X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fcore%2Fcore.cpp;h=35b46b613886dd93f76b8ccb0ae19f0fd382e416;hp=008c5b0a37cde56205c1c061ec4e9ed493874d43;hb=e2188dc438be6f3eb0d9cdf47d28821aefe9835e;hpb=84cd3561e97167ffb98ecab0fd2b884ba1d13ada diff --git a/src/core/core.cpp b/src/core/core.cpp index 008c5b0a..35b46b61 100644 --- a/src/core/core.cpp +++ b/src/core/core.cpp @@ -1,5 +1,5 @@ /*************************************************************************** - * Copyright (C) 2005-2014 by the Quassel Project * + * Copyright (C) 2005-2018 by the Quassel Project * * devel@quassel-irc.org * * * * This program is free software; you can redistribute it and/or modify * @@ -18,20 +18,28 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * ***************************************************************************/ +#include + #include #include "core.h" #include "coreauthhandler.h" #include "coresession.h" #include "coresettings.h" -#include "logger.h" #include "internalpeer.h" +#include "logmessage.h" #include "network.h" #include "postgresqlstorage.h" #include "quassel.h" +#include "sqlauthenticator.h" #include "sqlitestorage.h" +#include "types.h" #include "util.h" +#ifdef HAVE_LDAP +# include "ldapauthenticator.h" +#endif + // migration related #include #ifdef Q_OS_WIN @@ -41,11 +49,6 @@ # include #endif /* Q_OS_WIN */ -#ifdef HAVE_UMASK -# include -# include -#endif /* HAVE_UMASK */ - // ============================== // Custom Events // ============================== @@ -63,167 +66,226 @@ public: // ============================== // Core // ============================== -Core *Core::instanceptr = 0; -Core *Core::instance() +Core::Core() + : Singleton{this} { - if (instanceptr) return instanceptr; - instanceptr = new Core(); - instanceptr->init(); - return instanceptr; + Q_INIT_RESOURCE(sql); + + // Parent all QObject-derived attributes, so when the Core instance gets moved into another + // thread, they get moved with it + _server.setParent(this); + _v6server.setParent(this); + _storageSyncTimer.setParent(this); } -void Core::destroy() +Core::~Core() { - delete instanceptr; - instanceptr = 0; + qDeleteAll(_connectingClients); + qDeleteAll(_sessions); + syncStorage(); } -Core::Core() - : QObject(), - _storage(0) +void Core::init() { -#ifdef HAVE_UMASK - umask(S_IRWXG | S_IRWXO); -#endif _startTime = QDateTime::currentDateTime().toUTC(); // for uptime :) - Quassel::loadTranslation(QLocale::system()); - - // FIXME: MIGRATION 0.3 -> 0.4: Move database and core config to new location - // Move settings, note this does not delete the old files -#ifdef Q_OS_MAC - QSettings newSettings("quassel-irc.org", "quasselcore"); -#else - -# ifdef Q_OS_WIN - QSettings::Format format = QSettings::IniFormat; -# else - QSettings::Format format = QSettings::NativeFormat; -# endif - QString newFilePath = Quassel::configDirPath() + "quasselcore" - + ((format == QSettings::NativeFormat) ? QLatin1String(".conf") : QLatin1String(".ini")); - QSettings newSettings(newFilePath, format); -#endif /* Q_OS_MAC */ - - if (newSettings.value("Config/Version").toUInt() == 0) { -# ifdef Q_OS_MAC - QString org = "quassel-irc.org"; -# else - QString org = "Quassel Project"; -# endif - QSettings oldSettings(org, "Quassel Core"); - if (oldSettings.allKeys().count()) { - qWarning() << "\n\n*** IMPORTANT: Config and data file locations have changed. Attempting to auto-migrate your core settings..."; - foreach(QString key, oldSettings.allKeys()) - newSettings.setValue(key, oldSettings.value(key)); - newSettings.setValue("Config/Version", 1); - qWarning() << "* Your core settings have been migrated to" << newSettings.fileName(); - -#ifndef Q_OS_MAC /* we don't need to move the db and cert for mac */ -#ifdef Q_OS_WIN - QString quasselDir = qgetenv("APPDATA") + "/quassel/"; -#elif defined Q_OS_MAC - QString quasselDir = QDir::homePath() + "/Library/Application Support/Quassel/"; -#else - QString quasselDir = QDir::homePath() + "/.quassel/"; -#endif - - QFileInfo info(Quassel::configDirPath() + "quassel-storage.sqlite"); - if (!info.exists()) { - // move database, if we found it - QFile oldDb(quasselDir + "quassel-storage.sqlite"); - if (oldDb.exists()) { - bool success = oldDb.rename(Quassel::configDirPath() + "quassel-storage.sqlite"); - if (success) - qWarning() << "* Your database has been moved to" << Quassel::configDirPath() + "quassel-storage.sqlite"; - else - qWarning() << "!!! Moving your database has failed. Please move it manually into" << Quassel::configDirPath(); - } - } - // move certificate - QFileInfo certInfo(quasselDir + "quasselCert.pem"); - if (certInfo.exists()) { - QFile cert(quasselDir + "quasselCert.pem"); - bool success = cert.rename(Quassel::configDirPath() + "quasselCert.pem"); - if (success) - qWarning() << "* Your certificate has been moved to" << Quassel::configDirPath() + "quasselCert.pem"; - else - qWarning() << "!!! Moving your certificate has failed. Please move it manually into" << Quassel::configDirPath(); - } -#endif /* !Q_OS_MAC */ - qWarning() << "*** Migration completed.\n\n"; - } - } - // MIGRATION end - // check settings version // so far, we only have 1 CoreSettings s; if (s.version() != 1) { - qCritical() << "Invalid core settings version, terminating!"; - exit(EXIT_FAILURE); + throw ExitException{EXIT_FAILURE, tr("Invalid core settings version!")