Commit Graph

966 Commits

Author SHA1 Message Date
Allan Sandfeld Jensen
25830cf912 Fix builds without DTLS
Change-Id: Ic7215c7aa0bf6f7b37ae34649d809f2e1e1ee95b
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2018-10-09 13:14:42 +00:00
Timur Pocheptsov
8f58e1319c tst_qdtls: add 'invalidConfiguration' test
Test that we don't silently replace an invalid TLS configuration with
the default one (for now, the only thing that is considered to be
non-valid - is having non-DTLS protocol set).

Change-Id: I6f714b009cf1345a085a3f26d638fc31330f1a94
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2018-08-10 12:18:41 +00:00
Timur Pocheptsov
ab731692e2 QDtls: delay protocol version verification
A weird behavior of the DTLS server example, when linked with 1.0.2,
exposed that client code, requesting an invalid protocol (for example, SSLv3)
can end-up with connection encrypted with DTLS 1.2 (which is not that bad,
but totally surprising). When we check the protocol version early in
setDtlsConfiguration() and find a wrong version, we leave our previous
configuration intact and we will use it later during the handshake.
This is wrong. So now we let our user set whatever wrong configuration they
have and later fail in TLS initialization, saying -
'Unsupported protocol, DTLS was expected'.

Auto-test was reduced - the follow-up patch will introduce a new
'invalidConfiguration' auto-test.

Change-Id: I9be054c6112eea11b7801a1595aaf1d34329e1d2
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2018-08-10 03:55:28 +00:00
Qt Forward Merge Bot
053e7cce79 Merge remote-tracking branch 'origin/5.11' into dev
Conflicts:
	.qmake.conf
	src/corelib/doc/src/objectmodel/signalsandslots.qdoc
	src/plugins/platforms/cocoa/qcocoamenuloader.mm
	src/plugins/platforms/xcb/qxcbconnection.cpp
	src/plugins/platforms/xcb/qxcbconnection.h
	src/plugins/platforms/xcb/qxcbconnection_xi2.cpp
	src/plugins/platforms/xcb/qxcbwindow.cpp
	tests/auto/gui/image/qimage/tst_qimage.cpp

Done-with: Gatis Paeglis <gatis.paeglis@qt.io>
Change-Id: I9bd24ee9b00d4f26c8f344ce3970aa6e93935ff5
2018-08-07 17:44:51 +02:00
Timur Pocheptsov
9f2a671560 Extend 'ignoreExpectedErrors' test
with a case when we fail to ignore/pre-set one of possible
verification errors.

Change-Id: I23b06243b61acef1ef3576c51529f3ef6601ba7d
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-08-02 04:05:27 +00:00
Mårten Nordheim
2dfa41e0ea Return to eventloop after emitting encrypted
When the connection has been encrypted we will,
in QHttpNetworkConnectionChannel::_q_encrypted, emit 'reply->encrypted'
in which user slots can be called.

In the event that the user calls abort it will, however, not abort until
the next time it goes back to the event loop (which might not happen
until after the request has already been sent).

Task-number: QTBUG-65960
Change-Id: I96865f83c47f89deb9f644c86a71948dbb0ec0d0
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2018-07-31 14:57:02 +00:00
Timur Pocheptsov
5c7d2033e0 QDtls: respect pre-set verification errors
That's actually how ignoreVerificationErrors (and QSslSocket::ignoreSslErrors)
are used to set the expected/known verification errors before handshake.
Auto-test updated too.

Change-Id: I9c700302d81ddb383a4a750fafd594373fb38ace
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2018-07-31 11:20:53 +00:00
Ryan Chu
3f80783b11 Rework QNetworkReply tests to use docker-based test servers
This change frees the tests of their dependence on the Qt internal test
server (qt-test-server.qt-test-net). It makes the developers run the
tests out of Qt testing infrastructure.

If the user has installed Docker engine on their host, the test servers
will be built up inside separate Docker containers, and then, the test
case goes with the Docker-based test servers. Otherwise, the test case
will keep using the Qt internal test server.

Task-number: QTQAINFRA-1686
Change-Id: I518bc3675bfd658938509744b0e7e0610bc8bf66
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
2018-07-27 17:40:27 +00:00
Timur Pocheptsov
8948491eda QDtls - use conventional names
More Qt-style and more natural, also, shorter names.

Change-Id: I97bd68a8614126d518a3853027661435dc4e080d
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2018-07-27 11:53:28 +00:00
Timur Pocheptsov
056fbf03a5 QDtls - refactor
This patch renames rather awkward 'remote' into more conventional
'peer' (similar to what we have in QAbstractSocket).

