bug 1178988 - GenerateOCSPResponse: load certs/keys in two phases r=Cykesiopka

This was initially done to work around a readdir-related bug in the B2G ICS emulator, but then it turned out that test_ocsp_url.js still fails in ways that are unreproducible outside of mozilla-inbound on that platform, so it was disabled (r=sworkman). It's still a good idea, though, to avoid any potential future issues with readdir not being reentrant.
2024-09-13 09:24:08 -07:00 · 2015-07-15 14:12:02 -07:00 · 2015-07-15 14:12:02 -07:00 · 7ac0d92807
commit 7ac0d92807
parent 359bd103d4
2 changed files with 24 additions and 3 deletions
--- a/security/manager/ssl/tests/unit/tlsserver/cmd/GenerateOCSPResponse.cpp
+++ b/security/manager/ssl/tests/unit/tlsserver/cmd/GenerateOCSPResponse.cpp
@ -10,6 +10,8 @@
 */

 #include <stdio.h>
+#include <string>
+#include <vector>

 #include "mozilla/ArrayUtils.h"

@ -290,17 +292,34 @@ InitializeNSS(const char* nssCertDBDir)
    PrintPRError("PR_OpenDir failed");
    return SECFailure;
  }
+  // On the B2G ICS emulator, operations taken in AddCertificateFromFile or
+  // AddKeyFromFile appear to interact poorly with readdir (more specifically,
+  // something is causing readdir to never return null - it indefinitely loops
+  // through every file in the directory, which causes timeouts). Rather than
+  // waste more time chasing this down, loading certificates and keys happens in
+  // two phases: filename collection and then loading. (This is probably a good
+  // idea anyway because readdir isn't reentrant. Something could change later
+  // such that it gets called as a result of calling AddCertificateFromFile or
+  // AddKeyFromFile.)
+  std::vector<std::string> certificates;
+  std::vector<std::string> keys;
  for (PRDirEntry* dirEntry = PR_ReadDir(fdDir, PR_SKIP_BOTH); dirEntry;
       dirEntry = PR_ReadDir(fdDir, PR_SKIP_BOTH)) {
    size_t nameLength = strlen(dirEntry->name);
    if (nameLength > 4) {
      if (strncmp(dirEntry->name + nameLength - 4, ".pem", 4) == 0) {
-        AddCertificateFromFile(basePath, dirEntry->name);
+        certificates.push_back(dirEntry->name);
      } else if (strncmp(dirEntry->name + nameLength - 4, ".key", 4) == 0) {
-        AddKeyFromFile(basePath, dirEntry->name);
+        keys.push_back(dirEntry->name);
      }
    }
  }
+  for (std::string& certificate : certificates) {
+    AddCertificateFromFile(basePath, certificate.c_str());
+  }
+  for (std::string& key : keys) {
+    AddKeyFromFile(basePath, key.c_str());
+  }
  return SECSuccess;
 }

--- a/security/manager/ssl/tests/unit/xpcshell.ini
+++ b/security/manager/ssl/tests/unit/xpcshell.ini
@ -110,7 +110,9 @@ requesttimeoutfactor = 2
 [test_ocsp_url.js]
 # OCSP requests in this test time out on slow B2G Emulator debug builds.
 # See Bug 1147725.
-skip-if = toolkit == 'gonk' && debug
+# This test also fails on B2G Emulator opt builds non-reproducibly.
+# See Bug 1178988.
+skip-if = toolkit == 'gonk'
 run-sequentially = hardcoded ports
 [test_ocsp_fetch_method.js]
 # OCSP requests in this test time out on slow B2G Emulator debug builds.