Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-05-03 14:45:12 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

working gui version for peers dialog

Browse source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@2013 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
joss17 2010-01-13 21:16:18 +00:00
parent 1ae1c9a98b
commit bb45fa3db5
13 changed files with 239 additions and 319 deletions
Download patch file Download diff file Expand all files Collapse all files

14
libretroshare/src/pqi/authgpg.cc
View file

@ -198,7 +198,7 @@ AuthGPG::AuthGPG()
*
* returns false if GnuPG is not available.
*/
bool AuthGPG::availablePGPCertificates(std::list<std::string> &ids)
bool AuthGPG::availablePGPCertificatesWithPrivateKeys(std::list<std::string> &ids)
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
@ -225,9 +225,9 @@ bool AuthGPG::availablePGPCertificates(std::list<std::string> &ids)
/* Loop until end of key */
for(i = 0;(GPG_ERR_NO_ERROR == (ERR = gpgme_op_keylist_next (CTX, &KEY))); i++)
{
if (KEY->subkeys)
if (KEY->subkeys)
{
ids.push_back(KEY->subkeys->keyid);
ids.push_back(KEY->subkeys->keyid);
std::cerr << "AuthGPG::availablePGPCertificates() Added: "
<< KEY->subkeys->keyid << std::endl;
}
@ -971,6 +971,14 @@ bool AuthGPG::encryptText(gpgme_data_t PLAIN, gpgme_data_t CIPHER) {
return true;
}
bool AuthGPG::getPGPAcceptedList(std::list<std::string> &ids)
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
//TODO : implement a list in config file of accepted GPG key to connect with
return getPGPSignedList(ids);
}
bool AuthGPG::getPGPSignedList(std::list<std::string> &ids)
{
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/

7
libretroshare/src/pqi/authgpg.h
View file

@ -104,7 +104,7 @@ class AuthGPG
AuthGPG();
~AuthGPG();
bool availablePGPCertificates(std::list<std::string> &ids);
bool availablePGPCertificatesWithPrivateKeys(std::list<std::string> &ids);
int GPGInit(std::string ownId);
@ -150,10 +150,11 @@ class AuthGPG
/* PGP web of trust management */
GPG_id PGPOwnId();
bool getPGPAllList(std::list<std::string> &ids);
bool getPGPDetails(std::string id, RsPeerDetails &d);
bool getPGPSignedList(std::list<std::string> &ids);
bool getPGPAllList(std::list<std::string> &ids);
bool getPGPValidList(std::list<std::string> &ids);
bool getPGPAcceptedList(std::list<std::string> &ids);
bool getPGPSignedList(std::list<std::string> &ids);
bool isPGPValid(std::string id);
bool isPGPSigned(std::string id);

