bug 846581 - avoid nsIBadCertListener2 in toolkit install/update tests r=mossop
authorDana Keeler <dkeeler@mozilla.com>
Wed, 06 Mar 2019 01:24:47 +0000
changeset 523418 494abd5b60b8cab73684b24f29541f0d736d36a9
parent 523417 577a1e61f6d37c5cc402d9fd0fc1cb40a489c616
child 523419 1ba42a5ba5d672533f395b15dc1b87e44b19b743
push id2032
push userffxbld-merge
push dateMon, 13 May 2019 09:36:57 +0000
treeherdermozilla-release@455c1065dcbe [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmossop
bugs846581
milestone67.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
bug 846581 - avoid nsIBadCertListener2 in toolkit install/update tests r=mossop This patch changes how some toolkit mochitest-browser-chrome tests set up certificate error overrides to avoid using nsIBadCertListener2 (basically it follows the approach of exceptionDialog.js and uses the onerror callback of the XHR). Differential Revision: https://phabricator.services.mozilla.com/D21818
toolkit/mozapps/extensions/test/browser/browser_installssl.js
toolkit/mozapps/extensions/test/browser/browser_updatessl.js
toolkit/mozapps/extensions/test/browser/head.js
--- a/toolkit/mozapps/extensions/test/browser/browser_installssl.js
+++ b/toolkit/mozapps/extensions/test/browser/browser_installssl.js
@@ -101,24 +101,16 @@ function run_install_tests(callback) {
       },
     });
     install.install();
   }
 
   run_next_install_test();
 }
 
-// Add overrides for the bad certificates
-function addCertOverrides() {
-  addCertOverride("nocert.example.com", Ci.nsICertOverrideService.ERROR_MISMATCH);
-  addCertOverride("self-signed.example.com", Ci.nsICertOverrideService.ERROR_UNTRUSTED);
-  addCertOverride("untrusted.example.com", Ci.nsICertOverrideService.ERROR_UNTRUSTED);
-  addCertOverride("expired.example.com", Ci.nsICertOverrideService.ERROR_TIME);
-}
-
 // Runs tests with built-in certificates required, no certificate exceptions
 // and no hashes
 add_test(function() {
   // Tests that a simple install works as expected.
   add_install_test(HTTP, null, SUCCESS);
   add_install_test(HTTPS, null, NETWORK_FAILURE);
   add_install_test(NOCERT, null, NETWORK_FAILURE);
   add_install_test(SELFSIGNED, null, NETWORK_FAILURE);
@@ -235,21 +227,25 @@ add_test(function() {
   add_install_test(EXPIRED, NOCERT, NETWORK_FAILURE);
   add_install_test(EXPIRED, SELFSIGNED, NETWORK_FAILURE);
   add_install_test(EXPIRED, UNTRUSTED, NETWORK_FAILURE);
   add_install_test(EXPIRED, EXPIRED, NETWORK_FAILURE);
 
   run_install_tests(run_next_test);
 });
 
+// Set up overrides for the next test.
+add_test(() => {
+  addCertOverrides().then(run_next_test);
+});
+
 // Runs tests with built-in certificates required, all certificate exceptions
 // and no hashes
 add_test(function() {
   Services.prefs.clearUserPref(PREF_INSTALL_REQUIREBUILTINCERTS);
-  addCertOverrides();
 
   // Tests that a simple install works as expected.
   add_install_test(HTTP, null, SUCCESS);
   add_install_test(HTTPS, null, NETWORK_FAILURE);
   add_install_test(NOCERT, null, NETWORK_FAILURE);
   add_install_test(SELFSIGNED, null, NETWORK_FAILURE);
   add_install_test(UNTRUSTED, null, NETWORK_FAILURE);
   add_install_test(EXPIRED, null, NETWORK_FAILURE);
--- a/toolkit/mozapps/extensions/test/browser/browser_updatessl.js
+++ b/toolkit/mozapps/extensions/test/browser/browser_updatessl.js
@@ -101,24 +101,16 @@ function run_update_tests(callback) {
         run_next_update_test();
       },
     });
   }
 
