mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-12-19 21:04:32 -05:00
Modifications to libretroshare to enable a
build against a standard OpenSSL library... Still lots to do (implement AuthSSL), compiles all but final gui. use USE_XPGP flag in build script to control it. git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@796 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
parent
f810a0f58f
commit
1e33267951
@ -14,14 +14,7 @@ LOOP_OBJ = pqiloopback.o
|
||||
STREAM_OBJ = pqistreamer.o pqiarchive.o pqibin.o
|
||||
MGR_OBJ = pqimonitor.o p3dhtmgr.o p3connmgr.o p3cfgmgr.o p3authmgr.o
|
||||
GRP_OBJ = pqiperson.o pqihandler.o pqiservice.o pqipersongrp.o
|
||||
|
||||
ifdef PQI_USE_XPGP
|
||||
SSL_OBJ = authxpgp.o cleanupxpgp.o
|
||||
else
|
||||
SSL_OBJ = sslcert.o
|
||||
endif
|
||||
|
||||
SSL_OBJ += pqissl.o pqissllistener.o pqisslpersongrp.o
|
||||
SSL_OBJ = pqissl.o pqissllistener.o pqisslpersongrp.o
|
||||
UDP_OBJ = pqissludp.o
|
||||
|
||||
OTHER_OBJ = p3notify.o
|
||||
@ -34,12 +27,20 @@ RSOBJ = $(BASE_OBJ) $(LOOP_OBJ) \
|
||||
$(GRP_OBJ) \
|
||||
$(OTHER_OBJ)
|
||||
|
||||
TESTOBJ = xpgp_id.o net_test.o dht_test.o net_test1.o
|
||||
TESTOBJ = net_test.o dht_test.o net_test1.o
|
||||
#conn_test.o
|
||||
|
||||
TESTS = xpgp_id net_test dht_test net_test1
|
||||
TESTS = net_test dht_test net_test1
|
||||
#conn_test
|
||||
|
||||
ifdef PQI_USE_XPGP
|
||||
SSL_OBJ += authxpgp.o cleanupxpgp.o
|
||||
TESTOBJ += xpgp_id.o
|
||||
TESTS += xpgp_id
|
||||
else
|
||||
#SSL_OBJ = sslcert.o
|
||||
endif
|
||||
|
||||
|
||||
all: librs tests
|
||||
|
||||
|
176
libretroshare/src/pqi/authssl.h
Normal file
176
libretroshare/src/pqi/authssl.h
Normal file
@ -0,0 +1,176 @@
|
||||
/*
|
||||
* libretroshare/src/pqi: authssl.h
|
||||
*
|
||||
* 3P/PQI network interface for RetroShare.
|
||||
*
|
||||
* Copyright 2004-2008 by Robert Fernie.
|
||||
*
|
||||
* This library is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU Library General Public
|
||||
* License Version 2 as published by the Free Software Foundation.
|
||||
*
|
||||
* This library is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* Library General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Library General Public
|
||||
* License along with this library; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
|
||||
* USA.
|
||||
*
|
||||
* Please report all bugs and problems to "retroshare@lunamutt.com".
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef MRK_AUTH_SSL_HEADER
|
||||
#define MRK_AUTH_SSL_HEADER
|
||||
|
||||
/* This is a dummy auth header.... to
|
||||
* work with the standard OpenSSL as opposed to the patched version.
|
||||
*
|
||||
* It is expected to be replaced by authpgp shortly.
|
||||
* (or provide the base OpenSSL iteraction for authpgp).
