Differential D17790 Diff 49355 tests/testsslsocketlinereader.cpp

Changeset View

Standalone View

View Options

tests/testsslsocketlinereader.cpp

Show All 16 Lines
17 * You should have received a copy of the GNU General Public License 17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>. 18 * along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */ 19 */
20 20
21#include "../core/backends/lan/server.h" 21#include "../core/backends/lan/server.h"
22#include "../core/backends/lan/socketlinereader.h" 22#include "../core/backends/lan/socketlinereader.h"
23 23
24#include <QSslKey> 24#include <QSslKey>
25#include <QtCrypto>
26#include <QTest> 25#include <QTest>
27#include <QTimer> 26#include <QTimer>
27#include <QTemporaryFile>
28#include <QProcess>
28 29
29/* 30/*
30 * This class tests the behaviour of socket line reader when the connection if over ssl. Since SSL takes part below application layer, 31 * This class tests the behaviour of socket line reader when the connection if over ssl. Since SSL takes part below application layer,
31 * working of SocketLineReader should be same. 32 * working of SocketLineReader should be same.
32 */ 33 */
33class TestSslSocketLineReader : public QObject 34class TestSslSocketLineReader : public QObject
34{ 35{
35 Q_OBJECT 36 Q_OBJECT
Show All 10 Lines40private Q_SLOTS:
46 void testTrustedDevice(); 47 void testTrustedDevice();
47 void testUntrustedDevice(); 48 void testUntrustedDevice();
48 void testTrustedDeviceWithWrongCertificate(); 49 void testTrustedDeviceWithWrongCertificate();
49 50
50 51
51private: 52private:
52 const int PORT = 7894; 53 const int PORT = 7894;
53 QTimer m_timer; 54 QTimer m_timer;
54 QCA::Initializer m_qcaInitializer;
55 QEventLoop m_loop; 55 QEventLoop m_loop;
56 QList<QByteArray> m_packets; 56 QList<QByteArray> m_packets;
57 Server* m_server; 57 Server* m_server;
58 QSslSocket* m_clientSocket; 58 QSslSocket* m_clientSocket;
59 SocketLineReader* m_reader; 59 SocketLineReader* m_reader;
60 60
61private: 61private:
62 void setSocketAttributes(QSslSocket* socket, QString deviceName); 62 void setSocketAttributes(QSslSocket* socket, QString deviceName);
▲ Show 20 LinesShow All 44 Lines▼ Show 20 Line(s)105 while(!m_server->hasPendingConnections() && maxAttemps > 0) {
107 QTest::qSleep(1000); 107 QTest::qSleep(1000);
108 } 108 }
109 109
110 QSslSocket* serverSocket = m_server->nextPendingConnection(); 110 QSslSocket* serverSocket = m_server->nextPendingConnection();
111 111
112 QVERIFY2(serverSocket != 0, "Null socket returned by server"); 112 QVERIFY2(serverSocket != 0, "Null socket returned by server");
113 QVERIFY2(serverSocket->isOpen(), "Server socket already closed"); 113 QVERIFY2(serverSocket->isOpen(), "Server socket already closed");
114 114
115 setSocketAttributes(serverSocket, QStringLiteral("Test Server")); 115 setSocketAttributes(serverSocket, QStringLiteral("foo"));
116 setSocketAttributes(m_clientSocket, QStringLiteral("Test Client")); 116 setSocketAttributes(m_clientSocket, QStringLiteral("foo"));
117 117
118 serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); 118 serverSocket->setPeerVerifyName(QStringLiteral("Test Client"));
119 serverSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); 119 serverSocket->setPeerVerifyMode(QSslSocket::VerifyPeer);
120 serverSocket->addCaCertificate(m_clientSocket->localCertificate()); 120 serverSocket->addCaCertificate(m_clientSocket->localCertificate());
121 121
122 m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); 122 m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server"));
123 m_clientSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); 123 m_clientSocket->setPeerVerifyMode(QSslSocket::VerifyPeer);
124 m_clientSocket->addCaCertificate(serverSocket->localCertificate()); 124 m_clientSocket->addCaCertificate(serverSocket->localCertificate());
▲ Show 20 LinesShow All 44 Lines▼ Show 20 Line(s)167 while(!m_server->hasPendingConnections() && maxAttemps > 0) {
169 QTest::qSleep(1000); 169 QTest::qSleep(1000);
170 } 170 }
171 171
172 QSslSocket* serverSocket = m_server->nextPendingConnection(); 172 QSslSocket* serverSocket = m_server->nextPendingConnection();
173 173
174 QVERIFY2(serverSocket != 0, "Null socket returned by server"); 174 QVERIFY2(serverSocket != 0, "Null socket returned by server");
175 QVERIFY2(serverSocket->isOpen(), "Server socket already closed"); 175 QVERIFY2(serverSocket->isOpen(), "Server socket already closed");
176 176
177 setSocketAttributes(serverSocket, QStringLiteral("Test Server")); 177 setSocketAttributes(serverSocket, QStringLiteral("foo"));
nicolasfellaAuthorUnsubmitted
Not Done

????

nicolasfella: ????
178 setSocketAttributes(m_clientSocket, QStringLiteral("Test Client")); 178 setSocketAttributes(m_clientSocket, QStringLiteral("foo"));
179 179
180 serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); 180 serverSocket->setPeerVerifyName(QStringLiteral("Test Client"));
181 serverSocket->setPeerVerifyMode(QSslSocket::QueryPeer); 181 serverSocket->setPeerVerifyMode(QSslSocket::QueryPeer);
182 182
183 m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); 183 m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server"));
184 m_clientSocket->setPeerVerifyMode(QSslSocket::QueryPeer); 184 m_clientSocket->setPeerVerifyMode(QSslSocket::QueryPeer);
185 185
186 connect(m_clientSocket, &QSslSocket::encrypted, &m_loop, &QEventLoop::quit); 186 connect(m_clientSocket, &QSslSocket::encrypted, &m_loop, &QEventLoop::quit);
Show All 39 Lines225 while(!m_server->hasPendingConnections() && maxAttemps > 0) {
226 --maxAttemps; 226 --maxAttemps;
227 QTest::qSleep(1000); 227 QTest::qSleep(1000);
228 } 228 }
229 229
230 QSslSocket* serverSocket = m_server->nextPendingConnection(); 230 QSslSocket* serverSocket = m_server->nextPendingConnection();
231 231
232 QVERIFY2(serverSocket != 0, "Could not open a connection to the client"); 232 QVERIFY2(serverSocket != 0, "Could not open a connection to the client");
233 233
234 setSocketAttributes(serverSocket, QStringLiteral("Test Server")); 234 setSocketAttributes(serverSocket, QStringLiteral("foo"));
235 setSocketAttributes(m_clientSocket, QStringLiteral("Test Client")); 235 setSocketAttributes(m_clientSocket, QStringLiteral("foo"));
236 236
237 // Not adding other device certificate to list of CA certificate, and using VerifyPeer. This should lead to handshake failure 237 // Not adding other device certificate to list of CA certificate, and using VerifyPeer. This should lead to handshake failure
238 serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); 238 serverSocket->setPeerVerifyName(QStringLiteral("Test Client"));
239 serverSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); 239 serverSocket->setPeerVerifyMode(QSslSocket::VerifyPeer);
240 240
241 m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); 241 m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server"));
242 m_clientSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); 242 m_clientSocket->setPeerVerifyMode(QSslSocket::VerifyPeer);
243 243
Show All 34 Lines271 while(m_reader->bytesAvailable() > 0 && maxLoops > 0) {
278 if (m_packets.count() == 5) { 278 if (m_packets.count() == 5) {
279 m_loop.exit(); 279 m_loop.exit();
280 } 280 }
281 } 281 }
282} 282}
283 283
284void TestSslSocketLineReader::setSocketAttributes(QSslSocket* socket, QString deviceName) { 284void TestSslSocketLineReader::setSocketAttributes(QSslSocket* socket, QString deviceName) {
285 285
286 QDateTime startTime = QDateTime::currentDateTime(); 286 QTemporaryFile cert;
287 QDateTime endTime = startTime.addYears(10); 287 cert.open();
pinoUnsubmitted
Not Done

this can fail, needs error handling

pino: this can fail, needs error handling
288 QCA::CertificateInfo certificateInfo; 288 QTemporaryFile priv;
289 certificateInfo.insert(QCA::CommonName,deviceName); 289 priv.open();
pinoUnsubmitted
Not Done

this can fail, needs error handling

pino: this can fail, needs error handling
290 certificateInfo.insert(QCA::Organization,QStringLiteral("KDE"));
291 certificateInfo.insert(QCA::OrganizationalUnit,QStringLiteral("Kde connect"));
292
293 QCA::CertificateOptions certificateOptions(QCA::PKCS10);
294 certificateOptions.setSerialNumber(10);
295 certificateOptions.setInfo(certificateInfo);
296 certificateOptions.setValidityPeriod(startTime, endTime);
297 certificateOptions.setFormat(QCA::PKCS10);
298 290
299 QCA::PrivateKey privKey = QCA::KeyGenerator().createRSA(2048); 291 QProcess::execute("openssl", QStringLiteral("req -new -x509 -sha256 -newkey rsa:2048 -nodes -keyout %1 -days 3650 -out %2 -subj /O=KDE/OU=KDEConnect/CN=%3").arg(priv.fileName(), cert.fileName(), deviceName).split(" "));
pinoUnsubmitted
Not Done
  • missing handling of the return value of the command (what if fails?)
  • please do not split the arguments from a single string, but directly build a string list with the arguments (in case the paths contain spaces, for example)
pino: - missing handling of the return value of the command (what if fails?) - please do not split…
nicolasfellaAuthorUnsubmitted
Not Done

break into a couple of lines.

nicolasfella: break into a couple of lines.
300 QSslCertificate certificate = QSslCertificate(QCA::Certificate(certificateOptions, privKey).toPEM().toLatin1());
301 292
302 socket->setPrivateKey(QSslKey(privKey.toPEM().toLatin1(), QSsl::Rsa)); 293 QSslCertificate certificate = QSslCertificate::fromPath(cert.fileName()).at(0);
pinoUnsubmitted
Not Done

if QSslCertificate::fromPath fails, the return is an empty list, and this will misbehave

pino: if QSslCertificate::fromPath fails, the return is an empty list, and this will misbehave
294
295 socket->setPrivateKey(priv.fileName());
303 socket->setLocalCertificate(certificate); 296 socket->setLocalCertificate(certificate);
304 297
305} 298}
306 299
307QTEST_GUILESS_MAIN(TestSslSocketLineReader) 300QTEST_GUILESS_MAIN(TestSslSocketLineReader)
308 301
309#include "testsslsocketlinereader.moc" 302#include "testsslsocketlinereader.moc"
310 303