tst_QSslCertificate: Make it easier to check which backend is used

Instead of having one member signaling !openssl let's just add booleans for openssl, schannel and securetransport. The latter two of which are not currently used but may be in the future. As a drive-by, make a compile-time check into a runtime one. Change-Id: Id2f51f5396383a3f5836ac708996bfce8ae35c91 Reviewed-by: Konrad Kujawa <konrad.kujawa@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
author: Mårten Nordheim <marten.nordheim@qt.io> 2023-04-21 16:34:23 +0200
committer: Mårten Nordheim <marten.nordheim@qt.io> 2023-04-25 23:39:24 +0200
commit: 825a37da66ac45f0a5589100197146b083a2dbb7 (patch)
tree: 5a4994e3ac34fa08ef43c989f55144d3d90f7614
parent: 15dab565d071455ef08d6bf4ad4980f726df1cfa (diff)
1 files changed, 40 insertions, 19 deletions
diff --git a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp
index 89499e8291..282bec95ef 100644
--- a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp
+++ b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp
@@ -102,7 +102,31 @@ private slots:
 #endif // QT_CONFIG(ssl)
 private:
     QString testDataDir;
-    bool isNonOpenSslTls = false;
+
+    enum class TLSBackend {
+        OpenSSL,
+        Schannel,
+        SecureTransport,
+        CertOnly,
+        Unknown,
+    };
+    static TLSBackend currentBackend()
+    {
+        static TLSBackend activeBackend = []() {
+            using namespace Qt::StringLiterals;
+            const QString active = QSslSocket::activeBackend();
+            if (active == "openssl"_L1)
+                return TLSBackend::OpenSSL;
+            if (active == "schannel")
+                return TLSBackend::Schannel;
+            if (active == "securetransport")
+                return TLSBackend::SecureTransport;
+            if (active == "cert-only")
+                return TLSBackend::CertOnly;
+            return TLSBackend::Unknown;
+        }();
+        return activeBackend;
+    }
 };
 
 void tst_QSslCertificate::initTestCase()
@@ -113,8 +137,6 @@ void tst_QSslCertificate::initTestCase()
     if (!testDataDir.endsWith(QLatin1String("/")))
         testDataDir += QLatin1String("/");
 
-    isNonOpenSslTls = QSslSocket::activeBackend() != QStringLiteral("openssl");
-
     QDir dir(testDataDir + "certificates");
     QFileInfoList fileInfoList = dir.entryInfoList(QDir::Files | QDir::Readable);
     QRegularExpression rxCert(QLatin1String("^.+\\.(pem|der)$"));
@@ -451,7 +473,7 @@ void tst_QSslCertificate::subjectInfoToString()
     QVERIFY(testInfo(QSslCertificate::DistinguishedNameQualifier, QString()));
     QVERIFY(testInfo(QSslCertificate::SerialNumber, QString()));
     // TODO: check why generic code does not handle this!
-    if (!isNonOpenSslTls)
+    if (currentBackend() == TLSBackend::OpenSSL)
         QVERIFY(testInfo(QSslCertificate::EmailAddress, QStringLiteral("ababic@trolltech.com")));
 }
 
@@ -463,9 +485,8 @@ void tst_QSslCertificate::subjectIssuerDisplayName_data()
     QTest::addRow("CommonName") << QStringLiteral("more-certificates/cert-cn.pem") << QStringLiteral("YOUR name");
     QTest::addRow("OrganizationName") << QStringLiteral("more-certificates/cert-on.pem") << QStringLiteral("R&D");
     QTest::addRow("OrganizationUnitName") << QStringLiteral("more-certificates/cert-oun.pem") << QStringLiteral("Foundations");
-#ifndef QT_NO_OPENSSL
-    QTest::addRow("NoSubjectName") << QStringLiteral("more-certificates/cert-noname.pem") << QString();
-#endif
+    if (currentBackend() == TLSBackend::OpenSSL)
+        QTest::addRow("NoSubjectName") << QStringLiteral("more-certificates/cert-noname.pem") << QString();
 }
 
 void tst_QSslCertificate::subjectIssuerDisplayName()
@@ -875,7 +896,7 @@ void tst_QSslCertificate::task256066toPem()
 
 void tst_QSslCertificate::nulInCN()
 {
-    if (isNonOpenSslTls)
+    if (currentBackend() != TLSBackend::OpenSSL)
         QSKIP("Generic QSslCertificatePrivate fails this test");
 
