From 503a1353dcf23f8a5fcb8a2c79d55f707e75cf33 Mon Sep 17 00:00:00 2001 From: Aleksey Lysenko Date: Fri, 16 Dec 2016 15:57:26 +0200 Subject: Fixed wrong scheme for secure websocket Websocket server always constructed QWebSocketHandshakeRequest like for non-secure socket without checking SecureMode. This led to the fact that secure socket had "ws" scheme. Task-number: QTBUG-55927 Change-Id: I881766f55182136072fd23f3fefe93ea60f3d27d Reviewed-by: Timur Pocheptsov --- .../qwebsocketserver/qwebsocketserver.pro | 2 + .../qwebsocketserver/tst_qwebsocketserver.cpp | 56 ++++++++++++++++++++++ tests/auto/websockets/shared/localhost.cert | 18 +++++++ tests/auto/websockets/shared/localhost.key | 27 +++++++++++ tests/auto/websockets/shared/qwebsocketshared.qrc | 6 +++ 5 files changed, 109 insertions(+) create mode 100644 tests/auto/websockets/shared/localhost.cert create mode 100644 tests/auto/websockets/shared/localhost.key create mode 100644 tests/auto/websockets/shared/qwebsocketshared.qrc (limited to 'tests/auto') diff --git a/tests/auto/websockets/qwebsocketserver/qwebsocketserver.pro b/tests/auto/websockets/qwebsocketserver/qwebsocketserver.pro index adba325..e166f50 100644 --- a/tests/auto/websockets/qwebsocketserver/qwebsocketserver.pro +++ b/tests/auto/websockets/qwebsocketserver/qwebsocketserver.pro @@ -10,3 +10,5 @@ TEMPLATE = app SOURCES += tst_qwebsocketserver.cpp +RESOURCES += $$PWD/../shared/qwebsocketshared.qrc + diff --git a/tests/auto/websockets/qwebsocketserver/tst_qwebsocketserver.cpp b/tests/auto/websockets/qwebsocketserver/tst_qwebsocketserver.cpp index 699939f..7f2bfa4 100644 --- a/tests/auto/websockets/qwebsocketserver/tst_qwebsocketserver.cpp +++ b/tests/auto/websockets/qwebsocketserver/tst_qwebsocketserver.cpp @@ -32,6 +32,9 @@ #include #include #endif +#ifndef QT_NO_SSL +#include +#endif #include #include #include @@ -106,6 +109,7 @@ private Q_SLOTS: void tst_preSharedKey(); void tst_maxPendingConnections(); void tst_serverDestroyedWhileSocketConnected(); + void tst_scheme(); // qtbug-55927 }; tst_QWebSocketServer::tst_QWebSocketServer() @@ -507,6 +511,58 @@ void tst_QWebSocketServer::tst_serverDestroyedWhileSocketConnected() QCOMPARE(socketDisconnectedSpy.count(), 1); } +void tst_QWebSocketServer::tst_scheme() +{ + QWebSocketServer plainServer(QString(), QWebSocketServer::NonSecureMode); + QSignalSpy plainServerConnectionSpy(&plainServer, SIGNAL(newConnection())); + + QVERIFY(plainServer.listen()); + + QWebSocket plainSocket; + plainSocket.open(plainServer.serverUrl().toString()); + + if (plainServerConnectionSpy.count() == 0) + QVERIFY(plainServerConnectionSpy.wait()); + QScopedPointer