150
libretroshare/src/pqi/authssl.cc
View file

@ -604,16 +604,6 @@ int AuthSSL::setConfigDirectories(std::string configfile, std::string neighd
return 1;
}
/* no trust in SSL certs */
bool AuthSSL::isTrustingMe(std::string id)
{
return false;
}
void AuthSSL::addTrustingPeer(std::string id)
{
return;
}
std::string AuthSSL::OwnId()
{
#ifdef AUTHSSL_DEBUG
@ -697,30 +687,30 @@ bool AuthSSL::getUnknownList(std::list<std::string> &ids)
return true;
}
/* silly question really - only valid certs get saved to map
* so if in map its okay
*/
bool AuthSSL::isValid(std::string id)
bool AuthSSL::getSSLChildListOfGPGId(std::string gpg_id, std::list<std::string> &ids)
{
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::isValid() " << id;
std::cerr << std::endl;
std::cerr << "AuthSSL::getChildListOfGPGId() called for gpg id : " << gpg_id << std::endl;
#endif
sslMtx.lock(); /***** LOCK *****/
bool valid = false;
sslMtx.lock(); /***** LOCK *****/
if (id == mOwnId)
{
valid = true;
}
else
{
valid = (mCerts.end() != mCerts.find(id));
}
/* iterate through both lists */
std::map<std::string, sslcert *>::iterator it;
sslMtx.unlock(); /**** UNLOCK ****/
for(it = mCerts.begin(); it != mCerts.end(); it++)
{
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::getChildListOfGPGId() it->second->authed : " << it->second->authed << "; it->second->issuer : " << it->second->issuer << std::endl;
#endif
if (it->second->authed && it->second->issuer == gpg_id)
{
ids.push_back(it->first);
}
}
return valid;
sslMtx.unlock(); /**** UNLOCK ****/
return true;
}
bool AuthSSL::isAuthenticated(std::string id)
@ -1019,73 +1009,6 @@ bool AuthSSL::SaveCertificateToBinary(std::string id, uint8_t **ptr, uint32_t *
return valid;
}
/* Signatures */
/* NO Signatures in SSL Certificates */
bool AuthSSL::SignCertificate(std::string id)
{
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::SignCertificate() NULL " << id;
std::cerr << std::endl;
#endif
bool valid = false;
return valid;
}
bool AuthSSL::TrustCertificate(std::string id, bool totrust)
{
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::TrustCertificate() NULL " << id;
std::cerr << std::endl;
#endif
bool valid = false;
return valid;
}
bool AuthSSL::RevokeCertificate(std::string id)
{
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::RevokeCertificate() NULL " << id;
std::cerr << std::endl;
#endif
sslMtx.lock(); /***** LOCK *****/
sslMtx.unlock(); /**** UNLOCK ****/
return false;
}
bool AuthSSL::AuthCertificate(std::string id)
{
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::AuthCertificate() " << id;
std::cerr << std::endl;
#endif
sslMtx.lock(); /***** LOCK *****/
/* get the cert first */
sslcert *cert = NULL;
sslcert *own = mOwnCert;
bool valid = false;
if (locked_FindCert(id, &cert))
{
/* ensuring this function can do nothing in PGP mode */
#ifdef PQI_USE_SSLONLY
cert->authed=true;
mToSaveCerts = true;
#endif
}
sslMtx.unlock(); /**** UNLOCK ****/
return valid;
}
/* Sign / Encrypt / Verify Data (TODO) */
bool AuthSSL::SignData(std::string input, std::string &sign)
@ -1577,13 +1500,7 @@ bool AuthSSL::ProcessX509(X509 *x509, std::string &id)
{
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::ProcessX509() ValidateCertificate FAILED";
std::cerr << std::endl;
#endif
#ifdef PQI_USE_SSLONLY
/* bad ( or unknown pgp issuer ) certificate */
X509_free(x509);
return false;
std::cerr << std::endl;
#endif
}
@ -1681,7 +1598,7 @@ bool AuthSSL::ProcessX509(X509 *x509, std::string &id)
sslMtx.lock(); /***** LOCK *****/
mCerts[xid] = cert;
mCerts[xid] = cert;
/* resave if new certificate */
mToSaveCerts = true;
@ -1707,8 +1624,7 @@ bool AuthSSL::ProcessX509(X509 *x509, std::string &id)
}
bool getX509id(X509 *x509, std::string &xid)
{
bool getX509id(X509 *x509, std::string &xid) {
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::getX509id()";
std::cerr << std::endl;
@ -1986,8 +1902,6 @@ bool AuthSSL::AuthX509(X509 *x509)
int sigoutl=0,sigoutll=0;
X509_ALGOR *a;
fprintf(stderr, "AuthSSL::AuthX509()\n");
EVP_MD_CTX_init(&ctx);
/* input buffer */
@ -2038,6 +1952,8 @@ bool AuthSSL::AuthX509(X509 *x509)
sigoutl = 0;
goto err;
}
//TODO implement a way to check that the sign KEY is the same as the issuer id in the ssl cert
std::cerr << "AuthSSL::AuthX509() X509 authenticated" << std::endl;
return true;
@ -2049,22 +1965,20 @@ bool AuthSSL::AuthX509(X509 *x509)
bool AuthSSL::ValidateCertificate(X509 *x509, std::string &peerId)
{
/* check self signed */
#warning "ValidateCertificate Not Finished"
#if 0
if (!X509_check_valid_certificate(x509))
{
/* bad certificate */
return false;
}
if (!AuthX509(x509) || !getX509id(x509, peerId)) {
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::ValidateCertificate() bad certificate.";
std::cerr << std::endl;
#endif
return false;
}
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::ValidateCertificate() Not Finished!";
std::cerr << "AuthSSL::ValidateCertificate() good certificate.";
std::cerr << std::endl;
#endif
return getX509id(x509, peerId);
return true;
}
/* store for discovery */
@ -2136,8 +2050,6 @@ bool AuthSSL::CheckCertificate(std::string x509Id, X509 *x509)
}
/********************************************************************************/
/********************************************************************************/
/********************************************************************************/

