diff options
author | Mårten Nordheim <marten.nordheim@qt.io> | 2023-04-21 16:34:23 +0200 |
---|---|---|
committer | Mårten Nordheim <marten.nordheim@qt.io> | 2023-04-25 23:39:24 +0200 |
commit | 825a37da66ac45f0a5589100197146b083a2dbb7 (patch) | |
tree | 5a4994e3ac34fa08ef43c989f55144d3d90f7614 | |
parent | 15dab565d071455ef08d6bf4ad4980f726df1cfa (diff) |
tst_QSslCertificate: Make it easier to check which backend is used
Instead of having one member signaling !openssl
let's just add booleans for openssl, schannel and securetransport.
The latter two of which are not currently used but may be in the future.
As a drive-by, make a compile-time check into a runtime one.
Change-Id: Id2f51f5396383a3f5836ac708996bfce8ae35c91
Reviewed-by: Konrad Kujawa <konrad.kujawa@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
-rw-r--r-- | tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp | 59 |
1 files changed, 40 insertions, 19 deletions
diff --git a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp index 89499e8291..282bec95ef 100644 --- a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp +++ b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp @@ -102,7 +102,31 @@ private slots: #endif // QT_CONFIG(ssl) private: QString testDataDir; - bool isNonOpenSslTls = false; + + enum class TLSBackend { + OpenSSL, + Schannel, + SecureTransport, + CertOnly, + Unknown, + }; + static TLSBackend currentBackend() + { + static TLSBackend activeBackend = []() { + using namespace Qt::StringLiterals; + const QString active = QSslSocket::activeBackend(); + if (active == "openssl"_L1) + return TLSBackend::OpenSSL; + if (active == "schannel") + return TLSBackend::Schannel; + if (active == "securetransport") + return TLSBackend::SecureTransport; + if (active == "cert-only") + return TLSBackend::CertOnly; + return TLSBackend::Unknown; + }(); + return activeBackend; + } }; void tst_QSslCertificate::initTestCase() @@ -113,8 +137,6 @@ void tst_QSslCertificate::initTestCase() if (!testDataDir.endsWith(QLatin1String("/"))) testDataDir += QLatin1String("/"); - isNonOpenSslTls = QSslSocket::activeBackend() != QStringLiteral("openssl"); - QDir dir(testDataDir + "certificates"); QFileInfoList fileInfoList = dir.entryInfoList(QDir::Files | QDir::Readable); QRegularExpression rxCert(QLatin1String("^.+\\.(pem|der)$")); @@ -451,7 +473,7 @@ void tst_QSslCertificate::subjectInfoToString() QVERIFY(testInfo(QSslCertificate::DistinguishedNameQualifier, QString())); QVERIFY(testInfo(QSslCertificate::SerialNumber, QString())); // TODO: check why generic code does not handle this! - if (!isNonOpenSslTls) + if (currentBackend() == TLSBackend::OpenSSL) QVERIFY(testInfo(QSslCertificate::EmailAddress, QStringLiteral("ababic@trolltech.com"))); } @@ -463,9 +485,8 @@ void tst_QSslCertificate::subjectIssuerDisplayName_data() QTest::addRow("CommonName") << QStringLiteral("more-certificates/cert-cn.pem") << QStringLiteral("YOUR name"); QTest::addRow("OrganizationName") << QStringLiteral("more-certificates/cert-on.pem") << QStringLiteral("R&D"); QTest::addRow("OrganizationUnitName") << QStringLiteral("more-certificates/cert-oun.pem") << QStringLiteral("Foundations"); -#ifndef QT_NO_OPENSSL - QTest::addRow("NoSubjectName") << QStringLiteral("more-certificates/cert-noname.pem") << QString(); -#endif + if (currentBackend() == TLSBackend::OpenSSL) + QTest::addRow("NoSubjectName") << QStringLiteral("more-certificates/cert-noname.pem") << QString(); } void tst_QSslCertificate::subjectIssuerDisplayName() @@ -875,7 +896,7 @@ void tst_QSslCertificate::task256066toPem() void tst_QSslCertificate::nulInCN() { - if (isNonOpenSslTls) + if (currentBackend() != TLSBackend::OpenSSL) QSKIP("Generic QSslCertificatePrivate fails this test"); QList<QSslCertificate> certList = @@ -895,7 +916,7 @@ void tst_QSslCertificate::nulInCN() void tst_QSslCertificate::nulInSan() { - if (isNonOpenSslTls) + if (currentBackend() != TLSBackend::OpenSSL) QSKIP("Generic QSslCertificatePrivate fails this test"); QList<QSslCertificate> certList = @@ -962,7 +983,7 @@ void tst_QSslCertificate::selfsignedCertificates() void tst_QSslCertificate::toText() { - if (isNonOpenSslTls) + if (currentBackend() != TLSBackend::OpenSSL) QSKIP("QSslCertificate::toText is not implemented on platforms which do not use openssl"); QList<QSslCertificate> certList = @@ -1012,7 +1033,7 @@ void tst_QSslCertificate::subjectAndIssuerAttributes() QByteArray shortName("1.3.6.1.4.1.311.60.2.1.3"); #if !defined(QT_NO_OPENSSL) && defined(SN_jurisdictionCountryName) - if (!isNonOpenSslTls) + if (currentBackend() == TLSBackend::OpenSSL) shortName = SN_jurisdictionCountryName; #endif attributes = certList[0].subjectInfoAttributes(); @@ -1021,8 +1042,8 @@ void tst_QSslCertificate::subjectAndIssuerAttributes() void tst_QSslCertificate::verify() { - if (isNonOpenSslTls) - QSKIP("Not implemented in SecureTransport or Schannel"); + if (currentBackend() != TLSBackend::OpenSSL) + QSKIP("Only implemented for OpenSSL"); QList<QSslError> errors; QList<QSslCertificate> toVerify; @@ -1363,9 +1384,8 @@ void tst_QSslCertificate::pkcs12() return; } -#if !defined(QT_NO_OPENSSL) && OPENSSL_VERSION_MAJOR >= 3 - QSKIP("leaf.p12 is using RC2, which is disabled by default in OpenSSL v >= 3"); -#endif + if (currentBackend() == TLSBackend::OpenSSL && QSslSocket::sslLibraryVersionNumber() >= 0x30000000L) + QSKIP("leaf.p12 is using RC2, which is disabled by default in OpenSSL v >= 3"); QFile f(testDataDir + QLatin1String("pkcs12/leaf.p12")); bool ok = f.open(QIODevice::ReadOnly); @@ -1375,8 +1395,8 @@ void tst_QSslCertificate::pkcs12() QSslCertificate cert; QList<QSslCertificate> caCerts; - if (isNonOpenSslTls) - QEXPECT_FAIL("", "pkcs12 imports are only supported when openssl is used", Abort); // TODO? + if (currentBackend() != TLSBackend::OpenSSL) + QEXPECT_FAIL("", "pkcs12 imports are not available with the current TLS backend", Abort); // TODO? ok = QSslCertificate::importPkcs12(&f, &key, &cert, &caCerts); QVERIFY(ok); @@ -1408,7 +1428,8 @@ void tst_QSslCertificate::pkcs12() QFile nocert(testDataDir + QLatin1String("pkcs12/leaf-nokey.p12")); ok = nocert.open(QIODevice::ReadOnly); QVERIFY(ok); - QTest::ignoreMessage(QtWarningMsg, "Unable to convert private key"); + if (currentBackend() == TLSBackend::OpenSSL) + QTest::ignoreMessage(QtWarningMsg, "Unable to convert private key"); ok = QSslCertificate::importPkcs12(&nocert, &key, &cert, &caCerts); QVERIFY(!ok); nocert.close(); |