repos/pEpEngine: src/keymanagement.c@548e7dd045e5 (annotated)

vb@1517	1	// This file is under GNU General Public License 3.0
vb@1517	2	// see LICENSE.txt
vb@1517	3
vb@130	4	#include "platform.h"
vb@0	5
vb@0	6	#include <string.h>
vb@0	7	#include <stdio.h>
vb@0	8	#include <stdlib.h>
vb@0	9	#include <assert.h>
Edouard@512	10	#include <ctype.h>
vb@0	11
vb@217	12	#include "pEp_internal.h"
vb@0	13	#include "keymanagement.h"
vb@0	14
krista@1253	15	#include "blacklist.h"
edouard@1195	16
krista@2461	17	static bool key_matches_address(PEP_SESSION session, const char* address,
krista@2461	18	const char* fpr) {
krista@2461	19	if (!session \|\| !address \|\| !fpr)
krista@2461	20	return false;
krista@2461	21
krista@2461	22	bool retval = false;
krista@2461	23	stringlist_t *keylist = NULL;
krista@2461	24	PEP_STATUS status = find_keys(session, address, &keylist);
krista@2461	25	if (status == PEP_STATUS_OK && keylist) {
krista@2461	26	stringlist_t* curr = keylist;
krista@2461	27	while (curr) {
krista@2461	28	if (curr->value) {
krista@2461	29	if (strcasecmp(curr->value, fpr)) {
krista@2461	30	retval = true;
krista@2461	31	break;
krista@2461	32	}
krista@2461	33	}
krista@2461	34	curr = curr->next;
krista@2461	35	}
krista@2461	36	}
krista@2461	37
krista@2461	38	free_stringlist(keylist);
krista@2461	39	return retval;
krista@2461	40	}
vb@214	41
Edouard@774	42	PEP_STATUS elect_pubkey(
krista@2548	43	PEP_SESSION session, pEp_identity * identity, bool check_blacklist
Edouard@755	44	)
Edouard@755	45	{
Edouard@755	46	PEP_STATUS status;
roker@1559	47	stringlist_t *keylist = NULL;
krista@1342	48	char *_fpr = "";
Edouard@755	49	identity->comm_type = PEP_ct_unknown;
Edouard@755	50
Edouard@755	51	status = find_keys(session, identity->address, &keylist);
Edouard@755	52	assert(status != PEP_OUT_OF_MEMORY);
Edouard@755	53	if (status == PEP_OUT_OF_MEMORY)
Edouard@755	54	return PEP_OUT_OF_MEMORY;
krista@2461	55
krista@2461	56	if (!keylist \|\| !keylist->value)
krista@2461	57	identity->comm_type = PEP_ct_key_not_found;
krista@2461	58	else {
krista@2461	59	stringlist_t *_keylist;
krista@2461	60	for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
krista@2461	61	PEP_comm_type _comm_type_key;
Edouard@755	62
krista@2461	63	status = get_key_rating(session, _keylist->value, &_comm_type_key);
krista@2461	64	assert(status != PEP_OUT_OF_MEMORY);
krista@2461	65	if (status == PEP_OUT_OF_MEMORY) {
krista@2461	66	free_stringlist(keylist);
krista@2461	67	return PEP_OUT_OF_MEMORY;
krista@2461	68	}
krista@2461	69
krista@2593	70	if (_comm_type_key != PEP_ct_compromised &&
krista@2461	71	_comm_type_key != PEP_ct_unknown)
Edouard@755	72	{
krista@2461	73	if (identity->comm_type == PEP_ct_unknown \|\|
krista@2461	74	_comm_type_key > identity->comm_type)
krista@2461	75	{
krista@2548	76	bool blacklisted = false;
krista@2548	77	bool mistrusted = false;
krista@2471	78	status = is_mistrusted_key(session, _keylist->value, &mistrusted);
krista@2548	79	if (status == PEP_STATUS_OK && check_blacklist)
krista@2471	80	status = blacklist_is_listed(session, _keylist->value, &blacklisted);
krista@2471	81	if (status == PEP_STATUS_OK && !mistrusted && !blacklisted) {
krista@2461	82	identity->comm_type = _comm_type_key;
krista@2461	83	_fpr = _keylist->value;
krista@2461	84	}
krista@1275	85	}
Edouard@755	86	}
Edouard@755	87	}
Edouard@755	88	}
krista@1342	89	free(identity->fpr);
Edouard@755	90
krista@2471	91	if (!_fpr \|\| _fpr[0] == '\0')
krista@2471	92	identity->fpr = NULL;
krista@2471	93	else {
krista@2471	94	identity->fpr = strdup(_fpr);
krista@2471	95	if (identity->fpr == NULL) {
krista@2471	96	free_stringlist(keylist);
krista@2471	97	return PEP_OUT_OF_MEMORY;
krista@2471	98	}
Edouard@755	99	}
krista@2461	100
Edouard@755	101	free_stringlist(keylist);
Edouard@755	102	return PEP_STATUS_OK;
Edouard@755	103	}
Edouard@755	104
krista@3222	105
krista@3222	106	// own_must_contain_private is usually true when calling;
krista@3222	107	// we only set it to false when we have the idea of
krista@3222	108	// possibly having an own pubkey that we need to check on its own
krista@2461	109	static PEP_STATUS validate_fpr(PEP_SESSION session,
krista@2548	110	pEp_identity* ident,
krista@3222	111	bool check_blacklist,
krista@3222	112	bool own_must_contain_private) {
krista@2461	113
krista@2461	114	PEP_STATUS status = PEP_STATUS_OK;
krista@2461	115
krista@2461	116	if (!session \|\| !ident \|\| !ident->fpr \|\| !ident->fpr[0])
krista@2461	117	return PEP_ILLEGAL_VALUE;
krista@2461	118
krista@2461	119	char* fpr = ident->fpr;
krista@2461	120
krista@2461	121	bool has_private = false;
krista@3222	122	status = contains_priv_key(session, fpr, &has_private);
krista@2461	123
krista@3222	124	if (ident->me && own_must_contain_private) {
krista@2461	125	if (status != PEP_STATUS_OK \|\| !has_private)
krista@2461	126	return PEP_KEY_UNSUITABLE;
krista@2461	127	}
krista@3222	128	else if (status != PEP_STATUS_OK && has_private) // should never happen
krista@3222	129	has_private = false;
krista@2461	130
krista@2461	131	status = get_trust(session, ident);
krista@2461	132	if (status != PEP_STATUS_OK)
krista@2461	133	ident->comm_type = PEP_ct_unknown;
krista@2461	134
krista@2461	135	PEP_comm_type ct = ident->comm_type;
krista@2461	136
krista@2461	137	if (ct == PEP_ct_unknown) {
krista@2461	138	// If status is bad, it's ok, we get the rating
krista@2461	139	// we should use then (PEP_ct_unknown)
krista@2461	140	get_key_rating(session, fpr, &ct);
krista@2461	141	ident->comm_type = ct;
krista@2461	142	}
krista@3071	143	else if (ct == PEP_ct_key_expired \|\| ct == PEP_ct_key_expired_but_confirmed) {
krista@3071	144	PEP_comm_type ct_expire_check = PEP_ct_unknown;
krista@3071	145	get_key_rating(session, fpr, &ct_expire_check);
krista@3071	146	if (ct_expire_check >= PEP_ct_strong_but_unconfirmed) {
krista@3071	147	ident->comm_type = ct_expire_check;
krista@3071	148	if (ct == PEP_ct_key_expired_but_confirmed)
krista@3071	149	ident->comm_type \|= PEP_ct_confirmed;
krista@3071	150	ct = ident->comm_type;
krista@3071	151	// We need to fix this trust in the DB.
krista@3071	152	status = set_trust(session, ident);
krista@3071	153	}
krista@3071	154	}
krista@3071	155
krista@2461	156
vb@2834	157	bool pEp_user = false;
krista@2543	158
vb@2834	159	is_pEp_user(session, ident, &pEp_user);
krista@2543	160
vb@2834	161	if (pEp_user) {
krista@2543	162	switch (ct) {
krista@2543	163	case PEP_ct_OpenPGP:
krista@2543	164	case PEP_ct_OpenPGP_unconfirmed:
krista@2543	165	ct += 0x47; // difference between PEP and OpenPGP values;
krista@2543	166	ident->comm_type = ct;
krista@2543	167	break;
krista@2543	168	default:
krista@2543	169	break;
krista@2543	170	}
krista@2543	171	}
krista@2543	172
krista@2461	173	bool revoked, expired;
krista@2461	174	bool blacklisted = false;
krista@2461	175
krista@2461	176	status = key_revoked(session, fpr, &revoked);
krista@2461	177
krista@2461	178	if (status != PEP_STATUS_OK) {
krista@2501	179	return status;
krista@2461	180	}
krista@2461	181
krista@2461	182	if (!revoked) {
krista@2461	183	time_t exp_time = (ident->me ?
krista@2461	184	time(NULL) + (7243600) : time(NULL));
krista@2461	185
krista@2461	186	status = key_expired(session, fpr,
krista@2461	187	exp_time,
krista@2461	188	&expired);
krista@2461	189
krista@2461	190	assert(status == PEP_STATUS_OK);
krista@2461	191	if (status != PEP_STATUS_OK)
krista@2501	192	return status;
krista@2461	193
krista@2549	194	if (check_blacklist && IS_PGP_CT(ct) &&
krista@2461	195	!ident->me) {
krista@2461	196	status = blacklist_is_listed(session,
krista@2461	197	fpr,
krista@2461	198	&blacklisted);
krista@2461	199
krista@2461	200	if (status != PEP_STATUS_OK)
krista@2501	201	return status;
krista@2461	202	}
krista@2461	203	}
krista@2461	204
krista@3222	205	if (ident->me && has_private &&
krista@3222	206	(ct >= PEP_ct_strong_but_unconfirmed) &&
krista@3222	207	!revoked && expired) {
krista@2461	208	// extend key
krista@2461	209	timestamp *ts = new_timestamp(time(NULL) + KEY_EXPIRE_DELTA);
krista@2461	210	status = renew_key(session, fpr, ts);
krista@2461	211	free_timestamp(ts);
krista@2461	212
krista@2461	213	if (status == PEP_STATUS_OK) {
krista@2461	214	// if key is valid (second check because pEp key might be extended above)
krista@2461	215	// Return fpr
krista@2461	216	status = key_expired(session, fpr, time(NULL), &expired);
krista@3071	217	if (status != PEP_STATUS_OK)
krista@3071	218	return status;
krista@3071	219
krista@3071	220	if (expired) {
krista@3071	221	if (ident->comm_type & PEP_ct_confirmed \|\| (ident->comm_type == PEP_ct_key_expired_but_confirmed))
krista@3071	222	ident->comm_type = PEP_ct_key_expired_but_confirmed;
krista@3071	223	else
krista@3071	224	ident->comm_type = PEP_ct_key_expired;
krista@3071	225	return status;
krista@3071	226	}
krista@2461	227	// communicate key(?)
