Commit graph

150 commits

Author SHA1 Message Date
Albert Vaca Cintora
20ede97ec4 Fix format 2023-03-04 23:44:39 +01:00
ValdikSS ValdikSS
bd796836c5 Enable socket Keep-Alive on Windows
Windows does not use setsockopt for keep-alive configuration,
requiring WSAIoctl call.

https://learn.microsoft.com/en-us/windows/win32/winsock/sio-keepalive-vals

BUG: 442790
BUG: 451597
2023-03-04 13:06:55 +00:00
ValdikSS ValdikSS
390a44a901 Really set source IP for broadcast discovery packets on Windows/FreeBSD
This whole code was no-op: it enumerates network interfaces, enumerates
its IP addresses, but does not change the address of broadcast UDP
packet, sending it only via default route/interface.

Bind the socket to IP addresses of the interfaces to fix the issue.

BUG: 459171
2022-10-17 22:21:46 +00:00
Nicolas Fella
a918ffc0cb Add and make use of ECM's clang-format integration 2022-09-11 23:21:58 +00:00
Weixuan Xiao
e468759df4 Send broadcast on each LAN interfaces on FreeBSD
On FreeBSD 12 or later, a new routing strategy is introduced, which
prevents broadcast using 255.255.255.255.
Thus, we need to explicitly send the broadcast to each network 
interfaces.
Here the commit can simply reuse the code for Windows.

Ref: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252596
2022-07-19 10:14:35 +00:00
Weixuan Xiao
fd8b8078de Detect MTU on macOS and FreeBSD to adaptively reduce discovery packet
Detect the MTU on macOS and FreeBSD (which share the network parts of FreeBSD) and adaptively remove the outgoing and incoming capabilities.
The incoming capabilities are usually shorter, fit the size and help initialize the plugin list on the peer. This should fix an empty plugin list when the identity packet is sent by the macOS app.

If the MTU is still too short, both the capabilities need to be removed, which is not likely to happen.
2022-07-11 20:51:18 +00:00
Vladimir Panteleev
b706750af8
Use device ID from client SSL certificate, not UDP packet
Consider the following scenario:

1. We send a UDP broadcast
2. We receive a reply from 192.168.0.1 with device ID "foo"
3. We connect to 192.168.0.1, and find that the device's certificate
   is actually for a different ID "bar". This could be because the
   packet did not actually originate from 192.168.0.1, or this host is
   malicious / malfunctioning.
4. We remember that device ID "foo" has certificate with common name "bar".
5. When we finally attempt to connect to the real device ID "foo", we
   reject their certificate (common name "foo"). We can now never
   successfully connect to "foo".

On some network (mis-)configurations, this completely prevents
kdeconnectd from connecting to any peers, because a reply which is
seen as originating from the local interface address will cause
kdeconnectd to immediately connect to itself and remember its own
certificate.

Address this by using the certificate display name of the peer, which
will match the real device ID.
2021-09-25 12:51:59 +00:00
Weixuan XIAO
664da445ee Empty capabilities in identity packet for UDP
To avoid incomplete UDP transmission on macOS
2021-07-04 19:13:21 +00:00
Albert Vaca Cintora
bd27aec9d2 Do not replace connections for a given deviceId if the certs have changed
Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
2020-10-02 12:52:08 +02:00
Albert Vaca Cintora
ce0f00fc2d Limit the ports we try to connect to to the port range of KDE Connect
So we can't trigger connections to other services.

Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
2020-10-02 12:52:08 +02:00
Albert Vaca Cintora
613899be24 Do not remember more than a few identity packets at a time
To prevent the kdeconnect process from using too much memory.

Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
2020-10-02 12:52:08 +02:00
Albert Vaca Cintora
542d94a70c Limit number of connected sockets from unpaired devices
Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
2020-10-02 12:52:08 +02:00
Aleix Pol
024e5f23db Do not let lanlink connections stay open for long without authenticating
If there's no information received, close the socket to try again.

Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
2020-10-02 12:52:08 +02:00
Aleix Pol
4fbd01a3d4 Limit identity packets to 8KiB
Healthy identity packages shouldn't be that big and we don't want to
allow systems around us to send us ever humongous packages that will
just leave us without any memory.

Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
2020-10-02 12:52:08 +02:00
Matthias Gerstner
7e47d04053 Fix use after free in LanLinkProvider::connectError()
If QSslSocket::connectToHost() hasn't finished running.

Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
2020-10-02 12:52:08 +02:00
Albert Vaca Cintora
7b904f47b3 Do not ignore SSL errors, except for self-signed cert errors.
Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
2020-10-02 12:52:08 +02:00
Richard Liebscher
8d16d05c8a Custom devices 2020-08-18 21:55:24 +02:00
Nicolas Fella
87db95b22f Convert license headers to SPDX expressions 2020-08-17 09:48:10 +00:00
Piyush Aggarwal
771c9dcd22 fix code indentation in lanlinkprovider 2020-08-07 21:22:28 +00:00
Piyush Aggarwal
e3225a1430 fix QSslKey::ca-certificate deprecated warning 2020-08-07 21:22:28 +00:00
Nicolas Fella
93e68756bc Port away from deprecated error signal 2020-05-09 17:21:14 +00:00
Richard Liebscher
ba34672cbd Make build for SailfishConnect possible 2019-12-09 22:14:19 +00:00
Nicolas Fella
39fe270cd1 Port Kdeconnectconfig to reference based singleton
It's more expressive in the sense that it makes clear that the user should not delete the object
2019-09-08 17:09:52 +02:00
Nicolas Fella
e601755644 Force usage of QStringLiteral and port remaining offenders 2019-06-10 14:40:28 +00:00
Simon Redman
c7579eb170 Fix LanLinkProviderTest on Windows
## Summary
LanLinkProviderTest fails on Windows. This patch fixes that.

I believe the root cause is that we are using a shared UDP socket to listen for identity broadcasts both in the LanLinkProvider and in the test. Apparently this works on Linux, but on Windows the LanLinkProvider picks up its own identity packet and pairs with itself.

This patch gives a parameter to LanLinkProvider to allow it to listen and broadcast on different ports, then uses that ability in the test to make the test pass on Windows.

## Test Plan

### Before:
lanlinkprovider test fails, first because it can't bind its UDP listener socket, and then because Windows seems to handle shared sockets differently than Linux, so the UDP broadcasts were not reaching the test's listener.

### After:
lanlinkprovider test seems to pass reliably both in my Windows VM and in the CI
2019-06-05 15:14:50 +00:00
Simon Redman
4c75626919 Fix build
Commit 637285378d was not properly tested
2019-06-02 22:24:25 -06:00
Simon Redman
637285378d Add error logging to LanLinkProvider when binding the listener socket 2019-06-02 22:14:10 -06:00
Nicolas Fella
e1827ae33c Print socket error when connection fails 2019-05-26 20:36:35 +02:00
Nicolas Fella
3c353e7828 Improve debug message wording 2019-05-26 20:30:39 +02:00
Nicolas Fella
89987eb025 Coding style 2019-05-04 19:27:04 +02:00
Nicolas Fella
eef04f124b [backends/lan] Don't fail silently when a UDP packet could not be unserialized 2019-05-04 18:34:59 +02:00
Nicolas Fella
aff3d20e7e [lanlinkprovider] Improve method names 2019-05-04 13:10:27 +00:00
Nicolas Fella
ecacb0eb80 Remove unneeded disconnects 2019-05-02 12:05:52 +00:00
Nicolas Fella
d3b6d1717d Port old connects 2019-05-01 23:42:24 +02:00
Nicolas Fella
ad0acbfae3 move initialization to initializer list 2019-05-01 23:26:07 +02:00
Nicolas Fella
3b8fedea1a Replace http GNU urls with https 2019-03-23 17:29:26 +01:00
Matthijs Tijink
97705c3c76 Retry the network packet if it failed to unserialize
This happens if the network packet is big enough to not transfer in one
go.
2019-03-09 18:29:55 +01:00
Nicolas Fella
1b20ecec32 Allow newer TLS versions
Summary:
Instead of mandating TLS V1.0 use 1.0 or later.
BUG: 400338

Test Plan: Phone connects

Reviewers: #kde_connect, albertvaka

Reviewed By: #kde_connect, albertvaka

Subscribers: thomasp, kdeconnect

Tags: #kde_connect

Differential Revision: https://phabricator.kde.org/D18217
2019-01-18 08:59:45 +01:00
Yuri Chornoivan
5c468f0ecd Fix minor typos 2018-12-11 19:23:06 +02:00
Albert Vaca
06d4cb580e Disable bad cipher suites now that we dropped support for Android<14
BUG: 400722
2018-11-07 16:31:54 +01:00
Nicolas Fella
276d18a02a Fix clang-tidy warning 2018-11-03 02:17:25 +01:00
Simon Redman
08b31ce258 Properly Assign LanLinkProvider as the Parent of its child objects
Summary: This is not a hugely important change. I noticed it while I was working on something else, and it seems like it ought to be this way

Test Plan: Nothing should be noticeably different

Reviewers: #kde_connect, albertvaka

Reviewed By: #kde_connect, albertvaka

Subscribers: apol, kdeconnect

Tags: #kde_connect

Differential Revision: https://phabricator.kde.org/D16468
2018-10-29 09:48:09 -06:00
Adam Pigg
ee52c8cd03 use libkeepalive to wakeup daemon
Summary:
Main change is to use libkeepalive to wake up the system to ensure connections stay alive

Other minor changes are:
-Log daemon messages for debugging purposes
-Add way to forece refresh of device list
-Minor spec improvements

The keepalive changes certainly seem to help, not sure if it completely solves the problems
The logging changes are temporary, and I could use them locally, but they only affect sailfish users
Im not sure if the refresh method is correct, but seems to force the daemon to check for devices

Reviewers: #kde_connect, nicolasfella, albertvaka

Reviewed By: #kde_connect, albertvaka

Subscribers: kdeconnect

Tags: #kde_connect

Differential Revision: https://phabricator.kde.org/D15414
2018-10-23 08:30:48 +01:00
Yuri Chornoivan
5fe74ce041 Fix minor EBN issues and typos 2018-10-07 21:23:20 +03:00
Nicolas Fella
69698f3407 Fix typos 2018-07-27 15:00:23 +02:00
Nicholas D Steeves
6d8fa21572 Fix typo in backend
Bug: 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929 394929
2018-06-02 20:22:29 +02:00
Albert Astals Cid
17b304c42a Do not call deleteLater on a null QObject
We don't always have a pairing handler for a given device link

Also change the assert not to trigger a warning in ubsan

Reviewed by Albert Vaca
2018-03-24 19:02:06 +01:00
Albert Vaca
f47f517827 Rename NetworkPackage -> NetworkPacket
Summary: KDE Connect, now with correct naming!

Test Plan: It still builds.

Reviewers: #kde_connect, apol, nicolasfella

Reviewed By: #kde_connect, apol, nicolasfella

Subscribers: nicolasfella

Differential Revision: https://phabricator.kde.org/D11036
2018-03-05 20:03:23 +01:00
Tobias Fella
2aeae44569 Fixed Typo
Reviewers: #kde_connect, nicolasfella

Reviewed By: #kde_connect, nicolasfella

Subscribers: nicolasfella, #kde_connect

Tags: #kde_connect

Differential Revision: https://phabricator.kde.org/D10998
2018-03-03 20:31:21 +01:00
Matthijs Tijink
d6f9c30749 Add support for new Android 2.3 (API 9+) cipher
Summary: Desktop counterpart of D9449.

Reviewers: #kde_connect, albertvaka

Reviewed By: #kde_connect, albertvaka

Differential Revision: https://phabricator.kde.org/D9451
2017-12-22 13:27:04 +01:00