ssl: Use QSslSocket directly to avoid redundant qobject_casts

author Manuel Nickschas <sputnick@quassel-irc.org>

Sun, 15 Mar 2020 19:24:59 +0000 (20:24 +0100)

committer Manuel Nickschas <sputnick@quassel-irc.org>

Thu, 11 Jun 2020 11:57:32 +0000 (13:57 +0200)
author Manuel Nickschas <sputnick@quassel-irc.org>
Sun, 15 Mar 2020 19:24:59 +0000 (20:24 +0100)
committer Manuel Nickschas <sputnick@quassel-irc.org>
Thu, 11 Jun 2020 11:57:32 +0000 (13:57 +0200)
diff --git a/src/client/clientauthhandler.cpp b/src/client/clientauthhandler.cpp

index 44743ae..469299f 100644 (file)
--- a/src/client/clientauthhandler.cpp
+++ b/src/client/clientauthhandler.cpp
@@ -384,13 +384,11 @@ void ClientAuthHandler::checkAndEnableSsl(bool coreSupportsSsl)
          // Make sure the warning is shown next time we don't have SSL in the core
          s.setAccountValue("ShowNoCoreSslWarning", true);
  
          // Make sure the warning is shown next time we don't have SSL in the core
          s.setAccountValue("ShowNoCoreSslWarning", true);
  
-        auto* sslSocket = qobject_cast<QSslSocket*>(socket());
-        Q_ASSERT(sslSocket);
-        connect(sslSocket, &QSslSocket::encrypted, this, &ClientAuthHandler::onSslSocketEncrypted);
-        connect(sslSocket, selectOverload<const QList<QSslError>&>(&QSslSocket::sslErrors), this, &ClientAuthHandler::onSslErrors);
+        connect(socket(), &QSslSocket::encrypted, this, &ClientAuthHandler::onSslSocketEncrypted);
+        connect(socket(), selectOverload<const QList<QSslError>&>(&QSslSocket::sslErrors), this, &ClientAuthHandler::onSslErrors);
          qDebug() << "Starting encryption...";
          qDebug() << "Starting encryption...";
-        sslSocket->flush();
-        sslSocket->startClientEncryption();
+        socket()->flush();
+        socket()->startClientEncryption();
      }
      else {
          if (s.accountValue("ShowNoCoreSslWarning", true).toBool()) {
      }
      else {
          if (s.accountValue("ShowNoCoreSslWarning", true).toBool()) {
@@ -435,9 +433,6 @@ void ClientAuthHandler::onSslSocketEncrypted()
  
  void ClientAuthHandler::onSslErrors()
  {
  
  void ClientAuthHandler::onSslErrors()
  {
-    auto* socket = qobject_cast<QSslSocket*>(sender());
-    Q_ASSERT(socket);
-
      CoreAccountSettings s;
      QByteArray knownDigest = s.accountValue("SslCert").toByteArray();
      ClientAuthHandler::DigestVersion knownDigestVersion = static_cast<ClientAuthHandler::DigestVersion>(
      CoreAccountSettings s;
      QByteArray knownDigest = s.accountValue("SslCert").toByteArray();
      ClientAuthHandler::DigestVersion knownDigestVersion = static_cast<ClientAuthHandler::DigestVersion>(
@@ -446,11 +441,11 @@ void ClientAuthHandler::onSslErrors()
      QByteArray calculatedDigest;
      switch (knownDigestVersion) {
      case ClientAuthHandler::DigestVersion::Md5:
      QByteArray calculatedDigest;
      switch (knownDigestVersion) {
      case ClientAuthHandler::DigestVersion::Md5:
-        calculatedDigest = socket->peerCertificate().digest(QCryptographicHash::Md5);
+        calculatedDigest = socket()->peerCertificate().digest(QCryptographicHash::Md5);
          break;
  
      case ClientAuthHandler::DigestVersion::Sha2_512:
          break;
  
      case ClientAuthHandler::DigestVersion::Sha2_512:
-        calculatedDigest = socket->peerCertificate().digest(QCryptographicHash::Sha512);
+        calculatedDigest = socket()->peerCertificate().digest(QCryptographicHash::Sha512);
          break;
  
      default:
          break;
  
      default:
@@ -460,7 +455,7 @@ void ClientAuthHandler::onSslErrors()
      if (knownDigest != calculatedDigest) {
          bool accepted = false;
          bool permanently = false;
      if (knownDigest != calculatedDigest) {
          bool accepted = false;
          bool permanently = false;
-        emit handleSslErrors(socket, &accepted, &permanently);
+        emit handleSslErrors(socket(), &accepted, &permanently);
  
          if (!accepted) {
              requestDisconnect(tr("Unencrypted connection canceled"));
  
          if (!accepted) {
              requestDisconnect(tr("Unencrypted connection canceled"));
@@ -468,7 +463,7 @@ void ClientAuthHandler::onSslErrors()
          }
  
          if (permanently) {
          }
  
          if (permanently) {
-            s.setAccountValue("SslCert", socket->peerCertificate().digest(QCryptographicHash::Sha512));
+            s.setAccountValue("SslCert", socket()->peerCertificate().digest(QCryptographicHash::Sha512));
              s.setAccountValue("SslCertDigestVersion", ClientAuthHandler::DigestVersion::Latest);
          }
          else {
              s.setAccountValue("SslCertDigestVersion", ClientAuthHandler::DigestVersion::Latest);
          }
          else {
@@ -477,9 +472,9 @@ void ClientAuthHandler::onSslErrors()
          }
      }
      else if (knownDigestVersion != ClientAuthHandler::DigestVersion::Latest) {
          }
      }
      else if (knownDigestVersion != ClientAuthHandler::DigestVersion::Latest) {
-        s.setAccountValue("SslCert", socket->peerCertificate().digest(QCryptographicHash::Sha512));
+        s.setAccountValue("SslCert", socket()->peerCertificate().digest(QCryptographicHash::Sha512));
          s.setAccountValue("SslCertDigestVersion", ClientAuthHandler::DigestVersion::Latest);
      }
  
          s.setAccountValue("SslCertDigestVersion", ClientAuthHandler::DigestVersion::Latest);
      }
  
-    socket->ignoreSslErrors();
+    socket()->ignoreSslErrors();
  }
  }
diff --git a/src/common/authhandler.cpp b/src/common/authhandler.cpp

index 1123ec5..9e7b5e7 100644 (file)
--- a/src/common/authhandler.cpp
+++ b/src/common/authhandler.cpp
@@ -28,12 +28,12 @@ AuthHandler::AuthHandler(QObject* parent)
      : QObject(parent)
  {}
  
      : QObject(parent)
  {}
  
-QTcpSocket* AuthHandler::socket() const
+QSslSocket* AuthHandler::socket() const
  {
      return _socket;
  }
  
  {
      return _socket;
  }
  
-void AuthHandler::setSocket(QTcpSocket* socket)
+void AuthHandler::setSocket(QSslSocket* socket)
  {
      _socket = socket;
      connect(socket, selectOverload<QAbstractSocket::SocketError>(&QTcpSocket::error), this, &AuthHandler::onSocketError);
  {
      _socket = socket;
      connect(socket, selectOverload<QAbstractSocket::SocketError>(&QTcpSocket::error), this, &AuthHandler::onSocketError);
diff --git a/src/common/authhandler.h b/src/common/authhandler.h

index b808442..a14b7e4 100644 (file)
--- a/src/common/authhandler.h
+++ b/src/common/authhandler.h
@@ -22,7 +22,7 @@
  
  #include "common-export.h"
  
  
  #include "common-export.h"
  
-#include <QTcpSocket>
+#include <QSslSocket>
  
  #include "protocol.h"
  
  
  #include "protocol.h"
  
@@ -35,7 +35,7 @@ class COMMON_EXPORT AuthHandler : public QObject
  public:
      AuthHandler(QObject* parent = nullptr);
  
  public:
      AuthHandler(QObject* parent = nullptr);
  
-    QTcpSocket* socket() const;
+    QSslSocket* socket() const;
  
      virtual bool isLocal() const;
  
  
      virtual bool isLocal() const;
  
@@ -65,7 +65,7 @@ signals:
      void socketError(QAbstractSocket::SocketError error, const QString& errorString);
  
  protected:
      void socketError(QAbstractSocket::SocketError error, const QString& errorString);
  
  protected:
-    void setSocket(QTcpSocket* socket);
+    void setSocket(QSslSocket* socket);
  
  protected slots:
      virtual void onSocketError(QAbstractSocket::SocketError error);
  
  protected slots:
      virtual void onSocketError(QAbstractSocket::SocketError error);
@@ -74,6 +74,6 @@ protected slots:
  private:
      void invalidMessage();
  
  private:
      void invalidMessage();
  
-    QTcpSocket* _socket{nullptr};  // FIXME: should be a QSharedPointer? -> premature disconnect before the peer has taken over
+    QSslSocket* _socket{nullptr};  // FIXME: should be a QSharedPointer? -> premature disconnect before the peer has taken over
      bool _disconnectedSent{false};
  };
      bool _disconnectedSent{false};
  };
diff --git a/src/core/core.cpp b/src/core/core.cpp

index 66e2e62..11563fd 100644 (file)
--- a/src/core/core.cpp
+++ b/src/core/core.cpp
@@ -572,17 +572,13 @@ bool Core::initAuthenticator(
  
  bool Core::sslSupported()
  {
  
  bool Core::sslSupported()
  {
-    auto* sslServer = qobject_cast<SslServer*>(&instance()->_server);
-    return sslServer && sslServer->isCertValid();
+    return instance()->_server.isCertValid() && instance()->_v6server.isCertValid();
  }
  
  bool Core::reloadCerts()
  {
  }
  
  bool Core::reloadCerts()
  {
-    auto* sslServerv4 = qobject_cast<SslServer*>(&_server);
-    bool retv4 = sslServerv4->reloadCerts();
-
-    auto* sslServerv6 = qobject_cast<SslServer*>(&_v6server);
-    bool retv6 = sslServerv6->reloadCerts();
+    bool retv4 = _server.reloadCerts();
+    bool retv6 = _v6server.reloadCerts();
  
      return retv4 && retv6;
  }
  
      return retv4 && retv6;
  }
@@ -707,10 +703,11 @@ void Core::stopListening(const QString& reason)
  
  void Core::incomingConnection()
  {
  
  void Core::incomingConnection()
  {
-    auto* server = qobject_cast<QTcpServer*>(sender());
+    auto* server = qobject_cast<SslServer*>(sender());
      Q_ASSERT(server);
      while (server->hasPendingConnections()) {
      Q_ASSERT(server);
      while (server->hasPendingConnections()) {
-        QTcpSocket* socket = server->nextPendingConnection();
+        auto socket = qobject_cast<QSslSocket*>(server->nextPendingConnection());
+        Q_ASSERT(socket);
  
          auto* handler = new CoreAuthHandler(socket, this);
          _connectingClients.insert(handler);
  
          auto* handler = new CoreAuthHandler(socket, this);
          _connectingClients.insert(handler);
diff --git a/src/core/coreauthhandler.cpp b/src/core/coreauthhandler.cpp

index 872c6d1..b289520 100644 (file)
--- a/src/core/coreauthhandler.cpp
+++ b/src/core/coreauthhandler.cpp
@@ -26,7 +26,7 @@
  
  #include "core.h"
  
  
  #include "core.h"
  
-CoreAuthHandler::CoreAuthHandler(QTcpSocket* socket, QObject* parent)
+CoreAuthHandler::CoreAuthHandler(QSslSocket* socket, QObject* parent)
      : AuthHandler(parent)
      , _peer(nullptr)
      , _metricsServer(Core::instance()->metricsServer())
      : AuthHandler(parent)
      , _peer(nullptr)
      , _metricsServer(Core::instance()->metricsServer())
@@ -334,18 +334,13 @@ bool CoreAuthHandler::isLocal() const
  
  void CoreAuthHandler::startSsl()
  {
  
  void CoreAuthHandler::startSsl()
  {
-    auto* sslSocket = qobject_cast<QSslSocket*>(socket());
-    Q_ASSERT(sslSocket);
-
      qDebug() << qPrintable(tr("Starting encryption for Client:")) << _peer->description();
      qDebug() << qPrintable(tr("Starting encryption for Client:")) << _peer->description();
-    connect(sslSocket, selectOverload<const QList<QSslError>&>(&QSslSocket::sslErrors), this, &CoreAuthHandler::onSslErrors);
-    sslSocket->flush();  // ensure that the write cache is flushed before we switch to ssl (bug 682)
-    sslSocket->startServerEncryption();
+    connect(socket(), selectOverload<const QList<QSslError>&>(&QSslSocket::sslErrors), this, &CoreAuthHandler::onSslErrors);
+    socket()->flush();  // ensure that the write cache is flushed before we switch to ssl (bug 682)
+    socket()->startServerEncryption();
  }
  
  void CoreAuthHandler::onSslErrors()
  {
  }
  
  void CoreAuthHandler::onSslErrors()
  {
-    auto* sslSocket = qobject_cast<QSslSocket*>(socket());
-    Q_ASSERT(sslSocket);
-    sslSocket->ignoreSslErrors();
+    socket()->ignoreSslErrors();
  }
  }
diff --git a/src/core/coreauthhandler.h b/src/core/coreauthhandler.h

index 6471a3e..21a2c51 100644 (file)
--- a/src/core/coreauthhandler.h
+++ b/src/core/coreauthhandler.h
@@ -18,8 +18,7 @@
   *   51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.         *
   ***************************************************************************/
  
   *   51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.         *
   ***************************************************************************/
  
-#ifndef COREAUTHHANDLER_H
-#define COREAUTHHANDLER_H
+#pragma once
  
  #include "authhandler.h"
  #include "metricsserver.h"
  
  #include "authhandler.h"
  #include "metricsserver.h"
@@ -33,7 +32,7 @@ class CoreAuthHandler : public AuthHandler
      Q_OBJECT
  
  public:
      Q_OBJECT
  
  public:
-    CoreAuthHandler(QTcpSocket* socket, QObject* parent = nullptr);
+    CoreAuthHandler(QSslSocket* socket, QObject* parent = nullptr);
  
      QHostAddress hostAddress() const;
      bool isLocal() const override;
  
      QHostAddress hostAddress() const;
      bool isLocal() const override;
@@ -74,5 +73,3 @@ private:
      quint8 _connectionFeatures;
      QVector<PeerFactory::ProtoDescriptor> _supportedProtos;
  };
      quint8 _connectionFeatures;
      QVector<PeerFactory::ProtoDescriptor> _supportedProtos;
  };
-
-#endif
author	Manuel Nickschas <sputnick@quassel-irc.org>
	Sun, 15 Mar 2020 19:24:59 +0000 (20:24 +0100)
committer	Manuel Nickschas <sputnick@quassel-irc.org>
	Thu, 11 Jun 2020 11:57:32 +0000 (13:57 +0200)
src/client/clientauthhandler.cpp		patch \| blob \| history
src/common/authhandler.cpp		patch \| blob \| history
src/common/authhandler.h		patch \| blob \| history
src/core/core.cpp		patch \| blob \| history
src/core/coreauthhandler.cpp		patch \| blob \| history
src/core/coreauthhandler.h		patch \| blob \| history