Mirrors/overte
3
0
Fork 0
mirror of https://github.com/overte-org/overte.git synced 2025-06-15 23:39:17 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

clean-up formatting

Browse source
This commit is contained in:
bwent 2015-08-05 17:43:03 -07:00
parent 45e3eafce3
commit a8f9f9d746
4 changed files with 25 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
domain-server/src/DomainServer.cpp
View file

@ -577,7 +577,6 @@ const NodeSet STATICALLY_ASSIGNED_NODES = NodeSet() << NodeType::AudioMixer
<< NodeType::AvatarMixer << NodeType::EntityServer; << NodeType::AvatarMixer << NodeType::EntityServer;
void DomainServer::processConnectRequestPacket(QSharedPointer<NLPacket> packet) { void DomainServer::processConnectRequestPacket(QSharedPointer<NLPacket> packet) {
NodeType_t nodeType; NodeType_t nodeType;
HifiSockAddr publicSockAddr, localSockAddr; HifiSockAddr publicSockAddr, localSockAddr;
@ -638,7 +637,6 @@ void DomainServer::processConnectRequestPacket(QSharedPointer<NLPacket> packet)
if (packet->bytesLeftToRead() > 0) { if (packet->bytesLeftToRead() > 0) {
// try to verify username // try to verify username
packetStream >> username; packetStream >> username;
} }
bool isRestrictingAccess = bool isRestrictingAccess =
@ -647,7 +645,7 @@ void DomainServer::processConnectRequestPacket(QSharedPointer<NLPacket> packet)
// we always let in a user who is sending a packet from our local socket or from the localhost address // we always let in a user who is sending a packet from our local socket or from the localhost address
bool isLocalUser = (senderSockAddr.getAddress() == DependencyManager::get<LimitedNodeList>()->getLocalSockAddr().getAddress() || senderSockAddr.getAddress() == QHostAddress::LocalHost); bool isLocalUser = (senderSockAddr.getAddress() == DependencyManager::get<LimitedNodeList>()->getLocalSockAddr().getAddress() || senderSockAddr.getAddress() == QHostAddress::LocalHost);
if (isRestrictingAccess) { if (isRestrictingAccess && !isLocalUser) {
if (!username.isEmpty()) { if (!username.isEmpty()) {
// if there's a username, try to unpack username signature // if there's a username, try to unpack username signature
packetStream >> usernameSignature; packetStream >> usernameSignature;
@ -672,7 +670,6 @@ void DomainServer::processConnectRequestPacket(QSharedPointer<NLPacket> packet)
QString reason; QString reason;
if (!isAssignment && !shouldAllowConnectionFromNode(username, usernameSignature, senderSockAddr, reason)) { if (!isAssignment && !shouldAllowConnectionFromNode(username, usernameSignature, senderSockAddr, reason)) {
// this is an agent and we've decided we won't let them connect - send them a packet to deny connection // this is an agent and we've decided we won't let them connect - send them a packet to deny connection
QByteArray utfString = reason.toUtf8(); QByteArray utfString = reason.toUtf8();
quint16 payloadSize = utfString.size(); quint16 payloadSize = utfString.size();
@ -680,12 +677,9 @@ void DomainServer::processConnectRequestPacket(QSharedPointer<NLPacket> packet)
if (payloadSize > 0) { if (payloadSize > 0) {
connectionDeniedPacket->writePrimitive(payloadSize); connectionDeniedPacket->writePrimitive(payloadSize);
connectionDeniedPacket->write(utfString); connectionDeniedPacket->write(utfString);
} }
// tell client it has been refused. // tell client it has been refused.
