diff options
Diffstat (limited to 'tests/auto/network/ssl')
35 files changed, 373 insertions, 278 deletions
diff --git a/tests/auto/network/ssl/CMakeLists.txt b/tests/auto/network/ssl/CMakeLists.txt index 38643bcd9a..b11b15b6ba 100644 --- a/tests/auto/network/ssl/CMakeLists.txt +++ b/tests/auto/network/ssl/CMakeLists.txt @@ -1,8 +1,6 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from ssl.pro. - add_subdirectory(qpassworddigestor) if(QT_FEATURE_ssl) add_subdirectory(qsslcertificate) @@ -15,7 +13,7 @@ if(QT_FEATURE_private_tests AND QT_FEATURE_ssl) add_subdirectory(qsslsocket) add_subdirectory(qsslsocket_onDemandCertificates_member) add_subdirectory(qsslsocket_onDemandCertificates_static) -# add_subdirectory(qasn1element) + add_subdirectory(qasn1element) add_subdirectory(qssldiffiehellmanparameters) add_subdirectory(qsslserver) endif() diff --git a/tests/auto/network/ssl/qasn1element/CMakeLists.txt b/tests/auto/network/ssl/qasn1element/CMakeLists.txt index e9ad1d8c17..7b01a0b22d 100644 --- a/tests/auto/network/ssl/qasn1element/CMakeLists.txt +++ b/tests/auto/network/ssl/qasn1element/CMakeLists.txt @@ -1,16 +1,26 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qasn1element.pro. - ##################################################################### ## tst_qasn1element Test: ##################################################################### +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qasn1element LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + qt_internal_add_test(tst_qasn1element SOURCES tst_qasn1element.cpp + ../../../../../src/plugins/tls/shared/qasn1element_p.h + ../../../../../src/plugins/tls/shared/qasn1element.cpp + INCLUDE_DIRECTORIES + ../../../../../src/plugins/tls/shared LIBRARIES + Qt::Core Qt::Network Qt::NetworkPrivate + BUNDLE_ANDROID_OPENSSL_LIBS ) diff --git a/tests/auto/network/ssl/qasn1element/tst_qasn1element.cpp b/tests/auto/network/ssl/qasn1element/tst_qasn1element.cpp index a788114daa..a54f0bd9d8 100644 --- a/tests/auto/network/ssl/qasn1element/tst_qasn1element.cpp +++ b/tests/auto/network/ssl/qasn1element/tst_qasn1element.cpp @@ -1,9 +1,12 @@ // Copyright (C) 2014 Jeremy Lainé <jeremy.laine@m4x.org> -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only +#include "qasn1element_p.h" #include <QTest> -#include "private/qasn1element_p.h" + +#include <QtCore/QDateTime> +#include <QtCore/QTimeZone> class tst_QAsn1Element : public QObject { @@ -102,7 +105,7 @@ void tst_QAsn1Element::dateTime_data() << QDateTime(); QTest::newRow("UTCTime - 070417074026Z") << QByteArray::fromHex("170d3037303431373037343032365a") - << QDateTime(QDate(2007, 4, 17), QTime(7, 40, 26), Qt::UTC); + << QDateTime(QDate(2007, 4, 17), QTime(7, 40, 26), QTimeZone::UTC); QTest::newRow("UTCTime - bad length") << QByteArray::fromHex("170c30373034313730373430325a") << QDateTime(); @@ -111,16 +114,19 @@ void tst_QAsn1Element::dateTime_data() << QDateTime(); QTest::newRow("UTCTime - year 1950") << QByteArray::fromHex("170d3530313232343035353530305a") - << QDateTime(QDate(1950, 12, 24), QTime(5, 55), Qt::UTC); + << QDateTime(QDate(1950, 12, 24), QTime(5, 55), QTimeZone::UTC); QTest::newRow("UTCTime - year 1999") << QByteArray::fromHex("170d3939313232343035353530305a") - << QDateTime(QDate(1999, 12, 24), QTime(5, 55), Qt::UTC); + << QDateTime(QDate(1999, 12, 24), QTime(5, 55), QTimeZone::UTC); QTest::newRow("UTCTime - year 2000") << QByteArray::fromHex("170d3030313232343035353530305a") - << QDateTime(QDate(2000, 12, 24), QTime(5, 55), Qt::UTC); + << QDateTime(QDate(2000, 12, 24), QTime(5, 55), QTimeZone::UTC); + QTest::newRow("UTCTime - leap day year 2000") + << QByteArray::fromHex("170d3030303232393035353530305a") + << QDateTime(QDate(2000, 2, 29), QTime(5, 55), QTimeZone::UTC); QTest::newRow("UTCTime - year 2049") << QByteArray::fromHex("170d3439313232343035353530305a") - << QDateTime(QDate(2049, 12, 24), QTime(5, 55), Qt::UTC); + << QDateTime(QDate(2049, 12, 24), QTime(5, 55), QTimeZone::UTC); QTest::newRow("UTCTime - invalid year ('-9')") << QByteArray::fromHex("170d2d39313232343035353530305a") << QDateTime(); @@ -138,7 +144,7 @@ void tst_QAsn1Element::dateTime_data() << QDateTime(); QTest::newRow("GeneralizedTime - 20510829095341Z") << QByteArray::fromHex("180f32303531303832393039353334315a") - << QDateTime(QDate(2051, 8, 29), QTime(9, 53, 41), Qt::UTC); + << QDateTime(QDate(2051, 8, 29), QTime(9, 53, 41), QTimeZone::UTC); QTest::newRow("GeneralizedTime - bad length") << QByteArray::fromHex("180e323035313038323930393533345a") << QDateTime(); diff --git a/tests/auto/network/ssl/qdtls/CMakeLists.txt b/tests/auto/network/ssl/qdtls/CMakeLists.txt index bcb077a49f..1d5eef094c 100644 --- a/tests/auto/network/ssl/qdtls/CMakeLists.txt +++ b/tests/auto/network/ssl/qdtls/CMakeLists.txt @@ -1,12 +1,16 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qdtls.pro. - ##################################################################### ## tst_qdtls Test: ##################################################################### +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qdtls LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + # Collect test data list(APPEND test_data "certs") @@ -16,13 +20,5 @@ qt_internal_add_test(tst_qdtls LIBRARIES Qt::NetworkPrivate TESTDATA ${test_data} + BUNDLE_ANDROID_OPENSSL_LIBS ) - -## Scopes: -##################################################################### - -#### Keys ignored in scope 3:.:.:qdtls.pro:(CMAKE_BUILD_TYPE STREQUAL Debug): -# DESTDIR = "debug" - -#### Keys ignored in scope 4:.:.:qdtls.pro:else: -# DESTDIR = "release" diff --git a/tests/auto/network/ssl/qdtls/tst_qdtls.cpp b/tests/auto/network/ssl/qdtls/tst_qdtls.cpp index 4ec4c1ef81..372ee3a181 100644 --- a/tests/auto/network/ssl/qdtls/tst_qdtls.cpp +++ b/tests/auto/network/ssl/qdtls/tst_qdtls.cpp @@ -1,5 +1,5 @@ // Copyright (C) 2021 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> #include <QTestEventLoop> @@ -26,6 +26,8 @@ #include <algorithm> +using namespace std::chrono_literals; + QT_BEGIN_NAMESPACE namespace @@ -127,8 +129,8 @@ private: DtlsPtr clientCrypto; QTestEventLoop testLoop; - const int handshakeTimeoutMS = 5000; - const int dataExchangeTimeoutMS = 1000; + static constexpr auto HandshakeTimeout = 5s; + static constexpr auto DataExchangeTimeout = 1s; const QByteArray presharedKey = "DEADBEEFDEADBEEF"; QString certDirPath; @@ -413,7 +415,7 @@ void tst_QDtls::handshake() QDTLS_VERIFY_NO_ERROR(clientCrypto); QCOMPARE(clientCrypto->handshakeState(), QDtls::HandshakeInProgress); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); @@ -473,7 +475,7 @@ void tst_QDtls::handshakeWithRetransmission() // client will re-transmit in 1s., the first part of 'ServerHello' to be // dropped, the client then will re-transmit after another 2 s. Thus it's ~3. // We err on safe side and double our (already quite generous) 5s. - testLoop.enterLoopMSecs(handshakeTimeoutMS * 2); + testLoop.enterLoop(HandshakeTimeout * 2); QVERIFY(!testLoop.timeout()); QDTLS_VERIFY_HANDSHAKE_SUCCESS(serverCrypto); @@ -496,7 +498,7 @@ void tst_QDtls::sessionCipher() QVERIFY(clientCrypto->setPeer(serverAddress, serverPort, hostName)); QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QDTLS_VERIFY_HANDSHAKE_SUCCESS(clientCrypto); @@ -559,7 +561,7 @@ void tst_QDtls::cipherPreferences() QVERIFY(clientCrypto->doHandshake(&clientSocket)); QDTLS_VERIFY_NO_ERROR(clientCrypto); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QDTLS_VERIFY_HANDSHAKE_SUCCESS(clientCrypto); QDTLS_VERIFY_HANDSHAKE_SUCCESS(serverCrypto); @@ -579,28 +581,36 @@ void tst_QDtls::protocolVersionMatching_data() QTest::addColumn<QSsl::SslProtocol>("clientProtocol"); QTest::addColumn<bool>("works"); + //OPENSSL_VERSION_NUMBER : + //(OPENSSL_VERSION_MAJOR<<28) | (OPENSSL_VERSION_MINOR<<20) | (OPENSSL_VERSION_PATCH<<4) + const long ossl311 = 0x30100010; + + if (QSslSocket::sslLibraryVersionNumber() < ossl311) { #if QT_DEPRECATED_SINCE(6, 3) QT_WARNING_PUSH QT_WARNING_DISABLE_DEPRECATED - QTest::addRow("DtlsV1_0 <-> DtlsV1_0") << QSsl::DtlsV1_0 << QSsl::DtlsV1_0 << true; - QTest::addRow("DtlsV1_0OrLater <-> DtlsV1_0") << QSsl::DtlsV1_0OrLater << QSsl::DtlsV1_0 << true; - QTest::addRow("DtlsV1_0 <-> DtlsV1_0OrLater") << QSsl::DtlsV1_0 << QSsl::DtlsV1_0OrLater << true; - QTest::addRow("DtlsV1_0OrLater <-> DtlsV1_0OrLater") << QSsl::DtlsV1_0OrLater << QSsl::DtlsV1_0OrLater << true; + QTest::addRow("DtlsV1_0 <-> DtlsV1_0") << QSsl::DtlsV1_0 << QSsl::DtlsV1_0 << true; + QTest::addRow("DtlsV1_0OrLater <-> DtlsV1_0") << QSsl::DtlsV1_0OrLater << QSsl::DtlsV1_0 << true; + QTest::addRow("DtlsV1_0 <-> DtlsV1_0OrLater") << QSsl::DtlsV1_0 << QSsl::DtlsV1_0OrLater << true; + QTest::addRow("DtlsV1_0OrLater <-> DtlsV1_0OrLater") << QSsl::DtlsV1_0OrLater << QSsl::DtlsV1_0OrLater << true; QT_WARNING_POP #endif // QT_DEPRECATED_SINCE(6, 3) + } QTest::addRow("DtlsV1_2 <-> DtlsV1_2") << QSsl::DtlsV1_2 << QSsl::DtlsV1_2 << true; QTest::addRow("DtlsV1_2OrLater <-> DtlsV1_2") << QSsl::DtlsV1_2OrLater << QSsl::DtlsV1_2 << true; QTest::addRow("DtlsV1_2 <-> DtlsV1_2OrLater") << QSsl::DtlsV1_2 << QSsl::DtlsV1_2OrLater << true; QTest::addRow("DtlsV1_2OrLater <-> DtlsV1_2OrLater") << QSsl::DtlsV1_2OrLater << QSsl::DtlsV1_2OrLater << true; + if (QSslSocket::sslLibraryVersionNumber() < ossl311) { #if QT_DEPRECATED_SINCE(6, 3) QT_WARNING_PUSH QT_WARNING_DISABLE_DEPRECATED - QTest::addRow("DtlsV1_0 <-> DtlsV1_2") << QSsl::DtlsV1_0 << QSsl::DtlsV1_2 << false; - QTest::addRow("DtlsV1_0 <-> DtlsV1_2OrLater") << QSsl::DtlsV1_0 << QSsl::DtlsV1_2OrLater << false; - QTest::addRow("DtlsV1_2 <-> DtlsV1_0") << QSsl::DtlsV1_2 << QSsl::DtlsV1_0 << false; - QTest::addRow("DtlsV1_2OrLater <-> DtlsV1_0") << QSsl::DtlsV1_2OrLater << QSsl::DtlsV1_0 << false; + QTest::addRow("DtlsV1_0 <-> DtlsV1_2") << QSsl::DtlsV1_0 << QSsl::DtlsV1_2 << false; + QTest::addRow("DtlsV1_0 <-> DtlsV1_2OrLater") << QSsl::DtlsV1_0 << QSsl::DtlsV1_2OrLater << false; + QTest::addRow("DtlsV1_2 <-> DtlsV1_0") << QSsl::DtlsV1_2 << QSsl::DtlsV1_0 << false; + QTest::addRow("DtlsV1_2OrLater <-> DtlsV1_0") << QSsl::DtlsV1_2OrLater << QSsl::DtlsV1_0 << false; QT_WARNING_POP -#endif // QT_DEPRECATED_SINCE(6, 3) +#endif // QT_DEPRECATED_SINCE(6, 3 + } } void tst_QDtls::protocolVersionMatching() @@ -626,7 +636,7 @@ void tst_QDtls::protocolVersionMatching() QVERIFY(clientCrypto->setPeer(serverAddress, serverPort)); QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); if (works) { QDTLS_VERIFY_HANDSHAKE_SUCCESS(serverCrypto); @@ -661,7 +671,7 @@ void tst_QDtls::verificationErrors() // Now we are ready for handshake: QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QDTLS_VERIFY_NO_ERROR(serverCrypto); @@ -731,7 +741,7 @@ void tst_QDtls::presetExpectedErrors() QVERIFY(clientCrypto->setPeer(serverAddress, serverPort)); QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); @@ -818,7 +828,7 @@ void tst_QDtls::verifyServerCertificate() QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); if (serverKey.isNull() && !serverCerts.isEmpty()) { @@ -948,7 +958,7 @@ void tst_QDtls::verifyClientCertificate() QVERIFY(clientCrypto->doHandshake(&clientSocket)); QDTLS_VERIFY_NO_ERROR(clientCrypto); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); serverConfig = serverCrypto->dtlsConfiguration(); @@ -995,7 +1005,7 @@ void tst_QDtls::blacklistedCerificate() QVERIFY(clientCrypto->setPeer(serverAddress, serverPort, name)); QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QCOMPARE(clientCrypto->handshakeState(), QDtls::PeerVerificationFailed); QCOMPARE(clientCrypto->dtlsError(), QDtlsError::PeerVerificationError); @@ -1047,7 +1057,7 @@ void tst_QDtls::readWriteEncrypted() QCOMPARE(clientCrypto->dtlsError(), QDtlsError::InvalidOperation); // 1.2 Finish the handshake: - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QDTLS_VERIFY_HANDSHAKE_SUCCESS(clientCrypto); @@ -1065,7 +1075,7 @@ void tst_QDtls::readWriteEncrypted() QVERIFY(clientBytesWritten > 0); // 5. Exchange client/server messages: - testLoop.enterLoopMSecs(dataExchangeTimeoutMS); + testLoop.enterLoop(DataExchangeTimeout); QVERIFY(!testLoop.timeout()); QCOMPARE(serverExpectedPlainText, serverReceivedPlainText); @@ -1083,7 +1093,7 @@ void tst_QDtls::readWriteEncrypted() QCOMPARE(crypto->handshakeState(), QDtls::HandshakeNotStarted); QVERIFY(!crypto->isConnectionEncrypted()); // 8. Receive this read notification and handle it: - testLoop.enterLoopMSecs(dataExchangeTimeoutMS); + testLoop.enterLoop(DataExchangeTimeout); QVERIFY(!testLoop.timeout()); DtlsPtr &peerCrypto = serverSideShutdown ? clientCrypto : serverCrypto; @@ -1108,7 +1118,7 @@ void tst_QDtls::datagramFragmentation() QVERIFY(clientCrypto->doHandshake(&clientSocket)); - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QDTLS_VERIFY_HANDSHAKE_SUCCESS(clientCrypto); diff --git a/tests/auto/network/ssl/qdtlscookie/CMakeLists.txt b/tests/auto/network/ssl/qdtlscookie/CMakeLists.txt index 75b43ac9d4..d965c7efb6 100644 --- a/tests/auto/network/ssl/qdtlscookie/CMakeLists.txt +++ b/tests/auto/network/ssl/qdtlscookie/CMakeLists.txt @@ -1,24 +1,20 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qdtlscookie.pro. - ##################################################################### ## tst_qdtlscookie Test: ##################################################################### +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qdtlscookie LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + qt_internal_add_test(tst_qdtlscookie SOURCES tst_qdtlscookie.cpp LIBRARIES Qt::NetworkPrivate + BUNDLE_ANDROID_OPENSSL_LIBS ) - -## Scopes: -##################################################################### - -#### Keys ignored in scope 3:.:.:qdtlscookie.pro:(CMAKE_BUILD_TYPE STREQUAL Debug): -# DESTDIR = "debug" - -#### Keys ignored in scope 4:.:.:qdtlscookie.pro:else: -# DESTDIR = "release" diff --git a/tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp b/tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp index 55322608f2..167a196104 100644 --- a/tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp +++ b/tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp @@ -1,5 +1,5 @@ // Copyright (C) 2021 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> #include <QTestEventLoop> @@ -22,6 +22,8 @@ #include <utility> #include <vector> +using namespace std::chrono_literals; + QT_BEGIN_NAMESPACE #define STOP_ON_FAILURE \ @@ -76,7 +78,7 @@ private: quint16 serverPort = 0; QTestEventLoop testLoop; - int handshakeTimeoutMS = 500; + static constexpr auto HandshakeTimeout = 500ms; QDtlsClientVerifier listener; using HandshakePtr = QSharedPointer<QDtls>; @@ -327,7 +329,7 @@ void tst_QDtlsCookie::verifyMultipleClients() clientsToAdd = clientsToWait = 100; - testLoop.enterLoopMSecs(handshakeTimeoutMS * clientsToWait); + testLoop.enterLoop(HandshakeTimeout * clientsToWait); QVERIFY(!testLoop.timeout()); QVERIFY(clientsToWait == 0); } @@ -351,7 +353,7 @@ void tst_QDtlsCookie::receiveMessage(QUdpSocket *socket, QByteArray *message, Q_ASSERT(socket && message); if (socket->pendingDatagramSize() <= 0) - testLoop.enterLoopMSecs(handshakeTimeoutMS); + testLoop.enterLoop(HandshakeTimeout); QVERIFY(!testLoop.timeout()); QVERIFY(socket->pendingDatagramSize()); diff --git a/tests/auto/network/ssl/qocsp/CMakeLists.txt b/tests/auto/network/ssl/qocsp/CMakeLists.txt index 384c7b9426..98d38ec1c0 100644 --- a/tests/auto/network/ssl/qocsp/CMakeLists.txt +++ b/tests/auto/network/ssl/qocsp/CMakeLists.txt @@ -1,31 +1,26 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qocsp.pro. - ##################################################################### ## tst_qocsp Test: ##################################################################### +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qocsp LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + qt_internal_add_test(tst_qocsp SOURCES tst_qocsp.cpp LIBRARIES Qt::Network Qt::NetworkPrivate + BUNDLE_ANDROID_OPENSSL_LIBS ) qt_internal_extend_target(tst_qocsp CONDITION QT_FEATURE_openssl_linked LIBRARIES WrapOpenSSL::WrapOpenSSL ) - - -## Scopes: -##################################################################### - -#### Keys ignored in scope 3:.:.:qocsp.pro:(CMAKE_BUILD_TYPE STREQUAL Debug): -# DESTDIR = "debug" - -#### Keys ignored in scope 4:.:.:qocsp.pro:else: -# DESTDIR = "release" diff --git a/tests/auto/network/ssl/qocsp/tst_qocsp.cpp b/tests/auto/network/ssl/qocsp/tst_qocsp.cpp index cde8d43257..81ce030be0 100644 --- a/tests/auto/network/ssl/qocsp/tst_qocsp.cpp +++ b/tests/auto/network/ssl/qocsp/tst_qocsp.cpp @@ -1,5 +1,5 @@ // Copyright (C) 2018 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> #include <QTestEventLoop> @@ -28,6 +28,8 @@ #include <algorithm> #include <utility> +using namespace std::chrono_literals; + // NOTE: the word 'subject' in the code below means the subject of a status request, // so in general it's our peer's certificate