sorted out the mess with various calls to clear/cache PGP passphrase that resulted in the passphrase staying in memory

2025-02-17 13:24:15 -05:00 · 2021-01-08 23:43:59 +01:00 · 2021-01-08 23:43:59 +01:00 · d7fbe29a56
commit d7fbe29a56
parent 3ee9408c00
4 changed files with 43 additions and 26 deletions
--- a/libretroshare/src/rsserver/rsinit.cc
+++ b/libretroshare/src/rsserver/rsinit.cc
@ -1927,20 +1927,26 @@ RsInit::LoadCertificateStatus RsLoginHelper::attemptLogin(const RsPeerId& accoun
 {
 	if(isLoggedIn()) return RsInit::ERR_ALREADY_RUNNING;

-    if(!password.empty())
-	{
-		if(!rsNotify->cachePgpPassphrase(password)) return RsInit::ERR_UNKNOWN;
-		if(!rsNotify->setDisableAskPassword(true)) return RsInit::ERR_UNKNOWN;
-	}
-	if(!RsAccounts::SelectAccount(account)) return RsInit::ERR_UNKNOWN;
-	std::string _ignore_lockFilePath;
-	RsInit::LoadCertificateStatus ret = RsInit::LockAndLoadCertificates(false, _ignore_lockFilePath);
+    {
+        if(!RsAccounts::SelectAccount(account))
+            return RsInit::ERR_UNKNOWN;

-	if(!rsNotify->setDisableAskPassword(false)) return RsInit::ERR_UNKNOWN;
-	if(!rsNotify->clearPgpPassphrase()) return RsInit::ERR_UNKNOWN;
-	if(ret != RsInit::OK) return ret;
-	if(RsControl::instance()->StartupRetroShare() == 1) return RsInit::OK;
-	return RsInit::ERR_UNKNOWN;
+        if(!password.empty())
+        {
+            rsNotify->cachePgpPassphrase(password);
+            rsNotify->setDisableAskPassword(true);
+        }
+        std::string _ignore_lockFilePath;
+        RsInit::LoadCertificateStatus ret = RsInit::LockAndLoadCertificates(false, _ignore_lockFilePath);
+
+        rsNotify->setDisableAskPassword(false) ;
+        rsNotify->clearPgpPassphrase() ;
+
+        if(ret == RsInit::OK && RsControl::instance()->StartupRetroShare() == 1)
+            return RsInit::OK;
+
+        return ret;
+    }
 }

 /*static*/ bool RsLoginHelper::collectEntropy(uint32_t bytes)
--- a/retroshare-gui/src/gui/GenCertDialog.cpp
+++ b/retroshare-gui/src/gui/GenCertDialog.cpp
@ -636,9 +636,6 @@ void GenCertDialog::genPerson()

 		setCursor(Qt::ArrowCursor) ;
 	}
-	// now cache the PGP password so that it's not asked again for immediately signing the key
-	rsNotify->cachePgpPassphrase(ui.password_input->text().toUtf8().constData()) ;
-
 	//generate a random ssl password
 	std::string sslPasswd = RSRandom::random_alphaNumericString(RsInit::getSslPwdLen()) ;

@ -650,7 +647,11 @@ void GenCertDialog::genPerson()
 	std::string err;
 	this->hide();//To show dialog asking password PGP Key.
 	std::cout << "RsAccounts::GenerateSSLCertificate" << std::endl;
-	bool okGen = RsAccounts::createNewAccount(PGPId, "", genLoc, "", isHiddenLoc, isAutoTor, sslPasswd, sslId, err);
+
+    // now cache the PGP password so that it's not asked again for immediately signing the key
+    rsNotify->cachePgpPassphrase(ui.password_input->text().toUtf8().constData()) ;
+
+    bool okGen = RsAccounts::createNewAccount(PGPId, "", genLoc, "", isHiddenLoc, isAutoTor, sslPasswd, sslId, err);

 	if (okGen)
 	{
@ -658,16 +659,23 @@ void GenCertDialog::genPerson()
 		RsInit::LoadPassword(sslPasswd);
 		if (Rshare::loadCertificate(sslId, false)) {

-			accept();
+        // Now clear the cached passphrase
+        rsNotify->clearPgpPassphrase();
+
+            accept();
 		}
 	}
 	else
-	{
-		/* Message Dialog */
-		QMessageBox::warning(this,
-                               tr("Profile generation failure"),
-                               tr("Failed to generate your new certificate, maybe PGP password is wrong!"),
-                               QMessageBox::Ok);
-		reject();
-       }
+    {
+        // Now clear the cached passphrase
+        rsNotify->clearPgpPassphrase();
+
+        /* Message Dialog */
+        QMessageBox::warning(this,
+                             tr("Profile generation failure"),
+                             tr("Failed to generate your new certificate, maybe PGP password is wrong!"),
+                             QMessageBox::Ok);
+
+        reject();
+    }
 }
--- a/retroshare-gui/src/gui/Identity/IdEditDialog.cpp
+++ b/retroshare-gui/src/gui/Identity/IdEditDialog.cpp
@ -549,6 +549,8 @@ void IdEditDialog::createId()
 		std::string gpg_name = rsPeers->getGPGName(rsPeers->getGPGOwnId());
        bool cancelled;

+        rsNotify->clearPgpPassphrase(); // just in case
+
        if(!NotifyQt::getInstance()->askForPassword(tr("Profile password needed.").toStdString(),
 		                                            gpg_name + " (" + rsPeers->getOwnId().toStdString() + ")",
 		                                            false,
--- a/retroshare-gui/src/gui/StartDialog.cpp
+++ b/retroshare-gui/src/gui/StartDialog.cpp
@ -126,6 +126,7 @@ void StartDialog::loadPerson()
 	bool res = Rshare::loadCertificate(accountId, ui.autologin_checkbox->isChecked()) ;

 	rsNotify->setDisableAskPassword(false);
+    rsNotify->clearPgpPassphrase();

 	if(res)
 		accept();