bcarrella
/
cef
mirror of https://bitbucket.org/chromiumembedded/cef
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Support configuration of the CefTestServer certificate type (see issue #3348)

This commit is contained in:
Marshall Greenblatt 2022-08-04 12:37:12 -04:00
parent dcd4a0077c
commit 18dac30874
13 changed files with 86 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cef_paths2.gypi
View File

@ -457,7 +457,9 @@
'tests/cefsimple/simple_handler_linux.cc',
],
'ceftests_data_resources': [
'tests/ceftests/resources/net/data/ssl/certificates/expired_cert.pem',
'tests/ceftests/resources/net/data/ssl/certificates/localhost_cert.pem',
'tests/ceftests/resources/net/data/ssl/certificates/ok_cert.pem',
'tests/ceftests/resources/net/data/ssl/certificates/root_ca_cert.pem',
],
'ceftests_sources_common': [

9
include/capi/test/cef_test_server_capi.h
View File

@ -33,7 +33,7 @@
// by hand. See the translator.README.txt file in the tools directory for
// more information.
//
// $hash=e95435aed845767b3c7253547d253cabe44f88cb$
// $hash=25eed585e3c8deea88f194fbfb8aca923c778892$
//
#ifndef CEF_INCLUDE_CAPI_TEST_CEF_TEST_SERVER_CAPI_H_
@ -90,8 +90,10 @@ typedef struct _cef_test_server_t {
///
// Create and start a new test server that binds to |port|. If |port| is 0 an
// available port number will be selected. If |https_server| is true (1) the
// server will be HTTPS, otherwise it will be HTTP. Returns the newly created
// server object on success, or nullptr if the server cannot be started.
// server will be HTTPS, otherwise it will be HTTP. When |https_server| is true
// (1) the |https_cert_type| value is used to configure the certificate type.
// Returns the newly created server object on success, or nullptr if the server
// cannot be started.
//
// A new thread will be created for each CreateAndStart call (the "dedicated
// server thread"). It is therefore recommended to use a different
@ -104,6 +106,7 @@ typedef struct _cef_test_server_t {
CEF_EXPORT cef_test_server_t* cef_test_server_create_and_start(
uint16 port,
int https_server,
cef_test_cert_type_t https_cert_type,
struct _cef_test_server_handler_t* handler);
///

8
include/cef_api_hash.h
View File

@ -42,13 +42,13 @@
// way that may cause binary incompatibility with other builds. The universal
// hash value will change if any platform is affected whereas the platform hash
// values will change only if that particular platform is affected.
#define CEF_API_HASH_UNIVERSAL "44bd5636f7e831a459d22b9b28ed8bfe233e88b2"
#define CEF_API_HASH_UNIVERSAL "44197292401010f8fce5b053733edd8642d01095"
#if defined(OS_WIN)
#define CEF_API_HASH_PLATFORM "31c7becd3dfaad2dd49331127ae3b15cf20677d8"
#define CEF_API_HASH_PLATFORM "95bf7fa1356070be95b7a6fee958355c6619fb63"
#elif defined(OS_MAC)
#define CEF_API_HASH_PLATFORM "33a65ab4d7adf95184cfc6216d9101360ec55d07"
#define CEF_API_HASH_PLATFORM "8ec5426d7aa0418fca147380e97623a49cd8eaf4"
#elif defined(OS_LINUX)
#define CEF_API_HASH_PLATFORM "1bae56c928de4d52851dc312cde21d31b776dcfb"
#define CEF_API_HASH_PLATFORM "b2cbc2e6a3048d2415566d35ba434967fd796491"
#endif
#ifdef __cplusplus

17
include/internal/cef_types.h
View File

@ -3371,6 +3371,23 @@ typedef enum {
CEF_PERMISSION_RESULT_IGNORE,
} cef_permission_request_result_t;
///
// Certificate types supported by CefTestServer::CreateAndStart. The matching
// certificate file must exist in the "net/data/ssl/certificates" directory.
// See CefSetDataDirectoryForTests() for related configuration.
///
typedef enum {
// Valid certificate using the IP (127.0.0.1). Loads the "ok_cert.pem" file.
CEF_TEST_CERT_OK_IP,
// Valid certificate using the domain ("localhost"). Loads the
// "localhost_cert.pem" file.
CEF_TEST_CERT_OK_DOMAIN,
// Expired certificate. Loads the "expired_cert.pem" file.
CEF_TEST_CERT_EXPIRED,
} cef_test_cert_type_t;
#ifdef __cplusplus
}
#endif

