycastlehire.com", true },
{ "djt-vom-chausseehaus.de", true },
- { "djursland-psykologen.dk", true },
{ "djvintagevinyl.nl", true },
{ "djwaynepryke.com", true },
- { "djz4music.com", false },
{ "dk-kromeriz.cz", true },
{ "dk.com", true },
{ "dk.search.yahoo.com", false },
@@ -10694,10 +10835,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dmatrix.xyz", true },
{ "dmd.lv", true },
{ "dmdd.org.uk", true },
- { "dmeevalumate.com", true },
{ "dmess.ru", true },
{ "dmi.es", true },
{ "dmitry.sh", true },
+ { "dmmkenya.co.ke", true },
{ "dmmultionderhoud.nl", true },
{ "dmparish.com", true },
{ "dmschilderwerken.nl", true },
@@ -10719,12 +10860,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dns-swiss.ch", true },
{ "dns.google.com", true },
{ "dns8.online", true },
+ { "dnsaio.com", true },
{ "dnscrawler.com", true },
{ "dnscrypt.info", true },
{ "dnscurve.io", true },
{ "dnshallinta.fi", true },
{ "dnsinfo.ml", true },
{ "dnsipv6.srv.br", true },
+ { "dnskeep.com", true },
+ { "dnskeeper.com", true },
{ "dnsman.se", true },
{ "dnspod.ml", true },
{ "dnstwister.report", true },
@@ -10734,11 +10878,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "do13.net", true },
{ "do67.de", true },
{ "do67.net", true },
+ { "doanhnhanplus.vn", true },
{ "dobraprace.cz", true },
+ { "dobrev.family", true },
{ "dobrisan.ro", true },
{ "dobsnet.net", true },
{ "doc.python.org", true },
- { "doc.to", true },
+ { "doc.to", false },
{ "doc8643.com", true },
{ "docabo.ch", true },
{ "docbox.ch", true },
@@ -10766,21 +10912,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "doctorwho.cz", true },
{ "docubox.info", true },
{ "docucopies.com", true },
+ { "docudanang.com.vn", true },
{ "documaniatv.com", true },
- { "docupet.com", true },
{ "docusearch.com", true },
+ { "dodds.cc", true },
+ { "dodomu.ddns.net", true },
{ "dodopri.com", true },
{ "doenjoylife.com", true },
{ "does.one", true },
{ "doesburg-comp.nl", true },
{ "dofuspvp.com", true },
{ "dofux.org", true },
- { "dog-blum.com", true },
{ "dogadayiz.net", true },
{ "dogan.ch", false },
{ "dogcontrol.ca", true },
{ "doge.me", true },
- { "doge.town", true },
{ "dogear.ch", true },
{ "dogft.com", true },
{ "doggedbyirs.com", true },
@@ -10834,12 +10980,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "domakidis.com", true },
{ "domaxpoker.com", true },
{ "domeconseil.fr", true },
- { "domein-direct.nl", true },
+ { "domein-direct.nl", false },
{ "domenic.me", true },
{ "domenicam.com", true },
{ "domesticcleaners.co.uk", true },
{ "domhaase.me", true },
- { "domian.cz", true },
{ "dominationgame.co.uk", true },
{ "dominicself.co.uk", true },
{ "dominik-schlueter.de", true },
@@ -10861,7 +11006,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "domster.com", true },
{ "domus-global.com", true },
{ "domus-global.cz", true },
- { "domwkwiatach.pl", true },
{ "domyassignments.com", true },
{ "domycasestudy.com", true },
{ "domycoursework.com", true },
@@ -10902,6 +11046,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "donnaandscottmcelweerealestate.com", true },
{ "donnacha.blog", true },
{ "donnachie.net", true },
+ { "donnajeanbooks.com", true },
{ "donner-reuschel.de", true },
{ "donnons.org", false },
{ "donnoval.ru", false },
@@ -10909,14 +11054,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "donotlink.it", true },
{ "donovand.info", true },
{ "donovankraag.nl", true },
+ { "donpomodoro.com.co", true },
{ "dont.re", true },
{ "dont.watch", true },
+ { "dontbeevil.com", true },
{ "dontbubble.me", true },
{ "dontcageus.org", true },
{ "dontpayfull.com", true },
{ "donttrust.me", true },
{ "donutcompany.co.jp", true },
- { "donzool.es", true },
{ "dooby.fr", true },
{ "dooleylabs.com", true },
{ "dooleytackaberry.com", true },
@@ -10930,9 +11076,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "doorflow.com", true },
{ "doorhandlese.com", true },
{ "doorshingekit.com", true },
+ { "doorswest.net", true },
{ "dopesoft.de", true },
{ "dopetrue.com", true },
- { "doppenpost.nl", true },
+ { "dophys.top", true },
{ "dopply.com", true },
{ "dopravni-modely.cz", true },
{ "dopsi.ch", true },
@@ -10976,6 +11123,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dosvientosoutdoorlighting.com", true },
{ "doswap.com", true },
{ "dosyauzantisi.com", true },
+ { "dot.ro", true },
{ "dot42.no", true },
{ "dota2huds.com", true },
{ "dotacni-parazit.cz", true },
@@ -11016,7 +11164,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "douzer.de", true },
{ "douzer.industries", true },
{ "dovenzorgmalawi.nl", true },
- { "dovro.de", true },
{ "dowell.media", true },
{ "dowellconsulting.com", true },
{ "dowhatmakegood.de", true },
@@ -11034,6 +11181,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "downtimerobot.nl", true },
{ "downtownautospecialists.com", true },
{ "downtownvernon.com", true },
+ { "dox-box.eu", true },
{ "doyoucheck.com", false },
{ "doyouedc.com", true },
{ "doyoutax.com", true },
@@ -11069,6 +11217,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dr-stoetter.de", true },
{ "dr-www.de", true },
{ "dr2dr.ca", true },
+ { "draadloze-noodstop.nl", true },
{ "drabadir.com", true },
{ "drabim.org", true },
{ "drach.xyz", true },
@@ -11090,6 +11239,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "draghive.tv", true },
{ "dragon-chem.eu", true },
{ "dragon-hearts.co.uk", true },
+ { "dragon.nu", true },
{ "dragoncave.me", true },
{ "dragonclean.gr", true },
{ "dragonfly.co.uk", true },
@@ -11106,7 +11256,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dragonsunited.org", true },
{ "dragonwolfpackaquaria.com", true },
{ "dragonwork.me", true },
- { "drahcro.uk", true },
+ { "drainagedirect.com", true },
+ { "draintechnorthwest.net", true },
{ "drakecommercial.com", true },
{ "drakeluce.com", true },
{ "drakenson.de", true },
@@ -11121,7 +11272,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drawingcode.net", true },
{ "drawtwo.gg", true },
{ "drawxp.com", true },
- { "drbethanybarnes.com", true },
{ "drbriones.com", true },
{ "drcarolynquist.com", true },
{ "drchrislivingston.com", true },
@@ -11143,15 +11293,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dreammaker-nw.com", true },
{ "dreammakerremodelil.com", true },
{ "dreammakerutah.com", true },
- { "dreamof.net", true },
+ { "dreamof.net", false },
{ "dreamonkey.com", true },
{ "dreamrae.net", true },
+ { "dreamstream.mobi", true },
{ "dreamstream.network", true },
{ "dreamstream.nl", true },
{ "dreamstream.tv", true },
{ "dreamstream.video", true },
- { "dreamtechie.com", true },
- { "dreatho.com", true },
{ "dreemurr.com", true },
{ "drei01.com", true },
{ "drei01.de", true },
@@ -11169,7 +11318,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dressify.co", true },
{ "dressify.in", true },
{ "drevanbeale.com", true },
- { "drevo-door.cz", true },
+ { "drevo-door.cz", false },
{ "drew.beer", true },
{ "drew.red", true },
{ "drewapianostudio.com", true },
@@ -11183,9 +11332,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drgn.no", true },
{ "drhathazi.hu", true },
{ "drheibel.com", true },
+ { "drhoseyni.com", true },
{ "driesjtuver.nl", true },
{ "driessoftsec.tk", true },
{ "driftdude.nl", true },
+ { "driftingruby.com", true },
{ "drighes.com", true },
{ "drillingsupply.info", true },
{ "drillingsupplystore.com", true },
@@ -11223,8 +11374,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drmcdaniel.com", true },
{ "drms.us", true },
{ "drmtransit.com", true },
+ { "drmyco.net", true },
{ "drnow.ru", true },
{ "drogueriaelbarco.com", true },
+ { "droidandy.com", true },
{ "droidapp.nl", true },
{ "droidgyan.com", true },
{ "droidhere.com", true },
@@ -11251,8 +11404,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drpetervoigt.ddns.net", true },
{ "drpetervoigt.de", true },
{ "drpico.com.au", true },
- { "drpure.top", true },
- { "drrodina.com", true },
{ "drrr.chat", true },
{ "drrr.wiki", true },
{ "drsajjadian.com", true },
@@ -11266,6 +11417,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "drugs.com", true },
{ "drumbe.at", true },
{ "drummondframing.com", true },
+ { "drunkscifi.com", true },
{ "drupal-expert.it", true },
{ "drupal.org", true },
{ "drupalspb.org", true },
@@ -11301,15 +11453,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dshield.org", true },
{ "dsm5.com", true },
{ "dsmjs.com", true },
+ { "dsmstainlessproducts.co.uk", true },
{ "dso-imaging.co.uk", true },
{ "dso-izlake.si", true },
{ "dsol.hu", true },
{ "dssale.com", true },
{ "dstamou.de", true },
+ { "dstat.cc", true },
{ "dsteiner.at", true },
{ "dstvinstallalberton.co.za", true },
+ { "dstvinstalledenvale.co.za", true },
{ "dstvinstallfourways.co.za", true },
+ { "dstvinstallkemptonpark.co.za", true },
{ "dstvinstallrandburg.co.za", true },
+ { "dstvsandton.co.za", true },
+ { "dstvsouthafrica.com", true },
{ "dt27.org", true },
{ "dtbouncycastles.co.uk", true },
{ "dtdsh.com", true },
@@ -11328,6 +11486,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dtx.sk", true },
{ "dualascent.com", true },
{ "dub.cz", true },
+ { "dubai-company.ae", true },
{ "dubaieveningsafari.com", true },
{ "dubbingkursus.dk", true },
{ "dubious-website.com", true },
@@ -11338,12 +11497,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dubtrack.fm", true },
{ "ducalendars.com", true },
{ "duch.cloud", true },
- { "ducius.net", true },
{ "duckbase.com", true },
+ { "duckblade.com", true },
{ "duckduck.horse", true },
{ "duckduckstart.com", true },
{ "duckeight.win", true },
{ "duckinc.net", true },
+ { "duckyubuntu.tk", true },
{ "duct.me", true },
{ "due-diligence-security.com", true },
{ "duerlund-falkenberg.dk", true },
@@ -11385,12 +11545,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dundalkdonnie.com", true },
{ "dunesadventure.net", true },
{ "dungeon-bbs.de", true },
+ { "dunklau.fr", true },
{ "dunkle-seite.org", true },
{ "dunloptrade.com", true },
{ "dunmanelectric.com", true },
{ "duobus.nl", true },
{ "duoluodeyu.com", true },
- { "duonganhtuan.com", true },
{ "duoquadragintien.fr", true },
{ "dupisces.com.tw", true },
{ "dupree.co", true },
@@ -11411,12 +11571,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dusnan.com", true },
{ "dustplanet.de", true },
{ "dustri.org", true },
- { "dustycloth.com", true },
{ "dustygroove.com", true },
{ "dustyspokesbnb.ca", true },
{ "dutch.desi", true },
{ "dutchdare.nl", true },
- { "dutchessuganda.com", true },
{ "dutchforkrunners.com", true },
{ "dutchrank.nl", true },
{ "dutchwanderers.nl", true },
@@ -11446,7 +11604,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dx-revision.com", true },
{ "dxgl.info", true },
{ "dxgl.org", true },
- { "dxm.no-ip.biz", true },
{ "dybuster.at", true },
{ "dybuster.ch", true },
{ "dybuster.com", true },
@@ -11513,6 +11670,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dyscalculia-blog.com", true },
{ "dysthymia.com", true },
{ "dyyn.de", true },
+ { "dzar.nsupdate.info", true },
{ "dzeina.ch", true },
{ "dzet.de", true },
{ "dziary.com", true },
@@ -11526,7 +11684,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "dzsula.hu", true },
{ "dzyabchenko.com", true },
{ "dzyszla.pl", true },
- { "e-apack.com.br", true },
{ "e-bikesdirect.co.uk", true },
{ "e-biografias.net", true },
{ "e-borneoshop.com", true },
@@ -11534,7 +11691,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "e-colle.info", true },
{ "e-cottage.com.br", true },
{ "e-enterprise.gov", false },
- { "e-gemeinde.at", true },
{ "e-hon.link", true },
{ "e-id.ee", true },
{ "e-imzo.uz", true },
@@ -11556,7 +11712,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "e-tonery.cz", true },
{ "e-traceur-france.fr", true },
{ "e-tresor.at", true },
- { "e-tune-mt.net", true },
{ "e-typ.eu", true },
{ "e-verify.gov", false },
{ "e-worksmedia.com", true },
@@ -11597,12 +11752,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "earticleblog.com", true },
{ "earvinkayonga.com", false },
{ "easelforart.com", true },
- { "easez.net", true },
{ "eashwar.com", true },
{ "eastarm.net", true },
{ "eastblue.org", true },
{ "easterncapebirding.co.za", true },
{ "eastlothianbouncycastles.co.uk", true },
+ { "eastman.space", true },
{ "eastmanbusinessinstitute.com", true },
{ "eastnorschool.co.uk", true },
{ "eastplan.co.kr", true },
@@ -11615,7 +11770,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "easyconstat.com", true },
{ "easycosmetic.ch", true },
{ "easycup.com", false },
- { "easydumpsterrental.com", false },
+ { "easydumpsterrental.com", true },
{ "easyeigo.com", true },
{ "easyfiles.ch", true },
{ "easyhaul.com", true },
@@ -11673,7 +11828,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eboutic.ch", true },
{ "eboyer.com", true },
{ "ebpglobal.com", false },
- { "ebrnd.de", true },
{ "ec-current.com", true },
{ "ec.mine.nu", true },
{ "eca.edu.au", true },
@@ -11687,6 +11841,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ecco-verde.com", false },
{ "ecdn.cz", true },
{ "ecfnorte.com.br", true },
+ { "ecfunstalls.com", true },
{ "echatta.net", true },
{ "echatta.org", true },
{ "echi.pw", true },
@@ -11701,6 +11856,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "echoit.net.au", true },
{ "echoit.services", true },
{ "echopaper.com", true },
+ { "echorecovery.org", true },
{ "echosim.io", true },
{ "echosixmonkey.com", true },
{ "echosystem.fr", true },
@@ -11710,7 +11866,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "echternach-immobilien.de", true },
{ "echtes-hutzelbrot.de", true },
{ "echtgeld-casinos.de", true },
- { "ecir.pro", true },
{ "ecir.ru", true },
{ "ecirtam.net", true },
{ "eckel.co", true },
@@ -11754,15 +11909,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "econverter.cloud", true },
{ "ecorp.cc", true },
{ "ecos-ev.de", true },
- { "ecos.srl", true },
{ "ecoshare.info", true },
- { "ecoskif.ru", true },
{ "ecosm.com.au", true },
{ "ecosound.ch", true },
{ "ecostruxureit.com", true },
{ "ecosystem.atlassian.net", true },
{ "ecosystemmanager-uat1.azurewebsites.net", true },
- { "ecosystemmanager.azurewebsites.net", true },
+ { "ecotaxi2airport.com", true },
{ "ecoterramedia.com", true },
{ "ecotur.org", true },
{ "ecovision.com.br", true },
@@ -11828,6 +11981,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "edragneainpuscarie.ro", true },
{ "edsby.com", true },
{ "edservicing.com", true },
+ { "edshogg.co.uk", true },
{ "edsm.net", true },
{ "edstep.com", true },
{ "edtech-hub.com", true },
@@ -11875,7 +12029,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eellak.gr", true },
{ "eelsden.net", true },
{ "eelzak.nl", true },
- { "eemcevn.com", true },
{ "eentweevijf.be", true },
{ "eer.io", true },
{ "eerlijktransport.nl", true },
@@ -11899,7 +12052,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "effero.net", true },
{ "effex.ru", true },
{ "effinfun.com", true },
- { "effizienta.ch", true },
{ "efflam.net", true },
{ "effortlesshr.com", true },
{ "efg-darmstadt.de", false },
@@ -11932,7 +12084,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eggert.org", false },
{ "eggplant.today", true },
{ "egiftcards.be", true },
+ { "eglek.com", true },
{ "egles.eu", true },
+ { "eglisedenantes.fr", true },
{ "ego4u.com", true },
{ "ego4u.de", true },
{ "egoroof.ru", true },
@@ -11948,6 +12102,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ehandel.com", true },
{ "ehazi.hu", true },
{ "ehbssl.com", true },
+ { "ehcommerce.com", true },
{ "eheliche-disziplin.schule", true },
{ "ehertz.uk", true },
{ "ehipaa.com", true },
@@ -11957,11 +12112,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ehne.de", true },
{ "ehomusicgear.com", true },
{ "ehrenburg.info", true },
- { "ehsellert.com", true },
+ { "ehseller.com", true },
{ "ehub.cz", true },
{ "ehub.hu", true },
{ "ehub.pl", true },
{ "ehub.sk", true },
+ { "eiao.me", true },
{ "eichel.eu", true },
{ "eichler.work", true },
{ "eichornenterprises.com", true },
@@ -11978,6 +12134,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eigpropertyauctions.co.uk", true },
{ "eihaikyo.com", true },
{ "eika.as", true },
+ { "eikounoayumi.jp", true },
{ "eilandprojectkeukens.nl", true },
{ "eilhan.com", true },
{ "eimacs.com", true },
@@ -12008,16 +12165,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ejkmuseum.nl", true },
{ "ejknet.nl", true },
{ "ejkwebdesign.nl", true },
- { "ek-networks.de", true },
+ { "ek-networks.de", false },
{ "ekaigotenshoku.com", true },
{ "ekati.ru", true },
+ { "ekawaiishop.com", true },
{ "ekb-avia.ru", true },
{ "ekd.de", true },
{ "ekedc.com", true },
{ "ekedp.com", true },
{ "eklepka.com", true },
{ "eklitzke.org", true },
- { "ekodevices.com", true },
{ "ekokontakt.cz", true },
{ "ekonbenefits.com", true },
{ "ekostecki.de", true },
@@ -12049,11 +12206,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elderjustice.gov", true },
{ "elderoost.com", true },
{ "eldertons.co.uk", true },
+ { "eldevo.com", true },
{ "eldinhadzic.com", true },
{ "eldisagjapi.com", true },
{ "eldrid.ge", true },
{ "eldritchfiction.net", true },
- { "eleaut.com.br", true },
{ "electionsbycounty.com", true },
{ "electionsdatabase.com", true },
{ "electmikewaters.com", true },
@@ -12179,9 +12336,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elettricista-roma.it", true },
{ "elettricista-roma.org", true },
{ "eleusis-zur-verschwiegenheit.de", true },
- { "elevator.ee", true },
{ "elevatoraptitudetest.com", true },
- { "elexel.ru", true },
{ "elexprimidor.com", true },
{ "elexwong.com", true },
{ "elfe.de", true },
@@ -12201,7 +12356,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eliaskordelakos.com", true },
{ "elibom.com", true },
{ "elie.net", true },
- { "elielaloum.com", true },
{ "elifesciences.org", true },
{ "eligibilis.com", true },
{ "eligible.com", true },
@@ -12221,7 +12375,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elite12.de", true },
{ "elitebouncingfun.com", true },
{ "elitegameservers.net", true },
- { "elitehosting.de", false },
{ "elitenutritionoficial.com", true },
{ "elixi.re", true },
{ "elixir.bzh", true },
@@ -12231,7 +12384,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elizabethrominski.com", true },
{ "eljef.me", true },
{ "elkoy.org", true },
- { "ell-net.tokyo", true },
{ "ella-kwikmed.com", false },
{ "ellak.gr", true },
{ "ellegaard.dk", true },
@@ -12252,7 +12404,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elohellp.com", false },
{ "elonaspitze.de", true },
{ "elosrah.com", true },
- { "elosuite.com", true },
{ "elpado.de", true },
{ "elpo.net", true },
{ "elpoderdelespiritu.org", true },
@@ -12260,6 +12411,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "elrinconderovica.com", true },
{ "elsagradocoran.org", true },
{ "elshou.com", true },
+ { "elsignificadodesonar.com", true },
{ "elstopstelten.nl", true },
{ "elsvanderlugt.nl", true },
{ "eltagroup.co.uk", true },
@@ -12288,20 +12440,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "em-biotek.cz", true },
{ "emaging-productions.fr", true },
{ "emaging.fr", true },
- { "emailalaperformance.fr", true },
{ "emailconfiguration.com", true },
{ "emailfuermich.de", true },
{ "emailhunter.co", true },
- { "emailing.alsace", true },
+ { "emailmeform.com", true },
{ "emailprivacytester.com", true },
{ "emailtools.io", true },
{ "emaily.eu", true },
+ { "emanol.co.uk", true },
{ "emanuel.photography", true },
{ "emanuela-gabriela.co.uk", true },
{ "emanuelduss.ch", true },
{ "emanueleanastasio.com", true },
{ "emanuelemazzotta.com", true },
{ "emarketingmatters.com", true },
+ { "emasex.com", true },
{ "embassycargo.eu", true },
{ "emberlife.com", true },
{ "embox.net", true },
@@ -12328,7 +12481,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "emil-reimann.com", true },
{ "emil.click", true },
{ "emilecourriel.com", true },
- { "emiliendevos.be", true },
+ { "emilio.media", true },
{ "emilong.com", true },
{ "emilreimann.de", true },
{ "emils-1910.de", true },
@@ -12345,7 +12498,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "emkanrecords.com", true },
{ "emkei.cz", true },
{ "emkrivoy.com", true },
- { "emma.ca", true },
{ "emmababy420.com", true },
{ "emmagraystore.com", true },
{ "emobilityforum.org", true },
@@ -12360,6 +12512,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "emperor-penguins.com", true },
{ "empese.com", true },
{ "empherino.net", true },
+ { "empire-univ.com", true },
{ "emploi-collectivites.fr", true },
{ "employeeexpress.gov", true },
{ "employer.gov", true },
@@ -12372,6 +12525,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "emporioviverbem.com.br", false },
{ "empower.net", true },
{ "empowerdb.com", true },
+ { "emprechtinger.com", true },
{ "emprego.pt", true },
{ "emprunterlivre.ci", true },
{ "empyrean-advisors.com", true },
@@ -12386,7 +12540,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "en-crypt.me", true },
{ "en-maktoob.search.yahoo.com", false },
{ "en4rab.co.uk", true },
- { "enaim.de", true },
+ { "enaah.de", true },
{ "enalean.com", true },
{ "enamae.net", true },
{ "enbecom.net", true },
@@ -12394,6 +12548,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "encircleapp.com", true },
{ "encnet.de", true },
{ "encode.host", true },
+ { "encoderx.uk", true },
+ { "encore.io", false },
{ "encouragemarketing.com", true },
{ "encredible.de", false },
{ "encredible.org", false },
@@ -12406,12 +12562,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "encryptmysite.net", true },
{ "encuentraprecios.es", true },
{ "encycarpedia.com", true },
+ { "encyclopedia-titanica.org", true },
{ "endeal.nl", true },
{ "ender.co.at", true },
{ "enderbycamping.com", true },
{ "enderszone.com", true },
{ "endingthedocumentgame.gov", true },
+ { "endlessdiy.ca", true },
{ "endlessvideo.com", true },
+ { "endofodo.goip.de", true },
{ "endoftenancycleaninglondon.co.uk", true },
{ "endoftennancycleaning.co.uk", true },
{ "endpointsystems.com", true },
@@ -12424,6 +12583,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "energy-in-balance.eu", true },
{ "energy-infra.nl", true },
{ "energy-initiative.com", true },
+ { "energy.eu", true },
{ "energyatlas.com", true },
{ "energyaupair.se", true },
{ "energycodes.gov", true },
@@ -12447,6 +12607,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "engiedev.net", true },
{ "enginepit.com", true },
{ "enginsight.com", true },
+ { "engl-systems.de", true },
{ "englishbulgaria.net", true },
{ "englishcast.com.br", true },
{ "englishforums.com", true },
@@ -12457,15 +12618,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "enigma.swiss", true },
{ "enijew.com", true },
{ "enitso.de", true },
+ { "enixgaming.com", true },
{ "enjin.io", true },
{ "enjincoin.io", true },
{ "enjinwallet.io", true },
+ { "enjinx.cn", true },
{ "enjinx.io", true },
{ "enjoy-drive.com", true },
{ "enjoy-israel.ru", true },
{ "enjoyphoneblog.it", true },
{ "enlight.no", true },
- { "enlighten10x.ga", true },
{ "enlightenedhr.com", true },
{ "enlightenment.org", true },
{ "enlnf.link", true },
@@ -12499,7 +12661,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "entercenter.ru", true },
{ "enterprisey.enterprises", true },
{ "entersoftsecurity.com", true },
- { "entersynapse.com", false },
{ "entheogens.com", true },
{ "enthusiaformazione.com", true },
{ "entradaweb.cl", true },
@@ -12510,6 +12671,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "entrusted.io", true },
{ "entryboss.cc", true },
{ "entrypoint.sh", true },
+ { "entwickler.land", true },
{ "enuchi.jp", true },
{ "envant.co.uk", true },
{ "enveloppenopmaat.nl", true },
@@ -12538,7 +12700,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "epi.one", true },
{ "epic-vistas.com", true },
{ "epic-vistas.de", true },
- { "epicbouncycastlehirenorwich.co.uk", true },
{ "epicbouncycastles.co.uk", true },
{ "epicdowney.com", true },
{ "epicenter.work", true },
@@ -12547,8 +12708,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "epichouse.net", false },
{ "epicinflatables.co.uk", true },
{ "epickitty.co.uk", true },
- { "epicpages.com", true },
{ "epicsecure.de", true },
+ { "epicsoft.de", false },
{ "epicvistas.com", true },
{ "epicvistas.de", true },
{ "epicwalnutcreek.com", true },
@@ -12594,7 +12755,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "epublibre.org", true },
{ "epyonsuniverse.net", true },
{ "eq-serve.com", true },
- { "eqibank.com", true },
{ "equalcloud.com", true },
{ "equallove.me", true },
{ "equeim.ru", true },
@@ -12609,6 +12769,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "er-mgmt.com", true },
{ "er.tl", true },
{ "er1s.xyz", true },
+ { "erasmo.info", true },
{ "erasmusplusrooms.com", true },
{ "erate.fi", true },
{ "erath.fr", true },
@@ -12639,7 +12800,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ericspeidel.de", true },
{ "ericvaughn-flam.com", true },
{ "ericwie.se", true },
- { "eridanus.uk", true },
+ { "ericyl.com", true },
{ "erigrid.eu", true },
{ "eriix.org", true },
{ "erikheemskerk.nl", true },
@@ -12658,7 +12819,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ero.ink", true },
{ "eron.info", true },
{ "eroskines.com", true },
- { "eroticforce.com", true },
{ "erp-band.ru", true },
{ "erp.band", true },
{ "erpax.com", true },
@@ -12696,7 +12856,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "erythroxylum-coca.com", true },
{ "es-geenen.de", true },
{ "es.search.yahoo.com", false },
- { "esaborit.ddns.net", true },
{ "esafar.cz", false },
{ "esagente.com", true },
{ "esailinggear.com", true },
@@ -12707,7 +12866,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "esc.chat", true },
{ "esc.gov", true },
{ "escael.org", true },
- { "escape2rooms.fr", true },
{ "escapeplaza.de", true },
{ "escapetalk.nl", true },
{ "escargotbistro.com", true },
@@ -12731,7 +12889,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eshspotatoes.com", true },
{ "esibun.net", true },
{ "esigmbh.de", true },
- { "esipublications.com", true },
{ "esite.ch", true },
{ "eskdale.net", true },
{ "eskriett.com", true },
@@ -12777,13 +12934,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "essaychecker.com", true },
{ "essaydirectory.com", true },
{ "essayforsale.net", true },
+ { "essayjob.com", true },
{ "essaynews.com", true },
{ "essaypro.net", true },
{ "essaytalk.com", true },
{ "essaywriting.biz", true },
{ "essca.fr", true },
{ "essenalablog.de", true },
- { "essencesdeprana.org", true },
{ "essenciasparis.com.br", true },
{ "essex.cc", true },
{ "essite.net", true },
@@ -12810,6 +12967,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "estoic.net", true },
{ "estoniantrade.ee", true },
{ "estonoentraenelexamen.com", true },
+ { "estoppels.com", true },
{ "estudiarparaser.com", true },
{ "estudiserradal.com", true },
{ "estufitas.com", true },
@@ -12847,6 +13005,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "etfacta.com", true },
{ "eth-faucet.net", true },
{ "eth0.nl", true },
+ { "etha.nz", true },
{ "ethack.org", true },
{ "ethaligan.fr", true },
{ "ethan.pm", true },
@@ -12855,7 +13014,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ethercalc.org", true },
{ "ethergeist.de", false },
{ "etherium.org", true },
- { "etherpad.fr", true },
{ "etherpad.nl", true },
{ "ethers.news", true },
{ "ethicaldata.co.uk", true },
@@ -12882,9 +13040,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "etudesbibliques.fr", true },
{ "etudesbibliques.net", true },
{ "etudesbibliques.org", true },
+ { "eturist.si", true },
{ "etv.cx", true },
{ "etyd.org", true },
- { "etzi.myds.me", true },
{ "eu-darlehen-finanzierung.de", true },
{ "eu-datenbank.de", true },
{ "eu-gamers.com", true },
@@ -12922,12 +13080,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "euroalter.com", true },
{ "eurocars2000.es", true },
{ "eurocenterobuda.hu", true },
- { "euroconthr.ro", true },
{ "eurodentaire.com", true },
{ "euroflora.com", true },
{ "euroflora.mobi", true },
{ "eurofrank.eu", true },
{ "eurolocarno.es", true },
+ { "europapier.com", true },
{ "europapier.hu", true },
{ "europapier.net", true },
{ "europapier.sk", true },
@@ -12951,6 +13109,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eurousa.us", true },
{ "eurovision.ie", true },
{ "euteamo.cn", true },
+ { "euterpiaradio.ch", true },
{ "eutotal.com", true },
{ "eutram.com", true },
{ "euwid-energie.de", true },
@@ -12959,7 +13118,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eva-select.com", true },
{ "eva.cz", true },
{ "evaartinger.de", true },
- { "evadifranco.com", true },
{ "evafojtova.cz", true },
{ "evailoil.ee", true },
{ "evailoil.eu", true },
@@ -12969,6 +13127,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "evamira.com", true },
{ "evanfiddes.com", true },
{ "evangelicalmagazine.com", true },
+ { "evangelosm.com", true },
{ "evansdesignstudio.com", true },
{ "evantageglobal.com", true },
{ "evanwang0.com", true },
@@ -12978,12 +13137,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "evavolfova.cz", true },
{ "eve.ac", true },
{ "eve0s.com", true },
+ { "eveadmin.azurewebsites.net", true },
{ "evelienzorgt.nl", true },
{ "evelyndayman.com", true },
{ "evemarketer.com", true },
{ "evemodx.com", true },
{ "evenementenhoekvanholland.nl", true },
{ "evenstargames.com", true },
+ { "event-blick.de", true },
{ "event4fun.no", true },
{ "eventaro.com", true },
{ "eventide.space", true },
@@ -13018,7 +13179,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "everygayporn.com", false },
{ "everything-everywhere.com", true },
{ "everythingaccess.com", true },
- { "everythingstech.com", true },
{ "everythinq.com", true },
{ "everytrycounts.gov", false },
{ "everywhere.cloud", true },
@@ -13030,8 +13190,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "evidenceusa.com.br", true },
{ "evidencija.ba", true },
{ "evidentiasoftware.com", true },
- { "evilarmy.com", true },
{ "evilbunnyfufu.com", true },
+ { "evileden.com", true },
{ "evilized.de", true },
{ "evilmartians.com", true },
{ "evilsite.cf", true },
@@ -13042,7 +13202,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "evodation.org", true },
{ "evodia-spirits.de", true },
{ "evok.com.co", false },
- { "evokepk.com", true },
{ "evolutioninflatables.co.uk", true },
{ "evolutionlending.co.uk", true },
{ "evolutionpets.com", true },
@@ -13070,6 +13229,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ewhitehat.com", true },
{ "ewie.name", true },
{ "ewizmo.com", true },
+ { "ewok.io", true },
{ "ewout.io", true },
{ "ewsfeed.com", true },
{ "ewtl.es", true },
@@ -13092,6 +13252,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "excel-utbildning.nu", true },
{ "excelhot.com", true },
{ "excelkurs.one", true },
+ { "excella.me", true },
{ "exceltechdubai.com", true },
{ "exceltechoman.com", true },
{ "exceltobarcode.com", true },
@@ -13114,15 +13275,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "exeria.de", true },
{ "exexcarriers.com", true },
{ "exgen.io", true },
- { "exhaledayspa.com.au", true },
{ "exhalespa.com", true },
{ "exhibityour.com", true },
{ "exiahost.com", true },
{ "exit9wineandliquor.com", true },
{ "exitooutdoor.com", true },
+ { "exmart.ng", true },
{ "exmoe.com", true },
{ "exon.io", true },
- { "exoplatform.com", true },
{ "exordiumconcepts.com", true },
{ "exoscale.ch", true },
{ "exoscale.com", true },
@@ -13222,6 +13382,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "exxo.tk", true },
{ "exyplis.com", true },
{ "eydesignguidelines.com", true },
+ { "eye-encounters.com", true },
{ "eyeandfire.com", true },
{ "eyecandy.gr", true },
{ "eyeglasses.com", false },
@@ -13234,15 +13395,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "eynio.com", true },
{ "eyona.com", true },
{ "eyps.net", true },
+ { "eyrelles-tissus.com", true },
{ "eyyit.com", false },
{ "eyyubyilmaz.com", true },
{ "ez3d.eu", true },
{ "ezakazivanje.rs", true },
{ "ezdog.press", true },
- { "ezequiel-garzon.net", true },
{ "ezesec.com", true },
{ "ezgif.com", true },
{ "ezhik-din.ru", true },
+ { "ezpzdelivery.com", true },
{ "eztvtorrent.com", true },
{ "ezwritingservice.com", true },
{ "ezzhole.net", true },
@@ -13281,7 +13443,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fabian-klose.com", true },
{ "fabian-klose.de", true },
{ "fabian-klose.net", true },
- { "fabian-koeppen.de", true },
{ "fabianackle.ch", true },
{ "fabianbeiner.com", false },
{ "fabianbeiner.de", false },
@@ -13342,6 +13503,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "faelix.net", true },
{ "faerb.it", true },
{ "faerie-art.com", true },
+ { "faeservice.eu", true },
+ { "fafarishoptrading.com", true },
{ "fahnamporn.com", true },
{ "fahnen-fanwelt.de", true },
{ "fahrenwal.de", true },
@@ -13382,10 +13545,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "falaeapp.org", true },
{ "falaowang.com", true },
{ "falbros.com", true },
+ { "falce.in", true },
+ { "falcema.com", true },
{ "falcona.io", true },
{ "falconfrag.com", true },
{ "falconvintners.com", true },
- { "falcoz.co", true },
+ { "falcoz.co", false },
{ "faldoria.de", true },
{ "falegname-roma.it", true },
{ "falkhusemann.de", true },
@@ -13411,6 +13576,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "familie-kruithof.nl", true },
{ "familie-kupschke.de", true },
{ "familie-leu.ch", true },
+ { "familie-mischak.de", true },
{ "familie-monka.de", true },
{ "familie-poeppinghaus.de", true },
{ "familie-remke.de", true },
@@ -13451,6 +13617,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fantastici.de", true },
{ "fantasticservices.com", true },
{ "fantasticservicesgroup.com.au", true },
+ { "fantasy-judo.com", true },
{ "fantasycastles.co.uk", true },
{ "fantasycdn.com", true },
{ "fantasydrop.com", true },
@@ -13465,12 +13632,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fanyue123.tk", true },
{ "fanz.pro", true },
{ "fanzlive.com", true },
+ { "fapplepie.com", true },
{ "faq.ie", true },
{ "fara.gov", true },
{ "faradji.nu", true },
{ "faradome.ws", true },
{ "faraslot8.com", true },
{ "farcecrew.de", true },
+ { "farces.com", false },
{ "farfallapets.com.br", true },
{ "farfetchos.com", true },
{ "fargtorget.se", true },
@@ -13487,15 +13656,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "faroes.net", true },
{ "faroes.org", true },
{ "farrel-f.cf", true },
- { "farrel-f.id", true },
{ "farrel-f.tk", true },
{ "farrelf.blog", true },
- { "farsil.eu", true },
{ "fart.wtf", true },
{ "farthing.xyz", true },
{ "farwat.ru", true },
{ "faschingmd.com", true },
- { "fascia.fit", true },
{ "fashion-stoff.de", true },
{ "fashion24.de", true },
{ "fashion4ever.pl", true },
@@ -13529,8 +13695,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fastcash.com.br", true },
{ "fastcomcorp.com", true },
{ "fastcommerce.org", true },
- { "fastcp.top", true },
{ "fastest-hosting.co.uk", true },
+ { "fastforwardsociety.nl", true },
{ "fastforwardthemes.com", true },
{ "fastlike.co", true },
{ "fastmail.com", false },
@@ -13539,10 +13705,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fastrevision.com", true },
{ "fastvistorias.com.br", true },
{ "faszienrollen-info.de", false },
+ { "fatalerrorcoded.eu", true },
{ "fateandirony.com", true },
{ "fatecdevday.com.br", true },
{ "fatedata.com", true },
{ "fateitalia.it", true },
+ { "fatherhood.gov", true },
{ "fathers4equalrights.org", true },
{ "fatidique.com", true },
{ "fatimamoldes.com.br", true },
@@ -13620,7 +13788,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fedshirevets.gov", true },
{ "fedux.com.ar", true },
{ "fedvan.com", true },
- { "fee-hosting.com", true },
{ "feedbin.com", false },
{ "feedfall.com", true },
{ "feedhq.org", true },
@@ -13654,10 +13821,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "feisim.org", true },
{ "feistyduck.com", true },
{ "feizhujianzhi.com", true },
- { "fejes.house", true },
{ "feld.design", true },
{ "feld.saarland", true },
{ "feldhousen.com", true },
+ { "feldmann-stachelscheid.de", true },
{ "felett.es", true },
{ "feli.games", true },
{ "felicifia.org", true },
@@ -13668,7 +13835,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "felixcrux.com", true },
{ "felixgenicio.com", true },
{ "felixkauer.de", true },
- { "felixqu.com", true },
{ "felixsanz.com", true },
{ "felixseele.de", true },
{ "felsing.net", true },
@@ -13677,6 +13843,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "femastudios.com", true },
{ "femiluna.com", true },
{ "feminina.pt", true },
+ { "feminism.lgbt", true },
{ "femradio.es", true },
{ "femtomind.com", true },
{ "fence-stlouis.com", true },
@@ -13709,6 +13876,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ferret.zone", true },
{ "ferreteriaxerez.com", true },
{ "ferrolatino.ch", true },
+ { "ferrone.ru", true },
{ "ferrousmoon.com", true },
{ "ferry.tw", true },
{ "ferticare.pt", true },
@@ -13743,13 +13911,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ff-obersunzing-niedersunzing.de", true },
{ "ff14-mstdn.xyz", false },
{ "ffb.gov", false },
- { "ffbans.org", true },
{ "ffbsee.net", true },
+ { "ffh.me", true },
{ "ffiec.gov", true },
{ "ffis.me", true },
{ "ffkoenigsberg.de", true },
{ "ffmradio.de", true },
{ "ffprofile.com", true },
+ { "ffrev.de", true },
+ { "ffsociety.nl", true },
{ "ffta.eu", true },
{ "ffw-zeven.de", true },
{ "ffzeven.de", true },
@@ -13786,10 +13956,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fidelis-it.net", true },
{ "fidhouriet.ch", true },
{ "fiduciaire-ratio.ch", true },
- { "fieldwork-paysage.com", true },
+ { "fieldwork-paysage.com", false },
{ "fierlafijn.net", true },
{ "fierscleaning.nl", true },
{ "fiery.me", true },
+ { "fiestagenial.com", true },
{ "fifautstore.com", true },
{ "fifei.de", true },
{ "fifichachnil.paris", true },
@@ -13806,7 +13977,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "figurasdelinguagem.com.br", true },
{ "figure.nz", true },
{ "fiilr.com", true },
- { "fiissh.tech", true },
{ "fiix.io", true },
{ "fijnefeestdageneneengelukkignieuwjaar.nl", true },
{ "fijnewoensdag.nl", true },
@@ -13844,6 +14014,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "filmers.net", true },
{ "filmesonline.online", true },
{ "filmitis.com", true },
+ { "filmovizija.mk", true },
{ "filmreviewonline.com", true },
{ "filmserver.de", true },
{ "filmsite-studio.com", true },
@@ -13883,11 +14054,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "findthatnude.com", true },
{ "findyourtrainer.com", true },
{ "findyourvoice.ca", true },
- { "fine-services.paris", true },
- { "finecocoin.io", true },
+ { "finecocoin.io", false },
+ { "finecraft.cc", true },
{ "finefriends.nl", true },
{ "finelovedolls.com", true },
{ "finenet.com.tw", true },
+ { "finesoon.net", true },
{ "finevegashomes.com", true },
{ "finfev.de", true },
{ "finflix.net", true },
@@ -13906,6 +14078,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fintry.ca", true },
{ "finvantage.com", true },
{ "finwe.info", true },
+ { "finzy.com", true },
{ "fionafuchs.de", true },
{ "fionamcbride.com", true },
{ "fioristionline.it", true },
@@ -13926,6 +14099,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "firefly-iii.org", true },
{ "firegoby.jp", true },
{ "firegore.com", true },
+ { "firekoi.com", true },
{ "fireleadership.gov", true },
{ "firemudfm.com", true },
{ "firenza.org", true },
@@ -13939,6 +14113,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "firevap.org", true },
{ "firewallconsultants.com", true },
{ "fireworksshowvr.com", true },
+ { "firexfly.com", true },
{ "firma-cerny.cz", true },
{ "firma-offshore.com", true },
{ "firmament.space", true },
@@ -13960,7 +14135,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "firstinnovationltd.com", true },
{ "firstmall.de", true },
{ "firstq.xyz", true },
- { "fischer-its.com", false },
{ "fischer-kundendienst.de", true },
{ "fischers.cc", true },
{ "fischers.it", true },
@@ -13978,6 +14152,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fishserver.net", true },
{ "fishtacos.blog", true },
{ "fisinfomanagerdr.com", true },
+ { "fisiobox.eu", true },
+ { "fiskalnepretor.pl", true },
{ "fistu.la", true },
{ "fit-4u.ch", true },
{ "fit-mit-nina.com", true },
@@ -13989,6 +14165,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fitmeat.at", true },
{ "fitness-challenge.co.uk", true },
{ "fitness.gov", true },
+ { "fitseven.ru", true },
{ "fittelo.cz", true },
{ "fitzsim.org", true },
{ "fiuxy.bz", true },
@@ -14075,6 +14252,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fleuryfleury.com", true },
{ "flexapplications.se", true },
{ "flexfunding.com", true },
+ { "fleximaal.com", true },
{ "fleximal.com", true },
{ "fleximus.org", false },
{ "flexport.com", true },
@@ -14082,6 +14260,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "flextrack.dk", true },
{ "fliacuello.com.ar", true },
{ "flickcritter.com", true },
+ { "flieger-funk-runde.de", true },
{ "fliesen-waldschmidt.de", true },
{ "flight.school", true },
{ "flightdeckfriend.com", true },
@@ -14132,7 +14311,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "floresvilleedc.org", true },
{ "florian-bachelet.fr", true },
{ "florian-thie.de", true },
- { "florian2833z.de", true },
{ "floriankarmen.com", true },
{ "floriankeller.de", true },
{ "florianmitrea.uk", true },
@@ -14158,7 +14336,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "flowinvoice.com", true },
{ "flowreader.com", true },
{ "flra.gov", true },
- { "flucky.xyz", true },
{ "fluffycloud.de", true },
{ "fluggesellschaft.de", true },
{ "fluhrers.de", true },
@@ -14194,7 +14371,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "flypenge.dk", true },
{ "flyserver.co.il", true },
{ "flyshe.co.uk", true },
- { "flyssh.net", true },
{ "flyswoop.com", true },
{ "flyt.online", true },
{ "flytoadventures.com", true },
@@ -14223,6 +14399,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "focuspointtechnologies.com", true },
{ "foej-aktiv.de", true },
{ "foej.net", true },
+ { "foerster.gmbh", true },
{ "fogpublishingph.com", true },
{ "fogway.net", true },
{ "foia.gov", true },
@@ -14249,6 +14426,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "foluomeng.net", true },
{ "folv.es", true },
{ "folwark.krakow.pl", true },
+ { "folwarkwiazy.pl", true },
{ "fomopop.com", true },
{ "fondationwiggli.ch", true },
{ "fondsdiscountbroker.de", true },
@@ -14267,6 +14445,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "foodattitude.ch", true },
{ "foodblogger.club", true },
{ "foodev.de", true },
+ { "foodloader.net", true },
{ "foodsafety.gov", true },
{ "foodsafetyjobs.gov", true },
{ "foodsouvenirs.it", true },
@@ -14302,12 +14481,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "foresdon.jp", true },
{ "foresthillhomes.ca", true },
{ "forestraven.net", true },
+ { "foreverssl.com", true },
{ "foreversummertime.com", true },
{ "forewordreviews.com", true },
{ "forex.ee", true },
{ "forexchef.de", true },
{ "forexee.com", true },
- { "forexsignals7.com", true },
{ "forextickler.com", true },
{ "forextimes.ru", false },
{ "forfunssake.co.uk", true },
@@ -14321,6 +14500,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "formation-assureur.com", true },
{ "formation-mac.ch", true },
{ "formationseeker.com", true },
+ { "formbetter.com", true },
{ "formini.dz", true },
{ "formsbyair.com", true },
{ "formula-ot.ru", true },
@@ -14334,7 +14514,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "forokd.com", true },
{ "forologikidilosi.com.gr", true },
{ "forourselves.com", true },
- { "forpc.us", true },
{ "forrestheller.com", true },
{ "forro.berlin", true },
{ "forro.info", true },
@@ -14343,8 +14522,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "forsec.nl", true },
{ "forstbetrieb-hennecke.de", true },
{ "forstprodukte.de", true },
+ { "fort.eu", true },
{ "forteggz.nl", true },
{ "fortesanshop.it", true },
+ { "fortknox.cz", true },
{ "fortnine.ca", true },
{ "fortnitemagic.ga", true },
{ "fortran.io", true },
@@ -14410,6 +14591,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "foutrelis.com", true },
{ "fowlervwparts.com", true },
{ "fowlsmurf.net", true },
+ { "fox.my", false },
{ "foxbnc.co.uk", true },
{ "foxdev.co", true },
{ "foxesare.sexy", true },
@@ -14420,6 +14602,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "foxquill.com", true },
{ "foxstreetcomms.co.za", true },
{ "fpaci.org", true },
+ { "fpasca.com", true },
{ "fpc.gov", false },
{ "fpersona.com", true },
{ "fpgradosuperior.com", true },
@@ -14435,6 +14618,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fracreazioni.it", true },
{ "fraesentest.de", true },
{ "fragmentspuren.de", true },
+ { "fragrances.bg", true },
{ "fragstore.net", true },
{ "fraho.eu", true },
{ "framapiaf.org", true },
@@ -14481,6 +14665,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "frankwei.xyz", true },
{ "frankyan.com", true },
{ "frantic1048.com", true },
+ { "frantorregrosa.me", true },
{ "franz-vatter.de", true },
{ "franz.beer", true },
{ "franziska-pascal.de", true },
@@ -14506,64 +14691,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "frdl.ch", true },
{ "freaksites.dk", true },
{ "freaksports.com.au", true },
- { "freakyaweso.me", true },
+ { "freakyawesome.agency", true },
+ { "freakyawesome.art", true },
{ "freakyawesome.band", true },
- { "freakyawesome.blog", true },
- { "freakyawesome.club", true },
- { "freakyawesome.co", true },
- { "freakyawesome.company", true },
- { "freakyawesome.email", true },
- { "freakyawesome.events", true },
- { "freakyawesome.fashion", true },
- { "freakyawesome.fitness", true },
- { "freakyawesome.fm", true },
- { "freakyawesome.fun", true },
- { "freakyawesome.fyi", true },
- { "freakyawesome.games", true },
- { "freakyawesome.guide", true },
- { "freakyawesome.guru", true },
- { "freakyawesome.info", true },
- { "freakyawesome.io", true },
- { "freakyawesome.life", true },
- { "freakyawesome.live", true },
- { "freakyawesome.marketing", true },
- { "freakyawesome.me", true },
- { "freakyawesome.media", true },
- { "freakyawesome.network", true },
- { "freakyawesome.news", true },
- { "freakyawesome.online", true },
+ { "freakyawesome.business", true },
+ { "freakyawesome.ca", true },
+ { "freakyawesome.co.uk", true },
+ { "freakyawesome.in", true },
+ { "freakyawesome.net", true },
{ "freakyawesome.org", true },
- { "freakyawesome.photography", true },
- { "freakyawesome.photos", true },
- { "freakyawesome.press", true },
- { "freakyawesome.recipes", true },
- { "freakyawesome.rentals", true },
- { "freakyawesome.reviews", true },
- { "freakyawesome.services", true },
- { "freakyawesome.shop", true },
- { "freakyawesome.site", true },
- { "freakyawesome.social", true },
- { "freakyawesome.software", true },
- { "freakyawesome.solutions", true },
- { "freakyawesome.store", true },
- { "freakyawesome.team", true },
- { "freakyawesome.tips", true },
- { "freakyawesome.today", true },
- { "freakyawesome.tours", true },
- { "freakyawesome.tv", true },
- { "freakyawesome.video", true },
- { "freakyawesome.website", true },
- { "freakyawesome.work", true },
- { "freakyawesome.world", true },
- { "freakyawesome.xyz", true },
- { "frebi.org", true },
- { "frebib.co.uk", true },
- { "frebib.com", true },
- { "frebib.net", true },
{ "freddieonfire.tk", false },
{ "freddyfazbearspizzeria.com", true },
{ "freddysfuncastles.co.uk", true },
- { "fredericcote.com", true },
{ "frederik-braun.com", false },
{ "frederikvig.com", true },
{ "fredloya.com", true },
@@ -14573,6 +14712,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "free-ss.site", true },
{ "free.ac.cn", true },
{ "free.com.tw", true },
+ { "freeassangenow.org", true },
{ "freeasyshop.com", true },
{ "freebarrettbrown.org", true },
{ "freebcard.com", true },
@@ -14582,7 +14722,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "freebus.org", true },
{ "freecam2cam.site", true },
{ "freecloud.at", true },
- { "freecookies.nl", true },
{ "freecycleusa.com", true },
{ "freedev.cz", true },
{ "freedom.nl", true },
@@ -14602,12 +14741,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "freeinoutboard.com", true },
{ "freejasongoudlock.org", true },
{ "freejeremy.net", true },
+ { "freekdevries.nl", true },
+ { "freeks.com.br", true },
{ "freela.ch", true },
{ "freelance.boutique", true },
{ "freelance.guide", true },
{ "freelance.nl", true },
{ "freelanceessaywriters.com", true },
{ "freelancehunt.com", true },
+ { "freelancejobs.org.uk", true },
{ "freelauri.com", true },
{ "freelifer.jp", true },
{ "freelo.cz", true },
@@ -14622,7 +14764,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "freenetproject.org", true },
{ "freeonplate.com", true },
{ "freepnglogos.com", true },
- { "freepoints.us", true },
{ "freepublicprofile.com", true },
{ "freergform.org", true },
{ "freeshell.de", true },
@@ -14639,8 +14780,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "freesslcertificate.me", true },
{ "freethetv.ie", true },
{ "freetsa.org", true },
- { "freevps.us", false },
{ "freeweibo.com", true },
+ { "freewoodfactory.com", true },
{ "freeyourmusic.com", true },
{ "freezion.com", true },
{ "frei.social", true },
@@ -14656,8 +14797,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "freifunk-remscheid.de", true },
{ "freimeldungen.de", true },
{ "freims.cc", true },
- { "freitasul.com.br", true },
- { "freitasul.io", true },
{ "freiwurst.net", true },
{ "freizeitbad-riff.de", true },
{ "freizeitplaza.de", true },
@@ -14675,6 +14814,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "freshislandfish.com", true },
{ "freshlymind.com", true },
{ "freshmaza.net", true },
+ { "freshpounds.com", true },
{ "fretscha.com", true },
{ "frettirnar.is", true },
{ "fretworksec.com", true },
@@ -14692,6 +14832,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "friederloch.de", true },
{ "friedrich-foto-art.de", true },
{ "friedsamphotography.com", true },
+ { "friendlysiberia.com", true },
{ "friendowment.us", true },
{ "friends-of-naz.com", true },
{ "friends-socialgroup.org", true },
@@ -14714,6 +14855,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fritzrepair.com", true },
{ "frizo.com", true },
{ "frly.de", true },
+ { "frnco.uk", true },
{ "frob.nl", true },
{ "froehliche-hessen.de", true },
{ "frogatto.com", true },
@@ -14804,7 +14946,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fuglede.dk", true },
{ "fuite.ch", true },
{ "fuites.ch", true },
+ { "fujianshipbuilding.com", true },
{ "fujiwaraqol.com", true },
+ { "fujiwarashinzo.com", true },
{ "fukakukeiba.com", true },
{ "fukikaeru.com", true },
{ "fukuiedu.com", true },
@@ -14819,6 +14963,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fullbundle.com", true },
{ "fullereno.com", true },
{ "fullerlife.org.uk", true },
+ { "fullfilez.com", true },
{ "fullhost.com", true },
{ "fullhub.ru", true },
{ "fullmatch.net", true },
@@ -14834,6 +14979,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fun4ubouncycastles.co.uk", true },
{ "fun888city.com", true },
{ "fun888city.net", true },
+ { "fun88city.com", true },
{ "funadvisor.ca", true },
{ "funadvisorfrance.com", true },
{ "funandbounce.com", true },
@@ -14845,7 +14991,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fundays.nl", true },
{ "fundchan.com", true },
{ "fundeego.com", true },
- { "fundingempire.com", true },
{ "fundort.ch", true },
{ "funds.ddns.net", true },
{ "funfactorleeds.co.uk", true },
@@ -14862,6 +15007,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "funkygamer1.de", true },
{ "funniestclip.com", true },
{ "funnybikini.com", true },
+ { "funoverip.net", true },
{ "funsochi.ru", true },
{ "funspins.com", true },
{ "funtasticinflatablesdurham.co.uk", true },
@@ -14871,9 +15017,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "funtimeentertainment.co.uk", true },
{ "funtimesbouncycastles.co.uk", true },
{ "fur.red", true },
- { "furaje-iasi.com", true },
{ "furcdn.net", true },
- { "furcity.me", true },
+ { "furgetmeknot.org", true },
{ "furgo.love", true },
{ "furigana.info", true },
{ "furkancaliskan.com", true },
@@ -14891,7 +15036,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "furry.dk", true },
{ "furrybot.me", true },
{ "furrytech.network", true },
- { "furrytf.club", true },
+ { "furrytf.club", false },
{ "furryyiff.site", true },
{ "fursuitbutts.com", true },
{ "fusa-miyamoto.jp", true },
@@ -14901,6 +15046,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fusiongaming.de", true },
{ "fussball-xxl.de", true },
{ "fussell.io", true },
+ { "fuszara.eu", true },
{ "futa.moe", true },
{ "futaba-works.com", true },
{ "futagro.com", true },
@@ -14914,6 +15060,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "futurehack.io", true },
{ "futurenda.com", true },
{ "futureoceans.org", true },
+ { "futuressm.com", true },
{ "futuretimes.io", true },
{ "futurezone.at", true },
{ "futurope.com", true },
@@ -14947,7 +15094,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "fxwebsites.com.au", true },
{ "fxwebsites.net.au", true },
{ "fxwebstudio.net.au", true },
- { "fydjbsd.cn", true },
{ "fyfywka.com", true },
{ "fyksen.me", true },
{ "fyn.nl", true },
@@ -14984,7 +15130,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "g3rv4.com", true },
{ "g4w.co", true },
{ "g5.gov", true },
- { "g6666g.tk", true },
{ "g8energysolutions.co.uk", true },
{ "gaaz.fr", true },
{ "gabe565.com", true },
@@ -14992,6 +15137,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gabecook.com", true },
{ "gabemack.com", true },
{ "gabinetpsychoterapii.krakow.pl", true },
+ { "gabiocs.com", true },
{ "gabriel.to", true },
{ "gabriele.tips", true },
{ "gabrielsteens.nl", true },
@@ -15010,7 +15156,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gaflooring.com", true },
{ "gafunds.com", true },
{ "gagliarducci.it", true },
- { "gagne-enterprises.com", true },
{ "gagne.tk", true },
{ "gagnerplusdargent.info", true },
{ "gagniard.org", true },
@@ -15025,24 +15170,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gaitandmobility.com", true },
{ "gaitrehabilitation.com", true },
{ "gaitresearch.com", true },
- { "gakkainavi-epsilon.jp", true },
{ "gakkainavi-epsilon.net", true },
{ "gakkainavi.jp", true },
+ { "gakkainavi.net", true },
{ "gakkainavi4.jp", true },
{ "gakkainavi4.net", true },
{ "gaku-architect.com", true },
- { "gala.kiev.ua", false },
{ "galabau-maurmann.de", true },
{ "galacg.me", true },
{ "galactic-crew.org", true },
{ "galak.ch", true },
{ "galanight.cz", true },
{ "galaxy.edu.pe", true },
+ { "galaxymimi.com", true },
{ "galecia.com", true },
{ "galeria42.com", true },
{ "galerialottus.com.br", true },
{ "galeriarr.pl", true },
- { "galeriart.xyz", true },
{ "galeries.photo", true },
{ "galilahiskye.com", true },
{ "galileanhome.org", true },
@@ -15050,7 +15194,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "galinas-blog.de", true },
{ "galinos.gr", true },
{ "galle.cz", true },
- { "gallerify.eu", true },
{ "galletasgabi.com.mx", false },
{ "galleyfoods.com", true },
{ "gallicrooster.com", true },
@@ -15067,6 +15210,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gambitprint.com", true },
{ "gamblerhealing.com", true },
{ "gamblersgaming.eu", true },
+ { "game-files.net", false },
+ { "game-topic.ru", true },
{ "game4less.com", true },
{ "game7.de", true },
{ "game88city.net", true },
@@ -15114,12 +15259,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gamingrealms.net", true },
{ "gamingwithcromulent.com", true },
{ "gamingzoneservers.com", true },
+ { "gamisalya.com", true },
{ "gamishou.fr", true },
{ "gamismodernshop.com", true },
{ "gamismurahonline.com", true },
{ "gamivo.com", true },
{ "gamoloco.com", true },
- { "gan.wtf", true },
{ "ganado.org", true },
{ "ganaenergia.com", true },
{ "ganasoku.net", true },
@@ -15192,10 +15337,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gaussianwaves.com", true },
{ "gauthier.dk", true },
{ "gautvedt.no", true },
+ { "gavin.sh", true },
{ "gavins.stream", true },
{ "gavinsblog.com", true },
{ "gawrimanecuta.com", true },
{ "gaycc.cc", true },
+ { "gayhotti.es", true },
{ "gaymerconnect.net", true },
{ "gaymerx.com", true },
{ "gaymerx.net", true },
@@ -15210,6 +15357,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gbcsummercamps.com", true },
{ "gbl.selfip.net", true },
{ "gboys.net", true },
+ { "gbs-uk.com", true },
{ "gc-mc.de", true },
{ "gc.gy", true },
{ "gc.ru.net", true },
@@ -15231,7 +15379,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gdpr-pohotovost.cz", true },
{ "gdv.me", true },
{ "gdz-spishy.com", true },
- { "gdz.tv", true },
{ "ge3k.net", false },
{ "gear4you.shop", true },
{ "gearallnews.com", true },
@@ -15254,8 +15401,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gee.is", true },
{ "geecrat.com", true },
{ "geek-hub.de", true },
- { "geek.ch", true },
- { "geek1.de", true },
{ "geekabit.nl", true },
{ "geekandi.com", true },
{ "geekariom.com", true },
@@ -15290,6 +15435,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "geigenbauer.in", false },
{ "geiser-family.ch", true },
{ "geisser-elektronikdata.de", true },
+ { "geitenijs.com", true },
{ "gelb-computer.de", true },
{ "geld-im-blick.de", true },
{ "geld24.nl", true },
@@ -15304,12 +15450,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "geluidsstudio.com", true },
{ "geluk.io", true },
{ "gem-indonesia.net", false },
+ { "gem-info.fr", true },
{ "gemeentemolenwaard.nl", true },
{ "gemeinsam-ideen-verwirklichen.de", true },
{ "gemgroups.in", true },
{ "gemini.com", true },
{ "gemquery.com", true },
- { "genbright.com", true },
{ "genchev.io", true },
{ "gencmedya.com", true },
{ "genderidentiteit.nl", true },
@@ -15364,7 +15510,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gentoo-blog.de", true },
{ "gentooblog.de", true },
{ "genusshotel-riegersburg.at", true },
- { "genuxtsg.com", true },
{ "geocar.com", true },
{ "geocompass.at", true },
{ "geofox.org", true },
@@ -15384,7 +15529,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "george-orwell.com", true },
{ "georgebrighton.co.uk", true },
{ "georgecolgrove.com", true },
- { "georgehalachev.com", true },
+ { "georgedesign.ch", true },
{ "georgemaschke.com", true },
{ "georgemaschke.net", true },
{ "georgepancescu.ro", true },
@@ -15393,6 +15538,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "georgiaautoglass.net", true },
{ "georgiaglassrepair.com", true },
{ "georgiastuartyoga.co.uk", true },
+ { "georgiatransport.com", true },
{ "georgiaurologist.com", true },
{ "georgioskontaxis.com", true },
{ "georgioskontaxis.net", true },
@@ -15413,7 +15559,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gerbyte.co.uk", true },
{ "gerbyte.com", true },
{ "gerbyte.uk", true },
- { "germancraft.net", true },
{ "germandarknes.net", true },
{ "germanssky.de", true },
{ "germanticz.de", true },
@@ -15445,6 +15590,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "getbooks.co.il", true },
{ "getbox.me", true },
{ "getbreadcrumbs.com", true },
+ { "getbrowink.com", true },
{ "getbutterfly.com", true },
{ "getcloak.com", false },
{ "getcolq.com", true },
@@ -15452,7 +15598,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "getdash.io", true },
{ "getdeveloper.de", true },
{ "geteckeld.nl", true },
- { "geteduroam.no", true },
{ "getenv.io", true },
{ "geterp.ru", true },
{ "getfedora.org", true },
@@ -15495,6 +15640,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "getteamninja.com", true },
{ "getthefriendsyouwant.com", true },
{ "getticker.com", true },
+ { "gettodoing.com", true },
{ "gettopquality.com", true },
{ "getts.ro", true },
{ "getupandbounce.co.uk", true },
@@ -15559,20 +15705,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "giardinaggio.napoli.it", true },
{ "giardiniere.bologna.it", true },
{ "giardiniere.milano.it", true },
- { "gibraltar.at", true },
{ "gichigamigames.com", true },
- { "gicl.dk", true },
{ "giebel.it", true },
{ "gierds.de", true },
{ "giethoorn.com", true },
{ "gietvloergarant.nl", false },
{ "giftcard.net", true },
{ "giftcardgranny.com", true },
- { "giftedconsortium.com", true },
{ "giftking.nl", false },
{ "giftmaniabrilhos.com.br", true },
{ "gifts.best", true },
{ "gifts365.co.uk", true },
+ { "giftya.com", true },
{ "gifudodo.com", true },
{ "gig-raiffeisen.de", true },
{ "giga.nl", true },
@@ -15605,7 +15749,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gilmoreid.com.au", true },
{ "gilmourluna.com", true },
{ "gilnet.be", true },
- { "gilpinmanagement.com", true },
{ "gimme.money", true },
{ "gina-architektur.design", true },
{ "ginabaum.com", true },
@@ -15613,7 +15756,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gingersutton.com", true },
{ "ginionusedcars.be", true },
{ "ginja.co.th", true },
- { "ginnegappen.nl", true },
{ "ginniemae.gov", true },
{ "gino-gelati.de", true },
{ "ginza-luce.net", true },
@@ -15625,7 +15767,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gioielleriamolena.com", true },
{ "gippert-klein.de", true },
{ "giraffeduck.com", true },
- { "giraffeinflatables.co.uk", true },
{ "giraffenland.de", true },
{ "giraffes.org", true },
{ "giri.co", true },
@@ -15668,14 +15809,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "given2.com", true },
{ "givesunlight.com", true },
{ "givingnexus.org", false },
- { "givip.eu", true },
{ "gixtools.com", true },
{ "gixtools.net", true },
{ "gj-bochum.de", true },
{ "gjcampbell.co.uk", true },
{ "gjengset.com", true },
{ "gjspunk.de", false },
- { "gkimanyar.org", true },
{ "gkoenig-innenausbau.de", true },
{ "gkralik.eu", true },
{ "gl.search.yahoo.com", false },
@@ -15683,21 +15822,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "glaciernursery.com", true },
{ "gladiatorboost.com", true },
{ "gladwellentertainments.co.uk", true },
- { "glahcks.com", true },
{ "glamguru.co.il", true },
{ "glamguru.world", true },
{ "glamour4you.de", true },
{ "glamourdaze.com", true },
+ { "glamouria.com.br", true },
{ "glasdon.com", true },
{ "glasen-hardt.de", true },
{ "glasfaser-im-hanseviertel.de", true },
{ "glasgestaltung.biz", true },
{ "glasner.photo", true },
- { "glaspe.com", true },
{ "glass.google.com", true },
{ "glasschmuck-millefiori.de", true },
{ "glassexpertswa.com", true },
{ "glassrainbowtrust.org.je", true },
+ { "glassrom.pw", true },
{ "glasweld.com", true },
{ "glavsudexpertiza.ru", true },
{ "glazedmag.fr", true },
@@ -15720,7 +15859,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "global-lights.ma", true },
{ "global-office.com", true },
{ "global-village.koeln", true },
- { "global.hr", true },
{ "globalcanineregistry.com", true },
{ "globalchokepoints.org", true },
{ "globalcomix.com", true },
@@ -15740,8 +15878,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "globelink-group.com", true },
{ "glocalworks.jp", true },
{ "glofox.com", true },
+ { "glolighting.co.za", true },
{ "gloneta.com", false },
{ "gloning.name", true },
+ { "glont.net", true },
{ "gloria.tv", true },
{ "glosiko.com", true },
{ "glossopnorthendafc.co.uk", true },
@@ -15750,6 +15890,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "glotechrepairs.co.uk", true },
{ "glu3cifer.rocks", true },
{ "glueck-im-norden.de", true },
+ { "gluecksgriff-taschen.de", true },
{ "glueckskindter.de", true },
{ "gluedtomusic.com", true },
{ "gluit.de", true },
@@ -15798,6 +15939,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gnucashtoqif.us", true },
{ "gnunet.org", true },
{ "gnuplus.me", true },
+ { "gnwp.eu", true },
{ "go-dutch.eu", true },
{ "go-embedded.de", true },
{ "go-propiedades.cl", true },
@@ -15825,7 +15967,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "godaxen.tv", true },
{ "godclan.hu", true },
{ "godesigner.ru", true },
- { "godofnea.com", true },
{ "godrive.ga", true },
{ "godsofhell.com", true },
{ "godsofhell.de", true },
@@ -15873,6 +16014,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "goldendawnapersonalaffair.com", true },
{ "goldenhillsoftware.com", true },
{ "goldenhost.ca", true },
+ { "goldenmonrepos.com", true },
{ "goldenplate.com.sg", true },
{ "goldenruleemail.com", true },
{ "goldfmromania.ro", true },
@@ -15893,6 +16035,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "golser-schuh.at", true },
{ "golser.info", true },
{ "gomasy.jp", true },
+ { "gomel.chat", true },
{ "gomelchat.com", true },
{ "gomena.io", true },
{ "gommista.roma.it", true },
@@ -15914,6 +16057,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "google", true },
{ "google-analytics.com", true },
{ "googleandroid.cz", true },
+ { "googlehosts.org", true },
{ "googlemail.com", false },
{ "googleplex.com", true },
{ "googlesource.com", true },
@@ -15926,10 +16070,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "goow.in", true },
{ "goozp.com", true },
{ "gopher.tk", true },
+ { "gophoto.it", true },
+ { "goplex.com.au", true },
{ "goproallaccess.com", true },
{ "goproinspectiongroup.com", true },
{ "goquiq.com", true },
{ "gordeijnsbouw.nl", true },
+ { "gordonobrecht.com", true },
{ "gordonscouts.com.au", true },
{ "gorealya.com", true },
{ "gorf.chat", true },
@@ -15943,6 +16090,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gosforthdentalsurgery.co.uk", true },
{ "goshawkdb.io", true },
{ "goshin-group.co.jp", true },
+ { "gosolockpicks.com", true },
{ "gospelfollower.com", true },
{ "gospelofmark.ch", true },
{ "gospelvestcination.de", true },
@@ -15965,6 +16113,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gotoxy.at", true },
{ "gotrail.fr", true },
{ "gottcode.org", false },
+ { "gottfridsberg.org", true },
{ "goudenharynck.be", true },
{ "gouforit.com", true },
{ "gouldcooksey.com", true },
@@ -15978,21 +16127,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "governorhub.com", true },
{ "govisitcostarica.co.cr", true },
{ "govisitcostarica.com", true },
+ { "govtjobs.blog", true },
{ "govtrack.us", true },
{ "govype.com", true },
+ { "gowancommunications.com", true },
{ "gowe.wang", false },
{ "gowildrodeo.co.uk", true },
{ "gowithflo.de", true },
{ "gozenhost.com", true },
{ "gpcsolutions.fr", true },
{ "gpdimaranathasiantar.org", false },
- { "gpfclan.de", true },
{ "gpgscoins.com", true },
{ "gplans.us", true },
{ "gpm.ltd", true },
{ "gprs.uk.com", true },
{ "gpscamera.nl", true },
- { "gpsfix.cz", true },
{ "gpsolarpanels.com", true },
{ "gpsvideocanada.com", true },
{ "gpureport.cz", true },
@@ -16065,6 +16214,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "graonatural.com.br", true },
{ "grapee.jp", true },
{ "grapeintentions.com", true },
+ { "grapevine.is", true },
{ "graphcommons.com", true },
{ "graphene.software", true },
{ "graphic-schools.com", true },
@@ -16096,6 +16246,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "grayowlworks.com", true },
{ "grayscale.co", true },
{ "grayson.sh", true },
+ { "graz2020.com", true },
{ "grazieitalian.com", true },
{ "grc.com", false },
{ "greatagain.gov", true },
@@ -16112,17 +16263,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "greditsoft.com", true },
{ "greek.dating", true },
{ "greeklish.gr", true },
+ { "greekmusic.academy", true },
{ "green-attitude.be", true },
{ "green-care.nl", true },
{ "green-light.co.nz", true },
{ "greenaddress.it", true },
{ "greenapproach.ca", true },
- { "greenbaysecuritysolutions.com", true },
{ "greencircleplantnursery.com.au", true },
{ "greencircleplantnursery.net.au", true },
{ "greener.pl", true },
- { "greenglam.biz", true },
- { "greengoblindev.com", true },
{ "greenhats.de", true },
{ "greenliquidsystem.com", true },
{ "greenliv.pl", true },
@@ -16131,6 +16280,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "greenoutdoor.dk", false },
{ "greenpanda.de", true },
{ "greenpartyofnewmilford.org", true },
+ { "greenpaws.ee", true },
{ "greenpeace-magazin.de", true },
{ "greenpeace.berlin", true },
{ "greenroach.ru", true },
@@ -16146,7 +16296,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gregbrimble.com", true },
{ "greger.me", true },
{ "gregmarziomedia-dev.com", true },
+ { "gregmarziomedia.co.za", true },
{ "gregmarziomedia.com", true },
+ { "gregmilton.com", true },
{ "gregmote.com", true },
{ "grego.pt", true },
{ "gregoirow.be", true },
@@ -16170,6 +16322,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "grexx.de", true },
{ "grexx.nl", true },
{ "grey.house", true },
+ { "greybeards.ca", true },
{ "greyhash.se", true },
{ "greymattertechs.com", true },
{ "greysky.me", true },
@@ -16180,8 +16333,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "grh.am", true },
{ "griassdi-reseller.de", true },
{ "gricargo.com", true },
+ { "gridsmartercities.com", true },
{ "griechische-pfoetchen.de", true },
- { "griecopelino.com", true },
+ { "griefheart.com", true },
{ "grieg-gaarden.no", true },
{ "grieg.com", true },
{ "grieg.net", true },
@@ -16217,6 +16371,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gronau-it-cloud-computing.de", true },
{ "grondius.com", true },
{ "groomershop.ru", true },
+ { "groomscroft.co.uk", true },
+ { "groomscroft.com", true },
{ "grootinadvies.nl", true },
{ "groovydisk.com", true },
{ "groovygoldfish.org", true },
@@ -16254,6 +16410,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gruenstreifen-ev.de", true },
{ "grumpy.fr", true },
{ "grumpygamers.com", true },
+ { "grundlage.com.ua", true },
{ "grunwaldzki.center", true },
{ "grunwasser.fr", true },
{ "grupomakben.com", true },
@@ -16292,7 +16449,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gtopala.net", true },
{ "gtour.info", false },
{ "gtravers-basketmaker.co.uk", true },
- { "gts-dp.de", true },
{ "gtxbbs.com", true },
{ "gtxmail.de", true },
{ "guajars.cl", true },
@@ -16350,8 +16506,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gulchuk.com", true },
{ "gulenbase.no", true },
{ "gulfstream.ru", true },
- { "gumballs.com", true },
{ "gume4you.com", true },
+ { "gumeyamall.jp", true },
{ "gumi.ca", true },
{ "gunauc.net", true },
{ "gunceloyunhileleri.com", true },
@@ -16362,6 +16518,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "guochang.xyz", true },
{ "guodong.net", true },
{ "guoke.com", true },
+ { "guolaw.ca", true },
{ "guoliang.me", true },
{ "guozeyu.com", true },
{ "gupfen.ch", true },
@@ -16396,6 +16553,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "gviedu.com", true },
{ "gvitiming.ch", true },
{ "gvobgyn.ca", true },
+ { "gvoetbaldagenalcides.nl", true },
{ "gvt2.com", true },
{ "gvt3.com", true },
{ "gvwgroup.com", true },
@@ -16455,11 +16613,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "haazen.xyz", true },
{ "habarisoft.com", true },
{ "habbig.cc", true },
- { "habbos.es", true },
{ "haberer.me", true },
{ "habitat-domotique.fr", true },
{ "habr.com", true },
- { "habtium.com", true },
{ "habtium.es", true },
{ "habview.net", true },
{ "hacc.top", true },
@@ -16469,7 +16625,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hacertest.com", true },
{ "hacettepeteknokent.com.tr", true },
{ "hachre.de", false },
- { "hack.club", true },
{ "hackademix.net", true },
{ "hackanders.com", true },
{ "hackattack.com", true },
@@ -16479,7 +16634,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hackdown.me", true },
{ "hackenkunjeleren.nl", true },
{ "hackenturet.dk", true },
- { "hacker.club", true },
{ "hacker.holiday", true },
{ "hacker.im", true },
{ "hacker.one", true },
@@ -16487,7 +16641,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hacker1.com", true },
{ "hacker101.com", true },
{ "hackerchai.com", true },
- { "hackerco.com", true },
{ "hackereyes.com", true },
{ "hackergateway.com", true },
{ "hackernet.se", true },
@@ -16498,7 +16651,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hackerone.net", true },
{ "hackerone.org", true },
{ "hackerschat.net", true },
- { "hackerstxt.org", true },
{ "hackettrecipes.com", true },
{ "hackgins.com", true },
{ "hackingand.coffee", false },
@@ -16516,6 +16668,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hadleighswimmingclub.co.uk", true },
{ "hadouk.in", true },
{ "hadrons.org", true },
+ { "hady.fr", true },
{ "haefligermedia.ch", true },
{ "haemka.de", true },
{ "haens.li", true },
@@ -16530,7 +16683,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "haha-raku.com", true },
{ "hahay.es", true },
{ "haiboxu.com", true },
- { "haidihai.ro", true },
{ "hailer.com", true },
{ "hailstorm.nl", true },
{ "haim.bio", true },
@@ -16542,6 +16694,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hairtonic-lab.com", true },
{ "haixihui.cn", true },
{ "hajekdavid.cz", true },
+ { "hajekj.cz", true },
{ "hajekj.net", true },
{ "hajnzic.at", true },
{ "hak5.org", true },
@@ -16561,8 +16714,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "halitopuroprodutos.com.br", true },
{ "halkirkbouncycastles.co.uk", true },
{ "halkyon.net", true },
- { "halledesprix.fr", true },
{ "hallelujahsoftware.com", true },
+ { "halletienne.fr", true },
{ "hallettxn.com", true },
{ "hallhuber.com", true },
{ "halliday.work", true },
@@ -16579,6 +16732,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "haltegame.com", true },
{ "hamacho-kyudo.com", true },
{ "hamali.bg", true },
+ { "hamburg40grad.de", true },
{ "hamburgerbesteld.nl", true },
{ "hamcocc.com", true },
{ "hamcram.io", true },
@@ -16591,6 +16745,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hamsters-uk.org", true },
{ "hana.ondemand.com", true },
{ "hanakaraku.com", true },
+ { "hanakatova.com", true },
{ "hanashi.eu", true },
{ "hanbing.it", true },
{ "handbrake.fr", true },
@@ -16621,6 +16776,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hanoibuffet.com", true },
{ "hanpenblog.com", true },
{ "hansahome.ddns.net", true },
+ { "hansashop.eu", true },
{ "hansbijster.nl", true },
{ "hanschventures.com", true },
{ "hansen-kronshagen.de", true },
@@ -16635,6 +16791,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hanyibo.com", true },
{ "hanzubon.jp", true },
{ "hao-zhang.com", true },
+ { "haocq3.com", true },
{ "haogoodair.ca", true },
{ "haoqi.men", true },
{ "haorenka.cc", true },
@@ -16669,7 +16826,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "haptemic.com", true },
{ "haraj.com.sa", true },
{ "harald-d.dyndns.org", true },
- { "harald-pfeiffer.de", true },
{ "harapecorita.com", true },
{ "harbor-light.net", true },
{ "hardeman.nu", true },
@@ -16703,7 +16859,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "harringtonca.com", true },
{ "harrisonswebsites.com", true },
{ "harrisonvillenaz.org", true },
- { "harry-baker.com", true },
{ "harrymclaren.co.uk", true },
{ "harryphoto.fr", true },
{ "harrysgardengamehire.co.uk", true },
@@ -16714,6 +16869,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hartlieb.me", true },
{ "hartzer.com", true },
{ "harukakikuchi.com", true },
+ { "harukawa.moe", true },
{ "haruue.moe", true },
{ "harvarddharma.org", true },
{ "harvestapp.com", true },
@@ -16728,6 +16884,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hash-archive.org", true },
{ "hash.army", true },
{ "hash.works", true },
+ { "hashcashconsultants.com", true },
{ "hashcat.net", true },
{ "hashemian.com", true },
{ "hashes.org", true },
@@ -16781,6 +16938,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "haverstack.com", true },
{ "havetherelationshipyouwant.com", true },
{ "hawaar.com", true },
+ { "hawaiianchoice.com", true },
{ "hawaya.com", true },
{ "hawkeyeinsight.com", true },
{ "hawkinsonkiaparts.com", true },
@@ -16801,8 +16959,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hayvid.com", true },
{ "haz.cat", true },
{ "haze.productions", true },
- { "hazeltime.se", true },
{ "hazeover.com", true },
+ { "hazloconlapix.com", true },
{ "hazukilab.com", true },
{ "hb8522.com", true },
{ "hbcu-colleges.com", true },
@@ -16817,6 +16975,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hd-offensive.at", false },
{ "hd-only.org", true },
{ "hd-outillage.com", true },
+ { "hd1tj.org", true },
{ "hdc.cz", true },
{ "hdcamvids.com", true },
{ "hdcenter.cc", true },
@@ -16833,6 +16992,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hds-lan.de", true },
{ "hdv.paris", true },
{ "heaaart.com", true },
+ { "head.org", true },
{ "head.ru", true },
{ "headjapan.com", true },
{ "headlinepublishing.be", true },
@@ -16840,9 +17000,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "headshotharp.de", true },
{ "healey.io", true },
{ "health-and-beauty-news.net", true },
- { "health-booster.com", true },
+ { "health-booster.com", false },
{ "health-plan-news.com", true },
- { "health.gov", true },
{ "health.graphics", true },
{ "healthand-beautynews.net", true },
{ "healthandskinbeauty.com", true },
@@ -16852,7 +17011,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "healtheals.com", true },
{ "healtheffectsofasbestos.com", true },
{ "healthery.com", true },
- { "healthfinder.gov", true },
{ "healthfoam.com", true },
{ "healthgames.co.uk", true },
{ "healthiercompany.com", true },
@@ -16889,7 +17047,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hearty.org.tw", true },
{ "hearty.taipei", true },
{ "hearty.tw", true },
- { "hearty.us", true },
{ "heartyapp.tw", true },
{ "heartycraft.com", true },
{ "heatershop.co.uk", true },
@@ -16898,7 +17055,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "heavensattic.co.uk", true },
{ "heavensinferno.net", true },
{ "heavyequipments.org", true },
- { "heayao.com", true },
{ "hebamme-cranio.ch", true },
{ "hebergeurssd.com", true },
{ "hebikhiv.nl", true },
@@ -16906,7 +17062,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hebocon.nl", true },
{ "hec-espace-entreprise.ch", true },
{ "hec.global", true },
- { "hechamano.es", true },
{ "heckelektro.de", true },
{ "heckerundknopp.de", true },
{ "heckticmedia.com", true },
@@ -16947,16 +17102,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "heinzelmann.co", true },
{ "heiraten-gardasee.de", true },
{ "heiraten-venedig.de", true },
+ { "heisenberg.co", true },
{ "heissluft-fritteuse.com", true },
{ "heistheguy.com", true },
{ "heitland-it.de", true },
{ "heiwa-valve.co.jp", true },
- { "hejahanif.se", true },
{ "hejianpeng.cn", true },
{ "heka.ai", true },
{ "helber-it-services.de", true },
{ "helden-spielen.de", true },
{ "heldenhalde.de", true },
+ { "heldtech.services", true },
{ "heldundsexgott.de", true },
{ "heleendebruyne.be", true },
{ "helenaknowledge.com", true },
@@ -16964,6 +17120,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "helenelefauconnier.com", true },
{ "helenkellersimulator.org", true },
{ "helfordriversc.co.uk", true },
+ { "helgaschultz.de", true },
{ "helichat.de", true },
{ "helikon.ro", true },
{ "helioanodyne.eu", true },
@@ -16974,7 +17131,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hellenicagora.co.uk", true },
{ "hellerarko.de", true },
{ "hellersgas.com", true },
- { "hellerup.net", true },
{ "helles-koepfchen.de", true },
{ "helloacm.com", true },
{ "hellobrian.me", true },
@@ -16989,11 +17145,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "helpmij.cf", true },
{ "helpscoutdocs.com", true },
{ "helpstarloja.com.br", true },
+ { "helpwithmybank.gov", true },
{ "helsinki.dating", true },
{ "helvella.de", true },
{ "hematoonkologia.pl", true },
{ "hemdal.se", true },
{ "hemnet.se", true },
+ { "hems.si", true },
{ "hemtest.com", true },
{ "hen.ne.ke", true },
{ "henchman.io", true },
@@ -17001,7 +17159,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hendric.us", false },
{ "hendrik.li", true },
{ "hendrinortier.nl", true },
- { "hendyisaac.com", true },
{ "hengelsportdeal.com", true },
{ "hengstumone.com", true },
{ "henkboelman.com", true },
@@ -17031,7 +17188,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "heppler.net", true },
{ "heptafrogs.de", true },
{ "her25.com", false },
- { "heracles-hotel.eu", true },
{ "herberichfamily.com", true },
{ "herbert.io", true },
{ "herbhuang.com", true },
@@ -17047,12 +17203,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "herkam.pl", true },
{ "hermanbrouwer.nl", true },
{ "hermes-net.de", true },
- { "hermes.cat", true },
{ "herminghaus24.de", true },
{ "herndl.org", true },
{ "herni-kupony.cz", true },
{ "hernn.com", true },
{ "herocentral.de", true },
+ { "heroco.xyz", true },
{ "herofil.es", true },
{ "herohirehq.co.uk", true },
{ "heroiclove.com", true },
@@ -17070,6 +17226,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "herrtxbias.net", false },
{ "hertsbouncycastles.com", true },
{ "hertz.bj", true },
+ { "hervespanneut.com", true },
{ "herzbotschaft.de", true },
{ "herzfuersoziales.at", true },
{ "herzig.cc", true },
@@ -17084,7 +17241,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hestia-systeme.fr", true },
{ "hesyifei.com", true },
{ "hetene.nl", true },
+ { "hethely.ch", true },
{ "hetluisterbos.be", true },
+ { "hetmer.cz", true },
{ "heute-kaufen.de", true },
{ "heute.training", true },
{ "hevertonfreitas.com.br", true },
@@ -17141,8 +17300,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hieu.com.au", true },
{ "higgsboson.tk", true },
{ "higgstools.org", true },
+ { "highair.net", true },
{ "higherpress.org", true },
- { "highlatitudestravel.com", true },
{ "highlegshop.com", true },
{ "highlevelwoodlands.com", true },
{ "highlightsfootball.com", true },
@@ -17176,6 +17335,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "himecorazon.com", true },
{ "himekomi.com", true },
{ "himens.com", true },
+ { "himiku.com", true },
{ "hin10.com", true },
{ "hinata-hidetoshi.com", true },
{ "hindi-movie.org", true },
@@ -17186,13 +17346,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hinterposemuckel.de", true },
{ "hiparish.org", true },
{ "hiphop.ren", true },
+ { "hipnos.net", true },
{ "hippies.com.br", true },
{ "hippo.ge", true },
{ "hippomovers.com", true },
{ "hippopotamuses.org", true },
{ "hips.com", true },
{ "hipstercat.fr", true },
- { "hiqfleet.co.uk", true },
{ "hiqfranchise.co.uk", true },
{ "hiqhub.co.uk", false },
{ "hiqonline.co.uk", true },
@@ -17212,12 +17372,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hisbrucker.net", true },
{ "hisgifts.com.au", true },
{ "hisingensck.se", true },
+ { "hisnet.de", true },
{ "hispanic.dating", true },
{ "histocamp.de", true },
{ "histoire-cite.ch", true },
{ "historia-arte.com", true },
{ "history-schools.com", true },
{ "history.google.com", false },
+ { "history.gov", true },
{ "hitandhealth.nl", true },
{ "hiteco.com", true },
{ "hiteshbrahmbhatt.com", true },
@@ -17273,7 +17435,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hlidacnajemneho.cz", true },
{ "hlin.cloud", true },
{ "hlinformatics.nl", true },
- { "hloe0xff.ru", true },
{ "hlsmandarincentre.com", true },
{ "hlucas.de", true },
{ "hm773.net", true },
@@ -17287,13 +17448,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hnfertilizermachine.com", true },
{ "hnn.net.br", true },
{ "hnonline.sk", true },
- { "hnwebi.com", true },
+ { "hnrk.io", true },
{ "hnyp.hu", true },
{ "hoaas.no", true },
{ "hoahau.org", true },
{ "hoarding.me", true },
{ "hobby-drechselei.de", true },
{ "hobbyspeed.com", true },
+ { "hochdorf-tennis.de", true },
{ "hochhaus.us", true },
{ "hochoukikikiraku.com", true },
{ "hochyi.com", true },
@@ -17320,12 +17482,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hofauer.de", true },
{ "hoflerlawfirm.com", true },
{ "hogarthdavieslloyd.com", true },
+ { "hoge.se", true },
{ "hogepad.com", true },
{ "hogl.dk", true },
{ "hogrebe.de", true },
{ "hogwarts.io", true },
{ "hohenleimbach.de", true },
- { "hohm.in", true },
{ "hoikuen-now.top", true },
{ "hoiquanadida.com", true },
{ "hoish.in", true },
@@ -17356,6 +17518,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "holofox.ru", true },
{ "holoxplor.space", true },
{ "holvonix.com", true },
+ { "holy-hi.com", false },
{ "holycrossphl.org", true },
{ "holycrossverobeach.org", true },
{ "holydragoon.jp", true },
@@ -17370,6 +17533,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "holytransaction.com", true },
{ "holywhite.com", true },
{ "holz.nu", true },
+ { "holzed.com", true },
{ "holzheizer-forum.de", true },
{ "holzheizerforum.de", true },
{ "holzschutz-holzbearbeitung.de", true },
@@ -17412,6 +17576,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hommeatoutfaire.be", true },
{ "homophoni.com", true },
{ "hompus.nl", false },
+ { "homunyan.com", true },
{ "homyremedies.com", true },
{ "hon-matsuba.co.jp", true },
{ "honda-centrum.cz", true },
@@ -17491,7 +17656,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hospitality-colleges.com", true },
{ "hostadvice.com", true },
{ "hostarea51.com", true },
- { "hostcoz.com", true },
{ "hosteasy.nl", false },
{ "hostedcomments.com", true },
{ "hostedtalkgadget.google.com", true },
@@ -17506,6 +17670,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hostinglogin.net", true },
{ "hostingphp.ch", true },
{ "hostingpunt.be", true },
+ { "hostingsams.com", true },
{ "hostingsolutions.cz", true },
{ "hostix.de", true },
{ "hostma.ma", true },
@@ -17519,6 +17684,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hotchillibox.com", true },
{ "hotcoin.io", true },
{ "hotdoc.com.au", true },
+ { "hotel-alan.hr", true },
{ "hotel-kontorhaus-stralsund.de", true },
{ "hotel-kontorhaus.de", true },
{ "hotel-kronjuwel.de", true },
@@ -17527,13 +17693,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hotel-rosner.at", true },
{ "hotelamgarnmarkt.at", false },
{ "hotelarevalo.com", true },
+ { "hotelbonacabol.com", true },
{ "hotelbretagne.dk", true },
{ "hotelcoliber.pl", true },
+ { "hotelelaphusabrac.com", true },
{ "hoteles4you.com", true },
{ "hotelflow.com.br", true },
{ "hotelident.de", true },
- { "hotello.io", true },
+ { "hotelkaj.hr", true },
{ "hotelmap.com", true },
+ { "hotelmarinaadria.com", true },
+ { "hotelneptundalmatien.com", true },
{ "hotelpostaorvieto.it", true },
{ "hotelromacuernavaca.com.mx", true },
{ "hotels-insolites.com", true },
@@ -17542,6 +17712,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hotelsinbuxton.com", true },
{ "hotelsinformer.com", true },
{ "hotelsinncoventry.com", true },
+ { "hotelsolinebrela.com", true },
{ "hotelvalena.com", true },
{ "hotelvillaluisa.de", true },
{ "hothbricks.com", true },
@@ -17561,6 +17732,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "house-sparrow.com", true },
{ "houseboydesigns.com", true },
{ "housekeeperlondon.co.uk", true },
+ { "houselocal.co.uk", true },
{ "houseofherbs.gr", true },
{ "houseofhouston.com", true },
{ "houseofyee.com", true },
@@ -17578,6 +17750,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "howbehealthy.com", true },
{ "howbigismybuilding.com", true },
{ "howellaccounts.co.uk", true },
+ { "howesky.com", true },
{ "howgoodwasmysex.com", true },
{ "howieisawesome.com", true },
{ "howlongtobeatsteam.com", true },
@@ -17590,6 +17763,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "howtogeekpro.com", true },
{ "howtogosolar.org", true },
{ "howtolaser.com", true },
+ { "howtomovetheneedle.com", true },
{ "howtoteachviolin.com", true },
{ "howtotech.de", true },
{ "hozana.si", false },
@@ -17618,6 +17792,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hreflang.info", true },
{ "hrjfeedstock.org", true },
{ "hrltech.com.br", true },
+ { "hro.to", true },
{ "hrobert.hu", true },
{ "hroling.nl", true },
{ "hroschyk.cz", true },
@@ -17638,13 +17813,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hsr.gov", false },
{ "hsts.eu", true },
{ "hsts.me", true },
+ { "hsts.ovh", true },
{ "hstsfail.appspot.com", true },
{ "hstspreload.appspot.com", true },
{ "hstspreload.com", true },
{ "hstspreload.de", true },
{ "hstspreload.org", true },
- { "hsulei.com", true },
{ "hszemi.de", true },
+ { "ht.mk", true },
{ "htaccessbook.com", true },
{ "htaps.com", true },
{ "hte.ovh", true },
@@ -17683,7 +17859,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hu8hu8.com", true },
{ "huagati.com", true },
{ "huahinpropertylisting.com", true },
- { "huang-haitao.com", true },
+ { "hualao.co", true },
+ { "huang.nu", true },
+ { "huangh.com", true },
{ "huangjia71.com", true },
{ "huangjia72.com", true },
{ "huangjia73.com", true },
@@ -17696,12 +17874,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "huangjia99.com", true },
{ "huangjiaint.com", true },
{ "huangjingjing.com", true },
+ { "huangliangbo.com", true },
{ "huangzenghao.cn", false },
{ "huaqian.art", true },
{ "huashan.co.uk", true },
{ "hub.org.ua", true },
{ "hub385.com", true },
{ "hubapi.com", true },
+ { "hubchain.com", true },
+ { "hubchain.com.br", true },
+ { "hubchain.fr", true },
+ { "hubchain.io", true },
+ { "hubchain.org", true },
{ "huber-informatik.de", true },
{ "hubok.net", true },
{ "hubspot.com", true },
@@ -17790,9 +17974,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hundeformel.de", true },
{ "hundesport-psvhalle.de", true },
{ "hundeverwaltung.de", true },
+ { "hundhausen.de", true },
{ "hundter.com", true },
{ "hunger.im", true },
- { "huniverse.co", true },
{ "hunstoncanoeclub.co.uk", true },
{ "hunter-read.com", true },
{ "hunter.io", true },
@@ -17828,7 +18012,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "huynhviet.com", true },
{ "huyvu.nl", true },
{ "hvdbox.de", true },
- { "hveradistributions.com", true },
{ "hverdagogkink.no", true },
{ "hvh.no", true },
{ "hvmk.nl", true },
@@ -17841,6 +18024,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hxp.io", true },
{ "hxsf.me", true },
{ "hxying.com", true },
+ { "hy1.com", true },
{ "hybridworx.com", true },
{ "hybridworx.de", true },
{ "hybridworx.eu", true },
@@ -17863,10 +18047,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hylemorphica.org", true },
{ "hynek.me", true },
{ "hyparia.fr", true },
+ { "hyparia.org", true },
{ "hype.ru", true },
{ "hypeitems.pl", true },
{ "hypemgmt.com", true },
{ "hyper-text.org", true },
+ { "hyperactive.am", true },
{ "hyperalgesia.com", true },
{ "hyperautomotive.com.au", true },
{ "hyperbolic-mayonnaise-interceptor.ovh", true },
@@ -17883,11 +18069,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "hypothes.is", true },
{ "hypothyroidmom.com", true },
{ "hyr.mn", true },
- { "hytzongxuan.com", true },
+ { "hysh.jp", true },
{ "hyundai.no", true },
{ "hyvanilmankampaamo.fi", true },
+ { "hyvanolonterapia.fi", true },
{ "hyvinvointineuvoja.fi", true },
{ "hztgzz.com", true },
+ { "i--b.com", true },
+ { "i-0v0.in", true },
{ "i-aloks.ru", true },
{ "i-geld.de", true },
{ "i-hakul.net", true },
@@ -17910,6 +18099,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "i5y.org", true },
{ "i66.me", true },
{ "i879.com", true },
+ { "i9s.in", true },
+ { "ia.cafe", true },
{ "ia.net", true },
{ "iaco.li", true },
{ "iacono.com.br", false },
@@ -17932,11 +18123,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iamhansen.xyz", true },
{ "iaminashittymood.today", true },
{ "iamjoshellis.com", true },
- { "iamlbk.com", true },
- { "iamlzh.com", true },
{ "iamtheib.me", true },
{ "iamtonyarthur.com", true },
- { "iamusingtheinter.net", true },
+ { "iamusingtheinter.net", false },
{ "iamwoodbeard.com", true },
{ "ianbrault.com", true },
{ "iandouglasscott.com", true },
@@ -17965,10 +18154,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ibexcore.com", true },
{ "ibigawamizueco.com", true },
{ "ibin.co", true },
- { "ibiu.xyz", true },
{ "ibiz.mk", true },
{ "iblackfriday.ro", true },
{ "ibodyiq.com", true },
+ { "ibps-recruitment.in", true },
{ "ibrainmedicine.org", true },
{ "ibrom.eu", true },
{ "ibstyle.tk", true },
@@ -17983,12 +18172,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "icanhasht.ml", true },
{ "icarlos.net", true },
{ "icasture.top", true },
- { "icbemp.gov", true },
{ "iccpublisher.com", true },
{ "ice.xyz", true },
{ "iceberg.academy", true },
{ "icebook.co.uk", true },
{ "icecars.net", true },
+ { "icecontrol.ro", true },
+ { "icedream.tech", true },
{ "icetiger.eu", true },
{ "ich-hab-die-schnauze-voll-von-der-suche-nach-ner-kurzen-domain.de", true },
{ "ich-tanke.de", true },
@@ -18001,6 +18191,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "icmhd.ch", true },
{ "icmp2018.org", true },
{ "icnsoft.cf", true },
+ { "icnsoft.ml", true },
{ "icobench.com", true },
{ "icodeconnect.com", true },
{ "icoh.it", true },
@@ -18013,6 +18204,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "icsfinomornasco.it", true },
{ "ict-concept.nl", false },
{ "ict-crew.nl", true },
+ { "ict-helpteam.nl", true },
{ "ict-radar.com", true },
{ "ict-radar.nl", true },
{ "ictcareer.ch", true },
@@ -18029,6 +18221,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "id0-rsa.pub", true },
{ "id7.fr", true },
{ "idaeus.eu", true },
+ { "idafauziyah.com", true },
{ "idahoansforliberty.net", true },
{ "idarv.com", true },
{ "idaspis.com", true },
@@ -18047,7 +18240,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ideashop.com", true },
{ "ideaweb.de", true },
{ "idenamaislami.com", true },
- { "idensys.nl", false },
+ { "idensys.nl", true },
{ "ident-clinic.be", true },
{ "identassist.com", true },
{ "identifyme.net", true },
@@ -18074,6 +18267,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "idoc24.com", true },
{ "idodiandina.com", true },
{ "idolf.dk", true },
+ { "idolish7.fun", false },
{ "idolknow.com", true },
{ "idolshop.dk", true },
{ "idolshop.me", true },
@@ -18091,7 +18285,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "idtheft.gov", true },
{ "idubaj.cz", true },
{ "idunno.org", true },
- { "idvl.de", true },
{ "idxforza.com", true },
{ "ie.search.yahoo.com", false },
{ "iea-annex61.org", true },
@@ -18101,7 +18294,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ieeesbe.nl", true },
{ "ieeespmb.org", true },
{ "ieffalot.me", true },
- { "ieji.de", false },
+ { "ieji.de", true },
{ "iemb.tk", true },
{ "ienakanote.com", false },
{ "ies-italia.it", true },
@@ -18164,11 +18357,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ih8sn0w.com", true },
{ "ihacklabs.com", true },
{ "ihakkitekin.com", true },
- { "ihatethissh.it", true },
{ "ihcprofile.com", true },
{ "iheartmary.org", true },
{ "ihkk.net", true },
{ "ihls.stream", true },
+ { "ihls.world", true },
{ "ihmphila.org", true },
{ "ihoey.com", true },
{ "ihollaback.org", true },
@@ -18186,7 +18379,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iix.se", true },
{ "ijm.io", true },
{ "ijohan.nl", true },
- { "ijr.com", true },
{ "ijsbaanwitten.nl", true },
{ "ijsblokjesvormen.nl", true },
{ "ijsclubtilburg.nl", true },
@@ -18212,10 +18404,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ikkev.de", true },
{ "ikkoku.de", true },
{ "iklive.org", false },
- { "ikraenglish.com", true },
+ { "ikraenglish.com", false },
+ { "iktisatbank.com", true },
{ "ikulist.me", true },
{ "ikumi.us", true },
- { "ikuuuu.com", true },
{ "ikvts.de", true },
{ "ikwilthepiratebay.org", true },
{ "ikxkx.com", true },
@@ -18227,7 +18419,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ilamparas.com.ve", true },
{ "ilamparas.mx", true },
{ "ilard.fr", true },
- { "ilazycat.com", true },
{ "ile-kalorii.pl", true },
{ "ile-sapporo.jp", true },
{ "ileci.de", true },
@@ -18255,6 +18446,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "illsley.org", true },
{ "illumed.net", true },
{ "illuminationis.com", true },
+ { "illuminatisofficial.org", true },
{ "illusionephemere.com", true },
{ "illusionunlimited.com", true },
{ "illustrate.biz", true },
@@ -18271,6 +18463,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ilrg.com", true },
{ "iltec-prom.ru", true },
{ "iltec.ru", true },
+ { "iltuogiardino.org", true },
{ "ilweb.es", true },
{ "ilya.pp.ua", true },
{ "im-c-shop.com", true },
@@ -18286,7 +18479,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "imagebin.ca", true },
{ "imagefu.com", true },
{ "imageination.co", true },
- { "imagenesdedibujosalapizfacilesdehacer.com", true },
{ "imagerive.ch", true },
{ "imagescostumes.com", true },
{ "imaginair.es", true },
@@ -18342,12 +18534,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "immersionwealth.com", true },
{ "immigrantdad.com", true },
{ "immigrationdirect.com.au", true },
- { "immo-agentur.com", true },
+ { "immo-agentur.com", false },
{ "immo-passion.net", true },
{ "immo-vk.de", true },
{ "immobilien-badlippspringe.de", true },
{ "immobilien-in-istanbul.de", true },
{ "immobilien-zirm.de", true },
+ { "immobiliengutachter-holland.de", true },
{ "immobilier-nice.fr", true },
{ "immobilier92.net", true },
{ "immobiza.com", false },
@@ -18365,9 +18558,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "impelup.com", true },
{ "impendulo.org", true },
{ "impera.at", true },
- { "imperdin.com", true },
{ "imperial-legrand.com", true },
{ "imperialmiami.com", true },
+ { "imperiodigital.online", true },
{ "imperiumglass.com.au", true },
{ "imperiumnova.info", true },
{ "impex.com.bd", true },
@@ -18400,11 +18593,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "imrunner.ru", true },
{ "ims-sargans.ch", true },
{ "imscompany.com", true },
+ { "imtikai.ml", true },
{ "imwalking.de", true },
{ "imwnk.cn", true },
- { "imydl.com", true },
{ "imydl.tech", true },
- { "imyjy.cn", true },
{ "imyrs.cn", true },
{ "imyunya.com", true },
{ "imyvm.com", true },
@@ -18456,7 +18648,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "indianaantlersupply.com", true },
{ "indianaberry.com", true },
{ "indianafoundationpros.com", true },
+ { "indianamoldrepairpros.com", true },
{ "indianapolislocksmithinc.com", true },
+ { "indianawaterdamagerepairpros.com", true },
{ "indiatrademarkwatch.com", true },
{ "indiayogastudio.net", true },
{ "indicateurs-flash.fr", true },
@@ -18468,19 +18662,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "indigoinflatables.com", true },
{ "indigosakura.com", true },
{ "indigotreeservice.com", true },
+ { "indika.pe", true },
+ { "indio.co.jp", true },
{ "inditip.com", true },
- { "indochina.io", true },
{ "indogermanstartup.com", true },
{ "indoorcomfortteam.com", true },
- { "indoorplantsexpert.com", true },
{ "indovinabank.com.vn", true },
{ "indusap.com", true },
{ "indusfastremit-us.com", true },
- { "indusfastremit.com", true },
{ "indust.me", true },
{ "industriafranchini.com", true },
{ "industrialstarter.com", true },
- { "industriasrenova.com", true },
{ "industriemeister.io", true },
{ "indybay.org", true },
{ "ineardisplay.com", true },
@@ -18498,6 +18690,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "inference.biz.tr", true },
{ "infermiere.roma.it", true },
{ "inff.info", true },
+ { "inffin-portal.de", true },
+ { "inffin-tec.de", true },
{ "inficom.org", true },
{ "infinite.hosting", true },
{ "infinitegroup.info", true },
@@ -18527,6 +18721,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "info-screen.me", true },
{ "info-screw.com", true },
{ "infobae.com", true },
+ { "infobrain.net", true },
{ "infocity-tech.fr", true },
{ "infocommsociety.com", true },
{ "infocon.org", true },
@@ -18537,11 +18732,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "infomegastore.com", true },
{ "infomir.eu", true },
{ "infomisto.com", true },
- { "infopagina.es", true },
{ "infopier.sg", true },
{ "infopulsa.com", true },
{ "infopuntzorg.nl", true },
{ "infor-allaitement.be", true },
+ { "inforaga.com", true },
+ { "informaciondeciclismo.com", true },
{ "informatiebeveiliging.nl", true },
{ "informatik-handwerk.de", true },
{ "informationrx.org", true },
@@ -18560,7 +18756,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "infotune.nl", true },
{ "infovision-france.com", true },
{ "infoweb.ee", true },
- { "infr.red", true },
{ "infra.land", true },
{ "infra.press", true },
{ "infrabeep.com", true },
@@ -18609,6 +18804,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "inglebycakes.co.uk", true },
{ "inglesnarede.com.br", true },
{ "ingo-schlueter.de", true },
+ { "ingolonde.pw", true },
{ "ingoschlueter.de", true },
{ "ingredientdaddy.ro", true },
{ "inhaltsangabe.de", true },
@@ -18637,6 +18833,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "inmateintake.com", true },
{ "inmobillium.fr", true },
{ "inmoodforsex.com", true },
+ { "inmusrv.de", true },
{ "innerfence.com", true },
{ "innerlightcrystals.co.uk", true },
{ "innermostparts.org", true },
@@ -18660,6 +18857,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "innover.se", true },
{ "innovum.cz", false },
{ "innsalzachsingles.de", true },
+ { "innwan.com", true },
{ "inoa8.com", true },
{ "inobun.jp", true },
{ "inovat.ma", true },
@@ -18673,6 +18871,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "insblauehinein.nl", true },
{ "inscomers.net", true },
{ "inscripcionessena.com", true },
+ { "insecret.co.ua", true },
{ "insecret.com.ua", true },
{ "insecret.trade", true },
{ "insecure.org.je", true },
@@ -18719,6 +18918,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "instantluxe.de", true },
{ "instantluxe.it", true },
{ "instantphotocamera.com", true },
+ { "instantphotoprinter.com", true },
{ "instava.cz", true },
{ "instead.com.au", true },
{ "insteagle.com", true },
@@ -18750,6 +18950,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "integratedmedicalonline.com", true },
{ "integrateur-web-paris.com", true },
{ "integrity.gov", true },
+ { "integrityfortcollins.com", true },
{ "integrityokc.com", true },
{ "integrityoklahoma.com", true },
{ "integrogroup.com", true },
@@ -18765,20 +18966,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "intellar.com", true },
{ "intellectdynamics.com", true },
{ "intelligence-explosion.com", true },
+ { "intelligenetics.com", true },
{ "intellinetixvibration.com", true },
+ { "intellitonic.com", true },
{ "intelly.nl", true },
{ "intelly365.nl", true },
{ "intencje.pl", true },
{ "intensifyrsvp.com.au", true },
{ "inter-corporate.com", true },
{ "inter-culinarium.com", true },
- { "interabbit.com", true },
+ { "interabbit.co", true },
{ "interaffairs.com", true },
{ "interaktiva.fi", true },
{ "interasistmen.se", true },
{ "interchangedesign.com", true },
- { "intercom.com", true },
- { "intercom.io", true },
{ "interessiert-uns.net", true },
{ "interfesse.net", true },
{ "interflores.com.br", true },
@@ -18795,6 +18996,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "interlingvo.biz", true },
{ "intermax.nl", true },
{ "intermedinet.nl", true },
+ { "intern.tax", true },
{ "internalkmc.com", true },
{ "internaluse.net", true },
{ "international-arbitration-attorney.com", true },
@@ -18816,6 +19018,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "internethealthreport.org", true },
{ "internethering.de", true },
{ "internetinhetbuitengebied.nl", true },
+ { "internetmedia.si", true },
{ "internetmuseum.se", true },
{ "internetofdon.gs", true },
{ "internetoffensive.fail", true },
@@ -18844,14 +19047,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "inton.biz", true },
{ "intoparking.com", false },
{ "intpforum.com", true },
- { "intracom.com", true },
+ { "intr0.com", true },
{ "intradayseasonals.com", true },
{ "intramanager.dk", true },
{ "intranetsec-regionra.fr", true },
{ "intraobes.com", true },
{ "intrasoft.com.au", true },
{ "intraxia.com", true },
- { "introverted.ninja", true },
+ { "intrp.net", true },
{ "intune.life", true },
{ "intvonline.com", true },
{ "intxt.net", true },
@@ -18892,6 +19095,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "invisionita.com", true },
{ "invisiverse.com", true },
{ "invitacionesytarjetas.gratis", true },
+ { "invitemember.com", true },
+ { "invitescene.com", true },
{ "invitethemhome.com", true },
{ "invkao.com", true },
{ "invoiced.com", true },
@@ -18901,6 +19106,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "invuite.com", true },
{ "inwao.com", true },
{ "inwestcorp.se", true },
+ { "inxtravel.com.br", true },
{ "inzdr.com", true },
{ "inzelabs.com", true },
{ "inzestfreunde.de", true },
@@ -18910,7 +19116,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iochen.com", true },
{ "iocurrents.com", true },
{ "iodine.com", true },
- { "ioerror.us", true },
{ "iofort.com", true },
{ "iojo.net", true },
{ "ioliver.co.uk", true },
@@ -18919,6 +19124,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iomstamps.com", true },
{ "ionlabs.kr", true },
{ "ionovia.de", true },
+ { "ionspin.com", true },
{ "ionx.co.uk", true },
{ "ioover.net", true },
{ "iosartstudios.gr", true },
@@ -18953,13 +19159,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iphonekaitori.tokyo", true },
{ "iphoneunlock.nu", true },
{ "iphonote.com", true },
- { "ipid.me", true },
{ "ipintel.io", true },
- { "iplabs.de", true },
{ "iplantom.com", true },
{ "iplayradio.net", false },
{ "ipleak.net", true },
{ "ipledgeonline.org", false },
+ { "iplog.info", false },
{ "ipmonitoring.hu", true },
{ "ipo-times.jp", true },
{ "ipokabu.net", true },
@@ -18967,12 +19172,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ipop.gr", true },
{ "iposm.net", true },
{ "ipplans.com", true },
+ { "iprcenter.gov", true },
{ "ipresent.com", true },
{ "iprim.ru", true },
{ "iproducemusic.com", true },
{ "ipsec.pl", true },
{ "ipssl.li", true },
- { "ipstoragesolutions.com", true },
{ "ipstream.it", true },
