Currently only available for the OpenSSL backend to use but doesn't
actually rely on anything OpenSSL specific.
Move it so it can be used by the Schannel backend in an upcoming patch
Change-Id: Ia29b153bf3f29cff0d62a41ec5dd7d4671a18095
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
While it's not common it still occurs, perhaps especially with 127.0.0.1
Can be tested by attempting to connect to https://1.1.1.1/ using Qt.
Change-Id: Idad56476597ab570b8347236ff700fa66ab5b1f4
Fixes: QTBUG-71828
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Adds support for Schannel, an SSL backend for Windows, as an
alternative to OpenSSL.
[ChangeLog][QtNetwork][Ssl] Added support for Schannel on Desktop
Windows. To build Qt with Schannel support use '-schannel' during
configure.
Task-number: QTBUG-62637
Change-Id: Ic4fb8ed3657dab994f9f4a4ac5cbddc7001a0a46
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
... as we normally do in other tests, using localhost.
Change-Id: I7969d7bfd50b545adae7e23476d17b6224e9a8fc
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
The tests of smb protocol only work in the CI network. Therefore,
the docker-based test server for Windows can't pass all the tests of
QNetworkReply.
These two tests should be reworked when adding Samba server to the
docker-based test servers later on.
Task-number: QTBUG-72861
Change-Id: I54e639b5414760ee929d0d28fe10f9e021aff7dc
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
since we'll refuse to continue with a handshake, failing in initSslContext()
on a disabled protocol versions. Then, functions like waitForEncrypted,
connectToHostEncrypted, startServerEncryption and startClientEncryption
should either bail out early (who needs a TCP connection which we'll
abort anyway?) or bail out whenever we can, as soon as a disabled protocol
was found in a configuration. This change also makes the behavior
of different back-ends consistent, since it's a general code-path
that reports the same SslInvalidUserData error. Update auto-test to
... actually test what it claims it tests.
Task-number: QTBUG-72196
Task-number: QTBUG-72179
Change-Id: I548468993410f10c07ce5773b78f38132be8e3e0
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
As per RFC 6176 (2011) and RFC 7568 (2015).
Code-wise, we're left with the decision of what to do with a few
enumerators in QSsl::Protocol; I've made TlsV1SslV3 act as TlsV1,
and adjusted the description of AnyProtocol.
A new test was introduced - deprecatedProtocol() - to test that
we, indeed, do not allow use of SSL v2 and v3. protocol() and
protocolServerSide() were reduced to exclude the (now) no-op
and meaningless tests - neither client nor server side can
start a handshake now, since we bail out early in initSslContext().
[ChangeLog][QtNetwork][SSL] Support for SSLv2 and SSLv3
sockets has been dropped, as per RFC 6176 (2011)
and RFC 7568 (2015).
Change-Id: I2fe4e8c3e82adf7aa10d4bdc9e3f7b8c299f77b6
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
This patch introduces a private 'API' to enable server-side OCSP responses
and implements a simple OCSP responder, tests OCSP status on a client
side (the test is pretty basic, but for now should suffice).
Change-Id: I4c6cacd4a1b949dd0ef5e6b59322fb0967d02120
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Some tests were fixed and others were skipped/blacklisted.
Task-number: QTBUG-63152
Change-Id: Ica7df555f8d152ee589865911130525101d4b941
Reviewed-by: Liang Qi <liang.qi@qt.io>
This is necessary to provide details for the key too,
when the server is using DHE-RSA-AESxxx-SHAxxx.
Amends 7f77dc84fb.
Change-Id: I8ab15b6987c17c857f54bc368df3c6c1818f428c
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
By accident, when we erroneously tried testing TlsV1_3 on macOS with
SecureTransport (which does not support TLS 1.3) we hit this quite
subtle problem: it can happen that a server-side socket is never
created but a client (after TCP connection was established) fails
in TLS initialization and ... stops the loop preventing
SslServer::incomingConnection() from creating its socket. Then we
dereference nullptr.
Task-number: QTBUG-71638
Change-Id: I8dc5a4c53022a25aafe2c80a6931087517a48441
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
1. Remove the conditional inclusion of DTLS versions, they made difficult
and unnecessary ugly adding new protocols (something like TlsV1_2OrLater + 4).
2. OpenSSL 1.1.1 first introduced TLS 1.3 support. OpenSSL 1.1 back-end is
compatible with OpenSSL 1.1.1, but would fail to extract/report protocol
versions and set versions like 'TLS 1.3 only' or 'TLS 1.3 or better' on a
new context. Given 1.1.1 is deployed/adapted fast by different distros,
and 5.12 is LTS, we fix this issue by introducing QSsl::Tls1_3 and
QSsl::Tls1_3OrLater.
SecureTransport, WinRT and OpenSSL below 1.1.1 will report an error in case
the application requests this protocol (SecureTransport in future will
probably enable TLS 1.3).
Saying all that, TLS 1.3 support is experimental in QSslSocket.
Done-by: Albert Astals Cid <albert.astals.cid@kdab.com>
Done-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Change-Id: I4a97cc789b62763763cf41c44157ef0a9fd6cbec
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
on macOS, the test seems to be stable nowadays.
Task-number: QTBUG-39986
Change-Id: I18430c3feb27a5bee5474e1eb95f7d89b25f00a9
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Some of the enums were cast to int on comparison. That just makes it
harder to know what the values were.
And verifyClientCertificate had 4 cases which were named the same as 4
others.
Change-Id: I09e8e346a6f416236a92073cf9a8f349938d37ef
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
The test fails in a few cases due to the simplistic internal
implementation of TLD-checking, but it's still useful to run the tests.
Change-Id: Idafaed13506fbac2e67b1d2ba72da2f0c4e2904c
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Test that we don't silently replace an invalid TLS configuration with
the default one (for now, the only thing that is considered to be
non-valid - is having non-DTLS protocol set).
Change-Id: I6f714b009cf1345a085a3f26d638fc31330f1a94
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
A weird behavior of the DTLS server example, when linked with 1.0.2,
exposed that client code, requesting an invalid protocol (for example, SSLv3)
can end-up with connection encrypted with DTLS 1.2 (which is not that bad,
but totally surprising). When we check the protocol version early in
setDtlsConfiguration() and find a wrong version, we leave our previous
configuration intact and we will use it later during the handshake.
This is wrong. So now we let our user set whatever wrong configuration they
have and later fail in TLS initialization, saying -
'Unsupported protocol, DTLS was expected'.
Auto-test was reduced - the follow-up patch will introduce a new
'invalidConfiguration' auto-test.
Change-Id: I9be054c6112eea11b7801a1595aaf1d34329e1d2
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
with a case when we fail to ignore/pre-set one of possible
verification errors.
Change-Id: I23b06243b61acef1ef3576c51529f3ef6601ba7d
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
When the connection has been encrypted we will,
in QHttpNetworkConnectionChannel::_q_encrypted, emit 'reply->encrypted'
in which user slots can be called.
In the event that the user calls abort it will, however, not abort until
the next time it goes back to the event loop (which might not happen
until after the request has already been sent).
Task-number: QTBUG-65960
Change-Id: I96865f83c47f89deb9f644c86a71948dbb0ec0d0
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
That's actually how ignoreVerificationErrors (and QSslSocket::ignoreSslErrors)
are used to set the expected/known verification errors before handshake.
Auto-test updated too.
Change-Id: I9c700302d81ddb383a4a750fafd594373fb38ace
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
This change frees the tests of their dependence on the Qt internal test
server (qt-test-server.qt-test-net). It makes the developers run the
tests out of Qt testing infrastructure.
If the user has installed Docker engine on their host, the test servers
will be built up inside separate Docker containers, and then, the test
case goes with the Docker-based test servers. Otherwise, the test case
will keep using the Qt internal test server.
Task-number: QTQAINFRA-1686
Change-Id: I518bc3675bfd658938509744b0e7e0610bc8bf66
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
More Qt-style and more natural, also, shorter names.
Change-Id: I97bd68a8614126d518a3853027661435dc4e080d
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
This patch renames rather awkward 'remote' into more conventional
'peer' (similar to what we have in QAbstractSocket).
Change-Id: Ifc45e538b8adf9cc076bd7aee693277829fd94dc
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
The logic seems to be simple - if client code on error signal
tries to close TLS socket and this socket has buffered data,
it calls 'flush' and 'transmit' or even 'startHandshake' as
a result, which in turn will set and emit error again. To auto-
test this, we initiate a handshake with pre-shared key hint
on a server side and both client/server sockets incorrectly
configured (missing PSK signals). We also do early write
into the client socket to make sure it has some data
buffered by the moment we call 'close'.
