← Back to branch summary

~ubuntu-branches/ubuntu/oneiric/psi/oneiric

« back to all changes in this revision

Viewing changes to iris/xmpp-core/securestream.cpp

  • Committer: Bazaar Package Importer
  • Author(s): Jan Niehusmann
  • Date: 2005-01-10 17:41:43 UTC
  • mfrom: (1.2.1 upstream) (2.1.2 hoary)
  • Revision ID: james.westby@ubuntu.com-20050110174143-ltocv5zapl6blf5d
Tags: 0.9.3-1
* New upstream release
* Cleaned up debian/rules (some things are done by upstream Makefiles now)
* Fixed some lintian warnings:
  - removed executable bit from some .png files
  - moved psi.desktop to /usr/share/applications
* Updated menu files

Show diffs side-by-side

added added

removed removed

Lines of Context:
iris/xmpp-core/securestream.cpp
 
1
/*
 
2
 * securestream.cpp - combines a ByteStream with TLS and SASL
 
3
 * Copyright (C) 2004  Justin Karneges
 
4
 *
 
5
 * This library is free software; you can redistribute it and/or
 
6
 * modify it under the terms of the GNU Lesser General Public
 
7
 * License as published by the Free Software Foundation; either
 
8
 * version 2.1 of the License, or (at your option) any later version.
 
9
 *
 
10
 * This library is distributed in the hope that it will be useful,
 
11
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 
12
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 
13
 * Lesser General Public License for more details.
 
14
 *
 
15
 * You should have received a copy of the GNU Lesser General Public
 
16
 * License along with this library; if not, write to the Free Software
 
17
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 
18
 *
 
19
 */
 
20
 
 
21
/*
 
22
  Note: SecureStream depends on the underlying security layers to signal
 
23
    plain-to-encrypted results immediately (as opposed to waiting for the
 
24
    event loop) so that the user cannot add/remove security layers during
 
25
    this conversion moment.  QCA::TLS and QCA::SASL behave as expected,
 
26
    but future layers might not.
 
27
*/
 
28
 
 
29
#include"securestream.h"
 
30
 
 
31
#include<qguardedptr.h>
 
32
#include<qvaluelist.h>
 
33
#include<qtimer.h>
 
34
 
 
35
#ifdef USE_TLSHANDLER
 
36
#include"xmpp.h"
 
37
#endif
 
38
 
 
39
//----------------------------------------------------------------------------
 
40
// LayerTracker
 
41
//----------------------------------------------------------------------------
 
42
class LayerTracker
 
43
{
 
44
public:
 
45
        struct Item
 
46
        {
 
47
                int plain;
 
48
                int encoded;
 
49
        };
 
50
 
 
51
        LayerTracker();
 
52
 
 
53
        void reset();
 
54
        void addPlain(int plain);
 
55
        void specifyEncoded(int encoded, int plain);
 
56
        int finished(int encoded);
 
57
 
 
58
        int p;
 
59
        QValueList<Item> list;
 
60
};
 
61
 
 
62
LayerTracker::LayerTracker()
 
63
{
 
64
        p = 0;
 
65
}
 
66
 
 
67
void LayerTracker::reset()
 
68
{
 
69
        p = 0;
 
70
        list.clear();
 
71
}
 
72
 
 
73
void LayerTracker::addPlain(int plain)
 
74
{
 
75
        p += plain;
 
76
}
 
77
 
 
78
void LayerTracker::specifyEncoded(int encoded, int plain)
 
79
{
 
80
        // can't specify more bytes than we have
 
81
        if(plain > p)
 
82
                plain = p;
 
83
        p -= plain;
 
84
        Item i;
 
85
        i.plain = plain;
 
86
        i.encoded = encoded;
 
87
        list += i;
 
88
}
 
89
 
 
90
int LayerTracker::finished(int encoded)
 
91
{
 
92
        int plain = 0;
 
93
        for(QValueList<Item>::Iterator it = list.begin(); it != list.end();) {
 
94
                Item &i = *it;
 
95
 
 
96
                // not enough?
 
