/***************************************************************************
- * Copyright (C) 2005-2012 by the Quassel Project *
+ * Copyright (C) 2005-2018 by the Quassel Project *
* devel@quassel-irc.org *
* *
* This program is free software; you can redistribute it and/or modify *
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. *
***************************************************************************/
+#include <algorithm>
+
#include <QCoreApplication>
#include "core.h"
+#include "coreauthhandler.h"
#include "coresession.h"
#include "coresettings.h"
+#include "logger.h"
+#include "internalpeer.h"
+#include "network.h"
#include "postgresqlstorage.h"
#include "quassel.h"
-#include "signalproxy.h"
+#include "sqlauthenticator.h"
#include "sqlitestorage.h"
-#include "network.h"
-#include "logger.h"
-
#include "util.h"
+// Currently building with LDAP bindings is optional.
+#ifdef HAVE_LDAP
+#include "ldapauthenticator.h"
+#endif
+
// migration related
#include <QFile>
-#ifdef Q_OS_WIN32
+#ifdef Q_OS_WIN
# include <windows.h>
#else
# include <unistd.h>
# include <termios.h>
-#endif /* Q_OS_WIN32 */
-
-#ifdef HAVE_UMASK
-# include <sys/types.h>
-# include <sys/stat.h>
-#endif /* HAVE_UMASK */
+#endif /* Q_OS_WIN */
// ==============================
// Custom Events
class AddClientEvent : public QEvent
{
public:
- AddClientEvent(QTcpSocket *socket, UserId uid) : QEvent(QEvent::Type(Core::AddClientEventId)), socket(socket), userId(uid) {}
- QTcpSocket *socket;
+ AddClientEvent(RemotePeer *p, UserId uid) : QEvent(QEvent::Type(Core::AddClientEventId)), peer(p), userId(uid) {}
+ RemotePeer *peer;
UserId userId;
};
// ==============================
// Core
// ==============================
-Core *Core::instanceptr = 0;
+Core *Core::_instance{nullptr};
Core *Core::instance()
{
- if (instanceptr) return instanceptr;
- instanceptr = new Core();
- instanceptr->init();
- return instanceptr;
+ return _instance;
}
-void Core::destroy()
+Core::Core()
{
- delete instanceptr;
- instanceptr = 0;
+ if (_instance) {
+ qWarning() << "Recreating core instance!";
+ delete _instance;
+ }
+ _instance = this;
+
+ // Parent all QObject-derived attributes, so when the Core instance gets moved into another
+ // thread, they get moved with it
+ _server.setParent(this);
+ _v6server.setParent(this);
+ _storageSyncTimer.setParent(this);
}
-Core::Core()
- : _storage(0)
+Core::~Core()
{
-#ifdef HAVE_UMASK
- umask(S_IRWXG | S_IRWXO);
-#endif
- _startTime = QDateTime::currentDateTime().toUTC(); // for uptime :)
+ saveState();
+ qDeleteAll(_connectingClients);
+ qDeleteAll(_sessions);
+ syncStorage();
+ _instance = nullptr;
+}
- Quassel::loadTranslation(QLocale::system());
- // FIXME: MIGRATION 0.3 -> 0.4: Move database and core config to new location
- // Move settings, note this does not delete the old files
-#ifdef Q_WS_MAC
- QSettings newSettings("quassel-irc.org", "quasselcore");
-#else
-
-# ifdef Q_WS_WIN
- QSettings::Format format = QSettings::IniFormat;
-# else
- QSettings::Format format = QSettings::NativeFormat;
-# endif
- QString newFilePath = Quassel::configDirPath() + "quasselcore"
- + ((format == QSettings::NativeFormat) ? QLatin1String(".conf") : QLatin1String(".ini"));
- QSettings newSettings(newFilePath, format);
-#endif /* Q_WS_MAC */
-
- if (newSettings.value("Config/Version").toUInt() == 0) {
-# ifdef Q_WS_MAC
- QString org = "quassel-irc.org";
-# else
- QString org = "Quassel Project";
-# endif
- QSettings oldSettings(org, "Quassel Core");
- if (oldSettings.allKeys().count()) {
- qWarning() << "\n\n*** IMPORTANT: Config and data file locations have changed. Attempting to auto-migrate your core settings...";
- foreach(QString key, oldSettings.allKeys())
- newSettings.setValue(key, oldSettings.value(key));
- newSettings.setValue("Config/Version", 1);
- qWarning() << "* Your core settings have been migrated to" << newSettings.fileName();
-
-#ifndef Q_WS_MAC /* we don't need to move the db and cert for mac */
-#ifdef Q_OS_WIN32
- QString quasselDir = qgetenv("APPDATA") + "/quassel/";
-#elif defined Q_WS_MAC
- QString quasselDir = QDir::homePath() + "/Library/Application Support/Quassel/";
-#else
- QString quasselDir = QDir::homePath() + "/.quassel/";
-#endif
+bool Core::init()
+{
+ _startTime = QDateTime::currentDateTime().toUTC(); // for uptime :)
- QFileInfo info(Quassel::configDirPath() + "quassel-storage.sqlite");
- if (!info.exists()) {
- // move database, if we found it
- QFile oldDb(quasselDir + "quassel-storage.sqlite");
- if (oldDb.exists()) {
- bool success = oldDb.rename(Quassel::configDirPath() + "quassel-storage.sqlite");
- if (success)
- qWarning() << "* Your database has been moved to" << Quassel::configDirPath() + "quassel-storage.sqlite";
- else
- qWarning() << "!!! Moving your database has failed. Please move it manually into" << Quassel::configDirPath();
- }
- }
- // move certificate
- QFileInfo certInfo(quasselDir + "quasselCert.pem");
- if (certInfo.exists()) {
- QFile cert(quasselDir + "quasselCert.pem");
- bool success = cert.rename(Quassel::configDirPath() + "quasselCert.pem");
- if (success)
- qWarning() << "* Your certificate has been moved to" << Quassel::configDirPath() + "quasselCert.pem";
- else
- qWarning() << "!!! Moving your certificate has failed. Please move it manually into" << Quassel::configDirPath();
- }
-#endif /* !Q_WS_MAC */
- qWarning() << "*** Migration completed.\n\n";
- }
+ if (Quassel::runMode() == Quassel::RunMode::CoreOnly) {
+ Quassel::loadTranslation(QLocale::system());
}
- // MIGRATION end
// check settings version
// so far, we only have 1
CoreSettings s;
if (s.version() != 1) {
qCritical() << "Invalid core settings version, terminating!";
- exit(EXIT_FAILURE);
+ QCoreApplication::exit(EXIT_FAILURE);
+ return false;
}
+ // Set up storage and authentication backends
registerStorageBackends();
+ registerAuthenticators();
- connect(&_storageSyncTimer, SIGNAL(timeout()), this, SLOT(syncStorage()));
- _storageSyncTimer.start(10 * 60 * 1000); // 10 minutes
-}
+ QProcessEnvironment environment = QProcessEnvironment::systemEnvironment();
+ bool config_from_environment = Quassel::isOptionSet("config-from-environment");
+ QString db_backend;
+ QVariantMap db_connectionProperties;
-void Core::init()
-{
- CoreSettings cs;
- _configured = initStorage(cs.storageSettings().toMap());
+ QString auth_authenticator;
+ QVariantMap auth_properties;
+
+ bool writeError = false;
+
+ if (config_from_environment) {
+ db_backend = environment.value("DB_BACKEND");
+ auth_authenticator = environment.value("AUTH_AUTHENTICATOR");
+ } else {
+ CoreSettings cs;
+
+ QVariantMap dbsettings = cs.storageSettings().toMap();
+ db_backend = dbsettings.value("Backend").toString();
+ db_connectionProperties = dbsettings.value("ConnectionProperties").toMap();
- if (Quassel::isOptionSet("select-backend")) {
- selectBackend(Quassel::optionValue("select-backend"));
- exit(0);
+ QVariantMap authSettings = cs.authSettings().toMap();
+ auth_authenticator = authSettings.value("Authenticator", "Database").toString();
+ auth_properties = authSettings.value("AuthProperties").toMap();
+
+ writeError = !cs.isWritable();
}
- if (!_configured) {
- if (!_storageBackends.count()) {
- qWarning() << qPrintable(tr("Could not initialize any storage backend! Exiting..."));
- qWarning() << qPrintable(tr("Currently, Quassel supports SQLite3 and PostgreSQL. You need to build your\n"
- "Qt library with the sqlite or postgres plugin enabled in order for quasselcore\n"
- "to work."));
- exit(1); // TODO make this less brutal (especially for mono client -> popup)
+ // legacy
+ _configured = initStorage(db_backend, db_connectionProperties, environment, config_from_environment);
+
+ // Not entirely sure what is 'legacy' about the above, but it seems to be the way things work!
