mirror of
https://github.com/RetroShare/RetroShare.git
synced 2025-01-04 04:11:06 -05:00
reduce the reading access to gpgme
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@2107 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
parent
9df7ac473f
commit
5d863f6243
@ -104,23 +104,6 @@ gpg_error_t pgp_pwd_callback(void *hook, const char *uid_hint, const char *passp
|
||||
|
||||
static char *PgpPassword = NULL;
|
||||
|
||||
//bool AuthGPG::setPGPPassword_locked(std::string pwd)
|
||||
//{
|
||||
// /* reset it while we change it */
|
||||
// gpgme_set_passphrase_cb(CTX, NULL, NULL);
|
||||
//
|
||||
// if (PgpPassword)
|
||||
// free(PgpPassword);
|
||||
// PgpPassword = (char *) malloc(pwd.length() + 1);
|
||||
// memcpy(PgpPassword, pwd.c_str(), pwd.length());
|
||||
// PgpPassword[pwd.length()] = '\0';
|
||||
//
|
||||
// fprintf(stderr, "AuthGPG::setPGPPassword_locked() called\n");
|
||||
// gpgme_set_passphrase_cb(CTX, pgp_pwd_callback, (void *) PgpPassword);
|
||||
//
|
||||
// return true;
|
||||
//}
|
||||
|
||||
|
||||
AuthGPG::AuthGPG()
|
||||
:gpgmeInit(false) , p3Config(CONFIG_TYPE_AUTHGPG)
|
||||
@ -192,7 +175,9 @@ AuthGPG::AuthGPG()
|
||||
return;
|
||||
}
|
||||
|
||||
/* if we get to here -> we have inited okay */
|
||||
gpgme_set_passphrase_cb(CTX, pgp_pwd_callback, (void *) NULL);
|
||||
|
||||
/* if we get to here -> we have inited okay */
|
||||
gpgmeInit = true;
|
||||
|
||||
storeAllKeys_locked();
|
||||
@ -209,7 +194,7 @@ AuthGPG::AuthGPG()
|
||||
*/
|
||||
bool AuthGPG::availableGPGCertificatesWithPrivateKeys(std::list<std::string> &ids)
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
|
||||
int i = 0;
|
||||
gpgme_key_t KEY = NULL;
|
||||
@ -272,32 +257,21 @@ int AuthGPG::GPGInit(std::string ownId)
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
std::cerr << "AuthGPG::GPGInit() called with own gpg id : " << ownId << std::endl;
|
||||
|
||||
gpgme_key_t newKey;
|
||||
gpg_error_t ERR;
|
||||
|
||||
if (!gpgmeInit) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(GPG_ERR_NO_ERROR != (ERR = gpgme_get_key(CTX, ownId.c_str(), &newKey, 1))) {
|
||||
std::cerr << "Error reading the key from keyring" << std::endl;
|
||||
return 0;
|
||||
}
|
||||
|
||||
mOwnGpgCert.name = newKey->uids->name;
|
||||
mOwnGpgCert.email = newKey->uids->email;
|
||||
mOwnGpgCert.fpr = newKey->subkeys->fpr;
|
||||
mOwnGpgCert.id = ownId;
|
||||
mOwnGpgCert.key = newKey;
|
||||
if (!gpgmeInit) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
mOwnGpgId = ownId;
|
||||
mOwnGpgName = newKey->uids->name;
|
||||
mOwnGpgEmail = newKey->uids->email;
|
||||
gpgmeKeySelected = true;
|
||||
storeAllKeys_locked();
|
||||
printAllKeys_locked();
|
||||
|
||||
gpgme_set_passphrase_cb(CTX, pgp_pwd_callback, (void *) NULL);
|
||||
if (mOwnGpgCert.id != mOwnGpgId) {
|
||||
std::cerr << "AuthGPG::GPGInit() failed to find your id." << std::endl;
|
||||
return 0;
|
||||
}
|
||||
|
||||
gpgmeKeySelected = true;
|
||||
//printAllKeys_locked();
|
||||
|
||||
|
||||
std::cerr << "AuthGPG::GPGInit finished." << std::endl;
|
||||
|
||||
@ -308,12 +282,19 @@ int AuthGPG::GPGInit(std::string ownId)
|
||||
{
|
||||
}
|
||||
|
||||
bool AuthGPG::storeAllKeys_timed() {
|
||||
std::cerr << "AuthGPG::storeAllKeys_timed() called." << std::endl;
