ENGINE-209: shelving changes quickly ENGINE-209
authorKrista Bennett <krista@pep-project.org>
Wed, 17 May 2017 13:34:55 +0200
branchENGINE-209
changeset 17910253b2e1b8ff
parent 1783 43f02b40d5f0
child 1792 3783c3a796ce
ENGINE-209: shelving changes quickly
src/keymanagement.c
src/keymanagement.h
src/pEpEngine.c
src/pEp_internal.h
     1.1 --- a/src/keymanagement.c	Mon May 15 15:02:46 2017 +0200
     1.2 +++ b/src/keymanagement.c	Wed May 17 13:34:55 2017 +0200
     1.3 @@ -144,6 +144,19 @@
     1.4  
     1.5          /* if we have a stored_identity fpr */
     1.6          if (!EMPTYSTR(stored_identity->fpr)) {
     1.7 +            bool revoked = false;
     1.8 +            status = key_revoked(session, stored_identity->fpr, &revoked);
     1.9 +            
    1.10 +            if (status != PEP_STATUS_OK || revoked)
    1.11 +                dont_use_stored_fpr = true;
    1.12 +                
    1.13 +            if (revoked) {
    1.14 +                // Do stuff
    1.15 +                status = change_key_comm_type(session, fpr, PEP_ct_key_revoked);
    1.16 +                // What to do on failure? FIXME
    1.17 +                status = remove_key_as_id_default(session, fpr);
    1.18 +            }
    1.19 +                
    1.20              status = blacklist_is_listed(session, stored_identity->fpr, &dont_use_stored_fpr);
    1.21              if (status != PEP_STATUS_OK)
    1.22                  dont_use_stored_fpr = true; 
    1.23 @@ -1048,3 +1061,60 @@
    1.24  
    1.25      return session->cryptotech[PEP_crypt_OpenPGP].contains_priv_key(session, fpr, has_private);
    1.26  }
    1.27 +
    1.28 +static PEP_STATUS change_key_comm_type(PEP_SESSION session, 
    1.29 +                                       const char* fpr,
    1.30 +                                       PEP_comm_type comm_type) {
    1.31 +                                           
    1.32 +    // get all user ids associated with this key
    1.33 +    stringlist_t* user_id_list = NULL;
    1.34 +    
    1.35 +    PEP_STATUS status = get_key_userids(session, fpr, &user_id_list);
    1.36 +    
    1.37 +    if (status != PEP_STATUS_OK) {
    1.38 +        free_stringlist(user_id_list);
    1.39 +        return status;
    1.40 +    }
    1.41 +        
    1.42 +    if (!user_id_list || !user_id_list->value())
    1.43 +        return PEP_KEY_NOT_FOUND;
    1.44 +        
    1.45 +    stringlist_t* curr_id = user_id_list;
    1.46 +    
    1.47 +    while (curr_id) {
    1.48 +        status = set_trust(session, curr_id->value, fpr, comm_type);
    1.49 +        if (status != PEP_STATUS_OK) {
    1.50 +            free_stringlist(user_id_list);
    1.51 +            return status;
    1.52 +        }
    1.53 +        curr_id = curr_id->next;
    1.54 +    }
    1.55 +    
    1.56 +    return PEP_STATUS_OK;
    1.57 +}
    1.58 +
    1.59 +static PEP_STATUS remove_key_as_id_default(PEP_SESSIONS session, 
    1.60 +                                           const char* fpr)
    1.61 +{
    1.62 +    identity_list* affected_ids = NULL;
    1.63 +    
    1.64 +    PEP_STATUS status get_identities_by_fpr(session, fpr, &identity_list);
    1.65 +    
    1.66 +    if (status != PEP_STATUS_OK) {
    1.67 +        free_identity_list(affected_ids);
    1.68 +        return status;
    1.69 +    }
    1.70 +    if (!affected_ids)
    1.71 +        return PEP_STATUS_OK; // it's fine if none are found;
    1.72 +        
    1.73 +    identity_list* curr_identity = affected_ids;
    1.74 +    
    1.75 +    while (curr_identity) {
    1.76 +        free(curr_identity->fpr);
    1.77 +        curr_identity->fpr = (char*)calloc(1, sizeof(char)); // ""
    1.78 +        set_identity(session, curr_identity);
    1.79 +        curr_identity = curr_identity->next;
    1.80 +    }
    1.81 +    
    1.82 +    
    1.83 +}
     2.1 --- a/src/keymanagement.h	Mon May 15 15:02:46 2017 +0200
     2.2 +++ b/src/keymanagement.h	Wed May 17 13:34:55 2017 +0200
     2.3 @@ -159,7 +159,6 @@
     2.4          pEp_identity *ident
     2.5      );
     2.6  
     2.7 -
