Merge pull request RedisInsight#3350 from uglide/feature/ssl

Add SSL support

Author: uglide

src/app/dialogs/connect.cpp

@@ -20,6 +20,9 @@ ConnectionWindow::ConnectionWindow(QWeakPointer<ConnectionsManager> manager, QWi
     // connect slots to signals
     connect(ui.okButton, SIGNAL(clicked()), this, SLOT(OnOkButtonClick()));        
     connect(ui.selectPrivateKeyPath, SIGNAL(clicked()), this,  SLOT(OnBrowseSshKeyClick()));
+    connect(ui.sslCACertButton, &QPushButton::clicked, this, [this]() {
+        OnBrowsePemFileClick(ui.sslCACertEdit);
+    });
     connect(ui.testConnectionButton, SIGNAL(clicked()), this, SLOT(OnTestConnectionButtonClick()));
     connect(ui.showPasswordCheckbox, SIGNAL(stateChanged(int)), this, SLOT(OnShowPasswordCheckboxChanged(int)));
 
@@ -70,6 +73,11 @@ void ConnectionWindow::loadValuesFromConfig(const RedisClient::ConnectionConfig&
             ui.sshKeysGroup->setChecked(true);
         }
     }
+
+    if (config.useSsl()) {
+        ui.useSsl->setCheckState(Qt::Checked);
+        ui.sslCACertEdit->setText(config.param<QString>("ssl_ca_cert_path"));
+    }
 }
 
 void ConnectionWindow::markFieldInvalid(QWidget* w)
@@ -127,6 +135,16 @@ void ConnectionWindow::OnBrowseSshKeyClick()
     ui.privateKeyPath->setText(fileName);
 }
 
+void ConnectionWindow::OnBrowsePemFileClick(QLineEdit* target)
+{
+    QString fileName = QFileDialog::getOpenFileName(this, "Select PEM file", "", tr("All Files (*.pem)"));
+
+    if (fileName.isEmpty())
+        return;
+
+    target->setText(fileName);
+}
+
 void ConnectionWindow::OnTestConnectionButtonClick()
 {
     ui.validationWarning->hide();
@@ -248,6 +266,11 @@ bool ConnectionWindow::isSshTunnelUsed()
     return ui.useSshTunnel->checkState() == Qt::Checked;
 }
 
+bool ConnectionWindow::isSslUsed()
+{
+    return ui.useSsl->checkState() == Qt::Checked;
+}
+
 RedisClient::ConnectionConfig ConnectionWindow::getConectionConfigFromFormData()
 {    
     RedisClient::ConnectionConfig conf(ui.hostEdit->text().trimmed(),
@@ -273,5 +296,9 @@ RedisClient::ConnectionConfig ConnectionWindow::getConectionConfigFromFormData()
             (ui.sshKeysGroup->isChecked() ? ui.privateKeyPath->text().trimmed() : ""));
     }
 
+    if (isSslUsed()) {
+        conf.setParam("ssl_ca_cert_path", ui.sslCACertEdit->text());
+    }
+
     return conf;
 }

src/app/dialogs/connect.h

@@ -27,6 +27,7 @@ class ConnectionWindow : public QDialog
     bool isSshSettingsValid();
     bool isAdvancedSettingsValid();
     bool isSshTunnelUsed();
+    bool isSslUsed();
 
     void loadValuesFromConfig(const RedisClient::ConnectionConfig& config);
 
@@ -37,5 +38,6 @@ private slots:
     void OnOkButtonClick();
     void OnShowPasswordCheckboxChanged(int);
     void OnBrowseSshKeyClick();
+    void OnBrowsePemFileClick(QLineEdit *target);
     void OnTestConnectionButtonClick();
 };