Change-Id: Ifc45e538b8adf9cc076bd7aee693277829fd94dc
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2018-07-26 15:13:57 +00:00
Oswald Buddenhagen
99c3ef0789 prune cargo-culted and obsolete winsock deps from autotests
Change-Id: I9666598d34e965d7058aeb2b2e7fb3f59600675c
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2018-07-19 13:31:08 +00:00
Qt Forward Merge Bot
1783fca897 Merge remote-tracking branch 'origin/5.11' into dev
Conflicts:
	src/plugins/platforms/cocoa/qcocoawindow.mm
	src/plugins/platforms/xcb/qxcbintegration.cpp

 Conflicts git missed:
	src/plugins/platforms/qnx/qqnxglcontext.cpp

Change-Id: I0582cdc9e66e43efe79038b9c43d4f9572ac88fc
2018-07-17 10:19:22 +02:00
Timur Pocheptsov
86632bd377 QSslSocketBackendPrivate - avoid recursion while handing errors
The logic seems to be simple - if client code on error signal
tries to close TLS socket and this socket has buffered data,
it calls 'flush' and 'transmit' or even 'startHandshake' as
a result, which in turn will set and emit error again. To auto-
test this, we initiate a handshake with pre-shared key hint
on a server side and both client/server sockets incorrectly
configured (missing PSK signals). We also do early write
into the client socket to make sure it has some data
buffered by the moment we call 'close'.

Task-number: QTBUG-68089
Task-number: QTBUG-56476
Change-Id: I6ba6435bd572ad85d9209c4c81774a397081b34f
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-07-12 09:16:25 +00:00
Tuomas Heimonen
8c680ab469 tst_qnetworkinterface: Fix for case of zero interface
Change-Id: I3e43acf2e96635c39fcb366c8d161a9287af01b1
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2018-07-06 06:39:36 +00:00
Timur Pocheptsov
5bd9f98342 QDtls - handle server-side timeouts
According to RFC 6347 a DTLS server also must retransmit buffered message(s)
if timeouts happen during the handshake phase (so it's not a client only as
I initially understood it).

Conveniently so an auto-test is already in place and needs just a tiny
adjustment - handshakeWithRetransmission covers both sides.

Change-Id: If914ec3052e28ef5bf12a40e5eede45bbc53e8e0
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-07-05 13:39:46 +00:00
Liang Qi
e3ed2281c0 Merge remote-tracking branch 'origin/5.11' into dev
Conflicts:
	src/plugins/platforms/cocoa/qnsview.mm
	src/plugins/platforms/cocoa/qnsview_dragging.mm
	src/plugins/platforms/ios/qiosinputcontext.mm
	src/plugins/platforms/xcb/qxcbconnection.cpp
	src/plugins/platforms/xcb/qxcbconnection_xi2.cpp
	src/plugins/platforms/xcb/qxcbwindow.cpp
	src/tools/androiddeployqt/main.cpp
		Was moved from qttools into qtbase in 5.11.
		So re-apply 32398e4d here.
	tests/auto/corelib/global/qlogging/test/test.pro
	tests/auto/corelib/global/qlogging/tst_qlogging.cpp
	tests/auto/corelib/io/qfile/tst_qfile.cpp
	tests/auto/corelib/kernel/qtimer/tst_qtimer.cpp
	tests/auto/corelib/thread/qthreadstorage/test/test.pro
	tests/auto/widgets/itemviews/qheaderview/tst_qheaderview.cpp
	tests/auto/widgets/kernel/qapplication/test/test.pro

Done-with: Gatis Paeglis <gatis.paeglis@qt.io>
Done-with: Mårten Nordheim <marten.nordheim@qt.io>
Done-with: Oliver Wolff <oliver.wolff@qt.io>
Change-Id: Id970486c5315a1718c540f00deb2633533e8fc7b
2018-07-02 11:23:45 +02:00
Timur Pocheptsov
5ba5a7b5bc DTLS cookie auto-test - do not check the exact UDP socket errors
It was observed on OpenSUSE VM in CI - apparently, even after succesfull
read from UDP socket error was not UnknownSocketError. While it's under
investigation, the DTLS auto-test should limit itself by DTLS things and
barely test IO success (socket-wise) when needed.

Change-Id: I0773a02c591432b0d6c894f4131f70e41dc7ed72
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2018-06-28 03:28:50 +00:00
Timur Pocheptsov
73b9242d7e tst_QSslSocket::qtbug18498_peek() - fix several problems
It all started from the compiler's warnings about 'this' captured but
not used in lambdas. While fixing this it was noticed that 'client' socket
has a lifetime longer than the test case itself (the socket has a parent,
which is tst_QSslSocket object). The 'server' socket was simply leaked.
So there is no guarantee that some of them (or both) later, after the
test failed in one of QVERIFY, for example, does not emit 'encrypted'
upon receiving more data; this will result: in reading/writing from/to
invalid memory location (captured local 'encryptedCount') and/or probably
exiting event loop when it's not expected to do so.

Change-Id: I51de0493d989a5ba36de2cef58d35526c0e26cda
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2018-06-28 03:28:38 +00:00
Liang Qi
c3059391fe Make tests compile for Android
This only enables compilation, it doesn't fix any test.

Qt on Android supports process, but not TEST_HELPER_INSTALLS. See also
acdd57cb for winrt.

android-ndk-r10e is used to compile, see
http://doc-snapshots.qt.io/qt5-5.11/androidgs.html .

corelib/io/{qdir,qresourceengine} need to be fixed later.

Done-with: Frederik Gladhorn <frederik.gladhorn@qt.io>
Done-with: Mårten Nordheim <marten.nordheim@qt.io>
Change-Id: I34b924c8ae5d46d6835b8f0a6606450920f4423b
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@qt.io>
2018-06-25 08:01:19 +00:00
Timur Pocheptsov
5417949fe2 Add tst_QDtls auto-test
The test is somewhat similar to tst_QSslSocket but is smaller (in scope, will
grow in future), it has no QTcpSocket/QAbstractSocket-specific things and
has more DTLS-specific code. At the moment it does not use our network
test server, all work is done in the same process with two QUdpSockets
and two QDtls objects. We test (both on client/server ends):
 - parameters validation (for all functions that do this) and
   the correctness of error codes/handshake states
 - handshake procedure (with/out certificates and with pre-shared keys)
 - timeouts and re-transmissions during (D)TLS handshake
 - peer verification (and related verification errors)
 - aborted/resumed handshake
 - encrypted I/O
 - DTLS shutdown

For now, this test is OpenSSL-only.

Task-number: QTBUG-67597
Change-Id: I27006bfe3d6c02b89596889e8482a782c630402a
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2018-06-21 17:01:25 +00:00
Timur Pocheptsov
d77d4fc548 QDtlsClientVerifier - add auto-test
This part of DTLS is relatively easy to test: we never do a complete
handshake. Certificates, verification, ciphers,  etc. - do not matter
at this stage (to be tested in tst_QDtls). Errors are mostly insignificant
and can be ignored or handled trivially.

The test is OpenSSL-only: SecureTransport failed to correctly implement/
support server-side DTLS, the problem reported quite some time ago and
no fixes from Apple so far.

Task-number: QTBUG-67597
Change-Id: I21ad4907de444ef95d5d83b50083ffe211a184f8
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-06-19 05:31:30 +00:00
Edward Welbourne
4b944f7bc7 De-parameterise tst_QNetworkReply::ignoreSslErrorsList()'s url
It was the same in all test rows, so move it from the _data() to a
fixed value in the test.  Also, don't implicitly coerce C-string
literals to QString.

Change-Id: Ieee4c7ffbf251c4b69b5acd79125dfa93eb51d6e
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2018-06-13 08:18:11 +00:00
Timur Pocheptsov
a217188fe0 tst_Http2 auto-test: stop sending DATA frames if test failed
Unlike QNAM, our toy http2 server sends payload as one big chunk as soon as
it fits in the receive window's size. Internally, 'frame writer' splits this
payload into many DATA frames of the appropriate size (imposed either by the
default value or the one from the client's SETTINGS frame). If some test fails,
we can end up with a server waiting for the writer to send all the DATA frames
though it is not needed anymore - there is nobody to receive them after a failure.
This patch moves such a loop into the test server instead and stops the loop early
if needed.

