fixed the status of signature vs. making friends, and fixed the deadlock when signing a certificate

libretroshare/src/retroshare/rspeers.h

@@ -889,7 +889,7 @@ public:
 	        bool& is_short_format, uint32_t& error_code ) = 0;
 	virtual	std::string saveCertificateToString(const RsPeerId &id) = 0;
 
-	virtual	bool signGPGCertificate(const RsPgpId &gpg_id) = 0;
+    virtual	bool signGPGCertificate(const RsPgpId &gpg_id,const std::string& gpg_passphrase) = 0;
 	virtual	bool trustGPGCertificate(const RsPgpId &gpg_id, uint32_t trustlvl) = 0;
 
 	/* Group Stuff */

libretroshare/src/rsserver/p3peers.cc

@@ -34,6 +34,7 @@
 #include "pqi/authssl.h"
 #include "pqi/authgpg.h"
 #include "retroshare/rsinit.h"
+#include "retroshare/rsnotify.h"
 #include "retroshare/rsfiles.h"
 #include "util/rsurl.h"
 #include "util/radix64.h"
@@ -1680,19 +1681,23 @@ std::string p3Peers::saveCertificateToString(const RsPeerId &id)
         }
 }
 
-bool 	p3Peers::signGPGCertificate(const RsPgpId &id)
+bool 	p3Peers::signGPGCertificate(const RsPgpId &id, const std::string &gpg_passphrase)
 {
 #ifdef P3PEERS_DEBUG
 	std::cerr << "p3Peers::SignCertificate() " << id;
 	std::cerr << std::endl;
 #endif
+        rsNotify->cachePgpPassphrase(gpg_passphrase);
+        rsNotify->setDisableAskPassword(true);
 
+        bool res = AuthGPG::getAuthGPG()->SignCertificateLevel0(id);
 
-        AuthGPG::getAuthGPG()->AllowConnection(id, true);
+        rsNotify->clearPgpPassphrase();
-        return AuthGPG::getAuthGPG()->SignCertificateLevel0(id);
+        rsNotify->setDisableAskPassword(false);
+
+        return res;
 }
 
-
 bool 	p3Peers::trustGPGCertificate(const RsPgpId &id, uint32_t trustlvl)
 {
 #ifdef P3PEERS_DEBUG

libretroshare/src/rsserver/p3peers.h

@@ -165,7 +165,7 @@ public:
 	virtual	bool cleanCertificate(const std::string &certstr, std::string &cleanCert, bool &is_short_format, uint32_t& error_code) override;
     virtual	std::string saveCertificateToString(const RsPeerId &id) override;
 
-    virtual	bool signGPGCertificate(const RsPgpId &id) override;
+    virtual	bool signGPGCertificate(const RsPgpId &id,const std::string& gpg_passphrase) override;
     virtual	bool trustGPGCertificate(const RsPgpId &id, uint32_t trustlvl) override;
 
 	/* Group Stuff */

retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp

@@ -740,6 +740,38 @@ void ConnectFriendWizard::accept()
 	{
 		std::cerr << "ConclusionPage::validatePage() accepting GPG key for connection." << std::endl;
 
+        if(sign)
+        {
+            std::cerr << "ConclusionPage::validatePage() signing GPG key." << std::endl;
+            bool prev_is_bad = false;
+
+            for(int i=0;i<3;++i)
+            {
+                std::string pgp_name = rsPeers->getGPGName(rsPeers->getGPGOwnId());
+                bool cancelled;
+                std::string pgp_password;
+
+                if(!NotifyQt::getInstance()->askForPassword(tr("Profile password needed.").toStdString(), pgp_name + " (" + rsPeers->getOwnId().toStdString() + ")", prev_is_bad, pgp_password,cancelled))
+                {
+                    QMessageBox::critical(NULL,tr("Identity creation failed"),tr("Cannot create an identity linked to your profile without your profile password."));
+                    return;
+                }
+
+                if(rsPeers->signGPGCertificate(peerDetails.gpg_id,pgp_password))
+                {
+                    prev_is_bad = false;
+                    break;
+                }
+                else
+                    prev_is_bad = true;
+            }
+
+            if(prev_is_bad)
+            {
+                QMessageBox::warning(nullptr,tr("Signature failed"),tr("Signature failed. Uncheck the key signature box if you want to make friends without signing the friends' certificate"));
+                return;
+            }
+        }
         if(peerDetails.skip_pgp_signature_validation)
 			rsPeers->addSslOnlyFriend(peerDetails.id, peerDetails.gpg_id,peerDetails);
 		else
@@ -757,12 +789,7 @@ void ConnectFriendWizard::accept()
 			}
 		}
 
