[FEATURE] Authentication configuration system with master password

- Main C++ core and gui classes and desktop app integration - Support for authentication method plugins - Does not contain any integration with service connections
qgis · Sep 21, 2015 · e65aa99 · e65aa99
1 parent 3a379d0
commit e65aa99
Show file tree

Hide file tree

Showing 105 changed files with 19,966 additions and 70 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -308,6 +308,13 @@ ENDIF (WITH_TOUCH)
 # search for QScintilla2 (C++ lib)
 FIND_PACKAGE(QScintilla REQUIRED)
 
+# Master password hash and authentication encryption
+FIND_PACKAGE(QCA REQUIRED)
+# Check for runtime dependency of qca-ossl plugin
+# REQUIRED if unit tests are to be run from build directory
+include(QCAMacros)
+FIND_QCAOSSL_PLUGIN_CPP(ENABLE_TESTS)
+
 # ModelTest
 SET(ENABLE_MODELTEST FALSE CACHE BOOL "Enable QT ModelTest (not for production)")
 

diff --git a/ci/travis/linux/before_install.sh b/ci/travis/linux/before_install.sh
@@ -11,6 +11,7 @@ sudo apt-get install --force-yes --no-install-recommends --no-install-suggests \
                          libgdal1-dev libgeos-dev libgsl0-dev libpq-dev \
                          libproj-dev libqscintilla2-dev libqt4-dev \
                          libqt4-opengl-dev libqt4-sql-sqlite libqtwebkit-dev \
+                         libqca2-dev libqca2-plugin-ossl \
                          libqwt-dev libspatialindex-dev libspatialite-dev \
                          libsqlite3-dev lighttpd pkg-config poppler-utils \
                          pyqt4-dev-tools python python-dev python-qt4 \

diff --git a/ci/travis/osx/before_install.sh b/ci/travis/osx/before_install.sh
@@ -1,6 +1,7 @@
 brew tap osgeo/osgeo4mac
 brew update
-brew install osgeo/osgeo4mac/qgis-28 --without-postgis --without-postgresql --without-grass --without-gpsbabel --only-dependencies 
+brew install osgeo/osgeo4mac/qgis-28 --without-postgis --without-postgresql --without-grass --without-gpsbabel --only-dependencies
+brew install qca
 brew install spawn-fcgi
 brew install lighttpd
 brew install poppler