limitedNodeList->sendPacket(std::move(connectionDeniedPacket), senderSockAddr); limitedNodeList->sendPacket(std::move(connectionDeniedPacket), senderSockAddr);
return; return;
} }
@ -791,7 +785,6 @@ void DomainServer::processListRequestPacket(QSharedPointer<NLPacket> packet, Sha
sendDomainListToNode(sendingNode, packet->getSenderSockAddr(), nodeInterestList.toSet()); sendDomainListToNode(sendingNode, packet->getSenderSockAddr(), nodeInterestList.toSet());
} }
unsigned int DomainServer::countConnectedUsers() { unsigned int DomainServer::countConnectedUsers() {
unsigned int result = 0; unsigned int result = 0;
auto nodeList = DependencyManager::get<LimitedNodeList>(); auto nodeList = DependencyManager::get<LimitedNodeList>();
@ -811,7 +804,7 @@ bool DomainServer::verifyUserSignature(const QString& username,
// it's possible this user can be allowed to connect, but we need to check their username signature // it's possible this user can be allowed to connect, but we need to check their username signature
QByteArray publicKeyArray = _userPublicKeys.value(username); QByteArray publicKeyArray = _userPublicKeys.value(username);
QUuid connectionToken = _connectionTokenHash.value(username.toLower()); const QUuid& connectionToken = _connectionTokenHash.value(username.toLower());
if (!publicKeyArray.isEmpty() && !connectionToken.isNull()) { if (!publicKeyArray.isEmpty() && !connectionToken.isNull()) {
// if we do have a public key for the user, check for a signature match // if we do have a public key for the user, check for a signature match
@ -822,7 +815,8 @@ bool DomainServer::verifyUserSignature(const QString& username,
RSA* rsaPublicKey = d2i_RSA_PUBKEY(NULL, &publicKeyData, publicKeyArray.size()); RSA* rsaPublicKey = d2i_RSA_PUBKEY(NULL, &publicKeyData, publicKeyArray.size());
QByteArray lowercaseUsername = username.toLower().toUtf8(); QByteArray lowercaseUsername = username.toLower().toUtf8();
QByteArray usernameWithToken = QCryptographicHash::hash(lowercaseUsername.append(connectionToken.toRfc4122()), QCryptographicHash::Sha256); QByteArray usernameWithToken = QCryptographicHash::hash(lowercaseUsername.append(connectionToken.toRfc4122()),
QCryptographicHash::Sha256);
if (rsaPublicKey) { if (rsaPublicKey) {
QByteArray decryptedArray(RSA_size(rsaPublicKey), 0); QByteArray decryptedArray(RSA_size(rsaPublicKey), 0);
@ -868,12 +862,12 @@ bool DomainServer::shouldAllowConnectionFromNode(const QString& username,
bool isRestrictingAccess = bool isRestrictingAccess =
_settingsManager.valueOrDefaultValueForKeyPath(RESTRICTED_ACCESS_SETTINGS_KEYPATH).toBool(); _settingsManager.valueOrDefaultValueForKeyPath(RESTRICTED_ACCESS_SETTINGS_KEYPATH).toBool();
if(isRestrictingAccess) { if (isRestrictingAccess) {
QStringList allowedUsers = QStringList allowedUsers =
_settingsManager.valueOrDefaultValueForKeyPath(ALLOWED_USERS_SETTINGS_KEYPATH).toStringList(); _settingsManager.valueOrDefaultValueForKeyPath(ALLOWED_USERS_SETTINGS_KEYPATH).toStringList();
if (allowedUsers.contains(username, Qt::CaseInsensitive)) { if (allowedUsers.contains(username, Qt::CaseInsensitive)) {
if(username.isEmpty()) { if (username.isEmpty()) {
qDebug() << "Connect request denied - no username provided."; qDebug() << "Connect request denied - no username provided.";
reasonReturn = "No username provided"; reasonReturn = "No username provided";
return false; return false;

