Merging branches/v0.6-initdev into trunk.

These split at 6672 -> 7075, so quite a bit merge.
libretroshare compiles - but untested.
retroshare-gui needs GenCertDialog.ui and IdEditDialog.ui to be properly merged. (compile errors).
some plugins will be broken.
retroshare-nogui is untested.



git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@7078 b45a01b8-16f6-495d-af2f-9b41ad6348cc

libretroshare/src/util/dnsresolver.cc

@@ -1,6 +1,8 @@
 #include "dnsresolver.h"
 
 #include "pqi/pqinetwork.h"
+#include "util/rsnet.h"
+
 
 #ifndef WIN32
 #include <netdb.h>
@@ -65,13 +67,19 @@ void *solveDNSEntries(void *p)
 			{
 				RsStackMutex mut(dnsr->_rdnsMtx) ;
 
+				DNSResolver::AddrInfo &info = (*dnsr->_addr_map)[next_call];
+
 				if(pHost) 
 				{
-					(*dnsr->_addr_map)[next_call].state = DNSResolver::DNS_HAVE ;
-					(*dnsr->_addr_map)[next_call].addr.s_addr  = *(unsigned long*) (pHost->h_addr);
+					info.state = DNSResolver::DNS_HAVE ;
+					// IPv4 for the moment.
+					struct sockaddr_in *addrv4p = (struct sockaddr_in *) &(info.addr);
+					addrv4p->sin_family = AF_INET;
+					addrv4p->sin_addr.s_addr  = *(unsigned long*) (pHost->h_addr);
+					addrv4p->sin_port = htons(0);
 				}
 				else
-					(*dnsr->_addr_map)[next_call].state = DNSResolver::DNS_LOOKUP_ERROR ;
+					info.state = DNSResolver::DNS_LOOKUP_ERROR ;
 			}
 		}
 	}
@@ -104,9 +112,9 @@ void DNSResolver::reset()
 	_addr_map->clear();
 }
 
-bool DNSResolver::getIPAddressFromString(const std::string& server_name,struct in_addr& addr) 
+bool DNSResolver::getIPAddressFromString(const std::string& server_name,struct sockaddr_storage &addr) 
 {
-	addr.s_addr = 0 ;
+	sockaddr_storage_clear(addr);
 	bool running = false;
 	{
 		RsStackMutex mut(_rdnsMtx) ;

libretroshare/src/util/dnsresolver.h

@@ -18,7 +18,7 @@ class DNSResolver
 		DNSResolver() ;
 		~DNSResolver() ;
 
-		bool getIPAddressFromString(const std::string& server_name,struct in_addr& addr) ;
+		bool getIPAddressFromString(const std::string& server_name,struct sockaddr_storage &addr) ;
 
 		void start_request() ;
 		void reset() ;
@@ -30,7 +30,7 @@ class DNSResolver
 		{
 			uint32_t state ; 				// state: Looked-up, not found, have
 			time_t last_lookup_time ;	// last lookup time
-			struct in_addr addr ;
+			struct sockaddr_storage addr ;
 		};
 		friend void *solveDNSEntries(void *p) ;
 

libretroshare/src/util/extaddrfinder.cc

@@ -151,11 +151,11 @@ void* doExtAddrSearch(void *p)
 		// thread safe copy results.
 		//
 		{
-			RsStackMutex mtx(af->_addrMtx) ;
+			RsStackMutex mtx(af->mAddrMtx) ;
 
-			*(af->_found) = false ;
-			*(af->mFoundTS) = time(NULL) ;
-			*(af->_searching) = false ;
+			af->mFound = false ;
+			af->mFoundTS = time(NULL) ;
+			af->mSearching = false ;
 		}
 		pthread_exit(NULL);
 		return NULL ;
@@ -164,24 +164,25 @@ void* doExtAddrSearch(void *p)
 	sort(res.begin(),res.end()) ; // eliminates outliers.
 
 
-	if(!inet_aton(res[res.size()/2].c_str(),af->_addr))
+
+	if(!sockaddr_storage_ipv4_aton(af->mAddr, res[res.size()/2].c_str()))
 	{
 		std::cerr << "ExtAddrFinder: Could not convert " << res[res.size()/2] << " into an address." << std::endl ;
 		{
-			RsStackMutex mtx(af->_addrMtx) ;
-			*(af->_found) = false ;
-			*(af->mFoundTS) = time(NULL) ;
-			*(af->_searching) = false ;
+			RsStackMutex mtx(af->mAddrMtx) ;
+			af->mFound = false ;
+			af->mFoundTS = time(NULL) ;
+			af->mSearching = false ;
 		}
 		pthread_exit(NULL);
 		return NULL ;
 	}
 
 	{
-		RsStackMutex mtx(af->_addrMtx) ;
-		*(af->_found) = true ;
-		*(af->mFoundTS) = time(NULL) ;
-		*(af->_searching) = false ;
+		RsStackMutex mtx(af->mAddrMtx) ;
+		af->mFound = true ;
+		af->mFoundTS = time(NULL) ;
+		af->mSearching = false ;
 	}
 
 	pthread_exit(NULL);
@@ -197,44 +198,44 @@ void ExtAddrFinder::start_request()
 	pthread_detach(tid); /* so memory is reclaimed in linux */
 }
 
-bool ExtAddrFinder::hasValidIP(struct in_addr *addr)
+bool ExtAddrFinder::hasValidIP(struct sockaddr_storage &addr)
 {
 #ifdef EXTADDRSEARCH_DEBUG
 	std::cerr << "ExtAddrFinder: Getting ip." << std::endl ;
 #endif
 
 	{
-		RsStackMutex mut(_addrMtx) ;
-		if(*_found)
+		RsStackMutex mut(mAddrMtx) ;
+		if(mFound)
 		{
 #ifdef EXTADDRSEARCH_DEBUG
 			std::cerr << "ExtAddrFinder: Has stored ip: responding with this ip." << std::endl ;
 #endif
-			*addr = *_addr;
+			addr = mAddr;
 		}
 	}
 	time_t delta;
 	{
-		RsStackMutex mut(_addrMtx) ;
+		RsStackMutex mut(mAddrMtx) ;
 		//timeout the current ip
-		delta = time(NULL) - *mFoundTS;
+		delta = time(NULL) - mFoundTS;
 	}
 	if((uint32_t)delta > MAX_IP_STORE) {//launch a research
-		if( _addrMtx.trylock())
+		if( mAddrMtx.trylock())
 		{
-			if(!*_searching)
+			if(!mSearching)
 			{
 #ifdef EXTADDRSEARCH_DEBUG
 				std::cerr << "ExtAddrFinder: No stored ip: Initiating new search." << std::endl ;
 #endif
-				*_searching = true ;
+				mSearching = true ;
 				start_request() ;
 			}
 #ifdef EXTADDRSEARCH_DEBUG
 			else
 				std::cerr << "ExtAddrFinder: Already searching." << std::endl ;
 #endif
-			_addrMtx.unlock();
+			mAddrMtx.unlock();
 		}
 #ifdef EXTADDRSEARCH_DEBUG
 		else
@@ -242,24 +243,17 @@ bool ExtAddrFinder::hasValidIP(struct in_addr *addr)
 #endif
 	}
 