krista@2461	228	}
krista@2461	229	}
krista@2461	230
krista@2461	231	if (revoked)
krista@2461	232	ct = PEP_ct_key_revoked;
krista@3071	233	else if (expired) {
krista@3071	234	if (ident->comm_type & PEP_ct_confirmed \|\| (ident->comm_type == PEP_ct_key_expired_but_confirmed))
krista@3071	235	ct = PEP_ct_key_expired_but_confirmed;
krista@3071	236	else
krista@3071	237	ct = PEP_ct_key_expired;
krista@3071	238	}
krista@2461	239	else if (blacklisted) { // never true for .me
krista@2461	240	ident->comm_type = ct = PEP_ct_key_not_found;
krista@2461	241	free(ident->fpr);
krista@2461	242	ident->fpr = strdup("");
krista@2461	243	status = PEP_KEY_BLACKLISTED;
krista@2461	244	}
krista@2461	245
krista@2461	246	switch (ct) {
krista@2461	247	case PEP_ct_key_expired:
krista@3071	248	case PEP_ct_key_expired_but_confirmed:
krista@2461	249	case PEP_ct_key_revoked:
krista@2461	250	case PEP_ct_key_b0rken:
krista@2461	251	// delete key from being default key for all users/identities
krista@2461	252	status = remove_fpr_as_default(session, fpr);
krista@2461	253	status = update_trust_for_fpr(session,
krista@2461	254	fpr,
krista@2461	255	ct);
krista@2467	256	case PEP_ct_mistrusted:
krista@2461	257	free(ident->fpr);
krista@2461	258	ident->fpr = NULL;
krista@2461	259	ident->comm_type = ct;
krista@2461	260	status = PEP_KEY_UNSUITABLE;
krista@2461	261	default:
krista@2461	262	break;
krista@2461	263	}
krista@2461	264
krista@2461	265	return status;
krista@2461	266	}
krista@2461	267
krista@2893	268	PEP_STATUS get_all_keys_for_user(PEP_SESSION session,
krista@2893	269	const char* user_id,
krista@2893	270	stringlist_t** keys) {
krista@2893	271
krista@2893	272	if (!session \|\| EMPTYSTR(user_id) \|\| !keys)
krista@2893	273	return PEP_ILLEGAL_VALUE;
krista@2893	274
krista@2893	275	PEP_STATUS status = PEP_STATUS_OK;
krista@2893	276
krista@2893	277	*keys = NULL;
krista@2893	278	stringlist_t* _kl = NULL;
krista@2893	279
krista@2893	280	sqlite3_reset(session->get_all_keys_for_user);
krista@2893	281	sqlite3_bind_text(session->get_all_keys_for_user, 1, user_id, -1, SQLITE_STATIC);
krista@2893	282
krista@2893	283	int result = -1;
krista@2893	284
krista@2893	285	while ((result = sqlite3_step(session->get_all_keys_for_user)) == SQLITE_ROW) {
krista@2893	286	const char* keyres = (const char *) sqlite3_column_text(session->get_all_keys_for_user, 0);
krista@2893	287	if (keyres) {
krista@2893	288	if (_kl)
krista@2893	289	stringlist_add(_kl, keyres);
krista@2893	290	else
krista@2893	291	_kl = new_stringlist(keyres);
krista@2893	292	}
krista@2893	293	}
krista@2893	294
krista@2893	295	if (!_kl)
krista@2893	296	return PEP_KEY_NOT_FOUND;
krista@2893	297
krista@2893	298	*keys = _kl;
krista@2893	299
krista@2893	300	sqlite3_reset(session->get_all_keys_for_user);
krista@2893	301
krista@2893	302	return status;
krista@2893	303	}
krista@2893	304
krista@2461	305	PEP_STATUS get_user_default_key(PEP_SESSION session, const char* user_id,
krista@2461	306	char** default_key) {
krista@2461	307	assert(session);
krista@2461	308	assert(user_id);
krista@2461	309
krista@2461	310	if (!session \|\| !user_id)
krista@2461	311	return PEP_ILLEGAL_VALUE;
krista@2461	312
krista@2461	313	PEP_STATUS status = PEP_STATUS_OK;
krista@2461	314
krista@2461	315	// try to get default key for user_data
krista@2461	316	sqlite3_reset(session->get_user_default_key);
krista@2461	317	sqlite3_bind_text(session->get_user_default_key, 1, user_id,
krista@2461	318	-1, SQLITE_STATIC);
krista@2461	319
krista@2461	320	const int result = sqlite3_step(session->get_user_default_key);
krista@2461	321	char* user_fpr = NULL;
krista@2461	322	if (result == SQLITE_ROW) {
krista@2461	323	const char* u_fpr =
krista@2461	324	(char *) sqlite3_column_text(session->get_user_default_key, 0);
krista@2461	325	if (u_fpr)
krista@2461	326	user_fpr = strdup(u_fpr);
krista@2461	327	}
krista@2461	328	else
krista@2461	329	status = PEP_GET_KEY_FAILED;
krista@2461	330
krista@2461	331	sqlite3_reset(session->get_user_default_key);
krista@2461	332
krista@2461	333	*default_key = user_fpr;
krista@2461	334	return status;
krista@2461	335	}
krista@2461	336
krista@2461	337	// Only call on retrieval of previously stored identity!
krista@2461	338	// Also, we presume that if the stored_identity was sent in
krista@2461	339	// without an fpr, there wasn't one in the trust DB for this
krista@2461	340	// identity.
krista@2461	341	PEP_STATUS get_valid_pubkey(PEP_SESSION session,
krista@2461	342	pEp_identity* stored_identity,
krista@2461	343	bool* is_identity_default,
krista@2461	344	bool* is_user_default,
krista@2548	345	bool* is_address_default,
krista@2548	346	bool check_blacklist) {
krista@2461	347
krista@2461	348	PEP_STATUS status = PEP_STATUS_OK;
krista@2461	349
krista@2461	350	if (!stored_identity \|\| EMPTYSTR(stored_identity->user_id)
krista@2461	351	\|\| !is_identity_default \|\| !is_user_default \|\| !is_address_default)
krista@2461	352	return PEP_ILLEGAL_VALUE;
krista@2461	353
krista@2461	354	is_identity_default = is_user_default = *is_address_default = false;
krista@2461	355
krista@2461	356	PEP_comm_type first_reject_comm_type = PEP_ct_key_not_found;
krista@2461	357	PEP_STATUS first_reject_status = PEP_KEY_NOT_FOUND;
krista@2461	358
krista@2461	359	char* stored_fpr = stored_identity->fpr;
krista@2461	360	// Input: stored identity retrieved from database
krista@2461	361	// if stored identity contains a default key
krista@2461	362	if (!EMPTYSTR(stored_fpr)) {
krista@3222	363	status = validate_fpr(session, stored_identity, check_blacklist, true);
krista@2461	364	if (status == PEP_STATUS_OK && !EMPTYSTR(stored_identity->fpr)) {
krista@2461	365	is_identity_default = is_address_default = true;
krista@2461	366	return status;
krista@2461	367	}
krista@2461	368	else if (status != PEP_KEY_NOT_FOUND) {
krista@2461	369	first_reject_status = status;
krista@2461	370	first_reject_comm_type = stored_identity->comm_type;
krista@2461	371	}
krista@2461	372	}
krista@2461	373	// if no valid default stored identity key found
krista@2461	374	free(stored_identity->fpr);
krista@2461	375	stored_identity->fpr = NULL;
krista@2461	376
krista@2461	377	char* user_fpr = NULL;
krista@2461	378	status = get_user_default_key(session, stored_identity->user_id, &user_fpr);
krista@2461	379
krista@2461	380	if (!EMPTYSTR(user_fpr)) {
krista@2461	381	// There exists a default key for user, so validate
krista@2461	382	stored_identity->fpr = user_fpr;
krista@3222	383	status = validate_fpr(session, stored_identity, check_blacklist, true);
krista@2461	384	if (status == PEP_STATUS_OK && stored_identity->fpr) {
krista@2461	385	*is_user_default = true;
krista@2461	386	*is_address_default = key_matches_address(session,
krista@2461	387	stored_identity->address,
krista@2461	388	stored_identity->fpr);
krista@2461	389	return status;
krista@2461	390	}
krista@2461	391	else if (status != PEP_KEY_NOT_FOUND && first_reject_status != PEP_KEY_NOT_FOUND) {
krista@2461	392	first_reject_status = status;
krista@2461	393	first_reject_comm_type = stored_identity->comm_type;
krista@2461	394	}
krista@2461	395	}
krista@2461	396
krista@2548	397	status = elect_pubkey(session, stored_identity, check_blacklist);
krista@2461	398	if (status == PEP_STATUS_OK) {
krista@2461	399	if (!EMPTYSTR(stored_identity->fpr))
krista@3222	400	validate_fpr(session, stored_identity, false, true); // blacklist already filtered of needed
krista@2461	401	}
krista@2461	402	else if (status != PEP_KEY_NOT_FOUND && first_reject_status != PEP_KEY_NOT_FOUND) {
krista@2461	403	first_reject_status = status;
krista@2461	404	first_reject_comm_type = stored_identity->comm_type;
krista@2461	405	}
krista@2461	406
krista@2461	407	switch (stored_identity->comm_type) {
krista@2461	408	case PEP_ct_key_revoked:
krista@2461	409	case PEP_ct_key_b0rken:
krista@2461	410	case PEP_ct_key_expired:
krista@3071	411	case PEP_ct_key_expired_but_confirmed:
krista@2593	412	case PEP_ct_compromised:
krista@2461	413	case PEP_ct_mistrusted:
krista@2461	414	// this only happens when it's all there is
krista@2461	415	status = first_reject_status;
krista@2461	416	free(stored_identity->fpr);
krista@2461	417	stored_identity->fpr = NULL;
krista@2461	418	stored_identity->comm_type = first_reject_comm_type;
krista@2461	419	break;
krista@2461	420	default:
krista@2548	421	if (check_blacklist && status == PEP_KEY_BLACKLISTED) {
krista@2548	422	free(stored_identity->fpr);
krista@2548	423	stored_identity->fpr = NULL;
krista@2548	424	stored_identity->comm_type = PEP_ct_key_not_found;
krista@2548	425	}
krista@2461	426	break;
krista@2461	427	}
krista@2461	428	return status;
krista@2461	429	}
krista@2461	430
krista@2461	431	static void transfer_ident_lang_and_flags(pEp_identity* new_ident,
krista@2461	432	pEp_identity* stored_ident) {
krista@2461	433	if (new_ident->lang[0] == 0) {
krista@2461	434	new_ident->lang[0] = stored_ident->lang[0];
krista@2461	435	new_ident->lang[1] = stored_ident->lang[1];
krista@2461	436	new_ident->lang[2] = 0;
krista@2461	437	}
krista@2461	438
krista@2461	439	new_ident->flags = stored_ident->flags;
krista@2461	440	new_ident->me = new_ident->me \|\| stored_ident->me;
krista@2461	441	}
krista@2461	442
vb@2834	443	static void adjust_pEp_trust_status(PEP_SESSION session, pEp_identity* identity) {
krista@2519	444	assert(session);
krista@2519	445	assert(identity);
krista@2519	446
krista@2519	447	if (identity->comm_type < PEP_ct_strong_but_unconfirmed \|\|
krista@2519	448	(identity->comm_type \| PEP_ct_confirmed) == PEP_ct_pEp)
krista@2519	449	return;
krista@2519	450
vb@2834	451	bool pEp_user;
krista@2519	452
vb@2834	453	is_pEp_user(session, identity, &pEp_user);
krista@2519	454
vb@2834	455	if (pEp_user) {
krista@2519	456	PEP_comm_type confirmation_status = identity->comm_type & PEP_ct_confirmed;
krista@2519	457	identity->comm_type = PEP_ct_pEp_unconfirmed \| confirmation_status;
krista@2519	458	}
krista@2519	459	}
krista@2519	460
krista@2519	461
krista@2461	462	static PEP_STATUS prepare_updated_identity(PEP_SESSION session,
krista@2461	463	pEp_identity* return_id,
krista@2461	464	pEp_identity* stored_ident,
krista@2461	465	bool store) {
krista@2461	466
krista@2461	467	if (!session \|\| !return_id \|\| !stored_ident)
krista@2461	468	return PEP_ILLEGAL_VALUE;
krista@2461	469
krista@2461	470	PEP_STATUS status;
krista@2461	471
krista@2461	472	bool is_identity_default, is_user_default, is_address_default;
krista@2461	473	status = get_valid_pubkey(session, stored_ident,
krista@2461	474	&is_identity_default,
krista@2461	475	&is_user_default,
krista@2548	476	&is_address_default,
krista@2548	477	false);
krista@2461	478
krista@2461	479	if (status == PEP_STATUS_OK && stored_ident->fpr && *(stored_ident->fpr) != '\0') {
krista@2461	480	// set identity comm_type from trust db (user_id, FPR)
krista@2461	481	status = get_trust(session, stored_ident);
krista@2461	482	if (status == PEP_CANNOT_FIND_IDENTITY \|\| stored_ident->comm_type == PEP_ct_unknown) {
krista@2461	483	// This is OK - there is no trust DB entry, but we
krista@2461	484	// found a key. We won't store this, but we'll
krista@2461	485	// use it.
krista@2461	486	PEP_comm_type ct = PEP_ct_unknown;
krista@2461	487	status = get_key_rating(session, stored_ident->fpr, &ct);
krista@2461	488	stored_ident->comm_type = ct;
krista@2461	489	}
krista@2461	490	}
krista@2471	491	else {
krista@2471	492	if (stored_ident->comm_type == PEP_ct_unknown)
krista@2471	493	stored_ident->comm_type = PEP_ct_key_not_found;
krista@2471	494	}
krista@2461	495	free(return_id->fpr);
krista@2461	496	return_id->fpr = NULL;
krista@2461	497	if (status == PEP_STATUS_OK && !EMPTYSTR(stored_ident->fpr))
krista@2461	498	return_id->fpr = strdup(stored_ident->fpr);
krista@2461	499
krista@2461	500	return_id->comm_type = stored_ident->comm_type;
krista@2520	501
krista@2461	502	// We patch the DB with the input username, but if we didn't have
krista@2461	503	// one, we pull it out of storage if available.
krista@2461	504	// (also, if the input username is "anonymous" and there exists
krista@2461	505	// a DB username, we replace)
krista@2461	506	if (!EMPTYSTR(stored_ident->username)) {
krista@2461	507	if (!EMPTYSTR(return_id->username) &&
krista@2493	508	(strcasecmp(return_id->username, return_id->address) == 0)) {
krista@2461	509	free(return_id->username);
krista@2500	510	return_id->username = NULL;
krista@2461	511	}
krista@2461	512	if (EMPTYSTR(return_id->username)) {
krista@2461	513	free(return_id->username);
krista@2461	514	return_id->username = strdup(stored_ident->username);
krista@2461	515	}
krista@2461	516	}
krista@2493	517	else {
krista@2493	518	if (EMPTYSTR(return_id->username))
krista@2493	519	return_id->username = strdup(return_id->address);
krista@2493	520	}
krista@2461	521
krista@2461	522	return_id->me = stored_ident->me;
krista@2461	523
krista@2461	524	// FIXME: Do we ALWAYS do this? We probably should...
krista@2461	525	if (EMPTYSTR(return_id->user_id)) {
krista@2461	526	free(return_id->user_id);
krista@2461	527	return_id->user_id = strdup(stored_ident->user_id);
krista@2520	528	}
krista@2520	529
vb@2834	530	adjust_pEp_trust_status(session, return_id);
krista@2520	531
krista@2461	532	// Call set_identity() to store
krista@2461	533	if ((is_identity_default \|\| is_user_default) &&
krista@2461	534	is_address_default) {
krista@2461	535	// if we got an fpr which is default for either user
krista@2461	536	// or identity AND is valid for this address, set in DB
krista@2461	537	// as default
krista@2461	538	status = set_identity(session, return_id);
krista@2461	539	}
krista@2461	540	else {
krista@2461	541	// Store without default fpr/ct, but return the fpr and ct
krista@2461	542	// for current use
krista@2461	543	char* save_fpr = return_id->fpr;
krista@2461	544	PEP_comm_type save_ct = return_id->comm_type;
krista@2461	545	return_id->fpr = NULL;
krista@2461	546	return_id->comm_type = PEP_ct_unknown;
krista@2461	547	PEP_STATUS save_status = status;
krista@2461	548	status = set_identity(session, return_id);
krista@2461	549	if (save_status != PEP_STATUS_OK)
krista@2461	550	status = save_status;
krista@2461	551	return_id->fpr = save_fpr;
krista@2461	552	return_id->comm_type = save_ct;
krista@2461	553	}
krista@2461	554
krista@2461	555	transfer_ident_lang_and_flags(return_id, stored_ident);
krista@2461	556
krista@2477	557	if (return_id->comm_type == PEP_ct_unknown)
krista@2477	558	return_id->comm_type = PEP_ct_key_not_found;
krista@2477	559
krista@2461	560	return status;
krista@2461	561	}
krista@2461	562
edouard@1385	563	DYNAMIC_API PEP_STATUS update_identity(
edouard@1385	564	PEP_SESSION session, pEp_identity * identity
vb@0	565	)
vb@0	566	{
vb@0	567	PEP_STATUS status;
vb@0	568
vb@0	569	assert(session);
vb@0	570	assert(identity);
Edouard@439	571	assert(!EMPTYSTR(identity->address));
vb@0	572
Edouard@439	573	if (!(session && identity && !EMPTYSTR(identity->address)))
krista@2501	574	return PEP_ILLEGAL_VALUE;
vb@191	575
krista@2461	576	char* default_own_id = NULL;
krista@2461	577	status = get_default_own_userid(session, &default_own_id);
krista@2461	578
krista@3349	579	bool is_own_user = identity->me;
krista@3349	580
krista@3349	581	// Is this me, temporary or not? If so, BAIL.
krista@3349	582	if (!is_own_user) {
krista@3349	583	if (default_own_id) {
krista@3349	584	if (!EMPTYSTR(identity->user_id)) {
krista@3349	585	if (strcmp(default_own_id, identity->user_id) == 0) {
krista@3349	586	is_own_user = true;
krista@3349	587	}
krista@3349	588	else {
krista@3349	589	char* alias = NULL;
krista@3349	590	if (get_userid_alias_default(session, identity->user_id, &alias) == PEP_STATUS_OK) {
krista@3349	591	if (alias && strcmp(default_own_id, alias) == 0)
krista@3349	592	is_own_user = true;
krista@3349	593	free(alias);
krista@3349	594	}
krista@3349	595	}
krista@3349	596	}
krista@3349	597	else {
krista@3349	598	// Check if own address. For now, this is a special case;
krista@3349	599	// we try to require apps to send in user_ids, but must prevent
krista@3349	600	// writes to an own identity from within THIS function
krista@3349	601	// NOTE: These semantics MAY CHANGE.
krista@3349	602	bool _own_addr = false;
krista@3349	603	is_own_address(session, identity->address, &_own_addr);
krista@3349	604
krista@3349	605	// N.B. KB: I would prefer consistent semantics here - that is to say,
krista@3349	606	// we also set is_own_user here and force PEP_ILLEGAL_VALUE
krista@3349	607	if (_own_addr) {
krista@3349	608	free(identity->user_id);
krista@3349	609	identity->user_id = strdup(default_own_id);
krista@3349	610	return _myself(session, identity, false, false, true);
krista@3349	611	}
krista@3349	612	}
krista@3349	613	}
krista@3349	614	// Otherwise, we don't even HAVE an own user yet, so we're ok.
krista@3349	615	}
krista@3349	616	if (is_own_user)
krista@2461	617	{
vb@2574	618	free(default_own_id);
krista@2461	619	return PEP_ILLEGAL_VALUE;
vb@1078	620	}
vb@1078	621
krista@2461	622	// We have, at least, an address.
krista@2461	623	// Retrieve stored identity information!
krista@2461	624	pEp_identity* stored_ident = NULL;
krista@2461	625
krista@2461	626	if (!EMPTYSTR(identity->user_id)) {
krista@2461	627	// (we're gonna update the trust/fpr anyway, so we use the no-fpr-from-trust-db variant)
krista@2461	628	// * do get_identity() to retrieve stored identity information
krista@2461	629	status = get_identity_without_trust_check(session, identity->address, identity->user_id, &stored_ident);
krista@2461	630
krista@2461	631	// Before we start - if there was no stored identity, we should check to make sure we don't
krista@2461	632	// have a stored identity with a temporary user_id that differs from the input user_id. This
krista@2461	633	// happens in multithreaded environments sometimes.
krista@2461	634	if (!stored_ident) {
krista@2461	635	identity_list* id_list = NULL;
krista@2461	636	status = get_identities_by_address(session, identity->address, &id_list);
Edouard@559	637
krista@2461	638	if (id_list) {
krista@2461	639	identity_list* id_curr = id_list;
krista@3103	640	bool input_is_TOFU = (strstr(identity->user_id, "TOFU_") == identity->user_id);
krista@2461	641	while (id_curr) {
krista@2461	642	pEp_identity* this_id = id_curr->ident;
krista@2461	643	if (this_id) {
krista@2461	644	char* this_uid = this_id->user_id;
krista@3103	645	bool curr_is_TOFU = false;
krista@3103	646	// this_uid should never be NULL, as this is half of the ident
krista@3103	647	// DB primary key
krista@3103	648	assert(!EMPTYSTR(this_uid));
krista@3103	649
krista@3103	650	curr_is_TOFU = (strstr(this_uid, "TOFU_") == this_uid);
krista@3103	651	if (curr_is_TOFU && !input_is_TOFU) {
krista@3103	652	// FIXME: should we also be fixing pEp_own_userId in this
krista@3103	653	// function here?
krista@3103	654
krista@3103	655	// if usernames match, we replace the userid. Or if the temp username
krista@3103	656	// is anonymous.
krista@3103	657	// FIXME: do we need to create an address match function which
krista@3103	658	// matches the whole dot-and-case rigamarole from
krista@3103	659	if (EMPTYSTR(this_id->username) \|\|
krista@3103	660	strcasecmp(this_id->username, this_id->address) == 0 \|\|
krista@3103	661	(identity->username &&
krista@3103	662	strcasecmp(identity->username,
krista@3103	663	this_id->username) == 0)) {
krista@2461	664
krista@3103	665	// Ok, we have a temp ID. We have to replace this
krista@3103	666	// with the real ID.
krista@3103	667	status = replace_userid(session,
krista@3103	668	this_uid,
krista@3103	669	identity->user_id);
krista@3103	670	if (status != PEP_STATUS_OK) {
krista@3103	671	free_identity_list(id_list);
krista@3103	672	free(default_own_id);
krista@3103	673	return status;
krista@3103	674	}
krista@2985	675
krista@3103	676	free(this_uid);
krista@3103	677	this_uid = NULL;
krista@3103	678
krista@3103	679	// Reflect the change we just made to the DB
krista@3103	680	this_id->user_id = strdup(identity->user_id);
krista@2461	681	stored_ident = this_id;
krista@2461	682	// FIXME: free list.
krista@2461	683	break;
krista@3103	684	}
krista@3103	685	}
krista@3103	686	else if (input_is_TOFU && !curr_is_TOFU) {
krista@3103	687	// Replace ruthlessly - this is NOT supposed to happen.
krista@3103	688	// BAD APP BEHAVIOUR.
krista@3103	689	free(identity->user_id);
krista@3103	690	identity->user_id = strdup(this_id->user_id);
krista@3103	691	stored_ident = this_id;
krista@3103	692	// FIXME: free list.
krista@3103	693	break;
krista@3103	694	}
krista@2461	695	}
krista@2461	696	id_curr = id_curr->next;
krista@2461	697	}
krista@2461	698	}
krista@2461	699	}
krista@2461	700
krista@2461	701	if (status == PEP_STATUS_OK && stored_ident) {
krista@2461	702	// * if identity available
krista@2461	703	// * patch it with username
krista@2461	704	// (note: this will happen when
krista@2461	705	// setting automatically below...)
krista@2461	706	// * elect valid key for identity
krista@2461	707	// * if valid key exists
krista@2461	708	// * set return value's fpr
krista@2461	709	status = prepare_updated_identity(session,
krista@2461	710	identity,
krista@2461	711	stored_ident, true);
Edouard@559	712	}
krista@2461	713	// * else (identity unavailable)
krista@2461	714	else {
krista@2461	715	status = PEP_STATUS_OK;
krista@2493	716
krista@2493	717	// FIXME: We may need to roll this back.
krista@2493	718	// FIXME: change docs if we don't
krista@2461	719	// if we only have user_id and address and identity not available
krista@2461	720	// * return error status (identity not found)
krista@2493	721	if (EMPTYSTR(identity->username)) {
krista@2493	722	free(identity->username);
krista@2493	723	identity->username = strdup(identity->address);
krista@2493	724	}
krista@1188	725
krista@2461	726	// Otherwise, if we had user_id, address, and username:
krista@2461	727	// * create identity with user_id, address, username
krista@2461	728	// (this is the input id without the fpr + comm type!)
krista@2493	729
krista@3103	730	elect_pubkey(session, identity, false);
krista@2493	731
krista@2461	732	// * We've already checked and retrieved
krista@2461	733	// any applicable temporary identities above. If we're
krista@2461	734	// here, none of them fit.
krista@2461	735	// * call set_identity() to store
krista@3103	736	// FIXME: Do we set if we had to copy in the address?
krista@3096	737	adjust_pEp_trust_status(session, identity);
krista@3103	738	status = set_identity(session, identity);
krista@2461	739	// * Return: created identity
krista@2461	740	}
krista@2461	741	}
krista@2461	742	else if (!EMPTYSTR(identity->username)) {
krista@2461	743	/*
krista@2461	744	* Temporary identity information with username supplied
krista@2461	745	* Input: address, username (no others)
krista@2461	746	*/
krista@2461	747
krista@2461	748	// * See if there is an own identity that uses this address. If so, we'll
krista@2461	749	// prefer that
krista@2461	750	stored_ident = NULL;
krista@2461	751
krista@2461	752	if (default_own_id) {
krista@2461	753	status = get_identity(session,
krista@2512	754	identity->address,
krista@2461	755	default_own_id,
krista@2461	756	&stored_ident);
krista@2461	757	}
krista@2461	758	// If there isn't an own identity, search for a non-temp stored ident
krista@2461	759	// with this address.
krista@2461	760	if (status == PEP_CANNOT_FIND_IDENTITY \|\| !stored_ident) {
krista@2461	761
krista@2461	762	identity_list* id_list = NULL;
krista@2461	763	status = get_identities_by_address(session, identity->address, &id_list);
edouard@1522	764
krista@2461	765	if (id_list) {
krista@2461	766	identity_list* id_curr = id_list;
krista@2461	767	while (id_curr) {
krista@2461	768	pEp_identity* this_id = id_curr->ident;
krista@2461	769	if (this_id) {
krista@2461	770	char* this_uid = this_id->user_id;
krista@3103	771	assert(!EMPTYSTR(this_uid));
krista@3103	772	// Should never be NULL - DB primary key
krista@3103	773
krista@3103	774	if (strstr(this_uid, "TOFU_") != this_uid) {
krista@2461	775	// if usernames match, we replace the userid.
