Added the infrastructure for propagating trust info through third parties

git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@892 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2008-12-23 16:23:54 +00:00
parent 6919d3bd7f
commit 19aa089701
10 changed files with 101 additions and 26 deletions

View File

@ -267,6 +267,32 @@ int AuthXPGP::setConfigDirectories(std::string configfile, std::string neigh
return 1;
}
bool AuthXPGP::isTrustingMe(std::string id)
{
xpgpMtx.lock(); /***** LOCK *****/
bool res = false ;
for(std::list<std::string>::const_iterator it(_trusting_peers.begin());it!=_trusting_peers.end() && !res;++it)
if( *it == id )
res = true ;
xpgpMtx.unlock(); /**** UNLOCK ****/
return res ;
}
void AuthXPGP::addTrustingPeer(std::string id)
{
if( !isTrustingMe(id) )
{
xpgpMtx.lock(); /***** LOCK *****/
_trusting_peers.push_back(id) ;
xpgpMtx.unlock(); /**** UNLOCK ****/
}
}
std::string AuthXPGP::OwnId()
{
#ifdef AUTHXPGP_DEBUG
@ -1546,6 +1572,7 @@ int LoadCheckXPGPandGetName(const char *cert_file, std::string &userName, std::s
valid = false;
}
std::cout << getXPGPInfo(xpgp) << std::endl ;
// clean up.
XPGP_free(xpgp);

View File

@ -102,6 +102,10 @@ virtual bool isAuthenticated(std::string id);
virtual std::string getName(std::string id);
virtual bool getDetails(std::string id, pqiAuthDetails &details);
/* first party trust info */
virtual bool isTrustingMe(std::string id) ;
virtual void addTrustingPeer(std::string id) ;
/* High Level Load/Save Configuration */
virtual bool FinalSaveCertificates();
virtual bool CheckSaveCertificates();
@ -183,6 +187,7 @@ bool locked_FindCert(std::string id, xpgpcert **cert);
bool mConfigSaveActive;
std::map<std::string, xpgpcert *> mCerts;
std::list<std::string> _trusting_peers ;
};
/* Helper Functions */

View File

@ -23,6 +23,7 @@
*
*/
#include <iostream>
#include "pqi/p3authmgr.h"
pqiAuthDetails::pqiAuthDetails()
@ -53,6 +54,16 @@ p3DummyAuthMgr::p3DummyAuthMgr()
}
bool p3DummyAuthMgr::isTrustingMe(std::string id)
{
std::cerr << "isTrustingMe is not implemented in p3DummyAuthMgr. Look into authxpgp.cc." << std::endl ;
return false ;
}
void p3DummyAuthMgr::addTrustingPeer(std::string id)
{
std::cerr << "addTrustingPeer is not implemented in p3DummyAuthMgr. Look into authxpgp.cc." << std::endl ;
}
p3DummyAuthMgr::p3DummyAuthMgr(std::string ownId, std::list<pqiAuthDetails> peers)
{
mOwnId = ownId;

View File

@ -101,6 +101,10 @@ virtual bool CheckSaveCertificates() = 0;
virtual bool saveCertificates() = 0;
virtual bool loadCertificates() = 0;
/* first party trust info */
virtual bool isTrustingMe(std::string id) = 0;
virtual void addTrustingPeer(std::string id) = 0;
/* Load/Save certificates */
virtual bool LoadCertificateFromString(std::string pem, std::string &id) = 0;
@ -170,6 +174,10 @@ virtual bool CheckSaveCertificates();
virtual bool saveCertificates();
virtual bool loadCertificates();
/* first party trust info */
virtual bool isTrustingMe(std::string id) ;
virtual void addTrustingPeer(std::string id) ;
/* Load/Save certificates */
virtual bool LoadCertificateFromString(std::string pem, std::string &id);
virtual std::string SaveCertificateToString(std::string id);

