def test_bind_tmpdir(self):
#remove socket dirs from default arguments temporarily:
saved_default_xpra_args = ServerSocketsTest.default_xpra_args
ServerSocketsTest.default_xpra_args = [x for x in saved_default_xpra_args if not x.startswith("--socket-dir")] + ["--socket-dirs=/tmp"]
for _ in range(100):
log("")
try:
tmpdir = tempfile.mkdtemp(suffix='xpra')
#run with this extra socket-dir:
args = ["--socket-dir=%s" % tmpdir]
#tell the client about it, or don't - both cases should work:
#(it will also use the default socket dirs)
self._test_connect(args, "none", args, None, ":", EXIT_OK)
self._test_connect(args, "none", [], None, ":", EXIT_OK)
#now run with ONLY this socket dir:
ServerSocketsTest.default_xpra_args = [x for x in saved_default_xpra_args if not x.startswith("--socket-dir")]
args = ["--socket-dirs=%s" % tmpdir]
#tell the client:
self._test_connect(args, "none", args, None, ":", EXIT_OK)
#if the client doesn't know about the socket location, it should fail:
self._test_connect(args, "none", [], None, ":", EXIT_CONNECTION_LOST)
#use the exact path to the socket:
from xpra.platform.dotxpra_common import PREFIX
self._test_connect(args, "none", [], None, "socket:"+os.path.join(tmpdir, PREFIX))
finally:
ServerSocketsTest.default_xpra_args = saved_default_xpra_args
shutil.rmtree(tmpdir)
def _test_connect(self, server_args=(), auth="none", client_args=(), password=None, uri_prefix=":", exit_code=0):
display_no = self.find_free_display_no()
display = ":%s" % display_no
log("starting test server on %s", display)
server = self.start_server(display, "--auth=%s" % auth, "--printing=no", *server_args)
#we should always be able to get the version:
uri = uri_prefix + str(display_no)
client = self.run_xpra(["version", uri] + server_args)
if pollwait(client, 5)!=0:
r = client.poll()
if client.poll() is None:
client.terminate()
raise Exception("version client failed to connect, returned %s" % estr(r))
#try to connect
cmd = ["connect-test", uri] + client_args
f = None
if password:
f = self._temp_file(password)
cmd += ["--password-file=%s" % f.name]
cmd += ["--challenge-handlers=file:filename=%s" % f.name]
client = self.run_xpra(cmd)
r = pollwait(client, 10)
if f:
f.close()
if client.poll() is None:
client.terminate()
server.terminate()
if r!=exit_code:
raise Exception("expected info client to return %s but got %s" % (estr(exit_code), estr(r)))
def test_proxy_start_stop(self):
display = self.find_free_display()
log("using free display=%s" % display)
proxy = self.run_xpra(["proxy", display, "--no-daemon"])
assert pollwait(proxy, 5) is None, "proxy failed to start"
assert display in self.dotxpra.displays(), "proxy display not found"
self.check_stop_server(proxy, "stop", display)
def _test_auth(self,
auth="fail",
uri_prefix="",
exit_code=0,
password=None):
display = self.find_free_display()
log("starting test server on %s", display)
server = self.check_start_server(display, "--auth=%s" % auth,
"--printing=no")
#we should always be able to get the version:
client = self.run_xpra(["version", uri_prefix + display])
assert pollwait(client, 5) == 0, "version client failed to connect"
if client.poll() is None:
client.terminate()
#try to connect
cmd = ["info", uri_prefix + display]
f = None
if password:
f = self._temp_file(password)
cmd += ["--password-file=%s" % f.name]
client = self.run_xpra(cmd)
r = pollwait(client, 5)
if f:
f.close()
if client.poll() is None:
client.terminate()
server.terminate()
assert r == exit_code, "expected info client to return %s but got %s" % (
exit_code, r)
def test_bind_tmpdir(self):
#remove socket dirs from default arguments temporarily:
saved_default_xpra_args = ServerSocketsTest.default_xpra_args