7
include/test/cef_test_server.h
View File

@ -71,8 +71,10 @@ class CefTestServer : public CefBaseRefCounted {
///
// Create and start a new test server that binds to |port|. If |port| is 0 an
// available port number will be selected. If |https_server| is true the
// server will be HTTPS, otherwise it will be HTTP. Returns the newly created
// server object on success, or nullptr if the server cannot be started.
// server will be HTTPS, otherwise it will be HTTP. When |https_server| is
// true the |https_cert_type| value is used to configure the certificate type.
// Returns the newly created server object on success, or nullptr if the
// server cannot be started.
//
// A new thread will be created for each CreateAndStart call (the "dedicated
// server thread"). It is therefore recommended to use a different
@ -86,6 +88,7 @@ class CefTestServer : public CefBaseRefCounted {
static CefRefPtr<CefTestServer> CreateAndStart(
uint16 port,
bool https_server,
cef_test_cert_type_t https_cert_type,
CefRefPtr<CefTestServerHandler> handler);
///

27
libcef/browser/test/test_server_impl.cc
View File

@ -172,7 +172,9 @@ class CefTestServerImpl::Context {
DCHECK(!test_server_);
}
bool Start(uint16 port, bool https_server) {
bool Start(uint16 port,
bool https_server,
cef_test_cert_type_t https_cert_type) {
DCHECK(thread_checker_.CalledOnValidThread());
DCHECK(!test_server_);
@ -185,10 +187,18 @@ class CefTestServerImpl::Context {
base::BindRepeating(&Context::HandleRequest, base::Unretained(this)));
if (https_server) {
// Use a "localhost" domain certificate instead of IP address. This is
// required for HSTS tests (see https://crbug.com/456712).
test_server_->SetSSLConfig(
EmbeddedTestServer::CERT_COMMON_NAME_IS_DOMAIN);
switch (https_cert_type) {
case CEF_TEST_CERT_OK_IP:
// Default value.
break;
case CEF_TEST_CERT_OK_DOMAIN:
test_server_->SetSSLConfig(
EmbeddedTestServer::CERT_COMMON_NAME_IS_DOMAIN);
break;
case CEF_TEST_CERT_EXPIRED:
test_server_->SetSSLConfig(EmbeddedTestServer::CERT_EXPIRED);
break;
}
}
test_server_handle_ =
@ -241,10 +251,11 @@ class CefTestServerImpl::Context {
bool CefTestServerImpl::Start(uint16 port,
bool https_server,
cef_test_cert_type_t https_cert_type,
CefRefPtr<CefTestServerHandler> handler) {
DCHECK(!context_);
context_ = std::make_unique<CefTestServerImpl::Context>(this, handler);
if (context_->Start(port, https_server)) {
if (context_->Start(port, https_server, https_cert_type)) {
const auto& origin = context_->origin().spec();
// Remove the trailing '/'
origin_ = origin.substr(0, origin.length() - 1);
@ -269,9 +280,11 @@ CefString CefTestServerImpl::GetOrigin() {
CefRefPtr<CefTestServer> CefTestServer::CreateAndStart(
uint16 port,
bool https_server,
cef_test_cert_type_t https_cert_type,
CefRefPtr<CefTestServerHandler> handler) {
CefRefPtr<CefTestServerImpl> server(new CefTestServerImpl());
if (server->Start(port, https_server, handler))
if (server->Start(port, https_server, https_cert_type, handler)) {
return server;
}
return nullptr;
}

1
libcef/browser/test/test_server_impl.h
View File

@ -19,6 +19,7 @@ class CefTestServerImpl : public CefTestServer {
bool Start(uint16 port,
bool https_server,
cef_test_cert_type_t https_cert_type,
CefRefPtr<CefTestServerHandler> handler);
// CefTestServer methods:

9
libcef_dll/cpptoc/test/test_server_cpptoc.cc
View File

@ -9,7 +9,7 @@
// implementations. See the translator.README.txt file in the tools directory
// for more information.
//
// $hash=ff1da376e035d2eda9050f4d68b39b9e7e7d368e$
// $hash=77804eaa33c7102c39f0748006ecc52d97b7265b$
//
#include "libcef_dll/cpptoc/test/test_server_cpptoc.h"
@ -21,6 +21,7 @@
CEF_EXPORT cef_test_server_t* cef_test_server_create_and_start(
uint16 port,
int https_server,
cef_test_cert_type_t https_cert_type,
struct _cef_test_server_handler_t* handler) {
shutdown_checker::AssertNotShutdown();
@ -32,9 +33,9 @@ CEF_EXPORT cef_test_server_t* cef_test_server_create_and_start(
return NULL;
// Execute
CefRefPtr<CefTestServer> _retval =
CefTestServer::CreateAndStart(port, https_server ? true : false,
CefTestServerHandlerCToCpp::Wrap(handler));
CefRefPtr<CefTestServer> _retval = CefTestServer::CreateAndStart(
port, https_server ? true : false, https_cert_type,
CefTestServerHandlerCToCpp::Wrap(handler));
// Return type: refptr_same
return CefTestServerCppToC::Wrap(_retval);