Task-number: QTBUG-68089
Task-number: QTBUG-56476
Change-Id: I6ba6435bd572ad85d9209c4c81774a397081b34f
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
According to RFC 6347 a DTLS server also must retransmit buffered message(s)
if timeouts happen during the handshake phase (so it's not a client only as
I initially understood it).
Conveniently so an auto-test is already in place and needs just a tiny
adjustment - handshakeWithRetransmission covers both sides.
Change-Id: If914ec3052e28ef5bf12a40e5eede45bbc53e8e0
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
It was observed on OpenSUSE VM in CI - apparently, even after succesfull
read from UDP socket error was not UnknownSocketError. While it's under
investigation, the DTLS auto-test should limit itself by DTLS things and
barely test IO success (socket-wise) when needed.
Change-Id: I0773a02c591432b0d6c894f4131f70e41dc7ed72
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
It all started from the compiler's warnings about 'this' captured but
not used in lambdas. While fixing this it was noticed that 'client' socket
has a lifetime longer than the test case itself (the socket has a parent,
which is tst_QSslSocket object). The 'server' socket was simply leaked.
So there is no guarantee that some of them (or both) later, after the
test failed in one of QVERIFY, for example, does not emit 'encrypted'
upon receiving more data; this will result: in reading/writing from/to
invalid memory location (captured local 'encryptedCount') and/or probably
exiting event loop when it's not expected to do so.
Change-Id: I51de0493d989a5ba36de2cef58d35526c0e26cda
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
This only enables compilation, it doesn't fix any test.
Qt on Android supports process, but not TEST_HELPER_INSTALLS. See also
acdd57cb for winrt.
android-ndk-r10e is used to compile, see
http://doc-snapshots.qt.io/qt5-5.11/androidgs.html .
corelib/io/{qdir,qresourceengine} need to be fixed later.
Done-with: Frederik Gladhorn <frederik.gladhorn@qt.io>
Done-with: Mårten Nordheim <marten.nordheim@qt.io>
Change-Id: I34b924c8ae5d46d6835b8f0a6606450920f4423b
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@qt.io>
The test is somewhat similar to tst_QSslSocket but is smaller (in scope, will
grow in future), it has no QTcpSocket/QAbstractSocket-specific things and
has more DTLS-specific code. At the moment it does not use our network
test server, all work is done in the same process with two QUdpSockets
and two QDtls objects. We test (both on client/server ends):
- parameters validation (for all functions that do this) and
the correctness of error codes/handshake states
- handshake procedure (with/out certificates and with pre-shared keys)
- timeouts and re-transmissions during (D)TLS handshake
- peer verification (and related verification errors)
- aborted/resumed handshake
- encrypted I/O
- DTLS shutdown
For now, this test is OpenSSL-only.
Task-number: QTBUG-67597
Change-Id: I27006bfe3d6c02b89596889e8482a782c630402a
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
This part of DTLS is relatively easy to test: we never do a complete
handshake. Certificates, verification, ciphers, etc. - do not matter
at this stage (to be tested in tst_QDtls). Errors are mostly insignificant
and can be ignored or handled trivially.
The test is OpenSSL-only: SecureTransport failed to correctly implement/
support server-side DTLS, the problem reported quite some time ago and
no fixes from Apple so far.
Task-number: QTBUG-67597
Change-Id: I21ad4907de444ef95d5d83b50083ffe211a184f8
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
It was the same in all test rows, so move it from the _data() to a
fixed value in the test. Also, don't implicitly coerce C-string
literals to QString.
Change-Id: Ieee4c7ffbf251c4b69b5acd79125dfa93eb51d6e
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Unlike QNAM, our toy http2 server sends payload as one big chunk as soon as
it fits in the receive window's size. Internally, 'frame writer' splits this
payload into many DATA frames of the appropriate size (imposed either by the
default value or the one from the client's SETTINGS frame). If some test fails,
we can end up with a server waiting for the writer to send all the DATA frames
though it is not needed anymore - there is nobody to receive them after a failure.
This patch moves such a loop into the test server instead and stops the loop early
if needed.
Change-Id: Iea2dcd718d8f83386fd16004807f6447bf999435
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Previously the test worked because the client was the last party to know
when encryption was established. However, due to changes in the TLSv1.3
handshake the server is now the last one.
In either case, relying on both to be encrypted when one of them is
finished is not great, so now we only quit the event loop when both
client and server have emitted 'encrypted'.
Change-Id: Ic1fc75671206d866f7ea983805fd58a99657aac6
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Replace with QSignalSpy or QTRY_COMPARE when possible.
Task-number: QTBUG-63992
Change-Id: I18dc8837301424855487a12ee62451a5aeb21bf0
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The formatting of the output from QSslCertificate::toText has
changed slightly from before, so it no longer matches the test's
data.
From what I can tell we just do a manual sanity check and create
a new file with the new output and then augment the test.
Task-number: QTBUG-67463
Change-Id: I751e5a3f9a28015f97c895cea47384704fd68e38
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
... but only if the host it came from is an EXACT match. Also only apply
the cookie if the url is an EXACT match.
[ChangeLog][QtNetwork][QNetworkCookieJar] Cookies will no longer be
rejected when the domain matches a TLD. However (to avoid problems
with TLDs), such cookies are only accepted, or sent, when the host name
matches exactly.
Task-number: QTBUG-52040
Change-Id: Ic2ebd9211c48891beb669032591234b57713c31d
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Added a few functions to derive keys from passwords. Currently it
supports PBKDF1 and PBKDF2 as defined in
RFC 8018 ( https://tools.ietf.org/html/rfc8018 ).
[ChangeLog][QtNetwork][QPasswordDigestor] Added QPasswordDigestor
Task-number: QTBUG-30550
Change-Id: I2166b518bd8b54e3486514166e76fd9ba2f219c8
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This patch adds the ability to decode keys which are encoded with PKCS#8
using the generic back-end (used in winrt and secure transport).
It works on both WinRT and macOS; however QSslKey seems unused in the
WinRT backend and it seems only RSA keys can be used for certificates
on macOS. Meaning that DSA and Ec, which in theory* should represent
their unencrypted versions, can't currently be tested properly.
* Can also be confirmed by loading the key using the ST or WinRT
backend, calling toPem(), writing the output to a file and then loading
the unencrypted key using openssl.
[ChangeLog][QtNetwork][QSslKey] Added support for PKCS#8-encoded keys
in the generic SSL back-end (used for SecureTransport on macOS and for
WinRT). Note that it does not support keys encrypted with a PKCS#12
algorithm.
Task-number: QTBUG-59068
Change-Id: Ib27338edc7dbcb5c5e4b02addfdb4b62ac93a4c3
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
QNetworkRequest is already aware of the Last-Modified header but
has been lacking support for the If-Modified-Since, ETag, If-Match
and If-None-Match headers. These headers are used with HTTP to
signal conditional download requests.
See RFC 7232 for more information.
Change-Id: I248577b28e875fafd3e4c44fb31e8d712b6c14f1
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Anton Kudryavtsev <antkudr@mail.ru>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
QTestEventLoop (conveniently so) takes care of timeouts thus no
external QTimer/handling logic needed at all.
Change-Id: Id65ea928daec1e7d9380107e63916896f19d3d14
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
To read data from a named pipe, QWindowsPipeReader uses the ReadFileEx()
function which runs asynchronously. When reading is completed and the
thread is in an alertable wait state, the notified() callback is called
by the system, reporting a completion status of that operation. Then the
callback queues a readyRead signal and starts a new sequence. The latter
is skipped if the pipe is broken or the read buffer is full.
Thus, if an application does not run the event loop, the next call to
QWindowsPipeReader::waitForReadyRead() should emit the queued signal
and report true to the caller even if no new read operation was started.
Change-Id: I37102dbb1c00191d93365bfc2e94e743d9f3962a
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
1. If a request was redirected or some error was encountered, we
try to reset the uploading byte-device.
2. Disconnecting from the byte-device is not enough, since we have a
queued connection, _q_uploadDataReadyRead() gets called even if
byte-device was deleted and thus sender() can return null -
we have to check this condition.
3. Update auto-test with a case where our server immediately
replies with a redirect status code.
Task-number: QTBUG-67469
Task-number: QTBUG-66913
Change-Id: I9b364cf3dee1717940ddbe50cba37c3398cc9c95
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
When we load DER-encoded keys in the openssl-backend we always turn it
into PEM-encoded keys (essentially we prepend and append a header and
footer and use 'toBase64' on the DER data).
