fixed the status of signature vs. making friends, and fixed the deadlock when signing a certificate

This commit is contained in:
csoler 2021-01-09 14:24:04 +01:00
parent d7fbe29a56
commit 453c656570
6 changed files with 84 additions and 74 deletions

View File

@ -889,7 +889,7 @@ public:
bool& is_short_format, uint32_t& error_code ) = 0;
virtual std::string saveCertificateToString(const RsPeerId &id) = 0;
virtual bool signGPGCertificate(const RsPgpId &gpg_id) = 0;
virtual bool signGPGCertificate(const RsPgpId &gpg_id,const std::string& gpg_passphrase) = 0;
virtual bool trustGPGCertificate(const RsPgpId &gpg_id, uint32_t trustlvl) = 0;
/* Group Stuff */

View File

@ -34,6 +34,7 @@
#include "pqi/authssl.h"
#include "pqi/authgpg.h"
#include "retroshare/rsinit.h"
#include "retroshare/rsnotify.h"
#include "retroshare/rsfiles.h"
#include "util/rsurl.h"
#include "util/radix64.h"
@ -1680,19 +1681,23 @@ std::string p3Peers::saveCertificateToString(const RsPeerId &id)
}
}
bool p3Peers::signGPGCertificate(const RsPgpId &id)
bool p3Peers::signGPGCertificate(const RsPgpId &id, const std::string &gpg_passphrase)
{
#ifdef P3PEERS_DEBUG
std::cerr << "p3Peers::SignCertificate() " << id;
std::cerr << std::endl;
#endif
rsNotify->cachePgpPassphrase(gpg_passphrase);
rsNotify->setDisableAskPassword(true);
bool res = AuthGPG::getAuthGPG()->SignCertificateLevel0(id);
AuthGPG::getAuthGPG()->AllowConnection(id, true);
return AuthGPG::getAuthGPG()->SignCertificateLevel0(id);
rsNotify->clearPgpPassphrase();
rsNotify->setDisableAskPassword(false);
return res;
}
bool p3Peers::trustGPGCertificate(const RsPgpId &id, uint32_t trustlvl)
{
#ifdef P3PEERS_DEBUG

View File

@ -165,7 +165,7 @@ public:
virtual bool cleanCertificate(const std::string &certstr, std::string &cleanCert, bool &is_short_format, uint32_t& error_code) override;
virtual std::string saveCertificateToString(const RsPeerId &id) override;
virtual bool signGPGCertificate(const RsPgpId &id) override;
virtual bool signGPGCertificate(const RsPgpId &id,const std::string& gpg_passphrase) override;
virtual bool trustGPGCertificate(const RsPgpId &id, uint32_t trustlvl) override;
/* Group Stuff */

View File

@ -740,6 +740,38 @@ void ConnectFriendWizard::accept()
{
std::cerr << "ConclusionPage::validatePage() accepting GPG key for connection." << std::endl;
if(sign)
{
std::cerr << "ConclusionPage::validatePage() signing GPG key." << std::endl;
bool prev_is_bad = false;
for(int i=0;i<3;++i)
{
std::string pgp_name = rsPeers->getGPGName(rsPeers->getGPGOwnId());
bool cancelled;
std::string pgp_password;
if(!NotifyQt::getInstance()->askForPassword(tr("Profile password needed.").toStdString(), pgp_name + " (" + rsPeers->getOwnId().toStdString() + ")", prev_is_bad, pgp_password,cancelled))
{
QMessageBox::critical(NULL,tr("Identity creation failed"),tr("Cannot create an identity linked to your profile without your profile password."));
return;
}
if(rsPeers->signGPGCertificate(peerDetails.gpg_id,pgp_password))
{
prev_is_bad = false;
break;
}
else
prev_is_bad = true;
}
if(prev_is_bad)
{
QMessageBox::warning(nullptr,tr("Signature failed"),tr("Signature failed. Uncheck the key signature box if you want to make friends without signing the friends' certificate"));
return;
}
}
if(peerDetails.skip_pgp_signature_validation)
rsPeers->addSslOnlyFriend(peerDetails.id, peerDetails.gpg_id,peerDetails);
else
@ -757,12 +789,7 @@ void ConnectFriendWizard::accept()
}
}
if(sign)
{
std::cerr << "ConclusionPage::validatePage() signing GPG key." << std::endl;
rsPeers->signGPGCertificate(peerDetails.gpg_id); //bye default sign set accept_connection to true;
rsPeers->setServicePermissionFlags(peerDetails.gpg_id,serviceFlags()) ;
}
if (!groupId.isEmpty())
rsPeers->assignPeerToGroup(RsNodeGroupId(groupId.toStdString()), peerDetails.gpg_id, true);

