FCL/sf/mw/qt: src/gui/embedded/qtransportauth_qws.cpp@56cd8111b7f7 (annotated)

0 1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1	/****************************************************************************
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	2	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	3	** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	4	** All rights reserved.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	5	** Contact: Nokia Corporation (qt-info@nokia.com)
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	6	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	7	** This file is part of the QtGui module of the Qt Toolkit.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	8	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	9	** $QT_BEGIN_LICENSE:LGPL$
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	10	** No Commercial Usage
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	11	** This file contains pre-release code and may not be distributed.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	12	** You may use this file in accordance with the terms and conditions
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	13	** contained in the Technology Preview License Agreement accompanying
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	14	** this package.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	15	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	16	** GNU Lesser General Public License Usage
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	17	** Alternatively, this file may be used under the terms of the GNU Lesser
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	18	** General Public License version 2.1 as published by the Free Software
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	19	** Foundation and appearing in the file LICENSE.LGPL included in the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	20	** packaging of this file. Please review the following information to
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	21	** ensure the GNU Lesser General Public License version 2.1 requirements
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	22	** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	23	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	24	** In addition, as a special exception, Nokia gives you certain additional
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	25	** rights. These rights are described in the Nokia Qt LGPL Exception
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	26	** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	27	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	28	** If you have questions regarding the use of this file, please contact
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	29	** Nokia at qt-info@nokia.com.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	30	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	31	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	32	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	33	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	34	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	35	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	36	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	37	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	38	** $QT_END_LICENSE$
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	39	**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	40	****************************************************************************/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	41
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	42	#include "qtransportauth_qws.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	43	#include "qtransportauth_qws_p.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	44
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	45	#ifndef QT_NO_SXE
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	46
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	47	#include "../../3rdparty/md5/md5.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	48	#include "../../3rdparty/md5/md5.cpp"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	49	#include "qwsutils_qws.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	50	#include "qwssocket_qws.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	51	#include "qwscommand_qws_p.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	52	#include "qwindowsystem_qws.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	53	#include "qbuffer.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	54	#include "qthread.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	55	#include "qabstractsocket.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	56	#include "qlibraryinfo.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	57	#include "qfile.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	58	#include "qdebug.h"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	59	#include <private/qcore_unix_p.h> // overrides QT_OPEN
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	60
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	61	#include <syslog.h>
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	62	#include <unistd.h>
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	63	#include <fcntl.h>
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	64	#include <sys/stat.h>
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	65	#include <sys/types.h>
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	66	#include <sys/socket.h>
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	67	#include <sys/file.h>
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	68	#include <stdio.h>
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	69	#include <stdlib.h>
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	70	#include <errno.h>
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	71	#include <time.h>
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	72
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	73	#include <QtCore/qcache.h>
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	74
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	75	#define BUF_SIZE 512
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	76
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	77	QT_BEGIN_NAMESPACE
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	78
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	79	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	80	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	81	memset for security purposes, guaranteed not to be optimized away
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	82	http://www.faqs.org/docs/Linux-HOWTO/Secure-Programs-HOWTO.html
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	83	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	84	Q_GUI_EXPORT void guaranteed_memset(void v,int c,size_t n)
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	85	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	86	volatile char p = (char )v; while (n--) *p++=c; return v;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	87	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	88
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	89	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	90	\class QTransportAuth
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	91	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	92
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	93	\brief Authenticate a message transport.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	94
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	95	For performance reasons, message authentication is tied to an individual
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	96	message transport instance. For example in connection oriented transports
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	97	the authentication cookie can be cached against the connection avoiding
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	98	the overhead of authentication on every message.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	99
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	100	For each process there is one instance of the QTransportAuth object.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	101	For server processes it can determine the \link secure-exe-environ.html SXE
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	102	Program Identity \endlink and provide access to policy data to determine if
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	103	the message should be forwarded for action. If not actioned, the message
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	104	may be treated as being from a flawed or malicious process.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	105
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	106	Retrieve the instance with the getInstance() method. The constructor is
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	107	disabled and instances of QTransportAuth should never be constructed by
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	108	calling classes.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	109
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	110	To make the Authentication easier to use a proxied QIODevice is provided
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	111	which uses an internal QBuffer.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	112
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	113	In the server code first get a pointer to a QTransportAuth::Data object
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	114	using the connectTransport() method:
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	115
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	116	\snippet doc/src/snippets/code/src_gui_embedded_qtransportauth_qws.cpp 0
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	117
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	118	Here it is asserted that the transport is trusted. See the assumptions
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	119	listed in the \link secure-exe-environ.html SXE documentation \endlink
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	120
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	121	Then proxy in the authentication device:
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	122
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	123	\snippet doc/src/snippets/code/src_gui_embedded_qtransportauth_qws.cpp 1
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	124
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	125	In the client code it is similar. Use the connectTransport() method
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	126	just the same then proxy in the authentication device instead of the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	127	socket in write calls:
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	128
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	129	\snippet doc/src/snippets/code/src_gui_embedded_qtransportauth_qws.cpp 2
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	130	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	131
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	132	static int hmac_md5(
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	133	unsigned char* text, /* pointer to data stream */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	134	int text_length, /* length of data stream */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	135	const unsigned char* key, /* pointer to authentication key */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	136	int key_length, /* length of authentication key */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	137	unsigned char * digest /* caller digest to be filled in */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	138	);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	139
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	140
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	141
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	142	#define KEY_CACHE_SIZE 30
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	143
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	144	const char * const errorStrings[] = {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	145	"pending identity verification",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	146	"message too small to carry auth data",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	147	"cache miss on connection oriented transport",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	148	"no magic bytes on message",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	149	"key not found for prog id",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	150	"authorization key match failed",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	151	"key out of date"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	152	};
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	153
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	154	const char *QTransportAuth::errorString( const Data &d )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	155	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	156	if (( d.status & ErrMask ) == Success )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	157	return "success";
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	158	int e = d.status & ErrMask;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	159	if ( e > OutOfDate )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	160	return "unknown";
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	161	return errorStrings[e];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	162	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	163
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	164	SxeRegistryLocker::SxeRegistryLocker( QObject *reg )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	165	: m_success( false )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	166	, m_reg( 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	167	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	168	if ( reg )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	169	if ( !QMetaObject::invokeMethod( reg, "lockManifest", Q_RETURN_ARG(bool, m_success) ))
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	170	m_success = false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	171	m_reg = reg;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	172	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	173
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	174	SxeRegistryLocker::~SxeRegistryLocker()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	175	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	176	if ( m_success )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	177	QMetaObject::invokeMethod( m_reg, "unlockManifest" );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	178	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	179
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	180
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	181	QTransportAuthPrivate::QTransportAuthPrivate()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	182	: keyInitialised(false)
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	183	, m_packageRegistry( 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	184	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	185	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	186
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	187	QTransportAuthPrivate::~QTransportAuthPrivate()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	188	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	189	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	190
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	191	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	192	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	193	Construct a new QTransportAuth
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	194	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	195	QTransportAuth::QTransportAuth() : QObject(*new QTransportAuthPrivate)
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	196	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	197	// qDebug( "creating transport auth" );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	198	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	199
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	200	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	201	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	202	Destructor
