Merge pull request #591 from G10h4ck/split_autologin

Made autologin optional at compile time
2025-05-02 22:25:04 -04:00 · 2016-12-14 16:45:45 +01:00 · 2016-12-14 16:45:45 +01:00 · 81dffbed84
commit 81dffbed84
parent 96b6cd3d34 f618abefdf
10 changed files with 204 additions and 146 deletions
--- a/libretroshare/src/rsserver/p3face-config.cc
+++ b/libretroshare/src/rsserver/p3face-config.cc
@ -60,14 +60,16 @@ const int p3facemsgzone = 11453;
 /* RsIface Config */
 /* Config */

-void    RsServer::ConfigFinalSave()
+void RsServer::ConfigFinalSave()
 {
-	/* force saving of transfers TODO */
+	//TODO: force saving of transfers
 	//ftserver->saveFileTransferStatus();
-	if(!RsInit::getAutoLogin())
-		RsInit::RsClearAutoLogin();

-        //AuthSSL::getAuthSSL()->FinalSaveCertificates();
+#ifdef RS_AUTOLOGIN
+	if(!RsInit::getAutoLogin()) RsInit::RsClearAutoLogin();
+#endif // RS_AUTOLOGIN
+
+	//AuthSSL::getAuthSSL()->FinalSaveCertificates();
 	mConfigMgr->completeConfiguration();
 }

--- a/libretroshare/src/rsserver/rsinit.cc
+++ b/libretroshare/src/rsserver/rsinit.cc
@ -717,14 +717,17 @@ int RsInit::LoadCertificates(bool autoLoginNT)
 		return 0 ;
 	}

+#ifdef RS_AUTOLOGIN
 	if(autoLoginNT)
 	{
-		std::cerr << "RetroShare will AutoLogin next time";
-		std::cerr << std::endl;
+		std::cerr << "RetroShare will AutoLogin next time" << std::endl;

 		RsLoginHandler::enableAutoLogin(preferredId,rsInitConfig->passwd);
 		rsInitConfig->autoLogin = true ;
 	}
+#else
+	(void) autoLoginNT;
+#endif // RS_AUTOLOGIN

 	/* wipe out password */

@ -733,10 +736,11 @@ int RsInit::LoadCertificates(bool autoLoginNT)
 	rsInitConfig->gxs_passwd = rsInitConfig->passwd;
 	rsInitConfig->passwd = "";
 	
-	rsAccounts->storePreferredAccount();      
+	rsAccounts->storePreferredAccount();
 	return 1;
 }

+#ifdef RS_AUTOLOGIN
 bool RsInit::RsClearAutoLogin()
 {
 	RsPeerId preferredId;
@ -747,6 +751,7 @@ bool RsInit::RsClearAutoLogin()
 	}
 	return	RsLoginHandler::clearAutoLogin(preferredId);
 }
+#endif // RS_AUTOLOGIN


