Merge branch 'master' of scm.dev.troll.no:qt/qt-earth-team into symbian-socket-engine

Conflicts: src/s60installs/bwins/QtCoreu.def src/s60installs/bwins/QtGuiu.def src/s60installs/bwins/QtNetworku.def src/s60installs/eabi/QtCoreu.def src/s60installs/eabi/QtGuiu.def src/s60installs/eabi/QtNetworku.def src/s60installs/eabi/QtOpenVGu.def tests/auto/qabstractnetworkcache/tst_qabstractnetworkcache.cpp
author: Shane Kearns <shane.kearns@accenture.com> 2011-04-11 11:48:44 +0100
committer: Shane Kearns <shane.kearns@accenture.com> 2011-04-11 11:48:44 +0100
commit: 1062da14facb7dd10f0928a4c242549d3626f9ba (patch)
tree: 4462fcaa82b45c47eddcdcb1d89e1cc03de45a85 /tests/auto/qsslsocket
parent: 847df81a5680fe4d71196d0afe5e68e41ae49700 (diff)
parent: dd60cf7ba8afdf5c84f5793c1e1d08ab18303a74 (diff)
3 files changed, 115 insertions, 4 deletions
diff --git a/tests/auto/qsslsocket/certs/fake-login.live.com.key b/tests/auto/qsslsocket/certs/fake-login.live.com.key
new file mode 100644
index 0000000000..692a7bd85d
--- /dev/null
+++ b/tests/auto/qsslsocket/certs/fake-login.live.com.key
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDOtxdvMa0VHUQYG5q7Tsi1Jj4qKEJppyZEkmuRXOi0fDbd1SwE
+bwHrLGMvDO6OMrYBbq3WDNrtnIfF9CvzUOEch+gjr4hEVQqecU5fb45Wor7yNel3
+/C/gxfbzuXHrsj/gUjNghL2i10+c2NW+hUo/sWO6OusaBT6d6s7ee+YBcQIDAQAB
+AoGAb8cVhu0HuLkgjyCuJMbPRRUu3ED02Iin6sB6JhplQuNAD+grayJTmUVhRJnr
+jTziqhedLHe7Em1oBaSo92MutfMpXvWiccSlbNygI61VgmrJpVB+qIN5H9cQc9ql
+Zymc+nIPa1+i5rsrOzlpUytTh7AsbZ27QG4tQXR/kQejEiECQQD6BgTxBeT8D7x9
+DuukoBaSCkLwx7U7P1NXx15EI3lA1nO51t6UHfvk/jGPp8Sl4wv4alJ7AQxr5uQ/
+vC3kzA/1AkEA06gNu10se8pe3n8qL2RRt+FmVjHkQdD9Mm2Dx9oWCs2A4wOSOrlo
+6/nKYF1CaQNYn9HgsNbHVEUpnICVO18qDQJBALEw/uOJ1+TDikPfBSWgxx4s45Ad
+GNWqZXh6NNZ5hX9r/IwiOZAjR9fcRmeW8IjYRi2BvH6sGY+HDRAWXzgdXtkCQCma
+dOiJTf8fLjqp4E7kdzOfuI/kyqstOze4Uxjrgz2oW1dEEnA8laUcumzqp+0gXUE8
+7d+UuCWWWrGKjMrYz9kCQQDh5E5+b6Djn082Jo6gvyuXWC5eXju6IdmihlJ2SMzD
+s2y3IDjOUtTeQQRDymLneteMz0ha79KeUp6VnAvZCOVe
+-----END RSA PRIVATE KEY-----
diff --git a/tests/auto/qsslsocket/certs/fake-login.live.com.pem b/tests/auto/qsslsocket/certs/fake-login.live.com.pem
new file mode 100644
index 0000000000..429f95187c
--- /dev/null
+++ b/tests/auto/qsslsocket/certs/fake-login.live.com.pem
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDDjCCAnegAwIBAgIRALC3Ez7Qlvm1b66RyHS9OsAwDQYJKoZIhvcNAQEFBQAw
+XjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGElu
+dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMObG9naW4ubGl2ZS5jb20w
+HhcNMTEwMzI1MTMyODUwWhcNMTEwNDI0MTMyODUwWjBeMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ
+dHkgTHRkMRcwFQYDVQQDEw5sb2dpbi5saXZlLmNvbTCBnzANBgkqhkiG9w0BAQEF
+AAOBjQAwgYkCgYEAzrcXbzGtFR1EGBuau07ItSY+KihCaacmRJJrkVzotHw23dUs
+BG8B6yxjLwzujjK2AW6t1gza7ZyHxfQr81DhHIfoI6+IRFUKnnFOX2+OVqK+8jXp
+d/wv4MX287lx67I/4FIzYIS9otdPnNjVvoVKP7FjujrrGgU+nerO3nvmAXECAwEA
+AaOByzCByDAdBgNVHQ4EFgQUpSOEcmtkQITvBdM2IDfcXnJ0FCAwgZgGA1UdIwSB
+kDCBjYAUpSOEcmtkQITvBdM2IDfcXnJ0FCChYqRgMF4xCzAJBgNVBAYTAkFVMRMw
+EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0
+eSBMdGQxFzAVBgNVBAMTDmxvZ2luLmxpdmUuY29tghEAsLcTPtCW+bVvrpHIdL06
+wDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAD+2HT4GSHHKCdbl9VkX
+zsl+D+drMm2b0ksxz9SgPihP7aW50EEIJDEEihNMTa27mhpeOXHc/sLqDi4ECUao
+/0Ns/5uoVuAIrAKCydmtPsonVFh9XWjyrfUzPOHAc9p2bmJ1i9a3kTsLB6jlrVDO
+VufGzsowHlHZ0TtKf5omojU5
+-----END CERTIFICATE-----
diff --git a/tests/auto/qsslsocket/tst_qsslsocket.cpp b/tests/auto/qsslsocket/tst_qsslsocket.cpp
index 023fbb3c09..b508d4795b 100644
--- a/tests/auto/qsslsocket/tst_qsslsocket.cpp
+++ b/tests/auto/qsslsocket/tst_qsslsocket.cpp
@@ -67,6 +67,7 @@ typedef QList<QSslError::SslError> SslErrorList;
 Q_DECLARE_METATYPE(SslErrorList)
 Q_DECLARE_METATYPE(QSslError)
 Q_DECLARE_METATYPE(QSsl::SslProtocol)
+Q_DECLARE_METATYPE(QSslConfiguration)
 #endif
 
