tst_qsslsocket: Make an ALPN test available to other backends
Currently only available for the OpenSSL backend to use but doesn't actually rely on anything OpenSSL specific. Move it so it can be used by the Schannel backend in an upcoming patch Change-Id: Ia29b153bf3f29cff0d62a41ec5dd7d4671a18095 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This commit is contained in:
parent
58c9c4b609
commit
fe1907435d
@ -233,12 +233,13 @@ private slots:
|
|||||||
void verifyClientCertificate();
|
void verifyClientCertificate();
|
||||||
void readBufferMaxSize();
|
void readBufferMaxSize();
|
||||||
|
|
||||||
|
void allowedProtocolNegotiation();
|
||||||
|
|
||||||
#ifndef QT_NO_OPENSSL
|
#ifndef QT_NO_OPENSSL
|
||||||
void simplePskConnect_data();
|
void simplePskConnect_data();
|
||||||
void simplePskConnect();
|
void simplePskConnect();
|
||||||
void ephemeralServerKey_data();
|
void ephemeralServerKey_data();
|
||||||
void ephemeralServerKey();
|
void ephemeralServerKey();
|
||||||
void allowedProtocolNegotiation();
|
|
||||||
void pskServer();
|
void pskServer();
|
||||||
void forwardReadChannelFinished();
|
void forwardReadChannelFinished();
|
||||||
void signatureAlgorithm_data();
|
void signatureAlgorithm_data();
|
||||||
@ -3405,6 +3406,45 @@ void tst_QSslSocket::setEmptyDefaultConfiguration() // this test should be last,
|
|||||||
QSKIP("Skipping flaky test - See QTBUG-29941");
|
QSKIP("Skipping flaky test - See QTBUG-29941");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void tst_QSslSocket::allowedProtocolNegotiation()
|
||||||
|
{
|
||||||
|
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_TLSEXT)
|
||||||
|
|
||||||
|
QFETCH_GLOBAL(bool, setProxy);
|
||||||
|
if (setProxy)
|
||||||
|
return;
|
||||||
|
|
||||||
|
const QByteArray expectedNegotiated("cool-protocol");
|
||||||
|
QList<QByteArray> serverProtos;
|
||||||
|
serverProtos << expectedNegotiated << "not-so-cool-protocol";
|
||||||
|
QList<QByteArray> clientProtos;
|
||||||
|
clientProtos << "uber-cool-protocol" << expectedNegotiated << "not-so-cool-protocol";
|
||||||
|
|
||||||
|
|
||||||
|
SslServer server;
|
||||||
|
server.config.setAllowedNextProtocols(serverProtos);
|
||||||
|
QVERIFY(server.listen());
|
||||||
|
|
||||||
|
QSslSocket clientSocket;
|
||||||
|
auto configuration = clientSocket.sslConfiguration();
|
||||||
|
configuration.setAllowedNextProtocols(clientProtos);
|
||||||
|
clientSocket.setSslConfiguration(configuration);
|
||||||
|
|
||||||
|
clientSocket.connectToHostEncrypted("127.0.0.1", server.serverPort());
|
||||||
|
clientSocket.ignoreSslErrors();
|
||||||
|
|
||||||
|
QEventLoop loop;
|
||||||
|
QTimer::singleShot(5000, &loop, SLOT(quit()));
|
||||||
|
connect(&clientSocket, SIGNAL(encrypted()), &loop, SLOT(quit()));
|
||||||
|
loop.exec();
|
||||||
|
|
||||||
|
QVERIFY(server.socket->sslConfiguration().nextNegotiatedProtocol() ==
|
||||||
|
clientSocket.sslConfiguration().nextNegotiatedProtocol());
|
||||||
|
QVERIFY(server.socket->sslConfiguration().nextNegotiatedProtocol() == expectedNegotiated);
|
||||||
|
|
||||||
|
#endif // OPENSSL_VERSION_NUMBER
|
||||||
|
}
|
||||||
|
|
||||||
#ifndef QT_NO_OPENSSL
|
#ifndef QT_NO_OPENSSL
|
||||||
class PskProvider : public QObject
|
class PskProvider : public QObject
|
||||||
{
|
{
|
||||||
@ -3818,45 +3858,6 @@ void tst_QSslSocket::ephemeralServerKey()
|
|||||||
QCOMPARE(client->sslConfiguration().ephemeralServerKey().isNull(), emptyKey);
|
QCOMPARE(client->sslConfiguration().ephemeralServerKey().isNull(), emptyKey);
|
||||||
}
|
}
|
||||||
|
|
||||||
void tst_QSslSocket::allowedProtocolNegotiation()
|
|
||||||
{
|
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_TLSEXT)
|
|
||||||
|
|
||||||
QFETCH_GLOBAL(bool, setProxy);
|
|
||||||
if (setProxy)
|
|
||||||
return;
|
|
||||||
|
|
||||||
const QByteArray expectedNegotiated("cool-protocol");
|
|
||||||
QList<QByteArray> serverProtos;
|
|
||||||
serverProtos << expectedNegotiated << "not-so-cool-protocol";
|
|
||||||
QList<QByteArray> clientProtos;
|
|
||||||
clientProtos << "uber-cool-protocol" << expectedNegotiated << "not-so-cool-protocol";
|
|
||||||
|
|
||||||
|
|
||||||
SslServer server;
|
|
||||||
server.config.setAllowedNextProtocols(serverProtos);
|
|
||||||
QVERIFY(server.listen());
|
|
||||||
|
|
||||||
QSslSocket clientSocket;
|
|
||||||
auto configuration = clientSocket.sslConfiguration();
|
|
||||||
configuration.setAllowedNextProtocols(clientProtos);
|
|
||||||
clientSocket.setSslConfiguration(configuration);
|
|
||||||
|
|
||||||
clientSocket.connectToHostEncrypted("127.0.0.1", server.serverPort());
|
|
||||||
clientSocket.ignoreSslErrors();
|
|
||||||
|
|
||||||
QEventLoop loop;
|
|
||||||
QTimer::singleShot(5000, &loop, SLOT(quit()));
|
|
||||||
connect(&clientSocket, SIGNAL(encrypted()), &loop, SLOT(quit()));
|
|
||||||
loop.exec();
|
|
||||||
|
|
||||||
QVERIFY(server.socket->sslConfiguration().nextNegotiatedProtocol() ==
|
|
||||||
clientSocket.sslConfiguration().nextNegotiatedProtocol());
|
|
||||||
QVERIFY(server.socket->sslConfiguration().nextNegotiatedProtocol() == expectedNegotiated);
|
|
||||||
|
|
||||||
#endif // OPENSSL_VERSION_NUMBER
|
|
||||||
}
|
|
||||||
|
|
||||||
void tst_QSslSocket::pskServer()
|
void tst_QSslSocket::pskServer()
|
||||||
{
|
{
|
||||||
#ifdef Q_OS_WINRT
|
#ifdef Q_OS_WINRT
|
||||||
|
Loading…
Reference in New Issue
Block a user