}; } + // Set up storage and authentication backends registerStorageBackends(); + registerAuthenticators(); - connect(&_storageSyncTimer, SIGNAL(timeout()), this, SLOT(syncStorage())); - _storageSyncTimer.start(10 * 60 * 1000); // 10 minutes -} + QProcessEnvironment environment = QProcessEnvironment::systemEnvironment(); + bool config_from_environment = Quassel::isOptionSet("config-from-environment"); + QString db_backend; + QVariantMap db_connectionProperties; -void Core::init() -{ - CoreSettings cs; - // legacy - QVariantMap dbsettings = cs.storageSettings().toMap(); - _configured = initStorage(dbsettings.value("Backend").toString(), dbsettings.value("ConnectionProperties").toMap()); + QString auth_authenticator; + QVariantMap auth_properties; - if (Quassel::isOptionSet("select-backend")) { - selectBackend(Quassel::optionValue("select-backend")); - exit(0); + bool writeError = false; + + if (config_from_environment) { + db_backend = environment.value("DB_BACKEND"); + auth_authenticator = environment.value("AUTH_AUTHENTICATOR"); } + else { + CoreSettings cs; - if (!_configured) { - if (!_storageBackends.count()) { - qWarning() << qPrintable(tr("Could not initialize any storage backend! Exiting...")); - qWarning() << qPrintable(tr("Currently, Quassel supports SQLite3 and PostgreSQL. You need to build your\n" - "Qt library with the sqlite or postgres plugin enabled in order for quasselcore\n" - "to work.")); - exit(1); // TODO make this less brutal (especially for mono client -> popup) + QVariantMap dbsettings = cs.storageSettings().toMap(); + db_backend = dbsettings.value("Backend").toString(); + db_connectionProperties = dbsettings.value("ConnectionProperties").toMap(); + + QVariantMap authSettings = cs.authSettings().toMap(); + auth_authenticator = authSettings.value("Authenticator", "Database").toString(); + auth_properties = authSettings.value("AuthProperties").toMap(); + + writeError = !cs.isWritable(); + } + + try { + _configured = initStorage(db_backend, db_connectionProperties, environment, config_from_environment); + if (_configured) { + _configured = initAuthenticator(auth_authenticator, auth_properties, environment, config_from_environment); + } + } + catch (ExitException) { + // Try again later + _configured = false; + } + + if (Quassel::isOptionSet("select-backend") || Quassel::isOptionSet("select-authenticator")) { + bool success{true}; + if (Quassel::isOptionSet("select-backend")) { + success &= selectBackend(Quassel::optionValue("select-backend")); + } + if (Quassel::isOptionSet("select-authenticator")) { + success &= selectAuthenticator(Quassel::optionValue("select-authenticator")); } - qWarning() << "Core is currently not configured! Please connect with a Quassel Client for basic setup."; + throw ExitException{success ? EXIT_SUCCESS : EXIT_FAILURE}; } - if (Quassel::isOptionSet("add-user")) { - createUser(); - exit(0); + if (!_configured) { + if (config_from_environment) { + try { + _configured = initStorage(db_backend, db_connectionProperties, environment, config_from_environment, true); + if (_configured) { + _configured = initAuthenticator(auth_authenticator, auth_properties, environment, config_from_environment, true); + } + } + catch (ExitException e) { + throw ExitException{EXIT_FAILURE, tr("Cannot configure from environment: %1").arg(e.errorString)}; + } + + if (!_configured) { + throw ExitException{EXIT_FAILURE, tr("Cannot configure from environment!")}; + } + } + else { + if (_registeredStorageBackends.empty()) { + throw ExitException{EXIT_FAILURE, + tr("Could not initialize any storage backend! Exiting...\n" + "Currently, Quassel supports SQLite3 and PostgreSQL. You need to build your\n" + "Qt library with the sqlite or postgres plugin enabled in order for quasselcore\n" + "to work.")}; + } + + if (writeError) { + throw ExitException{EXIT_FAILURE, tr("Cannot write quasselcore configuration; probably a permission problem.")}; + } + + quInfo() << "Core is currently not configured! Please connect with a Quassel Client for basic setup."; + } } + else { + if (Quassel::isOptionSet("add-user")) { + bool success = createUser(); + throw ExitException{success ? EXIT_SUCCESS : EXIT_FAILURE}; + } + + if (Quassel::isOptionSet("change-userpass")) { + bool success = changeUserPass(Quassel::optionValue("change-userpass")); + throw ExitException{success ? EXIT_SUCCESS : EXIT_FAILURE}; + } + + _strictIdentEnabled = Quassel::isOptionSet("strict-ident"); + if (_strictIdentEnabled) { + cacheSysIdent(); + } + + if (Quassel::isOptionSet("oidentd")) { + _oidentdConfigGenerator = new OidentdConfigGenerator(this); + } + + + if (Quassel::isOptionSet("ident-daemon")) { + _identServer = new IdentServer(this); + } + + Quassel::registerReloadHandler([]() { + // Currently, only reloading SSL certificates and the sysident cache is supported + if (Core::instance()) { + Core::instance()->cacheSysIdent(); + Core::instance()->reloadCerts(); + return true; + } + return false; + }); - if (Quassel::isOptionSet("change-userpass")) { - changeUserPass(Quassel::optionValue("change-userpass")); - exit(0); + connect(&_storageSyncTimer, SIGNAL(timeout()), this, SLOT(syncStorage())); + _storageSyncTimer.start(10 * 60 * 1000); // 10 minutes } connect(&_server, SIGNAL(newConnection()), this, SLOT(incomingConnection())); connect(&_v6server, SIGNAL(newConnection()), this, SLOT(incomingConnection())); - if (!startListening()) exit(1); // TODO make this less brutal - if (Quassel::isOptionSet("oidentd")) - _oidentdConfigGenerator = new OidentdConfigGenerator(this); + if (!startListening()) { + throw ExitException{EXIT_FAILURE, tr("Cannot open port for listening!")