From e996471e371e2ed99084cd68d813b873fe2cbe32 Mon Sep 17 00:00:00 2001 From: sithlord48 Date: Thu, 28 Nov 2024 07:28:55 -0500 Subject: [PATCH] refactor: use enum for connections security level based on barrier: 5c7d719 --- src/lib/client/Client.cpp | 6 ++++-- src/lib/deskflow/ServerApp.cpp | 5 ++++- src/lib/net/CMakeLists.txt | 1 + src/lib/net/ISocketFactory.h | 10 ++++++++-- .../net/InverseSockets/InverseSocketFactory.cpp | 10 ++++++---- .../net/InverseSockets/InverseSocketFactory.h | 9 +++++++-- src/lib/net/SecurityLevel.h | 17 +++++++++++++++++ src/lib/net/TCPSocketFactory.cpp | 9 +++++---- src/lib/net/TCPSocketFactory.h | 9 +++++++-- src/lib/server/ClientListener.cpp | 9 +++++---- src/lib/server/ClientListener.h | 6 ++++-- src/test/integtests/net/NetworkTests.cpp | 9 +++++---- 12 files changed, 73 insertions(+), 27 deletions(-) create mode 100644 src/lib/net/SecurityLevel.h diff --git a/src/lib/client/Client.cpp b/src/lib/client/Client.cpp index ebaf557d7..ed28b794a 100644 --- a/src/lib/client/Client.cpp +++ b/src/lib/client/Client.cpp @@ -1,5 +1,6 @@ /* * Deskflow -- mouse and keyboard sharing utility + * SPDX-FileCopyrightText: (C) 2025 Deskflow Developers * SPDX-FileCopyrightText: (C) 2012 - 2016 Symless Ltd. * SPDX-FileCopyrightText: (C) 2002 Chris Schoeneman * SPDX-License-Identifier: GPL-2.0-only WITH LicenseRef-OpenSSL-Exception @@ -130,6 +131,8 @@ void Client::connect(size_t addressIndex) return; } + auto securityLevel = m_useSecureNetwork ? SecurityLevel::Encrypted : SecurityLevel::PlainText; + try { if (m_args.m_hostMode) { LOG((CLOG_NOTE "waiting for server connection on %i port", m_serverAddress.getPort())); @@ -152,8 +155,7 @@ void Client::connect(size_t addressIndex) } // create the socket - IDataSocket *socket = - m_socketFactory->create(m_useSecureNetwork, ARCH->getAddrFamily(m_serverAddress.getAddress())); + IDataSocket *socket = m_socketFactory->create(ARCH->getAddrFamily(m_serverAddress.getAddress()), securityLevel); bindNetworkInterface(socket); // filter socket messages, including a packetizing filter diff --git a/src/lib/deskflow/ServerApp.cpp b/src/lib/deskflow/ServerApp.cpp index 7500ac50f..9715c8882 100644 --- a/src/lib/deskflow/ServerApp.cpp +++ b/src/lib/deskflow/ServerApp.cpp @@ -1,5 +1,6 @@ /* * Deskflow -- mouse and keyboard sharing utility + * SPDX-FileCopyrightText: (C) 2025 Deskflow Developers * SPDX-FileCopyrightText: (C) 2012 Symless Ltd. * SPDX-FileCopyrightText: (C) 2002 Chris Schoeneman * SPDX-License-Identifier: GPL-2.0-only WITH LicenseRef-OpenSSL-Exception @@ -611,7 +612,9 @@ void ServerApp::handleResume(const Event &, void *) ClientListener *ServerApp::openClientListener(const NetworkAddress &address) { - ClientListener *listen = new ClientListener(getAddress(address), getSocketFactory(), m_events, args().m_enableCrypto); + auto securityLevel = args().m_enableCrypto ? SecurityLevel::Encrypted : SecurityLevel::PlainText; + + ClientListener *listen = new ClientListener(getAddress(address), getSocketFactory(), m_events, securityLevel); m_events->adoptHandler( m_events->forClientListener().connected(), listen, diff --git a/src/lib/net/CMakeLists.txt b/src/lib/net/CMakeLists.txt index 684d62af3..742a8ce31 100644 --- a/src/lib/net/CMakeLists.txt +++ b/src/lib/net/CMakeLists.txt @@ -18,6 +18,7 @@ add_library(net STATIC NetworkAddress.h SecureListenSocket.cpp SecureListenSocket.h + SecurityLevel.h SecureSocket.cpp SecureSocket.h SocketMultiplexer.cpp diff --git a/src/lib/net/ISocketFactory.h b/src/lib/net/ISocketFactory.h index 4fe87b9e0..29e8af285 100644 --- a/src/lib/net/ISocketFactory.h +++ b/src/lib/net/ISocketFactory.h @@ -1,5 +1,6 @@ /* * Deskflow -- mouse and keyboard sharing utility + * SPDX-FileCopyrightText: (C) 2025 Deskflow Developers * SPDX-FileCopyrightText: (C) 2012 - 2016 Symless Ltd. * SPDX-FileCopyrightText: (C) 2002 Chris Schoeneman * SPDX-License-Identifier: GPL-2.0-only WITH LicenseRef-OpenSSL-Exception @@ -9,6 +10,7 @@ #include "arch/IArchNetwork.h" #include "common/IInterface.h" +#include "net/SecurityLevel.h" class IDataSocket; class IListenSocket; @@ -25,10 +27,14 @@ public: //@{ //! Create data socket - virtual IDataSocket *create(bool secure, IArchNetwork::EAddressFamily family = IArchNetwork::kINET) const = 0; + virtual IDataSocket *create( + IArchNetwork::EAddressFamily family = IArchNetwork::kINET, SecurityLevel securityLevel = SecurityLevel::PlainText + ) const = 0; //! Create listen socket - virtual IListenSocket *createListen(bool secure, IArchNetwork::EAddressFamily family = IArchNetwork::kINET) const = 0; + virtual IListenSocket *createListen( + IArchNetwork::EAddressFamily family = IArchNetwork::kINET, SecurityLevel securityLevel = SecurityLevel::PlainText + ) const = 0; //@} }; diff --git a/src/lib/net/InverseSockets/InverseSocketFactory.cpp b/src/lib/net/InverseSockets/InverseSocketFactory.cpp index 9173308ce..00cc5edbd 100644 --- a/src/lib/net/InverseSockets/InverseSocketFactory.cpp +++ b/src/lib/net/InverseSockets/InverseSocketFactory.cpp @@ -1,5 +1,6 @@ /* * Deskflow -- mouse and keyboard sharing utility + * SPDX-FileCopyrightText: (C) 2025 Deskflow Developers * SPDX-FileCopyrightText: (C) 2012 - 2022 Symless Ltd. * SPDX-License-Identifier: GPL-2.0-only WITH LicenseRef-OpenSSL-Exception */ @@ -20,9 +21,9 @@ InverseSocketFactory::InverseSocketFactory(IEventQueue *events, SocketMultiplexe { } -IDataSocket *InverseSocketFactory::create(bool secure, IArchNetwork::EAddressFamily family) const +IDataSocket *InverseSocketFactory::create(IArchNetwork::EAddressFamily family, SecurityLevel securityLevel) const { - if (secure) { + if (securityLevel != SecurityLevel::PlainText) { auto secureSocket = new SecureClientSocket(m_events, m_socketMultiplexer, family); return secureSocket; } else { @@ -30,11 +31,12 @@ IDataSocket *InverseSocketFactory::create(bool secure, IArchNetwork::EAddressFam } } -IListenSocket *InverseSocketFactory::createListen(bool secure, IArchNetwork::EAddressFamily family) const +IListenSocket * +InverseSocketFactory::createListen(IArchNetwork::EAddressFamily family, SecurityLevel securityLevel) const { IListenSocket *socket = nullptr; - if (secure) { + if (securityLevel != SecurityLevel::PlainText) { socket = new SecureServerSocket(m_events, m_socketMultiplexer, family); } else { socket = new InverseServerSocket(m_events, m_socketMultiplexer, family); diff --git a/src/lib/net/InverseSockets/InverseSocketFactory.h b/src/lib/net/InverseSockets/InverseSocketFactory.h index 8b36dadc0..10de223b0 100644 --- a/src/lib/net/InverseSockets/InverseSocketFactory.h +++ b/src/lib/net/InverseSockets/InverseSocketFactory.h @@ -1,5 +1,6 @@ /* * Deskflow -- mouse and keyboard sharing utility + * SPDX-FileCopyrightText: (C) 2025 Deskflow Developers * SPDX-FileCopyrightText: (C) 2012 - 2022 Symless Ltd. * SPDX-License-Identifier: GPL-2.0-only WITH LicenseRef-OpenSSL-Exception */ @@ -16,8 +17,12 @@ public: InverseSocketFactory(IEventQueue *events, SocketMultiplexer *socketMultiplexer); // ISocketFactory overrides - IDataSocket *create(bool secure, IArchNetwork::EAddressFamily family = IArchNetwork::kINET) const override; - IListenSocket *createListen(bool secure, IArchNetwork::EAddressFamily family = IArchNetwork::kINET) const override; + IDataSocket *create( + IArchNetwork::EAddressFamily family = IArchNetwork::kINET, SecurityLevel securityLevel = SecurityLevel::PlainText + ) const override; + IListenSocket *createListen( + IArchNetwork::EAddressFamily family = IArchNetwork::kINET, SecurityLevel securityLevel = SecurityLevel::PlainText + ) const override; private: IEventQueue *m_events = nullptr; diff --git a/src/lib/net/SecurityLevel.h b/src/lib/net/SecurityLevel.h new file mode 100644 index 000000000..7866f31e1 --- /dev/null +++ b/src/lib/net/SecurityLevel.h @@ -0,0 +1,17 @@ +/* + * Deskflow -- mouse and keyboard sharing utility + * SPDX-FileCopyrightText: (C) 2025 Deskflow Developers + * SPDX-License-Identifier: GPL-2.0-only WITH LicenseRef-OpenSSL-Exception + */ + +#pragma once + +/** + * \enum SecurityLevel + * \brief This enum is used to set how the client and server will communicate. + */ +enum class SecurityLevel +{ + PlainText, /** Connections will not be encrypted */ + Encrypted /** Connections will be encrypted */ +}; diff --git a/src/lib/net/TCPSocketFactory.cpp b/src/lib/net/TCPSocketFactory.cpp index 70c42fa89..2a4f2a502 100644 --- a/src/lib/net/TCPSocketFactory.cpp +++ b/src/lib/net/TCPSocketFactory.cpp @@ -1,5 +1,6 @@ /* * Deskflow -- mouse and keyboard sharing utility + * SPDX-FileCopyrightText: (C) 2025 Deskflow Developers * SPDX-FileCopyrightText: (C) 2012 - 2016 Symless Ltd. * SPDX-FileCopyrightText: (C) 2002 Chris Schoeneman * SPDX-License-Identifier: GPL-2.0-only WITH LicenseRef-OpenSSL-Exception @@ -29,9 +30,9 @@ TCPSocketFactory::~TCPSocketFactory() // do nothing } -IDataSocket *TCPSocketFactory::create(bool secure, IArchNetwork::EAddressFamily family) const +IDataSocket *TCPSocketFactory::create(IArchNetwork::EAddressFamily family, SecurityLevel securityLevel) const { - if (secure) { + if (securityLevel != SecurityLevel::PlainText) { SecureSocket *secureSocket = new SecureSocket(m_events, m_socketMultiplexer, family); secureSocket->initSsl(false); return secureSocket; @@ -40,10 +41,10 @@ IDataSocket *TCPSocketFactory::create(bool secure, IArchNetwork::EAddressFamily } } -IListenSocket *TCPSocketFactory::createListen(bool secure, IArchNetwork::EAddressFamily family) const +IListenSocket *TCPSocketFactory::createListen(IArchNetwork::EAddressFamily family, SecurityLevel securityLevel) const { IListenSocket *socket = NULL; - if (secure) { + if (securityLevel != SecurityLevel::PlainText) { socket = new SecureListenSocket(m_events, m_socketMultiplexer, family); } else { socket = new