mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-12-16 03:14:31 -05:00
ported branch commit 2732: fixed deadlock in passwd callback
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@2734 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
parent
768b9288b5
commit
38463c905e
@ -1894,60 +1894,67 @@ int pem_passwd_cb(char *buf, int size, int rwflag, void *password)
|
|||||||
return(strlen(buf));
|
return(strlen(buf));
|
||||||
}
|
}
|
||||||
|
|
||||||
bool AuthSSL::LocalStoreCert(X509* x509) {
|
bool AuthSSL::LocalStoreCert(X509* x509)
|
||||||
//store the certificate in the local cert list
|
{
|
||||||
std::string peerId;
|
//store the certificate in the local cert list
|
||||||
if(!getX509id(x509, peerId))
|
std::string peerId;
|
||||||
{
|
if(!getX509id(x509, peerId))
|
||||||
#ifdef AUTHSSL_DEBUG
|
{
|
||||||
std::cerr << "AuthSSL::LocalStoreCert() Cannot retrieve peer id from certificate." << std::endl;
|
#ifdef AUTHSSL_DEBUG
|
||||||
#endif
|
std::cerr << "AuthSSL::LocalStoreCert() Cannot retrieve peer id from certificate." << std::endl;
|
||||||
return false;
|
#endif
|
||||||
}
|
return false;
|
||||||
if (peerId != mOwnId) {
|
}
|
||||||
if (mCerts[peerId]) {
|
if (peerId != mOwnId)
|
||||||
#ifdef AUTHSSL_DEBUG
|
{
|
||||||
std::cerr << "AuthSSL::LocalStoreCert() get duplicate for " << mCerts[peerId]->id << std::endl;
|
if (mCerts[peerId])
|
||||||
#endif
|
{
|
||||||
/* have a duplicate */
|
#ifdef AUTHSSL_DEBUG
|
||||||
/* check that they are exact */
|
std::cerr << "AuthSSL::LocalStoreCert() get duplicate for " << mCerts[peerId]->id << std::endl;
|
||||||
if (0 != X509_cmp(mCerts[peerId]->certificate, x509))
|
#endif
|
||||||
{
|
/* have a duplicate */
|
||||||
/* MAJOR ERROR */
|
/* check that they are exact */
|
||||||
std::cerr << "ERROR : AuthSSL::ValidateCertificate() got two different ssl certificate from the same peer. It could be a security intrusion attempt (man in the middle).";
|
if (0 != X509_cmp(mCerts[peerId]->certificate, x509))
|
||||||
std::cerr << std::endl;
|
{
|
||||||
return false;
|
/* MAJOR ERROR */
|
||||||
}
|
std::cerr << "ERROR : AuthSSL::ValidateCertificate() got two different ssl certificate from the same peer. It could be a security intrusion attempt (man in the middle).";
|
||||||
} else {
|
std::cerr << std::endl;
|
||||||
RsStackMutex stack(sslMtx); /******* LOCKED ******/
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
RsStackMutex stack(sslMtx); /******* LOCKED ******/
|
||||||
|
|
||||||
#ifdef AUTHSSL_DEBUG
|
#ifdef AUTHSSL_DEBUG
|
||||||
std::cerr << "AuthSSL::LocalStoreCert() storing certificate for " << peerId << std::endl;
|
std::cerr << "AuthSSL::LocalStoreCert() storing certificate for " << peerId << std::endl;
|
||||||
#endif
|
#endif
|
||||||
//have a deep copy of the x509 cert
|
//have a deep copy of the x509 cert
|
||||||
BIO *bp = BIO_new(BIO_s_mem());
|
BIO *bp = BIO_new(BIO_s_mem());
|
||||||
PEM_write_bio_X509(bp, x509);
|
PEM_write_bio_X509(bp, x509);
|
||||||
X509 *certCopy = PEM_read_bio_X509(bp, NULL, 0, NULL);certCopy->cert_info->key->pkey;
|
X509 *certCopy = PEM_read_bio_X509(bp, NULL, 0, NULL);
|
||||||
|
|
||||||
mCerts[peerId] = new sslcert(certCopy, peerId);
|
mCerts[peerId] = new sslcert(certCopy, peerId);
