added default encryption policy variable and GUI to change it

libretroshare/src/file_sharing/directory_storage.cc

@@ -168,13 +168,6 @@ bool DirectoryStorage::updateHash(const EntryIndex& index,const RsFileHash& hash
     return mFileHierarchy->updateHash(index,hash);
 }
 
-int DirectoryStorage::searchHash(const RsFileHash& hash, const RsFileHash& real_hash, EntryIndex& result) const
-{
-    RS_STACK_MUTEX(mDirStorageMtx) ;
-#warning code needed here
-    return mFileHierarchy->searchHash(hash,result);
-}
-
 void DirectoryStorage::load(const std::string& local_file_name)
 {
     RS_STACK_MUTEX(mDirStorageMtx) ;
@@ -296,6 +289,32 @@ bool DirectoryStorage::getIndexFromDirHash(const RsFileHash& hash,EntryIndex& in
 /*                                           Local Directory Storage                                              */
 /******************************************************************************************************************/
 
+bool LocalDirectoryStorage::locked_findRealHash(const RsFileHash& hash, RsFileHash& real_hash) const
+{
+    std::map<RsFileHash,RsFileHash>::const_iterator it = mEncryptedHashes.find(hash) ;
+
+    if(it == mEncryptedHashes.end())
+        return false ;
+
+    real_hash = it->second ;
+    return true ;
+}
+
+int LocalDirectoryStorage::searchHash(const RsFileHash& hash, RsFileHash& real_hash, EntryIndex& result) const
+{
+    RS_STACK_MUTEX(mDirStorageMtx) ;
+
+    if(locked_findRealHash(hash,real_hash) && mFileHierarchy->searchHash(real_hash,result))
+        return true ;
+
+    if(mFileHierarchy->searchHash(hash,result))
+    {
+        real_hash.clear();
+        return true ;
+    }
+    return false ;
+}
+
 void LocalDirectoryStorage::setSharedDirectoryList(const std::list<SharedDirInfo>& lst)
 {
     RS_STACK_MUTEX(mDirStorageMtx) ;

libretroshare/src/file_sharing/directory_storage.h

@@ -53,7 +53,6 @@ class DirectoryStorage
 
         virtual int searchTerms(const std::list<std::string>& terms, std::list<EntryIndex> &results) const ;
         virtual int searchBoolExp(RsRegularExpression::Expression * exp, std::list<EntryIndex> &results) const ;
-        virtual int searchHash(const RsFileHash& hash, const RsFileHash &real_hash, EntryIndex &results) const ;
 
         // gets/sets the various time stamps:
         //
@@ -216,6 +215,19 @@ public:
     void updateShareFlags(const SharedDirInfo& info) ;
     bool convertSharedFilePath(const std::string& path_with_virtual_name,std::string& fullpath) ;
 
+    /*!
+     * \brief searchHash
+     * 				Looks into local database of shared files for the given hash. Also looks for files such that the hash of the hash
+     * 				matches the given hash, and returns the real hash.
+     * \param hash			hash to look for
+     * \param real_hash		hash such that H(real_hash) = hash, or null hash if not found.
+     * \param results		Entry index of the file that is found
+     * \return
+     * 						true is a file is found
+     * 						false otherwise.
+     */
+    virtual int searchHash(const RsFileHash& hash, RsFileHash &real_hash, EntryIndex &results) const ;
+
     /*!
      * \brief updateTimeStamps
      * 			Checks recursive TS and update the if needed.
@@ -261,6 +273,7 @@ public:
     bool serialiseDirEntry(const EntryIndex& indx, RsTlvBinaryData& bindata, const RsPeerId &client_id) ;
 
 private:
+        bool locked_findRealHash(const RsFileHash& hash, RsFileHash& real_hash) const;
         std::string locked_getVirtualPath(EntryIndex indx) const ;
         std::string locked_getVirtualDirName(EntryIndex indx) const ;
 