-		if(sign)
+
-		{
-			std::cerr << "ConclusionPage::validatePage() signing GPG key." << std::endl;
-			rsPeers->signGPGCertificate(peerDetails.gpg_id); //bye default sign set accept_connection to true;
-			rsPeers->setServicePermissionFlags(peerDetails.gpg_id,serviceFlags()) ;
-		}
 
 		if (!groupId.isEmpty())
 			rsPeers->assignPeerToGroup(RsNodeGroupId(groupId.toStdString()), peerDetails.gpg_id, true);

retroshare-gui/src/gui/connect/PGPKeyDialog.cpp

@@ -87,8 +87,6 @@ PGPKeyDialog::PGPKeyDialog(const RsPeerId& id, const RsPgpId &pgp_id, QWidget *p
     connect(ui.make_friend_button, SIGNAL(clicked()), this, SLOT(makeFriend()));
     connect(ui.denyFriendButton, SIGNAL(clicked()), this, SLOT(denyFriend()));
     connect(ui.signKeyButton, SIGNAL(clicked()), this, SLOT(signGPGKey()));
-    //connect(ui.trusthelpButton, SIGNAL(clicked()), this, SLOT(showHelpDialog()));
-    //connect(ui._shouldAddSignatures_CB, SIGNAL(toggled(bool)), this, SLOT(loadInvitePage()));
     connect(ui._shouldAddSignatures_CB_2, SIGNAL(toggled(bool)), this, SLOT(loadKeyPage()));
 
     //ui.avatar->setFrameType(AvatarWidget::NORMAL_FRAME);
@@ -182,7 +180,6 @@ void PGPKeyDialog::load()
     if (detail.gpg_id == rsPeers->getGPGOwnId())
     {
         ui.make_friend_button->hide();
-        ui.signGPGKeyCheckBox->hide();
         ui.signKeyButton->hide();
         ui.denyFriendButton->hide();
 
@@ -199,62 +196,49 @@ void PGPKeyDialog::load()
         ui.trustlevel_CB->show();
         ui.is_signing_me->show();
         ui.signersLabel->setText(tr("This key is signed by :")+" ");
+        ui.signKeyButton->setEnabled(!detail.ownsign);
 
         if (detail.accept_connection)
         {
             ui.make_friend_button->hide();
             ui.denyFriendButton->show();
-            ui.signGPGKeyCheckBox->hide();
-            //connection already accepted, propose to sign gpg key
-            if (!detail.ownsign) {
-                ui.signKeyButton->show();
-            } else {
-                ui.signKeyButton->hide();
-            }
         }
         else
         {
             ui.make_friend_button->show();
             ui.denyFriendButton->hide();
-            ui.signKeyButton->hide();
-            if (!detail.ownsign) {
-                ui.signGPGKeyCheckBox->show();
-                ui.signGPGKeyCheckBox->setChecked(false);
-            } else {
-                ui.signGPGKeyCheckBox->hide();
-            }
         }
 
         //web of trust
 
-            ui.trustlevel_CB->setCurrentIndex(detail.trustLvl) ;
+        ui.trustlevel_CB->setCurrentIndex(detail.trustLvl) ;
 
