User-level changes:
==================
- libgpgme is not used anymore; it is replaced by a built-in piece of code called OpenPGP-SDK
(http://openpgp.nominet.org.uk/cgi-bin/trac.cgi) that was improved to be used by RetroShare
for handling PGP keys.
- the gnupg keyring is not used anymore. Now, RetroShare has it's own gpg keyring, shared by all instances.
On linux it's located in ~/.retroshare/pgp/. A lock system prevents multiple locations to read/write keyrings
simultaneously.
- the trust database from gnupg is not documented, so RetroShare cannot import it. This comes from the fact that
the GPG standard (RFC4880) asks explicitly not to export trust information. So RetroShare has it's own
trust DB shared by locations. This means you need to re-trust people. Sorry for that!
- at start, if no keyring is found, RS will propose to copy the gnupg keyring to use your existing keys. Clicking on
"OK" will do the copy, and you should find back all existing locations, except for DSA keys.
- locations for which the suitable keypair is not in the keyring will not be displayed in the login window
- locations for which the suitable keypair is not a RSA/RSA key will not be displayed. RetroShare does not
support DSA/Elgamal keypairs yet.
- a key import/export exchange function has been added in the certificate creation window (you go there from the login
window by clicking on "manage keys/locations". This allows to easily create a new location with the same pgp key on
another computer. To obtain a suitable keypair using gnupg, you need to concatenate the encrypted private key and the
public key into an ascii file. This can be done using:
gpg -a --export-secret-keys [your ID] > mykey.asc
gpg -a --export [your ID] >> mykey.asc
- importing a key with subkeys in not yet possible. Please remove subkeys before importing.
- The code has been tested for a reasonnable amount of time, but it's not possible to prevent some new bugs
to appear. Please report them asap supplying: call-stacks if possible, and terminal output. In particular,
openpgp has some assert()'s that should not be triggered unless RetroShare is calling it in an improper way.
Internal changes
================
- a specific component, PGPHandler, takes care of the interface between openpgp-sdk and RetroShare
openpgp-sdk is c-code, with it's own memory management, which has been kept well separated from
RetroShare.
- GPG Ids are now a specific class (not a std::string anymore) for code consistency reasons. As strings are
still used in many places, this requires a few conversions. In particular, AuthGPG takes strings as
function params and calls GPGHandler with the proper PGPIdType class. In the future, RetroShare should
only use PGPIdType. The same will be done for SSL ids.
- signature cleaning is still handled by the Retroshare built-in function, not by openpgp, but we will
do this later.
Still to do
===========
- DSA needs subkey handling, since the encryption is performed by a Elgamal subkey. Not sure this will be done.
- GPGIds/SSLIds cleaning (meaning replace strings by appropriate types). Lots of confusion throughout the code in retroshare-gui in particular.
- key removal from keyring. This is a challenge to keep locations synchronised.
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@5293 b45a01b8-16f6-495d-af2f-9b41ad6348cc
- Added missing check of file pointer in PGPHandler::decryptTextFromFile
- Added missing fclose of the ssl passphrase file in RsLoginHandler::getSSLPasswdFromGPGFile. Is this still needed, because PGPHandler::decryptTextFromFile does the same check?
- Fixed possible memory leak in ops_decrypt_memory.
git-svn-id: http://svn.code.sf.net/p/retroshare/code/branches/v0.5-OpenPGP@5222 b45a01b8-16f6-495d-af2f-9b41ad6348cc
Validated chunks are shared to other peers. Force check is now very simple since it just turns all chunks into "needs checking" mode
and sums are asked to sources. Sources maintain a temporary cache of chunks. Since sums are requested sparsely, this should not
affect the sources in terms of performance. We can still imagine precomputing and saving sha1 of chunks while hashing them.
For backward compatibility reasons, the following has been setup *temporarily* in this version:
- unvalidated chunks are still considered as already obtained, and are shared and saved
- force check has been disabled
- final file check is maintained
- in case of file fail, the old checking mode will be used.
All changes for next version are kept in the define 'USE_NEW_CHUNK_CHECKING_CODE' that will be made the default in a few weeks.
At start, I expect most chunk to stya yellow during download, until most sources are able to provide chunk hashs.
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@5019 b45a01b8-16f6-495d-af2f-9b41ad6348cc
- Updated English Email Invite (sorry guys, you'll have to redo translations).
- Set OSX default style to "Cleanlooks" - as AQUA style hides some windows.
- Updated Version strings to V0.5.3a. / 4874
- Fixed missing headers for plugin manager.
- Disabled ZEROCONF for OSX.
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@4874 b45a01b8-16f6-495d-af2f-9b41ad6348cc
- Hid lots of DEBUG_BASIC behind #defines in pqissl.
- Added PeerID() in many places, so grep for a single peer.
- fixed linkMgr output so we can tell a FAILURE vs FAILED ATTEMPT
- reduced most logging to a single line.
- print out of errno in HumanText for SSL errors.
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@4814 b45a01b8-16f6-495d-af2f-9b41ad6348cc
* Compilation for FreeBSD.
* Notes that MT is not cryptographically secure.
* modified sorting of DHT Window.
Only one change that I didn't commit:
bitdht {
- LIBS += ../../libbitdht/src/lib/libbitdht.a
- PRE_TARGETDEPS *= ../../libbitdht/src/lib/libbitdht.a
+ LIBS += ../../libbitdht/src/libbitdht.a
+ PRE_TARGETDEPS *= ../../libbitdht/src/libbitdht.a
}
As this would have broken compilation on the other platforms.
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@4619 b45a01b8-16f6-495d-af2f-9b41ad6348cc
- added a lock into ftTransferModule::recvFileData() (Crash reported by Costa due to storing data in a deleted transfer module)
- changed names of functions in ftTransferModules to locked_* when appropriate (helps debugging)
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@4612 b45a01b8-16f6-495d-af2f-9b41ad6348cc
- Moved ProfileView and ProfileEdit to the folder unfinished.
- Removed "location:" before the ssl name in FriendsDialog and MessengerWindow.
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@4567 b45a01b8-16f6-495d-af2f-9b41ad6348cc
* added retroshare/rsdht.h
* extended p3bitdht to provide RsDht interface. (p3bitdht_interface.cc)
* added UdpRelay to networking stack.
* started expansion of p3bitdht to handle connections.
* added <string> header to rsthreads.
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@4399 b45a01b8-16f6-495d-af2f-9b41ad6348cc
You can enable the debugging of the waiting time for a lock of RsMutex in rsthreads.h with
#define RSMUTEX_DEBUG 300
That means all locks waiting longer than 300ms are logged into the stderr.
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@4392 b45a01b8-16f6-495d-af2f-9b41ad6348cc
Major changes are:
* Improvements to tcponudp library to allow multiple UdpStacks / ports, with alternative recievers.
* Resurrected the UdpStunner code, and improved it.
* Added UdpRelay code.
* Modified startup code and ssludp code to use the new tcponudp and add a stunner.
* fixed buggy rs_inet_ntoa
* fixed a bunch of apple gcc warnings. mainly for(;;); => for(;;) ;
These changes shouldn't affect libretroshare stability... those changes will follow!
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@4359 b45a01b8-16f6-495d-af2f-9b41ad6348cc
