kdeconnect-kde/core/backends/lan/lanlinkprovider.cpp

636 lines
24 KiB
C++
Raw Normal View History

2013-08-07 10:29:56 +01:00
/**
* SPDX-FileCopyrightText: 2013 Albert Vaca <albertvaka@gmail.com>
2013-08-07 10:29:56 +01:00
*
* SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only OR LicenseRef-KDE-Accepted-GPL
2013-08-07 10:29:56 +01:00
*/
2013-08-28 22:47:39 +01:00
#include "lanlinkprovider.h"
#include "core_debug.h"
2013-08-07 10:29:56 +01:00
2015-09-10 14:51:38 +01:00
#ifndef Q_OS_WIN
#include <netdb.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <sys/socket.h>
#else
#include <winsock2.h>
#include <mstcpip.h>
2015-09-10 14:51:38 +01:00
#endif
2013-08-07 10:29:56 +01:00
#include <QHostInfo>
#include <QMetaEnum>
#include <QNetworkConfigurationManager>
#include <QNetworkProxy>
#include <QNetworkSession>
2016-07-05 13:27:53 +01:00
#include <QSslCipher>
#include <QSslConfiguration>
#include <QSslKey>
#include <QStringList>
#include <QTcpServer>
#include <QUdpSocket>
2013-08-07 10:29:56 +01:00
2016-07-05 13:27:53 +01:00
#include "daemon.h"
#include "kdeconnectconfig.h"
#include "landevicelink.h"
#include "qtcompat_p.h"
static const int MAX_UNPAIRED_CONNECTIONS = 42;
static const int MAX_REMEMBERED_IDENTITY_PACKETS = 42;
LanLinkProvider::LanLinkProvider(bool testMode, quint16 udpBroadcastPort, quint16 udpListenPort)
: m_server(new Server(this))
, m_udpSocket(this)
, m_tcpPort(0)
, m_udpBroadcastPort(udpBroadcastPort)
, m_udpListenPort(udpListenPort)
2018-11-03 01:17:25 +00:00
, m_testMode(testMode)
, m_combineBroadcastsTimer(this)
#ifdef KDECONNET_MDNS
2023-06-22 10:53:42 +01:00
, m_mdnsDiscovery(this)
#endif
2013-08-07 10:29:56 +01:00
{
m_combineBroadcastsTimer.setInterval(0); // increase this if waiting a single event-loop iteration is not enough
m_combineBroadcastsTimer.setSingleShot(true);
connect(&m_combineBroadcastsTimer, &QTimer::timeout, this, &LanLinkProvider::broadcastToNetwork);
2019-05-04 14:10:27 +01:00
connect(&m_udpSocket, &QIODevice::readyRead, this, &LanLinkProvider::udpBroadcastReceived);
2013-08-07 10:29:56 +01:00
m_server->setProxy(QNetworkProxy::NoProxy);
2019-05-04 18:27:04 +01:00
connect(m_server, &QTcpServer::newConnection, this, &LanLinkProvider::newConnection);
2013-08-07 10:29:56 +01:00
m_udpSocket.setProxy(QNetworkProxy::NoProxy);
// Detect when a network interface changes status, so we announce ourselves in the new network
QNetworkConfigurationManager *networkManager = new QNetworkConfigurationManager(this);
connect(networkManager, &QNetworkConfigurationManager::configurationChanged, this, &LanLinkProvider::onNetworkConfigurationChanged);
connect(&m_udpSocket, &QAbstractSocket::errorOccurred, [](QAbstractSocket::SocketError socketError) {
qWarning() << "Error sending UDP packet:" << socketError;
});
}
void LanLinkProvider::onNetworkConfigurationChanged(const QNetworkConfiguration &config)
{
if (m_lastConfig != config && config.state() == QNetworkConfiguration::Active) {
m_lastConfig = config;
onNetworkChange();
}
2013-08-07 10:29:56 +01:00
}
2015-04-04 18:05:55 +01:00
LanLinkProvider::~LanLinkProvider()
{
}
2013-08-28 22:47:39 +01:00
void LanLinkProvider::onStart()
2013-08-07 10:29:56 +01:00
{
const QHostAddress bindAddress = m_testMode ? QHostAddress::LocalHost : QHostAddress::Any;
bool success = m_udpSocket.bind(bindAddress, m_udpListenPort, QUdpSocket::ShareAddress);
if (!success) {
QAbstractSocket::SocketError sockErr = m_udpSocket.error();
// Refer to https://doc.qt.io/qt-5/qabstractsocket.html#SocketError-enum to decode socket error number
QString errorMessage = QString::fromLatin1(QMetaEnum::fromType<QAbstractSocket::SocketError>().valueToKey(sockErr));
qCritical(KDECONNECT_CORE) << QLatin1String("Failed to bind UDP socket on port") << m_udpListenPort << QLatin1String("with error") << errorMessage;
}
Q_ASSERT(success);
m_tcpPort = MIN_TCP_PORT;
while (!m_server->listen(bindAddress, m_tcpPort)) {
m_tcpPort++;
if (m_tcpPort > MAX_TCP_PORT) { // No ports available?