ServerSocketsTest.default_xpra_args = [
x for x in saved_default_xpra_args
if not x.startswith("--socket-dir")
] + ["--socket-dirs=/tmp"]
for _ in range(100):
log("")
try:
tmpdir = tempfile.mkdtemp(suffix='xpra')
#run with this extra socket-dir:
args = ["--socket-dir=%s" % tmpdir]
#tell the client about it, or don't - both cases should work:
#(it will also use the default socket dirs)
self._test_connect(args, "none", args, None, ":", EXIT_OK)
self._test_connect(args, "none", [], None, ":", EXIT_OK)
#now run with ONLY this socket dir:
ServerSocketsTest.default_xpra_args = [
x for x in saved_default_xpra_args
if not x.startswith("--socket-dir")
]
args = ["--socket-dirs=%s" % tmpdir]
#tell the client:
self._test_connect(args, "none", args, None, ":", EXIT_OK)
#if the client doesn't know about the socket location, it should fail:
self._test_connect(args, "none", [], None, ":",
EXIT_CONNECTION_LOST)
#use the exact path to the socket:
from xpra.platform.dotxpra_common import PREFIX
self._test_connect(args, "none", [], None,
"socket:" + os.path.join(tmpdir, PREFIX))
finally:
ServerSocketsTest.default_xpra_args = saved_default_xpra_args
shutil.rmtree(tmpdir)
def _test_connect(self,
server_args=[],
auth="none",
client_args=[],
password=None,
uri_prefix=":",
exit_code=0):
display_no = self.find_free_display_no()
display = ":%s" % display_no
log("starting test server on %s", display)
server = self.start_server(display, "--auth=%s" % auth,
"--printing=no", *server_args)
#we should always be able to get the version:
uri = uri_prefix + str(display_no)
client = self.run_xpra(["version", uri] + server_args)
assert pollwait(client, 5) == 0, "version client failed to connect"
if client.poll() is None:
client.terminate()
#try to connect
cmd = ["connect-test", uri] + client_args
f = None
if password:
f = self._temp_file(password)
cmd += ["--password-file=%s" % f.name]
client = self.run_xpra(cmd)
r = pollwait(client, 5)
if f:
f.close()
assert r == exit_code, "expected info client to return %s but got %s" % (
exit_code, client.poll())
if client.poll() is None:
client.terminate()
server.terminate()
def test_unicode(self):
from xpra.x11.bindings.keyboard_bindings import X11KeyboardBindings #@UnresolvedImport
keyboard_bindings = X11KeyboardBindings()
for x in (
"2030",
"0005",
"0010",
"220F",
"2039",
"2211",
"2248",
"FB01",
"F8FF",
"203A",
"FB02",
"02C6",
"02DA",
"02DC",
"2206",
"2044",
"25CA",
):
#hex form:
hk = keyboard_bindings.parse_keysym("0x" + x)
#osx U+ form:
uk = keyboard_bindings.parse_keysym("U+" + x)
log("keysym(U+%s)=%#x, keysym(0x%s)=%#x", x, uk, x, hk)
assert hk and uk
assert uk == hk, "failed to get unicode keysym %s" % x
def _test_connect(self, server_args=[], auth="none", client_args=[], password=None, uri_prefix=":", exit_code=0):
display_no = self.find_free_display_no()
display = ":%s" % display_no
log("starting test server on %s", display)
server = self.start_server(display, "--auth=%s" % auth, "--printing=no", *server_args)
#we should always be able to get the version:
uri = uri_prefix + str(display_no)
client = self.run_xpra(["version", uri] + server_args)
assert pollwait(client, 5)==0, "version client failed to connect"
if client.poll() is None:
client.terminate()
#try to connect
cmd = ["connect-test", uri] + client_args
f = None
if password:
f = self._temp_file(password)
cmd += ["--password-file=%s" % f.name]
client = self.run_xpra(cmd)
r = pollwait(client, 5)
if f:
f.close()
assert r==exit_code, "expected info client to return %s but got %s" % (exit_code, client.poll())
if client.poll() is None:
client.terminate()
server.terminate()
