diff options
Diffstat (limited to 'tests/auto/network')
7 files changed, 274 insertions, 7 deletions
diff --git a/tests/auto/network/access/qnetworkcookiejar/tst_qnetworkcookiejar.cpp b/tests/auto/network/access/qnetworkcookiejar/tst_qnetworkcookiejar.cpp index 284201db29..4ee4b67ec0 100644 --- a/tests/auto/network/access/qnetworkcookiejar/tst_qnetworkcookiejar.cpp +++ b/tests/auto/network/access/qnetworkcookiejar/tst_qnetworkcookiejar.cpp @@ -451,7 +451,7 @@ void tst_QNetworkCookieJar::effectiveTLDs_data() QTest::newRow("yes-wildcard1.5") << "anything.jm" << true; QTest::newRow("yes-wildcard2") << "something.kh" << true; QTest::newRow("yes-wildcard3") << "whatever.uk" << true; - QTest::newRow("yes-wildcard4") << "anything.shizuoka.jp" << true; + QTest::newRow("yes-wildcard4") << "anything.sendai.jp" << true; QTest::newRow("yes-wildcard5") << "foo.sch.uk" << true; } diff --git a/tests/auto/network/access/qnetworkreply/tst_qnetworkreply.cpp b/tests/auto/network/access/qnetworkreply/tst_qnetworkreply.cpp index 624ce5e800..bcc0641973 100644 --- a/tests/auto/network/access/qnetworkreply/tst_qnetworkreply.cpp +++ b/tests/auto/network/access/qnetworkreply/tst_qnetworkreply.cpp @@ -71,6 +71,9 @@ #ifndef QT_NO_SSL #include <QtNetwork/qsslerror.h> #include <QtNetwork/qsslconfiguration.h> +#ifdef QT_BUILD_INTERNAL +#include <QtNetwork/private/qsslconfiguration_p.h> +#endif #endif #ifndef QT_NO_BEARERMANAGEMENT #include <QtNetwork/qnetworkconfigmanager.h> @@ -173,6 +176,9 @@ public Q_SLOTS: void sslErrors(QNetworkReply*,const QList<QSslError> &); void storeSslConfiguration(); void ignoreSslErrorListSlot(QNetworkReply *reply, const QList<QSslError> &); +#ifdef QT_BUILD_INTERNAL + void sslSessionSharingHelperSlot(); +#endif #endif protected Q_SLOTS: @@ -355,8 +361,13 @@ private Q_SLOTS: void ignoreSslErrorsList(); void ignoreSslErrorsListWithSlot_data(); void ignoreSslErrorsListWithSlot(); + void encrypted(); void sslConfiguration_data(); void sslConfiguration(); +#ifdef QT_BUILD_INTERNAL + void sslSessionSharing_data(); + void sslSessionSharing(); +#endif #endif void getAndThenDeleteObject_data(); @@ -5857,6 +5868,24 @@ void tst_QNetworkReply::sslConfiguration_data() QTest::newRow("secure") << conf << true; } +void tst_QNetworkReply::encrypted() +{ + qDebug() << QtNetworkSettings::serverName(); + QUrl url("https://" + QtNetworkSettings::serverName()); + QNetworkRequest request(url); + QNetworkReply *reply = manager.get(request); + reply->ignoreSslErrors(); + + QSignalSpy spy(reply, SIGNAL(encrypted())); + connect(reply, SIGNAL(finished()), &QTestEventLoop::instance(), SLOT(exitLoop())); + QTestEventLoop::instance().enterLoop(20); + QVERIFY(!QTestEventLoop::instance().timeout()); + + QCOMPARE(spy.count(), 1); + + reply->deleteLater(); +} + void tst_QNetworkReply::sslConfiguration() { QNetworkRequest request(QUrl("https://" + QtNetworkSettings::serverName() + "/index.html")); @@ -5871,6 +5900,73 @@ void tst_QNetworkReply::sslConfiguration() QCOMPARE(reply->error(), expectedError); } +#ifdef QT_BUILD_INTERNAL + +void tst_QNetworkReply::sslSessionSharing_data() +{ + QTest::addColumn<bool>("sessionSharingEnabled"); + QTest::newRow("enabled") << true; + QTest::newRow("disabled") << false; +} + +void tst_QNetworkReply::sslSessionSharing() +{ + QString urlString("https://" + QtNetworkSettings::serverName()); + QList<QNetworkReplyPtr> replies; + + // warm up SSL session cache + QNetworkRequest warmupRequest(urlString); + QFETCH(bool, sessionSharingEnabled); + warmupRequest.setAttribute(QNetworkRequest::User, sessionSharingEnabled); // so we can read it from the slot + if (! sessionSharingEnabled) { + QSslConfiguration configuration(QSslConfiguration::defaultConfiguration()); + configuration.setSslOption(QSsl::SslOptionDisableSessionTickets, true); + warmupRequest.setSslConfiguration(configuration); + } + QNetworkReply *reply = manager.get(warmupRequest); + reply->ignoreSslErrors(); + connect(reply, SIGNAL(finished()), &QTestEventLoop::instance(), SLOT(exitLoop())); + QTestEventLoop::instance().enterLoop(20); + QVERIFY(!QTestEventLoop::instance().timeout()); + QCOMPARE(reply->error(), QNetworkReply::NoError); + reply->deleteLater(); + + // now send several requests at the same time, so we open more sockets and reuse the SSL session + for (int a = 0; a < 6; a++) { + QNetworkRequest request(warmupRequest); + replies.append(QNetworkReplyPtr(manager.get(request))); + connect(replies.at(a), SIGNAL(finished()), this, SLOT(sslSessionSharingHelperSlot())); + } + QTestEventLoop::instance().enterLoop(20); + QVERIFY(!QTestEventLoop::instance().timeout()); +} + +void tst_QNetworkReply::sslSessionSharingHelperSlot() +{ + static int count = 0; + + // check that SSL session sharing was used in at least one of the replies + static bool sslSessionSharingWasUsed = false; + QNetworkReply *reply = qobject_cast<QNetworkReply *>(sender()); + bool sslSessionSharingWasUsedInReply = QSslConfigurationPrivate::peerSessionWasShared(reply->sslConfiguration()); + if (sslSessionSharingWasUsedInReply) + sslSessionSharingWasUsed = true; + + QString urlQueryString = reply->url().query(); + QCOMPARE(reply->error(), QNetworkReply::NoError); + + count++; + + if (count == 6) { // all replies have finished + QTestEventLoop::instance().exitLoop(); + bool sessionSharingWasEnabled = reply->request().attribute(QNetworkRequest::User).toBool(); + QCOMPARE(sslSessionSharingWasUsed, sessionSharingWasEnabled); + count = 0; // reset for next row + sslSessionSharingWasUsed = false; // reset for next row + } +} + +#endif // QT_BUILD_INTERNAL #endif // QT_NO_SSL void tst_QNetworkReply::getAndThenDeleteObject_data() diff --git a/tests/auto/network/ssl/qsslsocket/certs/ca.crt b/tests/auto/network/ssl/qsslsocket/certs/ca.crt new file mode 100644 index 0000000000..5cbe8ef726 --- /dev/null +++ b/tests/auto/network/ssl/qsslsocket/certs/ca.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDpTCCAl2gAwIBAgIQAKraD9BoqaSa75qOqcP7ZTANBgkqhkiG9w0BAQUFADA8 +MQswCQYDVQQGEwJHQjEZMBcGA1UEChMQV2VzdHBvaW50IENBIEtleTESMBAGA1UE +ChMJV2VzdHBvaW50MB4XDTEzMDIxNjE2NTMwOFoXDTIzMDIxNjE2NTMwOFowPDEL +MAkGA1UEBhMCR0IxGTAXBgNVBAoTEFdlc3Rwb2ludCBDQSBLZXkxEjAQBgNVBAoT +CVdlc3Rwb2ludDCCAVIwDQYJKoZIhvcNAQEBBQADggE/ADCCAToCggExAJv0H92j +WjDB9h1DmSQzt772IPSirpE82sN9ls5J19TJcPnw49LdUUqkELJkpS1ty2hYPdUw +7q3n00D+nzS+rt1QIDSKwDVoqeIyFZw4h0ULbASErfy51xBjVIr6NNoiqazp59wQ +RDvqps7of+b/NcbOh73MsiYi8T5OoI4Quv9rMBefQTAI3d2NRQ4GUzS6Hzh2INOc +4twApTDYY+yrU8IalXttIOVdKJZTHeTCdIXD3HMfHCkzyELz8rCI1/wDEp8zyoqF +/tpBStZ5LUSrlRRM7PegqcnM+aojXyrEiXBvPuqO7tabU3nsfix9+8+7GDweDXsP +OUHv+ahGNTUya7hBDaQmVk3/5hbig9kQlNiOcvcdnYYyJqiXhvjPPzOBbRaFNvBT +uG/ehHNHYsdhEBkCAwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8E +BQMDBwYAMB0GA1UdDgQWBBSUJzi1uYQUxqb3Nr33LOLCaUUTyTANBgkqhkiG9w0B +AQUFAAOCATEAPeGh2GiIhT3cii3DU8ihd5TmnEstuHKz2FwHDChmen0zxE8lf08/ +onL1yIeaxbDA8KwZnv71/zZHJv02sPtIMUfuXQc0wOIFjDf0ngc6xIBuU7FUpLxF +2dK7g9OsiNeC7L/ZemRXgpJURdNF2Ujge9/H9yfpHFBXZztmaWir+TXc5g3PKIu6 +97t75Og+stPhTcSlph8ZHYep08b2uthCfcnuIRGeDW9LkfR8VugnuUf7GoIlqSTs +SR6bNuyTnnCHQMJzbsQ472+ag3aZS5HzoR8wyGiPmpc43lQM5ZEDrWGu8bub2gKa +/+KeqHd0wnl7Y5cxnmAptQjxvzBXX/pl4sWczesiGcYm5z5mabp4CY09Y8JtrJZT +IJodXy9ykRmEurgtRoRVc1aSp+xfV725bQ== +-----END CERTIFICATE----- diff --git a/tests/auto/network/ssl/qsslsocket/certs/inter.crt b/tests/auto/network/ssl/qsslsocket/certs/inter.crt new file mode 100644 index 0000000000..4e1d67c3e0 --- /dev/null +++ b/tests/auto/network/ssl/qsslsocket/certs/inter.