-	RsStackMutex mut(_addrMtx) ;
-	return *_found ;
+	RsStackMutex mut(mAddrMtx) ;
+	return mFound ;
 }
 
 void ExtAddrFinder::reset()
 {
-//	while(*_searching) 
-//#ifdef WIN32
-//		Sleep(1000) ;
-//#else
-//		sleep(1) ;
-//#endif
+	RsStackMutex mut(mAddrMtx) ;
 
-	RsStackMutex mut(_addrMtx) ;
-
-	*_found = false ;
-	*_searching = false ;
-	*mFoundTS = time(NULL) - MAX_IP_STORE;
+	mFound = false ;
+	mSearching = false ;
+	mFoundTS = time(NULL) - MAX_IP_STORE;
 }
 
 ExtAddrFinder::~ExtAddrFinder()
@@ -267,37 +261,20 @@ ExtAddrFinder::~ExtAddrFinder()
 #ifdef EXTADDRSEARCH_DEBUG
 	std::cerr << "ExtAddrFinder: Deleting ExtAddrFinder." << std::endl ;
 #endif
-//	while(*_searching) 
-//#ifdef WIN32
-//		Sleep(1000) ;
-//#else
-//		sleep(1) ;
-//#endif
 
-	RsStackMutex mut(_addrMtx) ;
-
-	delete _found ;
-	delete _searching ;
-	free (_addr) ;
 }
 
-ExtAddrFinder::ExtAddrFinder() : _addrMtx("ExtAddrFinder")
+ExtAddrFinder::ExtAddrFinder() : mAddrMtx("ExtAddrFinder")
 {
 #ifdef EXTADDRSEARCH_DEBUG
 	std::cerr << "ExtAddrFinder: Creating new ExtAddrFinder." << std::endl ;
 #endif
-	RsStackMutex mut(_addrMtx) ;
+	RsStackMutex mut(mAddrMtx) ;
 
-	_found = new bool ;
-	*_found = false ;
-
-	_searching = new bool ;
-	*_searching = false ;
-
-	mFoundTS = new time_t;
-	*mFoundTS = time(NULL) - MAX_IP_STORE;
-
-	_addr = (in_addr*)malloc(sizeof(in_addr)) ;
+	mFound = false;
+	mSearching = false;
+	mFoundTS = time(NULL) - MAX_IP_STORE;
+	sockaddr_storage_clear(mAddr);
 
 	_ip_servers.push_back(std::string( "checkip.dyndns.org" )) ;
 	_ip_servers.push_back(std::string( "www.myip.dk"   )) ;

libretroshare/src/util/extaddrfinder.h

@@ -3,6 +3,7 @@
 #include <list>
 #include <string>
 #include "util/rsthreads.h"
+#include "util/rsnet.h"
 
 struct sockaddr ;
 
@@ -12,7 +13,7 @@ class ExtAddrFinder
 		ExtAddrFinder() ;
 		~ExtAddrFinder() ;
 
-		bool hasValidIP(struct in_addr *addr) ;
+		bool hasValidIP(struct sockaddr_storage &addr) ;
 		void getIPServersList(std::list<std::string>& ip_servers) { ip_servers = _ip_servers ; }
 
 		void start_request() ;
@@ -22,10 +23,10 @@ class ExtAddrFinder
 	private:
 		friend void* doExtAddrSearch(void *p) ;
 
-		time_t   *mFoundTS;
-		RsMutex _addrMtx ;
-		struct in_addr *_addr ;
-		bool *_found ;
-		bool *_searching ;
+		RsMutex mAddrMtx ;
+		time_t   mFoundTS;
+		struct sockaddr_storage mAddr;
+		bool mFound ;
+		bool mSearching ;
 		std::list<std::string> _ip_servers ;
 };

libretroshare/src/util/rscompress.cc

@@ -0,0 +1,190 @@
+/*
+ * libretroshare/src/utils: rscompress.cc
+ *
+ * Basic memory chunk compression, based on openpgp-sdk
+ *
+ * Copyright 2013 by Cyril Soler
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Library General Public
+ * License Version 2 as published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ * USA.
+ *
+ * Please report all bugs and problems to "csoler@users.sourceforge.net".
+ *
+ */
+
+#include <stdint.h>
+#include <algorithm>
+#include <iostream>
+#include <string.h>
+#include <assert.h>
+#include "rscompress.h"
+#include "zlib.h"
+
+// 16K buffer size. 
+//
+static const unsigned int CHUNK = 16384u ;
+
+bool RsCompress::compress_memory_chunk(const uint8_t *input_mem,const uint32_t input_size,uint8_t *& output_mem,uint32_t& output_size) 
+{
+
+	uint32_t remaining_input = input_size ;
+	uint32_t output_offset = 0 ;
+	uint32_t input_offset = 0 ;
+	output_size = 1024 ;
+	output_mem = (uint8_t*)malloc(output_size) ;
+
+	int ret, flush;
+	unsigned have;
+	int level = 9 ;
+	z_stream strm;
+	unsigned char in[CHUNK];
+	unsigned char out[CHUNK];
+	/* allocate deflate state */
+	strm.zalloc = Z_NULL;
+	strm.zfree = Z_NULL;
+	strm.opaque = Z_NULL;
+
+	ret = deflateInit(&strm, level);
+	if (ret != Z_OK)
+		return false;
+
+	/* compress until end of file */
+	do 
+	{
+		uint32_t available_in = std::min(CHUNK,remaining_input) ;
+		memcpy(in,input_mem+input_offset,available_in) ;
+		strm.avail_in = available_in ;
+		remaining_input -= available_in ;
+		input_offset += available_in ;
+
+		flush = /*feof(source)*/ remaining_input ? Z_NO_FLUSH: Z_FINISH ;
+		strm.next_in = in;
+
+		/* run deflate() on input until output buffer not full, finish
+			compression if all of source has been read in */
+		do 
+		{
+			strm.avail_out = CHUNK;
+			strm.next_out = out;
+			ret = deflate(&strm, flush);    /* no bad return value */
+			assert(ret != Z_STREAM_ERROR);  /* state not clobbered */
+			have = CHUNK - strm.avail_out;
+
+			if(output_size < have+output_offset)
+			{
+				//std::cerr << "Growing outputbuffer from " << output_size << " to " << have+output_offset << std::endl;
+				output_mem = (uint8_t*)realloc(output_mem,have+output_offset) ;
+				output_size = have+output_offset ;
+			}
+			
+			memcpy(output_mem+output_offset,out,have) ;
+			output_offset += have ;
+			
+			//std::cerr << "Copying " << have << " bytes to output. New offset=" << output_offset << std::endl;
+		} while (strm.avail_out == 0);
+		assert(strm.avail_in == 0);     /* all input will be used */
+
+		/* done when last data in file processed */
+	} while (flush != Z_FINISH);
+	assert(ret == Z_STREAM_END);        /* stream will be complete */
+
+	/* clean up and return */
+	(void)deflateEnd(&strm);
+
+	output_size = output_offset ;
+
+	return true ;
+}
+
+bool RsCompress::uncompress_memory_chunk(const uint8_t *input_mem,const uint32_t input_size,uint8_t *& output_mem,uint32_t& output_size) 
+{
+	uint32_t remaining_input = input_size ;
+	output_size = input_size ;
+	uint32_t output_offset = 0 ;
+	uint32_t input_offset = 0 ;
+	output_mem = (uint8_t*)malloc(output_size) ;
+
+	int ret;
+	unsigned have;
+	z_stream strm;
+	unsigned char in[CHUNK];
+	unsigned char out[CHUNK];
+
+	/* allocate inflate state */
+	strm.zalloc = Z_NULL;
+	strm.zfree = Z_NULL;
+	strm.opaque = Z_NULL;
+	strm.avail_in = 0;
+	strm.next_in = Z_NULL;
+	ret = inflateInit(&strm);
+	if (ret != Z_OK)
+		return ret;
+
+	/* decompress until deflate stream ends or end of file */
+	do 
+	{
+		uint32_t available_in = std::min(CHUNK,remaining_input) ;
+		memcpy(in,input_mem,available_in) ;
+		strm.avail_in = available_in ;
+		remaining_input -= available_in ;
+		input_offset += available_in ;
+		
+		if (strm.avail_in == 0)
+			break;
+
+		strm.next_in = in;
+		/* run inflate() on input until output buffer not full */
+		do {
+			strm.avail_out = CHUNK;
+			strm.next_out = out;
+
+			ret = inflate(&strm, Z_NO_FLUSH);
+			assert(ret != Z_STREAM_ERROR);  /* state not clobbered */
+			switch (ret) {
+				case Z_NEED_DICT:
+					ret = Z_DATA_ERROR;     /* and fall through */
+				case Z_DATA_ERROR:
+				case Z_MEM_ERROR:
+					(void)inflateEnd(&strm);
+					return ret;
+			}
+
+
+			have = CHUNK - strm.avail_out;
+
+			if(output_size < have+output_offset)
+			{
+				output_mem = (uint8_t*)realloc(output_mem,have+output_offset) ;
+				output_size = have+output_offset ;
+			}
+			
+			memcpy(output_mem+output_offset,out,have) ;
+			output_offset += have ;
+
+		} while (strm.avail_out == 0);
+		/* done when inflate() says it's done */
+	} while (ret != Z_STREAM_END);
+
+	/* clean up and return */
+	(void)inflateEnd(&strm);
+
+	output_size = output_offset ;
+	return ret == Z_STREAM_END ;
+}
+
+
+
+
+
+

