GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

BrowserBundleTests.pm 31.6 KB
Newer Older
1
package TBBTestSuite::TestSuite::BrowserBundleTests;
2 3 4

use warnings;
use strict;
boklm's avatar
boklm committed
5 6 7

use parent 'TBBTestSuite::TestSuite';

8 9 10 11 12 13 14
use English;
use FindBin;
use File::Slurp;
use File::Spec;
use File::Find;
use File::Type;
use File::Copy;
15
use File::Temp;
16 17 18
use JSON;
use Digest::SHA qw(sha256_hex);
use LWP::UserAgent;
boklm's avatar
boklm committed
19
use IO::CaptureOutput qw(capture_exec);
20
use TBBTestSuite::Common qw(exit_error winpath clone_strip_coderef screenshot_thumbnail);
21 22
use TBBTestSuite::Options qw($options);
use TBBTestSuite::Tests::VirusTotal qw(virustotal_run);
23
use TBBTestSuite::Tests::Command qw(command_run);
24
use TBBTestSuite::Tests::TorBootstrap;
boklm's avatar
boklm committed
25
use TBBTestSuite::XServer qw(start_X stop_X set_Xmode);
26

boklm's avatar
boklm committed
27 28 29
sub test_types {
    return {
        tor_bootstrap => \&TBBTestSuite::Tests::TorBootstrap::start_tor,
30
        marionette    => \&marionette_run,
boklm's avatar
boklm committed
31 32 33 34
        virustotal    => \&virustotal_run,
        command       => \&command_run,
    };
}
35

boklm's avatar
boklm committed
36 37 38
sub type {
    'browserbundle';
}
39

boklm's avatar
boklm committed
40 41 42
sub description {
    'Tor Browser Bundle integration tests';
}
43

