1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

QTestLib: Add helper function to check for keychain access issues

Browse Source 
To be used in network-related tests where we potentially are
using private/public keys and (on macOS) end-up with keychain
access blocking a test with dialogs requesting a permission
to access the keychain.

Task-number: QTBUG-132645
Pick-to: 6.8
Change-Id: Ide74633bf88b0453d5d8f8de56282c8cf8207380
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@qt.io>
(cherry picked from commit 13109ba350686cd8ce8e298db5d76d0e7c209bd1)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
This commit is contained in:
Timur Pocheptsov 2025-01-08 13:24:59 +01:00 committed by Qt Cherry-pick Bot
parent 940fc15ec1
commit 2d819c7027
6 changed files with 51 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
src/testlib/qtesthelpers_p.h
View File

@ -30,6 +30,14 @@
#include <QtWidgets/QWidget> #include <QtWidgets/QWidget>
#endif #endif
#ifdef QT_NETWORK_LIB
#if QT_CONFIG(ssl)
#include <QtCore/qoperatingsystemversion.h>
#include <QtCore/qsystemdetection.h>
#include <QtNetwork/qsslsocket.h>
#endif // QT_CONFIG(ssl)
#endif // QT_NETWORK_LIB
QT_BEGIN_NAMESPACE QT_BEGIN_NAMESPACE
namespace QTestPrivate { namespace QTestPrivate {
@ -83,6 +91,31 @@ static inline void androidCompatibleShow(QWidget *widget)
} }
#endif // QT_WIDGETS_LIB #endif // QT_WIDGETS_LIB
#ifdef QT_NETWORK_LIB
inline bool isSecureTransportBlockingTest()
{
#ifdef Q_OS_MACOS
#if QT_CONFIG(ssl)
if (QSslSocket::activeBackend() == QLatin1String("securetransport")) {
#if QT_MACOS_IOS_PLATFORM_SDK_EQUAL_OR_ABOVE(150000, 180000)
// Starting from macOS 15 our temporary keychain is ignored.
// We have to use kSecImportToMemoryOnly/kCFBooleanTrue key/value
// instead. This way we don't have to use QT_SSL_USE_TEMPORARY_KEYCHAIN anymore.
return false;
#else
if (QOperatingSystemVersion::current() >= QOperatingSystemVersion::MacOSSequoia) {
// We were built with SDK below 15, and running on/above 15, but file-based
// keychains are not working anymore on macOS 15, blocking the test execution.
return true;
}
#endif // Platform SDK.
}
#endif // QT_CONFIG(ssl)
#endif // Q_OS_MACOS
return false;
}
#endif // QT_NETWORK_LIB
} // namespace QTestPrivate } // namespace QTestPrivate
QT_END_NAMESPACE QT_END_NAMESPACE

41
tests/auto/network-helpers.h
View File

@ -1,41 +0,0 @@
// Copyright (C) 2024 The Qt Company Ltd.
// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
#include <QtNetwork/qtnetworkglobal.h>
#include <QtCore/qoperatingsystemversion.h>
#include <QtCore/qsystemdetection.h>
#if QT_CONFIG(ssl)
#include <QtNetwork/qsslsocket.h>
#endif
namespace QtNetworkTestHelpers
{
bool isSecureTransportBlockingTest()
{
#ifdef Q_OS_MACOS
#if QT_CONFIG(ssl)
if (QSslSocket::activeBackend() == QLatin1String("securetransport")) {
#if QT_MACOS_IOS_PLATFORM_SDK_EQUAL_OR_ABOVE(150000, 180000)
// Starting from macOS 15 our temporary keychain is ignored.
// We have to use kSecImportToMemoryOnly/kCFBooleanTrue key/value
// instead. This way we don't have to use QT_SSL_USE_TEMPORARY_KEYCHAIN anymore.
return false;
#else
if (QOperatingSystemVersion::current() >= QOperatingSystemVersion::MacOSSequoia) {
// We were built with SDK below 15, and running on/above 15, but file-based
// keychains are not working anymore on macOS 15, blocking the test execution.
return true;
}
#endif // Platform SDK.
}
#endif // QT_CONFIG(ssl)
#endif // Q_OS_MACOS
return false;
}
}