{ "ipswitch.com.tw", true },
{ "iptvzoom.xyz", true },
@@ -18987,7 +19192,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ipv6.jetzt", true },
{ "ipv6vpn.net", true },
{ "ipv6wallofshame.com", true },
- { "ipv8.net", true },
{ "iqboxy.com", true },
{ "iqsmn.org", true },
{ "ir1s.com", true },
@@ -18995,7 +19199,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iranian.lgbt", true },
{ "iranianholiday.com", true },
{ "iranjeunesse.com", true },
- { "irasandi.com", true },
{ "irayo.net", true },
{ "irc-results.com", true },
{ "irdvb.com", true },
@@ -19012,12 +19215,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iriomote.com", true },
{ "iris-design.info", true },
{ "iris-insa.com", true },
+ { "irisdesideratum.com", true },
{ "irish.dating", true },
{ "irish.radio", true },
{ "irishradioplayer.radio", true },
{ "irisjieun.com", true },
{ "irkfap.com", true },
{ "irland-firma.com", true },
+ { "irmag.ru", true },
{ "irmgard-woelfle.de", true },
{ "irmgardkoch.com", true },
{ "iro-iro.xyz", true },
@@ -19062,18 +19267,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "isecrets.se", true },
{ "iservicio.mx", true },
{ "iseulde.com", true },
- { "isfff.com", true },
{ "isg-tech.com", true },
{ "isgp-studies.com", true },
{ "ishamf.com", true },
{ "ishangirdhar.com", true },
- { "ishet.al", true },
{ "ishiharaken.com", true },
+ { "ishome.org", true },
{ "ishtarfreya.com", true },
{ "isil.fi", true },
{ "isimonbrown.co.uk", true },
{ "isincheck.com", true },
{ "isinolsun.com", true },
+ { "isiso.com.tr", true },
{ "isistomie.com", true },
{ "isitchristmas.com", true },
{ "isitcoffeetime.com", true },
@@ -19108,6 +19313,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "isolta.fi", true },
{ "isolta.lv", true },
{ "isolta.se", true },
+ { "isondo.com", true },
{ "isonet.fr", true },
{ "isopres.de", true },
{ "isotope.gov", true },
@@ -19156,12 +19362,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "isyu.xyz", true },
{ "isz-berlin.de", true },
{ "isz.no", true },
- { "iszy.me", true },
{ "it-academy.sk", true },
{ "it-boss.ro", true },
{ "it-faul.de", true },
{ "it-fernau.com", true },
{ "it-jobbank.dk", true },
+ { "it-kron.de", true },
{ "it-maker.eu", true },
{ "it-rotter.de", true },
{ "it-schamans.de", true },
@@ -19176,12 +19382,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "it-support-stockholm.se", true },
{ "it-support.one", true },
{ "it-supportistockholm.se", true },
+ { "it-supportnu.se", true },
{ "it-sysoft.com", true },
{ "it-tekniker.nu", true },
{ "it-ti.me", true },
{ "it-uws.com", true },
{ "it-world.eu", true },
{ "it.search.yahoo.com", false },
+ { "it1b.com", true },
{ "itactiq.com", true },
{ "itactiq.info", true },
{ "itaiferber.net", true },
@@ -19197,6 +19405,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "itamservices.nl", true },
{ "itap.gov", true },
{ "itb-online.co.uk", true },
+ { "itbox.cl", true },
+ { "itchy.nl", true },
{ "itcko.sk", true },
{ "itdashboard.gov", true },
{ "itecor.net", true },
@@ -19204,8 +19414,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iteha.de", true },
{ "iteke.ml", true },
{ "iteke.tk", true },
+ { "iteli.eu", true },
{ "iterader.com", true },
- { "iterasoft.de", true },
+ { "iterror.co", true },
{ "itesign.de", true },
{ "itfh.eu", true },
{ "itfix.cz", true },
@@ -19218,14 +19429,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ithjalpforetag.se", true },
{ "itikon.com", true },
{ "itilo.de", true },
+ { "itinthebubble.com", true },
{ "itis.gov", true },
{ "itis4u.ch", true },
{ "itjob.ma", true },
{ "itkaufmann.at", true },
+ { "itkonsultstockholm.se", true },
{ "itlitera.com", true },
{ "itludens.com", true },
{ "itm-c.de", true },
- { "itmanie.cz", true },
{ "itmindscape.com", true },
{ "itn.co.uk", true },
{ "itneeds.tech", true },
@@ -19241,7 +19453,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "itruth.tk", true },
{ "its-future.com", true },
{ "its-gutachten.de", true },
- { "its4living.com", true },
{ "itsabouncything.com", true },
{ "itsanicedoor.co.uk", true },
{ "itsasaja.com", true },
@@ -19259,7 +19470,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "itsnotquitethehilton.com", true },
{ "itsok.de", true },
{ "itspartytimeonline.co.uk", true },
- { "itspartytimesweetinflations.com", true },
{ "itspecialista.eu", true },
{ "itspersonaltraining.nl", true },
{ "itsryan.com", true },
@@ -19312,6 +19522,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iwanttoliveinabunker.com", true },
{ "iwanttrack.com", true },
{ "iwascoding.com", true },
+ { "iwatchcops.com", true },
+ { "iwatchcops.org", true },
{ "iwch.tk", true },
{ "iwebolutions.com", true },
{ "iwell.de", true },
@@ -19335,14 +19547,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "iyuanbao.net", true },
{ "iz8mbw.net", true },
{ "izaakbeekman.com", true },
- { "izevg.ru", true },
- { "izhaojie.com", true },
{ "izodiacsigns.com", true },
{ "izuba.info", true },
{ "izumi.tv", true },
- { "izxxs.com", true },
- { "izxxs.net", true },
- { "izxzw.net", true },
{ "izzys.casa", true },
{ "j-elliott.co.uk", true },
{ "j-navi.com", true },
@@ -19355,7 +19562,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "j3e.de", true },
{ "ja-dyck.de", true },
{ "ja-gps.com.au", true },
- { "ja-publications.agency", true },
{ "ja.md", true },
{ "jaakkohannikainen.fi", true },
{ "jaalits.com", true },
@@ -19415,6 +19621,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jaion.xyz", true },
{ "jaispirit.com", false },
{ "jaitnetworking.com", false },
+ { "jajsemjachym.cz", true },
{ "jakarta.dating", true },
{ "jakdelatseo.cz", true },
{ "jake.eu.org", true },
@@ -19490,6 +19697,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jan-and-maaret.de", true },
{ "jan-bucher.ch", true },
{ "jan-hill.com", true },
+ { "jan-reiss.de", true },
{ "jan-rieger.de", true },
{ "jan-roenspies.de", true },
{ "jan-von.de", true },
@@ -19518,40 +19726,39 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "janokacer.sk", true },
{ "janschaumann.de", true },
{ "jansen-schilders.nl", true },
- { "janssenwigman.nl", true },
{ "janterpstra.eu", true },
{ "jantinaboelens.nl", true },
{ "janvari.com", true },
{ "janvaribalint.com", true },
{ "jaot.info", true },
{ "japanesemotorsports.net", true },
- { "japangids.nl", true },
{ "japaniac.de", false },
{ "japanphilosophy.com", false },
{ "japanwatches.xyz", true },
{ "japon-japan.com", true },
+ { "jar.io", true },
{ "jardin-exotique-rennes.fr", true },
{ "jardinderline.ch", true },
{ "jardineriaon.com", true },
{ "jardiniersduminotaure.fr", true },
{ "jaredeberle.org", false },
{ "jaredfernandez.com", true },
+ { "jario.com.br", true },
{ "jarniashop.se", true },
{ "jaroku.com", true },
{ "jarondl.net", true },
- { "jaroslavc.eu", true },
{ "jarrettgraham.com", true },
{ "jarroba.com", true },
{ "jas-team.net", true },
{ "jashvaidya.com", true },
- { "jasl.works", true },
{ "jasmijnwagenaar.nl", true },
{ "jasminefields.net", true },
{ "jason.re", true },
+ { "jasonadam.de", true },
{ "jasonamorrow.com", true },
{ "jasongerber.ch", true },
{ "jasonmili.online", true },
- { "jasonsansone.com", true },
+ { "jasonsplecoscichlids.com", true },
{ "jasper.link", true },
{ "jasperhammink.com", true },
{ "jasperhuttenmedia.com", true },
@@ -19561,7 +19768,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "javamilk.com", true },
{ "javierburgos.net", true },
{ "javierlorente.es", true },
- { "javik.net", true },
{ "jaxfstk.com", true },
{ "jaxxnet.co.uk", true },
{ "jaxxnet.org", true },
@@ -19569,6 +19775,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jayf.de", true },
{ "jayfreestone.com", true },
{ "jaymecd.rocks", true },
+ { "jaypandit.me", true },
{ "jayrl.com", true },
{ "jaysaw.me", true },
{ "jaytx.com", true },
@@ -19627,8 +19834,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jeannecalment.com", true },
{ "jeannelucienne.fr", true },
{ "jeanneret-combustibles.ch", true },
+ { "jec-dekrone.be", true },
+ { "jecho.cn", true },
{ "jeda.ch", true },
- { "jedayoshi.tk", true },
{ "jedepannetonordi.fr", true },
{ "jedidiah.eu", false },
{ "jedipedia.net", true },
@@ -19646,7 +19854,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jeffersonregan.com", true },
{ "jeffersonregan.net", true },
{ "jeffhaferman.com", true },
- { "jeffmcneill.com", true },
{ "jeffreyhaferman.com", true },
{ "jeffrhinelander.com", true },
{ "jeffri.me", true },
@@ -19654,6 +19861,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jefftickle.com", true },
{ "jeffwebb.com", true },
{ "jefrydco.id", true },
+ { "jefsweden.eu", true },
{ "jehovahsays.net", true },
{ "jej.cz", true },
{ "jej.sk", true },
@@ -19679,7 +19887,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jemangeducheval.com", true },
{ "jembatankarir.com", true },
{ "jemefaisdesamis.com", true },
- { "jena.space", true },
{ "jennierobinson.com", true },
{ "jenniferengerwingaantrouwen.nl", true },
{ "jennifermason.eu", true },
@@ -19688,13 +19895,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jenolson.net", true },
{ "jenprace.cz", true },
{ "jensrex.dk", true },
- { "jeparamedia.com", true },
{ "jepertinger-itconsulting.de", true },
{ "jeproteste.info", true },
{ "jeremiahbenes.com", true },
{ "jeremy-chen.org", true },
{ "jeremy.hu", true },
{ "jeremybentham.com", true },
+ { "jeremybloomfield.co.uk", true },
{ "jeremyc.ca", false },
{ "jeremycantu.com", true },
{ "jeremycrews.com", true },
@@ -19705,7 +19912,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jericamacmillan.com", true },
{ "jering.tech", true },
{ "jeroendeneef.com", true },
- { "jeroensangers.com", true },
{ "jerret.de", true },
{ "jerryweb.org", true },
{ "jerryyu.ca", true },
@@ -19739,6 +19945,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jf-fotos.de", true },
{ "jfbst.net", true },
{ "jfmhero.me", true },
+ { "jfr.im", true },
{ "jfreitag.de", true },
{ "jfsa.jp", true },
{ "jgid.de", true },
@@ -19754,15 +19961,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jhf.io", true },
{ "jhill.de", true },
{ "jhollandtranslations.com", true },
+ { "jhservicos.net.br", true },
{ "jhuang.me", true },
{ "jhwestover.com", true },
{ "jiahao.codes", true },
{ "jiangxu.site", true },
{ "jianji.de", true },
+ { "jianny.me", true },
{ "jianshu.com", true },
{ "jianyuan.pro", true },
{ "jiatingtrading.com", true },
- { "jiazhao.ga", true },
{ "jicaivvip.com", true },
{ "jichi.io", true },
{ "jichi000.win", true },
@@ -19775,7 +19983,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jimfranke.nl", true },
{ "jimizhou.xyz", true },
{ "jimmycai.com", false },
- { "jimmycn.com", false },
{ "jimmyroura.ch", true },
{ "jimshaver.net", true },
{ "jimslop.nl", true },
@@ -19790,12 +19997,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jinshuju.net", true },
{ "jintaiyang123.org", true },
{ "jiogo.com", true },
+ { "jiosongs.biz", true },
{ "jirav.com", true },
{ "jiripudil.cz", true },
{ "jirosworld.com", true },
{ "jisai.net.cn", true },
{ "jisha.site", true },
{ "jixun.moe", true },
+ { "jiyue.moe", true },
{ "jiyusu.com", true },
{ "jiyuu-ni.com", true },
{ "jiyuu-ni.net", true },
@@ -19814,7 +20023,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jkinteriorspa.com", true },
{ "jkirsche.com", true },
{ "jkrippen.com", true },
- { "jkyuan.tk", true },
{ "jl-dns.eu", true },
{ "jl-dns.nl", true },
{ "jl-exchange.nl", true },
@@ -19822,7 +20030,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jlink.nl", true },
{ "jlkhosting.com", true },
{ "jloh.codes", true },
- { "jlot.org", true },
{ "jlpn.eu", true },
{ "jlpn.nl", true },
{ "jlponsetto.com", true },
@@ -19889,6 +20096,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jockbusuttil.com", true },
{ "jockbusuttil.uk", true },
{ "jodaniels.photography", true },
+ { "jodbush.com", true },
{ "jodlajodla.si", true },
{ "joduska.me", true },
{ "jodyboucher.com", false },
@@ -19922,12 +20130,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "joestead.codes", true },
{ "joetsutj.com", true },
{ "joetyson.me", true },
- { "joeyfelix.com", true },
{ "joeygitalian.com", true },
{ "joeyhoer.com", true },
{ "joeysmith.com", true },
{ "joeyvanvenrooij.nl", true },
- { "joeyvilaro.com", true },
{ "jogi-server.de", true },
{ "jogorama.com.br", false },
{ "jogwitz.de", true },
@@ -19952,12 +20158,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "johndball.com", true },
{ "johnfulgenzi.com", true },
{ "johngallias.com", true },
- { "johngo.tk", false },
{ "johnguant.com", true },
+ { "johnhgaunt.com", true },
{ "johnkastler.net", true },
{ "johnmcc.net", true },
{ "johnmcintosh.pro", true },
{ "johnmh.me", true },
+ { "johnmichel.org", true },
{ "johnno.be", true },
{ "johnnybet.com", true },
{ "johnnybsecure.com", true },
@@ -19998,22 +20205,21 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jonasled.de", true },
{ "jonaswitmer.ch", true },
{ "jonathan-apps.com", true },
- { "jonathancarter.org", true },
{ "jonathandupree.com", true },
{ "jonathanha.as", true },
{ "jonathanj.nl", true },
{ "jonathanlara.com", true },
{ "jonathanschle.de", true },
- { "jonathanselea.se", true },
+ { "jonathanscott.me", true },
{ "jonblankenship.com", true },
{ "jondarby.com", true },
{ "jondevin.com", true },
{ "jondowdle.com", true },
{ "jonespayne.com", false },
- { "jonferwerda.net", true },
{ "jong030.nl", true },
{ "jongbloed.nl", true },
{ "jongcs.com", true },
+ { "jongpay.com", true },
{ "jonilar.com", true },
{ "jonincharacter.com", true },
{ "jonirrings.com", true },
@@ -20026,7 +20232,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jonola.com", true },
{ "jonpads.com", true },
{ "jonpavelich.com", true },
- { "jons.org", true },
{ "jonscaife.com", true },
{ "jooksms.com", true },
{ "jooksuratas.ee", true },
@@ -20046,9 +20251,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jordanscorporatelaw.com", true },
{ "jordanstrustcompany.com", true },
{ "jordhy.com", true },
+ { "jorexenterprise.com", true },
{ "jorgerosales.org", true },
{ "jorisdalderup.nl", true },
{ "jornalalerta.com.br", true },
+ { "josc.com.au", true },
{ "joscares.com", true },
{ "jose-alexand.re", true },
{ "jose-lesson.com", true },
@@ -20057,6 +20264,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "josefjanosec.com", true },
{ "josefottosson.se", true },
{ "joseitoda.org", true },
+ { "josemikkola.fi", true },
{ "josepbel.com", true },
{ "josephbleroy.com", true },
{ "josephgeorge.com.au", true },
@@ -20071,7 +20279,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "joshharmon.me", true },
{ "joshics.in", true },
{ "joshlovephotography.co.uk", true },
- { "joshpanter.com", false },
+ { "joshpanter.com", true },
{ "joshrickert.com", true },
{ "joshruppe.com", true },
{ "joshschmelzle.com", true },
@@ -20094,6 +20302,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "joynadvisors.com", true },
{ "joyofcookingandbaking.com", true },
{ "joysinventingblog.com", true },
+ { "jpbe-network.de", true },
{ "jpbe.de", true },
{ "jpdeharenne.be", true },
{ "jpeg.io", true },
@@ -20125,16 +20334,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jrtapsell.co.uk", true },
{ "jrxpress.com", true },
{ "js-web.eu", true },
- { "js3311.com", true },
{ "js8855.com", true },
- { "js93029.com", true },
{ "jschoi.org", true },
{ "jschumacher.info", true },
{ "jsd-cog.org", true },
{ "jsdelivr.com", true },
{ "jselby.net", true },
{ "jsent.co.uk", true },
- { "jsevilleja.org", true },
{ "jskier.com", false },
{ "jskoelliken.ch", true },
{ "jsmetallerie.fr", true },
@@ -20142,7 +20348,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jsnfwlr.io", true },
{ "jsonsinc.com", true },
{ "jsteward.moe", true },
- { "jtcat.com", true },
+ { "jstore.ch", true },
{ "jtconsultancy.sg", true },
{ "jthackery.com", false },
{ "jtl-software.com", true },
@@ -20189,7 +20395,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "juku-info.top", true },
{ "juku-wing.jp", true },
{ "jule-spil.dk", true },
- { "julenlanda.com", false },
{ "julian-uphoff.de", true },
{ "julian-weigle.de", true },
{ "juliangonggrijp.com", true },
@@ -20251,7 +20456,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "junglist.org", true },
{ "jungundwild-design.de", false },
{ "juni.io", true },
- { "junias-fenske.de", true },
{ "juniperroots.ca", true },
{ "junjhome.com", true },
{ "junjun-web.net", true },
@@ -20278,13 +20482,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "justgalak.org", true },
{ "justice.gov", true },
{ "justice4assange.com", true },
- { "justin-tech.com", false },
- { "justinharrison.ca", true },
+ { "justin-tech.com", true },
{ "justinho.com", true },
{ "justinmuturifoundation.org", true },
{ "justinribeiro.com", true },
{ "justinstandring.com", true },
{ "justmensgloves.com", true },
+ { "justonce.net", true },
{ "justpaste.it", true },
{ "justsmart.io", true },
{ "justsome.info", true },
@@ -20299,7 +20503,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "juusujanar.eu", true },
{ "juvenex.co", true },
{ "juwelierstoopman.nl", true },
- { "jva-wuerzburg.de", true },
{ "jvandenbroeck.com", true },
{ "jvanerp.nl", true },
{ "jvbouncycastlehire.co.uk", true },
@@ -20308,7 +20511,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jvphotoboothhire.co.uk", true },
{ "jvsticker.com", true },
{ "jvwdev.nl", true },
- { "jwallet.cc", true },
{ "jwatt.org", true },
{ "jwe.nl", true },
{ "jwilsson.com", true },
@@ -20319,6 +20521,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "jwplay.ml", true },
{ "jwschuepfheim.ch", true },
{ "jwsoft.nl", true },
+ { "jxir.de", true },
{ "jxltom.com", true },
{ "jxm.in", true },
{ "jydemarked.dk", true },
@@ -20338,7 +20541,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "k1024.org", true },
{ "k258059.net", true },
{ "k2mts.org", true },
- { "k3508.com", true },
+ { "k33k00.com", false },
{ "k3nny.fr", true },
{ "k4law.com", true },
{ "k4r.ru", true },
@@ -20354,14 +20557,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kaatha-kamrater.se", true },
{ "kab-s.de", true },
{ "kabaca.design", true },
- { "kabarlinux.id", true },
{ "kabashop.com.br", true },
{ "kabat-fans.cz", true },
{ "kabeltv.co.nz", true },
{ "kabeuchi.com", true },
{ "kaboom.pw", true },
+ { "kabos.art", true },
{ "kabu-abc.com", true },
{ "kabulpress.org", true },
+ { "kabus.org", true },
{ "kacgal.com", true },
{ "kachelfm.nl", true },
{ "kachlikova2.cz", true },
@@ -20411,14 +20615,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kaltenbrunner.it", true },
{ "kalterersee.ch", true },
{ "kalwestelectric.com", true },
+ { "kalyanmatka.guru", true },
{ "kam-serwis.pl", true },
+ { "kamata-shinkyu-seikotsu.jp", true },
+ { "kameari-za.space", true },
{ "kamikaichimaru.com", false },
{ "kamikatse.net", true },
+ { "kamilki.me", true },
{ "kaminbau-laub.de", true },
{ "kamisato-ent.com", true },
{ "kamixa.se", true },
{ "kamppailusali.fi", true },
- { "kampunginggris-ue.com", true },
{ "kamranmirhazar.com", true },
{ "kamui.co.uk", true },
{ "kan3.de", true },
@@ -20446,6 +20653,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kanis.ag", true },
{ "kankimaru.com", true },
{ "kanna.cf", true },
+ { "kannchen.de", true },
{ "kanobu.ru", true },
{ "kansaiyamamoto.jp", true },
{ "kantankye.nl", true },
@@ -20461,6 +20669,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kanzlei-oehler.com", true },
{ "kanzlei-sixt.de", true },
{ "kap-genial.de", true },
+ { "kap.pe", true },
{ "kapgy-moto.com", true },
{ "kappenstein.org", false },
{ "kapseli.net", true },
@@ -20512,7 +20721,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kartonmodellbau.org", true },
{ "karula.org", true },
{ "karupp-did.net", true },
- { "kasadara.com", true },
{ "kasei.im", true },
{ "kashinavi.com", true },
{ "kashmirobserver.net", true },
@@ -20526,6 +20734,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kat.marketing", true },
{ "katagena.com", true },
{ "katalogbajugamismu.com", true },
+ { "katarsisuib.no", true },
{ "katata-kango.ac.jp", true },
{ "katcleaning.com.au", true },
{ "katedra.de", true },
@@ -20541,6 +20750,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "katieskandy.co.uk", true },
{ "katieskastles.co.uk", true },
{ "katja-und-ronny.de", true },
+ { "katjavoneysmondt.de", true },
{ "katka.info", true },
{ "katnunn.co.uk", true },
{ "kato-yane.com", true },
@@ -20556,7 +20766,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kaufberatung.community", true },
{ "kaufmanbankruptcylaw.com", true },
{ "kavovary-kava.cz", true },
- { "kawaii.io", true },
+ { "kawaiii.link", true },
{ "kaweus.de", true },
{ "kay.la", true },
{ "kayakabovegroundswimmingpools.com", true },
@@ -20569,6 +20779,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kazekprzewozy.pl", true },
{ "kazu.click", true },
{ "kazuhirohigashi.com", true },
+ { "kazumi.ooo", true },
{ "kazumi.ro", true },
{ "kazy111.info", true },
{ "kb3.net", true },
@@ -20613,7 +20824,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kedv.es", true },
{ "keeleysam.com", true },
{ "keelove.net", true },
- { "keematdekho.com", true },
{ "keengamer.com", true },
{ "keepa.com", true },
{ "keeperapp.com", true },
@@ -20621,6 +20831,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "keepersecurity.com", true },
{ "keepingtheplot.co.uk", true },
{ "keepiteasy.eu", true },
+ { "keepsight.org.au", true },
{ "keevitaja.com", true },
{ "keeweb.info", true },
{ "keezin.ga", true },
@@ -20651,7 +20862,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kellyskastles.co.uk", true },
{ "kellyssportsbarandgrill.com", true },
{ "kelsa.io", true },
- { "kelvinfichter.com", true },
+ { "kelvinfichter.com", false },
{ "kemmerer-net.de", true },
{ "kempkens.io", true },
{ "kempo-sissach.ch", true },
@@ -20660,7 +20871,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kemptown.net", true },
{ "ken.fm", true },
{ "kenalsworld.com", true },
- { "kenbillionsyuan.tk", true },
{ "kenbonny.net", true },
{ "kengilmour.com", true },
{ "kenguntokku.jp", true },
@@ -20687,6 +20897,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "keops-spine.fr", true },
{ "keops-spine.us", true },
{ "kepkonyvtar.hu", true },
+ { "keponews.com", true },
{ "keralit.nl", true },
{ "kerebro.com", true },
{ "kerforhome.com", true },
@@ -20696,6 +20907,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kermadec.net", true },
{ "kernel-error.de", true },
{ "kernelpanics.nl", true },
+ { "kernelprogrammer.com", true },
{ "kerrfrequencycombs.org", true },
{ "kerrnel.com", true },
{ "kersbergen.nl", true },
@@ -20721,8 +20933,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kevinbowers.me", true },
{ "kevinbusse.de", true },
{ "kevincox.ca", false },
+ { "kevinfoley.cc", true },
+ { "kevinfoley.org", true },
{ "kevingsky.com", true },
- { "kevinheslinphoto.com", true },
{ "kevinhill.nl", true },
{ "kevinhq.com", true },
{ "kevinkla.es", true },
@@ -20749,8 +20962,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "keylaserinstitute.com", true },
{ "keylength.com", true },
{ "keymach.com", true },
- { "keypersonins.com", true },
{ "keys.jp", true },
+ { "keys247.co.uk", true },
{ "keystoneok.com", false },
{ "keysupport.org", true },
{ "keywebdesign.nl", true },
@@ -20758,10 +20971,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kfassessment.com", true },
{ "kffs.ru", true },
{ "kfirba.me", true },
- { "kfm.ink", true },
{ "kforesund.se", true },
{ "kfv-kiel.de", false },
{ "kfz-hantschel.de", true },
+ { "kg7.pl", true },
{ "kgm-irm.be", true },
{ "kgnk.ru", true },
{ "kgv-schlauroth.de", true },
@@ -20773,7 +20986,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "khetzal.info", true },
{ "khipu.com", true },
{ "khlee.net", true },
- { "khmb.ru", true },
+ { "khmb.ru", false },
{ "khoury-dulla.ch", true },
{ "khs1994.com", true },
{ "khslaw.com", true },
@@ -20793,6 +21006,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kickedmycat.com", true },
{ "kickstart.com.pk", false },
{ "kicou.info", true },
+ { "kidaptive.com", true },
{ "kiddieschristian.academy", true },
{ "kiddyboom.ua", true },
{ "kids-at-home.ch", true },
@@ -20815,17 +21029,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kiekin.org", true },
{ "kiekko.pro", true },
{ "kiel-kind.de", true },
- { "kieran.ie", true },
- { "kieranjones.uk", true },
{ "kiesuwkerstkaart.nl", true },
{ "kiffmarks.com", true },
{ "kigmbh.com", true },
{ "kiisu.club", true },
{ "kikbb.com", true },
{ "kiki-voice.jp", true },
- { "kikimilyatacado.com.br", true },
{ "kiku.pw", true },
- { "kilerd.me", true },
{ "kilianvalkhof.com", true },
{ "killaraapartments.com.au", true },
{ "killdeer.com", true },
@@ -20838,6 +21048,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kilogram.nl", true },
{ "kilometertje.nl", true },
{ "kimamass.com", true },
+ { "kimbal.co.uk", true },
{ "kimdumaine.com", true },
{ "kimiris.com", true },
{ "kimis.gr", true },
@@ -20921,13 +21132,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kirkforillinois.com", true },
{ "kirkify.com", true },
{ "kirkovsky.com", true },
+ { "kirrie.pe.kr", true },
{ "kirsch-gestaltung.de", true },
{ "kirschbaum.me", true },
{ "kirslis.com", true },
{ "kirstenbos.ca", true },
{ "kirstin-peters.de", true },
{ "kirwandigital.com", true },
- { "kis-toitoidixi.de", true },
{ "kisallatorvos.hu", true },
{ "kisalt.im", true },
{ "kisel.org", true },
@@ -20937,7 +21148,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kissflow.com", true },
{ "kissgyms.com", true },
{ "kissmycreative.com", true },
- { "kissoft.ro", true },
{ "kitabnamabayi.com", true },
{ "kitacoffee.com", true },
{ "kitbag.com.au", true },
@@ -20971,7 +21181,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kjellner.com", true },
{ "kjelltitulaer.com", true },
{ "kjellvn.net", true },
- { "kjg-ummeln.de", true },
{ "kk-neudorf-duissern.de", false },
{ "kkaefer.com", true },
{ "kki.org", true },
@@ -21001,7 +21210,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kleaning.by", true },
{ "klebeband.eu", true },
{ "klebetape.de", true },
- { "kleding.website", true },
{ "kledingrekken.nl", false },
{ "kleim.fr", true },
{ "kleinblogje.nl", false },
@@ -21017,6 +21225,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kleinreich.de", true },
{ "kleinsys.com", true },
{ "kleintransporte.net", true },
+ { "klemkow.net", true },
+ { "klemkow.org", true },
{ "kleppe.co", true },
{ "kleteckova.cz", true },
{ "klicke-gemeinsames.de", true },
@@ -21029,9 +21239,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "klimchuk.by", true },
{ "klimchuk.com", true },
{ "klingenundmesser.com", true },
+ { "klinik-fuer-aesthetische-zahnheilkunde.de", true },
{ "klinikac.co.id", false },
{ "klinkenberg.ws", true },
- { "klinkerstreet.com.ua", false },
{ "klm-huisjes.nl", true },
{ "klmhouses.com", true },
{ "klocker-ausserlechner.com", true },
@@ -21064,13 +21274,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kndrd.io", true },
{ "kneblinghausen.de", true },
{ "knechtology.com", true },
+ { "knegten-agilis.com", true },
{ "knep.me", true },
{ "knetterbak.nl", true },
{ "kngk-group.ru", true },
{ "kngk-transavto.ru", true },
{ "kngk.org", true },
{ "kngkng.com", true },
- { "kniga.market", false },
{ "knight-industries.org", true },
{ "knightsblog.de", true },
{ "knightsbridge.net", true },
@@ -21087,9 +21297,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "knowarth.com", true },
{ "knowledgeforce.com", true },
{ "knowlevillagecc.co.uk", true },
+ { "knowyourday.ai", true },
{ "knthost.com", true },
{ "knurps.de", true },
- { "knuthildebrandt.de", true },
+ { "knuthildebrandt.de", false },
{ "knutur.is", true },
{ "knygos.lt", true },
{ "ko-sys.com", true },
@@ -21114,10 +21325,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "koe.hn", true },
{ "koebbes.de", true },
{ "koecollege.com", true },
- { "koehn.com", true },
- { "koelbli.ch", true },
{ "koelnmafia.de", true },
- { "koenen-bau.de", true },
{ "koenigsbrunner-tafel.de", true },
{ "koenleemans.nl", true },
{ "koenrouwhorst.nl", true },
@@ -21153,12 +21361,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kokona.ch", true },
{ "kokumoto.com", true },
{ "kolania.de", true },
+ { "kolania.net", true },
{ "kolbeinsson.se", true },
{ "kolcsey.eu", true },
{ "koldanews.com", true },
{ "kolin.org", true },
{ "kolizaskrap.bg", true },
{ "kolja-engelmann.de", true },
+ { "koljakrekow.de", true },
{ "kolkataflowermall.com", true },
{ "kollect.ie", true },
{ "kollega.it", true },
@@ -21171,7 +21381,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "koluke.com", true },
{ "komall.net", true },
{ "komandakovalchuk.com", false },
- { "kombidorango.com.br", true },
{ "komelin.com", true },
{ "komenamanda.de", true },
{ "komicloud.com", true },
@@ -21192,11 +21401,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kondi.net", true },
{ "kondou-butsudan.com", true },
{ "kongar.org", true },
+ { "kongsecuritydata.com", true },
{ "koniecfica.sk", true },
{ "konijntjes.nl", true },
{ "koningskwartiertje.nl", true },
{ "koninkrijk.net", true },
- { "konkai.store", true },
{ "konklone.com", true },
{ "konoe.studio", true },
{ "konosuke.jp", true },
@@ -21207,7 +21416,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kontaxis.org", true },
{ "kontorhaus-schlachte.de", true },
{ "kontorhaus-stralsund.de", true },
- { "kontrolapovinnosti.cz", true },
{ "konventa.net", true },
{ "konyalian.com", true },
{ "konzertheld.de", true },
@@ -21229,9 +21437,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "koptev.ru", true },
{ "kopteva.ru", true },
{ "korben.info", true },
+ { "korea-dpr.org", true },
{ "korea.dating", true },
{ "koreaboo.com", true },
- { "koretech.nl", true },
{ "korinar.com", true },
{ "kornrunner.net", true },
{ "korobi.io", true },
@@ -21244,8 +21452,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kortgebyr.dk", true },
{ "kortic.com", true },
{ "koryfi.com", true },
+ { "kos4all.com", true },
{ "kosaki.moe", true },
{ "koscielniak-nieruchomosci.pl", true },
+ { "kosherjava.com", true },
{ "kosho.org", true },
{ "kosonaudioteca.com", true },
{ "kost-magazin.de", true },
@@ -21274,7 +21484,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kovals.sk", true },
{ "kovehitus.ee", true },
{ "kovspace.com", true },
- { "kovuthehusky.com", true },
{ "kowalmik.tk", true },
{ "kowalstwo.com.pl", true },
{ "kowarschick.de", true },
@@ -21309,6 +21518,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kralovstvimap.cz", true },
{ "kram.nz", true },
{ "krambeutel.de", true },
+ { "kramer-edelstahl.de", true },
{ "krampus-fischamend.at", true },
{ "kramsj.uk", true },
{ "krang.org.uk", true },
@@ -21350,6 +21560,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "krislamoureux.com", true },
{ "krismurray.co.uk", true },
{ "krisstarkey.co.uk", true },
+ { "kristall-energie.at", true },
{ "kristenpaigejohnson.com", true },
{ "kristiehill.com", true },
{ "kristikala.nl", true },
@@ -21376,6 +21587,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "krumberconsulting.com", true },
{ "krupa.net.pl", false },
{ "kruselegal.com.au", true },
+ { "krusesec.com", true },
{ "krutka.cz", true },
{ "kruu.de", true },
{ "kruzhki-s-kartinkami.ru", true },
@@ -21386,22 +21598,25 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "krypsys.com", true },
{ "krypt.com", true },
{ "kryptera.se", true },
+ { "kryptomech.com", true },
{ "krytykawszystkiego.com", true },
{ "krytykawszystkiego.pl", true },
{ "kryx.de", true },
{ "ks-watch.de", true },
+ { "ks88.com", true },
{ "kschv-rdeck.de", true },
{ "kselenia.ee", true },
{ "ksero.center", true },
{ "ksero.wroclaw.pl", true },
{ "ksham.net", true },
{ "kshlm.in", true },
- { "kspg.tv", true },
+ { "ksmmmo.org.tr", true },
{ "kssk.de", true },
{ "ksukelife.com", true },
{ "kt-zoe.com", true },
{ "ktbnetbank.com", true },
{ "kthnxbai.xyz", true },
+ { "ktm-troxler.de", true },
{ "kts-thueringen.de", true },
{ "ktsee.eu.org", true },
{ "ktsofas.gr", true },
@@ -21427,6 +21642,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kucnibudzet.com", true },
{ "kucukayvaz.com", true },
{ "kudo.co.id", true },
+ { "kueche-co.de", false },
{ "kuechenprofi-group.de", false },
{ "kuehndel.org", true },
{ "kuehnel-bs.de", true },
@@ -21455,6 +21671,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kunstdrucke-textildruck.de", true },
{ "kunstundunrat.de", true },
{ "kuoruan.com", true },
+ { "kupaa.ink", true },
{ "kupferstichshop.com", true },
{ "kupid.com", true },
{ "kupiec.eu.org", true },
@@ -21463,7 +21680,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kuponrazzi.com", true },
{ "kuponydoher.cz", true },
{ "kupschke.net", true },
- { "kurashino-mall.com", true },
+ { "kurniadwin.to", true },
{ "kuro.link", true },
{ "kurofuku.me", true },
{ "kuroha.co.uk", true },
@@ -21492,6 +21709,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kvalitnitesneni.cz", true },
{ "kvantel.no", true },
{ "kvcc.com.au", true },
+ { "kvestmaster.ru", true },
{ "kvetinymilt.cz", true },
{ "kvhile.com", true },
{ "kvilt.dk", true },
@@ -21503,12 +21721,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kwcolville.com", true },
{ "kwedo.com", true },
{ "kwench.com", true },
+ { "kwok.cc", true },
{ "kwoll.de", true },
{ "kwyxz.org", true },
{ "kx197.com", true },
{ "kxah35.com", true },
{ "kxline.com", true },
- { "kxnrl.com", false },
+ { "kxnrl.com", true },
{ "kxway.com", true },
{ "kybi.sk", true },
{ "kydara.com", true },
@@ -21521,6 +21740,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kyobostory-events.com", true },
{ "kyoko.org", true },
{ "kyosaku.org", true },
+ { "kyoto-k9.com", false },
{ "kyoto-mic.com", true },
{ "kyoto-tomikawa.jp", true },
{ "kyoto-tomoshibi.jp", true },
@@ -21532,10 +21752,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "kz.search.yahoo.com", false },
{ "kzar.co.uk", true },
{ "kzsdabas.hu", true },
+ { "l-atelier-c.com", true },
{ "l-lab.org", true },
{ "l0re.com", true },
{ "l17r.eu", true },
{ "l2guru.ru", true },
+ { "l3.ee", true },
{ "l33te.net", true },
{ "l4n-clan.de", true },
{ "l7plumbing.com.au", true },
@@ -21561,6 +21783,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "labanskollermark.se", true },
{ "labcenter.com", true },
{ "labcoat.jp", true },
+ { "labeled.vn", true },
{ "labms.com.au", true },
{ "labobooks.com", true },
{ "laboitebio-logique.ca", true },
@@ -21573,6 +21796,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "labrat.mobi", false },
{ "labspack.com", true },
{ "labtest.ltd", true },
+ { "lacaey.se", true },
{ "lacantine.xyz", true },
{ "lacaserita.org", true },
{ "lacaveducinquantenaire.com", true },
@@ -21598,7 +21822,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lacyc3.eu", true },
{ "ladbroke.net", true },
{ "ladenzeile.at", true },
- { "ladenzeile.de", true },
{ "ladislavbrezovnik.com", true },
{ "ladraiglaan.com", true },
{ "lady-2.jp", true },
@@ -21609,9 +21832,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "laextra.mx", true },
{ "lafayette-rushford.com", true },
{ "lafcheta.info", true },
+ { "lafema.de", true },
{ "lafillepolyvalente.ca", true },
{ "lafillepolyvalente.com", true },
- { "lafka.org", true },
{ "lafkor.de", true },
{ "laflash.com", true },
{ "lagarderob.ru", false },
@@ -21653,26 +21876,29 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lakeshowlife.com", true },
{ "lakewoodcityglass.com", true },
{ "lakhesis.net", true },
+ { "lakkt.de", true },
{ "lakonia.com.br", true },
{ "lalalab.com", true },
{ "lalaya.fr", true },
{ "laled.ch", true },
+ { "lalingua.ir", true },
{ "lalucioledigitale.com", true },
{ "lalunecreative.com", true },
{ "lalyre-corcelles.ch", true },
- { "lamaisondelatransformationculturelle.com", true },
{ "lamakat.de", true },
- { "lamanwebinfo.com", true },
{ "lamapoll.de", true },
{ "lamarieealhonneur.com", false },
{ "lambauer.com", true },
+ { "lambdaof.xyz", true },
{ "lambertshealthcare.co.uk", true },
{ "lamboo.be", true },
{ "lamclam.site", true },
+ { "lamconnect.com", true },
{ "lame1337.xyz", true },
{ "lamed.se", true },
{ "lamikvah.org", true },
{ "laminine.info", true },
+ { "lammersmarketing.com", true },
{ "lamontre.ru", true },
{ "lamp.re", false },
{ "lamp24.se", true },
@@ -21686,14 +21912,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lampenwelt.ch", true },
{ "lampenwelt.de", true },
{ "lampposthomeschool.com", true },
+ { "lampsh.ml", true },
{ "lampy.pl", true },
{ "lamunyon.com", true },
{ "lan.biz.tr", true },
+ { "lana.swedbank.se", true },
{ "lanahallen.com", true },
{ "lanbroa.eu", true },
{ "lancashirecca.org.uk", true },
{ "lancejames.com", true },
{ "lancelafontaine.com", true },
+ { "lancelhoff.com", true },
+ { "lancemanion.com", true },
{ "lanceyip.com", true },
{ "lancyvbc.ch", true },
{ "land.nrw", false },
@@ -21741,9 +21971,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "languageterminal.com", true },
{ "langworth.com", true },
{ "langzijn.nl", true },
- { "lanhhuyet510.tk", true },
{ "lanna.io", true },
- { "lannainnovation.com", true },
{ "lanodan.eu", true },
{ "lanostrasalute.it", true },
{ "lanre.org", true },
@@ -21764,6 +21992,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lapetition.be", true },
{ "lapicena.eu", true },
{ "lapidge.net", true },
+ { "lapix.com.co", true },
{ "laplacesicherheit.de", true },
{ "laplanetebleue.com", true },
{ "lapolla.com", true },
@@ -21788,6 +22017,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lariscus.eu", true },
{ "larky.top", true },
{ "larondinedisinfestazione.com", true },
+ { "larotayogaming.com", true },
{ "larptreff.de", true },
{ "larraz.es", true },
{ "larryli.cn", true },
@@ -21806,7 +22036,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lasavonnerieducroisic.fr", true },
{ "lascana.co.uk", true },
{ "lasereyess.net", true },
- { "laserfuchs.de", true },
{ "laserpc.net", true },
{ "laserplaza.de", true },
{ "laserplaza.net", true },
@@ -21822,8 +22051,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lasseleegaard.dk", true },
{ "lasseleegaard.net", true },
{ "lasseleegaard.org", true },
- { "lassesworld.com", true },
- { "lassesworld.se", true },
{ "lastbutnotyeast.com", true },
{ "lastchancetraveler.com", true },
{ "lastharo.com", true },
@@ -21842,11 +22069,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lateralsecurity.com", true },
{ "latestbuy.com.au", true },
{ "latestdeals.co.uk", true },
- { "latiendadelbebefeliz.com", true },
{ "latiendauno.com", true },
{ "latiendawapa.com", true },
+ { "latinmusicrecords.com", true },
{ "latino.dating", true },
- { "latinphone.com", true },
{ "latintoy.com", true },
{ "latitudesign.com", true },
{ "latremebunda.com", true },
@@ -21856,7 +22082,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "laubacher.io", true },
{ "lauchundei.at", true },
{ "lauensteiner.de", false },
- { "laufers.pl", true },
{ "laufpix.de", true },
{ "lauftreff-himmelgeist.de", true },
{ "laughinggrapepublishing.com", true },
@@ -21866,6 +22091,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "launchmylifend.com", true },
{ "launchpad-app2.com", true },
{ "launchpadder2.com", true },
+ { "laupv.online", true },
{ "lauraandwill.wedding", false },
{ "lauraenvoyage.fr", true },
{ "laurakashiwase.com", true },
@@ -21874,6 +22100,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "laurelblack.com", true },
{ "laurenceplouffe.com", true },
{ "laurenlobue.com", true },
+ { "laurensvanderblom.nl", true },
{ "lauriemilne.com", true },
{ "lauriuc.sk", true },
{ "lausannedentiste.ch", true },
@@ -21930,7 +22157,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lbmblaasmuziek.nl", true },
{ "lbphacker.pw", true },
{ "lbs-logics.com", true },
- { "lbsi-nordwest.de", true },
{ "lbux.org", true },
{ "lc-cs.com", false },
{ "lc-promiss.de", true },
@@ -21938,15 +22164,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lca.gov", true },
{ "lcacommons.gov", true },
{ "lcars-sv.info", true },
- { "lcbizsolutions.com", true },
{ "lce-events.com", true },
{ "lcgaj.com", true },
{ "lcht.ch", false },
{ "lcrmscp.gov", true },
- { "lcy.cat", true },
- { "lcy.im", true },
+ { "lcy.im", false },
{ "lcy.moe", true },
- { "lcybox.com", true },
{ "ld-begunjscica.si", true },
{ "ldc.com.br", false },
{ "ldjb.jp", true },
@@ -21976,6 +22199,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "leadingsalons.com", true },
{ "leadplan.ru", true },
{ "leadquest.nl", true },
+ { "leaf-consulting.de", true },
{ "leafandseed.co.uk", true },
{ "leafans.tk", false },
{ "leafinote.com", true },
@@ -21986,7 +22210,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "leanplando.com", true },
{ "leap-it.be", true },
{ "leapandjump.co.uk", true },
- { "learn-smart.uk", true },
{ "learndev.info", true },
{ "learnflakes.net", true },
{ "learnforestry.com", true },
@@ -22041,6 +22264,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "leerliga.de", true },
{ "leertipp.de", true },
{ "leesilvey.com", true },
+ { "leet2.com", true },
{ "leetcode.com", true },
{ "leetcode.net", true },
{ "leetgamers.asia", true },
@@ -22075,7 +22299,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "legrandvtc.fr", true },
{ "legumeinfo.org", true },
{ "lehighmathcircle.org", true },
+ { "lehmitz-weinstuben.de", true },
{ "lehti-tarjous.net", true },
+ { "leibniz-gymnasium-altdorf.de", true },
{ "leibniz-remscheid.de", false },
{ "leideninternationalreview.com", true },
{ "leilautourdumon.de", true },
@@ -22085,7 +22311,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "leipziger-triathlon.de", true },
{ "leisure-blog.com", true },
{ "leisure-supplies-show.co.uk", true },
- { "leiyun.me", true },
{ "lejardindesmesanges.fr", true },
{ "lektier.cf", true },
{ "lel.ovh", true },
@@ -22095,11 +22320,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lemni.top", true },
{ "lemoine.at", true },
{ "lemondenumerique.com", true },
+ { "lemondrops.xyz", true },
{ "lemonlawnow.com", true },
{ "lemonop.com", true },
{ "lemonparty.co", true },
{ "lemonrockbiketours.com", true },
- { "lemonthy.ca", true },
{ "lemonthy.com", true },
{ "lemouillour.fr", true },
{ "lemuslimpost.com", true },
@@ -22130,11 +22355,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "leominstercu.com", false },
{ "leon-tech.com", true },
{ "leon.net", true },
- { "leonauto.de", true },
{ "leonax.net", true },
{ "leonbuitendam.nl", true },
{ "leondenard.com", true },
{ "leonklingele.de", true },
+ { "leonmahler.consulting", true },
{ "leontiekoetter.de", true },
{ "leopoldina.net", true },
{ "leovanna.co.uk", true },
@@ -22146,6 +22371,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "leppis-it.de", true },
{ "lepsos.com", true },
{ "lequerceagriturismo.com", true },
+ { "lequest.dk", true },
{ "lereporter.ma", true },
{ "leretour.ch", true },
{ "lerku.com", true },
@@ -22164,12 +22390,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lesarts.com", true },
{ "lesberger.ch", true },
{ "lesbrillantsdaristide.com", true },
- { "lescourtiersbordelais.com", true },
{ "leseditionsbraquage.com", true },
{ "lesfilmsavivre.com", true },
{ "lesgoodnews.fr", true },
- { "leshervelines.com", true },
{ "lesjardinsdemathieu.net", true },
+ { "lesjardinsdubanchet.fr", true },
{ "lesmamy.ch", true },
{ "lesmontagne.net", true },
{ "lesnet.co.uk", true },
@@ -22177,6 +22402,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lespecialiste-pradelexcellence.com", true },
{ "lesplatanes.ch", true },
{ "lespret.nl", true },
+ { "lesquerda.cat", false },
{ "lesscloud.com", true },
{ "lessets-graphiques.com", true },
{ "lessis.moe", true },
@@ -22184,8 +22410,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lesterrassesdusoleil.ch", true },
{ "lesyndicat.info", true },
{ "letemps.ch", true },
+ { "letertrefleuri.com", true },
{ "leto12.xyz", true },
- { "letraba.com", true },
{ "letranif.net", true },
{ "lets-bounce.com", true },
{ "lets-go-acoustic.de", true },
@@ -22214,6 +22440,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "leuthardtfamily.com", true },
{ "levans.fr", true },
{ "levanscatering.com", true },
+ { "level-10.de", true },
{ "levelaccordingly.com", true },
{ "levelcheat.com", true },
{ "levelonetrainingandfitness.com", true },
@@ -22224,6 +22451,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "leverj.io", true },
{ "levermann.eu", true },
{ "leviaan.nl", true },
+ { "leviathan-studio.com", true },
{ "levineteamestates.com", true },
{ "levinus.de", true },
{ "leviscop.com", true },
@@ -22240,7 +22468,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lexicography.online", true },
{ "lexpierce.social", true },
{ "lexway.pk", true },
- { "lexxyn.nl", true },
{ "leymaritima.com", true },
{ "lezard-com.fr", true },
{ "lfashion.eu", true },
@@ -22259,8 +22486,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lhajn.cz", true },
{ "lhakustik.se", true },
{ "lhalbert.xyz", true },
- { "lhamaths.online", true },
+ { "lhamaths.online", false },
{ "lhconsult.tk", false },
+ { "lhero.org", true },
{ "lhgavarain.com", true },
{ "lhost.su", true },
{ "li-ke.co.jp", true },
@@ -22275,10 +22503,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lianye4.cc", true },
{ "lianye5.cc", true },
{ "lianye6.cc", true },
+ { "liautard.fr", true },
{ "lib64.net", true },
{ "libbitcoin.org", true },
{ "libble.eu", true },
{ "liberapay.com", true },
+ { "liberation2020.com", true },
{ "liberdademg.com.br", true },
{ "libgame.com", true },
{ "libmpq.org", true },
@@ -22297,6 +22527,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "libreduca.com", true },
{ "librelamp.com", true },
{ "libremail.nl", true },
+ { "librends.org", true },
{ "libreoffice-from-collabora.com", true },
{ "libreofficefromcollabora.com", true },
{ "librervac.org", true },
@@ -22336,14 +22567,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lieuu.com", true },
{ "lifanov.com", true },
{ "life-emotions.pt", true },
+ { "life-like.com", true },
{ "lifeartstudios.net", true },
{ "lifebetweenlives.com.au", true },
{ "lifeboxhealthcare.co.uk", true },
{ "lifecism.com", true },
{ "lifeenrichmentnc.com", true },
+ { "lifefoto.de", true },
{ "lifegrip.com.au", true },
{ "lifeinhex.com", true },
{ "lifeinsurancepro.org", true },
+ { "lifeisabug.com", true },
+ { "lifekiss.ru", true },
{ "lifelenz.com", true },
{ "lifematenutrition.com", true },
{ "lifemstyle.com", true },
@@ -22351,18 +22586,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lifequotes-uk.co.uk", true },
{ "lifereset.it", true },
{ "lifesafety.com.br", true },
- { "lifestyle7788.com", true },
{ "lifestylecent.com", true },
{ "lifestylefinancial.ca", true },
{ "lifetree.network", true },
+ { "lifeupgame.fr", true },
{ "lifi.digital", true },
{ "lifi.is", true },
+ { "lift-wise.com", true },
{ "liftie.info", true },
{ "ligadosgames.com", true },
{ "light-up.xyz", true },
{ "light.mail.ru", true },
{ "lightbox.co", true },
- { "lightdark.xyz", true },
{ "lightdream.tech", true },
{ "lighting-centres.co.uk", true },
{ "lightingagoura.com", true },
@@ -22423,7 +22658,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "limawi.io", true },
{ "limberg.me", true },
{ "limbo.services", true },
- { "limeburst.net", true },
{ "limelabs.de", true },
{ "limelabs.io", true },
{ "limeres.com", true },
@@ -22451,13 +22685,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lindeskar.se", true },
{ "lindholmen.club", true },
{ "lindnerhof-taktik.de", true },
- { "lindnerhof.info", true },
{ "lindo.ru", true },
{ "lindon.pw", true },
{ "lindsayanderson.com", true },
{ "lindsaygorski.com", true },
{ "lindskogen.se", true },
{ "lindy.co", false },
+ { "line-wise.com", true },
{ "line.biz", true },
{ "line.co.nz", true },
{ "lineageos.org", true },
@@ -22472,6 +22706,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "linguatrip.com", false },
{ "lingvo-svoboda.ru", true },
{ "linherest.tk", true },
+ { "linhua.org", true },
{ "link-sanitizer.com", true },
{ "link2serve.com", true },
{ "linkat4.cz", true },
@@ -22482,6 +22717,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "linklocker.co", true },
{ "linkmaker.co.uk", true },
{ "linkmauve.fr", true },
+ { "linkopia.com", true },
{ "linkstream.live", true },
{ "linkthis.me", true },
{ "linkthis.ml", true },
@@ -22491,6 +22727,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "linkycat.com", true },
{ "linode.com", false },
{ "linost.com", true },
+ { "linpx.com", true },
{ "linqhost.nl", true },
{ "linss.com", true },
{ "lintellift.com", true },
@@ -22503,7 +22740,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "linux.cn", true },
{ "linux.conf.au", true },
{ "linux.fi", true },
- { "linux.im", true },
{ "linux.pizza", true },
{ "linux3.org", true },
{ "linuxadictos.com", true },
@@ -22523,7 +22759,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "linx.net", true },
{ "linzgau.de", true },
{ "linzyjx.com", true },
- { "lionhosting.nl", true },
+ { "lionlyrics.com", true },
{ "lionsdeal.com", true },
{ "lipartydepot.com", true },
{ "lipex.com", true },
@@ -22572,6 +22808,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "littleboutiqueshop.co.uk", true },
{ "littleboutiqueshop.com", true },
{ "littleboutiqueshop.uk", true },
+ { "littledev.nl", true },
{ "littlefairy.no", true },
{ "littlefamilyadventure.com", true },
{ "littlegreece.ae", true },
@@ -22585,6 +22822,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "littleredsbakeshop.com", true },
{ "littlericket.me", false },
{ "littlescallywagsplay.co.uk", true },
+ { "littleskin.cn", true },
{ "littleswitch.co.jp", true },
{ "littlewatcher.com", true },
{ "litvideoserver.de", true },
@@ -22596,6 +22834,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "liul.in", true },
{ "liupeicheng.top", true },
{ "liv3d.stream", true },
+ { "livaniaccesorios.com", true },
{ "live4k.media", false },
{ "livebandphotos.com", true },
{ "livebetterwith.com", true },
@@ -22608,6 +22847,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "livedesign24.de", true },
{ "liveflightapp.com", true },
{ "liveforspeed.se", true },
+ { "livehomecams.co.uk", true },
{ "livekaarten.be", true },
{ "livekaarten.nl", true },
{ "livekarten.at", true },
@@ -22647,7 +22887,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "livnev.xyz", true },
{ "livolett.de", true },
{ "livres-et-stickers.com", true },
- { "livroseuniformes.com.br", true },
{ "lixiaoyu.live", true },
{ "lixtick.com", true },
{ "liyang.pro", false },
@@ -22655,12 +22894,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "liyunbin.com", true },
{ "liz.ee", true },
{ "lizardsystems.com", true },
+ { "lizheng.de", true },
{ "lizhi.io", true },
{ "lizhi123.net", true },
{ "lizmooredestinationweddings.com", true },
{ "lizzaran.io", true },
{ "lizzwood.com", true },
- { "ljason.cn", true },
{ "ljc.ro", true },
{ "ljs.io", true },
{ "ljskool.com", true },
@@ -22681,16 +22920,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lmbyrne.com", true },
{ "lmcm.io", true },
{ "lmddgtfy.net", true },
- { "lmerza.com", true },
{ "lmintlcx.com", true },
{ "lmmi.nl", true },
{ "lmmtfy.io", true },
{ "lmsptfy.com", true },
{ "lmtls.me", true },
{ "lmtm.eu", true },
+ { "lmtravis.com", true },
{ "lng-17.org", true },
{ "lnhequipmentltd.com", true },
- { "lnmp.me", true },
{ "lntu.org", true },
{ "lnx.li", true },
{ "lnyltx.cn", true },
@@ -22715,13 +22953,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "localblock.co.za", true },
{ "localbouncycastle.com", true },
{ "localdecor.com.br", true },
+ { "localea.com", true },
{ "localethereum.com", true },
{ "localhorst.duckdns.org", true },
- { "localhorst.xyz", true },
{ "localhost.ee", true },
{ "localprideart.com", true },
+ { "localsource.eu", true },
{ "localspot.pl", true },
{ "locapos.com", true },
+ { "location-fichier-email.com", true },
{ "locationvoitureallemagne.com", true },
{ "locationvoitureangleterre.com", true },
{ "locationvoitureaustralie.com", true },
@@ -22732,6 +22972,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "locatorplus.gov", true },
{ "locauxrama.fr", true },
{ "locker.plus", true },
+ { "locklock.com.br", true },
+ { "locklockbrasil.com.br", true },
+ { "locknlock.com.br", true },
+ { "locknlockbrasil.com.br", true },
{ "lockpick.nl", true },
{ "lockpicks.se", true },
{ "lockr.io", true },
@@ -22833,17 +23077,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lojasceletro.com.br", true },
{ "lojaterrazul.com.br", true },
{ "lojavirtualfc.com.br", true },
- { "lojavirtualfct.com.br", true },
