+
+// FIXME: Apparently, this is the legacy way of initting storage backends?
+// If there's a not-legacy way, it should be used here
+bool Core::initAuthenticator(const QString &backend, const QVariantMap &settings, bool setup)
+{
+ _authenticator = 0;
+
+ if (backend.isEmpty()) {
+ return false;
+ }
+
+ Authenticator *authenticator = 0;
+ if (_authenticators.contains(backend)) {
+ authenticator = _authenticators[backend];
+ }
+ else {
+ qCritical() << "Selected auth backend is not available:" << backend;
+ return false;
+ }
+
+ Authenticator::State authState = authenticator->init(settings);
+ switch (authState) {
+ case Authenticator::NeedsSetup:
+ if (!setup)
+ return false; // trigger setup process
+ if (authenticator->setup(settings))
+ return initAuthenticator(backend, settings, false);
+ // if initialization wasn't successful, we quit to keep from coming up unconfigured
+ case Authenticator::NotAvailable:
+ qCritical() << "FATAL: Selected auth backend is not available:" << backend;
+ exit(EXIT_FAILURE);
+ case Authenticator::IsReady:
+ // delete all other backends
+ _authenticators.remove(backend);
+ unregisterAuthenticators();
+ }
+ _authenticator = authenticator;
+ return true;
+}
+
+void Core::syncStorage()
+{
+ if (_storage)
+ _storage->sync();
+}
+
+
+/*** Storage Access ***/
+bool Core::createNetwork(UserId user, NetworkInfo &info)
+{
+ NetworkId networkId = instance()->_storage->createNetwork(user, info);
+ if (!networkId.isValid())
+ return false;
+
+ info.networkId = networkId;
+ return true;
+}
+
+
+/*** Network Management ***/
+
+bool Core::sslSupported()
+{
+#ifdef HAVE_SSL
+ SslServer *sslServer = qobject_cast<SslServer *>(&instance()->_server);
+ return sslServer && sslServer->isCertValid();
+#else
+ return false;
+#endif
+}
+
+
+bool Core::reloadCerts()
+{
+#ifdef HAVE_SSL
+ SslServer *sslServerv4 = qobject_cast<SslServer *>(&instance()->_server);
+ bool retv4 = sslServerv4->reloadCerts();
+
+ SslServer *sslServerv6 = qobject_cast<SslServer *>(&instance()->_v6server);
+ bool retv6 = sslServerv6->reloadCerts();
+
+ return retv4 && retv6;
+#else
+ // SSL not supported, don't mark configuration reload as failed
+ return true;
+#endif
+}
+
+
+bool Core::startListening()
+{
+ // in mono mode we only start a local port if a port is specified in the cli call
+ if (Quassel::runMode() == Quassel::Monolithic && !Quassel::isOptionSet("port"))
+ return true;
+
+ bool success = false;
+ uint port = Quassel::optionValue("port").toUInt();
+
+ const QString listen = Quassel::optionValue("listen");
+ const QStringList listen_list = listen.split(",", QString::SkipEmptyParts);
+ if (listen_list.size() > 0) {
+ foreach(const QString listen_term, listen_list) { // TODO: handle multiple interfaces for same TCP version gracefully
+ QHostAddress addr;
+ if (!addr.setAddress(listen_term)) {
+ qCritical() << qPrintable(
+ tr("Invalid listen address %1")
+ .arg(listen_term)
+ );
+ }
+ else {
+ switch (addr.protocol()) {
+ case QAbstractSocket::IPv6Protocol:
+ if (_v6server.listen(addr, port)) {
+ quInfo() << qPrintable(
+ tr("Listening for GUI clients on IPv6 %1 port %2 using protocol version %3")
+ .arg(addr.toString())
+ .arg(_v6server.serverPort())
+ .arg(Quassel::buildInfo().protocolVersion)
+ );
+ success = true;
+ }
+ else
+ quWarning() << qPrintable(
+ tr("Could not open IPv6 interface %1:%2: %3")
+ .arg(addr.toString())
+ .arg(port)
