src/keymanagement.c
branchtest_diphoton
changeset 1860 1975a3b9bc37
parent 1749 32084f52dada
parent 1853 a86d6290d493
child 2089 174f5577c0aa
     1.1 --- a/src/keymanagement.c	Fri Jun 02 11:55:04 2017 +0200
     1.2 +++ b/src/keymanagement.c	Thu Jun 15 11:35:44 2017 +0200
     1.3 @@ -91,7 +91,7 @@
     1.4      assert(!EMPTYSTR(identity->address));
     1.5  
     1.6      if (!(session && identity && !EMPTYSTR(identity->address)))
     1.7 -        return PEP_ILLEGAL_VALUE;
     1.8 +        return ADD_TO_LOG(PEP_ILLEGAL_VALUE);
     1.9  
    1.10      if (identity->me || (identity->user_id && strcmp(identity->user_id, PEP_OWN_USERID) == 0)) {
    1.11          identity->me = true;
    1.12 @@ -144,9 +144,23 @@
    1.13  
    1.14          /* if we have a stored_identity fpr */
    1.15          if (!EMPTYSTR(stored_identity->fpr)) {
    1.16 -            status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
    1.17 -            if (status != PEP_STATUS_OK)
    1.18 -                dont_use_stored_fpr = true; 
    1.19 +            bool revoked = false;
    1.20 +            status = key_revoked(session, stored_identity->fpr, &revoked);
    1.21 +            
    1.22 +            if (status != PEP_STATUS_OK || revoked)
    1.23 +                dont_use_stored_fpr = true;
    1.24 +                
    1.25 +            if (revoked) {
    1.26 +                // Do stuff
    1.27 +                status = update_trust_for_fpr(session, stored_identity->fpr, PEP_ct_key_revoked);
    1.28 +                // What to do on failure? FIXME
    1.29 +                status = replace_identities_fpr(session, stored_identity->fpr, "");
    1.30 +            }
    1.31 +            else {    
    1.32 +                status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
    1.33 +                if (status != PEP_STATUS_OK)
    1.34 +                    dont_use_stored_fpr = true; 
    1.35 +            }
    1.36          }
    1.37              
    1.38  
    1.39 @@ -312,7 +326,7 @@
    1.40      free_identity(stored_identity);
    1.41      free_identity(temp_id);
    1.42      
    1.43 -    return status;
    1.44 +    return ADD_TO_LOG(status);
    1.45  }
    1.46  
    1.47  PEP_STATUS elect_ownkey(
    1.48 @@ -339,19 +353,14 @@
    1.49          for (_keylist = keylist; _keylist && _keylist->value; _keylist = _keylist->next) {
    1.50              bool is_own = false;
    1.51              
    1.52 -            if (session->use_only_own_private_keys)
    1.53 -            {
    1.54 -                status = own_key_is_listed(session, _keylist->value, &is_own);
    1.55 -                assert(status == PEP_STATUS_OK);
    1.56 -                if (status != PEP_STATUS_OK) {
    1.57 -                    free_stringlist(keylist);
    1.58 -                    return status;
    1.59 -                }
    1.60 +            status = own_key_is_listed(session, _keylist->value, &is_own);
    1.61 +            assert(status == PEP_STATUS_OK);
    1.62 +            if (status != PEP_STATUS_OK) {
    1.63 +                free_stringlist(keylist);
    1.64 +                return status;
    1.65              }
    1.66 -
    1.67 -            // TODO : also accept synchronized device group keys ?