 #if defined Q_OS_HPUX && defined Q_CC_GNU
@@ -152,6 +153,8 @@ private slots:
     void setLocalCertificate();
     void setPrivateKey();
     void setSocketDescriptor();
+    void setSslConfiguration_data();
+    void setSslConfiguration();
     void waitForEncrypted();
     void waitForConnectedEncryptedReadyRead();
     void startClientEncryption();
@@ -185,6 +188,7 @@ private slots:
     void ignoreSslErrorsListWithSlot();
     void readFromClosedSocket();
     void writeBigChunk();
+    void blacklistedCertificates();
     void setEmptyDefaultConfiguration();
 
     static void exitLoop()
@@ -859,9 +863,16 @@ class SslServer : public QTcpServer
 {
     Q_OBJECT
 public:
-    SslServer() : socket(0), protocol(QSsl::TlsV1) { }
+    SslServer(const QString &keyFile = SRCDIR "certs/fluke.key", const QString &certFile = SRCDIR "certs/fluke.cert")
+        : socket(0),
+          protocol(QSsl::TlsV1),
+          m_keyFile(keyFile),
+          m_certFile(certFile) { }
     QSslSocket *socket;
     QSsl::SslProtocol protocol;
+    QString m_keyFile;
+    QString m_certFile;
+
 protected:
     void incomingConnection(int socketDescriptor)
     {
@@ -869,13 +880,13 @@ protected:
         socket->setProtocol(protocol);
         connect(socket, SIGNAL(sslErrors(const QList<QSslError> &)), this, SLOT(ignoreErrorSlot()));
 
-        QFile file(SRCDIR "certs/fluke.key");
+        QFile file(m_keyFile);
         QVERIFY(file.open(QIODevice::ReadOnly));
         QSslKey key(file.readAll(), QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey);
         QVERIFY(!key.isNull());
         socket->setPrivateKey(key);
 
-        QList<QSslCertificate> localCert = QSslCertificate::fromPath(SRCDIR "certs/fluke.cert");
+        QList<QSslCertificate> localCert = QSslCertificate::fromPath(m_certFile);
         QVERIFY(!localCert.isEmpty());
         QVERIFY(localCert.first().handle());
         socket->setLocalCertificate(localCert.first());
@@ -1040,6 +1051,39 @@ void tst_QSslSocket::setSocketDescriptor()
     QVERIFY(client->localPort() != 0);
 }
 