44 45
our @tests = (
    {
boklm's avatar
boklm committed
46 47 48 49 50 51 52 53 54
        name            => 'readelf_RELRO',
        fail_type       => 'warning',
        type            => 'command',
        descr           => 'Check if binaries are RELocation Read-Only',
        files           => \&tbb_binfiles,
        command         => [ 'readelf', '-ld' ],
        check_output    => sub { ( $_[0] =~ m/GNU_RELRO/ )
                                 && ( $_[0] =~ m/BIND_NOW/ ) },
        enable          => sub { $OSNAME eq 'linux' },
55 56
    },
    {
boklm's avatar
boklm committed
57 58 59 60 61 62 63 64
        name            => 'readelf_stack_canary',
        fail_type       => 'warning',
        type            => 'command',
        descr           => 'Check for stack canary support',
        files           => \&tbb_binfiles,
        command         => [ 'readelf', '-s' ],
        check_output    => sub { $_[0] =~ m/__stack_chk_fail/ },
        enable          => sub { $OSNAME eq 'linux' },
65 66
    },
    {
boklm's avatar
boklm committed
67 68 69 70 71 72 73
        name            => 'readelf_NX',
        type            => 'command',
        descr           => 'Check for NX support',
        files           => \&tbb_binfiles,
        command         => [ 'readelf', '-W', '-l' ],
        check_output    => sub { ! ($_[0] =~ m/GNU_STACK.+RWE/) },
        enable          => sub { $OSNAME eq 'linux' },
74 75
    },
    {
boklm's avatar
boklm committed
76 77 78 79 80 81 82
        name            => 'readelf_PIE',
        type            => 'command',
        descr           => 'Check for PIE support',
        files           => \&tbb_binfiles,
        command         => [ 'readelf', '-h' ],
        check_output    => sub { $_[0] =~ m/Type:\s+DYN/ },
        enable          => sub { $OSNAME eq 'linux' },
83 84
    },
    {
boklm's avatar
boklm committed
85 86 87 88 89 90 91 92
        name            => 'readelf_no_rpath',
        fail_type       => 'warning',
        type            => 'command',
        descr           => 'Check for no rpath',
        files           => \&tbb_binfiles,
        command         => [ 'readelf', '-d' ],
        check_output    => sub { ! ( $_[0] =~ m/RPATH/ ) },
        enable          => sub { $OSNAME eq 'linux' },
93 94
    },
    {
boklm's avatar
boklm committed
95 96 97 98 99 100 101
        name            => 'readelf_no_runpath',
        type            => 'command',
        descr           => 'Check for no runpath',
        files           => \&tbb_binfiles,
        command         => [ 'readelf', '-d' ],
        check_output    => sub { ! ( $_[0] =~ m/runpath/ ) },
        enable          => sub { $OSNAME eq 'linux' },
102
    },
boklm's avatar
boklm committed
103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118
    {
        name            => 'otool_PIE',
        type            => 'command',
        descr           => 'Check for PIE support',
        files           => \&tbb_osx_executable_files,
        command         => [ 'otool', '-hv' ],
        check_output    => sub {
            my @lines = split("\n", $_[0]);
            my $last_line = pop @lines;
            my ($flags) = $last_line =~ m/^\s*[^\s]+\s+[^\s]+\s+[^\s]+\s+[^\s]+\s+[^\s]+\s+[^\s]+\s+[^\s]+\s+(.*)/;
            my %flags = map { $_ => 1 } split(/\s+/, $flags);
            return $flags{PIE};
        },
        enable          => sub { $OSNAME eq 'darwin' },
        retry           => 1,
    },
119
    {
boklm's avatar
boklm committed
120 121 122 123 124
        name            => 'tor_httpproxy',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using an http proxy',
        httpproxy       => 1,
        enable          => sub { $OSNAME eq 'linux' },
125
        run_once        => 1,
126 127
    },
    {
boklm's avatar
boklm committed
128 129 130
        name            => 'tor_bridge',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using a bridge',
131
        enable          => sub { $OSNAME eq 'linux' && $options->{PTtests} },
132
        run_once        => 1,
133 134
    },
    {
boklm's avatar
boklm committed
135 136 137 138
        name            => 'tor_bridge_httpproxy',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using a bridge and an http proxy',
        httpproxy       => 1,
139
        enable          => sub { $OSNAME eq 'linux' && $options->{PTtests} },
140
        run_once        => 1,
141 142
    },
    {
boklm's avatar
boklm committed
143 144 145
        name            => 'tor_obfs3',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using obfs3',
146
        enable          => sub { $OSNAME eq 'linux' && $options->{PTtests} },
147
        run_once        => 1,
148 149
    },
    {
boklm's avatar
boklm committed
150 151 152 153
        name            => 'tor_obfs3_httpproxy',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using obfs3 and an http proxy',
        httpproxy       => 1,
154
        enable          => sub { $OSNAME eq 'linux' && $options->{PTtests} },
155
        run_once        => 1,
156
    },
157
    {
boklm's avatar
boklm committed
158 159 160
        name            => 'tor_obfs4',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using obfs4',
161
        enable          => sub { $OSNAME eq 'linux' && $options->{PTtests} },
162
        run_once        => 1,
163 164
    },
    {
boklm's avatar
boklm committed
165 166 167 168
        name            => 'tor_obfs4_httpproxy',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using obfs4 and an http proxy',
        httpproxy       => 1,
169
        enable          => sub { $OSNAME eq 'linux' && $options->{PTtests} },
170
        run_once        => 1,
171
    },
172
    {
boklm's avatar
boklm committed
173 174 175
        name            => 'tor_fte',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using fteproxy',
176
        enable          => sub { $OSNAME eq 'linux' && $options->{PTtests} },
177
        run_once        => 1,
178 179
    },
    {
boklm's avatar
boklm committed
180 181 182 183
        name            => 'tor_fte_httpproxy',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using fteproxy and an http proxy',
        httpproxy       => 1,
184
        enable          => sub { $OSNAME eq 'linux' && $options->{PTtests} },
185
        run_once        => 1,
186
    },
187 188 189 190
    {
        name            => 'tor_scramblesuit',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using scramblesuit',
191
        enable          => sub { $OSNAME eq 'linux' && $options->{PTtests} },
192
        run_once        => 1,
193 194 195 196 197 198
    },
    {
        name            => 'tor_scramblesuit_httpproxy',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using scramblesuit and an http proxy',
        httpproxy       => 1,
199
        enable          => sub { $OSNAME eq 'linux' && $options->{PTtests} },
200
        run_once        => 1,
201
    },
202 203 204 205
    {
        name            => 'tor_meek-amazon',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using meek-amazon',
206
        enable          => sub { $OSNAME eq 'linux' && $options->{PTtests} },
207
        run_once        => 1,
208 209 210 211 212
    },
    {
        name            => 'tor_meek-azure',
        type            => 'tor_bootstrap',
        descr           => 'Access tor using meek-azure',
213
        enable          => sub { $OSNAME eq 'linux' && $options->{PTtests} },
214
        run_once        => 1,
215
    },
216
    {
boklm's avatar
boklm committed
217 218 219 220 221
        name            => 'tor_bootstrap',
        type            => 'tor_bootstrap',
        descr           => 'Check that we can bootstrap tor',
        fail_type       => 'fatal',
        no_kill         => 1,
222 223 224
        use_default_config => 1,
    },
    {
boklm's avatar
boklm committed
225
        name            => 'screenshots',
226
        type            => 'marionette',
boklm's avatar
boklm committed
227
        descr           => 'Take some screenshots',
228 229
    },
    {
boklm's avatar
boklm committed
230
        name            => 'check',
231
        type            => 'marionette',
boklm's avatar
boklm committed
232 233
        use_net         => 1,
        descr           => 'Check that http://check.torproject.org/ think we are using tor',
234 235
    },
    {
boklm's avatar
boklm committed
236
        name            => 'https-everywhere',
237
        type            => 'marionette',
boklm's avatar
boklm committed
238 239
        use_net         => 1,
        descr           => 'Check that https everywhere is enabled and working',
240 241
    },
    {
boklm's avatar
boklm committed
242
        name            => 'https-everywhere-disabled',
243 244
        marionette_test => 'https-everywhere',
        type            => 'marionette',
boklm's avatar
boklm committed
245 246
        descr           => 'Check that https everywhere is not doing anything when disabled',
        use_net         => 1,
boklm's avatar
boklm committed
247 248 249
        prefs           => {
            'extensions.https_everywhere.globalEnabled' => 'false',
        },
250 251
    },
    {
boklm's avatar
boklm committed
252
        name            => 'settings',
253
        type            => 'marionette',
boklm's avatar
boklm committed
254
        descr           => 'Check that some important settings are correctly set',
255
    },
boklm's avatar
boklm committed
256
    {
boklm's avatar
boklm committed
257
        name            => 'acid3',