krista@2461	776	if (identity->username &&
krista@2461	777	strcasecmp(identity->username,
krista@2461	778	this_id->username) == 0) {
krista@2461	779
krista@2461	780	// Ok, we have a real ID. Copy it!
krista@2461	781	identity->user_id = strdup(this_uid);
vb@2575	782	assert(identity->user_id);
krista@2461	783	if (!identity->user_id)
vb@2575	784	goto enomem;
vb@2575	785
krista@2461	786	stored_ident = this_id;
krista@2461	787
krista@2461	788	break;
krista@2461	789	}
krista@2461	790	}
edouard@1522	791	}
krista@2461	792	id_curr = id_curr->next;
edouard@1501	793	}
edouard@1501	794	}
krista@1220	795	}
krista@1188	796
krista@2461	797	if (stored_ident) {
krista@2461	798	status = prepare_updated_identity(session,
krista@2461	799	identity,
krista@2461	800	stored_ident, true);
krista@1243	801	}
krista@2461	802	else {
krista@2461	803	identity->user_id = calloc(1, strlen(identity->address) + 6);
krista@2461	804	if (!identity->user_id)
vb@2574	805	goto enomem;
vb@934	806
krista@2461	807	snprintf(identity->user_id, strlen(identity->address) + 6,
krista@2461	808	"TOFU_%s", identity->address);
krista@2496	809
krista@2537	810	status = get_identity(session,
krista@2537	811	identity->address,
krista@2537	812	identity->user_id,
krista@2537	813	&stored_ident);
krista@2537	814
krista@2537	815	if (status == PEP_STATUS_OK && stored_ident) {
krista@2537	816	status = prepare_updated_identity(session,
krista@2537	817	identity,
krista@2537	818	stored_ident, true);
krista@2537	819	}
krista@2537	820	else {
krista@2496	821
krista@2537	822	// * We've already checked and retrieved
krista@2537	823	// any applicable temporary identities above. If we're
krista@2537	824	// here, none of them fit.
krista@2537	825
krista@2548	826	status = elect_pubkey(session, identity, false);
krista@2537	827
krista@2537	828	// * call set_identity() to store
krista@3092	829	if (identity->fpr) {
krista@3092	830	// it is still possible we have DB information on this key. Better check.
krista@3092	831	status = get_trust(session, identity);
krista@3092	832	PEP_comm_type db_ct = identity->comm_type;
krista@2537	833	status = get_key_rating(session, identity->fpr, &identity->comm_type);
krista@3092	834	PEP_comm_type key_ct = identity->comm_type;
krista@3092	835
krista@3092	836	if (status == PEP_STATUS_OK) {
krista@3092	837	switch (key_ct) {
krista@3092	838	case PEP_ct_key_expired:
krista@3092	839	if (db_ct == PEP_ct_key_expired_but_confirmed)
krista@3092	840	identity->comm_type = db_ct;
krista@3092	841	break;
krista@3092	842	default:
krista@3092	843	switch(db_ct) {
krista@3092	844	case PEP_ct_key_expired_but_confirmed:
krista@3092	845	if (key_ct >= PEP_ct_strong_but_unconfirmed)
krista@3092	846	identity->comm_type \|= PEP_ct_confirmed;
krista@3092	847	break;
krista@3092	848	case PEP_ct_mistrusted:
krista@3092	849	case PEP_ct_compromised:
krista@3092	850	case PEP_ct_key_b0rken:
krista@3092	851	identity->comm_type = db_ct;
krista@3092	852	default:
krista@3092	853	break;
krista@3092	854	}
krista@3092	855	break;
krista@3092	856	}
krista@3092	857	}
krista@3092	858	}
krista@2537	859	// * call set_identity() to store
vb@2834	860	adjust_pEp_trust_status(session, identity);
krista@2537	861	status = set_identity(session, identity);
krista@2537	862	}
Edouard@499	863	}
vb@8	864	}
krista@2461	865	else {
krista@2461	866	/*
krista@2493	867	* Input: address (no others)
krista@2461	868	* Temporary identity information without username suplied
krista@2461	869	*/
krista@2461	870
krista@2461	871	// * Again, see if there is an own identity that uses this address. If so, we'll
krista@2461	872	// prefer that
krista@2461	873	stored_ident = NULL;
krista@2461	874
krista@2461	875	if (default_own_id) {
krista@2461	876	status = get_identity(session,
krista@2512	877	identity->address,
krista@2461	878	default_own_id,
krista@2461	879	&stored_ident);
krista@2461	880	}
krista@2461	881	// If there isn't an own identity, search for a non-temp stored ident
krista@2461	882	// with this address.
krista@2461	883	if (status == PEP_CANNOT_FIND_IDENTITY \|\| !stored_ident) {
krista@2461	884
krista@2461	885	identity_list* id_list = NULL;
krista@2506	886	// * Search for identity with this address
krista@2461	887	status = get_identities_by_address(session, identity->address, &id_list);
vb@8	888
krista@2506	889	// Results are ordered by timestamp descending, so this covers
krista@2506	890	// both the one-result and multi-result cases
krista@2506	891	if (id_list) {
krista@2506	892	if (stored_ident) // unlikely
krista@2506	893	free_identity(stored_ident);
krista@2461	894	stored_ident = id_list->ident;
krista@2461	895	}
krista@2461	896	}
krista@2461	897	if (stored_ident)
krista@2461	898	status = prepare_updated_identity(session, identity,
krista@2461	899	stored_ident, false);
krista@2496	900	else {
krista@2496	901	// too little info. BUT. We see if we can find a key; if so, we create a
krista@2496	902	// temp identity, look for a key, and store.
krista@2496	903
krista@2496	904	// create temporary identity, store it, and Return this
krista@2496	905	// This means TOFU_ user_id
krista@2496	906	identity->user_id = calloc(1, strlen(identity->address) + 6);
krista@2496	907	if (!identity->user_id)
vb@2574	908	goto enomem;
krista@2496	909
krista@2496	910	snprintf(identity->user_id, strlen(identity->address) + 6,
krista@2496	911	"TOFU_%s", identity->address);
krista@2496	912
krista@2496	913	identity->username = strdup(identity->address);
krista@2496	914	if (!identity->address)
vb@2574	915	goto enomem;
krista@2496	916
krista@2496	917	free(identity->fpr);
krista@2496	918	identity->fpr = NULL;
krista@2496	919	identity->comm_type = PEP_ct_unknown;
krista@2496	920
krista@2548	921	status = elect_pubkey(session, identity, false);
krista@2496	922
krista@2496	923	if (identity->fpr)
krista@2496	924	status = get_key_rating(session, identity->fpr, &identity->comm_type);
krista@2496	925
krista@2519	926	// * call set_identity() to store
vb@2834	927	adjust_pEp_trust_status(session, identity);
krista@2496	928	status = set_identity(session, identity);
krista@2496	929
krista@2496	930	}
krista@2461	931	}
krista@1220	932
krista@2461	933	// FIXME: This is legacy. I presume it's a notification for the caller...
krista@2461	934	// Revisit once I can talk to Volker
krista@2593	935	if (identity->comm_type != PEP_ct_compromised &&
krista@2461	936	identity->comm_type < PEP_ct_strong_but_unconfirmed)
krista@2461	937	if (session->examine_identity)
krista@2461	938	session->examine_identity(identity, session->examine_management);
vb@297	939
vb@2834	940	goto pEp_free;
vb@2574	941
vb@2574	942	enomem:
vb@2574	943	status = PEP_OUT_OF_MEMORY;
vb@2574	944
vb@2834	945	pEp_free:
vb@2574	946	free(default_own_id);
vb@2575	947	free_identity(stored_ident);
krista@2501	948	return status;
vb@0	949	}
vb@0	950
Edouard@774	951	PEP_STATUS elect_ownkey(
krista@1194	952	PEP_SESSION session, pEp_identity * identity
Edouard@774	953	)
Edouard@774	954	{
Edouard@774	955	PEP_STATUS status;
Edouard@774	956	stringlist_t *keylist = NULL;
Edouard@774	957
Edouard@774	958	free(identity->fpr);
Edouard@774	959	identity->fpr = NULL;
Edouard@774	960
krista@1357	961	status = find_private_keys(session, identity->address, &keylist);
Edouard@774	962	assert(status != PEP_OUT_OF_MEMORY);
Edouard@774	963	if (status == PEP_OUT_OF_MEMORY)
Edouard@774	964	return PEP_OUT_OF_MEMORY;
Edouard@774	965
Edouard@774	966	if (keylist != NULL && keylist->value != NULL)
Edouard@774	967	{
Edouard@774	968	char *_fpr = NULL;
Edouard@774	969	identity->comm_type = PEP_ct_unknown;
Edouard@774	970
Edouard@774	971	stringlist_t *_keylist;
Edouard@774	972	for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
Edouard@774	973	bool is_own = false;
Edouard@774	974
edouard@1752	975	status = own_key_is_listed(session, _keylist->value, &is_own);
edouard@1752	976	assert(status == PEP_STATUS_OK);
edouard@1752	977	if (status != PEP_STATUS_OK) {
edouard@1752	978	free_stringlist(keylist);
edouard@1752	979	return status;
Edouard@774	980	}
Edouard@774	981
edouard@1752	982	if (is_own)
Edouard@774	983	{
Edouard@774	984	PEP_comm_type _comm_type_key;
Edouard@774	985
Edouard@774	986	status = get_key_rating(session, _keylist->value, &_comm_type_key);
Edouard@774	987	assert(status != PEP_OUT_OF_MEMORY);
Edouard@774	988	if (status == PEP_OUT_OF_MEMORY) {
Edouard@774	989	free_stringlist(keylist);
Edouard@774	990	return PEP_OUT_OF_MEMORY;
Edouard@774	991	}
Edouard@774	992
krista@2593	993	if (_comm_type_key != PEP_ct_compromised &&
Edouard@774	994	_comm_type_key != PEP_ct_unknown)
Edouard@774	995	{
Edouard@774	996	if (identity->comm_type == PEP_ct_unknown \|\|
Edouard@774	997	_comm_type_key > identity->comm_type)
Edouard@774	998	{
Edouard@774	999	identity->comm_type = _comm_type_key;
Edouard@774	1000	_fpr = _keylist->value;
Edouard@774	1001	}
Edouard@774	1002	}
Edouard@774	1003	}
Edouard@774	1004	}
Edouard@774	1005
Edouard@774	1006	if (_fpr)
Edouard@774	1007	{
Edouard@774	1008	identity->fpr = strdup(_fpr);
Edouard@774	1009	assert(identity->fpr);
Edouard@774	1010	if (identity->fpr == NULL)
Edouard@774	1011	{
Edouard@774	1012	free_stringlist(keylist);
Edouard@774	1013	return PEP_OUT_OF_MEMORY;
Edouard@774	1014	}
Edouard@774	1015	}
Edouard@774	1016	free_stringlist(keylist);
Edouard@774	1017	}
Edouard@774	1018	return PEP_STATUS_OK;
Edouard@774	1019	}
Edouard@774	1020
krista@1357	1021	PEP_STATUS _has_usable_priv_key(PEP_SESSION session, char* fpr,
krista@1357	1022	bool* is_usable) {
krista@1357	1023
krista@2549	1024	bool has_private = false;
krista@2549	1025	PEP_STATUS status = contains_priv_key(session, fpr, &has_private);
krista@1357	1026
krista@2549	1027	*is_usable = has_private;
krista@1357	1028
krista@2501	1029	return status;
krista@1357	1030	}
krista@1357	1031
krista@3346	1032	PEP_STATUS _myself(PEP_SESSION session,
krista@3346	1033	pEp_identity * identity,
krista@3346	1034	bool do_keygen,
krista@3346	1035	bool ignore_flags,
krista@3346	1036	bool read_only)
vb@0	1037	{
krista@2461	1038
vb@0	1039	PEP_STATUS status;
vb@0	1040
vb@0	1041	assert(session);
vb@0	1042	assert(identity);
vb@1044	1043	assert(!EMPTYSTR(identity->address));
krista@2461	1044	assert(!EMPTYSTR(identity->user_id));
vb@0	1045
krista@2461	1046	if (!session \|\| !identity \|\| EMPTYSTR(identity->address) \|\|
krista@2461	1047	EMPTYSTR(identity->user_id))
krista@2501	1048	return PEP_ILLEGAL_VALUE;
vb@191	1049
krista@2461	1050	pEp_identity *stored_identity = NULL;
krista@2461	1051	char* revoked_fpr = NULL;
vb@2535	1052	bool valid_key_found = false;
krista@2461	1053
krista@2461	1054	char* default_own_id = NULL;
krista@2461	1055	status = get_default_own_userid(session, &default_own_id);
krista@2461	1056
krista@2461	1057	// Deal with non-default user_ids.
