From 3f51fb011ccb5cc3697f23477ecb7b65b75f5a1a Mon Sep 17 00:00:00 2001
From: Rainer Keller <Rainer.Keller@qt.io>
Date: Mon, 19 Aug 2019 11:23:49 +0200
Subject: Fix compile errors for open62541

Task-number: QTBUG-77667
Change-Id: I99bcf7b3ac0de26174ce6d5f6fa2221c54dd4bd2
Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
---
 src/3rdparty/open62541.pri | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/3rdparty/open62541.pri b/src/3rdparty/open62541.pri
index 9d101f7..fa753c7 100644
--- a/src/3rdparty/open62541.pri
+++ b/src/3rdparty/open62541.pri
@@ -8,7 +8,7 @@ win32-g++: LIBS += -lws2_32
 win32-msvc|winrt: {
     SOURCES += $$OPEN62541_SOURCES
 } else {
-    OPEN62541_CFLAGS += -Wno-unused-parameter -Wno-unused-function -Wno-incompatible-pointer-types -Wno-format
+    OPEN62541_CFLAGS += -Wno-unused-parameter -Wno-unused-function -Wno-incompatible-pointer-types -Wno-format -std=c99
 
     # The open62541 source code produces lots of warnings.
     # This custom compiler will disable these warnings just for open62541.c
-- 
cgit v1.2.3


From 6048c94d6aabcfc1157771ee6ae70488d2d2b66a Mon Sep 17 00:00:00 2001
From: Friedemann Kleint <Friedemann.Kleint@qt.io>
Date: Mon, 19 Aug 2019 15:31:46 +0200
Subject: Improve termination of examples

Ensure the simulation server is terminated, fixing a process leak
(QProcess: Destroyed while process ("...simulationserver.exe") is
still running).

Attempt to close the connection only when it is actually connected.

Change-Id: Ib110ab339b00f1ba6df126e96d82f1c158936f95
Reviewed-by: Rainer Keller <Rainer.Keller@qt.io>
---
 examples/opcua/waterpump/waterpump-qml/main.cpp               | 11 ++++++++++-
 examples/opcua/waterpump/waterpump-qmlcpp/main.cpp            | 11 ++++++++++-
 .../opcua/waterpump/waterpump-qmlcpp/opcuamachinebackend.cpp  |  2 +-
 3 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/examples/opcua/waterpump/waterpump-qml/main.cpp b/examples/opcua/waterpump/waterpump-qml/main.cpp
index 8a1963c..f63614d 100644
--- a/examples/opcua/waterpump/waterpump-qml/main.cpp
+++ b/examples/opcua/waterpump/waterpump-qml/main.cpp
@@ -89,5 +89,14 @@ int main(int argc, char *argv[])
     if (engine.rootObjects().isEmpty())
         return EXIT_FAILURE;
 
-    return app.exec();
+    const int exitCode = QCoreApplication::exec();
+    if (serverProcess.state() == QProcess::Running) {
+#ifndef Q_OS_WIN
+        serverProcess.terminate();
+#else
+        serverProcess.kill();
+#endif
+        serverProcess.waitForFinished();
+    }
+    return exitCode;
 }
diff --git a/examples/opcua/waterpump/waterpump-qmlcpp/main.cpp b/examples/opcua/waterpump/waterpump-qmlcpp/main.cpp
index fb22c3d..35ec80a 100644
--- a/examples/opcua/waterpump/waterpump-qmlcpp/main.cpp
+++ b/examples/opcua/waterpump/waterpump-qmlcpp/main.cpp
@@ -93,5 +93,14 @@ int main(int argc, char *argv[])
     if (engine.rootObjects().isEmpty())
         return EXIT_FAILURE;
 
-    return app.exec();
+    const int exitCode = QCoreApplication::exec();
+    if (serverProcess.state() == QProcess::Running) {
+#ifndef Q_OS_WIN
+        serverProcess.terminate();
+#else
+        serverProcess.kill();
+#endif
+        serverProcess.waitForFinished();
+    }
+    return exitCode;
 }
diff --git a/examples/opcua/waterpump/waterpump-qmlcpp/opcuamachinebackend.cpp b/examples/opcua/waterpump/waterpump-qmlcpp/opcuamachinebackend.cpp
index e6ac84e..858282d 100644
--- a/examples/opcua/waterpump/waterpump-qmlcpp/opcuamachinebackend.cpp
+++ b/examples/opcua/waterpump/waterpump-qmlcpp/opcuamachinebackend.cpp
@@ -72,7 +72,7 @@ OpcUaMachineBackend::OpcUaMachineBackend(QObject *parent)
 
 OpcUaMachineBackend::~OpcUaMachineBackend()
 {
-    if (m_client)
+    if (m_client && m_client->state() == QOpcUaClient::Connected)
         m_client->disconnectFromEndpoint();
 }
 
-- 
cgit v1.2.3


From 48f5b75b1416689cf2c8fbde4b03c7e9e6435a8b Mon Sep 17 00:00:00 2001
From: Rainer Keller <Rainer.Keller@qt.io>
Date: Mon, 5 Aug 2019 15:38:35 +0200
Subject: doc: Remove certificate signature from key usage
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Change-Id: Ieb6d1dcb24f98ecbe9eca7508310d668b10d7e30
Reviewed-by: Jannis Völker <jannis.voelker@basyskom.com>
---
 src/opcua/doc/src/security.qdoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/opcua/doc/src/security.qdoc b/src/opcua/doc/src/security.qdoc
index 472ae3c..a5ad8b4 100644
--- a/src/opcua/doc/src/security.qdoc
+++ b/src/opcua/doc/src/security.qdoc
@@ -74,7 +74,7 @@
 
     [ req_ext ]
     basicConstraints = critical, CA:FALSE
-    keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment, keyCertSign
+    keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
     subjectAltName = URI:urn:foo.com:The%20Qt%20Company:QtOpcUaViewer,DNS:foo.com
     subjectKeyIdentifier = hash
     authorityKeyIdentifier=keyid:always,issuer:always
-- 
cgit v1.2.3


From aa577dbeda9d12d803972a9d87d88b47490863b2 Mon Sep 17 00:00:00 2001
From: Rainer Keller <Rainer.Keller@qt.io>
Date: Tue, 20 Aug 2019 09:08:12 +0200
Subject: examples: Fix certificate path on windows
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The PKI folder is outside the release/debug folder.

Change-Id: I87f46ae4ce579e6ad8aaf246761622503d6b4b88
Reviewed-by: Jannis Völker <jannis.voelker@basyskom.com>
---
 examples/opcua/opcuaviewer/mainwindow.cpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/examples/opcua/opcuaviewer/mainwindow.cpp b/examples/opcua/opcuaviewer/mainwindow.cpp
index 23e41f0..589cd6d 100644
--- a/examples/opcua/opcuaviewer/mainwindow.cpp
+++ b/examples/opcua/opcuaviewer/mainwindow.cpp
@@ -192,7 +192,11 @@ MainWindow::MainWindow(QWidget *parent) : QMainWindow(parent)
 //! [PKI Configuration]
 void MainWindow::setupPkiConfiguration()
 {
-    const QString pkidir = QCoreApplication::applicationDirPath() + "/pki";
+    QString pkidir = QCoreApplication::applicationDirPath();
+#ifdef Q_OS_WIN
+    pkidir += "../";
+#endif
+    pkidir += "/pki";
     m_pkiConfig.setClientCertificateFile(pkidir + "/own/certs/opcuaviewer.der");
     m_pkiConfig.setPrivateKeyFile(pkidir + "/own/private/opcuaviewer.pem");
     m_pkiConfig.setTrustListDirectory(pkidir + "/trusted/certs");
-- 
cgit v1.2.3


From 53453bea465dbc7a15824ad4db2b19df44e62623 Mon Sep 17 00:00:00 2001
From: Rainer Keller <Rainer.Keller@qt.io>
Date: Tue, 6 Aug 2019 13:19:35 +0200
Subject: tests: Always build security test
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

but check instead if the actual endpoint policy is supported by the backend.