{ "lojavisamed.com.br", true },
{ "lojix.com", true },
{ "lojj.pt", true },
{ "lok.space", true },
{ "lokaal.org", true },
+ { "loker.id", true },
{ "loket.nl", true },
{ "lolcorp.pl", true },
{ "lolcow.farm", true },
+ { "lolhax.org", true },
+ { "loli.ee", true },
{ "loli.net", true },
{ "loli.pet", true },
+ { "loli.ski", true },
{ "loli.tube", true },
{ "loli.world", true },
{ "lolibrary.org", true },
@@ -22851,6 +23098,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lolico.moe", true },
{ "lolicon.eu", true },
{ "lolkot.ru", true },
+ { "lolly.cc", true },
{ "lolnames.gg", true },
{ "lolpatrol.de", true },
{ "lolpatrol.wtf", true },
@@ -22870,7 +23118,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lonesomecosmonaut.com", true },
{ "lonestarlandandcommercial.com", true },
{ "long-journey.com", true },
- { "long18.cc", true },
{ "longboat.io", true },
{ "longhaircareforum.com", true },
{ "longhorn-imports.com", true },
@@ -22915,6 +23162,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "loricozengeller.com", true },
{ "lorientlejour.com", true },
{ "loritaboegl.de", true },
+ { "lormansas.com", true },
{ "losangelestown.com", true },
{ "losless.fr", true },
{ "losreyesdeldescanso.com.ar", true },
@@ -22962,7 +23210,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "loverepublic.ru", true },
{ "lovesmagical.com", true },
{ "lovesupremefestival.com", true },
- { "lovetravel360.com", true },
{ "lovevape.co", true },
{ "loveyounastya.com", true },
{ "loveysa.ch", true },
@@ -22982,34 +23229,34 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "loyaleco.it", true },
{ "loyaltyondemand.club", true },
{ "loyaltyondemand.eu", true },
- { "lpcom.de", true },
+ { "lp-support.nl", true },
{ "lprcommunity.co.za", true },
{ "lpt-nebreziny.eu", true },
- { "lqs.me", true },
{ "lra-cloud.de", true },
{ "lrdo.net", true },
+ { "lriese.ch", true },
{ "lrssystems.com", true },
{ "ls-alarm.de", true },
{ "lsal.me", true },
{ "lsc-dillingen.de", true },
{ "lsc.gov", true },
- { "lshiy.com", true },
{ "lsmpx.com", true },
{ "lsquo.com", true },
{ "lsscreens.de", true },
- { "lsy.cn", true },
+ { "lsys.ac", true },
{ "lt.search.yahoo.com", false },
{ "ltaake.com", true },
{ "ltecode.com", true },
{ "ltib.com.au", true },
{ "ltls.org", true },
{ "ltn-tom-morel.fr", true },
+ { "lty.space", true },
{ "lu.search.yahoo.com", false },
+ { "luan.ma", true },
{ "luav.org", true },
{ "lubar.me", true },
{ "lubbockyounglawyers.org", true },
{ "lublin.toys", true },
- { "lubomirkazakov.com", true },
{ "luc-oberson.ch", true },
{ "luca-steeb.com", true },
{ "luca.swiss", true },
@@ -23022,9 +23269,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lucasgaland.com", true },
{ "lucasgymnastics.com", true },
{ "lucaslarson.net", true },
+ { "lucassoler.com.ar", false },
{ "luce.life", true },
{ "luchscheider.de", false },
- { "lucianoalbanes.com", true },
{ "lucid-light.de", true },
{ "lucidframeworks.com", true },
{ "lucidlight.de", true },
@@ -23064,7 +23311,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "luiscapelo.info", true },
{ "luismaier.de", true },
{ "luisyr.com", true },
- { "luizkowalski.net", true },
{ "luk.earth", true },
{ "lukas-gorr.de", true },
{ "lukas-meixner.com", true },
@@ -23089,6 +23335,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lukmanulhakim.id", true },
{ "lukull-pizza.de", true },
{ "luloboutique.com", true },
+ { "lumbercartel.ca", true },
{ "lumen.sh", true },
{ "lumi.pw", true },
{ "lumiere.com", true },
@@ -23105,6 +23352,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lunarichter.de", true },
{ "lunarlog.com", true },
{ "lunarshark.com", true },
+ { "lunarsoft.net", true },
{ "lunartail.nl", true },
{ "lunasqu.ee", true },
{ "lunastrail.com", true },
@@ -23125,14 +23373,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "luongvu.com", true },
{ "luoshifeng.com", true },
{ "luowu.cc", true },
+ { "lupa.cz", true },
{ "lupecode.com", true },
{ "lupinencyclopedia.com", true },
{ "lupinenorthamerica.com", true },
+ { "luqsus.pl", true },
{ "lusitom.com", true },
{ "luso-livros.net", true },
{ "lusoft.cz", true },
{ "lusteniny.cz", true },
- { "lustige-zitate.com", true },
{ "lustin.fr", true },
{ "lustrum.ch", true },
{ "lusynth.com", true },
@@ -23192,7 +23441,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "lynxpro.nl", true },
{ "lyon-interactive.com", true },
{ "lyon-synergie.com", true },
- { "lyoness.digital", true },
{ "lyrical-nonsense.com", true },
{ "lyricfm.ie", true },
{ "lys.ch", true },
@@ -23237,6 +23485,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mac-i-tea.ch", true },
{ "mac-service-stockholm.se", true },
{ "mac-servicen.se", true },
+ { "mac-support.nu", true },
+ { "mac-support.se", true },
{ "mac.biz.tr", true },
{ "mac1.net", true },
{ "macaw.nl", true },
@@ -23244,12 +23494,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "macbook.es", true },
{ "maceinturecuir.com", true },
{ "maces-net.de", true },
+ { "macgeneral.de", true },
{ "macgenius.com", true },
{ "mach-politik.ch", true },
{ "macha.cloud", true },
{ "machbach.com", true },
{ "machetewp.com", true },
- { "machijun.net", true },
{ "machikka.com", false },
{ "machinetransport.com", true },
{ "macht-elektro.de", true },
@@ -23258,7 +23508,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "macil.tech", true },
{ "macinyasha.net", true },
{ "macker.io", true },
- { "mackey7.net", true },
{ "mackeysack.com", true },
{ "mackiehouse.ca", true },
{ "macksproductions.in", true },
@@ -23280,7 +23529,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "madae.nl", true },
{ "madandpissedoff.com", true },
{ "madars.org", false },
- { "madbicicletas.com", true },
{ "madbin.com", true },
{ "madbouncycastles.co.uk", true },
{ "maddi.biz", true },
@@ -23289,7 +23537,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "maddistonpsa.co.uk", true },
{ "maddreefer.com", true },
{ "made-in-earth.co.jp", true },
- { "made-to-usb.com", true },
{ "madebydusk.com", true },
{ "madebyshore.com", true },
{ "madeinchezmoi.net", true },
@@ -23340,6 +23587,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "magentaize.net", true },
{ "magentapinkinteriors.co.uk", true },
{ "magentoeesti.eu", true },
+ { "magepro.fr", true },
{ "magewell.nl", true },
{ "maggie.com", true },
{ "magi-cake.com", true },
@@ -23350,9 +23598,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "magicalcircuslv.com", true },
{ "magicalshuttle.fr", true },
{ "magicamulet.me", true },
+ { "magicball.co", true },
{ "magicbroccoli.de", true },
{ "magiccards.info", true },
{ "magicdaysomagh.co.uk", true },
+ { "magicdlp.com", true },
{ "magiclen.org", true },
{ "magicspaceninjapirates.de", true },
{ "magictable.com", true },
@@ -23409,6 +23659,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "maillady-susume.com", true },
{ "mailmag.net", false },
{ "mailnara.co.kr", true },
+ { "mailtelligent.com", true },
{ "mailto.space", true },
{ "mailum.org", false },
{ "mainechiro.com", true },
@@ -23424,8 +23675,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "maispa.com", true },
{ "maisretorno.com", true },
{ "maisvitaminas.com.br", true },
+ { "maitemerino.net", true },
{ "maitheme.com", true },
- { "maitrechaton.fr", true },
{ "maitrise-orthopedique.com", true },
{ "majahoidja.ee", true },
{ "majaweb.cz", true },
@@ -23435,9 +23686,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "majkassab.com", true },
{ "majkassab.net", true },
{ "majkassab.org", true },
- { "majkl.me", true },
- { "majkl.xyz", true },
- { "majkl578.cz", true },
{ "majkyto.cz", true },
{ "majlovesreg.one", true },
{ "majolka.com", true },
@@ -23448,6 +23696,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "makeaboldmove.com", true },
{ "makechanges.com.au", true },
{ "makedin.net", true },
+ { "makedonija.net.mk", true },
{ "makem-bounce.co.uk", true },
{ "makenaiyo-fx.com", true },
{ "makera.ga", true },
@@ -23498,7 +23747,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "malscan.com", true },
{ "malscan.org", true },
{ "malta-firma.com", true },
- { "malte-kiefer.de", true },
{ "malufs.com.br", true },
{ "malware.watch", true },
{ "malwareinvestigator.gov", true },
@@ -23537,6 +23785,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "manager-efficacement.com", true },
{ "manager.linode.com", false },
{ "managewp.org", true },
+ { "manaonetrading.com", true },
{ "manatees.com.au", true },
{ "manatees.net", true },
{ "manavgabhawala.com", true },
@@ -23599,7 +23848,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "manufacturing.gov", true },
{ "manufacturinginmexico.org", true },
{ "manufacturingusa.com", true },
- { "manuscript.com", true },
{ "manuscriptlink.com", true },
{ "manutd.org.np", true },
{ "manuth.life", true },
@@ -23622,6 +23870,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mapchange.org", true },
{ "mapeo.io", true },
{ "maplanetebeaute.fr", true },
+ { "maplegate.info", true },
{ "maplehome.tk", true },
{ "mapletime.com", true },
{ "maps.net", true },
@@ -23660,6 +23909,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "marcelwolf.coach", true },
{ "marcgoertz.de", true },
{ "marche-contre-monsanto.ch", true },
+ { "marchhappy.tech", false },
{ "marchukov.com", true },
{ "marchwj.pl", true },
{ "marciaimportados.com.br", true },
@@ -23680,6 +23930,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "marek.su", true },
{ "marelijah.org", true },
{ "margagriesser.de", true },
+ { "margays.de", true },
{ "margecommunication.com", true },
{ "margo-co.ch", true },
{ "margotlondon.co.uk", true },
@@ -23687,7 +23938,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "margots.life", true },
{ "margots.tech", true },
{ "marguerite-maison.fr", true },
- { "mariacorzo.com", true },
{ "mariage-photo.ch", true },
{ "mariaheidemann.nl", true },
{ "marianatherapy.com", true },
@@ -23716,6 +23966,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "marinela.com.mx", false },
{ "marinelausa.com", false },
{ "marines-shop.com", true },
+ { "mario.party", false },
{ "mariogeckler.de", true },
{ "mariposah.ch", true },
{ "marisamorby.com", false },
@@ -23753,7 +24004,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "marketingtrendnews.com", true },
{ "marketingvirtuales.com", true },
{ "marketizare.ro", true },
- { "marketlinks.org", true },
{ "marketnsight.com", true },
{ "markfordelegate.com", true },
{ "markhaehnel.de", true },
@@ -23783,6 +24033,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "markt-heiligenstadt.de", false },
{ "marktcontact.com", true },
{ "marktissink.nl", true },
+ { "marktplaatshelper.nl", true },
{ "markup-ua.com", true },
{ "markus-blog.de", true },
{ "markus-dev.com", true },
@@ -23791,7 +24042,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "markus-ullmann.de", true },
{ "markus.design", true },
{ "markusehrlicher.de", true },
- { "markusgran.de", true },
{ "markuskeppeler.de", true },
{ "markuskeppeler.no-ip.biz", true },
{ "marl.fr", true },
@@ -23941,7 +24191,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mathematik.rocks", false },
{ "mathembedded.com", true },
{ "matheo-schefczyk.de", true },
- { "matheusmacedo.ddns.net", true },
{ "mathfinder.org", true },
{ "mathhire.org", true },
{ "mathias.is", true },
@@ -23949,15 +24198,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mathiasgarbe.de", true },
{ "mathiaswagner.org", true },
{ "mathieuguimond.com", true },
- { "mathieui.net", true },
{ "mathis.com.tr", true },
{ "maths.network", true },
- { "mathsource.ga", true },
{ "mathspace.co", true },
- { "mathsweek.nz", true },
- { "mathsweek.org.nz", true },
- { "mathsweek.school.nz", true },
{ "mathys.io", true },
+ { "matijakolaric.com", true },
{ "matildajaneclothing.com", true },
{ "matjaz.it", true },
{ "matlss.com", true },
@@ -23967,6 +24212,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "matoutepetiteboutique.com", true },
{ "matratzentester.com", true },
{ "matridiana.com", true },
+ { "matrieux.dk", true },
{ "matrimoni.uk", true },
{ "matriterie-sdv.ro", true },
{ "matrixim.cc", true },
@@ -24000,6 +24246,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "matthewgrow.com", true },
{ "matthewj.ca", true },
{ "matthewkenny.co.uk", true },
+ { "matthewljiang.com", true },
{ "matthewohare.com", true },
{ "matthewsetter.com", true },
{ "matthey.nl", true },
@@ -24025,6 +24272,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "matway.net", true },
{ "matze.co", true },
{ "mauerwerkstag.info", true },
+ { "mauiticketsforless.com", true },
{ "mauldincookfence.com", true },
{ "mauran.me", true },
{ "maurice-walker.com", false },
@@ -24053,7 +24301,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "maxbruckner.de", true },
{ "maxbruckner.org", true },
{ "maxchan.info", true },
- { "maxdev72.freeboxos.fr", true },
{ "maxh.me.uk", true },
{ "maxhamon.ovh", true },
{ "maxhoechtl.at", true },
@@ -24069,9 +24316,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "maxipcalls.com", true },
{ "maxisito.it", true },
{ "maxkaul.de", true },
+ { "maxlaumeister.com", true },
{ "maxmatthe.ws", true },
{ "maxmilton.com", true },
{ "maxmind.com", true },
+ { "maxmobiles.ru", true },
{ "maxp.info", true },
{ "maxpl0it.com", true },
{ "maxr1998.de", true },
@@ -24087,11 +24336,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mayavi.co.in", true },
{ "maydex.info", true },
{ "mayerbrownllz.com", true },
- { "mayoimobiliare.ro", true },
{ "mayomarquees.com", true },
{ "mayopartyhire.com", true },
{ "maypolevilla.co.uk", true },
- { "mayrhofer.eu.org", true },
+ { "mayrhofer.eu.org", false },
{ "mazda-mps.de", true },
{ "mazda-thermote.com", true },
{ "mazda626.net", true },
@@ -24099,7 +24347,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "maze.design", false },
{ "maze.fr", true },
{ "mazenjobs.com", true },
- { "mazternet.ru", true },
{ "mazurlabs.tk", true },
{ "mazzotta.me", true },
{ "mb-is.info", true },
@@ -24123,6 +24370,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mbr-net.de", true },
{ "mbrooks.info", true },
{ "mbs-journey.com", true },
+ { "mbsec.net", true },
{ "mburaks.com", true },
{ "mburns.duckdns.org", true },
{ "mbweir.com", true },
@@ -24138,6 +24386,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mccrackon.com", true },
{ "mcculloughjchris.com", true },
{ "mcdermottautomotive.com", true },
+ { "mcdona1d.me", true },
{ "mcdonalds.be", true },
{ "mcdonalds.design", true },
{ "mce.eu", true },
@@ -24152,7 +24401,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mcgarderen.nl", true },
{ "mcgovernance.com", true },
{ "mchel.net", true },
- { "mchopkins.net", true },
{ "mchristopher.com", true },
{ "mchuiji.com", true },
{ "mcinterface.de", true },
@@ -24164,6 +24412,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mcl.de", false },
{ "mclinflatables.co.uk", true },
{ "mclmotors.co.uk", true },
+ { "mclyr.com", true },
{ "mcmillansedationdentistry.com", false },
{ "mcmillanskiclub.com.au", true },
{ "mcneill.io", true },
@@ -24187,8 +24436,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "md5file.com", true },
{ "md5hashing.net", true },
{ "mdazo.net", true },
- { "mdbouncycastlehirelondon.co.uk", true },
- { "mdcloudpracticesolutions.com", true },
{ "mdcloudps.com", true },
{ "mdek.at", true },
{ "mdewendt.de", true },
@@ -24217,6 +24464,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "meadowfenfarm.com", true },
{ "mealgoo.com", true },
{ "meamod.com", false },
+ { "meangirl.club", true },
{ "meany.xyz", true },
{ "meap.xyz", true },
{ "measureyourpenis.today", true },
@@ -24243,7 +24491,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "medellinapartamentos.com", true },
{ "medexpress.co.uk", true },
{ "medhy.fr", true },
- { "medi-link.co.il", true },
{ "medi.com.br", true },
{ "media-credit.eu", true },
{ "media-instance.ru", true },
@@ -24254,7 +24501,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mediaarea.net", true },
{ "mediabackoffice.co.jp", true },
{ "mediablaster.com", true },
- { "mediabm.jp", true },
{ "mediabogen.net", true },
{ "mediaburst.co.uk", true },
{ "mediadex.be", true },
@@ -24272,7 +24518,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mediapath.gr", true },
{ "mediarithmics.com", true },
{ "mediarithmics.io", true },
- { "mediarocks.de", true },
{ "mediaselection.eu", true },
{ "mediathekview.de", true },
{ "mediationculturelleclp.ch", true },
@@ -24292,6 +24537,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "medicareinfo.org", true },
{ "medicinesfast.com", false },
{ "medicinia.com.br", true },
+ { "medicm.jp", true },
{ "medicocompetente.it", true },
{ "medicoresponde.com.br", true },
{ "medienweite.de", true },
@@ -24344,6 +24590,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "meetingmanage.nl", true },
{ "meetingmanager.ovh", true },
{ "meetings2.com", true },
+ { "meetmibaby.co.uk", true },
{ "meetmygoods.com", true },
{ "meetscompany.jp", true },
{ "meeusen-usedcars.be", true },
@@ -24374,6 +24621,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "megasslstore.com", true },
{ "megauction.tk", true },
{ "megaxchange.com", true },
+ { "meggidesign.com", true },
{ "mego.cloud", true },
{ "megumico.net", true },
{ "megustariasaber.com", true },
@@ -24392,12 +24640,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "meikan.moe", true },
{ "meillard-auto-ecole.ch", true },
{ "meilleur.info", true },
+ { "meimeistartup.com", true },
{ "mein-kuechenhelfer.de", true },
{ "mein-muehlhausen.bayern", true },
{ "mein-webportal.de", true },
{ "meinbetriebsrat24.de", true },
{ "meincenter-meinemeinung.de", true },
{ "meincoach.at", true },
+ { "meine-cloud-online.de", true },
{ "meine-email-im.net", true },
{ "meine-finanzanalyse.de", true },
{ "meine-immofinanzierung.de", true },
@@ -24406,11 +24656,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "meinstartinsleben.de", true },
{ "meintragebaby.de", true },
{ "meinv.asia", true },
+ { "meiodomato.com.br", true },
{ "meiqia.cn", true },
{ "meiqia.com", true },
{ "meisterlabs.com", true },
{ "meistertask.com", true },
{ "meitan.gz.cn", true },
+ { "meizitang.es", true },
{ "mekatro.tech", true },
{ "mekatrotekno.com", true },
{ "mekesh.com", true },
@@ -24433,6 +24685,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "melissaadkins.com", true },
{ "melissaauclaire.com", true },
{ "melissameuwszen.nl", true },
+ { "mellitus.org", true },
{ "melnessgroup.com", true },
{ "melnikov.ch", true },
{ "melodicprogressivehouse.com", true },
@@ -24443,11 +24696,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "melodrom.de", true },
{ "melopie.com", true },
{ "melted.me", true },
+ { "meltzow.net", true },
{ "members-arbourlake.com", true },
{ "members-only-shopping.com", true },
{ "members.nearlyfreespeech.net", false },
{ "membershipservices.org.uk", true },
- { "memberstweets.com", true },
{ "meme-photostudio.com.tw", true },
{ "meme.fi", true },
{ "meme.institute", true },
@@ -24473,16 +24726,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "menole.com", true },
{ "menole.de", true },
{ "menole.net", true },
- { "menotag.com", true },
{ "mensagemaniversario.com.br", true },
{ "mensagemdaluz.com", true },
{ "mensagensaniversario.com.br", true },
{ "mensagensdeconforto.com.br", true },
{ "mensagensperfeitas.com.br", true },
+ { "mensarena.gr", true },
{ "mensch-peter.me", true },
{ "mentalhealthmn.org", true },
{ "mentaltraining-fuer-musiker.ch", true },
{ "mentiq.az", true },
+ { "mentorithm.com", true },
{ "mentz.info", true },
{ "menudieta.com", true },
{ "menuel.me", true },
@@ -24493,7 +24747,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mer.gd", true },
{ "merakilp.com", true },
{ "meransuedtirol.com", true },
- { "meraseo.com", true },
{ "mercadobitcoin.com.br", true },
{ "mercadobitcoin.net", true },
{ "mercadoleal.com.br", true },
@@ -24504,6 +24757,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mercedes-ig.de", true },
{ "mercedespartscenter.com", true },
{ "merchant-automotive.com", true },
+ { "merchcity.com", true },
{ "mercier-auto.com", true },
{ "mercier-cars.co.uk", true },
{ "mercredifiction.io", true },
@@ -24538,6 +24792,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mesappros.com", true },
{ "mescaline.com", true },
{ "mescaline.org", true },
+ { "mesec.cz", true },
{ "mesh.gov", true },
{ "meshok.info", true },
{ "mesicka.com", true },
@@ -24622,7 +24877,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mexicom.org", true },
{ "meyash.co", true },
{ "mf-fischer.de", true },
- { "mfacko.cz", true },
{ "mfen.de", true },
{ "mfgusa.com", true },
{ "mfits.co.uk", true },
@@ -24644,7 +24898,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mheistermann.de", true },
{ "mhermans.nl", true },
{ "mhi.web.id", true },
- { "mhjuma.com", true },
{ "mhmfoundationrepair.com", true },
{ "mi-beratung.de", true },
{ "mi-so-ji.com", true },
@@ -24692,7 +24945,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "michal-s.net", true },
{ "michal-spacek.com", true },
{ "michal-spacek.cz", true },
- { "michalp.pl", true },
+ { "michaldudek.it", true },
+ { "michalpodraza.pl", true },
{ "michalspacek.com", true },
{ "michalspacek.cz", true },
{ "michalwiglasz.cz", true },
@@ -24715,9 +24969,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "microco.sm", true },
{ "microcomploja.com.br", true },
{ "microdots.de", true },
+ { "microfonejts.com.br", true },
{ "microlinks.org", true },
{ "microlog.org", true },
{ "micromata.de", true },
+ { "micromind.io", true },
{ "microneedlingstudio.se", true },
{ "microsoftaffiliates.azurewebsites.net", true },
{ "microvb.com", true },
@@ -24725,6 +24981,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "microzubr.com", true },
{ "midair.io", true },
{ "midasjewellery.com.au", true },
+ { "midcarolinaregionalairport.com", true },
+ { "midcarolinaregionalairport.org", true },
{ "midgawash.com", true },
{ "midislandrealty.com", true },
{ "midistop.org", true },
@@ -24734,7 +24992,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "midlandroofingri.com", true },
{ "midlandsfundays.co.uk", true },
{ "midlandsphotobooths.co.uk", true },
- { "midlgx.com", true },
{ "midnight-visions.de", true },
{ "midnightmango.co.uk", true },
{ "midnightmango.de", true },
@@ -24745,7 +25002,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "midtowndentistry.com", true },
{ "midwestbloggers.org", true },
{ "midwestplus.com", true },
- { "midweststructuralrepair.com", true },
{ "miegl.com", true },
{ "miembarcacion.com", true },
{ "miemus.eu", true },
@@ -24768,7 +25024,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mijailovic.net", true },
{ "mijcorijneveld.nl", true },
{ "mijn-financien.be", true },
- { "mijnetickets.nl", false },
+ { "mijnavg.eu", true },
{ "mijnetz.nl", true },
{ "mijnkerstkaarten.be", true },
{ "mijnkinderkleding.com", true },
@@ -24799,6 +25055,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mikevesch.com", true },
{ "mikewest.org", true },
{ "mikewillia.ms", true },
+ { "mikewrites.online", true },
{ "mikewritesstuff.com", true },
{ "mikeybailey.org", true },
{ "mikhirev.ru", true },
@@ -24819,7 +25076,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mikywow.eu", true },
{ "mil-spec.ch", true },
{ "mil0.com", true },
+ { "milakirschner.de", true },
{ "milania.de", true },
+ { "milanpala.cz", false },
{ "milanstephan.de", true },
{ "milcahsmusings.com", true },
{ "milchbuchstabe.de", true },
@@ -24828,76 +25087,30 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "milesapart.dating", true },
{ "milhoazul.com.br", true },
{ "milionshop.sk", true },
+ { "milkameglepetes.hu", true },
{ "milkandcookies.ca", true },
{ "milkingit.co.uk", true },
+ { "milktea.info", true },
{ "millanova.wedding", false },
{ "milldyke.com", true },
{ "milldyke.nl", true },
{ "millefleurs.eu", true },
{ "millennium-thisiswhoweare.net", true },
+ { "millenniumstem.org", true },
{ "millenniumweb.com", false },
{ "millersminibarns.com", true },
{ "millettable.com", true },
{ "millhousenchurch.com", true },
- { "million5.com", true },
- { "million6.com", true },
- { "million8.com", true },
{ "millionairegames.com", true },
{ "millions1.com", true },
- { "millions11.com", true },
- { "millions13.com", true },
- { "millions14.com", true },
- { "millions15.com", true },
- { "millions16.com", true },
- { "millions17.com", true },
- { "millions19.com", true },
- { "millions20.com", true },
- { "millions22.com", true },
- { "millions25.com", true },
- { "millions26.com", true },
- { "millions27.com", true },
- { "millions28.com", true },
- { "millions29.com", true },
- { "millions31.com", true },
{ "millions32.com", true },
- { "millions33.com", true },
- { "millions35.com", true },
- { "millions36.com", true },
- { "millions37.com", true },
- { "millions38.com", true },
- { "millions39.com", true },
- { "millions40.com", true },
- { "millions41.com", true },
- { "millions42.com", true },
- { "millions43.com", true },
- { "millions5.com", true },
- { "millions50.com", true },
{ "millions51.com", true },
{ "millions52.com", true },
{ "millions53.com", true },
- { "millions55.com", true },
- { "millions56.com", true },
{ "millions57.com", true },
- { "millions58.com", true },
- { "millions59.com", true },
- { "millions6.com", true },
{ "millions60.com", true },
- { "millions61.com", true },
- { "millions62.com", true },
- { "millions63.com", true },
- { "millions66.com", true },
- { "millions7.com", true },
- { "millions70.com", true },
- { "millions71.com", true },
- { "millions72.com", true },
{ "millions77.com", true },
{ "millions8.com", true },
- { "millions80.com", true },
- { "millions81.com", true },
- { "millions82.com", true },
- { "millions88.com", true },
- { "millions9.com", true },
- { "millions99.com", true },
{ "millistream.com", true },
{ "milnes.org", true },
{ "milsonhypnotherapyservices.com", true },
@@ -24906,9 +25119,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mimemoriadepez.com", true },
{ "mimeo.digital", true },
{ "mimithedog.com", true },
- { "mimobile.website", true },
+ { "mimmog.it", true },
{ "mimocad.io", true },
{ "mimovrste.com", true },
+ { "mimusic.cf", true },
{ "min-datorsupport.se", true },
{ "min-sky.no", true },
{ "minakov.pro", true },
@@ -24918,9 +25132,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "minaprine.com", true },
{ "mind-box.ch", true },
{ "mind-hochschul-netzwerk.de", true },
- { "mind-moves.es", true },
{ "mindatasupport.nu", true },
{ "mindatasupport.se", true },
+ { "mindatorsupport.se", true },
{ "mindcoding.ro", true },
{ "mindercasso.nl", true },
{ "mindfactory.de", true },
@@ -24938,11 +25152,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "minecraft-server.eu", true },
{ "minecraftforum.de", true },
{ "minecraftforum.ovh", true },
- { "minecraftjson.com", true },
+ { "minecraftjson.com", false },
{ "minecraftstal.com", true },
{ "minehattan.de", true },
{ "minehub.de", true },
- { "minei.me", true },
{ "minenash.com", true },
{ "minepack.net", true },
{ "minepay.net", true },
@@ -24974,11 +25187,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "minimbah.com.au", true },
{ "minimvc.com", true },
{ "miningtronics.com", true },
+ { "minisoft4u.ir", true },
{ "ministeriumfuerinternet.de", true },
{ "minitruckin.net", true },
{ "minitrucktalk.com", true },
{ "minivaro.de", true },
- { "miniwallaby.com", true },
{ "minkymoon.jp", true },
{ "minnesotakinkyyouth.org", true },
{ "minnesotamathcorps.org", true },
@@ -24992,12 +25205,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mintosherbs.com", true },
{ "mintrak2.com", true },
{ "mintse.com", true },
- { "minu.link", true },
{ "minube.co.cr", true },
{ "minutashop.ru", true },
{ "minux.info", true },
{ "mipapo.de", true },
- { "mipla.ch", true },
{ "miproximopaso.org", true },
{ "mipueblohoy.com", true },
{ "mipymesenlinea.com", true },
@@ -25012,6 +25223,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mirepublic.co.nz", true },
{ "mireservaonline.es", true },
{ "mirfire.com", true },
+ { "mirjamderijk.nl", false },
{ "mirkofranz.de", true },
{ "mironet.cz", true },
{ "mirrorbot.ga", true },
@@ -25022,6 +25234,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "misakacloud.net", true },
{ "misakiya.co.jp", true },
{ "misanci.cz", true },
+ { "mischak.net", true },
{ "misclick.nl", true },
{ "mishkovskyi.net", true },
{ "misinstrumentos.com", true },
@@ -25078,11 +25291,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mitsukabose.com", true },
{ "mittagonggardencentre.com.au", true },
{ "mittagonghomestead.com.au", true },
+ { "mittbolan.se", true },
{ "mittelunsachlich.de", true },
{ "mittenofficesystems.com", true },
{ "mitylite.com", true },
{ "mitzpettel.com", true },
{ "miui-germany.de", true },
+ { "mivestuariolaboral.com", true },
{ "mivzak.im", true },
{ "mivzakim.biz", true },
{ "mivzakim.info", true },
@@ -25090,8 +25305,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mivzakim.net", true },
{ "mivzakim.org", true },
{ "mivzakim.tv", true },
+ { "mivzaklive.co.il", true },
{ "miweb.cr", false },
{ "mixinglight.com", true },
+ { "mixmister.com", true },
{ "mixnshake.com", true },
{ "mixposure.com", true },
{ "mixrepairs.co.uk", true },
@@ -25106,6 +25323,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mizu.coffee", true },
{ "mizucoffee.net", true },
{ "mizuho-trade.net", true },
+ { "mizuhobank.co.id", true },
{ "mj420.com", true },
{ "mjacobson.net", true },
{ "mjanja.ch", true },
@@ -25130,6 +25348,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mkg-scherer.de", true },
{ "mkg-wiebelskirchen.de", true },
{ "mkhsoft.eu", true },
+ { "mkie.cf", true },
{ "mkimage.com", true },
{ "mkjl.ml", true },
{ "mkk.de", true },
@@ -25167,10 +25386,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mmt.my", true },
{ "mmucha.de", true },
{ "mncloud.de", true },
- { "mncr.nl", true },
{ "mnd.sc", true },
{ "mne.moe", true },
{ "mnedc.org", true },
+ { "mneerup.dk", true },
{ "mnemonic.ninja", true },
{ "mnguyen.io", true },
{ "mnitro.com", true },
@@ -25185,8 +25404,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mo.nl", true },
{ "mo2021.de", true },
{ "moa.moe", true },
+ { "moabpapier.de", true },
+ { "moabygg.se", true },
{ "moahmo.com", true },
+ { "mobag.ru", false },
{ "mobal.com", true },
+ { "mobi2go.com", true },
{ "mobidea.com", true },
{ "mobifinans.ru", true },
{ "mobil-bei-uns.de", true },
@@ -25221,6 +25444,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "moc.ac", true },
{ "mocarps.hk", true },
{ "mochanstore.com", true },
+ { "mochiyuki.net", true },
{ "mockerel.com", true },
{ "mococo.co.uk", true },
{ "modaexecutiva.com.br", true },
@@ -25254,6 +25478,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "modistry.com", true },
{ "modistryusercontent.com", true },
{ "modmountain.com", true },
+ { "modnitsa.info", true },
{ "modosaude.com.br", true },
{ "modul21.com", true },
{ "modul21.eu", true },
@@ -25272,7 +25497,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "moeqing.net", true },
{ "moetrack.com", true },
{ "moeyoo.net", true },
+ { "mofidmed.com", true },
{ "mofohome.dyndns.org", true },
+ { "mogooin.com", true },
{ "moha-swiss.com", true },
{ "mohanmekap.com", true },
{ "mohela.com", true },
@@ -25289,8 +25516,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mojefedora.cz", true },
{ "mojilitygroup.com", true },
{ "mojizuri.com", true },
- { "mojnet.eu", true },
- { "mojnet.net", true },
{ "mojoco.co.za", true },
{ "mojzis.com", true },
{ "mojzis.cz", true },
@@ -25314,7 +25539,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "momentum.photos", true },
{ "momentumdash.com", true },
{ "momirfarooq.com", true },
- { "momjoyas.com", true },
{ "momo0v0.club", true },
{ "momozeit.de", true },
{ "momstableonline.com", true },
@@ -25333,7 +25557,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "monarchcleanersnc.com", true },
{ "monbudget.org", true },
{ "moncoach.ch", true },
- { "mondedesnovels.com", true },
{ "mondedie.fr", true },
{ "mondial-movers.nl", true },
{ "mondo-it.ch", true },
@@ -25355,7 +25578,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "monix.io", true },
{ "monkay.de", true },
{ "monkeybusiness.agency", true },
- { "monkeydust.net", true },
{ "monkeyhill.us", true },
{ "monkeytek.ca", true },
{ "monkieteel.com", true },
@@ -25365,6 +25587,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mono.cafe", true },
{ "mono0x.net", true },
{ "monobank.no", true },
+ { "monobunt.at", true },
{ "monodukuri.com", true },
{ "monokoo.com", true },
{ "monolithapps.com", true },
@@ -25419,6 +25642,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "moonmelo.com", true },
{ "moonraptor.co.uk", true },
{ "moonraptor.com", true },
+ { "moonrhythm.io", true },
{ "moonshyne.org", true },
{ "moontaj.com", true },
{ "moonvpn.org", true },
@@ -25434,6 +25658,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "moosmann-moehrle.de", true },
{ "moot-info.co.za", true },
{ "moovablestorage.com", true },
+ { "mop321.com", true },
{ "moparcraft.net", true },
{ "moparisthebest.com", true },
{ "moparisthebest.net", true },
@@ -25442,6 +25667,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mopedreifen.de", false },
{ "mopie.de", true },
{ "mople71.cz", true },
+ { "moplx.com", true },
{ "moppeleinhorn.de", true },
{ "moppy.org", true },
{ "morbatex.com", true },
@@ -25511,6 +25737,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mothereff.in", false },
{ "motifstudio.com.ua", true },
{ "motionless.nl", true },
+ { "motionvideos.uk", true },
{ "motiweb.fr", true },
{ "motocollection.pl", true },
{ "motohell.com", true },
@@ -25549,7 +25776,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "moviedeposit.com", true },
{ "moviefreeze.com", true },
{ "movieguys.org", true },
- { "movienized.de", true },
{ "moviepilot.com", true },
{ "moviesetc.net", true },
{ "moviko.nz", true },
@@ -25563,6 +25789,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "moy.cat", true },
{ "moyer.pub", true },
{ "moylen.eu", true },
+ { "moysovet.info", false },
{ "mozartgroup.hu", true },
{ "mozektevidi.net", true },
{ "mozilla.cz", true },
@@ -25574,6 +25801,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mpetroff.net", true },
{ "mpg-universal.com", true },
{ "mpgaming.pro", true },
+ { "mphwinkel.nl", true },
{ "mpkrachtig.nl", true },
{ "mpkshop.com.br", true },
{ "mplanetphl.fr", true },
@@ -25603,6 +25831,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mrgasfires.co.uk", true },
{ "mrgiveaways.com", true },
{ "mrhc.ru", true },
+ { "mrhookupsd.com", true },
{ "mrinalpurohit.in", true },
{ "mrjhnsn.com", true },
{ "mrjooz.com", true },
@@ -25665,8 +25894,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mtasa.hu", true },
{ "mtauburnassociates.com", true },
{ "mtb.wtf", true },
- { "mtcq.jp", true },
{ "mtd.org", true },
+ { "mteleport.net", true },
{ "mtg-tutor.de", true },
{ "mtgeni.us", true },
{ "mtgenius.com", true },
@@ -25689,7 +25918,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mtsolar.es", true },
{ "mu.search.yahoo.com", false },
{ "muabannhanh.com", false },
- { "muahahahaha.co.uk", true },
{ "mubiflex.nl", true },
{ "muckingabout.eu", true },
{ "muckrack.com", true },
@@ -25699,6 +25927,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mudbenesov.cz", true },
{ "mudcrab.us", false },
{ "muehlemann.net", true },
+ { "muel.io", true },
{ "muelhau.pt", true },
{ "muell-weg.de", true },
{ "muellapp.com", true },
@@ -25717,6 +25946,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mulej.net", true },
{ "muling.lu", true },
{ "mullens-usedcars.be", true },
+ { "mullerimoveisrj.com.br", true },
{ "multi-vpn.biz", true },
{ "multibit.org", true },
{ "multibomasm.com.br", true },
@@ -25730,7 +25960,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "multimedia-pool.com", true },
{ "multiplayernow.com", true },
{ "multipleservers.com", true },
- { "multiplexcy.com", true },
{ "multirep.ch", true },
{ "multiroom-streaming.de", true },
{ "multisite.ovh", true },
@@ -25750,7 +25979,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mundoconejos.com", true },
{ "mundodapoesia.com", true },
{ "mundodasmensagens.com", true },
- { "mundodoscarbonos.com.br", true },
{ "mundogamers.top", true },
{ "mundokinderland.com.br", true },
{ "mundolarraz.es", true },
@@ -25809,16 +26037,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "musicwear.cz", true },
{ "musicworkout.de", true },
{ "musik-mentaltraining.ch", true },
+ { "musikholics.com", true },
{ "musikverein-elten.de", true },
{ "musikzentrale.net", true },
- { "musique2nuit.com", true },
{ "musketonhaken.nl", false },
{ "muslim.singles", true },
{ "musmann.io", true },
{ "muspla.com", true },
{ "muspla.com.br", true },
{ "musselsblog.com", true },
- { "mustafa.space", true },
{ "mustafaturhan.com", true },
{ "mustard.co.uk", true },
{ "mustardking.me", true },
@@ -25834,12 +26061,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "muthai.in.th", true },
{ "mutuals.cool", true },
{ "mutuelle.fr", true },
+ { "muunnin.net", true },
{ "muurlingoogzorg.nl", true },
{ "muusikoiden.net", true },
{ "muwatenraqamy.org", true },
{ "muz2u.ru", true },
{ "muzeumkomiksu.eu", true },
- { "muzhijy.com", false },
+ { "muzhijy.com", true },
{ "muzikantine.nl", true },
{ "mv-schnuppertage.de", true },
{ "mv-wohnen.de", true },
@@ -25852,6 +26080,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mw.search.yahoo.com", false },
{ "mwainc.org", true },
{ "mwalz.com", true },
+ { "mwamitours.com", true },
{ "mware-staging.azurewebsites.net", true },
{ "mwavuli.co.ke", true },
{ "mwba.org", true },
@@ -25936,12 +26165,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "myconnect.cn", true },
{ "myconsulting.ch", true },
{ "mycookrecetas.com", true },
+ { "mycoupons.com", true },
{ "mycr.eu", true },
- { "mycreativeartsconsulting.com", true },
{ "mycreativenook.com", true },
{ "mycreditcardcenter.com", true },
{ "mycrypnet.io", true },
- { "mycrypto.com", true },
+ { "mycrypto.com", false },
{ "mycrystalgrove.com", true },
{ "mycuco.it", true },
{ "mycustomwriting.com", true },
@@ -25962,12 +26191,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mydreamshaadi.in", true },
{ "mydroneservices.ca", true },
{ "mydroneservices.com", true },
- { "myeasybooking.de", true },
+ { "myduffyfamily.com", true },
{ "myeberspaecher.com", true },
{ "myeffect.today", true },
{ "myeisenbahn.de", true },
{ "myetherwallet.com", true },
{ "myf.cloud", true },
+ { "myfae.eu", true },
{ "myfantasysportstalk.com", true },
{ "myfedloan.org", true },
{ "myfirenet.com", true },
@@ -25980,6 +26210,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mygallery.homelinux.net", true },
{ "mygate.at", false },
{ "mygedit.com", true },
+ { "mygeneral.org", true },
{ "mygeotrip.com", true },
{ "mygest.me", true },
{ "mygigabitnation.com", true },
@@ -26005,6 +26236,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "myipv4.de", true },
{ "myjudo.net", true },
{ "myjumparoo.co.uk", true },
+ { "myjumpsuit.de", true },
{ "myki.co", true },
{ "mykontool.de", true },
{ "mykumedir.com", true },
@@ -26036,6 +26268,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mymx.lu", true },
{ "myna.go.jp", true },
{ "mynameistavis.com", true },
+ { "myndcoin.com", true },
{ "mynetworkingbuddy.com", true },
{ "mynext.events", true },
{ "mynextmove.org", true },
@@ -26057,10 +26290,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "myownconference.ru", true },
{ "myowndisk.com", true },
{ "myowndisk.net", true },
- { "myownwebinar.com", true },
{ "mypaperdone.com", true },
{ "mypartnernews.com", true },
{ "mypartybynoelia.es", true },
+ { "mypay.fr", true },
{ "mypayoffloan.com", true },
{ "mypcqq.cc", true },
{ "myperfecthome.ca", true },
@@ -26137,6 +26370,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "myrewardspoints.com", true },
{ "myriadof.com", true },
{ "myrig.com", true },
+ { "myrig.net", true },
{ "myrnabiondo.com.br", true },
{ "myrotvorets.center", true },
{ "myrotvorets.news", true },
@@ -26144,6 +26378,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mysber.ru", true },
{ "myschoolphoto.org", true },
{ "myseatime.com", true },
+ { "mysecretcase.com", false },
{ "mysectools.org", true },
{ "myself5.de", true },
{ "myservicearl.com", true },
@@ -26170,7 +26405,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "mysticplumes.com", true },
{ "mystorymonster.com", true },
{ "mystudycart.com", true },
- { "mysupboard.de", true },
{ "myswissmailaddress.com", true },
{ "mytfg.de", true },
{ "mythemeshop.com", false },
@@ -26236,6 +26470,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "n4v.eu", true },
{ "n5118.com", true },
{ "n6a.net", true },
+ { "n7.education", true },
+ { "n8ch.net", true },
{ "n8mgt.com", true },
{ "n8nvi.com", true },
{ "n8solutions.net", true },
@@ -26254,9 +26490,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nachtmuziek.info", true },
{ "nacin.com", true },
{ "nacktetatsachen.at", false },
- { "nacktwanderfreunde.de", true },
{ "nacyklo.cz", true },
- { "nadaquenosepas.com", true },
{ "nadejeproninu.cz", true },
{ "nadelholzkulturen.de", true },
{ "naders.com", true },
@@ -26288,6 +26522,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "najany.fr", true },
{ "najany.nl", true },
{ "najany.se", true },
+ { "najedlo.sk", true },
{ "naji-astier.com", true },
{ "nakada4610.com", true },
{ "nakalabo.jp", true },
@@ -26297,6 +26532,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nakedalarmclock.me", true },
{ "nakedtruthbeauty.com", true },
{ "nakene.com", true },
+ { "nakladki.su", true },
{ "nakliyat.name.tr", true },
{ "nakliyatsirketi.biz.tr", true },
{ "nako.no", true },
@@ -26314,7 +26550,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "namethissymbol.com", true },
{ "nametiles.co", true },
{ "nami.bo", true },
- { "nami.exchange", true },
{ "nami.trade", true },
{ "naminam.de", true },
{ "namrs.net", true },
@@ -26333,6 +26568,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nano.voting", true },
{ "nanofy.org", true },
{ "nanogi.ga", true },
+ { "nanogramme.fr", true },
{ "nanollet.org", true },
{ "nanotechnologist.com", true },
{ "nanotechnologysolutions.com.au", true },
@@ -26355,7 +26591,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "narakenkoland.net", true },
{ "naralogics.com", true },
{ "narardetval.se", true },
- { "narazaka.net", true },
{ "narduin.xyz", true },
{ "narenderchopra.com", true },
{ "narfation.org", true },
@@ -26392,6 +26627,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nathaliebaroncoaching.ch", true },
{ "nathaliedijkxhoorn.com", true },
{ "nathaliedijkxhoorn.nl", true },
+ { "nathan.io", true },
{ "nathanaeldawe.com", true },
{ "nathancheek.com", false },
{ "nathankonopinski.com", true },
@@ -26426,6 +26662,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "naturalspacesdomes.com", true },
{ "naturaum.de", true },
{ "nature-et-bio.fr", true },
+ { "natureclaim.com", true },
{ "natureflo.net", true },
{ "naturesbest.co.uk", true },
{ "naturesorganichaven.com", true },
@@ -26445,17 +26682,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nautsch.de", true },
{ "navarralanparty.org", true },
{ "navdeep.ca", true },
- { "navenlle.com", true },
{ "navienna.com", true },
{ "navient.com", true },
{ "navigate-it-services.de", false },
{ "navstevnik.sk", true },
- { "navstivime.cz", true },
{ "navycs.com", true },
{ "nawir.de", true },
{ "nayahe.ru", true },
{ "nayami64.xyz", true },
{ "nayanaas.com", true },
+ { "nayr.us", true },
{ "nazevfirmy.cz", true },
{ "nazukebanashi.com", true },
{ "nazuna.blue", true },
@@ -26518,7 +26754,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nbhorsetraining.com", true },
{ "nbib.gov", true },
{ "nbnnetwork.com", true },
- { "nbp.com.pk", true },
{ "nbrain.de", true },
{ "nbrii.com", true },
{ "nbriresearch.com", true },
@@ -26528,6 +26763,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nc-formation.fr", true },
{ "nc-network.io", true },
{ "nc99.co", true },
+ { "nca.ink", true },
{ "ncamarquee.co.uk", true },
{ "ncands.net", true },
{ "ncc-efm.com", true },
@@ -26536,6 +26772,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nccemail.net", true },
{ "ncdc.pt", true },
{ "ncea.net.au", true },
+ { "ncgt.se", true },
{ "nchangfong.com", true },
{ "nchponline.org", true },
{ "ncic.gg", true },
@@ -26546,7 +26783,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ncstep.org", true },
{ "nctx.co.uk", true },
{ "ndarville.com", true },
- { "ndatc.com", true },
{ "ndbt.com", true },
{ "ndcpolipak.com", true },
{ "ndeoffshore.com", true },
@@ -26562,7 +26798,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ndy.sex", true },
{ "ne-on.org", true },
{ "nea.gov", true },
- { "nearbi.com.mx", true },
{ "nearby.in.th", true },
{ "neartothesky.com", true },
{ "neatous.cz", true },
@@ -26576,6 +26811,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nebra.io", true },
{ "nebracy.com", true },
{ "nebul.at", true },
+ { "nebula.exchange", true },
{ "nebulae.co", true },
{ "nebuluxcapital.com", true },
{ "necessaryandproportionate.net", true },
@@ -26629,12 +26865,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nekowa.moe", true },
{ "nekusoul.de", true },
{ "nelhage.com", true },
- { "nella-project.org", true },
- { "nellacms.com", true },
- { "nellacms.org", true },
- { "nellafw.org", true },
{ "nemcd.com", true },
- { "nemecl.eu", true },
{ "nemez.net", true },
{ "nemo.run", true },
{ "nemopan.com", true },
@@ -26655,7 +26886,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "neohu.com", true },
{ "neojo.org", true },
{ "neolaudia.es", true },
- { "neolink.dk", true },
{ "neonataleducationalresources.org", true },
{ "neonatalgoldenhours.org", true },
{ "neonknight.ch", true },
@@ -26691,11 +26921,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nerot.eu", true },
{ "nerpa-club.ru", true },
{ "nerull7.info", true },
- { "nerven.se", false },
+ { "nerven.se", true },
{ "nesbase.com", true },
{ "nesolabs.com", true },
{ "nesolabs.de", true },
- { "nestedquotes.ca", true },
{ "nestor.nu", true },
{ "neswec.org.uk", true },
{ "net-masters.pl", true },
@@ -26716,6 +26945,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "netbuzz.ru", true },
{ "netconnect.at", true },
{ "netcoolusers.org", true },
+ { "netd.at", true },
{ "netdex.co", true },
{ "netera.se", true },
{ "neteraser.de", true },
@@ -26752,6 +26982,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "netsparker.com.tr", true },
{ "netspeedia.net", true },
{ "netsphere.cz", true },
+ { "nettacompany.com.tr", true },
{ "nettamente.com", true },
{ "nette.org", true },
{ "nettegeschenke.de", true },
@@ -26759,7 +26990,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nettilamppu.fi", true },
{ "netto-service.ch", true },
{ "nettools.link", true },
- { "nettoyage.email", true },
{ "nettx.co.uk", true },
{ "netulo.com", true },
{ "netvizura.co.uk", true },
@@ -26792,7 +27022,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "neurochip.com", true },
{ "neurocny.cloud", true },
{ "neuroethics.com", true },
- { "neurogroove.info", true },
{ "neurolab.no", true },
{ "neuropharmacology.com", true },
{ "neurostimtms.com", true },
@@ -26816,9 +27045,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "new-process.com", true },
{ "new-process.de", true },
{ "new-process.eu", true },
+ { "new-web-studio.com", true },
{ "new.travel.pl", true },
{ "newaccess.ch", true },
- { "newbasemedia.us", true },
{ "newbietech.cn", false },
{ "newborncryptocoin.com", true },
{ "newburybouncycastles.co.uk", true },
@@ -26828,6 +27057,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "newburyparkexteriorlighting.com", true },
{ "newburyparklandscapelighting.com", true },
{ "newburyparkoutdoorlighting.com", true },
+ { "newcab.de", true },
{ "newcitygas.ca", true },
{ "newcityinfo.ch", true },
{ "newcitystudio.ch", true },
@@ -26851,8 +27081,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "newmovements.net", true },
{ "newmusicjackson.org", true },
{ "newodesign.com", true },
+ { "newposts.ru", true },
{ "newreleases.io", true },
- { "news47ell.com", true },
+ { "newsgroups.io", true },
+ { "newsletteralerts.com", true },
{ "newsmotor.info", true },
{ "newspsychology.com", true },
{ "newstone-tech.com", true },
@@ -26862,8 +27094,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "newvehicle.com", true },
{ "nex.li", true },
{ "nex.sx", true },
+ { "nexd.com", true },
{ "nexicafiles.com", true },
- { "nexril.net", true },
{ "next-web.ad.jp", true },
{ "next176.sk", true },
{ "next24.io", true },
@@ -26873,14 +27105,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nextcasino.com", true },
{ "nextcloud.co.za", true },
{ "nextcloud.com", true },
- { "nextcloud.nerdpol.ovh", true },
+ { "nextcloud.li", true },
{ "nextclouddarwinkel.nl", true },
{ "nextevolution.co.uk", true },
{ "nextgen.sk", true },
{ "nextgencel.com", true },
{ "nextgenthemes.com", true },
{ "nextgreatmess.com", true },
- { "nexthop.jp", true },
{ "nextiot.de", true },
{ "nextmbta.com", true },
{ "nextme.se", true },
@@ -26908,6 +27139,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nfl.duckdns.org", true },
{ "nflchan.org", true },
{ "nflmocks.com", true },
+ { "nfls.io", true },
{ "nflsic.org", true },
{ "nfpors.gov", true },
{ "nframe.io", true },
@@ -26922,10 +27154,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nginxconfig.io", true },
{ "ngndn.jp", true },
{ "ngt.gr", true },
+ { "nguyenminhhung.com", true },
{ "ngvf.de", true },
{ "ngx.hk", true },
{ "ngxpkg.com", true },
- { "nhccnews.org", true },
{ "nhchalton.com", true },
{ "nhdsilentheroes.org", true },
{ "nhgteam.hu", true },
@@ -26966,13 +27198,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nickhitch.co.uk", true },
{ "nickloose.de", true },
{ "nicklord.com", true },
+ { "nickmertin.ca", true },
+ { "nickmorri.com", true },
{ "nickplotnek.co.uk", true },
{ "nickrickard.co.uk", true },
{ "nicks-autos.com", true },
{ "nickscomputers.nl", true },
{ "nickserve.com", true },
{ "nickstories.de", true },
- { "nicktheitguy.com", true },
{ "niclasreich.de", true },
{ "nicn.me", true },
{ "nico.st", true },
@@ -27000,7 +27233,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nidro.de", true },
{ "nidsuber.ch", true },
{ "niederohmig.de", true },
- { "niedrigsterpreis.de", true },
{ "niehage.name", true },
{ "nielshoogenhout.be", true },
{ "nielshoogenhout.eu", true },
@@ -27057,13 +27289,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nikklassen.ca", true },
{ "niklas.pw", true },
{ "niklasbabel.com", true },
+ { "nikolainevalainen.fi", true },
{ "nikomo.fi", false },
{ "nikoninframe.co.uk", true },
{ "nikonlibrary.co.uk", true },
{ "nikonnps.co.uk", true },
{ "nikonpromotions.co.uk", true },
{ "nikonschool.co.uk", true },
- { "nikz.in", true },
+ { "niktok.com", true },
{ "nil.gs", true },
{ "nil.mx", true },
{ "niles.xyz", true },
@@ -27102,6 +27335,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nirjonmela.com", true },
{ "nirjonmela.net", true },
{ "nirudo.me", true },
+ { "niscats.com", true },
{ "nissanofbismarckparts.com", true },
{ "nitifilter.com", true },
{ "nitix.games", true },
@@ -27114,7 +27348,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nitrous-networks.com", true },
{ "nitschinger.at", true },
{ "niu.moe", true },
- { "nivi.ca", true },
{ "nix.black", true },
{ "nixonlibrary.gov", true },
{ "nixtest.net", true },
@@ -27152,9 +27385,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "no-xice.com", true },
{ "no.search.yahoo.com", false },
{ "noagendahr.org", true },
+ { "noah-witt.com", true },
{ "noahjacobson.com", true },
{ "noahmodas.com.br", true },
{ "noahsaso.com", true },
+ { "noahwitt.me", true },
{ "nobitakun.com", true },
{ "nobledust.com", true },
{ "nobleparkapartments.com.au", true },
@@ -27162,7 +27397,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "noc.org", true },
{ "nocit.dk", true },
{ "nocks.com", true },
- { "nocmd.com", true },
{ "nocs.cn", true },
{ "nodari.com.ar", true },
{ "nodariweb.com.ar", true },
@@ -27172,11 +27406,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nodelia.com", true },
{ "nodesec.cc", true },
{ "nodesonic.com", true },
+ { "nodespin.com", true },
{ "nodevops.com", true },
+ { "nodist.club", true },
{ "noeatnosleep.me", true },