|
||||||
/* cert->cert_info->key->pkey is NULL until we call SSL_CTX_use_certificate(),
|
/* cert->cert_info->key->pkey is NULL until we call SSL_CTX_use_certificate(),
|
||||||
* so we do it here then... */
|
* so we do it here then... */
|
||||||
SSL_CTX *newSslctx = SSL_CTX_new(TLSv1_method());
|
SSL_CTX *newSslctx = SSL_CTX_new(TLSv1_method());
|
||||||
SSL_CTX_set_cipher_list(newSslctx, "DEFAULT");
|
SSL_CTX_set_cipher_list(newSslctx, "DEFAULT");
|
||||||
SSL_CTX_use_certificate(newSslctx, mCerts[peerId]->certificate);
|
SSL_CTX_use_certificate(newSslctx, mCerts[peerId]->certificate);
|
||||||
|
|
||||||
#ifdef AUTHSSL_DEBUG
|
#ifdef AUTHSSL_DEBUG
|
||||||
std::cerr << "AuthSSL::LocalStoreCert() storing certificate with public key : " << mCerts[peerId]->certificate->cert_info->key->pkey << std::endl;
|
std::cerr << "AuthSSL::LocalStoreCert() storing certificate with public key : " << mCerts[peerId]->certificate->cert_info->key->pkey << std::endl;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
IndicateConfigChanged();
|
IndicateConfigChanged();
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
#ifdef AUTHSSL_DEBUG
|
#ifdef AUTHSSL_DEBUG
|
||||||
std::cerr << "AuthSSL::LocalStoreCert() not storing certificate because it's our own " << peerId << std::endl;
|
std::cerr << "AuthSSL::LocalStoreCert() not storing certificate because it's our own " << peerId << std::endl;
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
return true ;
|
||||||
|
}
|
||||||
|
|
||||||
int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx)
|
int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx)
|
||||||
{
|
{
|
||||||
|
@ -208,7 +208,7 @@ class NotifyBase
|
|||||||
virtual void notifyOwnAvatarChanged() {}
|
virtual void notifyOwnAvatarChanged() {}
|
||||||
virtual void notifyOwnStatusMessageChanged() {}
|
virtual void notifyOwnStatusMessageChanged() {}
|
||||||
|
|
||||||
virtual std::string askForPassword(const std::string& key_details) { return "" ;}
|
virtual std::string askForPassword(const std::string& key_details,bool prev_is_bad) { return "" ;}
|
||||||
};
|
};
|
||||||
|
|
||||||
const int NOTIFY_LIST_NEIGHBOURS = 1;
|
const int NOTIFY_LIST_NEIGHBOURS = 1;
|
||||||
|
@ -1234,7 +1234,7 @@ int RsInit::LoadCertificates(bool autoLoginNT)
|
|||||||
RsInitConfig::passwd = "";
|
RsInitConfig::passwd = "";
|
||||||
create_configinit(RsInitConfig::basedir, RsInitConfig::preferedId);
|
create_configinit(RsInitConfig::basedir, RsInitConfig::preferedId);
|
||||||
//don't autorise the password callback again because it will lead to deadlock due to QT reentrance
|
//don't autorise the password callback again because it will lead to deadlock due to QT reentrance
|
||||||
AuthGPG::getAuthGPG()->setAutorisePasswordCallbackNotify(false);
|
// AuthGPG::getAuthGPG()->setAutorisePasswordCallbackNotify(false);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -329,6 +329,9 @@ void MainWindow::displaySystrayMsg(const QString& title,const QString& msg)
|
|||||||
|
|
||||||
void MainWindow::updateStatus()
|
void MainWindow::updateStatus()
|
||||||
{
|
{
|
||||||
|
// This call is essential to remove locks due to QEventLoop re-entrance while asking gpg passwds. Dont' remove it!
