Changeset View
Changeset View
Standalone View
Standalone View
tests/testsslsocketlinereader.cpp
Show All 16 Lines | |||||
17 | * You should have received a copy of the GNU General Public License | 17 | * You should have received a copy of the GNU General Public License | ||
18 | * along with this program. If not, see <https://www.gnu.org/licenses/>. | 18 | * along with this program. If not, see <https://www.gnu.org/licenses/>. | ||
19 | */ | 19 | */ | ||
20 | 20 | | |||
21 | #include "../core/backends/lan/server.h" | 21 | #include "../core/backends/lan/server.h" | ||
22 | #include "../core/backends/lan/socketlinereader.h" | 22 | #include "../core/backends/lan/socketlinereader.h" | ||
23 | 23 | | |||
24 | #include <QSslKey> | 24 | #include <QSslKey> | ||
25 | #include <QtCrypto> | | |||
26 | #include <QTest> | 25 | #include <QTest> | ||
27 | #include <QTimer> | 26 | #include <QTimer> | ||
28 | #include <QSignalSpy> | 27 | #include <QSignalSpy> | ||
28 | #include <QTemporaryFile> | ||||
29 | #include <QProcess> | ||||
29 | 30 | | |||
30 | /* | 31 | /* | ||
31 | * This class tests the behaviour of socket line reader when the connection if over ssl. Since SSL takes part below application layer, | 32 | * This class tests the behaviour of socket line reader when the connection if over ssl. Since SSL takes part below application layer, | ||
32 | * working of SocketLineReader should be same. | 33 | * working of SocketLineReader should be same. | ||
33 | */ | 34 | */ | ||
34 | class TestSslSocketLineReader : public QObject | 35 | class TestSslSocketLineReader : public QObject | ||
35 | { | 36 | { | ||
36 | Q_OBJECT | 37 | Q_OBJECT | ||
Show All 12 Lines | 42 | private Q_SLOTS: | |||
49 | void testUntrustedDevice(); | 50 | void testUntrustedDevice(); | ||
50 | void testTrustedDeviceWithWrongCertificate(); | 51 | void testTrustedDeviceWithWrongCertificate(); | ||
51 | 52 | | |||
52 | 53 | | |||
53 | private: | 54 | private: | ||
54 | const int PORT = 7894; | 55 | const int PORT = 7894; | ||
55 | const int TIMEOUT = 4 * 1000; | 56 | const int TIMEOUT = 4 * 1000; | ||
56 | QTimer m_timer; | 57 | QTimer m_timer; | ||
57 | QCA::Initializer m_qcaInitializer; | | |||
58 | QEventLoop m_loop; | 58 | QEventLoop m_loop; | ||
59 | QList<QByteArray> m_packets; | 59 | QList<QByteArray> m_packets; | ||
60 | Server* m_server; | 60 | Server* m_server; | ||
61 | QSslSocket* m_clientSocket; | 61 | QSslSocket* m_clientSocket; | ||
62 | SocketLineReader* m_reader; | 62 | SocketLineReader* m_reader; | ||
63 | 63 | | |||
64 | private: | 64 | private: | ||
65 | void setSocketAttributes(QSslSocket* socket, QString deviceName); | 65 | void setSocketAttributes(QSslSocket* socket, QString deviceName); | ||
▲ Show 20 Lines • Show All 130 Lines • ▼ Show 20 Line(s) | 188 | { | |||
196 | QSslSocket* serverSocket = m_server->nextPendingConnection(); | 196 | QSslSocket* serverSocket = m_server->nextPendingConnection(); | ||
197 | 197 | | |||
198 | QSignalSpy serverEncryptedSpy(serverSocket, SIGNAL(encrypted())); | 198 | QSignalSpy serverEncryptedSpy(serverSocket, SIGNAL(encrypted())); | ||
199 | 199 | | |||
200 | QVERIFY2(serverSocket != 0, "Null socket returned by server"); | 200 | QVERIFY2(serverSocket != 0, "Null socket returned by server"); | ||
