1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tst_qsslsocket: detect ALPN support (on server) using supportedFeatures()

Browse Source 
Pick-to: 6.2
Change-Id: I30409667395bbe568823b8697dded41067a8346c
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
This commit is contained in:
Timur Pocheptsov 2021-06-24 19:26:44 +02:00
parent 43a36dfd81
commit f7f2582c60
1 changed files with 4 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp
View File

@ -75,19 +75,6 @@ Q_DECLARE_METATYPE(QSsl::SslProtocol)
Q_DECLARE_METATYPE(QSslSocket::PeerVerifyMode); Q_DECLARE_METATYPE(QSslSocket::PeerVerifyMode);
typedef QSharedPointer<QSslSocket> QSslSocketPtr; typedef QSharedPointer<QSslSocket> QSslSocketPtr;
// Detect ALPN (Application-Layer Protocol Negotiation) support
// AUTOTESTTODO: fix the way we identify ALPN support, it now depends on
// what TLS backend we managed to load, not compile time macros.
#undef ALPN_SUPPORTED // Undef the variable first to be safe
#if defined(OPENSSL_VERSION_NUMBER) && !defined(OPENSSL_NO_TLSEXT)
#define ALPN_SUPPORTED 1
#endif
#if QT_CONFIG(schannel) && !defined(Q_CC_MINGW)
// TLSTODO: move this check into Schannel plugin.
#define ALPN_SUPPORTED 1
#endif
#if defined Q_OS_HPUX && defined Q_CC_GNU #if defined Q_OS_HPUX && defined Q_CC_GNU
// This error is delivered every time we try to use the fluke CA // This error is delivered every time we try to use the fluke CA
// certificate. For now we work around this bug. Task 202317. // certificate. For now we work around this bug. Task 202317.
@ -315,6 +302,7 @@ private:
bool isTestingSecureTransport = false; bool isTestingSecureTransport = false;
bool isTestingSchannel = false; bool isTestingSchannel = false;
QSslError::SslError flukeCertificateError = QSslError::CertificateUntrusted; QSslError::SslError flukeCertificateError = QSslError::CertificateUntrusted;
bool hasServerAlpn = false;
#endif // QT_CONFIG(ssl) #endif // QT_CONFIG(ssl)
private: private:
static int loopLevel; static int loopLevel;
@ -419,6 +407,7 @@ void tst_QSslSocket::initTestCase()
if (!testDataDir.endsWith(QLatin1String("/"))) if (!testDataDir.endsWith(QLatin1String("/")))
testDataDir += QLatin1String("/"); testDataDir += QLatin1String("/");
hasServerAlpn = QSslSocket::supportedFeatures().contains(QSsl::SupportedFeature::ServerSideAlpn);
// Several plugins (TLS-backends) can co-exist. QSslSocket would implicitly // Several plugins (TLS-backends) can co-exist. QSslSocket would implicitly
// select 'openssl' if available, and if not: 'securetransport' (Darwin) or // select 'openssl' if available, and if not: 'securetransport' (Darwin) or
// 'schannel' (Windows). Check what we actually have: // 'schannel' (Windows). Check what we actually have:
@ -3818,10 +3807,8 @@ void tst_QSslSocket::setEmptyDefaultConfiguration() // this test should be last,
void tst_QSslSocket::allowedProtocolNegotiation() void tst_QSslSocket::allowedProtocolNegotiation()
{ {
// TLSTODO: check feature Cleint/ServerSideAlpn supported insted! if (!hasServerAlpn)
#ifndef ALPN_SUPPORTED QSKIP("Server-side ALPN is unsupported, skipping test");
QSKIP("ALPN is unsupported, skipping test");
#endif
if (isTestingSchannel) { if (isTestingSchannel) {
// TODO: move this check into the plugin (not to report ALPN as supported). // TODO: move this check into the plugin (not to report ALPN as supported).