Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-01-01 02:46:20 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

reduce the reading access to gpgme

Browse Source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@2107 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
joss17 2010-01-21 22:04:20 +00:00
parent 9df7ac473f
commit 5d863f6243
2 changed files with 66 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

168
libretroshare/src/pqi/authgpg.cc
View File

@ -104,23 +104,6 @@ gpg_error_t pgp_pwd_callback(void *hook, const char *uid_hint, const char *passp
static char *PgpPassword = NULL;
//bool AuthGPG::setPGPPassword_locked(std::string pwd)
//{
// /* reset it while we change it */
// gpgme_set_passphrase_cb(CTX, NULL, NULL);
//
// if (PgpPassword)
// free(PgpPassword);
// PgpPassword = (char *) malloc(pwd.length() + 1);
// memcpy(PgpPassword, pwd.c_str(), pwd.length());
// PgpPassword[pwd.length()] = '\0';
//
// fprintf(stderr, "AuthGPG::setPGPPassword_locked() called\n");
// gpgme_set_passphrase_cb(CTX, pgp_pwd_callback, (void *) PgpPassword);
//
// return true;
//}
AuthGPG::AuthGPG()
:gpgmeInit(false) , p3Config(CONFIG_TYPE_AUTHGPG)
@ -192,7 +175,9 @@ AuthGPG::AuthGPG()
return;
}
/* if we get to here -> we have inited okay */
gpgme_set_passphrase_cb(CTX, pgp_pwd_callback, (void *) NULL);
/* if we get to here -> we have inited okay */
gpgmeInit = true;
storeAllKeys_locked();
@ -209,7 +194,7 @@ AuthGPG::AuthGPG()
*/
bool AuthGPG::availableGPGCertificatesWithPrivateKeys(std::list<std::string> &ids)
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
int i = 0;
gpgme_key_t KEY = NULL;
@ -272,32 +257,21 @@ int AuthGPG::GPGInit(std::string ownId)
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
std::cerr << "AuthGPG::GPGInit() called with own gpg id : " << ownId << std::endl;
gpgme_key_t newKey;
gpg_error_t ERR;
if (!gpgmeInit) {
return 0;
}
if(GPG_ERR_NO_ERROR != (ERR = gpgme_get_key(CTX, ownId.c_str(), &newKey, 1))) {
std::cerr << "Error reading the key from keyring" << std::endl;
return 0;
}
mOwnGpgCert.name = newKey->uids->name;
mOwnGpgCert.email = newKey->uids->email;
mOwnGpgCert.fpr = newKey->subkeys->fpr;
mOwnGpgCert.id = ownId;
mOwnGpgCert.key = newKey;
if (!gpgmeInit) {
return 0;
}
mOwnGpgId = ownId;
mOwnGpgName = newKey->uids->name;
mOwnGpgEmail = newKey->uids->email;
gpgmeKeySelected = true;
storeAllKeys_locked();
printAllKeys_locked();
gpgme_set_passphrase_cb(CTX, pgp_pwd_callback, (void *) NULL);
if (mOwnGpgCert.id != mOwnGpgId) {
std::cerr << "AuthGPG::GPGInit() failed to find your id." << std::endl;
return 0;
}
gpgmeKeySelected = true;
//printAllKeys_locked();
std::cerr << "AuthGPG::GPGInit finished." << std::endl;
@ -308,12 +282,19 @@ int AuthGPG::GPGInit(std::string ownId)
{
}
bool AuthGPG::storeAllKeys_timed() {
std::cerr << "AuthGPG::storeAllKeys_timed() called." << std::endl;
if ((time(NULL) - mStoreKeyTime) > STORE_KEY_TIMEOUT) {
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
storeAllKeys_locked();
}
}
// store all keys in map mKeyList to avoid callin gpgme exe repeatedly
bool AuthGPG::storeAllKeys_locked()
{
std::cerr << "AuthGPG::storeAllKeys_locked()";
std::cerr << std::endl;
std::cerr << "AuthGPG::storeAllKeys_locked()" << std::endl;
mStoreKeyTime = time(NULL);
gpg_error_t ERR;
if (!gpgmeInit)
@ -555,7 +536,6 @@ bool AuthGPG::updateTrustAllKeys_locked()
bool AuthGPG::printAllKeys_locked()
{
certmap::const_iterator it;
for(it = mKeyList.begin(); it != mKeyList.end(); it++)
{
@ -848,10 +828,7 @@ bool AuthGPG::VerifySignature_locked(const void *data, int datalen, const void *
bool AuthGPG::active()
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
bool AuthGPG::active() {
return ((gpgmeInit) && (gpgmeKeySelected));
}
@ -897,6 +874,7 @@ int AuthGPG::setConfigDirectories(std::string confFile, std::string neighDir
/**** These Two are common */
std::string AuthGPG::getGPGName(GPG_id id)
{
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
certmap::iterator it;
@ -909,6 +887,7 @@ std::string AuthGPG::getGPGName(GPG_id id)
/**** These Two are common */
std::string AuthGPG::getGPGEmail(GPG_id id)
{
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
certmap::iterator it;
@ -922,18 +901,17 @@ std::string AuthGPG::getGPGEmail(GPG_id id)
std::string AuthGPG::getGPGOwnId()
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
return mOwnGpgId;
}
std::string AuthGPG::getGPGOwnName()
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
return mOwnGpgName;
return mOwnGpgCert.name;
}
bool AuthGPG::getGPGAllList(std::list<std::string> &ids)
{
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
/* add an id for each pgp certificate */
@ -947,6 +925,9 @@ bool AuthGPG::getGPGAllList(std::list<std::string> &ids)
bool AuthGPG::getGPGDetails(std::string id, RsPeerDetails &d)
{
std::cerr << "AuthGPG::getPGPDetails() called for : " << id << std::endl;
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