View File

@ -96,6 +96,7 @@ const uint32_t RS_NET_FLAGS_USE_DHT = 0x0002;
const uint32_t RS_NET_FLAGS_ONLINE = 0x0004;
const uint32_t RS_NET_FLAGS_EXTERNAL_ADDR = 0x0008;
const uint32_t RS_NET_FLAGS_STABLE_UDP = 0x0010;
const uint32_t RS_NET_FLAGS_TRUSTS_ME = 0x0020;
const uint32_t RS_TCP_STD_TIMEOUT_PERIOD = 5; /* 5 seconds! */

View File

@ -140,6 +140,7 @@ virtual bool ConvertSharedFilePath(std::string path, std::string &fullpath) = 0;
virtual void ForceDirectoryCheck() = 0;
virtual bool InDirectoryCheck() = 0;
/***
* Directory Control
***/

View File

@ -134,6 +134,9 @@ virtual bool getPeerDetails(std::string id, RsPeerDetails &d) = 0;
virtual bool addFriend(std::string id) = 0;
virtual bool removeFriend(std::string id) = 0;
/* get/set third party info about who trusts me */
virtual bool isTrustingMe(std::string id) const = 0 ;
/* Network Stuff */
virtual bool connectAttempt(std::string id) = 0;
virtual bool setLocalAddress(std::string id, std::string addr, uint16_t port) = 0;

View File

@ -224,6 +224,11 @@ bool p3Peers::isOnline(std::string id)
return false;
}
bool p3Peers::isTrustingMe(std::string id) const
{
return mAuthMgr->isTrustingMe(id) ;
}
bool p3Peers::isFriend(std::string id)
{
#ifdef P3PEERS_DEBUG

View File

@ -57,6 +57,9 @@ virtual bool getPeerDetails(std::string id, RsPeerDetails &d);
virtual bool addFriend(std::string id);
virtual bool removeFriend(std::string id);
/* get/set third party info about who trusts me */
virtual bool isTrustingMe(std::string id) const ;
/* Network Stuff */
virtual bool connectAttempt(std::string id);
virtual bool setLocalAddress(std::string id, std::string addr, uint16_t port);