+ if (_configured) {
+ initAuthenticator(auth_authenticator, auth_properties, environment, config_from_environment);
+ }
+
+ if (Quassel::isOptionSet("select-backend") || Quassel::isOptionSet("select-authenticator")) {
+ bool success{true};
+ if (Quassel::isOptionSet("select-backend")) {
+ success &= selectBackend(Quassel::optionValue("select-backend"));
+ }
+ if (Quassel::isOptionSet("select-authenticator")) {
+ success &= selectAuthenticator(Quassel::optionValue("select-authenticator"));
}
- qWarning() << "Core is currently not configured! Please connect with a Quassel Client for basic setup.";
+ QCoreApplication::exit(success ? EXIT_SUCCESS : EXIT_FAILURE);
+ return success;
}
- if (Quassel::isOptionSet("add-user")) {
- createUser();
- exit(0);
+ if (!_configured) {
+ if (config_from_environment) {
+ _configured = initStorage(db_backend, db_connectionProperties, environment, config_from_environment, true);
+ initAuthenticator(auth_authenticator, auth_properties, environment, config_from_environment, true);
+
+ if (!_configured) {
+ qWarning() << "Cannot configure from environment";
+ QCoreApplication::exit(EXIT_FAILURE);
+ return false;
+ }
+ }
+ else {
+ if (_registeredStorageBackends.empty()) {
+ quWarning() << qPrintable(tr("Could not initialize any storage backend! Exiting..."));
+ quWarning()
+ << qPrintable(tr("Currently, Quassel supports SQLite3 and PostgreSQL. You need to build your\n"
+ "Qt library with the sqlite or postgres plugin enabled in order for quasselcore\n"
+ "to work."));
+ QCoreApplication::exit(EXIT_FAILURE); // TODO make this less brutal (especially for mono client -> popup)
+ return false;
+ }
+
+ if (writeError) {
+ qWarning() << "Cannot write quasselcore configuration; probably a permission problem.";
+ QCoreApplication::exit(EXIT_FAILURE);
+ return false;
+ }
+
+ quInfo() << "Core is currently not configured! Please connect with a Quassel Client for basic setup.";
+ }
}
+ else {
+ if (Quassel::isOptionSet("add-user")) {
+ bool success = createUser();
+ QCoreApplication::exit(success ? EXIT_SUCCESS : EXIT_FAILURE);
+ return success;
+ }
+
+ if (Quassel::isOptionSet("change-userpass")) {
+ bool success = changeUserPass(Quassel::optionValue("change-userpass"));
+ QCoreApplication::exit(success ? EXIT_SUCCESS : EXIT_FAILURE);
+ return success;
+ }
+
+ _strictIdentEnabled = Quassel::isOptionSet("strict-ident");
+ if (_strictIdentEnabled) {
+ cacheSysIdent();
+ }
+
+ if (Quassel::isOptionSet("oidentd")) {
+ _oidentdConfigGenerator = new OidentdConfigGenerator(this);
+ }
+
+
+ if (Quassel::isOptionSet("ident-daemon")) {
+ _identServer = new IdentServer(this);
+ }
- if (Quassel::isOptionSet("change-userpass")) {
- changeUserPass(Quassel::optionValue("change-userpass"));
- exit(0);
+ Quassel::registerReloadHandler([]() {
+ // Currently, only reloading SSL certificates and the sysident cache is supported
+ if (Core::instance()) {
+ Core::instance()->cacheSysIdent();
+ Core::instance()->reloadCerts();
+ return true;
+ }
+ return false;
+ });
+
+ connect(&_storageSyncTimer, SIGNAL(timeout()), this, SLOT(syncStorage()));
+ _storageSyncTimer.start(10 * 60 * 1000); // 10 minutes
}
connect(&_server, SIGNAL(newConnection()), this, SLOT(incomingConnection()));
connect(&_v6server, SIGNAL(newConnection()), this, SLOT(incomingConnection()));
- if (!startListening()) exit(1); // TODO make this less brutal
- if (Quassel::isOptionSet("oidentd"))
- _oidentdConfigGenerator = new OidentdConfigGenerator(this);
-}
+ if (!startListening()) {
+ QCoreApplication::exit(EXIT_FAILURE); // TODO make this less brutal
+ return false;
+ }
+
+ if (_configured && !Quassel::isOptionSet("norestore")) {
+ Core::restoreState();
+ }
+ _initialized = true;
-Core::~Core()
-{
- foreach(QTcpSocket *socket, blocksizes.keys()) {
- socket->disconnectFromHost(); // disconnect non authed clients
+ if (_pendingInternalConnection) {
+ connectInternalPeer(_pendingInternalConnection);
+ _pendingInternalConnection = {};
}
- qDeleteAll(sessions);
- qDeleteAll(_storageBackends);
-}
+ return true;
+}
/*** Session Restore ***/
void Core::saveState()
{
- CoreSettings s;
- QVariantMap state;
- QVariantList activeSessions;
- foreach(UserId user, instance()->sessions.keys()) activeSessions << QVariant::fromValue<UserId>(user);
- state["CoreStateVersion"] = 1;
- state["ActiveSessions"] = activeSessions;
- s.setCoreState(state);
+ if (_storage) {
+ QVariantList activeSessions;
+ for (auto &&user : instance()->_sessions.keys())
+ activeSessions << QVariant::fromValue<UserId>(user);
+ _storage->setCoreState(activeSessions);
+ }
}
void Core::restoreState()
{
- if (!instance()->_configured) {
- // qWarning() << qPrintable(tr("Cannot restore a state for an unconfigured core!"));
+ if (!_configured) {
+ quWarning() << qPrintable(tr("Cannot restore a state for an unconfigured core!"));
return;
}
- if (instance()->sessions.count()) {
- qWarning() << qPrintable(tr("Calling restoreState() even though active sessions exist!"));
+ if (_sessions.count()) {
+ quWarning() << qPrintable(tr("Calling restoreState() even though active sessions exist!"));
return;
}
+
CoreSettings s;
/* We don't check, since we are at the first version since switching to Git
uint statever = s.coreState().toMap()["CoreStateVersion"].toUInt();
if(statever < 1) {
- qWarning() << qPrintable(tr("Core state too old, ignoring..."));
+ quWarning() << qPrintable(tr("Core state too old, ignoring..."));
return;
}
*/
- QVariantList activeSessions = s.coreState().toMap()["ActiveSessions"].toList();
+ const QList<QVariant> &activeSessionsFallback = s.coreState().toMap()["ActiveSessions"].toList();
+ QVariantList activeSessions = instance()->_storage->getCoreState(activeSessionsFallback);
+
if (activeSessions.count() > 0) {
quInfo() << "Restoring previous core state...";
- foreach(QVariant v, activeSessions) {
+ for(auto &&v : activeSessions) {
UserId user = v.value<UserId>();
- instance()->createSession(user, true);
+ sessionForUser(user, true);
}
}
}
/*** Core Setup ***/
-QString Core::setupCoreForInternalUsage()
+
+QString Core::setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authenticator, const QVariantMap &authSetupData)
{
- Q_ASSERT(!_storageBackends.isEmpty());
- QVariantMap setupData;
- qsrand(QDateTime::currentDateTime().toTime_t());
- int pass = 0;
- for (int i = 0; i < 10; i++) {
- pass *= 10;
- pass += qrand() % 10;
- }
- setupData["AdminUser"] = "AdminUser";
- setupData["AdminPasswd"] = QString::number(pass);
- setupData["Backend"] = QString("SQLite"); // mono client currently needs sqlite
- return setupCore(setupData);
+ return instance()->setupCore(adminUser, adminPassword, backend, setupData, authenticator, authSetupData);
}
-QString Core::setupCore(QVariantMap setupData)
+QString Core::setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authenticator, const QVariantMap &authSetupData)
{
- QString user = setupData.take("AdminUser").toString();
- QString password = setupData.take("AdminPasswd").toString();
- if (user.isEmpty() || password.isEmpty()) {
+ if (_configured)
+ return tr("Core is already configured! Not configuring again...");
+
+ if (adminUser.isEmpty() || adminPassword.isEmpty()) {
return tr("Admin user or password not set.");
}
- if (_configured || !(_configured = initStorage(setupData, true))) {
+ if (!(_configured = initStorage(backend, setupData, {}, false, true))) {
return tr("Could not setup storage!");
}
- CoreSettings s;
- s.setStorageSettings(setupData);
+
+ quInfo() << "Selected authenticator:" << authenticator;
+ if (!(_configured = initAuthenticator(authenticator, authSetupData, {}, false, true)))
+ {
+ return tr("Could not setup authenticator!");
+ }
+
+ if (!saveBackendSettings(backend, setupData)) {
+ return tr("Could not save backend settings, probably a permission problem.");
+ }
+ saveAuthenticatorSettings(authenticator, authSetupData);
+
quInfo() << qPrintable(tr("Creating admin user..."));
- _storage->addUser(user, password);
+ _storage->addUser(adminUser, adminPassword);
+ cacheSysIdent();
startListening(); // TODO check when we need this
return QString();
}
-/*** Storage Handling ***/
-void Core::registerStorageBackends()
+QString Core::setupCoreForInternalUsage()
{
- // Register storage backends here!
- registerStorageBackend(new SqliteStorage(this));
- registerStorageBackend(new PostgreSqlStorage(this));
+ Q_ASSERT(!_registeredStorageBackends.empty());
+
+ qsrand(QDateTime::currentDateTime().toMSecsSinceEpoch());
+ int pass = 0;
+ for (int i = 0; i < 10; i++) {
+ pass *= 10;
+ pass += qrand() % 10;
+ }
+
+ // mono client currently needs sqlite
+ return setupCore("AdminUser", QString::number(pass), "SQLite", QVariantMap(), "Database", QVariantMap());
}
-bool Core::registerStorageBackend(Storage *backend)
+/*** Storage Handling ***/
+
+template<typename Storage>
+void Core::registerStorageBackend()
{
- if (backend->isAvailable()) {
- _storageBackends[backend->displayName()] = backend;
- return true;
- }
- else {
+ auto backend = makeDeferredShared<Storage>(this);
+ if (backend->isAvailable())
+ _registeredStorageBackends.emplace_back(std::move(backend));
+ else
backend->deleteLater();
- return false;
- }
}
-void Core::unregisterStorageBackends()
+void Core::registerStorageBackends()
{
- foreach(Storage *s, _storageBackends.values()) {
- s->deleteLater();
+ if (_registeredStorageBackends.empty()) {
+ registerStorageBackend<SqliteStorage>();
+ registerStorageBackend<PostgreSqlStorage>();
}
- _storageBackends.clear();
}
-void Core::unregisterStorageBackend(Storage *backend)
+DeferredSharedPtr<Storage> Core::storageBackend(const QString &backendId) const
{
- _storageBackends.remove(backend->displayName());
- backend->deleteLater();
+ auto it = std::find_if(_registeredStorageBackends.begin(), _registeredStorageBackends.end(),
+ [backendId](const DeferredSharedPtr<Storage> &backend) {
+ return backend->displayName() == backendId;
+ });
+ return it != _registeredStorageBackends.end() ? *it : nullptr;
}
-
// old db settings:
// "Type" => "sqlite"
-bool Core::initStorage(const QString &backend, QVariantMap settings, bool setup)
+bool Core::initStorage(const QString &backend, const QVariantMap &settings,
+ const QProcessEnvironment &environment, bool loadFromEnvironment, bool setup)
{
- _storage = 0;
-
if (backend.isEmpty()) {
+ quWarning() << "No storage backend selected!";
return false;
}
- Storage *storage = 0;
- if (_storageBackends.contains(backend)) {
- storage = _storageBackends[backend];
- }
- else {
+ auto storage = storageBackend(backend);
+ if (!storage) {
qCritical() << "Selected storage backend is not available:" << backend;
return false;
}
- Storage::State storageState = storage->init(settings);
+ connect(storage.get(), SIGNAL(dbUpgradeInProgress(bool)), this, SIGNAL(dbUpgradeInProgress(bool)));
+
+ Storage::State storageState = storage->init(settings, environment, loadFromEnvironment);
switch (storageState) {
case Storage::NeedsSetup:
if (!setup)
return false; // trigger setup process
- if (storage->setup(settings))
- return initStorage(backend, settings, false);
- // if setup wasn't successfull we mark the backend as unavailable
+ if (storage->setup(settings, environment, loadFromEnvironment))
+ return initStorage(backend, settings, environment, loadFromEnvironment, false);
+ return false;
+
+ // if initialization wasn't successful, we quit to keep from coming up unconfigured
case Storage::NotAvailable:
- qCritical() << "Selected storage backend is not available:" << backend;
- storage->deleteLater();
- _storageBackends.remove(backend);
- storage = 0;
+ qCritical() << "FATAL: Selected storage backend is not available:" << backend;
+ if (!setup) {
+ QCoreApplication::exit(EXIT_FAILURE);
+ }
return false;
+
case Storage::IsReady:
// delete all other backends
- _storageBackends.remove(backend);
- unregisterStorageBackends();
- connect(storage, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &)), this, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &)));
+ _registeredStorageBackends.clear();
+ connect(storage.get(), SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &)),
+ this, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &)));
+ break;
}
- _storage = storage;
+ _storage = std::move(storage);
return true;
}
-bool Core::initStorage(QVariantMap dbSettings, bool setup)
-{
- return initStorage(dbSettings["Backend"].toString(), dbSettings["ConnectionProperties"].toMap(), setup);
-}
-
-
void Core::syncStorage()
{
if (_storage)
}
+/*** Authenticators ***/
+
+// Authentication handling, now independent from storage.
