Add debug implementation

uglide · uglide · commit 622e05607610 · 2015-04-24T08:09:26.000+03:00
diff --git a/src/app/dialogs/connect.cpp b/src/app/dialogs/connect.cpp
@@ -20,6 +20,9 @@ ConnectionWindow::ConnectionWindow(QWeakPointer<ConnectionsManager> manager, QWi
     // connect slots to signals
     connect(ui.okButton, SIGNAL(clicked()), this, SLOT(OnOkButtonClick()));        
     connect(ui.selectPrivateKeyPath, SIGNAL(clicked()), this,  SLOT(OnBrowseSshKeyClick()));
+    connect(ui.sslCACertButton, &QPushButton::clicked, this, [this]() {
+        OnBrowsePemFileClick(ui.sslCACertEdit);
+    });
     connect(ui.testConnectionButton, SIGNAL(clicked()), this, SLOT(OnTestConnectionButtonClick()));
     connect(ui.showPasswordCheckbox, SIGNAL(stateChanged(int)), this, SLOT(OnShowPasswordCheckboxChanged(int)));
 
@@ -70,6 +73,11 @@ void ConnectionWindow::loadValuesFromConfig(const RedisClient::ConnectionConfig&
             ui.sshKeysGroup->setChecked(true);
         }
     }
+
+    if (config.useSsl()) {
+        ui.useSsl->setCheckState(Qt::Checked);
+        ui.sslCACertEdit->setText(config.param<QString>("ssl_ca_cert_path"));
+    }
 }
 
 void ConnectionWindow::markFieldInvalid(QWidget* w)
@@ -127,6 +135,16 @@ void ConnectionWindow::OnBrowseSshKeyClick()
     ui.privateKeyPath->setText(fileName);
 }
 
+void ConnectionWindow::OnBrowsePemFileClick(QLineEdit* target)
+{
+    QString fileName = QFileDialog::getOpenFileName(this, "Select PEM file", "", tr("All Files (*.pem)"));
+
+    if (fileName.isEmpty())
+        return;
+
+    target->setText(fileName);
+}
+
 void ConnectionWindow::OnTestConnectionButtonClick()
 {
     ui.validationWarning->hide();
@@ -248,6 +266,11 @@ bool ConnectionWindow::isSshTunnelUsed()
     return ui.useSshTunnel->checkState() == Qt::Checked;
 }
 
+bool ConnectionWindow::isSslUsed()
+{
+    return ui.useSsl->checkState() == Qt::Checked;
+}
+
 RedisClient::ConnectionConfig ConnectionWindow::getConectionConfigFromFormData()
 {    
     RedisClient::ConnectionConfig conf(ui.hostEdit->text().trimmed(),
@@ -273,5 +296,9 @@ RedisClient::ConnectionConfig ConnectionWindow::getConectionConfigFromFormData()
             (ui.sshKeysGroup->isChecked() ? ui.privateKeyPath->text().trimmed() : ""));
     }
 
+    if (isSslUsed()) {
+        conf.setParam("ssl_ca_cert_path", ui.sslCACertEdit->text());
+    }
+
     return conf;
 }
diff --git a/src/app/dialogs/connect.h b/src/app/dialogs/connect.h
@@ -27,6 +27,7 @@ class ConnectionWindow : public QDialog
     bool isSshSettingsValid();
     bool isAdvancedSettingsValid();
     bool isSshTunnelUsed();
+    bool isSslUsed();
 
     void loadValuesFromConfig(const RedisClient::ConnectionConfig& config);
 
@@ -37,5 +38,6 @@ private slots:
     void OnOkButtonClick();
     void OnShowPasswordCheckboxChanged(int);
     void OnBrowseSshKeyClick();
+    void OnBrowsePemFileClick(QLineEdit *target);
     void OnTestConnectionButtonClick();
 };
diff --git a/src/app/forms/connection.ui b/src/app/forms/connection.ui
@@ -148,14 +148,14 @@
       </attribute>
       <layout class="QGridLayout" name="gridLayout_5">
        <item row="1" column="1">
-        <widget class="QLineEdit" name="sslPublicKeyEdit">
+        <widget class="QLineEdit" name="sslCACertEdit">
          <property name="placeholderText">
           <string>Public key in PEM format</string>
          </property>
         </widget>
        </item>
        <item row="3" column="1">
-        <widget class="QLineEdit" name="sslAuthorityEdit">
+        <widget class="QLineEdit" name="sslLocalCertEdit">
          <property name="placeholderText">
           <string>(Optional) Authority in PEM format</string>
          </property>
@@ -214,7 +214,7 @@
         </widget>
        </item>
        <item row="1" column="2">
-        <widget class="QPushButton" name="pushButton">
+        <widget class="QPushButton" name="sslCACertButton">
          <property name="maximumSize">
           <size>
            <width>60</width>
@@ -227,7 +227,7 @@
         </widget>
        </item>
        <item row="2" column="2">
-        <widget class="QPushButton" name="pushButton_2">
+        <widget class="QPushButton" name="sslPrivateKeyButton">
          <property name="maximumSize">
           <size>
            <width>60</width>
@@ -240,7 +240,7 @@
         </widget>
        </item>
        <item row="3" column="2">
-        <widget class="QPushButton" name="pushButton_3">
+        <widget class="QPushButton" name="sslLocalCertButton">
          <property name="maximumSize">
           <size>
            <width>60</width>
@@ -253,7 +253,7 @@
         </widget>
        </item>
        <item row="0" column="0" colspan="3">
-        <widget class="QCheckBox" name="checkBox">
+        <widget class="QCheckBox" name="useSsl">
          <property name="layoutDirection">
           <enum>Qt::LeftToRight</enum>
          </property>
diff --git a/src/modules/redisclient/connectionconfig.cpp b/src/modules/redisclient/connectionconfig.cpp
@@ -53,6 +53,25 @@ int RedisClient::ConnectionConfig::connectionTimeout() const
     return param<int>("timeout_connect");
 }
 
