- Timestamp:
- Sep 9, 2015 5:28:16 PM (9 years ago)
- Location:
- trunk/src/VBox/Frontends/VirtualBox/src/net
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/Frontends/VirtualBox/src/net/UINetworkReply.cpp
r57676 r57677 107 107 static unsigned countCertsFound(bool const *pafFoundCerts); 108 108 static bool areAllCertsFound(bool const *pafFoundCerts); 109 static void refreshCertificates(RTHTTP hHttp, RTCRSTORE hOldStore, bool *pafFoundCerts, const char *pszCaCertFile);109 static int refreshCertificates(RTHTTP hHttp, PRTCRSTORE phStore, bool *pafFoundCerts, const char *pszCaCertFile); 110 110 static void downloadMissingCertificates(RTCRSTORE hNewStore, bool *pafNewFoundCerts, RTHTTP hHttp, 111 111 PRTERRINFOSTATIC pStaticErrInfo); … … 130 130 131 131 #ifdef VBOX_GUI_IN_TST_SSL_CERT_DOWNLOADS 132 friend UINetworkReplyPrivateThreadTestcase; 132 public: 133 static void testIt(RTTEST hTest); 133 134 #endif 134 135 }; … … 308 309 */ 309 310 if (fRefresh) 310 refreshCertificates(m_hHttp, hCurStore, afCertsFound, pszCaCertFile);311 refreshCertificates(m_hHttp, &hCurStore, afCertsFound, pszCaCertFile); 311 312 312 313 RTCrStoreRelease(hCurStore); … … 465 466 } 466 467 467 /*static*/ void 468 UINetworkReplyPrivateThread::refreshCertificates(RTHTTP hHttp, RTCRSTORE hOldStore, bool *pafOldFoundCerts, 468 /** 469 * Refresh the certificates. 470 * 471 * @return IPRT status code for the testcase. 472 * @param hHttp The HTTP client instance. (Can be NIL when 473 * running the testcase.) 474 * @param phStore On input, this holds the current store, so that 475 * we can fish out wanted certificates from it. 476 * On successful return, this is replaced with a 477 * new store reflecting the refrehsed content of 478 * @a pszCaCertFile. 479 * @param pafFoundCerts On input, this holds the certificates found in 480 * the current store. On return, this reflects 481 * what is current in the @a pszCaCertFile. The 482 * array runs parallel to s_aCerts. 483 * @param pszCaCertFile Where to write the refreshed certificates if 484 * we've managed to gather a collection that is at 485 * least as good as the old one. 486 */ 487 /*static*/ int 488 UINetworkReplyPrivateThread::refreshCertificates(RTHTTP hHttp, PRTCRSTORE phStore, bool *pafFoundCerts, 469 489 const char *pszCaCertFile) 470 490 { … … 472 492 * Collect the standard assortment of SSL certificates. 473 493 */ 474 uint32_t cHint = RTCrStoreCertCount( hOldStore);494 uint32_t cHint = RTCrStoreCertCount(*phStore); 475 495 RTCRSTORE hNewStore; 476 496 int rc = RTCrStoreCreateInMem(&hNewStore, cHint > 32 && cHint < _32K ? cHint + 16 : 256); … … 501 521 rc = RTCrStoreCertAddWantedFromStore(hNewStore, 502 522 RTCRCERTCTX_F_ADD_IF_NOT_FOUND | RTCRCERTCTX_F_ADD_CONTINUE_ON_ERROR, 503 hOldStore, s_aCerts, RT_ELEMENTS(s_aCerts), afNewFoundCerts);523 *phStore, s_aCerts, RT_ELEMENTS(s_aCerts), afNewFoundCerts); 504 524 AssertLogRelRC(rc); 505 525 Assert(rc != VINF_SUCCESS || areAllCertsFound(afNewFoundCerts)); … … 525 545 * If that didn't help, try download the certificates. 526 546 */ 527 if (rc != VINF_SUCCESS )547 if (rc != VINF_SUCCESS && hHttp != NIL_RTHTTP) 528 548 downloadMissingCertificates(hNewStore, afNewFoundCerts, hHttp, &StaticErrInfo); 529 549 … … 533 553 */ 534 554 if ( areAllCertsFound(afNewFoundCerts) 535 || countCertsFound(afNewFoundCerts) >= countCertsFound(paf OldFoundCerts) )555 || countCertsFound(afNewFoundCerts) >= countCertsFound(pafFoundCerts) ) 536 556 { 537 557 rc = RTCrStoreCertExportAsPem(hNewStore, 0 /*fFlags*/, pszCaCertFile); 538 558 if (RT_SUCCESS(rc)) 539 559 { 540 memcpy(pafOldFoundCerts, afNewFoundCerts, sizeof(afNewFoundCerts));541 560 LogRel(("refreshCertificates/#3: Found %u/%u SSL certs we/you trust (previously %u/%u).\n", 542 561 countCertsFound(afNewFoundCerts), RTCrStoreCertCount(hNewStore), 543 countCertsFound(pafOldFoundCerts), RTCrStoreCertCount(hOldStore) )); 562 countCertsFound(pafFoundCerts), RTCrStoreCertCount(*phStore) )); 563 564 memcpy(pafFoundCerts, afNewFoundCerts, sizeof(afNewFoundCerts)); 565 RTCrStoreRelease(*phStore); 566 *phStore = hNewStore; 567 hNewStore = NIL_RTCRSTORE; 544 568 } 545 569 else 546 570 { 547 RT_ZERO(paf OldFoundCerts);571 RT_ZERO(pafFoundCerts); 548 572 LogRel(("refreshCertificates/#3: RTCrStoreCertExportAsPem unexpectedly failed with %Rrc\n", rc)); 549 573 } … … 554 578 RTCrStoreRelease(hNewStore); 555 579 } 580 return rc; 556 581 } 557 582 … … 697 722 } 698 723 724 #ifndef VBOX_GUI_IN_TST_SSL_CERT_DOWNLOADS 699 725 700 726 /** … … 803 829 804 830 805 806 /* 807 * 808 * Class UINetworkReply implementation. 809 * Class UINetworkReply implementation. 810 * Class UINetworkReply implementation. 811 * 812 */ 813 814 #ifndef VBOX_GUI_IN_TST_SSL_CERT_DOWNLOADS 831 /********************************************************************************************************************************* 832 * Class UINetworkReply implementation. * 833 *********************************************************************************************************************************/ 815 834 816 835 UINetworkReply::UINetworkReply(const QNetworkRequest &request, UINetworkRequestType requestType) -
trunk/src/VBox/Frontends/VirtualBox/src/net/tstSSLCertDownloads.cpp
r57676 r57677 34 34 35 35 36 class UINetworkReplyPrivateThreadTestcase37 {38 public:39 UINetworkReplyPrivateThreadTestcase()40 {41 }42 43 static void testIt(RTTEST hTest);44 };45 46 47 36 /* 48 37 * It's a private class we're testing, so we must include the source. … … 53 42 54 43 55 /*static*/ void UINetworkReplyPrivateThread Testcase::testIt(RTTEST hTest)44 /*static*/ void UINetworkReplyPrivateThread::testIt(RTTEST hTest) 56 45 { 57 46 QNetworkRequest Dummy; … … 69 58 * PEM URL (as the rest are currently busted). 70 59 */ 60 RTTestISub("SSL Cert downloading"); 71 61 RTCRSTORE hStore; 72 RTTESTI_CHECK_RC(RTCrStoreCreateInMem(&hStore, RT_ELEMENTS( TestObj.s_aCerts) * 2), VINF_SUCCESS);62 RTTESTI_CHECK_RC(RTCrStoreCreateInMem(&hStore, RT_ELEMENTS(s_aCerts) * 2), VINF_SUCCESS); 73 63 74 64 int rc; 75 65 76 66 /* ZIP files: */ 77 for (uint32_t iUrl = 0; iUrl < RT_ELEMENTS( TestObj.s_apszRootsZipUrls); iUrl++)67 for (uint32_t iUrl = 0; iUrl < RT_ELEMENTS(s_apszRootsZipUrls); iUrl++) 78 68 { 79 RTTestIPrintf(RTTESTLVL_ALWAYS, "URL: %s\n", TestObj.s_apszRootsZipUrls[iUrl]);69 RTTestIPrintf(RTTESTLVL_ALWAYS, "URL: %s\n", s_apszRootsZipUrls[iUrl]); 80 70 void *pvRootsZip; 81 71 size_t cbRootsZip; 82 rc = RTHttpGetBinary(TestObj.m_hHttp, TestObj.s_apszRootsZipUrls[iUrl], &pvRootsZip, &cbRootsZip);72 rc = RTHttpGetBinary(TestObj.m_hHttp, s_apszRootsZipUrls[iUrl], &pvRootsZip, &cbRootsZip); 83 73 if (RT_SUCCESS(rc)) 84 74 { 85 for (uint32_t i = 0; i < RT_ELEMENTS( TestObj.s_aCerts); i++)75 for (uint32_t i = 0; i < RT_ELEMENTS(s_aCerts); i++) 86 76 { 87 UINetworkReplyPrivateThread::CERTINFO const *pInfo; 88 pInfo = (UINetworkReplyPrivateThread::CERTINFO const *)TestObj.s_aCerts[i].pvUser; 77 CERTINFO const *pInfo = (CERTINFO const *)s_aCerts[i].pvUser; 89 78 if (pInfo->pszZipFile) 90 79 { … … 93 82 RTTESTI_CHECK_RC_BREAK(RTZipPkzipMemDecompress(&pvFile, &cbFile, pvRootsZip, cbRootsZip, pInfo->pszZipFile), 94 83 VINF_SUCCESS); 95 RTTESTI_CHECK_RC( TestObj.convertVerifyAndAddPemCertificateToStore(hStore, pvFile, cbFile,96 &TestObj.s_aCerts[i]),VINF_SUCCESS);84 RTTESTI_CHECK_RC(convertVerifyAndAddPemCertificateToStore(hStore, pvFile, cbFile, &TestObj.s_aCerts[i]), 85 VINF_SUCCESS); 97 86 RTMemFree(pvFile); 98 87 } … … 102 91 else if ( rc != VERR_HTTP_PROXY_NOT_FOUND 103 92 && rc != VERR_HTTP_COULDNT_CONNECT) 104 RTTestIFailed("%Rrc on '%s'", rc, TestObj.s_apszRootsZipUrls[iUrl]); /* code or link broken */93 RTTestIFailed("%Rrc on '%s'", rc, s_apszRootsZipUrls[iUrl]); /* code or link broken */ 105 94 } 106 95 107 96 /* PEM files: */ 108 for (uint32_t i = 0; i < RT_ELEMENTS( TestObj.s_aCerts); i++)97 for (uint32_t i = 0; i < RT_ELEMENTS(s_aCerts); i++) 109 98 { 110 99 uint32_t iUrl = 0; /* First URL must always work. */ 111 100 UINetworkReplyPrivateThread::CERTINFO const *pInfo; 112 pInfo = (UINetworkReplyPrivateThread::CERTINFO const *) TestObj.s_aCerts[i].pvUser;101 pInfo = (UINetworkReplyPrivateThread::CERTINFO const *)s_aCerts[i].pvUser; 113 102 if (pInfo->apszUrls[iUrl]) 114 103 { … … 119 108 if (RT_SUCCESS(rc)) 120 109 { 121 RTTESTI_CHECK_RC_OK( TestObj.convertVerifyAndAddPemCertificateToStore(hStore, pvResponse, cbResponse,122 110 RTTESTI_CHECK_RC_OK(convertVerifyAndAddPemCertificateToStore(hStore, pvResponse, cbResponse, 111 &TestObj.s_aCerts[i])); 123 112 RTHttpFreeResponse(pvResponse); 124 113 } … … 128 117 } 129 118 } 119 120 RTTESTI_CHECK(RTCrStoreRelease(hStore) == 0); 121 122 /* 123 * Now check the gathering of certificates on the system doesn't crash. 124 */ 125 RTTestISub("Refreshing certificates"); 126 127 /* create an empty store and do the refresh operation, writing it to /dev/null. */ 128 RTTESTI_CHECK_RC(RTCrStoreCreateInMem(&hStore, RT_ELEMENTS(s_aCerts) * 2), VINF_SUCCESS); 129 bool afFoundCerts[RT_ELEMENTS(s_aCerts)]; 130 RT_ZERO(afFoundCerts); 131 #if defined(RT_OS_WINDOWS) || defined(RT_OS_OS2) 132 RTTESTI_CHECK_RC_OK(TestObj.refreshCertificates(NIL_RTHTTP, &hStore, afFoundCerts, "nul")); 133 #else 134 RTTESTI_CHECK_RC_OK(TestObj.refreshCertificates(NIL_RTHTTP, &hStore, afFoundCerts, "/dev/null")); 135 #endif 136 137 /* Log how many certificates we found and require at least one. */ 138 uint32_t cCerts = RTCrStoreCertCount(hStore); 139 RTTestIValue("certificates", cCerts, RTTESTUNIT_NONE); 140 RTTESTI_CHECK(cCerts > 0); 130 141 131 142 RTTESTI_CHECK(RTCrStoreRelease(hStore) == 0); … … 143 154 { 144 155 RTTEST hTest; 145 RTEXITCODE rcExit = RTTestInitAndCreate("tst CertDownloads", &hTest);156 RTEXITCODE rcExit = RTTestInitAndCreate("tstSSLCertDownloads", &hTest); 146 157 if (rcExit != RTEXITCODE_SUCCESS) 147 158 return rcExit; 148 159 RTTestBanner(hTest); 149 160 150 UINetworkReplyPrivateThread Testcase::testIt(hTest);161 UINetworkReplyPrivateThread::testIt(hTest); 151 162 152 163 return RTTestSummaryAndDestroy(hTest);
Note:
See TracChangeset
for help on using the changeset viewer.