+ CoreSettings cs;
+
+ QVariantMap dbsettings = cs.storageSettings().toMap();
+ db_backend = dbsettings.value("Backend").toString();
+ db_connectionProperties = dbsettings.value("ConnectionProperties").toMap();
+
+ QVariantMap authSettings = cs.authSettings().toMap();
+ auth_authenticator = authSettings.value("Authenticator", "Database").toString();
+ auth_properties = authSettings.value("AuthProperties").toMap();
+
+ writeError = !cs.isWritable();
+ }
+
+ // legacy
+ _configured = initStorage(db_backend, db_connectionProperties, environment, config_from_environment);
+
+ // Not entirely sure what is 'legacy' about the above, but it seems to be the way things work!
+ if (_configured) {
+ initAuthenticator(auth_authenticator, auth_properties, environment, config_from_environment);
+ }
+
+ if (Quassel::isOptionSet("select-backend") || Quassel::isOptionSet("select-authenticator")) {
+ bool success{true};
+ if (Quassel::isOptionSet("select-backend")) {
+ success &= selectBackend(Quassel::optionValue("select-backend"));
+ }
+ if (Quassel::isOptionSet("select-authenticator")) {
+ success &= selectAuthenticator(Quassel::optionValue("select-authenticator"));
+ }
+ QCoreApplication::exit(success ? EXIT_SUCCESS : EXIT_FAILURE);
+ return success;
+ }
+
+ if (!_configured) {
+ if (config_from_environment) {
+ _configured = initStorage(db_backend, db_connectionProperties, environment, config_from_environment, true);
+ initAuthenticator(auth_authenticator, auth_properties, environment, config_from_environment, true);
+
+ if (!_configured) {
+ qWarning() << "Cannot configure from environment";
+ QCoreApplication::exit(EXIT_FAILURE);
+ return false;
+ }
+ }
+ else {
+ if (_registeredStorageBackends.empty()) {
+ quWarning() << qPrintable(tr("Could not initialize any storage backend! Exiting..."));
+ quWarning()
+ << qPrintable(tr("Currently, Quassel supports SQLite3 and PostgreSQL. You need to build your\n"
+ "Qt library with the sqlite or postgres plugin enabled in order for quasselcore\n"
+ "to work."));
+ QCoreApplication::exit(EXIT_FAILURE); // TODO make this less brutal (especially for mono client -> popup)
+ return false;
+ }
+
+ if (writeError) {
+ qWarning() << "Cannot write quasselcore configuration; probably a permission problem.";
+ QCoreApplication::exit(EXIT_FAILURE);
+ return false;
+ }
+
+ quInfo() << "Core is currently not configured! Please connect with a Quassel Client for basic setup.";
+ }
+ }
+ else {
+ if (Quassel::isOptionSet("add-user")) {
+ bool success = createUser();
+ QCoreApplication::exit(success ? EXIT_SUCCESS : EXIT_FAILURE);
+ return success;
+ }
+
+ if (Quassel::isOptionSet("change-userpass")) {
+ bool success = changeUserPass(Quassel::optionValue("change-userpass"));
+ QCoreApplication::exit(success ? EXIT_SUCCESS : EXIT_FAILURE);
+ return success;
+ }
+
+ _strictIdentEnabled = Quassel::isOptionSet("strict-ident");
+ if (_strictIdentEnabled) {
+ cacheSysIdent();
+ }
+
+ if (Quassel::isOptionSet("oidentd")) {
+ _oidentdConfigGenerator = new OidentdConfigGenerator(this);
+ }
+
+
+ if (Quassel::isOptionSet("ident-daemon")) {
+ _identServer = new IdentServer(this);
+ }
+
+ Quassel::registerReloadHandler([]() {
+ // Currently, only reloading SSL certificates and the sysident cache is supported
+ if (Core::instance()) {
+ Core::instance()->cacheSysIdent();
+ Core::instance()->reloadCerts();
+ return true;
+ }
+ return false;
+ });
+
+ connect(&_storageSyncTimer, SIGNAL(timeout()), this, SLOT(syncStorage()));
+ _storageSyncTimer.start(10 * 60 * 1000); // 10 minutes
+ }
+
