|
1 /**************************************************************************** |
|
2 ** |
|
3 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies). |
|
4 ** All rights reserved. |
|
5 ** Contact: Nokia Corporation (qt-info@nokia.com) |
|
6 ** |
|
7 ** This file is part of the QtGui module of the Qt Toolkit. |
|
8 ** |
|
9 ** $QT_BEGIN_LICENSE:LGPL$ |
|
10 ** No Commercial Usage |
|
11 ** This file contains pre-release code and may not be distributed. |
|
12 ** You may use this file in accordance with the terms and conditions |
|
13 ** contained in the Technology Preview License Agreement accompanying |
|
14 ** this package. |
|
15 ** |
|
16 ** GNU Lesser General Public License Usage |
|
17 ** Alternatively, this file may be used under the terms of the GNU Lesser |
|
18 ** General Public License version 2.1 as published by the Free Software |
|
19 ** Foundation and appearing in the file LICENSE.LGPL included in the |
|
20 ** packaging of this file. Please review the following information to |
|
21 ** ensure the GNU Lesser General Public License version 2.1 requirements |
|
22 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. |
|
23 ** |
|
24 ** In addition, as a special exception, Nokia gives you certain additional |
|
25 ** rights. These rights are described in the Nokia Qt LGPL Exception |
|
26 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. |
|
27 ** |
|
28 ** If you have questions regarding the use of this file, please contact |
|
29 ** Nokia at qt-info@nokia.com. |
|
30 ** |
|
31 ** |
|
32 ** |
|
33 ** |
|
34 ** |
|
35 ** |
|
36 ** |
|
37 ** |
|
38 ** $QT_END_LICENSE$ |
|
39 ** |
|
40 ****************************************************************************/ |
|
41 |
|
42 #ifndef QTRANSPORTAUTH_QWS_P_H |
|
43 #define QTRANSPORTAUTH_QWS_P_H |
|
44 |
|
45 // |
|
46 // W A R N I N G |
|
47 // ------------- |
|
48 // |
|
49 // This file is not part of the Qt API. It exists purely as an |
|
50 // implementation detail. This header file may change from version to |
|
51 // version without notice, or even be removed. |
|
52 // |
|
53 // We mean it. |
|
54 // |
|
55 |
|
56 #include <QtCore/qglobal.h> |
|
57 |
|
58 #ifndef QT_NO_SXE |
|
59 |
|
60 #include "qtransportauth_qws.h" |
|
61 #include "qtransportauthdefs_qws.h" |
|
62 #include "qbuffer.h" |
|
63 |
|
64 #include <qmutex.h> |
|
65 #include <qdatetime.h> |
|
66 #include "private/qobject_p.h" |
|
67 |
|
68 #include <QtCore/qcache.h> |
|
69 |
|
70 QT_BEGIN_NAMESPACE |
|
71 |
|
72 // Uncomment to generate debug output |
|
73 // #define QTRANSPORTAUTH_DEBUG 1 |
|
74 |
|
75 #ifdef QTRANSPORTAUTH_DEBUG |
|
76 void hexstring( char *buf, const unsigned char* key, size_t sz ); |
|
77 #endif |
|
78 |
|
79 // proj id for ftok usage in sxe |
|
80 #define SXE_PROJ 10022 |
|
81 |
|
82 /*! |
|
83 \internal |
|
84 memset for security purposes, guaranteed not to be optimized away |
|
85 http://www.faqs.org/docs/Linux-HOWTO/Secure-Programs-HOWTO.html |
|
86 */ |
|
87 void *guaranteed_memset(void *v,int c,size_t n); |
|
88 |
|
89 class QUnixSocketMessage; |
