diff options
Diffstat (limited to 'tests/auto/network/ssl')
24 files changed, 420 insertions, 229 deletions
diff --git a/tests/auto/network/ssl/qasn1element/CMakeLists.txt b/tests/auto/network/ssl/qasn1element/CMakeLists.txt index 0db03204e0..aa9ff58012 100644 --- a/tests/auto/network/ssl/qasn1element/CMakeLists.txt +++ b/tests/auto/network/ssl/qasn1element/CMakeLists.txt @@ -5,14 +5,9 @@ ##################################################################### add_qt_test(tst_qasn1element - GUI SOURCES tst_qasn1element.cpp - LIBRARIES - Qt::NetworkPrivate PUBLIC_LIBRARIES Qt::Network + Qt::NetworkPrivate ) - -#### Keys ignored in scope 1:.:.:qasn1element.pro:<TRUE>: -# CONFIG = "testcase" diff --git a/tests/auto/network/ssl/qdtls/CMakeLists.txt b/tests/auto/network/ssl/qdtls/CMakeLists.txt index 2618a95cc7..77bf65f199 100644 --- a/tests/auto/network/ssl/qdtls/CMakeLists.txt +++ b/tests/auto/network/ssl/qdtls/CMakeLists.txt @@ -8,19 +8,13 @@ list(APPEND test_data "certs") add_qt_test(tst_qdtls - GUI SOURCES tst_qdtls.cpp - LIBRARIES - Qt::NetworkPrivate PUBLIC_LIBRARIES - Qt::Network + Qt::NetworkPrivate TESTDATA ${test_data} ) -#### Keys ignored in scope 1:.:.:qdtls.pro:<TRUE>: -# CONFIG = "testcase" - ## Scopes: ##################################################################### diff --git a/tests/auto/network/ssl/qdtls/tst_qdtls.cpp b/tests/auto/network/ssl/qdtls/tst_qdtls.cpp index 6a94eee389..3bbde484ce 100644 --- a/tests/auto/network/ssl/qdtls/tst_qdtls.cpp +++ b/tests/auto/network/ssl/qdtls/tst_qdtls.cpp @@ -162,7 +162,6 @@ Q_DECLARE_METATYPE(QSslSocket::SslMode) Q_DECLARE_METATYPE(QSslSocket::PeerVerifyMode) Q_DECLARE_METATYPE(QList<QSslCertificate>) Q_DECLARE_METATYPE(QSslKey) -Q_DECLARE_METATYPE(QVector<QSslError>) QT_BEGIN_NAMESPACE @@ -837,10 +836,6 @@ void tst_QDtls::verifyServerCertificate() void tst_QDtls::verifyClientCertificate_data() { -#if !QT_CONFIG(opensslv11) - QSKIP("This test is not supposed to work with OpenSSL version below 1.1"); -#endif - QTest::addColumn<QSslSocket::PeerVerifyMode>("verifyMode"); QTest::addColumn<QList<QSslCertificate>>("clientCerts"); QTest::addColumn<QSslKey>("clientKey"); @@ -1131,7 +1126,7 @@ void tst_QDtls::handshakeReadyRead() QUdpSocket *socket = qobject_cast<QUdpSocket *>(sender()); Q_ASSERT(socket); - if (!socket->pendingDatagramSize()) + if (socket->pendingDatagramSize() <= 0) return; const bool isServer = socket == &serverSocket; diff --git a/tests/auto/network/ssl/qdtlscookie/CMakeLists.txt b/tests/auto/network/ssl/qdtlscookie/CMakeLists.txt index ee4a7c7676..827716c3b7 100644 --- a/tests/auto/network/ssl/qdtlscookie/CMakeLists.txt +++ b/tests/auto/network/ssl/qdtlscookie/CMakeLists.txt @@ -5,18 +5,12 @@ ##################################################################### add_qt_test(tst_qdtlscookie - GUI SOURCES tst_qdtlscookie.cpp - LIBRARIES - Qt::NetworkPrivate PUBLIC_LIBRARIES - Qt::Network + Qt::NetworkPrivate ) -#### Keys ignored in scope 1:.:.:qdtlscookie.pro:<TRUE>: -# CONFIG = "testcase" - ## Scopes: ##################################################################### diff --git a/tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp b/tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp index c90e9cb2c8..a273ceaa17 100644 --- a/tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp +++ b/tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp @@ -352,7 +352,7 @@ void tst_QDtlsCookie::receiveMessage(QUdpSocket *socket, QByteArray *message, { Q_ASSERT(socket && message); - if (!socket->pendingDatagramSize()) + if (socket->pendingDatagramSize() <= 0) testLoop.enterLoopMSecs(handshakeTimeoutMS); QVERIFY(!testLoop.timeout()); @@ -377,7 +377,7 @@ void tst_QDtlsCookie::serverReadyRead() { Q_ASSERT(clientsToWait); - if (!serverSocket.pendingDatagramSize()) + if (serverSocket.pendingDatagramSize() <= 0) return; QByteArray hello; @@ -410,7 +410,7 @@ void tst_QDtlsCookie::clientReadyRead() QUdpSocket *clientSocket = qobject_cast<QUdpSocket *>(sender()); Q_ASSERT(clientSocket); - if (!clientSocket->pendingDatagramSize()) + if (clientSocket->pendingDatagramSize() <= 0) return; QDtls *handshake = nullptr; diff --git a/tests/auto/network/ssl/qocsp/CMakeLists.txt b/tests/auto/network/ssl/qocsp/CMakeLists.txt index 598317fdce..399711f9a0 100644 --- a/tests/auto/network/ssl/qocsp/CMakeLists.txt +++ b/tests/auto/network/ssl/qocsp/CMakeLists.txt @@ -5,18 +5,13 @@ ##################################################################### add_qt_test(tst_qocsp - GUI SOURCES tst_qocsp.cpp - LIBRARIES - Qt::NetworkPrivate PUBLIC_LIBRARIES Qt::Network + Qt::NetworkPrivate ) -#### Keys ignored in scope 1:.:.:qocsp.pro:<TRUE>: -# CONFIG = "testcase" - ## Scopes: ##################################################################### diff --git a/tests/auto/network/ssl/qocsp/tst_qocsp.cpp b/tests/auto/network/ssl/qocsp/tst_qocsp.cpp index 9716c04bbb..8e579f7b5e 100644 --- a/tests/auto/network/ssl/qocsp/tst_qocsp.cpp +++ b/tests/auto/network/ssl/qocsp/tst_qocsp.cpp @@ -60,7 +60,6 @@ using VectorOfErrors = QT_PREPEND_NAMESPACE(QVector<SslError>); using Latin1String = QT_PREPEND_NAMESPACE(QLatin1String); Q_DECLARE_METATYPE(SslError) -Q_DECLARE_METATYPE(VectorOfErrors) Q_DECLARE_METATYPE(Latin1String) QT_BEGIN_NAMESPACE @@ -431,14 +430,14 @@ private: }; #define QCOMPARE_SINGLE_ERROR(sslSocket, expectedError) \ - const auto &tlsErrors = sslSocket.sslErrors(); \ + const auto &tlsErrors = sslSocket.sslHandshakeErrors(); \ QCOMPARE(tlsErrors.size(), 1); \ QCOMPARE(tlsErrors[0].error(), expectedError) #define QVERIFY_HANDSHAKE_WITHOUT_ERRORS(sslSocket) \ QVERIFY(sslSocket.isEncrypted()); \ QCOMPARE(sslSocket.state(), QAbstractSocket::ConnectedState); \ - QVERIFY(sslSocket.sslErrors().isEmpty()) + QVERIFY(sslSocket.sslHandshakeErrors().isEmpty()) #define QDECLARE_CHAIN(object, chainFileName) \ CertificateChain object = QSslCertificate::fromPath(certDirPath + QLatin1String(chainFileName)); \ @@ -606,7 +605,7 @@ void tst_QOcsp::malformedResponse() loop.enterLoopMSecs(handshakeTimeoutMS); QVERIFY(!clientSocket.isEncrypted()); - QCOMPARE(clientSocket.error(), QAbstractSocket::SslHandshakeFailedError); + QCOMPARE(clientSocket.socketError(), QAbstractSocket::SslHandshakeFailedError); } void tst_QOcsp::expiredResponse_data() @@ -722,7 +721,7 @@ void tst_QOcsp::wrongCertificateInResponse() loop.enterLoopMSecs(handshakeTimeoutMS); QVERIFY(!clientSocket.isEncrypted()); - QVERIFY(containsError(clientSocket.sslErrors(), expectedError)); + QVERIFY(containsError(clientSocket.sslHandshakeErrors(), expectedError)); } void tst_QOcsp::untrustedResponder() @@ -747,7 +746,7 @@ void tst_QOcsp::untrustedResponder() loop.enterLoopMSecs(handshakeTimeoutMS); QVERIFY(!clientSocket.isEncrypted()); - QVERIFY(containsError(clientSocket.sslErrors(), expectedError)); + QVERIFY(containsError(clientSocket.sslHandshakeErrors(), expectedError)); } void tst_QOcsp::setupOcspClient(QSslSocket &clientSocket, const CertificateChain &caCerts, const QString &name) diff --git a/tests/auto/network/ssl/qpassworddigestor/CMakeLists.txt b/tests/auto/network/ssl/qpassworddigestor/CMakeLists.txt index 92cacf385c..e0997fc26e 100644 --- a/tests/auto/network/ssl/qpassworddigestor/CMakeLists.txt +++ b/tests/auto/network/ssl/qpassworddigestor/CMakeLists.txt @@ -5,12 +5,8 @@ ##################################################################### add_qt_test(tst_qpassworddigestor - GUI SOURCES tst_qpassworddigestor.cpp PUBLIC_LIBRARIES Qt::Network ) - -#### Keys ignored in scope 1:.:.:qpassworddigestor.pro:<TRUE>: -# CONFIG = "testcase" diff --git a/tests/auto/network/ssl/qsslcertificate/.prev_CMakeLists.txt b/tests/auto/network/ssl/qsslcertificate/.prev_CMakeLists.txt new file mode 100644 index 0000000000..1509c2e809 --- /dev/null +++ b/tests/auto/network/ssl/qsslcertificate/.prev_CMakeLists.txt @@ -0,0 +1,31 @@ +# Generated from qsslcertificate.pro. + +##################################################################### +## tst_qsslcertificate Test: +##################################################################### + +# Collect test data +file(GLOB_RECURSE test_data_glob + RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} + certificates/*) +list(APPEND test_data ${test_data_glob}) +file(GLOB_RECURSE test_data_glob + RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} + more-certificates/*) +list(APPEND test_data ${test_data_glob}) +file(GLOB_RECURSE test_data_glob + RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} + verify-certs/*) +list(APPEND test_data ${test_data_glob}) +file(GLOB_RECURSE test_data_glob + RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} + pkcs12/*) +list(APPEND test_data ${test_data_glob}) + +add_qt_test(tst_qsslcertificate + SOURCES + tst_qsslcertificate.cpp + PUBLIC_LIBRARIES + Qt::Network + TESTDATA ${test_data} +) diff --git a/tests/auto/network/ssl/qsslcertificate/BLACKLIST b/tests/auto/network/ssl/qsslcertificate/BLACKLIST deleted file mode 100644 index 9494ee2278..0000000000 --- a/tests/auto/network/ssl/qsslcertificate/BLACKLIST +++ /dev/null @@ -1,13 +0,0 @@ -# OpenSSL version is too new. Rich will fix :) -[subjectAndIssuerAttributes] -ubuntu-16.04 -rhel-7.6 -opensuse-leap -windows-7sp1 -ubuntu-18.04 -rhel-7.4 -b2qt -windows-10 msvc-2017 -windows-10 msvc-2015 -opensuse-42.3 - diff --git a/tests/auto/network/ssl/qsslcertificate/CMakeLists.txt b/tests/auto/network/ssl/qsslcertificate/CMakeLists.txt index b0a7996c45..4b8fefc499 100644 --- a/tests/auto/network/ssl/qsslcertificate/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslcertificate/CMakeLists.txt @@ -4,40 +4,35 @@ ## tst_qsslcertificate Test: ##################################################################### -# Collect test data +# special case begin +# This test requires private tests to properly build +if (NOT QT_FEATURE_private_tests) + return() +endif() +# special case end -file(GLOB test_data_glob - LIST_DIRECTORIES true +# Collect test data +file(GLOB_RECURSE test_data_glob RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} - "certificates/*") + certificates/*) list(APPEND test_data ${test_data_glob}) - -file(GLOB test_data_glob - LIST_DIRECTORIES true +file(GLOB_RECURSE test_data_glob RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} - "more-certificates/*") + more-certificates/*) list(APPEND test_data ${test_data_glob}) - -file(GLOB test_data_glob - LIST_DIRECTORIES true +file(GLOB_RECURSE test_data_glob RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} - "verify-certs/*") + verify-certs/*) list(APPEND test_data ${test_data_glob}) - -file(GLOB test_data_glob - LIST_DIRECTORIES true +file(GLOB_RECURSE test_data_glob RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} - "pkcs12/*") + pkcs12/*) list(APPEND test_data ${test_data_glob}) add_qt_test(tst_qsslcertificate - GUI SOURCES tst_qsslcertificate.cpp PUBLIC_LIBRARIES Qt::Network TESTDATA ${test_data} ) - -#### Keys ignored in scope 1:.:.:qsslcertificate.pro:<TRUE>: -# CONFIG = "testcase" diff --git a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp index efc0c26076..a7a81e9f0b 100644 --- a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp +++ b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp @@ -33,6 +33,10 @@ #include <qsslsocket.h> #include <qsslcertificateextension.h> +#ifndef QT_NO_OPENSSL +#include <openssl/obj_mac.h> +#endif + class tst_QSslCertificate : public QObject { Q_OBJECT @@ -82,6 +86,8 @@ private slots: void fromDevice(); void fromPath_data(); void fromPath(); + void fromPath_qregularexpression_data(); + void fromPath_qregularexpression(); void certInfo(); void certInfoQByteArray(); void task256066toPem(); @@ -430,7 +436,7 @@ void tst_QSslCertificate::subjectAlternativeNames() void tst_QSslCertificate::utf8SubjectNames() { QSslCertificate cert = QSslCertificate::fromPath(testDataDir + "certificates/cert-ss-san-utf8.pem", QSsl::Pem, - QRegExp::FixedString).first(); + QSslCertificate::FixedString).first(); QVERIFY(!cert.isNull()); // O is "Heavy Metal Records" with heavy use of "decorations" like accents, umlauts etc., @@ -621,6 +627,88 @@ void tst_QSslCertificate::fromPath() numCerts); } +void tst_QSslCertificate::fromPath_qregularexpression_data() +{ + QTest::addColumn<QString>("path"); + QTest::addColumn<int>("syntax"); + QTest::addColumn<bool>("pemencoding"); + QTest::addColumn<int>("numCerts"); + + QTest::newRow("empty fixed pem") << QString() << int(QSslCertificate::FixedString) << true << 0; + QTest::newRow("empty fixed der") << QString() << int(QSslCertificate::FixedString) << false << 0; + QTest::newRow("empty regexp pem") << QString() << int(QSslCertificate::RegExp) << true << 0; + QTest::newRow("empty regexp der") << QString() << int(QSslCertificate::RegExp) << false << 0; + QTest::newRow("empty wildcard pem") << QString() << int(QSslCertificate::Wildcard) << true << 0; + QTest::newRow("empty wildcard der") << QString() << int(QSslCertificate::Wildcard) << false << 0; + QTest::newRow("\"certificates\" fixed pem") << (testDataDir + "certificates") << int(QSslCertificate::FixedString) << true << 0; + QTest::newRow("\"certificates\" fixed der") << (testDataDir + "certificates") << int(QSslCertificate::FixedString) << false << 0; + QTest::newRow("\"certificates\" regexp pem") << (testDataDir + "certificates") << int(QSslCertificate::RegExp) << true << 0; + QTest::newRow("\"certificates\" regexp der") << (testDataDir + "certificates") << int(QSslCertificate::RegExp) << false << 0; + QTest::newRow("\"certificates\" wildcard pem") << (testDataDir + "certificates") << int(QSslCertificate::Wildcard) << true << 0; + QTest::newRow("\"certificates\" wildcard der") << (testDataDir + "certificates") << int(QSslCertificate::Wildcard) << false << 0; + QTest::newRow("\"certificates/cert.pem\" fixed pem") << (testDataDir + "certificates/cert.pem") << int(QSslCertificate::FixedString) << true << 1; + QTest::newRow("\"certificates/cert.pem\" fixed der") << (testDataDir + "certificates/cert.pem") << int(QSslCertificate::FixedString) << false << 0; + QTest::newRow("\"certificates/cert.pem\" regexp pem") << (testDataDir + "certificates/cert.pem") << int(QSslCertificate::RegExp) << true << 1; + QTest::newRow("\"certificates/cert.pem\" regexp der") << (testDataDir + "certificates/cert.pem") << int(QSslCertificate::RegExp) << false << 0; + QTest::newRow("\"certificates/cert.pem\" wildcard pem") << (testDataDir + "certificates/cert.pem") << int(QSslCertificate::Wildcard) << true << 1; + QTest::newRow("\"certificates/cert.pem\" wildcard der") << (testDataDir + "certificates/cert.pem") << int(QSslCertificate::Wildcard) << false << 0; + QTest::newRow("\"certificates/*\" fixed pem") << (testDataDir + "certificates/*") << int(QSslCertificate::FixedString) << true << 0; + QTest::newRow("\"certificates/*\" fixed der") << (testDataDir + "certificates/*") << int(QSslCertificate::FixedString) << false << 0; + QTest::newRow("\"certificates/*\" regexp pem") << (testDataDir + "certificates/*") << int(QSslCertificate::RegExp) << true << 0; + QTest::newRow("\"certificates/*\" regexp der") << (testDataDir + "certificates/*") << int(QSslCertificate::RegExp) << false << 0; + QTest::newRow("\"certificates/*\" wildcard pem") << (testDataDir + "certificates/*") << int(QSslCertificate::Wildcard) << true << 7; + QTest::newRow("\"certificates/ca*\" wildcard pem") << (testDataDir + "certificates/ca*") << int(QSslCertificate::Wildcard) << true << 1; + QTest::newRow("\"certificates/cert*\" wildcard pem") << (testDataDir + "certificates/cert*") << int(QSslCertificate::Wildcard) << true << 4; + QTest::newRow("\"certificates/cert-[sure]*\" wildcard pem") << (testDataDir + "certificates/cert-[sure]*") << int(QSslCertificate::Wildcard) << true << 3; + QTest::newRow("\"certificates/cert-[not]*\" wildcard pem") << (testDataDir + "certificates/cert-[not]*") << int(QSslCertificate::Wildcard) << true << 0; + QTest::newRow("\"certificates/*\" wildcard der") << (testDataDir + "certificates/*") << int(QSslCertificate::Wildcard) << false << 2; + QTest::newRow("\"c*/c*.pem\" fixed pem") << (testDataDir + "c*/c*.pem") << int(QSslCertificate::FixedString) << true << 0; + QTest::newRow("\"c*/c*.pem\" fixed der") << (testDataDir + "c*/c*.pem") << int(QSslCertificate::FixedString) << false << 0; + QTest::newRow("\"c*/c*.pem\" regexp pem") << (testDataDir + "c*/c*.pem") << int(QSslCertificate::RegExp) << true << 0; + QTest::newRow("\"c*/c*.pem\" regexp der") << (testDataDir + "c*/c*.pem") << int(QSslCertificate::RegExp) << false << 0; + QTest::newRow("\"c*/c*.pem\" wildcard pem") << (testDataDir + "c*/c*.pem") << int(QSslCertificate::Wildcard) << true << 5; + QTest::newRow("\"c*/c*.pem\" wildcard der") << (testDataDir + "c*/c*.pem") << int(QSslCertificate::Wildcard) << false << 0; + QTest::newRow("\"d*/c*.pem\" fixed pem") << (testDataDir + "d*/c*.pem") << int(QSslCertificate::FixedString) << true << 0; + QTest::newRow("\"d*/c*.pem\" fixed der") << (testDataDir + "d*/c*.pem") << int(QSslCertificate::FixedString) << false << 0; + QTest::newRow("\"d*/c*.pem\" regexp pem") << (testDataDir + "d*/c*.pem") << int(QSslCertificate::RegExp) << true << 0; + QTest::newRow("\"d*/c*.pem\" regexp der") << (testDataDir + "d*/c*.pem") << int(QSslCertificate::RegExp) << false << 0; + QTest::newRow("\"d*/c*.pem\" wildcard pem") << (testDataDir + "d*/c*.pem") << int(QSslCertificate::Wildcard) << true << 0; + QTest::newRow("\"d*/c*.pem\" wildcard der") << (testDataDir + "d*/c*.pem") << int(QSslCertificate::Wildcard) << false << 0; + QTest::newRow("\"c.*/c.*.pem\" fixed pem") << (testDataDir + "c.*/c.*.pem") << int(QSslCertificate::FixedString) << true << 0; + QTest::newRow("\"c.*/c.*.pem\" fixed der") << (testDataDir + "c.*/c.*.pem") << int(QSslCertificate::FixedString) << false << 0; + QTest::newRow("\"c.*/c.*.pem\" regexp pem") << (testDataDir + "c.*/c.*.pem") << int(QSslCertificate::RegExp) << true << 5; + QTest::newRow("\"c.*/c.*.pem\" regexp der") << (testDataDir + "c.*/c.*.pem") << int(QSslCertificate::RegExp) << false << 0; + QTest::newRow("\"c.*/c.*.pem\" wildcard pem") << (testDataDir + "c.*/c.*.pem") << int(QSslCertificate::Wildcard) << true << 0; + QTest::newRow("\"c.*/c.*.pem\" wildcard der") << (testDataDir + "c.*/c.*.pem") << int(QSslCertificate::Wildcard) << false << 0; + QTest::newRow("\"d.*/c.*.pem\" fixed pem") << (testDataDir + "d.*/c.*.pem") << int(QSslCertificate::FixedString) << true << 0; + QTest::newRow("\"d.*/c.*.pem\" fixed der") << (testDataDir + "d.*/c.*.pem") << int(QSslCertificate::FixedString) << false << 0; + QTest::newRow("\"d.*/c.*.pem\" regexp pem") << (testDataDir + "d.*/c.*.pem") << int(QSslCertificate::RegExp) << true << 0; + QTest::newRow("\"d.*/c.*.pem\" regexp der") << (testDataDir + "d.*/c.*.pem") << int(QSslCertificate::RegExp) << false << 0; + QTest::newRow("\"d.*/c.*.pem\" wildcard pem") << (testDataDir + "d.*/c.*.pem") << int(QSslCertificate::Wildcard) << true << 0; + QTest::newRow("\"d.*/c.*.pem\" wildcard der") << (testDataDir + "d.*/c.*.pem") << int(QSslCertificate::Wildcard) << false << 0; +#ifdef Q_OS_LINUX + QTest::newRow("absolute path wildcard pem") << (testDataDir + "certificates/*.pem") << int(QSslCertificate::Wildcard) << true << 7; +#endif + + QTest::newRow("trailing-whitespace") << (testDataDir + "more-certificates/trailing-whitespace.pem") << int(QSslCertificate::FixedString) << true << 1; + QTest::newRow("no-ending-newline") << (testDataDir + "more-certificates/no-ending-newline.pem") << int(QSslCertificate::FixedString) << true << 1; + QTest::newRow("malformed-just-begin") << (testDataDir + "more-certificates/malformed-just-begin.pem") << int(QSslCertificate::FixedString) << true << 0; + QTest::newRow("malformed-just-begin-no-newline") << (testDataDir + "more-certificates/malformed-just-begin-no-newline.pem") << int(QSslCertificate::FixedString) << true << 0; +} + +void tst_QSslCertificate::fromPath_qregularexpression() +{ + QFETCH(QString, path); + QFETCH(int, syntax); + QFETCH(bool, pemencoding); + QFETCH(int, numCerts); + + QCOMPARE(QSslCertificate::fromPath(path, + pemencoding ? QSsl::Pem : QSsl::Der, + QSslCertificate::PatternSyntax(syntax)).size(), + numCerts); +} + void tst_QSslCertificate::certInfo() { // MD5 Fingerprint=B6:CF:57:34:DA:A9:73:21:82:F7:CF:4D:3D:85:31:88 @@ -707,7 +795,7 @@ void tst_QSslCertificate::certInfo() "55:ba:e7:fb:95:5d:91"; QSslCertificate cert = QSslCertificate::fromPath(testDataDir + "certificates/cert.pem", QSsl::Pem, - QRegExp::FixedString).first(); + QSslCertificate::FixedString).first(); QVERIFY(!cert.isNull()); QCOMPARE(cert.issuerInfo(QSslCertificate::Organization)[0], QString("CryptSoft Pty Ltd")); @@ -764,7 +852,7 @@ void tst_QSslCertificate::certInfo() void tst_QSslCertificate::certInfoQByteArray() { QSslCertificate cert = QSslCertificate::fromPath(testDataDir + "certificates/cert.pem", QSsl::Pem, - QRegExp::FixedString).first(); + QSslCertificate::FixedString).first(); QVERIFY(!cert.isNull()); // in this test, check the bytearray variants before the enum variants to see if @@ -816,7 +904,7 @@ void tst_QSslCertificate::nulInCN() QSKIP("Generic QSslCertificatePrivate fails this test"); #endif QList<QSslCertificate> certList = - QSslCertificate::fromPath(testDataDir + "more-certificates/badguy-nul-cn.crt"); + QSslCertificate::fromPath(testDataDir + "more-certificates/badguy-nul-cn.crt", QSsl::Pem, QSslCertificate::FixedString); QCOMPARE(certList.size(), 1); const QSslCertificate &cert = certList.at(0); @@ -835,7 +923,7 @@ void tst_QSslCertificate::nulInSan() QSKIP("Generic QSslCertificatePrivate fails this test"); #endif QList<QSslCertificate> certList = - QSslCertificate::fromPath(testDataDir + "more-certificates/badguy-nul-san.crt"); + QSslCertificate::fromPath(testDataDir + "more-certificates/badguy-nul-san.crt", QSsl::Pem, QSslCertificate::FixedString); QCOMPARE(certList.size(), 1); const QSslCertificate &cert = certList.at(0); @@ -855,7 +943,7 @@ void tst_QSslCertificate::nulInSan() void tst_QSslCertificate::largeSerialNumber() { QList<QSslCertificate> certList = - QSslCertificate::fromPath(testDataDir + "more-certificates/cert-large-serial-number.pem"); + QSslCertificate::fromPath(testDataDir + "more-certificates/cert-large-serial-number.pem", QSsl::Pem, QSslCertificate::FixedString); QCOMPARE(certList.size(), 1); @@ -867,7 +955,7 @@ void tst_QSslCertificate::largeSerialNumber() void tst_QSslCertificate::largeExpirationDate() // QTBUG-12489 { QList<QSslCertificate> certList = - QSslCertificate::fromPath(testDataDir + "more-certificates/cert-large-expiration-date.pem"); + QSslCertificate::fromPath(testDataDir + "more-certificates/cert-large-expiration-date.pem", QSsl::Pem, QSslCertificate::FixedString); QCOMPARE(certList.size(), 1); @@ -880,7 +968,7 @@ void tst_QSslCertificate::largeExpirationDate() // QTBUG-12489 void tst_QSslCertificate::blacklistedCertificates() { - QList<QSslCertificate> blacklistedCerts = QSslCertificate::fromPath(testDataDir + "more-certificates/blacklisted*.pem", QSsl::Pem, QRegExp::Wildcard); + QList<QSslCertificate> blacklistedCerts = QSslCertificate::fromPath(testDataDir + "more-certificates/blacklisted*.pem", QSsl::Pem, QSslCertificate::Wildcard); QVERIFY(blacklistedCerts.count() > 0); for (int a = 0; a < blacklistedCerts.count(); a++) { QVERIFY(blacklistedCerts.at(a).isBlacklisted()); @@ -889,15 +977,15 @@ void tst_QSslCertificate::blacklistedCertificates() void tst_QSslCertificate::selfsignedCertificates() { - QVERIFY(QSslCertificate::fromPath(testDataDir + "certificates/cert-ss.pem").first().isSelfSigned()); - QVERIFY(!QSslCertificate::fromPath(testDataDir + "certificates/cert.pem").first().isSelfSigned()); + QVERIFY(QSslCertificate::fromPath(testDataDir + "certificates/cert-ss.pem", QSsl::Pem, QSslCertificate::FixedString).first().isSelfSigned()); + QVERIFY(!QSslCertificate::fromPath(testDataDir + "certificates/cert.pem", QSsl::Pem, QSslCertificate::FixedString).first().isSelfSigned()); QVERIFY(!QSslCertificate().isSelfSigned()); } void tst_QSslCertificate::toText() { QList<QSslCertificate> certList = - QSslCertificate::fromPath(testDataDir + "more-certificates/cert-large-expiration-date.pem"); + QSslCertificate::fromPath(testDataDir + "more-certificates/cert-large-expiration-date.pem", QSsl::Pem, QSslCertificate::FixedString); QCOMPARE(certList.size(), 1); const QSslCertificate &cert = certList.at(0); @@ -939,7 +1027,7 @@ void tst_QSslCertificate::toText() void tst_QSslCertificate::multipleCommonNames() { QList<QSslCertificate> certList = - QSslCertificate::fromPath(testDataDir + "more-certificates/test-cn-two-cns-cert.pem"); + QSslCertificate::fromPath(testDataDir + "more-certificates/test-cn-two-cns-cert.pem", QSsl::Pem, QSslCertificate::FixedString); QVERIFY(certList.count() > 0); QStringList commonNames = certList[0].subjectInfo(QSslCertificate::CommonName); @@ -950,18 +1038,22 @@ void tst_QSslCertificate::multipleCommonNames() void tst_QSslCertificate::subjectAndIssuerAttributes() { QList<QSslCertificate> certList = - QSslCertificate::fromPath(testDataDir + "more-certificates/test-cn-with-drink-cert.pem"); + QSslCertificate::fromPath(testDataDir + "more-certificates/test-cn-with-drink-cert.pem", QSsl::Pem, QSslCertificate::FixedString); QVERIFY(certList.count() > 0); QList<QByteArray> attributes = certList[0].subjectInfoAttributes(); QVERIFY(attributes.contains(QByteArray("favouriteDrink"))); attributes.clear(); - certList = QSslCertificate::fromPath(testDataDir + "more-certificates/natwest-banking.pem"); + certList = QSslCertificate::fromPath(testDataDir + "more-certificates/natwest-banking.pem", QSsl::Pem, QSslCertificate::FixedString); QVERIFY(certList.count() > 0); + QByteArray shortName("1.3.6.1.4.1.311.60.2.1.3"); +#if !defined(QT_NO_OPENSSL) && defined(SN_jurisdictionCountryName) + shortName = SN_jurisdictionCountryName; +#endif attributes = certList[0].subjectInfoAttributes(); - QVERIFY(attributes.contains(QByteArray("1.3.6.1.4.1.311.60.2.1.3"))); + QVERIFY(attributes.contains(shortName)); } void tst_QSslCertificate::verify() @@ -988,17 +1080,17 @@ void tst_QSslCertificate::verify() errors.clear(); // Verify a valid cert signed by a CA - QList<QSslCertificate> caCerts = QSslCertificate::fromPath(testDataDir + "verify-certs/cacert.pem"); + QList<QSslCertificate> caCerts = QSslCertificate::fromPath(testDataDir + "verify-certs/cacert.pem", QSsl::Pem, QSslCertificate::FixedString); QSslSocket::addDefaultCaCertificate(caCerts.first()); - toVerify = QSslCertificate::fromPath(testDataDir + "verify-certs/test-ocsp-good-cert.pem"); + toVerify = QSslCertificate::fromPath(testDataDir + "verify-certs/test-ocsp-good-cert.pem", QSsl::Pem, QSslCertificate::FixedString); errors = QSslCertificate::verify(toVerify); VERIFY_VERBOSE(errors.count() == 0); errors.clear(); // Test a blacklisted certificate - toVerify = QSslCertificate::fromPath(testDataDir + "verify-certs/test-addons-mozilla-org-cert.pem"); + toVerify = QSslCertificate::fromPath(testDataDir + "verify-certs/test-addons-mozilla-org-cert.pem", QSsl::Pem, QSslCertificate::FixedString); errors = QSslCertificate::verify(toVerify); bool foundBlack = false; foreach (const QSslError &error, errors) { @@ -1011,7 +1103,7 @@ void tst_QSslCertificate::verify() errors.clear(); // This one is expired and untrusted - toVerify = QSslCertificate::fromPath(testDataDir + "more-certificates/cert-large-serial-number.pem"); + toVerify = QSslCertificate::fromPath(testDataDir + "more-certificates/cert-large-serial-number.pem", QSsl::Pem, QSslCertificate::FixedString); errors = QSslCertificate::verify(toVerify); VERIFY_VERBOSE(errors.contains(QSslError(QSslError::SelfSignedCertificate, toVerify[0]))); VERIFY_VERBOSE(errors.contains(QSslError(QSslError::CertificateExpired, toVerify[0]))); @@ -1019,15 +1111,15 @@ void tst_QSslCertificate::verify() toVerify.clear(); // This one is signed by a valid cert, but the signer is not a valid CA - toVerify << QSslCertificate::fromPath(testDataDir + "verify-certs/test-intermediate-not-ca-cert.pem").first(); - toVerify << QSslCertificate::fromPath(testDataDir + "verify-certs/test-ocsp-good-cert.pem").first(); + toVerify << QSslCertificate::fromPath(testDataDir + "verify-certs/test-intermediate-not-ca-cert.pem", QSsl::Pem, QSslCertificate::FixedString).first(); + toVerify << QSslCertificate::fromPath(testDataDir + "verify-certs/test-ocsp-good-cert.pem", QSsl::Pem, QSslCertificate::FixedString).first(); errors = QSslCertificate::verify(toVerify); VERIFY_VERBOSE(errors.contains(QSslError(QSslError::InvalidCaCertificate, toVerify[1]))); toVerify.clear(); // This one is signed by a valid cert, and the signer is a valid CA - toVerify << QSslCertificate::fromPath(testDataDir + "verify-certs/test-intermediate-is-ca-cert.pem").first(); - toVerify << QSslCertificate::fromPath(testDataDir + "verify-certs/test-intermediate-ca-cert.pem").first(); + toVerify << QSslCertificate::fromPath(testDataDir + "verify-certs/test-intermediate-is-ca-cert.pem", QSsl::Pem, QSslCertificate::FixedString).first(); + toVerify << QSslCertificate::fromPath(testDataDir + "verify-certs/test-intermediate-ca-cert.pem", QSsl::Pem, QSslCertificate::FixedString).first(); errors = QSslCertificate::verify(toVerify); VERIFY_VERBOSE(errors.count() == 0); @@ -1057,7 +1149,7 @@ QString tst_QSslCertificate::toString(const QList<QSslError>& errors) void tst_QSslCertificate::extensions() { QList<QSslCertificate> certList = - QSslCertificate::fromPath(testDataDir + "more-certificates/natwest-banking.pem"); + QSslCertificate::fromPath(testDataDir + "more-certificates/natwest-banking.pem", QSsl::Pem, QSslCertificate::FixedString); QVERIFY(certList.count() > 0); QSslCertificate cert = certList[0]; @@ -1155,7 +1247,7 @@ void tst_QSslCertificate::extensions() void tst_QSslCertificate::extensionsCritical() { QList<QSslCertificate> certList = - QSslCertificate::fromPath(testDataDir + "verify-certs/test-addons-mozilla-org-cert.pem"); + QSslCertificate::fromPath(testDataDir + "verify-certs/test-addons-mozilla-org-cert.pem", QSsl::Pem, QSslCertificate::FixedString); QVERIFY(certList.count() > 0); QSslCertificate cert = certList[0]; @@ -1276,12 +1368,12 @@ void tst_QSslCertificate::version_data() QTest::newRow("null certificate") << QSslCertificate() << QByteArray(); QList<QSslCertificate> certs; - certs << QSslCertificate::fromPath(testDataDir + "verify-certs/test-ocsp-good-cert.pem"); + certs << QSslCertificate::fromPath(testDataDir + "verify-certs/test-ocsp-good-cert.pem", QSsl::Pem, QSslCertificate::FixedString); QTest::newRow("v3 certificate") << certs.first() << QByteArrayLiteral("3"); certs.clear(); - certs << QSslCertificate::fromPath(testDataDir + "certificates/cert.pem"); + certs << QSslCertificate::fromPath(testDataDir + "certificates/cert.pem", QSsl::Pem, QSslCertificate::FixedString); QTest::newRow("v1 certificate") << certs.first() << QByteArrayLiteral("1"); } @@ -1318,7 +1410,7 @@ void tst_QSslCertificate::pkcs12() QVERIFY(ok); f.close(); - QList<QSslCertificate> leafCert = QSslCertificate::fromPath(testDataDir + QLatin1String("pkcs12/leaf.crt")); + QList<QSslCertificate> leafCert = QSslCertificate::fromPath(testDataDir + QLatin1String("pkcs12/leaf.crt"), QSsl::Pem, QSslCertificate::FixedString); QVERIFY(!leafCert.isEmpty()); QCOMPARE(cert, leafCert.first()); @@ -1333,7 +1425,7 @@ void tst_QSslCertificate::pkcs12() QVERIFY(!leafKey.isNull()); QCOMPARE(key, leafKey); - QList<QSslCertificate> caCert = QSslCertificate::fromPath(testDataDir + QLatin1String("pkcs12/inter.crt")); + QList<QSslCertificate> caCert = QSslCertificate::fromPath(testDataDir + QLatin1String("pkcs12/inter.crt"), QSsl::Pem, QSslCertificate::FixedString); QVERIFY(!caCert.isEmpty()); QVERIFY(!caCerts.isEmpty()); diff --git a/tests/auto/network/ssl/qsslcipher/CMakeLists.txt b/tests/auto/network/ssl/qsslcipher/CMakeLists.txt index f41dd8ee1c..44e0e78220 100644 --- a/tests/auto/network/ssl/qsslcipher/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslcipher/CMakeLists.txt @@ -5,16 +5,12 @@ ##################################################################### add_qt_test(tst_qsslcipher - GUI SOURCES tst_qsslcipher.cpp PUBLIC_LIBRARIES Qt::Network ) -#### Keys ignored in scope 1:.:.:qsslcipher.pro:<TRUE>: -# CONFIG = "testcase" - ## Scopes: ##################################################################### diff --git a/tests/auto/network/ssl/qssldiffiehellmanparameters/CMakeLists.txt b/tests/auto/network/ssl/qssldiffiehellmanparameters/CMakeLists.txt index f4a7184559..f6785a6736 100644 --- a/tests/auto/network/ssl/qssldiffiehellmanparameters/CMakeLists.txt +++ b/tests/auto/network/ssl/qssldiffiehellmanparameters/CMakeLists.txt @@ -5,12 +5,8 @@ ##################################################################### add_qt_test(tst_qssldiffiehellmanparameters - GUI SOURCES tst_qssldiffiehellmanparameters.cpp PUBLIC_LIBRARIES Qt::Network ) - -#### Keys ignored in scope 1:.:.:qssldiffiehellmanparameters.pro:<TRUE>: -# CONFIG = "testcase" "parallel_test" diff --git a/tests/auto/network/ssl/qsslellipticcurve/CMakeLists.txt b/tests/auto/network/ssl/qsslellipticcurve/CMakeLists.txt index 0196eed00e..4df88ff305 100644 --- a/tests/auto/network/ssl/qsslellipticcurve/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslellipticcurve/CMakeLists.txt @@ -5,12 +5,8 @@ ##################################################################### add_qt_test(tst_qsslellipticcurve - GUI SOURCES tst_qsslellipticcurve.cpp PUBLIC_LIBRARIES Qt::Network ) - -#### Keys ignored in scope 1:.:.:qsslellipticcurve.pro:<TRUE>: -# CONFIG = "testcase" diff --git a/tests/auto/network/ssl/qsslerror/CMakeLists.txt b/tests/auto/network/ssl/qsslerror/CMakeLists.txt index ab3e836f26..e8b07ab049 100644 --- a/tests/auto/network/ssl/qsslerror/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslerror/CMakeLists.txt @@ -5,16 +5,12 @@ ##################################################################### add_qt_test(tst_qsslerror - GUI SOURCES tst_qsslerror.cpp PUBLIC_LIBRARIES Qt::Network ) -#### Keys ignored in scope 1:.:.:qsslerror.pro:<TRUE>: -# CONFIG = "testcase" - ## Scopes: ##################################################################### diff --git a/tests/auto/network/ssl/qsslkey/CMakeLists.txt b/tests/auto/network/ssl/qsslkey/CMakeLists.txt index 316fa5565d..04634d1997 100644 --- a/tests/auto/network/ssl/qsslkey/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslkey/CMakeLists.txt @@ -5,21 +5,16 @@ ##################################################################### # Collect test data - -file(GLOB test_data_glob - LIST_DIRECTORIES true +file(GLOB_RECURSE test_data_glob RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} - "keys/*") + keys/*) list(APPEND test_data ${test_data_glob}) - -file(GLOB test_data_glob - LIST_DIRECTORIES true +file(GLOB_RECURSE test_data_glob RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} - "rsa-*.pem") + rsa-*.pem) list(APPEND test_data ${test_data_glob}) add_qt_test(tst_qsslkey - GUI SOURCES tst_qsslkey.cpp PUBLIC_LIBRARIES @@ -27,17 +22,11 @@ add_qt_test(tst_qsslkey TESTDATA ${test_data} ) -#### Keys ignored in scope 1:.:.:qsslkey.pro:<TRUE>: -# CONFIG = "testcase" - ## Scopes: ##################################################################### extend_target(tst_qsslkey CONDITION QT_FEATURE_private_tests - LIBRARIES + PUBLIC_LIBRARIES Qt::CorePrivate Qt::NetworkPrivate - PUBLIC_LIBRARIES - Qt::Core - Qt::Network ) diff --git a/tests/auto/network/ssl/qsslsocket/BLACKLIST b/tests/auto/network/ssl/qsslsocket/BLACKLIST index 7b4a29f463..749c59d968 100644 --- a/tests/auto/network/ssl/qsslsocket/BLACKLIST +++ b/tests/auto/network/ssl/qsslsocket/BLACKLIST @@ -3,9 +3,9 @@ windows [spontaneousWrite] windows-7sp1 [connectToHostEncrypted] -osx-10.13 +macos [setSslConfiguration] windows-10 msvc-2015 windows-7sp1 [connectToHostEncryptedWithVerificationPeerName] -osx-10.13 +macos diff --git a/tests/auto/network/ssl/qsslsocket/CMakeLists.txt b/tests/auto/network/ssl/qsslsocket/CMakeLists.txt index 050abfd5a3..99ec2ad823 100644 --- a/tests/auto/network/ssl/qsslsocket/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslsocket/CMakeLists.txt @@ -1,5 +1,9 @@ # Generated from qsslsocket.pro. +if(NOT QT_FEATURE_private_tests) + return() +endif() + ##################################################################### ## tst_qsslsocket Test: ##################################################################### @@ -8,21 +12,18 @@ list(APPEND test_data "certs") add_qt_test(tst_qsslsocket - GUI SOURCES tst_qsslsocket.cpp DEFINES SRCDIR=\\\"${CMAKE_CURRENT_SOURCE_DIR}/\\\" - LIBRARIES + PUBLIC_LIBRARIES Qt::CorePrivate Qt::NetworkPrivate - PUBLIC_LIBRARIES - Qt::Network TESTDATA ${test_data} ) #### Keys ignored in scope 1:.:.:qsslsocket.pro:<TRUE>: -# CONFIG = "testcase" +# _REQUIREMENTS = "qtConfig(private_tests)" ## Scopes: ##################################################################### @@ -34,5 +35,4 @@ add_qt_test(tst_qsslsocket # DESTDIR = "release" #### Keys ignored in scope 5:.:.:qsslsocket.pro:LINUX: -# CONFIG = "unsupported/testserver" # QT_TEST_SERVER_LIST = "squid" "danted" "cyrus" "apache2" "echo" diff --git a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp index 2fef31cdc2..18b449a953 100644 --- a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp +++ b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp @@ -73,11 +73,11 @@ typedef QSharedPointer<QSslSocket> QSslSocketPtr; #else #define FLUKE_CERTIFICATE_ERROR QSslError::CertificateUntrusted #endif -#endif // QT_NO_SSL +#endif // QT_NO_OPENSSL // Detect ALPN (Application-Layer Protocol Negotiation) support #undef ALPN_SUPPORTED // Undef the variable first to be safe -#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_TLSEXT) +#if defined(OPENSSL_VERSION_NUMBER) && !defined(OPENSSL_NO_TLSEXT) #define ALPN_SUPPORTED 1 #endif @@ -94,11 +94,13 @@ typedef QSharedPointer<QSslSocket> QSslSocketPtr; // Use this cipher to force PSK key sharing. // Also, it's a cipher w/o auth, to check that we emit the signals warning // about the identity of the peer. +#ifndef QT_NO_OPENSSL static const QString PSK_CIPHER_WITHOUT_AUTH = QStringLiteral("PSK-AES256-CBC-SHA"); static const quint16 PSK_SERVER_PORT = 4433; static const QByteArray PSK_CLIENT_PRESHAREDKEY = QByteArrayLiteral("\x1a\x2b\x3c\x4d\x5e\x6f"); static const QByteArray PSK_SERVER_IDENTITY_HINT = QByteArrayLiteral("QtTestServerHint"); static const QByteArray PSK_CLIENT_IDENTITY = QByteArrayLiteral("Client_identity"); +#endif // !QT_NO_OPENSSL class tst_QSslSocket : public QObject { @@ -257,8 +259,14 @@ private slots: void signatureAlgorithm(); #endif - void disabledProtocols_data(); - void disabledProtocols(); + void unsupportedProtocols_data(); + void unsupportedProtocols(); + + void oldErrorsOnSocketReuse(); +#if QT_CONFIG(openssl) + void alertMissingCertificate(); + void alertInvalidCertificate(); +#endif // openssl void setEmptyDefaultConfiguration(); // this test should be last @@ -333,6 +341,8 @@ tst_QSslSocket::tst_QSslSocket() qRegisterMetaType<QSslError>("QSslError"); qRegisterMetaType<QAbstractSocket::SocketState>("QAbstractSocket::SocketState"); qRegisterMetaType<QAbstractSocket::SocketError>("QAbstractSocket::SocketError"); + qRegisterMetaType<QAlertLevel>("QAlertLevel"); + qRegisterMetaType<QAlertType>("QAlertType"); #ifndef QT_NO_OPENSSL qRegisterMetaType<QSslPreSharedKeyAuthenticator *>(); @@ -389,7 +399,8 @@ void tst_QSslSocket::initTestCase() QVERIFY(QtNetworkSettings::verifyConnection(QtNetworkSettings::imapServerName(), 993)); QVERIFY(QtNetworkSettings::verifyConnection(QtNetworkSettings::echoServerName(), 13)); #else - QVERIFY(QtNetworkSettings::verifyTestNetworkSettings()); + if (!QtNetworkSettings::verifyTestNetworkSettings()) + QSKIP("No network test server available"); #endif // QT_TEST_SERVER #endif // QT_NO_SSL } @@ -522,7 +533,7 @@ void tst_QSslSocket::constructing() QCOMPARE(socket.write(0, 0), qint64(-1)); QTest::ignoreMessage(QtWarningMsg, writeNotOpenMessage); QCOMPARE(socket.write(QByteArray()), qint64(-1)); - QCOMPARE(socket.error(), QAbstractSocket::UnknownSocketError); + QCOMPARE(socket.socketError(), QAbstractSocket::UnknownSocketError); QVERIFY(!socket.flush()); QVERIFY(!socket.isValid()); QCOMPARE(socket.localAddress(), QHostAddress()); @@ -728,7 +739,7 @@ void tst_QSslSocket::sslErrors() // check the SSL errors contain HostNameMismatch and an error due to // the certificate being self-signed SslErrorList sslErrors; - const auto socketSslErrors = socket->sslErrors(); + const auto socketSslErrors = socket->sslHandshakeErrors(); for (const QSslError &err : socketSslErrors) sslErrors << err.error(); std::sort(sslErrors.begin(), sslErrors.end()); @@ -1100,7 +1111,6 @@ void tst_QSslSocket::protocol() QCOMPARE(socket->protocol(), QSsl::TlsV1_0); socket->abort(); } -#if OPENSSL_VERSION_NUMBER >= 0x10001000L { // qt-test-server probably doesn't allow TLSV1.1 socket->setProtocol(QSsl::TlsV1_1); @@ -1137,7 +1147,7 @@ void tst_QSslSocket::protocol() QCOMPARE(socket->protocol(), QSsl::TlsV1_2); socket->abort(); } -#endif + #ifdef TLS1_3_VERSION { // qt-test-server probably doesn't allow TLSV1.3 @@ -1176,25 +1186,6 @@ void tst_QSslSocket::protocol() QCOMPARE(socket->protocol(), QSsl::AnyProtocol); socket->abort(); } - { - // qt-test-server allows TlsV1, so it allows TlsV1SslV3 - socket->setProtocol(QSsl::TlsV1SslV3); - QCOMPARE(socket->protocol(), QSsl::TlsV1SslV3); - socket->connectToHostEncrypted(QtNetworkSettings::httpServerName(), 443); - if (setProxy && !socket->waitForEncrypted()) - QSKIP("Skipping flaky test - See QTBUG-29941"); - QCOMPARE(socket->protocol(), QSsl::TlsV1SslV3); - socket->abort(); - QCOMPARE(socket->protocol(), QSsl::TlsV1SslV3); - socket->connectToHost(QtNetworkSettings::httpServerName(), 443); - if (setProxy && !socket->waitForConnected()) - QSKIP("Skipping flaky test - See QTBUG-29941"); - socket->startClientEncryption(); - if (setProxy && !socket->waitForEncrypted()) - QSKIP("Skipping flaky test - See QTBUG-29941"); - QCOMPARE(socket->protocol(), QSsl::TlsV1SslV3); - socket->abort(); - } } class SslServer : public QTcpServer @@ -1226,6 +1217,8 @@ public: signals: void socketError(QAbstractSocket::SocketError); + void gotAlert(QAlertLevel level, QAlertType type, const QString &message); + void alertSent(QAlertLevel level, QAlertType type, const QString &message); protected: void incomingConnection(qintptr socketDescriptor) @@ -1237,6 +1230,8 @@ protected: if (ignoreSslErrors) connect(socket, SIGNAL(sslErrors(QList<QSslError>)), this, SLOT(ignoreErrorSlot())); connect(socket, SIGNAL(error(QAbstractSocket::SocketError)), this, SIGNAL(socketError(QAbstractSocket::SocketError))); + connect(socket, &QSslSocket::alertReceived, this, &SslServer::gotAlert); + connect(socket, &QSslSocket::alertSent, this, &SslServer::alertSent); QFile file(m_keyFile); QVERIFY(file.open(QIODevice::ReadOnly)); @@ -1300,20 +1295,13 @@ void tst_QSslSocket::protocolServerSide_data() QTest::addColumn<bool>("works"); QTest::newRow("tls1.0-tls1.0") << QSsl::TlsV1_0 << QSsl::TlsV1_0 << true; - QTest::newRow("tls1ssl3-tls1ssl3") << QSsl::TlsV1SslV3 << QSsl::TlsV1SslV3 << true; QTest::newRow("any-any") << QSsl::AnyProtocol << QSsl::AnyProtocol << true; QTest::newRow("secure-secure") << QSsl::SecureProtocols << QSsl::SecureProtocols << true; - QTest::newRow("tls1-tls1ssl3") << QSsl::TlsV1_0 << QSsl::TlsV1SslV3 << true; QTest::newRow("tls1.0-secure") << QSsl::TlsV1_0 << QSsl::SecureProtocols << true; QTest::newRow("tls1.0-any") << QSsl::TlsV1_0 << QSsl::AnyProtocol << true; - QTest::newRow("tls1ssl3-tls1.0") << QSsl::TlsV1SslV3 << QSsl::TlsV1_0 << true; - QTest::newRow("tls1ssl3-secure") << QSsl::TlsV1SslV3 << QSsl::SecureProtocols << true; - QTest::newRow("tls1ssl3-any") << QSsl::TlsV1SslV3 << QSsl::AnyProtocol << true; - QTest::newRow("secure-tls1.0") << QSsl::SecureProtocols << QSsl::TlsV1_0 << true; - QTest::newRow("secure-tls1ssl3") << QSsl::SecureProtocols << QSsl::TlsV1SslV3 << true; QTest::newRow("secure-any") << QSsl::SecureProtocols << QSsl::AnyProtocol << true; QTest::newRow("tls1.0orlater-tls1.0") << QSsl::TlsV1_0OrLater << QSsl::TlsV1_0 << true; @@ -1345,7 +1333,6 @@ void tst_QSslSocket::protocolServerSide_data() #endif // TLS1_3_VERSION QTest::newRow("any-tls1.0") << QSsl::AnyProtocol << QSsl::TlsV1_0 << true; - QTest::newRow("any-tls1ssl3") << QSsl::AnyProtocol << QSsl::TlsV1SslV3 << true; QTest::newRow("any-secure") << QSsl::AnyProtocol << QSsl::SecureProtocols << true; } @@ -1386,16 +1373,16 @@ void tst_QSslSocket::protocolServerSide() QAbstractSocket::SocketState expectedState = (works) ? QAbstractSocket::ConnectedState : QAbstractSocket::UnconnectedState; // Determine whether the client or the server caused the event loop // to quit due to a socket error, and investigate the culprit. - if (client.error() != QAbstractSocket::UnknownSocketError) { + if (client.socketError() != QAbstractSocket::UnknownSocketError) { // It can happen that the client, after TCP connection established, before // incomingConnection() slot fired, hits TLS initialization error and stops // the loop, so the server socket is not created yet. if (server.socket) - QVERIFY(server.socket->error() == QAbstractSocket::UnknownSocketError); + QVERIFY(server.socket->socketError() == QAbstractSocket::UnknownSocketError); QCOMPARE(client.state(), expectedState); - } else if (server.socket->error() != QAbstractSocket::UnknownSocketError) { - QVERIFY(client.error() == QAbstractSocket::UnknownSocketError); + } else if (server.socket->socketError() != QAbstractSocket::UnknownSocketError) { + QVERIFY(client.socketError() == QAbstractSocket::UnknownSocketError); QCOMPARE(server.socket->state(), expectedState); } @@ -2007,7 +1994,7 @@ void tst_QSslSocket::setEmptyKey() QTestEventLoop::instance().enterLoop(2); QCOMPARE(socket.state(), QAbstractSocket::ConnectedState); - QCOMPARE(socket.error(), QAbstractSocket::UnknownSocketError); + QCOMPARE(socket.socketError(), QAbstractSocket::UnknownSocketError); } void tst_QSslSocket::spontaneousWrite() @@ -2429,7 +2416,7 @@ void tst_QSslSocket::verifyMode() QList<QSslError> expectedErrors = QList<QSslError>() << QSslError(FLUKE_CERTIFICATE_ERROR, socket.peerCertificate()); - QCOMPARE(socket.sslErrors(), expectedErrors); + QCOMPARE(socket.sslHandshakeErrors(), expectedErrors); socket.abort(); VerifyServer server; @@ -2445,7 +2432,7 @@ void tst_QSslSocket::verifyMode() loop.exec(); QVERIFY(clientSocket.isEncrypted()); - QVERIFY(server.socket->sslErrors().isEmpty()); + QVERIFY(server.socket->sslHandshakeErrors().isEmpty()); } void tst_QSslSocket::verifyDepth() @@ -2642,7 +2629,6 @@ void tst_QSslSocket::ignoreSslErrorsList() connect(&socket, SIGNAL(proxyAuthenticationRequired(QNetworkProxy,QAuthenticator*)), this, SLOT(proxyAuthenticationRequired(QNetworkProxy,QAuthenticator*))); -// this->socket = &socket; QSslCertificate cert; QFETCH(QList<QSslError>, expectedSslErrors); @@ -2780,11 +2766,11 @@ void tst_QSslSocket::writeBigChunk() // no better way to do this right now since the error is the same as the default error. if (socket->errorString().startsWith(QLatin1String("Unable to write data"))) { - qWarning() << socket->error() << socket->errorString(); + qWarning() << socket->socketError() << socket->errorString(); QFAIL("Error while writing! Check if the OpenSSL BIO size is limited?!"); } // also check the error string. If another error (than UnknownError) occurred, it should be different than before - QVERIFY2(errorBefore == errorAfter || socket->error() == QAbstractSocket::RemoteHostClosedError, + QVERIFY2(errorBefore == errorAfter || socket->socketError() == QAbstractSocket::RemoteHostClosedError, QByteArray("unexpected error: ").append(qPrintable(errorAfter))); // check that everything has been written to OpenSSL @@ -2823,7 +2809,7 @@ void tst_QSslSocket::blacklistedCertificates() connect(receiver, SIGNAL(sslErrors(QList<QSslError>)), SLOT(exitLoop())); connect(receiver, SIGNAL(encrypted()), SLOT(exitLoop())); enterLoop(1); - QList<QSslError> sslErrors = receiver->sslErrors(); + QList<QSslError> sslErrors = receiver->sslHandshakeErrors(); QVERIFY(sslErrors.count() > 0); // there are more errors (self signed cert and hostname mismatch), but we only care about the blacklist error QCOMPARE(sslErrors.at(0).error(), QSslError::CertificateBlacklisted); @@ -2979,7 +2965,7 @@ void tst_QSslSocket::resume() QCOMPARE(encryptedSpy.count(), 0); QVERIFY(!socket.isEncrypted()); QCOMPARE(errorSpy.count(), 1); - QCOMPARE(socket.error(), QAbstractSocket::SslHandshakeFailedError); + QCOMPARE(socket.socketError(), QAbstractSocket::SslHandshakeFailedError); } } @@ -4050,9 +4036,6 @@ void tst_QSslSocket::ephemeralServerKey_data() QTest::addColumn<QString>("cipher"); QTest::addColumn<bool>("emptyKey"); -#if !QT_CONFIG(opensslv11) // 1.1 drops support for RC4-SHA - QTest::newRow("NonForwardSecrecyCipher") << "RC4-SHA" << true; -#endif // !opensslv11 QTest::newRow("ForwardSecrecyCipher") << "ECDHE-RSA-AES256-SHA" << (QSslSocket::sslLibraryVersionNumber() < 0x10002000L); } @@ -4177,9 +4160,6 @@ void tst_QSslSocket::signatureAlgorithm_data() if (!QSslSocket::supportsSsl()) QSKIP("Signature algorithms cannot be tested without SSL support"); - if (QSslSocket::sslLibraryVersionNumber() < 0x10002000L) - QSKIP("Signature algorithms cannot be tested with OpenSSL < 1.0.2"); - if (QSslSocket::sslLibraryVersionNumber() >= 0x10101000L) { // FIXME: investigate if this test makes any sense with TLS 1.3. QSKIP("Test is not valid for TLS 1.3/OpenSSL 1.1.1"); @@ -4329,30 +4309,33 @@ void tst_QSslSocket::forwardReadChannelFinished() #endif // QT_NO_OPENSSL -void tst_QSslSocket::disabledProtocols_data() +void tst_QSslSocket::unsupportedProtocols_data() { - QTest::addColumn<QSsl::SslProtocol>("disabledProtocol"); - QTest::newRow("SslV2") << QSsl::SslV2; - QTest::newRow("SslV3") << QSsl::SslV3; + QTest::addColumn<QSsl::SslProtocol>("unsupportedProtocol"); + QTest::newRow("DtlsV1_0") << QSsl::DtlsV1_0; + QTest::newRow("DtlsV1_2") << QSsl::DtlsV1_2; + QTest::newRow("DtlsV1_0OrLater") << QSsl::DtlsV1_0OrLater; + QTest::newRow("DtlsV1_2OrLater") << QSsl::DtlsV1_2OrLater; + QTest::newRow("UnknownProtocol") << QSsl::UnknownProtocol; } -void tst_QSslSocket::disabledProtocols() +void tst_QSslSocket::unsupportedProtocols() { QFETCH_GLOBAL(const bool, setProxy); if (setProxy) return; - QFETCH(const QSsl::SslProtocol, disabledProtocol); + QFETCH(const QSsl::SslProtocol, unsupportedProtocol); const int timeoutMS = 500; // Test a client socket. { // 0. connectToHostEncrypted: client-side, non-blocking API, error is discovered // early, preventing any real connection from ever starting. QSslSocket socket; - socket.setProtocol(disabledProtocol); - QCOMPARE(socket.error(), QAbstractSocket::UnknownSocketError); + socket.setProtocol(unsupportedProtocol); + QCOMPARE(socket.socketError(), QAbstractSocket::UnknownSocketError); socket.connectToHostEncrypted(QStringLiteral("doesnotmatter.org"), 1010); - QCOMPARE(socket.error(), QAbstractSocket::SslInvalidUserDataError); + QCOMPARE(socket.socketError(), QAbstractSocket::SslInvalidUserDataError); QCOMPARE(socket.state(), QAbstractSocket::UnconnectedState); } { @@ -4362,14 +4345,14 @@ void tst_QSslSocket::disabledProtocols() QVERIFY(server.listen()); QSslSocket socket; - QCOMPARE(socket.error(), QAbstractSocket::UnknownSocketError); + QCOMPARE(socket.socketError(), QAbstractSocket::UnknownSocketError); socket.connectToHost(QHostAddress::LocalHost, server.serverPort()); QVERIFY(socket.waitForConnected(timeoutMS)); - socket.setProtocol(disabledProtocol); + socket.setProtocol(unsupportedProtocol); socket.startClientEncryption(); - QCOMPARE(socket.error(), QAbstractSocket::SslInvalidUserDataError); + QCOMPARE(socket.socketError(), QAbstractSocket::SslInvalidUserDataError); } { // 2. waitForEncrypted: client-side, blocking API plus requires from us @@ -4381,7 +4364,7 @@ void tst_QSslSocket::disabledProtocols() // and then calls startServerEncryption() (which must fall). { SslServer server; - server.protocol = disabledProtocol; + server.protocol = unsupportedProtocol; QVERIFY(server.listen()); QTestEventLoop loop; @@ -4393,12 +4376,172 @@ void tst_QSslSocket::disabledProtocols() loop.enterLoopMSecs(timeoutMS); QVERIFY(!loop.timeout()); QVERIFY(server.socket); - QCOMPARE(server.socket->error(), QAbstractSocket::SslInvalidUserDataError); + QCOMPARE(server.socket->socketError(), QAbstractSocket::SslInvalidUserDataError); + } +} + +void tst_QSslSocket::oldErrorsOnSocketReuse() +{ + QFETCH_GLOBAL(bool, setProxy); + if (setProxy) + return; // not relevant + SslServer server; + server.protocol = QSsl::TlsV1_1; + server.m_certFile = testDataDir + "certs/fluke.cert"; + server.m_keyFile = testDataDir + "certs/fluke.key"; + QVERIFY(server.listen(QHostAddress::SpecialAddress::LocalHost)); + + QSslSocket socket; + socket.setProtocol(QSsl::TlsV1_1); + QList<QSslError> errorList; + auto connection = connect(&socket, QOverload<const QList<QSslError> &>::of(&QSslSocket::sslErrors), + [&socket, &errorList](const QList<QSslError> &errors) { + errorList += errors; + socket.ignoreSslErrors(errors); + socket.resume(); + }); + + socket.connectToHostEncrypted(QString::fromLatin1("localhost"), server.serverPort()); + QVERIFY(QTest::qWaitFor([&socket](){ return socket.isEncrypted(); })); + socket.disconnectFromHost(); + if (socket.state() != QAbstractSocket::UnconnectedState) { + QVERIFY(QTest::qWaitFor( + [&socket](){ + return socket.state() == QAbstractSocket::UnconnectedState; + })); + } + + auto oldList = errorList; + errorList.clear(); + server.close(); + server.m_certFile = testDataDir + "certs/bogus-client.crt"; + server.m_keyFile = testDataDir + "certs/bogus-client.key"; + QVERIFY(server.listen(QHostAddress::SpecialAddress::LocalHost)); + + socket.connectToHostEncrypted(QString::fromLatin1("localhost"), server.serverPort()); + QVERIFY(QTest::qWaitFor([&socket](){ return socket.isEncrypted(); })); + + for (const auto &error : oldList) { + QVERIFY2(!errorList.contains(error), + "The new errors should not contain any of the old ones"); } } #endif // QT_NO_SSL +#if QT_CONFIG(openssl) + +void (QSslSocket::*const tlsErrorSignal)(const QList<QSslError> &) = &QSslSocket::sslErrors; +void (QAbstractSocket::*const socketErrorSignal)(QAbstractSocket::SocketError) = &QAbstractSocket::error; + +void tst_QSslSocket::alertMissingCertificate() +{ + // In this test we want a server to abort the connection due to the failing + // client authentication. The server expected to send an alert before closing + // the connection, and the client expected to receive this alert and report it. + + QFETCH_GLOBAL(const bool, setProxy); + if (setProxy) // Not what we test here, bail out. + return; + + SslServer server; + if (!server.listen(QHostAddress::LocalHost)) + QSKIP("SslServer::listen() returned false"); + + // We want a certificate request to be sent to the client: + server.peerVerifyMode = QSslSocket::VerifyPeer; + // The only way we can force OpenSSL to send an alert - is to use + // a special option (so we fail before handshake is finished): + server.config.setMissingCertificateIsFatal(true); + + QSslSocket clientSocket; + connect(&clientSocket, tlsErrorSignal, [&clientSocket](const QList<QSslError> &errors){ + qDebug() << "ERR"; + clientSocket.ignoreSslErrors(errors); + }); + + QSignalSpy serverSpy(&server, &SslServer::alertSent); + QSignalSpy clientSpy(&clientSocket, &QSslSocket::alertReceived); + + clientSocket.connectToHostEncrypted(server.serverAddress().toString(), server.serverPort()); + + QTestEventLoop runner; + QTimer::singleShot(500, [&runner](){ + runner.exitLoop(); + }); + + int waitFor = 2; + auto earlyQuitter = [&runner, &waitFor](QAbstractSocket::SocketError) { + if (!--waitFor) + runner.exitLoop(); + }; + + // Presumably, RemoteHostClosedError for the client and SslHandshakeError + // for the server: + connect(&clientSocket, socketErrorSignal, earlyQuitter); + connect(&server, &SslServer::socketError, earlyQuitter); + + runner.enterLoopMSecs(1000); + + QVERIFY(serverSpy.count() > 0); + QVERIFY(clientSpy.count() > 0); + QVERIFY(server.socket && !server.socket->isEncrypted()); + QVERIFY(!clientSocket.isEncrypted()); +} + +void tst_QSslSocket::alertInvalidCertificate() +{ + // In this test a client will not ignore verification errors, + // it also will do 'early' checks, meaning the reported and + // not ignored _during_ the hanshake, not after. This ensures + // OpenSSL sends an alert. + QFETCH_GLOBAL(const bool, setProxy); + if (setProxy) // Not what we test here, bail out. + return; + + SslServer server; + if (!server.listen(QHostAddress::LocalHost)) + QSKIP("SslServer::listen() returned false"); + + QSslSocket clientSocket; + auto configuration = QSslConfiguration::defaultConfiguration(); + configuration.setHandshakeMustInterruptOnError(true); + QVERIFY(configuration.handshakeMustInterruptOnError()); + clientSocket.setSslConfiguration(configuration); + + QSignalSpy serverSpy(&server, &SslServer::gotAlert); + QSignalSpy clientSpy(&clientSocket, &QSslSocket::alertSent); + QSignalSpy interruptedSpy(&clientSocket, &QSslSocket::handshakeInterruptedOnError); + + clientSocket.connectToHostEncrypted(server.serverAddress().toString(), server.serverPort()); + + QTestEventLoop runner; + QTimer::singleShot(500, [&runner](){ + runner.exitLoop(); + }); + + int waitFor = 2; + auto earlyQuitter = [&runner, &waitFor](QAbstractSocket::SocketError) { + if (!--waitFor) + runner.exitLoop(); + }; + + // Presumably, RemoteHostClosedError for the server and SslHandshakeError + // for the client: + connect(&clientSocket, socketErrorSignal, earlyQuitter); + connect(&server, &SslServer::socketError, earlyQuitter); + + runner.enterLoopMSecs(1000); + + QVERIFY(serverSpy.count() > 0); + QVERIFY(clientSpy.count() > 0); + QVERIFY(interruptedSpy.count() > 0); + QVERIFY(server.socket && !server.socket->isEncrypted()); + QVERIFY(!clientSocket.isEncrypted()); +} + +#endif // openssl + QTEST_MAIN(tst_QSslSocket) #include "tst_qsslsocket.moc" diff --git a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/CMakeLists.txt b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/CMakeLists.txt index 7a8053cca2..c377e0a46a 100644 --- a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/CMakeLists.txt @@ -1,24 +1,25 @@ # Generated from qsslsocket_onDemandCertificates_member.pro. +if(NOT QT_FEATURE_private_tests) + return() +endif() + ##################################################################### ## tst_qsslsocket_onDemandCertificates_member Test: ##################################################################### add_qt_test(tst_qsslsocket_onDemandCertificates_member - GUI SOURCES tst_qsslsocket_onDemandCertificates_member.cpp DEFINES SRCDIR=\\\"${CMAKE_CURRENT_SOURCE_DIR}/\\\" - LIBRARIES + PUBLIC_LIBRARIES Qt::CorePrivate Qt::NetworkPrivate - PUBLIC_LIBRARIES - Qt::Network ) #### Keys ignored in scope 1:.:.:qsslsocket_onDemandCertificates_member.pro:<TRUE>: -# CONFIG = "testcase" +# _REQUIREMENTS = "qtConfig(private_tests)" # testcase.timeout = "300" ## Scopes: @@ -31,5 +32,4 @@ add_qt_test(tst_qsslsocket_onDemandCertificates_member # DESTDIR = "release" #### Keys ignored in scope 5:.:.:qsslsocket_onDemandCertificates_member.pro:LINUX: -# CONFIG = "unsupported/testserver" # QT_TEST_SERVER_LIST = "squid" "danted" diff --git a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/tst_qsslsocket_onDemandCertificates_member.cpp b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/tst_qsslsocket_onDemandCertificates_member.cpp index 3b28e7a803..ad9554c7a5 100644 --- a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/tst_qsslsocket_onDemandCertificates_member.cpp +++ b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/tst_qsslsocket_onDemandCertificates_member.cpp @@ -109,7 +109,8 @@ void tst_QSslSocket_onDemandCertificates_member::initTestCase() QVERIFY(QtNetworkSettings::verifyConnection(QtNetworkSettings::httpProxyServerName(), 3129)); QVERIFY(QtNetworkSettings::verifyConnection(QtNetworkSettings::httpProxyServerName(), 3130)); #else - QVERIFY(QtNetworkSettings::verifyTestNetworkSettings()); + if (!QtNetworkSettings::verifyTestNetworkSettings()) + QSKIP("No network test server available"); #endif // QT_TEST_SERVER } diff --git a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/CMakeLists.txt b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/CMakeLists.txt index 9aa741ac68..f3a3178879 100644 --- a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/CMakeLists.txt @@ -1,24 +1,25 @@ # Generated from qsslsocket_onDemandCertificates_static.pro. +if(NOT QT_FEATURE_private_tests) + return() +endif() + ##################################################################### ## tst_qsslsocket_onDemandCertificates_static Test: ##################################################################### add_qt_test(tst_qsslsocket_onDemandCertificates_static - GUI SOURCES tst_qsslsocket_onDemandCertificates_static.cpp DEFINES SRCDIR=\\\"${CMAKE_CURRENT_SOURCE_DIR}/\\\" - LIBRARIES + PUBLIC_LIBRARIES Qt::CorePrivate Qt::NetworkPrivate - PUBLIC_LIBRARIES - Qt::Network ) #### Keys ignored in scope 1:.:.:qsslsocket_onDemandCertificates_static.pro:<TRUE>: -# CONFIG = "testcase" +# _REQUIREMENTS = "qtConfig(private_tests)" ## Scopes: ##################################################################### @@ -30,5 +31,4 @@ add_qt_test(tst_qsslsocket_onDemandCertificates_static # DESTDIR = "release" #### Keys ignored in scope 5:.:.:qsslsocket_onDemandCertificates_static.pro:LINUX: -# CONFIG = "unsupported/testserver" # QT_TEST_SERVER_LIST = "squid" "danted" diff --git a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/tst_qsslsocket_onDemandCertificates_static.cpp b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/tst_qsslsocket_onDemandCertificates_static.cpp index a441d13619..b4a41b57e6 100644 --- a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/tst_qsslsocket_onDemandCertificates_static.cpp +++ b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/tst_qsslsocket_onDemandCertificates_static.cpp @@ -105,7 +105,8 @@ void tst_QSslSocket_onDemandCertificates_static::initTestCase() QVERIFY(QtNetworkSettings::verifyConnection(QtNetworkSettings::httpProxyServerName(), 3129)); QVERIFY(QtNetworkSettings::verifyConnection(QtNetworkSettings::httpProxyServerName(), 3130)); #else - QVERIFY(QtNetworkSettings::verifyTestNetworkSettings()); + if (!QtNetworkSettings::verifyTestNetworkSettings()) + QSKIP("No network test server available"); #endif // QT_TEST_SERVER } |