 bool RsInit::isPortable()
--- a/libretroshare/src/rsserver/rsloginhandler.cc
+++ b/libretroshare/src/rsserver/rsloginhandler.cc
@ -4,19 +4,103 @@
 #include "rsloginhandler.h"
 #include "util/rsdir.h"
 #include "rsaccounts.h"
+
+bool RsLoginHandler::getSSLPassword( const RsPeerId& ssl_id,
+                                     bool enable_gpg_ask_passwd,
+                                     std::string& ssl_passwd )
+{
+
+#ifdef RS_AUTOLOGIN
+	// First, see if autologin is available
+	if(tryAutoLogin(ssl_id,ssl_passwd)) return true;
+#endif // RS_AUTOLOGIN
+
+	// If we're not expecting to enter a passwd (e.g. test for autologin before
+	// display of the login window), safely respond false.
+	if(!enable_gpg_ask_passwd) return false;
+
+	return getSSLPasswdFromGPGFile(ssl_id,ssl_passwd);
+}
+
+bool RsLoginHandler::checkAndStoreSSLPasswdIntoGPGFile(
+        const RsPeerId& ssl_id, const std::string& ssl_passwd )
+{
+	// We want to pursue login with gpg passwd. Let's do it:
+	FILE *sslPassphraseFile = RsDirUtil::rs_fopen(
+	            getSSLPasswdFileName(ssl_id).c_str(), "r");
+
+	if(sslPassphraseFile != NULL)	// already have it.
+	{
+		fclose(sslPassphraseFile);
+		return true ;
+	}
+
+	bool ok = AuthGPG::getAuthGPG()->encryptTextToFile(
+	            ssl_passwd, getSSLPasswdFileName(ssl_id));
+
+	if (!ok) std::cerr << "Encrypting went wrong !" << std::endl;
+
+	return ok;
+}
+
+bool RsLoginHandler::getSSLPasswdFromGPGFile(const RsPeerId& ssl_id,std::string& sslPassword)
+{
+	/* Let's read the password from an encrypted file, before check if there's
+	 * an ssl_passpharese_file that we can decrypt with PGP */
+	FILE *sslPassphraseFile = RsDirUtil::rs_fopen(
+	            getSSLPasswdFileName(ssl_id).c_str(), "r");
+
+	if (sslPassphraseFile == NULL)
+	{
+		std::cerr << "No password provided, and no sslPassphraseFile : "
+		          << getSSLPasswdFileName(ssl_id).c_str() << std::endl;
+		return 0;
+	}
+
+	fclose(sslPassphraseFile);
+
+	std::cerr << "opening sslPassphraseFile : "
+	          << getSSLPasswdFileName(ssl_id).c_str() << std::endl;
+
+	std::string plain;
+	if ( AuthGPG::getAuthGPG()->decryptTextFromFile(
+	         plain, getSSLPasswdFileName(ssl_id)) )
+	{
+		std::cerr << "Decrypting went ok !" << std::endl;
+		sslPassword = plain;
+
+		return sslPassword.length() > 0 ;
+	}
+	else
+	{
+		sslPassword = "";
+		std::cerr << "Error : decrypting went wrong !" << std::endl;
+
+		return false;
+	}
+}
+
+
+std::string RsLoginHandler::getSSLPasswdFileName(const RsPeerId& /*ssl_id*/)
+{
+	return rsAccounts->PathAccountKeysDirectory() + "/" + "ssl_passphrase.pgp";
+}
+
+#ifdef RS_AUTOLOGIN
+
 #if defined(HAS_GNOME_KEYRING) || defined(__FreeBSD__) || defined(__OpenBSD__)
-#include <gnome-keyring-1/gnome-keyring.h>
+#	include <gnome-keyring-1/gnome-keyring.h>

 GnomeKeyringPasswordSchema my_schema = {
-        GNOME_KEYRING_ITEM_ENCRYPTION_KEY_PASSWORD,
-        {
-                { "RetroShare SSL Id", GNOME_KEYRING_ATTRIBUTE_TYPE_STRING },
-                { NULL, (GnomeKeyringAttributeType)0 }
-        },
-        NULL,
-        NULL,
-        NULL
-  };
+    GNOME_KEYRING_ITEM_ENCRYPTION_KEY_PASSWORD,
+    {
+        { "RetroShare SSL Id", GNOME_KEYRING_ATTRIBUTE_TYPE_STRING },
+        { NULL, (GnomeKeyringAttributeType)0 }
+    },
+    NULL,
+    NULL,
+    NULL
+};
 #endif


@ -99,22 +183,6 @@ extern BOOL WINAPI CryptUnprotectData(
 #endif


-bool RsLoginHandler::getSSLPassword(const RsPeerId& ssl_id,bool enable_gpg_ask_passwd,std::string& ssl_passwd)
-{
-	// First, see if autologin is available
-	//
-	if(tryAutoLogin(ssl_id,ssl_passwd))
-		return true ;
-
-	// If we're not expecting to enter a passwd (e.g. test for autologin before
-	// display of the login window), safely respond false.
-	//
-	if(!enable_gpg_ask_passwd)
-		return false ;
-
-	return getSSLPasswdFromGPGFile(ssl_id,ssl_passwd) ;
-}
-
 bool RsLoginHandler::tryAutoLogin(const RsPeerId& ssl_id,std::string& ssl_passwd)
 {
 	std::cerr << "RsTryAutoLogin()" << std::endl;
@ -587,79 +655,9 @@ bool RsLoginHandler::clearAutoLogin(const RsPeerId& ssl_id)
 #endif
 }

