The only reason our code wants PKCS12 files is for a private key, but
a valid file needn't contain one; and reading a file without lead to a
crash in QSslKeyPrivate::fromEVP_PKEY(). So check for missing key and
fail the load, since the file is useless to us. Also ensure the
caller's pkey is initialized, as we aren't promised that
PKCS12_parse() will set it when there is no private key.
Add a test for this case (it crashes without the fix) and update the
instructions for how to generate test data to cover it also.
(Corrected the wording there, too; at the interactive prompt,
"providing no password" really provides an empty password.)
Task-number: QTBUG-62335
Change-Id: I617508b903f6d9dee40d539b7136b0be8bc2c747
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The test verifies that a cookie with a date in the future is not
"expired" and will be sent to the server. This test started failing
on August 7th 2017 when the test case "0003" with it's cookie expiring
August 7th 2017 started ... expiring ;-)
Bumped all suspicious cookie test cases by a hundred years.
Change-Id: I7c09069ec4999e2ea0aae7b2a2819cced0fd6a99
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
When ::WSAIoctl() reports 1 byte available for reading, we are trying
to peek an incoming datagram to ensure that the data is actually
delivered. But, according to MSDN docs, we are not allowed to pass NULL
as 'lpNumberOfBytesRecvd' parameter to ::WSARecvFrom() call, if
'lpOverlapped' parameter is also NULL.
The case with an empty datagram is fixed accordingly.
Change-Id: Id13038245332d3fb4bc18038d44a7cfd7ce04775
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
This is the result of running the (experimental) clang-tidy check
qt-modernize-qsharedpointer-create
Discarded changes:
- tst_qsharedpointer.cpp: not sure we want these replacements there
(→ separate change)
- tst_collations.cpp: hit in a template specialization that is
instantiated with both QSharedPointer and QSharedDataPointer.
Change-Id: I203c2646e91d026735d923473af3d151d19e3820
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
ASN UTCTime uses two characters to encode a year (YY). When converting it
into QDate, it's quite naive to just add 2000. According to RFC 2459,
these YY represent dates in the range [1950, 2049].
This patch also introduces a helper function doing the checked conversion
from a string to int (to be reused in the following-up patches).
Task-number: QTBUG-61934
Change-Id: I3f6f471d24e8357b83b2f5973023b2b842751389
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
tst_qvariant.cpp(80): warning C4309: 'initializing': truncation of constant value
tst_qvariant.cpp(4635): warning C4309: 'initializing': truncation of constant value
tst_qbytearray.cpp(1438): warning C4267: 'argument': conversion from 'size_t' to 'uint', possible loss of data
tst_qbytearray.cpp(1440): warning C4267: 'argument': conversion from 'size_t' to 'uint', possible loss of data
http2srv.cpp(64): warning C4018: '<=': signed/unsigned mismatch
tst_qinputdialog.cpp(352): warning C4804: '<=': unsafe use of type 'bool' in operation
Change-Id: Id012d88b7b20c5c9f128f2ef53753cc1d479f358
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Print time in the error handler to get some diagnostics
about when the network connection is dropped.
Task-number: QTBUG-61673
Change-Id: I376bec81f52d75c9b601f2af9b7e0b63f5883bb0
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
Use 15s instead of 10 (one check took 7.5s on my development machine, even).
Port to QTR_VERIFY_WITH_TIMEOUT instead of rolling our own waitForDone(),
as that reports (within limits) by how much the timeout was exceeded.
Change-Id: Id76a66d5f4fe3a4e814915add329eb4de3d264a7
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Under qemu/kvm the systemProxyForQuery call - when initiated from a
secondary thread - never completes. Consequently the thread hangs, test
fails and the crashes due to the inability to cleanly terminate the test
thread.
Task-number: QTQAINFRA-1200
Change-Id: I9bd4ed163d215fadd8532a03bbdccd80fc8d9cb1
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@qt.io>
The test fails as sendmsg() on the socket trying to deliver a packet to
the IPv6 link-local fe80 address returns with -ENETDOWN. I cannot figure
out why this happens when RHEL 6.6 is run under qemu/kvm but not under
vmware. More details are in the task, but meanwhile the result of this
test is ignored.
