Changeset View
Changeset View
Standalone View
Standalone View
tests/testsslsocketlinereader.cpp
Show All 16 Lines | |||||
17 | * You should have received a copy of the GNU General Public License | 17 | * You should have received a copy of the GNU General Public License | ||
18 | * along with this program. If not, see <http://www.gnu.org/licenses/>. | 18 | * along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
19 | */ | 19 | */ | ||
20 | 20 | | |||
21 | #include "../core/backends/lan/server.h" | 21 | #include "../core/backends/lan/server.h" | ||
22 | #include "../core/backends/lan/socketlinereader.h" | 22 | #include "../core/backends/lan/socketlinereader.h" | ||
23 | 23 | | |||
24 | #include <QSslKey> | 24 | #include <QSslKey> | ||
25 | #include <QtCrypto> | | |||
26 | #include <QTest> | 25 | #include <QTest> | ||
27 | #include <QTimer> | 26 | #include <QTimer> | ||
27 | #include <QTemporaryFile> | ||||
28 | #include <QProcess> | ||||
28 | 29 | | |||
29 | /* | 30 | /* | ||
30 | * This class tests the behaviour of socket line reader when the connection if over ssl. Since SSL takes part below application layer, | 31 | * This class tests the behaviour of socket line reader when the connection if over ssl. Since SSL takes part below application layer, | ||
31 | * working of SocketLineReader should be same. | 32 | * working of SocketLineReader should be same. | ||
32 | */ | 33 | */ | ||
33 | class TestSslSocketLineReader : public QObject | 34 | class TestSslSocketLineReader : public QObject | ||
34 | { | 35 | { | ||
35 | Q_OBJECT | 36 | Q_OBJECT | ||
Show All 10 Lines | 40 | private Q_SLOTS: | |||
46 | void testTrustedDevice(); | 47 | void testTrustedDevice(); | ||
47 | void testUntrustedDevice(); | 48 | void testUntrustedDevice(); | ||
48 | void testTrustedDeviceWithWrongCertificate(); | 49 | void testTrustedDeviceWithWrongCertificate(); | ||
49 | 50 | | |||
50 | 51 | | |||
51 | private: | 52 | private: | ||
52 | const int PORT = 7894; | 53 | const int PORT = 7894; | ||
53 | QTimer m_timer; | 54 | QTimer m_timer; | ||
54 | QCA::Initializer m_qcaInitializer; | | |||
55 | QEventLoop m_loop; | 55 | QEventLoop m_loop; | ||
56 | QList<QByteArray> m_packets; | 56 | QList<QByteArray> m_packets; | ||
57 | Server* m_server; | 57 | Server* m_server; | ||
58 | QSslSocket* m_clientSocket; | 58 | QSslSocket* m_clientSocket; | ||
59 | SocketLineReader* m_reader; | 59 | SocketLineReader* m_reader; | ||
60 | 60 | | |||
61 | private: | 61 | private: | ||
62 | void setSocketAttributes(QSslSocket* socket, QString deviceName); | 62 | void setSocketAttributes(QSslSocket* socket, QString deviceName); | ||
▲ Show 20 Lines • Show All 44 Lines • ▼ Show 20 Line(s) | 105 | while(!m_server->hasPendingConnections() && maxAttemps > 0) { | |||
107 | QTest::qSleep(1000); | 107 | QTest::qSleep(1000); | ||
108 | } | 108 | } | ||
109 | 109 | | |||
110 | QSslSocket* serverSocket = m_server->nextPendingConnection(); | 110 | QSslSocket* serverSocket = m_server->nextPendingConnection(); | ||
111 | 111 | | |||
112 | QVERIFY2(serverSocket != 0, "Null socket returned by server"); | 112 | QVERIFY2(serverSocket != 0, "Null socket returned by server"); | ||
113 | QVERIFY2(serverSocket->isOpen(), "Server socket already closed"); | 113 | QVERIFY2(serverSocket->isOpen(), "Server socket already closed"); | ||
114 | 114 | | |||
115 | setSocketAttributes(serverSocket, QStringLiteral("Test Server")); | 115 | setSocketAttributes(serverSocket, QStringLiteral("foo")); | ||
116 | setSocketAttributes(m_clientSocket, QStringLiteral("Test Client")); | 116 | setSocketAttributes(m_clientSocket, QStringLiteral("foo")); | ||
117 | 117 | | |||
