From 53d2308293b8fba8f35a575cda314eb5930321e1 Mon Sep 17 00:00:00 2001 From: Sergei Ilinykh Date: Sat, 22 Jun 2024 13:03:24 +0300 Subject: [PATCH] Get rid of tls probing mode + ssl->tls --- src/xmpp/xmpp-core/connector.cpp | 85 ++++++++++---------------------- src/xmpp/xmpp-core/xmpp.h | 5 +- 2 files changed, 28 insertions(+), 62 deletions(-) diff --git a/src/xmpp/xmpp-core/connector.cpp b/src/xmpp/xmpp-core/connector.cpp index dcd8c339..2332b092 100644 --- a/src/xmpp/xmpp-core/connector.cpp +++ b/src/xmpp/xmpp-core/connector.cpp @@ -149,40 +149,33 @@ AdvancedConnector::Proxy::operator QNetworkProxy() // AdvancedConnector //---------------------------------------------------------------------------- typedef enum { Idle, Connecting, Connected } Mode; -typedef enum : char { Force, Probe, Never } LegacySSL; +typedef enum : char { Force, Never } DirectTLS; class AdvancedConnector::Private { public: - ByteStream *bs; //!< Socket to use + ByteStream *bs = nullptr; //!< Socket to use /* configuration values / "options" */ - QString opt_host; //!< explicit host from config - quint16 opt_port; //!< explicit port from config - LegacySSL opt_ssl = Never; //!< Whether to use legacy SSL support - bool opt_srvtls = true; //!< Whether to lookup tls port from SRV - Proxy proxy; //!< Proxy configuration + QString opt_host; //!< explicit host from config + quint16 opt_port; //!< explicit port from config + bool opt_directtls = false; //!< Whether to use direct TLS support + bool opt_srvtls = true; //!< Whether to lookup tls port from SRV + Proxy proxy; //!< Proxy configuration /* State tracking values */ - Mode mode; //!< Idle, Connecting, Connected - QString host; //!< Host we currently try to connect to, set from connectToServer() - int port; //!< Port we currently try to connect to, set from connectToServer() and bs_error() - int errorCode; //!< Current error, if any + Mode mode; //!< Idle, Connecting, Connected + QString host; //!< Host we currently try to connect to, set from connectToServer() + int port; //!< Port we currently try to connect to, set from connectToServer() and bs_error() + int errorCode = 0; //!< Current error, if any }; -AdvancedConnector::AdvancedConnector(QObject *parent) : Connector(parent) +AdvancedConnector::AdvancedConnector(QObject *parent) : Connector(parent), d(new Private) { - d = new Private; - d->bs = nullptr; - d->opt_ssl = Never; cleanup(); d->errorCode = 0; } -AdvancedConnector::~AdvancedConnector() -{ - cleanup(); - delete d; -} +AdvancedConnector::~AdvancedConnector() { cleanup(); } void AdvancedConnector::cleanup() { @@ -221,7 +214,7 @@ void AdvancedConnector::setOptHostPort(const QString &_host, quint16 _port) d->opt_port = _port; } -void AdvancedConnector::setOptProbe(bool b) +void AdvancedConnector::setOptSSL(bool b) { #ifdef XMPP_DEBUG XDEBUG << "b:" << b; @@ -229,22 +222,19 @@ void AdvancedConnector::setOptProbe(bool b) if (d->mode != Idle) return; - d->opt_ssl = (b ? Probe : Never); + d->opt_directtls = b; } -void AdvancedConnector::setOptSSL(bool b) +void AdvancedConnector::setOptTlsSrv(bool value) { #ifdef XMPP_DEBUG XDEBUG << "b:" << b; #endif - if (d->mode != Idle) return; - d->opt_ssl = (b ? Force : Never); + d->opt_srvtls = value; } -void AdvancedConnector::setOptTlsSrv(bool value) { d->opt_srvtls = value; } - void AdvancedConnector::connectToServer(const QString &server) { #ifdef XMPP_DEBUG @@ -267,13 +257,6 @@ void AdvancedConnector::connectToServer(const QString &server) } d->port = XMPP_DEFAULT_PORT; - if (d->opt_ssl == Probe && (d->proxy.type() != Proxy::None || !d->opt_host.isEmpty())) { -#ifdef XMPP_DEBUG - XDEBUG << "Don't probe ssl port because of incompatible params"; -#endif - d->opt_ssl = Never; // probe is possible only with direct connect - } - if (d->proxy.type() == Proxy::HttpPoll) { HttpPoll *s = new HttpPoll; d->bs = s; @@ -346,10 +329,10 @@ void AdvancedConnector::connectToServer(const QString &server) } QStringList services = { XMPP_CLIENT_SRV }; - if (d->opt_ssl == Never && d->opt_srvtls) { /* if ssl forced or should be probed */ + if (!d->opt_directtls && d->opt_srvtls) { services << XMPP_CLIENT_TLS_SRV; } - if (d->opt_ssl != Never) { + if (d->opt_directtls) { d->port = XMPP_LEGACY_PORT; } s->connectToHost(services, XMPP_CLIENT_TRANSPORT, d->host, quint16(d->port)); @@ -387,11 +370,9 @@ void AdvancedConnector::bs_connected() setPeerAddress(h, p); } - // We won't use ssl with HttpPoll since it has ow tls handler enabled for https. + // We won't use ssl with HttpPoll since it has own tls handler enabled for https. // The only variant for ssl is legacy port in probing or forced mde. - if (d->proxy.type() != Proxy::HttpPoll - && (d->opt_ssl == Force || (d->opt_ssl == Probe && peerPort() == XMPP_LEGACY_PORT))) { - // in case of Probe it's ok to check actual peer "port" since we are sure Proxy=None + if (d->proxy.type() != Proxy::HttpPoll && (d->opt_directtls || peerPort() == XMPP_LEGACY_PORT)) { setUseSSL(true); } @@ -480,28 +461,12 @@ void AdvancedConnector::bs_error(int x) return; } - /* - if we shall probe the ssl legacy port, and we just did that (port=legacy), - then try to connect to the normal port instead - */ - if (d->opt_ssl == Probe && d->port == XMPP_LEGACY_PORT) { -#ifdef XMPP_DEBUG - qDebug("bse1.2"); -#endif - BSocket *s = static_cast(d->bs); - d->port = XMPP_DEFAULT_PORT; - // at this moment we already tried everything from srv. so just try the host itself - s->connectToHost(d->host, quint16(d->port)); - } - /* otherwise we have no fallbacks and must have failed to connect */ - else { #ifdef XMPP_DEBUG - qDebug("bse1.3"); + qDebug("bse1.3"); #endif - cleanup(); - d->errorCode = ErrConnectionRefused; - emit error(); - } + cleanup(); + d->errorCode = ErrConnectionRefused; + emit error(); } void AdvancedConnector::http_syncStarted() { emit httpSyncStarted(); } diff --git a/src/xmpp/xmpp-core/xmpp.h b/src/xmpp/xmpp-core/xmpp.h index 01905e4e..f6689ce8 100644 --- a/src/xmpp/xmpp-core/xmpp.h +++ b/src/xmpp/xmpp-core/xmpp.h @@ -31,6 +31,8 @@ #include #include // For QCA::SASL::Params +#include + #ifndef CS_XMPP class ByteStream; #endif @@ -133,7 +135,6 @@ class AdvancedConnector : public Connector { }; void setProxy(const Proxy &proxy); - void setOptProbe(bool); void setOptSSL(bool); void setOptTlsSrv(bool); @@ -163,7 +164,7 @@ private slots: private: class Private; - Private *d; + std::unique_ptr d; void cleanup(); };