@@ -268,6 +281,7 @@ private:
         std::string locked_findRealRootFromVirtualFilename(const std::string& virtual_rootdir) const;
 
         std::map<std::string,SharedDirInfo> mLocalDirs ;	// map is better for search. it->first=it->second.filename
+        std::map<RsFileHash,RsFileHash> mEncryptedHashes;	// map such that hash(it->second) = it->first
         std::string mFileName;
 
         bool mTSChanged ;

libretroshare/src/ft/ftcontroller.cc

@@ -94,7 +94,7 @@ ftFileControl::ftFileControl(std::string fname,
 	 mTransfer(tm), mCreator(fc), mState(DOWNLOADING), mHash(hash),
 	 mSize(size), mFlags(flags), mCreateTime(0), mQueuePriority(0), mQueuePosition(0)
 {
-	return;
+    return;
 }
 
 ftController::ftController(ftDataMultiplex *dm, p3ServiceControl *sc, uint32_t ftServiceId)
@@ -113,7 +113,8 @@ ftController::ftController(ftDataMultiplex *dm, p3ServiceControl *sc, uint32_t f
 {
 	_max_active_downloads = 5 ; // default queue size
 	_min_prioritized_transfers = 3 ;
-	/* TODO */
+    mDefaultEncryptionPolicy = RS_FILE_CTRL_ENCRYPTION_POLICY_PERMISSIVE;
+    /* TODO */
     cnt = 0 ;
 }
 
@@ -580,7 +581,7 @@ void ftController::locked_checkQueueElement(uint32_t pos)
 		_queue[pos]->mState = ftFileControl::DOWNLOADING ;
 
 		if(_queue[pos]->mFlags & RS_FILE_REQ_ANONYMOUS_ROUTING)
-            mTurtle->monitorTunnels(_queue[pos]->mHash,mFtServer,true) ;
+            mFtServer->activateTunnels(_queue[pos]->mHash,_queue[pos]->mFlags,true);
 	}
 
 	if(pos >= _max_active_downloads && _queue[pos]->mState != ftFileControl::QUEUED && _queue[pos]->mState != ftFileControl::PAUSED)
@@ -589,8 +590,8 @@ void ftController::locked_checkQueueElement(uint32_t pos)
 		_queue[pos]->mCreator->closeFile() ;
 
 		if(_queue[pos]->mFlags & RS_FILE_REQ_ANONYMOUS_ROUTING)
-			mTurtle->stopMonitoringTunnels(_queue[pos]->mHash) ;
-	}
+            mFtServer->activateTunnels(_queue[pos]->mHash,_queue[pos]->mFlags,false);
+    }
 }
 
 bool ftController::FlagFileComplete(const RsFileHash& hash)
@@ -835,7 +836,7 @@ bool ftController::completeFile(const RsFileHash& hash)
 		mDownloads.erase(it);
 
 		if(flags & RS_FILE_REQ_ANONYMOUS_ROUTING)
-			mTurtle->stopMonitoringTunnels(hash_to_suppress) ;
+            mFtServer->activateTunnels(hash_to_suppress,flags,false);
 
 	} /******* UNLOCKED ********/
 
@@ -978,6 +979,17 @@ bool 	ftController::FileRequest(const std::string& fname, const RsFileHash& hash
 	if(alreadyHaveFile(hash, info))
 		return false ;
 
+    if(mDefaultEncryptionPolicy == RS_FILE_CTRL_ENCRYPTION_POLICY_STRICT)
+    {
+        flags |=  RS_FILE_REQ_ENCRYPTED ;
+        flags &= ~RS_FILE_REQ_UNENCRYPTED ;
+    }
+    else
+    {
+        flags |=  RS_FILE_REQ_ENCRYPTED ;
+        flags |=  RS_FILE_REQ_UNENCRYPTED ;
+    }
+
 	if(size == 0)	// we treat this special case because
 	{
 		/* if no destpath - send to download directory */
@@ -1174,7 +1186,7 @@ bool 	ftController::FileRequest(const std::string& fname, const RsFileHash& hash
   // We check that flags are consistent.  
   
   	if(flags & RS_FILE_REQ_ANONYMOUS_ROUTING)
-        mTurtle->monitorTunnels(hash,mFtServer,true) ;
+        mFtServer->activateTunnels(hash,flags,true);
 
     bool assume_availability = false;
 
