diff options
author | Brendan Long <b.long@cablelabs.com> | 2012-08-16 17:14:04 -0600 |
---|---|---|
committer | Qt by Nokia <qt-info@nokia.com> | 2012-08-29 14:22:54 +0200 |
commit | 860f95946bc6965317ad226ff83ee00ef13b7812 (patch) | |
tree | 3821ee0a62431dc357410a1c9f9a9248343964f4 /tests | |
parent | a135d87a0f8ec24445e13fb54f4316e4ca7473be (diff) |
Add support for explicit TLS 1.1 and 1.2
Add SslProtocol enums TlsV1_1 and TlsV1_2 and use the appropriate OpenSSL
methods when they're selected (TLSv1_1_client_method, TLSv1_2_client_method,
TLSv1_1_server_method and TLSv1_2_server_method). This allows us to
explicitly use TLS 1.1 or 1.2.
Task-number: QTBUG-26866
Change-Id: I159da548546fa746c20e9e96bc0e5b785e4e761b
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp | 44 |
1 files changed, 39 insertions, 5 deletions
diff --git a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp index 725dc2a653..350d4c457e 100644 --- a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp +++ b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp @@ -808,7 +808,7 @@ void tst_QSslSocket::protocol() QCOMPARE(socket->protocol(), QSsl::SecureProtocols); { - // Fluke allows SSLv3. + // qt-test-server allows SSLv3. socket->setProtocol(QSsl::SslV3); QCOMPARE(socket->protocol(), QSsl::SslV3); socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443); @@ -824,7 +824,7 @@ void tst_QSslSocket::protocol() socket->abort(); } { - // Fluke allows TLSV1. + // qt-test-server allows TLSV1. socket->setProtocol(QSsl::TlsV1_0); QCOMPARE(socket->protocol(), QSsl::TlsV1_0); socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443); @@ -839,9 +839,43 @@ void tst_QSslSocket::protocol() QCOMPARE(socket->protocol(), QSsl::TlsV1_0); socket->abort(); } +#if OPENSSL_VERSION_NUMBER >= 0x10001000L + { + // qt-test-server probably doesn't allow TLSV1.1 + socket->setProtocol(QSsl::TlsV1_1); + QCOMPARE(socket->protocol(), QSsl::TlsV1_1); + socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443); + QVERIFY2(socket->waitForEncrypted(), qPrintable(socket->errorString())); + QCOMPARE(socket->protocol(), QSsl::TlsV1_1); + socket->abort(); + QCOMPARE(socket->protocol(), QSsl::TlsV1_1); + socket->connectToHost(QtNetworkSettings::serverName(), 443); + QVERIFY2(socket->waitForConnected(), qPrintable(socket->errorString())); + socket->startClientEncryption(); + QVERIFY2(socket->waitForEncrypted(), qPrintable(socket->errorString())); + QCOMPARE(socket->protocol(), QSsl::TlsV1_1); + socket->abort(); + } + { + // qt-test-server probably doesn't allows TLSV1.2 + socket->setProtocol(QSsl::TlsV1_2); + QCOMPARE(socket->protocol(), QSsl::TlsV1_2); + socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443); + QVERIFY2(socket->waitForEncrypted(), qPrintable(socket->errorString())); + QCOMPARE(socket->protocol(), QSsl::TlsV1_2); + socket->abort(); + QCOMPARE(socket->protocol(), QSsl::TlsV1_2); + socket->connectToHost(QtNetworkSettings::serverName(), 443); + QVERIFY2(socket->waitForConnected(), qPrintable(socket->errorString())); + socket->startClientEncryption(); + QVERIFY2(socket->waitForEncrypted(), qPrintable(socket->errorString())); + QCOMPARE(socket->protocol(), QSsl::TlsV1_2); + socket->abort(); + } +#endif #ifndef OPENSSL_NO_SSL2 { - // Fluke allows SSLV2. + // qt-test-server allows SSLV2. socket->setProtocol(QSsl::SslV2); QCOMPARE(socket->protocol(), QSsl::SslV2); socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443); @@ -857,7 +891,7 @@ void tst_QSslSocket::protocol() } #endif { - // Fluke allows SSLV3, so it allows AnyProtocol. + // qt-test-server allows SSLV3, so it allows AnyProtocol. socket->setProtocol(QSsl::AnyProtocol); QCOMPARE(socket->protocol(), QSsl::AnyProtocol); socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443); @@ -873,7 +907,7 @@ void tst_QSslSocket::protocol() socket->abort(); } { - // Fluke allows SSLV3, so it allows NoSslV2 + // qt-test-server allows SSLV3, so it allows NoSslV2 socket->setProtocol(QSsl::TlsV1SslV3); QCOMPARE(socket->protocol(), QSsl::TlsV1SslV3); socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443); |