97
                if(encoded < i.encoded) {
 
98
                        i.encoded -= encoded;
 
99
                        break;
 
100
                }
 
101
 
 
102
                encoded -= i.encoded;
 
103
                plain += i.plain;
 
104
                it = list.remove(it);
 
105
        }
 
106
        return plain;
 
107
}
 
108
 
 
109
//----------------------------------------------------------------------------
 
110
// SecureStream
 
111
//----------------------------------------------------------------------------
 
112
class SecureLayer : public QObject
 
113
{
 
114
        Q_OBJECT
 
115
public:
 
116
        enum { TLS, SASL, TLSH };
 
117
        int type;
 
118
        union {
 
119
                QCA::TLS *tls;
 
120
                QCA::SASL *sasl;
 
121
#ifdef USE_TLSHANDLER
 
122
                XMPP::TLSHandler *tlsHandler;
 
123
#endif
 
124
        } p;
 
125
        LayerTracker layer;
 
126
        bool tls_done;
 
127
        int prebytes;
 
128
 
 
129
        SecureLayer(QCA::TLS *t)
 
130
        {
 
131
                type = TLS;
 
132
                p.tls = t;
 
133
                init();
 
134
                connect(p.tls, SIGNAL(handshaken()), SLOT(tls_handshaken()));
 
135
                connect(p.tls, SIGNAL(readyRead()), SLOT(tls_readyRead()));
 
136
                connect(p.tls, SIGNAL(readyReadOutgoing(int)), SLOT(tls_readyReadOutgoing(int)));
 
137
                connect(p.tls, SIGNAL(closed()), SLOT(tls_closed()));
 
138
                connect(p.tls, SIGNAL(error(int)), SLOT(tls_error(int)));
 
139
        }
 
140
 
 
141
        SecureLayer(QCA::SASL *s)
 
142
        {
 
143
                type = SASL;
 
144
                p.sasl = s;
 
145
                init();
 
146
                connect(p.sasl, SIGNAL(readyRead()), SLOT(sasl_readyRead()));
 
147
                connect(p.sasl, SIGNAL(readyReadOutgoing(int)), SLOT(sasl_readyReadOutgoing(int)));
 
148
                connect(p.sasl, SIGNAL(error(int)), SLOT(sasl_error(int)));
 
149
        }
 
150
 
 
151
#ifdef USE_TLSHANDLER
 
152
        SecureLayer(XMPP::TLSHandler *t)
 
153
        {
 
154
                type = TLSH;
 
155
                p.tlsHandler = t;
 
156
                init();
 
157
                connect(p.tlsHandler, SIGNAL(success()), SLOT(tlsHandler_success()));
 
158
                connect(p.tlsHandler, SIGNAL(fail()), SLOT(tlsHandler_fail()));
 
159
                connect(p.tlsHandler, SIGNAL(closed()), SLOT(tlsHandler_closed()));
 
160
                connect(p.tlsHandler, SIGNAL(readyRead(const QByteArray &)), SLOT(tlsHandler_readyRead(const QByteArray &)));
 
161
                connect(p.tlsHandler, SIGNAL(readyReadOutgoing(const QByteArray &, int)), SLOT(tlsHandler_readyReadOutgoing(const QByteArray &, int)));
 
162
        }
 
163
#endif
 
164
 
 
165
        void init()
 
166
        {
 
167
                tls_done = false;
 
168
                prebytes = 0;
 
169
        }
 
170
 
 
171
        void write(const QByteArray &a)
 
172
        {
 
173
                layer.addPlain(a.size());
 
174
                switch(type) {
 
175
                        case TLS:  { p.tls->write(a); break; }
 
176
                        case SASL: { p.sasl->write(a); break; }
 
177
#ifdef USE_TLSHANDLER
 
178
                        case TLSH: { p.tlsHandler->write(a); break; }
 
179
#endif
 
180
                }
 
181
        }
 
182
 
 
183
        void writeIncoming(const QByteArray &a)
 
184
        {
 
185
                switch(type) {
 
186
                        case TLS:  { p.tls->writeIncoming(a); break; }
 
187
                        case SASL: { p.sasl->writeIncoming(a); break; }
 
188
#ifdef USE_TLSHANDLER
 
189
                        case TLSH: { p.tlsHandler->writeIncoming(a); break; }
 
190
#endif
 
191
                }
 
192
        }
 
193
 
 
194
        int finished(int plain)
 
195
        {
 
196
                int written = 0;
 
197
 
 
198
                // deal with prebytes (bytes sent prior to this security layer)
 
199
                if(prebytes > 0) {
 
200
                        if(prebytes >= plain) {
 
201
                                written += plain;
 
202
                                prebytes -= plain;
 
203
                                plain = 0;
 
204
                        }
 
205
                        else {
 
206
                                written += prebytes;
 
