Merge pull request #1197 from csoler/v0.6-SecurityFixes

Fixing bugs on channels permission and notify

libretroshare/src/gxs/rsgenexchange.cc

@@ -1643,7 +1643,7 @@ void RsGenExchange::notifyReceivePublishKey(const RsGxsGroupId &grpId)
 {
 	RS_STACK_MUTEX(mGenMtx);
 
-	RsGxsGroupChange* gc = new RsGxsGroupChange(RsGxsNotify::TYPE_PUBLISHKEY, false);
+	RsGxsGroupChange* gc = new RsGxsGroupChange(RsGxsNotify::TYPE_PUBLISHKEY, true);
 	gc->mGrpIdList.push_back(grpId);
 	mNotifications.push_back(gc);
 }
@@ -2580,7 +2580,11 @@ void RsGenExchange::publishGrps()
 			    ggps.mKeys = fullKeySet;
 		    }
 		    else
+			{
+				// We should just merge the keys instead of overwriting them, because the update may not contain private parts.
+
 			    fullKeySet = ggps.mKeys;
+			}
 
 		    // find private admin key
 		    RsTlvPrivateRSAKey privAdminKey;
@@ -2756,7 +2760,7 @@ void RsGenExchange::publishGrps()
 
 	    if(!grpChanged.empty())
 	    {
-		    RsGxsGroupChange* gc = new RsGxsGroupChange(RsGxsNotify::TYPE_PUBLISH, false);
+		    RsGxsGroupChange* gc = new RsGxsGroupChange(RsGxsNotify::TYPE_RECEIVE, true);
 		    gc->mGrpIdList = grpChanged;
 		    mNotifications.push_back(gc);
 #ifdef GEN_EXCH_DEBUG
@@ -2770,8 +2774,8 @@ void RsGenExchange::publishGrps()
     // This is done off-mutex to avoid possible cross deadlocks with the net service.
     
     if(mNetService!=NULL)
-        for(std::list<RsGxsGroupId>::const_iterator it(groups_to_subscribe.begin());it!=groups_to_subscribe.end();++it)
-	    mNetService->subscribeStatusChanged((*it),true) ;
+		for(std::list<RsGxsGroupId>::const_iterator it(groups_to_subscribe.begin());it!=groups_to_subscribe.end();++it)
+			mNetService->subscribeStatusChanged((*it),true) ;
 }
 
 
@@ -3216,6 +3220,13 @@ void RsGenExchange::performUpdateValidation()
 
 			gu.newGrp->metaData->mSubscribeFlags = gu.oldGrpMeta->mSubscribeFlags ;
 
+			// Also keep private keys if present
+
+			if(!gu.newGrp->metaData->keys.private_keys.empty())
+				std::cerr << "(EE) performUpdateValidation() group " <<gu.newGrp->metaData->mGroupId << " has been received with private keys. This is very unexpected!" << std::endl;
+			else
+				gu.newGrp->metaData->keys.private_keys = gu.oldGrpMeta->keys.private_keys ;
+
 			grps.push_back(gu.newGrp);
 		}
 		else
@@ -3254,7 +3265,7 @@ void RsGenExchange::performUpdateValidation()
 	mGroupUpdates.clear();
 }
 
-bool RsGenExchange::updateValid(const RsGxsGrpMetaData& oldGrpMeta, RsNxsGrp& newGrp) const
+bool RsGenExchange::updateValid(const RsGxsGrpMetaData& oldGrpMeta, const RsNxsGrp& newGrp) const
 {
 	std::map<SignType, RsTlvKeySignature>& signSet = newGrp.metaData->signSet.keySignSet;
 	std::map<SignType, RsTlvKeySignature>::iterator mit = signSet.find(INDEX_AUTHEN_ADMIN);

libretroshare/src/gxs/rsgenexchange.h

@@ -835,7 +835,7 @@ private:
      * @param newGrp the new group that updates the old group (must have meta data member initialised)
      * @return
      */
-    bool updateValid(const RsGxsGrpMetaData& oldGrp, RsNxsGrp& newGrp) const;
+    bool updateValid(const RsGxsGrpMetaData& oldGrp, const RsNxsGrp& newGrp) const;
 
     /*!
      * convenience function for checking private publish and admin keys are present

libretroshare/src/gxs/rsgxsnetservice.cc

@@ -389,6 +389,8 @@ int RsGxsNetService::tick()
 
 	    should_notify = should_notify || !mNewGroupsToNotify.empty() ;
 	    should_notify = should_notify || !mNewMessagesToNotify.empty() ;
+	    should_notify = should_notify || !mNewPublishKeysToNotify.empty() ;
+	    should_notify = should_notify || !mNewStatsToNotify.empty() ;
     }
 
     if(should_notify)
@@ -451,8 +453,11 @@ void RsGxsNetService::processObserverNotifications()
     if(!grps_copy.empty()) mObserver->notifyNewGroups  (grps_copy);
     if(!msgs_copy.empty()) mObserver->notifyNewMessages(msgs_copy);
 
