| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In this threaded setup the server can sometimes have the data before it
calls "waitForReadyRead", what happens then is that we fail the wait and
as a result the test fails overall.
Let's check if we actually got some data after all and then continue if
we did. Since both the client and the server currently wait the same
amount of time (2s) the max timeout for the client was increased by
0.5s so it has some time to notice that the server got the message.
Change-Id: Ib5915958853413047aa5a7574712585bcae28f79
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
(cherry picked from commit e79b1dcdf542be3a20d5c21ea163ff857ed875bf)
Reviewed-by: Simo Fält <simo.falt@qt.io>
(cherry picked from commit d53b8b77bc8de236e148ef2652806015a9a87e2b)
Change-Id: I2f6ffb8e0a9b4d591edb6925e48baffcefc14511
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
|
|
|
|
|
|
|
|
| |
our powerful VMs die/time out on 30 requests, use 10 only.
Change-Id: Ibf3ceedeac1839f9a88f88def844c7d61786b94f
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
(cherry picked from commit 515c6e7639a7df647cfcc8b639e258864aaaa4af)
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If this callback is not set then OpenSSL will call the callback
used for <= TLS 1.2 unconditionally when connecting. If using PSK it
will call it again later once the preshared key is needed.
We don't currently handle the TLSv1.3 PSK, but we definitely should.
But for now we can work around it - when psk_use_session_callback is
called we simply change the PSK callback to a dummy function whose only
purpose is to restore the old callback.
This is mostly done to keep behavior the same as it is now for users
(and to keep our tests running).
Later we can add a new signal and handle this new feature properly.
Reviewed-by: Simo Fält <simo.falt@qt.io>
(cherry picked from commit d8efc8d718e3b3a0464f321e740541f5b221a5d6)
Task-number: QTBUG-67463
Change-Id: I4aca4ae73ec4be7c4f82a85e8864de103f35a834
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use global object to store errors found by q_X509Callback.
Thus, we also use a lock/mutex. It would appear all tests
involving in-process server and QNAM are prone to intermittent
failures on our Windows VMs - it's always about timeouts due
to the client socket (QNAM) locking and the server socket blocking
main thread while trying to acquire the same lock.
The real fix is to re-write our verification callback so that
it does not need locking/does not block the main and 'http'
threads as a result. But such change is too dangerous for
5.13.0 so we instead have a somewhat handicapped/reduced
test on Windows.
The fixed QSSlSocket will go into 5.13.
Task-number: QTBUG-76157
Change-Id: Ia54701bcb3f6f079a69e52c8904ac3efcee4a787
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |\
| |
| |
| | |
Change-Id: I44eda44bf424fdcffab048a2534905d6162e5559
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
to test different h2 modes: "h2c" (clear text with protocol upgrade),
"h2" (encrypted, negotiating via ALPN extension), "h2-direct" (encrypted,
no ALPN), "h2c-direct" (plain text, no protocol upgrade). This patch-set
is an amendment to the recent fix in the protocol handler where we were
crashing in "h2c-direct" mode.
Change-Id: I3ff5ed1396a59b72b59a95f927d404ccd202d0b8
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |\|
| |
| |
| | |
Change-Id: Iec860bb703f983b7438e67c695b9c454e72b3e0f
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Hardcoding IP addresses and their respective DNS records is fragile.
We care about Qt producing the same result as other DNS querying tools,
so testing that instead.
Running a python script for this is easiest, and assumed to be quite
reliable.
In case where python fails/is not present, fall back to nslookup.
That tool is available on Linux, macOS, and Windows, although the
output it produces varies. This change implements very basic
line-parsing that can interpret the various results encountered
during testing on those platforms.
This also reverts commit bbaceff253fae13d8e56691bc9de7e1981db5118,
which blacklisted the tests that failed due to changes in DNS
records.
Use the opportunity to replace usage of gitorious.org.
Change-Id: I967de226bd603c805df7fe3ed4e871d92d2d0750
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\|
| |
| |
| | |
Change-Id: I9935bacae0d6ba532418fc3d28adbc7ca1463604
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The DNS entry for the host has changed, dig answers with dns.google,
not with google-public-dns-a.google.com. While developing a proper
fix to the test, blacklisting this particular lookup allows
integrations to pass in the meantime.
