amass/qt6windows7
1
0
Fork 0
mirror of https://github.com/crystalidea/qt6windows7.git synced 2025-07-02 07:15:27 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

qt 6.5.1 original

Browse Source
This commit is contained in:
kleuter
2023-10-29 23:33:08 +01:00
parent 71d22ab6b0
commit 85d238dfda
21202 changed files with 5499099 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
tests/testserver/apache2/apache2.sh Normal file
View File

@ -0,0 +1,53 @@
#!/usr/bin/env bash
# Copyright (C) 2018 The Qt Company Ltd.
# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
set -ex
# package apache2
# add users
useradd httptest; echo "httptest:httptest" | chpasswd
# enable apache2 module
/usr/sbin/a2enmod ssl dav_fs headers deflate auth_digest cgi
# enable apache2 config
cp $TESTDATA/{main,security,ssl,dav}.conf /etc/apache2/conf-available/
/usr/sbin/a2enconf main security ssl dav
# install configurations and test data
cp $TESTDATA/deflate.conf /etc/apache2/mods-available/
mkdir -p -m 1777 /home/writeables/dav # dav.conf
a2dissite '*' # disable all of the default apache2 sites
# Populate the web-site:
su $USER -c "cp -r $TESTDATA/www ~/www"
# tst_QNetworkReply::getFromHttp(success-internal)
su $USER -c "cp rfc3252.txt ~/www/htdocs/"; rm rfc3252.txt
# tst_QNetworkReply::synchronousRequest_data()
su $USER -c "mkdir -p ~/www/htdocs/deflate/"
su $USER -c "ln -s ~/www/htdocs/rfc3252.txt ~/www/htdocs/deflate/"
# tst_QNetworkReply::headFromHttp(with-authentication)
su $USER -c "ln -s ~/www/htdocs/rfc3252.txt ~/www/htdocs/rfcs-auth/"
# Duplicate rfc3252.txt 20 times for bigfile tests:
su $USER -c "seq 20 | xargs -i cat ~/www/htdocs/rfc3252.txt >> ~/www/htdocs/bigfile"
# tst_QNetworkReply::postToHttp(empty)
su $USER -c "ln -s ~/www/htdocs/protected/cgi-bin/md5sum.cgi ~/www/cgi-bin/"
# tst_QNetworkReply::lastModifiedHeaderForHttp() expects this time-stamp:
touch -d "2007-05-22 12:04:57 GMT" /home/$USER/www/htdocs/fluke.gif
# Create 10MB file for use by tst_Q*::downloadBigFile and interruption tests:
su $USER -c "/bin/dd if=/dev/zero of=~/www/htdocs/mediumfile bs=1 count=0 seek=10000000"
# Emulate test server's hierarchy:
su $USER -c "ln -s ~/www/htdocs/rfcs/rfc2616.html ~/www/htdocs/deflate/"
# enable service with installed configurations
service apache2 restart

7
tests/testserver/apache2/testdata/dav.conf vendored Normal file
View File

@ -0,0 +1,7 @@
Alias /dav /home/writeables/dav
<Location /dav>
DAV On
order allow,deny
allow from all
Require all granted
</Location>

5
tests/testserver/apache2/testdata/deflate.conf vendored Normal file
View File

@ -0,0 +1,5 @@
# The default configuration will turn on DEFLATE for files served up
# from everywhere.
#
# For testing purposes, we want DEFLATE off by default, and on only for
# specific paths (which is set elsewhere).

60
tests/testserver/apache2/testdata/main.conf vendored Normal file
View File

@ -0,0 +1,60 @@
ServerName apache2.test-net.qt.local:80
NameVirtualHost *:443
<VirtualHost *:80>
</VirtualHost>
<VirtualHost *:443>
SSLEngine On
CustomLog /var/log/apache2/ssl_access.log combined
ErrorLog /var/log/apache2/ssl_error.log
</VirtualHost>
# default ubuntu config turns off SSLv2 because it is deprecated.
# Turn it back on so we can test it.
SSLProtocol all
DocumentRoot /home/qt-test-server/www/htdocs
ScriptAlias /qtest/cgi-bin/ "/home/qt-test-server/www/cgi-bin/"
ScriptAlias /qtest/protected/cgi-bin/ "/home/qt-test-server/www/htdocs/protected/cgi-bin/"
Alias /qtest "/home/qt-test-server/www/htdocs/"
<Directory "/home/qt-test-server/www/htdocs">
Require all granted
</Directory>
<Directory "/home/qt-test-server/www/htdocs/rfcs-auth">
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /home/qt-test-server/passwords
Require user httptest
</Directory>
<Directory "/home/qt-test-server/www/htdocs/auth-digest">
AuthType Digest
AuthName "Digest testing"
AuthDigestProvider file
AuthUserFile /home/qt-test-server/www/htdocs/digest-authfile
Require user httptest
</Directory>
<Directory "/home/qt-test-server/www/htdocs/deflate">
AddOutputFilterByType DEFLATE text/html text/plain text/xml
Header append Vary User-Agent env=!dont-vary
</Directory>
<Directory "/home/qt-test-server/www/cgi-bin">
Options +ExecCGI -Includes
AddHandler cgi-script .cgi .pl
Require all granted
</Directory>
<Directory "/home/qt-test-server/www/htdocs/protected/">
AllowOverride AuthConfig Options
</Directory>
<Directory /home/writeables/dav>
Options Indexes
</Directory>

51
tests/testserver/apache2/testdata/security.conf vendored Normal file
View File

@ -0,0 +1,51 @@
#
# Disable access to the entire file system except for the directories that
# are explicitly allowed later.
#
# This currently breaks the configurations that come with some web application
# Debian packages. It will be made the default for the release after lenny.
#
#<Directory />
# AllowOverride None
# Order Deny,Allow
# Deny from all
#</Directory>
# Changing the following options will not really affect the security of the
# server, but might make attacks slightly more difficult in some cases.
#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minimal | Minor | Major | Prod
# where Full conveys the most information, and Prod the least.
#
#ServerTokens Minimal
ServerTokens OS
#ServerTokens Full
#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
#
#ServerSignature Off
ServerSignature On
#
# Allow TRACE method
#
# Set to "extended" to also reflect the request body (only for testing and
# diagnostic purposes).
#
# Set to one of: On | Off | extended
#
#TraceEnable Off
TraceEnable On

2
tests/testserver/apache2/testdata/ssl.conf vendored Normal file
View File

@ -0,0 +1,2 @@
SSLCertificateFile /home/qt-test-server/ssl-certs/qt-test-server-cert.pem
SSLCertificateKeyFile /home/qt-test-server/ssl-certs/private/qt-test-server-key.pem

11
tests/testserver/apache2/testdata/www/cgi-bin/echo.cgi vendored Normal file
View File

@ -0,0 +1,11 @@
#!/usr/bin/perl
if ($ENV{'REQUEST_METHOD'} eq "GET") {
$request = $ENV{'QUERY_STRING'};
} elsif ($ENV{'REQUEST_METHOD'} eq "POST") {
read(STDIN, $request, $ENV{'CONTENT_LENGTH'}) || die "Could not get query\n";
}
print "Content-type: text/plain\n\n";
print $request;

5
tests/testserver/apache2/testdata/www/cgi-bin/get-cookie.cgi vendored Normal file
View File

@ -0,0 +1,5 @@
#!/bin/sh
echo "Content-Type: text/plain"
echo
echo "$HTTP_COOKIE"

22
tests/testserver/apache2/testdata/www/cgi-bin/http-delete.cgi vendored Normal file
View File

@ -0,0 +1,22 @@
#!/usr/bin/perl
use CGI;
if ($ENV{'REQUEST_METHOD'} eq "DELETE") {
$queryString = $ENV{'QUERY_STRING'};
if ($queryString eq "200-ok") {
$returnCode = 200;
} elsif ($queryString eq "202-accepted") {
$returnCode = 202;
} elsif ($queryString eq "204-no-content") {
$returnCode = 204;
} else {
$returnCode = 404;
}
} else {
# 405 = Method Not Allowed
$returnCode = 405;
}
$q = new CGI;
print $q->header(-status=>$returnCode);

17
tests/testserver/apache2/testdata/www/cgi-bin/http-unknown-authentication-method.cgi vendored Normal file
View File

@ -0,0 +1,17 @@
#!/usr/bin/perl
use CGI;
$queryString = $ENV{'QUERY_STRING'};
my $message;
if ($queryString eq "407-proxy-authorization-required") {
$status = 407;
} else {
$status = 401;
}
$q = new CGI;
print $q->header(-status=>$status,
-type=>"text/plain",
-WWW_Authenticate=>'WSSE realm="Test", profile="TestProfile"'),
"authorization required";

7
tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_cachecontrol-expire.cgi vendored Normal file
View File

@ -0,0 +1,7 @@
#!/bin/bash
# cache control takes precedence over expires
echo "Cache-Control: max-age=-1"
echo "Expires: Mon, 30 Oct 2028 14:19:41 GMT"
echo "Content-type: text/html";
echo ""
echo "Hello World!"

