From f4331da4838830a47b6a9a393b5a56902e885f6c Mon Sep 17 00:00:00 2001 From: drbob Date: Sun, 4 Jul 2010 10:35:38 +0000 Subject: [PATCH] Networking REWORK: Major cleanup of p3ConnectMgr. (Sorry for the ridiculously large check-in, wants to fix lots of stuff.) Other Changes: * Added SSL Test Harness. (authssltest) * Added GPG Test Harness. (authssltest) * Reworked SSL/GPG startup to enable test harnesses * pqiperson: added notify of FAIL if connection method unavailable. * added p3tunnel to pqissltunnel init. * pqimonitor: added ipHistory to connect callback. p3ConnectMgr Changes: * removed STUN system - wasn't operating correctly anyway without DHT. * switched to new IpAddress history data types. (removed lots of code) * Added Addr history for both Local and Ext addresses. * removed p3tunnel references in p3connmgr * fixed up mUseTunnelConnection flags (now used!) * fixed up mUseExtFinder flags (now used!) * added improved Net Status. * corrected UPNP / EXT / UDP startup. (was always UPNP). * fixed netReset() and netStartup(). * removed unnecessary DEBUG code. * added UPNP timeout code (600 secs - why does it take so long?) * added improved netExtCheck(). * removed wierd netConsistencyCheck() ... to rework. * corrected connect / reconnect code. * removed DHT notify code. git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@3247 b45a01b8-16f6-495d-af2f-9b41ad6348cc --- libretroshare/src/pqi/authgpg.cc | 247 ++- libretroshare/src/pqi/authgpg.h | 372 +++-- libretroshare/src/pqi/authgpgtest.cc | 368 +++++ libretroshare/src/pqi/authgpgtest.h | 153 ++ libretroshare/src/pqi/authssl.cc | 196 ++- libretroshare/src/pqi/authssl.h | 107 +- libretroshare/src/pqi/authssltest.cc | 223 +++ libretroshare/src/pqi/authssltest.h | 101 ++ libretroshare/src/pqi/p3connmgr.cc | 2170 ++++++++++--------------- libretroshare/src/pqi/p3connmgr.h | 176 +- libretroshare/src/pqi/p3dhtmgr.cc | 22 +- libretroshare/src/pqi/pqimonitor.cc | 17 +- libretroshare/src/pqi/pqimonitor.h | 13 +- libretroshare/src/pqi/pqiperson.cc | 4 + libretroshare/src/pqi/pqiperson.h | 2 +- libretroshare/src/pqi/pqipersongrp.cc | 8 +- libretroshare/src/pqi/pqissltunnel.cc | 4 +- libretroshare/src/pqi/pqissltunnel.h | 2 +- 18 files changed, 2345 insertions(+), 1840 deletions(-) create mode 100644 libretroshare/src/pqi/authgpgtest.cc create mode 100644 libretroshare/src/pqi/authgpgtest.h create mode 100644 libretroshare/src/pqi/authssltest.cc create mode 100644 libretroshare/src/pqi/authssltest.h diff --git a/libretroshare/src/pqi/authgpg.cc b/libretroshare/src/pqi/authgpg.cc index 5180f32a3..be92716ab 100644 --- a/libretroshare/src/pqi/authgpg.cc +++ b/libretroshare/src/pqi/authgpg.cc @@ -36,8 +36,26 @@ //#define GPG_DEBUG 1 -// initializing the singleton pointer -AuthGPG *AuthGPG::instance_gpg = new AuthGPG(); +static AuthGPG *instance_gpg = NULL; + +void setAuthGPG(AuthGPG *newgpg) +{ + instance_gpg = newgpg; +} + +void AuthGPGInit() +{ + instance_gpg = new AuthGPGimpl(); +} + +AuthGPG *AuthGPG::getAuthGPG() +{ + return instance_gpg; +} + + + + /* Turn a set of parameters into a string */ static std::string setKeyPairParams(bool useRsa, unsigned int blen, @@ -107,7 +125,7 @@ gpg_error_t pgp_pwd_callback(void *hook, const char *uid_hint, const char *passp return 0; } -AuthGPG::AuthGPG() +AuthGPGimpl::AuthGPGimpl() :p3Config(CONFIG_TYPE_AUTHGPG),gpgmeInit(false),gpgmeKeySelected(false) { { @@ -171,7 +189,7 @@ AuthGPG::AuthGPG() } /* Initialize */ -bool AuthGPG::InitAuth () +bool AuthGPGimpl::InitAuth () { std::string HomeDir; @@ -212,7 +230,7 @@ bool AuthGPG::InitAuth () * * returns false if GnuPG is not available. */ -bool AuthGPG::availableGPGCertificatesWithPrivateKeys(std::list &ids) +bool AuthGPGimpl::availableGPGCertificatesWithPrivateKeys(std::list &ids) { int i = 0; gpgme_key_t KEY = NULL; @@ -242,13 +260,13 @@ bool AuthGPG::availableGPGCertificatesWithPrivateKeys(std::list &id { ids.push_back(KEY->subkeys->keyid); #ifdef GPG_DEBUG - std::cerr << "AuthGPG::availablePGPCertificates() Added: " << KEY->subkeys->keyid << std::endl; + std::cerr << "AuthGPGimpl::availablePGPCertificates() Added: " << KEY->subkeys->keyid << std::endl; #endif } else { #ifdef GPG_DEBUG - std::cerr << "AuthGPG::availablePGPCertificates() Missing subkey" << std::endl; + std::cerr << "AuthGPGimpl::availablePGPCertificates() Missing subkey" << std::endl; #endif } } @@ -259,7 +277,7 @@ bool AuthGPG::availableGPGCertificatesWithPrivateKeys(std::list &id return false; } - std::cerr << "AuthGPG::availablePGPCertificates() Secret Key Count: " << i << std::endl; + std::cerr << "AuthGPGimpl::availablePGPCertificates() Secret Key Count: " << i << std::endl; /* return false if there are no private keys */ return (i > 0); @@ -272,10 +290,10 @@ bool AuthGPG::availableGPGCertificatesWithPrivateKeys(std::list &id * This function must be called successfully (return == 1) * before anything else can be done. (except above fn). */ -int AuthGPG::GPGInit(std::string ownId) +int AuthGPGimpl::GPGInit(std::string ownId) { - std::cerr << "AuthGPG::GPGInit() called with own gpg id : " << ownId << std::endl; + std::cerr << "AuthGPGimpl::GPGInit() called with own gpg id : " << ownId << std::endl; { RsStackMutex stack(gpgMtx); /******* LOCKED ******/ @@ -294,7 +312,7 @@ int AuthGPG::GPGInit(std::string ownId) { RsStackMutex stack(gpgMtx); /******* LOCKED ******/ if (mOwnGpgCert.id != mOwnGpgId) { - std::cerr << "AuthGPG::GPGInit() failed to find your id." << std::endl; + std::cerr << "AuthGPGimpl::GPGInit() failed to find your id." << std::endl; return 0; } @@ -308,18 +326,18 @@ int AuthGPG::GPGInit(std::string ownId) //printAllKeys_locked(); - std::cerr << "AuthGPG::GPGInit finished." << std::endl; + std::cerr << "AuthGPGimpl::GPGInit finished." << std::endl; return 1; } - AuthGPG::~AuthGPG() + AuthGPGimpl::~AuthGPGimpl() { } -bool AuthGPG::storeAllKeys_tick() { +bool AuthGPGimpl::storeAllKeys_tick() { #ifdef GPG_DEBUG - std::cerr << "AuthGPG::storeAllKeys_tick() called." << std::endl; + std::cerr << "AuthGPGimpl::storeAllKeys_tick() called." << std::endl; #endif time_t timeSinceStore = 0; { @@ -335,10 +353,10 @@ bool AuthGPG::storeAllKeys_tick() { } // store all keys in map mKeyList to avoid callin gpgme exe repeatedly -bool AuthGPG::storeAllKeys() +bool AuthGPGimpl::storeAllKeys() { #ifdef GPG_DEBUG - std::cerr << "AuthGPG::storeAllKeys()" << std::endl; + std::cerr << "AuthGPGimpl::storeAllKeys()" << std::endl; #endif std::list gpg_change_trust_list; @@ -348,12 +366,12 @@ bool AuthGPG::storeAllKeys() gpg_error_t ERR; if (!gpgmeInit) { - std::cerr << "AuthGPG::storeAllKeys() Error since GPG is not initialised" << std::endl; + std::cerr << "AuthGPGimpl::storeAllKeys() Error since GPG is not initialised" << std::endl; return false; } #ifdef GPG_DEBUG - std::cerr << "AuthGPG::storeAllKeys() clearing existing ones" << std::endl; + std::cerr << "AuthGPGimpl::storeAllKeys() clearing existing ones" << std::endl; #endif /* enable SIG mode */ @@ -368,7 +386,7 @@ bool AuthGPG::storeAllKeys() /* Initiates a key listing 0 = All Keys */ if (GPG_ERR_NO_ERROR != gpgme_op_keylist_start (CTX, "", 0)) { - std::cerr << "AuthGPG::storeAllKeys() Error iterating through KeyList" << std::endl; + std::cerr << "AuthGPGimpl::storeAllKeys() Error iterating through KeyList" << std::endl; // if (rsicontrol != NULL) { // rsicontrol->getNotify().notifyErrorMsg(0,0,"Error reading gpg keyring, cannot acess key list."); // } @@ -380,7 +398,7 @@ bool AuthGPG::storeAllKeys() mStoreKeyTime = time(NULL); ERR = gpgme_op_keylist_next (CTX, &KEY); if (GPG_ERR_NO_ERROR != ERR) { - std::cerr << "AuthGPG::storeAllKeys() didn't find any gpg key in the keyring" << std::endl; + std::cerr << "AuthGPGimpl::storeAllKeys() didn't find any gpg key in the keyring" << std::endl; // if (rsicontrol != NULL) { // rsicontrol->getNotify().notifyErrorMsg(0,0,"Error reading gpg keyring, cannot find any key in the list."); // } @@ -402,7 +420,7 @@ bool AuthGPG::storeAllKeys() if ((!KEY->subkeys) || (!KEY->uids)) { - std::cerr << "AuthGPG::storeAllKeys() Invalid Key in List... skipping" << std::endl; + std::cerr << "AuthGPGimpl::storeAllKeys() Invalid Key in List... skipping" << std::endl; continue; } @@ -541,7 +559,7 @@ bool AuthGPG::storeAllKeys() } // update trust on all available keys. Not used anymore -//bool AuthGPG::updateTrustAllKeys_locked() +//bool AuthGPGimpl::updateTrustAllKeys_locked() //{ // gpg_error_t ERR; // if (!gpgmeInit) @@ -610,7 +628,7 @@ bool AuthGPG::storeAllKeys() // //} -bool AuthGPG::printAllKeys_locked() +bool AuthGPGimpl::printAllKeys_locked() { certmap::const_iterator it; for(it = mKeyList.begin(); it != mKeyList.end(); it++) @@ -644,7 +662,7 @@ bool AuthGPG::printAllKeys_locked() return true; } -bool AuthGPG::printOwnKeys_locked() +bool AuthGPGimpl::printOwnKeys_locked() { certmap::iterator it; for(it = mKeyList.begin(); it != mKeyList.end(); it++) @@ -660,7 +678,7 @@ bool AuthGPG::printOwnKeys_locked() return true; } -bool AuthGPG::printKeys() +bool AuthGPGimpl::printKeys() { RsStackMutex stack(gpgMtx); /******* LOCKED ******/ printAllKeys_locked(); @@ -708,14 +726,14 @@ void print_pgpme_verify_summary(unsigned int summary) } -bool AuthGPG::DoOwnSignature(const void *data, unsigned int datalen, void *buf_sigout, unsigned int *outl) +bool AuthGPGimpl::DoOwnSignature(const void *data, unsigned int datalen, void *buf_sigout, unsigned int *outl) { RsStackMutex stack(gpgMtx); /******* LOCKED ******/ /* setup signers */ gpgme_signers_clear(CTX); if (GPG_ERR_NO_ERROR != gpgme_signers_add(CTX, mOwnGpgCert.key)) { - std::cerr << "AuthGPG::DoOwnSignature() Error Adding Signer" << std::endl; + std::cerr << "AuthGPGimpl::DoOwnSignature() Error Adding Signer" << std::endl; } gpgme_data_t gpgmeData; @@ -738,7 +756,7 @@ bool AuthGPG::DoOwnSignature(const void *data, unsigned int datalen, void *buf_s if (GPG_ERR_NO_ERROR != (ERR = gpgme_op_sign(CTX,gpgmeData, gpgmeSig, mode))) { ProcessPGPmeError(ERR); - std::cerr << "AuthGPG::Sign FAILED ERR: " << ERR << std::endl; + std::cerr << "AuthGPGimpl::Sign FAILED ERR: " << ERR << std::endl; gpgme_data_release(gpgmeSig); gpgme_data_release(gpgmeData); return false; @@ -764,13 +782,13 @@ bool AuthGPG::DoOwnSignature(const void *data, unsigned int datalen, void *buf_s while(ik != NULL) { - fprintf(stderr, "AuthGPG::Sign, Invalid by: %s\n", ik->fpr); + fprintf(stderr, "AuthGPGimpl::Sign, Invalid by: %s\n", ik->fpr); ik = ik->next; } while(sg != NULL) { - fprintf(stderr, "AuthGPG::Signed by: %s\n", sg->fpr); + fprintf(stderr, "AuthGPGimpl::Signed by: %s\n", sg->fpr); sg = sg->next; } #endif @@ -780,7 +798,7 @@ bool AuthGPG::DoOwnSignature(const void *data, unsigned int datalen, void *buf_s // gpgme_data_write (gpgmeSig, "", 1); // to be able to convert it into a string char *export_sig = gpgme_data_release_and_get_mem(gpgmeSig, &len); #ifdef GPG_DEBUG - std::cerr << "AuthGPG::Signature len: " << len << std::endl; + std::cerr << "AuthGPGimpl::Signature len: " << len << std::endl; #endif if (len < *outl) // -1 because we added a 0 at the end. @@ -798,7 +816,7 @@ bool AuthGPG::DoOwnSignature(const void *data, unsigned int datalen, void *buf_s /* import to GnuPG and other Certificates */ -bool AuthGPG::VerifySignature(const void *data, int datalen, const void *sig, unsigned int siglen, std::string withfingerprint) +bool AuthGPGimpl::VerifySignature(const void *data, int datalen, const void *sig, unsigned int siglen, std::string withfingerprint) { gpgme_data_t gpgmeSig; gpgme_data_t gpgmeData; @@ -835,7 +853,7 @@ bool AuthGPG::VerifySignature(const void *data, int datalen, const void *sig, un if (GPG_ERR_NO_ERROR != (ERR = gpgme_op_verify(CTX,gpgmeSig, gpgmeData, NULL))) { ProcessPGPmeError(ERR); - std::cerr << "AuthGPG::Verify FAILED" << std::endl; + std::cerr << "AuthGPGimpl::Verify FAILED" << std::endl; } gpgme_verify_result_t res = gpgme_op_verify_result(CTX); @@ -862,18 +880,18 @@ bool AuthGPG::VerifySignature(const void *data, int datalen, const void *sig, un while(sg != NULL) { #ifdef GPG_DEBUG - fprintf(stderr, "AuthGPG::Verify Sig by: %s, status: %d\n", sg->fpr, sg->status); + fprintf(stderr, "AuthGPGimpl::Verify Sig by: %s, status: %d\n", sg->fpr, sg->status); print_pgpme_verify_summary(sg->summary); #endif if (sg->status == GPG_ERR_NO_ERROR) { #ifdef GPG_DEBUG - fprintf(stderr, "AuthGPG::VerifySignature() OK\n"); + fprintf(stderr, "AuthGPGimpl::VerifySignature() OK\n"); #endif if (withfingerprint != "" && withfingerprint == std::string(sg->fpr)) { #ifdef GPG_DEBUG - fprintf(stderr, "AuthGPG::VerifySignature() for the fingerprint key : "); + fprintf(stderr, "AuthGPGimpl::VerifySignature() for the fingerprint key : "); std::cerr << withfingerprint; fprintf(stderr, "\n"); #endif @@ -890,7 +908,7 @@ bool AuthGPG::VerifySignature(const void *data, int datalen, const void *sig, un /* extract id(s)! */ if (!valid) { - fprintf(stderr, "AuthGPG::VerifySignature() FAILED\n"); + fprintf(stderr, "AuthGPGimpl::VerifySignature() FAILED\n"); } return valid; @@ -899,14 +917,14 @@ bool AuthGPG::VerifySignature(const void *data, int datalen, const void *sig, un -bool AuthGPG::active() +bool AuthGPGimpl::active() { RsStackMutex stack(gpgMtx); /******* LOCKED ******/ return ((gpgmeInit) && (gpgmeKeySelected)); } -bool AuthGPG::GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString) { +bool AuthGPGimpl::GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString) { RsStackMutex stack(gpgMtx); /******* LOCKED ******/ @@ -934,13 +952,13 @@ bool AuthGPG::GeneratePGPCertificate(std::string name, std::string email, std return true; } -bool AuthGPG::CloseAuth() +bool AuthGPGimpl::CloseAuth() { return true; } /**** These Two are common */ -std::string AuthGPG::getGPGName(GPG_id id) +std::string AuthGPGimpl::getGPGName(GPG_id id) { storeAllKeys_tick(); @@ -954,7 +972,7 @@ std::string AuthGPG::getGPGName(GPG_id id) } /**** These Two are common */ -std::string AuthGPG::getGPGEmail(GPG_id id) +std::string AuthGPGimpl::getGPGEmail(GPG_id id) { storeAllKeys_tick(); @@ -969,19 +987,19 @@ std::string AuthGPG::getGPGEmail(GPG_id id) /**** GPG versions ***/ -std::string AuthGPG::getGPGOwnId() +std::string AuthGPGimpl::getGPGOwnId() { RsStackMutex stack(gpgMtx); /******* LOCKED ******/ return mOwnGpgId; } -std::string AuthGPG::getGPGOwnName() +std::string AuthGPGimpl::getGPGOwnName() { RsStackMutex stack(gpgMtx); /******* LOCKED ******/ return mOwnGpgCert.name; } -bool AuthGPG::getGPGAllList(std::list &ids) +bool AuthGPGimpl::getGPGAllList(std::list &ids) { storeAllKeys_tick(); RsStackMutex stack(gpgMtx); /******* LOCKED ******/ @@ -995,10 +1013,10 @@ bool AuthGPG::getGPGAllList(std::list &ids) return true; } -bool AuthGPG::getGPGDetails(std::string id, RsPeerDetails &d) +bool AuthGPGimpl::getGPGDetails(std::string id, RsPeerDetails &d) { #ifdef GPG_DEBUG - std::cerr << "AuthGPG::getPGPDetails() called for : " << id << std::endl; + std::cerr << "AuthGPGimpl::getPGPDetails() called for : " << id << std::endl; #endif storeAllKeys_tick(); @@ -1033,28 +1051,28 @@ bool AuthGPG::getGPGDetails(std::string id, RsPeerDetails &d) } #ifdef GPG_DEBUG - std::cerr << "AuthGPG::getPGPDetails() Name : " << cert.name << std::endl; + std::cerr << "AuthGPGimpl::getPGPDetails() Name : " << cert.name << std::endl; #endif return true; } return false; } -bool AuthGPG::decryptText(gpgme_data_t CIPHER, gpgme_data_t PLAIN) { +bool AuthGPGimpl::decryptText(gpgme_data_t CIPHER, gpgme_data_t PLAIN) { RsStackMutex stack(gpgMtx); /******* LOCKED ******/ gpgme_set_armor (CTX, 1); gpg_error_t ERR; if (GPG_ERR_NO_ERROR != (ERR = gpgme_op_decrypt (CTX, CIPHER, PLAIN))) { ProcessPGPmeError(ERR); - std::cerr << "AuthGPG::decryptText() Error decrypting text." << std::endl; + std::cerr << "AuthGPGimpl::decryptText() Error decrypting text." << std::endl; return false; } return true; } -bool AuthGPG::encryptText(gpgme_data_t PLAIN, gpgme_data_t CIPHER) { +bool AuthGPGimpl::encryptText(gpgme_data_t PLAIN, gpgme_data_t CIPHER) { RsStackMutex stack(gpgMtx); /******* LOCKED ******/ gpgme_encrypt_flags_t* flags = new gpgme_encrypt_flags_t(); gpgme_key_t keys[2] = {mOwnGpgCert.key, NULL}; @@ -1063,14 +1081,14 @@ bool AuthGPG::encryptText(gpgme_data_t PLAIN, gpgme_data_t CIPHER) { if (GPG_ERR_NO_ERROR != (ERR = gpgme_op_encrypt(CTX, keys, *flags, PLAIN, CIPHER))) { ProcessPGPmeError(ERR); - std::cerr << "AuthGPG::encryptText() Error encrypting text." << std::endl; + std::cerr << "AuthGPGimpl::encryptText() Error encrypting text." << std::endl; return false; } return true; } -bool AuthGPG::getGPGValidList(std::list &ids) +bool AuthGPGimpl::getGPGValidList(std::list &ids) { storeAllKeys_tick(); RsStackMutex stack(gpgMtx); /******* LOCKED ******/ @@ -1085,7 +1103,7 @@ bool AuthGPG::getGPGValidList(std::list &ids) return true; } -bool AuthGPG::getGPGAcceptedList(std::list &ids) +bool AuthGPGimpl::getGPGAcceptedList(std::list &ids) { storeAllKeys_tick(); RsStackMutex stack(gpgMtx); /******* LOCKED ******/ @@ -1100,7 +1118,7 @@ bool AuthGPG::getGPGAcceptedList(std::list &ids) return true; } -bool AuthGPG::getGPGSignedList(std::list &ids) +bool AuthGPGimpl::getGPGSignedList(std::list &ids) { storeAllKeys_tick(); RsStackMutex stack(gpgMtx); /******* LOCKED ******/ @@ -1115,7 +1133,7 @@ bool AuthGPG::getGPGSignedList(std::list &ids) return true; } -bool AuthGPG::isGPGValid(GPG_id id) +bool AuthGPGimpl::isGPGValid(GPG_id id) { storeAllKeys_tick(); RsStackMutex stack(gpgMtx); /******* LOCKED ******/ @@ -1128,7 +1146,7 @@ bool AuthGPG::isGPGValid(GPG_id id) } -bool AuthGPG::isGPGId(GPG_id id) +bool AuthGPGimpl::isGPGId(GPG_id id) { storeAllKeys_tick(); RsStackMutex stack(gpgMtx); /******* LOCKED ******/ @@ -1141,7 +1159,7 @@ bool AuthGPG::isGPGId(GPG_id id) } -bool AuthGPG::isGPGSigned(GPG_id id) +bool AuthGPGimpl::isGPGSigned(GPG_id id) { storeAllKeys_tick(); RsStackMutex stack(gpgMtx); /******* LOCKED ******/ @@ -1153,7 +1171,7 @@ bool AuthGPG::isGPGSigned(GPG_id id) return false; } -bool AuthGPG::isGPGAccepted(GPG_id id) +bool AuthGPGimpl::isGPGAccepted(GPG_id id) { storeAllKeys_tick(); RsStackMutex stack(gpgMtx); /******* LOCKED ******/ @@ -1175,11 +1193,11 @@ bool AuthGPG::isGPGAccepted(GPG_id id) /* SKTAN : do not know how to use std::string id */ -std::string AuthGPG::SaveCertificateToString(std::string id) +std::string AuthGPGimpl::SaveCertificateToString(std::string id) { if (!isGPGId(id)) { - std::cerr << "AuthGPG::SaveCertificateToString() unknown ID" << std::endl; + std::cerr << "AuthGPGimpl::SaveCertificateToString() unknown ID" << std::endl; return ""; } @@ -1226,11 +1244,11 @@ std::string AuthGPG::SaveCertificateToString(std::string id) } /* import to GnuPG and other Certificates */ -bool AuthGPG::LoadCertificateFromString(std::string str, std::string &gpg_id) +bool AuthGPGimpl::LoadCertificateFromString(std::string str, std::string &gpg_id) { if (str == "") { #ifdef GPG_DEBUG - std::cerr << "AuthGPG::LoadCertificateFromString() cert is empty string, returning false." << std::endl; + std::cerr << "AuthGPGimpl::LoadCertificateFromString() cert is empty string, returning false." << std::endl; #endif return false; } @@ -1243,7 +1261,7 @@ bool AuthGPG::LoadCertificateFromString(std::string str, std::string &gpg_id) std::string cleancert = str; #ifdef GPG_DEBUG - std::cerr << "AuthGPG::LoadCertificateFromString() cleancert : " << cleancert; + std::cerr << "AuthGPGimpl::LoadCertificateFromString() cleancert : " << cleancert; #endif gpgme_data_t gpgmeData; @@ -1258,7 +1276,7 @@ bool AuthGPG::LoadCertificateFromString(std::string str, std::string &gpg_id) gpgme_set_armor (CTX, 1); if (GPG_ERR_NO_ERROR != gpgme_op_import (CTX,gpgmeData)) { - std::cerr << "AuthGPG::LoadCertificateFromString() Error Importing Certificate" << std::endl; + std::cerr << "AuthGPGimpl::LoadCertificateFromString() Error Importing Certificate" << std::endl; gpgme_data_release (gpgmeData); return false ; } @@ -1273,7 +1291,7 @@ bool AuthGPG::LoadCertificateFromString(std::string str, std::string &gpg_id) fingerprint = std::string(res->imports->fpr); #ifdef GPG_DEBUG - std::cerr << "AuthGPG::LoadCertificateFromString() Importing considered folowing fpr : " << fingerprint << std::endl; + std::cerr << "AuthGPGimpl::LoadCertificateFromString() Importing considered folowing fpr : " << fingerprint << std::endl; #endif imported = res->imported; @@ -1303,7 +1321,7 @@ bool AuthGPG::LoadCertificateFromString(std::string str, std::string &gpg_id) } } #ifdef GPG_DEBUG - std::cerr << "AuthGPG::LoadCertificateFromString() returning with gpg_id : " << gpg_id << std::endl; + std::cerr << "AuthGPGimpl::LoadCertificateFromString() returning with gpg_id : " << gpg_id << std::endl; #endif if (gpg_id == "") { return false; @@ -1326,11 +1344,11 @@ bool AuthGPG::LoadCertificateFromString(std::string str, std::string &gpg_id) /*************************************/ /* These take PGP Ids */ -bool AuthGPG::setAcceptToConnectGPGCertificate(std::string gpg_id, bool acceptance) +bool AuthGPGimpl::setAcceptToConnectGPGCertificate(std::string gpg_id, bool acceptance) { #ifdef GPG_DEBUG - std::cerr << "AuthGPG::markGPGCertificateAsFriends(" << gpg_id << ")" << std::endl; + std::cerr << "AuthGPGimpl::markGPGCertificateAsFriends(" << gpg_id << ")" << std::endl; #endif /* reload stuff now ... */ @@ -1352,11 +1370,11 @@ bool AuthGPG::setAcceptToConnectGPGCertificate(std::string gpg_id, bool acceptan } /* These take PGP Ids */ -bool AuthGPG::SignCertificateLevel0(GPG_id id) +bool AuthGPGimpl::SignCertificateLevel0(GPG_id id) { #ifdef GPG_DEBUG - std::cerr << "AuthGPG::SignCertificat(" << id << ")" << std::endl; + std::cerr << "AuthGPGimpl::SignCertificat(" << id << ")" << std::endl; #endif if (1 != privateSignCertificate(id)) @@ -1370,21 +1388,21 @@ bool AuthGPG::SignCertificateLevel0(GPG_id id) return true; } -bool AuthGPG::RevokeCertificate(std::string id) +bool AuthGPGimpl::RevokeCertificate(std::string id) { //RsStackMutex stack(gpgMtx); /******* LOCKED ******/ #ifdef GPG_DEBUG - std::cerr << "AuthGPG::RevokeCertificate(" << id << ") not implemented yet" << std::endl; + std::cerr << "AuthGPGimpl::RevokeCertificate(" << id << ") not implemented yet" << std::endl; #endif return false; } -bool AuthGPG::TrustCertificate(std::string id, int trustlvl) +bool AuthGPGimpl::TrustCertificate(std::string id, int trustlvl) { #ifdef GPG_DEBUG - std::cerr << "AuthGPG::TrustCertificate(" << id << ", " << trustlvl << ")" << std::endl; + std::cerr << "AuthGPGimpl::TrustCertificate(" << id << ", " << trustlvl << ")" << std::endl; #endif if (1 != privateTrustCertificate(id, trustlvl)) { @@ -1399,29 +1417,29 @@ bool AuthGPG::TrustCertificate(std::string id, int trustlvl) #if 0 /* remove otherwise will cause bugs */ -bool AuthGPG::SignData(std::string input, std::string &sign) +bool AuthGPGimpl::SignData(std::string input, std::string &sign) { return false; } -bool AuthGPG::SignData(const void *data, const uint32_t len, std::string &sign) +bool AuthGPGimpl::SignData(const void *data, const uint32_t len, std::string &sign) { return false; } -bool AuthGPG::SignDataBin(std::string input, unsigned char *sign, unsigned int *signlen) +bool AuthGPGimpl::SignDataBin(std::string input, unsigned char *sign, unsigned int *signlen) { return false; } #endif -bool AuthGPG::SignDataBin(const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen) { +bool AuthGPGimpl::SignDataBin(const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen) { return DoOwnSignature(data, datalen, sign, signlen); } -bool AuthGPG::VerifySignBin(const void *data, uint32_t datalen, unsigned char *sign, unsigned int signlen, std::string withfingerprint) { +bool AuthGPGimpl::VerifySignBin(const void *data, uint32_t datalen, unsigned char *sign, unsigned int signlen, std::string withfingerprint) { return VerifySignature(data, datalen, sign, signlen, withfingerprint); } @@ -1429,7 +1447,7 @@ bool AuthGPG::VerifySignBin(const void *data, uint32_t datalen, unsigned char *s /* Sign/Trust stuff */ -int AuthGPG::privateSignCertificate(std::string id) +int AuthGPGimpl::privateSignCertificate(std::string id) { /* The key should be in Others list and not in Peers list ?? * Once the key is signed, it moves from Others to Peers list ??? @@ -1472,14 +1490,14 @@ int AuthGPG::privateSignCertificate(std::string id) } /* revoke the signature on Certificate */ -int AuthGPG::privateRevokeCertificate(std::string id) +int AuthGPGimpl::privateRevokeCertificate(std::string id) { //RsStackMutex stack(gpgMtx); /******* LOCKED ******/ return 0; } -int AuthGPG::privateTrustCertificate(std::string id, int trustlvl) +int AuthGPGimpl::privateTrustCertificate(std::string id, int trustlvl) { /* The certificate should be in Peers list ??? */ if(!isGPGAccepted(id)) { @@ -1522,7 +1540,8 @@ int AuthGPG::privateTrustCertificate(std::string id, int trustlvl) /* This function to print Data */ -void AuthGPG::showData(gpgme_data_t dh) +#if 0 +void showData(gpgme_data_t dh) { #define BUF_SIZE 512 char buf[BUF_SIZE + 1]; @@ -1544,47 +1563,7 @@ void AuthGPG::showData(gpgme_data_t dh) //fail_if_err (gpgme_err_code_from_errno (errno)); } } - -/******************************************************************************/ -/* TEST/DEBUG */ -/******************************************************************************/ -/* - * Create a number of friends and add them to the Map of peers. - * Create a number of friends and add them to the Map of "others" -- people who - * are known but are not allowed to access retroshare - */ -void AuthGPG::createDummyFriends() -{ - const unsigned int DUMMY_KEY_LEN = 2048; - - // create key params for a few dummies - std::string friend1 = setKeyPairParams(true, DUMMY_KEY_LEN, "friend89", - "I am your first friend", "friend1@friend.com"); - std::string friend2 = setKeyPairParams(true, DUMMY_KEY_LEN, "friend2", - "I am your second friend", "friend2@friend.com"); - std::string friend3 = setKeyPairParams(true, DUMMY_KEY_LEN, "friend3", - "I am your third friend", "friend3@friend.com"); - - // params for others - std::string other1 = setKeyPairParams(true, DUMMY_KEY_LEN, "other89", - "I am your first other", "other@other.com"); - std::string other2 = setKeyPairParams(true, DUMMY_KEY_LEN, "other2", - "I am your second other", "other2@other.com"); - std::string other3 = setKeyPairParams(true, DUMMY_KEY_LEN, "other3", - "I am your third other", "other3@other.com"); - - gpgme_error_t rc = GPG_ERR_NO_ERROR; // assume OK - rc = gpgme_op_genkey(CTX, friend1.c_str(), NULL, NULL); - rc = gpgme_op_genkey(CTX, friend2.c_str(), NULL, NULL); - rc = gpgme_op_genkey(CTX, friend3.c_str(), NULL, NULL); - - rc = gpgme_op_genkey(CTX, other1.c_str(), NULL, NULL); - rc = gpgme_op_genkey(CTX, other2.c_str(), NULL, NULL); - rc = gpgme_op_genkey(CTX, other3.c_str(), NULL, NULL); - - std::cout << "createDummyFriends(): exit" << std::endl; - return; -} +#endif static std::string setKeyPairParams(bool useRsa, unsigned int blen, std::string name, std::string comment, std::string email) @@ -2164,17 +2143,17 @@ static gpgme_error_t trustCallback(void *opaque, gpgme_status_code_t status, \ // -------------------------------- Config functions ------------------------------ // // -----------------------------------------------------------------------------------// // -RsSerialiser *AuthGPG::setupSerialiser() +RsSerialiser *AuthGPGimpl::setupSerialiser() { RsSerialiser *rss = new RsSerialiser ; rss->addSerialType(new RsGeneralConfigSerialiser()); return rss ; } -std::list AuthGPG::saveList(bool& cleanup) +std::list AuthGPGimpl::saveList(bool& cleanup) { #ifdef GPG_DEBUG - std::cerr << "AuthGPG::saveList() called" << std::endl ; + std::cerr << "AuthGPGimpl::saveList() called" << std::endl ; #endif RsStackMutex stack(gpgMtx); /******* LOCKED ******/ @@ -2193,7 +2172,7 @@ std::list AuthGPG::saveList(bool& cleanup) RsTlvKeyValue kv; kv.key = mapIt->first; #ifdef GPG_DEBUG - std::cerr << "AuthGPG::saveList() called (mapIt->second) : " << (mapIt->second) << std::endl ; + std::cerr << "AuthGPGimpl::saveList() called (mapIt->second) : " << (mapIt->second) << std::endl ; #endif kv.value = (mapIt->second)?"TRUE":"FALSE" ; vitem->tlvkvs.pairs.push_back(kv) ; @@ -2203,10 +2182,10 @@ std::list AuthGPG::saveList(bool& cleanup) return lst ; } -bool AuthGPG::loadList(std::list load) +bool AuthGPGimpl::loadList(std::list load) { #ifdef GPG_DEBUG - std::cerr << "AuthGPG::loadList() Item Count: " << load.size() << std::endl; + std::cerr << "AuthGPGimpl::loadList() Item Count: " << load.size() << std::endl; #endif storeAllKeys(); @@ -2219,7 +2198,7 @@ bool AuthGPG::loadList(std::list load) if(vitem) { #ifdef GPG_DEBUG - std::cerr << "AuthGPG::loadList() General Variable Config Item:" << std::endl; + std::cerr << "AuthGPGimpl::loadList() General Variable Config Item:" << std::endl; vitem->print(std::cerr, 10); std::cerr << std::endl; #endif @@ -2234,7 +2213,7 @@ bool AuthGPG::loadList(std::list load) certmap::iterator it; if (mKeyList.end() != (it = mKeyList.find(kit->key))) { #ifdef GPG_DEBUG - std::cerr << "AuthGPG::loadList() setting accept to : " << (kit->value == "TRUE"); + std::cerr << "AuthGPGimpl::loadList() setting accept to : " << (kit->value == "TRUE"); std::cerr << " for gpg key id : " << kit->key << std::endl; #endif it->second.accept_connection = (kit->value == "TRUE"); diff --git a/libretroshare/src/pqi/authgpg.h b/libretroshare/src/pqi/authgpg.h index 813b31e42..6a7f17b71 100644 --- a/libretroshare/src/pqi/authgpg.h +++ b/libretroshare/src/pqi/authgpg.h @@ -58,6 +58,8 @@ const time_t STORE_KEY_TIMEOUT = 60; //store key is call around every 60sec * gpgcert is the identifier for a person. * It is a wrapper class for a GPGme OpenPGP certificate. */ +class AuthGPG; + class gpgcert { public: @@ -93,10 +95,254 @@ typedef std::map certmap; * This provides retroshare basic gpg functionality and * key/web-of-trust management, also handle cert intialisation for retroshare */ -class AuthGPG : public p3Config + +extern void AuthGPGInit(); + +class AuthGPG { + + public: + //AuthGPG(); + +static AuthGPG *getAuthGPG(); + + /** + * @param ids list of gpg certificate ids (note, not the actual certificates) + */ +virtual bool availableGPGCertificatesWithPrivateKeys(std::list &ids) = 0; +virtual bool printKeys() = 0; + +/*********************************************************************************/ +/************************* STAGE 1 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 1: Initialisation.... As we are switching to OpenPGP the init functions + * will be different. Just move the initialisation functions over.... + * + * As GPGMe requires external calls to the GPG executable, which could potentially + * be expensive, We'll want to cache the GPG keys in this class. + * This should be done at initialisation, and saved in a map. + * (see storage at the end of the class) + * + ****/ +virtual bool active() = 0; + + /* Initialize */ +virtual bool InitAuth () = 0; + + /* Init by generating new Own PGP Cert, or selecting existing PGP Cert */ +virtual int GPGInit(std::string ownId) = 0; +virtual bool CloseAuth() = 0; +virtual bool GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString) = 0; + +/*********************************************************************************/ +/************************* STAGE 3 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 3: These are some of the most commonly used functions in Retroshare. + * + * More commonly used functions. + * + * provide access to details in cache list. + * + ****/ +virtual std::string getGPGName(GPG_id pgp_id) = 0; +virtual std::string getGPGEmail(GPG_id pgp_id) = 0; + + /* PGP web of trust management */ +virtual std::string getGPGOwnId() = 0; +virtual std::string getGPGOwnName() = 0; +//virtual std::string getGPGOwnEmail() = 0; +virtual bool getGPGDetails(std::string id, RsPeerDetails &d) = 0; +virtual bool getGPGAllList(std::list &ids) = 0; +virtual bool getGPGValidList(std::list &ids) = 0; +virtual bool getGPGAcceptedList(std::list &ids) = 0; +virtual bool getGPGSignedList(std::list &ids) = 0; +virtual bool isGPGValid(std::string id) = 0; +virtual bool isGPGSigned(std::string id) = 0; +virtual bool isGPGAccepted(std::string id) = 0; +virtual bool isGPGId(GPG_id id) = 0; + +/*********************************************************************************/ +/************************* STAGE 4 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 4: Loading and Saving Certificates. (Strings and Files) + * + ****/ +virtual bool LoadCertificateFromString(std::string pem, std::string &gpg_id) = 0; +virtual std::string SaveCertificateToString(std::string id) = 0; + +/*********************************************************************************/ +/************************* STAGE 6 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 6: Authentication, Trust and Signing. + * + * This is some of the harder functions, but they should have been + * done in gpgroot already. + * + ****/ +virtual bool setAcceptToConnectGPGCertificate(std::string gpg_id, bool acceptance) = 0; //don't act on the gpg key, use a seperate set +virtual bool SignCertificateLevel0(std::string id) = 0; +virtual bool RevokeCertificate(std::string id) = 0; /* Particularly hard - leave for later */ +//virtual bool TrustCertificateNone(std::string id) = 0; +//virtual bool TrustCertificateMarginally(std::string id) = 0; +//virtual bool TrustCertificateFully(std::string id) = 0; +virtual bool TrustCertificate(std::string id, int trustlvl) = 0; //trustlvl is 2 for none, 3 for marginal and 4 for full trust + +/*********************************************************************************/ +/************************* STAGE 7 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 7: Signing Data. + * + * There should also be Encryption Functions... (do later). + * + ****/ +//virtual bool SignData(std::string input, std::string &sign) = 0; +//virtual bool SignData(const void *data, const uint32_t len, std::string &sign) = 0; +//virtual bool SignDataBin(std::string input, unsigned char *sign, unsigned int *signlen) = 0; +virtual bool SignDataBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen) = 0; +virtual bool VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, std::string withfingerprint) = 0; +virtual bool decryptText(gpgme_data_t CIPHER, gpgme_data_t PLAIN) = 0; +virtual bool encryptText(gpgme_data_t PLAIN, gpgme_data_t CIPHER) = 0; +//END of PGP public functions + + +}; + +/* The real implementation! */ + + +class AuthGPGimpl : public AuthGPG, public p3Config +{ + public: + + AuthGPGimpl(); + ~AuthGPGimpl(); + + /** + * @param ids list of gpg certificate ids (note, not the actual certificates) + */ +virtual bool availableGPGCertificatesWithPrivateKeys(std::list &ids); + +virtual bool printKeys(); + +/*********************************************************************************/ +/************************* STAGE 1 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 1: Initialisation.... As we are switching to OpenPGP the init functions + * will be different. Just move the initialisation functions over.... + * + * As GPGMe requires external calls to the GPG executable, which could potentially + * be expensive, We'll want to cache the GPG keys in this class. + * This should be done at initialisation, and saved in a map. + * (see storage at the end of the class) + * + ****/ +virtual bool active(); + + /* Initialize */ +virtual bool InitAuth (); + + /* Init by generating new Own PGP Cert, or selecting existing PGP Cert */ +virtual int GPGInit(std::string ownId); +virtual bool CloseAuth(); +virtual bool GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString); + +/*********************************************************************************/ +/************************* STAGE 3 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 3: These are some of the most commonly used functions in Retroshare. + * + * More commonly used functions. + * + * provide access to details in cache list. + * + ****/ +virtual std::string getGPGName(GPG_id pgp_id); +virtual std::string getGPGEmail(GPG_id pgp_id); + + /* PGP web of trust management */ +virtual std::string getGPGOwnId(); +virtual std::string getGPGOwnName(); +//virtual std::string getGPGOwnEmail(); +virtual bool getGPGDetails(std::string id, RsPeerDetails &d); +virtual bool getGPGAllList(std::list &ids); +virtual bool getGPGValidList(std::list &ids); +virtual bool getGPGAcceptedList(std::list &ids); +virtual bool getGPGSignedList(std::list &ids); +virtual bool isGPGValid(std::string id); +virtual bool isGPGSigned(std::string id); +virtual bool isGPGAccepted(std::string id); +virtual bool isGPGId(GPG_id id); + +/*********************************************************************************/ +/************************* STAGE 4 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 4: Loading and Saving Certificates. (Strings and Files) + * + ****/ +virtual bool LoadCertificateFromString(std::string pem, std::string &gpg_id); +virtual std::string SaveCertificateToString(std::string id); + +/*********************************************************************************/ +/************************* STAGE 6 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 6: Authentication, Trust and Signing. + * + * This is some of the harder functions, but they should have been + * done in gpgroot already. + * + ****/ +virtual bool setAcceptToConnectGPGCertificate(std::string gpg_id, bool acceptance); //don't act on the gpg key, use a seperate set +virtual bool SignCertificateLevel0(std::string id); +virtual bool RevokeCertificate(std::string id); /* Particularly hard - leave for later */ + +//virtual bool TrustCertificateNone(std::string id); +//virtual bool TrustCertificateMarginally(std::string id); +//virtual bool TrustCertificateFully(std::string id); +virtual bool TrustCertificate(std::string id, int trustlvl); //trustlvl is 2 for none, 3 for marginal and 4 for full trust + +/*********************************************************************************/ +/************************* STAGE 7 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 7: Signing Data. + * + * There should also be Encryption Functions... (do later). + * + ****/ +//virtual bool SignData(std::string input, std::string &sign); +//virtual bool SignData(const void *data, const uint32_t len, std::string &sign); +//virtual bool SignDataBin(std::string input, unsigned char *sign, unsigned int *signlen); +virtual bool SignDataBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen); +virtual bool VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, std::string withfingerprint); +virtual bool decryptText(gpgme_data_t CIPHER, gpgme_data_t PLAIN); +virtual bool encryptText(gpgme_data_t PLAIN, gpgme_data_t CIPHER); +//END of PGP public functions + + protected: +/*****************************************************************/ +/*********************** p3config ******************************/ + /* Key Functions to be overloaded for Full Configuration */ + virtual RsSerialiser *setupSerialiser(); + virtual std::list saveList(bool &cleanup); + virtual bool loadList(std::list load); +/*****************************************************************/ + private: + /* SKTAN */ + //void showData(gpgme_data_t dh); + //void createDummyFriends(void); //NYI + + /* Internal functions */ bool DoOwnSignature(const void *, unsigned int, void *, unsigned int *); bool VerifySignature(const void *data, int datalen, const void *sig, unsigned int siglen, std::string withfingerprint); @@ -116,130 +362,6 @@ class AuthGPG : public p3Config bool printAllKeys_locked(); bool printOwnKeys_locked(); - public: - - AuthGPG(); - ~AuthGPG(); - - /** - * @param ids list of gpg certificate ids (note, not the actual certificates) - */ - bool availableGPGCertificatesWithPrivateKeys(std::list &ids); - - /* SKTAN */ - void showData(gpgme_data_t dh); - void createDummyFriends(void); //NYI - - bool printKeys(); - -/*********************************************************************************/ -/************************* STAGE 1 ***********************************************/ -/*********************************************************************************/ -/***** - * STAGE 1: Initialisation.... As we are switching to OpenPGP the init functions - * will be different. Just move the initialisation functions over.... - * - * As GPGMe requires external calls to the GPG executable, which could potentially - * be expensive, We'll want to cache the GPG keys in this class. - * This should be done at initialisation, and saved in a map. - * (see storage at the end of the class) - * - ****/ - bool active(); - - /* Initialize */ - bool InitAuth (); - - /* Init by generating new Own PGP Cert, or selecting existing PGP Cert */ - int GPGInit(std::string ownId); - bool CloseAuth(); - bool GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString); - -/*********************************************************************************/ -/************************* STAGE 3 ***********************************************/ -/*********************************************************************************/ -/***** - * STAGE 3: These are some of the most commonly used functions in Retroshare. - * - * More commonly used functions. - * - * provide access to details in cache list. - * - ****/ - std::string getGPGName(GPG_id pgp_id); - std::string getGPGEmail(GPG_id pgp_id); - - /* PGP web of trust management */ - std::string getGPGOwnId(); - std::string getGPGOwnName(); - std::string getGPGOwnEmail(); - bool getGPGDetails(std::string id, RsPeerDetails &d); - bool getGPGAllList(std::list &ids); - bool getGPGValidList(std::list &ids); - bool getGPGAcceptedList(std::list &ids); - bool getGPGSignedList(std::list &ids); - bool isGPGValid(std::string id); - bool isGPGSigned(std::string id); - bool isGPGAccepted(std::string id); - bool isGPGId(GPG_id id); - -/*********************************************************************************/ -/************************* STAGE 4 ***********************************************/ -/*********************************************************************************/ -/***** - * STAGE 4: Loading and Saving Certificates. (Strings and Files) - * - ****/ - bool LoadCertificateFromString(std::string pem, std::string &gpg_id); - std::string SaveCertificateToString(std::string id); - -/*********************************************************************************/ -/************************* STAGE 6 ***********************************************/ -/*********************************************************************************/ -/***** - * STAGE 6: Authentication, Trust and Signing. - * - * This is some of the harder functions, but they should have been - * done in gpgroot already. - * - ****/ - bool setAcceptToConnectGPGCertificate(std::string gpg_id, bool acceptance); //don't act on the gpg key, use a seperate set - bool SignCertificateLevel0(std::string id); - bool RevokeCertificate(std::string id); /* Particularly hard - leave for later */ - bool TrustCertificateNone(std::string id); - bool TrustCertificateMarginally(std::string id); - bool TrustCertificateFully(std::string id); - bool TrustCertificate(std::string id, int trustlvl); //trustlvl is 2 for none, 3 for marginal and 4 for full trust - -/*********************************************************************************/ -/************************* STAGE 7 ***********************************************/ -/*********************************************************************************/ -/***** - * STAGE 7: Signing Data. - * - * There should also be Encryption Functions... (do later). - * - ****/ - bool SignData(std::string input, std::string &sign); - bool SignData(const void *data, const uint32_t len, std::string &sign); - bool SignDataBin(std::string input, unsigned char *sign, unsigned int *signlen); - bool SignDataBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen); - bool VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, std::string withfingerprint); - bool decryptText(gpgme_data_t CIPHER, gpgme_data_t PLAIN); - bool encryptText(gpgme_data_t PLAIN, gpgme_data_t CIPHER); -//END of PGP public functions - - static AuthGPG *getAuthGPG() throw() // pour obtenir l'instance - { return instance_gpg; } - - protected: -/*****************************************************************/ -/*********************** p3config ******************************/ - /* Key Functions to be overloaded for Full Configuration */ - virtual RsSerialiser *setupSerialiser(); - virtual std::list saveList(bool &cleanup); - virtual bool loadList(std::list load); -/*****************************************************************/ private: diff --git a/libretroshare/src/pqi/authgpgtest.cc b/libretroshare/src/pqi/authgpgtest.cc new file mode 100644 index 000000000..70cc3960b --- /dev/null +++ b/libretroshare/src/pqi/authgpgtest.cc @@ -0,0 +1,368 @@ +/* + * libretroshare/src/ : authgpgtest.cc + * + * GPG interface for RetroShare. + * + * Copyright 2009-2010 by Robert Fernie. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License Version 2 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 + * USA. + * + * Please report all bugs and problems to "retroshare@lunamutt.com". + * + * This is *THE* auth manager. It provides the web-of-trust via + * gpgme, and authenticates the certificates that are managed + * by the sublayer AuthSSL. + * + */ + +#include "pqi/authgpgtest.h" + +AuthGPGtest::AuthGPGtest() +{ + mOwnGPGId = "TEST_DUMMY_OWN_GPG_ID"; + return; +} + + /** + * @param ids list of gpg certificate ids (note, not the actual certificates) + */ +bool AuthGPGtest::availableGPGCertificatesWithPrivateKeys(std::list &ids) +{ + std::cerr << "AuthGPGtest::availableGPGCertificatesWithPrivateKeys()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::printKeys() +{ + std::cerr << "AuthGPGtest::printKeys()"; + std::cerr << std::endl; + return true; +} + + +/*********************************************************************************/ +/************************* STAGE 1 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 1: Initialisation.... As we are switching to OpenPGP the init functions + * will be different. Just move the initialisation functions over.... + * + * As GPGMe requires external calls to the GPG executable, which could potentially + * be expensive, We'll want to cache the GPG keys in this class. + * This should be done at initialisation, and saved in a map. + * (see storage at the end of the class) + * + ****/ +bool AuthGPGtest::active() +{ + std::cerr << "AuthGPGtest::active()"; + std::cerr << std::endl; + return true; +} + + + /* Initialize */ +bool AuthGPGtest::InitAuth() +{ + std::cerr << "AuthGPGtest::InitAuth()"; + std::cerr << std::endl; + return true; +} + + + /* Init by generating new Own PGP Cert, or selecting existing PGP Cert */ +int AuthGPGtest::GPGInit(std::string ownId) +{ + std::cerr << "AuthGPGtest::GPGInit(): new OwnId: " << ownId; + std::cerr << std::endl; + mOwnGPGId = ownId; + return true; +} + +bool AuthGPGtest::CloseAuth() +{ + std::cerr << "AuthGPGtest::CloseAuth()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString) +{ + std::cerr << "AuthGPGtest::GeneratePGPCertificate()"; + std::cerr << std::endl; + return true; +} + + +/*********************************************************************************/ +/************************* STAGE 3 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 3: These are some of the most commonly used functions in Retroshare. + * + * More commonly used functions. + * + * provide access to details in cache list. + * + ****/ +std::string AuthGPGtest::getGPGName(GPG_id pgp_id) +{ + std::cerr << "AuthGPGtest::getGPGName()"; + std::cerr << std::endl; + return "DUMMY_NAME"; +} + +std::string AuthGPGtest::getGPGEmail(GPG_id pgp_id) +{ + std::cerr << "AuthGPGtest::getGPGEmail()"; + std::cerr << std::endl; + return "DUMMY_EMAIL"; +} + + + /* PGP web of trust management */ +std::string AuthGPGtest::getGPGOwnId() +{ + std::cerr << "AuthGPGtest::getGPGOwnId()"; + std::cerr << std::endl; + return mOwnGPGId; +} + +std::string AuthGPGtest::getGPGOwnName() +{ + std::cerr << "AuthGPGtest::getGPGOwnName()"; + std::cerr << std::endl; + return "DUMMY_OWN_NAME"; +} + +#if 0 +std::string AuthGPGtest::getGPGOwnEmail() +{ + std::cerr << "AuthGPGtest::getGPGOwnEmail()"; + std::cerr << std::endl; + return "DUMMY_OWN_EMAIL"; +} +#endif + +bool AuthGPGtest::getGPGDetails(std::string id, RsPeerDetails &d) +{ + std::cerr << "AuthGPGtest::getGPGDetails()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::getGPGAllList(std::list &ids) +{ + std::cerr << "AuthGPGtest::getGPGAllList()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::getGPGValidList(std::list &ids) +{ + std::cerr << "AuthGPGtest::getGPGValidList()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::getGPGAcceptedList(std::list &ids) +{ + std::cerr << "AuthGPGtest::getGPGAcceptedList()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::getGPGSignedList(std::list &ids) +{ + std::cerr << "AuthGPGtest::getGPGSignedList()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::isGPGValid(std::string id) +{ + std::cerr << "AuthGPGtest::isGPGValid()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::isGPGSigned(std::string id) +{ + std::cerr << "AuthGPGtest::isGPGSigned()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::isGPGAccepted(std::string id) +{ + std::cerr << "AuthGPGtest::isGPGAccepted()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::isGPGId(GPG_id id) +{ + std::cerr << "AuthGPGtest::isGPGId()"; + std::cerr << std::endl; + return true; +} + + +/*********************************************************************************/ +/************************* STAGE 4 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 4: Loading and Saving Certificates. (Strings and Files) + * + ****/ +bool AuthGPGtest::LoadCertificateFromString(std::string pem, std::string &gpg_id) +{ + std::cerr << "AuthGPGtest::LoadCertificateFromString()"; + std::cerr << std::endl; + return false; +} + +std::string AuthGPGtest::SaveCertificateToString(std::string id) +{ + std::cerr << "AuthGPGtest::SaveCertificateToString()"; + std::cerr << std::endl; + return "NOT_A_CERTIFICATE"; +} + + +/*********************************************************************************/ +/************************* STAGE 6 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 6: Authentication, Trust and Signing. + * + * This is some of the harder functions, but they should have been + * done in gpgroot already. + * + ****/ +bool AuthGPGtest::setAcceptToConnectGPGCertificate(std::string gpg_id, bool acceptance) +{ + std::cerr << "AuthGPGtest::setAcceptToConnectGPGCertificate()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::SignCertificateLevel0(std::string id) +{ + std::cerr << "AuthGPGtest::SignCertificateLevel0()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::RevokeCertificate(std::string id) +{ + std::cerr << "AuthGPGtest::RevokeCertificate()"; + std::cerr << std::endl; + return true; +} + +#if 0 +bool AuthGPGtest::TrustCertificateNone(std::string id) +{ + std::cerr << "AuthGPGtest::TrustCertificateNone()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::TrustCertificateMarginally(std::string id) +{ + std::cerr << "AuthGPGtest::TrustCertificateMarginally()"; + std::cerr << std::endl; + return true; +} + +bool AuthGPGtest::TrustCertificateFully(std::string id) +{ + std::cerr << "AuthGPGtest::TrustCertificateFully()"; + std::cerr << std::endl; + return true; +} + +#endif + +bool AuthGPGtest::TrustCertificate(std::string id, int trustlvl) +{ + std::cerr << "AuthGPGtest::TrustCertificate()"; + std::cerr << std::endl; + return true; +} + + +/*********************************************************************************/ +/************************* STAGE 7 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 7: Signing Data. + * + * There should also be Encryption Functions... (do later). + * + ****/ +#if 0 +bool AuthGPGtest::SignData(std::string input, std::string &sign) +{ + std::cerr << "AuthGPGtest::SignData()"; + std::cerr << std::endl; + return false; +} + +bool AuthGPGtest::SignData(const void *data, const uint32_t len, std::string &sign) +{ + std::cerr << "AuthGPGtest::SignData()"; + std::cerr << std::endl; + return false; +} + +bool AuthGPGtest::SignDataBin(std::string input, unsigned char *sign, unsigned int *signlen) +{ + std::cerr << "AuthGPGtest::SignDataBin()"; + std::cerr << std::endl; + return false; +} +#endif + +bool AuthGPGtest::SignDataBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen) +{ + std::cerr << "AuthGPGtest::SignDataBin()"; + std::cerr << std::endl; + return false; +} + +bool AuthGPGtest::VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, std::string withfingerprint) +{ + std::cerr << "AuthGPGtest::VerifySignBin()"; + std::cerr << std::endl; + return false; +} + +bool AuthGPGtest::decryptText(gpgme_data_t CIPHER, gpgme_data_t PLAIN) +{ + std::cerr << "AuthGPGtest::decryptText()"; + std::cerr << std::endl; + return false; +} + +bool AuthGPGtest::encryptText(gpgme_data_t PLAIN, gpgme_data_t CIPHER) +{ + std::cerr << "AuthGPGtest::encryptText()"; + std::cerr << std::endl; + return false; +} + diff --git a/libretroshare/src/pqi/authgpgtest.h b/libretroshare/src/pqi/authgpgtest.h new file mode 100644 index 000000000..c19f2ad0d --- /dev/null +++ b/libretroshare/src/pqi/authgpgtest.h @@ -0,0 +1,153 @@ +/* + * libretroshare/src/ : authgpgtest.h + * + * GPG interface for RetroShare. + * + * Copyright 2009-2010 by Robert Fernie. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License Version 2 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 + * USA. + * + * Please report all bugs and problems to "retroshare@lunamutt.com". + * + * This is *THE* auth manager. It provides the web-of-trust via + * gpgme, and authenticates the certificates that are managed + * by the sublayer AuthSSL. + * + */ + +#ifndef RS_GPG_AUTH_TEST_HEADER +#define RS_GPG_AUTH_TEST_HEADER + +#include "pqi/authgpg.h" + +/* override the default AuthGPG */ +void setAuthGPG(AuthGPG *newgpg); + +class AuthGPGtest: public AuthGPG +{ + + public: + AuthGPGtest(); + + /** + * @param ids list of gpg certificate ids (note, not the actual certificates) + */ +virtual bool availableGPGCertificatesWithPrivateKeys(std::list &ids); +virtual bool printKeys(); + +/*********************************************************************************/ +/************************* STAGE 1 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 1: Initialisation.... As we are switching to OpenPGP the init functions + * will be different. Just move the initialisation functions over.... + * + * As GPGMe requires external calls to the GPG executable, which could potentially + * be expensive, We'll want to cache the GPG keys in this class. + * This should be done at initialisation, and saved in a map. + * (see storage at the end of the class) + * + ****/ +virtual bool active(); + + /* Initialize */ +virtual bool InitAuth (); + + /* Init by generating new Own PGP Cert, or selecting existing PGP Cert */ +virtual int GPGInit(std::string ownId); +virtual bool CloseAuth(); +virtual bool GeneratePGPCertificate(std::string name, std::string email, std::string passwd, std::string &pgpId, std::string &errString); + +/*********************************************************************************/ +/************************* STAGE 3 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 3: These are some of the most commonly used functions in Retroshare. + * + * More commonly used functions. + * + * provide access to details in cache list. + * + ****/ +virtual std::string getGPGName(GPG_id pgp_id); +virtual std::string getGPGEmail(GPG_id pgp_id); + + /* PGP web of trust management */ +virtual std::string getGPGOwnId(); +virtual std::string getGPGOwnName(); +//virtual std::string getGPGOwnEmail(); +virtual bool getGPGDetails(std::string id, RsPeerDetails &d); +virtual bool getGPGAllList(std::list &ids); +virtual bool getGPGValidList(std::list &ids); +virtual bool getGPGAcceptedList(std::list &ids); +virtual bool getGPGSignedList(std::list &ids); +virtual bool isGPGValid(std::string id); +virtual bool isGPGSigned(std::string id); +virtual bool isGPGAccepted(std::string id); +virtual bool isGPGId(GPG_id id); + +/*********************************************************************************/ +/************************* STAGE 4 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 4: Loading and Saving Certificates. (Strings and Files) + * + ****/ +virtual bool LoadCertificateFromString(std::string pem, std::string &gpg_id); +virtual std::string SaveCertificateToString(std::string id); + +/*********************************************************************************/ +/************************* STAGE 6 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 6: Authentication, Trust and Signing. + * + * This is some of the harder functions, but they should have been + * done in gpgroot already. + * + ****/ +virtual bool setAcceptToConnectGPGCertificate(std::string gpg_id, bool acceptance); //don't act on the gpg key, use a seperate set +virtual bool SignCertificateLevel0(std::string id); +virtual bool RevokeCertificate(std::string id); /* Particularly hard - leave for later */ +//virtual bool TrustCertificateNone(std::string id); +//virtual bool TrustCertificateMarginally(std::string id); +//virtual bool TrustCertificateFully(std::string id); +virtual bool TrustCertificate(std::string id, int trustlvl); //trustlvl is 2 for none, 3 for marginal and 4 for full trust + +/*********************************************************************************/ +/************************* STAGE 7 ***********************************************/ +/*********************************************************************************/ +/***** + * STAGE 7: Signing Data. + * + * There should also be Encryption Functions... (do later). + * + ****/ +//virtual bool SignData(std::string input, std::string &sign); +//virtual bool SignData(const void *data, const uint32_t len, std::string &sign); +//virtual bool SignDataBin(std::string input, unsigned char *sign, unsigned int *signlen); +virtual bool SignDataBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen); +virtual bool VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, std::string withfingerprint); +virtual bool decryptText(gpgme_data_t CIPHER, gpgme_data_t PLAIN); +virtual bool encryptText(gpgme_data_t PLAIN, gpgme_data_t CIPHER); +//END of PGP public functions + + private: + + std::string mOwnGPGId; +}; + + +#endif diff --git a/libretroshare/src/pqi/authssl.cc b/libretroshare/src/pqi/authssl.cc index 253633535..2ebd1522e 100644 --- a/libretroshare/src/pqi/authssl.cc +++ b/libretroshare/src/pqi/authssl.cc @@ -35,6 +35,7 @@ #include "pqinetwork.h" #include "authgpg.h" #include "pqi/p3connmgr.h" +#include "serialiser/rsconfigitems.h" /******************** notify of new Cert **************************/ #include "pqinotify.h" @@ -52,6 +53,31 @@ * #define AUTHSSL_DEBUG 1 ***/ +// initialisation du pointeur de singleton à zéro +static AuthSSL *instance_ssl = NULL; + +/* hidden function - for testing purposes() */ +void setAuthSSL(AuthSSL *newssl) +{ + instance_ssl = newssl; +} + +void AuthSSLInit() +{ + instance_ssl = new AuthSSLimpl(); +} + +AuthSSL *AuthSSL::getAuthSSL() +{ + return instance_ssl; +} + +AuthSSL::AuthSSL() +{ + return; +} + + /********************************************************************************/ /********************************************************************************/ /********************* Cert Search / Add / Remove **************************/ @@ -61,10 +87,6 @@ static int verify_x509_callback(int preverify_ok, X509_STORE_CTX *ctx); -// initialisation du pointeur de singleton à zéro -AuthSSL *AuthSSL::instance_ssl = new AuthSSL(); - - sslcert::sslcert(X509 *x509, std::string pid) { certificate = x509; @@ -99,23 +121,23 @@ sslcert::sslcert(X509 *x509, std::string pid) /********************************************************************************/ -AuthSSL::AuthSSL() +AuthSSLimpl::AuthSSLimpl() : p3Config(CONFIG_TYPE_AUTHSSL), sslctx(NULL), mOwnCert(NULL), mOwnPrivateKey(NULL), mOwnPublicKey(NULL), init(0) { } -bool AuthSSL::active() +bool AuthSSLimpl::active() { return init; } -int AuthSSL::InitAuth(const char *cert_file, const char *priv_key_file, +int AuthSSLimpl::InitAuth(const char *cert_file, const char *priv_key_file, const char *passwd) { #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::InitAuth()"; + std::cerr << "AuthSSLimpl::InitAuth()"; std::cerr << std::endl; #endif @@ -131,7 +153,7 @@ static int initLib = 0; if (init == 1) { - std::cerr << "AuthSSL::InitAuth already initialized." << std::endl; + std::cerr << "AuthSSLimpl::InitAuth already initialized." << std::endl; return 1; } @@ -171,7 +193,7 @@ static int initLib = 0; if (x509 == NULL) { - std::cerr << "AuthSSL::InitAuth() PEM_read_X509() Failed"; + std::cerr << "AuthSSLimpl::InitAuth() PEM_read_X509() Failed"; std::cerr << std::endl; return -1; } @@ -192,7 +214,7 @@ static int initLib = 0; if (mOwnPrivateKey == NULL) { - std::cerr << "AuthSSL::InitAuth() PEM_read_PrivateKey() Failed"; + std::cerr << "AuthSSLimpl::InitAuth() PEM_read_PrivateKey() Failed"; std::cerr << std::endl; return -1; } @@ -210,7 +232,7 @@ static int initLib = 0; if (!getX509id(x509, mOwnId)) { - std::cerr << "AuthSSL::InitAuth() getX509id() Failed"; + std::cerr << "AuthSSLimpl::InitAuth() getX509id() Failed"; std::cerr << std::endl; /* bad certificate */ @@ -224,7 +246,7 @@ static int initLib = 0; if (!validateOwnCertificate(x509, mOwnPrivateKey)) { - std::cerr << "AuthSSL::InitAuth() validateOwnCertificate() Failed"; + std::cerr << "AuthSSLimpl::InitAuth() validateOwnCertificate() Failed"; std::cerr << std::endl; /* bad certificate */ @@ -249,7 +271,7 @@ static int initLib = 0; } /* Dummy function to be overloaded by real implementation */ -bool AuthSSL::validateOwnCertificate(X509 *x509, EVP_PKEY *pkey) +bool AuthSSLimpl::validateOwnCertificate(X509 *x509, EVP_PKEY *pkey) { (void) pkey; /* remove unused parameter warning */ @@ -261,10 +283,10 @@ bool AuthSSL::validateOwnCertificate(X509 *x509, EVP_PKEY *pkey) return true; } -bool AuthSSL::CloseAuth() +bool AuthSSLimpl::CloseAuth() { #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::CloseAuth()"; + std::cerr << "AuthSSLimpl::CloseAuth()"; std::cerr << std::endl; #endif SSL_CTX_free(sslctx); @@ -276,35 +298,35 @@ bool AuthSSL::CloseAuth() } /* Context handling */ -SSL_CTX *AuthSSL::getCTX() +SSL_CTX *AuthSSLimpl::getCTX() { #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::getCTX()"; + std::cerr << "AuthSSLimpl::getCTX()"; std::cerr << std::endl; #endif return sslctx; } -std::string AuthSSL::OwnId() +std::string AuthSSLimpl::OwnId() { #ifdef AUTHSSL_DEBUG -// std::cerr << "AuthSSL::OwnId()" << std::endl; +// std::cerr << "AuthSSLimpl::OwnId()" << std::endl; #endif return mOwnId; } -std::string AuthSSL::getOwnLocation() +std::string AuthSSLimpl::getOwnLocation() { #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::OwnId()" << std::endl; + std::cerr << "AuthSSLimpl::OwnId()" << std::endl; #endif return mOwnCert->location; } -std::string AuthSSL::SaveOwnCertificateToString() +std::string AuthSSLimpl::SaveOwnCertificateToString() { #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::SaveOwnCertificateToString() " << std::endl; + std::cerr << "AuthSSLimpl::SaveOwnCertificateToString() " << std::endl; #endif return saveX509ToPEM(mOwnCert->certificate); } @@ -315,12 +337,12 @@ std::string AuthSSL::SaveOwnCertificateToString() /********************************************************************************/ /********************************************************************************/ -bool AuthSSL::SignData(std::string input, std::string &sign) +bool AuthSSLimpl::SignData(std::string input, std::string &sign) { return SignData(input.c_str(), input.length(), sign); } -bool AuthSSL::SignData(const void *data, const uint32_t len, std::string &sign) +bool AuthSSLimpl::SignData(const void *data, const uint32_t len, std::string &sign) { RsStackMutex stack(sslMtx); /***** STACK LOCK MUTEX *****/ @@ -369,12 +391,12 @@ bool AuthSSL::SignData(const void *data, const uint32_t len, std::string &sign) return true; } -bool AuthSSL::SignDataBin(std::string input, unsigned char *sign, unsigned int *signlen) +bool AuthSSLimpl::SignDataBin(std::string input, unsigned char *sign, unsigned int *signlen) { return SignDataBin(input.c_str(), input.length(), sign, signlen); } -bool AuthSSL::SignDataBin(const void *data, const uint32_t len, +bool AuthSSLimpl::SignDataBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen) { RsStackMutex stack(sslMtx); /***** STACK LOCK MUTEX *****/ @@ -382,7 +404,7 @@ bool AuthSSL::SignDataBin(const void *data, const uint32_t len, } -bool AuthSSL::VerifySignBin(const void *data, const uint32_t len, +bool AuthSSLimpl::VerifySignBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int signlen, SSL_id sslId) { /* find certificate. @@ -406,7 +428,7 @@ bool AuthSSL::VerifySignBin(const void *data, const uint32_t len, return SSL_VerifySignBin(data, len, sign, signlen, peer->certificate); } -bool AuthSSL::VerifyOwnSignBin(const void *data, const uint32_t len, +bool AuthSSLimpl::VerifyOwnSignBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int signlen) { return SSL_VerifySignBin(data, len, sign, signlen, mOwnCert->certificate); @@ -423,7 +445,7 @@ bool AuthSSL::VerifyOwnSignBin(const void *data, const uint32_t len, * only using GPG functions - which lock themselves */ -X509 *AuthSSL::SignX509ReqWithGPG(X509_REQ *req, long days) +X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long days) { /* Transform the X509_REQ into a suitable format to * generate DIGEST hash. (for SSL to do grunt work) @@ -437,7 +459,7 @@ X509 *AuthSSL::SignX509ReqWithGPG(X509_REQ *req, long days) X509 *x509 = X509_new(); if (x509 == NULL) { - std::cerr << "AuthSSL::SignX509Req() FAIL" << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() FAIL" << std::endl; return NULL; } @@ -455,24 +477,24 @@ X509 *AuthSSL::SignX509ReqWithGPG(X509_REQ *req, long days) (unsigned char *) "loc", -1, -1, 0); ****/ - std::cerr << "AuthSSL::SignX509Req() Issuer name: " << AuthGPG::getAuthGPG()->getGPGOwnId() << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() Issuer name: " << AuthGPG::getAuthGPG()->getGPGOwnId() << std::endl; BIGNUM *btmp = BN_new(); if (!BN_pseudo_rand(btmp, SERIAL_RAND_BITS, 0, 0)) { - std::cerr << "AuthSSL::SignX509Req() rand FAIL" << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() rand FAIL" << std::endl; return NULL; } if (!BN_to_ASN1_INTEGER(btmp, serial)) { - std::cerr << "AuthSSL::SignX509Req() asn1 FAIL" << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() asn1 FAIL" << std::endl; return NULL; } BN_free(btmp); if (!X509_set_serialNumber(x509, serial)) { - std::cerr << "AuthSSL::SignX509Req() serial FAIL" << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() serial FAIL" << std::endl; return NULL; } ASN1_INTEGER_free(serial); @@ -483,7 +505,7 @@ X509 *AuthSSL::SignX509ReqWithGPG(X509_REQ *req, long days) if (!X509_set_issuer_name(x509, issuer_name)) { - std::cerr << "AuthSSL::SignX509Req() issue FAIL" << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() issue FAIL" << std::endl; return NULL; } X509_NAME_free(issuer_name); @@ -491,26 +513,26 @@ X509 *AuthSSL::SignX509ReqWithGPG(X509_REQ *req, long days) if (!X509_gmtime_adj(X509_get_notBefore(x509),0)) { - std::cerr << "AuthSSL::SignX509Req() notbefore FAIL" << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() notbefore FAIL" << std::endl; return NULL; } if (!X509_gmtime_adj(X509_get_notAfter(x509), (long)60*60*24*days)) { - std::cerr << "AuthSSL::SignX509Req() notafter FAIL" << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() notafter FAIL" << std::endl; return NULL; } if (!X509_set_subject_name(x509, X509_REQ_get_subject_name(req))) { - std::cerr << "AuthSSL::SignX509Req() sub FAIL" << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() sub FAIL" << std::endl; return NULL; } tmppkey = X509_REQ_get_pubkey(req); if (!tmppkey || !X509_set_pubkey(x509,tmppkey)) { - std::cerr << "AuthSSL::SignX509Req() pub FAIL" << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() pub FAIL" << std::endl; return NULL; } @@ -569,7 +591,7 @@ X509 *AuthSSL::SignX509ReqWithGPG(X509_REQ *req, long days) { hashoutl=0; sigoutl=0; - fprintf(stderr, "AuthSSL::SignX509Req: ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE)\n"); + fprintf(stderr, "AuthSSLimpl::SignX509Req: ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE)\n"); goto err; } p=buf_in; @@ -584,7 +606,7 @@ X509 *AuthSSL::SignX509ReqWithGPG(X509_REQ *req, long days) (unsigned int *)&hashoutl)) { hashoutl=0; - fprintf(stderr, "AuthSSL::SignX509Req: ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB)\n"); + fprintf(stderr, "AuthSSLimpl::SignX509Req: ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB)\n"); goto err; } @@ -636,15 +658,15 @@ X509 *AuthSSL::SignX509ReqWithGPG(X509_REQ *req, long days) * this is important - as it allows non-friends messages to be validated. */ -bool AuthSSL::AuthX509WithGPG(X509 *x509) +bool AuthSSLimpl::AuthX509WithGPG(X509 *x509) { #ifdef AUTHSSL_DEBUG - fprintf(stderr, "AuthSSL::AuthX509WithGPG() called\n"); + fprintf(stderr, "AuthSSLimpl::AuthX509WithGPG() called\n"); #endif if (!CheckX509Certificate(x509)) { - std::cerr << "AuthSSL::AuthX509() X509 NOT authenticated : Certificate failed basic checks" << std::endl; + std::cerr << "AuthSSLimpl::AuthX509() X509 NOT authenticated : Certificate failed basic checks" << std::endl; return false; } @@ -655,7 +677,7 @@ bool AuthSSL::AuthX509WithGPG(X509 *x509) std::cerr << "Checking GPG issuer : " << issuer << std::endl ; #endif if (!AuthGPG::getAuthGPG()->getGPGDetails(issuer, pd)) { - std::cerr << "AuthSSL::AuthX509() X509 NOT authenticated : AuthGPG::getAuthGPG()->getGPGDetails() returned false." << std::endl; + std::cerr << "AuthSSLimpl::AuthX509() X509 NOT authenticated : AuthGPG::getAuthGPG()->getGPGDetails() returned false." << std::endl; return false; } @@ -696,7 +718,7 @@ bool AuthSSL::AuthX509WithGPG(X509 *x509) if ((buf_in == NULL) || (buf_hashout == NULL) || (buf_sigout == NULL)) { hashoutl=0; sigoutl=0; - fprintf(stderr, "AuthSSL::AuthX509: ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE)\n"); + fprintf(stderr, "AuthSSLimpl::AuthX509: ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE)\n"); goto err; } p=buf_in; @@ -713,7 +735,7 @@ bool AuthSSL::AuthX509WithGPG(X509 *x509) (unsigned int *)&hashoutl)) { hashoutl=0; - fprintf(stderr, "AuthSSL::AuthX509: ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB)\n"); + fprintf(stderr, "AuthSSLimpl::AuthX509: ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB)\n"); goto err; } @@ -728,7 +750,7 @@ bool AuthSSL::AuthX509WithGPG(X509 *x509) /* NOW check sign via GPG Functions */ //get the fingerprint of the key that is supposed to sign #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::AuthX509() verifying the gpg sig with keyprint : " << pd.fpr << std::endl; + std::cerr << "AuthSSLimpl::AuthX509() verifying the gpg sig with keyprint : " << pd.fpr << std::endl; std::cerr << "Sigoutl = " << sigoutl << std::endl ; std::cerr << "pd.fpr = " << pd.fpr << std::endl ; std::cerr << "hashoutl = " << hashoutl << std::endl ; @@ -740,26 +762,26 @@ bool AuthSSL::AuthX509WithGPG(X509 *x509) } #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::AuthX509() X509 authenticated" << std::endl; + std::cerr << "AuthSSLimpl::AuthX509() X509 authenticated" << std::endl; #endif return true; err: - std::cerr << "AuthSSL::AuthX509() X509 NOT authenticated" << std::endl; + std::cerr << "AuthSSLimpl::AuthX509() X509 NOT authenticated" << std::endl; return false; } /* validate + get id */ -bool AuthSSL::ValidateCertificate(X509 *x509, std::string &peerId) +bool AuthSSLimpl::ValidateCertificate(X509 *x509, std::string &peerId) { /* check self signed */ if (!AuthX509WithGPG(x509)) { #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::ValidateCertificate() bad certificate."; + std::cerr << "AuthSSLimpl::ValidateCertificate() bad certificate."; std::cerr << std::endl; #endif return false; @@ -767,14 +789,14 @@ bool AuthSSL::ValidateCertificate(X509 *x509, std::string &peerId) if(!getX509id(x509, peerId)) { #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::ValidateCertificate() Cannot retrieve peer id from certificate.."; + std::cerr << "AuthSSLimpl::ValidateCertificate() Cannot retrieve peer id from certificate.."; std::cerr << std::endl; #endif return false; } #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::ValidateCertificate() good certificate."; + std::cerr << "AuthSSLimpl::ValidateCertificate() good certificate."; std::cerr << std::endl; #endif @@ -798,7 +820,7 @@ static int verify_x509_callback(int preverify_ok, X509_STORE_CTX *ctx) } -int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx) +int AuthSSLimpl::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx) { char buf[256]; X509 *err_cert; @@ -809,7 +831,7 @@ int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx) depth = X509_STORE_CTX_get_error_depth(ctx); #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::VerifyX509Callback(preverify_ok: " << preverify_ok + std::cerr << "AuthSSLimpl::VerifyX509Callback(preverify_ok: " << preverify_ok << " Err: " << err << " Depth: " << depth << std::endl; #endif @@ -821,7 +843,7 @@ int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx) X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256); #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::VerifyX509Callback: depth: " << depth << ":" << buf << std::endl; + std::cerr << "AuthSSLimpl::VerifyX509Callback: depth: " << depth << ":" << buf << std::endl; #endif @@ -852,7 +874,7 @@ int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx) if (!AuthX509WithGPG(X509_STORE_CTX_get_current_cert(ctx))) { #ifdef AUTHSSL_DEBUG - fprintf(stderr, "AuthSSL::VerifyX509Callback() X509 not authenticated.\n"); + fprintf(stderr, "AuthSSLimpl::VerifyX509Callback() X509 not authenticated.\n"); #endif return false; } @@ -860,7 +882,7 @@ int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx) if (!AuthGPG::getAuthGPG()->isGPGAccepted(pgpid)) { #ifdef AUTHSSL_DEBUG - fprintf(stderr, "AuthSSL::VerifyX509Callback() pgp key not accepted : \n"); + fprintf(stderr, "AuthSSLimpl::VerifyX509Callback() pgp key not accepted : \n"); fprintf(stderr, "issuer pgpid : "); fprintf(stderr, "%s\n",pgpid.c_str()); fprintf(stderr, "\n AuthGPG::getAuthGPG()->getGPGOwnId() : "); @@ -889,9 +911,9 @@ int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx) #ifdef AUTHSSL_DEBUG if (preverify_ok) { - fprintf(stderr, "AuthSSL::VerifyX509Callback returned true.\n"); + fprintf(stderr, "AuthSSLimpl::VerifyX509Callback returned true.\n"); } else { - fprintf(stderr, "AuthSSL::VerifyX509Callback returned false.\n"); + fprintf(stderr, "AuthSSLimpl::VerifyX509Callback returned false.