1 /**************************************************************************** 2 ** 3 ** Copyright (C) 2015 The Qt Company Ltd. 4 ** Contact: http://www.qt.io/licensing/ 5 ** 6 ** This file is part of the QtGui module of the Qt Toolkit. 7 ** 8 ** $QT_BEGIN_LICENSE:LGPL$ 9 ** Commercial License Usage 10 ** Licensees holding valid commercial Qt licenses may use this file in 11 ** accordance with the commercial license agreement provided with the 12 ** Software or, alternatively, in accordance with the terms contained in 13 ** a written agreement between you and The Qt Company. For licensing terms 14 ** and conditions see http://www.qt.io/terms-conditions. For further 15 ** information use the contact form at http://www.qt.io/contact-us. 16 ** 17 ** GNU Lesser General Public License Usage 18 ** Alternatively, this file may be used under the terms of the GNU Lesser 19 ** General Public License version 2.1 or version 3 as published by the Free 20 ** Software Foundation and appearing in the file LICENSE.LGPLv21 and 21 ** LICENSE.LGPLv3 included in the packaging of this file. Please review the 22 ** following information to ensure the GNU Lesser General Public License 23 ** requirements will be met: https://www.gnu.org/licenses/lgpl.html and 24 ** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. 25 ** 26 ** As a special exception, The Qt Company gives you certain additional 27 ** rights. These rights are described in The Qt Company LGPL Exception 28 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. 29 ** 30 ** GNU General Public License Usage 31 ** Alternatively, this file may be used under the terms of the GNU 32 ** General Public License version 3.0 as published by the Free Software 33 ** Foundation and appearing in the file LICENSE.GPL included in the 34 ** packaging of this file. Please review the following information to 35 ** ensure the GNU General Public License version 3.0 requirements will be 36 ** met: http://www.gnu.org/copyleft/gpl.html. 37 ** 38 ** $QT_END_LICENSE$ 39 ** 40 ****************************************************************************/ 41 42 #ifndef QTRANSPORTAUTH_QWS_P_H 43 #define QTRANSPORTAUTH_QWS_P_H 44 45 // 46 // W A R N I N G 47 // ------------- 48 // 49 // This file is not part of the Qt API. It exists purely as an 50 // implementation detail. This header file may change from version to 51 // version without notice, or even be removed. 52 // 53 // We mean it. 54 // 55 56 #include <QtCore/qglobal.h> 57 58 #ifndef QT_NO_SXE 59 60 #include "qtransportauth_qws.h" 61 #include "qtransportauthdefs_qws.h" 62 #include "qbuffer.h" 63 64 #include <qmutex.h> 65 #include <qdatetime.h> 66 #include "private/qobject_p.h" 67 68 #include <QtCore/qcache.h> 69 70 QT_BEGIN_NAMESPACE 71 72 // Uncomment to generate debug output 73 // #define QTRANSPORTAUTH_DEBUG 1 74 75 #ifdef QTRANSPORTAUTH_DEBUG 76 void hexstring( char *buf, const unsigned char* key, size_t sz ); 77 #endif 78 79 // proj id for ftok usage in sxe 80 #define SXE_PROJ 10022 81 82 /*! 83 \internal 84 memset for security purposes, guaranteed not to be optimized away 85 http://www.faqs.org/docs/Linux-HOWTO/Secure-Programs-HOWTO.html 86 */ 87 void *guaranteed_memset(void *v,int c,size_t n); 88 89 class QUnixSocketMessage; 90 91 /*! 92 \internal 93 \class AuthCookie 94 Struct to carry process authentication key and id 95 */ 96 #define QSXE_HEADER_LEN 24 97 98 /*! 99 \macro AUTH_ID 100 Macro to manage authentication header. Format of header is: 101 \table 102 \header \i BYTES \i CONTENT 103 \row \i 0-3 \i magic numbers 104 \row \i 4 \i length of authenticated data (max 255 bytes) 105 \row i\ 5 \i reserved 106 \row \i 6-21 \i MAC digest, or shared secret in case of simple auth 107 \row \i 22 \i program id 108 \row \i 23 \i sequence number 109 \endtable 110 Total length of the header is 24 bytes 111 112 However this may change. Instead of coding these numbers use the AUTH_ID, 113 AUTH_KEY, AUTH_DATA and AUTH_SPACE macros. 114 */ 115 116 #define AUTH_ID(k) ((unsigned char)(k[QSXE_KEY_LEN])) 117 #define AUTH_KEY(k) ((unsigned char *)(k)) 118 119 #define AUTH_DATA(x) (unsigned char *)((x) + QSXE_HEADER_LEN) 120 #define AUTH_SPACE(x) ((x) + QSXE_HEADER_LEN) 121 #define QSXE_LEN_IDX 4 122 #define QSXE_KEY_IDX 6 123 #define QSXE_PROG_IDX 22 124 #define QSXE_SEQ_IDX 23 125 126 class SxeRegistryLocker : public QObject 127 { 128 Q_OBJECT 129 public: 130 SxeRegistryLocker( QObject * ); 131 ~SxeRegistryLocker(); success()132 bool success() const { return m_success; } 133 private: 134 bool m_success; 135 QObject *m_reg; 136 }; 137 138 class QTransportAuthPrivate : public QObjectPrivate 139 { 140 Q_DECLARE_PUBLIC(QTransportAuth) 141 public: 142 QTransportAuthPrivate(); 143 ~QTransportAuthPrivate(); 144 145 const unsigned char *getClientKey( unsigned char progId ); 146 void invalidateClientKeyCache(); 147 148 bool keyInitialised; 149 QString m_logFilePath; 150 QString m_keyFilePath; 151 QObject *m_packageRegistry; 152 AuthCookie authKey; 153 QCache<unsigned char, char> keyCache; 154 QHash< QObject*, QIODevice*> buffersByClient; 155 QMutex keyfileMutex; 156 }; 157 158 /*! 159 \internal 160 Enforces the False Authentication Rate. If more than 4 authentications 161 are received per minute the sxemonitor is notified that the FAR has been exceeded 162 */ 163 class FAREnforcer 164 { 165 public: 166 static FAREnforcer *getInstance(); 167 void logAuthAttempt( QDateTime time = QDateTime::currentDateTime() ); 168 void reset(); 169 170 #ifndef TEST_FAR_ENFORCER 171 private: 172 #endif 173 FAREnforcer(); 174 FAREnforcer( const FAREnforcer & ); 175 FAREnforcer &operator=(FAREnforcer const & ); 176 177 static const QString FARMessage; 178 static const int minutelyRate; 179 static const QString SxeTag; 180 static const int minute; 181 182 QList<QDateTime> authAttempts; 183 }; 184 185 QT_END_NAMESPACE 186 187 #endif // QT_NO_SXE 188 #endif // QTRANSPORTAUTH_QWS_P_H 189 190