Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-01-16 09:57:19 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

corrected missing return, added some debug printfs

Browse Source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@2116 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2010-01-24 13:59:22 +00:00
parent 76cce0c7d2
commit fb1e030cb6
2 changed files with 97 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
libretroshare/src/pqi/authgpg.cc
View File

@ -293,6 +293,7 @@ bool AuthGPG::storeAllKeys_timed() {
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
storeAllKeys_locked();
}
return true ;
}
// store all keys in map mKeyList to avoid callin gpgme exe repeatedly
@ -961,44 +962,44 @@ bool AuthGPG::getGPGAllList(std::list<std::string> &ids)
bool AuthGPG::getGPGDetails(std::string id, RsPeerDetails &d)
{
#ifdef GPG_DEBUG
std::cerr << "AuthGPG::getPGPDetails() called for : " << id << std::endl;
std::cerr << "AuthGPG::getPGPDetails() called for : " << id << std::endl;
#endif
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/
/* add an id for each pgp certificate */
certmap::iterator it;
if (mKeyList.end() != (it = mKeyList.find(id))) {
d.id = it->second.id; //keep, it but can be bug gen
d.gpg_id = it->second.id;
d.name = it->second.name;
d.email = it->second.email;
d.trustLvl = it->second.trustLvl;
d.validLvl = it->second.validLvl;
d.ownsign = it->second.ownsign;
d.gpgSigners = it->second.signers;
d.fpr = it->second.fpr;
/* add an id for each pgp certificate */
certmap::iterator it;
if (mKeyList.end() != (it = mKeyList.find(id)))
{
d.id = it->second.id; //keep, it but can be bug gen
d.gpg_id = it->second.id;
d.name = it->second.name;
d.email = it->second.email;
d.trustLvl = it->second.trustLvl;
d.validLvl = it->second.validLvl;
d.ownsign = it->second.ownsign;
d.gpgSigners = it->second.signers;
d.fpr = it->second.fpr;
d.accept_connection = it->second.accept_connection;
d.accept_connection = it->second.accept_connection;
//did the peer signed me ?
d.hasSignedMe = false;
std::list<std::string>::iterator signersIt;
for(signersIt = mOwnGpgCert.signers.begin(); signersIt != mOwnGpgCert.signers.end() ; ++signersIt) {
if (*signersIt == d.id) {
d.hasSignedMe = true;
break;
}
}
//did the peer signed me ?
d.hasSignedMe = false;
std::list<std::string>::iterator signersIt;
for(signersIt = mOwnGpgCert.signers.begin(); signersIt != mOwnGpgCert.signers.end() ; ++signersIt)
if (*signersIt == d.id)
{
d.hasSignedMe = true;
break;
}
#ifdef GPG_DEBUG
std::cerr << "AuthGPG::getPGPDetails() Name : " << it->second.name << std::endl;
std::cerr << "AuthGPG::getPGPDetails() Name : " << it->second.name << std::endl;
#endif
return true;
} else {
return false;
}
return true;
}
return false;
}
bool AuthGPG::decryptText(gpgme_data_t CIPHER, gpgme_data_t PLAIN) {
@ -1898,21 +1899,25 @@ static gpg_error_t keySignCallback(void *opaque, gpgme_status_code_t status, \
}
if (result)
{
{
fprintf(stderr,"keySignCallback result:%s\n", result);
#ifndef WINDOWS_SYS
if (*result)
{
write (fd, result, strlen (result));
write (fd, "\n", 1);
write (fd, "\n", 1);
}
#else
DWORD written = 0;
HANDLE winFd = (HANDLE) fd;
if (*result)
{
WriteFile(winFd, result, strlen(result), &written, NULL);
WriteFile(winFd, "\n", 1, &written, NULL);
WriteFile(winFd, "\n", 1, &written, NULL);
}
#endif
}
}
fprintf(stderr,"keySignCallback Error status\n");
ProcessPGPmeError(params->err);