{ "noedidacticos.com", true },
{ "noelclaremont.com", true },
{ "noellabo.jp", true },
+ { "noellimpag.me", true },
{ "noematic.space", true },
{ "noemax.com", true },
{ "noexec.org", true },
@@ -27211,7 +27448,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nomial.co.uk", true },
{ "nomifensine.com", true },
{ "nomsy.net", true },
- { "nonabytes.xyz", true },
+ { "nonabytes.xyz", false },
{ "noname-ev.de", true },
{ "nonametheme.com", true },
{ "noncombatant.org", true },
@@ -27226,7 +27463,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "noomist.com", true },
{ "noon-entertainments.com", true },
{ "noop.ch", true },
+ { "nooranevalainen.fi", true },
{ "noordsee.de", true },
+ { "noordwesthoekrit.nl", true },
{ "noorsolidarity.com", true },
{ "noortronic.com", true },
{ "nootronerd.com", true },
@@ -27239,7 +27478,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nord-restaurant-bar.de", true },
{ "nord-sud.be", true },
{ "nordakademie.de", true },
- { "nordicess.dk", true },
+ { "norden.eu.org", true },
{ "nordicirc.com", true },
{ "nordinfo.fi", true },
{ "nordlichter-brv.de", true },
@@ -27276,6 +27515,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "northerngate.net", true },
{ "northernhamsterclub.com", true },
{ "northernpage.com", true },
+ { "northernpowertrain.com", true },
{ "northernselfstorage.co.za", true },
{ "northfieldyarn.com", true },
{ "northokanaganbookkeeping.com", true },
@@ -27290,7 +27530,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "noscript.net", true },
{ "noscura.nl", true },
{ "nosecrets.ch", true },
- { "nosfermiers.com", true },
{ "noslite.nl", true },
{ "nospoint.cz", true },
{ "nosqlzoo.net", true },
@@ -27375,11 +27614,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "np.search.yahoo.com", false },
{ "npath.de", true },
{ "npcrcss.org", true },
+ { "nphrm.com", true },
{ "npmcdn.com", true },
{ "npregion.org", true },
{ "npsas.org", true },
{ "npw.net", true },
- { "nqeshreviewer.com", true },
{ "nrd.li", true },
{ "nrdstd.io", true },
{ "nrev.ch", true },
@@ -27414,6 +27653,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nte.email", true },
{ "nti.de", true },
{ "ntia.gov", true },
+ { "ntlabs.org", true },
{ "ntotten.com", true },
{ "ntppool.org", false },
{ "ntsb.gov", true },
@@ -27424,7 +27664,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nu3tion.cz", true },
{ "nuacht.ie", true },
{ "nuamooreaindonesia.com", true },
- { "nubella.com.au", true },
{ "nubu.at", true },
{ "nuclea.id", true },
{ "nuclea.site", true },
@@ -27435,6 +27674,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nuevaimagenpublicidad.es", true },
{ "nuffield.nl", true },
{ "nugdev.co", true },
+ { "nukleosome.com", true },
{ "null-life.com", true },
{ "nullday.de", true },
{ "nulle-part.org", true },
@@ -27505,6 +27745,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nwerc.party", true },
{ "nwgh.org", false },
{ "nwimports.com", true },
+ { "nwitt.us", true },
{ "nwk1.com", true },
{ "nwperformanceandoffroad.com", true },
{ "nwr-waffenbuch.de", true },
@@ -27537,6 +27778,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nyoronfansubs.org", true },
{ "nyphox.ovh", true },
{ "nys-hk.com", false },
+ { "nysteak5.com", true },
{ "nytrafficticket.com", true },
{ "nyxi.eu", true },
{ "nyyu.tk", true },
@@ -27544,7 +27786,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "nzbr.de", true },
{ "nzstudy.ac.nz", true },
{ "nzws.me", true },
- { "o-loska.cz", true },
{ "o-results.ch", true },
{ "o-sp.com", true },
{ "o2careers.co.uk", true },
@@ -27563,6 +27804,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oakparklighting.com", true },
{ "oakparkoutdoorlighting.com", true },
{ "oakslighting.co.uk", true },
+ { "oaktree-realtors.com", true },
{ "oanalista.com.br", true },
{ "oasisdabeleza.com.br", true },
{ "oasisim.net", false },
@@ -27573,7 +27815,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "obamawhitehouse.gov", true },
{ "oberhofdrinks.com", true },
{ "obermeiers.eu", true },
- { "oberoi.de", true },
{ "obesidadlavega.com", true },
{ "obfuscate.xyz", true },
{ "obg-global.com", true },
@@ -27583,11 +27824,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "objectif-terre.ch", true },
{ "objekt-textil.ch", true },
{ "oblast45.ru", false },
+ { "obligacjekk.pl", true },
{ "oboeta.com", true },
{ "obono.at", true },
{ "obrienswine.ie", true },
{ "obs.group", true },
- { "obscur.us", true },
{ "observer.name", true },
{ "obsessharness.com", true },
{ "obsidianirc.net", true },
@@ -27599,6 +27840,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oc-sa.ch", true },
{ "ocalaflwomenshealth.com", true },
{ "ocarupo.com", true },
+ { "occ.gov", true },
{ "occenterprises.org", true },
{ "occentus.net", true },
{ "occmon.net", true },
@@ -27652,6 +27894,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oddsandevensbookkeeping.ca", true },
{ "oddtime.net", true },
{ "odensc.me", true },
+ { "odense3dprint.dk", true },
{ "odhosc.ca", true },
{ "odifi.com", true },
{ "odinseye.net", true },
@@ -27675,6 +27918,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oemspace.nl", true },
{ "oemwolf.com", true },
{ "oenings.eu", true },
+ { "oessi.eu", true },
{ "of2m.fr", true },
{ "ofcampuslausanne.ch", true },
{ "ofda.gov", true },
@@ -27688,6 +27932,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "offertegiuste.com", true },
{ "offfbynight.be", true },
{ "offgames.io", true },
+ { "offgridauto.com", true },
{ "offgridhub.com", true },
{ "office-discount.at", true },
{ "office-discount.de", true },
@@ -27697,7 +27942,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "officeinteriors.co.nz", true },
{ "officemovepro.com", true },
{ "officiants.wedding", false },
- { "officium.tech", true },
{ "offroadeq.com", true },
{ "offroadhoverboard.net", true },
{ "offshoot.ie", true },
@@ -27718,6 +27962,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oh14.de", true },
{ "ohadsoft.com", true },
{ "ohai.su", true },
+ { "ohartl.de", true },
{ "ohchouette.com", true },
{ "ohd.dk", true },
{ "oheila.com", true },
@@ -27731,15 +27976,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ohsohairy.co.uk", true },
{ "ohyooo.com", true },
{ "oi-wiki.org", true },
+ { "oil-ecn.ru", true },
{ "oilpaintingsonly.com", true },
{ "oirealtor.com", true },
{ "oisd.nl", true },
{ "oita-homes.com", true },
{ "ojaioliveoil.com", true },
- { "ojanaho.com", true },
{ "ojdip.net", true },
{ "ojomovies.com", true },
{ "ojp.gov", true },
+ { "okaidi.fr", true },
{ "okakuro.org", true },
{ "okanaganrailtrail.ca", true },
{ "okashi.me", true },
@@ -27772,10 +28018,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "olbat.net", true },
{ "olcayanar.com", true },
{ "olcbrookhaven.org", true },
- { "oldbrookinflatables.co.uk", true },
{ "oldbrookmarqueehire.co.uk", true },
{ "oldchaphome.nl", true },
- { "oldenglishsheepdog.com.br", true },
{ "older-racer.com", true },
{ "oldita.ru", true },
{ "oldking.net", true },
@@ -27787,6 +28031,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oldsticker.com", true },
{ "oldstmary.com", true },
{ "oldtimerreifen-moeller.de", true },
+ { "olecoin.io", true },
{ "olegon.ru", true },
{ "olegs.be", true },
{ "oleksii.name", true },
@@ -27798,6 +28043,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "olgui.net", true },
{ "olgun.eu", true },
{ "olhcparish.net", true },
+ { "olifant.fr", true },
{ "olightstore.ro", true },
{ "oliveoil.bot", true },
{ "oliveoilschool.org", true },
@@ -27839,9 +28085,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "olympeakgaming.tv", true },
{ "olympiads.ca", true },
{ "olympic-research.com", true },
+ { "om.yoga", true },
{ "om1.com", true },
{ "omanko.porn", true },
- { "omar.yt", true },
{ "omarh.net", true },
{ "omdesign.cz", true },
{ "omegahosting.net", true },
@@ -27862,8 +28108,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "omniasl.com", true },
{ "omniatv.com", true },
{ "omnibot.tv", true },
- { "omnisafira.com", true },
{ "omniscimus.net", false },
+ { "omnisiens.se", true },
{ "omnisky.dk", true },
{ "omnitrack.org", true },
{ "omniverse.ru", true },
@@ -27872,6 +28118,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "omoteura.com", true },
{ "omranic.com", true },
{ "omronwellness.com", true },
+ { "omsdieppe.fr", true },
{ "on-tech.co.uk", true },
{ "on.tax", true },
{ "ona.io", true },
@@ -27907,7 +28154,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "onedrive.live.com", false },
{ "onee3.org", true },
{ "onefour.ga", false },
- { "onegoodthingbyjillee.com", true },
{ "oneheartbali.church", true },
{ "oneidentity.me", true },
{ "oneiroi.co.uk", true },
@@ -27916,11 +28162,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oneononeonone.de", true },
{ "oneononeonone.tv", true },
{ "onepercentrentals.com", true },
- { "onepointsafeband.ca", true },
- { "onepointsafeband.com", true },
{ "onepointzero.com", true },
{ "oneprediction.com", true },
- { "onesnzeroes.com", false },
+ { "onesnzeroes.com", true },
{ "onesports.cz", true },
{ "onestepfootcare.com", true },
{ "onestopcastles.co.uk", true },
@@ -27929,6 +28173,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "onetech.it", true },
{ "onetime.info", true },
{ "onetonline.org", true },
+ { "onetouchrevealplus.com", true },
+ { "onetwentyseven001.com", true },
{ "oneway.ga", true },
{ "onewaymail.com", true },
{ "oneweb.hu", true },
@@ -27943,11 +28189,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "onionplay.net", true },
{ "onionplay.org", true },
{ "onionscan.org", true },
+ { "onionyst.com", true },
{ "oniria.ch", true },
{ "onix.eu.com", true },
{ "onixcco.com.br", true },
{ "onkentessegertdij.hu", true },
{ "onlfait.ch", true },
+ { "online-backup.se", true },
{ "online-bouwmaterialen.nl", true },
{ "online-calculator.com", true },
{ "online-consulting-corp.com", true },
@@ -27956,13 +28204,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "online-health-insurance.com", true },
{ "online-lernprogramme.de", true },
{ "online-pr.at", true },
- { "online-results.dk", true },
{ "online-stopwatch.com", true },
{ "online-textil.com", true },
{ "online-textil.cz", true },
{ "online-textil.sk", true },
{ "online.marketing", true },
{ "online.net.gr", true },
+ { "online.swedbank.se", true },
{ "online24.pt", true },
{ "onlinebizdirect.com", false },
{ "onlinecasino.vlaanderen", true },
@@ -28056,6 +28304,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "openings.ninja", true },
{ "openintelligence.uk", true },
{ "openitforum.pl", true },
+ { "openjur.de", true },
{ "openkim.org", true },
{ "openkvk.nl", true },
{ "openmirrors.ml", true },
@@ -28075,6 +28324,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "openscreen.lu", true },
{ "opensource-cms.nl", true },
{ "opensource-training.de", true },
+ { "opensourcesurvey.org", true },
{ "openspa.webhop.info", true },
{ "openssl.org", true },
{ "openstem.com.au", true },
@@ -28128,18 +28378,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "opticaltest.com", true },
{ "optik-trosdorff.de", true },
{ "optimalsetup.com", true },
- { "optimised.cloud", true },
- { "optimised.io", true },
{ "optimisedlabs.co.uk", true },
{ "optimisedlabs.com", true },
- { "optimisedlabs.info", true },
- { "optimisedlabs.net", true },
- { "optimisedlabs.uk", true },
{ "optimist.bg", true },
- { "optimizedlabs.co.uk", true },
- { "optimizedlabs.info", true },
- { "optimizedlabs.net", true },
- { "optimizedlabs.uk", true },
{ "optimumwebdesigns.com", true },
{ "optimus.io", true },
{ "optimuscrime.net", true },
@@ -28156,7 +28397,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "orangejetpack.com", true },
{ "orangenbaum.at", true },
{ "orangenuts.in", true },
+ { "orangetravel.eu", true },
{ "orangutan-appeal.org.uk", true },
+ { "oranjee.net", true },
{ "orbital3.com", true },
{ "orbu.net", true },
{ "orca.pet", true },
@@ -28187,7 +28430,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "orians.eu", true },
{ "oribia.net", true },
{ "orientalart.nl", true },
- { "orientravelmacas.com", true },
{ "oriflameszepsegkozpont.hu", true },
{ "origami.to", true },
{ "origamika.com", true },
@@ -28207,13 +28449,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oriongames.eu", true },
{ "orkestar-krizevci.hr", true },
{ "orkiv.com", true },
+ { "orlandobalbas.com", true },
{ "orlandoprojects.com", true },
{ "orleika.io", true },
{ "orlives.de", false },
{ "ormer.nl", true },
{ "orocojuco.com", true },
- { "orovillelaw.com", true },
- { "orro.ro", true },
{ "orrs.de", true },
{ "orthocop.cz", true },
{ "orthodontiste-geneve-docteur-rioux.com", true },
@@ -28221,10 +28462,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "orthotictransfers.com", true },
{ "ortlepp.eu", true },
{ "oruggt.is", true },
- { "orum.in", true },
{ "orwell1984.today", true },
{ "oryva.com", true },
- { "orz.uno", true },
{ "os-chrome.ru", true },
{ "os-s.net", true },
{ "os-t.de", true },
@@ -28246,6 +28485,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "oshrc.gov", true },
{ "osielnava.com", true },
{ "osirisrp.online", true },
+ { "osirium.com", true },
{ "oskrba.net", true },
{ "oskuro.net", true },
{ "osla.org", true },
@@ -28267,6 +28507,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "osti.gov", true },
{ "ostimwebyazilim.com", true },
{ "ostr.io", true },
+ { "ostrov8.com", true },
{ "osusume-houhou.com", true },
{ "oswalds.co.uk", true },
{ "oswaldsmillaudio.com", true },
@@ -28278,13 +28519,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "otakubox.de", true },
{ "otakurepublic.com", true },
{ "otakurumi.de", true },
+ { "otakuyun.com", true },
{ "otellio.com", true },
{ "otellio.de", true },
{ "otellio.it", true },
{ "other98.com", true },
{ "oticasaopaulo.com.br", true },
{ "oticasvisao.net.br", true },
- { "otoblok.com", true },
{ "otokiralama.name.tr", true },
{ "otorrino.pt", true },
{ "otoy.com", true },
@@ -28302,10 +28543,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ouattara.ch", true },
{ "ouestsolutions.com", true },
{ "ouglor.com", true },
- { "ouimoove.com", true },
{ "ouin.land", true },
{ "oulunjujutsu.com", true },
- { "ouowo.gq", true },
{ "our-box.net", true },
{ "ourai.ws", true },
{ "ourcloud.at", true },
@@ -28350,10 +28589,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ovelhaostra.com", true },
{ "overalglas.nl", true },
{ "overamsteluitgevers.nl", true },
- { "overceny.cz", true },
{ "overclockers.ge", true },
{ "overdrive-usedcars.be", true },
{ "overkillshop.com", true },
+ { "overseamusic.de", true },
{ "oversight.garden", true },
{ "oversight.gov", true },
{ "overstap.deals", true },
@@ -28362,7 +28601,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "overthecloud.it", true },
{ "overthinkingit.com", true },
{ "overtrolls.de", true },
- { "overwall.org", true },
{ "overzicht.pro", true },
{ "overzicht.ws", true },
{ "oveweddings.com", true },
@@ -28385,6 +28623,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ownmay.com", true },
{ "oxborrow.ca", true },
{ "oxelie.com", true },
+ { "oxia.me", true },
+ { "oxiame.eu", true },
{ "oxo.cloud", true },
{ "oxygin.net", true },
{ "oxytocin.org", true },
@@ -28430,6 +28670,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pabloarteaga.eu", true },
{ "pabloarteaga.info", true },
{ "pabloarteaga.me", true },
+ { "pabloarteaga.name", true },
{ "pabloarteaga.net", true },
{ "pabloarteaga.nom.es", true },
{ "pabloarteaga.org", true },
@@ -28437,6 +28678,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pabloarteaga.tech", true },
{ "pabloarteaga.uk", true },
{ "pabloarteaga.xyz", true },
+ { "pablofain.com", true },
{ "pabuzo.vn", true },
{ "pacaom.com", true },
{ "pacatlantic.com", true },
@@ -28449,7 +28691,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pacificcashforcars.com.au", true },
{ "pacificpalisadeselectric.com", true },
{ "pacificpalisadeselectrical.com", true },
- { "pacificpalisadeselectrician.com", true },
{ "pacificpalisadeslandscapelighting.com", true },
{ "pacificpalisadeslighting.com", true },
{ "pacifictilkin-occasions.be", true },
@@ -28493,6 +28734,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pagewizz.com", true },
{ "pagiamtzis.com", true },
{ "pagina.com.mx", true },
+ { "pagina394.com.br", true },
{ "paginaweb4u.com", true },
{ "pagure.io", true },
{ "pahae.de", true },
@@ -28508,6 +28750,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paintball-shop.sk", true },
{ "paintcolorsbysue.com", true },
{ "paintingindurban.co.za", true },
+ { "paintsealdirect.com", true },
{ "paipuman.jp", true },
{ "pajadam.me", true },
{ "pajuvuo.fi", true },
@@ -28519,7 +28762,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pakistani.dating", true },
{ "pakitow.fr", true },
{ "pakke.de", true },
- { "pakowanie-polska.pl", true },
{ "pakroyalpress.com", true },
{ "paktolos.net", true },
{ "palabr.as", true },
@@ -28576,11 +28818,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "panj.ws", true },
{ "panjiva.com", true },
{ "panmetro.com", true },
- { "panoma.de", true },
{ "panomizer.de", true },
{ "panopy.co", true },
{ "panopy.me", true },
- { "panoti.com", false },
{ "panoxadrez.com.br", true },
{ "panpa.ca", true },
{ "panpsychism.com", true },
@@ -28612,6 +28852,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paperlesssolutionsltd.com.ng", true },
{ "papertracker.net", true },
{ "paperturn.com", true },
+ { "paperworld.online", true },
{ "paperwritinghelp.net", true },
{ "papiermakerijdehoop.nl", true },
{ "papiermeteenverhaal.nl", true },
@@ -28638,12 +28879,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paranormalweirdo.com", true },
{ "paranoxer.hu", true },
{ "parasitologyclub.org", true },
+ { "parasosto.fi", true },
{ "paratlan.hu", true },
{ "paratxt.org", true },
{ "parcelbroker.co.uk", false },
{ "parchcraftaustralia.com", true },
{ "parckwart.de", true },
{ "parcon.it", true },
+ { "parcoursup.fr", true },
{ "parentelement.com", true },
{ "parentheseardenne.be", true },
{ "parentinterview.com", true },
@@ -28657,17 +28900,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "parisfranceparking.de", true },
{ "parisfranceparking.fr", true },
{ "parisfranceparking.nl", true },
- { "parisprovincedemenagements.fr", true },
{ "parkeren.in", true },
{ "parkfans.net", true },
{ "parkhost.eu", true },
{ "parkinginparis.fr", true },
+ { "parkingparisnord.fr", true },
{ "parkingpoint.co.uk", true },
{ "parkrunstats.servehttp.com", true },
{ "parkviewmotorcompany.com", true },
{ "parkwayminyan.org", true },
{ "parlamento.gub.uy", true },
{ "parleamonluc.fr", true },
+ { "parleu2016.nl", true },
{ "parmels.com.br", true },
{ "parnassys.net", true },
{ "parodesigns.com", true },
@@ -28687,8 +28931,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "partijtjevoordevrijheid.nl", false },
{ "partiono.com", true },
{ "partner.sh", true },
+ { "partnercardservices.com", true },
{ "partnermobil.de", true },
- { "partnersfcu.org", true },
{ "partou.de", true },
{ "partridge.tech", true },
{ "parts4phone.com", true },
@@ -28722,20 +28966,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pasarella.eu", true },
{ "pascal-bourhis.com", true },
{ "pascal-bourhis.net", true },
+ { "pascal-kannchen.de", true },
{ "pascal-wittmann.de", true },
{ "pascaline-jouis.fr", true },
{ "pascalleguern.com", true },
{ "pascalmathis.com", true },
{ "pascalmathis.me", true },
{ "pascalmathis.net", true },
- { "pascalspoerri.ch", false },
{ "pascualinmuebles.com", true },
{ "pasearch.nl", true },
{ "pashminacachemire.com", true },
{ "pass.org.my", true },
{ "passabook.com", true },
{ "passcod.name", true },
- { "passendonderwijs.nl", true },
{ "passfilesafe.com", true },
{ "passfoto-deinfoto.ch", true },
{ "passieposse.nl", true },
@@ -28744,7 +28987,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "passionatehorsemanship.com", true },
{ "passionatelife.com.au", true },
{ "passionbyd.com", true },
- { "passionebenessere.com", true },
{ "passionpictures.eu", true },
{ "passions-art.com", true },
{ "passover-fun.com", true },
@@ -28785,9 +29027,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pasternok.org", true },
{ "pasticcerialorenzetti.com", true },
{ "pastoral-verbund.de", true },
- { "pastorbelgagroenendael.com.br", true },
{ "pastordocaucaso.com.br", true },
- { "pastormaremanoabruzes.com.br", true },
{ "pasztor.at", true },
{ "patapwn.com", true },
{ "patatbesteld.nl", true },
@@ -28803,8 +29043,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "patika-biztositas.hu", true },
{ "patikabiztositas.hu", true },
{ "patineteselectricosbaratos.net", true },
- { "patouille-et-gribouille.fr", true },
- { "patric-lenhart.de", true },
{ "patrick-othmer.de", true },
{ "patrick-robrecht.de", true },
{ "patrick.my-gateway.de", true },
@@ -28830,6 +29068,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paudley.com", true },
{ "paudley.org", true },
{ "paul-barton.co.uk", true },
+ { "paul-bronski.de", true },
{ "paul.reviews", true },
{ "pauladamsmith.com", true },
{ "paulbakaus.com", true },
@@ -28850,6 +29089,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paulrotter.de", true },
{ "paulschreiber.com", true },
{ "paulscustomauto.com", true },
+ { "paulshir.com", true },
+ { "paulshir.is", true },
{ "paulsnar.lv", true },
{ "paulswartz.net", true },
{ "paulus-foto.pl", true },
@@ -28860,6 +29101,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pauly-stahlhandel.de", true },
{ "pauspam.net", true },
{ "pautadiaria.com", true },
+ { "pavamtio.cz", true },
{ "pavando.com", true },
{ "pavelfojt.cz", true },
{ "pavelrebrov.com", true },
@@ -28869,6 +29111,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pawel-international.com", true },
{ "pawelnazaruk.com", true },
{ "pawelurbanek.com", true },
+ { "pawfriends.org.za", true },
{ "pawsomebox.co.uk", true },
{ "pawsr.us", true },
{ "paxerahealth.com", true },
@@ -28905,7 +29148,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "paytonmoledor.com", true },
{ "payupay.ru", true },
{ "payzang.com", true },
- { "pb.ax", false },
{ "pback.se", true },
{ "pbosquet.com", true },
{ "pbourhis.me", true },
@@ -29029,11 +29271,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pekoe.se", true },
{ "pelanucto.cz", true },
{ "pelican.ie", true },
+ { "peliculator.com", true },
+ { "pellet.pordenone.it", true },
{ "pelletizermill.com", true },
{ "pelletsprice.com", true },
{ "pelopogrund.com", true },
{ "pelopoplot.com", true },
{ "pelotonimports.com", true },
+ { "pemborongbangunan.id", true },
{ "pems.gov.au", true },
{ "penaugustin.com", true },
{ "pencepay.com", true },
@@ -29089,14 +29334,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "perd.re", true },
{ "perecraft.com", true },
{ "perezdecastro.org", true },
+ { "perfect-carstyle.de", true },
{ "perfect.in.th", true },
{ "perfectbalance.tech", true },
{ "perfectcloud.org", true },
+ { "perfectfocuseyecare.com", true },
+ { "perfectgift.com", true },
{ "perfectoparty.co.uk", true },
{ "perfectsnap.co.uk", true },
{ "perfectstreaming.systems", true },
{ "perfektesgewicht.com", true },
{ "perfektesgewicht.de", true },
+ { "perfmatters.io", true },
{ "performancehealth.com", false },
{ "performing-art-schools.com", true },
{ "perfumeaz.com", true },
@@ -29108,7 +29357,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "perm4.com", true },
{ "permajackofstlouis.com", true },
{ "permeance108.com", true },
- { "permiscoderoute.fr", true },
{ "permistheorique.be", true },
{ "permistheoriqueenligne.be", true },
{ "perniciousgames.com", true },
@@ -29183,7 +29431,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "petrostathis.com", true },
{ "petrpikora.com", true },
{ "petrucciresidential.com", true },
- { "petruzz.net", true },
+ { "pets4life.com.au", true },
{ "petschnighof.at", true },
{ "pettitcoat.com", true },
{ "petwall.info", true },
@@ -29193,6 +29441,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "peyote.com", true },
{ "pfa.or.jp", true },
{ "pfadfinder-aurich.de", true },
+ { "pfadfinder-grossauheim.de", true },
{ "pfarchimedes-pensioen123.nl", true },
{ "pfarre-kremsmuenster.at", true },
{ "pfcafeen.dk", true },
@@ -29210,6 +29459,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pflug.email", true },
{ "pfmeasure.com", true },
{ "pfotentour-berlin.de", true },
+ { "pfrost.me", true },
{ "pfudor.tk", true },
{ "pg-forum.de", true },
{ "pg-mana.net", true },
@@ -29220,10 +29470,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pgp.guru", true },
{ "pgp.network", true },
{ "pgpmail.cc", true },
+ { "pgregg.com", true },
{ "ph-blog.de", true },
{ "ph.search.yahoo.com", false },
{ "ph3r3tz.net", true },
- { "phantasie.cc", true },
{ "phantastikon.de", true },
{ "pharma-display.com", true },
{ "pharmaabsoluta.com.br", true },
@@ -29243,13 +29493,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "phasersec.com", false },
{ "phasme-2016.com", true },
{ "phattea.tk", true },
- { "phaux.uno", true },
{ "phcimages.com", true },
{ "phcnetworks.net", true },
{ "phcorner.net", true },
{ "phdhub.it", true },
{ "phellowseven.com", true },
{ "phelx.de", true },
+ { "phen-garcinia.info", true },
{ "phenixairsoft.com", true },
{ "phenq.com", true },
{ "phget.com", true },
@@ -29265,6 +29515,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "philia-sa.com", true },
{ "philipdb.com", true },
{ "philipdb.nl", true },
+ { "philipkobelt.ch", true },
{ "philipp-trulson.de", true },
{ "philipp-winkler.de", true },
{ "philipp1994.de", true },
@@ -29274,7 +29525,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "philippebonnard.fr", true },
{ "philipperoose.be", true },
{ "philippheenen.de", true },
- { "philippinedroneassociation.org", true },
{ "philippkeschl.at", true },
{ "philipssupportforum.com", true },
{ "philipzhan.tk", true },
@@ -29296,9 +29546,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "phishing-studie.org", true },
{ "phishingusertraining.com", true },
{ "phligence.com", true },
- { "phoenics.de", true },
+ { "phocean.net", true },
{ "phoenixlogan.com", true },
{ "phoenixurbanspaces.com", true },
+ { "pholder.com", true },
{ "phone-service-center.de", true },
{ "phonix-company.fr", true },
{ "phormance.com", true },
@@ -29313,6 +29564,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "photoancestry.com", true },
{ "photoartelle.com", true },
{ "photodeal.fr", true },
+ { "photofilmcamera.com", true },
{ "photographe-reims.com", true },
{ "photographersdaydream.com", true },
{ "photography-workshops.net", true },
@@ -29320,15 +29572,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "photomodelcasting.com", true },
{ "phototravel.uk", true },
{ "phototrio.com", true },
+ { "phoxden.net", true },
{ "phoxmeh.com", true },
{ "php-developer.org", true },
{ "php-tuning.de", true },
+ { "php.watch", true },
{ "phparcade.com", true },
{ "phpartners.org", true },
{ "phpbbchinese.com", true },
{ "phpdorset.co.uk", true },
{ "phpinfo.in.th", true },
- { "phpkari.cz", true },
{ "phpliteadmin.org", true },
{ "phpmyadmin.net", true },
{ "phpower.com", true },
@@ -29336,7 +29589,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "phpsecure.info", true },
{ "phpstan.org", true },
{ "phpunit.de", true },
- { "phrive.space", true },
{ "phryanjr.com", false },
{ "phuket-idc.com", true },
{ "phuket-idc.de", true },
@@ -29344,12 +29596,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "phurl.de", true },
{ "phurl.io", true },
{ "phus.lu", true },
+ { "phyley.com", true },
{ "physicalism.com", true },
{ "physicalist.com", true },
{ "physicaltherapist.com", false },
{ "physics-schools.com", true },
{ "physiotherapie-seiwald.de", true },
{ "physiovesenaz.ch", true },
+ { "pi-box.ml", true },
{ "pi-control.de", true },
{ "pi-dash.com", true },
{ "pi-net.dedyn.io", true },
@@ -29378,7 +29632,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "picoauto.com", true },
{ "piconepress.com", true },
{ "picotech.com", true },
- { "picotronic.de", true },
{ "picster.at", true },
{ "picsto.re", true },
{ "pictorial.com.sg", true },
@@ -29397,6 +29650,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pieland.eu", true },
{ "pieldenaranja.com", true },
{ "piem.org", true },
+ { "piepermail.nl", true },
{ "pieq.eu", true },
{ "pieq.eu.org", true },
{ "pier28.com", true },
@@ -29404,6 +29658,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "piercraft.com", true },
{ "pierre-denoblens.net", true },
{ "pierre-schmitz.com", true },
+ { "pierreblake.com", true },
{ "pierrefv.com", true },
{ "pierreprinetti.com", true },
{ "pierrickdeniel.fr", true },
@@ -29414,8 +29669,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pietz.uk", true },
{ "pigs.pictures", true },
{ "pijuice.com", true },
+ { "pijusmagnificus.com", true },
{ "pik.bzh", true },
- { "pikeitservices.com.au", true },
{ "pikimusic.moe", true },
{ "pilani.ch", true },
{ "pilarguineagil.com", true },
@@ -29424,12 +29679,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pileofgarbage.net", true },
{ "piliszek.net", true },
{ "pill.id", true },
+ { "pillowfort.pub", true },
{ "pilot-colleges.com", true },
{ "pilot.co", true },
{ "pilotgrowth.com", true },
{ "pilsoncontracting.com", true },
{ "pilvin.pl", true },
- { "pimg136.com", true },
{ "pimhaarsma.nl", true },
{ "pimhaarsmamedia.nl", true },
{ "pimpmyperf.fr", true },
@@ -29462,6 +29717,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pinnaclelife.nz", true },
{ "pinnacles.com", true },
{ "pinner.io", true },
+ { "pinot.it", true },
{ "pinoydailytvshow.net", true },
{ "pinoyonlinetv.com", true },
{ "pinoytech.ph", true },
@@ -29477,9 +29733,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pinterest.info", true },
{ "pinterest.jp", true },
{ "pinterjann.is", true },
+ { "pintosbeeremovals.co.za", true },
{ "pintosplumbing.co.za", true },
{ "pioneer-car.eu", true },
{ "pioneer-rus.ru", true },
+ { "pipenny.net", true },
{ "pipfrosch.com", true },
{ "pipocao.com", true },
{ "pirate.trade", true },
@@ -29515,6 +29773,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pissblau.com", true },
{ "pissflaps.co.uk", true },
{ "pisupp.ly", true },
+ { "pitaiabank.com", true },
+ { "pitaiatrade.com", true },
{ "pitbullsecuritysolutions.ca", true },
{ "pitchpinecapital.com", true },
{ "pitchupp.com", true },
@@ -29543,7 +29803,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pixelz.cc", true },
{ "pixiv.cat", true },
{ "pixiv.moe", true },
- { "pixiv.rip", true },
{ "pixlfox.com", true },
{ "pixloc.fr", true },
{ "pizza-show.fr", true },
@@ -29558,12 +29817,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pizzeriacolore.com", true },
{ "pj539999.com", true },
{ "pjentertainments.co.uk", true },
- { "pjili.com", true },
{ "pjleisure.co.uk", true },
{ "pjo.no", true },
{ "pjuu.com", false },
{ "pk.search.yahoo.com", false },
{ "pkbjateng.com", true },
+ { "pkbjateng.or.id", true },
+ { "pkeus.de", true },
{ "pkgt.de", false },
{ "pkirwan.com", true },
{ "pkisolutions.com", true },
@@ -29616,6 +29876,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "planmemberpartners.com", true },
{ "plannedlink.com", true },
{ "planningexcellence.com.au", true },
+ { "planolowcarb.com", true },
{ "plant-gift.jp", true },
{ "plantarum.com.br", true },
{ "plantastique.ch", true },
@@ -29630,6 +29891,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "planview.com", true },
{ "plaque-funeraire.fr", true },
{ "plassmann.ws", true },
+ { "plasticsurgerynola.com", true },
+ { "plasticsurgeryservices.com", true },
{ "plastovelehatko.cz", true },
{ "plateformecandidature.com", true },
{ "platformadmin.com", true },
@@ -29638,7 +29901,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "platschi.net", true },
{ "platten-nach-mass.de", true },
{ "platterlauncher.com", true },
- { "plattner.club", true },
{ "play-casino-japan.com", true },
{ "play-charades.com", true },
{ "play.cash", true },
@@ -29651,7 +29913,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "players2gather.com", true },
{ "playerscout.net", true },
{ "playform.cloud", true },
- { "playhappywheelsunblocked.com", true },
{ "playnation.io", true },
{ "playocean.net", true },
{ "playpirates.com", true },
@@ -29673,11 +29934,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pleier.it", false },
{ "pleine-conscience.ch", true },
{ "plenigo.com", true },
+ { "plentybetter.com", true },
+ { "plentybetter.org", true },
{ "plesse.pl", true },
{ "plexa.de", true },
{ "plexhome13.ddns.net", true },
{ "plexmark.tk", true },
- { "plextv.de", true },
{ "plicca.com", true },
{ "pliosoft.com", true },
{ "plissee-experte.de", true },
@@ -29708,7 +29970,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "plumbingcentral.com.au", true },
{ "plumbingglenvista.co.za", true },
{ "plumlocosoft.com", true },
- { "plumnet.ch", true },
{ "plumpie.net", false },
{ "plumplat.com", true },
{ "plur.com.au", true },
@@ -29717,12 +29978,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "plus-5.com", true },
{ "plus.google.com", false },
{ "plus.sandbox.google.com", true },
- { "plus1s.site", true },
{ "pluscbdoil.com", true },
{ "pluslink.co.jp", true },
{ "plusstreamfeed.appspot.com", true },
- { "plustech.id", true },
- { "pluta.net", true },
+ { "pluta.net", false },
{ "plutiedev.com", true },
{ "pluto.life", true },
{ "plutokorea.com", true },
@@ -29786,7 +30045,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "poc13.com", true },
{ "poc15.com", true },
{ "poc16.com", true },
- { "poc17.com", true },
{ "poc18.com", true },
{ "poc19.com", true },
{ "poc21.com", true },
@@ -29859,16 +30117,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pocqipai.com", true },
{ "podemos.info", true },
{ "podia.com.gr", false },
+ { "podo-podo.com", true },
{ "podroof.com", true },
{ "podroof.com.au", true },
{ "podshrink.de", true },
{ "poe.digital", true },
{ "poed.net.au", true },
{ "poedgirl.com", true },
+ { "poemlife.com", true },
{ "poezja.com.pl", true },
{ "poezjagala.pl", true },
{ "poffenhouse.ddns.net", true },
{ "pogera.com", true },
+ { "pogetback.pl", true },
{ "pogrebisky.net", true },
{ "pohlednice-tap.cz", true },
{ "pohlmann.io", true },
@@ -29891,6 +30152,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pokemori.jp", true },
{ "pokepon.center", true },
{ "pokl.cz", true },
+ { "pokrowcecardo.pl", true },
{ "polaire.org", true },
{ "polanda.com", true },
{ "polar-baer.com", true },
@@ -29932,6 +30194,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "polleverywhere.com", true },
{ "pollingplace.uk", true },
{ "polly.spdns.org", true },
+ { "polomack.eu", true },
{ "poloniainfo.com", true },
{ "polska-robota.com.ua", true },
{ "polskiemalzenstwo.org", true },
@@ -29950,6 +30213,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "polytekniskforening.dk", true },
{ "pomar.club", false },
{ "pomelo-paradigm.com", true },
+ { "pomfe.co", true },
{ "pomfeed.fr", true },
{ "pommedepain.fr", true },
{ "pomockypredeti.sk", true },
@@ -29991,6 +30255,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "popoway.cloud", true },
{ "popoway.me", true },
{ "poppetsphere.de", true },
+ { "poptimize.net", true },
{ "population-ethics.com", true },
{ "popvitrin.com", true },
{ "poquvi.net", true },
@@ -30016,6 +30281,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pornstop.net", true },
{ "pornsuper.net", true },
{ "porny.xyz", true },
+ { "porpcr.com", true },
{ "pors-sw.cz", true },
{ "port443.hamburg", true },
{ "port443.se", true },
@@ -30056,12 +30322,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "posijson.stream", true },
{ "positionus.io", true },
{ "positive.com.cy", true },
+ { "positivenames.net", true },
{ "posobota.cz", true },
- { "posoiu.net", true },
{ "post-darwinian.com", true },
{ "post-darwinism.com", true },
{ "post.com.ar", true },
{ "post.io", true },
+ { "post.we.bs", true },
{ "post4me.at", true },
{ "postal.dk", true },
{ "postal3.es", true },
@@ -30071,6 +30338,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "postcodewise.co.uk", true },
{ "postdarwinian.com", true },
{ "postdarwinism.com", true },
+ { "postdeck.de", true },
{ "posteo.de", false },
{ "posterspy.com", true },
{ "postfalls-naturopathic.com", true },
@@ -30143,6 +30411,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ppmathis.ch", true },
{ "ppmathis.com", true },
{ "ppmoon.com", true },
+ { "ppoozl.com", true },
{ "ppro.com", true },
{ "pptavmdata.org", true },
{ "ppy.la", true },
@@ -30168,12 +30437,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "praguepsychology.cz", true },
{ "pragueswim.cz", true },
{ "praha-9.eu", true },
- { "prajwalkoirala.com", true },
{ "prakhar.uk", true },
{ "prakharprasad.com", true },
{ "praktijkdevecht.nl", true },
{ "praktijkpassepartout.nl", true },
{ "prashchar.uk", true },
+ { "prateep.io", true },
{ "pratopronto.org", true },
{ "pratorotoli.it", true },
{ "praxino.de", true },
@@ -30217,6 +30486,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "prelved.pl", true },
{ "prelved.se", true },
{ "prematureacceleration.club", true },
+ { "preme.name", true },
{ "premierbouncycastles.co.uk", true },
{ "premieresloges.ca", false },
{ "premierevents.ie", true },
@@ -30234,7 +30504,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "prepaidkredietkaart.be", true },
{ "prepare-job-hunting.com", true },
{ "prepavesale.fr", true },
- { "presbee.com", true },
{ "presbvm.org", true },
{ "presbyterian-colleges.com", true },
{ "prescotonline.co.uk", true },
@@ -30263,21 +30532,30 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "prestonbrant.com", true },
{ "pretachique.com.br", true },
{ "pretix.eu", true },
+ { "pretor.com.pl", true },
+ { "pretor.eu", true },
+ { "pretor.pl", true },
+ { "pretorcup.pl", true },
{ "pretrialservices.gov", true },
{ "pretty.hu", true },
{ "prettygirlcheats.com", true },
- { "prettynode.com", true },
+ { "prettynode.com", false },
+ { "pretwolk.nl", true },
{ "pretzelx.com", true },
{ "prevenir.ch", true },
{ "preventshare.com", true },
{ "preview-it-now.com", true },
{ "priceremoval.net", true },
{ "pricesniffer.co", true },
+ { "prideindomination.com", true },
{ "pridetechdesign.com", false },
{ "prielwurmjaeger.de", true },
{ "prihatno.my.id", true },
+ { "primaconsulting.net", true },
{ "primalbase.com", true },
{ "primalinea.pro", true },
+ { "primalshop.dk", true },
+ { "primananda.com", true },
{ "primates.com", true },
{ "primeequityproperties.com", true },
{ "primoloyalty.com", true },
@@ -30286,7 +30564,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "princesparktouch.com", true },
{ "princessefoulard.com", true },
{ "principalsexam.com", true },
- { "principalship.net", true },
{ "principalstest.com", true },
{ "principalstest.ph", true },
{ "principalstest.review", true },
@@ -30356,7 +30633,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "privatecapsecurity.org", true },
{ "privateideas.de", true },
{ "privateimarketing.com", true },
- { "privatepokertour.com", true },
{ "privatepropertymallorca.com", true },
{ "privatestatic.com", false },
{ "privatevoid.net", true },
@@ -30396,6 +30672,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "procharter.com", true },
{ "procinorte.net", true },
{ "proclib.org", true },
+ { "procrastinatingengineer.uk", true },
{ "procrastinationland.com", true },
{ "procreditbank-kos.com", true },
{ "procreditbank.com.al", true },
@@ -30405,7 +30682,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "prodietix.cz", true },
{ "prodigia.com", false },
{ "prodinger.com", true },
- { "prodottogiusto.com", true },
{ "prodsim.ninja", true },
{ "producepromotions.com", true },
{ "producertools.io", true },
@@ -30414,10 +30690,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "productdesignsoftware.com.au", true },
{ "production.vn", true },
{ "productlondon.com", true },
- { "productoinnovador.com", true },
{ "productpeo.pl", true },
{ "products4more.at", true },
- { "produkttest-online.com", true },
{ "prodware.fr", true },
{ "prodware.nl", true },
{ "proeflokaalbakker.nl", true },
@@ -30459,7 +30733,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "progressnet.nl", true },
{ "progresswww.nl", true },
{ "prohrcloud.com", true },
- { "proimpact.it", true },
{ "project.supply", true },
{ "project86fashion.com", true },
{ "projectarmy.net", false },
@@ -30472,10 +30745,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "projectsafechildhood.gov", true },
{ "projectsecretidentity.com", true },
{ "projectsecretidentity.org", true },
+ { "projectunity.io", true },
{ "projectxyz.eu", true },
{ "projektarbeit-projektplanung.de", true },
{ "projektzentrisch.de", true },
{ "projest.ch", true },
+ { "projet-fly.ch", true },
{ "prolan.pw", true },
{ "prolearningcentre.com", true },
{ "prolinos.de", true },
@@ -30503,7 +30778,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pronto-intervento.net", true },
{ "prontointerventoimmediato.it", true },
{ "prontossl.com", true },
- { "proobec.cz", true },
{ "proofwiki.org", true },
{ "proos.nl", true },
{ "proovn.com", true },
@@ -30516,6 +30790,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "propertygroup.pl", true },
{ "propertyinside.id", true },
{ "propertyone.mk", true },
+ { "propertysales-almeria.com", true },
{ "propipesystem.com", true },
{ "proposalonline.com", true },
{ "propr.no", true },
@@ -30533,7 +30808,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "prostoporno.vip", true },
{ "prostye-recepty.com", true },
{ "prosurveillancegear.com", true },
- { "prot.ch", false },
+ { "prot.ch", true },
{ "protech.ge", true },
{ "protectedreport.com", true },
{ "protectem.de", true },
@@ -30542,6 +30817,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "protege.moi", true },
{ "protegetudescanso.com", true },
{ "protein-riegel-test.de", true },
+ { "proteinnuts.sk", false },
{ "protempore.fr", true },
{ "proteogenix-products.com", true },
{ "proteogenix.science", true },
@@ -30572,6 +30848,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "prowise.com", true },
{ "prowise.me", true },
{ "proximityradio.fr", true },
+ { "proxybay.bet", true },
{ "proxybay.bz", true },
{ "proxybay.co", true },
{ "proxybay.eu.org", true },
@@ -30637,7 +30914,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "psw-consulting.de", true },
{ "psw-group.de", true },
{ "psw.net", true },
- { "psxtr.com", true },
{ "psyao.ch", true },
{ "psychedelia.com", true },
{ "psychedelics.org", true },
@@ -30648,6 +30924,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "psycho.space", true },
{ "psychoactive.com", true },
{ "psychoco.net", false },
+ { "psychotechnique.be", true },
+ { "psychotechnique.ch", true },
+ { "psychotechniquetest.fr", true },
{ "psychotherapie-kp.de", true },
{ "psycolleges.com", true },
{ "psydix.org", true },
@@ -30676,7 +30955,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "puac.de", true },
{ "pubclub.com", true },
{ "pubean.com", true },
- { "pubi.me", true },
+ { "pubi.me", false },
{ "publanda.nl", true },
{ "public-g.de", true },
{ "public-projects.com", true },
@@ -30699,16 +30978,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "puestosdeferia.mx", true },
{ "puggan.se", true },
{ "pugovka72.ru", true },
- { "puhka.me", true },
{ "puissancemac.ch", true },
{ "pukfalkenberg.dk", true },
{ "pulizieuffici.milano.it", true },
{ "pulpproject.org", true },
+ { "pulsarsecurity.com", true },
{ "pulser.stream", true },
{ "pulsnitzer-lebkuchen-shop.de", true },
+ { "pulsnitzer-lebkuchen.de", true },
{ "pulsnitzer-lebkuchen.shop", true },
{ "pulsnitzer-pfefferkuchen-shop.de", true },
{ "pulsnitzer-pfefferkuchen.shop", true },
+ { "pumpandcash.com", true },
{ "pumperszene.com", true },
{ "punchlinetheatre.co.uk", true },
{ "punchunique.com", true },
@@ -30730,7 +31011,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "purefkh.xyz", true },
{ "purefreefrom.co.uk", true },
{ "pureitsolutionsllp.com", true },
- { "purelunch.co.uk", true },
{ "pureluxemedical.com", true },
{ "purenvi.ca", true },
{ "purevapeofficial.com", true },
@@ -30759,7 +31039,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pusatinkubatorbayi.com", true },
{ "pushers.com.mx", true },
{ "pushoflove.com", true },
- { "pushphp.com", true },
{ "pushrax.com", true },
{ "pusichatka.ddns.net", true },
{ "pussr.com", true },
@@ -30780,6 +31059,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "puzzle-welt.ch", true },
{ "puzzlepoint.ch", true },
{ "pv-paderborn-now.de", true },
+ { "pvamg.org", true },
{ "pvcvoordeel.nl", false },
{ "pvda.nl", true },
{ "pvmotorco.com", true },
@@ -30793,6 +31073,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "pwnedpass.tk", true },
{ "pwnies.dk", true },
{ "pwolk.com", true },
+ { "pxgamer.xyz", true },
{ "pxl-mailtracker.com", true },
{ "pxl.cl", true },
{ "pxx.io", true },
@@ -30836,6 +31117,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "qambarraza.com", true },
{ "qani.me", true },
{ "qaq.sh", true },
+ { "qarea.com", true },
{ "qaz.cloud", true },
{ "qbeing.info", true },
{ "qbiju.com.br", true },
@@ -30878,11 +31160,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "qis.fr", true },
{ "qitarabutrans.com", true },
{ "qiu521119.host", true },
- { "qiuri.org", true },
+ { "qiukong.com", true },
+ { "qiuri.org", false },
{ "qivonline.pt", true },
{ "qiwi.be", true },
{ "qixi.biz", true },
{ "qkmortgage.com", true },
+ { "qlcvea.com", true },
{ "qldconservation.org.au", true },
{ "qldformulaford.org", true },
{ "qledtech.com", false },
@@ -30895,6 +31179,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "qonto.eu", true },
{ "qoor.io", true },
{ "qotw.net", true },
+ { "qpcna.org", true },
{ "qponverzum.hu", true },
{ "qq-navi.com", true },
{ "qq52o.me", true },
@@ -30919,6 +31204,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "qtvr.com", true },
{ "qtxh.net", true },
{ "quackerswaterproofing.com", true },
+ { "quadra.srl", true },
{ "quaggan.co", true },
{ "quai10.org", false },
{ "qualite-ecole-et-formation.ch", true },
@@ -30957,8 +31243,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "queens.lgbt", true },
{ "queensrdapartments.com.au", true },
{ "queer.party", true },
- { "queercinema.ch", true },
{ "queercoders.com", false },
+ { "queextensiones.com", true },
{ "quehacerencusco.com", true },
{ "quelle.at", true },
{ "quelle.ch", true },
@@ -30974,18 +31260,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "quermail.com", true },
{ "query-massage.com", true },
{ "question.com", true },
- { "questoj.cn", true },
{ "questsocial.it", true },
{ "quevisiongrafica.com", true },
{ "quic.stream", true },
{ "quickboysvrouwen2.nl", true },
{ "quickinfosystem.com", true },
+ { "quickrelations.de", true },
{ "quieroserbombero.org", true },
{ "quiet-waters.org", true },
{ "quietapple.org", true },
+ { "quietboy.net", true },
{ "quikchange.net", true },
{ "quikpay.com.au", true },
- { "quilmo.com", true },
{ "quimatic.com.br", true },
{ "quinnlabs.com", true },
{ "quinoa24.com", true },
@@ -31029,7 +31315,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "r-ay.cn", true },
{ "r-rwebdesign.com", true },
{ "r-t-b.fr", true },
- { "r0t.co", true },
{ "r1a.eu", true },
{ "r1ch.net", true },
{ "r2d2pc.com", true },
@@ -31052,7 +31337,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "raah.co", true },
{ "rabbit.wales", false },
{ "rabbitfinance.com", true },
+ { "rabbitinternet.com", true },
{ "rabica.de", true },
+ { "rabotaescort.com", true },
{ "rabynska.eu", true },
{ "raccoltarifiuti.com", true },
{ "racermaster.xyz", true },
@@ -31065,6 +31352,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rachelreagan.com", true },
{ "rachelsbouncycastles.co.uk", true },
{ "rachida-dati.eu", true },
+ { "rachurch.net", true },
{ "racius.com", true },
{ "rackerlab.com", false },
{ "raclet.co.uk", true },
@@ -31074,6 +31362,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "racunovodstvo-prina.si", true },
{ "radar.sx", true },
{ "radaravia.ru", true },
+ { "radarbanyumas.co.id", true },
{ "radartatska.se", true },
{ "radartek.com", true },
{ "radcube.hu", true },
@@ -31086,6 +31375,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "radio-pulsar.eu", true },
{ "radio-utopie.de", true },
{ "radio1.ie", true },
+ { "radiobox.net", true },
{ "radiocommg.com.br", true },
{ "radiocomsaocarlos.com.br", true },
{ "radiofmimagen.net", true },
@@ -31094,7 +31384,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "radiom.fr", true },
{ "radiomodem.dk", true },
{ "radiomontebianco.it", true },
- { "radionicabg.com", true },
{ "radiopolarniki.spb.ru", true },
{ "radiormi.com", true },
{ "radiorsvp.com", false },
@@ -31115,13 +31404,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rafleatherdesign.com", true },
{ "rafting-japan.com", true },
{ "ragasto.nl", true },
+ { "rage-overload.ch", true },
+ { "rage.rip", true },
{ "rage4.com", true },
- { "raghavdua.in", true },
{ "rahulpnath.com", true },
{ "raidensnakesden.co.uk", true },
{ "raidensnakesden.com", true },
{ "raidensnakesden.net", true },
{ "raidstone.net", true },
+ { "raiffeisen-kosovo.com", true },
{ "rail-o-rama.nl", true },
{ "rail24.nl", true },
{ "rail360.nl", true },
@@ -31149,6 +31440,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rainville.me", true },
{ "rainway.io", true },
{ "raipet.no-ip.biz", true },
+ { "raisecorp.com", true },
{ "raiseyourflag.com", true },
{ "raissarobles.com", true },
{ "raito.win", true },
@@ -31180,6 +31472,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ramrecha.com", false },
{ "ramsor-gaming.de", true },
{ "randc.org", true },
+ { "randolf.ca", true },
{ "random-samplings.org", true },
{ "randomadversary.com", true },
{ "randombit.eu", false },
@@ -31199,11 +31492,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ranktopay.com", true },
{ "ranson.com.au", true },
{ "rante.com", true },
- { "ranyeh.co", true },
{ "ranyeh.com", true },
{ "ranzbak.nl", true },
{ "raoul-kieffer.net", true },
- { "rapdogg.com", true },
{ "rapenroer.com", true },
{ "rapenroer.nl", true },
{ "raphael.li", true },
@@ -31225,9 +31516,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rascals-castles.co.uk", true },
{ "rascalscastles.co.uk", true },
{ "rascalscastlesdoncaster.co.uk", true },
- { "rasebo.ro", true },
{ "raspii.tech", true },
- { "raspitec.ddns.net", true },
{ "rasty.cz", true },
{ "ratd.net", true },
{ "ratebridge.com", true },
@@ -31243,14 +31532,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rault.io", true },
{ "rauros.net", true },
{ "rautelow.de", true },
+ { "ravada-vdi.com", true },
+ { "ravanalk.com", true },
{ "ravchat.com", true },
{ "raven.dog", true },
{ "ravenger.net", true },
{ "ravensbuch.de", true },
- { "ravenx.me", true },
{ "ravhaaglanden.org", true },
{ "ravindran.me", true },
- { "raviparekh.co.uk", true },
{ "ravis.org", true },
{ "ravkr.duckdns.org", true },
{ "rawdutch.nl", true },
@@ -31276,6 +31565,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rbensch.com", true },
{ "rbflote.lv", true },
{ "rbltracker.com", true },
+ { "rbmland.com", true },
{ "rbnet.xyz", true },
{ "rbran.com", true },
{ "rbx-talk.xyz", true },
@@ -31300,11 +31590,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rct.uk", true },
{ "rctalk.com", true },
{ "rdfproject.it", true },
+ { "rdh.asia", true },
{ "rdjb2b.com", true },
{ "rdl.at", false },
{ "rdmc.fr", true },
{ "rdmrotterdam.nl", true },
{ "rdmtaxservice.com", true },
+ { "rdns.cc", true },
{ "rdv-cni.fr", true },
{ "rdv-prefecture.com", true },
{ "rdwh.tech", true },
@@ -31315,11 +31607,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "reachrss.com", true },
{ "reaconverter.com", true },
{ "react-db.com", true },
+ { "reactions.studio", true },
{ "reactivarte.es", true },
{ "reactive-press.com", true },
{ "reactpwa.com", true },
{ "read.sc", true },
{ "reades.co.uk", true },
+ { "reades.uk", true },
{ "readheadcopywriting.com", true },
{ "readingandmath.org", true },
{ "readingrats.de", true },
@@ -31328,6 +31622,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "readouble.com", false },
{ "reads.wang", true },
{ "readybetwin.com", true },
+ { "readyrowan.com", true },
+ { "readyrowan.org", true },
{ "readysell.net", true },
{ "readytobattle.net", true },
{ "readytongue.com", true },
@@ -31353,6 +31649,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "realloc.me", true },
{ "really-simple-plugins.com", true },
{ "really-simple-ssl.com", true },
