diff options
| author | Alyssa Ross <hi@alyssa.is> | 2021-10-19 14:40:23 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2022-01-07 10:22:32 +0000 |
| commit | cc62bcb55359ba8c5e0fe3a48e778444c89060d8 (patch) | |
| tree | ca0e21d44eaf8837b687395e614445f7761d7bbd /nixpkgs/nixos/tests/custom-ca.nix | |
| parent | d6625e8d25efd829c3cfa227d025ca4e606ae4b7 (diff) | |
| parent | a323570a264da96a0b0bcc1c9aa017794acdc752 (diff) | |
| download | nixlib-cc62bcb55359ba8c5e0fe3a48e778444c89060d8.tar nixlib-cc62bcb55359ba8c5e0fe3a48e778444c89060d8.tar.gz nixlib-cc62bcb55359ba8c5e0fe3a48e778444c89060d8.tar.bz2 nixlib-cc62bcb55359ba8c5e0fe3a48e778444c89060d8.tar.lz nixlib-cc62bcb55359ba8c5e0fe3a48e778444c89060d8.tar.xz nixlib-cc62bcb55359ba8c5e0fe3a48e778444c89060d8.tar.zst nixlib-cc62bcb55359ba8c5e0fe3a48e778444c89060d8.zip | |
Merge commit 'a323570a264da96a0b0bcc1c9aa017794acdc752'
Diffstat (limited to 'nixpkgs/nixos/tests/custom-ca.nix')
| -rw-r--r-- | nixpkgs/nixos/tests/custom-ca.nix | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/nixpkgs/nixos/tests/custom-ca.nix b/nixpkgs/nixos/tests/custom-ca.nix index 26f29a3e68fe..05cfbbb2fdf2 100644 --- a/nixpkgs/nixos/tests/custom-ca.nix +++ b/nixpkgs/nixos/tests/custom-ca.nix @@ -82,7 +82,7 @@ in # chromium-based browsers refuse to run as root test-support.displayManager.auto.user = "alice"; # browsers may hang with the default memory - virtualisation.memorySize = "500"; + virtualisation.memorySize = 500; networking.hosts."127.0.0.1" = [ "good.example.com" "bad.example.com" ]; security.pki.certificateFiles = [ "${example-good-cert}/ca.crt" ]; @@ -113,7 +113,7 @@ in # which is why it will not use the system certificate store for the time being. # firefox chromium - falkon + qutebrowser midori ]; }; @@ -152,21 +152,21 @@ in with subtest("Unknown CA is untrusted in curl"): machine.fail("curl -fv https://bad.example.com") - browsers = [ + browsers = { # Firefox was disabled here, because we needed to disable p11-kit support in nss, # which is why it will not use the system certificate store for the time being. - # "firefox", - "chromium", - "falkon", - "midori" - ] - errors = ["Security Risk", "not private", "Certificate Error", "Security"] + #"firefox": "Security Risk", + "chromium": "not private", + "qutebrowser -T": "Certificate error", + "midori": "Security" + } machine.wait_for_x() - for browser, error in zip(browsers, errors): + for command, error in browsers.items(): + browser = command.split()[0] with subtest("Good certificate is trusted in " + browser): execute_as( - "alice", f"env P11_KIT_DEBUG=trust {browser} https://good.example.com & >&2" + "alice", f"env P11_KIT_DEBUG=trust {command} https://good.example.com & >&2" ) wait_for_window_as("alice", browser) machine.wait_for_text("It works!") @@ -174,7 +174,7 @@ in execute_as("alice", "xdotool key ctrl+w") # close tab with subtest("Unknown CA is untrusted in " + browser): - execute_as("alice", f"{browser} https://bad.example.com & >&2") + execute_as("alice", f"{command} https://bad.example.com & >&2") machine.wait_for_text(error) machine.screenshot("bad" + browser) machine.succeed("pkill " + browser) |