Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-06-24 14:20:44 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

remove the ssl cert storage. Big rewrite of ssl cert and friend management

Browse source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@2017 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
joss17 2010-01-13 21:22:52 +00:00
parent bb9fb11257
commit 9976b80566
39 changed files with 2056 additions and 1957 deletions
Download patch file Download diff file Expand all files Collapse all files

59
libretroshare/src/pqi/pqissl.cc
View file

@ -109,16 +109,6 @@ pqissl::pqissl(pqissllistener *l, PQInterface *parent, p3ConnectMgr *cm)
rslog(RSL_ALERT, pqisslzone, out.str());
}
if (!(AuthSSL::getAuthSSL()->isAuthenticated(PeerId())))
{
rslog(RSL_ALERT, pqisslzone,
"pqissl::Warning Certificate Not Approved!");
rslog(RSL_ALERT, pqisslzone,
"\t pqissl will not initialise....");
}
return;
}
@ -1081,14 +1071,14 @@ int pqissl::Extract_Failed_SSL_Certificate()
}
rslog(RSL_DEBUG_BASIC, pqisslzone,
"pqissl::Extract_Failed_SSL_Certificate() Have Peer Cert - Registering");
"pqissl::Extract_Failed_SSL_Certificate() Have Peer Cert - (Not) Registering (anymore)");
// save certificate... (and ip locations)
// false for outgoing....
// we actually connected to remote_addr,
// which could be
// (pqissl's case) sslcert->serveraddr or sslcert->localaddr.
AuthSSL::getAuthSSL()->FailedCertificate(peercert, false);
//AuthSSL::getAuthSSL()->FailedCertificate(peercert, false);
return 1;
}
@ -1138,33 +1128,36 @@ int pqissl::Authorise_SSL_Connection()
rslog(RSL_DEBUG_BASIC, pqisslzone,
"pqissl::Authorise_SSL_Connection() Have Peer Cert");
accept(ssl_connection, sockfd, remote_addr);
return 1;
// save certificate... (and ip locations)
// false for outgoing....
// we actually connected to remote_addr,
// which could be
// (pqissl's case) sslcert->serveraddr or sslcert->localaddr.
bool certCorrect = false;
certCorrect = AuthSSL::getAuthSSL()->CheckCertificate(PeerId(), peercert);
// check it's the right one.
if (certCorrect)
{
// then okay...
std::ostringstream out;
out << "pqissl::Authorise_SSL_Connection() Accepting Conn. Peer: " << PeerId();
rslog(RSL_WARNING, pqisslzone, out.str());
accept(ssl_connection, sockfd, remote_addr);
return 1;
}
{
std::ostringstream out;
out << "pqissl::Authorise_SSL_Connection() Something Wrong ... ";
out << " Shutdown. Peer: " << PeerId();
rslog(RSL_WARNING, pqisslzone, out.str());
}
// bool certCorrect = false;
// certCorrect = AuthSSL::getAuthSSL()->CheckCertificate(PeerId(), peercert);
//
// // check it's the right one.
// if (certCorrect)
// {
// // then okay...
// std::ostringstream out;
// out << "pqissl::Authorise_SSL_Connection() Accepting Conn. Peer: " << PeerId();
// rslog(RSL_WARNING, pqisslzone, out.str());
//
// accept(ssl_connection, sockfd, remote_addr);
// return 1;
// }
//
// {
// std::ostringstream out;
// out << "pqissl::Authorise_SSL_Connection() Something Wrong ... ";
// out << " Shutdown. Peer: " << PeerId();
// rslog(RSL_WARNING, pqisslzone, out.str());
// }
// else shutdown ssl connection.