     2.8  // own_key_is_listed() - returns true id key is listed as own key
     2.9  //
    2.10  //  parameters:
    2.11 @@ -241,7 +240,21 @@
    2.12         const char *fpr
    2.13      );
    2.14  
    2.15 +// change_key_comm_type() - change comm_type for a key already in the trust table
    2.16 +//                          this impacts any user id associated with this fpr    
    2.17 +//  parameters:
    2.18 +//      session(in)         session to use
    2.19 +//      fpr(in)             fpr for which to change comm_type
    2.20 +static PEP_STATUS change_key_comm_type(
    2.21 +        PEP_SESSION session,
    2.22 +        const char* fpr
    2.23 +    );
    2.24 +    
    2.25 +static PEP_STATUS remove_key_as_id_default(
    2.26 +        PEP_SESSIONS session, 
    2.27 +        const char* fpr
    2.28 +    );
    2.29 +
    2.30  #ifdef __cplusplus
    2.31  }
    2.32  #endif
    2.33 -
     3.1 --- a/src/pEpEngine.c	Mon May 15 15:02:46 2017 +0200
     3.2 +++ b/src/pEpEngine.c	Wed May 17 13:34:55 2017 +0200
     3.3 @@ -89,6 +89,10 @@
     3.4      "select comm_type from trust where user_id = ?1 "
     3.5      "and pgp_keypair_fpr = upper(replace(?2,' ','')) ;";
     3.6  
     3.7 +static const char *sql_get_key_userids = 
     3.8 +    "select user_id from trust where "
     3.9 +    "pgp_keypair_fpr = upper(replace(?1,' ','')) ;";
    3.10 +
    3.11  static const char *sql_least_trust = 
    3.12      "select min(comm_type) from trust where"
    3.13      " pgp_keypair_fpr = upper(replace(?1,' ',''))"
    3.14 @@ -542,6 +546,10 @@
    3.15              (int)strlen(sql_get_trust), &_session->get_trust, NULL);
    3.16      assert(int_result == SQLITE_OK);
    3.17  
    3.18 +    int_result = sqlite3_prepare_v2(_session->db, sql_get_key_userids,
    3.19 +            (int)strlen(sql_get_key_userids), &_session->get_key_userids, NULL);
    3.20 +    assert(int_result == SQLITE_OK);
    3.21 +
    3.22      int_result = sqlite3_prepare_v2(_session->db, sql_least_trust,
    3.23              (int)strlen(sql_least_trust), &_session->least_trust, NULL);
    3.24      assert(int_result == SQLITE_OK);
    3.25 @@ -749,6 +757,8 @@
    3.26                  sqlite3_finalize(session->set_trust);
    3.27              if (session->get_trust)
    3.28                  sqlite3_finalize(session->get_trust);
    3.29 +            if (session->get_key_userids)
    3.30 +                sqlite3_finalize(session->get_key_userids);    
    3.31              if (session->least_trust)
    3.32                  sqlite3_finalize(session->least_trust);
    3.33              if (session->mark_compromized)
    3.34 @@ -1147,13 +1157,15 @@
    3.35                  identity->user_id && identity->username))
    3.36          return PEP_ILLEGAL_VALUE;
    3.37  
    3.38 +    PEP_STATUS status = PEP_STATUS_OK;
    3.39 +    
    3.40      bool listed;
    3.41  
    3.42      bool has_fpr = (identity->fpr && identity->fpr[0] != '\0');
    3.43      
    3.44      if (has_fpr) {    
    3.45          // blacklist check
    3.46 -        PEP_STATUS status = blacklist_is_listed(session, identity->fpr, &listed);
    3.47 +        status = blacklist_is_listed(session, identity->fpr, &listed);
    3.48          assert(status == PEP_STATUS_OK);
    3.49          if (status != PEP_STATUS_OK)
    3.50              return status;
    3.51 @@ -1231,6 +1243,8 @@
    3.52              }
    3.53          }
    3.54  
    3.55 +        status = set_trust(session, identity->user_id, identity->fpr,
    3.56 +                           identity->comm_type)
    3.57          sqlite3_reset(session->set_trust);
    3.58          sqlite3_bind_text(session->set_trust, 1, identity->user_id, -1,
    3.59                  SQLITE_STATIC);
    3.60 @@ -1252,6 +1266,29 @@
    3.61          return PEP_COMMIT_FAILED;
    3.62  }
    3.63  
    3.64 +static PEP_STATUS set_trust(PEP_SESSION session, 
    3.65 +                            const char* user_id,
    3.66 +                            const char* fpr, 
    3.67 +                            PEP_comm_type comm_type)
    3.68 +{
    3.69 +    if (!user_id || !fpr)
