Conversion of the SSL connection methods.

* Added new XPGP functions to checking certificates.
* Converted SSL classes from cert * -> p3AuthMgr.
* Added check of addresses before connect attempt.
* started up listener correctly.



git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@319 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
drbob 2008-01-28 05:40:32 +00:00
parent f9d6f1c418
commit 798e19d58c
14 changed files with 221 additions and 109 deletions

View File

@ -1105,6 +1105,68 @@ bool AuthXPGP::getXPGPid(XPGP *xpgp, std::string &xpgpid)
}
/* validate + get id */
bool AuthXPGP::ValidateCertificateXPGP(XPGP *xpgp, std::string &peerId)
{
/* check self signed */
if (!XPGP_check_valid_certificate(xpgp))
{
/* bad certificate */
return false;
}
return getXPGPid(xpgp, peerId);
}
/* store for discovery */
bool AuthXPGP::FailedCertificateXPGP(XPGP *xpgp, bool incoming)
{
std::string id;
return ProcessXPGP(xpgp, id);
}
/* check that they are exact match */
bool AuthXPGP::CheckCertificateXPGP(std::string xpgpId, XPGP *xpgp)
{
xpgpMtx.lock(); /***** LOCK *****/
xpgpcert *cert = NULL;
if (!locked_FindCert(xpgpId, &cert))
{
/* not there -> error */
XPGP_free(xpgp);
xpgpMtx.unlock(); /**** UNLOCK ****/
return false;
}
else
{
/* have a duplicate */
/* check that they are exact */
if (0 != XPGP_cmp(cert->certificate, xpgp))
{
/* MAJOR ERROR */
XPGP_free(xpgp);
xpgpMtx.unlock(); /**** UNLOCK ****/
return false;
}
/* transfer new signatures */
XPGP_copy_known_signatures(pgp_keyring, cert->certificate, xpgp);
XPGP_free(xpgp);
/* update signers */
cert->signers = getXPGPsigners(cert->certificate);
xpgpMtx.unlock(); /**** UNLOCK ****/
return true;
}
}
/********************************************************************************/
/********************************************************************************/
/********************************************************************************/

View File

@ -119,15 +119,18 @@ virtual bool TrustCertificate(std::string id, bool trust);
/* Sign / Encrypt / Verify Data (TODO) */
/**** NEW functions we've added ****/
/*********** Overloaded Functions from p3AuthMgr **********/
public: /* XPGP specific functions used in pqissl/pqissllistener */
SSL_CTX *getCTX();
bool ValidateCertificateXPGP(XPGP *xpgp, std::string &peerId); /* validate + get id */
bool FailedCertificateXPGP(XPGP *xpgp, bool incoming); /* store for discovery */
bool CheckCertificateXPGP(std::string peerId, XPGP *xpgp); /* check that they are exact match */
private:
/* Helper Functions */
SSL_CTX *getCTX();
bool getXPGPid(XPGP *xpgp, std::string &xpgpid);
bool ProcessXPGP(XPGP *xpgp, std::string &id);

View File

@ -1079,7 +1079,7 @@ void p3ConnectMgr::peerStatus(std::string id,
pca.type = RS_NET_CONN_TCP_LOCAL;
pca.addr = details.laddr;
it->second.connAddrs.push_front(pca);
it->second.connAddrs.push_back(pca);
}
if ((details.type & RS_NET_CONN_TCP_EXTERNAL) &&
@ -1092,7 +1092,7 @@ void p3ConnectMgr::peerStatus(std::string id,
pca.type = RS_NET_CONN_TCP_EXTERNAL;
pca.addr = details.raddr;
it->second.connAddrs.push_front(pca);
it->second.connAddrs.push_back(pca);
}
if (it->second.inConnAttempt)
@ -1491,7 +1491,7 @@ bool p3ConnectMgr::retryConnect(std::string id)
pca.type = RS_NET_CONN_TCP_LOCAL;
pca.addr = it->second.localaddr;
it->second.connAddrs.push_front(pca);
it->second.connAddrs.push_back(pca);
}
else
{
@ -1539,7 +1539,7 @@ bool p3ConnectMgr::retryConnect(std::string id)
pca.type = RS_NET_CONN_TCP_EXTERNAL;
pca.addr = it->second.serveraddr;
it->second.connAddrs.push_front(pca);
it->second.connAddrs.push_back(pca);
}
else
{
@ -1554,9 +1554,13 @@ bool p3ConnectMgr::retryConnect(std::string id)
return true;
}
/* start a connection attempt */
it->second.actions |= RS_PEER_CONNECT_REQ;
mStatusChanged = true;
/* start a connection attempt (only if we stuck something on the queue) */
if (it->second.connAddrs.size() > 0)
{
it->second.actions |= RS_PEER_CONNECT_REQ;
mStatusChanged = true;
}
return true;
}