+ connect(&_server, SIGNAL(newConnection()), this, SLOT(incomingConnection()));
+ connect(&_v6server, SIGNAL(newConnection()), this, SLOT(incomingConnection()));
+
+ if (!startListening()) {
+ QCoreApplication::exit(EXIT_FAILURE); // TODO make this less brutal
+ return false;
+ }
+
+ if (_configured && !Quassel::isOptionSet("norestore")) {
+ Core::restoreState();
+ }
+
+ _initialized = true;
+
+ if (_pendingInternalConnection) {
+ connectInternalPeer(_pendingInternalConnection);
+ _pendingInternalConnection = {};
+ }
+
+ return true;
+}
+
+/*** Session Restore ***/
+
+void Core::saveState()
+{
+ if (_storage) {
+ QVariantList activeSessions;
+ for (auto &&user : instance()->_sessions.keys())
+ activeSessions << QVariant::fromValue<UserId>(user);
+ _storage->setCoreState(activeSessions);
+ }
+}
+
+
+void Core::restoreState()
+{
+ if (!_configured) {
+ quWarning() << qPrintable(tr("Cannot restore a state for an unconfigured core!"));
+ return;
+ }
+ if (_sessions.count()) {
+ quWarning() << qPrintable(tr("Calling restoreState() even though active sessions exist!"));
+ return;
+ }
+
+ CoreSettings s;
+ /* We don't check, since we are at the first version since switching to Git
+ uint statever = s.coreState().toMap()["CoreStateVersion"].toUInt();
+ if(statever < 1) {
+ quWarning() << qPrintable(tr("Core state too old, ignoring..."));
+ return;
+ }
+ */
+
+ const QList<QVariant> &activeSessionsFallback = s.coreState().toMap()["ActiveSessions"].toList();
+ QVariantList activeSessions = instance()->_storage->getCoreState(activeSessionsFallback);
+
+ if (activeSessions.count() > 0) {
+ quInfo() << "Restoring previous core state...";
+ for(auto &&v : activeSessions) {
+ UserId user = v.value<UserId>();
+ sessionForUser(user, true);
+ }
+ }
+}
+
+
+/*** Core Setup ***/
+
+QString Core::setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authenticator, const QVariantMap &authSetupData)
+{
+ return instance()->setupCore(adminUser, adminPassword, backend, setupData, authenticator, authSetupData);
+}
+
+
+QString Core::setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authenticator, const QVariantMap &authSetupData)
+{
+ if (_configured)
+ return tr("Core is already configured! Not configuring again...");
+
+ if (adminUser.isEmpty() || adminPassword.isEmpty()) {
+ return tr("Admin user or password not set.");
+ }
+ if (!(_configured = initStorage(backend, setupData, {}, false, true))) {
+ return tr("Could not setup storage!");
+ }
+
+ quInfo() << "Selected authenticator:" << authenticator;
+ if (!(_configured = initAuthenticator(authenticator, authSetupData, {}, false, true)))
+ {
+ return tr("Could not setup authenticator!");
+ }
+
+ if (!saveBackendSettings(backend, setupData)) {
+ return tr("Could not save backend settings, probably a permission problem.");
+ }
+ saveAuthenticatorSettings(authenticator, authSetupData);
+
+ quInfo() << qPrintable(tr("Creating admin user..."));
+ _storage->addUser(adminUser, adminPassword);
+ cacheSysIdent();
+ startListening(); // TODO check when we need this
+ return QString();
+}
+
+
+QString Core::setupCoreForInternalUsage()
+{
+ Q_ASSERT(!_registeredStorageBackends.empty());
+
+ qsrand(QDateTime::currentDateTime().toMSecsSinceEpoch());
+ int pass = 0;
+ for (int i = 0; i < 10; i++) {
+ pass *= 10;
+ pass += qrand() % 10;
+ }
+
+ // mono client currently needs sqlite
+ return setupCore("AdminUser", QString::number(pass), "SQLite", QVariantMap(), "Database", QVariantMap());
+}
+
+
+/*** Storage Handling ***/
+
+template<typename Storage>
+void Core::registerStorageBackend()
+{
+ auto backend = makeDeferredShared<Storage>(this);
