Added message validation, not enabled at the moment

as msg sync seems to have stopped working. will fix (qos priority change?).
Added validated field to msg meta
Removed serviceString from msg transport.
Added grp flag setting to album create to test msg validation


git-svn-id: http://svn.code.sf.net/p/retroshare/code/branches/v0.5-gxs-b1@5800 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
chrisparker126 2012-11-10 23:42:38 +00:00
parent eeb96c5e62
commit c9831b7bea
14 changed files with 427 additions and 107 deletions

View File

@ -74,90 +74,102 @@ bool GxsSecurity::getSignature(char* data, uint32_t data_len, RsTlvSecurityKey*
return ok;
}
bool GxsSecurity::validateNxsMsg(RsNxsMsg *msg, RsTlvKeySignature& sign, RsTlvSecurityKeySet& key)
bool GxsSecurity::validateNxsMsg(RsNxsMsg& msg, RsTlvKeySignature& sign, RsTlvSecurityKey& key)
{
//#ifdef GXS_SECURITY_DEBUG
// std::cerr << "GxsSecurity::validateNxsMsg()";
// std::cerr << std::endl;
// std::cerr << "RsNxsMsg :";
// std::cerr << std::endl;
// msg->print(std::cerr, 10);
// std::cerr << std::endl;
//#endif
#ifdef GXS_SECURITY_DEBUG
std::cerr << "GxsSecurity::validateNxsMsg()";
std::cerr << std::endl;
std::cerr << "RsNxsMsg :";
std::cerr << std::endl;
msg.print(std::cerr, 10);
std::cerr << std::endl;
#endif
RsGxsMsgMetaData& msgMeta = *(msg.metaData);
// /********************* check signature *******************/
// /* check signature timeperiod */
// if ((newMsg->timestamp < kit->second.startTS) ||
// (newMsg->timestamp > kit->second.endTS))
// {
//#ifdef DISTRIB_DEBUG
// std::cerr << "p3GroupDistrib::locked_validateDistribSignedMsg() TS out of range";
// std::cerr << std::endl;
//#endif
// return false;
// }
/* check signature timeperiod */
if ((msgMeta.mPublishTs < key.startTS) ||
(msgMeta.mPublishTs > key.endTS))
{
#ifdef GXS_SECURITY_DEBUG
std::cerr << " GxsSecurity::validateNxsMsg() TS out of range";
std::cerr << std::endl;
#endif
return false;
}
// /* decode key */
// const unsigned char *keyptr = (const unsigned char *) kit->second.keyData.bin_data;
// long keylen = kit->second.keyData.bin_len;
// unsigned int siglen = newMsg->publishSignature.signData.bin_len;
// unsigned char *sigbuf = (unsigned char *) newMsg->publishSignature.signData.bin_data;
/* decode key */
const unsigned char *keyptr = (const unsigned char *) key.keyData.bin_data;
long keylen = key.keyData.bin_len;
unsigned int siglen = sign.signData.bin_len;
unsigned char *sigbuf = (unsigned char *) sign.signData.bin_data;
//#ifdef DISTRIB_DEBUG
// std::cerr << "p3GroupDistrib::locked_validateDistribSignedMsg() Decode Key";
// std::cerr << " keylen: " << keylen << " siglen: " << siglen;
// std::cerr << std::endl;
//#endif
#ifdef DISTRIB_DEBUG
std::cerr << "GxsSecurity::validateNxsMsg() Decode Key";
