mirror of
https://github.com/RetroShare/RetroShare.git
synced 2025-01-13 16:39:43 -05:00
Merge pull request #1141 from csoler/v0.6-SecurityFixes
V0.6 security fixes
This commit is contained in:
commit
0a92710b0c
@ -1403,13 +1403,33 @@ bool DistributedChatService::acceptLobbyInvite(const ChatLobbyId& lobby_id,const
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
std::map<ChatLobbyId,VisibleChatLobbyRecord>::const_iterator vid = _visible_lobbies.find(lobby_id) ;
|
||||||
|
|
||||||
|
if(_visible_lobbies.end() == vid)
|
||||||
|
{
|
||||||
|
std::cerr << " (EE) Cannot subscribe a non visible chat lobby!!" << std::endl;
|
||||||
|
return false ;
|
||||||
|
}
|
||||||
|
|
||||||
|
RsIdentityDetails det ;
|
||||||
|
if( (!rsIdentity->getIdDetails(identity,det)) || !(det.mFlags & RS_IDENTITY_FLAGS_IS_OWN_ID))
|
||||||
|
{
|
||||||
|
std::cerr << " (EE) Cannot subscribe with identity " << identity << " because it is not ours! Something's wrong here." << std::endl;
|
||||||
|
return false ;
|
||||||
|
}
|
||||||
|
|
||||||
|
if( (vid->second.lobby_flags & RS_CHAT_LOBBY_FLAGS_PGP_SIGNED ) && !(det.mFlags & RS_IDENTITY_FLAGS_PGP_LINKED))
|
||||||
|
{
|
||||||
|
std::cerr << " (EE) Cannot subscribe with identity " << identity << " because it is unsigned and the lobby requires signed ids only." << std::endl;
|
||||||
|
return false ;
|
||||||
|
}
|
||||||
|
|
||||||
if(_chat_lobbys.find(lobby_id) != _chat_lobbys.end())
|
if(_chat_lobbys.find(lobby_id) != _chat_lobbys.end())
|
||||||
{
|
{
|
||||||
std::cerr << " (II) Lobby already exists. Weird." << std::endl;
|
std::cerr << " (II) Lobby already exists. Weird." << std::endl;
|
||||||
return true ;
|
return true ;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef DEBUG_CHAT_LOBBIES
|
#ifdef DEBUG_CHAT_LOBBIES
|
||||||
std::cerr << " Creating new Lobby entry." << std::endl;
|
std::cerr << " Creating new Lobby entry." << std::endl;
|
||||||
#endif
|
#endif
|
||||||
@ -1491,11 +1511,12 @@ void DistributedChatService::denyLobbyInvite(const ChatLobbyId& lobby_id)
|
|||||||
|
|
||||||
bool DistributedChatService::joinVisibleChatLobby(const ChatLobbyId& lobby_id,const RsGxsId& gxs_id)
|
bool DistributedChatService::joinVisibleChatLobby(const ChatLobbyId& lobby_id,const RsGxsId& gxs_id)
|
||||||
{
|
{
|
||||||
if(!mGixs->isOwnId(gxs_id))
|
RsIdentityDetails det ;
|
||||||
{
|
if( (!rsIdentity->getIdDetails(gxs_id,det)) || !(det.mFlags & RS_IDENTITY_FLAGS_IS_OWN_ID))
|
||||||
std::cerr << "(EE) Cannot lobby using gxs id " << gxs_id << std::endl;
|
{
|
||||||
return false ;
|
std::cerr << " (EE) Cannot subscribe with identity " << gxs_id << " because it is not ours! Something's wrong here." << std::endl;
|
||||||
}
|
return false ;
|
||||||
|
}
|
||||||
|
|
||||||
#ifdef DEBUG_CHAT_LOBBIES
|
#ifdef DEBUG_CHAT_LOBBIES
|
||||||
std::cerr << "Joining public chat lobby " << std::hex << lobby_id << std::dec << std::endl;
|
std::cerr << "Joining public chat lobby " << std::hex << lobby_id << std::dec << std::endl;
|
||||||
@ -1527,6 +1548,12 @@ bool DistributedChatService::joinVisibleChatLobby(const ChatLobbyId& lobby_id,co
|
|||||||
return true ;
|
return true ;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if( (it->second.lobby_flags & RS_CHAT_LOBBY_FLAGS_PGP_SIGNED ) && !(det.mFlags & RS_IDENTITY_FLAGS_PGP_LINKED))
|
||||||
|
{
|
||||||
|
