Skip to content

/ servo

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make SSL tests work #15784

Merged
merged 7 commits into from Apr 6, 2017
+586 −3,747
Merged

Make SSL tests work #15784

Changes from 1 commit
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
dc99104
Add command-line argument to use a custom SSL certificate database.
jdm Apr 5, 2017
e9fdc4c
Replace hosts when making TCP connections, not when verifying SSL certs.
jdm Apr 5, 2017
ba132e0
Remove unnecessary NetworkHttpRequestFactory abstraction.
jdm Apr 5, 2017
f12bb9d
Add a test verifying that HTTPS WPT tests work.
jdm Apr 5, 2017
e218935
Remove invalid cert test that can no longer test anything useful.
jdm Apr 5, 2017
e772086
Enable the WPT referrer-policy tests that use HTTPS.
jdm Apr 5, 2017
6f590a8
Move hosts module into net crate. Remove obsolete functions.
jdm Apr 5, 2017
File filter...
Filter file types
Jump to…
Jump to file
Failed to load files.

Always

Just for now

Next

Add command-line argument to use a custom SSL certificate database.

  • Loading branch information
@jdm
jdm committed Apr 6, 2017
commit dc99104f555189601e84cc761460446b04f30e08
6 components/config/opts.rs
View file
Open in desktop
@@ -230,6 +230,9 @@ pub struct Opts {

/// Print the version and exit.
pub is_printing_version: bool,

/// Path to SSL certificates.
pub certificate_path: Option<String>,
}

fn print_usage(app: &str, opts: &Options) {
@@ -566,6 +569,7 @@ pub fn default_opts() -> Opts {
webrender_record: false,
precache_shaders: false,
signpost: false,
certificate_path: None,
}
}

@@ -615,6 +619,7 @@ pub fn from_cmdline_args(args: &[String]) -> ArgumentParsingResult {
"A comma-separated string of debug options. Pass help to show available options.", "");
opts.optflag("h", "help", "Print this message");
opts.optopt("", "resources-path", "Path to find static resources", "/home/servo/resources");
opts.optopt("", "certificate-path", "Path to find SSL certificates", "/home/servo/resources/certs");
opts.optopt("", "content-process" , "Run as a content process and connect to the given pipe",
"servo-ipc-channel.abcdefg");
opts.optmulti("", "pref",
@@ -868,6 +873,7 @@ pub fn from_cmdline_args(args: &[String]) -> ArgumentParsingResult {
webrender_record: debug_options.webrender_record,
precache_shaders: debug_options.precache_shaders,
signpost: debug_options.signpost,
certificate_path: opt_match.opt_str("certificate-path"),
};

set_defaults(opts);
8 components/net/connector.rs
View file
Open in desktop
@@ -7,16 +7,12 @@ use hyper::net::HttpsConnector;
use hyper_openssl::OpensslClient;
use openssl::ssl::{SSL_OP_NO_COMPRESSION, SSL_OP_NO_SSLV2, SSL_OP_NO_SSLV3};
use openssl::ssl::{SslConnectorBuilder, SslMethod};
use servo_config::resource_files::resources_dir_path;
use std::path::PathBuf;
use std::sync::Arc;

pub type Connector = HttpsConnector<OpensslClient>;

pub fn create_ssl_client(certificate_file: &str) -> OpensslClient {
let ca_file = &resources_dir_path()
.expect("Need certificate file to make network requests")
.join(certificate_file);

pub fn create_ssl_client(ca_file: &PathBuf) -> OpensslClient {
let mut ssl_connector_builder = SslConnectorBuilder::new(SslMethod::tls()).unwrap();
{
let context = ssl_connector_builder.builder_mut();
14 components/net/resource_thread.rs
View file
Open in desktop
@@ -25,6 +25,8 @@ use net_traits::storage_thread::StorageThreadMsg;
use profile_traits::time::ProfilerChan;
use serde::{Deserialize, Serialize};
use serde_json;
use servo_config::opts;
use servo_config::resource_files::resources_dir_path;
use servo_url::ServoUrl;
use std::borrow::{Cow, ToOwned};
use std::collections::HashMap;
@@ -108,13 +110,21 @@ fn create_resource_groups(config_dir: Option<&Path>)
auth_cache: RwLock::new(auth_cache),
hsts_list: RwLock::new(hsts_list),
};
let ssl_client = create_ssl_client("certs");