std::cerr << " keylen: " << keylen << " siglen: " << siglen;
std::cerr << std::endl;
#endif
// /* extract admin key */
// RSA *rsakey = d2i_RSAPublicKey(NULL, &(keyptr), keylen);
/* extract admin key */
RSA *rsakey = d2i_RSAPublicKey(NULL, &(keyptr), keylen);
// if (!rsakey)
// {
//#ifdef DISTRIB_DEBUG
// std::cerr << "p3GroupDistrib::locked_validateDistribSignedMsg()";
// std::cerr << " Invalid RSA Key";
// std::cerr << std::endl;
if (!rsakey)
{
#ifdef GXS_SECURITY_DEBUG
std::cerr << "GxsSecurity::validateNxsMsg()";
std::cerr << " Invalid RSA Key";
std::cerr << std::endl;
// unsigned long err = ERR_get_error();
// std::cerr << "RSA Load Failed .... CODE(" << err << ")" << std::endl;
// std::cerr << ERR_error_string(err, NULL) << std::endl;
// kit->second.print(std::cerr, 10);
//#endif
// }
key.print(std::cerr, 10);
#endif
}
// EVP_PKEY *signKey = EVP_PKEY_new();
// EVP_PKEY_assign_RSA(signKey, rsakey);
RsTlvKeySignatureSet signSet = msgMeta.signSet;
msgMeta.signSet.TlvClear();
// /* calc and check signature */
// EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
uint32_t metaDataLen = msgMeta.serial_size();
uint32_t allMsgDataLen = metaDataLen + msg.msg.bin_len;
char* metaData = new char[metaDataLen];
char* allMsgData = new char[allMsgDataLen]; // msgData + metaData
// EVP_VerifyInit(mdctx, EVP_sha1());
// EVP_VerifyUpdate(mdctx, newMsg->packet.bin_data, newMsg->packet.bin_len);
// int signOk = EVP_VerifyFinal(mdctx, sigbuf, siglen, signKey);
msgMeta.serialise(metaData, &metaDataLen);
// /* clean up */
// EVP_PKEY_free(signKey);
// EVP_MD_CTX_destroy(mdctx);
// copy msg data and meta in allmsgData buffer
memcpy(allMsgData, msg.msg.bin_data, msg.msg.bin_len);
memcpy(allMsgData+(msg.msg.bin_len), metaData, metaDataLen);
// if (signOk == 1)
// {
//#ifdef GXS_SECURITY_DEBUG
// std::cerr << "p3GroupDistrib::locked_validateDistribSignedMsg() Signature OK";
// std::cerr << std::endl;
//#endif
// return true;
// }
EVP_PKEY *signKey = EVP_PKEY_new();
EVP_PKEY_assign_RSA(signKey, rsakey);
//#ifdef DISTRIB_DEBUG
// std::cerr << "p3GroupDistrib::locked_validateDistribSignedMsg() Signature invalid";
// std::cerr << std::endl;
//#endif
/* calc and check signature */
EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
EVP_VerifyInit(mdctx, EVP_sha1());
EVP_VerifyUpdate(mdctx, allMsgData, allMsgDataLen);
int signOk = EVP_VerifyFinal(mdctx, sigbuf, siglen, signKey);
/* clean up */
EVP_PKEY_free(signKey);
EVP_MD_CTX_destroy(mdctx);
if (signOk == 1)
{
#ifdef GXS_SECURITY_DEBUG
std::cerr << "GxsSecurity::validateNxsMsg() Signature OK";
std::cerr << std::endl;
#endif
return true;
}
#ifdef GXS_SECURITY_DEBUG
std::cerr << "GxsSecurity::validateNxsMsg() Signature invalid";
std::cerr << std::endl;
#endif
return false;
}