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	203	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	204	QTransportAuth::~QTransportAuth()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	205	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	206	// qDebug( "deleting transport auth" );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	207	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	208
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	209	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	210	Set the process key for this currently running Qt Extended process to
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	211	the \a authdata. \a authdata should be sizeof(struct AuthCookie)
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	212	in length and contain the key and program id. Use this method
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	213	when setting or changing the SXE identity of the current program.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	214	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	215	void QTransportAuth::setProcessKey( const char *authdata )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	216	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	217	Q_D(QTransportAuth);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	218	::memcpy(&d->authKey, authdata, sizeof(struct AuthCookie));
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	219	QFile proc_key( QLatin1String("/proc/self/lids_key") );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	220	// where proc key exists use that instead
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	221	if ( proc_key.open( QIODevice::ReadOnly ))
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	222	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	223	qint64 kb = proc_key.read( (char*)&d->authKey.key, QSXE_KEY_LEN );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	224	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	225	qDebug( "Using %li bytes of /proc/%i/lids_key\n", (long int)kb, getpid() );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	226	#else
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	227	Q_UNUSED( kb );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	228	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	229	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	230	d->keyInitialised = true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	231	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	232
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	233
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	234	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	235	Apply \a key as the process key for the currently running application.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	236
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	237	\a prog is current ignored
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	238
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	239	Deprecated function
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	240	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	241	void QTransportAuth::setProcessKey( const char key, const char prog )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	242	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	243	Q_UNUSED(prog);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	244	setProcessKey( key );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	245	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	246	char displaybuf[QSXE_KEY_LEN*2+1];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	247	hexstring( displaybuf, (const unsigned char *)key, QSXE_KEY_LEN );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	248	qDebug() << "key" << displaybuf << "set";
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	249	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	250	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	251
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	252	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	253	Register \a pr as a policy handler object. The object pointed to
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	254	by \a pr should have a slot as follows
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	255	\snippet doc/src/snippets/code/src_gui_embedded_qtransportauth_qws.cpp 3
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	256	All requests received by this server will then generate a call to
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	257	this slot, and may be processed for policy compliance.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	258	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	259	void QTransportAuth::registerPolicyReceiver( QObject *pr )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	260	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	261	// not every policy receiver needs setup - no error if this fails
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	262	QMetaObject::invokeMethod( pr, "setupPolicyCheck" );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	263
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	264	connect( this, SIGNAL(policyCheck(QTransportAuth::Data&,QString)),
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	265	pr, SLOT(policyCheck(QTransportAuth::Data&,QString)), Qt::DirectConnection );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	266	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	267
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	268	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	269	Unregister the \a pr from being a policy handler. No more policyCheck signals
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	270	are received by this object.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	271	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	272	void QTransportAuth::unregisterPolicyReceiver( QObject *pr )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	273	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	274	disconnect( pr );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	275	// not every policy receiver needs tear down - no error if this fails
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	276	QMetaObject::invokeMethod( pr, "teardownPolicyCheck" );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	277	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	278
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	279	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	280	Record a new transport connection with \a properties and \a descriptor.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	281
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	282	The calling code is responsible for destroying the returned data when the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	283	tranport connection is closed.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	284	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	285	QTransportAuth::Data *QTransportAuth::connectTransport( unsigned char properties, int descriptor )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	286	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	287	Data *data = new Data(properties, descriptor);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	288	data->status = Pending;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	289	return data;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	290	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	291
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	292	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	293	Is the transport trusted. This is true iff data written into the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	294	transport medium cannot be intercepted or modified by another process.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	295	This is for example true for Unix Domain Sockets, but not for shared
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	296	memory or UDP sockets.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	297
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	298	There is of course an underlying assumption that the kernel implementing
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	299	the transport is sound, ie it cannot be compromised by writing to
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	300	/dev/kmem or loading untrusted modules
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	301	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	302	inline bool QTransportAuth::Data::trusted() const
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	303	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	304	return (bool)(properties & Trusted);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	305	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	306
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	307	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	308	Assert that the transport is trusted.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	309
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	310	For example with respect to shared memory, if it is ensured that no untrusted
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	311	root processes are running, and that unix permissions have been set such that
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	312	any untrusted non-root processes do not have access rights, then a shared
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	313	memory transport could be asserted to be trusted.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	314
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	315	\sa trusted()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	316	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	317	inline void QTransportAuth::Data::setTrusted( bool t )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	318	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	319	properties = t ? properties \| Trusted : properties & ~Trusted;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	320	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	321
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	322	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	323	Is the transport connection oriented. This is true iff once a connection
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	324	has been accepted, and state established, then further messages over the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	325	transport are guaranteed to have come from the original connecting entity.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	326	This is for example true for Unix Domain Sockets, but not
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	327	for shared memory or UDP sockets.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	328
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	329	By extension if the transport is not trusted() then it should not be
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	330	assumed to be connection oriented, since spoofed connection information
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	331	could be created. For example if we assume the TCP/IP transport is
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	332	trusted, it can be treated as connection oriented; but this is only the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	333	case if intervening routers are trusted.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	334
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	335	Connection oriented transports have authorization cached against the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	336	connection, and thus authorization is only done at connect time.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	337	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	338	inline bool QTransportAuth::Data::connection() const
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	339	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	340	return (bool)(properties & Connection);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	341	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	342
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	343	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	344	Assert that the transport is connection oriented.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	345
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	346	\sa connection()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	347	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	348	inline void QTransportAuth::Data::setConnection( bool t )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	349	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	350	properties = t ? properties \| Connection : properties & ~Connection;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	351	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	352
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	353	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	354	Return a pointer to the instance of this process's QTransportAuth object
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	355	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	356	QTransportAuth *QTransportAuth::getInstance()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	357	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	358	static QTransportAuth theInstance;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	359
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	360	return &theInstance;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	361	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	362
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	363	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	364	Set the full path to the key file
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	365
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	366	Since this is normally relative to Qtopia::qpeDir() this needs to be
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	367	set within the Qt Extended framework.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	368
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	369	The keyfile should be protected by file permissions or by MAC rules
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	370	such that it can only be read/written by the "qpe" server process
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	371	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	372	void QTransportAuth::setKeyFilePath( const QString &path )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	373	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	374	Q_D(QTransportAuth);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	375	d->m_keyFilePath = path;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	376	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	377
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	378	QString QTransportAuth::keyFilePath() const
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	379	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	380	Q_D(const QTransportAuth);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	381	return d->m_keyFilePath;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	382	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	383
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	384	void QTransportAuth::setLogFilePath( const QString &path )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	385	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	386	Q_D(QTransportAuth);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	387	d->m_logFilePath = path;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	388	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	389
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	390	QString QTransportAuth::logFilePath() const
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	391	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	392	Q_D(const QTransportAuth);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	393	return d->m_logFilePath;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	394	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	395
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	396	void QTransportAuth::setPackageRegistry( QObject *registry )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	397	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	398	Q_D(QTransportAuth);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	399	d->m_packageRegistry = registry;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	400	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	401
