Bug 12620: TorBrowser regression tests

#!/bin/bash

# This script runs all the Mochitest tests that have been added or

# modified since the last ffxbld commit.

#

# It does not currently run XPCShell tests. We should change this if we

# start using this type or other types of tests.

#

# The logs of the tests are stored in the tbb-tests.log file.

# Ignored tests are listed in the tbb-tests-ignore.txt file.

#

# https://trac.torproject.org/projects/tor/ticket/18923

IFS=$'\n'

if [ -n "$USE_TESTS_LIST" ] && [ -f tbb-tests-list.txt ]

then

    echo "Using tests list from file tbb-tests-list.txt"

    tests=($(cat tbb-tests-list.txt))

else

    ffxbld_commit=$(git log -500 --format='%an %H' | grep '^ffxbld ' \

                                        | head -1 | cut -d ' ' -f 2)

    tests=($(git diff --name-status "$ffxbld_commit" HEAD | \

        grep -e '^[AM].*/test_[^/]\+\.\(html\|xul\)$' \

             -e '^[AM].*/browser_[^/]\+\.js$' \

             | sed 's/^[AM]\s\+//'))

fi

echo 'The following tests will be run:'

for i in "${!tests[@]}"

do

    if [ -z "$USE_TESTS_LIST" ] \

        && grep -q "^${tests[$i]}$" tbb-tests-ignore.txt

    then

        unset "tests[$i]"

        continue

    fi

    echo "- ${tests[$i]}"

done

if [ -n "$WRITE_TESTS_LIST" ]

then

    rm -f tbb-tests-list.txt

    for i in "${!tests[@]}"

    do

        echo "${tests[$i]}" >> tbb-tests-list.txt

    done

    exit 0

fi

rm -f tbb-tests.log

echo $'\n''Starting tests'

./mach mochitest --log-tbpl tbb-tests.log --setpref security.nocertdb=false \

                 "${tests[@]}"

echo "*************************"

echo "*************************"

echo "Summary of failed tests:"

grep --color=never TEST-UNEXPECTED-FAIL tbb-tests.log

[DEFAULT]

[browser_tor_bug2950.js]

[browser_tor_omnibox.js]

[browser_tor_TB4.js]

// # Test for TB4: Tor Browser's Firefox preference overrides

// Simple regression tests to check the value of each pref and

// decides if it is set as expected.

// TODO: Write unit tests to check that each pref setting here

// causes the browser to have the desired behavior (a big task). 

function test() {

let expectedPrefs = [

   // Disable browser auto updaters and associated homepage notifications

   ["app.update.auto", false],

   ["app.update.enabled", false],

   ["browser.search.update", false],

   ["browser.rights.3.shown", true],

   ["browser.startup.homepage_override.mstone", "ignore"],

   ["startup.homepage_welcome_url", ""],

   ["startup.homepage_override_url", ""],

   // Disable the "Refresh" prompt that is displayed for stale profiles.

   ["browser.disableResetPrompt", true],

   // Disk activity: Disable Browsing History Storage

   ["browser.privatebrowsing.autostart", true],

   ["browser.cache.disk.enable", false],

   ["browser.cache.offline.enable", false],

   ["dom.indexedDB.enabled", false],

   ["permissions.memory_only", true],

   ["network.cookie.lifetimePolicy", 2],

   ["security.nocertdb", true],

   // Disk activity: TBB Directory Isolation

   ["browser.download.useDownloadDir", false],

   ["browser.shell.checkDefaultBrowser", false],

   ["browser.download.manager.addToRecentDocs", false],

   // Misc privacy: Disk

   ["signon.rememberSignons", false],

   ["browser.formfill.enable", false],

   ["signon.autofillForms", false],

   ["browser.sessionstore.privacy_level", 2],

   ["media.cache_size", 0],

   // Misc privacy: Remote

   ["browser.send_pings", false],

   ["geo.enabled", false],

   ["geo.wifi.uri", ""],

   ["browser.search.suggest.enabled", false],

   ["browser.safebrowsing.malware.enabled", false],

   ["extensions.ui.lastCategory", "addons://list/extension"],

   ["datareporting.healthreport.uploadEnabled", false],

   ["datareporting.policy.dataSubmissionEnabled", false],

   ["security.mixed_content.block_active_content", false], // Disable until https://bugzilla.mozilla.org/show_bug.cgi?id=878890 is patched

   ["browser.syncPromoViewsLeftMap", "{\"addons\":0, \"passwords\":0, \"bookmarks\":0}"], // Don't promote sync

   ["services.sync.engine.prefs", false], // Never sync prefs, addons, or tabs with other browsers

   ["services.sync.engine.addons", false],

   ["services.sync.engine.tabs", false],

   ["extensions.getAddons.cache.enabled", false], // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/

   // Fingerprinting

   ["webgl.min_capability_mode", true],

   ["webgl.disable-extensions", true],

   ["dom.battery.enabled", false], // fingerprinting due to differing OS implementations

   ["browser.display.max_font_attempts",10],

   ["browser.display.max_font_count",10],

   ["gfx.downloadable_fonts.fallback_delay", -1],

   ["browser.startup.homepage_override.buildID", "20100101"],

   // Third party stuff

   ["network.cookie.cookieBehavior", 1],

   ["security.enable_tls_session_tickets", false],

   ["network.http.spdy.enabled", false], // Stores state and may have keepalive issues (both fixable)

   ["network.http.spdy.enabled.v2", false], // Seems redundant, but just in case

   ["network.http.spdy.enabled.v3", false], // Seems redundant, but just in case

   // Proxy and proxy security

   ["network.proxy.socks", "127.0.0.1"],

   ["network.proxy.socks_port", 9150],

   ["network.proxy.socks_remote_dns", true],

   ["network.proxy.no_proxies_on", ""], // For fingerprinting and local service vulns (#10419)

   ["network.proxy.type", 1],

   ["network.security.ports.banned", "9050,9051,9150,9151"],

   ["network.dns.disablePrefetch", true],

   ["network.protocol-handler.external-default", false],

   ["network.protocol-handler.external.mailto", false],

   ["network.protocol-handler.external.news", false],

   ["network.protocol-handler.external.nntp", false],

   ["network.protocol-handler.external.snews", false],

   ["network.protocol-handler.warn-external.mailto", true],

   ["network.protocol-handler.warn-external.news", true],

   ["network.protocol-handler.warn-external.nntp", true],

   ["network.protocol-handler.warn-external.snews", true],

   // Network and performance

   ["network.http.pipelining", true],

   ["network.http.pipelining.aggressive", true],

   ["network.http.pipelining.maxrequests", 12],

   ["network.http.pipelining.ssl", true],

   ["network.http.proxy.pipelining", true],

   ["security.ssl.enable_false_start", true],

   ["network.http.keep-alive.timeout", 20],

   ["network.http.connection-retry-timeout", 0],

   ["network.http.max-persistent-connections-per-proxy", 256],

   ["network.http.pipelining.reschedule-timeout", 15000],

   ["network.http.pipelining.read-timeout", 60000],

   // Hacked pref: Now means "Attempt to pipeline at least this many requests together"

   ["network.http.pipelining.max-optimistic-requests", 3],

   ["security.disable_session_identifiers", true],

   // Extension support

   ["extensions.autoDisableScopes", 0],

   ["extensions.bootstrappedAddons", "{}"],

   ["extensions.checkCompatibility.4.*", false],

   ["extensions.databaseSchema", 3],

   ["extensions.enabledAddons", "https-everywhere%40eff.org:3.1.4,%7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1,torbutton%40torproject.org:1.5.2,ubufox%40ubuntu.com:2.6,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.5"],

   ["extensions.enabledItems", "langpack-en-US@firefox.mozilla.org:,{73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.57,{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.4,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8"],

   ["extensions.enabledScopes", 1],

   ["extensions.pendingOperations", false],

   ["xpinstall.whitelist.add", ""],

   ["xpinstall.whitelist.add.36", ""],

   // Omnibox settings

   ["keyword.URL", "https://startpage.com/do/search?q="],

   // Hacks/workarounds: Direct2D seems to crash w/ lots of video cards w/ MinGW?