krista@3346	1058	// FIXME: if non-default and read-only, reject totally?
krista@2461	1059	if (default_own_id && strcmp(default_own_id, identity->user_id) != 0) {
krista@3346	1060	if (read_only) {
krista@3346	1061	free(identity->user_id);
krista@3346	1062	identity->user_id = strdup(default_own_id);
krista@3346	1063	}
krista@3346	1064	else {
krista@3346	1065	status = set_userid_alias(session, default_own_id, identity->user_id);
krista@3346	1066	// Do we want this to be fatal? For now, we'll do it...
krista@3346	1067	if (status != PEP_STATUS_OK)
krista@3347	1068	goto pEp_free;
krista@3346	1069
krista@3346	1070	free(identity->user_id);
krista@3346	1071	identity->user_id = strdup(default_own_id);
krista@3346	1072	if (identity->user_id == NULL) {
krista@3346	1073	status = PEP_OUT_OF_MEMORY;
krista@3347	1074	goto pEp_free;
krista@3346	1075	}
krista@2461	1076	}
krista@2461	1077	}
krista@2461	1078
krista@2461	1079	// NOTE: IF WE DON'T YET HAVE AN OWN_ID, WE IGNORE REFERENCES TO THIS ADDRESS IN THE
krista@2461	1080	// DB (WHICH MAY HAVE BEEN SET BEFORE MYSELF WAS CALLED BY RECEIVING AN EMAIL FROM
krista@2461	1081	// THIS ADDRESS), AS IT IS NOT AN OWN_IDENTITY AND HAS NO INFORMATION WE NEED OR WHAT TO
krista@2461	1082	// SET FOR MYSELF
krista@2461	1083
krista@2461	1084	// Ok, so now, set up the own_identity:
vb@0	1085	identity->comm_type = PEP_ct_pEp;
krista@2461	1086	identity->me = true;
edouard@1406	1087	if(ignore_flags)
edouard@1406	1088	identity->flags = 0;
Edouard@658	1089
krista@2461	1090	// Let's see if we have an identity record in the DB for
krista@2461	1091	// this user_id + address
krista@2501	1092	// DEBUG_LOG("myself", "debug", identity->address);
vb@1044	1093
Edouard@560	1094	status = get_identity(session,
Edouard@560	1095	identity->address,
Edouard@560	1096	identity->user_id,
Edouard@560	1097	&stored_identity);
krista@2461	1098
vb@0	1099	assert(status != PEP_OUT_OF_MEMORY);
vb@2535	1100	if (status == PEP_OUT_OF_MEMORY) {
vb@2535	1101	status = PEP_OUT_OF_MEMORY;
vb@2834	1102	goto pEp_free;
vb@2535	1103	}
krista@1357	1104
krista@2493	1105	// Set usernames - priority is input username > stored name > address
krista@2461	1106	// If there's an input username, we always patch the username with that
krista@2461	1107	// input.
krista@3346	1108	if (EMPTYSTR(identity->username) \|\| read_only) {
krista@2494	1109	bool stored_uname = (stored_identity && !EMPTYSTR(stored_identity->username));
krista@2493	1110	char* uname = (stored_uname ? stored_identity->username : identity->address);
krista@2461	1111	free(identity->username);
krista@2461	1112	identity->username = strdup(uname);
vb@2535	1113	if (identity->username == NULL) {
vb@2535	1114	status = PEP_OUT_OF_MEMORY;
vb@2834	1115	goto pEp_free;
vb@2535	1116	}
vb@2535	1117	}
vb@2535	1118
vb@2535	1119	// ignore input fpr
vb@2535	1120
vb@2535	1121	if (identity->fpr) {
vb@2535	1122	free(identity->fpr);
vb@2535	1123	identity->fpr = NULL;
krista@2461	1124	}
krista@2461	1125
vb@2535	1126	// check stored identity
krista@3422	1127	if (stored_identity) {
krista@3422	1128	if (!EMPTYSTR(stored_identity->fpr)) {
krista@3422	1129	// Fall back / retrieve
krista@3422	1130	status = validate_fpr(session, stored_identity, false, true);
krista@3422	1131	if (status == PEP_OUT_OF_MEMORY)
krista@3422	1132	goto pEp_free;
krista@3422	1133	if (status == PEP_STATUS_OK) {
krista@3422	1134	if (stored_identity->comm_type >= PEP_ct_strong_but_unconfirmed) {
krista@3422	1135	identity->fpr = strdup(stored_identity->fpr);
krista@3422	1136	assert(identity->fpr);
krista@3422	1137	if (!identity->fpr) {
vb@2535	1138	status = PEP_OUT_OF_MEMORY;
vb@2834	1139	goto pEp_free;
vb@2535	1140	}
krista@3422	1141	valid_key_found = true;
krista@3422	1142	}
krista@3422	1143	else {
krista@3422	1144	bool revoked = false;
krista@3422	1145	status = key_revoked(session, stored_identity->fpr, &revoked);
krista@3422	1146	if (status)
krista@3422	1147	goto pEp_free;
krista@3422	1148	if (revoked) {
krista@3422	1149	revoked_fpr = strdup(stored_identity->fpr);
krista@3422	1150	assert(revoked_fpr);
krista@3422	1151	if (!revoked_fpr) {
krista@3422	1152	status = PEP_OUT_OF_MEMORY;
krista@3422	1153	goto pEp_free;
krista@3422	1154	}
krista@3422	1155	}
vb@2535	1156	}
vb@2535	1157	}
krista@1357	1158	}
krista@3422	1159	// reconcile language, flags
krista@3422	1160	transfer_ident_lang_and_flags(identity, stored_identity);
Edouard@560	1161	}
krista@1357	1162
krista@2461	1163	// Nothing left to do but generate a key
krista@2461	1164	if (!valid_key_found) {
krista@3346	1165	if (!do_keygen \|\| read_only)
krista@2461	1166	status = PEP_GET_KEY_FAILED;
krista@2461	1167	else {
krista@2501	1168	// / DEBUG_LOG("Generating key pair", "debug", identity->address);
krista@2461	1169
krista@2461	1170	free(identity->fpr);
krista@2461	1171	identity->fpr = NULL;
krista@2461	1172	status = generate_keypair(session, identity);
krista@2461	1173	assert(status != PEP_OUT_OF_MEMORY);
vb@934	1174
krista@2461	1175	if (status != PEP_STATUS_OK) {
krista@2461	1176	char buf[11];
krista@2461	1177	snprintf(buf, 11, "%d", status); // uh, this is kludgey. FIXME
krista@2501	1178	// DEBUG_LOG("Generating key pair failed", "debug", buf);
krista@2461	1179	}
krista@2461	1180	else {
krista@2461	1181	valid_key_found = true;
krista@2461	1182	if (revoked_fpr) {
krista@2461	1183	status = set_revoked(session, revoked_fpr,
krista@2461	1184	stored_identity->fpr, time(NULL));
krista@3120	1185	assert(status == PEP_STATUS_OK);
krista@2461	1186	}
krista@2461	1187	}
krista@1357	1188	}
Edouard@560	1189	}
Edouard@695	1190
krista@2461	1191	if (valid_key_found) {
krista@2461	1192	identity->comm_type = PEP_ct_pEp;
krista@2461	1193	status = PEP_STATUS_OK;
krista@2461	1194	}
krista@2461	1195	else {
krista@2461	1196	free(identity->fpr);
krista@2461	1197	identity->fpr = NULL;
krista@2461	1198	identity->comm_type = PEP_ct_unknown;
Edouard@695	1199	}
krista@2461	1200
krista@3216	1201	// We want to set an identity in the DB even if a key isn't found, but we have to preserve the status if
krista@3216	1202	// it's NOT ok
krista@3346	1203	if (!read_only) {
krista@3346	1204	PEP_STATUS set_id_status = set_identity(session, identity);
krista@3346	1205	if (set_id_status == PEP_STATUS_OK)
krista@3347	1206	set_id_status = set_as_pEp_user(session, identity);
krista@3216	1207
krista@3346	1208	status = (status == PEP_STATUS_OK ? set_id_status : status);
krista@3346	1209	}
krista@3346	1210
vb@2834	1211	pEp_free:
krista@2461	1212	free(default_own_id);
krista@2461	1213	free(revoked_fpr);
krista@2461	1214	free_identity(stored_identity);
krista@2501	1215	return status;
krista@2461	1216	}
edouard@1385	1217
edouard@1385	1218	DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
edouard@1385	1219	{
krista@3346	1220	return _myself(session, identity, true, false, false);
edouard@1385	1221	}
edouard@1385	1222
vb@296	1223	DYNAMIC_API PEP_STATUS register_examine_function(
vb@292	1224	PEP_SESSION session,
vb@292	1225	examine_identity_t examine_identity,
vb@292	1226	void *management
vb@292	1227	)
vb@292	1228	{
vb@292	1229	assert(session);
vb@292	1230	if (!session)
vb@292	1231	return PEP_ILLEGAL_VALUE;
vb@292	1232
vb@292	1233	session->examine_management = management;
vb@292	1234	session->examine_identity = examine_identity;
vb@292	1235
vb@292	1236	return PEP_STATUS_OK;
vb@292	1237	}
vb@292	1238
vb@0	1239	DYNAMIC_API PEP_STATUS do_keymanagement(
vb@0	1240	retrieve_next_identity_t retrieve_next_identity,
vb@0	1241	void *management
vb@0	1242	)
vb@0	1243	{
vb@0	1244	PEP_SESSION session;
vb@0	1245	pEp_identity *identity;
vb@3056	1246	PEP_STATUS status = init(&session, NULL, NULL);
vb@3056	1247	assert(!status);
vb@3056	1248	if (status)
vb@3056	1249	return status;
vb@24	1250
vb@2834	1251	assert(session && retrieve_next_identity);
vb@2834	1252	if (!(session && retrieve_next_identity))
Edouard@499	1253	return PEP_ILLEGAL_VALUE;
Edouard@499	1254
vb@0	1255	log_event(session, "keymanagement thread started", "pEp engine", NULL, NULL);
vb@0	1256
Edouard@499	1257	while ((identity = retrieve_next_identity(management)))
Edouard@499	1258	{
vb@0	1259	assert(identity->address);
Edouard@499	1260	if(identity->address)
Edouard@499	1261	{
Edouard@499	1262	DEBUG_LOG("do_keymanagement", "retrieve_next_identity", identity->address);
Edouard@499	1263
krista@2461	1264	if (identity->me) {
Edouard@499	1265	status = myself(session, identity);
Edouard@499	1266	} else {
Edouard@499	1267	status = recv_key(session, identity->address);
Edouard@499	1268	}
Edouard@499	1269
vb@0	1270	assert(status != PEP_OUT_OF_MEMORY);
Edouard@499	1271	if(status == PEP_OUT_OF_MEMORY)
Edouard@499	1272	return PEP_OUT_OF_MEMORY;
vb@0	1273	}
vb@0	1274	free_identity(identity);
vb@0	1275	}
vb@0	1276
vb@0	1277	log_event(session, "keymanagement thread shutdown", "pEp engine", NULL, NULL);
vb@0	1278	release(session);
vb@0	1279	return PEP_STATUS_OK;
vb@0	1280	}
vb@0	1281
krista@1213	1282	DYNAMIC_API PEP_STATUS key_mistrusted(
vb@357	1283	PEP_SESSION session,
vb@357	1284	pEp_identity *ident
vb@357	1285	)
vb@215	1286	{
vb@218	1287	PEP_STATUS status = PEP_STATUS_OK;
vb@218	1288
vb@215	1289	assert(session);
vb@357	1290	assert(ident);
Edouard@439	1291	assert(!EMPTYSTR(ident->fpr));
vb@215	1292
vb@357	1293	if (!(session && ident && ident->fpr))
vb@215	1294	return PEP_ILLEGAL_VALUE;
vb@215	1295
krista@3171	1296	bool has_private = false;
krista@3171	1297
krista@3171	1298	status = contains_priv_key(session, ident->fpr, &has_private);
krista@3171	1299
krista@3171	1300	if (status != PEP_STATUS_OK && status != PEP_KEY_NOT_FOUND)
krista@3171	1301	return status;
krista@3171	1302
krista@3171	1303	// See if key is revoked already
krista@3171	1304	if (has_private) {
krista@3011	1305	bool revoked = false;
krista@3011	1306	status = key_revoked(session, ident->fpr, &revoked);
krista@3171	1307
krista@3011	1308	if (!revoked)
krista@3011	1309	revoke_key(session, ident->fpr, NULL);
krista@3171	1310	}
krista@3011	1311
krista@2936	1312	// double-check to be sure key is even in the DB
krista@2936	1313	if (ident->fpr)
krista@2936	1314	status = set_pgp_keypair(session, ident->fpr);
krista@2483	1315
krista@2936	1316	// We set this temporarily but will grab it back from the cache afterwards
krista@2936	1317	ident->comm_type = PEP_ct_mistrusted;
krista@2936	1318	status = set_trust(session, ident);
krista@2129	1319
krista@2936	1320	if (status == PEP_STATUS_OK)
krista@2936	1321	// cascade that mistrust for anyone using this key
krista@2936	1322	status = mark_as_compromised(session, ident->fpr);
krista@2936	1323	if (status == PEP_STATUS_OK)
krista@2936	1324	status = add_mistrusted_key(session, ident->fpr);
krista@2936	1325
krista@2129	1326	return status;
krista@2129	1327	}
krista@2129	1328
Edouard@410	1329	DYNAMIC_API PEP_STATUS key_reset_trust(
Edouard@410	1330	PEP_SESSION session,
Edouard@410	1331	pEp_identity *ident
Edouard@410	1332	)
Edouard@410	1333	{
Edouard@410	1334	PEP_STATUS status = PEP_STATUS_OK;
Edouard@410	1335
Edouard@410	1336	assert(session);
Edouard@410	1337	assert(ident);
Edouard@439	1338	assert(!EMPTYSTR(ident->fpr));
Edouard@439	1339	assert(!EMPTYSTR(ident->address));
Edouard@439	1340	assert(!EMPTYSTR(ident->user_id));
Edouard@410	1341
krista@2461	1342	if (!(session && ident && ident->fpr && ident->fpr[0] != '\0' && ident->address &&
vb@420	1343	ident->user_id))
Edouard@410	1344	return PEP_ILLEGAL_VALUE;
Edouard@410	1345
krista@2461	1346	// we do not change the input struct at ALL.