The problem comes from the header and footer which is simply chosen
based on which key algorithm was chosen by the user. Which would be
wrong when the key is a PKCS#8 key. This caused OpenSSL to fail when
trying to read it. Surprisingly it still loads correctly for unencrypted
keys with the wrong header, but not for encrypted keys.
This patch adds a small function which checks if a key is an encrypted
PKCS#8 key and then uses this function to figure out if a PKCS#8 header
and footer should be used (note that I only do this for encrypted PKCS#8
keys since, as previously mentioned, unencrypted keys are read correctly
by openssl).
The passphrase is now also passed to the QSslKeyPrivate::decodeDer
function so DER-encoded files can actually be decrypted.
[ChangeLog][QtNetwork][QSslKey] The openssl backend can now load
encrypted PKCS#8 DER-encoded keys.
Task-number: QTBUG-17718
Change-Id: I52eedf19bde297c9aa7fb050e835b3fc0db724e2
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Properly handle single protocol TLS configurations. Previously,
due to the use of generic (non version-specific) client/server method
they worked as ranges of protocols instead. This also fixes a couple
of previously broken tests.
Task-number: QTBUG-67584
Change-Id: Ied23113a4fab6b407a34c953e3bd33eab153bb67
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Except RHEL-6.6 and 7.4
It was blacklisted in f3939d943e, along
with a lot of other entries. No specifics are known about why it was
blacklisted originally, but now it only fails on RHEL because they
use OpenSSL 1.0.1.
Change-Id: I6d1d1b7b7bf5386b2115b8780163550cf03bbad7
Reviewed-by: Gatis Paeglis <gatis.paeglis@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The test creates client and server sockets with mismatching protocol versions,
trying different combinations, for example: 1) server (TLS 1.0) vs
client (TLS 1.2) or 2) server (TLS 1.2) vs client (TLS 1.1), etc.
Since TLS v < 1.2 does not support signature algorithms, they are ignored
and handshake is always successful. But our new OpenSSL 1.1 backend uses
generic TLS_client_method and TLS_server_method when creating SSL_CTX.
This means, both server and client will support TLS v. 1.2, they
will have no shared signature algorithms, thus handshake will fail
with an error string similar to this:
"tls1_set_server_sigalgs:no shared signature algorithms".
For OpenSSL 1.1 this test makes no sense.
Task-number: QTBUG-67456
Change-Id: Ibb2a12eea5e5c0ebaeee7d0719cc721ecf4763e6
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
It is suspected that the fault actually lies in CI infra.
Amends e3cf2a1ae9.
Task-number: QTBUG-66311
Change-Id: I967da283f0b94be1d0b99481d0cbd15ca7f98d45
Reviewed-by: Sami Nurmenniemi <sami.nurmenniemi@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Otherwise the ::debug() test fails when a build does not print qDebug()
messages.
Change-Id: I3f3c4b3c7d74004abe5ed8d7ac52164d4f88ef1f
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
When network access is disabled, every QNAM request returns a
QDisabledNetworkReply instance, which emits error and finished
immediately. However isFinished() was still false, which could confuse
application code.
Change-Id: Ifd43c86364b11a9583a38fde536e6c09c109b55f
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Commit f55c73ede2 added various backendConfig methods;
API review for 5.11 pointed out that Config should not be abbreviated.
Change-Id: I3b294b44a030b2a6e4cdd034fa27583c228dfe42
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The stdout of the processes used in the test was dumped if there was an error,
but the processes write their error messages to stderr.
Use MergedChannels process channel mode to dump both output streams.
Change-Id: I1645fd31c394da0871ee6ae36d37ca9a04d86052
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
The test's client processes are prepared for the server not being ready when
they try to connect and handle QLocalSocket::ServerNotFoundError by waiting and
trying again.
However, on Ubuntu 16.04 and 17.10 and possibly other systems, sometimes the
error returned by qt_safe_connect inside QLocalSocket is ECONNREFUSED instead of
ENOENT. This has caused flaky failures in CI, so wait and try again in the case
of QLocalSocket::ConnectionRefusedError also.
Task-number: QTBUG-66679
Task-number: QTBUG-66216
Change-Id: I61e3d5b052d84c5ba9d1746f2c71db37cedbf925
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@qt.io>
Has been failing a lot lately
Task-number: QTBUG-66247
Change-Id: Id940a573eb299379cacceb836890cbe0b3c896b7
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Without this fix, a fresh clean build of 5.9 will fail.
Change-Id: I69e4da382b07cc6e5e280e99478cbc3d44aa3f27
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
With this change it is possible to use all supported
configurations in different backends without any new interfaces.
Change-Id: Ib233539a970681d30ae3907258730e491f8d3531
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Apparently this (undocumented) TESTDATA feature creates resource files,
but lets you use wildcards as well, which is very handy.
The reason I didn't know/realize this when adapting the tests to use a
".qrc"-file* was because some of the test-cases were using relative
paths instead of the 'testDataDir' variable.
This commit fixes the remaining uses of relative paths, removes a
usage of QDir::setCurrent, and adapts QSslSocket to use TESTDATA.
* in now-reverted commit e1600c1a73
Change-Id: Iee6d88f1e0810eeaadac90e7d44bc6db84bfeabf
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
The code used to fall back to anonymous login independently for username
and password; however, it should only use a fall-back password if the
username is missing or (case-insensitive) "anonymous". When a
non-anonymous username is given without password, we should simply skip
he PASS message to FTP.
If the FTP server requests a password, in the latter case, QFtp will
signal authenticationRequired; in all cases, if the server rejects the
given credentials, QFtp signals authenticationFailed. Either way, the
client code can then query the user for credentials as usual.
Task-number: QTBUG-25033
Change-Id: I2a4a3b2725819ab19c8a7e4baa431af539edcd8d
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Then we don't need to add a leading slash. (minor clean-up)
Change-Id: I86af224841009fda838e7cb89d47d324963328c9
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This reverts commit e1600c1a73.
The commit missed the fact that TESTDATA exists. Which supports
wildcards and then can automatically pick up new files when added (as
long as they match a wildcard) and then you don't need to maintain a
giant qrc file.
Change-Id: Ie31fadb5ef6e8dfe6105f4f9764292f78cffb512
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Unlike higher scopes (like scope 4, admin-local, which the last commit
used), scopes 1 and 2 require a scope in order to bind, even if some
operating systems are lenient. So test that we are able to bind to them
and do bind properly.
Change-Id: Ifb5969bf206e4cd7b14efffd14fba153eab965b9
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Binding without an interface and expecting the OS to select something is
not supported in all OSes. On FreeBSD, I keep getting EADDRNOTAVAIL. So
modify our test to only join, leave and send to multicast groups with an
interface selection.
With this, all tests either pass or are skipped for me on Linux,
FreeBSD, and macOS. On Windows, this revealed an inconsistency in
behavior, which this commit adds a workaround for.
Change-Id: Ifb5969bf206e4cd7b14efffd14fb6815456494d2
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
tst_QUdpSocket::broadcasting and tst_QUdpSocket::pendingDatagramSize
fail on the new Ubuntu 16.04 clean template.
Task-number: QTBUG-65440
Change-Id: I0e973b9c90b7c5827406bac8138370b61992a115
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@qt.io>
The FreeBSD kernel treats them specially, just like link-local (that's
probably why it calls them "interface-local" instead of "node-local").
So instead let's use a random address, which will avoid multiple
tst_qudpsocket, when run on the same network at the same time,
receiving each other's datagrams. It could happen, considering this test
has an 800-second timeout limit.
Change-Id: Ifb5969bf206e4cd7b14efffd14fb592a3166547e
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
This is not an official feature of the networking stacks and does not
work portably across operating systems. So just stop trying to do that.
This was failing reliably (not flaky!) with IPv6 on FreeBSD and
Windows. For IPv4, Windows apparently accepts 239.255.0.0/16 but not
other addresses, so remove IPv4 too.
Change-Id: Ifb5969bf206e4cd7b14efffd14fb682c2839e95d
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Test fails to start on FreeBSD:
FAIL! : tst_QUdpSocket::initTestCase() 'networkSession->waitForOpened(30000)' returned FALSE. ()
Loc: [/usr/home/tjmaciei/src/qt/qt5/qtbase/tests/auto/network/socket/qudpsocket/tst_qudpsocket.cpp(234)]
This commit is basically a revert of the Qt 4.8 commit
a951fb79139498774d021759d0466b4b2ff50e68. FORCE_SESSION was only used by
manual testing, as the commit message said
> 8. For manual testing, added the FORCE_SESSION macro to test behaviour
> of UDP sockets when they have an explicit network session associated
So I doubt it has been tested recently.
