Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2024-10-01 02:35:48 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #343 from csoler/v0.6-Circles

Browse Source 
V0.6 circles
This commit is contained in:
Cyril Soler 2016-04-09 11:38:07 -04:00
commit 10a32d3c4e
3 changed files with 167 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libresapi/src/api/IdentityHandler.cpp
View File

@ -203,7 +203,7 @@ void IdentityHandler::handleWildcard(Request &req, Response &resp)
}
}
ResponseTask* IdentityHandler::handleOwn(Request &req, Response &resp)
ResponseTask* IdentityHandler::handleOwn(Request & /* req */, Response &resp)
{
StateToken state;
{

258
libretroshare/src/gxs/rsgxsnetservice.cc
View File

@ -223,14 +223,14 @@
NXS_NET_DEBUG_7 encryption/decryption of transactions
***/
//#define NXS_NET_DEBUG_0 1
#define NXS_NET_DEBUG_0 1
//#define NXS_NET_DEBUG_1 1
//#define NXS_NET_DEBUG_2 1
//#define NXS_NET_DEBUG_3 1
//#define NXS_NET_DEBUG_4 1
//#define NXS_NET_DEBUG_5 1
//#define NXS_NET_DEBUG_6 1
//#define NXS_NET_DEBUG_7 1
#define NXS_NET_DEBUG_7 1
#define GIXS_CUT_OFF 0
//#define NXS_FRAG
@ -266,7 +266,7 @@ static const uint32_t RS_NXS_ITEM_ENCRYPTION_STATUS_GXS_KEY_MISSING = 0x05 ;
static const RsPeerId peer_to_print = RsPeerId(std::string("")) ;
static const RsGxsGroupId group_id_to_print = RsGxsGroupId(std::string("" )) ; // use this to allow to this group id only, or "" for all IDs
static const uint32_t service_to_print = 0x218 ; // use this to allow to this service id only, or 0 for all services
static const uint32_t service_to_print = 0x215 ; // use this to allow to this service id only, or 0 for all services
// warning. Numbers should be SERVICE IDS (see serialiser/rsserviceids.h. E.g. 0x0215 for forums)
class nullstream: public std::ostream {};
@ -715,10 +715,19 @@ void RsGxsNetService::syncWithPeers()
{
const RsGxsGrpMetaData* meta = mmit->second;
const RsGxsGroupId& grpId = mmit->first;
RsGxsCircleId encrypt_to_this_circle_id ;
if(!checkCanRecvMsgFromPeer(peerId, *meta))
if(!checkCanRecvMsgFromPeer(peerId, *meta,encrypt_to_this_circle_id))
continue;
#ifdef NXS_NET_DEBUG_0
GXSNETDEBUG_PG(peerId,grpId) << " peer can send messages for group " << grpId ;
if(!encrypt_to_this_circle_id.isNull())
std::cerr << " request should be encrypted for circle ID " << encrypt_to_this_circle_id << std::endl;
else
std::cerr << " request should be sent in clear." << std::endl;
#endif
// On default, the info has never been received so the TS is 0, meaning the peer has sent that it had no information.
uint32_t updateTS = 0;
@ -737,12 +746,28 @@ void RsGxsNetService::syncWithPeers()
msg->grpId = grpId;
msg->updateTS = updateTS;
//NxsBandwidthRecorder::recordEvent(mServType,msg) ;
//if(RSRandom::random_f32() < sending_probability)
//{
sendItem(msg);
if(encrypt_to_this_circle_id.isNull())
{
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_PG(*sit,grpId) << " Service " << std::hex << ((mServiceInfo.mServiceType >> 8)& 0xffff) << std::dec << " sending message TS of peer id: " << *sit << " ts=" << nice_time_stamp(time(NULL),updateTS) << " (secs ago) for group " << grpId << " to himself - in clear " << std::endl;
#endif
sendItem(msg);
}
else
{
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_PG(*sit,grpId) << " Service " << std::hex << ((mServiceInfo.mServiceType >> 8)& 0xffff) << std::dec << " sending message TS of peer id: " << *sit << " ts=" << nice_time_stamp(time(NULL),updateTS) << " (secs ago) for group " << grpId << " to himself - encrypted for circle " << encrypt_to_this_circle_id << std::endl;
#endif
RsNxsItem *encrypted_item = NULL ;
uint32_t status ;
if(encryptSingleNxsItem(msg, encrypt_to_this_circle_id, encrypted_item, status))
sendItem(encrypted_item) ;
else
std::cerr << "(WW) could not encrypt for circle ID " << encrypt_to_this_circle_id << ". Not yet in cache?" << std::endl;
delete msg ;
}
#ifdef NXS_NET_DEBUG_5
GXSNETDEBUG_PG(*sit,grpId) << "Service "<< std::hex << ((mServiceInfo.mServiceType >> 8)& 0xffff) << std::dec << " sending global message TS of peer id: " << *sit << " ts=" << nice_time_stamp(time(NULL),updateTS) << " (secs ago) for group " << grpId << " to himself" << std::endl;
@ -943,10 +968,10 @@ void RsGxsNetService::subscribeStatusChanged(const RsGxsGroupId& grpId,bool subs
{
RsGxsServerMsgUpdateItem *item = new RsGxsServerMsgUpdateItem(mServType) ;
item->grpId = grpId ;
item->msgUpdateTS = 0 ;
item->msgUpdateTS = time(NULL) ;
}
else
it->second->msgUpdateTS = 0 ; // reset!
