Put in place auth policy, storage time and testing

Better memory handling for message dispatching
Better typing for some methods
This commit is contained in:
Gioacchino Mazzurco 2017-02-09 16:11:53 +01:00
parent 4daca00359
commit 9cde0fd996
5 changed files with 121 additions and 78 deletions

View File

@ -1499,6 +1499,8 @@ int RsServer::StartupRetroShare()
mGxsMails->setNetworkExchangeService(gxsmails_ns);
pqih->addService(gxsmails_ns, true);
mConfigMgr->addConfiguration("gxs_mail.cfg", gxsmails_ns);
new TestGxsMailClientService(*mGxsMails);
# endif // RS_GXS_MAIL
// remove pword from memory

View File

@ -71,7 +71,8 @@ bool setRawUInt8(void *data, uint32_t size, uint32_t *offset, uint8_t in)
}
/* UInt16 get/set */
bool getRawUInt16(void *data, uint32_t size, uint32_t *offset, uint16_t *out)
bool getRawUInt16( const void *data, uint32_t size, uint32_t *offset,
uint16_t *out )
{
/* first check there is space */
if (size < *offset + 2)

View File

@ -51,7 +51,8 @@
bool getRawUInt8(void *data, uint32_t size, uint32_t *offset, uint8_t *out);
bool setRawUInt8(void *data, uint32_t size, uint32_t *offset, uint8_t in);
bool getRawUInt16(void *data, uint32_t size, uint32_t *offset, uint16_t *out);
bool getRawUInt16( const void* data, uint32_t size, uint32_t *offset,
uint16_t *out );
bool setRawUInt16(void *data, uint32_t size, uint32_t *offset, uint16_t in);
bool getRawUInt32(void *data, uint32_t size, uint32_t *offset, uint32_t *out);