we are asking about. @@ -386,7 +388,7 @@ private: void (QSslSocket::*tlsErrorsSignal)(const QList<QSslError> &) = &QSslSocket::sslErrors; void (QTestEventLoop::*exitLoopSlot)() = &QTestEventLoop::exitLoop; - const int handshakeTimeoutMS = 500; + static constexpr auto HandshakeTimeout = 500ms; QTestEventLoop loop; std::vector<QSslError::SslError> ocspErrorCodes = {QSslError::OcspNoResponseFound, @@ -462,7 +464,7 @@ void tst_QOcsp::connectSelfSigned() auto roots = clientConfig.caCertificates(); setupOcspClient(clientSocket, issuerToChain(subjectChain), server.peerVerifyName()); clientSocket.connectToHostEncrypted(server.hostName(), server.serverPort()); - loop.enterLoopMSecs(handshakeTimeoutMS); + loop.enterLoop(HandshakeTimeout); QVERIFY(!clientSocket.isEncrypted()); QCOMPARE_SINGLE_ERROR(clientSocket, expectedError); @@ -478,7 +480,7 @@ void tst_QOcsp::connectSelfSigned() QSslSocket clientSocket; setupOcspClient(clientSocket, issuerToChain(subjectChain), server.peerVerifyName()); clientSocket.connectToHostEncrypted(server.hostName(), server.serverPort()); - loop.enterLoopMSecs(handshakeTimeoutMS); + loop.enterLoop(HandshakeTimeout); QVERIFY_HANDSHAKE_WITHOUT_ERRORS(clientSocket); @@ -543,7 +545,7 @@ void tst_QOcsp::badStatus() QSslSocket clientSocket; setupOcspClient(clientSocket, issuerToChain(subjectChain), server.peerVerifyName()); clientSocket.connectToHostEncrypted(server.hostName(), server.serverPort()); - loop.enterLoopMSecs(handshakeTimeoutMS); + loop.enterLoop(HandshakeTimeout); QVERIFY(!clientSocket.isEncrypted()); QCOMPARE_SINGLE_ERROR(clientSocket, expectedError.error()); @@ -574,7 +576,7 @@ void tst_QOcsp::multipleSingleResponses() QSslSocket clientSocket; setupOcspClient(clientSocket, issuerToChain(responderChain), server.peerVerifyName()); clientSocket.connectToHostEncrypted(server.hostName(), server.serverPort()); - loop.enterLoopMSecs(handshakeTimeoutMS); + loop.enterLoop(HandshakeTimeout); QVERIFY(!clientSocket.isEncrypted()); QCOMPARE_SINGLE_ERROR(clientSocket, expectedError); @@ -594,7 +596,7 @@ void tst_QOcsp::malformedResponse() QSslSocket clientSocket; setupOcspClient(clientSocket, issuerToChain(serverChain), server.peerVerifyName()); clientSocket.connectToHostEncrypted(server.hostName(), server.serverPort()); - loop.enterLoopMSecs(handshakeTimeoutMS); + loop.enterLoop(HandshakeTimeout); QVERIFY(!clientSocket.isEncrypted()); QCOMPARE(clientSocket.error(), QAbstractSocket::SslHandshakeFailedError); @@ -633,7 +635,7 @@ void tst_QOcsp::expiredResponse() QSslSocket clientSocket; setupOcspClient(clientSocket, issuerToChain(subjectChain), server.peerVerifyName()); clientSocket.connectToHostEncrypted(server.hostName(), server.serverPort()); - loop.enterLoopMSecs(handshakeTimeoutMS); + loop.enterLoop(HandshakeTimeout); QVERIFY(!clientSocket.isEncrypted()); QCOMPARE_SINGLE_ERROR(clientSocket, expectedError); @@ -664,7 +666,7 @@ void tst_QOcsp::noNextUpdate() QSslSocket clientSocket; setupOcspClient(clientSocket, issuerToChain(subjectChain), server.peerVerifyName()); clientSocket.connectToHostEncrypted(server.hostName(), server.serverPort()); - loop.enterLoopMSecs(handshakeTimeoutMS); + loop.enterLoop(HandshakeTimeout); QVERIFY_HANDSHAKE_WITHOUT_ERRORS(clientSocket); } @@ -710,7 +712,7 @@ void tst_QOcsp::wrongCertificateInResponse() QSslSocket clientSocket; setupOcspClient(clientSocket, issuerToChain(subjectChain), server.peerVerifyName()); clientSocket.connectToHostEncrypted(server.hostName(), server.serverPort()); - loop.enterLoopMSecs(handshakeTimeoutMS); + loop.enterLoop(HandshakeTimeout); QVERIFY(!clientSocket.isEncrypted()); QVERIFY(containsError(clientSocket.sslHandshakeErrors(), expectedError)); @@ -735,7 +737,7 @@ void tst_QOcsp::untrustedResponder() QSslSocket clientSocket; setupOcspClient(clientSocket, {}, server.peerVerifyName()); clientSocket.connectToHostEncrypted(server.hostName(), server.serverPort()); - loop.enterLoopMSecs(handshakeTimeoutMS); + loop.enterLoop(HandshakeTimeout); QVERIFY(!clientSocket.isEncrypted()); QVERIFY(containsError(clientSocket.sslHandshakeErrors(), expectedError)); diff --git a/tests/auto/network/ssl/qpassworddigestor/CMakeLists.txt b/tests/auto/network/ssl/qpassworddigestor/CMakeLists.txt index bed1242b88..96491eada9 100644 --- a/tests/auto/network/ssl/qpassworddigestor/CMakeLists.txt +++ b/tests/auto/network/ssl/qpassworddigestor/CMakeLists.txt @@ -1,15 +1,20 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qpassworddigestor.pro. - ##################################################################### ## tst_qpassworddigestor Test: ##################################################################### +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qpassworddigestor LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + qt_internal_add_test(tst_qpassworddigestor SOURCES tst_qpassworddigestor.cpp LIBRARIES Qt::Network + BUNDLE_ANDROID_OPENSSL_LIBS ) diff --git a/tests/auto/network/ssl/qpassworddigestor/tst_qpassworddigestor.cpp b/tests/auto/network/ssl/qpassworddigestor/tst_qpassworddigestor.cpp index 5047fac2dd..1876c955af 100644 --- a/tests/auto/network/ssl/qpassworddigestor/tst_qpassworddigestor.cpp +++ b/tests/auto/network/ssl/qpassworddigestor/tst_qpassworddigestor.cpp @@ -1,5 +1,5 @@ // Copyright (C) 2018 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> #include <QtNetwork/qpassworddigestor.h> diff --git a/tests/auto/network/ssl/qsslcertificate/CMakeLists.txt b/tests/auto/network/ssl/qsslcertificate/CMakeLists.txt index b12723b0c3..6f81a5e030 100644 --- a/tests/auto/network/ssl/qsslcertificate/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslcertificate/CMakeLists.txt @@ -1,18 +1,20 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qsslcertificate.pro. - ##################################################################### ## tst_qsslcertificate Test: ##################################################################### -# special case begin +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qsslcertificate LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + # This test requires private tests to properly build if (NOT QT_FEATURE_private_tests) return() endif() -# special case end # Collect test data file(GLOB_RECURSE test_data_glob @@ -38,4 +40,5 @@ qt_internal_add_test(tst_qsslcertificate LIBRARIES Qt::Network TESTDATA ${test_data} + BUNDLE_ANDROID_OPENSSL_LIBS ) diff --git a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp index 9e2b8b272d..b51053effd 100644 --- a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp +++ b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp @@ -1,17 +1,19 @@ // Copyright (C) 2016 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 - +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> #include <QtNetwork/qtnetworkglobal.h> + +#include <QtCore/qdatetime.h> +#include <QtCore/qtimezone.h> +#include <QtCore/qscopeguard.h> #include <QtCore/qset.h> #include <qsslcertificate.h> #include <qsslkey.h> #include <qsslsocket.h> #include <qsslcertificateextension.h> -#include <qscopeguard.h> #ifndef QT_NO_OPENSSL #include <openssl/opensslv.h> @@ -100,7 +102,31 @@ private slots: #endif // QT_CONFIG(ssl) private: QString testDataDir; - bool isNonOpenSslTls = false; + + enum class TLSBackend { + OpenSSL, + Schannel, + SecureTransport, + CertOnly, + Unknown, + }; + static TLSBackend currentBackend() + { + static TLSBackend activeBackend = []() { + using namespace Qt::StringLiterals; + const QString active = QSslSocket::activeBackend(); + if (active == "openssl"_L1) + return TLSBackend::OpenSSL; + if (active == "schannel") + return TLSBackend::Schannel; + if (active == "securetransport") + return TLSBackend::SecureTransport; + if (active == "cert-only") + return TLSBackend::CertOnly; + return TLSBackend::Unknown; + }(); + return activeBackend; + } }; void tst_QSslCertificate::initTestCase() @@ -111,16 +137,14 @@ void tst_QSslCertificate::initTestCase() if (!testDataDir.endsWith(QLatin1String("/"))) testDataDir += QLatin1String("/"); - isNonOpenSslTls = QSslSocket::activeBackend() != QStringLiteral("openssl"); - QDir dir(testDataDir + "certificates"); - QFileInfoList fileInfoList = dir.entryInfoList(QDir::Files | QDir::Readable); + const QFileInfoList fileInfoList = dir.entryInfoList(QDir::Files | QDir::Readable); QRegularExpression rxCert(QLatin1String("^.+\\.(pem|der)$")); QRegularExpression rxSan(QLatin1String("^(.+\\.(?:pem|der))\\.san$")); QRegularExpression rxPubKey(QLatin1String("^(.