Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-01-29 00:37:10 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

corrected missing return, added some debug printfs

Browse Source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@2116 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2010-01-24 13:59:22 +00:00
parent 76cce0c7d2
commit fb1e030cb6
2 changed files with 97 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
libretroshare/src/pqi/authgpg.cc
View File

@ -293,6 +293,7 @@ bool AuthGPG::storeAllKeys_timed() {
RsStackMutex stack(pgpMtx); /******* LOCKED ******/ RsStackMutex stack(pgpMtx); /******* LOCKED ******/
storeAllKeys_locked(); storeAllKeys_locked();
} }
return true ;
} }
// store all keys in map mKeyList to avoid callin gpgme exe repeatedly // store all keys in map mKeyList to avoid callin gpgme exe repeatedly
@ -961,44 +962,44 @@ bool AuthGPG::getGPGAllList(std::list<std::string> &ids)
bool AuthGPG::getGPGDetails(std::string id, RsPeerDetails &d) bool AuthGPG::getGPGDetails(std::string id, RsPeerDetails &d)
{ {
#ifdef GPG_DEBUG #ifdef GPG_DEBUG
std::cerr << "AuthGPG::getPGPDetails() called for : " << id << std::endl; std::cerr << "AuthGPG::getPGPDetails() called for : " << id << std::endl;
#endif #endif
storeAllKeys_timed(); storeAllKeys_timed();
RsStackMutex stack(pgpMtx); /******* LOCKED ******/ RsStackMutex stack(pgpMtx); /******* LOCKED ******/
/* add an id for each pgp certificate */ /* add an id for each pgp certificate */
certmap::iterator it; certmap::iterator it;
if (mKeyList.end() != (it = mKeyList.find(id))) { if (mKeyList.end() != (it = mKeyList.find(id)))
d.id = it->second.id; //keep, it but can be bug gen {
d.gpg_id = it->second.id; d.id = it->second.id; //keep, it but can be bug gen
d.name = it->second.name; d.gpg_id = it->second.id;
d.email = it->second.email; d.name = it->second.name;
d.trustLvl = it->second.trustLvl; d.email = it->second.email;
d.validLvl = it->second.validLvl; d.trustLvl = it->second.trustLvl;
d.ownsign = it->second.ownsign; d.validLvl = it->second.validLvl;
d.gpgSigners = it->second.signers; d.ownsign = it->second.ownsign;
d.fpr = it->second.fpr; d.gpgSigners = it->second.signers;
d.fpr = it->second.fpr;
d.accept_connection = it->second.accept_connection; d.accept_connection = it->second.accept_connection;
//did the peer signed me ? //did the peer signed me ?
d.hasSignedMe = false; d.hasSignedMe = false;
std::list<std::string>::iterator signersIt; std::list<std::string>::iterator signersIt;
for(signersIt = mOwnGpgCert.signers.begin(); signersIt != mOwnGpgCert.signers.end() ; ++signersIt) { for(signersIt = mOwnGpgCert.signers.begin(); signersIt != mOwnGpgCert.signers.end() ; ++signersIt)
if (*signersIt == d.id) { if (*signersIt == d.id)
d.hasSignedMe = true; {
break; d.hasSignedMe = true;
} break;
} }
#ifdef GPG_DEBUG #ifdef GPG_DEBUG
std::cerr << "AuthGPG::getPGPDetails() Name : " << it->second.name << std::endl; std::cerr << "AuthGPG::getPGPDetails() Name : " << it->second.name << std::endl;
#endif #endif
return true; return true;
} else { }
return false; return false;
}
} }
bool AuthGPG::decryptText(gpgme_data_t CIPHER, gpgme_data_t PLAIN) { bool AuthGPG::decryptText(gpgme_data_t CIPHER, gpgme_data_t PLAIN) {