+ if (backend->isAvailable())
+ _registeredStorageBackends.emplace_back(std::move(backend));
+ else
+ backend->deleteLater();
+}
+
+
+void Core::registerStorageBackends()
+{
+ if (_registeredStorageBackends.empty()) {
+ registerStorageBackend<SqliteStorage>();
+ registerStorageBackend<PostgreSqlStorage>();
+ }
+}
+
+
+DeferredSharedPtr<Storage> Core::storageBackend(const QString &backendId) const
+{
+ auto it = std::find_if(_registeredStorageBackends.begin(), _registeredStorageBackends.end(),
+ [backendId](const DeferredSharedPtr<Storage> &backend) {
+ return backend->displayName() == backendId;
+ });
+ return it != _registeredStorageBackends.end() ? *it : nullptr;
+}
+
+// old db settings:
+// "Type" => "sqlite"
+bool Core::initStorage(const QString &backend, const QVariantMap &settings,
+ const QProcessEnvironment &environment, bool loadFromEnvironment, bool setup)
+{
+ if (backend.isEmpty()) {
+ quWarning() << "No storage backend selected!";
+ return false;
+ }
+
+ auto storage = storageBackend(backend);
+ if (!storage) {
+ qCritical() << "Selected storage backend is not available:" << backend;
+ return false;
+ }
+
+ connect(storage.get(), SIGNAL(dbUpgradeInProgress(bool)), this, SIGNAL(dbUpgradeInProgress(bool)));
+
+ Storage::State storageState = storage->init(settings, environment, loadFromEnvironment);
+ switch (storageState) {
+ case Storage::NeedsSetup:
+ if (!setup)
+ return false; // trigger setup process
+ if (storage->setup(settings, environment, loadFromEnvironment))
+ return initStorage(backend, settings, environment, loadFromEnvironment, false);
+ return false;
+
+ // if initialization wasn't successful, we quit to keep from coming up unconfigured
+ case Storage::NotAvailable:
+ qCritical() << "FATAL: Selected storage backend is not available:" << backend;
+ if (!setup) {
+ QCoreApplication::exit(EXIT_FAILURE);
+ }
+ return false;
+
+ case Storage::IsReady:
+ // delete all other backends
+ _registeredStorageBackends.clear();
+ connect(storage.get(), SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &)),
+ this, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &)));
+ break;
+ }
+ _storage = std::move(storage);
+ return true;
+}
+
+
+void Core::syncStorage()
+{
+ if (_storage)
+ _storage->sync();
+}
+
+
+/*** Storage Access ***/
+bool Core::createNetwork(UserId user, NetworkInfo &info)
+{
+ NetworkId networkId = instance()->_storage->createNetwork(user, info);
+ if (!networkId.isValid())
+ return false;
+
+ info.networkId = networkId;
+ return true;
+}
+
+
+/*** Authenticators ***/
+
+// Authentication handling, now independent from storage.
+template<typename Authenticator>
+void Core::registerAuthenticator()
+{
+ auto authenticator = makeDeferredShared<Authenticator>(this);
+ if (authenticator->isAvailable())
+ _registeredAuthenticators.emplace_back(std::move(authenticator));
+ else
+ authenticator->deleteLater();
+}
+
+
+void Core::registerAuthenticators()
+{
+ if (_registeredAuthenticators.empty()) {
+ registerAuthenticator<SqlAuthenticator>();
+#ifdef HAVE_LDAP
+ registerAuthenticator<LdapAuthenticator>();
+#endif
+ }
+}
+
+
+DeferredSharedPtr<Authenticator> Core::authenticator(const QString &backendId) const
+{
+ auto it = std::find_if(_registeredAuthenticators.begin(), _registeredAuthenticators.end(),
+ [backendId](const DeferredSharedPtr<Authenticator> &authenticator) {
+ return authenticator->backendId() == backendId;
+ });
+ return it != _registeredAuthenticators.end() ? *it : nullptr;
+}
+
+
+// FIXME: Apparently, this is the legacy way of initting storage backends?