+ { "really.ai", true },
{ "reallytrusted.com", true },
{ "realme.govt.nz", true },
{ "realmofespionage.xyz", true },
@@ -31371,6 +31668,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "reancos.report", true },
{ "reanimated.eu", true },
{ "reath.me", true },
+ { "reath.xyz", true },
{ "reaven.nl", true },
{ "rebane2001.com", true },
{ "rebeagle.com", true },
@@ -31381,12 +31679,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rebirthia.me", true },
{ "reboxetine.com", true },
{ "reboxonline.com", true },
- { "rebtoor.com", true },
{ "recalls.gov", true },
{ "recantoshop.com", true },
{ "recantoshop.com.br", true },
{ "recapp.ch", true },
{ "recaptcha-demo.appspot.com", true },
+ { "recard.vn", true },
{ "receiliart.com", true },
{ "receptionpoint.com", true },
{ "recepty.eu", true },
@@ -31418,10 +31716,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "recuerdafilms.com", true },
{ "recuperodatiraidfastec.it", true },
{ "recurly.com", true },
+ { "recurrentmeningitis.org", true },
{ "recursosdeautoayuda.com", true },
{ "recyclingpromotions.us", true },
{ "red-t-shirt.ru", true },
- { "red-trigger.net", true },
{ "red2fred2.com", true },
{ "redable.hosting", true },
{ "redable.nl", true },
@@ -31454,7 +31752,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rede-reim.de", true },
{ "rede-t.com", true },
{ "redelectrical.co.uk", true },
- { "redespaulista.com", true },
{ "redessantaluzia.com.br", true },
{ "redflare.com.au", true },
{ "redfox-infosec.de", true },
@@ -31463,7 +31760,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "redgoose.ca", true },
{ "redhandedsecurity.com.au", true },
{ "redicals.com", true },
- { "redigest.it", true },
{ "redir.me", true },
{ "redirect.fedoraproject.org", true },
{ "redirect.stg.fedoraproject.org", true },
@@ -31472,7 +31768,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rediverge.com", true },
{ "redivis.com", true },
{ "redleslie.com", true },
- { "redletter.link", true },
{ "redlinelap.com", true },
{ "redlink.de", true },
{ "redmind.se", true },
@@ -31482,6 +31777,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rednsx.org", true },
{ "redpact.com", true },
{ "redprice.by", true },
+ { "redscan.com", true },
+ { "redshell.pw", true },
{ "redshield.co", true },
{ "redshiftlabs.com.au", true },
{ "redshoeswalking.net", true },
@@ -31491,6 +31788,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "redteam-pentesting.de", true },
{ "redwaterhost.com", true },
{ "redweek.com", true },
+ { "redwhey.com", true },
{ "redwoodpaddle.es", true },
{ "redwoodpaddle.pt", true },
{ "redzonedaily.com", true },
@@ -31500,6 +31798,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "reedyforkfarm.com", true },
{ "reegle.com", true },
{ "reening.net", true },
+ { "reensshop.com", true },
{ "rees-carter.net", true },
{ "reesmichael1.com", true },
{ "reevaappliances.co.uk", true },
@@ -31532,6 +31831,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "reganclassics.com", true },
{ "reganparty.com", true },
{ "regar42.fr", false },
+ { "regasportshop.it", true },
{ "regeneo.cz", true },
{ "regenerapoint.it", true },
{ "regenerescence.com", true },
@@ -31563,12 +31863,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "regraph.de", true },
{ "regresionavidaspasadas.com", true },
{ "regularflolloping.com", true },
+ { "regularizaeudora.com.br", true },
{ "regulations.gov", true },
{ "reha-honpo.jp", true },
{ "rehabili-shigoto.com", true },
{ "rehabilitation.network", true },
{ "rehabmail.com", true },
{ "rehabphilippines.com", true },
+ { "rehabreviews.com", true },
{ "rehabthailand.com", true },
{ "rehabthailand.org", true },
{ "rei.ki", true },
@@ -31597,7 +31899,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "reinouthoornweg.nl", true },
{ "reinventetoi.com", false },
{ "reisekosten-gorilla.com", true },
- { "reisenbauer.ee", true },
{ "reiseversicherung-werner-hahn.de", true },
{ "reishunger.de", true },
{ "reisslittle.com", true },
@@ -31632,7 +31933,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "remax.at", true },
{ "remedi.tokyo", true },
{ "remedionaturales.com", true },
- { "remedioscaserosparalacistitis.com", true },
+ { "remedioparaherpes.com", true },
+ { "remedios-caserospara.com", true },
{ "remejeanne.com", true },
{ "rememberthemilk.com", false },
{ "remi-saurel.com", true },
@@ -31644,6 +31946,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "remitatm.com", false },
{ "remonti.info", true },
{ "remote.so", true },
+ { "remoteham.com", true },
{ "remoteutilities.com", true },
{ "removalcellulite.com", true },
{ "removedrepo.com", true },
@@ -31663,10 +31966,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "renee.today", true },
{ "reneleu.ch", true },
{ "renem.net", false },
- { "renemayrhofer.com", true },
+ { "renemayrhofer.com", false },
{ "reneschmidt.de", true },
{ "renewablefreedom.org", true },
{ "renewablemaine.org", true },
+ { "renewed.technology", true },
{ "renewgsa.com", true },
{ "renewmedispa.com", true },
{ "renewpfc.com", true },
@@ -31679,25 +31983,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "renrenche.com", false },
{ "rens.nu", true },
{ "rensa-datorn.se", true },
- { "renscreations.com", true },
{ "rent-a-c.io", true },
{ "rent-a-coder.de", true },
{ "rentacaramerica.com", true },
- { "rentasweb.gob.ar", true },
+ { "rentandgo.it", true },
{ "rentayventadecarpas.com", true },
{ "renthelper.us", true },
{ "rentinsingapore.com.sg", true },
{ "rentourhomeinprovence.com", true },
{ "renuo.ch", true },
{ "renxinge.cn", false },
- { "reo.gov", true },
- { "reorz.com", true },
{ "reox.at", false },
{ "repaik.com", true },
{ "repair.by", true },
{ "repaper.org", true },
{ "repaxan.com", true },
{ "repkord.com", true },
+ { "replace.ninja", true },
{ "replicaswiss.nl", true },
{ "repology.org", true },
{ "report-uri.com", true },
@@ -31718,7 +32020,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "repugnant-conclusion.com", true },
{ "repugnantconclusion.com", true },
{ "reputationweaver.com", true },
- { "reqrut.net", true },
{ "requestr.co.uk", true },
{ "res-kc.com", true },
{ "resama.eu", true },
@@ -31768,8 +32069,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "restaurantguru.com", true },
{ "restaurantmaan.nl", true },
{ "restauranttester.at", true },
- { "rester-a-domicile.ch", true },
- { "rester-autonome-chez-soi.ch", true },
{ "restoran-radovce.me", true },
{ "restorethegulf.gov", true },
{ "restoruns.com", true },
@@ -31780,6 +32079,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "resursedigitale.ro", true },
{ "retefarmaciecostadamalfi.it", true },
{ "retetenoi.net", true },
+ { "reticket.me", true },
{ "reticon.de", true },
{ "retmig.dk", true },
{ "reto.ch", true },
@@ -31798,9 +32098,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "retrofitlab.com", true },
{ "retroity.net", true },
{ "retrojar.top", true },
+ { "retroride.cz", true },
{ "retroroundup.com", true },
{ "retrotracks.net", true },
{ "retrovideospiele.com", true },
+ { "returnonerror.com", true },
{ "returnpath.com", true },
{ "reucon.com", true },
{ "reulitz.de", true },
@@ -31846,7 +32148,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rezosup.org", true },
{ "rezultant.ru", true },
{ "rftoon.com", true },
- { "rfxanalyst.com", true },
{ "rga.sh", true },
{ "rgavmf.ru", true },
{ "rgbinnovation.com", true },
@@ -31865,7 +32166,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rhinelander.ca", true },
{ "rhinobase.net", true },
{ "rhinoceroses.org", true },
- { "rhnet.at", true },
{ "rhodenmanorcattery.co.uk", true },
{ "rhodri.io", true },
{ "rhowell.io", true },
@@ -31876,6 +32176,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "riajenaka.com", true },
{ "riaki.net", true },
{ "rial.space", true },
+ { "riaucybersolution.net", false },
{ "ribs.com", true },
{ "ricardo.nu", true },
{ "ricardobalk.nl", true },
@@ -31903,8 +32204,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "richardson.pictures", true },
{ "richardson.software", true },
{ "richardson.systems", true },
+ { "richardson.tw", true },
{ "richardstonerealestate.com", true },
{ "richardwarrender.com", true },
+ { "richeyweb.com", true },
{ "richie.fi", true },
{ "ricketyspace.net", true },
{ "ricki-z.com", true },
@@ -31924,6 +32227,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rideways.com", true },
{ "rideyourdamn.bike", true },
{ "ridgelandchurch.org", true },
+ { "ridhaan.co", true },
{ "ridingboutique.de", true },
{ "ridwan.co", false },
{ "riederle.com", true },
@@ -31939,7 +32243,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "righettod.eu", true },
{ "righini.ch", true },
{ "rightbrain.training", true },
- { "rightcapital.com", true },
{ "rightmovecanada.com", true },
{ "rightnetworks.com", true },
{ "rightstuff.link", true },
@@ -31956,7 +32259,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rileyevans.co.uk", true },
{ "rimax.vn", true },
{ "rimcountrymuseum.org", true },
- { "rimediogiusto.com", true },
{ "rimeto.io", true },
{ "rimo.site", true },
{ "rimorrecherche.nl", true },
@@ -31975,6 +32277,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ripmixmake.org", true },
{ "riqy86.nl", true },
{ "ris-bad-wurzach.de", true },
+ { "ris.fi", true },
{ "risada.nl", true },
{ "risaphuketproperty.com", true },
{ "riscascape.net", true },
@@ -31991,6 +32294,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ristoviitanen.fi", true },
{ "ristrutturazioneappartamento.roma.it", true },
{ "rit.space", false },
+ { "ritirocalcinacci.viterbo.it", true },
{ "rittau.biz", true },
{ "rittau.org", true },
{ "ritzlux.com.tw", true },
@@ -32010,6 +32314,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rivoflor.it", true },
{ "rivus.net", true },
{ "rivy.org", true },
+ { "riwick.com", false },
{ "rix.ninja", true },
{ "rixter.com", true },
{ "rixzz.ovh", true },
@@ -32032,6 +32337,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rmcbs.de", true },
{ "rmeuropean.com", true },
{ "rmf.io", true },
+ { "rmi.com.ar", true },
{ "rmm-i.com", true },
{ "rmmanfredi.com", true },
{ "rmpsolution.de", true },
@@ -32059,10 +32365,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "robertattfield.com", true },
{ "robertayamashita.com", true },
{ "robertayamashita.com.br", true },
- { "robertg.me", true },
- { "robertglastra.com", true },
+ { "robertbln.com", true },
{ "roberthurlbut.com", true },
{ "robertkrueger.de", true },
+ { "robertlluberes.com", true },
{ "robertlysik.com", true },
{ "robertnemec.com", true },
{ "robertoentringer.com", true },
@@ -32104,7 +32410,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "robpol86.com", true },
{ "robspc.repair", true },
{ "robspeed.rocks", true },
- { "robtatemusic.com", true },
{ "robtex.com", true },
{ "robu.in", true },
{ "robud.info", true },
@@ -32118,7 +32423,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rockenfuerlachenhelfen.de", true },
{ "rocket-wars.de", true },
{ "rocketevents.com.au", true },
- { "rocketgnomes.com", true },
{ "rocketr.net", true },
{ "rocketsandtutus.com", true },
{ "rockfax.com", true },
@@ -32145,6 +32449,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rodomonte.org", true },
{ "rodrigocarvalho.blog.br", true },
{ "rody-design.com", true },
+ { "rodykossen.com", true },
{ "rodzina-kupiec.eu.org", true },
{ "roeckx.be", true },
{ "roeitijd.nl", false },
@@ -32169,7 +32474,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "roguefortgame.com", true },
{ "roguenation.space", true },
{ "roguenetworks.me", true },
- { "roguesignal.net", true },
{ "roguetechhub.org", true },
{ "rohedaten.de", true },
{ "rohitagr.com", true },
@@ -32221,6 +32525,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rondouin.fr", true },
{ "rondreis-amerika.be", true },
{ "rondreis-schotland.nl", true },
+ { "ronem.com.au", true },
{ "roninf.ch", true },
{ "roninitconsulting.com", true },
{ "ronniegane.kiwi", true },
@@ -32239,11 +32544,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "room2d.com", true },
{ "room3b.eu", true },
{ "roombase.nl", true },
+ { "roomguide.info", true },
{ "roomhub.jp", true },
+ { "roomsatevents.eu", true },
{ "rooneytours.nl", true },
{ "roopakv.com", true },
{ "roosabels.nl", false },
- { "roosterpgplus.nl", true },
+ { "roosteroriginals.com", false },
{ "root-space.eu", true },
{ "root.bg", true },
{ "root.cz", true },
@@ -32279,7 +32586,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rosemariefloydballet.com", true },
{ "rosenheimsingles.de", true },
{ "rosenkeller.org", true },
- { "roseofyork.com", true },
{ "roseofyorkbooking.com", true },
{ "roseon.net", true },
{ "roseparkhouse.com", true },
@@ -32290,12 +32596,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rosnertexte.at", true },
{ "rosset.me", true },
{ "rosset.net", true },
- { "rossfrancis.co.uk", true },
{ "rossmacphee.com", true },
{ "rostclub.ro", true },
{ "rostov-avia.ru", true },
{ "rostros.eu", true },
{ "rot47.net", true },
+ { "rotapalor.com", true },
{ "rotek.at", true },
{ "roten.email", true },
{ "rothe.io", true },
@@ -32325,64 +32631,33 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "routetracker.co", true },
{ "rove3d.com", true },
{ "rowancasting.ie", true },
+ { "rowancounty911.com", true },
+ { "rowancounty911.org", true },
+ { "rowancountyairport.com", true },
{ "rowancountync.gov", true },
{ "rowankaag.nl", true },
+ { "rowanpubliclibrary.com", true },
+ { "rowansheriff.com", true },
+ { "rowansheriff.org", true },
+ { "rowantransit.com", true },
+ { "rowantransit.org", true },
{ "rowlog.com", true },
{ "rows.io", true },
{ "roxiesbouncycastlehire.co.uk", true },
{ "roxtri.cz", true },
{ "royal-rangers.de", true },
- { "royal806.com", true },
- { "royal810.com", true },
- { "royal811.com", true },
{ "royal812.com", true },
{ "royal813.com", true },
- { "royal816.com", true },
- { "royal817.com", true },
{ "royal818.com", true },
- { "royal830.com", true },
- { "royal833.com", true },
{ "royal850.com", true },
- { "royal851.com", true },
- { "royal852.com", true },
{ "royal853.com", true },
- { "royal855.com", true },
- { "royal856.com", true },
- { "royal857.com", true },
- { "royal859.com", true },
- { "royal86.com", true },
- { "royal861.com", true },
{ "royal862.com", true },
{ "royal863.com", true },
- { "royal865.com", true },
{ "royal867.com", true },
{ "royal868.com", true },
- { "royal869.com", true },
{ "royal871.com", true },
- { "royal872.com", true },
- { "royal873.com", true },
- { "royal875.com", true },
- { "royal877.com", true },
- { "royal879.com", true },
{ "royal88.com", true },
- { "royal88.tech", true },
- { "royal881.com", true },
- { "royal882.com", true },
- { "royal883.com", true },
- { "royal885.com", true },
- { "royal886.com", true },
- { "royal887.com", true },
- { "royal888888.com", true },
- { "royal889.com", true },
- { "royal890.com", true },
- { "royal891.com", true },
- { "royal892.com", true },
- { "royal893.com", true },
- { "royal894.com", true },
- { "royal895.com", true },
- { "royal896.com", true },
{ "royal898.com", true },
- { "royal899.com", true },
{ "royalacademy.org.uk", true },
{ "royalasianescorts.co.uk", true },
{ "royalbeautyclinic.ir", true },
@@ -32396,15 +32671,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "royalpub.net", false },
{ "royalrangers.fi", true },
{ "royalty-market.com", true },
- { "royalyule.com", true },
{ "royceandsteph.com", true },
{ "roycewilliams.net", true },
{ "roygerritse.nl", true },
{ "rozalynne-dawn.ga", true },
+ { "rozar.eu", true },
{ "rozhodce.cz", true },
+ { "rpadonline.com", true },
{ "rpadovani.com", true },
{ "rpauto.ru", true },
{ "rpgcampaign.website", true },
+ { "rpgchan.cf", true },
{ "rpgmaker.es", true },
{ "rpherbig.com", true },
{ "rphl.net", true },
@@ -32417,7 +32694,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rraesthetics.com", true },
{ "rrdesignsuisse.com", true },
{ "rrg-partner.ch", true },
- { "rro.rs", true },
{ "rrudnik.com", true },
{ "rrwolfe.com", true },
{ "rs-maschinenverleih.de", true },
@@ -32441,7 +32717,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rtate.ca", true },
{ "rtate.se", true },
{ "rtcx.net", true },
- { "rtd.uk.com", true },
{ "rte.eu", true },
{ "rte.radio", true },
{ "rte2fm.ie", true },
@@ -32482,8 +32757,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ruby-auf-schienen.de", true },
{ "rubyist.today", true },
{ "rubymartin.com.au", true },
- { "rubyquincunx.com", true },
- { "rubyquincunx.org", true },
{ "rubytune.com", true },
{ "rucksack-rauf-und-weg.de", true },
{ "ruckzuck-privatpatient.de", true },
@@ -32529,9 +32802,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rumplesinflatables.co.uk", true },
{ "rumtaste.com", true },
{ "rumtaste.de", true },
+ { "run-forrest.run", false },
{ "run-it-direct.co.uk", true },
{ "runagain.ch", true },
{ "runebet.com", true },
+ { "runefake.com", true },
{ "runklesecurity.com", true },
{ "runnergrapher.com", true },
{ "runreport.fr", true },
@@ -32559,6 +32834,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "russia.dating", true },
{ "russiaeconomy.org", true },
{ "russianorthodoxchurch.co.uk", true },
+ { "russpuss.ru", true },
{ "russt.me", true },
{ "rust.mn", true },
{ "rustable.com", true },
@@ -32569,6 +32845,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ruthmontenegro.com", false },
{ "rutiger.com", true },
{ "rutika.ru", true },
+ { "rutten.me", true },
{ "ruudkoot.nl", true },
{ "ruwhof.net", true },
{ "ruya.com", true },
@@ -32582,19 +32859,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rvsbevestigingen.nl", true },
{ "rw.search.yahoo.com", false },
{ "rwky.net", true },
+ { "rws-cc.com", true },
{ "rws-vertriebsportal.de", true },
{ "rwx.ovh", true },
{ "rx-contact.com", false },
{ "rxbn.de", true },
{ "rxbusiness.com", true },
{ "rxcheck.com", true },
- { "rxgroup.io", true },
{ "rxight.com", true },
{ "ryan-design.com", true },
{ "ryan-gehring.com", true },
{ "ryan-goldstein.com", true },
{ "ryanbritton.com", true },
- { "ryancarter.co.uk", true },
{ "ryanhowell.io", false },
{ "ryankearney.com", false },
{ "ryanmcdonough.co.uk", false },
@@ -32603,12 +32879,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "rychlikoderi.cz", true },
{ "rydermais.tk", true },
{ "rynekpierwotny.pl", true },
+ { "rynkebo.dk", true },
{ "ryois.me", true },
{ "rys.pw", true },
{ "ryssl.com", true },
{ "ryu22e.org", true },
{ "ryuu.es", true },
- { "ryyule.com", true },
{ "ryzhov.me", true },
{ "rzentarzewski.net", true },
{ "s-a.xyz", true },
@@ -32621,13 +32897,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "s-pegasus.com", true },
{ "s-s-paint.com", true },
{ "s007.co", true },
+ { "s0laris.co.uk", true },
{ "s10y.eu", true },
{ "s13d.fr", true },
{ "s16e.no", true },
{ "s2member.com", true },
{ "s2p.moe", true },
+ { "s2t.net", true },
{ "s3cur3.it", true },
- { "s3gfault.com", true },
{ "s3robertomarini.it", true },
{ "s404.de", true },
{ "s44.eu", true },
@@ -32635,6 +32912,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "s4media.org", true },
{ "s4q.me", true },
{ "s4tips.com", true },
+ { "s4ur0n.com", true },
{ "s5118.com", true },
{ "s64.cz", true },
{ "s8a.us", true },
@@ -32644,12 +32922,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sa.net", true },
{ "saabpartsdistribution.com", true },
{ "saamhorigheidsfonds.nl", false },
+ { "saas.de", true },
{ "saastopankki.fi", true },
{ "saba-piserver.info", true },
{ "sabahattin-gucukoglu.com", true },
{ "sabe.cz", true },
{ "sabine-forschbach.de", true },
{ "sabineforschbach.de", true },
+ { "sablyrics.com", true },
{ "sabrinajoias.com.br", true },
{ "sacaentradas.com", true },
{ "saccani.net", true },
@@ -32657,6 +32937,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "saclier.at", true },
{ "sacprincesse.com", true },
{ "sacred-knights.net", true },
+ { "sacredheart-cliftonheights.net", true },
{ "sacrome.com", true },
{ "sadbox.es", true },
{ "sadbox.org", true },
@@ -32666,7 +32947,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sadhana.cz", true },
{ "sadhawkict.org", true },
{ "sadiejewellery.co.uk", true },
- { "sadmansh.com", true },
{ "sadou.kyoto.jp", true },
{ "saechsischer-christstollen.shop", true },
{ "saengsook.com", true },
@@ -32688,6 +32968,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "safeguardcommerce.com", true },
{ "safeguardhosting.ca", true },
{ "safeinfra.nl", true },
+ { "safeitup.se", true },
{ "safejourney.education", true },
{ "safematix.com", true },
{ "safeme.ga", true },
@@ -32732,12 +33013,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sailormoonlibrary.org", true },
{ "sailwiz.com", true },
{ "saimoe.moe", true },
+ { "saimoe.org", true },
{ "sainetworks.net", true },
{ "saint-bernard-gouesch.fr", true },
{ "saint-cyril.com", true },
{ "saintaardvarkthecarpeted.com", true },
{ "saintanne.net", true },
{ "saintanthonyscorner.com", true },
+ { "sainteugenechurch.net", true },
+ { "sainteugeneschurch.com", true },
+ { "saintfrancescabrini.net", true },
+ { "saintfrancisdesales.net", true },
{ "sainth.de", true },
{ "sainthedwig-saintmary.org", true },
{ "sainthelena-centersquare.net", true },
@@ -32748,12 +33034,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "saintjosephschurch.net", true },
{ "saintmarkchurch.net", true },
{ "saintmaryna.com", true },
+ { "saintmaryscathedral-trenton.org", true },
{ "saintpatrick-norristown.net", true },
{ "saintpeterchurch.net", true },
{ "saintphilipneri.org", true },
{ "saintpius.net", true },
{ "saintpolycarp.org", true },
{ "saintsrobotics.com", true },
+ { "saintw.com", true },
{ "saipariwar.com", true },
{ "saiputra.com", true },
{ "saitrance.com", true },
@@ -32797,9 +33085,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sallydowns.name", true },
{ "salmododia.net", true },
{ "salmonella.co.uk", true },
+ { "salmonrecovery.gov", true },
{ "salmonvision.com.tw", true },
{ "salmos91.com", true },
{ "salmotierra-salvatierra.com", true },
+ { "salon-hinata.biz", true },
{ "salon-minipli.de", true },
{ "salon.io", false },
{ "salon1.ee", true },
@@ -32822,9 +33112,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "salva.re", true },
{ "salvagedfurnitureparlour.com", true },
{ "sam-football.fr", true },
- { "samanacafe.com", true },
{ "samanthasgeckos.com", true },
- { "samanthasicecream.com", true },
{ "samappleton.com", true },
{ "samara-avia.ru", true },
{ "samaritainsmeyrin.ch", true },
@@ -32844,7 +33132,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "samgrayson.me", true },
{ "samhuri.net", true },
{ "samifar.in", true },
- { "samip.fi", true },
{ "samitechnic.com", true },
{ "samizdat.cz", true },
{ "samkelleher.com", true },
@@ -32852,10 +33139,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "samlaw.co.nz", true },
{ "samlivogarv.dk", true },
{ "sammamish--locksmith.com", true },
+ { "sammyjohnson.com", true },
{ "sammyservers.com", true },
{ "sammyservers.net", true },
- { "sammyslimos.com", true },
- { "samnya.cn", true },
+ { "samnya.cn", false },
+ { "samplefashion.nl", true },
+ { "samri.pt", true },
{ "samrobertson.co.uk", true },
{ "samshouseofspaghetti.net", true },
{ "samsungmobile.it", true },
@@ -32908,7 +33197,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sandtears.com", true },
{ "sandtonescorts.com", true },
{ "sandtonplumber24-7.co.za", true },
- { "sandtonvipcompanions.com", true },
{ "sandyrobsonhypnotherapy.co.uk", true },
{ "sanemind.de", true },
{ "sanemind.eu", true },
@@ -32923,6 +33211,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sanitairwinkel.com", true },
{ "sanitairwinkel.nl", true },
{ "sanitrak.cz", true },
+ { "sanjotech.space", true },
{ "sannesfotklinikk.no", true },
{ "sanpham-balea.org", true },
{ "sanskritiyoga.com", true },
@@ -32955,6 +33244,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sapphirepearl.com.sg", true },
{ "sapprendre.ch", true },
{ "saprima.de", true },
+ { "sarabara.com", true },
{ "sarahbeckettharpist.com", true },
{ "sarahboydrealty.com", true },
{ "sarahcorliss.com", true },
@@ -33001,6 +33291,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "saterdalen.net", true },
{ "satimagingcorp.com", true },
{ "satinn.pl", true },
+ { "satisperfectacollections.com", true },
{ "satmd.de", true },
{ "satoshinumbers.com", true },
{ "sattamatkachart.in", true },
@@ -33017,6 +33308,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sauerbrey.eu", true },
{ "sauerland-schnittgruen.de", true },
{ "saulchristie.com", true },
+ { "saultdefencelaw.ca", true },
{ "saumon-de-france.com", true },
{ "saumon-france.com", true },
{ "saumondefrance.fr", true },
@@ -33037,6 +33329,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "saveya.com", true },
{ "savic.com", false },
{ "saviezvousque.net", true },
+ { "savilleassessment.com", true },
{ "savingrecipe.com", true },
{ "savingsoftheyear.com", true },
{ "savingsomegreen.com", true },
@@ -33067,6 +33360,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sbanken.no", true },
{ "sber.us", true },
{ "sberbank.ch", true },
+ { "sberna-fotofast.cz", true },
{ "sbf888.com", true },
{ "sbiewald.de", true },
{ "sbir.gov", true },
@@ -33086,8 +33380,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sbytes.info", true },
{ "sc-artworks.co.uk", true },
{ "sc5.jp", true },
- { "scaarus.com", true },
{ "scaffalature.roma.it", true },
+ { "scaffoldhirefourways.co.za", true },
+ { "scaffoldhirerandburg.co.za", true },
{ "scalacollege.nl", true },
{ "scalaire.com", true },
{ "scalaire.fr", true },
@@ -33103,6 +33398,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scanleasing.net", true },
{ "scanpay.dk", true },
{ "scarafaggio.it", true },
+ { "scarvespalace.com", true },
{ "scatsbouncingcastles.ie", true },
{ "scbdh.org", true },
{ "scbreed.com", true },
@@ -33116,8 +33412,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scepticism.com", true },
{ "schadevergoedingen.eu", true },
{ "schaefer-reifen.de", true },
+ { "schaffensdrang.at", true },
{ "schamlosharmlos.de", true },
- { "schaper-sport.com", true },
{ "schatzibaers.de", true },
{ "schawe.me", true },
{ "schbebtv.fr", true },
@@ -33160,6 +33456,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "schmid.tv", true },
{ "schmidthomes.com", true },
{ "schmidtplasticsurgery.com", true },
+ { "schmitt-etienne.fr", true },
{ "schmitt-max.com", true },
{ "schnapke.name", true },
{ "schneeketten-ratgeber.de", true },
@@ -33167,6 +33464,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "schneidr.de", true },
{ "schneids.me", true },
{ "schnellno.de", true },
+ { "schnellsuche.de", true },
{ "schnouki.net", true },
{ "schnuckenhof-wesseloh.de", true },
{ "schnyder-werbung.ch", true },
@@ -33187,8 +33485,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scholarshipplatform.com", true },
{ "scholarshipsplatform.com", true },
{ "scholarstyle.com", true },
+ { "scholieren.com", true },
{ "scholierenvervoerzeeland.nl", true },
- { "schollbox.de", false },
{ "scholledev.com", true },
{ "scholz-kallies.de", true },
{ "schont.org", true },
@@ -33247,6 +33545,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "schwabenhaus-ka.de", true },
{ "schwalliers.com", true },
{ "schwanke.in", true },
+ { "schwano-dent.at", true },
{ "schwarz-gelbe-fuechse.de", true },
{ "schwarzegar.de", true },
{ "schwarzer.it", true },
@@ -33290,9 +33589,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scooterservis.com", true },
{ "scootfleet.com", true },
{ "scorerealtygroup.com", true },
- { "scorobudem.ru", true },
- { "scorocode.ru", true },
{ "scorp13.com", true },
+ { "scorpowines.com", true },
{ "scottah.com", true },
{ "scottgalvin.com", true },
{ "scottgruber.me", true },
@@ -33310,7 +33608,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scouttrails.com", true },
{ "scp-trens.notaires.fr", true },
{ "scp500.com", true },
- { "scpartyentertainment.co.uk", true },
{ "scpslgame.com", true },
{ "scra.gov", true },
{ "scrabble-solver.com", true },
@@ -33318,6 +33615,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scramget.com", true },
{ "scramsoft.com", true },
{ "scrap.tf", true },
+ { "scrapdealers.eu", true },
{ "scratchandscuffs.co.uk", true },
{ "scratchandscuffs.com", true },
{ "scratchandscuffs.uk", true },
@@ -33340,6 +33638,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scriptgates.ru", true },
{ "scriptum.gr", true },
{ "scrisulfacebine.ro", true },
+ { "scrivito.com", true },
{ "scrod.me", true },
{ "scroll.in", true },
{ "scrtch.fr", true },
@@ -33358,8 +33657,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "scul.net", true },
{ "sculpture.support", true },
{ "scuolaguidalame.ch", true },
- { "scuters.club", true },
- { "scw.com", true },
{ "sd.af", true },
{ "sdayman.com", true },
{ "sdcardrecovery.de", true },
@@ -33390,6 +33687,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sealbaker.com", true },
{ "sealoffantasy.de", true },
{ "sealtitebasement.com", true },
+ { "seamester.com", true },
{ "seamless.no", true },
{ "seamoo.se", true },
{ "sean-wright.com", true },
@@ -33420,17 +33718,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "seareytraining.com", true },
{ "searsucker.com", true },
{ "searx.ru", true },
+ { "searx.xyz", true },
{ "seasidestudios.co.uk", true },
{ "season.moe", true },
+ { "seasons-vintage.com", true },
{ "seasons.nu", false },
{ "seatbeltpledge.com", true },
- { "seatshare.co.uk", true },
{ "seattle-life.net", true },
{ "seattlefabrication.com", true },
{ "seattlemesh.net", true },
- { "seattleprivacy.org", true },
{ "seattlewalkinbathtubs.com", true },
{ "seb-mgl.de", true },
+ { "seb-net.com", true },
{ "sebald.com", true },
{ "sebald.org", true },
{ "sebascelis.com", true },
@@ -33447,6 +33746,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sebasveeke.nl", true },
{ "sebepoznani.eu", true },
{ "sebi.org", true },
+ { "sebjacobs.com", true },
{ "seby.io", true },
{ "sec-mails.de", true },
{ "sec-research.com", true },
@@ -33506,11 +33806,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "secureim.de", true },
{ "securejabber.me", true },
{ "securelect-inspection.com", true },
+ { "securemailbox.com", true },
+ { "securemessage.nl", true },
{ "secureobscure.com", true },
{ "secureonline.co", false },
{ "securethe.news", true },
{ "securetheorem.com", true },
- { "securetronic.ch", true },
{ "securetrustbank.com", true },
{ "securi-tay.co.uk", true },
{ "securify.nl", true },
@@ -33558,6 +33859,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sedmicka.sk", true },
{ "sedomicilier.fr", true },
{ "sedussa.ro", true },
+ { "see.asso.fr", true },
{ "see.wtf", true },
{ "seeclop.ch", true },
{ "seedandleisure.co.uk", true },
@@ -33566,9 +33868,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "seednode.co", true },
{ "seedsofangelica.net", true },
{ "seekers.ch", true },
+ { "seekfirstthekingdom.ca", true },
{ "seeks.ru", true },
{ "seemeagain.com", true },
- { "seesuite.com", true },
+ { "seesuite.com", false },
{ "seewhatididhere.com", true },
{ "seeworkdone.com", true },
{ "seezeitlodge-bostalsee.de", true },
@@ -33581,6 +33884,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "segnidisegni.eu", true },
{ "segulink.com", true },
{ "seguridadconsumidor.gov", true },
+ { "seguridadysaludeneltrabajo.com.co", true },
{ "seguros-de-salud-y-vida.com", true },
{ "segurosbalboa.com.ec", false },
{ "segurosdecarroshialeah.org", true },
@@ -33626,6 +33930,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "selfoutlet.com", true },
{ "selkiemckatrick.com", true },
{ "sellajoch.com", true },
+ { "selldorado.com", true },
{ "selldurango.com", true },
{ "sellguard.pl", true },
{ "sellme.biz", true },
@@ -33633,6 +33938,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sello.com", true },
{ "sellorbuy.uk", true },
{ "sellorbuy.us", true },
+ { "seloc.org", true },
{ "semacode.com", true },
{ "semaf.at", true },
{ "semaflex.it", true },
@@ -33642,7 +33948,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "semenov.su", false },
{ "seminariruum.ee", true },
{ "semiocast.com", true },
- { "semirben.de", true },
{ "semiread.com", true },
{ "semjonov.de", true },
{ "semox.de", true },
@@ -33678,6 +33983,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "senorcontento.com", true },
{ "sens2lavie.com", true },
{ "sensavi.ua", true },
+ { "sense.hamburg", true },
{ "sensebridge.com", true },
{ "sensebridge.net", true },
{ "sensepixel.com", true },
@@ -33685,9 +33991,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sensoft-int.org", true },
{ "sensound.ml", true },
{ "sentandsecure.com", true },
+ { "sentic.info", true },
{ "sentidosdelatierra.org", true },
+ { "sentiments.io", true },
{ "sentinel.gov", true },
{ "sentinelproject.io", true },
+ { "sentirmebien.org", true },
{ "sentry.io", true },
{ "sentry.nu", true },
{ "senzaparole.de", true },
@@ -33714,7 +34023,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "seon.me", true },
{ "seoprovider.nl", true },
{ "seoquake.com", true },
- { "seosec.xyz", true },
{ "seosof.com", true },
{ "seostepbysteplab.com", false },
{ "seoul.dating", true },
@@ -33722,7 +34030,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "seovision.se", true },
{ "sepalandseed.com", true },
{ "seppelec.com", true },
- { "seproco.com", true },
{ "septentrionalist.org", true },
{ "septfinance.ch", true },
{ "septicrepairspecialists.com", true },
@@ -33739,7 +34046,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "serendeputy.com", true },
{ "serf.io", true },
{ "serge-design.ch", true },
- { "sergeemond.ca", true },
{ "sergefonville.nl", true },
{ "sergeyreznikov.com", true },
{ "sergije-stanic.me", true },
@@ -33772,6 +34078,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "server92.tk", true },
{ "serveradium.com", true },
{ "serveradminz.com", true },
+ { "serverangels.co.uk", true },
{ "serverco.com", true },
{ "serverd.de", true },
{ "serverexpose.com", true },
@@ -33793,6 +34100,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "serviceboss.de", true },
{ "servicemembers.gov", true },
{ "servida.ch", true },
+ { "servidoresweb.online", true },
{ "serviettenhaus.de", true },
{ "servingbaby.com", true },
{ "servious.org", true },
@@ -33805,6 +34113,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "serwusik.pl", true },
{ "seryox.com", true },
{ "sesam-biotech.com", true },
+ { "sesrdcem.cz", true },
+ { "session.bbc.co.uk", true },
+ { "session.bbc.com", true },
{ "sessionslogning.dk", true },
{ "sesslerimmo.ch", true },
{ "sestra.in", true },
@@ -33824,6 +34135,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "setyoursite.nl", true },
{ "seva.fashion", true },
{ "seven-purple.com", true },
+ { "seven-shadows.de", true },
{ "sevencooks.com", true },
{ "sevenhillsapartments.com.au", true },
{ "sevenicealimentos.com.br", true },
@@ -33868,8 +34180,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sgi.org", true },
{ "sgitc.de", true },
{ "sglibellen.de", true },
- { "sgroup-hitoduma.com", true },
- { "sgroup-rec.com", true },
+ { "sgrmreproduccionapp.azurewebsites.net", true },
{ "sgs-systems.de", true },
{ "sgs.camera", true },
{ "sgs.systems", true },
@@ -33948,6 +34259,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sharescope.co.uk", false },
{ "shareselecttools.com", true },
{ "sharevari.com", true },
+ { "sharing-kyoto.com", true },
{ "sharisharpe.com", true },
{ "shark.cat", true },
{ "shark5060.net", true },
@@ -33984,7 +34296,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sheilasdrivingschool.com", true },
{ "shek.zone", true },
{ "shelfordsandstaplefordscouts.org.uk", true },
- { "shellday.cc", true },
{ "shelleystoybox.com", true },
{ "shellfire.de", true },
{ "shellgame.io", true },
@@ -33992,11 +34303,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shelljuggler.com", false },
{ "shellshock.eu", true },
{ "shellvatore.us", true },
+ { "shemissed.me", true },
{ "shemsconseils.ma", true },
{ "shengbao.org", true },
{ "shenghaiautoparts.com", true },
{ "shenghaiautoparts.net", true },
- { "shens.ai", true },
{ "shenyuqi.com", false },
{ "sherbers.de", true },
{ "sherrikehoetherapy.com", true },
@@ -34013,7 +34324,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shieldcomputer.com", true },
{ "shielder.it", true },
{ "shieldfe.com", true },
- { "shieldofachilles.in", true },
{ "shift-record.com", true },
{ "shift-to.co.jp", true },
{ "shiftdevices.com", true },
@@ -34025,7 +34335,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shijing.me", true },
{ "shikimori.one", true },
{ "shikimori.org", true },
+ { "shimi.blog", true },
+ { "shimi.guru", true },
{ "shimi.net", true },
+ { "shimmy1996.com", true },
{ "shimo.im", true },
{ "shinghoi.com", true },
{ "shinglereplacementlv.com", true },
@@ -34044,6 +34357,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shiqi.ca", true },
{ "shiqi.lol", true },
{ "shiqi.one", true },
+ { "shiqi.se", true },
{ "shiqi.tv", true },
{ "shiqisifu.cc", true },
{ "shirakaba-cc.com", true },
@@ -34061,12 +34375,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shitposts.se", true },
{ "shitproductions.org", true },
{ "shitsta.in", true },
+ { "shivamber.com", true },
{ "shivammaheshwari.com", true },
{ "shivammathur.com", true },
{ "shivatattvayoga.com", true },
{ "shlmail.info", true },
- { "shmibbles.me", true },
- { "shmunky.co.uk", true },
{ "shobhanayogsadan.com", true },
{ "shock.ee", true },
{ "shockercityservices.com", true },
@@ -34133,16 +34446,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "showbits.net", true },
{ "showersnet.com", true },
{ "showf.om", true },
+ { "showfom.sb", true },
{ "showmax.com", true },
{ "showmethemoney.ru", true },
{ "showpassword.net", true },
{ "showroom.cam", true },
{ "showroom.co.uk", true },
{ "showroom.uk", true },
- { "showroom113.ru", true },
{ "showsonar.com", true },
{ "shredriteservices.com", true },
{ "shrike.me", false },
+ { "shrimpcam.pw", true },
{ "shrinidhiclinic.in", true },
{ "shrinkhub.com", true },
{ "shrub.ca", true },
@@ -34169,7 +34483,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "shwrm.ch", true },
{ "shyuka.me", true },
{ "si-benelux.nl", true },
- { "si.to", true },
{ "si2b.fr", true },
{ "siaggiusta.com", true },
{ "siamdevsqua.re", true },
@@ -34177,6 +34490,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "siamsnus.com", true },
{ "sianbryn.co.uk", true },
{ "sianjhon.com", true },
+ { "siava.ru", true },
{ "siberas.de", true },
{ "siberkulupler.com", true },
{ "sibertakvim.com", true },
@@ -34188,8 +34502,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sicilianbalm.com", true },
{ "siciliapulizie.it", true },
{ "sicken.eu", true },
- { "sickfile.com", true },
- { "siconnect.us", true },
+ { "sicurezzalavoro24.com", true },
{ "sicurled.com", false },
{ "sidelka-tver.ru", true },
{ "sidema.be", true },
@@ -34203,11 +34516,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sidnicio.us", true },
{ "sidonge.com", true },
{ "sidongkim.com", true },
- { "sidpod.ru", true },
- { "siduga.com", true },
{ "siegemund-frankfurt.de", true },
{ "siel.nl", true },
{ "sielsystems.nl", true },
+ { "siemencaes.tk", true },
{ "sientemendoza.com.ar", true },
{ "sierpinska.co", true },
{ "sierpinska.eu", true },
@@ -34228,8 +34540,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "signage.red", true },
{ "signal.org", true },
{ "signalmaps.co.uk", true },
- { "signaltransmitter.de", true },
- { "signdesk.com", true },
{ "significados.com", true },
{ "significados.com.br", true },
{ "significantbanter.com", true },
@@ -34276,7 +34586,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "silverdragonart.com", true },
{ "silverfirsdental.com", true },
{ "silvergoldbull.be", true },
- { "silvergoldbull.bg", true },
{ "silvergoldbull.bj", true },
{ "silvergoldbull.by", true },
{ "silvergoldbull.ca", true },
@@ -34318,9 +34627,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "silvergoldbull.is", true },
{ "silvergoldbull.it", true },
{ "silvergoldbull.kr", true },
- { "silvergoldbull.ky", true },
{ "silvergoldbull.li", true },
{ "silvergoldbull.lk", true },
+ { "silvergoldbull.lt", true },
{ "silvergoldbull.lv", true },
{ "silvergoldbull.ma", true },
{ "silvergoldbull.mk", true },
@@ -34355,6 +34664,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "silvobeat.com", true },
{ "sim-karten.net", true },
{ "sim-minaoshi.jp", true },
+ { "sim-usa.mobi", true },
{ "sim4seed.org", true },
{ "simam.de", true },
{ "simark.ca", true },
@@ -34400,7 +34710,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "simphony.cz", true },
{ "simpip.com", true },
{ "simple.com", false },
- { "simpleclassiclife.com", true },
{ "simplecmsdemo.com", true },
{ "simplecoding.click", true },
{ "simplecontacts.com", true },
@@ -34424,7 +34733,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "simplycloud.de", true },
{ "simplyfixit.co.uk", true },
{ "simplyhelen.de", true },
- { "simplylifetips.com", true },
+ { "simplylifetips.com", false },
{ "simplylovejesus.com", true },
{ "simplymozzo.se", true },
{ "simplyregister.net", true },
@@ -34439,9 +34748,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sin.swiss", true },
{ "sinaryuda.web.id", true },
{ "sinatrafamily.com", true },
+ { "sincemydivorce.com", true },
{ "sinclairinat0r.com", true },
{ "sinde.ru", true },
- { "sinefili.com", true },
{ "sinergy.ch", true },
{ "sinfonietta-meridiana.de", true },
{ "sinfulforums.net", true },
@@ -34467,7 +34776,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sinusitis-bronchitis.ch", true },
{ "sioeckes.hu", true },
{ "sion.info", true },
- { "sipc.org", true },
{ "sipstix.co.za", true },
{ "siratalmustaqim.com", true },
{ "siraweb.org", true },
@@ -34508,9 +34816,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sitesko.de", true },
{ "sitevandaag.nl", true },
{ "sitischu.com", true },
+ { "sitiweb.nl", true },
{ "sivale.mx", true },
{ "sivyerge.com", true },
{ "siw64.com", true },
+ { "six-o-one.com", true },
{ "sixcorners.info", true },
{ "sixcorners.net", true },
{ "sixpackholubice.cz", true },
@@ -34519,6 +34829,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sjaakgilsingfashion.nl", true },
{ "sjbwoodstock.org", true },
{ "sjd.is", true },
+ { "sjdaws.com", true },
{ "sjis.me", true },
{ "sjleisure.co.uk", true },
{ "sjoorm.com", true },
@@ -34528,6 +34839,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "skanvordoff.ru", true },
{ "skanword.info", true },
{ "skatclub-beratzhausen.de", true },
+ { "skateaustria.at", true },
{ "skatesins.ch", true },
{ "skatingchina.com", true },
{ "skatn.de", true },
@@ -34577,6 +34889,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "skks.cz", true },
{ "sklepsamsung.pl", true },
{ "sklepwielobranzowymd.com", true },
+ { "sklotechnik.cz", true },
{ "sknclinics.co.uk", true },
{ "skogsbruket.fi", true },
{ "skogskultur.fi", true },
@@ -34588,7 +34901,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "skommettiamo.it", true },
{ "skontakt.cz", true },
{ "skontorp-enterprise.no", true },
- { "skoolergraph.azurewebsites.net", true },
{ "skorepova.info", true },
{ "skortekaas.nl", false },
{ "skory.us", true },
@@ -34598,6 +34910,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "skryptersi.pl", true },
{ "sksdrivingschool.com.au", true },
{ "sktan.com", true },
+ { "skulblaka.ch", true },
{ "skuldwyrm.no", true },
{ "skutry-levne.cz", true },
{ "skutry.cz", true },
@@ -34607,11 +34920,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sky-coach.nl", true },
{ "sky-live.fr", true },
{ "skyanchor.com", true },
- { "skybloom.io", true },
{ "skycmd.net", true },
{ "skyderby.ru", true },
{ "skydragoness.com", true },
{ "skydrive.live.com", false },
+ { "skyeeverest.tk", true },
{ "skyem.co.uk", true },
{ "skyfone.cz", true },
{ "skyger.cz", true },
@@ -34625,11 +34938,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "skynet233.ch", true },
{ "skynethk.com", true },
{ "skynetnetwork.eu.org", true },
+ { "skynetz.tk", true },
{ "skype.com", true },
{ "skyquid.co.uk", true },
{ "skys-entertainment.com", true },
{ "skyscapecanopies.com", true },
{ "skysuite.nl", true },
+ { "skywalkers.cz", true },
{ "skyynet.de", true },
{ "skyzimba.com.br", true },
{ "sl-bildermacher.de", true },
@@ -34670,16 +34985,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "slevomat.cz", true },
{ "slicklines.co.uk", true },
{ "slidebatch.com", true },
- { "slightfuture.com", true },
{ "slik.ai", true },
{ "slim-slender.com", true },
{ "slimspots.com", true },
{ "slingo-sta.com", true },
{ "slingooriginals.com", true },
+ { "slingoweb.com", true },
{ "slink.hr", true },
{ "slip-gaming.tk", true },
{ "slneighbors.org", true },
- { "slo-net.net", true },
{ "slo-tech.com", true },
{ "sloancom.com", true },
{ "slonep.net", true },
@@ -34695,9 +35009,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "slowgames.xyz", true },
{ "slpower.com", true },
{ "slrd-isperih.com", true },
+ { "slt24.de", true },
{ "sluciaconstruccion.com", true },
{ "sluimann.de", false },
{ "sluitkampzeist.nl", false },
+ { "slunecnice.cz", true },
{ "slusham.com", true },
{ "slvh.fr", true },
{ "slwilde.ca", true },
@@ -34716,16 +35032,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smalldogbreeds.net", true },
{ "smalle-voet.de", true },
{ "smallhadroncollider.com", true },
- { "smallpath.me", true },
{ "smalltalkconsulting.com", true },
{ "smaltimento-rifiuti.org", true },
{ "smaltimento.caserta.it", true },
+ { "smaltimento.milano.it", true },
{ "smaltimento.napoli.it", true },
{ "smaltimento.roma.it", true },
{ "smaltimentoamianto.frosinone.it", true },
{ "smaltimentoamianto.latina.it", true },
{ "smaltimentorifiuti.firenze.it", true },
{ "smaltimentorifiuti.livorno.it", true },
+ { "smaltimentorifiuti.prato.it", true },
{ "smaltimentorifiuti.veneto.it", true },
{ "smares.de", true },
{ "smart-cp.jp", true },
@@ -34734,10 +35051,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smart-shapes.co.uk", true },
{ "smart-wohnen.net", true },
{ "smart.gov", true },
+ { "smart.vet", true },
{ "smartacademy.ge", true },
{ "smartairkey.com", true },
{ "smartandcom.ch", true },
- { "smartandhappychild.ro", true },
+ { "smartandhappychild.ro", false },
{ "smartcheck.gov", true },
{ "smartcleaningcenter.nl", true },
{ "smartcpa.ca", true },
@@ -34760,6 +35078,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smartphonechecker.co.uk", true },
{ "smartphones-baratos.com", true },
{ "smartpolicingplatform.com", true },
+ { "smartpti.net", true },
{ "smartrecruit.ro", true },
{ "smartservices.nl", true },
{ "smartshiftme.com", true },
@@ -34786,6 +35105,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smiatek.name", true },
{ "smileandpay.com", true },
{ "smiledirectsales.com", true },
+ { "smilenwa.com", true },
{ "smilessoftplay.co.uk", true },
{ "smileytechguy.com", true },
{ "smilingmiao.com", true },
@@ -34800,16 +35120,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smithchow.com", true },
{ "smithchung.eu", true },
{ "smithfieldbaptist.org", true },
+ { "smitug.pw", true },
{ "smkw.com", false },
{ "smm.im", true },
{ "smmlaba.io", true },
{ "smokeandmirrors.agency", true },
{ "smokefree.gov", true },
+ { "smokefreerowan.org", true },
{ "smokeus.dk", true },
{ "smol.cat", true },
{ "smoo.st", true },
{ "smoothcomp.com", true },
{ "smoothgesturesplus.com", true },
+ { "smoothics.at", true },
+ { "smoothics.com", true },
+ { "smoothics.eu", true },
+ { "smoothics.mobi", true },
+ { "smoothics.net", true },
{ "smoothtalker.com", true },
{ "smorgasblog.ie", true },
{ "smow.com", true },
@@ -34828,8 +35155,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "smsprivacy.org", true },
{ "smspujcka24.eu", true },
{ "smtp.in.th", true },
+ { "smtparish.org", true },
{ "smuncensored.com", true },
- { "smutba.se", true },
{ "smutek.net", true },
{ "smvcm.com", true },
{ "smx.net.br", true },
@@ -34842,7 +35169,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "snakafya.com", true },
{ "snap.com", true },
{ "snapappointments.com", true },
- { "snapappts.com", true },
{ "snapchat.com", true },
{ "snapfinance.com", true },
{ "snapserv.ch", true },
@@ -34887,6 +35213,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sno-kingroofing-gutters.com", true },
{ "snoerendevelopment.nl", true },
{ "snohomishsepticservice.com", true },
+ { "snoot.club", true },
{ "snopyta.com", true },
{ "snortfroken.net", true },
{ "snote.io", true },
@@ -34909,7 +35236,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "snowyluma.com", true },
{ "snowyluma.me", true },
{ "snperformance.gr", true },
- { "snrat.com", true },
+ { "snroth.de", true },
{ "snrub.co", true },
{ "sntravel.co.uk", true },
{ "snuff.porn", true },
@@ -34928,7 +35255,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sobieray.dyndns.org", true },
{ "sobotkama.eu", true },
{ "sobreporcentagem.com", true },
- { "soc.net", true },
{ "soccorso-stradale.org", true },
{ "sochi-sochno.ru", true },
{ "sociability.dk", true },
@@ -34956,12 +35282,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sociopathy.org", true },
{ "sockeye.io", true },
{ "sockscap64.com", true },
- { "socoastal.com", true },
{ "sodadigital.com.au", true },
{ "sodafilm.de", true },
{ "sodexam.pro", true },
{ "sodi.nl", true },
- { "sodiao.cc", true },
{ "sodomojo.com", true },
{ "soe-server.com", true },
{ "sofa-rockers.org", true },
@@ -35041,7 +35365,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "solicafe.at", true },
{ "solidarita-kosovo.net", true },
{ "solidshield.com", true },
- { "solidtuesday.com", true },
{ "solihullcarnival.co.uk", true },
{ "solihullinflatables.com", true },
{ "solihulllionsclub.org.uk", true },
@@ -35074,7 +35397,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "somanao.com", true },
{ "somcase.com.br", true },
{ "somecrazy.com", true },
- { "somersetscr.nhs.uk", true },
{ "somersetwellbeing.nhs.uk", true },
{ "somethingsketchy.net", true },
{ "sommefeldt.com", true },
@@ -35105,9 +35427,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sonic.studio", true },
{ "sonicdoe.com", true },
{ "sonixonline.com", true },
- { "sonoecoracao.com.br", true },
{ "sonyunlock.nu", true },
- { "soodwatthanaphon.net", true },
{ "soohealthy.nl", true },
{ "soomee.be", true },
{ "soomee1.be", true },
@@ -35143,12 +35463,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sos-falegname.it", true },
{ "sos-idraulico.it", true },
{ "sos-muratore.it", true },
- { "sosesh.shop", true },
{ "sosoftplay.co.uk", true },
{ "sospromotions.com.au", true },
{ "sostacancun.com", true },
{ "sosteam.jp", true },
{ "sosteric.si", true },
+ { "sot.blue", true },
+ { "sot.red", true },
{ "sotadb.info", true },
{ "sotai.tk", true },
{ "sotar.us", true },
@@ -35186,10 +35507,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sourcecode.tw", true },
{ "sourceway.de", true },
{ "souris.ch", true },
+ { "sous-surveillance.net", false },
{ "southafrican.dating", true },
{ "southambouncycastle.co.uk", true },
{ "southamerican.dating", true },
{ "southbankregister.com.au", true },
+ { "southbendflooring.com", true },
{ "southcountyplumbing.com", true },
{ "southdakotahealthnetwork.com", true },
{ "southeastvalleyurology.com", true },
@@ -35254,6 +35577,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sparklebastard.com", true },
{ "sparkz.no", true },
{ "sparprofi.at", true },
+ { "sparta-en.org", true },
{ "sparta-solutions.de", true },
{ "spartaconsulting.fi", true },
{ "spartacuslife.com", true },
@@ -35267,7 +35591,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spazturtle.co.uk", true },
{ "spazzacamino.roma.it", true },
{ "spbet99.com", true },
- { "spd-pulheim-mitte.de", true },
{ "spdepartamentos.com.br", true },
{ "spdf.net", true },
{ "spdillini.com", true },
@@ -35295,6 +35618,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "speedsportofhull.co.uk", true },
{ "speedtailors.com", true },
{ "speedtest-russia.com", true },
+ { "speedwaybusinesspark.com", true },
{ "speeltoneel.nl", true },
{ "speerpunt.info", true },
{ "speets.ca", true },
@@ -35308,11 +35632,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spenny.tf", true },
{ "sperandii.it", true },
{ "sperec.fr", true },
+ { "spero.solutions", true },
{ "sperrstun.de", true },
{ "spesys-services.fr", true },
{ "spha.info", true },
{ "sphere-realty.com", true },
{ "sphereblur.com", true },
+ { "spherenix.org", true },
{ "sphido.org", true },
