qt-everywhere-src-5.14.1/qtbase/examples/network/secureudpserver/server.cpp - orbit - Git at Google

 /****************************************************************************
 **
 ** Copyright (C) 2018 The Qt Company Ltd.
 ** Contact: https://www.qt.io/licensing/
 **
 ** This file is part of the examples of the Qt Toolkit.
 **
 ** $QT_BEGIN_LICENSE:BSD$
 ** Commercial License Usage
 ** Licensees holding valid commercial Qt licenses may use this file in
 ** accordance with the commercial license agreement provided with the
 ** Software or, alternatively, in accordance with the terms contained in
 ** a written agreement between you and The Qt Company. For licensing terms
 ** and conditions see https://www.qt.io/terms-conditions. For further
 ** information use the contact form at https://www.qt.io/contact-us.
 **
 ** BSD License Usage
 ** Alternatively, you may use this file under the terms of the BSD license
 ** as follows:
 **
 ** "Redistribution and use in source and binary forms, with or without
 ** modification, are permitted provided that the following conditions are
 ** met:
 **   * Redistributions of source code must retain the above copyright
 **     notice, this list of conditions and the following disclaimer.
 **   * Redistributions in binary form must reproduce the above copyright
 **     notice, this list of conditions and the following disclaimer in
 **     the documentation and/or other materials provided with the
 **     distribution.
 **   * Neither the name of The Qt Company Ltd nor the names of its
 **     contributors may be used to endorse or promote products derived
 **     from this software without specific prior written permission.
 **
 **
 ** THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 ** "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 ** LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 ** A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 ** OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 ** SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 ** LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 ** DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 ** THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 ** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 ** OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE."
 **
 ** $QT_END_LICENSE$
 **
 ****************************************************************************/

 #include "server.h"

 #include <algorithm>

 QT_BEGIN_NAMESPACE

 namespace {

 QString peer_info(const QHostAddress &address, quint16 port)
 {
     const static QString info = QStringLiteral("(%1:%2)");
     return info.arg(address.toString()).arg(port);
 }

 QString connection_info(QDtls *connection)
 {
     QString info(DtlsServer::tr("Session cipher: "));
     info += connection->sessionCipher().name();

     info += DtlsServer::tr("; session protocol: ");
     switch (connection->sessionProtocol()) {
     case QSsl::DtlsV1_0:
         info += DtlsServer::tr("DTLS 1.0.");
         break;
     case QSsl::DtlsV1_2:
         info += DtlsServer::tr("DTLS 1.2.");
         break;
     case QSsl::DtlsV1_2OrLater:
         info += DtlsServer::tr("DTLS 1.2 or later.");
         break;
     default:
         info += DtlsServer::tr("Unknown protocol.");
     }

     return info;
 }

 } // unnamed namespace

 //! [1]
 DtlsServer::DtlsServer()
 {
     connect(&serverSocket, &QAbstractSocket::readyRead, this, &DtlsServer::readyRead);

     serverConfiguration = QSslConfiguration::defaultDtlsConfiguration();
     serverConfiguration.setPreSharedKeyIdentityHint("Qt DTLS example server");
     serverConfiguration.setPeerVerifyMode(QSslSocket::VerifyNone);
 }
 //! [1]

 DtlsServer::~DtlsServer()
 {
     shutdown();
 }

 //! [2]
 bool DtlsServer::listen(const QHostAddress &address, quint16 port)
 {
     if (address != serverSocket.localAddress() || port != serverSocket.localPort()) {
         shutdown();
         listening = serverSocket.bind(address, port);
         if (!listening)
             emit errorMessage(serverSocket.errorString());
     } else {
         listening = true;
     }

     return listening;
 }
 //! [2]

 bool DtlsServer::isListening() const
 {
     return listening;
 }

 void DtlsServer::close()
 {
     listening = false;
 }

 void DtlsServer::readyRead()
 {
     //! [3]
     const qint64 bytesToRead = serverSocket.pendingDatagramSize();
     if (bytesToRead <= 0) {
         emit warningMessage(tr("A spurious read notification"));
         return;
     }