+ .arg(_v6server.errorString()));
+ break;
+ case QAbstractSocket::IPv4Protocol:
+ if (_server.listen(addr, port)) {
+ quInfo() << qPrintable(
+ tr("Listening for GUI clients on IPv4 %1 port %2 using protocol version %3")
+ .arg(addr.toString())
+ .arg(_server.serverPort())
+ .arg(Quassel::buildInfo().protocolVersion)
+ );
+ success = true;
+ }
+ else {
+ // if v6 succeeded on Any, the port will be already in use - don't display the error then
+ if (!success || _server.serverError() != QAbstractSocket::AddressInUseError)
+ quWarning() << qPrintable(
+ tr("Could not open IPv4 interface %1:%2: %3")
+ .arg(addr.toString())
+ .arg(port)
+ .arg(_server.errorString()));
+ }
+ break;
+ default:
+ qCritical() << qPrintable(
+ tr("Invalid listen address %1, unknown network protocol")
+ .arg(listen_term)
+ );
+ break;
+ }
+ }
+ }
+ }
+ if (!success)
+ quError() << qPrintable(tr("Could not open any network interfaces to listen on!"));
+
+ return success;
+}
+
+
+void Core::stopListening(const QString &reason)
+{
+ bool wasListening = false;
+ if (_server.isListening()) {
+ wasListening = true;
+ _server.close();
+ }
+ if (_v6server.isListening()) {
+ wasListening = true;
+ _v6server.close();
+ }
+ if (wasListening) {
+ if (reason.isEmpty())
+ quInfo() << "No longer listening for GUI clients.";
+ else
+ quInfo() << qPrintable(reason);
+ }
+}
+
+
+void Core::incomingConnection()
+{
+ QTcpServer *server = qobject_cast<QTcpServer *>(sender());
+ Q_ASSERT(server);
+ while (server->hasPendingConnections()) {
+ QTcpSocket *socket = server->nextPendingConnection();
+
+ CoreAuthHandler *handler = new CoreAuthHandler(socket, this);
+ _connectingClients.insert(handler);
+
+ connect(handler, SIGNAL(disconnected()), SLOT(clientDisconnected()));
+ connect(handler, SIGNAL(socketError(QAbstractSocket::SocketError,QString)), SLOT(socketError(QAbstractSocket::SocketError,QString)));
+ connect(handler, SIGNAL(handshakeComplete(RemotePeer*,UserId)), SLOT(setupClientSession(RemotePeer*,UserId)));
+
+ quInfo() << qPrintable(tr("Client connected from")) << qPrintable(socket->peerAddress().toString());
+
+ if (!_configured) {
+ stopListening(tr("Closing server for basic setup."));
+ }
+ }
+}
+
+
+// Potentially called during the initialization phase (before handing the connection off to the session)
+void Core::clientDisconnected()
+{
+ CoreAuthHandler *handler = qobject_cast<CoreAuthHandler *>(sender());
+ Q_ASSERT(handler);
+
+ quInfo() << qPrintable(tr("Non-authed client disconnected:")) << qPrintable(handler->socket()->peerAddress().toString());
+ _connectingClients.remove(handler);
+ handler->deleteLater();
+
+ // make server listen again if still not configured
+ if (!_configured) {
+ startListening();
+ }
+
+ // TODO remove unneeded sessions - if necessary/possible...
+ // Suggestion: kill sessions if they are not connected to any network and client.
+}
+
+
+void Core::setupClientSession(RemotePeer *peer, UserId uid)
+{
+ CoreAuthHandler *handler = qobject_cast<CoreAuthHandler *>(sender());
+ Q_ASSERT(handler);
+
+ // From now on everything is handled by the client session
+ disconnect(handler, 0, this, 0);
+ _connectingClients.remove(handler);
+ handler->deleteLater();
+
+ // Find or create session for validated user
+ sessionForUser(uid);
+
+ // as we are currently handling an event triggered by incoming data on this socket
+ // it is unsafe to directly move the socket to the client thread.
