From 453c656570886f3852d548b8d8f5013f14e51f62 Mon Sep 17 00:00:00 2001 From: csoler Date: Sat, 9 Jan 2021 14:24:04 +0100 Subject: [PATCH] fixed the status of signature vs. making friends, and fixed the deadlock when signing a certificate --- libretroshare/src/retroshare/rspeers.h | 2 +- libretroshare/src/rsserver/p3peers.cc | 13 ++- libretroshare/src/rsserver/p3peers.h | 2 +- .../src/gui/connect/ConnectFriendWizard.cpp | 39 ++++++-- .../src/gui/connect/PGPKeyDialog.cpp | 90 ++++++++----------- .../src/gui/connect/PGPKeyDialog.ui | 12 +-- 6 files changed, 84 insertions(+), 74 deletions(-) diff --git a/libretroshare/src/retroshare/rspeers.h b/libretroshare/src/retroshare/rspeers.h index 19127d2ca..3fdbbaf17 100644 --- a/libretroshare/src/retroshare/rspeers.h +++ b/libretroshare/src/retroshare/rspeers.h @@ -889,7 +889,7 @@ public: bool& is_short_format, uint32_t& error_code ) = 0; virtual std::string saveCertificateToString(const RsPeerId &id) = 0; - virtual bool signGPGCertificate(const RsPgpId &gpg_id) = 0; + virtual bool signGPGCertificate(const RsPgpId &gpg_id,const std::string& gpg_passphrase) = 0; virtual bool trustGPGCertificate(const RsPgpId &gpg_id, uint32_t trustlvl) = 0; /* Group Stuff */ diff --git a/libretroshare/src/rsserver/p3peers.cc b/libretroshare/src/rsserver/p3peers.cc index eee3864d7..22d9a2ae6 100644 --- a/libretroshare/src/rsserver/p3peers.cc +++ b/libretroshare/src/rsserver/p3peers.cc @@ -34,6 +34,7 @@ #include "pqi/authssl.h" #include "pqi/authgpg.h" #include "retroshare/rsinit.h" +#include "retroshare/rsnotify.h" #include "retroshare/rsfiles.h" #include "util/rsurl.h" #include "util/radix64.h" @@ -1680,19 +1681,23 @@ std::string p3Peers::saveCertificateToString(const RsPeerId &id) } } -bool p3Peers::signGPGCertificate(const RsPgpId &id) +bool p3Peers::signGPGCertificate(const RsPgpId &id, const std::string &gpg_passphrase) { #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::SignCertificate() " << id; std::cerr << std::endl; #endif + rsNotify->cachePgpPassphrase(gpg_passphrase); + rsNotify->setDisableAskPassword(true); + bool res = AuthGPG::getAuthGPG()->SignCertificateLevel0(id); - AuthGPG::getAuthGPG()->AllowConnection(id, true); - return AuthGPG::getAuthGPG()->SignCertificateLevel0(id); + rsNotify->clearPgpPassphrase(); + rsNotify->setDisableAskPassword(false); + + return res; } - bool p3Peers::trustGPGCertificate(const RsPgpId &id, uint32_t trustlvl) { #ifdef P3PEERS_DEBUG diff --git a/libretroshare/src/rsserver/p3peers.h b/libretroshare/src/rsserver/p3peers.h index cd4d0876e..9b0a7666f 100644 --- a/libretroshare/src/rsserver/p3peers.h +++ b/libretroshare/src/rsserver/p3peers.h @@ -165,7 +165,7 @@ public: virtual bool cleanCertificate(const std::string &certstr, std::string &cleanCert, bool &is_short_format, uint32_t& error_code) override; virtual std::string saveCertificateToString(const RsPeerId &id) override; - virtual bool signGPGCertificate(const RsPgpId &id) override; + virtual bool signGPGCertificate(const RsPgpId &id,const std::string& gpg_passphrase) override; virtual bool trustGPGCertificate(const RsPgpId &id, uint32_t trustlvl) override; /* Group Stuff */ diff --git a/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp b/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp index 09db7d48e..97ad0d331 100755 --- a/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp +++ b/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp @@ -740,6 +740,38 @@ void ConnectFriendWizard::accept() { std::cerr << "ConclusionPage::validatePage() accepting GPG key for