2015-03-02 04:16:07 +00:00
|
|
|
/**
|
|
|
|
* Copyright 2015 Albert Vaca <albertvaka@gmail.com>
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License as
|
|
|
|
* published by the Free Software Foundation; either version 2 of
|
|
|
|
* the License or (at your option) version 3 or any later version
|
|
|
|
* accepted by the membership of KDE e.V. (or its successor approved
|
|
|
|
* by the membership of KDE e.V.), which shall act as a proxy
|
|
|
|
* defined in Section 14 of version 3 of the license.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2019-03-23 16:29:26 +00:00
|
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
2015-03-02 04:16:07 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include "kdeconnectconfig.h"
|
|
|
|
|
2015-03-09 05:17:54 +00:00
|
|
|
#include <KLocalizedString>
|
2015-03-02 04:16:07 +00:00
|
|
|
|
|
|
|
#include <QFile>
|
|
|
|
#include <QDebug>
|
|
|
|
#include <QFileInfo>
|
|
|
|
#include <QUuid>
|
|
|
|
#include <QDir>
|
|
|
|
#include <QStandardPaths>
|
2015-03-04 21:29:04 +00:00
|
|
|
#include <QCoreApplication>
|
2015-03-02 04:16:07 +00:00
|
|
|
#include <QHostInfo>
|
2015-03-16 02:20:24 +00:00
|
|
|
#include <QSettings>
|
2015-07-14 13:04:04 +01:00
|
|
|
#include <QSslCertificate>
|
2015-11-30 18:36:01 +00:00
|
|
|
#include <QtCrypto>
|
2015-03-02 04:16:07 +00:00
|
|
|
|
|
|
|
#include "core_debug.h"
|
|
|
|
#include "dbushelper.h"
|
2015-03-24 11:26:37 +00:00
|
|
|
#include "daemon.h"
|
2015-03-02 04:16:07 +00:00
|
|
|
|
2019-03-11 12:37:15 +00:00
|
|
|
const QFile::Permissions strictPermissions = QFile::ReadOwner | QFile::WriteOwner | QFile::ReadUser | QFile::WriteUser;
|
|
|
|
|
2015-03-02 04:16:07 +00:00
|
|
|
struct KdeConnectConfigPrivate {
|
|
|
|
|
|
|
|
// The Initializer object sets things up, and also does cleanup when it goes out of scope
|
2015-07-05 14:23:53 +01:00
|
|
|
// Note it's not being used anywhere. That's intended
|
2017-09-03 20:39:44 +01:00
|
|
|
QCA::Initializer m_qcaInitializer;
|
2015-03-02 04:16:07 +00:00
|
|
|
|
2017-09-03 20:39:44 +01:00
|
|
|
QCA::PrivateKey m_privateKey;
|
|
|
|
QSslCertificate m_certificate; // Use QSslCertificate instead of QCA::Certificate due to compatibility with QSslSocket
|
2015-03-02 04:16:07 +00:00
|
|
|
|
2017-09-03 20:39:44 +01:00
|
|
|
QSettings* m_config;
|
|
|
|
QSettings* m_trustedDevices;
|
2015-03-02 04:16:07 +00:00
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
KdeConnectConfig* KdeConnectConfig::instance()
|
|
|
|
{
|
|
|
|
static KdeConnectConfig* kcc = new KdeConnectConfig();
|
|
|
|
return kcc;
|
|
|
|
}
|
|
|
|
|
|
|
|
KdeConnectConfig::KdeConnectConfig()
|
2015-03-09 05:17:54 +00:00
|
|
|
: d(new KdeConnectConfigPrivate)
|
|
|
|
{
|
2015-03-02 04:16:07 +00:00
|
|
|
//qCDebug(KDECONNECT_CORE) << "QCA supported capabilities:" << QCA::supportedFeatures().join(",");
|
|
|
|
if(!QCA::isSupported("rsa")) {
|
2016-11-24 14:11:30 +00:00
|
|
|
qCritical() << "Could not find support for RSA in your QCA installation";
|
2015-03-24 11:26:37 +00:00
|
|
|
Daemon::instance()->reportError(
|
|
|
|
i18n("KDE Connect failed to start"),
|
2015-03-25 17:46:29 +00:00
|
|
|
i18n("Could not find support for RSA in your QCA installation. If your "
|
2018-03-04 19:48:51 +00:00
|
|
|
"distribution provides separate packets for QCA-ossl and QCA-gnupg, "
|
2015-03-09 05:17:54 +00:00
|
|
|
"make sure you have them installed and try again."));
|
2015-03-02 04:16:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
//Make sure base directory exists
|
|
|
|
QDir().mkpath(baseConfigDir().path());
|
|
|
|
|
|
|
|
//.config/kdeconnect/config
|
2017-09-03 20:39:44 +01:00
|
|
|
d->m_config = new QSettings(baseConfigDir().absoluteFilePath(QStringLiteral("config")), QSettings::IniFormat);
|
|
|
|
d->m_trustedDevices = new QSettings(baseConfigDir().absoluteFilePath(QStringLiteral("trusted_devices")), QSettings::IniFormat);
|
2015-03-02 04:16:07 +00:00
|
|
|
|
2018-12-25 00:33:08 +00:00
|
|
|
loadPrivateKey();
|
|
|
|
loadCertificate();
|
2015-03-02 04:16:07 +00:00
|
|
|
}
|
|
|
|
|
2015-03-16 02:20:24 +00:00
|
|
|
QString KdeConnectConfig::name()
|
|
|
|
{
|
2018-11-20 20:49:46 +00:00
|
|
|
QString username;
|
|
|
|
#ifdef Q_OS_WIN
|
2019-06-10 15:40:28 +01:00
|
|
|
username = QString::fromLatin1(qgetenv("USERNAME"));
|
2018-11-20 20:49:46 +00:00
|
|
|
#else
|
2019-06-10 15:40:28 +01:00
|
|
|
username = QString::fromLatin1(qgetenv("USER"));
|
2018-11-20 20:49:46 +00:00
|
|
|
#endif
|
2019-06-10 15:40:28 +01:00
|
|
|
QString defaultName = username + QStringLiteral("@") + QHostInfo::localHostName();
|
2017-09-03 20:39:44 +01:00
|
|
|
QString name = d->m_config->value(QStringLiteral("name"), defaultName).toString();
|
2015-03-02 04:16:07 +00:00
|
|
|
return name;
|
|
|
|
}
|
|
|
|
|
2016-11-26 15:09:40 +00:00
|
|
|
void KdeConnectConfig::setName(const QString& name)
|
2015-03-02 04:16:07 +00:00
|
|
|
{
|
2017-09-03 20:39:44 +01:00
|
|
|
d->m_config->setValue(QStringLiteral("name"), name);
|
|
|
|
d->m_config->sync();
|
2015-03-02 04:16:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
QString KdeConnectConfig::deviceType()
|
|
|
|
{
|
2016-11-26 14:38:08 +00:00
|
|
|
return QStringLiteral("desktop"); // TODO
|
2015-03-02 04:16:07 +00:00
|
|
|
}
|
|
|
|
|
2015-03-16 02:20:24 +00:00
|
|
|
QString KdeConnectConfig::deviceId()
|
|
|
|
{
|
2018-12-25 00:52:16 +00:00
|
|
|
return d->m_certificate.subjectInfo(QSslCertificate::CommonName).constFirst();
|
2015-03-02 04:16:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
QString KdeConnectConfig::privateKeyPath()
|
|
|
|
{
|
2016-11-26 14:38:08 +00:00
|
|
|
return baseConfigDir().absoluteFilePath(QStringLiteral("privateKey.pem"));
|
2015-03-02 04:16:07 +00:00
|
|
|
}
|
|
|
|
|
2015-07-05 14:23:53 +01:00
|
|
|
QString KdeConnectConfig::certificatePath()
|
|
|
|
{
|
2016-11-26 14:38:08 +00:00
|
|
|
return baseConfigDir().absoluteFilePath(QStringLiteral("certificate.pem"));
|
2015-07-05 14:23:53 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
QSslCertificate KdeConnectConfig::certificate()
|
|
|
|
{
|
2017-09-03 20:39:44 +01:00
|
|
|
return d->m_certificate;
|
2015-07-05 14:23:53 +01:00
|
|
|
}
|
|
|
|
|
2015-03-02 04:16:07 +00:00
|
|
|
QDir KdeConnectConfig::baseConfigDir()
|
|
|
|
{
|
|
|
|
QString configPath = QStandardPaths::writableLocation(QStandardPaths::ConfigLocation);
|
2016-11-26 14:38:08 +00:00
|
|
|
QString kdeconnectConfigPath = QDir(configPath).absoluteFilePath(QStringLiteral("kdeconnect"));
|
2015-03-02 04:16:07 +00:00
|
|
|
return QDir(kdeconnectConfigPath);
|
|
|
|
}
|
|
|
|
|
|
|
|
QStringList KdeConnectConfig::trustedDevices()
|
|
|
|
{
|
2017-09-03 20:39:44 +01:00
|
|
|
const QStringList& list = d->m_trustedDevices->childGroups();
|
2015-03-02 04:16:07 +00:00
|
|
|
return list;
|
|
|
|
}
|
|
|
|
|
2015-11-30 11:40:07 +00:00
|
|
|
|
2017-09-03 20:39:44 +01:00
|
|
|
void KdeConnectConfig::addTrustedDevice(const QString& id, const QString& name, const QString& type)
|
2015-03-02 04:16:07 +00:00
|
|
|
{
|
2017-09-03 20:39:44 +01:00
|
|
|
d->m_trustedDevices->beginGroup(id);
|
|
|
|
d->m_trustedDevices->setValue(QStringLiteral("name"), name);
|
|
|
|
d->m_trustedDevices->setValue(QStringLiteral("type"), type);
|
|
|
|
d->m_trustedDevices->endGroup();
|
|
|
|
d->m_trustedDevices->sync();
|
2015-03-02 04:16:07 +00:00
|
|
|
|
|
|
|
QDir().mkpath(deviceConfigDir(id).path());
|
|
|
|
}
|
|
|
|
|
2017-09-03 20:39:44 +01:00
|
|
|
KdeConnectConfig::DeviceInfo KdeConnectConfig::getTrustedDevice(const QString& id)
|
2015-03-02 04:16:07 +00:00
|
|
|
{
|
2017-09-03 20:39:44 +01:00
|
|
|
d->m_trustedDevices->beginGroup(id);
|
2015-03-02 04:16:07 +00:00
|
|
|
|
|
|
|
KdeConnectConfig::DeviceInfo info;
|
2017-09-03 20:39:44 +01:00
|
|
|
info.deviceName = d->m_trustedDevices->value(QStringLiteral("name"), QLatin1String("unnamed")).toString();
|
|
|
|
info.deviceType = d->m_trustedDevices->value(QStringLiteral("type"), QLatin1String("unknown")).toString();
|
2015-03-02 04:16:07 +00:00
|
|
|
|
2017-09-03 20:39:44 +01:00
|
|
|
d->m_trustedDevices->endGroup();
|
2015-03-02 04:16:07 +00:00
|
|
|
return info;
|
|
|
|
}
|
|
|
|
|
2017-09-03 20:39:44 +01:00
|
|
|
void KdeConnectConfig::removeTrustedDevice(const QString& deviceId)
|
2015-03-02 04:16:07 +00:00
|
|
|
{
|
2017-09-03 20:39:44 +01:00
|
|
|
d->m_trustedDevices->remove(deviceId);
|
|
|
|
d->m_trustedDevices->sync();
|
2015-03-14 04:19:39 +00:00
|
|
|
//We do not remove the config files.
|
2015-03-02 04:16:07 +00:00
|
|
|
}
|
|
|
|
|
2015-07-05 14:23:53 +01:00
|
|
|
// Utility functions to set and get a value
|
2016-11-26 15:09:40 +00:00
|
|
|
void KdeConnectConfig::setDeviceProperty(const QString& deviceId, const QString& key, const QString& value)
|
2015-07-05 14:23:53 +01:00
|
|
|
{
|
2017-09-03 20:39:44 +01:00
|
|
|
d->m_trustedDevices->beginGroup(deviceId);
|
|
|
|
d->m_trustedDevices->setValue(key, value);
|
|
|
|
d->m_trustedDevices->endGroup();
|
|
|
|
d->m_trustedDevices->sync();
|
2015-07-05 14:23:53 +01:00
|
|
|
}
|
|
|
|
|
2016-11-26 15:09:40 +00:00
|
|
|
QString KdeConnectConfig::getDeviceProperty(const QString& deviceId, const QString& key, const QString& defaultValue)
|
2015-07-05 14:23:53 +01:00
|
|
|
{
|
|
|
|
QString value;
|
2017-09-03 20:39:44 +01:00
|
|
|
d->m_trustedDevices->beginGroup(deviceId);
|
|
|
|
value = d->m_trustedDevices->value(key, defaultValue).toString();
|
|
|
|
d->m_trustedDevices->endGroup();
|
2015-07-05 14:23:53 +01:00
|
|
|
return value;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2017-09-03 20:39:44 +01:00
|
|
|
QDir KdeConnectConfig::deviceConfigDir(const QString& deviceId)
|
2015-03-02 04:16:07 +00:00
|
|
|
{
|
|
|
|
QString deviceConfigPath = baseConfigDir().absoluteFilePath(deviceId);
|
|
|
|
return QDir(deviceConfigPath);
|
|
|
|
}
|
2015-03-14 04:19:39 +00:00
|
|
|
|
2017-09-03 20:39:44 +01:00
|
|
|
QDir KdeConnectConfig::pluginConfigDir(const QString& deviceId, const QString& pluginName)
|
2015-03-14 04:19:39 +00:00
|
|
|
{
|
|
|
|
QString deviceConfigPath = baseConfigDir().absoluteFilePath(deviceId);
|
|
|
|
QString pluginConfigDir = QDir(deviceConfigPath).absoluteFilePath(pluginName);
|
|
|
|
return QDir(pluginConfigDir);
|
|
|
|
}
|
|
|
|
|
2018-12-25 00:33:08 +00:00
|
|
|
void KdeConnectConfig::loadPrivateKey()
|
|
|
|
{
|
|
|
|
QString keyPath = privateKeyPath();
|
|
|
|
QFile privKey(keyPath);
|
|
|
|
|
2019-03-11 12:37:15 +00:00
|
|
|
bool needsToGenerateKey = false;
|
2019-05-08 22:06:29 +01:00
|
|
|
if (privKey.exists() && privKey.open(QIODevice::ReadOnly)) {
|
2019-03-11 12:37:15 +00:00
|
|
|
QCA::ConvertResult result;
|
2019-06-10 15:40:28 +01:00
|
|
|
d->m_privateKey = QCA::PrivateKey::fromPEM(QString::fromLatin1(privKey.readAll()), QCA::SecureArray(), &result);
|
2019-03-11 12:37:15 +00:00
|
|
|
if (result != QCA::ConvertResult::ConvertGood) {
|
2019-05-08 22:06:29 +01:00
|
|
|
qCWarning(KDECONNECT_CORE) << "Private key from" << keyPath << "is not valid";
|
2019-03-11 12:37:15 +00:00
|
|
|
needsToGenerateKey = true;
|
|
|
|
}
|
2018-12-25 00:33:08 +00:00
|
|
|
} else {
|
2019-03-11 12:37:15 +00:00
|
|
|
needsToGenerateKey = true;
|
|
|
|
}
|
2018-12-25 00:33:08 +00:00
|
|
|
|
2019-03-11 12:37:15 +00:00
|
|
|
if (needsToGenerateKey) {
|
|
|
|
generatePrivateKey(keyPath);
|
2018-12-25 00:33:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
//Extra security check
|
2019-03-11 12:37:15 +00:00
|
|
|
if (QFile::permissions(keyPath) != strictPermissions) {
|
2018-12-25 00:33:08 +00:00
|
|
|
qCWarning(KDECONNECT_CORE) << "Warning: KDE Connect private key file has too open permissions " << keyPath;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-03-11 12:37:15 +00:00
|
|
|
void KdeConnectConfig::loadCertificate()
|
|
|
|
{
|
|
|
|
QString certPath = certificatePath();
|
|
|
|
QFile cert(certPath);
|
2018-12-25 00:33:08 +00:00
|
|
|
|
2019-03-11 12:37:15 +00:00
|
|
|
bool needsToGenerateCert = false;
|
2019-05-08 22:06:29 +01:00
|
|
|
if (cert.exists() && cert.open(QIODevice::ReadOnly)) {
|
2019-03-11 12:37:15 +00:00
|
|
|
auto loadedCerts = QSslCertificate::fromPath(certPath);
|
|
|
|
if (loadedCerts.empty()) {
|
2019-05-08 22:06:29 +01:00
|
|
|
qCWarning(KDECONNECT_CORE) << "Certificate from" << certPath << "is not valid";
|
2019-03-11 12:37:15 +00:00
|
|
|
needsToGenerateCert = true;
|
|
|
|
} else {
|
|
|
|
d->m_certificate = loadedCerts.at(0);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
needsToGenerateCert = true;
|
|
|
|
}
|
2018-12-25 00:33:08 +00:00
|
|
|
|
2019-03-11 12:37:15 +00:00
|
|
|
if (needsToGenerateCert) {
|
|
|
|
generateCertificate(certPath);
|
|
|
|
}
|
2015-07-19 15:55:28 +01:00
|
|
|
|
2019-03-11 12:37:15 +00:00
|
|
|
//Extra security check
|
|
|
|
if (QFile::permissions(certPath) != strictPermissions) {
|
|
|
|
qCWarning(KDECONNECT_CORE) << "Warning: KDE Connect certificate file has too open permissions " << certPath;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-05-08 22:06:29 +01:00
|
|
|
void KdeConnectConfig::generatePrivateKey(const QString& keyPath)
|
|
|
|
{
|
|
|
|
qCDebug(KDECONNECT_CORE) << "Generating private key";
|
|
|
|
|
|
|
|
bool error = false;
|
|
|
|
|
|
|
|
d->m_privateKey = QCA::KeyGenerator().createRSA(2048);
|
|
|
|
|
|
|
|
QFile privKey(keyPath);
|
|
|
|
if (!privKey.open(QIODevice::ReadWrite | QIODevice::Truncate)) {
|
|
|
|
error = true;
|
|
|
|
} else {
|
|
|
|
privKey.setPermissions(strictPermissions);
|
|
|
|
int written = privKey.write(d->m_privateKey.toPEM().toLatin1());
|
|
|
|
if (written <= 0) {
|
|
|
|
error = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (error) {
|
|
|
|
Daemon::instance()->reportError(QStringLiteral("KDE Connect"), i18n("Could not store private key file: %1", keyPath));
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2019-03-11 12:37:15 +00:00
|
|
|
void KdeConnectConfig::generateCertificate(const QString& certPath)
|
|
|
|
{
|
2019-05-08 22:06:29 +01:00
|
|
|
qCDebug(KDECONNECT_CORE) << "Generating certificate";
|
|
|
|
|
2019-03-11 12:37:15 +00:00
|
|
|
bool error = false;
|
|
|
|
|
|
|
|
QString uuid = QUuid::createUuid().toString();
|
|
|
|
DbusHelper::filterNonExportableCharacters(uuid);
|
|
|
|
qCDebug(KDECONNECT_CORE) << "My id:" << uuid;
|
|
|
|
|
|
|
|
// FIXME: We only use QCA here to generate the cert and key, would be nice to get rid of it completely.
|
|
|
|
// The same thing we are doing with QCA could be done invoking openssl (although it's potentially less portable):
|
|
|
|
// openssl req -new -x509 -sha256 -newkey rsa:2048 -nodes -keyout privateKey.pem -days 3650 -out certificate.pem -subj "/O=KDE/OU=KDE Connect/CN=_e6e29ad4_2b31_4b6d_8f7a_9872dbaa9095_"
|
|
|
|
|
|
|
|
QCA::CertificateOptions certificateOptions = QCA::CertificateOptions();
|
|
|
|
QDateTime startTime = QDateTime::currentDateTime().addYears(-1);
|
|
|
|
QDateTime endTime = startTime.addYears(10);
|
|
|
|
QCA::CertificateInfo certificateInfo;
|
|
|
|
certificateInfo.insert(QCA::CommonName, uuid);
|
|
|
|
certificateInfo.insert(QCA::Organization,QStringLiteral("KDE"));
|
|
|
|
certificateInfo.insert(QCA::OrganizationalUnit,QStringLiteral("Kde connect"));
|
|
|
|
certificateOptions.setInfo(certificateInfo);
|
|
|
|
certificateOptions.setFormat(QCA::PKCS10);
|
|
|
|
certificateOptions.setSerialNumber(QCA::BigInteger(10));
|
|
|
|
certificateOptions.setValidityPeriod(startTime, endTime);
|
|
|
|
|
|
|
|
d->m_certificate = QSslCertificate(QCA::Certificate(certificateOptions, d->m_privateKey).toPEM().toLatin1());
|
|
|
|
|
|
|
|
QFile cert(certPath);
|
|
|
|
if (!cert.open(QIODevice::ReadWrite | QIODevice::Truncate)) {
|
|
|
|
error = true;
|
|
|
|
} else {
|
|
|
|
cert.setPermissions(strictPermissions);
|
|
|
|
int written = cert.write(d->m_certificate.toPem());
|
|
|
|
if (written <= 0) {
|
|
|
|
error = true;
|
2018-12-25 00:33:08 +00:00
|
|
|
}
|
|
|
|
}
|
2019-03-11 12:37:15 +00:00
|
|
|
|
|
|
|
if (error) {
|
|
|
|
Daemon::instance()->reportError(QStringLiteral("KDE Connect"), i18n("Could not store certificate file: %1", certPath));
|
|
|
|
}
|
2018-12-25 00:33:08 +00:00
|
|
|
}
|