X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fclient%2Fclientauthhandler.cpp;h=68f545ee06c2b3b8b9266a2933731aa057c71ec5;hp=eeca2cffc8cae998537d7635ef8d03855ceeb353;hb=fcacaaf16551524c7ebb6114254d005274cc3d63;hpb=d98cc721477645abcb5387313f3ad2c96a580ad6 diff --git a/src/client/clientauthhandler.cpp b/src/client/clientauthhandler.cpp index eeca2cff..68f545ee 100644 --- a/src/client/clientauthhandler.cpp +++ b/src/client/clientauthhandler.cpp @@ -1,5 +1,5 @@ /*************************************************************************** - * Copyright (C) 2005-2015 by the Quassel Project * + * Copyright (C) 2005-2018 by the Quassel Project * * devel@quassel-irc.org * * * * This program is free software; you can redistribute it and/or modify * @@ -20,8 +20,6 @@ #include "clientauthhandler.h" -// TODO: support system application proxy (new in Qt 4.6) - #include #ifdef HAVE_SSL @@ -32,17 +30,14 @@ #include "client.h" #include "clientsettings.h" +#include "logmessage.h" #include "peerfactory.h" -#if QT_VERSION < 0x050000 -# include "../../3rdparty/sha512/sha512.h" -#endif - using namespace Protocol; ClientAuthHandler::ClientAuthHandler(CoreAccount account, QObject *parent) : AuthHandler(parent), - _peer(0), + _peer(nullptr), _account(account), _probing(false), _legacy(false), @@ -52,12 +47,18 @@ ClientAuthHandler::ClientAuthHandler(CoreAccount account, QObject *parent) } +Peer *ClientAuthHandler::peer() const +{ + return _peer; +} + + void ClientAuthHandler::connectToCore() { CoreAccountSettings s; #ifdef HAVE_SSL - QSslSocket *socket = new QSslSocket(this); + auto *socket = new QSslSocket(this); // make sure the warning is shown if we happen to connect without SSL support later s.setAccountValue("ShowNoClientSslWarning", true); #else @@ -75,18 +76,29 @@ void ClientAuthHandler::connectToCore() QTcpSocket *socket = new QTcpSocket(this); #endif -// TODO: Handle system proxy #ifndef QT_NO_NETWORKPROXY - if (_account.useProxy()) { - QNetworkProxy proxy(_account.proxyType(), _account.proxyHostName(), _account.proxyPort(), _account.proxyUser(), _account.proxyPassword()); + QNetworkProxy proxy; + proxy.setType(_account.proxyType()); + if (_account.proxyType() == QNetworkProxy::Socks5Proxy || + _account.proxyType() == QNetworkProxy::HttpProxy) { + proxy.setHostName(_account.proxyHostName()); + proxy.setPort(_account.proxyPort()); + proxy.setUser(_account.proxyUser()); + proxy.setPassword(_account.proxyPassword()); + } + + if (_account.proxyType() == QNetworkProxy::DefaultProxy) { + QNetworkProxyFactory::setUseSystemConfiguration(true); + } else { + QNetworkProxyFactory::setUseSystemConfiguration(false); socket->setProxy(proxy); } #endif setSocket(socket); - connect(socket, SIGNAL(stateChanged(QAbstractSocket::SocketState)), SLOT(onSocketStateChanged(QAbstractSocket::SocketState))); - connect(socket, SIGNAL(readyRead()), SLOT(onReadyRead())); - connect(socket, SIGNAL(connected()), SLOT(onSocketConnected())); + connect(socket, &QAbstractSocket::stateChanged, this, &ClientAuthHandler::onSocketStateChanged); + connect(socket, &QIODevice::readyRead, this, &ClientAuthHandler::onReadyRead); + connect(socket, &QAbstractSocket::connected, this, &ClientAuthHandler::onSocketConnected); emit statusMessage(tr("Connecting to %1...").arg(_account.accountName())); socket->connectToHost(_account.hostName(), _account.port()); @@ -149,7 +161,7 @@ void ClientAuthHandler::onSocketDisconnected() if (_probing && _legacy) { // Remote host has closed the connection while probing _probing = false; - disconnect(socket(), SIGNAL(readyRead()), this, SLOT(onReadyRead())); + disconnect(socket(), &QIODevice::readyRead, this, &ClientAuthHandler::onReadyRead); emit statusMessage(tr("Reconnecting in compatibility mode...")); socket()->connectToHost(_account.hostName(), _account.port()); return; @@ -219,14 +231,14 @@ void ClientAuthHandler::onReadyRead() return; // make sure to not read more data than needed _probing = false; - disconnect(socket(), SIGNAL(readyRead()), this, SLOT(onReadyRead())); + disconnect(socket(), &QIODevice::readyRead, this, &ClientAuthHandler::onReadyRead); quint32 reply; socket()->read((char *)&reply, 4); reply = qFromBigEndian(reply); - Protocol::Type type = static_cast(reply & 0xff); - quint16 protoFeatures = static_cast(reply>>8 & 0xffff); + auto type = static_cast(reply & 0xff); + auto protoFeatures = static_cast(reply>>8 & 0xffff); _connectionFeatures = static_cast(reply>>24); Compressor::CompressionLevel level; @@ -267,7 +279,7 @@ void ClientAuthHandler::setPeer(RemotePeer *peer) qDebug().nospace() << "Using " << qPrintable(peer->protocolName()) << "..."; _peer = peer; - connect(_peer, SIGNAL(transferProgress(int,int)), SIGNAL(transferProgress(int,int))); + connect(_peer, &RemotePeer::transferProgress, this, &ClientAuthHandler::transferProgress); // The legacy protocol enables SSL later, after registration if (!_account.useSsl() || _legacy) @@ -288,7 +300,7 @@ void ClientAuthHandler::startRegistration() useSsl = _account.useSsl(); #endif - _peer->dispatch(RegisterClient(Quassel::buildInfo().fancyVersionString, Quassel::buildInfo().buildDate, useSsl)); + _peer->dispatch(RegisterClient(Quassel::Features{}, Quassel::buildInfo().fancyVersionString, Quassel::buildInfo().commitDate, useSsl)); } @@ -303,8 +315,9 @@ void ClientAuthHandler::handle(const ClientRegistered &msg) { _coreConfigured = msg.coreConfigured; _backendInfo = msg.backendInfo; + _authenticatorInfo = msg.authenticatorInfo; - Client::setCoreFeatures(static_cast(msg.coreFeatures)); + _peer->setFeatures(std::move(msg.features)); // The legacy protocol enables SSL at this point if(_legacy && _account.useSsl()) @@ -316,12 +329,21 @@ void ClientAuthHandler::handle(const ClientRegistered &msg) void ClientAuthHandler::onConnectionReady() { + const auto &coreFeatures = _peer->features(); + auto unsupported = coreFeatures.toStringList(false); + if (!unsupported.isEmpty()) { + quInfo() << qPrintable(tr("Core does not support the following features: %1").arg(unsupported.join(", "))); + } + if (!coreFeatures.unknownFeatures().isEmpty()) { + quInfo() << qPrintable(tr("Core supports unknown features: %1").arg(coreFeatures.unknownFeatures().join(", "))); + } + emit connectionReady(); emit statusMessage(tr("Connected to %1").arg(_account.accountName())); if (!