def stop_server(cls, server_proc, subcommand="stop", *connect_args):
log("stop_server%s", (server_proc, subcommand, connect_args))
if server_proc.poll():
return
server_proc.terminate()
assert pollwait(
server_proc
) is not None, "server process %s failed to exit" % server_proc
def test_proxy_start_stop(self):
display = self.find_free_display()
log("using free display=%s" % display)
cmd = ["proxy", display, "--no-daemon"]
cmdstr = " ".join("'%s'" % c for c in cmd)
proxy = self.run_xpra(cmd)
assert pollwait(proxy, 5) is None, "proxy failed to start with cmd=%s" % cmdstr
assert display in self.dotxpra.displays(), "proxy display not found"
self.check_stop_server(proxy, "stop", display)
def test_ssl_socket(self):
server = None
display_no = self.find_free_display_no()
display = ":%s" % display_no
tcp_port = get_free_tcp_port()
ssl_port = get_free_tcp_port()
try:
tmpdir = tempfile.mkdtemp(suffix='ssl-xpra')
certfile = os.path.join(tmpdir, "self.pem")
openssl_command = [
"openssl", "req", "-new", "-newkey", "rsa:4096", "-days", "2", "-nodes", "-x509",
"-subj", "/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost",
"-keyout", certfile, "-out", certfile,
]
openssl = self.run_command(openssl_command)
assert pollwait(openssl, 10)==0, "openssl certificate generation failed"
cert_data = load_binary_file(certfile)
log("generated cert data: %s", repr_ellipsized(cert_data))
if not cert_data:
#cannot run openssl? (happens from rpmbuild)
log.warn("SSL test skipped, cannot run '%s'", b" ".join(openssl_command))
return
server_args = [
"--bind-tcp=0.0.0.0:%i" % tcp_port,
"--bind-ssl=0.0.0.0:%i" % ssl_port,
"--ssl=on",
"--ssl-cert=%s" % certfile]
log("starting test ssl server on %s", display)
server = self.start_server(display, *server_args)
#test it with openssl client:
for port in (tcp_port, ssl_port):
openssl_verify_command = "openssl s_client -connect 127.0.0.1:%i -CAfile %s < /dev/null" % (port, certfile)
openssl = self.run_command(openssl_verify_command, shell=True)
assert pollwait(openssl, 10)==0, "openssl certificate verification failed"
def test_connect(uri, exit_code, *client_args):
cmd = ["info", uri] + list(client_args)
client = self.run_xpra(cmd)
r = pollwait(client, 5)
if client.poll() is None:
client.terminate()
assert r==exit_code, "expected info client to return %s but got %s" % (exit_code, client.poll())
noverify = "--ssl-server-verify-mode=none"
#connect to ssl socket:
test_connect("ssl/127.0.0.1:%i/" % ssl_port, EXIT_OK, noverify)
#tcp socket should upgrade:
test_connect("ssl/127.0.0.1:%i/" % tcp_port, EXIT_OK, noverify)
#self signed cert should fail without noverify:
test_connect("ssl/127.0.0.1:%i/" % ssl_port, EXIT_CONNECTION_LOST)
test_connect("ssl/127.0.0.1:%i/" % tcp_port, EXIT_CONNECTION_LOST)
finally:
shutil.rmtree(tmpdir)
if server:
server.terminate()
def do_run_client(self, client_display, *args):
from xpra.x11.vfb_util import xauth_add
xauth_add(client_display)
env = self.get_run_env()
env["DISPLAY"] = client_display
global uq
env["XPRA_LOG_PREFIX"] = "client %i: " % uq
uq +=1
log("starting test client on Xvfb %s", client_display)
return self.run_xpra(["attach"] + list(args) , env)
def do_run_client(self, client_display, *args):
from xpra.scripts.server import xauth_add
xauth_add(client_display)
env = self.get_run_env()
env["DISPLAY"] = client_display
global uq
env["XPRA_LOG_PREFIX"] = "client %i: " % uq
uq +=1
log("starting test client on Xvfb %s", client_display)
return self.run_xpra(["attach"] + list(args) , env)
def stop_server(self, server_proc, subcommand, *connect_args):
if WIN32:
super().stop_server(server_proc, subcommand, *connect_args)
return
log("stop_server%s", (server_proc, subcommand, connect_args))