+ QCoreApplication::postEvent(this, new AddClientEvent(peer, uid));
+}
+
+
+void Core::customEvent(QEvent *event)
+{
+ if (event->type() == AddClientEventId) {
+ AddClientEvent *addClientEvent = static_cast<AddClientEvent *>(event);
+ addClientHelper(addClientEvent->peer, addClientEvent->userId);
+ return;
+ }
+}
+
+
+void Core::addClientHelper(RemotePeer *peer, UserId uid)
+{
+ // Find or create session for validated user
+ SessionThread *session = sessionForUser(uid);
+ session->addClient(peer);
+}
+
+
+void Core::setupInternalClientSession(InternalPeer *clientPeer)
+{
+ if (!_configured) {
+ stopListening();
+ setupCoreForInternalUsage();
+ }
+
+ UserId uid;
+ if (_storage) {
+ uid = _storage->internalUser();
+ }
+ else {
+ qWarning() << "Core::setupInternalClientSession(): You're trying to run monolithic Quassel with an unusable Backend! Go fix it!";
+ return;
+ }
+
+ InternalPeer *corePeer = new InternalPeer(this);
+ corePeer->setPeer(clientPeer);
+ clientPeer->setPeer(corePeer);
+
+ // Find or create session for validated user
+ SessionThread *sessionThread = sessionForUser(uid);
+ sessionThread->addClient(corePeer);
+}
+
+
+SessionThread *Core::sessionForUser(UserId uid, bool restore)
+{
+ if (_sessions.contains(uid))
+ return _sessions[uid];
+
+ SessionThread *session = new SessionThread(uid, restore, this);
+ _sessions[uid] = session;
+ session->start();
+ return session;
+}
+
+
+void Core::socketError(QAbstractSocket::SocketError err, const QString &errorString)
+{
+ qWarning() << QString("Socket error %1: %2").arg(err).arg(errorString);
+}
+
+
+QVariantList Core::backendInfo()
+{
+ QVariantList backends;
+ foreach(const Storage *backend, instance()->_storageBackends.values()) {
+ QVariantMap v;
+ v["DisplayName"] = backend->displayName();
+ v["Description"] = backend->description();
+ v["SetupKeys"] = backend->setupKeys();
+ v["SetupDefaults"] = backend->setupDefaults();
+ v["IsDefault"] = isStorageBackendDefault(backend);
+ backends.append(v);
+ }
+ return backends;
+}
+
+QVariantList Core::authenticatorInfo()
+{
+ QVariantList backends;
+ foreach(const Authenticator *backend, instance()->_authenticators.values()) {
+ QVariantMap v;
+ v["DisplayName"] = backend->backendId();
+ v["Description"] = backend->description();
+ v["SetupKeys"] = backend->setupKeys();
+ v["SetupDefaults"] = backend->setupDefaults();
+ backends.append(v);
+ }
+ return backends;
+}
+
+// migration / backend selection
+bool Core::selectBackend(const QString &backend)
+{
+ // reregister all storage backends
+ registerStorageBackends();
+ if (!_storageBackends.contains(backend)) {
+ qWarning() << qPrintable(QString("Core::selectBackend(): unsupported backend: %1").arg(backend));
+ qWarning() << " supported backends are:" << qPrintable(QStringList(_storageBackends.keys()).join(", "));
+ return false;
+ }
+
+ Storage *storage = _storageBackends[backend];
+ QVariantMap settings = promptForSettings(storage);
+
+ Storage::State storageState = storage->init(settings);
+ switch (storageState) {
+ case Storage::IsReady:
+ if (!saveBackendSettings(backend, settings)) {
+ qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem."));
+ }
