Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-02-05 01:25:39 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

moved refused connect attempt event to RsAuthSslConnectionAuthentication

Browse Source
This commit is contained in:
csoler 2019-12-05 23:43:38 +01:00
parent c48aff44b2
commit bb10b82c8e
No known key found for this signature in database
GPG Key ID: 7BCA522266C0804C
5 changed files with 31 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
libretroshare/src/pqi/authssl.cc
View File

@ -1298,7 +1298,15 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx)
ev->mSslId = sslId; ev->mSslId = sslId;
ev->mSslCn = sslCn; ev->mSslCn = sslCn;
ev->mPgpId = pgpId; ev->mPgpId = pgpId;
ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::PGP_SIGNATURE_VALIDATION_FAILED;
switch(auth_diagnostic)
{
case RS_SSL_HANDSHAKE_DIAGNOSTIC_ISSUER_UNKNOWN: ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::NOT_A_FRIEND; break;
case RS_SSL_HANDSHAKE_DIAGNOSTIC_WRONG_SIGNATURE: ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::PGP_SIGNATURE_VALIDATION_FAILED;break;
default:
ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::MISSING_AUTHENTICATION_INFO;break;
}
ev->mErrorMsg = errMsg; ev->mErrorMsg = errMsg;
rsEvents->postEvent(std::move(ev)); rsEvents->postEvent(std::move(ev));
} }

10
libretroshare/src/pqi/pqissl.cc
View File

@ -1108,6 +1108,16 @@ int pqissl::SSL_Connection_Complete()
return 0; return 0;
} }
if(rsEvents)
{
auto ev = std::make_shared<RsAuthSslConnectionAutenticationEvent>();
X509 *x509 = SSL_get_peer_certificate(ssl_connection) ;
ev->mSslId = RsX509Cert::getCertSslId(*x509);
ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::PEER_REFUSED_CONNECTION;
rsEvents->postEvent(ev);
}
std::string out; std::string out;
rs_sprintf(out, "pqissl::SSL_Connection_Complete()\nIssues with SSL Connect(%d)!\n", err); rs_sprintf(out, "pqissl::SSL_Connection_Complete()\nIssues with SSL Connect(%d)!\n", err);

4
libretroshare/src/retroshare/rsevents.h
View File

@ -193,7 +193,8 @@ struct RsAuthSslConnectionAutenticationEvent : RsEvent
NOT_A_FRIEND = 0x05, NOT_A_FRIEND = 0x05,
MISSING_CERTIFICATE = 0x06, MISSING_CERTIFICATE = 0x06,
IP_IS_BLACKLISTED = 0x07, IP_IS_BLACKLISTED = 0x07,
UNKNOWN_ERROR = 0x08, PEER_REFUSED_CONNECTION = 0x08,
UNKNOWN_ERROR = 0x09,
}; };
RsPeerId mSslId; RsPeerId mSslId;
@ -227,7 +228,6 @@ struct RsConnectionEvent : RsEvent
UNKNOWN = 0x00, UNKNOWN = 0x00,
PEER_CONNECTED = 0x01, PEER_CONNECTED = 0x01,
PEER_DISCONNECTED = 0x02, PEER_DISCONNECTED = 0x02,
PEER_REFUSED_CONNECTION = 0x03,
}; };
ConnectionType mConnectionType; ConnectionType mConnectionType;

3
libretroshare/src/retroshare/rsnotify.h
View File

@ -79,9 +79,10 @@ const uint32_t RS_FEED_ITEM_PEER_DISCONNECT = RS_FEED_TYPE_PEER | 0x000
const uint32_t RS_FEED_ITEM_PEER_HELLO = RS_FEED_TYPE_PEER | 0x0003; const uint32_t RS_FEED_ITEM_PEER_HELLO = RS_FEED_TYPE_PEER | 0x0003;
const uint32_t RS_FEED_ITEM_PEER_NEW = RS_FEED_TYPE_PEER | 0x0004; const uint32_t RS_FEED_ITEM_PEER_NEW = RS_FEED_TYPE_PEER | 0x0004;
const uint32_t RS_FEED_ITEM_PEER_OFFSET = RS_FEED_TYPE_PEER | 0x0005; const uint32_t RS_FEED_ITEM_PEER_OFFSET = RS_FEED_TYPE_PEER | 0x0005;
const uint32_t RS_FEED_ITEM_PEER_DENIES_CONNEXION = RS_FEED_TYPE_PEER | 0x0006;
const uint32_t RS_FEED_ITEM_SEC_CONNECT_ATTEMPT = RS_FEED_TYPE_SECURITY | 0x0001; const uint32_t RS_FEED_ITEM_SEC_CONNECT_ATTEMPT = RS_FEED_TYPE_SECURITY | 0x0001;
const uint32_t RS_FEED_ITEM_SEC_AUTH_DENIED = RS_FEED_TYPE_SECURITY | 0x0002; const uint32_t RS_FEED_ITEM_SEC_AUTH_DENIED = RS_FEED_TYPE_SECURITY | 0x0002; // locally denied connection
const uint32_t RS_FEED_ITEM_SEC_UNKNOWN_IN = RS_FEED_TYPE_SECURITY | 0x0003; const uint32_t RS_FEED_ITEM_SEC_UNKNOWN_IN = RS_FEED_TYPE_SECURITY | 0x0003;
const uint32_t RS_FEED_ITEM_SEC_UNKNOWN_OUT = RS_FEED_TYPE_SECURITY | 0x0004; const uint32_t RS_FEED_ITEM_SEC_UNKNOWN_OUT = RS_FEED_TYPE_SECURITY | 0x0004;
const uint32_t RS_FEED_ITEM_SEC_WRONG_SIGNATURE = RS_FEED_TYPE_SECURITY | 0x0005; const uint32_t RS_FEED_ITEM_SEC_WRONG_SIGNATURE = RS_FEED_TYPE_SECURITY | 0x0005;