|
90 |
|
91 /*! |
|
92 \internal |
|
93 \class AuthCookie |
|
94 Struct to carry process authentication key and id |
|
95 */ |
|
96 #define QSXE_HEADER_LEN 24 |
|
97 |
|
98 /*! |
|
99 \macro AUTH_ID |
|
100 Macro to manage authentication header. Format of header is: |
|
101 \table |
|
102 \header \i BYTES \i CONTENT |
|
103 \row \i 0-3 \i magic numbers |
|
104 \row \i 4 \i length of authenticated data (max 255 bytes) |
|
105 \row i\ 5 \i reserved |
|
106 \row \i 6-21 \i MAC digest, or shared secret in case of simple auth |
|
107 \row \i 22 \i program id |
|
108 \row \i 23 \i sequence number |
|
109 \endtable |
|
110 Total length of the header is 24 bytes |
|
111 |
|
112 However this may change. Instead of coding these numbers use the AUTH_ID, |
|
113 AUTH_KEY, AUTH_DATA and AUTH_SPACE macros. |
|
114 */ |
|
115 |
|
116 #define AUTH_ID(k) ((unsigned char)(k[QSXE_KEY_LEN])) |
|
117 #define AUTH_KEY(k) ((unsigned char *)(k)) |
|
118 |
|
119 #define AUTH_DATA(x) (unsigned char *)((x) + QSXE_HEADER_LEN) |
|
120 #define AUTH_SPACE(x) ((x) + QSXE_HEADER_LEN) |
|
121 #define QSXE_LEN_IDX 4 |
|
122 #define QSXE_KEY_IDX 6 |
|
123 #define QSXE_PROG_IDX 22 |
|
124 #define QSXE_SEQ_IDX 23 |
|
125 |
|
126 class SxeRegistryLocker : public QObject |
|
127 { |
|
128 Q_OBJECT |
|
129 public: |
|
130 SxeRegistryLocker( QObject * ); |
|
131 ~SxeRegistryLocker(); |
|
132 bool success() const { return m_success; } |
|
133 private: |
|
134 bool m_success; |
|
135 QObject *m_reg; |
|
136 }; |
|
137 |
|
138 class QTransportAuthPrivate : public QObjectPrivate |
|
139 { |
|
140 Q_DECLARE_PUBLIC(QTransportAuth) |
|
141 public: |
|
142 QTransportAuthPrivate(); |
|
143 ~QTransportAuthPrivate(); |
|
144 |
|
145 const unsigned char *getClientKey( unsigned char progId ); |
|
146 void invalidateClientKeyCache(); |
|
147 |
|
148 bool keyInitialised; |
|
149 QString m_logFilePath; |
|
150 QString m_keyFilePath; |
|
151 QObject *m_packageRegistry; |
|
152 AuthCookie authKey; |
|
153 QCache<unsigned char, char> keyCache; |
|
154 QHash< QObject*, QIODevice*> buffersByClient; |
|
155 QMutex keyfileMutex; |
|
156 }; |
|
157 |
|
158 /*! |
|
159 \internal |
|
160 Enforces the False Authentication Rate. If more than 4 authentications |
|
161 are received per minute the sxemonitor is notified that the FAR has been exceeded |
|
162 */ |
|
163 class FAREnforcer |
|
164 { |
|
165 public: |
|
166 static FAREnforcer *getInstance(); |
|
167 void logAuthAttempt( QDateTime time = QDateTime::currentDateTime() ); |
|
168 void reset(); |
|
169 |
|
170 #ifndef TEST_FAR_ENFORCER |
|
171 private: |
|
172 #endif |
|
173 FAREnforcer(); |
|
174 FAREnforcer( const FAREnforcer & ); |
|
175 FAREnforcer &operator=(FAREnforcer const & ); |
|
176 |
|
177 static const QString FARMessage; |
|
178 static const int minutelyRate; |
|
179 static const QString SxeTag; |
|
180 static const int minute; |
|
181 |
|
182 QList<QDateTime> authAttempts; |
|
183 }; |
|
184 |
|
185 QT_END_NAMESPACE |
|
186 |
|
187 #endif // QT_NO_SXE |
|
188 #endif // QTRANSPORTAUTH_QWS_P_H |
|
189 |