+ qWarning() << "Switched backend to:" << qPrintable(backend);
+ qWarning() << "Backend already initialized. Skipping Migration";
+ return true;
+ case Storage::NotAvailable:
+ qCritical() << "Backend is not available:" << qPrintable(backend);
+ return false;
+ case Storage::NeedsSetup:
+ if (!storage->setup(settings)) {
+ qWarning() << qPrintable(QString("Core::selectBackend(): unable to setup backend: %1").arg(backend));
+ return false;
+ }
+
+ if (storage->init(settings) != Storage::IsReady) {
+ qWarning() << qPrintable(QString("Core::migrateBackend(): unable to initialize backend: %1").arg(backend));
+ return false;
+ }
+
+ if (!saveBackendSettings(backend, settings)) {
+ qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem."));
+ }
+ qWarning() << "Switched backend to:" << qPrintable(backend);
+ break;
+ }
+
+ // let's see if we have a current storage object we can migrate from
+ AbstractSqlMigrationReader *reader = getMigrationReader(_storage);
+ AbstractSqlMigrationWriter *writer = getMigrationWriter(storage);
+ if (reader && writer) {
+ qDebug() << qPrintable(QString("Migrating Storage backend %1 to %2...").arg(_storage->displayName(), storage->displayName()));
+ delete _storage;
+ _storage = 0;
+ delete storage;
+ storage = 0;
+ if (reader->migrateTo(writer)) {
+ qDebug() << "Migration finished!";
+ if (!saveBackendSettings(backend, settings)) {
+ qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem."));
+ return false;
+ }
+ return true;
+ }
+ return false;
+ qWarning() << qPrintable(QString("Core::migrateDb(): unable to migrate storage backend! (No migration writer for %1)").arg(backend));
+ }
+
+ // inform the user why we cannot merge
+ if (!_storage) {
+ qWarning() << "No currently active backend. Skipping migration.";
+ }
+ else if (!reader) {
+ qWarning() << "Currently active backend does not support migration:" << qPrintable(_storage->displayName());
+ }
+ if (writer) {
+ qWarning() << "New backend does not support migration:" << qPrintable(backend);
+ }
+
+ // so we were unable to merge, but let's create a user \o/
+ _storage = storage;
+ createUser();
+ return true;
+}
+
+// TODO: I am not sure if this function is implemented correctly.
+// There is currently no concept of migraiton between auth backends.
+bool Core::selectAuthenticator(const QString &backend)
+{
+ // Register all authentication backends.
+ registerAuthenticators();
+ if (!_authenticators.contains(backend)) {
+ qWarning() << qPrintable(QString("Core::selectAuthenticator(): unsupported backend: %1").arg(backend));
+ qWarning() << " supported backends are:" << qPrintable(QStringList(_authenticators.keys()).join(", "));
+ return false;
+ }
+
+ Authenticator *authenticator = _authenticators[backend];
+ QVariantMap settings = promptForSettings(authenticator);
+
+ Authenticator::State state = authenticator->init(settings);
+ switch (state) {
+ case Authenticator::IsReady:
+ saveAuthenticatorSettings(backend, settings);
+ qWarning() << "Switched auth backend to:" << qPrintable(backend);
+// qWarning() << "Auth backend already initialized. Skipping Migration";
+ return true;
+ case Authenticator::NotAvailable:
+ qCritical() << "Auth backend is not available:" << qPrintable(backend);