201 | QVERIFY2(serverSocket->isOpen(), "Server socket already closed"); | 201 | QVERIFY2(serverSocket->isOpen(), "Server socket already closed"); | ||
202 | 202 | | |||
203 | setSocketAttributes(serverSocket, QStringLiteral("Test Server")); | 203 | setSocketAttributes(serverSocket, QStringLiteral("Test Server")); | ||
204 | setSocketAttributes(m_clientSocket, QStringLiteral("Test Client")); | 204 | setSocketAttributes(m_clientSocket, QStringLiteral("Test Client")); | ||
nicolasfella: ???? | |||||
205 | 205 | | |||
206 | serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); | 206 | serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); | ||
207 | serverSocket->setPeerVerifyMode(QSslSocket::QueryPeer); | 207 | serverSocket->setPeerVerifyMode(QSslSocket::QueryPeer); | ||
208 | 208 | | |||
209 | m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); | 209 | m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); | ||
210 | m_clientSocket->setPeerVerifyMode(QSslSocket::QueryPeer); | 210 | m_clientSocket->setPeerVerifyMode(QSslSocket::QueryPeer); | ||
211 | 211 | | |||
212 | int connected_sockets = 0; | 212 | int connected_sockets = 0; | ||
▲ Show 20 Lines • Show All 66 Lines • ▼ Show 20 Line(s) | 266 | { | |||
279 | setSocketAttributes(m_clientSocket, QStringLiteral("Test Client")); | 279 | setSocketAttributes(m_clientSocket, QStringLiteral("Test Client")); | ||
280 | 280 | | |||
281 | // Not adding other device certificate to list of CA certificate, and using VerifyPeer. This should lead to handshake failure | 281 | // Not adding other device certificate to list of CA certificate, and using VerifyPeer. This should lead to handshake failure | ||
282 | serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); | 282 | serverSocket->setPeerVerifyName(QStringLiteral("Test Client")); | ||
283 | serverSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); | 283 | serverSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); | ||
284 | 284 | | |||
285 | m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); | 285 | m_clientSocket->setPeerVerifyName(QStringLiteral("Test Server")); | ||
286 | m_clientSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); | 286 | m_clientSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); | ||
287 | 287 | | |||
pino: this can fail, needs error handling | |||||
288 | connect(serverSocket, &QSslSocket::encrypted, &m_loop, &QEventLoop::quit); // Encrypted signal should never be emitted | 288 | connect(serverSocket, &QSslSocket::encrypted, &m_loop, &QEventLoop::quit); // Encrypted signal should never be emitted | ||
289 | connect(m_clientSocket, &QSslSocket::encrypted, &m_loop, &QEventLoop::quit); // Encrypted signal should never be emitted | 289 | connect(m_clientSocket, &QSslSocket::encrypted, &m_loop, &QEventLoop::quit); // Encrypted signal should never be emitted | ||
pino: this can fail, needs error handling | |||||
290 | connect(serverSocket, &QAbstractSocket::disconnected, &m_loop, &QEventLoop::quit); | 290 | connect(serverSocket, &QAbstractSocket::disconnected, &m_loop, &QEventLoop::quit); | ||
291 | connect(m_clientSocket, &QAbstractSocket::disconnected, &m_loop, &QEventLoop::quit); | 291 | connect(m_clientSocket, &QAbstractSocket::disconnected, &m_loop, &QEventLoop::quit); | ||
pino: - missing handling of the return value of the command (what if fails?)