krista@2461	1347	pEp_identity* input_copy = identity_dup(ident);
krista@2461	1348
krista@2461	1349	pEp_identity* tmp_ident = NULL;
krista@2461	1350
krista@2461	1351	status = get_trust(session, input_copy);
krista@2461	1352
vb@420	1353	if (status != PEP_STATUS_OK)
vb@2834	1354	goto pEp_free;
krista@2461	1355
krista@2461	1356	PEP_comm_type new_trust = PEP_ct_unknown;
krista@2586	1357	status = get_key_rating(session, ident->fpr, &new_trust);
krista@2586	1358	if (status != PEP_STATUS_OK)
vb@2834	1359	goto pEp_free;
krista@2461	1360
vb@2834	1361	bool pEp_user = false;
krista@2586	1362
vb@2834	1363	status = is_pEp_user(session, ident, &pEp_user);
krista@2586	1364
vb@2834	1365	if (pEp_user && new_trust >= PEP_ct_unconfirmed_encryption)
krista@2586	1366	input_copy->comm_type = PEP_ct_pEp_unconfirmed;
krista@2586	1367	else
krista@2586	1368	input_copy->comm_type = new_trust;
krista@2586	1369
krista@2478	1370	status = set_trust(session, input_copy);
krista@2461	1371
krista@2461	1372	if (status != PEP_STATUS_OK)
vb@2834	1373	goto pEp_free;
krista@2461	1374
krista@2471	1375	bool mistrusted_key = false;
krista@2461	1376
krista@2471	1377	status = is_mistrusted_key(session, ident->fpr, &mistrusted_key);
krista@2471	1378
krista@2471	1379	if (status != PEP_STATUS_OK)
vb@2834	1380	goto pEp_free;
krista@2471	1381
krista@2471	1382	if (mistrusted_key)
krista@2471	1383	status = delete_mistrusted_key(session, ident->fpr);
krista@2471	1384
krista@2471	1385	if (status != PEP_STATUS_OK)
vb@2834	1386	goto pEp_free;
krista@2461	1387
krista@2461	1388	tmp_ident = new_identity(ident->address, NULL, ident->user_id, NULL);
Edouard@410	1389
krista@2461	1390	if (!tmp_ident)
krista@2461	1391	return PEP_OUT_OF_MEMORY;
krista@2461	1392
krista@2595	1393	if (is_me(session, tmp_ident))
krista@2595	1394	status = myself(session, tmp_ident);
krista@2595	1395	else
krista@2595	1396	status = update_identity(session, tmp_ident);
krista@2461	1397
vb@421	1398	if (status != PEP_STATUS_OK)
vb@2834	1399	goto pEp_free;
krista@2461	1400
krista@2461	1401	// remove as default if necessary
krista@2507	1402	if (!EMPTYSTR(tmp_ident->fpr) && strcmp(tmp_ident->fpr, ident->fpr) == 0) {
krista@2461	1403	free(tmp_ident->fpr);
krista@2461	1404	tmp_ident->fpr = NULL;
krista@2461	1405	tmp_ident->comm_type = PEP_ct_unknown;
krista@2461	1406	status = set_identity(session, tmp_ident);
krista@2461	1407	if (status != PEP_STATUS_OK)
vb@2834	1408	goto pEp_free;
krista@2461	1409	}
krista@2461	1410
krista@2461	1411	char* user_default = NULL;
krista@2586	1412	get_main_user_fpr(session, tmp_ident->user_id, &user_default);
krista@2461	1413
krista@2461	1414	if (!EMPTYSTR(user_default)) {
krista@2461	1415	if (strcmp(user_default, ident->fpr) == 0)
krista@2461	1416	status = refresh_userid_default_key(session, ident->user_id);
krista@2461	1417	if (status != PEP_STATUS_OK)
vb@2834	1418	goto pEp_free;
krista@2461	1419	}
krista@2461	1420
vb@2834	1421	pEp_free:
krista@2461	1422	free_identity(tmp_ident);
krista@2461	1423	free_identity(input_copy);
Edouard@410	1424	return status;
Edouard@410	1425	}
Edouard@410	1426
vb@354	1427	DYNAMIC_API PEP_STATUS trust_personal_key(
vb@354	1428	PEP_SESSION session,
vb@354	1429	pEp_identity *ident
vb@354	1430	)
vb@354	1431	{
vb@354	1432	PEP_STATUS status = PEP_STATUS_OK;
vb@354	1433
vb@354	1434	assert(session);
vb@354	1435	assert(ident);
Edouard@439	1436	assert(!EMPTYSTR(ident->address));
Edouard@439	1437	assert(!EMPTYSTR(ident->user_id));
Edouard@439	1438	assert(!EMPTYSTR(ident->fpr));
vb@354	1439
Edouard@439	1440	if (!ident \|\| EMPTYSTR(ident->address) \|\| EMPTYSTR(ident->user_id) \|\|
edouard@1945	1441	EMPTYSTR(ident->fpr))
vb@354	1442	return PEP_ILLEGAL_VALUE;
vb@354	1443
krista@3221	1444	if (is_me(session, ident))
krista@3221	1445	return PEP_ILLEGAL_VALUE;
krista@3221	1446
krista@2461	1447	char* ident_default_fpr = NULL;
krista@2461	1448
krista@2461	1449	// Before we do anything, be sure the input fpr is even eligible to be trusted
krista@2461	1450	PEP_comm_type input_default_ct = PEP_ct_unknown;
krista@2461	1451	status = get_key_rating(session, ident->fpr, &input_default_ct);
krista@2461	1452	if (input_default_ct < PEP_ct_strong_but_unconfirmed)
krista@2461	1453	return PEP_KEY_UNSUITABLE;
krista@2461	1454
krista@2477	1455	status = set_pgp_keypair(session, ident->fpr);
krista@2477	1456	if (status != PEP_STATUS_OK)
krista@2477	1457	return status;
krista@2461	1458
krista@2494	1459	pEp_identity* ident_copy = identity_dup(ident);
krista@2494	1460	char* cached_fpr = NULL;
krista@2494	1461
krista@2494	1462	// for setting up a temp trusted identity for the input fpr
krista@2494	1463	pEp_identity* tmp_id = NULL;
krista@2494	1464
roker@2497	1465	// For later, in case we need to check the user default key
roker@2497	1466	pEp_identity* tmp_user_ident = NULL;
krista@3221	1467
krista@2522	1468	// Save the input fpr, which we already tested as non-NULL
krista@2494	1469	cached_fpr = strdup(ident->fpr);
krista@2461	1470
krista@2552	1471	// Set up a temp trusted identity for the input fpr without a comm type;
krista@2494	1472	tmp_id = new_identity(ident->address, ident->fpr, ident->user_id, NULL);
krista@2552	1473
krista@3222	1474	status = validate_fpr(session, tmp_id, false, true);
krista@2461	1475
krista@2461	1476	if (status == PEP_STATUS_OK) {
krista@2461	1477	// Validate fpr gets trust DB or, when that fails, key comm type. we checked
krista@2461	1478	// above that the key was ok. (not revoked or expired), but we want the max.
krista@2461	1479	tmp_id->comm_type = _MAX(tmp_id->comm_type, input_default_ct) \| PEP_ct_confirmed;
krista@2552	1480
krista@2552	1481	// Get the default identity without setting the fpr
krista@3221	1482	status = update_identity(session, ident_copy);
krista@2552	1483
krista@2522	1484	ident_default_fpr = (EMPTYSTR(ident_copy->fpr) ? NULL : strdup(ident_copy->fpr));
krista@2461	1485
krista@2461	1486	if (status == PEP_STATUS_OK) {
krista@2461	1487	bool trusted_default = false;
krista@2461	1488
krista@2461	1489	// If there's no default, or the default is different from the input...
krista@3221	1490	if (EMPTYSTR(ident_default_fpr) \|\| strcmp(cached_fpr, ident_default_fpr) != 0) {
krista@2461	1491
krista@2461	1492	// If the default fpr (if there is one) is trusted and key is strong enough,
krista@2461	1493	// don't replace, we just set the trusted bit on this key for this user_id...
krista@2461	1494	// (If there's no default fpr, this won't be true anyway.)
krista@3221	1495	if ((ident_copy->comm_type >= PEP_ct_strong_but_unconfirmed &&
krista@3221	1496	(ident_copy->comm_type & PEP_ct_confirmed))) {
vb@354	1497
krista@2461	1498	trusted_default = true;
krista@2461	1499
krista@2478	1500	status = set_trust(session, tmp_id);
krista@2461	1501	input_default_ct = tmp_id->comm_type;
krista@2461	1502	}
krista@2461	1503	else {
krista@2494	1504	free(ident_copy->fpr);
krista@2494	1505	ident_copy->fpr = strdup(cached_fpr);
krista@2494	1506	ident_copy->comm_type = tmp_id->comm_type;
krista@2504	1507	status = set_identity(session, ident_copy); // replace identity default
krista@2504	1508	if (status == PEP_STATUS_OK) {
krista@2504	1509	if ((ident_copy->comm_type \| PEP_ct_confirmed) == PEP_ct_pEp)
vb@2834	1510	status = set_as_pEp_user(session, ident_copy);
krista@2504	1511	}
krista@2461	1512	}
krista@2461	1513	}
krista@2461	1514	else { // we're setting this on the default fpr
krista@2461	1515	ident->comm_type = tmp_id->comm_type;
krista@2461	1516	status = set_identity(session, ident);
krista@2461	1517	trusted_default = true;
krista@2461	1518	}
krista@2461	1519	if (status == PEP_STATUS_OK && !trusted_default) {
krista@2461	1520	// Ok, there wasn't a trusted default, so we replaced. Thus, we also
krista@2461	1521	// make sure there's a trusted default on the user_id. If there
krista@2461	1522	// is not, we make this the default.