boklm's avatar
boklm committed
258
        type            => 'marionette',
boklm's avatar
boklm committed
259 260
        descr           => 'acid3 tests',
        use_net         => 1,
boklm's avatar
boklm committed
261
        retry           => 4,
boklm's avatar
boklm committed
262 263
        # the acid3 test is disabled for now
        enable          => sub { 0; },
boklm's avatar
boklm committed
264
    },
boklm's avatar
boklm committed
265
    {
boklm's avatar
boklm committed
266
        name            => 'slider_settings_1',
267 268
        marionette_test => 'slider_settings',
        type            => 'marionette',
boklm's avatar
boklm committed
269 270 271 272
        descr           => 'Check that settings are set according to security slider mode',
        slider_mode     => 1,
        pre             => \&set_slider_mode,
        post            => \&reset_slider_mode,
boklm's avatar
boklm committed
273 274
    },
    {
boklm's avatar
boklm committed
275
        name            => 'slider_settings_2',
276 277
        marionette_test => 'slider_settings',
        type            => 'marionette',
boklm's avatar
boklm committed
278 279 280 281
        descr           => 'Check that settings are set according to security slider mode',
        slider_mode     => 2,
        pre             => \&set_slider_mode,
        post            => \&reset_slider_mode,
boklm's avatar
boklm committed
282 283
    },
    {
boklm's avatar
boklm committed
284
        name            => 'slider_settings_3',
285 286
        marionette_test => 'slider_settings',
        type            => 'marionette',
boklm's avatar
boklm committed
287 288 289 290
        descr           => 'Check that settings are set according to security slider mode',
        slider_mode     => 3,
        pre             => \&set_slider_mode,
        post            => \&reset_slider_mode,
boklm's avatar
boklm committed
291 292
    },
    {
boklm's avatar
boklm committed
293
        name            => 'slider_settings_4',
294 295
        marionette_test => 'slider_settings',
        type            => 'marionette',
boklm's avatar
boklm committed
296 297 298 299
        descr           => 'Check that settings are set according to security slider mode',
        slider_mode     => 4,
        pre             => \&set_slider_mode,
        post            => \&reset_slider_mode,
boklm's avatar
boklm committed
300
    },
boklm's avatar
boklm committed
301
    {
boklm's avatar
boklm committed
302
        name            => 'dom-objects-enumeration',
303
        type            => 'marionette',
boklm's avatar
boklm committed
304
        descr           => 'Check the list of DOM Objects exposed in the global namespace',
boklm's avatar
boklm committed
305
    },
306 307 308 309 310
    {
        name            => 'dom-objects-enumeration-worker',
        type            => 'marionette',
        descr           => 'Check the list of DOM Objects exposed in a Worker context',
    },
311
    {
boklm's avatar
boklm committed
312
        name            => 'navigation-timing',
313
        type            => 'marionette',
boklm's avatar
boklm committed
314 315
        descr           => 'Check that the Navigation Timing API is really disabled',
        use_net         => 1,
316
    },
317
    {
boklm's avatar
boklm committed
318
        name            => 'resource-timing',
319
        type            => 'marionette',
320
        descr           => 'Check that the Resource Timing API is really disabled',
boklm's avatar
boklm committed
321
        use_net         => 1,
322 323
        # To check that the test fails when resource timing is enabled,
        # uncomment this:
324 325
        #prefs           => {
        #    'dom.enable_resource_timing' => 'true',
326 327 328 329 330 331 332 333 334 335
        #},
    },
    {
        name            => 'user-timing',
        type            => 'marionette',
        descr           => 'Check that the User Timing API is really disabled',
        use_net         => 1,
        # To check that the test fails when user timing is enabled,
        # uncomment this:
        #prefs           => {
336
        #    'dom.enable_user_timing' => 'true',
337
        #},
338
    },
339 340 341 342 343 344 345 346 347 348 349 350 351 352
    {
        name            => 'user-timing-worker',
        type            => 'marionette',
        marionette_test => 'page',
        remote          => 0,
        timeout         => 500,
        descr           => 'Check that the User Timing API in Worker context is really disabled',
        use_net         => 1,
        # To check that the test fails when user timing is enabled,
        # uncomment this:
        #prefs           => {
        #    'dom.enable_user_timing' => 'true',
        #},
    },
353 354 355 356 357 358 359 360 361 362 363
    {
        name            => 'performance-observer',
        type            => 'marionette',
        descr           => 'Check that the Performance Observer API is really disabled',
        use_net         => 1,
        # To check that the test fails when performance observer is enabled,
        # uncomment this:
        #prefs           => {
        #    'dom.enable_performance_observer' => 'true',
        #},
    },
364
    {
boklm's avatar
boklm committed
365
        name            => 'searchengines',
366
        type            => 'marionette',
boklm's avatar
boklm committed
367
        descr           => 'Check that we have the default search engines set',
368
    },
boklm's avatar
boklm committed
369
    {
boklm's avatar
boklm committed
370
        name            => 'noscript',
371
        type            => 'marionette',
boklm's avatar
boklm committed
372 373 374
        descr           => 'Check that noscript options are working',
        use_net         => 1,
        prefs           => {
375
            'extensions.torbutton.security_slider' => 2,
boklm's avatar
boklm committed
376 377
        },
    },
boklm's avatar
boklm committed
378
    {
boklm's avatar
boklm committed
379
        name            => 'fp_screen_dimensions',
380
        type            => 'marionette',
boklm's avatar
boklm committed
381
        descr           => 'Check that screen dimensions are spoofed correctly',
382 383
    },
    {
boklm's avatar
boklm committed
384
        name            => 'fp_screen_coords',
385
        type            => 'marionette',
boklm's avatar
boklm committed
386
        descr           => 'Check that screenX, screenY, screenLeft, screenTop, mozInnerScreenX, mozInnerScreenY are 0',
387 388
    },
    {
boklm's avatar
boklm committed
389
        name            => 'fp_plugins',
390
        type            => 'marionette',
boklm's avatar
boklm committed
391
        descr           => 'Check that plugins are disabled',
392 393
    },
    {
boklm's avatar
boklm committed
394
        name            => 'fp_useragent',
395
        type            => 'marionette',
boklm's avatar
boklm committed
396
        descr           => 'Check that userAgent is as expected',
397 398
    },
    {
boklm's avatar
boklm committed
399
        name            => 'fp_navigator',
400
        type            => 'marionette',
boklm's avatar
boklm committed
401 402 403 404
        descr           => 'Check that navigator properties are as expected',
    },
    {
        name            => 'play_videos',
405
        type            => 'marionette',
boklm's avatar
boklm committed
406 407
        descr           => 'Play some videos',
        use_net         => 1,
408
        marionette_test => 'page',
boklm's avatar
boklm committed
409 410 411 412 413
        remote          => 1,
        timeout         => 50000,
    },
    {
        name            => 'svg-disable',
boklm's avatar
boklm committed
414
        type            => 'marionette',
boklm's avatar
boklm committed
415
        descr           => 'Check if disabling svg is working',
boklm's avatar
boklm committed
416
        marionette_test => 'svg',
boklm's avatar
boklm committed
417 418
        use_net         => 1,
        prefs           => {
419 420 421
            'extensions.torbutton.security_custom' => 'true',
            'svg.in-content.enabled' => 'false',
        },
boklm's avatar
boklm committed
422
        enable          => sub { $OSNAME eq 'linux' },
423 424
    },
    {
boklm's avatar
boklm committed
425
        name            => 'svg-enable',
boklm's avatar
boklm committed
426
        type            => 'marionette',
boklm's avatar
boklm committed
427
        descr           => 'Check if enabling svg is working',
boklm's avatar
boklm committed
428
        marionette_test => 'svg',
boklm's avatar
boklm committed
429 430
        use_net         => 1,
        prefs           => {
431 432 433
            'extensions.torbutton.security_custom' => 'true',
            'svg.in-content.enabled' => 'true',
        },
boklm's avatar
boklm committed
434
        enable          => sub { $OSNAME eq 'linux' },
435
    },
436 437 438 439 440 441
    {
        name            => 'download_pdf',
        type            => 'marionette',
        descr           => 'Check if download of PDF is working (#19402)',
        use_net         => 1,
    },
boklm's avatar
boklm committed
442 443 444 445 446 447 448
    {
        name            => 'pinning_now',
        type            => 'marionette',
        descr           => 'Check if static public key pinning is working (#20149)',
        marionette_test => 'pinning',
        use_net         => 1,
    },
449 450
);