View File

@ -229,14 +229,14 @@ void p3GxsMails::handleResponse(uint32_t token, uint32_t req_type)
vT& mv(gIt->second);
for( vT::const_iterator mIt = mv.begin(); mIt != mv.end(); ++mIt )
{
RsGxsMsgItem* it = *mIt;
RsGxsMsgItem* gItem = *mIt;
std::cout << "p3GxsMails::handleResponse(...) MAILS_UPDATE "
<< (uint32_t)it->PacketSubType() << std::endl;
switch(it->PacketSubType())
<< (uint32_t)gItem->PacketSubType() << std::endl;
switch(gItem->PacketSubType())
{
case GXS_MAIL_SUBTYPE_MAIL:
{
RsGxsMailItem* msg = dynamic_cast<RsGxsMailItem*>(it);
RsGxsMailItem* msg = dynamic_cast<RsGxsMailItem*>(gItem);
if(!msg)
{
std::cerr << "p3GxsMails::handleResponse(...) "
@ -252,9 +252,10 @@ void p3GxsMails::handleResponse(uint32_t token, uint32_t req_type)
default:
std::cerr << "p3GxsMails::handleResponse(...) MAILS_UPDATE "
<< "Unknown mail subtype : "
<< it->PacketSubType() << std::endl;
<< gItem->PacketSubType() << std::endl;
break;
}
delete gItem;
}
}
break;
@ -280,14 +281,14 @@ void p3GxsMails::service_tick()
if(idService.isOwnId(gxsidA))
{
std::string ciao("CiAone!");
sendMail( GxsMailsClient::MSG_SERVICE, gxsidA, gxsidB,
sendMail( GxsMailsClient::TEST_SERVICE, gxsidA, gxsidB,
reinterpret_cast<const uint8_t*>(ciao.data()),
ciao.size(), RsGxsMailBaseItem::RSA );
}
else if(idService.isOwnId(gxsidB))
{
std::string ciao("CiBuono!");
sendMail( GxsMailsClient::MSG_SERVICE, gxsidB, gxsidA,
sendMail( GxsMailsClient::TEST_SERVICE, gxsidB, gxsidA,
reinterpret_cast<const uint8_t*>(ciao.data()),
ciao.size(), RsGxsMailBaseItem::RSA );
}
@ -343,6 +344,35 @@ void p3GxsMails::notifyChanges(std::vector<RsGxsNotify*>& changes)
}
}
uint32_t p3GxsMails::AuthenPolicy()
{
uint32_t policy = 0;
uint32_t flag = 0;
// This ensure propagated message have valid author signature
flag = GXS_SERV::MSG_AUTHEN_ROOT_AUTHOR_SIGN |
GXS_SERV::MSG_AUTHEN_CHILD_AUTHOR_SIGN;
RsGenExchange::setAuthenPolicyFlag( flag, policy,
RsGenExchange::PUBLIC_GRP_BITS );
/* This ensure that in for restricted and private groups only authorized
* authors get the messages. Really not used ATM but don't hurts. */
flag |= GXS_SERV::MSG_AUTHEN_ROOT_PUBLISH_SIGN |
GXS_SERV::MSG_AUTHEN_CHILD_PUBLISH_SIGN;
RsGenExchange::setAuthenPolicyFlag( flag, policy,
RsGenExchange::RESTRICTED_GRP_BITS );
RsGenExchange::setAuthenPolicyFlag( flag, policy,
RsGenExchange::PRIVATE_GRP_BITS );
/* This seems never used RetroShare wide but we should investigate it
* more before considering this conclusive */
flag = 0;
RsGenExchange::setAuthenPolicyFlag( flag, policy,
RsGenExchange::GRP_OPTION_BITS );
return policy;
}
bool p3GxsMails::requestGroupsData(const std::list<RsGxsGroupId>* groupIds)
{
// std::cout << "p3GxsMails::requestGroupsList()" << std::endl;
@ -354,7 +384,7 @@ bool p3GxsMails::requestGroupsData(const std::list<RsGxsGroupId>* groupIds)
return true;
}
bool p3GxsMails::handleEcryptedMail(RsGxsMailItem* mail)
bool p3GxsMails::handleEcryptedMail(const RsGxsMailItem* mail)
{
std::set<RsGxsId> decryptIds;
std::list<RsGxsId> ownIds;
@ -363,66 +393,50 @@ bool p3GxsMails::handleEcryptedMail(RsGxsMailItem* mail)
if(mail->maybeRecipient(*it)) decryptIds.insert(*it);
// Hint match none of our own ids
if(decryptIds.empty()) goto hFail;
for(auto it=decryptIds.begin(); it != decryptIds.end(); ++it)
std::cout << *it;
std::cout << std::endl;
if(decryptIds.empty()) return true;
switch (mail->cryptoType)
{
case RsGxsMailBaseItem::CLEAR_TEXT:
{
uint16_t csri;
uint16_t csri = 0;
uint32_t off = 0;
getRawUInt16(&mail->payload[0], 2, &off, &csri);
getRawUInt16(&mail->payload[0], mail->payload.size(), &off, &csri);
std::cerr << "service: " << csri << " got CLEAR_TEXT mail!"
<< std::endl;
if( !dispatchDecryptedMail( mail, &mail->payload[2],
mail->payload.size()-2 ) )
goto hFail;
break;
return dispatchDecryptedMail( mail, &mail->payload[0],
mail->payload.size() );
}
case RsGxsMailBaseItem::RSA:
{
uint8_t* decrypted_data = NULL;
uint32_t decrypted_data_size = 0;
uint32_t decryption_error;
bool ok = idService.decryptData( &mail->payload[0],
bool ok = true;
if( idService.decryptData( &mail->payload[0],
mail->payload.size(), decrypted_data,
decrypted_data_size, decryptIds,
decryption_error );
ok = ok && dispatchDecryptedMail( mail, decrypted_data,
decryption_error ) )
ok = dispatchDecryptedMail( mail, decrypted_data,
decrypted_data_size );
if(!ok)
{
std::cout << "p3GxsMails::handleEcryptedMail(...) "
<< "RSA decryption failed" << std::endl;
free(decrypted_data);
goto hFail;
}
break;
return ok;
}
default:
std::cout << "Unknown encryption type:"
<< mail->cryptoType << std::endl;
goto hFail;
}
return true;
hFail:
delete mail;
return false;
}
}
bool p3GxsMails::dispatchDecryptedMail( RsGxsMailItem* received_msg,
uint8_t* decrypted_data,
bool p3GxsMails::dispatchDecryptedMail( const RsGxsMailItem* received_msg,
const uint8_t* decrypted_data,
uint32_t decrypted_data_size )
{
uint16_t csri;
uint32_t off;
getRawUInt16(decrypted_data, decrypted_data_size, &off, &csri);
std::cout << "p3GxsMails::dispatchDecryptedMail(, , " << decrypted_data_size << ")" << std::endl;
uint16_t csri = 0;
uint32_t off = 0;
getRawUInt16( decrypted_data, decrypted_data_size, &off, &csri);
GxsMailsClient::GxsMailSubServices rsrvc;
rsrvc = static_cast<GxsMailsClient::GxsMailSubServices>(csri);
@ -431,6 +445,7 @@ bool p3GxsMails::dispatchDecryptedMail( RsGxsMailItem* received_msg,
RS_STACK_MUTEX(servClientsMutex);
reecipientService = servClients[rsrvc];
}
if(reecipientService)
return reecipientService->receiveGxsMail( received_msg,
&decrypted_data[2],

