refactor: move peerCert option to coreArgs

2025-09-24 22:46:16 -04:00
parent cfd580fb21
commit cfedfc2c1e
8 changed files with 39 additions and 26 deletions
--- a/src/lib/deskflow/ArgParser.cpp
+++ b/src/lib/deskflow/ArgParser.cpp
@ -37,8 +37,6 @@ bool ArgParser::parseServerArgs(deskflow::ServerArgs &args, int argc, const char
    } else if (isArg(i, argc, argv, "-c", "--config", 1)) {
      // save configuration file path
      args.m_configFile = argv[++i];
-    } else if (isArg(i, argc, argv, nullptr, "--disable-client-cert-check")) {
-      args.m_chkPeerCert = false;
    } else {
      LOG_CRIT("%s: unrecognized option `%s'" BYE, "deskflow-core", argv[i], "deskflow-core");
      return false;
--- a/src/lib/deskflow/CoreArgParser.cpp
+++ b/src/lib/deskflow/CoreArgParser.cpp
@ -109,6 +109,13 @@ void CoreArgParser::parse()
         (m_parser.value(CoreArgs::useHooksOption) == "1"));
    Settings::setValue(Settings::Core::UseHooks, value);
  }
+
+  if (m_parser.isSet(CoreArgs::peerCheckOption)) {
+    bool value =
+        ((m_parser.value(CoreArgs::peerCheckOption).toLower() == "true") ||
+         (m_parser.value(CoreArgs::peerCheckOption) == "1"));
+    Settings::setValue(Settings::Security::CheckPeers, value);
+  }
 }

 [[noreturn]] void CoreArgParser::showHelpText() const
--- a/src/lib/deskflow/CoreArgs.h
+++ b/src/lib/deskflow/CoreArgs.h
@ -58,20 +58,13 @@ struct CoreArgs
  inline static const auto useHooksOption =
      QCommandLineOption("useHooks", "Sets if hooks are used for windows desks", "value");

-  inline static const auto options = {
-    helpOption,
-    versionOption,
-    configOption,
-    interfaceOption,
-    portOption,
-    nameOption,
-    logLevelOption,
-    logFileOption,
-    secureOption,
-    tlsCertOption,
-    preventSleepOption,
-    restartOption,
-    displayOption,
-    useHooksOption
-  };
+  // Server Options
+  inline static const auto peerCheckOption = QCommandLineOption(
+      "peerCertCheck", "Server Mode: Enable client SSL certificate checking (default: true)", "value"
+  );
+
+  inline static const auto options = {helpOption,     versionOption,  configOption,       interfaceOption,
+                                      portOption,     nameOption,     logLevelOption,     logFileOption,
+                                      secureOption, tlsCertOption,  preventSleepOption, restartOption,
+                                      displayOption,  useHooksOption, peerCheckOption};
 };
--- a/src/lib/deskflow/ServerApp.cpp
+++ b/src/lib/deskflow/ServerApp.cpp
@ -107,8 +107,6 @@ void ServerApp::help()
  help << "\n\nServer Mode:\n\n"
       << "Usage: " << kAppId << "-core server \n"
       << "  -c, --config <pathname>  path of the configuration file\n"
-       << "      --disable-client-cert-check disable client SSL certificate \n"
-          "                                     checking (deprecated)\n"
       << s_helpVersionArgs << "\n"
       << s_helpNoWayland;

@ -507,7 +505,7 @@ ClientListener *ServerApp::openClientListener(const NetworkAddress &address)
  using enum SecurityLevel;
  auto securityLevel = PlainText;
  if (Settings::value(Settings::Security::TlsEnabled).toBool()) {
-    if (args().m_chkPeerCert) {
+    if (Settings::value(Settings::Security::CheckPeers).toBool()) {
      securityLevel = PeerAuth;
    } else {
      securityLevel = Encrypted;
--- a/src/lib/deskflow/ServerArgs.h
+++ b/src/lib/deskflow/ServerArgs.h
@ -29,7 +29,6 @@ public:
 public:
  std::string m_configFile = "";
  std::shared_ptr<Config> m_config;
-  bool m_chkPeerCert = true;
 };

 } // namespace deskflow
--- a/src/lib/gui/core/CoreProcess.cpp
+++ b/src/lib/gui/core/CoreProcess.cpp
@ -459,10 +459,6 @@ bool CoreProcess::addServerArgs(QStringList &args)
    args << "--log" << Settings::value(Settings::Log::File).toString();
  }

-  if (!Settings::value(Settings::Security::CheckPeers).toBool()) {
-    args << "--disable-client-cert-check";
-  }
-
  QString configFilename = persistServerConfig();
  if (configFilename.isEmpty()) {
    qFatal("config file name empty for server args");
--- a/src/unittests/deskflow/CoreArgParserTests.cpp
+++ b/src/unittests/deskflow/CoreArgParserTests.cpp
@ -290,6 +290,26 @@ void CoreArgParserTests::hookOptions_true()
  QVERIFY(Settings::value(Settings::Core::UseHooks).toBool());
 }

+void CoreArgParserTests::server_peerCheck_false()
+{
+  QStringList args = {"stub", "server", "--peerCertCheck", "false"};
+
+  CoreArgParser parser(args);
+  parser.parse();
+
+  QVERIFY(!Settings::value(Settings::Security::CheckPeers).toBool());
+}
+
+void CoreArgParserTests::server_peerCheck_true()
+{
+  QStringList args = {"stub", "server", "--peerCertCheck", "true"};
+
+  CoreArgParser parser(args);
+  parser.parse();
+
+  QVERIFY(Settings::value(Settings::Security::CheckPeers).toBool());
+}
+
 void CoreArgParserTests::preventSleep_true()
 {
  QStringList args = {"stub", "client", "--prevent-sleep", "true"};
--- a/src/unittests/deskflow/CoreArgParserTests.h
+++ b/src/unittests/deskflow/CoreArgParserTests.h
@ -42,6 +42,8 @@ private Q_SLOTS:
  void restartShortOption_true();
  void hookOptions_false();
  void hookOptions_true();
+  void server_peerCheck_false();
+  void server_peerCheck_true();

 private:
  inline static const QString m_settingsPath = QStringLiteral("tmp/test");