This affects only RHEL 6.6, it passes on RHEL 7.2.
Change-Id: I4ade5cd249dd0d1901368ab571dad324e0fd10c2
Task-number: QTQAINFRA-1042
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@qt.io>
There were two more places that blacklisted certain interface types that
commit e579c822c5 didn't catch. This
commit adds those two.
Task-number: QTBUG-61263
Change-Id: Ia58d0480a9169f0f121aec03bf2e8900a58939cd
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@qt.io>
Packets sent to to link-local addresses on it are never received. We
don't know why this happens, as the tooling provided by Apple for
development is close to useless. So we just ignore this interface.
Task-number: QTBUG-61041
Change-Id: Ia608df1fff6bdee5238e107d8a50292a1f9e5c03
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@qt.io>
If the user calls QLocalSocket::setReadBufferSize() with a value less
than the current size of the pipe buffer, startAsyncRead() would call
ReadFileEx() with invalid parameters:
ReadFileEx(handle, nullptr, some_big_value, ...);
Change-Id: I3d153e3ec34f8038dc001c1c896aeceb666a8979
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
This reverts commit 96c27f0dfa.
We now use a custom keychain that should fix the original
problem with the test.
Change-Id: I52e4105f34a46ad7080750d9a62480ebe3a56e68
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
The fix is outdated - the tests it was fixing - pass on 10.11.
Change-Id: I8b42c1d3d2f1279382b15c20587dcc93cf1b6b40
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
If QEMU is provided sysroot with QEMU_LD_PREFIX, it opens files from there. If their
owner is the current user, testing their access rights based on assumption that they
are root fails. Skip the tests in that case similarly as is already done when the
tests are run as root.
This fixes following tests:
- tst_QTemporaryDir::nonWritableCurrentDir
- tst_QNetworkReply::getErrors(file-permissions)
- tst_qstandardpaths::testCustomRuntimeDirectory
Task-number: QTBUG-59966
Change-Id: I972ce37b4b5a7747cdd732a8e4a737ef09cbc6a5
Reviewed-by: Teemu Holappa <teemu.holappa@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
QEMU does not support all syscalls needed for tcp socket testing.
Skipped tests that can't pass on QEMU.
Task-number: QTBUG-59966
Change-Id: Ib6d12d0fc4c913a0222e13db57f0864b7fdf21ba
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Function if_indextoname fails on qemu because SIOCGIFNAME is not
supported. Expect failure if emulation is detected.
Change-Id: I53b41286d82458661e7fa723af385f323582ce7e
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Mixing different protocols on client-server sockets works differently
on 10.11, making previously successful handshakes failing now.
Failure is specific to 10.11 with SecureTransport.
Change-Id: I35374b40fa3d167802775b526cf6465ae78749cf
Task-number: QTBUG-48860
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
QEMU does not support all syscalls needed for udp socket testing.
Skipped tests that can't pass on QEMU.
Change-Id: I40882207a47cfafbc3becb3dff8e7cead9676255
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Previously we were always setting SpdyWasUsedAttribute for SPDY/HTTP/2/HTTP/1.1
(true/false) which is confusing. Now if HTTP2AllowedAttribute was set to true on
a request, we set HTTP2WasUsedAttribute. Otherwise, as we did before, we're setting
SpdyWasUsedAttribute.
Change-Id: I0c44cfb5469fef0c12719baa951197ee2accee4a
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
RFC6125 section 6.4.2 specify we need to convert the IDN to ascii
before comparison. Note that we don't need to toLower anymore
because toAce takes care of it.
Section 7.2 recommands that we dod not attempt to check for wildcard
character embedded within the A-labels or U-labels of an
internationalized domain name. So we reject names that contiains a
'*' but starts with 'xn--'.
Change-Id: Ib0830520a1f82bbf9fd11818718277a479527ee3
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
It's a Qt 3 compatibility vehicle, and as such inherits the now-alien
property to distinguish empty and null strings. Particularly worrisome
is the following asymmetry:
QString("") == QString::null // false
QString("") == QString(QString::null) // true
Instead of fixing this behavior, recognize that people might use it as
a weird way to call isNull(), albeit one that once was idiomatic, and
simply deprecate everything that deals with QString::null.
[ChangeLog][QtCore][QString] QString::null is now deprecated. When
used to construct a QString, use QString() instead. When used to
compare to a QString, replace with QString::isNull().
Change-Id: I9f7e84a92522c75666da15f49324c500ae93af42
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Anton Kudryavtsev <antkudr@mail.ru>
For the windows file system engine, we add an extra macro to use
library loading if configured to do so, but avoid it on WinRT, as
none of the symbols would be found.
We also QT_REQUIRE_CONFIG(library) in the library headers and
exclude the sources from the build if library loading is disabled.
This, in turn, makes it necessary to clean up some header inclusions.
Change-Id: I2b152cb5b47a2658996b6f4702b038536a5704ec
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
Replace outdated LGPL21 with LGPL license header.
Use GPL-EXCEPT for all autotests.
Also use canonical contact url.
Change-Id: I6e5cc8a4285569c4f862730a980f492b8a933a72
Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
Replace all QT_NO_PROCESS with QT_CONFIG(process), define it in
qconfig-bootstrapped.h, add QT_REQUIRE_CONFIG(process) to the qprocess
headers, exclude the sources from compilation when switched off, guard
header inclusions in places where compilation without QProcess seems
supported, drop some unused includes, and fix some tests that were
apparently designed to work with QT_NO_PROCESS but failed to.
Change-Id: Ieceea2504dea6fdf43b81c7c6b65c547b01b9714
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
don't attempt to hand-craft a library export any more. instead, use the
configure system's built-in mechanism, and refer to it via QMAKE_USE.
this also allows us to rely on transitive dependencies in the autotest.
as a side effect, this makes the openssl-linked feature imply the
openssl one.
Change-Id: I5dd209b63bc8fbbc62852f6ffc472d4452ea2e68
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
After it started to fail (somehow it's only OpenSUSE 42.1) again and again
and after a quick re-evaluation it appears the logic testing SETTINGS|ACK
is incorrect. We (client side) start by sending the preface and then
continue to send our request(s). The other side (server) starts from sending its
SETTINGS frame. These settings must be ACKed, but apparently it can happen,
that server receives a requests and sends a reply before it receives SETTINGS|ACK,
resulting in replyFinished (replyFinishedWithError) signal and event loop stopping.
As a result - QVERIFY(serverGotSettingsACK) fails.
Task-number: QTBUG-58758
Change-Id: I8184cf459b2b88f70c646171e0115c184237fad1
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
The equality operator was supplied, but this one was missing.
[ChangeLog][QtNetwork][QHostAddress] Added op!=(SpecialAddress, QHostAddress).
Change-Id: Iad9c55fa0ee7a8e97d5e4ea4be0605b8b74649d1
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Rewrite tcpSocketNonBlockingTest() and downloadBigFile() to use lambdas for
the slots. This allows for removing the related member variables and slots
of the test class and ensures no leaks of sockets or inconsistent values.
Add an error handler printing the error message to the flaky downloadBigFile()
test.
Change-Id: Ieb64063c41e045a1a50a6d074bef01753ee319ef
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
HTTP Strict Transport Security (HSTS) is a web security policy that
allows a web server to declare that user agents should only interact
with it using secure HTTPS connections. HSTS is described by RFC6797.
This patch introduces a new API in Network Access Manager to enable
this policy or disable it (default - STS is disabled).
We also implement QHstsCache which caches known HTTS hosts, does
host name lookup and domain name matching; QHstsHeaderParser to
parse HSTS headers with HSTS policies.
A new autotest added to test the caching, host name matching
and headers parsing.
[ChangeLog][QtNetwork] Added HTTP Strict Transport Security to QNAM
Task-number: QTPM-238
Change-Id: Iabb5920344bf204a0d3036284f0d60675c29315c
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
With this new policy, after emitting 'redirected', QNetworkReplyHttpImpl
waits for client code to decide if QNAM should follow this redirect or
not. The client can either allow this redirect by emitting 'redirectAllowed'
or abort the reply.