let ca_file = match opts::get().certificate_path {
Some(ref path) => PathBuf::from(path),
None => resources_dir_path()
.expect("Need certificate file to make network requests")
.join("certs"),
};
let ssl_client = create_ssl_client(&ca_file);

let resource_group = ResourceGroup {
http_state: Arc::new(http_state),
ssl_client: ssl_client.clone(),
connector: create_http_connector(ssl_client.clone()),
};
let private_ssl_client = create_ssl_client("certs");
let private_ssl_client = create_ssl_client(&ca_file);
let private_resource_group = ResourceGroup {
http_state: Arc::new(HttpState::new()),
ssl_client: private_ssl_client.clone(),
3 tests/unit/net/fetch.rs
View file
Open in desktop
@@ -530,7 +530,8 @@ fn test_fetch_with_hsts() {
//takes an address and something that implements hyper::net::Ssl
let mut server = Server::https("0.0.0.0:0", ssl).unwrap().handle_threads(handler, 1).unwrap();

let ssl_client = create_ssl_client("self_signed_certificate_for_testing.crt");
let ca_file = resources_dir_path().unwrap().join("self_signed_certificate_for_testing.crt");
let ssl_client = create_ssl_client(&ca_file);
let connector = create_http_connector(ssl_client);

let context = FetchContext {
4 tests/unit/net/lib.rs
View file
Open in desktop
@@ -42,6 +42,7 @@ use net::test::HttpState;
use net_traits::FetchTaskTarget;
use net_traits::request::Request;
use net_traits::response::Response;
use servo_config::resource_files::resources_dir_path;
use servo_url::ServoUrl;
use std::sync::Arc;
use std::sync::mpsc::{Sender, channel};
@@ -53,7 +54,8 @@ struct FetchResponseCollector {
}

fn new_fetch_context(dc: Option<Sender<DevtoolsControlMsg>>) -> FetchContext {
let ssl_client = create_ssl_client("certs");
let ca_file = resources_dir_path().unwrap().join("certs");
let ssl_client = create_ssl_client(&ca_file);
let connector = create_http_connector(ssl_client);
FetchContext {
state: Arc::new(HttpState::new()),
9 tests/wpt/harness/wptrunner/browsers/servo.py
View file
Open in desktop
@@ -32,7 +32,8 @@ def browser_kwargs(**kwargs):
"debug_info": kwargs["debug_info"],
"binary_args": kwargs["binary_args"],
"user_stylesheets": kwargs.get("user_stylesheets"),
"render_backend": kwargs.get("servo_backend")}
"render_backend": kwargs.get("servo_backend"),
"ca_certificate_path": kwargs["ssl_env"].ca_cert_path()}


def executor_kwargs(test_type, server_config, cache_manager, run_info_data,
@@ -65,17 +66,19 @@ def render_arg(render_backend):

class ServoBrowser(NullBrowser):
def __init__(self, logger, binary, debug_info=None, binary_args=None,
user_stylesheets=None, render_backend="webrender"):
user_stylesheets=None, render_backend="webrender", ca_certificate_path=None):
NullBrowser.__init__(self, logger)
self.binary = binary
self.debug_info = debug_info
self.binary_args = binary_args or []
self.user_stylesheets = user_stylesheets or []
self.render_backend = render_backend
self.ca_certificate_path = ca_certificate_path

def executor_browser(self):
return ExecutorBrowser, {"binary": self.binary,
"debug_info": self.debug_info,
"binary_args": self.binary_args,
"user_stylesheets": self.user_stylesheets,
"render_backend": self.render_backend}
"render_backend": self.render_backend,
"ca_certificate_path": self.ca_certificate_path}
5 tests/wpt/harness/wptrunner/executors/executorservo.py
View file
Open in desktop
@@ -86,6 +86,8 @@ def do_test(self, test):
args += ["--user-stylesheet", stylesheet]
for pref, value in test.environment.get('prefs', {}).iteritems():
args += ["--pref", "%s=%s" % (pref, value)]
if self.browser.ca_certificate_path:
args += ["--certificate-path", self.browser.ca_certificate_path]
args += self.browser.binary_args
debug_args, command = browser_command(self.binary, args, self.debug_info)

@@ -226,6 +228,9 @@ def screenshot(self, test, viewport_size, dpi):

command += ["--resolution", viewport_size or "800x600"]

if self.browser.ca_certificate_path:
command += ["--certificate-path", self.browser.ca_certificate_path]

if dpi:
command += ["--device-pixel-ratio", dpi]

ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.