13
tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_cachecontrol.cgi vendored Normal file
View File

@ -0,0 +1,13 @@
#!/bin/bash
if [ ! -z ${HTTP_IF_MODIFIED_SINCE} ] ; then
echo "Status: 304"
echo ""
exit;
fi
cc=`echo "${QUERY_STRING}" | sed -e s/%20/\ /g`
echo "Cache-Control: $cc"
echo "Last-Modified: Sat, 31 Oct 1981 06:00:00 GMT"
echo "Content-type: text/html";
echo ""
echo "Hello World!"

9
tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_cachecontrol200.cgi vendored Normal file
View File

@ -0,0 +1,9 @@
#!/bin/bash
cc=`echo "${QUERY_STRING}" | sed -e s/%20/\ /g`
echo "Status: 200"
echo "Cache-Control: $cc"
echo "Last-Modified: Sat, 31 Oct 1981 06:00:00 GMT"
echo "Content-type: text/html";
echo "X-Script: $0"
echo ""
echo "Hello World!"

5
tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_etag200.cgi vendored Normal file
View File

@ -0,0 +1,5 @@
#!/bin/bash
echo "ETag: foo"
echo "Content-type: text/html";
echo ""
echo "Hello World!"

11
tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_etag304.cgi vendored Normal file
View File

@ -0,0 +1,11 @@
#!/bin/bash
if [ ! -z ${HTTP_IF_NONE_MATCH} ] ; then
echo "Status: 304"
echo ""
exit;
fi
echo "ETag: foo"
echo "Content-type: text/html";
echo ""
echo "Hello World!"

5
tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_expires200.cgi vendored Normal file
View File

@ -0,0 +1,5 @@
#!/bin/bash
echo "Expires: Sat, 31 Oct 1981 6:00:00 GMT"
echo "Content-type: text/html";
echo ""
echo "Hello World!"

11
tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_expires304.cgi vendored Normal file
View File

@ -0,0 +1,11 @@
#!/bin/bash
if [ ${HTTP_IF_MODIFIED_SINCE} == "Mon, 30 Oct 2028 14:19:41 GMT" ] ; then
echo "Status: 304"
echo ""
exit;
fi
echo "Expires: Mon, 30 Oct 2028 14:19:41 GMT"
echo "Content-type: text/html";
echo ""
echo "Hello World!"

12
tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_expires500.cgi vendored Normal file
View File

@ -0,0 +1,12 @@
#!/bin/bash
if [ "${HTTP_IF_MODIFIED_SINCE}" ]
then
echo "Status: 500"
echo ""
exit;
fi
echo "Expires: Mon, 30 Oct 2028 14:19:41 GMT"
echo "Content-type: text/html";
echo ""
echo "Hello World!"

5
tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_lastModified200.cgi vendored Normal file
View File

@ -0,0 +1,5 @@
#!/bin/bash
echo "Last-Modified: Sat, 31 Oct 1981 6:00:00 GMT"
echo "Content-type: text/html";
echo ""
echo "Hello World!"

11
tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_lastModified304.cgi vendored Normal file
View File

@ -0,0 +1,11 @@
#!/bin/bash
if [ ${HTTP_IF_MODIFIED_SINCE} == "Sat, 31 Oct 1981 06:00:00 GMT" ] ; then
echo "Status: 304"
echo ""
exit;
fi
echo "Last-Modified: Sat, 31 Oct 1981 06:00:00 GMT"
echo "Content-type: text/html";
echo ""
echo "Hello World!"

42
tests/testserver/apache2/testdata/www/cgi-bin/multipart.cgi vendored Normal file
View File

@ -0,0 +1,42 @@
#!/usr/bin/perl
use CGI;
use Digest::MD5 qw(md5_hex);
$q = new CGI;
print $q->header();
$contentType = $ENV{"CONTENT_TYPE"};
print "content type: $contentType\n";
if ($contentType =~ /^multipart\/form-data/) {
foreach my $key ($q->param) {
foreach my $value (scalar $q->param($key)) {
if ($key =~ /text/) {
$retValue = $value;
} else {
$retValue = md5_hex($value);
}
print "key: $key, value: $retValue\n";
}
}
} else {
#$contentLength = $ENV{"CONTENT_LENGTH"};
#print "content length: $contentLength\r\n";
$data = $q->param('POSTDATA');
$data =~ s/--\S*--$//; # remove ending boundary
@parts = split(/--\S*\r\n/, $data);
shift(@parts);
foreach (@parts) {
#print "raw: $_";
($header, $content) = split("\r\n\r\n");
@headerFields = split("\r\n", $header);
foreach (@headerFields) {
($fieldName, $value) = split(": ");
print "header: $fieldName, value: '$value'\n";
}
$content =~ s/\r\n//;
print "content: $content\n\n";
}
}

9
tests/testserver/apache2/testdata/www/cgi-bin/set-cookie.cgi vendored Normal file
View File

@ -0,0 +1,9 @@
#!/bin/sh
echo "Content-type: text/plain"
while read line; do
echo "Set-Cookie: $line"
done
echo
echo "Success"

1
tests/testserver/apache2/testdata/www/htdocs/auth-digest/index.html vendored Normal file
View File

@ -0,0 +1 @@
digest authentication successful

1
tests/testserver/apache2/testdata/www/htdocs/digest-authfile vendored Normal file
View File

@ -0,0 +1 @@
httptest:Digest testing:5f68f4bc3cd2873a3d547558fe7d9782

BIN
tests/testserver/apache2/testdata/www/htdocs/fluke.gif vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 27 KiB

3
tests/testserver/apache2/testdata/www/htdocs/index.html vendored Normal file
View File

@ -0,0 +1,3 @@
<h1>Welcome to qt-test-server</h1>
<img src="fluke.gif" alt="fluke">
<p>This is a network test server. It serves as a caching ftp and http proxy, transparent http/socks5 proxy, imap, ftp and http server, and more.</p>

5
tests/testserver/apache2/testdata/www/htdocs/protected/.htaccess vendored Normal file
View File

@ -0,0 +1,5 @@
Require valid-user
AuthUserFile /home/qt-test-server/passwords
AuthType basic
AuthName "password-protected area"
Options Indexes

6
tests/testserver/apache2/testdata/www/htdocs/protected/cgi-bin/md5sum.cgi vendored Normal file
View File

@ -0,0 +1,6 @@
#!/bin/sh
echo "Content-type: text/plain";
echo "Content-length: 33"
echo
md5sum | cut -f 1 -d " "

899
tests/testserver/apache2/testdata/www/htdocs/protected/rfc3252.txt vendored Normal file
View File

