diff options
Diffstat (limited to 'tests/auto/network/ssl')
8 files changed, 160 insertions, 60 deletions
diff --git a/tests/auto/network/ssl/qsslcertificate/BLACKLIST b/tests/auto/network/ssl/qsslcertificate/BLACKLIST new file mode 100644 index 0000000000..25509a5ca8 --- /dev/null +++ b/tests/auto/network/ssl/qsslcertificate/BLACKLIST @@ -0,0 +1,3 @@ +# OpenSSL version is too new. Rich will fix :) +[subjectAndIssuerAttributes] +* diff --git a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp index 748c240f3d..4c288fffaf 100644 --- a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp +++ b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp @@ -775,7 +775,7 @@ void tst_QSslCertificate::certInfo() QVERIFY(cert.expiryDate() < QDateTime::currentDateTime()); // cert has expired QSslCertificate copy = cert; - QVERIFY(cert == copy); + QCOMPARE(cert, copy); QVERIFY(!(cert != copy)); QCOMPARE(cert, QSslCertificate(pem, QSsl::Pem)); @@ -833,6 +833,9 @@ void tst_QSslCertificate::task256066toPem() void tst_QSslCertificate::nulInCN() { +#ifdef QT_SECURETRANSPORT + QSKIP("Generic QSslCertificatePrivate fails this test"); +#endif QList<QSslCertificate> certList = QSslCertificate::fromPath(testDataDir + "/more-certificates/badguy-nul-cn.crt"); QCOMPARE(certList.size(), 1); @@ -849,6 +852,9 @@ void tst_QSslCertificate::nulInCN() void tst_QSslCertificate::nulInSan() { +#ifdef QT_SECURETRANSPORT + QSKIP("Generic QSslCertificatePrivate fails this test"); +#endif QList<QSslCertificate> certList = QSslCertificate::fromPath(testDataDir + "/more-certificates/badguy-nul-san.crt"); QCOMPARE(certList.size(), 1); @@ -976,6 +982,9 @@ void tst_QSslCertificate::subjectAndIssuerAttributes() void tst_QSslCertificate::verify() { +#ifdef QT_SECURETRANSPORT + QSKIP("Not implemented in SecureTransport"); +#endif QList<QSslError> errors; QList<QSslCertificate> toVerify; @@ -1069,7 +1078,7 @@ void tst_QSslCertificate::extensions() QSslCertificate cert = certList[0]; QList<QSslCertificateExtension> extensions = cert.extensions(); - QVERIFY(extensions.count() == 9); + QCOMPARE(extensions.count(), 9); int unknown_idx = -1; int authority_info_idx = -1; @@ -1101,8 +1110,8 @@ void tst_QSslCertificate::extensions() // Unknown QSslCertificateExtension unknown = extensions[unknown_idx]; - QVERIFY(unknown.oid() == QStringLiteral("1.3.6.1.5.5.7.1.12")); - QVERIFY(unknown.name() == QStringLiteral("1.3.6.1.5.5.7.1.12")); + QCOMPARE(unknown.oid(), QStringLiteral("1.3.6.1.5.5.7.1.12")); + QCOMPARE(unknown.name(), QStringLiteral("1.3.6.1.5.5.7.1.12")); QVERIFY(!unknown.isCritical()); QVERIFY(!unknown.isSupported()); @@ -1114,8 +1123,8 @@ void tst_QSslCertificate::extensions() // Authority Info Access QSslCertificateExtension aia = extensions[authority_info_idx]; - QVERIFY(aia.oid() == QStringLiteral("1.3.6.1.5.5.7.1.1")); - QVERIFY(aia.name() == QStringLiteral("authorityInfoAccess")); + QCOMPARE(aia.oid(), QStringLiteral("1.3.6.1.5.5.7.1.1")); + QCOMPARE(aia.name(), QStringLiteral("authorityInfoAccess")); QVERIFY(!aia.isCritical()); QVERIFY(aia.isSupported()); @@ -1124,32 +1133,32 @@ void tst_QSslCertificate::extensions() QString ocsp = aiaValue[QStringLiteral("OCSP")].toString(); QString caIssuers = aiaValue[QStringLiteral("caIssuers")].toString(); - QVERIFY(ocsp == QStringLiteral("http://EVIntl-ocsp.verisign.com")); - QVERIFY(caIssuers == QStringLiteral("http://EVIntl-aia.verisign.com/EVIntl2006.cer")); + QCOMPARE(ocsp, QStringLiteral("http://EVIntl-ocsp.verisign.com")); + QCOMPARE(caIssuers, QStringLiteral("http://EVIntl-aia.verisign.com/EVIntl2006.cer")); // Basic constraints QSslCertificateExtension basic = extensions[basic_constraints_idx]; - QVERIFY(basic.oid() == QStringLiteral("2.5.29.19")); - QVERIFY(basic.name() == QStringLiteral("basicConstraints")); + QCOMPARE(basic.oid(), QStringLiteral("2.5.29.19")); + QCOMPARE(basic.name(), QStringLiteral("basicConstraints")); QVERIFY(!basic.isCritical()); QVERIFY(basic.isSupported()); QVariantMap basicValue = basic.value().toMap(); QCOMPARE(basicValue.keys(), QList<QString>() << QStringLiteral("ca")); - QVERIFY(basicValue[QStringLiteral("ca")].toBool() == false); + QVERIFY(!basicValue[QStringLiteral("ca")].toBool()); // Subject key identifier QSslCertificateExtension subjectKey = extensions[subject_key_idx]; - QVERIFY(subjectKey.oid() == QStringLiteral("2.5.29.14")); - QVERIFY(subjectKey.name() == QStringLiteral("subjectKeyIdentifier")); + QCOMPARE(subjectKey.oid(), QStringLiteral("2.5.29.14")); + QCOMPARE(subjectKey.name(), QStringLiteral("subjectKeyIdentifier")); QVERIFY(!subjectKey.isCritical()); QVERIFY(subjectKey.isSupported()); - QVERIFY(subjectKey.value().toString() == QStringLiteral("5F:90:23:CD:24:CA:52:C9:36:29:F0:7E:9D:B1:FE:08:E0:EE:69:F0")); + QCOMPARE(subjectKey.value().toString(), QStringLiteral("5F:90:23:CD:24:CA:52:C9:36:29:F0:7E:9D:B1:FE:08:E0:EE:69:F0")); // Authority key identifier QSslCertificateExtension authKey = extensions[auth_key_idx]; - QVERIFY(authKey.oid() == QStringLiteral("2.5.29.35")); - QVERIFY(authKey.name() == QStringLiteral("authorityKeyIdentifier")); + QCOMPARE(authKey.oid(), QStringLiteral("2.5.29.35")); + QCOMPARE(authKey.name(), QStringLiteral("authorityKeyIdentifier")); QVERIFY(!authKey.isCritical()); QVERIFY(authKey.isSupported()); @@ -1167,7 +1176,7 @@ void tst_QSslCertificate::extensionsCritical() QSslCertificate cert = certList[0]; QList<QSslCertificateExtension> extensions = cert.extensions(); - QVERIFY(extensions.count() == 9); + QCOMPARE(extensions.count(), 9); int basic_constraints_idx = -1; int key_usage_idx = -1; @@ -1186,19 +1195,19 @@ void tst_QSslCertificate::extensionsCritical() // Basic constraints QSslCertificateExtension basic = extensions[basic_constraints_idx]; - QVERIFY(basic.oid() == QStringLiteral("2.5.29.19")); - QVERIFY(basic.name() == QStringLiteral("basicConstraints")); + QCOMPARE(basic.oid(), QStringLiteral("2.5.29.19")); + QCOMPARE(basic.name(), QStringLiteral("basicConstraints")); QVERIFY(basic.isCritical()); QVERIFY(basic.isSupported()); QVariantMap basicValue = basic.value().toMap(); QCOMPARE(basicValue.keys(), QList<QString>() << QStringLiteral("ca")); - QVERIFY(basicValue[QStringLiteral("ca")].toBool() == false); + QVERIFY(!basicValue[QStringLiteral("ca")].toBool()); // Key Usage