207
                                plain -= prebytes;
 
208
                                prebytes = 0;
 
209
                        }
 
210
                }
 
211
 
 
212
                // put remainder into the layer tracker
 
213
                if(type == SASL || tls_done)
 
214
                        written += layer.finished(plain);
 
215
 
 
216
                return written;
 
217
        }
 
218
 
 
219
signals:
 
220
        void tlsHandshaken();
 
221
        void tlsClosed(const QByteArray &);
 
222
        void readyRead(const QByteArray &);
 
223
        void needWrite(const QByteArray &);
 
224
        void error(int);
 
225
 
 
226
private slots:
 
227
        void tls_handshaken()
 
228
        {
 
229
                tls_done = true;
 
230
                tlsHandshaken();
 
231
        }
 
232
 
 
233
        void tls_readyRead()
 
234
        {
 
235
                QByteArray a = p.tls->read();
 
236
                readyRead(a);
 
237
        }
 
238
 
 
239
        void tls_readyReadOutgoing(int plainBytes)
 
240
        {
 
241
                QByteArray a = p.tls->readOutgoing();
 
242
                if(tls_done)
 
243
                        layer.specifyEncoded(a.size(), plainBytes);
 
244
                needWrite(a);
 
245
        }
 
246
 
 
247
        void tls_closed()
 
248
        {
 
249
                QByteArray a = p.tls->readUnprocessed();
 
250
                tlsClosed(a);
 
251
        }
 
252
 
 
253
        void tls_error(int x)
 
254
        {
 
255
                error(x);
 
256
        }
 
257
 
 
258
        void sasl_readyRead()
 
259
        {
 
260
                QByteArray a = p.sasl->read();
 
261
                readyRead(a);
 
262
        }
 
263
 
 
264
        void sasl_readyReadOutgoing(int plainBytes)
 
265
        {
 
266
                QByteArray a = p.sasl->readOutgoing();
 
267
                layer.specifyEncoded(a.size(), plainBytes);
 
268
                needWrite(a);
 
269
        }
 
270
 
 
271
        void sasl_error(int x)
 
272
        {
 
273
                error(x);
 
274
        }
 
275
 
 
276
#ifdef USE_TLSHANDLER
 
277
        void tlsHandler_success()
 
278
        {
 
279
                tls_done = true;
 
280
                tlsHandshaken();
 
281
        }
 
282
 
 
283
        void tlsHandler_fail()
 
284
        {
 
285
                error(0);
 
286
        }
 
287
 
 
288
        void tlsHandler_closed()
 
289
        {
 
290
                tlsClosed(QByteArray());
 
291
        }
 
292
 
 
293
        void tlsHandler_readyRead(const QByteArray &a)
 
294
        {
 
295
                readyRead(a);
 
296
        }
 
297
 
 
298
        void tlsHandler_readyReadOutgoing(const QByteArray &a, int plainBytes)
 
299
        {
 
300
                if(tls_done)
 
301
                        layer.specifyEncoded(a.size(), plainBytes);
 
302
                needWrite(a);
 
303
        }
 
304
#endif
 
305
};
 
306
 
 
307
#include"securestream.moc"
 
308
 
 
309
class SecureStream::Private
 
310
{
 
311
public:
 
312
        ByteStream *bs;
 
313
        QPtrList<SecureLayer> layers;
 
314
        int pending;
 
315
        int errorCode;
 
316
        bool active;
 
317
        bool topInProgress;
 
318
 
 
319
        bool haveTLS() const
 
320
        {
 
321
                QPtrListIterator<SecureLayer> it(layers);
 
322
                for(SecureLayer *s; (s = it.current()); ++it) {
 
323
                        if(s->type == SecureLayer::TLS
 
324
#ifdef USE_TLSHANDLER
 
325
                        || s->type == SecureLayer::TLSH
 
326
#endif
 
327
                        ) {
 
328
                                return true;
 
329
                        }
 
330
                }
 
331
                return false;
 
332
        }
 
333
 
 
334
        bool haveSASL() const
 
335
        {
 
336
                QPtrListIterator<SecureLayer> it(layers);
 
337
                for(SecureLayer *s; (s = it.current()); ++it) {
 
338
                        if(s->type == SecureLayer::SASL)
 
339
                                return true;
 
340
                }
 
341
                return false;
 
342
        }
 
343
};
 
344
 
 
345
SecureStream::SecureStream(ByteStream *s)
 
346
:ByteStream(0)
 
