Skip to content

Commit 264d2eb

Browse files
dakcartodakcarto
committedSep 24, 2015
[auth] Update auth config tests; strip passphrase from QgsPkiBundle
·
ltr-3_40archive/master_2
1 parent 83e0b81 commit 264d2eb

File tree

5 files changed

+37
-62
lines changed

5 files changed

+37
-62
lines changed
 

‎python/core/auth/qgsauthconfig.sip

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,6 @@ class QgsPkiBundle
6565
public:
6666
QgsPkiBundle( const QSslCertificate &clientCert = QSslCertificate(),
6767
const QSslKey &clientKey = QSslKey(),
68-
const QString &keyPassphrase = QString::null ,
6968
const QList<QSslCertificate> &caChain = QList<QSslCertificate>() );
7069
~QgsPkiBundle();
7170

@@ -85,12 +84,9 @@ class QgsPkiBundle
8584
const QSslCertificate clientCert() const;
8685
void setClientCert( const QSslCertificate &cert );
8786

88-
const QSslKey clientKey( bool reencrypt = true ) const;
87+
const QSslKey clientKey() const;
8988
void setClientKey( const QSslKey &certkey );
9089

91-
const QString keyPassphrase() const;
92-
void setKeyPassphrase( const QString &pass );
93-
9490
const QList<QSslCertificate> caChain() const;
9591
void setCaChain( const QList<QSslCertificate> &cachain );
9692
};

‎src/core/auth/qgsauthconfig.cpp

Lines changed: 0 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -174,11 +174,9 @@ bool QgsAuthMethodConfig::uriToResource( const QString &accessurl, QString *reso
174174

175175
QgsPkiBundle::QgsPkiBundle( const QSslCertificate &clientCert,
176176
const QSslKey &clientKey,
177-
const QString &keyPassphrase,
178177
const QList<QSslCertificate> &caChain )
179178
: mCert( QSslCertificate() )
180179
, mCertKey( QSslKey() )
181-
, mKeyPassphrase( keyPassphrase )
182180
, mCaChain( caChain )
183181
{
184182
setClientCert( clientCert );
@@ -330,17 +328,6 @@ void QgsPkiBundle::setClientCert( const QSslCertificate &cert )
330328
}
331329
}
332330

333-
const QSslKey QgsPkiBundle::clientKey( bool reencrypt ) const
334-
{
335-
if ( reencrypt )
336-
{
337-
QSslKey cert_key( mCertKey.toPem( QByteArray() ),
338-
QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, mKeyPassphrase.toUtf8() );
339-
return cert_key;
340-
}
341-
return mCertKey;
342-
}
343-
344331
void QgsPkiBundle::setClientKey( const QSslKey &certkey )
345332
{
346333
mCertKey.clear();

‎src/core/auth/qgsauthconfig.h

Lines changed: 1 addition & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -192,12 +192,10 @@ class CORE_EXPORT QgsPkiBundle
192192
* Construct a bundle from existing PKI components
193193
* @param clientCert Certificate to store in bundle
194194
* @param clientKey Private key to store in bundle
195-
* @param keyPassphrase Private key passphrase
196195
* @param caChain Chain of Certificate Authorities for client certificate
197196
*/
198197
QgsPkiBundle( const QSslCertificate &clientCert = QSslCertificate(),
199198
const QSslKey &clientKey = QSslKey(),
200-
const QString &keyPassphrase = QString::null ,
201199
const QList<QSslCertificate> &caChain = QList<QSslCertificate>() );
202200
~QgsPkiBundle();
203201

@@ -236,15 +234,10 @@ class CORE_EXPORT QgsPkiBundle
236234
void setClientCert( const QSslCertificate &cert );
237235

238236
/** Private key object */
239-
const QSslKey clientKey( bool reencrypt = true ) const;
237+
const QSslKey clientKey() const { return mCertKey; }
240238
/** Set private key object */
241239
void setClientKey( const QSslKey &certkey );
242240

243-
/** Private key passphrase */
244-
const QString keyPassphrase() const { return mKeyPassphrase; }
245-
/** Set private key passphrase */
246-
void setKeyPassphrase( const QString &pass ) { mKeyPassphrase = pass; }
247-
248241
/** Chain of Certificate Authorities for client certificate */
249242
const QList<QSslCertificate> caChain() const { return mCaChain; }
250243
/** Set chain of Certificate Authorities for client certificate */
@@ -253,7 +246,6 @@ class CORE_EXPORT QgsPkiBundle
253246
private:
254247
QSslCertificate mCert;
255248
QSslKey mCertKey;
256-
QString mKeyPassphrase;
257249
QList<QSslCertificate> mCaChain;
258250
};
259251

‎src/gui/auth/qgsauthimportidentitydialog.cpp

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -312,7 +312,6 @@ bool QgsAuthImportIdentityDialog::validatePkiPaths()
312312
mCertBundle = qMakePair( clientcert, clientkey );
313313
mPkiBundle = QgsPkiBundle( clientcert,
314314
clientkey,
315-
!keypass.isEmpty() ? keypass : QString::null,
316315
ca_certs );
317316
}
318317