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	402	bool QTransportAuth::isDiscoveryMode() const
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	403	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	404	#if defined(SXE_DISCOVERY)
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	405	static bool checked = false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	406	static bool yesItIs = false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	407
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	408	if ( checked ) return yesItIs;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	409
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	410	yesItIs = ( getenv( "SXE_DISCOVERY_MODE" ) != 0 );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	411	if ( yesItIs )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	412	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	413	qWarning("SXE Discovery mode on, ALLOWING ALL requests and logging to %s",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	414	qPrintable(logFilePath()));
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	415	QFile::remove( logFilePath() );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	416	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	417	checked = true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	418	return yesItIs;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	419	#else
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	420	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	421	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	422	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	423
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	424	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	425	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	426	Return the authorizer device mapped to this client. Note that this
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	427	could probably all be void* instead of QWSClient* for generality.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	428	Until the need for that rears its head its QWSClient* to save the casts.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	429
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	430	#### OK the need has arrived, but the public API is frozen.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	431	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	432	QIODevice QTransportAuth::passThroughByClient( QWSClient client ) const
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	433	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	434	Q_D(const QTransportAuth);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	435
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	436	if ( client == 0 ) return 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	437	if ( d->buffersByClient.contains( client ))
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	438	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	439	return d->buffersByClient[client];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	440	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	441	// qWarning( "buffer not found for client %p", client );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	442	return 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	443	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	444
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	445	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	446	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	447	Return a QIODevice pointer (to an internal QBuffer) which can be used
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	448	to receive data after authorisation on transport \a d.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	449
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	450	The return QIODevice will act as a pass-through.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	451
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	452	The data will be consumed from \a iod and forwarded on to the returned
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	453	QIODevice which can be connected to readyRead() signal handlers in
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	454	place of the original QIODevice \a iod.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	455
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	456	This will be called in the server process to handle incoming
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	457	authenticated requests.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	458
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	459	The returned QIODevice will take ownership of \a data which will be deleted
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	460	when the QIODevice is delected.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	461
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	462	\sa setTargetDevice()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	463	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	464	QAuthDevice QTransportAuth::recvBuf( QTransportAuth::Data data, QIODevice *iod )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	465	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	466	return new QAuthDevice( iod, data, QAuthDevice::Receive );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	467	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	468
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	469	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	470	Return a QIODevice pointer (to an internal QBuffer) which can be used
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	471	to write data onto, for authorisation on transport \a d.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	472
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	473	The return QIODevice will act as a pass-through.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	474
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	475	The data written to the return QIODevice will be forwarded on to the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	476	returned QIODevice. In the case of a QTcpSocket, this will cause it
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	477	to send out the data with the authentication information on it.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	478
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	479	This will be called in the client process to generate outgoing
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	480	authenticated requests.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	481
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	482	The returned QIODevice will take ownership of \a data which will be deleted
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	483	when the QIODevice is delected.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	484
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	485	\sa setTargetDevice()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	486	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	487	QAuthDevice QTransportAuth::authBuf( QTransportAuth::Data data, QIODevice *iod )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	488	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	489	return new QAuthDevice( iod, data, QAuthDevice::Send );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	490	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	491
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	492	const unsigned char *QTransportAuth::getClientKey( unsigned char progId )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	493	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	494	Q_D(QTransportAuth);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	495	return d->getClientKey( progId );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	496	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	497
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	498	void QTransportAuth::invalidateClientKeyCache()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	499	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	500	Q_D(QTransportAuth);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	501	d->invalidateClientKeyCache();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	502	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	503
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	504	QMutex *QTransportAuth::getKeyFileMutex()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	505	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	506	Q_D(QTransportAuth);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	507	return &d->keyfileMutex;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	508	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	509
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	510	/*
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	511	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	512	Respond to the destroyed(QObject*) signal of the QAuthDevice's
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	513	client object and remove it from the buffersByClient lookup hash.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	514	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	515	void QTransportAuth::bufferDestroyed( QObject *cli )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	516	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	517	Q_D(QTransportAuth);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	518	if ( cli == NULL ) return;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	519
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	520	if ( d->buffersByClient.contains( cli ))
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	521	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	522	d->buffersByClient.remove( cli );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	523	// qDebug( "@@@@@@@ client %p removed @@@@@@@@@", cli );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	524	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	525	// qDebug( " client count %d", d->buffersByClient.count() );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	526	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	527
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	528	bool QTransportAuth::authorizeRequest( QTransportAuth::Data &d, const QString &request )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	529	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	530	bool isAuthorized = true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	531
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	532	if ( !request.isEmpty() && request != QLatin1String("Unknown") )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	533	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	534	d.status &= QTransportAuth::ErrMask; // clear the status
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	535	emit policyCheck( d, request );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	536	isAuthorized = (( d.status & QTransportAuth::StatusMask ) == QTransportAuth::Allow );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	537	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	538	#if defined(SXE_DISCOVERY)
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	539	if (isDiscoveryMode()) {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	540	#ifndef QT_NO_TEXTSTREAM
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	541	if (!logFilePath().isEmpty()) {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	542	QFile log( logFilePath() );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	543	if (!log.open(QIODevice::WriteOnly \| QIODevice::Append)) {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	544	qWarning("Could not write to log in discovery mode: %s",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	545	qPrintable(logFilePath()));
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	546	} else {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	547	QTextStream ts( &log );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	548	ts << d.progId << '\t' << ( isAuthorized ? "Allow" : "Deny" ) << '\t' << request << endl;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	549	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	550	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	551	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	552	isAuthorized = true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	553	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	554	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	555	if ( !isAuthorized )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	556	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	557	qWarning( "%s - denied: for Program Id %u [PID %d]"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	558	, qPrintable(request), d.progId, d.processId );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	559
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	560	char linkTarget[BUF_SIZE]="";
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	561	char exeLink[BUF_SIZE]="";
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	562	char cmdlinePath[BUF_SIZE]="";
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	563	char cmdline[BUF_SIZE]="";
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	564
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	565	//get executable from /proc/pid/exe
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	566	snprintf( exeLink, BUF_SIZE, "/proc/%d/exe", d.processId );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	567	if ( -1 == ::readlink( exeLink, linkTarget, BUF_SIZE - 1 ) )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	568	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	569	qWarning( "SXE:- Error encountered in retrieving executable link target from /proc/%u/exe : %s",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	570	d.processId, strerror(errno) );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	571	snprintf( linkTarget, BUF_SIZE, "%s", linkTarget );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	572	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	573
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	574	//get cmdline from proc/pid/cmdline
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	575	snprintf( cmdlinePath, BUF_SIZE, "/proc/%d/cmdline", d.processId );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	576	int cmdlineFd = QT_OPEN( cmdlinePath, O_RDONLY );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	577	if ( cmdlineFd == -1 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	578	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	579	qWarning( "SXE:- Error encountered in opening /proc/%u/cmdline: %s",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	580	d.processId, strerror(errno) );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	581	snprintf( cmdline, BUF_SIZE, "%s", "Unknown" );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	582	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	583	else
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	584	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	585	if ( -1 == QT_READ(cmdlineFd, cmdline, BUF_SIZE - 1 ) )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	586	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	587	qWarning( "SXE:- Error encountered in reading /proc/%u/cmdline : %s",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	588	d.processId, strerror(errno) );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	589	snprintf( cmdline, BUF_SIZE, "%s", "Unknown" );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	590	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	591	QT_CLOSE( cmdlineFd );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	592	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	593
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	594	syslog( LOG_ERR \| LOG_LOCAL6, "%s // PID:%u // ProgId:%u // Exe:%s // Request:%s // Cmdline:%s",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	595	"<SXE Breach>", d.processId, d.progId, linkTarget, qPrintable(request), cmdline);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	596	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	597
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	598	return isAuthorized;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	599	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	600
