2019-07-12 16:54:26 +02:00
|
|
|
#include <utils/NetOrigin.h>
|
|
|
|
|
|
|
|
#include <QJsonObject>
|
2024-05-08 22:06:32 +02:00
|
|
|
#include <QNetworkInterface>
|
2019-07-12 16:54:26 +02:00
|
|
|
|
|
|
|
NetOrigin* NetOrigin::instance = nullptr;
|
|
|
|
|
|
|
|
NetOrigin::NetOrigin(QObject* parent, Logger* log)
|
|
|
|
: QObject(parent)
|
|
|
|
, _log(log)
|
2024-05-08 22:06:32 +02:00
|
|
|
, _isInternetAccessAllowed(false)
|
|
|
|
, _isInternetAccessRestricted(false)
|
2019-07-12 16:54:26 +02:00
|
|
|
, _ipWhitelist()
|
|
|
|
{
|
|
|
|
NetOrigin::instance = this;
|
|
|
|
}
|
|
|
|
|
2020-08-08 23:12:43 +02:00
|
|
|
bool NetOrigin::accessAllowed(const QHostAddress& address, const QHostAddress& local) const
|
2019-07-12 16:54:26 +02:00
|
|
|
{
|
2024-05-08 22:06:32 +02:00
|
|
|
bool isAllowed {false};
|
2019-07-12 16:54:26 +02:00
|
|
|
|
2024-05-08 22:06:32 +02:00
|
|
|
if(isLocalAddress(address, local))
|
2019-07-12 16:54:26 +02:00
|
|
|
{
|
2024-05-08 22:06:32 +02:00
|
|
|
isAllowed = true;
|
2019-07-12 16:54:26 +02:00
|
|
|
}
|
2024-05-08 22:06:32 +02:00
|
|
|
else
|
|
|
|
{
|
|
|
|
if(_isInternetAccessAllowed)
|
|
|
|
{
|
|
|
|
if (!_isInternetAccessRestricted)
|
|
|
|
{
|
|
|
|
isAllowed = true;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
for (const QHostAddress &listAddress : _ipWhitelist)
|
|
|
|
{
|
|
|
|
if (address.isEqual(listAddress))
|
|
|
|
{
|
|
|
|
isAllowed = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
WarningIf(!isAllowed, _log,"Client connection from IP address '%s' has been rejected! It's not whitelisted.",QSTRING_CSTR(address.toString()));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return isAllowed;
|
2019-07-12 16:54:26 +02:00
|
|
|
}
|
|
|
|
|
2024-05-08 22:06:32 +02:00
|
|
|
|
|
|
|
bool NetOrigin::isLocalAddress(const QHostAddress& ipAddress, const QHostAddress& /*local*/) const
|
2019-07-12 16:54:26 +02:00
|
|
|
{
|
2024-05-08 22:06:32 +02:00
|
|
|
QHostAddress address = ipAddress;
|
|
|
|
|
|
|
|
if (address.isLoopback() || address.isLinkLocal())
|
2019-07-12 16:54:26 +02:00
|
|
|
{
|
2024-05-08 22:06:32 +02:00
|
|
|
return true;
|
2019-07-12 16:54:26 +02:00
|
|
|
}
|
2024-05-08 22:06:32 +02:00
|
|
|
|
|
|
|
//Convert to IPv4 to check, if an IPv6 address is an IPv4 mapped address
|
|
|
|
QHostAddress ipv4Address(address.toIPv4Address());
|
|
|
|
if (ipv4Address != QHostAddress::AnyIPv4) // ipv4Address is not "0.0.0.0"
|
2019-07-12 16:54:26 +02:00
|
|
|
{
|
2024-05-08 22:06:32 +02:00
|
|
|
address = ipv4Address;
|
|
|
|
}
|
|
|
|
|
|
|
|
QList<QNetworkInterface> allInterfaces = QNetworkInterface::allInterfaces();
|
|
|
|
for (const QNetworkInterface &networkInterface : allInterfaces) {
|
|
|
|
QList<QNetworkAddressEntry> addressEntries = networkInterface.addressEntries();
|
|
|
|
for (const QNetworkAddressEntry &localNetworkAddressEntry : addressEntries) {
|
|
|
|
QHostAddress localIP = localNetworkAddressEntry.ip();
|
|
|
|
|
|
|
|
if(localIP.protocol() != QAbstractSocket::NetworkLayerProtocol::IPv4Protocol)
|
|
|
|
{
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool isInSubnet = address.isInSubnet(localIP, localNetworkAddressEntry.prefixLength());
|
|
|
|
if (isInSubnet)
|
|
|
|
{
|
|
|
|
return true;
|
|
|
|
}
|
2019-07-12 16:54:26 +02:00
|
|
|
}
|
|
|
|
}
|
2024-05-08 22:06:32 +02:00
|
|
|
return false;
|
2019-07-12 16:54:26 +02:00
|
|
|
}
|
|
|
|
|
2020-08-08 13:09:15 +02:00
|
|
|
void NetOrigin::handleSettingsUpdate(settings::type type, const QJsonDocument& config)
|
2019-07-12 16:54:26 +02:00
|
|
|
{
|
|
|
|
if(type == settings::NETWORK)
|
|
|
|
{
|
|
|
|
const QJsonObject& obj = config.object();
|
2024-05-08 22:06:32 +02:00
|
|
|
_isInternetAccessAllowed = obj["internetAccessAPI"].toBool(false);
|
|
|
|
_isInternetAccessRestricted = obj["restirctedInternetAccessAPI"].toBool(false);
|
|
|
|
const QJsonArray arr = obj["ipWhitelist"].toArray();
|
2019-07-12 16:54:26 +02:00
|
|
|
|
2024-05-08 22:06:32 +02:00
|
|
|
_ipWhitelist.clear();
|
2019-07-12 16:54:26 +02:00
|
|
|
|
2024-05-08 22:06:32 +02:00
|
|
|
for(const auto& item : std::as_const(arr))
|
2019-07-12 16:54:26 +02:00
|
|
|
{
|
2024-05-08 22:06:32 +02:00
|
|
|
const QString& entry = item.toString("");
|
2019-07-12 16:54:26 +02:00
|
|
|
if(entry.isEmpty())
|
2024-05-08 22:06:32 +02:00
|
|
|
{
|
2019-07-12 16:54:26 +02:00
|
|
|
continue;
|
2024-05-08 22:06:32 +02:00
|
|
|
}
|
2019-07-12 16:54:26 +02:00
|
|
|
|
|
|
|
QHostAddress host(entry);
|
|
|
|
if(host.isNull())
|
|
|
|
{
|
|
|
|
Warning(_log,"The whitelisted IP address '%s' isn't valid! Skipped",QSTRING_CSTR(entry));
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
_ipWhitelist << host;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|