Despite supporting DH and ECDH key exchange as a client, Qt did not provide
any default parameters which prevented them being used as a server. A
future change should allow the user to control the parameters used, but
these defaults should be okay for most users.
[ChangeLog][Important Behavior Changes] Support for DH and ECDH key exchange
cipher suites when acting as an SSL server has been made possible. This
change means the you can now implement servers that offer forward-secrecy
using Qt.
Task-number: QTBUG-20666
Change-Id: I469163900e4313da9d2d0c3e1e5e47ef46320b17
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
FAIL! : tst_QNetworkReply::ioPostToHttpUploadProgress() 'args.at(0).toLongLong() != sourceFile.size()' returned FALSE. ()
Task-number: QTBUG-37449
Task-number: QTBUG-24226
Change-Id: Idcc0ceac0332705b1e3a073d40fa8098bea2c9f3
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
... and not only one. This was a problem e.g. when there were several
requests to the same host and the host was not reachable; only one
reply would get an error signal in case we suppressed other errors in
"happy eyeballs" host lookup style.
Task-number: QTBUG-36890
Change-Id: I1b5757498bd644b0d773cf6c43e4950620949c5c
Reviewed-by: Richard J. Moore <rich@kde.org>
Output the SSL library version, output socket error string on connection
failure consistently, silence numerous warnings about QIODevice not
being open in tst_QSslSocket::constructing.
Change-Id: Ia23d42de5b2daca55b2f6f50af025d61e99c52a0
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
tested manually with internal proxy.
Patch-by: Jonathan Lauvernier <Jonathan.Lauvernier@gmail.com>
Change-Id: Ief5b4579b3444ce70eb99637edf771d37d3971fb
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Do not close connection in slot bytesWritten() since that can
cause clients to fail with "Connection Closed". Instead, use
deleteLater() to close properly and prevent leaking the sockets.
FAIL! : tst_QNetworkReply::qtbug28035browserDoesNotLoadQtProjectOrgCorrectly() 'waitForFinish(reply) == Success' returned FALSE. ( QUrl( "http://localhost:58240" ) failed: # 2 "Connection closed" )
..\tst_qnetworkreply.cpp(7067) : failure location
Task-number: QTBUG-37449
Change-Id: Ib92cb62fae523370b2fb45e1ccfa217559732bc8
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Reviewed-by: Joerg Bornemann <joerg.bornemann@digia.com>
Replacing old troll.no domain with qt-project.org domain. Using troll.no
doesn't work anymore.
Change-Id: Ic6fa71b044d1adbdc66c875b47bfdc256a2afc8e
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
The test takes too long and fails:
FAIL! : tst_QFtp::abort(WithoutProxy:get_fluke01) '(int)newData_ba.size() == bytesDone' returned FALSE. ()
tst_qftp.cpp(1886) : failure location
FAIL! : tst_QFtp::abort(WithoutProxy:get_fluke01) Network operation timed out
tst_qftp.cpp(1392) : failure location
FAIL! : tst_QFtp::abort(WithoutProxy:put_fluke01) 'bytesDone != bytesTotal' returned FALSE. ()
tst_qftp.cpp(1406) : failure location
FAIL! : tst_QFtp::abort(WithSocks5Proxy:get_fluke01) '(int)newData_ba.size() == bytesDone' returned FALSE. ()
tst_qftp.cpp(1886) : failure location
FAIL! : tst_QFtp::abort(WithSocks5Proxy:get_fluke01) Network operation timed out
tst_qftp.cpp(1392) : failure location
FAIL! : tst_QFtp::abort(WithoutProxyWithSession:get_fluke01) '(int)newData_ba.size() == bytesDone' returned FALSE. ()
tst_qftp.cpp(1886) : failure location
FAIL! : tst_QFtp::abort(WithoutProxyWithSession:get_fluke01) Network operation timed out
tst_qftp.cpp(1392) : failure location
FAIL! : tst_QFtp::abort(WithoutProxyWithSession:put_fluke01) 'bytesDone != bytesTotal' returned FALSE. ()
tst_qftp.cpp(1406) : failure location
FAIL! : tst_QFtp::abort(WithSocks5ProxyAndSession:get_fluke01) '(int)newData_ba.size() == bytesDone' returned FALSE. ()
tst_qftp.cpp(1886) : failure location
FAIL! : tst_QFtp::abort(WithSocks5ProxyAndSession:get_fluke01) Network operation timed out
tst_qftp.cpp(1392) : failure location
Totals: 327 passed, 10 failed, 4 skipped
QtQA::App::TestRunner: warning: test duration (398 seconds) is dangerously close to maximum permitted time (450 seconds)
QtQA::App::TestRunner: warning: Either modify the test to reduce its runtime, or use a higher timeout.