2017-02-14 22:03:59 +00:00
qCritical(KDECONNECT_CORE) << "Error opening a port in range" << MIN_TCP_PORT << "-" << MAX_TCP_PORT;
m_tcpPort = 0;
return;
}
}
2013-08-07 10:29:56 +01:00
2023-06-22 10:53:42 +01:00
broadcastUdpIdentityPacket();
#ifdef KDECONNET_MDNS
2023-06-22 10:53:42 +01:00
m_mdnsDiscovery.startAnnouncing();
m_mdnsDiscovery.startDiscovering();
#endif
2023-06-22 10:53:42 +01:00
2019-05-26 19:30:39 +01:00
qCDebug(KDECONNECT_CORE) << "LanLinkProvider started";
2013-08-07 10:29:56 +01:00
}
2013-08-28 22:47:39 +01:00
void LanLinkProvider::onStop()
2013-08-07 10:29:56 +01:00
{
#ifdef KDECONNET_MDNS
2023-06-22 10:53:42 +01:00
m_mdnsDiscovery.stopAnnouncing();
m_mdnsDiscovery.stopDiscovering();
#endif
m_udpSocket.close();
m_server->close();
2019-05-26 19:30:39 +01:00
qCDebug(KDECONNECT_CORE) << "LanLinkProvider stopped";
2013-08-07 10:29:56 +01:00
}
void LanLinkProvider::onNetworkChange()
{
if (m_combineBroadcastsTimer.isActive()) {
2020-08-18 15:55:48 +01:00
qCDebug(KDECONNECT_CORE) << "Preventing duplicate broadcasts";
return;
}
m_combineBroadcastsTimer.start();
}
// I'm in a new network, let's be polite and introduce myself
void LanLinkProvider::broadcastToNetwork()
{
if (!m_server->isListening()) {
2023-06-22 10:53:42 +01:00
qWarning() << "TCP server not listening, not broadcasting";
return;
}
Q_ASSERT(m_tcpPort != 0);
2015-04-04 18:05:55 +01:00
2023-06-22 10:53:42 +01:00
broadcastUdpIdentityPacket();
#ifdef KDECONNET_MDNS
2023-06-22 10:53:42 +01:00
m_mdnsDiscovery.stopDiscovering();
m_mdnsDiscovery.startDiscovering();
#endif
2023-06-22 10:53:42 +01:00
}
void LanLinkProvider::broadcastUdpIdentityPacket()
{
if (qEnvironmentVariableIsSet("KDECONNECT_DISABLE_UDP_BROADCAST")) {
qWarning() << "Not broadcasting UDP because KDECONNECT_DISABLE_UDP_BROADCAST is set";
return;
}
2023-06-22 10:53:42 +01:00
qCDebug(KDECONNECT_CORE()) << "Broadcasting identity packet";
2016-11-20 03:24:28 +00:00
QList<QHostAddress> addresses = getBroadcastAddresses();
2016-11-20 03:24:28 +00:00
#if defined(Q_OS_WIN) || defined(Q_OS_FREEBSD)
// On Windows and FreeBSD we need to broadcast from every local IP address to reach all networks
2016-11-20 03:24:28 +00:00
QUdpSocket sendSocket;
sendSocket.setProxy(QNetworkProxy::NoProxy);
for (const QNetworkInterface &iface : QNetworkInterface::allInterfaces()) {
if ((iface.flags() & QNetworkInterface::IsUp) && (iface.flags() & QNetworkInterface::IsRunning) && (iface.flags() & QNetworkInterface::CanBroadcast)) {
for (const QNetworkAddressEntry &ifaceAddress : iface.addressEntries()) {
2016-11-20 03:24:28 +00:00
QHostAddress sourceAddress = ifaceAddress.ip();
if (sourceAddress.protocol() == QAbstractSocket::IPv4Protocol && sourceAddress != QHostAddress::LocalHost) {