+QList<QSslCertificate> RedisClient::ConnectionConfig::sslCaCertificates() const
+{
+    QString path = param<QString>("ssl_ca_cert_path");
+    if (!path.isEmpty() && QFile::exists(path))
+        return QSslCertificate::fromPath(path);
+
+    return QList<QSslCertificate>();
+}
+
+QString RedisClient::ConnectionConfig::sslPrivateKeyPath() const
+{
+    return getValidPathFromParameter("ssl_private_key_path");
+}
+
+QString RedisClient::ConnectionConfig::sslLocalCertPath() const
+{
+    return getValidPathFromParameter("ssl_local_cert_path");
+}
+
 bool RedisClient::ConnectionConfig::isSshPasswordUsed()
 {
     return !param<QString>("ssh_password").isEmpty();
@@ -93,6 +112,11 @@ bool RedisClient::ConnectionConfig::useAuth() const
     return !param<QString>("auth").isEmpty();
 }
 
+bool RedisClient::ConnectionConfig::useSsl() const
+{
+    return !param<QString>("ssl_ca_cert_path").isEmpty();
+}
+
 bool RedisClient::ConnectionConfig::isValid() const
 {
     return isNull() == false
@@ -112,11 +136,7 @@ QWeakPointer<RedisClient::Connection> RedisClient::ConnectionConfig::getOwner()
 
 QString RedisClient::ConnectionConfig::getSshPrivateKey()
 {
-    QString path = param<QString>("ssh_private_key_path");
-    if (path.isEmpty() || !QFile::exists(path))
-        return QString();
-
-    return path;
+    return getValidPathFromParameter("ssh_private_key_path");
 }
 
 QString RedisClient::ConnectionConfig::keysPattern() const
@@ -145,6 +165,9 @@ RedisClient::ConnectionConfig RedisClient::ConnectionConfig::fromXml(QDomNode &
     valueMapping.insert("sshPassword", "ssh_password");
     valueMapping.insert("sshPort", "ssh_port");
     valueMapping.insert("sshPrivateKey", "ssh_private_key_path");
+    valueMapping.insert("ssl_ca_cert_path", "");
+    valueMapping.insert("ssl_private_key_path", "");
+    valueMapping.insert("ssl_local_cert_path", "");
     valueMapping.insert("namespaceSeparator", "namespace_separator");
     valueMapping.insert("connectionTimeout", "timeout_connect");
     valueMapping.insert("executeTimeout", "timeout_execute");
@@ -212,6 +235,12 @@ QDomElement RedisClient::ConnectionConfig::toXml()
         saveXmlAttribute(dom, xml, "sshPrivateKey", param<QString>("ssh_private_key_path"));
     }
 
+    if (useSsl()) {
+        saveXmlAttribute(dom, xml, "ssl_ca_cert_path", param<QString>("ssl_ca_cert_path"));
+        saveXmlAttribute(dom, xml, "ssl_private_key_path", param<QString>("ssl_private_key_path"));
+        saveXmlAttribute(dom, xml, "ssl_local_cert_path", param<QString>("ssl_local_cert_path"));
+    }
+
     return xml;
 }
 
@@ -221,3 +250,12 @@ void RedisClient::ConnectionConfig::saveXmlAttribute(QDomDocument & document, QD
     attr.setValue(value);
     root.setAttributeNode(attr);
 }
+
+QString RedisClient::ConnectionConfig::getValidPathFromParameter(const QString &name) const
+{
+    QString path = param<QString>(name);
+    if (path.isEmpty() || !QFile::exists(path))
+        return QString();
+
+    return path;
+}
diff --git a/src/modules/redisclient/connectionconfig.h b/src/modules/redisclient/connectionconfig.h
@@ -2,6 +2,7 @@
 
 #include <QtCore>
 #include <QtXml>
+#include <QSslCertificate>
 
 #define DEFAULT_REDIS_PORT 6379
 #define DEFAULT_SSH_PORT 22
@@ -25,9 +26,14 @@ class ConnectionConfig
     int executeTimeout() const;
     int connectionTimeout() const;
 