|
||||
*
|
||||
*/
|
||||
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/evp.h>
|
||||
|
||||
#include <string>
|
||||
#include <map>
|
||||
|
||||
#include "util/rsthreads.h"
|
||||
|
||||
#include "pqi/pqi_base.h"
|
||||
#include "pqi/pqinetwork.h"
|
||||
#include "pqi/p3authmgr.h"
|
||||
|
||||
class AuthXPGP;
|
||||
|
||||
class AuthSSL: public p3AuthMgr
|
||||
{
|
||||
public:
|
||||
|
||||
/* Initialisation Functions (Unique) */
|
||||
AuthSSL();
|
||||
virtual bool active();
|
||||
virtual int InitAuth(const char *srvr_cert, const char *priv_key,
|
||||
const char *passwd);
|
||||
virtual bool CloseAuth();
|
||||
virtual int setConfigDirectories(std::string confFile, std::string neighDir);
|
||||
|
||||
/*********** Overloaded Functions from p3AuthMgr **********/
|
||||
|
||||
/* get Certificate Ids */
|
||||
|
||||
virtual std::string OwnId();
|
||||
virtual bool getAllList(std::list<std::string> &ids);
|
||||
virtual bool getAuthenticatedList(std::list<std::string> &ids);
|
||||
virtual bool getUnknownList(std::list<std::string> &ids);
|
||||
|
||||
/* get Details from the Certificates */
|
||||
|
||||
virtual bool isValid(std::string id);
|
||||
virtual bool isAuthenticated(std::string id);
|
||||
virtual std::string getName(std::string id);
|
||||
virtual bool getDetails(std::string id, pqiAuthDetails &details);
|
||||
|
||||
/* High Level Load/Save Configuration */
|
||||
virtual bool FinalSaveCertificates();
|
||||
virtual bool CheckSaveCertificates();
|
||||
virtual bool saveCertificates();
|
||||
virtual bool loadCertificates();
|
||||
|
||||
/* Load/Save certificates */
|
||||
virtual bool LoadCertificateFromString(std::string pem, std::string &id);
|
||||
virtual std::string SaveCertificateToString(std::string id);
|
||||
virtual bool LoadCertificateFromFile(std::string filename, std::string &id);
|
||||
virtual bool SaveCertificateToFile(std::string id, std::string filename);
|
||||
|
||||
virtual bool LoadCertificateFromBinary(const uint8_t *ptr, uint32_t len, std::string &id);
|
||||
virtual bool SaveCertificateToBinary(std::string id, uint8_t **ptr, uint32_t *len);
|
||||
|
||||
/* Signatures */
|
||||
|
||||
virtual bool AuthCertificate(std::string uid);
|
||||
virtual bool SignCertificate(std::string id);
|
||||
virtual bool RevokeCertificate(std::string id);
|
||||
virtual bool TrustCertificate(std::string id, bool trust);
|
||||
|
||||
/* Sign / Encrypt / Verify Data (TODO) */
|
||||
virtual bool SignData(std::string input, std::string &sign);
|
||||
virtual bool SignData(const void *data, const uint32_t len, std::string &sign);
|
||||
|
||||
/*********** Overloaded Functions from p3AuthMgr **********/
|
||||
|
||||
public: /* SSL specific functions used in pqissl/pqissllistener */
|
||||
SSL_CTX *getCTX();
|
||||
|
||||
bool ValidateCertificate(X509 *x509, std::string &peerId); /* validate + get id */
|
||||
bool FailedCertificate(X509 *x509, bool incoming); /* store for discovery */
|
||||
bool CheckCertificate(std::string peerId, X509 *x509); /* check that they are exact match */
|
||||
|
||||
/* Special Config Loading (backwards compatibility) */
|
||||
bool loadCertificates(bool &oldFormat, std::map<std::string, std::string> &keyValueMap);
|
||||
|
||||
#if 0
|
||||
private:
|
||||
|
||||
/* Helper Functions */
|
||||
|
||||
bool ProcessXPGP(XPGP *xpgp, std::string &id);
|
||||
|
||||
XPGP * loadXPGPFromPEM(std::string pem);
|
||||
XPGP * loadXPGPFromFile(std::string fname, std::string hash);
|
||||
bool saveXPGPToFile(XPGP *xpgp, std::string fname, std::string &hash);
|
||||
|
||||
XPGP * loadXPGPFromDER(const uint8_t *ptr, uint32_t len);
|
||||
bool saveXPGPToDER(XPGP *xpgp, uint8_t **ptr, uint32_t *len);
|
||||
|
||||
/*********** LOCKED Functions ******/
|
||||
bool locked_FindCert(std::string id, xpgpcert **cert);
|
||||
|
||||
|
||||
/* Data */
|
||||
RsMutex xpgpMtx; /**** LOCKING */
|
||||
|
||||
int init;
|
||||
std::string mCertConfigFile;
|
||||
std::string mNeighDir;
|
||||
|
||||
SSL_CTX *sslctx;
|
||||
XPGP_KEYRING *pgp_keyring;
|
||||