Change-Id: Ifb5969bf206e4cd7b14efffd14fb569ebf53497b
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
I broke it in commit 4da2dda2aa. It wasn't
flaky or anything: it was plain broken and would never pass. That
indicates no node in the CI has an IPv4 link-local address (and
apparently neither did I at the time).
Change-Id: Ifb5969bf206e4cd7b14efffd14fb62176546916e
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
FreeBSD, for example, does not have SO_NREAD and its FIONREAD returns
the full socket buffer size, including IP and UDP headers.
Change-Id: Ifb5969bf206e4cd7b14efffd14fb5d8ca778d16a
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
setSession is only used if we have bearer management.
Change-Id: I64b9d29c01566e79bbca5d0dc11d6aee6d9b0bf0
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
The reason for each is given in the skip. It's mostly about the
server-side encryption, which is unimplemented for WinRT.
Change-Id: I036b95a4526e02fd047e193f2b3c9130bec08144
Reviewed-by: Oliver Wolff <oliver.wolff@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
This lets the tests run on devices which previously did not have access
to the files used (WinRT, mobile devices).
Change-Id: Ibdd85862eee6ab1a7d4da87ca321ee9bc9880bfa
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
We have had test.qt-project.org for close to 3 years now.
Change-Id: I71488efd29b645f7b228fffd14fadf4627288243
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
... and unblacklist it on Windows.
From what I can tell there is no particular reason why this test fails
other than that it is a little too slow sometimes (these things happen).
So, to fix the test I bumped the timeout, but to avoid the test running
for longer on every test-run it now also ends when the socket enters
the "Unconnected" state.
Previously it failed 171/500 times, and after this patch it failed
0/1000 times.
Change-Id: I4266bff6b91aaaf502ee66265d01c3a177706402
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
... and unblacklist it.
It was blacklisted some years ago because it was failing too often.
It was failing because the ssl socket had already received and decrypted
all the data it was going to get, meaning the waitForReadyRead call was
just going to block forever.
Change-Id: Ia540735177d4e1be8696f2d752f1d7813faecfe5
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This test became a real pain recently. A close look at the test shows
several problems (strangely enough, the failure can never be
reproduced on real machines, only on VM - Ubuntu and RHEL 6.6).
There are several asserts that are firing from time to time here and
there. They show that the logic in test is broken/incorrect. QNAM can
open several connections to a host, our test then incorrectly resets
its 'client' data-member and bad things can later happen after
'bytesWrittenSlot' executed (and deleted a socket). For example,
I can reproduce this scenario in every second run:
1. incoming connection -> client = socket(descriptor), connect to
client's readyRead (s1)
2. incoming connection -> client = socket(descriptor), connect to
client's readyRead (s2)
QNAM sends a request on s1. We reply on s2 (which is already wrong)
and call client->deleteLater(), which resets client to nullptr.
If QNAM sends something else on s1, we hit assert(!client.isNull()).
To avoid this, whenever 'sender' in any slot is different from the
'client', we use the actual 'sender' to reply. Another problem is this
weird and rather cryptic waitForFinish which is not needed in this
particular test since we wait for reply error, not 'finished'.
As it happened before - it's not clear if these two problems
were the cause of guaranteed fails on CI - an integration failed
~10 times in a row in the same test (not happening anymore though).
Task-number: QTBUG-64569
Change-Id: Id9aa091290350c61fadf1c3c001e7c2e1b5ac8f4
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Also blacklist tst_QNetworkReply::ioHttpRedirectErrors(too-many-redirects)
on RHEL 6.6 in CI.
Conflicts:
tests/auto/network/access/qnetworkreply/BLACKLIST
tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp
Task-number: QTBUG-64569
Change-Id: I7514fc0660c18fd3a3e1d0d0af3f15d879e3c6f4
The verifySessionProtocol() method in the SecureTransport backend did not
properly handle TlsV1_0OrLater, TlsV1_1OrLater and TlsV1_2OrLater.
This commit teaches verifySessionProtocol() about them.
It also adds TlsV1_0OrLater, TlsV1_1OrLater and TlsV1_2OrLater to the
protocolServerSide() test in tst_qsslsocket.
Backport from 5.10 to 5.9 (LTS).
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
(cherry picked from commit 9c765522d1)
Change-Id: I58c53bdf43e0f19b4506f3696d793f657eb4dc6f
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Looking at the failures in grafana it appears this test is also failing
on Windows 64. The same fix applies then, and we use Q_OS_WIN now.
Change-Id: Iafcfd6d1e747f3c816878cad072fbfae3aee19ca
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This allow retrieving the value of the known PMTU for the current
socket. This works on Linux (IPv6 and IPv4) and FreeBSD (IPv6 only) --
the other OSes don't have the necessary API.
Note: do we need add IP_MTU_DISCOVER?
Change-Id: I6e9274c1e7444ad48c81fffd14dcaf97a18ce335
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
We document that -1 is not a valid value. The Windows structure's type
is unsigned, so the value is actually ULONG_MAX.
Change-Id: Ic632b4163d784b83951cfffd14f668645c4da3a9
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This patch works around Windows X86 on QEMU antics.
It appears on this platform the test behaves in some unpredictable manner:
- WSAConnect with 255.255.255.255 does not always immediately fail with
some error, so socket engine waits for a connection timeout (30 s.),
but the test itself
- only waits for 5 seconds and then tests that a request has finished with
error, which is not true (we are still connecting).
To make it work - whenever we have bearermanager feature enabled, set
a connection timeout to something reasonable, not 30 s.
Since we try to connect to each address twice, make timeout 1.5 s
(so it's 3 s. in total and still is < 5 s.).
Task-number: QTBUG-64264
Change-Id: I1d40c140667fca8402ec9344e66d313b6df54256
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The vast majority is actually switched to QRandomGenerator::bounded(),
which gives a mostly uniform distribution over the [0, bound)
range. There are very few floating point cases left, as many of those
that did use floating point did not need to, after all. (I did leave
some that were too ugly for me to understand)
This commit also found a couple of calls to rand() instead of qrand().
This commit does not include changes to SSL code that continues to use
qrand() (job for someone else):
src/network/ssl/qsslkey_qt.cpp
src/network/ssl/qsslsocket_mac.cpp
tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp
Change-Id: Icd0e0d4b27cb4e5eb892fffd14b5285d43f4afbf
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
[ChangeLog][QtNetwork][QNetworkInterface] Added dnsEligibility() to
QNetworkAddressEntry to indicate whether the address is eligible or not
for publication in DNS or similar mechanisms.
Change-Id: Id3ae5f853d964358ac1ab19b525334a426e0e052
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
[ChangeLog][QtNetwork][QNetworkInterface] Added preferredLifetime() and
validityLifetime() to QNetworkAddressEntry that report the remaining
lifetime of the address in the network interface.
Change-Id: I292b84e2193979446e43344b0727642812cba630
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
- Blacklist ioHttpRedirectPostPut for Windows
- Amend 84396a3f93:
Keys need to be on subsequent lines
Task-number: QTBUG-62583
Change-Id: I6360ec7bd87de65a3294a0d22148f13579fcd292
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Similar to the problem found in QTcpSocket auto-test recently.
While the failure on CI looks differently (apparently, server process
starts but does not print anything), fixing the dependency does not
hurt and at least fixes the 'make check' scenario.
Change-Id: I8f29f3e492d22410533407a527f5fc8f664e7f5c
Reviewed-by: Gatis Paeglis <gatis.paeglis@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
While removing insignificant flag in commit
38a0909d4e and blacklisting
autotests that still failed, qtbase builds didn't
verify VS2017. That broke qt5 builds which do build VS2017.
Task-number: QTBUG-64264
Change-Id: I5fdfa5dac6192f449a05146a9a422e428a710c84
Reviewed-by: Liang Qi <liang.qi@qt.io>
Looks like I never even tested this. There were two problems:
1) when we asked for the recvmsg and sendmsg functions, we used the
wrong variable (socketDescriptor was still -1)
2) we extracted the destination addresses, but never set them in the
QIpPacketHeader object
The added tests confirm that this works on Windows, Linux, Darwin,
FreeBSD. There also seems to be a problem, obtaining the destination
address on an IPv4 socket with a dual-stack sender (I can reproduce that
on FreeBSD, macOS and Windows, plus an old version of Linux).
Task-number: QTBUG-63605
Change-Id: I638cf58bfa7b4e5fb386fffd14ea732bddbc0c42
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
This test fails often and seems to be flaky.