+template<typename Authenticator>
+void Core::registerAuthenticator()
+{
+ auto authenticator = makeDeferredShared<Authenticator>(this);
+ if (authenticator->isAvailable())
+ _registeredAuthenticators.emplace_back(std::move(authenticator));
+ else
+ authenticator->deleteLater();
+}
+
+
+void Core::registerAuthenticators()
+{
+ if (_registeredAuthenticators.empty()) {
+ registerAuthenticator<SqlAuthenticator>();
+#ifdef HAVE_LDAP
+ registerAuthenticator<LdapAuthenticator>();
+#endif
+ }
+}
+
+
+DeferredSharedPtr<Authenticator> Core::authenticator(const QString &backendId) const
+{
+ auto it = std::find_if(_registeredAuthenticators.begin(), _registeredAuthenticators.end(),
+ [backendId](const DeferredSharedPtr<Authenticator> &authenticator) {
+ return authenticator->backendId() == backendId;
+ });
+ return it != _registeredAuthenticators.end() ? *it : nullptr;
+}
+
+
+// FIXME: Apparently, this is the legacy way of initting storage backends?
+// If there's a not-legacy way, it should be used here
+bool Core::initAuthenticator(const QString &backend, const QVariantMap &settings,
+ const QProcessEnvironment &environment, bool loadFromEnvironment,
+ bool setup)
+{
+ if (backend.isEmpty()) {
+ quWarning() << "No authenticator selected!";
+ return false;
+ }
+
+ auto auth = authenticator(backend);
+ if (!auth) {
+ qCritical() << "Selected auth backend is not available:" << backend;
+ return false;
+ }
+
+ Authenticator::State authState = auth->init(settings, environment, loadFromEnvironment);
+ switch (authState) {
+ case Authenticator::NeedsSetup:
+ if (!setup)
+ return false; // trigger setup process
+ if (auth->setup(settings, environment, loadFromEnvironment))
+ return initAuthenticator(backend, settings, environment, loadFromEnvironment, false);
+ return false;
+
+ // if initialization wasn't successful, we quit to keep from coming up unconfigured
+ case Authenticator::NotAvailable:
+ qCritical() << "FATAL: Selected auth backend is not available:" << backend;
+ if (!setup) {
+ QCoreApplication::exit(EXIT_FAILURE);
+ }
+ return false;
+
+ case Authenticator::IsReady:
+ // delete all other backends
+ _registeredAuthenticators.clear();
+ break;
+ }
+ _authenticator = std::move(auth);
+ return true;
+}
+
+
/*** Network Management ***/
+bool Core::sslSupported()
+{
+#ifdef HAVE_SSL
+ SslServer *sslServer = qobject_cast<SslServer *>(&instance()->_server);
+ return sslServer && sslServer->isCertValid();
+#else
+ return false;
+#endif
+}
+
+
+bool Core::reloadCerts()
+{
+#ifdef HAVE_SSL
+ SslServer *sslServerv4 = qobject_cast<SslServer *>(&_server);
+ bool retv4 = sslServerv4->reloadCerts();
+
+ SslServer *sslServerv6 = qobject_cast<SslServer *>(&_v6server);
+ bool retv6 = sslServerv6->reloadCerts();
+
+ return retv4 && retv6;
+#else
+ // SSL not supported, don't mark configuration reload as failed
+ return true;
+#endif
+}
+
+
+void Core::cacheSysIdent()
+{
+ if (isConfigured()) {
+ _authUserNames = _storage->getAllAuthUserNames();
+ }
+}
+
+
+QString Core::strictSysIdent(UserId user) const
+{
+ if (_authUserNames.contains(user)) {
+ return _authUserNames[user];
+ }
+
+ // A new user got added since we last pulled our cache from the database.
+ // There's no way to avoid a database hit - we don't even know the authname!
+ instance()->cacheSysIdent();
+
+ if (_authUserNames.contains(user)) {
+ return _authUserNames[user];
+ }
+
+ // ...something very weird is going on if we ended up here (an active CoreSession without a corresponding database entry?)
+ qWarning().nospace() << "Unable to find authusername for UserId " << user << ", this should never happen!";
+ return "unknown"; // Should we just terminate the program instead?
+}
+
+
bool Core::startListening()
{
// in mono mode we only start a local port if a port is specified in the cli call
if (!success)
quError() << qPrintable(tr("Could not open any network interfaces to listen on!"));
+ if (_identServer) {
+ _identServer->startListening();
+ }
+
return success;
}
void Core::stopListening(const QString &reason)
{
+ if (_identServer) {
+ _identServer->stopListening(reason);
+ }
+
bool wasListening = false;
if (_server.isListening()) {
wasListening = true;
Q_ASSERT(server);
while (server->hasPendingConnections()) {
QTcpSocket *socket = server->nextPendingConnection();
- connect(socket, SIGNAL(disconnected()), this, SLOT(clientDisconnected()));
- connect(socket, SIGNAL(readyRead()), this, SLOT(clientHasData()));
- connect(socket, SIGNAL(error(QAbstractSocket::SocketError)), this, SLOT(socketError(QAbstractSocket::SocketError)));
-
- QVariantMap clientInfo;
- blocksizes.insert(socket, (quint32)0);
- quInfo() << qPrintable(tr("Client connected from")) << qPrintable(socket->peerAddress().toString());
-
- if (!_configured) {
- stopListening(tr("Closing server for basic setup."));
- }
- }
-}
-
-
-void Core::clientHasData()
-{
- QTcpSocket *socket = dynamic_cast<QTcpSocket *>(sender());
- Q_ASSERT(socket && blocksizes.contains(socket));
- QVariant item;
- while (SignalProxy::readDataFromDevice(socket, blocksizes[socket], item)) {
- QVariantMap msg = item.toMap();
- processClientMessage(socket, msg);
- if (!blocksizes.contains(socket)) break; // this socket is no longer ours to handle!
- }
-}
+ CoreAuthHandler *handler = new CoreAuthHandler(socket, this);
+ _connectingClients.insert(handler);
-void Core::processClientMessage(QTcpSocket *socket, const QVariantMap &msg)
-{
- if (!msg.contains("MsgType")) {
- // Client is way too old, does not even use the current init format
- qWarning() << qPrintable(tr("Antique client trying to connect... refusing."));
- socket->close();
- return;
- }
- // OK, so we have at least an init message format we can understand
- if (msg["MsgType"] == "ClientInit") {
- QVariantMap reply;
-
- // Just version information -- check it!