-bool RsLoginHandler::checkAndStoreSSLPasswdIntoGPGFile(const RsPeerId& ssl_id,const std::string& ssl_passwd)
-{
-	// We want to pursue login with gpg passwd. Let's do it:
-	//
-	std::cerr << "let's store the ssl Password into a pgp ecrypted file" << std::endl;
-
-	FILE *sslPassphraseFile = RsDirUtil::rs_fopen(getSSLPasswdFileName(ssl_id).c_str(), "r");
-
-	if(sslPassphraseFile != NULL)	// already have it.
-	{
-		fclose(sslPassphraseFile) ;
-		return true ;
-	}
-
-	bool ok ;
-	std::string cipher ;
-
-	if(AuthGPG::getAuthGPG()->encryptTextToFile(ssl_passwd, getSSLPasswdFileName(ssl_id))) 
-	{
-		std::cerr << "Encrypting went ok !" << std::endl;
-		ok= true ;
-	}
-	else 
-	{
-		std::cerr << "Encrypting went wrong !" << std::endl;
-		ok= false ;
-	}
-	
-	return ok ;
-}
-
-bool RsLoginHandler::getSSLPasswdFromGPGFile(const RsPeerId& ssl_id,std::string& sslPassword)
-{
-	// Let's read the password from an encrypted file
-	// Let's check if there's a ssl_passpharese_file that we can decrypt with PGP
-	//
-	FILE *sslPassphraseFile = RsDirUtil::rs_fopen(getSSLPasswdFileName(ssl_id).c_str(), "r");
-
-	if (sslPassphraseFile == NULL)
-	{
-		std::cerr << "No password provided, and no sslPassphraseFile : " << getSSLPasswdFileName(ssl_id).c_str() << std::endl;
-		return 0;
-	} 
-	fclose(sslPassphraseFile);
-
-	std::cerr << "opening sslPassphraseFile : " << getSSLPasswdFileName(ssl_id).c_str() << std::endl;
-	std::string plain ;
-
-	if (AuthGPG::getAuthGPG()->decryptTextFromFile(plain,getSSLPasswdFileName(ssl_id))) 
-	{
-		std::cerr << "Decrypting went ok !" << std::endl;
-		sslPassword = plain ;
-		std::cerr << "sslpassword: " << "******************** (length = " << sslPassword.length() << ")" << std::endl;
-
-		return sslPassword.length() > 0 ;
-	} 
-	else 
-	{
-		sslPassword = "" ;
-		std::cerr << "Error : decrypting went wrong !" << std::endl;
-
-		return false;
-	}
-}
-
-
-std::string RsLoginHandler::getSSLPasswdFileName(const RsPeerId& /*ssl_id*/)
-{
-	return rsAccounts->PathAccountKeysDirectory() + "/" + "ssl_passphrase.pgp";
-}
-
 std::string RsLoginHandler::getAutologinFileName(const RsPeerId& /*ssl_id*/)
 {
 	return rsAccounts->PathAccountKeysDirectory() + "/" + "help.dta" ;
 }

+#endif // RS_AUTOLOGIN
--- a/libretroshare/src/rsserver/rsloginhandler.h
+++ b/libretroshare/src/rsserver/rsloginhandler.h
@ -2,46 +2,60 @@