QtQA::App::TestRunner: test failed, running again to see if it is flaky...
Change-Id: I122641f174927c6b3668df05c79f88e38b88042f
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
- Replace SRCDIR define by QFINDTESTDATA
- Replace QVERIFY by QCOMPARE where applicable
- Introduce QVERIFY2 with message for comparisons
Change-Id: Ib5a6b0f09428587281e1b9521e4d8a8117c1afdb
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
There is no need to even try to run the tests if the network test
server is not present.
Add a validation in initTestCase() since all test functions depend
on the network test server.
Change-Id: I8eca376a718ab5b6e1cc2c57f2e045dd0b58f52b
Reviewed-by: Richard J. Moore <rich@kde.org>
Currently the only supported SPDY version is 3.0.
The feature needs to be enabled explicitly via
QNetworkRequest::SpdyAllowedAttribute. Whether SPDY actually was used
can be determined via QNetworkRequest::SpdyWasUsedAttribute from a
QNetworkReply once it has been started (i.e. after the encrypted()
signal has been received). Whether SPDY can be used will be
determined during the SSL handshake through the TLS NPN extension
(see separate commit).
The following things from SPDY have not been enabled currently:
* server push is not implemented, it has never been seen in the wild;
in that case we just reject a stream pushed by the server, which is
legit.
* settings are not persisted across SPDY sessions. In practice this
means that the server sends a small message upon session start
telling us e.g. the number of concurrent connections.
* SSL client certificates are not supported.
Task-number: QTBUG-18714
[ChangeLog][QtNetwork] Added support for the SPDY protocol (version
3.0).
Change-Id: I81bbe0495c24ed84e9cf8af3a9dbd63ca1e93d0d
Reviewed-by: Richard J. Moore <rich@kde.org>
They cause test failures from time to time.
Change-Id: I917bef340401d25bf54e133be9d9562b3b133c9f
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
Reviewed-by: Niels Weber <niels.weber@digia.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
A few more HTTP status codes from the 4xx and 5xx series have been
added to QNetworkReply::NetworkError.
For content errors, the following codes have been added:
1. 409 - Resource Conflict
2. 410 - Resource Gone
For server related errors, the following codes have been added:
1. 500 - Internal Server Error
2. 501 - Operation Not Implemented
3. 503 - Service Unavailable
Few of the above codes are quite possible when communicating with REST
based services.
NOTE:
=====
* HTTP error status 400 is interpreted as
QNetworkReply::ProtocolInvalidOperationError.
* QNetworkReply::UnknownServerError is returned for all server related
errors (5xx) not listed above.
[ChangeLog][QtNetwork][QNetworkReply] Added more (specific) HTTP status
codes to NetworkError enum.
Task-number: QTBUG-30880
Change-Id: I9d2a133f6b3869f26710c6eb930dd8b08df31108
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Any cipher that is < 128 bits is excluded from the default SSL
configuration. These ciphers are still included in the list
of availableCiphers() and can be used by applications if required.
Calling QSslSocket::setDefaultCiphers(QSslSocket::availableCiphers())
will restore the old behavior.
Note that in doing so I spotted that calling defaultCiphers() before
doing other actions with SSL had an existing bug that I've addressed
as part of the change.
[ChangeLog][Important Behavior Changes] The default set of
ciphers used by QSslSocket has been changed to exclude ciphers that are
using key lengths smaller than 128 bits. These ciphers are still available
and can be enabled by applications if required.
Change-Id: If2241dda67b624e5febf788efa1369f38c6b1dba
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Commit 773dd01 introduced a general mingw platform scope, which
is cleaner and more flexible than matching the spec name.
Change-Id: Ie3a9cb791a83f7c8a51bc4e23069190c452ab521
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Qt since approximately 4.4 has set the verify callback on both the SSL
store and the SSL context. Only the latter is actually needed. This is
normally not a problem, but openssl prior to 1.0.2 uses the verify
code to find the intermediate certificates for any local certificate
that has been set which can lead to verification errors for the local
certificate to be emitted.
Task-number: QTBUG-33228
Task-number: QTBUG-7200
Task-number: QTBUG-24234
Change-Id: Ie4115e7f7faa1267ea9b807c01b1ed6604c4a16c
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Otherwise you get:
undefined reference to `vtable for QAbstractSocketEngine'
when -developer-build is not used.
Change-Id: I444140736a6bf736894dc12a20f6a4d48af2678e
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Otherwise you get:
undefined reference to `qt_qhostinfo_clear_cache()'
Change-Id: I32313f290b9e4236440ae01afe12285d4539be60
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
the diff -w for this commit is empty.
Started-by: Thiago Macieira <thiago.macieira@intel.com>
Change-Id: I77bb84e71c63ce75e0709e5b94bee18e3ce6ab9e
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
The tests pass with the new test server image. Once we are using the
new test server we can remove the test for the host not found error.