Change-Id: Id37da6b24554803bf4e2c84be5b949ded40566e8
Reviewed-by: Kari Oikarinen <kari.oikarinen@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
It is constantly passing according to grafana.
Change-Id: I4953cd54e27adde8dad79e9a0f025960802e6c7a
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\|
| |
| |
| | |
Change-Id: I71cc71881fb638e207d83a8733bad8f267701c0f
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In the QNetworkAccessManager machinery we would treat "no-cache" as if
it meant "don't cache" while in reality it means "don't return these
cached elements without making sure they're up-to-date"
At the same time as this change is made let's add test data for
"no-store", which replaces the "no-cache" test data.
Fixes: QTBUG-71896
Change-Id: Ieda98f3982884ccc839cac2420c777968c786f6e
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mikhail Svetkin <mikhail.svetkin@qt.io>
|
| |\|
| |
| |
| | |
Change-Id: Iecdf00ca61d819bde532daa42f093860ec4a499e
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previous blacklisting 5c4e5032b5162341168c1cec09f0247c7f2283e7 only
covered RHEL 6.6 and RHEL 7.4. The problem however exists in all
6.x and 7.x distros as they have the same openssl.
This however leaves us the problem with future RHEL 8. This will
keep blacklisting these tests there as well. We need a way to blacklist
versions with a wildcard so that we could say RHEL-7.*
Task-number: QTBUG-46203
Change-Id: I2cc52ba2eac949214ecaa02e19d9e623d5befc49
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\|
| |
| |
| |
| |
| |
| | |
Conflicts:
src/network/access/http2/hpacktable_p.h
Change-Id: Ie0c296667dfdebba84f4858056a1ac80c24ee7df
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
'accept' breaks the order, making the static table unsorted and thus
std::lower_bound cannot find it and we always index it in a dynamic
table. Also, make this static table accessible to auto-test.
Plus fix some warnings quite annoyingly visible in qt-creator.
Fixes: QTBUG-74161
Change-Id: I47410f2ef974ac92797c9804aa55cb5c36a436c4
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |\|
| |
| |
| | |
Change-Id: I9e7cb1b131b7b216aad8ed1b1536669fd1557c21
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It fails on CI (Windows 10). Given our qabstractsocket disables
read notifications/stops emitting readyRead if it already has pending data
(unbuffered, aka UDP socket type) - make sure we do not suffer from this.
The change does not affect the test's logic (unless the logic was to fail),
it just makes it more fail-proof.
Change-Id: I6c9b7ded20478f675260872a2a7032b4f356f197
Fixes: QTBUG-73884
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |\|
| |
| |
| | |
Change-Id: I830beea26863323ab78a5d4b093f7763d77ad3da
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
1. Fix erroneous logic, which was triggered in 'h2' mode (non-TLS connection)
- after the initial protocol upgrade/POST request was handled, the server
(on Windows specifically) was erroneously handling upcoming DATA frames by replying
with another redirect response.
2. Make the test less heavy by sending 1 MB of Qt::Uninitialize instead of 10 MB
- theoretically this could cause a timeout before the redirected request finished
successfully.
Task-number: QTBUG-73873
Change-Id: I961e0a5f50252988edd46d0e73baf96ee22eef3f
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |\|
| |
| |
| | |
Change-Id: Ifa143cc462301aaa305c9c85360e543553a751f0
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
[ChangeLog][qmake] A new feature "cmdline" was added that implies
"CONFIG += console" and "CONFIG -= app_bundle".
Task-number: QTBUG-27079
Change-Id: I6e52b07c9341c904bb1424fc717057432f9360e1
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@gmx.de>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
[ChangeLog][QtNetwork][SSL] The Schannel backend now supports ALPN and
thus HTTP/2.