{ "spicejungle.com", true },
{ "spicydog.org", true },
@@ -35324,19 +35650,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spielezar.ch", true },
{ "spielland.ch", true },
{ "spiellawine.de", true },
+ { "spieltexte.de", true },
{ "spiet.nl", true },
{ "spiff.eu", true },
{ "spiga.ch", true },
{ "spikelands.com", true },
+ { "spilled.ink", true },
+ { "spillmaker.no", false },
{ "spilogkoder.dk", true },
{ "spinalien.net", false },
{ "spinalo.se", true },
{ "spindle.com.ph", true },
{ "spindrift.com", true },
{ "spingenie.com", true },
- { "spinor.im", true },
{ "spins.fedoraproject.org", true },
{ "spinspin.wtf", true },
+ { "spira-group.eu", true },
+ { "spira.kiev.ua", true },
{ "spiralschneiderkaufen.de", true },
{ "spirella-shop.ch", true },
{ "spirit55555.dk", true },
@@ -35402,6 +35732,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sportxt.ru", true },
{ "spot-lumiere-led.com", true },
{ "spotrebitelskecentrum.sk", true },
+ { "spotswoodvet.com", true },
{ "spottedpenguin.co.uk", true },
{ "spotupload.com", true },
{ "sppin.fr", true },
@@ -35417,7 +35748,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "springerundpartner.de", true },
{ "springfieldbricks.com", true },
{ "springhillmaine.com", true },
- { "springreizen.nl", true },
{ "sprinklermanohio.com", true },
{ "spritmonitor.de", true },
{ "spritsail.io", true },
@@ -35432,6 +35762,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "spsnewengland.org", true },
{ "spt.re", true },
{ "sptk.org", true },
+ { "sptr.blog", true },
{ "spuffin.com", true },
{ "spufpowered.com", true },
{ "spunkt.fr", true },
@@ -35451,7 +35782,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "square-gaming.org", true },
{ "square-src.de", false },
{ "square.com", false },
- { "squarelab.it", true },
{ "squareup.com", false },
{ "squawk.cc", true },
{ "squeakql.online", true },
@@ -35467,7 +35797,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "src-el-main.com", true },
{ "src.fedoraproject.org", true },
{ "srchub.org", true },
- { "srichan.net", true },
{ "srife.net", true },
{ "srigc.com", true },
{ "srihash.org", true },
@@ -35517,7 +35846,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ssldecoder.org", true },
{ "ssldev.net", true },
{ "sslmate.com", true },
- { "sslok.com", true },
+ { "sslok.com", false },
{ "sslping.com", true },
{ "sslpoint.com", true },
{ "ssls.cz", true },
@@ -35579,6 +35908,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "staklim-malang.info", true },
{ "stako.jp", true },
{ "staktrace.com", true },
+ { "stal-rulon.ru", true },
+ { "stalder.work", true },
{ "staljedevledder.nl", true },
{ "stalker-shop.com", true },
{ "stalkerteam.pl", true },
@@ -35602,6 +35933,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stanthonymaryclaret.org", true },
{ "staparishgm.org", true },
{ "star-clean.it", true },
+ { "star.watch", true },
{ "starcoachservices.ca", true },
{ "starcomproj.com", true },
{ "stardanceacademy.net", true },
@@ -35631,6 +35963,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "startergen.com", true },
{ "startlab.sk", true },
{ "startle.cloud", true },
+ { "startliste.info", true },
{ "startpage.com", true },
{ "startpage.info", true },
{ "startrek.in", true },
@@ -35681,6 +36014,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stcu.org", false },
{ "std-home-test.com", true },
{ "stderr.cc", true },
+ { "stdev.top", true },
{ "stdrc.cc", false },
{ "steakhaus-zumdorfbrunnen.de", true },
{ "steakovercooked.com", true },
@@ -35695,13 +36029,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "steamtrades.com", true },
{ "steamwhale.com", true },
{ "stebet.net", true },
- { "steborio.pw", true },
- { "steckel.cc", true },
{ "stedb.eu", true },
{ "stedbg.net", true },
{ "steef389.eu", true },
{ "steel-roses.de", true },
+ { "steelbeasts.org", true },
{ "steelephys.com.au", true },
+ { "steelmounta.in", true },
{ "steemit.com", true },
{ "steemyy.com", true },
{ "steerty.com", true },
@@ -35732,6 +36066,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stellarium-gornergrat.ch", true },
{ "stellarx.com", true },
{ "stelleninserate.de", true },
+ { "stellenticket.de", true },
{ "stellmacher.name", true },
{ "stemapp.io", true },
{ "stembureauledenindenhaag.nl", true },
@@ -35748,7 +36083,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stephenhaunts.com", true },
{ "stephenhorler.com.au", true },
{ "stephenj.co.uk", true },
- { "stephenjvoiceovers.com", true },
{ "stephenperreira.com", true },
{ "stephenreescarter.com", true },
{ "stephenreescarter.net", true },
@@ -35777,8 +36111,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sternenbund.info", true },
{ "sternplastic.com", true },
{ "sternsinus.com", true },
+ { "stetson.edu", true },
{ "stetspa.it", true },
{ "steuer-voss.de", true },
+ { "steuerberater-essen-steele.com", true },
{ "steuerkanzlei-edel.de", true },
{ "steuern-recht-wirtschaft.de", true },
{ "steuerseminare-graf.de", true },
@@ -35797,14 +36133,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stevenroddis.com", true },
{ "stevens.se", false },
{ "steventress.com", true },
- { "steventruesdell.com", true },
{ "stevenwooding.com", true },
{ "stevenz.net", true },
{ "stevenz.science", true },
{ "stevenz.xyz", true },
{ "stevesdrivingschooltyneside.com", true },
{ "stewartswines.com", true },
- { "stewpolley.com", true },
+ { "stewpolley.com", false },
{ "steyaert.be", false },
{ "stforex.com", false },
{ "stfrancisnaugatuck.org", true },
@@ -35823,7 +36158,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stickandpoketattookit.com", true },
{ "stickeramoi.com", true },
{ "stickergiant.com", true },
- { "stickertuningfetzt.de", false },
+ { "stickertuningfetzt.de", true },
{ "stickies.io", true },
{ "stickmanventures.com", true },
{ "stickstueb.de", true },
@@ -35836,7 +36171,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stikic.me", true },
{ "stilartmoebel.de", true },
{ "stilecop.com", true },
- { "stillnessproject.com", true },
{ "stilmobil.se", true },
{ "stiltmedia.com", true },
{ "stimmgabel.lu", true },
@@ -35853,13 +36187,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stitchfiddle.com", true },
{ "stitchinprogress.com", true },
{ "stivesbouncycastlehire.co.uk", true },
+ { "stjameslititz.org", true },
{ "stjohnin.com", true },
{ "stjohnsottsville.org", true },
{ "stjoseph-stcatherine.org", true },
+ { "stjosephri.org", true },
+ { "stjosephsoswego.com", true },
{ "stjosephspringcity.com", true },
{ "stjosephtheworker.net", true },
{ "stjscatholicchurch.org", true },
{ "stjustin.org", true },
+ { "stkevin-stbenedict.org", true },
{ "stln.ml", true },
{ "stlu.de", true },
{ "stlukenh.org", true },
@@ -35870,6 +36208,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stmarkseagirt.com", true },
{ "stmarthachurch.com", true },
{ "stmaryextra.uk", true },
+ { "stmarysnutley.org", true },
+ { "stmaryswestwarwick.org", true },
{ "stmatthewri.org", true },
{ "stmattsparish.com", true },
{ "stmichaellvt.com", true },
@@ -35877,17 +36217,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stmlearning.com", true },
{ "stmsolutions.pl", true },
{ "stneotsbouncycastlehire.co.uk", true },
+ { "stnevis.ru", true },
{ "stockpile.com", true },
{ "stockrow.com", true },
{ "stockstuck.com", true },
{ "stocktout.info", true },
{ "stocktrader.com", true },
+ { "stocp.org", true },
{ "stodieck.com", true },
{ "stoebermehl.at", true },
{ "stoffelnet.de", true },
{ "stogiesandmash.com", true },
{ "stokvistrading.nl", true },
- { "stolbart.com", true },
{ "stolin.info", true },
{ "stolina.de", false },
{ "stolkpotplanten.nl", true },
@@ -35898,6 +36239,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stoneagehealth.com.au", true },
{ "stonechatjewellers.ie", true },
{ "stonedworms.de", true },
+ { "stoneedgeconcrete.com", true },
{ "stonehammerhead.org", true },
{ "stonehurstcap.com", true },
{ "stonewuu.com", true },
@@ -35912,7 +36254,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "storedsafe.com", true },
{ "storeit.co.uk", true },
{ "storeprice.co.uk", true },
- { "storeprijs.nl", true },
{ "storillo.com", true },
{ "storm-family.com", true },
{ "stormi.io", true },
@@ -35927,6 +36268,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stouter.nl", true },
{ "stoxford.com", true },
{ "stpatrickbayshore.org", true },
+ { "stpatrickkennettsquare.org", true },
+ { "stpatrickri.org", true },
+ { "stpatricks-pelham.com", true },
{ "stpaulcatholicchurcheastnorriton.net", true },
{ "str8hd.com", true },
{ "straatderzotten.nl", true },
@@ -35935,10 +36279,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "strahlende-augen.info", true },
{ "strajnar.si", true },
{ "straka.name", true },
+ { "strandedinotter.space", true },
+ { "strandom.ru", true },
{ "strandschnuppern.de", true },
{ "strangelane.com", true },
{ "strangemusicinc.com", true },
{ "strangemusicinc.net", true },
+ { "strangeways.ca", true },
+ { "straphael-holyangels.com", true },
{ "strate.io", true },
{ "strategiccapital.com", true },
{ "strategiclivingblog.com", true },
@@ -35969,7 +36317,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stremio.com", true },
{ "strengthroots.com", true },
{ "stretchmyan.us", true },
- { "stretchpc.com", true },
{ "striata.com", true },
{ "striatadev.com", true },
{ "stricted.net", true },
@@ -35985,6 +36332,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "strobeto.de", true },
{ "strobotti.com", true },
{ "stroccounioncity.org", true },
+ { "stroeder.com", true },
{ "stroeerdigital.de", true },
{ "stroginohelp.ru", true },
{ "strom.family", true },
@@ -36007,6 +36355,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "strutta.me", true },
{ "strydom.me.uk", true },
{ "stsolarenerji.com", true },
+ { "ststanislaus.com", true },
{ "ststanstrans.org", true },
{ "stt.wiki", true },
{ "sttg.com.au", true },
@@ -36026,6 +36375,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "student-eshop.sk", true },
{ "studentfinancecountdown.com", true },
{ "studentforums.biz", true },
+ { "studentklinikk.no", true },
{ "studentloans.gov", true },
{ "studentpop.com", true },
{ "studentrightsadvocate.org", true },
@@ -36038,6 +36388,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "studio-architetto.com", true },
{ "studio-art.pro", true },
{ "studio-fotografico.ru", true },
+ { "studio-happyvalley.com", true },
{ "studio44.fit", true },
{ "studioadevents.com", true },
{ "studioavvocato24.it", true },
@@ -36066,6 +36417,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "studiovaud.com", true },
{ "studipro-formation.fr", true },
{ "studipro-marketing.fr", true },
+ { "studisys.net", true },
{ "studium.cz", true },
{ "studyin.jp", true },
{ "studyspy.ac.nz", true },
@@ -36092,7 +36444,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "stuvus.uni-stuttgart.de", true },
{ "stw-group.at", true },
{ "stygium.net", false },
- { "stylaq.com", true },
{ "stylebajumuslim.com", true },
{ "styleci.io", true },
{ "stylecollective.us", true },
@@ -36109,6 +36460,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "subastasdecarros.net", true },
{ "subculture.live", true },
{ "subdev.org", true },
+ { "subdimension.org", true },
{ "sublimebits.com", true },
{ "sublocale.com", true },
{ "submedia.tv", true },
@@ -36118,10 +36470,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "subrosr.com", true },
{ "subsistence.wiki", true },
{ "substitutealert.com", true },
- { "subterfuge.io", true },
{ "suburban-landscape.net", true },
{ "suburbaninfinitioftroyparts.com", true },
{ "subversive-tech.com", true },
+ { "subzerotech.co.uk", true },
{ "succ.in", true },
{ "succesprojekter.dk", true },
{ "successdeliv.com", true },
@@ -36137,6 +36489,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sudo.org.au", true },
{ "sudo.ws", true },
{ "sudokian.io", true },
+ { "sudoschool.com", true },
{ "suelyonjones.com", true },
{ "suessdeko.de", true },
{ "suevia-ka.de", true },
@@ -36152,7 +36505,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "suggea.com", true },
{ "suggestim.ch", true },
{ "suisui.stream", true },
- { "suited21.com", true },
{ "suitesapp.com", true },
{ "sujal.com", true },
{ "sujatadev.in", true },
@@ -36169,7 +36521,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sullenholland.nl", true },
{ "suluvir.com", true },
{ "sumguy.com", true },
- { "summa-prefis.com", true },
{ "summa.eu", false },
{ "summercampthailand.com", true },
{ "summershomes.com", true },
@@ -36191,7 +36542,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sunjiutuo.com", true },
{ "sunlit.cloud", true },
{ "sunn.ie", true },
+ { "sunny.co.uk", true },
{ "sunnylyx.com", true },
+ { "sunnysidechurchofchrist.org", true },
{ "sunoikisis.org", true },
{ "sunred.info", true },
{ "sunred.org", true },
@@ -36247,7 +36600,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "supertechcrew.com", true },
{ "supertutorial.com.br", true },
{ "supervisionassist.com", true },
- { "superway.es", true },
{ "supeuro.com", true },
{ "supioka.com", true },
{ "supmil.net", true },
@@ -36267,10 +36619,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "supriville.com.br", true },
{ "sur-v.com", true },
{ "surao.cz", true },
- { "surasak.io", true },
{ "surasak.net", true },
{ "surasak.org", true },
- { "surdam.casa", true },
{ "sure-it.de", true },
{ "surefit-oms.com", true },
{ "suretone.co.za", true },
@@ -36282,13 +36632,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "surgicalassociateswny.com", true },
{ "suroil.com", true },
{ "surpreem.com", true },
+ { "surrealcoder.com", true },
{ "surreyheathyc.org.uk", true },
{ "suruifu.com", true },
{ "survature.com", true },
{ "surveillance104.com", true },
{ "surveyhealthcare.com", true },
{ "surveymill.co.uk", true },
- { "survivalistplanet.com", true },
{ "survivalmonkey.com", true },
{ "susanbpilates.co", true },
{ "susanbpilates.com", true },
@@ -36332,7 +36682,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "svdb.co", false },
{ "svdreamcatcher.com", true },
{ "sveinerik.org", true },
- { "svendubbeld.nl", true },
{ "sveneckelmann.de", true },
{ "svenjaundchristian.de", true },
{ "svenluijten.com", false },
@@ -36347,6 +36696,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "svm-it.eu", true },
{ "svobodnyblog.cz", true },
{ "svorcikova.cz", true },
+ { "svsb-live.azurewebsites.net", false },
{ "sw-servers.net", true },
{ "sw33tp34.com", true },
{ "swagsocial.net", true },
@@ -36356,6 +36706,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "swapadoodle.com", true },
{ "swaptaxdata.com", true },
{ "swarfarm.com", true },
+ { "swarovski-lov.cz", true },
{ "swat4stats.com", true },
{ "swattransport.ae", true },
{ "sway-cdn.com", true },
@@ -36369,12 +36720,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sweepay.ch", true },
{ "sweet-as.co.uk", true },
{ "sweet-orr.com", true },
+ { "sweet-spatula.com", true },
{ "sweetair.com", true },
{ "sweetbridge.com", true },
{ "sweetgood.de", true },
{ "sweethomesnohomishrenovations.com", true },
{ "sweets-mimatsu.com", true },
- { "swehack.org", true },
{ "sweharris.org", true },
{ "swerve-media-testbed-03.co.uk", true },
{ "swetrust.com", true },
@@ -36395,14 +36746,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "swiss-cyber-experts.ch", true },
{ "swiss-vanilla.ch", true },
{ "swiss-vanilla.com", true },
- { "swisscannabis.club", true },
{ "swissdojo.ch", true },
{ "swisselement365.com", true },
{ "swissfreshaircan.ch", true },
{ "swissid.ch", true },
{ "swisslinux.org", true },
{ "swisstechassociation.ch", true },
- { "swisstechtalks.ch", true },
{ "swissvanilla.ch", true },
{ "swissvanilla.com", true },
{ "switch-trader.com", true },
@@ -36411,6 +36760,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "switcheo.rocks", true },
{ "switzerland-family-office.com", true },
{ "swivells.com", true },
+ { "swkdevserver.tk", true },
+ { "swktestserver.tk", true },
{ "swn-nec.de", true },
{ "swordfeng.xyz", true },
{ "swqa.hu", true },
@@ -36423,6 +36774,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sy-anduril.de", true },
{ "sy24.ru", true },
{ "syajvo.if.ua", true },
+ { "syakonavi.com", true },
{ "syamutodon.xyz", true },
{ "sycamorememphis.org", true },
{ "sychov.pro", true },
@@ -36433,9 +36785,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "syenar.net", true },
{ "syezd.com.au", true },
{ "syha.org.uk", true },
- { "syhost.at", true },
- { "syhost.ch", true },
- { "syhost.de", true },
{ "sykepleien.no", false },
{ "sylaps.com", true },
{ "syleam.in", true },
@@ -36444,8 +36793,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sylvaindurand.fr", true },
{ "sylvaindurand.org", true },
{ "sylvaloir.fr", true },
- { "sylvan.me", true },
- { "sylvangarden.net", true },
{ "sylve.ch", true },
{ "sym01.com", true },
{ "symb.ch", true },
@@ -36454,6 +36801,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "symbiose-immobilier.ch", true },
{ "symbiose.com", true },
{ "symbiosecom.ch", true },
+ { "symdevinc.com", true },
{ "symeda.de", true },
{ "symetria.io", true },
{ "symfora-meander.nl", true },
@@ -36474,6 +36822,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "synchrolarity.com", true },
{ "synchronicity.cz", true },
{ "synchronyse.com", true },
+ { "synchtu.be", false },
{ "syncrise.co.jp", true },
{ "syneart.com", true },
{ "synecek11.cz", true },
@@ -36488,7 +36837,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "syntheticgrassliving.com.au", true },
{ "syntheticurinereview.com", true },
{ "synthetik.com", true },
- { "syoier.com", true },
{ "syplasticsurgery.com", true },
{ "syriatalk.biz", true },
{ "syriatalk.org", true },
@@ -36526,7 +36874,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "sysystems.cz", true },
{ "syt3.net", true },
{ "syukatsu-net.jp", true },
- { "syunpay.cn", true },
{ "syy.im", true },
{ "syzygy-tables.info", true },
{ "sz-ideenlos.de", true },
@@ -36541,6 +36888,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "szentistvanpt.sk", true },
{ "szepsegbennedrejlik.hu", true },
{ "szerelem.love", true },
+ { "szeretekvajpolni.hu", true },
{ "szetowah.org.hk", true },
{ "szunia.com", true },
{ "szybkiebieganie.pl", true },
@@ -36556,7 +36904,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "t12u.com", true },
{ "t23m-navi.jp", false },
{ "t2i.nl", true },
- { "t3rror.net", true },
{ "t47.io", true },
{ "t4c.link", true },
{ "t4cc0.re", true },
@@ -36567,6 +36914,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ta-sports.net", true },
{ "ta65.com", true },
{ "taabe.net", true },
+ { "taalcursusvolgen.nl", true },
{ "taartbesteld.nl", true },
{ "tabarnak.ga", true },
{ "tabernadovinho.com.br", true },
@@ -36587,11 +36935,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tacklinglife.com", true },
{ "tacklog.com", true },
{ "tacomafia.net", true },
- { "tacostea.net", true },
{ "tacticalsquare.com", true },
{ "taddiestales.com", true },
{ "tadeo.ca", true },
{ "tadiranbatteries.de", true },
+ { "tadj-mahalat.com", true },
+ { "tadlab.cl", true },
{ "tadluedtke.com", true },
{ "tadtadya.com", true },
{ "tadu.de", true },
@@ -36612,6 +36961,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tails.boum.org", true },
{ "taimane.com", true },
{ "taiphanmem.net", true },
+ { "taishokudaiko.com", true },
{ "taishon.nagoya", true },
{ "taitmacleod.com", true },
{ "taiwan.dating", true },
@@ -36655,6 +37005,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "talkwithyourbaby.org", true },
{ "tallcraft.com", true },
{ "talldude.net", true },
+ { "tallinnsec.ee", true },
+ { "tallinnsex.ee", true },
{ "talltreeskv.com.au", true },
{ "tallyfy.com", true },
{ "talon.rip", true },
@@ -36674,18 +37026,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tamposign.fr", true },
{ "tamriel-rebuilt.org", true },
{ "tanacio.com", true },
+ { "tanak3n.xyz", false },
{ "tancredi.nl", true },
{ "tandem-trade.ru", false },
{ "tandemexhibits.com", true },
{ "tandempartnerships.com", true },
- { "tandilmap.com.ar", true },
{ "tandk.com.vn", true },
{ "tandzorg.link", true },
{ "tangel.me", true },
{ "tangemann.org", true },
{ "tango-ouest.com", true },
{ "tangoalpha.co.uk", true },
- { "tanhit.com", true },
{ "taniafitness.co.uk", true },
{ "taniafitness.com", true },
{ "tanie-uslugi-ksiegowe.pl", true },
@@ -36715,6 +37066,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tapsnapp.co", true },
{ "taquilla.com", true },
{ "tar-mag.com", true },
+ { "taranis.re", true },
{ "tarasecurity.co.uk", true },
{ "tarasecurity.com", true },
{ "tarasevich.by", true },
@@ -36726,6 +37078,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tarik.io", true },
{ "tarmexico.com", true },
{ "taron.top", true },
+ { "tarot-cartas.com", true },
{ "tarsan.cz", true },
{ "tartaneagle.org.uk", true },
{ "tartanhamedshop.com.br", true },
@@ -36757,7 +37110,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tattvaayoga.com", true },
{ "tatuantes.com", true },
{ "taunhanh.us", true },
- { "tauschen.info", true },
+ { "taustyle.ru", true },
{ "tavolaquadrada.com.br", true },
{ "tavsys.net", true },
{ "tax-guard.com", true },
@@ -36795,6 +37148,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tbuchloh.de", true },
{ "tc-st-leonard.ch", true },
{ "tc.nz", true },
+ { "tcade.co", true },
{ "tcb-a.org", true },
{ "tcb-b.org", true },
{ "tccmb.com", true },
@@ -36808,6 +37162,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tchebotarev.com", true },
{ "tchnics.de", true },
{ "tchoukball.ch", true },
+ { "tcit.fr", true },
{ "tcmwellnessclinic.com", true },
{ "tcnapplications.com", true },
{ "tcpweb.net", true },
@@ -36823,6 +37178,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tdsinflatables.co.uk", true },
{ "tdude.co", true },
{ "tea.codes", true },
+ { "tea.in.th", true },
{ "teabagdesign.co.uk", true },
{ "teachbiz.net", true },
{ "teachercreatedmaterials.com", true },
@@ -36838,8 +37194,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "teachwithouttears.com", true },
{ "teahut.net", true },
{ "team-azerty.com", true },
- { "team-bbd.com", true },
- { "team-pancake.eu", true },
{ "team.house", true },
{ "team3482.com", true },
{ "teambeam.at", true },
@@ -36861,7 +37215,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "teamspeak-serverlist.xyz", true },
{ "teamtouring.net", true },
{ "teamtrack.uk", true },
- { "teamtravel.co", true },
{ "teamup.com", true },
{ "teamup.rocks", true },
{ "teamupturn.com", true },
@@ -36891,7 +37244,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "techamigo.in", true },
{ "techarea.fr", true },
{ "techaulogy.com", true },
- { "techbelife.com", true },
{ "techbrown.com", true },
{ "techcracky.com", true },
{ "techcultivation.de", false },
@@ -36901,6 +37253,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "techdroid.eu", true },
{ "techendeavors.com", true },
{ "techformator.pl", true },
+ { "techforthepeople.org", true },
{ "techglover.com", true },
{ "techhappy.ca", true },
{ "techinet.pl", true },
@@ -36915,11 +37268,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "technicabv.nl", true },
{ "technicalbrothers.cf", true },
{ "technicallyeasy.net", true },
+ { "technicalramblings.com", true },
{ "technicalsystemsprocessing.com", true },
{ "techniclab.net", true },
{ "techniclab.org", true },
{ "techniclab.ru", true },
- { "technifocal.com", true },
{ "technik-boeckmann.de", true },
{ "technikblase.fm", true },
{ "technikman.de", true },
@@ -36951,7 +37304,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "techviewforum.com", true },
{ "techwayz.com", true },
{ "techwithcromulent.com", true },
- { "techwords.io", true },
{ "techzero.cn", true },
{ "teckids.org", true },
{ "tecma.com", true },
@@ -36962,6 +37314,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tecnoarea.com.ar", true },
{ "tecnobrasilloja.com.br", true },
{ "tecnodritte.it", true },
+ { "tecnogaming.com", true },
{ "tecnogazzetta.it", true },
{ "tecnologiasurbanas.com", true },
{ "tecon.co.at", true },
@@ -36984,6 +37337,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "teensexgo.com", true },
{ "teeworlds-friends.de", true },
{ "tefek.cz", true },
+ { "teganlaw.ca", true },
+ { "teganlaw.com", true },
{ "tege-elektronik.hu", true },
{ "tehrabbitt.com", false },
{ "tehranperfume.com", true },
@@ -36991,6 +37346,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tejarat98.com", true },
{ "teknemodus.com.au", true },
{ "teknik.io", true },
+ { "tekniksnack.se", true },
{ "tekniskakustik.se", true },
{ "tekno.de", true },
{ "teknoforums.com", true },
@@ -36999,10 +37355,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tekuteku.jp", true },
{ "telamon.eu", true },
{ "telamon.fr", true },
- { "tele-alarme.ch", true },
+ { "telco.at", true },
{ "tele-online.com", true },
{ "telealarme.ch", true },
- { "telealarmevalais.ch", true },
{ "telecamera.pro", false },
{ "telecomwestland.nl", true },
{ "teledivi.com", true },
@@ -37015,6 +37370,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "telefoon.nl", true },
{ "telefoonabonnement.nl", true },
{ "telegenisys.com", true },
+ { "telegram.org", true },
{ "telegramdr.com", true },
{ "telehealthventures.com", false },
{ "telekothonbd.com", true },
@@ -37028,6 +37384,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tellcorpassessoria.com.br", true },
{ "telling.xyz", true },
{ "tellingua.com", false },
+ { "tellthemachines.com", true },
{ "tellusaboutus.com", true },
{ "telly.site", true },
{ "tellygames.com", true },
@@ -37061,8 +37418,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tendoryu-aikido.org", false },
{ "tenenz.com", true },
{ "tenisservis.eu", true },
+ { "tenkdigitalt.no", true },
{ "tenkofx.com", true },
- { "tennisadmin.com", true },
{ "tennismindgame.com", true },
{ "tenno.tools", true },
{ "tenpo-iku.com", true },
@@ -37076,6 +37433,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tenyx.de", true },
{ "tenzer.dk", true },
{ "teoleonie.com", true },
+ { "tepautotuning.com", true },
{ "tepid.org", true },
{ "tepitus.de", true },
{ "teplofom.ru", true },
@@ -37108,6 +37466,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "terralimno.eu", true },
{ "terraluna.space", true },
{ "terranova-nutrition.dk", true },
+ { "terranova.fi", true },
{ "terrapay.com", true },
{ "terrastaffinggroup.com", false },
{ "terraweb.net", true },
@@ -37133,6 +37492,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "testeveonline.com", true },
{ "testgeomed.ro", true },
{ "testomato.com", true },
+ { "testoon.com", true },
{ "testosteronedetective.com", true },
{ "testsuite.org", true },
{ "testsvigilantesdeseguridad.es", true },
@@ -37176,7 +37536,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "teyssedre.ca", true },
{ "tf2b.com", true },
{ "tf2calculator.com", true },
- { "tf7879.com", true },
{ "tfb.az", true },
{ "tfg-bouncycastles.com", true },
{ "tfk.fr", true },
@@ -37202,7 +37561,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thablubb.de", true },
{ "thaedal.net", true },
{ "thai.dating", true },
- { "thai.land", false },
+ { "thai.land", true },
{ "thaicyberpoint.com", true },
{ "thaiforest.ch", true },
{ "thaihomecooking.com", true },
@@ -37217,6 +37576,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thalia.nu", true },
{ "thaliagetaway.com.au", true },
{ "thallinger.me", true },
+ { "thambaru.com", true },
{ "thamesfamilydentistry.com", true },
{ "thamtubinhminh.com", true },
{ "thanabh.at", true },
@@ -37226,6 +37586,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thatquiz.org", true },
{ "thatsme.io", true },
{ "thca.ca", true },
+ { "thcpbees.co.uk", true },
{ "the-arabs.com", true },
{ "the-bermanns.com", true },
{ "the-big-bang-theory.com", true },
@@ -37254,11 +37615,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "theaps.net", true },
{ "theastrocoach.com", true },
{ "theatre-schools.com", true },
+ { "theazoorsociety.org", true },
{ "thebakers.com.br", true },
{ "thebakery2go.de", true },
{ "thebannerstore.com", true },
{ "thebarbdemariateam.com", true },
- { "thebarneystyle.com", true },
{ "thebarrens.nu", true },
{ "thebasebk.org", true },
{ "thebcm.co.uk", true },
@@ -37311,7 +37672,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thecrazytravel.com", true },
{ "thecrescentchildcarecenter.com", true },
{ "thecrew-exchange.com", true },
- { "thecrochetcottage.net", true },
{ "thecstick.com", true },
{ "thecuppacakery.co.uk", true },
{ "thecuriousdev.com", true },
@@ -37319,6 +37679,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thecustomdroid.com", true },
{ "theda.co.za", true },
{ "thedark1337.com", true },
+ { "thedebug.life", true },
{ "thederminstitute.com", true },
{ "thedhs.com", true },
{ "thediamondcenter.com", true },
@@ -37339,6 +37700,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "theemasphere.com", true },
{ "theender.net", true },
{ "theepiclounge.com", true },
+ { "theeverycompany.com", true },
+ { "theeyeopener.com", true },
{ "thefairieswantmedead.com", true },
{ "thefanimatrix.net", true },
{ "thefashionpolos.com", true },
@@ -37348,7 +37711,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thefilmphotography.com", true },
{ "theflowerbasketonline.com", true },
{ "theflowershopdeddington.com", true },
- { "theflyingbear.net", true },
{ "thefnafarchive.org", true },
{ "theforkedspoon.com", true },
{ "thefourthmoira.com", true },
@@ -37388,6 +37750,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thehotness.tech", true },
{ "thehouseofgod.org.nz", true },
{ "thehowtohome.com", true },
+ { "thehub.ai", true },
+ { "theideaskitchen.com.au", true },
{ "theidiotboard.com", true },
{ "theig.co", true },
{ "theillustrationstudio.com.au", true },
@@ -37399,6 +37763,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "theinitium.com", true },
{ "theintercept.com", true },
{ "theinternationalgeekconspiracy.eu", true },
+ { "theissue.com.au", true },
{ "theitsage.com", false },
{ "thejacksoninstitute.com.au", true },
{ "thekev.in", true },
@@ -37443,7 +37808,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "themusecollaborative.org", true },
{ "themusicinnoise.net", true },
{ "thenanfang.com", true },
- { "thenarcissisticlife.com", true },
{ "theneatgadgets.com", true },
{ "thenerdic.com", true },
{ "thenexwork.com", true },
@@ -37480,7 +37844,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thepharm.co.nz", true },
{ "thephonecaseplace.com", true },
{ "thephp.cc", true },
- { "thepiabo.ovh", true },
{ "thepieslicer.com", true },
{ "thepiratesociety.org", true },
{ "theplaidpoodle.com", true },
@@ -37492,11 +37855,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thepriorybandbsyresham.co.uk", true },
{ "theproductpoet.com", true },
{ "thepromisemusic.com", true },
- { "thepythianseed.com", true },
{ "theragran.co.id", true },
{ "theralino.de", true },
{ "theramo.re", true },
- { "therandombits.com", true },
+ { "therandombits.com", false },
{ "therapiemi.ch", true },
{ "therapynotes.com", true },
{ "therapyportal.com", true },
@@ -37565,13 +37927,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thestyleforme.com", true },
{ "thesuppercircle.com", true },
{ "theswissbay.ch", true },
+ { "theteacherscorner.net", true },
{ "thetechnical.me", true },
{ "thetenscrolls.com", true },
{ "thethreepercent.marketing", true },
{ "thetiedyelab.com", true },
{ "thetinylife.com", true },
{ "thetomharling.com", true },
+ { "thetorlock.com", true },
+ { "thetorrentfunk.com", true },
{ "thetotalemaildelivery.com", true },
+ { "thetravelczar.com", true },
{ "thetree.ro", true },
{ "thetrendspotter.net", true },
{ "thetuxkeeper.de", false },
@@ -37584,6 +37950,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thevgg.com", false },
{ "thevisasofoz.com", true },
{ "thevoya.ga", true },
+ { "thevyra.com", true },
{ "thewagesroom.co.uk", true },
{ "thewarrencenter.org", true },
{ "thewaxhouse.academy", true },
@@ -37598,6 +37965,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thewoodkid.com.au", true },
{ "thewoolroom.com.au", true },
{ "theworld.tk", true },
+ { "theworldbattle.com", true },
{ "theworldexchange.com", true },
{ "theworldexchange.net", true },
{ "theworldexchange.org", true },
@@ -37609,14 +37977,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "theyear199x.org", true },
{ "theyearinpictures.co.uk", true },
{ "theyosh.nl", true },
+ { "theyourbittorrent.com", true },
{ "thezero.org", true },
{ "thezillersathenshotel.com", true },
{ "thiagohersan.com", true },
- { "thibaultwalle.com", true },
{ "thiepcuoidep.com", true },
{ "thiepxinh.net", true },
{ "thierry-daellenbach.com", true },
{ "thierrybasset.ch", true },
+ { "thietbithoathiem.net", true },
{ "thijmenmathijs.nl", true },
{ "thijsalders.nl", false },
{ "thijsbekke.nl", true },
@@ -37639,6 +38008,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thinkquality.nl", true },
{ "thinkrealty.com", true },
{ "thinktux.net", true },
+ { "thirdbearsolutions.com", true },
{ "thirdgenphoto.co.uk", true },
{ "thiry-automobiles.net", true },
{ "this-server-will-be-the-death-of-me.com", true },
@@ -37656,6 +38026,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thisoldearth.com", true },
{ "thisserver.dontexist.net", true },
{ "thistleandleaves.com", true },
+ { "thitruongsi.com", true },
{ "thm.vn", true },
{ "thole.org", true },
{ "thom4s.info", true },
@@ -37667,6 +38038,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thomas-sammut.com", true },
{ "thomas-schmittner.de", true },
{ "thomas-suchon.fr", true },
+ { "thomas.computer", true },
{ "thomas.love", false },
{ "thomasbeckers.be", true },
{ "thomasbreads.com", false },
@@ -37686,6 +38058,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thomasverhelst.be", true },
{ "thomasvochten.com", true },
{ "thomaswoo.com", true },
+ { "thomien.de", true },
{ "thompsonfamily.cloud", true },
{ "thomsonscleaning.co.uk", true },
{ "thomspooren.nl", true },
@@ -37742,12 +38115,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "thunraz.com", true },
{ "thusoy.com", true },
{ "thuthuatios.com", true },
+ { "thuviensoft.com", true },
{ "thuybich.com", false },
{ "thw-bernburg.de", true },
{ "thxandbye.de", true },
{ "thycotic.ru", true },
{ "thyngster.com", true },
- { "thynx.io", true },
{ "thzone.net", true },
{ "ti-pla.net", true },
{ "ti-planet.org", true },
@@ -37759,6 +38132,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tibicinagarricola.com", true },
{ "tibipg.com", true },
{ "tibovanheule.space", true },
+ { "ticfleet.com", true },
+ { "tichieru.pw", true },
{ "ticketassist.nl", true },
{ "ticketdriver.com", true },
{ "ticketluck.com", true },
@@ -37783,6 +38158,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tier-1-entrepreneur.com", true },
{ "tierarztpraxis-bogenhausen.de", true },
{ "tierarztpraxis-weinert.de", true },
+ { "tierraprohibida.net", true },
{ "ties.com", true },
{ "tiew.pl", true },
{ "tifan.net", true },
@@ -37801,6 +38177,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tik.edu.ee", true },
{ "tik.help", true },
{ "tiki-god.co.uk", true },
+ { "tilde.institute", true },
{ "tildes.net", true },
{ "tildesnyder.com", true },
{ "tilesbay.com", true },
@@ -37834,15 +38211,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "time2choose.com", true },
{ "timeauction.hk", true },
{ "timebox.tk", true },
+ { "timebutler.de", true },
{ "timeglass.de", true },
{ "timeless-photostudio.com", true },
{ "timelessskincare.co.uk", true },
+ { "timelockstash.com", true },
{ "timetech.io", true },
{ "timetotrade.com", true },
{ "timewasters.nl", true },
{ "timewk.cn", true },
{ "timfiedler.net", true },
- { "timhieuthuoc.com", true },
{ "timi-matik.hu", true },
{ "timing.com.br", true },
{ "timjk.de", true },
@@ -37860,6 +38238,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "timtj.ca", true },
{ "timvivian.ca", true },
{ "timweb.ca", true },
+ { "timx.uk", true },
{ "timysewyn.be", true },
{ "tina-zander.de", true },
{ "tina.media", true },
@@ -37909,6 +38288,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tis.ph", true },
{ "tischlerei-klettke.de", true },
{ "tissot-mayenfisch.com", true },
+ { "tisvapo.it", true },
{ "tit-cdn.de", true },
{ "tit-dev.de", true },
{ "tit-dns.de", true },
@@ -37924,7 +38304,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "titouan.co", false },
{ "tittelbach.at", true },
{ "titusetcompagnies.net", true },
- { "tivido.nl", true },
{ "tiwag.at", true },
{ "tixeconsulting.com", true },
{ "tixify.com", true },
@@ -37939,8 +38318,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tkanemoto.com", true },
{ "tkat.ch", true },
{ "tkgpm.com", true },
+ { "tkirch.de", true },
{ "tkjg.fi", true },
{ "tkn.me", true },
+ { "tkn.tokyo", true },
{ "tkusano.jp", true },
{ "tkw01536.de", false },
{ "tl.gg", true },
@@ -37952,7 +38333,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tlo.xyz", true },
{ "tloxygen.com", true },
{ "tls-proxy.de", true },
- { "tls.builders", true },
{ "tls.care", true },
{ "tls1914.org", true },
{ "tlsrobot.se", true },
@@ -37960,6 +38340,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tlumaczenie.com", true },
{ "tlyphed.net", true },
{ "tlys.de", true },
+ { "tm80plus.com", true },
{ "tmakiguchi.org", true },
{ "tmas.dk", true },
{ "tmberg.cf", true },
@@ -37989,7 +38370,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tnl.cloud", true },
{ "tntmobi.com", true },
{ "tny.link", true },
- { "toabsentfamily.com", true },
{ "toad.ga", true },
{ "toast.al", false },
{ "tob-rulez.de", true },
@@ -37997,8 +38377,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tobedo.net", true },
{ "tober-cpag.de", true },
{ "tobi-mayer.de", true },
- { "tobi-server.goip.de", true },
- { "tobi-videos.goip.de", true },
{ "tobias-bauer.de", true },
{ "tobias-haenel.de", true },
{ "tobias-kleinmann.de", true },
@@ -38017,6 +38395,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tobiassachs.de", true },
{ "tobiassattler.com", true },
{ "tobiaswiese.com", true },
+ { "tobiaswiese.eu", true },
+ { "tobiaswiese.org", true },
+ { "tobiaswiese.work", true },
{ "tobiemilford.com", true },
{ "tobis-rundfluege.de", true },
{ "tobischo.de", true },
@@ -38024,6 +38405,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tobyalden.com", true },
{ "tobyx.com", true },
{ "tobyx.de", true },
+ { "tobyx.eu", true },
{ "tobyx.net", true },
{ "tobyx.org", true },
{ "tocaro.im", true },
@@ -38046,6 +38428,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "toeightycountries.com", true },
{ "toekomstperspectief.be", true },
{ "toerclub-ing-arnhem.nl", true },
+ { "toerschaatsenknsb.nl", true },
{ "toetsplatform.be", true },
{ "tofe.io", true },
{ "tofliving.nl", true },
@@ -38055,14 +38438,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "toheb.de", false },
{ "tohochofu-sportspark.com", true },
{ "tohokinemakan.tk", true },
- { "tohokufd.com", true },
+ { "toihoctiengtrung.com", true },
{ "tokaido-kun.jp", true },
{ "tokaido.com", true },
{ "tokainafb.net", true },
{ "tokainakurasi.net", true },
- { "tokbijouxs.com.br", true },
{ "tokenmarket.net", true },
{ "tokens.net", true },
+ { "tokfun.com", true },
{ "tokic.hr", true },
{ "tokinoha.net", true },
{ "tokio.fi", true },
@@ -38102,7 +38485,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tomatenaufdenaugen.de", true },
{ "tomatis-nantes.com", true },
{ "tomaw.net", true },
- { "tomaz.eu", true },
{ "tombaker.me", true },
{ "tombroker.org", true },
{ "tombrossman.com", true },
@@ -38167,7 +38549,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tonermonster.de", true },
{ "tonex.de", true },
{ "tonex.nl", true },
- { "toni-dis.ch", true },
{ "tonifarres.net", true },
{ "tonigallagherinteriors.com", true },
{ "tonkayagran.com", true },
@@ -38232,6 +38613,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "topeyelashenhancerserumreviews.com", true },
{ "topfivepercent.co.uk", true },
{ "topgshop.ru", true },
+ { "tophat.studio", true },
{ "topicdesk.com", true },
{ "topicit.net", true },
{ "topirishcasinos.com", true },
@@ -38239,6 +38621,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "topkek.ml", true },
{ "toplist.cz", true },
{ "toplist.eu", true },
+ { "toplist.sk", true },
{ "topnotepad.com", true },
{ "topodin.com", true },
{ "toponlinecasinosites.co.uk", true },
@@ -38263,6 +38646,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "torfbahn.de", true },
{ "torg-room.ru", true },
{ "torkware.com", true },
+ { "torlock.com", true },
+ { "torlock.host", true },
+ { "torlock.icu", true },
+ { "torlock.pw", true },
+ { "torlock2.com", true },
{ "tormakristof.eu", true },
{ "tormentedradio.com", false },
{ "torn1.se", true },
@@ -38271,11 +38659,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "torontoaccesscontrol.com", true },
{ "torontocorporatelimo.services", true },
{ "torontostarts.com", true },
+ { "toros.co", true },
+ { "toros2.com", true },
{ "torproject.org", false },
{ "torprojects.com", true },
{ "torquato.de", false },
{ "torrent.fedoraproject.org", true },
{ "torrent.is", true },
+ { "torrent.tm", true },
+ { "torrentfunk.host", true },
+ { "torrentfunk.icu", true },
+ { "torrentfunk.pw", true },
+ { "torrentfunk2.com", true },
{ "torrentpier.me", true },
{ "torrentz2.al", true },
{ "torresygutierrez.com", true },
@@ -38287,18 +38682,19 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "torte.roma.it", true },
{ "tortoises-turtles.com", true },
{ "tortugan.com.br", true },
- { "tosainu.com.br", true },
{ "tosamja.net", true },
{ "toscer.me", false },
{ "toschool.com.br", true },
{ "toshen.com", true },
{ "toshkov.com", true },
+ { "toskana-appartement.de", false },
{ "tosolini.info", true },
{ "tosostav.cz", true },
{ "tosteberg.se", true },
{ "tostu.de", true },
{ "tot-radio.com", true },
- { "totaku.ru", true },
+ { "totaku.ru", false },
+ { "totalaccess.com.ua", true },
{ "totalbike.com.br", true },
{ "totalcarcheck.co.uk", true },
{ "totalchecklist.com", true },
@@ -38320,6 +38716,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "touchoflife.in", true },
{ "touchscreentills.com", true },
{ "touchstone.io", true },
+ { "touchsupport.com", true },
{ "touchtable.nl", true },
{ "touchweb.fr", true },
{ "touchwoodtrees.com.au", true },
@@ -38331,7 +38728,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tourgest.net", true },
{ "tourify.me", true },
{ "tourismwithme.com", true },
- { "tourispo.com", true },
{ "tournamentmgr.com", true },
{ "tournevis.ch", true },
{ "toursthatmatter.com", true },
@@ -38342,6 +38738,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "toushi-return.xyz", true },
{ "toushi-shakkin.com", true },
{ "touslesdrivers.com", true },
+ { "tout-art.ch", true },
+ { "toutart.ch", true },
{ "toutelathailande.fr", true },
{ "toutenmusic.fr", true },
{ "toutmonexam.fr", true },
@@ -38356,7 +38754,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "toutvendre.us", true },
{ "tovare.com", true },
{ "toverland-tickets.nl", true },
- { "tovp.org", true },
{ "towandalibrary.org", true },
{ "tower.land", true },
{ "townandcountryus.com", true },
@@ -38369,7 +38766,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "toycu.de", true },
{ "toymagazine.com.br", true },
{ "toyota-kinenkan.com", true },
- { "toysale.by", true },
+ { "toysale.by", false },
{ "toysperiod.com", true },
{ "tp-iryuubun.com", true },
{ "tp-kabushiki.com", true },
@@ -38397,13 +38794,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "traceroute.guru", true },
{ "traceroute.link", true },
{ "traceroute.network", true },
+ { "traces.ml", true },
{ "tracetracker.no", true },
{ "tracfinancialservices.com", true },
{ "tracinsurance.com", true },
+ { "track.plus", true },
{ "trackchair.com", true },
{ "trackdomains.com", true },
{ "trackersimulator.org", true },
{ "trackeye.dk", true },
+ { "tracking.best", true },
{ "trackingstream.com", true },
{ "trackrecordpro.co.uk", true },
{ "tracksa.com.ar", true },
@@ -38432,6 +38832,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trafarm.ro", true },
{ "trafas.nl", true },
{ "traffic.az", true },
+ { "trafficmanager.com", true },
{ "trafficmanager.ltd", true },
{ "trafficmanager.xxx", true },
{ "trafficmgr.cn", true },
@@ -38482,6 +38883,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trajano.net", true },
{ "trajectfoto.nl", true },
{ "trajectvideo.nl", true },
+ { "trakkr.tk", true },
+ { "tramclub-basel.ch", true },
{ "tran.pw", true },
{ "trance-heal.com", true },
{ "trance-heal.de", true },
@@ -38490,6 +38893,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tranceheal.de", true },
{ "tranceheal.me", true },
{ "trangcongnghe.com", true },
+ { "trangell.com", true },
{ "tranglenull.xyz", true },
{ "tranhsondau.net", false },
{ "tranquillity.se", true },
@@ -38531,6 +38935,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "transoil.co.uk", true },
{ "transpak-cn.com", true },
{ "transparentcorp.com", true },
+ { "transport.eu", true },
{ "transporta.it", true },
{ "transporterlock.com", true },
{ "transumption.com", true },
@@ -38550,8 +38955,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "travador.com", true },
{ "travaux-toiture-idf.fr", true },
{ "travel-dealz.de", true },
- { "travel-to-nature.ch", true },
- { "travel.co.za", true },
{ "travel365.it", true },
{ "travelarmenia.org", true },
{ "traveleets.com", true },
@@ -38575,8 +38978,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trea98.org", true },
{ "treaslockbox.gov", true },
{ "trebarov.cz", true },
+ { "trebek.club", true },
{ "tree0.xyz", true },
- { "treebaglia.xyz", true },
{ "treehouseresort.nl", true },
{ "trees.chat", true },
{ "treeschat.com", true },
@@ -38624,13 +39027,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tribly.de", true },
{ "tribut.de", true },
{ "tributh.cf", true },
+ { "tributh.ga", true },
+ { "tributh.gq", true },
+ { "tributh.ml", true },
{ "tributh.net", true },
+ { "tributh.tk", true },
{ "tricefy4.com", true },
{ "triciaree.com", true },
{ "trident-online.de", true },
{ "trietment.com", true },
{ "trigardon-rg.de", true },
{ "trik.es", false },
+ { "trilex.be", true },
{ "trilithsolutions.com", true },
{ "trillian.im", true },
{ "trilliumvacationrentals.ca", true },
@@ -38642,20 +39050,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trineco.com", true },
{ "trineco.fi", true },
{ "tringavillasyala.com", true },
- { "trink-und-partyspiele.de", true },
{ "trinnes.net", true },
{ "trio.online", true },
{ "triop.se", true },
{ "trior.net", true },
{ "triplekeys.net", true },
{ "tripolistars.com", true },
- { "tripout.tech", true },
{ "tripp.xyz", true },
{ "tripseats.com", true },
{ "tripsinc.com", true },
{ "trisect.eu", true },
{ "trish-mcevoy.ru", true },
- { "triticeaetoolbox.org", true },
{ "trix360.com", true },
{ "trixexpressweb.nl", true },
{ "triz.co.uk", true },
@@ -38670,6 +39075,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "trollope-apollo.com", true },
{ "trommelwirbel.com", true },
{ "tronatic-studio.com", true },
+ { "tronmeo.com", true },
{ "troomcafe.com", true },
{ "troopaid.info", true },
{ "trophee-discount.com", true },
@@ -38695,6 +39101,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "true-itk.de", true },
{ "trueachievements.com", true },
{ "trueassignmenthelp.co.uk", true },
+ { "trueblueessentials.com", true },
{ "trueduality.net", true },
{ "truehempculture.com.au", true },
{ "trueinstincts.ca", true },
@@ -38730,6 +39137,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "truyenfull.vn", true },
{ "trw-reseller.com", true },
{ "try2admin.pw", true },
+ { "try2services.cm", true },
{ "trybabyschoice.com", true },
{ "trybooking.com", true },
{ "tryfabulousskincream.com", true },
@@ -38782,6 +39190,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ttclub.fr", true },
{ "ttdsevaonline.com", true },
{ "ttll.de", true },
+ { "ttrade.ga", true },
{ "ttsoft.pl", true },
{ "ttsweb.org", true },
{ "ttt.tt", true },
@@ -38799,6 +39208,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tubepro.de", true },
{ "tubs4fun.co.uk", true },
{ "tubul.net", true },
+ { "tucepihotelalga.com", true },
{ "tucny.com", true },
{ "tucsonfcu.com", true },
{ "tucsonpcrepair.com", true },
@@ -38816,11 +39226,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tuitle.com", true },
{ "tuja.hu", true },
{ "tulumplayarealestate.com", true },
- { "tumagiri.net", true },
{ "tumblenfun.com", true },
{ "tumedico.es", true },
{ "tumelum.de", true },
- { "tumutanzi.com", true },
{ "tunai.id", true },
{ "tunaut.com", true },
{ "tune-web.de", true },
@@ -38843,6 +39251,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "turigum.com", true },
{ "turismodubrovnik.com", true },
{ "turkish.dating", true },
+ { "turkiyen.com", true },
+ { "turkrock.com", true },
{ "turl.pl", true },
{ "turnaroundforum.de", true },
{ "turncircles.com", true },
@@ -38872,7 +39282,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tuversionplus.com", true },
{ "tuwaner.com", true },
{ "tuxcloud.net", true },
- { "tuxflow.de", false },
{ "tuxgeo.com", false },
{ "tuxie.com", true },
{ "tuxlife.net", true },
@@ -38894,6 +39303,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tverskaya-outlet.ru", true },
{ "tvhshop.be", true },
{ "tvipper.com", true },
+ { "tvlanguedoc.com", true },
{ "tvleaks.se", true },
{ "tvlplus.net", true },
{ "tvseries.info", true },
@@ -38939,8 +39349,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tworaz.net", true },
{ "twtimmy.com", true },
{ "twtremind.com", true },
- { "twun.io", true },
- { "twuni.org", true },
{ "txcap.org", true },
{ "txdivorce.org", true },
{ "txi.su", true },
@@ -38951,18 +39359,22 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tyche.io", true },
{ "tycho.org", true },
{ "tycom.cz", true },
+ { "tyil.nl", true },
{ "tyil.work", true },
{ "tykeplay.com", true },
{ "tyler.rs", true },
{ "tylerdavies.net", true },
{ "tylerfreedman.com", true },
- { "tylerharcourt.net", true },
+ { "tylerharcourt.ca", true },
+ { "tylerharcourt.com", true },
+ { "tylerharcourt.org", true },
{ "tyleromeara.com", true },
{ "tylerschmidtke.com", true },
{ "typcn.com", true },
{ "typeblog.net", true },
{ "typecodes.com", true },
{ "typeof.pw", true },
+ { "typeonejoe.com", true },
{ "typeria.net", true },
{ "typewolf.com", true },
{ "typewritten.net", true },
@@ -38980,6 +39392,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "tyuo-keibi.co.jp", true },
{ "tzermias.gr", true },
{ "tzifas.com", true },
+ { "u-he.com", true },
{ "u-martfoods.com", true },
{ "u-tokyo.club", true },
{ "u.nu", true },
@@ -38999,9 +39412,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "u4mh-dev-portal.azurewebsites.net", true },
{ "u5.re", true },
{ "u5b.de", false },
+ { "u5eu.com", true },
{ "u5r.nl", true },
{ "ua.search.yahoo.com", false },
- { "uaci.edu.mx", true },
{ "uae-company-service.com", true },
{ "uangteman.com", true },
{ "uasmi.com", true },
@@ -39013,7 +39426,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uberbkk.com", true },
{ "uberboxen.net", true },
{ "uberestimator.com", true },
- { "ubertt.org", true },
+ { "ubermail.me", true },
{ "uberwald.de", true },
{ "uberwald.ws", true },
{ "ubezpieczeniepsa.com", true },
@@ -39042,71 +39455,44 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "udomain.net", true },
{ "udp.sh", false },
{ "udruga-point.hr", true },
+ { "udsocial.com", true },
{ "udvoukocek.eu", true },
{ "ueba1085.jp", true },
{ "ueberdosis.io", true },
{ "ueberwachungspaket.at", true },
{ "uedaviolin.com", true },
{ "uefeng.com", true },
- { "uel-thompson-okanagan.ca", true },
{ "ueni.com", true },
{ "uevan.com", true },
{ "uex.im", true },
{ "ufanisi.mx", true },
{ "ufindme.at", true },
+ { "ufocentre.com", true },
{ "ufplanets.com", true },
{ "ugb-verlag.de", true },
{ "uggedal.com", true },
{ "ugx-mods.com", true },
{ "uhappy1.com", true },
- { "uhappy11.com", true },
{ "uhappy2.com", true },
- { "uhappy21.com", true },
{ "uhappy22.com", true },
- { "uhappy23.com", true },
- { "uhappy24.com", true },
- { "uhappy25.com", true },
- { "uhappy26.com", true },
- { "uhappy27.com", true },
- { "uhappy28.com", true },
- { "uhappy29.com", true },
- { "uhappy3.com", true },
{ "uhappy30.com", true },
- { "uhappy31.com", true },
- { "uhappy33.com", true },
{ "uhappy50.com", true },
- { "uhappy55.com", true },
- { "uhappy56.com", true },
{ "uhappy57.com", true },
- { "uhappy58.com", true },
- { "uhappy59.com", true },
{ "uhappy6.com", true },