src/app/forms/connection.ui

@@ -46,18 +46,11 @@
   <property name="modal">
    <bool>true</bool>
   </property>
-  <layout class="QGridLayout" name="gridLayout_5">
+  <layout class="QVBoxLayout" name="verticalLayout">
    <property name="sizeConstraint">
     <enum>QLayout::SetMaximumSize</enum>
    </property>
-   <item row="1" column="0">
-    <widget class="QLabel" name="validationWarning">
-     <property name="text">
-      <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p align=&quot;center&quot;&gt;&lt;img src=&quot;:/images/alert.png&quot;/&gt; Invalid settings detected&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
-     </property>
-    </widget>
-   </item>
-   <item row="0" column="0">
+   <item>
     <widget class="QTabWidget" name="tabs">
      <property name="tabPosition">
       <enum>QTabWidget::North</enum>
@@ -73,14 +66,22 @@
      </property>
      <widget class="QWidget" name="mainTab">
       <attribute name="title">
-       <string>Connection Settings</string>
+       <string>Connection</string>
       </attribute>
       <layout class="QGridLayout" name="gridLayout">
        <item row="1" column="1">
-        <widget class="QLineEdit" name="hostEdit"/>
+        <widget class="QLineEdit" name="hostEdit">
+         <property name="placeholderText">
+          <string>redis-server host</string>
+         </property>
+        </widget>
        </item>
        <item row="3" column="1">
-        <widget class="QLineEdit" name="authEdit"/>
+        <widget class="QLineEdit" name="authEdit">
+         <property name="placeholderText">
+          <string>(Optional) redis-server authentication password</string>
+         </property>
+        </widget>
        </item>
        <item row="0" column="0">
         <widget class="QLabel" name="lbName">
@@ -90,7 +91,11 @@
         </widget>
        </item>
        <item row="0" column="1">
-        <widget class="QLineEdit" name="nameEdit"/>
+        <widget class="QLineEdit" name="nameEdit">
+         <property name="placeholderText">
+          <string>Connection name</string>
+         </property>
+        </widget>
        </item>
        <item row="1" column="0">
         <widget class="QLabel" name="lbHost">
@@ -137,6 +142,128 @@
        </item>
       </layout>
      </widget>
+     <widget class="QWidget" name="sslTab">
+      <attribute name="title">
+       <string>SSL</string>
+      </attribute>
+      <layout class="QGridLayout" name="gridLayout_5">
+       <item row="1" column="1">
+        <widget class="QLineEdit" name="sslCACertEdit">
+         <property name="placeholderText">
+          <string>Public key in PEM format</string>
+         </property>
+        </widget>
+       </item>
+       <item row="3" column="1">
+        <widget class="QLineEdit" name="sslLocalCertEdit">
+         <property name="placeholderText">
+          <string>(Optional) Authority in PEM format</string>
+         </property>
+        </widget>
+       </item>
+       <item row="2" column="1">
+        <widget class="QLineEdit" name="sslPrivateKeyEdit">
+         <property name="placeholderText">
+          <string>(Optional) Private key in PEM format</string>
+         </property>
+        </widget>
+       </item>
+       <item row="1" column="0">
+        <widget class="QLabel" name="sslPublicKey">
+         <property name="sizePolicy">
+          <sizepolicy hsizetype="Minimum" vsizetype="Preferred">
+           <horstretch>0</horstretch>
+           <verstretch>0</verstretch>
+          </sizepolicy>
+         </property>
+         <property name="baseSize">
+          <size>
+           <width>80</width>
+           <height>0</height>
+          </size>
+         </property>
+         <property name="text">
+          <string>Public Key:</string>
+         </property>
+        </widget>
+       </item>
+       <item row="3" column="0">
+        <widget class="QLabel" name="label_2">
+         <property name="sizePolicy">
+          <sizepolicy hsizetype="Minimum" vsizetype="Preferred">
+           <horstretch>0</horstretch>
+           <verstretch>0</verstretch>
+          </sizepolicy>
+         </property>
+         <property name="text">
+          <string>Authority:</string>
+         </property>
+        </widget>
+       </item>
+       <item row="2" column="0">
+        <widget class="QLabel" name="sslPrivateKey">
+         <property name="sizePolicy">
+          <sizepolicy hsizetype="Minimum" vsizetype="Preferred">
+           <horstretch>0</horstretch>
+           <verstretch>0</verstretch>
+          </sizepolicy>
+         </property>
+         <property name="text">
+          <string>Private key:</string>
+         </property>
+        </widget>
+       </item>
+       <item row="1" column="2">
+        <widget class="QPushButton" name="sslCACertButton">
+         <property name="maximumSize">
+          <size>
+           <width>60</width>
+           <height>16777215</height>
+          </size>
+         </property>
+         <property name="text">
+          <string>...</string>
+         </property>
+        </widget>
+       </item>
+       <item row="2" column="2">
+        <widget class="QPushButton" name="sslPrivateKeyButton">
+         <property name="maximumSize">
+          <size>
+           <width>60</width>
+           <height>16777215</height>
+          </size>
+         </property>
+         <property name="text">
+          <string>...</string>
+         </property>
+        </widget>
+       </item>
+       <item row="3" column="2">
+        <widget class="QPushButton" name="sslLocalCertButton">
+         <property name="maximumSize">
+          <size>
+           <width>60</width>
+           <height>16777215</height>
+          </size>
+         </property>
+         <property name="text">
+          <string>...</string>
+         </property>
+        </widget>
+       </item>
+       <item row="0" column="0" colspan="3">
+        <widget class="QCheckBox" name="useSsl">
+         <property name="layoutDirection">
+          <enum>Qt::LeftToRight</enum>
+         </property>
+         <property name="text">
+          <string>Use SSL Protocol</string>
+         </property>
+        </widget>
+       </item>
+      </layout>
+     </widget>
      <widget class="QWidget" name="sshTab">
       <attribute name="title">
        <string>SSH Tunnel</string>
@@ -245,7 +372,7 @@
           <item row="0" column="2">
            <widget class="QPushButton" name="selectPrivateKeyPath">
             <property name="text">
-             <string>Browse</string>
+             <string>...</string>
             </property>
            </widget>
           </item>
@@ -339,7 +466,14 @@
      </widget>
     </widget>
    </item>
-   <item row="2" column="0">
+   <item>
+    <widget class="QLabel" name="validationWarning">
+     <property name="text">
+      <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p align=&quot;center&quot;&gt;&lt;img src=&quot;:/images/alert.png&quot;/&gt; Invalid settings detected&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
+     </property>
+    </widget>
+   </item>
+   <item>
     <layout class="QHBoxLayout" name="DialogButtons">
      <property name="spacing">
       <number>6</number>