Change-Id: Iea2dcd718d8f83386fd16004807f6447bf999435
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-06-04 13:38:04 +00:00
Liang Qi
f82e508516 Merge remote-tracking branch 'origin/5.11' into dev
Conflicts:
	mkspecs/features/qt_common.prf
	src/corelib/tools/qstring.cpp
	src/plugins/platforms/windows/qwindowsmousehandler.cpp
	src/widgets/widgets/qmainwindowlayout_p.h

Change-Id: I5df613008f6336f69b257d08e49a133d033a9d65
2018-05-24 16:29:14 +02:00
Liang Qi
7e1b504f31 Merge remote-tracking branch 'origin/5.11' into dev
Conflicts:
	mkspecs/features/qt_module_headers.prf
	tests/auto/widgets/itemviews/qheaderview/tst_qheaderview.cpp
	tests/auto/widgets/kernel/qwidget/BLACKLIST

Change-Id: I2a08952d28d1d0e3d73f521a3d44700ce79ff16c
2018-05-14 14:51:46 +02:00
Andy Shaw
bb6ba17019 Treat the Content-Disposition header as a known header
Change-Id: I307f67b10759d17f603a340b14266ab47d195497
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2018-05-14 12:36:32 +00:00
Mårten Nordheim
5134ff882a OpenSSL v1.1.1: fix qtbug18498_peek
Previously the test worked because the client was the last party to know
when encryption was established. However, due to changes in the TLSv1.3
handshake the server is now the last one.

In either case, relying on both to be encrypted when one of them is
finished is not great, so now we only quit the event loop when both
client and server have emitted 'encrypted'.

Change-Id: Ic1fc75671206d866f7ea983805fd58a99657aac6
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2018-05-11 08:42:17 +00:00
Liang Qi
b5a956601f Merge remote-tracking branch 'origin/5.11' into dev
Conflicts:
	src/plugins/sqldrivers/sqlite/qsql_sqlite.cpp
	tests/auto/corelib/io/qresourceengine/qresourceengine_test.pro

Change-Id: I3169f709cc2a1b75007cb23c02c4c79b74feeb04
2018-05-08 20:43:45 +02:00
Kari Oikarinen
c580644fe9 tests/auto/network: Avoid unconditional qWait()s
Replace with QSignalSpy or QTRY_COMPARE when possible.

Task-number: QTBUG-63992
Change-Id: I18dc8837301424855487a12ee62451a5aeb21bf0
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2018-05-08 12:35:40 +00:00
Qt Forward Merge Bot
ba2b7b8e33 Merge remote-tracking branch 'origin/5.11' into dev
Change-Id: Ib58433da04bffb5dfab5486b80f17f39cc4145fa
2018-05-05 01:00:55 +02:00
Mårten Nordheim
ef242e0b34 OpenSSL 1.1.1: Fix tst_QSslCertificate::toText
The formatting of the output from QSslCertificate::toText has
changed slightly from before, so it no longer matches the test's
data.

From what I can tell we just do a manual sanity check and create
a new file with the new output and then augment the test.

Task-number: QTBUG-67463
Change-Id: I751e5a3f9a28015f97c895cea47384704fd68e38
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2018-05-04 12:57:47 +00:00
Liang Qi
60fefff22f Merge remote-tracking branch 'origin/5.11' into dev
Conflicts:
	examples/widgets/graphicsview/elasticnodes/graphwidget.cpp
	examples/widgets/graphicsview/elasticnodes/node.cpp
	examples/widgets/graphicsview/elasticnodes/node.h
	src/plugins/platforms/cocoa/qnsview.mm
	src/plugins/platforms/cocoa/qnsview_drawing.mm
	src/widgets/kernel/qmacgesturerecognizer_p.h

Change-Id: I13cf06bac75d48d779d8ee7b5c91bfc976f2a32c
2018-05-03 14:50:22 +02:00
Friedemann Kleint
6171d647b3 tst_QUdpSocket: Fix Clang warning about unused expression
tst_qudpsocket.cpp(965,9):  warning: expression result unused [-Wunused-value]
    if (!socket2.bind(socket.localPort(), QUdpSocket::ReuseAddressHint), socket2.errorString().toLatin1().constData())

Task-number: QTBUG-63512
Change-Id: I51959432c6ff166c188842e34c3033ab1319c079
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2018-05-02 15:56:04 +00:00
Qt Forward Merge Bot
7de400052f Merge remote-tracking branch 'origin/5.11' into dev
Change-Id: Ia082e20e2eb4b76afd4c1a1584ff4e5514655d7a
2018-05-02 13:15:15 +02:00
Mårten Nordheim
51e14787d5 Stop rejecting cookies which have a domain that matches a TLD
... but only if the host it came from is an EXACT match. Also only apply
the cookie if the url is an EXACT match.