- uint ver = msg["ProtocolVersion"].toUInt();
- if (ver < Quassel::buildInfo().coreNeedsProtocol) {
- reply["MsgType"] = "ClientInitReject";
- reply["Error"] = tr("<b>Your Quassel Client is too old!</b><br>"
- "This core needs at least client/core protocol version %1.<br>"
- "Please consider upgrading your client.").arg(Quassel::buildInfo().coreNeedsProtocol);
- SignalProxy::writeDataToDevice(socket, reply);
- qWarning() << qPrintable(tr("Client")) << qPrintable(socket->peerAddress().toString()) << qPrintable(tr("too old, rejecting."));
- socket->close(); return;
- }
+ connect(handler, SIGNAL(disconnected()), SLOT(clientDisconnected()));
+ connect(handler, SIGNAL(socketError(QAbstractSocket::SocketError,QString)), SLOT(socketError(QAbstractSocket::SocketError,QString)));
+ connect(handler, SIGNAL(handshakeComplete(RemotePeer*,UserId)), SLOT(setupClientSession(RemotePeer*,UserId)));
- reply["ProtocolVersion"] = Quassel::buildInfo().protocolVersion;
- reply["CoreVersion"] = Quassel::buildInfo().fancyVersionString;
- reply["CoreDate"] = Quassel::buildInfo().buildDate;
- reply["CoreStartTime"] = startTime(); // v10 clients don't necessarily parse this, see below
-
- // FIXME: newer clients no longer use the hardcoded CoreInfo (for now), since it gets the
- // time zone wrong. With the next protocol bump (10 -> 11), we should remove this
- // or make it properly configurable.
-
- int uptime = startTime().secsTo(QDateTime::currentDateTime().toUTC());
- int updays = uptime / 86400; uptime %= 86400;
- int uphours = uptime / 3600; uptime %= 3600;
- int upmins = uptime / 60;
- reply["CoreInfo"] = tr("<b>Quassel Core Version %1</b><br>"
- "Built: %2<br>"
- "Up %3d%4h%5m (since %6)").arg(Quassel::buildInfo().fancyVersionString)
- .arg(Quassel::buildInfo().buildDate)
- .arg(updays).arg(uphours, 2, 10, QChar('0')).arg(upmins, 2, 10, QChar('0')).arg(startTime().toString(Qt::TextDate));
-
- reply["CoreFeatures"] = (int)Quassel::features();
-
-#ifdef HAVE_SSL
- SslServer *sslServer = qobject_cast<SslServer *>(&_server);
- QSslSocket *sslSocket = qobject_cast<QSslSocket *>(socket);
- bool supportSsl = (bool)sslServer && (bool)sslSocket && sslServer->isCertValid();
-#else
- bool supportSsl = false;
-#endif
-
-#ifndef QT_NO_COMPRESS
- bool supportsCompression = true;
-#else
- bool supportsCompression = false;
-#endif
-
- reply["SupportSsl"] = supportSsl;
- reply["SupportsCompression"] = supportsCompression;
- // switch to ssl/compression after client has been informed about our capabilities (see below)
-
- reply["LoginEnabled"] = true;
+ quInfo() << qPrintable(tr("Client connected from")) << qPrintable(socket->peerAddress().toString());
- // check if we are configured, start wizard otherwise
if (!_configured) {
- reply["Configured"] = false;
- QList<QVariant> backends;
- foreach(Storage *backend, _storageBackends.values()) {
- QVariantMap v;
- v["DisplayName"] = backend->displayName();
- v["Description"] = backend->description();
- v["SetupKeys"] = backend->setupKeys();
- v["SetupDefaults"] = backend->setupDefaults();
- backends.append(v);
- }
- reply["StorageBackends"] = backends;
- reply["LoginEnabled"] = false;
- }
- else {
- reply["Configured"] = true;
- }
- clientInfo[socket] = msg; // store for future reference
- reply["MsgType"] = "ClientInitAck";
- SignalProxy::writeDataToDevice(socket, reply);
- socket->flush(); // ensure that the write cache is flushed before we switch to ssl
-
-#ifdef HAVE_SSL
- // after we told the client that we are ssl capable we switch to ssl mode
- if (supportSsl && msg["UseSsl"].toBool()) {
- qDebug() << qPrintable(tr("Starting TLS for Client:")) << qPrintable(socket->peerAddress().toString());
- connect(sslSocket, SIGNAL(sslErrors(const QList<QSslError> &)), this, SLOT(sslErrors(const QList<QSslError> &)));
- sslSocket->startServerEncryption();
- }
-#endif
-
-#ifndef QT_NO_COMPRESS
- if (supportsCompression && msg["UseCompression"].toBool()) {
- socket->setProperty("UseCompression", true);
- qDebug() << "Using compression for Client:" << qPrintable(socket->peerAddress().toString());
- }
-#endif
- }
- else {
- // for the rest, we need an initialized connection
- if (!clientInfo.contains(socket)) {
- QVariantMap reply;
- reply["MsgType"] = "ClientLoginReject";
- reply["Error"] = tr("<b>Client not initialized!</b><br>You need to send an init message before trying to login.");
- SignalProxy::writeDataToDevice(socket, reply);
- qWarning() << qPrintable(tr("Client")) << qPrintable(socket->peerAddress().toString()) << qPrintable(tr("did not send an init message before trying to login, rejecting."));
- socket->close(); return;
- }
- if (msg["MsgType"] == "CoreSetupData") {
- QVariantMap reply;
- QString result = setupCore(msg["SetupData"].toMap());
- if (!result.isEmpty()) {
- reply["MsgType"] = "CoreSetupReject";
- reply["Error"] = result;
- }
- else {
- reply["MsgType"] = "CoreSetupAck";
- }
- SignalProxy::writeDataToDevice(socket, reply);
- }
- else if (msg["MsgType"] == "ClientLogin") {
- QVariantMap reply;
- UserId uid = _storage->validateUser(msg["User"].toString(), msg["Password"].toString());
- if (uid == 0) {
- reply["MsgType"] = "ClientLoginReject";
- reply["Error"] = tr("<b>Invalid username or password!</b><br>The username/password combination you supplied could not be found in the database.");
- SignalProxy::writeDataToDevice(socket, reply);
- return;
- }
- reply["MsgType"] = "ClientLoginAck";
- SignalProxy::writeDataToDevice(socket, reply);
- quInfo() << qPrintable(tr("Client")) << qPrintable(socket->peerAddress().toString()) << qPrintable(tr("initialized and authenticated successfully as \"%1\" (UserId: %2).").arg(msg["User"].toString()).arg(uid.toInt()));
- setupClientSession(socket, uid);
+ stopListening(tr("Closing server for basic setup."));
}
}
}
// Potentially called during the initialization phase (before handing the connection off to the session)
void Core::clientDisconnected()
{
- QTcpSocket *socket = qobject_cast<QTcpSocket *>(sender());
- if (socket) {
- // here it's safe to call methods on socket!