@ -0,0 +1,899 @@
Network Working Group H. Kennedy
Request for Comments: 3252 Mimezine
Category: Informational 1 April 2002
Binary Lexical Octet Ad-hoc Transport
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2002). All Rights Reserved.
Abstract
This document defines a reformulation of IP and two transport layer
protocols (TCP and UDP) as XML applications.
1. Introduction
1.1. Overview
This document describes the Binary Lexical Octet Ad-hoc Transport
(BLOAT): a reformulation of a widely-deployed network-layer protocol
(IP [RFC791]), and two associated transport layer protocols (TCP
[RFC793] and UDP [RFC768]) as XML [XML] applications. It also
describes methods for transporting BLOAT over Ethernet and IEEE 802
networks as well as encapsulating BLOAT in IP for gatewaying BLOAT
across the public Internet.
1.2. Motivation
The wild popularity of XML as a basis for application-level protocols
such as the Blocks Extensible Exchange Protocol [RFC3080], the Simple
Object Access Protocol [SOAP], and Jabber [JABBER] prompted
investigation into the possibility of extending the use of XML in the
protocol stack. Using XML at both the transport and network layer in
addition to the application layer would provide for an amazing amount
of power and flexibility while removing dependencies on proprietary
and hard-to-understand binary protocols. This protocol unification
would also allow applications to use a single XML parser for all
aspects of their operation, eliminating developer time spent figuring
out the intricacies of each new protocol, and moving the hard work of
Kennedy Informational [Page 1]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
parsing to the XML toolset. The use of XML also mitigates concerns
over "network vs. host" byte ordering which is at the root of many
network application bugs.
1.3. Relation to Existing Protocols
The reformulations specified in this RFC follow as closely as
possible the spirit of the RFCs on which they are based, and so MAY
contain elements or attributes that would not be needed in a pure
reworking (e.g. length attributes, which are implicit in XML.)
The layering of network and transport protocols are maintained in
this RFC despite the optimizations that could be made if the line
were somewhat blurred (i.e. merging TCP and IP into a single, larger
element in the DTD) in order to foster future use of this protocol as
a basis for reformulating other protocols (such as ICMP.)
Other than the encoding, the behavioral aspects of each of the
existing protocols remain unchanged. Routing, address spaces, TCP
congestion control, etc. behave as specified in the extant standards.
Adapting to new standards and experimental algorithm heuristics for
improving performance will become much easier once the move to BLOAT
has been completed.
1.4. Requirement Levels
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in BCP 14, RFC 2119
[RFC2119].
2. IPoXML
This protocol MUST be implemented to be compliant with this RFC.
IPoXML is the root protocol REQUIRED for effective use of TCPoXML
(section 3.) and higher-level application protocols.
The DTD for this document type can be found in section 7.1.
The routing of IPoXML can be easily implemented on hosts with an XML
parser, as the regular structure lends itself handily to parsing and
validation of the document/datagram and then processing the
destination address, TTL, and checksum before sending it on to its
next-hop.
The reformulation of IPv4 was chosen over IPv6 [RFC2460] due to the
wider deployment of IPv4 and the fact that implementing IPv6 as XML
would have exceeded the 1500 byte Ethernet MTU.
Kennedy Informational [Page 2]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
All BLOAT implementations MUST use - and specify - the UTF-8 encoding
of RFC 2279 [RFC2279]. All BLOAT document/datagrams MUST be well-
formed and include the XMLDecl.
2.1. IP Description
A number of items have changed (for the better) from the original IP
specification. Bit-masks, where present have been converted into
human-readable values. IP addresses are listed in their dotted-
decimal notation [RFC1123]. Length and checksum values are present
as decimal integers.
To calculate the length and checksum fields of the IP element, a
canonicalized form of the element MUST be used. The canonical form
SHALL have no whitespace (including newline characters) between
elements and only one space character between attributes. There
SHALL NOT be a space following the last attribute in an element.
An iterative method SHOULD be used to calculate checksums, as the
length field will vary based on the size of the checksum.
The payload element bears special attention. Due to the character
set restrictions of XML, the payload of IP datagrams (which MAY
contain arbitrary data) MUST be encoded for transport. This RFC
REQUIRES the contents of the payload to be encoded in the base-64
encoding of RFC 2045 [RFC2045], but removes the requirement that the
encoded output MUST be wrapped on 76-character lines.
Kennedy Informational [Page 3]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
2.2. Example Datagram
The following is an example IPoXML datagram with an empty payload:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE ip PUBLIC "-//IETF//DTD BLOAT 1.0 IP//EN" "bloat.dtd">
<ip>
<header length="474">
<version value="4"/>
<tos precedence="Routine" delay="Normal" throughput="Normal"
relibility="Normal" reserved="0"/>
<total.length value="461"/>
<id value="1"/>
<flags reserved="0" df="dont" mf="last"/>
<offset value="0"/>
<ttl value="255"/>
<protocol value="6"/>
<checksum value="8707"/>
<source address="10.0.0.22"/>
<destination address="10.0.0.1"/>
<options>
<end copied="0" class="0" number="0"/>
</options>
<padding pad="0"/>
</header>
<payload>
</payload>
</ip>
3. TCPoXML
This protocol MUST be implemented to be compliant with this RFC. The
DTD for this document type can be found in section 7.2.
3.1. TCP Description
A number of items have changed from the original TCP specification.
Bit-masks, where present have been converted into human-readable
values. Length and checksum and port values are present as decimal
integers.
To calculate the length and checksum fields of the TCP element, a
canonicalized form of the element MUST be used as in section 2.1.
An iterative method SHOULD be used to calculate checksums as in
section 2.1.
The payload element MUST be encoded as in section 2.1.
Kennedy Informational [Page 4]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
The TCP offset element was expanded to a maximum of 255 from 16 to
allow for the increased size of the header in XML.
TCPoXML datagrams encapsulated by IPoXML MAY omit the <?xml?> header
as well as the <!DOCTYPE> declaration.
3.2. Example Datagram
The following is an example TCPoXML datagram with an empty payload:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE tcp PUBLIC "-//IETF//DTD BLOAT 1.0 TCP//EN" "bloat.dtd">
<tcp>
<tcp.header>
<src port="31415"/>
<dest port="42424"/>
<sequence number="322622954"/>
<acknowledgement number="689715995"/>
<offset number=""/>
<reserved value="0"/>
<control syn="1" ack="1"/>
<window size="1"/>
<urgent pointer="0"/>
<checksum value="2988"/>
<tcp.options>
<tcp.end kind="0"/>
</tcp.options>
<padding pad="0"/>
</tcp.header>
<payload>
</payload>
</tcp>
4. UDPoXML
This protocol MUST be implemented to be compliant with this RFC. The
DTD for this document type can be found in section 7.3.
4.1. UDP Description
A number of items have changed from the original UDP specification.
Bit-masks, where present have been converted into human-readable
values. Length and checksum and port values are present as decimal
integers.
Kennedy Informational [Page 5]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
To calculate the length and checksum fields of the UDP element, a
canonicalized form of the element MUST be used as in section 2.1. An
iterative method SHOULD be used to calculate checksums as in section
2.1.
The payload element MUST be encoded as in section 2.1.
UDPoXML datagrams encapsulated by IPoXML MAY omit the <?xml?> header
as well as the <!DOCTYPE> declaration.
4.2. Example Datagram
The following is an example UDPoXML datagram with an empty payload:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE udp PUBLIC "-//IETF//DTD BLOAT 1.0 UDP//EN" "bloat.dtd">
<udp>
<udp.header>
<src port="31415"/>
<dest port="42424"/>
<udp.length value="143"/>
<checksum value="2988"/>
</udp.header>
<payload>
</payload>
</udp>
5. Network Transport
This document provides for the transmission of BLOAT datagrams over
two common families of physical layer transport. Future RFCs will
address additional transports as routing vendors catch up to the
specification, and we begin to see BLOAT routed across the Internet
backbone.
5.1. Ethernet
BLOAT is encapsulated in Ethernet datagrams as in [RFC894] with the
exception that the type field of the Ethernet frame MUST contain the
value 0xBEEF. The first 5 octets of the Ethernet frame payload will
be 0x3c 3f 78 6d 6c ("<?xml".)
5.2. IEEE 802
BLOAT is encapsulated in IEEE 802 Networks as in [RFC1042] except
that the protocol type code for IPoXML is 0xBEEF.
Kennedy Informational [Page 6]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
6. Gatewaying over IP
In order to facilitate the gradual introduction of BLOAT into the
public Internet, BLOAT MAY be encapsulated in IP as in [RFC2003] to
gateway between networks that run BLOAT natively on their LANs.
7. DTDs
The Transport DTDs (7.2. and 7.3.) build on the definitions in the
Network DTD (7.1.)
The DTDs are referenced by their PubidLiteral and SystemLiteral (from
[XML]) although it is understood that most IPoXML implementations
will not need to pull down the DTD, as it will normally be embedded
in the implementation, and presents something of a catch-22 if you