diff --git a/cmake/FindQCA.cmake b/cmake/FindQCA.cmake
@@ -0,0 +1,98 @@
+# Find QCA (Qt Cryptography Architecture 2+)
+# ~~~~~~~~~~~~~~~~
+# When run this will define
+#
+#  QCA_FOUND - system has QCA
+#  QCA_LIBRARY - the QCA library or framework
+#  QCA_INCLUDE_DIR - the QCA include directory
+#  QCA_VERSION_STR - e.g. "2.0.3"
+#
+# Copyright (c) 2006, Michael Larouche, <michael.larouche@kdemail.net>
+# Copyright (c) 2014, Larry Shaffer, <larrys (at) dakotacarto (dot) com>
+#
+# Redistribution and use is allowed according to the terms of the BSD license.
+# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
+
+
+if(QCA_INCLUDE_DIR AND QCA_LIBRARY)
+
+  set(QCA_FOUND TRUE)
+
+else(QCA_INCLUDE_DIR AND QCA_LIBRARY)
+
+  find_library(QCA_LIBRARY
+    NAMES qca qca2
+    PATHS
+      ${LIB_DIR}
+      $ENV{LIB}
+      "$ENV{LIB_DIR}"
+      /usr/local/lib
+  )
+
+  if(APPLE)
+    if(QCA_LIBRARY AND QCA_LIBRARY MATCHES "qca(2)?\\.framework")
+      set(QCA_LIBRARY "${QCA_LIBRARY}" CACHE FILEPATH "QCA framework" FORCE)
+      set(QCA_INCLUDE_DIR "${QCA_LIBRARY}/Headers" CACHE FILEPATH "QCA framework headers" FORCE)
+    endif()
+  endif(APPLE)
+
+  find_path(QCA_INCLUDE_DIR
+    NAMES QtCrypto
+    PATHS
+      ${LIB_DIR}/include
+      "$ENV{LIB_DIR}/include"
+      $ENV{INCLUDE}
+      /usr/local/include
+    PATH_SUFFIXES QtCrypto qt4/QtCrypto
+  )
+
+  if(QCA_LIBRARY AND QCA_INCLUDE_DIR)
+    set(QCA_FOUND TRUE)
+  endif()
+
+endif(QCA_INCLUDE_DIR AND QCA_LIBRARY)
+
+if(NOT QCA_FOUND)
+
+  if(QCA_FIND_REQUIRED)
+    message(FATAL_ERROR "Could not find QCA")
+  else()
+    message(STATUS "Could not find QCA")
+  endif()
+
+else(NOT QCA_FOUND)
+
+  # Check version is valid (>= 2.0.3)
+  # find_package(QCA 2.0.3) works with 2.1.0+, which has a QcaConfigVersion.cmake, but 2.0.3 does not
+
+  # qca_version.h header only available with 2.1.0+
+  set(_qca_version_h "${QCA_INCLUDE_DIR}/qca_version.h")
+  if(EXISTS "${_qca_version_h}")
+    file(STRINGS "${_qca_version_h}" _qca_version_str REGEX "^.*QCA_VERSION_STR +\"[^\"]+\".*$")
+    string(REGEX REPLACE "^.*QCA_VERSION_STR +\"([^\"]+)\".*$" "\\1" QCA_VERSION_STR "${_qca_version_str}")
+  else()
+    # qca_core.h contains hexidecimal version in <= 2.0.3
+    set(_qca_core_h "${QCA_INCLUDE_DIR}/qca_core.h")
+    if(EXISTS "${_qca_core_h}")
+      file(STRINGS "${_qca_core_h}" _qca_version_str REGEX "^#define +QCA_VERSION +0x[0-9a-fA-F]+.*")
+      string(REGEX REPLACE "^#define +QCA_VERSION +0x([0-9a-fA-F]+)$" "\\1" _qca_version_int "${_qca_version_str}")
+      if("${_qca_version_int}" STREQUAL "020003")
+        set(QCA_VERSION_STR "2.0.3")
+      endif()
+    endif()
+  endif()
+
+  if(NOT QCA_VERSION_STR)
+    set(QCA_FOUND FALSE)
+    if(QCA_FIND_REQUIRED)
+      message(FATAL_ERROR "Could not find QCA >= 2.0.3")
+    else()
+      message(STATUS "Could not find QCA >= 2.0.3")
+    endif()
+  else()
+    if(NOT QCA_FIND_QUIETLY)
+      message(STATUS "Found QCA: ${QCA_LIBRARY} (${QCA_VERSION_STR})")
+    endif()
+  endif()
+
+endif(NOT QCA_FOUND)
diff --git a/cmake/QCAMacros.cmake b/cmake/QCAMacros.cmake
@@ -0,0 +1,189 @@
+# Macros/functions for finding QCA's qcatool utility and qca-ossl plugin
+# ~~~~~~~~~~~~~~~~