|
||||
std::string mOwnId;
|
||||
xpgpcert *mOwnCert;
|
||||
EVP_PKEY *pkey;
|
||||
|
||||
bool mToSaveCerts;
|
||||
bool mConfigSaveActive;
|
||||
std::map<std::string, xpgpcert *> mCerts;
|
||||
#endif
|
||||
|
||||
};
|
||||
|
||||
/* Helper Functions */
|
||||
int printSSLError(SSL *ssl, int retval, int err, unsigned long err2, std::ostream &out);
|
||||
std::string getX509NameString(X509_NAME *name);
|
||||
std::string getX509CNString(X509_NAME *name);
|
||||
|
||||
std::string getX509OrgString(X509_NAME *name);
|
||||
std::string getX509LocString(X509_NAME *name);
|
||||
std::string getX509CountryString(X509_NAME *name);
|
||||
|
||||
#if 0
|
||||
std::list<std::string> getXPGPsigners(XPGP *cert);
|
||||
std::string getXPGPInfo(XPGP *cert);
|
||||
std::string getXPGPAuthCode(XPGP *xpgp);
|
||||
|
||||
int LoadCheckXPGPandGetName(const char *cert_file,
|
||||
std::string &userName, std::string &userId);
|
||||
bool getXPGPid(XPGP *xpgp, std::string &xpgpid);
|
||||
#endif
|
||||
|
||||
|
||||
#endif // MRK_SSL_XPGP_CERT_HEADER
|
@ -104,7 +104,7 @@ pqissl::pqissl(pqissllistener *l, PQInterface *parent, p3AuthMgr *am, p3ConnectM
|
||||
mAuthMgr((AuthXPGP *) am), mConnMgr(cm)
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
mAuthMgr(am), mConnMgr(cm)
|
||||
mAuthMgr((AuthSSL *) am), mConnMgr(cm)
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
@ -1075,6 +1075,7 @@ int pqissl::Extract_Failed_SSL_Certificate()
|
||||
mAuthMgr->FailedCertificateXPGP(peercert, false);
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
mAuthMgr->FailedCertificate(peercert, false);
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
@ -1111,7 +1112,7 @@ int pqissl::Authorise_SSL_Connection()
|
||||
waiting = WAITING_NOT;
|
||||
|
||||
// Get the Peer Certificate....
|
||||
AuthXPGP *authXPGP = (AuthXPGP *) getAuthMgr();
|
||||
//AuthXPGP *authXPGP = (AuthXPGP *) getAuthMgr();
|
||||
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#if defined(PQI_USE_XPGP)
|
||||
@ -1147,7 +1148,7 @@ int pqissl::Authorise_SSL_Connection()
|
||||
certCorrect = mAuthMgr->CheckCertificateXPGP(PeerId(), peercert);
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
certCorrect = mAuthMgr->CheckCertificate(PeerId(), peercert);
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
|
@ -45,6 +45,7 @@
|
||||
#include "pqi/authxpgp.h"
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#include "pqi/authssl.h"
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
@ -208,6 +209,10 @@ virtual int net_internal_fcntl_nonblock(int fd) { return unix_fcntl_nonblock(fd)
|
||||
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
//p3AuthMgr *mAuthMgr;
|
||||
AuthSSL *mAuthMgr;
|
||||
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
|
@ -55,7 +55,7 @@ pqissllistenbase::pqissllistenbase(struct sockaddr_in addr, p3AuthMgr *am, p3Con
|
||||
mAuthMgr((AuthXPGP *) am), mConnMgr(cm)
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
mAuthMgr(am), mConnMgr(cm)
|
||||
mAuthMgr((AuthSSL *) am), mConnMgr(cm)
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
@ -455,7 +455,7 @@ int pqissllistenbase::Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_
|
||||
mAuthMgr->FailedCertificateXPGP(peercert, true);
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
sslccr -> registerCertificate(peercert, *inaddr, true);
|
||||
mAuthMgr->FailedCertificate(peercert, true);
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
@ -616,7 +616,7 @@ int pqissllistener::completeConnection(int fd, SSL *ssl, struct sockaddr_in &rem
|
||||
bool certOk = mAuthMgr->ValidateCertificateXPGP(peercert, newPeerId);
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
cert *npc = sslccr -> registerCertificate(peercert, remote_addr, true);
|
||||
bool certOk = mAuthMgr->ValidateCertificate(peercert, newPeerId);
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
@ -631,7 +631,15 @@ int pqissllistener::completeConnection(int fd, SSL *ssl, struct sockaddr_in &rem
|
||||
|
||||
// bad - shutdown.
|
||||
// pqissllistenbase will shutdown!