- quInfo() << qPrintable(tr("Non-authed client disconnected.")) << qPrintable(socket->peerAddress().toString());
- blocksizes.remove(socket);
- clientInfo.remove(socket);
- socket->deleteLater();
- }
- else {
- // we have to crawl through the hashes and see if we find a victim to remove
- qDebug() << qPrintable(tr("Non-authed client disconnected. (socket allready destroyed)"));
-
- // DO NOT CALL ANY METHODS ON socket!!
- socket = static_cast<QTcpSocket *>(sender());
-
- QHash<QTcpSocket *, quint32>::iterator blockSizeIter = blocksizes.begin();
- while (blockSizeIter != blocksizes.end()) {
- if (blockSizeIter.key() == socket) {
- blockSizeIter = blocksizes.erase(blockSizeIter);
- }
- else {
- blockSizeIter++;
- }
- }
+ CoreAuthHandler *handler = qobject_cast<CoreAuthHandler *>(sender());
+ Q_ASSERT(handler);
- QHash<QTcpSocket *, QVariantMap>::iterator clientInfoIter = clientInfo.begin();
- while (clientInfoIter != clientInfo.end()) {
- if (clientInfoIter.key() == socket) {
- clientInfoIter = clientInfo.erase(clientInfoIter);
- }
- else {
- clientInfoIter++;
- }
- }
- }
+ quInfo() << qPrintable(tr("Non-authed client disconnected:")) << qPrintable(handler->socket()->peerAddress().toString());
+ _connectingClients.remove(handler);
+ handler->deleteLater();
// make server listen again if still not configured
if (!_configured) {
}
-void Core::setupClientSession(QTcpSocket *socket, UserId uid)
+void Core::setupClientSession(RemotePeer *peer, UserId uid)
{
+ CoreAuthHandler *handler = qobject_cast<CoreAuthHandler *>(sender());
+ Q_ASSERT(handler);
+
// From now on everything is handled by the client session
- disconnect(socket, 0, this, 0);
- socket->flush();
- blocksizes.remove(socket);
- clientInfo.remove(socket);
+ disconnect(handler, 0, this, 0);
+ _connectingClients.remove(handler);
+ handler->deleteLater();
// Find or create session for validated user
- SessionThread *session;
- if (sessions.contains(uid)) {
- session = sessions[uid];
- }
- else {
- session = createSession(uid);
- if (!session) {
- qWarning() << qPrintable(tr("Could not initialize session for client:")) << qPrintable(socket->peerAddress().toString());
- socket->close();
- return;
- }
- }
+ sessionForUser(uid);
// as we are currently handling an event triggered by incoming data on this socket
// it is unsafe to directly move the socket to the client thread.
- QCoreApplication::postEvent(this, new AddClientEvent(socket, uid));
+ QCoreApplication::postEvent(this, new AddClientEvent(peer, uid));
}
{
if (event->type() == AddClientEventId) {
AddClientEvent *addClientEvent = static_cast<AddClientEvent *>(event);
- addClientHelper(addClientEvent->socket, addClientEvent->userId);
+ addClientHelper(addClientEvent->peer, addClientEvent->userId);
return;
}
}
-void Core::addClientHelper(QTcpSocket *socket, UserId uid)
+void Core::addClientHelper(RemotePeer *peer, UserId uid)
{
// Find or create session for validated user
- if (!sessions.contains(uid)) {
- qWarning() << qPrintable(tr("Could not find a session for client:")) << qPrintable(socket->peerAddress().toString());
- socket->close();
- return;
- }
+ SessionThread *session = sessionForUser(uid);
+ session->addClient(peer);
+}
+
- SessionThread *session = sessions[uid];
- session->addClient(socket);
+void Core::connectInternalPeer(QPointer<InternalPeer> peer)
+{
+ if (_initialized && peer) {
+ setupInternalClientSession(peer);
+ }
+ else {
+ _pendingInternalConnection = peer;
+ }
}
-void Core::setupInternalClientSession(SignalProxy *proxy)
+void Core::setupInternalClientSession(QPointer<InternalPeer> clientPeer)
{
if (!_configured) {
stopListening();
uid = _storage->internalUser();
}
else {
- qWarning() << "Core::setupInternalClientSession(): You're trying to run monolithic Quassel with an unusable Backend! Go fix it!";
+ quWarning() << "Core::setupInternalClientSession(): You're trying to run monolithic Quassel with an unusable Backend! Go fix it!";
+ QCoreApplication::exit(EXIT_FAILURE);
return;
}
+ if (!clientPeer) {
+ quWarning() << "Client peer went away, not starting a session";
+ return;
+ }
+
+ InternalPeer *corePeer = new InternalPeer(this);
+ corePeer->setPeer(clientPeer);
+ clientPeer->setPeer(corePeer);
+
// Find or create session for validated user
- SessionThread *sess;
- if (sessions.contains(uid))
- sess = sessions[uid];
- else
- sess = createSession(uid);
- sess->addClient(proxy);
+ SessionThread *sessionThread = sessionForUser(uid);
+ sessionThread->addClient(corePeer);
}
-SessionThread *Core::createSession(UserId uid, bool restore)
+SessionThread *Core::sessionForUser(UserId uid, bool restore)
{
- if (sessions.contains(uid)) {
- qWarning() << "Calling createSession() when a session for the user already exists!";
- return 0;
- }
- SessionThread *sess = new SessionThread(uid, restore, this);
- sessions[uid] = sess;
- sess->start();
- return sess;
+ if (_sessions.contains(uid))
+ return _sessions[uid];
+
+ SessionThread *session = new SessionThread(uid, restore, strictIdentEnabled(), this);
+ _sessions[uid] = session;
+ session->start();
+ return session;
}
-#ifdef HAVE_SSL
-void Core::sslErrors(const QList<QSslError> &errors)
+void Core::socketError(QAbstractSocket::SocketError err, const QString &errorString)
{
- Q_UNUSED(errors);
- QSslSocket *socket = qobject_cast<QSslSocket *>(sender());
- if (socket)
- socket->ignoreSslErrors();
+ quWarning() << QString("Socket error %1: %2").arg(err).arg(errorString);
}
-#endif
-
-void Core::socketError(QAbstractSocket::SocketError err)
+QVariantList Core::backendInfo()
{
- QAbstractSocket *socket = qobject_cast<QAbstractSocket *>(sender());
- if (socket && err != QAbstractSocket::RemoteHostClosedError)
- qWarning() << "Core::socketError()" << socket << err << socket->errorString();
+ instance()->registerStorageBackends();
+
+ QVariantList backendInfos;
+ for (auto &&backend : instance()->_registeredStorageBackends) {
+ QVariantMap v;
+ v["BackendId"] = backend->backendId();
+ v["DisplayName"] = backend->displayName();
+ v["Description"] = backend->description();