451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469
sub set_test_prefs {
    my ($tbbinfos, $t) = @_;
    return unless $t->{prefs};
    my $prefs = "$tbbinfos->{ffprofiledir}/preferences/extension-overrides.js";
    copy $prefs, "$prefs.backup";
    my $new_prefs = '';
    foreach my $prefname (sort keys %{$t->{prefs}}) {
        $new_prefs .= "pref(\"$prefname\", $t->{prefs}{$prefname});\n";
    }
    write_file($prefs, {append => 1}, $new_prefs);
}

sub reset_test_prefs {
    my ($tbbinfos, $t) = @_;
    return unless $t->{prefs};
    my $prefs = "$tbbinfos->{ffprofiledir}/preferences/extension-overrides.js";
    move "$prefs.backup", $prefs;
}

boklm's avatar
boklm committed
470 471 472 473 474 475 476 477 478 479 480 481 482 483 484
sub set_slider_mode {
    my ($tbbinfos, $t) = @_;
    my $prefs = "$tbbinfos->{ffprofiledir}/preferences/extension-overrides.js";
    copy $prefs, "$prefs.slider_backup";
    write_file($prefs, {append => 1},
      'pref("extensions.torbutton.security_custom", false);' . "\n" .
      "pref(\"extensions.torbutton.security_slider\", $t->{slider_mode});\n");
}

sub reset_slider_mode {
    my ($tbbinfos, $t) = @_;
    my $prefs = "$tbbinfos->{ffprofiledir}/preferences/extension-overrides.js";
    move "$prefs.slider_backup", $prefs;
}

