don't store name, location name and date in new SSL certs. Location name is now stored in an extra file. Backwards compatible to old locations and old peers.

git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@8072 b45a01b8-16f6-495d-af2f-9b41ad6348cc
2025-05-17 21:40:36 -04:00 · 2015-03-25 08:19:45 +00:00 · 2015-03-25 08:19:45 +00:00 · 7e03f3944b
commit 7e03f3944b
parent 4fa3d00f26
8 changed files with 75 additions and 13 deletions
--- a/libretroshare/src/rsserver/rsaccounts.cc
+++ b/libretroshare/src/rsserver/rsaccounts.cc
@ -187,6 +187,7 @@ const std::string kPathConfigDirectory = "config";
 const std::string kFilenamePreferredAccount = "default_cert.txt";
 const std::string kFilenameKey = "user_pk.pem";
 const std::string kFilenameCert = "user_cert.pem";
+const std::string kFilenameLocation = "location_name.txt";


 /*********************************************************************
@ -250,12 +251,22 @@ std::string RsAccountsDetail::PathCertFile()
 	std::string path = PathAccountKeysDirectory();
 	if (path.empty())
 	{
-		return path;	
+        return path;
 	}
 	path += "/" + kFilenameCert;
 	return path;
 }

+std::string RsAccountsDetail::LocationName()
+{
+    std::map<RsPeerId, AccountDetails>::const_iterator it;
+    it = mAccounts.find(mPreferredId);
+    if (it == mAccounts.end())
+    {
+        return "";
+    }
+    return it->second.mLocation;
+}


 /*********************************************************************
@ -621,9 +632,10 @@ static bool checkAccount(std::string accountdir, AccountDetails &account,std::ma
 	/* check if the cert/key file exists */

 	// Create the filename.
+    // TODO: use kFilenameKey
 	std::string basename = accountdir + "/";
 	basename += kPathKeyDirectory + "/";
-	basename += "user";
+    basename += "user";

 	std::string cert_name = basename + "_cert.pem";
 	std::string userName;
@ -636,6 +648,10 @@ static bool checkAccount(std::string accountdir, AccountDetails &account,std::ma
 	/* check against authmanagers private keys */
 	if (LoadCheckX509(cert_name.c_str(), account.mPgpId, account.mLocation, account.mSslId))
 	{
+        // new locations store the name in an extra file
+        if(account.mLocation == "")
+            RsDirUtil::loadStringFromFile(accountdir + "/" + kPathKeyDirectory + "/" + kFilenameLocation,
+                                          account.mLocation);
 #ifdef AUTHSSL_DEBUG
 		std::cerr << "location: " << account.mLocation << " id: " << account.mSslId << std::endl;
 		std::cerr << "issuerName: " << account.mPgpId << " id: " << account.mSslId << std::endl;
@ -968,10 +984,10 @@ bool     RsAccountsDetail::GenerateSSLCertificate(const RsPgpId& pgp_id, const s
 	X509_REQ *req = GenerateX509Req(
 			key_name.c_str(),
 			passwd.c_str(),
-			pgp_name.c_str(),
+            "-", //pgp_name.c_str(), // does not allow empty name, set to constant instead
 			"", //ui -> gen_email -> value(),
 			org.c_str(),
-			loc.c_str(),
+            "", //loc.c_str(),
 			"", //ui -> gen_state -> value(),
 			country.c_str(),
 			nbits, errString);
@ -1037,6 +1053,10 @@ bool     RsAccountsDetail::GenerateSSLCertificate(const RsPgpId& pgp_id, const s
 	
 		fclose(out);
 		X509_free(x509);
+
+        // store location name in a file
+        if(!RsDirUtil::saveStringToFile(keypath + kFilenameLocation, loc))
+            std::cerr << "RsInit::GenerateSSLCertificate() failed to save location name to into file." << std::endl;
 	}

 	if (!gen_ok)
--- a/libretroshare/src/rsserver/rsaccounts.h
+++ b/libretroshare/src/rsserver/rsaccounts.h
@ -84,6 +84,7 @@ class RsAccountsDetail
 		std::string 	PathAccountKeysDirectory();
 		std::string 	PathKeyFile();
 		std::string 	PathCertFile();
+        std::string     LocationName();

 		// PGP Accounts.

--- a/libretroshare/src/rsserver/rsinit.cc
+++ b/libretroshare/src/rsserver/rsinit.cc
@ -503,7 +503,7 @@ int RsInit::InitRetroShare(int argcIgnored, char **argvIgnored, bool strictCheck
 	 */
 	/* create singletons */
 	AuthSSL::AuthSSLInit();
-	AuthSSL::getAuthSSL() -> InitAuth(NULL, NULL, NULL);
+    AuthSSL::getAuthSSL() -> InitAuth(NULL, NULL, NULL, "");

 	rsAccounts = new RsAccountsDetail() ;

@ -708,7 +708,7 @@ int RsInit::LoadCertificates(bool autoLoginNT)

 	std::cerr << "rsAccounts->PathKeyFile() : " << rsAccounts->PathKeyFile() << std::endl;

-	if(0 == AuthSSL::getAuthSSL() -> InitAuth(rsAccounts->PathCertFile().c_str(), rsAccounts->PathKeyFile().c_str(), rsInitConfig->passwd.c_str()))
+    if(0 == AuthSSL::getAuthSSL() -> InitAuth(rsAccounts->PathCertFile().c_str(), rsAccounts->PathKeyFile().c_str(), rsInitConfig->passwd.c_str(), rsAccounts->LocationName()))
 	{
 		std::cerr << "SSL Auth Failed!";
 		return 0 ;
@ -955,7 +955,7 @@ int RsServer::StartupRetroShare()
 	/* (1) Load up own certificate (DONE ALREADY) - just CHECK */
 	/**************************************************************************/

-	if (1 != AuthSSL::getAuthSSL() -> InitAuth(NULL, NULL, NULL))
+    if (1 != AuthSSL::getAuthSSL() -> InitAuth(NULL, NULL, NULL, ""))
 	{
 		std::cerr << "main() - Fatal Error....." << std::endl;
 		std::cerr << "Invalid Certificate configuration!" << std::endl;