From 19aa0897011dc6466de485d0022cc353688cb5bd Mon Sep 17 00:00:00 2001 From: csoler Date: Tue, 23 Dec 2008 16:23:54 +0000 Subject: [PATCH] Added the infrastructure for propagating trust info through third parties git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@892 b45a01b8-16f6-495d-af2f-9b41ad6348cc --- libretroshare/src/pqi/authxpgp.cc | 27 ++++++++++++ libretroshare/src/pqi/authxpgp.h | 5 +++ libretroshare/src/pqi/p3authmgr.cc | 11 +++++ libretroshare/src/pqi/p3authmgr.h | 8 ++++ libretroshare/src/pqi/p3connmgr.h | 5 ++- libretroshare/src/rsiface/rsfiles.h | 1 + libretroshare/src/rsiface/rspeers.h | 3 ++ libretroshare/src/rsserver/p3peers.cc | 5 +++ libretroshare/src/rsserver/p3peers.h | 3 ++ libretroshare/src/services/p3disc.cc | 59 ++++++++++++++++----------- 10 files changed, 101 insertions(+), 26 deletions(-) diff --git a/libretroshare/src/pqi/authxpgp.cc b/libretroshare/src/pqi/authxpgp.cc index 8d98a0aa1..2eaabf6ec 100644 --- a/libretroshare/src/pqi/authxpgp.cc +++ b/libretroshare/src/pqi/authxpgp.cc @@ -267,6 +267,32 @@ int AuthXPGP::setConfigDirectories(std::string configfile, std::string neigh return 1; } +bool AuthXPGP::isTrustingMe(std::string id) +{ + xpgpMtx.lock(); /***** LOCK *****/ + + bool res = false ; + + for(std::list::const_iterator it(_trusting_peers.begin());it!=_trusting_peers.end() && !res;++it) + if( *it == id ) + res = true ; + + xpgpMtx.unlock(); /**** UNLOCK ****/ + + return res ; +} +void AuthXPGP::addTrustingPeer(std::string id) +{ + if( !isTrustingMe(id) ) + { + xpgpMtx.lock(); /***** LOCK *****/ + + _trusting_peers.push_back(id) ; + + xpgpMtx.unlock(); /**** UNLOCK ****/ + } +} + std::string AuthXPGP::OwnId() { #ifdef AUTHXPGP_DEBUG @@ -1546,6 +1572,7 @@ int LoadCheckXPGPandGetName(const char *cert_file, std::string &userName, std::s valid = false; } + std::cout << getXPGPInfo(xpgp) << std::endl ; // clean up. XPGP_free(xpgp); diff --git a/libretroshare/src/pqi/authxpgp.h b/libretroshare/src/pqi/authxpgp.h index 9a734a0d1..cf086fdb9 100644 --- a/libretroshare/src/pqi/authxpgp.h +++ b/libretroshare/src/pqi/authxpgp.h @@ -102,6 +102,10 @@ virtual bool isAuthenticated(std::string id); virtual std::string getName(std::string id); virtual bool getDetails(std::string id, pqiAuthDetails &details); + /* first party trust info */ +virtual bool isTrustingMe(std::string id) ; +virtual void addTrustingPeer(std::string id) ; + /* High Level Load/Save Configuration */ virtual bool FinalSaveCertificates(); virtual bool CheckSaveCertificates(); @@ -183,6 +187,7 @@ bool locked_FindCert(std::string id, xpgpcert **cert); bool mConfigSaveActive; std::map mCerts; + std::list _trusting_peers ; }; /* Helper Functions */ diff --git a/libretroshare/src/pqi/p3authmgr.cc b/libretroshare/src/pqi/p3authmgr.cc index 4a78de323..bbee994b8 100644 --- a/libretroshare/src/pqi/p3authmgr.cc +++ b/libretroshare/src/pqi/p3authmgr.cc @@ -23,6 +23,7 @@ * */ +#include #include "pqi/p3authmgr.h" pqiAuthDetails::pqiAuthDetails() @@ -53,6 +54,16 @@ p3DummyAuthMgr::p3DummyAuthMgr() } +bool