|
||||||
|
if(RsAutoUpdatePage::eventsLocked())
|
||||||
|
return ;
|
||||||
|
|
||||||
if (ratesstatus)
|
if (ratesstatus)
|
||||||
ratesstatus->getRatesStatus();
|
ratesstatus->getRatesStatus();
|
||||||
|
@ -969,6 +969,9 @@ void MessengerWindow::loadOwnStatus()
|
|||||||
/** Save own status Online,Away,Busy **/
|
/** Save own status Online,Away,Busy **/
|
||||||
void MessengerWindow::savestatus()
|
void MessengerWindow::savestatus()
|
||||||
{
|
{
|
||||||
|
if(RsAutoUpdatePage::eventsLocked())
|
||||||
|
return ;
|
||||||
|
|
||||||
//rsiface->lockData(); /* Lock Interface */
|
//rsiface->lockData(); /* Lock Interface */
|
||||||
|
|
||||||
RsPeerDetails detail;
|
RsPeerDetails detail;
|
||||||
|
@ -710,6 +710,9 @@ void NetworkDialog::displayInfoLogMenu(const QPoint& pos) {
|
|||||||
|
|
||||||
void NetworkDialog::getNetworkStatus()
|
void NetworkDialog::getNetworkStatus()
|
||||||
{
|
{
|
||||||
|
if(RsAutoUpdatePage::eventsLocked())
|
||||||
|
return ;
|
||||||
|
|
||||||
rsiface->lockData(); /* Lock Interface */
|
rsiface->lockData(); /* Lock Interface */
|
||||||
|
|
||||||
/* now the extra bit .... switch on check boxes */
|
/* now the extra bit .... switch on check boxes */
|
||||||
@ -766,6 +769,9 @@ void NetworkDialog::getNetworkStatus()
|
|||||||
|
|
||||||
void NetworkDialog::updateNetworkStatus()
|
void NetworkDialog::updateNetworkStatus()
|
||||||
{
|
{
|
||||||
|
if(RsAutoUpdatePage::eventsLocked())
|
||||||
|
return ;
|
||||||
|
|
||||||
rsiface->lockData(); /* Lock Interface */
|
rsiface->lockData(); /* Lock Interface */
|
||||||
|
|
||||||
/* now the extra bit .... switch on check boxes */
|
/* now the extra bit .... switch on check boxes */
|
||||||
|
@ -3,6 +3,8 @@
|
|||||||
#include "RsAutoUpdatePage.h"
|
#include "RsAutoUpdatePage.h"
|
||||||
#include "MessengerWindow.h"
|
#include "MessengerWindow.h"
|
||||||
|
|
||||||
|
bool RsAutoUpdatePage::_locked = false ;
|
||||||
|
|
||||||
RsAutoUpdatePage::RsAutoUpdatePage(int ms_update_period,QWidget *parent)
|
RsAutoUpdatePage::RsAutoUpdatePage(int ms_update_period,QWidget *parent)
|
||||||
: MainPage(parent)
|
: MainPage(parent)
|
||||||
{
|
{
|
||||||
@ -16,14 +18,15 @@ RsAutoUpdatePage::RsAutoUpdatePage(int ms_update_period,QWidget *parent)
|
|||||||
void RsAutoUpdatePage::showEvent(QShowEvent *event)
|
void RsAutoUpdatePage::showEvent(QShowEvent *event)
|
||||||
{
|
{
|
||||||
//std::cout << "RsAutoUpdatePage::showEvent() In show event !!" << std::endl ;
|
//std::cout << "RsAutoUpdatePage::showEvent() In show event !!" << std::endl ;
|
||||||
updateDisplay();
|
if(!_locked)
|
||||||
|
updateDisplay();
|
||||||
}
|
}
|
||||||
|
|
||||||
void RsAutoUpdatePage::timerUpdate()
|
void RsAutoUpdatePage::timerUpdate()
|
||||||
{
|
{
|
||||||
// only update when the widget is visible.
|
// only update when the widget is visible.
|
||||||
//
|
//
|
||||||
if(!isVisible())
|
if(_locked || !isVisible())
|
||||||
return ;
|
return ;
|
||||||
|
|
||||||
updateDisplay();
|
updateDisplay();
|
||||||
@ -31,3 +34,6 @@ void RsAutoUpdatePage::timerUpdate()
|
|||||||
update() ; // Qt flush
|
update() ; // Qt flush
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void RsAutoUpdatePage::lockAllEvents() { _locked = true ; }
|
||||||
|
void RsAutoUpdatePage::unlockAllEvents() { _locked = false ; }
|
||||||
|
bool RsAutoUpdatePage::eventsLocked() { return _locked ; }
|
||||||
|
@ -22,6 +22,10 @@ class RsAutoUpdatePage: public MainPage
|
|||||||
|
|
||||||
virtual void updateDisplay() {}
|
virtual void updateDisplay() {}
|
||||||
|
|
||||||
|
static void lockAllEvents() ;
|
||||||
|
static void unlockAllEvents() ;
|
||||||
|
static bool eventsLocked() ;
|
||||||
|
|
||||||
protected:
|
protected:
|
||||||