Task-number: QTPM-236
Change-Id: Ia04619f6bd1f0caa477833ae859b24033027b2e1
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This commit simplifies defaultParameters() to simply construct an empty
QSslDiffieHellmanParameters and assigning the DER-form of the DH parameters
to QSslDiffieHellmanParametersPrivate's derData field.
This creates a valid QSslDiffieHellmanParameters instance, but skips any
potentially expensive verification steps.
The previous implementation of defaultParameters() would use the public
fromEncoded() method to construct an instance of the default parameters.
This triggers a verification of the passed-in data, which can be expensive.
To ensure our defaultParameters() QSslDiffieHellmanParameters instance does
pass verification, this commit adds an autotest to verify that.
Fixes QTBUG-57815.
Change-Id: I6b1d9dbbfde526b232c319195ddbad42326be27c
Task-number: QTBUG-57815
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
This patch makes it possible to enable/disable redirects on QNAM
level (before it was per-request only). This policy would be applied
to all subsequent requests* created by QNAM.
The policies we support at the moment:
a. Manual - that's what we always had - it's up to a user to handle
redirects.
b. NoLessSafeRedirectsPolicy - we allow http->http, http->https and
https->https redirects, but no protocol 'downgrade' (no
https->http redirects).
c. SameOriginPolicy - we check that protocol/host/port are
the same.
Updated tst_qnetworkreply.
*We previously were enabling redirect for each request, by
setting FollowRedirectsAttribute on QNetworkRequest object.
For backward compatibility this attribute has a higher priority
(if set) than QNAM's policy (and it will work as NoLessSafeRedirectsPolicy).
[ChangeLog][QtNetwork] Added redirects policy to QNAM
Task-number: QTPM-239
Task-number: QTPM-237
Change-Id: I493d1728254b71b61b5504937e8e01dca5953527
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Sometimes it is desirable to use a new connection but keep already
entered user credentials for usability reasons. This is now possible by
clearing the connection cache (but keeping the authentication cache).
Change-Id: I2f5f64836ce19f81c8525701783a3da823dd468e
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
qHash(QHostAddress) was added in Qt 5.0 (at least the version with uint seed = 0).
op==(QHostAddress::SpecialAddress, QHostAddress) was there since QHostAddress was
added before public history. Since QHostAddress does not have a \since, the I did
not supply one for op==, either.
Since the equality operator did not have unit-tests, added one.
Change-Id: I954a0df02464338f08a12ca58d4cc0ceb013e67a
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
- Fix the case when we erroneously handled stream ID == 0 in a GOAWAY frame as
an invalid stream ID.
- _q_receivedReply: convert do{}while() loop into to while(){} to prevent
it from handling any frames after GOAWAY frame received and all active frame
finished.
- sendRequest - if we received GOAWAY, also clear spdyRequests in the connection
channel, otherwise it keeps re-trying to send requests!
- Http network connection channel never resets a protocolHandler in _q_encrypted/
_q_connected, which is BAD for HTTP/2, since HTTP/2 has unique per-connection
compression context and must be reset - now we recreate the protocol handler in
_q_encrypted or _q_connected (https/http).
- Update autotest.
Task-number: QTBUG-57600
Change-Id: Ib864ce52287bab23334ff43a83ba4b0b7cb52c60
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
May of the tests initiate a scan / update of the network configuration
and expect the API to deliver exactly one update. This turns out to be a
race condition as the update may be emitted multiple times, as
QNetworkConfigurationManagerPrivate::updateConfigurations() is called
via posted events (queued signal emissions) from the bearer thread, and
so after creating the spy we may receive an update from _before_ and end
up emitting the signal multiple times.
Task-number: QTQAINFRA-1040
Change-Id: I931e2907f0cb86d48b4ab1a8795d75206035ea11
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
... after a member-function declaration: this would be a compilation error
anywhere outside of a class-definition, allowed as 'opt' inside a class-definition
and essentially not needed at all (and is already different from other
member-functions we have in the same code).
Change-Id: Ia689a41bf2a1052cd19eb8fb4766ed9635c20c88
Reviewed-by: Jesus Fernandez <jesus.fernandez@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>