X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fcore%2Fcore.cpp;h=b103b42d80c5f7096f55ea62948f20c70a738a5d;hp=7068f84ec28b67bf30bff7a7437fbde5acd3194f;hb=9f2fbea7c308914d0b737ec9a936a004d4687223;hpb=61fd20ec28db1dc1e36edee78a48f9a7d516c8f0 diff --git a/src/core/core.cpp b/src/core/core.cpp index 7068f84e..b103b42d 100644 --- a/src/core/core.cpp +++ b/src/core/core.cpp @@ -1,5 +1,5 @@ /*************************************************************************** - * Copyright (C) 2005-2014 by the Quassel Project * + * Copyright (C) 2005-2018 by the Quassel Project * * devel@quassel-irc.org * * * * This program is free software; you can redistribute it and/or modify * @@ -18,6 +18,8 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * ***************************************************************************/ +#include + #include #include "core.h" @@ -29,9 +31,15 @@ #include "network.h" #include "postgresqlstorage.h" #include "quassel.h" +#include "sqlauthenticator.h" #include "sqlitestorage.h" #include "util.h" +// Currently building with LDAP bindings is optional. +#ifdef HAVE_LDAP +#include "ldapauthenticator.h" +#endif + // migration related #include #ifdef Q_OS_WIN @@ -41,11 +49,6 @@ # include #endif /* Q_OS_WIN */ -#ifdef HAVE_UMASK -# include -# include -#endif /* HAVE_UMASK */ - // ============================== // Custom Events // ============================== @@ -63,209 +66,230 @@ public: // ============================== // Core // ============================== -Core *Core::instanceptr = 0; +Core *Core::_instance{nullptr}; Core *Core::instance() { - if (instanceptr) return instanceptr; - instanceptr = new Core(); - instanceptr->init(); - return instanceptr; + return _instance; } -void Core::destroy() +Core::Core() { - delete instanceptr; - instanceptr = 0; + if (_instance) { + qWarning() << "Recreating core instance!"; + delete _instance; + } + _instance = this; + + // Parent all QObject-derived attributes, so when the Core instance gets moved into another + // thread, they get moved with it + _server.setParent(this); + _v6server.setParent(this); + _storageSyncTimer.setParent(this); } -Core::Core() - : QObject(), - _storage(0) +Core::~Core() { -#ifdef HAVE_UMASK - umask(S_IRWXG | S_IRWXO); -#endif - _startTime = QDateTime::currentDateTime().toUTC(); // for uptime :) - - Quassel::loadTranslation(QLocale::system()); + saveState(); + qDeleteAll(_connectingClients); + qDeleteAll(_sessions); + syncStorage(); + _instance = nullptr; +} - // FIXME: MIGRATION 0.3 -> 0.4: Move database and core config to new location - // Move settings, note this does not delete the old files -#ifdef Q_OS_MAC - QSettings newSettings("quassel-irc.org", "quasselcore"); -#else -# ifdef Q_OS_WIN - QSettings::Format format = QSettings::IniFormat; -# else - QSettings::Format format = QSettings::NativeFormat; -# endif - QString newFilePath = Quassel::configDirPath() + "quasselcore" - + ((format == QSettings::NativeFormat) ? QLatin1String(".conf") : QLatin1String(".ini")); - QSettings newSettings(newFilePath, format); -#endif /* Q_OS_MAC */ - - if (newSettings.value("Config/Version").toUInt() == 0) { -# ifdef Q_OS_MAC - QString org = "quassel-irc.org"; -# else - QString org = "Quassel Project"; -# endif - QSettings oldSettings(org, "Quassel Core"); - if (oldSettings.allKeys().count()) { - qWarning() << "\n\n*** IMPORTANT: Config and data file locations have changed. Attempting to auto-migrate your core settings..."; - foreach(QString key, oldSettings.allKeys()) - newSettings.setValue(key, oldSettings.value(key)); - newSettings.setValue("Config/Version", 1); - qWarning() << "* Your core settings have been migrated to" << newSettings.fileName(); - -#ifndef Q_OS_MAC /* we don't need to move the db and cert for mac */ -#ifdef Q_OS_WIN - QString quasselDir = qgetenv("APPDATA") + "/quassel/"; -#elif defined Q_OS_MAC - QString quasselDir = QDir::homePath() + "/Library/Application Support/Quassel/"; -#else - QString quasselDir = QDir::homePath() + "/.quassel/"; -#endif +bool Core::init() +{ + _startTime = QDateTime::currentDateTime().toUTC(); // for uptime :) - QFileInfo info(Quassel::configDirPath() + "quassel-storage.sqlite"); - if (!info.exists()) { - // move database, if we found it - QFile oldDb(quasselDir + "quassel-storage.sqlite"); - if (oldDb.exists()) { - bool success = oldDb.rename(Quassel::configDirPath() + "quassel-storage.sqlite"); - if (success) - qWarning() << "* Your database has been moved to" << Quassel::configDirPath() + "quassel-storage.sqlite"; - else - qWarning() << "!!! Moving your database has failed. Please move it manually into" << Quassel::configDirPath(); - } - } - // move certificate - QFileInfo certInfo(quasselDir + "quasselCert.pem"); - if (certInfo.exists()) { - QFile cert(quasselDir + "quasselCert.pem"); - bool success = cert.rename(Quassel::configDirPath() + "quasselCert.pem"); - if (success) - qWarning() << "* Your certificate has been moved to" << Quassel::configDirPath() + "quasselCert.pem"; - else - qWarning() << "!!! Moving your certificate has failed. Please move it manually into" << Quassel::configDirPath(); - } -#endif /* !Q_OS_MAC */ - qWarning() << "*** Migration completed.