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	601	inline bool __fileOpen( QFile *f )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	602	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	603	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	604	if ( f->open( QIODevice::ReadOnly ))
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	605	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	606	qDebug( "Opened file: %s\n", qPrintable( f->fileName() ));
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	607	return true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	608	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	609	else
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	610	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	611	qWarning( "Could not open file: %s\n", qPrintable( f->fileName() ));
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	612	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	613	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	614	#else
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	615	return ( f->open( QIODevice::ReadOnly ));
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	616	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	617	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	618
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	619	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	620	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	621	Find client keys for the \a progId. If it is cached should be very
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	622	fast, otherwise requires a read of the secret key file
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	623
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	624	In the success case a pointer to the keys is returned. The pointer is
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	625	to storage allocated for the internal cache and must be used asap.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	626
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	627	The list returned is a sequence of one or more keys which match the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	628	progId. There is no separator, each 16 byte sequence represents a key.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	629	The sequence is followed by two iterations of the SXE magic
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	630	bytes,eg 0xBA, 0xD4, 0xD4, 0xBA, 0xBA, 0xD4, 0xD4, 0xBA
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	631
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	632	NULL is returned in the following cases:
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	633	\list
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	634	\o the keyfiles could not be accessed - error condition
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	635	\o there was no key for the supplied program id - key auth failed
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	636	\endlist
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	637
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	638	Note that for the keyfiles, there is multi-thread and multi-process
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	639	concurrency issues: they can be read by the qpe process when
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	640	QTransportAuth calls getClientKey to verify a request, and they can be
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	641	read or written by the packagemanager when updating package data.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	642
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	643	To protect against this, the keyfileMutex & SxeRegistryLocker is used.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	644
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	645	The sxe_installer tool can also update inode and device numbers in
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	646	the manifest file, but this only occurs outside of normal operation,
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	647	so qpe and packagemanager are never running when this occurs.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	648	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	649	const unsigned char *QTransportAuthPrivate::getClientKey(unsigned char progId)
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	650	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	651	int manifestMatchCount = 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	652	struct IdBlock mr;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	653	int total_size = 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	654	char *result = 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	655	char *result_ptr;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	656	int keysFound = 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	657	bool foundKey;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	658	int keysRead = 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	659	struct usr_key_entry keys_list[128];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	660
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	661	if ( keyCache.contains( progId ))
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	662	return (const unsigned char *)keyCache[progId];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	663
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	664	SxeRegistryLocker rlock( m_packageRegistry );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	665
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	666	// ### Qt 4.3: this is hacky - see documentation for setKeyFilePath
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	667	QString manifestPath = m_keyFilePath + QLatin1String("/manifest");
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	668	QString actualKeyPath = QLatin1String("/proc/lids/keys");
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	669	bool noFailOnKeyMissing = true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	670	if ( !QFile::exists( actualKeyPath )) {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	671	actualKeyPath = m_keyFilePath + QLatin1String( "/" QSXE_KEYFILE );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	672	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	673	QFile kf( actualKeyPath );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	674	QFile mn( manifestPath );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	675	if ( !__fileOpen( &mn ))
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	676	goto key_not_found;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	677	// first find how much storage is needed
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	678	while ( mn.read( (char*)&mr, sizeof(struct IdBlock)) > 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	679	if ( mr.progId == progId )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	680	manifestMatchCount++;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	681	if ( manifestMatchCount == 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	682	goto key_not_found;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	683	if ( !__fileOpen( &kf ))
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	684	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	685	noFailOnKeyMissing = false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	686	goto key_not_found;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	687	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	688	total_size = 2 * QSXE_MAGIC_BYTES + manifestMatchCount * QSXE_KEY_LEN;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	689	result = (char*)malloc( total_size );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	690	Q_CHECK_PTR( result );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	691	mn.seek( 0 );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	692	result_ptr = result;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	693	/* reading whole key array in is much more efficient, 99% case is this loop only
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	694	executes once, should not have more than 128 keyed items */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	695	while (( keysRead = kf.read( (char)keys_list, sizeof(struct usr_key_entry)128 )) > 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	696	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	697	/* qDebug("PID %d: getClientKey() - read %d bytes = %d keys from %s", getpid(), keysRead,
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	698	keysRead/sizeof(struct usr_key_entry), qPrintable(actualKeyPath)); */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	699	keysRead /= sizeof(struct usr_key_entry);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	700	while ( mn.read( (char*)&mr, sizeof(struct IdBlock)) > 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	701	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	702	if ( mr.progId == progId )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	703	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	704	foundKey = false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	705	for ( int i = 0; i < keysRead; ++i )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	706	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	707	/* if ( i == 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	708	qDebug() << " pid" << getpid() << "looking for device" << (dev_t)mr.device << "inode" << (ino_t)mr.inode;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	709	qDebug() << " pid" << getpid() << "trying device" << keys_list[i].dev << "inode" << keys_list[i].ino; */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	710	if ( keys_list[i].ino == (ino_t)mr.inode && keys_list[i].dev == (dev_t)mr.device )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	711	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	712	memcpy( result_ptr, keys_list[i].key, QSXE_KEY_LEN );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	713	result_ptr += QSXE_KEY_LEN;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	714	foundKey = true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	715	break;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	716	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	717	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	718	if ( foundKey )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	719	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	720	keysFound++;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	721	if ( keysFound == manifestMatchCount )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	722	break;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	723	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	724	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	725	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	726	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	727	if ( result_ptr == result ) // nothing found!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	728	goto key_not_found;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	729	// 2 x magic bytes sentinel at end of sequence
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	730	for ( int i = 0; i < 2; ++i )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	731	for ( int j = 0; j < QSXE_MAGIC_BYTES; ++j )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	732	*result_ptr++ = magic[j];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	733	keyCache.insert( progId, result, total_size / 10 );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	734	/* qDebug( "PID %d : Found %d client keys for prog %u", getpid(), keysFound, progId ); */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	735	goto success_out;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	736
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	737	key_not_found:
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	738	if ( noFailOnKeyMissing ) // return an "empty" set of keys in this case
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	739	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	740	if ( result == 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	741	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	742	result = (char)malloc( 2 QSXE_MAGIC_BYTES );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	743	Q_CHECK_PTR( result );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	744	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	745	result_ptr = result;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	746	for ( int i = 0; i < 2; ++i )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	747	for ( int j = 0; j < QSXE_MAGIC_BYTES; ++j )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	748	*result_ptr++ = magic[j];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	749	return (unsigned char *)result;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	750	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	751	qWarning( "PID %d : Not found client key for prog %u", getpid(), progId );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	752	if ( result )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	753	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	754	free( result );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	755	result = 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	756	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	757	success_out:
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	758	if ( mn.isOpen() )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	759	mn.close();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	760	if ( kf.isOpen() )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	761	kf.close();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	762	return (unsigned char *)result;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	763	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	764
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	765	void QTransportAuthPrivate::invalidateClientKeyCache()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	766	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	767	keyfileMutex.lock();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	768	keyCache.clear();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	769	keyfileMutex.unlock();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	770	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	771
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	772	////////////////////////////////////////////////////////////////////////
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	773	////
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	774	//// RequestAnalyzer definition
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	775	////
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	776
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	777
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	778	RequestAnalyzer::RequestAnalyzer()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	779	: moreData( false )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	780	, dataSize( 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	781	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	782	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	783
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	784	RequestAnalyzer::~RequestAnalyzer()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	785	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	786	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	787
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	788	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	789	Analzye the data in the\a msgQueue according to some protocol
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	790	and produce a request string for policy analysis.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	791
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	792	If enough data is in the queue for analysis of a complete message,
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	793	return a non-null string, and set a flag so requireMoreData() will
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	794	return false; otherwise return a null string and requireMoreData()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	795	return true.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	796
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	797	The amount of bytes analyzed is then available via bytesAnalyzed().