/* add an id for each pgp certificate */
@ -974,9 +955,6 @@ bool AuthGPG::getGPGDetails(std::string id, RsPeerDetails &d)
}
}
std::cerr << "AuthGPG::getPGPDetails() get details for : " << id << std::endl;
std::cerr << "AuthGPG::getPGPDetails() Name : " << it->second.name << std::endl;
return true;
} else {
@ -1017,7 +995,8 @@ bool AuthGPG::encryptText(gpgme_data_t PLAIN, gpgme_data_t CIPHER) {
bool AuthGPG::getGPGValidList(std::list<std::string> &ids)
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
/* add an id for each pgp certificate */
certmap::iterator it;
for(it = mKeyList.begin(); it != mKeyList.end(); it++)
@ -1031,7 +1010,8 @@ bool AuthGPG::getGPGValidList(std::list<std::string> &ids)
bool AuthGPG::getGPGAcceptedList(std::list<std::string> &ids)
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
certmap::iterator it;
for(it = mKeyList.begin(); it != mKeyList.end(); it++)
{
@ -1045,8 +1025,9 @@ bool AuthGPG::getGPGAcceptedList(std::list<std::string> &ids)
bool AuthGPG::getGPGSignedList(std::list<std::string> &ids)
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
certmap::iterator it;
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
certmap::iterator it;
for(it = mKeyList.begin(); it != mKeyList.end(); it++)
{
if (it->second.ownsign)
@ -1059,7 +1040,8 @@ bool AuthGPG::getGPGSignedList(std::list<std::string> &ids)
bool AuthGPG::isGPGValid(GPG_id id)
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
certmap::iterator it;
if (mKeyList.end() != (it = mKeyList.find(id))) {
return (it->second.validLvl >= GPGME_VALIDITY_MARGINAL);
@ -1071,21 +1053,21 @@ bool AuthGPG::isGPGValid(GPG_id id)
bool AuthGPG::isGPGId(GPG_id id)
{
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
storeAllKeys_locked();
certmap::iterator it;
if (mKeyList.end() != (it = mKeyList.find(id))) {
return true;
} else {
return false;
}
}
bool AuthGPG::isGPGSigned(GPG_id id)
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
certmap::iterator it;
if (mKeyList.end() != (it = mKeyList.find(id)))
{
@ -1096,7 +1078,8 @@ bool AuthGPG::isGPGSigned(GPG_id id)
bool AuthGPG::isGPGAccepted(GPG_id id)
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
certmap::iterator it;
if (mKeyList.end() != (it = mKeyList.find(id)))
{
@ -1105,38 +1088,6 @@ bool AuthGPG::isGPGAccepted(GPG_id id)
return false;
}
/****** Large Parts of the p3AuthMgr is provided by AuthSSL ******
* As the majority of functions require SSL Certs
*
* We don't need to save/load openpgp certificates, as the gpgme
* handles this.
*
*/
#if 0
bool AuthGPG::FinalSaveCertificates()
{
return false;
}
bool AuthGPG::CheckSaveCertificates()
{
return false;
}
bool AuthGPG::saveCertificates()
{
return false;
}
bool AuthGPG::loadCertificates()
{
return false;
}
#endif
/*****************************************************************
* Loading and Saving Certificates - this has to
* be able to handle both openpgp and X509 certificates.
@ -1155,7 +1106,8 @@ std::string AuthGPG::SaveCertificateToString(std::string id)
return "";
}
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
std::string tmp;
const char *pattern[] = { NULL, NULL };
@ -1238,8 +1190,7 @@ bool AuthGPG::LoadCertificateFromString(std::string str, std::string &gpg_id)
gpgme_data_release (gpgmeData);
/* extract id(s)! (only if we actually imported one) */
if (imported)
{
if (imported) {
storeAllKeys_locked();
}
//retrieve the id of the key
@ -1277,9 +1228,11 @@ bool AuthGPG::setAcceptToConnectGPGCertificate(std::string gpg_id, bool acceptan
std::cerr << "AuthGPG::markGPGCertificateAsFriends(" << gpg_id << ")";
std::cerr << std::endl;
/* reload stuff now ... */
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
certmap::iterator it;
/* reload stuff now ... */
storeAllKeys_locked();
certmap::iterator it;
if (mKeyList.end() == (it = mKeyList.find(gpg_id))) {
return false;
}
@ -1315,21 +1268,12 @@ bool AuthGPG::RevokeCertificate(std::string id)
{
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
std::cerr << "AuthGPG::RevokeCertificate(" << id << ")";
std::cerr << "AuthGPG::RevokeCertificate(" << id << ") not implemented yet";
std::cerr << std::endl;
return false;
}
bool AuthGPG::TrustCertificateMarginally(std::string id)
{
std::cerr << "AuthGPG::TrustCertificateMarginally(" << id << ")";
std::cerr << std::endl;
//TODO implement it
return false;
}
bool AuthGPG::TrustCertificate(std::string id, int trustlvl)
{
std::cerr << "AuthGPG::TrustCertificate(" << id << ", " << trustlvl << ")" << std::endl;
@ -2071,9 +2015,13 @@ RsSerialiser *AuthGPG::setupSerialiser()
std::list<RsItem*> AuthGPG::saveList(bool& cleanup)
{
std::cerr << "AuthGPG::saveList() called" << std::endl ;
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
cleanup = true ;
std::list<RsItem*> lst ;
// Now save config for network digging strategies
RsConfigKeyValueSet *vitem = new RsConfigKeyValueSet ;
std::map<std::string, bool>::iterator mapIt;