   run_next_update_test();
 }
 
-// Add overrides for the bad certificates
-function addCertOverrides() {
-  addCertOverride("nocert.example.com", Ci.nsICertOverrideService.ERROR_MISMATCH);
-  addCertOverride("self-signed.example.com", Ci.nsICertOverrideService.ERROR_UNTRUSTED);
-  addCertOverride("untrusted.example.com", Ci.nsICertOverrideService.ERROR_UNTRUSTED);
-  addCertOverride("expired.example.com", Ci.nsICertOverrideService.ERROR_TIME);
-}
-
 // Runs tests with built-in certificates required and no certificate exceptions.
 add_test(function() {
   // Tests that a simple update.json retrieval works as expected.
   add_update_test(HTTP, null, SUCCESS);
   add_update_test(HTTPS, null, DOWNLOAD_ERROR);
   add_update_test(NOCERT, null, DOWNLOAD_ERROR);
   add_update_test(SELFSIGNED, null, DOWNLOAD_ERROR);
   add_update_test(UNTRUSTED, null, DOWNLOAD_ERROR);
@@ -234,20 +226,24 @@ add_test(function() {
   add_update_test(EXPIRED, NOCERT, DOWNLOAD_ERROR);
   add_update_test(EXPIRED, SELFSIGNED, DOWNLOAD_ERROR);
   add_update_test(EXPIRED, UNTRUSTED, DOWNLOAD_ERROR);
   add_update_test(EXPIRED, EXPIRED, DOWNLOAD_ERROR);
 
   run_update_tests(run_next_test);
 });
 
+// Set up overrides for the next test.
+add_test(() => {
+  addCertOverrides().then(run_next_test);
+});
+
 // Runs tests with built-in certificates required and all certificate exceptions.
 add_test(function() {
   Services.prefs.clearUserPref(PREF_UPDATE_REQUIREBUILTINCERTS);
-  addCertOverrides();
 
   // Tests that a simple update.json retrieval works as expected.
   add_update_test(HTTP, null, SUCCESS);
   add_update_test(HTTPS, null, DOWNLOAD_ERROR);
   add_update_test(NOCERT, null, DOWNLOAD_ERROR);
   add_update_test(SELFSIGNED, null, DOWNLOAD_ERROR);
   add_update_test(UNTRUSTED, null, DOWNLOAD_ERROR);
   add_update_test(EXPIRED, null, DOWNLOAD_ERROR);
--- a/toolkit/mozapps/extensions/test/browser/head.js
+++ b/toolkit/mozapps/extensions/test/browser/head.js
@@ -592,50 +592,47 @@ CategoryUtilities.prototype = {
     return log_callback(p, aCallback);
   },
 
   openType(aCategoryType, aCallback) {
     return this.open(this.get(aCategoryType), aCallback);
   },
 };
 
-function CertOverrideListener(host, bits) {
-  this.host = host;
-  this.bits = bits;
+// Returns a promise that will resolve when the certificate error override has been added, or reject
+// if there is some failure.
+function addCertOverride(host, bits) {
+  return new Promise((resolve, reject) => {
+    let req = new XMLHttpRequest();
+    req.open("GET", "https://" + host + "/");
+    req.onload = reject;
+    req.onerror = () => {
+      if (req.channel && req.channel.securityInfo) {
+        let securityInfo = req.channel.securityInfo.QueryInterface(Ci.nsITransportSecurityInfo);
+        if (securityInfo.serverCert) {
+          let cos = Cc["@mozilla.org/security/certoverride;1"]
+                      .getService(Ci.nsICertOverrideService);
+          cos.rememberValidityOverride(host, -1, securityInfo.serverCert, bits, false);
+          resolve();
+          return;
+        }
+      }
+      reject();
+    };
+    req.send(null);
+  });
 }
 
-CertOverrideListener.prototype = {
-  host: null,
-  bits: null,
-
-  getInterface(aIID) {
-    return this.QueryInterface(aIID);
-  },
-
-  QueryInterface: ChromeUtils.generateQI(["nsIBadCertListener2", "nsIInterfaceRequestor"]),
-
-  notifyCertProblem(socketInfo, secInfo, targetHost) {
-    var cert = secInfo.serverCert;
-    var cos = Cc["@mozilla.org/security/certoverride;1"].
-              getService(Ci.nsICertOverrideService);
-    cos.rememberValidityOverride(this.host, -1, cert, this.bits, false);
-    return true;
-  },
-};
-
-// Add overrides for the bad certificates
-function addCertOverride(host, bits) {
-  var req = new XMLHttpRequest();
-  try {
-    req.open("GET", "https://" + host + "/", false);
-    req.channel.notificationCallbacks = new CertOverrideListener(host, bits);
-    req.send(null);
-  } catch (e) {
-    // This request will fail since the SSL server is not trusted yet
-  }
+// Returns a promise that will resolve when the necessary certificate overrides have been added.
+function addCertOverrides() {
+  return Promise.all(
+    [addCertOverride("nocert.example.com", Ci.nsICertOverrideService.ERROR_MISMATCH),
+     addCertOverride("self-signed.example.com", Ci.nsICertOverrideService.ERROR_UNTRUSTED),
+     addCertOverride("untrusted.example.com", Ci.nsICertOverrideService.ERROR_UNTRUSTED),
+     addCertOverride("expired.example.com", Ci.nsICertOverrideService.ERROR_TIME)]);
 }
 
 /** *** Mock Provider *****/
 
 function MockProvider(aUseAsyncCallbacks, aTypes) {
   this.addons = [];
   this.installs = [];
   this.callbackTimers = [];