     QByteArray dgram(bytesToRead, Qt::Uninitialized);
     QHostAddress peerAddress;
     quint16 peerPort = 0;
     const qint64 bytesRead = serverSocket.readDatagram(dgram.data(), dgram.size(),
                                                        &peerAddress, &peerPort);
     if (bytesRead <= 0) {
         emit warningMessage(tr("Failed to read a datagram: ") + serverSocket.errorString());
         return;
     }

     dgram.resize(bytesRead);
     //! [3]
     //! [4]
     if (peerAddress.isNull() || !peerPort) {
         emit warningMessage(tr("Failed to extract peer info (address, port)"));
         return;
     }

     const auto client = std::find_if(knownClients.begin(), knownClients.end(),
                                      [&](const std::unique_ptr<QDtls> &connection){
         return connection->peerAddress() == peerAddress
                && connection->peerPort() == peerPort;
     });
     //! [4]

     //! [5]
     if (client == knownClients.end())
         return handleNewConnection(peerAddress, peerPort, dgram);
     //! [5]

     //! [6]
     if ((*client)->isConnectionEncrypted()) {
         decryptDatagram(client->get(), dgram);
         if ((*client)->dtlsError() == QDtlsError::RemoteClosedConnectionError)
             knownClients.erase(client);
         return;
     }
     //! [6]

     //! [7]
     doHandshake(client->get(), dgram);
     //! [7]
 }

 //! [13]
 void DtlsServer::pskRequired(QSslPreSharedKeyAuthenticator *auth)
 {
     Q_ASSERT(auth);

     emit infoMessage(tr("PSK callback, received a client's identity: '%1'")
                      .arg(QString::fromLatin1(auth->identity())));
     auth->setPreSharedKey(QByteArrayLiteral("\x1a\x2b\x3c\x4d\x5e\x6f"));
 }
 //! [13]

 //! [8]
 void DtlsServer::handleNewConnection(const QHostAddress &peerAddress,
                                      quint16 peerPort, const QByteArray &clientHello)
 {
     if (!listening)
         return;

     const QString peerInfo = peer_info(peerAddress, peerPort);
     if (cookieSender.verifyClient(&serverSocket, clientHello, peerAddress, peerPort)) {
         emit infoMessage(peerInfo + tr(": verified, starting a handshake"));
     //! [8]
     //! [9]
         std::unique_ptr<QDtls> newConnection{new QDtls{QSslSocket::SslServerMode}};
         newConnection->setDtlsConfiguration(serverConfiguration);
         newConnection->setPeer(peerAddress, peerPort);
         newConnection->connect(newConnection.get(), &QDtls::pskRequired,
                                this, &DtlsServer::pskRequired);
         knownClients.push_back(std::move(newConnection));
         doHandshake(knownClients.back().get(), clientHello);
     //! [9]
     } else if (cookieSender.dtlsError() != QDtlsError::NoError) {
         emit errorMessage(tr("DTLS error: ") + cookieSender.dtlsErrorString());
     } else {
         emit infoMessage(peerInfo + tr(": not verified yet"));
     }
 }

 //! [11]
 void DtlsServer::doHandshake(QDtls *newConnection, const QByteArray &clientHello)
 {
     const bool result = newConnection->doHandshake(&serverSocket, clientHello);
     if (!result) {
         emit errorMessage(newConnection->dtlsErrorString());
         return;
     }

     const QString peerInfo = peer_info(newConnection->peerAddress(),
                                        newConnection->peerPort());
     switch (newConnection->handshakeState()) {
     case QDtls::HandshakeInProgress:
         emit infoMessage(peerInfo + tr(": handshake is in progress ..."));
         break;
     case QDtls::HandshakeComplete:
         emit infoMessage(tr("Connection with %1 encrypted. %2")
                          .arg(peerInfo, connection_info(newConnection)));
         break;
     default:
         Q_UNREACHABLE();
     }
 }
 //! [11]

 //! [12]
 void DtlsServer::decryptDatagram(QDtls *connection, const QByteArray &clientMessage)
 {
     Q_ASSERT(connection->isConnectionEncrypted());

     const QString peerInfo = peer_info(connection->peerAddress(), connection->peerPort());
     const QByteArray dgram = connection->decryptDatagram(&serverSocket, clientMessage);
     if (dgram.size()) {
         emit datagramReceived(peerInfo, clientMessage, dgram);
         connection->writeDatagramEncrypted(&serverSocket, tr("to %1: ACK").arg(peerInfo).toLatin1());
     } else if (connection->dtlsError() == QDtlsError::NoError) {
         emit warningMessage(peerInfo + ": " + tr("0 byte dgram, could be a re-connect attempt?"));
     } else {
         emit errorMessage(peerInfo + ": " + connection->dtlsErrorString());
     }
 }
 //! [12]

 //! [14]
 void DtlsServer::shutdown()
 {
     for (const auto &connection : qExchange(knownClients, {}))
         connection->shutdown(&serverSocket);

     serverSocket.close();
 }
 //! [14]

