diff options
Diffstat (limited to 'tests/auto/network/ssl/qdtls/tst_qdtls.cpp')
| -rw-r--r-- | tests/auto/network/ssl/qdtls/tst_qdtls.cpp | 129 |
1 files changed, 73 insertions, 56 deletions
diff --git a/tests/auto/network/ssl/qdtls/tst_qdtls.cpp b/tests/auto/network/ssl/qdtls/tst_qdtls.cpp index 0607a4b656..372ee3a181 100644 --- a/tests/auto/network/ssl/qdtls/tst_qdtls.cpp +++ b/tests/auto/network/ssl/qdtls/tst_qdtls.cpp @@ -1,32 +1,8 @@ -/**************************************************************************** -** -** Copyright (C) 2018 The Qt Company Ltd. -** Contact: https://www.qt.io/licensing/ -** -** This file is part of the test suite of the Qt Toolkit. -** -** $QT_BEGIN_LICENSE:GPL-EXCEPT$ -** Commercial License Usage -** Licensees holding valid commercial Qt licenses may use this file in -** accordance with the commercial license agreement provided with the -** Software or, alternatively, in accordance with the terms contained in -** a written agreement between you and The Qt Company. For licensing terms -** and conditions see https://www.qt.io/terms-conditions. For further -** information use the contact form at https://www.qt.io/contact-us. -** -** GNU General Public License Usage -** Alternatively, this file may be used under the terms of the GNU -** General Public License version 3 as published by the Free Software -** Foundation with exceptions as appearing in the file LICENSE.GPL3-EXCEPT -** included in the packaging of this file. Please review the following -** information to ensure the GNU General Public License requirements will -** be met: https://www.gnu.org/licenses/gpl-3.0.html. -** -** $QT_END_LICENSE$ -** -****************************************************************************/ - -#include <QtTest/QtTest> +// Copyright (C) 2021 The Qt Company Ltd. +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only + +#include <QTest> +#include <QTestEventLoop> #include <QtNetwork/qsslpresharedkeyauthenticator.h> #include <QtNetwork/qsslconfiguration.h> @@ -39,14 +15,19 @@ #include <QtNetwork/qdtls.h> #include <QtNetwork/qssl.h> -#include <QtCore/qbytearray.h> #include <QtCore/qcryptographichash.h> -#include <QtCore/qlist.h> +#include <QtCore/qscopeguard.h> +#include <QtCore/qbytearray.h> #include <QtCore/qobject.h> #include <QtCore/qstring.h> +#include <QtCore/qlist.h> + +#include "../shared/tlshelpers.h" #include <algorithm> +using namespace std::chrono_literals; + QT_BEGIN_NAMESPACE namespace @@ -148,8 +129,8 @@ private: DtlsPtr clientCrypto; QTestEventLoop testLoop; - const int handshakeTimeoutMS = 5000; - const int dataExchangeTimeoutMS = 1000; + static constexpr auto HandshakeTimeout = 5s; + static constexpr auto DataExchangeTimeout = 1s; const QByteArray presharedKey = "DEADBEEFDEADBEEF"; QString certDirPath; @@ -165,8 +146,13 @@ Q_DECLARE_METATYPE(QSslKey) QT_BEGIN_NAMESPACE +void qt_ForceTlsSecurityLevel(); + void tst_QDtls::initTestCase() { + if (!TlsAux::classImplemented(QSsl::ImplementedClass::Dtls)) + QSKIP("The active TLS backend does not support DTLS"); + certDirPath = QFileInfo(QFINDTESTDATA("certs")).absolutePath(); QVERIFY(certDirPath.size() > 0); certDirPath += QDir::separator() + QStringLiteral("certs") + QDir::separator(); @@ -188,6 +174,8 @@ void tst_QDtls::initTestCase() defaultServerConfig.setDtlsCookieVerificationEnabled(false); hostName = QStringLiteral("bob.org"); + + qt_ForceTlsSecurityLevel(); } void tst_QDtls::init() @@ -284,7 +272,7 @@ void tst_QDtls::configuration() QFETCH(const QSslSocket::SslMode, mode); QDtls