Task-number: QTBUG-62583
Change-Id: Id3af283c89e392634a7af6e11bd05775a4295798
Reviewed-by: Gatis Paeglis <gatis.paeglis@qt.io>
This test starts two processes - server and client - and requires
an external executable ('stressTest'). In .pro file we have SUBDIRS
containing both 'test' (test itself) and 'stressTest' (client/server app),
but there is no explicit dependency and as result we run the test before
we build 'stressTest' thus failing to start those processes. This patch makes
'test' dependent on 'stressTest'.
Task-number: QTBUG-36629
Change-Id: I286b08bcff86b9afc4bbee87a75e887527eaf5f2
Reviewed-by: Gatis Paeglis <gatis.paeglis@qt.io>
Neither the exit crash of QTBUG-21102 nor the Windows failure of
QTBUG-24226 appear to be reproduceable.
Add verbose error reporting to getErrors() and blacklist
getErrors:ftp-host which has been found to fail with timeouts
on Linux and ioHttpRedirectMultipartPost.
Task-number: QTBUG-21102
Task-number: QTBUG-24226
Task-number: QTBUG-62860
Change-Id: I6b29f6184e83de8ffebf6ff0d80606512dca6419
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
It fails for me on Windows 10. Therefore, this is wrong.
FAIL! : tst_QHostInfo::initTestCase() 'networkSession->waitForOpened(30000)' returned FALSE. ()
S:\qt\qt5-msvc2017-x64\qtbase\tests\auto\network\kernel\qhostinfo\tst_qhostinfo.cpp(194) : failure location
Change-Id: Ib17dde1a1dbb49a7bba8fffd14ed5691472a4760
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
1. Recently we have updated our receive window size to a larger value.
Unfortunately, this also results in auto-test pumping through
more data, which probably takes more time on CI.
At the moment we do not have any public API on QNAM's level to
customize HTTP/2 parameters (aka 5.10/FF and so on). So we use the fact
that QNAM is QObject and we can set a property on it. This property
is our Http2::ProtocolParameters object that allows us to configure:
- HPACK parameters (in 5.10 - noop)
- session receive window size
- different SETTINGS as described by RFC 7540, 6.5.2.
2. Undocumented environment variable to set ENABLE_PUSH is not needed
anymore.
3. In 5.11 Http2::ProtocolParameter will become a public API
and we'll introduce a new setter in QNAM.
Change-Id: If08fd5e09e7c0b61cf9700b426b60b5837b6b2e6
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
c4cf90b1f7 made POST requests be
redirected properly, but this wasn't enough and should have included
every method/verb.
Change-Id: I37b12dc9fdffcbf2aadbd2360d4fc2584c024939
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The path wouldn't match if the cookie's path was root ('/') and the
URLs path was empty.
Change-Id: I6dcd10f1fdf4f48f14e50f1b169cbdfda7005849
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
All systems must implement it by now. If there's any system still
without it, that means it has no IPv6 support, so they can disable
QtNetwork entirely.
[ChangeLog][Deprecation Notice] Starting with Qt 5.10, IPv6 support is
mandatory for all platforms. Systems without proper IPv6 support, such
as the getaddrinfo() function or the proper socket address structures,
will not be able to build QtNetwork anymore.
Change-Id: I3868166e5efc45538544fffd14d8c28046f9191b
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
[ChangeLog][QtNetwork][QHostAddress] Added isGlobal(), isLinkLocal(),
isSiteLocal(), isUniqueLocalUnicast(), and isBroadcast() classification
functions to complement isLoopback() and isMulticast().
Change-Id: I3868166e5efc45538544fffd14d8fca6e9042c04
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
All POST requests that were redirected would previously turn into GET
requests. This does not follow the standard for HTTP codes 307 and 308.
Task-number: QTBUG-63142
Change-Id: Ibd25a9566066e589670a9bc34e5dc5111f8139d5
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
In some cases when a session isn't needed (i.e. for localhost), the
session is not opened at all. If a program (e.g. our tests) redirects
from localhost to a different system (e.g. the qt network test
servers, or the internet) it will wait for a session forever. So, we
need to check if a session is needed for the redirect-target and then
open one. It is usually opened in
QNetworkReplyHttpImplPrivate::_q_startOperation
Change-Id: Id3b78182a3fb3f63f0235ecb1fb665df8bd0c4ca
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
We already cleared 'cookedHeaders', which is a QHash for 'known headers'
(enumerators as keys instead of strings), now do the same for 'rawHeaders'-
not to end up with some weird mix of headers from all possible redirect
responses and the final response.
Task-number: QTBUG-61300
Change-Id: Ifd6655c4167840bb00d29446d36ce65ba2d5491a
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
A few tests would QSKIP depending on the inclusion of SSL, producing
multiple lines of noise in the output.
And one test used https in one of its configurations without checking to
see if it could, causing an UnknownProtocolError.
Change-Id: I5f54bf1005f962cc027c099b816fbe245dc43d3f
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
We were using the default ones, provided by RFC7540. It appears they are way
too restrictive and conservative: when downloading something relatively big,
a stream keeps spending the whole session/its own 'recv' windows and thus
we have to constantly send WINDOW_UPDATE frames. This significantly slows
down our HTTP/2 implementation, making it orders of magnitude slower than
HTTP/1.1. To fix this:
- We send SETTINGS_INITIAL_WINDOW_SIZE in the first SETTINGS frame
to inform our peer that per-stream WINDOW is bigger than 64Kb
- We increase the session's receive window size.
Task-number: QTBUG-63722
Change-Id: I31312fcfd5f0fc0aee6aaa5d3562cc7d1b931adc
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
... so that it comments the actual code, not what this code was before.
Change-Id: Ib191b9d7bd3ae3cda39a15f0f711cb1dd3c5c2b7
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
308 Permanent Redirect was introduced after redirection support was
initially added to Qt.
[ChangeLog][QtNetwork][QNetworkAccessManager] Added support for HTTP status 308.
Task-number: QTBUG-63075
Change-Id: I1c6cda331d776237113ef8854de9abfe7e41ed3e
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
The original test was using QSslSocket::waitForEncrypted function, which
is apparently a bad idea on Windows: connecting to 'www.qt.io' we have
to verify certs and there is no guarantee a given Windows VM has the required
CA certificate ready in its cert store. In such cases we start a background
thread (aka CA fetcher's thread) and it calls a (potentially blocking for
a significant amount of time) function (CryptoAPI). When finished, this
thread reports the results via queued connection, which does not work
if we are sitting in a tiny-loop inside waitForEncrypted. Re-factor
the test to use signals/slots and a normally running event loop.
Also, the last test makes a wrong assumption about Windows - fixed.
Task-number: QTBUG-63481
Change-Id: I4abe9cda2a6c52d841ac858cccb6bf068e550cb8
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The comment was back-to-front on the meaning it needed to address; and
the #if-ery used a deprecated define, now changed to match what
sanity-bot asked for.
Change-Id: I0a971ab2e405e5908066da86964d67c8b852f114
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Remaining uses of Q_NULLPTR are in:
src/corelib/global/qcompilerdetection.h
(definition and documentation of Q_NULLPTR)
tests/manual/qcursor/qcursorhighdpi/main.cpp
(a test executable compilable both under Qt4 and Qt5)
Change-Id: If6b074d91486e9b784138f4514f5c6d072acda9a
Reviewed-by: Ville Voutilainen <ville.voutilainen@qt.io>
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
Remaining uses of Q_DECL_OVERRIDE are in:
src/corelib/global/qcompilerdetection.h
src/corelib/global/qglobal.cpp
doc/global/qt-cpp-defines.qdocconf
(definition and documentation of Q_DECL_OVERRIDE)
tests/manual/qcursor/qcursorhighdpi/main.cpp
(a test executable compilable both under Qt4 and Qt5)
Change-Id: Ib9b05d829add69e98a86238274b6a1fcb19b49ba
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Ville Voutilainen <ville.voutilainen@qt.io>
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
We don't need to bother the network test server with a TCP SYN packet.
All we need is for the local operating system to figure out the IP
address it would use to send a packet to the test server. We can do that
with QUdpSocket.
Also, the network test server hasn't been called "fluke.troll.no" for
almost a decade.
Change-Id: I209fcd5dbc2b4e5381cffffd14df65ccc7133247
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Looks like whoever created the blacklist never tried to figure out why
it happened.
Change-Id: I84e45059a888497fb55ffffd14d2fb29e32a4521
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The issue itself is not really worth fixing (the very first request
being supposed to have a different proxy than any of the other
following requests before a session has been initiated), but we can
at least make the test pass when it is run alone.