qCDebug(KDECONNECT_CORE()) << "Broadcasting as" << sourceAddress;
sendSocket.bind(sourceAddress);
sendUdpIdentityPacket(sendSocket, addresses);
2016-11-20 03:24:28 +00:00
sendSocket.close();
}
}
}
}
#else
sendUdpIdentityPacket(addresses);
2016-11-20 03:24:28 +00:00
#endif
2020-08-18 15:55:48 +01:00
}
2020-08-18 15:55:48 +01:00
QList<QHostAddress> LanLinkProvider::getBroadcastAddresses()
{
const QStringList customDevices = KdeConnectConfig::instance().customDevices();
QList<QHostAddress> destinations;
destinations.reserve(customDevices.length() + 1);
// Default broadcast address
destinations.append(m_testMode ? QHostAddress::LocalHost : QHostAddress::Broadcast);
// Custom device addresses
for (auto &customDevice : customDevices) {
2020-08-18 15:55:48 +01:00
QHostAddress address(customDevice);
if (address.isNull()) {
qCWarning(KDECONNECT_CORE) << "Invalid custom device address" << customDevice;
} else {
destinations.append(address);
}
}
return destinations;
}
2016-11-20 03:24:28 +00:00
void LanLinkProvider::sendUdpIdentityPacket(const QList<QHostAddress> &addresses)
2020-08-18 15:55:48 +01:00
{
sendUdpIdentityPacket(m_udpSocket, addresses);
}
void LanLinkProvider::sendUdpIdentityPacket(QUdpSocket &socket, const QList<QHostAddress> &addresses)
{
DeviceInfo myDeviceInfo = KdeConnectConfig::instance().deviceInfo();
NetworkPacket identityPacket = myDeviceInfo.toIdentityPacket();
identityPacket.set(QStringLiteral("tcpPort"), m_tcpPort);
const QByteArray payload = identityPacket.serialize();
2020-08-18 15:55:48 +01:00
for (auto &address : addresses) {
qint64 bytes = socket.writeDatagram(payload, address, m_udpBroadcastPort);
if (bytes == -1 && socket.error() == QAbstractSocket::DatagramTooLargeError) {
// On macOS and FreeBSD, UDP broadcasts larger than MTU get dropped. See:
// https://opensource.apple.com/source/xnu/xnu-3789.1.32/bsd/netinet/ip_output.c.auto.html#:~:text=/*%20don%27t%20allow%20broadcast%20messages%20to%20be%20fragmented%20*/
// We remove the capabilities to reduce the size of the packet.
// This should only happen for broadcasts, so UDP packets sent from MDNS discoveries should still work.
qWarning() << "Identity packet to" << address << "got rejected because it was too large. Retrying without including the capabilities";
identityPacket.set(QStringLiteral("outgoingCapabilities"), QStringList());
identityPacket.set(QStringLiteral("incomingCapabilities"), QStringList());
const QByteArray smallPayload = identityPacket.serialize();
socket.writeDatagram(smallPayload, address, m_udpBroadcastPort);
}
2020-08-18 15:55:48 +01:00
}
2013-08-07 10:29:56 +01:00
}
// I'm the existing device, a new device is kindly introducing itself.
// I will create a TcpSocket and try to connect. This can result in either tcpSocketConnected() or connectError().