\n"); } #endif @@ -906,12 +928,12 @@ int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx) /********************************************************************************/ -bool AuthSSL::encrypt(void *&out, int &outlen, const void *in, int inlen, std::string peerId) +bool AuthSSLimpl::encrypt(void *&out, int &outlen, const void *in, int inlen, std::string peerId) { RsStackMutex stack(sslMtx); /******* LOCKED ******/ #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::encrypt() called for peerId : " << peerId << " with inlen : " << inlen << std::endl; + std::cerr << "AuthSSLimpl::encrypt() called for peerId : " << peerId << " with inlen : " << inlen << std::endl; #endif //TODO : use ssl to crypt the binary input buffer // out = malloc(inlen); @@ -924,7 +946,7 @@ bool AuthSSL::encrypt(void *&out, int &outlen, const void *in, int inlen, std } else { if (!mCerts[peerId]) { #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::encrypt() public key not found." << std::endl; + std::cerr << "AuthSSLimpl::encrypt() public key not found." << std::endl; #endif return false; } else { @@ -1000,7 +1022,7 @@ bool AuthSSL::encrypt(void *&out, int &outlen, const void *in, int inlen, std delete[] ek; #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::encrypt() finished with outlen : " << outlen << std::endl; + std::cerr << "AuthSSLimpl::encrypt() finished with outlen : " << outlen << std::endl; #endif //free(ek); @@ -1010,14 +1032,14 @@ bool AuthSSL::encrypt(void *&out, int &outlen, const void *in, int inlen, std return true; } -bool AuthSSL::decrypt(void *&out, int &outlen, const void *in, int inlen) +bool AuthSSLimpl::decrypt(void *&out, int &outlen, const void *in, int inlen) { RsStackMutex stack(sslMtx); /******* LOCKED ******/ #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::decrypt() called with inlen : " << inlen << std::endl; + std::cerr << "AuthSSLimpl::decrypt() called with inlen : " << inlen << std::endl; #endif //TODO : use ssl to decrypt the binary input buffer // out = malloc(inlen); @@ -1112,7 +1134,7 @@ bool AuthSSL::decrypt(void *&out, int &outlen, const void *in, int inlen) delete[] encryptKey; #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::decrypt() finished with outlen : " << outlen << std::endl; + std::cerr << "AuthSSLimpl::decrypt() finished with outlen : " << outlen << std::endl; #endif return true; @@ -1126,7 +1148,7 @@ bool AuthSSL::decrypt(void *&out, int &outlen, const void *in, int inlen) /********************************************************************************/ /* store for discovery */ -bool AuthSSL::FailedCertificate(X509 *x509, bool incoming) +bool AuthSSLimpl::FailedCertificate(X509 *x509, bool incoming) { (void) incoming; /* remove unused parameter warning */ @@ -1139,7 +1161,7 @@ bool AuthSSL::FailedCertificate(X509 *x509, bool incoming) return false; } -bool AuthSSL::CheckCertificate(std::string id, X509 *x509) +bool AuthSSLimpl::CheckCertificate(std::string id, X509 *x509) { (void) id; /* remove unused parameter warning */ @@ -1155,7 +1177,7 @@ bool AuthSSL::CheckCertificate(std::string id, X509 *x509) /* Locked search -> internal help function */ -bool AuthSSL::locked_FindCert(std::string id, sslcert **cert) +bool AuthSSLimpl::locked_FindCert(std::string id, sslcert **cert) { std::map::iterator it; @@ -1170,7 +1192,7 @@ bool AuthSSL::locked_FindCert(std::string id, sslcert **cert) /* Remove Certificate */ -bool AuthSSL::RemoveX509(std::string id) +bool AuthSSLimpl::RemoveX509(std::string id) { std::map::iterator it; @@ -1193,13 +1215,13 @@ bool AuthSSL::RemoveX509(std::string id) } -bool AuthSSL::LocalStoreCert(X509* x509) +bool AuthSSLimpl::LocalStoreCert(X509* x509) { //store the certificate in the local cert list std::string peerId; if(!getX509id(x509, peerId)) { - std::cerr << "AuthSSL::LocalStoreCert() Cannot retrieve peer id from certificate." << std::endl; + std::cerr << "AuthSSLimpl::LocalStoreCert() Cannot retrieve peer id from certificate." << std::endl; #ifdef AUTHSSL_DEBUG #endif return false; @@ -1211,7 +1233,7 @@ bool AuthSSL::LocalStoreCert(X509* x509) if (peerId == mOwnId) { #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::LocalStoreCert() not storing own certificate" << std::endl; + std::cerr << "AuthSSLimpl::LocalStoreCert() not storing own certificate" << std::endl; #endif return false; } @@ -1228,7 +1250,7 @@ bool AuthSSL::LocalStoreCert(X509* x509) if (0 != X509_cmp(cert->certificate, x509)) { /* MAJOR ERROR */ - std::cerr << "ERROR : AuthSSL::LocalStoreCert() got two ssl certificates with identical ids -> dropping second"; + std::cerr << "ERROR : AuthSSLimpl::LocalStoreCert() got two ssl certificates with identical ids -> dropping second"; std::cerr << std::endl; return false; } @@ -1237,7 +1259,7 @@ bool AuthSSL::LocalStoreCert(X509* x509) } #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::LocalStoreCert() storing certificate for " << peerId << std::endl; + std::cerr << "AuthSSLimpl::LocalStoreCert() storing certificate for " << peerId << std::endl; #endif mCerts[peerId] = new sslcert(X509_dup(x509), peerId); @@ -1254,17 +1276,17 @@ bool AuthSSL::LocalStoreCert(X509* x509) /********************************************************************************/ -RsSerialiser *AuthSSL::setupSerialiser() +RsSerialiser *AuthSSLimpl::setupSerialiser() { - RsSerialiser *rss = new RsSerialiser ; + RsSerialiser *rss = new RsSerialiser(); rss->addSerialType(new RsGeneralConfigSerialiser()); return rss ; } -std::list AuthSSL::saveList(bool& cleanup) +std::list AuthSSLimpl::saveList(bool& cleanup) { #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::saveList() called" << std::endl ; + std::cerr << "AuthSSLimpl::saveList() called" << std::endl ; #endif RsStackMutex stack(sslMtx); /******* LOCKED ******/ @@ -1283,7 +1305,7 @@ std::list AuthSSL::saveList(bool& cleanup) RsTlvKeyValue kv; kv.key = mapIt->first; #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::saveList() called (mapIt->first) : " << (mapIt->first) << std::endl ; + std::cerr << "AuthSSLimpl::saveList() called (mapIt->first) : " << (mapIt->first) << std::endl ; #endif kv.value = saveX509ToPEM(mapIt->second->certificate); vitem->tlvkvs.pairs.push_back(kv) ; @@ -1293,10 +1315,10 @@ std::list AuthSSL::saveList(bool& cleanup) return lst ; } -bool AuthSSL::loadList(std::list load) +bool AuthSSLimpl::loadList(std::list load) { #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::loadList() Item Count: " << load.size() << std::endl; + std::cerr << "AuthSSLimpl::loadList() Item Count: " << load.size() << std::endl; #endif /* load the list of accepted gpg keys */ @@ -1306,7 +1328,7 @@ bool AuthSSL::loadList(std::list load) if(vitem) { #ifdef AUTHSSL_DEBUG - std::cerr << "AuthSSL::loadList() General Variable Config Item:" << std::endl; + std::cerr << "AuthSSLimpl::loadList() General Variable Config Item:" << std::endl; vitem->print(std::cerr, 10); std::cerr << std::endl; #endif diff --git a/libretroshare/src/pqi/authssl.h b/libretroshare/src/pqi/authssl.h index e0f6c5f2c..faf51e06e 100644 --- a/libretroshare/src/pqi/authssl.h +++ b/libretroshare/src/pqi/authssl.h @@ -49,7 +49,7 @@ #include "pqi/pqi_base.h" #include "pqi/pqinetwork.h" -#include "rsiface/rspeers.h" +//#include "rsiface/rspeers.h" #include "pqi/p3cfgmgr.h" typedef std::string SSL_id; @@ -86,13 +86,82 @@ class sslcert X509* certificate; }; +/* required to install instance */ +extern void AuthSSLInit(); -class AuthSSL : public p3Config +class AuthSSL +{ + public: + AuthSSL(); + +static AuthSSL *getAuthSSL(); + + /* Initialisation Functions (Unique) */ +virtual bool validateOwnCertificate(X509 *x509, EVP_PKEY *pkey) = 0; + +virtual bool active() = 0; +virtual int InitAuth(const char *srvr_cert, const char *priv_key, + const char *passwd) = 0; +virtual bool CloseAuth() = 0; + + /*********** Overloaded Functions from p3AuthMgr **********/ + + /* get Certificate Id */ +virtual std::string OwnId() = 0; +virtual std::string getOwnLocation() = 0; +//virtual bool getAllList(std::list &ids); +//virtual bool getAuthenticatedList(std::list &ids); +//virtual bool getUnknownList(std::list &ids); +//virtual bool getSSLChildListOfGPGId(std::string gpg_id, std::list &ids); + + /* get Details from the Certificates */ +//virtual bool isAuthenticated(std::string id); +//virtual std::string getName(std::string id); +//virtual std::string getIssuerName(std::string id); +//virtual std::string getGPGId(SSL_id id); +//virtual bool getCertDetails(std::string id, sslcert &cert); + + /* Load/Save certificates */ +virtual std::string SaveOwnCertificateToString() = 0; + + /* Sign / Encrypt / Verify Data */ +virtual bool SignData(std::string input, std::string &sign) = 0; +virtual bool SignData(const void *data, const uint32_t len, std::string &sign) = 0; + +virtual bool SignDataBin(std::string, unsigned char*, unsigned int*) = 0; +virtual bool SignDataBin(const void*, uint32_t, unsigned char*, unsigned int*) = 0; +virtual bool VerifyOwnSignBin(const void*, uint32_t, unsigned char*, unsigned int) = 0; +virtual bool VerifySignBin(const void *data, const uint32_t len, + unsigned char *sign, unsigned int signlen, SSL_id sslId) = 0; + +// return : false if encrypt failed +virtual bool encrypt(void *&out, int &outlen, const void *in, int inlen, std::string peerId) = 0; +// return : false if decrypt fails +virtual bool decrypt(void *&out, int &outlen, const void *in, int inlen) = 0; + + +virtual X509* SignX509ReqWithGPG(X509_REQ *req, long days) = 0; +virtual bool AuthX509WithGPG(X509 *x509) = 0; + + +virtual int VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx) = 0; +virtual bool ValidateCertificate(X509 *x509, std::string &peerId) = 0; /* validate + get id */ + + public: /* SSL specific functions used in pqissl/pqissllistener */ +virtual SSL_CTX *getCTX() = 0; + +/* Restored these functions: */ +virtual bool FailedCertificate(X509 *x509, bool incoming) = 0; /* store for discovery */ +virtual bool CheckCertificate(std::string peerId, X509 *x509) = 0; /* check that they are exact match */ +}; + + +class AuthSSLimpl : public AuthSSL, public p3Config { public: /* Initialisation Functions (Unique) */ - AuthSSL(); + AuthSSLimpl(); bool validateOwnCertificate(X509 *x509, EVP_PKEY *pkey); virtual bool active(); @@ -121,27 +190,27 @@ virtual std::string getOwnLocation(); virtual std::string SaveOwnCertificateToString(); /* Sign / Encrypt / Verify Data */ -bool SignData(std::string input, std::string &sign); -bool SignData(const void *data, const uint32_t len, std::string &sign); +virtual bool SignData(std::string input, std::string &sign); +virtual bool SignData(const void *data, const uint32_t len, std::string &sign); -bool SignDataBin(std::string, unsigned char*, unsigned int*); -bool SignDataBin(const void*, uint32_t, unsigned char*, unsigned int*); -bool VerifyOwnSignBin(const void*, uint32_t, unsigned char*, unsigned int); -bool VerifySignBin(const void *data, const uint32_t len, +virtual bool SignDataBin(std::string, unsigned char*, unsigned int*); +virtual bool SignDataBin(const void*, uint32_t, unsigned char*, unsigned int*); +virtual bool VerifyOwnSignBin(const void*, uint32_t, unsigned char*, unsigned int); +virtual bool VerifySignBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int signlen, SSL_id sslId); // return : false if encrypt failed -bool encrypt(void *&out, int &outlen, const void *in, int inlen, std::string peerId); +virtual bool encrypt(void *&out, int &outlen, const void *in, int inlen, std::string peerId); // return : false if decrypt fails -bool decrypt(void *&out, int &outlen, const void *in, int inlen); +virtual bool decrypt(void *&out, int &outlen, const void *in, int inlen); -X509* SignX509ReqWithGPG(X509_REQ *req, long days); -bool AuthX509WithGPG(X509 *x509); +virtual X509* SignX509ReqWithGPG(X509_REQ *req, long days); +virtual bool AuthX509WithGPG(X509 *x509); -int VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx); -bool ValidateCertificate(X509 *x509, std::string &peerId); /* validate + get id */ +virtual int VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx); +virtual bool ValidateCertificate(X509 *x509, std::string &peerId); /* validate + get id */ /*****************************************************************/ @@ -153,14 +222,12 @@ bool ValidateCertificate(X509 *x509, std::string &peerId); /* validate + get id /*****************************************************************/ public: /* SSL specific functions used in pqissl/pqissllistener */ -SSL_CTX *getCTX(); +virtual SSL_CTX *getCTX(); /* Restored these functions: */ -bool FailedCertificate(X509 *x509, bool incoming); /* store for discovery */ -bool CheckCertificate(std::string peerId, X509 *x509); /* check that they are exact match */ +virtual bool FailedCertificate(X509 *x509, bool incoming); /* store for discovery */ +virtual bool CheckCertificate(std::string peerId, X509 *x509); /* check that they are exact match */ - static AuthSSL *getAuthSSL() throw() // pour obtenir l'instance - { return instance_ssl; } private: diff --git a/libretroshare/src/pqi/authssltest.cc b/libretroshare/src/pqi/authssltest.cc new file mode 100644 index 000000000..a4a3d6a5e --- /dev/null +++ b/libretroshare/src/pqi/authssltest.cc @@ -0,0 +1,223 @@ +/* + * libretroshare/src/pqi: authssltest.cc + * + * 3P/PQI network interface for RetroShare. + * + * Copyright 2004-2008 by Robert Fernie. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License Version 2 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 + * USA. + * + * Please report all bugs and problems to "retroshare@lunamutt.com". + * + */ + +#include "pqi/authssltest.h" + +AuthSSLtest::AuthSSLtest() +{ + mOwnId = "abcdtestid12345678"; +} + + + /* Initialisation Functions (Unique) */ +bool AuthSSLtest::validateOwnCertificate(X509 *x509, EVP_PKEY *pkey) +{ + std::cerr << "AuthSSLtest::validateOwnCertificate()"; + std::cerr << std::endl; + return false; +} + + +bool AuthSSLtest::active() +{ + std::cerr << "AuthSSLtest::active()"; + std::cerr << std::endl; + return true; +} + +int AuthSSLtest::InitAuth(const char *srvr_cert, const char *priv_key, + const char *passwd) +{ + std::cerr << "AuthSSLtest::InitAuth()"; + std::cerr << std::endl; + return 1; +} + +bool AuthSSLtest::CloseAuth() +{ + std::cerr << "AuthSSLtest::AuthSSLtest::CloseAuth()"; + std::cerr << std::endl; + return 1; +} + + + /*********** Overloaded Functions from p3AuthMgr **********/ + + /* get Certificate Id */ +std::string AuthSSLtest::OwnId() +{ + std::cerr << "AuthSSLtest::OwnId"; + std::cerr << std::endl; + return mOwnId; +} + +std::string AuthSSLtest::getOwnLocation() +{ + std::cerr << "AuthSSLtest::getOwnLocation"; + std::cerr << std::endl; + return "TestVersion"; +} + +//bool getAllList(std::list &ids); +//bool getAuthenticatedList(std::list &ids); +//bool getUnknownList(std::list &ids); +//bool getSSLChildListOfGPGId(std::string gpg_id, std::list &ids); + + /* get Details from the Certificates */ +//bool isAuthenticated(std::string id); +//virtual std::string getName(std::string id); +//std::string getIssuerName(std::string id); +//std::string getGPGId(SSL_id id); +//bool getCertDetails(std::string id, sslcert &cert); + + /* Load/Save certificates */ +std::string AuthSSLtest::SaveOwnCertificateToString() +{ + std::cerr << "AuthSSLtest::SaveOwnCertificateToString()"; + std::cerr << std::endl; + return std::string(); +} + + + /* Sign / Encrypt / Verify Data */ +bool AuthSSLtest::SignData(std::string input, std::string &sign) +{ + std::cerr << "AuthSSLtest::SignData()"; + std::cerr << std::endl; + return false; +} + +bool AuthSSLtest::SignData(const void *data, const uint32_t len, std::string &sign) +{ + std::cerr << "AuthSSLtest::SignData()"; + std::cerr << std::endl; + return false; +} + + +bool AuthSSLtest::SignDataBin(std::string, unsigned char*, unsigned int*) +{ + std::cerr << "AuthSSLtest::SignDataBin()"; + std::cerr << std::endl; + return false; +} + +bool AuthSSLtest::SignDataBin(const void*, uint32_t, unsigned char*, unsigned int*) +{ + std::cerr << "AuthSSLtest::SignDataBin()"; + std::cerr << std::endl; + return false; +} + +bool AuthSSLtest::VerifyOwnSignBin(const void*, uint32_t, unsigned char*, unsigned int) +{ + std::cerr << "AuthSSLtest::VerifyOwnSignBin()"; + std::cerr << std::endl; + return false; +} + +bool AuthSSLtest::VerifySignBin(const void *data, const uint32_t len, + unsigned char *sign, unsigned int signlen, SSL_id sslId) +{ + std::cerr << "AuthSSLtest::VerifySignBin()"; + std::cerr << std::endl; + return false; +} + + + +// return : false if encrypt failed +bool AuthSSLtest::encrypt(void *&out, int &outlen, const void *in, int inlen, std::string peerId) +{ + std::cerr << "AuthSSLtest::encrypt()"; + std::cerr << std::endl; + return false; +} + +// return : false if decrypt fails +bool AuthSSLtest::decrypt(void *&out, int &outlen, const void *in, int inlen) +{ + std::cerr << "AuthSSLtest::decrypt()"; + std::cerr << std::endl; + return false; +} + + + +X509* AuthSSLtest::SignX509ReqWithGPG(X509_REQ *req, long days) +{ + std::cerr << "AuthSSLtest::SignX509ReqWithGPG"; + std::cerr << std::endl; + return NULL; +} + +bool AuthSSLtest::AuthX509WithGPG(X509 *x509) +{ + std::cerr << "AuthSSLtest::AuthX509WithGPG()"; + std::cerr << std::endl; + return false; +} + + + +int AuthSSLtest::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx) +{ + std::cerr << "AuthSSLtest::VerifyX509Callback()"; + std::cerr << std::endl; + return 0; +} + +bool AuthSSLtest::ValidateCertificate(X509 *x509, std::string &peerId) +{ + std::cerr << "AuthSSLtest::ValidateCertificate()"; + std::cerr << std::endl; + return false; +} + + + +SSL_CTX *AuthSSLtest::getCTX() +{ + std::cerr << "AuthSSLtest::getCTX()"; + std::cerr << std::endl; + return NULL; +} + + +/* Restored these functions: */ +bool AuthSSLtest::FailedCertificate(X509 *x509, bool incoming) +{ + std::cerr << "AuthSSLtest::FailedCertificate()"; + std::cerr << std::endl; + return false; +} + +bool AuthSSLtest::CheckCertificate(std::string peerId, X509 *x509) +{ + std::cerr << "AuthSSLtest::CheckCertificate()"; + std::cerr << std::endl; + return false; +} + diff --git a/libretroshare/src/pqi/authssltest.h b/libretroshare/src/pqi/authssltest.h new file mode 100644 index 000000000..b395babe1 --- /dev/null +++ b/libretroshare/src/pqi/authssltest.h @@ -0,0 +1,101 @@ +/* + * libretroshare/src/pqi: authssltest.h + * + * 3P/PQI network interface for RetroShare. + * + * Copyright 2009-2010 by Robert Fernie. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License Version 2 as published by the Free Software Foundation. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 + * USA. + * + * Please report all bugs and problems to "retroshare@lunamutt.com". + * + */ + +#ifndef MRK_AUTH_SSL_TEST_HEADER +#define MRK_AUTH_SSL_TEST_HEADER + +#include "pqi/authssl.h" + +void setAuthSSL(AuthSSL *newssl); + +class AuthSSLtest: public AuthSSL +{ + public: + + AuthSSLtest(); + /* Initialisation Functions (Unique) */ +virtual bool validateOwnCertificate(X509 *x509, EVP_PKEY *pkey); + +virtual bool active(); +virtual int InitAuth(const char *srvr_cert, const char *priv_key, + const char *passwd); +virtual bool CloseAuth(); + + /*********** Overloaded Functions from p3AuthMgr **********/ + + /* get Certificate Id */ +virtual std::string OwnId(); +virtual std::string getOwnLocation(); +//virtual bool getAllList(std::list &ids); +//virtual bool getAuthenticatedList(std::list &ids); +//virtual bool getUnknownList(std::list &ids); +//virtual bool getSSLChildListOfGPGId(std::string gpg_id, std::list &ids); + + /* get Details from the Certificates */ +//virtual bool isAuthenticated(std::string id); +//virtual std::string getName(std::string id); +//virtual std::string getIssuerName(std::string id); +//virtual std::string getGPGId(SSL_id id); +//virtual bool getCertDetails(std::string id, sslcert &cert); + + /* Load/Save certificates */ +virtual std::string SaveOwnCertificateToString(); + + /* Sign / Encrypt / Verify Data */ +virtual bool SignData(std::string input, std::string &sign); +virtual bool SignData(const void *data, const uint32_t len, std::string &sign); + +virtual bool SignDataBin(std::string, unsigned char*, unsigned int*); +virtual bool SignDataBin(const void*, uint32_t, unsigned char*, unsigned int*); +virtual bool VerifyOwnSignBin(const void*, uint32_t, unsigned char*, unsigned int); +virtual bool VerifySignBin(const void *data, const uint32_t len, + unsigned char *sign, unsigned int signlen, SSL_id sslId); + +// return : false if encrypt failed +virtual bool encrypt(void *&out, int &outlen, const void *in, int inlen, std::string peerId); +// return : false if decrypt fails +virtual bool decrypt(void *&out, int &outlen, const void *in, int inlen); + + +virtual X509* SignX509ReqWithGPG(X509_REQ *req, long days); +virtual bool AuthX509WithGPG(X509 *x509); + + +virtual int VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx); +virtual bool ValidateCertificate(X509 *x509, std::string &peerId); /* validate + get id */ + + public: /* SSL specific functions used in pqissl/pqissllistener */ +virtual SSL_CTX *getCTX(); + +/* Restored these functions: */ +virtual bool FailedCertificate(X509 *x509, bool incoming); /* store for discovery */ +virtual bool CheckCertificate(std::string peerId, X509 *x509); /* check that they are exact match */ + + private: + + std::string mOwnId; +}; + +#endif // MRK_AUTH_SSL_TEST_HEADER diff --git a/libretroshare/src/pqi/p3connmgr.cc b/libretroshare/src/pqi/p3connmgr.cc index 4956d2ee2..04bfdda76 100644 --- a/libretroshare/src/pqi/p3connmgr.cc +++ b/libretroshare/src/pqi/p3connmgr.cc @@ -23,6 +23,7 @@ * */ +#include "pqi/authssl.h" #include "pqi/p3connmgr.h" #include "pqi/p3dhtmgr.h" // Only need it for constants. #include "tcponudp/tou.h" @@ -42,13 +43,14 @@ const int p3connectzone = 3431; /* Network setup States */ -const uint32_t RS_NET_NEED_RESET = 0x0000; +const uint32_t RS_NET_NEEDS_RESET = 0x0000; const uint32_t RS_NET_UNKNOWN = 0x0001; const uint32_t RS_NET_UPNP_INIT = 0x0002; -const uint32_t RS_NET_UPNP_SETUP = 0x0004; +const uint32_t RS_NET_UPNP_SETUP = 0x0003; +const uint32_t RS_NET_EXT_SETUP = 0x0004; const uint32_t RS_NET_DONE = 0x0005; const uint32_t RS_NET_LOOPBACK = 0x0006; -const uint32_t RS_NET_MODE_DOWN = 0x0007; +const uint32_t RS_NET_DOWN = 0x0007; /* Stun modes (TODO) */ const uint32_t RS_STUN_DHT = 0x0001; @@ -57,6 +59,7 @@ const uint32_t RS_STUN_LIST_MIN = 100; const uint32_t RS_STUN_FOUND_MIN = 10; const uint32_t MAX_UPNP_INIT = 60; /* seconds UPnP timeout */ +const uint32_t MAX_UPNP_COMPLETE = 600; /* 10 min... seems to take a while */ const uint32_t MAX_NETWORK_INIT = 70; /* timeout before network reset */ const uint32_t MIN_TIME_BETWEEN_NET_RESET = 5; @@ -68,7 +71,10 @@ const uint32_t PEER_IP_CONNECT_STATE_MAX_LIST_SIZE = 4; * #define CONN_DEBUG_RESET 1 * #define CONN_DEBUG_TICK 1 ***/ + +#define CONN_DEBUG 1 #define CONN_DEBUG_RESET 1 +#define CONN_DEBUG_TICK 1 /**** * #define P3CONNMGR_NO_TCP_CONNECTIONS 1 @@ -79,12 +85,16 @@ const uint32_t PEER_IP_CONNECT_STATE_MAX_LIST_SIZE = 4; const uint32_t P3CONNMGR_TCP_DEFAULT_DELAY = 3; /* 2 Seconds? is it be enough! */ const uint32_t P3CONNMGR_UDP_DEFAULT_DELAY = 3; /* 2 Seconds? is it be enough! */ -const uint32_t P3CONNMGR_UDP_DEFAULT_PERIOD = 40; //a random timeout is set between P3CONNMGR_UDP_DEFAULT_PERIOD and 2 * P3CONNMGR_UDP_DEFAULT_PERIOD in the implementation + +const uint32_t P3CONNMGR_TCP_DEFAULT_PERIOD = 10; +const uint32_t P3CONNMGR_UDP_DEFAULT_PERIOD = 40; #define MAX_AVAIL_PERIOD 230 //times a peer stay in available state when not connected #define MIN_RETRY_PERIOD 140 -void printConnectState(peerConnectState &peer); +#define MAX_RANDOM_ATTEMPT_OFFSET 6 // seconds. + +void printConnectState(std::ostream &out, peerConnectState &peer); peerConnectAddress::peerConnectAddress() :delay(0), period(0), type(0), ts(0) @@ -96,8 +106,6 @@ peerConnectAddress::peerConnectAddress() peerAddrInfo::peerAddrInfo() :found(false), type(0), ts(0) { - sockaddr_clear(&laddr); - sockaddr_clear(&raddr); } peerConnectState::peerConnectState() @@ -107,7 +115,7 @@ peerConnectState::peerConnectState() lastcontact(0), connecttype(0), lastavailable(0), - lastattempt(time(NULL) - MIN_RETRY_PERIOD + MIN_TIME_BETWEEN_NET_RESET + 6 + rand() % 6), //start connection few seconds after the possible next one net reset + lastattempt(0), name(""), location(""), state(0), actions(0), source(0), @@ -135,48 +143,78 @@ std::string textPeerConnectState(peerConnectState &state) } +pqiNetStatus::pqiNetStatus() + :mLocalAddrOk(false), mExtAddrOk(false), mExtAddrStableOk(false), + mUpnpOk(false), mDhtOk(false), mResetReq(false) +{ + sockaddr_clear(&mLocalAddr); + sockaddr_clear(&mExtAddr); + return; +} + + + +void pqiNetStatus::print(std::ostream &out) +{ + out << "pqiNetStatus: "; + out << "mLocalAddrOk: " << mLocalAddrOk; + out << " mExtAddrOk: " << mExtAddrOk; + out << " mExtAddrStableOk: " << mExtAddrStableOk; + out << std::endl; + out << " mUpnpOk: " << mUpnpOk; + out << " mDhtOk: " << mDhtOk; + out << " mResetReq: " << mResetReq; + out << std::endl; + out << "mLocalAddr: " << inet_ntoa(mLocalAddr.sin_addr) << ":" << ntohs(mLocalAddr.sin_port) << " "; + out << "mExtAddr: " << inet_ntoa(mExtAddr.sin_addr) << ":" << ntohs(mExtAddr.sin_port) << " "; + out << " NetOk: " << NetOk(); + out << std::endl; +} + p3ConnectMgr::p3ConnectMgr() :p3Config(CONFIG_TYPE_PEERS), mNetStatus(RS_NET_UNKNOWN), - mStunStatus(0), mStunFound(0), mStunMoreRequired(true), mStatusChanged(false) { - /* setup basics of own state */ - ownState.id = AuthSSL::getAuthSSL()->OwnId(); - ownState.gpg_id = AuthGPG::getAuthGPG()->getGPGOwnId(); - ownState.name = AuthGPG::getAuthGPG()->getGPGOwnName(); - ownState.location = AuthSSL::getAuthSSL()->getOwnLocation(); - ownState.netMode = RS_NET_MODE_UDP; - ownState.netMode |= RS_NET_MODE_TRY_UPNP; - //use_extr_addr_finder = true ; - use_extr_addr_finder = false; - allow_tunnel_connection = true; - mExtAddrFinder = new ExtAddrFinder; - mNetInitTS = 0; - retry_period = MIN_RETRY_PERIOD; - - netFlagLocalOk = false; - netFlagUpnpOk = false; - netFlagDhtOk = false; - netFlagStunOk = false; - netFlagExtraAddressCheckOk = false; - - oldnetFlagLocalOk = false; - oldnetFlagUpnpOk = false; - oldnetFlagDhtOk = false; - oldnetFlagStunOk = false; - oldnetFlagExtraAddressCheckOk = false; + { + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + /* setup basics of own state */ + mOwnState.id = AuthSSL::getAuthSSL()->OwnId(); + mOwnState.gpg_id = AuthGPG::getAuthGPG()->getGPGOwnId(); + mOwnState.name = AuthGPG::getAuthGPG()->getGPGOwnName(); + mOwnState.location = AuthSSL::getAuthSSL()->getOwnLocation(); + mOwnState.netMode = RS_NET_MODE_UDP; + // user decided. + //mOwnState.netMode |= RS_NET_MODE_TRY_UPNP; + + mUseExtAddrFinder = false; + mAllowTunnelConnection = false; + mExtAddrFinder = new ExtAddrFinder; + mNetInitTS = 0; + mRetryPeriod = MIN_RETRY_PERIOD; + + mNetFlags = pqiNetStatus(); + mOldNetFlags = pqiNetStatus(); + } + #ifdef CONN_DEBUG_RESET std::cerr << "p3ConnectMgr() Calling NetReset" << std::endl; #endif + netReset(); return; } +bool p3ConnectMgr::getIPServersEnabled() +{ + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + return mUseExtAddrFinder; +} + void p3ConnectMgr::getIPServersList(std::list& ip_servers) { mExtAddrFinder->getIPServersList(ip_servers); @@ -184,63 +222,89 @@ void p3ConnectMgr::getIPServersList(std::list& ip_servers) void p3ConnectMgr::setIPServersEnabled(bool b) { - use_extr_addr_finder = b ; + bool changed = false; + { + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + if (mUseExtAddrFinder != b) + changed = true; + mUseExtAddrFinder = b; + } - IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ + if (changed) + { + IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ + } std::cerr << "p3ConnectMgr: setIPServers to " << b << std::endl ; } void p3ConnectMgr::setTunnelConnection(bool b) { - allow_tunnel_connection = b ; + bool changed = false; + { + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ + if (mAllowTunnelConnection != b) + changed = true; + + mAllowTunnelConnection = b; + } + + if (changed) + { + IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ + } +} + +bool p3ConnectMgr::getTunnelConnection() +{ + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + return mAllowTunnelConnection; } void p3ConnectMgr::setOwnNetConfig(uint32_t netMode, uint32_t visState) { + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ /* only change TRY flags */ #ifdef CONN_DEBUG std::cerr << "p3ConnectMgr::setOwnNetConfig()" << std::endl; - std::cerr << "Existing netMode: " << ownState.netMode << " vis: " << ownState.visState; + std::cerr << "Existing netMode: " << mOwnState.netMode << " vis: " << mOwnState.visState; std::cerr << std::endl; std::cerr << "Input netMode: " << netMode << " vis: " << visState; std::cerr << std::endl; #endif - ownState.netMode &= ~(RS_NET_MODE_TRYMODE); + mOwnState.netMode &= ~(RS_NET_MODE_TRYMODE); #ifdef CONN_DEBUG - std::cerr << "After Clear netMode: " << ownState.netMode << " vis: " << ownState.visState; + std::cerr << "After Clear netMode: " << mOwnState.netMode << " vis: " << mOwnState.visState; std::cerr << std::endl; #endif switch(netMode & RS_NET_MODE_ACTUAL) { case RS_NET_MODE_EXT: - ownState.netMode |= RS_NET_MODE_TRY_EXT; + mOwnState.netMode |= RS_NET_MODE_TRY_EXT; break; case RS_NET_MODE_UPNP: - ownState.netMode |= RS_NET_MODE_TRY_UPNP; + mOwnState.netMode |= RS_NET_MODE_TRY_UPNP; break; default: case RS_NET_MODE_UDP: - ownState.netMode |= RS_NET_MODE_TRY_UDP; + mOwnState.netMode |= RS_NET_MODE_TRY_UDP; break; } - ownState.visState = visState; + mOwnState.visState = visState; #ifdef CONN_DEBUG - std::cerr << "Final netMode: " << ownState.netMode << " vis: " << ownState.visState; + std::cerr << "Final netMode: " << mOwnState.netMode << " vis: " << mOwnState.visState; std::cerr << std::endl; #endif /* if we've started up - then tweak Dht On/Off */ if (mNetStatus != RS_NET_UNKNOWN) { - //enableNetAssistConnect(!