From e25f619663f7aea07d1df53a31012d4c507375dc Mon Sep 17 00:00:00 2001
From: Volker Hilsheimer <volker.hilsheimer@qt.io>
Date: Tue, 9 Jul 2024 13:42:43 +0200
Subject: [PATCH] HTTP2: use temporary keychain in the abortOnEncrypted test
 function

On macOS with secure transport, set QT_SSL_USE_TEMPORARY_KEYCHAIN
environment variable to avoid the permission UI, which fails the test.

Amends b1e75376cc3adfc7da5502a277dfe9711f3e0536, and makes the test pass
reliably on a local machine.

Pick-to: 6.7 6.5 6.2 5.15 5.12
Change-Id: Id70ceaecfa523d5183236464fe6cfaf4cdbadf4a
Reviewed-by: Marc Mutz <marc.mutz@qt.io>
(cherry picked from commit 14a61026216d20eb3a2893420b7d51374e820b44)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
---
 tests/auto/network/access/http2/tst_http2.cpp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/tests/auto/network/access/http2/tst_http2.cpp b/tests/auto/network/access/http2/tst_http2.cpp
index 17cb62ac246..9e1feede1b7 100644
--- a/tests/auto/network/access/http2/tst_http2.cpp
+++ b/tests/auto/network/access/http2/tst_http2.cpp
@@ -1552,6 +1552,19 @@ void tst_Http2::abortOnEncrypted()
 #if !QT_CONFIG(ssl)
     QSKIP("TLS support is needed for this test");
 #else
+
+#if QT_CONFIG(securetransport)
+    // Normally on macOS we use plain text only for SecureTransport
+    // does not support ALPN on the server side. With 'direct encrytped'
+    // we have to use TLS sockets (== private key) and thus suppress a
+    // keychain UI asking for permission to use a private key.
+    // Our CI has this, but somebody testing locally - will have a problem.
+    qputenv("QT_SSL_USE_TEMPORARY_KEYCHAIN", "1");
+    auto envRollback = qScopeGuard([](){
+        qunsetenv("QT_SSL_USE_TEMPORARY_KEYCHAIN");
+    });
+#endif
+
     clearHTTP2State();
     serverPort = 0;