@ -1898,21 +1899,25 @@ static gpg_error_t keySignCallback(void *opaque, gpgme_status_code_t status, \
} }
if (result) if (result)
{ {
fprintf(stderr,"keySignCallback result:%s\n", result); fprintf(stderr,"keySignCallback result:%s\n", result);
#ifndef WINDOWS_SYS #ifndef WINDOWS_SYS
if (*result) if (*result)
{
write (fd, result, strlen (result)); write (fd, result, strlen (result));
write (fd, "\n", 1); write (fd, "\n", 1);
}
#else #else
DWORD written = 0; DWORD written = 0;
HANDLE winFd = (HANDLE) fd; HANDLE winFd = (HANDLE) fd;
if (*result) if (*result)
{
WriteFile(winFd, result, strlen(result), &written, NULL); WriteFile(winFd, result, strlen(result), &written, NULL);
WriteFile(winFd, "\n", 1, &written, NULL); WriteFile(winFd, "\n", 1, &written, NULL);
}
#endif #endif
} }
fprintf(stderr,"keySignCallback Error status\n"); fprintf(stderr,"keySignCallback Error status\n");
ProcessPGPmeError(params->err); ProcessPGPmeError(params->err);

92
libretroshare/src/pqi/authssl.cc
View File

@ -1147,6 +1147,7 @@ bool AuthSSL::SignDataBin(const void *data, const uint32_t len,
return true; return true;
} }
#define AUTHSSL_DEBUG2
bool AuthSSL::VerifySignBin(const void *data, const uint32_t len, bool AuthSSL::VerifySignBin(const void *data, const uint32_t len,
unsigned char *sign, unsigned int signlen) unsigned char *sign, unsigned int signlen)
@ -1154,13 +1155,21 @@ bool AuthSSL::VerifySignBin(const void *data, const uint32_t len,
RsStackMutex stack(sslMtx); /***** STACK LOCK MUTEX *****/ RsStackMutex stack(sslMtx); /***** STACK LOCK MUTEX *****/
/* find the peer */ /* find the peer */
#ifdef AUTHSSL_DEBUG2
std::cerr << "In AuthSSL::VerifySignBin" << std::endl ;
#endif
sslcert *peer = mOwnCert; sslcert *peer = mOwnCert;
EVP_PKEY *peerkey = peer->certificate->cert_info->key->pkey; EVP_PKEY *peerkey = peer->certificate->cert_info->key->pkey;
if(peerkey == NULL) if(peerkey == NULL)
{
#ifdef AUTHSSL_DEBUG2
std::cerr << "AuthSSL::VerifySignBin: no public key available !!" << std::endl ;
#endif
return false ; return false ;
}
EVP_MD_CTX *mdctx = EVP_MD_CTX_create(); EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
@ -1182,6 +1191,9 @@ bool AuthSSL::VerifySignBin(const void *data, const uint32_t len,
if(signlen == 0 || sign == NULL) if(signlen == 0 || sign == NULL)
{ {
#ifdef AUTHSSL_DEBUG2
std::cerr << "AuthSSL::VerifySignBin: signlen=" << signlen << ", sign=" << (void*)sign << "!!" << std::endl ;
#endif
EVP_MD_CTX_destroy(mdctx); EVP_MD_CTX_destroy(mdctx);
return false ; return false ;
} }
@ -1679,7 +1691,7 @@ bool getX509id(X509 *x509, std::string &xid) {
/* switched to the other end of the signature. for /* switched to the other end of the signature. for
* more randomness * more randomness
*/ */
for(uint32_t i = signlen - CERTSIGNLEN; i < signlen; i++) for(int i = signlen - CERTSIGNLEN; i < signlen; i++)
{ {
id << std::hex << std::setw(2) << std::setfill('0') id << std::hex << std::setw(2) << std::setfill('0')
<< (uint16_t) (((uint8_t *) (signdata))[i]); << (uint16_t) (((uint8_t *) (signdata))[i]);
@ -1907,7 +1919,9 @@ bool AuthSSL::AuthX509(X509 *x509)
/* extract CN for peer Id */ /* extract CN for peer Id */
std::string issuer = getX509CNString(x509->cert_info->issuer); std::string issuer = getX509CNString(x509->cert_info->issuer);