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDvDCCAnSgAwIBAgIQO+uZxerYC10Ll11PBnVL4TANBgkqhkiG9w0BAQUFADA8 +MQswCQYDVQQGEwJHQjEZMBcGA1UEChMQV2VzdHBvaW50IENBIEtleTESMBAGA1UE +ChMJV2VzdHBvaW50MB4XDTEzMDIxNjE2NTMwOFoXDTIzMDIxNjE2NTMwOFowMjEL +MAkGA1UEBhMCR0IxIzAhBgNVBAoTGldlc3Rwb2ludCBJbnRlcm1lZGlhdGUgS2V5 +MIIBUjANBgkqhkiG9w0BAQEFAAOCAT8AMIIBOgKCATEAsR4tRskg2IFfQFMfGBJ1 +eqlrNejANw0oM6k5HlEB8uFA9qeyAzmflwQUPoJ55KRQ/gVHTOBdWrtgGgPMiekF +1Q36Ry1elwbAl4a+LZ6qsc9ASipvk8HirKpt1v5L9hG+aI4yDxyvjNztFtg5R4P5 +zqsh/WwhCgsYmEVfcSDbhUjqoqxGRLaZxPKO+IMCNFrjZqi0yxc8f6Un4G5SQzHA +4szi/ezcITnAFYWxHG2yaed4hawpxNS1WXabk2rzCi0pWeIcHuIczaCfZ7ElRcqV +VNNXbGTtUDlfIsh6FAVI5kTUDcPV27uf6BmHuFOu/R9Tjni25+vBFvohwQh7ZwCX +5COXnfkJLPkJQQEFVQv8nS27ht/vmyoKjERUeiuMd+hFcN5zl7bS5A2JCgi7erlP +ZQIDAQABo2QwYjAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB/wQFAwMHBgAwHQYD +VR0OBBYEFGn5shQ0SeTcc3x/cNu6TkoV0bPmMB8GA1UdIwQYMBaAFJQnOLW5hBTG +pvc2vfcs4sJpRRPJMA0GCSqGSIb3DQEBBQUAA4IBMQAVDS0enQQ1FL0d92xOFfwx +mjcNPz9oO7jMyEVxAs2eR2QD+xZ3Xj4gAiUEp40aGieDcLv+dg+cmuBFWF61IYSR +UyuoakVm08VDcLAwUzU+xtSvJiSSROb0GsAnVsYZj4TYlvKDplqfapOYaiIkwF+c +iE4n7G0hQW9fzqO+n3FGtBD8YUjghRqLggeRVJ2+8S3Bm8cfx8xPpRIO3ksA6opn +CORRGuzetDHihbks59mkoY3GqKFgBOyrC3kG07nv5wtKjdKDtmD/kS/SAc4fIXKy +Uruq2uXNf/1BUgF5gFGRyj22yB2D0763fJJpl5nqcLrL5RmnVObQKZGhE2VsRTV0 +untj+AmiJivhiAjjkHfw3XDf8tuL7D4pTmEkGgl5xl23fyeTIuygDCLT8fRD3ZqQ +-----END CERTIFICATE----- diff --git a/tests/auto/network/ssl/qsslsocket/certs/leaf.crt b/tests/auto/network/ssl/qsslsocket/certs/leaf.crt new file mode 100644 index 0000000000..4a7dc40540 --- /dev/null +++ b/tests/auto/network/ssl/qsslsocket/certs/leaf.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID3zCCApegAwIBAgIQEKCtd1j2bq5Gk6ND+VmKnjANBgkqhkiG9w0BAQUFADAy +MQswCQYDVQQGEwJHQjEjMCEGA1UEChMaV2VzdHBvaW50IEludGVybWVkaWF0ZSBL +ZXkwHhcNMTMwMjE2MTY1MzA4WhcNMjMwMjE2MTY1MzA4WjA1MQswCQYDVQQGEwJH +QjESMBAGA1UEChMJV2VzdHBvaW50MRIwEAYDVQQDEwkxMjcuMC4wLjEwggFSMA0G +CSqGSIb3DQEBAQUAA4IBPwAwggE6AoIBMQC7EIWIzb7XCfmQQ1KFdZ5E9f49eNK/ +KvsXYfq/iV29K1cz2hUyvfdKgyU5F/+BOPQKQ5zdWn1CraZosFv/ibuO3mhRpMfB +SfNn3rfdrE7WtA0wgT2YNIN0L4aCe+C15j2ESdmyMaFLUaUIS47JS66UtaYxp5ia +mJFO1hSNaoI0pGHyPFTTtfOza9z/01qkBbHB4htzauqs/fX5ZrnyCDSrfpVipXke +zkPKg4MkkytEkjRKw6tSXLpWIgF3ee2N/jBdefqlw8YPW08K0wmwF5qGuX6PZ8vB +sOZeWeCfVr136BopkbfP3TkGWw2BrD8xSzOUez9HVc0v4SZ/7pe5w3L4V/mzYQLt +O+1AHevCjX8+M58HYGBaWCAjxYUPGcGKcj0LLtgZgL6wY88N7RtfeOY3AgMBAAGj +gY0wgYowFAYDVR0RBA0wC4IJMTI3LjAuMC4xMAwGA1UdEwEB/wQCMAAwEwYDVR0l +BAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwcoADAdBgNVHQ4EFgQUKKuyJSrT +Y+dnm1do7l0sVMX96SYwHwYDVR0jBBgwFoAUafmyFDRJ5NxzfH9w27pOShXRs+Yw +DQYJKoZIhvcNAQEFBQADggExAHELijlIFdcncP3B+vxEp0SGKl0arIaCXahivb2F +VxeM3WajN6O+oDRLFltzMeDKA9RVkao7fgITzXQgCGzeNhKv0vc9iDyvR9/67vuS +W8xEEJrYowtw3VK5H1y0ewqZaxJhvKUjm4TBRWe8FGKD3s64lEsfbjOaI5VPidVc +DXmdAlXsj0Hk+v4Ej8mshPQAnVSyJ3D0ZMgTjk8Di28N0qROFIYJaTObK1rCb1nQ +GaCcmbZU6JnkYvVZ+iUe5U0GXFbb+LRNTUT8/fw1zADeHnv/G+WWVrfND+sov5Oc +33fkNE6z+n6ayABVnGLuCYhbzD38sv0dnxeh8vbykNBPzYdzPg6nw3Czv2vlhKpJ +8Yj/maoXuAyTXVf30K1/fAWyU45noq57MjQpU6UxIX1D7qw= +-----END CERTIFICATE----- diff --git a/tests/auto/network/ssl/qsslsocket/certs/leaf.key b/tests/auto/network/ssl/qsslsocket/certs/leaf.key new file mode 100644 index 0000000000..54327925d8 --- /dev/null +++ b/tests/auto/network/ssl/qsslsocket/certs/leaf.key @@ -0,0 +1,32 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIFfAIBAAKCATEAuxCFiM2+1wn5kENShXWeRPX+PXjSvyr7F2H6v4ldvStXM9oV +Mr33SoMlORf/gTj0CkOc3Vp9Qq2maLBb/4m7jt5oUaTHwUnzZ9633axO1rQNMIE9 +mDSDdC+GgnvgteY9hEnZsjGhS1GlCEuOyUuulLWmMaeYmpiRTtYUjWqCNKRh8jxU +07Xzs2vc/9NapAWxweIbc2rqrP31+Wa58gg0q36VYqV5Hs5DyoODJJMrRJI0SsOr +Uly6ViIBd3ntjf4wXXn6pcPGD1tPCtMJsBeahrl+j2fLwbDmXlngn1a9d+gaKZG3 +z905BlsNgaw/MUszlHs/R1XNL+Emf+6XucNy+Ff5s2EC7TvtQB3rwo1/PjOfB2Bg +WlggI8WFDxnBinI9Cy7YGYC+sGPPDe0bX3jmNwIDAQABAoIBMQCczBNyAStGqjjC +oHuKHHWmTh9mPWFBFfDTv6/jXmvxRWPZtaHxH2Qp09Wejqv/D9MWy2ev7spx2oZS +2Ai1ICjTbz83uAwryyW4Wen6aBTJSLCJiLstWk8ZU0DHHLjVH4FO4mwUPh95t5zC +YDr2JXbXdY8xrc5vPxUFZNJjWvR61ZK37bQYpTn5mZ7r3KfsNk2yOylRTDwa9XFo +ZZ+B82NKdrrz0UvGOnXZa5qd1ap7V+67FIAS2Mt8AMzSCG8TW0JXRUk89ISgAd8r +NQTPtX9XCnMZSbBzDKdznXfHS9ZlJcSrpsbQCPcvMVNrdBfCF0eNnsRJffJGdaXI +MsN6PvbcXWD08lXNGyeLjon03RdJnTAamNM3YQEIcjFmu5Y0o0CCJkZSCJPKJGMG +0d/1tN/5AoGZANOcOgQZ9Wiu0ej3YoQ3aSHu3y8ZBJH4B3ViX8i+2x/6UnG7KNaa +4Ygid1upnX6hk4CW5WZcoxGFacrFRpInKh5Ng8lEIHGp0VSzOBVDR0L5sAxutFuX +6N9C0CuH80vD101mOloNnfT5KHZMI5RXqP6sDGUFlwak2XybDL1qOAza3gZAy25H +vS/ll1BneBavikR5j+zxoTztAoGZAOJOJ5RyOrqpNuhiWZylah5LIFT9N1lCF4Hl +ZbFIjUZ4jcApJ7JxkMXNQ4RU/3AiKCC1xr5ib7dd/qyjKXhdMo4SnLoKhapx5R9G +3XOsQMahiCD/Zcymv9tmk8MxxzbLxhZYhEPzIP/NFkua3CHiX+d1e6fkzFLF/EiX +ZGQOgRcFKrlzUeBputRQRXAkKJH+kMClgAWvy28zAoGYKyaMXhG9DV+4xjzMBhIW +iijfsgbz+6AMRU+OIK1qmZa+ARsdNMXYf54noLVxvETOg0ZB+SGizwvZitO3lE4Q +NKWx3fTaeNMcMJ1rLkrN2UZ5M8/PT24muoAxWu8aGbURzmKuO3bTYwT7z0OvbayC +dYw36tG8/knXX6Vub6GdVGG9LKFB2nceiQnUVT0EK/wXwebYBoUvT/ECgZgF9qdG +Wyg/CPyAbS8NWLKOL86fTrjpqjsyWhgu7smCROT/XlZEdoepHrqbvx2oF85U5lVh +aPimrVxrsjUCjfoqEkV9BY/2KOAvzc9CIBTo5xLOQ8yr8uz1XCOiriogwIfsyNJb +dAm3k/D1dxQ79FowoEDs8LONrtfyFcM4e8VdFO7GSkqrDj41IBRkWx+SkVHBMdtI +yxQiTwKBmQCWym2iDCJg1ZZq4/lVwRudMhVmHoD0yoCAwADYHjjAi8QBplM0vfdd +CESKsnBhlcrPGB279BKVJyZHehKZG+/dfnFs+to14l6A3IqU2d6+pu3EyFNX34HS +xo+64QxMeF0akWnSaIPfUJfk36phjCvLBr4eLXN1i4jW3RdGFwF1THXt29VSSGmU +q/hM51H0bsQ13AIVUSdNHA== +-----END RSA PRIVATE KEY----- diff --git a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp index a2bb1ec705..d1ff60ea70 100644 --- a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp +++ b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp @@ -142,6 +142,8 @@ private slots: void protocolServerSide(); void setCaCertificates(); void setLocalCertificate(); + void localCertificateChain(); + void setLocalCertificateChain(); void setPrivateKey(); void setSocketDescriptor(); void setSslConfiguration_data(); @@ -927,15 +929,20 @@ class SslServer : public QTcpServer { Q_OBJECT public: - SslServer(const QString &keyFile = SRCDIR "certs/fluke.key", const QString &certFile = SRCDIR "certs/fluke.cert") + SslServer(const QString &keyFile = SRCDIR "certs/fluke.key", + const QString &certFile = SRCDIR "certs/fluke.cert", + const QString &interFile = QString()) : socket(0), protocol(QSsl::TlsV1_0), m_keyFile(keyFile), - m_certFile(certFile) { } + m_certFile(certFile), + m_interFile(interFile) + { } QSslSocket *socket; QSsl::SslProtocol protocol; QString m_keyFile; QString m_certFile; + QString m_interFile; protected: void incomingConnection(qintptr socketDescriptor) @@ -950,10 +957,24 @@ protected: QVERIFY(!key.isNull()); socket->setPrivateKey(key); - QList<QSslCertificate> localCert = QSslCertificate::fromPath(m_certFile); - QVERIFY(!localCert.isEmpty()); - QVERIFY(localCert.first().handle()); - socket->setLocalCertificate(localCert.first()); + // If we have a cert issued directly from the CA + if (m_interFile.isEmpty()) { + QList<QSslCertificate> localCert = QSslCertificate::fromPath(m_certFile); + QVERIFY(!localCert.isEmpty()); + QVERIFY(localCert.first().handle()); + socket->setLocalCertificate(localCert.first()); + } + else { + QList<QSslCertificate> localCert = QSslCertificate::fromPath(m_certFile); + QVERIFY(!localCert.isEmpty()); + QVERIFY(localCert.first().handle()); + + QList<QSslCertificate> interCert = QSslCertificate::fromPath(m_interFile); + QVERIFY(!interCert.isEmpty()); + QVERIFY(interCert.first().handle()); + + socket->setLocalCertificateChain(localCert + interCert); + } QVERIFY(socket->setSocketDescriptor(socketDescriptor, QAbstractSocket::ConnectedState)); QVERIFY(!socket->peerAddress().isNull()); @@ -1100,6 +1121,55 @@ void tst_QSslSocket::setLocalCertificate() { } +void tst_QSslSocket::localCertificateChain() +{ + if (!QSslSocket::supportsSsl()) + return; + + QSslSocket socket; + socket.setLocalCertificate(QLatin1String(SRCDIR "certs/fluke.cert")); + + QSslConfiguration conf = socket.sslConfiguration(); + QList<QSslCertificate> chain = conf.localCertificateChain(); + QCOMPARE(chain.size(), 1); + QCOMPARE(chain[0], conf.localCertificate()); + QCOMPARE(chain[0], socket.localCertificate()); +} + +void tst_QSslSocket::setLocalCertificateChain() +{ + if (!QSslSocket::supportsSsl()) + return; + + QFETCH_GLOBAL(bool, setProxy); + if (setProxy) + return; + + SslServer server(QLatin1String(SRCDIR "certs/leaf.key"), + QLatin1String(SRCDIR "certs/leaf.crt"), + QLatin1String(SRCDIR "certs/inter.crt")); + + QVERIFY(server.listen()); + + QEventLoop loop; + QTimer::singleShot(5000, &loop, SLOT(quit())); + + socket = new QSslSocket(); + connect(socket, SIGNAL(encrypted()), &loop, SLOT(quit())); + connect(socket, SIGNAL(error(QAbstractSocket::SocketError)), &loop, SLOT(quit())); + connect(socket, SIGNAL(sslErrors(QList<QSslError>)), this, SLOT(ignoreErrorSlot())); + + socket->connectToHostEncrypted(QHostAddress(QHostAddress::LocalHost).toString(), server.serverPort()); + loop.exec(); + + QList<QSslCertificate> chain = socket->peerCertificateChain(); + QCOMPARE(chain.size(), 2); + QCOMPARE(chain[0].serialNumber(), QByteArray("10:a0:ad:77:58:f6:6e:ae:46:93:a3:43:f9:59:8a:9e")); + QCOMPARE(chain[1].serialNumber(), QByteArray("3b:eb:99:c5:ea:d8:0b:5d:0b:97:5d:4f:06:75:4b:e1")); + + socket->deleteLater(); +} + void tst_QSslSocket::setPrivateKey() { } @@ -1533,6 +1603,8 @@ public slots: void tst_QSslSocket::setReadBufferSize_task_250027() { + QSKIP("QTBUG-29730 - flakey test blocking integration"); + // do not execute this when a proxy is set. QFETCH_GLOBAL(bool, setProxy); if (setProxy) |