QSslCertificateExtension keyUsage = extensions[key_usage_idx]; - QVERIFY(keyUsage.oid() == QStringLiteral("2.5.29.15")); - QVERIFY(keyUsage.name() == QStringLiteral("keyUsage")); + QCOMPARE(keyUsage.oid(), QStringLiteral("2.5.29.15")); + QCOMPARE(keyUsage.name(), QStringLiteral("keyUsage")); QVERIFY(keyUsage.isCritical()); QVERIFY(!keyUsage.isSupported()); } @@ -1257,21 +1266,21 @@ void tst_QSslCertificate::threadSafeConstMethods() t2.start(); QVERIFY(t1.wait(5000)); QVERIFY(t2.wait(5000)); - QVERIFY(t1.cert == t2.cert); - QVERIFY(t1.effectiveDate == t2.effectiveDate); - QVERIFY(t1.expiryDate == t2.expiryDate); + QCOMPARE(t1.cert, t2.cert); + QCOMPARE(t1.effectiveDate, t2.effectiveDate); + QCOMPARE(t1.expiryDate, t2.expiryDate); //QVERIFY(t1.extensions == t2.extensions); // no equality operator, so not tested - QVERIFY(t1.isBlacklisted == t2.isBlacklisted); - QVERIFY(t1.issuerInfo == t2.issuerInfo); - QVERIFY(t1.issuerInfoAttributes == t2.issuerInfoAttributes); - QVERIFY(t1.publicKey == t2.publicKey); - QVERIFY(t1.serialNumber == t2.serialNumber); - QVERIFY(t1.subjectInfo == t2.subjectInfo); - QVERIFY(t1.subjectInfoAttributes == t2.subjectInfoAttributes); - QVERIFY(t1.toDer == t2.toDer); - QVERIFY(t1.toPem == t2.toPem); - QVERIFY(t1.toText == t2.toText); - QVERIFY(t1.version == t2.version); + QCOMPARE(t1.isBlacklisted, t2.isBlacklisted); + QCOMPARE(t1.issuerInfo, t2.issuerInfo); + QCOMPARE(t1.issuerInfoAttributes, t2.issuerInfoAttributes); + QCOMPARE(t1.publicKey, t2.publicKey); + QCOMPARE(t1.serialNumber, t2.serialNumber); + QCOMPARE(t1.subjectInfo, t2.subjectInfo); + QCOMPARE(t1.subjectInfoAttributes, t2.subjectInfoAttributes); + QCOMPARE(t1.toDer, t2.toDer); + QCOMPARE(t1.toPem, t2.toPem); + QCOMPARE(t1.toText, t2.toText); + QCOMPARE(t1.version, t2.version); } diff --git a/tests/auto/network/ssl/qsslkey/BLACKLIST b/tests/auto/network/ssl/qsslkey/BLACKLIST new file mode 100644 index 0000000000..a08e1f35eb --- /dev/null +++ b/tests/auto/network/ssl/qsslkey/BLACKLIST @@ -0,0 +1 @@ +linux diff --git a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp index d570037015..a7957d3288 100644 --- a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp +++ b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp @@ -39,7 +39,7 @@ #include <QtNetwork/qhostaddress.h> #include <QtNetwork/qnetworkproxy.h> -#if !defined(QT_NO_SSL) && defined(QT_NO_OPENSSL) && defined(QT_BUILD_INTERNAL) +#if !defined(QT_NO_SSL) && defined(QT_BUILD_INTERNAL) #include "private/qsslkey_p.h" #define TEST_CRYPTO #endif diff --git a/tests/auto/network/ssl/qsslsocket/BLACKLIST b/tests/auto/network/ssl/qsslsocket/BLACKLIST index 17b606e2be..4146a352e9 100644 --- a/tests/auto/network/ssl/qsslsocket/BLACKLIST +++ b/tests/auto/network/ssl/qsslsocket/BLACKLIST @@ -1,2 +1,3 @@ +windows [waitForConnectedEncryptedReadyRead:WithSocks5ProxyAuth] * diff --git a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp index b95b72a41e..257df13343 100644 --- a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp +++ b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp @@ -170,6 +170,9 @@ private slots: void protocol(); void protocolServerSide_data(); void