2
domain-server/src/DomainServer.h
View file

@ -57,7 +57,7 @@ public slots:
void processRequestAssignmentPacket(QSharedPointer<NLPacket> packet); void processRequestAssignmentPacket(QSharedPointer<NLPacket> packet);
void processConnectRequestPacket(QSharedPointer<NLPacket> packet); void processConnectRequestPacket(QSharedPointer<NLPacket> packet);
void processListRequestPacket(QSharedPointer<NLPacket> packet, SharedNodePointer sendingNode);; void processListRequestPacket(QSharedPointer<NLPacket> packet, SharedNodePointer sendingNode);
void processNodeJSONStatsPacket(QSharedPointer<NLPacket> packet, SharedNodePointer sendingNode); void processNodeJSONStatsPacket(QSharedPointer<NLPacket> packet, SharedNodePointer sendingNode);
void processPathQueryPacket(QSharedPointer<NLPacket> packet); void processPathQueryPacket(QSharedPointer<NLPacket> packet);
void processICEPingPacket(QSharedPointer<NLPacket> packet); void processICEPingPacket(QSharedPointer<NLPacket> packet);

13
libraries/networking/src/DataServerAccountInfo.cpp
View file

@ -16,6 +16,7 @@
#include <QtCore/QDebug> #include <QtCore/QDebug>
#include <QtCore/QDataStream> #include <QtCore/QDataStream>
#include "UUID.h"
#include "NetworkLogging.h" #include "NetworkLogging.h"
#include "DataServerAccountInfo.h" #include "DataServerAccountInfo.h"
@ -134,12 +135,18 @@ QByteArray DataServerAccountInfo::getUsernameSignature(const QUuid& connectionTo
_privateKey.size()); _privateKey.size());
if (rsaPrivateKey) { if (rsaPrivateKey) {
QByteArray lowercaseUsername = _username.toLower().toUtf8(); QByteArray lowercaseUsername = _username.toLower().toUtf8();
QByteArray usernameWithToken = QCryptographicHash::hash(lowercaseUsername.append(connectionToken.toRfc4122()), QCryptographicHash::Sha256); QByteArray usernameWithToken = QCryptographicHash::hash(lowercaseUsername.append(connectionToken.toRfc4122()),
QCryptographicHash::Sha256);
QByteArray usernameSignature(RSA_size(rsaPrivateKey), 0); QByteArray usernameSignature(RSA_size(rsaPrivateKey), 0);
unsigned int usernameSignatureSize = 0; unsigned int usernameSignatureSize = 0;
int encryptReturn = RSA_sign(NID_sha256, reinterpret_cast<const unsigned char*>(usernameWithToken.constData()), usernameWithToken.size(), reinterpret_cast<unsigned char*>(usernameSignature.data()), &usernameSignatureSize, rsaPrivateKey); int encryptReturn = RSA_sign(NID_sha256,
reinterpret_cast<const unsigned char*>(usernameWithToken.constData()),
usernameWithToken.size(),
reinterpret_cast<unsigned char*>(usernameSignature.data()),
&usernameSignatureSize,
rsaPrivateKey);
// free the private key RSA struct now that we are done with it // free the private key RSA struct now that we are done with it
RSA_free(rsaPrivateKey); RSA_free(rsaPrivateKey);
@ -148,7 +155,7 @@ QByteArray DataServerAccountInfo::getUsernameSignature(const QUuid& connectionTo
qCDebug(networking) << "Error encrypting username signature."; qCDebug(networking) << "Error encrypting username signature.";
qCDebug(networking) << "Will re-attempt on next domain-server check in."; qCDebug(networking) << "Will re-attempt on next domain-server check in.";
} else { } else {
qDebug(networking) << "Signing username with connectionUUID."; qDebug(networking) << "Returning username" << _username << "signed with connection UUID" << uuidStringWithoutCurlyBraces(connectionToken);
return usernameSignature; return usernameSignature;
} }

3
libraries/networking/src/NodeList.cpp
View file

@ -286,7 +286,7 @@ void NodeList::sendDomainServerCheckIn() {
if (!connectionToken.isNull()) { if (!connectionToken.isNull()) {
QByteArray usernameSignature = AccountManager::getInstance().getAccountInfo().getUsernameSignature(connectionToken); const QByteArray& usernameSignature = AccountManager::getInstance().getAccountInfo().getUsernameSignature(connectionToken);
if (!usernameSignature.isEmpty()) { if (!usernameSignature.isEmpty()) {
packetStream << usernameSignature; packetStream << usernameSignature;
@ -466,7 +466,6 @@ void NodeList::processDomainServerConnectionTokenPacket(QSharedPointer<NLPacket>
// read in the connection token from the packet, then send domain-server checkin // read in the connection token from the packet, then send domain-server checkin
_domainHandler.setConnectionToken(QUuid::fromRfc4122(packet->read(NUM_BYTES_RFC4122_UUID))); _domainHandler.setConnectionToken(QUuid::fromRfc4122(packet->read(NUM_BYTES_RFC4122_UUID)));
sendDomainServerCheckIn(); sendDomainServerCheckIn();
} }
void NodeList::processDomainServerList(QSharedPointer<NLPacket> packet) { void NodeList::processDomainServerList(QSharedPointer<NLPacket> packet) {