View File

@ -342,7 +342,8 @@ int pqiperson::connect(uint32_t type, struct sockaddr_in raddr)
out << " addr: " << inet_ntoa(raddr.sin_addr);
out << ":" << ntohs(raddr.sin_port);
out << std::endl;
pqioutput(PQL_DEBUG_BASIC, pqipersonzone, out.str());
std::cerr << out.str();
//pqioutput(PQL_DEBUG_BASIC, pqipersonzone, out.str());
}
std::map<uint32_t, pqiconnect *>::iterator it;

View File

@ -100,6 +100,8 @@ virtual ~pqiperson(); // must clean up children.
// control of the connection.
int reset();
int listen();
int stoplistening();
int connect(uint32_t type, struct sockaddr_in raddr);
// add in connection method.
@ -129,8 +131,6 @@ virtual void setMaxRate(bool in, float val);
private: /* Helper functions */
int listen();
int stoplistening();
pqipersongrp *pqipg; /* parent for callback */
};

View File

@ -280,6 +280,7 @@ int pqipersongrp::addPeer(std::string id)
// reset it to start it working.
pqip -> reset();
pqip -> listen();
return AddSearchModule(sm);
}
@ -330,15 +331,30 @@ int pqipersongrp::connectPeer(std::string id)
struct sockaddr_in addr;
uint32_t type;
mConnMgr->connectAttempt(id, addr, type);
if (!mConnMgr->connectAttempt(id, addr, type))
{
std::cerr << " pqipersongrp::connectPeer() No Net Address";
std::cerr << std::endl;
return 0;
}
std::cerr << " pqipersongrp::connectPeer() connectAttempt data id: " << id;
std::cerr << " addr: " << inet_ntoa(addr.sin_addr) << ":" << ntohs(addr.sin_port);
std::cerr << " type: " << type;
std::cerr << std::endl;
uint32_t ptype;
if (type & RS_NET_CONN_TCP_ALL)
{
std::cerr << " pqipersongrp::connectPeer() connecting with TCP";
std::cerr << std::endl;
ptype = PQI_CONNECT_TCP;
}
else if (type & RS_NET_CONN_UDP_ALL)
{
std::cerr << " pqipersongrp::connectPeer() connecting with UDP";
std::cerr << std::endl;
ptype = PQI_CONNECT_UDP;
}
else

