Skip to content

Commit

Permalink
Google Chrome Test namecoin#92
Browse files Browse the repository at this point in the history
Google Chrome Test namecoin#92
  • Loading branch information
robertmin1 committed Nov 14, 2022
1 parent b46441d commit da545d9
Show file tree
Hide file tree
Showing 3 changed files with 133 additions and 0 deletions.
34 changes: 34 additions & 0 deletions .cirrus.yml
Original file line number Diff line number Diff line change
Expand Up @@ -333,6 +333,40 @@ task:
depends_on:
- "Compile Go latest linux amd64"

task:
name: "Google Chrome $CI_DISTRO"
matrix:
- container:
image: fedora:latest
cpu: 1
memory: 1G
package_install_script:
- dnf install -y https://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm
env:
CI_DISTRO: fedora
CI_MAIN_MODULE: /usr/lib64/pkcs11/p11-kit-trust.so
CI_BAK_MODULE: /usr/lib64/pkcs11/p11-kit-trust.orig.so
- container:
image: debian:latest
cpu: 1
memory: 1G
package_install_script:
- apt-get update
- apt-get install -y curl wget gnupg2
- wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
- apt install -y ./google-chrome-stable_current_amd64.deb
env:
CI_DISTRO: debian
CI_MAIN_MODULE: /usr/lib/x86_64-linux-gnu/nss/libnssckbi.so
CI_BAK_MODULE: /usr/lib/x86_64-linux-gnu/nss/libnssckbi.orig.so
install_script:
- curl -o pkcs11mod.tar.gz https://api.cirrus-ci.com/v1/artifact/build/$CIRRUS_BUILD_ID/Compile%20Go%20latest%20linux%20amd64/binaries/dist/pkcs11mod.tar.gz
- tar -xaf ./pkcs11mod.tar.gz
test_script:
- testdata/ci-google-chrome-tests.bash
depends_on:
- "Compile Go latest linux amd64"

task:
name: "Exports $GOARCH"
windows_container:
Expand Down
48 changes: 48 additions & 0 deletions testdata/ci-google-chrome-tests.bash
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
#!/usr/bin/env bash

set -euo pipefail
shopt -s nullglob globstar

echo "===== Default System CKBI ====="

testdata/try-google-chrome-connect.bash www.namecoin.org success "" || testdata/dump-proxy-log-fail.bash
testdata/assert-proxy-log.bash missing

testdata/try-google-chrome-connect.bash untrusted-root.badssl.com fail "" || testdata/dump-proxy-log-fail.bash
testdata/assert-proxy-log.bash missing

echo "===== Deleted System CKBI ====="

mv "$CI_MAIN_MODULE" "$CI_BAK_MODULE"

testdata/try-google-chrome-connect.bash www.namecoin.org fail "" || testdata/dump-proxy-log-fail.bash
testdata/assert-proxy-log.bash missing

testdata/try-google-chrome-connect.bash untrusted-root.badssl.com fail "" || testdata/dump-proxy-log-fail.bash
testdata/assert-proxy-log.bash missing

# TODO: No env var, missing default target

# TODO: Env var pointing to missing target

echo "===== System CKBI via pkcs11proxy ====="

export PKCS11PROXY_CKBI_TARGET="$CI_BAK_MODULE"
cp libpkcs11proxy.so "$CI_MAIN_MODULE"

testdata/try-google-chrome-connect.bash www.namecoin.org success "" || testdata/dump-proxy-log-fail.bash
testdata/assert-proxy-log.bash present

testdata/try-google-chrome-connect.bash untrusted-root.badssl.com fail "" || testdata/dump-proxy-log-fail.bash
testdata/assert-proxy-log.bash present

echo "===== System CKBI via p11proxy ====="

export P11PROXY_CKBI_TARGET="$CI_BAK_MODULE"
cp libp11proxy.so "$CI_MAIN_MODULE"

testdata/try-google-chrome-connect.bash www.namecoin.org success "" || testdata/dump-proxy-log-fail.bash
testdata/assert-proxy-log.bash present

testdata/try-google-chrome-connect.bash untrusted-root.badssl.com fail "" || testdata/dump-proxy-log-fail.bash
testdata/assert-proxy-log.bash present
51 changes: 51 additions & 0 deletions testdata/try-google-chrome-connect.bash
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
#!/usr/bin/env bash

set -euo pipefail
shopt -s nullglob globstar

SERVER_HOST="$1"
DESIRED="$2"
TEXTMATCH="$3"

echo "$SERVER_HOST"

if [[ "$DESIRED" != "success" ]] && [[ "$DESIRED" != "fail" ]]
then
echo "Invalid DESIRED value; should be success or fail"
exit 1
fi

# TODO: Nuke whatever cached state might exist...

rm -f screenshot.png

# Disable sandbox because Google Chrome doesn't support running the sandbox as root,
# and the Cirrus container runs as root. See
# https://github.com/Zenika/alpine-chrome .
google-chrome --no-sandbox --headless --disable-gpu --disable-software-rasterizer --disable-dev-shm-usage --screenshot=./screenshot.png "https://$SERVER_HOST" 2>&1 | tee log.txt
TEXTOUT=$(cat log.txt)

if echo "$TEXTOUT" | grep -q "SSL error"
then
RESULT=fail
else
RESULT=success
fi

if [[ "$RESULT" != "$DESIRED" ]]
then
echo "TLS test failed"
echo "Got $RESULT, wanted $DESIRED"
echo "$TEXTOUT"
exit 1
fi

if ! echo "$TEXTOUT" | grep -q "$TEXTMATCH"
then
echo "TLS test failed"
echo "Missing output: $TEXTMATCH"
echo "$TEXTOUT"
exit 1
fi

exit 0

0 comments on commit da545d9

Please sign in to comment.