Change-Id: I1819a936ec3c9e0118b9dad12681f791262d4db2
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\ \
| | |
| | |
| | | |
refs/staging/dev
|
| | |\|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/android/templates/AndroidManifest.xml
tests/auto/widgets/styles/qstylesheetstyle/tst_qstylesheetstyle.cpp
Change-Id: I4c9679e3a8ebba118fbf4772301ff8fde60455b9
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
For some reason behavior of SecureTransport has changed from 10.12 to 10.13
and then to 10.14. On 10.13 SecureTransport fails upon receiving the server's
certificate with 'Unrecoverable error', before we can do a manual verification
and accept the certificate as trusted. Analysis of available source code
shows that they, apparently, do not like MD5 hash which our server is using.
Until certificate is updated on the server or we switch completely to
the Docker-based solution we have to BLACKLIST tests that connect to our
current network test-server. Oddly enough, on 10.14 SecureTransport is
less mean.
Task-number: QTBUG-69873
Change-Id: I7da1883e0970a2f6ddd8385f193b76116d6983e0
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
On Windows and macOS, the containers are deployed into a virtual
machine using the host network. All the containers share the same
hostname (qt-test-server), and they are connected to the same network
domain (local).
When running test in such platforms, use the single-name SSL certificate
(qt-test-server.local) for SSL related tests.
Change-Id: Idf33e01e8dd8814510d848b87b59b5fc0edc903e
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
|
| |/ /
| |
| |
| |
| |
| |
| | |
Change-Id: Id083c1434fcb3a64af40e6f8df720719c1029ca7
Fixes: QTBUG-73289
Reviewed-by: Liang Qi <liang.qi@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently only available for the OpenSSL backend to use but doesn't
actually rely on anything OpenSSL specific.
Move it so it can be used by the Schannel backend in an upcoming patch
Change-Id: Ia29b153bf3f29cff0d62a41ec5dd7d4671a18095
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
While it's not common it still occurs, perhaps especially with 127.0.0.1
Can be tested by attempting to connect to https://1.1.1.1/ using Qt.
Change-Id: Idad56476597ab570b8347236ff700fa66ab5b1f4
Fixes: QTBUG-71828
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Adds support for Schannel, an SSL backend for Windows, as an
alternative to OpenSSL.
[ChangeLog][QtNetwork][Ssl] Added support for Schannel on Desktop
Windows. To build Qt with Schannel support use '-schannel' during
configure.
Task-number: QTBUG-62637
Change-Id: Ic4fb8ed3657dab994f9f4a4ac5cbddc7001a0a46
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| | |
... as we normally do in other tests, using localhost.
Change-Id: I7969d7bfd50b545adae7e23476d17b6224e9a8fc
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The tests of smb protocol only work in the CI network. Therefore,
the docker-based test server for Windows can't pass all the tests of
QNetworkReply.
These two tests should be reworked when adding Samba server to the
docker-based test servers later on.
Task-number: QTBUG-72861
Change-Id: I54e639b5414760ee929d0d28fe10f9e021aff7dc
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
since we'll refuse to continue with a handshake, failing in initSslContext()
on a disabled protocol versions. Then, functions like waitForEncrypted,
connectToHostEncrypted, startServerEncryption and startClientEncryption
should either bail out early (who needs a TCP connection which we'll
abort anyway?) or bail out whenever we can, as soon as a disabled protocol
was found in a configuration. This change also makes the behavior
of different back-ends consistent, since it's a general code-path
that reports the same SslInvalidUserData error. Update auto-test to
... actually test what it claims it tests.
Task-number: QTBUG-72196
Task-number: QTBUG-72179
Change-Id: I548468993410f10c07ce5773b78f38132be8e3e0
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As per RFC 6176 (2011) and RFC 7568 (2015).
Code-wise, we're left with the decision of what to do with a few
enumerators in QSsl::Protocol; I've made TlsV1SslV3 act as TlsV1,
and adjusted the description of AnyProtocol.
A new test was introduced - deprecatedProtocol() - to test that
we, indeed, do not allow use of SSL v2 and v3. protocol() and
protocolServerSide() were reduced to exclude the (now) no-op
and meaningless tests - neither client nor server side can
start a handshake now, since we bail out early in initSslContext().
