mirror of
https://github.com/RetroShare/RetroShare.git
synced 2025-12-15 08:39:08 -05:00
working gui version for peers dialog
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@2013 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
joss17
parent
1ae1c9a98b
commit
bb45fa3db5
13 changed files with 239 additions and 319 deletions
|
|
@ -198,7 +198,7 @@ AuthGPG::AuthGPG()
|
|||
*
|
||||
* returns false if GnuPG is not available.
|
||||
*/
|
||||
bool AuthGPG::availablePGPCertificates(std::list<std::string> &ids)
|
||||
bool AuthGPG::availablePGPCertificatesWithPrivateKeys(std::list<std::string> &ids)
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
|
||||
|
|
@ -225,9 +225,9 @@ bool AuthGPG::availablePGPCertificates(std::list<std::string> &ids)
|
|||
/* Loop until end of key */
|
||||
for(i = 0;(GPG_ERR_NO_ERROR == (ERR = gpgme_op_keylist_next (CTX, &KEY))); i++)
|
||||
{
|
||||
if (KEY->subkeys)
|
||||
if (KEY->subkeys)
|
||||
{
|
||||
ids.push_back(KEY->subkeys->keyid);
|
||||
ids.push_back(KEY->subkeys->keyid);
|
||||
std::cerr << "AuthGPG::availablePGPCertificates() Added: "
|
||||
<< KEY->subkeys->keyid << std::endl;
|
||||
}
|
||||
|
|
@ -971,6 +971,14 @@ bool AuthGPG::encryptText(gpgme_data_t PLAIN, gpgme_data_t CIPHER) {
|
|||
return true;
|
||||
}
|
||||
|
||||
bool AuthGPG::getPGPAcceptedList(std::list<std::string> &ids)
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
//TODO : implement a list in config file of accepted GPG key to connect with
|
||||
|
||||
return getPGPSignedList(ids);
|
||||
}
|
||||
|
||||
bool AuthGPG::getPGPSignedList(std::list<std::string> &ids)
|
||||
{
|
||||
//RsStackMutex stack(pgpMtx); /******* LOCKED ******/
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ class AuthGPG
|
|||
AuthGPG();
|
||||
~AuthGPG();
|
||||
|
||||
bool availablePGPCertificates(std::list<std::string> &ids);
|
||||
bool availablePGPCertificatesWithPrivateKeys(std::list<std::string> &ids);
|
||||
|
||||
int GPGInit(std::string ownId);
|
||||
|
||||
|
|
@ -150,10 +150,11 @@ class AuthGPG
|
|||
|
||||
/* PGP web of trust management */
|
||||
GPG_id PGPOwnId();
|
||||
bool getPGPAllList(std::list<std::string> &ids);
|
||||
bool getPGPDetails(std::string id, RsPeerDetails &d);
|
||||
bool getPGPSignedList(std::list<std::string> &ids);
|
||||
bool getPGPAllList(std::list<std::string> &ids);
|
||||
bool getPGPValidList(std::list<std::string> &ids);
|
||||
bool getPGPAcceptedList(std::list<std::string> &ids);
|
||||
bool getPGPSignedList(std::list<std::string> &ids);
|
||||
bool isPGPValid(std::string id);
|
||||
bool isPGPSigned(std::string id);
|
||||
|
||||
|
|
|
|||
|
|
@ -604,16 +604,6 @@ int AuthSSL::setConfigDirectories(std::string configfile, std::string neighd
|
|||
return 1;
|
||||
}
|
||||
|
||||
/* no trust in SSL certs */
|
||||
bool AuthSSL::isTrustingMe(std::string id)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
void AuthSSL::addTrustingPeer(std::string id)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
std::string AuthSSL::OwnId()
|
||||
{
|
||||
#ifdef AUTHSSL_DEBUG
|
||||
|
|
@ -697,30 +687,30 @@ bool AuthSSL::getUnknownList(std::list<std::string> &ids)
|
|||
return true;
|
||||
}
|
||||
|
||||
/* silly question really - only valid certs get saved to map
|
||||
* so if in map its okay
|
||||
*/
|
||||
bool AuthSSL::isValid(std::string id)
|
||||
bool AuthSSL::getSSLChildListOfGPGId(std::string gpg_id, std::list<std::string> &ids)
|
||||
{
|
||||
#ifdef AUTHSSL_DEBUG
|
||||
std::cerr << "AuthSSL::isValid() " << id;
|
||||
std::cerr << std::endl;
|
||||
std::cerr << "AuthSSL::getChildListOfGPGId() called for gpg id : " << gpg_id << std::endl;
|
||||
#endif
|
||||
sslMtx.lock(); /***** LOCK *****/
|
||||
bool valid = false;
|
||||
sslMtx.lock(); /***** LOCK *****/
|
||||
|
||||
if (id == mOwnId)
|
||||
{
|
||||
valid = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
valid = (mCerts.end() != mCerts.find(id));
|
||||
}
|
||||
/* iterate through both lists */
|
||||
std::map<std::string, sslcert *>::iterator it;
|
||||
|
||||
sslMtx.unlock(); /**** UNLOCK ****/
|
||||
for(it = mCerts.begin(); it != mCerts.end(); it++)
|
||||
{
|
||||
#ifdef AUTHSSL_DEBUG
|
||||
std::cerr << "AuthSSL::getChildListOfGPGId() it->second->authed : " << it->second->authed << "; it->second->issuer : " << it->second->issuer << std::endl;
|
||||
#endif
|
||||
if (it->second->authed && it->second->issuer == gpg_id)
|
||||
{
|
||||
ids.push_back(it->first);
|
||||
}
|
||||
}
|
||||
|
||||
return valid;
|
||||
sslMtx.unlock(); /**** UNLOCK ****/
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool AuthSSL::isAuthenticated(std::string id)
|
||||
|
|
@ -1019,73 +1009,6 @@ bool AuthSSL::SaveCertificateToBinary(std::string id, uint8_t **ptr, uint32_t *
|
|||
return valid;
|
||||
}
|
||||
|
||||
|
||||
/* Signatures */
|
||||
/* NO Signatures in SSL Certificates */
|
||||
|
||||
bool AuthSSL::SignCertificate(std::string id)
|
||||
{
|
||||
#ifdef AUTHSSL_DEBUG
|
||||
std::cerr << "AuthSSL::SignCertificate() NULL " << id;
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
bool valid = false;
|
||||
return valid;
|
||||
}
|
||||
|
||||
bool AuthSSL::TrustCertificate(std::string id, bool totrust)
|
||||
{
|
||||
#ifdef AUTHSSL_DEBUG
|
||||
std::cerr << "AuthSSL::TrustCertificate() NULL " << id;
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
bool valid = false;
|
||||
return valid;
|
||||
}
|
||||
|
||||
bool AuthSSL::RevokeCertificate(std::string id)
|
||||
{
|
||||
#ifdef AUTHSSL_DEBUG
|
||||
std::cerr << "AuthSSL::RevokeCertificate() NULL " << id;
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
|
||||
sslMtx.lock(); /***** LOCK *****/
|
||||
sslMtx.unlock(); /**** UNLOCK ****/
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
bool AuthSSL::AuthCertificate(std::string id)
|
||||
{
|
||||
|
||||
#ifdef AUTHSSL_DEBUG
|
||||
std::cerr << "AuthSSL::AuthCertificate() " << id;
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
|
||||
sslMtx.lock(); /***** LOCK *****/
|
||||
|
||||
/* get the cert first */
|
||||
sslcert *cert = NULL;
|
||||
sslcert *own = mOwnCert;
|
||||
bool valid = false;
|
||||
|
||||
if (locked_FindCert(id, &cert))
|
||||
{
|
||||
/* ensuring this function can do nothing in PGP mode */
|
||||
#ifdef PQI_USE_SSLONLY
|
||||
cert->authed=true;
|
||||
mToSaveCerts = true;
|
||||
#endif
|
||||
}
|
||||
|
||||
sslMtx.unlock(); /**** UNLOCK ****/
|
||||
return valid;
|
||||
}
|
||||
|
||||
|
||||
/* Sign / Encrypt / Verify Data (TODO) */
|
||||
|
||||
bool AuthSSL::SignData(std::string input, std::string &sign)
|
||||
|
|
@ -1577,13 +1500,7 @@ bool AuthSSL::ProcessX509(X509 *x509, std::string &id)
|
|||
{
|
||||
#ifdef AUTHSSL_DEBUG
|
||||
std::cerr << "AuthSSL::ProcessX509() ValidateCertificate FAILED";
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
|
||||
#ifdef PQI_USE_SSLONLY
|
||||