 #include <string>

-// This class handles login, meaning that it retrieves the SSL password from either
-// the keyring or help.dta file, if autologin is enabled, or from the ssl_passphrase.pgp
-// file, asking for the GPG password to decrypt it.
-//
-// This class should handle the following scenario:
-//
-// Normal login:
-// 	- SSL key is stored  ->  do autologin
-// 	- SSL key is not stored
-// 			- if we're actually in the login process, ask for the gpg passwd, and decrypt the key file
-// 			- if we're just trying for autologin, don't ask for the gpg passwd and return null
-//
-// Key creation:
-// 	- the key should be stored in the gpg file.
-//
+/**
+ * This class handles login, meaning that it retrieves the SSL password from
+ * either the keyring or help.dta file, if autologin is enabled, or from the
+ * ssl_passphrase.pgp file, asking for the GPG password to decrypt it.
+ *
+ * This class should handle the following scenario:
+ *
+ * Normal login:
+ *  - SSL key is stored  ->  do autologin
+ *  - SSL key is not stored
+ *     - if we're actually in the login process, ask for the gpg passwd, and
+ *       decrypt the key file
+ *     - if we're just trying for autologin, don't ask for the gpg passwd and
+ *       return null
+ *
+ * Key creation:
+ *  - the key should be stored in the gpg file.
+ */
 class RsLoginHandler
 {
-	public:
-		// Gets the SSL passwd by any means: try autologin, and look into gpg file if enable_gpg_key_callback==true
-		//
-		static bool getSSLPassword(const RsPeerId& ssl_id,bool enable_gpg_key_callback,std::string& ssl_password) ;
+public:
+	/**
+	 * Gets the SSL passwd by any means: try autologin, and look into gpg file
+	 * if enable_gpg_key_callback==true
+	 */
+	static bool getSSLPassword( const RsPeerId& ssl_id,
+	                            bool enable_gpg_key_callback,
+	                            std::string& ssl_password);

-		// Checks whether the ssl passwd is already in the gpg file. If the file's not here, the passwd is stored there, 
-		// encrypted with the current GPG key.
-		//
-		static bool checkAndStoreSSLPasswdIntoGPGFile(const RsPeerId& ssl_id,const std::string& ssl_passwd) ;
+	/**
+	 * Checks whether the ssl passwd is already in the gpg file. If the file's
+	 * not here, the passwd is stored there, encrypted with the current GPG key.
+	 */
+	static bool checkAndStoreSSLPasswdIntoGPGFile(
+	        const RsPeerId& ssl_id, const std::string& ssl_passwd );

-		// Stores the given ssl_id/passwd pair into the keyring, or by default into a file in /[ssl_id]/keys/help.dta
-		//
-		static bool enableAutoLogin(const RsPeerId& ssl_id,const std::string& passwd) ;
+#ifdef RS_AUTOLOGIN
+	/**
+	 * Stores the given ssl_id/passwd pair into the keyring, or by default into
+	 * a file in /[ssl_id]/keys/help.dta
+	 */
+	static bool enableAutoLogin(const RsPeerId& ssl_id,const std::string& passwd) ;

-		// Clears autologin entry. 
-		//
-		static bool clearAutoLogin(const RsPeerId& ssl_id) ;
+	/// Clears autologin entry.
+	static bool clearAutoLogin(const RsPeerId& ssl_id) ;
+#endif // RS_AUTOLOGIN

-	private:
-		static bool tryAutoLogin(const RsPeerId& ssl_id,std::string& ssl_passwd) ;
-		static bool getSSLPasswdFromGPGFile(const RsPeerId& ssl_id,std::string& sslPassword) ;
+private:
+	static bool getSSLPasswdFromGPGFile(const RsPeerId& ssl_id,std::string& sslPassword);
+	static std::string getSSLPasswdFileName(const RsPeerId& ssl_id);

-		static std::string getSSLPasswdFileName(const RsPeerId& ssl_id) ;
-		static std::string getAutologinFileName(const RsPeerId& ssl_id) ;
+#ifdef RS_AUTOLOGIN
+	static bool tryAutoLogin(const RsPeerId& ssl_id,std::string& ssl_passwd);
+	static std::string getAutologinFileName(const RsPeerId& ssl_id);
+#endif // RS_AUTOLOGIN
 };