+// If there's a not-legacy way, it should be used here
+bool Core::initAuthenticator(const QString &backend, const QVariantMap &settings,
+ const QProcessEnvironment &environment, bool loadFromEnvironment,
+ bool setup)
+{
+ if (backend.isEmpty()) {
+ quWarning() << "No authenticator selected!";
+ return false;
+ }
+
+ auto auth = authenticator(backend);
+ if (!auth) {
+ qCritical() << "Selected auth backend is not available:" << backend;
+ return false;
+ }
+
+ Authenticator::State authState = auth->init(settings, environment, loadFromEnvironment);
+ switch (authState) {
+ case Authenticator::NeedsSetup:
+ if (!setup)
+ return false; // trigger setup process
+ if (auth->setup(settings, environment, loadFromEnvironment))
+ return initAuthenticator(backend, settings, environment, loadFromEnvironment, false);
+ return false;
+
+ // if initialization wasn't successful, we quit to keep from coming up unconfigured
+ case Authenticator::NotAvailable:
+ qCritical() << "FATAL: Selected auth backend is not available:" << backend;
+ if (!setup) {
+ QCoreApplication::exit(EXIT_FAILURE);
+ }
+ return false;
+
+ case Authenticator::IsReady:
+ // delete all other backends
+ _registeredAuthenticators.clear();
+ break;
+ }
+ _authenticator = std::move(auth);
+ return true;
+}
+
+
+/*** Network Management ***/
+
+bool Core::sslSupported()
+{
+#ifdef HAVE_SSL
+ SslServer *sslServer = qobject_cast<SslServer *>(&instance()->_server);
+ return sslServer && sslServer->isCertValid();
+#else
+ return false;
+#endif
+}
+
+
+bool Core::reloadCerts()
+{
+#ifdef HAVE_SSL
+ SslServer *sslServerv4 = qobject_cast<SslServer *>(&_server);
+ bool retv4 = sslServerv4->reloadCerts();
+
+ SslServer *sslServerv6 = qobject_cast<SslServer *>(&_v6server);
+ bool retv6 = sslServerv6->reloadCerts();
+
+ return retv4 && retv6;
+#else
+ // SSL not supported, don't mark configuration reload as failed
+ return true;
+#endif
+}
+
+
+void Core::cacheSysIdent()
+{
+ if (isConfigured()) {
+ _authUserNames = _storage->getAllAuthUserNames();
+ }
+}
+
+
+QString Core::strictSysIdent(UserId user) const
+{
+ if (_authUserNames.contains(user)) {
+ return _authUserNames[user];
+ }
+
+ // A new user got added since we last pulled our cache from the database.
+ // There's no way to avoid a database hit - we don't even know the authname!
+ instance()->cacheSysIdent();
+
+ if (_authUserNames.contains(user)) {
+ return _authUserNames[user];
+ }
+
+ // ...something very weird is going on if we ended up here (an active CoreSession without a corresponding database entry?)
+ qWarning().nospace() << "Unable to find authusername for UserId " << user << ", this should never happen!";
+ return "unknown"; // Should we just terminate the program instead?
+}
+
+
+bool Core::startListening()
+{
+ // in mono mode we only start a local port if a port is specified in the cli call
+ if (Quassel::runMode() == Quassel::Monolithic && !Quassel::isOptionSet("port"))
+ return true;
+
+ bool success = false;
+ uint port = Quassel::optionValue("port").toUInt();
+
+ const QString listen = Quassel::optionValue("listen");
+ const QStringList listen_list = listen.split(",", QString::SkipEmptyParts);
+ if (listen_list.size() > 0) {
+ foreach(const QString listen_term, listen_list) { // TODO: handle multiple interfaces for same TCP version gracefully
+ QHostAddress addr;
+ if (!addr.setAddress(listen_term)) {
+ qCritical() << qPrintable(
+ tr("Invalid listen address %1")
+ .arg(listen_term)
+ );
+ }
+ else {
+ switch (addr.protocol()) {
+ case QAbstractSocket::IPv6Protocol:
+ if (_v6server.listen(addr, port)) {
+ quInfo() << qPrintable(
+ tr("Listening for GUI clients on IPv6 %1 port %2 using protocol version %3")
+ .arg(addr.toString())
+ .arg(_v6server.serverPort())
+ .arg(Quassel::buildInfo().protocolVersion)
+ );
+ success = true;
+ }
+ else
+ quWarning() << qPrintable(
+ tr("Could not open IPv6 interface %1:%2: %3")