Task-number: QTBUG-63134
Change-Id: I6c7df5c5653541031811e6bff562572061afae0f
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Following the introduction of AutoDeleteReplyOnFinishAttribute to
QNetworkRequest it seems natural to make it easy to enable for all
replies created with the current QNetworkAccessManager.
[ChangeLog][QtNetwork][QNetworkAccessManager] Added setAutoDeleteReplies
to QNetworkAccessManager to enable the AutoDeleteReplyOnFinishAttribute
attribute for all QNetworkRequests that are passed to
QNetworkAccessManager.
Change-Id: I7f96dd1fc9a899328e89732be17780b4e710c2a2
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
[ChangeLog][QtNetwork][QNetworkRequest] Added the
AutoDeleteReplyOnFinishAttribute attribute to QNetworkRequest, which
makes QNetworkAccessManager delete the QNetworkReply after it has
emitted the "finished" signal.
Change-Id: I03d4ac0830137882e51dd28795a8ec817762a300
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
When migrating QFtp test to docker server, it seems it is easy to get
"QTestEventLoop::instance().timeout()" during the test in Coin network.
To move the task of migration forward, those flaky timeout errors will
be ignored for short-term.
Task-number: QTBUG-75549
Change-Id: I797952b82c0ceb637f40c77fac2a88ca2a9a0eae
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Use docker test server to run test, following instructions on
https://wiki.qt.io/Network_Testing. Verified on Ubunutu 18.04.
Several test failures due to network timeouts and inconsistent
configuration of FTP server and assumptions made in the tests.
However, the test is either way blacklisted, and the docker test
server is not in use yet.
Done-with: Ryan Chu <ryan.chu@qt.io>
Fixes: QTQAINFRA-2275
Change-Id: I4cbd0109ce3f4cfb23ba2303a85796681d12febc
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Using the information from grafana we can unblacklist all the things
which are consistently passing.
Change-Id: I79917ca9c40e1df2dab46bb54cc0a2bd4a1a4621
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Using the information from grafana we can unblacklist all the things
which are consistently passing.
Change-Id: I3676d9cb5f9167039c3d1963521fa85785210f7c
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Using the information from grafana we can unblacklist all the things
which are consistently passing.
Change-Id: If04963cd5f9a53ee2293d596f9111ebcb1add532
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Don't reimplement the protected functions in the base class just
override the access with the using keyword.
Change-Id: I323487d9ddb1d458d5faca020c3eb4d931a9b226
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Before testserver becomes a stable feature, let's keep testserver.prf in
"mkspecs/features/unsupported". The test server's shared files will be
stored in "mkspecs/features/data/testserver".
Because the path of testserver has been changed, all the tests relying
on the docker servers should be updated as well.
Change-Id: Id2494d2b58ee2a9522d99ae61c6236021506b876
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Various patterns seem to have been copied, notably counting time from
QTime(0, 0) rather than using QTime::msecsSinceStartOfDay() and its
setter. Unsuitable value types also put in an appearance, and
QTime()'s parameters after the first two default to 0 anyway.
Corrected a lie in QTime()'s default constructor doc; it does not work
the same as QTime(0, 0) at all.
Change-Id: Icf1a10052a049e68fd0f665958f36dbe75ac46d5
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
In this threaded setup the server can sometimes have the data before it
calls "waitForReadyRead", what happens then is that we fail the wait and
as a result the test fails overall.
Let's check if we actually got some data after all and then continue if
we did. Since both the client and the server currently wait the same
amount of time (2s) the max timeout for the client was increased by
0.5s so it has some time to notice that the server got the message.
Change-Id: Ib5915958853413047aa5a7574712585bcae28f79
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
And export the required symbols in OpenSSL so we can run the test there
as well even if it's not needed for any functionality.
Change-Id: I4246d2b0bbdd42079d255f97f3c66ce8bb37390b
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
for SecureTransport backend. OpenSSL, while reading
RSA/DSA, is internally calling EVP_BytesToKey that
essentially does the same thing this patch does in
'deriveAesKey' and thus able to correctly decrypt
whatever it first encrypted (while generating/
encrypting keys).
Fixes: QTBUG-54422
Change-Id: Ia9f7599c5b19bf364c179f2abd2aab7ea5359a65
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Given the current feature disparity, it makes sense to give our users
ability to detect if they can use some feature or not in their application
code, using our 'modern' QT_CONFIG(securetransport). Accordingly, use this
new syntax in our own auto-tests.
Change-Id: Ib33b03e7e602e9f8b0db8251377c89dbaada1049
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Currently docker is only used for the "echo" test, and then only the
echo server. The SOCKS5 tests have been disabled from when our current
test server was new.
Change-Id: I21b0c5f10e722a42a0880b2500d1bcbc609a03bf
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Check if QSslKey::handle() returns data representing the
same key information as that passed to the constructor.
Task-number: QTBUG-64495
Change-Id: I1a91264e6f6d92d259b51fca9de00fcbfd5cc845
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
It's flaky and has been for a while. However it is somewhat more flaky
when using the docker setup.
Task-number: QTBUG-74162
Change-Id: I49f346a39271b48395e0e17fa6821d73a24f81d4
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
To work with docker test server.
Change-Id: I50a1c7b632748d7648dafd70356aa849614e4e12
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Change-Id: Id456fa8ea6ab4f23b6b83c5f6388e96443ccf9e0
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The iptables container launches with extra capabilities to actually be
able to make changes to the tables.
Change-Id: I892fd18853ce882709e21791e6c88217e5029d53
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
This commit adds support for single-sign-on SPNEGO/Negotiate
authentication to QAuthenticator, using SSPI on Windows and GSSAPI on
other platforms (if KRB5 GSSAPI is available).
[ChangeLog][QtNetwork][QAuthenticator] Add support for SPNEGO/Negotiate
Task-number: QTBUG-4117
Change-Id: Ie246b887db3fd6201b7ed30b023feca292cd6530
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
and make it work with our new docker-based test server
Change-Id: I98b5b5b1e2cdca46b7f15be72aa1483d9455403d
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Conflicts:
tests/auto/widgets/itemviews/qheaderview/tst_qheaderview.cpp
Added tests/auto/testlib/selftests/expected_crashes_5.txt to work
round the output of the crashes test (which exercises UB, see
QTBUG-73903) being truncated on one test platform.
Change-Id: I9cd3f2639b4e50c3c4513e14629a40bdca8f8273
to make it work with our new docker-based test server.
Change-Id: I76345a2d3d768b8a571f2c85e69f6a21e9a96d7e
Reviewed-by: Ryan Chu <ryan.chu@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
The sources were already added conditionally in the project file since
179fe5981f.
Change-Id: I0baaec2e772f3e596d311c1973b9745aa2b80423
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
Teach our MiniHttpServer to better handle POST and PUT requests:
read the POST/PUT data too (not headers only), before replying
and flushing. The original comment says MiniHttpServer does
not support POST/PUT requests, it's not true anymore - we can
handle them (perhaps the simplest/shortest ones).
Task-number: QTBUG-62844
Change-Id: I80260f8ede1bb1b0b9d6042ecd59558bb7e9a998
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
They aren't used in the API, so let's stop wasting library size.
Change-Id: I6e9274c1e7444ad48c81fffd14db247ecf825a57
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Conflicts:
examples/examples.pro
qmake/library/qmakebuiltins.cpp
src/corelib/global/qglobal.cpp
Re-apply b525ec2 to qrandom.cpp(code movement in 030782e)
src/corelib/global/qnamespace.qdoc
src/corelib/global/qrandom.cpp
src/gui/kernel/qwindow.cpp
Re-apply a3d59c7 to QWindowPrivate::setVisible() (code movement in d7a9e08)
src/network/ssl/qsslkey_openssl.cpp
src/plugins/platforms/android/androidjniinput.cpp
src/plugins/platforms/xcb/qxcbconnection.cpp
src/plugins/platforms/xcb/qxcbconnection_xi2.cpp
src/widgets/widgets/qmenu.cpp
tests/auto/widgets/kernel/qwidget_window/tst_qwidget_window.cpp
Change-Id: If7ab427804408877a93cbe02079fca58e568bfd3
Without TLS (and thus ALPN/NPN negotiation) HTTP/2 requires
a protocol upgrade procedure, as described in RFC 7540, 3.2.
