From eea0c64d1c2e8e52e58ed6eff6e6b79da9536e55 Mon Sep 17 00:00:00 2001 From: csoler Date: Wed, 3 Jan 2018 14:05:13 +0100 Subject: [PATCH 1/2] require signed identity to respond to a signed chat room invite. Avoids "god mode" bug. --- retroshare-gui/src/gui/ChatLobbyWidget.cpp | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/retroshare-gui/src/gui/ChatLobbyWidget.cpp b/retroshare-gui/src/gui/ChatLobbyWidget.cpp index d36602f64..1b1081ba4 100644 --- a/retroshare-gui/src/gui/ChatLobbyWidget.cpp +++ b/retroshare-gui/src/gui/ChatLobbyWidget.cpp @@ -1085,10 +1085,19 @@ void ChatLobbyWidget::readChatLobbyInvites() QMessageBox::Question, QMessageBox::Yes,QMessageBox::No, 0); - QLabel *label = new QLabel(tr("Choose an identity for this chat room:")); + QLabel *label ; GxsIdChooser *idchooser = new GxsIdChooser ; - idchooser->loadIds(IDCHOOSER_ID_REQUIRED,default_id) ; + if( (*it).lobby_flags & RS_CHAT_LOBBY_FLAGS_PGP_SIGNED ) + { + idchooser->loadIds(IDCHOOSER_ID_REQUIRED | IDCHOOSER_NON_ANONYMOUS,default_id) ; + label = new QLabel(tr("Choose a non anonymous identity for this chat room:")); + } + else + { + idchooser->loadIds(IDCHOOSER_ID_REQUIRED,default_id) ; + label = new QLabel(tr("Choose an identity for this chat room:")); + } QGridLayout* layout = qobject_cast(mb.layout()); if (layout) { From 0f6006d140bf70e6809ca0929d19e34400f7a99f Mon Sep 17 00:00:00 2001 From: csoler Date: Wed, 3 Jan 2018 15:01:04 +0100 Subject: [PATCH 2/2] prevent subscribing to a signed chat room without a signed identity --- libretroshare/src/chat/distributedchat.cc | 39 ++++++++++++++++--- retroshare-gui/src/gui/ChatLobbyWidget.cpp | 12 ++++++ .../src/gui/Identity/IdEditDialog.cpp | 1 + 3 files changed, 46 insertions(+), 6 deletions(-) diff --git a/libretroshare/src/chat/distributedchat.cc b/libretroshare/src/chat/distributedchat.cc index 19bca229e..ee176c56b 100644 --- a/libretroshare/src/chat/distributedchat.cc +++ b/libretroshare/src/chat/distributedchat.cc @@ -1403,13 +1403,33 @@ bool DistributedChatService::acceptLobbyInvite(const ChatLobbyId& lobby_id,const return false; } + std::map::const_iterator vid = _visible_lobbies.find(lobby_id) ; + + if(_visible_lobbies.end() == vid) + { + std::cerr << " (EE) Cannot subscribe a non visible chat lobby!!" << std::endl; + return false ; + } + + RsIdentityDetails det ; + if( (!rsIdentity->getIdDetails(identity,det)) || !(det.mFlags & RS_IDENTITY_FLAGS_IS_OWN_ID)) + { + std::cerr << " (EE) Cannot subscribe with identity " << identity << " because it is not ours! Something's wrong here." << std::endl; + return false ; + } + + if( (vid->second.lobby_flags & RS_CHAT_LOBBY_FLAGS_PGP_SIGNED ) && !(det.mFlags & RS_IDENTITY_FLAGS_PGP_LINKED)) + { + std::cerr << " (EE) Cannot subscribe with identity " << identity << " because it is unsigned and the lobby requires signed ids only." << std::endl; + return false ; + } + if(_chat_lobbys.find(lobby_id) != _chat_lobbys.end()) { std::cerr << " (II) Lobby already exists. Weird." << std::endl; return true ; } - #ifdef DEBUG_CHAT_LOBBIES std::cerr << " Creating new Lobby entry." << std::endl; #endif @@ -1491,11 +1511,12 @@ void DistributedChatService::denyLobbyInvite(const ChatLobbyId& lobby_id) bool DistributedChatService::joinVisibleChatLobby(const ChatLobbyId& lobby_id,const RsGxsId& gxs_id) { - if(!mGixs->isOwnId(gxs_id)) - { - std::cerr << "(EE) Cannot lobby using gxs id " << gxs_id << std::endl; - return false ; - } + RsIdentityDetails det ; + if( (!rsIdentity->getIdDetails(gxs_id,det)) || !(det.mFlags & RS_IDENTITY_FLAGS_IS_OWN_ID)) + { + std::cerr << " (EE) Cannot subscribe with identity " << gxs_id << " because it is not ours! Something's wrong here." << std::endl; + return false ; + } #ifdef DEBUG_CHAT_LOBBIES std::cerr << "Joining public chat lobby " << std::hex << lobby_id << std::dec << std::endl; @@ -1527,6 +1548,12 @@ bool DistributedChatService::joinVisibleChatLobby(const ChatLobbyId& lobby_id,co return true ; } + if( (it->second.lobby_flags & RS_CHAT_LOBBY_FLAGS_PGP_SIGNED ) && !(det.mFlags & RS_IDENTITY_FLAGS_PGP_LINKED)) + { + std::cerr << " (EE) Cannot subscribe with identity " << gxs_id << " because it is unsigned and the lobby requires signed ids only." << std::endl; + return false ; + } + #ifdef DEBUG_CHAT_LOBBIES std::cerr << " Creating new lobby entry." << std::endl; #endif diff --git a/retroshare-gui/src/gui/ChatLobbyWidget.cpp b/retroshare-gui/src/gui/ChatLobbyWidget.cpp index 1b1081ba4..5fc3436e1 100644 --- a/retroshare-gui/src/gui/ChatLobbyWidget.cpp +++ b/retroshare-gui/src/gui/ChatLobbyWidget.cpp @@ -1078,8 +1078,20 @@ void ChatLobbyWidget::readChatLobbyInvites() RsGxsId default_id ; rsMsgs->getDefaultIdentityForChatLobby(default_id) ; + std::list subscribed_lobbies ; + rsMsgs->getChatLobbyList(subscribed_lobbies) ; + for(std::list::const_iterator it(invites.begin());it!=invites.end();++it) { + // first check if the lobby is already subscribed. If so, just ignore the request. + + bool found = false ; + for(auto it2(subscribed_lobbies.begin());it2!=subscribed_lobbies.end() && !found;++it2) + found = found || (*it2 == (*it).lobby_id) ; + + if(found) + continue ; + QMessageBox mb(QObject::tr("Join chat room"), tr("%1 invites you to chat room named %2").arg(QString::fromUtf8(rsPeers->getPeerName((*it).peer_id).c_str())).arg(RsHtml::plainText(it->lobby_name)), QMessageBox::Question, QMessageBox::Yes,QMessageBox::No, 0); diff --git a/retroshare-gui/src/gui/Identity/IdEditDialog.cpp b/retroshare-gui/src/gui/Identity/IdEditDialog.cpp index a8212f426..8bddb1be6 100644 --- a/retroshare-gui/src/gui/Identity/IdEditDialog.cpp +++ b/retroshare-gui/src/gui/Identity/IdEditDialog.cpp @@ -227,6 +227,7 @@ void IdEditDialog::enforceNoAnonIds() { ui->radioButton_GpgId->setChecked(true); ui->radioButton_GpgId->setEnabled(false); + ui->radioButton_Pseudo->setEnabled(false); } void IdEditDialog::loadExistingId(uint32_t token)