Select single-name SSL certificate for test servers using host network
On Windows and macOS, the containers are deployed into a virtual machine using the host network. All the containers share the same hostname (qt-test-server), and they are connected to the same network domain (local). When running test in such platforms, use the single-name SSL certificate (qt-test-server.local) for SSL related tests. Change-Id: Idf33e01e8dd8814510d848b87b59b5fc0edc903e Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
This commit is contained in:
parent
d8d60696da
commit
71cd5a6f36
@ -0,0 +1,16 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIClzCCAgACCQDeuuUc2HkfKDANBgkqhkiG9w0BAQQFADCBjzELMAkGA1UEChMC
|
||||
UXQxGTAXBgNVBAsTEENvcmUgQW5kIE5ldHdvcmsxGzAZBgkqhkiG9w0BCQEWDG5v
|
||||
Ym9keS5xdC5pbzENMAsGA1UEBxMET3NsbzENMAsGA1UECBMET3NsbzELMAkGA1UE
|
||||
BhMCTk8xHTAbBgNVBAMTFHF0LXRlc3Qtc2VydmVyLmxvY2FsMB4XDTE5MDEyNTE1
|
||||
NDE0N1oXDTQ5MDExNzE1NDE0N1owgY8xCzAJBgNVBAoTAlF0MRkwFwYDVQQLExBD
|
||||
b3JlIEFuZCBOZXR3b3JrMRswGQYJKoZIhvcNAQkBFgxub2JvZHkucXQuaW8xDTAL
|
||||
BgNVBAcTBE9zbG8xDTALBgNVBAgTBE9zbG8xCzAJBgNVBAYTAk5PMR0wGwYDVQQD
|
||||
ExRxdC10ZXN0LXNlcnZlci5sb2NhbDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
|
||||
gYEAzarbb9Y0yafxwL7kQRgZ4gLJIuan1boDLp4oevRfGndfd6kRO49+8C7Gnus6
|
||||
2RLXwQxR6CRSPyPDQgwRxvIcoUL+tMJpg633cLEYFcwgKGIw8CwV5jMZr8PrHMCR
|
||||
9xFolFD4STcIMtc+dd+jvGkAFd7Nhw9cAmuCyAF9avAd3HMCAwEAATANBgkqhkiG
|
||||
9w0BAQQFAAOBgQB1dxK3Ia4sCpvSikKLaf1ZXu+9GKaNWKJe9bWex9/RmNOla9N2
|
||||
FIh6/CfaPFDy/OXCkyEiGg78iyg/DgqVoa9JJGV3diI6berisHMPJpv1syyz9YEU
|
||||
G3RQUClPcPV6EcedyqCdpbnIFtiSZbtJ0ZBGef4KzBN3rTmPucKb+bhMPg==
|
||||
-----END CERTIFICATE-----
|
@ -550,8 +550,15 @@ static void setupSslServer(QSslSocket* serverSocket)
|
||||
}
|
||||
|
||||
#ifdef QT_TEST_SERVER
|
||||
#ifdef QT_TEST_SERVER_NAME
|
||||
// In this case, each server is assigned a unique hostname. Use the wildcard SSL
|
||||
// certificate (*.test-net.qt.local).
|
||||
const QString tst_QNetworkReply::certsFilePath = "/certs/qt-test-net-cacert.pem";
|
||||
#else
|
||||
// Otherwise, select the single-name SSL certificate (qt-test-server.local) instead.
|
||||
const QString tst_QNetworkReply::certsFilePath = "/certs/qt-test-server-host-network-cacert.pem";
|
||||
#endif // QT_TEST_SERVER_NAME
|
||||
#else
|
||||
const QString tst_QNetworkReply::certsFilePath = "/certs/qt-test-server-cacert.pem";
|
||||
#endif
|
||||
|
||||
|
@ -62,7 +62,19 @@ isEmpty(TESTSERVER_VERSION) {
|
||||
# Make check with server "qt-test-server.qt-test-net" as a fallback
|
||||
} else {
|
||||
# Make check with docker test servers
|
||||
DNSDOMAIN = test-net.qt.local
|
||||
equals(QMAKE_HOST.os, Linux) {
|
||||
# For the platform supporting docker bridge network, each container is
|
||||
# assigned a unique hostname and connected to the same network domain
|
||||
# to communicate with the others.
|
||||
DEFINES += QT_TEST_SERVER_NAME
|
||||
DNSDOMAIN = test-net.qt.local
|
||||
} else {
|
||||
# For the others, the containers are deployed into a virtual machine
|
||||
# using the host network. All the containers share the same hostname of
|
||||
# the virtual machine, and they are connected to the same network domain.
|
||||
# NOTE: In Windows, Apple Bonjour only works within a single local domain.
|
||||
DNSDOMAIN = local
|
||||
}
|
||||
|
||||
equals(QMAKE_HOST.os, Darwin) {
|
||||
# There is no docker bridge on macOS. It is impossible to ping a container.
|
||||
@ -86,9 +98,6 @@ isEmpty(TESTSERVER_VERSION) {
|
||||
TESTSERVER_COMPOSE_FILE = \
|
||||
$$dirname(_QMAKE_CONF_)/tests/testserver/docker-compose-for-windows.yml
|
||||
|
||||
# Bonjour only works within a single broadcast domain.
|
||||
DNSDOMAIN = local
|
||||
|
||||
# The connection configuration for the target machine
|
||||
MACHINE_CONFIG = (docker-machine config qt-test-server)
|
||||
|
||||
@ -104,7 +113,6 @@ isEmpty(TESTSERVER_VERSION) {
|
||||
CONFIG += PowerShell
|
||||
} else {
|
||||
TESTSERVER_COMPOSE_FILE = $$dirname(_QMAKE_CONF_)/tests/testserver/docker-compose.yml
|
||||
DEFINES += QT_TEST_SERVER_NAME
|
||||
|
||||
# The environment variables passed to the docker-compose file
|
||||
TEST_ENV = 'TEST_DOMAIN=$$DNSDOMAIN'
|
||||
|
@ -35,5 +35,6 @@ set -ex
|
||||
|
||||
# install ssl_certs and test data
|
||||
su $USER -c "mkdir -p -m 700 ~/ssl-certs/private"
|
||||
su $USER -c "cp $CONFIG/ssl/qt-test-server-cert.pem ~/ssl-certs/"
|
||||
su $USER -c \
|
||||
"cp $CONFIG/ssl/${test_cert:-qt-test-server-cert.pem} ~/ssl-certs/qt-test-server-cert.pem"
|
||||
su $USER -c "cp $CONFIG/ssl/private/qt-test-server-key.pem ~/ssl-certs/private/"
|
||||
|
16
tests/testserver/common/testdata/ssl/qt-test-server-host-network-cacert.pem
vendored
Normal file
16
tests/testserver/common/testdata/ssl/qt-test-server-host-network-cacert.pem
vendored
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIClzCCAgACCQDeuuUc2HkfKDANBgkqhkiG9w0BAQQFADCBjzELMAkGA1UEChMC
|
||||
UXQxGTAXBgNVBAsTEENvcmUgQW5kIE5ldHdvcmsxGzAZBgkqhkiG9w0BCQEWDG5v
|
||||
Ym9keS5xdC5pbzENMAsGA1UEBxMET3NsbzENMAsGA1UECBMET3NsbzELMAkGA1UE
|
||||
BhMCTk8xHTAbBgNVBAMTFHF0LXRlc3Qtc2VydmVyLmxvY2FsMB4XDTE5MDEyNTE1
|
||||
NDE0N1oXDTQ5MDExNzE1NDE0N1owgY8xCzAJBgNVBAoTAlF0MRkwFwYDVQQLExBD
|
||||
b3JlIEFuZCBOZXR3b3JrMRswGQYJKoZIhvcNAQkBFgxub2JvZHkucXQuaW8xDTAL
|
||||
BgNVBAcTBE9zbG8xDTALBgNVBAgTBE9zbG8xCzAJBgNVBAYTAk5PMR0wGwYDVQQD
|
||||
ExRxdC10ZXN0LXNlcnZlci5sb2NhbDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
|
||||
gYEAzarbb9Y0yafxwL7kQRgZ4gLJIuan1boDLp4oevRfGndfd6kRO49+8C7Gnus6
|
||||
2RLXwQxR6CRSPyPDQgwRxvIcoUL+tMJpg633cLEYFcwgKGIw8CwV5jMZr8PrHMCR
|
||||
9xFolFD4STcIMtc+dd+jvGkAFd7Nhw9cAmuCyAF9avAd3HMCAwEAATANBgkqhkiG
|
||||
9w0BAQQFAAOBgQB1dxK3Ia4sCpvSikKLaf1ZXu+9GKaNWKJe9bWex9/RmNOla9N2
|
||||
FIh6/CfaPFDy/OXCkyEiGg78iyg/DgqVoa9JJGV3diI6berisHMPJpv1syyz9YEU
|
||||
G3RQUClPcPV6EcedyqCdpbnIFtiSZbtJ0ZBGef4KzBN3rTmPucKb+bhMPg==
|
||||
-----END CERTIFICATE-----
|
@ -25,6 +25,7 @@ services:
|
||||
- "qt-test-server.${TEST_DOMAIN}:${MACHINE_IP}"
|
||||
environment:
|
||||
- test_domain=${TEST_DOMAIN}
|
||||
- test_cert="qt-test-server-host-network-cacert.pem"
|
||||
|
||||
squid:
|
||||
image: qt-test-server-squid:9c32f41b19aca3d778733c4d8fb0ecc5955e893c
|
||||
|
@ -25,6 +25,7 @@ services:
|
||||
- "qt-test-server.${TEST_DOMAIN}:${MACHINE_IP}"
|
||||
environment:
|
||||
- test_domain=${TEST_DOMAIN}
|
||||
- test_cert="qt-test-server-host-network-cacert.pem"
|
||||
|
||||
squid:
|
||||
image: qt-test-server-squid:9c32f41b19aca3d778733c4d8fb0ecc5955e893c
|
||||
|
Loading…
x
Reference in New Issue
Block a user