libretroshare/src/util/rscompress.h

@@ -0,0 +1,34 @@
+/*
+ * libretroshare/src/utils: rscompress.h
+ *
+ * Basic memory chunk compression, based on openpgp-sdk
+ *
+ * Copyright 2013 by Cyril Soler
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Library General Public
+ * License Version 2 as published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ * USA.
+ *
+ * Please report all bugs and problems to "csoler@users.sourceforge.net".
+ *
+ */
+
+#pragma once 
+
+class RsCompress
+{
+	public:
+		static bool compress_memory_chunk(const uint8_t *input_mem,const uint32_t input_size,uint8_t *& output_mem,uint32_t& output_size) ;
+		static bool uncompress_memory_chunk(const uint8_t *input_mem,const uint32_t input_size,uint8_t *& output_mem,uint32_t& output_size) ;
+};
+

libretroshare/src/util/rsdiscspace.cc

@@ -29,7 +29,7 @@
 #include "rsserver/p3face.h"
 #include "retroshare/rsfiles.h"
 #include "retroshare/rsiface.h"
-#include "retroshare/rsinit.h"
+#include "rsserver/rsaccounts.h"
 #include "rsdiscspace.h"
 #include <util/rsthreads.h>
 #ifndef WIN32
@@ -161,13 +161,13 @@ bool RsDiscSpace::checkForDiscSpace(RsDiscSpace::DiscLocation loc)
 #endif
 													break ;
 
-			case RS_CONFIG_DIRECTORY: 		rs = crossSystemDiskStats(RsInit::RsConfigDirectory().c_str(),free_blocks,block_size) ;
+			case RS_CONFIG_DIRECTORY: 		rs = crossSystemDiskStats(rsAccounts.PathAccountDirectory().c_str(),free_blocks,block_size) ;
 #ifdef DEBUG_RSDISCSPACE
 													std::cerr << "  path = " << RsInit::RsConfigDirectory() << std::endl ;
 #endif
 													break ;
 
-			case RS_PGP_DIRECTORY: 		   rs = crossSystemDiskStats(RsInit::RsPGPDirectory().c_str(),free_blocks,block_size) ;
+			case RS_PGP_DIRECTORY: 		   rs = crossSystemDiskStats(rsAccounts.PathPGPDirectory().c_str(),free_blocks,block_size) ;
 #ifdef DEBUG_RSDISCSPACE
 													std::cerr << "  path = " << RsInit::RsPGPDirectory() << std::endl ;
 #endif

libretroshare/src/util/rsmemcache.h

@@ -65,6 +65,7 @@ template<class Key, class Value> class RsMemCache
 	bool fetch(const Key &key, Value &data);
 	Value &ref(const Key &key);	// like map[] installs empty one if non-existent.
 	bool store(const Key &key, const Value &data);
+	bool erase(const Key &key); // clean up cache.
 
 	bool resize(); // should be called periodically to cleanup old entries.
 
@@ -169,6 +170,48 @@ template<class Key, class Value> bool RsMemCache<Key, Value>::fetch(const Key &k
 }
 
 
+template<class Key, class Value> bool RsMemCache<Key, Value>::erase(const Key &key)
+{
+#ifdef DEBUG_RSMEMCACHE
+	std::cerr << "RsMemCache::erase()";
+	std::cerr << std::endl;
+	printStats(std::cerr);
+#endif // DEBUG_RSMEMCACHE
+
+	typename std::map<Key, cache_data>::iterator it;
+	it = mDataMap.find(key);
+	if (it == mDataMap.end())
+	{
+#ifdef DEBUG_RSMEMCACHE
+		std::cerr << "RsMemCache::erase(" << key << ") false";
+		std::cerr << std::endl;
+#endif // DEBUG_RSMEMCACHE
+
+		mStats_accessmiss++;
+		return false;
+	}
+	
+#ifdef DEBUG_RSMEMCACHE
+	std::cerr << "RsMemCache::erase(" << key << ") OK";
+	std::cerr << std::endl;
+#endif // DEBUG_RSMEMCACHE
+
+
+	/* get timestamps */
+        time_t old_ts = it->second.ts;
+        time_t new_ts = 0;
+
+	// remove from lru.
+	mDataMap.erase(it);
+        update_lrumap(key, old_ts, new_ts);
+	mDataCount--;
+
+	mStats_access++;
+	return true;
+}
+
+
+
 template<class Key, class Value> Value &RsMemCache<Key, Value>::ref(const Key &key)
 {
 #ifdef DEBUG_RSMEMCACHE
@@ -320,6 +363,12 @@ template<class Key, class Value> bool RsMemCache<Key, Value>::resize()
 			// ERROR.
 			std::cerr << "RsMemCache::resize() CONSISTENCY ERROR";
 			std::cerr << std::endl;
+			std::cerr << "\tmDataMap.size() = " << mDataMap.size();
+			std::cerr << std::endl;
+			std::cerr << "\tmLruMap.size() = " << mLruMap.size();
+			std::cerr << std::endl;
+			std::cerr << "\tmDataCount = " << mDataCount;
+			std::cerr << std::endl;
 		}
 	
 		if (mDataCount > mMaxSize)

libretroshare/src/util/rsnet.h

@@ -44,15 +44,14 @@
 
 #else
 
-
-#include <winsock2.h>
-
-#include <stdio.h> /* for ssize_t */
-//typedef uint32_t socklen_t;
+#include <ws2tcpip.h>
 typedef uint32_t in_addr_t;
 
 int inet_aton(const char *name, struct in_addr *addr);
 