protocolServerSide(); +#ifndef QT_NO_OPENSSL + void serverCipherPreferences(); +#endif // QT_NO_OPENSSL void setCaCertificates(); void setLocalCertificate(); void localCertificateChain(); @@ -463,7 +466,9 @@ void tst_QSslSocket::constructing() QCOMPARE(socket.peerAddress(), QHostAddress()); QVERIFY(socket.peerName().isEmpty()); QCOMPARE(socket.peerPort(), quint16(0)); +#ifndef QT_NO_NETWORKPROXY QCOMPARE(socket.proxy().type(), QNetworkProxy::DefaultProxy); +#endif QCOMPARE(socket.readBufferSize(), qint64(0)); QCOMPARE(socket.socketDescriptor(), (qintptr)-1); QCOMPARE(socket.socketType(), QAbstractSocket::TcpSocket); @@ -817,7 +822,7 @@ void tst_QSslSocket::peerCertificateChain() this->socket = socket.data(); QList<QSslCertificate> caCertificates = QSslCertificate::fromPath(QLatin1String(SRCDIR "certs/qt-test-server-cacert.pem")); - QVERIFY(caCertificates.count() == 1); + QCOMPARE(caCertificates.count(), 1); socket->addCaCertificates(caCertificates); #ifdef QSSLSOCKET_CERTUNTRUSTED_WORKAROUND connect(socket.data(), SIGNAL(sslErrors(QList<QSslError>)), @@ -863,7 +868,7 @@ void tst_QSslSocket::peerCertificateChain() QSKIP("Skipping flaky test - See QTBUG-29941"); QCOMPARE(socket->peerCertificateChain().first(), socket->peerCertificate()); - QVERIFY(socket->peerCertificateChain() == certChain); + QCOMPARE(socket->peerCertificateChain(), certChain); socket->disconnectFromHost(); QVERIFY(socket->waitForDisconnected()); @@ -1063,6 +1068,7 @@ public: const QString &certFile = SRCDIR "certs/fluke.cert", const QString &interFile = QString()) : socket(0), + config(QSslConfiguration::defaultConfiguration()), ignoreSslErrors(true), peerVerifyMode(QSslSocket::AutoVerifyPeer), protocol(QSsl::TlsV1_0), @@ -1071,6 +1077,7 @@ public: m_interFile(interFile) { } QSslSocket *socket; + QSslConfiguration config; QString addCaCertificates; bool ignoreSslErrors; QSslSocket::PeerVerifyMode peerVerifyMode; @@ -1084,6 +1091,7 @@ protected: void incomingConnection(qintptr socketDescriptor) { socket = new QSslSocket(this); + socket->setSslConfiguration(config); socket->setPeerVerifyMode(peerVerifyMode); socket->setProtocol(protocol); if (ignoreSslErrors) @@ -1254,6 +1262,78 @@ void tst_QSslSocket::protocolServerSide() QCOMPARE(client->isEncrypted(), works); } +#ifndef QT_NO_OPENSSL + +void tst_QSslSocket::serverCipherPreferences() +{ + if (!QSslSocket::supportsSsl()) { + qWarning("SSL not supported, skipping test"); + return; + } + + QFETCH_GLOBAL(bool, setProxy); + if (setProxy) + return; + + // First using the default (server preference) + { + SslServer server; + server.ciphers = QString("AES128-SHA:AES256-SHA"); + QVERIFY(server.listen()); + + QEventLoop loop; + QTimer::singleShot(5000, &loop, SLOT(quit())); + + QSslSocketPtr client(new QSslSocket); + socket = client.data(); + socket->setCiphers("AES256-SHA:AES128-SHA"); + + // upon SSL wrong version error, error will be triggered, not sslErrors + connect(socket, SIGNAL(error(QAbstractSocket::SocketError)), &loop, SLOT(quit())); + connect(socket, SIGNAL(sslErrors(QList<QSslError>)), this, SLOT(ignoreErrorSlot())); + connect(socket, SIGNAL(encrypted()), &loop, SLOT(quit())); + + client->connectToHostEncrypted(QHostAddress(QHostAddress::LocalHost).toString(), server.serverPort()); + + loop.exec(); + + QVERIFY(client->isEncrypted()); + QCOMPARE(client->sessionCipher().name(), QString("AES128-SHA")); + } + + { + // Now using the client preferences + SslServer server; + QSslConfiguration config = QSslConfiguration::defaultConfiguration(); + config.setSslOption(QSsl::SslOptionDisableServerCipherPreference, true); + server.config = config; + server.ciphers = QString("AES128-SHA:AES256-SHA"); + QVERIFY(server.listen()); + + QEventLoop loop; + QTimer::singleShot(5000, &loop, SLOT(quit())); + + QSslSocketPtr client(new QSslSocket); + socket = client.data(); + socket->setCiphers("AES256-SHA:AES128-SHA"); + + // upon SSL wrong version error, error will be triggered, not sslErrors + connect(socket, SIGNAL(error(QAbstractSocket::SocketError)), &loop, SLOT(quit())); + connect(socket, SIGNAL(sslErrors(QList<QSslError>)), this, SLOT(ignoreErrorSlot())); + connect(socket, SIGNAL(encrypted()), &loop, SLOT(quit())); + + client->connectToHostEncrypted(QHostAddress(QHostAddress::LocalHost).toString(), server.serverPort()); + + loop.exec(); + + QVERIFY(client->isEncrypted()); + QCOMPARE(client->sessionCipher().name(), QString("AES256-SHA")); + } +} + +#endif // QT_NO_OPENSSL + + void tst_QSslSocket::setCaCertificates() { if (!QSslSocket::supportsSsl()) @@ -1655,7 +1735,7 @@ void tst_QSslSocket::spontaneousWrite() QSslSocket *sender = server.socket; QVERIFY(sender); - QVERIFY(sender->state() == QAbstractSocket::ConnectedState); + QCOMPARE(sender->state(), QAbstractSocket::ConnectedState); receiver->setObjectName("receiver"); sender->setObjectName("sender"); receiver->ignoreSslErrors(); @@ -1700,7 +1780,7 @@ void tst_QSslSocket::setReadBufferSize() QSslSocket *sender = server.socket; QVERIFY(sender); - QVERIFY(sender->state() == QAbstractSocket::ConnectedState); + QCOMPARE(sender->state(), QAbstractSocket::ConnectedState); receiver->setObjectName("receiver"); sender->setObjectName("sender"); receiver->ignoreSslErrors(); @@ -2109,6 +2189,7 @@ void tst_QSslSocket::disconnectFromHostWhenConnected() void tst_QSslSocket::resetProxy() { +#ifndef QT_NO_NETWORKPROXY QFETCH_GLOBAL(bool, setProxy); if (setProxy) return; @@ -2148,6 +2229,7 @@ void tst_QSslSocket::resetProxy() socket2.setProxy(goodProxy); socket2.connectToHostEncrypted(QtNetworkSettings::serverName(), 443); QVERIFY2(socket2.waitForConnected(10000), qPrintable(socket.errorString())); +#endif // QT_NO_NETWORKPROXY } void tst_QSslSocket::ignoreSslErrorsList_data() @@ -2254,7 +2336,7 @@ void tst_QSslSocket::readFromClosedSocket() socket->close(); QVERIFY(!socket->bytesAvailable()); QVERIFY(!socket->bytesToWrite()); - QVERIFY(socket->state() == QAbstractSocket::UnconnectedState); + QCOMPARE(socket->state(), QAbstractSocket::UnconnectedState); } void tst_QSslSocket::writeBigChunk() @@ -2281,7 +2363,7 @@ void tst_QSslSocket::writeBigChunk() QString errorBefore = socket->errorString(); int ret = socket->write(data.constData(), data.size()); - QVERIFY(data.size() == ret); + QCOMPARE(data.size(), ret); // spin