src/modules/redisclient/connectionconfig.cpp

@@ -53,6 +53,25 @@ int RedisClient::ConnectionConfig::connectionTimeout() const
     return param<int>("timeout_connect");
 }
 
+QList<QSslCertificate> RedisClient::ConnectionConfig::sslCaCertificates() const
+{
+    QString path = param<QString>("ssl_ca_cert_path");
+    if (!path.isEmpty() && QFile::exists(path))
+        return QSslCertificate::fromPath(path);
+
+    return QList<QSslCertificate>();
+}
+
+QString RedisClient::ConnectionConfig::sslPrivateKeyPath() const
+{
+    return getValidPathFromParameter("ssl_private_key_path");
+}
+
+QString RedisClient::ConnectionConfig::sslLocalCertPath() const
+{
+    return getValidPathFromParameter("ssl_local_cert_path");
+}
+
 bool RedisClient::ConnectionConfig::isSshPasswordUsed()
 {
     return !param<QString>("ssh_password").isEmpty();
@@ -93,6 +112,11 @@ bool RedisClient::ConnectionConfig::useAuth() const
     return !param<QString>("auth").isEmpty();
 }
 
+bool RedisClient::ConnectionConfig::useSsl() const
+{
+    return !param<QString>("ssl_ca_cert_path").isEmpty();
+}
+
 bool RedisClient::ConnectionConfig::isValid() const
 {
     return isNull() == false
@@ -112,11 +136,7 @@ QWeakPointer<RedisClient::Connection> RedisClient::ConnectionConfig::getOwner()
 
 QString RedisClient::ConnectionConfig::getSshPrivateKey()
 {
-    QString path = param<QString>("ssh_private_key_path");
-    if (path.isEmpty() || !QFile::exists(path))
-        return QString();
-
-    return path;
+    return getValidPathFromParameter("ssh_private_key_path");
 }
 
 QString RedisClient::ConnectionConfig::keysPattern() const
@@ -145,6 +165,9 @@ RedisClient::ConnectionConfig RedisClient::ConnectionConfig::fromXml(QDomNode &
     valueMapping.insert("sshPassword", "ssh_password");
     valueMapping.insert("sshPort", "ssh_port");
     valueMapping.insert("sshPrivateKey", "ssh_private_key_path");
+    valueMapping.insert("ssl_ca_cert_path", "");
+    valueMapping.insert("ssl_private_key_path", "");
+    valueMapping.insert("ssl_local_cert_path", "");
     valueMapping.insert("namespaceSeparator", "namespace_separator");
     valueMapping.insert("connectionTimeout", "timeout_connect");
     valueMapping.insert("executeTimeout", "timeout_execute");
@@ -212,6 +235,12 @@ QDomElement RedisClient::ConnectionConfig::toXml()
         saveXmlAttribute(dom, xml, "sshPrivateKey", param<QString>("ssh_private_key_path"));
     }
 
+    if (useSsl()) {
+        saveXmlAttribute(dom, xml, "ssl_ca_cert_path", param<QString>("ssl_ca_cert_path"));
+        saveXmlAttribute(dom, xml, "ssl_private_key_path", param<QString>("ssl_private_key_path"));
+        saveXmlAttribute(dom, xml, "ssl_local_cert_path", param<QString>("ssl_local_cert_path"));
+    }
+
     return xml;
 }
 
@@ -221,3 +250,12 @@ void RedisClient::ConnectionConfig::saveXmlAttribute(QDomDocument & document, QD
     attr.setValue(value);
     root.setAttributeNode(attr);
 }
+
+QString RedisClient::ConnectionConfig::getValidPathFromParameter(const QString &name) const
+{
+    QString path = param<QString>(name);
+    if (path.isEmpty() || !QFile::exists(path))
+        return QString();
+
+    return path;
+}