p3DummyAuthMgr::isTrustingMe(std::string id) +{ + std::cerr << "isTrustingMe is not implemented in p3DummyAuthMgr. Look into authxpgp.cc." << std::endl ; + return false ; +} +void p3DummyAuthMgr::addTrustingPeer(std::string id) +{ + std::cerr << "addTrustingPeer is not implemented in p3DummyAuthMgr. Look into authxpgp.cc." << std::endl ; +} + p3DummyAuthMgr::p3DummyAuthMgr(std::string ownId, std::list peers) { mOwnId = ownId; diff --git a/libretroshare/src/pqi/p3authmgr.h b/libretroshare/src/pqi/p3authmgr.h index fa2300f23..186839454 100644 --- a/libretroshare/src/pqi/p3authmgr.h +++ b/libretroshare/src/pqi/p3authmgr.h @@ -101,6 +101,10 @@ virtual bool CheckSaveCertificates() = 0; virtual bool saveCertificates() = 0; virtual bool loadCertificates() = 0; + /* first party trust info */ +virtual bool isTrustingMe(std::string id) = 0; +virtual void addTrustingPeer(std::string id) = 0; + /* Load/Save certificates */ virtual bool LoadCertificateFromString(std::string pem, std::string &id) = 0; @@ -170,6 +174,10 @@ virtual bool CheckSaveCertificates(); virtual bool saveCertificates(); virtual bool loadCertificates(); + /* first party trust info */ +virtual bool isTrustingMe(std::string id) ; +virtual void addTrustingPeer(std::string id) ; + /* Load/Save certificates */ virtual bool LoadCertificateFromString(std::string pem, std::string &id); virtual std::string SaveCertificateToString(std::string id); diff --git a/libretroshare/src/pqi/p3connmgr.h b/libretroshare/src/pqi/p3connmgr.h index 82752c97b..884d4c32c 100644 --- a/libretroshare/src/pqi/p3connmgr.h +++ b/libretroshare/src/pqi/p3connmgr.h @@ -92,10 +92,11 @@ const uint32_t RS_NET_CONN_UDP_PEER_SYNC = 0x0020; /* coming soon */ /* flags of peerStatus */ const uint32_t RS_NET_FLAGS_USE_DISC = 0x0001; -const uint32_t RS_NET_FLAGS_USE_DHT = 0x0002; -const uint32_t RS_NET_FLAGS_ONLINE = 0x0004; +const uint32_t RS_NET_FLAGS_USE_DHT = 0x0002; +const uint32_t RS_NET_FLAGS_ONLINE = 0x0004; const uint32_t RS_NET_FLAGS_EXTERNAL_ADDR = 0x0008; const uint32_t RS_NET_FLAGS_STABLE_UDP = 0x0010; +const uint32_t RS_NET_FLAGS_TRUSTS_ME = 0x0020; const uint32_t RS_TCP_STD_TIMEOUT_PERIOD = 5; /* 5 seconds! */ diff --git a/libretroshare/src/rsiface/rsfiles.h b/libretroshare/src/rsiface/rsfiles.h index 3f8575035..8d17758f6 100644 --- a/libretroshare/src/rsiface/rsfiles.h +++ b/libretroshare/src/rsiface/rsfiles.h @@ -140,6 +140,7 @@ virtual bool ConvertSharedFilePath(std::string path, std::string &fullpath) = 0; virtual void ForceDirectoryCheck() = 0; virtual bool InDirectoryCheck() = 0; + /*** * Directory Control ***/ diff --git a/libretroshare/src/rsiface/rspeers.h b/libretroshare/src/rsiface/rspeers.h index a92717f57..7807d6bda 100644 --- a/libretroshare/src/rsiface/rspeers.h +++ b/libretroshare/src/rsiface/rspeers.h @@ -134,6 +134,9 @@ virtual bool getPeerDetails(std::string id, RsPeerDetails &d) = 0; virtual bool addFriend(std::string id) = 0; virtual bool removeFriend(std::string id) = 0; + /* get/set third party info about who trusts me */ +virtual bool isTrustingMe(std::string id) const = 0 ; + /* Network Stuff */ virtual bool connectAttempt(std::string id) = 0; virtual bool setLocalAddress(std::string id, std::string addr, uint16_t port) = 0; diff --git a/libretroshare/src/rsserver/p3peers.cc b/libretroshare/src/rsserver/p3peers.cc index 10ab11aa0..29589c80a 100644 --- a/libretroshare/src/rsserver/p3peers.cc +++ b/libretroshare/src/rsserver/p3peers.cc @@ -224,6 +224,11 @@ bool p3Peers::isOnline(std::string id) return false; } +bool p3Peers::isTrustingMe(std::string id) const +{ + return mAuthMgr->isTrustingMe(id) ; +} + bool p3Peers::isFriend(std::string id) { #ifdef P3PEERS_DEBUG diff --git a/libretroshare/src/rsserver/p3peers.h b/libretroshare/src/rsserver/p3peers.h index 4692f26cb..215684611 100644 --- a/libretroshare/src/rsserver/p3peers.h +++ b/libretroshare/src/rsserver/p3peers.h @@ -57,6 +57,9 @@ virtual bool getPeerDetails(std::string id, RsPeerDetails &d); virtual bool addFriend(std::string id); virtual bool removeFriend(std::string id); + /* get/set third party info about who trusts me */ +virtual bool isTrustingMe(std::string id) const ; + /* Network Stuff */ virtual bool connectAttempt(std::string id); virtual bool setLocalAddress(std::string id, std::string addr, uint16_t port); diff --git a/libretroshare/src/services/p3disc.cc b/libretroshare/src/services/p3disc.cc index 7f237a0a6..d33f8dc6c 100644 --- a/libretroshare/src/services/p3disc.cc +++ b/libretroshare/src/services/p3disc.cc @@ -24,6 +24,7 @@ */ +#include "rsiface/rspeers.h" #include "services/p3disc.h" #include "pqi/p3authmgr.h" @@ -53,10 +54,11 @@ static int convertTRangeToTDelta(int trange); const uint32_t P3DISC_FLAGS_USE_DISC = 0x0001; const uint32_t P3DISC_FLAGS_USE_DHT = 0x0002; -const uint32_t P3DISC_FLAGS_EXTERNAL_ADDR = 0x0004; +const uint32_t P3DISC_FLAGS_EXTERNAL_ADDR = 0x0004; const uint32_t P3DISC_FLAGS_STABLE_UDP = 0x0008; const uint32_t P3DISC_FLAGS_PEER_ONLINE = 0x0010; const uint32_t P3DISC_FLAGS_OWN_DETAILS = 0x0020; +const uint32_t P3DISC_FLAGS_PEER_TRUSTS_ME= 0x0040; /***** @@ -296,13 +298,13 @@ void p3disc::sendOwnDetails(std::string to) // Then send message. { -#ifdef P3DISC_DEBUG +//#ifdef P3DISC_DEBUG std::ostringstream out; out << "p3disc::sendOwnDetails()"; out << "Constructing a RsDiscItem Message!" << std::endl; out << "Sending to: " << to; std::cerr << out.str() << std::endl; -#endif +//#endif } // Construct a message @@ -368,13 +370,13 @@ void p3disc::sendPeerDetails(std::string to, std::string about) /* send it off */ { -#ifdef P3DISC_DEBUG +//#ifdef P3DISC_DEBUG std::ostringstream out; out << "p3disc::sendPeerDetails()"; out << " Sending details of: " << about; out << " to: " << to << std::endl; std::cerr << out.str() << std::endl; -#endif +//#endif } @@ -433,6 +435,21 @@ void p3disc::sendPeerDetails(std::string to, std::string about) di->discFlags |= P3DISC_FLAGS_PEER_ONLINE; } + // Add 3rd party trust info + // We look at peers that trust 'to', by looking into 'to''s tigners list. The problem is that + // signers are accessible through their names instead of their id, so there is ambiguity if too peers + // have the same names. @DrBob: that would be cool to save signers using their ids... + // + RsPeerDetails pd ; + std::string name = rsPeers->getPeerName(about) ; + if(rsPeers->getPeerDetails(to,pd)) + for(std::list::const_iterator it(pd.signers.begin());it!=pd.signers.end();++it) + if(*it == name) + { + di->discFlags |= P3DISC_FLAGS_PEER_TRUSTS_ME; + std::cerr << " Peer " << about << "(" << name << ")" << " is trusting " << to << ", sending info." << std::endl ; + } + uint32_t certLen = 0; unsigned char **binptr = (unsigned char **) &(di -> certDER.bin_data); @@ -466,9 +483,9 @@ void p3disc::sendPeerDetails(std::string to, std::string about) /*************************************************************************************/ void p3disc::recvPeerOwnMsg(RsDiscItem *item) { -#ifdef P3DISC_DEBUG +//#ifdef P3DISC_DEBUG std::cerr << "p3disc::recvPeerOwnMsg() From: " << item->PeerId() << std::endl; -#endif +//#endif /* tells us their exact address (mConnectMgr can ignore if it looks wrong) */ uint32_t type = 0; @@ -523,11 +540,11 @@ void p3disc::recvPeerOwnMsg(RsDiscItem *item) void p3disc::recvPeerFriendMsg(RsDiscReply *item) { -#ifdef P3DISC_DEBUG +//#ifdef P3DISC_DEBUG std::cerr << "p3disc::recvPeerFriendMsg() From: " << item->PeerId(); std::cerr << " About " << item->aboutId; std::cerr << std::endl; -#endif +//#endif /* tells us their exact address (mConnectMgr can ignore if it looks wrong) */ @@ -543,17 +560,14 @@ void p3disc::recvPeerFriendMsg(RsDiscReply *item) uint32_t flags = 0; /* translate flags */ - if (item->discFlags & P3DISC_FLAGS_USE_DISC) + if (item->discFlags & P3DISC_FLAGS_USE_DISC) flags |= RS_NET_FLAGS_USE_DISC; + if (item->discFlags & P3DISC_FLAGS_USE_DHT) flags |= RS_NET_FLAGS_USE_DHT; + if (item->discFlags & P3DISC_FLAGS_PEER_ONLINE) flags |= RS_NET_FLAGS_ONLINE; + if (item->discFlags & P3DISC_FLAGS_PEER_TRUSTS_ME) { - flags |= RS_NET_FLAGS_USE_DISC; - } - if (item->discFlags & P3DISC_FLAGS_USE_DHT) - { - flags |= RS_NET_FLAGS_USE_DHT; - } - if (item->discFlags & P3DISC_FLAGS_PEER_ONLINE) - { - flags |= RS_NET_FLAGS_ONLINE; + std::cerr << " Found a peer that trust me: " << peerId << " (" << rsPeers->getPeerName(peerId) << ")" << std::endl ; + flags |= RS_NET_FLAGS_TRUSTS_ME; + mAuthMgr->addTrustingPeer(peerId) ; } /* generate type */ @@ -573,13 +587,10 @@ void p3disc::recvPeerFriendMsg(RsDiscReply *item) /* only valid certs, and not ourselves */ if ((loaded) && (peerId != mConnMgr->getOwnId())) { - mConnMgr->peerStatus(peerId, item->laddr, - item->saddr, type, flags, RS_CB_DISC); + mConnMgr->peerStatus(peerId, item->laddr, item->saddr, type, flags, RS_CB_DISC); std::string hashid1 = RsUtil::HashId(peerId, false); - mConnMgr->stunStatus(hashid1, item->saddr, type, - RS_STUN_FRIEND_OF_FRIEND); - + mConnMgr->stunStatus(hashid1, item->saddr, type, RS_STUN_FRIEND_OF_FRIEND); } addDiscoveryData(item->PeerId(), peerId, item->laddr, item->saddr, item->discFlags, time(NULL));