2019-05-04 14:10:27 +01:00
void LanLinkProvider::udpBroadcastReceived()
2013-08-07 10:29:56 +01:00
{
while (m_udpSocket.hasPendingDatagrams()) {
2013-08-07 10:29:56 +01:00
QByteArray datagram;
datagram.resize(m_udpSocket.pendingDatagramSize());
2013-08-07 10:29:56 +01:00
QHostAddress sender;
m_udpSocket.readDatagram(datagram.data(), datagram.size(), &sender);
2013-08-07 10:29:56 +01:00
if (sender.isLoopback() && !m_testMode)
2015-12-06 00:19:55 +00:00
continue;
NetworkPacket *receivedPacket = new NetworkPacket();
bool success = NetworkPacket::unserialize(datagram, receivedPacket);
2013-08-07 10:29:56 +01:00
// qCDebug(KDECONNECT_CORE) << "Datagram " << datagram.data() ;
2015-07-05 14:23:53 +01:00
if (!success) {
qCDebug(KDECONNECT_CORE) << "Could not unserialize UDP packet";
delete receivedPacket;
continue;
}
if (receivedPacket->type() != PACKET_TYPE_IDENTITY) {
qCDebug(KDECONNECT_CORE) << "Received a UDP packet of wrong type" << receivedPacket->type();
delete receivedPacket;
continue;
}
2013-08-07 12:40:39 +01:00
if (receivedPacket->get<QString>(QStringLiteral("deviceId")) == KdeConnectConfig::instance().deviceId()) {
// qCDebug(KDECONNECT_CORE) << "Ignoring my own broadcast";
delete receivedPacket;
continue;
}
int tcpPort = receivedPacket->get<int>(QStringLiteral("tcpPort"));
if (tcpPort < MIN_TCP_PORT || tcpPort > MAX_TCP_PORT) {
qCDebug(KDECONNECT_CORE) << "TCP port outside of kdeconnect's range";
delete receivedPacket;
continue;
}
// qCDebug(KDECONNECT_CORE) << "Received Udp identity packet from" << sender << " asking for a tcp connection on port " << tcpPort;
if (m_receivedIdentityPackets.size() > MAX_REMEMBERED_IDENTITY_PACKETS) {
qCWarning(KDECONNECT_CORE) << "Too many remembered identities, ignoring" << receivedPacket->get<QString>(QStringLiteral("deviceId"))
<< "received via UDP";
delete receivedPacket;
continue;
}
QSslSocket *socket = new QSslSocket(this);
socket->setProxy(QNetworkProxy::NoProxy);
m_receivedIdentityPackets[socket].np = receivedPacket;
m_receivedIdentityPackets[socket].sender = sender;
2019-05-04 14:10:27 +01:00
connect(socket, &QAbstractSocket::connected, this, &LanLinkProvider::tcpSocketConnected);
#if QT_VERSION < QT_VERSION_CHECK(5, 15, 0)
2019-05-01 22:42:24 +01:00
connect(socket, QOverload<QAbstractSocket::SocketError>::of(&QAbstractSocket::error), this, &LanLinkProvider::connectError);
2020-05-09 15:54:22 +01:00
#else
connect(socket, &QAbstractSocket::errorOccurred, this, &LanLinkProvider::connectError);
#endif
socket->connectToHost(sender, tcpPort);
2013-08-07 12:40:39 +01:00
}
}
2013-08-07 10:29:56 +01:00
void LanLinkProvider::connectError(QAbstractSocket::SocketError socketError)
2013-08-07 12:40:39 +01:00
{
QSslSocket *socket = qobject_cast<QSslSocket *>(sender());
if (!socket)
return;
2013-08-07 10:29:56 +01:00
qCDebug(KDECONNECT_CORE) << "Socket error" << socketError;
2015-09-09 19:12:16 +01:00
qCDebug(KDECONNECT_CORE) << "Fallback (1), try reverse connection (send udp packet)" << socket->errorString();
NetworkPacket np = KdeConnectConfig::instance().deviceInfo().toIdentityPacket();
np.set(QStringLiteral("tcpPort"), m_tcpPort);
m_udpSocket.writeDatagram(np.serialize(), m_receivedIdentityPackets[socket].sender, m_udpBroadcastPort);
2013-08-07 12:40:39 +01:00
// The socket we created didn't work, and we didn't manage
// to create a LanDeviceLink from it, deleting everything.
delete m_receivedIdentityPackets.take(socket).np;
socket->deleteLater();
2013-08-07 12:40:39 +01:00
}
// We received a UDP packet and answered by connecting to them by TCP. This gets called on a successful connection.