[ChangeLog][QtNetwork][SSL] Support for SSLv2 and SSLv3
sockets has been dropped, as per RFC 6176 (2011)
and RFC 7568 (2015).
Change-Id: I2fe4e8c3e82adf7aa10d4bdc9e3f7b8c299f77b6
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch introduces a private 'API' to enable server-side OCSP responses
and implements a simple OCSP responder, tests OCSP status on a client
side (the test is pretty basic, but for now should suffice).
Change-Id: I4c6cacd4a1b949dd0ef5e6b59322fb0967d02120
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |\|
| |
| |
| |
| |
| |
| | |
Conflicts:
src/gui/painting/qdrawhelper.cpp
Change-Id: I4916e07b635e1d3830e9b46ef7914f99bec3098e
|
| | |\
| | |
| | |
| | | |
Change-Id: I12bcee17e349edd0dd4fd08da76361d1ffb1a727
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Some tests were fixed and others were skipped/blacklisted.
Task-number: QTBUG-63152
Change-Id: Ica7df555f8d152ee589865911130525101d4b941
Reviewed-by: Liang Qi <liang.qi@qt.io>
|
| | | |
| | |
| | |
| | |
| | | |
Change-Id: I61370a46722f729ea53cb365eab556a97ec5ee7b
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is necessary to provide details for the key too,
when the server is using DHE-RSA-AESxxx-SHAxxx.
Amends 7f77dc84fb434f33ffe96f6633792706b80fb0a3.
Change-Id: I8ab15b6987c17c857f54bc368df3c6c1818f428c
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/corelib/io/qdir.cpp
src/corelib/kernel/qtimer.cpp
src/corelib/kernel/qtimer.h
Done-With: Edward Welbourne <edward.welbourne@qt.io>
Change-Id: I683d897760ec06593136d77955f8bc87fdef3f9f
|
| | |\|
| | |
| | |
| | | |
Change-Id: I909c9cfa0ce80f512de4b4986e626eae66b63afa
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Task-number: QTBUG-71953
Change-Id: I449ee3be8fa748046895386c9cbff90b30ed80c4
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |\ \
| | | |
| | | |
| | | | |
Change-Id: Ic1dd39044e19f50e1068d4ac70dacaad6440e570
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
1. Remove the conditional inclusion of DTLS versions, they made difficult
and unnecessary ugly adding new protocols (something like TlsV1_2OrLater + 4).
2. OpenSSL 1.1.1 first introduced TLS 1.3 support. OpenSSL 1.1 back-end is
compatible with OpenSSL 1.1.1, but would fail to extract/report protocol
versions and set versions like 'TLS 1.3 only' or 'TLS 1.3 or better' on a
new context. Given 1.1.1 is deployed/adapted fast by different distros,
and 5.12 is LTS, we fix this issue by introducing QSsl::Tls1_3 and
QSsl::Tls1_3OrLater.
SecureTransport, WinRT and OpenSSL below 1.1.1 will report an error in case
the application requests this protocol (SecureTransport in future will
probably enable TLS 1.3).
Saying all that, TLS 1.3 support is experimental in QSslSocket.
Done-by: Albert Astals Cid <albert.astals.cid@kdab.com>
Done-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Change-Id: I4a97cc789b62763763cf41c44157ef0a9fd6cbec
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |\| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Conflicts:
src/corelib/serialization/qcborcommon.h
src/corelib/tools/qlocale_data_p.h
tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp
Done-with: Edward Welbourne <edward.welbourne@qt.io>
Change-Id: Ibed987f6d77a0294f78f67d78625237616082416
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
By accident, when we erroneously tried testing TlsV1_3 on macOS with
SecureTransport (which does not support TLS 1.3) we hit this quite
subtle problem: it can happen that a server-side socket is never
created but a client (after TCP connection was established) fails
in TLS initialization and ... stops the loop preventing
SslServer::incomingConnection() from creating its socket. Then we
dereference nullptr.
Task-number: QTBUG-71638
Change-Id: I8dc5a4c53022a25aafe2c80a6931087517a48441
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |\| |
| | |
| | |
| | | |
Change-Id: I6f8d3abd3247dc980dc7834801a017a89c8f4286
|
