diff options
author | Peter Hartmann <peter-qt@hartmann.tk> | 2015-02-05 14:05:21 +0100 |
---|---|---|
committer | Peter Hartmann <peter-qt@hartmann.tk> | 2015-02-05 14:07:19 +0000 |
commit | 3c24dddaf963026c6e3cd90dd7d538dfa8044c83 (patch) | |
tree | 3756fa437205bb55b9d3ce1df7171fb1d9d7ffe5 /tests/manual | |
parent | 239f67f158c55d3eb88348a53b87fa272402c733 (diff) |
SSL NPN negotiation: Do not abort on unmatched protocols
... but choose HTTP/1.1 and continue connecting anyhow. According to
the NPN spec, actually we should choose SPDY:
"In the event that the client doesn't support any of server's protocols,
or the server doesn't advertise any, it SHOULD select the first protocol
that it supports."
However, some tested servers did not advertise anything and did not
support SPDY, so blindly trying the newest protocol would fail. We are
conservative in that case and choose HTTP.
Task-number: QTBUG-40714
Change-Id: Ia8aaf01fea74e13d9e4416306f85f1890b25559e
Reviewed-by: Richard J. Moore <rich@kde.org>
Diffstat (limited to 'tests/manual')
-rw-r--r-- | tests/manual/qnetworkreply/main.cpp | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/tests/manual/qnetworkreply/main.cpp b/tests/manual/qnetworkreply/main.cpp index 9d199c3755..08a9df1144 100644 --- a/tests/manual/qnetworkreply/main.cpp +++ b/tests/manual/qnetworkreply/main.cpp @@ -69,6 +69,7 @@ private slots: void proxyAuthentication_data(); void proxyAuthentication(); void authentication(); + void npnWithEmptyList(); // QTBUG-40714 protected slots: void spdyReplyFinished(); // only used by spdyMultipleRequestsPerHost test @@ -577,6 +578,34 @@ void tst_qnetworkreply::authentication() QVERIFY(statusCode >= 200 && statusCode < 400); } +void tst_qnetworkreply::npnWithEmptyList() // QTBUG-40714 +{ +#if defined(QT_BUILD_INTERNAL) && !defined(QT_NO_SSL) && OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) + + // The server does not send a list of Next Protocols, so we test + // that we continue anyhow and it works + + m_manager.clearAccessCache(); + + QUrl url(QStringLiteral("https://www.ossifrage.net/")); + QNetworkRequest request(url); + request.setAttribute(QNetworkRequest::SpdyAllowedAttribute, QVariant(true)); + QNetworkReply *reply = m_manager.get(request); + QObject::connect(reply, SIGNAL(finished()), &QTestEventLoop::instance(), SLOT(exitLoop())); + + QTestEventLoop::instance().enterLoop(15); + QVERIFY(!QTestEventLoop::instance().timeout()); + + int statusCode = reply->attribute(QNetworkRequest::HttpStatusCodeAttribute).toInt(); + QVERIFY(statusCode == 200); + + QCOMPARE(reply->sslConfiguration().nextProtocolNegotiationStatus(), + QSslConfiguration::NextProtocolNegotiationUnsupported); +#else + QSKIP("Qt built withouth OpenSSL, or the OpenSSL version is too old"); +#endif // defined(QT_BUILD_INTERNAL) && !defined(QT_NO_SSL) ... +} + QTEST_MAIN(tst_qnetworkreply) #include "main.moc" |