1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HTTP2: refactor setting of temporary key chain into helper

Browse Source 
Remove duplicated comment and code that sets and resets the environment
variable. As a side effect, restore the environment variable to the
value that was set before overwriting it, instead of un-setting it
bluntly.

Pick-to: 6.7 6.5
Change-Id: Ife0b2631aff27dbcb23079c2162ffed797b351dc
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
(cherry picked from commit f984a6ab7a99ace65e0d73c3f37ef6ad79dd0aa0)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
This commit is contained in:
Volker Hilsheimer 2024-07-09 14:01:58 +02:00 committed by Qt Cherry-pick Bot
parent e25f619663
commit 0d7b42d92b
1 changed files with 29 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
tests/auto/network/access/http2/tst_http2.cpp
View File

@ -126,6 +126,29 @@ protected slots:
void replyFinishedWithError(); void replyFinishedWithError();
private: private:
[[nodiscard]] auto useTemporaryKeychain()
{
#if QT_CONFIG(securetransport)
// Normally on macOS we use plain text only for SecureTransport
// does not support ALPN on the server side. With 'direct encrytped'
// we have to use TLS sockets (== private key) and thus suppress a
// keychain UI asking for permission to use a private key.
// Our CI has this, but somebody testing locally - will have a problem.
auto value = qEnvironmentVariable("QT_SSL_USE_TEMPORARY_KEYCHAIN");
qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1");
auto envRollback = qScopeGuard([value](){
if (value.isEmpty())
qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN");
else
qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", value.toUtf8());
});
return envRollback;
#else
// avoid maybe-unused warnings from callers
return qScopeGuard([]{});
#endif // QT_CONFIG(securetransport)
}
void clearHTTP2State(); void clearHTTP2State();
// Run event for 'ms' milliseconds. // Run event for 'ms' milliseconds.
// The default value '5000' is enough for // The default value '5000' is enough for
@ -250,17 +273,7 @@ void tst_Http2::singleRequest()
{ {
clearHTTP2State(); clearHTTP2State();
#if QT_CONFIG(securetransport) auto rollback = useTemporaryKeychain();
// Normally on macOS we use plain text only for SecureTransport
// does not support ALPN on the server side. With 'direct encrytped'
// we have to use TLS sockets (== private key) and thus suppress a
// keychain UI asking for permission to use a private key.
// Our CI has this, but somebody testing locally - will have a problem.
qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1");
auto envRollback = qScopeGuard([](){
qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN");
});
#endif
serverPort = 0; serverPort = 0;
nRequests = 1; nRequests = 1;
@ -706,18 +719,7 @@ void tst_Http2::connectToHost()
#if QT_CONFIG(ssl) #if QT_CONFIG(ssl)
Q_ASSERT(!clearTextHTTP2 || connectionType != H2Type::h2Alpn); Q_ASSERT(!clearTextHTTP2 || connectionType != H2Type::h2Alpn);
#if QT_CONFIG(securetransport) auto rollback = useTemporaryKeychain();
// Normally on macOS we use plain text only for SecureTransport
// does not support ALPN on the server side. With 'direct encrytped'
// we have to use TLS sockets (== private key) and thus suppress a
// keychain UI asking for permission to use a private key.
// Our CI has this, but somebody testing locally - will have a problem.
qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1");
auto envRollback = qScopeGuard([](){
qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN");
});
#endif // QT_CONFIG(securetransport)
#else #else
Q_ASSERT(connectionType == H2Type::h2c || connectionType == H2Type::h2cDirect); Q_ASSERT(connectionType == H2Type::h2c || connectionType == H2Type::h2cDirect);
Q_ASSERT(targetServer->isClearText()); Q_ASSERT(targetServer->isClearText());
@ -804,17 +806,7 @@ void tst_Http2::maxFrameSize()
// 'SETTINGS'. If done properly, our server will not chunk // 'SETTINGS'. If done properly, our server will not chunk
// the payload into several DATA frames. // the payload into several DATA frames.
#if QT_CONFIG(securetransport) auto rollback = useTemporaryKeychain();
// Normally on macOS we use plain text only for SecureTransport
// does not support ALPN on the server side. With 'direct encrytped'
// we have to use TLS sockets (== private key) and thus suppress a
// keychain UI asking for permission to use a private key.
// Our CI has this, but somebody testing locally - will have a problem.
qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1");
auto envRollback = qScopeGuard([](){
qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN");
});
#endif // QT_CONFIG(securetransport)
auto connectionType = H2Type::h2Alpn; auto connectionType = H2Type::h2Alpn;
auto attribute = QNetworkRequest::Http2AllowedAttribute; auto attribute = QNetworkRequest::Http2AllowedAttribute;
@ -969,15 +961,7 @@ void tst_Http2::moreActivitySignals()
{ {
clearHTTP2State(); clearHTTP2State();
#if QT_CONFIG(securetransport) auto rollback = useTemporaryKeychain();
// Normally on macOS we use plain text only for SecureTransport
// does not support ALPN on the server side. With 'direct encrytped'
// we have to use TLS sockets (== private key) and thus suppress a
// keychain UI asking for permission to use a private key.
// Our CI has this, but somebody testing locally - will have a problem.
qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1");
auto envRollback = qScopeGuard([]() { qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN"); });
#endif
serverPort = 0; serverPort = 0;
QFETCH(H2Type, connectionType); QFETCH(H2Type, connectionType);
@ -1080,15 +1064,7 @@ void tst_Http2::contentEncoding()
{ {
clearHTTP2State(); clearHTTP2State();
#if QT_CONFIG(securetransport) auto rollback = useTemporaryKeychain();
// Normally on macOS we use plain text only for SecureTransport
// does not support ALPN on the server side. With 'direct encrytped'
// we have to use TLS sockets (== private key) and thus suppress a
// keychain UI asking for permission to use a private key.
// Our CI has this, but somebody testing locally - will have a problem.
qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1");
auto envRollback = qScopeGuard([]() { qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN"); });
#endif
QFETCH(H2Type, connectionType); QFETCH(H2Type, connectionType);
@ -1553,17 +1529,7 @@ void tst_Http2::abortOnEncrypted()
QSKIP("TLS support is needed for this test"); QSKIP("TLS support is needed for this test");
#else #else
#if QT_CONFIG(securetransport) auto rollback = useTemporaryKeychain();
// Normally on macOS we use plain text only for SecureTransport
// does not support ALPN on the server side. With 'direct encrytped'
// we have to use TLS sockets (== private key) and thus suppress a
// keychain UI asking for permission to use a private key.
// Our CI has this, but somebody testing locally - will have a problem.
qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1");
auto envRollback = qScopeGuard([](){
qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN");
});
#endif
clearHTTP2State(); clearHTTP2State();
serverPort = 0; serverPort = 0;