std::cerr << " (EE) Cannot subscribe with identity " << gxs_id << " because it is unsigned and the lobby requires signed ids only." << std::endl;
|
||||||
|
return false ;
|
||||||
|
}
|
||||||
|
|
||||||
#ifdef DEBUG_CHAT_LOBBIES
|
#ifdef DEBUG_CHAT_LOBBIES
|
||||||
std::cerr << " Creating new lobby entry." << std::endl;
|
std::cerr << " Creating new lobby entry." << std::endl;
|
||||||
#endif
|
#endif
|
||||||
|
@ -1078,17 +1078,38 @@ void ChatLobbyWidget::readChatLobbyInvites()
|
|||||||
RsGxsId default_id ;
|
RsGxsId default_id ;
|
||||||
rsMsgs->getDefaultIdentityForChatLobby(default_id) ;
|
rsMsgs->getDefaultIdentityForChatLobby(default_id) ;
|
||||||
|
|
||||||
|
std::list<ChatLobbyId> subscribed_lobbies ;
|
||||||
|
rsMsgs->getChatLobbyList(subscribed_lobbies) ;
|
||||||
|
|
||||||
for(std::list<ChatLobbyInvite>::const_iterator it(invites.begin());it!=invites.end();++it)
|
for(std::list<ChatLobbyInvite>::const_iterator it(invites.begin());it!=invites.end();++it)
|
||||||
{
|
{
|
||||||
|
// first check if the lobby is already subscribed. If so, just ignore the request.
|
||||||
|
|
||||||
|
bool found = false ;
|
||||||
|
for(auto it2(subscribed_lobbies.begin());it2!=subscribed_lobbies.end() && !found;++it2)
|
||||||
|
found = found || (*it2 == (*it).lobby_id) ;
|
||||||
|
|
||||||
|
if(found)
|
||||||
|
continue ;
|
||||||
|
|
||||||
QMessageBox mb(QObject::tr("Join chat room"),
|
QMessageBox mb(QObject::tr("Join chat room"),
|
||||||
tr("%1 invites you to chat room named %2").arg(QString::fromUtf8(rsPeers->getPeerName((*it).peer_id).c_str())).arg(RsHtml::plainText(it->lobby_name)),
|
tr("%1 invites you to chat room named %2").arg(QString::fromUtf8(rsPeers->getPeerName((*it).peer_id).c_str())).arg(RsHtml::plainText(it->lobby_name)),
|
||||||
QMessageBox::Question, QMessageBox::Yes,QMessageBox::No, 0);
|
QMessageBox::Question, QMessageBox::Yes,QMessageBox::No, 0);
|
||||||
|
|
||||||
|
|
||||||
QLabel *label = new QLabel(tr("Choose an identity for this chat room:"));
|
QLabel *label ;
|
||||||
GxsIdChooser *idchooser = new GxsIdChooser ;
|
GxsIdChooser *idchooser = new GxsIdChooser ;
|
||||||
idchooser->loadIds(IDCHOOSER_ID_REQUIRED,default_id) ;
|
|
||||||
|
|
||||||
|
if( (*it).lobby_flags & RS_CHAT_LOBBY_FLAGS_PGP_SIGNED )
|
||||||
|
{
|
||||||
|
idchooser->loadIds(IDCHOOSER_ID_REQUIRED | IDCHOOSER_NON_ANONYMOUS,default_id) ;
|
||||||
|
label = new QLabel(tr("Choose a non anonymous identity for this chat room:"));
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
idchooser->loadIds(IDCHOOSER_ID_REQUIRED,default_id) ;
|
||||||
|
label = new QLabel(tr("Choose an identity for this chat room:"));
|
||||||
|
}
|
||||||
|
|
||||||
QGridLayout* layout = qobject_cast<QGridLayout*>(mb.layout());
|
QGridLayout* layout = qobject_cast<QGridLayout*>(mb.layout());
|
||||||
if (layout) {
|
if (layout) {
|
||||||
|
@ -227,6 +227,7 @@ void IdEditDialog::enforceNoAnonIds()
|
|||||||
{
|
{
|
||||||
ui->radioButton_GpgId->setChecked(true);
|
ui->radioButton_GpgId->setChecked(true);
|
||||||
ui->radioButton_GpgId->setEnabled(false);
|
ui->radioButton_GpgId->setEnabled(false);
|
||||||
|
ui->radioButton_Pseudo->setEnabled(false);
|
||||||
}
|
}
|
||||||
|
|
||||||
void IdEditDialog::loadExistingId(uint32_t token)
|
void IdEditDialog::loadExistingId(uint32_t token)
|
||||||
|
Loading…
Reference in New Issue
Block a user