项目上传

unittest_python/Dockerfile

@@ -0,0 +1,14 @@
+# Start python3.6.9-alpine3.10 to build python:unitest
+FROM python:3.6.9-alpine3.10
+
+
+ADD unittest /root/unittest
+
+RUN sed -i s@/dl-cdn.alpinelinux.org/@/mirrors.ustc.edu.cn/@g /etc/apk/repositories \
+	&& apk update \
+    && apk add curl-dev gcc libc-dev curl gzip\
+	&& pip3 install pycurl 
+	
+WORKDIR /root/unittest
+
+CMD tail -f /dev/null

unittest_python/unittest/badssl.test.hosts

@@ -0,0 +1,88 @@
+#### start of badssl.self-test.geedge.net hosts ####
+192.168.253.130 10000-sans.badssl.self-test.geedge.net
+192.168.253.130 1000-sans.badssl.self-test.geedge.net
+192.168.253.130 3des.badssl.self-test.geedge.net
+192.168.253.130 badssl.self-test.geedge.net
+192.168.253.130 captive-portal.badssl.self-test.geedge.net
+192.168.253.130 cbc.badssl.self-test.geedge.net
+192.168.253.130 client.badssl.self-test.geedge.net
+192.168.253.130 client-cert-missing.badssl.self-test.geedge.net
+192.168.253.130 dh1024.badssl.self-test.geedge.net
+192.168.253.130 dh2048.badssl.self-test.geedge.net
+192.168.253.130 dh480.badssl.self-test.geedge.net
+192.168.253.130 dh512.badssl.self-test.geedge.net
+192.168.253.130 dh-composite.badssl.self-test.geedge.net
+192.168.253.130 dh-small-subgroup.badssl.self-test.geedge.net
+192.168.253.130 dsdtestprovider.badssl.self-test.geedge.net
+192.168.253.130 ecc256.badssl.self-test.geedge.net
+192.168.253.130 ecc384.badssl.self-test.geedge.net
+192.168.253.130 edellroot.badssl.self-test.geedge.net
+192.168.253.130 ev.badssl.self-test.geedge.net
+192.168.253.130 expired.badssl.self-test.geedge.net
+192.168.253.130 extended-validation.badssl.self-test.geedge.net
+192.168.253.130 hsts.badssl.self-test.geedge.net
+192.168.253.130 http.badssl.self-test.geedge.net
+192.168.253.130 http-credit-card.badssl.self-test.geedge.net
+192.168.253.130 http-dynamic-login.badssl.self-test.geedge.net
+192.168.253.130 http-login.badssl.self-test.geedge.net
+192.168.253.130 http-password.badssl.self-test.geedge.net
+192.168.253.130 https-everywhere.badssl.self-test.geedge.net
+192.168.253.130 http-textarea.badssl.self-test.geedge.net
+192.168.253.130 incomplete-chain.badssl.self-test.geedge.net
+192.168.253.130 invalid-expected-sct.badssl.self-test.geedge.net
+192.168.253.130 lock-title.badssl.self-test.geedge.net
+192.168.253.130 long-extended-subdomain-name-containing-many-letters-and-dashes.badssl.self-test.geedge.net
+192.168.253.130 longextendedsubdomainnamewithoutdashesinordertotestwordwrapping.badssl.self-test.geedge.net
+192.168.253.130 md5.badssl.self-test.geedge.net
+192.168.253.130 mitm-software.badssl.self-test.geedge.net
+192.168.253.130 mixed.badssl.self-test.geedge.net
+192.168.253.130 mixed-favicon.badssl.self-test.geedge.net
+192.168.253.130 mixed-form.badssl.self-test.geedge.net
+192.168.253.130 mixed-script.badssl.self-test.geedge.net
+192.168.253.130 mozilla-intermediate.badssl.self-test.geedge.net
+192.168.253.130 mozilla-modern.badssl.self-test.geedge.net
+192.168.253.130 mozilla-old.badssl.self-test.geedge.net
+192.168.253.130 no-common-name.badssl.self-test.geedge.net
+192.168.253.130 no-san.badssl.self-test.geedge.net
+192.168.253.130 no-sct.badssl.self-test.geedge.net
+192.168.253.130 no-subject.badssl.self-test.geedge.net
+192.168.253.130 null.badssl.self-test.geedge.net
+192.168.253.130 pinning-test.badssl.self-test.geedge.net
+192.168.253.130 preact-cli.badssl.self-test.geedge.net
+192.168.253.130 preloaded-expect-ct.badssl.self-test.geedge.net
+192.168.253.130 preloaded-hsts.badssl.self-test.geedge.net
+192.168.253.130 rc4.badssl.self-test.geedge.net
+192.168.253.130 rc4-md5.badssl.self-test.geedge.net
+192.168.253.130 revoked.badssl.self-test.geedge.net
+192.168.253.130 rsa1024.badssl.self-test.geedge.net
+192.168.253.130 rsa2048.badssl.self-test.geedge.net
+192.168.253.130 rsa3072.badssl.self-test.geedge.net
+192.168.253.130 rsa4096.badssl.self-test.geedge.net
+192.168.253.130 rsa512.badssl.self-test.geedge.net
+192.168.253.130 rsa8192.badssl.self-test.geedge.net
+192.168.253.130 self-signed.badssl.self-test.geedge.net
+192.168.253.130 sha1-2016.badssl.self-test.geedge.net
+192.168.253.130 sha1-2017.badssl.self-test.geedge.net
+192.168.253.130 sha1.badssl.self-test.geedge.net
+192.168.253.130 sha1-intermediate.badssl.self-test.geedge.net
+192.168.253.130 sha256.badssl.self-test.geedge.net
+192.168.253.130 sha384.badssl.self-test.geedge.net
+192.168.253.130 sha512.badssl.self-test.geedge.net
+192.168.253.130 spoof.badssl.self-test.geedge.net
+192.168.253.130 spoofed-favicon.badssl.self-test.geedge.net
+192.168.253.130 ssl-v2.badssl.self-test.geedge.net
+192.168.253.130 ssl-v3.badssl.self-test.geedge.net
+192.168.253.130 static-rsa.badssl.self-test.geedge.net
+192.168.253.130 subdomain.preloaded-hsts.badssl.self-test.geedge.net
+192.168.253.130 superfish.badssl.self-test.geedge.net
+192.168.253.130 tls-v1-0.badssl.self-test.geedge.net
+192.168.253.130 tls-v1-1.badssl.self-test.geedge.net
+192.168.253.130 tls-v1-2.badssl.self-test.geedge.net
+192.168.253.130 untrusted-root.badssl.self-test.geedge.net
+192.168.253.130 upgrade.badssl.self-test.geedge.net
+192.168.253.130 very.badssl.self-test.geedge.net
+192.168.253.130 webpack-dev-server.badssl.self-test.geedge.net
+192.168.253.130 wrong.host.badssl.self-test.geedge.net
+192.168.253.130 www.badssl.self-test.geedge.net
+192.168.253.130 xn--n1aae7f7o.badssl.self-test.geedge.net
+#### end of badssl.self-test.geedge.net hosts ####

