mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-10-01 02:35:48 -04:00
Added Cache system for GPG Certificates.
- This should reduce gpg calls by 90+%. Updated rsversion svn to 4942 git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@4942 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
parent
bdc8a11203
commit
e024ea36e9
@ -86,7 +86,7 @@ static std::string ProcessPGPmeError(gpgme_error_t ERR);
|
||||
*/
|
||||
|
||||
gpgcert::gpgcert()
|
||||
:key(NULL)
|
||||
:key(NULL), mHaveCachedCert(false)
|
||||
{
|
||||
return;
|
||||
}
|
||||
@ -420,13 +420,26 @@ void AuthGPGimpl::processServices()
|
||||
if (loadOrSave->m_load) {
|
||||
/* process load operation */
|
||||
|
||||
#ifdef GPG_DEBUG
|
||||
std::cerr << "AuthGPGimpl::processServices() Process load operation" << std::endl;
|
||||
#endif
|
||||
|
||||
/* load the certificate */
|
||||
std::string error_string ;
|
||||
LoadCertificateFromString(loadOrSave->m_certGpg, loadOrSave->m_certGpgId,error_string);
|
||||
/* load the certificate */
|
||||
|
||||
|
||||
/* don't bother loading - if we already have the certificate */
|
||||
if (isGPGId(loadOrSave->m_certGpgId))
|
||||
{
|
||||
std::cerr << "AuthGPGimpl::processServices() Skipping load - already have it" << std::endl;
|
||||
}
|
||||
else
|
||||
{
|
||||
std::cerr << "AuthGPGimpl::processServices() Process load operation" << std::endl;
|
||||
#ifdef GPG_DEBUG
|
||||
#endif
|
||||
std::string error_string ;
|
||||
LoadCertificateFromString(loadOrSave->m_certGpg, loadOrSave->m_certGpgId,error_string);
|
||||
}
|
||||
|
||||
|
||||
|
||||
} else {
|
||||
/* process save operation */
|
||||
|
||||
@ -442,36 +455,42 @@ void AuthGPGimpl::processServices()
|
||||
#define LIMIT_CERTIFICATE_SIZE 1
|
||||
#define MAX_CERTIFICATE_SIZE 10000
|
||||
|
||||
if (!getCachedGPGCertificate(loadOrSave->m_certGpgId, loadOrSave->m_certGpg))
|
||||
{
|
||||
|
||||
|
||||
#ifdef DISABLE_CERTIFICATE_SEND
|
||||
std::cerr << "AuthGPGimpl::processServices() Certificates Disabled" << std::endl;
|
||||
loadOrSave->m_certGpg = "";
|
||||
std::cerr << "AuthGPGimpl::processServices() Certificates Disabled" << std::endl;
|
||||
loadOrSave->m_certGpg = "";
|
||||
#else
|
||||
loadOrSave->m_certGpg = SaveCertificateToString(loadOrSave->m_certGpgId,true);
|
||||
std::cerr << "AuthGPGimpl::processServices() Cert for: " << loadOrSave->m_certGpgId;
|
||||
std::cerr << " is " << loadOrSave->m_certGpg.size() << " bytes";
|
||||
std::cerr << std::endl;
|
||||
loadOrSave->m_certGpg = SaveCertificateToString(loadOrSave->m_certGpgId,true);
|
||||
std::cerr << "AuthGPGimpl::processServices() Cert for: " << loadOrSave->m_certGpgId;
|
||||
std::cerr << " is " << loadOrSave->m_certGpg.size() << " bytes";
|
||||
std::cerr << std::endl;
|
||||
|
||||
#ifdef LIMIT_CERTIFICATE_SIZE
|
||||
if (loadOrSave->m_certGpg.size() > MAX_CERTIFICATE_SIZE)
|
||||
{
|
||||
std::cerr << "AuthGPGimpl::processServices() Cert for: " << loadOrSave->m_certGpgId;
|
||||
std::cerr << " is over size limit - switching to a minimal certificate";
|
||||
std::cerr << std::endl;
|
||||
if (loadOrSave->m_certGpg.size() > MAX_CERTIFICATE_SIZE)
|
||||
{
|
||||
std::cerr << "AuthGPGimpl::processServices() Cert for: " << loadOrSave->m_certGpgId;
|
||||
std::cerr << " is over size limit - switching to a minimal certificate";
|
||||
std::cerr << std::endl;
|
||||
|
||||
std::string cleaned_key ;
|
||||
if(PGPKeyManagement::createMinimalKey(loadOrSave->m_certGpg,cleaned_key))
|
||||
{
|
||||
loadOrSave->m_certGpg = cleaned_key;
|
||||
std::cerr << "AuthGPGimpl::processServices() Minimal Cert Generation, size";
|
||||
std::cerr << " is " << loadOrSave->m_certGpg.size() << " bytes";
|
||||
std::cerr << std::endl;
|
||||
}
|
||||
else
|
||||
{
|
||||
std::cerr << "AuthGPGimpl::processServices() Minimal Cert Generation Failed! removing cert";
|
||||
std::cerr << std::endl;
|
||||
loadOrSave->m_certGpg = "";
|
||||
std::string cleaned_key ;
|
||||
if(PGPKeyManagement::createMinimalKey(loadOrSave->m_certGpg,cleaned_key))
|
||||
{
|
||||
loadOrSave->m_certGpg = cleaned_key;
|
||||
std::cerr << "AuthGPGimpl::processServices() Minimal Cert Generation, size";
|
||||
std::cerr << " is " << loadOrSave->m_certGpg.size() << " bytes";
|
||||
std::cerr << std::endl;
|
||||
}
|
||||
else
|
||||
{
|
||||
std::cerr << "AuthGPGimpl::processServices() Minimal Cert Generation Failed! removing cert";
|
||||
std::cerr << std::endl;
|
||||
loadOrSave->m_certGpg = "";
|
||||
}
|
||||
}
|
||||
cacheGPGCertificate(loadOrSave->m_certGpgId, loadOrSave->m_certGpg);