6
libcef_dll/ctocpp/test/test_server_ctocpp.cc
View File

@ -9,7 +9,7 @@
// implementations. See the translator.README.txt file in the tools directory
// for more information.
//
// $hash=3cb71639ce1fb2986ca0d8ff437b0264d550d784$
// $hash=b1e385f731e29be4d248472e9d3b86e84ef29136$
//
#include "libcef_dll/ctocpp/test/test_server_ctocpp.h"
@ -22,6 +22,7 @@ NO_SANITIZE("cfi-icall")
CefRefPtr<CefTestServer> CefTestServer::CreateAndStart(
uint16 port,
bool https_server,
cef_test_cert_type_t https_cert_type,
CefRefPtr<CefTestServerHandler> handler) {
shutdown_checker::AssertNotShutdown();
@ -34,7 +35,8 @@ CefRefPtr<CefTestServer> CefTestServer::CreateAndStart(
// Execute
cef_test_server_t* _retval = cef_test_server_create_and_start(
port, https_server, CefTestServerHandlerCppToC::Wrap(handler));
port, https_server, https_cert_type,
CefTestServerHandlerCppToC::Wrap(handler));
// Return type: refptr_same
return CefTestServerCToCpp::Wrap(_retval);

7
libcef_dll/wrapper/libcef_dll_dylib.cc
View File

@ -9,7 +9,7 @@
// implementations. See the translator.README.txt file in the tools directory
// for more information.
//
// $hash=b0d09c42b0c401cc3e9a8f0cfe93e464c6b7b34c$
// $hash=93d56886080f7dc864034a17ce1f794198b14259$
//
#include <dlfcn.h>
@ -1154,9 +1154,10 @@ NO_SANITIZE("cfi-icall")
struct _cef_test_server_t* cef_test_server_create_and_start(
uint16 port,
int https_server,
cef_test_cert_type_t https_cert_type,
struct _cef_test_server_handler_t* handler) {
return g_libcef_pointers.cef_test_server_create_and_start(port, https_server,
handler);
return g_libcef_pointers.cef_test_server_create_and_start(
port, https_server, https_cert_type, handler);
}
NO_SANITIZE("cfi-icall")

10
tests/ceftests/test_server_runner_test.cc
View File

@ -31,8 +31,14 @@ class ServerHandler : public CefTestServerHandler {
// Use any available port number for HTTPS and the legacy port number for
// HTTP.
server_ = CefTestServer::CreateAndStart(https_server_ ? 0 : kHttpServerPort,
https_server_, this);
const uint16 port = https_server_ ? 0 : kHttpServerPort;
// Use a "localhost" domain certificate instead of IP address. This is
// required for HSTS tests (see https://crbug.com/456712).
const auto cert_type = CEF_TEST_CERT_OK_DOMAIN;
server_ =
CefTestServer::CreateAndStart(port, https_server_, cert_type, this);
// Always execute asynchronously.
CefPostTask(TID_UI, base::BindOnce(&ServerHandler::NotifyServerCreated,

3
tests/ceftests/test_server_unittest.cc
View File

@ -81,7 +81,8 @@ class TestServerHandler : public CefTestServerHandler {
https_server_ = https_server;
// Blocks until the server is created.
server_ = CefTestServer::CreateAndStart(/*port=*/0, https_server, this);
server_ = CefTestServer::CreateAndStart(/*port=*/0, https_server,
CEF_TEST_CERT_OK_DOMAIN, this);
origin_ = server_->GetOrigin();
EXPECT_TRUE(VerifyOrigin(origin_));

8
tools/distrib/transfer.cfg
View File

@ -14,10 +14,18 @@
'source' : '../net/base/net_error_list.h',
'target' : 'include/base/internal/cef_net_error_list.h',
},
{
'source' : '../net/data/ssl/certificates/expired_cert.pem',
'target' : 'tests/ceftests/resources/net/data/ssl/certificates/expired_cert.pem',
},
{
'source' : '../net/data/ssl/certificates/localhost_cert.pem',
'target' : 'tests/ceftests/resources/net/data/ssl/certificates/localhost_cert.pem',
},
{
'source' : '../net/data/ssl/certificates/ok_cert.pem',
'target' : 'tests/ceftests/resources/net/data/ssl/certificates/ok_cert.pem',
},
{
'source' : '../net/data/ssl/certificates/root_ca_cert.pem',
'target' : 'tests/ceftests/resources/net/data/ssl/certificates/root_ca_cert.pem',