- please do not split… | |||||
292 | 292 | | |||
293 | serverSocket->startServerEncryption(); | 293 | serverSocket->startServerEncryption(); | ||
if QSslCertificate::fromPath fails, the return is an empty list, and this will misbehave pino: if QSslCertificate::fromPath fails, the return is an empty list, and this will misbehave | |||||
294 | m_clientSocket->startClientEncryption(); | 294 | m_clientSocket->startClientEncryption(); | ||
295 | m_loop.exec(); | 295 | m_loop.exec(); | ||
296 | 296 | | |||
297 | QVERIFY2(!serverSocket->isEncrypted(), "Server is encrypted, it should not"); | 297 | QVERIFY2(!serverSocket->isEncrypted(), "Server is encrypted, it should not"); | ||
298 | QVERIFY2(!m_clientSocket->isEncrypted(), "lient is encrypted, it should now"); | 298 | QVERIFY2(!m_clientSocket->isEncrypted(), "lient is encrypted, it should now"); | ||
299 | 299 | | |||
300 | if (serverSocket->state() != QAbstractSocket::UnconnectedState) m_loop.exec(); // Wait until serverSocket is disconnected, It should be in disconnected state | 300 | if (serverSocket->state() != QAbstractSocket::UnconnectedState) m_loop.exec(); // Wait until serverSocket is disconnected, It should be in disconnected state | ||
301 | if (m_clientSocket->state() != QAbstractSocket::UnconnectedState) m_loop.exec(); // Wait until mClientSocket is disconnected, It should be in disconnected state | 301 | if (m_clientSocket->state() != QAbstractSocket::UnconnectedState) m_loop.exec(); // Wait until mClientSocket is disconnected, It should be in disconnected state | ||
Show All 26 Lines | |||||
328 | void TestSslSocketLineReader::testTimeout() | 328 | void TestSslSocketLineReader::testTimeout() | ||
329 | { | 329 | { | ||
330 | m_loop.exit(-1); | 330 | m_loop.exit(-1); | ||
331 | QFAIL("Test Timed Out"); | 331 | QFAIL("Test Timed Out"); | ||
332 | } | 332 | } | ||
333 | 333 | | |||
334 | void TestSslSocketLineReader::setSocketAttributes(QSslSocket* socket, QString deviceName) { | 334 | void TestSslSocketLineReader::setSocketAttributes(QSslSocket* socket, QString deviceName) { | ||
335 | 335 | | |||
336 | QDateTime startTime = QDateTime::currentDateTime(); | 336 | QTemporaryFile cert; | ||
337 | QDateTime endTime = startTime.addYears(10); | 337 | cert.open(); | ||
338 | QCA::CertificateInfo certificateInfo; | 338 | QTemporaryFile priv; | ||
339 | certificateInfo.insert(QCA::CommonName,deviceName); | 339 | priv.open(); | ||
340 | certificateInfo.insert(QCA::Organization,QStringLiteral("KDE")); | 340 | | ||
341 | certificateInfo.insert(QCA::OrganizationalUnit,QStringLiteral("Kde connect")); | 341 | QProcess::execute(QStringLiteral("openssl"), {QStringLiteral("req"), QStringLiteral("-new"), QStringLiteral("-x509"), QStringLiteral("-sha256"), QStringLiteral("-newkey"), | ||
342 | 342 | QStringLiteral("rsa:2048"), QStringLiteral("-nodes"), QStringLiteral("-keyout"), priv.fileName(), QStringLiteral("-days"), | |||
343 | QCA::CertificateOptions certificateOptions(QCA::PKCS10); | 343 | QStringLiteral("3650"), QStringLiteral("-out"), cert.fileName(), QStringLiteral("-subj"), QStringLiteral("/O=KDE/OU=KDEConnect/CN=%1").arg(deviceName)}); | ||
344 | certificateOptions.setSerialNumber(10); | 344 | QSslCertificate certificate = QSslCertificate::fromPath(cert.fileName()).at(0); | ||
nicolasfella: break into a couple of lines. | |||||
345 | certificateOptions.setInfo(certificateInfo); | | |||
346 | certificateOptions.setValidityPeriod(startTime, endTime); | | |||
347 | certificateOptions.setFormat(QCA::PKCS10); | | |||
348 | 345 | | |||
349 | QCA::PrivateKey privKey = QCA::KeyGenerator().createRSA(2048); | 346 | socket->setPrivateKey(priv.fileName()); | ||
350 | QSslCertificate certificate = QSslCertificate(QCA::Certificate(certificateOptions, privKey).toPEM().toLatin1()); | | |||
351 | | ||||
352 | socket->setPrivateKey(QSslKey(privKey.toPEM().toLatin1(), QSsl::Rsa)); | | |||
353 | socket->setLocalCertificate(certificate); | 347 | socket->setLocalCertificate(certificate); | ||
354 | 348 | | |||
355 | } | 349 | } | ||
356 | 350 | | |||
357 | QTEST_GUILESS_MAIN(TestSslSocketLineReader) | 351 | QTEST_GUILESS_MAIN(TestSslSocketLineReader) | ||
358 | 352 | | |||
359 | #include "testsslsocketlinereader.moc" | 353 | #include "testsslsocketlinereader.moc" | ||
360 | 354 | |
????