RsPeerDetails pd; RsPeerDetails pd;
if (!AuthGPG::getAuthGPG()->getGPGDetails(issuer, pd)) { std::cerr << "Checking GPG issuer : " << issuer << std::endl ;
if (!AuthGPG::getAuthGPG()->getGPGDetails(issuer, pd))
{
std::cerr << "AuthSSL::AuthX509() X509 NOT authenticated : AuthGPG::getAuthGPG()->getGPGDetails() returned false." << std::endl; std::cerr << "AuthSSL::AuthX509() X509 NOT authenticated : AuthGPG::getAuthGPG()->getGPGDetails() returned false." << std::endl;
return false; return false;
} }
@ -1991,6 +2005,10 @@ bool AuthSSL::AuthX509(X509 *x509)
/* NOW check sign via GPG Functions */ /* NOW check sign via GPG Functions */
//get the fingerprint of the key that is supposed to sign //get the fingerprint of the key that is supposed to sign
std::cerr << "AuthSSL::AuthX509() verifying the gpg sig with keyprint : " << pd.fpr << std::endl; std::cerr << "AuthSSL::AuthX509() verifying the gpg sig with keyprint : " << pd.fpr << std::endl;
std::cerr << "Sigoutl = " << sigoutl << std::endl ;
std::cerr << "pd.fpr = " << pd.fpr << std::endl ;
std::cerr << "hashoutl = " << hashoutl << std::endl ;
if (!AuthGPG::getAuthGPG()->VerifySignBin(buf_hashout, hashoutl, buf_sigout, (unsigned int) sigoutl, pd.fpr)) { if (!AuthGPG::getAuthGPG()->VerifySignBin(buf_hashout, hashoutl, buf_sigout, (unsigned int) sigoutl, pd.fpr)) {
sigoutl = 0; sigoutl = 0;
goto err; goto err;
@ -2007,20 +2025,29 @@ bool AuthSSL::AuthX509(X509 *x509)
bool AuthSSL::ValidateCertificate(X509 *x509, std::string &peerId) bool AuthSSL::ValidateCertificate(X509 *x509, std::string &peerId)
{ {
/* check self signed */ /* check self signed */
if (!AuthX509(x509) || !getX509id(x509, peerId)) { if (!AuthX509(x509))
{
#ifdef AUTHSSL_DEBUG #ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::ValidateCertificate() bad certificate."; std::cerr << "AuthSSL::ValidateCertificate() bad certificate.";
std::cerr << std::endl; std::cerr << std::endl;
#endif #endif
return false; return false;
}
if(!getX509id(x509, peerId))
{
#ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::ValidateCertificate() Cannot retrieve peer id from certificate..";
std::cerr << std::endl;
#endif
return false;
} }
#ifdef AUTHSSL_DEBUG #ifdef AUTHSSL_DEBUG
std::cerr << "AuthSSL::ValidateCertificate() good certificate."; std::cerr << "AuthSSL::ValidateCertificate() good certificate.";
std::cerr << std::endl; std::cerr << std::endl;
#endif #endif
return true; return true;
} }
/* store for discovery */ /* store for discovery */
@ -2039,6 +2066,8 @@ bool AuthSSL::encrypt(void *&out, int &outlen, const void *in, int inlen, std
out = malloc(inlen); out = malloc(inlen);
memcpy(out, in, inlen); memcpy(out, in, inlen);
outlen = inlen; outlen = inlen;
return true ;
} }
bool AuthSSL::decrypt(void *&out, int &outlen, const void *in, int inlen) bool AuthSSL::decrypt(void *&out, int &outlen, const void *in, int inlen)
@ -2050,6 +2079,8 @@ bool AuthSSL::decrypt(void *&out, int &outlen, const void *in, int inlen)
out = malloc(inlen); out = malloc(inlen);
memcpy(out, in, inlen); memcpy(out, in, inlen);
outlen = inlen; outlen = inlen;
return true ;
} }
@ -2160,9 +2191,9 @@ int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx)
{ {