unittest_python/unittest/unittest_self.py

@@ -0,0 +1,392 @@
+import unittest
+import json
+import pycurl
+import os
+import re
+from io import BytesIO
+
+
+URLBypass         = 'https://sha384.badssl.self-test.geedge.net'
+URLIntercept      = 'https://sha256.badssl.self-test.geedge.net'
+URLSexpired       = 'https://expired.badssl.self-test.geedge.net'
+URLSwronghost     = 'https://wrong.host.badssl.self-test.geedge.net'
+URLSselfsigned    = 'https://self-signed.badssl.self-test.geedge.net'
+URLSuntrustedroot = 'https://untrusted-root.badssl.self-test.geedge.net'
+URLSrevoked       = 'https://revoked.badssl.self-test.geedge.net'
+URLSpinningtest   = 'https://pinning-test.badssl.self-test.geedge.net'
+
+URLRedirect       = 'https://cn.bing.com/rs/2V/pE/cj,nj/b1392357/d94c45f4.js'
+URLReplace        = 'https://cn.bing.com/rs/5j/1pF/cj,nj/2213d9b6/b50738ca.js'
+URLInsert         = 'https://cn.bing.com/?FORM=BEHPTB'
+URLHijack         = 'https://cn.bing.com/rs/31/2n/cj,nj/4c7364c5/40e1b425.js'
+URLBlock          = 'https://cn.bing.com/rs/31/22/cj,nj/3f1e2270/f8c6dd44.js'
+
+
+ssl_bypass_info_re           = "ssl bypass ok"
+ssl_intercept_info_re        = "ssl intercept ok"
+https_exprired_info_re       = "https exprired ok"
+https_wrong_host_info_re     = "https wrong host ok"
+https_self_signed_info_re    = "https self signed ok"
+https_untrusted_root_info_re = "https untrusted_root ok"
+https_revoked_info_re        = "https revoked ok"
+https_pinning_test_info_re   = "https pinning-test ok"
+http_redirect_info_re        = "http connection redirect success"
+http_replace_info_re         = "http connection replace success"
+http_insert_info_re          = "http connection insert success"
+http_hijack_info_re          = "http connection hijack success"
+http_block_info_re           = "http connection block success"
+
+wpr_dns_resolve  = ['cn.bing.com:443:192.168.253.131']
+
+class SSLCheckRequestBuild:
+    def __init__(self):
+        self.conn = pycurl.Curl()
+        self.conn.setopt(self.conn.WRITEFUNCTION, BytesIO().write)
+        self.conn.setopt(self.conn.OPT_CERTINFO, 1)
+        self.conn.setopt(self.conn.SSL_VERIFYPEER, False)
+
+    def ssl_bypass(self):
+        self.conn.setopt(self.conn.URL,URLBypass)
+        self.conn.perform()
+        certs = self.conn.getinfo(self.conn.INFO_CERTINFO)
+        self.conn.close()
+        issuer = ()
+        for cert_info in certs[0]:
+            if cert_info[0] == "Issuer":
+                issuer = cert_info
+                break
+        if len(issuer) <= 0:
+            raise Exception("Error: get Certificate info error")
+        if re.search(r'\bCN[\s]*=[\s]*BadSSL\b',issuer[1],0):
+            raise Exception(ssl_bypass_info_re)
+        elif re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0):
+            raise Exception("Error:Ssl link is intercepted")
+        else:
+            raise Exception("Error:Got other error certificate information")
+
+    def ssl_intercept(self):
+        self.conn.setopt(self.conn.URL,URLIntercept)
+        self.conn.perform()
+        certs = self.conn.getinfo(self.conn.INFO_CERTINFO)
+        self.conn.close()
+        issuer = ()
+        for cert_info in certs[0]:
+            if cert_info[0] == "Issuer":
+                issuer = cert_info
+                break
+        if len(issuer) <= 0:
+            raise Exception("Error: get Certificate info error")
+        if re.search(r'CN = Tango[\s\S]*UNTRUST',issuer[1],0):
+            raise Exception(ssl_intercept_info_re)
+        elif re.search(r'\bCN[\s]*=[\s]*BadSSL\b',issuer[1],0):
+            raise Exception("Error:Ssl link is intercepted")
+        else:
+            raise Exception("Error:Got other error certificate information")
+
+
+class SslInterceptRequestBuild:
+    def __init__(self):
+        self.conn = pycurl.Curl()
+        self.conn.setopt(self.conn.WRITEFUNCTION, BytesIO().write)
+        self.conn.setopt(self.conn.OPT_CERTINFO, 1)
+        self.conn.setopt(self.conn.SSL_VERIFYPEER, False)
+
+    def ssl_intercept_expired(self):
+        self.conn.setopt(self.conn.URL, URLSexpired)
+        self.conn.perform()
+        certs = self.conn.getinfo(self.conn.INFO_CERTINFO)
+        self.conn.close()
+        issuer = ()
+        for cert_info in certs[0]:
+            if cert_info[0].lower() == "issuer":
+                issuer = cert_info
+                break
+        if len(issuer) <= 0:
+            raise Exception("Error: get Certificate info error")
+        if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0):
+            if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0):
+                raise Exception(https_exprired_info_re)
+            else:
+                raise Exception("Fail:ssl intercept cert is trust")
+        else:
+            raise Exception("Error:Got other error certificate information")
+
+
+    def ssl_intercept_wrong_host(self):
+        self.conn.setopt(self.conn.URL,URLSwronghost)
+        self.conn.setopt(self.conn.SSL_VERIFYHOST, False)
+        self.conn.perform()
+        certs = self.conn.getinfo(self.conn.INFO_CERTINFO)
+        self.conn.close()
+        issuer = ()
+        for cert_info in certs[0]:
+            if cert_info[0].lower() == "issuer":
+                issuer = cert_info
+                break
+        if len(issuer) <= 0:
+            raise Exception("Error: get Certificate info error")
+        if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0):
+            if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0):
+                raise Exception(https_wrong_host_info_re )
+            else:
+                raise Exception("Fail:ssl intercept cert is trust")
+        else:
+            raise Exception("Error:Got other error certificate information")
+
+    def ssl_intercept_self_signed(self):
+        self.conn.setopt(self.conn.URL,URLSselfsigned)
+        self.conn.perform()
+        certs = self.conn.getinfo(self.conn.INFO_CERTINFO)
+        self.conn.close()
+        issuer = ()
+        for cert_info in certs[0]:
+            if cert_info[0].lower() == "issuer":
+                issuer = cert_info
+                break
+        if len(issuer) <= 0:
+            raise Exception("Error: get Certificate info error")
+        if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0):
+            if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0):
+                raise Exception(https_self_signed_info_re)
+            else:
+                raise Exception("Fail:ssl intercept cert is trust")
+        else:
+            raise Exception("Error:Got other error certificate information")
+
+    def ssl_intercept_untrusted_root(self):
+        self.conn.setopt(self.conn.URL,URLSuntrustedroot)
+        self.conn.perform()
+        certs = self.conn.getinfo(self.conn.INFO_CERTINFO)
+        self.conn.close()
+        issuer = ()
+        for cert_info in certs[0]:
+            if cert_info[0].lower() == "issuer":
+                issuer = cert_info
+                break
+        if len(issuer) <= 0:
+            raise Exception("Error: get Certificate info error")
+        if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0):
+            if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0):
+                raise Exception(https_untrusted_root_info_re)
+            else:
+                raise Exception("Fail:ssl intercept cert is trust")
+        else:
+            raise Exception("Error:Got other error certificate information")
+
+
+    def ssl_intercept_revoked(self):
+
+        self.conn.setopt(self.conn.URL,URLSrevoked)
+        self.conn.perform()
+        certs = self.conn.getinfo(self.conn.INFO_CERTINFO)
+        self.conn.close()
+        issuer = ()
+        for cert_info in certs[0]:
+            if cert_info[0].lower() == "issuer":
+                issuer = cert_info
+                break
+        if len(issuer) <= 0:
+            raise Exception("Error: get Certificate info error")
+        if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0):
+            if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0):
+                raise Exception(https_revoked_info_re)
+            else:
+                raise Exception("Fail:ssl intercept cert is trust")
+        else:
+            raise Exception("Error:Got other error certificate information")
+
+
+    def ssl_intercept_pinning_test(self):
+
+        self.conn.setopt(self.conn.URL,URLSpinningtest)
+        self.conn.perform()
+        certs = self.conn.getinfo(self.conn.INFO_CERTINFO)
+        self.conn.close()
+        issuer = ()
+        for cert_info in certs[0]:
+            if cert_info[0].lower() == "issuer":
+                issuer = cert_info
+                break
+        if len(issuer) <= 0:
+            raise Exception("Error: get Certificate info error")
+        if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0):
+            if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0):
+                raise Exception(https_pinning_test_info_re)
+            else:
+                raise Exception("Fail:ssl intercept cert is trust")
+        else:
+            raise Exception("Error:Got other error certificate information")
+
+
+class SslHttpRequestBuild:
+    def __init__(self):
+        self.bodyBuf = BytesIO()
+        self.conn = pycurl.Curl()
+        self.conn.setopt(self.conn.OPT_CERTINFO, 1)
+        self.conn.setopt(self.conn.SSL_VERIFYPEER, False)
+        self.conn.setopt(self.conn.ENCODING, "gzip,deflate")
+        self.conn.setopt(self.conn.RESOLVE,wpr_dns_resolve)
+
+    def http_redirect(self):
+        self.conn.setopt(self.conn.URL, URLRedirect)
+        self.conn.setopt(self.conn.WRITEFUNCTION, BytesIO().write)
+        self.conn.perform()
+        rescode = self.conn.getinfo(self.conn.RESPONSE_CODE)
+        self.conn.close()
+        if rescode == 301 or rescode == 302:
+            raise Exception(http_redirect_info_re)
+        else:
+            raise Exception("Error:Http connection redirect fail")
+
+    def http_replace(self):
+        self.conn.setopt(self.conn.WRITEDATA, self.bodyBuf)
+        self.conn.setopt(self.conn.URL, URLReplace)
+        resCode = self.conn.getinfo(self.conn.RESPONSE_CODE)
+        self.conn.perform()
+        body = self.bodyBuf.getvalue().decode('utf-8')
+        self.conn.close()
+        if not re.search(r'EnglishSearchShared', body, 0) and \
+                re.search(r'03C174CD9D809789CCEC18D6F585DF3E', body, 0):
+            raise Exception(http_replace_info_re)
+        else:
+            raise Exception("Error:Http connection replace fail")
+
+    def http_insert(self):
+        self.conn.setopt(self.conn.WRITEDATA, self.bodyBuf)
+        self.conn.setopt(self.conn.URL, URLInsert)
+        resCode = self.conn.getinfo(self.conn.RESPONSE_CODE)
+        self.conn.perform()
+        body = self.bodyBuf.getvalue().decode('utf-8')
+        self.conn.close()
+        if re.search(r'httpSelfcheckInsert', body, 0) and \
+                re.search(r'5BE3754D1EA8D51E8D993060FA225330', body, 0):
+            raise Exception(http_insert_info_re)
+        else:
+            raise Exception("Error:Http connection insert fail")
+
+    def http_block(self):
+        self.conn.setopt(self.conn.URL, URLBlock)
+        self.conn.setopt(self.conn.WRITEFUNCTION, self.bodyBuf.write)
+        self.conn.perform()
+        rescode = self.conn.getinfo(self.conn.RESPONSE_CODE)
+        body = self.bodyBuf.getvalue().decode('utf-8')
+        self.conn.close()
+        if re.search(r'E33F01E50AFE043191931DD40190B09B', body, 0) and (rescode == 404 or rescode == 451):
+            raise Exception(http_block_info_re)
+        else:
+            raise Exception("Error:http connection block fail")
+
+    def http_hijack(self):
+
+        self.conn.setopt(self.conn.URL, URLHijack)
+        self.conn.setopt(self.conn.WRITEFUNCTION, self.bodyBuf.write)
+        self.conn.perform()
+        self.conn.close()
+        if os.path.exists("/root/http_hijack.out"):
+            os.remove("/root/http_hijack.out")
+        cmdtodo = 'curl %s -k -s --resolve cn.bing.com:443:192.168.253.131 -o /root/http_hijack.out' % URLHijack
+        optdl = os.popen(cmdtodo)
+        if len(optdl.read()):
+            optdl.close()
+            raise Exception("Error:http_hijack download file fail")
+        optdl.close()
+        if not os.path.exists("/root/http_hijack.out"):
+            raise Exception("Error:http_hijack download file fail")