TCPListenSocket(m_events, m_socketMultiplexer, family); diff --git a/src/lib/net/TCPSocketFactory.h b/src/lib/net/TCPSocketFactory.h index 17dcc15b0..4995f708c 100644 --- a/src/lib/net/TCPSocketFactory.h +++ b/src/lib/net/TCPSocketFactory.h @@ -1,5 +1,6 @@ /* * Deskflow -- mouse and keyboard sharing utility + * SPDX-FileCopyrightText: (C) 2025 Deskflow Developers * SPDX-FileCopyrightText: (C) 2012 - 2016 Symless Ltd. * SPDX-FileCopyrightText: (C) 2002 Chris Schoeneman * SPDX-License-Identifier: GPL-2.0-only WITH LicenseRef-OpenSSL-Exception @@ -21,8 +22,12 @@ public: virtual ~TCPSocketFactory(); // ISocketFactory overrides - virtual IDataSocket *create(bool secure, IArchNetwork::EAddressFamily family = IArchNetwork::kINET) const; - virtual IListenSocket *createListen(bool secure, IArchNetwork::EAddressFamily family = IArchNetwork::kINET) const; + virtual IDataSocket *create( + IArchNetwork::EAddressFamily family = IArchNetwork::kINET, SecurityLevel securityLevel = SecurityLevel::PlainText + ) const; + virtual IListenSocket *createListen( + IArchNetwork::EAddressFamily family = IArchNetwork::kINET, SecurityLevel securityLevel = SecurityLevel::PlainText + ) const; private: IEventQueue *m_events; diff --git a/src/lib/server/ClientListener.cpp b/src/lib/server/ClientListener.cpp index 8b3728e76..a48f4bdf5 100644 --- a/src/lib/server/ClientListener.cpp +++ b/src/lib/server/ClientListener.cpp @@ -1,5 +1,6 @@ /* * Deskflow -- mouse and keyboard sharing utility + * SPDX-FileCopyrightText: (C) 2025 Deskflow Developers * SPDX-FileCopyrightText: (C) 2012 - 2016 Symless Ltd. * SPDX-FileCopyrightText: (C) 2004 Chris Schoeneman * SPDX-License-Identifier: GPL-2.0-only WITH LicenseRef-OpenSSL-Exception @@ -24,12 +25,12 @@ // ClientListener::ClientListener( - const NetworkAddress &address, ISocketFactory *socketFactory, IEventQueue *events, bool enableCrypto + const NetworkAddress &address, ISocketFactory *socketFactory, IEventQueue *events, SecurityLevel securityLevel ) : m_socketFactory(socketFactory), m_server(NULL), m_events(events), - m_useSecureNetwork(enableCrypto), + m_securityLevel(securityLevel), m_address(address) { assert(m_socketFactory != NULL); @@ -73,7 +74,7 @@ ClientProxy *ClientListener::getNextClient() void ClientListener::start() { - m_listen = m_socketFactory->createListen(m_useSecureNetwork, ARCH->getAddrFamily(m_address.getAddress())); + m_listen = m_socketFactory->createListen(ARCH->getAddrFamily(m_address.getAddress()), m_securityLevel); // setup event handler m_events->adoptHandler( @@ -147,7 +148,7 @@ void ClientListener::handleClientConnecting(const Event &, void *) // When using non SSL, server accepts clients immediately, while SSL // has to call secure accept which may require retry - if (!m_useSecureNetwork) { + if (m_securityLevel == SecurityLevel::PlainText) { m_events->addEvent(Event(m_events->forClientListener().accepted(), socket->getEventTarget())); } } diff --git a/src/lib/server/ClientListener.h b/src/lib/server/ClientListener.h index ac828bc84..0b74db697 100644 --- a/src/lib/server/ClientListener.h +++ b/src/lib/server/ClientListener.h @@ -1,5 +1,6 @@ /* * Deskflow -- mouse and keyboard sharing utility + * SPDX-FileCopyrightText: (C) 2025 Deskflow Developers * SPDX-FileCopyrightText: (C) 2012 - 2016 Symless Ltd. * SPDX-FileCopyrightText: (C) 2004 Chris Schoeneman * SPDX-License-Identifier: GPL-2.0-only WITH LicenseRef-OpenSSL-Exception @@ -11,6 +12,7 @@ #include "base/EventTypes.h" #include "common/stddeque.h" #include "common/stdset.h" +#include "net/SecurityLevel.h" #include "server/Config.h" class ClientProxy; @@ -26,7 +28,7 @@ class ClientListener { public: // The factories are adopted. - ClientListener(const NetworkAddress &, ISocketFactory *, IEventQueue *events, bool enableCrypto); + ClientListener(const NetworkAddress &, ISocketFactory *, IEventQueue *events, SecurityLevel securityLevel); ClientListener(ClientListener const &) = delete; ClientListener(ClientListener &&) = delete; ~ClientListener(); @@ -88,7 +90,7 @@ private: WaitingClients m_waitingClients; Server *m_server; IEventQueue *m_events; - bool m_useSecureNetwork; + SecurityLevel m_securityLevel; ClientSockets m_clientSockets; NetworkAddress m_address; }; diff --git a/src/test/integtests/net/NetworkTests.cpp b/src/test/integtests/net/NetworkTests.cpp index 8b6f7be65..1ba8962ff 100644 --- a/src/test/integtests/net/NetworkTests.cpp +++ b/src/test/integtests/net/NetworkTests.cpp @@ -1,5 +1,6 @@ /* * Deskflow -- mouse and keyboard sharing utility + * SPDX-FileCopyrightText: (C) 2025 Deskflow Developers * SPDX-FileCopyrightText: (C) 2013 - 2016 Symless Ltd. * SPDX-License-Identifier: GPL-2.0-only WITH LicenseRef-OpenSSL-Exception */ @@ -101,7 +102,7 @@ TEST_F(NetworkTests, sendToClient_mockData) { SocketMultiplexer serverSocketMultiplexer; TCPSocketFactory *serverSocketFactory = new TCPSocketFactory(&m_events, &serverSocketMultiplexer); - ClientListener listener(serverAddress, serverSocketFactory, &m_events, false); + ClientListener listener(serverAddress, serverSocketFactory, &m_events, SecurityLevel::PlainText); NiceMock serverScreen; NiceMock primaryClient; NiceMock serverConfig; @@ -165,7 +166,7 @@ TEST_F(NetworkTests, sendToClient_mockFile) { SocketMultiplexer serverSocketMultiplexer; TCPSocketFactory *serverSocketFactory = new TCPSocketFactory(&m_events, &serverSocketMultiplexer); - ClientListener listener(serverAddress, serverSocketFactory, &m_events, false); + ClientListener listener(serverAddress, serverSocketFactory, &m_events, SecurityLevel::PlainText); NiceMock serverScreen; NiceMock primaryClient; NiceMock serverConfig; @@ -228,7 +229,7 @@ TEST_F(NetworkTests, sendToServer_mockData) { SocketMultiplexer serverSocketMultiplexer; TCPSocketFactory *serverSocketFactory = new TCPSocketFactory(&m_events, &serverSocketMultiplexer); - ClientListener listener(serverAddress, serverSocketFactory, &m_events, false); + ClientListener listener(serverAddress, serverSocketFactory, &m_events, SecurityLevel::PlainText); NiceMock serverScreen; NiceMock primaryClient; NiceMock serverConfig; @@ -292,7 +293,7 @@ TEST_F(NetworkTests, sendToServer_mockFile) { SocketMultiplexer serverSocketMultiplexer; TCPSocketFactory *serverSocketFactory = new TCPSocketFactory(&m_events, &serverSocketMultiplexer); - ClientListener listener(serverAddress, serverSocketFactory, &m_events, false); + ClientListener listener(serverAddress, serverSocketFactory, &m_events, SecurityLevel::PlainText); NiceMock serverScreen; NiceMock primaryClient; NiceMock serverConfig;