347
{
 
348
        d = new Private;
 
349
 
 
350
        d->bs = s;
 
351
        connect(d->bs, SIGNAL(readyRead()), SLOT(bs_readyRead()));
 
352
        connect(d->bs, SIGNAL(bytesWritten(int)), SLOT(bs_bytesWritten(int)));
 
353
 
 
354
        d->layers.setAutoDelete(true);
 
355
        d->pending = 0;
 
356
        d->active = true;
 
357
        d->topInProgress = false;
 
358
}
 
359
 
 
360
SecureStream::~SecureStream()
 
361
{
 
362
        delete d;
 
363
}
 
364
 
 
365
void SecureStream::linkLayer(QObject *s)
 
366
{
 
367
        connect(s, SIGNAL(tlsHandshaken()), SLOT(layer_tlsHandshaken()));
 
368
        connect(s, SIGNAL(tlsClosed(const QByteArray &)), SLOT(layer_tlsClosed(const QByteArray &)));
 
369
        connect(s, SIGNAL(readyRead(const QByteArray &)), SLOT(layer_readyRead(const QByteArray &)));
 
370
        connect(s, SIGNAL(needWrite(const QByteArray &)), SLOT(layer_needWrite(const QByteArray &)));
 
371
        connect(s, SIGNAL(error(int)), SLOT(layer_error(int)));
 
372
}
 
373
 
 
374
int SecureStream::calcPrebytes() const
 
375
{
 
376
        int x = 0;
 
377
        QPtrListIterator<SecureLayer> it(d->layers);
 
378
        for(SecureLayer *s; (s = it.current()); ++it)
 
379
                x += s->prebytes;
 
380
        return (d->pending - x);
 
381
}
 
382
 
 
383
void SecureStream::startTLSClient(QCA::TLS *t, const QByteArray &spare)
 
384
{
 
385
        if(!d->active || d->topInProgress || d->haveTLS())
 
386
                return;
 
387
 
 
388
        SecureLayer *s = new SecureLayer(t);
 
389
        s->prebytes = calcPrebytes();
 
390
        linkLayer(s);
 
391
        d->layers.append(s);
 
392
        d->topInProgress = true;
 
393
 
 
394
        insertData(spare);
 
395
}
 
396
 
 
397
void SecureStream::startTLSServer(QCA::TLS *t, const QByteArray &spare)
 
398
{
 
399
        if(!d->active || d->topInProgress || d->haveTLS())
 
400
                return;
 
401
 
 
402
        SecureLayer *s = new SecureLayer(t);
 
403
        s->prebytes = calcPrebytes();
 
404
        linkLayer(s);
 
405
        d->layers.append(s);
 
406
        d->topInProgress = true;
 
407
 
 
408
        insertData(spare);
 
409
}
 
410
 
 
411
void SecureStream::setLayerSASL(QCA::SASL *sasl, const QByteArray &spare)
 
412
{
 
413
        if(!d->active || d->topInProgress || d->haveSASL())
 
414
                return;
 
415
 
 
416
        SecureLayer *s = new SecureLayer(sasl);
 
417
        s->prebytes = calcPrebytes();
 
418
        linkLayer(s);
 
419
        d->layers.append(s);
 
420
 
 
421
        insertData(spare);
 
422
}
 
423
 
 
424
#ifdef USE_TLSHANDLER
 
425
void SecureStream::startTLSClient(XMPP::TLSHandler *t, const QString &server, const QByteArray &spare)
 
426
{
 
427
        if(!d->active || d->topInProgress || d->haveTLS())
 
428
                return;
 
429
 
 
430
        SecureLayer *s = new SecureLayer(t);
 
431
        s->prebytes = calcPrebytes();
 
432
        linkLayer(s);
 
433
        d->layers.append(s);
 
434
        d->topInProgress = true;
 
435
 
 
436
        // unlike QCA::TLS, XMPP::TLSHandler has no return value
 
437
        s->p.tlsHandler->startClient(server);
 
438
 
 
439
        insertData(spare);
 
440
}
 
441
#endif
 
442
 
 
443
void SecureStream::closeTLS()
 
444
{
 
445
        SecureLayer *s = d->layers.getLast();
 
446
        if(s) {
 
447
                if(s->type == SecureLayer::TLS)
 
448
                        s->p.tls->close();
 
449
        }
 
450
}
 
451
 
 
452
int SecureStream::errorCode() const
 
453
{
 
454
        return d->errorCode;
 