    3.70 +        return PEP_ILLEGAL_VALUE;
    3.71 +        
    3.72 +    sqlite3_reset(session->set_trust);
    3.73 +    sqlite3_bind_text(session->set_trust, 1, user_id, -1,
    3.74 +            SQLITE_STATIC);
    3.75 +    sqlite3_bind_text(session->set_trust, 2, fpr, -1,
    3.76 +            SQLITE_STATIC);
    3.77 +    sqlite3_bind_int(session->set_trust, 3, comm_type);
    3.78 +    result = sqlite3_step(session->set_trust);
    3.79 +    sqlite3_reset(session->set_trust);
    3.80 +    if (result != SQLITE_DONE) {
    3.81 +        return PEP_CANNOT_SET_TRUST;
    3.82 +    }
    3.83 +    
    3.84 +    return PEP_STATUS_OK;
    3.85 +}
    3.86 +
    3.87  DYNAMIC_API PEP_STATUS set_device_group(
    3.88          PEP_SESSION session,
    3.89          const char *group_name
    3.90 @@ -1965,6 +2002,74 @@
    3.91      return status;
    3.92  }
    3.93  
    3.94 +static PEP_STATUS get_key_userids(
    3.95 +        PEP_SESSION session,
    3.96 +        const char* fpr,
    3.97 +        stringlist_t** keylist
    3.98 +    )
    3.99 +{
   3.100 +    PEP_STATUS status = PEP_STATUS_OK;
   3.101 +    assert(fpr);
   3.102 +    assert(keylist);
   3.103 +    
   3.104 +    if (!keylist || !fpr)
   3.105 +        return PEP_ILLEGAL_VALUE;
   3.106 +        
   3.107 +    *keylist = NULL;
   3.108 +
   3.109 +    stringlist_t* userid_list = NULL;
   3.110 +    
   3.111 +    sqlite3_reset(session->get_key_userids);
   3.112 +
   3.113 +    int result;
   3.114 +
   3.115 +    char* userid;
   3.116 +    
   3.117 +    do {
   3.118 +        userid = NULL;
   3.119 +        
   3.120 +        result = sqlite3_step(session->get_key_userids);
   3.121 +        switch (result) {
   3.122 +        case SQLITE_ROW:
   3.123 +            userid = (const char *) sqlite3_column_text(session->get_key_userids,
   3.124 +                    0);
   3.125 +    
   3.126 +            if (!userid)
   3.127 +                return PEP_UNKNOWN_ERROR;
   3.128 +
   3.129 +            if (!userid_list) {
   3.130 +                userid_list = new_stringlist(userid);
   3.131 +                if (!userid_list)
   3.132 +                    goto enomem;
   3.133 +            }
   3.134 +            else {
   3.135 +                stringlist_add(userid_list, userid);
   3.136 +            }
   3.137 +            
   3.138 +            break;
   3.139 +
   3.140 +        case SQLITE_DONE:
   3.141 +            break;
   3.142 +
   3.143 +        default:
   3.144 +            status = PEP_UNKNOWN_ERROR;
   3.145 +            result = SQLITE_DONE;
   3.146 +        }
   3.147 +    } while (result != SQLITE_DONE);
   3.148 +
   3.149 +    sqlite3_reset(session->get_key_userids);
   3.150 +    if (status == PEP_STATUS_OK)
   3.151 +        *keylist = userid_list;
   3.152 +
   3.153 +    goto the_end;
   3.154 +
   3.155 +enomem:
   3.156 +    status = PEP_OUT_OF_MEMORY;
   3.157 +
   3.158 +the_end:
   3.159 +    return status;
   3.160 +}
   3.161 +
   3.162  DYNAMIC_API PEP_STATUS get_phrase(
   3.163          PEP_SESSION session,
   3.164          const char *lang,
   3.165 @@ -2360,4 +2465,3 @@
   3.166  }
   3.167  
   3.168  #endif
   3.169 -
     4.1 --- a/src/pEp_internal.h	Mon May 15 15:02:46 2017 +0200
     4.2 +++ b/src/pEp_internal.h	Wed May 17 13:34:55 2017 +0200
     4.3 @@ -109,6 +109,7 @@
     4.4      sqlite3_stmt *unset_identity_flags;
     4.5      sqlite3_stmt *set_trust;
     4.6      sqlite3_stmt *get_trust;
     4.7 +    sqlite3_stmt *get_key_userids;
     4.8      sqlite3_stmt *least_trust;
     4.9      sqlite3_stmt *mark_compromized;
    4.10      sqlite3_stmt *reset_trust;
    4.11 @@ -310,6 +311,10 @@
    4.12      return comparison == 0;
    4.13  }
    4.14  
    4.15 +static PEP_STATUS set_trust(PEP_SESSION session, 
    4.16 +                            const char* user_id,
    4.17 +                            const char* fpr, 
    4.18 +                            PEP_comm_type comm_type);
    4.19  
    4.20  #ifdef DEBUG_ERRORSTACK
    4.21      PEP_STATUS session_add_error(PEP_SESSION session, const char* file, unsigned line, PEP_STATUS status);