\n\n"; - } - } - // MIGRATION end + Quassel::loadTranslation(QLocale::system()); // check settings version // so far, we only have 1 CoreSettings s; if (s.version() != 1) { qCritical() << "Invalid core settings version, terminating!"; - exit(EXIT_FAILURE); + QCoreApplication::exit(EXIT_FAILURE); + return false; } + // Set up storage and authentication backends registerStorageBackends(); + registerAuthenticators(); - connect(&_storageSyncTimer, SIGNAL(timeout()), this, SLOT(syncStorage())); - _storageSyncTimer.start(10 * 60 * 1000); // 10 minutes -} + QProcessEnvironment environment = QProcessEnvironment::systemEnvironment(); + bool config_from_environment = Quassel::isOptionSet("config-from-environment"); + QString db_backend; + QVariantMap db_connectionProperties; + + QString auth_authenticator; + QVariantMap auth_properties; + + bool writeError = false; + + if (config_from_environment) { + db_backend = environment.value("DB_BACKEND"); + auth_authenticator = environment.value("AUTH_AUTHENTICATOR"); + } else { + CoreSettings cs; + + QVariantMap dbsettings = cs.storageSettings().toMap(); + db_backend = dbsettings.value("Backend").toString(); + db_connectionProperties = dbsettings.value("ConnectionProperties").toMap(); + + QVariantMap authSettings = cs.authSettings().toMap(); + auth_authenticator = authSettings.value("Authenticator", "Database").toString(); + auth_properties = authSettings.value("AuthProperties").toMap(); + + writeError = !cs.isWritable(); + } -void Core::init() -{ - CoreSettings cs; // legacy - QVariantMap dbsettings = cs.storageSettings().toMap(); - _configured = initStorage(dbsettings.value("Backend").toString(), dbsettings.value("ConnectionProperties").toMap()); + _configured = initStorage(db_backend, db_connectionProperties, environment, config_from_environment); - if (Quassel::isOptionSet("select-backend")) { - selectBackend(Quassel::optionValue("select-backend")); - exit(0); + // Not entirely sure what is 'legacy' about the above, but it seems to be the way things work! + if (_configured) { + initAuthenticator(auth_authenticator, auth_properties, environment, config_from_environment); } - if (!_configured) { - if (!_storageBackends.count()) { - qWarning() << qPrintable(tr("Could not initialize any storage backend! Exiting...")); - qWarning() << qPrintable(tr("Currently, Quassel supports SQLite3 and PostgreSQL. You need to build your\n" - "Qt library with the sqlite or postgres plugin enabled in order for quasselcore\n" - "to work.")); - exit(1); // TODO make this less brutal (especially for mono client -> popup) + if (Quassel::isOptionSet("select-backend") || Quassel::isOptionSet("select-authenticator")) { + bool success{true}; + if (Quassel::isOptionSet("select-backend")) { + success &= selectBackend(Quassel::optionValue("select-backend")); + } + if (Quassel::isOptionSet("select-authenticator")) { + success &= selectAuthenticator(Quassel::optionValue("select-authenticator")); } - qWarning() << "Core is currently not configured! Please connect with a Quassel Client for basic setup."; + QCoreApplication::exit(success ? EXIT_SUCCESS : EXIT_FAILURE); + return success; } - if (Quassel::isOptionSet("add-user")) { - createUser(); - exit(0); + if (!_configured) { + if (config_from_environment) { + _configured = initStorage(db_backend, db_connectionProperties, environment, config_from_environment, true); + initAuthenticator(auth_authenticator, auth_properties, environment, config_from_environment, true); + + if (!_configured) { + qWarning() << "Cannot configure from environment"; + QCoreApplication::exit(EXIT_FAILURE); + return false; + } + } + else { + if (_registeredStorageBackends.empty()) { + quWarning() << qPrintable(tr("Could not initialize any storage backend! Exiting...")); + quWarning() + << qPrintable(tr("Currently, Quassel supports SQLite3 and PostgreSQL. You need to build your\n" + "Qt library with the sqlite or postgres plugin enabled in order for quasselcore\n" + "to work.")); + QCoreApplication::exit(EXIT_FAILURE); // TODO make this less brutal (especially for mono client -> popup) + return false; + } + + if (writeError) { + qWarning() << "Cannot write quasselcore configuration; probably a permission problem."; + QCoreApplication::exit(EXIT_FAILURE); + return false; + } + + quInfo() << "Core is currently not configured! Please connect with a Quassel Client for basic setup."; + } } + else { + if (Quassel::isOptionSet("add-user")) { + bool success = createUser(); + QCoreApplication::exit(success ? EXIT_SUCCESS : EXIT_FAILURE); + return success; + } + + if (Quassel::isOptionSet("change-userpass")) { + bool success = changeUserPass(Quassel::optionValue("change-userpass")); + QCoreApplication::exit(success ? EXIT_SUCCESS : EXIT_FAILURE); + return success; + } + + _strictIdentEnabled = Quassel::isOptionSet("strict-ident"); + if (_strictIdentEnabled) { + cacheSysIdent(); + } + + if (Quassel::isOptionSet("oidentd")) { + _oidentdConfigGenerator = new OidentdConfigGenerator(this); + } - if (Quassel::isOptionSet("change-userpass")) { - changeUserPass(Quassel::optionValue("change-userpass")); - exit(0); + Quassel::registerReloadHandler([]() { + // Currently, only reloading SSL certificates and the sysident cache is supported + if (Core::instance()) { + Core::instance()->cacheSysIdent(); + Core::instance()->reloadCerts(); + return true; + } + return false; + }); + + connect(&_storageSyncTimer, SIGNAL(timeout()), this, SLOT(syncStorage())); + _storageSyncTimer.start(10 * 60 * 1000); // 10 minutes } connect(&_server, SIGNAL(newConnection()), this, SLOT(incomingConnection())); connect(&_v6server, SIGNAL(newConnection()), this, SLOT(incomingConnection())); - if (!startListening()) exit(1); // TODO make this less brutal - - if (Quassel::isOptionSet("oidentd")) - _oidentdConfigGenerator = new OidentdConfigGenerator(this); -} + if (!startListening()) { + QCoreApplication::exit(EXIT_FAILURE); // TODO make this less brutal + return false; + } -Core::~Core() -{ - // FIXME do we need more cleanup for handlers? - foreach(CoreAuthHandler *handler, _connectingClients) { - handler->deleteLater(); // disconnect non authed clients + if (_configured && !Quassel::isOptionSet("norestore")) { + Core::restoreState(); } - qDeleteAll(sessions); - qDeleteAll(_storageBackends); -} + return true; +} /*** Session Restore ***/ void Core::saveState() { - CoreSettings s; - QVariantMap state; - QVariantList activeSessions; - foreach(UserId user, instance()->sessions.keys()) activeSessions << QVariant::fromValue(user); - state["CoreStateVersion"] = 1; - state["ActiveSessions"] = activeSessions; - s.setCoreState(state); + if (_storage) { + QVariantList activeSessions; + for (auto &&user : instance()->_sessions.keys()) + activeSessions << QVariant::fromValue(user); + _storage->setCoreState(activeSessions); + } } void Core::restoreState() { - if (!instance()->_configured) { - // qWarning() << qPrintable(tr("Cannot restore a state for an unconfigured core!")); + if (!_configured) { + quWarning() << qPrintable(tr("Cannot restore a state for an unconfigured core!")); return; } - if (instance()->sessions.count()) { - qWarning() << qPrintable(tr("Calling restoreState() even though active sessions exist!")); + if (_sessions.count()) { + quWarning() << qPrintable(tr("Calling restoreState() even though active sessions exist!")); return; } + CoreSettings s; /* We don't check, since we are at the first version since switching to Git uint statever = s.coreState().toMap()["CoreStateVersion"].toUInt(); if(statever < 1) { - qWarning() << qPrintable(tr("Core state too old, ignoring...")); + quWarning() << qPrintable(tr("Core state too old, ignoring...")); return; } */ - QVariantList activeSessions = s.coreState().toMap()["ActiveSessions"].toList(); + const QList &activeSessionsFallback = s.coreState().toMap()["ActiveSessions"].toList(); + QVariantList activeSessions = instance()->_storage->getCoreState(activeSessionsFallback); + if (activeSessions.count() > 0) { quInfo() << "Restoring previous core state..."; - foreach(QVariant v, activeSessions) { + for(auto &&v : activeSessions) { UserId user = v.value(); - instance()->createSession(user, true); + sessionForUser(user, true); } } } @@ -273,13 +297,13 @@ void Core::restoreState() /*** Core Setup ***/ -QString Core::setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData) +QString Core::setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authenticator, const QVariantMap &authSetupData) { - return instance()->setupCore(adminUser, adminPassword, backend, setupData); + return instance()->setupCore(adminUser, adminPassword, backend, setupData, authenticator, authSetupData); } -QString Core::setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData) +QString Core::setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authenticator, const QVariantMap &authSetupData) { if (_configured) return tr("Core is already configured! Not configuring again..."); @@ -287,14 +311,24 @@ QString Core::setupCore(const QString &adminUser, const QString &adminPassword, if (adminUser.isEmpty() || adminPassword.isEmpty()) { return tr("Admin user or password not set."); } - if (!(_configured = initStorage(backend, setupData, true))) { + if (!(_configured = initStorage(backend, setupData, {}, false, true))) { return tr("Could not setup storage!"); } - saveBackendSettings(backend, setupData); + quInfo() << "Selected authenticator:" << authenticator; + if (!(_configured = initAuthenticator(authenticator, authSetupData, {}, false, true))) + { + return tr("Could not setup authenticator!"); + } + + if (!saveBackendSettings(backend, setupData)) { + return tr("Could not save backend settings, probably a permission problem."); + } + saveAuthenticatorSettings(authenticator, authSetupData); quInfo() << qPrintable(tr("Creating admin user...")); _storage->addUser(adminUser, adminPassword); + cacheSysIdent(); startListening(); // TODO check when we need this return QString(); } @@ -302,9 +336,9 @@ QString Core::setupCore(const QString &adminUser, const QString &adminPassword, QString Core::setupCoreForInternalUsage() { - Q_ASSERT(!