need to load part of your network protocol over the network.
7.1. IPoXML DTD
<!--
DTD for IP over XML.
Refer to this DTD as:
<!DOCTYPE ip PUBLIC "-//IETF//DTD BLOAT 1.0 IP//EN" "bloat.dtd">
-->
<!--
DTD data types:
Digits [0..9]+
Precedence "NetworkControl | InternetworkControl |
CRITIC | FlashOverride | Flash | Immediate |
Priority | Routine"
IP4Addr "dotted-decimal" notation of [RFC1123]
Class [0..3]
Sec "Unclassified | Confidential | EFTO | MMMM | PROG |
Restricted | Secret | Top Secret | Reserved"
Compartments [0..65535]
Handling [0..65535]
TCC [0..16777216]
-->
Kennedy Informational [Page 7]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
<!ENTITY % Digits "CDATA">
<!ENTITY % Precedence "CDATA">
<!ENTITY % IP4Addr "CDATA">
<!ENTITY % Class "CDATA">
<!ENTITY % Sec "CDATA">
<!ENTITY % Compartments "CDATA">
<!ENTITY % Handling "CDATA">
<!ENTITY % TCC "CDATA">
<!ELEMENT ip (header, payload)>
<!ELEMENT header (version, tos, total.length, id, flags, offset, ttl,
protocol, checksum, source, destination, options,
padding)>
<!-- length of header in 32-bit words -->
<!ATTLIST header
length %Digits; #REQUIRED>
<!ELEMENT version EMPTY>
<!-- ip version. SHOULD be "4" -->
<!ATTLIST version
value %Digits; #REQUIRED>
<!ELEMENT tos EMPTY>
<!ATTLIST tos
precedence %Precedence; #REQUIRED
delay (normal | low) #REQUIRED
throughput (normal | high) #REQUIRED
relibility (normal | high) #REQUIRED
reserved CDATA #FIXED "0">
<!ELEMENT total.length EMPTY>
<!--
total length of datagram (header and payload) in octets, MUST be
less than 65,535 (and SHOULD be less than 1024 for IPoXML on local
ethernets).
-->
<!ATTLIST total.length
value %Digits; #REQUIRED>
<!ELEMENT id EMPTY>
<!-- 0 <= id <= 65,535 -->
<!ATTLIST id
value %Digits; #REQUIRED>
<!ELEMENT flags EMPTY>
<!-- df = don't fragment, mf = more fragments -->
<!ATTLIST flags
Kennedy Informational [Page 8]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
reserved CDATA #FIXED "0"
df (may|dont) #REQUIRED
mf (last|more) #REQUIRED>
<!ELEMENT offset EMPTY>
<!-- 0 <= offset <= 8192 measured in 8 octet (64-bit) chunks -->
<!ATTLIST offset
value %Digits; #REQUIRED>
<!ELEMENT ttl EMPTY>
<!-- 0 <= ttl <= 255 -->
<!ATTLIST ttl
value %Digits; #REQUIRED>
<!ELEMENT protocol EMPTY>
<!-- 0 <= protocol <= 255 (per IANA) -->
<!ATTLIST protocol
value %Digits; #REQUIRED>
<!ELEMENT checksum EMPTY>
<!-- 0 <= checksum <= 65535 (over header only) -->
<!ATTLIST checksum
value %Digits; #REQUIRED>
<!ELEMENT source EMPTY>
<!ATTLIST source
address %IP4Addr; #REQUIRED>
<!ELEMENT destination EMPTY>
<!ATTLIST destination
address %IP4Addr; #REQUIRED>
<!ELEMENT options ( end | noop | security | loose | strict | record
| stream | timestamp )*>
<!ELEMENT end EMPTY>
<!ATTLIST end
copied (0|1) #REQUIRED
class CDATA #FIXED "0"
number CDATA #FIXED "0">
<!ELEMENT noop EMPTY>
<!ATTLIST noop
copied (0|1) #REQUIRED
class CDATA #FIXED "0"
number CDATA #FIXED "1">
<!ELEMENT security EMPTY>
Kennedy Informational [Page 9]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
<!ATTLIST security
copied CDATA #FIXED "1"
class CDATA #FIXED "0"
number CDATA #FIXED "2"
length CDATA #FIXED "11"
security %Sec; #REQUIRED
compartments %Compartments; #REQUIRED
handling %Handling; #REQUIRED
tcc %TCC; #REQUIRED>
<!ELEMENT loose (hop)+>
<!ATTLIST loose
copied CDATA #FIXED "1"
class CDATA #FIXED "0"
number CDATA #FIXED "3"
length %Digits; #REQUIRED
pointer %Digits; #REQUIRED>
<!ELEMENT hop EMPTY>
<!ATTLIST hop
address %IP4Addr; #REQUIRED>
<!ELEMENT strict (hop)+>
<!ATTLIST strict
copied CDATA #FIXED "1"
class CDATA #FIXED "0"
number CDATA #FIXED "9"
length %Digits; #REQUIRED
pointer %Digits; #REQUIRED>
<!ELEMENT record (hop)+>
<!ATTLIST record
copied CDATA #FIXED "0"
class CDATA #FIXED "0"
number CDATA #FIXED "7"
length %Digits; #REQUIRED
pointer %Digits; #REQUIRED>
<!ELEMENT stream EMPTY>
<!-- 0 <= id <= 65,535 -->
<!ATTLIST stream
copied CDATA #FIXED "1"
class CDATA #FIXED "0"
number CDATA #FIXED "8"
length CDATA #FIXED "4"
id %Digits; #REQUIRED>
<!ELEMENT timestamp (tstamp)+>
<!-- 0 <= oflw <=15 -->
Kennedy Informational [Page 10]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
<!ATTLIST timestamp
copied CDATA #FIXED "0"
class CDATA #FIXED "2"
number CDATA #FIXED "4"
length %Digits; #REQUIRED
pointer %Digits; #REQUIRED
oflw %Digits; #REQUIRED
flag (0 | 1 | 3) #REQUIRED>
<!ELEMENT tstamp EMPTY>
<!ATTLIST tstamp
time %Digits; #REQUIRED
address %IP4Addr; #IMPLIED>
<!--
padding to bring header to 32-bit boundary.
pad MUST be "0"*
-->
<!ELEMENT padding EMPTY>
<!ATTLIST padding
pad CDATA #REQUIRED>
<!-- payload MUST be encoded as base-64 [RFC2045], as modified
by section 2.1 of this RFC -->
<!ELEMENT payload (CDATA)>
7.2. TCPoXML DTD
<!--
DTD for TCP over XML.
Refer to this DTD as:
<!DOCTYPE tcp PUBLIC "-//IETF//DTD BLOAT 1.0 TCP//EN" "bloat.dtd">
-->
<!-- the pseudoheader is only included for checksum calculations -->
<!ELEMENT tcp (tcp.pseudoheader?, tcp.header, payload)>
<!ELEMENT tcp.header (src, dest, sequence, acknowledgement, offset,
reserved, control, window, checksum, urgent,
tcp.options, padding)>
<!ELEMENT src EMPTY>
<!-- 0 <= port <= 65,535 -->
<!ATTLIST src
port %Digits; #REQUIRED>
<!ELEMENT dest EMPTY>
<!-- 0 <= port <= 65,535 -->
Kennedy Informational [Page 11]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
<!ATTLIST dest
port %Digits; #REQUIRED>
<!ELEMENT sequence EMPTY>
<!-- 0 <= number <= 4294967295 -->
<!ATTLIST sequence
number %Digits; #REQUIRED>
<!ELEMENT acknowledgement EMPTY>
<!-- 0 <= number <= 4294967295 -->
<!ATTLIST acknowledgement
number %Digits; #REQUIRED>
<!ELEMENT offset EMPTY>
<!-- 0 <= number <= 255 -->
<!ATTLIST offset
number %Digits; #REQUIRED>
<!ELEMENT reserved EMPTY>
<!ATTLIST reserved
value CDATA #FIXED "0">
<!ELEMENT control EMPTY>
<!ATTLIST control
urg (0|1) #IMPLIED
ack (0|1) #IMPLIED
psh (0|1) #IMPLIED
rst (0|1) #IMPLIED
syn (0|1) #IMPLIED
fin (0|1) #IMPLIED>
<!ELEMENT window EMPTY>
<!-- 0 <= size <= 65,535 -->
<!ATTLIST window
size %Digits; #REQUIRED>
<!--
checksum as in ip, but with
the following pseudo-header added into the tcp element:
-->
<!ELEMENT tcp.pseudoheader (source, destination, protocol,
tcp.length)>
<!--
tcp header + data length in octets. does not include the size of
the pseudoheader.
-->
Kennedy Informational [Page 12]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
<!ELEMENT tcp.length EMPTY>
<!ATTLIST tcp.length
value %Digits; #REQUIRED>
<!ELEMENT urgent EMPTY>
<!-- 0 <= pointer <= 65,535 -->
<!ATTLIST urgent
pointer %Digits; #REQUIRED>
<!ELEMENT tcp.options (tcp.end | tcp.noop | tcp.mss)+>
<!ELEMENT tcp.end EMPTY>
<!ATTLIST tcp.end
kind CDATA #FIXED "0">
<!ELEMENT tcp.noop EMPTY>
<!ATTLIST tcp.noop
kind CDATA #FIXED "1">
<!ELEMENT tcp.mss EMPTY>
<!ATTLIST tcp.mss
kind CDATA #FIXED "2"
length CDATA #FIXED "4"
size %Digits; #REQUIRED>
7.3. UDPoXML DTD
<!--
DTD for UDP over XML.
Refer to this DTD as:
<!DOCTYPE udp PUBLIC "-//IETF//DTD BLOAT 1.0 UDP//EN" "bloat.dtd">
-->
<!ELEMENT udp (udp.pseudoheader?, udp.header, payload)>
<!ELEMENT udp.header (src, dest, udp.length, checksum)>
<!ELEMENT udp.pseudoheader (source, destination, protocol,
udp.length)>
<!--
udp header + data length in octets. does not include the size of
the pseudoheader.
-->
<!ELEMENT udp.length EMPTY>
<!ATTLIST udp.length
value %Digits; #REQUIRED>
Kennedy Informational [Page 13]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
8. Security Considerations
XML, as a subset of SGML, has the same security considerations as
specified in SGML Media Types [RFC1874]. Security considerations
that apply to IP, TCP and UDP also likely apply to BLOAT as it does
not attempt to correct for issues not related to message format.
9. References
[JABBER] Miller, J., "Jabber", draft-miller-jabber-00.txt,
February 2002. (Work in Progress)
[RFC768] Postel, J., "User Datagram Protocol", STD 6, RFC 768,
August 1980.
[RFC791] Postel, J., "Internet Protocol", STD 5, RFC 791,
September 1981.
[RFC793] Postel, J., "Transmission Control Protocol", STD 7, RFC
793, September 1981.
[RFC894] Hornig, C., "Standard for the Transmission of IP
Datagrams over Ethernet Networks.", RFC 894, April 1984.
[RFC1042] Postel, J. and J. Reynolds, "Standard for the
Transmission of IP Datagrams Over IEEE 802 Networks", STD
43, RFC 1042, February 1988.
[RFC1123] Braden, R., "Requirements for Internet Hosts -
Application and Support", RFC 1123, October 1989.
[RFC1874] Levinson, E., "SGML Media Types", RFC 1874, December
1995.
[RFC2003] Perkins, C., "IP Encapsulation within IP", RFC 2003,
October 1996.
[RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
Extensions (MIME) Part One: Format of Internet Message
Bodies", RFC 2045, November 1996.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2279] Yergeau, F., "UTF-8, a transformation format of ISO
10646", RFC 2279, January 1998.
Kennedy Informational [Page 14]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, December 1998.
[RFC3080] Rose, M., "The Blocks Extensible Exchange Protocol Core",
RFC 3080, March 2001.
[SOAP] Box, D., Ehnebuske, D., Kakivaya, G., Layman, A.,
Mendelsohn, N., Nielsen, H. F., Thatte, S. Winer, D.,
"Simple Object Access Protocol (SOAP) 1.1" World Wide Web
Consortium Note, May 2000 http://www.w3.org/TR/SOAP/
[XML] Bray, T., Paoli, J., Sperberg-McQueen, C. M., "Extensible
Markup Language (XML)" World Wide Web Consortium
Recommendation REC- xml-19980210.
http://www.w3.org/TR/1998/REC-xml-19980210
10. Author's Address
Hugh Kennedy
Mimezine
1060 West Addison
Chicago, IL 60613
USA
EMail: kennedyh@engin.umich.edu
Kennedy Informational [Page 15]
RFC 3252 Binary Lexical Octet Ad-hoc Transport 1 April 2002
11. Full Copyright Statement
Copyright (C) The Internet Society (2002). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Acknowledgement
Funding for the RFC Editor function is currently provided by the
Internet Society.
Kennedy Informational [Page 16]