(ownState.visState & RS_VIS_STATE_NODHT)); - //DHT disabled + enableNetAssistConnect(!(mOwnState.visState & RS_VIS_STATE_NODHT)); } IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ @@ -313,20 +377,23 @@ void p3ConnectMgr::setOwnNetConfig(uint32_t netMode, uint32_t visState) void p3ConnectMgr::netReset() { //don't do a net reset if the MIN_TIME_BETWEEN_NET_RESET is not reached - time_t delta = time(NULL) - mNetInitTS; - #ifdef CONN_DEBUG_RESET - std::cerr << "p3ConnectMgr time since last reset : " << delta << std::endl; - #endif - if (delta < (time_t)MIN_TIME_BETWEEN_NET_RESET) { - { - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - mNetStatus = RS_NET_NEED_RESET; - } - #ifdef CONN_DEBUG_RESET - std::cerr << "p3ConnectMgr::netStartup() don't do a net reset if the MIN_TIME_BETWEEN_NET_RESET is not reached" << std::endl; - #endif - return; +#if 0 + { + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + time_t delta = time(NULL) - mNetInitTS; + #ifdef CONN_DEBUG_RESET + std::cerr << "p3ConnectMgr time since last reset : " << delta << std::endl; + #endif + if (delta < (time_t)MIN_TIME_BETWEEN_NET_RESET) + { + mNetStatus = RS_NET_NEEDS_RESET; + #ifdef CONN_DEBUG_RESET + std::cerr << "p3ConnectMgr::netStartup() don't do a net reset if the MIN_TIME_BETWEEN_NET_RESET is not reached" << std::endl; + #endif + return; + } } +#endif #ifdef CONN_DEBUG_RESET std::cerr << "p3ConnectMgr::netReset() shutdown" << std::endl; @@ -334,25 +401,47 @@ void p3ConnectMgr::netReset() shutdown(); /* blocking shutdown call */ - #ifdef CONN_DEBUG_RESET - std::cerr << "p3ConnectMgr::netReset() restarting AddrFinder" << std::endl; - #endif // Will initiate a new call for determining the external ip. - mExtAddrFinder->reset() ; + if (mUseExtAddrFinder) + { +#ifdef CONN_DEBUG_RESET + std::cerr << "p3ConnectMgr::netReset() restarting AddrFinder" << std::endl; + #endif + mExtAddrFinder->reset() ; + } #ifdef CONN_DEBUG_RESET std::cerr << "p3ConnectMgr::netReset() resetting NetStatus" << std::endl; #endif + /* reset udp network - handled by tou_init! */ + /* reset tcp network - if necessary */ + { + /* NOTE: nNetListeners should be protected via the Mutex. + * HOWEVER, as we NEVER change this list - once its setup + * we can get away without it - and assume its constant. + * + * NB: (*it)->reset_listener must be out of the mutex, + * as it calls back to p3ConnMgr. + */ + + std::cerr << "p3ConnectMgr::netReset() resetting listeners" << std::endl; + std::list::const_iterator it; + for(it = mNetListeners.begin(); it != mNetListeners.end(); it++) + { + std::cerr << "p3ConnectMgr::netReset() reset listener" << std::endl; + (*it)->reset_listener(); + } + } { RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ mNetStatus = RS_NET_UNKNOWN; - netStatusReset(); + netStatusReset_locked(); } - /* check Network Address */ - checkNetAddress(); + /* check Network Address. This happens later */ + //checkNetAddress(); #ifdef CONN_DEBUG_RESET std::cerr << "p3ConnectMgr::netReset() done" << std::endl; @@ -362,55 +451,21 @@ void p3ConnectMgr::netReset() /* to allow resets of network stuff */ void p3ConnectMgr::addNetListener(pqiNetListener *listener) { - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - mNetListeners.push_back(listener); + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + mNetListeners.push_back(listener); } -void p3ConnectMgr::startListeners() { - /* NOTE: nNetListeners should be protected via the Mutex. - * HOWEVER, as we NEVER change this list - once its setup - * we can get away without it - and assume its constant. - * - * NB: (*it)->reset_listener must be out of the mutex, - * as it calls back to p3ConnMgr. - */ - #ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::netReset() resetting listeners" << std::endl; - #endif - std::list::const_iterator it; - for(it = mNetListeners.begin(); it != mNetListeners.end(); it++) - { - #ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::netReset() reset listener" << std::endl; - #endif - (*it)->reset_listener(); - } - mListenerActive = true; -} -void p3ConnectMgr::stopListeners() { - //TODO implement it - mListenerActive = false; -} -void p3ConnectMgr::netStatusReset() + +void p3ConnectMgr::netStatusReset_locked() { //std::cerr << "p3ConnectMgr::netStatusReset()" << std::endl;; - netFlagExtraAddressCheckOk = false; - netFlagLocalOk = false; - netFlagUpnpOk = false; - netFlagDhtOk = false; - netFlagStunOk = false; - for(std::map::iterator it = mFriendList.begin(); it != mFriendList.end(); it++) - { - it->second.state &= ~RS_PEER_S_CONNECTED ; - // forces immediate re-connexion in 6 seconds, don't start all connection immediately - it->second.lastattempt = time(NULL) - retry_period + 6 + rand() % 6; - } - - IndicateConfigChanged(); + mNetFlags = pqiNetStatus(); + //oldNetFlags = pqiNetStatus(); + //IndicateConfigChanged(); } void p3ConnectMgr::netStartup() @@ -420,48 +475,62 @@ void p3ConnectMgr::netStartup() /* StunInit gets a list of peers, and asks the DHT to find them... * This is needed for all systems so startup straight away */ -#ifdef CONN_DEBUG +#ifdef CONN_DEBUG_RESET std::cerr << "p3ConnectMgr::netStartup()" << std::endl; #endif - //netDhtInit(); //DHT disabled + netDhtInit(); netUdpInit(); - netStunInit(); /* decide which net setup mode we're going into */ + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - netStatusReset(); mNetInitTS = time(NULL); -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::netStartup() resetting mNetInitTS timestamp" << std::endl; - std::cerr << "p3ConnectMgr::netStartup() tou_stunkeepalive() enabled" << std::endl; + netStatusReset_locked(); +#ifdef CONN_DEBUG_RESET + std::cerr << "p3ConnectMgr::netStartup() resetting mNetInitTS / Status" << std::endl; #endif - tou_stunkeepalive(1); - mStunMoreRequired = true; + mOwnState.netMode &= ~(RS_NET_MODE_ACTUAL); - ownState.netMode &= ~(RS_NET_MODE_ACTUAL); - - switch(ownState.netMode & RS_NET_MODE_TRYMODE) + switch(mOwnState.netMode & RS_NET_MODE_TRYMODE) { case RS_NET_MODE_TRY_EXT: /* v similar to UDP */ - ownState.netMode |= RS_NET_MODE_EXT; - mNetStatus = RS_NET_DONE; +#ifdef CONN_DEBUG_RESET + std::cerr << "p3ConnectMgr::netStartup() TRY_EXT mode"; + std::cerr << std::endl; +#endif + mOwnState.netMode |= RS_NET_MODE_EXT; + mNetStatus = RS_NET_EXT_SETUP; break; case RS_NET_MODE_TRY_UDP: - ownState.netMode |= RS_NET_MODE_UDP; - mNetStatus = RS_NET_DONE; +#ifdef CONN_DEBUG_RESET + std::cerr << "p3ConnectMgr::netStartup() TRY_UDP mode"; + std::cerr << std::endl; +#endif + mOwnState.netMode |= RS_NET_MODE_UDP; + mNetStatus = RS_NET_EXT_SETUP; break; + default: // Fall through. + +#ifdef CONN_DEBUG_RESET + std::cerr << "p3ConnectMgr::netStartup() UNKNOWN mode"; + std::cerr << std::endl; +#endif + case RS_NET_MODE_TRY_UPNP: - default: +#ifdef CONN_DEBUG_RESET + std::cerr << "p3ConnectMgr::netStartup() TRY_UPNP mode"; + std::cerr << std::endl; +#endif /* Force it here (could be default!) */ - ownState.netMode |= RS_NET_MODE_TRY_UPNP; - ownState.netMode |= RS_NET_MODE_UDP; /* set to UDP, upgraded is UPnP is Okay */ + mOwnState.netMode |= RS_NET_MODE_TRY_UPNP; + mOwnState.netMode |= RS_NET_MODE_UDP; /* set to UDP, upgraded is UPnP is Okay */ mNetStatus = RS_NET_UPNP_INIT; break; } @@ -482,11 +551,10 @@ bool p3ConnectMgr::shutdown() /* blocking shutdown call */ RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ mNetStatus = RS_NET_UNKNOWN; mNetInitTS = time(NULL); - netStatusReset(); + netStatusReset_locked(); } netAssistFirewallShutdown(); netAssistConnectShutdown(); - stopListeners(); //not implemented yet return true; } @@ -505,29 +573,17 @@ void p3ConnectMgr::statusTick() #endif std::list retryIds; std::list::iterator it2; - std::list dummyToRemove; - - time_t now = time(NULL); - time_t oldavail = now - MAX_AVAIL_PERIOD; - time_t retry = now - retry_period; + //std::list dummyToRemove; { + time_t now = time(NULL); + time_t oldavail = now - MAX_AVAIL_PERIOD; + time_t retry = now - mRetryPeriod; + RsStackMutex stack(connMtx); /****** LOCK MUTEX ******/ std::map::iterator it; for(it = mFriendList.begin(); it != mFriendList.end(); it++) { - if (it->second.id == ("dummy" + it->second.gpg_id)) { - //if there is other friends for the same gpg key (that obviously are not "dummy"), we will remove this useless dummy friend - std::map::iterator it2; - for(it2 = mFriendList.begin(); it2 != mFriendList.end(); it2++) { - if ((it->second.id != it2->second.id) && (it->second.gpg_id == it2->second.gpg_id)) { - dummyToRemove.push_back(it->first); - break; - } - } - continue; - } - if (it->second.state & RS_PEER_S_CONNECTED) { continue; @@ -551,10 +607,6 @@ void p3ConnectMgr::statusTick() } } - for (std::list::iterator dummyIt = dummyToRemove.begin(); dummyIt != dummyToRemove.end(); dummyIt++) { - removeFriend(*dummyIt); - } - #ifndef P3CONNMGR_NO_AUTO_CONNECTION for(it2 = retryIds.begin(); it2 != retryIds.end(); it2++) @@ -565,7 +617,7 @@ void p3ConnectMgr::statusTick() std::cerr << std::endl; #endif /* retry it! */ - retryConnectTCP(*it2); + retryConnect(*it2); } #endif @@ -593,21 +645,16 @@ void p3ConnectMgr::netTick() connMtx.unlock(); /* UNLOCK MUTEX */ /* start tcp network - if necessary */ - //TODO : implement stop listeners in net reset - if (!mListenerActive && netStatus != RS_NET_NEED_RESET && (time(NULL) - mNetInitTS) > (time_t)(MIN_TIME_BETWEEN_NET_RESET + 2)) {//start connection 2 second after the possible next one net reset - startListeners(); - } - switch(netStatus) { - case RS_NET_NEED_RESET: + case RS_NET_NEEDS_RESET: #ifdef CONN_DEBUG_TICK - std::cerr << "p3ConnectMgr::netTick() STATUS: NEED_RESET" << std::endl; + std::cerr << "p3ConnectMgr::netTick() STATUS: NEEDS_RESET" << std::endl; #endif #ifdef CONN_DEBUG_RESET - std::cerr << "p3ConnectMgr::netTick() STATUS: NEED_RESET" << std::endl; + std::cerr << "p3ConnectMgr::netTick() STATUS: NEEDS_RESET" << std::endl; #endif netReset(); break; @@ -623,7 +670,6 @@ void p3ConnectMgr::netTick() #ifdef CONN_DEBUG_TICK std::cerr << "p3ConnectMgr::netTick() STATUS: UPNP_INIT" << std::endl; #endif - netExtFinderAddressCheck(); netUpnpInit(); break; @@ -634,9 +680,18 @@ void p3ConnectMgr::netTick() netUpnpCheck(); break; + + case RS_NET_EXT_SETUP: +#ifdef CONN_DEBUG_TICK + std::cerr << "p3ConnectMgr::netTick() STATUS: EXT_SETUP" << std::endl; +#endif + netExtCheck(); + //netDhtInit(); + break; + case RS_NET_DONE: #ifdef CONN_DEBUG_TICK - //std::cerr << "p3ConnectMgr::netTick() STATUS: DONE" << std::endl; + std::cerr << "p3ConnectMgr::netTick() STATUS: DONE" << std::endl; #endif break; @@ -662,7 +717,7 @@ void p3ConnectMgr::netUdpInit() #endif connMtx.lock(); /* LOCK MUTEX */ - struct sockaddr_in iaddr = ownState.currentlocaladdr; + struct sockaddr_in iaddr = mOwnState.currentlocaladdr; connMtx.unlock(); /* UNLOCK MUTEX */ @@ -678,12 +733,11 @@ void p3ConnectMgr::netDhtInit() #endif connMtx.lock(); /* LOCK MUTEX */ - //uint32_t vs = ownState.visState; + uint32_t vs = mOwnState.visState; connMtx.unlock(); /* UNLOCK MUTEX */ - //enableNetAssistConnect(!(vs & RS_VIS_STATE_NODHT)); - //DHT disabled + enableNetAssistConnect(!(vs & RS_VIS_STATE_NODHT)); } @@ -699,8 +753,8 @@ void p3ConnectMgr::netUpnpInit() /* get the ports from the configuration */ mNetStatus = RS_NET_UPNP_SETUP; - iport = ntohs(ownState.currentlocaladdr.sin_port); - eport = ntohs(ownState.currentserveraddr.sin_port); + iport = ntohs(mOwnState.currentlocaladdr.sin_port); + eport = ntohs(mOwnState.currentserveraddr.sin_port); if ((eport < 1000) || (eport > 30000)) { eport = iport; @@ -718,8 +772,9 @@ void p3ConnectMgr::netUpnpCheck() connMtx.lock(); /* LOCK MUTEX */ time_t delta = time(NULL) - mNetInitTS; + #ifdef CONN_DEBUG_TICK - std::cerr << "p3ConnectMgr time since last reset : " << delta << std::endl; + std::cerr << "p3ConnectMgr::netUpnpCheck() age: " << delta << std::endl; #endif connMtx.unlock(); /* UNLOCK MUTEX */ @@ -727,7 +782,8 @@ void p3ConnectMgr::netUpnpCheck() struct sockaddr_in extAddr; int upnpState = netAssistFirewallActive(); - if ((upnpState == 0) && (delta > (time_t)MAX_UPNP_INIT)) + if (((upnpState == 0) && (delta > (time_t)MAX_UPNP_INIT)) || + ((upnpState > 0) && (delta > (time_t)MAX_UPNP_COMPLETE))) { #ifdef CONN_DEBUG_TICK std::cerr << "p3ConnectMgr::netUpnpCheck() "; @@ -737,16 +793,17 @@ void p3ConnectMgr::netUpnpCheck() connMtx.lock(); /* LOCK MUTEX */ /* UPnP Failed us! */ - mNetStatus = RS_NET_DONE; + mNetStatus = RS_NET_EXT_SETUP; + mNetFlags.mUpnpOk = false; connMtx.unlock(); /* UNLOCK MUTEX */ } else if ((upnpState > 0) && netAssistExtAddress(extAddr)) { - #ifdef CONN_DEBUG_TICK +#ifdef CONN_DEBUG_TICK std::cerr << "p3ConnectMgr::netUpnpCheck() "; - std::cerr << "Upnp Check successed." << std::endl; - #endif + std::cerr << "Upnp Check success state: " << upnpState << std::endl; +#endif /* switch to UDP startup */ connMtx.lock(); /* LOCK MUTEX */ @@ -754,17 +811,192 @@ void p3ConnectMgr::netUpnpCheck() * we now have external upnp address. Golden! * don't set netOk flag until have seen some traffic. */ + if (isValidNet(&(extAddr.sin_addr))) + { +#ifdef CONN_DEBUG_TICK + std::cerr << "p3ConnectMgr::netUpnpCheck() "; + std::cerr << "UpnpAddr: " << inet_ntoa(extAddr.sin_addr); + std::cerr << ":" << ntohs(extAddr.sin_port); + std::cerr << std::endl; +#endif + mNetFlags.mUpnpOk = true; + mNetFlags.mExtAddr = extAddr; + mNetFlags.mExtAddrOk = true; + mNetFlags.mExtAddrStableOk = true; - netFlagUpnpOk = true; - - mNetStatus = RS_NET_DONE; - /* Fix netMode & Clear others! */ - ownState.netMode = RS_NET_MODE_TRY_UPNP | RS_NET_MODE_UPNP; - + mNetStatus = RS_NET_EXT_SETUP; + /* Fix netMode & Clear others! */ + mOwnState.netMode = RS_NET_MODE_TRY_UPNP | RS_NET_MODE_UPNP; + } connMtx.unlock(); /* UNLOCK MUTEX */ } + else + { + #ifdef CONN_DEBUG_TICK + std::cerr << "p3ConnectMgr::netUpnpCheck() "; + std::cerr << "Upnp Check Continues: status: " << upnpState << std::endl; + #endif + } + } + +void p3ConnectMgr::netExtCheck() +{ +#ifdef CONN_DEBUG + std::cerr << "p3ConnectMgr::netExtCheck()" << std::endl; +#endif + { + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + bool isStable = false; + struct sockaddr_in tmpip ; + + /* check for External Address */ + /* in order of importance */ + /* (1) UPnP -> which handles itself */ + if (!mNetFlags.mExtAddrOk) + { +#ifdef CONN_DEBUG + std::cerr << "p3ConnectMgr::netExtCheck() Ext Not Ok" << std::endl; +#endif + + /* net Assist */ + if (netAssistExtAddress(tmpip)) + { +#ifdef CONN_DEBUG + std::cerr << "p3ConnectMgr::netExtCheck() Ext supplied from netAssistExternalAddress()" << std::endl; +#endif + if (isValidNet(&(tmpip.sin_addr))) + { + // must be stable??? + isStable = true; + mNetFlags.mExtAddr = tmpip; + mNetFlags.mExtAddrOk = true; + mNetFlags.mExtAddrStableOk = isStable; + } + else + { +#ifdef CONN_DEBUG + std::cerr << "p3ConnectMgr::netExtCheck() Bad Address supplied from netAssistExternalAddress()" << std::endl; +#endif + } + } + + } + + /* otherwise ask ExtAddrFinder */ + if (!mNetFlags.mExtAddrOk) + { + /* ExtAddrFinder */ + if (mUseExtAddrFinder) + { + std::cerr << "p3ConnectMgr::netExtCheck() checking ExtAddrFinder" << std::endl; + bool extFinderOk = mExtAddrFinder->hasValidIP(&(tmpip.sin_addr)); + if (extFinderOk) + { + std::cerr << "p3ConnectMgr::netExtCheck() Ext supplied by ExtAddrFinder" << std::endl; + /* best guess at port */ + tmpip.sin_port = mNetFlags.mLocalAddr.sin_port; +#ifdef CONN_DEBUG_TICK + std::cerr << "p3ConnectMgr::netExtCheck() "; + std::cerr << "ExtAddr: " << inet_ntoa(tmpip.sin_addr); + std::cerr << ":" << ntohs(tmpip.sin_port); + std::cerr << std::endl; +#endif + + mNetFlags.mExtAddr = tmpip; + mNetFlags.mExtAddrOk = true; + mNetFlags.mExtAddrStableOk = isStable; + } + } + } + + /* any other sources ??? */ + + /* finalise address */ + if (mNetFlags.mExtAddrOk) + { + mNetStatus = RS_NET_DONE; + std::cerr << "p3ConnectMgr::netExtCheck() Ext Ok: RS_NET_DONE" << std::endl; +#ifdef CONN_DEBUG_TICK + std::cerr << "p3ConnectMgr::netExtCheck() "; + std::cerr << "ExtAddr: " << inet_ntoa(mNetFlags.mExtAddr.sin_addr); + std::cerr << ":" << ntohs(mNetFlags.mExtAddr.sin_port); + std::cerr << std::endl; +#endif + + if (!mNetFlags.mExtAddrStableOk) + { +#ifdef CONN_DEBUG + std::cerr << "p3ConnectMgr::netUdpCheck() UDP Unstable :( "; + std::cerr << std::endl; + std::cerr << "p3ConnectMgr::netUdpCheck() We are unreachable"; + std::cerr << std::endl; + std::cerr << "netMode => RS_NET_MODE_UNREACHABLE"; + std::cerr << std::endl; +#endif + mOwnState.netMode &= ~(RS_NET_MODE_ACTUAL); + mOwnState.netMode |= RS_NET_MODE_UNREACHABLE; + + /* send a system warning message */ + pqiNotify *notify = getPqiNotify(); + if (notify) + { + std::string title = + "Warning: Bad Firewall Configuration"; + + std::string msg; + msg += " **** WARNING **** \n"; + msg += "Retroshare has detected that you are behind"; + msg += " a restrictive Firewall\n"; + msg += "\n"; + msg += "You cannot connect to other firewalled peers\n"; + msg += "\n"; + msg += "You can fix this by:\n"; + msg += " (1) opening an External Port\n"; + msg += " (2) enabling UPnP, or\n"; + msg += " (3) get a new (approved) Firewall/Router\n"; + + notify->AddSysMessage(0, RS_SYS_WARNING, title, msg); + } + + } + IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ + } + + connMtx.unlock(); /* UNLOCK MUTEX */ + + if (mNetFlags.mExtAddrOk) + { + std::cerr << "p3ConnectMgr::netExtCheck() setting netAssistSetAddress()" << std::endl; + netAssistSetAddress(mNetFlags.mLocalAddr, mNetFlags.mExtAddr, mOwnState.netMode); + } +#if 0 + else + { + std::cerr << "p3ConnectMgr::netExtCheck() setting ERR netAssistSetAddress(0)" << std::endl; + /* mode = 0 for error */ + netAssistSetAddress(mNetFlags.mLocalAddr, mNetFlags.mExtAddr, mOwnState.netMode); + } +#endif + + /* flag unreachables! */ + if ((mNetFlags.mExtAddrOk) && (!mNetFlags.mExtAddrStableOk)) + { + std::cerr << "p3ConnectMgr::netExtCheck() Ext Unstable - Unreachable Check" << std::endl; + netUnreachableCheck(); + } + } +} + + +void p3ConnectMgr::networkConsistencyCheck() +{ + return; +} + +#if 0 + void p3ConnectMgr::networkConsistencyCheck() { time_t delta; @@ -806,11 +1038,7 @@ void p3ConnectMgr::networkConsistencyCheck() RsStackMutex stck(connMtx) ; //storing old flags - oldnetFlagLocalOk = netFlagLocalOk; - oldnetFlagUpnpOk = netFlagUpnpOk; - oldnetFlagDhtOk = netFlagDhtOk; - oldnetFlagStunOk = netFlagStunOk; - oldnetFlagExtraAddressCheckOk = netFlagExtraAddressCheckOk; + mOldNetFlags = mNetFlags; if (!doNetReset) { // Set an external address. if ip adresses are different, let's use the stun address, then @@ -818,30 +1046,30 @@ void p3ConnectMgr::networkConsistencyCheck() // struct sockaddr_in extAddr; - if (!ownState.dyndns.empty () && getIPAddressFromString (ownState.dyndns.c_str (), &extAddr.sin_addr)) + if (!mOwnState.dyndns.empty () && getIPAddressFromString (mOwnState.dyndns.c_str (), &extAddr.sin_addr)) { #ifdef CONN_DEBUG_TICK - std::cerr << "p3ConnectMgr::networkConsistencyCheck() using getIPAddressFromString for ownState.serveraddr." << std::endl; + std::cerr << "p3ConnectMgr::networkConsistencyCheck() using getIPAddressFromString for mOwnState.serveraddr." << std::endl; #endif - extAddr.sin_port = ownState.currentserveraddr.sin_port; - ownState.currentserveraddr = extAddr; + extAddr.sin_port = mOwnState.currentserveraddr.sin_port; + mOwnState.currentserveraddr = extAddr; haveReliableIP = true ; } else if (getExtFinderExtAddress(extAddr)) { netExtFinderAddressCheck(); //so we put the extra address flag ok. #ifdef CONN_DEBUG_TICK - std::cerr << "p3ConnectMgr::networkConsistencyCheck() using getExtFinderExtAddress for ownState.serveraddr." << std::endl; + std::cerr << "p3ConnectMgr::networkConsistencyCheck() using getExtFinderExtAddress for mOwnState.serveraddr." << std::endl; #endif - ownState.currentserveraddr = extAddr; + mOwnState.currentserveraddr = extAddr; haveReliableIP = true ; } else if (getUpnpExtAddress(extAddr)) { #ifdef CONN_DEBUG_TICK - std::cerr << "p3ConnectMgr::networkConsistencyCheck() using getUpnpExtAddress for ownState.serveraddr." << std::endl; + std::cerr << "p3ConnectMgr::networkConsistencyCheck() using getUpnpExtAddress for mOwnState.serveraddr." << std::endl; #endif - ownState.currentserveraddr = extAddr; + mOwnState.currentserveraddr = extAddr; haveReliableIP = true ; } else @@ -849,8 +1077,8 @@ void p3ConnectMgr::networkConsistencyCheck() //try to extract ext address from our own ip address list IpAddressTimed extractedAddress; - if (peerConnectState::extractExtAddress(ownState.getIpAddressList(), extractedAddress)) - ownState.currentserveraddr = extractedAddress.ipAddr; + if (peerConnectState::extractExtAddress(mOwnState.getIpAddressList(), extractedAddress)) + mOwnState.currentserveraddr = extractedAddress.ipAddr; //check if a peer is connected, if yes don't do a net reset bool is_connected = false; @@ -873,12 +1101,13 @@ void p3ConnectMgr::networkConsistencyCheck() if (haveReliableIP) { - //extAddr found,update ip address list - IpAddressTimed ipAddressTimed; - ipAddressTimed.ipAddr = ownState.currentserveraddr; - ipAddressTimed.seenTime = time(NULL); + //extAddr found,update ip address A list + pqiIpAddress addr; + addr.mAddr = mOwnState.currentserveraddr; + addr.mSeenTime = time(NULL); + addr.mSrc = OWN_ADDRESS; - ownState.updateIpAddressList(ipAddressTimed); + mOwnState.ipAddrs.updateExtAddrs(addr); } //let's do a net reset @@ -909,21 +1138,7 @@ void p3ConnectMgr::networkConsistencyCheck() } } -void p3ConnectMgr::netExtFinderAddressCheck() -{ - struct sockaddr_in tmpip; - if (getExtFinderExtAddress(tmpip)) { - #ifdef CONN_DEBUG_TICK - std::cerr << "p3ConnectMgr::netExtraAddressCheck() return true" << std::endl; - #endif - netFlagExtraAddressCheckOk = true; - } else { - #ifdef CONN_DEBUG_TICK - std::cerr << "p3ConnectMgr::netExtraAddressCheck() return false" << std::endl; - #endif - netFlagExtraAddressCheckOk = false; - } -} +#endif void p3ConnectMgr::netUnreachableCheck() { @@ -974,7 +1189,7 @@ void p3ConnectMgr::netUnreachableCheck() std::cerr << "NUC() Peer: " << it->first << std::endl; /* Determine Reachability (only advisory) */ - // if (ownState.netMode == RS_NET_MODE_UNREACHABLE) // MUST BE TRUE! + // if (mOwnState.netMode == RS_NET_MODE_UNREACHABLE) // MUST BE TRUE! { if (details.type & RS_NET_CONN_TCP_EXTERNAL) { @@ -998,279 +1213,6 @@ void p3ConnectMgr::netUnreachableCheck() } -/******************************* UDP MAINTAINANCE ******************************** - * Interaction with the UDP is mainly for determining the External Port. - * - */ - -void p3ConnectMgr::udpStunPeer(std::string id, struct sockaddr_in &addr) -{ -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::udpStunPeer()" << std::endl; -#endif - /* add it into udp stun list */ - tou_stunpeer((struct sockaddr *) &addr, sizeof(addr), id.c_str()); -} - -/********************************** STUN SERVERS *********************************** - * We maintain a list of stun servers. This is initialised with a set of random keys. - * - * This is gradually rolled over with time. We update with friends/friends of friends, - * and the lists that they provide (part of AutoDisc). - * - * max 100 entries? - */ - -void p3ConnectMgr::netStunInit() -{ - stunInit(); -} - -void p3ConnectMgr::stunInit() -{ - - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - - netAssistStun(true); - - /* push stun list to DHT */ - std::list::iterator it; - for(it = mStunList.begin(); it != mStunList.end(); it++) - { - netAssistAddStun(*it); - } - mStunStatus = RS_STUN_DHT; - mStunFound = 0; - mStunMoreRequired = true; -} - -/* This is continually called - * - * checks whether the ext address is consistent - * - * checks if UDP needs more stun peers - or not - * The status is passed onto the DHT. - * - */ -bool p3ConnectMgr::stunCheck() -{ - -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::stunCheck()" << std::endl; -#endif - - /* check udp address stability */ - - bool netDone = false; - - { - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - mStunStatus = RS_STUN_DHT; - netDone = (mNetStatus == RS_NET_DONE); - } - - struct sockaddr_in raddr; - socklen_t rlen = sizeof(raddr); - uint8_t stable; - - if (netDone) - { - if (0 < tou_extaddr((struct sockaddr *) &raddr, &rlen, &stable)) - { - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::stunCheck() mStunExtAddr.sin_addr.s_addr : " << inet_ntoa(mStunExtAddr.sin_addr) << std::endl; - std::cerr << "p3ConnectMgr::stunCheck() raddr.sin_addr.s_addr : " << inet_ntoa(raddr.sin_addr) << std::endl; - std::cerr << "p3ConnectMgr::stunCheck() stable : " << (stable !