View File

@ -29,39 +29,27 @@ struct p3GxsMails;
struct GxsMailsClient
{
/// Subservices identifiers (like port for TCP)
enum GxsMailSubServices { MSG_SERVICE };
/**
* This is usually used to save a pointer to the p3GxsMails service (e.g. by
* coping it in a member variable), so as to be able to send mails, and to
* register as a mail receiver via
* p3GxsMails::registerGxsMailsClient(GxsMailSubServices, GxsMailsClient)
*/
//virtual void connectToGxsMails(p3GxsMails *pt) = 0 ;
enum GxsMailSubServices { TEST_SERVICE = 1 };
/**
* This will be called by p3GxsMails to dispatch mails to the subservice
* @param originalMessage message as received from GXS backend (encrypted)
* GxsMailsClient take ownership of it ( aka should take free/delete it
* when not needed anymore )
* @param data buffer containing the decrypted data
* GxsMailsClient take ownership of it ( aka should take free/delete it
* when not needed anymore )
* @param dataSize size of the buffer
* @return true if dispatching goes fine, false otherwise
*/
virtual bool receiveGxsMail( RsGxsMailItem* originalMessage,
uint8_t* data, uint32_t dataSize ) = 0;
virtual bool receiveGxsMail( const RsGxsMailItem* originalMessage,
const uint8_t* data, uint32_t dataSize ) = 0;
};
struct p3GxsMails : RsGenExchange, GxsTokenQueue
{
p3GxsMails( RsGeneralDataService* gds, RsNetworkExchangeService* nes,
p3IdService& identities ) :
RsGenExchange( gds, nes, new RsGxsMailSerializer(),
RS_SERVICE_TYPE_GXS_MAIL, &identities,
AuthenPolicy(),
RS_GXS_DEFAULT_MSG_STORE_PERIOD ), // TODO: Discuss with Cyril about this
AuthenPolicy(), GXS_STORAGE_PERIOD ),
GxsTokenQueue(this), idService(identities),
servClientsMutex("p3GxsMails client services map mutex") {}
@ -101,9 +89,8 @@ struct p3GxsMails : RsGenExchange, GxsTokenQueue
void registerGxsMailsClient( GxsMailsClient::GxsMailSubServices serviceType,
GxsMailsClient* service );
/**
* @see GxsTokenQueue::handleResponse(uint32_t token, uint32_t req_type)
*/
/// @see GxsTokenQueue::handleResponse(uint32_t token, uint32_t req_type)
virtual void handleResponse(uint32_t token, uint32_t req_type);
/// @see RsGenExchange::service_tick()
@ -120,11 +107,27 @@ protected:
void notifyChanges(std::vector<RsGxsNotify *> &changes);
private:
/// Time interval of inactivity before a distribution group is unsubscribed
const static int32_t UNUSED_GROUP_UNSUBSCRIBE_INTERVAL = 0x76A700; // 3 months approx
/** Time interval of inactivity before a distribution group is unsubscribed.
* Approximatively 3 months seems ok ATM. */
const static int32_t UNUSED_GROUP_UNSUBSCRIBE_INTERVAL = 0x76A700;
/// @brief AuthenPolicy check nothing ATM TODO talk with Cyril how this should be
static uint32_t AuthenPolicy() { return 0; }
/**
* This should be as little as possible as the size of the database can grow
* very fast taking in account we are handling mails for the whole network.
* We do prefer to resend a not acknowledged yet mail after
* GXS_STORAGE_PERIOD has passed and keep it little.
* Tought it can't be too little as this may cause signed acknowledged to
* get lost thus causing resend and fastly grow perceived async latency, in
* case two sporadically connected users sends mails each other.
* TODO: While it is ok for signed acknowledged to stays in the DB for a
* full GXS_STORAGE_PERIOD, mails should be removed as soon as a valid
* signed acknowledged is received for each of them.
* Two weeks seems fair ATM.
*/
const static uint32_t GXS_STORAGE_PERIOD = 0x127500;
/// Define how the backend should handle authentication based on signatures
static uint32_t AuthenPolicy();
/// Types to mark queries in tokens queue
enum GxsReqResTypes
@ -158,7 +161,6 @@ private:
*/
bool inline supersedePreferredGroup(const RsGxsGroupId& potentialGrId)
{
//std::cout << "supersedePreferredGroup(const RsGxsGroupId& potentialGrId) " << preferredGroupId << " <? " << potentialGrId << std::endl;
if(preferredGroupId < potentialGrId)
{
std::cerr << "supersedePreferredGroup(...) " << potentialGrId
@ -169,17 +171,39 @@ private:
return false;
}
/// @return true if has passed more then interval seconds time since timeStamp
bool static inline olderThen(time_t timeStamp, int32_t interval)
{ return (timeStamp + interval) < time(NULL); }
/** @return true if has passed more then interval seconds between timeStamp
* and ref. @param ref by default now is taked as reference. */
bool static inline olderThen(time_t timeStamp, int32_t interval,
time_t ref = time(NULL))
{ return (timeStamp + interval) < ref; }
/// Decrypt email content and pass it to dispatchDecryptedMail(...)
bool handleEcryptedMail(RsGxsMailItem* mail);
bool handleEcryptedMail(const RsGxsMailItem* mail);
/// Dispatch the message to the recipient service
bool dispatchDecryptedMail( RsGxsMailItem* received_msg,
uint8_t* decrypted_data,
bool dispatchDecryptedMail( const RsGxsMailItem* received_msg,
const uint8_t* decrypted_data,
uint32_t decrypted_data_size );
};
struct TestGxsMailClientService : GxsMailsClient
{
TestGxsMailClientService(p3GxsMails& gmxMailService)
{
gmxMailService.registerGxsMailsClient( GxsMailSubServices::TEST_SERVICE,
this );
}
/// @see GxsMailsClient::receiveGxsMail(...)
virtual bool receiveGxsMail( const RsGxsMailItem* originalMessage,
const uint8_t* data, uint32_t dataSize )
{
std::cout << "TestGxsMailClientService::receiveGxsMail(...) got message"
<< " from: " << originalMessage->meta.mAuthorId << std::endl
<< "\t" << std::string((char*)data, dataSize) << std::endl;
return true;
}
};