View File

@ -85,7 +85,7 @@ static const int PQISSL_SSL_CONNECT_TIMEOUT = 30;
*
*/
pqissl::pqissl(pqissllistener *l, PQInterface *parent)
pqissl::pqissl(pqissllistener *l, PQInterface *parent, p3AuthMgr *am, p3ConnectMgr *cm)
:NetBinInterface(parent, parent->PeerId()),
waiting(WAITING_NOT), active(false), certvalid(false),
sslmode(PQISSL_ACTIVE), ssl_connection(NULL), sockfd(-1),
@ -93,7 +93,16 @@ pqissl::pqissl(pqissllistener *l, PQInterface *parent)
readpkt(NULL), pktlen(0),
attempt_ts(0),
net_attempt(0), net_failure(0), net_unreachable(0),
sameLAN(false), n_read_zero(0)
sameLAN(false), n_read_zero(0),
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
mAuthMgr((AuthXPGP *) am), mConnMgr(cm)
#else /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
mAuthMgr(am), mConnMgr(cm)
#endif /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
{
/* set address to zero */
@ -101,26 +110,13 @@ pqissl::pqissl(pqissllistener *l, PQInterface *parent)
remote_addr.sin_port = 0;
remote_addr.sin_family = AF_INET;
sslroot *sslccr = getSSLRoot();
{
std::ostringstream out;
out << "pqissl for PeerId: " << PeerId();
pqioutput(PQL_ALERT, pqisslzone, out.str());
}
cert *sslcert = sslccr->findPeerId(PeerId());
// check certificate
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
sslccr -> validateCertificateXPGP(sslcert);
#else /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
sslccr -> validateCertificate(sslcert);
#endif /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
if (!(sslcert -> Valid()))
if (!(mAuthMgr->isAuthenticated(PeerId())))
{
pqioutput(PQL_ALERT, pqisslzone,
"pqissl::Warning Certificate Not Approved!");
@ -269,9 +265,6 @@ int pqissl::status()
{
int alg;
sslroot *sslccr = getSSLRoot();
cert *sslcert = sslccr->findPeerId(PeerId());
std::ostringstream out;
out << "pqissl::status()";
@ -279,9 +272,8 @@ int pqissl::status()
{
out << " active: " << std::endl;
// print out connection.
out << "Connected TO : ";
sslccr -> printCertificate(sslcert, out);
out << "Connected TO : " << PeerId();
out << std::endl;
// print out cipher.
out << "\t\tSSL Cipher:" << SSL_get_cipher(ssl_connection);
out << " (" << SSL_get_cipher_bits(ssl_connection, &alg);
@ -296,7 +288,6 @@ int pqissl::status()
out << " Waiting for connection!" << std::endl;
}
out << "pqissl::cert status : " << sslcert -> Status() << std::endl;
pqioutput(PQL_DEBUG_BASIC, pqisslzone, out.str());
if (active)
@ -807,9 +798,6 @@ int pqissl::Initiate_SSL_Connection()
return err;
}
sslroot *sslccr = getSSLRoot();
pqioutput(PQL_DEBUG_BASIC, pqisslzone,
"pqissl::Initiate_SSL_Connection() Basic Connection Okay");
@ -818,7 +806,7 @@ int pqissl::Initiate_SSL_Connection()
// Perform SSL magic.
// library already inited by sslroot().
SSL *ssl = SSL_new(sslccr -> getCTX());
SSL *ssl = SSL_new(mAuthMgr->getCTX());
if (ssl == NULL)
{
pqioutput(PQL_ALERT, pqisslzone,
@ -934,8 +922,6 @@ int pqissl::Extract_Failed_SSL_Certificate()
pqioutput(PQL_DEBUG_BASIC, pqisslzone,
"pqissl::Extract_Failed_SSL_Certificate()");
sslroot *sslccr = getSSLRoot();
// Get the Peer Certificate....
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
@ -963,10 +949,9 @@ int pqissl::Extract_Failed_SSL_Certificate()
// (pqissl's case) sslcert->serveraddr or sslcert->localaddr.