it->second->msgUpdateTS = time(NULL) ; // reset!
// We also update mGrpServerUpdateItem so as to trigger a new grp list exchange with friends (friends will send their known ClientTS which
// will be lower than our own grpUpdateTS, triggering our sending of the new subscribed grp list.
@ -1583,13 +1608,33 @@ void RsGxsNetService::recvNxsItemQueue()
continue;
}
// Check whether the item is encrypted. If so, try to decrypt it, and replace ni with the decrypted item..
bool item_was_encrypted = false ;
if(ni->PacketSubType() == RS_PKT_SUBTYPE_NXS_ENCRYPTED_DATA_ITEM)
{
RsNxsItem *decrypted_item ;
uint32_t status ;
if(decryptSingleNxsItem(dynamic_cast<RsNxsEncryptedDataItem*>(ni),decrypted_item))
{
item = ni = decrypted_item ;
item_was_encrypted = true ;
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_P_(item->PeerId()) << " decrypted item " << std::endl;
#endif
}
else
std::cerr << "(EE) Could not decrypt incoming encrypted NXS item. Probably a friend subscribed to a circle-restricted group." << std::endl;
}
switch(ni->PacketSubType())
{
case RS_PKT_SUBTYPE_NXS_SYNC_GRP_STATS_ITEM: handleRecvSyncGrpStatistics (dynamic_cast<RsNxsSyncGrpStatsItem*>(ni)) ; break ;
case RS_PKT_SUBTYPE_NXS_SYNC_GRP_REQ_ITEM: handleRecvSyncGroup (dynamic_cast<RsNxsSyncGrpReqItem*>(ni)) ; break ;
case RS_PKT_SUBTYPE_NXS_SYNC_MSG_REQ_ITEM: handleRecvSyncMessage (dynamic_cast<RsNxsSyncMsgReqItem*>(ni)) ; break ;
case RS_PKT_SUBTYPE_NXS_SYNC_MSG_REQ_ITEM: handleRecvSyncMessage (dynamic_cast<RsNxsSyncMsgReqItem*>(ni),item_was_encrypted) ; break ;
case RS_PKT_SUBTYPE_NXS_GRP_PUBLISH_KEY_ITEM:handleRecvPublishKeys (dynamic_cast<RsNxsGroupPublishKeyItem*>(ni)) ; break ;
default:
@ -3741,89 +3786,12 @@ bool RsGxsNetService::processTransactionForDecryption(NxsTransaction *tr)
continue ;
}
// we need the private keys to decrypt the item. First load them in!
bool key_loading_failed = false ;
if(private_keys.empty())
{
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_P_(peerId) << " need to retrieve private keys..." << std::endl;
#endif
std::list<RsGxsId> own_keys ;
mGixs->getOwnIds(own_keys) ;
for(std::list<RsGxsId>::const_iterator it(own_keys.begin());it!=own_keys.end();++it)
{
RsTlvSecurityKey private_key ;
if(mGixs->getPrivateKey(*it,private_key))
{
private_keys.push_back(private_key) ;
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_P_(peerId)<< " retrieved private key " << *it << std::endl;
#endif
}
else
{
std::cerr << " (EE) Cannot retrieve private key for ID " << *it << std::endl;
key_loading_failed = true ;
break ;
}
}
}
if(key_loading_failed)
{
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_P_(peerId) << " Some keys not loaded.Returning false to retry later." << std::endl;
#endif
return false ;
}
// we do this only when something actually needs to be decrypted.
unsigned char *decrypted_mem = NULL;
uint32_t decrypted_len =0;
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_P_(peerId)<< " Trying to decrypt item..." ;
#endif
if(!GxsSecurity::decrypt(decrypted_mem,decrypted_len, (uint8_t*)encrypted_item->encrypted_data.bin_data,encrypted_item->encrypted_data.bin_len,private_keys))
{
std::cerr << "Failed! Cannot decrypt this item." << std::endl;
decrypted_mem = NULL ; // for safety
}
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_P_(peerId)<< " Succeeded! deserialising..." << std::endl;
#endif
// deserialise the item
RsItem *ditem = NULL ;
RsNxsItem *nxsitem = NULL ;
if(decrypted_mem!=NULL)
{
ditem = RsNxsSerialiser(mServType).deserialise(decrypted_mem,&decrypted_len) ;
if(ditem != NULL)
{
ditem->PeerId((*it)->PeerId()) ; // This is needed because the deserialised item has no peer id
nxsitem = dynamic_cast<RsNxsItem*>(ditem) ;
}
else
std::cerr << " Cannot deserialise. Item encoding error!" << std::endl;
if(nxsitem == NULL)
std::cerr << " (EE) Deserialised item is not an NxsItem. Weird. Dropping transaction." << std::endl;
}
// remove the encrypted item. After that it points to the next item to handle
it = tr->mItems.erase(it) ;
if(nxsitem != NULL)
RsNxsItem *nxsitem = NULL ;
if(decryptSingleNxsItem(encrypted_item,nxsitem,&private_keys))
{
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_P_(peerId) << " Replacing the encrypted item with the clear one." << std::endl;
@ -3837,6 +3805,93 @@ bool RsGxsNetService::processTransactionForDecryption(NxsTransaction *tr)
return true ;
}
bool RsGxsNetService::decryptSingleNxsItem(const RsNxsEncryptedDataItem *encrypted_item, RsNxsItem *& nxsitem,std::vector<RsTlvSecurityKey> *pprivate_keys)
{
// if private_keys storage is supplied use/update them, otherwise, find which key should be used, and store them in a local std::vector.
nxsitem = NULL ;
std::vector<RsTlvSecurityKey> local_keys ;
std::vector<RsTlvSecurityKey>& private_keys = pprivate_keys?(*pprivate_keys):local_keys ;
// we need the private keys to decrypt the item. First load them in!
bool key_loading_failed = false ;
if(private_keys.empty())
{
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_P_(encrypted_item->PeerId()) << " need to retrieve private keys..." << std::endl;
#endif
std::list<RsGxsId> own_keys ;
mGixs->getOwnIds(own_keys) ;
for(std::list<RsGxsId>::const_iterator it(own_keys.begin());it!=own_keys.end();++it)
{
RsTlvSecurityKey private_key ;
if(mGixs->getPrivateKey(*it,private_key))
{
private_keys.push_back(private_key) ;
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_P_(encrypted_item->PeerId())<< " retrieved private key " << *it << std::endl;
#endif
}
else
{
std::cerr << " (EE) Cannot retrieve private key for ID " << *it << std::endl;
key_loading_failed = true ;
break ;
}
}
}
if(key_loading_failed)
{
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_P_(encrypted_item->PeerId()) << " Some keys not loaded.Returning false to retry later." << std::endl;
#endif
return false ;
}
// we do this only when something actually needs to be decrypted.
unsigned char *decrypted_mem = NULL;
uint32_t decrypted_len =0;
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_P_(encrypted_item->PeerId())<< " Trying to decrypt item..." ;
#endif
if(!GxsSecurity::decrypt(decrypted_mem,decrypted_len, (uint8_t*)encrypted_item->encrypted_data.bin_data,encrypted_item->encrypted_data.bin_len,private_keys))
{
std::cerr << "Failed! Cannot decrypt this item." << std::endl;
decrypted_mem = NULL ; // for safety
return false ;
}
#ifdef NXS_NET_DEBUG_7
GXSNETDEBUG_P_(encrypted_item->PeerId())<< " Succeeded! deserialising..." << std::endl;
#endif
// deserialise the item
RsItem *ditem = NULL ;
if(decrypted_mem!=NULL)
{
ditem = RsNxsSerialiser(mServType).deserialise(decrypted_mem,&decrypted_len) ;
if(ditem != NULL)
{
ditem->PeerId(encrypted_item->PeerId()) ; // This is needed because the deserialised item has no peer id