connection." << std::endl; + if(sign) + { + std::cerr << "ConclusionPage::validatePage() signing GPG key." << std::endl; + bool prev_is_bad = false; + + for(int i=0;i<3;++i) + { + std::string pgp_name = rsPeers->getGPGName(rsPeers->getGPGOwnId()); + bool cancelled; + std::string pgp_password; + + if(!NotifyQt::getInstance()->askForPassword(tr("Profile password needed.").toStdString(), pgp_name + " (" + rsPeers->getOwnId().toStdString() + ")", prev_is_bad, pgp_password,cancelled)) + { + QMessageBox::critical(NULL,tr("Identity creation failed"),tr("Cannot create an identity linked to your profile without your profile password.")); + return; + } + + if(rsPeers->signGPGCertificate(peerDetails.gpg_id,pgp_password)) + { + prev_is_bad = false; + break; + } + else + prev_is_bad = true; + } + + if(prev_is_bad) + { + QMessageBox::warning(nullptr,tr("Signature failed"),tr("Signature failed. Uncheck the key signature box if you want to make friends without signing the friends' certificate")); + return; + } + } if(peerDetails.skip_pgp_signature_validation) rsPeers->addSslOnlyFriend(peerDetails.id, peerDetails.gpg_id,peerDetails); else @@ -757,12 +789,7 @@ void ConnectFriendWizard::accept() } } - if(sign) - { - std::cerr << "ConclusionPage::validatePage() signing GPG key." << std::endl; - rsPeers->signGPGCertificate(peerDetails.gpg_id); //bye default sign set accept_connection to true; - rsPeers->setServicePermissionFlags(peerDetails.gpg_id,serviceFlags()) ; - } + if (!groupId.isEmpty()) rsPeers->assignPeerToGroup(RsNodeGroupId(groupId.toStdString()), peerDetails.gpg_id, true); diff --git a/retroshare-gui/src/gui/connect/PGPKeyDialog.cpp b/retroshare-gui/src/gui/connect/PGPKeyDialog.cpp index 190b40855..d1cf736a6 100644 --- a/retroshare-gui/src/gui/connect/PGPKeyDialog.cpp +++ b/retroshare-gui/src/gui/connect/PGPKeyDialog.cpp @@ -87,8 +87,6 @@ PGPKeyDialog::PGPKeyDialog(const RsPeerId& id, const RsPgpId &pgp_id, QWidget *p connect(ui.make_friend_button, SIGNAL(clicked()), this, SLOT(makeFriend())); connect(ui.denyFriendButton, SIGNAL(clicked()), this, SLOT(denyFriend())); connect(ui.signKeyButton, SIGNAL(clicked()), this, SLOT(signGPGKey())); - //connect(ui.trusthelpButton, SIGNAL(clicked()), this, SLOT(showHelpDialog())); - //connect(ui._shouldAddSignatures_CB, SIGNAL(toggled(bool)), this, SLOT(loadInvitePage())); connect(ui._shouldAddSignatures_CB_2, SIGNAL(toggled(bool)), this, SLOT(loadKeyPage())); //ui.avatar->setFrameType(AvatarWidget::NORMAL_FRAME); @@ -182,7 +180,6 @@ void PGPKeyDialog::load() if (detail.gpg_id == rsPeers->getGPGOwnId()) { ui.make_friend_button->hide(); - ui.signGPGKeyCheckBox->hide(); ui.signKeyButton->hide(); ui.denyFriendButton->hide(); @@ -199,62 +196,49 @@ void PGPKeyDialog::load() ui.trustlevel_CB->show(); ui.is_signing_me->show(); ui.signersLabel->setText(tr("This key is signed by :")+" "); + ui.signKeyButton->setEnabled(!detail.ownsign); if (detail.accept_connection) { ui.make_friend_button->hide(); ui.denyFriendButton->show(); - ui.signGPGKeyCheckBox->hide(); - //connection already accepted, propose to sign gpg key - if (!detail.ownsign) { - ui.signKeyButton->show(); - } else { - ui.signKeyButton->hide(); - } } else { ui.make_friend_button->show(); ui.denyFriendButton->hide(); - ui.signKeyButton->hide(); - if (!detail.ownsign) { - ui.signGPGKeyCheckBox->show(); - ui.signGPGKeyCheckBox->setChecked(false); - } else { - ui.signGPGKeyCheckBox->hide(); - } } //web of trust - ui.trustlevel_CB->setCurrentIndex(detail.trustLvl) ; + ui.trustlevel_CB->setCurrentIndex(detail.trustLvl) ; - QString truststring = "