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
sslccr -> registerCertificateXPGP(peercert, remote_addr, false);
mAuthMgr->FailedCertificateXPGP(peercert, false);
#else /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
sslccr -> registerCertificate(peercert, remote_addr, false);
#endif /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
@ -1003,8 +988,7 @@ int pqissl::Authorise_SSL_Connection()
waiting = WAITING_NOT;
// Get the Peer Certificate....
sslroot *sslccr = getSSLRoot();
cert *sslcert = sslccr->findPeerId(PeerId());
AuthXPGP *authXPGP = (AuthXPGP *) getAuthMgr();
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
@ -1020,11 +1004,6 @@ int pqissl::Authorise_SSL_Connection()
pqioutput(PQL_WARNING, pqisslzone,
"pqissl::Authorise_SSL_Connection() Peer Didnt Give Cert");
//SSL_shutdown(ssl_connection);
//net_internal_close(sockfd);
//waiting = WAITING_FAIL_INTERFACE;
//
// Failed completely
reset();
return -1;
@ -1038,28 +1017,21 @@ int pqissl::Authorise_SSL_Connection()
// we actually connected to remote_addr,
// which could be
// (pqissl's case) sslcert->serveraddr or sslcert->localaddr.
bool certCorrect = false;
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
//cert *npc = sslccr -> registerCertificateXPGP(peercert, sslcert -> serveraddr, false);
cert *npc = sslccr -> registerCertificateXPGP(peercert, remote_addr, false);
certCorrect = mAuthMgr->CheckCertificateXPGP(PeerId(), peercert);
#else /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
//cert *npc = sslccr -> registerCertificate(peercert, sslcert -> serveraddr, false);
cert *npc = sslccr -> registerCertificate(peercert, remote_addr, false);
#endif /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
// check it's the right one.
if ((npc != NULL) && (!(npc -> Connected())) &&
(sslccr -> compareCerts(sslcert, npc) == 0))
if (certCorrect)
{
// then okay...
// timestamp.
npc -> lc_timestamp = time(NULL);
// pass to accept...
// and notify that we're likely to succeed.
pqioutput(PQL_DEBUG_BASIC, pqisslzone,
"pqissl::Authorise_SSL_Connection() Accepting Conn");
@ -1071,12 +1043,7 @@ int pqissl::Authorise_SSL_Connection()
"pqissl::Authorise_SSL_Connection() Something Wrong ... Shutdown ");
// else shutdown ssl connection.
//
// failed completely...
//SSL_shutdown(ssl_connection);
//net_internal_close(sockfd);
//sockfd = -1;
//waiting = WAITING_FAIL_INTERFACE;
reset();
return 0;
}
@ -1166,19 +1133,18 @@ int pqissl::accept(SSL *ssl, int fd, struct sockaddr_in foreign_addr) // initiat
remote_addr = foreign_addr;
/* check whether it is on the same LAN */
sslroot *sslccr = getSSLRoot();
cert *own = sslccr -> getOwnCert();
struct sockaddr_in own_laddr = own -> localaddr;
sameLAN = isSameSubnet(&(remote_addr.sin_addr), &(own_laddr.sin_addr));
peerConnectState details;
mConnMgr->getOwnNetStatus(details);
sameLAN = isSameSubnet(&(remote_addr.sin_addr), &(details.localaddr.sin_addr));
{
std::ostringstream out;
out << "pqissl::accept() checking for same LAN";
out << std::endl;
out << "\t localaddr: " << inet_ntoa(remote_addr.sin_addr);
out << "\t localaddr: " << inet_ntoa(details.localaddr.sin_addr);
out << std::endl;
out << "\tremoteaddr: " << inet_ntoa(own_laddr.sin_addr);
out << "\t remoteaddr: " << inet_ntoa(remote_addr.sin_addr);
out << std::endl;
if (sameLAN)
{