27
libretroshare/src/pqi/authssl.h
View file

@ -101,26 +101,19 @@ virtual int setConfigDirectories(std::string confFile, std::string neighDir)
/*********** Overloaded Functions from p3AuthMgr **********/
/* get Certificate Ids */
virtual std::string OwnId();
virtual bool getAllList(std::list<std::string> &ids);
virtual bool getAuthenticatedList(std::list<std::string> &ids);
virtual bool getUnknownList(std::list<std::string> &ids);
virtual bool getSSLChildListOfGPGId(std::string gpg_id, std::list<std::string> &ids);
/* get Details from the Certificates */
virtual bool isValid(std::string id);
virtual bool isAuthenticated(std::string id);
virtual std::string getName(std::string id);
virtual std::string getIssuerName(std::string id);
virtual std::string getGPGId(SSL_id id);
virtual bool getCertDetails(std::string id, sslcert &cert);
/* first party trust info (dummy) */
virtual bool isTrustingMe(std::string id) ;
virtual void addTrustingPeer(std::string id) ;
/* High Level Load/Save Configuration */
virtual bool FinalSaveCertificates();
virtual bool CheckSaveCertificates();
@ -132,19 +125,11 @@ virtual bool LoadCertificateFromString(std::string pem, std::string &id);
virtual std::string SaveCertificateToString(std::string id);
virtual bool LoadCertificateFromFile(std::string filename, std::string &id);
virtual bool SaveCertificateToFile(std::string id, std::string filename);
bool ProcessX509(X509 *x509, std::string &id);
virtual bool LoadCertificateFromBinary(const uint8_t *ptr, uint32_t len, std::string &id);
virtual bool SaveCertificateToBinary(std::string id, uint8_t **ptr, uint32_t *len);
/* Signatures */
virtual bool AuthCertificate(std::string uid);
/* These are dummy functions */
virtual bool SignCertificate(std::string id);
virtual bool RevokeCertificate(std::string id);
virtual bool TrustCertificate(std::string id, bool trust);
/* Sign / Encrypt / Verify Data (TODO) */
virtual bool SignData(std::string input, std::string &sign);
virtual bool SignData(const void *data, const uint32_t len, std::string &sign);
@ -153,10 +138,10 @@ virtual bool SignDataBin(const void*, uint32_t, unsigned char*, unsigned int*
virtual bool VerifySignBin(std::string, const void*, uint32_t, unsigned char*, unsigned int);
// return : false if encrypt failed
bool encrypt(void *&out, int &outlen, const void *in, int inlen, std::string peerId); //return the encrypted length
bool encrypt(void *&out, int &outlen, const void *in, int inlen, std::string peerId);
// return : false if decrypt fails
bool decrypt(void *&out, int &outlen, const void *in, int inlen); //return the encrypted length
bool decrypt(void *&out, int &outlen, const void *in, int inlen);
/*********** Overloaded Functions from p3AuthMgr **********/
@ -191,8 +176,6 @@ bool loadCertificates(bool &oldFormat, std::map<std::string, std::string> &key
static AuthSSL *instance_ssl;
/* Helper Functions */
bool ProcessX509(X509 *x509, std::string &id);
X509 * loadX509FromPEM(std::string pem);
X509 * loadX509FromFile(std::string fname, std::string hash);
bool saveX509ToFile(X509 *x509, std::string fname, std::string &hash);