@@ -1275,7 +1287,7 @@ bool ftController::setChunkStrategy(const RsFileHash& hash,FileChunksInfo::Chunk
 
 bool 	ftController::FileCancel(const RsFileHash& hash)
 {
-	rsTurtle->stopMonitoringTunnels(hash) ;
+    mFtServer->activateTunnels(hash,TransferRequestFlags(0),false);
 
 #ifdef CONTROL_DEBUG
 	std::cerr << "ftController::FileCancel" << std::endl;
@@ -1813,6 +1825,7 @@ const std::string download_dir_ss("DOWN_DIR");
 const std::string partial_dir_ss("PART_DIR");
 const std::string default_chunk_strategy_ss("DEFAULT_CHUNK_STRATEGY");
 const std::string free_space_limit_ss("FREE_SPACE_LIMIT");
+const std::string default_encryption_policy("DEFAULT_ENCRYPTION_POLICY");
 
 
 	/* p3Config Interface */
@@ -2102,7 +2115,26 @@ bool  ftController::loadConfigMap(std::map<std::string, std::string> &configMap)
 		setPartialsDirectory(mit->second);
 	}
 
-	if (configMap.end() != (mit = configMap.find(default_chunk_strategy_ss)))
+    if (configMap.end() != (mit = configMap.find(default_encryption_policy)))
+    {
+        if(mit->second == "STRICT")
+        {
+            mDefaultEncryptionPolicy = RS_FILE_CTRL_ENCRYPTION_POLICY_STRICT ;
+            std::cerr << "Note: loading default value for encryption policy: STRICT" << std::endl;
+        }
+        else if(mit->second == "PERMISSIVE")
+        {
+            mDefaultEncryptionPolicy = RS_FILE_CTRL_ENCRYPTION_POLICY_PERMISSIVE ;
+            std::cerr << "Note: loading default value for encryption policy: PERMISSIVE" << std::endl;
+        }
+        else
+        {
+            std::cerr << "(EE) encryption policy not recognized: \"" << mit->second << "\"" << std::endl;
+            mDefaultEncryptionPolicy = RS_FILE_CTRL_ENCRYPTION_POLICY_PERMISSIVE ;
+        }
+    }
+
+    if (configMap.end() != (mit = configMap.find(default_chunk_strategy_ss)))
 	{
 		if(mit->second == "STREAMING")
 		{

libretroshare/src/ft/ftcontroller.h

@@ -237,6 +237,7 @@ class ftController: public RsTickingThread, public pqiServiceMonitor, public p3C
 		ftServer *mFtServer ;
 		p3ServiceControl *mServiceCtrl;
 		uint32_t mFtServiceId;
+        uint32_t mDefaultEncryptionPolicy ;
 
         uint32_t cnt ;
 		RsMutex ctrlMutex;

libretroshare/src/ft/ftserver.cc

@@ -250,6 +250,26 @@ bool ftServer::FileRequest(const std::string& fname, const RsFileHash& hash, uin
 	return true ;
 }
 
+bool ftServer::activateTunnels(const RsFileHash& hash,TransferRequestFlags flags,bool onoff)
+{
+    RsFileHash hash_of_hash ;
+
+    encryptHash(hash,hash_of_hash) ;
+    mEncryptedHashes.insert(std::make_pair(hash_of_hash,hash)) ;
+
+    if(onoff)
+    {
+        if(flags & RS_FILE_REQ_ENCRYPTED)   mTurtleRouter->monitorTunnels(hash_of_hash,this,true) ;
+        if(flags & RS_FILE_REQ_UNENCRYPTED) mTurtleRouter->monitorTunnels(hash,this,true) ;
+    }
+    else
+    {
+        mTurtleRouter->stopMonitoringTunnels(hash_of_hash);
+        mTurtleRouter->stopMonitoringTunnels(hash);
+    }
+    return true ;
+}
+
 bool ftServer::setDestinationName(const RsFileHash& hash,const std::string& name)
 {
 	return mFtController->setDestinationName(hash,name);
@@ -462,7 +482,12 @@ bool ftServer::handleTunnelRequest(const RsFileHash& hash,const RsPeerId& peer_i
     FileInfo info ;
     bool res = FileDetails(hash, RS_FILE_HINTS_NETWORK_WIDE | RS_FILE_HINTS_LOCAL | RS_FILE_HINTS_EXTRA | RS_FILE_HINTS_SPEC_ONLY, info);
 