+\\.(?:pem|der))\\.pubkey$")); QRegularExpression rxDigest(QLatin1String("^(.+\\.(?:pem|der))\\.digest-(md5|sha1)$")); QRegularExpressionMatch match; - foreach (QFileInfo fileInfo, fileInfoList) { + for (const QFileInfo &fileInfo : fileInfoList) { if ((match = rxCert.match(fileInfo.fileName())).hasMatch()) certInfoList << CertInfo(fileInfo, @@ -183,7 +207,7 @@ void tst_QSslCertificate::createTestRows() { QTest::addColumn<QString>("absFilePath"); QTest::addColumn<QSsl::EncodingFormat>("format"); - foreach (CertInfo certInfo, certInfoList) { + for (const CertInfo &certInfo : std::as_const(certInfoList)) { QTest::newRow(certInfo.fileInfo.fileName().toLatin1()) << certInfo.fileInfo.absoluteFilePath() << certInfo.format; } @@ -314,7 +338,7 @@ void tst_QSslCertificate::digest_data() QTest::addColumn<QSsl::EncodingFormat>("format"); QTest::addColumn<QString>("absFilePath_digest_md5"); QTest::addColumn<QString>("absFilePath_digest_sha1"); - foreach (CertInfo certInfo, certInfoList) { + for (const CertInfo &certInfo : std::as_const(certInfoList)) { QString certName = certInfo.fileInfo.fileName(); QTest::newRow(certName.toLatin1()) << certInfo.fileInfo.absoluteFilePath() @@ -367,7 +391,7 @@ void tst_QSslCertificate::subjectAlternativeNames_data() QTest::addColumn<QSsl::EncodingFormat>("format"); QTest::addColumn<QString>("subjAltNameFilePath"); - foreach (CertInfo certInfo, certInfoList) { + for (const CertInfo &certInfo : std::as_const(certInfoList)) { QString certName = certInfo.fileInfo.fileName(); if (subjAltNameMap.contains(certName)) QTest::newRow(certName.toLatin1()) @@ -449,7 +473,7 @@ void tst_QSslCertificate::subjectInfoToString() QVERIFY(testInfo(QSslCertificate::DistinguishedNameQualifier, QString())); QVERIFY(testInfo(QSslCertificate::SerialNumber, QString())); // TODO: check why generic code does not handle this! - if (!isNonOpenSslTls) + if (currentBackend() == TLSBackend::OpenSSL) QVERIFY(testInfo(QSslCertificate::EmailAddress, QStringLiteral("ababic@trolltech.com"))); } @@ -461,9 +485,8 @@ void tst_QSslCertificate::subjectIssuerDisplayName_data() QTest::addRow("CommonName") << QStringLiteral("more-certificates/cert-cn.pem") << QStringLiteral("YOUR name"); QTest::addRow("OrganizationName") << QStringLiteral("more-certificates/cert-on.pem") << QStringLiteral("R&D"); QTest::addRow("OrganizationUnitName") << QStringLiteral("more-certificates/cert-oun.pem") << QStringLiteral("Foundations"); -#ifndef QT_NO_OPENSSL - QTest::addRow("NoSubjectName") << QStringLiteral("more-certificates/cert-noname.pem") << QString(); -#endif + if (currentBackend() == TLSBackend::OpenSSL) + QTest::addRow("NoSubjectName") << QStringLiteral("more-certificates/cert-noname.pem") << QString(); } void tst_QSslCertificate::subjectIssuerDisplayName() @@ -506,7 +529,7 @@ void tst_QSslCertificate::publicKey_data() QTest::addColumn<QSsl::EncodingFormat>("format"); QTest::addColumn<QString>("pubkeyFilePath"); - foreach (CertInfo certInfo, certInfoList) { + for (const CertInfo &certInfo : std::as_const(certInfoList)) { QString certName = certInfo.fileInfo.fileName(); if (pubkeyMap.contains(certName)) QTest::newRow(certName.toLatin1()) @@ -808,8 +831,10 @@ void tst_QSslCertificate::certInfo() QCOMPARE(cert.digest(QCryptographicHash::Sha1), QByteArray::fromHex("B6:D1:51:82:E0:29:CA:59:96:38:BD:B6:F9:40:05:91:6D:49:09:60")); - QCOMPARE(cert.effectiveDate().toUTC(), QDateTime(QDate(2007, 4, 17), QTime(7,40,26), Qt::UTC)); - QCOMPARE(cert.expiryDate().toUTC(), QDateTime(QDate(2007, 5, 17), QTime(7,40,26), Qt::UTC)); + QCOMPARE(cert.effectiveDate().toUTC(), + QDateTime(QDate(2007, 4, 17), QTime(7,40,26), QTimeZone::UTC)); + QCOMPARE(cert.expiryDate().toUTC(), + QDateTime(QDate(2007, 5, 17), QTime(7,40,26), QTimeZone::UTC)); QVERIFY(cert.expiryDate() < QDateTime::currentDateTime()); // cert has expired QSslCertificate copy = cert; @@ -871,7 +896,7 @@ void tst_QSslCertificate::task256066toPem() void tst_QSslCertificate::nulInCN() { - if (isNonOpenSslTls) + if (currentBackend() != TLSBackend::OpenSSL) QSKIP("Generic QSslCertificatePrivate fails this test"); QList<QSslCertificate> certList = @@ -891,7 +916,7 @@ void tst_QSslCertificate::nulInCN() void tst_QSslCertificate::nulInSan() { - if (isNonOpenSslTls) + if (currentBackend() != TLSBackend::OpenSSL) QSKIP("Generic QSslCertificatePrivate fails this test"); QList<QSslCertificate> certList = @@ -933,9 +958,11 @@ void tst_QSslCertificate::largeExpirationDate() // QTBUG-12489 const QSslCertificate &cert = certList.at(0); QVERIFY(!cert.isNull()); - QCOMPARE(cert.effectiveDate().toUTC(), QDateTime(QDate(2010, 8, 4), QTime(9, 53, 41), Qt::UTC)); + QCOMPARE(cert.effectiveDate().toUTC(), + QDateTime(QDate(2010, 8, 4), QTime(9, 53, 41), QTimeZone::UTC)); // if the date is larger than 2049, then the generalized time format is used - QCOMPARE(cert.expiryDate().toUTC(), QDateTime(QDate(2051, 8, 29), QTime(9, 53, 41), Qt::UTC)); + QCOMPARE(cert.expiryDate().toUTC(), + QDateTime(QDate(2051, 8, 29), QTime(9, 53, 41), QTimeZone::UTC)); } void tst_QSslCertificate::blacklistedCertificates() @@ -956,7 +983,7 @@ void tst_QSslCertificate::selfsignedCertificates() void tst_QSslCertificate::toText() { - if (isNonOpenSslTls) + if (currentBackend() != TLSBackend::OpenSSL) QSKIP("QSslCertificate::toText is not implemented on platforms which do not use openssl"); QList<QSslCertificate> certList = @@ -1006,7 +1033,7 @@ void tst_QSslCertificate::subjectAndIssuerAttributes() QByteArray shortName("1.3.6.1.4.1.311.60.2.1.3"); #if !defined(QT_NO_OPENSSL) && defined(SN_jurisdictionCountryName) - if (!isNonOpenSslTls) + if (currentBackend() == TLSBackend::OpenSSL) shortName = SN_jurisdictionCountryName; #endif attributes = certList[0].subjectInfoAttributes(); @@ -1015,8 +1042,8 @@ void tst_QSslCertificate::subjectAndIssuerAttributes() void tst_QSslCertificate::verify() { - if (isNonOpenSslTls) - QSKIP("Not implemented in SecureTransport or Schannel"); + if (currentBackend() != TLSBackend::OpenSSL) + QSKIP("Only implemented for OpenSSL"); QList<QSslError> errors; QList<QSslCertificate> toVerify; @@ -1055,7 +1082,7 @@ void tst_QSslCertificate::verify() toVerify = QSslCertificate::fromPath(testDataDir + "verify-certs/test-addons-mozilla-org-cert.pem", QSsl::Pem, QSslCertificate::PatternSyntax::FixedString); errors = QSslCertificate::verify(toVerify); bool foundBlack = false; - foreach (const QSslError &error, errors) { + for (const QSslError &error : std::as_const(errors)) { if (error.error() == QSslError::CertificateBlacklisted) { foundBlack = true; break; @@ -1101,9 +1128,8 @@ QString tst_QSslCertificate::toString(const QList<QSslError>& errors) { QStringList errorStrings; - foreach (const QSslError& error, errors) { + for (const QSslError &error : errors) errorStrings.append(QLatin1Char('"') + error.errorString() + QLatin1Char('"')); - } return QLatin1String("[ ") + errorStrings.join(QLatin1String(", ")) + QLatin1String(" ]"); } @@ -1357,9 +1383,8 @@ void tst_QSslCertificate::pkcs12() return; } -#if !defined(QT_NO_OPENSSL) && OPENSSL_VERSION_MAJOR >= 3 - QSKIP("leaf.p12 is using RC2, which is disabled by default in OpenSSL v >= 3"); -#endif + if (currentBackend() == TLSBackend::OpenSSL && QSslSocket::sslLibraryVersionNumber() >= 0x30000000L) + QSKIP("leaf.p12 is using RC2, which is disabled by default in OpenSSL v >= 3"); QFile f(testDataDir + QLatin1String("pkcs12/leaf.p12")); bool ok = f.open(QIODevice::ReadOnly); @@ -1369,8 +1394,8 @@ void tst_QSslCertificate::pkcs12() QSslCertificate cert; QList<QSslCertificate> caCerts; - if (isNonOpenSslTls) - QEXPECT_FAIL("", "pkcs12 imports are only supported when openssl is used", Abort); // TODO? + if (currentBackend() != TLSBackend::OpenSSL) + QEXPECT_FAIL("", "pkcs12 imports are not available with the current TLS backend", Abort); // TODO? ok = QSslCertificate::importPkcs12(&f, &key, &cert, &caCerts); QVERIFY(ok); @@ -1402,7 +1427,8 @@ void tst_QSslCertificate::pkcs12() QFile nocert(testDataDir + QLatin1String("pkcs12/leaf-nokey.p12")); ok = nocert.open(QIODevice::ReadOnly); QVERIFY(ok); - QTest::ignoreMessage(QtWarningMsg, "Unable to convert private key"); + if (currentBackend() == TLSBackend::OpenSSL) + QTest::ignoreMessage(QtWarningMsg, "Unable to convert private key"); ok = QSslCertificate::importPkcs12(&nocert, &key, &cert, &caCerts); QVERIFY(!ok); nocert.close(); diff --git a/tests/auto/network/ssl/qsslcipher/CMakeLists.txt