+// Missing defines in MinGW
+#define MSG_WAITALL  8
+
 #endif
 /********************************** WINDOWS/UNIX SPECIFIC PART ******************/
 
@@ -75,4 +74,54 @@ std::ostream& operator<<(std::ostream& o,const struct sockaddr_in&) ;
 std::string rs_inet_ntoa(struct in_addr in);
 
 
+/***************************/
+// sockaddr_storage fns.
+
+// Standard bind, on OSX anyway will not accept a longer socklen for IPv4.
+// so hidding details behind function.
+int     universal_bind(int fd, const struct sockaddr *addr, socklen_t socklen);
+
+void sockaddr_storage_clear(struct sockaddr_storage &addr);
+
+// mods.
+bool sockaddr_storage_zeroip(struct sockaddr_storage &addr);
+bool sockaddr_storage_copyip(struct sockaddr_storage &dst, const struct sockaddr_storage &src);
+uint16_t sockaddr_storage_port(const struct sockaddr_storage &addr);
+bool sockaddr_storage_setport(struct sockaddr_storage &addr, uint16_t port);
+
+bool sockaddr_storage_setipv4(struct sockaddr_storage &addr, const sockaddr_in *addr_ipv4);
+bool sockaddr_storage_setipv6(struct sockaddr_storage &addr, const sockaddr_in6 *addr_ipv6);
+
+bool sockaddr_storage_ipv4_aton(struct sockaddr_storage &addr, const char *name);
+bool sockaddr_storage_ipv4_setport(struct sockaddr_storage &addr, const uint16_t port);
+
+
+// comparisons.
+bool operator<(const struct sockaddr_storage &a, const struct sockaddr_storage &b);
+
+bool sockaddr_storage_same(const struct sockaddr_storage &addr, const struct sockaddr_storage &addr2);
+bool sockaddr_storage_samefamily(const struct sockaddr_storage &addr, const struct sockaddr_storage &addr2);
+bool sockaddr_storage_sameip(const struct sockaddr_storage &addr, const struct sockaddr_storage &addr2);
+bool sockaddr_storage_samenet(const struct sockaddr_storage &addr, const struct sockaddr_storage &addr2);
+bool sockaddr_storage_samesubnet(const struct sockaddr_storage &addr, const struct sockaddr_storage &addr2);
+
+// string,
+std::string sockaddr_storage_tostring(const struct sockaddr_storage &addr);
+std::string sockaddr_storage_familytostring(const struct sockaddr_storage &addr);
+std::string sockaddr_storage_iptostring(const struct sockaddr_storage &addr);
+std::string sockaddr_storage_porttostring(const struct sockaddr_storage &addr);
+
+// output
+//void sockaddr_storage_output(const struct sockaddr_storage &addr, std::ostream &out);
+//void sockaddr_storage_ipoutput(const struct sockaddr_storage &addr, std::ostream &out);
+
+// net checks.
+bool sockaddr_storage_isnull(const struct sockaddr_storage &addr);
+bool sockaddr_storage_isValidNet(const struct sockaddr_storage &addr);
+bool sockaddr_storage_isLoopbackNet(const struct sockaddr_storage &addr);
+bool sockaddr_storage_isPrivateNet(const struct sockaddr_storage &addr);
+bool sockaddr_storage_isExternalNet(const struct sockaddr_storage &addr);
+
+
+
 #endif /* RS_UNIVERSAL_NETWORK_HEADER */