1
tests/auto/network/access/qnetworkreply/test/CMakeLists.txt
View File

@ -27,6 +27,7 @@ qt_internal_add_test(tst_qnetworkreply
LIBRARIES LIBRARIES
Qt::CorePrivate Qt::CorePrivate
Qt::NetworkPrivate Qt::NetworkPrivate
Qt::TestPrivate
TESTDATA ${test_data} TESTDATA ${test_data}
QT_TEST_SERVER_LIST "vsftpd" "apache2" "ftp-proxy" "danted" "squid" QT_TEST_SERVER_LIST "vsftpd" "apache2" "ftp-proxy" "danted" "squid"
BUNDLE_ANDROID_OPENSSL_LIBS BUNDLE_ANDROID_OPENSSL_LIBS

21
tests/auto/network/access/qnetworkreply/tst_qnetworkreply.cpp
View File

@ -84,7 +84,8 @@ Q_DECLARE_METATYPE(QSharedPointer<char>)
#include <time.h> #include <time.h>
#include "../../../network-settings.h" #include "../../../network-settings.h"
#include "../../../network-helpers.h"
#include <QtTest/private/qtesthelpers_p.h>
#ifdef Q_OS_INTEGRITY #ifdef Q_OS_INTEGRITY
#include "qplatformdefs.h" #include "qplatformdefs.h"
@ -5617,7 +5618,7 @@ void tst_QNetworkReply::ioPostToHttpsUploadProgress()
{ {
//QFile sourceFile(testDataDir + "/bigfile"); //QFile sourceFile(testDataDir + "/bigfile");
//QVERIFY(sourceFile.open(QIODevice::ReadOnly)); //QVERIFY(sourceFile.open(QIODevice::ReadOnly));
if (QtNetworkTestHelpers::isSecureTransportBlockingTest()) if (QTestPrivate::isSecureTransportBlockingTest())
QSKIP("SecureTransport: temporary keychain is not working on this version of macOS"); QSKIP("SecureTransport: temporary keychain is not working on this version of macOS");
qint64 wantedSize = 2*1024*1024; // 2 MB qint64 wantedSize = 2*1024*1024; // 2 MB
@ -5697,7 +5698,7 @@ void tst_QNetworkReply::ioGetFromBuiltinHttp()
QFETCH(bool, https); QFETCH(bool, https);
QFETCH(int, bufferSize); QFETCH(int, bufferSize);
if (https && QtNetworkTestHelpers::isSecureTransportBlockingTest()) if (https && QTestPrivate::isSecureTransportBlockingTest())
QSKIP("SecureTransport: temporary keychain is not working on this version of macOS"); QSKIP("SecureTransport: temporary keychain is not working on this version of macOS");
QByteArray testData; QByteArray testData;
@ -6461,7 +6462,7 @@ void tst_QNetworkReply::httpProxyCommands_data()
<< QByteArray("HTTP/1.0 200 OK\r\nProxy-Connection: close\r\nContent-Length: 1\r\n\r\n1") << QByteArray("HTTP/1.0 200 OK\r\nProxy-Connection: close\r\nContent-Length: 1\r\n\r\n1")
<< "GET http://0.0.0.0:4443/http-request HTTP/1."; << "GET http://0.0.0.0:4443/http-request HTTP/1.";
#if QT_CONFIG(ssl) #if QT_CONFIG(ssl)
if (QtNetworkTestHelpers::isSecureTransportBlockingTest()) if (QTestPrivate::isSecureTransportBlockingTest())
QSKIP("SecureTransport: temporary keychain is not working on this version of macOS"); QSKIP("SecureTransport: temporary keychain is not working on this version of macOS");
QTest::newRow("https") QTest::newRow("https")
@ -6690,7 +6691,7 @@ void tst_QNetworkReply::httpConnectionCount_data()
QTest::addRow("http/1.1") << false << false; QTest::addRow("http/1.1") << false << false;
QTest::addRow("http/2") << true << false; QTest::addRow("http/2") << true << false;
#if QT_CONFIG(ssl) #if QT_CONFIG(ssl)
if (!QtNetworkTestHelpers::isSecureTransportBlockingTest()) { if (!QTestPrivate::isSecureTransportBlockingTest()) {
