def InstallTestCa(self):
"""Install a randomly generated root CA on the android device.
This allows transparent HTTPS testing with WPR server without need
to tweak application network stack.
"""
if certutils.openssl_import_error:
logging.warning('The OpenSSL module is unavailable. '
'Will fallback to ignoring certificate errors.')
return
try:
self._wpr_ca_cert_path = os.path.join(tempfile.mkdtemp(),
'testca.pem')
certutils.write_dummy_ca_cert(*certutils.generate_dummy_ca_cert(),
cert_path=self._wpr_ca_cert_path)
self._device_cert_util = adb_install_cert.AndroidCertInstaller(
self._adb.device_serial(), None, self._wpr_ca_cert_path)
logging.info('Installing test certificate authority on device: %s',
self._adb.device_serial())
self._device_cert_util.install_cert(overwrite_cert=True)
self._is_test_ca_installed = True
except Exception:
# Fallback to ignoring certificate errors.
self.RemoveTestCa()
logging.warning(
'Unable to install test certificate authority on device: '
'%s. Will fallback to ignoring certificate errors.' %
self._adb.device_serial())
def RemoteWprHost(device,
wpr_archive_path,
record=False,
network_condition_name=None,
disable_script_injection=False):
"""Launches web page replay host.
Args:
device: Android device.
wpr_archive_path: host sided WPR archive's path.
record: Enables or disables WPR archive recording.
network_condition_name: Network condition name available in
emulation.NETWORK_CONDITIONS.
disable_script_injection: Disable JavaScript file injections that is
fighting against resources name entropy.
Returns:
Additional flags list that may be used for chromium to load web page through
the running web page replay host.
"""
assert device
if wpr_archive_path == None:
_VerifySilentWprHost(record, network_condition_name)
yield []
return
# Deploy certification authority to the device.
temp_certificate_dir = tempfile.mkdtemp()
wpr_ca_cert_path = os.path.join(temp_certificate_dir, 'testca.pem')
certutils.write_dummy_ca_cert(*certutils.generate_dummy_ca_cert(),
cert_path=wpr_ca_cert_path)
device_cert_util = adb_install_cert.AndroidCertInstaller(
device.adb.GetDeviceSerial(), None, wpr_ca_cert_path)
device_cert_util.install_cert(overwrite_cert=True)
try:
# Set up WPR server
with _WprHost(wpr_archive_path,
record=record,
network_condition_name=network_condition_name,
disable_script_injection=disable_script_injection,
wpr_ca_cert_path=wpr_ca_cert_path) as (http_port,
https_port):
# Set up the forwarder.
forwarder.Forwarder.Map([(0, http_port), (0, https_port)], device)
device_http_port = forwarder.Forwarder.DevicePortForHostPort(
http_port)
device_https_port = forwarder.Forwarder.DevicePortForHostPort(
https_port)
try:
yield _FormatWPRRelatedChromeArgumentFor(device_http_port,
device_https_port,
escape=True)
finally:
# Tear down the forwarder.
forwarder.Forwarder.UnmapDevicePort(device_http_port, device)
forwarder.Forwarder.UnmapDevicePort(device_https_port, device)
finally:
# Remove certification authority from the device.
device_cert_util.remove_cert()
shutil.rmtree(temp_certificate_dir)
def _InstallTestCa(self):
"""Generates and deploys a test certificate authority."""
print 'Installing test certificate authority on device: %s' % (
self._device.adb.GetDeviceSerial())
self._wpr_ca_cert_path = os.path.join(tempfile.mkdtemp(), 'testca.pem')
certutils.write_dummy_ca_cert(*certutils.generate_dummy_ca_cert(),
cert_path=self._wpr_ca_cert_path)
self._device_cert_util = adb_install_cert.AndroidCertInstaller(
self._device.adb.GetDeviceSerial(), None, self._wpr_ca_cert_path)
self._device_cert_util.install_cert(overwrite_cert=True)
self._is_test_ca_installed = True
def InstallTestCa(self, ca_cert_path):
"""Install a randomly generated root CA on the android device.
This allows transparent HTTPS testing with WPR server without need
to tweak application network stack.
Note: If this method fails with any exception, then RemoveTestCa will be
automatically called by the network_controller_backend.
"""
if self._device_cert_util is not None:
logging.warning('Test certificate authority is already installed.')
return
self._device_cert_util = adb_install_cert.AndroidCertInstaller(
self._device.adb.GetDeviceSerial(), None, ca_cert_path)
self._device_cert_util.install_cert(overwrite_cert=True)
def InstallTestCa(self):
"""Install a randomly generated root CA on the android device.