fprintf(stderr, "AuthSSL::VerifyX509Callback() pgp key not signed by ourself : \n"); fprintf(stderr, "AuthSSL::VerifyX509Callback() pgp key not signed by ourself : \n");
fprintf(stderr, "issuer pgpid : "); fprintf(stderr, "issuer pgpid : ");
fprintf(stderr, pgpid.c_str()); fprintf(stderr, "%s\n",pgpid.c_str());
fprintf(stderr, "\n AuthGPG::getAuthGPG()->getGPGOwnId() : "); fprintf(stderr, "\n AuthGPG::getAuthGPG()->getGPGOwnId() : ");
fprintf(stderr, AuthGPG::getAuthGPG()->getGPGOwnId().c_str()); fprintf(stderr, "%s\n",AuthGPG::getAuthGPG()->getGPGOwnId().c_str());
fprintf(stderr, "\n"); fprintf(stderr, "\n");
return false; return false;
} }
@ -2176,9 +2207,9 @@ int AuthSSL::VerifyX509Callback(int preverify_ok, X509_STORE_CTX *ctx)
{ {
fprintf(stderr, "AuthSSL::VerifyX509Callback() pgp key not signed by ourself : \n"); fprintf(stderr, "AuthSSL::VerifyX509Callback() pgp key not signed by ourself : \n");
fprintf(stderr, "issuer pgpid : "); fprintf(stderr, "issuer pgpid : ");
fprintf(stderr, pgpid.c_str()); fprintf(stderr, "%s\n",pgpid.c_str());
fprintf(stderr, "\n AuthGPG::getAuthGPG()->getGPGOwnId() : "); fprintf(stderr, "\n AuthGPG::getAuthGPG()->getGPGOwnId() : ");
fprintf(stderr, AuthGPG::getAuthGPG()->getGPGOwnId().c_str()); fprintf(stderr, "%s\n",AuthGPG::getAuthGPG()->getGPGOwnId().c_str());
fprintf(stderr, "\n"); fprintf(stderr, "\n");
return false; return false;
} }
@ -2258,11 +2289,9 @@ int LoadCheckX509andGetLocation(const char *cert_file, std::string &location, st
FILE *tmpfp = fopen(cert_file, "r"); FILE *tmpfp = fopen(cert_file, "r");
if (tmpfp == NULL) if (tmpfp == NULL)
{ {
#ifdef AUTHSSL_DEBUG
std::cerr << "sslroot::LoadCheckAndGetX509Name()"; std::cerr << "sslroot::LoadCheckAndGetX509Name()";
std::cerr << " Failed to open Certificate File:" << cert_file; std::cerr << " Failed to open Certificate File:" << cert_file;
std::cerr << std::endl; std::cerr << std::endl;
#endif
return 0; return 0;
} }
@ -2270,33 +2299,29 @@ int LoadCheckX509andGetLocation(const char *cert_file, std::string &location, st
X509 *x509 = PEM_read_X509(tmpfp, NULL, NULL, NULL); X509 *x509 = PEM_read_X509(tmpfp, NULL, NULL, NULL);
fclose(tmpfp); fclose(tmpfp);
if(x509 == NULL)
{
std::cerr << "PEM_read_X509 failed !!" << std::endl ;
return false ;
}
// check the certificate. // check the certificate.
bool valid = false; //
if (x509)
if (AuthSSL::getAuthSSL()->ValidateCertificate(x509, userId))
location = getX509LocString(x509->cert_info->subject);
else
{ {
valid =AuthSSL::getAuthSSL()->ValidateCertificate(x509, userId); std::cerr << "certificate validation failed !!" << std::endl ;
} return false ;
if (valid)
{
// extract the name.
location = getX509LocString(x509->cert_info->subject);
} }
std::cerr << "getX509LocString ok. Info:" << std::endl ;
std::cout << getX509Info(x509) << std::endl ; std::cout << getX509Info(x509) << std::endl ;
// clean up. // clean up.
X509_free(x509); X509_free(x509);
if (valid) return true ;
{
// happy!
return 1;
}
else
{
// something went wrong!
return 0;
}
} }
@ -2464,7 +2489,6 @@ std::string getX509Info(X509 *cert)
{ {
std::stringstream out; std::stringstream out;
long l; long l;
int i,j;
out << "X509 Certificate:" << std::endl; out << "X509 Certificate:" << std::endl;
l=X509_get_version(cert); l=X509_get_version(cert);