4
libretroshare/src/pqi/p3connmgr.cc
View file

@ -2170,7 +2170,7 @@ bool p3ConnectMgr::addNeighbour(std::string id)
}
/* check with the AuthMgr if its valid */
if (!AuthSSL::getAuthSSL()->isValid(id))
if (!AuthSSL::getAuthSSL()->isAuthenticated(id))
{
/* no auth */
return false;
@ -2912,7 +2912,7 @@ bool p3ConnectMgr::loadList(std::list<RsItem *> load)
std::cerr << std::endl;
#endif
/* add ownConfig */
setOwnNetConfig(pitem->netMode, pitem->visState);
setOwnNetConfig(pitem->netMode, pitem->visState);
}
else
{

43
libretroshare/src/rsiface/rspeers.h
View file

@ -130,37 +130,36 @@ virtual bool OthersChanged() = 0;
/* Peer Details (Net & Auth) */
virtual std::string getOwnId() = 0;
virtual bool getOnlineList(std::list<std::string> &ids) = 0;
virtual bool getFriendList(std::list<std::string> &ids) = 0;
virtual bool getOthersList(std::list<std::string> &ids) = 0;
virtual bool getOnlineList(std::list<std::string> &ssl_ids) = 0;
virtual bool getFriendList(std::list<std::string> &ssl_ids) = 0;
virtual bool getOthersList(std::list<std::string> &ssl_ids) = 0;
virtual bool isOnline(std::string id) = 0;
virtual bool isFriend(std::string id) = 0;
virtual std::string getPeerName(std::string id) = 0;
virtual std::string getPeerPGPName(std::string pgp_id) = 0;
virtual bool getPeerDetails(std::string id, RsPeerDetails &d) = 0; //get Peer detail accept SSL and PGP certs
virtual bool isOnline(std::string ssl_id) = 0;
virtual bool isFriend(std::string ssl_id) = 0;
virtual std::string getPeerName(std::string ssl_id) = 0;
virtual std::string getPeerPGPName(std::string ssl_id) = 0;
virtual bool getPeerDetails(std::string ssl_or_gpg_id, RsPeerDetails &d) = 0; //get Peer detail accept SSL and PGP certs
/* Using PGP Ids */
virtual std::string getPGPOwnId() = 0;
virtual std::string getPGPId(std::string ssl_id) = 0;
virtual bool getPGPAcceptedList(std::list<std::string> &ids) = 0;
virtual bool getPGPSignedList(std::list<std::string> &ids) = 0;//friends that we accpet to connect with but we don't want to sign their gpg key
virtual bool getPGPValidList(std::list<std::string> &ids) = 0;
virtual bool getPGPAllList(std::list<std::string> &ids) = 0;
virtual bool getPGPDetails(std::string id, RsPeerDetails &d) = 0;
virtual bool getPGPFriendList(std::list<std::string> &ids) = 0;
virtual bool getPGPAcceptedList(std::list<std::string> &gpg_ids) = 0;
virtual bool getPGPSignedList(std::list<std::string> &gpg_ids) = 0;//friends that we accpet to connect with but we don't want to sign their gpg key
virtual bool getPGPValidList(std::list<std::string> &gpg_ids) = 0;
virtual bool getPGPAllList(std::list<std::string> &gpg_ids) = 0;
virtual bool getPGPDetails(std::string gpg_id, RsPeerDetails &d) = 0;
virtual bool getSSLChildListOfGPGId(std::string gpg_id, std::list<std::string> &ids) = 0;
/* Add/Remove Friends */
virtual bool addFriend(std::string id) = 0;
virtual bool removeFriend(std::string id) = 0;
/* Network Stuff */
virtual bool connectAttempt(std::string id) = 0;
virtual bool setLocalAddress(std::string id, std::string addr, uint16_t port) = 0;
virtual bool setExtAddress( std::string id, std::string addr, uint16_t port) = 0;
virtual bool setNetworkMode(std::string id, uint32_t netMode) = 0;
virtual bool setVisState(std::string id, uint32_t vis) = 0;
virtual bool connectAttempt(std::string ssl_id) = 0;
virtual bool setLocalAddress(std::string ssl_id, std::string addr, uint16_t port) = 0;
virtual bool setExtAddress( std::string ssl_id, std::string addr, uint16_t port) = 0;
virtual bool setNetworkMode(std::string ssl_id, uint32_t netMode) = 0;
virtual bool setVisState(std::string ssl_id, uint32_t vis) = 0;
virtual void getIPServersList(std::list<std::string>& ip_servers) = 0;
virtual void allowServerIPDetermination(bool) = 0;
@ -176,8 +175,8 @@ virtual bool LoadCertificateFromString(std::string cert, std::string &id) = 0;
virtual bool SaveCertificateToFile(std::string id, std::string fname) = 0;
virtual std::string SaveCertificateToString(std::string id) = 0;
virtual bool SignGPGCertificate(std::string id) = 0;
virtual bool TrustGPGCertificate(std::string id, uint32_t trustlvl) = 0;
virtual bool SignGPGCertificate(std::string gpg_id) = 0;
virtual bool TrustGPGCertificate(std::string gpg_id, uint32_t trustlvl) = 0;
};