View File

@ -38,12 +38,13 @@
#include "pqi/pqi_base.h"
#include "pqi/p3connmgr.h"
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
#include "pqi/xpgpcert.h"
#include "pqi/authxpgp.h"
#else /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
#include "pqi/sslcert.h"
#endif /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
@ -93,7 +94,8 @@ class pqissllistener;
class pqissl: public NetBinInterface
{
public:
pqissl(pqissllistener *l, PQInterface *parent);
pqissl(pqissllistener *l, PQInterface *parent,
p3AuthMgr *am, p3ConnectMgr *cm);
virtual ~pqissl();
// NetInterface
@ -190,6 +192,19 @@ virtual int net_internal_fcntl_nonblock(int fd) { return unix_fcntl_nonblock(fd)
private:
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
AuthXPGP *mAuthMgr;
#else /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
#endif /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
p3ConnectMgr *mConnMgr;
// ssl only fns.
int connectInterface(sockaddr_in&);

View File

@ -48,11 +48,19 @@ const int pqissllistenzone = 49787;
*/
pqissllistenbase::pqissllistenbase(struct sockaddr_in addr)
:laddr(addr), active(false)
pqissllistenbase::pqissllistenbase(struct sockaddr_in addr, p3AuthMgr *am, p3ConnectMgr *cm)
:laddr(addr), active(false),
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
mAuthMgr((AuthXPGP *) am), mConnMgr(cm)
#else /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
mAuthMgr(am), mConnMgr(cm)
#endif /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
{
sslccr = getSSLRoot();
if (!(sslccr -> active()))
if (!(mAuthMgr -> active()))
{
pqioutput(PQL_ALERT, pqissllistenzone,
"SSL-CTX-CERT-ROOT not initialised!");
@ -304,7 +312,7 @@ int pqissllistenbase::acceptconnection()
// Negotiate certificates. SSL stylee.
// Allow negotiations for secure transaction.
SSL *ssl = SSL_new(sslccr -> getCTX());
SSL *ssl = SSL_new(mAuthMgr -> getCTX());
SSL_set_fd(ssl, fd);
return continueSSL(ssl, remote_addr, true); // continue and save if incomplete.
@ -444,7 +452,7 @@ int pqissllistenbase::Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_
// false for outgoing....
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
sslccr -> registerCertificateXPGP(peercert, *inaddr, true);
mAuthMgr->FailedCertificateXPGP(peercert, true);
#else /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
sslccr -> registerCertificate(peercert, *inaddr, true);
@ -492,8 +500,8 @@ int pqissllistenbase::continueaccepts()
*
*/
pqissllistener::pqissllistener(struct sockaddr_in addr)
:pqissllistenbase(addr)
pqissllistener::pqissllistener(struct sockaddr_in addr, p3AuthMgr *am, p3ConnectMgr *cm)
:pqissllistenbase(addr, am, cm)
{
return;
}
@ -600,10 +608,12 @@ int pqissllistener::completeConnection(int fd, SSL *ssl, struct sockaddr_in &rem
return -1;
}
// save certificate... (and ip locations)
// Check cert.
std::string newPeerId;
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
cert *npc = sslccr -> registerCertificateXPGP(peercert, remote_addr, true);
bool certOk = mAuthMgr->ValidateCertificateXPGP(peercert, newPeerId);
#else /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
cert *npc = sslccr -> registerCertificate(peercert, remote_addr, true);
@ -614,13 +624,14 @@ int pqissllistener::completeConnection(int fd, SSL *ssl, struct sockaddr_in &rem
std::map<std::string, pqissl *>::iterator it;
// Let connected one through as well! if ((npc == NULL) || (npc -> Connected()))
if (npc == NULL)
if (!certOk)
{
pqioutput(PQL_WARNING, pqissllistenzone,
"pqissllistener::completeConnection() registerCertificate Failed!");
// bad - shutdown.
// pqissllistenbase will shutdown!
XPGP_free(peercert);
return -1;
}
else
@ -628,12 +639,12 @@ int pqissllistener::completeConnection(int fd, SSL *ssl, struct sockaddr_in &rem
std::ostringstream out;
out << "pqissllistener::continueSSL()" << std::endl;
out << "checking: " << npc -> Name() << std::endl;
out << "checking: " << newPeerId << std::endl;
// check if cert is in our list.....
for(it = listenaddr.begin();(found!=true) && (it!=listenaddr.end());)
{
out << "\tagainst: " << it->first << std::endl;
if (it -> first == npc->PeerId())
if (it -> first == newPeerId)
{
out << "\t\tMatch!";
found = true;
@ -655,6 +666,20 @@ int pqissllistener::completeConnection(int fd, SSL *ssl, struct sockaddr_in &rem
out << std::endl;
out << "pqissllistenbase: Will shut it down!" << std::endl;
pqioutput(PQL_WARNING, pqissllistenzone, out.str());
XPGP_free(peercert);
return -1;
}
/* Certificate consumed! */
bool certKnown = mAuthMgr->CheckCertificateXPGP(it->first, peercert);
if (certKnown == false)
{
std::ostringstream out;
out << "Failed Final Check";
out << " for Connection:" << inet_ntoa(remote_addr.sin_addr);
out << std::endl;
out << "pqissllistenbase: Will shut it down!" << std::endl;
pqioutput(PQL_WARNING, pqissllistenzone, out.str());
return -1;
}