 
-    QString truststring = "<p>" ;
+        QString truststring = "<p>" ;
-    truststring += tr("The trust level is a way to express your own trust in this key. It is not used by the software nor shared, but can be useful to you in order to remember good/bad keys.") ;
+        truststring += tr("The trust level is a way to express your own trust in this key. It is not used by the software nor shared, but can be useful to you in order to remember good/bad keys.") ;
-    truststring += "</p>" ;
+        truststring += "</p>" ;
-    truststring += "<p>" ;
+        truststring += "<p>" ;
         switch(detail.trustLvl)
-    {
+        {
-    case  RS_TRUST_LVL_ULTIMATE:
+        case  RS_TRUST_LVL_ULTIMATE:
-        //trust is ultimate, it means it's one of our own keys
+            //trust is ultimate, it means it's one of our own keys
-        truststring += tr("Your trust in this peer is ultimate");
+            truststring += tr("Your trust in this peer is ultimate");
-        break ;
+            break ;
-    case RS_TRUST_LVL_FULL:
+        case RS_TRUST_LVL_FULL:
-        truststring += tr("Your trust in this peer is full.");
+            truststring += tr("Your trust in this peer is full.");
-        break ;
+            break ;
-    case RS_TRUST_LVL_MARGINAL:
+        case RS_TRUST_LVL_MARGINAL:
-        truststring += tr("Your trust in this peer is marginal.");
+            truststring += tr("Your trust in this peer is marginal.");
-        break ;
+            break ;
-    case RS_TRUST_LVL_NEVER:
+        case RS_TRUST_LVL_NEVER:
-        truststring += tr("Your trust in this peer is none.");
+            truststring += tr("Your trust in this peer is none.");
-        break ;
+            break ;
 
-    default:
+        default:
-        truststring += tr("You haven't set a trust level for this key.");
+            truststring += tr("You haven't set a trust level for this key.");
-        break ;
+            break ;
-    }
+        }
-    truststring += "</p>" ;
+        truststring += "</p>" ;
         ui.trustlevel_CB->setToolTip(truststring) ;
 
         if (detail.hasSignedMe) {
@@ -358,12 +342,7 @@ void PGPKeyDialog::applyDialog()
 
 void PGPKeyDialog::makeFriend()
 {
-    if (ui.signGPGKeyCheckBox->isChecked()) {
-        rsPeers->signGPGCertificate(pgpId);
-    } 
-	
     rsPeers->addFriend(peerId, pgpId);
-//	 setServiceFlags() ;
     loadAll();
 
     emit configChanged();
@@ -379,12 +358,21 @@ void PGPKeyDialog::denyFriend()
 
 void PGPKeyDialog::signGPGKey()
 {
-    if (!rsPeers->signGPGCertificate(pgpId)) {
+    std::string gpg_name = rsPeers->getGPGName(rsPeers->getGPGOwnId());
-                 QMessageBox::warning ( NULL,
+    bool cancelled;
-                                tr("Signature Failure"),
+    std::string gpg_password;
-                                tr("Maybe password is wrong"),
+
-                                QMessageBox::Ok);
+    if(!NotifyQt::getInstance()->askForPassword(tr("Profile password needed.").toStdString(), gpg_name + " (" + rsPeers->getOwnId().toStdString() + ")", false, gpg_password,cancelled))
+    {
+        QMessageBox::critical(NULL,tr("Identity creation failed"),tr("Cannot create an identity linked to your profile without your profile password."));
+        return;
     }
+
+    rsNotify->clearPgpPassphrase(); // just in case
+
+    if(!rsPeers->signGPGCertificate(pgpId,gpg_password))
+        QMessageBox::warning ( NULL, tr("Signature Failure"), tr("Check the password!"), QMessageBox::Ok);
+
     loadAll();
 
     emit configChanged();

retroshare-gui/src/gui/connect/PGPKeyDialog.ui

@@ -7,7 +7,7 @@
     <x>0</x>
     <y>0</y>
     <width>600</width>
-    <height>401</height>
+    <height>452</height>
    </rect>
   </property>
   <property name="windowTitle">
@@ -205,16 +205,6 @@ p, li { white-space: pre-wrap; }
                   </property>
                  </widget>
                 </item>
-                <item>
-                 <widget class="QCheckBox" name="signGPGKeyCheckBox">
-                  <property name="toolTip">
-                   <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;&lt;span style=&quot; font-size:10pt;&quot;&gt;Signing a friend's key is a way to express your trust into this friend, to your other friends. It helps them to decide whether to allow connections from that key based on your own trust. Signing a key is absolutely optional and cannot be undone, so do it wisely.&lt;/span&gt;&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
-                  </property>
-                  <property name="text">
-                   <string>Sign PGP key</string>
-                  </property>
-                 </widget>
-                </item>
                 <item>
                  <spacer name="horizontalSpacer_2">
                   <property name="orientation">