diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
commit | 26a029d407be480d791972afb5975cf62c9360a6 (patch) | |
tree | f435a8308119effd964b339f76abb83a57c29483 /security/manager/ssl/tests/unit/test_faulty_server.js | |
parent | Initial commit. (diff) | |
download | firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip |
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/manager/ssl/tests/unit/test_faulty_server.js')
-rw-r--r-- | security/manager/ssl/tests/unit/test_faulty_server.js | 142 |
1 files changed, 142 insertions, 0 deletions
diff --git a/security/manager/ssl/tests/unit/test_faulty_server.js b/security/manager/ssl/tests/unit/test_faulty_server.js new file mode 100644 index 0000000000..7536a91104 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_faulty_server.js @@ -0,0 +1,142 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* based on netwerk/test/unit/test_retry_0rtt.js */ + +"use strict"; + +/* import-globals-from ../../../../../netwerk/test/unit/head_channels.js */ +load("../../../../../netwerk/test/unit/head_channels.js"); + +var httpServer = null; + +let handlerCallbacks = {}; + +function listenHandler(metadata, response) { + info(metadata.path); + handlerCallbacks[metadata.path] = (handlerCallbacks[metadata.path] || 0) + 1; +} + +function handlerCount(path) { + return handlerCallbacks[path] || 0; +} + +ChromeUtils.importESModule("resource://gre/modules/AppConstants.sys.mjs"); + +// Bug 1805371: Tests that require FaultyServer can't currently be built +// with system NSS. +add_setup( + { + skip_if: () => AppConstants.MOZ_SYSTEM_NSS, + }, + async () => { + do_get_profile(); + Services.fog.initializeFOG(); + + httpServer = new HttpServer(); + httpServer.registerPrefixHandler("/callback/", listenHandler); + httpServer.start(-1); + + registerCleanupFunction(async () => { + await httpServer.stop(); + }); + + Services.env.set( + "FAULTY_SERVER_CALLBACK_PORT", + httpServer.identity.primaryPort + ); + await asyncStartTLSTestServer("FaultyServer", "test_faulty_server"); + } +); + +function makeChan(url) { + let chan = NetUtil.newChannel({ + uri: url, + loadUsingSystemPrincipal: true, + }).QueryInterface(Ci.nsIHttpChannel); + + chan.loadFlags = Ci.nsIChannel.LOAD_INITIAL_DOCUMENT_URI; + return chan; +} + +function channelOpenPromise(chan, flags) { + return new Promise(resolve => { + chan.asyncOpen( + new ChannelListener((req, buffer) => resolve([req, buffer]), null, flags) + ); + }); +} + +add_task( + { + skip_if: () => AppConstants.MOZ_SYSTEM_NSS, + }, + async function testRetryXyber() { + const retryDomain = "xyber-net-interrupt.example.com"; + + Services.prefs.setBoolPref("security.tls.enable_kyber", true); + Services.prefs.setCharPref("network.dns.localDomains", [retryDomain]); + Services.prefs.setIntPref("network.http.speculative-parallel-limit", 0); + + // Get the number of xyber / x25519 callbacks prior to making the request + // ssl_grp_kem_xyber768d00 = 25497 + // ssl_grp_ec_curve25519 = 29 + let countOfXyber = handlerCount("/callback/25497"); + let countOfX25519 = handlerCount("/callback/29"); + let chan = makeChan(`https://${retryDomain}:8443`); + let [, buf] = await channelOpenPromise(chan, CL_ALLOW_UNKNOWN_CL); + ok(buf); + // The server will make a xyber768d00 callback for the initial request, and + // then an x25519 callback for the retry. Both callback counts should + // increment by one. + equal( + handlerCount("/callback/25497"), + countOfXyber + 1, + "negotiated xyber768d00" + ); + equal(handlerCount("/callback/29"), countOfX25519 + 1, "negotiated x25519"); + if (!mozinfo.socketprocess_networking) { + // Bug 1824574 + equal( + 1, + await Glean.tls.xyberIntoleranceReason.PR_END_OF_FILE_ERROR.testGetValue(), + "PR_END_OF_FILE_ERROR telemetry accumulated" + ); + } + } +); + +add_task( + { + skip_if: () => AppConstants.MOZ_SYSTEM_NSS, + }, + async function testNoRetryXyber() { + const retryDomain = "xyber-alert-after-server-hello.example.com"; + + Services.prefs.setBoolPref("security.tls.enable_kyber", true); + Services.prefs.setCharPref("network.dns.localDomains", [retryDomain]); + Services.prefs.setIntPref("network.http.speculative-parallel-limit", 0); + + // Get the number of xyber / x25519 / p256 callbacks prior to making the request + // ssl_grp_kem_xyber768d00 = 25497 + // ssl_grp_ec_curve25519 = 29 + let countOfXyber = handlerCount("/callback/25497"); + let countOfX25519 = handlerCount("/callback/29"); + let chan = makeChan(`https://${retryDomain}:8443`); + let [req] = await channelOpenPromise(chan, CL_EXPECT_FAILURE); + equal(req.status, 0x805a2f4d); // psm::GetXPCOMFromNSSError(SSL_ERROR_HANDSHAKE_FAILED) + // The server will make a xyber768d00 callback for the initial request and + // the client should not retry. + equal( + handlerCount("/callback/25497"), + countOfXyber + 1, + "negotiated xyber768d00" + ); + equal( + handlerCount("/callback/29"), + countOfX25519, + "did not negotiate x25519" + ); + } +); |