From fbfc0ab8d878cab99a27cbe36d2d4a353da3f256 Mon Sep 17 00:00:00 2001 From: Timur Pocheptsov Date: Wed, 23 Oct 2024 12:53:35 +0200 Subject: [PATCH] tst_qhttpserver: do not block the test with keychain access dialog Our approach with a temporary keychain stopped working on macOS 15, where we fortunately have a new option when importing a PKCS12 blob. But it is possible to build using SDK 14 and then run on macOS 15, where our trick would fail. In this case, skip the test/SSL usage. Task-number: QTBUG-130500 Pick-to: 6.8 Change-Id: Iebe31d2d6affa686ccb4287cd80c2c5683cc787a Reviewed-by: Timur Pocheptsov --- tests/auto/qhttpserver/BLACKLIST | 3 -- tests/auto/qhttpserver/tst_qhttpserver.cpp | 38 ++++++++++++++++++++-- 2 files changed, 36 insertions(+), 5 deletions(-) diff --git a/tests/auto/qhttpserver/BLACKLIST b/tests/auto/qhttpserver/BLACKLIST index 9440171..137eabd 100644 --- a/tests/auto/qhttpserver/BLACKLIST +++ b/tests/auto/qhttpserver/BLACKLIST @@ -19,6 +19,3 @@ android android [routeDelete:any, delete, ssl] android - -[pipelinedRequests] -macos-15 # QTBUG-130500 diff --git a/tests/auto/qhttpserver/tst_qhttpserver.cpp b/tests/auto/qhttpserver/tst_qhttpserver.cpp index 855bc9f..9093376 100644 --- a/tests/auto/qhttpserver/tst_qhttpserver.cpp +++ b/tests/auto/qhttpserver/tst_qhttpserver.cpp @@ -10,6 +10,8 @@ #include +#include +#include #include #include #include @@ -28,6 +30,7 @@ #if QT_CONFIG(ssl) #include +#include #include #include #endif @@ -40,6 +43,8 @@ #include +QT_BEGIN_NAMESPACE + #if QT_CONFIG(ssl) static const char g_privateKey[] = R"(-----BEGIN RSA PRIVATE KEY----- @@ -128,9 +133,28 @@ ignL7f4e1m2jh0oWTLhuP1hnVFN4KAKpVIJXhbEkH59cLCN6ARXiEHCM9rmK5Rgk NQZlAZc2w1Ha9lqisaWWpt42QVhQM64= -----END CERTIFICATE-----)"; -#endif // QT_CONFIG(ssl) +// Check if it's a macOS-build-with-SDK14 running on macOS 15: +bool sslServerIsBlockingKeychain() +{ +#ifdef Q_OS_MACOS + if (QSslSocket::activeBackend() != QLatin1String("securetransport")) + return false; +#if QT_MACOS_IOS_PLATFORM_SDK_EQUAL_OR_ABOVE(150000, 180000) + // Starting from macOS 15 our temporary keychain is ignored. + // We have to use kSecImportToMemoryOnly/kCFBooleanTrue key/value + // instead. This way we don't have to use QT_SSL_USE_TEMPORARY_KEYCHAIN anymore. + return false; +#else + if (QOperatingSystemVersion::current() >= QOperatingSystemVersion::MacOSSequoia) { + // We were built with SDK below 15, but a file-based keychains are not working anymore on macOS 15... + return true; + } +#endif +#endif // Q_OS_MACOS + return false; +} -QT_BEGIN_NAMESPACE +#endif // QT_CONFIG(ssl) using namespace Qt::StringLiterals; @@ -210,6 +234,7 @@ class tst_QHttpServer final : public QObject private slots: void initTestCase_data(); void initTestCase(); + void init(); void routeGet_data(); void routeGet(); void routeKeepAlive(); @@ -533,6 +558,15 @@ void tst_QHttpServer::initTestCase() #endif } +void tst_QHttpServer::init() +{ +#if QT_CONFIG(ssl) + QFETCH_GLOBAL(const bool, useSsl); + if (useSsl && sslServerIsBlockingKeychain()) + QSKIP("SslServer is blocking the test execution while trying to access the login keychain"); +#endif // QT_CONFIG(ssl) +} + void tst_QHttpServer::routeGet_data() { QTest::addColumn("url");