+ v["SetupData"] = backend->setupData(); // ignored by legacy clients
+
+ // TODO Protocol Break: Remove legacy (cf. authenticatorInfo())
+ const auto &setupData = backend->setupData();
+ QStringList setupKeys;
+ QVariantMap setupDefaults;
+ for (int i = 0; i + 2 < setupData.size(); i += 3) {
+ setupKeys << setupData[i].toString();
+ setupDefaults[setupData[i].toString()] = setupData[i + 2];
+ }
+ v["SetupKeys"] = setupKeys;
+ v["SetupDefaults"] = setupDefaults;
+ // TODO Protocol Break: Remove
+ v["IsDefault"] = (backend->backendId() == "SQLite"); // newer clients will just use the first in the list
+
+ backendInfos << v;
+ }
+ return backendInfos;
}
+QVariantList Core::authenticatorInfo()
+{
+ instance()->registerAuthenticators();
+
+ QVariantList authInfos;
+ for(auto &&backend : instance()->_registeredAuthenticators) {
+ QVariantMap v;
+ v["BackendId"] = backend->backendId();
+ v["DisplayName"] = backend->displayName();
+ v["Description"] = backend->description();
+ v["SetupData"] = backend->setupData();
+ authInfos << v;
+ }
+ return authInfos;
+}
+
// migration / backend selection
bool Core::selectBackend(const QString &backend)
{
// reregister all storage backends
registerStorageBackends();
- if (!_storageBackends.contains(backend)) {
- qWarning() << qPrintable(QString("Core::selectBackend(): unsupported backend: %1").arg(backend));
- qWarning() << " supported backends are:" << qPrintable(QStringList(_storageBackends.keys()).join(", "));
+ auto storage = storageBackend(backend);
+ if (!storage) {
+ QStringList backends;
+ std::transform(_registeredStorageBackends.begin(), _registeredStorageBackends.end(),
+ std::back_inserter(backends), [](const DeferredSharedPtr<Storage>& backend) {
+ return backend->displayName();
+ });
+ quWarning() << qPrintable(tr("Unsupported storage backend: %1").arg(backend));
+ quWarning() << qPrintable(tr("Supported backends are:")) << qPrintable(backends.join(", "));
return false;
}
- Storage *storage = _storageBackends[backend];
- QVariantMap settings = promptForSettings(storage);
+ QVariantMap settings = promptForSettings(storage.get());
Storage::State storageState = storage->init(settings);
switch (storageState) {
case Storage::IsReady:
- saveBackendSettings(backend, settings);
- qWarning() << "Switched backend to:" << qPrintable(backend);
- qWarning() << "Backend already initialized. Skipping Migration";
+ if (!saveBackendSettings(backend, settings)) {
+ qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem."));
+ }
+ quWarning() << qPrintable(tr("Switched storage backend to: %1").arg(backend));
+ quWarning() << qPrintable(tr("Backend already initialized. Skipping Migration..."));
return true;
case Storage::NotAvailable:
- qCritical() << "Backend is not available:" << qPrintable(backend);
+ qCritical() << qPrintable(tr("Storage backend is not available: %1").arg(backend));
return false;
case Storage::NeedsSetup:
if (!storage->setup(settings)) {
- qWarning() << qPrintable(QString("Core::selectBackend(): unable to setup backend: %1").arg(backend));
+ quWarning() << qPrintable(tr("Unable to setup storage backend: %1").arg(backend));
return false;
}
if (storage->init(settings) != Storage::IsReady) {
- qWarning() << qPrintable(QString("Core::migrateBackend(): unable to initialize backend: %1").arg(backend));
+ quWarning() << qPrintable(tr("Unable to initialize storage backend: %1").arg(backend));
return false;
}
- saveBackendSettings(backend, settings);
- qWarning() << "Switched backend to:" << qPrintable(backend);
+ if (!saveBackendSettings(backend, settings)) {
+ qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem."));
+ }
+ quWarning() << qPrintable(tr("Switched storage backend to: %1").arg(backend));
break;
}
// let's see if we have a current storage object we can migrate from
- AbstractSqlMigrationReader *reader = getMigrationReader(_storage);
- AbstractSqlMigrationWriter *writer = getMigrationWriter(storage);
+ auto reader = getMigrationReader(_storage.get());
+ auto writer = getMigrationWriter(storage.get());
if (reader && writer) {
- qDebug() << qPrintable(QString("Migrating Storage backend %1 to %2...").arg(_storage->displayName(), storage->displayName()));
- delete _storage;
- _storage = 0;
- delete storage;
- storage = 0;
- if (reader->migrateTo(writer)) {
+ qDebug() << qPrintable(tr("Migrating storage backend %1 to %2...").arg(_storage->displayName(), storage->displayName()));
+ _storage.reset();
+ storage.reset();
+ if (reader->migrateTo(writer.get())) {
qDebug() << "Migration finished!";
- saveBackendSettings(backend, settings);
+ qDebug() << qPrintable(tr("Migration finished!"));
+ if (!saveBackendSettings(backend, settings)) {
+ qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem."));
+ return false;
+ }
return true;
}
+ quWarning() << qPrintable(tr("Unable to migrate storage backend! (No migration writer for %1)").arg(backend));
return false;
- qWarning() << qPrintable(QString("Core::migrateDb(): unable to migrate storage backend! (No migration writer for %1)").arg(backend));
}
// inform the user why we cannot merge
if (!_storage) {
- qWarning() << "No currently active backend. Skipping migration.";
+ quWarning() << qPrintable(tr("No currently active storage backend. Skipping migration..."));
}
else if (!reader) {
- qWarning() << "Currently active backend does not support migration:" << qPrintable(_storage->displayName());
+ quWarning() << qPrintable(tr("Currently active storage backend does not support migration: %1").arg(_storage->displayName()));
}
if (writer) {
- qWarning() << "New backend does not support migration:" << qPrintable(backend);
+ quWarning() << qPrintable(tr("New storage backend does not support migration: %1").arg(backend));
}
// so we were unable to merge, but let's create a user \o/
- _storage = storage;
+ _storage = std::move(storage);
createUser();
return true;
}
+// TODO: I am not sure if this function is implemented correctly.
+// There is currently no concept of migraiton between auth backends.
+bool Core::selectAuthenticator(const QString &backend)
+{
+ // Register all authentication backends.