0
tests/testserver/apache2/testdata/www/htdocs/qxmlquery/completelyEmptyQuery.xq vendored Normal file
View File

1
tests/testserver/apache2/testdata/www/htdocs/qxmlquery/notWellformed.xml vendored Normal file
View File

@ -0,0 +1 @@
<e/

1
tests/testserver/apache2/testdata/www/htdocs/qxmlquery/notWellformedViaHttps.xml vendored Normal file
View File

@ -0,0 +1 @@
<e/

1
tests/testserver/apache2/testdata/www/htdocs/qxmlquery/viaHttp.xq vendored Normal file
View File

@ -0,0 +1 @@
concat("This was ", "received via HTTP.")

2
tests/testserver/apache2/testdata/www/htdocs/qxmlquery/wellFormed.xml vendored Normal file
View File

@ -0,0 +1,2 @@
<!-- a comment -->
<e from="http">Some Text</e>

2
tests/testserver/apache2/testdata/www/htdocs/qxmlquery/wellFormedViaHttps.xml vendored Normal file
View File

@ -0,0 +1,2 @@
<!-- a comment -->
<e from="https">Some Text</e>

1
tests/testserver/apache2/testdata/www/htdocs/rfcs-auth/index.html vendored Normal file
View File

@ -0,0 +1 @@
you found the secret

8380
tests/testserver/apache2/testdata/www/htdocs/rfcs/rfc2616.html vendored Normal file
View File

File diff suppressed because it is too large Load Diff

13
tests/testserver/common/ssl.sh Normal file
View File

@ -0,0 +1,13 @@
#!/usr/bin/env bash
# Copyright (C) 2018 The Qt Company Ltd.
# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
set -ex
# package ssl
# install ssl_certs and test data
su $USER -c "mkdir -p -m 700 ~/ssl-certs/private"
su $USER -c \
"cp $CONFIG/ssl/${test_cert:-qt-test-server-cert.pem} ~/ssl-certs/qt-test-server-cert.pem"
su $USER -c "cp $CONFIG/ssl/private/qt-test-server-key.pem ~/ssl-certs/private/"

19
tests/testserver/common/startup.sh Normal file
View File

@ -0,0 +1,19 @@
#!/usr/bin/env bash
# Copyright (C) 2018 The Qt Company Ltd.
# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
set -ex
# export variables
export USER=qt-test-server
export PASS=password
export CONFIG=service/testdata
export TESTDATA=service/testdata
# add users
useradd -m -s /bin/bash $USER; echo "$USER:$PASS" | chpasswd
# install configurations and test data
su $USER -c "cp $CONFIG/system/passwords ~/"
./startup.sh "$@"

15
tests/testserver/common/testdata/ssl/private/qt-test-server-key.pem vendored Normal file
View File

@ -0,0 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDNqttv1jTJp/HAvuRBGBniAski5qfVugMunih69F8ad193qRE7
j37wLsae6zrZEtfBDFHoJFI/I8NCDBHG8hyhQv60wmmDrfdwsRgVzCAoYjDwLBXm
Mxmvw+scwJH3EWiUUPhJNwgy1z5136O8aQAV3s2HD1wCa4LIAX1q8B3ccwIDAQAB
AoGAGiDou+6UykHB3uDhkruDHkmIUBzJmceF+/gv4F8Hbg9YW5VpEQ4L7Guk5C+y
TD2ul2H/TeS/ZjIe7lcmMwYzSLcyeKfaiaV1EhPGjIdvB4ysTN79pfWXQtlpt/Z9
I/EOoW9XosJ/EOFdpgV0MC9QMTQKMyS0qQLwhBsoAW4DcEECQQDmrWEPNprbEDIH
Sm+KlMH6rdybIvzR3IPlYE6kMjQIWbUmGNxSUT7B/UDh2QeaTT54Rb1Ygnq7gVjC
RHU3wnGxAkEA5D6jI/E/xtQSq0KKVpbOxN1dIo0MVPbO/hI7/pO2DdZIM0O4GL55
ks83O5ZDTfrVy2Ys/9lqbbq+5FSs+NZ1YwJBANzAXRsO+YDcbdP2Uun+0+fOjEhW
YjV/XyWaVYfil1LKboXn0qhgIbvJXVcEt7bdZwP4UWwracKY1NUMaFSVGvECQQC/
L3iX8szpT1sT+XjHbytj28jX2C4sPVDFoaB/bltg280+o8rhbyuGvewWDZfzCdlr
tvqalROBNpwPxp3dEkbhAkEAl7N7/7hWbw7Xv69ww7i0jcPduukbtbEY1DTmARhR
rOF5AiztOAe+R94iLzkj63ZU0LcoSAixehp2tdkdtTI4CQ==
-----END RSA PRIVATE KEY-----

16
tests/testserver/common/testdata/ssl/qt-test-server-cert.pem vendored Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE-----
MIIClTCCAf4CCQC2xMhNhwvATDANBgkqhkiG9w0BAQQFADCBjjELMAkGA1UEChMC
UXQxGTAXBgNVBAsTEENvcmUgQW5kIE5ldHdvcmsxGzAZBgkqhkiG9w0BCQEWDG5v
Ym9keS5xdC5pbzENMAsGA1UEBxMET3NsbzENMAsGA1UECBMET3NsbzELMAkGA1UE
BhMCTk8xHDAaBgNVBAMUEyoudGVzdC1uZXQucXQubG9jYWwwHhcNMTgwNzAxMTgz
NjI3WhcNNDgwNjIzMTgzNjI3WjCBjjELMAkGA1UEChMCUXQxGTAXBgNVBAsTEENv
cmUgQW5kIE5ldHdvcmsxGzAZBgkqhkiG9w0BCQEWDG5vYm9keS5xdC5pbzENMAsG
A1UEBxMET3NsbzENMAsGA1UECBMET3NsbzELMAkGA1UEBhMCTk8xHDAaBgNVBAMU
EyoudGVzdC1uZXQucXQubG9jYWwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
AM2q22/WNMmn8cC+5EEYGeICySLmp9W6Ay6eKHr0Xxp3X3epETuPfvAuxp7rOtkS
18EMUegkUj8jw0IMEcbyHKFC/rTCaYOt93CxGBXMIChiMPAsFeYzGa/D6xzAkfcR
aJRQ+Ek3CDLXPnXfo7xpABXezYcPXAJrgsgBfWrwHdxzAgMBAAEwDQYJKoZIhvcN
AQEEBQADgYEAZu/lQPy8PXeyyYGamOVms/FZKJ48BH1y8KC3BeBU5FYnhvgG7pz8
Wz9JKvt2t/r45wQeAkNL6HnGUBhPJsHMjPHl5KktqN+db3D+FQygBeS2V1+zmC0X
UZNRE4aWiHvt1Lq+pTx89SOMOpfqWfh4qTQKiE5jC2V4DeCNQ3u7uI8=
-----END CERTIFICATE-----

