mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-10-01 02:35:48 -04:00
Added the infrastructure for propagating trust info through third parties
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@892 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler
parent
6919d3bd7f
commit
19aa089701
@ -267,6 +267,32 @@ int AuthXPGP::setConfigDirectories(std::string configfile, std::string neigh
|
||||
return 1;
|
||||
}
|
||||
|
||||
bool AuthXPGP::isTrustingMe(std::string id)
|
||||
{
|
||||
xpgpMtx.lock(); /***** LOCK *****/
|
||||
|
||||
bool res = false ;
|
||||
|
||||
for(std::list<std::string>::const_iterator it(_trusting_peers.begin());it!=_trusting_peers.end() && !res;++it)
|
||||
if( *it == id )
|
||||
res = true ;
|
||||
|
||||
xpgpMtx.unlock(); /**** UNLOCK ****/
|
||||
|
||||
return res ;
|
||||
}
|
||||
void AuthXPGP::addTrustingPeer(std::string id)
|
||||
{
|
||||
if( !isTrustingMe(id) )
|
||||
{
|
||||
xpgpMtx.lock(); /***** LOCK *****/
|
||||
|
||||
_trusting_peers.push_back(id) ;
|
||||
|
||||
xpgpMtx.unlock(); /**** UNLOCK ****/
|
||||
}
|
||||
}
|
||||
|
||||
std::string AuthXPGP::OwnId()
|
||||
{
|
||||
#ifdef AUTHXPGP_DEBUG
|
||||
@ -1546,6 +1572,7 @@ int LoadCheckXPGPandGetName(const char *cert_file, std::string &userName, std::s
|
||||
valid = false;
|
||||
}
|
||||
|
||||
std::cout << getXPGPInfo(xpgp) << std::endl ;
|
||||
// clean up.
|
||||
XPGP_free(xpgp);
|
||||
|
||||
|
||||
@ -102,6 +102,10 @@ virtual bool isAuthenticated(std::string id);
|
||||
virtual std::string getName(std::string id);
|
||||
virtual bool getDetails(std::string id, pqiAuthDetails &details);
|
||||
|
||||
/* first party trust info */
|
||||
virtual bool isTrustingMe(std::string id) ;
|
||||
virtual void addTrustingPeer(std::string id) ;
|
||||
|
||||
/* High Level Load/Save Configuration */
|
||||
virtual bool FinalSaveCertificates();
|
||||
virtual bool CheckSaveCertificates();
|
||||
@ -183,6 +187,7 @@ bool locked_FindCert(std::string id, xpgpcert **cert);
|
||||
bool mConfigSaveActive;
|
||||
std::map<std::string, xpgpcert *> mCerts;
|
||||
|
||||
std::list<std::string> _trusting_peers ;
|
||||
};
|
||||
|
||||
/* Helper Functions */
|
||||
|
||||
@ -23,6 +23,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
#include <iostream>
|
||||
#include "pqi/p3authmgr.h"
|
||||
|
||||
pqiAuthDetails::pqiAuthDetails()
|
||||
@ -53,6 +54,16 @@ p3DummyAuthMgr::p3DummyAuthMgr()
|
||||
|
||||
}
|
||||
|
||||
bool p3DummyAuthMgr::isTrustingMe(std::string id)
|
||||
{
|
||||
std::cerr << "isTrustingMe is not implemented in p3DummyAuthMgr. Look into authxpgp.cc." << std::endl ;
|
||||
return false ;
|
||||
}
|
||||
void p3DummyAuthMgr::addTrustingPeer(std::string id)
|
||||
{
|
||||