View File

@ -129,7 +129,7 @@ public:
* @param key the public key to use to check signature
* @return false if verfication of signature is not passed
*/
static bool validateNxsMsg(RsNxsMsg *msg, RsTlvKeySignature& sign, RsTlvSecurityKeySet& key);
static bool validateNxsMsg(RsNxsMsg& msg, RsTlvKeySignature& sign, RsTlvSecurityKey& key);
/*!

View File

@ -34,10 +34,23 @@
#include "gxssecurity.h"
#include "util/contentvalue.h"
#include "rsgxsflags.h"
#include "rsgixs.h"
RsGenExchange::RsGenExchange(RsGeneralDataService *gds,
RsNetworkExchangeService *ns, RsSerialType *serviceSerialiser, uint16_t servType, RsGixs* gixs)
: mGenMtx("GenExchange"), mDataStore(gds), mNetService(ns), mSerialiser(serviceSerialiser), mServType(servType), mGixs(gixs)
#define PUB_GRP_MASK 0x000f
#define RESTR_GRP_MASK 0x00f0
#define PRIV_GRP_MASK 0x0f00
#define GRP_OPTIONS_MASK 0xf000
#define PUB_GRP_OFFSET 0
#define RESTR_GRP_OFFSET 8
#define PRIV_GRP_OFFSET 16
#define GRP_OPTIONS_OFFSET 24
RsGenExchange::RsGenExchange(RsGeneralDataService *gds, RsNetworkExchangeService *ns,
RsSerialType *serviceSerialiser, uint16_t servType, RsGixs* gixs, uint32_t authenPolicy)
: mGenMtx("GenExchange"), mDataStore(gds), mNetService(ns), mSerialiser(serviceSerialiser),
mServType(servType), mGixs(gixs), mAuthenPolicy(authenPolicy)
{
mDataAccess = new RsGxsDataAccess(gds);
@ -60,7 +73,7 @@ RsGenExchange::~RsGenExchange()
void RsGenExchange::run()
{
double timeDelta = 0.06; // slow tick
double timeDelta = 0.1; // slow tick
while(true)
{
@ -168,13 +181,13 @@ void RsGenExchange::generateGroupKeys(RsTlvSecurityKeySet& keySet)
adminKey.startTS = time(NULL);
adminKey.endTS = 0; /* no end */
privAdminKey.startTS = time(NULL);
privAdminKey.startTS = adminKey.startTS;
privAdminKey.endTS = 0; /* no end */
pubKey.startTS = time(NULL);
pubKey.endTS = 0; /* no end */
pubKey.startTS = adminKey.startTS;
pubKey.endTS = pubKey.startTS + 60 * 60 * 24 * 365 * 5; /* approx 5 years */
privPubKey.startTS = time(NULL);
privPubKey.startTS = adminKey.startTS;
privPubKey.endTS = 0; /* no end */
// for now all public
@ -354,6 +367,160 @@ bool RsGenExchange::createMessage(RsNxsMsg* msg)
return ok;
}
bool RsGenExchange::validateMsg(RsNxsMsg *msg, const uint32_t& grpFlag, RsTlvSecurityKeySet& grpKeySet)
{
bool isParent = false;
bool checkPublishSign, checkIdentitySign;
bool valid = true;
// publish signature is determined by whether group is public or not
// for private group signature is not needed as it needs decrypting with
// the private publish key anyways
// restricted is a special case which heeds whether publish sign needs to be checked or not