[ChangeLog][QtNetwork][QNetworkCookieJar] Cookies will no longer be
rejected when the domain matches a TLD. However (to avoid problems
with TLDs), such cookies are only accepted, or sent, when the host name
matches exactly.

Task-number: QTBUG-52040
Change-Id: Ic2ebd9211c48891beb669032591234b57713c31d
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-04-30 11:18:43 +00:00
Mårten Nordheim
72bb1d95fd Introduce QPasswordDigestor functions
Added a few functions to derive keys from passwords. Currently it
supports PBKDF1 and PBKDF2 as defined in
RFC 8018 ( https://tools.ietf.org/html/rfc8018 ).

[ChangeLog][QtNetwork][QPasswordDigestor] Added QPasswordDigestor

Task-number: QTBUG-30550
Change-Id: I2166b518bd8b54e3486514166e76fd9ba2f219c8
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-04-23 12:55:45 +00:00
Mårten Nordheim
c45802e33a QSslKey: Implement PKCS#8 support for the generic backend
This patch adds the ability to decode keys which are encoded with PKCS#8
using the generic back-end (used in winrt and secure transport).

It works on both WinRT and macOS; however QSslKey seems unused in the
WinRT backend and it seems only RSA keys can be used for certificates
on macOS. Meaning that DSA and Ec, which in theory* should represent
their unencrypted versions, can't currently be tested properly.

* Can also be confirmed by loading the key using the ST or WinRT
backend, calling toPem(), writing the output to a file and then loading
the unencrypted key using openssl.

[ChangeLog][QtNetwork][QSslKey] Added support for PKCS#8-encoded keys
in the generic SSL back-end (used for SecureTransport on macOS and for
WinRT). Note that it does not support keys encrypted with a PKCS#12
algorithm.

Task-number: QTBUG-59068
Change-Id: Ib27338edc7dbcb5c5e4b02addfdb4b62ac93a4c3
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-04-23 12:55:38 +00:00
Jan Murawski
b0726e8641 Add HTTP caching headers to KnownHeaders
QNetworkRequest is already aware of the Last-Modified header but
has been lacking support for the If-Modified-Since, ETag, If-Match
and If-None-Match headers. These headers are used with HTTP to
signal conditional download requests.
See RFC 7232 for more information.

Change-Id: I248577b28e875fafd3e4c44fb31e8d712b6c14f1
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Anton Kudryavtsev <antkudr@mail.ru>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2018-04-19 06:46:13 +00:00
Timur Pocheptsov
46ad794a96 Auto-tests: remove unneeded 'gui' from QT variable
none of these tests needs anything GUI-related.

Change-Id: I6b3c02bf13da60ab460f0cc4d804f1d03bc68f50
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Gatis Paeglis <gatis.paeglis@qt.io>
2018-04-18 14:22:26 +00:00
Timur Pocheptsov
9865ecf9db h2 auto test - replace QEventLoop (and QTimer) with QTestEventLoop
QTestEventLoop (conveniently so) takes care of timeouts thus no
external QTimer/handling logic needed at all.

Change-Id: Id65ea928daec1e7d9380107e63916896f19d3d14
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-04-18 14:18:38 +00:00
Qt Forward Merge Bot
4aa6f54fec Merge remote-tracking branch 'origin/5.11' into dev
Change-Id: I8c353b4c53e90434453c76691eac39a894d23b49
2018-04-15 01:00:18 +02:00
Lars Knoll
4f158ccee5 Merge remote-tracking branch 'origin/5.11' into dev
Change-Id: I9f802cb9b4d9ccba77ca39428a5cb1afd2d01642
2018-04-12 22:00:35 +02:00
Alex Trotsenko
e8733ffc51 QWindowsPipeReader: fix waiting on inactive pipe
To read data from a named pipe, QWindowsPipeReader uses the ReadFileEx()
function which runs asynchronously. When reading is completed and the
thread is in an alertable wait state, the notified() callback is called
by the system, reporting a completion status of that operation. Then the
callback queues a readyRead signal and starts a new sequence. The latter
is skipped if the pipe is broken or the read buffer is full.

Thus, if an application does not run the event loop, the next call to
QWindowsPipeReader::waitForReadyRead() should emit the queued signal
and report true to the caller even if no new read operation was started.

