From 6ac855b96988ebc999f7017765ae3dbda527301a Mon Sep 17 00:00:00 2001 From: Manuel Nickschas Date: Thu, 13 Mar 2008 17:38:32 +0000 Subject: [PATCH] Implemented rudimentary SSL support for IRC connections. SSL errors (untrusted/invalid certs etc) are silently ignored at the moment; proper handling will come soonish. You can activate SSL encryption for a given server (not network, as this is a per-server setting) in the server edit dialog in network settings. Please to be testink this :) --- src/core/networkconnection.cpp | 48 ++++++++++++++++++++++++- src/core/networkconnection.h | 21 ++++++++++- src/qtui/settingspages/servereditdlg.ui | 11 +++--- version.inc | 2 +- 4 files changed, 74 insertions(+), 8 deletions(-) diff --git a/src/core/networkconnection.cpp b/src/core/networkconnection.cpp index fd7e2ba5..163f220d 100644 --- a/src/core/networkconnection.cpp +++ b/src/core/networkconnection.cpp @@ -65,7 +65,12 @@ NetworkConnection::NetworkConnection(Network *network, CoreSession *session) : Q connect(network, SIGNAL(autoReconnectIntervalSet(quint32)), this, SLOT(autoReconnectSettingsChanged())); connect(network, SIGNAL(autoReconnectRetriesSet(quint16)), this, SLOT(autoReconnectSettingsChanged())); +#ifndef QT_NO_OPENSSL + connect(&socket, SIGNAL(encrypted()), this, SLOT(socketEncrypted())); + connect(&socket, SIGNAL(sslErrors(const QList &)), this, SLOT(sslErrors(const QList &))); +#endif connect(&socket, SIGNAL(connected()), this, SLOT(socketConnected())); + connect(&socket, SIGNAL(disconnected()), this, SLOT(socketDisconnected())); connect(&socket, SIGNAL(error(QAbstractSocket::SocketError)), this, SLOT(socketError(QAbstractSocket::SocketError))); connect(&socket, SIGNAL(stateChanged(QAbstractSocket::SocketState)), this, SLOT(socketStateChanged(QAbstractSocket::SocketState))); @@ -73,6 +78,8 @@ NetworkConnection::NetworkConnection(Network *network, CoreSession *session) : Q connect(_ircServerHandler, SIGNAL(nickChanged(const QString &, const QString &)), this, SLOT(nickChanged(const QString &, const QString &))); + + network->proxy()->attachSignal(this, SIGNAL(sslErrors(const QVariant &))); } NetworkConnection::~NetworkConnection() { @@ -206,7 +213,7 @@ void NetworkConnection::connectToIrc(bool reconnecting) { } } _previousConnectionAttemptFailed = false; - + QString host = serverList[_lastUsedServerlistIndex].toMap()["Host"].toString(); quint16 port = serverList[_lastUsedServerlistIndex].toMap()["Port"].toUInt(); displayStatusMsg(tr("Connecting to %1:%2...").arg(host).arg(port)); @@ -293,7 +300,46 @@ void NetworkConnection::socketError(QAbstractSocket::SocketError) { //exit(1); } +#ifndef QT_NO_OPENSSL + +void NetworkConnection::sslErrors(const QList &errors) { + socket.ignoreSslErrors(); + /* TODO errorhandling + QVariantMap errmsg; + QVariantList errnums; + foreach(QSslError err, errors) errnums << err.error(); + errmsg["SslErrors"] = errnums; + errmsg["SslCert"] = socket.peerCertificate().toPem(); + errmsg["PeerAddress"] = socket.peerAddress().toString(); + errmsg["PeerPort"] = socket.peerPort(); + errmsg["PeerName"] = socket.peerName(); + emit sslErrors(errmsg); + disconnectFromIrc(); + */ +} + +void NetworkConnection::socketEncrypted() { + //qDebug() << "encrypted!"; + socketInitialized(); +} + +#endif // QT_NO_OPENSSL + void NetworkConnection::socketConnected() { +#ifdef QT_NO_OPENSSL + socketInitialized(); + return; +#else + if(!network()->serverList()[_lastUsedServerlistIndex].toMap()["UseSSL"].toBool()) { + socketInitialized(); + return; + } + //qDebug() << "starting handshake"; + socket.startClientEncryption(); +#endif +} + +void NetworkConnection::socketInitialized() { //emit connected(networkId()); initialize first! Identity *identity = coreSession()->identity(network()->identity()); if(!identity) { diff --git a/src/core/networkconnection.h b/src/core/networkconnection.h index 649171db..1a7aafaa 100644 --- a/src/core/networkconnection.h +++ b/src/core/networkconnection.h @@ -24,9 +24,15 @@ #include #include #include -#include #include +#ifndef QT_NO_OPENSSL +# include +# include +#else +# include +#endif + #include "identity.h" #include "message.h" #include "network.h" @@ -120,17 +126,30 @@ signals: void channelJoined(NetworkId, const QString &channel, const QString &key = QString()); void channelParted(NetworkId, const QString &channel); + void sslErrors(const QVariant &errorData); + private slots: void socketHasData(); void socketError(QAbstractSocket::SocketError); void socketConnected(); + void socketInitialized(); void socketDisconnected(); void socketStateChanged(QAbstractSocket::SocketState); void setConnectionState(Network::ConnectionState); void networkInitialized(const QString ¤tServer); +#ifndef QT_NO_OPENSSL + void socketEncrypted(); + void sslErrors(const QList &errors); +#endif + private: +#ifndef QT_NO_OPENSSL + QSslSocket socket; +#else QTcpSocket socket; +#endif + Network::ConnectionState _connectionState; Network *_network; diff --git a/src/qtui/settingspages/servereditdlg.ui b/src/qtui/settingspages/servereditdlg.ui index dec2b543..ef42b8e1 100644 --- a/src/qtui/settingspages/servereditdlg.ui +++ b/src/qtui/settingspages/servereditdlg.ui @@ -6,7 +6,7 @@ 0 0 264 - 159 + 167 @@ -71,13 +71,14 @@ - false + true Use SSL - :/16x16/actions/oxygen/16x16/actions/document-encrypt.png + + :/16x16/actions/oxygen/16x16/actions/document-encrypt.png:/16x16/actions/oxygen/16x16/actions/document-encrypt.png @@ -86,7 +87,7 @@ Qt::Vertical - + 20 40 @@ -100,7 +101,7 @@ Qt::Horizontal - QDialogButtonBox::Cancel|QDialogButtonBox::NoButton|QDialogButtonBox::Ok + QDialogButtonBox::Cancel|QDialogButtonBox::Ok diff --git a/version.inc b/version.inc index b924a40e..f1cb406f 100644 --- a/version.inc +++ b/version.inc @@ -5,7 +5,7 @@ quasselVersion = "0.2.0-alpha3-pre"; quasselDate = "2008-03-13"; - quasselBuild = 634; + quasselBuild = 636; //! Minimum client build number the core needs clientBuildNeeded = 628; -- 2.20.1