test_cert_info.js (5089B)
1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 5 "use strict"; 6 7 const { 8 NodeHTTPServer, 9 NodeHTTPSServer, 10 NodeHTTP2Server, 11 NodeHTTPProxyServer, 12 NodeHTTPSProxyServer, 13 NodeHTTP2ProxyServer, 14 } = ChromeUtils.importESModule("resource://testing-common/NodeServer.sys.mjs"); 15 16 /* import-globals-from head_cache.js */ 17 /* import-globals-from head_cookies.js */ 18 /* import-globals-from head_channels.js */ 19 20 // We don't normally allow localhost channels to be proxied, but this 21 // is easier than updating all the certs and/or domains. 22 Services.prefs.setBoolPref("network.proxy.allow_hijacking_localhost", true); 23 registerCleanupFunction(() => { 24 Services.prefs.clearUserPref("network.proxy.allow_hijacking_localhost"); 25 }); 26 27 function makeChan(uri) { 28 let chan = NetUtil.newChannel({ 29 uri, 30 loadUsingSystemPrincipal: true, 31 }).QueryInterface(Ci.nsIHttpChannel); 32 chan.loadFlags = Ci.nsIChannel.LOAD_INITIAL_DOCUMENT_URI; 33 return chan; 34 } 35 36 async function test_cert_failure(server_creator, https_proxy) { 37 let certdb = Cc["@mozilla.org/security/x509certdb;1"].getService( 38 Ci.nsIX509CertDB 39 ); 40 addCertFromFile(certdb, "http2-ca.pem", "CTu,u,u"); 41 addCertFromFile(certdb, "proxy-ca.pem", "CTu,u,u"); 42 43 let server = new server_creator(); 44 await server.start(); 45 registerCleanupFunction(async () => { 46 await server.stop(); 47 }); 48 49 await server.registerPathHandler("/test", (req, resp) => { 50 resp.writeHead(200); 51 resp.end("done"); 52 }); 53 let url; 54 if (server_creator == NodeHTTPServer) { 55 url = `http://localhost:${server.port()}/test`; 56 } else { 57 url = `https://localhost:${server.port()}/test`; 58 } 59 let chan = makeChan(url); 60 let req = await new Promise(resolve => { 61 chan.asyncOpen(new ChannelListener(resolve, null, CL_ALLOW_UNKNOWN_CL)); 62 }); 63 equal(req.status, Cr.NS_OK); 64 equal(req.QueryInterface(Ci.nsIHttpChannel).responseStatus, 200); 65 let secinfo = req.securityInfo; 66 if (server_creator == NodeHTTPServer) { 67 if (!https_proxy) { 68 Assert.equal(secinfo, null); 69 } else { 70 // In the case we are connecting to an insecure HTTP server 71 // through a secure proxy, nsHttpChannel will have the security 72 // info from the proxy. 73 // We will discuss this behavir in bug 1785777. 74 secinfo.QueryInterface(Ci.nsITransportSecurityInfo); 75 Assert.equal(secinfo.serverCert.commonName, " Proxy Test Cert"); 76 } 77 } else { 78 secinfo.QueryInterface(Ci.nsITransportSecurityInfo); 79 Assert.equal(secinfo.serverCert.commonName, " HTTP2 Test Cert"); 80 } 81 } 82 83 add_task(async function test_http() { 84 await test_cert_failure(NodeHTTPServer, false); 85 }); 86 87 add_task(async function test_https() { 88 await test_cert_failure(NodeHTTPSServer, false); 89 }); 90 91 add_task(async function test_http2() { 92 await test_cert_failure(NodeHTTP2Server, false); 93 }); 94 95 add_task(async function test_http_proxy_http_server() { 96 let proxy = new NodeHTTPProxyServer(); 97 await proxy.start(); 98 registerCleanupFunction(() => { 99 proxy.stop(); 100 }); 101 await test_cert_failure(NodeHTTPServer, false); 102 }); 103 104 add_task(async function test_http_proxy_https_server() { 105 let proxy = new NodeHTTPProxyServer(); 106 await proxy.start(); 107 registerCleanupFunction(() => { 108 proxy.stop(); 109 }); 110 await test_cert_failure(NodeHTTPSServer, false); 111 }); 112 113 add_task(async function test_http_proxy_http2_server() { 114 let proxy = new NodeHTTPProxyServer(); 115 await proxy.start(); 116 registerCleanupFunction(() => { 117 proxy.stop(); 118 }); 119 await test_cert_failure(NodeHTTP2Server, false); 120 }); 121 122 add_task(async function test_https_proxy_http_server() { 123 let proxy = new NodeHTTPSProxyServer(); 124 await proxy.start(); 125 registerCleanupFunction(() => { 126 proxy.stop(); 127 }); 128 await test_cert_failure(NodeHTTPServer, true); 129 }); 130 131 add_task(async function test_https_proxy_https_server() { 132 let proxy = new NodeHTTPSProxyServer(); 133 await proxy.start(); 134 registerCleanupFunction(() => { 135 proxy.stop(); 136 }); 137 await test_cert_failure(NodeHTTPSServer, true); 138 }); 139 140 add_task(async function test_https_proxy_http2_server() { 141 let proxy = new NodeHTTPSProxyServer(); 142 await proxy.start(); 143 registerCleanupFunction(() => { 144 proxy.stop(); 145 }); 146 await test_cert_failure(NodeHTTP2Server, true); 147 }); 148 149 add_task(async function test_http2_proxy_http_server() { 150 let proxy = new NodeHTTP2ProxyServer(); 151 await proxy.start(); 152 registerCleanupFunction(() => { 153 proxy.stop(); 154 }); 155 156 await test_cert_failure(NodeHTTPServer, true); 157 }); 158 159 add_task(async function test_http2_proxy_https_server() { 160 let proxy = new NodeHTTP2ProxyServer(); 161 await proxy.start(); 162 registerCleanupFunction(() => { 163 proxy.stop(); 164 }); 165 166 await test_cert_failure(NodeHTTPSServer, true); 167 }); 168 169 add_task(async function test_http2_proxy_http2_server() { 170 let proxy = new NodeHTTP2ProxyServer(); 171 await proxy.start(); 172 registerCleanupFunction(() => { 173 proxy.stop(); 174 }); 175 176 await test_cert_failure(NodeHTTP2Server, true); 177 });