This is an abstraction for TLS backend and its factory, preparing to transition
to plugin-based design.
Task-number: QTBUG-65922
Change-Id: Ibe810e77fd1b715a6bea66cd3f44312b015ac274
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
This API gives the names of available backends and provides a basic
information about features/protocols supported by those backends.
Also, it has the 'loadBackend' functions which allow to select
a particular backend (which are becoming plugins).
At the moment, the implementation is still 'hardcoded', the
follow-up patch will allow to select different backends in runtime.
Task-number: QTBUG-65922
Change-Id: I05877de9c02857594e76b24d52e7578bdb01df69
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The plugins are meant to indicate what they do support, meaning users of
QNetworkInformation can choose to not care about which plugin is used
and rather just request what they want.
Task-number: QTBUG-86966
Change-Id: Ie130e1791250ec2a4470e3ba7081d982654af06c
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Those serve no purpose anymore, now that the .pro files are gone.
Task-number: QTBUG-88742
Change-Id: I39943327b8c9871785b58e9973e4e7602371793e
Reviewed-by: Cristian Adam <cristian.adam@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
SecureTransport does not allow deprecated digest algorithms, and
(depending on ST version) it may or may not accept our server's
certificate.
Funnily enough, they 'fluctuate' between versions again and again.
Fixes: QTBUG-89922
Change-Id: Ie5fbfca316806bd5000ce2d128b81b718bb36624
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Remove the qmake project files for most of Qt.
Leave the qmake project files for examples, because we still test those
in the CI to ensure qmake does not regress.
Also leave the qmake project files for utils and other minor parts that
lack CMake project files.
Task-number: QTBUG-88742
Change-Id: I6cdf059e6204816f617f9624f3ea9822703f73cc
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
Complete search and replace of QtTest and QtTest/QtTest with QTest, as
QtTest includes the whole module. Replace all such instances with
correct header includes. See Jira task for more discussion.
Fixes: QTBUG-88831
Change-Id: I981cfae18a1cabcabcabee376016b086d9d01f44
Pick-to: 6.0
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
SIOCGIFNAME is now supported on QEMU.
This reverts commit 42b3ed763f.
Change-Id: I79caa371dc798464ab76851d2ea3189ec9eb0c57
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Apparently some library definitions went overboard, link them directly.
Pick-to: 6.0
Change-Id: I009737f7e3edff5619241b700a627dc4e25e6018
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
Looking at grafana it rarely fails in dev so unblacklisting it.
Though it is a little more flaky after switching to http 2 by default
because then we only have one channel and more requests end up queued in
the same channel, which will get errored out when the server
disconnects.
Task-number: QTBUG-88943
Change-Id: If5d6335864ce6bbc35f519b2c6d7068e4181afd2
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
headFromHttp hasn't been flaky since 5.14 times according to grafana,
does not fail locally.
Same situation with ioHttpRedirect as above.
ioHttpRedirectMultipartPost has not failed on Windows since october
2019, assumed stable now.
backgroundRequestInterruption no longer exists.
ioPostToHttpFromSocket would fail in debug MSVC builds but was
fixed in 710886fbdd.
Task-number: QTBUG-88943
Change-Id: Ida640179ef15a3452291745e4e94a71a385f57ae
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The test in general is fine, but it was making an assumption that the
first 5 readyRead emissions would never result in the whole message
being received. In certain scenarios with slowdown however it was still
possible that we would receive the whole message after just a few
readyReady emissions. While I didn't check it's most likely due to a
mechanic in the QNetworkReply machinery where we suppress some
emissions if we know there's more data just about to be available.
Task-number: QTBUG-88943
Change-Id: I0cf06edb34d4e86cc8a42c0f1cd7e8c35765f6ee
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
It's not _wrong_ to time out when connecting to something unreachable
(it's just a different way of handling it) so we shouldn't fail when
this happens either.
In local testing (windows) it times out after 8 seconds, so bump
the timer to 10 seconds. On systems where it's faster there'll be
no difference as long as things don't go wrong.