485 486 487
sub tbb_binfiles {
    my ($tbbinfos, $test) = @_;
    return $tbbinfos->{binfiles} if $tbbinfos->{binfiles};
488
    my %binfiles;
489 490 491 492
    my %wanted_types = (
        'application/x-executable-file' => 1,
        'application/x-ms-dos-executable' => 1,
    );
493 494 495
    my $wanted = sub {
        return unless -f $File::Find::name;
        my $type = File::Type->new->checktype_filename($File::Find::name);
496
        return unless $wanted_types{$type};
boklm's avatar
boklm committed
497 498 499
        my $name = $File::Find::name;
        $name =~ s/^$tbbinfos->{tbbdir}\///;
        $binfiles{$name} = 1;
500 501 502 503 504
    };
    find($wanted, $tbbinfos->{tbbdir});
    return $tbbinfos->{binfiles} = [ keys %binfiles ];
}

boklm's avatar
boklm committed
505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525
sub tbb_osx_executable_files {
    my ($tbbinfos, $test) = @_;
    return $tbbinfos->{osx_executable_files} if $tbbinfos->{osx_executable_files};
    my %exec_files;
    my $wanted = sub {
        return unless -f $File::Find::name;
        $ENV{LC_ALL}= 'C';
        my ($out, $err, $success) = capture_exec('otool', '-hv', $File::Find::name);
        return unless $success;
        my @out_lines = split("\n", $out);
        return if $out_lines[0] =~ m/is not an object file/;
        my $last_line = pop @out_lines;
        my ($type) = $last_line =~ m/^\s*[^\s]+\s+[^\s]+\s+[^\s]+\s+[^\s]+\s+([^\s]+)\s+[^\s]+\s+[^\s]+\s+/;
        my $name = $File::Find::name;
        $name =~ s/^$tbbinfos->{tbbdir}\///;
        $exec_files{$name} = 1 if $type eq 'EXECUTE';
    };
    find($wanted, $tbbinfos->{tbbdir});
    return $tbbinfos->{osx_executable_files} = [ keys %exec_files ];
}

526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558
sub list_tests {
    foreach my $test (@tests) {
        print "$test->{name} ($test->{type})\n   $test->{descr}\n\n";
    }
}

sub get_tbbfile {
    my ($tbbinfos) = @_;
    $tbbinfos->{tbbfile_orig} = $tbbinfos->{tbbfile};
    if ($tbbinfos->{tbbfile} =~ m/^https?:\/\//) {
        my (undef, undef, $file) = File::Spec->splitpath($tbbinfos->{tbbfile});
        my $output = $options->{'download-dir'} ?
                "$options->{'download-dir'}/$file" : "$tbbinfos->{tmpdir}/$file";
        return $output if -f $output;
        print "Downloading $tbbinfos->{tbbfile}\n";
        my $ua = LWP::UserAgent->new;
        my $resp = $ua->get($tbbinfos->{tbbfile}, ':content_file' => $output);
        exit_error "Error downloading $tbbinfos->{tbbfile}:\n" . $resp->status_line
                unless $resp->is_success;
        $tbbinfos->{tbbfile} = $output;
    }
    exit_error "File $tbbinfos->{tbbfile} does not exist"
                unless -f $tbbinfos->{tbbfile};
}

sub extract_tbb {
    my ($tbbinfos) = @_;
    exit_error "Can't open file $tbbinfos->{tbbfile}" unless -f $tbbinfos->{tbbfile};
    my $tbbfile = File::Spec->rel2abs($tbbinfos->{tbbfile});
    my $tmpdir = $tbbinfos->{tmpdir};
    chdir $tmpdir;
    if ($tbbinfos->{os} eq 'Linux') {
        system('tar', 'xf', $tbbfile);
559 560 561 562 563
        if ($tbbinfos->{language} eq 'ALL') {
            $tbbinfos->{tbbdir} = "$tmpdir/tor-browser";
        } else {
            $tbbinfos->{tbbdir} = "$tmpdir/tor-browser_$tbbinfos->{language}";
        }
564
        $tbbinfos->{tbbdir} .= '/Browser';
565 566 567 568
    } elsif ($tbbinfos->{os} eq 'Windows') {
        my (undef, undef, $f) = File::Spec->splitpath($tbbfile);
        copy($tbbfile, "$tmpdir/$f");
        system('7z', 'x', $f);
569
        $tbbinfos->{tbbdir} = "$tmpdir/torbrowser/Browser";
570 571 572 573 574
        move("$tmpdir/\$_OUTDIR", "$tmpdir/torbrowser") if -d "$tmpdir/\$_OUTDIR";
        if (-d "$tmpdir/Browser") {
            mkdir "$tmpdir/torbrowser";
            move("$tmpdir/Browser", "$tmpdir/torbrowser/Browser");
        }
575
        move ("$tmpdir/Start Tor Browser.exe", "$tmpdir/torbrowser/");
576
        system('chmod', '-R', '+rx', $tmpdir) if $OSNAME eq 'cygwin';
boklm's avatar
boklm committed
577 578 579 580 581 582
    } elsif ($tbbinfos->{os} eq 'MacOSX') {
        my $mountpoint = File::Temp::newdir('XXXXXX', DIR => $options->{tmpdir});
        system('hdiutil', 'mount', '-mountpoint', $mountpoint, $tbbfile);
        system('cp', '-a', "$mountpoint/TorBrowser.app", "$tmpdir/TorBrowser.app");
        system('hdiutil', 'unmount', $mountpoint);
        $tbbinfos->{tbbdir} = "$tmpdir/TorBrowser.app";
583 584 585 586 587 588 589 590 591 592 593 594 595
    }
}