16
tests/testserver/common/testdata/ssl/qt-test-server-host-network-cacert.pem vendored Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE-----
MIIClzCCAgACCQDeuuUc2HkfKDANBgkqhkiG9w0BAQQFADCBjzELMAkGA1UEChMC
UXQxGTAXBgNVBAsTEENvcmUgQW5kIE5ldHdvcmsxGzAZBgkqhkiG9w0BCQEWDG5v
Ym9keS5xdC5pbzENMAsGA1UEBxMET3NsbzENMAsGA1UECBMET3NsbzELMAkGA1UE
BhMCTk8xHTAbBgNVBAMTFHF0LXRlc3Qtc2VydmVyLmxvY2FsMB4XDTE5MDEyNTE1
NDE0N1oXDTQ5MDExNzE1NDE0N1owgY8xCzAJBgNVBAoTAlF0MRkwFwYDVQQLExBD
b3JlIEFuZCBOZXR3b3JrMRswGQYJKoZIhvcNAQkBFgxub2JvZHkucXQuaW8xDTAL
BgNVBAcTBE9zbG8xDTALBgNVBAgTBE9zbG8xCzAJBgNVBAYTAk5PMR0wGwYDVQQD
ExRxdC10ZXN0LXNlcnZlci5sb2NhbDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
gYEAzarbb9Y0yafxwL7kQRgZ4gLJIuan1boDLp4oevRfGndfd6kRO49+8C7Gnus6
2RLXwQxR6CRSPyPDQgwRxvIcoUL+tMJpg633cLEYFcwgKGIw8CwV5jMZr8PrHMCR
9xFolFD4STcIMtc+dd+jvGkAFd7Nhw9cAmuCyAF9avAd3HMCAwEAATANBgkqhkiG
9w0BAQQFAAOBgQB1dxK3Ia4sCpvSikKLaf1ZXu+9GKaNWKJe9bWex9/RmNOla9N2
FIh6/CfaPFDy/OXCkyEiGg78iyg/DgqVoa9JJGV3diI6berisHMPJpv1syyz9YEU
G3RQUClPcPV6EcedyqCdpbnIFtiSZbtJ0ZBGef4KzBN3rTmPucKb+bhMPg==
-----END CERTIFICATE-----

12
tests/testserver/common/testdata/system/passwords vendored Normal file
View File

@ -0,0 +1,12 @@
# user: foo; passwd: bar
foo:bab.5ZXQdbvEo
# user: qsockstest; passwd: qsockstest
#qsockstest:S7oOqMpoG6aTk
# user: qsockstest; passwd: password
qsockstest:Cd3Lv2aD0aiBs
#user httptest password httptest
httptest:v2fwkDMgrRjRA
# added by mgoetz for tst_qnetworkreply ioPostToHttpFromSocket

13
tests/testserver/cyrus/cyrus.sh Normal file
View File

@ -0,0 +1,13 @@
#!/usr/bin/env bash
# Copyright (C) 2019 The Qt Company Ltd.
# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
set -ex
echo "tls_cert_file: /home/qt-test-server/ssl-certs/qt-test-server-cert.pem" >> /etc/imapd.conf
echo "tls_key_file: /home/qt-test-server/ssl-certs/private/qt-test-server-key.pem" >> /etc/imapd.conf
chmod +3 /home/qt-test-server/ssl-certs/private/
mkdir -m 007 -p /run/cyrus/proc
sed -i 's/#imaps\t\tcmd="imapd/imaps\t\tcmd="imapd/' /etc/cyrus.conf
service cyrus-imapd restart

36
tests/testserver/danted/danted.sh Normal file
View File

@ -0,0 +1,36 @@
#!/usr/bin/env bash
# Copyright (C) 2018 The Qt Company Ltd.
# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
set -ex
# package dante-server
# add users
useradd -d /dev/null -s /bin/false qsockstest; echo "qsockstest:$PASS" | chpasswd
# install configurations and test data
cp $TESTDATA/danted{,-authenticating}.conf /etc/
# Use the input environment variables to overwrite the default value of internal interfaces.
if [ "$danted_internal" -a "$danted_internal" != eth0 ]
then sed -i "s,internal: eth0 port = 1080,internal: $danted_internal port = 1080," /etc/danted.conf
fi
if [ "$danted_auth_internal" -a "$danted_auth_internal" != eth0 ]
then sed -i "s,internal: eth0 port = 1081,internal: $danted_auth_internal port = 1081," \
/etc/danted-authenticating.conf
fi
# Use the input environment variables to overwrite the default value of external interfaces.
if [ "$danted_external" -a "$danted_external" != eth0 ]
then sed -i "s,external: eth0,external: $danted_external," /etc/danted.conf
fi
if [ "$danted_auth_external" -a "$danted_auth_external" != eth0 ]
then sed -i "s,external: eth0,external: $danted_auth_external," /etc/danted-authenticating.conf
fi
# enable service with installed configurations
service danted start
service danted-authenticating start

19
tests/testserver/danted/testdata/danted-authenticating.conf vendored Normal file
View File

@ -0,0 +1,19 @@
# A sample danted-authenticating.conf
# See: https://www.inet.no/dante/doc/1.4.x/config/
logoutput: /var/log/sockd-authenticating.log
internal: eth0 port = 1081
external: eth0
method: username
user.privileged: root
user.notprivileged: nobody
user.libwrap: nobody
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}
pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}

19
tests/testserver/danted/testdata/danted.conf vendored Normal file
View File

@ -0,0 +1,19 @@
# A sample danted.conf
# See: https://www.inet.no/dante/doc/1.4.x/config/
logoutput: /var/log/sockd.log
internal: eth0 port = 1080
external: eth0
method: username none
user.privileged: proxy
user.notprivileged: nobody
user.libwrap: nobody
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}
pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error connect disconnect
}

