From 0d7b42d92b3d20701ef80d244aa9f0cea2353e39 Mon Sep 17 00:00:00 2001 From: Volker Hilsheimer Date: Tue, 9 Jul 2024 14:01:58 +0200 Subject: [PATCH] HTTP2: refactor setting of temporary key chain into helper Remove duplicated comment and code that sets and resets the environment variable. As a side effect, restore the environment variable to the value that was set before overwriting it, instead of un-setting it bluntly. Pick-to: 6.7 6.5 Change-Id: Ife0b2631aff27dbcb23079c2162ffed797b351dc Reviewed-by: Timur Pocheptsov (cherry picked from commit f984a6ab7a99ace65e0d73c3f37ef6ad79dd0aa0) Reviewed-by: Qt Cherry-pick Bot --- tests/auto/network/access/http2/tst_http2.cpp | 92 ++++++------------- 1 file changed, 29 insertions(+), 63 deletions(-) diff --git a/tests/auto/network/access/http2/tst_http2.cpp b/tests/auto/network/access/http2/tst_http2.cpp index 9e1feede1b7..7d6d7245415 100644 --- a/tests/auto/network/access/http2/tst_http2.cpp +++ b/tests/auto/network/access/http2/tst_http2.cpp @@ -126,6 +126,29 @@ protected slots: void replyFinishedWithError(); private: + [[nodiscard]] auto useTemporaryKeychain() + { +#if QT_CONFIG(securetransport) + // Normally on macOS we use plain text only for SecureTransport + // does not support ALPN on the server side. With 'direct encrytped' + // we have to use TLS sockets (== private key) and thus suppress a + // keychain UI asking for permission to use a private key. + // Our CI has this, but somebody testing locally - will have a problem. + auto value = qEnvironmentVariable("QT_SSL_USE_TEMPORARY_KEYCHAIN"); + qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1"); + auto envRollback = qScopeGuard([value](){ + if (value.isEmpty()) + qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN"); + else + qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", value.toUtf8()); + }); + return envRollback; +#else + // avoid maybe-unused warnings from callers + return qScopeGuard([]{}); +#endif // QT_CONFIG(securetransport) + } + void clearHTTP2State(); // Run event for 'ms' milliseconds. // The default value '5000' is enough for @@ -250,17 +273,7 @@ void tst_Http2::singleRequest() { clearHTTP2State(); -#if QT_CONFIG(securetransport) - // Normally on macOS we use plain text only for SecureTransport - // does not support ALPN on the server side. With 'direct encrytped' - // we have to use TLS sockets (== private key) and thus suppress a - // keychain UI asking for permission to use a private key. - // Our CI has this, but somebody testing locally - will have a problem. - qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1"); - auto envRollback = qScopeGuard([](){ - qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN"); - }); -#endif + auto rollback = useTemporaryKeychain(); serverPort = 0; nRequests = 1; @@ -706,18 +719,7 @@ void tst_Http2::connectToHost() #if QT_CONFIG(ssl) Q_ASSERT(!clearTextHTTP2 || connectionType != H2Type::h2Alpn); -#if QT_CONFIG(securetransport) - // Normally on macOS we use plain text only for SecureTransport - // does not support ALPN on the server side. With 'direct encrytped' - // we have to use TLS sockets (== private key) and thus suppress a - // keychain UI asking for permission to use a private key. - // Our CI has this, but somebody testing locally - will have a problem. - qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1"); - auto envRollback = qScopeGuard([](){ - qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN"); - }); -#endif // QT_CONFIG(securetransport) - + auto rollback = useTemporaryKeychain(); #else Q_ASSERT(connectionType == H2Type::h2c || connectionType == H2Type::h2cDirect); Q_ASSERT(targetServer->isClearText()); @@ -804,17 +806,7 @@ void tst_Http2::maxFrameSize() // 'SETTINGS'. If done properly, our server will not chunk // the payload into several DATA frames. -#if QT_CONFIG(securetransport) - // Normally on macOS we use plain text only for SecureTransport - // does not support ALPN on the server side. With 'direct encrytped' - // we have to use TLS sockets (== private key) and thus suppress a - // keychain UI asking for permission to use a private key. - // Our CI has this, but somebody testing locally - will have a problem. - qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1"); - auto envRollback = qScopeGuard([](){ - qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN"); - }); -#endif // QT_CONFIG(securetransport) + auto rollback = useTemporaryKeychain(); auto connectionType = H2Type::h2Alpn; auto attribute = QNetworkRequest::Http2AllowedAttribute; @@ -969,15 +961,7 @@ void tst_Http2::moreActivitySignals() { clearHTTP2State(); -#if QT_CONFIG(securetransport) - // Normally on macOS we use plain text only for SecureTransport - // does not support ALPN on the server side. With 'direct encrytped' - // we have to use TLS sockets (== private key) and thus suppress a - // keychain UI asking for permission to use a private key. - // Our CI has this, but somebody testing locally - will have a problem. - qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1"); - auto envRollback = qScopeGuard([]() { qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN"); }); -#endif + auto rollback = useTemporaryKeychain(); serverPort = 0; QFETCH(H2Type, connectionType); @@ -1080,15 +1064,7 @@ void tst_Http2::contentEncoding() { clearHTTP2State(); -#if QT_CONFIG(securetransport) - // Normally on macOS we use plain text only for SecureTransport - // does not support ALPN on the server side. With 'direct encrytped' - // we have to use TLS sockets (== private key) and thus suppress a - // keychain UI asking for permission to use a private key. - // Our CI has this, but somebody testing locally - will have a problem. - qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1"); - auto envRollback = qScopeGuard([]() { qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN"); }); -#endif + auto rollback = useTemporaryKeychain(); QFETCH(H2Type, connectionType); @@ -1553,17 +1529,7 @@ void tst_Http2::abortOnEncrypted() QSKIP("TLS support is needed for this test"); #else -#if QT_CONFIG(securetransport) - // Normally on macOS we use plain text only for SecureTransport - // does not support ALPN on the server side. With 'direct encrytped' - // we have to use TLS sockets (== private key) and thus suppress a - // keychain UI asking for permission to use a private key. - // Our CI has this, but somebody testing locally - will have a problem. - qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1"); - auto envRollback = qScopeGuard([](){ - qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN"); - }); -#endif + auto rollback = useTemporaryKeychain(); clearHTTP2State(); serverPort = 0;