 QT_END_NAMESPACE
	/****************************************************************************
	**
	** Copyright (C) 2018 The Qt Company Ltd.
	** Contact: https://www.qt.io/licensing/
	**
	** This file is part of the examples of the Qt Toolkit.
	**
	** $QT_BEGIN_LICENSE:BSD$
	** Commercial License Usage
	** Licensees holding valid commercial Qt licenses may use this file in
	** accordance with the commercial license agreement provided with the
	** Software or, alternatively, in accordance with the terms contained in
	** a written agreement between you and The Qt Company. For licensing terms
	** and conditions see https://www.qt.io/terms-conditions. For further
	** information use the contact form at https://www.qt.io/contact-us.
	**
	** BSD License Usage
	** Alternatively, you may use this file under the terms of the BSD license
	** as follows:
	**
	** "Redistribution and use in source and binary forms, with or without
	** modification, are permitted provided that the following conditions are
	** met:
	** * Redistributions of source code must retain the above copyright
	** notice, this list of conditions and the following disclaimer.
	** * Redistributions in binary form must reproduce the above copyright
	** notice, this list of conditions and the following disclaimer in
	** the documentation and/or other materials provided with the
	** distribution.
	** * Neither the name of The Qt Company Ltd nor the names of its
	** contributors may be used to endorse or promote products derived
	** from this software without specific prior written permission.
	**
	**
	** THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
	** "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
	** LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
	** A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
	** OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	** SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
	** LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	** DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	** THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
	** OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE."
	**
	** $QT_END_LICENSE$
	**
	****************************************************************************/

	#include "server.h"

	#include <algorithm>

	QT_BEGIN_NAMESPACE

	namespace {

	QString peer_info(const QHostAddress &address, quint16 port)
	{
	const static QString info = QStringLiteral("(%1:%2)");
	return info.arg(address.toString()).arg(port);
	}

	QString connection_info(QDtls *connection)
	{
	QString info(DtlsServer::tr("Session cipher: "));
	info += connection->sessionCipher().name();

	info += DtlsServer::tr("; session protocol: ");
	switch (connection->sessionProtocol()) {
	case QSsl::DtlsV1_0:
	info += DtlsServer::tr("DTLS 1.0.");
	break;
	case QSsl::DtlsV1_2:
	info += DtlsServer::tr("DTLS 1.2.");
	break;
	case QSsl::DtlsV1_2OrLater:
	info += DtlsServer::tr("DTLS 1.2 or later.");
	break;
	default:
	info += DtlsServer::tr("Unknown protocol.");
	}

	return info;
	}

	} // unnamed namespace

	//! [1]
	DtlsServer::DtlsServer()
	{
	connect(&serverSocket, &QAbstractSocket::readyRead, this, &DtlsServer::readyRead);

	serverConfiguration = QSslConfiguration::defaultDtlsConfiguration();
	serverConfiguration.setPreSharedKeyIdentityHint("Qt DTLS example server");
	serverConfiguration.setPeerVerifyMode(QSslSocket::VerifyNone);
	}
	//! [1]

	DtlsServer::~DtlsServer()
	{
	shutdown();
	}

	//! [2]
	bool DtlsServer::listen(const QHostAddress &address, quint16 port)
	{
	if (address != serverSocket.localAddress() \|\| port != serverSocket.localPort()) {
	shutdown();
	listening = serverSocket.bind(address, port);
	if (!listening)
	emit errorMessage(serverSocket.errorString());
	} else {
	listening = true;
	}

	return listening;
	}
	//! [2]

	bool DtlsServer::isListening() const
	{
	return listening;
	}

	void DtlsServer::close()
	{
	listening = false;
	}

	void DtlsServer::readyRead()
	{
	//! [3]
	const qint64 bytesToRead = serverSocket.pendingDatagramSize();
	if (bytesToRead <= 0) {
	emit warningMessage(tr("A spurious read notification"));
	return;
	}

	QByteArray dgram(bytesToRead, Qt::Uninitialized);
	QHostAddress peerAddress;
	quint16 peerPort = 0;
	const qint64 bytesRead = serverSocket.readDatagram(dgram.data(), dgram.size(),
	&peerAddress, &peerPort);
	if (bytesRead <= 0) {
	emit warningMessage(tr("Failed to read a datagram: ") + serverSocket.errorString());
	return;
	}

	dgram.resize(bytesRead);
	//! [3]
	//! [4]
	if (peerAddress.isNull() \|\| !peerPort) {
	emit warningMessage(tr("Failed to extract peer info (address, port)"));
	return;
	}

	const auto client = std::find_if(knownClients.begin(), knownClients.end(),
	[&](const std::unique_ptr<QDtls> &connection){
	return connection->peerAddress() == peerAddress
	&& connection->peerPort() == peerPort;
	});
	//! [4]

