Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2024-10-01 02:35:48 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added Cache system for GPG Certificates.

Browse Source 
- This should reduce gpg calls by 90+%.
Updated rsversion svn to 4942 



git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@4942 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
drbob 2012-02-15 16:44:45 +00:00
parent bdc8a11203
commit e024ea36e9
4 changed files with 113 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

125
libretroshare/src/pqi/authgpg.cc
View File

@ -86,7 +86,7 @@ static std::string ProcessPGPmeError(gpgme_error_t ERR);
*/
gpgcert::gpgcert()
:key(NULL)
:key(NULL), mHaveCachedCert(false)
{
return;
}
@ -420,13 +420,26 @@ void AuthGPGimpl::processServices()
if (loadOrSave->m_load) {
/* process load operation */
#ifdef GPG_DEBUG
std::cerr << "AuthGPGimpl::processServices() Process load operation" << std::endl;
#endif
/* load the certificate */
std::string error_string ;
LoadCertificateFromString(loadOrSave->m_certGpg, loadOrSave->m_certGpgId,error_string);
/* load the certificate */
/* don't bother loading - if we already have the certificate */
if (isGPGId(loadOrSave->m_certGpgId))
{
std::cerr << "AuthGPGimpl::processServices() Skipping load - already have it" << std::endl;
}
else
{
std::cerr << "AuthGPGimpl::processServices() Process load operation" << std::endl;
#ifdef GPG_DEBUG
#endif
std::string error_string ;
LoadCertificateFromString(loadOrSave->m_certGpg, loadOrSave->m_certGpgId,error_string);
}
} else {
/* process save operation */
@ -442,36 +455,42 @@ void AuthGPGimpl::processServices()
#define LIMIT_CERTIFICATE_SIZE 1
#define MAX_CERTIFICATE_SIZE 10000
if (!getCachedGPGCertificate(loadOrSave->m_certGpgId, loadOrSave->m_certGpg))
{
#ifdef DISABLE_CERTIFICATE_SEND
std::cerr << "AuthGPGimpl::processServices() Certificates Disabled" << std::endl;
loadOrSave->m_certGpg = "";
std::cerr << "AuthGPGimpl::processServices() Certificates Disabled" << std::endl;
loadOrSave->m_certGpg = "";
#else
loadOrSave->m_certGpg = SaveCertificateToString(loadOrSave->m_certGpgId,true);
std::cerr << "AuthGPGimpl::processServices() Cert for: " << loadOrSave->m_certGpgId;
std::cerr << " is " << loadOrSave->m_certGpg.size() << " bytes";
std::cerr << std::endl;
loadOrSave->m_certGpg = SaveCertificateToString(loadOrSave->m_certGpgId,true);
std::cerr << "AuthGPGimpl::processServices() Cert for: " << loadOrSave->m_certGpgId;
std::cerr << " is " << loadOrSave->m_certGpg.size() << " bytes";
std::cerr << std::endl;
#ifdef LIMIT_CERTIFICATE_SIZE
if (loadOrSave->m_certGpg.size() > MAX_CERTIFICATE_SIZE)
{
std::cerr << "AuthGPGimpl::processServices() Cert for: " << loadOrSave->m_certGpgId;
std::cerr << " is over size limit - switching to a minimal certificate";
std::cerr << std::endl;
std::string cleaned_key ;
if(PGPKeyManagement::createMinimalKey(loadOrSave->m_certGpg,cleaned_key))
if (loadOrSave->m_certGpg.size() > MAX_CERTIFICATE_SIZE)
{
loadOrSave->m_certGpg = cleaned_key;
std::cerr << "AuthGPGimpl::processServices() Minimal Cert Generation, size";
std::cerr << " is " << loadOrSave->m_certGpg.size() << " bytes";
std::cerr << std::endl;
}
else
{
std::cerr << "AuthGPGimpl::processServices() Minimal Cert Generation Failed! removing cert";
std::cerr << std::endl;
loadOrSave->m_certGpg = "";
std::cerr << "AuthGPGimpl::processServices() Cert for: " << loadOrSave->m_certGpgId;
std::cerr << " is over size limit - switching to a minimal certificate";
std::cerr << std::endl;
std::string cleaned_key ;
if(PGPKeyManagement::createMinimalKey(loadOrSave->m_certGpg,cleaned_key))
{
loadOrSave->m_certGpg = cleaned_key;
std::cerr << "AuthGPGimpl::processServices() Minimal Cert Generation, size";
std::cerr << " is " << loadOrSave->m_certGpg.size() << " bytes";
std::cerr << std::endl;
}
else
{
std::cerr << "AuthGPGimpl::processServices() Minimal Cert Generation Failed! removing cert";
std::cerr << std::endl;
loadOrSave->m_certGpg = "";
}
}
cacheGPGCertificate(loadOrSave->m_certGpgId, loadOrSave->m_certGpg);
}
#endif
@ -1390,6 +1409,50 @@ bool AuthGPGimpl::isGPGAccepted(const std::string &id)
return false;
}
bool AuthGPGimpl::cacheGPGCertificate(const std::string &id, const std::string &certificate)
{
RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
certmap::iterator it;
if (mKeyList.end() != (it = mKeyList.find(id)))
{
it->second.mCachedCert = certificate;
it->second.mHaveCachedCert = true;
std::cerr << "AuthGPGimpl::cacheGPGCertificate() success for: " << id;
std::cerr << std::endl;
return true;
}
std::cerr << "AuthGPGimpl::cacheGPGCertificate() failed for: " << id;
std::cerr << std::endl;
return false;
}
bool AuthGPGimpl::getCachedGPGCertificate(const std::string &id, std::string &certificate)
{
RsStackMutex stack(gpgMtxData); /******* LOCKED ******/
certmap::iterator it;
if (mKeyList.end() != (it = mKeyList.find(id)))
{
if (it->second.mHaveCachedCert)
{
certificate = it->second.mCachedCert;
std::cerr << "AuthGPGimpl::getCachedGPGCertificate() success for: " << id;
std::cerr << std::endl;
return true;
}
}
std::cerr << "AuthGPGimpl::getCachedGPGCertificate() failed for: " << id;
std::cerr << std::endl;
return false;
}
/*****************************************************************
* Loading and Saving Certificates - this has to
* be able to handle both openpgp and X509 certificates.