83
libretroshare/src/rsserver/p3peers.cc
View file

@ -291,16 +291,21 @@ static struct sockaddr_in getPreferredAddress( const struct sockaddr_in& addr1,t
bool p3Peers::getPeerDetails(std::string id, RsPeerDetails &d)
{
#ifdef P3PEERS_DEBUG
std::cerr << "p3Peers::getPeerDetails() " << id;
std::cerr << std::endl;
#endif
#ifdef P3PEERS_DEBUG
std::cerr << "p3Peers::getPeerDetails() called for id : " << id << std::endl;
#endif
//first, check if it's a gpg or a ssl id.
if (AuthSSL::getAuthSSL()->getGPGId(id) == "") {
//assume is not SSL, because every ssl_id has got a pgp_id
#ifdef P3PEERS_DEBUG
std::cerr << "p3Peers::getPeerDetails() got a gpg id and is returning GPG details only for id : " << id << std::endl;
#endif
d.isOnlyGPGdetail = true;
return this->getPGPDetails(id, d);
}
#ifdef P3PEERS_DEBUG
std::cerr << "p3Peers::getPeerDetails() got a SSL id and is returning SSL and GPG details for id : " << id << std::endl;
#endif
/* get from gpg (first), to fill in the sign and trust details */
/* don't retrun now, we've got fill in the ssl and connection info */
@ -309,9 +314,11 @@ bool p3Peers::getPeerDetails(std::string id, RsPeerDetails &d)
//get the ssl details
sslcert authDetail;
if (!AuthSSL::getAuthSSL()->getCertDetails(id, authDetail))
{
return false;
if (!AuthSSL::getAuthSSL()->getCertDetails(id, authDetail)) {
#ifdef P3PEERS_DEBUG
std::cerr << "p3Peers::getPeerDetails() got no SSL details, is returning." << std::endl;
#endif
return false;
}
d.fpr = authDetail.fpr;
@ -486,56 +493,6 @@ std::string p3Peers::getPeerName(std::string id)
return AuthSSL::getAuthSSL()->getName(id);
}
bool p3Peers::getPGPFriendList(std::list<std::string> &ids)
{
#ifdef P3PEERS_DEBUG
std::cerr << "p3Peers::getPGPFriendList()";
std::cerr << std::endl;
#endif
std::list<std::string> certids;
std::list<std::string>::iterator it;
mConnMgr->getFriendList(certids);
/* get from mAuthMgr (first) */
for(it = certids.begin(); it != certids.end(); it++)
{
sslcert detail;
if (!AuthSSL::getAuthSSL()->getCertDetails(*it, detail))
{
continue;
}
#ifdef P3PEERS_DEBUG
std::cerr << "p3Peers::getPGPFriendList() Cert Id: " << *it;
std::cerr << " Issuer: " << detail.issuer;
std::cerr << std::endl;
#endif
#if 0
if (!mAuthMgr->isPGPvalid(detail.issuer))
{
continue;
}
#endif
if (ids.end() == std::find(ids.begin(),ids.end(),detail.issuer))
{
#ifdef P3PEERS_DEBUG
std::cerr << "p3Peers::getPGPFriendList() Adding Friend: ";
std::cerr << detail.issuer;
std::cerr << std::endl;
#endif
ids.push_back(detail.issuer);
}
}
return true;
}
bool p3Peers::getPGPAllList(std::list<std::string> &ids)
{
#ifdef P3PEERS_DEBUG
@ -579,11 +536,21 @@ bool p3Peers::getPGPAcceptedList(std::list<std::string> &ids)
std::cerr << std::endl;
#endif
/* get from mAuthMgr */
//TODO implement an additional list of GPG keys that are accepted even if not signed
AuthGPG::getAuthGPG()->getPGPSignedList(ids);
return true;
}
bool p3Peers::getSSLChildListOfGPGId(std::string gpg_id, std::list<std::string> &ids)
{
#ifdef P3PEERS_DEBUG
std::cerr << "p3Peers::getSSLChildListOfGPGId() for id : " << gpg_id;
std::cerr << std::endl;
#endif
return AuthSSL::getAuthSSL()->getSSLChildListOfGPGId(gpg_id, ids);;
}
bool p3Peers::getPGPDetails(std::string id, RsPeerDetails &d)
{
#ifdef P3PEERS_DEBUG