krista@2461	1523	char* user_default = NULL;
krista@2461	1524	status = get_main_user_fpr(session, ident->user_id, &user_default);
krista@2461	1525
krista@2461	1526	if (status == PEP_STATUS_OK && user_default) {
krista@2494	1527	tmp_user_ident = new_identity(ident->address,
krista@2494	1528	user_default,
krista@2494	1529	ident->user_id,
krista@2494	1530	NULL);
krista@2461	1531	if (!tmp_user_ident)
krista@2461	1532	status = PEP_OUT_OF_MEMORY;
krista@2461	1533	else {
krista@3222	1534	status = validate_fpr(session, tmp_user_ident, false, true);
krista@2461	1535
krista@2461	1536	if (status != PEP_STATUS_OK \|\|
krista@2461	1537	tmp_user_ident->comm_type < PEP_ct_strong_but_unconfirmed \|\|
krista@2461	1538	!(tmp_user_ident->comm_type & PEP_ct_confirmed))
krista@2461	1539	{
krista@2461	1540	char* trusted_fpr = (trusted_default ? ident_default_fpr : cached_fpr);
krista@2461	1541	status = replace_main_user_fpr(session, ident->user_id, trusted_fpr);
krista@2461	1542	}
krista@2461	1543	}
krista@2461	1544	}
krista@2461	1545	}
krista@2461	1546	}
krista@2461	1547	}
vb@354	1548
krista@2494	1549	free(ident_default_fpr);
krista@2494	1550	free(cached_fpr);
krista@2494	1551	free_identity(tmp_id);
krista@2494	1552	free_identity(ident_copy);
krista@2494	1553	free_identity(tmp_user_ident);
vb@354	1554	return status;
vb@354	1555	}
vb@354	1556
krista@3222	1557	DYNAMIC_API PEP_STATUS trust_own_key(
krista@3222	1558	PEP_SESSION session,
krista@3222	1559	pEp_identity* ident
krista@3222	1560	)
krista@3222	1561	{
krista@3222	1562	assert(session);
krista@3222	1563	assert(ident);
krista@3222	1564	assert(!EMPTYSTR(ident->address));
krista@3222	1565	assert(!EMPTYSTR(ident->user_id));
krista@3222	1566	assert(!EMPTYSTR(ident->fpr));
krista@3222	1567
krista@3222	1568	if (!ident \|\| EMPTYSTR(ident->address) \|\| EMPTYSTR(ident->user_id) \|\|
krista@3222	1569	EMPTYSTR(ident->fpr))
krista@3222	1570	return PEP_ILLEGAL_VALUE;
krista@3222	1571
krista@3222	1572	if (!is_me(session, ident))
krista@3222	1573	return PEP_ILLEGAL_VALUE;
krista@3222	1574
krista@3222	1575	// don't check blacklist or require a private key
krista@3222	1576	PEP_STATUS status = validate_fpr(session, ident, false, false);
krista@3222	1577
krista@3222	1578	if (status != PEP_STATUS_OK)
krista@3222	1579	return status;
krista@3222	1580
krista@3222	1581	status = set_pgp_keypair(session, ident->fpr);
krista@3222	1582	if (status != PEP_STATUS_OK)
krista@3222	1583	return status;
krista@3222	1584
krista@3222	1585	if (ident->comm_type < PEP_ct_strong_but_unconfirmed)
krista@3222	1586	return PEP_KEY_UNSUITABLE;
krista@3222	1587
krista@3222	1588	ident->comm_type \|= PEP_ct_confirmed;
krista@3222	1589
krista@3222	1590	status = set_trust(session, ident);
krista@3222	1591
krista@3222	1592	return status;
krista@3222	1593	}
krista@3222	1594
krista@3222	1595
Edouard@584	1596	DYNAMIC_API PEP_STATUS own_key_is_listed(
vb@955	1597	PEP_SESSION session,
vb@955	1598	const char *fpr,
vb@955	1599	bool *listed
vb@955	1600	)
Edouard@584	1601	{
Edouard@584	1602	PEP_STATUS status = PEP_STATUS_OK;
Edouard@584	1603	int count;
Edouard@584	1604
Edouard@584	1605	assert(session && fpr && fpr[0] && listed);
Edouard@584	1606
Edouard@584	1607	if (!(session && fpr && fpr[0] && listed))
Edouard@584	1608	return PEP_ILLEGAL_VALUE;
Edouard@584	1609
Edouard@584	1610	*listed = false;
Edouard@584	1611
Edouard@584	1612	sqlite3_reset(session->own_key_is_listed);
Edouard@584	1613	sqlite3_bind_text(session->own_key_is_listed, 1, fpr, -1, SQLITE_STATIC);
Edouard@584	1614
Edouard@584	1615	int result;
Edouard@584	1616
Edouard@584	1617	result = sqlite3_step(session->own_key_is_listed);
Edouard@584	1618	switch (result) {
Edouard@584	1619	case SQLITE_ROW:
Edouard@584	1620	count = sqlite3_column_int(session->own_key_is_listed, 0);
Edouard@584	1621	*listed = count > 0;
krista@2461	1622	status = PEP_STATUS_OK;
Edouard@584	1623	break;
Edouard@584	1624
Edouard@584	1625	default:
Edouard@584	1626	status = PEP_UNKNOWN_ERROR;
Edouard@584	1627	}
Edouard@584	1628
Edouard@584	1629	sqlite3_reset(session->own_key_is_listed);
Edouard@584	1630	return status;
Edouard@584	1631	}
Edouard@584	1632
edouard@1412	1633	PEP_STATUS _own_identities_retrieve(
vb@955	1634	PEP_SESSION session,
edouard@1412	1635	identity_list **own_identities,
edouard@1412	1636	identity_flags_t excluded_flags
vb@955	1637	)
Edouard@584	1638	{
Edouard@584	1639	PEP_STATUS status = PEP_STATUS_OK;
Edouard@584	1640
vb@955	1641	assert(session && own_identities);
vb@955	1642	if (!(session && own_identities))
Edouard@584	1643	return PEP_ILLEGAL_VALUE;
Edouard@584	1644
vb@955	1645	*own_identities = NULL;
vb@955	1646	identity_list *_own_identities = new_identity_list(NULL);
vb@955	1647	if (_own_identities == NULL)
Edouard@584	1648	goto enomem;
Edouard@584	1649
vb@955	1650	sqlite3_reset(session->own_identities_retrieve);
Edouard@584	1651
Edouard@584	1652	int result;
vb@955	1653	// address, fpr, username, user_id, comm_type, lang, flags
vb@955	1654	const char *address = NULL;
Edouard@584	1655	const char *fpr = NULL;
vb@955	1656	const char *username = NULL;
vb@955	1657	const char *user_id = NULL;
vb@955	1658	PEP_comm_type comm_type = PEP_ct_unknown;
vb@955	1659	const char *lang = NULL;
vb@955	1660	unsigned int flags = 0;
Edouard@584	1661
vb@955	1662	identity_list *_bl = _own_identities;
krista@3398	1663
krista@3400	1664	sqlite3_bind_int(session->own_identities_retrieve, 1, excluded_flags);
krista@3398	1665
Edouard@584	1666	do {
vb@955	1667	result = sqlite3_step(session->own_identities_retrieve);
Edouard@584	1668	switch (result) {
Edouard@584	1669	case SQLITE_ROW:
vb@955	1670	address = (const char *)
vb@955	1671	sqlite3_column_text(session->own_identities_retrieve, 0);
vb@955	1672	fpr = (const char *)
vb@955	1673	sqlite3_column_text(session->own_identities_retrieve, 1);
krista@2461	1674	user_id = (const char *)
krista@2461	1675	sqlite3_column_text(session->own_identities_retrieve, 2);
vb@1071	1676	username = (const char *)
krista@2461	1677	sqlite3_column_text(session->own_identities_retrieve, 3);
vb@1071	1678	comm_type = PEP_ct_pEp;
vb@1071	1679	lang = (const char *)
krista@2461	1680	sqlite3_column_text(session->own_identities_retrieve, 4);
vb@1071	1681	flags = (unsigned int)
krista@2461	1682	sqlite3_column_int(session->own_identities_retrieve, 5);
vb@955	1683
vb@1078	1684	pEp_identity *ident = new_identity(address, fpr, user_id, username);
vb@1079	1685	if (!ident)
Edouard@584	1686	goto enomem;
vb@955	1687	ident->comm_type = comm_type;
vb@955	1688	if (lang && lang[0]) {
vb@955	1689	ident->lang[0] = lang[0];
vb@955	1690	ident->lang[1] = lang[1];
vb@1078	1691	ident->lang[2] = 0;
vb@955	1692	}
krista@2461	1693	ident->me = true;
vb@955	1694	ident->flags = flags;
vb@955	1695
vb@955	1696	_bl = identity_list_add(_bl, ident);
vb@1080	1697	if (_bl == NULL) {
vb@1080	1698	free_identity(ident);
Edouard@584	1699	goto enomem;
vb@1080	1700	}
Edouard@584	1701
Edouard@584	1702	break;
Edouard@584	1703
Edouard@584	1704	case SQLITE_DONE:
Edouard@584	1705	break;
Edouard@584	1706
Edouard@584	1707	default:
Edouard@584	1708	status = PEP_UNKNOWN_ERROR;
Edouard@584	1709	result = SQLITE_DONE;
Edouard@584	1710	}
Edouard@584	1711	} while (result != SQLITE_DONE);
Edouard@584	1712
vb@955	1713	sqlite3_reset(session->own_identities_retrieve);
Edouard@584	1714	if (status == PEP_STATUS_OK)
vb@955	1715	*own_identities = _own_identities;
Edouard@584	1716	else
vb@955	1717	free_identity_list(_own_identities);
Edouard@584	1718
Edouard@584	1719	goto the_end;
Edouard@584	1720
Edouard@584	1721	enomem:
vb@955	1722	free_identity_list(_own_identities);
Edouard@584	1723	status = PEP_OUT_OF_MEMORY;
Edouard@584	1724
Edouard@584	1725	the_end:
Edouard@584	1726	return status;
Edouard@584	1727	}
vb@955	1728
edouard@1412	1729	DYNAMIC_API PEP_STATUS own_identities_retrieve(
edouard@1364	1730	PEP_SESSION session,
edouard@1412	1731	identity_list **own_identities
edouard@1412	1732	)
edouard@1412	1733	{
edouard@1412	1734	return _own_identities_retrieve(session, own_identities, 0);
edouard@1412	1735	}
edouard@1412	1736
edouard@1412	1737	PEP_STATUS _own_keys_retrieve(
edouard@1412	1738	PEP_SESSION session,
edouard@1412	1739	stringlist_t **keylist,
krista@3583	1740	identity_flags_t excluded_flags,
krista@3583	1741	bool private_only
edouard@1364	1742	)
edouard@1364	1743	{
edouard@1364	1744	PEP_STATUS status = PEP_STATUS_OK;
edouard@1364	1745
edouard@1364	1746	assert(session && keylist);
edouard@1364	1747	if (!(session && keylist))
edouard@1364	1748	return PEP_ILLEGAL_VALUE;
edouard@1364	1749
edouard@1364	1750	*keylist = NULL;
edouard@1364	1751	stringlist_t *_keylist = NULL;
edouard@1364	1752
edouard@1394	1753	sqlite3_reset(session->own_keys_retrieve);
edouard@1364	1754
edouard@1364	1755	int result;
edouard@1364	1756	char *fpr = NULL;
edouard@1364	1757
edouard@1364	1758	stringlist_t *_bl = _keylist;
krista@3398	1759	sqlite3_bind_int(session->own_keys_retrieve, 1, excluded_flags);
krista@3398	1760
krista@3398	1761	do {
edouard@1394	1762	result = sqlite3_step(session->own_keys_retrieve);
edouard@1364	1763	switch (result) {
edouard@1364	1764	case SQLITE_ROW:
vb@3609	1765	_bl = stringlist_add(_bl, (const char *) sqlite3_column_text(session->own_keys_retrieve, 0));
vb@3609	1766	if (_bl == NULL)
edouard@1364	1767	goto enomem;
edouard@1364	1768	if (_keylist == NULL)
edouard@1364	1769	_keylist = _bl;
edouard@1364	1770	break;
edouard@1364	1771
edouard@1364	1772	case SQLITE_DONE:
edouard@1364	1773	break;
edouard@1364	1774
edouard@1364	1775	default:
edouard@1364	1776	status = PEP_UNKNOWN_ERROR;
edouard@1364	1777	result = SQLITE_DONE;
edouard@1364	1778	}
edouard@1364	1779	} while (result != SQLITE_DONE);
edouard@1364	1780
edouard@1394	1781	sqlite3_reset(session->own_keys_retrieve);
krista@3583	1782	if (status == PEP_STATUS_OK) {
krista@3583	1783	dedup_stringlist(_keylist);
krista@3583	1784	if (private_only) {
krista@3583	1785	stringlist_t* _kl = _keylist;