=0) << std::endl; -#endif - - if ((mStunExtAddr.sin_addr.s_addr != raddr.sin_addr.s_addr) || - (stable == 0)) - { - netFlagStunOk = false; - mStunExtAddr = raddr; - } - else - { - netFlagStunOk = true; -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::stunCheck() Stun ext : ok !" << std::endl; -#endif - } - } - else - { - netFlagStunOk = false; -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::stunCheck() Stun : No Ext Address." << std::endl; -#endif - } - } - -//#ifdef CONN_DEBUG -// uint32_t failCount; -// time_t lastSent; -// time_t now = time(NULL); -// struct sockaddr_in eaddr; -// socklen_t elen = sizeof(eaddr); -// int i = 0; -// for(i = 0; tou_getstunpeer(i, (struct sockaddr *) &raddr, &rlen, -// (struct sockaddr *) &eaddr, &elen, -// &failCount, &lastSent); i++) -// { -// std::cerr << "STUN PEERS: "; -// std::cerr << " raddr: " << inet_ntoa(raddr.sin_addr) << ":" << ntohs(raddr.sin_port); -// std::cerr << " eaddr: " << inet_ntoa(eaddr.sin_addr) << ":" << ntohs(eaddr.sin_port); -// if (lastSent) -// { -// std::cerr << " failCount: " << failCount << " lastSent: " << now-lastSent; -// } -// else -// { -// std::cerr << " Unused "; -// } -// std::cerr << std::endl; -// } -//#endif - - /* pass on udp status to dht */ - if (tou_needstunpeers()) - { - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - - if (!mStunMoreRequired) - { -#ifdef CONN_DEBUG - std::cerr << "Telling DHT More Stun Required" << std::endl; -#endif - - netAssistStun(true); - mStunMoreRequired = true; - } - } - else - { - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - - if (mStunMoreRequired) - { -#ifdef CONN_DEBUG - std::cerr << "Telling DHT No More Stun Required" << std::endl; -#endif - - netAssistStun(false); - mStunMoreRequired = false; - } - } - - return true; -} - -void p3ConnectMgr::stunStatus(std::string id, struct sockaddr_in raddr, uint32_t type, uint32_t flags) -{ -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::stunStatus() id: " << RsUtil::BinToHex(id) << " raddr: " << inet_ntoa(raddr.sin_addr); - std::cerr << ":" << ntohs(raddr.sin_port) << std::endl; -#endif - - connMtx.lock(); /* LOCK MUTEX */ - - bool stillStunning = (mStunStatus == RS_STUN_DHT); - - connMtx.unlock(); /* UNLOCK MUTEX */ - - /* only useful if they have an exposed TCP/UDP port */ - if (type & RS_NET_CONN_TCP_EXTERNAL) - { - if (stillStunning) - { - connMtx.lock(); /* LOCK MUTEX */ - mStunFound++; - connMtx.unlock(); /* UNLOCK MUTEX */ - -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::stunStatus() Sending to UDP" << std::endl; -#endif - /* push to the UDP */ - udpStunPeer(id, raddr); - - } - - /* push to the stunCollect */ - stunCollect(id, raddr, flags); - } -} - -/* FLAGS - -ONLINE -EXT -UPNP -UDP -FRIEND -FRIEND_OF_FRIEND -OTHER -*/ - -void p3ConnectMgr::stunCollect(std::string id, struct sockaddr_in addr, uint32_t flags) -{ - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::stunCollect() id: " << RsUtil::BinToHex(id) << std::endl; -#endif - - std::list::iterator it; - it = std::find(mStunList.begin(), mStunList.end(), id); - if (it == mStunList.end()) - { -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::stunCollect() Id not in List" << std::endl; -#endif - /* add it in: - * if FRIEND / ONLINE or if list is short. - */ - if ((flags & RS_STUN_ONLINE) || (flags & RS_STUN_FRIEND)) - { -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::stunCollect() Id added to Front" << std::endl; -#endif - /* push to the front */ - mStunList.push_front(id); - - IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ - } - else if (mStunList.size() < RS_STUN_LIST_MIN) - { -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::stunCollect() Id added to Back" << std::endl; -#endif - /* push to the front */ - mStunList.push_back(id); - - IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ - } - } - else - { - /* if they're online ... move to the front - */ - if (flags & RS_STUN_ONLINE) - { -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::stunCollect() Id moved to Front" << std::endl; -#endif - /* move to front */ - mStunList.erase(it); - mStunList.push_front(id); - - IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ - } - } - -} - /******************************** Network Status ********************************* * Configuration Loading / Saving. */ @@ -1424,6 +1366,9 @@ void p3ConnectMgr::tickMonitors() } } /****** UNLOCK STACK MUTEX ******/ + + + /* NOTE - clients is accessed without mutex protection!!!! * At the moment this is okay - as they are only added at the start. * IF this changes ---- must fix with second Mutex. @@ -1453,8 +1398,8 @@ const std::string p3ConnectMgr::getOwnId() bool p3ConnectMgr::getOwnNetStatus(peerConnectState &state) { - //RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - state = ownState; + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + state = mOwnState; return true; } @@ -1558,18 +1503,20 @@ void p3ConnectMgr::getFriendList(std::list &peers) } -//void p3ConnectMgr::getOthersList(std::list &peers) -//{ -// RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ -// -// /* check for existing */ -// std::map::iterator it; -// for(it = mOthersList.begin(); it != mOthersList.end(); it++) -// { -// peers.push_back(it->first); -// } -// return; -//} +#if 0 +void p3ConnectMgr::getOthersList(std::list &peers) +{ + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + + /* check for existing */ + std::map::iterator it; + for(it = mOthersList.begin(); it != mOthersList.end(); it++) + { + peers.push_back(it->first); + } + return; +} +#endif void p3ConnectMgr::getPeerCount (unsigned int *pnFriendCount, unsigned int *pnOnlineCount) @@ -1616,28 +1563,20 @@ bool p3ConnectMgr::connectAttempt(std::string id, struct sockaddr_in &addr, return false; } - if ((it->second.state & RS_PEER_S_CONNECTED) && it->second.connAddrs.front().type == RS_NET_CONN_TUNNEL) { - //don't do a tunnel atemp if already connected via tunnel - it->second.connAddrs.pop_front(); + + if (it->second.state & RS_PEER_S_CONNECTED) + { #ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::connectAttempt() avoiding tunnel connection attempt because already connected via tunnel. " << std::endl; + std::cerr << "p3ConnectMgr::connectAttempt() Already FLAGGED as connected!!!!" << std::endl; + std::cerr << "p3ConnectMgr::connectAttempt() But allowing anyway!!!" << std::endl; #endif - //returning next connect attempt. - if (it->second.connAddrs.size() < 1) - { - #ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::connectAttempt() FAILED No ConnectAddresses id: " << id << std::endl; - #endif - return false; - } } - it->second.lastattempt = time(NULL) + rand() % 6;//add a random perturbation between 0 and 2 sec. + it->second.lastattempt = time(NULL); it->second.inConnAttempt = true; it->second.currentConnAddrAttempt = it->second.connAddrs.front(); it->second.connAddrs.pop_front(); - addr = it->second.currentConnAddrAttempt.addr; delay = it->second.currentConnAddrAttempt.delay; period = it->second.currentConnAddrAttempt.period; @@ -1645,16 +1584,15 @@ bool p3ConnectMgr::connectAttempt(std::string id, struct sockaddr_in &addr, #ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::connectAttempt() found an address: id: " << id << std::endl; - std::cerr << " laddr: " << inet_ntoa(addr.sin_addr) << " lport: " << ntohs(addr.sin_port) << " delay: " << delay << " period: " << period; - std::cerr << " type: " << type << std::endl; + std::cerr << "p3ConnectMgr::connectAttempt() found an address: id: " << id << std::endl; + std::cerr << " laddr: " << inet_ntoa(addr.sin_addr) << " lport: " << ntohs(addr.sin_port) << " delay: " << delay << " period: " << period; + std::cerr << " type: " << type << std::endl; #endif if (addr.sin_addr.s_addr == 0 || addr.sin_port == 0) { #ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::connectAttempt() address or port is null, don't make the attempt." << std::endl; - std::cerr << " type: " << type << std::endl; + std::cerr << "p3ConnectMgr::connectAttempt() WARNING: address or port is null" << std::endl; + std::cerr << " type: " << type << std::endl; #endif - return false; } return true; @@ -1717,24 +1655,23 @@ bool p3ConnectMgr::connectResult(std::string id, bool success, uint32_t flags, s it->second.currentserveraddr = remote_peer_address; //add the ip address in the address list if we were in a connect attempt and the attempt address is the same as the connect result - if (it->second.inConnAttempt && - it->second.currentConnAddrAttempt.addr.sin_addr.s_addr == remote_peer_address.sin_addr.s_addr && - it->second.currentConnAddrAttempt.addr.sin_port == remote_peer_address.sin_port && - remote_peer_address.sin_addr.s_addr != 0 && - !(remote_peer_address.sin_addr.s_addr == ownState.currentlocaladdr.sin_addr.s_addr) && - (!isLoopbackNet(&remote_peer_address.sin_addr)) - ) - { - IpAddressTimed ipLocalAddressTimed; - ipLocalAddressTimed.ipAddr = remote_peer_address; - ipLocalAddressTimed.seenTime = time(NULL); - it->second.updateIpAddressList(ipLocalAddressTimed); + pqiIpAddress raddr; + raddr.mAddr = remote_peer_address; + raddr.mSeenTime = time(NULL); + raddr.mSrc = 0; + if (isPrivateNet(&(remote_peer_address.sin_addr))) + { + it->second.ipAddrs.updateLocalAddrs(raddr); + } + else + { + it->second.ipAddrs.updateExtAddrs(raddr); + } #ifdef CONN_DEBUG std::cerr << "p3ConnectMgr::connectResult() adding current peer adress in list." << std::endl; - it->second.printIpAddressList(); + it->second.ipAddrs.printAddrs(std::cerr); #endif - } /* remove other attempts */ it->second.inConnAttempt = false; @@ -1773,60 +1710,16 @@ bool p3ConnectMgr::connectResult(std::string id, bool success, uint32_t flags, s return true; } -bool p3ConnectMgr::doNextAttempt(std::string id) -{ - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - - rslog(RSL_WARNING, p3connectzone, "p3ConnectMgr::doNextAttempt() called id : " + id); - - if (id == getOwnId()) { - #ifdef CONN_DEBUG - rslog(RSL_WARNING, p3connectzone, "p3ConnectMgr::doNextAttempt() Failed, connecting to own id: "); - #endif - return false; - } - - /* check for existing */ - std::map::iterator it; - it = mFriendList.find(id); - if (it == mFriendList.end()) - { - rslog(RSL_WARNING, p3connectzone, "p3ConnectMgr::connectResult() Failed, missing Friend "); - return false; - } - - - it->second.inConnAttempt = false; - - if ((it->second.state & RS_PEER_S_CONNECTED) && !(it->second.connecttype & RS_NET_CONN_TUNNEL)) { - rslog(RSL_WARNING, p3connectzone, "p3ConnectMgr::doNextAttempt() peer is already connected and not in tunnel mode, don't do next attempt."); - return true; - } - - if (it->second.connAddrs.size() < 1) - { - return true; - } - - it->second.actions |= RS_PEER_CONNECT_REQ; - mStatusChanged = true; - - return true; -} - - /******************************** Feedback ...... ********************************* * From various sources */ -void p3ConnectMgr::peerStatus(std::string id, - struct sockaddr_in laddr, struct sockaddr_in raddr, +void p3ConnectMgr::peerStatus(std::string id, const pqiIpAddrSet &addrs, uint32_t type, uint32_t flags, uint32_t source) { /* HACKED UP FIX ****/ - std::list ipDiscAddressList; std::map::iterator it; bool isFriend = true; @@ -1835,25 +1728,25 @@ void p3ConnectMgr::peerStatus(std::string id, peerAddrInfo details; details.type = type; details.found = true; - details.laddr = laddr; - details.raddr = raddr; + details.addrs = addrs; details.ts = now; { RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::peerStatus()" << " id: " << id << " laddr: " << inet_ntoa(laddr.sin_addr) << " lport: " << ntohs(laddr.sin_port); - std::cerr << " raddr: " << inet_ntoa(raddr.sin_addr) << " rport: " << ntohs(raddr.sin_port) << " type: " << type << " flags: " << flags; - std::cerr << " source: " << source << std::endl; - peerConnectState::printIpAddressList(ipDiscAddressList); -#endif { /* Log */ std::ostringstream out; - out << "p3ConnectMgr::peerStatus()" << " id: " << id << " laddr: " << inet_ntoa(laddr.sin_addr) << " lport: " << ntohs(laddr.sin_port); - out << " raddr: " << inet_ntoa(raddr.sin_addr) << " rport: " << ntohs(raddr.sin_port) << " type: " << type << " flags: " << flags << " source: " << source; + out << "p3ConnectMgr::peerStatus()" << " id: " << id; + out << " type: " << type << " flags: " << flags; + out << " source: " << source; + out << std::endl; + addrs.printAddrs(out); + rslog(RSL_WARNING, p3connectzone, out.str()); +#ifdef CONN_DEBUG + std::cerr << out.str(); +#endif } /* look up the id */ @@ -1878,7 +1771,7 @@ void p3ConnectMgr::peerStatus(std::string id, #ifdef CONN_DEBUG std::cerr << "p3ConnectMgr::peerStatus() Current Peer State:" << std::endl; - printConnectState(it->second); + printConnectState(std::cerr, it->second); std::cerr << std::endl; #endif @@ -1900,8 +1793,7 @@ void p3ConnectMgr::peerStatus(std::string id, /* if we are recieving these - the dht is definitely up. */ - - netFlagDhtOk = true; + mNetFlags.mDhtOk = true; } else if (source == RS_CB_DISC) { @@ -1912,20 +1804,6 @@ void p3ConnectMgr::peerStatus(std::string id, it->second.source = RS_CB_DISC; it->second.disc = details; - it->second.updateIpAddressList(ipDiscAddressList); - - it->second.currentlocaladdr = laddr; - it->second.currentserveraddr = raddr; - //add the given address to the address list - IpAddressTimed laddrTimed; - laddrTimed.ipAddr = laddr; - laddrTimed.seenTime = time(NULL); - it->second.updateIpAddressList(laddrTimed); - - IpAddressTimed raddrTimed; - raddrTimed.ipAddr = raddr; - raddrTimed.seenTime = time(NULL); - it->second.updateIpAddressList(raddrTimed); if (flags & RS_NET_FLAGS_ONLINE) { @@ -1949,21 +1827,6 @@ void p3ConnectMgr::peerStatus(std::string id, it->second.source = RS_CB_PERSON; it->second.peer = details; - it->second.updateIpAddressList(ipDiscAddressList); - - it->second.currentlocaladdr = laddr; - it->second.currentserveraddr = raddr; - //add the given address to the address list - IpAddressTimed laddrTimed; - laddrTimed.ipAddr = laddr; - laddrTimed.seenTime = time(NULL); - it->second.updateIpAddressList(laddrTimed); - - IpAddressTimed raddrTimed; - raddrTimed.ipAddr = raddr; - raddrTimed.seenTime = time(NULL); - it->second.updateIpAddressList(raddrTimed); - it->second.state |= RS_PEER_S_ONLINE; it->second.lastavailable = now; @@ -2008,9 +1871,9 @@ void p3ConnectMgr::peerStatus(std::string id, } /* Determine Reachability (only advisory) */ - if (ownState.netMode & RS_NET_MODE_UDP) + if (mOwnState.netMode & RS_NET_MODE_UDP) { - if ((details.type & RS_NET_CONN_UDP) || + if ((details.type & RS_NET_CONN_UDP_DHT_SYNC) || (details.type & RS_NET_CONN_TCP_EXTERNAL)) { /* reachable! */ @@ -2022,7 +1885,7 @@ void p3ConnectMgr::peerStatus(std::string id, it->second.state |= RS_PEER_S_UNREACHABLE; } } - else if (ownState.netMode & RS_NET_MODE_UNREACHABLE) + else if (mOwnState.netMode & RS_NET_MODE_UNREACHABLE) { if (details.type & RS_NET_CONN_TCP_EXTERNAL) { @@ -2068,26 +1931,33 @@ void p3ConnectMgr::peerStatus(std::string id, } /****** STACK UNLOCK MUTEX *******/ #ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::peerStatus()" << " id: " << id << " laddr: " << inet_ntoa(laddr.sin_addr) << " lport: " << ntohs(laddr.sin_port); - std::cerr << " raddr: " << inet_ntoa(raddr.sin_addr) << " rport: " << ntohs(raddr.sin_port) << " type: " << type << " flags: " << flags; + std::cerr << "p3ConnectMgr::peerStatus()" << " id: " << id; + std::cerr << " type: " << type << " flags: " << flags; std::cerr << " source: " << source << std::endl; + std::cerr << " addrs: " << std::endl; + addrs.printAddrs(std::cerr); + std::cerr << std::endl; + #endif + bool newAddrs = it->second.ipAddrs.updateAddrs(addrs); #ifndef P3CONNMGR_NO_AUTO_CONNECTION #ifndef P3CONNMGR_NO_TCP_CONNECTIONS - retryConnectTCP(id); + if (newAddrs) + { + retryConnectTCP(id); + } #endif // P3CONNMGR_NO_TCP_CONNECTIONS - retryConnectNotify(id); -#else +#else #endif // P3CONNMGR_NO_AUTO_CONNECTION #ifdef CONN_DEBUG std::cerr << "p3ConnectMgr::peerStatus() Resulting Peer State:" << std::endl; - printConnectState(it->second); + printConnectState(std::cerr, it->second); std::cerr << std::endl; #endif @@ -2123,7 +1993,7 @@ void p3ConnectMgr::peerConnectRequest(std::string id, struct sockaddr_in radd bool p3ConnectMgr::addFriend(std::string id, std::string gpg_id, uint32_t netMode, uint32_t visState, time_t lastContact) { //set a new retry period, so the more frinds we have the less we launch conection attempts - retry_period = MIN_RETRY_PERIOD + rand() % 3 + (mFriendList.size() * 2); + mRetryPeriod = MIN_RETRY_PERIOD + (mFriendList.size() * 2); if (id == AuthSSL::getAuthSSL()->OwnId()) { #ifdef CONN_DEBUG @@ -2168,8 +2038,7 @@ bool p3ConnectMgr::addFriend(std::string id, std::string gpg_id, uint32_t netMod /* check if it is in others */ -// if (mOthersList.end() != (it = mOthersList.find(id))) - if (false) + if (mOthersList.end() != (it = mOthersList.find(id))) { /* (2) in mOthersList -> move over */ #ifdef CONN_DEBUG @@ -2297,6 +2166,7 @@ bool p3ConnectMgr::removeFriend(std::string id) +#if 0 bool p3ConnectMgr::addNeighbour(std::string id) { @@ -2310,61 +2180,66 @@ bool p3ConnectMgr::addNeighbour(std::string id) * (3) is non-existant -> create new one. */ -// RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ -// -// std::map::iterator it; -// if (mFriendList.end() == mFriendList.find(id)) -// { -// /* (1) already exists */ -// return false; -// } -// -// if (mOthersList.end() == mOthersList.find(id)) -// { -// /* (2) already exists */ -// return true; -// } -// -// /* check with the AuthMgr if its valid */ -// if (!AuthSSL::getAuthSSL()->isAuthenticated(id)) -// { -// /* no auth */ -// return false; -// } -// -// /* get details from AuthMgr */ -// sslcert detail; -// if (!AuthSSL::getAuthSSL()->getCertDetails(id, detail)) -// { -// /* no details */ -// return false; -// } -// -// /* create a new entry */ -// peerConnectState pstate; -// -// pstate.id = id; -// pstate.name = detail.name; -// -// pstate.state = 0; -// pstate.actions = 0; //RS_PEER_NEW; -// pstate.visState = RS_VIS_STATE_STD; -// pstate.netMode = RS_NET_MODE_UNKNOWN; -// -// /* addr & timestamps -> auto cleared */ -// mOthersList[id] = pstate; + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + + std::map::iterator it; + if (mFriendList.end() == mFriendList.find(id)) + { + /* (1) already exists */ + return false; + } + + if (mOthersList.end() == mOthersList.find(id)) + { + /* (2) already exists */ + return true; + } + + /* check with the AuthMgr if its valid */ + if (!AuthSSL::getAuthSSL()->isAuthenticated(id)) + { + /* no auth */ + return false; + } + + /* get details from AuthMgr */ + sslcert detail; + if (!AuthSSL::getAuthSSL()->getCertDetails(id, detail)) + { + /* no details */ + return false; + } + + /* create a new entry */ + peerConnectState pstate; + + pstate.id = id; + pstate.name = detail.name; + + pstate.state = 0; + pstate.actions = 0; //RS_PEER_NEW; + pstate.visState = RS_VIS_STATE_STD; + pstate.netMode = RS_NET_MODE_UNKNOWN; + + /* addr & timestamps -> auto cleared */ + mOthersList[id] = pstate; return false; } +#endif + /*******************************************************************/ /*******************************************************************/ /*************** External Control ****************/ bool p3ConnectMgr::retryConnect(std::string id) { - retryConnectTCP(id); - retryConnectNotify(id); + /* push all available addresses onto the connect addr stack */ +#ifdef CONN_DEBUG + std::cerr << "p3ConnectMgr::retryConnect() id: " << id << std::endl; +#endif + retryConnectTCP(id); return true; } @@ -2373,7 +2248,7 @@ bool p3ConnectMgr::retryConnectTCP(std::string id) { RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - /* push addresses onto stack */ + /* push all available addresses onto the connect addr stack */ #ifdef CONN_DEBUG std::cerr << "p3ConnectMgr::retryConnectTCP() id: " << id << std::endl; #endif @@ -2406,269 +2281,153 @@ bool p3ConnectMgr::retryConnectTCP(std::string id) std::cerr << "p3ConnectMgr::retryConnectTCP() Peer Connected through a tunnel connection, let's try a normal connection." << std::endl; #endif } else { - return true; +#ifdef CONN_DEBUG + std::cerr << "p3ConnectMgr::retryConnectTCP() Peer Connected no more connection attempts" << std::endl; +#endif + return false; } } - //add the ips off the ipAdressList for TCP - std::list ipList = it->second.getIpAddressList(); - for (std::list::iterator ipListIt = ipList.begin(); ipListIt!=(ipList.end()); ipListIt++) { -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::retryConnectTCP() adding ip : " << inet_ntoa(ipListIt->ipAddr.sin_addr); - std::cerr << ":" << ntohs(ipListIt->ipAddr.sin_port) << std::endl; -#endif - //check that the address doens't exist already in the connAddrs - bool found = false; - for (std::list::iterator cit = it->second.connAddrs.begin(); cit != it->second.connAddrs.end(); cit++) { - if (cit->addr.sin_addr.s_addr == ipListIt->ipAddr.sin_addr.s_addr && - cit->addr.sin_port == ipListIt->ipAddr.sin_port && - cit->type == RS_NET_CONN_TCP_UNKNOW_TOPOLOGY) { -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::retryConnectTCP() tcp attempt already in list." << std::endl; -#endif - found = true; - break; - } - } + /* UDP automatically searches -> no need to push start */ - if (!found) { + // Just push all the addresses onto the stack. + /* try local addresses first */ + std::list::iterator ait; + for(ait = it->second.ipAddrs.mLocal.mAddrs.begin(); + ait != it->second.ipAddrs.mLocal.mAddrs.end(); ait++) + { #ifdef CONN_DEBUG - std::cerr << "Adding tcp connection attempt list." << std::endl; + std::cerr << "Adding tcp connection attempt: "; + std::cerr << "Local Addr: " << inet_ntoa(ait->mAddr.sin_addr); + std::cerr << ":" << ntohs(ait->mAddr.sin_port); + std::cerr << std::endl; #endif - peerConnectAddress pca; - pca.addr = ipListIt->ipAddr; - pca.type = RS_NET_CONN_TCP_UNKNOW_TOPOLOGY; - //for the delay, we add a random time and some more time when the friend list is big - pca.delay = P3CONNMGR_TCP_DEFAULT_DELAY + rand() % 3 + (mFriendList.size() / 3); - pca.ts = time(NULL); - pca.period = 0; - it->second.connAddrs.push_back(pca); - } - } + peerConnectAddress pca; + pca.addr = ait->mAddr; + pca.type = RS_NET_CONN_TCP_LOCAL; + pca.delay = P3CONNMGR_TCP_DEFAULT_DELAY; + pca.ts = time(NULL); + pca.period = P3CONNMGR_TCP_DEFAULT_PERIOD; + it->second.connAddrs.push_back(pca); + } + for(ait = it->second.ipAddrs.mExt.mAddrs.begin(); + ait != it->second.ipAddrs.mExt.mAddrs.end(); ait++) + { +#ifdef CONN_DEBUG + std::cerr << "Adding tcp connection attempt: "; + std::cerr << "Ext Addr: " << inet_ntoa(ait->mAddr.sin_addr); + std::cerr << ":" << ntohs(ait->mAddr.sin_port); + std::cerr << std::endl; +#endif + peerConnectAddress pca; + pca.addr = ait->mAddr; + pca.type = RS_NET_CONN_TCP_EXTERNAL; + pca.delay = P3CONNMGR_TCP_DEFAULT_DELAY; + pca.ts = time(NULL); + pca.period = P3CONNMGR_TCP_DEFAULT_PERIOD; + it->second.connAddrs.push_back(pca); + } + + /* try dyndns address too */ if (!it->second.dyndns.empty()) { struct in_addr addr; u_short port = it->second.currentserveraddr.sin_port ? it->second.currentserveraddr.sin_port : it->second.currentlocaladdr.sin_port; +#ifdef CONN_DEBUG + std::cerr << "Looking up DynDNS address" << std::endl; +#endif if (port) { - if (getIPAddressFromString (it->second.dyndns.c_str (), &addr)) { - bool found = false; - for (std::list::iterator cit = it->second.connAddrs.begin(); cit != it->second.connAddrs.end(); cit++) { - if (cit->addr.sin_addr.s_addr == addr.s_addr && - cit->addr.sin_port == port && - cit->type == RS_NET_CONN_TCP_UNKNOW_TOPOLOGY) { + if (getIPAddressFromString (it->second.dyndns.c_str (), &addr)) + { #ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::retryConnectTCP() tcp attempt already in list." << std::endl; -#endif - found = true; - break; - } - } - - if (!found) { -#ifdef CONN_DEBUG - std::cerr << "Adding tcp connection attempt list." << std::endl; + std::cerr << "Adding tcp connection attempt: "; + std::cerr << "DynDNS Addr: " << inet_ntoa(addr); + std::cerr << ":" << ntohs(port); + std::cerr << std::endl; #endif peerConnectAddress pca; pca.addr.sin_family = AF_INET; pca.addr.sin_addr.s_addr = addr.s_addr; pca.addr.sin_port = port; - pca.type = RS_NET_CONN_TCP_UNKNOW_TOPOLOGY; + pca.type = RS_NET_CONN_TCP_EXTERNAL; //for the delay, we add a random time and some more time when the friend list is big - pca.delay = P3CONNMGR_TCP_DEFAULT_DELAY + rand() % 3 + (mFriendList.size() / 5); + pca.delay = P3CONNMGR_TCP_DEFAULT_DELAY; pca.ts = time(NULL); - pca.period = 0; + pca.period = P3CONNMGR_TCP_DEFAULT_PERIOD; it->second.connAddrs.push_back(pca); - } - - //add an udp attempt with the dns address - found = false; - for (std::list::iterator cit = it->second.connAddrs.begin(); cit != it->second.connAddrs.end(); cit++) { - if ( cit->type == RS_NET_CONN_UDP) { - #ifdef CONN_DEBUG - rslog(RSL_DEBUG_BASIC, p3connectzone, "p3ConnectMgr::retryConnectTCP() udp attempt already in list."); - #endif - found = true; - break; - } - } - if (!found) { - #ifdef CONN_DEBUG - rslog(RSL_DEBUG_BASIC, p3connectzone, "p3ConnectMgr::retryConnectTCP() Adding udp connection attempt."); - #endif - peerConnectAddress pca; - pca.addr.sin_family = AF_INET; - pca.addr.sin_addr.s_addr = addr.s_addr; - pca.addr.sin_port = port; - pca.type = RS_NET_CONN_UDP; - pca.delay = P3CONNMGR_UDP_DEFAULT_DELAY; - pca.ts = time(NULL); - pca.period = P3CONNMGR_UDP_DEFAULT_PERIOD + (rand() % P3CONNMGR_UDP_DEFAULT_PERIOD); - it->second.connAddrs.push_back(pca); - } } } } - //add the supposed external address UDP - IpAddressTimed extractedAddress; - if (peerConnectState::extractExtAddress(it->second.getIpAddressList(), extractedAddress)) { - #ifdef CONN_DEBUG - rslog(RSL_DEBUG_BASIC, p3connectzone, "p3ConnectMgr::retryConnectTCP() got a valid external address for UDP connection"); - #endif - //check that the UDP attempt doens't exist already in the connAddrs - bool found = false; - for (std::list::iterator cit = it->second.connAddrs.begin(); cit != it->second.connAddrs.end(); cit++) { - if ( cit->type == RS_NET_CONN_UDP) { - #ifdef CONN_DEBUG - rslog(RSL_DEBUG_BASIC, p3connectzone, "p3ConnectMgr::retryConnectTCP() udp attempt already in list."); - #endif - found = true; - break; - } - } - if (!found) { - #ifdef CONN_DEBUG - rslog(RSL_DEBUG_BASIC, p3connectzone, "p3ConnectMgr::retryConnectTCP() Adding udp connection attempt."); - #endif - peerConnectAddress pca; - pca.addr = extractedAddress.ipAddr; - pca.type = RS_NET_CONN_UDP; - pca.delay = P3CONNMGR_UDP_DEFAULT_DELAY; - pca.ts = time(NULL); - pca.period = P3CONNMGR_UDP_DEFAULT_PERIOD + (rand() % P3CONNMGR_UDP_DEFAULT_PERIOD); - it->second.connAddrs.push_back(pca); - } - } else { - #ifdef CONN_DEBUG - rslog(RSL_DEBUG_BASIC, p3connectzone, "p3ConnectMgr::retryConnectTCP() no valid external address found for udp connection."); - #endif - } - //add the tunnel attempt - bool found = false; - for (std::list::iterator cit = it->second.connAddrs.begin(); cit != it->second.connAddrs.end(); cit++) { - if (cit->type == RS_NET_CONN_TUNNEL) { - #ifdef CONN_DEBUG - rslog(RSL_DEBUG_BASIC, p3connectzone, "p3ConnectMgr::retryConnectTCP() tunnel is already in the list."); - #endif - found = true; - break; - } - } - if (!