libretroshare/src/util/rsrecogn.cc

@@ -0,0 +1,644 @@
+/*
+ * libretroshare/src/util: rsrecogn.cc
+ *
+ * RetroShare Utilities
+ *
+ * Copyright 2013 by Robert Fernie.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Library General Public
+ * License Version 2.1 as published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ * USA.
+ *
+ * Please report all bugs and problems to "retroshare@lunamutt.com".
+ *
+ */
+
+#ifdef WINDOWS_SYS
+#include "util/rswin.h"
+#endif // WINDOWS_SYS
+
+#include <openssl/ssl.h>
+#include <openssl/evp.h>
+
+#include "pqi/pqi_base.h"
+
+#include "util/rsrecogn.h"
+#include "util/radix64.h"
+#include "util/rsstring.h"
+
+#include "gxs/gxssecurity.h"
+
+/***
+ * #define DEBUG_RECOGN	1
+ ***/
+
+#define DEBUG_RECOGN	1
+
+static std::string RecognKey = "MIICCgKCAgEA4/i2fy+zR27/H8fzphM8mR/Nz+yXjMJTtqKlCvEMQlyk7lKzDbKifNjGSiAXjSv3b9TRgMtje7hfEhs3//Oeu4KsCf6sz17aj2StBF579IdJTSUPDwq6jCsZ6NDEYpG8xz3FVV+Ac8q5Vpr/+jdg23ta09zq4aV8VIdIsroVOmZQqjwPcmQK57iWHd538i/XBtc2rnzbYq5bprnmtAKdx55gXVXDfALa0s6yR0HYvCaWguMEJhMIKWfi/9PEgLgwF9OmRwywc2TU/EdvYJo8fYHLfGk0PnYBuL1oSnn3cwAAef02W2JyCzQ84g30tLSUk+hC1LLi+iYj3x7IRR4q7Rlf/FYv/Q5fvjRtPT9eqM6fKyJ9ZO4NjlrSPFGydNbgABzP6WMhBzFjUkEKS27bGmr8Qxdj3Zp0TvR2IkyM6oM+6YknuM4RndUEgC1ZxtoIhugMjm6HdMQmoaHNK3kXewgQB90HHqzKA/J1gok3NcqL8Yls5g0LHepVHsU4cuaIqQr5yr665ZTLU2oqn1HIdkgydBYYUt6G3eWJKXYRbDhWPthGo/HK+W+iw6cTGWxzlCZS40EU9efxz4mDuhow67jOe704lBP3kiYXu05Y5uspaYnuvrvIwaRWBYapyR9UmKktnY8xJYrZvrcZgCovAbiodTzWeYg37xjFfGgYNI8CAwEAAQ==";
+
+#define NUM_RECOGN_SIGN_KEYS	3
+static std::string RecognSigningKeys[NUM_RECOGN_SIGN_KEYS] = 
+{
+	"AvMxAwAAA5YQMAAAABAANAAAAAoAAAABEEAAAAFMAKQAAAAmYjI2ZTUyNGFlZjczYmY3Y2MyMzUwNTc0ZTMyMjcxZWEAAAAAUl8ogFRAXAABEAAAARQwggEKAoIBAQCyblJK73O/fMI1BXTjInHqIWma62Z2r3K7/giT6Xm3k+lyNokvpR+I45XdEvPRmFVZmTU7XT2n3YiPDLe7y2r9fnYiLvBCdu+FBaVv5UQG8nvFGMLKbhdyRpOSBgDc+Y+8plMPn8jqgfNhLROMowmvDJQkJQjlm80d/9wj+VZ+tLiPPo8uOlghqNhdXDGK7HnfeLrJyD8kLEW7+4huaxR8IsLgjzuK8rovGLYCBcnx4TXvtbEeafJBBBt8S/GPeUaB1rxWpVV6fi+oBU6cvjbEqPzSalIrwNPyqlj+1SbL1jGEGEr1XIMzDa96SVsJ0F93lS3H9c8HdvByAifgzbPZAgMBAAEQUAAAAjIApAAAACZlM2Y4YjY3ZjJmYjM0NzZlZmYxZmM3ZjNhNjEzM2M5OQEgAAACBp1w449QGjchVotgHvGWRh18zpsDUHRv8PlRX1vXy8FMstTrnRjaDofFitmpJm8K6F1t/9jviCdB+BCvRzAS4SxER49YCBp04xZfX7c03xdq/e27jYRds2w6YHTiEgNi5v1cyWhrwDcCdefXRnHTH1UOw3jOoWnlnmM6jEsL39XI5fvsog9z8GxcG54APKA7JgiqhgMcrKRwNk74XJAzcjB6FS8xaV2gzpZZLNZ1TU+tJoLSiRqTU8UiAGbAR85lYLT5Ozdd2C+bTQ9f6vltz8bpzicJzxGCIsYtSL44InQsO/Oar9IgZu8QE4pTuunGJhVqEZru7ZN+oV+wXt51n+24SS0sNgNKVUFS74RfvsFi67CrXSWTOI8bVS0Lvv3EMWMdSF9dHGbdCFnp2/wqbW/4Qz7XYF4lcu9gLe4UtIrZ6TkAvBtnSfvTTdXj7kD6oHDjrUCjHPxdhz3BLRbj1wENZsoS3QDl22Ts7dbO8wHjutsS3/zx4DLlADoFlU8p7HJaCdrsq20P4WCeQJb6JbbLpGRAccKAidAPHMxQ4fr3b+GtjxpLJtXaytr4CPSXsCt4TloE9g5yCE6n/2UxQACp8Guh9l2MXmrD7qEGexhYqFB/OG84u3vL+gskmsKXTEqi2SiSmhvzta2p2hGCLCKRQeYbn+4TsIQfgWtYNQvC",
+	"AvMxAwAAA5YQMAAAABAANAAAAAoAAAACEEAAAAFMAKQAAAAmYjY0OTJkODMzNTI5ZjMxMGM1MmRjMDc3ZjBmZDgyMjcAAAAAUl8ogFRAXAABEAAAARQwggEKAoIBAQC2SS2DNSnzEMUtwHfw/YInm/XLXEUMktyZTmyMWACBbEfmU6aztT3vxz6UHoCBYtKkzKrfDZLvXe0a5TRLMmK+yfl5IzIVUPdqTg6FF3Bx/GXdj4v/ZP6lAuqY5YeI4wPcKldrrIJ9DTUdhZhgdtgDtxGvrXZ8eFjcl9zM+QEykYKMwfnTCixzVOPCCo3q1lJO13NmlhVQDO+f9vvTZsYDCcZHMqlKZWcCEyY1ZpQiCqlsL8wN6tKxMuSQO8EGdH/tNzsGHwCoZq6EEL7SX/pmc2ABjpDQTLixgXwJtCpw8Fwj1xiavsFFbqSLu3SjUCcrMz9f8U5p2ROyv//lWxsXAgMBAAEQUAAAAjIApAAAACZlM2Y4YjY3ZjJmYjM0NzZlZmYxZmM3ZjNhNjEzM2M5OQEgAAACBksDPQ93PdZBGCEnKXcQsdB4yBA9NpImVR81JZdPmWlTwZGAXGJwt4EkBcz+xdey84JDujVtHJUzIL9Ws/Jq5MuXHr0tP5ebah1GCQF2/Ov7sctUk3UPBxeroon7gZQhuzaIJVhl0rzwWriFUbTu7H7g9eaTHMvyfUg+S0Z2p+e0+PdL5rfGOJJZ6+NJCXxxbQ//cF4s0PAzkjAuwDmC+OiUiU5V6fY4XtRMCEI7w+UCj+wQn2Wu1Wc7xVM9uow13rGaLPYkWZ/9v+wNhg0KCsVfKGhkAGGzGyKI9LAppFVTu52pBlRu9Ung7VkhF0JC2aadYKKFl99wCbsGqUYN/gtfgHYCV24LNVah2dAy8CI9UmHdWk1kIwWazbPTYKLfpYCTFxqEqXqo3ijLf0YPsfhIvCQpc5VHAvLJlDm0RFKwzK6N9Zu9s9IvJHzIpaAAHCQJPtYxPwWMdt83njGo9wu1+aVkl5Sb5X8N16AybbnQ7fCBqJruGBM0LHtWVbHEiEygD7OStzyhT5rXKZSQYMA9I2CvK1t7qfDXDM40k8SVQ5CrS9R8x1wqQbe+DqNJ9tMfbUmN0xrO/w2pTl/4edKW30TShW/fr3vCWpVq8gcm3CVFSZUaC4T9wqH96K6KgIPbmg1Hk158pxXYXopEv6ZxR7UTPxKB0O22aIHB6UQ5",
+	"AvMxAwAAA5YQMAAAABAANAAAAAoAAAABEEAAAAFMAKQAAAAmOTdhNTJkMThjMDBjYWE3YmZlYmQ4NTg0MDJkMzBhY2QAAAAAUl8ogFRAXAABEAAAARQwggEKAoIBAQCXpS0YwAyqe/69hYQC0wrNz7eUHAmJfR5EV7NVFQeOxtTlFwbdvRMK8ZpfqEoRhIPXAYCc9Dv3F7WcmcFer8d50EWhlK7rCQScaRdwL1UmF1dUY8bR8QxhJOUgwmrlzeKOHi2DJ3/9AXm7NJR8XMJgHEQQwi3z/aQsWrwCUA0mk68C8a3vjLtcMj5XBuNXRtGZ9zFjiI9Xt19y0iIKdYpfzOnJTKVETcjH7XPBBbJETWkrEyToHXPjcfhESAbJDOoyfQQbxHMQNE7no7owN08LoWX2kOSGtl2m6JbE2OEdJig83a6U3PDYfYM5LCfsAJEIroYhB3qZJDE98zGC8jihAgMBAAEQUAAAAjIApAAAACZlM2Y4YjY3ZjJmYjM0NzZlZmYxZmM3ZjNhNjEzM2M5OQEgAAACBiwl7oRPJzLlwDd8AzVolFQH1ZS+MWLA4B1eHCjCXSMn+zS0Su6CrpC6/vLwECaKSfNZ8y7T2fNDPJHMLmc1F6jJkdNZq3TZGNRgJx24OF3G5MU6mAH7DBsz7muFto+URTJl9CdJviIyQAn5E+R4Gp531RJdKlbqJl/gWuQMVem+eo3elpVEn8Ckg0yvFaFdhGFTOPyrXOZ6fI0pdCX0SH2q/vAIxGDRzaSYmsR0Y+oYZs0AeRnZD9iEh1v17xnVEdSoLZmZbjlLXXgqhbdXGik6ZoXQg3bTfl5D1j8Tk/d/CXqf0SUKBnIafaNgUeQSMY95M3k3vjPQN7vHdXmg19GnqQmBnGq45qdKI7+0Erfhl4po1z6yVvx9JfIMIDOsKwO3U/As5zbO2BYso0pUP4+gndissfDfqlPRni3orA0tlV6NuLmXi1wkHCu8HQ8WOqEUlWDJNLNpHW5OmgjMFqlIPt7hX5jlc9eXd4oMyaqXm1Tg8Cgbh5DYaT9A7He47+QhqYlPygqK9Fm0ZnH3Yz51cm3p2tRB1JU7qH9h5UqLLKJMBuIx7e9L5ieTfzKmTw6tqpIpHpiR/8bSQlKkw2LxikFy3OXL5obY1t9sWk35BNZQqcqflI6mkPrvGQKwN+co8GjUon5/Y1HSM6ursaJtkD8dz+oXVyWAokkuD7QZ",
+
+
+};
+
+
+
+EVP_PKEY *RsRecogn::loadMasterKey()
+{
+	/* load master signing key */
+	size_t keylen;
+	char *keyptr;
+	
+	Radix64::decode(RecognKey, keyptr, keylen);
+		
+	const unsigned char *keyptr2 = (const unsigned char *) keyptr;
+	long keylen2 = keylen;
+	
+	RSA *rsakey = d2i_RSAPublicKey(NULL, &(keyptr2), keylen2);
+	delete []keyptr;
+
+	if (!rsakey)
+	{
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::loadMasterKeys() failed rsakey load";
+		std::cerr << std::endl;
+#endif // DEBUG_RECOGN
+		return NULL;
+	}	
+
+	
+	EVP_PKEY *signKey = EVP_PKEY_new();
+	EVP_PKEY_assign_RSA(signKey, rsakey);
+
+	return signKey;
+}
+
+
+bool	RsRecogn::loadSigningKeys(std::map<std::string, RsGxsRecognSignerItem *> &signMap)
+{
+
+	EVP_PKEY *signKey = loadMasterKey();
+	RsGxsRecognSerialiser recognSerialiser;
+
+	if (!signKey)
+	{
+		std::cerr << "RsRecogn::loadSigningKeys() missing Master Key";
+		return false;
+	}
+
+
+	time_t now = time(NULL);
+
+	for(int i = 0; i < NUM_RECOGN_SIGN_KEYS; i++)
+	{
+		char *signerbuf;