-    for(std::set<RsGxsGroupId>::const_iterator it(keys_copy.begin());it!=keys_copy.end();++it) mObserver->notifyReceivePublishKey(*it);
-    for(std::set<RsGxsGroupId>::const_iterator it(stat_copy.begin());it!=stat_copy.end();++it) mObserver->notifyChangedGroupStats(*it);
+    for(std::set<RsGxsGroupId>::const_iterator it(keys_copy.begin());it!=keys_copy.end();++it)
+		mObserver->notifyReceivePublishKey(*it);
+
+    for(std::set<RsGxsGroupId>::const_iterator it(stat_copy.begin());it!=stat_copy.end();++it)
+		mObserver->notifyChangedGroupStats(*it);
 }
 
 void RsGxsNetService::rejectMessage(const RsGxsMessageId& msg_id)
@@ -4756,6 +4761,7 @@ void RsGxsNetService::handleRecvPublishKeys(RsNxsGroupPublishKeyItem *item)
 #ifdef NXS_NET_DEBUG_3
 		GXSNETDEBUG_PG(item->PeerId(),item->grpId)<< "   (EE) Publish key already present in database. Discarding message." << std::endl;
 #endif
+        mNewPublishKeysToNotify.insert(item->grpId) ;
 		return ;
 	}
 

retroshare-gui/src/gui/NewsFeed.cpp

@@ -58,24 +58,6 @@
 #include "common/FeedNotify.h"
 #include "notifyqt.h"
 
-const uint32_t NEWSFEED_PEERLIST =       0x0001;
-
-const uint32_t NEWSFEED_FORUMNEWLIST =   0x0002;
-const uint32_t NEWSFEED_FORUMMSGLIST =   0x0003;
-const uint32_t NEWSFEED_CHANNELNEWLIST = 0x0004;
-//const uint32_t NEWSFEED_CHANNELMSGLIST = 0x0005;
-#if 0
-const uint32_t NEWSFEED_BLOGNEWLIST =    0x0006;
-const uint32_t NEWSFEED_BLOGMSGLIST =    0x0007;
-#endif
-
-const uint32_t NEWSFEED_MESSAGELIST =    0x0008;
-const uint32_t NEWSFEED_CHATMSGLIST =    0x0009;
-const uint32_t NEWSFEED_SECLIST =        0x000a;
-const uint32_t NEWSFEED_POSTEDNEWLIST =  0x000b;
-const uint32_t NEWSFEED_POSTEDMSGLIST =  0x000c;
-const uint32_t NEWSFEED_CIRCLELIST    =  0x000d;
-
 #define ROLE_RECEIVED FEED_TREEWIDGET_SORTROLE
 
 #define TOKEN_TYPE_GROUP      1
@@ -281,20 +263,20 @@ void NewsFeed::updateDisplay()
 						mTokenQueueChannel = new TokenQueue(rsGxsChannels->getTokenService(), instance);
 					}
 
-					RsGxsGroupId grpId(fi.mId1);
-					if (!grpId.isNull()) {
-						RsTokReqOptions opts;
-						opts.mReqType = GXS_REQUEST_TYPE_GROUP_DATA;
+					addFeedItemChannelPublishKey(fi);
 
-						std::list<RsGxsGroupId> grpIds;
-						grpIds.push_back(grpId);
-
-						uint32_t token;
-						mTokenQueueChannel->requestGroupInfo(token, RS_TOKREQ_ANSTYPE_SUMMARY, opts, grpIds, TOKEN_TYPE_PUBLISHKEY);
-					}
+//					RsGxsGroupId grpId(fi.mId1);
+//					if (!grpId.isNull()) {
+//						RsTokReqOptions opts;
+//						opts.mReqType = GXS_REQUEST_TYPE_GROUP_DATA;
+//
+//						std::list<RsGxsGroupId> grpIds;
+//						grpIds.push_back(grpId);
+//
+//						uint32_t token;
+//						mTokenQueueChannel->requestGroupInfo(token, RS_TOKREQ_ANSTYPE_SUMMARY, opts, grpIds, TOKEN_TYPE_PUBLISHKEY);
+//					}
 				}
-//				if (flags & RS_FEED_TYPE_CHANNEL)
-//					addFeedItemChannelPublishKey(fi);
 				break;
 
