mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-12-25 07:29:33 -05:00
Merge pull request #1141 from csoler/v0.6-SecurityFixes
V0.6 security fixes
This commit is contained in:
commit
0a92710b0c
@ -1403,13 +1403,33 @@ bool DistributedChatService::acceptLobbyInvite(const ChatLobbyId& lobby_id,const
|
||||
return false;
|
||||
}
|
||||
|
||||
std::map<ChatLobbyId,VisibleChatLobbyRecord>::const_iterator vid = _visible_lobbies.find(lobby_id) ;
|
||||
|
||||
if(_visible_lobbies.end() == vid)
|
||||
{
|
||||
std::cerr << " (EE) Cannot subscribe a non visible chat lobby!!" << std::endl;
|
||||
return false ;
|
||||
}
|
||||
|
||||
RsIdentityDetails det ;
|
||||
if( (!rsIdentity->getIdDetails(identity,det)) || !(det.mFlags & RS_IDENTITY_FLAGS_IS_OWN_ID))
|
||||
{
|
||||
std::cerr << " (EE) Cannot subscribe with identity " << identity << " because it is not ours! Something's wrong here." << std::endl;
|
||||
return false ;
|
||||
}
|
||||
|
||||
if( (vid->second.lobby_flags & RS_CHAT_LOBBY_FLAGS_PGP_SIGNED ) && !(det.mFlags & RS_IDENTITY_FLAGS_PGP_LINKED))
|
||||
{
|
||||
std::cerr << " (EE) Cannot subscribe with identity " << identity << " because it is unsigned and the lobby requires signed ids only." << std::endl;
|
||||
return false ;
|
||||
}
|
||||
|
||||
if(_chat_lobbys.find(lobby_id) != _chat_lobbys.end())
|
||||
{
|
||||
std::cerr << " (II) Lobby already exists. Weird." << std::endl;
|
||||
return true ;
|
||||
}
|
||||
|
||||
|
||||
#ifdef DEBUG_CHAT_LOBBIES
|
||||
std::cerr << " Creating new Lobby entry." << std::endl;
|
||||
#endif
|
||||
@ -1491,11 +1511,12 @@ void DistributedChatService::denyLobbyInvite(const ChatLobbyId& lobby_id)
|
||||
|
||||
bool DistributedChatService::joinVisibleChatLobby(const ChatLobbyId& lobby_id,const RsGxsId& gxs_id)
|
||||
{
|
||||
if(!mGixs->isOwnId(gxs_id))
|
||||
{
|
||||
std::cerr << "(EE) Cannot lobby using gxs id " << gxs_id << std::endl;
|
||||
return false ;
|
||||
}
|
||||
RsIdentityDetails det ;
|
||||
if( (!rsIdentity->getIdDetails(gxs_id,det)) || !(det.mFlags & RS_IDENTITY_FLAGS_IS_OWN_ID))
|
||||
{
|
||||
std::cerr << " (EE) Cannot subscribe with identity " << gxs_id << " because it is not ours! Something's wrong here." << std::endl;
|
||||
return false ;
|
||||
}
|
||||
|
||||
#ifdef DEBUG_CHAT_LOBBIES
|
||||
std::cerr << "Joining public chat lobby " << std::hex << lobby_id << std::dec << std::endl;
|
||||
@ -1527,6 +1548,12 @@ bool DistributedChatService::joinVisibleChatLobby(const ChatLobbyId& lobby_id,co
|
||||
return true ;
|
||||
}
|
||||
|
||||
if( (it->second.lobby_flags & RS_CHAT_LOBBY_FLAGS_PGP_SIGNED ) && !(det.mFlags & RS_IDENTITY_FLAGS_PGP_LINKED))
|
||||
{
|
||||
std::cerr << " (EE) Cannot subscribe with identity " << gxs_id << " because it is unsigned and the lobby requires signed ids only." << std::endl;
|
||||
return false ;
|
||||
}
|
||||
|
||||
#ifdef DEBUG_CHAT_LOBBIES
|
||||
std::cerr << " Creating new lobby entry." << std::endl;
|
||||
#endif
|
||||
|
@ -1078,17 +1078,38 @@ void ChatLobbyWidget::readChatLobbyInvites()
|
||||
RsGxsId default_id ;
|
||||
rsMsgs->getDefaultIdentityForChatLobby(default_id) ;
|
||||
|
||||
std::list<ChatLobbyId> subscribed_lobbies ;
|
||||
rsMsgs->getChatLobbyList(subscribed_lobbies) ;
|
||||
|
||||
for(std::list<ChatLobbyInvite>::const_iterator it(invites.begin());it!=invites.end();++it)
|
||||
{
|
||||
// first check if the lobby is already subscribed. If so, just ignore the request.
|
||||
|
||||
bool found = false ;
|
||||
for(auto it2(subscribed_lobbies.begin());it2!=subscribed_lobbies.end() && !found;++it2)
|
||||
found = found || (*it2 == (*it).lobby_id) ;
|
||||
|
||||
if(found)
|
||||
continue ;
|
||||
|
||||
QMessageBox mb(QObject::tr("Join chat room"),
|
||||
tr("%1 invites you to chat room named %2").arg(QString::fromUtf8(rsPeers->getPeerName((*it).peer_id).c_str())).arg(RsHtml::plainText(it->lobby_name)),
|
||||
QMessageBox::Question, QMessageBox::Yes,QMessageBox::No, 0);
|
||||
|
||||
|
||||
QLabel *label = new QLabel(tr("Choose an identity for this chat room:"));
|
||||
QLabel *label ;
|
||||
GxsIdChooser *idchooser = new GxsIdChooser ;
|
||||
idchooser->loadIds(IDCHOOSER_ID_REQUIRED,default_id) ;
|
||||
|
||||
if( (*it).lobby_flags & RS_CHAT_LOBBY_FLAGS_PGP_SIGNED )
|
||||
{
|
||||
idchooser->loadIds(IDCHOOSER_ID_REQUIRED | IDCHOOSER_NON_ANONYMOUS,default_id) ;
|
||||
label = new QLabel(tr("Choose a non anonymous identity for this chat room:"));
|
||||
}
|
||||
else
|
||||
{
|
||||
idchooser->loadIds(IDCHOOSER_ID_REQUIRED,default_id) ;
|
||||
label = new QLabel(tr("Choose an identity for this chat room:"));
|
||||
}
|
||||
|
||||
QGridLayout* layout = qobject_cast<QGridLayout*>(mb.layout());
|
||||
if (layout) {
|
||||
|
@ -227,6 +227,7 @@ void IdEditDialog::enforceNoAnonIds()
|
||||
{
|
||||
ui->radioButton_GpgId->setChecked(true);
|
||||
ui->radioButton_GpgId->setEnabled(false);
|
||||
ui->radioButton_Pseudo->setEnabled(false);
|
||||
}
|
||||
|
||||
void IdEditDialog::loadExistingId(uint32_t token)
|
||||
|
Loading…
Reference in New Issue
Block a user