+		size_t len;
+		Radix64::decode(RecognSigningKeys[i], signerbuf, len);
+
+		uint32_t pktsize = len;
+		RsItem *pktitem = recognSerialiser.deserialise(signerbuf, &pktsize);
+		RsGxsRecognSignerItem *item = dynamic_cast<RsGxsRecognSignerItem *>(pktitem);
+
+		delete []signerbuf;
+
+		if (!item)
+		{
+#ifdef DEBUG_RECOGN
+			std::cerr << "RsRecogn::loadSigningKeys() failed to deserialise SignerItem";
+			std::cerr << std::endl;
+#endif // DEBUG_RECOGN
+			continue;
+		}
+
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::loadSigningKeys() SignerItem: ";
+		std::cerr << std::endl;
+		item->print(std::cerr);
+#endif // DEBUG_RECOGN
+		
+		/* check dates */
+		if ((item->key.startTS > (unsigned) now) || (item->key.endTS < (unsigned) now))
+		{
+#ifdef DEBUG_RECOGN
+			std::cerr << "RsRecogn::loadSigningKeys() failed timestamp";
+			std::cerr << std::endl;
+			std::cerr << "RsRecogn::loadSigningKeys() key.startTS: " << item->key.startTS;
+			std::cerr << std::endl;
+			std::cerr << "RsRecogn::loadSigningKeys() now: " << now;
+			std::cerr << std::endl;
+			std::cerr << "RsRecogn::loadSigningKeys() key.endTS: " << item->key.endTS;
+			std::cerr << std::endl;
+#endif // DEBUG_RECOGN
+			delete item;
+			continue;
+		}
+
+		/* check signature */
+		RsTlvKeySignature signature = item->sign;
+		item->sign.TlvShallowClear();
+
+		unsigned int siglen = signature.signData.bin_len;
+		unsigned char *sigbuf = (unsigned char *) signature.signData.bin_data;
+
+		/* store in */
+		uint32_t datalen = recognSerialiser.size(item);
+		uint8_t *data = (uint8_t *) malloc(datalen);
+		uint32_t pktlen = datalen;
+		int signOk = 0;
+		
+		if (recognSerialiser.serialise(item, data, &pktlen))
+		{
+			EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
+
+			EVP_VerifyInit(mdctx, EVP_sha1());
+			EVP_VerifyUpdate(mdctx, data, pktlen);
+			signOk = EVP_VerifyFinal(mdctx, sigbuf, siglen, signKey);
+	
+			EVP_MD_CTX_destroy(mdctx);
+
+			item->sign = signature;
+			signature.TlvShallowClear();
+
+			if (signOk)
+			{
+#ifdef DEBUG_RECOGN
+				std::cerr << "RsRecogn::loadSigningKeys() signature ok";
+				std::cerr << std::endl;
+#endif // DEBUG_RECOGN
+				std::string signerId = item->key.keyId;
+				signMap[signerId] = item;
+			}
+		}
+		
+		if (!signOk)
+		{
+#ifdef DEBUG_RECOGN
+			std::cerr << "RsRecogn::loadSigningKeys() signature failed";
+			std::cerr << std::endl;
+#endif // DEBUG_RECOGN
+			delete item;
+		}
+
+		free(data);
+	}
+
+	/* clean up */
+	EVP_PKEY_free(signKey);
+	return true;
+}
+
+
+
+bool	RsRecogn::validateTagSignature(RsGxsRecognSignerItem *signer, RsGxsRecognTagItem *item)
+{
+	if (item->sign.keyId != signer->key.keyId)
+	{
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::validateTagSignature() keyId mismatch";
+		std::cerr << std::endl;
+#endif // DEBUG_RECOGN
+		return false;
+	}
+		
+	const unsigned char *keyptr = (const unsigned char *) signer->key.keyData.bin_data;
+	long keylen = signer->key.keyData.bin_len;
+		
+	/* extract admin key */
+	RSA *rsakey = d2i_RSAPublicKey(NULL, &(keyptr), keylen);
+	if (!rsakey)
+	{
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::validateTagSignature() failed extract signkey";
+		std::cerr << std::endl;
+#endif // DEBUG_RECOGN
+		return false;
+	}
+		
+	/* check signature */
+	RsTlvKeySignature signature = item->sign;
+	item->sign.TlvShallowClear();
+		
+	unsigned int siglen = signature.signData.bin_len;
+	unsigned char *sigbuf = (unsigned char *) signature.signData.bin_data;
+
+	EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
+	EVP_PKEY *signKey = EVP_PKEY_new();
+	EVP_PKEY_assign_RSA(signKey, rsakey);
+
+		
+	/* store in */
+	RsGxsRecognSerialiser serialiser;
+
+	uint32_t datalen = serialiser.size(item);
+	uint8_t *data = (uint8_t *) malloc(datalen);
+	int signOk = 0;
+		
+	uint32_t pktlen = datalen;
+	if (serialiser.serialise(item, data, &pktlen))
+	{
+		
+		EVP_VerifyInit(mdctx, EVP_sha1());
+		EVP_VerifyUpdate(mdctx, data, pktlen);
+		signOk = EVP_VerifyFinal(mdctx, sigbuf, siglen, signKey);
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::validateTagSignature() sign_result: " << signOk;
+		std::cerr << std::endl;
+#endif // DEBUG_RECOGN
+	}
+	else
+	{
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::validateTagSignature() failed to serialise";
+		std::cerr << std::endl;
+#endif // DEBUG_RECOGN
+	}
+		
+	// Clean up.
+	item->sign = signature;
+	signature.TlvShallowClear();
+		
+	EVP_MD_CTX_destroy(mdctx);
+	EVP_PKEY_free(signKey);
+
+	free(data);
+		
+	return (signOk == 1);		
+}
+
+
+bool rsa_sanity_check(RSA *rsa)
+{
+	std::cerr << "rsa_sanity_check()";
+	std::cerr << std::endl;
+
+	if (!rsa)
+	{
+		std::cerr << "rsa_sanity_check() RSA == NULL";
+		std::cerr << std::endl;
+		return false;
+	}
+
+	RSA *pubkey = RSAPublicKey_dup(rsa);
+
+	std::string signId = RsRecogn::getRsaKeyId(rsa);
+	std::string signId2 = RsRecogn::getRsaKeyId(pubkey);
+
+	bool ok = true;
+	if (signId != signId2)
+	{
+		std::cerr << "rsa_sanity_check() ERROR SignId Failure";
+		std::cerr << std::endl;
+		ok = false;
+	}
+
+	if (1 != RSA_check_key(rsa))
+	{
+		std::cerr << "rsa_sanity_check() ERROR RSA key is not private";
+		std::cerr << std::endl;
+		ok = false;
+	}
+
+#if 0
+	if (1 == RSA_check_key(pubkey))
+	{
+		std::cerr << "rsa_sanity_check() ERROR RSA dup key is private";
+		std::cerr << std::endl;
+		ok = false;
+	}
+#endif
+
+	RSA_free(pubkey);
+
+	if (!ok)
+	{
+		exit(1);
+	}
+
+	return true;
+}
+
+		
+
+bool	RsRecogn::signTag(EVP_PKEY *signKey, RsGxsRecognTagItem *item)
+{
+	RsGxsRecognSerialiser serialiser;
+
+	RSA *rsa = EVP_PKEY_get1_RSA(signKey);
+	std::string signId = getRsaKeyId(rsa);
+	rsa_sanity_check(rsa);
+	RSA_free(rsa);
+
+	item->sign.TlvClear();
+
+	/* write out the item for signing */
+	uint32_t len = serialiser.size(item);
+	char *buf = new char[len];
+	if (!serialiser.serialise(item, buf, &len))
+	{
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::signTag() Failed serialise TagItem:";
+		std::cerr << std::endl;
+		item->print(std::cerr);
+#endif // DEBUG_RECOGN
+		delete []buf;
+		return false;
+	}
+
+	/* calc and check signature */
+	EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
+
+	EVP_SignInit(mdctx, EVP_sha1());
+	EVP_SignUpdate(mdctx, buf, len);
+
+	unsigned int siglen = EVP_PKEY_size(signKey);
+	unsigned char sigbuf[siglen];