	//! [5]
	if (client == knownClients.end())
	return handleNewConnection(peerAddress, peerPort, dgram);
	//! [5]

	//! [6]
	if ((*client)->isConnectionEncrypted()) {
	decryptDatagram(client->get(), dgram);
	if ((*client)->dtlsError() == QDtlsError::RemoteClosedConnectionError)
	knownClients.erase(client);
	return;
	}
	//! [6]

	//! [7]
	doHandshake(client->get(), dgram);
	//! [7]
	}

	//! [13]
	void DtlsServer::pskRequired(QSslPreSharedKeyAuthenticator *auth)
	{
	Q_ASSERT(auth);

	emit infoMessage(tr("PSK callback, received a client's identity: '%1'")
	.arg(QString::fromLatin1(auth->identity())));
	auth->setPreSharedKey(QByteArrayLiteral("\x1a\x2b\x3c\x4d\x5e\x6f"));
	}
	//! [13]

	//! [8]
	void DtlsServer::handleNewConnection(const QHostAddress &peerAddress,
	quint16 peerPort, const QByteArray &clientHello)
	{
	if (!listening)
	return;

	const QString peerInfo = peer_info(peerAddress, peerPort);
	if (cookieSender.verifyClient(&serverSocket, clientHello, peerAddress, peerPort)) {
	emit infoMessage(peerInfo + tr(": verified, starting a handshake"));
	//! [8]
	//! [9]
	std::unique_ptr<QDtls> newConnection{new QDtls{QSslSocket::SslServerMode}};
	newConnection->setDtlsConfiguration(serverConfiguration);
	newConnection->setPeer(peerAddress, peerPort);
	newConnection->connect(newConnection.get(), &QDtls::pskRequired,
	this, &DtlsServer::pskRequired);
	knownClients.push_back(std::move(newConnection));
	doHandshake(knownClients.back().get(), clientHello);
	//! [9]
	} else if (cookieSender.dtlsError() != QDtlsError::NoError) {
	emit errorMessage(tr("DTLS error: ") + cookieSender.dtlsErrorString());
	} else {
	emit infoMessage(peerInfo + tr(": not verified yet"));
	}
	}

	//! [11]
	void DtlsServer::doHandshake(QDtls *newConnection, const QByteArray &clientHello)
	{
	const bool result = newConnection->doHandshake(&serverSocket, clientHello);
	if (!result) {
	emit errorMessage(newConnection->dtlsErrorString());
	return;
	}

	const QString peerInfo = peer_info(newConnection->peerAddress(),
	newConnection->peerPort());
	switch (newConnection->handshakeState()) {
	case QDtls::HandshakeInProgress:
	emit infoMessage(peerInfo + tr(": handshake is in progress ..."));
	break;
	case QDtls::HandshakeComplete:
	emit infoMessage(tr("Connection with %1 encrypted. %2")
	.arg(peerInfo, connection_info(newConnection)));
	break;
	default:
	Q_UNREACHABLE();
	}
	}
	//! [11]

	//! [12]
	void DtlsServer::decryptDatagram(QDtls *connection, const QByteArray &clientMessage)
	{
	Q_ASSERT(connection->isConnectionEncrypted());

	const QString peerInfo = peer_info(connection->peerAddress(), connection->peerPort());
	const QByteArray dgram = connection->decryptDatagram(&serverSocket, clientMessage);
	if (dgram.size()) {
	emit datagramReceived(peerInfo, clientMessage, dgram);
	connection->writeDatagramEncrypted(&serverSocket, tr("to %1: ACK").arg(peerInfo).toLatin1());
	} else if (connection->dtlsError() == QDtlsError::NoError) {
	emit warningMessage(peerInfo + ": " + tr("0 byte dgram, could be a re-connect attempt?"));
	} else {
	emit errorMessage(peerInfo + ": " + connection->dtlsErrorString());
	}
	}
	//! [12]

	//! [14]
	void DtlsServer::shutdown()
	{
	for (const auto &connection : qExchange(knownClients, {}))
	connection->shutdown(&serverSocket);

	serverSocket.close();
	}
	//! [14]

	QT_END_NAMESPACE