b/tests/auto/network/ssl/qsslcipher/CMakeLists.txt index dca12a50b3..8538f56acd 100644 --- a/tests/auto/network/ssl/qsslcipher/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslcipher/CMakeLists.txt @@ -1,24 +1,20 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qsslcipher.pro. - ##################################################################### ## tst_qsslcipher Test: ##################################################################### +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qsslcipher LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + qt_internal_add_test(tst_qsslcipher SOURCES tst_qsslcipher.cpp LIBRARIES Qt::Network + BUNDLE_ANDROID_OPENSSL_LIBS ) - -## Scopes: -##################################################################### - -#### Keys ignored in scope 3:.:.:qsslcipher.pro:(CMAKE_BUILD_TYPE STREQUAL Debug): -# DESTDIR = "debug" - -#### Keys ignored in scope 4:.:.:qsslcipher.pro:else: -# DESTDIR = "release" diff --git a/tests/auto/network/ssl/qsslcipher/tst_qsslcipher.cpp b/tests/auto/network/ssl/qsslcipher/tst_qsslcipher.cpp index 3b24dd0403..6810149c11 100644 --- a/tests/auto/network/ssl/qsslcipher/tst_qsslcipher.cpp +++ b/tests/auto/network/ssl/qsslcipher/tst_qsslcipher.cpp @@ -1,5 +1,5 @@ // Copyright (C) 2016 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> diff --git a/tests/auto/network/ssl/qssldiffiehellmanparameters/CMakeLists.txt b/tests/auto/network/ssl/qssldiffiehellmanparameters/CMakeLists.txt index 486d1c8598..3ac34b2f6c 100644 --- a/tests/auto/network/ssl/qssldiffiehellmanparameters/CMakeLists.txt +++ b/tests/auto/network/ssl/qssldiffiehellmanparameters/CMakeLists.txt @@ -1,15 +1,20 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qssldiffiehellmanparameters.pro. - ##################################################################### ## tst_qssldiffiehellmanparameters Test: ##################################################################### +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qssldiffiehellmanparameters LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + qt_internal_add_test(tst_qssldiffiehellmanparameters SOURCES tst_qssldiffiehellmanparameters.cpp LIBRARIES Qt::Network + BUNDLE_ANDROID_OPENSSL_LIBS ) diff --git a/tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp b/tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp index 8233d8883d..d8c6d9158a 100644 --- a/tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp +++ b/tests/auto/network/ssl/qssldiffiehellmanparameters/tst_qssldiffiehellmanparameters.cpp @@ -1,5 +1,5 @@ // Copyright (C) 2015 Mikkel Krautz <mikkel@krautz.dk> -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> diff --git a/tests/auto/network/ssl/qsslellipticcurve/CMakeLists.txt b/tests/auto/network/ssl/qsslellipticcurve/CMakeLists.txt index f4e0ca6dfb..dd031a991b 100644 --- a/tests/auto/network/ssl/qsslellipticcurve/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslellipticcurve/CMakeLists.txt @@ -1,15 +1,20 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qsslellipticcurve.pro. - ##################################################################### ## tst_qsslellipticcurve Test: ##################################################################### +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qsslellipticcurve LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + qt_internal_add_test(tst_qsslellipticcurve SOURCES tst_qsslellipticcurve.cpp LIBRARIES Qt::Network + BUNDLE_ANDROID_OPENSSL_LIBS ) diff --git a/tests/auto/network/ssl/qsslellipticcurve/tst_qsslellipticcurve.cpp b/tests/auto/network/ssl/qsslellipticcurve/tst_qsslellipticcurve.cpp index ab4b457333..96ef7e9828 100644 --- a/tests/auto/network/ssl/qsslellipticcurve/tst_qsslellipticcurve.cpp +++ b/tests/auto/network/ssl/qsslellipticcurve/tst_qsslellipticcurve.cpp @@ -1,6 +1,5 @@ // Copyright (C) 2014 Governikus GmbH & Co. KG. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 - +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> @@ -66,7 +65,8 @@ void tst_QSslEllipticCurve::fromShortName_data() QTest::newRow("QString()") << QString() << QSslEllipticCurve() << false; QTest::newRow("\"\"") << QString("") << QSslEllipticCurve() << false; QTest::newRow("does-not-exist") << QStringLiteral("does-not-exist") << QSslEllipticCurve() << false; - Q_FOREACH (QSslEllipticCurve ec, QSslConfiguration::supportedEllipticCurves()) { + const auto supported = QSslConfiguration::supportedEllipticCurves(); + for (QSslEllipticCurve ec : supported) { const QString sN = ec.shortName(); QTest::newRow(qPrintable("supported EC \"" + sN + '"')) << sN << ec << true; // At least in the OpenSSL impl, the short name is case-sensitive. That feels odd. @@ -99,7 +99,8 @@ void tst_QSslEllipticCurve::fromLongName_data() QTest::newRow("QString()") << QString() << QSslEllipticCurve() << false; QTest::newRow("\"\"") << QString("") << QSslEllipticCurve() << false; QTest::newRow("does-not-exist") << QStringLiteral("does-not-exist") << QSslEllipticCurve() << false; - Q_FOREACH (QSslEllipticCurve ec, QSslConfiguration::supportedEllipticCurves()) { + const auto supported = QSslConfiguration::supportedEllipticCurves(); + for (QSslEllipticCurve ec : supported) { const QString lN = ec.longName(); QTest::newRow(qPrintable("supported EC \"" + lN + '"')) << lN << ec << true; } diff --git a/tests/auto/network/ssl/qsslerror/CMakeLists.txt b/tests/auto/network/ssl/qsslerror/CMakeLists.txt index 29779add78..006bec3ef2 100644 --- a/tests/auto/network/ssl/qsslerror/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslerror/CMakeLists.txt @@ -1,24 +1,20 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qsslerror.pro. - ##################################################################### ## tst_qsslerror Test: ##################################################################### +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qsslerror LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + qt_internal_add_test(tst_qsslerror SOURCES tst_qsslerror.cpp LIBRARIES Qt::Network + BUNDLE_ANDROID_OPENSSL_LIBS ) - -## Scopes: -##################################################################### - -#### Keys ignored in scope 3:.:.:qsslerror.pro:(CMAKE_BUILD_TYPE STREQUAL Debug): -# DESTDIR = "debug" - -#### Keys ignored in scope 4:.:.:qsslerror.pro:else: -# DESTDIR = "release" diff --git a/tests/auto/network/ssl/qsslerror/tst_qsslerror.cpp b/tests/auto/network/ssl/qsslerror/tst_qsslerror.cpp index 6cbcc30beb..981fe3a0d5 100644 --- a/tests/auto/network/ssl/qsslerror/tst_qsslerror.cpp +++ b/tests/auto/network/ssl/qsslerror/tst_qsslerror.cpp @@ -1,5 +1,5 @@ // Copyright (C) 2016 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QtNetwork/qtnetworkglobal.h> diff --git a/tests/auto/network/ssl/qsslkey/CMakeLists.txt b/tests/auto/network/ssl/qsslkey/CMakeLists.txt index a720962655..aae017562a 100644 --- a/tests/auto/network/ssl/qsslkey/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslkey/CMakeLists.txt @@ -1,12 +1,16 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qsslkey.pro. - ##################################################################### ## tst_qsslkey Test: ##################################################################### +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qsslkey LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + # Collect test data file(GLOB_RECURSE test_data_glob RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} @@ -23,9 +27,10 @@ qt_internal_add_test(tst_qsslkey LIBRARIES Qt::Network TESTDATA ${test_data} + BUNDLE_ANDROID_OPENSSL_LIBS ) -qt_internal_extend_target(tst_qsslkey CONDITION QT_FEATURE_private_tests AND QT_FEATURE_openssl_linked +qt_internal_extend_target(tst_qsslkey CONDITION QT_FEATURE_developer_build AND QT_FEATURE_openssl_linked LIBRARIES WrapOpenSSL::WrapOpenSSL ) @@ -33,7 +38,7 @@ qt_internal_extend_target(tst_qsslkey CONDITION QT_FEATURE_private_tests AND QT_ ## Scopes: ##################################################################### -qt_internal_extend_target(tst_qsslkey CONDITION QT_FEATURE_private_tests +qt_internal_extend_target(tst_qsslkey CONDITION QT_FEATURE_developer_build LIBRARIES Qt::CorePrivate Qt::NetworkPrivate diff --git a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp index 12f29bf107..79bae3c270 100644 --- a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp +++ b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp @@ -1,5 +1,5 @@ // Copyright (C) 2016 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> #include <qsslkey.h> @@ -15,6 +15,8 @@ #include <QtCore/qdebug.h> #include <QtCore/qlist.h> +using namespace Qt::StringLiterals; + #ifdef QT_BUILD_INTERNAL #if QT_CONFIG(ssl) #include "private/qsslkey_p.h" @@ -249,7 +251,7 @@ void tst_QSslKey::createPlainTestRows(bool pemOnly) QTest::addColumn<QSsl::KeyType>("type"); QTest::addColumn<int>("length"); QTest::addColumn<QSsl::EncodingFormat>("format"); - foreach (KeyInfo keyInfo, keyInfoList) { + for (const KeyInfo &keyInfo : std::as_const(keyInfoList)) { if (pemOnly && keyInfo.format != QSsl::EncodingFormat::Pem) continue; @@ -467,13 +469,18 @@ void tst_QSslKey::toEncryptedPemOrDer_data() QTest::addColumn<QSsl::EncodingFormat>("format"); QTest::addColumn<QString>("password"); - QStringList passwords; - passwords << " " << "foobar" << "foo bar" - << "aAzZ`1234567890-=~!