+    QList<QSslCertificate> sslCaCertificates() const;
+    QString sslPrivateKeyPath() const;
+    QString sslLocalCertPath() const;
+
     bool isNull() const;
     bool useSshTunnel() const;
     bool useAuth() const;
+    bool useSsl() const;
     bool isValid() const;
     bool isSshPasswordUsed();
 
@@ -67,6 +73,7 @@ class ConnectionConfig
                           const QString& name,
                           const QString& value);
 
+    QString getValidPathFromParameter(const QString& param) const;
 private:
     QWeakPointer<Connection> m_owner;
     QVariantHash m_parameters;
diff --git a/src/modules/redisclient/transporters/defaulttransporter.cpp b/src/modules/redisclient/transporters/defaulttransporter.cpp
@@ -13,18 +13,22 @@ RedisClient::DefaultTransporter::~DefaultTransporter()
 
 void RedisClient::DefaultTransporter::init()
 {
+    using namespace RedisClient;
+
     if (!socket.isNull())
         return;    
 
     executionTimer = QSharedPointer<QTimer>(new QTimer);
     executionTimer->setSingleShot(true);
     connect(executionTimer.data(), SIGNAL(timeout()), this, SLOT(executionTimeout()));
 
-    socket = QSharedPointer<QTcpSocket>(new QTcpSocket());
+    socket = QSharedPointer<QSslSocket>(new QSslSocket());
     socket->setSocketOption(QAbstractSocket::KeepAliveOption, 1);
 
-    connect(socket.data(), SIGNAL(readyRead()), this, SLOT(readyRead()));
+    connect(socket.data(), &QSslSocket::readyRead, this, &DefaultTransporter::readyRead);
+    connect(socket.data(), &QSslSocket::encrypted, this, &DefaultTransporter::encrypted);
     connect(socket.data(), SIGNAL(error(QAbstractSocket::SocketError)), this, SLOT(error(QAbstractSocket::SocketError)));
+    connect(socket.data(), SIGNAL(sslErrors(const QList<QSslError> &)), this, SLOT(sslError(const QList<QSslError> &)));
 
     connectToHost();
 }
@@ -43,19 +47,50 @@ bool RedisClient::DefaultTransporter::connectToHost()
 {
     m_errorOccurred = false;
 
-    socket->connectToHost(m_connection->config.host(), m_connection->config.port());
+    RedisClient::ConnectionConfig& conf = m_connection->config;
+
+    bool connectionResult = false;
+
+    if (conf.useSsl()) {
+        QList<QSslCertificate> trustedCas = conf.sslCaCertificates(); // Required
+
+        if (trustedCas.empty()) {
+            emit errorOccurred("SSL Error: no trusted Cas");
+            return false;
+        }
+
+        socket->setCaCertificates(trustedCas);
+
+        QString privateKey = conf.sslPrivateKeyPath();
+        if (!privateKey.isEmpty()) {
+            socket->setPrivateKey(privateKey);
+        }
+
+        QString localCert = conf.sslLocalCertPath();
+        if (!localCert.isEmpty()) {
+            socket->setLocalCertificate(localCert);
+        }
+
+        socket->connectToHostEncrypted(conf.host(), conf.port());
+        connectionResult = socket->waitForEncrypted(conf.connectionTimeout())
+                && socket->waitForConnected(conf.connectionTimeout());
 
-    if (socket->waitForConnected(m_connection->config.connectionTimeout()))
+    } else {
+        socket->connectToHost(conf.host(), conf.port());
+        connectionResult = socket->waitForConnected(conf.connectionTimeout());
+    }
+
+    if (connectionResult)
     {
         emit connected();
-        emit logEvent(QString("%1 > connected").arg(m_connection->config.name()));
+        emit logEvent(QString("%1 > connected").arg(conf.name()));
         return true;
     }
 
     if (!m_errorOccurred)
         emit errorOccurred("Connection timeout");
 
-    emit logEvent(QString("%1 > connection failed").arg(m_connection->config.name()));
+    emit logEvent(QString("%1 > connection failed").arg(conf.name()));
     return false;
 }
 
@@ -137,3 +172,15 @@ void RedisClient::DefaultTransporter::reconnect()
     socket->abort();
     connectToHost();
 }
+
+void RedisClient::DefaultTransporter::sslError(const QList<QSslError> errors)
+{
+    m_errorOccurred = true;
+    QSslError first = errors.at(0);
+    emit errorOccurred(QString("SSL error: %1").arg(first.errorString()));
+}
+
+void RedisClient::DefaultTransporter::encrypted()
+{
+    emit logEvent("SSL encryption: OK");
+}
diff --git a/src/modules/redisclient/transporters/defaulttransporter.h b/src/modules/redisclient/transporters/defaulttransporter.h
@@ -22,6 +22,8 @@ private slots:
     void error(QAbstractSocket::SocketError error);
     void stateChanged(QAbstractSocket::SocketState socketState);
     void reconnect();
+    void sslError(const QList<QSslError> errors);
+    void encrypted();
 private:
     QSharedPointer<QSslSocket> socket;
     bool m_errorOccurred;