+# When FIND_QCATOOL is run, will define:
+#
+#   QCATOOL_EXECUTABLE - Path to QCA's qcatool utility
+#
+# NOTE: FIND_QCAOSSL_PLUGIN_CPP requires Qt and QCA packages to be found
+#
+# Copyright (c) 2014, Larry Shaffer, <larrys (at) dakotacarto (dot) com>>
+# Redistribution and use is allowed according to the terms of the BSD license.
+# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
+
+function(FIND_QCAOSSL_PLUGIN_CPP PLUGIN_REQUIRED)
+
+  # requires Qt and QCA packages to be found
+  if(QT_INCLUDE_DIR AND QT_QTCORE_INCLUDE_DIR AND QT_QTCORE_LIBRARY
+     AND QCA_INCLUDE_DIR AND QCA_LIBRARY
+     AND NOT CMAKE_CROSSCOMPILING)
+
+    # NOTE: boolean result when compiled executable is run
+    set(CODE
+      "
+      #include <QtCrypto>
+      #include <QCoreApplication>
+
+      int main( int argc, char** argv )
+      {
+        QCA::Initializer init;
+        QCoreApplication app( argc, argv );
+        if ( !QCA::isSupported( \"cert\", \"qca-ossl\" ) )
+        {
+          return 0;
+        }
+        return 1;
+      }
+      "
+    )
+    set(TESTCPP "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/qcaossl.cpp")
+    file(WRITE ${TESTCPP} "${CODE}")
+
+    set(QCA_INCLUDE_DIRECTORIES "-DINCLUDE_DIRECTORIES:STRING=${QT_INCLUDE_DIR};${QT_QTCORE_INCLUDE_DIR};${QCA_INCLUDE_DIR}")
+    set(QCA_LINK_LIBRARIES "-DLINK_LIBRARIES:STRING=${QT_QTCORE_LIBRARY};${QCA_LIBRARY}")
+
+    try_run(RUN_RESULT COMPILE_RESULT
+      ${CMAKE_BINARY_DIR} ${TESTCPP}
+      CMAKE_FLAGS "${QCA_INCLUDE_DIRECTORIES}" "${QCA_LINK_LIBRARIES}"
+      COMPILE_OUTPUT_VARIABLE COMPILE_OUTPUT
+    )
+
+    set(_msg "QCA OpenSSL plugin not found (run-time/unit-test dependency)")
+
+    if(NOT COMPILE_RESULT)
+      message(STATUS "QCA OpenSSL plugin C++ check failed to compile")
+      if(${PLUGIN_REQUIRED})
+        message(STATUS "QCA OpenSSL plugin C++ check compile output:")
+        message(STATUS "${COMPILE_OUTPUT}")
+        message(FATAL_ERROR ${_msg})
+      else()
+        message(STATUS ${_msg})
+      endif()
+    else()
+      if(NOT RUN_RESULT)
+        if(${PLUGIN_REQUIRED})
+          message(FATAL_ERROR ${_msg})
+        else()
+          message(STATUS ${_msg})
+        endif()
+      else()
+        message(STATUS "Found QCA OpenSSL plugin")
+      endif()
+    endif()
+
+  else()
+    message(STATUS "QtCore/QCA include/lib variables missing or CMake is cross-compiling,")
+    message(STATUS "  skipping QCA OpenSSL plugin C++ check")
+  endif()
+
+endfunction(FIND_QCAOSSL_PLUGIN_CPP PLUGIN_REQUIRED)
+
+
+function(FIND_QCATOOL TOOL_REQUIRED)
+  if(NOT QCATOOL_EXECUTABLE)
+
+    if(MSVC)
+      find_program(QCATOOL_EXECUTABLE NAMES qcatool.exe qcatool2.exe
+        PATHS
+          $ENV{LIB_DIR}/bin
+          $ENV{OSGEO4W_ROOT}/bin
+      )
+    else()
+      find_program(QCATOOL_EXECUTABLE NAMES qcatool qcatool2)
+    endif()
+
+    if(NOT QCATOOL_EXECUTABLE)
+      set(_msg "QCA's qcatool utility not found - aborting")
+      if(${TOOL_REQUIRED})
+        message(FATAL_ERROR ${_msg})
+      else()
+        message(STATUS ${_msg})
+      endif()
+    endif()
+
+  else()
+
+    get_filename_component(_qcatool ${QCATOOL_EXECUTABLE} REALPATH)