std::cerr << "addTrustingPeer is not implemented in p3DummyAuthMgr. Look into authxpgp.cc." << std::endl ;
|
||||
}
|
||||
|
||||
p3DummyAuthMgr::p3DummyAuthMgr(std::string ownId, std::list<pqiAuthDetails> peers)
|
||||
{
|
||||
mOwnId = ownId;
|
||||
|
||||
@ -101,6 +101,10 @@ virtual bool CheckSaveCertificates() = 0;
|
||||
virtual bool saveCertificates() = 0;
|
||||
virtual bool loadCertificates() = 0;
|
||||
|
||||
/* first party trust info */
|
||||
virtual bool isTrustingMe(std::string id) = 0;
|
||||
virtual void addTrustingPeer(std::string id) = 0;
|
||||
|
||||
/* Load/Save certificates */
|
||||
|
||||
virtual bool LoadCertificateFromString(std::string pem, std::string &id) = 0;
|
||||
@ -170,6 +174,10 @@ virtual bool CheckSaveCertificates();
|
||||
virtual bool saveCertificates();
|
||||
virtual bool loadCertificates();
|
||||
|
||||
/* first party trust info */
|
||||
virtual bool isTrustingMe(std::string id) ;
|
||||
virtual void addTrustingPeer(std::string id) ;
|
||||
|
||||
/* Load/Save certificates */
|
||||
virtual bool LoadCertificateFromString(std::string pem, std::string &id);
|
||||
virtual std::string SaveCertificateToString(std::string id);
|
||||
|
||||
@ -92,10 +92,11 @@ const uint32_t RS_NET_CONN_UDP_PEER_SYNC = 0x0020; /* coming soon */
|
||||
|
||||
/* flags of peerStatus */
|
||||
const uint32_t RS_NET_FLAGS_USE_DISC = 0x0001;
|
||||
const uint32_t RS_NET_FLAGS_USE_DHT = 0x0002;
|
||||
const uint32_t RS_NET_FLAGS_ONLINE = 0x0004;
|
||||
const uint32_t RS_NET_FLAGS_USE_DHT = 0x0002;
|
||||
const uint32_t RS_NET_FLAGS_ONLINE = 0x0004;
|
||||
const uint32_t RS_NET_FLAGS_EXTERNAL_ADDR = 0x0008;
|
||||
const uint32_t RS_NET_FLAGS_STABLE_UDP = 0x0010;
|
||||
const uint32_t RS_NET_FLAGS_TRUSTS_ME = 0x0020;
|
||||
|
||||
const uint32_t RS_TCP_STD_TIMEOUT_PERIOD = 5; /* 5 seconds! */
|
||||
|
||||
|
||||
@ -140,6 +140,7 @@ virtual bool ConvertSharedFilePath(std::string path, std::string &fullpath) = 0;
|
||||
virtual void ForceDirectoryCheck() = 0;
|
||||
virtual bool InDirectoryCheck() = 0;
|
||||
|
||||
|
||||
/***
|
||||
* Directory Control
|
||||
***/
|
||||
|
||||
@ -134,6 +134,9 @@ virtual bool getPeerDetails(std::string id, RsPeerDetails &d) = 0;
|
||||
virtual bool addFriend(std::string id) = 0;
|
||||
virtual bool removeFriend(std::string id) = 0;
|
||||
|
||||
/* get/set third party info about who trusts me */
|
||||
virtual bool isTrustingMe(std::string id) const = 0 ;
|
||||
|
||||
/* Network Stuff */
|
||||
virtual bool connectAttempt(std::string id) = 0;
|
||||
virtual bool setLocalAddress(std::string id, std::string addr, uint16_t port) = 0;
|
||||
|
||||
@ -224,6 +224,11 @@ bool p3Peers::isOnline(std::string id)
|
||||
return false;
|
||||
}
|
||||
|
||||
bool p3Peers::isTrustingMe(std::string id) const
|
||||
{
|
||||