// one may or may not want
if(msg->metaData->mParentId.empty())
{
isParent = false;
}
else
{
isParent = true;
}
if(isParent)
{
checkIdentitySign = false;
checkPublishSign = false;
if(grpFlag & GXS_SERV::FLAG_PRIVACY_PUBLIC)
{
checkPublishSign = false;
if(checkMsgAuthenFlag(PUBLIC_GRP_BITS, GXS_SERV::MSG_AUTHEN_ROOT_AUTHOR_SIGN))
checkIdentitySign = true;
}
else if(grpFlag & GXS_SERV::FLAG_PRIVACY_RESTRICTED)
{
checkPublishSign = true;
if(checkMsgAuthenFlag(RESTRICTED_GRP_BITS, GXS_SERV::MSG_AUTHEN_ROOT_AUTHOR_SIGN))
checkIdentitySign = true;
}
else if(grpFlag & GXS_SERV::FLAG_PRIVACY_PRIVATE)
{
checkPublishSign = false;
if(checkMsgAuthenFlag(PRIVATE_GRP_BITS, GXS_SERV::MSG_AUTHEN_ROOT_AUTHOR_SIGN))
checkIdentitySign = true;
}
}else
{
if(grpFlag & GXS_SERV::FLAG_PRIVACY_PUBLIC)
{
checkPublishSign = false;
if(checkMsgAuthenFlag(PUBLIC_GRP_BITS, GXS_SERV::MSG_AUTHEN_CHILD_AUTHOR_SIGN))
checkIdentitySign = true;
}
else if(grpFlag & GXS_SERV::FLAG_PRIVACY_RESTRICTED)
{
if(checkMsgAuthenFlag(RESTRICTED_GRP_BITS, GXS_SERV::MSG_AUTHEN_CHILD_PUBLISH_SIGN))
checkPublishSign = true;
if(checkMsgAuthenFlag(RESTRICTED_GRP_BITS, GXS_SERV::MSG_AUTHEN_CHILD_AUTHOR_SIGN))
checkIdentitySign = true;
}
else if(grpFlag & GXS_SERV::FLAG_PRIVACY_PRIVATE)
{
checkPublishSign = false;
if(checkMsgAuthenFlag(PRIVATE_GRP_BITS, GXS_SERV::MSG_AUTHEN_CHILD_AUTHOR_SIGN))
checkIdentitySign = true;
}
}
RsGxsMsgMetaData& metaData = *(msg->metaData);
if(checkPublishSign)
{
RsTlvKeySignature sign = metaData.signSet.keySignSet[GXS_SERV::FLAG_AUTHEN_PUBLISH];
if(grpKeySet.keys.find(sign.keyId) != grpKeySet.keys.end())
{
RsTlvSecurityKey publishKey = grpKeySet.keys[sign.keyId];
valid &= GxsSecurity::validateNxsMsg(*msg, sign, publishKey);
}
else
{
valid = false;
}
}
if(checkIdentitySign)
{
bool haveKey = mGixs->haveKey(metaData.mAuthorId);
if(haveKey)
{
std::list<std::string> peers;
mGixs->requestKey(metaData.mAuthorId, peers);
RsTlvSecurityKey authorKey;
double timeDelta = 0.002; // fast polling
time_t now = time(NULL);
// poll immediately but, don't spend more than a second polling
while( (mGixs->getKey(metaData.mAuthorId, authorKey) == -1) &&
((now + 1) >> time(NULL))
)
{
#ifndef WINDOWS_SYS
usleep((int) (timeDelta * 1000000));
#else
Sleep((int) (timeDelta * 1000));
#endif
}
RsTlvKeySignature sign = metaData.signSet.keySignSet[GXS_SERV::FLAG_AUTHEN_PUBLISH];
valid &= GxsSecurity::validateNxsMsg(*msg, sign, authorKey);
}else
{
valid = false;
}
}
return valid;
}
bool RsGenExchange::checkMsgAuthenFlag(const PrivacyBitPos& pos, const uint8_t& flag) const
{
switch(pos)
{
case PUBLIC_GRP_BITS:
return mAuthenPolicy & flag;