2019-05-04 14:10:27 +01:00
void LanLinkProvider::tcpSocketConnected()
2013-08-07 12:40:39 +01:00
{
QSslSocket *socket = qobject_cast<QSslSocket *>(sender());
2023-03-04 22:14:31 +00:00
if (!socket) {
return;
2023-03-04 22:14:31 +00:00
}
#if QT_VERSION < QT_VERSION_CHECK(5, 15, 0)
2019-05-01 22:42:24 +01:00
disconnect(socket, QOverload<QAbstractSocket::SocketError>::of(&QAbstractSocket::error), this, &LanLinkProvider::connectError);
2020-05-09 15:54:22 +01:00
#else
disconnect(socket, &QAbstractSocket::errorOccurred, this, &LanLinkProvider::connectError);
#endif
2019-05-01 22:42:24 +01:00
configureSocket(socket);
// If socket disconnects due to any reason after connection, link on ssl failure
2016-11-26 14:12:38 +00:00
connect(socket, &QAbstractSocket::disconnected, socket, &QObject::deleteLater);
NetworkPacket *receivedPacket = m_receivedIdentityPackets[socket].np;
const QString &deviceId = receivedPacket->get<QString>(QStringLiteral("deviceId"));
// qCDebug(KDECONNECT_CORE) << "tcpSocketConnected" << socket->isWritable();
2013-08-07 12:40:39 +01:00
2015-07-05 14:23:53 +01:00
// If network is on ssl, do not believe when they are connected, believe when handshake is completed
NetworkPacket np2 = KdeConnectConfig::instance().deviceInfo().toIdentityPacket();
2015-07-05 14:23:53 +01:00
socket->write(np2.serialize());
bool success = socket->waitForBytesWritten();
2013-08-07 12:40:39 +01:00
if (success) {
2016-06-17 00:59:53 +01:00
qCDebug(KDECONNECT_CORE) << "TCP connection done (i'm the existing device)";
2015-07-05 14:23:53 +01:00
// if ssl supported
bool isDeviceTrusted = KdeConnectConfig::instance().trustedDevices().contains(deviceId);
configureSslSocket(socket, deviceId, isDeviceTrusted);
qCDebug(KDECONNECT_CORE) << "Starting server ssl (I'm the client TCP socket)";
connect(socket, &QSslSocket::encrypted, this, &LanLinkProvider::encrypted);
connect(socket, QOverload<const QList<QSslError> &>::of(&QSslSocket::sslErrors), this, &LanLinkProvider::sslErrors);
socket->startServerEncryption();
2013-08-07 12:40:39 +01:00
} else {
// The socket doesn't seem to work, so we can't create the connection.
qCDebug(KDECONNECT_CORE) << "Fallback (2), try reverse connection (send udp packet)";
m_udpSocket.writeDatagram(np2.serialize(), m_receivedIdentityPackets[socket].sender, m_udpBroadcastPort);
2013-08-07 10:29:56 +01:00
// Cleanup the network packet now. The socket should be deleted via the disconnected() signal.
// We don't do this on success, because it is done later in the encrypted() slot.
delete m_receivedIdentityPackets.take(socket).np;
}
2013-08-07 10:29:56 +01:00
}
2015-07-14 13:04:04 +01:00
void LanLinkProvider::encrypted()
{
qCDebug(KDECONNECT_CORE) << "Socket successfully established an SSL connection";
2015-07-13 15:25:22 +01:00
QSslSocket *socket = qobject_cast<QSslSocket *>(sender());
if (!socket)
return;
2015-07-05 14:23:53 +01:00
Q_ASSERT(socket->mode() != QSslSocket::UnencryptedMode);
NetworkPacket *identityPacket = m_receivedIdentityPackets[socket].np;
2015-07-05 14:23:53 +01:00
DeviceInfo deviceInfo = DeviceInfo::FromIdentityPacketAndCert(*identityPacket, socket->peerCertificate());
addLink(socket, deviceInfo);
2015-07-05 14:23:53 +01:00
// We don't delete the socket because now it's owned by the LanDeviceLink
delete m_receivedIdentityPackets.take(socket).np;
2015-07-05 14:23:53 +01:00
}
void LanLinkProvider::sslErrors(const QList<QSslError> &errors)
2015-07-05 14:23:53 +01:00
{
QSslSocket *socket = qobject_cast<QSslSocket *>(sender());
if (!socket)
return;
bool fatal = false;
for (const QSslError &error : errors) {
if (error.error() != QSslError::SelfSignedCertificate) {
qCCritical(KDECONNECT_CORE) << "Disconnecting due to fatal SSL Error: " << error;
fatal = true;
} else {
qCDebug(KDECONNECT_CORE) << "Ignoring self-signed cert error";
}
}
if (fatal) {
socket->disconnectFromHost();
delete m_receivedIdentityPackets.take(socket).np;
}
2015-07-05 14:23:53 +01:00
}
// I'm the new device and this is the answer to my UDP identity packet (no data received yet). They are connecting to us through TCP, and they should send an
// identity.
2015-07-09 23:27:27 +01:00
void LanLinkProvider::newConnection()
2013-08-07 10:29:56 +01:00
{
qCDebug(KDECONNECT_CORE) << "LanLinkProvider newConnection";
2013-08-07 10:29:56 +01:00
while (m_server->hasPendingConnections()) {
QSslSocket *socket = m_server->nextPendingConnection();
2015-07-09 23:27:27 +01:00
configureSocket(socket);
// This socket is still managed by us (and child of the QTcpServer), if
// it disconnects before we manage to pass it to a LanDeviceLink, it's
// our responsibility to delete it. We do so with this connection.
connect(socket, &QAbstractSocket::disconnected, socket, &QObject::deleteLater);
connect(socket, &QIODevice::readyRead, this, &LanLinkProvider::dataReceived);
QTimer *timer = new QTimer(socket);
timer->setSingleShot(true);
timer->setInterval(1000);
connect(socket, &QSslSocket::encrypted, timer, &QObject::deleteLater);
connect(timer, &QTimer::timeout, socket, [socket] {
qCWarning(KDECONNECT_CORE) << "LanLinkProvider/newConnection: Host timed out without sending any identity." << socket->peerAddress();
socket->disconnectFromHost();
});
timer->start();
2015-07-09 23:27:27 +01:00
}
2013-08-07 10:29:56 +01:00
}
// I'm the new device and this is the TCP response to my UDP identity packet
2013-08-28 22:47:39 +01:00
void LanLinkProvider::dataReceived()
2013-08-07 10:29:56 +01:00
{
QSslSocket *socket = qobject_cast<QSslSocket *>(sender());
// the size here is arbitrary and is now at 8192 bytes. It needs to be considerably long as it includes the capabilities but there needs to be a limit
// Tested between my systems and I get around 2000 per identity package.
if (socket->bytesAvailable() > 8192) {
qCWarning(KDECONNECT_CORE) << "LanLinkProvider/newConnection: Suspiciously long identity package received. Closing connection." << socket->peerAddress()
<< socket->bytesAvailable();
socket->disconnectFromHost();
return;
}
if (!socket->canReadLine()) {
// This can happen if the packet is large enough to be split in two chunks
return;
}
2013-08-07 10:29:56 +01:00
const QByteArray data = socket->readLine();
2013-08-07 10:29:56 +01:00
qCDebug(KDECONNECT_CORE) << "LanLinkProvider received reply:" << data;
2013-08-07 10:29:56 +01:00
NetworkPacket *np = new NetworkPacket();
bool success = NetworkPacket::unserialize(data, np);
2015-07-13 15:25:22 +01:00
if (!success) {
delete np;
return;
}
2016-06-02 11:17:07 +01:00
if (np->type() != PACKET_TYPE_IDENTITY) {
2016-06-02 11:17:07 +01:00
qCWarning(KDECONNECT_CORE) << "LanLinkProvider/newConnection: Expected identity, received " << np->type();
delete np;
return;
}
2013-08-07 10:29:56 +01:00
if (m_receivedIdentityPackets.size() > MAX_REMEMBERED_IDENTITY_PACKETS) {
qCWarning(KDECONNECT_CORE) << "Too many remembered identities, ignoring" << np->get<QString>(QStringLiteral("deviceId")) << "received via TCP";
delete np;
return;
}
2019-05-04 14:10:27 +01:00
// Needed in "encrypted" if ssl is used, similar to "tcpSocketConnected"
m_receivedIdentityPackets[socket].np = np;
2015-07-14 13:04:04 +01:00
const QString &deviceId = np->get<QString>(QStringLiteral("deviceId"));
// qCDebug(KDECONNECT_CORE) << "Handshaking done (i'm the new device)";
// This socket will now be owned by the LanDeviceLink or we don't want more data to be received, forget about it
2016-11-26 14:12:38 +00:00
disconnect(socket, &QIODevice::readyRead, this, &LanLinkProvider::dataReceived);
bool isDeviceTrusted = KdeConnectConfig::instance().trustedDevices().contains(deviceId);
configureSslSocket(socket, deviceId, isDeviceTrusted);
2013-08-07 10:29:56 +01:00
qCDebug(KDECONNECT_CORE) << "Starting client ssl (but I'm the server TCP socket)";
connect(socket, &QSslSocket::encrypted, this, &LanLinkProvider::encrypted);
if (isDeviceTrusted) {
connect(socket, QOverload<const QList<QSslError> &>::of(&QSslSocket::sslErrors), this, &LanLinkProvider::sslErrors);
2015-07-05 14:23:53 +01:00
}
socket->startClientEncryption();
2013-08-07 10:29:56 +01:00
}
void LanLinkProvider::onLinkDestroyed(const QString &deviceId, DeviceLink *oldPtr)
2013-08-07 10:29:56 +01:00
{
qCDebug(KDECONNECT_CORE) << "LanLinkProvider deviceLinkDestroyed" << deviceId;
DeviceLink *link = m_links.take(deviceId);
Q_ASSERT(link == oldPtr);
2013-08-07 10:29:56 +01:00
}
void LanLinkProvider::configureSslSocket(QSslSocket *socket, const QString &deviceId, bool isDeviceTrusted)
2013-08-07 10:29:56 +01:00
{
2015-07-05 14:23:53 +01:00
// Configure for ssl
QSslConfiguration sslConfig;
sslConfig.setLocalCertificate(KdeConnectConfig::instance().certificate());
QFile privateKeyFile(KdeConnectConfig::instance().privateKeyPath());
QSslKey privateKey;
if (privateKeyFile.open(QIODevice::ReadOnly)) {
privateKey = QSslKey(privateKeyFile.readAll(), QSsl::Rsa);
}
privateKeyFile.close();
sslConfig.setPrivateKey(privateKey);
if (isDeviceTrusted) {
QSslCertificate certificate = KdeConnectConfig::instance().getTrustedDeviceCertificate(deviceId);
sslConfig.setCaCertificates({certificate});
sslConfig.setPeerVerifyMode(QSslSocket::VerifyPeer);
} else {
sslConfig.setPeerVerifyMode(QSslSocket::QueryPeer);
}
socket->setSslConfiguration(sslConfig);
socket->setPeerVerifyName(deviceId);
// Usually SSL errors are only bad for trusted devices. Uncomment this section to log errors in any case, for debugging.
// QObject::connect(socket, static_cast<void (QSslSocket::*)(const QList<QSslError>&)>(&QSslSocket::sslErrors), [](const QList<QSslError>& errors)
2016-07-12 11:49:21 +01:00
//{
// Q_FOREACH (const QSslError& error, errors) {
// qCDebug(KDECONNECT_CORE) << "SSL Error:" << error.errorString();
// }
// });
}
void LanLinkProvider::configureSocket(QSslSocket *socket)
{
socket->setProxy(QNetworkProxy::NoProxy);
2016-06-09 01:36:02 +01:00
socket->setSocketOption(QAbstractSocket::KeepAliveOption, QVariant(1));
#ifdef TCP_KEEPIDLE
// time to start sending keepalive packets (seconds)
int maxIdle = 10;
setsockopt(socket->socketDescriptor(), IPPROTO_TCP, TCP_KEEPIDLE, &maxIdle, sizeof(maxIdle));
#endif
#ifdef TCP_KEEPINTVL
// interval between keepalive packets after the initial period (seconds)
int interval = 5;
setsockopt(socket->socketDescriptor(), IPPROTO_TCP, TCP_KEEPINTVL, &interval, sizeof(interval));
#endif
#ifdef TCP_KEEPCNT
// number of missed keepalive packets before disconnecting
int count = 3;
setsockopt(socket->socketDescriptor(), IPPROTO_TCP, TCP_KEEPCNT, &count, sizeof(count));
#endif
#if defined(Q_OS_WIN)
int maxIdle = 5 * 60 * 1000; // 5 minutes of idle before sending keep-alives
int interval = 5 * 1000; // 5 seconds interval between probes after 5 minute delay
DWORD nop;
// see https://learn.microsoft.com/en-us/windows/win32/winsock/sio-keepalive-vals
struct tcp_keepalive keepalive = {
1 /* true */,
maxIdle,
interval
};
int rv = WSAIoctl(socket->socketDescriptor(), SIO_KEEPALIVE_VALS, &keepalive,
sizeof(keepalive), nullptr, 0, &nop,
nullptr, nullptr);
if (!rv) {
int error = WSAGetLastError();
qCDebug(KDECONNECT_CORE) << "Could not enable TCP Keep-Alive: " << error;
}
#endif
2013-08-07 10:29:56 +01:00
}
2015-07-05 14:23:53 +01:00
void LanLinkProvider::addLink(QSslSocket *socket, const DeviceInfo &deviceInfo)
2015-11-30 18:36:01 +00:00
{
QString certDeviceId = socket->peerCertificate().subjectDisplayName();
if (deviceInfo.id != certDeviceId) {
socket->disconnectFromHost();
qCWarning(KDECONNECT_CORE) << "DeviceID in cert doesn't match deviceID in identity packet. " << deviceInfo.id << " vs " << certDeviceId;
return;
}
// Socket disconnection will now be handled by LanDeviceLink
2016-11-26 14:12:38 +00:00
disconnect(socket, &QAbstractSocket::disconnected, socket, &QObject::deleteLater);
LanDeviceLink *deviceLink;
// Do we have a link for this device already?
QMap<QString, LanDeviceLink *>::iterator linkIterator = m_links.find(deviceInfo.id);
if (linkIterator != m_links.end()) {
deviceLink = linkIterator.value();
if (deviceLink->deviceInfo().certificate != deviceInfo.certificate) {
qWarning() << "LanLink was asked to replace a socket but the certificate doesn't match, aborting";
return;
}
// qCDebug(KDECONNECT_CORE) << "Reusing link to" << deviceId;
deviceLink->reset(socket);
} else {
deviceLink = new LanDeviceLink(deviceInfo, this, socket);
// Socket disconnection will now be handled by LanDeviceLink
disconnect(socket, &QAbstractSocket::disconnected, socket, &QObject::deleteLater);
bool isDeviceTrusted = KdeConnectConfig::instance().trustedDevices().contains(deviceInfo.id);
if (!isDeviceTrusted && m_links.size() > MAX_UNPAIRED_CONNECTIONS) {
qCWarning(KDECONNECT_CORE) << "Too many unpaired devices to remember them all. Ignoring " << deviceInfo.id;
socket->disconnectFromHost();
socket->deleteLater();
return;
}
m_links[deviceInfo.id] = deviceLink;
2015-07-05 14:23:53 +01:00
}
Q_EMIT onConnectionReceived(deviceLink);
}