qBittorrent/src/base/utils/net.cpp

/*
 * Bittorrent Client using Qt and libtorrent.
 * Copyright (C) 2016  Alexandr Milovantsev <dzmat@yandex.ru>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 * In addition, as a special exception, the copyright holders give permission to
 * link this program with the OpenSSL project's "OpenSSL" library (or with
 * modified versions of it that use the same license as the "OpenSSL" library),
 * and distribute the linked executables. You must obey the GNU General Public
 * License in all respects for all of the code used other than "OpenSSL".  If you
 * modify file(s), you may extend this exception to your version of the file(s),
 * but you are not obligated to do so. If you do not wish to do so, delete this
 * exception statement from your version.
 */

#include "net.h"

#include <QSslCertificate>
#include <QSslKey>
#include <QString>

namespace Utils
{
    namespace Net
    {
        bool isValidIP(const QString &ip)
        {
            return !QHostAddress(ip).isNull();
        }

        Subnet parseSubnet(const QString &subnetStr, bool *ok)
        {
            const Subnet invalid = qMakePair(QHostAddress(), -1);
            const Subnet subnet = QHostAddress::parseSubnet(subnetStr);
            if (ok)
                *ok = (subnet != invalid);
            return subnet;
        }

        bool canParseSubnet(const QString &subnetStr)
        {
            bool ok = false;
            parseSubnet(subnetStr, &ok);
            return ok;
        }

        bool isLoopbackAddress(const QHostAddress &addr)
        {
            return (addr == QHostAddress::LocalHost)
                    || (addr == QHostAddress::LocalHostIPv6)
                    || (addr == QHostAddress(QLatin1String("::ffff:127.0.0.1")));
        }

        bool isIPInRange(const QHostAddress &addr, const QVector<Subnet> &subnets)
        {
            QHostAddress protocolEquivalentAddress;
            bool addrConversionOk = false;

            if (addr.protocol() == QAbstractSocket::IPv4Protocol) {
                // always succeeds
                protocolEquivalentAddress = QHostAddress(addr.toIPv6Address());
                addrConversionOk = true;
            }
            else {
                // only succeeds when addr is an ipv4-mapped ipv6 address
                protocolEquivalentAddress = QHostAddress(addr.toIPv4Address(&addrConversionOk));
            }

            for (const Subnet &subnet : subnets)
                if (addr.isInSubnet(subnet) || (addrConversionOk && protocolEquivalentAddress.isInSubnet(subnet)))
                    return true;

            return false;
        }

        QString subnetToString(const Subnet &subnet)
        {
            return subnet.first.toString() + '/' + QString::number(subnet.second);
        }

        QList<QSslCertificate> loadSSLCertificate(const QByteArray &data)
        {
            const QList<QSslCertificate> certs {QSslCertificate::fromData(data)};
            if (std::any_of(certs.cbegin(), certs.cend(), [](const QSslCertificate &c) { return c.isNull(); }))
                return {};
            return certs;
        }

        bool isSSLCertificatesValid(const QByteArray &data)
        {
            return !loadSSLCertificate(data).isEmpty();
        }

        QSslKey loadSSLKey(const QByteArray &data)
        {
            // try different formats
            QSslKey key {data, QSsl::Rsa};
            if (!key.isNull())
                return key;
            return {data, QSsl::Ec};
        }

        bool isSSLKeyValid(const QByteArray &data)
        {
            return !loadSSLKey(data).isNull();
        }
    }
}
implemented UI for managment of locally banned IP list (Closes #1837 ) 2017-03-06 15:40:34 +03:00			`/*`
			`* Bittorrent Client using Qt and libtorrent.`
			`* Copyright (C) 2016 Alexandr Milovantsev <dzmat@yandex.ru>`
			`*`
			`* This program is free software; you can redistribute it and/or`
			`* modify it under the terms of the GNU General Public License`
			`* as published by the Free Software Foundation; either version 2`
			`* of the License, or (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program; if not, write to the Free Software`
			`* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.`
			`*`
			`* In addition, as a special exception, the copyright holders give permission to`
			`* link this program with the OpenSSL project's "OpenSSL" library (or with`
			`* modified versions of it that use the same license as the "OpenSSL" library),`
			`* and distribute the linked executables. You must obey the GNU General Public`
			`* License in all respects for all of the code used other than "OpenSSL". If you`
			`* modify file(s), you may extend this exception to your version of the file(s),`
			`* but you are not obligated to do so. If you do not wish to do so, delete this`
			`* exception statement from your version.`
			`*/`

			`#include "net.h"`
Fix coding style 2018-04-14 22:53:45 +03:00
Load WebUI certificate & key from file path This allow users to update certificate & key more easily, i.e. without the need to import them into qbt. Closes #6675, #7547, #8315, #8564. 2019-01-17 04:42:01 +03:00			`#include <QSslCertificate>`
			`#include <QSslKey>`
implemented UI for managment of locally banned IP list (Closes #1837 ) 2017-03-06 15:40:34 +03:00			`#include <QString>`

			`namespace Utils`
			`{`
			`namespace Net`
			`{`
			`bool isValidIP(const QString &ip)`
			`{`
			`return !QHostAddress(ip).isNull();`
			`}`
Add ip subnet whitelist for bypassing webui auth 2017-09-27 20:55:20 +03:00
			`Subnet parseSubnet(const QString &subnetStr, bool *ok)`
			`{`
			`const Subnet invalid = qMakePair(QHostAddress(), -1);`
			`const Subnet subnet = QHostAddress::parseSubnet(subnetStr);`
			`if (ok)`
			`*ok = (subnet != invalid);`
			`return subnet;`
			`}`

			`bool canParseSubnet(const QString &subnetStr)`
			`{`
			`bool ok = false;`
			`parseSubnet(subnetStr, &ok);`
			`return ok;`
			`}`

			`bool isLoopbackAddress(const QHostAddress &addr)`
			`{`
			`return (addr == QHostAddress::LocalHost)`
			`\|\| (addr == QHostAddress::LocalHostIPv6)`
			`\|\| (addr == QHostAddress(QLatin1String("::ffff:127.0.0.1")));`
			`}`

Replace QList by QVector 2019-08-02 07:55:06 +03:00			`bool isIPInRange(const QHostAddress &addr, const QVector<Subnet> &subnets)`
Add ip subnet whitelist for bypassing webui auth 2017-09-27 20:55:20 +03:00			`{`
			`QHostAddress protocolEquivalentAddress;`
			`bool addrConversionOk = false;`

			`if (addr.protocol() == QAbstractSocket::IPv4Protocol) {`
			`// always succeeds`
			`protocolEquivalentAddress = QHostAddress(addr.toIPv6Address());`
			`addrConversionOk = true;`
			`}`
			`else {`
			`// only succeeds when addr is an ipv4-mapped ipv6 address`
			`protocolEquivalentAddress = QHostAddress(addr.toIPv4Address(&addrConversionOk));`
			`}`

			`for (const Subnet &subnet : subnets)`
			`if (addr.isInSubnet(subnet) \|\| (addrConversionOk && protocolEquivalentAddress.isInSubnet(subnet)))`
			`return true;`

			`return false;`
			`}`

			`QString subnetToString(const Subnet &subnet)`
			`{`
			`return subnet.first.toString() + '/' + QString::number(subnet.second);`
			`}`
Load WebUI certificate & key from file path This allow users to update certificate & key more easily, i.e. without the need to import them into qbt. Closes #6675, #7547, #8315, #8564. 2019-01-17 04:42:01 +03:00
			`QList<QSslCertificate> loadSSLCertificate(const QByteArray &data)`
			`{`
			`const QList<QSslCertificate> certs {QSslCertificate::fromData(data)};`
			`if (std::any_of(certs.cbegin(), certs.cend(), [](const QSslCertificate &c) { return c.isNull(); }))`
			`return {};`
			`return certs;`
			`}`

			`bool isSSLCertificatesValid(const QByteArray &data)`
			`{`
			`return !loadSSLCertificate(data).isEmpty();`
			`}`

			`QSslKey loadSSLKey(const QByteArray &data)`
			`{`
			`// try different formats`
			`QSslKey key {data, QSsl::Rsa};`
			`if (!key.isNull())`
			`return key;`
Avoid repeating the return type 2019-02-14 20:16:42 +03:00			`return {data, QSsl::Ec};`
Load WebUI certificate & key from file path This allow users to update certificate & key more easily, i.e. without the need to import them into qbt. Closes #6675, #7547, #8315, #8564. 2019-01-17 04:42:01 +03:00			`}`

			`bool isSSLKeyValid(const QByteArray &data)`
			`{`
			`return !loadSSLKey(data).isNull();`
			`}`
implemented UI for managment of locally banned IP list (Closes #1837 ) 2017-03-06 15:40:34 +03:00			`}`
			`}`