plainServerSocket(plainServer.nextPendingConnection()); + QVERIFY(!plainServerSocket.isNull()); + QCOMPARE(plainServerSocket->requestUrl().scheme(), QStringLiteral("ws")); + plainServer.close(); + +#ifndef QT_NO_SSL + QWebSocketServer secureServer(QString(), QWebSocketServer::SecureMode); + QSslConfiguration sslConfiguration; + QFile certFile(QStringLiteral(":/localhost.cert")); + QFile keyFile(QStringLiteral(":/localhost.key")); + QVERIFY(certFile.open(QIODevice::ReadOnly)); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); + QSslCertificate certificate(&certFile, QSsl::Pem); + QSslKey sslKey(&keyFile, QSsl::Rsa, QSsl::Pem); + certFile.close(); + keyFile.close(); + sslConfiguration.setPeerVerifyMode(QSslSocket::VerifyNone); + sslConfiguration.setLocalCertificate(certificate); + sslConfiguration.setPrivateKey(sslKey); + sslConfiguration.setProtocol(QSsl::TlsV1SslV3); + secureServer.setSslConfiguration(sslConfiguration); + QSignalSpy secureServerConnectionSpy(&secureServer, SIGNAL(newConnection())); + + QVERIFY(secureServer.listen()); + + QWebSocket secureSocket; + typedef void (QWebSocket::* ignoreSslErrorsSlot)(); + connect(&secureSocket, &QWebSocket::sslErrors, + &secureSocket, static_cast(&QWebSocket::ignoreSslErrors)); + secureSocket.open(secureServer.serverUrl().toString()); + + if (secureServerConnectionSpy.count() == 0) + QVERIFY(secureServerConnectionSpy.wait()); + QScopedPointer secureServerSocket(secureServer.nextPendingConnection()); + QVERIFY(!secureServerSocket.isNull()); + QCOMPARE(secureServerSocket->requestUrl().scheme(), QStringLiteral("wss")); + secureServer.close(); +#endif +} + QTEST_MAIN(tst_QWebSocketServer) #include "tst_qwebsocketserver.moc" diff --git a/tests/auto/websockets/shared/localhost.cert b/tests/auto/websockets/shared/localhost.cert new file mode 100644 index 0000000..7aa33a1 --- /dev/null +++ b/tests/auto/websockets/shared/localhost.cert @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+zCCAeOgAwIBAgIJAP26rumH9qOkMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV +BAMMCWxvY2FsaG9zdDAeFw0xMzExMDYxNjU4NTRaFw0yMzExMDQxNjU4NTRaMBQx +EjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBALgagHqEqWr4WH+MFBQE+BWZri5UUn/QPORN2pUB1lWMzeDCM5YMc/D1dhUG +7zg5I9QO5Ut1YcoVO25OAseddgVaIFXPNyEG2nUTz53xx3pyqp3WtQkYCRAQzI8K +IFIzBSD+nJNl+8gBld7Fe+4d8bFCwfXspQBJ2RY8SQ6tjRFVKHN7haLsD+WV3AFg +siWkCxeXxVLNI69cuLwV7bEsv6U1N1yNROvRpu4yJcaNnu36kJFbORPhNfy6qJGX +i0A30dYdMoLhtCN3Qf/XwGyS84Rs2XXduNlBdUgbpluY2r2x3Gz32hIwsHHcPzX6 +O9nwVPQ8k29lfC8yPmAWA9vPiBUCAwEAAaNQME4wHQYDVR0OBBYEFJZESCN01tY3 +MgXxmqiUBNPxsgiKMB8GA1UdIwQYMBaAFJZESCN01tY3MgXxmqiUBNPxsgiKMAwG +A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHylCJYED9PqLB9FE4A0CRfy +BdxIqOK+UExxxkU1DeN7kM4U2+E0G85nqBLOL34BDj8LDKJH9WC7L9jMV8T3Upbg ++RrTGiIcyjsL18L2KWeOia1R6VVAQcZrqoWv+QXyVvIi8IpTOE074C6+Vzx6XYMe +CpW4jcdfmn39oVeMXxz9+8wD7CWeCT+SMj8tt+OB1XjQwdEG03vb6ArtnuJT77VI +3I090OtKksBE5hy1H9N2E3wxhFTxC+DI5sc7Bj87v3blL4Z3DvRUEHwQHcDccQ0D +ERUEcSyn1YGSlDVbVf3CzH4WXxddUBmaSHf4JTuAMy0C0A6IWuMP+rVVvVMIXNM= +-----END CERTIFICATE----- diff --git a/tests/auto/websockets/shared/localhost.key b/tests/auto/websockets/shared/localhost.key new file mode 100644 index 0000000..dcc262c --- /dev/null +++ b/tests/auto/websockets/shared/localhost.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAuBqAeoSpavhYf4wUFAT4FZmuLlRSf9A85E3alQHWVYzN4MIz +lgxz8PV2FQbvODkj1A7lS3VhyhU7bk4Cx512BVogVc83IQbadRPPnfHHenKqnda1 +CRgJEBDMjwogUjMFIP6ck2X7yAGV3sV77h3xsULB9eylAEnZFjxJDq2NEVUoc3uF +ouwP5ZXcAWCyJaQLF5fFUs0jr1y4vBXtsSy/pTU3XI1E69Gm7jIlxo2e7fqQkVs5 +E+E1/LqokZeLQDfR1h0yguG0I3dB/9fAbJLzhGzZdd242UF1SBumW5javbHcbPfa +EjCwcdw/Nfo72fBU9DyTb2V8LzI+YBYD28+IFQIDAQABAoIBADADmWZamuSvCEWb +ftEJyrm3btneW/XBlV/lfhBGfmOpaTgo7dNARCyfl8A8Ir+DB3kSuXJIlsxhZTKL +XeY5hsI2kyBN/o66ftbx57/FgsTIiv7HNEe+4P4zo2Xaujs12yyTuromatfqse97 +iaq8XIBibLt6kD3XBKrr5hHR6WyPW9F7sM91e/1OGTXBt9URvnnHqcimJ8Wvto5p +SMFlud8JXMmARhWaIfqQIcNYmNEHea0LfOZVerTOPE7IZd5coM91mr71lzoxs9Ik +bRMbqgyAMXEJV3ynEH2LjjJZo1bVb8Va45QqqOQ4FtL46n1Z+EVUXyhCHGepwyOv +uAru0wECgYEA3CnM252417At+N9Zq4KtBJ8tIEXKqvK1Bl5aZSqaJClywjCttR2l +lRAlIRAmqHCQuxLDDfLfiJh6xgZsjr4MhksuyKc7DKssfWW+XCd+5GaaMoMvJXhs +caJdhNSHzpnLPi++tJBYHwHa354D5PJ3eItzLkmuVyhmc3plNbkBGLECgYEA1hIX +mA9KadVG9VkaDci+xo1p0ACb5ccHAvmA8+fzb0H09yKw5bCSpNGeHj4Qv5ZFqsUm +96NWYEB38ezupWqWMFd9zr1kD2s3r6Kpq1TS6xuDPapyiXaKpcH1ys7IWZkinCkN +oxhPHcQbFu9/CN2zIVFKvF5P98Rh0+wO7fgL/qUCgYAyleAd7cVUuYQ2lIrz31iF +oVUq/x4r3Qw+5Fr8t6cm++cEO08OODudXlJJoH5hYUu/z/XFNLKrne1Hpp42xe/2 +wzuCmvn0VTgpr8DnR6PeMrznMkEY6Oxxx46ZQIPbsnaCWVIGBsxYg4KYsqPObO+K +YPAcCI3oNL4ldk/e4h0gYQKBgHm+4FxClfeKrEhs3DxqptUVJ9B8CC2t+3bdn1EX +4YKs6DyFJkX7HetOq7ZXZf8P3583cOn1ovIquAyGy1KYQ8JKf+pMG9QJDip9QDGI +lEvR4dn4ThuPp1qN7NPitl7+kIhvcKoI8TXkieOJYZ4ROAcCzJZErQYkUd7MqdD8 ++RVhAoGAcWC9HRDhxjs4shaBlYi8Lfp3dV4f/4UgYosdFAZ26atwHz+sCLHwwg1j +6t5Zxy9oEB89S5v5hkgO8//JmopvISSokdvocASMdKE+OmS3JfBmhQK9qVBW/vv/ +ut2bhPjEzIJyNFKX3xnGI8PREcR2eY+WLhIZ5KiR61tGpktJ4bg= +-----END RSA PRIVATE KEY----- diff --git a/tests/auto/websockets/shared/qwebsocketshared.qrc b/tests/auto/websockets/shared/qwebsocketshared.qrc new file mode 100644 index 0000000..513a87f --- /dev/null +++ b/tests/auto/websockets/shared/qwebsocketshared.qrc @@ -0,0 +1,6 @@ + + + localhost.cert + localhost.key + + -- cgit v1.2.1