_storageBackends.isEmpty()); + Q_ASSERT(!_registeredStorageBackends.empty()); - qsrand(QDateTime::currentDateTime().toTime_t()); + qsrand(QDateTime::currentDateTime().toMSecsSinceEpoch()); int pass = 0; for (int i = 0; i < 10; i++) { pass *= 10; @@ -312,85 +346,82 @@ QString Core::setupCoreForInternalUsage() } // mono client currently needs sqlite - return setupCore("AdminUser", QString::number(pass), "SQLite", QVariantMap()); + return setupCore("AdminUser", QString::number(pass), "SQLite", QVariantMap(), "Database", QVariantMap()); } /*** Storage Handling ***/ -void Core::registerStorageBackends() -{ - // Register storage backends here! - registerStorageBackend(new SqliteStorage(this)); - registerStorageBackend(new PostgreSqlStorage(this)); -} - -bool Core::registerStorageBackend(Storage *backend) +template +void Core::registerStorageBackend() { - if (backend->isAvailable()) { - _storageBackends[backend->displayName()] = backend; - return true; - } - else { + auto backend = makeDeferredShared(this); + if (backend->isAvailable()) + _registeredStorageBackends.emplace_back(std::move(backend)); + else backend->deleteLater(); - return false; - } } -void Core::unregisterStorageBackends() +void Core::registerStorageBackends() { - foreach(Storage *s, _storageBackends.values()) { - s->deleteLater(); + if (_registeredStorageBackends.empty()) { + registerStorageBackend(); + registerStorageBackend(); } - _storageBackends.clear(); } -void Core::unregisterStorageBackend(Storage *backend) +DeferredSharedPtr Core::storageBackend(const QString &backendId) const { - _storageBackends.remove(backend->displayName()); - backend->deleteLater(); + auto it = std::find_if(_registeredStorageBackends.begin(), _registeredStorageBackends.end(), + [backendId](const DeferredSharedPtr &backend) { + return backend->displayName() == backendId; + }); + return it != _registeredStorageBackends.end() ? *it : nullptr; } - // old db settings: // "Type" => "sqlite" -bool Core::initStorage(const QString &backend, const QVariantMap &settings, bool setup) +bool Core::initStorage(const QString &backend, const QVariantMap &settings, + const QProcessEnvironment &environment, bool loadFromEnvironment, bool setup) { - _storage = 0; - if (backend.isEmpty()) { + quWarning() << "No storage backend selected!"; return false; } - Storage *storage = 0; - if (_storageBackends.contains(backend)) { - storage = _storageBackends[backend]; - } - else { + auto storage = storageBackend(backend); + if (!storage) { qCritical() << "Selected storage backend is not available:" << backend; return false; } - Storage::State storageState = storage->init(settings); + Storage::State storageState = storage->init(settings, environment, loadFromEnvironment); switch (storageState) { case Storage::NeedsSetup: if (!setup) return false; // trigger setup process - if (storage->setup(settings)) - return initStorage(backend, settings, false); + if (storage->setup(settings, environment, loadFromEnvironment)) + return initStorage(backend, settings, environment, loadFromEnvironment, false); + return false; + // if initialization wasn't successful, we quit to keep from coming up unconfigured case Storage::NotAvailable: qCritical() << "FATAL: Selected storage backend is not available:" << backend; - exit(EXIT_FAILURE); + if (!setup) { + QCoreApplication::exit(EXIT_FAILURE); + } + return false; + case Storage::IsReady: // delete all other backends - _storageBackends.remove(backend); - unregisterStorageBackends(); - connect(storage, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &)), this, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &))); + _registeredStorageBackends.clear(); + connect(storage.get(), SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &)), + this, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &))); + break; } - _storage = storage; + _storage = std::move(storage); return true; } @@ -414,6 +445,85 @@ bool Core::createNetwork(UserId user, NetworkInfo &info) } +/*** Authenticators ***/ + +// Authentication handling, now independent from storage. +template +void Core::registerAuthenticator() +{ + auto authenticator = makeDeferredShared(this); + if (authenticator->isAvailable()) + _registeredAuthenticators.emplace_back(std::move(authenticator)); + else + authenticator->deleteLater(); +} + + +void Core::registerAuthenticators() +{ + if (_registeredAuthenticators.empty()) { + registerAuthenticator(); +#ifdef HAVE_LDAP + registerAuthenticator(); +#endif + } +} + + +DeferredSharedPtr Core::authenticator(const QString &backendId) const +{ + auto it = std::find_if(_registeredAuthenticators.begin(), _registeredAuthenticators.end(), + [backendId](const