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -1390,6 +1409,50 @@ bool AuthGPGimpl::isGPGAccepted(const std::string &id)
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
bool AuthGPGimpl::cacheGPGCertificate(const std::string &id, const std::string &certificate)
|
||||
{
|
||||
|
||||
RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
|
||||
certmap::iterator it;
|
||||
if (mKeyList.end() != (it = mKeyList.find(id)))
|
||||
{
|
||||
it->second.mCachedCert = certificate;
|
||||
it->second.mHaveCachedCert = true;
|
||||
std::cerr << "AuthGPGimpl::cacheGPGCertificate() success for: " << id;
|
||||
std::cerr << std::endl;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
std::cerr << "AuthGPGimpl::cacheGPGCertificate() failed for: " << id;
|
||||
std::cerr << std::endl;
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
bool AuthGPGimpl::getCachedGPGCertificate(const std::string &id, std::string &certificate)
|
||||
{
|
||||
RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
|
||||
certmap::iterator it;
|
||||
if (mKeyList.end() != (it = mKeyList.find(id)))
|
||||
{
|
||||
if (it->second.mHaveCachedCert)
|
||||
{
|
||||
certificate = it->second.mCachedCert;
|
||||
|
||||
std::cerr << "AuthGPGimpl::getCachedGPGCertificate() success for: " << id;
|
||||
std::cerr << std::endl;
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
std::cerr << "AuthGPGimpl::getCachedGPGCertificate() failed for: " << id;
|
||||
std::cerr << std::endl;
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
/*****************************************************************
|
||||
* Loading and Saving Certificates - this has to
|
||||
* be able to handle both openpgp and X509 certificates.
|
||||
|
@ -83,6 +83,12 @@ class gpgcert
|
||||
bool accept_connection;
|
||||
|
||||
gpgme_key_t key;
|
||||
|
||||
// Cached Certificates...
|
||||
bool mHaveCachedCert;
|
||||
std::string mCachedCert;
|
||||
|
||||
|
||||
};
|
||||
|
||||
class AuthGPGOperation
|
||||
@ -101,19 +107,21 @@ public:
|
||||
class AuthGPGOperationLoadOrSave : public AuthGPGOperation
|
||||
{
|
||||
public:
|
||||
AuthGPGOperationLoadOrSave(bool load, const std::string &certGpgOrId, void *userdata) : AuthGPGOperation(userdata)
|
||||
AuthGPGOperationLoadOrSave(bool load, const std::string &gpgId, const std::string &gpgCert, void *userdata)
|
||||
: AuthGPGOperation(userdata)
|
||||
{
|
||||
m_load = load;
|
||||
if (m_load) {
|
||||
m_certGpg = certGpgOrId;
|
||||
m_certGpg = gpgCert;
|
||||
m_certGpgId = gpgId;
|
||||
} else {
|
||||
m_certGpgId = certGpgOrId;
|
||||
m_certGpgId = gpgId;
|
||||
}
|
||||
}
|
||||
|
||||
public:
|
||||
bool m_load;
|
||||
std::string m_certGpgId; // set for save
|
||||
std::string m_certGpgId; // set for save & load.
|
||||
std::string m_certGpg; // set for load
|
||||
};
|
||||
|
||||
@ -340,6 +348,10 @@ virtual bool isGPGId(const std::string &id);
|
||||
virtual bool LoadCertificateFromString(const std::string &pem, std::string &gpg_id,std::string& error_string);
|
||||
virtual std::string SaveCertificateToString(const std::string &id,bool include_signatures) ;
|
||||
|
||||
// Cached certificates.
|
||||
bool cacheGPGCertificate(const std::string &id, const std::string &certificate);
|
||||
bool getCachedGPGCertificate(const std::string &id, std::string &certificate);
|
||||
|
||||
/*********************************************************************************/
|
||||
/************************* STAGE 6 ***********************************************/
|
||||
/*********************************************************************************/
|
||||
|
@ -897,7 +897,7 @@ AuthGPGOperation *p3disc::getGPGOperation()
|
||||
if (mPendingDiscReplyInList.empty() == false) {
|
||||
RsDiscReply *item = mPendingDiscReplyInList.front();
|
||||
|
||||
return new AuthGPGOperationLoadOrSave(true, item->certGPG, item);
|
||||
return new AuthGPGOperationLoadOrSave(true, item->aboutId, item->certGPG, item);
|
||||
}
|
||||
}
|
||||
|
||||
@ -931,7 +931,7 @@ AuthGPGOperation *p3disc::getGPGOperation()
|
||||
if (!destId.empty() && !srcId.empty()) {
|
||||
RsDiscReply *item = createDiscReply(destId, srcId);
|
||||
if (item) {
|
||||
return new AuthGPGOperationLoadOrSave(false, item->aboutId, item);
|
||||
return new AuthGPGOperationLoadOrSave(false, item->aboutId, "", item);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -8,7 +8,7 @@
|
||||
#include <string>
|
||||
|
||||
#define LIB_VERSION "0.5.3a"
|
||||
#define SVN_REVISION "Revision 4874"
|
||||
#define SVN_REVISION "Revision 4942"
|
||||
|
||||
namespace RsUtil {
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user