[DEFAULT]
head = head_psm.js
tags = psm
support-files =
  bad_certs/**
  ocsp_certs/**
  test_baseline_requirements/**
  test_broken_fips/**
  test_cert_eku/**
  test_cert_embedded_null/**
  test_cert_isBuiltInRoot_reload/**
  test_cert_keyUsage/**
  test_cert_overrides_read_only/**
  test_cert_sha1/**
  test_cert_signatures/**
  test_cert_trust/**
  test_cert_version/**
  test_certDB_import/**
  test_certviewer_invalid_oids/**
  test_content_signing/**
  test_ct/**
  test_ev_certs/**
  test_getchain/**
  test_intermediate_basic_usage_constraints/**
  test_keysize/**
  test_keysize_ev/**
  test_missing_intermediate/**
  test_name_constraints/**
  test_ocsp_fetch_method/**
  test_ocsp_url/**
  test_onecrl/**
  test_pinning_dynamic/**
  test_sdr_preexisting/**
  test_sdr_preexisting_with_password/**
  test_signed_apps/**
  test_signed_dir/**
  test_startcom_wosign/**
  test_symantec_apple_google/**
  test_validity/**
  tlsserver/**

[test_add_preexisting_cert.js]
[test_baseline_requirements_subject_common_name.js]
[test_broken_fips.js]
# FIPS has never been a thing on Android, so the workaround doesn't
# exist on that platform.
# FIPS still works on Linux/Windows, so this test doesn't make any sense there.
skip-if = os != 'mac'
[test_cert_blocklist.js]
tags = addons psm blocklist
[test_cert_chains.js]
run-sequentially = hardcoded ports
[test_cert_dbKey.js]
[test_cert_eku.js]
[test_cert_embedded_null.js]
[test_cert_keyUsage.js]
[test_cert_isBuiltInRoot.js]
[test_cert_isBuiltInRoot_reload.js]
[test_cert_overrides.js]
run-sequentially = hardcoded ports
[test_cert_overrides_read_only.js]
run-sequentially = hardcoded ports
[test_cert_override_bits_mismatches.js]
run-sequentially = hardcoded ports
[test_cert_sha1.js]
[test_cert_signatures.js]
[test_cert_trust.js]
[test_cert_version.js]
[test_certDB_import.js]
[test_certDB_import_pkcs12.js]
[test_certDB_import_with_master_password.js]
[test_certviewer_invalid_oids.js]
skip-if = toolkit == 'android'
[test_constructX509FromBase64.js]
[test_content_signing.js]
[test_ct.js]
# Requires hard-coded debug-only data
skip-if = !debug
run-sequentially = hardcoded ports
[test_datasignatureverifier.js]
# Android always has and always will use the new format, so
# this test doesn't apply.
[test_db_format_pref_new.js]
skip-if = toolkit == 'android'
[test_der.js]
[test_enterprise_roots.js]
skip-if = os != 'win' # tests a Windows-specific feature
[test_ev_certs.js]
tags = blocklist
run-sequentially = hardcoded ports
[test_forget_about_site_security_headers.js]
skip-if = toolkit == 'android'
[test_getchain.js]
[test_hash_algorithms.js]
[test_hash_algorithms_wrap.js]
# bug 1124289 - run_test_in_child violates the sandbox on android
skip-if = toolkit == 'android'
[test_hmac.js]
[test_intermediate_basic_usage_constraints.js]
[test_js_cert_override_service.js]
run-sequentially = hardcoded ports
[test_keysize.js]
[test_keysize_ev.js]
run-sequentially = hardcoded ports
[test_local_cert.js]
[test_logoutAndTeardown.js]
run-sequentially = hardcoded ports
[test_missing_intermediate.js]
run-sequentially = hardcoded ports
[test_name_constraints.js]
[test_nsCertType.js]
run-sequentially = hardcoded ports
[test_nsIX509Cert_utf8.js]
[test_nsIX509CertValidity.js]
[test_nss_shutdown.js]
[test_ocsp_caching.js]
run-sequentially = hardcoded ports
[test_ocsp_enabled_pref.js]
run-sequentially = hardcoded ports
[test_ocsp_fetch_method.js]
run-sequentially = hardcoded ports
[test_ocsp_must_staple.js]
run-sequentially = hardcoded ports
[test_ocsp_no_hsts_upgrade.js]
run-sequentially = hardcoded ports
[test_ocsp_required.js]
run-sequentially = hardcoded ports
[test_ocsp_stapling.js]
run-sequentially = hardcoded ports
[test_ocsp_stapling_expired.js]
run-sequentially = hardcoded ports
[test_ocsp_stapling_with_intermediate.js]
run-sequentially = hardcoded ports
[test_ocsp_timeout.js]
run-sequentially = hardcoded ports
[test_ocsp_url.js]
run-sequentially = hardcoded ports
[test_password_prompt.js]
[test_pinning.js]
run-sequentially = hardcoded ports
# This test can take longer than 300 seconds on B2G emulator debug builds, so
# give it enough time to finish. See bug 1081128.
requesttimeoutfactor = 2
[test_pinning_dynamic.js]
[test_pinning_header_parsing.js]
[test_sdr.js]
[test_sdr_preexisting.js]
[test_sdr_preexisting_with_password.js]
# Not relevant to Android. See the comment in the test.
skip-if = toolkit == 'android'
[test_session_resumption.js]
run-sequentially = hardcoded ports
[test_signed_apps.js]
[test_signed_dir.js]
tags = addons psm
[test_ssl_status.js]
[test_sss_enumerate.js]
[test_sss_eviction.js]
[test_sss_originAttributes.js]
[test_sss_readstate.js]
[test_sss_readstate_child.js]
support-files = sss_readstate_child_worker.js
# bug 1124289 - run_test_in_child violates the sandbox on android
skip-if = toolkit == 'android'
[test_sss_readstate_empty.js]
[test_sss_readstate_garbage.js]
[test_sss_readstate_huge.js]
[test_sss_savestate.js]
[test_startcom_wosign.js]
[test_sts_fqdn.js]
[test_sts_holepunch.js]
[test_sts_ipv4_ipv6.js]
[test_sts_parser.js]
[test_sts_preload_dynamic.js]
[test_sts_preloadlist_perwindowpb.js]
[test_sts_preloadlist_selfdestruct.js]
[test_symantec_apple_google.js]
run-sequentially = hardcoded ports
[test_symantec_apple_google_unaffected.js]
run-sequentially = hardcoded ports
[test_validity.js]
run-sequentially = hardcoded ports
[test_x509.js]

# The TLS error reporting functionality lives in /toolkit but needs tlsserver
[test_toolkit_securityreporter.js]