-#warning need code here => turn H(H) into real hash
+    if(info.transfer_info_flags & RS_FILE_REQ_ENCRYPTED)
+    {
+        std::cerr << "handleTunnelRequest: openning encrypted FT tunnel for H(H(F))=" << hash << " and H(F)=" << info.hash << std::endl;
+        mEncryptedHashes[info.hash] = hash ;
+    }
+#warning needs to tweak for swarming with encrypted FT
     if( (!res) && FileDetails(hash,RS_FILE_HINTS_DOWNLOAD,info))
     {
         // This file is currently being downloaded. Let's look if we already have a chunk or not. If not, no need to
@@ -1191,6 +1216,12 @@ bool ftServer::decryptItem(RsTurtleGenericDataItem *encrypted_item,const RsFileH
     return true ;
 }
 
+bool ftServer::encryptHash(const RsFileHash& hash, RsFileHash& hash_of_hash)
+{
+    hash_of_hash = RsDirUtil::sha1sum(hash.toByteArray(),hash.SIZE_IN_BYTES);
+    return true ;
+}
+
 bool ftServer::findRealHash(const RsFileHash& hash, RsFileHash& real_hash)
 {
     std::map<RsFileHash,RsFileHash>::const_iterator it = mEncryptedHashes.find(hash) ;

libretroshare/src/ft/ftserver.h

@@ -217,6 +217,8 @@ public:
     /*************** Data Transfer Interface ***********************/
     /***************************************************************/
 public:
+    virtual bool activateTunnels(const RsFileHash& hash,TransferRequestFlags flags,bool onoff);
+
     virtual bool sendData(const RsPeerId& peerId, const RsFileHash& hash, uint64_t size, uint64_t offset, uint32_t chunksize, void *data);
     virtual bool sendDataRequest(const RsPeerId& peerId, const RsFileHash& hash, uint64_t size, uint64_t offset, uint32_t chunksize);
     virtual bool sendChunkMapRequest(const RsPeerId& peer_id,const RsFileHash& hash,bool is_client) ;
@@ -255,6 +257,7 @@ protected:
 
     // fnds out what is the real hash of encrypted hash hash
     bool findRealHash(const RsFileHash& hash, RsFileHash& real_hash);
+    bool encryptHash(const RsFileHash& hash, RsFileHash& hash_of_hash);
 
 private:
 

libretroshare/src/retroshare/rsfiles.h

@@ -43,6 +43,9 @@ const uint32_t RS_FILE_CTRL_PAUSE	 		= 0x00000100;
 const uint32_t RS_FILE_CTRL_START	 		= 0x00000200;
 const uint32_t RS_FILE_CTRL_FORCE_CHECK	= 0x00000400;
 
+const uint32_t RS_FILE_CTRL_ENCRYPTION_POLICY_STRICT     = 0x00000001 ;
+const uint32_t RS_FILE_CTRL_ENCRYPTION_POLICY_PERMISSIVE = 0x00000002 ;
+
 const uint32_t RS_FILE_RATE_TRICKLE	 = 0x00000001;
 const uint32_t RS_FILE_RATE_SLOW	 = 0x00000002;
 const uint32_t RS_FILE_RATE_STANDARD	 = 0x00000003;
@@ -79,6 +82,7 @@ const FileSearchFlags RS_FILE_HINTS_PERMISSION_MASK        ( 0x00000180 );// OR
 //
 const TransferRequestFlags RS_FILE_REQ_ANONYMOUS_ROUTING   ( 0x00000040 ); // Use to ask turtle router to download the file.
 const TransferRequestFlags RS_FILE_REQ_ENCRYPTED           ( 0x00000080 ); // Asks for end-to-end encryption of file at the level of ftServer
+const TransferRequestFlags RS_FILE_REQ_UNENCRYPTED         ( 0x00000100 ); // Asks for no end-to-end encryption of file at the level of ftServer
 const TransferRequestFlags RS_FILE_REQ_ASSUME_AVAILABILITY ( 0x00000200 ); // Assume full source availability. Used for cache files.
 const TransferRequestFlags RS_FILE_REQ_CACHE_deprecated    ( 0x00000400 ); // Old stuff used for cache files. Not used anymore.
 const TransferRequestFlags RS_FILE_REQ_EXTRA               ( 0x00000800 );
@@ -86,7 +90,7 @@ const TransferRequestFlags RS_FILE_REQ_MEDIA               ( 0x00001000 );
 const TransferRequestFlags RS_FILE_REQ_BACKGROUND          ( 0x00002000 ); // To download slowly.
 const TransferRequestFlags RS_FILE_REQ_NO_SEARCH           ( 0x02000000 );	// disable searching for potential direct sources.
 