+ registerAuthenticators();
+ auto auther = authenticator(backend);
+ if (!auther) {
+ QStringList authenticators;
+ std::transform(_registeredAuthenticators.begin(), _registeredAuthenticators.end(),
+ std::back_inserter(authenticators), [](const DeferredSharedPtr<Authenticator>& authenticator) {
+ return authenticator->displayName();
+ });
+ quWarning() << qPrintable(tr("Unsupported authenticator: %1").arg(backend));
+ quWarning() << qPrintable(tr("Supported authenticators are:")) << qPrintable(authenticators.join(", "));
+ return false;
+ }
+
+ QVariantMap settings = promptForSettings(auther.get());
+
+ Authenticator::State state = auther->init(settings);
+ switch (state) {
+ case Authenticator::IsReady:
+ saveAuthenticatorSettings(backend, settings);
+ quWarning() << qPrintable(tr("Switched authenticator to: %1").arg(backend));
+ return true;
+ case Authenticator::NotAvailable:
+ qCritical() << qPrintable(tr("Authenticator is not available: %1").arg(backend));
+ return false;
+ case Authenticator::NeedsSetup:
+ if (!auther->setup(settings)) {
+ quWarning() << qPrintable(tr("Unable to setup authenticator: %1").arg(backend));
+ return false;
+ }
-void Core::createUser()
+ if (auther->init(settings) != Authenticator::IsReady) {
+ quWarning() << qPrintable(tr("Unable to initialize authenticator: %1").arg(backend));
+ return false;
+ }
+
+ saveAuthenticatorSettings(backend, settings);
+ quWarning() << qPrintable(tr("Switched authenticator to: %1").arg(backend));
+ }
+
+ _authenticator = std::move(auther);
+ return true;
+}
+
+
+bool Core::createUser()
{
QTextStream out(stdout);
QTextStream in(stdin);
enableStdInEcho();
if (password != password2) {
- qWarning() << "Passwords don't match!";
- return;
+ quWarning() << "Passwords don't match!";
+ return false;
}
if (password.isEmpty()) {
- qWarning() << "Password is empty!";
- return;
+ quWarning() << "Password is empty!";
+ return false;
}
if (_configured && _storage->addUser(username, password).isValid()) {
out << "Added user " << username << " successfully!" << endl;
+ return true;
}
else {
- qWarning() << "Unable to add user:" << qPrintable(username);
+ quWarning() << "Unable to add user:" << qPrintable(username);
+ return false;
}
}
-void Core::changeUserPass(const QString &username)
+bool Core::changeUserPass(const QString &username)
{
QTextStream out(stdout);
QTextStream in(stdin);
UserId userId = _storage->getUserId(username);
if (!userId.isValid()) {
out << "User " << username << " does not exist." << endl;
- return;
+ return false;
+ }
+
+ if (!canChangeUserPassword(userId)) {
+ out << "User " << username << " is configured through an auth provider that has forbidden manual password changing." << endl;
+ return false;
}
out << "Change password for user: " << username << endl;
enableStdInEcho();
if (password != password2) {
- qWarning() << "Passwords don't match!";
- return;
+ quWarning() << "Passwords don't match!";
+ return false;
}
if (password.isEmpty()) {
- qWarning() << "Password is empty!";
- return;
+ quWarning() << "Password is empty!";
+ return false;
}
if (_configured && _storage->updateUser(userId, password)) {
out << "Password changed successfully!" << endl;
+ return true;
}
else {
- qWarning() << "Failed to change password!";
+ quWarning() << "Failed to change password!";
+ return false;
+ }
+}
+
+
+bool Core::changeUserPassword(UserId userId, const QString &password)
+{
+ if (!isConfigured() || !userId.isValid())
+ return false;
+
+ if (!canChangeUserPassword(userId))
+ return false;
+
+ return instance()->_storage->updateUser(userId, password);
+}
+
+// TODO: this code isn't currently 100% optimal because the core
+// doesn't know it can have multiple auth providers configured (there aren't
+// multiple auth providers at the moment anyway) and we have hardcoded the
+// Database provider to be always allowed.
+bool Core::canChangeUserPassword(UserId userId)
+{
+ QString authProvider = instance()->_storage->getUserAuthenticator(userId);
+ if (authProvider != "Database") {
+ if (authProvider != instance()->_authenticator->backendId()) {
+ return false;
+ }
+ else if (instance()->_authenticator->canChangePassword()) {
+ return false;
+ }
}
+ return true;
}
-AbstractSqlMigrationReader *Core::getMigrationReader(Storage *storage)
+std::unique_ptr<AbstractSqlMigrationReader> Core::getMigrationReader(Storage *storage)
{
if (!storage)
- return 0;
+ return nullptr;
AbstractSqlStorage *sqlStorage = qobject_cast<AbstractSqlStorage *>(storage);
if (!sqlStorage) {
qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!";
- return 0;
+ return nullptr;
}
return sqlStorage->createMigrationReader();
}
-AbstractSqlMigrationWriter *Core::getMigrationWriter(Storage *storage)
+std::unique_ptr<AbstractSqlMigrationWriter> Core::getMigrationWriter(Storage *storage)
{
if (!storage)
- return 0;
+ return nullptr;
AbstractSqlStorage *sqlStorage = qobject_cast<AbstractSqlStorage *>(storage);
if (!sqlStorage) {
qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!";
- return 0;
+ return nullptr;
}
return sqlStorage->createMigrationWriter();
}
-void Core::saveBackendSettings(const QString &backend, const QVariantMap &settings)
+bool Core::saveBackendSettings(const QString &backend, const QVariantMap &settings)
{
QVariantMap dbsettings;
dbsettings["Backend"] = backend;
dbsettings["ConnectionProperties"] = settings;
- CoreSettings().setStorageSettings(dbsettings);
+ CoreSettings s = CoreSettings();
+ s.setStorageSettings(dbsettings);
+ return s.sync();
}
-QVariantMap Core::promptForSettings(const Storage *storage)
+void Core::saveAuthenticatorSettings(const QString &backend, const QVariantMap &settings)
+{
+ QVariantMap dbsettings;
+ dbsettings["Authenticator"] = backend;
+ dbsettings["AuthProperties"] = settings;
+ CoreSettings().setAuthSettings(dbsettings);
+}
+
+// Generic version of promptForSettings that doesn't care what *type* of
+// backend it runs over.
+template<typename Backend>
+QVariantMap Core::promptForSettings(const Backend *backend)
{
QVariantMap settings;
+ const QVariantList& setupData = backend->setupData();
- QStringList keys = storage->setupKeys();
- if (keys.isEmpty())
+ if (setupData.isEmpty())
return settings;
QTextStream out(stdout);
QTextStream in(stdin);
out << "Default values are in brackets" << endl;
- QVariantMap defaults = storage->setupDefaults();
- QString value;
- foreach(QString key, keys) {
- QVariant val;
- if (defaults.contains(key)) {
- val = defaults[key];
- }
- out << key;
- if (!val.toString().isEmpty()) {
- out << " (" << val.toString() << ")";
- }
- out << ": ";
- out.flush();
+ for (int i = 0; i + 2 < setupData.size(); i += 3) {
+ QString key = setupData[i].toString();
+ out << setupData[i+1].toString() << " [" << setupData[i+2].toString() << "]: " << flush;
- bool noEcho = QString("password").toLower().startsWith(key.toLower());
+ bool noEcho = key.toLower().contains("password");
if (noEcho) {
disableStdInEcho();
}
- value = in.readLine().trimmed();
+ QString input = in.readLine().trimmed();
if (noEcho) {
out << endl;
enableStdInEcho();
}
- if (!value.isEmpty()) {
- switch (defaults[key].type()) {
+ QVariant value{setupData[i+2]};
+ if (!input.isEmpty()) {
+ switch (value.type()) {
case QVariant::Int:
- val = QVariant(value.toInt());
+ value = input.toInt();
break;
default:
- val = QVariant(value);
+ value = input;
}
}
- settings[key] = val;
+ settings[key] = value;
}
return settings;
}
-#ifdef Q_OS_WIN32
+#ifdef Q_OS_WIN
void Core::stdInEcho(bool on)
{
HANDLE hStdin = GetStdHandle(STD_INPUT_HANDLE);
SetConsoleMode(hStdin, mode);
}
-
#else
void Core::stdInEcho(bool on)
{
tcsetattr(STDIN_FILENO, TCSANOW, &t);
}
-
-#endif /* Q_OS_WIN32 */
+#endif /* Q_OS_WIN */
projects / quassel.git / blobdiff