We start as HTTP/1.1 (and thus we create QHttpProtocolHandler first),
augmenting the headers we send with 'Upgrade: h2c'. In case
we receive HTTP/1.1 response with status code 101 ('Switching
Protocols'), we continue as HTTP/2 session, creating QHttp2ProtocolHandler
and pretending the first request we sent was HTTP/2 request
on a real HTTP/2 stream. If the first response is something different
from 101, we continue as HTTP/1.1. This change also required
auto-test update: our toy-server now has to respond to
the initial HTTP/1.1 request on a platform without ALPN/NPN.
As a bonus a subtle flakyness in 'goaway' auto-test went
away (well, it was fixed).
[ChangeLog][QtNetwork][HTTP/2] In case of clear text HTTP/2 we
now initiate a required protocol upgrade procedure instead of
'H2Direct' connection.
Task-number: QTBUG-61397
Change-Id: I573fa304fdaf661490159037dc47775d97c8ea5b
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
That means a file is never created, unless you ask for the name. There's
no chance of left-over temporary files being left behind. QSaveFile also
benefits from this, since the save file is not present on disk until
commit(). Unfortunately, QSaveFile must go through a temporary name
because linkat(2) cannot overwrite -- we need rename(2) for that (for
now).
[ChangeLog][Important Behavior Changes][QTemporaryFile] On Linux,
QTemporaryFile will attempt to create unnamed temporary files. If that
succeeds, open() will return true but exists() will be false. If you
call fileName() or any function that calls it, QTemporaryFile will give
the file a name, so most applications will not see a difference.
Change-Id: I1eba2b016de74620bfc8fffd14cc843e5b0919d0
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
The only reason our code wants PKCS12 files is for a private key, but
a valid file needn't contain one; and reading a file without lead to a
crash in QSslKeyPrivate::fromEVP_PKEY(). So check for missing key and
fail the load, since the file is useless to us. Also ensure the
caller's pkey is initialized, as we aren't promised that
PKCS12_parse() will set it when there is no private key.
Add a test for this case (it crashes without the fix) and update the
instructions for how to generate test data to cover it also.
(Corrected the wording there, too; at the interactive prompt,
"providing no password" really provides an empty password.)
Task-number: QTBUG-62335
Change-Id: I617508b903f6d9dee40d539b7136b0be8bc2c747
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Conflicts:
src/widgets/kernel/qwidget.cpp
This merge also extends the expected output of the pairdiagnostics
teamcity output (added in dev in commit
c608ffc56a) after the recent addition of
the flowId attribute to the teamcity output (commit
8f03656211 in 5.9).
Change-Id: I3868166e5efc45538544fffd14d8aba438f9173c
The test verifies that a cookie with a date in the future is not
"expired" and will be sent to the server. This test started failing
on August 7th 2017 when the test case "0003" with it's cookie expiring
August 7th 2017 started ... expiring ;-)
Bumped all suspicious cookie test cases by a hundred years.
Change-Id: I7c09069ec4999e2ea0aae7b2a2819cced0fd6a99
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
The store is using QSettings under the hood. A user can enable/disable
storing HSTS policies (via QNAM's setter method) and we take care of
the rest - filling QHstsCache from the store, writing updated/observed
targets, removing expired policies.
Change-Id: I26e4a98761ddfe5005fedd18be56a6303fe7b35a
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
When ::WSAIoctl() reports 1 byte available for reading, we are trying
to peek an incoming datagram to ensure that the data is actually
delivered. But, according to MSDN docs, we are not allowed to pass NULL
as 'lpNumberOfBytesRecvd' parameter to ::WSARecvFrom() call, if
'lpOverlapped' parameter is also NULL.
The case with an empty datagram is fixed accordingly.
Change-Id: Id13038245332d3fb4bc18038d44a7cfd7ce04775
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
The original test is quite unfortunate - it has cipher names hardcoded,
and it fails with OpenSSL 1.1 - no matching cipher found for 'RC4-SHA'
and QSslContext::initSsl fails with 'Invalid or empty cipher list'.
We skip this test entry for 1.1.
Change-Id: I810b80a62d9e27a60db71fd412af0c80630d976c
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This hasn't done anything since at least Qt 5.0. It's possible it was
only used in Symbian, which we removed before the 5.0 release. This only
served to make the tst_QNetworkProxyFactory test slow.
[ChangeLog][QtNetwork][QNetworkProxy] The functions related to
QNetworkConfiguration are deprecated. They've performed no action since
Qt 5.0, so code using them can safely stop doing so.
Change-Id: I84e45059a888497fb55ffffd14d31b7c2978a04e
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Alex Blasche <alexander.blasche@qt.io>
This is the result of running the (experimental) clang-tidy check
qt-modernize-qsharedpointer-create
Discarded changes:
- tst_qsharedpointer.cpp: not sure we want these replacements there
(→ separate change)
- tst_collations.cpp: hit in a template specialization that is
instantiated with both QSharedPointer and QSharedDataPointer.
Change-Id: I203c2646e91d026735d923473af3d151d19e3820
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
ASN UTCTime uses two characters to encode a year (YY). When converting it
into QDate, it's quite naive to just add 2000. According to RFC 2459,
these YY represent dates in the range [1950, 2049].
This patch also introduces a helper function doing the checked conversion
from a string to int (to be reused in the following-up patches).
Task-number: QTBUG-61934
Change-Id: I3f6f471d24e8357b83b2f5973023b2b842751389
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Several tests are not valid for 1.1 anymore:
1. SSL2 was removed, but there is no OPENSSL_NO_SSL2 and the 'protocolServerSide'
test is trying to use QSsl::SSLv2 and thus is failing.
2. We now use the generic TLS_server/client_method instead of version specific
methods we have in pre-1.1 back-end. So, for example, a client socket with
QSsl::TLS_V1_0 in its SSL configuration will be able to negotiate
TLS 1.2 if our server socket wants it, while with TLSv1_client_method
(OpenSSL < 1.1) our test was expecting SSL handshake to fail.
Change-Id: I18efd5921c79b189e4d9529be09299a361a8a81d
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
tst_qvariant.cpp(80): warning C4309: 'initializing': truncation of constant value
tst_qvariant.cpp(4635): warning C4309: 'initializing': truncation of constant value
tst_qbytearray.cpp(1438): warning C4267: 'argument': conversion from 'size_t' to 'uint', possible loss of data
tst_qbytearray.cpp(1440): warning C4267: 'argument': conversion from 'size_t' to 'uint', possible loss of data
http2srv.cpp(64): warning C4018: '<=': signed/unsigned mismatch
tst_qinputdialog.cpp(352): warning C4804: '<=': unsafe use of type 'bool' in operation
Change-Id: Id012d88b7b20c5c9f128f2ef53753cc1d479f358
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Print time in the error handler to get some diagnostics
about when the network connection is dropped.
Task-number: QTBUG-61673
Change-Id: I376bec81f52d75c9b601f2af9b7e0b63f5883bb0
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
Use 15s instead of 10 (one check took 7.5s on my development machine, even).
Port to QTR_VERIFY_WITH_TIMEOUT instead of rolling our own waitForDone(),
as that reports (within limits) by how much the timeout was exceeded.
Change-Id: Id76a66d5f4fe3a4e814915add329eb4de3d264a7
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Under qemu/kvm the systemProxyForQuery call - when initiated from a
secondary thread - never completes. Consequently the thread hangs, test
fails and the crashes due to the inability to cleanly terminate the test
thread.
Task-number: QTQAINFRA-1200
Change-Id: I9bd4ed163d215fadd8532a03bbdccd80fc8d9cb1
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@qt.io>
The test fails as sendmsg() on the socket trying to deliver a packet to
the IPv6 link-local fe80 address returns with -ENETDOWN. I cannot figure
out why this happens when RHEL 6.6 is run under qemu/kvm but not under
vmware. More details are in the task, but meanwhile the result of this
test is ignored.
This affects only RHEL 6.6, it passes on RHEL 7.2.
Change-Id: I4ade5cd249dd0d1901368ab571dad324e0fd10c2
Task-number: QTQAINFRA-1042
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@qt.io>
As QAbstractSocket::readData does and as the documentation of QIODevice says
"this function returns -1 in those cases (that is, reading on a closed
socket..."
Change-Id: I1e64673f6a6d792a640bd6cb28b2bb5a0f18dc36
Reviewed-by: Aleix Pol
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
There were two more places that blacklisted certain interface types that
commit e579c822c5 didn't catch. This
commit adds those two.
Task-number: QTBUG-61263
Change-Id: Ia58d0480a9169f0f121aec03bf2e8900a58939cd
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@qt.io>
Adds a function to return the native socket descriptor. It allows
threaded or forked applications to reuse a previously created socket.
[ChangeLog][QtNetwork][QLocalServer] Added a function to retrieve
the socket descriptor.
