tst_QSslSocket: skip tests requiring TLS v 1.0 downgrade

If OpenSSL version is 3.1.1 or above - this version moved the protocol
under security level 0, but the default one is 1.

Fixes: QTBUG-116166
Change-Id: Iaabb2cf33e2a9f280d6167233ee16080dee808b0
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
(cherry picked from commit 6d6d22b65d9a0cc8664cc9e051e66a80db132b6e)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>

tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp

@@ -293,6 +293,7 @@ private:
     QSslSocket *socket;
     QList<QSslError> storedExpectedSslErrors;
     bool isTestingOpenSsl = false;
+    bool isSecurityLevel0Required = false;
     bool opensslResolved = false;
     bool isTestingSecureTransport = false;
     bool isTestingSchannel = false;
@@ -412,6 +413,9 @@ void tst_QSslSocket::initTestCase()
         flukeCertificateError = QSslError::SelfSignedCertificate;
 #if QT_CONFIG(openssl)
         opensslResolved = qt_auto_test_resolve_OpenSSL_symbols();
+        // This is where OpenSSL moved several protocols under
+        // non-default (0) security level (the default is 1).
+        isSecurityLevel0Required = OPENSSL_VERSION_NUMBER >= 0x30100010;
 #else
         opensslResolved = false; // Not 'unused variable' anymore.
 #endif
@@ -810,6 +814,10 @@ void tst_QSslSocket::simpleConnect()
     if (!QSslSocket::supportsSsl())
         return;
 
+    // Starting from OpenSSL v 3.1.1 deprecated protocol versions (we want to use when connecting) are not available by default.
+    if (isSecurityLevel0Required)
+        QSKIP("Testing with OpenSSL backend, but security level 0 is required for TLS v1.1 or earlier");
+
     QFETCH_GLOBAL(bool, setProxy);
     if (setProxy)
         return;
@@ -871,6 +879,10 @@ void tst_QSslSocket::simpleConnectWithIgnore()
     if (!QSslSocket::supportsSsl())
         return;
 
+    // Starting from OpenSSL v 3.1.1 deprecated protocol versions (we want to use when connecting) are not available by default.
+    if (isSecurityLevel0Required)
+        QSKIP("Testing with OpenSSL backend, but security level 0 is required for TLS v1.1 or earlier");
+
     QFETCH_GLOBAL(bool, setProxy);
     if (setProxy)
         return;
@@ -915,6 +927,10 @@ void tst_QSslSocket::simpleConnectWithIgnore()
 
 void tst_QSslSocket::sslErrors_data()
 {
+    // Starting from OpenSSL v 3.1.1 deprecated protocol versions (we want to use in 'sslErrors' test) are not available by default.
+    if (isSecurityLevel0Required)
+        QSKIP("Testing with OpenSSL backend, but security level 0 is required for TLS v1.1 or earlier");
+
     QTest::addColumn<QString>("host");
     QTest::addColumn<int>("port");
 
@@ -1967,6 +1983,10 @@ void tst_QSslSocket::waitForConnectedEncryptedReadyRead()
     if (!QSslSocket::supportsSsl())
         return;
 
+    // Starting from OpenSSL v 3.1.1 deprecated protocol versions (we want to use here) are not available by default.
+    if (isSecurityLevel0Required)
+        QSKIP("Testing with OpenSSL backend, but security level 0 is required for TLS v1.1 or earlier");
+
     QSslSocketPtr socket = newSocket();
     this->socket = socket.data();
 
@@ -3113,6 +3133,10 @@ void tst_QSslSocket::encryptWithoutConnecting()
 
 void tst_QSslSocket::resume_data()
 {
+    // Starting from OpenSSL v 3.1.1 deprecated protocol versions (we want to use in 'resume' test) are not available by default.
+    if (isSecurityLevel0Required)
+        QSKIP("Testing with OpenSSL backend, but security level 0 is required for TLS v1.1 or earlier");
+
     QTest::addColumn<bool>("ignoreErrorsAfterPause");
     QTest::addColumn<QList<QSslError> >("errorsToIgnore");
     QTest::addColumn<bool>("expectSuccess");