switched security items to new notification system

2025-08-03 03:36:58 -04:00 · 2019-12-01 22:35:16 +01:00 · 2019-12-01 22:35:16 +01:00 · d8569d813c
commit d8569d813c
parent 694e05d4b9
11 changed files with 179 additions and 52 deletions
--- a/libretroshare/src/pqi/authssl.cc
+++ b/libretroshare/src/pqi/authssl.cc
@ -1189,6 +1189,8 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx)
 		if(rsEvents)
 		{
 			ev->mErrorMsg = errMsg;
+			ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::NO_CERTIFICATE_SUPPLIED;
+
 			rsEvents->postEvent(std::move(ev));
 		}

@ -1218,7 +1220,8 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx)
 		{
 			ev->mSslCn = sslCn;
 			ev->mPgpId = pgpId;
-			ev->mErrorMsg = errMsg;
+			ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::MISSING_AUTHENTICATION_INFO;
+
 			rsEvents->postEvent(std::move(ev));
 		}

@ -1237,6 +1240,8 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx)
 			ev->mSslId = sslId;
 			ev->mSslCn = sslCn;
 			ev->mErrorMsg = errMsg;
+			ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::MISSING_AUTHENTICATION_INFO;
+
 			rsEvents->postEvent(std::move(ev));
 		}

@ -1266,6 +1271,7 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx)
 				ev->mSslCn = sslCn;
 				ev->mPgpId = pgpId;
 				ev->mErrorMsg = errorMsg;
+				ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::MISMATCHED_PGP_ID;
 				rsEvents->postEvent(std::move(ev));
 			}

@ -1290,6 +1296,7 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx)
 			ev->mSslId = sslId;
 			ev->mSslCn = sslCn;
 			ev->mPgpId = pgpId;
+			ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::PGP_SIGNATURE_VALIDATION_FAILED;
 			ev->mErrorMsg = errMsg;
 			rsEvents->postEvent(std::move(ev));
 		}
@ -1311,6 +1318,7 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx)
 			ev->mSslCn = sslCn;
 			ev->mPgpId = pgpId;
 			ev->mErrorMsg = errMsg;
+			ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::NOT_A_FRIEND;
 			rsEvents->postEvent(std::move(ev));
 		}

@ -1330,6 +1338,8 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx)
 		ev->mSslId = sslId;
 		ev->mSslCn = sslCn;
 		ev->mPgpId = pgpId;
+		ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::NO_ERROR;
+
 		rsEvents->postEvent(std::move(ev));
 	}

--- a/libretroshare/src/pqi/authssl.h
+++ b/libretroshare/src/pqi/authssl.h
@ -52,34 +52,6 @@ RsPeerId getCertSslId(const X509& x509);
 const EVP_PKEY* getPubKey(const X509& x509);
 };

-/**
- * Event triggered by AuthSSL when authentication of a connection attempt either
- * fail or success
- */
-struct RsAuthSslConnectionAutenticationEvent : RsEvent
-{
-	RsAuthSslConnectionAutenticationEvent();
-
-	bool mSuccess;
-	RsPeerId mSslId;
-	std::string mSslCn;
-	RsPgpId mPgpId;
-	std::string mErrorMsg;
-
-	///* @see RsEvent @see RsSerializable
-	void serial_process( RsGenericSerializer::SerializeJob j,
-	                     RsGenericSerializer::SerializeContext& ctx) override
-	{
-		RsEvent::serial_process(j, ctx);
-		RS_SERIAL_PROCESS(mSuccess);
-		RS_SERIAL_PROCESS(mSslId);
-		RS_SERIAL_PROCESS(mSslCn);
-		RS_SERIAL_PROCESS(mPgpId);
-		RS_SERIAL_PROCESS(mErrorMsg);
-	}
-};
-
-
 /**
 * This is an implementation of SSL certificate authentication with PGP
 * signatures, instead of centralized certification authority.
--- a/libretroshare/src/pqi/p3notify.cc
+++ b/libretroshare/src/pqi/p3notify.cc
@ -236,7 +236,6 @@ void p3Notify::notifyOwnStatusMessageChanged()
 void p3Notify::notifyDiskFull               (uint32_t           location  , uint32_t                         size_limit_in_MB ) { FOR_ALL_NOTIFY_CLIENTS (*it)->notifyDiskFull          (location,size_limit_in_MB) ; }
 void p3Notify::notifyPeerStatusChanged      (const std::string& peer_id   , uint32_t                         status           ) { FOR_ALL_NOTIFY_CLIENTS (*it)->notifyPeerStatusChanged (peer_id,status) ; }
 void p3Notify::notifyGxsChange              (const RsGxsChanges& changes) {FOR_ALL_NOTIFY_CLIENTS (*it)->notifyGxsChange(changes) ;}
-void p3Notify::notifyConnectionWithoutCert  ()                                                                                  { FOR_ALL_NOTIFY_CLIENTS (*it)->notifyConnectionWithoutCert(); }

 void p3Notify::notifyPeerStatusChangedSummary   ()                                                                              { FOR_ALL_NOTIFY_CLIENTS (*it)->notifyPeerStatusChangedSummary() ; }
 void p3Notify::notifyDiscInfoChanged            ()                                                                              { FOR_ALL_NOTIFY_CLIENTS (*it)->notifyDiscInfoChanged         () ; } 
--- a/libretroshare/src/pqi/pqissllistener.cc
+++ b/libretroshare/src/pqi/pqissllistener.cc
@ -486,6 +486,20 @@ int	pqissllistenbase::continueSSL(IncomingSSLInfo& incoming_connexion_info, bool
 			break;
 		}

+		if(rsEvents)
+		{
+			auto ev = std::unique_ptr<RsAuthSslConnectionAutenticationEvent>(new RsAuthSslConnectionAutenticationEvent);
+
+			ev->mSslId = incoming_connexion_info.sslid;
+			ev->mPgpId = incoming_connexion_info.gpgid;
+			ev->mSslCn = incoming_connexion_info.sslcn;
+			ev->mLocator = RsUrl(sockaddr_storage_iptostring(incoming_connexion_info.addr));
+			ev->mSuccess = false;
+			ev->mErrorCode = RsAuthSslConnectionAutenticationEvent::MISSING_AUTHENTICATION_INFO;
+
+			rsEvents->postEvent(std::move(ev));
+		}
+
 		closeConnection(fd, incoming_connexion_info.ssl) ;

 		pqioutput(PQL_WARNING, pqissllistenzone, "Read Error on the SSL Socket\nShutting it down!");