the event loop once so QSslSocket::transmit() gets called QCoreApplication::processEvents(); @@ -2298,7 +2380,7 @@ void tst_QSslSocket::writeBigChunk() QByteArray("unexpected error: ").append(qPrintable(errorAfter))); // check that everything has been written to OpenSSL - QVERIFY(socket->bytesToWrite() == 0); + QCOMPARE(socket->bytesToWrite(), 0); socket->close(); } @@ -2322,7 +2404,7 @@ void tst_QSslSocket::blacklistedCertificates() QSslSocket *sender = server.socket; QVERIFY(sender); - QVERIFY(sender->state() == QAbstractSocket::ConnectedState); + QCOMPARE(sender->state(), QAbstractSocket::ConnectedState); receiver->setObjectName("receiver"); sender->setObjectName("sender"); receiver->startClientEncryption(); @@ -2354,28 +2436,28 @@ void tst_QSslSocket::sslOptions() #ifdef SSL_OP_NO_COMPRESSION QCOMPARE(QSslSocketBackendPrivate::setupOpenSslOptions(QSsl::SecureProtocols, QSslConfigurationPrivate::defaultSslOptions), - long(SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_COMPRESSION)); + long(SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_COMPRESSION|SSL_OP_CIPHER_SERVER_PREFERENCE)); #else QCOMPARE(QSslSocketBackendPrivate::setupOpenSslOptions(QSsl::SecureProtocols, QSslConfigurationPrivate::defaultSslOptions), - long(SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3)); + long(SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_CIPHER_SERVER_PREFERENCE)); #endif QCOMPARE(QSslSocketBackendPrivate::setupOpenSslOptions(QSsl::SecureProtocols, QSsl::SslOptionDisableEmptyFragments |QSsl::SslOptionDisableLegacyRenegotiation), - long(SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3)); + long(SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_CIPHER_SERVER_PREFERENCE)); #ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION QCOMPARE(QSslSocketBackendPrivate::setupOpenSslOptions(QSsl::SecureProtocols, QSsl::SslOptionDisableEmptyFragments), - long((SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))); + long((SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION|SSL_OP_CIPHER_SERVER_PREFERENCE))); #endif #ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS QCOMPARE(QSslSocketBackendPrivate::setupOpenSslOptions(QSsl::SecureProtocols, QSsl::SslOptionDisableLegacyRenegotiation), - long((SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3) & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)); + long((SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_CIPHER_SERVER_PREFERENCE) & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)); #endif #ifdef SSL_OP_NO_TICKET @@ -2383,7 +2465,7 @@ void tst_QSslSocket::sslOptions() QSsl::SslOptionDisableEmptyFragments |QSsl::SslOptionDisableLegacyRenegotiation |QSsl::SslOptionDisableSessionTickets), - long((SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TICKET))); + long((SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TICKET|SSL_OP_CIPHER_SERVER_PREFERENCE))); #endif #ifdef SSL_OP_NO_TICKET @@ -2393,7 +2475,7 @@ void tst_QSslSocket::sslOptions() |QSsl::SslOptionDisableLegacyRenegotiation |QSsl::SslOptionDisableSessionTickets |QSsl::SslOptionDisableCompression), - long((SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TICKET|SSL_OP_NO_COMPRESSION))); + long((SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TICKET|SSL_OP_NO_COMPRESSION|SSL_OP_CIPHER_SERVER_PREFERENCE))); #endif #endif } @@ -2648,9 +2730,9 @@ void tst_QSslSocket::qtbug18498_peek2() while (client->bytesAvailable() < 7 && stopwatch.elapsed() < 5000) QTest::qWait(100); char c; - QVERIFY(client->peek(&c,1) == 1); + QCOMPARE(client->peek(&c,1), 1); QCOMPARE(c, 'H'); - QVERIFY(client->read(&c,1) == 1); + QCOMPARE(client->read(&c,1), 1); QCOMPARE(c, 'H'); QByteArray b = client->peek(2); QCOMPARE(b, QByteArray("EL")); @@ -2686,7 +2768,7 @@ void tst_QSslSocket::qtbug18498_peek2() // ### Qt5 use QTRY_VERIFY while (server->bytesAvailable() < 10 && stopwatch.elapsed() < 5000) QTest::qWait(100); - QVERIFY(server->peek(&c,1) == 1); + QCOMPARE(server->peek(&c,1), 1); QCOMPARE(c, 'S'); b = server->peek(3); QCOMPARE(b, QByteArray("STA")); @@ -2722,9 +2804,9 @@ void tst_QSslSocket::qtbug18498_peek2() while (client->bytesAvailable() < 7 && stopwatch.elapsed() < 5000) QTest::qWait(100); QVERIFY(server->mode() == QSslSocket::SslServerMode && client->mode() == QSslSocket::SslClientMode); - QVERIFY(client->peek(&c,1) == 1); + QCOMPARE(client->peek(&c,1), 1); QCOMPARE(c, 'h'); - QVERIFY(client->read(&c,1) == 1); + QCOMPARE(client->read(&c,1), 1); QCOMPARE(c, 'h'); b = client->peek(2); QCOMPARE(b, QByteArray("el")); @@ -2734,7 +2816,7 @@ void tst_QSslSocket::qtbug18498_peek2() stopwatch.start(); while (server->bytesAvailable() < 9 && stopwatch.elapsed() < 5000) QTest::qWait(100); - QVERIFY(server->peek(&c,1) == 1); + QCOMPARE(server->peek(&c,1), 1); QCOMPARE(c, 'g'); QCOMPARE(server->readAll(), QByteArray("goodbye\r\n")); client->disconnectFromHost(); @@ -2768,7 +2850,7 @@ void tst_QSslSocket::dhServer() client->connectToHostEncrypted(QHostAddress(QHostAddress::LocalHost).toString(), server.serverPort()); loop.exec(); - QVERIFY(client->state() == QAbstractSocket::ConnectedState); + QCOMPARE(client->state(), QAbstractSocket::ConnectedState); } void tst_QSslSocket::ecdhServer() @@ -2798,7 +2880,7 @@ void tst_QSslSocket::ecdhServer() client->connectToHostEncrypted(QHostAddress(QHostAddress::LocalHost).toString(), server.serverPort()); loop.exec(); - QVERIFY(client->state() == QAbstractSocket::ConnectedState); + QCOMPARE(client->state(), QAbstractSocket::ConnectedState); } void tst_QSslSocket::verifyClientCertificate_data() diff --git a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/BLACKLIST b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/BLACKLIST new file mode 100644 index 0000000000..c9b628d79b --- /dev/null +++ b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_member/BLACKLIST @@ -0,0 +1,2 @@ +[onDemandRootCertLoadingMemberMethods] +linux diff --git a/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/BLACKLIST b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/BLACKLIST new file mode 100644 index 0000000000..52bd2bc86d --- /dev/null +++ b/tests/auto/network/ssl/qsslsocket_onDemandCertificates_static/BLACKLIST @@ -0,0 +1,2 @@ +[onDemandRootCertLoadingStaticMethods:WithSocks5ProxyAuth] +windows |