mirror of
https://github.com/servo/servo.git
synced 2025-08-05 13:40:08 +01:00
Add command-line argument to use a custom SSL certificate database.
This commit is contained in:
Josh Matthews
parent
d7fb2cc27f
commit
dc99104f55
7 changed files with 36 additions and 13 deletions
|
|
@ -230,6 +230,9 @@ pub struct Opts {
|
|||
|
||||
/// Print the version and exit.
|
||||
pub is_printing_version: bool,
|
||||
|
||||
/// Path to SSL certificates.
|
||||
pub certificate_path: Option<String>,
|
||||
}
|
||||
|
||||
fn print_usage(app: &str, opts: &Options) {
|
||||
|
|
@ -566,6 +569,7 @@ pub fn default_opts() -> Opts {
|
|||
webrender_record: false,
|
||||
precache_shaders: false,
|
||||
signpost: false,
|
||||
certificate_path: None,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -615,6 +619,7 @@ pub fn from_cmdline_args(args: &[String]) -> ArgumentParsingResult {
|
|||
"A comma-separated string of debug options. Pass help to show available options.", "");
|
||||
opts.optflag("h", "help", "Print this message");
|
||||
opts.optopt("", "resources-path", "Path to find static resources", "/home/servo/resources");
|
||||
opts.optopt("", "certificate-path", "Path to find SSL certificates", "/home/servo/resources/certs");
|
||||
opts.optopt("", "content-process" , "Run as a content process and connect to the given pipe",
|
||||
"servo-ipc-channel.abcdefg");
|
||||
opts.optmulti("", "pref",
|
||||
|
|
@ -868,6 +873,7 @@ pub fn from_cmdline_args(args: &[String]) -> ArgumentParsingResult {
|
|||
webrender_record: debug_options.webrender_record,
|
||||
precache_shaders: debug_options.precache_shaders,
|
||||
signpost: debug_options.signpost,
|
||||
certificate_path: opt_match.opt_str("certificate-path"),
|
||||
};
|
||||
|
||||
set_defaults(opts);
|
||||
|
|
|
|||
|
|
@ -7,16 +7,12 @@ use hyper::net::HttpsConnector;
|
|||
use hyper_openssl::OpensslClient;
|
||||
use openssl::ssl::{SSL_OP_NO_COMPRESSION, SSL_OP_NO_SSLV2, SSL_OP_NO_SSLV3};
|
||||
use openssl::ssl::{SslConnectorBuilder, SslMethod};
|
||||
use servo_config::resource_files::resources_dir_path;
|
||||
use std::path::PathBuf;
|
||||
use std::sync::Arc;
|
||||
|
||||
pub type Connector = HttpsConnector<OpensslClient>;
|
||||
|
||||
pub fn create_ssl_client(certificate_file: &str) -> OpensslClient {
|
||||
let ca_file = &resources_dir_path()
|
||||
.expect("Need certificate file to make network requests")
|
||||
.join(certificate_file);
|
||||
|
||||
pub fn create_ssl_client(ca_file: &PathBuf) -> OpensslClient {
|
||||
let mut ssl_connector_builder = SslConnectorBuilder::new(SslMethod::tls()).unwrap();
|
||||
{
|
||||
let context = ssl_connector_builder.builder_mut();
|
||||
|
|
|
|||
|
|
@ -25,6 +25,8 @@ use net_traits::storage_thread::StorageThreadMsg;
|
|||
use profile_traits::time::ProfilerChan;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use serde_json;
|
||||
use servo_config::opts;
|
||||
use servo_config::resource_files::resources_dir_path;
|
||||
use servo_url::ServoUrl;
|
||||
use std::borrow::{Cow, ToOwned};
|
||||
use std::collections::HashMap;
|
||||
|
|
@ -108,13 +110,21 @@ fn create_resource_groups(config_dir: Option<&Path>)
|
|||
auth_cache: RwLock::new(auth_cache),
|
||||
hsts_list: RwLock::new(hsts_list),
|
||||
};
|
||||
let ssl_client = create_ssl_client("certs");
|
||||
|
||||
let ca_file = match opts::get().certificate_path {
|
||||
Some(ref path) => PathBuf::from(path),
|
||||
None => resources_dir_path()
|
||||
.expect("Need certificate file to make network requests")
|
||||
.join("certs"),
|
||||
};
|
||||
let ssl_client = create_ssl_client(&ca_file);
|
||||
|
||||
let resource_group = ResourceGroup {
|
||||
http_state: Arc::new(http_state),
|
||||
ssl_client: ssl_client.clone(),
|
||||
connector: create_http_connector(ssl_client.clone()),
|
||||
};
|
||||
let private_ssl_client = create_ssl_client("certs");
|
||||
let private_ssl_client = create_ssl_client(&ca_file);
|
||||
let private_resource_group = ResourceGroup {
|
||||
http_state: Arc::new(HttpState::new()),
|
||||
ssl_client: private_ssl_client.clone(),
|
||||
|
|
|
|||
|
|
@ -530,7 +530,8 @@ fn test_fetch_with_hsts() {
|
|||
//takes an address and something that implements hyper::net::Ssl
|
||||
let mut server = Server::https("0.0.0.0:0", ssl).unwrap().handle_threads(handler, 1).unwrap();
|
||||
|
||||
let ssl_client = create_ssl_client("self_signed_certificate_for_testing.crt");
|
||||
let ca_file = resources_dir_path().unwrap().join("self_signed_certificate_for_testing.crt");
|
||||
let ssl_client = create_ssl_client(&ca_file);
|
||||
let connector = create_http_connector(ssl_client);
|
||||
|
||||
let context = FetchContext {
|
||||
|
|
|
|||
|
|
@ -42,6 +42,7 @@ use net::test::HttpState;
|
|||
use net_traits::FetchTaskTarget;
|
||||
use net_traits::request::Request;
|
||||
use net_traits::response::Response;
|
||||
use servo_config::resource_files::resources_dir_path;
|
||||
use servo_url::ServoUrl;
|
||||
use std::sync::Arc;
|
||||
use std::sync::mpsc::{Sender, channel};
|
||||
|
|
@ -53,7 +54,8 @@ struct FetchResponseCollector {
|
|||
}
|
||||
|
||||
fn new_fetch_context(dc: Option<Sender<DevtoolsControlMsg>>) -> FetchContext {
|
||||
let ssl_client = create_ssl_client("certs");
|
||||
let ca_file = resources_dir_path().unwrap().join("certs");
|
||||
let ssl_client = create_ssl_client(&ca_file);
|
||||
let connector = create_http_connector(ssl_client);
|
||||
FetchContext {
|
||||
state: Arc::new(HttpState::new()),
|
||||
|
|
|
|||
|
|
@ -32,7 +32,8 @@ def browser_kwargs(**kwargs):
|
|||
"debug_info": kwargs["debug_info"],
|
||||
"binary_args": kwargs["binary_args"],
|
||||
"user_stylesheets": kwargs.get("user_stylesheets"),
|
||||
"render_backend": kwargs.get("servo_backend")}
|
||||
"render_backend": kwargs.get("servo_backend"),
|
||||
"ca_certificate_path": kwargs["ssl_env"].ca_cert_path()}
|
||||
|
||||
|
||||
def executor_kwargs(test_type, server_config, cache_manager, run_info_data,
|
||||
|
|
@ -65,17 +66,19 @@ def render_arg(render_backend):
|
|||
|
||||
class ServoBrowser(NullBrowser):
|
||||
def __init__(self, logger, binary, debug_info=None, binary_args=None,
|
||||
user_stylesheets=None, render_backend="webrender"):
|
||||
user_stylesheets=None, render_backend="webrender", ca_certificate_path=None):
|
||||
NullBrowser.__init__(self, logger)
|
||||
self.binary = binary
|
||||
self.debug_info = debug_info
|
||||
self.binary_args = binary_args or []
|
||||
self.user_stylesheets = user_stylesheets or []
|
||||
self.render_backend = render_backend
|
||||
self.ca_certificate_path = ca_certificate_path
|
||||
|
||||
def executor_browser(self):
|
||||
return ExecutorBrowser, {"binary": self.binary,
|
||||
"debug_info": self.debug_info,
|
||||
"binary_args": self.binary_args,
|
||||
"user_stylesheets": self.user_stylesheets,
|
||||
"render_backend": self.render_backend}
|
||||
"render_backend": self.render_backend,
|
||||
"ca_certificate_path": self.ca_certificate_path}
|
||||
|
|
|
|||
|
|
@ -86,6 +86,8 @@ class ServoTestharnessExecutor(ProcessTestExecutor):
|
|||
args += ["--user-stylesheet", stylesheet]
|
||||
for pref, value in test.environment.get('prefs', {}).iteritems():
|
||||
args += ["--pref", "%s=%s" % (pref, value)]
|
||||
if self.browser.ca_certificate_path:
|
||||
args += ["--certificate-path", self.browser.ca_certificate_path]
|
||||
args += self.browser.binary_args
|
||||
debug_args, command = browser_command(self.binary, args, self.debug_info)
|
||||
|
||||
|
|
@ -226,6 +228,9 @@ class ServoRefTestExecutor(ProcessTestExecutor):
|
|||
|
||||
command += ["--resolution", viewport_size or "800x600"]
|
||||
|
||||
if self.browser.ca_certificate_path:
|
||||
command += ["--certificate-path", self.browser.ca_certificate_path]
|
||||
|
||||
if dpi:
|
||||
command += ["--device-pixel-ratio", dpi]
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue