diff --git a/core/backends/lan/landevicelink.cpp b/core/backends/lan/landevicelink.cpp index c728fe0ca..f145382e2 100644 --- a/core/backends/lan/landevicelink.cpp +++ b/core/backends/lan/landevicelink.cpp @@ -57,9 +57,14 @@ void LanDeviceLink::setOnSsl(bool value) { bool LanDeviceLink::sendPackageEncrypted(QCA::PublicKey& key, NetworkPackage& np) { if (np.hasPayload()) { - UploadJob* job = new UploadJob(np.payload()); - job->start(); - np.setPayloadTransferInfo(job->getTransferInfo()); + QVariantMap sslInfo; + if (onSsl) { + sslInfo.insert("useSsl", true); + sslInfo.insert("deviceId", deviceId()); + } + UploadJob* job = new UploadJob(np.payload(), sslInfo); + job->start(); + np.setPayloadTransferInfo(job->getTransferInfo()); } if (!onSsl) { @@ -77,9 +82,14 @@ bool LanDeviceLink::sendPackageEncrypted(QCA::PublicKey& key, NetworkPackage& np bool LanDeviceLink::sendPackage(NetworkPackage& np) { if (np.hasPayload()) { - UploadJob* job = new UploadJob(np.payload()); - job->start(); - np.setPayloadTransferInfo(job->getTransferInfo()); + QVariantMap sslInfo; + if (onSsl) { + sslInfo.insert("useSsl", true); + sslInfo.insert("deviceId", deviceId()); + } + UploadJob* job = new UploadJob(np.payload(), sslInfo); + job->start(); + np.setPayloadTransferInfo(job->getTransferInfo()); } int written = mSocketLineReader->write(np.serialize()); diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp index f7c8fb068..6f0b33e51 100644 --- a/core/backends/lan/lanlinkprovider.cpp +++ b/core/backends/lan/lanlinkprovider.cpp @@ -204,8 +204,7 @@ void LanLinkProvider::connected() bool isDeviceTrusted = KdeConnectConfig::instance()->trustedDevices().contains(deviceId); - //TODO : Change it too device id from received package, also correct it on Android side - socket->setPeerVerifyName("Vineet Garg"); + socket->setPeerVerifyName(receivedPackage->get("deviceId")); if (isDeviceTrusted) { qDebug() << "Device trusted"; @@ -340,8 +339,7 @@ void LanLinkProvider::dataReceived() bool isDeviceTrusted = KdeConnectConfig::instance()->trustedDevices().contains(deviceId); - // TODO : Change it to device id of remote device, correct it on Android side too, certificate name is not set there - socket->setPeerVerifyName("Vineet Garg"); + socket->setPeerVerifyName(np->get("deviceId")); if (isDeviceTrusted) { qDebug() << "Device trusted"; diff --git a/core/backends/lan/uploadjob.cpp b/core/backends/lan/uploadjob.cpp index b0d35fcec..6accc7fa6 100644 --- a/core/backends/lan/uploadjob.cpp +++ b/core/backends/lan/uploadjob.cpp @@ -20,17 +20,21 @@ #include #include +#include #include "uploadjob.h" #include "core_debug.h" -UploadJob::UploadJob(const QSharedPointer& source): KJob() +UploadJob::UploadJob(const QSharedPointer& source, QVariantMap sslInfo): KJob() { mInput = source; - mServer = new QTcpServer(this); + mServer = new Server(this); mSocket = 0; mPort = 0; + // We will use this info if link is on ssl, to send encrypted payload + this->sslInfo = sslInfo; + connect(mInput.data(), SIGNAL(readyRead()), this, SLOT(readyRead())); connect(mInput.data(), SIGNAL(aboutToClose()), this, SLOT(aboutToClose())); } @@ -46,27 +50,33 @@ void UploadJob::start() return; } } - connect(mServer, SIGNAL(newConnection()), this, SLOT(newConnection())); + connect(mServer, SIGNAL(newConnection(QSslSocket*)), this, SLOT(newConnection(QSslSocket*))); } -void UploadJob::newConnection() +void UploadJob::newConnection(QSslSocket* socket) { - - if (mSocket || !mServer->hasPendingConnections()) return; - if (!mInput->open(QIODevice::ReadOnly)) { qWarning() << "error when opening the input to upload"; return; //TODO: Handle error, clean up... } - mSocket = mServer->nextPendingConnection(); + mSocket = socket; + + if (sslInfo.value("useSsl", false).toBool()) { + mSocket->setLocalCertificate(KdeConnectConfig::instance()->certificate()); + mSocket->setPrivateKey(KdeConnectConfig::instance()->privateKeyPath()); + mSocket->setProtocol(QSsl::TlsV1_2); + mSocket->setPeerVerifyName(sslInfo.value("deviceId").toString()); + mSocket->addCaCertificate(QSslCertificate(KdeConnectConfig::instance()->getTrustedDevice(sslInfo.value("deviceId").toString()).certificate.toLatin1())); + mSocket->startServerEncryption(); + mSocket->waitForEncrypted(); + } + readyRead(); } void UploadJob::readyRead() { - //TODO: Implement payload encryption - while ( mInput->bytesAvailable() > 0 ) { qint64 bytes = qMin(mInput->bytesAvailable(), (qint64)4096); diff --git a/core/backends/lan/uploadjob.h b/core/backends/lan/uploadjob.h index 12b6f7e67..e7fd833d4 100644 --- a/core/backends/lan/uploadjob.h +++ b/core/backends/lan/uploadjob.h @@ -25,28 +25,29 @@ #include #include -#include -#include #include +#include +#include "server.h" class UploadJob : public KJob { Q_OBJECT public: - UploadJob(const QSharedPointer& source); + UploadJob(const QSharedPointer& source, QVariantMap sslInfo); virtual void start(); QVariantMap getTransferInfo(); private: QSharedPointer mInput; - QTcpServer* mServer; - QTcpSocket* mSocket; + Server* mServer; + QSslSocket* mSocket; quint16 mPort; + QVariantMap sslInfo; private Q_SLOTS: void readyRead(); - void newConnection(); + void newConnection(QSslSocket*); void aboutToClose(); };