+	EVP_SignFinal(mdctx, sigbuf, &siglen, signKey);
+
+	/* save signature */
+	item->sign.signData.setBinData(sigbuf, siglen);
+	item->sign.keyId = signId;
+
+	/* clean up */
+	EVP_MD_CTX_destroy(mdctx);
+	delete []buf;
+
+	return true;
+}
+
+bool	RsRecogn::signSigner(EVP_PKEY *signKey, RsGxsRecognSignerItem *item)
+{
+	std::cerr << "RsRecogn::signSigner()";
+	std::cerr << std::endl;
+
+	RsGxsRecognSerialiser serialiser;
+
+	std::cerr << "RsRecogn::signSigner() Checking Key";
+	std::cerr << std::endl;
+
+	RSA *rsa = EVP_PKEY_get1_RSA(signKey);
+	std::string signId = getRsaKeyId(rsa);
+	rsa_sanity_check(rsa);
+	RSA_free(rsa);
+
+	std::cerr << "RsRecogn::signSigner() Key Okay";
+	std::cerr << std::endl;
+
+	item->sign.TlvClear();
+
+	/* write out the item for signing */
+	uint32_t len = serialiser.size(item);
+	char *buf = new char[len];
+	if (!serialiser.serialise(item, buf, &len))
+	{
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::signSigner() Failed serialise SignerItem:";
+		std::cerr << std::endl;
+		item->print(std::cerr);
+#endif // DEBUG_RECOGN
+		delete []buf;
+		return false;
+	}
+
+	/* calc and check signature */
+	EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
+
+	EVP_SignInit(mdctx, EVP_sha1());
+	EVP_SignUpdate(mdctx, buf, len);
+
+	unsigned int siglen = EVP_PKEY_size(signKey);
+	unsigned char sigbuf[siglen];
+	EVP_SignFinal(mdctx, sigbuf, &siglen, signKey);
+
+	/* save signature */
+	item->sign.signData.setBinData(sigbuf, siglen);
+	item->sign.keyId = signId;
+
+	/* clean up */
+	EVP_MD_CTX_destroy(mdctx);
+	delete []buf;
+
+	return true;
+}
+
+
+bool	RsRecogn::signTagRequest(EVP_PKEY *signKey, RsGxsRecognReqItem *item)
+{
+	std::cerr << "RsRecogn::signTagRequest()";
+	std::cerr << std::endl;
+
+	RsGxsRecognSerialiser serialiser;
+
+	RSA *rsa = EVP_PKEY_get1_RSA(signKey);
+	std::string signId = getRsaKeyId(rsa);
+	rsa_sanity_check(rsa);
+	RSA_free(rsa);
+
+	item->sign.TlvClear();
+
+	/* write out the item for signing */
+	uint32_t len = serialiser.size(item);
+	char *buf = new char[len];
+	if (!serialiser.serialise(item, buf, &len))
+	{
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::signTagRequest() Failed serialise Tag Request:";
+		std::cerr << std::endl;
+		item->print(std::cerr);
+#endif // DEBUG_RECOGN
+		delete []buf;
+		return false;
+	}
+
+	/* calc and check signature */
+	EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
+
+	EVP_SignInit(mdctx, EVP_sha1());
+	EVP_SignUpdate(mdctx, buf, len);
+
+	unsigned int siglen = EVP_PKEY_size(signKey);
+	unsigned char sigbuf[siglen];
+	EVP_SignFinal(mdctx, sigbuf, &siglen, signKey);
+
+	/* save signature */
+	item->sign.signData.setBinData(sigbuf, siglen);
+	item->sign.keyId = signId;
+
+	/* clean up */
+	EVP_MD_CTX_destroy(mdctx);
+	delete []buf;
+
+	return true;
+}
+
+
+bool	RsRecogn::itemToRadix64(RsItem *item, std::string &radstr)
+{
+	RsGxsRecognSerialiser serialiser;
+
+	/* write out the item for signing */
+	uint32_t len = serialiser.size(item);
+	char *buf = new char[len];
+	if (!serialiser.serialise(item, buf, &len))
+	{
+		return false;
+	}
+
+	radstr.clear();
+	Radix64::encode(buf, len, radstr);
+
+	return true;
+}
+
+
+std::string RsRecogn::getRsaKeyId(RSA *pubkey)
+{
+	int len = BN_num_bytes(pubkey -> n);
+	unsigned char tmp[len];
+	BN_bn2bin(pubkey -> n, tmp);
+
+	// copy first CERTSIGNLEN bytes...
+	if (len > CERTSIGNLEN)
+	{
+		len = CERTSIGNLEN;
+	}
+
+	std::string id;
+	for(uint32_t i = 0; i < CERTSIGNLEN; i++)
+	{
+		rs_sprintf_append(id, "%02x", (uint16_t) (((uint8_t *) (tmp))[i]));
+	}
+
+	return id;
+}
+
+
+
+RsGxsRecognTagItem *RsRecogn::extractTag(const std::string &encoded)
+{
+	// Decode from Radix64 encoded Packet.
+	size_t buflen;
+	char *buffer;
+	uint32_t pktsize;
+
+	Radix64::decode(encoded, buffer, buflen);
+	pktsize = buflen;
+
+	RsGxsRecognSerialiser serialiser;
+	RsItem *item = serialiser.deserialise(buffer, &pktsize);
+	delete []buffer;
+
+	if (!item)
+	{
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::extractTag() ERROR Deserialise failed";
+		std::cerr << std::endl;
+#endif // DEBUG_RECOGN
+		return NULL;
+	}
+
+	RsGxsRecognTagItem *tagitem = dynamic_cast<RsGxsRecognTagItem *>(item);
+
+	if (!tagitem)
+	{
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::extractTag() ERROR Not TagItem, is: ";
+		std::cerr << std::endl;
+		item->print(std::cerr);
+#endif // DEBUG_RECOGN
+		delete item;
+	}
+
+	return tagitem;
+}
+
+
+bool RsRecogn::createTagRequest(const RsTlvSecurityKey &key, const std::string &id, const std::string &nickname, uint16_t tag_class, uint16_t tag_type, const std::string &comment, std::string &tag)
+{
+	RsGxsRecognReqItem *item = new RsGxsRecognReqItem();
+
+	EVP_PKEY *signKey = EVP_PKEY_new();
+	RSA *rsakey = GxsSecurity::extractPrivateKey(key);
+        if (!rsakey)
+        {
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::createTagRequest() Failed to extract key";
+		std::cerr << std::endl;
+#endif // DEBUG_RECOGN
+                return false;
+        }
+
+        if (!EVP_PKEY_assign_RSA(signKey, rsakey))
+        {
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::createTagRequest() Failed to assign key";
+		std::cerr << std::endl;
+#endif // DEBUG_RECOGN
+                return false;
+        }
+
+	item->issued_at = time(NULL);
+	item->period = 365 * 24 * 3600;
+	item->tag_class = tag_class;
+	item->tag_type  = tag_type;
+
+	item->nickname = nickname;
+	item->identity = id;
+	item->comment = comment;
+
+	bool signOk = RsRecogn::signTagRequest(signKey,item);
+	EVP_PKEY_free(signKey);
+
+	if (!signOk)
+	{
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::createTagRequest() Failed to sign Tag Request:";
+		std::cerr << std::endl;
+		item->print(std::cerr);
+#endif // DEBUG_RECOGN
+		delete item;
+		return false;
+	}
+
+	/* write out the item for signing */
+	RsGxsRecognSerialiser serialiser;
+	uint32_t len = serialiser.size(item);
+	char *buf = new char[len];
+	bool serOk = serialiser.serialise(item, buf, &len);
+	delete item;
+
+	if (serOk)
+	{
+		Radix64::encode(buf, len, tag);
+	}
+
+	delete []buf;
+
+	if (!serOk)
+	{
+#ifdef DEBUG_RECOGN
+		std::cerr << "RsRecogn::createTagRequest() Failed serialise Tag Request:";
+		std::cerr << std::endl;
+		item->print(std::cerr);
+#endif // DEBUG_RECOGN
+		return false;
+	}
+
+	return serOk;
+}
+
+

