mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-10-01 02:35:48 -04:00
6435357c07
the rewrite of the retroshare core networking stack. This check-in commits the changes to the pqi code, and provides the majority of the improvements. (1) Introduced new interfaces for DHT and UPnP abstraction: p3dhtmgr.h, p3upnpmgr.h (2) Introduces abstraction for Authentication: p3authmgr.h (3) New Connection Manager to coordinate networking code: p3connmgr.h (4) New Configuration Manager: p3cfgmgr.h This library has been significantly modified to support DHT synced connections to enable connections between Firewalled Friends. The connection code has been rewritten within a new framework, which should make extensions easier to code. Also removed significant amount of old code relating to Tunnels, Channels etc. This will be recycled later as higher level services that should not be part of the core networking library. git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@306 b45a01b8-16f6-495d-af2f-9b41ad6348cc
222 lines
5.5 KiB
C++
222 lines
5.5 KiB
C++
/*
|
|
* "$Id: xpgpcert.h,v 1.9 2007-04-15 18:45:18 rmf24 Exp $"
|
|
*
|
|
* 3P/PQI network interface for RetroShare.
|
|
*
|
|
* Copyright 2004-2006 by Robert Fernie.
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Library General Public
|
|
* License Version 2 as published by the Free Software Foundation.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Library General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Library General Public
|
|
* License along with this library; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
|
|
* USA.
|
|
*
|
|
* Please report all bugs and problems to "retroshare@lunamutt.com".
|
|
*
|
|
*/
|
|
|
|
|
|
|
|
#ifndef MRK_SSL_XPGP_CERT_HEADER
|
|
#define MRK_SSL_XPGP_CERT_HEADER
|
|
|
|
/* This is the trial XPGP version
|
|
*
|
|
* It has to be compiled against XPGP ssl version.
|
|
* this is only a hacked up version, merging
|
|
* (so both can operate in parallel will happen later)
|
|
*
|
|
*/
|
|
|
|
#include <openssl/ssl.h>
|
|
#include <openssl/evp.h>
|
|
|
|
#include <string>
|
|
#include <map>
|
|
|
|
#include "pqi_base.h"
|
|
#include "pqinetwork.h"
|
|
|
|
#include "pqiindic.h"
|
|
|
|
|
|
// helper fns.
|
|
int printSSLError(SSL *ssl, int retval, int err, unsigned long err2, std::ostream &out);
|
|
std::string getX509NameString(X509_NAME *name);
|
|
std::string getX509CNString(X509_NAME *name);
|
|
|
|
std::string getX509OrgString(X509_NAME *name);
|
|
std::string getX509LocString(X509_NAME *name);
|
|
std::string getX509CountryString(X509_NAME *name);
|
|
|
|
int LoadCheckXPGPandGetName(const char *cert_file, std::string &userName);
|
|
|
|
std::string convert_to_str(certsign &sign);
|
|
bool convert_to_certsign(std::string id, certsign &sign);
|
|
|
|
class sslroot;
|
|
|
|
class cert: public Person
|
|
{
|
|
public:
|
|
cert();
|
|
virtual ~cert();
|
|
|
|
virtual std::string Signature();
|
|
std::string Hash();
|
|
void Hash(std::string);
|
|
std::string PeerId() { return Signature(); }
|
|
|
|
XPGP *certificate;
|
|
std::string hash;
|
|
std::string peerid;
|
|
};
|
|
|
|
|
|
// returns pointer to static variable.
|
|
// which must be inited..
|
|
sslroot *getSSLRoot();
|
|
|
|
class sslroot
|
|
{
|
|
public:
|
|
sslroot();
|
|
int active();
|
|
int setcertdir(char *path);
|
|
int initssl(const char *srvr_cert, const char *priv_key,
|
|
const char *passwd);
|
|
int closessl();
|
|
|
|
/* Context handling */
|
|
SSL_CTX *getCTX();
|
|
|
|
/* Certificate handling */
|
|
int compareCerts(cert *a, cert *b);
|
|
|
|
// network interface.
|
|
|
|
// program interface.
|
|
int addCertificate(cert *c);
|
|
int addUntrustedCertificate(cert *c);
|
|
int addCollectedCertificate(cert *c);
|
|
|
|
int removeCertificate(cert *);
|
|
|
|
// Creation of Certificates.... (From X509)
|
|
// Core functions....
