tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_cert_verification_failure.js (2291B)

      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 "use strict";
      6 
      7 const {
      8  NodeHTTPSServer,
      9  NodeHTTPSProxyServer,
     10  NodeHTTP2Server,
     11  NodeHTTP2ProxyServer,
     12 } = ChromeUtils.importESModule("resource://testing-common/NodeServer.sys.mjs");
     13 
     14 /* import-globals-from head_cache.js */
     15 /* import-globals-from head_cookies.js */
     16 /* import-globals-from head_channels.js */
     17 
     18 function makeChan(uri) {
     19  let chan = NetUtil.newChannel({
     20    uri,
     21    loadUsingSystemPrincipal: true,
     22  }).QueryInterface(Ci.nsIHttpChannel);
     23  chan.loadFlags = Ci.nsIChannel.LOAD_INITIAL_DOCUMENT_URI;
     24  return chan;
     25 }
     26 
     27 add_task(async function setup() {
     28  Services.prefs.setBoolPref("network.dns.native-is-localhost", true);
     29 });
     30 
     31 async function test_cert_failure(server_or_proxy, server_cert) {
     32  let server = new server_or_proxy();
     33  server._skipCert = true;
     34  await server.start();
     35  registerCleanupFunction(async () => {
     36    await server.stop();
     37  });
     38  let chan = makeChan(`https://alt1.example.com:${server.port()}/test`);
     39  let req = await new Promise(resolve => {
     40    chan.asyncOpen(new ChannelListener(resolve, null, CL_EXPECT_FAILURE));
     41  });
     42  equal(req.status, 0x805a1ff3); // SEC_ERROR_UNKNOWN_ISSUER
     43  let secinfo = req.securityInfo;
     44  secinfo.QueryInterface(Ci.nsITransportSecurityInfo);
     45  if (server_cert) {
     46    Assert.equal(secinfo.serverCert.commonName, " HTTP2 Test Cert");
     47  } else {
     48    Assert.equal(secinfo.serverCert.commonName, " Proxy Test Cert");
     49  }
     50 }
     51 
     52 add_task(async function test_https() {
     53  await test_cert_failure(NodeHTTPSServer, true);
     54 });
     55 
     56 add_task(async function test_http2() {
     57  await test_cert_failure(NodeHTTP2Server, true);
     58 });
     59 
     60 add_task(async function test_https_proxy() {
     61  let proxy = new NodeHTTPSProxyServer();
     62  proxy._skipCert = true;
     63  await proxy.start();
     64  registerCleanupFunction(() => {
     65    proxy.stop();
     66  });
     67  await test_cert_failure(NodeHTTPSServer, false);
     68 });
     69 
     70 add_task(async function test_http2_proxy() {
     71  let proxy = new NodeHTTP2ProxyServer();
     72  proxy._skipCert = true;
     73  await proxy.start();
     74  registerCleanupFunction(() => {
     75    proxy.stop();
     76  });
     77 
     78  await test_cert_failure(NodeHTTPSServer, false);
     79 });