166
tests/testserver/docker-compose-bridge-network.yml Normal file
View File

@ -0,0 +1,166 @@
version: '2.1'
# The tag of images is used by docker compose file to launch the correct
# docker containers. By default we always launch the "latest" tag.
#
# But in the "docker build" phase, we also tag the images with a unique tag,
# the SHA1 hash of all files used for "docker build" - see sha1tree() in
# provisioning.
#
# So if you want to update the docker image at a specific time, make sure that
# 1. you modify this file to run the specific image's SHA1 tag, instead of
# "latest"
# 2. you build two docker images in provisioning, the currently used one,
# plus the new one that you tag as "latest"
# 3. you switch this file to the "latest" tag when ready
# You can run `docker images` to list all the tags of available images:
# For example:
# REPOSITORY TAG
# qt-test-server-apache2 537fe302f61851d1663f41495230d8e3554a4a13
services:
apache2:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-apache2
hostname: ${HOST_NAME:-apache2}
build:
context: .
args:
provisioningImage: qt-test-server-apache2:latest
shareDir: ./common
serviceDir: ./apache2
entrypoint: service/startup.sh
command: [service/ssl.sh, service/apache2.sh]
squid:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-squid
hostname: ${HOST_NAME:-squid}
depends_on:
- apache2
external_links:
- apache2:apache2.${TEST_DOMAIN}
- cyrus:cyrus.${TEST_DOMAIN}
- iptables:iptables.${TEST_DOMAIN}
- vsftpd:vsftpd.${TEST_DOMAIN}
- echo:echo.${TEST_DOMAIN}
build:
context: .
args:
provisioningImage: qt-test-server-squid:latest
shareDir: ./common
serviceDir: ./squid
entrypoint: service/startup.sh
command: service/squid.sh
vsftpd:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-vsftpd
hostname: ${HOST_NAME:-vsftpd}
build:
context: .
args:
provisioningImage: qt-test-server-vsftpd:latest
shareDir: ./common
serviceDir: ./vsftpd
entrypoint: service/startup.sh
command: service/vsftpd.sh
ftp-proxy:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-ftp-proxy
hostname: ${HOST_NAME:-ftp-proxy}
depends_on:
- vsftpd
external_links:
- vsftpd:vsftpd.${TEST_DOMAIN}
build:
context: .
args:
provisioningImage: qt-test-server-ftp-proxy:latest
shareDir: ./common
serviceDir: ./ftp-proxy
entrypoint: service/startup.sh
command: service/ftp-proxy.sh
danted:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-danted
hostname: ${HOST_NAME:-danted}
depends_on:
- apache2
- vsftpd
- ftp-proxy
external_links:
- apache2:apache2.${TEST_DOMAIN}
- vsftpd:vsftpd.${TEST_DOMAIN}
- ftp-proxy:ftp-proxy.${TEST_DOMAIN}
- cyrus:cyrus.${TEST_DOMAIN}
- echo:echo.${TEST_DOMAIN}
build:
context: .
args:
provisioningImage: qt-test-server-danted:latest
shareDir: ./common
serviceDir: ./danted
entrypoint: service/startup.sh
command: service/danted.sh
cyrus:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-cyrus
hostname: ${HOST_NAME:-cyrus}
build:
context: .
args:
provisioningImage: qt-test-server-cyrus:latest
shareDir: ./common
serviceDir: ./cyrus
entrypoint: service/startup.sh
command: [service/ssl.sh, service/cyrus.sh]
iptables:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-iptables
hostname: ${HOST_NAME:-iptables}
build:
context: .
args:
provisioningImage: qt-test-server-iptables:latest
shareDir: ./common
serviceDir: ./iptables
entrypoint: service/startup.sh
command: service/iptables.sh
cap_add:
- NET_ADMIN
- NET_RAW
echo:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-echo
hostname: ${HOST_NAME:-echo}
build:
context: .
args:
provisioningImage: qt-test-server-echo:latest
shareDir: ./common
serviceDir: ./echo
entrypoint: service/startup.sh
command: service/echo.sh

95
tests/testserver/docker-compose-host-network.yml Normal file
View File

@ -0,0 +1,95 @@
version: '2.1'
# For details about the "latest" tag used in the images here, see comments in
# docker-compose-bridge-network.yml
services:
apache2:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-apache2
hostname: ${HOST_NAME:-apache2}
build:
context: .
args:
provisioningImage: qt-test-server-apache2:latest
shareDir: ./common
serviceDir: ./apache2
entrypoint: service/startup.sh
command: [service/ssl.sh, service/apache2.sh]
environment:
- test_cert="qt-test-server-host-network-cacert.pem"
squid:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-squid
hostname: ${HOST_NAME:-squid}
depends_on:
- apache2
build:
context: .
args:
provisioningImage: qt-test-server-squid:latest
shareDir: ./common
serviceDir: ./squid
entrypoint: service/startup.sh
command: service/squid.sh
vsftpd:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-vsftpd
hostname: ${HOST_NAME:-vsftpd}
build:
context: .
args:
provisioningImage: qt-test-server-vsftpd:latest
shareDir: ./common
serviceDir: ./vsftpd
entrypoint: service/startup.sh
command: service/vsftpd.sh
ftp-proxy:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-ftp-proxy
hostname: ${HOST_NAME:-ftp-proxy}
depends_on:
- vsftpd
build:
context: .
args:
provisioningImage: qt-test-server-ftp-proxy:latest
shareDir: ./common
serviceDir: ./ftp-proxy
entrypoint: service/startup.sh
command: service/ftp-proxy.sh
danted:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-danted
hostname: ${HOST_NAME:-danted}
depends_on:
- apache2
- vsftpd
- ftp-proxy
build:
context: .
args:
provisioningImage: qt-test-server-danted:latest
shareDir: ./common
serviceDir: ./danted
entrypoint: service/startup.sh
command: service/danted.sh
environment:
- danted_internal=${MACHINE_IP}
- danted_external=${MACHINE_IP}
- danted_auth_internal=${MACHINE_IP}
- danted_auth_external=${MACHINE_IP}

200
tests/testserver/docker-compose-qemu-bridge-network.yml Normal file
View File

@ -0,0 +1,200 @@
version: '2.1'
# The tag of images is used by docker compose file to launch the correct
# docker containers. By default we always launch the "latest" tag.
#
# But in the "docker build" phase, we also tag the images with a unique tag,
# the SHA1 hash of all files used for "docker build" - see sha1tree() in
# provisioning.
#
# So if you want to update the docker image at a specific time, make sure that
# 1. you modify this file to run the specific image's SHA1 tag, instead of
# "latest"
# 2. you build two docker images in provisioning, the currently used one,
# plus the new one that you tag as "latest"
# 3. you switch this file to the "latest" tag when ready
# You can run `docker images` to list all the tags of available images:
# For example:
# REPOSITORY TAG
# qt-test-server-apache2 537fe302f61851d1663f41495230d8e3554a4a13
#
# Configuration in this file is used solely to configure Docker properly
# when running test on QNX qemu as that requires explicitly exposing
# ports so that qemu and services in docker container can actually
# communicate.
#
# !!! KEEP THIS FILE IN SYNC WITH GENERAL DOCKER CONFIGURATION FILE!!!
# -> docker-compose-bridge-network.yml
#
services:
apache2:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-apache2
hostname: ${HOST_NAME:-apache2}
ports:
- "172.31.1.1:80:80"
- "172.31.1.1:443:443"
build:
context: .
args:
provisioningImage: qt-test-server-apache2:latest
shareDir: ./common
serviceDir: ./apache2
entrypoint: service/startup.sh
command: [service/ssl.sh, service/apache2.sh]
squid:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-squid
hostname: ${HOST_NAME:-squid}
ports:
- "172.31.1.1:3128:3128"
- "172.31.1.1:3129:3129"
- "172.31.1.1:3130:3130"
depends_on:
- apache2
external_links:
- apache2:apache2.${TEST_DOMAIN}
- cyrus:cyrus.${TEST_DOMAIN}
- iptables:iptables.${TEST_DOMAIN}
- vsftpd:vsftpd.${TEST_DOMAIN}
- echo:echo.${TEST_DOMAIN}
build:
context: .
args:
provisioningImage: qt-test-server-squid:latest
shareDir: ./common
serviceDir: ./squid
entrypoint: service/startup.sh
command: service/squid.sh
vsftpd:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-vsftpd
hostname: ${HOST_NAME:-vsftpd}
ports:
- "172.31.1.1:20:20"
- "172.31.1.1:21:21"
build:
context: .
args:
provisioningImage: qt-test-server-vsftpd:latest
shareDir: ./common
serviceDir: ./vsftpd
entrypoint: service/startup.sh
command: service/vsftpd.sh
ftp-proxy:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-ftp-proxy
hostname: ${HOST_NAME:-ftp-proxy}
ports:
- "172.31.1.1:2121:2121"
depends_on:
- vsftpd
external_links:
- vsftpd:vsftpd.${TEST_DOMAIN}
build:
context: .
args:
provisioningImage: qt-test-server-ftp-proxy:latest
shareDir: ./common
serviceDir: ./ftp-proxy
entrypoint: service/startup.sh
command: service/ftp-proxy.sh
danted:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-danted
hostname: ${HOST_NAME:-danted}
ports:
- "172.31.1.1:1080:1080"
- "172.31.1.1:1081:1081"
depends_on:
- apache2
- vsftpd
- ftp-proxy
external_links:
- apache2:apache2.${TEST_DOMAIN}
- vsftpd:vsftpd.${TEST_DOMAIN}
- ftp-proxy:ftp-proxy.${TEST_DOMAIN}
- cyrus:cyrus.${TEST_DOMAIN}
- echo:echo.${TEST_DOMAIN}
build:
context: .
args:
provisioningImage: qt-test-server-danted:latest
shareDir: ./common
serviceDir: ./danted
entrypoint: service/startup.sh
command: service/danted.sh
cyrus:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-cyrus
hostname: ${HOST_NAME:-cyrus}
ports:
- "172.31.1.1:143:143"
- "172.31.1.1:993:993"
build:
context: .
args:
provisioningImage: qt-test-server-cyrus:latest
shareDir: ./common
serviceDir: ./cyrus
entrypoint: service/startup.sh
command: [service/ssl.sh, service/cyrus.sh]
iptables:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-iptables
hostname: ${HOST_NAME:-iptables}
ports:
- "172.31.1.1:1357:1357"
build:
context: .
args:
provisioningImage: qt-test-server-iptables:latest
shareDir: ./common
serviceDir: ./iptables
entrypoint: service/startup.sh
command: service/iptables.sh
cap_add:
- NET_ADMIN
- NET_RAW
echo:
extends:
file: ${SHARED_DATA}/docker-compose-common.yml
service: ${SHARED_SERVICE}
container_name: qt-test-server-echo
hostname: ${HOST_NAME:-echo}
ports:
- "172.31.1.1:13:13"
- "172.31.1.1:7:7"
- "172.31.1.1:7:7/udp"
build:
context: .
args:
provisioningImage: qt-test-server-echo:latest
shareDir: ./common
serviceDir: ./echo
entrypoint: service/startup.sh
command: service/echo.sh