|
||||
if ((time(NULL) - mStoreKeyTime) > STORE_KEY_TIMEOUT) {
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
storeAllKeys_locked();
|
||||
}
|
||||
}
|
||||
|
||||
// store all keys in map mKeyList to avoid callin gpgme exe repeatedly
|
||||
bool AuthGPG::storeAllKeys_locked()
|
||||
{
|
||||
std::cerr << "AuthGPG::storeAllKeys_locked()";
|
||||
std::cerr << std::endl;
|
||||
std::cerr << "AuthGPG::storeAllKeys_locked()" << std::endl;
|
||||
mStoreKeyTime = time(NULL);
|
||||
|
||||
gpg_error_t ERR;
|
||||
if (!gpgmeInit)
|
||||
@ -555,7 +536,6 @@ bool AuthGPG::updateTrustAllKeys_locked()
|
||||
|
||||
bool AuthGPG::printAllKeys_locked()
|
||||
{
|
||||
|
||||
certmap::const_iterator it;
|
||||
for(it = mKeyList.begin(); it != mKeyList.end(); it++)
|
||||
{
|
||||
@ -848,10 +828,7 @@ bool AuthGPG::VerifySignature_locked(const void *data, int datalen, const void *
|
||||
|
||||
|
||||
|
||||
bool AuthGPG::active()
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
|
||||
bool AuthGPG::active() {
|
||||
return ((gpgmeInit) && (gpgmeKeySelected));
|
||||
}
|
||||
|
||||
@ -897,6 +874,7 @@ int AuthGPG::setConfigDirectories(std::string confFile, std::string neighDir
|
||||
/**** These Two are common */
|
||||
std::string AuthGPG::getGPGName(GPG_id id)
|
||||
{
|
||||
storeAllKeys_timed();
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
|
||||
certmap::iterator it;
|
||||
@ -909,6 +887,7 @@ std::string AuthGPG::getGPGName(GPG_id id)
|
||||
/**** These Two are common */
|
||||
std::string AuthGPG::getGPGEmail(GPG_id id)
|
||||
{
|
||||
storeAllKeys_timed();
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
|
||||
certmap::iterator it;
|
||||
@ -922,18 +901,17 @@ std::string AuthGPG::getGPGEmail(GPG_id id)
|
||||
|
||||
std::string AuthGPG::getGPGOwnId()
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
return mOwnGpgId;
|
||||
}
|
||||
|
||||
std::string AuthGPG::getGPGOwnName()
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
return mOwnGpgName;
|
||||
return mOwnGpgCert.name;
|
||||
}
|
||||
|
||||
bool AuthGPG::getGPGAllList(std::list<std::string> &ids)
|
||||
{
|
||||
storeAllKeys_timed();
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
|
||||
/* add an id for each pgp certificate */
|
||||
@ -947,6 +925,9 @@ bool AuthGPG::getGPGAllList(std::list<std::string> &ids)
|
||||
|
||||
bool AuthGPG::getGPGDetails(std::string id, RsPeerDetails &d)
|
||||
{
|
||||
std::cerr << "AuthGPG::getPGPDetails() called for : " << id << std::endl;
|
||||
|
||||
storeAllKeys_timed();
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
|
||||
/* add an id for each pgp certificate */
|
||||
@ -974,9 +955,6 @@ bool AuthGPG::getGPGDetails(std::string id, RsPeerDetails &d)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
std::cerr << "AuthGPG::getPGPDetails() get details for : " << id << std::endl;
|
||||
std::cerr << "AuthGPG::getPGPDetails() Name : " << it->second.name << std::endl;
|
||||
return true;
|
||||
} else {
|
||||
@ -1017,7 +995,8 @@ bool AuthGPG::encryptText(gpgme_data_t PLAIN, gpgme_data_t CIPHER) {
|
||||
|
||||
bool AuthGPG::getGPGValidList(std::list<std::string> &ids)
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
storeAllKeys_timed();
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
/* add an id for each pgp certificate */
|
||||
certmap::iterator it;
|
||||
for(it = mKeyList.begin(); it != mKeyList.end(); it++)
|
||||
@ -1031,7 +1010,8 @@ bool AuthGPG::getGPGValidList(std::list<std::string> &ids)
|
||||
|
||||
bool AuthGPG::getGPGAcceptedList(std::list<std::string> &ids)
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
storeAllKeys_timed();
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
certmap::iterator it;
|
||||
for(it = mKeyList.begin(); it != mKeyList.end(); it++)
|
||||
{
|
||||
@ -1045,8 +1025,9 @@ bool AuthGPG::getGPGAcceptedList(std::list<std::string> &ids)
|
||||
|
||||
bool AuthGPG::getGPGSignedList(std::list<std::string> &ids)
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
certmap::iterator it;
|
||||
storeAllKeys_timed();
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
certmap::iterator it;
|
||||
for(it = mKeyList.begin(); it != mKeyList.end(); it++)
|
||||
{
|
||||
if (it->second.ownsign)
|
||||
@ -1059,7 +1040,8 @@ bool AuthGPG::getGPGSignedList(std::list<std::string> &ids)
|
||||
|
||||
bool AuthGPG::isGPGValid(GPG_id id)
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
storeAllKeys_timed();
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
certmap::iterator it;
|
||||
if (mKeyList.end() != (it = mKeyList.find(id))) {
|
||||
return (it->second.validLvl >= GPGME_VALIDITY_MARGINAL);
|
||||
@ -1071,21 +1053,21 @@ bool AuthGPG::isGPGValid(GPG_id id)
|
||||
|
||||
bool AuthGPG::isGPGId(GPG_id id)
|
||||
{
|
||||
storeAllKeys_timed();
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
storeAllKeys_locked();
|
||||
certmap::iterator it;
|
||||
if (mKeyList.end() != (it = mKeyList.find(id))) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
bool AuthGPG::isGPGSigned(GPG_id id)
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
storeAllKeys_timed();
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
certmap::iterator it;
|
||||
if (mKeyList.end() != (it = mKeyList.find(id)))
|
||||
{
|
||||
@ -1096,7 +1078,8 @@ bool AuthGPG::isGPGSigned(GPG_id id)
|
||||
|
||||
bool AuthGPG::isGPGAccepted(GPG_id id)
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
storeAllKeys_timed();
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
certmap::iterator it;
|
||||
if (mKeyList.end() != (it = mKeyList.find(id)))
|
||||
{
|
||||
@ -1105,38 +1088,6 @@ bool AuthGPG::isGPGAccepted(GPG_id id)
|
||||
return false;
|
||||
}
|
||||
|
||||
/****** Large Parts of the p3AuthMgr is provided by AuthSSL ******
|
||||
* As the majority of functions require SSL Certs
|
||||
*
|
||||
* We don't need to save/load openpgp certificates, as the gpgme
|
||||
* handles this.
|
||||
*
|
||||
*/
|
||||
|
||||
#if 0
|
||||
|
||||
bool AuthGPG::FinalSaveCertificates()
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
bool AuthGPG::CheckSaveCertificates()
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
bool AuthGPG::saveCertificates()
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
bool AuthGPG::loadCertificates()
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/*****************************************************************
|
||||
* Loading and Saving Certificates - this has to
|
||||
* be able to handle both openpgp and X509 certificates.