-// const uint32_t RS_FILE_HINTS_SHARE_FLAGS_MASK	 = 	RS_FILE_HINTS_NETWORK_WIDE_OTHERS | RS_FILE_HINTS_BROWSABLE_OTHERS 
+// const uint32_t RS_FILE_HINTS_SHARE_FLAGS_MASK	 = 	RS_FILE_HINTS_NETWORK_WIDE_OTHERS | RS_FILE_HINTS_BROWSABLE_OTHERS
 // 																	 | RS_FILE_HINTS_NETWORK_WIDE_GROUPS | RS_FILE_HINTS_BROWSABLE_GROUPS ;
 
 /* Callback Codes */
@@ -142,6 +146,8 @@ class RsFiles
 		virtual void setFreeDiskSpaceLimit(uint32_t size_in_mb) =0;
 		virtual bool FileControl(const RsFileHash& hash, uint32_t flags) = 0;
 		virtual bool FileClearCompleted() = 0;
+        virtual void setDefaultEncryptionPolicy(uint32_t policy)=0 ;	// RS_FILE_CTRL_ENCRYPTION_POLICY_STRICT/PERMISSIVE
+        virtual uint32_t defaultEncryptionPolicy()=0 ;
 
 		/***
 		 * Control of Downloads Priority.

retroshare-gui/src/gui/settings/TransferPage.cpp

@@ -32,24 +32,31 @@
 TransferPage::TransferPage(QWidget * parent, Qt::WindowFlags flags)
     : ConfigPage(parent, flags)
 {
-  /* Invoke the Qt Designer generated object setup routine */
-  ui.setupUi(this);
+    /* Invoke the Qt Designer generated object setup routine */
+    ui.setupUi(this);
 
-	ui._queueSize_SB->setValue(rsFiles->getQueueSize()) ;
+    ui._queueSize_SB->setValue(rsFiles->getQueueSize()) ;
 
-	switch(rsFiles->defaultChunkStrategy())
-	{
-		case FileChunksInfo::CHUNK_STRATEGY_STREAMING: ui._defaultStrategy_CB->setCurrentIndex(0) ; break ;
-		case FileChunksInfo::CHUNK_STRATEGY_PROGRESSIVE: ui._defaultStrategy_CB->setCurrentIndex(1) ; break ;
-		case FileChunksInfo::CHUNK_STRATEGY_RANDOM: ui._defaultStrategy_CB->setCurrentIndex(2) ; break ;
-	}
+    switch(rsFiles->defaultChunkStrategy())
+    {
+    case FileChunksInfo::CHUNK_STRATEGY_STREAMING: ui._defaultStrategy_CB->setCurrentIndex(0) ; break ;
+    case FileChunksInfo::CHUNK_STRATEGY_PROGRESSIVE: ui._defaultStrategy_CB->setCurrentIndex(1) ; break ;
+    case FileChunksInfo::CHUNK_STRATEGY_RANDOM: ui._defaultStrategy_CB->setCurrentIndex(2) ; break ;
+    }
 
-	ui._diskSpaceLimit_SB->setValue(rsFiles->freeDiskSpaceLimit()) ;
+    switch(rsFiles->defaultEncryptionPolicy())
+    {
+    case RS_FILE_CTRL_ENCRYPTION_POLICY_PERMISSIVE: ui._e2e_encryption_CB->setCurrentIndex(0) ; break ;
+    case RS_FILE_CTRL_ENCRYPTION_POLICY_STRICT    : ui._e2e_encryption_CB->setCurrentIndex(1) ; break ;
+    }
 