7
tests/testserver/echo/echo.sh Normal file
View File

@ -0,0 +1,7 @@
#!/usr/bin/env bash
# Disabled by default, enable it.
sed -i 's/disable\t\t= yes/disable = no/' /etc/xinetd.d/echo
sed -i 's/disable\t\t= yes/disable = no/' /etc/xinetd.d/daytime
service xinetd restart

15
tests/testserver/ftp-proxy/ftp-proxy.sh Normal file
View File

@ -0,0 +1,15 @@
#!/usr/bin/env bash
# Copyright (C) 2018 The Qt Company Ltd.
# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
set -ex
# package ftp-proxy
# install configurations and test data
sed -i -e 's/# AllowMagicUser\tno/AllowMagicUser\tyes/' \
-e 's/# ForkLimit\t\t40/ForkLimit\t\t2000/' \
/etc/proxy-suite/ftp-proxy.conf
# enable service with installed configurations
ftp-proxy -d

7
tests/testserver/iptables/iptables.sh Normal file
View File

@ -0,0 +1,7 @@
#!/usr/bin/env bash
# Copyright (C) 2019 The Qt Company Ltd.
# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
set -ex
iptables -A INPUT -p tcp --destination-port 1357 -j DROP

19
tests/testserver/squid/squid.sh Normal file
View File

@ -0,0 +1,19 @@
#!/usr/bin/env bash
# Copyright (C) 2018 The Qt Company Ltd.
# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
set -ex
# package squid
# install configurations and test data
cp $TESTDATA/squid{,-authenticating-ntlm}.conf /etc/squid/
sed -e 's,NAME=squid,NAME=squid-authenticating-ntlm,' \
-e 's,CONFIG=/etc/squid/squid.conf,CONFIG=/etc/squid/squid-authenticating-ntlm.conf,' \
-e 's,SQUID_ARGS="-YC -f $CONFIG",SQUID_ARGS="-D -YC -f $CONFIG",' \
/etc/init.d/squid >/etc/init.d/squid-authenticating-ntlm
chmod +x /etc/init.d/squid-authenticating-ntlm
# enable service with installed configurations
service squid start
service squid-authenticating-ntlm start

41
tests/testserver/squid/testdata/squid-authenticating-ntlm.conf vendored Normal file
View File

@ -0,0 +1,41 @@
pid_filename /var/run/squid-authenticating-ntlm.pid
access_log /var/log/squid/access-authenticating-ntlm.log
cache_log /var/log/squid/cache-authenticating-ntlm.log
cache_store_log /var/log/squid/store-authenticating-ntlm.log
http_port 3130
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl port3130 myport 3130
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow localhost
# port 3130: ntlm auth
auth_param ntlm program /usr/lib/squid/ntlm_smb_lm_auth --debuglevel=5 --logfile=/var/log/ntlm --log-basename=/var/log/ntlm --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 2
acl ntlm_users proxy_auth REQUIRED
http_access allow port3130 ntlm_users
http_reply_access allow port3130 ntlm_users
icp_access allow all
coredump_dir /var/cache/squid

46
tests/testserver/squid/testdata/squid.conf vendored Normal file
View File

@ -0,0 +1,46 @@
http_port 3128
http_port 3129
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl port3128 myport 3128
acl port3129 myport 3129
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow localhost
# port 3128: no auth required
http_access allow port3128
http_reply_access allow port3128
# port 3129: basic auth
auth_param basic program /usr/lib/squid/basic_ncsa_auth /home/qt-test-server/passwords
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
acl ncsa_users proxy_auth REQUIRED
http_access allow port3129 ncsa_users
http_reply_access allow port3129 ncsa_users
icp_access allow all
coredump_dir /var/cache/squid

1
tests/testserver/vsftpd/testdata/ftp/pub/file-not-readable.txt vendored Normal file
View File

@ -0,0 +1 @@
If you can read this, you are too close.

1
tests/testserver/vsftpd/testdata/ftp/pub/qxmlquery/README vendored Normal file
View File

@ -0,0 +1 @@
This directory contains data for the auto test for QXmlQuery, found in the Qt module QtXmlPatterns.

0
tests/testserver/vsftpd/testdata/ftp/pub/qxmlquery/completelyEmptyQuery.xq vendored Normal file
View File

1
tests/testserver/vsftpd/testdata/ftp/pub/qxmlquery/notWellFormed.xml vendored Normal file
View File

@ -0,0 +1 @@
<ftp/

1
tests/testserver/vsftpd/testdata/ftp/pub/qxmlquery/viaFtp.xq vendored Normal file
View File

@ -0,0 +1 @@
concat("This was ", "received via FTP")

2
tests/testserver/vsftpd/testdata/ftp/pub/qxmlquery/wellFormed.xml vendored Normal file
View File

@ -0,0 +1,2 @@
<!-- a comment -->
<e from="ftp">Some Text</e>

116
tests/testserver/vsftpd/testdata/vsftpd.conf vendored Normal file
View File

@ -0,0 +1,116 @@
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=YES
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
anon_upload_enable=YES
anon_umask=022
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_world_readable_only=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=ftp
#chown_groupname=ftp
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognize asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
ascii_upload_enable=YES
ascii_download_enable=YES
#
# You may fully customize the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd/chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
ls_recurse_enable=YES
pam_service_name=vsftpd
userlist_enable=YES
#enable for standalone mode
listen=YES
tcp_wrappers=YES
# An internal setting used for testing the relative benefit of using the
# sendfile() system call on your platform.
use_sendfile=NO
# Enabling SFTP
#ssl_enable=YES
#allow_anon_ssl=YES
#force_local_data_ssl=NO
#force_local_logins_ssl=NO
#ssl_tlsv1=YES
#ssl_sslv2=NO
#ssl_sslv3=NO
#rsa_cert_file=/etc/vsftpd/vsftpd.pem

20
tests/testserver/vsftpd/testdata/vsftpd.user_list vendored Normal file
View File

@ -0,0 +1,20 @@
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd.ftpusers
# for users that are denied.
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody

44
tests/testserver/vsftpd/vsftpd.sh Normal file
View File

@ -0,0 +1,44 @@
#!/usr/bin/env bash
# Copyright (C) 2018 The Qt Company Ltd.
# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
set -ex
# package vsftpd
# add users
usermod -d "/home/$USER/ftp/" ftp #existing user
useradd -d "/home/$USER/ftp" -s /bin/bash ftptest; echo "ftptest:$PASS" | chpasswd
# install configurations and test data
cp $TESTDATA/vsftpd.{conf,user_list} /etc/
# Resolve error message "vsftpd failed - probably invalid config" during boot
# This bug has been reported to Debian bug tracking system (ID #911396)
command='ps -C vsftpd | grep -qs "${_PID}"'
sed -i -e 's,while [ ${n} -le 5 ].*$,while true,' \
-e "s,\t\t\tif ! $command.*$,\t\t\tif $command," /etc/init.d/vsftpd
# Populate the FTP sites:
su $USER -c "cp -r $TESTDATA/ftp ~/ftp"
ln -s /home/$USER/ftp /var/ftp
# tst_QNetworkReply::getFromFtp_data()
su $USER -c "mkdir -p ~/ftp/qtest/"
su $USER -c "cp rfc3252.txt ~/ftp/qtest/"; rm rfc3252.txt
# tst_QNetworkReply::proxy_data()
su $USER -c "ln ~/ftp/qtest/rfc3252.txt ~/ftp/qtest/rfc3252"
su $USER -c "mkdir -p ~/ftp/qtest/nonASCII/"
# Duplicate rfc3252.txt 20 times for bigfile tests:
su $USER -c "seq 20 | xargs -i cat ~/ftp/qtest/rfc3252.txt >> ~/ftp/qtest/bigfile"
# tst_QNetworkReply::getErrors_data(), testdata with special permissions
su $USER -c "chmod 0600 ~/ftp/pub/file-not-readable.txt"
# Shared FTP folder (sticky bit)
su $USER -c "mkdir -p -m 1777 ~/ftp/qtest/upload" # FTP incoming dir
# enable service with installed configurations
service vsftpd restart