@#$%^&*()_+[]{}\\|;:'\",.<>/?"; // ### add more (?) - foreach (KeyInfo keyInfo, keyInfoList) { + const QString passwords[] = { + u" "_s, + u"foobar"_s, + u"foo bar"_s, + u"aAzZ`1234567890-=~!@#$%^&*()_+[]{}\\|;:'\",.<>/?"_s, + // ### add more (?) + }; + + for (const KeyInfo &keyInfo : std::as_const(keyInfoList)) { if (keyInfo.fileInfo.fileName().contains("pkcs8")) continue; // pkcs8 keys are encrypted in a different way than the other keys - foreach (QString password, passwords) { + for (const QString &password : passwords) { const QByteArray testName = keyInfo.fileInfo.fileName().toLatin1() + '-' + (keyInfo.algorithm == QSsl::Rsa ? "RSA" : (keyInfo.algorithm == QSsl::Dsa ? "DSA" : "EC")) @@ -573,7 +580,7 @@ void tst_QSslKey::passphraseChecks() QVERIFY(keyFile.exists()); { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey); @@ -581,7 +588,7 @@ void tst_QSslKey::passphraseChecks() } { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, ""); @@ -589,7 +596,7 @@ void tst_QSslKey::passphraseChecks() } { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "WRONG!"); @@ -597,7 +604,7 @@ void tst_QSslKey::passphraseChecks() } { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, passphrase); @@ -615,7 +622,7 @@ void tst_QSslKey::noPassphraseChecks() QFile keyFile(fileName); { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey); @@ -623,7 +630,7 @@ void tst_QSslKey::noPassphraseChecks() } { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, ""); @@ -631,7 +638,7 @@ void tst_QSslKey::noPassphraseChecks() } { if (!keyFile.isOpen()) - keyFile.open(QIODevice::ReadOnly); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); else keyFile.reset(); QSslKey key(&keyFile,QSsl::Rsa,QSsl::Pem, QSsl::PrivateKey, "xxx"); diff --git a/tests/auto/network/ssl/qsslserver/CMakeLists.txt b/tests/auto/network/ssl/qsslserver/CMakeLists.txt index 584a031622..5957b2720e 100644 --- a/tests/auto/network/ssl/qsslserver/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslserver/CMakeLists.txt @@ -1,6 +1,12 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qsslserver LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + if(NOT QT_FEATURE_private_tests) return() endif() @@ -19,4 +25,5 @@ qt_internal_add_test(tst_qsslserver Qt::CorePrivate Qt::NetworkPrivate TESTDATA ${test_data} + BUNDLE_ANDROID_OPENSSL_LIBS ) diff --git a/tests/auto/network/ssl/qsslserver/tst_qsslserver.cpp b/tests/auto/network/ssl/qsslserver/tst_qsslserver.cpp index 13a3201345..26d3a50a5b 100644 --- a/tests/auto/network/ssl/qsslserver/tst_qsslserver.cpp +++ b/tests/auto/network/ssl/qsslserver/tst_qsslserver.cpp @@ -1,5 +1,5 @@ // Copyright (C) 2022 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> #include <QDebug> diff --git a/tests/auto/network/ssl/qsslsocket/BLACKLIST b/tests/auto/network/ssl/qsslsocket/BLACKLIST index 749c59d968..b990516676 100644 --- a/tests/auto/network/ssl/qsslsocket/BLACKLIST +++ b/tests/auto/network/ssl/qsslsocket/BLACKLIST @@ -1,11 +1,6 @@ [deprecatedProtocols] windows -[spontaneousWrite] -windows-7sp1 [connectToHostEncrypted] macos -[setSslConfiguration] -windows-10 msvc-2015 -windows-7sp1 [connectToHostEncryptedWithVerificationPeerName] macos diff --git a/tests/auto/network/ssl/qsslsocket/CMakeLists.txt b/tests/auto/network/ssl/qsslsocket/CMakeLists.txt index cf43cd6c54..456deacb60 100644 --- a/tests/auto/network/ssl/qsslsocket/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslsocket/CMakeLists.txt @@ -1,7 +1,11 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qsslsocket.pro. +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qsslsocket LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() if(NOT QT_FEATURE_private_tests) return() @@ -22,25 +26,11 @@ qt_internal_add_test(tst_qsslsocket Qt::NetworkPrivate Qt::TestPrivate TESTDATA ${test_data} - QT_TEST_SERVER_LIST "squid" "danted" "cyrus" "apache2" "echo" # special case + QT_TEST_SERVER_LIST "squid" "danted" "cyrus" "apache2" "echo" + BUNDLE_ANDROID_OPENSSL_LIBS ) qt_internal_extend_target(tst_qsslsocket CONDITION QT_FEATURE_private_tests AND QT_FEATURE_openssl_linked LIBRARIES WrapOpenSSL::WrapOpenSSL ) - -#### Keys ignored in scope 1:.:.:qsslsocket.pro:<TRUE>: -# _REQUIREMENTS = "qtConfig(private_tests)" - -## Scopes: -##################################################################### - -#### Keys ignored in scope 3:.:.:qsslsocket.pro:(CMAKE_BUILD_TYPE STREQUAL Debug): -# DESTDIR = "debug" - -#### Keys ignored in scope 4:.:.:qsslsocket.pro:else: -# DESTDIR = "release" - -#### Keys ignored in scope 5:.:.:qsslsocket.pro:LINUX: -# QT_TEST_SERVER_LIST = "squid" "danted" "cyrus" "apache2" "echo" diff --git a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp index 4e380bcde1..b45d6b5d8f 100644 --- a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp +++ b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp @@ -1,6 +1,6 @@ // Copyright (C) 2021 The Qt Company Ltd. // Copyright (C) 2014 Governikus GmbH & Co. KG. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QtNetwork/private/qtnetworkglobal_p.h> @@ -43,6 +43,8 @@ #include "private/qsslsocket_p.h" #include "private/qsslconfiguration_p.h" +using namespace std::chrono_literals; + QT_WARNING_PUSH QT_WARNING_DISABLE_DEPRECATED // make these enum values available without causing deprecation warnings: @@ -164,9 +166,7 @@ private slots: void protocol(); void protocolServerSide_data(); void protocolServerSide(); -#if QT_CONFIG(openssl) void serverCipherPreferences(); -#endif void setCaCertificates(); void setLocalCertificate(); void localCertificateChain(); @@ -291,6 +291,7 @@ private: QSslSocket *socket; QList<QSslError> storedExpectedSslErrors; bool isTestingOpenSsl = false; + bool isSecurityLevel0Required = false; bool opensslResolved = false; bool isTestingSecureTransport = false; bool isTestingSchannel = false; @@ -410,6 +411,9 @@ void tst_QSslSocket::initTestCase() flukeCertificateError = QSslError::SelfSignedCertificate; #if QT_CONFIG(openssl) opensslResolved = qt_auto_test_resolve_OpenSSL_symbols(); + // This is where OpenSSL moved several protocols under + // non-default (0) security level (the default is 1). + isSecurityLevel0Required = OPENSSL_VERSION_NUMBER >= 0x30100010; #else opensslResolved = false; // Not 'unused variable' anymore. #endif @@ -808,6 +812,10 @@ void tst_QSslSocket::simpleConnect() if (!QSslSocket::supportsSsl()) return; + // Starting from OpenSSL v 3.1.1 deprecated protocol versions (we want to use when connecting) are not available by default. + if (isSecurityLevel0Required) + QSKIP("Testing with OpenSSL backend, but security level 0 is required for TLS v1.1 or earlier"); + QFETCH_GLOBAL(bool, setProxy); if (setProxy) return; @@ -869,6 +877,10 @@ void tst_QSslSocket::simpleConnectWithIgnore() if (!QSslSocket::supportsSsl()) return; + // Starting from OpenSSL v 3.1.1 deprecated protocol versions (we want to use when connecting) are not available by default. + if (isSecurityLevel0Required) + QSKIP("Testing with OpenSSL backend, but security level 0 is required for TLS v1.1 or earlier"); + QFETCH_GLOBAL(bool, setProxy); if (setProxy) return; @@ -913,6 +925,10 @@ void tst_QSslSocket::simpleConnectWithIgnore() void tst_QSslSocket::sslErrors_data() { + // Starting from OpenSSL v 3.1.1 deprecated protocol versions (we want to use in 'sslErrors' test) are not available by default. + if (isSecurityLevel0Required) + QSKIP("Testing with OpenSSL backend, but security level 0 is required for TLS v1.1 or earlier"); + QTest::addColumn<QString>("host"); QTest::addColumn<int>("port"); @@ -1294,6 +1310,7 @@ void tst_QSslSocket::privateKey() #if QT_CONFIG(openssl) void tst_QSslSocket::privateKeyOpaque() { +#ifndef OPENSSL_NO_DEPRECATED_3_0 if (!isTestingOpenSsl) QSKIP("The active TLS backend does not support private opaque keys"); @@ -1327,6 +1344,7 @@ void tst_QSslSocket::privateKeyOpaque() QFETCH_GLOBAL(bool, setProxy); if (setProxy && !socket->waitForEncrypted(10000)) QSKIP("Skipping flaky test - See QTBUG-29941"); +#endif // OPENSSL_NO_DEPRECATED_3_0 } #endif // Feature 'openssl'. @@ -1643,8 +1661,6 @@ void tst_QSslSocket::protocolServerSide() QCOMPARE(client.isEncrypted(), works); } -#if QT_CONFIG(openssl) - void tst_QSslSocket::serverCipherPreferences() { if (!isTestingOpenSsl) @@ -1739,8 +1755,6 @@ void tst_QSslSocket::serverCipherPreferences() } } -#endif // Feature 'openssl'. - void tst_QSslSocket::setCaCertificates() { @@ -1965,6 +1979,10 @@ void tst_QSslSocket::waitForConnectedEncryptedReadyRead() if (!QSslSocket::supportsSsl()) return; + // Starting from OpenSSL v 3.1.1 deprecated protocol versions (we want to use here) are not available by default. + if (isSecurityLevel0Required) + QSKIP("Testing with OpenSSL backend, but security level 0 is required for TLS v1.1 or earlier"); + QSslSocketPtr socket = newSocket(); this->socket = socket.data(); @@ -2818,7 +2836,7 @@ void tst_QSslSocket::closeWhileEmittingSocketError() // Make sure we have some data buffered so that close will try to flush: clientSocket.write(QByteArray(1000000, Qt::Uninitialized)); - QTestEventLoop::instance().enterLoopMSecs(1000); + QTestEventLoop::instance().enterLoop(1s); QVERIFY(!QTestEventLoop::instance().timeout()); QCOMPARE(socketErrorSpy.size(), 1); @@ -3078,7 +3096,14 @@ void tst_QSslSocket::blacklistedCertificates() QList<QSslError> sslErrors = receiver->sslHandshakeErrors(); QVERIFY(sslErrors.size() > 0); // there are more errors (self signed cert and hostname mismatch), but we only care about the blacklist error - QCOMPARE(sslErrors.at(0).error(), QSslError::CertificateBlacklisted); + std::optional<QSslError> blacklistedError; + for (const QSslError &error : sslErrors) { + if (error.error() == QSslError::CertificateBlacklisted) { + blacklistedError = error; + break; + } + } + QVERIFY2(blacklistedError, "CertificateBlacklisted error not found!"); } void tst_QSslSocket::versionAccessors() @@ -3104,6 +3129,10 @@ void tst_QSslSocket::encryptWithoutConnecting() void tst_QSslSocket::resume_data() { + // Starting from OpenSSL v 3.1.1 deprecated protocol versions (we want to use in 'resume' test) are not available by default. + if (isSecurityLevel0Required) + QSKIP("Testing with OpenSSL backend, but security level 0 is required for TLS v1.1 or earlier"); + QTest::addColumn<bool>("ignoreErrorsAfterPause"); QTest::addColumn<QList<QSslError> >("errorsToIgnore"); QTest::addColumn<bool>("expectSuccess"); @@ -3447,7 +3476,13 @@ void tst_QSslSocket::dhServer() return; SslServer server; - server.ciphers = {QSslCipher("DHE-RSA-AES256-SHA"), QSslCipher("DHE-DSS-AES256-SHA")}; + QSslCipher rsaCipher("DHE-RSA-AES256-SHA"); + QSslCipher dssCipher("DHE-DSS-AES256-SHA"); + if (rsaCipher.isNull()) + QSKIP("The current backend doesn't support DHE-RSA-AES256-SHA"); + if (dssCipher.isNull()) + QSKIP("The current backend doesn't support DHE-DSS-AES256-SHA"); + server.ciphers = { rsaCipher, dssCipher }; QVERIFY(server.listen()); QEventLoop loop; @@ -3475,9 +3510,10 @@ void tst_QSslSocket::dhServerCustomParamsNull() if (setProxy) return; + const QSslCipher cipherWithDH("DHE-RSA-AES256-SHA256"); SslServer server; - server.ciphers = {QSslCipher("DHE-RSA-AES256-SHA"), QSslCipher("DHE-DSS-AES256-SHA")}; - server.protocol = Test::TlsV1_0; + server.ciphers = {cipherWithDH}; + server.protocol = QSsl::TlsV1_2; QSslConfiguration cfg = server.config; cfg.setDiffieHellmanParameters(QSslDiffieHellmanParameters()); @@ -3490,7 +3526,6 @@ void tst_QSslSocket::dhServerCustomParamsNull() QSslSocket client; QSslConfiguration config = client.sslConfiguration(); - config.setProtocol(Test::TlsV1_0); client.setSslConfiguration(config); socket = &client; connect(socket, SIGNAL(errorOccurred(QAbstractSocket::SocketError)), &loop, SLOT(quit())); @@ -3501,20 +3536,25 @@ void tst_QSslSocket::dhServerCustomParamsNull() loop.exec(); - QVERIFY(client.state() != QAbstractSocket::ConnectedState); + QCOMPARE(client.state(), QAbstractSocket::ConnectedState); + QCOMPARE(client.sessionCipher(), cipherWithDH); } void tst_QSslSocket::dhServerCustomParams() { if (!QSslSocket::supportsSsl()) QSKIP("No SSL support"); + if (!QSslSocket::isClassImplemented(QSsl::ImplementedClass::DiffieHellman)) + QSKIP("The current backend doesn't support diffie hellman parameters"); QFETCH_GLOBAL(bool, setProxy); if (setProxy) return; SslServer server; - server.ciphers = {QSslCipher("DHE-RSA-AES256-SHA"), QSslCipher("DHE-DSS-AES256-SHA")}; + const QSslCipher cipherWithDH("DHE-RSA-AES256-SHA256"); + server.ciphers = {cipherWithDH}; + server.protocol = QSsl::TlsV1_2; QSslConfiguration cfg = server.config; @@ -3544,7 +3584,8 @@ void tst_QSslSocket::dhServerCustomParams() loop.exec(); - QVERIFY(client.state() == QAbstractSocket::ConnectedState); + QCOMPARE(client.state(), QAbstractSocket::ConnectedState); + QCOMPARE(client.sessionCipher(), cipherWithDH); } #endif // QT_CONFIG(openssl) @@ -3560,7 +3601,10 @@ void tst_QSslSocket::ecdhServer() return; SslServer server; - server.ciphers = {QSslCipher("ECDHE-RSA-AES128-SHA")}; + QSslCipher cipher("ECDHE-RSA-AES128-SHA"); + if (cipher.isNull()) + QSKIP("The current backend doesn't support ECDHE-RSA-AES128-SHA"); + server.ciphers = {cipher}; QVERIFY(server.listen()); QEventLoop loop; @@ -4549,7 +4593,7 @@ void tst_QSslSocket::unsupportedProtocols() return; QFETCH(const QSsl::SslProtocol, unsupportedProtocol); - const int timeoutMS = 500; + constexpr auto timeout = 500ms; // Test a client socket. { // 0. connectToHostEncrypted: client-side, non-blocking API, error is discovered @@ -4571,7 +4615,7 @@ void tst_QSslSocket::unsupportedProtocols() QCOMPARE(socket.error(), QAbstractSocket::UnknownSocketError); socket.connectToHost(QHostAddress::LocalHost, server.serverPort()); - QVERIFY(socket.waitForConnected(timeoutMS)); + QVERIFY(socket.waitForConnected(int(timeout.count()))); socket.setProtocol(unsupportedProtocol); socket.startClientEncryption(); @@ -4596,7 +4640,7 @@ void tst_QSslSocket::unsupportedProtocols() QTcpSocket client; client.connectToHost(QHostAddress::LocalHost, server.serverPort()); - loop.enterLoopMSecs(timeoutMS); + loop.enterLoop(timeout); QVERIFY(!loop.timeout()); QVERIFY(server.socket); QCOMPARE(server.socket->error(), QAbstractSocket::SslInvalidUserDataError); @@ -4703,7 +4747,7 @@ void tst_QSslSocket::alertMissingCertificate() connect(&clientSocket, &QAbstractSocket::errorOccurred, earlyQuitter); connect(&server, &SslServer::socketError, earlyQuitter); - runner.enterLoopMSecs(1000); + runner.enterLoop(1s); if (clientSocket.isEncrypted()) { // When using TLS 1.3 the client side thinks it is connected very @@ -4711,7 +4755,7 @@ void tst_QSslSocket::alertMissingCertificate() // inevitable disconnect. QCOMPARE(clientSocket.sessionProtocol(), QSsl::TlsV1_3); connect(&clientSocket, &QSslSocket::disconnected, &runner, &QTestEventLoop::exitLoop); - runner.enterLoopMSecs(10000); + runner.enterLoop(10s); } QVERIFY(serverSpy.size() > 0); @@ -4766,7 +4810,7 @@ void tst_QSslSocket::alertInvalidCertificate() connect(&clientSocket, &QAbstractSocket::errorOccurred, earlyQuitter); connect(&server, &SslServer::socketError, earlyQuitter); - runner.enterLoopMSecs(1000); + runner.enterLoop(1s); QVERIFY(serverSpy.size() > 0); QVERIFY(clientSpy.size() > 0); @@ -4894,7 +4938,7 @@ void tst_QSslSocket::selfSignedCertificates() connect(&clientSocket, &QAbstractSocket::errorOccurred, earlyQuitter); connect(&server, &SslServer::socketError, earlyQuitter); - runner.enterLoopMSecs(1000); + runner.enterLoop(1s); if (clientKnown) { QCOMPARE(serverSpy.size(), 0); @@ -5032,7 +5076,7 @@ void tst_QSslSocket::pskHandshake() connect(&clientSocket, &QAbstractSocket::errorOccurred, earlyQuitter); connect(&server, &SslServer::socketError, earlyQuitter); - runner.enterLoopMSecs(1000); + runner.enterLoop(1s); if (pskRight) { QCOMPARE(serverSpy.size(), 0); diff --git a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/BLACKLIST b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/BLACKLIST index 4eea966b13..96d94bd935 100644 --- a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/BLACKLIST +++ b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/BLACKLIST @@ -1,3 +1,7 @@ # QTBUG-101274 -[onDemandRootCertLoadingMemberMethods:WithoutProxy] -qnx ci +# [onDemandRootCertLoadingMemberMethods:WithoutProxy] +# qnx ci + +# QTBUG-63481 +[onDemandRootCertLoadingMemberMethods] +* diff --git a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/CMakeLists.txt b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/CMakeLists.txt index 77ebcfeee3..34e026cb8b 100644 --- a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/CMakeLists.txt @@ -1,7 +1,11 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qsslsocket_onDemandCertificates_member.pro. +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qsslsocket_onDemandCertificates_member LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() if(NOT QT_FEATURE_private_tests) return() @@ -17,21 +21,6 @@ qt_internal_add_test(tst_qsslsocket_onDemandCertificates_member LIBRARIES Qt::CorePrivate Qt::NetworkPrivate - QT_TEST_SERVER_LIST "squid" "danted" # special case + QT_TEST_SERVER_LIST "squid" "danted" + BUNDLE_ANDROID_OPENSSL_LIBS ) - -#### Keys ignored in scope 1:.:.:qsslsocket_onDemandCertificates_member.pro:<TRUE>: -# _REQUIREMENTS = "qtConfig(private_tests)" -# testcase.timeout = "300" - -## Scopes: -##################################################################### - -#### Keys ignored in scope 3:.:.:qsslsocket_onDemandCertificates_member.pro:(CMAKE_BUILD_TYPE STREQUAL Debug): -# DESTDIR = "debug" - -#### Keys ignored in scope 4:.:.:qsslsocket_onDemandCertificates_member.pro:else: -# DESTDIR = "release" - -#### Keys ignored in scope 5:.:.:qsslsocket_onDemandCertificates_member.pro:LINUX: -# QT_TEST_SERVER_LIST = "squid" "danted" diff --git a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/tst_qsslsocket_onDemandCertificates_member.cpp b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/tst_qsslsocket_onDemandCertificates_member.cpp index 95901e7f1e..119891c916 100644 --- a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/tst_qsslsocket_onDemandCertificates_member.cpp +++ b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/tst_qsslsocket_onDemandCertificates_member.cpp @@ -1,5 +1,5 @@ // Copyright (C) 2016 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QtNetwork> @@ -194,6 +194,7 @@ static bool waitForEncrypted(QSslSocket *socket) void tst_QSslSocket_onDemandCertificates_member::onDemandRootCertLoadingMemberMethods() { +#define ERR(socket) socket->errorString().toLatin1() const QString host("www.qt.io"); // not using any root certs -> should not work @@ -203,13 +204,13 @@ void tst_QSslSocket_onDemandCertificates_member::onDemandRootCertLoadingMemberMe sslConfig.setCaCertificates(QList<QSslCertificate>()); socket2->setSslConfiguration(sslConfig); socket2->connectToHostEncrypted(host, 443); - QVERIFY(!waitForEncrypted(socket2.data())); + QVERIFY2(!waitForEncrypted(socket2.data()), ERR(socket2)); // default: using on demand loading -> should work QSslSocketPtr socket = newSocket(); this->socket = socket.data(); socket->connectToHostEncrypted(host, 443); - QVERIFY2(waitForEncrypted(socket.data()), qPrintable(socket->errorString())); + QVERIFY2(waitForEncrypted(socket.data()), ERR(socket)); // not using any root certs again -> should not work QSslSocketPtr socket3 = newSocket(); @@ -218,7 +219,7 @@ void tst_QSslSocket_onDemandCertificates_member::onDemandRootCertLoadingMemberMe sslConfig.setCaCertificates(QList<QSslCertificate>()); socket3->setSslConfiguration(sslConfig); socket3->connectToHostEncrypted(host, 443); - QVERIFY(!waitForEncrypted(socket3.data())); + QVERIFY2(!waitForEncrypted(socket3.data()), ERR(socket3)); // setting empty SSL configuration explicitly -> depends on on-demand loading QSslSocketPtr socket4 = newSocket(); @@ -229,16 +230,20 @@ void tst_QSslSocket_onDemandCertificates_member::onDemandRootCertLoadingMemberMe #ifdef QT_BUILD_INTERNAL const bool works = QSslSocketPrivate::rootCertOnDemandLoadingSupported(); #if defined(Q_OS_LINUX) || defined(Q_OS_WIN) - QCOMPARE(works, true); + QVERIFY2(works, ERR(socket4)); #elif defined(Q_OS_MAC) - QCOMPARE(works, false); + QVERIFY2(!works, ERR(socket4)); #endif // other platforms: undecided. // When we *allow* on-demand loading, we enable it by default; so, on Unix, // it will work without setting any certificates. Otherwise, the configuration // contains an empty set of certificates, so on-demand loading shall fail. - QCOMPARE(waitForEncrypted(socket4.data()), works); + const bool result = waitForEncrypted(socket4.data()); + if (result != works) + qDebug() << socket4->errorString(); + QCOMPARE(waitForEncrypted(socket4.data()), works); #endif // QT_BUILD_INTERNAL } +#undef ERR #endif // QT_NO_OPENSSL diff --git a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/CMakeLists.txt b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/CMakeLists.txt index 62af5fb10c..696eec98ee 100644 --- a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/CMakeLists.txt @@ -1,7 +1,11 @@ # Copyright (C) 2022 The Qt Company Ltd. # SPDX-License-Identifier: BSD-3-Clause -# Generated from qsslsocket_onDemandCertificates_static.pro. +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qsslsocket_onDemandCertificates_static LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() if(NOT QT_FEATURE_private_tests) return() @@ -17,20 +21,6 @@ qt_internal_add_test(tst_qsslsocket_onDemandCertificates_static LIBRARIES Qt::CorePrivate Qt::NetworkPrivate - QT_TEST_SERVER_LIST "squid" "danted" # special case + QT_TEST_SERVER_LIST "squid" "danted" + BUNDLE_ANDROID_OPENSSL_LIBS ) - -#### Keys ignored in scope 1:.:.:qsslsocket_onDemandCertificates_static.pro:<TRUE>: -# _REQUIREMENTS = "qtConfig(private_tests)" - -## Scopes: -##################################################################### - -#### Keys ignored in scope 3:.:.:qsslsocket_onDemandCertificates_static.pro:(CMAKE_BUILD_TYPE STREQUAL Debug): -# DESTDIR = "debug" - -#### Keys ignored in scope 4:.:.:qsslsocket_onDemandCertificates_static.pro:else: -# DESTDIR = "release" - -#### Keys ignored in scope 5:.:.:qsslsocket_onDemandCertificates_static.pro:LINUX: -# QT_TEST_SERVER_LIST = "squid" "danted" diff --git a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/tst_qsslsocket_onDemandCertificates_static.cpp b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/tst_qsslsocket_onDemandCertificates_static.cpp index 95aba0b29c..c5475da581 100644 --- a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/tst_qsslsocket_onDemandCertificates_static.cpp +++ b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/tst_qsslsocket_onDemandCertificates_static.cpp @@ -1,5 +1,5 @@ // Copyright (C) 2016 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QtNetwork> diff --git a/tests/auto/network/ssl/shared/qopenssl_symbols.h b/tests/auto/network/ssl/shared/qopenssl_symbols.h index 7f1f6c8285..c98e90d424 100644 --- a/tests/auto/network/ssl/shared/qopenssl_symbols.h +++ b/tests/auto/network/ssl/shared/qopenssl_symbols.h @@ -1,6 +1,6 @@ // Copyright (C) 2021 The Qt Company Ltd. // Copyright (C) 2014 BlackBerry Limited. All rights reserved. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only /**************************************************************************** ** @@ -502,6 +502,12 @@ QStringList findAllLibCrypto() #ifdef Q_OS_WIN +#if (OPENSSL_VERSION_NUMBER >> 28) < 3 +#define QT_OPENSSL_VERSION "1_1" +#elif OPENSSL_VERSION_MAJOR == 3 // Starting with 3.0 this define is available +#define QT_OPENSSL_VERSION "3" +#endif // > 3 intentionally left undefined + struct LoadedOpenSsl { std::unique_ptr<QSystemLibrary> ssl, crypto; }; @@ -540,8 +546,9 @@ static LoadedOpenSsl loadOpenSsl() #define QT_SSL_SUFFIX #endif - tryToLoadOpenSslWin32Library(QLatin1String("libssl-1_1" QT_SSL_SUFFIX), - QLatin1String("libcrypto-1_1" QT_SSL_SUFFIX), result); + tryToLoadOpenSslWin32Library(QLatin1String("libssl-" QT_OPENSSL_VERSION QT_SSL_SUFFIX), + QLatin1String("libcrypto-" QT_OPENSSL_VERSION QT_SSL_SUFFIX), + result); #undef QT_SSL_SUFFIX return result; diff --git a/tests/auto/network/ssl/shared/tlshelpers.h b/tests/auto/network/ssl/shared/tlshelpers.h index 71db837d4b..de3c2ea51a 100644 --- a/tests/auto/network/ssl/shared/tlshelpers.h +++ b/tests/auto/network/ssl/shared/tlshelpers.h @@ -1,5 +1,5 @@ // Copyright (C) 2021 The Qt Company Ltd. -// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QtNetwork/qtnetworkglobal.h> |