sub xvfb_run {
    my ($test) = @_;
    return () unless $options->{xvfb};
    my $resolution = $test->{resolution} ? $test->{resolution}
                                         : $options->{resolution};
    return ('xvfb-run', '--auto-servernum', '-s', "-screen 0 ${resolution}x24");
}

sub check_opened_connections {
    my ($tbbinfos, $test) = @_;
596 597 598 599 600 601
    my %bad_connections =  %{$test->{results}{connections}};
    delete $bad_connections{"127.0.0.1:$options->{'tor-control-port'}"};
    delete $bad_connections{"127.0.0.1:$options->{'tor-socks-port'}"};
    # For some reasons, tor-browser creates two connections to the default
    # socks port even when when TOR_SOCKS_PORT is set
    # https://lists.torproject.org/pipermail/tbb-dev/2014-May/000050.html
boklm's avatar
boklm committed
602 603 604 605
    if (defined $bad_connections{'127.0.0.1:9150'}
        && $bad_connections{'127.0.0.1:9150'} <= 2) {
        delete $bad_connections{'127.0.0.1:9150'}
    }
606 607 608 609
    if (%bad_connections) {
        $test->{results}{success} = 0;
        $test->{retry} = 0;
    }
610
    $test->{clean_strace} //= !%bad_connections;
611
    $test->{results}{bad_connections} = \%bad_connections;
612 613 614 615
}

sub check_modified_files {
    my ($tbbinfos, $test) = @_;
616
    my @bad_modified_files = @{$test->{results}{modified_files}};
617 618 619 620
    if (@bad_modified_files) {
        $test->{results}{success} = 0;
        $test->{retry} = 0;
    }
621
    $test->{clean_strace} //= !@bad_modified_files;
622 623 624
    $test->{results}{bad_modified_files} = \@bad_modified_files;
}

625 626
sub clean_strace {
    my ($tbbinfos, $test) = @_;
627
    return unless $test->{clean_strace};
628 629
    my $logfile = "$tbbinfos->{'results-dir'}/$test->{name}.strace";
    unlink $logfile;
boklm's avatar
boklm committed
630
    unlink "$logfile.tmp";
631 632
}

633 634 635
sub parse_strace {
    my ($tbbinfos, $test) = @_;
    my %ignore_files = map { $_ => 1 } qw(/dev/null /dev/tty);
636 637
    my @ignore_re = ( qr/^\/dev\/dri/ );
    push @ignore_re, qr/^$test->{workspace}/ if $test->{workspace};
638 639 640 641 642
    my %files;
    my $logfile = "$tbbinfos->{'results-dir'}/$test->{name}.strace";
    $test->{results}{connections} = {};
    my %modified_files;
    my %removed_files;
643 644 645 646 647
    if (-f "$logfile.tmp") {
        my $txt = read_file("$logfile.tmp");
        write_file($logfile, { append => 1 }, $txt);
        unlink "$logfile.tmp";
    }
648
    my @lines = read_file($logfile) if -f $logfile;
649
    LINE: foreach my $line (@lines) {
650 651 652 653 654
        if ($line =~ m/^\d+ open\("((?:[^"\\]++|\\.)*+)", ([^\)]+)/ ||
            $line =~ m/^\d+ openat\([^,]+, "((?:[^"\\]++|\\.)*+)", ([^\)]+)/) {
            next if $2 =~ m/O_RDONLY/;
            next if $1 =~ m/^$tbbinfos->{tbbdir}/;
            next if $ignore_files{$1};
655 656 657
            if ($ENV{'MOZMILL_SCREENSHOTS'}) {
                next if $1 =~ m/^$ENV{'MOZMILL_SCREENSHOTS'}/;
            }
658 659 660
            foreach my $re (@ignore_re) {
                next LINE if $1 =~ m/$re/;
            }
661 662 663 664
            $modified_files{$1}++;
        }
        if ($line =~ m/^\d+ unlink\("((?:[^"\\]++|\\.)*+)"/) {
            next if $1 =~ m/^$tbbinfos->{tbbdir}/;
665 666 667 668
            next if $ignore_files{$1};
            foreach my $re (@ignore_re) {
                next LINE if $1 =~ m/$re/;
            }
669 670 671
            $removed_files{$1}++;
            delete $modified_files{$1} unless -f $1;
        }
boklm's avatar
boklm committed
672
        if ($line =~ m/^\d+ connect\(\d+, \{sa_family=AF_INET, sin_port=htons\((\d+)\), sin_addr=inet_addr\("((?:[^"\\]++|\\.)*+)"\)/) {
673
            $test->{results}{connections}{"$2:$1"}++;
674 675
        }
    }
676 677
    $test->{results}{modified_files} = [ keys %modified_files ];
    $test->{results}{removed_files} = [ keys %removed_files ];
678 679 680 681 682 683 684 685 686
}

sub ff_wrapper {
    my ($tbbinfos, $test) = @_;
    my $wrapper_file = "$tbbinfos->{tbbdir}/ff_wrapper";
    return $wrapper_file if -f $wrapper_file;
    my $wrapper = <<EOF;
#!/bin/sh
set -e
687
export HOME="$tbbinfos->{tbbdir}"
688
export LD_LIBRARY_PATH="$tbbinfos->{tbbdir}:$tbbinfos->{tordir}"
689 690
export FONTCONFIG_PATH="\${HOME}/TorBrowser/Data/fontconfig"
export FONTCONFIG_FILE="fonts.conf"
691 692 693 694 695 696 697
exec \'$tbbinfos->{ffbin}\' "\$@"
EOF
    write_file($wrapper_file, $wrapper);
    chmod 0700, $wrapper_file;
    return $wrapper_file;
}