libretroshare/src/util/rsrecogn.h

@@ -0,0 +1,61 @@
+
+/*
+ * libretroshare/src/util: rsrecogn.h
+ *
+ * RetroShare Utilities
+ *
+ * Copyright 2013 by Robert Fernie.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Library General Public
+ * License Version 2.1 as published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ * USA.
+ *
+ * Please report all bugs and problems to "retroshare@lunamutt.com".
+ *
+ */
+
+
+#ifndef RSUTIL_RECOGN_H
+#define RSUTIL_RECOGN_H
+
+#include <inttypes.h>
+#include <string>
+#include <openssl/evp.h>
+#include <openssl/rsa.h>
+
+#include "serialiser/rsgxsrecognitems.h"
+
+namespace RsRecogn {
+
+EVP_PKEY *	loadMasterKey();
+bool		loadSigningKeys(std::map<std::string, RsGxsRecognSignerItem *> &signMap);
+bool		validateTagSignature(RsGxsRecognSignerItem *signer, RsGxsRecognTagItem *item);
+
+bool		signTag(EVP_PKEY *signKey, RsGxsRecognTagItem *item);
+bool    	signSigner(EVP_PKEY *signKey, RsGxsRecognSignerItem *item);
+bool 		signTagRequest(EVP_PKEY *signKey, RsGxsRecognReqItem *item);
+
+bool    	itemToRadix64(RsItem *item, std::string &radstr);
+
+std::string 	getRsaKeyId(RSA *pubkey);
+
+RsGxsRecognTagItem *extractTag(const std::string &encoded);
+
+bool 		createTagRequest(const RsTlvSecurityKey &key, 
+			const std::string &id, const std::string &nickname, 
+			uint16_t tag_class, uint16_t tag_type, 
+			const std::string &comment, std::string &tag);
+
+}
+	
+#endif

libretroshare/src/util/rsstring.cc

@@ -305,3 +305,16 @@ void stringToLowerCase(const std::string& s, std::string &lower)
 		if(lower[i] > 64 && lower[i] < 91)
 			lower[i] += 97-65 ;
 }
+
+
+
+bool isHexaString(const std::string& s)
+{
+	for(uint32_t i=0;i<s.length();++i)
+		if(!((s[i] >= 'A' && s[i] <= 'F') || (s[i] >= '0' && s[i] <= '9') || (s[i] >= 'a' && s[i] <= 'f')))
+		return false ;
+
+	return true ;
+}
+
+

libretroshare/src/util/rsstring.h

@@ -48,4 +48,6 @@ int rs_sprintf_append(std::string &str, const char *fmt, ...);
 void stringToUpperCase(const std::string& s, std::string &upper);
 void stringToLowerCase(const std::string& s, std::string &lower);
 
+bool isHexaString(const std::string& s);
+
 #endif // RSSTRING_H_

libretroshare/src/util/rstickevent.cc

@@ -80,6 +80,7 @@ void	RsTickEvent::tick_events()
 			mEvents.erase(it);
 
 			count_adjust_locked(event_type, -1);
+			note_event_locked(event_type);
 		}
 	}