@@ -425,7 +424,7 @@ bool QgsAuthImportIdentityDialog::validatePkiPkcs12()
425424
}
426425

427426
mCertBundle = qMakePair( clientcert, clientkey );
428-
mPkiBundle = QgsPkiBundle( clientcert, clientkey, keypass, ca_certs );
427+
mPkiBundle = QgsPkiBundle( clientcert, clientkey, ca_certs );
429428
}
430429

431430
return bundlevalid;

‎tests/src/core/testqgsauthconfig.cpp

Lines changed: 34 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -60,14 +60,14 @@ void TestQgsAuthConfig::cleanupTestCase()
6060
void TestQgsAuthConfig::testMethodConfig()
6161
{
6262
QgsAuthMethodConfig mconfig;
63-
Q_ASSERT( !mconfig.isValid() );
63+
QVERIFY( !mconfig.isValid() );
6464

6565
mconfig.setName( "Some Name" );
6666
mconfig.setMethod( "MethodKey" );
67-
Q_ASSERT( mconfig.isValid() );
67+
QVERIFY( mconfig.isValid() );
6868

6969
mconfig.setId( "0000000" );
70-
Q_ASSERT( mconfig.isValid( true ) );
70+
QVERIFY( mconfig.isValid( true ) );
7171

7272
mconfig.setVersion( 1 );
7373
mconfig.setUri( "http://example.com" );
@@ -89,7 +89,7 @@ void TestQgsAuthConfig::testMethodConfig()
8989
QCOMPARE( mconfig.configString(), confstr );
9090

9191
mconfig.clearConfigMap();
92-
Q_ASSERT( mconfig.configMap().isEmpty() );
92+
QVERIFY( mconfig.configMap().isEmpty() );
9393

9494
mconfig.setConfig( "key1", "value1" );
9595
mconfig.setConfig( "key2", "value2" );
@@ -102,65 +102,62 @@ void TestQgsAuthConfig::testMethodConfig()
102102
QCOMPARE( mconfig.config( "key1" ), QString( "value1" ) );
103103
QCOMPARE( mconfig.configList( "key3" ), key3list );
104104

105-
Q_ASSERT( mconfig.hasConfig( "key2" ) );
105+
QVERIFY( mconfig.hasConfig( "key2" ) );
106106
mconfig.removeConfig( "key2" );
107-
Q_ASSERT( !mconfig.hasConfig( "key2" ) );
107+
QVERIFY( !mconfig.hasConfig( "key2" ) );
108108

109109
mconfig.loadConfigString( confstr );
110110
QCOMPARE( mconfig.configMap(), confmap );
111111
QCOMPARE( mconfig.configString(), confstr );
112112

113113
QgsAuthMethodConfig mconfig2( mconfig );
114-
Q_ASSERT( mconfig2 == mconfig );
114+
QVERIFY( mconfig2 == mconfig );
115115

116116
mconfig.setMethod( "MethodKey2" );
117-
Q_ASSERT( mconfig2 != mconfig );
117+
QVERIFY( mconfig2 != mconfig );
118118
}
119119

120120
void TestQgsAuthConfig::testPkiBundle()
121121
{
122122
QgsPkiBundle bundle;
123-
Q_ASSERT( bundle.isNull() );
124-
Q_ASSERT( !bundle.isValid() );
123+
QVERIFY( bundle.isNull() );
124+
QVERIFY( !bundle.isValid() );
125125

126126
QList<QSslCertificate> cacerts( QSslCertificate::fromPath( smPkiData + "/chain_subissuer-issuer-root.pem" ) );
127-
Q_ASSERT( !cacerts.isEmpty() );
127+
QVERIFY( !cacerts.isEmpty() );
128128
QCOMPARE( cacerts.size(), 3 );
129129
QgsPkiBundle bundle2( QgsPkiBundle::fromPemPaths( smPkiData + "/fra_cert.pem",
130130
smPkiData + "/fra_key_w-pass.pem",
131131
"password",
132132
cacerts ) );
133-
Q_ASSERT( !bundle2.isNull() );
134-
Q_ASSERT( bundle2.isValid() );
133+
QVERIFY( !bundle2.isNull() );
134+
QVERIFY( bundle2.isValid() );
135135
QCOMPARE( bundle2.certId(), QString( "c3633c428d441853973e5081ba9be39f667f5af6" ) );
136136

137137
QSslCertificate clientcert( bundle2.clientCert() );
138-
Q_ASSERT( !clientcert.isNull() );
139-
QSslKey clientkey( bundle2.clientKey( true ) );
140-
Q_ASSERT( !clientkey.isNull() );
141-
QString keypass( bundle2.keyPassphrase() );
142-
Q_ASSERT( !keypass.isEmpty() );
138+
QVERIFY( !clientcert.isNull() );
139+
QSslKey clientkey( bundle2.clientKey() );
140+
QVERIFY( !clientkey.isNull() );
143141
QList<QSslCertificate> cachain( bundle2.caChain() );
144-
Q_ASSERT( !cachain.isEmpty() );
142+
QVERIFY( !cachain.isEmpty() );
145143
QCOMPARE( cachain.size(), 3 );
146144

