Bulletproof the "get_mozilla_ciphers" script

Reviewers have noted that the script's logic treats all "enabled"
flags in StaticPrefList.yaml (other than an explicit False) as True.
That's not so great, since the flag can also be a string, and we
don't necessarily want to treat all strings as meaning that a
ciphersuite is enabled.  (Although we do in fact want to treat
the only string used in _current_ firefox git main that way.)

This change has no effect on the generated ciphers.inc.

Closes #41117.

ci

diff --git a/scripts/codegen/get_mozilla_ciphers.py b/scripts/codegen/get_mozilla_ciphers.py
index 1c80144f5a5c0e3c98518ade1845cb9bd839a2be..e1149e7d759b3a6a50057895c2e5ea1c67139666 100755 (executable)
--- a/scripts/codegen/get_mozilla_ciphers.py
+++ b/scripts/codegen/get_mozilla_ciphers.py
@@ -136,9 +136,13 @@ for entry in yaml_file:
 
 used_ciphers = []
 for k, v in enabled_ciphers.items():
-    if v != False: # there are strings we want to allow.
-
+    if v in (True, "True", "true", "IS_NOT_EARLY_BETA_OR_EARLIER"):
         used_ciphers.append(ciphers[k])
+    elif v == False:
+        pass
+    else:
+        print(f"Warning: unexpected value {v!r} for 'enabled'", file=sys.stderr)
+        sys.exit(1)
 
 #oSSLinclude = ('/usr/include/openssl/ssl3.h', '/usr/include/openssl/ssl.h',
 #               '/usr/include/openssl/ssl2.h', '/usr/include/openssl/ssl23.h',