}; + } + + if (_configured && !Quassel::isOptionSet("norestore")) { + Core::restoreState(); + } + + _initialized = true; + + if (_pendingInternalConnection) { + connectInternalPeer(_pendingInternalConnection); + _pendingInternalConnection = {}; + } } -Core::~Core() +void Core::initAsync() { - // FIXME do we need more cleanup for handlers? - foreach(CoreAuthHandler *handler, _connectingClients) { - handler->deleteLater(); // disconnect non authed clients + try { + init(); + } + catch (ExitException e) { + emit exitRequested(e.exitCode, e.errorString); + } +} + + +void Core::shutdown() +{ + quInfo() << "Core shutting down..."; + + saveState(); + + for (auto &&client : _connectingClients) { + client->deleteLater(); + } + _connectingClients.clear(); + + if (_sessions.isEmpty()) { + emit shutdownComplete(); + return; + } + + for (auto &&session : _sessions) { + connect(session, SIGNAL(shutdownComplete(SessionThread*)), this, SLOT(onSessionShutdown(SessionThread*))); + session->shutdown(); + } +} + + +void Core::onSessionShutdown(SessionThread *session) +{ + _sessions.take(_sessions.key(session))->deleteLater(); + if (_sessions.isEmpty()) { + quInfo() << "Core shutdown complete!"; + emit shutdownComplete(); } - qDeleteAll(sessions); - qDeleteAll(_storageBackends); } @@ -231,41 +293,43 @@ Core::~Core() void Core::saveState() { - CoreSettings s; - QVariantMap state; - QVariantList activeSessions; - foreach(UserId user, instance()->sessions.keys()) activeSessions << QVariant::fromValue(user); - state["CoreStateVersion"] = 1; - state["ActiveSessions"] = activeSessions; - s.setCoreState(state); + if (_storage) { + QVariantList activeSessions; + for (auto &&user : instance()->_sessions.keys()) + activeSessions << QVariant::fromValue(user); + _storage->setCoreState(activeSessions); + } } void Core::restoreState() { - if (!instance()->_configured) { - // qWarning() << qPrintable(tr("Cannot restore a state for an unconfigured core!")); + if (!_configured) { + quWarning() << qPrintable(tr("Cannot restore a state for an unconfigured core!")); return; } - if (instance()->sessions.count()) { - qWarning() << qPrintable(tr("Calling restoreState() even though active sessions exist!")); + if (_sessions.count()) { + quWarning() << qPrintable(tr("Calling restoreState() even though active sessions exist!")); return; } + CoreSettings s; /* We don't check, since we are at the first version since switching to Git uint statever = s.coreState().toMap()["CoreStateVersion"].toUInt(); if(statever < 1) { - qWarning() << qPrintable(tr("Core state too old, ignoring...")); + quWarning() << qPrintable(tr("Core state too old, ignoring...")); return; } */ - QVariantList activeSessions = s.coreState().toMap()["ActiveSessions"].toList(); + const QList &activeSessionsFallback = s.coreState().toMap()["ActiveSessions"].toList(); + QVariantList activeSessions = instance()->_storage->getCoreState(activeSessionsFallback); + if (activeSessions.count() > 0) { quInfo() << "Restoring previous core state..."; - foreach(QVariant v, activeSessions) { + for(auto &&v : activeSessions) { UserId user = v.value(); - instance()->createSession(user, true); + sessionForUser(user, true); } } } @@ -273,13 +337,13 @@ void Core::restoreState() /*** Core Setup ***/ -QString Core::setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData) +QString Core::setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authenticator, const QVariantMap &authSetupData) { - return instance()->setupCore(adminUser, adminPassword, backend, setupData); + return instance()->setupCore(adminUser, adminPassword, backend, setupData, authenticator, authSetupData); } -QString Core::setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData) +QString Core::setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authenticator, const QVariantMap &authSetupData) { if (_configured) return tr("Core is already configured! Not configuring again..."); @@ -287,14 +351,31 @@ QString Core::setupCore(const QString &adminUser, const QString &adminPassword, if (adminUser.isEmpty() || adminPassword.isEmpty()) { return tr("Admin user or password not set."); } - if (!(_configured = initStorage(backend, setupData, true))) { - return tr("Could not setup storage!"); + try { + if (!(_configured = initStorage(backend, setupData, {}, false, true))) { + return tr("Could not setup storage!"); + } + + quInfo() << "Selected authenticator:" << authenticator; + if (!(_configured = initAuthenticator(authenticator, authSetupData, {}, false, true))) + { + return tr("Could not setup authenticator!"); + } + } + catch (ExitException e) { + // Event loop is running, so trigger an exit rather than throwing an exception + QCoreApplication::exit(e.exitCode); + return e.errorString.isEmpty() ? tr("Fatal failure while trying to setup, terminating") : e.errorString; } - saveBackendSettings(backend, setupData); + if (!saveBackendSettings(backend, setupData)) { + return tr("Could not save backend settings, probably a permission problem."); + } + saveAuthenticatorSettings(authenticator, authSetupData); quInfo() << qPrintable(tr("Creating admin user...")); _storage->addUser(adminUser, adminPassword); + cacheSysIdent(); startListening(); // TODO check when we need this return QString(); } @@ -302,9 +383,9 @@ QString Core::setupCore(const QString &adminUser, const QString &adminPassword, QString Core::setupCoreForInternalUsage() { - Q_ASSERT(!_storageBackends.isEmpty()); + Q_ASSERT(!