_coreConfigured) { // start wizard - emit startCoreSetup(_backendInfo); + emit startCoreSetup(_backendInfo, _authenticatorInfo); } else // TODO: check if we need LoginEnabled login(); @@ -389,10 +411,10 @@ void ClientAuthHandler::handle(const LoginSuccess &msg) void ClientAuthHandler::handle(const SessionState &msg) { - disconnect(socket(), 0, this, 0); // this is the last message we shall ever get + disconnect(socket(), nullptr, this, nullptr); // this is the last message we shall ever get // give up ownership of the peer; CoreSession takes responsibility now - _peer->setParent(0); + _peer->setParent(nullptr); emit handshakeComplete(_peer, msg); } @@ -409,9 +431,9 @@ void ClientAuthHandler::checkAndEnableSsl(bool coreSupportsSsl) // Make sure the warning is shown next time we don't have SSL in the core s.setAccountValue("ShowNoCoreSslWarning", true); - QSslSocket *sslSocket = qobject_cast(socket()); + auto *sslSocket = qobject_cast(socket()); Q_ASSERT(sslSocket); - connect(sslSocket, SIGNAL(encrypted()), SLOT(onSslSocketEncrypted())); + connect(sslSocket, &QSslSocket::encrypted, this, &ClientAuthHandler::onSslSocketEncrypted); connect(sslSocket, SIGNAL(sslErrors(QList)), SLOT(onSslErrors())); qDebug() << "Starting encryption..."; sslSocket->flush(); @@ -441,7 +463,7 @@ void ClientAuthHandler::checkAndEnableSsl(bool coreSupportsSsl) void ClientAuthHandler::onSslSocketEncrypted() { - QSslSocket *socket = qobject_cast(sender()); + auto *socket = qobject_cast(sender()); Q_ASSERT(socket); if (!socket->sslErrors().count()) { @@ -463,7 +485,7 @@ void ClientAuthHandler::onSslSocketEncrypted() void ClientAuthHandler::onSslErrors() { - QSslSocket *socket = qobject_cast(sender()); + auto *socket = qobject_cast(sender()); Q_ASSERT(socket); CoreAccountSettings s; @@ -477,17 +499,13 @@ void ClientAuthHandler::onSslErrors() break; case ClientAuthHandler::DigestVersion::Sha2_512: -#if QT_VERSION >= 0x050000 calculatedDigest = socket->peerCertificate().digest(QCryptographicHash::Sha512); -#else - calculatedDigest = sha2_512(socket->peerCertificate().toDer()); -#endif break; default: qWarning() << "Certificate digest version" << QString(knownDigestVersion) << "is not supported"; } - + if (knownDigest != calculatedDigest) { bool accepted = false; bool permanently = false; @@ -499,11 +517,7 @@ void ClientAuthHandler::onSslErrors() } if (permanently) { -#if QT_VERSION >= 0x050000 s.setAccountValue("SslCert", socket->peerCertificate().digest(QCryptographicHash::Sha512)); -#else - s.setAccountValue("SslCert", sha2_512(socket->peerCertificate().toDer())); -#endif s.setAccountValue("SslCertDigestVersion", ClientAuthHandler::DigestVersion::Latest); } else { @@ -512,28 +526,11 @@ void ClientAuthHandler::onSslErrors() } } else if (knownDigestVersion != ClientAuthHandler::DigestVersion::Latest) { -#if QT_VERSION >= 0x050000 s.setAccountValue("SslCert", socket->peerCertificate().digest(QCryptographicHash::Sha512)); -#else - s.setAccountValue("SslCert", sha2_512(socket->peerCertificate().toDer())); -#endif s.setAccountValue("SslCertDigestVersion", ClientAuthHandler::DigestVersion::Latest); } socket->ignoreSslErrors(); } -#if QT_VERSION < 0x050000 -QByteArray ClientAuthHandler::sha2_512(const QByteArray &input) { - unsigned char output[64]; - sha512((unsigned char*) input.constData(), input.size(), output, false); - // QByteArray::fromRawData() cannot be used here because that constructor - // does not copy "output" and the data is clobbered when the variable goes - // out of scope. - QByteArray result; - result.append((char*) output, 64); - return result; -} -#endif - #endif /* HAVE_SSL */