break;
case RESTRICTED_GRP_BITS:
return flag & (mAuthenPolicy >> RESTR_GRP_OFFSET);
break;
case PRIVATE_GRP_BITS:
return flag & (mAuthenPolicy >> PRIV_GRP_OFFSET);
break;
case GRP_OPTION_BITS:
return flag & (mAuthenPolicy >> GRP_OPTIONS_OFFSET);
break;
default:
std::cerr << "pos option not recognised";
return false;
}
}
bool RsGenExchange::getGroupList(const uint32_t &token, std::list<RsGxsGroupId> &groupIds)
{
@ -494,6 +661,36 @@ RsTokenService* RsGenExchange::getTokenService()
}
bool RsGenExchange::setAuthenPolicyFlag(const uint8_t &msgFlag, uint32_t& authenFlag, const PrivacyBitPos &pos)
{
uint32_t temp = 0;
temp = msgFlag;
switch(pos)
{
case PUBLIC_GRP_BITS:
authenFlag &= ~PUB_GRP_MASK;
authenFlag |= temp;
break;
case RESTRICTED_GRP_BITS:
authenFlag &= ~RESTR_GRP_MASK;
authenFlag |= (temp << RESTR_GRP_OFFSET);
break;
case PRIVATE_GRP_BITS:
authenFlag &= ~PRIV_GRP_MASK;
authenFlag |= (temp << PRIV_GRP_OFFSET);
break;
case GRP_OPTION_BITS:
authenFlag &= ~GRP_OPTIONS_MASK;
authenFlag |= (temp << GRP_OPTIONS_OFFSET);
break;
default:
std::cerr << "pos option not recognised";
return false;
}
return true;
}
void RsGenExchange::notifyNewGroups(std::vector<RsNxsGrp *> &groups)
{
std::vector<RsNxsGrp*>::iterator vit = groups.begin();
@ -953,18 +1150,44 @@ void RsGenExchange::processRecvdMessages()
GxsMsgReq msgIds;
std::map<RsNxsMsg*, RsGxsMsgMetaData*> msgs;
std::map<RsGxsGroupId, RsGxsGrpMetaData*> grpMetas;
// coalesce group meta retrieval for performance
for(; vit != mReceivedMsgs.end(); vit++)
{
RsNxsMsg* msg = *vit;
grpMetas.insert(std::make_pair(msg->grpId, (RsGxsGrpMetaData*)NULL));
}
mDataStore->retrieveGxsGrpMetaData(grpMetas);
for(vit = mReceivedMsgs.begin(); vit != mReceivedMsgs.end(); vit++)
{
RsNxsMsg* msg = *vit;
RsGxsMsgMetaData* meta = new RsGxsMsgMetaData();
bool ok = meta->deserialise(msg->meta.bin_data, &(msg->meta.bin_len));
if(ok)
{
std::map<RsGxsGroupId, RsGxsGrpMetaData*>::iterator mit = grpMetas.find(msg->grpId);
// validate msg
if(mit != grpMetas.end()){
RsGxsGrpMetaData* grpMeta = mit->second;
ok = true;
//&= validateMsg(msg, grpMeta->mGroupFlags, grpMeta->keys);
}
else
ok = false;
if(ok)
{
msgs.insert(std::make_pair(msg, meta));
msgIds[msg->grpId].push_back(msg->msgId);
}
else
}
if(!ok)
{
#ifdef GXS_GENX_DEBUG
std::cerr << "failed to deserialise incoming meta, grpId: "
@ -975,6 +1198,14 @@ void RsGenExchange::processRecvdMessages()
}
}
std::map<RsGxsGroupId, RsGxsGrpMetaData*>::iterator mit = grpMetas.begin();
// clean up resources
for(; mit != grpMetas.end(); mit++)
{
delete mit->second;
}
if(!msgIds.empty())
{
mDataStore->storeMessage(msgs);