(it->second.state & RS_PEER_S_CONNECTED) && !found && allow_tunnel_connection) + + if (!(it->second.state & RS_PEER_S_CONNECTED) && mAllowTunnelConnection) { - #ifdef CONN_DEBUG - rslog(RSL_DEBUG_BASIC, p3connectzone, "p3ConnectMgr::retryConnectTCP() Add the tunnel connection attempt."); - #endif +#ifdef CONN_DEBUG + std::cerr << "Adding TUNNEL Connection Attempt"; + std::cerr << std::endl; +#endif peerConnectAddress pca; pca.type = RS_NET_CONN_TUNNEL; pca.ts = time(NULL); pca.period = 0; - //we've got to set an address to avoid null pointer or some other bug - if (peerConnectState::extractExtAddress(it->second.getIpAddressList(), extractedAddress)) { - pca.addr = extractedAddress.ipAddr; - } else { - sockaddr_clear(&pca.addr); - pca.addr.sin_addr.s_addr = 1; - pca.addr.sin_port = 1; - } + sockaddr_clear(&pca.addr); + it->second.connAddrs.push_back(pca); } /* flag as last attempt to prevent loop */ - it->second.lastattempt = time(NULL) + rand() % 6;//add a random perturbation between 0 and 2 sec. + //add a random perturbation between 0 and 2 sec. + it->second.lastattempt = time(NULL) + rand() % MAX_RANDOM_ATTEMPT_OFFSET; if (it->second.inConnAttempt) { /* -> it'll automatically use the addresses we added */ +#ifdef CONN_DEBUG + std::cerr << "p3ConnectMgr::retryConnectTcp() Already in CONNECT ATTEMPT"; + std::cerr << std::endl; + std::cerr << "p3ConnectMgr::retryConnectTCP() Remaining ConnAddr Count: " << it->second.connAddrs.size(); + std::cerr << std::endl; +#endif return true; } /* start a connection attempt */ - if (it->second.connAddrs.size() > 0) { + if (it->second.connAddrs.size() > 0) + { #ifdef CONN_DEBUG std::ostringstream out; out << "p3ConnectMgr::retryConnectTCP() Started CONNECT ATTEMPT! " << " id: " << id ; + out << std::endl; + out << "p3ConnectMgr::retryConnectTCP() ConnAddr Count: " << it->second.connAddrs.size(); rslog(RSL_DEBUG_ALERT, p3connectzone, out.str()); + std::cerr << out.str() << std::endl; + #endif it->second.actions |= RS_PEER_CONNECT_REQ; mStatusChanged = true; - } else { + return true; + } + else + { #ifdef CONN_DEBUG std::ostringstream out; out << "p3ConnectMgr::retryConnectTCP() No addr in the connect attempt list. Not suitable for CONNECT ATTEMPT! " << " id: " << id; rslog(RSL_DEBUG_ALERT, p3connectzone, out.str()); + std::cerr << out.str() << std::endl; #endif + return false; } - return true; + return false; } - -bool p3ConnectMgr::retryConnectNotify(std::string id) -{ - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - - /* push addresses onto stack */ -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::retryConnectNotify() id: " << id << std::endl; -#endif - - /* look up the id */ - std::map::iterator it; - - if (mFriendList.end() == (it = mFriendList.find(id))) - { -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::retryConnectNotify() Peer is not Friend" << std::endl; -#endif - return false; - } - - /* if already connected -> done */ - if (it->second.state & RS_PEER_S_CONNECTED) - { - if (it->second.currentConnAddrAttempt.type & RS_NET_CONN_TUNNEL) { -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::retryConnectNotify() Peer Connected through a tunnel connection, let's try a normal connection." << std::endl; -#endif - } else { -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::retryConnectNotify() Peer Already Connected, aborting retryConnect" << std::endl; -#endif - return true; - } - } - - /* flag as last attempt to prevent loop */ - it->second.lastattempt = time(NULL) + rand() % 6;//add a random perturbation between 0 and 2 sec. - - if (ownState.netMode & RS_NET_MODE_UNREACHABLE) - { -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::retryConnectNotify() UNREACHABLE so no Notify! id: " << id << std::endl; -#endif - } - else - { -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::retryConnectNotify() Notifying Peer id: " << id << std::endl; -#endif - { - /* Log */ - std::ostringstream out; - out << "p3ConnectMgr::retryConnectNotify() Notifying Peer"; - out << " id: " << id; - rslog(RSL_WARNING, p3connectzone, out.str()); - } - - /* attempt UDP connection */ - netAssistNotify(id); - } - - return true; -} +/********************************************************************** + ********************************************************************** + ******************** External Setup ********************************** + ********************************************************************** + **********************************************************************/ bool p3ConnectMgr::setLocalAddress(std::string id, struct sockaddr_in addr) @@ -2676,29 +2435,27 @@ bool p3ConnectMgr::setLocalAddress(std::string id, struct sockaddr_in addr) if (id == AuthSSL::getAuthSSL()->OwnId()) { - if (ownState.currentlocaladdr.sin_addr.s_addr != addr.sin_addr.s_addr || - ownState.currentlocaladdr.sin_port != addr.sin_port) { + bool changed = false; + if (mOwnState.currentlocaladdr.sin_addr.s_addr != addr.sin_addr.s_addr || + mOwnState.currentlocaladdr.sin_port != addr.sin_port) + { + changed = true; + } + { RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - ownState.currentlocaladdr = addr; - //avoid 0 for port and address - if (ownState.currentlocaladdr.sin_addr.s_addr == 0) { - ownState.currentlocaladdr.sin_addr.s_addr = 1; - } - if (addr.sin_port == 0) { - ownState.currentlocaladdr.sin_port = 1; - } + mOwnState.currentlocaladdr = addr; } - IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ - if ((ownState.netMode & RS_NET_MODE_ACTUAL) == RS_NET_MODE_EXT || - (ownState.netMode & RS_NET_MODE_ACTUAL) == RS_NET_MODE_UDP) { + + if (changed) + { + IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ + netReset(); #ifdef CONN_DEBUG_RESET std::cerr << "p3ConnectMgr::setLocalAddress() Calling NetReset" << std::endl; #endif - netReset(); } - } - return true; + return true; } RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ @@ -2717,11 +2474,14 @@ bool p3ConnectMgr::setLocalAddress(std::string id, struct sockaddr_in addr) /* "it" points to peer */ it->second.currentlocaladdr = addr; + +#if 0 //update ip address list IpAddressTimed ipAddressTimed; ipAddressTimed.ipAddr = addr; ipAddressTimed.seenTime = time(NULL); it->second.updateIpAddressList(ipAddressTimed); +#endif IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ @@ -2732,24 +2492,9 @@ bool p3ConnectMgr::setExtAddress(std::string id, struct sockaddr_in addr) { if (id == AuthSSL::getAuthSSL()->OwnId()) { - if (ownState.currentserveraddr.sin_addr.s_addr != addr.sin_addr.s_addr || ownState.currentserveraddr.sin_port != addr.sin_port) { RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - ownState.currentserveraddr = addr; - -// //check port and address -// if (ownState.currentserveraddr.sin_addr.s_addr == 0 || ownState.currentserveraddr.sin_port == 0 || -// ownState.currentserveraddr.sin_addr.s_addr == 1|| ownState.currentserveraddr.sin_port == 1 || -// std::string(inet_ntoa(ownState.currentserveraddr.sin_addr)) == "1.1.1.1") -// { -// //try to extract ext address from the ip address list -// IpAddressTimed extractedAddress; -// if (peerConnectState::extractExtAddress(ownState.getIpAddressList(), extractedAddress)) { -// ownState.currentserveraddr = extractedAddress.ipAddr; -// } else { -// ownState.currentserveraddr = ownState.currentlocaladdr; -// } -// } + mOwnState.currentserveraddr = addr; } return true; } @@ -2768,6 +2513,7 @@ bool p3ConnectMgr::setExtAddress(std::string id, struct sockaddr_in addr) } } +#if 0 /* "it" points to peer */ it->second.currentserveraddr = addr; //update ip address list @@ -2775,20 +2521,23 @@ bool p3ConnectMgr::setExtAddress(std::string id, struct sockaddr_in addr) ipAddressTimed.ipAddr = addr; ipAddressTimed.seenTime = time(NULL); it->second.updateIpAddressList(ipAddressTimed); +#endif IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ return true; } + bool p3ConnectMgr::setDynDNS(std::string id, std::string dyndns) { if (id == AuthSSL::getAuthSSL()->OwnId()) { - ownState.dyndns = dyndns; + mOwnState.dyndns = dyndns; return true; } + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ /* check if it is a friend */ std::map::iterator it; @@ -2811,7 +2560,7 @@ bool p3ConnectMgr::setDynDNS(std::string id, std::string dyndns) return true; } -bool p3ConnectMgr::updateAddressList(const std::string& id, const std::list& IpAddressTimedList,bool merge) +bool p3ConnectMgr::updateAddressList(const std::string& id, const pqiIpAddrSet &addrs) { #ifdef CONN_DEBUG std::cerr << "p3ConnectMgr::setAddressList() called for id : " << id << std::endl; @@ -2822,26 +2571,7 @@ bool p3ConnectMgr::updateAddressList(const std::string& id, const std::list::iterator it; if (mFriendList.end() == (it = mFriendList.find(id))) { + if (mOthersList.end() == (it = mOthersList.find(id))) + { #ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::setLocalAddress() cannot add addres info : peer id not found in friend list. id: " << id << std::endl; + std::cerr << "p3ConnectMgr::setLocalAddress() cannot add addres info : peer id not found in friend list. id: " << id << std::endl; #endif - return false; + return false; + } } /* "it" points to peer */ - it->second.updateIpAddressList(IpAddressTimedList,merge); + it->second.ipAddrs.updateAddrs(addrs); +#ifdef CONN_DEBUG + std::cerr << "p3ConnectMgr::setLocalAddress() Updated Address for: " << id; + std::cerr << std::endl; + it->second.ipAddrs.printAddrs(std::cerr); + std::cerr << std::endl; +#endif + IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ return true; @@ -2866,9 +2606,9 @@ bool p3ConnectMgr::setNetworkMode(std::string id, uint32_t netMode) { if (id == AuthSSL::getAuthSSL()->OwnId()) { - uint32_t visState = ownState.visState; + uint32_t visState = mOwnState.visState; setOwnNetConfig(netMode, visState); - if ((netMode & RS_NET_MODE_ACTUAL) != (ownState.netMode & RS_NET_MODE_ACTUAL)) { + if ((netMode & RS_NET_MODE_ACTUAL) != (mOwnState.netMode & RS_NET_MODE_ACTUAL)) { #ifdef CONN_DEBUG_RESET std::cerr << "p3ConnectMgr::setNetworkMode() Calling NetReset" << std::endl; #endif @@ -2897,17 +2637,17 @@ bool p3ConnectMgr::setNetworkMode(std::string id, uint32_t netMode) bool p3ConnectMgr::setLocation(std::string id, std::string location) { + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + #ifdef CONN_DEBUG std::cerr << "p3ConnectMgr::setLocation() called for id : " << id << "; with location " << location << std::endl; #endif if (id == AuthSSL::getAuthSSL()->OwnId()) { - ownState.location = location; + mOwnState.location = location; return true; } - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - /* check if it is a friend */ std::map::iterator it; if (mFriendList.end() == (it = mFriendList.find(id))) { @@ -2920,15 +2660,15 @@ bool p3ConnectMgr::setLocation(std::string id, std::string location) bool p3ConnectMgr::setVisState(std::string id, uint32_t visState) { + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + if (id == AuthSSL::getAuthSSL()->OwnId()) { - ownState.visState = visState; + mOwnState.visState = visState; IndicateConfigChanged(); /**** INDICATE MSG CONFIG CHANGED! *****/ return true; } - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - /* check if it is a friend */ std::map::iterator it; bool isFriend = false; @@ -2972,89 +2712,114 @@ bool p3ConnectMgr::setVisState(std::string id, uint32_t visState) bool p3ConnectMgr::checkNetAddress() { - in_addr_t old_in_addr = ownState.currentlocaladdr.sin_addr.s_addr; - int old_in_port = ownState.currentlocaladdr.sin_port; + struct in_addr prefAddr = getPreferredInterface(); + struct sockaddr_in oldAddr; + + bool addrChanged = false; { RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ - - // GetPreferredInterface now chooses the best local ilterface for you. So it's the default function to use now. - // - ownState.currentlocaladdr.sin_addr = getPreferredInterface() ; - - if(ownState.currentlocaladdr.sin_addr.s_addr != 0 && !isLoopbackNet(&(ownState.currentlocaladdr.sin_addr))) - { - if (netFlagLocalOk != true) - { #ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::checkNetAddress() changing netFlagOk to true." << std::endl; + std::cerr << "p3ConnectMgr::checkNetAddress()"; + std::cerr << std::endl; + std::cerr << "Current Local: " << inet_ntoa(mOwnState.currentlocaladdr.sin_addr); + std::cerr << ":" << ntohs(mOwnState.currentlocaladdr.sin_port); + std::cerr << std::endl; + std::cerr << "Current Preferred: " << inet_ntoa(prefAddr); + std::cerr << std::endl; #endif - netFlagLocalOk = true; - IndicateConfigChanged(); - } - } - else if (netFlagLocalOk != false) + + oldAddr = mOwnState.currentlocaladdr; + addrChanged = (prefAddr.s_addr != mOwnState.currentlocaladdr.sin_addr.s_addr); + // update address. + mOwnState.currentlocaladdr.sin_addr = prefAddr; + + + mNetFlags.mLocalAddr = mOwnState.currentlocaladdr; + + if(isLoopbackNet(&(mOwnState.currentlocaladdr.sin_addr))) { #ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::checkNetAddress() changing netFlagOk to false." << std::endl; + std::cerr << "p3ConnectMgr::checkNetAddress() laddr: Loopback" << std::endl; #endif - netFlagLocalOk = false; - netFlagExtraAddressCheckOk = false; - netFlagUpnpOk = false; - netFlagDhtOk = false; - netFlagStunOk = false; - IndicateConfigChanged(); + mNetFlags.mLocalAddrOk = false; + mNetStatus = RS_NET_LOOPBACK; + } + else if (!isValidNet(&mOwnState.currentlocaladdr.sin_addr)) + { +#ifdef CONN_DEBUG + std::cerr << "p3ConnectMgr::checkNetAddress() laddr: invalid" << std::endl; +#endif + mNetFlags.mLocalAddrOk = false; + } + else + { +#ifdef CONN_DEBUG + std::cerr << "p3ConnectMgr::checkNetAddress() laddr okay" << std::endl; +#endif + mNetFlags.mLocalAddrOk = true; } - if(isLoopbackNet(&(ownState.currentlocaladdr.sin_addr))) - mNetStatus = RS_NET_LOOPBACK; - - int port = ntohs(ownState.currentlocaladdr.sin_port); + int port = ntohs(mOwnState.currentlocaladdr.sin_port); if ((port < PQI_MIN_PORT) || (port > PQI_MAX_PORT)) - ownState.currentlocaladdr.sin_port = htons(PQI_DEFAULT_PORT); + { +#ifdef CONN_DEBUG + std::cerr << "p3ConnectMgr::checkNetAddress() Correcting Port to DEFAULT" << std::endl; +#endif + mOwnState.currentlocaladdr.sin_port = htons(PQI_DEFAULT_PORT); + addrChanged = true; + } +#if 0 /* if localaddr = serveraddr, then ensure that the ports * are the same (modify server)... this mismatch can * occur when the local port is changed.... */ - if (ownState.currentlocaladdr.sin_addr.s_addr == ownState.currentserveraddr.sin_addr.s_addr) - ownState.currentserveraddr.sin_port = ownState.currentlocaladdr.sin_port; + if (mOwnState.currentlocaladdr.sin_addr.s_addr == mOwnState.currentserveraddr.sin_addr.s_addr) + { + mOwnState.currentserveraddr.sin_port = mOwnState.currentlocaladdr.sin_port; + } +#endif // ensure that address family is set, otherwise windows Barfs. - ownState.currentlocaladdr.sin_family = AF_INET; - ownState.currentserveraddr.sin_family = AF_INET; + mOwnState.currentlocaladdr.sin_family = AF_INET; + mOwnState.currentserveraddr.sin_family = AF_INET; //update ip address list - // - IpAddressTimed ipAddressTimed; - ipAddressTimed.ipAddr = ownState.currentlocaladdr; - ipAddressTimed.seenTime = time(NULL); - ownState.updateIpAddressList(ipAddressTimed); + pqiIpAddress addrInfo; + addrInfo.mAddr = mOwnState.currentlocaladdr; + addrInfo.mSeenTime = time(NULL); + addrInfo.mSrc = 0; + mOwnState.ipAddrs.mLocal.updateIpAddressList(addrInfo); #ifdef CONN_DEBUG_TICK - std::cerr << "p3ConnectMgr::checkNetAddress() Final Local Address: " << inet_ntoa(ownState.currentlocaladdr.sin_addr); - std::cerr << ":" << ntohs(ownState.currentlocaladdr.sin_port) << std::endl; + std::cerr << "p3ConnectMgr::checkNetAddress() Final Local Address: " << inet_ntoa(mOwnState.currentlocaladdr.sin_addr); + std::cerr << ":" << ntohs(mOwnState.currentlocaladdr.sin_port) << std::endl; #endif } - if ((old_in_addr != ownState.currentlocaladdr.sin_addr.s_addr) || (old_in_port != ownState.currentlocaladdr.sin_port)) + if (addrChanged) { #ifdef CONN_DEBUG_RESET std::cerr << "p3ConnectMgr::checkNetAddress() local address changed, resetting network." << std::endl; - std::cerr << "old addr: " << old_in_addr << " : " << old_in_port; - std::cerr << std::endl; - std::cerr << "new addr: " << ownState.currentlocaladdr.sin_addr.s_addr << " : " << ownState.currentlocaladdr.sin_port; std::cerr << std::endl; #endif netReset(); + IndicateConfigChanged(); } return 1; } -/************************* p3config functions **********************/ -/*******************************************************************/ + + +/********************************************************************** + ********************************************************************** + ******************** p3Config functions ****************************** + ********************************************************************** + **********************************************************************/ + /* Key Functions to be overloaded for Full Configuration */ RsSerialiser *p3ConnectMgr::setupSerialiser() @@ -3079,13 +2844,13 @@ std::list p3ConnectMgr::saveList(bool &cleanup) item->clear(); item->pid = getOwnId(); - item->gpg_id = ownState.gpg_id; - item->location = ownState.location; - if (ownState.netMode & RS_NET_MODE_TRY_EXT) + item->gpg_id = mOwnState.gpg_id; + item->location = mOwnState.location; + if (mOwnState.netMode & RS_NET_MODE_TRY_EXT) { item->netMode = RS_NET_MODE_EXT; } - else if (ownState.netMode & RS_NET_MODE_TRY_UPNP) + else if (mOwnState.netMode & RS_NET_MODE_TRY_UPNP) { item->netMode = RS_NET_MODE_UPNP; } @@ -3094,13 +2859,14 @@ std::list p3ConnectMgr::saveList(bool &cleanup) item->netMode = RS_NET_MODE_UDP; } - item->visState = ownState.visState; - item->lastContact = ownState.lastcontact; + item->visState = mOwnState.visState; + item->lastContact = mOwnState.lastcontact; - item->currentlocaladdr = ownState.currentlocaladdr; - item->currentremoteaddr = ownState.currentserveraddr; - item->dyndns = ownState.dyndns; - item->ipAddressList = ownState.getIpAddressList(); + item->currentlocaladdr = mOwnState.currentlocaladdr; + item->currentremoteaddr = mOwnState.currentserveraddr; + item->dyndns = mOwnState.dyndns; + mOwnState.ipAddrs.mLocal.loadTlv(item->localAddrList); + mOwnState.ipAddrs.mExt.loadTlv(item->extAddrList); #ifdef CONN_DEBUG std::cerr << "p3ConnectMgr::saveList() Own Config Item:" << std::endl; @@ -3126,7 +2892,8 @@ std::list p3ConnectMgr::saveList(bool &cleanup) item->currentlocaladdr = (it->second).currentlocaladdr; item->currentremoteaddr = (it->second).currentserveraddr; item->dyndns = (it->second).dyndns; - item->ipAddressList = (it->second).getIpAddressList(); + (it->second).ipAddrs.mLocal.loadTlv(item->localAddrList); + (it->second).ipAddrs.mExt.loadTlv(item->extAddrList); saveData.push_back(item); #ifdef CONN_DEBUG @@ -3136,35 +2903,17 @@ std::list p3ConnectMgr::saveList(bool &cleanup) #endif } - RsPeerStunItem *sitem = new RsPeerStunItem(); - - std::list::iterator sit; - uint32_t count = 0; - for(sit = mStunList.begin(); (sit != mStunList.end()) && - (count < RS_STUN_LIST_MIN); sit++, count++) - { - sitem->stunList.ids.push_back(*sit); - } - -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::saveList() Peer Stun Item:" << std::endl; - sitem->print(std::cerr, 10); - std::cerr << std::endl; -#endif - - saveData.push_back(sitem); - // Now save config for network digging strategies RsConfigKeyValueSet *vitem = new RsConfigKeyValueSet ; RsTlvKeyValue kv; kv.key = "USE_EXTR_IP_FINDER" ; - kv.value = (use_extr_addr_finder)?"TRUE":"FALSE" ; + kv.value = (mUseExtAddrFinder)?"TRUE":"FALSE" ; vitem->tlvkvs.pairs.push_back(kv) ; #ifdef CONN_DEBUG - std::cout << "Pushing item for use_extr_addr_finder = " << use_extr_addr_finder << std::endl ; + std::cout << "Pushing item for use_extr_addr_finder = " << mUseExtAddrFinder << std::endl ; #endif saveData.push_back(vitem); @@ -3174,11 +2923,11 @@ std::list p3ConnectMgr::saveList(bool &cleanup) RsTlvKeyValue kv2; kv2.key = "ALLOW_TUNNEL_CONNECTION" ; - kv2.value = (allow_tunnel_connection)?"TRUE":"FALSE" ; + kv2.value = (mAllowTunnelConnection)?"TRUE":"FALSE" ; vitem2->tlvkvs.pairs.push_back(kv2) ; #ifdef CONN_DEBUG - std::cout << "Pushing item for allow_tunnel_connection = " << allow_tunnel_connection << std::endl ; + std::cout << "Pushing item for allow_tunnel_connection = " << mAllowTunnelConnection << std::endl ; #endif saveData.push_back(vitem2); @@ -3202,9 +2951,7 @@ bool p3ConnectMgr::loadList(std::list load) for(it = load.begin(); it != load.end(); it++) { RsPeerNetItem *pitem = dynamic_cast(*it); - RsPeerStunItem *sitem = dynamic_cast(*it); RsConfigKeyValueSet *vitem = dynamic_cast(*it) ; - if (pitem) { if (pitem->pid == getOwnId()) @@ -3216,8 +2963,8 @@ bool p3ConnectMgr::loadList(std::list load) #endif /* add ownConfig */ setOwnNetConfig(pitem->netMode, pitem->visState); - ownState.gpg_id = AuthGPG::getAuthGPG()->getGPGOwnId(); - ownState.location = AuthSSL::getAuthSSL()->getOwnLocation(); + mOwnState.gpg_id = AuthGPG::getAuthGPG()->getGPGOwnId(); + mOwnState.location = AuthSSL::getAuthSSL()->getOwnLocation(); } else { @@ -3233,22 +2980,12 @@ bool p3ConnectMgr::loadList(std::list load) setLocalAddress(pitem->pid, pitem->currentlocaladdr); setExtAddress(pitem->pid, pitem->currentremoteaddr); setDynDNS (pitem->pid, pitem->dyndns); - updateAddressList(pitem->pid, pitem->ipAddressList,false); - } - else if (sitem) - { - RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ -#ifdef CONN_DEBUG - std::cerr << "p3ConnectMgr::loadList() Stun Config Item:" << std::endl; - sitem->print(std::cerr, 10); - std::cerr << std::endl; -#endif - std::list::iterator sit; - for(sit = sitem->stunList.ids.begin(); - sit != sitem->stunList.ids.end(); sit++) - { - mStunList.push_back(*sit); - } + + /* convert addresses */ + pqiIpAddrSet addrs; + addrs.mLocal.extractFromTlv(pitem->localAddrList); + addrs.mExt.extractFromTlv(pitem->extAddrList); + updateAddressList(pitem->pid, addrs); } else if(vitem) { @@ -3262,11 +2999,11 @@ bool p3ConnectMgr::loadList(std::list load) std::list::iterator kit; for(kit = vitem->tlvkvs.pairs.begin(); kit != vitem->tlvkvs.pairs.end(); kit++) { if(kit->key == "USE_EXTR_IP_FINDER") { - use_extr_addr_finder = (kit->value == "TRUE"); - std::cerr << "setting use_extr_addr_finder to " << use_extr_addr_finder << std::endl ; + mUseExtAddrFinder = (kit->value == "TRUE"); + std::cerr << "setting use_extr_addr_finder to " << mUseExtAddrFinder << std::endl ; } else if (kit->key == "ALLOW_TUNNEL_CONNECTION") { - allow_tunnel_connection = (kit->value == "TRUE"); - std::cerr << "setting allow_tunnel_connection to " << allow_tunnel_connection << std::endl ; + mAllowTunnelConnection = (kit->value == "TRUE"); + std::cerr << "setting allow_tunnel_connection to " << mAllowTunnelConnection << std::endl ; } } } @@ -3278,48 +3015,41 @@ bool p3ConnectMgr::loadList(std::list load) -void printConnectState(peerConnectState &peer) +void printConnectState(std::ostream &out, peerConnectState &peer) { -#ifdef CONN_DEBUG - std::cerr << "Friend: " << peer.name << " Id: " << peer.id << " State: " << peer.state; - if (peer.state & RS_PEER_S_FRIEND) - std::cerr << " S:RS_PEER_S_FRIEND"; - if (peer.state & RS_PEER_S_ONLINE) - std::cerr << " S:RS_PEER_S_ONLINE"; - if (peer.state & RS_PEER_S_CONNECTED) - std::cerr << " S:RS_PEER_S_CONNECTED"; - std::cerr << " Actions: " << peer.actions; - if (peer.actions & RS_PEER_NEW) - std::cerr << " A:RS_PEER_NEW"; - if (peer.actions & RS_PEER_MOVED) - std::cerr << " A:RS_PEER_MOVED"; - if (peer.actions & RS_PEER_CONNECTED) - std::cerr << " A:RS_PEER_CONNECTED"; - if (peer.actions & RS_PEER_DISCONNECTED) - std::cerr << " A:RS_PEER_DISCONNECTED"; - if (peer.actions & RS_PEER_CONNECT_REQ) - std::cerr << " A:RS_PEER_CONNECT_REQ"; + out << "Friend: " << peer.name << " Id: " << peer.id << " State: " << peer.state; + if (peer.state & RS_PEER_S_FRIEND) + out << " S:RS_PEER_S_FRIEND"; + if (peer.state & RS_PEER_S_ONLINE) + out << " S:RS_PEER_S_ONLINE"; + if (peer.state & RS_PEER_S_CONNECTED) + out << " S:RS_PEER_S_CONNECTED"; + out << " Actions: " << peer.actions; + if (peer.actions & RS_PEER_NEW) + out << " A:RS_PEER_NEW"; + if (peer.actions & RS_PEER_MOVED) + out << " A:RS_PEER_MOVED"; + if (peer.actions & RS_PEER_CONNECTED) + out << " A:RS_PEER_CONNECTED"; + if (peer.actions & RS_PEER_DISCONNECTED) + out << " A:RS_PEER_DISCONNECTED"; + if (peer.actions & RS_PEER_CONNECT_REQ) + out << " A:RS_PEER_CONNECT_REQ"; - std::cerr << std::endl; -#endif + out << std::endl; return; } -bool p3ConnectMgr::addBootstrapStunPeers() -{ - std::string id; - struct sockaddr_in dummyaddr; - uint32_t flags = 0; - /* only use the Bootstrap system now */ +/********************************************************************** + ********************************************************************** + ******************** Interfaces *********************************** + ********************************************************************** + **********************************************************************/ - return true; -} - -/************************ INTERFACES ***********************/ void p3ConnectMgr::addNetAssistFirewall(uint32_t id, pqiNetAssistFirewall *fwAgent) @@ -3473,37 +3203,6 @@ bool p3ConnectMgr::netAssistFriend(std::string id, bool on) return true; } -bool p3ConnectMgr::netAssistAddStun(std::string id) -{ - std::map::iterator it; - for(it = mDhts.begin(); it != mDhts.end(); it++) - { - (it->second)->addStun(id); - } - return true; -} - - -bool p3ConnectMgr::netAssistStun(bool on) -{ - std::map::iterator it; - for(it = mDhts.begin(); it != mDhts.end(); it++) - { - (it->second)->enableStun(on); - } - return true; -} - -bool p3ConnectMgr::netAssistNotify(std::string id) -{ - std::map::iterator it; - for(it = mDhts.begin(); it != mDhts.end(); it++) - { - (it->second)->notifyPeer(id); - } - return true; -} - bool p3ConnectMgr::netAssistSetAddress( struct sockaddr_in &laddr, struct sockaddr_in &eaddr, @@ -3517,6 +3216,11 @@ bool p3ConnectMgr::netAssistSetAddress( struct sockaddr_in &laddr, return true; } +/********************************************************************** + ********************************************************************** + ******************** Network State *********************************** + ********************************************************************** + **********************************************************************/ bool p3ConnectMgr::getUPnPState() { @@ -3534,235 +3238,9 @@ bool p3ConnectMgr::getDHTEnabled() } -bool p3ConnectMgr::getNetStatusLocalOk() +void p3ConnectMgr::getNetStatus(pqiNetStatus &status) { - return netFlagLocalOk; + RsStackMutex stack(connMtx); /****** STACK LOCK MUTEX *******/ + status = mNetFlags; } -bool p3ConnectMgr::getNetStatusUpnpOk() -{ - return netFlagUpnpOk; -} - -bool p3ConnectMgr::getNetStatusDhtOk() -{ - return netFlagDhtOk; -} - -bool p3ConnectMgr::getNetStatusStunOk() -{ - return netFlagStunOk; -} - -bool p3ConnectMgr::getNetStatusExtraAddressCheckOk() -{ - return netFlagExtraAddressCheckOk; -} - -bool p3ConnectMgr::getUpnpExtAddress(struct sockaddr_in &addr) { - return netAssistExtAddress(addr); - } - -bool p3ConnectMgr::getStunExtAddress(struct sockaddr_in &addr) { - struct sockaddr_in temp_addr; - socklen_t len = sizeof(temp_addr); - uint8_t stable; - - if (0 < tou_extaddr((struct sockaddr *) &temp_addr, &len, &stable)) - { - addr = temp_addr; - -//#ifdef CONN_DEBUG -// std::cerr << "p3ConnectMgr::getStunExtAddress() Got "; -// std::cerr << " addr: " << inet_ntoa(addr.sin_addr); -// std::cerr << ":" << ntohs(addr.sin_port); -// std::cerr << std::endl; -//#endif - return true; - } -//#ifdef CONN_DEBUG -// std::cerr << "p3ConnectMgr::getStunExtAddress() No ext address found." << std::endl; -//#endif - return false; - -} - -bool p3ConnectMgr::getExtFinderExtAddress(struct sockaddr_in &addr) -{ - struct in_addr ad ; - - if ((use_extr_addr_finder && mExtAddrFinder->hasValidIP(&ad))) - { - addr.sin_port = ownState.currentlocaladdr.sin_port; - addr.sin_addr = ad ; - return true; - } - else - return false; -} - -bool peerConnectState::is_same_address(const IpAddressTimed& first, const IpAddressTimed& second) -{ - return (first.ipAddr.sin_addr.s_addr == second.ipAddr.sin_addr.s_addr && first.ipAddr.sin_port == second.ipAddr.sin_port); -} - -std::list peerConnectState::getIpAddressList() -{ - return ipAddressList; -} - -void peerConnectState::updateIpAddressList(const std::list& ipTimedList,bool merge) //purge old addresses to keep a small list -{ - if(!merge) - ipAddressList.clear() ; - - std::list::const_iterator ipListIt; - - for (ipListIt = ipTimedList.begin(); ipListIt!