diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-07-31 10:43:00 +0200 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-07-31 11:20:53 +0000 |
commit | 5c7d2033e07ea1d5d4540a0917cc0994a8656199 (patch) | |
tree | 5cd2f8c5be6341124e3d43f50b993bc44bf4e4a7 /tests/auto/network | |
parent | 10f254b234c7c13c0e528f574d075d88b3d72135 (diff) |
QDtls: respect pre-set verification errors
That's actually how ignoreVerificationErrors (and QSslSocket::ignoreSslErrors)
are used to set the expected/known verification errors before handshake.
Auto-test updated too.
Change-Id: I9c700302d81ddb383a4a750fafd594373fb38ace
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Diffstat (limited to 'tests/auto/network')
-rw-r--r-- | tests/auto/network/ssl/qdtls/tst_qdtls.cpp | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/tests/auto/network/ssl/qdtls/tst_qdtls.cpp b/tests/auto/network/ssl/qdtls/tst_qdtls.cpp index 571d341126..60ab87d6f2 100644 --- a/tests/auto/network/ssl/qdtls/tst_qdtls.cpp +++ b/tests/auto/network/ssl/qdtls/tst_qdtls.cpp @@ -41,6 +41,7 @@ #include <QtCore/qcryptographichash.h> #include <QtCore/qbytearray.h> +#include <QtCore/qvector.h> #include <QtCore/qstring.h> #include <QtCore/qobject.h> @@ -99,6 +100,7 @@ private slots: void protocolVersionMatching(); void verificationErrors_data(); void verificationErrors(); + void ignoreExpectedErrors(); void verifyServerCertificate_data(); void verifyServerCertificate(); void verifyClientCertificate_data(); @@ -685,6 +687,31 @@ void tst_QDtls::verificationErrors() } } +void tst_QDtls::ignoreExpectedErrors() +{ + connectHandshakeReadingSlots(); + + auto serverConfig = defaultServerConfig; + serverConfig.setPrivateKey(serverKeySS); + serverConfig.setLocalCertificate(selfSignedCert); + QVERIFY(serverCrypto->setDtlsConfiguration(serverConfig)); + + const QVector<QSslError> expectedErrors = {{QSslError::HostNameMismatch, selfSignedCert}, + {QSslError::SelfSignedCertificate, selfSignedCert}}; + + clientCrypto->ignoreVerificationErrors(expectedErrors); + QVERIFY(clientCrypto->setPeer(serverAddress, serverPort)); + QVERIFY(clientCrypto->doHandshake(&clientSocket)); + + testLoop.enterLoopMSecs(handshakeTimeoutMS); + + QVERIFY(!testLoop.timeout()); + + QDTLS_VERIFY_HANDSHAKE_SUCCESS(serverCrypto); + QCOMPARE(clientCrypto->handshakeState(), QDtls::HandshakeComplete); + QVERIFY(clientCrypto->isConnectionEncrypted()); +} + void tst_QDtls::verifyServerCertificate_data() { QTest::addColumn<QSslSocket::PeerVerifyMode>("verifyMode"); |