View File

@ -41,7 +41,6 @@ typedef std::map<RsGxsGroupId, std::vector<RsGxsMsgItem*> > GxsMsgDataMap;
typedef std::map<RsGxsGroupId, RsGxsGrpItem*> GxsGroupDataMap;
typedef std::map<RsGxsGroupId, std::vector<RsMsgMetaData> > GxsMsgMetaMap;
/*!
* This should form the parent class to \n
* all gxs services. This provides access to service's msg/grp data \n
@ -76,10 +75,12 @@ public:
* @param serviceSerialiser The users service needs this \n
* in order for gen exchange to deal with its data types
* @param mServType This should be service type used by the serialiser
* @param This is used for verification of msgs and groups received by Gen Exchange using identities, set to NULL if \n
* @param gixs This is used for verification of msgs and groups received by Gen Exchange using identities, set to NULL if \n
* identity verification is not wanted
* @param authenPolicy This determines the authentication used for verfying authorship of msgs and groups
*/
RsGenExchange(RsGeneralDataService* gds, RsNetworkExchangeService* ns, RsSerialType* serviceSerialiser, uint16_t mServType, RsGixs* gixs = NULL);
RsGenExchange(RsGeneralDataService* gds, RsNetworkExchangeService* ns,
RsSerialType* serviceSerialiser, uint16_t mServType, RsGixs* gixs = NULL, uint32_t authenPolicy = 0);
virtual ~RsGenExchange();
@ -119,6 +120,21 @@ public:
void run();
/*!
* Policy bit pattern portion
*/
enum PrivacyBitPos { PUBLIC_GRP_BITS, RESTRICTED_GRP_BITS, PRIVATE_GRP_BITS, GRP_OPTION_BITS } ;
/*!
* Convenience function for setting bit patterns of the individual privacy level authentication
* policy and group options
* @param flag the bit pattern (and policy) set for the privacy policy
* @param authenFlag Only the policy portion chosen will be modified with 'flag'
* @param pos The policy portion to modify
* @see PrivacyBitPos
*/
static bool setAuthenPolicyFlag(const uint8_t& flag, uint32_t& authenFlag, const PrivacyBitPos& pos);
public:
/** data access functions **/
@ -382,7 +398,6 @@ private:
*/
bool createMessage(RsNxsMsg* msg);
/*!
* check meta change is legal
* @return false if meta change is not legal
@ -395,6 +410,17 @@ private:
*/
void generateGroupKeys(RsTlvSecurityKeySet& keySet);
/*!
* Attempts to validate msg
* @param msg message to be validated
* @param grpFlag the flag for the group the message belongs to
* @param grpKeySet
* @return true if msg validates, false otherwise
*/
bool validateMsg(RsNxsMsg* msg, const uint32_t& grpFlag, RsTlvSecurityKeySet& grpKeySet);
bool checkMsgAuthenFlag(const PrivacyBitPos& pos, const uint8_t& flag) const;
private:
RsMutex mGenMtx;
@ -422,6 +448,9 @@ private:
/// service type
uint16_t mServType;
/// authentication policy
uint32_t mAuthenPolicy;
private:

View File

@ -31,9 +31,6 @@
#include "serialiser/rstlvkeys.h"
//#include <openssl/ssl.h>
//#include <set>
/*!
* GIXP: General Identity Exchange Service.
*

View File

@ -149,7 +149,6 @@ uint32_t RsGxsMsgMetaData::serial_size()
s += GetTlvStringSize(mParentId);
s += GetTlvStringSize(mOrigMsgId);
s += GetTlvStringSize(mAuthorId);
s += GetTlvStringSize(mServiceString);
s += signSet.TlvSize();
s += GetTlvStringSize(mMsgName);
@ -206,7 +205,6 @@ bool RsGxsMsgMetaData::serialise(void *data, uint32_t *size)
ok &= SetTlvString(data, *size, &offset, 0, mParentId);
ok &= SetTlvString(data, *size, &offset, 0, mOrigMsgId);
ok &= SetTlvString(data, *size, &offset, 0, mAuthorId);
ok &= SetTlvString(data, *size, &offset, 0, mServiceString);
ok &= signSet.SetTlv(data, *size, &offset);
ok &= SetTlvString(data, *size, &offset, 0, mMsgName);
@ -234,7 +232,6 @@ bool RsGxsMsgMetaData::deserialise(void *data, uint32_t *size)
ok &= GetTlvString(data, *size, &offset, 0, mParentId);
ok &= GetTlvString(data, *size, &offset, 0, mOrigMsgId);
ok &= GetTlvString(data, *size, &offset, 0, mAuthorId);
ok &= GetTlvString(data, *size, &offset, 0, mServiceString);
ok &= signSet.GetTlv(data, *size, &offset);
ok &= GetTlvString(data, *size, &offset, 0, mMsgName);