 			case RS_FEED_ITEM_FORUM_NEW:
@@ -769,6 +751,14 @@ void NewsFeed::loadChannelPublishKey(const uint32_t &token)
 #ifdef UNUSED_CODE
 	MessageComposer::sendChannelPublishKey(groups[0]);
 #endif
+
+	RsGxsChannelGroup& grp = *groups.begin();
+
+	RsFeedItem fi;
+	fi.mId1 = grp.mMeta.mGroupId.toStdString();
+
+
+	addFeedItemChannelPublishKey(fi);
 }
 
 void NewsFeed::loadForumGroup(const uint32_t &token)
@@ -863,6 +853,8 @@ void NewsFeed::loadForumPublishKey(const uint32_t &token)
 #ifdef UNUSED_CODE
 	MessageComposer::sendForumPublishKey(groups[0]);
 #endif
+
+	std::cerr << "(EE) Unimplemented code: received an order to load/display item for received forum publish key, but the implementation is missing." << std::endl;
 }
 
 void NewsFeed::loadPostedGroup(const uint32_t &token)
@@ -1357,6 +1349,24 @@ void NewsFeed::addFeedItemChannelMsg(const RsFeedItem &fi)
 	/* add to layout */
 	addFeedItem(item);
 
+#ifdef NEWS_DEBUG
+	std::cerr << "NewsFeed::addFeedItemChanMsg()";
+	std::cerr << std::endl;
+#endif
+}
+void NewsFeed::addFeedItemChannelPublishKey(const RsFeedItem &fi)
+{
+	RsGxsGroupId grpId(fi.mId1);
+
+	if (grpId.isNull())
+		return;
+
+	/* make new widget */
+	GxsChannelGroupItem *item = new GxsChannelGroupItem(this, NEWSFEED_CHANNELPUBKEYLIST, grpId, false, true);
+
+	/* add to layout */
+	addFeedItem(item);
+
 #ifdef NEWS_DEBUG
 	std::cerr << "NewsFeed::addFeedItemChanMsg()";
 	std::cerr << std::endl;

retroshare-gui/src/gui/NewsFeed.h

@@ -30,6 +30,25 @@
 
 #define IMAGE_NEWSFEED ":/icons/plugins_128.png"
 
+const uint32_t NEWSFEED_PEERLIST =       0x0001;
+
+const uint32_t NEWSFEED_FORUMNEWLIST =   0x0002;
+const uint32_t NEWSFEED_FORUMMSGLIST =   0x0003;
+const uint32_t NEWSFEED_CHANNELNEWLIST = 0x0004;
+//const uint32_t NEWSFEED_CHANNELMSGLIST = 0x0005;
+#if 0
+const uint32_t NEWSFEED_BLOGNEWLIST =    0x0006;
+const uint32_t NEWSFEED_BLOGMSGLIST =    0x0007;
+#endif
+
+const uint32_t NEWSFEED_MESSAGELIST =      0x0008;
+const uint32_t NEWSFEED_CHATMSGLIST =      0x0009;
+const uint32_t NEWSFEED_SECLIST =          0x000a;
+const uint32_t NEWSFEED_POSTEDNEWLIST =    0x000b;
+const uint32_t NEWSFEED_POSTEDMSGLIST =    0x000c;
+const uint32_t NEWSFEED_CIRCLELIST    =    0x000d;
+const uint32_t NEWSFEED_CHANNELPUBKEYLIST= 0x000e;
+
 namespace Ui {
 class NewsFeed;
 }
@@ -102,6 +121,7 @@ private:
 	void addFeedItemChannelNew(const RsFeedItem &fi);
 //	void addFeedItemChannelUpdate(const RsFeedItem &fi);
 	void addFeedItemChannelMsg(const RsFeedItem &fi);
+	void addFeedItemChannelPublishKey(const RsFeedItem &fi);
 
 	void addFeedItemForumNew(const RsFeedItem &fi);
 //	void addFeedItemForumUpdate(const RsFeedItem &fi);

retroshare-gui/src/gui/feeds/GxsChannelGroupItem.cpp

@@ -23,6 +23,7 @@
 #include "ui_GxsChannelGroupItem.h"
 
 #include "FeedHolder.h"
+#include "gui/NewsFeed.h"
 #include "gui/RetroShareLink.h"
 
 /****
@@ -144,14 +145,14 @@ void GxsChannelGroupItem::fill()
 		ui->subscribeButton->setEnabled(true);
 	}
 
-//	if (mIsNew)
-//	{
-		ui->titleLabel->setText(tr("New Channel"));
-//	}
-//	else
-//	{
-//		ui->titleLabel->setText(tr("Updated Channel"));
-//	}
+	switch(mFeedId)
+	{
+	case NEWSFEED_CHANNELPUBKEYLIST:	ui->titleLabel->setText(tr("Publish permission received for channel: "));
+										break ;
+
+	case NEWSFEED_CHANNELNEWLIST:	 	ui->titleLabel->setText(tr("New Channel: "));
+										break ;
+	}
 
 	if (mIsHome)
 	{