+        optmd5 = os.popen("md5sum /root/http_hijack.out")
+        if re.search("4bf06db1a228c5c8d978ebf9e1169d0d", optmd5.read(), 0):
+            optmd5.close()
+            raise Exception(http_hijack_info_re)
+        else:
+            optmd5.close()
+            raise Exception("Error:http connection hijack fail")
+
+
+class SslUnitTest(unittest.TestCase):
+
+    def test_ssl_bypass(self):
+        sslHandler = SSLCheckRequestBuild()
+        with self.assertRaisesRegex(Exception, ssl_bypass_info_re):
+            sslHandler.ssl_bypass()
+
+    def test_ssl_intercept(self):
+        sslHandler = SSLCheckRequestBuild()
+        with self.assertRaisesRegex(Exception, ssl_intercept_info_re):
+            sslHandler.ssl_intercept()
+
+    def test_ssl_intercept_expired(self):
+        requestHandler = SslInterceptRequestBuild()
+        with self.assertRaisesRegex(Exception, https_exprired_info_re):
+            requestHandler.ssl_intercept_expired()
+
+    def test_ssl_intercept_wrong_host(self):
+        requestHandler = SslInterceptRequestBuild()
+        with self.assertRaisesRegex(Exception, https_wrong_host_info_re):
+            requestHandler.ssl_intercept_wrong_host()
+
+    def test_ssl_intercept_self_signed(self):
+        requestHandler = SslInterceptRequestBuild()
+        with self.assertRaisesRegex(Exception, https_self_signed_info_re):
+            requestHandler.ssl_intercept_self_signed()
+
+    def test_ssl_intercept_untrusted_root(self):
+        requestHandler = SslInterceptRequestBuild()
+        with self.assertRaisesRegex(Exception, https_untrusted_root_info_re):
+            requestHandler.ssl_intercept_untrusted_root()
+
+    def test_ssl_intercept_revoked(self):
+        requestHandler = SslInterceptRequestBuild()
+        with self.assertRaisesRegex(Exception, https_revoked_info_re):
+            requestHandler.ssl_intercept_revoked()
+
+    def test_ssl_intercept_pinning_test(self):
+        requestHandler = SslInterceptRequestBuild()
+        with self.assertRaisesRegex(Exception, https_pinning_test_info_re):
+            requestHandler.ssl_intercept_pinning_test()
+
+    def test_http_redirect(self):
+        httpHandler = SslHttpRequestBuild()
+        with self.assertRaisesRegex(Exception, http_redirect_info_re):
+            httpHandler.http_redirect()
+
+    def test_http_block(self):
+        httpHandler = SslHttpRequestBuild()
+        with self.assertRaisesRegex(Exception, http_block_info_re):
+            httpHandler.http_block()
+
+    def test_http_replace(self):
+        httpHandler = SslHttpRequestBuild()
+        with self.assertRaisesRegex(Exception, http_replace_info_re):
+            httpHandler.http_replace()
+
+    def test_http_hijack(self):
+        httpHandler = SslHttpRequestBuild()
+        with self.assertRaisesRegex(Exception, http_hijack_info_re):
+            httpHandler.http_hijack()
+
+    def test_http_insert(self):
+        httpHandler = SslHttpRequestBuild()
+        with self.assertRaisesRegex(Exception, http_insert_info_re):
+            httpHandler.http_insert()
+
+if __name__ == '__main__':
+    suite = unittest.TestSuite()
+    suite.addTest(SslUnitTest('test_ssl_bypass'))
+    suite.addTest(SslUnitTest('test_ssl_intercept'))
+    suite.addTest(SslUnitTest('test_ssl_intercept_expired'))
+    suite.addTest(SslUnitTest('test_ssl_intercept_wrong_host'))
+    suite.addTest(SslUnitTest('test_ssl_intercept_self_signed'))
+    suite.addTest(SslUnitTest('test_ssl_intercept_untrusted_root'))
+    suite.addTest(SslUnitTest('test_ssl_intercept_revoked'))
+    suite.addTest(SslUnitTest('test_ssl_intercept_pinning_test'))
+    suite.addTest(SslUnitTest('test_http_redirect'))
+    suite.addTest(SslUnitTest('test_http_block'))
+    suite.addTest(SslUnitTest('test_http_replace'))
+    suite.addTest(SslUnitTest('test_http_hijack'))
+    suite.addTest(SslUnitTest('test_http_insert'))
+    with open("/root/unittest_result.txt","w+") as f:
+        runner = unittest.TextTestRunner(stream=f,verbosity=2)
+        runner.run(suite)
+    print('\n'*10)
+    print("-"*100)
+    os.system("cat /root/unittest_result.txt")
+    print("="*100)