Change-Id: I37102dbb1c00191d93365bfc2e94e743d9f3962a
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
2018-04-12 18:08:29 +00:00
Timur Pocheptsov
9917eb2ec6 HTTP/2 - reset uploadByteDevice if necessary
1. If a request was redirected or some error was encountered, we
   try to reset the uploading byte-device.
2. Disconnecting from the byte-device is not enough, since we have a
   queued connection, _q_uploadDataReadyRead() gets called even if
   byte-device was deleted and thus sender() can return null -
   we have to check this condition.
3. Update auto-test with a case where our server immediately
   replies with a redirect status code.

Task-number: QTBUG-67469
Task-number: QTBUG-66913
Change-Id: I9b364cf3dee1717940ddbe50cba37c3398cc9c95
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-04-12 14:02:20 +00:00
Mårten Nordheim
f8e551cf08 Fix loading pkcs#8 encrypted DER-encoded keys in openssl
When we load DER-encoded keys in the openssl-backend we always turn it
into PEM-encoded keys (essentially we prepend and append a header and
footer and use 'toBase64' on the DER data).

The problem comes from the header and footer which is simply chosen
based on which key algorithm was chosen by the user. Which would be
wrong when the key is a PKCS#8 key. This caused OpenSSL to fail when
trying to read it. Surprisingly it still loads correctly for unencrypted
keys with the wrong header, but not for encrypted keys.

This patch adds a small function which checks if a key is an encrypted
PKCS#8 key and then uses this function to figure out if a PKCS#8 header
and footer should be used (note that I only do this for encrypted PKCS#8
keys since, as previously mentioned, unencrypted keys are read correctly
by openssl).

The passphrase is now also passed to the QSslKeyPrivate::decodeDer
function so DER-encoded files can actually be decrypted.

[ChangeLog][QtNetwork][QSslKey] The openssl backend can now load
encrypted PKCS#8 DER-encoded keys.

Task-number: QTBUG-17718
Change-Id: I52eedf19bde297c9aa7fb050e835b3fc0db724e2
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-04-11 14:30:08 +00:00
Timur Pocheptsov
e3cea2a7b9 QSslSocket (OpenSSL 1.1) - respect requested protocol version
Properly handle single protocol TLS configurations. Previously,
due to the use of generic (non version-specific) client/server method
they worked as ranges of protocols instead. This also fixes a couple
of previously broken tests.

Task-number: QTBUG-67584
Change-Id: Ied23113a4fab6b407a34c953e3bd33eab153bb67
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-04-11 12:10:01 +00:00
Timur Pocheptsov
fdc28956c9 Revert "tst_QSslSocket::signatureAlgorithm - fix for OpenSSL 1.1"
This reverts commit e2694fa602.
I'm reverting this patch - I'll fix QSslSocket instead to respect
the requested protocol version.

Change-Id: Ia4bb09a8801c58bc76837518934ac7a3eedd3c07
Reviewed-by: Lars Schmertmann <lars.schmertmann@governikus.de>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-04-10 13:17:02 +00:00
Qt Forward Merge Bot
e027c7241f Merge remote-tracking branch 'origin/5.11' into dev
Change-Id: I0120f804522c0c652e9537b6e9fe08189f071ed2
2018-04-10 01:00:26 +02:00
Mårten Nordheim
5c4e5032b5 Unblacklist qsslkey for Linux
Except RHEL-6.6 and 7.4

It was blacklisted in f3939d943e, along
with a lot of other entries. No specifics are known about why it was
blacklisted originally, but now it only fails on RHEL because they
use OpenSSL 1.0.1.

Change-Id: I6d1d1b7b7bf5386b2115b8780163550cf03bbad7
Reviewed-by: Gatis Paeglis <gatis.paeglis@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2018-04-09 09:34:50 +00:00
Timur Pocheptsov
e2694fa602 tst_QSslSocket::signatureAlgorithm - fix for OpenSSL 1.1
The test creates client and server sockets with mismatching protocol versions,
trying different combinations, for example: 1) server (TLS 1.0) vs
client (TLS 1.2) or 2) server (TLS 1.2) vs client (TLS 1.1), etc.
Since TLS v < 1.2 does not support signature algorithms, they are ignored
and handshake is always successful. But our new OpenSSL 1.1 backend uses
generic TLS_client_method and TLS_server_method when creating SSL_CTX.
This means, both server and client will support TLS v. 1.2, they
will have no shared signature algorithms, thus handshake will fail
with an error string similar to this:

"tls1_set_server_sigalgs:no shared signature algorithms".

For OpenSSL 1.1 this test makes no sense.

Task-number: QTBUG-67456
Change-Id: Ibb2a12eea5e5c0ebaeee7d0719cc721ecf4763e6
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-04-05 15:15:01 +00:00