if server_proc.poll() is not None:
return
server_proc.terminate()
assert pollwait(
server_proc
) is not None, "server process %s failed to exit" % server_proc
def setUp(self):
ServerTestUtil.setUp(self)
if POSIX and not OSX:
#display used by the client:
if not self.client_display:
self.client_display = self.find_free_display()
self.client_xvfb = self.start_Xvfb(self.client_display)
log("ServerMixinsOptionTest.setUpClass() client display=%s, xvfb=%s", self.client_display, self.client_xvfb)
if VFB_INITIAL_RESOLUTION:
xrandr = ["xrandr", "-s", VFB_INITIAL_RESOLUTION, "--display", self.client_display]
self.run_command(xrandr)
def do_run_client(self, client_display, *args):
from xpra.x11.vfb_util import xauth_add
xauth_data = get_hex_uuid()
xauth_add(self.default_env["XAUTHORITY"], client_display, xauth_data,
os.getuid(), os.getgid())
env = self.get_run_env()
env["DISPLAY"] = client_display
global uq
env["XPRA_LOG_PREFIX"] = "client %i: " % uq
uq += 1
log("starting test client on Xvfb %s", client_display)
return self.run_xpra(["attach"] + list(args), env)
def _test_all(self, subcommand="start"):
#to test all:
#TEST_VALUES = range(0, 2**len(OPTIONS)-1)
#to test nothing disabled and everything disabled only:
TEST_VALUES = (0, 2**len(OPTIONS) - 1)
#test every option disabled individually:
#TEST_VALUES = tuple(2**i for i in range(len(OPTIONS)))
for i in TEST_VALUES:
options = {}
for o, option in enumerate(OPTIONS):
options[option] = not bool((2**o) & i)
log("test options for %i: %s", i, options)
self._test(subcommand, options=options)
def do_run_client(self, client_display, *args):
from xpra.x11.vfb_util import xauth_add
xauth_data = get_hex_uuid()
xauthority = self.default_env.get("XAUTHORITY",
osexpand("~/.Xauthority"))
xauth_add(xauthority, client_display, xauth_data, os.getuid(),
os.getgid())
env = self.get_run_env()
env["DISPLAY"] = client_display
env["XPRA_LOG_PREFIX"] = "client %i: " % X11ClientTestUtil.uq
X11ClientTestUtil.uq += 1
log("starting test client on Xvfb %s", client_display)
return self.run_xpra(["attach"] + list(args), env=env)
def _test_connect(self,
server_args=(),
auth="none",
client_args=(),
password=None,
uri_prefix=DISPLAY_PREFIX,
exit_code=0):
display_no = self.find_free_display_no()
display = ":%s" % display_no
log("starting test server on %s", display)
server = self.start_server(display, "--auth=%s" % auth,
"--printing=no", *server_args)
#we should always be able to get the version:
uri = uri_prefix + str(display_no)
start = monotonic_time()
while True:
client = self.run_xpra(["version", uri] + server_args)
r = pollwait(client, CONNECT_WAIT)
if r == 0:
break
if r is None:
client.terminate()
if monotonic_time() - start > SUBPROCESS_WAIT:
raise Exception(
"version client failed to connect, returned %s" % estr(r))
#try to connect
cmd = ["connect-test", uri] + client_args
f = None
if password:
f = self._temp_file(password)
cmd += ["--password-file=%s" % f.name]
cmd += ["--challenge-handlers=file:filename=%s" % f.name]
client = self.run_xpra(cmd)
r = pollwait(client, SUBPROCESS_WAIT)
if f:
f.close()
if r is None:
client.terminate()
server.terminate()
if r != exit_code:
log.error("Exit code mismatch")
log.error(" server args=%s", server_args)
log.error(" client args=%s", client_args)
if r is None:
raise Exception(
"expected info client to return %s but it is still running"
% (estr(exit_code), ))
raise Exception("expected info client to return %s but got %s" %
(estr(exit_code), estr(r)))
pollwait(server, 10)
def test_display_reuse(self):
display = self.find_free_display()
log("starting test server on %s", display)
server = self.check_start_server(display)