118 | serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); | 118 | serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); | ||
119 | serverSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); | 119 | serverSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); | ||
120 | serverSocket->addCaCertificate(m_clientSocket->localCertificate()); | 120 | serverSocket->addCaCertificate(m_clientSocket->localCertificate()); | ||
121 | 121 | | |||
122 | m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); | 122 | m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); | ||
123 | m_clientSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); | 123 | m_clientSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); | ||
124 | m_clientSocket->addCaCertificate(serverSocket->localCertificate()); | 124 | m_clientSocket->addCaCertificate(serverSocket->localCertificate()); | ||
▲ Show 20 Lines • Show All 44 Lines • ▼ Show 20 Line(s) | 167 | while(!m_server->hasPendingConnections() && maxAttemps > 0) { | |||
169 | QTest::qSleep(1000); | 169 | QTest::qSleep(1000); | ||
170 | } | 170 | } | ||
171 | 171 | | |||
172 | QSslSocket* serverSocket = m_server->nextPendingConnection(); | 172 | QSslSocket* serverSocket = m_server->nextPendingConnection(); | ||
173 | 173 | | |||
174 | QVERIFY2(serverSocket != 0, "Null socket returned by server"); | 174 | QVERIFY2(serverSocket != 0, "Null socket returned by server"); | ||
175 | QVERIFY2(serverSocket->isOpen(), "Server socket already closed"); | 175 | QVERIFY2(serverSocket->isOpen(), "Server socket already closed"); | ||
176 | 176 | | |||
177 | setSocketAttributes(serverSocket, QStringLiteral("Test Server")); | 177 | setSocketAttributes(serverSocket, QStringLiteral("foo")); | ||
nicolasfella: ???? | |||||
178 | setSocketAttributes(m_clientSocket, QStringLiteral("Test Client")); | 178 | setSocketAttributes(m_clientSocket, QStringLiteral("foo")); | ||
179 | 179 | | |||
180 | serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); | 180 | serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); | ||
181 | serverSocket->setPeerVerifyMode(QSslSocket::QueryPeer); | 181 | serverSocket->setPeerVerifyMode(QSslSocket::QueryPeer); | ||
182 | 182 | | |||
183 | m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); | 183 | m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); | ||
184 | m_clientSocket->setPeerVerifyMode(QSslSocket::QueryPeer); | 184 | m_clientSocket->setPeerVerifyMode(QSslSocket::QueryPeer); | ||
185 | 185 | | |||
186 | connect(m_clientSocket, &QSslSocket::encrypted, &m_loop, &QEventLoop::quit); | 186 | connect(m_clientSocket, &QSslSocket::encrypted, &m_loop, &QEventLoop::quit); | ||
Show All 39 Lines | 225 | while(!m_server->hasPendingConnections() && maxAttemps > 0) { | |||
226 | --maxAttemps; | 226 | --maxAttemps; | ||
227 | QTest::qSleep(1000); | 227 | QTest::qSleep(1000); | ||
228 | } | 228 | } | ||
229 | 229 | | |||
230 | QSslSocket* serverSocket = m_server->nextPendingConnection(); | 230 | QSslSocket* serverSocket = m_server->nextPendingConnection(); | ||
231 | 231 | | |||
232 | QVERIFY2(serverSocket != 0, "Could not open a connection to the client"); | 232 | QVERIFY2(serverSocket != 0, "Could not open a connection to the client"); | ||
233 | 233 | | |||
234 | setSocketAttributes(serverSocket, QStringLiteral("Test Server")); | 234 | setSocketAttributes(serverSocket, QStringLiteral("foo")); | ||
235 | setSocketAttributes(m_clientSocket, QStringLiteral("Test Client")); | 235 | setSocketAttributes(m_clientSocket, QStringLiteral("foo")); | ||
236 | 236 | | |||