/* bad ( or unknown pgp issuer ) certificate */
|
||||
X509_free(x509);
|
||||
return false;
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
}
|
||||
|
||||
|
|
@ -1681,7 +1598,7 @@ bool AuthSSL::ProcessX509(X509 *x509, std::string &id)
|
|||
|
||||
sslMtx.lock(); /***** LOCK *****/
|
||||
|
||||
mCerts[xid] = cert;
|
||||
mCerts[xid] = cert;
|
||||
|
||||
/* resave if new certificate */
|
||||
mToSaveCerts = true;
|
||||
|
|
@ -1707,8 +1624,7 @@ bool AuthSSL::ProcessX509(X509 *x509, std::string &id)
|
|||
}
|
||||
|
||||
|
||||
bool getX509id(X509 *x509, std::string &xid)
|
||||
{
|
||||
bool getX509id(X509 *x509, std::string &xid) {
|
||||
#ifdef AUTHSSL_DEBUG
|
||||
std::cerr << "AuthSSL::getX509id()";
|
||||
std::cerr << std::endl;
|
||||
|
|
@ -1986,8 +1902,6 @@ bool AuthSSL::AuthX509(X509 *x509)
|
|||
int sigoutl=0,sigoutll=0;
|
||||
X509_ALGOR *a;
|
||||
|
||||
fprintf(stderr, "AuthSSL::AuthX509()\n");
|
||||
|
||||
EVP_MD_CTX_init(&ctx);
|
||||
|
||||
/* input buffer */
|
||||
|
|
@ -2038,6 +1952,8 @@ bool AuthSSL::AuthX509(X509 *x509)
|
|||
sigoutl = 0;
|
||||
goto err;
|
||||
}
|
||||
//TODO implement a way to check that the sign KEY is the same as the issuer id in the ssl cert
|
||||
|
||||
std::cerr << "AuthSSL::AuthX509() X509 authenticated" << std::endl;
|
||||
return true;
|
||||
|
||||
|
|
@ -2049,22 +1965,20 @@ bool AuthSSL::AuthX509(X509 *x509)
|
|||
bool AuthSSL::ValidateCertificate(X509 *x509, std::string &peerId)
|
||||
{
|
||||
/* check self signed */
|
||||
#warning "ValidateCertificate Not Finished"
|
||||
|
||||
#if 0
|
||||
if (!X509_check_valid_certificate(x509))
|
||||
{
|
||||
/* bad certificate */
|
||||
return false;
|
||||
}
|
||||
if (!AuthX509(x509) || !getX509id(x509, peerId)) {
|
||||
#ifdef AUTHSSL_DEBUG
|
||||
std::cerr << "AuthSSL::ValidateCertificate() bad certificate.";
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
return false;
|
||||
}
|
||||
|
||||
#ifdef AUTHSSL_DEBUG
|
||||
std::cerr << "AuthSSL::ValidateCertificate() Not Finished!";
|
||||
std::cerr << "AuthSSL::ValidateCertificate() good certificate.";
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
|
||||
return getX509id(x509, peerId);
|
||||
return true;
|
||||
}
|
||||
|
||||
/* store for discovery */
|
||||
|
|
@ -2136,8 +2050,6 @@ bool AuthSSL::CheckCertificate(std::string x509Id, X509 *x509)
|
|||
}
|
||||
|
||||
|
||||
|
||||
|
||||
/********************************************************************************/
|
||||
/********************************************************************************/
|
||||
/********************************************************************************/
|
||||
|
|
|
|||
|
|
@ -101,26 +101,19 @@ virtual int setConfigDirectories(std::string confFile, std::string neighDir)
|
|||
/*********** Overloaded Functions from p3AuthMgr **********/
|
||||
|
||||
/* get Certificate Ids */
|
||||
|
||||
virtual std::string OwnId();
|
||||
virtual bool getAllList(std::list<std::string> &ids);
|
||||
virtual bool getAuthenticatedList(std::list<std::string> &ids);
|
||||
virtual bool getUnknownList(std::list<std::string> &ids);
|
||||
|
||||
virtual bool getSSLChildListOfGPGId(std::string gpg_id, std::list<std::string> &ids);
|
||||
|
||||
/* get Details from the Certificates */
|
||||
|
||||
virtual bool isValid(std::string id);
|
||||
virtual bool isAuthenticated(std::string id);
|
||||
virtual std::string getName(std::string id);
|
||||