92
libretroshare/src/pqi/authssl.cc
View File

@ -1147,6 +1147,7 @@ bool AuthSSL::SignDataBin(const void *data, const uint32_t len,
return true;
}
#define AUTHSSL_DEBUG2
bool AuthSSL::VerifySignBin(const void *data, const uint32_t len,
unsigned char *sign, unsigned int signlen)
@ -1154,13 +1155,21 @@ bool AuthSSL::VerifySignBin(const void *data, const uint32_t len,
RsStackMutex stack(sslMtx); /***** STACK LOCK MUTEX *****/
/* find the peer */
#ifdef AUTHSSL_DEBUG2
std::cerr << "In AuthSSL::VerifySignBin" << std::endl ;
#endif
sslcert *peer = mOwnCert;
EVP_PKEY *peerkey = peer->certificate->cert_info->key->pkey;
if(peerkey == NULL)
{
#ifdef AUTHSSL_DEBUG2
std::cerr << "AuthSSL::VerifySignBin: no public key available !!" << std::endl ;
#endif
return false ;
}
EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
@ -1182,6 +1191,9 @@ bool AuthSSL::VerifySignBin(const void *data, const uint32_t len,
if(signlen == 0 || sign == NULL)
{
#ifdef AUTHSSL_DEBUG2
std::cerr << "AuthSSL::VerifySignBin: signlen=" << signlen << ", sign=" << (void*)sign << "!!" << std::endl ;
#endif
EVP_MD_CTX_destroy(mdctx);
return false ;
}
@ -1679,7 +1691,7 @@ bool getX509id(X509 *x509, std::string &xid) {
/* switched to the other end of the signature. for
* more randomness
*/
for(uint32_t i = signlen - CERTSIGNLEN; i < signlen; i++)
for(int i = signlen - CERTSIGNLEN; i < signlen; i++)
{
id << std::hex << std::setw(2) << std::setfill('0')
<< (uint16_t) (((uint8_t *) (signdata))[i]);
@ -1907,7 +1919,9 @@ bool AuthSSL::AuthX509(X509 *x509)
/* extract CN for peer Id */
std::string issuer = getX509CNString(x509->cert_info->issuer);
RsPeerDetails pd;
if (!AuthGPG::getAuthGPG()->getGPGDetails(issuer, pd)) {
std::cerr << "Checking GPG issuer : " << issuer << std::endl ;
if (!AuthGPG::getAuthGPG()->getGPGDetails(issuer, pd))
{
std::cerr << "AuthSSL::AuthX509() X509 NOT authenticated : AuthGPG::getAuthGPG()->getGPGDetails() returned false." << std::endl;
return false;
}
@ -1991,6 +2005,10 @@ bool AuthSSL::AuthX509(X509 *x509)
/* NOW check sign via GPG Functions */
//get the fingerprint of the key that is supposed to sign
std::cerr << "AuthSSL::AuthX509() verifying the gpg sig with keyprint : " << pd.fpr << std::endl;
std::cerr << "Sigoutl = " << sigoutl << std::endl ;
std::cerr << "pd.fpr = " << pd.fpr << std::endl ;
std::cerr << "hashoutl = " << hashoutl << std::endl ;
if (!AuthGPG::getAuthGPG()->VerifySignBin(buf_hashout, hashoutl, buf_sigout, (unsigned int) sigoutl, pd.fpr)) {
sigoutl = 0;
goto err;
@ -2007,20 +2025,29 @@ bool AuthSSL::AuthX509(X509 *x509)
bool AuthSSL::ValidateCertificate(X509 *x509, std::string &peerId)
{
/* check self signed */
if (!AuthX509(x509) || !getX509id(x509, peerId)) {
if (!AuthX509(x509))
{
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::ValidateCertificate() bad certificate.";
std::cerr << std::endl;
std::cerr << "AuthSSL::ValidateCertificate() bad certificate.";
std::cerr << std::endl;
#endif
return false;
return false;
}
if(!getX509id(x509, peerId))
{
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::ValidateCertificate() Cannot retrieve peer id from certificate..";