     QList<QSslCertificate> certList =
@@ -895,7 +916,7 @@ void tst_QSslCertificate::nulInCN()
 void tst_QSslCertificate::nulInSan()
 {
 
-    if (isNonOpenSslTls)
+    if (currentBackend() != TLSBackend::OpenSSL)
         QSKIP("Generic QSslCertificatePrivate fails this test");
 
     QList<QSslCertificate> certList =
@@ -962,7 +983,7 @@ void tst_QSslCertificate::selfsignedCertificates()
 
 void tst_QSslCertificate::toText()
 {
-    if (isNonOpenSslTls)
+    if (currentBackend() != TLSBackend::OpenSSL)
         QSKIP("QSslCertificate::toText is not implemented on platforms which do not use openssl");
 
     QList<QSslCertificate> certList =
@@ -1012,7 +1033,7 @@ void tst_QSslCertificate::subjectAndIssuerAttributes()
 
     QByteArray shortName("1.3.6.1.4.1.311.60.2.1.3");
 #if !defined(QT_NO_OPENSSL) && defined(SN_jurisdictionCountryName)
-    if (!isNonOpenSslTls)
+    if (currentBackend() == TLSBackend::OpenSSL)
         shortName = SN_jurisdictionCountryName;
 #endif
     attributes = certList[0].subjectInfoAttributes();
@@ -1021,8 +1042,8 @@ void tst_QSslCertificate::subjectAndIssuerAttributes()
 
 void tst_QSslCertificate::verify()
 {
-    if (isNonOpenSslTls)
-        QSKIP("Not implemented in SecureTransport or Schannel");
+    if (currentBackend() != TLSBackend::OpenSSL)
+        QSKIP("Only implemented for OpenSSL");
 
     QList<QSslError> errors;
     QList<QSslCertificate> toVerify;
@@ -1363,9 +1384,8 @@ void tst_QSslCertificate::pkcs12()
         return;
     }
 
-#if !defined(QT_NO_OPENSSL) && OPENSSL_VERSION_MAJOR >= 3
-    QSKIP("leaf.p12 is using RC2, which is disabled by default in OpenSSL v >= 3");
-#endif
+    if (currentBackend() == TLSBackend::OpenSSL && QSslSocket::sslLibraryVersionNumber() >= 0x30000000L)
+        QSKIP("leaf.p12 is using RC2, which is disabled by default in OpenSSL v >= 3");
 
     QFile f(testDataDir + QLatin1String("pkcs12/leaf.p12"));
     bool ok = f.open(QIODevice::ReadOnly);
@@ -1375,8 +1395,8 @@ void tst_QSslCertificate::pkcs12()
     QSslCertificate cert;
     QList<QSslCertificate> caCerts;
 
-    if (isNonOpenSslTls)
-        QEXPECT_FAIL("", "pkcs12 imports are only supported when openssl is used", Abort); // TODO?
+    if (currentBackend() != TLSBackend::OpenSSL)
+        QEXPECT_FAIL("", "pkcs12 imports are not available with the current TLS backend", Abort); // TODO?
 
     ok = QSslCertificate::importPkcs12(&f, &key, &cert, &caCerts);
     QVERIFY(ok);
@@ -1408,7 +1428,8 @@ void tst_QSslCertificate::pkcs12()
     QFile nocert(testDataDir + QLatin1String("pkcs12/leaf-nokey.p12"));
     ok = nocert.open(QIODevice::ReadOnly);
     QVERIFY(ok);
-    QTest::ignoreMessage(QtWarningMsg, "Unable to convert private key");
+    if (currentBackend() == TLSBackend::OpenSSL)
+        QTest::ignoreMessage(QtWarningMsg, "Unable to convert private key");
     ok = QSslCertificate::importPkcs12(&nocert, &key, &cert, &caCerts);
     QVERIFY(!ok);
     nocert.close();
author	Mårten Nordheim <marten.nordheim@qt.io>	2023-04-21 16:34:23 +0200
committer	Mårten Nordheim <marten.nordheim@qt.io>	2023-04-25 23:39:24 +0200
commit	825a37da66ac45f0a5589100197146b083a2dbb7 (patch)
tree	5a4994e3ac34fa08ef43c989f55144d3d90f7614
parent	15dab565d071455ef08d6bf4ad4980f726df1cfa (diff)