_registeredStorageBackends.empty()); - qsrand(QDateTime::currentDateTime().toTime_t()); + qsrand(QDateTime::currentDateTime().toMSecsSinceEpoch()); int pass = 0; for (int i = 0; i < 10; i++) { pass *= 10; @@ -312,88 +393,83 @@ QString Core::setupCoreForInternalUsage() } // mono client currently needs sqlite - return setupCore("AdminUser", QString::number(pass), "SQLite", QVariantMap()); + return setupCore("AdminUser", QString::number(pass), "SQLite", QVariantMap(), "Database", QVariantMap()); } /*** Storage Handling ***/ -void Core::registerStorageBackends() -{ - // Register storage backends here! - registerStorageBackend(new SqliteStorage(this)); - registerStorageBackend(new PostgreSqlStorage(this)); -} - -bool Core::registerStorageBackend(Storage *backend) +template +void Core::registerStorageBackend() { - if (backend->isAvailable()) { - _storageBackends[backend->displayName()] = backend; - return true; - } - else { + auto backend = makeDeferredShared(this); + if (backend->isAvailable()) + _registeredStorageBackends.emplace_back(std::move(backend)); + else backend->deleteLater(); - return false; - } } -void Core::unregisterStorageBackends() +void Core::registerStorageBackends() { - foreach(Storage *s, _storageBackends.values()) { - s->deleteLater(); + if (_registeredStorageBackends.empty()) { + registerStorageBackend(); + registerStorageBackend(); } - _storageBackends.clear(); } -void Core::unregisterStorageBackend(Storage *backend) +DeferredSharedPtr Core::storageBackend(const QString &backendId) const { - _storageBackends.remove(backend->displayName()); - backend->deleteLater(); + auto it = std::find_if(_registeredStorageBackends.begin(), _registeredStorageBackends.end(), + [backendId](const DeferredSharedPtr &backend) { + return backend->displayName() == backendId; + }); + return it != _registeredStorageBackends.end() ? *it : nullptr; } -// old db settings: -// "Type" => "sqlite" -bool Core::initStorage(const QString &backend, const QVariantMap &settings, bool setup) +bool Core::initStorage(const QString &backend, const QVariantMap &settings, + const QProcessEnvironment &environment, bool loadFromEnvironment, bool setup) { - _storage = 0; - if (backend.isEmpty()) { + quWarning() << "No storage backend selected!"; return false; } - Storage *storage = 0; - if (_storageBackends.contains(backend)) { - storage = _storageBackends[backend]; - } - else { + auto storage = storageBackend(backend); + if (!storage) { qCritical() << "Selected storage backend is not available:" << backend; return false; } - Storage::State storageState = storage->init(settings); + connect(storage.get(), SIGNAL(dbUpgradeInProgress(bool)), this, SIGNAL(dbUpgradeInProgress(bool))); + + Storage::State storageState = storage->init(settings, environment, loadFromEnvironment); switch (storageState) { case Storage::NeedsSetup: if (!setup) return false; // trigger setup process - if (storage->setup(settings)) - return initStorage(backend, settings, false); - // if setup wasn't successfull we mark the backend as unavailable + if (storage->setup(settings, environment, loadFromEnvironment)) + return initStorage(backend, settings, environment, loadFromEnvironment, false); + return false; + case Storage::NotAvailable: + if (!setup) { + // If initialization wasn't successful, we quit to keep from coming up unconfigured + throw ExitException{EXIT_FAILURE, tr("Selected storage backend %1 is not available.").arg(backend)}; + } qCritical() << "Selected storage backend is not available:" << backend; - storage->deleteLater(); - _storageBackends.remove(backend); - storage = 0; return false; + case Storage::IsReady: // delete all other backends - _storageBackends.remove(backend); - unregisterStorageBackends(); - connect(storage, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &)), this, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &))); + _registeredStorageBackends.clear(); + connect(storage.get(), SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &)), + this, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &))); + break; } - _storage = storage; + _storage = std::move(storage); return true; } @@ -417,12 +493,91 @@ bool Core::createNetwork(UserId user, NetworkInfo &info) } +/*** Authenticators ***/ + +// Authentication handling, now independent from storage. +template +void Core::registerAuthenticator() +{ + auto authenticator = makeDeferredShared(this); + if (authenticator->isAvailable()) + _registeredAuthenticators.emplace_back(std::move(authenticator)); + else + authenticator->deleteLater(); +} + + +void Core::registerAuthenticators() +{ + if (_registeredAuthenticators.empty()) { + registerAuthenticator(); +#ifdef HAVE_LDAP + registerAuthenticator(); +#endif + } +} + + +DeferredSharedPtr Core::authenticator(const QString &backendId) const +{ + auto it = std::find_if(_registeredAuthenticators.begin(), _registeredAuthenticators.end(), + [backendId](const DeferredSharedPtr &authenticator) { + return authenticator->backendId() == backendId; + }); + return it != _registeredAuthenticators.end() ? *it : nullptr; +} + + +// FIXME: Apparently, this is the legacy way of initting storage backends? +// If there's a not-legacy way, it should be used here +bool Core::initAuthenticator(const QString &backend, const QVariantMap &settings, + const QProcessEnvironment &environment, bool loadFromEnvironment, + bool setup) +{ + if (backend.isEmpty()) { + quWarning() << "No authenticator selected!"; + return false; + } + + auto auth = authenticator(backend); + if (!auth) { + qCritical() << "Selected auth backend is not available:" << backend; + return false; + } + + Authenticator::State authState = auth->init(settings, environment, loadFromEnvironment); + switch (authState) { + case Authenticator::NeedsSetup: + if (!setup) + return false; // trigger setup process + if (auth->setup(settings, environment, loadFromEnvironment)) + return initAuthenticator(backend, settings, environment, loadFromEnvironment, false); + return false; + + case Authenticator::NotAvailable: + if (!setup) { + // If initialization wasn't successful, we quit to keep from coming up unconfigured + throw ExitException{EXIT_FAILURE, tr("Selected auth backend %1 is not available.").arg(backend)}; + } + qCritical() << "Selected auth backend is not available:" << backend; + return false; + + case Authenticator::IsReady: + // delete all other backends + _registeredAuthenticators.clear(); + break; + } + _authenticator = std::move(auth); + return true; +} + + /*** Network Management ***/ bool Core::sslSupported() { #ifdef HAVE_SSL - SslServer *sslServer = qobject_cast(&instance()->_server); + auto *sslServer = qobject_cast(&instance()->_server); return sslServer && sslServer->isCertValid(); #else return false; @@ -430,6 +585,51 @@ bool Core::sslSupported() } +bool Core::reloadCerts() +{ +#ifdef HAVE_SSL + auto *sslServerv4 = qobject_cast(&_server); + bool retv4 = sslServerv4->reloadCerts(); + + auto *sslServerv6 = qobject_cast(&_v6server); + bool retv6 = sslServerv6->reloadCerts(); + + return retv4 && retv6; +#else + // SSL not supported, don't mark configuration reload as failed + return true; +#endif +} + + +void Core::cacheSysIdent() +{ + if (isConfigured()) { + _authUserNames = _storage->getAllAuthUserNames(); + } +} + + +QString Core::strictSysIdent(UserId user) const +{ + if (_authUserNames.contains(user)) { + return _authUserNames[user]; + } + + // A new user got added since we last pulled our cache from the database. + // There's no way to avoid a database hit - we don't even know the authname! + instance()->cacheSysIdent(); + + if (_authUserNames.contains(user)) { + return _authUserNames[user]; + } + + // ...something very weird is going on if we ended up here (an active CoreSession without a corresponding database entry?) + qWarning().nospace() << "Unable to find authusername for UserId " << user << ", this should never happen!"; + return "unknown"; // Should we just terminate the program instead? +} + + bool Core::startListening() { // in mono mode we only start a local port if a port is specified in the cli call @@ -502,12 +702,20 @@ bool Core::startListening() if (!success) quError() << qPrintable(tr("Could not open any network interfaces to listen on!")); + if (_identServer) { + _identServer->startListening(); + } + return success; } void Core::stopListening(const QString &reason) { + if (_identServer) { + _identServer->stopListening(reason); + } + bool wasListening = false; if (_server.isListening()) { wasListening = true; @@ -528,12 +736,12 @@ void Core::stopListening(const QString &reason) void Core::incomingConnection() { - QTcpServer *server = qobject_cast(sender()); + auto *server = qobject_cast(sender()); Q_ASSERT(server); while (server->hasPendingConnections()) { QTcpSocket *socket = server->nextPendingConnection(); - CoreAuthHandler *handler = new CoreAuthHandler(socket, this); + auto *handler = new CoreAuthHandler(socket, this); _connectingClients.insert(handler); connect(handler, SIGNAL(disconnected()), SLOT(clientDisconnected())); @@ -552,7 +760,7 @@ void Core::incomingConnection() // Potentially called during the initialization phase (before handing the connection off to the session) void Core::clientDisconnected() { - CoreAuthHandler *handler = qobject_cast(sender()); + auto *handler = qobject_cast(sender()); Q_ASSERT(handler); quInfo() << qPrintable(tr("Non-authed client disconnected:")) << qPrintable(handler->socket()->peerAddress().toString()); @@ -571,28 +779,16 @@ void Core::clientDisconnected() void Core::setupClientSession(RemotePeer *peer, UserId uid) { - CoreAuthHandler *handler = qobject_cast(sender()); + auto *handler = qobject_cast(sender()); Q_ASSERT(handler); // From now on everything is handled by the client session - disconnect(handler, 0, this, 0); + disconnect(handler, nullptr, this, nullptr); _connectingClients.remove(handler); handler->deleteLater(); // Find or create session for validated user - SessionThread *session; - if (sessions.contains(uid)) { - session = sessions[uid]; - } - else { - session = createSession(uid); - if (!session) { - qWarning() << qPrintable(tr("Could not initialize session for client:")) << qPrintable(peer->description()); - peer->close(); - peer->deleteLater(); - return; - } - } + sessionForUser(uid); // as we are currently handling an event triggered by incoming data on this socket // it is unsafe to directly move the socket to the client thread. @@ -603,7 +799,7 @@ void Core::setupClientSession(RemotePeer *peer, UserId uid) void Core::customEvent(QEvent *event) { if (event->type() == AddClientEventId) { - AddClientEvent *addClientEvent = static_cast(event); + auto *addClientEvent = static_cast(event); addClientHelper(addClientEvent->peer, addClientEvent->userId); return; } @@ -613,23 +809,31 @@ void Core::customEvent(QEvent *event) void Core::addClientHelper(RemotePeer *peer, UserId uid) { // Find or create session for validated user - if (!sessions.contains(uid)) { - qWarning() << qPrintable(tr("Could not find a session for client:")) << qPrintable(peer->description()); - peer->close(); - peer->deleteLater(); - return; - } - - SessionThread *session = sessions[uid]; + SessionThread *session = sessionForUser(uid); session->addClient(peer); } -void Core::setupInternalClientSession(InternalPeer *clientPeer) +void Core::connectInternalPeer(QPointer peer) +{ + if (_initialized && peer) { + setupInternalClientSession(peer); + } + else { + _pendingInternalConnection = peer; + } +} + + +void Core::setupInternalClientSession(QPointer clientPeer) { if (!