View File

@ -41,10 +41,10 @@
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
#include "pqi/xpgpcert.h"
#include "pqi/authxpgp.h"
#else /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
#include "pqi/sslcert.h"
//#include "pqi/sslcert.h"
#endif /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
@ -52,14 +52,13 @@
*/
class pqissl;
class cert;
class pqissllistenbase: public pqilistener
{
public:
pqissllistenbase(struct sockaddr_in addr);
pqissllistenbase(struct sockaddr_in addr, p3AuthMgr *am, p3ConnectMgr *cm);
virtual ~pqissllistenbase();
/*************************************/
@ -83,20 +82,34 @@ virtual int completeConnection(int sockfd, SSL *in_connection, struct sockaddr_i
protected:
struct sockaddr_in laddr;
sslroot *sslccr;
private:
// fn to get cert, anyway
int Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_in *inaddr);
bool active;
int lsock;
cert *localcert;
std::map<SSL *, struct sockaddr_in> incoming_ssl;
protected:
/**************** PQI_USE_XPGP ******************/
#if defined(PQI_USE_XPGP)
AuthXPGP *mAuthMgr;
#else /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
p3AuthMgr *mAuthMgr;
#endif /* X509 Certificates */
/**************** PQI_USE_XPGP ******************/
p3ConnectMgr *mConnMgr;
};
@ -104,7 +117,7 @@ class pqissllistener: public pqissllistenbase
{
public:
pqissllistener(struct sockaddr_in addr);
pqissllistener(struct sockaddr_in addr, p3AuthMgr *am, p3ConnectMgr *cm);
virtual ~pqissllistener();
int addlistenaddr(std::string id, pqissl *acc);

View File

@ -25,6 +25,8 @@
#include "pqi/pqisslpersongrp.h"
#include "pqi/pqidebug.h"
#include "pqi/p3authmgr.h"
#include <sstream>
const int pqipersongrpzone = 354;
@ -40,7 +42,8 @@ const int pqipersongrpzone = 354;
pqilistener * pqisslpersongrp::createListener(struct sockaddr_in laddr)
{
pqilistener *listener = new pqissllistener(laddr);
p3AuthMgr *authMgr = getAuthMgr();
pqilistener *listener = new pqissllistener(laddr, authMgr, mConnMgr);
return listener;
}
@ -52,8 +55,9 @@ pqiperson * pqisslpersongrp::createPerson(std::string id, pqilistener *listener)
pqioutput(PQL_DEBUG_BASIC, pqipersongrpzone, out.str());
}
p3AuthMgr *authMgr = getAuthMgr();
pqiperson *pqip = new pqiperson(id, this);
pqissl *pqis = new pqissl((pqissllistener *) listener, pqip);
pqissl *pqis = new pqissl((pqissllistener *) listener, pqip, authMgr, mConnMgr);
/* construct the serialiser ....
* Needs:
@ -72,7 +76,7 @@ pqiperson * pqisslpersongrp::createPerson(std::string id, pqilistener *listener)
pqip -> addChildInterface(PQI_CONNECT_TCP, pqisc);
#ifdef PQI_USE_PROXY
pqissludp *pqius = new pqissludp(pqip);
pqissludp *pqius = new pqissludp(pqip, authMgr, mConnMgr);
RsSerialiser *rss2 = new RsSerialiser();
rss2->addSerialType(new RsFileItemSerialiser());

View File

@ -49,8 +49,8 @@ static const int PQI_SSLUDP_CONNECT_TIMEOUT = 300;
/********** PQI SSL UDP STUFF **************************************/
pqissludp::pqissludp(PQInterface *parent)
:pqissl(NULL, parent), tou_bio(NULL),
pqissludp::pqissludp(PQInterface *parent, p3AuthMgr *am, p3ConnectMgr *cm)
:pqissl(NULL, parent, am, cm), tou_bio(NULL),
listen_checktime(0)
{

View File

@ -55,7 +55,8 @@ class cert;
class pqissludp: public pqissl
{
public:
pqissludp(PQInterface *parent);
pqissludp(PQInterface *parent, p3AuthMgr *am, p3ConnectMgr *cm);
virtual ~pqissludp();
// NetInterface.

View File

@ -474,8 +474,8 @@ int RsServer::StartupRetroShare(RsInit *config)
p3ConfigMgr *mConfigMgr = new p3ConfigMgr(config->basedir, "rs-v0.4.cfg", "rs-v0.4.sgn");
SecurityPolicy *none = secpolicy_create();
//pqih = new pqisslpersongrp(none, flags);
pqih = new pqipersongrpDummy(none, flags);
pqih = new pqisslpersongrp(none, flags);
//pqih = new pqipersongrpDummy(none, flags);
// Setup Peer Interface.
rsPeers = new p3Peers(mConnMgr, mAuthMgr);
@ -546,6 +546,8 @@ int RsServer::StartupRetroShare(RsInit *config)
/* startup (stuff dependent on Ids/peers is after this point) */
/**************************************************************************/
pqih->init_listener();