View File

@ -24,6 +24,7 @@
*/
#include "rsiface/rspeers.h"
#include "services/p3disc.h"
#include "pqi/p3authmgr.h"
@ -57,6 +58,7 @@ const uint32_t P3DISC_FLAGS_EXTERNAL_ADDR = 0x0004;
const uint32_t P3DISC_FLAGS_STABLE_UDP = 0x0008;
const uint32_t P3DISC_FLAGS_PEER_ONLINE = 0x0010;
const uint32_t P3DISC_FLAGS_OWN_DETAILS = 0x0020;
const uint32_t P3DISC_FLAGS_PEER_TRUSTS_ME= 0x0040;
/*****
@ -296,13 +298,13 @@ void p3disc::sendOwnDetails(std::string to)
// Then send message.
{
#ifdef P3DISC_DEBUG
//#ifdef P3DISC_DEBUG
std::ostringstream out;
out << "p3disc::sendOwnDetails()";
out << "Constructing a RsDiscItem Message!" << std::endl;
out << "Sending to: " << to;
std::cerr << out.str() << std::endl;
#endif
//#endif
}
// Construct a message
@ -368,13 +370,13 @@ void p3disc::sendPeerDetails(std::string to, std::string about)
/* send it off */
{
#ifdef P3DISC_DEBUG
//#ifdef P3DISC_DEBUG
std::ostringstream out;
out << "p3disc::sendPeerDetails()";
out << " Sending details of: " << about;
out << " to: " << to << std::endl;
std::cerr << out.str() << std::endl;
#endif
//#endif
}
@ -433,6 +435,21 @@ void p3disc::sendPeerDetails(std::string to, std::string about)
di->discFlags |= P3DISC_FLAGS_PEER_ONLINE;
}
// Add 3rd party trust info
// We look at peers that trust 'to', by looking into 'to''s tigners list. The problem is that
// signers are accessible through their names instead of their id, so there is ambiguity if too peers
// have the same names. @DrBob: that would be cool to save signers using their ids...
//
RsPeerDetails pd ;
std::string name = rsPeers->getPeerName(about) ;
if(rsPeers->getPeerDetails(to,pd))
for(std::list<std::string>::const_iterator it(pd.signers.begin());it!=pd.signers.end();++it)
if(*it == name)
{
di->discFlags |= P3DISC_FLAGS_PEER_TRUSTS_ME;
std::cerr << " Peer " << about << "(" << name << ")" << " is trusting " << to << ", sending info." << std::endl ;
}
uint32_t certLen = 0;
unsigned char **binptr = (unsigned char **) &(di -> certDER.bin_data);
@ -466,9 +483,9 @@ void p3disc::sendPeerDetails(std::string to, std::string about)
/*************************************************************************************/
void p3disc::recvPeerOwnMsg(RsDiscItem *item)
{
#ifdef P3DISC_DEBUG
//#ifdef P3DISC_DEBUG
std::cerr << "p3disc::recvPeerOwnMsg() From: " << item->PeerId() << std::endl;
#endif
//#endif
/* tells us their exact address (mConnectMgr can ignore if it looks wrong) */
uint32_t type = 0;
@ -523,11 +540,11 @@ void p3disc::recvPeerOwnMsg(RsDiscItem *item)
void p3disc::recvPeerFriendMsg(RsDiscReply *item)
{
#ifdef P3DISC_DEBUG
//#ifdef P3DISC_DEBUG
std::cerr << "p3disc::recvPeerFriendMsg() From: " << item->PeerId();
std::cerr << " About " << item->aboutId;
std::cerr << std::endl;
#endif
//#endif
/* tells us their exact address (mConnectMgr can ignore if it looks wrong) */
@ -543,17 +560,14 @@ void p3disc::recvPeerFriendMsg(RsDiscReply *item)
uint32_t flags = 0;
/* translate flags */
if (item->discFlags & P3DISC_FLAGS_USE_DISC)
if (item->discFlags & P3DISC_FLAGS_USE_DISC) flags |= RS_NET_FLAGS_USE_DISC;
if (item->discFlags & P3DISC_FLAGS_USE_DHT) flags |= RS_NET_FLAGS_USE_DHT;
if (item->discFlags & P3DISC_FLAGS_PEER_ONLINE) flags |= RS_NET_FLAGS_ONLINE;
if (item->discFlags & P3DISC_FLAGS_PEER_TRUSTS_ME)
{
flags |= RS_NET_FLAGS_USE_DISC;
}
if (item->discFlags & P3DISC_FLAGS_USE_DHT)
{
flags |= RS_NET_FLAGS_USE_DHT;
}
if (item->discFlags & P3DISC_FLAGS_PEER_ONLINE)
{
flags |= RS_NET_FLAGS_ONLINE;
std::cerr << " Found a peer that trust me: " << peerId << " (" << rsPeers->getPeerName(peerId) << ")" << std::endl ;
flags |= RS_NET_FLAGS_TRUSTS_ME;
mAuthMgr->addTrustingPeer(peerId) ;
}
/* generate type */
@ -573,13 +587,10 @@ void p3disc::recvPeerFriendMsg(RsDiscReply *item)
/* only valid certs, and not ourselves */
if ((loaded) && (peerId != mConnMgr->getOwnId()))
{
mConnMgr->peerStatus(peerId, item->laddr,
item->saddr, type, flags, RS_CB_DISC);
mConnMgr->peerStatus(peerId, item->laddr, item->saddr, type, flags, RS_CB_DISC);
std::string hashid1 = RsUtil::HashId(peerId, false);
mConnMgr->stunStatus(hashid1, item->saddr, type,
RS_STUN_FRIEND_OF_FRIEND);
mConnMgr->stunStatus(hashid1, item->saddr, type, RS_STUN_FRIEND_OF_FRIEND);
}
addDiscoveryData(item->PeerId(), peerId, item->laddr, item->saddr, item->discFlags, time(NULL));