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	798
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	799	A null string is also returned in the case where the message was
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	800	corrupt and could not be analyzed. In this case requireMoreData()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	801	returns false.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	802
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	803	Note: this method will modify the msgQueue and pull off the data
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	804	deemed to be corrupt, in the case of corrupt data.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	805
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	806	In all other cases the msgQueue is left alone. The calling code
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	807	should then pull off the analyzed data. Use bytesAnalzyed() to
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	808	find how much data to pull off the queue.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	809	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	810	QString RequestAnalyzer::analyze( QByteArray *msgQueue )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	811	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	812	#ifdef Q_WS_QWS
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	813	dataSize = 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	814	moreData = false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	815	QBuffer cmdBuf( msgQueue );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	816	cmdBuf.open( QIODevice::ReadOnly \| QIODevice::Unbuffered );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	817	QWSCommand::Type command_type = (QWSCommand::Type)(qws_read_uint( &cmdBuf ));
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	818	QWSCommand *command = QWSCommand::factory(command_type);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	819	// if NULL, factory will have already printed warning for bogus
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	820	// command_type just purge the bad stuff and attempt to recover
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	821	if ( command == NULL )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	822	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	823	*msgQueue = msgQueue->mid( sizeof(int) );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	824	return QString();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	825	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	826	QString request = QLatin1String(qws_getCommandTypeString(command_type));
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	827	#ifndef QT_NO_COP
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	828	if ( !command->read( &cmdBuf ))
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	829	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	830	// not all command arrived yet - come back later
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	831	delete command;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	832	moreData = true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	833	return QString();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	834	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	835	if ( command_type == QWSCommand::QCopSend )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	836	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	837	QWSQCopSendCommand sendCommand = static_cast<QWSQCopSendCommand>(command);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	838	request += QString::fromLatin1("/QCop/%1/%2").arg( sendCommand->channel ).arg( sendCommand->message );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	839	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	840	if ( command_type == QWSCommand::QCopRegisterChannel )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	841	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	842	QWSQCopRegisterChannelCommand registerCommand = static_cast<QWSQCopRegisterChannelCommand>(command);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	843	request += QString::fromLatin1("/QCop/RegisterChannel/%1").arg( registerCommand->channel );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	844	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	845	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	846	dataSize = QWS_PROTOCOL_ITEM_SIZE( *command );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	847	delete command;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	848	return request;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	849	#else
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	850	Q_UNUSED(msgQueue);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	851	return QString();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	852	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	853	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	854
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	855	////////////////////////////////////////////////////////////////////////
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	856	////
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	857	//// AuthDevice definition
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	858	////
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	859
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	860	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	861	Constructs a new auth device for the transport \a data and I/O device \a parent.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	862
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	863	Incoming or outgoing data will be authenticated according to the auth direction \a dir.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	864
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	865	The auth device will take ownership of the transport \a data and delete it when the device
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	866	is destroyed.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	867	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	868	QAuthDevice::QAuthDevice( QIODevice parent, QTransportAuth::Data data, AuthDirection dir )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	869	: QIODevice( parent )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	870	, d( data )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	871	, way( dir )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	872	, m_target( parent )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	873	, m_client( 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	874	, m_bytesAvailable( 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	875	, m_skipWritten( 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	876	, analyzer( 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	877	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	878	if ( dir == Receive ) // server side
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	879	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	880	connect( m_target, SIGNAL(readyRead()),
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	881	this, SLOT(recvReadyRead()));
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	882	} else {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	883	connect( m_target, SIGNAL(readyRead()),
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	884	this, SIGNAL(readyRead()));
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	885	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	886	connect( m_target, SIGNAL(bytesWritten(qint64)),
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	887	this, SLOT(targetBytesWritten(qint64)) );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	888	open( QIODevice::ReadWrite \| QIODevice::Unbuffered );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	889	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	890
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	891	QAuthDevice::~QAuthDevice()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	892	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	893	if ( analyzer )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	894	delete analyzer;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	895	delete d;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	896	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	897
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	898	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	899	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	900	Store a pointer to the related device or instance which this
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	901	authorizer is proxying for
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	902	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	903	void QAuthDevice::setClient( QObject *cli )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	904	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	905	m_client = cli;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	906	QTransportAuth::getInstance()->d_func()->buffersByClient[cli] = this;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	907	QObject::connect( cli, SIGNAL(destroyed(QObject*)),
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	908	QTransportAuth::getInstance(), SLOT(bufferDestroyed(QObject*)) );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	909	// qDebug( "@@@@@@@@@@@@ client set %p @@@@@@@@@", cli );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	910	// qDebug( " client count %d", QTransportAuth::getInstance()->d_func()->buffersByClient.count() );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	911	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	912
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	913	QObject *QAuthDevice::client() const
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	914	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	915	return m_client;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	916	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	917
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	918	/*
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	919	\fn void QAuthDevice::authViolation(QTransportAuth::Data &)
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	920
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	921	This signal is emitted if an authorization failure is generated, as
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	922	described in checkAuth();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	923
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	924	\sa checkAuth()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	925	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	926
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	927
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	928	/*
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	929	\fn void QAuthDevice::policyCheck(QTransportAuth::Data &transport, const QString &request )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	930
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	931	This signal is emitted when a transport successfully delivers a request
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	932	and gives the opportunity to either deny or accept the request.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	933
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	934	This signal must be connected in the same thread, ie it cannot be queued.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	935
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	936	As soon as all handlers connected to this signal are processed the Allow or
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	937	Deny state on the \a transport is checked, and the request is allowed or denied
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	938	accordingly.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	939
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	940	\sa checkAuth()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	941	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	942
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	943	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	944	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	945	Reimplement QIODevice writeData method.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	946
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	947	For client end, when the device is written to the incoming data is
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	948	processed and an authentication header calculated. This is pushed
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	949	into the target device, followed by the actual incoming data (the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	950	payload).
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	951
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	952	For server end, it is a fatal error to write to the device.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	953	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	954	qint64 QAuthDevice::writeData(const char *data, qint64 len)
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	955	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	956	if ( way == Receive ) // server
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	957	return m_target->write( data, len );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	958	// client
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	959	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	960	char displaybuf[1024];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	961	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	962	char header[QSXE_HEADER_LEN];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	963	::memset( header, 0, QSXE_HEADER_LEN );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	964	qint64 bytes = 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	965	if ( QTransportAuth::getInstance()->authToMessage( *d, header, data, len ))
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	966	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	967	m_target->write( header, QSXE_HEADER_LEN );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	968	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	969	hexstring( displaybuf, (const unsigned char *)header, QSXE_HEADER_LEN );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	970	qDebug( "%d QAuthDevice::writeData - CLIENT: Header written: %s", getpid(), displaybuf );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	971	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	972	m_skipWritten += QSXE_HEADER_LEN;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	973	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	974	m_target->write( data, len );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	975	bytes += len;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	976	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	977	int bytesToDisplay = bytes;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	978	const unsigned char dataptr = (const unsigned char )data;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	979	while ( bytesToDisplay > 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	980	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	981	int amt = bytes < 500 ? bytes : 500;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	982	hexstring( displaybuf, dataptr, amt );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	983	qDebug( "%d QAuthDevice::writeData - CLIENT: %s", getpid(), bytes > 0 ? displaybuf : "(null)" );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	984	dataptr += 500;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	985	bytesToDisplay -= 500;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	986	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	987	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	988	if ( m_target->inherits( "QAbstractSocket" ))
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	989	static_cast<QAbstractSocket*>(m_target)->flush();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	990	return bytes;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	991	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	992
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	993	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	994	Reimplement from QIODevice
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	995
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	996	Read data out of the internal message queue, reduce the queue by the amount
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	997	read. Note that the amount available is only ever the size of a command
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	998	(although a command can be very big) since we need to check at command
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	999	boundaries for new authentication headers.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1000	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1001	qint64 QAuthDevice::readData( char *data, qint64 maxSize )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1002	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1003	if ( way == Send ) // client