20
retroshare-gui/src/gui/NewsFeed.cpp
View File

@ -194,7 +194,7 @@ void NewsFeed::handleEvent(std::shared_ptr<const RsEvent> event)
return; return;
} }
if(event->mType == RsEventType::PEER_STATE_CHANGED && (flags & RS_FEED_TYPE_PEER)) if(event->mType == RsEventType::PEER_CONNECTION && (flags & RS_FEED_TYPE_PEER))
{ {
RsQThreadUtils::postToObject( [=]() { handleConnectionEvent(event); }, this ); RsQThreadUtils::postToObject( [=]() { handleConnectionEvent(event); }, this );
return; return;
@ -217,16 +217,6 @@ void NewsFeed::handleConnectionEvent(std::shared_ptr<const RsEvent> event)
break; break;
case RsConnectionEvent::PEER_DISCONNECTED: break;// not handled yet case RsConnectionEvent::PEER_DISCONNECTED: break;// not handled yet
case RsConnectionEvent::PEER_REFUSED_CONNECTION:
{
RsPeerDetails det;
if(!rsPeers->getPeerDetails(e.mSslId,det))
return;
addFeedItemIfUnique(new SecurityItem(this, NEWSFEED_SECLIST, det.gpg_id, e.mSslId, det.location, std::string(), RS_FEED_ITEM_SEC_AUTH_DENIED, false), true );
}
break;
default: break; default: break;
} }
} }
@ -243,6 +233,12 @@ void NewsFeed::handleSecurityEvent(std::shared_ptr<const RsEvent> event)
std::cerr << "NotifyQt: handling security event from (" << e.mSslId << "," << e.mPgpId << ") error code: " << e.mErrorCode << std::endl; std::cerr << "NotifyQt: handling security event from (" << e.mSslId << "," << e.mPgpId << ") error code: " << e.mErrorCode << std::endl;
uint flags = Settings->getNewsFeedFlags(); uint flags = Settings->getNewsFeedFlags();
if(e.mErrorCode == RsAuthSslConnectionAutenticationEvent::PEER_REFUSED_CONNECTION)
{
addFeedItemIfUnique(new PeerItem(this, NEWSFEED_PEERLIST, e.mSslId, PEER_TYPE_HELLO, false), true );
return;
}
uint32_t FeedItemType=0; uint32_t FeedItemType=0;
switch(e.mErrorCode) switch(e.mErrorCode)
@ -251,7 +247,7 @@ void NewsFeed::handleSecurityEvent(std::shared_ptr<const RsEvent> event)
case RsAuthSslConnectionAutenticationEvent::MISMATCHED_PGP_ID: // fallthrough case RsAuthSslConnectionAutenticationEvent::MISMATCHED_PGP_ID: // fallthrough
case RsAuthSslConnectionAutenticationEvent::MISSING_AUTHENTICATION_INFO: FeedItemType = RS_FEED_ITEM_SEC_BAD_CERTIFICATE; break; case RsAuthSslConnectionAutenticationEvent::MISSING_AUTHENTICATION_INFO: FeedItemType = RS_FEED_ITEM_SEC_BAD_CERTIFICATE; break;
case RsAuthSslConnectionAutenticationEvent::PGP_SIGNATURE_VALIDATION_FAILED: FeedItemType = RS_FEED_ITEM_SEC_WRONG_SIGNATURE; break; case RsAuthSslConnectionAutenticationEvent::PGP_SIGNATURE_VALIDATION_FAILED: FeedItemType = RS_FEED_ITEM_SEC_WRONG_SIGNATURE; break;
case RsAuthSslConnectionAutenticationEvent::NOT_A_FRIEND: FeedItemType = RS_FEED_ITEM_SEC_AUTH_DENIED; break; case RsAuthSslConnectionAutenticationEvent::NOT_A_FRIEND: FeedItemType = RS_FEED_ITEM_SEC_CONNECT_ATTEMPT; break;
case RsAuthSslConnectionAutenticationEvent::IP_IS_BLACKLISTED: FeedItemType = RS_FEED_ITEM_SEC_IP_BLACKLISTED; break; case RsAuthSslConnectionAutenticationEvent::IP_IS_BLACKLISTED: FeedItemType = RS_FEED_ITEM_SEC_IP_BLACKLISTED; break;
case RsAuthSslConnectionAutenticationEvent::MISSING_CERTIFICATE: FeedItemType = RS_FEED_ITEM_SEC_MISSING_CERTIFICATE; break; case RsAuthSslConnectionAutenticationEvent::MISSING_CERTIFICATE: FeedItemType = RS_FEED_ITEM_SEC_MISSING_CERTIFICATE; break;