- { "uhappy60.com", true },
- { "uhappy61.com", true },
- { "uhappy62.com", true },
- { "uhappy66.com", true },
- { "uhappy67.com", true },
- { "uhappy71.com", true },
- { "uhappy73.com", true },
- { "uhappy74.com", true },
- { "uhappy75.com", true },
- { "uhappy76.com", true },
- { "uhappy77.com", true },
- { "uhappy78.com", true },
+ { "uhappy69.com", true },
+ { "uhappy70.com", true },
+ { "uhappy72.com", true },
{ "uhappy79.com", true },
- { "uhappy8.com", true },
+ { "uhappy80.com", true },
+ { "uhappy81.com", true },
{ "uhappy82.com", true },
{ "uhappy83.com", true },
{ "uhappy85.com", true },
- { "uhappy86.com", true },
{ "uhappy88.com", true },
- { "uhappy9.com", true },
{ "uhappy90.com", true },
- { "uhappy99.com", true },
{ "uhc.gg", true },
{ "uhlhosting.ch", true },
{ "uhrenlux.de", true },
- { "uhssl.com", true },
{ "uhurl.net", true },
{ "ui8.net", true },
{ "uiberlay.cz", true },
@@ -39153,7 +39539,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ultimateanu.com", true },
{ "ultimatemafia.net", true },
{ "ultraseopro.com", true },
- { "ultrasite.tk", true },
{ "ultratech.software", true },
{ "ultratechlp.com", true },
{ "ultrautoparts.com.au", true },
@@ -39164,11 +39549,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "umenlisam.com", true },
{ "umisonoda.com", true },
{ "umsapi.com", true },
- { "umwandeln-online.de", true },
{ "un-framed.co.za", true },
{ "un-zero-un.fr", true },
{ "un.fo", true },
- { "unapolegetic.co", true },
{ "unapp.me", true },
{ "unatco.noip.me", true },
{ "unausa.com.br", true },
@@ -39199,7 +39582,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uncensoreddns.dk", true },
{ "uncensoreddns.org", true },
{ "undeadbrains.de", true },
- { "undecidable.de", true },
{ "undeductive.media", true },
{ "undef.in", false },
{ "underbridgeleisure.co.uk", true },
@@ -39220,7 +39602,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "unfettered.net", false },
{ "unga.dk", true },
{ "ungaeuropeer.se", true },
- { "ungeek.eu", true },
{ "ungeek.fr", true },
{ "ungegamere.dk", true },
{ "unghie.com", true },
@@ -39236,6 +39617,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "unicefkartkidlafirm.pl", true },
{ "unicefkepeslapok.hu", true },
{ "unicefvoscilnice.si", true },
+ { "unicioushop.com", true },
{ "unicolabo.jp", true },
{ "unicorn-systems.net", true },
{ "unicorn.melbourne", true },
@@ -39252,6 +39634,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uniform-agri.com", true },
{ "unijob.com.br", true },
{ "unikoingold.com", true },
+ { "unikrn.space", true },
{ "unila.edu.br", true },
{ "unimbalr.com", true },
{ "unioils.la", true },
@@ -39280,7 +39663,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "unityconsciousnessbooks.com", true },
{ "univercite.ch", true },
{ "univeril.com", false },
- { "univerpack.net", true },
{ "universal-happiness.com", true },
{ "universal.at", true },
{ "universalcarremote.com", true },
@@ -39290,10 +39672,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "univitale.fr", true },
{ "unix.se", true },
{ "unixadm.org", true },
- { "unixapp.ml", true },
{ "unixattic.com", true },
{ "unixforum.org", true },
- { "unixfox.eu", true },
{ "unixtime.date", true },
{ "unkrn.com", true },
{ "unlax.com", true },
@@ -39342,8 +39722,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "upbad.com", true },
{ "upbeatrobot.com", true },
{ "upbeatrobot.eu", true },
+ { "upcambio.com", true },
{ "upd.jp", true },
- { "updatehub.io", true },
+ { "upengo.com", true },
{ "upgamerengine.com", true },
{ "upgamerengine.com.br", true },
{ "upgamerengine.net", true },
@@ -39363,6 +39744,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "upplevelse.com", true },
{ "upr.com.ua", true },
{ "uprint.it", true },
+ { "uprospr.com", true },
{ "uprouteyou.com", true },
{ "upsettunnel.com", true },
{ "upsiteseo.com", true },
@@ -39391,7 +39773,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "urbancreators.dk", true },
{ "urbandance.club", true },
{ "urbanesecurity.com", true },
- { "urbanfi.sh", true },
{ "urbanguerillas.de", true },
{ "urbanhotbed.eu", true },
{ "urbanietz-immobilien.de", true },
@@ -39409,19 +39790,23 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "urcentral.nl", true },
{ "ureka.org", true },
{ "urep.us", true },
- { "urgences-valais.ch", true },
{ "urinedrugtesthq.com", true },
+ { "uriport.com", true },
+ { "uriports.com", true },
{ "uripura.de", true },
{ "urist1011.ru", true },
{ "url.fi", true },
{ "url.fm", true },
{ "url.rw", false },
{ "url0.eu", true },
+ { "urlakite.com", true },
{ "urlaub-busreisen.de", true },
{ "urlaub-leitner.at", true },
+ { "urlgot.com", true },
{ "urlscan.io", true },
{ "urltell.com", true },
{ "urltodomain.com", true },
+ { "urnes.org", true },
{ "urown.net", true },
{ "ursa-minor-beta.org", true },
{ "ursae.co", true },
@@ -39451,12 +39836,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "usbevents.co.uk", true },
{ "usbr.gov", true },
{ "uscloud.nl", true },
+ { "uscurrency.gov", true },
{ "usd.de", true },
{ "usdoj.gov", true },
{ "usds.gov", true },
{ "use.be", true },
{ "usebean.com", true },
- { "usedu.us", true },
+ { "usemusic.com.br", true },
{ "user-re.com", true },
{ "userra.gov", true },
{ "usetypo3.com", true },
@@ -39486,13 +39872,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "usweme.info", true },
{ "uswitch.com", true },
{ "ut-addicted.com", true },
- { "utahfireinfo.gov", true },
+ { "utahblackplate.com", true },
+ { "utahblackplates.com", true },
+ { "utahcanyons.org", true },
{ "utahlocal.net", true },
{ "utahtravelcenter.com", true },
{ "utazas-nyaralas.info", true },
{ "utazine.com", true },
{ "utcast-mate.com", true },
- { "utdsgda.com", true },
{ "utepils.de", true },
{ "utgifter.no", true },
{ "utilia.tools", true },
@@ -39513,7 +39900,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "utw.me", true },
{ "utwente.io", true },
{ "utzon.net", true },
- { "uuid.cf", true },
{ "uuit.nl", true },
{ "uv.uy", true },
{ "uvenuse.cz", true },
@@ -39521,6 +39907,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uw1008.com", true },
{ "uw2333.com", true },
{ "uwac.co.uk", false },
+ { "uwat.cf", true },
{ "uwelilienthal.de", true },
{ "uwsoftware.be", true },
{ "uwvloereruit.nl", true },
@@ -39529,6 +39916,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "uxtechnologist.com", true },
{ "uy.search.yahoo.com", false },
{ "uz.search.yahoo.com", false },
+ { "uzayliyiz.biz", true },
{ "uzaymedya.com.tr", true },
{ "uziregister.nl", true },
{ "uzpirksana.lv", true },
@@ -39548,6 +39936,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "v4s.ro", true },
{ "va-reitartikel.com", true },
{ "va.gov", true },
+ { "va1der.ca", true },
{ "vacationsbyvip.com", true },
{ "vaccines.gov", true },
{ "vacuumpump.co.id", true },
@@ -39578,6 +39967,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "valenciadevops.me", true },
{ "valentin-dederer.de", true },
{ "valentin-sundermann.de", true },
+ { "valentin.ml", true },
{ "valentinberclaz.com", true },
{ "valentineapparel.com", true },
{ "valentineforpresident.com", true },
@@ -39594,7 +39984,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "valika.ee", true },
{ "valis.sx", true },
{ "valkohattu.fi", true },
- { "valkor.pro", true },
{ "valkova.net", true },
{ "vallei-veluwe.nl", true },
{ "valleyautofair.com", true },
@@ -39613,11 +40002,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "valskis.lt", true },
{ "valtlai.fi", true },
{ "valtoaho.com", true },
+ { "valtool.uk", true },
{ "valudo.st", true },
{ "valuechain.me", true },
+ { "valuemyhome.co.uk", true },
+ { "valuemyhome.uk", true },
{ "valueng.com", true },
{ "valueofblog.com", true },
{ "valueseed.net", true },
+ { "valuuttamuunnin.com", true },
+ { "vampire142.fr", true },
{ "vampyrium.net", false },
{ "van11y.net", true },
{ "vanagamsanthai.com", true },
@@ -39648,7 +40042,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vanmalland.com", true },
{ "vannaos.com", true },
{ "vannaos.net", true },
- { "vanohaker.ru", true },
{ "vanouwerkerk.net", true },
{ "vantagepointpreneed.com", true },
{ "vante.me", true },
@@ -39657,15 +40050,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vanvoro.us", false },
{ "vanwunnik.com", true },
{ "vapecrunch.com", true },
- { "vapehour.com", true },
{ "vapensiero.co.uk", true },
{ "vaperolles.ch", true },
{ "vapesense.co.uk", true },
{ "vapesupplies.com.au", true },
+ { "vapex.pl", true },
{ "vaphone.co", true },
{ "vapingdaily.com", true },
{ "vapor.cloud", false },
{ "vapordepot.jp", true },
+ { "varaeventos.com", true },
{ "varalwamp.com", true },
{ "varcare.jp", true },
{ "varden.info", true },
@@ -39729,6 +40123,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vc.gg", true },
{ "vcam.org", true },
{ "vccmurah.net", true },
+ { "vcelin-na-doliku.cz", true },
{ "vcf.gov", true },
{ "vcientertainment.com", false },
{ "vcmi.download", true },
@@ -39737,6 +40132,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vcsjones.codes", true },
{ "vcsjones.com", true },
{ "vcti.cloud", true },
+ { "vctor.net", true },
{ "vd42.net", true },
{ "vda.li", true },
{ "vdanker.net", true },
@@ -39768,9 +40164,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vegekoszyk.pl", true },
{ "vegepa.com", true },
{ "vegetariantokyo.net", true },
+ { "veggie-einhorn.de", true },
{ "veggie-treff.de", true },
{ "vegguide.org", true },
- { "vehicletransportservices.co", true },
{ "veii.de", true },
{ "veil-framework.com", true },
{ "veincenterbrintonlake.com", true },
@@ -39787,6 +40183,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vendreacheter.net", true },
{ "vendserve.eu", true },
{ "veneerssandiego.com", true },
+ { "venenum.org", true },
{ "venev.name", true },
{ "venje.pro", true },
{ "ventajasdesventajas.com", true },
@@ -39802,7 +40199,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "venturum.net", true },
{ "ventzke.com", true },
{ "venuedriver.com", true },
- { "venusbymariatash.com", true },
{ "ver.ma", true },
{ "vera.bg", true },
{ "veramagazine.jp", true },
@@ -39820,7 +40216,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "verfassungsklage.at", true },
{ "verge.capital", true },
{ "vergelijksimonly.nl", true },
- { "vergessen.cn", true },
{ "verhovs.ky", false },
{ "veri2.com", true },
{ "verifalia.com", true },
@@ -39859,6 +40254,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "versalhost.com", true },
{ "versalhost.nl", true },
{ "versbesteld.nl", true },
+ { "verschurendegroot.nl", true },
{ "verses.space", true },
{ "versicherungen-werner-hahn.de", true },
{ "versicherungskontor.net", true },
@@ -39867,6 +40263,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "verstraetenusedcars.be", true },
{ "vertebrates.com", true },
{ "verteilergetriebe.info", true },
+ { "verticrew.com", true },
{ "vertigo.name", false },
{ "vertner.net", true },
{ "vertrieb-strategie.de", true },
@@ -39875,11 +40272,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "verwayen.com", true },
{ "very-kids.fr", true },
{ "veryapt.com", true },
- { "veryimportantusers.com", true },
{ "verymelon.de", true },
{ "verymetal.nl", true },
{ "verzekeringencambier.be", true },
{ "verzekeringsacties.nl", true },
+ { "verzick.com", true },
{ "vescudero.net", true },
{ "veslosada.com", true },
{ "vespacascadia.com", true },
@@ -39933,26 +40330,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vicicode.com", true },
{ "vicjuwelen-annelore.be", true },
{ "victora.com", true },
+ { "victorblomberg.se", true },
{ "victorcanera.com", true },
{ "victordiaz.me", true },
- { "victoreriksson.ch", true },
- { "victoreriksson.co", true },
- { "victoreriksson.com", true },
- { "victoreriksson.eu", true },
- { "victoreriksson.info", true },
- { "victoreriksson.me", true },
- { "victoreriksson.net", true },
- { "victoreriksson.nu", true },
- { "victoreriksson.org", true },
- { "victoreriksson.se", true },
- { "victoreriksson.us", true },
{ "victorgbustamante.com", true },
{ "victorhawk.com", true },
{ "victoriaartist.ru", true },
{ "victoriastudio.ru", true },
{ "victorjacobs.com", true },
{ "victornet.de", true },
- { "victornilsson.pw", true },
{ "victoroilpress.com", true },
{ "victorricemill.com", true },
{ "victory.radio", true },
@@ -39966,6 +40352,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vidarity.com", true },
{ "vidbooster.com", true },
{ "vide-greniers.org", false },
+ { "videobrochuresmarketing.com", true },
{ "videogamesartwork.com", true },
{ "videojuegos.com", true },
{ "videokaufmann.at", true },
@@ -39994,6 +40381,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vietnamluxurytravelagency.com", true },
{ "vietnamphotoblog.com", true },
{ "vietnamwomenveterans.org", true },
+ { "vietplan.vn", true },
{ "vieux.pro", true },
{ "viewbook.com", true },
{ "viewey.com", true },
@@ -40022,7 +40410,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vikaviktoria.com", true },
{ "viking-style.ru", true },
{ "vikings.net", true },
- { "vikodek.com", true },
{ "viktorbarzin.me", true },
{ "viktorprevaric.eu", true },
{ "vila-eden.cz", true },
@@ -40054,6 +40441,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vinahost.vn", true },
{ "vinarstvimodryhrozen.cz", true },
{ "vincentcox.com", false },
+ { "vincentiliano.tk", true },
{ "vincentoshana.com", true },
{ "vincentpancol.com", true },
{ "vincentswordpress.nl", true },
@@ -40062,11 +40450,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vincitraining.com", true },
{ "vinetech.co.nz", true },
{ "vingt.me", true },
- { "vinigas.com", true },
{ "vinilosdecorativos.net", true },
{ "vinistas.com", true },
{ "vinner.com.au", true },
- { "vinnie.gq", true },
{ "vinnyandchristina.com", true },
{ "vinnyvidivici.com", true },
{ "vinokurov.tk", true },
@@ -40085,10 +40471,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vinticom.ch", true },
{ "vinyculture.com", true },
{ "vinzite.com", true },
+ { "violauotila.fi", true },
{ "violin4fun.nl", true },
{ "vionicbeach.com", true },
+ { "vionicshoes.co.uk", true },
{ "vionicshoes.com", true },
- { "vip4553.com", true },
{ "vip8522.com", true },
{ "vipi.es", true },
{ "viptamin.eu", true },
@@ -40101,7 +40488,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "viralsouls.in", true },
{ "viralsv.com", true },
{ "virgopolymer.com", true },
- { "virial.de", true },
{ "viridis-milites.cz", true },
{ "virtit.fr", true },
{ "virtual.hk", true },
@@ -40129,7 +40515,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vishwashantiyoga.com", true },
{ "visibox.nl", true },
{ "visikom.de", true },
- { "visioflux-premium.com", true },
{ "visionarymedia.nl", true },
{ "visiondirectionaldrilling.com", true },
{ "visionexpress.com", true },
@@ -40158,8 +40543,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "visualmasters.nl", true },
{ "visudira.com", true },
{ "vitahook.pw", true },
- { "vitalamin.com", true },
- { "vitalamin.de", true },
+ { "vitalia.cz", true },
{ "vitalismaatjes.nl", true },
{ "vitalityscience.com", true },
{ "vitalium-therme.de", true },
@@ -40179,10 +40563,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vitra-vcare.co.uk", true },
{ "vitrado.de", true },
{ "vitsoft.by", true },
+ { "viva2000.com", true },
{ "vivaldi-fr.com", true },
{ "vivaldi.club", true },
{ "vivaldi.com", true },
- { "vivamusic.es", true },
{ "vivanosports.com.br", false },
{ "vivatv.com.tw", true },
{ "vivendi.de", true },
@@ -40235,7 +40619,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vm-co.ch", true },
{ "vm0.eu", true },
{ "vmc.co.id", true },
- { "vmem.jp", false },
{ "vmgirls.com", true },
{ "vmhydro.ru", false },
{ "vmis.nl", true },
@@ -40247,6 +40630,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vncg.org", true },
{ "vnd.cloud", true },
{ "vnfs-team.com", true },
+ { "vnpay.vn", true },
{ "vnpem.org", true },
{ "vnvisa.center", true },
{ "vnvisa.ru", true },
@@ -40270,12 +40654,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "voidpay.com", true },
{ "voidptr.eu", true },
{ "voidx.top", true },
+ { "voidzehn.com", true },
{ "voipdigit.nl", true },
{ "voipsun.com", true },
{ "vojtechpavelka.cz", true },
{ "vokativy.cz", true },
{ "vokeapp.com", true },
- { "vokurka.net", true },
{ "volcanconcretos.com", true },
{ "volcano-kazan.ru", true },
{ "volcano-spb.ru", true },
@@ -40322,6 +40706,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vosgym.jp", true },
{ "vosky.fr", true },
{ "vosn.de", true },
+ { "voss-klinik.com", true },
{ "vosselaer.com", true },
{ "vossenack.nrw", true },
{ "vosser.de", true },
@@ -40331,17 +40716,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "votocek.cz", true },
{ "votockova.cz", true },
{ "votoot.com", true },
- { "votre-site-internet.ch", true },
{ "vouchinsurance.sg", true },
{ "vovladikavkaze.ru", true },
{ "vowsy.club", true },
- { "vox.vg", true },
{ "voxfilmeonline.net", true },
{ "voxml.com", true },
{ "voxographe.com", false },
{ "voya.ga", true },
{ "voyage-martinique.fr", true },
{ "voyageforum.com", true },
+ { "voyageofyume.com", true },
{ "voyagesaufildespages.be", true },
{ "voyageschine.com", true },
{ "voyagesdetective.fr", true },
@@ -40351,13 +40735,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vpnpro.com", true },
{ "vpnservice.nl", true },
{ "vpntech.net", true },
+ { "vpsao.org", true },
{ "vpsboard.com", true },
{ "vpsdream.dk", true },
{ "vpsou.com", true },
{ "vpsport.ch", true },
+ { "vpsproj.dynu.net", true },
{ "vpsvz.net", true },
{ "vrandopulo.ru", true },
{ "vrcholovka.cz", true },
+ { "vrcprofile.com", true },
{ "vreaulafacultate.ro", true },
{ "vreeman.com", true },
{ "vretmaskin.se", true },
@@ -40367,6 +40754,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vrijgezellenfeestzwolle.com", true },
{ "vrjetpackgame.com", true },
{ "vroedvrouwella.be", true },
+ { "vroyaltours.com", true },
{ "vrsystem.com.br", true },
{ "vrtak-cz.net", true },
{ "vscale.io", true },
@@ -40385,6 +40773,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vsx.ch", true },
{ "vtaxi.se", true },
{ "vtipe-vylez.cz", true },
+ { "vtt-hautsdefrance.fr", true },
{ "vtuber.art", true },
{ "vuakhuyenmai.vn", true },
{ "vubey.yt", true },
@@ -40392,7 +40781,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vuljespaarpot.nl", true },
{ "vullriede-multimedia.de", true },
{ "vulndetect.com", true },
- { "vulndetect.org", true },
{ "vulnerability.ch", true },
{ "vulners.com", true },
{ "vulns.sexy", true },
@@ -40413,13 +40801,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "vvw-8522.com", true },
{ "vvzero.cf", true },
{ "vvzero.com", true },
+ { "vvzero.me", true },
{ "vwbusje.com", true },
{ "vwfsrentacar.co.uk", true },
{ "vwhcare.com", true },
{ "vwittich.de", true },
{ "vwo.com", true },
{ "vwsoft.de", true },
- { "vww-8522.com", true },
{ "vx.hn", true },
{ "vxstream-sandbox.com", true },
{ "vybeministry.org", true },
@@ -40436,7 +40824,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "w-spotlight.appspot.com", true },
{ "w-w-auto.de", true },
{ "w.wiki", true },
- { "w1221.com", true },
{ "w1n73r.de", true },
{ "w2n.me", true },
{ "w3ctag.org", true },
@@ -40451,6 +40838,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "w889-line.net", true },
{ "w889889.com", true },
{ "w889889.net", true },
+ { "w88info.com", true },
+ { "w88info.win", true },
+ { "w88xinxi.com", true },
{ "w8less.nl", true },
{ "w95.pw", true },
{ "wa-stromerzeuger.de", false },
@@ -40468,6 +40858,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "waffle.at", false },
{ "wafuton.com", true },
{ "wagyu-bader.de", true },
+ { "wahhoi.net", true },
{ "wahidhasan.com", true },
{ "wahlen-bad-wurzach.de", true },
{ "wahlman.org", true },
@@ -40479,6 +40870,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "waigel.org", true },
{ "waikatowebdesigners.com", true },
{ "wains.be", false },
+ { "wait.jp", true },
{ "waiterwheels.com", true },
{ "waits.io", true },
{ "wajtc.com", true },
@@ -40493,7 +40885,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "waldvogel.family", true },
{ "walent.in", true },
{ "walentin.co", true },
- { "waligorska.pl", true },
{ "walk.onl", true },
{ "walkera-fans.de", true },
{ "walkhighlandsandislands.com", true },
@@ -40542,10 +40933,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wangbangyu.gq", true },
{ "wangbangyu.ml", true },
{ "wangbangyu.tk", true },
+ { "wangejiba.com", true },
{ "wangqiliang.cn", true },
{ "wangqiliang.com", true },
{ "wangql.net", true },
{ "wangqr.tk", true },
+ { "wangriwu.com", true },
{ "wangtanzhang.com", true },
{ "wangwill.me", true },
{ "wangyubao.cn", true },
@@ -40553,7 +40946,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wangzuan168.cc", true },
{ "wanlieyan.com", true },
{ "wannaridecostarica.com", true },
+ { "wanvi.net", false },
{ "wanybug.cf", true },
+ { "wanybug.com", true },
{ "wanybug.ga", true },
{ "wanybug.gq", true },
{ "wanybug.tk", true },
@@ -40609,7 +41004,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "waterbrook.com.au", true },
{ "waterdogsmokedfish.com", true },
{ "waterdrop.tk", true },
- { "waterfedpole.com", true },
{ "waterleeftinbeek.nl", true },
{ "watermonitor.gov", true },
{ "wateroutlook.com", true },
@@ -40617,7 +41011,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "waterschaplimburg.nl", true },
{ "waterside-residents.org.uk", true },
{ "waterslide-austria.at", true },
- { "watertrails.io", true },
{ "waterworkscondos.com", true },
{ "watfordjc.uk", true },
{ "watoo.tech", true },
@@ -40634,7 +41027,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "waxdramatic.com", true },
{ "waycraze.com", true },
{ "wayfair.de", true },
- { "wayfairertravel.com", true },
+ { "waylandss.com", true },
{ "waynefranklin.com", true },
{ "wayohoo.com", true },
{ "wayohoo.net", true },
@@ -40670,6 +41063,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "we-run-linux.de", true },
{ "we-use-linux.de", true },
{ "weacceptbitcoin.gr", true },
+ { "wealthcentral.com.au", true },
{ "wealthprojector.com", true },
{ "wealthprojector.com.au", true },
{ "wealthreport.com.au", true },
@@ -40688,7 +41082,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "web-apps.tech", true },
{ "web-art.cz", true },
{ "web-design.co.il", true },
- { "web-dl.cc", true },
{ "web-hotel.gr", true },
{ "web-jive.com", true },
{ "web-kouza.com", true },
@@ -40697,7 +41090,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "web-redacteuren.nl", true },
{ "web-siena.it", true },
{ "web-smart.com", true },
- { "web-thinker.ru", true },
{ "web-wave.jp", true },
{ "web.bzh", true },
{ "web.cc", false },
@@ -40715,14 +41107,14 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "webais.ru", true },
{ "webalert.cz", true },
{ "webambacht.nl", true },
- { "webandmore.de", false },
+ { "webandmore.de", true },
{ "webappky.cz", true },
{ "webartex.ru", true },
{ "webbiz.co.uk", true },
{ "webbson.net", false },
{ "webcamtoy.com", true },
{ "webcasinos.com", true },
- { "webcatchers.nl", true },
+ { "webcatchers.nl", false },
{ "webcatechism.com", false },
{ "webclimbers.ch", true },
{ "webcollect.org.uk", true },
@@ -40755,12 +41147,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "webfilings-mirror-hrd.appspot.com", true },
{ "webfilings.appspot.com", true },
{ "webfixers.nl", true },
- { "webfox.com.br", true },
{ "webgap.io", false },
{ "webgarten.ch", true },
{ "webgears.com", true },
{ "webharvest.gov", true },
{ "webhooks.stream", true },
+ { "webhost.guide", true },
{ "webhostingzzp.nl", false },
{ "webhostplan.info", true },
{ "webies.ro", true },
@@ -40795,6 +41187,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "webpostingreviews.com", true },
{ "webproject.rocks", true },
{ "webpubsub.com", true },
+ { "webpulser.com", true },
{ "webqualitat.com.br", true },
{ "webrebels.org", false },
{ "webrentcars.com", true },
@@ -40835,16 +41228,17 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "webtorrent.io", true },
{ "webtrh.cz", true },
{ "webtropia.com", false },
+ { "webukhost.com", true },
{ "webutils.io", true },
{ "webvisum.de", true },
{ "webwednesday.nl", true },
+ { "webwelearn.com", true },
{ "webwinkelexploitatie.nl", true },
{ "webwinkelwestland.nl", true },
{ "webwit.nl", true },
{ "webworkshop.ltd", true },
{ "webxr.today", true },
{ "webyazilimankara.com", true },
- { "webz.one", true },
{ "wechatify.com", true },
{ "weck.alsace", true },
{ "wecleanbins.com", true },
@@ -40881,8 +41275,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wefinanceinc.com", true },
{ "wefitboilers.com", true },
{ "weforgood.org.tw", true },
- { "wegethitched.co.uk", true },
- { "weggeweest.nl", true },
{ "wegonnagetsued.org", true },
{ "wegotcookies.com", true },
{ "wegrzynek.org", true },
@@ -40931,6 +41323,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wellnessever.com", true },
{ "wellsolveit.com", false },
{ "welovecatsandkittens.com", true },
+ { "welovemaira.com", true },
{ "welshccf.org.uk", true },
{ "welteneroberer.de", true },
{ "weltengilde.de", true },
@@ -40957,6 +41350,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "weplaynaked.dk", true },
{ "wer-kommt-her.de", true },
{ "werally.com", true },
+ { "werbe-markt.de", true },
{ "werbe-sonnenbrillen.de", true },
{ "werbeagentur.de", true },
{ "werbedesign-tauber.de", true },
@@ -40999,6 +41393,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wesleywarnell.com", true },
{ "wesoco.de", true },
{ "wesreportportal.com", true },
+ { "wessner.co", true },
{ "wessner.org", true },
{ "west-contemporary.com", true },
{ "west-trans.com.au", true },
@@ -41040,6 +41435,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wette.de", true },
{ "wetten.eu", true },
{ "wevenues.com", true },
+ { "wevg.org", true },
{ "wew881.com", true },
{ "wew882.com", true },
{ "wewin88.com", true },
@@ -41063,7 +41459,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wf-trial-hrd.appspot.com", true },
{ "wfh.ovh", true },
{ "wfh.se", true },
- { "wfl.ro", true },
+ { "wforum.nl", true },
{ "wft-portfolio.nl", true },
{ "wg-steubenstrasse.de", true },
{ "wg3k.us", false },
@@ -41151,7 +41547,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "whitelabelcashback.nl", true },
{ "whitelabeltickets.com", false },
{ "whitepharmacy.co.uk", true },
- { "whiterose.goip.de", true },
{ "whiteshadowimperium.com", true },
{ "whitewebhosting.co.za", true },
{ "whitewebhosting.com", true },
@@ -41176,9 +41571,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "whoiswp.com", true },
{ "wholesalecbd.com", true },
{ "wholesomeharvestbread.com", false },
+ { "whollyskincare.com", true },
{ "whonix.org", true },
{ "whosyourdaddy.ml", true },
{ "whoturgled.com", true },
+ { "whqqq.com", true },
{ "whqtravel.org", false },
{ "whs-music.org", true },
{ "whta.se", true },
@@ -41193,7 +41590,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "whyworldhot.com", true },
{ "whyz1722.tk", true },
{ "wibbe.link", true },
+ { "wiberg.nu", true },
+ { "wicharypawel.com", true },
{ "wichitafoundationpros.com", true },
+ { "wick-machinery.com", true },
+ { "wickelfischfrance.fr", true },
{ "wickrath.net", true },
{ "wideboxmacau.com", false },
{ "widegab.com", true },
@@ -41216,6 +41617,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wieobensounten.de", true },
{ "wifi-hack.com", true },
{ "wifi-names.com", true },
+ { "wifimask.com", true },
{ "wifipineapple.com", true },
{ "wifirst.net", true },
{ "wifree.lv", true },
@@ -41262,7 +41664,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wilcodeboer.me", true },
{ "wild-turtles.com", true },
{ "wildboaratvparts.com", true },
+ { "wildcatdiesel.com.au", true },
{ "wilddogdesign.co.uk", true },
+ { "wildercerron.com", true },
{ "wildewood.ca", true },
{ "wildlifeadaptationstrategy.gov", true },
{ "wildnisfamilie.net", true },
@@ -41290,6 +41694,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "williamscomposer.com", true },
{ "williamsonshore.com", true },
{ "williamsportmortgages.com", true },
+ { "williamsroom.com", true },
{ "williamtm.com", true },
{ "willnorris.com", true },
{ "willow.technology", true },
@@ -41315,11 +41720,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "winbuzzer.com", true },
{ "wincasinowin.click", true },
{ "winch-center.de", true },
- { "wind.moe", true },
{ "winddan.nz", true },
{ "windelnkaufen24.de", true },
{ "windforme.com", true },
{ "windowcleaningexperts.net", true },
+ { "windows-support.nu", true },
+ { "windows-support.se", true },
{ "windowslatest.com", true },
{ "windowsnerd.com", true },
{ "windowsnoticias.com", true },
@@ -41396,7 +41802,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wittu.fi", true },
{ "witway.nl", false },
{ "wivoc.nl", true },
- { "wixguide.co", true },
{ "wiz.at", true },
{ "wiz.biz", true },
{ "wiz.farm", true },
@@ -41432,13 +41837,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wmaccess.de", true },
{ "wmfusercontent.org", true },
{ "wmkowa.de", true },
- { "wmustore.com", true },
{ "wnu.com", true },
{ "wo-ist-elvira.net", true },
{ "wo2forum.nl", true },
{ "woah.how", true },
{ "wobble.ninja", true },
{ "wobblywotnotz.co.uk", true },
+ { "woblex.cz", true },
{ "wodinaz.com", true },
{ "wodka-division.de", true },
{ "woelkchen.me", true },
@@ -41475,7 +41880,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wollwerk.org", true },
{ "wolszon.me", true },
{ "woltlab-demo.com", true },
- { "womb.city", true },
{ "wombatalla.com.au", true },
{ "wombatnet.com", true },
{ "wombats.net", true },
@@ -41485,7 +41889,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "womensalespros.com", true },
{ "womenshairlossproject.com", true },
{ "womensmedassoc.com", true },
- { "wonabo.com", true },
{ "wonder.com.mx", false },
{ "wonderbill.com", true },
{ "wonderbits.net", true },
@@ -41496,6 +41899,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wonderlandmovies.de", true },
{ "wondermags.com", true },
{ "wonghome.net", true },
+ { "wooc.org", true },
{ "wood-crafted.co.uk", true },
{ "wood-crafted.uk", true },
{ "woodbury.io", true },
@@ -41541,9 +41945,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "workgrouptech.org", true },
{ "workingclassmedia.com", true },
{ "workinginsync.co.uk", true },
- { "workingmachine.info", true },
{ "worklizard.com", true },
{ "workmart.mx", true },
+ { "worknrby.com", true },
{ "workoptions.com", true },
{ "workraw.com", true },
{ "workray.com", true },
@@ -41555,7 +41959,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "world-lolo.com", true },
{ "worldcareers.dk", true },
{ "worldcigars.com.br", true },
- { "worldcrafts.org", true },
{ "worldcubeassociation.org", true },
{ "worldessays.com", true },
{ "worldeventscalendars.com", true },
@@ -41578,8 +41981,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wort-suchen.de", true },
{ "woshiluo.site", true },
{ "wot-tudasbazis.hu", true },
- { "woti.dedyn.io", true },
{ "wotra-register.com", true },
+ { "wotsunduk.ru", true },
{ "woudenberg.nl", true },
{ "woudenbergsedrukkerij.nl", true },
{ "woufbox.com", true },
@@ -41587,7 +41990,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wouterslop.com", true },
{ "wouterslop.eu", true },
{ "wouterslop.nl", true },
- { "wow-foederation.de", true },
{ "wow-screenshots.net", true },
{ "wowaffixes.info", true },
{ "wowbouncycastles.co.uk", true },
@@ -41613,7 +42015,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wpcharged.nz", true },
{ "wpdirecto.com", true },
{ "wpenhance.com", true },
- { "wpexplainer.com", true },
{ "wpexplorer.com", true },
{ "wpformation.com", true },
{ "wpgoblin.com", true },
@@ -41627,6 +42028,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wpno.com", true },
{ "wpoptimalizace.cz", true },
{ "wpostats.com", false },
+ { "wprodevs.com", true },
{ "wpscans.com", true },
{ "wpsec.nl", true },
{ "wpserp.com", true },
@@ -41643,8 +42045,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wpvulndb.com", true },
{ "wq.ro", true },
{ "wr.su", true },
+ { "wrara.org", true },
{ "wrathofgeek.com", true },
{ "wrc-results.com", true },
+ { "wrd48.net", true },
{ "wrdcfiles.ca", true },
{ "wrdx.io", true },
{ "wrenwrites.com", true },
@@ -41674,11 +42078,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wrp-timber-mouldings.co.uk", true },
{ "wrp.gov", true },
{ "wryoutube.com", true },
+ { "ws-meca.com", true },
{ "wsa.poznan.pl", true },
{ "wsadek.ovh", true },
{ "wsb.pl", true },
{ "wscales.com", false },
{ "wscbiolo.id", true },
+ { "wscore.me", true },
{ "wsdcapital.com", true },
{ "wselektro.de", true },
{ "wsgvet.com", true },
@@ -41703,7 +42109,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wucke13.de", true },
{ "wuerfel.wf", true },
{ "wuerfelmail.de", true },
- { "wufu.org", false },
{ "wug.jp", true },
{ "wug.news", true },
{ "wuifan.com", true },
@@ -41715,23 +42120,25 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "wunderlist.com", true },
{ "wundernas.ch", true },
{ "wundi.net", true },
+ { "wunschpreisauto.de", true },
{ "wunschzettel.de", true },
{ "wuppertal-2018.de", false },
{ "wuppertaler-kurrende.com", false },
{ "wuppertaler-kurrende.de", false },
{ "wutianyi.com", true },
- { "wuwuwu.me", false },
+ { "wuwuwu.me", true },
{ "wuxiaobai.win", true },
{ "wuxiaohen.com", true },
+ { "wuyang.ws", true },
{ "wuyue.photo", true },
{ "wv-n.de", true },
{ "wvg.myds.me", true },
- { "wvw-8522.com", true },
{ "ww0512.com", true },
{ "ww2onlineshop.com", true },
{ "wweforums.net", true },
{ "wweichen.com.cn", true },
{ "wwgc2011.se", true },
+ { "wwjd.dynu.net", true },
{ "wwv-8722.com", true },
{ "www-33445.com", true },
{ "www-49889.com", true },
@@ -41742,7 +42149,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "www-86499.com", true },
{ "www-8722.com", true },
{ "www-9822.com", true },
- { "www-pj009.com", true },
{ "www.aclu.org", false },
{ "www.airbnb.com", true },
{ "www.amazon.ca", true },
@@ -41785,7 +42191,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "www.heliosnet.com", true },
{ "www.honeybadger.io", false },
{ "www.hyatt.com", false },
- { "www.intercom.io", true },
+ { "www.icann.org", false },
{ "www.irccloud.com", false },
{ "www.lastpass.com", false },
{ "www.linode.com", false },
@@ -41882,7 +42288,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xb983.com", true },
{ "xbb.hk", true },
{ "xbb.li", true },
- { "xbertschy.com", true },
{ "xblau.com", true },
{ "xboxdownloadthat.com", true },
{ "xboxlivegoldshop.nl", true },
@@ -41903,6 +42308,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xdawn.cn", true },
{ "xdeftor.com", true },
{ "xdos.io", true },
+ { "xdtag.com", true },
+ { "xdty.org", true },
{ "xecure.zone", true },
{ "xecureit.com", true },
{ "xeedbeam.me", true },
@@ -41911,6 +42318,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xeiropraktiki.gr", true },
{ "xelesante.jp", true },
{ "xendo.net", true },
+ { "xenolith.eu", true },
{ "xenomedia.nl", true },
{ "xenon.cloud", true },
{ "xenoncloud.net", true },
@@ -41937,6 +42345,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xhily.com", true },
{ "xhmikosr.io", true },
{ "xho.me", true },
+ { "xhotlips.date", true },
{ "xia.de", true },
{ "xiamenshipbuilding.com", true },
{ "xiamuzi.com", true },
@@ -41945,9 +42354,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xiangweiqing.co.uk", true },
{ "xiangwenquan.me", true },
{ "xianjianruishiyouyiyuan.com", true },
- { "xiaobude.cn", true },
{ "xiaocg.xyz", true },
- { "xiaofengsky.com", true },
{ "xiaoguo.net", false },
{ "xiaolanglang.net", true },
{ "xiaolong.link", true },
@@ -41969,20 +42376,20 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xilou.org", true },
{ "ximble.com", true },
{ "ximbo.net", true },
- { "xinbo270.com", true },
{ "xinbo676.com", true },
{ "xinboyule.com", true },
{ "xinj.com", true },
{ "xinlandm.com", true },
{ "xinnixdeuren-shop.be", true },
- { "xinplay.net", true },
{ "xinu.xyz", true },
{ "xinuspeed.com", true },
{ "xinuspeedtest.com", true },
{ "xinuurl.com", true },
+ { "xiongx.cn", true },
{ "xjd.vision", true },
{ "xjf6.com", true },
{ "xjjeeps.com", true },
+ { "xjoi.net", true },
{ "xjoin.de", true },
{ "xjpvictor.info", true },
{ "xkblog.xyz", true },
@@ -41993,14 +42400,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xlange.com", true },
{ "xldl.ml", true },
{ "xliang.co", true },
- { "xlui.me", true },
{ "xluxes.jp", true },
{ "xmedius.ca", true },
{ "xmedius.com", false },
{ "xmedius.eu", true },
{ "xmenrevolution.com", true },
+ { "xmflyrk.com", true },
{ "xmine128.tk", true },
{ "xmlbeam.org", true },
+ { "xmlogin288.com", true },
{ "xmodule.org", true },
{ "xmpp.dk", true },
{ "xmppwocky.net", true },
@@ -42017,8 +42425,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--0kq33cz5c8wmwrqqw1d.com", true },
{ "xn--158h.ml", true },
{ "xn--15tx89ctvm.xn--6qq986b3xl", true },
+ { "xn--1yst51avkr.ga", true },
+ { "xn--1yst51avkr.xn--6qq986b3xl", true },
{ "xn--24-6kch4bfqee.xn--p1ai", true },
{ "xn--24-glcia8dc.xn--p1ai", true },
+ { "xn--2sxs9ol7o.com", true },
{ "xn--48jwg508p.net", true },
{ "xn--4dbfsnr.xn--9dbq2a", true },
{ "xn--4kro7fswi.xn--6qq986b3xl", true },
@@ -42027,6 +42438,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--5dbkjqb0d.com", true },
{ "xn--5dbkjqb0d.net", true },
{ "xn--6o8h.cf", true },
+ { "xn--6qq52xuogcjfw8pwqp.ga", true },
+ { "xn--6qq62xsogfjfs8p1qp.ga", true },
{ "xn--6x6a.life", true },
{ "xn--79q87uvkclvgd56ahq5a.net", true },
{ "xn--7ca.co", true },
@@ -42041,7 +42454,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--90accgba6bldkcbb7a.xn--p1acf", true },
{ "xn--allgu-biker-o8a.de", true },
{ "xn--aviao-dra1a.pt", true },
+ { "xn--b3c4f.xn--o3cw4h", true },
{ "xn--baron-bonzenbru-elb.com", true },
+ { "xn--bckerei-trster-5hb11a.de", true },
{ "xn--ben-bank-8za.dk", true },
{ "xn--benbank-dxa.dk", true },
{ "xn--berwachungspaket-izb.at", true },
@@ -42059,12 +42474,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--detrkl13b9sbv53j.com", true },
{ "xn--detrkl13b9sbv53j.org", true },
{ "xn--dmonenjger-q5ag.net", true },
+ { "xn--dmontaa-9za.com", true },
{ "xn--dragni-g1a.de", true },
{ "xn--dtursfest-72a.dk", true },
{ "xn--e1aoahhqgn.xn--p1ai", true },
{ "xn--ecki0cd0bu9a4nsjb.com", true },
- { "xn--eckle6c0exa0b0modc7054g7h8ajw6f.com", true },
{ "xn--ehqw04eq6e.jp", true },
+ { "xn--elsignificadodesoar-c4b.com", true },
{ "xn--erklderbarenben-slbh.dk", true },
{ "xn--et8h.cf", true },
{ "xn--f9jh4f4b4993b66s.tokyo", true },
@@ -42111,15 +42527,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--mgbpkc7fz3awhe.com", true },
{ "xn--mgbuq0c.net", true },
{ "xn--mllers-wxa.info", true },
+ { "xn--mntsamling-0cb.dk", true },
{ "xn--myrepubic-wub.net", true },
{ "xn--myrepublc-x5a.net", true },
{ "xn--n8j7dygrbu0c31a5861bq8qb.com", true },
{ "xn--n8jp5083dnzs.net", true },
{ "xn--n8jtcugp92n4wc738f.net", true },
+ { "xn--nf1a578axkh.xn--fiqs8s", true },
{ "xn--nrrdetval-v2ab.se", true },
{ "xn--o38h.tk", true },
{ "xn--obt757c.com", true },
- { "xn--oiqt18e8e2a.eu.org", true },
{ "xn--p8j9a0d9c9a.xn--q9jyb4c", true },
{ "xn--pbt947am3ab71g.com", true },
{ "xn--pe-bka.ee", true },
@@ -42127,10 +42544,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--q9jb1h5dvcspke3218b9mn4p0c.com", true },
{ "xn--q9ji3c6d.xn--q9jyb4c", true },
{ "xn--qckss0j.tk", true },
- { "xn--qfun83b.ga", true },
{ "xn--r8jzaf7977b09e.com", true },
{ "xn--rdiger-kuhlmann-zvb.de", true },
{ "xn--reisebro-herrsching-bbc.de", true },
+ { "xn--rlcus7b3d.xn--xkc2dl3a5ee0h", true },
{ "xn--roselire-60a.ch", true },
{ "xn--roselire-60a.com", true },
{ "xn--rt-cja.ie", true },
@@ -42155,10 +42572,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xn--v6q426ishax2a.xyz", true },
{ "xn--woistdermlleimer-rzb.de", true },
{ "xn--wq9h.ml", true },
+ { "xn--xft85up3jca.ga", true },
{ "xn--y-5ga.com", true },
{ "xn--y8j148r.xn--q9jyb4c", true },
{ "xn--y8jarb5hca.jp", true },
{ "xn--yrvp1ac68c.xn--6qq986b3xl", true },
+ { "xn--z1tq4ldt4b.com", true },
{ "xn--zettlmeil-n1a.de", true },
{ "xn--zr9h.cf", true },
{ "xn--zr9h.ga", true },
@@ -42168,7 +42587,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xnaas.info", true },
{ "xnet-x.net", true },
{ "xninja.xyz", true },
- { "xnode.org", true },
{ "xntrik.wtf", true },
{ "xnu.kr", true },
{ "xo.tc", true },
@@ -42178,18 +42596,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xombitmusic.com", true },
{ "xone.cz", false },
{ "xonn.de", true },
- { "xoonth.net", true },
{ "xp-ochrona.pl", true },
+ { "xp.nsupdate.info", true },
{ "xp2.de", true },
{ "xpd.se", true },
{ "xperiacode.com", true },
{ "xperidia.com", true },
{ "xpletus.nl", true },
- { "xplore-dna.net", true },
{ "xpoc.pro", true },
{ "xposedornot.com", true },
- { "xps2pdf.co.uk", true },
- { "xps2pdf.info", true },
{ "xqk7.com", true },
{ "xr.cx", true },
{ "xr1s.me", true },
@@ -42247,6 +42662,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "xxiz.com", true },
{ "xxxlbox.com", true },
{ "xxxsuper.net", true },
+ { "xy6161.com", true },
+ { "xy6262.com", true },
+ { "xy6363.com", true },
+ { "xy7171.com", true },
+ { "xy7272.com", true },
+ { "xy7373.com", true },
{ "xyenon.bid", true },
{ "xyfun.net", false },
{ "xywing.com", true },
@@ -42284,6 +42705,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yanaduday.com", true },
{ "yanbao.xyz", true },
{ "yandere.moe", true },
+ { "yangcs.net", true },
{ "yangjingwen.cn", true },
{ "yangmaodang.org", true },
{ "yangmi.blog", true },
@@ -42293,6 +42715,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yannick.cloud", true },
{ "yannik-buerkle.de", true },
{ "yannikbloscheck.com", true },
+ { "yannis.codes", true },
{ "yanovich.net", true },
{ "yanqiyu.info", true },
{ "yans.io", true },
@@ -42310,14 +42733,13 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yaup.tk", true },
{ "yawen.me", true },
{ "yaxim.org", true },
- { "yazaral.com", true },
{ "ybin.me", true },
{ "ybresson.com", true },
{ "ybsul.com", true },
- { "ybt520.com", true },
{ "ybti.net", true },
{ "ybzhao.com", true },
{ "ych.art", true },
+ { "ycherbonnel.fr", true },
{ "ychon.com", true },
{ "ychong.com", true },
{ "yclan.net", true },
@@ -42369,7 +42791,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yenpape.com", true },
{ "yep-pro.ch", true },
{ "yephy.com", true },
- { "yesiammaisey.me", true },
{ "yeskx.com", true },
{ "yeswecan.co.bw", true },
{ "yeswehack.com", true },
@@ -42390,6 +42811,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yhe.me", true },
{ "yhenke.de", true },
{ "yhfou.com", true },
+ { "yhhh.org", true },
{ "yhndnzj.com", true },
{ "yhong.me", true },
{ "yhrd.org", true },
@@ -42397,6 +42819,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yiheng.moe", true },
{ "yii2.cc", true },
{ "yikeyong.com", true },
+ { "yimgo.fr", true },
{ "yinfor.com", true },
{ "yingatech.com", true },
{ "yinglinda.love", true },
@@ -42406,18 +42829,18 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yiyueread.com", true },
{ "yiz96.com", true },
{ "yjsoft.me", true },
+ { "ykhut.com", true },
{ "yksityisyydensuoja.fi", true },
+ { "ylde.de", true },
{ "ylinternal.com", true },
{ "ymarion.de", true },
{ "ymblaw.com", true },
{ "ymoah.nl", true },
{ "ymtsonline.org", true },
{ "ynnovasport.be", true },
- { "ynxfh.cn", true },
{ "yoa.st", true },
{ "yoast.com", true },
{ "yobai-grouprec.jp", true },
- { "yobai28.com", true },
{ "yobbelwobbel.de", false },
{ "yobify.com", true },
{ "yoga-alliance-teacher-training.com", true },
@@ -42429,6 +42852,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yogabhawnamission.com", true },
{ "yogacentric.co.uk", true },
{ "yogahealsinc.org", true },
+ { "yogamea.school", true },
{ "yogananda-roma.org", true },
{ "yogaschoolrishikesh.com", true },
{ "yoibyoin.info", true },
@@ -42446,6 +42870,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yongbin.org", true },
{ "yoonas.com", true },
{ "yooooex.com", true },
+ { "yoplate.com", true },
{ "yoppoy.com", true },
{ "yopuedo.co", true },
{ "yoramvandevelde.net", true },
@@ -42453,6 +42878,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yorcool.nl", true },
{ "yorkshiredalesinflatables.co.uk", true },
{ "yorkshireinflatables.co.uk", true },
+ { "yorname.ml", false },
{ "yosbeda.com", true },
{ "yosemo.de", true },
{ "yoshibaworks.com", true },
@@ -42468,9 +42894,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "youareme.ca", true },
{ "youc.ir", true },
{ "youcanfuckoff.xyz", true },
+ { "youcanmakeit.at", true },
{ "youcruit.com", true },
{ "youdungoofd.com", true },
- { "youftp.tk", true },
{ "yougee.ml", true },
{ "youhacked.me", true },
{ "youhavewords.com", true },
@@ -42480,7 +42906,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "youked.com", true },
{ "youkok2.com", true },
{ "youlovehers.com", true },
- { "youmiracle.com", true },
{ "youms.de", true },
{ "young-sheldon.com", true },
{ "youngauthentic.cf", true },
@@ -42492,10 +42917,16 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "youpark.no", true },
{ "youpickfarms.org", true },
{ "your-erotic-stories.com", true },
+ { "your-idc.tk", true },
{ "your-out.com", true },
{ "your-waterserver.com", true },
{ "youracnepro.com", true },
{ "youran.me", true },
+ { "yourbittorrent.com", true },
+ { "yourbittorrent.host", true },
+ { "yourbittorrent.icu", true },
+ { "yourbittorrent.pw", true },
+ { "yourbittorrent2.com", true },
{ "yourbonus.click", true },
{ "yourciso.com", true },
{ "yourcomputer.expert", true },
@@ -42510,6 +42941,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yourskin.nl", true },
{ "yourstake.org", true },
{ "yourticketbooking.com", true },
+ { "yourtrainer.com", true },
{ "yousei.ne.jp", true },
{ "yout.com", true },
{ "youth.gov", true },
@@ -42525,6 +42957,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "ypart.eu", true },
{ "ypid.de", true },
{ "yplanapp.com", true },
+ { "ypse.com.br", true },
{ "yqjf68.com", true },
{ "yr166166.com", true },
{ "yrjanheikki.com", true },
@@ -42544,7 +42977,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yuan.ga", true },
{ "yuanben.io", true },
{ "yuanjiazhao.com", true },
- { "yuanjiazhao.tk", true },
{ "yubi.co", true },
{ "yubicloud.io", true },
{ "yubico.ae", true },
@@ -42601,6 +43033,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yubiking.com", true },
{ "yue.la", true },
{ "yuexiangzs.com", true },
+ { "yugasun.com", true },
{ "yuisyo.ml", true },
{ "yukari.cafe", true },
{ "yukari.cloud", true },
@@ -42616,6 +43049,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yunzhu.li", true },
{ "yuricarlenzoli.it", true },
{ "yurikirin.me", true },
+ { "yurimoens.be", true },
{ "yurisviridov.com", true },
{ "yusa.me", true },
{ "yushi.moe", true },
@@ -42638,8 +43072,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "yvonnehaeusser.de", true },
{ "yvonnethomet.ch", true },
{ "yvonnewilhelmi.com", true },
- { "yxs.me", true },
- { "yxt521.com", true },
{ "yya.me", true },
{ "yyc.city", true },
{ "yyyy.xyz", true },
@@ -42677,6 +43109,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zaclys.com", false },
{ "zafirus.name", true },
{ "zaghyr.org", true },
+ { "zagluszaczgps.pl", true },
{ "zahe.me", true },
{ "zahnaerzte-bohne.de", true },
{ "zahnarzt-duempten.de", true },
@@ -42687,6 +43120,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zajazd.biz", true },
{ "zakariya.blog", true },
{ "zakcutner.uk", true },
+ { "zakelijketaalcursus.nl", true },
+ { "zakelijkgoedengelsleren.nl", true },
{ "zakladam.cz", true },
{ "zakmccrac.de", true },
{ "zakojifarm.jp", true },
@@ -42725,6 +43160,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zbanks.cn", true },
{ "zbrane-doplnky.cz", true },
{ "zbut.bg", true },
+ { "zby.io", true },
{ "zbyga.cz", true },
{ "zbyte.it", true },
{ "zcarot.com", true },
@@ -42743,7 +43179,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zdrojak.cz", true },
{ "zdymak.by", true },
{ "ze3kr.com", true },
- { "zeal-and.jp", true },
{ "zeal-interior.com", true },
{ "zealworks.jp", true },
{ "zebbra.ro", true },
@@ -42752,7 +43187,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zeds-official.com", true },
{ "zeebrieshoekvanholland.nl", true },
{ "zeel.com", true },
- { "zeelynk.com", true },
{ "zeestraten.nl", true },
{ "zeetoppers.nl", true },
{ "zeeuw.nl", true },
@@ -42778,14 +43212,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zenithmedia.ca", true },
{ "zenk-security.com", true },
{ "zenlogic.com", true },
- { "zenmate.com.tr", true },
+ { "zenluxuryliving.com", true },
{ "zennzimie.be", true },
{ "zennzimie.com", true },
{ "zenofa.co.id", true },
- { "zenram.com", true },
{ "zentask.io", true },
{ "zenti.cloud", true },
{ "zenvideocloud.com", true },
+ { "zenvite.com", true },
+ { "zenycosta.com", true },
{ "zephyrbk.com", true },
{ "zephyrbookkeeping.com", true },
{ "zephyretcoraline.com", true },
@@ -42803,7 +43238,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zerossl.com", true },
{ "zerosync.com", true },
{ "zerotoone.de", true },
- { "zertif.info", true },
+ { "zerowastesavvy.com", true },
{ "zertitude.com", true },
{ "zeryn.net", true },
{ "zespia.tw", false },
@@ -42826,7 +43261,9 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zhangge.net", true },
{ "zhanghao.me", true },
{ "zhangheda.cf", true },
+ { "zhangshuqiao.org", true },
{ "zhangsidan.com", true },
+ { "zhangwendao.com", true },
{ "zhangyuhao.com", true },
{ "zhangzifan.com", false },
{ "zhaoeq.com", true },
@@ -42834,6 +43271,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zhaopage.com", true },
{ "zhaoxixiangban.cc", true },
{ "zhcexo.com", true },
+ { "zhdd.pl", true },
{ "zhen-chen.com", true },
{ "zhengjie.com", true },
{ "zhenic.ir", true },
@@ -42844,6 +43282,8 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zhl123.com", true },
{ "zhome.info", true },
{ "zhongzicili.ws", true },
+ { "zhost.io", true },
+ { "zhouba.cz", true },
{ "zhoushuo.me", false },
{ "zhoutiancai.cn", true },
{ "zhovner.com", true },
@@ -42851,7 +43291,6 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zhuihoude.com", true },
{ "zhuji.com", true },
{ "zi.is", true },
- { "ziegler-family.com", true },
{ "ziegler-heizung-frankfurt.de", true },
{ "zielonakarta.com", true },
{ "ziemlich-zackig.de", true },
@@ -42884,14 +43323,15 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zionsvillelocksmiths.com", true },
{ "zip.ch", true },
{ "zipkey.de", true },
- { "ziptie.com", true },
{ "zircode.com", true },
{ "zirka24.net", true },
{ "ziroh.be", true },
+ { "zirrka.de", true },
{ "zirtek.ie", true },
{ "zirtual.com", true },
{ "zitseng.com", true },
{ "zittingskalender.be", true },
+ { "zivagold.com", true },
{ "zivava.ge", true },
{ "zivmergers.com", true },
{ "zivver.be", true },
@@ -42904,7 +43344,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zivyruzenec.cz", true },
{ "zixiao.wang", true },
{ "zizcollections.com", true },
- { "zjuqsc.com", true },
+ { "zjateaucafe.be", true },
{ "zjv.me", true },
{ "zk.com.co", true },
{ "zk.gd", true },
@@ -42950,6 +43390,7 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zollihood.ch", true },
{ "zom.bi", true },
{ "zomerschoen.nl", true },
+ { "zomiac.pp.ua", true },
{ "zonadigital.co", true },
{ "zone-produkte.de", false },
{ "zone39.com", true },
@@ -42966,10 +43407,10 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zook.systems", true },
{ "zoola.io", true },
{ "zoolaboo.de", true },
+ { "zoological-gardens.eu", true },
{ "zoom.earth", true },
{ "zoomcar.pro", true },
{ "zoomek.com", true },
- { "zoomseoservices.com", false },
{ "zooom.azurewebsites.net", true },
{ "zooom2.azurewebsites.net", true },
{ "zoop.ml", true },
@@ -42995,9 +43436,11 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zqwqz.com", true },
{ "zr.is", true },
{ "zravypapir.cz", true },
+ { "zrhdwz.cn", true },
+ { "zrkr.de", true },
{ "zrniecka-pre-sny.sk", true },
{ "zrnieckapresny.sk", true },
- { "zrt.io", true },
+ { "zrt.io", false },
{ "zry-blog.top", true },
{ "zs-ohradni.cz", true },
{ "zs-reporyje.cz", true },
@@ -43006,10 +43449,12 @@ static const nsSTSPreload kSTSPreloadList[] = {
{ "zskomenskeho.cz", true },
{ "zskomenskeho.eu", true },
{ "zsoltsandor.me", true },
+ { "zsq.im", true },
{ "zsrbcs.com", true },
{ "zten.org", true },
{ "ztjuh.tk", true },
{ "zubel.it", false },
+ { "zubr.net", true },
{ "zubro.net", true },
{ "zuefle.net", true },
{ "zug-anwalt.de", true },
--
cgit v1.2.3