=(ipTimedList.end()); ++ipListIt) - updateIpAddressList(*ipListIt); -} - -void peerConnectState::updateIpAddressList(const IpAddressTimed& ipTimed) -{ - //purge old addresses to keep a small list -#ifdef CONN_DEBUG - std::cerr << "peerConnectState::updateIpAdressList() ip " << inet_ntoa(ipTimed.ipAddr.sin_addr); - std::cerr << ":" << ntohs(ipTimed.ipAddr.sin_port); - std::cerr << std::endl; -#endif - // 1 - check for dummy/unusable values. - // - if(isLoopbackNet(&(ipTimed.ipAddr.sin_addr))) - { -#ifdef CONN_DEBUG - std::cerr << "peerConnectState::updateIpAdressList() ip parameter is loopback: disgarding." << std::endl ; -#endif - return ; - } - - if(ipTimed.ipAddr.sin_addr.s_addr == 0 || ipTimed.ipAddr.sin_addr.s_addr == 1 || ipTimed.ipAddr.sin_port == 0) - { -#ifdef CONN_DEBUG - std::cerr << "peerConnectState::updateIpAdressList() ip parameter is 0.0.0.0, or port is 0, ignoring." << std::endl; -#endif - return; - } - - // 2 - check if the ip list already contains the current remote address of the connected peer. In such a case, - // we remove the list entry, and update the time stamp. We only compare ips not ports, so that the last port is kept. - // - bool found = false; - for (std::list::iterator ipListIt = ipAddressList.begin(); ipListIt!=(ipAddressList.end()) && !found; ++ipListIt) - if((*ipListIt).ipAddr.sin_addr.s_addr == ipTimed.ipAddr.sin_addr.s_addr) - { -#ifdef CONN_DEBUG - std::cerr << "peerConnectState::updateIpAdressList() ip found in the list." << std::endl; -#endif - //update the seen time - // - if ( (*ipListIt).seenTime < ipTimed.seenTime) - { - ipAddressList.erase(ipListIt) ; -#ifdef CONN_DEBUG - std::cerr << "peerConnectState::updateIpAdressList() Update seen time to : " << ipTimed.seenTime << std::endl; -#endif - } - else - found = true; // We keep the entry. - break ; - } - - // if not found (or removed), insert the address at sorted position into the list - // - if (!found) - { -#ifdef CONN_DEBUG - std::cerr << "peerConnectState::updateIpAdressList() adding to the ip list the current remote addr : " << id << " address : " << inet_ntoa(ipTimed.ipAddr.sin_addr); - std::cerr << ":" << ntohs(ipTimed.ipAddr.sin_port); - std::cerr << std::endl; -#endif - bool placed = false ; - - for(std::list::iterator ipListIt = ipAddressList.begin(); ipListIt!=(ipAddressList.end()); ++ipListIt) - if(ipTimed.seenTime > (*ipListIt).seenTime) - { - ipAddressList.insert(ipListIt,ipTimed); - placed=true ; - break; - } - if(!placed) - ipAddressList.push_back(ipTimed); - } - - // 5 - cut to the fixed number of retained addresses. - - std::list::iterator it ; - uint32_t cnt = 0 ; - for(it = ipAddressList.begin(); it!=(ipAddressList.end()) ;) - if(cnt >= PEER_IP_CONNECT_STATE_MAX_LIST_SIZE) - { - std::list::iterator tmp=it ; - ++tmp ; - ipAddressList.erase(it) ; - it=tmp ; - } - else - ++it,++cnt ; - -#ifdef CONN_DEBUG - std::cerr << "Adress list updated:" << std::endl ; - printIpAddressList(); -#endif -} - -void peerConnectState::printIpAddressList() -{ - std::cerr << "peerConnectState::printIpAdressList() current ip list for the peer : " << id << ", size : " << ipAddressList.size() << ", adresses : " << std::endl; - - for (std::list::iterator ipListIt = ipAddressList.begin(); ipListIt!=(ipAddressList.end()); ipListIt++) - std::cerr << inet_ntoa(ipListIt->ipAddr.sin_addr) << ":" - << ntohs(ipListIt->ipAddr.sin_port) << " seenTime : " - << ipListIt->seenTime << std::endl; - -} - -// Extract first address that is not the same as local address -// -bool peerConnectState::extractExtAddress(const std::list& IpAddressTimedList, IpAddressTimed &resultAddress) -{ - //check if the ip list contains the current remote address of the connected peer - // - std::list::const_iterator ipListIt; - for (ipListIt = IpAddressTimedList.begin(); ipListIt!=(IpAddressTimedList.end()); ++ipListIt) - { - //assume address is valid if not private, is not 0 and is not loopback - //if ((ipListIt->ipAddr.sin_addr.s_addr != 0) - // - if(!isPrivateNet(&ipListIt->ipAddr.sin_addr)) - { - resultAddress = *ipListIt; - return true; - } - } - return false; -} - - -void peerConnectState::printIpAddressList(std::list ipTimedList) { -#ifdef CONN_DEBUG - std::cerr << "peerConnectState::printIpAdressList()" << std::endl; -#endif - for (std::list::iterator ipListIt = ipTimedList.begin(); ipListIt!=(ipTimedList.end()); ipListIt++) { -#ifdef CONN_DEBUG - std::cerr << inet_ntoa(ipListIt->ipAddr.sin_addr) << ":" << ntohs(ipListIt->ipAddr.sin_port) << " seenTime : " << ipListIt->seenTime << std::endl; -#endif - } -} - -p3tunnel* p3ConnectMgr::getP3tunnel() { - return mP3tunnel; -} - -void p3ConnectMgr::setP3tunnel(p3tunnel *p3tun) { - mP3tunnel = p3tun; -} diff --git a/libretroshare/src/pqi/p3connmgr.h b/libretroshare/src/pqi/p3connmgr.h index 05bc94431..175c0940f 100644 --- a/libretroshare/src/pqi/p3connmgr.h +++ b/libretroshare/src/pqi/p3connmgr.h @@ -27,12 +27,11 @@ #define MRK_PQI_CONNECTION_MANAGER_HEADER #include "pqi/pqimonitor.h" -#include "serialiser/rsconfigitems.h" +#include "pqi/pqiipset.h" //#include "pqi/p3dhtmgr.h" //#include "pqi/p3upnpmgr.h" #include "pqi/pqiassist.h" -#include "services/p3tunnel.h" #include "pqi/p3cfgmgr.h" @@ -84,8 +83,9 @@ const uint32_t RS_NET_CONN_TUNNEL = 0x0f00; const uint32_t RS_NET_CONN_TCP_LOCAL = 0x0001; const uint32_t RS_NET_CONN_TCP_EXTERNAL = 0x0002; -const uint32_t RS_NET_CONN_TCP_UNKNOW_TOPOLOGY = 0x0003; -const uint32_t RS_NET_CONN_UDP = 0x0010; +const uint32_t RS_NET_CONN_TCP_UNKNOW_TOPOLOGY = 0x0004; +const uint32_t RS_NET_CONN_UDP_DHT_SYNC = 0x0010; +const uint32_t RS_NET_CONN_UDP_PEER_SYNC = 0x0020; /* coming soon */ /* extra flags */ // not sure if needed yet. @@ -96,8 +96,8 @@ const uint32_t RS_NET_CONN_UDP = 0x0010; /* flags of peerStatus */ const uint32_t RS_NET_FLAGS_USE_DISC = 0x0001; -const uint32_t RS_NET_FLAGS_USE_DHT = 0x0002; -const uint32_t RS_NET_FLAGS_ONLINE = 0x0004; +const uint32_t RS_NET_FLAGS_USE_DHT = 0x0002; +const uint32_t RS_NET_FLAGS_ONLINE = 0x0004; const uint32_t RS_NET_FLAGS_EXTERNAL_ADDR = 0x0008; const uint32_t RS_NET_FLAGS_STABLE_UDP = 0x0010; const uint32_t RS_NET_FLAGS_TRUSTS_ME = 0x0020; @@ -111,7 +111,7 @@ class peerAddrInfo bool found; uint32_t type; - struct sockaddr_in laddr, raddr; + pqiIpAddrSet addrs; time_t ts; }; @@ -129,33 +129,16 @@ class peerConnectAddress class peerConnectState { - private: - std::list ipAddressList; - public: peerConnectState(); /* init */ - std::string id; - std::string gpg_id; + std::string id; + std::string gpg_id; uint32_t netMode; /* EXT / UPNP / UDP / INVALID */ uint32_t visState; /* STD, GRAY, DARK */ - //used to store friends ip lists - void sortIpAddressListBySeenTime(); //Sort the ip list ordering by seen time - std::list getIpAddressList(); //return the sorted ant purged list. - - // The function that takes a list, can either merge the list into the - // existing list (default behavior), or only set the list to the new data, - // which might be used if the info is from an authoritative source. - // - void updateIpAddressList(const std::list& ipTimedList,bool merge=true); - void updateIpAddressList(const IpAddressTimed& ipTimed); - void printIpAddressList(); - - static bool is_same_address (const IpAddressTimed& first, const IpAddressTimed& second); - static void printIpAddressList(std::list ipTimedList); - static bool extractExtAddress(const std::list& ipAddressList, IpAddressTimed &resultAddress); //extract the last seen external address from the list + struct sockaddr_in localaddr, serveraddr; //used to store current ip (for config and connection management) struct sockaddr_in currentlocaladdr; /* Mandatory */ @@ -164,6 +147,9 @@ class peerConnectState time_t lastcontact; + /* list of addresses from various sources */ + pqiIpAddrSet ipAddrs; + /***** Below here not stored permanently *****/ uint32_t connecttype; // RS_NET_CONN_TCP_ALL / RS_NET_CONN_UDP_ALL @@ -186,8 +172,37 @@ class peerConnectState peerConnectAddress currentConnAddrAttempt; std::list connAddrs; + }; +class pqiNetStatus +{ + public: + + pqiNetStatus(); + + bool mLocalAddrOk; // Local address is not loopback. + bool mExtAddrOk; // have external address. + bool mExtAddrStableOk; // stable external address. + bool mUpnpOk; // upnp is ok. + bool mDhtOk; // dht is ok. + + struct sockaddr_in mLocalAddr; // percieved ext addr. + struct sockaddr_in mExtAddr; // percieved ext addr. + + bool mResetReq; // Not Used yet!. + + void print(std::ostream &out); + + bool NetOk() // minimum to believe network is okay.` + { + return (mLocalAddrOk && mExtAddrOk); + } +}; + +class p3tunnel; + + std::string textPeerConnectState(peerConnectState &state); @@ -203,9 +218,9 @@ void tick(); void addNetAssistConnect(uint32_t type, pqiNetAssistConnect *); void addNetAssistFirewall(uint32_t type, pqiNetAssistFirewall *); -bool checkNetAddress(); /* check our address is sensible */ +void addNetListener(pqiNetListener *listener); -void addNetListener(pqiNetListener *listener); +bool checkNetAddress(); /* check our address is sensible */ /*************** External Control ****************/ bool shutdown(); /* blocking shutdown call */ @@ -216,11 +231,12 @@ bool getUPnPState(); bool getUPnPEnabled(); bool getDHTEnabled(); -bool getIPServersEnabled() { return use_extr_addr_finder ;} +bool getIPServersEnabled(); void setIPServersEnabled(bool b) ; void getIPServersList(std::list& ip_servers) ; -void setTunnelConnection(bool b) ; -bool getTunnelConnection() { return allow_tunnel_connection ;} + +void setTunnelConnection(bool b); +bool getTunnelConnection(); bool getNetStatusLocalOk(); bool getNetStatusUpnpOk(); @@ -228,11 +244,15 @@ bool getNetStatusDhtOk(); bool getNetStatusStunOk(); bool getNetStatusExtraAddressCheckOk(); +bool getUpnpExtAddress(struct sockaddr_in &addr); +bool getExtFinderAddress(struct sockaddr_in &addr); +void getNetStatus(pqiNetStatus &status); + void setOwnNetConfig(uint32_t netMode, uint32_t visState); bool setLocalAddress(std::string id, struct sockaddr_in addr); bool setExtAddress(std::string id, struct sockaddr_in addr); bool setDynDNS(std::string id, std::string dyndns); -bool updateAddressList(const std::string& id, const std::list& IpAddressTimedList,bool merge = true); +bool updateAddressList(const std::string& id, const pqiIpAddrSet &addrs); bool setNetworkMode(std::string id, uint32_t netMode); bool setVisState(std::string id, uint32_t visState); @@ -268,25 +288,17 @@ void addMonitor(pqiMonitor *mon); void removeMonitor(pqiMonitor *mon); /******* overloaded from pqiConnectCb *************/ -virtual void peerStatus(std::string id, - struct sockaddr_in laddr, struct sockaddr_in raddr, +virtual void peerStatus(std::string id, const pqiIpAddrSet &addrs, uint32_t type, uint32_t flags, uint32_t source); virtual void peerConnectRequest(std::string id, struct sockaddr_in raddr, uint32_t source); -virtual void stunStatus(std::string id, struct sockaddr_in raddr, uint32_t type, uint32_t flags); +//virtual void stunStatus(std::string id, struct sockaddr_in raddr, uint32_t type, uint32_t flags); /****************** Connections *******************/ bool connectAttempt(std::string id, struct sockaddr_in &addr, uint32_t &delay, uint32_t &period, uint32_t &type); bool connectResult(std::string id, bool success, uint32_t flags, struct sockaddr_in remote_peer_address); -bool doNextAttempt(std::string id); -p3tunnel* getP3tunnel(); -void setP3tunnel(p3tunnel *p3tun); - -bool getUpnpExtAddress(struct sockaddr_in &addr); -bool getStunExtAddress(struct sockaddr_in &addr); -bool getExtFinderExtAddress(struct sockaddr_in &addr); protected: @@ -307,9 +319,6 @@ bool netAssistFirewallPorts(uint16_t iport, uint16_t eport); /* Assist Connect */ virtual bool netAssistFriend(std::string id, bool on); -virtual bool netAssistAddStun(std::string id); -virtual bool netAssistStun(bool on); -virtual bool netAssistNotify(std::string id); virtual bool netAssistSetAddress( struct sockaddr_in &laddr, struct sockaddr_in &eaddr, uint32_t mode); @@ -327,7 +336,6 @@ void netDhtInit(); void netUdpInit(); void netStunInit(); -void netStatusReset(); void netInit(); @@ -338,17 +346,8 @@ void netExtCheck(); void netUpnpInit(); void netUpnpCheck(); -void netExtFinderAddressCheck(); void netUnreachableCheck(); - /* Udp / Stun functions */ -void udpStunPeer(std::string id, struct sockaddr_in &addr); - -void stunInit(); -bool stunCheck(); -void stunCollect(std::string id, struct sockaddr_in addr, uint32_t flags); -bool addBootstrapStunPeers(); - void networkConsistencyCheck(); /* monitor control */ @@ -356,10 +355,6 @@ void tickMonitors(); /* connect attempts */ bool retryConnectTCP(std::string id); -bool retryConnectNotify(std::string id); - - /* temporary for testing */ -//virtual void loadConfiguration() { return; } protected: /*****************************************************************/ @@ -370,74 +365,47 @@ bool retryConnectNotify(std::string id); virtual bool loadList(std::list load); /*****************************************************************/ - -#if 0 - -void setupOwnNetConfig(RsPeerConfigItem *item); -void addPeer(RsPeerConfigItem *item); - -#endif +//void setupOwnNetConfig(RsPeerConfigItem *item); +//void addPeer(RsPeerConfigItem *item); private: + // These should have there own Mutex Protection, + //p3tunnel *mP3tunnel; + ExtAddrFinder *mExtAddrFinder ; - p3tunnel *mP3tunnel; - - uint32_t retry_period; - + /* These are considered static from a MUTEX perspective */ std::map mFwAgents; std::map mDhts; + std::list mNetListeners; + + RsMutex connMtx; /* protects below */ - std::list mNetListeners; - void stopListeners(); - void startListeners(); +void netStatusReset_locked(); + + uint32_t mRetryPeriod; time_t mNetInitTS; uint32_t mNetStatus; - bool mListenerActive; - - uint32_t mStunStatus; - uint32_t mStunFound; - bool mStunMoreRequired; bool mStatusChanged; std::list clients; - ExtAddrFinder *mExtAddrFinder ; - bool use_extr_addr_finder ; - bool allow_tunnel_connection ; + bool mUseExtAddrFinder; + bool mAllowTunnelConnection; /* external Address determination */ //bool mUpnpAddrValid, mStunAddrValid; - //bool mStunAddrStable; //struct sockaddr_in mUpnpExtAddr; - struct sockaddr_in mStunExtAddr; /* network status flags (read by rsiface) */ - bool netFlagLocalOk; - bool netFlagUpnpOk; - bool netFlagDhtOk; - bool netFlagStunOk; - bool netFlagExtraAddressCheckOk; + pqiNetStatus mNetFlags; + pqiNetStatus mOldNetFlags; - /* old network status flags in order to detect changes */ - bool oldnetFlagLocalOk; - bool oldnetFlagUpnpOk; - bool oldnetFlagDhtOk; - bool oldnetFlagStunOk; - bool oldnetFlagExtraAddressCheckOk; + peerConnectState mOwnState; -public: - peerConnectState ownState; - -protected: - -void addPeer(std::string id, std::string name); /* tmp fn */ - - - std::list mStunList; std::map mFriendList; std::map mOthersList; }; diff --git a/libretroshare/src/pqi/p3dhtmgr.cc b/libretroshare/src/pqi/p3dhtmgr.cc index 30fc3bf16..d0dadee70 100644 --- a/libretroshare/src/pqi/p3dhtmgr.cc +++ b/libretroshare/src/pqi/p3dhtmgr.cc @@ -1756,14 +1756,28 @@ bool p3DhtMgr::dhtResultSearch(std::string idhash, if (doCb) { - std::list ipAddressList; - mConnCb->peerStatus(ent.id, ent.laddr, ent.raddr, - ent.type, 0, RS_CB_DHT); + pqiIpAddrSet addrs; + + pqiIpAddress laddr; + laddr.mAddr = ent.laddr; + laddr.mSeenTime = time(NULL); + laddr.mSrc = RS_CB_DHT; + + addrs.updateLocalAddrs(laddr); + + pqiIpAddress eaddr; + eaddr.mAddr = ent.raddr; + eaddr.mSeenTime = time(NULL); + eaddr.mSrc = RS_CB_DHT; + + addrs.updateExtAddrs(eaddr); + + mConnCb->peerStatus(ent.id, addrs, ent.type, 0, RS_CB_DHT); } if (doStun) { - mConnCb->stunStatus(idhash, raddr, type, stunFlags); + //mConnCb->stunStatus(idhash, raddr, type, stunFlags); } return true; diff --git a/libretroshare/src/pqi/pqimonitor.cc b/libretroshare/src/pqi/pqimonitor.cc index adefe766d..319b515bd 100644 --- a/libretroshare/src/pqi/pqimonitor.cc +++ b/libretroshare/src/pqi/pqimonitor.cc @@ -25,6 +25,7 @@ #include "pqi/pqimonitor.h" #include "pqi/pqinetwork.h" +#include "pqi/pqiipset.h" #include "util/rsprint.h" /***** DUMMY Connect CB for testing *****/ @@ -43,22 +44,20 @@ pqiConnectCbDummy::~pqiConnectCbDummy() return; } -void pqiConnectCbDummy::peerStatus(std::string id, - struct sockaddr_in laddr, struct sockaddr_in raddr, +void pqiConnectCbDummy::peerStatus(std::string id, const pqiIpAddrSet &addrs, uint32_t type, uint32_t mode, uint32_t source) { std::cerr << "pqiConnectCbDummy::peerStatus()"; std::cerr << " id: " << id; - - std::cerr << " laddr: " << inet_ntoa(laddr.sin_addr); - std::cerr << " lport: " << ntohs(laddr.sin_port); - std::cerr << " raddr: " << inet_ntoa(raddr.sin_addr); - std::cerr << " rport: " << ntohs(raddr.sin_port); - std::cerr << " type: " << type; std::cerr << " mode: " << mode; std::cerr << " source: " << source; std::cerr << std::endl; + + std::cerr << " addrs: "; + std::cerr << std::endl; + addrs.printAddrs(std::cerr); + std::cerr << std::endl; } void pqiConnectCbDummy::peerConnectRequest(std::string id, @@ -72,6 +71,7 @@ void pqiConnectCbDummy::peerConnectRequest(std::string id, std::cerr << std::endl; } +#if 0 void pqiConnectCbDummy::stunStatus(std::string id, struct sockaddr_in raddr, uint32_t type, uint32_t flags) { @@ -82,5 +82,6 @@ void pqiConnectCbDummy::stunStatus(std::string id, struct sockaddr_in raddr, std::cerr << " flags: " << flags; std::cerr << std::endl; } +#endif diff --git a/libretroshare/src/pqi/pqimonitor.h b/libretroshare/src/pqi/pqimonitor.h index 86fd091ff..31cda2c3b 100644 --- a/libretroshare/src/pqi/pqimonitor.h +++ b/libretroshare/src/pqi/pqimonitor.h @@ -34,6 +34,7 @@ #include #include #include +#include "pqi/pqiipset.h" /************** Define Type/Mode/Source ***************/ @@ -93,7 +94,7 @@ virtual ~pqiMonitor() { return; } void setConnectionMgr(p3ConnectMgr *cm) { mConnMgr = cm; } virtual void statusChange(const std::list &plist) = 0; - +//virtual void ownStatusChange(pqipeer &) { return; } // SIGNAL reset or similar. //virtual void peerStatus(std::string id, uint32_t mode) = 0; protected: @@ -107,14 +108,13 @@ class pqiConnectCb { public: virtual ~pqiConnectCb() { return; } -virtual void peerStatus(std::string id, - struct sockaddr_in laddr, struct sockaddr_in raddr, +virtual void peerStatus(std::string id, const pqiIpAddrSet &addrs, uint32_t type, uint32_t flags, uint32_t source) = 0; virtual void peerConnectRequest(std::string id, struct sockaddr_in raddr, uint32_t source) = 0; -virtual void stunStatus(std::string id, struct sockaddr_in raddr, uint32_t type, uint32_t flags) = 0; +//virtual void stunStatus(std::string id, struct sockaddr_in raddr, uint32_t type, uint32_t flags) = 0; }; @@ -124,14 +124,13 @@ class pqiConnectCbDummy: public pqiConnectCb public: pqiConnectCbDummy(); virtual ~pqiConnectCbDummy(); -virtual void peerStatus(std::string id, - struct sockaddr_in laddr, struct sockaddr_in raddr, +virtual void peerStatus(std::string id, const pqiIpAddrSet &addrs, uint32_t type, uint32_t mode, uint32_t source); virtual void peerConnectRequest(std::string id, struct sockaddr_in raddr, uint32_t source); -virtual void stunStatus(std::string id, struct sockaddr_in raddr, uint32_t type, uint32_t flags); +//virtual void stunStatus(std::string id, struct sockaddr_in raddr, uint32_t type, uint32_t flags); }; diff --git a/libretroshare/src/pqi/pqiperson.cc b/libretroshare/src/pqi/pqiperson.cc index 219cce741..cc474f162 100644 --- a/libretroshare/src/pqi/pqiperson.cc +++ b/libretroshare/src/pqi/pqiperson.cc @@ -408,6 +408,10 @@ int pqiperson::connect(uint32_t type, struct sockaddr_in raddr, uint32_t delay, std::cerr << out.str(); //pqioutput(PQL_DEBUG_BASIC, pqipersonzone, out.str()); #endif + /* notify of fail! */ + + pqipg->notifyConnect(PeerId(), type, false, raddr); + return 0; } diff --git a/libretroshare/src/pqi/pqiperson.h b/libretroshare/src/pqi/pqiperson.h index d18b9aa75..3e6478c33 100644 --- a/libretroshare/src/pqi/pqiperson.h +++ b/libretroshare/src/pqi/pqiperson.h @@ -50,7 +50,7 @@ class pqiconnect: public pqistreamer, public NetInterface public: pqiconnect(RsSerialiser *rss, NetBinInterface *ni_in) :pqistreamer(rss, ni_in->PeerId(), ni_in, 0), // pqistreamer will cleanup NetInterface. - NetInterface(NULL, ni_in->PeerId()), // No need for callback. + NetInterface(NULL, ni_in->PeerId()), // No need for callback ni(ni_in) { if (!ni_in) diff --git a/libretroshare/src/pqi/pqipersongrp.cc b/libretroshare/src/pqi/pqipersongrp.cc index 15bcdfc95..7c1f20e8a 100644 --- a/libretroshare/src/pqi/pqipersongrp.cc +++ b/libretroshare/src/pqi/pqipersongrp.cc @@ -479,12 +479,18 @@ int pqipersongrp::connectPeer(std::string id) ptype = PQI_CONNECT_TUNNEL; timeout = period * 2; #ifdef PGRP_DEBUG - std::cerr << " pqipersongrp::connectPeer() connecting with UDP: Timeout :" << timeout; + std::cerr << " pqipersongrp::connectPeer() connecting with Tunnel: Timeout :" << timeout; std::cerr << std::endl; #endif } else + { +#ifdef PGRP_DEBUG + std::cerr << " pqipersongrp::connectPeer() Ignoring Unknown Type:" << type; + std::cerr << std::endl; +#endif return 0; + } p->connect(ptype, addr, delay, period, timeout); diff --git a/libretroshare/src/pqi/pqissltunnel.cc b/libretroshare/src/pqi/pqissltunnel.cc index b86eff26d..727f41a53 100644 --- a/libretroshare/src/pqi/pqissltunnel.cc +++ b/libretroshare/src/pqi/pqissltunnel.cc @@ -90,7 +90,7 @@ const int pqisslzone = 37714; * */ -pqissltunnel::pqissltunnel(PQInterface *parent, p3ConnectMgr *cm) +pqissltunnel::pqissltunnel(PQInterface *parent, p3ConnectMgr *cm, p3tunnel *p3t) :NetBinInterface(parent, parent->PeerId()), mConnMgr(cm) { active = false; @@ -108,7 +108,7 @@ pqissltunnel::pqissltunnel(PQInterface *parent, p3ConnectMgr *cm) // rslog(RSL_ALERT, pqisslzone, // "\t pqissltunnel will not initialise...."); // } - mP3tunnel = mConnMgr->getP3tunnel(); + mP3tunnel = p3t; current_data_offset = 0; curent_data_packet.length = 0; diff --git a/libretroshare/src/pqi/pqissltunnel.h b/libretroshare/src/pqi/pqissltunnel.h index 2faa34ad4..ef3ae6987 100644 --- a/libretroshare/src/pqi/pqissltunnel.h +++ b/libretroshare/src/pqi/pqissltunnel.h @@ -74,7 +74,7 @@ struct data_with_length { class pqissltunnel: public NetBinInterface { public: - pqissltunnel(PQInterface *parent, p3ConnectMgr *cm); + pqissltunnel(PQInterface *parent, p3ConnectMgr *cm, p3tunnel *p3t); virtual ~pqissltunnel(); // NetInterface