4
libretroshare/src/rsserver/p3peers.h
View file

@ -61,9 +61,7 @@ virtual bool getPGPSignedList(std::list<std::string> &ids);
virtual bool getPGPValidList(std::list<std::string> &ids);
virtual bool getPGPAllList(std::list<std::string> &ids);
virtual bool getPGPDetails(std::string id, RsPeerDetails &d);
virtual bool getPGPFriendList(std::list<std::string> &ids);
virtual bool getSSLChildListOfGPGId(std::string gpg_id, std::list<std::string> &ids);
/* Add/Remove Friends */
virtual bool addFriend(std::string id);

8
libretroshare/src/rsserver/rsinit.cc
View file

@ -765,7 +765,7 @@ static bool checkAccount(std::string accountdir, accountId &id)
/* Generating GPGme Account */
int RsInit::GetPGPLogins(std::list<std::string> &pgpIds) {
AuthGPG::getAuthGPG()->availablePGPCertificates(pgpIds);
AuthGPG::getAuthGPG()->availablePGPCertificatesWithPrivateKeys(pgpIds);
return 1;
}
@ -1886,6 +1886,12 @@ int RsServer::StartupRetroShare()
rsNotify = new p3Notify();
mConnMgr = new p3ConnectMgr();
//load all the SSL certs as friends
std::list<std::string> sslIds;
AuthSSL::getAuthSSL()->getAuthenticatedList(sslIds);
for (std::list<std::string>::iterator sslIdsIt = sslIds.begin(); sslIdsIt != sslIds.end(); sslIdsIt++) {
mConnMgr->addFriend(*sslIdsIt);
}
pqiNetAssistFirewall *mUpnpMgr = new upnphandler();
//p3DhtMgr *mDhtMgr = new OpenDHTMgr(ownId, mConnMgr, RsInitConfig::configDir);

1
libretroshare/src/services/p3disc.cc
View file

@ -729,7 +729,6 @@ void p3disc::recvPeerFriendMsg(RsDiscReply *item)
{
std::cerr << " Found a peer that trust me: " << peerId << " (" << rsPeers->getPeerName(peerId) << ")" << std::endl ;
flags |= RS_NET_FLAGS_TRUSTS_ME;
AuthSSL::getAuthSSL()->addTrustingPeer(peerId) ;
}
/* generate type */