return mAuthMgr->isTrustingMe(id) ;
|
||||
}
|
||||
|
||||
bool p3Peers::isFriend(std::string id)
|
||||
{
|
||||
#ifdef P3PEERS_DEBUG
|
||||
|
||||
@ -57,6 +57,9 @@ virtual bool getPeerDetails(std::string id, RsPeerDetails &d);
|
||||
virtual bool addFriend(std::string id);
|
||||
virtual bool removeFriend(std::string id);
|
||||
|
||||
/* get/set third party info about who trusts me */
|
||||
virtual bool isTrustingMe(std::string id) const ;
|
||||
|
||||
/* Network Stuff */
|
||||
virtual bool connectAttempt(std::string id);
|
||||
virtual bool setLocalAddress(std::string id, std::string addr, uint16_t port);
|
||||
|
||||
@ -24,6 +24,7 @@
|
||||
*/
|
||||
|
||||
|
||||
#include "rsiface/rspeers.h"
|
||||
#include "services/p3disc.h"
|
||||
|
||||
#include "pqi/p3authmgr.h"
|
||||
@ -53,10 +54,11 @@ static int convertTRangeToTDelta(int trange);
|
||||
|
||||
const uint32_t P3DISC_FLAGS_USE_DISC = 0x0001;
|
||||
const uint32_t P3DISC_FLAGS_USE_DHT = 0x0002;
|
||||
const uint32_t P3DISC_FLAGS_EXTERNAL_ADDR = 0x0004;
|
||||
const uint32_t P3DISC_FLAGS_EXTERNAL_ADDR = 0x0004;
|
||||
const uint32_t P3DISC_FLAGS_STABLE_UDP = 0x0008;
|
||||
const uint32_t P3DISC_FLAGS_PEER_ONLINE = 0x0010;
|
||||
const uint32_t P3DISC_FLAGS_OWN_DETAILS = 0x0020;
|
||||
const uint32_t P3DISC_FLAGS_PEER_TRUSTS_ME= 0x0040;
|
||||
|
||||
|
||||
/*****
|
||||
@ -296,13 +298,13 @@ void p3disc::sendOwnDetails(std::string to)
|
||||
|
||||
// Then send message.
|
||||
{
|
||||
#ifdef P3DISC_DEBUG
|
||||
//#ifdef P3DISC_DEBUG
|
||||
std::ostringstream out;
|
||||
out << "p3disc::sendOwnDetails()";
|
||||
out << "Constructing a RsDiscItem Message!" << std::endl;
|
||||
out << "Sending to: " << to;
|
||||
std::cerr << out.str() << std::endl;
|
||||
#endif
|
||||
//#endif
|
||||
}
|
||||
|
||||
// Construct a message
|
||||
@ -368,13 +370,13 @@ void p3disc::sendPeerDetails(std::string to, std::string about)
|
||||
|
||||
/* send it off */
|
||||
{
|
||||
#ifdef P3DISC_DEBUG
|
||||
//#ifdef P3DISC_DEBUG
|
||||
std::ostringstream out;
|
||||
out << "p3disc::sendPeerDetails()";
|
||||
out << " Sending details of: " << about;
|
||||
out << " to: " << to << std::endl;
|
||||
std::cerr << out.str() << std::endl;
|
||||
#endif
|
||||
//#endif
|
||||
}
|
||||
|
||||
|
||||
@ -433,6 +435,21 @@ void p3disc::sendPeerDetails(std::string to, std::string about)
|
||||
di->discFlags |= P3DISC_FLAGS_PEER_ONLINE;
|
||||
}
|
||||
|
||||
// Add 3rd party trust info
|
||||
// We look at peers that trust 'to', by looking into 'to''s tigners list. The problem is that
|
||||
// signers are accessible through their names instead of their id, so there is ambiguity if too peers
|
||||
// have the same names. @DrBob: that would be cool to save signers using their ids...