nxsitem = dynamic_cast<RsNxsItem*>(ditem) ;
}
else
std::cerr << " Cannot deserialise. Item encoding error!" << std::endl;
return (nxsitem != NULL) ;
}
return false ;
}
void RsGxsNetService::cleanTransactionItems(NxsTransaction* tr) const
{
std::list<RsNxsItem*>::iterator lit = tr->mItems.begin();
@ -4163,7 +4218,7 @@ bool RsGxsNetService::canSendGrpId(const RsPeerId& sslId, RsGxsGrpMetaData& grpM
return true;
}
bool RsGxsNetService::checkCanRecvMsgFromPeer(const RsPeerId& sslId, const RsGxsGrpMetaData& grpMeta)
bool RsGxsNetService::checkCanRecvMsgFromPeer(const RsPeerId& sslId, const RsGxsGrpMetaData& grpMeta, RsGxsCircleId &should_encrypt_id)
{
#ifdef NXS_NET_DEBUG_4
@ -4172,6 +4227,7 @@ bool RsGxsNetService::checkCanRecvMsgFromPeer(const RsPeerId& sslId, const RsGxs
#endif
// first do the simple checks
uint8_t circleType = grpMeta.mCircleType;
should_encrypt_id.clear() ;
if(circleType == GXS_CIRCLE_TYPE_LOCAL)
{
@ -4194,6 +4250,7 @@ bool RsGxsNetService::checkCanRecvMsgFromPeer(const RsPeerId& sslId, const RsGxs
#ifdef NXS_NET_DEBUG_4
GXSNETDEBUG_PG(sslId,grpMeta.mGroupId) << " Circle type: EXTERNAL => returning true. Msgs will be encrypted." << std::endl;
#endif
should_encrypt_id = grpMeta.mCircleId ;
return true ;
#ifdef TO_BE_REMOVED_OLD_VETTING_FOR_EXTERNAL_CIRCLES
const RsGxsCircleId& circleId = grpMeta.mCircleId;
@ -4304,7 +4361,7 @@ bool RsGxsNetService::locked_CanReceiveUpdate(const RsNxsSyncMsgReqItem *item)
return false;
}
void RsGxsNetService::handleRecvSyncMessage(RsNxsSyncMsgReqItem *item)
void RsGxsNetService::handleRecvSyncMessage(RsNxsSyncMsgReqItem *item,bool item_was_encrypted)
{
if (!item)
return;
@ -4352,6 +4409,17 @@ void RsGxsNetService::handleRecvSyncMessage(RsNxsSyncMsgReqItem *item)
#endif
return ;
}
if( (grpMeta->mCircleType == GXS_CIRCLE_TYPE_EXTERNAL) != item_was_encrypted )
{
std::cerr << "(EE) received a sync Msg request for group " << item->grpId << " from peer " << item->PeerId() ;
if(!item_was_encrypted)
std::cerr << ". The group is tied to an external circle (ID=" << grpMeta->mCircleId << ") but the request wasn't encrypted." << std::endl;
else
std::cerr << ". The group is not tied to an external circle (ID=" << grpMeta->mCircleId << ") but the request was encrypted." << std::endl;
return ;
}
GxsMsgReq req;
req[item->grpId] = std::vector<RsGxsMessageId>();

5
libretroshare/src/gxs/rsgxsnetservice.h
View File

@ -332,7 +332,7 @@ private:
* Handles an nxs item for msgs synchronisation
* @param item contaims msg sync info
*/
void handleRecvSyncMessage(RsNxsSyncMsgReqItem* item);
void handleRecvSyncMessage(RsNxsSyncMsgReqItem* item,bool item_was_encrypted);
/*!
* Handles an nxs item for group publish key
@ -354,7 +354,7 @@ private:
bool canSendGrpId(const RsPeerId& sslId, RsGxsGrpMetaData& grpMeta, std::vector<GrpIdCircleVet>& toVet, bool &should_encrypt);
bool canSendMsgIds(std::vector<RsGxsMsgMetaData*>& msgMetas, const RsGxsGrpMetaData&, const RsPeerId& sslId, RsGxsCircleId &should_encrypt_id);
bool checkCanRecvMsgFromPeer(const RsPeerId& sslId, const RsGxsGrpMetaData& meta);
bool checkCanRecvMsgFromPeer(const RsPeerId& sslId, const RsGxsGrpMetaData& meta, RsGxsCircleId& should_encrypt_id);
void locked_createTransactionFromPending(MsgRespPending* grpPend);
void locked_createTransactionFromPending(GrpRespPending* msgPend);
@ -455,6 +455,7 @@ private:
* encrypts/decrypts the transaction for the destination circle id.
*/
bool encryptSingleNxsItem(RsNxsItem *item, const RsGxsCircleId& destination_circle, RsNxsItem *& encrypted_item, uint32_t &status) ;
bool decryptSingleNxsItem(const RsNxsEncryptedDataItem *encrypted_item, RsNxsItem *&nxsitem, std::vector<RsTlvSecurityKey> *private_keys=NULL);
bool processTransactionForDecryption(NxsTransaction *tr); // return false when the keys are not loaded => need retry later
void cleanRejectedMessages();