+    if(NOT EXISTS "${_qcatool}")
+      set(_msg "QCA's qcatool utility not found at: ${QCATOOL_EXECUTABLE}")
+      if(${TOOL_REQUIRED})
+        message(FATAL_ERROR ${_msg})
+      else()
+        message(STATUS ${_msg})
+      endif()
+    endif()
+
+  endif(NOT QCATOOL_EXECUTABLE)
+
+endfunction(FIND_QCATOOL TOOL_REQUIRED)
+
+
+function(FIND_QCAOSSL_PLUGIN PLUGIN_REQUIRED)
+
+  get_filename_component(_qcatool ${QCATOOL_EXECUTABLE} REALPATH)
+
+  if(EXISTS "${_qcatool}")
+    execute_process(COMMAND "${_qcatool}" plugins OUTPUT_VARIABLE _qca_plugins)
+    # message(STATUS ${_qca_plugins})
+
+    if(NOT "${_qca_plugins}" MATCHES "qca-ossl")
+      set(_msg "QCA OpenSSL plugin not found (run-time/unit-test dependency)")
+      if(${PLUGIN_REQUIRED})
+        message(FATAL_ERROR ${_msg})
+      else()
+        message(STATUS ${_msg})
+      endif()
+    else()
+      message(STATUS "Found QCA OpenSSL plugin")
+    endif()
+  endif()
+
+endfunction(FIND_QCAOSSL_PLUGIN PLUGIN_REQUIRED)
+
+
+function(FIND_QCA_PLUGIN_DIR DIR_REQUIRED)
+
+  FIND_QCATOOL(1)
+  get_filename_component(_qcatool ${QCATOOL_EXECUTABLE} REALPATH)
+
+  if(EXISTS "${_qcatool}")
+    execute_process(COMMAND "${_qcatool}" plugins OUTPUT_VARIABLE _qca_plugins)
+    #message(STATUS ${_qca_plugins})
+    string(REGEX REPLACE "\n" ";" _qca_plugins_list "${_qca_plugins}")
+    #message(STATUS "_qca_plugins_list:  ${_qca_plugins_list}")
+
+    if(NOT "${_qca_plugins}" MATCHES "Available Providers")
+      set(_msg "QCA plugin directory not found")
+      if(${DIR_REQUIRED})
+        message(FATAL_ERROR ${_msg})
+      else()
+        message(STATUS ${_msg})
+      endif()
+    else()
+
+      set(QCA_PLUGIN_DIR)
+      foreach(_plugin_dir ${_qca_plugins_list})
+        string(STRIP "${_plugin_dir}" _plugin_dir)
+        if(EXISTS "${_plugin_dir}" AND IS_DIRECTORY "${_plugin_dir}" AND NOT QCA_PLUGIN_DIR)
+          file(GLOB qca_dylibs "${_plugin_dir}/crypto/libqca*")
+          if(qca_dylibs)
+            set(QCA_PLUGIN_DIR "${_plugin_dir}")
+          endif()
+        endif()
+      endforeach()
+
+      if(QCA_PLUGIN_DIR)
+        set(QCA_PLUGIN_DIR "${QCA_PLUGIN_DIR}" PARENT_SCOPE)
+        message(STATUS "Found QCA plugin directory: ${QCA_PLUGIN_DIR}")
+      else()
+        set(_msg "QCA plugin directory not found")
+        if(${DIR_REQUIRED})
+          message(FATAL_ERROR ${_msg})
+        else()
+          message(STATUS ${_msg})
+        endif()
+      endif()
+
+    endif()
+  endif()
+
+endfunction(FIND_QCA_PLUGIN_DIR DIR_REQUIRED)
diff --git a/images/images.qrc b/images/images.qrc
@@ -311,6 +311,10 @@
         <file>themes/default/mActionZoomToSelected.svg</file>
         <file>themes/default/mIconAtlas.svg</file>
         <file>themes/default/mIconAutoPlacementSettings.svg</file>
+        <file>themes/default/mIconCertificate.svg</file>
+        <file>themes/default/mIconCertificateMissing.svg</file>
+        <file>themes/default/mIconCertificateTrusted.svg</file>
+        <file>themes/default/mIconCertificateUntrusted.svg</file>
         <file>themes/default/mIconClear.svg</file>
         <file>themes/default/mIconClose.png</file>
         <file>themes/default/mIconCollapse.png</file>