+ return false;
+ case Authenticator::NeedsSetup:
+ if (!authenticator->setup(settings)) {
+ qWarning() << qPrintable(QString("Core::selectAuthenticator(): unable to setup authenticator: %1").arg(backend));
+ return false;
+ }
+
+ if (authenticator->init(settings) != Authenticator::IsReady) {
+ qWarning() << qPrintable(QString("Core::migrateBackend(): unable to initialize authenticator: %1").arg(backend));
+ return false;
+ }
+
+ saveAuthenticatorSettings(backend, settings);
+ qWarning() << "Switched auth backend to:" << qPrintable(backend);
+ }
+
+ _authenticator = authenticator;
+ return true;
+}
+
+
+bool Core::createUser()
+{
+ QTextStream out(stdout);
+ QTextStream in(stdin);
+ out << "Add a new user:" << endl;
+ out << "Username: ";
+ out.flush();
+ QString username = in.readLine().trimmed();
+
+ disableStdInEcho();
+ out << "Password: ";
+ out.flush();
+ QString password = in.readLine().trimmed();
+ out << endl;
+ out << "Repeat Password: ";
+ out.flush();
+ QString password2 = in.readLine().trimmed();
+ out << endl;
+ enableStdInEcho();
+
+ if (password != password2) {
+ qWarning() << "Passwords don't match!";
+ return false;
+ }
+ if (password.isEmpty()) {
+ qWarning() << "Password is empty!";
+ return false;
+ }
+
+ if (_configured && _storage->addUser(username, password).isValid()) {
+ out << "Added user " << username << " successfully!" << endl;
+ return true;
+ }
+ else {
+ qWarning() << "Unable to add user:" << qPrintable(username);
+ return false;
+ }
+}
+
+
+bool Core::changeUserPass(const QString &username)
+{
+ QTextStream out(stdout);
+ QTextStream in(stdin);
+ UserId userId = _storage->getUserId(username);
+ if (!userId.isValid()) {
+ out << "User " << username << " does not exist." << endl;
+ return false;
+ }
+
+ if (!canChangeUserPassword(userId))
+ {
+ out << "User " << username << " is configured through an auth provider that has forbidden manual password changing." << endl;
+ return false;
+ }
+
+ out << "Change password for user: " << username << endl;
+
+ disableStdInEcho();
+ out << "New Password: ";
+ out.flush();
+ QString password = in.readLine().trimmed();
+ out << endl;
+ out << "Repeat Password: ";
+ out.flush();
+ QString password2 = in.readLine().trimmed();
+ out << endl;
+ enableStdInEcho();
+
+ if (password != password2) {
+ qWarning() << "Passwords don't match!";
+ return false;
+ }
+ if (password.isEmpty()) {
+ qWarning() << "Password is empty!";
+ return false;
+ }
+
+ if (_configured && _storage->updateUser(userId, password)) {
+ out << "Password changed successfully!" << endl;
+ return true;
+ }
+ else {
+ qWarning() << "Failed to change password!";
+ return false;
+ }
+}
+
+
+bool Core::changeUserPassword(UserId userId, const QString &password)
+{
+ if (!isConfigured() || !userId.isValid())
+ return false;
+
+ if (!canChangeUserPassword(userId))
+ return false;
+
+ return instance()->_storage->updateUser(userId, password);
+}
+
+// TODO: this code isn't currently 100% optimal because the core
+// doesn't know it can have multiple auth providers configured (there aren't
+// multiple auth providers at the moment anyway) and we have hardcoded the
+// Database provider to be always allowed.
+bool Core::canChangeUserPassword(UserId userId)
+{
+ QString authProvider = instance()->_storage->getUserAuthenticator(userId);
+ if (authProvider != "Database")
+ {
+ if (authProvider != instance()->_authenticator->backendId()) {
+ return false;
+ } else if (instance()->_authenticator->canChangePassword()) {
+ return false;
+ }
+ }
+ return true;
+}
+
+AbstractSqlMigrationReader *Core::getMigrationReader(Storage *storage)
+{
+ if (!storage)
+ return 0;
+
+ AbstractSqlStorage *sqlStorage = qobject_cast<AbstractSqlStorage *>(storage);
+ if (!sqlStorage) {
+ qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!";
+ return 0;
+ }
+
+ return sqlStorage->createMigrationReader();
+}
+
+
+AbstractSqlMigrationWriter *Core::getMigrationWriter(Storage *storage)
+{
+ if (!storage)
+ return 0;
+
+ AbstractSqlStorage *sqlStorage = qobject_cast<AbstractSqlStorage *>(storage);
+ if (!sqlStorage) {
+ qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!";
+ return 0;
+ }
+
+ return sqlStorage->createMigrationWriter();
+}
+
+
+bool Core::saveBackendSettings(const QString &backend, const QVariantMap &settings)
+{
+ QVariantMap dbsettings;
+ dbsettings["Backend"] = backend;
+ dbsettings["ConnectionProperties"] = settings;
+ CoreSettings s = CoreSettings();
+ s.setStorageSettings(dbsettings);
+ return s.sync();
+}
+
+void Core::saveAuthenticatorSettings(const QString &backend, const QVariantMap &settings)
+{
+ QVariantMap dbsettings;
+ dbsettings["Authenticator"] = backend;
+ dbsettings["ConnectionProperties"] = settings;
+ CoreSettings().setAuthSettings(dbsettings);
+}
+
+// Generic version of promptForSettings that doesn't care what *type* of
+// backend it runs over.
+QVariantMap Core::promptForSettings(QStringList keys, QVariantMap defaults)
+{
+ QVariantMap settings;
+
+ if (keys.isEmpty())
+ return settings;
+
+ QTextStream out(stdout);
+ QTextStream in(stdin);
+ out << "Default values are in brackets" << endl;
+
+ QString value;
+ foreach(QString key, keys) {
+ QVariant val;
+ if (defaults.contains(key)) {
+ val = defaults[key];
+ }
+ out << key;
+ if (!val.toString().isEmpty()) {
+ out << " (" << val.toString() << ")";
+ }
+ out << ": ";
+ out.flush();
+
+ bool noEcho = QString("password").toLower().startsWith(key.toLower());
+ if (noEcho) {
+ disableStdInEcho();
+ }
+ value = in.readLine().trimmed();
+ if (noEcho) {
+ out << endl;
+ enableStdInEcho();
+ }
+
+ if (!value.isEmpty()) {
+ switch (defaults[key].type()) {
+ case QVariant::Int:
+ val = QVariant(value.toInt());
+ break;
+ default:
+ val = QVariant(value);
+ }
+ }
+ settings[key] = val;
+ }
+ return settings;
+}
+
+// Since an auth and storage backend work basically the same way,
+// use polymorphism here on this routine.
+QVariantMap Core::promptForSettings(const Storage *storage)
+{
+ QStringList keys = storage->setupKeys();
+ QVariantMap defaults = storage->setupDefaults();
+ return Core::promptForSettings(keys, defaults);
+
+}
+
+QVariantMap Core::promptForSettings(const Authenticator *authenticator)
+{
+ QStringList keys = authenticator->setupKeys();
+ QVariantMap defaults = authenticator->setupDefaults();
+ return Core::promptForSettings(keys, defaults);
+}
+
+
+#ifdef Q_OS_WIN
+void Core::stdInEcho(bool on)
+{
+ HANDLE hStdin = GetStdHandle(STD_INPUT_HANDLE);
+ DWORD mode = 0;
+ GetConsoleMode(hStdin, &mode);
+ if (on)
+ mode |= ENABLE_ECHO_INPUT;
+ else
+ mode &= ~ENABLE_ECHO_INPUT;
+ SetConsoleMode(hStdin, mode);
+}
+
+
+#else
+void Core::stdInEcho(bool on)
+{
+ termios t;
+ tcgetattr(STDIN_FILENO, &t);
+ if (on)
+ t.c_lflag |= ECHO;
+ else
+ t.c_lflag &= ~ECHO;
+ tcsetattr(STDIN_FILENO, TCSANOW, &t);
+}
+
+
+#endif /* Q_OS_WIN */