14
libretroshare/src/pqi/authgpg.h
View File

@ -52,6 +52,8 @@
#define GPG_id std::string
const time_t STORE_KEY_TIMEOUT = 60; //store key is call around every 60sec
/* gpgcert is the identifier for a person.
* It is a wrapper class for a GPGme OpenPGP certificate.
*/
@ -99,7 +101,8 @@ class AuthGPG : public p3Config
// store all keys in map mKeyList to avoid calling gpgme exe repeatedly
bool storeAllKeys_locked();
bool updateTrustAllKeys_locked();
bool storeAllKeys_timed();
bool updateTrustAllKeys_locked();
bool printAllKeys_locked();
bool printOwnKeys_locked();
@ -231,21 +234,20 @@ private:
/* Below is protected via the mutex */
certmap mKeyList;
time_t mStoreKeyTime;
bool gpgmeInit;
bool gpgmeKeySelected;
bool gpgmeX509Selected;
gpgme_engine_info_t INFO;
gpgme_ctx_t CTX;
std::string mOwnGpgId;
std::string mOwnGpgName;
std::string mOwnGpgEmail;
std::string mX509id;
gpgcert mOwnGpgCert;
std::map<std::string, bool> mAcceptToConnectMap;
gpgcert mOwnGpgCert;
};
/* Sign a key */