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#if defined(PQI_USE_XPGP)
|
||||
XPGP_free(peercert);
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
X509_free(peercert);
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
return -1;
|
||||
}
|
||||
else
|
||||
@ -666,12 +674,28 @@ int pqissllistener::completeConnection(int fd, SSL *ssl, struct sockaddr_in &rem
|
||||
out << std::endl;
|
||||
out << "pqissllistenbase: Will shut it down!" << std::endl;
|
||||
pqioutput(PQL_WARNING, pqissllistenzone, out.str());
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#if defined(PQI_USE_XPGP)
|
||||
XPGP_free(peercert);
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
X509_free(peercert);
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Certificate consumed! */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#if defined(PQI_USE_XPGP)
|
||||
bool certKnown = mAuthMgr->CheckCertificateXPGP(it->first, peercert);
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
bool certKnown = mAuthMgr->CheckCertificate(it->first, peercert);
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
if (certKnown == false)
|
||||
{
|
||||
std::ostringstream out;
|
||||
|
@ -44,7 +44,7 @@
|
||||
#include "pqi/authxpgp.h"
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
//#include "pqi/sslcert.h"
|
||||
#include "pqi/authssl.h"
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
@ -103,7 +103,8 @@ int Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_in *inaddr);
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
p3AuthMgr *mAuthMgr;
|
||||
AuthSSL *mAuthMgr;
|
||||
//p3AuthMgr *mAuthMgr;
|
||||
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
@ -96,7 +96,7 @@ RsFiles *rsFiles = NULL;
|
||||
#include "pqi/authxpgp.h"
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
#include "pqi/authssl.h"
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
@ -436,6 +436,10 @@ int InitRetroShare(int argcIgnored, char **argvIgnored, RsInit *config)
|
||||
std::string userName;
|
||||
std::string userId;
|
||||
bool existingUser = false;
|
||||
|
||||
/* do a null init to allow the SSL libray to startup! */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#if defined(PQI_USE_XPGP)
|
||||
if (LoadCheckXPGPandGetName(config->load_cert.c_str(), userName, userId))
|
||||
{
|
||||
std::cerr << "Existing Name: " << userName << std::endl;
|
||||
@ -446,6 +450,17 @@ int InitRetroShare(int argcIgnored, char **argvIgnored, RsInit *config)
|
||||
{
|
||||
std::cerr << "No Existing User" << std::endl;
|
||||
}
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
/* here we need to decide if existing user is okay....
|
||||
* obviously - it can't be until we have functions
|
||||
* to do it!
|
||||
*/
|
||||
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
|
||||
/* do a null init to allow the SSL libray to startup! */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
@ -454,7 +469,7 @@ int InitRetroShare(int argcIgnored, char **argvIgnored, RsInit *config)
|
||||
getAuthMgr() -> InitAuth(NULL, NULL, NULL);
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
getAuthMgr() -> InitAuth(NULL, NULL, NULL, NULL);
|
||||
getAuthMgr() -> InitAuth(NULL, NULL, NULL);
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
@ -494,7 +509,7 @@ int RsServer::StartupRetroShare(RsInit *config)
|
||||
if (1 != mAuthMgr -> InitAuth(NULL, NULL, NULL))
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
if (1 != mAuthMgr -> InitAuth(NULL, NULL, NULL, NULL))
|
||||
if (1 != mAuthMgr -> InitAuth(NULL, NULL, NULL))
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
{
|
||||
@ -549,7 +564,15 @@ int RsServer::StartupRetroShare(RsInit *config)
|
||||
std::map<std::string, std::string> oldConfigMap;
|
||||
|
||||
mAuthMgr -> setConfigDirectories(certConfigFile, certNeighDir);
|
||||
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#if defined(PQI_USE_XPGP)
|
||||
((AuthXPGP *) mAuthMgr) -> loadCertificates(oldFormat, oldConfigMap);
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
mAuthMgr -> loadCertificates();
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
|
||||