View File

@ -112,6 +112,7 @@ public:
uint32_t mMsgStatus;
time_t mChildTs;
bool validated;
};

View File

@ -51,16 +51,35 @@ namespace GXS_SERV {
/** END authentication **/
/** START msg authentication flags **/
static const uint8_t MSG_AUTHEN_MASK = 0x0f;
static const uint8_t MSG_AUTHEN_ROOT_PUBLISH_SIGN = 0x01;
static const uint8_t MSG_AUTHEN_CHILD_PUBLISH_SIGN = 0x02;
static const uint8_t MSG_AUTHEN_ROOT_AUTHOR_SIGN = 0x04;
static const uint8_t MSG_AUTHEN_CHILD_AUTHOR_SIGN = 0x08;
/** END msg authentication flags **/
/** START group options flag **/
static const uint8_t GRP_OPTION_AUTHEN_AUTHOR_SIGN = 0x01;
/** END group options flag **/
/** START Subscription Flags. (LOCAL) **/
static const uint32_t GROUP_SUBSCRIBE_ADMIN = 0x00000001;
static const uint32_t GROUP_SUBSCRIBE_ADMIN = 0x01;
static const uint32_t GROUP_SUBSCRIBE_PUBLISH = 0x00000002;
static const uint32_t GROUP_SUBSCRIBE_PUBLISH = 0x02;
static const uint32_t GROUP_SUBSCRIBE_SUBSCRIBED = 0x00000004;
static const uint32_t GROUP_SUBSCRIBE_SUBSCRIBED = 0x04;
static const uint32_t GROUP_SUBSCRIBE_NOT_SUBSCRIBED = 0x00000008;
static const uint32_t GROUP_SUBSCRIBE_NOT_SUBSCRIBED = 0x08;
static const uint32_t GROUP_SUBSCRIBE_MASK = 0x0000000f;

View File

@ -363,8 +363,8 @@ void RsGxsNetService::run(){
bool RsGxsNetService::locked_checkTransacTimedOut(NxsTransaction* tr)
{
return tr->mTimeOut < ((uint32_t) time(NULL));
// return false;
// return tr->mTimeOut < ((uint32_t) time(NULL));
return false;
}
void RsGxsNetService::processTransactions(){

View File

@ -1818,9 +1818,9 @@ RsTurtle *rsTurtle = NULL ;
#ifdef ENABLE_GXS_CORE
#include "gxs/gxscoreserver.h"
#include "gxs/rsdataservice.h"
#include "gxs/rsgxsnetservice.h"
#include "gxs/rsgxsflags.h"
#endif
#ifdef ENABLE_GXS_SERVICES
@ -2319,6 +2319,20 @@ int RsServer::StartupRetroShare()
#if ENABLE_OTHER_GXS_SERVICES
/**** Photo service ****/
// create photo authentication policy
uint32_t photoAuthenPolicy = 0;
uint8_t flag = 0;
flag = GXS_SERV::MSG_AUTHEN_ROOT_PUBLISH_SIGN;
RsGenExchange::setAuthenPolicyFlag(flag, photoAuthenPolicy,
RsGenExchange::RESTRICTED_GRP_BITS);
flag = GXS_SERV::GRP_OPTION_AUTHEN_AUTHOR_SIGN;
RsGenExchange::setAuthenPolicyFlag(flag, photoAuthenPolicy,
RsGenExchange::GRP_OPTION_BITS);
p3PhotoServiceV2 *mPhotoV2 = NULL;
@ -2327,8 +2341,9 @@ int RsServer::StartupRetroShare()
photo_ds->resetDataStore(); //TODO: remove, new service data per RS session, for testing
// init gxs services
mPhotoV2 = new p3PhotoServiceV2(photo_ds, NULL);
mPhotoV2 = new p3PhotoServiceV2(photo_ds, NULL, mGxsIdService, photoAuthenPolicy);
// create GXS photo service
RsGxsNetService* photo_ns = new RsGxsNetService(