|
||||
//
|
||||
RsPeerDetails pd ;
|
||||
std::string name = rsPeers->getPeerName(about) ;
|
||||
if(rsPeers->getPeerDetails(to,pd))
|
||||
for(std::list<std::string>::const_iterator it(pd.signers.begin());it!=pd.signers.end();++it)
|
||||
if(*it == name)
|
||||
{
|
||||
di->discFlags |= P3DISC_FLAGS_PEER_TRUSTS_ME;
|
||||
std::cerr << " Peer " << about << "(" << name << ")" << " is trusting " << to << ", sending info." << std::endl ;
|
||||
}
|
||||
|
||||
uint32_t certLen = 0;
|
||||
|
||||
unsigned char **binptr = (unsigned char **) &(di -> certDER.bin_data);
|
||||
@ -466,9 +483,9 @@ void p3disc::sendPeerDetails(std::string to, std::string about)
|
||||
/*************************************************************************************/
|
||||
void p3disc::recvPeerOwnMsg(RsDiscItem *item)
|
||||
{
|
||||
#ifdef P3DISC_DEBUG
|
||||
//#ifdef P3DISC_DEBUG
|
||||
std::cerr << "p3disc::recvPeerOwnMsg() From: " << item->PeerId() << std::endl;
|
||||
#endif
|
||||
//#endif
|
||||
|
||||
/* tells us their exact address (mConnectMgr can ignore if it looks wrong) */
|
||||
uint32_t type = 0;
|
||||
@ -523,11 +540,11 @@ void p3disc::recvPeerOwnMsg(RsDiscItem *item)
|
||||
void p3disc::recvPeerFriendMsg(RsDiscReply *item)
|
||||
{
|
||||
|
||||
#ifdef P3DISC_DEBUG
|
||||
//#ifdef P3DISC_DEBUG
|
||||
std::cerr << "p3disc::recvPeerFriendMsg() From: " << item->PeerId();
|
||||
std::cerr << " About " << item->aboutId;
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
//#endif
|
||||
|
||||
/* tells us their exact address (mConnectMgr can ignore if it looks wrong) */
|
||||
|
||||
@ -543,17 +560,14 @@ void p3disc::recvPeerFriendMsg(RsDiscReply *item)
|
||||
uint32_t flags = 0;
|
||||
|
||||
/* translate flags */
|
||||
if (item->discFlags & P3DISC_FLAGS_USE_DISC)
|
||||
if (item->discFlags & P3DISC_FLAGS_USE_DISC) flags |= RS_NET_FLAGS_USE_DISC;
|
||||
if (item->discFlags & P3DISC_FLAGS_USE_DHT) flags |= RS_NET_FLAGS_USE_DHT;
|
||||
if (item->discFlags & P3DISC_FLAGS_PEER_ONLINE) flags |= RS_NET_FLAGS_ONLINE;
|
||||
if (item->discFlags & P3DISC_FLAGS_PEER_TRUSTS_ME)
|
||||
{
|
||||
flags |= RS_NET_FLAGS_USE_DISC;
|
||||
}
|
||||
if (item->discFlags & P3DISC_FLAGS_USE_DHT)
|
||||
{
|
||||
flags |= RS_NET_FLAGS_USE_DHT;
|
||||
}
|
||||
if (item->discFlags & P3DISC_FLAGS_PEER_ONLINE)
|
||||
{
|
||||
flags |= RS_NET_FLAGS_ONLINE;
|
||||
std::cerr << " Found a peer that trust me: " << peerId << " (" << rsPeers->getPeerName(peerId) << ")" << std::endl ;
|
||||
flags |= RS_NET_FLAGS_TRUSTS_ME;
|
||||
mAuthMgr->addTrustingPeer(peerId) ;
|
||||
}
|
||||
|
||||
/* generate type */
|
||||
@ -573,13 +587,10 @@ void p3disc::recvPeerFriendMsg(RsDiscReply *item)
|
||||
/* only valid certs, and not ourselves */
|
||||
if ((loaded) && (peerId != mConnMgr->getOwnId()))
|
||||
{
|
||||
mConnMgr->peerStatus(peerId, item->laddr,
|
||||
item->saddr, type, flags, RS_CB_DISC);
|
||||
mConnMgr->peerStatus(peerId, item->laddr, item->saddr, type, flags, RS_CB_DISC);
|
||||
|
||||
std::string hashid1 = RsUtil::HashId(peerId, false);
|
||||
mConnMgr->stunStatus(hashid1, item->saddr, type,
|
||||
RS_STUN_FRIEND_OF_FRIEND);
|
||||
|
||||
mConnMgr->stunStatus(hashid1, item->saddr, type, RS_STUN_FRIEND_OF_FRIEND);
|
||||
}
|
||||
|
||||
addDiscoveryData(item->PeerId(), peerId, item->laddr, item->saddr, item->discFlags, time(NULL));
|
||||
|
||||
Loading…
Reference in New Issue
Block a user