krista@3583	1786	stringlist_t* _kl_prev = NULL;
krista@3583	1787	while (_kl) {
krista@3583	1788	bool has_private = false;
krista@3583	1789	contains_priv_key(session, _kl->value, &has_private);
krista@3583	1790	if (!has_private) {
krista@3583	1791	stringlist_t* _kl_tmp = _kl;
krista@3586	1792	if (_kl_prev)
krista@3583	1793	_kl_prev->next = _kl->next;
krista@3586	1794	else
krista@3586	1795	_keylist = _kl->next;
krista@3586	1796
krista@3583	1797	_kl = _kl->next;
krista@3583	1798
krista@3583	1799	_kl_tmp->next = NULL;
krista@3583	1800	free_stringlist(_kl_tmp);
krista@3583	1801	continue;
krista@3583	1802	}
krista@3583	1803	_kl_prev = _kl;
krista@3583	1804	_kl = _kl->next;
krista@3583	1805	}
krista@3583	1806	}
edouard@1364	1807	*keylist = _keylist;
krista@3583	1808	}
edouard@1364	1809	else
edouard@1364	1810	free_stringlist(_keylist);
edouard@1364	1811
edouard@1364	1812	goto the_end;
edouard@1364	1813
edouard@1364	1814	enomem:
edouard@1364	1815	free_stringlist(_keylist);
edouard@1364	1816	status = PEP_OUT_OF_MEMORY;
edouard@1364	1817
edouard@1364	1818	the_end:
edouard@1364	1819	return status;
edouard@1364	1820	}
edouard@1364	1821
edouard@1412	1822	DYNAMIC_API PEP_STATUS own_keys_retrieve(PEP_SESSION session, stringlist_t **keylist)
edouard@1412	1823	{
krista@3583	1824	return _own_keys_retrieve(session, keylist, 0, true);
edouard@1412	1825	}
edouard@1412	1826
edouard@1394	1827	DYNAMIC_API PEP_STATUS set_own_key(
edouard@1394	1828	PEP_SESSION session,
vb@2535	1829	pEp_identity *me,
edouard@1394	1830	const char *fpr
edouard@1394	1831	)
edouard@1394	1832	{
edouard@1394	1833	PEP_STATUS status = PEP_STATUS_OK;
edouard@1394	1834
vb@2535	1835	assert(session && me);
vb@2535	1836	assert(!EMPTYSTR(fpr));
vb@2535	1837	assert(!EMPTYSTR(me->address));
vb@2535	1838	assert(!EMPTYSTR(me->user_id));
vb@2535	1839	assert(!EMPTYSTR(me->username));
vb@2535	1840
vb@2535	1841	if (!session \|\| !me \|\| EMPTYSTR(fpr) \|\| EMPTYSTR(me->address) \|\|
vb@2535	1842	EMPTYSTR(me->user_id) \|\| EMPTYSTR(me->username))
edouard@1394	1843	return PEP_ILLEGAL_VALUE;
krista@2461	1844
krista@3346	1845	status = _myself(session, me, false, true, false);
vb@2535	1846	// we do not need a valid key but dislike other errors
vb@2535	1847	if (status != PEP_STATUS_OK && status != PEP_GET_KEY_FAILED && status != PEP_KEY_UNSUITABLE)
vb@2535	1848	return status;
vb@2535	1849	status = PEP_STATUS_OK;
krista@2805	1850
krista@2805	1851	bool private = false;
krista@2805	1852	status = contains_priv_key(session, fpr, &private);
krista@2805	1853
krista@2805	1854	if (status != PEP_STATUS_OK)
krista@2805	1855	return status;
krista@2805	1856
krista@2805	1857	if (!private)
krista@2805	1858	return PEP_KEY_UNSUITABLE;
vb@2535	1859
vb@2535	1860	if (me->fpr)
vb@2535	1861	free(me->fpr);
vb@2535	1862	me->fpr = strdup(fpr);
vb@2535	1863	assert(me->fpr);
vb@2535	1864	if (!me->fpr)
vb@2535	1865	return PEP_OUT_OF_MEMORY;
vb@2535	1866
krista@3222	1867	status = validate_fpr(session, me, false, true);
vb@2535	1868	if (status)
vb@2535	1869	return status;
vb@2535	1870
vb@2535	1871	me->comm_type = PEP_ct_pEp;
vb@2535	1872	status = set_identity(session, me);
edouard@1394	1873	return status;
edouard@1394	1874	}
krista@1357	1875
krista@1357	1876	PEP_STATUS contains_priv_key(PEP_SESSION session, const char *fpr,
krista@1357	1877	bool *has_private) {
krista@1357	1878
krista@1357	1879	assert(session);
krista@1357	1880	assert(fpr);
krista@1357	1881	assert(has_private);
krista@1357	1882
krista@1357	1883	if (!(session && fpr && has_private))
krista@1357	1884	return PEP_ILLEGAL_VALUE;
krista@1357	1885
krista@1357	1886	return session->cryptotech[PEP_crypt_OpenPGP].contains_priv_key(session, fpr, has_private);
edouard@1385	1887	}
krista@2471	1888
krista@2471	1889	PEP_STATUS add_mistrusted_key(PEP_SESSION session, const char* fpr)
krista@2471	1890	{
krista@2471	1891	int result;
krista@2471	1892
krista@2471	1893	assert(!EMPTYSTR(fpr));
krista@2471	1894
krista@2471	1895	if (!(session) \|\| EMPTYSTR(fpr))
krista@2471	1896	return PEP_ILLEGAL_VALUE;
krista@2471	1897
krista@2471	1898	sqlite3_reset(session->add_mistrusted_key);
krista@2471	1899	sqlite3_bind_text(session->add_mistrusted_key, 1, fpr, -1,
krista@2471	1900	SQLITE_STATIC);
krista@2471	1901
krista@2471	1902	result = sqlite3_step(session->add_mistrusted_key);
krista@2471	1903	sqlite3_reset(session->add_mistrusted_key);
krista@2471	1904
krista@2471	1905	if (result != SQLITE_DONE)
krista@2471	1906	return PEP_CANNOT_SET_PGP_KEYPAIR; // FIXME: Better status?
krista@2471	1907
krista@2471	1908	return PEP_STATUS_OK;
krista@2471	1909	}
krista@2471	1910
krista@2471	1911	PEP_STATUS delete_mistrusted_key(PEP_SESSION session, const char* fpr)
krista@2471	1912	{
krista@2471	1913	int result;
krista@2471	1914
krista@2471	1915	assert(!EMPTYSTR(fpr));
krista@2471	1916
krista@2471	1917	if (!(session) \|\| EMPTYSTR(fpr))
krista@2471	1918	return PEP_ILLEGAL_VALUE;
krista@2471	1919
krista@2471	1920	sqlite3_reset(session->delete_mistrusted_key);
krista@2471	1921	sqlite3_bind_text(session->delete_mistrusted_key, 1, fpr, -1,
krista@2471	1922	SQLITE_STATIC);
krista@2471	1923
krista@2471	1924	result = sqlite3_step(session->delete_mistrusted_key);
krista@2471	1925	sqlite3_reset(session->delete_mistrusted_key);
krista@2471	1926
krista@2471	1927	if (result != SQLITE_DONE)
krista@2471	1928	return PEP_UNKNOWN_ERROR; // FIXME: Better status?
krista@2471	1929
krista@2471	1930	return PEP_STATUS_OK;
krista@2471	1931	}
krista@2471	1932
krista@2471	1933	PEP_STATUS is_mistrusted_key(PEP_SESSION session, const char* fpr,
krista@2471	1934	bool* mistrusted)
krista@2471	1935	{
krista@2471	1936	PEP_STATUS status = PEP_STATUS_OK;
krista@2471	1937
krista@2471	1938	assert(session);
krista@2471	1939	assert(!EMPTYSTR(fpr));
krista@2471	1940
krista@2471	1941	if (!(session && fpr))
krista@2471	1942	return PEP_ILLEGAL_VALUE;
krista@2471	1943
krista@2471	1944	*mistrusted = false;
krista@2471	1945
krista@2471	1946	sqlite3_reset(session->is_mistrusted_key);
krista@2471	1947	sqlite3_bind_text(session->is_mistrusted_key, 1, fpr, -1, SQLITE_STATIC);
krista@2471	1948
krista@2471	1949	int result;
krista@2471	1950
krista@2471	1951	result = sqlite3_step(session->is_mistrusted_key);
krista@2471	1952	switch (result) {
krista@2471	1953	case SQLITE_ROW:
krista@2471	1954	*mistrusted = sqlite3_column_int(session->is_mistrusted_key, 0);
krista@2471	1955	status = PEP_STATUS_OK;
krista@2471	1956	break;
krista@2471	1957
krista@2471	1958	default:
krista@2471	1959	status = PEP_UNKNOWN_ERROR;
krista@2471	1960	}
krista@2471	1961
krista@2471	1962	sqlite3_reset(session->is_mistrusted_key);
krista@2471	1963	return status;
krista@2471	1964	}
vb@2539	1965
vb@2539	1966	#ifdef USE_GPG
vb@2539	1967	PEP_STATUS pgp_find_trusted_private_keys(
vb@2539	1968	PEP_SESSION session, stringlist_t **keylist
vb@2539	1969	);
vb@2539	1970
vb@2539	1971	enum _pgp_thing {
vb@2539	1972	_pgp_none = 0,
vb@2539	1973	_pgp_fpr,
vb@2539	1974	_pgp_email,
vb@2539	1975	_pgp_name
vb@2539	1976	};
vb@2539	1977
vb@2539	1978	static enum _pgp_thing _pgp_thing_next(enum _pgp_thing thing)
vb@2539	1979	{
vb@2539	1980	switch (thing) {
vb@2539	1981	case _pgp_fpr:
vb@2539	1982	return _pgp_email;
vb@2539	1983	case _pgp_email:
vb@2539	1984	return _pgp_name;
vb@2539	1985	case _pgp_name:
vb@2539	1986	return _pgp_fpr;
vb@2539	1987	default:
vb@2539	1988	return _pgp_fpr;
vb@2539	1989	}
vb@2539	1990	}
vb@2539	1991
vb@2539	1992	PEP_STATUS pgp_import_ultimately_trusted_keypairs(PEP_SESSION session) {
vb@2539	1993	assert(session);
vb@2539	1994	if (!session)
vb@2539	1995	return PEP_ILLEGAL_VALUE;
vb@2539	1996
vb@2539	1997	stringlist_t* priv_keylist = NULL;
vb@2539	1998	PEP_STATUS status = PEP_STATUS_OK;
vb@2539	1999
vb@2539	2000	// 1. get keys
vb@2539	2001	status = pgp_find_trusted_private_keys(session, &priv_keylist);
vb@2539	2002	if (status)
vb@2539	2003	return status;
vb@2539	2004
vb@2539	2005	pEp_identity *identity = NULL;
vb@2539	2006	stringlist_t *_sl;
vb@2541	2007
vb@2541	2008	char *fpr = NULL;
vb@2539	2009	enum _pgp_thing thing = _pgp_none;
vb@2539	2010	for (_sl = priv_keylist; _sl && _sl->value; _sl = _sl->next) {
vb@2539	2011	thing = _pgp_thing_next(thing);
vb@2539	2012	switch (thing) {
vb@2539	2013	case _pgp_fpr:
krista@3402	2014	// PEP_OWN_USERID is ok here because this is only run on first use!
vb@2539	2015	identity = new_identity(NULL, NULL, PEP_OWN_USERID, NULL);
vb@3076	2016	if (!identity) {
vb@2539	2017	status = PEP_OUT_OF_MEMORY;
vb@3076	2018	break;
vb@3076	2019	}
vb@2539	2020	identity->me = true;
vb@2539	2021	fpr = strdup(_sl->value);
vb@2539	2022	assert(fpr);
vb@2539	2023	if (!fpr) {
vb@2539	2024	status = PEP_OUT_OF_MEMORY;
vb@2539	2025	free_identity(identity);
vb@2539	2026	}
vb@2539	2027	break;
vb@2539	2028	case _pgp_email:
vb@2539	2029	assert(identity);
vb@2539	2030	identity->address = strdup(_sl->value);
vb@2539	2031	assert(identity->address);
vb@2539	2032	if (!identity->address) {
vb@2539	2033	status = PEP_OUT_OF_MEMORY;
vb@2539	2034	free_identity(identity);
vb@2539	2035	}
vb@2539	2036	break;
vb@2539	2037	case _pgp_name:
vb@2539	2038	assert(identity);
vb@2539	2039	identity->username = strdup(_sl->value);
vb@2539	2040	assert(identity->username);
vb@2539	2041	if (!identity->username)
vb@2539	2042	status = PEP_OUT_OF_MEMORY;
vb@2539	2043	else
vb@2539	2044	status = set_own_key(session, identity, fpr);
vb@2539	2045	free_identity(identity);
vb@2539	2046	identity = NULL;
vb@2539	2047	break;
vb@2539	2048	default:
vb@2539	2049	assert(0);
vb@2539	2050	free_identity(identity);
vb@2539	2051	status = PEP_UNKNOWN_ERROR;
vb@2539	2052	}
vb@2539	2053	if (status)
vb@2539	2054	break;
vb@2539	2055	}
vb@2539	2056
vb@2539	2057	free_stringlist(priv_keylist);
vb@2539	2058	return status;
vb@2539	2059	}
vb@2539	2060	#endif // USE_GPG

author	Volker Birk <vb@pep-project.org>
	Fri, 03 May 2019 10:40:31 +0200
branch	sync
changeset 3609	548e7dd045e5
parent 3586	60a1999238bb
child 3610	97033a138011
permissions	-rw-r--r--