+ .arg(addr.toString())
+ .arg(port)
+ .arg(_v6server.errorString()));
+ break;
+ case QAbstractSocket::IPv4Protocol:
+ if (_server.listen(addr, port)) {
+ quInfo() << qPrintable(
+ tr("Listening for GUI clients on IPv4 %1 port %2 using protocol version %3")
+ .arg(addr.toString())
+ .arg(_server.serverPort())
+ .arg(Quassel::buildInfo().protocolVersion)
+ );
+ success = true;
+ }
+ else {
+ // if v6 succeeded on Any, the port will be already in use - don't display the error then
+ if (!success || _server.serverError() != QAbstractSocket::AddressInUseError)
+ quWarning() << qPrintable(
+ tr("Could not open IPv4 interface %1:%2: %3")
+ .arg(addr.toString())
+ .arg(port)
+ .arg(_server.errorString()));
+ }
+ break;
+ default:
+ qCritical() << qPrintable(
+ tr("Invalid listen address %1, unknown network protocol")
+ .arg(listen_term)
+ );
+ break;
+ }
+ }
+ }
+ }
+ if (!success)
+ quError() << qPrintable(tr("Could not open any network interfaces to listen on!"));
+
+ if (_identServer) {
+ _identServer->startListening();
+ }
+
+ return success;
+}
+
+
+void Core::stopListening(const QString &reason)
+{
+ if (_identServer) {
+ _identServer->stopListening(reason);
+ }
+
+ bool wasListening = false;
+ if (_server.isListening()) {
+ wasListening = true;
+ _server.close();
+ }
+ if (_v6server.isListening()) {
+ wasListening = true;
+ _v6server.close();
+ }
+ if (wasListening) {
+ if (reason.isEmpty())
+ quInfo() << "No longer listening for GUI clients.";
+ else
+ quInfo() << qPrintable(reason);
+ }
+}
+
+
+void Core::incomingConnection()
+{
+ QTcpServer *server = qobject_cast<QTcpServer *>(sender());
+ Q_ASSERT(server);
+ while (server->hasPendingConnections()) {
+ QTcpSocket *socket = server->nextPendingConnection();
+
+ CoreAuthHandler *handler = new CoreAuthHandler(socket, this);
+ _connectingClients.insert(handler);
+
+ connect(handler, SIGNAL(disconnected()), SLOT(clientDisconnected()));
+ connect(handler, SIGNAL(socketError(QAbstractSocket::SocketError,QString)), SLOT(socketError(QAbstractSocket::SocketError,QString)));
+ connect(handler, SIGNAL(handshakeComplete(RemotePeer*,UserId)), SLOT(setupClientSession(RemotePeer*,UserId)));
+
+ quInfo() << qPrintable(tr("Client connected from")) << qPrintable(socket->peerAddress().toString());
+
+ if (!_configured) {
+ stopListening(tr("Closing server for basic setup."));
+ }
+ }
+}
+
+
+// Potentially called during the initialization phase (before handing the connection off to the session)
+void Core::clientDisconnected()
+{
+ CoreAuthHandler *handler = qobject_cast<CoreAuthHandler *>(sender());
+ Q_ASSERT(handler);
+
+ quInfo() << qPrintable(tr("Non-authed client disconnected:")) << qPrintable(handler->socket()->peerAddress().toString());
+ _connectingClients.remove(handler);
+ handler->deleteLater();
+
+ // make server listen again if still not configured
+ if (!_configured) {
+ startListening();
+ }
+
+ // TODO remove unneeded sessions - if necessary/possible...
+ // Suggestion: kill sessions if they are not connected to any network and client.
+}
+
+
+void Core::setupClientSession(RemotePeer *peer, UserId uid)
+{
+ CoreAuthHandler *handler = qobject_cast<CoreAuthHandler *>(sender());
+ Q_ASSERT(handler);
+
+ // From now on everything is handled by the client session
+ disconnect(handler, 0, this, 0);
+ _connectingClients.remove(handler);
+ handler->deleteLater();
+
+ // Find or create session for validated user
+ sessionForUser(uid);
+
+ // as we are currently handling an event triggered by incoming data on this socket
+ // it is unsafe to directly move the socket to the client thread.
+ QCoreApplication::postEvent(this, new AddClientEvent(peer, uid));
+}
+
+
+void Core::customEvent(QEvent *event)
+{
+ if (event->type() == AddClientEventId) {
+ AddClientEvent *addClientEvent = static_cast<AddClientEvent *>(event);
+ addClientHelper(addClientEvent->peer, addClientEvent->userId);
+ return;
+ }