455
}
 
456
 
 
457
bool SecureStream::isOpen() const
 
458
{
 
459
        return d->active;
 
460
}
 
461
 
 
462
void SecureStream::write(const QByteArray &a)
 
463
{
 
464
        if(!isOpen())
 
465
                return;
 
466
 
 
467
        d->pending += a.size();
 
468
 
 
469
        // send to the last layer
 
470
        SecureLayer *s = d->layers.getLast();
 
471
        if(s)
 
472
                s->write(a);
 
473
        else
 
474
                writeRawData(a);
 
475
}
 
476
 
 
477
int SecureStream::bytesToWrite() const
 
478
{
 
479
        return d->pending;
 
480
}
 
481
 
 
482
void SecureStream::bs_readyRead()
 
483
{
 
484
        QByteArray a = d->bs->read();
 
485
 
 
486
        // send to the first layer
 
487
        SecureLayer *s = d->layers.getFirst();
 
488
        if(s)
 
489
                s->writeIncoming(a);
 
490
        else
 
491
                incomingData(a);
 
492
}
 
493
 
 
494
void SecureStream::bs_bytesWritten(int bytes)
 
495
{
 
496
        QPtrListIterator<SecureLayer> it(d->layers);
 
497
        for(SecureLayer *s; (s = it.current()); ++it)
 
498
                bytes = s->finished(bytes);
 
499
 
 
500
        if(bytes > 0) {
 
501
                d->pending -= bytes;
 
502
                bytesWritten(bytes);
 
503
        }
 
504
}
 
505
 
 
506
void SecureStream::layer_tlsHandshaken()
 
507
{
 
508
        d->topInProgress = false;
 
509
        tlsHandshaken();
 
510
}
 
511
 
 
512
void SecureStream::layer_tlsClosed(const QByteArray &)
 
513
{
 
514
        d->active = false;
 
515
        d->layers.clear();
 
516
        tlsClosed();
 
517
}
 
518
 
 
519
void SecureStream::layer_readyRead(const QByteArray &a)
 
520
{
 
521
        SecureLayer *s = (SecureLayer *)sender();
 
522
        QPtrListIterator<SecureLayer> it(d->layers);
 
523
        while(it.current() != s)
 
524
                ++it;
 
525
 
 
526
        // pass upwards
 
527
        ++it;
 
528
        s = it.current();
 
529
        if(s)
 
530
                s->writeIncoming(a);
 
531
        else
 
532
                incomingData(a);
 
533
}
 
534
 
 
535
void SecureStream::layer_needWrite(const QByteArray &a)
 
536
{
 
537
        SecureLayer *s = (SecureLayer *)sender();
 
538
        QPtrListIterator<SecureLayer> it(d->layers);
 
539
        while(it.current() != s)
 
540
                ++it;
 
541
 
 
542
        // pass downwards
 
543
        --it;
 
544
        s = it.current();
 
545
        if(s)
 
546
                s->write(a);
 
547
        else
 
548
                writeRawData(a);
 
549
}
 
550
 
 
551
void SecureStream::layer_error(int x)
 
552
{
 
553
        SecureLayer *s = (SecureLayer *)sender();
 
554
        int type = s->type;
 
555
        d->errorCode = x;
 
556
        d->active = false;
 
557
        d->layers.clear();
 
558
        if(type == SecureLayer::TLS)
 
559
                error(ErrTLS);
 
560
        else if(type == SecureLayer::SASL)
 
561
                error(ErrSASL);
 
562
#ifdef USE_TLSHANDLER
 
563
        else if(type == SecureLayer::TLSH)
 
564
                error(ErrTLS);
 
565
#endif
 
566
}
 
567
 
 
568
void SecureStream::insertData(const QByteArray &a)
 
569
{
 
570
        if(!a.isEmpty()) {
 
571
                SecureLayer *s = d->layers.getLast();
 
572
                if(s)
 
573
                        s->writeIncoming(a);
 
574
                else
 
575
                        incomingData(a);
 
576
        }
 
577
}
 
578
 
 
579
void SecureStream::writeRawData(const QByteArray &a)
 
580
{
 
581
        d->bs->write(a);
 
582
}
 
583
 
 
584
void SecureStream::incomingData(const QByteArray &a)
 
585
{
 
586
        appendRead(a);
 
587
        if(bytesAvailable())
 
588
                readyRead();
 
589
}