/**************************************************************************/
|
||||
@ -727,6 +750,13 @@ int RsServer::StartupRetroShare(RsInit *config)
|
||||
/* Hack Old Configuration into new System (first load only) */
|
||||
/**************************************************************************/
|
||||
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#if defined(PQI_USE_XPGP)
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
if (oldFormat)
|
||||
{
|
||||
std::cerr << "Startup() Loaded Old Certificate Format" << std::endl;
|
||||
@ -911,10 +941,13 @@ int LoadCertificates(RsInit *config, bool autoLoginNT)
|
||||
config->passwd.c_str()))
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
/* The SSL + PGP version will require
|
||||
* Id of pgp account + password
|
||||
* padding with NULLs
|
||||
*/
|
||||
|
||||
if (0 < authMgr -> InitAuth(config->load_cert.c_str(),
|
||||
config->load_key.c_str(),
|
||||
ca_loc.c_str(),
|
||||
config->passwd.c_str()))
|
||||
NULL, config->passwd.c_str()))
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
@ -953,7 +986,15 @@ bool ValidateCertificate(RsInit *config, std::string &userName)
|
||||
std::string userId;
|
||||
if (fname != "")
|
||||
{
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#if defined(PQI_USE_XPGP)
|
||||
return LoadCheckXPGPandGetName(fname.c_str(), userName, userId);
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
/* check against authmanagers private keys */
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
}
|
||||
return false;
|
||||
}
|
||||
@ -961,7 +1002,15 @@ bool ValidateCertificate(RsInit *config, std::string &userName)
|
||||
bool ValidateTrustedUser(RsInit *config, std::string fname, std::string &userName)
|
||||
{
|
||||
std::string userId;
|
||||
bool valid = LoadCheckXPGPandGetName(fname.c_str(), userName, userId);
|
||||
bool valid = false;
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#if defined(PQI_USE_XPGP)
|
||||
valid = LoadCheckXPGPandGetName(fname.c_str(), userName, userId);
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
if (valid)
|
||||
{
|
||||
config -> load_trustedpeer = true;
|
||||
@ -1038,6 +1087,11 @@ bool RsGenerateCertificate(RsInit *config,
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
/* UNTIL THIS IS FILLED IN CANNOT GENERATE X509 REQ */
|
||||
/* What should happen here - is a new openpgp certificate
|
||||
* is created, with a retroshare subkey,
|
||||
* this is then used to generate a self-signed certificate
|
||||
*/
|
||||
//mAuthMgr->createUser( );
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
{
|
||||
|
@ -758,17 +758,11 @@ std::ostream &operator<<(std::ostream &out, const RsPeerDetails &detail)
|
||||
|
||||
/********** TRANSLATION ****/
|
||||
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#if defined(PQI_USE_XPGP)
|
||||
#include "pqi/authxpgp.h"
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
uint32_t RsPeerTranslateTrust(uint32_t trustLvl)
|
||||
{
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#if defined(PQI_USE_XPGP)
|
||||
switch(trustLvl)
|
||||
{
|
||||
case TRUST_SIGN_OWN:
|
||||
@ -788,6 +782,11 @@ uint32_t RsPeerTranslateTrust(uint32_t trustLvl)
|
||||
return RS_TRUST_LVL_UNKNOWN;
|
||||
break;
|
||||
}
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
return RS_TRUST_LVL_UNKNOWN;
|
||||
}
|
||||
|
||||
|
@ -27,7 +27,7 @@ ifndef MAC_I386_BUILD
|
||||
endif
|
||||
|
||||
# flags for components....
|
||||
PQI_USE_XPGP = 1
|
||||
#PQI_USE_XPGP = 1
|
||||
#PQI_USE_PROXY = 1
|
||||
#PQI_USE_CHANNELS = 1
|
||||
#USE_FILELOOK = 1
|
||||
|
@ -13,12 +13,21 @@
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/x509v3.h>
|
||||
#include <openssl/xPGP.h>
|
||||
|
||||
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
#if defined(PQI_USE_XPGP)
|
||||
#include <openssl/xPGP.h>
|
||||
#else /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
#endif /* X509 Certificates */
|
||||
/**************** PQI_USE_XPGP ******************/
|
||||
|
||||
#include <openssl/ssl.h>
|
||||
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/fips.h>
|
||||
|
||||
static BIO *bio_err=NULL;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user