virtual void showEvent(QShowEvent *e) ;
|
virtual void showEvent(QShowEvent *e) ;
|
||||||
|
|
||||||
@ -30,4 +34,7 @@ class RsAutoUpdatePage: public MainPage
|
|||||||
|
|
||||||
private:
|
private:
|
||||||
QTimer *_timer ;
|
QTimer *_timer ;
|
||||||
|
|
||||||
|
static bool _locked ;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -211,7 +211,7 @@ void StartDialog::notSecureWarning() {
|
|||||||
if(ui.autologin_checkbox->isChecked()){
|
if(ui.autologin_checkbox->isChecked()){
|
||||||
QMessageBox::StandardButton sb = QMessageBox::warning ( NULL,
|
QMessageBox::StandardButton sb = QMessageBox::warning ( NULL,
|
||||||
tr("Insecure"),
|
tr("Insecure"),
|
||||||
tr("Auto-Login is not Secure \n It can be disabled in General Settings"),
|
tr("Auto Login is not so much secure:\n - Your SSL certificate will be stored unprotected. \n - Your PGP key will however not be stored.\nThis choice be reverted in settings."),
|
||||||
QMessageBox::Ok);
|
QMessageBox::Ok);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -24,6 +24,7 @@
|
|||||||
#include <rshare.h>
|
#include <rshare.h>
|
||||||
#include <control/bandwidthevent.h>
|
#include <control/bandwidthevent.h>
|
||||||
#include "bwgraph.h"
|
#include "bwgraph.h"
|
||||||
|
#include <gui/RsAutoUpdatePage.h>
|
||||||
#include "rsiface/rsiface.h"
|
#include "rsiface/rsiface.h"
|
||||||
|
|
||||||
#include <sstream>
|
#include <sstream>
|
||||||
@ -119,6 +120,9 @@ BandwidthGraph::timerEvent( QTimerEvent * )
|
|||||||
void
|
void
|
||||||
BandwidthGraph::updategraphstatus( )
|
BandwidthGraph::updategraphstatus( )
|
||||||
{
|
{
|
||||||
|
if(RsAutoUpdatePage::eventsLocked())
|
||||||
|
return ;
|
||||||
|
|
||||||
/* set users/friends/network */
|
/* set users/friends/network */
|
||||||
float downKb = 0;
|
float downKb = 0;
|
||||||
float upKb = 0;
|
float upKb = 0;
|
||||||
|
@ -42,13 +42,18 @@ void NotifyQt::notifyOwnAvatarChanged()
|
|||||||
emit ownAvatarChanged() ;
|
emit ownAvatarChanged() ;
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string NotifyQt::askForPassword(const std::string& key_details)
|
std::string NotifyQt::askForPassword(const std::string& key_details,bool prev_is_bad)
|
||||||
{
|
{
|
||||||
|
|
||||||
return QInputDialog::getText(NULL, tr("GPG key passphrase"),
|
RsAutoUpdatePage::lockAllEvents() ;
|
||||||
tr("Please enter the password to unlock the following GPG key:\n") + QString::fromStdString(key_details),
|
|
||||||
QLineEdit::Password,
|
std::string res = QInputDialog::getText(NULL, tr("GPG key passphrase"),
|
||||||
NULL, NULL).toStdString();
|
(prev_is_bad?tr("Wrong password !\n\n"):QString()) +
|
||||||
|
tr("Please enter the password to unlock the following GPG key:\n") + QString::fromStdString(key_details), QLineEdit::Password, NULL, NULL).toStdString();
|
||||||
|
|
||||||
|
RsAutoUpdatePage::unlockAllEvents() ;
|
||||||
|
|
||||||
|
return res ;
|
||||||
}
|
}
|
||||||
|
|
||||||
void NotifyQt::notifyOwnStatusMessageChanged()
|
void NotifyQt::notifyOwnStatusMessageChanged()
|
||||||
|
@ -41,7 +41,7 @@ class NotifyQt: public QObject, public NotifyBase
|
|||||||
virtual void notifyOwnAvatarChanged() ;
|
virtual void notifyOwnAvatarChanged() ;
|
||||||
virtual void notifyOwnStatusMessageChanged() ;
|
virtual void notifyOwnStatusMessageChanged() ;
|
||||||
|
|
||||||
virtual std::string askForPassword(const std::string& key_details) ;
|
virtual std::string askForPassword(const std::string& key_details,bool prev_is_bad) ;
|
||||||
|
|
||||||
signals:
|
signals:
|
||||||
// It's beneficial to send info to the GUI using signals, because signals are thread-safe
|
// It's beneficial to send info to the GUI using signals, because signals are thread-safe
|
||||||
|
Loading…
Reference in New Issue
Block a user