diff options
| author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-04-09 15:46:21 +0200 |
|---|---|---|
| committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-04-11 12:10:01 +0000 |
| commit | e3cea2a7b9f8b689dec559898435dff0df65a323 (patch) | |
| tree | 0bd2632b66e3e6721fa0ff1c09cd4d2f49340c27 /tests/auto/network/ssl | |
| parent | 4b6542c9ffa59eba6e82c0ecbb04dab361e3632f (diff) | |
QSslSocket (OpenSSL 1.1) - respect requested protocol version
Properly handle single protocol TLS configurations. Previously,
due to the use of generic (non version-specific) client/server method
they worked as ranges of protocols instead. This also fixes a couple
of previously broken tests.
Task-number: QTBUG-67584
Change-Id: Ied23113a4fab6b407a34c953e3bd33eab153bb67
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Diffstat (limited to 'tests/auto/network/ssl')
| -rw-r--r-- | tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp | 14 |
1 files changed, 4 insertions, 10 deletions
diff --git a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp index 1332b369e7..bb01116240 100644 --- a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp +++ b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp @@ -1188,13 +1188,7 @@ void tst_QSslSocket::protocolServerSide_data() #if !defined(OPENSSL_NO_SSL2) // OpenSSL 1.1 has removed SSL2 support. But there is no OPENSSL_NO_SSL2 macro ... #define OPENSSL_NO_SSL2 -#endif - // A client using our OpenSSL1.1 backend will negotiate up from TLS 1.0 or 1.1 - // to TLS 1.2 if the server asks for it, where our older backend fails to compromise. - // So some tests that fail for the old pass with the new. - const bool willUseTLS12 = true; -#else - const bool willUseTLS12 = false; +#endif // OPENSSL_NO_SSL2 #endif // opensslv11 #if !defined(OPENSSL_NO_SSL2) && !defined(QT_SECURETRANSPORT) @@ -1290,7 +1284,7 @@ void tst_QSslSocket::protocolServerSide_data() QTest::newRow("tls1.1orlater-ssl3") << QSsl::TlsV1_1OrLater << QSsl::SslV3 << false; #endif - QTest::newRow("tls1.1orlater-tls1.0") << QSsl::TlsV1_1OrLater << QSsl::TlsV1_0 << willUseTLS12; + QTest::newRow("tls1.1orlater-tls1.0") << QSsl::TlsV1_1OrLater << QSsl::TlsV1_0 << false; QTest::newRow("tls1.1orlater-tls1.1") << QSsl::TlsV1_1OrLater << QSsl::TlsV1_1 << true; QTest::newRow("tls1.1orlater-tls1.2") << QSsl::TlsV1_1OrLater << QSsl::TlsV1_2 << true; @@ -1300,8 +1294,8 @@ void tst_QSslSocket::protocolServerSide_data() #if !defined(OPENSSL_NO_SSL3) QTest::newRow("tls1.2orlater-ssl3") << QSsl::TlsV1_2OrLater << QSsl::SslV3 << false; #endif - QTest::newRow("tls1.2orlater-tls1.0") << QSsl::TlsV1_2OrLater << QSsl::TlsV1_0 << willUseTLS12; - QTest::newRow("tls1.2orlater-tls1.1") << QSsl::TlsV1_2OrLater << QSsl::TlsV1_1 << willUseTLS12; + QTest::newRow("tls1.2orlater-tls1.0") << QSsl::TlsV1_2OrLater << QSsl::TlsV1_0 << false; + QTest::newRow("tls1.2orlater-tls1.1") << QSsl::TlsV1_2OrLater << QSsl::TlsV1_1 << false; QTest::newRow("tls1.2orlater-tls1.2") << QSsl::TlsV1_2OrLater << QSsl::TlsV1_2 << true; QTest::newRow("any-tls1.0") << QSsl::AnyProtocol << QSsl::TlsV1_0 << true; |