147-
QgsPkiBundle bundle3( clientcert, clientkey, keypass, cachain );
148-
Q_ASSERT( !bundle3.isNull() );
149-
Q_ASSERT( bundle3.isValid() );
145+
QgsPkiBundle bundle3( clientcert, clientkey, cachain );
146+
QVERIFY( !bundle3.isNull() );
147+
QVERIFY( bundle3.isValid() );
150148

151149
bundle.setClientCert( clientcert );
152150
bundle.setClientKey( clientkey );
153-
bundle.setKeyPassphrase( keypass );
154151
bundle.setCaChain( cachain );
155-
Q_ASSERT( !bundle.isNull() );
156-
Q_ASSERT( bundle.isValid() );
152+
QVERIFY( !bundle.isNull() );
153+
QVERIFY( bundle.isValid() );
157154

158155
QgsPkiBundle bundle4( QgsPkiBundle::fromPkcs12Paths( smPkiData + "/fra_w-chain.p12",
159156
"password" ) );
160-
Q_ASSERT( !bundle4.isNull() );
161-
Q_ASSERT( bundle4.isValid() );
157+
QVERIFY( !bundle4.isNull() );
158+
QVERIFY( bundle4.isValid() );
162159
QList<QSslCertificate> cachain4( bundle2.caChain() );
163-
Q_ASSERT( !cachain4.isEmpty() );
160+
QVERIFY( !cachain4.isEmpty() );
164161
QCOMPARE( cachain4.size(), 3 );
165162
}
166163

@@ -172,7 +169,7 @@ void TestQgsAuthConfig::testPkiConfigBundle()
172169
mconfig.setId( "0000000" );
173170
mconfig.setVersion( 1 );
174171
mconfig.setUri( "http://example.com" );
175-
Q_ASSERT( mconfig.isValid( true ) );
172+
QVERIFY( mconfig.isValid( true ) );
176173

177174
QSslCertificate clientcert( QSslCertificate::fromPath( smPkiData + "/gerardus_cert.pem" ).first() );
178175
QByteArray keydata;
@@ -183,15 +180,15 @@ void TestQgsAuthConfig::testPkiConfigBundle()
183180
QSslKey clientkey( keydata, QSsl::Rsa );
184181

185182
QgsPkiConfigBundle bundle( mconfig, clientcert, clientkey );
186-
Q_ASSERT( bundle.isValid() );
183+
QVERIFY( bundle.isValid() );
187184
QCOMPARE( bundle.config(), mconfig );
188185

189186
QCOMPARE( bundle.clientCert(), clientcert );
190187
QCOMPARE( bundle.clientCertKey(), clientkey );
191188
bundle.setConfig( mconfig );
192189
bundle.setClientCert( clientcert );
193190
bundle.setClientCertKey( clientkey );
194-
Q_ASSERT( bundle.isValid() );
191+
QVERIFY( bundle.isValid() );
195192
QCOMPARE( bundle.config(), mconfig );
196193
QCOMPARE( bundle.clientCert(), clientcert );
197194
QCOMPARE( bundle.clientCertKey(), clientkey );
@@ -204,8 +201,12 @@ void TestQgsAuthConfig::testConfigSslServer()
204201
QSslCertificate sslcert( QSslCertificate::fromPath( smPkiData + "/localhost_ssl_cert.pem" ).first() );
205202

206203
QgsAuthConfigSslServer sslconfig;
207-
Q_ASSERT( sslconfig.isNull() );
204+
QVERIFY( sslconfig.isNull() );
205+
#if QT_VERSION >= 0x040800
208206
QCOMPARE( sslconfig.qtVersion(), 480 );
207+
#else
208+
QCOMPARE( sslconfig.qtVersion(), 470 );
209+
#endif
209210
QCOMPARE( sslconfig.version(), 1 );
210211
QCOMPARE( sslconfig.sslPeerVerifyMode(), QSslSocket::VerifyPeer );
211212

@@ -219,7 +220,7 @@ void TestQgsAuthConfig::testConfigSslServer()
219220
QList<QSslError::SslError> sslerrenums;
220221
sslerrenums << QSslError::SelfSignedCertificateInChain << QSslError::SubjectIssuerMismatch;
221222
sslconfig.setSslIgnoredErrorEnums( sslerrenums );
222-
Q_ASSERT( !sslconfig.isNull() );
223+
QVERIFY( !sslconfig.isNull() );
223224

224225
QCOMPARE( sslconfig.configString(), confstr );
225226
QCOMPARE( sslconfig.sslHostPort(), hostport );

0 commit comments

Comments
 (0)
Please sign in to comment.