std::cerr << std::endl;
#endif
return false;
}
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::ValidateCertificate() good certificate.";
std::cerr << "AuthSSL::ValidateCertificate() good certificate.";
std::cerr << std::endl;
#endif
return true;
return true;
}
/* store for discovery */
@ -2039,6 +2066,8 @@ bool AuthSSL::encrypt(void *&out, int &outlen, const void *in, int inlen, std
out = malloc(inlen);
memcpy(out, in, inlen);
outlen = inlen;
return true ;
}
bool AuthSSL::decrypt(void *&out, int &outlen, const void *in, int inlen)
@ -2050,6 +2079,8 @@ bool AuthSSL::decrypt(void *&out, int &outlen, const void *in, int inlen)
out = malloc(inlen);
memcpy(out, in, inlen);
outlen = inlen;
return true ;
}
@ -2160,9 +2191,9 @@ int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx)
{
fprintf(stderr, "AuthSSL::VerifyX509Callback() pgp key not signed by ourself : \n");
fprintf(stderr, "issuer pgpid : ");
fprintf(stderr, pgpid.c_str());
fprintf(stderr, "%s\n",pgpid.c_str());
fprintf(stderr, "\n AuthGPG::getAuthGPG()->getGPGOwnId() : ");
fprintf(stderr, AuthGPG::getAuthGPG()->getGPGOwnId().c_str());
fprintf(stderr, "%s\n",AuthGPG::getAuthGPG()->getGPGOwnId().c_str());
fprintf(stderr, "\n");
return false;
}
@ -2176,9 +2207,9 @@ int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx)
{
fprintf(stderr, "AuthSSL::VerifyX509Callback() pgp key not signed by ourself : \n");
fprintf(stderr, "issuer pgpid : ");
fprintf(stderr, pgpid.c_str());
fprintf(stderr, "%s\n",pgpid.c_str());
fprintf(stderr, "\n AuthGPG::getAuthGPG()->getGPGOwnId() : ");
fprintf(stderr, AuthGPG::getAuthGPG()->getGPGOwnId().c_str());
fprintf(stderr, "%s\n",AuthGPG::getAuthGPG()->getGPGOwnId().c_str());
fprintf(stderr, "\n");
return false;
}
@ -2258,11 +2289,9 @@ int LoadCheckX509andGetLocation(const char *cert_file, std::string &location, st
FILE *tmpfp = fopen(cert_file, "r");
if (tmpfp == NULL)
{
#ifdef AUTHSSL_DEBUG
std::cerr << "sslroot::LoadCheckAndGetX509Name()";
std::cerr << " Failed to open Certificate File:" << cert_file;
std::cerr << std::endl;
#endif
return 0;
}
@ -2270,33 +2299,29 @@ int LoadCheckX509andGetLocation(const char *cert_file, std::string &location, st
X509 *x509 = PEM_read_X509(tmpfp, NULL, NULL, NULL);
fclose(tmpfp);
if(x509 == NULL)
{
std::cerr << "PEM_read_X509 failed !!" << std::endl ;
return false ;
}
// check the certificate.
bool valid = false;
if (x509)
//
if (AuthSSL::getAuthSSL()->ValidateCertificate(x509, userId))
location = getX509LocString(x509->cert_info->subject);
else
{
valid =AuthSSL::getAuthSSL()->ValidateCertificate(x509, userId);
}
if (valid)
{
// extract the name.
location = getX509LocString(x509->cert_info->subject);
std::cerr << "certificate validation failed !!" << std::endl ;
return false ;
}
std::cerr << "getX509LocString ok. Info:" << std::endl ;
std::cout << getX509Info(x509) << std::endl ;
// clean up.
X509_free(x509);
if (valid)
{
// happy!
return 1;
}
else
{
// something went wrong!
return 0;
}
return true ;
}
@ -2464,7 +2489,6 @@ std::string getX509Info(X509 *cert)
{
std::stringstream out;
long l;
int i,j;
out << "X509 Certificate:" << std::endl;
l=X509_get_version(cert);