View File

@ -79,8 +79,10 @@ std::ostream &operator<<(std::ostream &out, const RsPhotoAlbum &album)
return out;
}
p3PhotoServiceV2::p3PhotoServiceV2(RsGeneralDataService* gds, RsNetworkExchangeService* nes)
: RsGenExchange(gds, nes, new RsGxsPhotoSerialiser(), RS_SERVICE_GXSV1_TYPE_PHOTO), mPhotoMutex(std::string("Photo Mutex"))
p3PhotoServiceV2::p3PhotoServiceV2(RsGeneralDataService* gds, RsNetworkExchangeService* nes, RsGixs* gixs,
uint32_t authenPolicy)
: RsGenExchange(gds, nes, new RsGxsPhotoSerialiser(), RS_SERVICE_GXSV1_TYPE_PHOTO, gixs, authenPolicy),
mPhotoMutex(std::string("Photo Mutex"))
{
// create dummy grps

View File

@ -34,7 +34,8 @@ class p3PhotoServiceV2 : public RsPhotoV2, public RsGenExchange
{
public:
p3PhotoServiceV2(RsGeneralDataService* gds, RsNetworkExchangeService* nes);
p3PhotoServiceV2(RsGeneralDataService* gds, RsNetworkExchangeService* nes, RsGixs* gixs,
uint32_t authenPolicy);
public:

View File

@ -4,6 +4,7 @@
#include "ui_AlbumCreateDialog.h"
#include "util/misc.h"
#include "gxs/rsgxsflags.h"
AlbumCreateDialog::AlbumCreateDialog(TokenQueue *photoQueue, RsPhotoV2 *rs_photo, QWidget *parent):
QDialog(parent),
@ -20,6 +21,10 @@ AlbumCreateDialog::~AlbumCreateDialog()
delete ui;
}
#define PUBLIC_INDEX 0
#define RESTRICTED_INDEX 1
#define PRIVATE_INDEX 2
void AlbumCreateDialog::publishAlbum()
{
// get fields for album to publish, publish and then exit dialog
@ -33,6 +38,22 @@ void AlbumCreateDialog::publishAlbum()
album.mPhotographer = ui->lineEdit_Photographer->text().toStdString();
getAlbumThumbnail(album.mThumbnail);
int currIndex = ui->privacyComboBox->currentIndex();
switch(currIndex)
{
case PUBLIC_INDEX:
album.mMeta.mGroupFlags |= GXS_SERV::FLAG_PRIVACY_PUBLIC;
break;
case RESTRICTED_INDEX:
album.mMeta.mGroupFlags |= GXS_SERV::FLAG_PRIVACY_RESTRICTED;
break;
case PRIVATE_INDEX:
album.mMeta.mGroupFlags |= GXS_SERV::FLAG_PRIVACY_PRIVATE;
break;
}
uint32_t token;
mRsPhoto->submitAlbumDetails(token, album);
mPhotoQueue->queueRequest(token, TOKENREQ_GROUPINFO, RS_TOKREQ_ANSTYPE_ACK, 0);

View File

@ -7,7 +7,7 @@
<x>0</x>
<y>0</y>
<width>465</width>
<height>356</height>
<height>365</height>
</rect>
</property>
<property name="windowTitle">
@ -198,7 +198,7 @@ border-radius: 10px;
</property>
<layout class="QGridLayout" name="gridLayout">
<item row="0" column="0">
<widget class="QComboBox" name="comboBox_3">
<widget class="QComboBox" name="privacyComboBox">
<property name="sizePolicy">
<sizepolicy hsizetype="Minimum" vsizetype="Fixed">
<horstretch>0</horstretch>
@ -210,11 +210,6 @@ border-radius: 10px;
<string>Public</string>
</property>
</item>
<item>
<property name="text">
<string>All Friends</string>
</property>
</item>
<item>
<property name="text">
<string>Restricted</string>