_configured) { stopListening(); - setupCoreForInternalUsage(); + auto errorString = setupCoreForInternalUsage(); + if (!errorString.isEmpty()) { + emit exitRequested(EXIT_FAILURE, errorString); + return; + } } UserId uid; @@ -637,136 +841,224 @@ void Core::setupInternalClientSession(InternalPeer *clientPeer) uid = _storage->internalUser(); } else { - qWarning() << "Core::setupInternalClientSession(): You're trying to run monolithic Quassel with an unusable Backend! Go fix it!"; + quWarning() << "Core::setupInternalClientSession(): You're trying to run monolithic Quassel with an unusable Backend! Go fix it!"; + emit exitRequested(EXIT_FAILURE, tr("Cannot setup storage backend.")); + return; + } + + if (!clientPeer) { + quWarning() << "Client peer went away, not starting a session"; return; } - InternalPeer *corePeer = new InternalPeer(this); + auto *corePeer = new InternalPeer(this); corePeer->setPeer(clientPeer); clientPeer->setPeer(corePeer); // Find or create session for validated user - SessionThread *sessionThread; - if (sessions.contains(uid)) - sessionThread = sessions[uid]; - else - sessionThread = createSession(uid); - + SessionThread *sessionThread = sessionForUser(uid); sessionThread->addClient(corePeer); } -SessionThread *Core::createSession(UserId uid, bool restore) +SessionThread *Core::sessionForUser(UserId uid, bool restore) { - if (sessions.contains(uid)) { - qWarning() << "Calling createSession() when a session for the user already exists!"; - return 0; - } - SessionThread *sess = new SessionThread(uid, restore, this); - sessions[uid] = sess; - sess->start(); - return sess; + if (_sessions.contains(uid)) + return _sessions[uid]; + + return (_sessions[uid] = new SessionThread(uid, restore, strictIdentEnabled(), this)); } void Core::socketError(QAbstractSocket::SocketError err, const QString &errorString) { - qWarning() << QString("Socket error %1: %2").arg(err).arg(errorString); + quWarning() << QString("Socket error %1: %2").arg(err).arg(errorString); } QVariantList Core::backendInfo() { - QVariantList backends; - foreach(const Storage *backend, instance()->_storageBackends.values()) { + instance()->registerStorageBackends(); + + QVariantList backendInfos; + for (auto &&backend : instance()->_registeredStorageBackends) { QVariantMap v; + v["BackendId"] = backend->backendId(); v["DisplayName"] = backend->displayName(); v["Description"] = backend->description(); - v["SetupKeys"] = backend->setupKeys(); - v["SetupDefaults"] = backend->setupDefaults(); - backends.append(v); + v["SetupData"] = backend->setupData(); // ignored by legacy clients + + // TODO Protocol Break: Remove legacy (cf. authenticatorInfo()) + const auto &setupData = backend->setupData(); + QStringList setupKeys; + QVariantMap setupDefaults; + for (int i = 0; i + 2 < setupData.size(); i += 3) { + setupKeys << setupData[i].toString(); + setupDefaults[setupData[i].toString()] = setupData[i + 2]; + } + v["SetupKeys"] = setupKeys; + v["SetupDefaults"] = setupDefaults; + // TODO Protocol Break: Remove + v["IsDefault"] = (backend->backendId() == "SQLite"); // newer clients will just use the first in the list + + backendInfos << v; } - return backends; + return backendInfos; } +QVariantList Core::authenticatorInfo() +{ + instance()->registerAuthenticators(); + + QVariantList authInfos; + for(auto &&backend : instance()->_registeredAuthenticators) { + QVariantMap v; + v["BackendId"] = backend->backendId(); + v["DisplayName"] = backend->displayName(); + v["Description"] = backend->description(); + v["SetupData"] = backend->setupData(); + authInfos << v; + } + return authInfos; +} + // migration / backend selection bool Core::selectBackend(const QString &backend) { // reregister all storage backends registerStorageBackends(); - if (!_storageBackends.contains(backend)) { - qWarning() << qPrintable(QString("Core::selectBackend(): unsupported backend: %1").arg(backend)); - qWarning() << " supported backends are:" << qPrintable(QStringList(_storageBackends.keys()).join(", ")); + auto storage = storageBackend(backend); + if (!storage) { + QStringList backends; + std::transform(_registeredStorageBackends.begin(), _registeredStorageBackends.end(), + std::back_inserter(backends), [](const DeferredSharedPtr& backend) { + return backend->displayName(); + }); + quWarning() << qPrintable(tr("Unsupported storage backend: %1").arg(backend)); + quWarning() << qPrintable(tr("Supported backends are:")) << qPrintable(backends.join(", ")); return false; } - Storage *storage = _storageBackends[backend]; - QVariantMap settings = promptForSettings(storage); + QVariantMap settings = promptForSettings(storage.get()); Storage::State storageState = storage->init(settings); switch (storageState) { case Storage::IsReady: - saveBackendSettings(backend, settings); - qWarning() << "Switched backend to:" << qPrintable(backend); - qWarning() << "Backend already initialized. Skipping Migration"; + if (!saveBackendSettings(backend, settings)) { + qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem.")); + } + quWarning() << qPrintable(tr("Switched storage backend to: %1").arg(backend)); + quWarning() << qPrintable(tr("Backend already initialized. Skipping Migration...")); return true; case Storage::NotAvailable: - qCritical() << "Backend is not available:" << qPrintable(backend); + qCritical() << qPrintable(tr("Storage backend is not available: %1").arg(backend)); return false; case Storage::NeedsSetup: if (!storage->setup(settings)) { - qWarning() << qPrintable(QString("Core::selectBackend(): unable to setup backend: %1").arg(backend)); + quWarning() << qPrintable(tr("Unable to setup storage backend: %1").arg(backend)); return false; } if (storage->init(settings) != Storage::IsReady) { - qWarning() << qPrintable(QString("Core::migrateBackend(): unable to initialize backend: %1").arg(backend)); + quWarning() << qPrintable(tr("Unable to initialize storage backend: %1").arg(backend)); return false; } - saveBackendSettings(backend, settings); - qWarning() << "Switched backend to:" << qPrintable(backend); + if (!saveBackendSettings(backend, settings)) { + qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem.")); + } + quWarning() << qPrintable(tr("Switched storage backend to: %1").arg(backend)); break; } // let's see if we have a current storage object we can migrate from - AbstractSqlMigrationReader *reader = getMigrationReader(_storage); - AbstractSqlMigrationWriter *writer = getMigrationWriter(storage); + auto reader = getMigrationReader(_storage.get()); + auto writer = getMigrationWriter(storage.get()); if (reader && writer) { - qDebug() << qPrintable(QString("Migrating Storage backend %1 to %2...").arg(_storage->displayName(), storage->displayName())); - delete _storage; - _storage = 0; - delete storage; - storage = 0; - if (reader->migrateTo(writer)) { + qDebug() << qPrintable(tr("Migrating storage backend %1 to %2...").arg(_storage->displayName(), storage->displayName())); + _storage.reset(); + storage.reset(); + if (reader->migrateTo(writer.get())) { qDebug() << "Migration finished!"; - saveBackendSettings(backend, settings); + qDebug() << qPrintable(tr("Migration finished!")); + if (!saveBackendSettings(backend, settings)) { + qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem.")); + return false; + } return true; } + quWarning() << qPrintable(tr("Unable to migrate storage backend! (No migration writer for %1)").arg(backend)); return false; - qWarning() << qPrintable(QString("Core::migrateDb(): unable to migrate storage backend! (No migration writer for %1)").arg(backend)); } // inform the user why we cannot merge if (!_storage) { - qWarning() << "No currently active backend. Skipping migration."; + quWarning() << qPrintable(tr("No currently active storage backend. Skipping migration...")); } else if (!reader) { - qWarning() << "Currently active backend does not support migration:" << qPrintable(_storage->displayName()); + quWarning() << qPrintable(tr("Currently active storage backend does not support migration: %1").arg(_storage->displayName())); } if (writer) { - qWarning() << "New backend does not support migration:" << qPrintable(backend); + quWarning() << qPrintable(tr("New storage backend does not support migration: %1").arg(backend)); } // so we were unable to merge, but let's create a user \o/ - _storage = storage; + _storage = std::move(storage); createUser(); return true; } +// TODO: I am not sure if this function is implemented correctly. +// There is currently no concept of migraiton between auth backends. +bool Core::selectAuthenticator(const QString &backend) +{ + // Register all authentication backends. + registerAuthenticators(); + auto auther = authenticator(backend); + if (!auther) { + QStringList authenticators; + std::transform(_registeredAuthenticators.begin(), _registeredAuthenticators.end(), + std::back_inserter(authenticators), [](const DeferredSharedPtr& authenticator) { + return authenticator->displayName(); + }); + quWarning() << qPrintable(tr("Unsupported authenticator: %1").arg(backend)); + quWarning() << qPrintable(tr("Supported authenticators are:")) << qPrintable(authenticators.join(", ")); + return false; + } + + QVariantMap settings = promptForSettings(auther.get()); + + Authenticator::State state = auther->init(settings); + switch (state) { + case Authenticator::IsReady: + saveAuthenticatorSettings(backend, settings); + quWarning() << qPrintable(tr("Switched authenticator to: %1").arg(backend)); + return true; + case Authenticator::NotAvailable: + qCritical() << qPrintable(tr("Authenticator is not available: %1").arg(backend)); + return false; + case Authenticator::NeedsSetup: + if (!auther->setup(settings)) { + quWarning() << qPrintable(tr("Unable to setup authenticator: %1").arg(backend)); + return false; + } + + if (auther->init(settings) != Authenticator::IsReady) { + quWarning() << qPrintable(tr("Unable to initialize authenticator: %1").arg(backend)); + return false; + } + + saveAuthenticatorSettings(backend, settings); + quWarning() << qPrintable(tr("Switched authenticator to: %1").arg(backend)); + } + + _authenticator = std::move(auther); + return true; +} + -void Core::createUser() +bool Core::createUser() { QTextStream out(stdout); QTextStream in(stdin); @@ -787,31 +1079,38 @@ void Core::createUser() enableStdInEcho(); if (password != password2) { - qWarning() << "Passwords don't match!"; - return; + quWarning() << "Passwords don't match!"; + return false; } if (password.isEmpty()) { - qWarning() << "Password is empty!"; - return; + quWarning() << "Password is empty!"; + return false; } if (_configured && _storage->addUser(username, password).isValid()) { out << "Added user " << username << " successfully!" << endl; + return true; } else { - qWarning() << "Unable to add user:" << qPrintable(username); + quWarning() << "Unable to add user:" << qPrintable(username); + return false; } } -void Core::changeUserPass(const QString &username) +bool Core::changeUserPass(const QString &username) { QTextStream out(stdout); QTextStream in(stdin); UserId userId = _storage->getUserId(username); if (!userId.isValid()) { out << "User " << username << " does not exist." << endl; - return; + return false; + } + + if (!canChangeUserPassword(userId)) { + out << "User " << username << " is configured through an auth provider that has forbidden manual password changing." << endl; + return false; } out << "Change password for user: " << username << endl; @@ -828,108 +1127,144 @@ void Core::changeUserPass(const QString &username) enableStdInEcho(); if (password != password2) { - qWarning() << "Passwords don't match!"; - return; + quWarning() << "Passwords don't match!"; + return false; } if (password.isEmpty()) { - qWarning() << "Password is empty!"; - return; + quWarning() << "Password is empty!"; + return false; } if (_configured && _storage->updateUser(userId, password)) { out << "Password changed successfully!" << endl; + return true; } else { - qWarning() << "Failed to change password!"; + quWarning() << "Failed to change password!"; + return false; } } -AbstractSqlMigrationReader *Core::getMigrationReader(Storage *storage) +bool Core::changeUserPassword(UserId userId, const QString &password) +{ + if (!isConfigured() || !userId.isValid()) + return false; + + if (!canChangeUserPassword(userId)) + return false; + + return instance()->_storage->updateUser(userId, password); +} + +// TODO: this code isn't currently 100% optimal because the core +// doesn't know it can have multiple auth providers configured (there aren't +// multiple auth providers at the moment anyway) and we have hardcoded the +// Database provider to be always allowed. +bool Core::canChangeUserPassword(UserId userId) +{ + QString authProvider = instance()->_storage->getUserAuthenticator(userId); + if (authProvider != "Database") { + if (authProvider != instance()->_authenticator->backendId()) { + return false; + } + else if (instance()->_authenticator->canChangePassword()) { + return false; + } + } + return true; +} + + +std::unique_ptr Core::getMigrationReader(Storage *storage) { if (!storage) - return 0; + return nullptr; - AbstractSqlStorage *sqlStorage = qobject_cast(storage); + auto *sqlStorage = qobject_cast(storage); if (!sqlStorage) { qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!"; - return 0; + return nullptr; } return sqlStorage->createMigrationReader(); } -AbstractSqlMigrationWriter *Core::getMigrationWriter(Storage *storage) +std::unique_ptr Core::getMigrationWriter(Storage *storage) { if (!storage) - return 0; + return nullptr; - AbstractSqlStorage *sqlStorage = qobject_cast(storage); + auto *sqlStorage = qobject_cast(storage); if (!sqlStorage) { qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!"; - return 0; + return nullptr; } return sqlStorage->createMigrationWriter(); } -void Core::saveBackendSettings(const QString &backend, const QVariantMap &settings) +bool Core::saveBackendSettings(const QString &backend, const QVariantMap &settings) { QVariantMap dbsettings; dbsettings["Backend"] = backend; dbsettings["ConnectionProperties"] = settings; - CoreSettings().setStorageSettings(dbsettings); + CoreSettings s = CoreSettings(); + s.setStorageSettings(dbsettings); + return s.sync(); } -QVariantMap Core::promptForSettings(const Storage *storage) +void Core::saveAuthenticatorSettings(const QString &backend, const QVariantMap &settings) +{ + QVariantMap dbsettings; + dbsettings["Authenticator"] = backend; + dbsettings["AuthProperties"] = settings; + CoreSettings().setAuthSettings(dbsettings); +} + +// Generic version of promptForSettings that doesn't care what *type* of +// backend it runs over. +template +QVariantMap Core::promptForSettings(const Backend *backend) { QVariantMap settings; + const QVariantList& setupData = backend->setupData(); - QStringList keys = storage->setupKeys(); - if (keys.isEmpty()) + if (setupData.isEmpty()) return settings; QTextStream out(stdout); QTextStream in(stdin); out << "Default values are in brackets" << endl; - QVariantMap defaults = storage->setupDefaults(); - QString value; - foreach(QString key, keys) { - QVariant val; - if (defaults.contains(key)) { - val = defaults[key]; - } - out << key; - if (!val.toString().isEmpty()) { - out << " (" << val.toString() << ")"; - } - out << ": "; - out.flush(); + for (int i = 0; i + 2 < setupData.size(); i += 3) { + QString key = setupData[i].toString(); + out << setupData[i+1].toString() << " [" << setupData[i+2].toString() << "]: " << flush; - bool noEcho = QString("password").toLower().startsWith(key.toLower()); + bool noEcho = key.toLower().contains("password"); if (noEcho) { disableStdInEcho(); } - value = in.readLine().trimmed(); + QString input = in.readLine().trimmed(); if (noEcho) { out << endl; enableStdInEcho(); } - if (!value.isEmpty()) { - switch (defaults[key].type()) { + QVariant value{setupData[i+2]}; + if (!input.isEmpty()) { + switch (value.type()) { case QVariant::Int: - val = QVariant(value.toInt()); + value = input.toInt(); break; default: - val = QVariant(value); + value = input; } } - settings[key] = val; + settings[key] = value; } return settings; } @@ -948,7 +1283,6 @@ void Core::stdInEcho(bool on) SetConsoleMode(hStdin, mode); } - #else void Core::stdInEcho(bool on) { @@ -961,5 +1295,4 @@ void Core::stdInEcho(bool on) tcsetattr(STDIN_FILENO, TCSANOW, &t); } - #endif /* Q_OS_WIN */