dtls(mode); QCOMPARE(dtls.dtlsConfiguration(), config); - config.setProtocol(QSsl::DtlsV1_0OrLater); + config.setProtocol(QSsl::DtlsV1_2); config.setDtlsCookieVerificationEnabled(false); QCOMPARE(config.dtlsCookieVerificationEnabled(), false); @@ -308,6 +296,19 @@ void tst_QDtls::configuration() QCOMPARE(dtls.dtlsError(), QDtlsError::InvalidOperation); QCOMPARE(dtls.dtlsConfiguration(), config); } + + static bool doneAlready = false; + if (!doneAlready) { + doneAlready = true; + QSslConfiguration nullConfig; + const auto defaultDtlsConfig = QSslConfiguration::defaultDtlsConfiguration(); + const auto restoreDefault = qScopeGuard([&defaultDtlsConfig] { + QSslConfiguration::setDefaultDtlsConfiguration(defaultDtlsConfig); + }); + QSslConfiguration::setDefaultDtlsConfiguration(nullConfig); + QCOMPARE(QSslConfiguration::defaultDtlsConfiguration(), nullConfig); + QVERIFY(QSslConfiguration::defaultDtlsConfiguration() != defaultDtlsConfig); + } } void tst_QDtls::invalidConfiguration() @@ -414,7 +415,7 @@ void tst_QDtls::handshake() QDTLS_VERIFY_NO_ERROR(clientCrypto); QCOMPARE(clientCrypto->handshakeState(), QDtls::HandshakeInProgress); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); @@ -474,7 +475,7 @@ void tst_QDtls::handshakeWithRetransmission() // client will re-transmit in 1s., the first part of 'ServerHello' to be // dropped, the client then will re-transmit after another 2 s. Thus it's ~3. // We err on safe side and double our (already quite generous) 5s. - testLoop.enterLoopMSecs(handshakeTimeoutMS * 2); + testLoop.enterLoop(HandshakeTimeout * 2); QVERIFY(!testLoop.timeout()); QDTLS_VERIFY_HANDSHAKE_SUCCESS(serverCrypto); @@ -497,7 +498,7 @@ void tst_QDtls::sessionCipher() QVERIFY(clientCrypto->setPeer(serverAddress, serverPort, hostName)); QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QDTLS_VERIFY_HANDSHAKE_SUCCESS(clientCrypto); @@ -560,7 +561,7 @@ void tst_QDtls::cipherPreferences() QVERIFY(clientCrypto->doHandshake(&clientSocket)); QDTLS_VERIFY_NO_ERROR(clientCrypto); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QDTLS_VERIFY_HANDSHAKE_SUCCESS(clientCrypto); QDTLS_VERIFY_HANDSHAKE_SUCCESS(serverCrypto); @@ -580,20 +581,36 @@ void tst_QDtls::protocolVersionMatching_data() QTest::addColumn<QSsl::SslProtocol>("clientProtocol"); QTest::addColumn<bool>("works"); - QTest::addRow("DtlsV1_0 <-> DtlsV1_0") << QSsl::DtlsV1_0 << QSsl::DtlsV1_0 << true; - QTest::addRow("DtlsV1_0OrLater <-> DtlsV1_0") << QSsl::DtlsV1_0OrLater << QSsl::DtlsV1_0 << true; - QTest::addRow("DtlsV1_0 <-> DtlsV1_0OrLater") << QSsl::DtlsV1_0 << QSsl::DtlsV1_0OrLater << true; - QTest::addRow("DtlsV1_0OrLater <-> DtlsV1_0OrLater") << QSsl::DtlsV1_0OrLater << QSsl::DtlsV1_0OrLater << true; + //OPENSSL_VERSION_NUMBER : + //(OPENSSL_VERSION_MAJOR<<28) | (OPENSSL_VERSION_MINOR<<20) | (OPENSSL_VERSION_PATCH<<4) + const long ossl311 = 0x30100010; + + if (QSslSocket::sslLibraryVersionNumber() < ossl311) { +#if QT_DEPRECATED_SINCE(6, 3) +QT_WARNING_PUSH QT_WARNING_DISABLE_DEPRECATED + QTest::addRow("DtlsV1_0 <-> DtlsV1_0") << QSsl::DtlsV1_0 << QSsl::DtlsV1_0 << true; + QTest::addRow("DtlsV1_0OrLater <-> DtlsV1_0") << QSsl::DtlsV1_0OrLater << QSsl::DtlsV1_0 << true; + QTest::addRow("DtlsV1_0 <-> DtlsV1_0OrLater") << QSsl::DtlsV1_0 << QSsl::DtlsV1_0OrLater << true; + QTest::addRow("DtlsV1_0OrLater <-> DtlsV1_0OrLater") << QSsl::DtlsV1_0OrLater << QSsl::DtlsV1_0OrLater << true; +QT_WARNING_POP +#endif // QT_DEPRECATED_SINCE(6, 3) + } QTest::addRow("DtlsV1_2 <-> DtlsV1_2") << QSsl::DtlsV1_2 << QSsl::DtlsV1_2 << true; QTest::addRow("DtlsV1_2OrLater <-> DtlsV1_2") << QSsl::DtlsV1_2OrLater << QSsl::DtlsV1_2 << true; QTest::addRow("DtlsV1_2 <-> DtlsV1_2OrLater") << QSsl::DtlsV1_2 << QSsl::DtlsV1_2OrLater << true; QTest::addRow("DtlsV1_2OrLater <-> DtlsV1_2OrLater") << QSsl::DtlsV1_2OrLater << QSsl::DtlsV1_2OrLater << true; - QTest::addRow("DtlsV1_0 <-> DtlsV1_2") << QSsl::DtlsV1_0 << QSsl::DtlsV1_2 << false; - QTest::addRow("DtlsV1_0 <-> DtlsV1_2OrLater") << QSsl::DtlsV1_0 << QSsl::DtlsV1_2OrLater << false; - QTest::addRow("DtlsV1_2 <-> DtlsV1_0") << QSsl::DtlsV1_2 << QSsl::DtlsV1_0 << false; - QTest::addRow("DtlsV1_2OrLater <-> DtlsV1_0") << QSsl::DtlsV1_2OrLater << QSsl::DtlsV1_0 << false; + if (QSslSocket::sslLibraryVersionNumber() < ossl311) { +#if QT_DEPRECATED_SINCE(6, 3) +QT_WARNING_PUSH QT_WARNING_DISABLE_DEPRECATED + QTest::addRow("DtlsV1_0 <-> DtlsV1_2") << QSsl::DtlsV1_0 << QSsl::DtlsV1_2 << false; + QTest::addRow("DtlsV1_0 <-> DtlsV1_2OrLater") << QSsl::DtlsV1_0 << QSsl::DtlsV1_2OrLater << false; + QTest::addRow("DtlsV1_2 <-> DtlsV1_0") << QSsl::DtlsV1_2 << QSsl::DtlsV1_0 << false; + QTest::addRow("DtlsV1_2OrLater <-> DtlsV1_0") << QSsl::DtlsV1_2OrLater << QSsl::DtlsV1_0 << false; +QT_WARNING_POP +#endif // QT_DEPRECATED_SINCE(6, 3 + } } void tst_QDtls::protocolVersionMatching() @@ -619,7 +636,7 @@ void tst_QDtls::protocolVersionMatching() QVERIFY(clientCrypto->setPeer(serverAddress, serverPort)); QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); if (works) { QDTLS_VERIFY_HANDSHAKE_SUCCESS(serverCrypto); @@ -654,7 +671,7 @@ void tst_QDtls::verificationErrors() // Now we are ready for handshake: QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QDTLS_VERIFY_NO_ERROR(serverCrypto); @@ -724,7 +741,7 @@ void tst_QDtls::presetExpectedErrors() QVERIFY(clientCrypto->setPeer(serverAddress, serverPort)); QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); @@ -811,7 +828,7 @@ void tst_QDtls::verifyServerCertificate() QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); if (serverKey.isNull() && !serverCerts.isEmpty()) { @@ -941,7 +958,7 @@ void tst_QDtls::verifyClientCertificate() QVERIFY(clientCrypto->doHandshake(&clientSocket)); QDTLS_VERIFY_NO_ERROR(clientCrypto); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); serverConfig = serverCrypto->dtlsConfiguration(); @@ -988,7 +1005,7 @@ void tst_QDtls::blacklistedCerificate() QVERIFY(clientCrypto->setPeer(serverAddress, serverPort, name)); QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QCOMPARE(clientCrypto->handshakeState(), QDtls::PeerVerificationFailed); QCOMPARE(clientCrypto->dtlsError(), QDtlsError::PeerVerificationError); @@ -1040,7 +1057,7 @@ void tst_QDtls::readWriteEncrypted() QCOMPARE(clientCrypto->dtlsError(), QDtlsError::InvalidOperation); // 1.2 Finish the handshake: - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QDTLS_VERIFY_HANDSHAKE_SUCCESS(clientCrypto); @@ -1058,7 +1075,7 @@ void tst_QDtls::readWriteEncrypted() QVERIFY(clientBytesWritten > 0); // 5. Exchange client/server messages: - testLoop.enterLoopMSecs(dataExchangeTimeoutMS); + testLoop.enterLoop(DataExchangeTimeout); QVERIFY(!testLoop.timeout()); QCOMPARE(serverExpectedPlainText, serverReceivedPlainText); @@ -1076,7 +1093,7 @@ void tst_QDtls::readWriteEncrypted() QCOMPARE(crypto->handshakeState(), QDtls::HandshakeNotStarted); QVERIFY(!crypto->isConnectionEncrypted()); // 8. Receive this read notification and handle it: - testLoop.enterLoopMSecs(dataExchangeTimeoutMS); + testLoop.enterLoop(DataExchangeTimeout); QVERIFY(!testLoop.timeout()); DtlsPtr &peerCrypto = serverSideShutdown ? clientCrypto : serverCrypto; @@ -1101,7 +1118,7 @@ void tst_QDtls::datagramFragmentation() QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QDTLS_VERIFY_HANDSHAKE_SUCCESS(clientCrypto); |