From c6edff7df8a0523f74ee338a7633c315db12bc0c Mon Sep 17 00:00:00 2001 From: joss17 Date: Wed, 13 Jan 2010 21:29:21 +0000 Subject: [PATCH] change the cert to gpg + some ssl details git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@2022 b45a01b8-16f6-495d-af2f-9b41ad6348cc --- libretroshare/src/pqi/authssl.cc | 14 + libretroshare/src/pqi/authssl.h | 1 + libretroshare/src/pqi/p3connmgr.cc | 3 +- libretroshare/src/rsserver/p3peers.cc | 269 +++++++++++------- .../src/gui/connect/ConnectFriendWizard.cpp | 84 +----- .../src/gui/connect/ConnectFriendWizard.h | 3 - .../src/gui/settings/CryptoPage.cpp | 23 +- 7 files changed, 194 insertions(+), 203 deletions(-) diff --git a/libretroshare/src/pqi/authssl.cc b/libretroshare/src/pqi/authssl.cc index f54fb8c23..d4e9567c8 100644 --- a/libretroshare/src/pqi/authssl.cc +++ b/libretroshare/src/pqi/authssl.cc @@ -653,6 +653,20 @@ std::string AuthSSL::OwnId() return id; } +std::string AuthSSL::getOwnLocation() +{ +#ifdef AUTHSSL_DEBUG + std::cerr << "AuthSSL::OwnId()"; + std::cerr << std::endl; +#endif + sslMtx.lock(); /***** LOCK *****/ + + std::string location = mOwnCert->location; + + sslMtx.unlock(); /**** UNLOCK ****/ + return location; +} + //bool AuthSSL::getAllList(std::list &ids) //{ //#ifdef AUTHSSL_DEBUG diff --git a/libretroshare/src/pqi/authssl.h b/libretroshare/src/pqi/authssl.h index 43910535a..2688b5211 100644 --- a/libretroshare/src/pqi/authssl.h +++ b/libretroshare/src/pqi/authssl.h @@ -104,6 +104,7 @@ SSL_CTX * getNewSslCtx(); /* get Certificate Id */ virtual std::string OwnId(); +virtual std::string getOwnLocation(); //virtual bool getAllList(std::list &ids); //virtual bool getAuthenticatedList(std::list &ids); //virtual bool getUnknownList(std::list &ids); diff --git a/libretroshare/src/pqi/p3connmgr.cc b/libretroshare/src/pqi/p3connmgr.cc index 7edc21e07..dfc094d6f 100644 --- a/libretroshare/src/pqi/p3connmgr.cc +++ b/libretroshare/src/pqi/p3connmgr.cc @@ -141,12 +141,13 @@ p3ConnectMgr::p3ConnectMgr() /* setup basics of own state */ ownState.id = AuthSSL::getAuthSSL()->OwnId(); ownState.name = AuthGPG::getAuthGPG()->getGPGOwnName(); + ownState.location = AuthSSL::getAuthSSL()->getOwnLocation(); ownState.netMode = RS_NET_MODE_UDP; //use_extr_addr_finder = true ; use_extr_addr_finder = false; allow_tunnel_connection = true; - mExtAddrFinder = new ExtAddrFinder ; + mExtAddrFinder = new ExtAddrFinder; return; } diff --git a/libretroshare/src/rsserver/p3peers.cc b/libretroshare/src/rsserver/p3peers.cc index c6abb85c5..fe6310b30 100644 --- a/libretroshare/src/rsserver/p3peers.cc +++ b/libretroshare/src/rsserver/p3peers.cc @@ -29,6 +29,8 @@ #include "pqi/authssl.h" #include "pqi/authgpg.h" #include +#include + #include #include @@ -38,14 +40,14 @@ #include #endif -/**************** PQI_USE_XPGP ******************/ -#if defined(PQI_USE_XPGP) - #include "pqi/authxpgp.h" -#else /* X509 Certificates */ -/**************** PQI_USE_XPGP ******************/ - #include "pqi/authssl.h" -#endif /* X509 Certificates */ -/**************** PQI_USE_XPGP ******************/ +const std::string CERT_SSL_ID = "---SSLID---"; +const std::string CERT_LOCATION = "---LOCATION---"; +const std::string CERT_LOCAL_IP = "---LOCAL---"; +const std::string CERT_EXT_IP = "---EXT---"; + + + +#include "pqi/authssl.h" RsPeers *rsPeers = NULL; @@ -286,8 +288,7 @@ bool p3Peers::getPeerDetails(std::string id, RsPeerDetails &d) std::cerr << "p3Peers::getPeerDetails() got a SSL id and is returning SSL and GPG details for id : " << id << std::endl; #endif - if (id == AuthSSL::getAuthSSL()->OwnId()) - { + if (id == AuthSSL::getAuthSSL()->OwnId()) { mConnMgr->getOwnNetStatus(pcs); } @@ -784,29 +785,27 @@ p3Peers::GetRetroshareInvite() std::cerr << "p3Peers::GetRetroshareInvite()"; std::cerr << std::endl; - std::string ownId = AuthSSL::getAuthSSL()->OwnId(); - std::string certstr = AuthSSL::getAuthSSL()->SaveOwnCertificateToString(); - std::string name = AuthGPG::getAuthGPG()->getGPGOwnName(); - - std::string pgpownId = AuthGPG::getAuthGPG()->getGPGOwnId(); - std::string pgpcertstr = AuthGPG::getAuthGPG()->SaveCertificateToString(pgpownId); - - std::cerr << "p3Peers::GetRetroshareInvite() SSL Cert:"; - std::cerr << std::endl; - std::cerr << certstr; - std::cerr << std::endl; + std::string invite = AuthGPG::getAuthGPG()->SaveCertificateToString(AuthGPG::getAuthGPG()->getGPGOwnId()); - std::cerr << "p3Peers::GetRetroshareInvite() PGP Cert:"; - std::cerr << std::endl; - std::cerr << pgpcertstr; - std::cerr << std::endl; - - std::string combinedcerts = certstr; - combinedcerts += '\n'; - combinedcerts += pgpcertstr; - combinedcerts += '\n'; - - return combinedcerts; + //add the sslid, location, ip local and external address after the signature + RsPeerDetails ownDetail; + if (getPeerDetails(rsPeers->getOwnId(), ownDetail)) { + invite += CERT_SSL_ID + ownDetail.id + ";\n"; + invite += CERT_LOCATION + ownDetail.location + ";\n"; + invite += CERT_LOCAL_IP + ownDetail.localAddr + ":"; + std::ostringstream out; + out << ownDetail.localPort; + invite += out.str() + ";\n"; + invite += CERT_EXT_IP + ownDetail.extAddr + ":"; + std::ostringstream out2; + out2 << ownDetail.extPort; + invite += out2.str() + ";\n"; + } + + std::cerr << "p3Peers::GetRetroshareInvite() returns : \n"; + std::cerr << invite << std::endl; + + return invite; } //=========================================================================== @@ -822,88 +821,156 @@ bool p3Peers::loadCertificateFromFile(std::string fname, std::string &id, std:: } -bool splitCerts(std::string in, std::string &sslcert, std::string &pgpcert) -{ - std::cerr << "splitCerts():" << in; - std::cerr << std::endl; - - /* search for -----END CERTIFICATE----- */ - std::string sslend("-----END CERTIFICATE-----"); - std::string pgpend("-----END PGP PUBLIC KEY BLOCK-----"); - size_t pos = in.find(sslend); - size_t pos2 = in.find(pgpend); - size_t ssllen, pgplen; - - if (pos != std::string::npos) - { - std::cerr << "splitCerts(): Found SSL Cert"; - std::cerr << std::endl; - - ssllen = pos + sslend.length(); - sslcert = in.substr(0, ssllen); - - if (pos2 != std::string::npos) - { - std::cerr << "splitCerts(): Found SSL + PGP Cert"; - std::cerr << std::endl; - - pgplen = pos2 + pgpend.length() - ssllen; - pgpcert = in.substr(ssllen, pgplen); - } - return true; - } - else if (pos2 != std::string::npos) - { - std::cerr << "splitCerts(): Found PGP Cert Only"; - std::cerr << std::endl; - - pgplen = pos2 + pgpend.length(); - pgpcert = in.substr(0, pgplen); - return true; - } - return false; -} +//bool splitCerts(std::string in, std::string &sslcert, std::string &pgpcert) +//{ +// std::cerr << "splitCerts():" << in; +// std::cerr << std::endl; +// +// /* search for -----END CERTIFICATE----- */ +// std::string sslend("-----END CERTIFICATE-----"); +// std::string pgpend("-----END PGP PUBLIC KEY BLOCK-----"); +// size_t pos = in.find(sslend); +// size_t pos2 = in.find(pgpend); +// size_t ssllen, pgplen; +// +// if (pos != std::string::npos) +// { +// std::cerr << "splitCerts(): Found SSL Cert"; +// std::cerr << std::endl; +// +// ssllen = pos + sslend.length(); +// sslcert = in.substr(0, ssllen); +// +// if (pos2 != std::string::npos) +// { +// std::cerr << "splitCerts(): Found SSL + PGP Cert"; +// std::cerr << std::endl; +// +// pgplen = pos2 + pgpend.length() - ssllen; +// pgpcert = in.substr(ssllen, pgplen); +// } +// return true; +// } +// else if (pos2 != std::string::npos) +// { +// std::cerr << "splitCerts(): Found PGP Cert Only"; +// std::cerr << std::endl; +// +// pgplen = pos2 + pgpend.length(); +// pgpcert = in.substr(0, pgplen); +// return true; +// } +// return false; +//} -bool p3Peers::loadDetailsFromStringCert(std::string cert, RsPeerDetails &pd) +bool p3Peers::loadDetailsFromStringCert(std::string certstr, RsPeerDetails &pd) { #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::LoadCertificateFromString() "; std::cerr << std::endl; #endif - std::string sslcert; - std::string pgpcert; - bool retGPG = false; - bool retSSL = false; - std::string gpg_id_from_gpg_cert; - std::string gpg_id_from_ssl_cert; - splitCerts(cert, sslcert, pgpcert); + /* search for -----END CERTIFICATE----- */ + std::string pgpend("-----END PGP PUBLIC KEY BLOCK-----"); + //parse the text to get ip address + try { - if (pgpcert != "") { - std::cerr << "p3Peers::LoadDetailsFromStringCert() pgpcert .... " << std::endl; - std::cerr << pgpcert << std::endl; - std::string gpg_id; - AuthGPG::getAuthGPG()->LoadCertificateFromString(pgpcert, gpg_id); - retGPG = AuthGPG::getAuthGPG()->getGPGDetails(gpg_id, pd); - gpg_id_from_gpg_cert = pd.gpg_id; - } - if (sslcert != "") { - std::cerr << "p3Peers::LoadDetailsFromStringCert() sslcert .... " << std::endl; - std::cerr << sslcert << std::endl; - retSSL = AuthSSL::getAuthSSL()->LoadDetailsFromStringCert(sslcert, pd); - gpg_id_from_ssl_cert = pd.gpg_id; - } + size_t parsePosition = certstr.find(pgpend); - if (retGPG && retSSL) { - //check that the ssl_id and gpg_id are corresponding - if (gpg_id_from_gpg_cert != gpg_id_from_ssl_cert) { - std::cerr << "p3Peers::LoadDetailsFromStringCert() gpgCert and slCert are not corresponding. Load failed." << std::endl; - return false; + if (parsePosition != std::string::npos) { + parsePosition += pgpend.length(); + std::string pgpCert = certstr.substr(0, parsePosition); + std::string gpg_id; + AuthGPG::getAuthGPG()->LoadCertificateFromString(pgpCert, gpg_id); + AuthGPG::getAuthGPG()->getGPGDetails(gpg_id, pd); + if (gpg_id == "") { + return false; + } } + + std::cerr << "Parsing cert for sslid, location, ext and local address details. : " << certstr << std::endl; + + //let's parse the ssl id + parsePosition = certstr.find(CERT_SSL_ID); + std::cerr << "sslid position : " << parsePosition << std::endl; + if (parsePosition == std::string::npos) + return true; + parsePosition += CERT_SSL_ID.length(); + std::string subCert = certstr.substr(parsePosition); + parsePosition = subCert.find(";"); + if (parsePosition == std::string::npos) + return true; + std::string ssl_id = subCert.substr(0, parsePosition); + std::cerr << "SSL id : " << ssl_id << std::endl; + pd.id = ssl_id; + + //let's parse the location + parsePosition = certstr.find(CERT_LOCATION); + std::cerr << "location position : " << parsePosition << std::endl; + if (parsePosition == std::string::npos) + return true; + parsePosition += CERT_LOCATION.length(); + subCert = certstr.substr(parsePosition); + parsePosition = subCert.find(";"); + if (parsePosition == std::string::npos) + return true; + std::string location = subCert.substr(0, parsePosition); + std::cerr << "location : " << location << std::endl; + pd.location = location; + + //let's parse ip local address + parsePosition = certstr.find(CERT_LOCAL_IP); + std::cerr << "local ip position : " << parsePosition << std::endl; + if (parsePosition == std::string::npos) + return true; + parsePosition += CERT_LOCAL_IP.length(); + subCert = certstr.substr(parsePosition); + parsePosition = subCert.find(":"); + if (parsePosition == std::string::npos) + return true; + std::string local_ip = subCert.substr(0, parsePosition); + std::cerr << "Local Ip : " << local_ip << std::endl; + pd.localAddr = local_ip; + + //let's parse local port + subCert = subCert.substr(parsePosition + 1); + parsePosition = subCert.find(";"); + if (parsePosition == std::string::npos) + return true; + std::string local_port = subCert.substr(0, parsePosition); + std::cerr << "Local port : " << local_port << std::endl; + pd.localPort = (boost::lexical_cast(local_port)); + + //let's parse ip ext address + parsePosition = certstr.find(CERT_EXT_IP); + std::cerr << "Ext ip position : " << parsePosition << std::endl; + if (parsePosition == std::string::npos) + return true; + parsePosition = parsePosition + CERT_EXT_IP.length(); + subCert = certstr.substr(parsePosition); + parsePosition = subCert.find(":"); + if (parsePosition == std::string::npos) + return true; + std::string ext_ip = subCert.substr(0, parsePosition); + std::cerr << "Ext Ip : " << ext_ip << std::endl; + pd.extAddr = ext_ip; + + //let's parse ext port + subCert = subCert.substr(parsePosition + 1); + parsePosition = subCert.find(";"); + if (parsePosition == std::string::npos) + return true; + std::string ext_port = subCert.substr(0, parsePosition); + std::cerr << "Ext port : " << ext_port << std::endl; + pd.extPort = (boost::lexical_cast(ext_port)); + + } catch (...) { + std::cerr << "ConnectFriendWizard : Parse ip address error." << std::endl; } - return retGPG || retSSL; + + return true;; } diff --git a/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp b/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp index 0b59fab82..6629bf9fc 100755 --- a/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp +++ b/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp @@ -48,6 +48,8 @@ #include #include +#include + #include #include #include @@ -131,9 +133,9 @@ ConnectFriendWizard::accept() std::cerr << "ConnectFriendWizard::accept() : setting ip local address." << std::endl; rsPeers->setLocalAddress(ssl_Id, this->field("local_friend_ip").toString().toStdString(), this->field("local_friend_port").toInt()); } - if (!this->field("peerLocation").isNull()) { + if (!this->field(LOCATION_FIELD_CONNECT_FRIEND_WIZARD).isNull()) { std::cerr << "ConnectFriendWizard::accept() : setting peerLocation." << std::endl; - rsPeers->setLocation(ssl_Id, this->field("peerLocation").toString().toStdString()); + rsPeers->setLocation(ssl_Id, this->field(LOCATION_FIELD_CONNECT_FRIEND_WIZARD).toString().toStdString()); } } @@ -199,21 +201,6 @@ TextPage::TextPage(QWidget *parent) userCertEdit = new QTextEdit; std::string invite = rsPeers->GetRetroshareInvite(); - //add the ip local and external address after the signature - RsPeerDetails ownDetail; - rsPeers->getPeerDetails(rsPeers->getOwnId(), ownDetail); - invite += LOCAL_IP; - invite += ownDetail.localAddr + ":"; - std::ostringstream out; - out << ownDetail.localPort; - invite += out.str() + ";"; - invite += "\n"; - invite += EXT_IP; - invite += ownDetail.extAddr + ":"; - std::ostringstream out2; - out2 << ownDetail.extPort; - invite += out2.str() + ";"; - userCertEdit->setText(QString::fromStdString(invite)); userCertEdit->setReadOnly(true); userCertEdit->setMinimumHeight(200); @@ -354,66 +341,11 @@ int TextPage::nextId() const { wizard()->setField(LOCATION_FIELD_CONNECT_FRIEND_WIZARD, QString::fromStdString(pd.location)); wizard()->setField(CERT_STRING_FIELD_CONNECT_FRIEND_WIZARD, QString::fromStdString(certstr)); - //parse the text to get ip address - try { -#ifdef FRIEND_WIZARD_DEBUG - std::cerr << "Paring cert for ip detection : " << certstr << std::endl; -#endif - int parsePosition = certstr.find(LOCAL_IP); -#ifdef FRIEND_WIZARD_DEBUG - std::cerr << "local ip position : " << parsePosition << std::endl; -#endif - if (parsePosition != std::string::npos) { - //let's parse ip local address - parsePosition += LOCAL_IP.length(); - std::string subCert = certstr.substr(parsePosition); - parsePosition = subCert.find(":"); - std::string local_ip = subCert.substr(0, parsePosition); -#ifdef FRIEND_WIZARD_DEBUG - std::cerr << "Local Ip : " << local_ip << std::endl; -#endif + wizard()->setField("ext_friend_ip", QString::fromStdString(pd.extAddr)); + wizard()->setField("ext_friend_port", QString::fromStdString(boost::lexical_cast(pd.extPort))); + wizard()->setField("local_friend_ip", QString::fromStdString(pd.localAddr)); + wizard()->setField("local_friend_port", QString::fromStdString(boost::lexical_cast(pd.localPort))); - //let's parse local port - subCert = subCert.substr(parsePosition + 1); - parsePosition = subCert.find(";"); - std::string local_port = subCert.substr(0, parsePosition); -#ifdef FRIEND_WIZARD_DEBUG - std::cerr << "Local port : " << local_port << std::endl; -#endif - - //let's parse ip ext address - parsePosition = certstr.find(EXT_IP); -#ifdef FRIEND_WIZARD_DEBUG - std::cerr << "local ip position : " << parsePosition << std::endl; -#endif - if (parsePosition != std::string::npos) { - parsePosition = parsePosition + EXT_IP.length(); - subCert = certstr.substr(parsePosition); - parsePosition = subCert.find(":"); - std::string ext_ip = subCert.substr(0, parsePosition); - #ifdef FRIEND_WIZARD_DEBUG - std::cerr << "Ext Ip : " << ext_ip << std::endl; - #endif - - //let's parse ext port - subCert = subCert.substr(parsePosition + 1); - parsePosition = subCert.find(";"); - std::string ext_port = subCert.substr(0, parsePosition); - #ifdef FRIEND_WIZARD_DEBUG - std::cerr << "Ext port : " << ext_port << std::endl; - #endif - - //let's store the result in the friend wizard. We will retreive it in the acept() method - wizard()->setField("ext_friend_ip", QString::fromStdString(ext_ip)); - wizard()->setField("ext_friend_port", QString::fromStdString(ext_port)); - wizard()->setField("local_friend_ip", QString::fromStdString(local_ip)); - wizard()->setField("local_friend_port", QString::fromStdString(local_port)); - } - - } - } catch (...) { - std::cerr << "ConnectFriendWizard : Parse ip address error." << std::endl; - } return ConnectFriendWizard::Page_Conclusion ; } else diff --git a/retroshare-gui/src/gui/connect/ConnectFriendWizard.h b/retroshare-gui/src/gui/connect/ConnectFriendWizard.h index 57668f49f..74d72b2fc 100755 --- a/retroshare-gui/src/gui/connect/ConnectFriendWizard.h +++ b/retroshare-gui/src/gui/connect/ConnectFriendWizard.h @@ -18,9 +18,6 @@ class QComboBox; class QTableWidget; //QT_END_NAMESPACE -const std::string LOCAL_IP = "---LOCAL---"; -const std::string EXT_IP = "---EXT---"; - //============================================================================ //! A wizard for adding friends. Based on standard QWizard component diff --git a/retroshare-gui/src/gui/settings/CryptoPage.cpp b/retroshare-gui/src/gui/settings/CryptoPage.cpp index 1658bdd7d..269acde79 100755 --- a/retroshare-gui/src/gui/settings/CryptoPage.cpp +++ b/retroshare-gui/src/gui/settings/CryptoPage.cpp @@ -80,30 +80,9 @@ CryptoPage::load() void CryptoPage::loadPublicKey() { - //std::cerr << "CryptoPage() getting Invite" << std::endl; - - std::string invite = rsPeers->GetRetroshareInvite(); - - RsPeerDetails ownDetail; - rsPeers->getPeerDetails(rsPeers->getOwnId(), ownDetail); - invite += LOCAL_IP; - invite += ownDetail.localAddr + ":"; - std::ostringstream out; - out << ownDetail.localPort; - invite += out.str() + ";"; - invite += "\n"; - invite += EXT_IP; - invite += ownDetail.extAddr + ":"; - std::ostringstream out2; - out2 << ownDetail.extPort; - invite += out2.str() + ";"; - - ui.certtextEdit->setText(QString::fromStdString(invite)); + ui.certtextEdit->setText(QString::fromStdString(rsPeers->GetRetroshareInvite())); ui.certtextEdit->setReadOnly(true); ui.certtextEdit->setMinimumHeight(200); - - //std::cerr << "CryptoPage() getting Invite: " << invite << std::endl; - } void