Closed Bug 1544089 Opened 6 months ago Closed 6 months ago

ssltunnel must listen on public addresses to support android ssl testing


(Testing :: Mochitest, defect)

Not set


(firefox68 fixed)

Tracking Status
firefox68 --- fixed


(Reporter: bc, Assigned: bc)





(2 files, 2 obsolete files)

bug 1474895 changed ssltunnel to only listen to the loopback/localhost address in order to suppress warnings from developer's firewalls.

This however has broken the ability of proxy pac files from using the ssltunnel running on the attached host device to access the test https web sites.

Reverting the patch in Bug 1474895 allows android devices to access the https urls during mochitests.

mayhemer suggests will allow this to be configured at runtime. We could use an environment variable to enable public addresses. Perhaps SSLTUNNEL_PUBLIC would be sufficient. I'll work up a patch to do that.

aerickson: once we have this landed, we will need to do a hostutils release.

maybe add the option to processConfigLine?

Actually that is reused later but I can set another variable and use that.

See Also: → 1523425

'*' or '' in to signal ssltunnel whether to listen on public addresses or
Currently ssltunnel only listens on the loopback address. This does not work with
Android devices or emulators since they must specify the public address of the host
where ssltunnel is running.

This patch changes ssltunnel's response to the configuration line


from only listening on the loopback address to listening on any address.

It supports configuring ssltunnel to listen on the loopback address by specifying
the address as


I tested this locally with an android device, android emulator and desktop firefox on linux. When this first lands, it should only affect developers who are using their locally built ssltunnel but shouldn't affect anyone who is using the hostutils version. The default ssltunnel.cfg will still use '*' for everyone so they might get firewall warnings after the first patch lands and before the second lands.

Once the first patch lands, we'll need to deploy an updated hostutils containing this updated ssltunnel. Andrew, if you could work with me to test the updated hostutils before we actually change the manifest in the tree that would be great.

Once we are happy with the change and deploy the new hostutils we can land the second patch which tells the remote mochitests to use a public address while the desktop mochitests will continue to use the loopback address.

When this is all done and this bug is resolved, it should be possible to land bug 1335740 again.

Attachment #9058344 - Attachment is obsolete: true
Attachment #9058344 - Attachment is obsolete: false
Attachment #9058344 - Attachment is obsolete: true
Attachment #9058343 - Attachment is obsolete: true
Pushed by
Allow the configuration of the ssltunnel listening address, r=mayhemer.
Closed: 6 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla68

reopen for mochitest changes.

Resolution: FIXED → ---

(In reply to Bob Clary [:bc:] from comment #11)

reopen for mochitest changes.

Next time you can add the leave-open keyword to prevent the bug from automatically being closed when the first patch lands.

Don't forget to remove it before landing the final patch though.

Looking forward to that final patch, thanks for your work :)

Pushed by
[mochitest] - Configure ssltunnel to listen on loopback address for Desktop and any public address for Remote tests, r=gbrown.
Closed: 6 months ago6 months ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.