   // Nvida cards also experience crashes without the second pref set to disabled

   ["gfx.direct2d.disabled", true],

   ["layers.acceleration.disabled", true],

   // Security enhancements

   // https://trac.torproject.org/projects/tor/ticket/9387#comment:17

   ["javascript.options.ion.content", false],

   ["javascript.options.baselinejit.content", false],

   ["javascript.options.asmjs", false],

   ["javascript.options.typeinference", false],

   // Enable TLS 1.1 and 1.2:

   // https://trac.torproject.org/projects/tor/ticket/11253

   ["security.tls.version.max", 3],

   // Version placeholder

   ["torbrowser.version", "UNKNOWN"],

  ];

let getPref = function (prefName) {

  let type = gPrefService.getPrefType(prefName);

  if (type === gPrefService.PREF_INT) return gPrefService.getIntPref(prefName);

  if (type === gPrefService.PREF_BOOL) return gPrefService.getBoolPref(prefName);

  if (type === gPrefService.PREF_STRING) return gPrefService.getCharPref(prefName);

  // Something went wrong.

  throw new Error("Can't access pref " + prefName);

};

let testPref = function([key, expectedValue]) {

  let foundValue = getPref(key);

  is(foundValue, expectedValue, "Pref '" + key + "' should be '" + expectedValue +"'.");

};  

expectedPrefs.map(testPref);

} // end function test()

// # Regression tests for tor Bug #2950, Make Permissions Manager memory-only

// Ensures that permissions.sqlite file in profile directory is not written to,

// even when we write a value to Firefox's permissions database.

// The requisite test() function.

function test() {

// Needed because of asynchronous part later in the test.

waitForExplicitFinish();

// Shortcut

let Ci = Components.interfaces;

// ## utility functions

// __uri(spec)__.

// Creates an nsIURI instance from a spec

// (string address such as "http://torproject.org").

let uri = spec => Services.io.newURI(spec, null, null);

// __setPermission(spec, key, value)__.

// Sets the site permission of type key to value, for the site located at address spec.

let setPermission = (spec, key, value) => SitePermissions.set(uri(spec), key, value);

// __getPermission(spec, key)__.

// Reads the site permission value for permission type key, for the site

// located at address spec.

let getPermission = (spec, key) => SitePermissions.get(uri(spec), key);

// __profileDirPath__.

// The Firefox Profile directory. Expected location of various persistent files.

let profileDirPath = Services.dirsvc.get("ProfD", Components.interfaces.nsIFile).path;

// __fileInProfile(fileName)__.

// Returns an nsIFile instance corresponding to a file in the Profile directory.

let fileInProfile = fileName => FileUtils.File(profileDirPath + "/" + fileName);

// ## Now let's run the test.

let SITE = "http://torproject.org",

    KEY = "popup";

let permissionsFile = fileInProfile("permissions.sqlite"),

                      lastModifiedTime = null,

                      newModifiedTime = null;

if (permissionsFile.exists()) {

  lastModifiedTime = permissionsFile.lastModifiedTime;

}

// Read the original value of the permission.

let originalValue = getPermission(SITE, KEY);

// We need to delay by at least 1000 ms, because that's the granularity

// of file time stamps, it seems.

window.setTimeout(

  function () {

    // Set the permission to a new value.

    setPermission(SITE, KEY, (originalValue === 0) ? 1 : 0);

    // Now read back the permission value again.

    let newReadValue = getPermission(SITE, KEY);

    // Compare to confirm that the permission

    // value was successfully changed.

    isnot(newReadValue, originalValue, "Set a value in permissions db (perhaps in memory).");;

    // If file existed or now exists, get the current time stamp.

    if (permissionsFile.exists()) {

      newModifiedTime = permissionsFile.lastModifiedTime;

    }

    // If file was created or modified since we began this test,

    // then permissions db is not memory only. Complain!

    is(lastModifiedTime, newModifiedTime, "Don't write to permissions.sqlite file on disk.");

    // We are done with the test.

    finish();

  }, 1100);

} // test()

[DEFAULT]

[test_tor_bug2874.html]