This allows transparent HTTPS testing with WPR server without need
to tweak application network stack.
"""
# TODO(slamm): Move certificate creation related to webpagereplay.py.
# The only code that needs to be in platform backend is installing the cert.
if certutils.openssl_import_error:
logging.warning('The OpenSSL module is unavailable. '
'Will fallback to ignoring certificate errors.')
return
if not platformsettings.HasSniSupport():
logging.warning(
'Web Page Replay requires SNI support (pyOpenSSL 0.13 or greater) '
'to generate certificates from a test CA. '
'Will fallback to ignoring certificate errors.')
return
try:
self._wpr_ca_cert_path = os.path.join(tempfile.mkdtemp(),
'testca.pem')
certutils.write_dummy_ca_cert(*certutils.generate_dummy_ca_cert(),
cert_path=self._wpr_ca_cert_path)
self._device_cert_util = adb_install_cert.AndroidCertInstaller(
self._device.adb.GetDeviceSerial(), None,
self._wpr_ca_cert_path)
logging.info('Installing test certificate authority on device: %s',
str(self._device))
self._device_cert_util.install_cert(overwrite_cert=True)
self._is_test_ca_installed = True
except Exception as e:
# Fallback to ignoring certificate errors.
self.RemoveTestCa()
logging.warning(
'Unable to install test certificate authority on device: %s. '
'Will fallback to ignoring certificate errors. Install error: %s',
str(self._device), e)
def WprHost(device, wpr_archive_path, record=False,
network_condition_name=None,
disable_script_injection=False):
"""Launches web page replay host.
Args:
device: Android device.
wpr_archive_path: host sided WPR archive's path.
network_condition_name: Network condition name available in
chrome_setup.NETWORK_CONDITIONS.
record: Enables or disables WPR archive recording.
Returns:
Additional flags list that may be used for chromium to load web page through
the running web page replay host.
"""
assert device
if wpr_archive_path == None:
assert not record, 'WPR cannot record without a specified archive.'
assert not network_condition_name, ('WPR cannot emulate network condition' +
' without a specified archive.')
yield []
return
wpr_server_args = ['--use_closest_match']
if record:
wpr_server_args.append('--record')
if os.path.exists(wpr_archive_path):
os.remove(wpr_archive_path)
else:
assert os.path.exists(wpr_archive_path)
if network_condition_name:
condition = chrome_setup.NETWORK_CONDITIONS[network_condition_name]
if record:
logging.warning('WPR network condition is ignored when recording.')
else:
wpr_server_args.extend([
'--down', chrome_setup.BandwidthToString(condition['download']),
'--up', chrome_setup.BandwidthToString(condition['upload']),
'--delay_ms', str(condition['latency']),
'--shaping_type', 'proxy'])
if disable_script_injection:
# Remove default WPR injected scripts like deterministic.js which
# overrides Math.random.
wpr_server_args.extend(['--inject_scripts', ''])
# Deploy certification authority to the device.
temp_certificate_dir = tempfile.mkdtemp()
wpr_ca_cert_path = os.path.join(temp_certificate_dir, 'testca.pem')
certutils.write_dummy_ca_cert(*certutils.generate_dummy_ca_cert(),
cert_path=wpr_ca_cert_path)
device_cert_util = adb_install_cert.AndroidCertInstaller(
device.adb.GetDeviceSerial(), None, wpr_ca_cert_path)
device_cert_util.install_cert(overwrite_cert=True)
wpr_server_args.extend(['--should_generate_certs',
'--https_root_ca_cert_path=' + wpr_ca_cert_path])
# Set up WPR server and device forwarder.
wpr_server = webpagereplay.ReplayServer(wpr_archive_path,
'127.0.0.1', 0, 0, None, wpr_server_args)
ports = wpr_server.StartServer()[:-1]
host_http_port = ports[0]
host_https_port = ports[1]
forwarder.Forwarder.Map([(0, host_http_port), (0, host_https_port)], device)
device_http_port = forwarder.Forwarder.DevicePortForHostPort(host_http_port)
device_https_port = forwarder.Forwarder.DevicePortForHostPort(host_https_port)
try:
yield [
'--host-resolver-rules="MAP * 127.0.0.1,EXCLUDE localhost"',
'--testing-fixed-http-port={}'.format(device_http_port),
'--testing-fixed-https-port={}'.format(device_https_port)]
finally:
forwarder.Forwarder.UnmapDevicePort(device_http_port, device)
forwarder.Forwarder.UnmapDevicePort(device_https_port, device)
wpr_server.StopServer()
# Remove certification authority from the device.
device_cert_util.remove_cert()
shutil.rmtree(temp_certificate_dir)