+void tst_QSslSocket::setSslConfiguration_data()
+{
+    QTest::addColumn<QSslConfiguration>("configuration");
+    QTest::addColumn<bool>("works");
+
+    QTest::newRow("empty") << QSslConfiguration() << false;
+    QSslConfiguration conf = QSslConfiguration::defaultConfiguration();
+    QTest::newRow("default") << conf << false; // does not contain test server cert
+    QList<QSslCertificate> testServerCert = QSslCertificate::fromPath(SRCDIR "certs/qt-test-server-cacert.pem");
+    conf.setCaCertificates(testServerCert);
+    QTest::newRow("set-root-cert") << conf << true;
+    conf.setProtocol(QSsl::SecureProtocols);
+    QTest::newRow("secure") << conf << true;
+}
+
+void tst_QSslSocket::setSslConfiguration()
+{
+    if (!QSslSocket::supportsSsl())
+        return;
+
+    QSslSocketPtr socket = newSocket();
+    QFETCH(QSslConfiguration, configuration);
+    socket->setSslConfiguration(configuration);
+    this->socket = socket;
+    socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443);
+    QFETCH(bool, works);
+    QCOMPARE(socket->waitForEncrypted(10000), works);
+    if (works) {
+        socket->disconnectFromHost();
+        QVERIFY2(socket->waitForDisconnected(), qPrintable(socket->errorString()));
+    }
+}
+
 void tst_QSslSocket::waitForEncrypted()
 {
     if (!QSslSocket::supportsSsl())
@@ -1941,6 +1985,38 @@ void tst_QSslSocket::writeBigChunk()
     socket->close();
 }
 
+void tst_QSslSocket::blacklistedCertificates()
+{
+    QFETCH_GLOBAL(bool, setProxy);
+    if (setProxy)
+        return;
+
+    SslServer server(SRCDIR "certs/fake-login.live.com.key", SRCDIR "certs/fake-login.live.com.pem");
+    QSslSocket *receiver = new QSslSocket(this);
+    connect(receiver, SIGNAL(readyRead()), SLOT(exitLoop()));
+
+    // connect two sockets to each other:
+    QVERIFY(server.listen(QHostAddress::LocalHost));
+    receiver->connectToHost("127.0.0.1", server.serverPort());
+    QVERIFY(receiver->waitForConnected(5000));
+    QVERIFY(server.waitForNewConnection(0));
+
+    QSslSocket *sender = server.socket;
+    QVERIFY(sender);
+    QVERIFY(sender->state() == QAbstractSocket::ConnectedState);
+    receiver->setObjectName("receiver");
+    sender->setObjectName("sender");
+    receiver->startClientEncryption();
+
+    connect(receiver, SIGNAL(sslErrors(QList<QSslError>)), SLOT(exitLoop()));
+    connect(receiver, SIGNAL(encrypted()), SLOT(exitLoop()));
+    enterLoop(1);
+    QList<QSslError> sslErrors = receiver->sslErrors();
+    QVERIFY(sslErrors.count() > 0);
+    // there are more errors (self signed cert and hostname mismatch), but we only care about the blacklist error
+    QCOMPARE(sslErrors.at(0).error(), QSslError::CertificateBlacklisted);
+}
+
 void tst_QSslSocket::setEmptyDefaultConfiguration()
 {
     // used to produce a crash in QSslConfigurationPrivate::deepCopyDefaultConfiguration, QTBUG-13265
@@ -1952,8 +2028,9 @@ void tst_QSslSocket::setEmptyDefaultConfiguration()
     QSslConfiguration::setDefaultConfiguration(emptyConf);
 
     QSslSocketPtr socket = newSocket();
+    connect(socket, SIGNAL(sslErrors(const QList<QSslError> &)), this, SLOT(ignoreErrorSlot()));
     socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443);
-
+    QVERIFY2(!socket->waitForEncrypted(4000), qPrintable(socket->errorString()));
 }
 
 #endif // QT_NO_OPENSSL
author	Shane Kearns <shane.kearns@accenture.com>	2011-04-11 11:48:44 +0100
committer	Shane Kearns <shane.kearns@accenture.com>	2011-04-11 11:48:44 +0100
commit	1062da14facb7dd10f0928a4c242549d3626f9ba (patch)
tree	4462fcaa82b45c47eddcdcb1d89e1cc03de45a85 /tests/auto/qsslsocket
parent	847df81a5680fe4d71196d0afe5e68e41ae49700 (diff)
parent	dd60cf7ba8afdf5c84f5793c1e1d08ab18303a74 (diff)