-	QObject::connect(ui._queueSize_SB,SIGNAL(valueChanged(int)),this,SLOT(updateQueueSize(int))) ;
-	QObject::connect(ui._defaultStrategy_CB,SIGNAL(activated(int)),this,SLOT(updateDefaultStrategy(int))) ;
-	QObject::connect(ui._diskSpaceLimit_SB,SIGNAL(valueChanged(int)),this,SLOT(updateDiskSizeLimit(int))) ;
-        QObject::connect(ui._max_tr_up_per_sec_SB, SIGNAL( valueChanged( int ) ), this, SLOT( updateMaxTRUpRate(int) ) );
+    ui._diskSpaceLimit_SB->setValue(rsFiles->freeDiskSpaceLimit()) ;
+
+    QObject::connect(ui._queueSize_SB,SIGNAL(valueChanged(int)),this,SLOT(updateQueueSize(int))) ;
+    QObject::connect(ui._defaultStrategy_CB,SIGNAL(activated(int)),this,SLOT(updateDefaultStrategy(int))) ;
+    QObject::connect(ui._e2e_encryption_CB,SIGNAL(activated(int)),this,SLOT(updateEncryptionPolicy(int))) ;
+    QObject::connect(ui._diskSpaceLimit_SB,SIGNAL(valueChanged(int)),this,SLOT(updateDiskSizeLimit(int))) ;
+    QObject::connect(ui._max_tr_up_per_sec_SB, SIGNAL( valueChanged( int ) ), this, SLOT( updateMaxTRUpRate(int) ) );
 
     ui._max_tr_up_per_sec_SB->setValue(rsTurtle->getMaxTRForwardRate()) ;
 }
@@ -57,6 +64,19 @@ void TransferPage::updateMaxTRUpRate(int b)
 {
     rsTurtle->setMaxTRForwardRate(b) ;
 }
+
+void TransferPage::updateEncryptionPolicy(int b)
+{
+    switch(b)
+    {
+    case 1: rsFiles->setDefaultEncryptionPolicy(RS_FILE_CTRL_ENCRYPTION_POLICY_STRICT) ;
+        break ;
+    default:
+    case 0: rsFiles->setDefaultEncryptionPolicy(RS_FILE_CTRL_ENCRYPTION_POLICY_PERMISSIVE) ;
+        break ;
+    }
+}
+
 void TransferPage::updateDefaultStrategy(int i)
 {
 	switch(i)

retroshare-gui/src/gui/settings/TransferPage.h

@@ -49,6 +49,7 @@ class TransferPage: public ConfigPage
 		void updateDefaultStrategy(int) ;
 		void updateDiskSizeLimit(int) ;
         void updateMaxTRUpRate(int);
+        void updateEncryptionPolicy(int);
 
 	private:
 

retroshare-gui/src/gui/settings/TransferPage.ui

@@ -6,8 +6,8 @@
    <rect>
     <x>0</x>
     <y>0</y>
-    <width>700</width>
-    <height>356</height>
+    <width>741</width>
+    <height>372</height>
    </rect>
   </property>
   <layout class="QVBoxLayout" name="verticalLayout">
@@ -49,6 +49,13 @@
             </property>
            </widget>
           </item>
+          <item>
+           <widget class="QLabel" name="label_4">
+            <property name="text">
+             <string>End-to-end encryption:</string>
+            </property>
+           </widget>
+          </item>
          </layout>
         </item>
         <item>
@@ -135,6 +142,20 @@
             </property>
            </widget>
           </item>
+          <item>
+           <widget class="QComboBox" name="_e2e_encryption_CB">
+            <item>
+             <property name="text">
+              <string>Accepted</string>
+             </property>
+            </item>
+            <item>
+             <property name="text">
+              <string>Enforced</string>
+             </property>
+            </item>
+           </widget>
+          </item>
          </layout>
         </item>
        </layout>