QTest::addRow("https/1.1") << false << true; QTest::addRow("https/1.1") << false << true;
QTest::addRow("https/2") << true << true; QTest::addRow("https/2") << true << true;
} }
@ -7051,7 +7052,7 @@ void tst_QNetworkReply::encrypted()
void tst_QNetworkReply::abortOnEncrypted() void tst_QNetworkReply::abortOnEncrypted()
{ {
if (QtNetworkTestHelpers::isSecureTransportBlockingTest()) if (QTestPrivate::isSecureTransportBlockingTest())
QSKIP("SecureTransport: temporary keychain is not working on this version of macOS"); QSKIP("SecureTransport: temporary keychain is not working on this version of macOS");
SslServer server; SslServer server;
@ -9149,7 +9150,7 @@ void tst_QNetworkReply::ioHttpRedirectErrors()
QFETCH(QNetworkReply::NetworkError, error); QFETCH(QNetworkReply::NetworkError, error);
QUrl localhost(url); QUrl localhost(url);
if (localhost.scheme() == QLatin1String("https") && QtNetworkTestHelpers::isSecureTransportBlockingTest()) if (localhost.scheme() == QLatin1String("https") && QTestPrivate::isSecureTransportBlockingTest())
QSKIP("SecureTransport: temporary keychain is not working on this version of macOS"); QSKIP("SecureTransport: temporary keychain is not working on this version of macOS");
MiniHttpServer server("", localhost.scheme() == QLatin1String("https")); MiniHttpServer server("", localhost.scheme() == QLatin1String("https"));
@ -9228,7 +9229,7 @@ void tst_QNetworkReply::ioHttpRedirectPolicy()
QFETCH(const QNetworkRequest::RedirectPolicy, policy); QFETCH(const QNetworkRequest::RedirectPolicy, policy);
QFETCH(const bool, ssl); QFETCH(const bool, ssl);
if (ssl && QtNetworkTestHelpers::isSecureTransportBlockingTest()) if (ssl && QTestPrivate::isSecureTransportBlockingTest())
QSKIP("SecureTransport: temporary keychain is not working on this version of macOS"); QSKIP("SecureTransport: temporary keychain is not working on this version of macOS");
QFETCH(const int, redirectCount); QFETCH(const int, redirectCount);
@ -9312,7 +9313,7 @@ void tst_QNetworkReply::ioHttpRedirectPolicyErrors()
QVERIFY(policy != QNetworkRequest::ManualRedirectPolicy); QVERIFY(policy != QNetworkRequest::ManualRedirectPolicy);
QFETCH(const bool, ssl); QFETCH(const bool, ssl);
if (ssl && QtNetworkTestHelpers::isSecureTransportBlockingTest()) if (ssl && QTestPrivate::isSecureTransportBlockingTest())
QSKIP("SecureTransport: temporary keychain is not working on this version of macOS"); QSKIP("SecureTransport: temporary keychain is not working on this version of macOS");
QFETCH(const QString, location); QFETCH(const QString, location);
QFETCH(const int, maxRedirects); QFETCH(const int, maxRedirects);
@ -9899,7 +9900,7 @@ public slots:
void tst_QNetworkReply::putWithServerClosingConnectionImmediately() void tst_QNetworkReply::putWithServerClosingConnectionImmediately()
{ {
if (QtNetworkTestHelpers::isSecureTransportBlockingTest()) if (QTestPrivate::isSecureTransportBlockingTest())
QSKIP("SecureTransport: temporary keychain is not working on this version of macOS"); QSKIP("SecureTransport: temporary keychain is not working on this version of macOS");
const int numUploads = 40; const int numUploads = 40;