wpr_golang/Dockerfile

@@ -0,0 +1,8 @@
+# Start golang:alpine3.10 to build python:wpr-alpine
+FROM golang:alpine3.10
+
+ADD wpr /root/wpr
+
+WORKDIR /root/wpr
+
+CMD tail -f /dev/null

wpr_golang/wpr/deterministic.js

@@ -0,0 +1,70 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+'use strict';
+
+(function () {
+  var random_count = 0;
+  var random_count_threshold = 25;
+  var random_seed = 0.462;
+  Math.random = function() {
+    random_count++;
+    if (random_count > random_count_threshold){
+     random_seed += 0.1;
+     random_count = 1;
+    }
+    return (random_seed % 1);
+  };
+  if (typeof(crypto) == 'object' &&
+      typeof(crypto.getRandomValues) == 'function') {
+    crypto.getRandomValues = function(arr) {
+      var scale = Math.pow(256, arr.BYTES_PER_ELEMENT);
+      for (var i = 0; i < arr.length; i++) {
+        arr[i] = Math.floor(Math.random() * scale);
+      }
+      return arr;
+    };
+  }
+})();
+(function () {
+  var date_count = 0;
+  var date_count_threshold = 25;
+  var orig_date = Date;
+  // Time since epoch in milliseconds. This is replaced by script injector with
+  // the date when the recording is done.
+  var time_seed = {{WPR_TIME_SEED_TIMESTAMP}};
+  Date = function() {
+    if (this instanceof Date) {
+      date_count++;
+      if (date_count > date_count_threshold){
+        time_seed += 50;
+        date_count = 1;
+      }
+      switch (arguments.length) {
+      case 0: return new orig_date(time_seed);
+      case 1: return new orig_date(arguments[0]);
+      default: return new orig_date(arguments[0], arguments[1],
+         arguments.length >= 3 ? arguments[2] : 1,
+         arguments.length >= 4 ? arguments[3] : 0,
+         arguments.length >= 5 ? arguments[4] : 0,
+         arguments.length >= 6 ? arguments[5] : 0,
+         arguments.length >= 7 ? arguments[6] : 0);
+      }
+    }
+    return new Date().toString();
+  };
+  Date.__proto__ = orig_date;
+  Date.prototype = orig_date.prototype;
+  Date.prototype.constructor = Date;
+  orig_date.now = function() {
+    return new Date().getTime();
+  };
+  orig_date.prototype.getTimezoneOffset = function() {
+    var dst2010Start = 1268560800000;
+    var dst2010End = 1289120400000;
+    if (this.getTime() >= dst2010Start && this.getTime() < dst2010End)
+      return 420;
+    return 480;
+  };
+})();

wpr_golang/wpr/wpr_cert.pem

@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIICATCCAWoCCQCDQuSFACCgVTANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJB
+VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0
+cyBQdHkgTHRkMB4XDTE3MDgwODIxNDMzN1oXDTIwMDUwNDIxNDMzN1owRTELMAkG
+A1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0
+IFdpZGdpdHMgUHR5IEx0ZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAss6h
+jUQ03vx0y87fe1ISV11po8VXiihckpsKpawS6uQomO2gfGeuLniuA04tJTg7xpDK
+1YT3OroSL9yort2XpSpmJm3CTgdWsEvvzpxUqWCk+SFycb4Qx0PHL8/IwPfyM21M
+0wkuLBvGJmoyje+Nn/j7Vct02KwBZMMtpZ5fGZsCAwEAATANBgkqhkiG9w0BAQsF
+AAOBgQARSrF+8W9pHbAnTlz6uQZZIQ57jmeKe8E9jobBG8Ud7kFATE9en0bImY6h
+dpf26y5/TU8IpjH4HdEN8KBe5byPi6J2+jLThvZda/hUJftSYr3fJlo3VQ2CZpjL
+AsL6O4dgBfJzTggc6zcgRLjpX/IpILJ9l0XbAj9kl/zTj0CTXg==
+-----END CERTIFICATE-----

wpr_golang/wpr/wpr_key.pem

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALLOoY1ENN78dMvO
+33tSElddaaPFV4ooXJKbCqWsEurkKJjtoHxnri54rgNOLSU4O8aQytWE9zq6Ei/c
+qK7dl6UqZiZtwk4HVrBL786cVKlgpPkhcnG+EMdDxy/PyMD38jNtTNMJLiwbxiZq
+Mo3vjZ/4+1XLdNisAWTDLaWeXxmbAgMBAAECgYAadwLqScIZjvwqfkANnKQiUi0k
+lDzUsgyhllkJFGLoaUSo/eLXBvF851e6HYQJEj2msh+TYs7E3m16sAo3d4zOIdnz
+VwOF0SVuUveqJz6K1/k6nPxck+dPj8Mi+gBm3Fd0+0wcozjWaxhx3f462HCUb6b+
+ZpJRBsbyvzu6rn7iQQJBAOlWhtfL8r9+Kl0vxRD1XukaJwlxPv24JhfKOU4z8WlJ
+WX7Wr8ws+xKS+CtfFnjkf/iFJPpTb8jxpQyWMJzYZIkCQQDELE5hGnBFVQArMAOp
+VbwYordTrVY3AagO4tDJ6T3a7GEXE28ol16/i02+4FLd65vubL21IuX0exH/eRvZ
+Q4wDAkEAub/qyiEOFkjOWq5rd0uNiY0LJGYlWf7dPDT8l3ecJ09/0gv/mE76c9fR
+fV1N22EzSlhbjncbVuCenj11Z3aP2QJAILtfzJXzu63GHG6jfcKfYuDrg9u9Mepl
+1y4DNl1jg77DKG2Gs5gmKAGfVETrrrmcR/j+4lVTVyqdwym6+tJpbwJBAN3vixxc
+5N9pUMDfFnHrx/x9QPd0JgSAT21KSIB+PndlbD7QO6nwFhQNNcTYt2D4VWPVo1vg
+lOraHyFakb7NqEA=
+-----END PRIVATE KEY-----