|
|
cert *checkDuplicateXPGP(XPGP *x);
|
|
cert *checkPeerXPGP(XPGP *x);
|
|
cert *makeCertificateXPGP(XPGP *c);
|
|
cert *registerCertificateXPGP(XPGP *nc, struct sockaddr_in, bool in);
|
|
|
|
int validateCertificateXPGP(cert *c);
|
|
|
|
/* Fns specific to XPGP */
|
|
int checkAuthCertificate(cert *xpgp);
|
|
int signCertificate(cert *);
|
|
int trustCertificate(cert *, bool totrust);
|
|
int superNodeMode();
|
|
int loadInitialTrustedPeer(std::string tp_file);
|
|
|
|
// depreciated...
|
|
cert *findpeercert(const char *name);
|
|
//int loadpeercert(const char *fname);
|
|
//int savepeercert(const char *fname);
|
|
|
|
// Configuration Handling...
|
|
int setConfigDirs(const char *cdir, const char *ndir);
|
|
|
|
// these save both the certificates + the settings.
|
|
int saveCertificates(const char *fname);
|
|
int saveCertificates();
|
|
int loadCertificates(const char *fname);
|
|
|
|
// with a hash check/recalc in there for good measure.
|
|
cert * loadcertificate(const char* fname, std::string hash);
|
|
int savecertificate(cert *c, const char* fname);
|
|
|
|
// for sending stuff as text
|
|
cert * loadCertFromString(std::string pem);
|
|
std::string saveCertAsString(cert *c);
|
|
|
|
// digest hashing /signing or encrypting interface.
|
|
int hashFile(std::string fname, unsigned char *hash, unsigned int hlen);
|
|
int hashDigest(char *data, unsigned int dlen, unsigned char *hash, unsigned int hlen);
|
|
int signDigest(EVP_PKEY *key, char *data, unsigned int dlen, unsigned char *hash, unsigned int hlen);
|
|
int verifyDigest(EVP_PKEY *key, char *data, unsigned int dlen, unsigned char *enc, unsigned int elen);
|
|
int generateKeyPair(EVP_PKEY *keypair, unsigned int keylen);
|
|
|
|
|
|
|
|
int printCertificate(cert *, std::ostream &out);
|
|
/* removing the list of certificate names - ambiguity!
|
|
*
|
|
std::list<std::string> listCertificates();
|
|
*
|
|
*/
|
|
|
|
std::list<cert *> &getCertList();
|
|
|
|
cert * getOwnCert();
|
|
int checkNetAddress();
|
|
|
|
// extra list for certs that aren't in main list.
|
|
cert * getCollectedCert();
|
|
bool collectedCerts();
|
|
|
|
bool CertsChanged();
|
|
bool CertsMajorChanged();
|
|
void IndicateCertsChanged();
|
|
|
|
std::string getSetting(std::string opt);
|
|
void setSetting(std::string opt, std::string val);
|
|
|
|
|
|
/* Fns for relating cert signatures to structures */
|
|
cert *findPeerId(std::string id);
|
|
cert *findcertsign(certsign &sign);
|
|
int getcertsign(cert *c, certsign &sign);
|
|
int addtosignmap(cert *);
|
|
|
|
private: /* data */
|
|
std::list<cert *> peercerts;
|
|
std::list<cert *> allcerts;
|
|
std::list<cert *> collectedcerts;
|
|
|
|
// whenever a cert is added, it should also be put in the map.
|
|
std::map<certsign, cert *> signmap;
|
|
|
|
|
|
|
|
// General Configuration System
|
|
// easy it put it here - so it can be signed easily.
|
|
std::map<std::string, std::string> settings;
|
|
|
|
std::string certdir;
|
|
std::string neighbourdir;
|
|
std::string certfile;
|
|
|
|
SSL_CTX *sslctx;
|
|
int init;
|
|
|
|
Indicator certsChanged;
|
|
Indicator certsMajorChanged;
|
|
|
|
EVP_PKEY *pkey;
|
|
|
|
cert *own_cert;
|
|
|
|
XPGP_KEYRING *pgp_keyring;
|
|
|
|
};
|
|
|
|
#endif // MRK_SSL_XPGP_CERT_HEADER
|