DeferredSharedPtr &authenticator) { + return authenticator->backendId() == backendId; + }); + return it != _registeredAuthenticators.end() ? *it : nullptr; +} + + +// FIXME: Apparently, this is the legacy way of initting storage backends? +// If there's a not-legacy way, it should be used here +bool Core::initAuthenticator(const QString &backend, const QVariantMap &settings, + const QProcessEnvironment &environment, bool loadFromEnvironment, + bool setup) +{ + if (backend.isEmpty()) { + quWarning() << "No authenticator selected!"; + return false; + } + + auto auth = authenticator(backend); + if (!auth) { + qCritical() << "Selected auth backend is not available:" << backend; + return false; + } + + Authenticator::State authState = auth->init(settings, environment, loadFromEnvironment); + switch (authState) { + case Authenticator::NeedsSetup: + if (!setup) + return false; // trigger setup process + if (auth->setup(settings, environment, loadFromEnvironment)) + return initAuthenticator(backend, settings, environment, loadFromEnvironment, false); + return false; + + // if initialization wasn't successful, we quit to keep from coming up unconfigured + case Authenticator::NotAvailable: + qCritical() << "FATAL: Selected auth backend is not available:" << backend; + if (!setup) { + QCoreApplication::exit(EXIT_FAILURE); + } + return false; + + case Authenticator::IsReady: + // delete all other backends + _registeredAuthenticators.clear(); + break; + } + _authenticator = std::move(auth); + return true; +} + + /*** Network Management ***/ bool Core::sslSupported() @@ -427,6 +537,51 @@ bool Core::sslSupported() } +bool Core::reloadCerts() +{ +#ifdef HAVE_SSL + SslServer *sslServerv4 = qobject_cast(&_server); + bool retv4 = sslServerv4->reloadCerts(); + + SslServer *sslServerv6 = qobject_cast(&_v6server); + bool retv6 = sslServerv6->reloadCerts(); + + return retv4 && retv6; +#else + // SSL not supported, don't mark configuration reload as failed + return true; +#endif +} + + +void Core::cacheSysIdent() +{ + if (isConfigured()) { + _authUserNames = _storage->getAllAuthUserNames(); + } +} + + +QString Core::strictSysIdent(UserId user) const +{ + if (_authUserNames.contains(user)) { + return _authUserNames[user]; + } + + // A new user got added since we last pulled our cache from the database. + // There's no way to avoid a database hit - we don't even know the authname! + instance()->cacheSysIdent(); + + if (_authUserNames.contains(user)) { + return _authUserNames[user]; + } + + // ...something very weird is going on if we ended up here (an active CoreSession without a corresponding database entry?) + qWarning().nospace() << "Unable to find authusername for UserId " << user << ", this should never happen!"; + return "unknown"; // Should we just terminate the program instead? +} + + bool Core::startListening() { // in mono mode we only start a local port if a port is specified in the cli call @@ -577,19 +732,7 @@ void Core::setupClientSession(RemotePeer *peer, UserId uid) handler->deleteLater(); // Find or create session for validated user - SessionThread *session; - if (sessions.contains(uid)) { - session = sessions[uid]; - } - else { - session = createSession(uid); - if (!session) { - qWarning() << qPrintable(tr("Could not initialize session for client:")) << qPrintable(peer->description()); - peer->close(); - peer->deleteLater(); - return; - } - } + sessionForUser(uid); // as we are currently handling an event triggered by incoming data on this socket // it is unsafe to directly move the socket to the client thread. @@ -610,14 +753,7 @@ void Core::customEvent(QEvent *event) void Core::addClientHelper(RemotePeer *peer, UserId uid) { // Find or create session for validated user - if (!sessions.contains(uid)) { - qWarning() << qPrintable(tr("Could not find a session for client:")) << qPrintable(peer->description()); - peer->close(); - peer->deleteLater(); - return; - } - - SessionThread *session = sessions[uid]; + SessionThread *session = sessionForUser(uid); session->addClient(peer); } @@ -634,7 +770,7 @@ void Core::setupInternalClientSession(InternalPeer *clientPeer) uid = _storage->internalUser(); } else { - qWarning() << "Core::setupInternalClientSession(): You're trying to run monolithic Quassel with an unusable Backend! Go fix it!"; + quWarning() << "Core::setupInternalClientSession(): You're trying to run monolithic Quassel with an unusable Backend! Go fix it!"; return; } @@ -643,127 +779,212 @@ void Core::setupInternalClientSession(InternalPeer *clientPeer) clientPeer->setPeer(corePeer); // Find or create session for validated user - SessionThread *sessionThread; - if (sessions.contains(uid)) - sessionThread = sessions[uid]; - else - sessionThread = createSession(uid); - + SessionThread *sessionThread = sessionForUser(uid); sessionThread->addClient(corePeer); } -SessionThread *Core::createSession(UserId uid, bool restore) +SessionThread *Core::sessionForUser(UserId uid, bool restore) { - if (sessions.contains(uid)) { - qWarning() << "Calling createSession() when a session for the user already exists!"; - return 0; - } - SessionThread *sess = new SessionThread(uid, restore, this); - sessions[uid] = sess; - sess->start(); - return sess; + if (_sessions.contains(uid)) + return _sessions[uid]; + + SessionThread *session = new SessionThread(uid, restore, strictIdentEnabled(), this); + _sessions[uid] = session; + session->start(); + return session; } void Core::socketError(QAbstractSocket::SocketError err, const QString &errorString) { - qWarning() << QString("Socket error %1: %2").arg(err).arg(errorString); + quWarning() << QString("Socket error %1: %2").arg(err).arg(errorString); } QVariantList Core::backendInfo() { - QVariantList backends; - foreach(const Storage *backend, instance()->_storageBackends.values()) { + instance()->registerStorageBackends(); + + QVariantList backendInfos; + for (auto &&backend : instance()->_registeredStorageBackends) { QVariantMap v; + v["BackendId"] = backend->backendId(); v["DisplayName"] = backend->displayName(); v["Description"] = backend->description(); - v["SetupKeys"] = backend->setupKeys(); - v["SetupDefaults"] = backend->setupDefaults(); - backends.append(v); + v["SetupData"] = backend->setupData(); // ignored by legacy clients + + // TODO Protocol Break: Remove legacy (cf. authenticatorInfo()) + const auto &setupData = backend->setupData(); + QStringList setupKeys; + QVariantMap setupDefaults; + for (int i = 0; i + 2 < setupData.size(); i += 3) { + setupKeys << setupData[i].toString(); + setupDefaults[setupData[i].toString()] = setupData[i + 2]; + } + v["SetupKeys"] = setupKeys; + v["SetupDefaults"] = setupDefaults; + // TODO Protocol Break: Remove + v["IsDefault"] = (backend->backendId() == "SQLite"); // newer clients will just use the first in the list + + backendInfos << v; } - return backends; + return backendInfos; } +QVariantList Core::authenticatorInfo() +{ + instance()->registerAuthenticators(); + + QVariantList authInfos; + for(auto &&backend : instance()->_registeredAuthenticators) { + QVariantMap v; + v["BackendId"] = backend->backendId(); + v["DisplayName"] = backend->displayName(); + v["Description"] = backend->description(); + v["SetupData"] = backend->setupData(); + authInfos << v; + } + return authInfos; +} + // migration / backend selection bool Core::selectBackend(const QString &backend) { // reregister all storage backends registerStorageBackends(); - if (!_storageBackends.contains(backend)) { - qWarning() << qPrintable(QString("Core::selectBackend(): unsupported backend: %1").arg(backend)); - qWarning() << " supported backends are:" << qPrintable(QStringList(_storageBackends.keys()).join(", ")); + auto storage = storageBackend(backend); + if (!storage) { + QStringList backends; + std::transform(_registeredStorageBackends.begin(), _registeredStorageBackends.end(), + std::back_inserter(backends), [](const DeferredSharedPtr& backend) { + return backend->displayName(); + }); + quWarning() << qPrintable(tr("Unsupported storage backend: %1").arg(backend)); + quWarning() << qPrintable(tr("Supported backends are:")) << qPrintable(backends.join(", ")); return false; } - Storage *storage = _storageBackends[backend]; - QVariantMap settings = promptForSettings(storage); + QVariantMap settings = promptForSettings(storage.get()); Storage::State storageState = storage->init(settings); switch (storageState) { case Storage::IsReady: - saveBackendSettings(backend, settings); - qWarning() << "Switched backend to:" << qPrintable(backend); - qWarning() << "Backend already initialized. Skipping Migration"; + if (!saveBackendSettings(backend, settings)) { + qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem.")); + } + quWarning() << qPrintable(tr("Switched storage backend to: %1").arg(backend)); + quWarning() << qPrintable(tr("Backend already initialized. Skipping Migration...")); return true; case Storage::NotAvailable: - qCritical() << "Backend is not available:" << qPrintable(backend); + qCritical() << qPrintable(tr("Storage backend is not available: %1").arg(backend)); return false; case Storage::NeedsSetup: if (!storage->setup(settings)) { - qWarning() << qPrintable(QString("Core::selectBackend(): unable to setup backend: %1").arg(backend)); + quWarning() << qPrintable(tr("Unable to setup storage backend: %1").arg(backend)); return false; } if (storage->init(settings) != Storage::IsReady) { - qWarning() << qPrintable(QString("Core::migrateBackend(): unable to initialize backend: %1").arg(backend)); + quWarning() << qPrintable(tr("Unable to initialize storage backend: %1").arg(backend)); return false; } - saveBackendSettings(backend, settings); - qWarning() << "Switched backend to:" << qPrintable(backend); + if (!saveBackendSettings(backend, settings)) { + qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem.")); + } + quWarning() << qPrintable(tr("Switched storage backend to: %1").arg(backend)); break; } // let's see if we have a current storage object we can migrate from - AbstractSqlMigrationReader *reader = getMigrationReader(_storage); - AbstractSqlMigrationWriter *writer = getMigrationWriter(storage); + auto reader = getMigrationReader(_storage.get()); + auto writer = getMigrationWriter(storage.get()); if (reader && writer) { - qDebug() << qPrintable(QString("Migrating Storage backend %1 to %2...").arg(_storage->displayName(), storage->displayName())); - delete _storage; - _storage = 0; - delete storage; - storage = 0; - if (reader->migrateTo(writer)) { + qDebug() << qPrintable(tr("Migrating storage backend %1 to %2...").arg(_storage->displayName(), storage->displayName())); + _storage.reset(); + storage.reset(); + if (reader->migrateTo(writer.get())) { qDebug() << "Migration finished!"; - saveBackendSettings(backend, settings); + qDebug() << qPrintable(tr("Migration finished!")); + if (!saveBackendSettings(backend, settings)) { + qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem.")); + return false; + } return true; } + quWarning() << qPrintable(tr("Unable to migrate storage backend! (No migration writer for %1)").arg(backend)); return false; - qWarning() << qPrintable(QString("Core::migrateDb(): unable to migrate storage backend! (No migration writer for %1)").arg(backend)); } // inform the user why we cannot merge if (!_storage) { - qWarning() << "No currently active backend. Skipping migration."; + quWarning() << qPrintable(tr("No currently active storage backend. Skipping migration...")); } else if (!reader) { - qWarning() << "Currently active backend does not support migration:" << qPrintable(_storage->displayName()); + quWarning() << qPrintable(tr("Currently active storage backend does not support migration: %1").arg(_storage->displayName())); } if (writer) { - qWarning() << "New backend does not support migration:" << qPrintable(backend); + quWarning() << qPrintable(tr("New storage backend does not support migration: %1").arg(backend)); } // so we were unable to merge, but let's create a user \o/ - _storage = storage; + _storage = std::move(storage); createUser(); return true; } +// TODO: I am not sure if this function is implemented correctly. +// There is currently no concept of migraiton between auth backends. +bool Core::selectAuthenticator(const QString &backend) +{ + // Register all authentication backends. + registerAuthenticators(); + auto auther = authenticator(backend); + if (!auther) { + QStringList authenticators; + std::transform(_registeredAuthenticators.begin(), _registeredAuthenticators.end(), + std::back_inserter(authenticators), [](const DeferredSharedPtr& authenticator) { + return authenticator->displayName(); + }); + quWarning() << qPrintable(tr("Unsupported authenticator: %1").arg(backend)); + quWarning() << qPrintable(tr("Supported authenticators are:")) << qPrintable(authenticators.join(", ")); + return false; + } + + QVariantMap settings = promptForSettings(auther.get()); + + Authenticator::State state = auther->init(settings); + switch (state) { + case Authenticator::IsReady: + saveAuthenticatorSettings(backend, settings); + quWarning() << qPrintable(tr("Switched authenticator to: %1").arg(backend)); + return true; + case Authenticator::NotAvailable: + qCritical() << qPrintable(tr("Authenticator is not available: %1").arg(backend)); + return false; + case Authenticator::NeedsSetup: + if (!auther->setup(settings)) { + quWarning() << qPrintable(tr("Unable to setup authenticator: %1").arg(backend)); + return false; + } + + if (auther->init(settings) != Authenticator::IsReady) { + quWarning() << qPrintable(tr("Unable to initialize authenticator: %1").arg(backend)); + return false; + } + + saveAuthenticatorSettings(backend, settings); + quWarning() << qPrintable(tr("Switched authenticator to: %1").arg(backend)); + } -void Core::createUser() + _authenticator = std::move(auther); + return true; +} + + +bool Core::createUser() { QTextStream out(stdout); QTextStream in(stdin); @@ -784,31 +1005,38 @@ void Core::createUser() enableStdInEcho(); if (password != password2) { - qWarning() << "Passwords don't match!"; - return; + quWarning() << "Passwords don't match!"; + return false; } if (password.isEmpty()) { - qWarning() << "Password is empty!"; - return; + quWarning() << "Password is empty!"; + return false; } if (_configured && _storage->addUser(username, password).isValid()) { out << "Added user " << username << " successfully!" << endl; + return true; } else { - qWarning() << "Unable to add user:" << qPrintable(username); + quWarning() << "Unable to add user:" << qPrintable(username); + return false; } } -void Core::changeUserPass(const QString &username) +bool Core::changeUserPass(const QString &username) { QTextStream out(stdout); QTextStream in(stdin); UserId userId = _storage->getUserId(username); if (!userId.isValid()) { out << "User " << username << " does not exist." << endl; - return; + return false; + } + + if (!canChangeUserPassword(userId)) { + out << "User " << username << " is configured through an auth provider that has forbidden manual password changing." << endl; + return false; } out << "Change password for user: " << username << endl; @@ -825,108 +1053,144 @@ void Core::changeUserPass(const QString &username) enableStdInEcho(); if (password != password2) { - qWarning() << "Passwords don't match!"; - return; + quWarning() << "Passwords don't match!"; + return false; } if (password.isEmpty()) { - qWarning() << "Password is empty!"; - return; + quWarning() << "Password is empty!"; + return false; } if (_configured && _storage->updateUser(userId, password)) { out << "Password changed successfully!" << endl; + return true; } else { - qWarning() << "Failed to change password!"; + quWarning() << "Failed to change password!"; + return false; + } +} + + +bool Core::changeUserPassword(UserId userId, const QString &password) +{ + if (!isConfigured() || !userId.isValid()) + return false; + + if (!canChangeUserPassword(userId)) + return false; + + return instance()->_storage->updateUser(userId, password); +} + +// TODO: this code isn't currently 100% optimal because the core +// doesn't know it can have multiple auth providers configured (there aren't +// multiple auth providers at the moment anyway) and we have hardcoded the +// Database provider to be always allowed. +bool Core::canChangeUserPassword(UserId userId) +{ + QString authProvider = instance()->_storage->getUserAuthenticator(userId); + if (authProvider != "Database") { + if (authProvider != instance()->_authenticator->backendId()) { + return false; + } + else if (instance()->_authenticator->canChangePassword()) { + return false; + } } + return true; } -AbstractSqlMigrationReader *Core::getMigrationReader(Storage *storage) +std::unique_ptr Core::getMigrationReader(Storage *storage) { if (!storage) - return 0; + return nullptr; AbstractSqlStorage *sqlStorage = qobject_cast(storage); if (!sqlStorage) { qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!"; - return 0; + return nullptr; } return sqlStorage->createMigrationReader(); } -AbstractSqlMigrationWriter *Core::getMigrationWriter(Storage *storage) +std::unique_ptr Core::getMigrationWriter(Storage *storage) { if (!storage) - return 0; + return nullptr; AbstractSqlStorage *sqlStorage = qobject_cast(storage); if (!sqlStorage) { qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!"; - return 0; + return nullptr; } return sqlStorage->createMigrationWriter(); } -void Core::saveBackendSettings(const QString &backend, const QVariantMap &settings) +bool Core::saveBackendSettings(const QString &backend, const QVariantMap &settings) { QVariantMap dbsettings; dbsettings["Backend"] = backend; dbsettings["ConnectionProperties"] = settings; - CoreSettings().setStorageSettings(dbsettings); + CoreSettings s = CoreSettings(); + s.setStorageSettings(dbsettings); + return s.sync(); } -QVariantMap Core::promptForSettings(const Storage *storage) +void Core::saveAuthenticatorSettings(const QString &backend, const QVariantMap &settings) +{ + QVariantMap dbsettings; + dbsettings["Authenticator"] = backend; + dbsettings["AuthProperties"] = settings; + CoreSettings().setAuthSettings(dbsettings); +} + +// Generic version of promptForSettings that doesn't care what *type* of +// backend it runs over. +template +QVariantMap Core::promptForSettings(const Backend *backend) { QVariantMap settings; + const QVariantList& setupData = backend->setupData(); - QStringList keys = storage->setupKeys(); - if (keys.isEmpty()) + if (setupData.isEmpty()) return settings; QTextStream out(stdout); QTextStream in(stdin); out << "Default values are in brackets" << endl; - QVariantMap defaults = storage->setupDefaults(); - QString value; - foreach(QString key, keys) { - QVariant val; - if (defaults.contains(key)) { - val = defaults[key]; - } - out << key; - if (!val.toString().isEmpty()) { - out << " (" << val.toString() << ")"; - } - out << ": "; - out.flush(); + for (int i = 0; i + 2 < setupData.size(); i += 3) { + QString key = setupData[i].toString(); + out << setupData[i+1].toString() << " [" << setupData[i+2].toString() << "]: " << flush; - bool noEcho = QString("password").toLower().startsWith(key.toLower()); + bool noEcho = key.toLower().contains("password"); if (noEcho) { disableStdInEcho(); } - value = in.readLine().trimmed(); + QString input = in.readLine().trimmed(); if (noEcho) { out << endl; enableStdInEcho(); } - if (!value.isEmpty()) { - switch (defaults[key].type()) { + QVariant value{setupData[i+2]}; + if (!input.isEmpty()) { + switch (value.type()) { case QVariant::Int: - val = QVariant(value.toInt()); + value = input.toInt(); break; default: - val = QVariant(value); + value = input; } } - settings[key] = val; + settings[key] = value; } return settings; } @@ -945,7 +1209,6 @@ void Core::stdInEcho(bool on) SetConsoleMode(hStdin, mode); } - #else void Core::stdInEcho(bool on) { @@ -958,5 +1221,4 @@ void Core::stdInEcho(bool on) tcsetattr(STDIN_FILENO, TCSANOW, &t); } - #endif /* Q_OS_WIN */