Change-Id: Ic1dbcd83b936beccb0378505744d4e1e3b292d22
Reviewed-by: Jannis Völker <jannis.voelker@basyskom.com>
---
 tests/auto/auto.pro                  |  4 +---
 tests/auto/security/security.pro     |  6 ++++++
 tests/auto/security/tst_security.cpp | 17 +++++++++++++++--
 3 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/tests/auto/auto.pro b/tests/auto/auto.pro
index a90406f..9d8b7db 100644
--- a/tests/auto/auto.pro
+++ b/tests/auto/auto.pro
@@ -1,5 +1,5 @@
 TEMPLATE = subdirs
-SUBDIRS +=  qopcuaclient connection clientSetupInCpp
+SUBDIRS +=  qopcuaclient connection clientSetupInCpp security
 
 QT_FOR_CONFIG += opcua-private
 
@@ -8,5 +8,3 @@ qtHaveModule(qmltest):qtConfig(open62541)|qtConfig(uacpp) {
     SUBDIRS += declarative
 }
 
-# This tries to check if the server supports security
-qtConfig(mbedtls): SUBDIRS += security
diff --git a/tests/auto/security/security.pro b/tests/auto/security/security.pro
index d3d203e..bde83f7 100644
--- a/tests/auto/security/security.pro
+++ b/tests/auto/security/security.pro
@@ -7,3 +7,9 @@ RESOURCES += certs.qrc
 
 SOURCES += \
     tst_security.cpp
+
+HEADERS += \
+    $$PWD/../../common/backend_environment.h
+
+INCLUDEPATH += \
+    $$PWD/../../common
diff --git a/tests/auto/security/tst_security.cpp b/tests/auto/security/tst_security.cpp
index 95bf22f..f2ddd68 100644
--- a/tests/auto/security/tst_security.cpp
+++ b/tests/auto/security/tst_security.cpp
@@ -34,6 +34,8 @@
 **
 ****************************************************************************/
 
+#include "backend_environment.h"
+
 #include <QtOpcUa/QOpcUaAuthenticationInformation>
 #include <QtOpcUa/QOpcUaClient>
 #include <QtOpcUa/QOpcUaEndpointDescription>
@@ -249,19 +251,23 @@ void Tst_QOpcUaSecurity::initTestCase()
                 qDebug() << endpoint.securityPolicy();
             }
         }
-
-        QVERIFY(m_endpoints.size() > 0);
     }
 }
 
 void Tst_QOpcUaSecurity::connectAndDisconnectSecureUnencryptedKey()
 {
+    if (m_endpoints.size() == 0)
+        QSKIP("No secure endpoints available");
+
     QFETCH(QString, backend);
     QFETCH(QOpcUaEndpointDescription, endpoint);
 
     QScopedPointer<QOpcUaClient> client(m_opcUa.createClient(backend));
     QVERIFY2(client, QString("Loading backend failed: %1").arg(backend).toLatin1().data());
 
+    if (!client->supportedSecurityPolicies().contains(endpoint.securityPolicy()))
+        QSKIP(QString("This test is skipped because backend %1 does not support security policy %2").arg(client->backend()).arg(endpoint.securityPolicy()).toLatin1().constData());
+
     const QString pkidir = m_pkiData->path();
     QOpcUaPkiConfiguration pkiConfig;
     pkiConfig.setClientCertificateFile(pkidir + "/own/certs/tst_security.der");
@@ -315,6 +321,9 @@ void Tst_QOpcUaSecurity::connectAndDisconnectSecureUnencryptedKey()
 
 void Tst_QOpcUaSecurity::connectAndDisconnectSecureEncryptedKey()
 {
+    if (m_endpoints.size() == 0)
+        QSKIP("No secure endpoints available");
+
     QFETCH(QString, backend);
     QFETCH(QOpcUaEndpointDescription, endpoint);
 
@@ -324,6 +333,9 @@ void Tst_QOpcUaSecurity::connectAndDisconnectSecureEncryptedKey()
     if (client->backend() == QLatin1String("open62541"))
         QSKIP(QString("This test is skipped because backend %1 does not support encrypted keys").arg(client->backend()).toLatin1().constData());
 
+    if (!client->supportedSecurityPolicies().contains(endpoint.securityPolicy()))
+        QSKIP(QString("This test is skipped because backend %1 does not support security policy %2").arg(client->backend()).arg(endpoint.securityPolicy()).toLatin1().constData());
+
     const QString pkidir = m_pkiData->path();
     QOpcUaPkiConfiguration pkiConfig;
     pkiConfig.setClientCertificateFile(pkidir + "/own/certs/tst_security.der");
@@ -396,6 +408,7 @@ void Tst_QOpcUaSecurity::cleanupTestCase()
 
 int main(int argc, char *argv[])
 {
+    updateEnvironment();
     QCoreApplication app(argc, argv);
 
     QTEST_SET_MAIN_SOURCE_PATH
-- 
cgit v1.2.3