Added SSL encryption in file upload
DeviceId is used for peerVerifyName
This commit is contained in:
Vineet Garg
parent
8212315700
commit
0c110e4392
4 changed files with 45 additions and 26 deletions
|
|
@ -57,7 +57,12 @@ void LanDeviceLink::setOnSsl(bool value) {
|
||||||
bool LanDeviceLink::sendPackageEncrypted(QCA::PublicKey& key, NetworkPackage& np)
|
bool LanDeviceLink::sendPackageEncrypted(QCA::PublicKey& key, NetworkPackage& np)
|
||||||
{
|
{
|
||||||
if (np.hasPayload()) {
|
if (np.hasPayload()) {
|
||||||
UploadJob* job = new UploadJob(np.payload());
|
QVariantMap sslInfo;
|
||||||
|
if (onSsl) {
|
||||||
|
sslInfo.insert("useSsl", true);
|
||||||
|
sslInfo.insert("deviceId", deviceId());
|
||||||
|
}
|
||||||
|
UploadJob* job = new UploadJob(np.payload(), sslInfo);
|
||||||
job->start();
|
job->start();
|
||||||
np.setPayloadTransferInfo(job->getTransferInfo());
|
np.setPayloadTransferInfo(job->getTransferInfo());
|
||||||
}
|
}
|
||||||
|
|
@ -77,7 +82,12 @@ bool LanDeviceLink::sendPackageEncrypted(QCA::PublicKey& key, NetworkPackage& np
|
||||||
bool LanDeviceLink::sendPackage(NetworkPackage& np)
|
bool LanDeviceLink::sendPackage(NetworkPackage& np)
|
||||||
{
|
{
|
||||||
if (np.hasPayload()) {
|
if (np.hasPayload()) {
|
||||||
UploadJob* job = new UploadJob(np.payload());
|
QVariantMap sslInfo;
|
||||||
|
if (onSsl) {
|
||||||
|
sslInfo.insert("useSsl", true);
|
||||||
|
sslInfo.insert("deviceId", deviceId());
|
||||||
|
}
|
||||||
|
UploadJob* job = new UploadJob(np.payload(), sslInfo);
|
||||||
job->start();
|
job->start();
|
||||||
np.setPayloadTransferInfo(job->getTransferInfo());
|
np.setPayloadTransferInfo(job->getTransferInfo());
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -204,8 +204,7 @@ void LanLinkProvider::connected()
|
||||||
|
|
||||||
bool isDeviceTrusted = KdeConnectConfig::instance()->trustedDevices().contains(deviceId);
|
bool isDeviceTrusted = KdeConnectConfig::instance()->trustedDevices().contains(deviceId);
|
||||||
|
|
||||||
//TODO : Change it too device id from received package, also correct it on Android side
|
socket->setPeerVerifyName(receivedPackage->get<QString>("deviceId"));
|
||||||
socket->setPeerVerifyName("Vineet Garg");
|
|
||||||
|
|
||||||
if (isDeviceTrusted) {
|
if (isDeviceTrusted) {
|
||||||
qDebug() << "Device trusted";
|
qDebug() << "Device trusted";
|
||||||
|
|
@ -340,8 +339,7 @@ void LanLinkProvider::dataReceived()
|
||||||
|
|
||||||
bool isDeviceTrusted = KdeConnectConfig::instance()->trustedDevices().contains(deviceId);
|
bool isDeviceTrusted = KdeConnectConfig::instance()->trustedDevices().contains(deviceId);
|
||||||
|
|
||||||
// TODO : Change it to device id of remote device, correct it on Android side too, certificate name is not set there
|
socket->setPeerVerifyName(np->get<QString>("deviceId"));
|
||||||
socket->setPeerVerifyName("Vineet Garg");
|
|
||||||
|
|
||||||
if (isDeviceTrusted) {
|
if (isDeviceTrusted) {
|
||||||
qDebug() << "Device trusted";
|
qDebug() << "Device trusted";
|
||||||
|
|
|
||||||
|
|
@ -20,17 +20,21 @@
|
||||||
|
|
||||||
#include <qalgorithms.h>
|
#include <qalgorithms.h>
|
||||||
#include <QtGlobal>
|
#include <QtGlobal>
|
||||||
|
#include <kdeconnectconfig.h>
|
||||||
|
|
||||||
#include "uploadjob.h"
|
#include "uploadjob.h"
|
||||||
#include "core_debug.h"
|
#include "core_debug.h"
|
||||||
|
|
||||||
UploadJob::UploadJob(const QSharedPointer<QIODevice>& source): KJob()
|
UploadJob::UploadJob(const QSharedPointer<QIODevice>& source, QVariantMap sslInfo): KJob()
|
||||||
{
|
{
|
||||||
mInput = source;
|
mInput = source;
|
||||||
mServer = new QTcpServer(this);
|
mServer = new Server(this);
|
||||||
mSocket = 0;
|
mSocket = 0;
|
||||||
mPort = 0;
|
mPort = 0;
|
||||||
|
|
||||||
|
// We will use this info if link is on ssl, to send encrypted payload
|
||||||
|
this->sslInfo = sslInfo;
|
||||||
|
|
||||||
connect(mInput.data(), SIGNAL(readyRead()), this, SLOT(readyRead()));
|
connect(mInput.data(), SIGNAL(readyRead()), this, SLOT(readyRead()));
|
||||||
connect(mInput.data(), SIGNAL(aboutToClose()), this, SLOT(aboutToClose()));
|
connect(mInput.data(), SIGNAL(aboutToClose()), this, SLOT(aboutToClose()));
|
||||||
}
|
}
|
||||||
|
|
@ -46,27 +50,33 @@ void UploadJob::start()
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
connect(mServer, SIGNAL(newConnection()), this, SLOT(newConnection()));
|
connect(mServer, SIGNAL(newConnection(QSslSocket*)), this, SLOT(newConnection(QSslSocket*)));
|
||||||
}
|
}
|
||||||
|
|
||||||
void UploadJob::newConnection()
|
void UploadJob::newConnection(QSslSocket* socket)
|
||||||
{
|
{
|
||||||
|
|
||||||
if (mSocket || !mServer->hasPendingConnections()) return;
|
|
||||||
|
|
||||||
if (!mInput->open(QIODevice::ReadOnly)) {
|
if (!mInput->open(QIODevice::ReadOnly)) {
|
||||||
qWarning() << "error when opening the input to upload";
|
qWarning() << "error when opening the input to upload";
|
||||||
return; //TODO: Handle error, clean up...
|
return; //TODO: Handle error, clean up...
|
||||||
}
|
}
|
||||||
|
|
||||||
mSocket = mServer->nextPendingConnection();
|
mSocket = socket;
|
||||||
|
|
||||||
|
if (sslInfo.value("useSsl", false).toBool()) {
|
||||||
|
mSocket->setLocalCertificate(KdeConnectConfig::instance()->certificate());
|
||||||
|
mSocket->setPrivateKey(KdeConnectConfig::instance()->privateKeyPath());
|
||||||
|
mSocket->setProtocol(QSsl::TlsV1_2);
|
||||||
|
mSocket->setPeerVerifyName(sslInfo.value("deviceId").toString());
|
||||||
|
mSocket->addCaCertificate(QSslCertificate(KdeConnectConfig::instance()->getTrustedDevice(sslInfo.value("deviceId").toString()).certificate.toLatin1()));
|
||||||
|
mSocket->startServerEncryption();
|
||||||
|
mSocket->waitForEncrypted();
|
||||||
|
}
|
||||||
|
|
||||||
readyRead();
|
readyRead();
|
||||||
}
|
}
|
||||||
|
|
||||||
void UploadJob::readyRead()
|
void UploadJob::readyRead()
|
||||||
{
|
{
|
||||||
//TODO: Implement payload encryption
|
|
||||||
|
|
||||||
while ( mInput->bytesAvailable() > 0 )
|
while ( mInput->bytesAvailable() > 0 )
|
||||||
{
|
{
|
||||||
qint64 bytes = qMin(mInput->bytesAvailable(), (qint64)4096);
|
qint64 bytes = qMin(mInput->bytesAvailable(), (qint64)4096);
|
||||||
|
|
|
||||||
|
|
@ -25,28 +25,29 @@
|
||||||
|
|
||||||
#include <QIODevice>
|
#include <QIODevice>
|
||||||
#include <QVariantMap>
|
#include <QVariantMap>
|
||||||
#include <QTcpServer>
|
|
||||||
#include <QTcpSocket>
|
|
||||||
#include <QSharedPointer>
|
#include <QSharedPointer>
|
||||||
|
#include <QSslSocket>
|
||||||
|
#include "server.h"
|
||||||
|
|
||||||
class UploadJob
|
class UploadJob
|
||||||
: public KJob
|
: public KJob
|
||||||
{
|
{
|
||||||
Q_OBJECT
|
Q_OBJECT
|
||||||
public:
|
public:
|
||||||
UploadJob(const QSharedPointer<QIODevice>& source);
|
UploadJob(const QSharedPointer<QIODevice>& source, QVariantMap sslInfo);
|
||||||
virtual void start();
|
virtual void start();
|
||||||
QVariantMap getTransferInfo();
|
QVariantMap getTransferInfo();
|
||||||
|
|
||||||
private:
|
private:
|
||||||
QSharedPointer<QIODevice> mInput;
|
QSharedPointer<QIODevice> mInput;
|
||||||
QTcpServer* mServer;
|
Server* mServer;
|
||||||
QTcpSocket* mSocket;
|
QSslSocket* mSocket;
|
||||||
quint16 mPort;
|
quint16 mPort;
|
||||||
|
QVariantMap sslInfo;
|
||||||
|
|
||||||
private Q_SLOTS:
|
private Q_SLOTS:
|
||||||
void readyRead();
|
void readyRead();
|
||||||
void newConnection();
|
void newConnection(QSslSocket*);
|
||||||
void aboutToClose();
|
void aboutToClose();
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue