Add support for explicit TLS 1.1 and 1.2

Add SslProtocol enums TlsV1_1 and TlsV1_2 and use the appropriate OpenSSL methods when they're selected (TLSv1_1_client_method, TLSv1_2_client_method, TLSv1_1_server_method and TLSv1_2_server_method). This allows us to explicitly use TLS 1.1 or 1.2. Task-number: QTBUG-26866 Change-Id: I159da548546fa746c20e9e96bc0e5b785e4e761b Reviewed-by: Richard J. Moore <rich@kde.org> Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
author: Brendan Long <b.long@cablelabs.com> 2012-08-16 17:14:04 -0600
committer: Qt by Nokia <qt-info@nokia.com> 2012-08-29 14:22:54 +0200
commit: 860f95946bc6965317ad226ff83ee00ef13b7812 (patch)
tree: 3821ee0a62431dc357410a1c9f9a9248343964f4 /tests
parent: a135d87a0f8ec24445e13fb54f4316e4ca7473be (diff)
1 files changed, 39 insertions, 5 deletions
diff --git a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp
index 725dc2a653..350d4c457e 100644
--- a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp
+++ b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp
@@ -808,7 +808,7 @@ void tst_QSslSocket::protocol()
 
     QCOMPARE(socket->protocol(), QSsl::SecureProtocols);
     {
-        // Fluke allows SSLv3.
+        // qt-test-server allows SSLv3.
         socket->setProtocol(QSsl::SslV3);
         QCOMPARE(socket->protocol(), QSsl::SslV3);
         socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443);
@@ -824,7 +824,7 @@ void tst_QSslSocket::protocol()
         socket->abort();
     }
     {
-        // Fluke allows TLSV1.
+        // qt-test-server allows TLSV1.
         socket->setProtocol(QSsl::TlsV1_0);
         QCOMPARE(socket->protocol(), QSsl::TlsV1_0);
         socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443);
@@ -839,9 +839,43 @@ void tst_QSslSocket::protocol()
         QCOMPARE(socket->protocol(), QSsl::TlsV1_0);
         socket->abort();
     }
+#if OPENSSL_VERSION_NUMBER >= 0x10001000L
+    {
+        // qt-test-server probably doesn't allow TLSV1.1
+        socket->setProtocol(QSsl::TlsV1_1);
+        QCOMPARE(socket->protocol(), QSsl::TlsV1_1);
+        socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443);
+        QVERIFY2(socket->waitForEncrypted(), qPrintable(socket->errorString()));
+        QCOMPARE(socket->protocol(), QSsl::TlsV1_1);
+        socket->abort();
+        QCOMPARE(socket->protocol(), QSsl::TlsV1_1);
+        socket->connectToHost(QtNetworkSettings::serverName(), 443);
+        QVERIFY2(socket->waitForConnected(), qPrintable(socket->errorString()));
+        socket->startClientEncryption();
+        QVERIFY2(socket->waitForEncrypted(), qPrintable(socket->errorString()));
+        QCOMPARE(socket->protocol(), QSsl::TlsV1_1);
+        socket->abort();
+    }
+    {
+        // qt-test-server probably doesn't allows TLSV1.2
+        socket->setProtocol(QSsl::TlsV1_2);
+        QCOMPARE(socket->protocol(), QSsl::TlsV1_2);
+        socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443);
+        QVERIFY2(socket->waitForEncrypted(), qPrintable(socket->errorString()));
+        QCOMPARE(socket->protocol(), QSsl::TlsV1_2);
+        socket->abort();
+        QCOMPARE(socket->protocol(), QSsl::TlsV1_2);
+        socket->connectToHost(QtNetworkSettings::serverName(), 443);
+        QVERIFY2(socket->waitForConnected(), qPrintable(socket->errorString()));
+        socket->startClientEncryption();
+        QVERIFY2(socket->waitForEncrypted(), qPrintable(socket->errorString()));
+        QCOMPARE(socket->protocol(), QSsl::TlsV1_2);
+        socket->abort();
+    }
+#endif
 #ifndef OPENSSL_NO_SSL2
     {
-        // Fluke allows SSLV2.
+        // qt-test-server allows SSLV2.
         socket->setProtocol(QSsl::SslV2);
         QCOMPARE(socket->protocol(), QSsl::SslV2);
         socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443);
@@ -857,7 +891,7 @@ void tst_QSslSocket::protocol()
     }
 #endif
     {
-        // Fluke allows SSLV3, so it allows AnyProtocol.
+        // qt-test-server allows SSLV3, so it allows AnyProtocol.
         socket->setProtocol(QSsl::AnyProtocol);
         QCOMPARE(socket->protocol(), QSsl::AnyProtocol);
         socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443);
@@ -873,7 +907,7 @@ void tst_QSslSocket::protocol()
         socket->abort();
     }
     {
-        // Fluke allows SSLV3, so it allows NoSslV2
+        // qt-test-server allows SSLV3, so it allows NoSslV2
         socket->setProtocol(QSsl::TlsV1SslV3);
         QCOMPARE(socket->protocol(), QSsl::TlsV1SslV3);
         socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443);
author	Brendan Long <b.long@cablelabs.com>	2012-08-16 17:14:04 -0600
committer	Qt by Nokia <qt-info@nokia.com>	2012-08-29 14:22:54 +0200
commit	860f95946bc6965317ad226ff83ee00ef13b7812 (patch)
tree	3821ee0a62431dc357410a1c9f9a9248343964f4 /tests
parent	a135d87a0f8ec24445e13fb54f4316e4ca7473be (diff)