    1.68              
    1.69 -            if (!session->use_only_own_private_keys || is_own)
    1.70 +            if (is_own)
    1.71              {
    1.72                  PEP_comm_type _comm_type_key;
    1.73                  
    1.74 @@ -407,7 +416,7 @@
    1.75      
    1.76      *is_usable = !dont_use_fpr;
    1.77      
    1.78 -    return status;
    1.79 +    return ADD_TO_LOG(status);
    1.80  }
    1.81  
    1.82  PEP_STATUS _myself(PEP_SESSION session, pEp_identity * identity, bool do_keygen, bool ignore_flags)
    1.83 @@ -425,7 +434,7 @@
    1.84      if (!(session && identity && !EMPTYSTR(identity->address) &&
    1.85              (EMPTYSTR(identity->user_id) ||
    1.86              strcmp(identity->user_id, PEP_OWN_USERID) == 0)))
    1.87 -        return PEP_ILLEGAL_VALUE;
    1.88 +        return ADD_TO_LOG(PEP_ILLEGAL_VALUE);
    1.89  
    1.90      identity->comm_type = PEP_ct_pEp;
    1.91      identity->me = true;
    1.92 @@ -526,7 +535,7 @@
    1.93          status = elect_ownkey(session, identity);
    1.94          assert(status == PEP_STATUS_OK);
    1.95          if (status != PEP_STATUS_OK) {
    1.96 -            return status;
    1.97 +            return ADD_TO_LOG(status);
    1.98          }
    1.99  
   1.100          bool has_private = false;
   1.101 @@ -556,27 +565,18 @@
   1.102      {
   1.103          status = key_revoked(session, identity->fpr, &revoked);
   1.104  
   1.105 -        // Forces re-election if key is missing and own-key-only not forced
   1.106 -        if (!session->use_only_own_private_keys && status == PEP_KEY_NOT_FOUND) 
   1.107 +        if (status != PEP_STATUS_OK) 
   1.108          {
   1.109 -            status = elect_ownkey(session, identity);
   1.110 -            assert(status == PEP_STATUS_OK);
   1.111 -            if (status != PEP_STATUS_OK) {
   1.112 -                return status;
   1.113 -            }
   1.114 -        } 
   1.115 -        else if (status != PEP_STATUS_OK) 
   1.116 -        {
   1.117 -            return status;
   1.118 +            return ADD_TO_LOG(status);
   1.119          }
   1.120      }
   1.121     
   1.122      bool new_key_generated = false;
   1.123  
   1.124      if (EMPTYSTR(identity->fpr) || revoked)
   1.125 -    {        
   1.126 +    {
   1.127          if(!do_keygen){
   1.128 -            return PEP_GET_KEY_FAILED;
   1.129 +            return ADD_TO_LOG(PEP_GET_KEY_FAILED);
   1.130          }
   1.131  
   1.132          if(revoked)
   1.133 @@ -594,7 +594,7 @@
   1.134              DEBUG_LOG("generating key pair failed", "debug", buf);
   1.135              if(revoked && r_fpr)
   1.136                  free(r_fpr);
   1.137 -            return status;
   1.138 +            return ADD_TO_LOG(status);
   1.139          }
   1.140  
   1.141          new_key_generated = true;
   1.142 @@ -605,7 +605,7 @@
   1.143                                   identity->fpr, time(NULL));
   1.144              free(r_fpr);
   1.145              if (status != PEP_STATUS_OK) {
   1.146 -                return status;
   1.147 +                return ADD_TO_LOG(status);
   1.148              }
   1.149          }
   1.150      }
   1.151 @@ -618,7 +618,7 @@
   1.152  
   1.153          assert(status == PEP_STATUS_OK);
   1.154          if (status != PEP_STATUS_OK) {
   1.155 -            return status;
   1.156 +            return ADD_TO_LOG(status);
   1.157          }
   1.158  
   1.159          if (status == PEP_STATUS_OK && expired) {
   1.160 @@ -646,12 +646,12 @@
   1.161          }
   1.162      }
   1.163  
   1.164 -    return PEP_STATUS_OK;
   1.165 +    return ADD_TO_LOG(PEP_STATUS_OK);
   1.166  }
   1.167  
   1.168  DYNAMIC_API PEP_STATUS myself(PEP_SESSION session, pEp_identity * identity)
   1.169  {
   1.170 -    return _myself(session, identity, true, false);
   1.171 +    return ADD_TO_LOG(_myself(session, identity, true, false));
   1.172  }
   1.173  
   1.174  DYNAMIC_API PEP_STATUS register_examine_function(
   1.175 @@ -1023,7 +1023,7 @@
   1.176      return _own_keys_retrieve(session, keylist, 0);
   1.177  }
   1.178  
   1.179 -// TODO: Unused for now, but should be used when sync receive old keys (ENGINE-145)
   1.180 +// FIXME: should it be be used when sync receive old keys ? (ENGINE-145)
   1.181  DYNAMIC_API PEP_STATUS set_own_key(
   1.182         PEP_SESSION session,
   1.183         const char *address,
   1.184 @@ -1033,12 +1033,12 @@
   1.185      PEP_STATUS status = PEP_STATUS_OK;
   1.186      
   1.187      assert(session &&
   1.188 -           address && address[0] &&
   1.189 +           address &&
   1.190             fpr && fpr[0]
   1.191            );
   1.192      
   1.193      if (!(session &&
   1.194 -          address && address[0] &&
   1.195 +          address &&
   1.196            fpr && fpr[0]
   1.197           ))
   1.198          return PEP_ILLEGAL_VALUE;