|
||||
@ -1155,7 +1106,8 @@ std::string AuthGPG::SaveCertificateToString(std::string id)
|
||||
return "";
|
||||
}
|
||||
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
storeAllKeys_timed();
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
|
||||
std::string tmp;
|
||||
const char *pattern[] = { NULL, NULL };
|
||||
@ -1238,8 +1190,7 @@ bool AuthGPG::LoadCertificateFromString(std::string str, std::string &gpg_id)
|
||||
gpgme_data_release (gpgmeData);
|
||||
|
||||
/* extract id(s)! (only if we actually imported one) */
|
||||
if (imported)
|
||||
{
|
||||
if (imported) {
|
||||
storeAllKeys_locked();
|
||||
}
|
||||
//retrieve the id of the key
|
||||
@ -1277,9 +1228,11 @@ bool AuthGPG::setAcceptToConnectGPGCertificate(std::string gpg_id, bool acceptan
|
||||
std::cerr << "AuthGPG::markGPGCertificateAsFriends(" << gpg_id << ")";
|
||||
std::cerr << std::endl;
|
||||
|
||||
/* reload stuff now ... */
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
certmap::iterator it;
|
||||
|
||||
/* reload stuff now ... */
|
||||
storeAllKeys_locked();
|
||||
certmap::iterator it;
|
||||
if (mKeyList.end() == (it = mKeyList.find(gpg_id))) {
|
||||
return false;
|
||||
}
|
||||
@ -1315,21 +1268,12 @@ bool AuthGPG::RevokeCertificate(std::string id)
|
||||
{
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
|
||||
std::cerr << "AuthGPG::RevokeCertificate(" << id << ")";
|
||||
std::cerr << "AuthGPG::RevokeCertificate(" << id << ") not implemented yet";
|
||||
std::cerr << std::endl;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
bool AuthGPG::TrustCertificateMarginally(std::string id)
|
||||
{
|
||||
std::cerr << "AuthGPG::TrustCertificateMarginally(" << id << ")";
|
||||
std::cerr << std::endl;
|
||||
//TODO implement it
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
bool AuthGPG::TrustCertificate(std::string id, int trustlvl)
|
||||
{
|
||||
std::cerr << "AuthGPG::TrustCertificate(" << id << ", " << trustlvl << ")" << std::endl;
|
||||
@ -2071,9 +2015,13 @@ RsSerialiser *AuthGPG::setupSerialiser()
|
||||
std::list<RsItem*> AuthGPG::saveList(bool& cleanup)
|
||||
{
|
||||
std::cerr << "AuthGPG::saveList() called" << std::endl ;
|
||||
|
||||
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
|
||||
cleanup = true ;
|
||||
std::list<RsItem*> lst ;
|
||||
|
||||
|
||||
// Now save config for network digging strategies
|
||||
RsConfigKeyValueSet *vitem = new RsConfigKeyValueSet ;
|
||||
std::map<std::string, bool>::iterator mapIt;
|
||||
|
@ -52,6 +52,8 @@
|
||||
|
||||
#define GPG_id std::string
|
||||
|
||||
const time_t STORE_KEY_TIMEOUT = 60; //store key is call around every 60sec
|
||||
|
||||
/* gpgcert is the identifier for a person.
|
||||
* It is a wrapper class for a GPGme OpenPGP certificate.
|
||||
*/
|
||||
@ -99,7 +101,8 @@ class AuthGPG : public p3Config
|
||||
|
||||
// store all keys in map mKeyList to avoid calling gpgme exe repeatedly
|
||||
bool storeAllKeys_locked();
|
||||
bool updateTrustAllKeys_locked();
|
||||
bool storeAllKeys_timed();
|
||||
bool updateTrustAllKeys_locked();
|
||||
|
||||
bool printAllKeys_locked();
|
||||
bool printOwnKeys_locked();
|
||||
@ -231,21 +234,20 @@ private:
|
||||
/* Below is protected via the mutex */
|
||||
|
||||
certmap mKeyList;
|
||||
time_t mStoreKeyTime;
|
||||
|
||||
bool gpgmeInit;
|
||||
|
||||
bool gpgmeKeySelected;
|
||||
bool gpgmeX509Selected;
|
||||
|
||||
gpgme_engine_info_t INFO;
|
||||
gpgme_ctx_t CTX;
|
||||
|
||||
std::string mOwnGpgId;
|
||||
std::string mOwnGpgName;
|
||||
std::string mOwnGpgEmail;
|
||||
std::string mX509id;
|
||||
gpgcert mOwnGpgCert;
|
||||
|
||||
std::map<std::string, bool> mAcceptToConnectMap;
|
||||
|
||||
gpgcert mOwnGpgCert;
|
||||
};
|
||||
|
||||
/* Sign a key */
|
||||
|
Loading…
Reference in New Issue
Block a user