Pick-to: 6.0
Fixes: QTBUG-89089
Change-Id: I8437cf8e4fbecedea2391ed87fdce1213085b964
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Which contains a lot of 'macos'/'osx' black-listed auto-tests. They
mostly fail with SecureTransport (on BigSur) because SecTrustEvaluate()
does not like our old certificate. Instead, since SecureTransport
is deprecated anyway and we are not planning to develop it in future,
skip the related auto-test depending on QT_CONFIG(securetransport).
Task-number: QTBUG-88943
Change-Id: I5f6cb7b2d0ea15c445603c1ff3e1700f123c28d1
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
It was blacklisted due to the issue there. The issue is resolved, but
the blacklist stayed.
Task-number: QTBUG-88943
Change-Id: I7d9a660a17c1463dd8b654752ed5787fe5f5af24
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
The requests will remove themselves once they get deleted
but since the deletion is done through a _queued_ invokeMethod
to 'deleteLater' we will call
QHttpNetworkConnection::_q_startNextRequest first which may
end up starting a reconnect of the TCP socket which we had the error on.
In this specific instance it manifested as a race condition where we
either don't get a proxyAuthorizationRequired signal at all (it was
emitted while we didn't have any valid replies), or we get the signal
emitted too late and it gets emitted on whatever the next reply was.
Task-number: QTBUG-88417
Pick-to: 5.15 6.0
Change-Id: If3f8ececc5550f1868c90124559cb8e3029646d8
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Currently untested
The socks case is odd: after accepting the first connection it shows as
unconnected. Details as for why is unknown, out of scope of adding this
test.
Pick-to: 6.0
Change-Id: I0e7658f23b89f3af8db379b001ee33a844f3bec4
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
And also, reduce the utter sloppiness, weirdness of the test and
make it more a test and not a joke. Since the test itself depends
on !QT_NO_SSL, why bother building and running its main, to create
a useless tst_QSslError and do nothing then? Exclude test from
no-ssl build.
Pick-to: 5.15
Pick-to: 6.0
Change-Id: I67879b0de036cbc8c2f75a18f4cf94e6c43c5af0
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
QSslCertificate::verify() has an undocumented and not very desirable property -
on some platorms it updates the default configuration, which can be surprising.
For example, we deprecated QSslSocket::setDefaultCaCertificates() and recommend
using QSslConfiguration::defaultConfiguration(), QSslConfiguration::setDefaultConfiguration(),
and QSslConfiguration::setCaCertificates(). If an application does this to select
CA roots it trusts explicitly, and then for some reason is calling verify, the
application can have its QSslSockets successfully connecting to a host, whose
root was not trusted by the application. Also, on Windows, defaultCaCertificates()
include system roots already, no need to have them twice.
[ChangeLog][QtCore][QtNetwork] QSslSocket::verify - do not change the default configuration
Pick-to: 5.15
Pick-to: 6.0
Pick-to: 6.0.0
Fixes: QTBUG-88639
Change-Id: I1cd40b259d0a6dcd15c78d1e7c027ff10859595c
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
And extend an auto-test for this. When a cookie verification mechanism is
enabled, and verifier, indeed, verifies that some datagram is a 'Client Hello'
message with a proper cookie attached, we start a real DTLS handshake creating a
QDtls object and calling 'doHandshake'. In case cookie verification
was enabled, we need parameters from the verifier (it's a crypto-strong
'number' and hash algorithm) to 'lock and load' the TLS state machine in
a freshly created TLS session object. This code path previously was only
tested manually and was found by LCOV as untested.
Pick-to: 5.15
Pick-to: 6.0
Change-Id: Ieacb8c989997999ea10e15bda6ae106a0338b698
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
And do not run the test with QSslSocket::supportsSsl() returns false -
this may mean unresolved symbols and thus missing functionality,
like i2d_X509 etc. This also makes cases more like other, that already
had those checks.
Fixes: QTBUG-87386
Change-Id: If4e9a650ca325b6f70956f532891a4c1d50465c0
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Some code-paths were never executed by auto-test, thus giving us LCOV's
diagnostic. Extend existing tests and add new ones.
Pick-to: 5.15
Change-Id: I648747547f0525a482216b1e1972fcc698c73f65
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
By extending (a bit) an auto-test to cover paths found by LCOV. All of them
is just to trigger the code that checks input parameters.
Pick-to: 5.15
Pick-to: 6.0
Change-Id: I62f9a9045038ff8d123fd1396f4bfd85e75c6d8f
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
By adding auto-tests that were missing/not triggering the paths found
by LCOV.
Pick-to: 5.15
Pick-to: 6.0
Change-Id: I472f59e8e7292786c80d7c8dcebde53a2982e1ec
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
By simply extending the basic test to trigger qHash, isEqual and
a bunch of getters.
Pick-to: 6.0
Pick-to: 5.15
Change-Id: Ib1d88fc6d2ad623743cea77ac286ae6ac819dfd1
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
tst_qsslcipher was quite useless - now we test that default constructed
QSslCipher reports expected values. Test the non-default from the
different auto-test, where we are sure we have really useful
ciphersuites (with different parameters obtained from a TLS backend,
where it's possible).
Pick-to: 6.0
Pick-to: 5.15
Change-Id: Iff14a0580fed889cf9e0873bee01d968773626db
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
... instead of failing the test. On Ubuntu 20.04 when calling
'connect' with 0.0.0.1 we get EINPROGRESS and nothing else,
since our own internal timer has 30 s. timeout, the event loop
in the test stops before this and no socket error detected yet.
Handle such situation without failing a test.
Fixes: QTBUG-88042
Change-Id: Id6add27fcf9bbbe5fbf83a193652edf08fbad8d6
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
This reverts commit ee122077b0.
Reason for revert: This causes QProcess::readAll() to sometimes
return nothing after the process has ended.
Fixes: QTBUG-88624
Change-Id: I34fa27ae7fb38cc7c3a1e8eb2fdae2a5775584c2
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Paul Wicking <paul.wicking@qt.io>
(cherry picked from commit 23100ee61e33680d20f934dcbc96b57e8da29bf9)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
When a foreign event loop that does not enter an alertable wait state
is running (which is also the case when a native dialog window is
modal), pipe handlers would freeze temporarily due to their APC
callbacks not being invoked.
We address this problem by moving the I/O callbacks to the Windows
thread pool, and only posting completion events to the main loop
from there. That makes the actual I/O completely independent from
any main loop, while the signal delivery works also with foreign
loops (because Qt event delivery uses Windows messages, which foreign
loops typically handle correctly).
As a nice side effect, performance (and in particular scalability)
is improved.
Several other approaches have been tried:
1) Using QWinEventNotifier was about a quarter slower and scaled much
worse. Additionally, it also required a rather egregious hack to
handle the (pathological) case of a single thread talking to both
ends of a QLocalSocket synchronously.
2) Queuing APCs from the thread pool to the main thread and also
posting wake-up events to its event loop, and handling I/O on the
main thread; this performed roughly like this solution , but scaled
half as well, and the separate wake-up path was still deemed hacky.
3) Only posting wake-up events to the main thread from the thread pool,
and still handling I/O on the main thread; this still performed
comparably to 2), and the pathological case was not handled at all.
4) Using this approach for reads and that of 3) for writes was slightly
faster with big amounts of data, but scaled slightly worse, and the
diverging implementations were deemed not desirable.
Fixes: QTBUG-64443
Change-Id: I1cd87c07db39f3b46a2683ce236d7eb67b5be549
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@gmx.de>
The test authenticationCacheAfterCancel was the only one to fail
in recent COIN runs. This patch blacklists it on Ubuntu 20.04.
Task-number: QTBUG-88417
Change-Id: Idc85499da82336d291d9a90ecb941810a0e6c935
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
The recent change handling missing elliptic curves introduced a problem
for '-no-ssl' configuration/build. The first version had some protection,
but it was openssl-specific and required a private feature, thus was
removed. Now the real ifdef must be with QT_NO_SSL
Fixes: QTBUG-88238
Pick-to: 5.15
Change-Id: I6fba26d6ab63850e1468e76f8b234703255a026c
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
The former *.platform.sh entry has been replaced by more specific
entries, replacing the wildcard with only selected second levels.
Task-number: QTBUG-87925
Change-Id: Ie4ba7c66ba9aa40eafe23f02faa12f19d791cff2
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
We want to re-enable Android tests in QTQAINFRA-3867. However,
many tests are failing already preventing that from happening.
QTBUG-87025 is currently keeping track (links) to all of those
failing tests.
The current proposal is to hide those failing tests, and enable
Android test running in COIN for other tests. After, that try
to fix them one by one, and at the same time we can make sure
no more failing tests go unnoticed.
Task-number: QTBUG-87025
Change-Id: Ic1fe9fdd167cbcfd99efce9a09c69c344a36bbe4
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
Ubuntu changed the default level from 1 to 2 and not accepting our
RSA 1024 anymore. While we are not testing the TLS library's strength,
we re-generate a ceritficiate to shut the thing (the botched, 'fixed' OpenSSL)
up for good.
Task-number: QTBUG-86187
Change-Id: I6151ce5210972ae938e52731157742910363afbe
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Move it to the section requiring SSL tests since it
requires QSslConfiguration.
Change-Id: I5c807976ce75fa5967bddb8edd7788dbfbb89375
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
It's been obsolete for a long time already. Make sure
the compiler now warns about it and remove all remaining
uses in qtbase.
Change-Id: I0ff80311184dba52d2ba5f4e2fabe0d47fdc59d7
Reviewed-by: Fabian Kosmale <fabian.kosmale@qt.io>
Interesting, it only exploded now - initially we were too fast (faster than
500 ms) so never noticed. Now that more tests with the similar event loop
handling were introduced, the last one was catching a single-shot timer
signal, accessing long dead object).
Fixes: QTBUG-87612
Change-Id: I52446fa7b08ef90a4742af3662da7837a8602941
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
When a peer closes the connection, the device remains opened for reading
purposes. However, we should disable writing on disconnected socket.
Otherwise, if the user issues a write() call, a new pipe writer object
will be created and the write call occurs with invalid handle value.
Pick-to: 5.15
Change-Id: Id136798c7663df1fce7ed0aa4e3c6f5c65218a11
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@gmx.de>
It's not possible to connect to microsoft.com with Schannel TLS 1.3 for
some reason (also tested with Internet Explorer), but other sites work
fine. Must be something they have to iron out for later.
In my experience this needs a preview release of Windows. One of my
machines is opted into the dev channel of Windows where they enabled TLS
1.3 by default, and it works well in my tests except for the part above.
On my other machine, after enabling TLS 1.3 through the registry, I fail
to complete the handshake with any site. So around March/April next year
is when this code would activate for most people.
MinGW apparently defines NTDDI_VERSION as the one for Windows Server
2003, so it currently doesn't build the new TLS 1.3 code. In Qt (as a
project) we could consider setting this higher, but that's out of scope
for this patch!
Fixes: QTBUG-81294
Change-Id: If329959c3a30ecbfbb8c0d335cc39ccb6d012890
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
As suggested by the message from QTestLib. This, indeed, fixed the
sadistic test. Also, make sure resources are not leaked.
Pick-to: 5.15
Fixes: QTBUG-87009
Change-Id: Id693a5a562ea5ebacc853e5fc0ab9654ba851e72
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
This time based on grepping to also include documentation, tests and
examples previously missed by the automatic tool.
Change-Id: Ied1703f4bcc470fbc275f759ed5b7c588a5c4e9f
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