698
sub ff_strace_wrapper {
699 700
    my ($tbbinfos, $test) = @_;
    my $ff_wrapper = ff_wrapper($tbbinfos, $test);
701
    my $logfile = "$tbbinfos->{'results-dir'}/$test->{name}.strace";
702 703
    my $wrapper = <<EOF;
#!/bin/sh
704 705 706 707 708 709
if [ -f $logfile.tmp ]
then
   cat $logfile.tmp >> $logfile
   rm $logfile.tmp
fi
echo \$@ >> /tmp/ff_run.log
710 711 712 713 714
strace -f -o $logfile.tmp -- \'$ff_wrapper\' "\$@"
exit_code=\$?
cat $logfile.tmp >> $logfile
rm $logfile.tmp
exit \$?
715 716 717 718 719 720 721 722 723 724 725 726
EOF
    my $wrapper_file = "$tbbinfos->{tbbdir}/ff_$test->{name}";
    write_file($wrapper_file, $wrapper);
    chmod 0700, $wrapper_file;
    return $wrapper_file;
}

sub ffbin_path {
    my ($tbbinfos, $test) = @_;
    if ($OSNAME eq 'cygwin') {
        return winpath("$tbbinfos->{ffbin}.exe");
    }
727
    my %t = map { $_ => 1 } qw(marionette);
728
    if ($options->{use_strace} && $t{$test->{type}}) {
boklm's avatar
boklm committed
729 730
        return ff_strace_wrapper($tbbinfos, $test);
    }
boklm's avatar
boklm committed
731
    return $tbbinfos->{ffbin} if $OSNAME eq 'darwin';
732
    return ff_wrapper($tbbinfos, $test);
733 734
}

735 736 737 738 739 740 741 742 743 744 745 746
sub marionette_export_options {
    my ($tbbinfos, $test) = @_;
    my $options_file = File::Temp->new();
    my $json = {
        options  => clone_strip_coderef($options),
        test     => clone_strip_coderef($test),
        tbbinfos => clone_strip_coderef({ %$tbbinfos, tests => undef }),
    };
    write_file($options_file, encode_json($json));
    return $options_file;
}

747 748 749 750 751 752 753
sub marionette_run {
    my ($tbbinfos, $test) = @_;
    if ($test->{tried} && $test->{use_net}) {
        TBBTestSuite::Tests::TorBootstrap::send_newnym($tbbinfos);
    }
    set_test_prefs($tbbinfos, $test);

754 755
    my $options_file = marionette_export_options($tbbinfos, $test);
    $ENV{TESTSUITE_DATA_FILE} = winpath($options_file);
756 757
    my $result_file_html = "$tbbinfos->{'results-dir'}/$test->{name}.html";
    my $result_file_txt = "$tbbinfos->{'results-dir'}/$test->{name}.txt";
758 759
    $test->{workspace} = "$tbbinfos->{'results-dir'}/$test->{name}_ws";
    mkdir $test->{workspace};
760 761
    #--log-unittest  ./res.txt --log-html ./res.html
    my $bin = $OSNAME eq 'cygwin' ? 'Scripts' : 'bin';
762
    my $marionette_test = $test->{marionette_test} // $test->{name};
763
    my $pypath = $ENV{PYTHONPATH};
boklm's avatar
boklm committed
764 765 766 767
    my $old_pypath = $ENV{PYTHONPATH};
    $ENV{PYTHONPATH} = winpath("$FindBin::Bin/marionette/tor_browser_tests/lib");
    my $sep = $OSNAME eq 'cygwin' ? ';' : ':';
    $ENV{PYTHONPATH} .= $sep . $old_pypath if $old_pypath;
768 769 770
    $test->{screenshots} = [];
    my $screenshots_tmp = File::Temp::newdir('XXXXXX', DIR => $options->{tmpdir});
    $ENV{'MARIONETTE_SCREENSHOTS'} = winpath($screenshots_tmp);
771 772 773 774 775
    system(xvfb_run($test), "$FindBin::Bin/virtualenv-marionette/$bin/tor-browser-tests",
        '--log-unittest', winpath($result_file_txt),
        '--log-html', winpath($result_file_html),
        '--binary', ffbin_path($tbbinfos, $test),
        '--profile', winpath($tbbinfos->{ffprofiledir}),
776
        $OSNAME eq 'cygwin' ? () : ('--workspace', $test->{workspace}),
777
        winpath("$FindBin::Bin/marionette/tor_browser_tests/test_${marionette_test}.py"));
778
    $ENV{PYTHONPATH} = $pypath;
779
    my @txt_log = -f $result_file_txt ? read_file($result_file_txt) : ('NoFile');
780 781 782
    my $res_line = shift @txt_log;
    $test->{results}{success} = $res_line eq ".\n" || $res_line eq ".\r\n";
    $test->{results}{log} = join '', @txt_log;
783 784 785
    my $i = 0;
    for my $screenshot_file (sort glob "$screenshots_tmp/*.png") {
        move($screenshot_file, "$tbbinfos->{'results-dir'}/$test->{name}-$i.png");
786
        screenshot_thumbnail($tbbinfos->{'results-dir'}, "$test->{name}-$i.png");
787 788 789
        push @{$test->{screenshots}}, "$test->{name}-$i.png";
        $i++;
    }
790 791 792 793
    reset_test_prefs($tbbinfos, $test);
    parse_strace($tbbinfos, $test);
    check_opened_connections($tbbinfos, $test);
    check_modified_files($tbbinfos, $test);
794
    clean_strace($tbbinfos, $test);
795 796
}