View File

@ -87,8 +87,6 @@ PGPKeyDialog::PGPKeyDialog(const RsPeerId& id, const RsPgpId &pgp_id, QWidget *p
connect(ui.make_friend_button, SIGNAL(clicked()), this, SLOT(makeFriend()));
connect(ui.denyFriendButton, SIGNAL(clicked()), this, SLOT(denyFriend()));
connect(ui.signKeyButton, SIGNAL(clicked()), this, SLOT(signGPGKey()));
//connect(ui.trusthelpButton, SIGNAL(clicked()), this, SLOT(showHelpDialog()));
//connect(ui._shouldAddSignatures_CB, SIGNAL(toggled(bool)), this, SLOT(loadInvitePage()));
connect(ui._shouldAddSignatures_CB_2, SIGNAL(toggled(bool)), this, SLOT(loadKeyPage()));
//ui.avatar->setFrameType(AvatarWidget::NORMAL_FRAME);
@ -182,7 +180,6 @@ void PGPKeyDialog::load()
if (detail.gpg_id == rsPeers->getGPGOwnId())
{
ui.make_friend_button->hide();
ui.signGPGKeyCheckBox->hide();
ui.signKeyButton->hide();
ui.denyFriendButton->hide();
@ -199,62 +196,49 @@ void PGPKeyDialog::load()
ui.trustlevel_CB->show();
ui.is_signing_me->show();
ui.signersLabel->setText(tr("This key is signed by :")+" ");
ui.signKeyButton->setEnabled(!detail.ownsign);
if (detail.accept_connection)
{
ui.make_friend_button->hide();
ui.denyFriendButton->show();
ui.signGPGKeyCheckBox->hide();
//connection already accepted, propose to sign gpg key
if (!detail.ownsign) {
ui.signKeyButton->show();
} else {
ui.signKeyButton->hide();
}
}
else
{
ui.make_friend_button->show();
ui.denyFriendButton->hide();
ui.signKeyButton->hide();
if (!detail.ownsign) {
ui.signGPGKeyCheckBox->show();
ui.signGPGKeyCheckBox->setChecked(false);
} else {
ui.signGPGKeyCheckBox->hide();
}
}
//web of trust
ui.trustlevel_CB->setCurrentIndex(detail.trustLvl) ;
ui.trustlevel_CB->setCurrentIndex(detail.trustLvl) ;
QString truststring = "<p>" ;
truststring += tr("The trust level is a way to express your own trust in this key. It is not used by the software nor shared, but can be useful to you in order to remember good/bad keys.") ;
truststring += "</p>" ;
truststring += "<p>" ;
QString truststring = "<p>" ;
truststring += tr("The trust level is a way to express your own trust in this key. It is not used by the software nor shared, but can be useful to you in order to remember good/bad keys.") ;
truststring += "</p>" ;
truststring += "<p>" ;
switch(detail.trustLvl)
{
case RS_TRUST_LVL_ULTIMATE:
//trust is ultimate, it means it's one of our own keys
truststring += tr("Your trust in this peer is ultimate");
break ;
case RS_TRUST_LVL_FULL:
truststring += tr("Your trust in this peer is full.");
break ;
case RS_TRUST_LVL_MARGINAL:
truststring += tr("Your trust in this peer is marginal.");
break ;
case RS_TRUST_LVL_NEVER:
truststring += tr("Your trust in this peer is none.");
break ;
{
case RS_TRUST_LVL_ULTIMATE:
//trust is ultimate, it means it's one of our own keys
truststring += tr("Your trust in this peer is ultimate");
break ;
case RS_TRUST_LVL_FULL:
truststring += tr("Your trust in this peer is full.");
break ;
case RS_TRUST_LVL_MARGINAL:
truststring += tr("Your trust in this peer is marginal.");
break ;
case RS_TRUST_LVL_NEVER:
truststring += tr("Your trust in this peer is none.");
break ;
default:
truststring += tr("You haven't set a trust level for this key.");
break ;
}
truststring += "</p>" ;
default:
truststring += tr("You haven't set a trust level for this key.");
break ;
}
truststring += "</p>" ;
ui.trustlevel_CB->setToolTip(truststring) ;
if (detail.hasSignedMe) {
@ -358,12 +342,7 @@ void PGPKeyDialog::applyDialog()
void PGPKeyDialog::makeFriend()
{
if (ui.signGPGKeyCheckBox->isChecked()) {
rsPeers->signGPGCertificate(pgpId);
}
rsPeers->addFriend(peerId, pgpId);
// setServiceFlags() ;
loadAll();
emit configChanged();
@ -379,12 +358,21 @@ void PGPKeyDialog::denyFriend()
void PGPKeyDialog::signGPGKey()
{
if (!rsPeers->signGPGCertificate(pgpId)) {
QMessageBox::warning ( NULL,
tr("Signature Failure"),
tr("Maybe password is wrong"),
QMessageBox::Ok);
std::string gpg_name = rsPeers->getGPGName(rsPeers->getGPGOwnId());
bool cancelled;
std::string gpg_password;
if(!NotifyQt::getInstance()->askForPassword(tr("Profile password needed.").toStdString(), gpg_name + " (" + rsPeers->getOwnId().toStdString() + ")", false, gpg_password,cancelled))
{
QMessageBox::critical(NULL,tr("Identity creation failed"),tr("Cannot create an identity linked to your profile without your profile password."));
return;
}
rsNotify->clearPgpPassphrase(); // just in case
if(!rsPeers->signGPGCertificate(pgpId,gpg_password))
QMessageBox::warning ( NULL, tr("Signature Failure"), tr("Check the password!"), QMessageBox::Ok);
loadAll();
emit configChanged();

View File

@ -7,7 +7,7 @@
<x>0</x>
<y>0</y>
<width>600</width>
<height>401</height>
<height>452</height>
</rect>
</property>
<property name="windowTitle">
@ -205,16 +205,6 @@ p, li { white-space: pre-wrap; }
</property>
</widget>
</item>
<item>
<widget class="QCheckBox" name="signGPGKeyCheckBox">
<property name="toolTip">
<string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;&lt;span style=&quot; font-size:10pt;&quot;&gt;Signing a friend's key is a way to express your trust into this friend, to your other friends. It helps them to decide whether to allow connections from that key based on your own trust. Signing a key is absolutely optional and cannot be undone, so do it wisely.&lt;/span&gt;&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
</property>
<property name="text">
<string>Sign PGP key</string>
</property>
</widget>
</item>
<item>
<spacer name="horizontalSpacer_2">
<property name="orientation">