Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-06-14 01:23:13 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Major bugfixes to get PGP authentication finished.

Browse source 
* p3disc now exchanges "Issuer" (pgp) certificates as well.
 * additional types for rsdiscitems.h
 * Bug Fix for NULL packet in p3service.cc
 * allow unauthed SSL certificates to be added in AuthSSL - otherwise cant add new friends!
 * only save authed SSL certificates.
 * fixed ref/unref of PGP keys in AuthGPG
 * added Mutex protection to AuthGPG
 * added PGP reloading when key is imported, or signed.
 * Fixed PGP key signing.
 * added Additional field validLvl to RsPeerDetails.



git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@1270 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
drbob 2009-05-25 11:38:47 +00:00
parent aeb07b4ce5
commit d4b52a59e5
15 changed files with 566 additions and 95 deletions
Download patch file Download diff file Expand all files Collapse all files

18
libretroshare/src/pqi/authssl.cc
View file

@ -1069,8 +1069,11 @@ bool AuthSSL::AuthCertificate(std::string id)
if (locked_FindCert(id, &cert))
{
/* ensuring this function can do nothing in PGP mode */
#ifdef PQI_USE_SSLONLY
cert->authed=true;
mToSaveCerts = true;
#endif
}
sslMtx.unlock(); /**** UNLOCK ****/
@ -1553,18 +1556,20 @@ bool AuthSSL::ProcessX509(X509 *x509, std::string &id)
/* extract id */
std::string xid;
bool valid = ValidateCertificate(x509, xid);
if (!ValidateCertificate(x509, xid))
if (!valid)
{
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::ProcessX509() ValidateCertificate FAILED";
std::cerr << std::endl;
#endif
/* bad certificate */
#ifdef PQI_USE_SSLONLY
/* bad ( or unknown pgp issuer ) certificate */
X509_free(x509);
return false;
#endif
}
sslcert *cert = NULL;
@ -1603,6 +1608,7 @@ bool AuthSSL::ProcessX509(X509 *x509, std::string &id)
/* check that they are exact */
if (0 != X509_cmp(cert->certificate, x509))
{
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::ProcessX509() Not the same: MAJOR ERROR";
std::cerr << std::endl;
@ -1632,6 +1638,7 @@ bool AuthSSL::ProcessX509(X509 *x509, std::string &id)
/* if we get here -> its a new certificate */
cert = new sslcert(x509, xid);
cert->authed = valid;
sslMtx.lock(); /***** LOCK *****/
@ -2231,9 +2238,10 @@ bool AuthSSL::saveCertificates()
for(it = mCerts.begin(); it != mCerts.end(); it++)
{
// SAVE ALL CERTS
#if 0
if (it->second->authed)
#if PQI_USE_PQISSL
#endif
// Save only Authed Certs;
if (it->second->authed)
{
X509 *x509 = it->second->certificate;
std::string hash;