1
tests/auto/network/ssl/qsslserver/CMakeLists.txt
View File

@ -24,6 +24,7 @@ qt_internal_add_test(tst_qsslserver
LIBRARIES LIBRARIES
Qt::CorePrivate Qt::CorePrivate
Qt::NetworkPrivate Qt::NetworkPrivate
Qt::TestPrivate
TESTDATA ${test_data} TESTDATA ${test_data}
BUNDLE_ANDROID_OPENSSL_LIBS BUNDLE_ANDROID_OPENSSL_LIBS
) )

10
tests/auto/network/ssl/qsslserver/tst_qsslserver.cpp
View File

@ -10,7 +10,7 @@
#include <QtNetwork/QSslKey> #include <QtNetwork/QSslKey>
#include "private/qtlsbackend_p.h" #include "private/qtlsbackend_p.h"
#include "../../../network-helpers.h" #include <QtTest/private/qtesthelpers_p.h>
class tst_QSslServer : public QObject class tst_QSslServer : public QObject
{ {
@ -127,7 +127,7 @@ QSslConfiguration tst_QSslServer::createQSslConfiguration(QString keyFileName,
void tst_QSslServer::testOneSuccessfulConnection() void tst_QSslServer::testOneSuccessfulConnection()
{ {
if (QtNetworkTestHelpers::isSecureTransportBlockingTest()) if (QTestPrivate::isSecureTransportBlockingTest())
QSKIP("SecureTransport will block this test while requesting keychain access"); QSKIP("SecureTransport will block this test while requesting keychain access");
// Setup server // Setup server
QSslConfiguration serverConfiguration = selfSignedServerQSslConfiguration(); QSslConfiguration serverConfiguration = selfSignedServerQSslConfiguration();
@ -208,7 +208,7 @@ void tst_QSslServer::testOneSuccessfulConnection()
void tst_QSslServer::testSelfSignedCertificateRejectedByServer() void tst_QSslServer::testSelfSignedCertificateRejectedByServer()
{ {
if (QtNetworkTestHelpers::isSecureTransportBlockingTest()) if (QTestPrivate::isSecureTransportBlockingTest())
QSKIP("SecureTransport will block this test while requesting keychain access"); QSKIP("SecureTransport will block this test while requesting keychain access");
// Set up server that verifies client // Set up server that verifies client
QSslConfiguration serverConfiguration = selfSignedServerQSslConfiguration(); QSslConfiguration serverConfiguration = selfSignedServerQSslConfiguration();
@ -263,7 +263,7 @@ void tst_QSslServer::testSelfSignedCertificateRejectedByServer()
void tst_QSslServer::testSelfSignedCertificateRejectedByClient() void tst_QSslServer::testSelfSignedCertificateRejectedByClient()
{ {
if (QtNetworkTestHelpers::isSecureTransportBlockingTest()) if (QTestPrivate::isSecureTransportBlockingTest())
QSKIP("SecureTransport will block this test while requesting keychain access"); QSKIP("SecureTransport will block this test while requesting keychain access");
// Set up server without verification of client // Set up server without verification of client
QSslConfiguration serverConfiguration = selfSignedServerQSslConfiguration(); QSslConfiguration serverConfiguration = selfSignedServerQSslConfiguration();
@ -498,7 +498,7 @@ void tst_QSslServer::quietClient()
void tst_QSslServer::twoGoodAndManyBadClients() void tst_QSslServer::twoGoodAndManyBadClients()
{ {
if (QtNetworkTestHelpers::isSecureTransportBlockingTest()) if (QTestPrivate::isSecureTransportBlockingTest())
QSKIP("SecureTransport will block this test while requesting keychain access"); QSKIP("SecureTransport will block this test while requesting keychain access");
QSslConfiguration serverConfiguration = selfSignedServerQSslConfiguration(); QSslConfiguration serverConfiguration = selfSignedServerQSslConfiguration();