797 798
sub set_tbbpaths {
    my ($tbbinfos) = @_;
799 800 801
    $tbbinfos->{ffbin} = "$tbbinfos->{tbbdir}/firefox";
    $tbbinfos->{tordir} = "$tbbinfos->{tbbdir}/TorBrowser/Tor";
    $tbbinfos->{datadir} = "$tbbinfos->{tbbdir}/TorBrowser/Data";
boklm's avatar
boklm committed
802 803
    if ($tbbinfos->{os} eq 'MacOSX') {
        $tbbinfos->{ffbin} = "$tbbinfos->{tbbdir}/Contents/MacOS/firefox";
804 805 806 807 808 809 810 811 812
        unless ($tbbinfos->{version} =~ m/^5./) {
            $tbbinfos->{ffprofiledir} = "$tbbinfos->{tbbdir}/Contents/Resources/distribution";
            $tbbinfos->{tordir} = "$tbbinfos->{tbbdir}/Contents/Resources/TorBrowser/Tor";
            $tbbinfos->{datadir} = "$tbbinfos->{tbbdir}/../TorBrowser-data";
            $tbbinfos->{torrcdefaults} = "$tbbinfos->{tordir}/torrc-defaults";
            $tbbinfos->{torgeoip} = "$tbbinfos->{tordir}/geoip";
            mkdir $tbbinfos->{datadir} unless -d $tbbinfos->{datadir};
            mkdir "$tbbinfos->{datadir}/Tor" unless -d "$tbbinfos->{datadir}/Tor";
        }
boklm's avatar
boklm committed
813
    }
814 815
    $tbbinfos->{torrcdefaults} //= "$tbbinfos->{datadir}/Tor/torrc-defaults";
    $tbbinfos->{torgeoip} //= "$tbbinfos->{datadir}/Tor/geoip";
816
    $tbbinfos->{torbin} = "$tbbinfos->{tordir}/tor";
boklm's avatar
boklm committed
817
    $tbbinfos->{ptdir} = winpath("$tbbinfos->{tordir}/PluggableTransports");
818
    $tbbinfos->{ffprofiledir} //= "$tbbinfos->{datadir}/Browser/profile.default";
819 820
}

boklm's avatar
boklm committed
821 822 823 824
sub new {
    my ($ts, $testsuite) = @_;
    $testsuite->{type} = 'browserbundle';
    $testsuite->{tests} = [ map { { %$_ } } @tests ];
825 826
    return undef unless $testsuite->{os} eq $options->{os};
    return undef unless $testsuite->{arch} eq $options->{arch};
boklm's avatar
boklm committed
827 828 829
    return bless $testsuite, $ts;
}

830 831 832 833 834 835 836 837 838 839
sub pre_tests {
    my ($tbbinfos) = @_;
    get_tbbfile($tbbinfos);
    if ($tbbinfos->{sha256sum} &&
        $tbbinfos->{sha256sum} ne sha256_hex(read_file($tbbinfos->{tbbfile}))) {
        exit_error "Wrong sha256sum for $tbbinfos->{tbbfile}";
    }
    $tbbinfos->{sha256sum} //= sha256_hex(read_file($tbbinfos->{tbbfile}));
    extract_tbb($tbbinfos);
    set_tbbpaths($tbbinfos);
840 841 842 843
    my $prefs_file = "$tbbinfos->{ffprofiledir}/preferences/extension-overrides.js";
    open(my $prefs_fh, '>>', $prefs_file);
    print $prefs_fh 'pref("extensions.torbutton.prompted_language", true);', "\n";
    close $prefs_fh;
844
    chdir $tbbinfos->{tbbdir} || exit_error "Can't enter directory $tbbinfos->{tbbdir}";
boklm's avatar
boklm committed
845
    copy "$FindBin::Bin/data/cert_override.txt",
boklm's avatar
boklm committed
846
          "$tbbinfos->{ffprofiledir}/cert_override.txt";
847
    $ENV{TOR_SKIP_LAUNCH} = 1;
848 849
    $ENV{TOR_SOCKS_PORT} = $options->{'tor-socks-port'};
    $ENV{TOR_CONTROL_PORT} = $options->{'tor-control-port'};
boklm's avatar
boklm committed
850 851 852
    if ($options->{xdummy}) {
        $tbbinfos->{Xdisplay} = start_X("$tbbinfos->{'results-dir'}/xorg.log");
    }
853 854 855 856 857
}

sub post_tests {
    my ($tbbinfos) = @_;
    TBBTestSuite::Tests::TorBootstrap::stop_tor($tbbinfos);
boklm's avatar
boklm committed
858
    stop_X($tbbinfos->{Xdisplay}) if $options->{xdummy};
859 860 861
}

1;