kdeconnect-kde/core/kdeconnectconfig.cpp

446 lines
14 KiB
C++
Raw Normal View History

/**
* SPDX-FileCopyrightText: 2015 Albert Vaca <albertvaka@gmail.com>
*
* SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only OR LicenseRef-KDE-Accepted-GPL
*/
#include "kdeconnectconfig.h"
#include <KLocalizedString>
#include <QCoreApplication>
#include <QDebug>
#include <QDir>
#include <QFile>
#include <QFileInfo>
#include <QHostInfo>
#include <QSettings>
2015-07-14 13:04:04 +01:00
#include <QSslCertificate>
#include <QStandardPaths>
2019-06-18 02:21:31 +01:00
#include <QThread>
#include <QUuid>
#include <QtCrypto>
#include "core_debug.h"
#include "daemon.h"
#include "dbushelper.h"
#include "deviceinfo.h"
#include "pluginloader.h"
const QFile::Permissions strictPermissions = QFile::ReadOwner | QFile::WriteOwner | QFile::ReadUser | QFile::WriteUser;
struct KdeConnectConfigPrivate {
// The Initializer object sets things up, and also does cleanup when it goes out of scope
2015-07-05 14:23:53 +01:00
// Note it's not being used anywhere. That's intended
QCA::Initializer m_qcaInitializer;
QCA::PrivateKey m_privateKey;
QSslCertificate m_certificate; // Use QSslCertificate instead of QCA::Certificate due to compatibility with QSslSocket
QSettings *m_config;
QSettings *m_trustedDevices;
#ifdef Q_OS_MAC
QString m_privateDBusAddress; // Private DBus Address cache
2019-06-18 02:21:31 +01:00
#endif
};
static QString getDefaultDeviceName()
{
2020-08-02 19:57:41 +01:00
#ifdef SAILFISHOS
const QString hwReleaseFile = QStringLiteral("/etc/hw-release");
// QSettings will crash if the file does not exist or can be created, like in this case by us in /etc.
// E.g. in the SFOS SDK Emulator there is no such file, so check before to protect against the crash.
if (QFile::exists(hwReleaseFile)) {
QSettings hwRelease(hwReleaseFile, QSettings::IniFormat);
auto hwName = hwRelease.value(QStringLiteral("NAME")).toString();
if (!hwName.isEmpty()) {
return hwName;
}
}
#endif
return QHostInfo::localHostName();
2020-08-02 19:57:41 +01:00
}
KdeConnectConfig &KdeConnectConfig::instance()
{
static KdeConnectConfig kcc;
return kcc;
}
KdeConnectConfig::KdeConnectConfig()
: d(new KdeConnectConfigPrivate)
{
// qCDebug(KDECONNECT_CORE) << "QCA supported capabilities:" << QCA::supportedFeatures().join(",");
if (!QCA::isSupported("rsa")) {
qCritical() << "Could not find support for RSA in your QCA installation";
Daemon::instance()->reportError(i18n("KDE Connect failed to start"),
i18n("Could not find support for RSA in your QCA installation. If your "
"distribution provides separate packets for QCA-ossl and QCA-gnupg, "
"make sure you have them installed and try again."));
}
// Make sure base directory exists
QDir().mkpath(baseConfigDir().path());
//.config/kdeconnect/config
d->m_config = new QSettings(baseConfigDir().absoluteFilePath(QStringLiteral("config")), QSettings::IniFormat);
d->m_trustedDevices = new QSettings(baseConfigDir().absoluteFilePath(QStringLiteral("trusted_devices")), QSettings::IniFormat);
2018-12-25 00:33:08 +00:00
loadPrivateKey();
loadCertificate();
2020-08-02 19:57:41 +01:00
if (name().isEmpty()) {
setName(getDefaultDeviceName());
}
}
QString KdeConnectConfig::name()
{
2020-08-02 19:57:41 +01:00
return d->m_config->value(QStringLiteral("name")).toString();
}
void KdeConnectConfig::setName(const QString &name)
{
d->m_config->setValue(QStringLiteral("name"), name);
d->m_config->sync();
}
DeviceType KdeConnectConfig::deviceType()
{
2020-04-19 21:40:49 +01:00
#ifdef SAILFISHOS
return DeviceType::Phone;
2020-04-19 21:40:49 +01:00
#else
const QByteArrayList platforms = qgetenv("PLASMA_PLATFORM").split(':');
if (platforms.contains("phone")) {
return DeviceType::Phone;
2020-04-19 21:40:49 +01:00
} else if (platforms.contains("tablet")) {
return DeviceType::Tablet;
} else if (platforms.contains("mediacenter")) {
return DeviceType::Tv;
2020-04-19 21:40:49 +01:00
}
// TODO non-Plasma mobile platforms
return DeviceType::Desktop;
2020-04-19 21:40:49 +01:00
#endif
}
QString KdeConnectConfig::deviceId()
{
2018-12-25 00:52:16 +00:00
return d->m_certificate.subjectInfo(QSslCertificate::CommonName).constFirst();
}
QString KdeConnectConfig::privateKeyPath()
{
return baseConfigDir().absoluteFilePath(QStringLiteral("privateKey.pem"));
}
2015-07-05 14:23:53 +01:00
QString KdeConnectConfig::certificatePath()
{
return baseConfigDir().absoluteFilePath(QStringLiteral("certificate.pem"));
2015-07-05 14:23:53 +01:00
}
QSslCertificate KdeConnectConfig::certificate()
{
return d->m_certificate;
2015-07-05 14:23:53 +01:00
}
DeviceInfo KdeConnectConfig::deviceInfo()
{
return DeviceInfo(deviceId(),
certificate(),
name(),
deviceType(),
NetworkPacket::s_protocolVersion,
PluginLoader::instance()->incomingCapabilities().toSet(),
PluginLoader::instance()->outgoingCapabilities().toSet());
}
QDir KdeConnectConfig::baseConfigDir()
{
2019-08-01 15:01:50 +01:00
QString configPath = QStandardPaths::writableLocation(QStandardPaths::GenericConfigLocation);
QString kdeconnectConfigPath = QDir(configPath).absoluteFilePath(QStringLiteral("kdeconnect"));
return QDir(kdeconnectConfigPath);
}
QStringList KdeConnectConfig::trustedDevices()
{
const QStringList &list = d->m_trustedDevices->childGroups();
return list;
}
void KdeConnectConfig::addTrustedDevice(const DeviceInfo &deviceInfo)
{
d->m_trustedDevices->beginGroup(deviceInfo.id);
d->m_trustedDevices->setValue(QStringLiteral("name"), deviceInfo.name);
d->m_trustedDevices->setValue(QStringLiteral("type"), deviceInfo.type.toString());
QString certString = QString::fromLatin1(deviceInfo.certificate.toPem());
d->m_trustedDevices->setValue(QStringLiteral("certificate"), certString);
d->m_trustedDevices->endGroup();
d->m_trustedDevices->sync();
QDir().mkpath(deviceConfigDir(deviceInfo.id).path());
}
void KdeConnectConfig::updateTrustedDeviceInfo(const DeviceInfo &deviceInfo)
{
if (!trustedDevices().contains(deviceInfo.id)) {
// do not store values for untrusted devices (it would make them trusted)
return;
}
d->m_trustedDevices->beginGroup(deviceInfo.id);
d->m_trustedDevices->setValue(QStringLiteral("name"), deviceInfo.name);
d->m_trustedDevices->setValue(QStringLiteral("type"), deviceInfo.type.toString());
d->m_trustedDevices->endGroup();
d->m_trustedDevices->sync();
}
QSslCertificate KdeConnectConfig::getTrustedDeviceCertificate(const QString &id)
{
d->m_trustedDevices->beginGroup(id);
QString certString = d->m_trustedDevices->value(QStringLiteral("certificate"), QString()).toString();
d->m_trustedDevices->endGroup();
return QSslCertificate(certString.toLatin1());
}
DeviceInfo KdeConnectConfig::getTrustedDevice(const QString &id)
{
d->m_trustedDevices->beginGroup(id);
QString certString = d->m_trustedDevices->value(QStringLiteral("certificate"), QString()).toString();
QSslCertificate certificate(certString.toLatin1());
QString name = d->m_trustedDevices->value(QStringLiteral("name"), QLatin1String("unnamed")).toString();
QString typeString = d->m_trustedDevices->value(QStringLiteral("type"), QLatin1String("unknown")).toString();
DeviceType type = DeviceType::FromString(typeString);
d->m_trustedDevices->endGroup();
return DeviceInfo(id, certificate, name, type);
}
void KdeConnectConfig::removeTrustedDevice(const QString &deviceId)
{
d->m_trustedDevices->remove(deviceId);
d->m_trustedDevices->sync();
// We do not remove the config files.
}
2015-07-05 14:23:53 +01:00
// Utility functions to set and get a value
void KdeConnectConfig::setDeviceProperty(const QString &deviceId, const QString &key, const QString &value)
2015-07-05 14:23:53 +01:00
{
2020-08-02 12:57:58 +01:00
// do not store values for untrusted devices (it would make them trusted)
if (!trustedDevices().contains(deviceId))
return;
d->m_trustedDevices->beginGroup(deviceId);
d->m_trustedDevices->setValue(key, value);
d->m_trustedDevices->endGroup();
d->m_trustedDevices->sync();
2015-07-05 14:23:53 +01:00
}
QString KdeConnectConfig::getDeviceProperty(const QString &deviceId, const QString &key, const QString &defaultValue)
2015-07-05 14:23:53 +01:00
{
QString value;
d->m_trustedDevices->beginGroup(deviceId);
value = d->m_trustedDevices->value(key, defaultValue).toString();
d->m_trustedDevices->endGroup();
2015-07-05 14:23:53 +01:00
return value;
}
void KdeConnectConfig::setCustomDevices(const QStringList &addresses)
2020-08-18 15:55:48 +01:00
{
d->m_config->setValue(QStringLiteral("customDevices"), addresses);
d->m_config->sync();
}
QStringList KdeConnectConfig::customDevices() const
{
return d->m_config->value(QStringLiteral("customDevices")).toStringList();
}
2015-07-05 14:23:53 +01:00
QDir KdeConnectConfig::deviceConfigDir(const QString &deviceId)
{
QString deviceConfigPath = baseConfigDir().absoluteFilePath(deviceId);
return QDir(deviceConfigPath);
}
QDir KdeConnectConfig::pluginConfigDir(const QString &deviceId, const QString &pluginName)
{
QString deviceConfigPath = baseConfigDir().absoluteFilePath(deviceId);
QString pluginConfigDir = QDir(deviceConfigPath).absoluteFilePath(pluginName);
return QDir(pluginConfigDir);
}
2018-12-25 00:33:08 +00:00
void KdeConnectConfig::loadPrivateKey()
{
QString keyPath = privateKeyPath();
QFile privKey(keyPath);
bool needsToGenerateKey = false;
if (privKey.exists() && privKey.open(QIODevice::ReadOnly)) {
QCA::ConvertResult result;
d->m_privateKey = QCA::PrivateKey::fromPEM(QString::fromLatin1(privKey.readAll()), QCA::SecureArray(), &result);
if (result != QCA::ConvertResult::ConvertGood) {
qCWarning(KDECONNECT_CORE) << "Private key from" << keyPath << "is not valid";
needsToGenerateKey = true;
}
2018-12-25 00:33:08 +00:00
} else {
needsToGenerateKey = true;
}
2018-12-25 00:33:08 +00:00
if (needsToGenerateKey) {
generatePrivateKey(keyPath);
2018-12-25 00:33:08 +00:00
}
// Extra security check
if (QFile::permissions(keyPath) != strictPermissions) {
2018-12-25 00:33:08 +00:00
qCWarning(KDECONNECT_CORE) << "Warning: KDE Connect private key file has too open permissions " << keyPath;
}
}
void KdeConnectConfig::loadCertificate()
{
QString certPath = certificatePath();
QFile cert(certPath);
2018-12-25 00:33:08 +00:00
bool needsToGenerateCert = false;
if (cert.exists() && cert.open(QIODevice::ReadOnly)) {
auto loadedCerts = QSslCertificate::fromPath(certPath);
if (loadedCerts.empty()) {
qCWarning(KDECONNECT_CORE) << "Certificate from" << certPath << "is not valid";
needsToGenerateCert = true;
} else {
d->m_certificate = loadedCerts.at(0);
}
} else {
needsToGenerateCert = true;
}
2018-12-25 00:33:08 +00:00
if (needsToGenerateCert) {
generateCertificate(certPath);
}
2015-07-19 15:55:28 +01:00
// Extra security check
if (QFile::permissions(certPath) != strictPermissions) {
qCWarning(KDECONNECT_CORE) << "Warning: KDE Connect certificate file has too open permissions " << certPath;
}
}
void KdeConnectConfig::generatePrivateKey(const QString &keyPath)
{
qCDebug(KDECONNECT_CORE) << "Generating private key";
bool error = false;
d->m_privateKey = QCA::KeyGenerator().createRSA(2048);
QFile privKey(keyPath);
if (!privKey.open(QIODevice::ReadWrite | QIODevice::Truncate)) {
error = true;
} else {
privKey.setPermissions(strictPermissions);
int written = privKey.write(d->m_privateKey.toPEM().toLatin1());
if (written <= 0) {
error = true;
}
}
if (error) {
Daemon::instance()->reportError(QStringLiteral("KDE Connect"), i18n("Could not store private key file: %1", keyPath));
}
}
void KdeConnectConfig::generateCertificate(const QString &certPath)
{
qCDebug(KDECONNECT_CORE) << "Generating certificate";
bool error = false;
QString uuid = QUuid::createUuid().toString();
2019-08-14 16:36:19 +01:00
DBusHelper::filterNonExportableCharacters(uuid);
qCDebug(KDECONNECT_CORE) << "My id:" << uuid;
// FIXME: We only use QCA here to generate the cert and key, would be nice to get rid of it completely.
// The same thing we are doing with QCA could be done invoking openssl (although it's potentially less portable):
// openssl req -new -x509 -sha256 -newkey rsa:2048 -nodes -keyout privateKey.pem -days 3650 -out certificate.pem -subj "/O=KDE/OU=KDE
// Connect/CN=_e6e29ad4_2b31_4b6d_8f7a_9872dbaa9095_"
QCA::CertificateOptions certificateOptions = QCA::CertificateOptions();
QDateTime startTime = QDateTime::currentDateTime().addYears(-1);
QDateTime endTime = startTime.addYears(10);
QCA::CertificateInfo certificateInfo;
certificateInfo.insert(QCA::CommonName, uuid);
certificateInfo.insert(QCA::Organization, QStringLiteral("KDE"));
certificateInfo.insert(QCA::OrganizationalUnit, QStringLiteral("Kde connect"));
certificateOptions.setInfo(certificateInfo);
certificateOptions.setFormat(QCA::PKCS10);
certificateOptions.setSerialNumber(QCA::BigInteger(10));
certificateOptions.setValidityPeriod(startTime, endTime);
d->m_certificate = QSslCertificate(QCA::Certificate(certificateOptions, d->m_privateKey).toPEM().toLatin1());
QFile cert(certPath);
if (!cert.open(QIODevice::ReadWrite | QIODevice::Truncate)) {
error = true;
} else {
cert.setPermissions(strictPermissions);
int written = cert.write(d->m_certificate.toPem());
if (written <= 0) {
error = true;
2018-12-25 00:33:08 +00:00
}
}
if (error) {
Daemon::instance()->reportError(QStringLiteral("KDE Connect"), i18n("Could not store certificate file: %1", certPath));
}
2018-12-25 00:33:08 +00:00
}
2019-06-18 02:21:31 +01:00
#ifdef Q_OS_MAC
2019-06-18 02:21:31 +01:00
QString KdeConnectConfig::privateDBusAddressPath()
{
return baseConfigDir().absoluteFilePath(QStringLiteral("private_dbus_address"));
}
QString KdeConnectConfig::privateDBusAddress()
{
if (d->m_privateDBusAddress.length() != 0)
return d->m_privateDBusAddress;
2019-06-18 02:21:31 +01:00
QString dbusAddressPath = privateDBusAddressPath();
QFile dbusAddressFile(dbusAddressPath);
if (!dbusAddressFile.open(QFile::ReadOnly | QFile::Text)) {
qCCritical(KDECONNECT_CORE) << "Private DBus enabled but error read private dbus address conf";
exit(1);
}
QTextStream in(&dbusAddressFile);
qCDebug(KDECONNECT_CORE) << "Waiting for private dbus";
int retry = 0;
QString addr = in.readLine();
while (addr.length() == 0 && retry < 5) {
2019-06-18 02:21:31 +01:00
qCDebug(KDECONNECT_CORE) << "Retry reading private DBus address after 3s";
QThread::sleep(3);
retry++;
addr = in.readLine(); // Read until first not empty line
2019-06-18 02:21:31 +01:00
}
if (addr.length() == 0) {
qCCritical(KDECONNECT_CORE) << "Private DBus enabled but read private dbus address failed";
exit(1);
}
qCDebug(KDECONNECT_CORE) << "Private dbus address: " << addr;
2019-06-18 02:21:31 +01:00
d->m_privateDBusAddress = addr;
return addr;
}
#endif