20
libretroshare/src/pqi/authgpg.h
View File

@ -83,6 +83,12 @@ class gpgcert
bool accept_connection;
gpgme_key_t key;
// Cached Certificates...
bool mHaveCachedCert;
std::string mCachedCert;
};
class AuthGPGOperation
@ -101,19 +107,21 @@ public:
class AuthGPGOperationLoadOrSave : public AuthGPGOperation
{
public:
AuthGPGOperationLoadOrSave(bool load, const std::string &certGpgOrId, void *userdata) : AuthGPGOperation(userdata)
AuthGPGOperationLoadOrSave(bool load, const std::string &gpgId, const std::string &gpgCert, void *userdata)
: AuthGPGOperation(userdata)
{
m_load = load;
if (m_load) {
m_certGpg = certGpgOrId;
m_certGpg = gpgCert;
m_certGpgId = gpgId;
} else {
m_certGpgId = certGpgOrId;
m_certGpgId = gpgId;
}
}
public:
bool m_load;
std::string m_certGpgId; // set for save
std::string m_certGpgId; // set for save & load.
std::string m_certGpg; // set for load
};
@ -340,6 +348,10 @@ virtual bool isGPGId(const std::string &id);
virtual bool LoadCertificateFromString(const std::string &pem, std::string &gpg_id,std::string& error_string);
virtual std::string SaveCertificateToString(const std::string &id,bool include_signatures) ;
// Cached certificates.
bool cacheGPGCertificate(const std::string &id, const std::string &certificate);
bool getCachedGPGCertificate(const std::string &id, std::string &certificate);
/*********************************************************************************/
/************************* STAGE 6 ***********************************************/
/*********************************************************************************/

4
libretroshare/src/services/p3disc.cc
View File

@ -897,7 +897,7 @@ AuthGPGOperation *p3disc::getGPGOperation()
if (mPendingDiscReplyInList.empty() == false) {
RsDiscReply *item = mPendingDiscReplyInList.front();
return new AuthGPGOperationLoadOrSave(true, item->certGPG, item);
return new AuthGPGOperationLoadOrSave(true, item->aboutId, item->certGPG, item);
}
}
@ -931,7 +931,7 @@ AuthGPGOperation *p3disc::getGPGOperation()
if (!destId.empty() && !srcId.empty()) {
RsDiscReply *item = createDiscReply(destId, srcId);
if (item) {
return new AuthGPGOperationLoadOrSave(false, item->aboutId, item);
return new AuthGPGOperationLoadOrSave(false, item->aboutId, "", item);
}
}

2
libretroshare/src/util/rsversion.h
View File

@ -8,7 +8,7 @@
#include <string>
#define LIB_VERSION "0.5.3a"
#define SVN_REVISION "Revision 4874"
#define SVN_REVISION "Revision 4942"
namespace RsUtil {