237 | // Not adding other device certificate to list of CA certificate, and using VerifyPeer. This should lead to handshake failure | 237 | // Not adding other device certificate to list of CA certificate, and using VerifyPeer. This should lead to handshake failure | ||
238 | serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); | 238 | serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); | ||
239 | serverSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); | 239 | serverSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); | ||
240 | 240 | | |||
241 | m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); | 241 | m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); | ||
242 | m_clientSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); | 242 | m_clientSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); | ||
243 | 243 | | |||
Show All 34 Lines | 271 | while(m_reader->bytesAvailable() > 0 && maxLoops > 0) { | |||
278 | if (m_packets.count() == 5) { | 278 | if (m_packets.count() == 5) { | ||
279 | m_loop.exit(); | 279 | m_loop.exit(); | ||
280 | } | 280 | } | ||
281 | } | 281 | } | ||
282 | } | 282 | } | ||
283 | 283 | | |||
284 | void TestSslSocketLineReader::setSocketAttributes(QSslSocket* socket, QString deviceName) { | 284 | void TestSslSocketLineReader::setSocketAttributes(QSslSocket* socket, QString deviceName) { | ||
285 | 285 | | |||
286 | QDateTime startTime = QDateTime::currentDateTime(); | 286 | QTemporaryFile cert; | ||
287 | QDateTime endTime = startTime.addYears(10); | 287 | cert.open(); | ||
pino: this can fail, needs error handling | |||||
288 | QCA::CertificateInfo certificateInfo; | 288 | QTemporaryFile priv; | ||
289 | certificateInfo.insert(QCA::CommonName,deviceName); | 289 | priv.open(); | ||
pino: this can fail, needs error handling | |||||
290 | certificateInfo.insert(QCA::Organization,QStringLiteral("KDE")); | | |||
291 | certificateInfo.insert(QCA::OrganizationalUnit,QStringLiteral("Kde connect")); | | |||
292 | | ||||
293 | QCA::CertificateOptions certificateOptions(QCA::PKCS10); | | |||
294 | certificateOptions.setSerialNumber(10); | | |||
295 | certificateOptions.setInfo(certificateInfo); | | |||
296 | certificateOptions.setValidityPeriod(startTime, endTime); | | |||
297 | certificateOptions.setFormat(QCA::PKCS10); | | |||
298 | 290 | | |||
299 | QCA::PrivateKey privKey = QCA::KeyGenerator().createRSA(2048); | 291 | QProcess::execute("openssl", QStringLiteral("req -new -x509 -sha256 -newkey rsa:2048 -nodes -keyout %1 -days 3650 -out %2 -subj /O=KDE/OU=KDEConnect/CN=%3").arg(priv.fileName(), cert.fileName(), deviceName).split(" ")); | ||
pino: - missing handling of the return value of the command (what if fails?)
- please do not split… | |||||
nicolasfella: break into a couple of lines. | |||||
300 | QSslCertificate certificate = QSslCertificate(QCA::Certificate(certificateOptions, privKey).toPEM().toLatin1()); | | |||
301 | 292 | | |||
302 | socket->setPrivateKey(QSslKey(privKey.toPEM().toLatin1(), QSsl::Rsa)); | 293 | QSslCertificate certificate = QSslCertificate::fromPath(cert.fileName()).at(0); | ||
if QSslCertificate::fromPath fails, the return is an empty list, and this will misbehave pino: if QSslCertificate::fromPath fails, the return is an empty list, and this will misbehave | |||||
294 | | ||||
295 | socket->setPrivateKey(priv.fileName()); | ||||
303 | socket->setLocalCertificate(certificate); | 296 | socket->setLocalCertificate(certificate); | ||
304 | 297 | | |||
305 | } | 298 | } | ||
306 | 299 | | |||
307 | QTEST_GUILESS_MAIN(TestSslSocketLineReader) | 300 | QTEST_GUILESS_MAIN(TestSslSocketLineReader) | ||
308 | 301 | | |||
309 | #include "testsslsocketlinereader.moc" | 302 | #include "testsslsocketlinereader.moc" | ||
310 | 303 | |
????