" ; - truststring += tr("The trust level is a way to express your own trust in this key. It is not used by the software nor shared, but can be useful to you in order to remember good/bad keys.") ; - truststring += "

" ; - truststring += "

" ; + QString truststring = "

" ; + truststring += tr("The trust level is a way to express your own trust in this key. It is not used by the software nor shared, but can be useful to you in order to remember good/bad keys.") ; + truststring += "

" ; + truststring += "

" ; switch(detail.trustLvl) - { - case RS_TRUST_LVL_ULTIMATE: - //trust is ultimate, it means it's one of our own keys - truststring += tr("Your trust in this peer is ultimate"); - break ; - case RS_TRUST_LVL_FULL: - truststring += tr("Your trust in this peer is full."); - break ; - case RS_TRUST_LVL_MARGINAL: - truststring += tr("Your trust in this peer is marginal."); - break ; - case RS_TRUST_LVL_NEVER: - truststring += tr("Your trust in this peer is none."); - break ; + { + case RS_TRUST_LVL_ULTIMATE: + //trust is ultimate, it means it's one of our own keys + truststring += tr("Your trust in this peer is ultimate"); + break ; + case RS_TRUST_LVL_FULL: + truststring += tr("Your trust in this peer is full."); + break ; + case RS_TRUST_LVL_MARGINAL: + truststring += tr("Your trust in this peer is marginal."); + break ; + case RS_TRUST_LVL_NEVER: + truststring += tr("Your trust in this peer is none."); + break ; - default: - truststring += tr("You haven't set a trust level for this key."); - break ; - } - truststring += "

" ; + default: + truststring += tr("You haven't set a trust level for this key."); + break ; + } + truststring += "

" ; ui.trustlevel_CB->setToolTip(truststring) ; if (detail.hasSignedMe) { @@ -358,12 +342,7 @@ void PGPKeyDialog::applyDialog() void PGPKeyDialog::makeFriend() { - if (ui.signGPGKeyCheckBox->isChecked()) { - rsPeers->signGPGCertificate(pgpId); - } - rsPeers->addFriend(peerId, pgpId); -// setServiceFlags() ; loadAll(); emit configChanged(); @@ -379,12 +358,21 @@ void PGPKeyDialog::denyFriend() void PGPKeyDialog::signGPGKey() { - if (!rsPeers->signGPGCertificate(pgpId)) { - QMessageBox::warning ( NULL, - tr("Signature Failure"), - tr("Maybe password is wrong"), - QMessageBox::Ok); + std::string gpg_name = rsPeers->getGPGName(rsPeers->getGPGOwnId()); + bool cancelled; + std::string gpg_password; + + if(!NotifyQt::getInstance()->askForPassword(tr("Profile password needed.").toStdString(), gpg_name + " (" + rsPeers->getOwnId().toStdString() + ")", false, gpg_password,cancelled)) + { + QMessageBox::critical(NULL,tr("Identity creation failed"),tr("Cannot create an identity linked to your profile without your profile password.")); + return; } + + rsNotify->clearPgpPassphrase(); // just in case + + if(!rsPeers->signGPGCertificate(pgpId,gpg_password)) + QMessageBox::warning ( NULL, tr("Signature Failure"), tr("Check the password!"), QMessageBox::Ok); + loadAll(); emit configChanged(); diff --git a/retroshare-gui/src/gui/connect/PGPKeyDialog.ui b/retroshare-gui/src/gui/connect/PGPKeyDialog.ui index 754a3a6d2..4baa2f667 100644 --- a/retroshare-gui/src/gui/connect/PGPKeyDialog.ui +++ b/retroshare-gui/src/gui/connect/PGPKeyDialog.ui @@ -7,7 +7,7 @@ 0 0 600 - 401 + 452 @@ -205,16 +205,6 @@ p, li { white-space: pre-wrap; } - - - - <html><head/><body><p><span style=" font-size:10pt;">Signing a friend's key is a way to express your trust into this friend, to your other friends. It helps them to decide whether to allow connections from that key based on your own trust. Signing a key is absolutely optional and cannot be undone, so do it wisely.</span></p></body></html> - - - Sign PGP key - - -