mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
0ccf958b45
== NSS portion == r=rrelyea/wtc for upgrading mozilla-central to cvs tag NSS_3_12_6_BETA1 == This includes reapplying the (merged) patch from bug 519550 on top of NSS. == PSM portion == Includes the patch to disable TLS compression, r=kaie == Include the patch to disable zlib test programs, which don't work on maemo, r=kaie
210 lines
4.5 KiB
INI
210 lines
4.5 KiB
INI
# ***** BEGIN LICENSE BLOCK *****
|
|
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
|
#
|
|
# The contents of this file are subject to the Mozilla Public License Version
|
|
# 1.1 (the "License"); you may not use this file except in compliance with
|
|
# the License. You may obtain a copy of the License at
|
|
# http://www.mozilla.org/MPL/
|
|
#
|
|
# Software distributed under the License is distributed on an "AS IS" basis,
|
|
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
# for the specific language governing rights and limitations under the
|
|
# License.
|
|
#
|
|
# The Original Code is the Network Security Services (NSS)
|
|
#
|
|
# The Initial Developer of the Original Code is Sun Microsystems, Inc.
|
|
# Portions created by the Initial Developer are Copyright (C) 2009
|
|
# the Initial Developer. All Rights Reserved.
|
|
#
|
|
# Contributor(s):
|
|
# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems
|
|
#
|
|
# Alternatively, the contents of this file may be used under the terms of
|
|
# either the GNU General Public License Version 2 or later (the "GPL"), or
|
|
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
|
|
# in which case the provisions of the GPL or the LGPL are applicable instead
|
|
# of those above. If you wish to allow use of your version of this file only
|
|
# under the terms of either the GPL or the LGPL, and not to allow others to
|
|
# use your version of this file under the terms of the MPL, indicate your
|
|
# decision by deleting the provisions above and replace them with the notice
|
|
# and other provisions required by the GPL or the LGPL. If you do not delete
|
|
# the provisions above, a recipient may use your version of this file under
|
|
# the terms of any one of the MPL, the GPL or the LGPL.
|
|
#
|
|
# ***** END LICENSE BLOCK *****
|
|
|
|
scenario OCSP
|
|
|
|
check_ocsp OCSPEE11:x
|
|
|
|
db OCSPRoot
|
|
import OCSPRoot:x:CT,C,C
|
|
|
|
db OCSPCA1
|
|
import_key OCSPCA1
|
|
|
|
crl OCSPCA1
|
|
|
|
revoke OCSPCA1
|
|
serial 3
|
|
|
|
revoke OCSPCA1
|
|
serial 4
|
|
|
|
testdb OCSPRoot
|
|
|
|
#EE - OK, CA - OK
|
|
verify OCSPEE11:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_flags requireFreshInfo
|
|
rev_mtype ocsp
|
|
result pass
|
|
|
|
#EE - revoked, CA - OK
|
|
verify OCSPEE12:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_flags requireFreshInfo
|
|
rev_mtype ocsp
|
|
result fail
|
|
|
|
#EE - unknown
|
|
verify OCSPEE15:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
result pass
|
|
|
|
#EE - unknown, requireFreshInfo
|
|
verify OCSPEE15:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_flags requireFreshInfo
|
|
rev_mtype ocsp
|
|
result fail
|
|
|
|
#EE - OK, CA - revoked, leaf, no fresh info
|
|
verify OCSPEE21:x
|
|
cert OCSPCA2:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
result pass
|
|
|
|
#EE - OK, CA - revoked, leaf, requireFreshInfo
|
|
verify OCSPEE21:x
|
|
cert OCSPCA2:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_flags requireFreshInfo
|
|
rev_mtype ocsp
|
|
result fail
|
|
|
|
#EE - OK, CA - revoked, chain, requireFreshInfo
|
|
verify OCSPEE21:x
|
|
cert OCSPCA2:x
|
|
trust OCSPRoot
|
|
rev_type chain
|
|
rev_flags requireFreshInfo
|
|
rev_mtype ocsp
|
|
result fail
|
|
|
|
#EE - OK, CA - unknown
|
|
verify OCSPEE31:x
|
|
cert OCSPCA3:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
result pass
|
|
|
|
#EE - OK, CA - unknown, requireFreshInfo
|
|
verify OCSPEE31:x
|
|
cert OCSPCA3:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_flags requireFreshInfo
|
|
rev_mtype ocsp
|
|
result fail
|
|
|
|
#EE - revoked, doNotUse
|
|
verify OCSPEE12:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
rev_mflags doNotUse
|
|
result pass
|
|
|
|
#EE - revoked, forbidFetching
|
|
verify OCSPEE12:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
rev_mflags forbidFetching
|
|
result pass
|
|
|
|
#EE - unknown status, failIfNoInfo
|
|
verify OCSPEE15:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
rev_mflags failIfNoInfo
|
|
result fail
|
|
|
|
#EE - OK, CA - revoked, leaf, failIfNoInfo
|
|
verify OCSPEE21:x
|
|
cert OCSPCA2:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
rev_mflags failIfNoInfo
|
|
result fail
|
|
|
|
testdb OCSPCA1
|
|
|
|
#EE - OK on OCSP, revoked locally - should fail ??
|
|
# two things about this test: crl is not imported into the db and
|
|
# cert 13 is not revoked by crl.
|
|
verify OCSPEE13:x
|
|
cert OCSPCA1:x
|
|
trust OCSPCA1
|
|
rev_type leaf
|
|
rev_flags testLocalInfoFirst
|
|
rev_mtype ocsp
|
|
result pass
|
|
|
|
db OCSPRoot1
|
|
import OCSPRoot:x:CT,C,C
|
|
|
|
verify OCSPEE23:x
|
|
cert OCSPCA2:x
|
|
trust OCSPRoot
|
|
rev_type chain
|
|
rev_mtype ocsp
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
result fail
|
|
|
|
db OCSPRoot2
|
|
import OCSPRoot:x:T,,
|
|
|
|
# bug 527438
|
|
# expected result of this test is FAIL
|
|
verify OCSPEE23:x
|
|
cert OCSPCA2:x
|
|
trust OCSPRoot
|
|
rev_type chain
|
|
rev_mtype ocsp
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
result pass
|
|
|