diff --git a/libretroshare/src/pqi/authgpg.cc b/libretroshare/src/pqi/authgpg.cc index a868db985..0f9fd3239 100644 --- a/libretroshare/src/pqi/authgpg.cc +++ b/libretroshare/src/pqi/authgpg.cc @@ -86,7 +86,7 @@ static std::string ProcessPGPmeError(gpgme_error_t ERR); */ gpgcert::gpgcert() - :key(NULL) + :key(NULL), mHaveCachedCert(false) { return; } @@ -420,13 +420,26 @@ void AuthGPGimpl::processServices() if (loadOrSave->m_load) { /* process load operation */ -#ifdef GPG_DEBUG - std::cerr << "AuthGPGimpl::processServices() Process load operation" << std::endl; -#endif - /* load the certificate */ - std::string error_string ; - LoadCertificateFromString(loadOrSave->m_certGpg, loadOrSave->m_certGpgId,error_string); + /* load the certificate */ + + + /* don't bother loading - if we already have the certificate */ + if (isGPGId(loadOrSave->m_certGpgId)) + { + std::cerr << "AuthGPGimpl::processServices() Skipping load - already have it" << std::endl; + } + else + { + std::cerr << "AuthGPGimpl::processServices() Process load operation" << std::endl; +#ifdef GPG_DEBUG +#endif + std::string error_string ; + LoadCertificateFromString(loadOrSave->m_certGpg, loadOrSave->m_certGpgId,error_string); + } + + + } else { /* process save operation */ @@ -442,36 +455,42 @@ void AuthGPGimpl::processServices() #define LIMIT_CERTIFICATE_SIZE 1 #define MAX_CERTIFICATE_SIZE 10000 + if (!getCachedGPGCertificate(loadOrSave->m_certGpgId, loadOrSave->m_certGpg)) + { + + #ifdef DISABLE_CERTIFICATE_SEND - std::cerr << "AuthGPGimpl::processServices() Certificates Disabled" << std::endl; - loadOrSave->m_certGpg = ""; + std::cerr << "AuthGPGimpl::processServices() Certificates Disabled" << std::endl; + loadOrSave->m_certGpg = ""; #else - loadOrSave->m_certGpg = SaveCertificateToString(loadOrSave->m_certGpgId,true); - std::cerr << "AuthGPGimpl::processServices() Cert for: " << loadOrSave->m_certGpgId; - std::cerr << " is " << loadOrSave->m_certGpg.size() << " bytes"; - std::cerr << std::endl; + loadOrSave->m_certGpg = SaveCertificateToString(loadOrSave->m_certGpgId,true); + std::cerr << "AuthGPGimpl::processServices() Cert for: " << loadOrSave->m_certGpgId; + std::cerr << " is " << loadOrSave->m_certGpg.size() << " bytes"; + std::cerr << std::endl; #ifdef LIMIT_CERTIFICATE_SIZE - if (loadOrSave->m_certGpg.size() > MAX_CERTIFICATE_SIZE) - { - std::cerr << "AuthGPGimpl::processServices() Cert for: " << loadOrSave->m_certGpgId; - std::cerr << " is over size limit - switching to a minimal certificate"; - std::cerr << std::endl; - - std::string cleaned_key ; - if(PGPKeyManagement::createMinimalKey(loadOrSave->m_certGpg,cleaned_key)) + if (loadOrSave->m_certGpg.size() > MAX_CERTIFICATE_SIZE) { - loadOrSave->m_certGpg = cleaned_key; - std::cerr << "AuthGPGimpl::processServices() Minimal Cert Generation, size"; - std::cerr << " is " << loadOrSave->m_certGpg.size() << " bytes"; - std::cerr << std::endl; - } - else - { - std::cerr << "AuthGPGimpl::processServices() Minimal Cert Generation Failed! removing cert"; - std::cerr << std::endl; - loadOrSave->m_certGpg = ""; + std::cerr << "AuthGPGimpl::processServices() Cert for: " << loadOrSave->m_certGpgId; + std::cerr << " is over size limit - switching to a minimal certificate"; + std::cerr << std::endl; + + std::string cleaned_key ; + if(PGPKeyManagement::createMinimalKey(loadOrSave->m_certGpg,cleaned_key)) + { + loadOrSave->m_certGpg = cleaned_key; + std::cerr << "AuthGPGimpl::processServices() Minimal Cert Generation, size"; + std::cerr << " is " << loadOrSave->m_certGpg.size() << " bytes"; + std::cerr << std::endl; + } + else + { + std::cerr << "AuthGPGimpl::processServices() Minimal Cert Generation Failed! removing cert"; + std::cerr << std::endl; + loadOrSave->m_certGpg = ""; + } } + cacheGPGCertificate(loadOrSave->m_certGpgId, loadOrSave->m_certGpg); } #endif @@ -1390,6 +1409,50 @@ bool AuthGPGimpl::isGPGAccepted(const std::string &id) return false; } + +bool AuthGPGimpl::cacheGPGCertificate(const std::string &id, const std::string &certificate) +{ + + RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ + certmap::iterator it; + if (mKeyList.end() != (it = mKeyList.find(id))) + { + it->second.mCachedCert = certificate; + it->second.mHaveCachedCert = true; + std::cerr << "AuthGPGimpl::cacheGPGCertificate() success for: " << id; + std::cerr << std::endl; + + return true; + } + + std::cerr << "AuthGPGimpl::cacheGPGCertificate() failed for: " << id; + std::cerr << std::endl; + return false; +} + + +bool AuthGPGimpl::getCachedGPGCertificate(const std::string &id, std::string &certificate) +{ + RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ + certmap::iterator it; + if (mKeyList.end() != (it = mKeyList.find(id))) + { + if (it->second.mHaveCachedCert) + { + certificate = it->second.mCachedCert; + + std::cerr << "AuthGPGimpl::getCachedGPGCertificate() success for: " << id; + std::cerr << std::endl; + + return true; + } + } + std::cerr << "AuthGPGimpl::getCachedGPGCertificate() failed for: " << id; + std::cerr << std::endl; + return false; +} + + /***************************************************************** * Loading and Saving Certificates - this has to * be able to handle both openpgp and X509 certificates. diff --git a/libretroshare/src/pqi/authgpg.h b/libretroshare/src/pqi/authgpg.h index 6d0e02fdc..d5733e74e 100644 --- a/libretroshare/src/pqi/authgpg.h +++ b/libretroshare/src/pqi/authgpg.h @@ -83,6 +83,12 @@ class gpgcert bool accept_connection; gpgme_key_t key; + + // Cached Certificates... + bool mHaveCachedCert; + std::string mCachedCert; + + }; class AuthGPGOperation @@ -101,19 +107,21 @@ public: class AuthGPGOperationLoadOrSave : public AuthGPGOperation { public: - AuthGPGOperationLoadOrSave(bool load, const std::string &certGpgOrId, void *userdata) : AuthGPGOperation(userdata) + AuthGPGOperationLoadOrSave(bool load, const std::string &gpgId, const std::string &gpgCert, void *userdata) + : AuthGPGOperation(userdata) { m_load = load; if (m_load) { - m_certGpg = certGpgOrId; + m_certGpg = gpgCert; + m_certGpgId = gpgId; } else { - m_certGpgId = certGpgOrId; + m_certGpgId = gpgId; } } public: bool m_load; - std::string m_certGpgId; // set for save + std::string m_certGpgId; // set for save & load. std::string m_certGpg; // set for load }; @@ -340,6 +348,10 @@ virtual bool isGPGId(const std::string &id); virtual bool LoadCertificateFromString(const std::string &pem, std::string &gpg_id,std::string& error_string); virtual std::string SaveCertificateToString(const std::string &id,bool include_signatures) ; +// Cached certificates. +bool cacheGPGCertificate(const std::string &id, const std::string &certificate); +bool getCachedGPGCertificate(const std::string &id, std::string &certificate); + /*********************************************************************************/ /************************* STAGE 6 ***********************************************/ /*********************************************************************************/ diff --git a/libretroshare/src/services/p3disc.cc b/libretroshare/src/services/p3disc.cc index e6532dd13..77f7307f2 100644 --- a/libretroshare/src/services/p3disc.cc +++ b/libretroshare/src/services/p3disc.cc @@ -897,7 +897,7 @@ AuthGPGOperation *p3disc::getGPGOperation() if (mPendingDiscReplyInList.empty() == false) { RsDiscReply *item = mPendingDiscReplyInList.front(); - return new AuthGPGOperationLoadOrSave(true, item->certGPG, item); + return new AuthGPGOperationLoadOrSave(true, item->aboutId, item->certGPG, item); } } @@ -931,7 +931,7 @@ AuthGPGOperation *p3disc::getGPGOperation() if (!destId.empty() && !srcId.empty()) { RsDiscReply *item = createDiscReply(destId, srcId); if (item) { - return new AuthGPGOperationLoadOrSave(false, item->aboutId, item); + return new AuthGPGOperationLoadOrSave(false, item->aboutId, "", item); } } diff --git a/libretroshare/src/util/rsversion.h b/libretroshare/src/util/rsversion.h index 1ace6ac26..0340ae574 100644 --- a/libretroshare/src/util/rsversion.h +++ b/libretroshare/src/util/rsversion.h @@ -8,7 +8,7 @@ #include #define LIB_VERSION "0.5.3a" -#define SVN_REVISION "Revision 4874" +#define SVN_REVISION "Revision 4942" namespace RsUtil {