Change-Id: Iac8ba6d8ce31b0865b33a003086aac0339afe338
Reviewed-by: Richard J. Moore <rich@kde.org>
In a slot connected to readyRead, if the app detects that the
buffer size is too small and increases it, it expects that
readyRead() will be emitted again.
setReadBufferSize() doesn't re-enable the socket notifier when
calling from within readyRead, and readyRead itself was missing
the code to do it.
Change-Id: Ia00a3066ad3ba09d5cfae0716adc5691ae96c3fa
Done-with: Thiago
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
For IPv6 addresses don't call toAce as it returns the empty string.
We should reflect the behavior of browsers here, which all accept
cookies from IPv6 addresses.
Original-patch-by: David Tapuska <dtapuska@blackberry.com>
Task-number: QTBUG-35022
Change-Id: Ic00369e923d044ec459822b2405865c13e4185b6
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
If the domain is an IP address, we should not do any magic regarding
leading dots etc.
Task-number: QTBUG-35022
Change-Id: I7722de4e6027666dde27e9e37b6353e3da775d94
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
... because they fail on the new test server. This commit can be
reverted once the Socks5 socket engine is fixed.
Task-number: QTBUG-35490
Change-Id: I85635d4b44d26168d40a56b7a121693297564f0f
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
... because it was used to operate a man-in-the-middle proxy.
Task-number: QTBUG-35474
Change-Id: Ic7f19708b278b866e4f06533cbd84e0ff43357e9
Reviewed-by: Richard J. Moore <rich@kde.org>
It's unexpected that all messages generated by the stream version
of qDebug and friends have a trailing space. It also makes switching
to categorized logging (which only supports the stream version) difficult,
since all autotests checking for debug output would have to be adapted.
Task-number: QTBUG-15256
Change-Id: I8d627a8379dc273d9689f5611184f03607b73823
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
For the conflicts in msvc_nmake.cpp the ifdefs are extended since we
need to support windows phone in the target branch while it is not there
in the current stable branch (as of Qt 5.2).
Conflicts:
configure
qmake/generators/win32/msvc_nmake.cpp
src/3rdparty/angle/src/libEGL/Surface.cpp
src/angle/src/common/common.pri
src/corelib/global/qglobal.h
src/corelib/io/qstandardpaths.cpp
src/plugins/platforms/qnx/qqnxintegration.cpp
src/plugins/platforms/qnx/qqnxscreeneventhandler.h
src/plugins/platforms/xcb/qglxintegration.h
src/widgets/kernel/win.pri
tests/auto/corelib/thread/qreadwritelock/tst_qreadwritelock.cpp
tests/auto/corelib/tools/qdatetime/tst_qdatetime.cpp
tests/auto/gui/text/qtextdocument/tst_qtextdocument.cpp
tools/configure/configureapp.cpp
Change-Id: I00b579eefebaf61d26ab9b00046d2b5bd5958812
to reflect the fact that this returns and sets the whole session
ticket, and not just the session ID.
Change-Id: I00fe2bc4197dbcd7a02b3ae4f2f84e3a2a7edad0
Reviewed-by: Richard J. Moore <rich@kde.org>
Use the correct identifier for the OS X operating system.
Change-Id: I7158a6b77e5e7418bc6b0a565f003500820a346d
Reviewed-by: Jake Petroules <jake.petroules@petroules.com>
Reviewed-by: Eike Ziller <eike.ziller@digia.com>
- Remove irrelevant test subdirs via .pro files
- Follow WinCE codepaths where applicable
- Replace unsupported Win32 APIs with WinRT equivalents
This does not aim to fix any failures in the tests themselves; it only
makes them compile.
Change-Id: Ia82bc0cc402891f8f6238d4c261ee9152b51be80
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@digia.com>
If we end up QSKIP'ing the test 'wronlyFileName' is never created.
Change-Id: I2ccbfdb630b58d7904e73b476a65a82a45ab90d7
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
A handful of tests lack QT_NO_PROCESS guards, making them non-compilable
on Qt builds with no QProcess support. This commit does not change
QProcess-specific tests, which should be left out of the build using the
.pro file mechanism.
Change-Id: Iac8562428abc1f59ccbb23bf5c3a919785e41f12
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@digia.com>
The new test server image will not have a SMTP service installed, and
the network self test does not check for that either.
Change-Id: I1063777832148e184de4ddf21d9154364f644e1e
Reviewed-by: Richard J. Moore <rich@kde.org>
This test works with no Qt version (4 or 5) when testing with the
Squid (HTTP proxy) version deployed on the new test server image.
Task-number: QTBUG-33180
Change-Id: If244526a4baed9f3836dade007fe0f15649a8f86
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