Task-number: QTBUG-55043
Change-Id: I556e97000d2c02ad2bdd636984de6c7564381c6a
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Packets sent to to link-local addresses on it are never received. We
don't know why this happens, as the tooling provided by Apple for
development is close to useless. So we just ignore this interface.
Task-number: QTBUG-61041
Change-Id: Ia608df1fff6bdee5238e107d8a50292a1f9e5c03
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@qt.io>
Also mark as shared-come-qt6,
[ChangeLog][QtNetwork][QHostInfo] Added swap() and move operator.
Change-Id: I8f422868f0487a37aeba3bc74685dc4912e9b3a4
Coverity-Id: 168204
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
If the user calls QLocalSocket::setReadBufferSize() with a value less
than the current size of the pipe buffer, startAsyncRead() would call
ReadFileEx() with invalid parameters:
ReadFileEx(handle, nullptr, some_big_value, ...);
Change-Id: I3d153e3ec34f8038dc001c1c896aeceb666a8979
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
This reverts commit 96c27f0dfa.
We now use a custom keychain that should fix the original
problem with the test.
Change-Id: I52e4105f34a46ad7080750d9a62480ebe3a56e68
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
The fix is outdated - the tests it was fixing - pass on 10.11.
Change-Id: I8b42c1d3d2f1279382b15c20587dcc93cf1b6b40
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
If QEMU is provided sysroot with QEMU_LD_PREFIX, it opens files from there. If their
owner is the current user, testing their access rights based on assumption that they
are root fails. Skip the tests in that case similarly as is already done when the
tests are run as root.
This fixes following tests:
- tst_QTemporaryDir::nonWritableCurrentDir
- tst_QNetworkReply::getErrors(file-permissions)
- tst_qstandardpaths::testCustomRuntimeDirectory
Task-number: QTBUG-59966
Change-Id: I972ce37b4b5a7747cdd732a8e4a737ef09cbc6a5
Reviewed-by: Teemu Holappa <teemu.holappa@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
QEMU does not support all syscalls needed for tcp socket testing.
Skipped tests that can't pass on QEMU.
Task-number: QTBUG-59966
Change-Id: Ib6d12d0fc4c913a0222e13db57f0864b7fdf21ba
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Function if_indextoname fails on qemu because SIOCGIFNAME is not
supported. Expect failure if emulation is detected.
Change-Id: I53b41286d82458661e7fa723af385f323582ce7e
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Mixing different protocols on client-server sockets works differently
on 10.11, making previously successful handshakes failing now.
Failure is specific to 10.11 with SecureTransport.
Change-Id: I35374b40fa3d167802775b526cf6465ae78749cf
Task-number: QTBUG-48860
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
QEMU does not support all syscalls needed for udp socket testing.
Skipped tests that can't pass on QEMU.
Change-Id: I40882207a47cfafbc3becb3dff8e7cead9676255
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Previously we were always setting SpdyWasUsedAttribute for SPDY/HTTP/2/HTTP/1.1
(true/false) which is confusing. Now if HTTP2AllowedAttribute was set to true on
a request, we set HTTP2WasUsedAttribute. Otherwise, as we did before, we're setting
SpdyWasUsedAttribute.
Change-Id: I0c44cfb5469fef0c12719baa951197ee2accee4a
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
RFC6125 section 6.4.2 specify we need to convert the IDN to ascii
before comparison. Note that we don't need to toLower anymore
because toAce takes care of it.
Section 7.2 recommands that we dod not attempt to check for wildcard
character embedded within the A-labels or U-labels of an
internationalized domain name. So we reject names that contiains a
'*' but starts with 'xn--'.
Change-Id: Ib0830520a1f82bbf9fd11818718277a479527ee3
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
It's a Qt 3 compatibility vehicle, and as such inherits the now-alien
property to distinguish empty and null strings. Particularly worrisome
is the following asymmetry:
QString("") == QString::null // false
QString("") == QString(QString::null) // true
Instead of fixing this behavior, recognize that people might use it as
a weird way to call isNull(), albeit one that once was idiomatic, and
simply deprecate everything that deals with QString::null.
[ChangeLog][QtCore][QString] QString::null is now deprecated. When
used to construct a QString, use QString() instead. When used to
compare to a QString, replace with QString::isNull().
Change-Id: I9f7e84a92522c75666da15f49324c500ae93af42
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Anton Kudryavtsev <antkudr@mail.ru>
For the windows file system engine, we add an extra macro to use
library loading if configured to do so, but avoid it on WinRT, as
none of the symbols would be found.
We also QT_REQUIRE_CONFIG(library) in the library headers and
exclude the sources from the build if library loading is disabled.
This, in turn, makes it necessary to clean up some header inclusions.
Change-Id: I2b152cb5b47a2658996b6f4702b038536a5704ec
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
Replace outdated LGPL21 with LGPL license header.
Use GPL-EXCEPT for all autotests.
Also use canonical contact url.
Change-Id: I6e5cc8a4285569c4f862730a980f492b8a933a72
Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
Replace all QT_NO_PROCESS with QT_CONFIG(process), define it in
qconfig-bootstrapped.h, add QT_REQUIRE_CONFIG(process) to the qprocess
headers, exclude the sources from compilation when switched off, guard
header inclusions in places where compilation without QProcess seems
supported, drop some unused includes, and fix some tests that were
apparently designed to work with QT_NO_PROCESS but failed to.
Change-Id: Ieceea2504dea6fdf43b81c7c6b65c547b01b9714
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
don't attempt to hand-craft a library export any more. instead, use the
configure system's built-in mechanism, and refer to it via QMAKE_USE.
this also allows us to rely on transitive dependencies in the autotest.
as a side effect, this makes the openssl-linked feature imply the
openssl one.
Change-Id: I5dd209b63bc8fbbc62852f6ffc472d4452ea2e68
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
After it started to fail (somehow it's only OpenSUSE 42.1) again and again
and after a quick re-evaluation it appears the logic testing SETTINGS|ACK
is incorrect. We (client side) start by sending the preface and then
continue to send our request(s). The other side (server) starts from sending its
SETTINGS frame. These settings must be ACKed, but apparently it can happen,
that server receives a requests and sends a reply before it receives SETTINGS|ACK,
resulting in replyFinished (replyFinishedWithError) signal and event loop stopping.
As a result - QVERIFY(serverGotSettingsACK) fails.
Task-number: QTBUG-58758
Change-Id: I8184cf459b2b88f70c646171e0115c184237fad1
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
The verifySessionProtocol() method in the SecureTransport backend did not
properly handle TlsV1_0OrLater, TlsV1_1OrLater and TlsV1_2OrLater.
This commit teaches verifySessionProtocol() about them.
It also adds TlsV1_0OrLater, TlsV1_1OrLater and TlsV1_2OrLater to the
protocolServerSide() test in tst_qsslsocket.
Change-Id: I394766c75dbea4d89bf3d6b9c3f3c89530ac0749
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The equality operator was supplied, but this one was missing.
[ChangeLog][QtNetwork][QHostAddress] Added op!=(SpecialAddress, QHostAddress).
Change-Id: Iad9c55fa0ee7a8e97d5e4ea4be0605b8b74649d1
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Rewrite tcpSocketNonBlockingTest() and downloadBigFile() to use lambdas for
the slots. This allows for removing the related member variables and slots
of the test class and ensures no leaks of sockets or inconsistent values.
Add an error handler printing the error message to the flaky downloadBigFile()
test.
Change-Id: Ieb64063c41e045a1a50a6d074bef01753ee319ef
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
HTTP Strict Transport Security (HSTS) is a web security policy that
allows a web server to declare that user agents should only interact
with it using secure HTTPS connections. HSTS is described by RFC6797.
This patch introduces a new API in Network Access Manager to enable
this policy or disable it (default - STS is disabled).
We also implement QHstsCache which caches known HTTS hosts, does
host name lookup and domain name matching; QHstsHeaderParser to
parse HSTS headers with HSTS policies.
A new autotest added to test the caching, host name matching
and headers parsing.
[ChangeLog][QtNetwork] Added HTTP Strict Transport Security to QNAM
Task-number: QTPM-238
Change-Id: Iabb5920344bf204a0d3036284f0d60675c29315c
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
With this new policy, after emitting 'redirected', QNetworkReplyHttpImpl
waits for client code to decide if QNAM should follow this redirect or
not. The client can either allow this redirect by emitting 'redirectAllowed'
or abort the reply.
Task-number: QTPM-236
Change-Id: Ia04619f6bd1f0caa477833ae859b24033027b2e1
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>