virtual std::string getIssuerName(std::string id);
|
||||
virtual std::string getGPGId(SSL_id id);
|
||||
virtual bool getCertDetails(std::string id, sslcert &cert);
|
||||
|
||||
/* first party trust info (dummy) */
|
||||
virtual bool isTrustingMe(std::string id) ;
|
||||
virtual void addTrustingPeer(std::string id) ;
|
||||
|
||||
|
||||
/* High Level Load/Save Configuration */
|
||||
virtual bool FinalSaveCertificates();
|
||||
virtual bool CheckSaveCertificates();
|
||||
|
|
@ -132,19 +125,11 @@ virtual bool LoadCertificateFromString(std::string pem, std::string &id);
|
|||
virtual std::string SaveCertificateToString(std::string id);
|
||||
virtual bool LoadCertificateFromFile(std::string filename, std::string &id);
|
||||
virtual bool SaveCertificateToFile(std::string id, std::string filename);
|
||||
bool ProcessX509(X509 *x509, std::string &id);
|
||||
|
||||
virtual bool LoadCertificateFromBinary(const uint8_t *ptr, uint32_t len, std::string &id);
|
||||
virtual bool SaveCertificateToBinary(std::string id, uint8_t **ptr, uint32_t *len);
|
||||
|
||||
/* Signatures */
|
||||
|
||||
virtual bool AuthCertificate(std::string uid);
|
||||
|
||||
/* These are dummy functions */
|
||||
virtual bool SignCertificate(std::string id);
|
||||
virtual bool RevokeCertificate(std::string id);
|
||||
virtual bool TrustCertificate(std::string id, bool trust);
|
||||
|
||||
/* Sign / Encrypt / Verify Data (TODO) */
|
||||
virtual bool SignData(std::string input, std::string &sign);
|
||||
virtual bool SignData(const void *data, const uint32_t len, std::string &sign);
|
||||
|
|
@ -153,10 +138,10 @@ virtual bool SignDataBin(const void*, uint32_t, unsigned char*, unsigned int*
|
|||
virtual bool VerifySignBin(std::string, const void*, uint32_t, unsigned char*, unsigned int);
|
||||
|
||||
// return : false if encrypt failed
|
||||
bool encrypt(void *&out, int &outlen, const void *in, int inlen, std::string peerId); //return the encrypted length
|
||||
bool encrypt(void *&out, int &outlen, const void *in, int inlen, std::string peerId);
|
||||
|
||||
// return : false if decrypt fails
|
||||
bool decrypt(void *&out, int &outlen, const void *in, int inlen); //return the encrypted length
|
||||
bool decrypt(void *&out, int &outlen, const void *in, int inlen);
|
||||
|
||||
|
||||
/*********** Overloaded Functions from p3AuthMgr **********/
|
||||
|
|
@ -191,8 +176,6 @@ bool loadCertificates(bool &oldFormat, std::map<std::string, std::string> &key
|
|||
static AuthSSL *instance_ssl;
|
||||
|
||||
/* Helper Functions */
|
||||
bool ProcessX509(X509 *x509, std::string &id);
|
||||
|
||||
X509 * loadX509FromPEM(std::string pem);
|
||||
X509 * loadX509FromFile(std::string fname, std::string hash);
|
||||
bool saveX509ToFile(X509 *x509, std::string fname, std::string &hash);
|
||||
|
|
|
|||
|
|
@ -2170,7 +2170,7 @@ bool p3ConnectMgr::addNeighbour(std::string id)
|
|||
}
|
||||
|
||||
/* check with the AuthMgr if its valid */
|
||||
if (!AuthSSL::getAuthSSL()->isValid(id))
|
||||
if (!AuthSSL::getAuthSSL()->isAuthenticated(id))
|
||||
{
|
||||
/* no auth */
|
||||
return false;
|
||||
|
|
@ -2912,7 +2912,7 @@ bool p3ConnectMgr::loadList(std::list<RsItem *> load)
|
|||
std::cerr << std::endl;
|
||||
#endif
|
||||
/* add ownConfig */
|
||||
setOwnNetConfig(pitem->netMode, pitem->visState);
|
||||
setOwnNetConfig(pitem->netMode, pitem->visState);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue