[Webkit-unassigned] [Bug 157884] [WebSockets] No infrastructure for testing secure web sockets (wss)

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu May 19 13:02:54 PDT 2016 

https://bugs.webkit.org/show_bug.cgi?id=157884

--- Comment #2 from Daniel Bates <dbates at webkit.org> ---
Created attachment 279418
  --> https://bugs.webkit.org/attachment.cgi?id=279418&action=review
Work-in-progress patch

Work-in-progress patch.

Adds support to webkitpy to start and stop a secure Web Socket server running on port 9323 using the certificate, private-key from file LayoutTests/http/conf/webkit-httpd.pem and adds a new test, LayoutTests/http/tests/websocket/tests/hybi/simple-wss.html, to test making a secure Web Socket connection. Also teaches run-webkit-httpd to start and stop the Web Socket servers.

We need to teach the Web Socket code to allow self-signed certificates/allow certificates with an invalid certificate chain when run in a testing environment similar to what we do to make HTTPS work in our testing environment. Otherwise, the test LayoutTests/http/tests/websocket/tests/hybi/simple-wss.html will fail with Web Inspector console message "WebSocket network error: OSStatus Error -9807: Invalid certificate chain". We also need to ensure that logic to extract the certificate and private key file from file LayoutTests/http/conf/webkit-httpd.pem works on Windows.

Until we teach the Web Socket code to allow self-signed certificates/allow certificates with an invalid certificate chain when run in a testing environment the SSL certificate will need to be trusted in order for the test LayoutTests/http/tests/websocket/tests/hybi/simple-wss.html to pass. On OS X, you can trust the WebKit Layout Tests certificate by performing the following:

1. Apply the patch.
2. Run script run-webkit-httpd.
3. In Safari, navigate to https://127.0.0.1:9323. When Safari presents the sheet "Safari can't verify the identity of the website “127.0.0.1”, check the checkbox Always trust “WebKit LayoutTests” when connecting to “127.0.0.1” and click the Continue button.

The certificate WebKit LayoutTests is now trusted and running test LayoutTests/http/tests/websocket/tests/hybi/simple-wss.html will pass:

Tools/Scripts/run-webkit-tests LayoutTests/http/tests/websocket/tests/hybi/simple-wss.html

To untrust WebKit LayoutTests, perform the following:

1. Open Keychain Access.
2. Ensure the keychain is unlocked. (If it is locked, then click the lock icon in the top left corner of the window and authenticate to unlock the keychain).
3. Click Certificates in the Category pane on the bottom left-side of the window to show the installed certificates.
4. Click WebKit LayoutTests in the list of Certificates to highlight it.
5. Press the delete key on the keyboard to delete it.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160519/8c5f52f5/attachment.html>

More information about the webkit-unassigned mailing list