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1004	return m_target->read( data, maxSize );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1005	if ( msgQueue.size() == 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1006	return 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1007	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1008	char displaybuf[1024];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1009	hexstring( displaybuf, reinterpret_cast<const unsigned char *>(msgQueue.constData()),
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1010	msgQueue.size() > 500 ? 500 : msgQueue.size() );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1011	qDebug() << getpid() << "QAuthDevice::readData() buffered/requested/avail"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1012	<< msgQueue.size() << maxSize << m_bytesAvailable << displaybuf;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1013	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1014	Q_ASSERT( m_bytesAvailable <= msgQueue.size() );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1015	qint64 bytes = ( maxSize > m_bytesAvailable ) ? m_bytesAvailable : maxSize;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1016	::memcpy( data, msgQueue.constData(), bytes );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1017	msgQueue = msgQueue.mid( bytes );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1018	m_bytesAvailable -= bytes;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1019	return bytes;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1020	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1021
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1022	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1023	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1024	Receive readyRead signal from the target recv device. In response
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1025	authorize the data, and write results out to the recvBuf() device
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1026	for processing by the application. Trigger the readyRead signal.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1027
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1028	Authorizing involves first checking the transport is valid, ie the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1029	handshake has either already been done and is cached on a trusted
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1030	transport, or was valid with this message; then second passing the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1031	string representation of the service request up to any policyReceivers
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1032
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1033	If either of these fail, the message is denied. In discovery mode
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1034	denied messages are allowed, but the message is logged.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1035	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1036	void QAuthDevice::recvReadyRead()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1037	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1038	qint64 bytes = m_target->bytesAvailable();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1039	if ( bytes <= 0 ) return;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1040	open( QIODevice::ReadWrite \| QIODevice::Unbuffered );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1041	QUnixSocket usock = static_cast<QUnixSocket>(m_target);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1042	QUnixSocketMessage msg = usock->read();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1043	msgQueue.append( msg.bytes() );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1044	d->processId = msg.processId();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1045	// if "fragmented" packet 1/2 way through start of a command, ie
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1046	// in the QWS msg type, cant do anything, come back later when
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1047	// there's more of the packet
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1048	if ( msgQueue.size() < (int)sizeof(int) )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1049	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1050	// qDebug() << "returning: msg size too small" << msgQueue.size();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1051	return;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1052	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1053	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1054	char displaybuf[1024];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1055	hexstring( displaybuf, reinterpret_cast<const unsigned char *>(msgQueue.constData()),
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1056	msgQueue.size() > 500 ? 500 : msgQueue.size() );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1057	qDebug( "%d ***** SERVER read %lli bytes - msg %s", getpid(), bytes, displaybuf );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1058	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1059
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1060	bool bufHasMessages = msgQueue.size() >= (int)sizeof(int);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1061	while ( bufHasMessages )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1062	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1063	unsigned char saveStatus = d->status;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1064	if (( d->status & QTransportAuth::ErrMask ) == QTransportAuth::NoSuchKey )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1065	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1066	QTransportAuth::getInstance()->authorizeRequest( *d, QLatin1String("NoSuchKey") );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1067	break;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1068	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1069	if ( !QTransportAuth::getInstance()->authFromMessage( *d, msgQueue, msgQueue.size() ))
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1070	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1071	// not all arrived yet? come back later
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1072	if (( d->status & QTransportAuth::ErrMask ) == QTransportAuth::TooSmall )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1073	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1074	d->status = saveStatus;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1075	return;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1076	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1077	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1078	if (( d->status & QTransportAuth::ErrMask ) == QTransportAuth::NoMagic )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1079	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1080	// no msg auth header, don't change the success status for connections
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1081	if ( d->connection() )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1082	d->status = saveStatus;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1083	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1084	else
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1085	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1086	// msg auth header detected and auth determined, remove hdr
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1087	msgQueue = msgQueue.mid( QSXE_HEADER_LEN );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1088	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1089	if ( !authorizeMessage() )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1090	break;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1091	bufHasMessages = msgQueue.size() >= (int)sizeof(int);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1092	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1093	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1094
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1095	/**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1096	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1097	Handle bytesWritten signals from the underlying target device.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1098	We adjust the target's value for bytes that are part of auth packets.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1099	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1100	void QAuthDevice::targetBytesWritten( qint64 bytes )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1101	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1102	if ( m_skipWritten >= bytes ) {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1103	m_skipWritten -= bytes;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1104	bytes = 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1105	} else if ( m_skipWritten > 0 ) {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1106	bytes -= m_skipWritten;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1107	m_skipWritten = 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1108	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1109	if ( bytes > 0 ) {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1110	emit bytesWritten( bytes );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1111	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1112	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1113
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1114	/**
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1115	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1116	Pre-process the message to determine what QWS command it is. This
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1117	information is used as the "request" for the purposes of authorization.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1118
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1119	The request and other data on the connection (id, PID, etc.) are forwarded
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1120	to all policy listeners by emitting a signal.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1121
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1122	The signal must be processed synchronously because on return the allow/deny
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1123	status is used immediately to either drop or continue processing the message.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1124	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1125	bool QAuthDevice::authorizeMessage()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1126	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1127	if ( analyzer == NULL )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1128	analyzer = new RequestAnalyzer();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1129	QString request = (*analyzer)( &msgQueue );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1130	if ( analyzer->requireMoreData() )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1131	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1132	bool isAuthorized = true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1133
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1134	if ( !request.isEmpty() && request != QLatin1String("Unknown") )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1135	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1136	isAuthorized = QTransportAuth::getInstance()->authorizeRequest( *d, request );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1137	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1138
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1139	bool moreToProcess = ( msgQueue.size() - analyzer->bytesAnalyzed() ) > (int)sizeof(int);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1140	if ( isAuthorized )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1141	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1142	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1143	qDebug() << getpid() << "SERVER authorized: releasing" << analyzer->bytesAnalyzed() << "byte command" << request;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1144	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1145	m_bytesAvailable = analyzer->bytesAnalyzed();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1146	emit QIODevice::readyRead();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1147	return moreToProcess;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1148	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1149	else
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1150	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1151	msgQueue = msgQueue.mid( analyzer->bytesAnalyzed() );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1152	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1153
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1154	return true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1155	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1156
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1157	void QAuthDevice::setRequestAnalyzer( RequestAnalyzer *ra )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1158	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1159	Q_ASSERT( ra );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1160	if ( analyzer )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1161	delete analyzer;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1162	analyzer = ra;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1163	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1164
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1165	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1166	\internal
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1167	Add authentication header to the beginning of a message
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1168
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1169	Note that the per-process auth cookie is used. This key should be rewritten in
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1170	the binary image of the executable at install time to make it unique.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1171
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1172	For this to be secure some mechanism (eg MAC kernel or other
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1173	permissions) must prevent other processes from reading the key.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1174
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1175	The buffer must have AUTH_SPACE(0) bytes spare at the beginning for the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1176	authentication header to be added.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1177
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1178	Returns true if header successfully added. Will fail if the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1179	per-process key has not yet been set with setProcessKey()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1180	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1181	bool QTransportAuth::authToMessage( QTransportAuth::Data &d, char hdr, const char msg, int msgLen )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1182	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1183	// qDebug( "authToMessage(): prog id %u", d.progId );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1184	// only authorize connection oriented transports once, unless key has changed
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1185	if ( d.connection() && ((d.status & QTransportAuth::ErrMask) != QTransportAuth::Pending) &&
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1186	d_func()->authKey.progId == d.progId )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1187	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1188	d.progId = d_func()->authKey.progId;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1189	// If Unix socket credentials are being used the key wont be set
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1190	if ( !d_func()->keyInitialised )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1191	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1192	unsigned char digest[QSXE_KEY_LEN];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1193	char *msgPtr = hdr;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1194	// magic always goes on the beginning
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1195	for ( int m = 0; m < QSXE_MAGIC_BYTES; ++m )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1196	*msgPtr++ = magic[m];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1197	hdr[ QSXE_LEN_IDX ] = (unsigned char)msgLen;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1198	if ( !d.trusted())
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1199	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1200	// Use HMAC
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1201	int rc = hmac_md5( (unsigned char *)msg, msgLen, d_func()->authKey.key, QSXE_KEY_LEN, digest );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1202	if ( rc == -1 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1203	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1204	memcpy( hdr + QSXE_KEY_IDX, digest, QSXE_KEY_LEN );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1205	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1206	else
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1207	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1208	memcpy( hdr + QSXE_KEY_IDX, d_func()->authKey.key, QSXE_KEY_LEN );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1209	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1210
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1211	hdr[ QSXE_PROG_IDX ] = d_func()->authKey.progId;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1212
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1213	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1214	char keydisplay[QSXE_KEY_LEN*2+1];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1215	hexstring( keydisplay, d_func()->authKey.key, QSXE_KEY_LEN );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1216
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1217	qDebug( "%d CLIENT Auth to message %s against prog id %u and key %s\n",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1218	getpid(), msg, d_func()->authKey.progId, keydisplay );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1219	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1220
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1221	// TODO implement sequence to prevent replay attack, not required
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1222	// for trusted transports
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1223	hdr[ QSXE_SEQ_IDX ] = 1; // dummy sequence
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1224
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1225	d.status = ( d.status & QTransportAuth::StatusMask ) \| QTransportAuth::Success;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1226	return true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1227	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1228
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1229
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1230	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1231	Check authorization on the \a msg, which must be of size \a msgLen,
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1232	for the transport \a d.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1233
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1234	If able to determine authorization, return the program identity of
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1235	the message source in the reference \a progId, and return true.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1236
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1237	Otherwise return false.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1238
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1239	If data is being received on a socket, it may be that more data is yet
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1240	needed before authentication can proceed.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1241
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1242	Also the message may not be an authenticated at all.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1243
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1244	In these cases the method returns false to indicate authorization could
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1245	not be determined:
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1246	\list
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1247	\i The message is too small to carry the authentication data
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1248	(status TooSmall is set on the \a d transport )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1249	\i The 4 magic bytes are missing from the message start
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1250	(status NoMagic is set on the \a d transport )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1251	\i The message is too small to carry the auth + claimed payload
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1252	(status TooSmall is set on the \a d transport )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1253	\endlist
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1254
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1255	If however the authentication header (preceded by the magic bytes) and
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1256	any authenticated payload is received the method will determine the
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1257	authentication status, and return true.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1258
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1259	In the following cases as well as returning true it will also emit
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1260	an authViolation():
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1261	\list
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1262	\i If the program id claimed by the message is not found in the key file
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1263	(status NoSuchKey is set on the \a d transport )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1264	\i The authentication token failed against the claimed program id:
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1265	\list
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1266	\i in the case of trusted transports, the secret did not match
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1267	\i in the case of untrusted transports the HMAC code did not match
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1268	\endlist
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1269	(status FailMatch is set on the \a d transport )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1270	\endlist
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1271
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1272	In these cases the authViolation( QTransportAuth::Data d ) signal is emitted
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1273	and the error string can be obtained from the status like this:
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1274	\snippet doc/src/snippets/code/src_gui_embedded_qtransportauth_qws.cpp 4
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1275	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1276	bool QTransportAuth::authFromMessage( QTransportAuth::Data &d, const char *msg, int msgLen )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1277	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1278	if ( msgLen < QSXE_MAGIC_BYTES )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1279	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1280	d.status = ( d.status & QTransportAuth::StatusMask ) \| QTransportAuth::TooSmall;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1281	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1282	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1283	// if no magic bytes, exit straight away
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1284	int m;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1285	const unsigned char mptr = reinterpret_cast<const unsigned char >(msg);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1286	for ( m = 0; m < QSXE_MAGIC_BYTES; ++m )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1287	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1288	if ( *mptr++ != magic[m] )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1289	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1290	d.status = ( d.status & QTransportAuth::StatusMask ) \| QTransportAuth::NoMagic;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1291	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1292	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1293	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1294
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1295	if ( msgLen < AUTH_SPACE(1) )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1296	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1297	d.status = ( d.status & QTransportAuth::StatusMask ) \| QTransportAuth::TooSmall;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1298	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1299	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1300
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1301	// At this point we know the header is at least long enough to contain valid auth
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1302	// data, however the data may be spoofed. If it is not verified then the status will
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1303	// be set to uncertified so the spoofed data will not be relied on. However we want to
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1304	// know the program id which is being reported (even if it might be spoofed) for
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1305	// policy debugging purposes. So set it here, rather than after verification.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1306	d.progId = msg[QSXE_PROG_IDX];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1307
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1308	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1309	char authhdr[QSXE_HEADER_LEN*2+1];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1310	hexstring( authhdr, reinterpret_cast<const unsigned char *>(msg), QSXE_HEADER_LEN );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1311	qDebug( "%d SERVER authFromMessage(): message header is %s",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1312	getpid(), authhdr );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1313	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1314
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1315	unsigned char authLen = (unsigned char)(msg[ QSXE_LEN_IDX ]);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1316
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1317	if ( msgLen < AUTH_SPACE(authLen) )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1318	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1319	d.status = ( d.status & QTransportAuth::StatusMask ) \| QTransportAuth::TooSmall;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1320	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1321	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1322
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1323	bool isCached = d_func()->keyCache.contains( d.progId );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1324	const unsigned char *clientKey = d_func()->getClientKey( d.progId );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1325	if ( clientKey == NULL )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1326	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1327	d.status = ( d.status & QTransportAuth::StatusMask ) \| QTransportAuth::NoSuchKey;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1328	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1329	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1330
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1331	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1332	char keydisplay[QSXE_KEY_LEN*2+1];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1333	hexstring( keydisplay, clientKey, QSXE_KEY_LEN );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1334	qDebug( "\t\tauthFromMessage(): message %s against prog id %u and key %s\n",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1335	AUTH_DATA(msg), ((unsigned int)d.progId), keydisplay );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1336	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1337
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1338	const unsigned char *auth_tok;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1339	unsigned char digest[QSXE_KEY_LEN];
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1340	bool multi_tok = false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1341
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1342	bool need_to_recheck=false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1343	do
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1344	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1345	if ( !d.trusted())
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1346	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1347	hmac_md5( AUTH_DATA(msg), authLen, clientKey, QSXE_KEY_LEN, digest );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1348	auth_tok = digest;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1349	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1350	else
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1351	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1352	auth_tok = clientKey;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1353	multi_tok = true; // 1 or more keys are in the clientKey
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1354	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1355	while( true )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1356	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1357	if ( memcmp( auth_tok, magic, QSXE_MAGIC_BYTES ) == 0
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1358	&& memcmp( auth_tok + QSXE_MAGIC_BYTES, magic, QSXE_MAGIC_BYTES ) == 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1359	break;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1360	if ( memcmp( msg + QSXE_KEY_IDX, auth_tok, QSXE_KEY_LEN ) == 0 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1361	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1362	d.status = ( d.status & QTransportAuth::StatusMask ) \| QTransportAuth::Success;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1363	return true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1364	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1365	if ( !multi_tok )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1366	break;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1367	auth_tok += QSXE_KEY_LEN;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1368	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1369	//the keys cached on d.progId may not contain the binary key because the cache entry was made
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1370	//before the binary had first started, must search for client key again.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1371	if ( isCached )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1372	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1373	d_func()->keyCache.remove(d.progId);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1374	isCached = false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1375
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1376	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1377	qDebug() << "QTransportAuth::authFromMessage(): key not found in set of keys cached"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1378	<< "against prog Id =" << d.progId << ". Re-obtaining client key. ";
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1379	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1380	clientKey = d_func()->getClientKey( d.progId );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1381	if ( clientKey == NULL )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1382	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1383	d.status = ( d.status & QTransportAuth::StatusMask ) \| QTransportAuth::NoSuchKey;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1384	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1385	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1386	need_to_recheck = true;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1387	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1388	else
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1389	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1390	need_to_recheck = false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1391	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1392	} while( need_to_recheck );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1393
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1394	d.status = ( d.status & QTransportAuth::StatusMask ) \| QTransportAuth::FailMatch;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1395	qWarning() << "QTransportAuth::authFromMessage():failed authentication";
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1396	FAREnforcer::getInstance()->logAuthAttempt( QDateTime::currentDateTime() );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1397	emit authViolation( d );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1398	return false;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1399	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1400
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1401
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1402	#ifdef QTRANSPORTAUTH_DEBUG
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1403	/*!
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1404	sprintf into hex - dest \a buf, src \a key, \a key_len is length of key.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1405
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1406	The target buf should be [ key_len * 2 + 1 ] in size
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1407	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1408	void hexstring( char buf, const unsigned char key, size_t key_len )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1409	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1410	unsigned int i, p;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1411	for ( i = 0, p = 0; i < key_len; i++, p+=2 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1412	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1413	unsigned char lo_nibble = key[i] & 0x0f;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1414	unsigned char hi_nibble = key[i] >> 4;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1415	buf[p] = (int)hi_nibble > 9 ? hi_nibble-10 + 'A' : hi_nibble + '0';
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1416	buf[p+1] = (int)lo_nibble > 9 ? lo_nibble-10 + 'A' : lo_nibble + '0';
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1417	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1418	buf[p] = '\0';
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1419	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1420	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1421
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1422	/*
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1423	HMAC MD5 as listed in RFC 2104
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1424
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1425	This code is taken from:
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1426
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1427	http://www.faqs.org/rfcs/rfc2104.html
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1428
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1429	with the allowance for keys other than length 16 removed, but otherwise
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1430	a straight cut-and-paste.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1431
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1432	The HMAC_MD5 transform looks like:
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1433
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1434	\snippet doc/src/snippets/code/src.gui.embedded.qtransportauth_qws.cpp 5
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1435
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1436	\list
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1437	\i where K is an n byte key
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1438	\i ipad is the byte 0x36 repeated 64 times
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1439	\i opad is the byte 0x5c repeated 64 times
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1440	\i and text is the data being protected
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1441	\endlist
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1442
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1443	Hardware is available with accelerated implementations of HMAC-MD5 and
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1444	HMAC-SHA1. Where this hardware is available, this routine should be
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1445	replaced with a call into the accelerated version.
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1446	*/
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1447
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1448	static int hmac_md5(
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1449	unsigned char* text, /* pointer to data stream */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1450	int text_length, /* length of data stream */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1451	const unsigned char* key, /* pointer to authentication key */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1452	int key_length, /* length of authentication key */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1453	unsigned char * digest /* caller digest to be filled in */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1454	)
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1455	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1456	MD5Context context;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1457	unsigned char k_ipad[65]; /* inner padding - * key XORd with ipad */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1458	unsigned char k_opad[65]; /* outer padding - * key XORd with opad */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1459	int i;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1460
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1461	/* in this implementation key_length == 16 */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1462	if ( key_length != 16 )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1463	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1464	fprintf( stderr, "Key length was %d - must be 16 bytes", key_length );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1465	return 0;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1466	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1467
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1468	/* start out by storing key in pads */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1469	memset( k_ipad, 0, sizeof k_ipad );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1470	memset( k_opad, 0, sizeof k_opad );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1471	memcpy( k_ipad, key, key_length );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1472	memcpy( k_opad, key, key_length );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1473
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1474	/* XOR key with ipad and opad values */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1475	for (i=0; i<64; i++) {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1476	k_ipad[i] ^= 0x36;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1477	k_opad[i] ^= 0x5c;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1478	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1479
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1480	/* perform inner MD5 */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1481	MD5Init(&context); /* init context for 1st pass */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1482	MD5Update(&context, k_ipad, 64); /* start with inner pad */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1483	MD5Update(&context, text, text_length); /* then text of datagram */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1484	MD5Final(&context, digest); /* finish up 1st pass */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1485
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1486	/* perform outer MD5 */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1487	MD5Init(&context); /* init context for 2nd pass */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1488	MD5Update(&context, k_opad, 64); /* start with outer pad */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1489	MD5Update(&context, digest, 16); /* then results of 1st * hash */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1490	MD5Final(&context, digest); /* finish up 2nd pass */
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1491	return 1;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1492	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1493
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1494
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1495	const int FAREnforcer::minutelyRate = 4; //allowed number of false authentication attempts per minute
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1496	const QString FAREnforcer::FARMessage = QLatin1String("FAR_Exceeded");
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1497	const QString FAREnforcer::SxeTag = QLatin1String("<SXE Breach>");
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1498	const int FAREnforcer::minute = 60;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1499
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1500	FAREnforcer::FAREnforcer():authAttempts()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1501	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1502	QDateTime nullDateTime = QDateTime();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1503	for (int i = 0; i < minutelyRate; i++ )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1504	authAttempts << nullDateTime;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1505	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1506
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1507
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1508	FAREnforcer *FAREnforcer::getInstance()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1509	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1510	static FAREnforcer theInstance;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1511	return &theInstance;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1512	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1513
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1514	void FAREnforcer::logAuthAttempt( QDateTime time )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1515	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1516	QDateTime dt = authAttempts.takeFirst();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1517
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1518	authAttempts.append( time );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1519	if ( dt.secsTo( authAttempts.last() ) <= minute )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1520	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1521	#if defined(SXE_DISCOVERY)
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1522	if ( QTransportAuth::getInstance()->isDiscoveryMode() ) {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1523	static QBasicAtomicInt reported = Q_BASIC_ATOMIC_INITIALIZER(0);
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1524	if ( reported.testAndSetRelaxed(0,1) ) {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1525	#ifndef QT_NO_TEXTSTREAM
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1526	QString logFilePath = QTransportAuth::getInstance()->logFilePath();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1527	if ( !logFilePath.isEmpty() ) {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1528	QFile log( logFilePath );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1529	if ( !log.open(QIODevice::WriteOnly \| QIODevice::Append) ) {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1530	qWarning("Could not write to log in discovery mode: %s",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1531	qPrintable(logFilePath) );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1532	} else {
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1533	QTextStream ts( &log );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1534	ts << "\t\tWarning: False Authentication Rate of " << minutelyRate << "\n"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1535	<< "\t\tserver connections/authentications per minute has been exceeded,\n"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1536	<< "\t\tno further warnings will be issued\n";
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1537	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1538	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1539	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1540	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1541	reset();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1542	return;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1543	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1544	#endif
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1545	syslog( LOG_ERR \| LOG_LOCAL6, "%s %s",
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1546	qPrintable( FAREnforcer::SxeTag ),
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1547	qPrintable( FAREnforcer::FARMessage ) );
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1548	reset();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1549	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1550	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1551
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1552	void FAREnforcer::reset()
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1553	{
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1554	QDateTime nullDateTime = QDateTime();
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1555	for (int i = 0; i < minutelyRate; i++ )
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1556	authAttempts[i] = nullDateTime;
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1557	}
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1558
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1559	QT_END_NAMESPACE
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1560
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1561	#include "moc_qtransportauth_qws_p.cpp"
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1562
1918ee327afb Revision: 200952 Alex Gilkes <alex.gilkes@nokia.com> parents: diff changeset	1563	#endif // QT_NO_SXE

author	Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
	Tue, 26 Jan 2010 12:42:25 +0200
changeset 2	56cd8111b7f7
parent 0	1918ee327afb
child 4	3b1da2848fc7
permissions	-rw-r--r--