assert display in self.find_X11_displays()
#make sure we cannot start another server on the same display:
try:
log("should not be able to start another test server on %s",
display)
self.check_start_server(display)
except:
pass
else:
raise Exception(
"server using the same display should have failed to start")
assert server.poll() is None, "server should not have terminated"
#tell the server to exit and leave the display behind:
log("asking the server to exit")
self.check_stop_server(server, "exit", display)
del server
assert display not in self.dotxpra.displays(
), "server socket for display should have been removed"
#now we can start it again using "--use-display"
log("start a new server on the same display")
server = self.check_start_server(display, "--use-display")
assert display in self.dotxpra.displays(), "server display not found"
#shut it down now
self.check_stop_server(server, "stop", display)
assert display not in self.find_X11_displays(
), "the display %s should have been killed" % display
def test_display_reuse(self):
display = self.find_free_display()
log("starting test server on %s", display)
server = self.check_start_server(display)
assert display in self.find_X11_displays()
#make sure we cannot start another server on the same display:
try:
log("should not be able to start another test server on %s", display)
self.check_start_server(display)
except:
pass
else:
raise Exception("server using the same display should have failed to start")
assert server.poll() is None, "server should not have terminated"
#tell the server to exit and leave the display behind:
log("asking the server to exit")
self.check_stop_server(server, "exit", display)
del server
assert display not in self.dotxpra.displays(), "server socket for display should have been removed"
#now we can start it again using "--use-display"
log("start a new server on the same display")
server = self.check_start_server(display, "--use-display")
assert display in self.dotxpra.displays(), "server display not found"
#shut it down now
self.check_stop_server(server, "stop", display)
assert display not in self.find_X11_displays(), "the display %s should have been killed" % display
def test_proxy_start_stop(self):
display = self.find_free_display()
log("using free display=%s" % display)
cmd = ["proxy", display, "--no-daemon"]
cmdstr = " ".join("'%s'" % c for c in cmd)
proxy = self.run_xpra(cmd)
r = pollwait(proxy, 5)
if r is not None:
self.show_proc_pipes(proxy)
assert r is None, "proxy failed to start with cmd=%s, exit code=%s" % (
cmdstr, r)
displays = self.dotxpra.displays()
assert display in displays, "proxy display '%s' not found in %s" % (
display, displays)
self.check_stop_server(proxy, "stop", display)
def test_unicode(self):
display = self.find_free_display()
xvfb = self.start_Xvfb(display)
from xpra.x11.bindings.posix_display_source import X11DisplayContext #@UnresolvedImport
with X11DisplayContext(display):
from xpra.x11.bindings.keyboard_bindings import X11KeyboardBindings #@UnresolvedImport
keyboard_bindings = X11KeyboardBindings()
for x in ("2030", "0005", "0010", "220F", "2039", "2211", "2248", "FB01", "F8FF", "203A", "FB02", "02C6", "02DA", "02DC", "2206", "2044", "25CA"):
#hex form:
hk = keyboard_bindings.parse_keysym("0x"+x)
#osx U+ form:
uk = keyboard_bindings.parse_keysym("U+"+x)
log("keysym(U+%s)=%#x, keysym(0x%s)=%#x", x, uk, x, hk)
assert hk and uk
assert uk == hk, "failed to get unicode keysym %s" % x
xvfb.terminate()
def _test_auth(self, auth="fail", uri_prefix="", exit_code=0, password=None):
display = self.find_free_display()
log("starting test server on %s", display)
server = self.check_start_server(display, "--auth=%s" % auth, "--printing=no")
#we should always be able to get the version:
client = self.run_xpra(["version", uri_prefix+display])
assert pollwait(client, 5)==0, "version client failed to connect"
if client.poll() is None:
client.terminate()
#try to connect
cmd = ["info", uri_prefix+display]
f = None
if password:
f = self._temp_file(password)
cmd += ["--password-file=%s" % f.name]
client = self.run_xpra(cmd)
r = pollwait(client, 5)
if f:
f.close()
assert r==exit_code, "expected info client to return %s but got %s" % (exit_code, client.poll())
if client.poll() is None:
client.terminate()
server.terminate()
def test_unicode(self):
display = self.find_free_display()
xvfb = self.start_Xvfb(display)
from unit.x11.x11_test_util import X11BindingsContext
with X11BindingsContext(display):
from xpra.x11.bindings.keyboard_bindings import X11KeyboardBindings # @UnresolvedImport
keyboard_bindings = X11KeyboardBindings()
for x in (
"2030",
"0005",
"0010",
"220F",
"2039",
"2211",
"2248",
"FB01",
"F8FF",
"203A",
"FB02",
"02C6",
"02DA",
"02DC",
"2206",
"2044",
"25CA",
):
# hex form:
hk = keyboard_bindings.parse_keysym("0x" + x)
# osx U+ form:
uk = keyboard_bindings.parse_keysym("U+" + x)
log("keysym(U+%s)=%s" % (x, uk))
assert hk and uk
assert uk == hk, "failed to get unicode keysym %s" % x
xvfb.terminate()
def test_display_reuse(self):
display, server = self.start_test_server()
#make sure we cannot start another server on the same display:
saved_spe = self.show_proc_error
def raise_exception_no_log(*args):
raise Exception("%s" % args)
#suspend process error logging:
self.show_proc_error = raise_exception_no_log
try:
try:
log("should not be able to start another test server on %s",
display)
self.check_start_server(display)
except Exception:
pass
else:
raise Exception(
"server using the same display should have failed to start"
)
finally:
self.show_proc_error = saved_spe
assert server.poll() is None, "server should not have terminated"
#tell the server to exit and leave the display behind:
log("asking the server to exit")
self.check_stop_server(server, "exit", display)
del server
assert display not in self.dotxpra.displays(
), "server socket for display should have been removed"
#now we can start it again using "--use-display"
log("start a new server on the same display")
server = self.check_start_server(display, "--use-display=yes")
assert display in self.dotxpra.displays(), "server display not found"
#shut it down now
self.check_stop_server(server, "stop", display)
assert display not in self.find_X11_displays(
), "the display %s should have been killed" % display
def test_ssl_socket(self):
server = None
display_no = self.find_free_display_no()
display = ":%s" % display_no
tcp_port = get_free_tcp_port()
ssl_port = get_free_tcp_port()
try:
tmpdir = tempfile.mkdtemp(suffix='ssl-xpra')
certfile = os.path.join(tmpdir, "self.pem")
openssl_command = [
"openssl",
"req",
"-new",
"-newkey",
"rsa:4096",
"-days",
"2",
"-nodes",
"-x509",
"-subj",
"/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost",
"-keyout",
certfile,
"-out",
certfile,
]
openssl = self.run_command(openssl_command)
assert pollwait(openssl,
10) == 0, "openssl certificate generation failed"
cert_data = load_binary_file(certfile)
log("generated cert data: %s", repr_ellipsized(cert_data))
if not cert_data:
#cannot run openssl? (happens from rpmbuild)
log.warn("SSL test skipped, cannot run '%s'",
b" ".join(openssl_command))
return
server_args = [
"--bind-tcp=0.0.0.0:%i" % tcp_port,
"--bind-ssl=0.0.0.0:%i" % ssl_port, "--ssl=on",
"--ssl-cert=%s" % certfile
]
log("starting test ssl server on %s", display)
server = self.start_server(display, *server_args)
#test it with openssl client:
for port in (tcp_port, ssl_port):
openssl_verify_command = "openssl s_client -connect 127.0.0.1:%i -CAfile %s < /dev/null" % (
port, certfile)
openssl = self.run_command(openssl_verify_command, shell=True)
assert pollwait(
openssl,
10) == 0, "openssl certificate verification failed"
def test_connect(uri, exit_code, *client_args):
cmd = ["info", uri] + list(client_args)
client = self.run_xpra(cmd)
r = pollwait(client, 5)
if client.poll() is None:
client.terminate()
assert r == exit_code, "expected info client to return %s but got %s" % (
exit_code, client.poll())
noverify = "--ssl-server-verify-mode=none"
#connect to ssl socket:
test_connect("ssl/127.0.0.1:%i/" % ssl_port, EXIT_OK, noverify)
#tcp socket should upgrade:
test_connect("ssl/127.0.0.1:%i/" % tcp_port, EXIT_OK, noverify)
#self signed cert should fail without noverify:
test_connect("ssl/127.0.0.1:%i/" % ssl_port, EXIT_CONNECTION_LOST)
test_connect("ssl/127.0.0.1:%i/" % tcp_port, EXIT_CONNECTION_LOST)
finally:
shutil.rmtree(tmpdir)
if server:
server.terminate()
def start_test_server(self, *args):
display = self.find_free_display()
log("starting test server on %s", display)
server = self.check_start_server(display, *args)
assert display in self.find_X11_displays()
return display, server
def test_ssl(self):
server = None
display_no = self.find_free_display_no()
display = ":%s" % display_no
tcp_port = get_free_tcp_port()
ws_port = get_free_tcp_port()
wss_port = get_free_tcp_port()
ssl_port = get_free_tcp_port()
try:
tmpdir = tempfile.mkdtemp(suffix='ssl-xpra')
keyfile = os.path.join(tmpdir, "key.pem")
outfile = os.path.join(tmpdir, "out.pem")
openssl_command = [
"openssl",
"req",
"-new",
"-newkey",
"rsa:4096",
"-days",
"2",
"-nodes",
"-x509",
"-subj",
"/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost",
"-keyout",
keyfile,
"-out",
outfile,
]
openssl = self.run_command(openssl_command)
assert pollwait(openssl,
20) == 0, "openssl certificate generation failed"
#combine the two files:
certfile = os.path.join(tmpdir, "cert.pem")
with open(certfile, 'wb') as cert:
for fname in (keyfile, outfile):
with open(fname, 'rb') as f:
cert.write(f.read())
cert_data = load_binary_file(certfile)
log("generated cert data: %s", repr_ellipsized(cert_data))
if not cert_data:
#cannot run openssl? (happens from rpmbuild)
log.warn("SSL test skipped, cannot run '%s'",
b" ".join(openssl_command))
return
server_args = [
"--bind-tcp=0.0.0.0:%i" % tcp_port,
"--bind-ws=0.0.0.0:%i" % ws_port,
"--bind-wss=0.0.0.0:%i" % wss_port,
"--bind-ssl=0.0.0.0:%i" % ssl_port,
"--ssl=on",
"--html=on",
"--ssl-cert=%s" % certfile,
]
log("starting test ssl server on %s", display)
server = self.start_server(display, *server_args)
#test it with openssl client:
for port in (tcp_port, ssl_port, ws_port, wss_port):
openssl_verify_command = ("openssl", "s_client", "-connect",
"127.0.0.1:%i" % port, "-CAfile",
certfile)
devnull = os.open(os.devnull, os.O_WRONLY)
openssl = self.run_command(openssl_verify_command,
stdin=devnull,
shell=True)
r = pollwait(openssl, 10)
assert r == 0, "openssl certificate verification failed, returned %s" % r
def test_connect(uri, exit_code, *client_args):
cmd = ["info", uri] + list(client_args)
client = self.run_xpra(cmd)
r = pollwait(client, CONNECT_WAIT)
if client.poll() is None:
client.terminate()
assert r == exit_code, "expected info client to return %s but got %s" % (
estr(exit_code), estr(client.poll()))
noverify = "--ssl-server-verify-mode=none"
#connect to ssl socket:
test_connect("ssl://127.0.0.1:%i/" % ssl_port, EXIT_OK, noverify)
#tcp socket should upgrade to ssl:
test_connect("ssl://127.0.0.1:%i/" % tcp_port, EXIT_OK, noverify)
#tcp socket should upgrade to ws and ssl:
test_connect("wss://127.0.0.1:%i/" % tcp_port, EXIT_OK, noverify)
#ws socket should upgrade to ssl:
test_connect("wss://127.0.0.1:%i/" % ws_port, EXIT_OK, noverify)
#self signed cert should fail without noverify:
test_connect("ssl://127.0.0.1:%i/" % ssl_port,
EXIT_SSL_CERTIFICATE_VERIFY_FAILURE)
test_connect("ssl://127.0.0.1:%i/" % tcp_port,
EXIT_SSL_CERTIFICATE_VERIFY_FAILURE)
test_connect("wss://127.0.0.1:%i/" % ws_port,
EXIT_SSL_CERTIFICATE_VERIFY_FAILURE)
test_connect("wss://127.0.0.1:%i/" % wss_port,
EXIT_SSL_CERTIFICATE_VERIFY_FAILURE)
finally:
shutil.rmtree(tmpdir)
if server:
server.terminate()
def _test(self, subcommand, options):
log("starting test server with options=%s", options)
args = ["--%s=%s" % (k, v) for k, v in options.items()]
tcp_port = None
xvfb = None
if WIN32 or OSX:
display = ""
connect_args = []
elif self.display:
display = self.display
connect_args = [display]
args.append("--use-display=yes")
else:
display = self.find_free_display()
connect_args = [display]
if subcommand == "shadow":
xvfb = self.start_Xvfb(display)
if TEST_RFB or WIN32:
tcp_port = get_free_tcp_port()
args += ["--bind-tcp=0.0.0.0:%i" % tcp_port]
if WIN32:
connect_args = ["tcp://127.0.0.1:%i" % tcp_port]
server = None
client = None
rfb_client = None
gui_client = None
try:
log("args=%s", " ".join("'%s'" % x for x in args))
server = self.check_server(subcommand, display, *args)
#we should always be able to get the version:
client = self.run_xpra(["version"] + connect_args)
assert pollwait(
client, 5
) == 0, "version client failed to connect to server with args=%s" % args
#run info query:
cmd = ["info"] + connect_args
client = self.run_xpra(cmd)
r = pollwait(client, 20)
assert r==0, "info client failed and returned %s: '%s' for server with args=%s" % \
(r, EXIT_STR.get(r, r), args)
client_kwargs = {}
if not (WIN32 or OSX):
env = self.get_run_env()
env["DISPLAY"] = self.client_display
client_kwargs = {"env": env}
if subcommand in ("shadow",
"start-desktop") and TEST_RFB and options.get(
"windows", True):
vncviewer = which("vncviewer")
log("testing RFB clients with vncviewer '%s'", vncviewer)
if vncviewer:
rfb_cmd = [vncviewer, "localhost::%i" % tcp_port]
rfb_client = self.run_command(rfb_cmd, **client_kwargs)
r = pollwait(rfb_client, 10)
if r is not None:
self.show_proc_error(
rfb_client,
"rfb client terminated early and returned %i for server with args=%s"
% (r, args))
#connect a gui client:
if WIN32 or (self.client_display and self.client_xvfb):
xpra_args = [
"attach",
"--clipboard=no", #could create loops
"--notifications=no", #may get sent to the desktop session running the tests!
] + connect_args
gui_client = self.run_xpra(xpra_args, **client_kwargs)
r = pollwait(gui_client, 10)
if r is not None:
self.show_proc_error(
gui_client,
"gui client terminated early and returned %i : '%s' for server with args=%s"
% (r, EXIT_STR.get(r, r), args))
if self.display:
self.stop_server(server, "exit", *connect_args)
else:
self.stop_server(server, "stop", *connect_args)
if display:
if display in self.dotxpra.displays():
log.warn(
"server socket for display %s should have been removed",
display)
if gui_client:
r = pollwait(gui_client, 20)
if r is None:
log.warn("client still connected!")
self.show_proc_pipes(server)
raise Exception("gui client should have been disconnected")
except Exception:
log.error("test error for '%s' subcommand with options=%s",
subcommand, options)
raise
finally:
for x in (xvfb, rfb_client, gui_client, server, client):
try:
if x and x.poll() is None:
x.terminate()
except OSError:
log("%s.terminate()", exc_info=True)
